Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Scour infection


  • This topic is locked This topic is locked
22 replies to this topic

#1 GigabitPony

GigabitPony

  • Members
  • 14 posts
  • OFFLINE
  •  
  • Local time:01:16 PM

Posted 16 January 2013 - 04:27 PM

Well I ended up getting hit by this thing. I am a tech to so it is embarrassing. Anyways I reformatted my PC, and re-installed my stuff. Well I I went to use Firefox today and it came up. I do know that I installed a couple things before my AV Which is comodo. I have a screensaver from a suppose to be trusted source. I think it helped bring the infection in, because it asked to install Adobe Active X, which I went to adobe and installed it myself.

Anyways I need some help. I have thrown tool after tool at it last time before reformatting.

BC AdBot (Login to Remove)

 


#2 fireman4it

fireman4it

    Bleepin' Fireman


  • Malware Response Team
  • 13,512 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Greenup, Ill USA
  • Local time:01:16 PM

Posted 16 January 2013 - 04:52 PM

Hello and welcome to Bleeping Computer

We apologize for the delay in responding to your request for help. Here at Bleeping Computer we get overwhelmed at times, and we are trying our best to keep up. Please note that your topic was not intentionally overlooked. Our mission is to help everyone in need, but sometimes it takes just a little longer to get to every request for help. No one is ignored here.

Please take note:

  • If you have since resolved the original problem you were having, we would appreciate you letting us know.
  • If you are unable to create a log because your computer cannot start up successfully please provide detailed information about your installed Windows Operating System including the Version, Edition and if it is a 32bit or a 64bit system.
    • If you are unsure about any of these characteristics just post what you can and we will guide you.
  • Please tell us if you have your original Windows CD/DVD available.
  • If you are unable to perform the steps we have recommended please try one more time and if unsuccessful alert us of such and we will design an alternate means of obtaining the necessary information.
  • If you have not done so, include a clear description of the problems you're having, along with any steps you may have performed so far.
  • Upon completing the steps below another staff member will review your topic an do their best to resolve your issues.
  • If you have already posted a DDS log, please do so again, as your situation may have changed.
  • Use the 'Add Reply' and add the new log to this thread.

We need to see some information about what is happening in your machine. Please perform the following scan again:

  • Download DDS by sUBs from one of the following links if you no longer have it available. Save it to your desktop.
  • Double click on the DDS icon, allow it to run.
  • A small box will open, with an explanation about the tool. No input is needed, the scan is running.
  • Notepad will open with the results.
  • Follow the instructions that pop up for posting the results.
  • Close the program window, and delete the program from your desktop.
Please note: You may have to disable any script protection running if the scan fails to run. After downloading the tool, disconnect from the internet and disable all antivirus protection. Run the scan, enable your A/V and reconnect to the internet.

Information on A/V control HERE


We also need a new log from the GMER anti-rootkit Scanner.

Please note that if you are running a 64-bit version of Windows you will not be able to run GMER and you may skip this step. Then proceed to run aswMbr.exe as noted below.

Please first disable any CD emulation programs using the steps found in this topic:

Why we request you disable CD Emulation when receiving Malware Removal Advice

Then create another GMER log and post it as an attachment to the reply where you post your new DDS log. Instructions on how to properly create a GMER log can be found here:

How to create a GMER log


Note:
If you are unable to run a Gmer scan due the fact you are running a 64bit machine please run the following tool and post its log.

Please download aswMBR ( 511KB ) to your desktop.
  • Double click the aswMBR.exe icon to run it
  • Click the Scan button to start the scan
  • On completion of the scan, click the save log button, save it to your desktop and post it in your next reply.

Do you have a USB Flash Drive you can use?



Thanks and again sorry for the delay.

" Extinguishing Malware from the world"

The Virus, Trojan, Spyware, and Malware Removal forum is very busy. If I'm helping you and I've not posted back within 24 hrs., send a PM with your topic link. Thank you.

ALL OTHER HELP REQUESTS VIA THE PM SYSTEM WILL BE IGNORED. The Forums are there for a reason!
Thanks-


  userbar_eis_500.gif

If I have helped you, consider making a donation to help me continue the fight against Malware! Just click btn_donate_LG.gif


#3 GigabitPony

GigabitPony
  • Topic Starter

  • Members
  • 14 posts
  • OFFLINE
  •  
  • Local time:01:16 PM

Posted 16 January 2013 - 05:03 PM

I am running Windows 7 professional x64 bit.
My pc can start fine :3
Running those programs now for you will post logs soon.
Yes I do have flash drives. many.
I do have a flash drive with my windows 7 on it. As well as a cd.
Also my Comodo just went off as well. I shall post those logs too ya? nevermind, I cannot figure out how too. I may google it.

DDS (Ver_2012-11-20.01) - NTFS_AMD64
Internet Explorer: 9.0.8112.16457 BrowserJavaVersion: 10.11.2
Run by GigabitPony at 17:04:47 on 2013-01-16
Microsoft Windows 7 Professional 6.1.7601.1.1252.1.1033.18.4093.2456 [GMT -5:00]
.
AV: COMODO Antivirus *Enabled/Updated* {458BB331-2324-0753-3D5F-1472EB102AC0}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
SP: COMODO Antivirus *Enabled/Updated* {FEEA52D5-051E-08DD-07EF-2F009097607D}
.
============== Running Processes ===============
.
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Program Files (x86)\Common Files\Comodo\launcher_service.exe
C:\Windows\system32\svchost.exe -k RPCSS
D:\Programs\COMODO\COMODO Internet Security\cmdagent.exe
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\system32\atiesrxx.exe
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k LocalService
C:\Program Files\HitmanPro\hmpsched.exe
C:\Windows\system32\atieclxx.exe
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe
C:\Program Files (x86)\Comodo\Dragon\dragon_updater.exe
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Program Files (x86)\Common Files\Comodo\GeekBuddyRSP.exe
D:\Programs\COMODO\COMODO Internet Security\cavwp.exe
C:\Windows\system32\taskhost.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
D:\Programs\Comodo\COMODO Internet Security\CisTray.exe
C:\Program Files\Logitech Gaming Software\LCore.exe
C:\Program Files (x86)\Google\Drive\googledrivesync.exe
C:\Users\GigabitPony\AppData\Roaming\Dropbox\bin\Dropbox.exe
C:\Program Files (x86)\Google\Drive\googledrivesync.exe
D:\Programs\xchat\xchat.exe
C:\Program Files\Logitech Gaming Software\Applets\LCDMedia.exe
C:\Program Files\Logitech Gaming Software\Applets\LCDCountdown.exe
C:\Program Files (x86)\Comodo\GeekBuddy\unit_manager.exe
C:\Program Files\Logitech Gaming Software\Applets\LCDClock.exe
C:\Program Files\Logitech Gaming Software\Applets\LCDPop3.exe
C:\Program Files\Logitech Gaming Software\Applets\LCDRSS.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Program Files (x86)\Common Files\Comodo\GeekBuddyRSP.exe
C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Program Files (x86)\Comodo\GeekBuddy\unit.exe
D:\Programs\Comodo\COMODO Internet Security\cis.exe
C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
D:\Programs\FireFox\firefox.exe
C:\Windows\system32\taskhost.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\System32\cscript.exe
.
============== Pseudo HJT Report ===============
.
mWinlogon: Userinit = userinit.exe,
BHO: Java™ Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll
BHO: Java™ Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
uRun: [GoogleDriveSync] "C:\Program Files (x86)\Google\Drive\googledrivesync.exe" /autostart
mRun: [StartCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
mRun: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
mRun: [gbrspcontrol] "C:\Program Files (x86)\Common Files\Comodo\GeekBuddyRSP.exe" -controlservice -slave
StartupFolder: C:\Users\GIGABI~1\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\Dropbox.lnk - C:\Users\GigabitPony\AppData\Roaming\Dropbox\bin\Dropbox.exe
StartupFolder: C:\Users\GIGABI~1\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\LOGITE~1.LNK - C:\Program Files\Logitech Gaming Software\EReg\eReg.exe
StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\STARTG~1.LNK - C:\Program Files (x86)\Comodo\GeekBuddy\launcher.exe
mPolicies-Explorer: NoActiveDesktop = dword:1
mPolicies-Explorer: NoActiveDesktopChanges = dword:1
mPolicies-System: ConsentPromptBehaviorAdmin = dword:5
mPolicies-System: ConsentPromptBehaviorUser = dword:3
mPolicies-System: EnableUIADesktopToggle = dword:0
mPolicies-System: PromptOnSecureDesktop = dword:0
TCP: NameServer = 192.168.1.1
TCP: Interfaces\{36AB34A9-76B2-45A1-90F9-F74D61B33D2E} : DHCPNameServer = 192.168.1.1
TCP: Interfaces\{F3AC9EE8-C1D1-4783-8479-CAFBFE0D3F2F}\A4F686E637F6E637 : DHCPNameServer = 192.168.1.1
SSODL: WebCheck - <orphaned>
x64-Run: [COMODO Internet Security] D:\Programs\COMODO\COMODO Internet Security\cistray.exe
x64-Run: [Launch LCore] C:\Program Files\Logitech Gaming Software\LCore.exe /minimized
x64-SSODL: WebCheck - <orphaned>
.
================= FIREFOX ===================
.
FF - ProfilePath - C:\Users\GigabitPony\AppData\Roaming\Mozilla\Firefox\Profiles\9lnnzh9y.default\
FF - prefs.js: browser.startup.homepage - hxxp://www.google.com/
FF - plugin: C:\Program Files (x86)\Google\Update\1.3.21.124\npGoogleUpdate3.dll
FF - plugin: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll
FF - plugin: C:\Windows\SysWOW64\Adobe\Director\np32dsw_1168638.dll
FF - plugin: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_5_502_146.dll
FF - plugin: C:\Windows\SysWOW64\npDeployJava1.dll
FF - plugin: C:\Windows\SysWOW64\npmproxy.dll
FF - plugin: D:\Programs\VLC\npvlc.dll
.
============= SERVICES / DRIVERS ===============
.
R1 cmderd;COMODO Internet Security Eradication Driver;C:\Windows\System32\drivers\cmderd.sys [2012-12-14 23328]
R1 cmdGuard;COMODO Internet Security Sandbox Driver;C:\Windows\System32\drivers\cmdguard.sys [2012-12-14 697960]
R2 AMD External Events Utility;AMD External Events Utility;C:\Windows\System32\atiesrxx.exe [2012-9-27 239616]
R2 AMD FUEL Service;AMD FUEL Service;C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [2012-9-28 361984]
R2 AODDriver4.2;AODDriver4.2;C:\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\aoddriver2.sys [2012-4-9 57472]
R2 CLPSLauncher;COMODO LPS Launcher;C:\Program Files (x86)\Common Files\Comodo\launcher_service.exe [2012-12-19 70352]
R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576]
R2 DragonUpdater;COMODO Dragon Update Service;C:\Program Files (x86)\Comodo\Dragon\dragon_updater.exe [2013-1-16 1868432]
R2 GeekBuddyRSP;GeekBuddyRSP Service;C:\Program Files (x86)\Common Files\Comodo\GeekBuddyRSP.exe [2012-11-26 1851088]
R2 HitmanProScheduler;HitmanPro Scheduler;C:\Program Files\HitmanPro\hmpsched.exe [2013-1-16 108904]
R3 AtiHDAudioService;AMD Function Driver for HD Audio Service;C:\Windows\System32\drivers\AtihdW76.sys [2012-5-14 96896]
R3 LGBusEnum;Logitech GamePanel Virtual Bus Enumerator Driver;C:\Windows\System32\drivers\LGBusEnum.sys [2009-11-23 22408]
R3 LGSHidFilt;Logitech Gaming KMDF HID Filter Driver;C:\Windows\System32\drivers\LGSHidFilt.Sys [2012-10-2 66360]
R3 LGVirHid;Logitech Gamepanel Virtual HID Device Driver;C:\Windows\System32\drivers\LGVirHid.sys [2009-11-23 16008]
R3 netr28x;Ralink 802.11n Extensible Wireless Driver;C:\Windows\System32\drivers\netr28x.sys [2009-6-19 712704]
R3 RTL8167;Realtek 8167 NT Driver;C:\Windows\System32\drivers\Rt64win7.sys [2009-3-1 187392]
S3 cmdvirth;COMODO Virtual Service Manager;D:\Programs\Comodo\COMODO Internet Security\cmdvirth.exe [2012-12-14 158928]
S3 StorSvc;Storage Service;C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted [2009-7-13 27136]
S3 TsUsbFlt;TsUsbFlt;C:\Windows\System32\drivers\TsUsbFlt.sys [2013-1-15 59392]
S3 WatAdminSvc;Windows Activation Technologies Service;C:\Windows\System32\Wat\WatAdminSvc.exe [2013-1-15 1255736]
.
=============== Created Last 30 ================
.
2013-01-16 21:32:15 -------- d-----w- C:\Users\GigabitPony\AppData\Roaming\.minecraft
2013-01-16 20:56:09 -------- d-----w- C:\Program Files\HitmanPro
2013-01-16 20:56:01 -------- d-----w- C:\ProgramData\HitmanPro
2013-01-16 05:58:21 -------- d-----w- C:\Windows\SysWow64\Adobe
2013-01-16 05:56:20 -------- d-----w- C:\Users\GigabitPony\AppData\Local\Logitech
2013-01-16 05:56:01 18960 ----a-w- C:\Windows\System32\drivers\LNonPnP.sys
2013-01-16 05:55:54 -------- d-----w- C:\Program Files\Logitech Gaming Software
2013-01-16 05:55:30 -------- d-----w- C:\Users\GigabitPony\AppData\Roaming\Logishrd
2013-01-16 05:46:17 -------- d-----w- C:\Users\GigabitPony\AppData\Local\Macromedia
2013-01-16 05:45:51 697864 ----a-w- C:\Windows\SysWow64\FlashPlayerApp.exe
2013-01-16 05:03:32 -------- d-----w- C:\Program Files (x86)\Common Files\Comodo
2013-01-16 04:36:55 -------- d-----w- C:\Windows\System32\SPReview
2013-01-16 04:36:52 -------- d-----w- C:\Windows\System32\EventProviders
2013-01-16 04:29:59 477696 ----a-w- C:\Windows\System32\PhotoScreensaver.scr
2013-01-16 04:28:55 529408 ----a-w- C:\Windows\System32\wbemcomn.dll
2013-01-16 04:28:55 244736 ----a-w- C:\Program Files\Windows Portable Devices\sqmapi.dll
2013-01-16 04:28:55 -------- d-----w- C:\Program Files (x86)\Comodo
2013-01-16 04:28:54 348160 ----a-w- C:\Windows\SysWow64\msvcr71.dll
2013-01-16 04:28:54 244736 ----a-w- C:\Windows\System32\sqmapi.dll
2013-01-16 04:28:54 1700352 ----a-w- C:\Windows\SysWow64\gdiplus.dll
2013-01-16 04:28:54 1060864 ----a-w- C:\Windows\SysWow64\mfc71.dll
2013-01-16 04:28:51 -------- d-----w- C:\ProgramData\Comodo Downloader
2013-01-16 04:26:14 -------- d-----w- C:\Users\GigabitPony\AppData\Roaming\Malwarebytes
2013-01-16 04:25:54 24176 ----a-w- C:\Windows\System32\drivers\mbam.sys
2013-01-16 04:25:54 -------- d-----w- C:\ProgramData\Malwarebytes
2013-01-16 04:25:30 -------- d-----w- C:\Users\GigabitPony\AppData\Local\Programs
2013-01-16 04:18:34 -------- d-----w- C:\Users\GigabitPony\AppData\Roaming\Dropbox
2013-01-16 04:18:18 859552 ----a-w- C:\Windows\SysWow64\npDeployJava1.dll
2013-01-16 04:18:18 780192 ----a-w- C:\Windows\SysWow64\deployJava1.dll
2013-01-16 04:18:15 95648 ----a-w- C:\Windows\SysWow64\WindowsAccessBridge-32.dll
2013-01-16 04:05:33 -------- d-----w- C:\Windows\Panther
2013-01-16 04:01:46 -------- d-----w- C:\Users\GigabitPony\AppData\Local\Google
2013-01-16 03:55:33 -------- d-----w- C:\Windows\SysWow64\Wat
2013-01-16 03:55:33 -------- d-----w- C:\Windows\System32\Wat
2013-01-16 03:11:34 9728 ----a-w- C:\Windows\System32\Wdfres.dll
2013-01-16 03:11:34 785512 ----a-w- C:\Windows\System32\drivers\Wdf01000.sys
2013-01-16 03:11:34 54376 ----a-w- C:\Windows\System32\drivers\WdfLdr.sys
2013-01-16 03:11:34 2560 ----a-w- C:\Windows\System32\drivers\en-US\wdf01000.sys.mui
2013-01-16 03:08:15 -------- d-----w- C:\Users\GigabitPony\AppData\Local\Mozilla
2013-01-16 03:08:11 -------- d-----w- C:\Program Files (x86)\Mozilla Maintenance Service
2013-01-16 03:06:31 74248 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
2013-01-16 02:53:42 70656 ----a-w- C:\Windows\SysWow64\fontsub.dll
2013-01-16 02:53:42 46080 ----a-w- C:\Windows\System32\atmlib.dll
2013-01-16 02:53:42 367616 ----a-w- C:\Windows\System32\atmfd.dll
2013-01-16 02:53:42 34304 ----a-w- C:\Windows\SysWow64\atmlib.dll
2013-01-16 02:53:42 295424 ----a-w- C:\Windows\SysWow64\atmfd.dll
2013-01-16 02:53:42 100864 ----a-w- C:\Windows\System32\fontsub.dll
2013-01-16 02:53:08 87040 ----a-w- C:\Windows\System32\drivers\WUDFPf.sys
2013-01-16 02:53:08 84992 ----a-w- C:\Windows\System32\WUDFSvc.dll
2013-01-16 02:53:08 744448 ----a-w- C:\Windows\System32\WUDFx.dll
2013-01-16 02:53:08 45056 ----a-w- C:\Windows\System32\WUDFCoinstaller.dll
2013-01-16 02:53:08 229888 ----a-w- C:\Windows\System32\WUDFHost.exe
2013-01-16 02:53:08 198656 ----a-w- C:\Windows\System32\drivers\WUDFRd.sys
2013-01-16 02:53:08 194048 ----a-w- C:\Windows\System32\WUDFPlatform.dll
2013-01-16 02:51:12 81408 ----a-w- C:\Windows\System32\imagehlp.dll
2013-01-16 02:51:12 5120 ----a-w- C:\Windows\SysWow64\wmi.dll
2013-01-16 02:51:12 5120 ----a-w- C:\Windows\System32\wmi.dll
2013-01-16 02:51:12 23408 ----a-w- C:\Windows\System32\drivers\fs_rec.sys
2013-01-16 02:51:12 159232 ----a-w- C:\Windows\SysWow64\imagehlp.dll
2013-01-16 02:47:59 75776 ----a-w- C:\Windows\SysWow64\psisrndr.ax
2013-01-16 02:45:19 -------- d-----w- C:\Users\GigabitPony\AppData\Roaming\X-Chat 2
2013-01-16 02:43:10 77312 ----a-w- C:\Windows\System32\packager.dll
2013-01-16 02:43:10 67072 ----a-w- C:\Windows\SysWow64\packager.dll
2013-01-16 01:45:04 9125352 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{CFB09783-BD3D-4F7C-8671-53477791FD0C}\mpengine.dll
2013-01-16 01:45:03 279656 ------w- C:\Windows\System32\MpSigStub.exe
2013-01-16 01:26:57 -------- d-----w- C:\Users\GigabitPony\AppData\Local\AMD
2013-01-16 01:26:48 -------- d-----w- C:\Users\GigabitPony\AppData\Local\ATI
2013-01-16 01:26:37 0 ----a-w- C:\Windows\ativpsrm.bin
2013-01-16 01:20:45 -------- d-----w- C:\Program Files (x86)\AMD AVT
2013-01-16 01:20:44 -------- d-----w- C:\Program Files (x86)\AMD APP
2013-01-16 01:20:37 -------- d-----w- C:\Program Files\Common Files\ATI Technologies
2013-01-16 01:20:37 -------- d-----w- C:\Program Files (x86)\Common Files\ATI Technologies
2013-01-16 01:20:23 -------- d-----w- C:\ProgramData\AMD
2013-01-16 01:19:54 -------- d-----w- C:\Program Files (x86)\ATI Technologies
2013-01-16 01:19:01 -------- d-sh--w- C:\Windows\Installer
2013-01-16 01:18:18 -------- d-----w- C:\Program Files\ATI Technologies
2013-01-16 01:18:16 -------- d-----w- C:\Program Files\ATI
2013-01-16 01:17:42 826880 ----a-w- C:\Windows\SysWow64\rdpcore.dll
2013-01-16 01:17:42 23552 ----a-w- C:\Windows\System32\drivers\tdtcp.sys
2013-01-16 01:17:42 1031680 ----a-w- C:\Windows\System32\rdpcore.dll
2013-01-16 01:17:35 -------- d-----w- C:\AMD
.
==================== Find3M ====================
.
2013-01-16 20:40:38 56072 ----a-w- C:\Windows\System32\certsentry.dll
2013-01-16 20:40:38 47368 ----a-w- C:\Windows\SysWow64\certsentry.dll
2013-01-16 04:55:25 152576 ----a-w- C:\Windows\SysWow64\msclmd.dll
2013-01-16 04:55:24 175616 ----a-w- C:\Windows\System32\msclmd.dll
2012-12-15 01:45:44 697960 ----a-w- C:\Windows\System32\drivers\cmdguard.sys
2012-12-15 01:45:44 48512 ----a-w- C:\Windows\System32\drivers\cmdhlp.sys
2012-12-15 01:45:42 23328 ----a-w- C:\Windows\System32\drivers\cmderd.sys
2012-12-15 01:45:32 42856 ----a-w- C:\Windows\System32\cmdcsr.dll
2012-12-15 01:45:30 453808 ----a-w- C:\Windows\System32\guard64.dll
2012-12-15 01:45:30 350272 ----a-w- C:\Windows\SysWow64\guard32.dll
2012-12-15 01:45:20 321744 ----a-w- C:\Windows\System32\cmdvrt64.dll
2012-12-15 01:45:14 260304 ----a-w- C:\Windows\SysWow64\cmdvrt32.dll
2012-12-07 13:20:16 441856 ----a-w- C:\Windows\System32\Wpc.dll
2012-12-07 13:15:31 2746368 ----a-w- C:\Windows\System32\gameux.dll
2012-12-07 12:26:17 308736 ----a-w- C:\Windows\SysWow64\Wpc.dll
2012-12-07 12:20:43 2576384 ----a-w- C:\Windows\SysWow64\gameux.dll
2012-12-07 11:20:04 30720 ----a-w- C:\Windows\System32\usk.rs
2012-12-07 11:20:03 43520 ----a-w- C:\Windows\System32\csrr.rs
2012-12-07 11:20:03 23552 ----a-w- C:\Windows\System32\oflc.rs
2012-12-07 11:20:01 45568 ----a-w- C:\Windows\System32\oflc-nz.rs
2012-12-07 11:20:01 44544 ----a-w- C:\Windows\System32\pegibbfc.rs
2012-12-07 11:20:01 20480 ----a-w- C:\Windows\System32\pegi-fi.rs
2012-12-07 11:20:00 20480 ----a-w- C:\Windows\System32\pegi-pt.rs
2012-12-07 11:19:59 20480 ----a-w- C:\Windows\System32\pegi.rs
2012-12-07 11:19:58 46592 ----a-w- C:\Windows\System32\fpb.rs
2012-12-07 11:19:57 40960 ----a-w- C:\Windows\System32\cob-au.rs
2012-12-07 11:19:57 21504 ----a-w- C:\Windows\System32\grb.rs
2012-12-07 11:19:57 15360 ----a-w- C:\Windows\System32\djctq.rs
2012-12-07 11:19:56 55296 ----a-w- C:\Windows\System32\cero.rs
2012-12-07 11:19:55 51712 ----a-w- C:\Windows\System32\esrb.rs
2012-12-04 08:41:28 37976 ----a-w- C:\Windows\SysWow64\drivers\CFRMD.sys
2012-12-04 08:41:28 37976 ----a-w- C:\Windows\inf\CFRMD\cfrmd.sys
2012-11-30 05:45:35 362496 ----a-w- C:\Windows\System32\wow64win.dll
2012-11-30 05:45:35 243200 ----a-w- C:\Windows\System32\wow64.dll
2012-11-30 05:45:35 13312 ----a-w- C:\Windows\System32\wow64cpu.dll
2012-11-30 05:45:14 215040 ----a-w- C:\Windows\System32\winsrv.dll
2012-11-30 05:43:12 16384 ----a-w- C:\Windows\System32\ntvdm64.dll
2012-11-30 05:41:07 424448 ----a-w- C:\Windows\System32\KernelBase.dll
2012-11-30 04:54:00 5120 ----a-w- C:\Windows\SysWow64\wow32.dll
2012-11-30 04:53:59 274944 ----a-w- C:\Windows\SysWow64\KernelBase.dll
2012-11-30 03:23:48 338432 ----a-w- C:\Windows\System32\conhost.exe
2012-11-30 02:44:06 25600 ----a-w- C:\Windows\SysWow64\setup16.exe
2012-11-30 02:44:04 7680 ----a-w- C:\Windows\SysWow64\instnm.exe
2012-11-30 02:44:04 14336 ----a-w- C:\Windows\SysWow64\ntvdm64.dll
2012-11-30 02:44:03 2048 ----a-w- C:\Windows\SysWow64\user.exe
2012-11-30 02:38:59 6144 ---ha-w- C:\Windows\SysWow64\api-ms-win-security-base-l1-1-0.dll
2012-11-30 02:38:59 4608 ---ha-w- C:\Windows\SysWow64\api-ms-win-core-threadpool-l1-1-0.dll
2012-11-30 02:38:59 3584 ---ha-w- C:\Windows\SysWow64\api-ms-win-core-xstate-l1-1-0.dll
2012-11-30 02:38:59 3072 ---ha-w- C:\Windows\SysWow64\api-ms-win-core-util-l1-1-0.dll
2012-11-23 03:26:31 3149824 ----a-w- C:\Windows\System32\win32k.sys
2012-11-22 05:44:23 800768 ----a-w- C:\Windows\System32\usp10.dll
2012-11-22 04:45:03 626688 ----a-w- C:\Windows\SysWow64\usp10.dll
2012-11-20 05:48:49 307200 ----a-w- C:\Windows\System32\ncrypt.dll
2012-11-20 04:51:09 220160 ----a-w- C:\Windows\SysWow64\ncrypt.dll
2012-11-09 05:45:32 750592 ----a-w- C:\Windows\System32\win32spl.dll
2012-11-09 05:45:09 2048 ----a-w- C:\Windows\System32\tzres.dll
2012-11-09 04:43:04 492032 ----a-w- C:\Windows\SysWow64\win32spl.dll
2012-11-09 04:42:49 2048 ----a-w- C:\Windows\SysWow64\tzres.dll
2012-11-02 05:59:11 478208 ----a-w- C:\Windows\System32\dpnet.dll
2012-11-02 05:11:31 376832 ----a-w- C:\Windows\SysWow64\dpnet.dll
2012-11-01 05:43:42 2002432 ----a-w- C:\Windows\System32\msxml6.dll
2012-11-01 05:43:42 1882624 ----a-w- C:\Windows\System32\msxml3.dll
2012-11-01 04:47:54 1389568 ----a-w- C:\Windows\SysWow64\msxml6.dll
2012-11-01 04:47:54 1236992 ----a-w- C:\Windows\SysWow64\msxml3.dll
.
============= FINISH: 17:05:29.55 ===============

.
UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
IF REQUESTED, ZIP IT UP & ATTACH IT
.
DDS (Ver_2012-11-20.01)
.
Microsoft Windows 7 Professional
Boot Device: \Device\HarddiskVolume1
Install Date: 1/15/2013 8:14:33 PM
System Uptime: 1/16/2013 4:29:30 PM (1 hours ago)
.
Motherboard: Gigabyte Technology Co., Ltd. | | GA-880GA-UD3H
Processor: AMD Phenom™ II X4 955 Processor | Socket M2 | 3200/200mhz
.
==== Disk Partitions =========================
.
A: is Removable
C: is FIXED (NTFS) - 37 GiB total, 20.658 GiB free.
D: is FIXED (NTFS) - 98 GiB total, 77.497 GiB free.
E: is FIXED (NTFS) - 244 GiB total, 184.659 GiB free.
F: is CDROM (UDF)
G: is FIXED (NTFS) - 149 GiB total, 26.979 GiB free.
Z: is FIXED (NTFS) - 124 GiB total, 89.189 GiB free.
.
==== Disabled Device Manager Items =============
.
Class GUID:
Description: Universal Serial Bus (USB) Controller
Device ID: PCI\VEN_1033&DEV_0194&SUBSYS_50071458&REV_03\4&5B6B27D&0&0048
Manufacturer:
Name: Universal Serial Bus (USB) Controller
PNP Device ID: PCI\VEN_1033&DEV_0194&SUBSYS_50071458&REV_03\4&5B6B27D&0&0048
Service:
.
==== System Restore Points ===================
.
No restore point in system.
.
==== Installed Programs ======================
.
Adobe Flash Player 11 ActiveX
Adobe Flash Player 11 Plugin
Adobe Shockwave Player 11.6
AMD Accelerated Video Transcoding
AMD APP SDK Runtime
AMD Catalyst Install Manager
AMD Drag and Drop Transcoding
AMD Fuel
AMD Media Foundation Decoders
AMD VISION Engine Control Center
Catalyst Control Center - Branding
Catalyst Control Center Graphics Previews Common
Catalyst Control Center InstallProxy
Catalyst Control Center Localization All
ccc-utility64
CCC Help Chinese Standard
CCC Help Chinese Traditional
CCC Help Czech
CCC Help Danish
CCC Help Dutch
CCC Help English
CCC Help Finnish
CCC Help French
CCC Help German
CCC Help Greek
CCC Help Hungarian
CCC Help Italian
CCC Help Japanese
CCC Help Korean
CCC Help Norwegian
CCC Help Polish
CCC Help Portuguese
CCC Help Russian
CCC Help Spanish
CCC Help Swedish
CCC Help Thai
CCC Help Turkish
Comodo Dragon
COMODO Internet Security
Dropbox
GeekBuddy
Google Drive
Google Update Helper
HitmanPro 3.7
Java 7 Update 11
Java Auto Updater
Logitech Gaming Software
Logitech Gaming Software 8.40
Malwarebytes Anti-Malware version 1.70.0.1100
Microsoft .NET Framework 4 Client Profile
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.30319
Mozilla Firefox 18.0 (x86 en-US)
Mozilla Maintenance Service
Security Update for Microsoft .NET Framework 4 Client Profile (KB2604121)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656351)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2729449)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2737019)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2742595)
swMSM
Update for Microsoft .NET Framework 4 Client Profile (KB2468871)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523)
Update for Microsoft .NET Framework 4 Client Profile (KB2600217)
VLC media player 2.0.5
WinRAR 4.20 (64-bit)
XChat 2 (remove only)
.
==== Event Viewer Messages From Past Week ========
.
1/16/2013 4:29:44 PM, Error: Service Control Manager [7026] - The following boot-start or system-start driver(s) failed to load: CFRMD
1/16/2013 4:29:34 PM, Error: volmgr [46] - Crash dump initialization failed!
1/15/2013 10:50:07 PM, Error: Microsoft-Windows-WindowsUpdateClient [20] - Installation Failure: Windows failed to install the following update with error 0x80242016: Update for Internet Explorer 8 Compatibility View List for Windows 7 for x64-based Systems (KB2598845).
1/15/2013 10:50:07 PM, Error: Microsoft-Windows-WindowsUpdateClient [20] - Installation Failure: Windows failed to install the following update with error 0x80242016: Security Update for Internet Explorer 8 for Windows 7 for x64-based Systems (KB2799329).
1/15/2013 10:47:24 PM, Error: Service Control Manager [7023] -
1/15/2013 10:46:09 PM, Error: Application Popup [877] - There was error [DATABASE OPEN FAILED] processing the driver database.
.
==== End Of File ===========================

aswMBR version 0.9.9.1707 Copyright© 2011 AVAST Software
Run date: 2013-01-16 17:07:00
-----------------------------
17:07:00.702 OS Version: Windows x64 6.1.7601 Service Pack 1
17:07:00.702 Number of processors: 4 586 0x403
17:07:00.702 ComputerName: GIGABITPONY-PC UserName: GigabitPony
17:07:00.827 Initialize success
17:10:27.285 AVAST engine defs: 13011600
17:12:41.238 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP2T0L0-4
17:12:41.238 Disk 0 Vendor: INTEL_SSDSA2M040G2GC 2CV102M3 Size: 38166MB BusType: 11
17:12:41.238 Disk 1 \Device\Harddisk1\DR1 -> \Device\Ide\IdeDeviceP6T0L0-8
17:12:41.254 Disk 1 Vendor: WDC_WD5000AAKS-00D2B0 12.01C02 Size: 476935MB BusType: 11
17:12:41.254 Disk 0 MBR read successfully
17:12:41.254 Disk 0 MBR scan
17:12:41.254 Disk 0 Windows 7 default MBR code
17:12:41.254 Disk 0 Partition 1 80 (A) 07 HPFS/NTFS NTFS 100 MB offset 2048
17:12:41.270 Disk 0 Partition 2 00 07 HPFS/NTFS NTFS 38064 MB offset 206848
17:12:41.270 Disk 0 scanning C:\Windows\system32\drivers
17:12:44.015 Service scanning
17:12:51.285 Modules scanning
17:12:51.300 Disk 0 trace - called modules:
17:12:51.316 ntoskrnl.exe CLASSPNP.SYS disk.sys ACPI.sys ataport.SYS PCIIDEX.SYS hal.dll msahci.sys
17:12:51.316 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0xfffffa8004adb060]
17:12:51.332 3 CLASSPNP.SYS[fffff880019c943f] -> nt!IofCallDriver -> [0xfffffa80048291e0]
17:12:51.332 5 ACPI.sys[fffff88000f5d7a1] -> nt!IofCallDriver -> \Device\Ide\IdeDeviceP2T0L0-4[0xfffffa8003adf060]
17:12:51.456 AVAST engine scan C:\Windows
17:12:51.909 AVAST engine scan C:\Windows\system32
17:14:35.056 AVAST engine scan C:\Windows\system32\drivers
17:14:39.081 AVAST engine scan C:\Users\GigabitPony
17:14:59.891 AVAST engine scan C:\ProgramData
17:15:08.128 Scan finished successfully
17:15:45.804 Disk 0 MBR has been saved successfully to "C:\Users\GigabitPony\Desktop\MBR.dat"
17:15:45.820 The log file has been saved successfully to "C:\Users\GigabitPony\Desktop\aswMBR.txt"

Edited by GigabitPony, 16 January 2013 - 05:28 PM.


#4 fireman4it

fireman4it

    Bleepin' Fireman


  • Malware Response Team
  • 13,512 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Greenup, Ill USA
  • Local time:01:16 PM

Posted 16 January 2013 - 05:15 PM

For x32 (x86) bit systems download Farbar Recovery Scan Tool and save it to a flash drive.
For x64 bit systems download Farbar Recovery Scan Tool x64 and save it to a flash drive.

Plug the flashdrive into the infected PC.

Enter System Recovery Options.

To enter System Recovery Options from the Advanced Boot Options:
  • Restart the computer.
  • As soon as the BIOS is loaded begin tapping the F8 key until Advanced Boot Options appears.
  • Use the arrow keys to select the Repair your computer menu item.
  • Select US as the keyboard language settings, and then click Next.
  • Select the operating system you want to repair, and then click Next.
  • Select your user account an click Next.

To enter System Recovery Options by using Windows installation disc:
  • Insert the installation disc.
  • Restart your computer.
  • If prompted, press any key to start Windows from the installation disc. If your computer is not configured to start from a CD or DVD, check your BIOS settings.
  • Click Repair your computer.
  • Select US as the keyboard language settings, and then click Next.
  • Select the operating system you want to repair, and then click Next.
  • Select your user account and click Next.

On the System Recovery Options menu you will get the following options:Startup Repair
System Restore
Windows Complete PC Restore
Windows Memory Diagnostic Tool
Command Prompt
[*]Select Command Prompt[*]In the command window type in notepad and press Enter.[*]The notepad opens. Under File menu select Open.[*]Select "Computer" and find your flash drive letter and close the notepad.[*]In the command window type e:\frst.exe (for x64 bit version type e:\frst64) and press Enter
Note: Replace letter e with the drive letter of your flash drive.[*]The tool will start to run.[*]When the tool opens click Yes to disclaimer.[*]Press Scan button.[*]It will make a log (FRST.txt) on the flash drive. Please copy and paste it to your reply.[/list]

" Extinguishing Malware from the world"

The Virus, Trojan, Spyware, and Malware Removal forum is very busy. If I'm helping you and I've not posted back within 24 hrs., send a PM with your topic link. Thank you.

ALL OTHER HELP REQUESTS VIA THE PM SYSTEM WILL BE IGNORED. The Forums are there for a reason!
Thanks-


  userbar_eis_500.gif

If I have helped you, consider making a donation to help me continue the fight against Malware! Just click btn_donate_LG.gif


#5 GigabitPony

GigabitPony
  • Topic Starter

  • Members
  • 14 posts
  • OFFLINE
  •  
  • Local time:01:16 PM

Posted 16 January 2013 - 06:08 PM

Says my post is too long so I will break it up into 2.

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 15-01-2013
Ran by SYSTEM at 16-01-2013 17:58:46
Running from J:\
Windows 7 Professional (X64) OS Language: English(US)
The current controlset is ControlSet001

==================== Registry (Whitelisted) ===================

HKLM\...\Run: [COMODO Internet Security] D:\Programs\COMODO\COMODO Internet Security\cistray.exe [x]
HKLM\...\Run: [Launch LCore] C:\Program Files\Logitech Gaming Software\LCore.exe /minimized [7406392 2012-11-28] (Logitech Inc.)
HKLM-x32\...\Run: [StartCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun [642728 2012-09-28] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe" [252848 2012-07-03] (Sun Microsystems, Inc.)
HKLM-x32\...\Run: [gbrspcontrol] "C:\Program Files (x86)\Common Files\Comodo\GeekBuddyRSP.exe" -controlservice -slave [1851088 2012-11-26] (Comodo Security Solutions, Inc.)
HKU\GigabitPony\...\Run: [GoogleDriveSync] "C:\Program Files (x86)\Google\Drive\googledrivesync.exe" /autostart [16328976 2012-12-17] (Google)
HKU\GigabitPony\...\Run: [Skype] "D:\Programs\Skype\Phone\Skype.exe" /minimized /regrun [x]
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Startup: C:\Users\All Users\Start Menu\Programs\Startup\Start GeekBuddy.lnk
ShortcutTarget: Start GeekBuddy.lnk -> C:\Program Files (x86)\Comodo\GeekBuddy\launcher.exe (Comodo Security Solutions Inc.)
Startup: C:\Users\GigabitPony\Start Menu\Programs\Startup\Dropbox.lnk
ShortcutTarget: Dropbox.lnk -> C:\Users\GigabitPony\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
Startup: C:\Users\GigabitPony\Start Menu\Programs\Startup\Logitech . Product Registration.lnk
ShortcutTarget: Logitech . Product Registration.lnk -> C:\Program Files\Logitech Gaming Software\EReg\eReg.exe (Leader Technologies/Logitech)

==================== Services (Whitelisted) ===================

2 CLPSLauncher; "C:\Program Files (x86)\Common Files\Comodo\launcher_service.exe" [70352 2012-12-19] (Comodo Security Solutions Inc.)
2 DragonUpdater; C:\Program Files (x86)\Comodo\Dragon\dragon_updater.exe [1868432 2013-01-16] ()
2 GeekBuddyRSP; "C:\Program Files (x86)\Common Files\Comodo\GeekBuddyRSP.exe" -service [1851088 2012-11-26] (Comodo Security Solutions, Inc.)
2 HitmanProScheduler; C:\Program Files\HitmanPro\hmpsched.exe [108904 2013-01-16] (SurfRight B.V.)
2 cmdAgent; "C:\Programs\COMODO\COMODO Internet Security\cmdagent.exe" [x]
3 cmdvirth; "C:\Programs\COMODO\COMODO Internet Security\cmdvirth.exe" [x]
2 SkypeUpdate; C:\Programs\Skype\Updater\Updater.exe [x]

==================== Drivers (Whitelisted) =====================

1 CFRMD; C:\Windows\SysWow64\Drivers\CFRMD.sys [37976 2012-12-04] (Windows ® Win 7 DDK provider)
1 cmderd; C:\Windows\System32\Drivers\cmderd.sys [23328 2012-12-14] (COMODO)
1 cmdGuard; C:\Windows\System32\Drivers\cmdGuard.sys [697960 2012-12-14] (COMODO)
3 LGSHidFilt; C:\Windows\System32\Drivers\LGSHidFilt.sys [66360 2012-10-02] (Logitech Inc.)

==================== NetSvcs (Whitelisted) ====================


==================== One Month Created Files and Folders ========

2013-01-16 14:34 - 2012-08-23 06:13 - 00243200 ____A (Microsoft Corporation) C:\Windows\System32\rdpudd.dll
2013-01-16 14:34 - 2012-08-23 06:10 - 00019456 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\rdpvideominiport.sys
2013-01-16 14:34 - 2012-08-23 06:07 - 00057856 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\TsUsbFlt.sys
2013-01-16 14:34 - 2012-08-23 05:47 - 00046592 ____A (Microsoft Corporation) C:\Windows\SysWOW64\MsRdpWebAccess.dll
2013-01-16 14:34 - 2012-08-23 05:46 - 00016896 ____A (Microsoft Corporation) C:\Windows\SysWOW64\wksprtPS.dll
2013-01-16 14:34 - 2012-08-23 05:41 - 00013312 ____A (Microsoft Corporation) C:\Windows\System32\TsUsbRedirectionGroupPolicyControl.exe
2013-01-16 14:34 - 2012-08-23 05:40 - 00013312 ____A (Microsoft Corporation) C:\Windows\System32\TsUsbRedirectionGroupPolicyExtension.dll
2013-01-16 14:34 - 2012-08-23 05:24 - 00015360 ____A (Microsoft Corporation) C:\Windows\System32\RdpGroupPolicyExtension.dll
2013-01-16 14:34 - 2012-08-23 05:20 - 00054272 ____A (Microsoft Corporation) C:\Windows\System32\MsRdpWebAccess.dll
2013-01-16 14:34 - 2012-08-23 05:18 - 00037376 ____A (Microsoft Corporation) C:\Windows\SysWOW64\tsgqec.dll
2013-01-16 14:34 - 2012-08-23 05:17 - 00018432 ____A (Microsoft Corporation) C:\Windows\System32\wksprtPS.dll
2013-01-16 14:34 - 2012-08-23 05:06 - 00043520 ____A (Microsoft Corporation) C:\Windows\System32\TsUsbGDCoInstaller.dll
2013-01-16 14:34 - 2012-08-23 04:52 - 00044032 ____A (Microsoft Corporation) C:\Windows\System32\tsgqec.dll
2013-01-16 14:34 - 2012-08-23 03:20 - 00062976 ____A (Microsoft Corporation) C:\Windows\System32\TSWbPrxy.exe
2013-01-16 14:34 - 2012-08-23 03:15 - 00269312 ____A (Microsoft Corporation) C:\Windows\SysWOW64\aaclient.dll
2013-01-16 14:34 - 2012-08-23 03:14 - 00384000 ____A (Microsoft Corporation) C:\Windows\System32\wksprt.exe
2013-01-16 14:34 - 2012-08-23 03:12 - 00192000 ____A (Microsoft Corporation) C:\Windows\SysWOW64\rdpendp_winip.dll
2013-01-16 14:34 - 2012-08-23 02:54 - 00322560 ____A (Microsoft Corporation) C:\Windows\System32\aaclient.dll
2013-01-16 14:34 - 2012-08-23 02:51 - 00228864 ____A (Microsoft Corporation) C:\Windows\System32\rdpendp_winip.dll
2013-01-16 14:34 - 2012-08-23 02:39 - 01048064 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mstsc.exe
2013-01-16 14:34 - 2012-08-23 02:22 - 01123840 ____A (Microsoft Corporation) C:\Windows\System32\mstsc.exe
2013-01-16 14:34 - 2012-08-23 01:51 - 03174912 ____A (Microsoft Corporation) C:\Windows\System32\rdpcorets.dll
2013-01-16 14:34 - 2012-08-23 00:19 - 04916224 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mstscax.dll
2013-01-16 14:34 - 2012-08-23 00:13 - 05773824 ____A (Microsoft Corporation) C:\Windows\System32\mstscax.dll
2013-01-16 14:33 - 2012-10-09 10:17 - 00226816 ____A (Microsoft Corporation) C:\Windows\System32\dhcpcore6.dll
2013-01-16 14:33 - 2012-10-09 10:17 - 00055296 ____A (Microsoft Corporation) C:\Windows\System32\dhcpcsvc6.dll
2013-01-16 14:33 - 2012-10-09 09:40 - 00193536 ____A (Microsoft Corporation) C:\Windows\SysWOW64\dhcpcore6.dll
2013-01-16 14:33 - 2012-10-09 09:40 - 00044032 ____A (Microsoft Corporation) C:\Windows\SysWOW64\dhcpcsvc6.dll
2013-01-16 14:33 - 2012-10-03 09:56 - 01914248 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\tcpip.sys
2013-01-16 14:33 - 2012-10-03 09:44 - 00303104 ____A (Microsoft Corporation) C:\Windows\System32\nlasvc.dll
2013-01-16 14:33 - 2012-10-03 09:44 - 00246272 ____A (Microsoft Corporation) C:\Windows\System32\netcorehc.dll
2013-01-16 14:33 - 2012-10-03 09:44 - 00216576 ____A (Microsoft Corporation) C:\Windows\System32\ncsi.dll
2013-01-16 14:33 - 2012-10-03 09:44 - 00070656 ____A (Microsoft Corporation) C:\Windows\System32\nlaapi.dll
2013-01-16 14:33 - 2012-10-03 09:44 - 00018944 ____A (Microsoft Corporation) C:\Windows\System32\netevent.dll
2013-01-16 14:33 - 2012-10-03 09:42 - 00569344 ____A (Microsoft Corporation) C:\Windows\System32\iphlpsvc.dll
2013-01-16 14:33 - 2012-10-03 08:42 - 00175104 ____A (Microsoft Corporation) C:\Windows\SysWOW64\netcorehc.dll
2013-01-16 14:33 - 2012-10-03 08:42 - 00156672 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ncsi.dll
2013-01-16 14:33 - 2012-10-03 08:42 - 00018944 ____A (Microsoft Corporation) C:\Windows\SysWOW64\netevent.dll
2013-01-16 14:33 - 2012-10-03 08:07 - 00045568 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\tcpipreg.sys
2013-01-16 14:33 - 2012-08-24 10:13 - 00154480 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\ksecpkg.sys
2013-01-16 14:33 - 2012-08-24 10:09 - 00458712 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\cng.sys
2013-01-16 14:33 - 2012-08-24 10:05 - 00340992 ____A (Microsoft Corporation) C:\Windows\System32\schannel.dll
2013-01-16 14:33 - 2012-08-24 10:03 - 01448448 ____A (Microsoft Corporation) C:\Windows\System32\lsasrv.dll
2013-01-16 14:33 - 2012-08-24 08:57 - 00247808 ____A (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2013-01-16 14:33 - 2012-08-24 08:57 - 00022016 ____A (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2013-01-16 14:33 - 2012-08-24 08:53 - 00096768 ____A (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2013-01-16 14:33 - 2012-08-22 10:12 - 00950128 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\ndis.sys
2013-01-16 14:33 - 2012-08-22 10:12 - 00376688 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\netio.sys
2013-01-16 14:33 - 2012-08-22 10:12 - 00288624 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\FWPKCLNT.SYS
2013-01-16 14:33 - 2012-08-21 13:01 - 00245760 ____A (Microsoft Corporation) C:\Windows\System32\OxpsConverter.exe
2013-01-16 14:33 - 2012-07-04 12:26 - 00041472 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\RNDISMP.sys
2013-01-16 14:33 - 2012-05-04 03:00 - 00366592 ____A (Microsoft Corporation) C:\Windows\System32\qdvd.dll
2013-01-16 14:33 - 2012-05-04 01:59 - 00514560 ____A (Microsoft Corporation) C:\Windows\SysWOW64\qdvd.dll
2013-01-16 14:33 - 2012-01-12 23:12 - 00052224 ____A (Microsoft Corporation) C:\Windows\SysWOW64\nlaapi.dll
2013-01-16 14:22 - 2013-01-16 14:40 - 00000000 ____D C:\Users\GigabitPony\AppData\Roaming\Skype
2013-01-16 14:21 - 2013-01-16 14:22 - 00000000 ____D C:\Users\All Users\Skype
2013-01-16 14:17 - 2013-01-16 14:17 - 00000000 ____D C:\Users\GigabitPony\Desktop\bleepingcomputerhelp
2013-01-16 14:14 - 2012-11-22 19:13 - 00068608 ____A (Microsoft Corporation) C:\Windows\System32\taskhost.exe
2013-01-16 13:59 - 2013-01-16 14:00 - 00000000 ____D C:\Users\GigabitPony\Desktop\Games
2013-01-16 13:43 - 2013-01-16 13:44 - 00000000 ____D C:\Users\GigabitPony\AppData\Roaming\WinRAR
2013-01-16 13:32 - 2013-01-16 14:11 - 00000000 ____D C:\Users\GigabitPony\AppData\Roaming\.minecraft
2013-01-16 12:56 - 2013-01-16 12:57 - 00000000 ____D C:\Users\All Users\HitmanPro
2013-01-16 12:56 - 2013-01-16 12:56 - 00000000 ____D C:\Program Files\HitmanPro
2013-01-16 12:55 - 2013-01-16 12:55 - 00000938 ____A C:\AdwCleaner[R3].txt
2013-01-16 12:55 - 2013-01-16 12:55 - 00000879 ____A C:\AdwCleaner[R2].txt
2013-01-16 12:49 - 2013-01-16 12:49 - 00000820 ____A C:\AdwCleaner[R1].txt
2013-01-15 21:58 - 2013-01-15 21:58 - 00000000 ____D C:\Windows\SysWOW64\Adobe
2013-01-15 21:56 - 2013-01-15 21:56 - 00018960 ____A (Logitech, Inc.) C:\Windows\System32\Drivers\LNonPnP.sys
2013-01-15 21:56 - 2013-01-15 21:56 - 00000388 ____A C:\Windows\LkmdfCoInst.log
2013-01-15 21:56 - 2013-01-15 21:56 - 00000000 ____D C:\Users\GigabitPony\AppData\Roaming\Leadertech
2013-01-15 21:56 - 2013-01-15 21:56 - 00000000 ____D C:\Users\GigabitPony\AppData\Local\Logitech
2013-01-15 21:55 - 2013-01-15 21:57 - 00000000 ____D C:\Users\All Users\Adobe
2013-01-15 21:55 - 2013-01-15 21:56 - 00000000 ____D C:\Program Files\Logitech Gaming Software
2013-01-15 21:55 - 2013-01-15 21:55 - 00000000 ____D C:\Users\GigabitPony\AppData\Roaming\Logitech
2013-01-15 21:55 - 2013-01-15 21:55 - 00000000 ____D C:\Users\GigabitPony\AppData\Roaming\Logishrd
2013-01-15 21:55 - 2013-01-15 21:55 - 00000000 ____D C:\Users\All Users\LogiShrd
2013-01-15 21:46 - 2013-01-15 21:46 - 00000000 ____D C:\Users\GigabitPony\AppData\Local\Macromedia
2013-01-15 21:45 - 2013-01-15 21:56 - 00697864 ____A (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2013-01-15 21:45 - 2013-01-15 21:45 - 00000000 ____D C:\Windows\System32\Macromed
2013-01-15 21:02 - 2013-01-16 13:29 - 00007258 ____A C:\Windows\PFRO.log
2013-01-15 20:36 - 2013-01-15 20:36 - 00000000 ____D C:\Windows\System32\SPReview
2013-01-15 20:36 - 2013-01-15 20:36 - 00000000 ____D C:\Windows\System32\EventProviders
2013-01-15 20:30 - 2013-01-16 14:41 - 01474832 ____A C:\Windows\System32\Drivers\sfi.dat
2013-01-15 20:30 - 2013-01-15 20:30 - 00000000 ___SD C:\Users\All Users\Shared Space
2013-01-15 20:30 - 2010-11-20 05:39 - 05066752 ____A (Microsoft Corporation) C:\Windows\System32\AuthFWSnapin.dll
2013-01-15 20:30 - 2010-11-20 05:34 - 00295808 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\volsnap.sys
2013-01-15 20:30 - 2010-11-20 05:34 - 00215936 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\vhdmp.sys
2013-01-15 20:30 - 2010-11-20 05:34 - 00199552 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\vmbus.sys
2013-01-15 20:30 - 2010-11-20 05:33 - 00982912 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\dxgkrnl.sys
2013-01-15 20:30 - 2010-11-20 05:33 - 00366976 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\msrpc.sys
2013-01-15 20:30 - 2010-11-20 05:33 - 00299392 ____A (Microsoft Corporation) C:\Windows\System32\mcupdate_GenuineIntel.dll
2013-01-15 20:30 - 2010-11-20 05:33 - 00289664 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\fltMgr.sys
2013-01-15 20:30 - 2010-11-20 05:33 - 00273792 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\msiscsi.sys
2013-01-15 20:30 - 2010-11-20 05:29 - 00345600 ____A (Microsoft Corporation) C:\Windows\System32\fveapi.dll
2013-01-15 20:30 - 2010-11-20 05:28 - 00298104 ____A (Microsoft Corporation) C:\Windows\System32\bcryptprimitives.dll
2013-01-15 20:30 - 2010-11-20 05:27 - 14633472 ____A (Microsoft Corporation) C:\Windows\System32\wmp.dll
2013-01-15 20:30 - 2010-11-20 05:27 - 03860992 ____A (Microsoft Corporation) C:\Windows\System32\UIRibbon.dll
2013-01-15 20:30 - 2010-11-20 05:27 - 03650560 ____A (Microsoft Corporation) C:\Windows\System32\MSVidCtl.dll
2013-01-15 20:30 - 2010-11-20 05:27 - 03027968 ____A (Microsoft Corporation) C:\Windows\System32\WMVCORE.DLL
2013-01-15 20:30 - 2010-11-20 05:27 - 03008000 ____A (Microsoft Corporation) C:\Windows\System32\xpsservices.dll
2013-01-15 20:30 - 2010-11-20 05:27 - 02652160 ____A (Microsoft Corporation) C:\Windows\System32\netshell.dll
2013-01-15 20:30 - 2010-11-20 05:27 - 02543616 ____A (Microsoft Corporation) C:\Windows\System32\wpdshext.dll
2013-01-15 20:30 - 2010-11-20 05:27 - 02262528 ____A (Microsoft Corporation) C:\Windows\System32\SyncCenter.dll
2013-01-15 20:30 - 2010-11-20 05:27 - 02086912 ____A (Microsoft Corporation) C:\Windows\System32\ole32.dll
2013-01-15 20:30 - 2010-11-20 05:27 - 02072576 ____A (Microsoft Corporation) C:\Windows\System32\WMPEncEn.dll
2013-01-15 20:30 - 2010-11-20 05:27 - 02055680 ____A (Microsoft Corporation) C:\Windows\System32\Query.dll
2013-01-15 20:30 - 2010-11-20 05:27 - 02018304 ____A (Microsoft Corporation) C:\Windows\System32\WsmSvc.dll
2013-01-15 20:30 - 2010-11-20 05:27 - 01900544 ____A (Microsoft Corporation) C:\Windows\System32\setupapi.dll
2013-01-15 20:30 - 2010-11-20 05:27 - 01888256 ____A (Microsoft Corporation) C:\Windows\System32\WMVDECOD.DLL
2013-01-15 20:30 - 2010-11-20 05:27 - 01808384 ____A (Microsoft Corporation) C:\Windows\System32\pnidui.dll
2013-01-15 20:30 - 2010-11-20 05:27 - 01753088 ____A (Microsoft Corporation) C:\Windows\System32\vssapi.dll
2013-01-15 20:30 - 2010-11-20 05:27 - 01743360 ____A (Microsoft Corporation) C:\Windows\System32\sysmain.dll
2013-01-15 20:30 - 2010-11-20 05:27 - 01646080 ____A (Microsoft Corporation) C:\Windows\System32\wevtsvc.dll
2013-01-15 20:30 - 2010-11-20 05:27 - 01556992 ____A (Microsoft Corporation) C:\Windows\System32\RacEngn.dll
2013-01-15 20:30 - 2010-11-20 05:27 - 01509888 ____A (Microsoft Corporation) C:\Windows\System32\msdtctm.dll
2013-01-15 20:30 - 2010-11-20 05:27 - 01441280 ____A (Microsoft Corporation) C:\Windows\System32\wlanpref.dll
2013-01-15 20:30 - 2010-11-20 05:27 - 01326080 ____A (Microsoft Corporation) C:\Windows\System32\NaturalLanguage6.dll
2013-01-15 20:30 - 2010-11-20 05:27 - 01281024 ____A (Microsoft Corporation) C:\Windows\System32\werconcpl.dll
2013-01-15 20:30 - 2010-11-20 05:27 - 01243136 ____A (Microsoft Corporation) C:\Windows\System32\WMNetMgr.dll
2013-01-15 20:30 - 2010-11-20 05:27 - 01219584 ____A (Microsoft Corporation) C:\Windows\System32\rpcrt4.dll
2013-01-15 20:30 - 2010-11-20 05:27 - 01212416 ____A (Microsoft Corporation) C:\Windows\System32\propsys.dll
2013-01-15 20:30 - 2010-11-20 05:27 - 01197056 ____A (Microsoft Corporation) C:\Windows\System32\taskschd.dll
2013-01-15 20:30 - 2010-11-20 05:27 - 01190400 ____A (Microsoft Corporation) C:\Windows\System32\WindowsCodecs.dll
2013-01-15 20:30 - 2010-11-20 05:27 - 01158656 ____A (Microsoft Corporation) C:\Windows\System32\webservices.dll
2013-01-15 20:30 - 2010-11-20 05:27 - 01110016 ____A (Microsoft Corporation) C:\Windows\System32\schedsvc.dll
2013-01-15 20:30 - 2010-11-20 05:27 - 01098240 ____A (Microsoft Corporation) C:\Windows\System32\Vault.dll
2013-01-15 20:30 - 2010-11-20 05:27 - 01082880 ____A (Microsoft Corporation) C:\Windows\System32\sppobjs.dll
2013-01-15 20:30 - 2010-11-20 05:27 - 01050624 ____A (Microsoft Corporation) C:\Windows\System32\printui.dll
2013-01-15 20:30 - 2010-11-20 05:27 - 01024512 ____A (Microsoft Corporation) C:\Windows\System32\wmpmde.dll
2013-01-15 20:30 - 2010-11-20 05:27 - 01008128 ____A (Microsoft Corporation) C:\Windows\System32\user32.dll
2013-01-15 20:30 - 2010-11-20 05:27 - 00933888 ____A (Microsoft Corporation) C:\Windows\System32\sqlsrv32.dll
2013-01-15 20:30 - 2010-11-20 05:27 - 00867840 ____A (Microsoft Corporation) C:\Windows\System32\SearchFolder.dll
2013-01-15 20:30 - 2010-11-20 05:27 - 00849920 ____A (Microsoft Corporation) C:\Windows\System32\qmgr.dll
2013-01-15 20:30 - 2010-11-20 05:27 - 00758784 ____A (Microsoft Corporation) C:\Windows\System32\samsrv.dll
2013-01-15 20:30 - 2010-11-20 05:27 - 00758272 ____A (Microsoft Corporation) C:\Windows\System32\PortableDeviceApi.dll
2013-01-15 20:30 - 2010-11-20 05:27 - 00750080 ____A (Microsoft Corporation) C:\Windows\System32\TSWorkspace.dll
2013-01-15 20:30 - 2010-11-20 05:27 - 00720896 ____A (Microsoft Corporation) C:\Windows\System32\odbc32.dll
2013-01-15 20:30 - 2010-11-20 05:27 - 00695808 ____A (Microsoft Corporation) C:\Windows\System32\netlogon.dll
2013-01-15 20:30 - 2010-11-20 05:27 - 00680960 ____A (Microsoft Corporation) C:\Windows\System32\termsrv.dll
2013-01-15 20:30 - 2010-11-20 05:27 - 00605696 ____A (Microsoft Corporation) C:\Windows\System32\wmpeffects.dll
2013-01-15 20:30 - 2010-11-20 05:27 - 00582656 ____A (Microsoft Corporation) C:\Windows\System32\sxs.dll
2013-01-15 20:30 - 2010-11-20 05:27 - 00577536 ____A (Microsoft Corporation) C:\Windows\System32\WSDApi.dll
2013-01-15 20:30 - 2010-11-20 05:27 - 00571904 ____A (Microsoft Corporation) C:\Windows\System32\mspbda.dll
2013-01-15 20:30 - 2010-11-20 05:27 - 00524288 ____A (Microsoft Corporation) C:\Windows\System32\wmicmiplugin.dll
2013-01-15 20:30 - 2010-11-20 05:27 - 00519680 ____A (Microsoft Corporation) C:\Windows\System32\netcfgx.dll
2013-01-15 20:30 - 2010-11-20 05:27 - 00512000 ____A (Microsoft Corporation) C:\Windows\System32\rpcss.dll
2013-01-15 20:30 - 2010-11-20 05:27 - 00501248 ____A (Microsoft Corporation) C:\Windows\System32\WinSATAPI.dll
2013-01-15 20:30 - 2010-11-20 05:27 - 00488448 ____A (Microsoft Corporation) C:\Windows\System32\secproc.dll
2013-01-15 20:30 - 2010-11-20 05:27 - 00485888 ____A (Microsoft Corporation) C:\Windows\System32\secproc_isv.dll
2013-01-15 20:30 - 2010-11-20 05:27 - 00481280 ____A (Microsoft Corporation) C:\Windows\System32\wmpps.dll
2013-01-15 20:30 - 2010-11-20 05:27 - 00476160 ____A (Microsoft Corporation) C:\Windows\System32\QAGENTRT.DLL
2013-01-15 20:30 - 2010-11-20 05:27 - 00473600 ____A (Microsoft Corporation) C:\Windows\System32\taskcomp.dll
2013-01-15 20:30 - 2010-11-20 05:27 - 00457216 ____A (Microsoft Corporation) C:\Windows\System32\msdrm.dll
2013-01-15 20:30 - 2010-11-20 05:27 - 00448512 ____A (Microsoft Corporation) C:\Windows\System32\shlwapi.dll
2013-01-15 20:30 - 2010-11-20 05:27 - 00444416 ____A (Microsoft Corporation) C:\Windows\System32\winhttp.dll
2013-01-15 20:30 - 2010-11-20 05:27 - 00409600 ____A (Microsoft Corporation) C:\Windows\System32\photowiz.dll
2013-01-15 20:30 - 2010-11-20 05:27 - 00370688 ____A (Microsoft Corporation) C:\Windows\System32\shsvcs.dll
2013-01-15 20:30 - 2010-11-20 05:27 - 00326144 ____A (Microsoft Corporation) C:\Windows\System32\mswsock.dll
2013-01-15 20:30 - 2010-11-20 05:27 - 00324096 ____A (Microsoft Corporation) C:\Windows\System32\netdiagfx.dll
2013-01-15 20:30 - 2010-11-20 05:27 - 00312832 ____A (Microsoft Corporation) C:\Windows\System32\Wldap32.dll
2013-01-15 20:30 - 2010-11-20 05:27 - 00312320 ____A (Microsoft Corporation) C:\Windows\System32\msv1_0.dll
2013-01-15 20:30 - 2010-11-20 05:27 - 00303616 ____A (Microsoft Corporation) C:\Windows\System32\scansetting.dll
2013-01-15 20:30 - 2010-11-20 05:27 - 00299520 ____A (Microsoft Corporation) C:\Windows\System32\tsmf.dll
2013-01-15 20:30 - 2010-11-20 05:27 - 00297984 ____A (Microsoft Corporation) C:\Windows\System32\ws2_32.dll
2013-01-15 20:30 - 2010-11-20 05:27 - 00266240 ____A (Microsoft Corporation) C:\Windows\System32\QAGENT.DLL
2013-01-15 20:30 - 2010-11-20 05:27 - 00263168 ____A (Microsoft Corporation) C:\Windows\System32\vpnike.dll
2013-01-15 20:30 - 2010-11-20 05:27 - 00263168 ____A (Microsoft Corporation) C:\Windows\System32\spwizui.dll
2013-01-15 20:30 - 2010-11-20 05:27 - 00258560 ____A (Microsoft Corporation) C:\Windows\System32\WebClnt.dll
2013-01-15 20:30 - 2010-11-20 05:27 - 00257024 ____A (Microsoft Corporation) C:\Windows\System32\stobject.dll
2013-01-15 20:30 - 2010-11-20 05:27 - 00253440 ____A (Microsoft Corporation) C:\Windows\System32\tcpipcfg.dll
2013-01-15 20:30 - 2010-11-20 05:27 - 00244224 ____A (Microsoft Corporation) C:\Windows\System32\spp.dll
2013-01-15 20:30 - 2010-11-20 05:27 - 00236032 ____A (Microsoft Corporation) C:\Windows\System32\srvsvc.dll
2013-01-15 20:30 - 2010-11-20 05:27 - 00235008 ____A (Microsoft Corporation) C:\Windows\System32\winsta.dll
2013-01-15 20:30 - 2010-11-20 05:27 - 00223232 ____A (Microsoft Corporation) C:\Windows\System32\QSHVHOST.DLL
2013-01-15 20:30 - 2010-11-20 05:27 - 00214528 ____A (Microsoft Corporation) C:\Windows\System32\umrdp.dll
2013-01-15 20:30 - 2010-11-20 05:27 - 00200192 ____A (Microsoft Corporation) C:\Windows\System32\tscfgwmi.dll
2013-01-15 20:30 - 2010-11-20 05:27 - 00183808 ____A (Microsoft Corporation) C:\Windows\System32\prncache.dll
2013-01-15 20:30 - 2010-11-20 05:27 - 00167424 ____A (Microsoft Corporation) C:\Windows\System32\rdpendp.dll
2013-01-15 20:30 - 2010-11-20 05:27 - 00165376 ____A (Microsoft Corporation) C:\Windows\System32\netid.dll
2013-01-15 20:30 - 2010-11-20 05:27 - 00146944 ____A (Microsoft Corporation) C:\Windows\System32\scavengeui.dll
2013-01-15 20:30 - 2010-11-20 05:27 - 00121856 ____A (Microsoft Corporation) C:\Windows\System32\SessEnv.dll
2013-01-15 20:30 - 2010-11-20 05:27 - 00109056 ____A (Microsoft Corporation) C:\Windows\System32\userenv.dll
2013-01-15 20:30 - 2010-11-20 05:26 - 04120064 ____A (Microsoft Corporation) C:\Windows\System32\mf.dll
2013-01-15 20:30 - 2010-11-20 05:26 - 03391488 ____A (Microsoft Corporation) C:\Windows\System32\dbgeng.dll
2013-01-15 20:30 - 2010-11-20 05:26 - 03205120 ____A (Microsoft Corporation) C:\Windows\System32\mmcndmgr.dll
2013-01-15 20:30 - 2010-11-20 05:26 - 02067456 ____A (Microsoft Corporation) C:\Windows\System32\d3d9.dll
2013-01-15 20:30 - 2010-11-20 05:26 - 01866240 ____A (Microsoft Corporation) C:\Windows\System32\ExplorerFrame.dll
2013-01-15 20:30 - 2010-11-20 05:26 - 01838080 ____A (Microsoft Corporation) C:\Windows\System32\d3d10warp.dll
2013-01-15 20:30 - 2010-11-20 05:26 - 01632256 ____A (Microsoft Corporation) C:\Windows\System32\dwmcore.dll
2013-01-15 20:30 - 2010-11-20 05:26 - 01340416 ____A (Microsoft Corporation) C:\Windows\System32\diagperf.dll
2013-01-15 20:30 - 2010-11-20 05:26 - 01244160 ____A (Microsoft Corporation) C:\Windows\System32\imapi2fs.dll
2013-01-15 20:30 - 2010-11-20 05:26 - 01009152 ____A (Microsoft Corporation) C:\Windows\System32\mcmde.dll
2013-01-15 20:30 - 2010-11-20 05:26 - 00853504 ____A (Microsoft Corporation) C:\Windows\System32\IKEEXT.DLL
2013-01-15 20:30 - 2010-11-20 05:26 - 00828416 ____A (Microsoft Corporation) C:\Windows\System32\MPSSVC.dll
2013-01-15 20:30 - 2010-11-20 05:26 - 00787968 ____A (Microsoft Corporation) C:\Windows\System32\d3d11.dll
2013-01-15 20:30 - 2010-11-20 05:26 - 00784896 ____A (Microsoft Corporation) C:\Windows\System32\gpprefcl.dll
2013-01-15 20:30 - 2010-11-20 05:26 - 00777728 ____A (Microsoft Corporation) C:\Windows\System32\gpsvc.dll
2013-01-15 20:30 - 2010-11-20 05:26 - 00658944 ____A (Microsoft Corporation) C:\Windows\System32\dxgi.dll
2013-01-15 20:30 - 2010-11-20 05:26 - 00630272 ____A (Microsoft Corporation) C:\Windows\System32\evr.dll
2013-01-15 20:30 - 2010-11-20 05:26 - 00584192 ____A (Microsoft Corporation) C:\Windows\System32\ipsmsnap.dll
2013-01-15 20:30 - 2010-11-20 05:26 - 00551936 ____A (Microsoft Corporation) C:\Windows\System32\localsec.dll
2013-01-15 20:30 - 2010-11-20 05:26 - 00503296 ____A (Microsoft Corporation) C:\Windows\System32\imapi2.dll
2013-01-15 20:30 - 2010-11-20 05:26 - 00501248 ____A (Microsoft Corporation) C:\Windows\System32\IPSECSVC.DLL
2013-01-15 20:30 - 2010-11-20 05:26 - 00422912 ____A (Microsoft Corporation) C:\Windows\System32\drvstore.dll
2013-01-15 20:30 - 2010-11-20 05:26 - 00403968 ____A (Microsoft Corporation) C:\Windows\System32\gdi32.dll
2013-01-15 20:30 - 2010-11-20 05:26 - 00381440 ____A (Microsoft Corporation) C:\Windows\System32\mfds.dll
2013-01-15 20:30 - 2010-11-20 05:26 - 00317952 ____A (Microsoft Corporation) C:\Windows\System32\dhcpcore.dll
2013-01-15 20:30 - 2010-11-20 05:26 - 00295936 ____A (Microsoft Corporation) C:\Windows\System32\framedynos.dll
2013-01-15 20:30 - 2010-11-20 05:26 - 00281600 ____A (Microsoft) C:\Windows\System32\DShowRdpFilter.dll
2013-01-15 20:30 - 2010-11-20 05:26 - 00279040 ____A (Microsoft Corporation) C:\Windows\System32\framedyn.dll
2013-01-15 20:30 - 2010-11-20 05:26 - 00257024 ____A (Microsoft Corporation) C:\Windows\System32\mfreadwrite.dll
2013-01-15 20:30 - 2010-11-20 05:26 - 00235008 ____A (Microsoft Corporation) C:\Windows\System32\hgprint.dll
2013-01-15 20:30 - 2010-11-20 05:26 - 00171520 ____A (Microsoft Corporation) C:\Windows\System32\fde.dll
2013-01-15 20:30 - 2010-11-20 05:26 - 00166912 ____A (Microsoft Corporation) C:\Windows\System32\inetpp.dll
2013-01-15 20:30 - 2010-11-20 05:26 - 00100864 ____A (Microsoft Corporation) C:\Windows\System32\davclnt.dll
2013-01-15 20:30 - 2010-11-20 05:26 - 00084992 ____A (Microsoft Corporation) C:\Windows\System32\dot3api.dll
2013-01-15 20:30 - 2010-11-20 05:25 - 03957760 ____A (Microsoft Corporation) C:\Windows\System32\WinSAT.exe
2013-01-15 20:30 - 2010-11-20 05:25 - 01975296 ____A (Microsoft Corporation) C:\Windows\System32\CertEnroll.dll
2013-01-15 20:30 - 2010-11-20 05:25 - 01927680 ____A (Microsoft Corporation) C:\Windows\System32\authui.dll
2013-01-15 20:30 - 2010-11-20 05:25 - 01796096 ____A (Microsoft Corporation) C:\Windows\System32\certmgr.dll
2013-01-15 20:30 - 2010-11-20 05:25 - 01600512 ____A (Microsoft Corporation) C:\Windows\System32\VSSVC.exe
2013-01-15 20:30 - 2010-11-20 05:25 - 01504256 ____A (Microsoft Corporation) C:\Windows\System32\wbengine.exe
2013-01-15 20:30 - 2010-11-20 05:25 - 00958464 ____A (Microsoft Corporation) C:\Windows\System32\actxprxy.dll
2013-01-15 20:30 - 2010-11-20 05:25 - 00897536 ____A (Microsoft Corporation) C:\Windows\System32\azroles.dll
2013-01-15 20:30 - 2010-11-20 05:25 - 00705024 ____A (Microsoft Corporation) C:\Windows\System32\BFE.DLL
2013-01-15 20:30 - 2010-11-20 05:25 - 00692224 ____A (Microsoft Corporation) C:\Windows\System32\cscsvc.dll
2013-01-15 20:30 - 2010-11-20 05:25 - 00679424 ____A (Microsoft Corporation) C:\Windows\System32\audiosrv.dll
2013-01-15 20:30 - 2010-11-20 05:25 - 00598016 ____A (Microsoft Corporation) C:\Windows\System32\spinstall.exe
2013-01-15 20:30 - 2010-11-20 05:25 - 00594432 ____A (Microsoft Corporation) C:\Windows\System32\comdlg32.dll
2013-01-15 20:30 - 2010-11-20 05:25 - 00504320 ____A (Microsoft Corporation) C:\Windows\System32\biocpl.dll
2013-01-15 20:30 - 2010-11-20 05:25 - 00498688 ____A (Microsoft Corporation) C:\Windows\System32\cscui.dll
2013-01-15 20:30 - 2010-11-20 05:25 - 00479232 ____A (Microsoft Corporation) C:\Windows\System32\appmgr.dll
2013-01-15 20:30 - 2010-11-20 05:25 - 00464384 ____A (Microsoft Corporation) C:\Windows\System32\taskeng.exe
2013-01-15 20:30 - 2010-11-20 05:25 - 00412160 ____A (Microsoft Corporation) C:\Windows\System32\aepdu.dll
2013-01-15 20:30 - 2010-11-20 05:25 - 00390656 ____A (Microsoft Corporation) C:\Windows\System32\winlogon.exe
2013-01-15 20:30 - 2010-11-20 05:25 - 00362496 ____A (Microsoft Corporation) C:\Windows\System32\RMActivate_isv.exe
2013-01-15 20:30 - 2010-11-20 05:25 - 00359424 ____A (Microsoft Corporation) C:\Windows\System32\RMActivate.exe
2013-01-15 20:30 - 2010-11-20 05:25 - 00342016 ____A (Microsoft Corporation) C:\Windows\System32\apphelp.dll
2013-01-15 20:30 - 2010-11-20 05:25 - 00301568 ____A (Microsoft Corporation) C:\Windows\System32\spreview.exe
2013-01-15 20:30 - 2010-11-20 05:25 - 00296448 ____A (Microsoft Corporation) C:\Windows\System32\AudioSes.dll
2013-01-15 20:30 - 2010-11-20 05:25 - 00285696 ____A (Microsoft Corporation) C:\Windows\System32\schtasks.exe
2013-01-15 20:30 - 2010-11-20 05:25 - 00240640 ____A (Microsoft Corporation) C:\Windows\System32\cscobj.dll
2013-01-15 20:30 - 2010-11-20 05:25 - 00210944 ____A (Microsoft Corporation) C:\Windows\System32\rdpclip.exe
2013-01-15 20:30 - 2010-11-20 05:25 - 00197120 ____A (Microsoft Corporation) C:\Windows\System32\credui.dll
2013-01-15 20:30 - 2010-11-20 05:25 - 00055296 ____A (Microsoft Corporation) C:\Windows\System32\PushPrinterConnections.exe
2013-01-15 20:30 - 2010-11-20 05:24 - 00689152 ____A (Microsoft Corporation) C:\Windows\System32\FXSSVC.exe
2013-01-15 20:30 - 2010-11-20 05:24 - 00653312 ____A (Microsoft Corporation) C:\Windows\System32\lpksetup.exe
2013-01-15 20:30 - 2010-11-20 05:24 - 00378880 ____A (Microsoft Corporation) C:\Windows\System32\msinfo32.exe
2013-01-15 20:30 - 2010-11-20 05:24 - 00345088 ____A (Microsoft Corporation) C:\Windows\System32\cmd.exe
2013-01-15 20:30 - 2010-11-20 05:24 - 00343040 ____A (Microsoft Corporation) C:\Windows\System32\lsm.exe
2013-01-15 20:30 - 2010-11-20 05:24 - 00272896 ____A (Microsoft Corporation) C:\Windows\System32\mcbuilder.exe
2013-01-15 20:30 - 2010-11-20 04:55 - 00144384 ____A (Microsoft Corporation) C:\Windows\System32\cdd.dll
2013-01-15 20:30 - 2010-11-20 04:51 - 00424448 ____A (Microsoft Corporation) C:\Windows\System32\aeinv.dll
2013-01-15 20:30 - 2010-11-20 04:32 - 05066752 ____A (Microsoft Corporation) C:\Windows\SysWOW64\AuthFWSnapin.dll
2013-01-15 20:30 - 2010-11-20 04:21 - 11410432 ____A (Microsoft Corporation) C:\Windows\SysWOW64\wmp.dll
2013-01-15 20:30 - 2010-11-20 04:21 - 01712640 ____A (Microsoft Corporation) C:\Windows\SysWOW64\xpsservices.dll
2013-01-15 20:30 - 2010-11-20 04:21 - 01667584 ____A (Microsoft Corporation) C:\Windows\SysWOW64\setupapi.dll
2013-01-15 20:30 - 2010-11-20 04:21 - 01619456 ____A (Microsoft Corporation) C:\Windows\SysWOW64\WMVDECOD.DLL
2013-01-15 20:30 - 2010-11-20 04:21 - 01363456 ____A (Microsoft Corporation) C:\Windows\SysWOW64\Query.dll
2013-01-15 20:30 - 2010-11-20 04:21 - 01175040 ____A (Microsoft Corporation) C:\Windows\SysWOW64\WsmSvc.dll
2013-01-15 20:30 - 2010-11-20 04:21 - 01128448 ____A (Microsoft Corporation) C:\Windows\SysWOW64\vssapi.dll
2013-01-15 20:30 - 2010-11-20 04:21 - 01115136 ____A (Microsoft Corporation) C:\Windows\SysWOW64\RacEngn.dll
2013-01-15 20:30 - 2010-11-20 04:21 - 01010688 ____A (Microsoft Corporation) C:\Windows\SysWOW64\WindowsCodecs.dll
2013-01-15 20:30 - 2010-11-20 04:21 - 00646144 ____A (Microsoft Corporation) C:\Windows\SysWOW64\SearchFolder.dll
2013-01-15 20:30 - 2010-11-20 04:21 - 00597504 ____A (Microsoft Corporation) C:\Windows\SysWOW64\TSWorkspace.dll
2013-01-15 20:30 - 2010-11-20 04:21 - 00505856 ____A (Microsoft Corporation) C:\Windows\SysWOW64\taskschd.dll
2013-01-15 20:30 - 2010-11-20 04:21 - 00423936 ____A (Microsoft Corporation) C:\Windows\SysWOW64\secproc_isv.dll
2013-01-15 20:30 - 2010-11-20 04:21 - 00381440 ____A (Microsoft Corporation) C:\Windows\SysWOW64\wer.dll
2013-01-15 20:30 - 2010-11-20 04:21 - 00351232 ____A (Microsoft Corporation) C:\Windows\SysWOW64\winhttp.dll
2013-01-15 20:30 - 2010-11-20 04:21 - 00350208 ____A (Microsoft Corporation) C:\Windows\SysWOW64\shlwapi.dll
2013-01-15 20:30 - 2010-11-20 04:21 - 00270848 ____A (Microsoft Corporation) C:\Windows\SysWOW64\tsmf.dll
2013-01-15 20:30 - 2010-11-20 04:21 - 00269824 ____A (Microsoft Corporation) C:\Windows\SysWOW64\Wldap32.dll
2013-01-15 20:30 - 2010-11-20 04:21 - 00206848 ____A (Microsoft Corporation) C:\Windows\SysWOW64\upnp.dll
2013-01-15 20:30 - 2010-11-20 04:21 - 00204800 ____A (Microsoft Corporation) C:\Windows\SysWOW64\WebClnt.dll
2013-01-15 20:30 - 2010-11-20 04:21 - 00140800 ____A (Microsoft Corporation) C:\Windows\SysWOW64\rdpendp.dll
2013-01-15 20:30 - 2010-11-20 04:21 - 00113664 ____A (Microsoft Corporation) C:\Windows\SysWOW64\SessEnv.dll
2013-01-15 20:30 - 2010-11-20 04:21 - 00081920 ____A (Microsoft Corporation) C:\Windows\SysWOW64\userenv.dll
2013-01-15 20:30 - 2010-11-20 04:20 - 01414144 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ole32.dll
2013-01-15 20:30 - 2010-11-20 04:20 - 00988160 ____A (Microsoft Corporation) C:\Windows\SysWOW64\propsys.dll
2013-01-15 20:30 - 2010-11-20 04:20 - 00573440 ____A (Microsoft Corporation) C:\Windows\SysWOW64\odbc32.dll
2013-01-15 20:30 - 2010-11-20 04:20 - 00563712 ____A (Microsoft Corporation) C:\Windows\SysWOW64\netlogon.dll
2013-01-15 20:30 - 2010-11-20 04:20 - 00547840 ____A (Microsoft Corporation) C:\Windows\SysWOW64\PortableDeviceApi.dll
2013-01-15 20:30 - 2010-11-20 04:20 - 00428032 ____A (Microsoft Corporation) C:\Windows\SysWOW64\secproc.dll
2013-01-15 20:30 - 2010-11-20 04:20 - 00406528 ____A (Microsoft Corporation) C:\Windows\SysWOW64\netcfgx.dll
2013-01-15 20:30 - 2010-11-20 04:19 - 03207680 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mf.dll
2013-01-15 20:30 - 2010-11-20 04:19 - 02291712 ____A (Microsoft Corporation) C:\Windows\SysWOW64\MSVidCtl.dll
2013-01-15 20:30 - 2010-11-20 04:19 - 02151936 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mmcndmgr.dll
2013-01-15 20:30 - 2010-11-20 04:19 - 01493504 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ExplorerFrame.dll
2013-01-15 20:30 - 2010-11-20 04:19 - 00954752 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mfc40.dll
2013-01-15 20:30 - 2010-11-20 04:19 - 00954288 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mfc40u.dll
2013-01-15 20:30 - 2010-11-20 04:19 - 00732160 ____A (Microsoft Corporation) C:\Windows\SysWOW64\imapi2fs.dll
2013-01-15 20:30 - 2010-11-20 04:19 - 00584192 ____A (Microsoft Corporation) C:\Windows\SysWOW64\gpprefcl.dll
2013-01-15 20:30 - 2010-11-20 04:19 - 00341504 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msdrm.dll
2013-01-15 20:30 - 2010-11-20 04:19 - 00296448 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mfds.dll
2013-01-15 20:30 - 2010-11-20 04:19 - 00257024 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2013-01-15 20:30 - 2010-11-20 04:19 - 00206336 ____A (Microsoft Corporation) C:\Windows\SysWOW64\framedynos.dll
2013-01-15 20:30 - 2010-11-20 04:18 - 02522624 ____A (Microsoft Corporation) C:\Windows\SysWOW64\dbgeng.dll
2013-01-15 20:30 - 2010-11-20 04:18 - 01828352 ____A (Microsoft Corporation) C:\Windows\SysWOW64\d3d9.dll
2013-01-15 20:30 - 2010-11-20 04:18 - 01792000 ____A (Microsoft Corporation) C:\Windows\SysWOW64\authui.dll
2013-01-15 20:30 - 2010-11-20 04:18 - 01555456 ____A (Microsoft Corporation) C:\Windows\SysWOW64\certmgr.dll
2013-01-15 20:30 - 2010-11-20 04:18 - 01371136 ____A (Microsoft Corporation) C:\Windows\SysWOW64\dwmcore.dll
2013-01-15 20:30 - 2010-11-20 04:18 - 01334272 ____A (Microsoft Corporation) C:\Windows\SysWOW64\CertEnroll.dll
2013-01-15 20:30 - 2010-11-20 04:18 - 01171456 ____A (Microsoft Corporation) C:\Windows\SysWOW64\d3d10warp.dll
2013-01-15 20:30 - 2010-11-20 04:18 - 00762880 ____A (Microsoft Corporation) C:\Windows\SysWOW64\azroles.dll
2013-01-15 20:30 - 2010-11-20 04:18 - 00640512 ____A (Microsoft Corporation) C:\Windows\SysWOW64\advapi32.dll
2013-01-15 20:30 - 2010-11-20 04:18 - 00522752 ____A (Microsoft Corporation) C:\Windows\SysWOW64\d3d11.dll
2013-01-15 20:30 - 2010-11-20 04:18 - 00485888 ____A (Microsoft Corporation) C:\Windows\SysWOW64\comdlg32.dll
2013-01-15 20:30 - 2010-11-20 04:18 - 00342016 ____A (Microsoft Corporation) C:\Windows\SysWOW64\certcli.dll
2013-01-15 20:30 - 2010-11-20 04:18 - 00339968 ____A (Microsoft Corporation) C:\Windows\SysWOW64\appmgr.dll
2013-01-15 20:30 - 2010-11-20 04:18 - 00323072 ____A (Microsoft Corporation) C:\Windows\SysWOW64\drvstore.dll
2013-01-15 20:30 - 2010-11-20 04:18 - 00295936 ____A (Microsoft Corporation) C:\Windows\SysWOW64\apphelp.dll
2013-01-15 20:30 - 2010-11-20 04:18 - 00252928 ____A (Microsoft) C:\Windows\SysWOW64\DShowRdpFilter.dll
2013-01-15 20:30 - 2010-11-20 04:18 - 00091136 ____A (Microsoft Corporation) C:\Windows\SysWOW64\dot3api.dll
2013-01-15 20:30 - 2010-11-20 04:17 - 00327168 ____A (Microsoft Corporation) C:\Windows\SysWOW64\RMActivate_isv.exe
2013-01-15 20:30 - 2010-11-20 04:17 - 00322048 ____A (Microsoft Corporation) C:\Windows\SysWOW64\RMActivate.exe
2013-01-15 20:30 - 2010-11-20 04:17 - 00302592 ____A (Microsoft Corporation) C:\Windows\SysWOW64\cmd.exe
2013-01-15 20:30 - 2010-11-20 04:17 - 00220672 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mcbuilder.exe
2013-01-15 20:30 - 2010-11-20 04:17 - 00051200 ____A (Microsoft Corporation) C:\Windows\SysWOW64\PushPrinterConnections.exe
2013-01-15 20:30 - 2010-11-20 04:08 - 00833024 ____A (Microsoft Corporation) C:\Windows\SysWOW64\user32.dll
2013-01-15 20:30 - 2010-11-20 03:05 - 00274944 ____A (Microsoft Corporation) C:\Windows\System32\rdpdd.dll
2013-01-15 20:30 - 2010-11-20 02:44 - 00229888 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\1394ohci.sys
2013-01-15 20:30 - 2010-11-20 01:58 - 00244224 ____A (Microsoft Corporation) C:\Windows\System32\vmicsvc.exe
2013-01-15 20:30 - 2010-11-20 01:27 - 00514560 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\csc.sys
2013-01-15 20:30 - 2010-11-20 01:27 - 00309248 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\rdbss.sys
2013-01-15 20:30 - 2010-11-20 01:26 - 00328192 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\udfs.sys
2013-01-15 20:30 - 2010-11-20 01:25 - 00753664 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\http.sys
2013-01-15 20:30 - 2010-11-20 01:23 - 00261632 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\netbt.sys
2013-01-15 20:30 - 2010-11-20 01:21 - 00119296 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\tdx.sys
2013-01-15 20:30 - 2010-11-04 18:20 - 00347904 ____A C:\Windows\System32\systemsf.ebd
2013-01-15 20:30 - 2010-11-04 17:58 - 01130824 ____A (Microsoft Corporation) C:\Windows\SysWOW64\dfshim.dll
2013-01-15 20:30 - 2010-11-04 17:58 - 00297808 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mscoree.dll
2013-01-15 20:30 - 2010-11-04 17:58 - 00049488 ____A (Microsoft Corporation) C:\Windows\SysWOW64\netfxperf.dll
2013-01-15 20:30 - 2010-11-04 17:57 - 01942856 ____A (Microsoft Corporation) C:\Windows\System32\dfshim.dll
2013-01-15 20:30 - 2010-11-04 17:57 - 00444752 ____A (Microsoft Corporation) C:\Windows\System32\mscoree.dll
2013-01-15 20:30 - 2010-11-04 17:57 - 00048976 ____A (Microsoft Corporation) C:\Windows\System32\netfxperf.dll
2013-01-15 20:30 - 2010-11-04 17:53 - 00320352 ____A (Microsoft Corporation) C:\Windows\System32\PresentationHost.exe
2013-01-15 20:30 - 2010-11-04 17:53 - 00295264 ____A (Microsoft Corporation) C:\Windows\SysWOW64\PresentationHost.exe
2013-01-15 20:30 - 2010-11-04 17:53 - 00109928 ____A (Microsoft Corporation) C:\Windows\System32\PresentationHostProxy.dll
2013-01-15 20:30 - 2010-11-04 17:53 - 00099176 ____A (Microsoft Corporation) C:\Windows\SysWOW64\PresentationHostProxy.dll
2013-01-15 20:30 - 2009-07-13 17:16 - 00629760 ____A (Microsoft Corporation) C:\Windows\SysWOW64\pmcsnap.dll
2013-01-15 20:30 - 2009-07-13 17:16 - 00238080 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ppcsnap.dll
2013-01-15 20:30 - 2009-07-13 17:16 - 00061440 ____A (Microsoft Corporation) C:\Windows\SysWOW64\tcpmonui.dll
2013-01-15 20:29 - 2013-01-16 12:40 - 00056072 ____A (COMODO CA Limited) C:\Windows\System32\certsentry.dll
2013-01-15 20:29 - 2013-01-16 12:40 - 00047368 ____A (COMODO CA Limited) C:\Windows\SysWOW64\certsentry.dll
2013-01-15 20:29 - 2013-01-15 20:30 - 00000000 ____D C:\Users\All Users\COMODO
2013-01-15 20:29 - 2013-01-15 20:29 - 00000000 ____D C:\Users\GigabitPony\AppData\Local\Comodo
2013-01-15 20:29 - 2010-11-20 05:44 - 01077248 ____A (Microsoft Corporation) C:\Windows\System32\Narrator.exe
2013-01-15 20:29 - 2010-11-20 05:44 - 00133632 ____A (Microsoft Corporation) C:\Windows\System32\NAPHLPR.DLL
2013-01-15 20:29 - 2010-11-20 05:44 - 00050176 ____A (Microsoft Corporation) C:\Windows\System32\NAPCRYPT.DLL
2013-01-15 20:29 - 2010-11-20 05:34 - 00363392 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\volmgrx.sys
2013-01-15 20:29 - 2010-11-20 05:34 - 00071552 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\volmgr.sys
2013-01-15 20:29 - 2010-11-20 05:34 - 00046464 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\vmstorfl.sys
2013-01-15 20:29 - 2010-11-20 05:34 - 00034688 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\storvsc.sys
2013-01-15 20:29 - 2010-11-20 05:33 - 00263040 ____A (Microsoft Corporation) C:\Windows\System32\hal.dll
2013-01-15 20:29 - 2010-11-20 05:33 - 00213888 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\rdyboost.sys
2013-01-15 20:29 - 2010-11-20 05:33 - 00184704 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\pci.sys
2013-01-15 20:29 - 2010-11-20 05:33 - 00171392 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\scsiport.sys
2013-01-15 20:29 - 2010-11-20 05:33 - 00155008 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\mpio.sys
2013-01-15 20:29 - 2010-11-20 05:33 - 00140672 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\msdsm.sys
2013-01-15 20:29 - 2010-11-20 05:33 - 00103808 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\sbp2port.sys
2013-01-15 20:29 - 2010-11-20 05:33 - 00094592 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\mountmgr.sys
2013-01-15 20:29 - 2010-11-20 05:33 - 00078720 ____A (Hewlett-Packard Company) C:\Windows\System32\Drivers\HpSAMD.sys
2013-01-15 20:29 - 2010-11-20 05:33 - 00063360 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\termdd.sys
2013-01-15 20:29 - 2010-11-20 05:33 - 00052096 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\winhv.sys
2013-01-15 20:29 - 2010-11-20 05:33 - 00031104 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\msahci.sys
2013-01-15 20:29 - 2010-11-20 05:33 - 00014720 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\hwpolicy.sys
2013-01-15 20:29 - 2010-11-20 05:32 - 02217856 ____A (Microsoft Corporation) C:\Windows\System32\bootres.dll
2013-01-15 20:29 - 2010-11-20 05:32 - 00334208 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\acpi.sys
2013-01-15 20:29 - 2010-11-20 05:32 - 00179072 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\Classpnp.sys
2013-01-15 20:29 - 2010-11-20 05:32 - 00155520 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\ataport.sys
2013-01-15 20:29 - 2010-11-20 05:32 - 00112000 ____A (Microsoft Corporation) C:\Windows\System32\consent.exe
2013-01-15 20:29 - 2010-11-20 05:28 - 00780008 ____A (Microsoft Corporation) C:\Windows\System32\ci.dll
2013-01-15 20:29 - 2010-11-20 05:28 - 00223248 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\fvevol.sys
2013-01-15 20:29 - 2010-11-20 05:28 - 00166784 ____A (Microsoft Corporation) C:\Windows\System32\basecsp.dll
2013-01-15 20:29 - 2010-11-20 05:27 - 02851840 ____A (Microsoft Corporation) C:\Windows\System32\themeui.dll
2013-01-15 20:29 - 2010-11-20 05:27 - 02250752 ____A (Microsoft Corporation) C:\Windows\System32\SensorsCpl.dll
2013-01-15 20:29 - 2010-11-20 05:27 - 02193920 ____A (Microsoft Corporation) C:\Windows\System32\themecpl.dll
2013-01-15 20:29 - 2010-11-20 05:27 - 02146816 ____A (Microsoft Corporation) C:\Windows\System32\networkmap.dll
2013-01-15 20:29 - 2010-11-20 05:27 - 01911808 ____A (Microsoft Corporation) C:\Windows\System32\OpcServices.dll
2013-01-15 20:29 - 2010-11-20 05:27 - 01689600 ____A (Microsoft Corporation) C:\Windows\System32\netcenter.dll
2013-01-15 20:29 - 2010-11-20 05:27 - 01672704 ____A (Microsoft Corporation) C:\Windows\System32\networkexplorer.dll
2013-01-15 20:29 - 2010-11-20 05:27 - 01389056 ____A (Microsoft Corporation) C:\Windows\System32\pla.dll
2013-01-15 20:29 - 2010-11-20 05:27 - 01363968 ____A (Microsoft Corporation) C:\Windows\System32\wdc.dll
2013-01-15 20:29 - 2010-11-20 05:27 - 01232896 ____A (Microsoft Corporation) C:\Windows\System32\WMADMOD.DLL
2013-01-15 20:29 - 2010-11-20 05:27 - 01160192 ____A (Microsoft Corporation) C:\Windows\System32\MSMPEG2ENC.DLL
2013-01-15 20:29 - 2010-11-20 05:27 - 01120768 ____A (Microsoft Corporation) C:\Windows\System32\sdengin2.dll
2013-01-15 20:29 - 2010-11-20 05:27 - 01080320 ____A (Microsoft Corporation) C:\Windows\System32\onexui.dll
2013-01-15 20:29 - 2010-11-20 05:27 - 00978944 ____A (Microsoft Corporation) C:\Windows\System32\WMSPDMOD.DLL
2013-01-15 20:29 - 2010-11-20 05:27 - 00933376 ____A (Microsoft Corporation) C:\Windows\System32\SmiEngine.dll
2013-01-15 20:29 - 2010-11-20 05:27 - 00898560 ____A (Microsoft Corporation) C:\Windows\System32\OobeFldr.dll
2013-01-15 20:29 - 2010-11-20 05:27 - 00812032 ____A (Microsoft Corporation) C:\Windows\System32\wpccpl.dll
2013-01-15 20:29 - 2010-11-20 05:27 - 00799744 ____A (Microsoft Corporation) C:\Windows\System32\msftedit.dll
2013-01-15 20:29 - 2010-11-20 05:27 - 00781312 ____A (Microsoft Corporation) C:\Windows\System32\wmdrmsdk.dll
2013-01-15 20:29 - 2010-11-20 05:27 - 00769536 ____A (Microsoft Corporation) C:\Windows\System32\sud.dll
2013-01-15 20:29 - 2010-11-20 05:27 - 00762368 ____A (Microsoft Corporation) C:\Windows\System32\sdcpl.dll
2013-01-15 20:29 - 2010-11-20 05:27 - 00691200 ____A (Microsoft Corporation) C:\Windows\System32\VAN.dll
2013-01-15 20:29 - 2010-11-20 05:27 - 00666112 ____A (Microsoft Corporation) C:\Windows\System32\WMVSDECD.DLL
2013-01-15 20:29 - 2010-11-20 05:27 - 00658432 ____A (Microsoft Corporation) C:\Windows\System32\PerfCenterCPL.dll
2013-01-15 20:29 - 2010-11-20 05:27 - 00641024 ____A (Microsoft Corporation) C:\Windows\System32\msscp.dll
2013-01-15 20:29 - 2010-11-20 05:27 - 00636416 ____A (Microsoft Corporation) C:\Windows\System32\wmdrmdev.dll
2013-01-15 20:29 - 2010-11-20 05:27 - 00633344 ____A (Microsoft Corporation) C:\Windows\System32\riched20.dll
2013-01-15 20:29 - 2010-11-20 05:27 - 00625664 ____A (Microsoft Corporation) C:\Windows\System32\usercpl.dll
2013-01-15 20:29 - 2010-11-20 05:27 - 00625664 ____A (Microsoft Corporation) C:\Windows\System32\mscms.dll
2013-01-15 20:29 - 2010-11-20 05:27 - 00624128 ____A (Microsoft Corporation) C:\Windows\System32\qedit.dll
2013-01-15 20:29 - 2010-11-20 05:27 - 00611840 ____A (Microsoft Corporation) C:\Windows\System32\wpd_ci.dll
2013-01-15 20:29 - 2010-11-20 05:27 - 00594432 ____A (Microsoft Corporation) C:\Windows\System32\wvc.dll
2013-01-15 20:29 - 2010-11-20 05:27 - 00580096 ____A (Microsoft Corporation) C:\Windows\System32\wiaservc.dll
2013-01-15 20:29 - 2010-11-20 05:27 - 00568832 ____A (Microsoft Corporation) C:\Windows\System32\scrptadm.dll
2013-01-15 20:29 - 2010-11-20 05:27 - 00552960 ____A (Microsoft Corporation) C:\Windows\System32\msdri.dll
2013-01-15 20:29 - 2010-11-20 05:27 - 00527872 ____A (Microsoft Corporation) C:\Windows\System32\wmdrmnet.dll
2013-01-15 20:29 - 2010-11-20 05:27 - 00486400 ____A (Microsoft Corporation) C:\Windows\System32\powercpl.dll
2013-01-15 20:29 - 2010-11-20 05:27 - 00483840 ____A (Microsoft Corporation) C:\Windows\System32\StructuredQuery.dll
2013-01-15 20:29 - 2010-11-20 05:27 - 00475136 ____A (Microsoft Corporation) C:\Windows\System32\wlangpui.dll
2013-01-15 20:29 - 2010-11-20 05:27 - 00462336 ____A (Microsoft Corporation) C:\Windows\System32\wiadefui.dll
2013-01-15 20:29 - 2010-11-20 05:27 - 00455168 ____A (Microsoft Corporation) C:\Windows\System32\nshipsec.dll
2013-01-15 20:29 - 2010-11-20 05:27 - 00451072 ____A (Microsoft Corporation) C:\Windows\System32\shwebsvc.dll
2013-01-15 20:29 - 2010-11-20 05:27 - 00446976 ____A (Microsoft Corporation) C:\Windows\System32\sqlcese30.dll
2013-01-15 20:29 - 2010-11-20 05:27 - 00445952 ____A (Microsoft Corporation) C:\Windows\System32\spwizeng.dll
2013-01-15 20:29 - 2010-11-20 05:27 - 00435712 ____A (Microsoft Corporation) C:\Windows\System32\PortableDeviceStatus.dll
2013-01-15 20:29 - 2010-11-20 05:27 - 00431104 ____A (Microsoft Corporation) C:\Windows\System32\WPDSp.dll
2013-01-15 20:29 - 2010-11-20 05:27 - 00429568 ____A (Microsoft Corporation) C:\Windows\System32\puiobj.dll
2013-01-15 20:29 - 2010-11-20 05:27 - 00424448 ____A (Microsoft Corporation) C:\Windows\System32\rastls.dll
2013-01-15 20:29 - 2010-11-20 05:27 - 00421888 ____A (Microsoft Corporation) C:\Windows\System32\termmgr.dll
2013-01-15 20:29 - 2010-11-20 05:27 - 00419840 ____A (Microsoft Corporation) C:\Windows\System32\systemcpl.dll
2013-01-15 20:29 - 2010-11-20 05:27 - 00418816 ____A (Microsoft Corporation) C:\Windows\System32\sppwinob.dll
2013-01-15 20:29 - 2010-11-20 05:27 - 00416256 ____A (Microsoft Corporation) C:\Windows\System32\prnfldr.dll
2013-01-15 20:29 - 2010-11-20 05:27 - 00414720 ____A (Microsoft Corporation) C:\Windows\System32\wlanmsm.dll
2013-01-15 20:29 - 2010-11-20 05:27 - 00414208 ____A (Microsoft Corporation) C:\Windows\System32\wlanui.dll
2013-01-15 20:29 - 2010-11-20 05:27 - 00406016 ____A (Microsoft Corporation) C:\Windows\System32\scesrv.dll
2013-01-15 20:29 - 2010-11-20 05:27 - 00403968 ____A (Microsoft Corporation) C:\Windows\System32\untfs.dll
2013-01-15 20:29 - 2010-11-20 05:27 - 00392192 ____A (Microsoft Corporation) C:\Windows\System32\WMPhoto.dll
2013-01-15 20:29 - 2010-11-20 05:27 - 00372736 ____A (Microsoft Corporation) C:\Windows\System32\mtxclu.dll
2013-01-15 20:29 - 2010-11-20 05:27 - 00367104 ____A (Microsoft Corporation) C:\Windows\System32\wcncsvc.dll
2013-01-15 20:29 - 2010-11-20 05:27 - 00366080 ____A (Microsoft Corporation) C:\Windows\System32\zipfldr.dll
2013-01-15 20:29 - 2010-11-20 05:27 - 00358400 ____A (Microsoft Corporation) C:\Windows\System32\wmpdxm.dll
2013-01-15 20:29 - 2010-11-20 05:27 - 00357888 ____A (Microsoft Corporation) C:\Windows\System32\sharemediacpl.dll
2013-01-15 20:29 - 2010-11-20 05:27 - 00344576 ____A (Microsoft Corporation) C:\Windows\System32\ntprint.dll
2013-01-15 20:29 - 2010-11-20 05:27 - 00344064 ____A (Microsoft Corporation) C:\Windows\System32\rasmans.dll
2013-01-15 20:29 - 2010-11-20 05:27 - 00340992 ____A (Microsoft Corporation) C:\Windows\System32\srchadmin.dll
2013-01-15 20:29 - 2010-11-20 05:27 - 00337920 ____A (Microsoft Corporation) C:\Windows\System32\raschap.dll
2013-01-15 20:29 - 2010-11-20 05:27 - 00335360 ____A (Microsoft Corporation) C:\Windows\System32\msieftp.dll
2013-01-15 20:29 - 2010-11-20 05:27 - 00325632 ____A (Microsoft Corporation) C:\Windows\System32\msnetobj.dll
2013-01-15 20:29 - 2010-11-20 05:27 - 00316928 ____A (Microsoft Corporation) C:\Windows\System32\tapisrv.dll
2013-01-15 20:29 - 2010-11-20 05:27 - 00313856 ____A (Microsoft Corporation) C:\Windows\System32\ReAgent.dll
2013-01-15 20:29 - 2010-11-20 05:27 - 00300032 ____A (Microsoft Corporation) C:\Windows\System32\pdh.dll
2013-01-15 20:29 - 2010-11-20 05:27 - 00270848 ____A (Microsoft Corporation) C:\Windows\System32\srrstr.dll
2013-01-15 20:29 - 2010-11-20 05:27 - 00268288 ____A (Microsoft Corporation) C:\Windows\System32\MSAC3ENC.DLL
2013-01-15 20:29 - 2010-11-20 05:27 - 00264192 ____A (Microsoft Corporation) C:\Windows\System32\upnp.dll
2013-01-15 20:29 - 2010-11-20 05:27 - 00255488 ____A (Microsoft Corporation) C:\Windows\System32\wavemsp.dll
2013-01-15 20:29 - 2010-11-20 05:27 - 00254464 ____A (Microsoft Corporation) C:\Windows\System32\qasf.dll
2013-01-15 20:29 - 2010-11-20 05:27 - 00250880 ____A (Microsoft Corporation) C:\Windows\System32\qdv.dll
2013-01-15 20:29 - 2010-11-20 05:27 - 00243712 ____A (Microsoft Corporation) C:\Windows\System32\taskbarcpl.dll
2013-01-15 20:29 - 2010-11-20 05:27 - 00238080 ____A (Microsoft Corporation) C:\Windows\System32\mstask.dll
2013-01-15 20:29 - 2010-11-20 05:27 - 00235520 ____A (Microsoft Corporation) C:\Windows\System32\onex.dll
2013-01-15 20:29 - 2010-11-20 05:27 - 00232960 ____A (Microsoft Corporation) C:\Windows\System32\scecli.dll
2013-01-15 20:29 - 2010-11-20 05:27 - 00232448 ____A (Microsoft Corporation) C:\Windows\System32\sppcomapi.dll
2013-01-15 20:29 - 2010-11-20 05:27 - 00229888 ____A (Microsoft Corporation) C:\Windows\System32\XpsRasterService.dll
2013-01-15 20:29 - 2010-11-20 05:27 - 00225280 ____A (Microsoft Corporation) C:\Windows\System32\SndVolSSO.dll
2013-01-15 20:29 - 2010-11-20 05:27 - 00224256 ____A (Microsoft Corporation) C:\Windows\System32\PortableDeviceSyncProvider.dll
2013-01-15 20:29 - 2010-11-20 05:27 - 00223232 ____A (Microsoft Corporation) C:\Windows\System32\wmpsrcwp.dll
2013-01-15 20:29 - 2010-11-20 05:27 - 00222720 ____A (Microsoft Corporation) C:\Windows\System32\wwanconn.dll
2013-01-15 20:29 - 2010-11-20 05:27 - 00222208 ____A (Microsoft Corporation) C:\Windows\System32\rdpencom.dll
2013-01-15 20:29 - 2010-11-20 05:27 - 00221696 ____A (Microsoft Corporation) C:\Windows\System32\OnLineIDCpl.dll
2013-01-15 20:29 - 2010-11-20 05:27 - 00217600 ____A (Microsoft Corporation) C:\Windows\System32\WinSCard.dll
2013-01-15 20:29 - 2010-11-20 05:27 - 00215552 ____A (Microsoft Corporation) C:\Windows\System32\netiohlp.dll
2013-01-15 20:29 - 2010-11-20 05:27 - 00215040 ____A (Microsoft Corporation) C:\Windows\System32\wpdwcn.dll
2013-01-15 20:29 - 2010-11-20 05:27 - 00211456 ____A (Microsoft Corporation) C:\Windows\System32\rasppp.dll
2013-01-15 20:29 - 2010-11-20 05:27 - 00207360 ____A (Microsoft Corporation) C:\Windows\System32\sysclass.dll
2013-01-15 20:29 - 2010-11-20 05:27 - 00200192 ____A (Microsoft Corporation) C:\Windows\System32\syncui.dll
2013-01-15 20:29 - 2010-11-20 05:27 - 00196608 ____A (Microsoft Corporation) C:\Windows\System32\shdocvw.dll
2013-01-15 20:29 - 2010-11-20 05:27 - 00193024 ____A (Microsoft Corporation) C:\Windows\System32\netplwiz.dll
2013-01-15 20:29 - 2010-11-20 05:27 - 00190976 ____A (Microsoft Corporation) C:\Windows\System32\vdsbas.dll
2013-01-15 20:29 - 2010-11-20 05:27 - 00189952 ____A (Microsoft Corporation) C:\Windows\System32\SmartcardCredentialProvider.dll
2013-01-15 20:29 - 2010-11-20 05:27 - 00188928 ____A (Microsoft Corporation) C:\Windows\System32\netjoin.dll
2013-01-15 20:29 - 2010-11-20 05:27 - 00187904 ____A (Microsoft Corporation) C:\Windows\System32\rpchttp.dll
2013-01-15 20:29 - 2010-11-20 05:27 - 00187904 ____A (Microsoft Corporation) C:\Windows\System32\provsvc.dll
2013-01-15 20:29 - 2010-11-20 05:27 - 00185856 ____A (Microsoft Corporation) C:\Windows\System32\vdsutil.dll
2013-01-15 20:29 - 2010-11-20 05:27 - 00181248 ____A (Microsoft Corporation) C:\Windows\System32\qcap.dll
2013-01-15 20:29 - 2010-11-20 05:27 - 00172544 ____A (Microsoft Corporation) C:\Windows\System32\twext.dll
2013-01-15 20:29 - 2010-11-20 05:27 - 00170496 ____A (Microsoft Corporation) C:\Windows\System32\sdrsvc.dll
2013-01-15 20:29 - 2010-11-20 05:27 - 00161792 ____A (Microsoft Corporation) C:\Windows\System32\ocsetapi.dll
2013-01-15 20:29 - 2010-11-20 05:27 - 00156160 ____A (Microsoft Corporation) C:\Windows\System32\prntvpt.dll
2013-01-15 20:29 - 2010-11-20 05:27 - 00154624 ____A (Microsoft Corporation) C:\Windows\System32\uxlib.dll
2013-01-15 20:29 - 2010-11-20 05:27 - 00153088 ____A (Microsoft Corporation) C:\Windows\System32\remotepg.dll
2013-01-15 20:29 - 2010-11-20 05:27 - 00148992 ____A (Microsoft Corporation) C:\Windows\System32\t2embed.dll
2013-01-15 20:29 - 2010-11-20 05:27 - 00146944 ____A (Microsoft Corporation) C:\Windows\System32\recovery.dll
2013-01-15 20:29 - 2010-11-20 05:27 - 00145920 ____A (Microsoft Corporation) C:\Windows\System32\sppc.dll
2013-01-15 20:29 - 2010-11-20 05:27 - 00143360 ____A (Microsoft Corporation) C:\Windows\System32\mydocs.dll
2013-01-15 20:29 - 2010-11-20 05:27 - 00135168 ____A (Microsoft Corporation) C:\Windows\System32\shacct.dll
2013-01-15 20:29 - 2010-11-20 05:27 - 00132608 ____A (Microsoft Corporation) C:\Windows\System32\wmpshell.dll
2013-01-15 20:29 - 2010-11-20 05:27 - 00130048 ____A (Microsoft Corporation) C:\Windows\System32\shsetup.dll
2013-01-15 20:29 - 2010-11-20 05:27 - 00129536 ____A (Microsoft Corporation) C:\Windows\System32\ntlanman.dll
2013-01-15 20:29 - 2010-11-20 05:27 - 00128000 ____A (Microsoft Corporation) C:\Windows\System32\srvcli.dll
2013-01-15 20:29 - 2010-11-20 05:27 - 00124928 ____A (Microsoft Corporation) C:\Windows\System32\wiavideo.dll
2013-01-15 20:29 - 2010-11-20 05:27 - 00124416 ____A (Microsoft Corporation) C:\Windows\System32\QSVRMGMT.DLL
2013-01-15 20:29 - 2010-11-20 05:27 - 00121856 ____A (Microsoft Corporation) C:\Windows\System32\secproc_ssp_isv.dll
2013-01-15 20:29 - 2010-11-20 05:27 - 00121856 ____A (Microsoft Corporation) C:\Windows\System32\secproc_ssp.dll
2013-01-15 20:29 - 2010-11-20 05:27 - 00118784 ____A (Microsoft Corporation) C:\Windows\System32\wkssvc.dll
2013-01-15 20:29 - 2010-11-20 05:27 - 00117248 ____A (Microsoft Corporation) C:\Windows\System32\wpdbusenum.dll
2013-01-15 20:29 - 2010-11-20 05:27 - 00115200 ____A (Microsoft Corporation) C:\Windows\System32\WPDShServiceObj.dll
2013-01-15 20:29 - 2010-11-20 05:27 - 00112640 ____A (Microsoft Corporation) C:\Windows\System32\thumbcache.dll
2013-01-15 20:29 - 2010-11-20 05:27 - 00107520 ____A (Microsoft Corporation) C:\Windows\System32\QUTIL.DLL
2013-01-15 20:29 - 2010-11-20 05:27 - 00102400 ____A (Microsoft Corporation) C:\Windows\System32\sppnp.dll
2013-01-15 20:29 - 2010-11-20 05:27 - 00095232 ____A (Microsoft Corporation) C:\Windows\System32\regapi.dll
2013-01-15 20:29 - 2010-11-20 05:27 - 00092672 ____A (Microsoft Corporation) C:\Windows\System32\TabSvc.dll
2013-01-15 20:29 - 2010-11-20 05:27 - 00090112 ____A (Microsoft Corporation) C:\Windows\System32\nci.dll
2013-01-15 20:29 - 2010-11-20 05:27 - 00086016 ____A (Microsoft Corporation) C:\Windows\System32\TSpkg.dll
2013-01-15 20:29 - 2010-11-20 05:27 - 00084480 ____A (Microsoft Corporation) C:\Windows\System32\UserAccountControlSettings.dll
2013-01-15 20:29 - 2010-11-20 05:27 - 00079872 ____A (Microsoft Corporation) C:\Windows\System32\QCLIPROV.DLL
2013-01-15 20:29 - 2010-11-20 05:27 - 00078848 ____A (Microsoft Corporation) C:\Windows\System32\spbcd.dll
2013-01-15 20:29 - 2010-11-20 05:27 - 00073728 ____A (Microsoft Corporation) C:\Windows\System32\tlscsp.dll
2013-01-15 20:29 - 2010-11-20 05:27 - 00073216 ____A (Microsoft Corporation) C:\Windows\System32\unimdmat.dll
2013-01-15 20:29 - 2010-11-20 05:27 - 00072192 ____A (Microsoft Corporation) C:\Windows\System32\napdsnap.dll
2013-01-15 20:29 - 2010-11-20 05:27 - 00071680 ____A (Microsoft Corporation) C:\Windows\System32\wkscli.dll
2013-01-15 20:29 - 2010-11-20 05:27 - 00068096 ____A (Microsoft Corporation) C:\Windows\System32\vfwwdm32.dll
2013-01-15 20:29 - 2010-11-20 05:27 - 00068096 ____A (Microsoft Corporation) C:\Windows\System32\rdpd3d.dll
2013-01-15 20:29 - 2010-11-20 05:27 - 00067584 ____A (Microsoft Corporation) C:\Windows\System32\samcli.dll
2013-01-15 20:29 - 2010-11-20 05:27 - 00067072 ____A (Microsoft Corporation) C:\Windows\System32\wsnmp32.dll
2013-01-15 20:29 - 2010-11-20 05:27 - 00066048 ____A (Microsoft Corporation) C:\Windows\System32\ncryptui.dll
2013-01-15 20:29 - 2010-11-20 05:27 - 00065536 ____A (Microsoft Corporation) C:\Windows\System32\RpcRtRemote.dll
2013-01-15 20:29 - 2010-11-20 05:27 - 00063488 ____A (Microsoft Corporation) C:\Windows\System32\wscapi.dll
2013-01-15 20:29 - 2010-11-20 05:27 - 00061952 ____A (Microsoft Corporation) C:\Windows\System32\WavDest.dll
2013-01-15 20:29 - 2010-11-20 05:27 - 00061952 ____A (Microsoft Corporation) C:\Windows\System32\vss_ps.dll
2013-01-15 20:29 - 2010-11-20 05:27 - 00059904 ____A (Microsoft Corporation) C:\Windows\System32\umb.dll
2013-01-15 20:29 - 2010-11-20 05:27 - 00053248 ____A (Microsoft Corporation) C:\Windows\System32\odbcconf.dll
2013-01-15 20:29 - 2010-11-20 05:27 - 00052224 ____A (Microsoft Corporation) C:\Windows\System32\rtutils.dll
2013-01-15 20:29 - 2010-11-20 05:27 - 00048640 ____A (Microsoft Corporation) C:\Windows\System32\wwanprotdim.dll
2013-01-15 20:29 - 2010-11-20 05:27 - 00048128 ____A (Microsoft Corporation) C:\Windows\System32\PrintIsolationProxy.dll
2013-01-15 20:29 - 2010-11-20 05:27 - 00047104 ____A (Microsoft Corporation) C:\Windows\System32\wshbth.dll
2013-01-15 20:29 - 2010-11-20 05:27 - 00046592 ____A (Microsoft Corporation) C:\Windows\System32\msasn1.dll
2013-01-15 20:29 - 2010-11-20 05:27 - 00038912 ____A (Microsoft Corporation) C:\Windows\System32\vpnikeapi.dll
2013-01-15 20:29 - 2010-11-20 05:27 - 00038912 ____A (Microsoft Corporation) C:\Windows\System32\msvidc32.dll
2013-01-15 20:29 - 2010-11-20 05:27 - 00037376 ____A (Microsoft Corporation) C:\Windows\System32\shimgvw.dll
2013-01-15 20:29 - 2010-11-20 05:27 - 00036352 ____A (Microsoft Corporation) C:\Windows\System32\wdiasqmmodule.dll
2013-01-15 20:29 - 2010-11-20 05:27 - 00035840 ____A (Microsoft Corporation) C:\Windows\System32\msdmo.dll
2013-01-15 20:29 - 2010-11-20 05:27 - 00030720 ____A (Microsoft Corporation) C:\Windows\System32\seclogon.dll
2013-01-15 20:29 - 2010-11-20 05:27 - 00029184 ____A (Microsoft Corporation) C:\Windows\System32\netutils.dll
2013-01-15 20:29 - 2010-11-20 05:27 - 00028160 ____A (Microsoft Corporation) C:\Windows\System32\shgina.dll
2013-01-15 20:29 - 2010-11-20 05:27 - 00026112 ____A (Microsoft Corporation) C:\Windows\System32\wsdchngr.dll
2013-01-15 20:29 - 2010-11-20 05:27 - 00025600 ____A (Microsoft Corporation) C:\Windows\System32\msyuv.dll
2013-01-15 20:29 - 2010-11-20 05:27 - 00024064 ____A (Microsoft Corporation) C:\Windows\System32\sisbkup.dll
2013-01-15 20:29 - 2010-11-20 05:27 - 00024064 ____A (Microsoft Corporation) C:\Windows\System32\schedcli.dll
2013-01-15 20:29 - 2010-11-20 05:27 - 00023040 ____A (Microsoft Corporation) C:\Windows\System32\rdprefdrvapi.dll
2013-01-15 20:29 - 2010-11-20 05:27 - 00021504 ____A (Microsoft Corporation) C:\Windows\System32\TRAPI.dll
2013-01-15 20:29 - 2010-11-20 05:27 - 00018944 ____A (Microsoft Corporation) C:\Windows\System32\spopk.dll
2013-01-15 20:29 - 2010-11-20 05:27 - 00017408 ____A (Microsoft Corporation) C:\Windows\System32\syssetup.dll
2013-01-15 20:29 - 2010-11-20 05:27 - 00016896 ____A (Microsoft Corporation) C:\Windows\System32\muifontsetup.dll
2013-01-15 20:29 - 2010-11-20 05:27 - 00016384 ____A (Microsoft Corporation) C:\Windows\System32\msrle32.dll
2013-01-15 20:29 - 2010-11-20 05:27 - 00015360 ____A (Microsoft Corporation) C:\Windows\System32\slwga.dll
2013-01-15 20:29 - 2010-11-20 05:27 - 00015360 ____A (Microsoft Corporation) C:\Windows\System32\nrpsrv.dll
2013-01-15 20:29 - 2010-11-20 05:27 - 00014848 ____A (Microsoft Corporation) C:\Windows\System32\tsbyuv.dll
2013-01-15 20:29 - 2010-11-20 05:27 - 00013824 ____A (Microsoft Corporation) C:\Windows\System32\wshirda.dll
2013-01-15 20:29 - 2010-11-20 05:27 - 00013312 ____A (Microsoft Corporation) C:\Windows\System32\sscore.dll
2013-01-15 20:29 - 2010-11-20 05:27 - 00011264 ____A (Microsoft Corporation) C:\Windows\System32\shunimpl.dll
2013-01-15 20:29 - 2010-11-20 05:27 - 00010752 ____A (Microsoft Corporation) C:\Windows\System32\riched32.dll
2013-01-15 20:29 - 2010-11-20 05:27 - 00010240 ____A (Microsoft Corporation) C:\Windows\System32\rdpcfgex.dll
2013-01-15 20:29 - 2010-11-20 05:27 - 00009728 ____A (Microsoft Corporation) C:\Windows\System32\spwmp.dll
2013-01-15 20:29 - 2010-11-20 05:27 - 00005120 ____A (Microsoft Corporation) C:\Windows\System32\msdxm.ocx
2013-01-15 20:29 - 2010-11-20 05:27 - 00005120 ____A (Microsoft Corporation) C:\Windows\System32\dxmasf.dll
2013-01-15 20:29 - 2010-11-20 05:26 - 01457664 ____A (Microsoft Corporation) C:\Windows\System32\DxpTaskSync.dll
2013-01-15 20:29 - 2010-11-20 05:26 - 01202176 ____A (Microsoft Corporation) C:\Windows\System32\DiagCpl.dll
2013-01-15 20:29 - 2010-11-20 05:26 - 01087488 ____A (Microsoft Corporation) C:\Windows\System32\dbghelp.dll
2013-01-15 20:29 - 2010-11-20 05:26 - 01066496 ____A (Microsoft Corporation) C:\Windows\System32\Display.dll
2013-01-15 20:29 - 2010-11-20 05:26 - 00934912 ____A (Microsoft Corporation) C:\Windows\System32\FirewallControlPanel.dll
2013-01-15 20:29 - 2010-11-20 05:26 - 00861184 ____A (Microsoft Corporation) C:\Windows\System32\fontext.dll
2013-01-15 20:29 - 2010-11-20 05:26 - 00701440 ____A (Microsoft Corporation) C:\Windows\System32\dsuiext.dll
2013-01-15 20:29 - 2010-11-20 05:26 - 00675328 ____A (Microsoft Corporation) C:\Windows\System32\DXPTaskRingtone.dll
2013-01-15 20:29 - 2010-11-20 05:26 - 00623104 ____A (Microsoft Corporation) C:\Windows\System32\FXSAPI.dll
2013-01-15 20:29 - 2010-11-20 05:26 - 00508928 ____A (Microsoft Corporation) C:\Windows\System32\DeviceCenter.dll
2013-01-15 20:29 - 2010-11-20 05:26 - 00495104 ____A (Microsoft Corporation) C:\Windows\System32\drmmgrtn.dll
2013-01-15 20:29 - 2010-11-20 05:26 - 00459776 ____A (Microsoft Corporation) C:\Windows\System32\DXP.dll
2013-01-15 20:29 - 2010-11-20 05:26 - 00434688 ____A (Microsoft Corporation) C:\Windows\System32\FXSTIFF.dll
2013-01-15 20:29 - 2010-11-20 05:26 - 00399872 ____A (Microsoft Corporation) C:\Windows\System32\dpx.dll
2013-01-15 20:29 - 2010-11-20 05:26 - 00355328 ____A (Microsoft Corporation) C:\Windows\System32\Faultrep.dll
2013-01-15 20:29 - 2010-11-20 05:26 - 00348160 ____A (Microsoft Corporation) C:\Windows\System32\eapp3hst.dll
2013-01-15 20:29 - 2010-11-20 05:26 - 00345600 ____A (Microsoft Corporation) C:\Windows\System32\MediaMetadataHandler.dll
2013-01-15 20:29 - 2010-11-20 05:26 - 00332288 ____A (Microsoft Corporation) C:\Windows\System32\hgcpl.dll
2013-01-15 20:29 - 2010-11-20 05:26 - 00313344 ____A (Microsoft Corporation) C:\Windows\System32\dot3ui.dll
2013-01-15 20:29 - 2010-11-20 05:26 - 00304128 ____A (Microsoft Corporation) C:\Windows\System32\efscore.dll
2013-01-15 20:29 - 2010-11-20 05:26 - 00303616 ____A (Microsoft Corporation) C:\Windows\System32\eapphost.dll
2013-01-15 20:29 - 2010-11-20 05:26 - 00282624 ____A (Microsoft Corporation) C:\Windows\System32\iTVData.dll
2013-01-15 20:29 - 2010-11-20 05:26 - 00281088 ____A (Microsoft Corporation) C:\Windows\System32\iprtrmgr.dll
2013-01-15 20:29 - 2010-11-20 05:26 - 00279552 ____A (Microsoft Corporation) C:\Windows\System32\dxdiagn.dll
2013-01-15 20:29 - 2010-11-20 05:26 - 00252416 ____A (Microsoft Corporation) C:\Windows\System32\dot3svc.dll
2013-01-15 20:29 - 2010-11-20 05:26 - 00240640 ____A (Microsoft Corporation) C:\Windows\System32\MFPlay.dll
2013-01-15 20:29 - 2010-11-20 05:26 - 00239616 ____A (Microsoft Corporation) C:\Windows\System32\dskquoui.dll
2013-01-15 20:29 - 2010-11-20 05:26 - 00233984 ____A (Microsoft Corporation) C:\Windows\System32\defaultlocationcpl.dll
2013-01-15 20:29 - 2010-11-20 05:26 - 00232448 ____A (Microsoft Corporation) C:\Windows\System32\ListSvc.dll
2013-01-15 20:29 - 2010-11-20 05:26 - 00225280 ____A (Microsoft Corporation) C:\Windows\System32\DevicePairingFolder.dll
2013-01-15 20:29 - 2010-11-20 05:26 - 00221184 ____A (Microsoft Corporation) C:\Windows\System32\mprapi.dll
2013-01-15 20:29 - 2010-11-20 05:26 - 00217088 ____A (Microsoft Corporation) C:\Windows\System32\iasrad.dll
2013-01-15 20:29 - 2010-11-20 05:26 - 00211456 ____A (Microsoft Corporation) C:\Windows\System32\mprddm.dll
2013-01-15 20:29 - 2010-11-20 05:26 - 00206848 ____A (Microsoft Corporation) C:\Windows\System32\mfps.dll
2013-01-15 20:29 - 2010-11-20 05:26 - 00198656 ____A (Microsoft Corporation) C:\Windows\System32\iasrecst.dll
2013-01-15 20:29 - 2010-11-20 05:26 - 00194048 ____A (Microsoft Corporation) C:\Windows\System32\itircl.dll
2013-01-15 20:29 - 2010-11-20 05:26 - 00186880 ____A (Microsoft Corporation) C:\Windows\System32\logoncli.dll
2013-01-15 20:29 - 2010-11-20 05:26 - 00180736 ____A (Microsoft Corporation) C:\Windows\System32\ifsutil.dll
2013-01-15 20:29 - 2010-11-20 05:26 - 00162816 ____A (Microsoft Corporation) C:\Windows\System32\dps.dll
2013-01-15 20:29 - 2010-11-20 05:26 - 00145920 ____A (Microsoft Corporation) C:\Windows\System32\IPHLPAPI.DLL
2013-01-15 20:29 - 2010-11-20 05:26 - 00144896 ____A (Microsoft Corporation) C:\Windows\System32\EhStorAPI.dll
2013-01-15 20:29 - 2010-11-20 05:26 - 00128512 ____A (Microsoft Corporation) C:\Windows\System32\dwmredir.dll
2013-01-15 20:29 - 2010-11-20 05:26 - 00121344 ____A (Microsoft Corporation) C:\Windows\System32\fphc.dll
2013-01-15 20:29 - 2010-11-20 05:26 - 00118272 ____A (Microsoft Corporation) C:\Windows\System32\dnscmmc.dll
2013-01-15 20:29 - 2010-11-20 05:26 - 00116224 ____A (Windows ® Codename Longhorn DDK provider) C:\Windows\System32\fms.dll
2013-01-15 20:29 - 2010-11-20 05:26 - 00103936 ____A (Microsoft Corporation) C:\Windows\System32\eappgnui.dll
2013-01-15 20:29 - 2010-11-20 05:26 - 00103936 ____A (Microsoft Corporation) C:\Windows\System32\dot3msm.dll
2013-01-15 20:29 - 2010-11-20 05:26 - 00100864 ____A (Microsoft Corporation) C:\Windows\System32\iasacct.dll
2013-01-15 20:29 - 2010-11-20 05:26 - 00091648 ____A (Microsoft Corporation) C:\Windows\System32\mapistub.dll
2013-01-15 20:29 - 2010-11-20 05:26 - 00091648 ____A (Microsoft Corporation) C:\Windows\System32\mapi32.dll
2013-01-15 20:29 - 2010-11-20 05:26 - 00090624 ____A (Microsoft Corporation) C:\Windows\System32\KMSVC.DLL
2013-01-15 20:29 - 2010-11-20 05:26 - 00084992 ____A (Microsoft Corporation) C:\Windows\System32\Mcx2Svc.dll
2013-01-15 20:29 - 2010-11-20 05:26 - 00078848 ____A (Microsoft Corporation) C:\Windows\System32\hbaapi.dll
2013-01-15 20:29 - 2010-11-20 05:26 - 00074240 ____A (Microsoft Corporation) C:\Windows\System32\fdProxy.dll
2013-01-15 20:29 - 2010-11-20 05:26 - 00072192 ____A (Microsoft Corporation) C:\Windows\System32\fdeploy.dll
2013-01-15 20:29 - 2010-11-20 05:26 - 00069120 ____A (Microsoft Corporation) C:\Windows\System32\dot3cfg.dll
2013-01-15 20:29 - 2010-11-20 05:26 - 00065536 ____A (Microsoft Corporation) C:\Windows\System32\inetmib1.dll
2013-01-15 20:29 - 2010-11-20 05:26 - 00054272 ____A (Microsoft Corporation) C:\Windows\System32\iyuv_32.dll
2013-01-15 20:29 - 2010-11-20 05:26 - 00050176 ____A (Microsoft Corporation) C:\Windows\System32\lsmproxy.dll
2013-01-15 20:29 - 2010-11-20 05:26 - 00048640 ____A (Microsoft Corporation) C:\Windows\System32\luainstall.dll
2013-01-15 20:29 - 2010-11-20 05:26 - 00045056 ____A (Microsoft Corporation) C:\Windows\System32\httpapi.dll
2013-01-15 20:29 - 2010-11-20 05:26 - 00041984 ____A (Microsoft Corporation) C:\Windows\System32\FXSMON.dll
2013-01-15 20:29 - 2010-11-20 05:26 - 00041472 ____A (Microsoft Corporation) C:\Windows\System32\mimefilt.dll
2013-01-15 20:29 - 2010-11-20 05:26 - 00041472 ____A (Microsoft Corporation) C:\Windows\System32\mciqtz32.dll
2013-01-15 20:29 - 2010-11-20 05:26 - 00037376 ____A (Microsoft Corporation) C:\Windows\System32\iscsium.dll
2013-01-15 20:29 - 2010-11-20 05:26 - 00036864 ____A (Microsoft Corporation) C:\Windows\System32\dsauth.dll
2013-01-15 20:29 - 2010-11-20 05:26 - 00027136 ____A (Microsoft Corporation) C:\Windows\System32\HotStartUserAgent.dll
2013-01-15 20:29 - 2010-11-20 05:26 - 00025600 ____A (Microsoft Corporation) C:\Windows\System32\elsTrans.dll
2013-01-15 20:29 - 2010-11-20 05:25 - 03745792 ____A (Microsoft Corporation) C:\Windows\System32\accessibilitycpl.dll
2013-01-15 20:29 - 2010-11-20 05:25 - 03524608 ____A (Microsoft Corporation) C:\Windows\System32\sppsvc.exe
2013-01-15 20:29 - 2010-11-20 05:25 - 01264640 ____A (Microsoft Corporation) C:\Windows\System32\sdclt.exe
2013-01-15 20:29 - 2010-11-20 05:25 - 01065984 ____A (Microsoft Corporation) C:\Windows\System32\cryptui.dll
2013-01-15 20:29 - 2010-11-20 05:25 - 00840192 ____A (Microsoft Corporation) C:\Windows\System32\blackbox.dll
2013-01-15 20:29 - 2010-11-20 05:25 - 00780800 ____A (Microsoft Corporation) C:\Windows\System32\ActionCenter.dll
2013-01-15 20:29 - 2010-11-20 05:25 - 00749568 ____A (Microsoft Corporation) C:\Windows\System32\batmeter.dll
2013-01-15 20:29 - 2010-11-20 05:25 - 00726528 ____A (Microsoft Corporation) C:\Windows\System32\AuxiliaryDisplayCpl.dll
2013-01-15 20:29 - 2010-11-20 05:25 - 00633856 ____A (Microsoft Corporation) C:\Windows\System32\comctl32.dll
2013-01-15 20:29 - 2010-11-20 05:25 - 00577024 ____A (Microsoft Corporation) C:\Windows\System32\AdmTmpl.dll
2013-01-15 20:29 - 2010-11-20 05:25 - 00549888 ____A (Microsoft Corporation) C:\Windows\System32\ActionCenterCPL.dll
2013-01-15 20:29 - 2010-11-20 05:25 - 00533504 ____A (Microsoft Corporation) C:\Windows\System32\vds.exe
2013-01-15 20:29 - 2010-11-20 05:25 - 00472064 ____A (Microsoft Corporation) C:\Windows\System32\azroleui.dll
2013-01-15 20:29 - 2010-11-20 05:25 - 00460800 ____A (Microsoft Corporation) C:\Windows\System32\certcli.dll
2013-01-15 20:29 - 2010-11-20 05:25 - 00405504 ____A (Microsoft Corporation) C:\Windows\System32\wisptis.exe
2013-01-15 20:29 - 2010-11-20 05:25 - 00395776 ____A (Microsoft Corporation) C:\Windows\System32\nltest.exe
2013-01-15 20:29 - 2010-11-20 05:25 - 00349696 ____A (Microsoft Corporation) C:\Windows\System32\slui.exe
2013-01-15 20:29 - 2010-11-20 05:25 - 00314368 ____A (Microsoft Corporation) C:\Windows\System32\clusapi.dll
2013-01-15 20:29 - 2010-11-20 05:25 - 00307200 ____A (Microsoft Corporation) C:\Windows\System32\wusa.exe
2013-01-15 20:29 - 2010-11-20 05:25 - 00306688 ____A (Microsoft Corporation) C:\Windows\System32\RMActivate_ssp.exe
2013-01-15 20:29 - 2010-11-20 05:25 - 00305152 ____A (Microsoft Corporation) C:\Windows\System32\RMActivate_ssp_isv.exe
2013-01-15 20:29 - 2010-11-20 05:25 - 00294912 ____A (Microsoft Corporation) C:\Windows\System32\WindowsAnytimeUpgradeResults.exe
2013-01-15 20:29 - 2010-11-20 05:25 - 00293888 ____A (Microsoft Corporation) C:\Windows\System32\wsqmcons.exe
2013-01-15 20:29 - 2010-11-20 05:25 - 00279040 ____A (Microsoft Corporation) C:\Windows\System32\sethc.exe
2013-01-15 20:29 - 2010-11-20 05:25 - 00273920 ____A (Microsoft Corporation) C:\Windows\System32\SndVol.exe
2013-01-15 20:29 - 2010-11-20 05:25 - 00257024 ____A (Microsoft Corporation) C:\Windows\System32\taskmgr.exe
2013-01-15 20:29 - 2010-11-20 05:25 - 00238080 ____A (Microsoft Corporation) C:\Windows\System32\recdisc.exe
2013-01-15 20:29 - 2010-11-20 05:25 - 00213504 ____A (Microsoft Corporation) C:\Windows\System32\ActionQueue.dll
2013-01-15 20:29 - 2010-11-20 05:25 - 00199168 ____A (Microsoft Corporation) C:\Windows\System32\PkgMgr.exe
2013-01-15 20:29 - 2010-11-20 05:25 - 00186368 ____A (Microsoft Corporation) C:\Windows\System32\ocsetup.exe
2013-01-15 20:29 - 2010-11-20 05:25 - 00176640 ____A (Microsoft Corporation) C:\Windows\System32\PresentationSettings.exe
2013-01-15 20:29 - 2010-11-20 05:25 - 00172544 ____A (Microsoft Corporation) C:\Windows\System32\perfmon.exe
2013-01-15 20:29 - 2010-11-20 05:25 - 00168448 ____A (Microsoft Corporation) C:\Windows\System32\bcdsrv.dll
2013-01-15 20:29 - 2010-11-20 05:25 - 00155136 ____A (Microsoft Corporation) C:\Windows\System32\autoplay.dll
2013-01-15 20:29 - 2010-11-20 05:25 - 00152064 ____A (Microsoft Corporation) C:\Windows\System32\net1.exe
2013-01-15 20:29 - 2010-11-20 05:25 - 00139264 ____A (Microsoft Corporation) C:\Windows\System32\cabview.dll
2013-01-15 20:29 - 2010-11-20 05:25 - 00137216 ____A (Microsoft Corporation) C:\Windows\System32\CscMig.dll
2013-01-15 20:29 - 2010-11-20 05:25 - 00135680 ____A (Microsoft Corporation) C:\Windows\System32\AuxiliaryDisplayServices.dll
2013-01-15 20:29 - 2010-11-20 05:25 - 00128000 ____A (Microsoft) C:\Windows\System32\Robocopy.exe
2013-01-15 20:29 - 2010-11-20 05:25 - 00114688 ____A (Microsoft Corporation) C:\Windows\System32\AxInstSv.dll
2013-01-15 20:29 - 2010-11-20 05:25 - 00109568 ____A (Microsoft Corporation) C:\Windows\System32\nslookup.exe
2013-01-15 20:29 - 2010-11-20 05:25 - 00095232 ____A (Microsoft Corporation) C:\Windows\System32\cca.dll
2013-01-15 20:29 - 2010-11-20 05:25 - 00094720 ____A (Microsoft Corporation) C:\Windows\System32\cabinet.dll
2013-01-15 20:29 - 2010-11-20 05:25 - 00089088 ____A (Microsoft Corporation) C:\Windows\System32\amstream.dll
2013-01-15 20:29 - 2010-11-20 05:25 - 00088576 ____A (Microsoft Corporation) C:\Windows\System32\setupcl.exe
2013-01-15 20:29 - 2010-11-20 05:25 - 00084992 ____A (Microsoft Corporation) C:\Windows\System32\asycfilt.dll
2013-01-15 20:29 - 2010-11-20 05:25 - 00080384 ____A (Microsoft Corporation) C:\Windows\System32\certprop.dll
2013-01-15 20:29 - 2010-11-20 05:25 - 00078848 ____A (Microsoft Corporation) C:\Windows\System32\tabcal.exe
2013-01-15 20:29 - 2010-11-20 05:25 - 00071680 ____A (Microsoft Corporation) C:\Windows\System32\CertPolEng.dll
2013-01-15 20:29 - 2010-11-20 05:25 - 00070656 ____A (Microsoft Corporation) C:\Windows\System32\appinfo.dll
2013-01-15 20:29 - 2010-11-20 05:25 - 00063488 ____A (Microsoft Corporation) C:\Windows\System32\takeown.exe
2013-01-15 20:29 - 2010-11-20 05:25 - 00062976 ____A (Microsoft Corporation) C:\Windows\System32\PnPUnattend.exe
2013-01-15 20:29 - 2010-11-20 05:25 - 00058368 ____A (Microsoft Corporation) C:\Windows\System32\tzutil.exe
2013-01-15 20:29 - 2010-11-20 05:25 - 00056832 ____A (Microsoft Corporation) C:\Windows\System32\runonce.exe
2013-01-15 20:29 - 2010-11-20 05:25 - 00053248 ____A (Microsoft Corporation) C:\Windows\System32\acppage.dll
2013-01-15 20:29 - 2010-11-20 05:25 - 00051712 ____A (Microsoft Corporation) C:\Windows\System32\repair-bde.exe
2013-01-15 20:29 - 2010-11-20 05:25 - 00051712 ____A (Microsoft Corporation) C:\Windows\System32\MultiDigiMon.exe
2013-01-15 20:29 - 2010-11-20 05:25 - 00046080 ____A (Microsoft Corporation) C:\Windows\System32\cscapi.dll
2013-01-15 20:29 - 2010-11-20 05:25 - 00043008 ____A (Microsoft Corporation) C:\Windows\System32\relog.exe
2013-01-15 20:29 - 2010-11-20 05:25 - 00031744 ____A (Microsoft Corporation) C:\Windows\System32\proquota.exe
2013-01-15 20:29 - 2010-11-20 05:25 - 00031744 ____A (Microsoft Corporation) C:\Windows\System32\AzSqlExt.dll
2013-01-15 20:29 - 2010-11-20 05:25 - 00030720 ____A (Microsoft Corporation) C:\Windows\System32\userinit.exe
2013-01-15 20:29 - 2010-11-20 05:25 - 00030208 ____A (Microsoft Corporation) C:\Windows\System32\cscdll.dll
2013-01-15 20:29 - 2010-11-20 05:25 - 00026624 ____A (Microsoft Corporation) C:\Windows\System32\qprocess.exe
2013-01-15 20:29 - 2010-11-20 05:25 - 00026112 ____A (Microsoft Corporation) C:\Windows\System32\WerFaultSecure.exe
2013-01-15 20:29 - 2010-11-20 05:25 - 00024576 ____A (Microsoft Corporation) C:\Windows\System32\bitsperf.dll
2013-01-15 20:29 - 2010-11-20 05:25 - 00023552 ____A (Microsoft Corporation) C:\Windows\System32\tskill.exe
2013-01-15 20:29 - 2010-11-20 05:25 - 00023040 ____A (Microsoft Corporation) C:\Windows\System32\qappsrv.exe
2013-01-15 20:29 - 2010-11-20 05:25 - 00022528 ____A (Microsoft Corporation) C:\Windows\System32\tscon.exe
2013-01-15 20:29 - 2010-11-20 05:25 - 00022016 ____A (Microsoft Corporation) C:\Windows\System32\tsdiscon.exe
2013-01-15 20:29 - 2010-11-20 05:25 - 00022016 ____A (Microsoft Corporation) C:\Windows\System32\credssp.dll
2013-01-15 20:29 - 2010-11-20 05:25 - 00021504 ____A (Microsoft Corporation) C:\Windows\System32\shadow.exe
2013-01-15 20:29 - 2010-11-20 05:25 - 00021504 ____A (Microsoft Corporation) C:\Windows\System32\rwinsta.exe
2013-01-15 20:29 - 2010-11-20 05:25 - 00016896 ____A (Microsoft Corporation) C:\Windows\System32\reset.exe
2013-01-15 20:29 - 2010-11-20 05:25 - 00016384 ____A (Microsoft Corporation) C:\Windows\System32\query.exe
2013-01-15 20:29 - 2010-11-20 05:25 - 00014848 ____A (Microsoft Corporation) C:\Windows\System32\BWUnpairElevated.dll
2013-01-15 20:29 - 2010-11-20 05:25 - 00014336 ____A (Microsoft Corporation) C:\Windows\System32\browseui.dll
2013-01-15 20:29 - 2010-11-20 05:25 - 00013312 ____A (Microsoft Corporation) C:\Windows\System32\C_ISCII.DLL
2013-01-15 20:29 - 2010-11-20 05:24 - 00957440 ____A (Microsoft Corporation) C:\Windows\System32\mblctr.exe
2013-01-15 20:29 - 2010-11-20 05:24 - 00899584 ____A (Microsoft Corporation) C:\Windows\System32\Bubbles.scr
2013-01-15 20:29 - 2010-11-20 05:24 - 00850944 ____A (Microsoft Corporation) C:\Windows\System32\mmsys.cpl
2013-01-15 20:29 - 2010-11-20 05:24 - 00793088 ____A (Microsoft Corporation) C:\Windows\System32\autoconv.exe
2013-01-15 20:29 - 2010-11-20 05:24 - 00777728 ____A (Microsoft Corporation) C:\Windows\System32\autochk.exe
2013-01-15 20:29 - 2010-11-20 05:24 - 00763904 ____A (Microsoft Corporation) C:\Windows\System32\autofmt.exe
2013-01-15 20:29 - 2010-11-20 05:24 - 00726528 ____A (Microsoft Corporation) C:\Windows\System32\appwiz.cpl
2013-01-15 20:29 - 2010-11-20 05:24 - 00721408 ____A (Microsoft Corporation) C:\Windows\System32\bthprops.cpl
2013-01-15 20:29 - 2010-11-20 05:24 - 00684032 ____A (Microsoft Corporation) C:\Windows\System32\TabletPC.cpl
2013-01-15 20:29 - 2010-11-20 05:24 - 00606208 ____A (Microsoft Corporation) C:\Windows\System32\dfrgui.exe
2013-01-15 20:29 - 2010-11-20 05:24 - 00497664 ____A (Microsoft Corporation) C:\Windows\System32\main.cpl
2013-01-15 20:29 - 2010-11-20 05:24 - 00477696 ____A (Microsoft Corporation) C:\Windows\System32\PhotoScreensaver.scr
2013-01-15 20:29 - 2010-11-20 05:24 - 00474112 ____A (Microsoft Corporation) C:\Windows\System32\sysmon.ocx
2013-01-15 20:29 - 2010-11-20 05:24 - 00442368 ____A (Microsoft Corporation) C:\Windows\System32\winspool.drv
2013-01-15 20:29 - 2010-11-20 05:24 - 00373248 ____A (Microsoft Corporation) C:\Windows\System32\intl.cpl
2013-01-15 20:29 - 2010-11-20 05:24 - 00363520 ____A (Microsoft Corporation) C:\Windows\System32\diskraid.exe
2013-01-15 20:29 - 2010-11-20 05:24 - 00359936 ____A (Microsoft Corporation) C:\Windows\System32\eudcedit.exe
2013-01-15 20:29 - 2010-11-20 05:24 - 00352768 ____A (Microsoft Corporation) C:\Windows\System32\sysdm.cpl
2013-01-15 20:29 - 2010-11-20 05:24 - 00346112 ____A (Microsoft Corporation) C:\Windows\System32\bcdedit.exe
2013-01-15 20:29 - 2010-11-20 05:24 - 00333824 ____A (Microsoft Corporation) C:\Windows\System32\ssText3d.scr
2013-01-15 20:29 - 2010-11-20 05:24 - 00321536 ____A (Microsoft Corporation) C:\Windows\System32\unimdm.tsp
2013-01-15 20:29 - 2010-11-20 05:24 - 00300032 ____A (Microsoft Corporation) C:\Windows\System32\msconfig.exe
2013-01-15 20:29 - 2010-11-20 05:24 - 00250880 ____A (Microsoft Corporation) C:\Windows\System32\ksproxy.ax
2013-01-15 20:29 - 2010-11-20 05:24 - 00242688 ____A (Microsoft Corporation) C:\Windows\System32\Mystify.scr
2013-01-15 20:29 - 2010-11-20 05:24 - 00241664 ____A (Microsoft Corporation) C:\Windows\System32\Ribbons.scr
2013-01-15 20:29 - 2010-11-20 05:24 - 00232448 ____A (Microsoft Corporation) C:\Windows\System32\bitsadmin.exe
2013-01-15 20:29 - 2010-11-20 05:24 - 00217088 ____A (Microsoft Corporation) C:\Windows\System32\wdmaud.drv
2013-01-15 20:29 - 2010-11-20 05:24 - 00196096 ____A (Microsoft Corporation) C:\Windows\System32\VBICodec.ax
2013-01-15 20:29 - 2010-11-20 05:24 - 00175616 ____A (Microsoft Corporation) C:\Windows\System32\bcdboot.exe
2013-01-15 20:29 - 2010-11-20 05:24 - 00173568 ____A (Microsoft Corporation) C:\Windows\System32\powercfg.cpl
2013-01-15 20:29 - 2010-11-20 05:24 - 00166400 ____A (Microsoft Corporation) C:\Windows\System32\diskpart.exe
2013-01-15 20:29 - 2010-11-20 05:24 - 00152064 ____A (Microsoft Corporation) C:\Windows\System32\iscsicli.exe
2013-01-15 20:29 - 2010-11-20 05:24 - 00146944 ____A (Microsoft Corporation) C:\Windows\System32\MdSched.exe
2013-01-15 20:29 - 2010-11-20 05:24 - 00133120 ____A (Microsoft Corporation) C:\Windows\System32\Kswdmcap.ax
2013-01-15 20:29 - 2010-11-20 05:24 - 00130048 ____A (Microsoft Corporation) C:\Windows\System32\desk.cpl
2013-01-15 20:29 - 2010-11-20 05:24 - 00128000 ____A (Microsoft Corporation) C:\Windows\System32\msiexec.exe
2013-01-15 20:29 - 2010-11-20 05:24 - 00126464 ____A (Microsoft Corporation) C:\Windows\System32\audiodg.exe
2013-01-15 20:29 - 2010-11-20 05:24 - 00122880 ____A (Microsoft Corporation) C:\Windows\System32\aitagent.exe
2013-01-15 20:29 - 2010-11-20 05:24 - 00104448 ____A (Microsoft Corporation) C:\Windows\System32\logman.exe
2013-01-15 20:29 - 2010-11-20 05:24 - 00102912 ____A (Microsoft Corporation) C:\Windows\System32\kstvtune.ax
2013-01-15 20:29 - 2010-11-20 05:24 - 00102400 ____A (Microsoft Corporation) C:\Windows\System32\mobsync.exe
2013-01-15 20:29 - 2010-11-20 05:24 - 00098304 ____A (Microsoft Corporation) C:\Windows\System32\WSTPager.ax
2013-01-15 20:29 - 2010-11-20 05:24 - 00092160 ____A (Microsoft Corporation) C:\Windows\System32\cmstp.exe
2013-01-15 20:29 - 2010-11-20 05:24 - 00091648 ____A (Microsoft Corporation) C:\Windows\System32\isoburn.exe
2013-01-15 20:29 - 2010-11-20 05:24 - 00079872 ____A (Microsoft Corporation) C:\Windows\System32\manage-bde.exe
2013-01-15 20:29 - 2010-11-20 05:24 - 00071168 ____A (Microsoft Corporation) C:\Windows\System32\findstr.exe
2013-01-15 20:29 - 2010-11-20 05:24 - 00071168 ____A (Microsoft Corporation) C:\Windows\bfsvc.exe
2013-01-15 20:29 - 2010-11-20 05:24 - 00066048 ____A (Microsoft Corporation) C:\Windows\System32\ksxbar.ax
2013-01-15 20:29 - 2010-11-20 05:24 - 00061440 ____A (Microsoft Corporation) C:\Windows\System32\djoin.exe
2013-01-15 20:29 - 2010-11-20 05:24 - 00057856 ____A (Microsoft Corporation) C:\Windows\System32\g711codc.ax
2013-01-15 20:29 - 2010-11-20 05:24 - 00048128 ____A (Microsoft Corporation) C:\Windows\System32\ftp.exe
2013-01-15 20:29 - 2010-11-20 05:24 - 00043520 ____A (Microsoft Corporation) C:\Windows\System32\vbisurf.ax
2013-01-15 20:29 - 2010-11-20 05:24 - 00036864 ____A (Microsoft Corporation) C:\Windows\System32\choice.exe
2013-01-15 20:29 - 2010-11-20 05:24 - 00027648 ____A (Microsoft Corporation) C:\Windows\System32\LogonUI.exe
2013-01-15 20:29 - 2010-11-20 05:24 - 00024064 ____A (Microsoft Corporation) C:\Windows\System32\chgport.exe
2013-01-15 20:29 - 2010-11-20 05:24 - 00022528 ____A (Microsoft Corporation) C:\Windows\System32\chglogon.exe
2013-01-15 20:29 - 2010-11-20 05:24 - 00021504 ____A (Microsoft Corporation) C:\Windows\System32\logoff.exe
2013-01-15 20:29 - 2010-11-20 05:24 - 00021504 ____A (Microsoft Corporation) C:\Windows\System32\chgusr.exe
2013-01-15 20:29 - 2010-11-20 05:24 - 00018432 ____A (Microsoft Corporation) C:\Windows\System32\FXSUNATD.exe
2013-01-15 20:29 - 2010-11-20 05:24 - 00017920 ____A (Microsoft Corporation) C:\Windows\System32\fixmapi.exe
2013-01-15 20:29 - 2010-11-20 05:24 - 00016896 ____A (Microsoft Corporation) C:\Windows\System32\change.exe
2013-01-15 20:29 - 2010-11-20 05:16 - 12625920 ____A (Microsoft Corporation) C:\Windows\System32\wmploc.DLL
2013-01-15 20:29 - 2010-11-20 05:15 - 01164800 ____A (Microsoft Corporation) C:\Windows\System32\UIRibbonRes.dll
2013-01-15 20:29 - 2010-11-20 05:14 - 00007680 ____A (Microsoft Corporation) C:\Windows\System32\spwizres.dll
2013-01-15 20:29 - 2010-11-20 05:13 - 00147456 ____A (Microsoft Corporation) C:\Windows\System32\RDPENCDD.dll
2013-01-15 20:29 - 2010-11-20 05:13 - 00069120 ____A (Microsoft Corporation) C:\Windows\System32\nlsbres.dll
2013-01-15 20:29 - 2010-11-20 05:12 - 00035328 ____A (Microsoft Corporation) C:\Windows\System32\pifmgr.dll
2013-01-15 20:29 - 2010-11-20 05:09 - 00053760 ____A (Microsoft Corporation) C:\Windows\System32\vmicres.dll
2013-01-15 20:29 - 2010-11-20 05:09 - 00044544 ____A (Microsoft Corporation) C:\Windows\System32\vmbusres.dll
2013-01-15 20:29 - 2010-11-20 05:09 - 00038400 ____A (Microsoft Corporation) C:\Windows\System32\vmstorfltres.dll
2013-01-15 20:29 - 2010-11-20 05:02 - 01148416 ____A (Microsoft Corporation) C:\Windows\System32\IMJP10.IME
2013-01-15 20:29 - 2010-11-20 05:02 - 00457216 ____A (Microsoft Corporation) C:\Windows\System32\imkr80.ime
2013-01-15 20:29 - 2010-11-20 05:02 - 00008192 ____A (Microsoft Corporation) C:\Windows\System32\KBDTUQ.DLL
2013-01-15 20:29 - 2010-11-20 05:02 - 00008192 ____A (Microsoft Corporation) C:\Windows\System32\KBDTUF.DLL
2013-01-15 20:29 - 2010-11-20 05:02 - 00008192 ____A (Microsoft Corporation) C:\Windows\System32\KBDSG.DLL
2013-01-15 20:29 - 2010-11-20 05:02 - 00008192 ____A (Microsoft Corporation) C:\Windows\System32\kbdlk41a.dll
2013-01-15 20:29 - 2010-11-20 05:02 - 00008192 ____A (Microsoft Corporation) C:\Windows\System32\KBDGKL.DLL
2013-01-15 20:29 - 2010-11-20 05:02 - 00008192 ____A (Microsoft Corporation) C:\Windows\System32\KBDCZ1.DLL
2013-01-15 20:29 - 2010-11-20 05:02 - 00007680 ____A (Microsoft Corporation) C:\Windows\System32\KBDSF.DLL
2013-01-15 20:29 - 2010-11-20 05:02 - 00007680 ____A (Microsoft Corporation) C:\Windows\System32\KBDPO.DLL
2013-01-15 20:29 - 2010-11-20 05:02 - 00007680 ____A (Microsoft Corporation) C:\Windows\System32\KBDNEPR.DLL
2013-01-15 20:29 - 2010-11-20 05:02 - 00007680 ____A (Microsoft Corporation) C:\Windows\System32\KBDINTAM.DLL
2013-01-15 20:29 - 2010-11-20 05:02 - 00007680 ____A (Microsoft Corporation) C:\Windows\System32\KBDINBEN.DLL
2013-01-15 20:29 - 2010-11-20 05:02 - 00007680 ____A (Microsoft Corporation) C:\Windows\System32\KBDGR1.DLL
2013-01-15 20:29 - 2010-11-20 05:02 - 00007168 ____A (Microsoft Corporation) C:\Windows\System32\KBDUS.DLL
2013-01-15 20:29 - 2010-11-20 05:02 - 00007168 ____A (Microsoft Corporation) C:\Windows\System32\KBDUGHR1.DLL
2013-01-15 20:29 - 2010-11-20 05:02 - 00007168 ____A (Microsoft Corporation) C:\Windows\System32\KBDTURME.DLL
2013-01-15 20:29 - 2010-11-20 05:02 - 00007168 ____A (Microsoft Corporation) C:\Windows\System32\KBDTAJIK.DLL
2013-01-15 20:29 - 2010-11-20 05:02 - 00007168 ____A (Microsoft Corporation) C:\Windows\System32\KBDMON.DLL
2013-01-15 20:29 - 2010-11-20 05:02 - 00007168 ____A (Microsoft Corporation) C:\Windows\System32\KBDMAORI.DLL
2013-01-15 20:29 - 2010-11-20 05:02 - 00007168 ____A (Microsoft Corporation) C:\Windows\System32\KBDLT1.DLL
2013-01-15 20:29 - 2010-11-20 05:02 - 00007168 ____A (Microsoft Corporation) C:\Windows\System32\KBDINTEL.DLL
2013-01-15 20:29 - 2010-11-20 05:02 - 00007168 ____A (Microsoft Corporation) C:\Windows\System32\KBDINORI.DLL
2013-01-15 20:29 - 2010-11-20 05:02 - 00007168 ____A (Microsoft Corporation) C:\Windows\System32\KBDINMAR.DLL
2013-01-15 20:29 - 2010-11-20 05:02 - 00007168 ____A (Microsoft Corporation) C:\Windows\System32\KBDINKAN.DLL
2013-01-15 20:29 - 2010-11-20 05:02 - 00007168 ____A (Microsoft Corporation) C:\Windows\System32\KBDINHIN.DLL
2013-01-15 20:29 - 2010-11-20 05:02 - 00007168 ____A (Microsoft Corporation) C:\Windows\System32\KBDBULG.DLL
2013-01-15 20:29 - 2010-11-20 05:02 - 00007168 ____A (Microsoft Corporation) C:\Windows\System32\KBDBLR.DLL
2013-01-15 20:29 - 2010-11-20 05:02 - 00007168 ____A (Microsoft Corporation) C:\Windows\System32\KBDBASH.DLL
2013-01-15 20:29 - 2010-11-20 05:02 - 00006656 ____A (Microsoft Corporation) C:\Windows\System32\KBDGEO.DLL
2013-01-15 20:29 - 2010-11-20 04:54 - 00052736 ____A (Microsoft Corporation) C:\Windows\System32\BlbEvents.dll
2013-01-15 20:29 - 2010-11-20 04:51 - 00003072 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-ums-l1-1-0.dll
2013-01-15 20:29 - 2010-11-20 04:36 - 00107008 ____A (Microsoft Corporation) C:\Windows\SysWOW64\NAPHLPR.DLL
2013-01-15 20:29 - 2010-11-20 04:36 - 00046080 ____A (Microsoft Corporation) C:\Windows\SysWOW64\NAPCRYPT.DLL
2013-01-15 20:29 - 2010-11-20 04:23 - 00144768 ____A (Microsoft Corporation) C:\Windows\SysWOW64\basecsp.dll
2013-01-15 20:29 - 2010-11-20 04:21 - 02983424 ____A (Microsoft Corporation) C:\Windows\SysWOW64\UIRibbon.dll
2013-01-15 20:29 - 2010-11-20 04:21 - 02755072 ____A (Microsoft Corporation) C:\Windows\SysWOW64\themeui.dll
2013-01-15 20:29 - 2010-11-20 04:21 - 02311168 ____A (Microsoft Corporation) C:\Windows\SysWOW64\wpdshext.dll
2013-01-15 20:29 - 2010-11-20 04:21 - 02202624 ____A (Microsoft Corporation) C:\Windows\SysWOW64\SensorsCpl.dll
2013-01-15 20:29 - 2010-11-20 04:21 - 02157568 ____A (Microsoft Corporation) C:\Windows\SysWOW64\themecpl.dll
2013-01-15 20:29 - 2010-11-20 04:21 - 02146304 ____A (Microsoft Corporation) C:\Windows\SysWOW64\SyncCenter.dll
2013-01-15 20:29 - 2010-11-20 04:21 - 01624064 ____A (Microsoft Corporation) C:\Windows\SysWOW64\WMPEncEn.dll
2013-01-15 20:29 - 2010-11-20 04:21 - 01326592 ____A (Microsoft Corporation) C:\Windows\SysWOW64\wlanpref.dll
2013-01-15 20:29 - 2010-11-20 04:21 - 01227776 ____A (Microsoft Corporation) C:\Windows\SysWOW64\wdc.dll
2013-01-15 20:29 - 2010-11-20 04:21 - 01003008 ____A (Microsoft Corporation) C:\Windows\SysWOW64\WMNetMgr.dll
2013-01-15 20:29 - 2010-11-20 04:21 - 00933376 ____A (Microsoft Corporation) C:\Windows\SysWOW64\Vault.dll
2013-01-15 20:29 - 2010-11-20 04:21 - 00902656 ____A (Microsoft Corporation) C:\Windows\SysWOW64\WMADMOD.DLL
2013-01-15 20:29 - 2010-11-20 04:21 - 00782336 ____A (Microsoft Corporation) C:\Windows\SysWOW64\webservices.dll
2013-01-15 20:29 - 2010-11-20 04:21 - 00778240 ____A (Microsoft Corporation) C:\Windows\SysWOW64\sqlsrv32.dll
2013-01-15 20:29 - 2010-11-20 04:21 - 00755200 ____A (Microsoft Corporation) C:\Windows\SysWOW64\sud.dll
2013-01-15 20:29 - 2010-11-20 04:21 - 00739328 ____A (Microsoft Corporation) C:\Windows\SysWOW64\WMSPDMOD.DLL
2013-01-15 20:29 - 2010-11-20 04:21 - 00738816 ____A (Microsoft Corporation) C:\Windows\SysWOW64\wmpmde.dll
2013-01-15 20:29 - 2010-11-20 04:21 - 00638976 ____A (Microsoft Corporation) C:\Windows\SysWOW64\VAN.dll
2013-01-15 20:29 - 2010-11-20 04:21 - 00616960 ____A (Microsoft Corporation) C:\Windows\SysWOW64\wmdrmsdk.dll
2013-01-15 20:29 - 2010-11-20 04:21 - 00600064 ____A (Microsoft Corporation) C:\Windows\SysWOW64\usercpl.dll
2013-01-15 20:29 - 2010-11-20 04:21 - 00560128 ____A (Microsoft Corporation) C:\Windows\SysWOW64\wuapi.dll
2013-01-15 20:29 - 2010-11-20 04:21 - 00541184 ____A (Microsoft Corporation) C:\Windows\SysWOW64\WMVSDECD.DLL
2013-01-15 20:29 - 2010-11-20 04:21 - 00507392 ____A (Microsoft Corporation) C:\Windows\SysWOW64\wmdrmdev.dll
2013-01-15 20:29 - 2010-11-20 04:21 - 00473600 ____A (Microsoft Corporation) C:\Windows\SysWOW64\riched20.dll
2013-01-15 20:29 - 2010-11-20 04:21 - 00464896 ____A (Microsoft Corporation) C:\Windows\SysWOW64\scrptadm.dll
2013-01-15 20:29 - 2010-11-20 04:21 - 00458752 ____A (Microsoft Corporation) C:\Windows\SysWOW64\WSDApi.dll
2013-01-15 20:29 - 2010-11-20 04:21 - 00444928 ____A (Microsoft Corporation) C:\Windows\SysWOW64\wvc.dll
2013-01-15 20:29 - 2010-11-20 04:21 - 00436736 ____A (Microsoft Corporation) C:\Windows\SysWOW64\wmdrmnet.dll
2013-01-15 20:29 - 2010-11-20 04:21 - 00428544 ____A (Microsoft Corporation) C:\Windows\SysWOW64\shwebsvc.dll
2013-01-15 20:29 - 2010-11-20 04:21 - 00428032 ____A (Microsoft Corporation) C:\Windows\SysWOW64\wlanmsm.dll
2013-01-15 20:29 - 2010-11-20 04:21 - 00416768 ____A (Microsoft Corporation) C:\Windows\SysWOW64\wiadefui.dll
2013-01-15 20:29 - 2010-11-20 04:21 - 00411648 ____A (Microsoft Corporation) C:\Windows\SysWOW64\wlangpui.dll
2013-01-15 20:29 - 2010-11-20 04:21 - 00410624 ____A (Microsoft Corporation) C:\Windows\SysWOW64\systemcpl.dll
2013-01-15 20:29 - 2010-11-20 04:21 - 00410112 ____A (Microsoft Corporation) C:\Windows\SysWOW64\wlanui.dll
2013-01-15 20:29 - 2010-11-20 04:21 - 00406528 ____A (Microsoft Corporation) C:\Windows\SysWOW64\wimgapi.dll
2013-01-15 20:29 - 2010-11-20 04:21 - 00380416 ____A (Microsoft Corporation) C:\Windows\SysWOW64\sxs.dll
2013-01-15 20:29 - 2010-11-20 04:21 - 00372224 ____A (Microsoft Corporation) C:\Windows\SysWOW64\rastls.dll
2013-01-15 20:29 - 2010-11-20 04:21 - 00363520 ____A (Microsoft Corporation) C:\Windows\SysWOW64\StructuredQuery.dll
2013-01-15 20:29 - 2010-11-20 04:21 - 00363008 ____A (Microsoft Corporation) C:\Windows\SysWOW64\wbemcomn.dll
2013-01-15 20:29 - 2010-11-20 04:21 - 00352768 ____A (Microsoft Corporation) C:\Windows\SysWOW64\termmgr.dll
2013-01-15 20:29 - 2010-11-20 04:21 - 00352768 ____A (Microsoft Corporation) C:\Windows\SysWOW64\spwizeng.dll
2013-01-15 20:29 - 2010-11-20 04:21 - 00352256 ____A (Microsoft Corporation) C:\Windows\SysWOW64\wmpeffects.dll
2013-01-15 20:29 - 2010-11-20 04:21 - 00350720 ____A (Microsoft Corporation) C:\Windows\SysWOW64\WPDSp.dll
2013-01-15 20:29 - 2010-11-20 04:21 - 00346624 ____A (Microsoft Corporation) C:\Windows\SysWOW64\untfs.dll
2013-01-15 20:29 - 2010-11-20 04:21 - 00335872 ____A (Microsoft Corporation) C:\Windows\SysWOW64\WinSATAPI.dll
2013-01-15 20:29 - 2010-11-20 04:21 - 00328192 ____A (Microsoft Corporation) C:\Windows\SysWOW64\shsvcs.dll
2013-01-15 20:29 - 2010-11-20 04:21 - 00327680 ____A (Microsoft Corporation) C:\Windows\SysWOW64\zipfldr.dll
2013-01-15 20:29 - 2010-11-20 04:21 - 00318976 ____A (Microsoft Corporation) C:\Windows\SysWOW64\raschap.dll
2013-01-15 20:29 - 2010-11-20 04:21 - 00318464 ____A (Microsoft Corporation) C:\Windows\SysWOW64\WMPhoto.dll
2013-01-15 20:29 - 2010-11-20 04:21 - 00309760 ____A (Microsoft Corporation) C:\Windows\SysWOW64\sqlcese30.dll
2013-01-15 20:29 - 2010-11-20 04:21 - 00307712 ____A (Microsoft Corporation) C:\Windows\SysWOW64\scesrv.dll
2013-01-15 20:29 - 2010-11-20 04:21 - 00305152 ____A (Microsoft Corporation) C:\Windows\SysWOW64\taskcomp.dll
2013-01-15 20:29 - 2010-11-20 04:21 - 00301568 ____A (Microsoft Corporation) C:\Windows\SysWOW64\srchadmin.dll
2013-01-15 20:29 - 2010-11-20 04:21 - 00299520 ____A (Microsoft Corporation) C:\Windows\SysWOW64\wmpdxm.dll
2013-01-15 20:29 - 2010-11-20 04:21 - 00276992 ____A (Microsoft Corporation) C:\Windows\SysWOW64\wcncsvc.dll
2013-01-15 20:29 - 2010-11-20 04:21 - 00247808 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ReAgent.dll
2013-01-15 20:29 - 2010-11-20 04:21 - 00246272 ____A (Microsoft Corporation) C:\Windows\SysWOW64\scansetting.dll
2013-01-15 20:29 - 2010-11-20 04:21 - 00242176 ____A (Microsoft Corporation) C:\Windows\SysWOW64\tapisrv.dll
2013-01-15 20:29 - 2010-11-20 04:21 - 00228352 ____A (Microsoft Corporation) C:\Windows\SysWOW64\stobject.dll
2013-01-15 20:29 - 2010-11-20 04:21 - 00222208 ____A (Microsoft Corporation) C:\Windows\SysWOW64\wavemsp.dll
2013-01-15 20:29 - 2010-11-20 04:21 - 00220160 ____A (Microsoft Corporation) C:\Windows\SysWOW64\SndVolSSO.dll
2013-01-15 20:29 - 2010-11-20 04:21 - 00206848 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ws2_32.dll
2013-01-15 20:29 - 2010-11-20 04:21 - 00198144 ____A (Microsoft Corporation) C:\Windows\SysWOW64\wpdwcn.dll
2013-01-15 20:29 - 2010-11-20 04:21 - 00194048 ____A (Microsoft Corporation) C:\Windows\SysWOW64\winmm.dll
2013-01-15 20:29 - 2010-11-20 04:21 - 00193536 ____A (Microsoft Corporation) C:\Windows\SysWOW64\sppcomapi.dll
2013-01-15 20:29 - 2010-11-20 04:21 - 00189952 ____A (Microsoft Corporation) C:\Windows\SysWOW64\wdscore.dll
2013-01-15 20:29 - 2010-11-20 04:21 - 00189952 ____A (Microsoft Corporation) C:\Windows\SysWOW64\sqmapi.dll
2013-01-15 20:29 - 2010-11-20 04:21 - 00186368 ____A (Microsoft Corporation) C:\Windows\SysWOW64\rdpencom.dll
2013-01-15 20:29 - 2010-11-20 04:21 - 00182272 ____A (Microsoft Corporation) C:\Windows\SysWOW64\wmpsrcwp.dll
2013-01-15 20:29 - 2010-11-20 04:21 - 00181760 ____A (Microsoft Corporation) C:\Windows\SysWOW64\tcpipcfg.dll
2013-01-15 20:29 - 2010-11-20 04:21 - 00179712 ____A (Microsoft Corporation) C:\Windows\SysWOW64\shdocvw.dll
2013-01-15 20:29 - 2010-11-20 04:21 - 00176640 ____A (Microsoft Corporation) C:\Windows\SysWOW64\rasppp.dll
2013-01-15 20:29 - 2010-11-20 04:21 - 00175616 ____A (Microsoft Corporation) C:\Windows\SysWOW64\scecli.dll
2013-01-15 20:29 - 2010-11-20 04:21 - 00172544 ____A (Microsoft Corporation) C:\Windows\SysWOW64\spp.dll
2013-01-15 20:29 - 2010-11-20 04:21 - 00164352 ____A (Microsoft Corporation) C:\Windows\SysWOW64\wuwebv.dll
2013-01-15 20:29 - 2010-11-20 04:21 - 00160256 ____A (Microsoft Corporation) C:\Windows\SysWOW64\vdsbas.dll
2013-01-15 20:29 - 2010-11-20 04:21 - 00159232 ____A (Microsoft Corporation) C:\Windows\SysWOW64\syncui.dll
2013-01-15 20:29 - 2010-11-20 04:21 - 00156672 ____A (Microsoft Corporation) C:\Windows\SysWOW64\winsta.dll
2013-01-15 20:29 - 2010-11-20 04:21 - 00152064 ____A (Microsoft Corporation) C:\Windows\SysWOW64\SmartcardCredentialProvider.dll
2013-01-15 20:29 - 2010-11-20 04:21 - 00146944 ____A (Microsoft Corporation) C:\Windows\SysWOW64\remotepg.dll
2013-01-15 20:29 - 2010-11-20 04:21 - 00146432 ____A (Microsoft Corporation) C:\Windows\SysWOW64\twext.dll
2013-01-15 20:29 - 2010-11-20 04:21 - 00144384 ____A (Microsoft Corporation) C:\Windows\SysWOW64\wmpps.dll
2013-01-15 20:29 - 2010-11-20 04:21 - 00139264 ____A (Microsoft Corporation) C:\Windows\SysWOW64\rpchttp.dll
2013-01-15 20:29 - 2010-11-20 04:21 - 00135168 ____A (Microsoft Corporation) C:\Windows\SysWOW64\XpsRasterService.dll
2013-01-15 20:29 - 2010-11-20 04:21 - 00134656 ____A (Microsoft Corporation) C:\Windows\SysWOW64\WinSCard.dll
2013-01-15 20:29 - 2010-11-20 04:21 - 00118784 ____A (Microsoft Corporation) C:\Windows\SysWOW64\uxlib.dll
2013-01-15 20:29 - 2010-11-20 04:21 - 00115712 ____A (Microsoft Corporation) C:\Windows\SysWOW64\setupcln.dll
2013-01-15 20:29 - 2010-11-20 04:21 - 00111104 ____A (Microsoft Corporation) C:\Windows\SysWOW64\shsetup.dll
2013-01-15 20:29 - 2010-11-20 04:21 - 00109568 ____A (Microsoft Corporation) C:\Windows\SysWOW64\wiavideo.dll
2013-01-15 20:29 - 2010-11-20 04:21 - 00109056 ____A (Microsoft Corporation) C:\Windows\SysWOW64\t2embed.dll
2013-01-15 20:29 - 2010-11-20 04:21 - 00108032 ____A (Microsoft Corporation) C:\Windows\SysWOW64\shacct.dll
2013-01-15 20:29 - 2010-11-20 04:21 - 00105984 ____A (Microsoft Corporation) C:\Windows\SysWOW64\WPDShServiceObj.dll
2013-01-15 20:29 - 2010-11-20 04:21 - 00105472 ____A (Microsoft Corporation) C:\Windows\SysWOW64\wmpshell.dll
2013-01-15 20:29 - 2010-11-20 04:21 - 00100864 ____A (Microsoft Corporation) C:\Windows\SysWOW64\sppinst.dll
2013-01-15 20:29 - 2010-11-20 04:21 - 00090112 ____A (Microsoft Corporation) C:\Windows\SysWOW64\srvcli.dll
2013-01-15 20:29 - 2010-11-20 04:21 - 00087552 ____A (Microsoft Corporation) C:\Windows\SysWOW64\wudriver.dll
2013-01-15 20:29 - 2010-11-20 04:21 - 00085504 ____A (Microsoft Corporation) C:\Windows\SysWOW64\secproc_ssp_isv.dll
2013-01-15 20:29 - 2010-11-20 04:21 - 00085504 ____A (Microsoft Corporation) C:\Windows\SysWOW64\secproc_ssp.dll
2013-01-15 20:29 - 2010-11-20 04:21 - 00082944 ____A (Microsoft Corporation) C:\Windows\SysWOW64\thumbcache.dll
2013-01-15 20:29 - 2010-11-20 04:21 - 00080896 ____A (Microsoft Corporation) C:\Windows\SysWOW64\QUTIL.DLL
2013-01-15 20:29 - 2010-11-20 04:21 - 00078848 ____A (Microsoft Corporation) C:\Windows\SysWOW64\UserAccountControlSettings.dll
2013-01-15 20:29 - 2010-11-20 04:21 - 00072192 ____A (Microsoft Corporation) C:\Windows\SysWOW64\regapi.dll
2013-01-15 20:29 - 2010-11-20 04:21 - 00071168 ____A (Microsoft Corporation) C:\Windows\SysWOW64\resutils.dll
2013-01-15 20:29 - 2010-11-20 04:21 - 00069632 ____A (Microsoft Corporation) C:\Windows\SysWOW64\tlscsp.dll
2013-01-15 20:29 - 2010-11-20 04:21 - 00069632 ____A (Microsoft Corporation) C:\Windows\SysWOW64\rastapi.dll
2013-01-15 20:29 - 2010-11-20 04:21 - 00065024 ____A (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2013-01-15 20:29 - 2010-11-20 04:21 - 00061952 ____A (Microsoft Corporation) C:\Windows\SysWOW64\spbcd.dll
2013-01-15 20:29 - 2010-11-20 04:21 - 00059392 ____A (Microsoft Corporation) C:\Windows\SysWOW64\unimdmat.dll
2013-01-15 20:29 - 2010-11-20 04:21 - 00056832 ____A (Microsoft Corporation) C:\Windows\SysWOW64\vfwwdm32.dll
2013-01-15 20:29 - 2010-11-20 04:21 - 00052224 ____A (Microsoft Corporation) C:\Windows\SysWOW64\rdpd3d.dll
2013-01-15 20:29 - 2010-11-20 04:21 - 00051712 ____A (Microsoft Corporation) C:\Windows\SysWOW64\wsnmp32.dll
2013-01-15 20:29 - 2010-11-20 04:21 - 00051712 ____A (Microsoft Corporation) C:\Windows\SysWOW64\wscapi.dll
2013-01-15 20:29 - 2010-11-20 04:21 - 00051200 ____A (Twain Working Group) C:\Windows\twain_32.dll
2013-01-15 20:29 - 2010-11-20 04:21 - 00051200 ____A (Microsoft Corporation) C:\Windows\SysWOW64\samcli.dll
2013-01-15 20:29 - 2010-11-20 04:21 - 00047104 ____A (Microsoft Corporation) C:\Windows\SysWOW64\wkscli.dll
2013-01-15 20:29 - 2010-11-20 04:21 - 00046080 ____A (Microsoft Corporation) C:\Windows\SysWOW64\RpcRtRemote.dll
2013-01-15 20:29 - 2010-11-20 04:21 - 00040448 ____A (Microsoft Corporation) C:\Windows\SysWOW64\wtsapi32.dll
2013-01-15 20:29 - 2010-11-20 04:21 - 00037376 ____A (Microsoft Corporation) C:\Windows\SysWOW64\rtutils.dll
2013-01-15 20:29 - 2010-11-20 04:21 - 00036352 ____A (Microsoft Corporation) C:\Windows\SysWOW64\wshbth.dll
2013-01-15 20:29 - 2010-11-20 04:21 - 00035840 ____A (Microsoft Corporation) C:\Windows\SysWOW64\shimgvw.dll
2013-01-15 20:29 - 2010-11-20 04:21 - 00031744 ____A (Microsoft Corporation) C:\Windows\SysWOW64\utildll.dll
2013-01-15 20:29 - 2010-11-20 04:21 - 00027648 ____A (Microsoft Corporation) C:\Windows\SysWOW64\wups.dll
2013-01-15 20:29 - 2010-11-20 04:21 - 00025600 ____A (Microsoft Corporation) C:\Windows\SysWOW64\vpnikeapi.dll
2013-01-15 20:29 - 2010-11-20 04:21 - 00021504 ____A (Microsoft Corporation) C:\Windows\SysWOW64\wsdchngr.dll
2013-01-15 20:29 - 2010-11-20 04:21 - 00021504 ____A (Microsoft Corporation) C:\Windows\SysWOW64\TRAPI.dll
2013-01-15 20:29 - 2010-11-20 04:21 - 00021504 ____A (Microsoft Corporation) C:\Windows\SysWOW64\rdprefdrvapi.dll
2013-01-15 20:29 - 2010-11-20 04:21 - 00020992 ____A (Microsoft Corporation) C:\Windows\SysWOW64\shgina.dll
2013-01-15 20:29 - 2010-11-20 04:21 - 00019968 ____A (Microsoft Corporation) C:\Windows\SysWOW64\spopk.dll
2013-01-15 20:29 - 2010-11-20 04:21 - 00019456 ____A (Microsoft Corporation) C:\Windows\SysWOW64\sisbkup.dll
2013-01-15 20:29 - 2010-11-20 04:21 - 00017408 ____A (Microsoft Corporation) C:\Windows\SysWOW64\schedcli.dll
2013-01-15 20:29 - 2010-11-20 04:21 - 00014848 ____A (Microsoft Corporation) C:\Windows\SysWOW64\syssetup.dll
2013-01-15 20:29 - 2010-11-20 04:21 - 00014336 ____A (Microsoft Corporation) C:\Windows\SysWOW64\slwga.dll
2013-01-15 20:29 - 2010-11-20 04:21 - 00012288 ____A (Microsoft Corporation) C:\Windows\SysWOW64\tsbyuv.dll
2013-01-15 20:29 - 2010-11-20 04:21 - 00011264 ____A (Microsoft Corporation) C:\Windows\SysWOW64\wshirda.dll
2013-01-15 20:29 - 2010-11-20 04:21 - 00010752 ____A (Microsoft Corporation) C:\Windows\SysWOW64\shunimpl.dll
2013-01-15 20:29 - 2010-11-20 04:21 - 00009728 ____A (Microsoft Corporation) C:\Windows\SysWOW64\sscore.dll
2013-01-15 20:29 - 2010-11-20 04:21 - 00008704 ____A (Microsoft Corporation) C:\Windows\SysWOW64\riched32.dll
2013-01-15 20:29 - 2010-11-20 04:21 - 00004096 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msdxm.ocx
2013-01-15 20:29 - 2010-11-20 04:21 - 00004096 ____A (Microsoft Corporation) C:\Windows\SysWOW64\dxmasf.dll
2013-01-15 20:29 - 2010-11-20 04:20 - 02504192 ____A (Microsoft Corporation) C:\Windows\SysWOW64\WMVCORE.DLL
2013-01-15 20:29 - 2010-11-20 04:20 - 02494464 ____A (Microsoft Corporation) C:\Windows\SysWOW64\netshell.dll
2013-01-15 20:29 - 2010-11-20 04:20 - 02130944 ____A (Microsoft Corporation) C:\Windows\SysWOW64\networkmap.dll
2013-01-15 20:29 - 2010-11-20 04:20 - 01750528 ____A (Microsoft Corporation) C:\Windows\SysWOW64\pnidui.dll
2013-01-15 20:29 - 2010-11-20 04:20 - 01661440 ____A (Microsoft Corporation) C:\Windows\SysWOW64\networkexplorer.dll
2013-01-15 20:29 - 2010-11-20 04:20 - 01644032 ____A (Microsoft Corporation) C:\Windows\SysWOW64\netcenter.dll
2013-01-15 20:29 - 2010-11-20 04:20 - 01508864 ____A (Microsoft Corporation) C:\Windows\SysWOW64\pla.dll
2013-01-15 20:29 - 2010-11-20 04:20 - 01160192 ____A (Microsoft Corporation) C:\Windows\SysWOW64\OpcServices.dll
2013-01-15 20:29 - 2010-11-20 04:20 - 01111552 ____A (Microsoft Corporation) C:\Windows\SysWOW64\onexui.dll
2013-01-15 20:29 - 2010-11-20 04:20 - 00932352 ____A (Microsoft Corporation) C:\Windows\SysWOW64\printui.dll
2013-01-15 20:29 - 2010-11-20 04:20 - 00859648 ____A (Microsoft Corporation) C:\Windows\SysWOW64\OobeFldr.dll
2013-01-15 20:29 - 2010-11-20 04:20 - 00801280 ____A (Microsoft Corporation) C:\Windows\SysWOW64\NaturalLanguage6.dll
2013-01-15 20:29 - 2010-11-20 04:20 - 00656384 ____A (Microsoft Corporation) C:\Windows\SysWOW64\nshwfp.dll
2013-01-15 20:29 - 2010-11-20 04:20 - 00600576 ____A (Microsoft Corporation) C:\Windows\SysWOW64\PerfCenterCPL.dll
2013-01-15 20:29 - 2010-11-20 04:20 - 00509440 ____A (Microsoft Corporation) C:\Windows\SysWOW64\qedit.dll
2013-01-15 20:29 - 2010-11-20 04:20 - 00441856 ____A (Microsoft Corporation) C:\Windows\SysWOW64\powercpl.dll
2013-01-15 20:29 - 2010-11-20 04:20 - 00427520 ____A (Microsoft Corporation) C:\Windows\SysWOW64\PortableDeviceStatus.dll
2013-01-15 20:29 - 2010-11-20 04:20 - 00395264 ____A (Microsoft Corporation) C:\Windows\SysWOW64\prnfldr.dll
2013-01-15 20:29 - 2010-11-20 04:20 - 00346112 ____A (Microsoft Corporation) C:\Windows\SysWOW64\nshipsec.dll
2013-01-15 20:29 - 2010-11-20 04:20 - 00324608 ____A (Microsoft Corporation) C:\Windows\SysWOW64\puiobj.dll
2013-01-15 20:29 - 2010-11-20 04:20 - 00297472 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ntprint.dll
2013-01-15 20:29 - 2010-11-20 04:20 - 00295424 ____A (Microsoft Corporation) C:\Windows\SysWOW64\photowiz.dll
2013-01-15 20:29 - 2010-11-20 04:20 - 00283136 ____A (Microsoft Corporation) C:\Windows\SysWOW64\qdv.dll
2013-01-15 20:29 - 2010-11-20 04:20 - 00236544 ____A (Microsoft Corporation) C:\Windows\SysWOW64\pdh.dll
2013-01-15 20:29 - 2010-11-20 04:20 - 00225792 ____A (Microsoft Corporation) C:\Windows\SysWOW64\netdiagfx.dll
2013-01-15 20:29 - 2010-11-20 04:20 - 00218112 ____A (Microsoft Corporation) C:\Windows\SysWOW64\OnLineIDCpl.dll
2013-01-15 20:29 - 2010-11-20 04:20 - 00206848 ____A (Microsoft Corporation) C:\Windows\SysWOW64\qasf.dll
2013-01-15 20:29 - 2010-11-20 04:20 - 00199168 ____A (Microsoft Corporation) C:\Windows\SysWOW64\onex.dll
2013-01-15 20:29 - 2010-11-20 04:20 - 00190976 ____A (Microsoft Corporation) C:\Windows\SysWOW64\qcap.dll
2013-01-15 20:29 - 2010-11-20 04:20 - 00183296 ____A (Microsoft Corporation) C:\Windows\SysWOW64\PortableDeviceSyncProvider.dll
2013-01-15 20:29 - 2010-11-20 04:20 - 00175616 ____A (Microsoft Corporation) C:\Windows\SysWOW64\netplwiz.dll
2013-01-15 20:29 - 2010-11-20 04:20 - 00174592 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ocsetapi.dll
2013-01-15 20:29 - 2010-11-20 04:20 - 00171520 ____A (Microsoft Corporation) C:\Windows\SysWOW64\QAGENT.DLL
2013-01-15 20:29 - 2010-11-20 04:20 - 00167936 ____A (Microsoft Corporation) C:\Windows\SysWOW64\QSHVHOST.DLL
2013-01-15 20:29 - 2010-11-20 04:20 - 00166400 ____A (Microsoft Corporation) C:\Windows\SysWOW64\netiohlp.dll
2013-01-15 20:29 - 2010-11-20 04:20 - 00165376 ____A (Microsoft Corporation) C:\Windows\SysWOW64\provsvc.dll
2013-01-15 20:29 - 2010-11-20 04:20 - 00161792 ____A (Microsoft Corporation) C:\Windows\SysWOW64\netjoin.dll
2013-01-15 20:29 - 2010-11-20 04:20 - 00136192 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mydocs.dll
2013-01-15 20:29 - 2010-11-20 04:20 - 00121344 ____A (Microsoft Corporation) C:\Windows\SysWOW64\sppc.dll
2013-01-15 20:29 - 2010-11-20 04:20 - 00120320 ____A (Microsoft Corporation) C:\Windows\SysWOW64\prntvpt.dll
2013-01-15 20:29 - 2010-11-20 04:20 - 00117248 ____A (Microsoft Corporation) C:\Windows\SysWOW64\netid.dll
2013-01-15 20:29 - 2010-11-20 04:20 - 00116736 ____A (Microsoft Corporation) C:\Windows\SysWOW64\prncache.dll
2013-01-15 20:29 - 2010-11-20 04:20 - 00099328 ____A (Microsoft Corporation) C:\Windows\SysWOW64\QSVRMGMT.DLL
2013-01-15 20:29 - 2010-11-20 04:20 - 00090112 ____A (Microsoft Corporation) C:\Windows\SysWOW64\olepro32.dll
2013-01-15 20:29 - 2010-11-20 04:20 - 00078848 ____A (Microsoft Corporation) C:\Windows\SysWOW64\nci.dll
2013-01-15 20:29 - 2010-11-20 04:20 - 00077824 ____A (Microsoft Corporation) C:\Windows\SysWOW64\olethk32.dll
2013-01-15 20:29 - 2010-11-20 04:20 - 00071680 ____A (Microsoft Corporation) C:\Windows\SysWOW64\QCLIPROV.DLL
2013-01-15 20:29 - 2010-11-20 04:20 - 00069120 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ntlanman.dll
2013-01-15 20:29 - 2010-11-20 04:20 - 00068096 ____A (Microsoft Corporation) C:\Windows\SysWOW64\napdsnap.dll
2013-01-15 20:29 - 2010-11-20 04:20 - 00060928 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ncryptui.dll
2013-01-15 20:29 - 2010-11-20 04:20 - 00046592 ____A (Microsoft Corporation) C:\Windows\SysWOW64\pdhui.dll
2013-01-15 20:29 - 2010-11-20 04:20 - 00040960 ____A (Microsoft Corporation) C:\Windows\SysWOW64\odbcconf.dll
2013-01-15 20:29 - 2010-11-20 04:20 - 00022528 ____A (Microsoft Corporation) C:\Windows\SysWOW64\netutils.dll
2013-01-15 20:29 - 2010-11-20 04:20 - 00017408 ____A (Microsoft Corporation) C:\Windows\SysWOW64\perfts.dll
2013-01-15 20:29 - 2010-11-20 04:20 - 00008192 ____A (Microsoft Corporation) C:\Windows\SysWOW64\spwmp.dll
2013-01-15 20:29 - 2010-11-20 04:19 - 00856576 ____A (Microsoft Corporation) C:\Windows\SysWOW64\FirewallControlPanel.dll
2013-01-15 20:29 - 2010-11-20 04:19 - 00830464 ____A (Microsoft Corporation) C:\Windows\SysWOW64\MSMPEG2ENC.DLL
2013-01-15 20:29 - 2010-11-20 04:19 - 00828928 ____A (Microsoft Corporation) C:\Windows\SysWOW64\fontext.dll
2013-01-15 20:29 - 2010-11-20 04:19 - 00592384 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msftedit.dll
2013-01-15 20:29 - 2010-11-20 04:19 - 00504320 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msscp.dll
2013-01-15 20:29 - 2010-11-20 04:19 - 00488448 ____A (Microsoft Corporation) C:\Windows\SysWOW64\evr.dll
2013-01-15 20:29 - 2010-11-20 04:19 - 00481792 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mscms.dll
2013-01-15 20:29 - 2010-11-20 04:19 - 00429056 ____A (Microsoft Corporation) C:\Windows\SysWOW64\localsec.dll
2013-01-15 20:29 - 2010-11-20 04:19 - 00400896 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ipsmsnap.dll
2013-01-15 20:29 - 2010-11-20 04:19 - 00392192 ____A (Microsoft Corporation) C:\Windows\SysWOW64\imapi2.dll
2013-01-15 20:29 - 2010-11-20 04:19 - 00337408 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msihnd.dll
2013-01-15 20:29 - 2010-11-20 04:19 - 00320512 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mtxclu.dll
2013-01-15 20:29 - 2010-11-20 04:19 - 00320512 ____A (Microsoft Corporation) C:\Windows\SysWOW64\Faultrep.dll
2013-01-15 20:29 - 2010-11-20 04:19 - 00312832 ____A (Microsoft Corporation) C:\Windows\SysWOW64\hgcpl.dll
2013-01-15 20:29 - 2010-11-20 04:19 - 00301568 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msieftp.dll
2013-01-15 20:29 - 2010-11-20 04:19 - 00271360 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iprtrmgr.dll
2013-01-15 20:29 - 2010-11-20 04:19 - 00268800 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mprddm.dll

2013-01-15 20:29 - 2010-11-20 04:19 - 00266752 ____A (Microsoft Corporation) C:\Windows\SysWOW64\MediaMetadataHandler.dll
2013-01-15 20:29 - 2010-11-20 04:19 - 00265216 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msnetobj.dll
2013-01-15 20:29 - 2010-11-20 04:19 - 00232448 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mswsock.dll
2013-01-15 20:29 - 2010-11-20 04:19 - 00226304 ____A (Microsoft Corporation) C:\Windows\SysWOW64\MSAC3ENC.DLL
2013-01-15 20:29 - 2010-11-20 04:19 - 00219648 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iTVData.dll
2013-01-15 20:29 - 2010-11-20 04:19 - 00216576 ____A (Microsoft Corporation) C:\Windows\SysWOW64\FWPUCLNT.DLL
2013-01-15 20:29 - 2010-11-20 04:19 - 00213504 ____A (Microsoft Corporation) C:\Windows\SysWOW64\MMDevAPI.dll
2013-01-15 20:29 - 2010-11-20 04:19 - 00209920 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mstask.dll
2013-01-15 20:29 - 2010-11-20 04:19 - 00202752 ____A (Microsoft Corporation) C:\Windows\SysWOW64\framedyn.dll
2013-01-15 20:29 - 2010-11-20 04:19 - 00202240 ____A (Microsoft Corporation) C:\Windows\SysWOW64\input.dll
2013-01-15 20:29 - 2010-11-20 04:19 - 00196608 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mfreadwrite.dll
2013-01-15 20:29 - 2010-11-20 04:19 - 00176128 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msorcl32.dll
2013-01-15 20:29 - 2010-11-20 04:19 - 00176128 ____A (Microsoft Corporation) C:\Windows\SysWOW64\MFPlay.dll
2013-01-15 20:29 - 2010-11-20 04:19 - 00172032 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iasrad.dll
2013-01-15 20:29 - 2010-11-20 04:19 - 00167936 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msutb.dll
2013-01-15 20:29 - 2010-11-20 04:19 - 00158720 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mprapi.dll
2013-01-15 20:29 - 2010-11-20 04:19 - 00158720 ____A (Microsoft Corporation) C:\Windows\SysWOW64\itircl.dll
2013-01-15 20:29 - 2010-11-20 04:19 - 00148992 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ifsutil.dll
2013-01-15 20:29 - 2010-11-20 04:19 - 00127488 ____A (Microsoft Corporation) C:\Windows\SysWOW64\logoncli.dll
2013-01-15 20:29 - 2010-11-20 04:19 - 00124416 ____A (Microsoft Corporation) C:\Windows\SysWOW64\fde.dll
2013-01-15 20:29 - 2010-11-20 04:19 - 00122880 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iasrecst.dll
2013-01-15 20:29 - 2010-11-20 04:19 - 00120320 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msvfw32.dll
2013-01-15 20:29 - 2010-11-20 04:19 - 00103936 ____A (Microsoft Corporation) C:\Windows\SysWOW64\IPHLPAPI.DLL
2013-01-15 20:29 - 2010-11-20 04:19 - 00101888 ____A (Microsoft Corporation) C:\Windows\SysWOW64\migisol.dll
2013-01-15 20:29 - 2010-11-20 04:19 - 00098304 ____A (Microsoft Corporation) C:\Windows\SysWOW64\fphc.dll
2013-01-15 20:29 - 2010-11-20 04:19 - 00093696 ____A (Windows ® Codename Longhorn DDK provider) C:\Windows\SysWOW64\fms.dll
2013-01-15 20:29 - 2010-11-20 04:19 - 00084480 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mciavi32.dll
2013-01-15 20:29 - 2010-11-20 04:19 - 00082944 ____A (Radius Inc.) C:\Windows\SysWOW64\iccvid.dll
2013-01-15 20:29 - 2010-11-20 04:19 - 00078848 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iasacct.dll
2013-01-15 20:29 - 2010-11-20 04:19 - 00076800 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mapistub.dll
2013-01-15 20:29 - 2010-11-20 04:19 - 00076800 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mapi32.dll
2013-01-15 20:29 - 2010-11-20 04:19 - 00066560 ____A (Microsoft Corporation) C:\Windows\SysWOW64\hbaapi.dll
2013-01-15 20:29 - 2010-11-20 04:19 - 00059904 ____A (Microsoft Corporation) C:\Windows\SysWOW64\fdeploy.dll
2013-01-15 20:29 - 2010-11-20 04:19 - 00052736 ____A (Microsoft Corporation) C:\Windows\SysWOW64\inetmib1.dll
2013-01-15 20:29 - 2010-11-20 04:19 - 00050176 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iyuv_32.dll
2013-01-15 20:29 - 2010-11-20 04:19 - 00042496 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mimefilt.dll
2013-01-15 20:29 - 2010-11-20 04:19 - 00041984 ____A (Microsoft Corporation) C:\Windows\SysWOW64\luainstall.dll
2013-01-15 20:29 - 2010-11-20 04:19 - 00036352 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mciqtz32.dll
2013-01-15 20:29 - 2010-11-20 04:19 - 00034816 ____A (Microsoft Corporation) C:\Windows\SysWOW64\httpapi.dll
2013-01-15 20:29 - 2010-11-20 04:19 - 00034304 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msasn1.dll
2013-01-15 20:29 - 2010-11-20 04:19 - 00031744 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msvidc32.dll
2013-01-15 20:29 - 2010-11-20 04:19 - 00030720 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msdmo.dll
2013-01-15 20:29 - 2010-11-20 04:19 - 00028672 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iscsium.dll
2013-01-15 20:29 - 2010-11-20 04:19 - 00022528 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msyuv.dll
2013-01-15 20:29 - 2010-11-20 04:19 - 00021504 ____A (Microsoft Corporation) C:\Windows\SysWOW64\lsmproxy.dll
2013-01-15 20:29 - 2010-11-20 04:19 - 00013312 ____A (Microsoft Corporation) C:\Windows\SysWOW64\muifontsetup.dll
2013-01-15 20:29 - 2010-11-20 04:19 - 00013312 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msrle32.dll
2013-01-15 20:29 - 2010-11-20 04:18 - 03727872 ____A (Microsoft Corporation) C:\Windows\SysWOW64\accessibilitycpl.dll
2013-01-15 20:29 - 2010-11-20 04:18 - 01400320 ____A (Microsoft Corporation) C:\Windows\SysWOW64\DxpTaskSync.dll
2013-01-15 20:29 - 2010-11-20 04:18 - 01040384 ____A (Microsoft Corporation) C:\Windows\SysWOW64\Display.dll
2013-01-15 20:29 - 2010-11-20 04:18 - 01003520 ____A (Microsoft Corporation) C:\Windows\SysWOW64\cryptui.dll
2013-01-15 20:29 - 2010-11-20 04:18 - 00854016 ____A (Microsoft Corporation) C:\Windows\SysWOW64\dbghelp.dll
2013-01-15 20:29 - 2010-11-20 04:18 - 00744448 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ActionCenter.dll
2013-01-15 20:29 - 2010-11-20 04:18 - 00743424 ____A (Microsoft Corporation) C:\Windows\SysWOW64\blackbox.dll
2013-01-15 20:29 - 2010-11-20 04:18 - 00740864 ____A (Microsoft Corporation) C:\Windows\SysWOW64\batmeter.dll
2013-01-15 20:29 - 2010-11-20 04:18 - 00685056 ____A (Microsoft Corporation) C:\Windows\SysWOW64\dsuiext.dll
2013-01-15 20:29 - 2010-11-20 04:18 - 00665600 ____A (Microsoft Corporation) C:\Windows\SysWOW64\AuxiliaryDisplayCpl.dll
2013-01-15 20:29 - 2010-11-20 04:18 - 00630784 ____A (Microsoft Corporation) C:\Windows\SysWOW64\DXPTaskRingtone.dll
2013-01-15 20:29 - 2010-11-20 04:18 - 00537600 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ActionCenterCPL.dll
2013-01-15 20:29 - 2010-11-20 04:18 - 00530432 ____A (Microsoft Corporation) C:\Windows\SysWOW64\comctl32.dll
2013-01-15 20:29 - 2010-11-20 04:18 - 00508416 ____A (Microsoft Corporation) C:\Windows\SysWOW64\dxgi.dll
2013-01-15 20:29 - 2010-11-20 04:18 - 00484864 ____A (Microsoft Corporation) C:\Windows\SysWOW64\DeviceCenter.dll
2013-01-15 20:29 - 2010-11-20 04:18 - 00438272 ____A (Microsoft Corporation) C:\Windows\SysWOW64\AdmTmpl.dll
2013-01-15 20:29 - 2010-11-20 04:18 - 00402944 ____A (Microsoft Corporation) C:\Windows\SysWOW64\drmmgrtn.dll
2013-01-15 20:29 - 2010-11-20 04:18 - 00333824 ____A (Microsoft Corporation) C:\Windows\SysWOW64\dot3ui.dll
2013-01-15 20:29 - 2010-11-20 04:18 - 00314368 ____A (Microsoft Corporation) C:\Windows\SysWOW64\azroleui.dll
2013-01-15 20:29 - 2010-11-20 04:18 - 00309760 ____A (Microsoft Corporation) C:\Windows\SysWOW64\actxprxy.dll
2013-01-15 20:29 - 2010-11-20 04:18 - 00257024 ____A (Microsoft Corporation) C:\Windows\SysWOW64\dpx.dll
2013-01-15 20:29 - 2010-11-20 04:18 - 00254464 ____A (Microsoft Corporation) C:\Windows\SysWOW64\dhcpcore.dll
2013-01-15 20:29 - 2010-11-20 04:18 - 00243712 ____A (Microsoft Corporation) C:\Windows\SysWOW64\audiodev.dll
2013-01-15 20:29 - 2010-11-20 04:18 - 00242176 ____A (Microsoft Corporation) C:\Windows\SysWOW64\eapp3hst.dll
2013-01-15 20:29 - 2010-11-20 04:18 - 00230912 ____A (Microsoft Corporation) C:\Windows\SysWOW64\clusapi.dll
2013-01-15 20:29 - 2010-11-20 04:18 - 00222208 ____A (Microsoft Corporation) C:\Windows\SysWOW64\eapphost.dll
2013-01-15 20:29 - 2010-11-20 04:18 - 00220672 ____A (Microsoft Corporation) C:\Windows\SysWOW64\defaultlocationcpl.dll
2013-01-15 20:29 - 2010-11-20 04:18 - 00211456 ____A (Microsoft Corporation) C:\Windows\SysWOW64\DevicePairingFolder.dll
2013-01-15 20:29 - 2010-11-20 04:18 - 00210432 ____A (Microsoft Corporation) C:\Windows\SysWOW64\dxdiagn.dll
2013-01-15 20:29 - 2010-11-20 04:18 - 00205312 ____A (Microsoft Corporation) C:\Windows\SysWOW64\efscore.dll
2013-01-15 20:29 - 2010-11-20 04:18 - 00202752 ____A (Microsoft Corporation) C:\Windows\SysWOW64\activeds.dll
2013-01-15 20:29 - 2010-11-20 04:18 - 00196608 ____A (Microsoft Corporation) C:\Windows\SysWOW64\dskquoui.dll
2013-01-15 20:29 - 2010-11-20 04:18 - 00195584 ____A (Microsoft Corporation) C:\Windows\SysWOW64\AudioSes.dll
2013-01-15 20:29 - 2010-11-20 04:18 - 00186880 ____A (Microsoft Corporation) C:\Windows\SysWOW64\adsldp.dll
2013-01-15 20:29 - 2010-11-20 04:18 - 00168960 ____A (Microsoft Corporation) C:\Windows\SysWOW64\credui.dll
2013-01-15 20:29 - 2010-11-20 04:18 - 00146944 ____A (Microsoft Corporation) C:\Windows\SysWOW64\autoplay.dll
2013-01-15 20:29 - 2010-11-20 04:18 - 00139264 ____A (Microsoft Corporation) C:\Windows\SysWOW64\cscobj.dll
2013-01-15 20:29 - 2010-11-20 04:18 - 00132608 ____A (Microsoft Corporation) C:\Windows\SysWOW64\cabview.dll
2013-01-15 20:29 - 2010-11-20 04:18 - 00128512 ____A (Microsoft Corporation) C:\Windows\SysWOW64\EhStorAPI.dll
2013-01-15 20:29 - 2010-11-20 04:18 - 00115200 ____A (Microsoft Corporation) C:\Windows\SysWOW64\dot3msm.dll
2013-01-15 20:29 - 2010-11-20 04:18 - 00109056 ____A (Microsoft Corporation) C:\Windows\SysWOW64\dnscmmc.dll
2013-01-15 20:29 - 2010-11-20 04:18 - 00094208 ____A (Microsoft Corporation) C:\Windows\SysWOW64\eappgnui.dll
2013-01-15 20:29 - 2010-11-20 04:18 - 00091648 ____A (Microsoft Corporation) C:\Windows\SysWOW64\avifil32.dll
2013-01-15 20:29 - 2010-11-20 04:18 - 00082432 ____A (Microsoft Corporation) C:\Windows\SysWOW64\dot3cfg.dll
2013-01-15 20:29 - 2010-11-20 04:18 - 00080384 ____A (Microsoft Corporation) C:\Windows\SysWOW64\davclnt.dll
2013-01-15 20:29 - 2010-11-20 04:18 - 00073216 ____A (Microsoft Corporation) C:\Windows\SysWOW64\cabinet.dll
2013-01-15 20:29 - 2010-11-20 04:18 - 00070656 ____A (Microsoft Corporation) C:\Windows\SysWOW64\amstream.dll
2013-01-15 20:29 - 2010-11-20 04:18 - 00067584 ____A (Microsoft Corporation) C:\Windows\SysWOW64\asycfilt.dll
2013-01-15 20:29 - 2010-11-20 04:18 - 00066560 ____A (Microsoft Corporation) C:\Windows\SysWOW64\cca.dll
2013-01-15 20:29 - 2010-11-20 04:18 - 00065024 ____A (Microsoft Corporation) C:\Windows\SysWOW64\CertPolEng.dll
2013-01-15 20:29 - 2010-11-20 04:18 - 00045568 ____A (Microsoft Corporation) C:\Windows\SysWOW64\acppage.dll
2013-01-15 20:29 - 2010-11-20 04:18 - 00034816 ____A (Microsoft Corporation) C:\Windows\SysWOW64\cscapi.dll
2013-01-15 20:29 - 2010-11-20 04:18 - 00030208 ____A (Microsoft Corporation) C:\Windows\SysWOW64\dsauth.dll
2013-01-15 20:29 - 2010-11-20 04:18 - 00028160 ____A (Microsoft Corporation) C:\Windows\SysWOW64\AzSqlExt.dll
2013-01-15 20:29 - 2010-11-20 04:18 - 00023040 ____A (Microsoft Corporation) C:\Windows\SysWOW64\cscdll.dll
2013-01-15 20:29 - 2010-11-20 04:18 - 00022528 ____A (Microsoft Corporation) C:\Windows\SysWOW64\elsTrans.dll
2013-01-15 20:29 - 2010-11-20 04:18 - 00019456 ____A (Microsoft Corporation) C:\Windows\SysWOW64\bitsperf.dll
2013-01-15 20:29 - 2010-11-20 04:18 - 00017408 ____A (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2013-01-15 20:29 - 2010-11-20 04:18 - 00011264 ____A (Microsoft Corporation) C:\Windows\SysWOW64\C_ISCII.DLL
2013-01-15 20:29 - 2010-11-20 04:18 - 00010752 ____A (Microsoft Corporation) C:\Windows\SysWOW64\browseui.dll
2013-01-15 20:29 - 2010-11-20 04:17 - 00586752 ____A (Microsoft Corporation) C:\Windows\SysWOW64\dfrgui.exe
2013-01-15 20:29 - 2010-11-20 04:17 - 00327680 ____A (Microsoft Corporation) C:\Windows\SysWOW64\wimserv.exe
2013-01-15 20:29 - 2010-11-20 04:17 - 00314880 ____A (Microsoft Corporation) C:\Windows\SysWOW64\wusa.exe
2013-01-15 20:29 - 2010-11-20 04:17 - 00314368 ____A (Microsoft Corporation) C:\Windows\SysWOW64\SndVol.exe
2013-01-15 20:29 - 2010-11-20 04:17 - 00303104 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msinfo32.exe
2013-01-15 20:29 - 2010-11-20 04:17 - 00288256 ____A (Microsoft Corporation) C:\Windows\SysWOW64\eudcedit.exe
2013-01-15 20:29 - 2010-11-20 04:17 - 00280064 ____A (Microsoft Corporation) C:\Windows\SysWOW64\RMActivate_ssp.exe
2013-01-15 20:29 - 2010-11-20 04:17 - 00278016 ____A (Microsoft Corporation) C:\Windows\SysWOW64\RMActivate_ssp_isv.exe
2013-01-15 20:29 - 2010-11-20 04:17 - 00276480 ____A (Microsoft Corporation) C:\Windows\SysWOW64\diskraid.exe
2013-01-15 20:29 - 2010-11-20 04:17 - 00270336 ____A (Microsoft Corporation) C:\Windows\SysWOW64\sethc.exe
2013-01-15 20:29 - 2010-11-20 04:17 - 00227328 ____A (Microsoft Corporation) C:\Windows\SysWOW64\taskmgr.exe
2013-01-15 20:29 - 2010-11-20 04:17 - 00209920 ____A (Microsoft Corporation) C:\Windows\SysWOW64\PkgMgr.exe
2013-01-15 20:29 - 2010-11-20 04:17 - 00197632 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ocsetup.exe
2013-01-15 20:29 - 2010-11-20 04:17 - 00192000 ____A (Microsoft Corporation) C:\Windows\SysWOW64\taskeng.exe
2013-01-15 20:29 - 2010-11-20 04:17 - 00179712 ____A (Microsoft Corporation) C:\Windows\SysWOW64\schtasks.exe
2013-01-15 20:29 - 2010-11-20 04:17 - 00157184 ____A (Microsoft Corporation) C:\Windows\SysWOW64\perfmon.exe
2013-01-15 20:29 - 2010-11-20 04:17 - 00144896 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iscsicli.exe
2013-01-15 20:29 - 2010-11-20 04:17 - 00142336 ____A (Microsoft Corporation) C:\Windows\SysWOW64\net1.exe
2013-01-15 20:29 - 2010-11-20 04:17 - 00133632 ____A (Microsoft Corporation) C:\Windows\SysWOW64\diskpart.exe
2013-01-15 20:29 - 2010-11-20 04:17 - 00113152 ____A (Microsoft Corporation) C:\Windows\SysWOW64\setupugc.exe
2013-01-15 20:29 - 2010-11-20 04:17 - 00101376 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mobsync.exe
2013-01-15 20:29 - 2010-11-20 04:17 - 00098816 ____A (Microsoft) C:\Windows\SysWOW64\Robocopy.exe
2013-01-15 20:29 - 2010-11-20 04:17 - 00098304 ____A (Microsoft Corporation) C:\Windows\SysWOW64\nslookup.exe
2013-01-15 20:29 - 2010-11-20 04:17 - 00095232 ____A (Microsoft Corporation) C:\Windows\SysWOW64\logagent.exe
2013-01-15 20:29 - 2010-11-20 04:17 - 00086528 ____A (Microsoft Corporation) C:\Windows\SysWOW64\isoburn.exe
2013-01-15 20:29 - 2010-11-20 04:17 - 00084992 ____A (Microsoft Corporation) C:\Windows\SysWOW64\cmstp.exe
2013-01-15 20:29 - 2010-11-20 04:17 - 00082944 ____A (Microsoft Corporation) C:\Windows\SysWOW64\logman.exe
2013-01-15 20:29 - 2010-11-20 04:17 - 00073216 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msiexec.exe
2013-01-15 20:29 - 2010-11-20 04:17 - 00070656 ____A (Microsoft Corporation) C:\Windows\SysWOW64\MuiUnattend.exe
2013-01-15 20:29 - 2010-11-20 04:17 - 00066048 ____A (Microsoft Corporation) C:\Windows\SysWOW64\w32tm.exe
2013-01-15 20:29 - 2010-11-20 04:17 - 00062976 ____A (Microsoft Corporation) C:\Windows\SysWOW64\findstr.exe
2013-01-15 20:29 - 2010-11-20 04:17 - 00051200 ____A (Microsoft Corporation) C:\Windows\SysWOW64\takeown.exe
2013-01-15 20:29 - 2010-11-20 04:17 - 00050688 ____A (Microsoft Corporation) C:\Windows\SysWOW64\runonce.exe
2013-01-15 20:29 - 2010-11-20 04:17 - 00047616 ____A (Microsoft Corporation) C:\Windows\SysWOW64\tzutil.exe
2013-01-15 20:29 - 2010-11-20 04:17 - 00042496 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ftp.exe
2013-01-15 20:29 - 2010-11-20 04:17 - 00037888 ____A (Microsoft Corporation) C:\Windows\SysWOW64\relog.exe
2013-01-15 20:29 - 2010-11-20 04:17 - 00034304 ____A (Microsoft Corporation) C:\Windows\SysWOW64\unlodctr.exe
2013-01-15 20:29 - 2010-11-20 04:17 - 00033792 ____A (Microsoft Corporation) C:\Windows\SysWOW64\wuapp.exe
2013-01-15 20:29 - 2010-11-20 04:17 - 00028672 ____A (Microsoft Corporation) C:\Windows\SysWOW64\WerFaultSecure.exe
2013-01-15 20:29 - 2010-11-20 04:17 - 00028672 ____A (Microsoft Corporation) C:\Windows\SysWOW64\proquota.exe
2013-01-15 20:29 - 2010-11-20 04:17 - 00026624 ____A (Microsoft Corporation) C:\Windows\SysWOW64\userinit.exe
2013-01-15 20:29 - 2010-11-20 04:17 - 00025600 ____A (Microsoft Corporation) C:\Windows\SysWOW64\netiougc.exe
2013-01-15 20:29 - 2010-11-20 04:17 - 00024064 ____A (Microsoft Corporation) C:\Windows\SysWOW64\netbtugc.exe
2013-01-15 20:29 - 2010-11-20 04:17 - 00022016 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ReAgentc.exe
2013-01-15 20:29 - 2010-11-20 04:16 - 00905216 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mmsys.cpl
2013-01-15 20:29 - 2010-11-20 04:16 - 00878592 ____A (Microsoft Corporation) C:\Windows\SysWOW64\Bubbles.scr
2013-01-15 20:29 - 2010-11-20 04:16 - 00776192 ____A (Microsoft Corporation) C:\Windows\SysWOW64\calc.exe
2013-01-15 20:29 - 2010-11-20 04:16 - 00692736 ____A (Microsoft Corporation) C:\Windows\SysWOW64\bthprops.cpl
2013-01-15 20:29 - 2010-11-20 04:16 - 00679424 ____A (Microsoft Corporation) C:\Windows\SysWOW64\autoconv.exe
2013-01-15 20:29 - 2010-11-20 04:16 - 00668160 ____A (Microsoft Corporation) C:\Windows\SysWOW64\autochk.exe
2013-01-15 20:29 - 2010-11-20 04:16 - 00658944 ____A (Microsoft Corporation) C:\Windows\SysWOW64\autofmt.exe
2013-01-15 20:29 - 2010-11-20 04:16 - 00649216 ____A (Microsoft Corporation) C:\Windows\SysWOW64\appwiz.cpl
2013-01-15 20:29 - 2010-11-20 04:16 - 00516096 ____A (Microsoft Corporation) C:\Windows\SysWOW64\main.cpl
2013-01-15 20:29 - 2010-11-20 04:16 - 00413696 ____A (Microsoft Corporation) C:\Windows\SysWOW64\PhotoScreensaver.scr
2013-01-15 20:29 - 2010-11-20 04:16 - 00389632 ____A (Microsoft Corporation) C:\Windows\SysWOW64\sysmon.ocx
2013-01-15 20:29 - 2010-11-20 04:16 - 00345088 ____A (Microsoft Corporation) C:\Windows\SysWOW64\intl.cpl
2013-01-15 20:29 - 2010-11-20 04:16 - 00326656 ____A (Microsoft Corporation) C:\Windows\SysWOW64\sysdm.cpl
2013-01-15 20:29 - 2010-11-20 04:16 - 00320000 ____A (Microsoft Corporation) C:\Windows\SysWOW64\winspool.drv
2013-01-15 20:29 - 2010-11-20 04:16 - 00293888 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ssText3d.scr
2013-01-15 20:29 - 2010-11-20 04:16 - 00281088 ____A (Microsoft Corporation) C:\Windows\SysWOW64\unimdm.tsp
2013-01-15 20:29 - 2010-11-20 04:16 - 00221184 ____A (Microsoft Corporation) C:\Windows\SysWOW64\Mystify.scr
2013-01-15 20:29 - 2010-11-20 04:16 - 00220672 ____A (Microsoft Corporation) C:\Windows\SysWOW64\Ribbons.scr
2013-01-15 20:29 - 2010-11-20 04:16 - 00193536 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ksproxy.ax
2013-01-15 20:29 - 2010-11-20 04:16 - 00186368 ____A (Microsoft Corporation) C:\Windows\SysWOW64\bitsadmin.exe
2013-01-15 20:29 - 2010-11-20 04:16 - 00172032 ____A (Microsoft Corporation) C:\Windows\SysWOW64\wdmaud.drv
2013-01-15 20:29 - 2010-11-20 04:16 - 00153600 ____A (Microsoft Corporation) C:\Windows\SysWOW64\VBICodec.ax
2013-01-15 20:29 - 2010-11-20 04:16 - 00142336 ____A (Microsoft Corporation) C:\Windows\SysWOW64\powercfg.cpl
2013-01-15 20:29 - 2010-11-20 04:16 - 00128000 ____A (Microsoft Corporation) C:\Windows\SysWOW64\desk.cpl
2013-01-15 20:29 - 2010-11-20 04:16 - 00107008 ____A (Microsoft Corporation) C:\Windows\SysWOW64\Kswdmcap.ax
2013-01-15 20:29 - 2010-11-20 04:16 - 00084480 ____A (Microsoft Corporation) C:\Windows\SysWOW64\kstvtune.ax
2013-01-15 20:29 - 2010-11-20 04:16 - 00068608 ____A (Microsoft Corporation) C:\Windows\SysWOW64\WSTPager.ax
2013-01-15 20:29 - 2010-11-20 04:16 - 00048640 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ksxbar.ax
2013-01-15 20:29 - 2010-11-20 04:16 - 00045568 ____A (Microsoft Corporation) C:\Windows\SysWOW64\g711codc.ax
2013-01-15 20:29 - 2010-11-20 04:16 - 00033792 ____A (Microsoft Corporation) C:\Windows\SysWOW64\vbisurf.ax
2013-01-15 20:29 - 2010-11-20 04:08 - 12625408 ____A (Microsoft Corporation) C:\Windows\SysWOW64\wmploc.DLL
2013-01-15 20:29 - 2010-11-20 04:08 - 00663040 ____A (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll
2013-01-15 20:29 - 2010-11-20 04:08 - 00311296 ____A (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll
2013-01-15 20:29 - 2010-11-20 04:08 - 00119808 ____A (Microsoft Corporation) C:\Windows\SysWOW64\imm32.dll
2013-01-15 20:29 - 2010-11-20 04:08 - 00007680 ____A (Microsoft Corporation) C:\Windows\SysWOW64\KBDTUQ.DLL
2013-01-15 20:29 - 2010-11-20 04:08 - 00007680 ____A (Microsoft Corporation) C:\Windows\SysWOW64\KBDTUF.DLL
2013-01-15 20:29 - 2010-11-20 04:08 - 00007680 ____A (Microsoft Corporation) C:\Windows\SysWOW64\KBDSG.DLL
2013-01-15 20:29 - 2010-11-20 04:08 - 00007680 ____A (Microsoft Corporation) C:\Windows\SysWOW64\kbdlk41a.dll
2013-01-15 20:29 - 2010-11-20 04:08 - 00007680 ____A (Microsoft Corporation) C:\Windows\SysWOW64\KBDGR1.DLL
2013-01-15 20:29 - 2010-11-20 04:08 - 00007680 ____A (Microsoft Corporation) C:\Windows\SysWOW64\KBDGKL.DLL
2013-01-15 20:29 - 2010-11-20 04:08 - 00007680 ____A (Microsoft Corporation) C:\Windows\SysWOW64\KBDCZ1.DLL
2013-01-15 20:29 - 2010-11-20 04:08 - 00007168 ____A (Microsoft Corporation) C:\Windows\SysWOW64\KBDSF.DLL
2013-01-15 20:29 - 2010-11-20 04:08 - 00007168 ____A (Microsoft Corporation) C:\Windows\SysWOW64\KBDPO.DLL
2013-01-15 20:29 - 2010-11-20 04:08 - 00007168 ____A (Microsoft Corporation) C:\Windows\SysWOW64\KBDNEPR.DLL
2013-01-15 20:29 - 2010-11-20 04:08 - 00007168 ____A (Microsoft Corporation) C:\Windows\SysWOW64\KBDINTAM.DLL
2013-01-15 20:29 - 2010-11-20 04:08 - 00007168 ____A (Microsoft Corporation) C:\Windows\SysWOW64\KBDINORI.DLL
2013-01-15 20:29 - 2010-11-20 04:08 - 00007168 ____A (Microsoft Corporation) C:\Windows\SysWOW64\KBDINMAR.DLL
2013-01-15 20:29 - 2010-11-20 04:08 - 00007168 ____A (Microsoft Corporation) C:\Windows\SysWOW64\KBDINKAN.DLL
2013-01-15 20:29 - 2010-11-20 04:08 - 00007168 ____A (Microsoft Corporation) C:\Windows\SysWOW64\KBDINHIN.DLL
2013-01-15 20:29 - 2010-11-20 04:08 - 00007168 ____A (Microsoft Corporation) C:\Windows\SysWOW64\KBDINBEN.DLL
2013-01-15 20:29 - 2010-11-20 04:08 - 00006656 ____A (Microsoft Corporation) C:\Windows\SysWOW64\KBDUS.DLL
2013-01-15 20:29 - 2010-11-20 04:08 - 00006656 ____A (Microsoft Corporation) C:\Windows\SysWOW64\KBDUGHR1.DLL
2013-01-15 20:29 - 2010-11-20 04:08 - 00006656 ____A (Microsoft Corporation) C:\Windows\SysWOW64\KBDTURME.DLL
2013-01-15 20:29 - 2010-11-20 04:08 - 00006656 ____A (Microsoft Corporation) C:\Windows\SysWOW64\KBDTAJIK.DLL
2013-01-15 20:29 - 2010-11-20 04:08 - 00006656 ____A (Microsoft Corporation) C:\Windows\SysWOW64\KBDMON.DLL
2013-01-15 20:29 - 2010-11-20 04:08 - 00006656 ____A (Microsoft Corporation) C:\Windows\SysWOW64\KBDMAORI.DLL
2013-01-15 20:29 - 2010-11-20 04:08 - 00006656 ____A (Microsoft Corporation) C:\Windows\SysWOW64\KBDLT1.DLL
2013-01-15 20:29 - 2010-11-20 04:08 - 00006656 ____A (Microsoft Corporation) C:\Windows\SysWOW64\KBDINTEL.DLL
2013-01-15 20:29 - 2010-11-20 04:08 - 00006656 ____A (Microsoft Corporation) C:\Windows\SysWOW64\KBDGEO.DLL
2013-01-15 20:29 - 2010-11-20 04:08 - 00006656 ____A (Microsoft Corporation) C:\Windows\SysWOW64\KBDBULG.DLL
2013-01-15 20:29 - 2010-11-20 04:08 - 00006656 ____A (Microsoft Corporation) C:\Windows\SysWOW64\KBDBLR.DLL
2013-01-15 20:29 - 2010-11-20 04:08 - 00006656 ____A (Microsoft Corporation) C:\Windows\SysWOW64\KBDBASH.DLL
2013-01-15 20:29 - 2010-11-20 04:07 - 01164800 ____A (Microsoft Corporation) C:\Windows\SysWOW64\UIRibbonRes.dll
2013-01-15 20:29 - 2010-11-20 04:07 - 00007680 ____A (Microsoft Corporation) C:\Windows\SysWOW64\spwizres.dll
2013-01-15 20:29 - 2010-11-20 04:06 - 00069120 ____A (Microsoft Corporation) C:\Windows\SysWOW64\nlsbres.dll
2013-01-15 20:29 - 2010-11-20 04:05 - 00035328 ____A (Microsoft Corporation) C:\Windows\SysWOW64\pifmgr.dll
2013-01-15 20:29 - 2010-11-20 04:00 - 01027584 ____A (Microsoft Corporation) C:\Windows\SysWOW64\IMJP10.IME
2013-01-15 20:29 - 2010-11-20 04:00 - 00430080 ____A (Microsoft Corporation) C:\Windows\SysWOW64\imkr80.ime
2013-01-15 20:29 - 2010-11-20 03:37 - 00031744 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\usbrpm.sys
2013-01-15 20:29 - 2010-11-20 03:06 - 00165888 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\rdpdr.sys
2013-01-15 20:29 - 2010-11-20 03:04 - 00039424 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\tssecsrv.sys
2013-01-15 20:29 - 2010-11-20 02:52 - 00164352 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\ndiswan.sys
2013-01-15 20:29 - 2010-11-20 02:52 - 00131584 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\pacer.sys
2013-01-15 20:29 - 2010-11-20 02:52 - 00129536 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\rasl2tp.sys
2013-01-15 20:29 - 2010-11-20 02:52 - 00111104 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\raspptp.sys
2013-01-15 20:29 - 2010-11-20 02:52 - 00088576 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\wanarp.sys
2013-01-15 20:29 - 2010-11-20 02:52 - 00082944 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\ipfltdrv.sys
2013-01-15 20:29 - 2010-11-20 02:52 - 00057856 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\ndproxy.sys
2013-01-15 20:29 - 2010-11-20 02:51 - 00125440 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\tunnel.sys
2013-01-15 20:29 - 2010-11-20 02:50 - 00056832 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\ndisuio.sys
2013-01-15 20:29 - 2010-11-20 02:49 - 00146432 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\rmcast.sys
2013-01-15 20:29 - 2010-11-20 02:44 - 00350208 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\HdAudio.sys
2013-01-15 20:29 - 2010-11-20 02:44 - 00048640 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\umbus.sys
2013-01-15 20:29 - 2010-11-20 02:44 - 00032896 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\USBCAMD2.sys
2013-01-15 20:29 - 2010-11-20 02:43 - 00122368 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\hdaudbus.sys
2013-01-15 20:29 - 2010-11-20 02:43 - 00076800 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\hidclass.sys
2013-01-15 20:29 - 2010-11-20 02:43 - 00030208 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\hidusb.sys
2013-01-15 20:29 - 2010-11-20 02:34 - 00014336 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\sffp_sd.sys
2013-01-15 20:29 - 2010-11-20 02:33 - 00243712 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\ks.sys
2013-01-15 20:29 - 2010-11-20 02:33 - 00038912 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\CompositeBus.sys
2013-01-15 20:29 - 2010-11-20 02:33 - 00033280 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\kbdhid.sys
2013-01-15 20:29 - 2010-11-20 02:14 - 00061440 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\appid.sys
2013-01-15 20:29 - 2010-11-20 02:09 - 00029696 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\scfilter.sys
2013-01-15 20:29 - 2010-11-20 02:04 - 00078848 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\IPMIDrv.sys
2013-01-15 20:29 - 2010-11-20 01:57 - 00130048 ____A (Microsoft Corporation) C:\Windows\System32\VmbusCoinstaller.dll
2013-01-15 20:29 - 2010-11-20 01:57 - 00129024 ____A (Microsoft Corporation) C:\Windows\System32\VmdCoinstall.dll
2013-01-15 20:29 - 2010-11-20 01:57 - 00128512 ____A (Microsoft Corporation) C:\Windows\System32\IcCoinstall.dll
2013-01-15 20:29 - 2010-11-20 01:57 - 00051712 ____A (Microsoft Corporation) C:\Windows\System32\vmictimeprovider.dll
2013-01-15 20:29 - 2010-11-20 01:57 - 00021760 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\VMBusHID.sys
2013-01-15 20:29 - 2010-11-20 01:57 - 00015872 ____A (Microsoft Corporation) C:\Windows\System32\vmbuspipe.dll
2013-01-15 20:29 - 2010-11-20 01:57 - 00006656 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\vms3cap.sys
2013-01-15 20:29 - 2010-11-20 01:49 - 00258048 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\dxgmms1.sys
2013-01-15 20:29 - 2010-11-20 01:30 - 00012800 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\acpipmi.sys
2013-01-15 20:29 - 2010-11-20 01:26 - 00140800 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\mrxdav.sys
2013-01-15 20:29 - 2010-11-20 01:26 - 00102400 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\dfsc.sys
2013-01-15 20:29 - 2010-11-20 01:22 - 00026624 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\tdi.sys
2013-01-15 20:29 - 2010-11-20 01:19 - 00147456 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\cdrom.sys
2013-01-15 20:29 - 2010-11-09 17:48 - 00010429 ____A C:\Windows\System32\ScavengeSpace.xml
2013-01-15 20:29 - 2010-11-04 18:20 - 00105559 ____A C:\Windows\SysWOW64\RacRules.xml
2013-01-15 20:29 - 2010-11-04 18:20 - 00105559 ____A C:\Windows\System32\RacRules.xml
2013-01-15 20:29 - 2010-11-04 18:11 - 00433512 ____A (Microsoft Corporation) C:\Windows\System32\MCEWMDRMNDBootstrap.dll
2013-01-15 20:29 - 2010-11-04 18:11 - 00312168 ____A (Microsoft Corporation) C:\Windows\SysWOW64\MCEWMDRMNDBootstrap.dll
2013-01-15 20:29 - 2010-11-04 17:58 - 00155472 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mscorier.dll
2013-01-15 20:29 - 2010-11-04 17:58 - 00080720 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mscories.dll
2013-01-15 20:29 - 2010-11-04 17:57 - 00154960 ____A (Microsoft Corporation) C:\Windows\System32\mscorier.dll
2013-01-15 20:29 - 2009-06-10 13:40 - 00146389 ____A C:\Windows\SysWOW64\printmanagement.msc
2013-01-15 20:29 - 2009-06-10 13:39 - 00001041 ____A C:\Windows\SysWOW64\tcpbidi.xml
2013-01-15 20:28 - 2013-01-16 12:40 - 00000000 ____D C:\Program Files (x86)\Comodo
2013-01-15 20:28 - 2013-01-15 20:28 - 01700352 ____A (Microsoft Corporation) C:\Windows\SysWOW64\gdiplus.dll
2013-01-15 20:28 - 2013-01-15 20:28 - 01060864 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mfc71.dll
2013-01-15 20:28 - 2013-01-15 20:28 - 00348160 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msvcr71.dll
2013-01-15 20:28 - 2013-01-15 20:28 - 00000000 ____D C:\Users\All Users\Comodo Downloader
2013-01-15 20:28 - 2010-11-20 05:27 - 00529408 ____A (Microsoft Corporation) C:\Windows\System32\wbemcomn.dll
2013-01-15 20:28 - 2010-11-20 05:27 - 00244736 ____A (Microsoft Corporation) C:\Windows\System32\sqmapi.dll
2013-01-15 20:26 - 2013-01-15 20:26 - 00000000 ____D C:\Users\GigabitPony\AppData\Roaming\Malwarebytes
2013-01-15 20:25 - 2013-01-15 20:25 - 00000000 ____D C:\Users\All Users\Malwarebytes
2013-01-15 20:25 - 2012-12-14 13:49 - 00024176 ____A (Malwarebytes Corporation) C:\Windows\System32\Drivers\mbam.sys
2013-01-15 20:18 - 2013-01-16 13:30 - 00000000 ____D C:\Users\GigabitPony\AppData\Roaming\Dropbox
2013-01-15 20:18 - 2013-01-15 20:18 - 00859552 ____A (Oracle Corporation) C:\Windows\SysWOW64\npDeployJava1.dll
2013-01-15 20:18 - 2013-01-15 20:18 - 00780192 ____A (Oracle Corporation) C:\Windows\SysWOW64\deployJava1.dll
2013-01-15 20:18 - 2013-01-15 20:18 - 00261024 ____A (Oracle Corporation) C:\Windows\SysWOW64\javaws.exe
2013-01-15 20:18 - 2013-01-15 20:18 - 00174496 ____A (Oracle Corporation) C:\Windows\SysWOW64\javaw.exe
2013-01-15 20:18 - 2013-01-15 20:18 - 00174496 ____A (Oracle Corporation) C:\Windows\SysWOW64\java.exe
2013-01-15 20:18 - 2013-01-15 20:18 - 00095648 ____A (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2013-01-15 20:18 - 2013-01-15 20:18 - 00000000 ____D C:\Users\All Users\Sun
2013-01-15 20:18 - 2013-01-15 20:18 - 00000000 ____D C:\Program Files (x86)\Java
2013-01-15 20:16 - 2013-01-15 20:16 - 00000000 ____D C:\Users\All Users\McAfee
2013-01-15 20:08 - 2013-01-15 20:08 - 00001313 ____A C:\Windows\TSSysprep.log
2013-01-15 20:06 - 2013-01-15 20:06 - 00000000 ___AH C:\Windows\System32\Drivers\Msft_User_WpdFs_01_09_00.Wdf
2013-01-15 20:05 - 2013-01-15 17:14 - 00000000 ____D C:\Windows\Panther
2013-01-15 20:04 - 2013-01-15 20:04 - 00000000 ____D C:\Users\GigabitPony\AppData\LocalGoogle
2013-01-15 20:01 - 2013-01-16 14:06 - 00000908 ____A C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2013-01-15 20:01 - 2013-01-16 13:29 - 00000904 ____A C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2013-01-15 20:01 - 2013-01-15 20:04 - 00000000 ____D C:\Users\GigabitPony\AppData\Local\Google
2013-01-15 20:01 - 2013-01-15 20:04 - 00000000 ____D C:\Program Files (x86)\Google
2013-01-15 19:57 - 2011-03-24 19:29 - 00343040 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\usbhub.sys
2013-01-15 19:57 - 2011-03-24 19:29 - 00325120 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\usbport.sys
2013-01-15 19:57 - 2011-03-24 19:29 - 00098816 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\usbccgp.sys
2013-01-15 19:57 - 2011-03-24 19:29 - 00052736 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\usbehci.sys
2013-01-15 19:57 - 2011-03-24 19:29 - 00030720 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\usbuhci.sys
2013-01-15 19:57 - 2011-03-24 19:29 - 00025600 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\usbohci.sys
2013-01-15 19:57 - 2011-03-24 19:28 - 00007936 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\usbd.sys
2013-01-15 19:57 - 2011-03-10 22:41 - 00410496 ____A (Intel Corporation) C:\Windows\System32\Drivers\iaStorV.sys
2013-01-15 19:57 - 2011-03-10 22:41 - 00189824 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\storport.sys
2013-01-15 19:57 - 2011-03-10 22:41 - 00166272 ____A (NVIDIA Corporation) C:\Windows\System32\Drivers\nvstor.sys
2013-01-15 19:57 - 2011-03-10 22:41 - 00148352 ____A (NVIDIA Corporation) C:\Windows\System32\Drivers\nvraid.sys
2013-01-15 19:57 - 2011-03-10 22:41 - 00107904 ____A (Advanced Micro Devices) C:\Windows\System32\Drivers\amdsata.sys
2013-01-15 19:57 - 2011-03-10 22:41 - 00027008 ____A (Advanced Micro Devices) C:\Windows\System32\Drivers\amdxata.sys
2013-01-15 19:57 - 2011-03-10 22:33 - 02565632 ____A (Microsoft Corporation) C:\Windows\System32\esent.dll
2013-01-15 19:57 - 2011-03-10 22:30 - 00096768 ____A (Microsoft Corporation) C:\Windows\System32\fsutil.exe
2013-01-15 19:57 - 2011-03-10 21:33 - 01699328 ____A (Microsoft Corporation) C:\Windows\SysWOW64\esent.dll
2013-01-15 19:57 - 2011-03-10 21:31 - 00074240 ____A (Microsoft Corporation) C:\Windows\SysWOW64\fsutil.exe
2013-01-15 19:57 - 2011-03-10 20:37 - 00091648 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\USBSTOR.SYS
2013-01-15 19:11 - 2012-12-16 14:31 - 67599240 ____A (Microsoft Corporation) C:\Windows\System32\MRT.exe
2013-01-15 19:11 - 2012-07-25 20:55 - 00785512 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\Wdf01000.sys
2013-01-15 19:11 - 2012-07-25 20:55 - 00054376 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\WdfLdr.sys
2013-01-15 19:11 - 2012-07-25 18:36 - 00009728 ____A (Microsoft Corporation) C:\Windows\System32\Wdfres.dll
2013-01-15 19:11 - 2012-06-02 06:35 - 00000003 ____A C:\Windows\System32\Drivers\MsftWdf_Kernel_01011_Inbox_Critical.Wdf
2013-01-15 19:10 - 2013-01-15 19:10 - 00000000 ____D C:\Users\GigabitPony\AppData\Roaming\Macromedia
2013-01-15 19:10 - 2013-01-15 19:10 - 00000000 ____D C:\Users\GigabitPony\AppData\Roaming\Adobe
2013-01-15 19:08 - 2013-01-15 19:08 - 00000000 ____D C:\Users\GigabitPony\AppData\Roaming\Mozilla
2013-01-15 19:08 - 2013-01-15 19:08 - 00000000 ____D C:\Users\GigabitPony\AppData\Local\Mozilla
2013-01-15 19:08 - 2013-01-15 19:08 - 00000000 ____D C:\Users\All Users\Mozilla
2013-01-15 19:08 - 2013-01-15 19:08 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2013-01-15 19:06 - 2013-01-15 21:56 - 00074248 ____A (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2013-01-15 19:06 - 2013-01-15 19:06 - 00000000 ____D C:\Windows\SysWOW64\Macromed
2013-01-15 19:01 - 2013-01-15 19:01 - 17811968 ____A (Microsoft Corporation) C:\Windows\System32\mshtml.dll
2013-01-15 19:01 - 2013-01-15 19:01 - 12320256 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2013-01-15 19:01 - 2013-01-15 19:01 - 10925568 ____A (Microsoft Corporation) C:\Windows\System32\ieframe.dll
2013-01-15 19:01 - 2013-01-15 19:01 - 09738240 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2013-01-15 19:01 - 2013-01-15 19:01 - 03695416 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dat
2013-01-15 19:01 - 2013-01-15 19:01 - 03695416 ____A (Microsoft Corporation) C:\Windows\System32\ieapfltr.dat
2013-01-15 19:01 - 2013-01-15 19:01 - 02382848 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2013-01-15 19:01 - 2013-01-15 19:01 - 02382848 ____A (Microsoft Corporation) C:\Windows\System32\mshtml.tlb
2013-01-15 19:01 - 2013-01-15 19:01 - 02312704 ____A (Microsoft Corporation) C:\Windows\System32\jscript9.dll
2013-01-15 19:01 - 2013-01-15 19:01 - 02144768 ____A (Microsoft Corporation) C:\Windows\System32\iertutil.dll
2013-01-15 19:01 - 2013-01-15 19:01 - 01800704 ____A (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2013-01-15 19:01 - 2013-01-15 19:01 - 01793024 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2013-01-15 19:01 - 2013-01-15 19:01 - 01494528 ____A (Microsoft Corporation) C:\Windows\System32\inetcpl.cpl
2013-01-15 19:01 - 2013-01-15 19:01 - 01427968 ____A (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2013-01-15 19:01 - 2013-01-15 19:01 - 01392128 ____A (Microsoft Corporation) C:\Windows\System32\wininet.dll
2013-01-15 19:01 - 2013-01-15 19:01 - 01346048 ____A (Microsoft Corporation) C:\Windows\System32\urlmon.dll
2013-01-15 19:01 - 2013-01-15 19:01 - 01129472 ____A (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2013-01-15 19:01 - 2013-01-15 19:01 - 01103872 ____A (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2013-01-15 19:01 - 2013-01-15 19:01 - 00816640 ____A (Microsoft Corporation) C:\Windows\System32\jscript.dll
2013-01-15 19:01 - 2013-01-15 19:01 - 00729088 ____A (Microsoft Corporation) C:\Windows\System32\msfeeds.dll
2013-01-15 19:01 - 2013-01-15 19:01 - 00717824 ____A (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2013-01-15 19:01 - 2013-01-15 19:01 - 00607744 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2013-01-15 19:01 - 2013-01-15 19:01 - 00599040 ____A (Microsoft Corporation) C:\Windows\System32\vbscript.dll
2013-01-15 19:01 - 2013-01-15 19:01 - 00534528 ____A (Microsoft Corporation) C:\Windows\System32\ieapfltr.dll
2013-01-15 19:01 - 2013-01-15 19:01 - 00452608 ____A (Microsoft Corporation) C:\Windows\System32\dxtmsft.dll
2013-01-15 19:01 - 2013-01-15 19:01 - 00448512 ____A (Microsoft Corporation) C:\Windows\System32\html.iec
2013-01-15 19:01 - 2013-01-15 19:01 - 00434176 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2013-01-15 19:01 - 2013-01-15 19:01 - 00420864 ____A (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2013-01-15 19:01 - 2013-01-15 19:01 - 00403248 ____A (Microsoft Corporation) C:\Windows\System32\iedkcs32.dll
2013-01-15 19:01 - 2013-01-15 19:01 - 00367104 ____A (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2013-01-15 19:01 - 2013-01-15 19:01 - 00353792 ____A (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2013-01-15 19:01 - 2013-01-15 19:01 - 00353584 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2013-01-15 19:01 - 2013-01-15 19:01 - 00282112 ____A (Microsoft Corporation) C:\Windows\System32\dxtrans.dll
2013-01-15 19:01 - 2013-01-15 19:01 - 00267776 ____A (Microsoft Corporation) C:\Windows\System32\ieaksie.dll
2013-01-15 19:01 - 2013-01-15 19:01 - 00249344 ____A (Microsoft Corporation) C:\Windows\System32\webcheck.dll
2013-01-15 19:01 - 2013-01-15 19:01 - 00248320 ____A (Microsoft Corporation) C:\Windows\System32\ieui.dll
2013-01-15 19:01 - 2013-01-15 19:01 - 00237056 ____A (Microsoft Corporation) C:\Windows\System32\url.dll
2013-01-15 19:01 - 2013-01-15 19:01 - 00231936 ____A (Microsoft Corporation) C:\Windows\SysWOW64\url.dll
2013-01-15 19:01 - 2013-01-15 19:01 - 00227840 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieaksie.dll
2013-01-15 19:01 - 2013-01-15 19:01 - 00223232 ____A (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2013-01-15 19:01 - 2013-01-15 19:01 - 00222208 ____A (Microsoft Corporation) C:\Windows\System32\msls31.dll
2013-01-15 19:01 - 2013-01-15 19:01 - 00203776 ____A (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll
2013-01-15 19:01 - 2013-01-15 19:01 - 00197120 ____A (Microsoft Corporation) C:\Windows\System32\msrating.dll
2013-01-15 19:01 - 2013-01-15 19:01 - 00176640 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2013-01-15 19:01 - 2013-01-15 19:01 - 00173056 ____A (Microsoft Corporation) C:\Windows\System32\ieUnatt.exe
2013-01-15 19:01 - 2013-01-15 19:01 - 00165888 ____A (Microsoft Corporation) C:\Windows\System32\iexpress.exe
2013-01-15 19:01 - 2013-01-15 19:01 - 00163840 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieakui.dll
2013-01-15 19:01 - 2013-01-15 19:01 - 00163840 ____A (Microsoft Corporation) C:\Windows\System32\ieakui.dll
2013-01-15 19:01 - 2013-01-15 19:01 - 00162304 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2013-01-15 19:01 - 2013-01-15 19:01 - 00161792 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msls31.dll
2013-01-15 19:01 - 2013-01-15 19:01 - 00160256 ____A (Microsoft Corporation) C:\Windows\System32\wextract.exe
2013-01-15 19:01 - 2013-01-15 19:01 - 00160256 ____A (Microsoft Corporation) C:\Windows\System32\ieakeng.dll
2013-01-15 19:01 - 2013-01-15 19:01 - 00152064 ____A (Microsoft Corporation) C:\Windows\SysWOW64\wextract.exe
2013-01-15 19:01 - 2013-01-15 19:01 - 00150528 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iexpress.exe
2013-01-15 19:01 - 2013-01-15 19:01 - 00149504 ____A (Microsoft Corporation) C:\Windows\System32\occache.dll
2013-01-15 19:01 - 2013-01-15 19:01 - 00145920 ____A (Microsoft Corporation) C:\Windows\System32\iepeers.dll
2013-01-15 19:01 - 2013-01-15 19:01 - 00142848 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2013-01-15 19:01 - 2013-01-15 19:01 - 00135168 ____A (Microsoft Corporation) C:\Windows\System32\IEAdvpack.dll
2013-01-15 19:01 - 2013-01-15 19:01 - 00130560 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieakeng.dll
2013-01-15 19:01 - 2013-01-15 19:01 - 00123392 ____A (Microsoft Corporation) C:\Windows\SysWOW64\occache.dll
2013-01-15 19:01 - 2013-01-15 19:01 - 00118784 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iepeers.dll
2013-01-15 19:01 - 2013-01-15 19:01 - 00114176 ____A (Microsoft Corporation) C:\Windows\System32\admparse.dll
2013-01-15 19:01 - 2013-01-15 19:01 - 00111616 ____A (Microsoft Corporation) C:\Windows\System32\iesysprep.dll
2013-01-15 19:01 - 2013-01-15 19:01 - 00110592 ____A (Microsoft Corporation) C:\Windows\SysWOW64\IEAdvpack.dll
2013-01-15 19:01 - 2013-01-15 19:01 - 00103936 ____A (Microsoft Corporation) C:\Windows\System32\inseng.dll
2013-01-15 19:01 - 2013-01-15 19:01 - 00101888 ____A (Microsoft Corporation) C:\Windows\SysWOW64\admparse.dll
2013-01-15 19:01 - 2013-01-15 19:01 - 00096768 ____A (Microsoft Corporation) C:\Windows\System32\mshtmled.dll
2013-01-15 19:01 - 2013-01-15 19:01 - 00091648 ____A (Microsoft Corporation) C:\Windows\System32\SetIEInstalledDate.exe
2013-01-15 19:01 - 2013-01-15 19:01 - 00089088 ____A (Microsoft Corporation) C:\Windows\System32\RegisterIEPKEYs.exe
2013-01-15 19:01 - 2013-01-15 19:01 - 00089088 ____A (Microsoft Corporation) C:\Windows\System32\ie4uinit.exe
2013-01-15 19:01 - 2013-01-15 19:01 - 00086528 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iesysprep.dll
2013-01-15 19:01 - 2013-01-15 19:01 - 00085504 ____A (Microsoft Corporation) C:\Windows\System32\jsproxy.dll
2013-01-15 19:01 - 2013-01-15 19:01 - 00085504 ____A (Microsoft Corporation) C:\Windows\System32\iesetup.dll
2013-01-15 19:01 - 2013-01-15 19:01 - 00082432 ____A (Microsoft Corporation) C:\Windows\System32\icardie.dll
2013-01-15 19:01 - 2013-01-15 19:01 - 00078848 ____A (Microsoft Corporation) C:\Windows\SysWOW64\inseng.dll
2013-01-15 19:01 - 2013-01-15 19:01 - 00076800 ____A (Microsoft Corporation) C:\Windows\SysWOW64\SetIEInstalledDate.exe
2013-01-15 19:01 - 2013-01-15 19:01 - 00076800 ____A (Microsoft Corporation) C:\Windows\System32\tdc.ocx
2013-01-15 19:01 - 2013-01-15 19:01 - 00074752 ____A (Microsoft Corporation) C:\Windows\SysWOW64\RegisterIEPKEYs.exe
2013-01-15 19:01 - 2013-01-15 19:01 - 00074752 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2013-01-15 19:01 - 2013-01-15 19:01 - 00074240 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ie4uinit.exe
2013-01-15 19:01 - 2013-01-15 19:01 - 00073216 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2013-01-15 19:01 - 2013-01-15 19:01 - 00066048 ____A (Microsoft Corporation) C:\Windows\SysWOW64\icardie.dll
2013-01-15 19:01 - 2013-01-15 19:01 - 00065024 ____A (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2013-01-15 19:01 - 2013-01-15 19:01 - 00065024 ____A (Microsoft Corporation) C:\Windows\System32\pngfilt.dll
2013-01-15 19:01 - 2013-01-15 19:01 - 00063488 ____A (Microsoft Corporation) C:\Windows\SysWOW64\tdc.ocx
2013-01-15 19:01 - 2013-01-15 19:01 - 00055296 ____A (Microsoft Corporation) C:\Windows\System32\msfeedsbs.dll
2013-01-15 19:01 - 2013-01-15 19:01 - 00054272 ____A (Microsoft Corporation) C:\Windows\SysWOW64\pngfilt.dll
2013-01-15 19:01 - 2013-01-15 19:01 - 00049664 ____A (Microsoft Corporation) C:\Windows\System32\imgutil.dll
2013-01-15 19:01 - 2013-01-15 19:01 - 00048640 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtmler.dll
2013-01-15 19:01 - 2013-01-15 19:01 - 00048640 ____A (Microsoft Corporation) C:\Windows\System32\mshtmler.dll
2013-01-15 19:01 - 2013-01-15 19:01 - 00041472 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msfeedsbs.dll
2013-01-15 19:01 - 2013-01-15 19:01 - 00039936 ____A (Microsoft Corporation) C:\Windows\System32\iernonce.dll
2013-01-15 19:01 - 2013-01-15 19:01 - 00035840 ____A (Microsoft Corporation) C:\Windows\SysWOW64\imgutil.dll
2013-01-15 19:01 - 2013-01-15 19:01 - 00031744 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2013-01-15 19:01 - 2013-01-15 19:01 - 00030720 ____A (Microsoft Corporation) C:\Windows\System32\licmgr10.dll
2013-01-15 19:01 - 2013-01-15 19:01 - 00023552 ____A (Microsoft Corporation) C:\Windows\SysWOW64\licmgr10.dll
2013-01-15 19:01 - 2013-01-15 19:01 - 00012288 ____A (Microsoft Corporation) C:\Windows\System32\mshta.exe
2013-01-15 19:01 - 2013-01-15 19:01 - 00011776 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshta.exe
2013-01-15 19:01 - 2013-01-15 19:01 - 00010752 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msfeedssync.exe
2013-01-15 19:01 - 2013-01-15 19:01 - 00010752 ____A (Microsoft Corporation) C:\Windows\System32\msfeedssync.exe
2013-01-15 18:58 - 2013-01-15 19:01 - 00003733 ____A C:\Windows\IE9_main.log
2013-01-15 18:53 - 2012-12-16 09:11 - 00046080 ____A (Adobe Systems) C:\Windows\System32\atmlib.dll
2013-01-15 18:53 - 2012-12-16 06:45 - 00367616 ____A (Adobe Systems Incorporated) C:\Windows\System32\atmfd.dll
2013-01-15 18:53 - 2012-12-16 06:13 - 00295424 ____A (Adobe Systems Incorporated) C:\Windows\SysWOW64\atmfd.dll
2013-01-15 18:53 - 2012-12-16 06:13 - 00034304 ____A (Adobe Systems) C:\Windows\SysWOW64\atmlib.dll
2013-01-15 18:53 - 2012-07-25 19:08 - 00744448 ____A (Microsoft Corporation) C:\Windows\System32\WUDFx.dll
2013-01-15 18:53 - 2012-07-25 19:08 - 00229888 ____A (Microsoft Corporation) C:\Windows\System32\WUDFHost.exe
2013-01-15 18:53 - 2012-07-25 19:08 - 00194048 ____A (Microsoft Corporation) C:\Windows\System32\WUDFPlatform.dll
2013-01-15 18:53 - 2012-07-25 19:08 - 00084992 ____A (Microsoft Corporation) C:\Windows\System32\WUDFSvc.dll
2013-01-15 18:53 - 2012-07-25 19:08 - 00045056 ____A (Microsoft Corporation) C:\Windows\System32\WUDFCoinstaller.dll
2013-01-15 18:53 - 2012-07-25 18:26 - 00198656 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\WUDFRd.sys
2013-01-15 18:53 - 2012-07-25 18:26 - 00087040 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\WUDFPf.sys
2013-01-15 18:53 - 2012-06-02 06:57 - 00000003 ____A C:\Windows\System32\Drivers\MsftWdf_User_01_11_00_Inbox_Critical.Wdf
2013-01-15 18:53 - 2010-09-30 02:41 - 00100864 ____A (Microsoft Corporation) C:\Windows\System32\fontsub.dll
2013-01-15 18:53 - 2010-09-29 22:47 - 00070656 ____A (Microsoft Corporation) C:\Windows\SysWOW64\fontsub.dll
2013-01-15 18:51 - 2012-02-29 22:46 - 00023408 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\fs_rec.sys
2013-01-15 18:51 - 2012-02-29 22:33 - 00081408 ____A (Microsoft Corporation) C:\Windows\System32\imagehlp.dll
2013-01-15 18:51 - 2012-02-29 22:28 - 00005120 ____A (Microsoft Corporation) C:\Windows\System32\wmi.dll
2013-01-15 18:51 - 2012-02-29 21:33 - 00159232 ____A (Microsoft Corporation) C:\Windows\SysWOW64\imagehlp.dll
2013-01-15 18:51 - 2012-02-29 21:29 - 00005120 ____A (Microsoft Corporation) C:\Windows\SysWOW64\wmi.dll
2013-01-15 18:48 - 2012-12-07 05:20 - 00441856 ____A (Microsoft Corporation) C:\Windows\System32\Wpc.dll
2013-01-15 18:48 - 2012-12-07 05:15 - 02746368 ____A (Microsoft Corporation) C:\Windows\System32\gameux.dll
2013-01-15 18:48 - 2012-12-07 04:26 - 00308736 ____A (Microsoft Corporation) C:\Windows\SysWOW64\Wpc.dll
2013-01-15 18:48 - 2012-12-07 04:20 - 02576384 ____A (Microsoft Corporation) C:\Windows\SysWOW64\gameux.dll
2013-01-15 18:48 - 2012-12-07 03:20 - 00045568 ____A (Microsoft) C:\Windows\System32\oflc-nz.rs
2013-01-15 18:48 - 2012-12-07 03:20 - 00044544 ____A (Microsoft) C:\Windows\System32\pegibbfc.rs
2013-01-15 18:48 - 2012-12-07 03:20 - 00043520 ____A (Microsoft) C:\Windows\System32\csrr.rs
2013-01-15 18:48 - 2012-12-07 03:20 - 00030720 ____A (Microsoft) C:\Windows\System32\usk.rs
2013-01-15 18:48 - 2012-12-07 03:20 - 00023552 ____A (Microsoft) C:\Windows\System32\oflc.rs
2013-01-15 18:48 - 2012-12-07 03:20 - 00020480 ____A (Microsoft) C:\Windows\System32\pegi-pt.rs
2013-01-15 18:48 - 2012-12-07 03:20 - 00020480 ____A (Microsoft) C:\Windows\System32\pegi-fi.rs
2013-01-15 18:48 - 2012-12-07 03:19 - 00055296 ____A (Microsoft) C:\Windows\System32\cero.rs
2013-01-15 18:48 - 2012-12-07 03:19 - 00051712 ____A (Microsoft) C:\Windows\System32\esrb.rs
2013-01-15 18:48 - 2012-12-07 03:19 - 00046592 ____A (Microsoft) C:\Windows\System32\fpb.rs
2013-01-15 18:48 - 2012-12-07 03:19 - 00040960 ____A (Microsoft) C:\Windows\System32\cob-au.rs
2013-01-15 18:48 - 2012-12-07 03:19 - 00021504 ____A (Microsoft) C:\Windows\System32\grb.rs
2013-01-15 18:48 - 2012-12-07 03:19 - 00020480 ____A (Microsoft) C:\Windows\System32\pegi.rs
2013-01-15 18:48 - 2012-12-07 03:19 - 00015360 ____A (Microsoft) C:\Windows\System32\djctq.rs
2013-01-15 18:48 - 2012-12-07 02:46 - 00055296 ____A (Microsoft) C:\Windows\SysWOW64\cero.rs
2013-01-15 18:48 - 2012-12-07 02:46 - 00051712 ____A (Microsoft) C:\Windows\SysWOW64\esrb.rs
2013-01-15 18:48 - 2012-12-07 02:46 - 00046592 ____A (Microsoft) C:\Windows\SysWOW64\fpb.rs
2013-01-15 18:48 - 2012-12-07 02:46 - 00045568 ____A (Microsoft) C:\Windows\SysWOW64\oflc-nz.rs
2013-01-15 18:48 - 2012-12-07 02:46 - 00044544 ____A (Microsoft) C:\Windows\SysWOW64\pegibbfc.rs
2013-01-15 18:48 - 2012-12-07 02:46 - 00043520 ____A (Microsoft) C:\Windows\SysWOW64\csrr.rs
2013-01-15 18:48 - 2012-12-07 02:46 - 00040960 ____A (Microsoft) C:\Windows\SysWOW64\cob-au.rs
2013-01-15 18:48 - 2012-12-07 02:46 - 00030720 ____A (Microsoft) C:\Windows\SysWOW64\usk.rs
2013-01-15 18:48 - 2012-12-07 02:46 - 00023552 ____A (Microsoft) C:\Windows\SysWOW64\oflc.rs
2013-01-15 18:48 - 2012-12-07 02:46 - 00021504 ____A (Microsoft) C:\Windows\SysWOW64\grb.rs
2013-01-15 18:48 - 2012-12-07 02:46 - 00020480 ____A (Microsoft) C:\Windows\SysWOW64\pegi-pt.rs
2013-01-15 18:48 - 2012-12-07 02:46 - 00020480 ____A (Microsoft) C:\Windows\SysWOW64\pegi-fi.rs
2013-01-15 18:48 - 2012-12-07 02:46 - 00020480 ____A (Microsoft) C:\Windows\SysWOW64\pegi.rs
2013-01-15 18:48 - 2012-12-07 02:46 - 00015360 ____A (Microsoft) C:\Windows\SysWOW64\djctq.rs
2013-01-15 18:48 - 2012-11-22 19:26 - 03149824 ____A (Microsoft Corporation) C:\Windows\System32\win32k.sys
2013-01-15 18:48 - 2012-11-08 21:45 - 00750592 ____A (Microsoft Corporation) C:\Windows\System32\win32spl.dll
2013-01-15 18:48 - 2012-11-08 21:45 - 00002048 ____A (Microsoft Corporation) C:\Windows\System32\tzres.dll
2013-01-15 18:48 - 2012-11-08 20:43 - 00492032 ____A (Microsoft Corporation) C:\Windows\SysWOW64\win32spl.dll
2013-01-15 18:48 - 2012-11-08 20:42 - 00002048 ____A (Microsoft Corporation) C:\Windows\SysWOW64\tzres.dll
2013-01-15 18:48 - 2012-10-31 21:43 - 02002432 ____A (Microsoft Corporation) C:\Windows\System32\msxml6.dll
2013-01-15 18:48 - 2012-10-31 21:43 - 01882624 ____A (Microsoft Corporation) C:\Windows\System32\msxml3.dll
2013-01-15 18:48 - 2012-10-31 20:47 - 01389568 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msxml6.dll
2013-01-15 18:48 - 2012-10-31 20:47 - 01236992 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msxml3.dll
2013-01-15 18:48 - 2012-08-31 10:19 - 01659760 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\ntfs.sys
2013-01-15 18:48 - 2012-08-30 10:03 - 05559664 ____A (Microsoft Corporation) C:\Windows\System32\ntoskrnl.exe
2013-01-15 18:48 - 2012-08-30 09:12 - 03968880 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2013-01-15 18:48 - 2012-08-30 09:12 - 03914096 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2013-01-15 18:48 - 2012-08-10 16:56 - 00715776 ____A (Microsoft Corporation) C:\Windows\System32\kerberos.dll
2013-01-15 18:48 - 2012-08-10 15:56 - 00542208 ____A (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2013-01-15 18:48 - 2012-06-08 21:43 - 14172672 ____A (Microsoft Corporation) C:\Windows\System32\shell32.dll
2013-01-15 18:48 - 2012-06-08 20:41 - 12873728 ____A (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll
2013-01-15 18:48 - 2012-06-01 21:48 - 00095600 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\ksecdd.sys
2013-01-15 18:48 - 2012-03-02 22:35 - 01544704 ____A (Microsoft Corporation) C:\Windows\System32\DWrite.dll
2013-01-15 18:48 - 2012-03-02 21:31 - 01077248 ____A (Microsoft Corporation) C:\Windows\SysWOW64\DWrite.dll
2013-01-15 18:48 - 2012-02-10 22:36 - 00559104 ____A (Microsoft Corporation) C:\Windows\System32\spoolsv.exe
2013-01-15 18:48 - 2012-02-10 22:36 - 00067072 ____A (Microsoft Corporation) C:\Windows\splwow64.exe
2013-01-15 18:48 - 2012-01-04 02:44 - 00509952 ____A (Microsoft Corporation) C:\Windows\System32\ntshrui.dll
2013-01-15 18:48 - 2012-01-04 00:58 - 00442880 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ntshrui.dll
2013-01-15 18:48 - 2011-11-16 22:35 - 00395776 ____A (Microsoft Corporation) C:\Windows\System32\webio.dll
2013-01-15 18:48 - 2011-11-16 22:35 - 00136192 ____A (Microsoft Corporation) C:\Windows\System32\sspicli.dll
2013-01-15 18:48 - 2011-11-16 22:35 - 00029184 ____A (Microsoft Corporation) C:\Windows\System32\sspisrv.dll
2013-01-15 18:48 - 2011-11-16 22:35 - 00028160 ____A (Microsoft Corporation) C:\Windows\System32\secur32.dll
2013-01-15 18:48 - 2011-11-16 22:33 - 00031232 ____A (Microsoft Corporation) C:\Windows\System32\lsass.exe
2013-01-15 18:48 - 2011-11-16 21:35 - 00314880 ____A (Microsoft Corporation) C:\Windows\SysWOW64\webio.dll
2013-01-15 18:48 - 2011-10-25 21:25 - 01572864 ____A (Microsoft Corporation) C:\Windows\System32\quartz.dll
2013-01-15 18:48 - 2011-10-25 20:32 - 01328128 ____A (Microsoft Corporation) C:\Windows\SysWOW64\quartz.dll
2013-01-15 18:48 - 2011-05-03 21:25 - 02315776 ____A (Microsoft Corporation) C:\Windows\System32\tquery.dll
2013-01-15 18:48 - 2011-05-03 21:22 - 02223616 ____A (Microsoft Corporation) C:\Windows\System32\mssrch.dll
2013-01-15 18:48 - 2011-05-03 21:22 - 00778752 ____A (Microsoft Corporation) C:\Windows\System32\mssvp.dll
2013-01-15 18:48 - 2011-05-03 21:22 - 00491520 ____A (Microsoft Corporation) C:\Windows\System32\mssph.dll
2013-01-15 18:48 - 2011-05-03 21:22 - 00288256 ____A (Microsoft Corporation) C:\Windows\System32\mssphtb.dll
2013-01-15 18:48 - 2011-05-03 21:22 - 00075264 ____A (Microsoft Corporation) C:\Windows\System32\msscntrs.dll
2013-01-15 18:48 - 2011-05-03 21:19 - 00591872 ____A (Microsoft Corporation) C:\Windows\System32\SearchIndexer.exe
2013-01-15 18:48 - 2011-05-03 21:19 - 00249856 ____A (Microsoft Corporation) C:\Windows\System32\SearchProtocolHost.exe
2013-01-15 18:48 - 2011-05-03 21:19 - 00113664 ____A (Microsoft Corporation) C:\Windows\System32\SearchFilterHost.exe
2013-01-15 18:48 - 2011-05-03 20:34 - 01549312 ____A (Microsoft Corporation) C:\Windows\SysWOW64\tquery.dll
2013-01-15 18:48 - 2011-05-03 20:32 - 01401344 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mssrch.dll
2013-01-15 18:48 - 2011-05-03 20:32 - 00666624 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mssvp.dll
2013-01-15 18:48 - 2011-05-03 20:32 - 00337408 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mssph.dll
2013-01-15 18:48 - 2011-05-03 20:32 - 00197120 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mssphtb.dll
2013-01-15 18:48 - 2011-05-03 20:32 - 00059392 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msscntrs.dll
2013-01-15 18:48 - 2011-05-03 20:28 - 00427520 ____A (Microsoft Corporation) C:\Windows\SysWOW64\SearchIndexer.exe
2013-01-15 18:48 - 2011-05-03 20:28 - 00164352 ____A (Microsoft Corporation) C:\Windows\SysWOW64\SearchProtocolHost.exe
2013-01-15 18:48 - 2011-05-03 20:28 - 00086528 ____A (Microsoft Corporation) C:\Windows\SysWOW64\SearchFilterHost.exe
2013-01-15 18:48 - 2011-04-28 19:06 - 00467456 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\srv.sys
2013-01-15 18:48 - 2011-04-28 19:05 - 00410112 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\srv2.sys
2013-01-15 18:48 - 2011-04-28 19:05 - 00168448 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\srvnet.sys
2013-01-15 18:48 - 2011-03-12 04:08 - 01465344 ____A (Microsoft Corporation) C:\Windows\System32\XpsPrint.dll
2013-01-15 18:48 - 2011-03-12 03:23 - 00870912 ____A (Microsoft Corporation) C:\Windows\SysWOW64\XpsPrint.dll
2013-01-15 18:48 - 2011-03-02 22:24 - 00357888 ____A (Microsoft Corporation) C:\Windows\System32\dnsapi.dll
2013-01-15 18:48 - 2011-03-02 22:24 - 00183296 ____A (Microsoft Corporation) C:\Windows\System32\dnsrslvr.dll
2013-01-15 18:48 - 2011-03-02 22:21 - 00030208 ____A (Microsoft Corporation) C:\Windows\System32\dnscacheugc.exe
2013-01-15 18:48 - 2011-03-02 21:38 - 00270336 ____A (Microsoft Corporation) C:\Windows\SysWOW64\dnsapi.dll
2013-01-15 18:48 - 2011-03-02 21:36 - 00028672 ____A (Microsoft Corporation) C:\Windows\SysWOW64\dnscacheugc.exe
2013-01-15 18:48 - 2011-02-24 22:19 - 02871808 ____A (Microsoft Corporation) C:\Windows\explorer.exe
2013-01-15 18:48 - 2011-02-24 21:30 - 02616320 ____A (Microsoft Corporation) C:\Windows\SysWOW64\explorer.exe
2013-01-15 18:48 - 2011-02-19 04:05 - 01139200 ____A (Microsoft Corporation) C:\Windows\System32\FntCache.dll
2013-01-15 18:48 - 2011-02-19 04:04 - 00902656 ____A (Microsoft Corporation) C:\Windows\System32\d2d1.dll
2013-01-15 18:48 - 2011-02-18 22:30 - 00739840 ____A (Microsoft Corporation) C:\Windows\SysWOW64\d2d1.dll
2013-01-15 18:48 - 2010-12-23 02:42 - 01118720 ____A (Microsoft Corporation) C:\Windows\System32\sbe.dll
2013-01-15 18:48 - 2010-12-23 02:42 - 00961024 ____A (Microsoft Corporation) C:\Windows\System32\CPFilters.dll
2013-01-15 18:48 - 2010-12-23 02:36 - 00259072 ____A (Microsoft Corporation) C:\Windows\System32\mpg2splt.ax
2013-01-15 18:48 - 2010-12-22 21:54 - 00850944 ____A (Microsoft Corporation) C:\Windows\SysWOW64\sbe.dll
2013-01-15 18:48 - 2010-12-22 21:54 - 00642048 ____A (Microsoft Corporation) C:\Windows\SysWOW64\CPFilters.dll
2013-01-15 18:48 - 2010-12-22 21:50 - 00199680 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mpg2splt.ax
2013-01-15 18:48 - 2010-06-25 19:55 - 00002048 ____A (Microsoft Corporation) C:\Windows\System32\msxml3r.dll
2013-01-15 18:48 - 2010-06-25 19:24 - 00002048 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msxml3r.dll
2013-01-15 18:47 - 2012-11-29 21:45 - 00362496 ____A (Microsoft Corporation) C:\Windows\System32\wow64win.dll
2013-01-15 18:47 - 2012-11-29 21:45 - 00243200 ____A (Microsoft Corporation) C:\Windows\System32\wow64.dll
2013-01-15 18:47 - 2012-11-29 21:45 - 00215040 ____A (Microsoft Corporation) C:\Windows\System32\winsrv.dll
2013-01-15 18:47 - 2012-11-29 21:45 - 00013312 ____A (Microsoft Corporation) C:\Windows\System32\wow64cpu.dll
2013-01-15 18:47 - 2012-11-29 21:43 - 00016384 ____A (Microsoft Corporation) C:\Windows\System32\ntvdm64.dll
2013-01-15 18:47 - 2012-11-29 21:41 - 01161216 ____A (Microsoft Corporation) C:\Windows\System32\kernel32.dll
2013-01-15 18:47 - 2012-11-29 21:41 - 00424448 ____A (Microsoft Corporation) C:\Windows\System32\KernelBase.dll
2013-01-15 18:47 - 2012-11-29 21:38 - 00006144 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-security-base-l1-1-0.dll
2013-01-15 18:47 - 2012-11-29 21:38 - 00005120 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-file-l1-1-0.dll
2013-01-15 18:47 - 2012-11-29 21:38 - 00004608 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-threadpool-l1-1-0.dll
2013-01-15 18:47 - 2012-11-29 21:38 - 00004608 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-processthreads-l1-1-0.dll
2013-01-15 18:47 - 2012-11-29 21:38 - 00004096 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-sysinfo-l1-1-0.dll
2013-01-15 18:47 - 2012-11-29 21:38 - 00004096 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-synch-l1-1-0.dll
2013-01-15 18:47 - 2012-11-29 21:38 - 00004096 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-localregistry-l1-1-0.dll
2013-01-15 18:47 - 2012-11-29 21:38 - 00004096 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-localization-l1-1-0.dll
2013-01-15 18:47 - 2012-11-29 21:38 - 00003584 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-rtlsupport-l1-1-0.dll
2013-01-15 18:47 - 2012-11-29 21:38 - 00003584 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-processenvironment-l1-1-0.dll
2013-01-15 18:47 - 2012-11-29 21:38 - 00003584 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-namedpipe-l1-1-0.dll
2013-01-15 18:47 - 2012-11-29 21:38 - 00003584 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-misc-l1-1-0.dll
2013-01-15 18:47 - 2012-11-29 21:38 - 00003584 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-memory-l1-1-0.dll
2013-01-15 18:47 - 2012-11-29 21:38 - 00003584 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-libraryloader-l1-1-0.dll
2013-01-15 18:47 - 2012-11-29 21:38 - 00003584 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-heap-l1-1-0.dll
2013-01-15 18:47 - 2012-11-29 21:38 - 00003072 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-xstate-l1-1-0.dll
2013-01-15 18:47 - 2012-11-29 21:38 - 00003072 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-util-l1-1-0.dll
2013-01-15 18:47 - 2012-11-29 21:38 - 00003072 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-string-l1-1-0.dll
2013-01-15 18:47 - 2012-11-29 21:38 - 00003072 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-profile-l1-1-0.dll
2013-01-15 18:47 - 2012-11-29 21:38 - 00003072 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-io-l1-1-0.dll
2013-01-15 18:47 - 2012-11-29 21:38 - 00003072 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-interlocked-l1-1-0.dll
2013-01-15 18:47 - 2012-11-29 21:38 - 00003072 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-handle-l1-1-0.dll
2013-01-15 18:47 - 2012-11-29 21:38 - 00003072 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-fibers-l1-1-0.dll
2013-01-15 18:47 - 2012-11-29 21:38 - 00003072 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-errorhandling-l1-1-0.dll
2013-01-15 18:47 - 2012-11-29 21:38 - 00003072 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-delayload-l1-1-0.dll
2013-01-15 18:47 - 2012-11-29 21:38 - 00003072 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-debug-l1-1-0.dll
2013-01-15 18:47 - 2012-11-29 21:38 - 00003072 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-datetime-l1-1-0.dll
2013-01-15 18:47 - 2012-11-29 21:38 - 00003072 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-console-l1-1-0.dll
2013-01-15 18:47 - 2012-11-29 20:54 - 00005120 ____A (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll
2013-01-15 18:47 - 2012-11-29 20:53 - 01114112 ____A (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll
2013-01-15 18:47 - 2012-11-29 20:53 - 00274944 ____A (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
2013-01-15 18:47 - 2012-11-29 20:45 - 00005120 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l1-1-0.dll
2013-01-15 18:47 - 2012-11-29 20:45 - 00004608 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2013-01-15 18:47 - 2012-11-29 20:45 - 00004096 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2013-01-15 18:47 - 2012-11-29 20:45 - 00004096 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-synch-l1-1-0.dll
2013-01-15 18:47 - 2012-11-29 20:45 - 00004096 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-misc-l1-1-0.dll
2013-01-15 18:47 - 2012-11-29 20:45 - 00004096 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2013-01-15 18:47 - 2012-11-29 20:45 - 00004096 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localization-l1-1-0.dll
2013-01-15 18:47 - 2012-11-29 20:45 - 00003584 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2013-01-15 18:47 - 2012-11-29 20:45 - 00003584 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2013-01-15 18:47 - 2012-11-29 20:45 - 00003584 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-memory-l1-1-0.dll
2013-01-15 18:47 - 2012-11-29 20:45 - 00003584 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2013-01-15 18:47 - 2012-11-29 20:45 - 00003584 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2013-01-15 18:47 - 2012-11-29 20:45 - 00003584 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-heap-l1-1-0.dll
2013-01-15 18:47 - 2012-11-29 20:45 - 00003072 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-string-l1-1-0.dll
2013-01-15 18:47 - 2012-11-29 20:45 - 00003072 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2013-01-15 18:47 - 2012-11-29 20:45 - 00003072 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-profile-l1-1-0.dll
2013-01-15 18:47 - 2012-11-29 20:45 - 00003072 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-io-l1-1-0.dll
2013-01-15 18:47 - 2012-11-29 20:45 - 00003072 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-handle-l1-1-0.dll
2013-01-15 18:47 - 2012-11-29 20:45 - 00003072 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-fibers-l1-1-0.dll
2013-01-15 18:47 - 2012-11-29 20:45 - 00003072 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2013-01-15 18:47 - 2012-11-29 20:45 - 00003072 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-delayload-l1-1-0.dll
2013-01-15 18:47 - 2012-11-29 20:45 - 00003072 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-debug-l1-1-0.dll
2013-01-15 18:47 - 2012-11-29 20:45 - 00003072 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-datetime-l1-1-0.dll
2013-01-15 18:47 - 2012-11-29 20:45 - 00003072 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-console-l1-1-0.dll
2013-01-15 18:47 - 2012-11-29 19:23 - 00338432 ____A (Microsoft Corporation) C:\Windows\System32\conhost.exe
2013-01-15 18:47 - 2012-11-29 18:44 - 00025600 ____A (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe
2013-01-15 18:47 - 2012-11-29 18:44 - 00014336 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll
2013-01-15 18:47 - 2012-11-29 18:44 - 00007680 ____A (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe
2013-01-15 18:47 - 2012-11-29 18:44 - 00002048 ____A (Microsoft Corporation) C:\Windows\SysWOW64\user.exe
2013-01-15 18:47 - 2012-11-29 18:38 - 00006144 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-security-base-l1-1-0.dll
2013-01-15 18:47 - 2012-11-29 18:38 - 00004608 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2013-01-15 18:47 - 2012-11-29 18:38 - 00003584 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-xstate-l1-1-0.dll
2013-01-15 18:47 - 2012-11-29 18:38 - 00003072 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-util-l1-1-0.dll
2013-01-15 18:47 - 2012-11-29 15:17 - 00420064 ____A C:\Windows\SysWOW64\locale.nls
2013-01-15 18:47 - 2012-11-29 15:15 - 00420064 ____A C:\Windows\System32\locale.nls
2013-01-15 18:47 - 2012-11-21 21:44 - 00800768 ____A (Microsoft Corporation) C:\Windows\System32\usp10.dll
2013-01-15 18:47 - 2012-11-21 20:45 - 00626688 ____A (Microsoft Corporation) C:\Windows\SysWOW64\usp10.dll
2013-01-15 18:47 - 2012-11-19 21:48 - 00307200 ____A (Microsoft Corporation) C:\Windows\System32\ncrypt.dll
2013-01-15 18:47 - 2012-11-19 20:51 - 00220160 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2013-01-15 18:47 - 2012-11-01 21:59 - 00478208 ____A (Microsoft Corporation) C:\Windows\System32\dpnet.dll
2013-01-15 18:47 - 2012-11-01 21:11 - 00376832 ____A (Microsoft Corporation) C:\Windows\SysWOW64\dpnet.dll
2013-01-15 18:47 - 2012-09-25 14:47 - 00078336 ____A (Microsoft Corporation) C:\Windows\SysWOW64\synceng.dll
2013-01-15 18:47 - 2012-09-25 14:46 - 00095744 ____A (Microsoft Corporation) C:\Windows\System32\synceng.dll
2013-01-15 18:47 - 2012-08-24 10:05 - 00220160 ____A (Microsoft Corporation) C:\Windows\System32\wintrust.dll
2013-01-15 18:47 - 2012-08-24 08:57 - 00172544 ____A (Microsoft Corporation) C:\Windows\SysWOW64\wintrust.dll
2013-01-15 18:47 - 2012-08-02 09:58 - 00574464 ____A (Microsoft Corporation) C:\Windows\System32\d3d10level9.dll
2013-01-15 18:47 - 2012-08-02 08:57 - 00490496 ____A (Microsoft Corporation) C:\Windows\SysWOW64\d3d10level9.dll
2013-01-15 18:47 - 2012-07-04 14:16 - 00073216 ____A (Microsoft Corporation) C:\Windows\System32\netapi32.dll
2013-01-15 18:47 - 2012-07-04 14:13 - 00136704 ____A (Microsoft Corporation) C:\Windows\System32\browser.dll
2013-01-15 18:47 - 2012-07-04 14:13 - 00059392 ____A (Microsoft Corporation) C:\Windows\System32\browcli.dll
2013-01-15 18:47 - 2012-07-04 13:16 - 00057344 ____A (Microsoft Corporation) C:\Windows\SysWOW64\netapi32.dll
2013-01-15 18:47 - 2012-07-04 13:14 - 00041984 ____A (Microsoft Corporation) C:\Windows\SysWOW64\browcli.dll
2013-01-15 18:47 - 2012-06-01 21:41 - 01464320 ____A (Microsoft Corporation) C:\Windows\System32\crypt32.dll
2013-01-15 18:47 - 2012-06-01 21:41 - 00184320 ____A (Microsoft Corporation) C:\Windows\System32\cryptsvc.dll
2013-01-15 18:47 - 2012-06-01 21:41 - 00140288 ____A (Microsoft Corporation) C:\Windows\System32\cryptnet.dll
2013-01-15 18:47 - 2012-06-01 20:36 - 01159680 ____A (Microsoft Corporation) C:\Windows\SysWOW64\crypt32.dll
2013-01-15 18:47 - 2012-06-01 20:36 - 00140288 ____A (Microsoft Corporation) C:\Windows\SysWOW64\cryptsvc.dll
2013-01-15 18:47 - 2012-06-01 20:36 - 00103936 ____A (Microsoft Corporation) C:\Windows\SysWOW64\cryptnet.dll
2013-01-15 18:47 - 2012-05-05 00:36 - 00503808 ____A (Microsoft Corporation) C:\Windows\System32\srcore.dll
2013-01-15 18:47 - 2012-05-04 23:46 - 00043008 ____A (Microsoft Corporation) C:\Windows\SysWOW64\srclient.dll
2013-01-15 18:47 - 2012-04-30 21:40 - 00209920 ____A (Microsoft Corporation) C:\Windows\System32\profsvc.dll
2013-01-15 18:47 - 2012-04-27 19:55 - 00210944 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\rdpwd.sys
2013-01-15 18:47 - 2012-04-25 21:41 - 00149504 ____A (Microsoft Corporation) C:\Windows\System32\rdpcorekmts.dll
2013-01-15 18:47 - 2012-04-25 21:41 - 00077312 ____A (Microsoft Corporation) C:\Windows\System32\rdpwsx.dll
2013-01-15 18:47 - 2012-04-25 21:34 - 00009216 ____A (Microsoft Corporation) C:\Windows\System32\rdrmemptylst.exe
2013-01-15 18:47 - 2012-04-07 04:31 - 03216384 ____A (Microsoft Corporation) C:\Windows\System32\msi.dll
2013-01-15 18:47 - 2012-04-07 03:26 - 02342400 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msi.dll
2013-01-15 18:47 - 2012-03-16 23:58 - 00075120 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\partmgr.sys
2013-01-15 18:47 - 2011-12-29 22:26 - 00515584 ____A (Microsoft Corporation) C:\Windows\System32\timedate.cpl
2013-01-15 18:47 - 2011-12-29 21:27 - 00478720 ____A (Microsoft Corporation) C:\Windows\SysWOW64\timedate.cpl
2013-01-15 18:47 - 2011-12-27 19:59 - 00498688 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\afd.sys
2013-01-15 18:47 - 2011-10-25 21:21 - 00043520 ____A (Microsoft Corporation) C:\Windows\System32\csrsrv.dll
2013-01-15 18:47 - 2011-08-16 21:26 - 00613888 ____A (Microsoft Corporation) C:\Windows\System32\psisdecd.dll
2013-01-15 18:47 - 2011-08-16 21:25 - 00108032 ____A (Microsoft Corporation) C:\Windows\System32\psisrndr.ax
2013-01-15 18:47 - 2011-08-16 20:24 - 00465408 ____A (Microsoft Corporation) C:\Windows\SysWOW64\psisdecd.dll
2013-01-15 18:47 - 2011-08-16 20:19 - 00075776 ____A (Microsoft Corporation) C:\Windows\SysWOW64\psisrndr.ax
2013-01-15 18:47 - 2011-07-08 18:46 - 00288768 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\mrxsmb10.sys
2013-01-15 18:47 - 2011-06-15 21:49 - 00199680 ____A (Microsoft Corporation) C:\Windows\System32\xmllite.dll
2013-01-15 18:47 - 2011-06-15 20:33 - 00180224 ____A (Microsoft Corporation) C:\Windows\SysWOW64\xmllite.dll
2013-01-15 18:47 - 2011-06-15 02:02 - 00212992 ____A (Microsoft Corporation) C:\Windows\System32\odbctrac.dll
2013-01-15 18:47 - 2011-06-15 02:02 - 00163840 ____A (Microsoft Corporation) C:\Windows\System32\odbccp32.dll
2013-01-15 18:47 - 2011-06-15 02:02 - 00106496 ____A (Microsoft Corporation) C:\Windows\System32\odbccu32.dll
2013-01-15 18:47 - 2011-06-15 02:02 - 00106496 ____A (Microsoft Corporation) C:\Windows\System32\odbccr32.dll
2013-01-15 18:47 - 2011-06-15 00:55 - 00319488 ____A (Microsoft Corporation) C:\Windows\SysWOW64\odbcjt32.dll
2013-01-15 18:47 - 2011-06-15 00:55 - 00163840 ____A (Microsoft Corporation) C:\Windows\SysWOW64\odbctrac.dll
2013-01-15 18:47 - 2011-06-15 00:55 - 00122880 ____A (Microsoft Corporation) C:\Windows\SysWOW64\odbccp32.dll
2013-01-15 18:47 - 2011-06-15 00:55 - 00086016 ____A (Microsoft Corporation) C:\Windows\SysWOW64\odbccu32.dll
2013-01-15 18:47 - 2011-06-15 00:55 - 00081920 ____A (Microsoft Corporation) C:\Windows\SysWOW64\odbccr32.dll
2013-01-15 18:47 - 2011-05-24 03:42 - 00404480 ____A (Microsoft Corporation) C:\Windows\System32\umpnpmgr.dll
2013-01-15 18:47 - 2011-05-24 02:40 - 00064512 ____A (Microsoft Corporation) C:\Windows\SysWOW64\devobj.dll
2013-01-15 18:47 - 2011-05-24 02:40 - 00044544 ____A (Microsoft Corporation) C:\Windows\SysWOW64\devrtl.dll
2013-01-15 18:47 - 2011-05-24 02:39 - 00145920 ____A (Microsoft Corporation) C:\Windows\SysWOW64\cfgmgr32.dll
2013-01-15 18:47 - 2011-05-24 02:37 - 00252928 ____A (Microsoft Corporation) C:\Windows\SysWOW64\drvinst.exe
2013-01-15 18:47 - 2011-04-26 18:40 - 00158208 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\mrxsmb.sys
2013-01-15 18:47 - 2011-04-26 18:39 - 00128000 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\mrxsmb20.sys
2013-01-15 18:47 - 2011-04-22 14:15 - 00027520 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\Diskdump.sys
2013-01-15 18:47 - 2011-04-08 22:58 - 00142336 ____A (Microsoft Corporation) C:\Windows\System32\poqexec.exe
2013-01-15 18:47 - 2011-04-08 21:56 - 00123904 ____A (Microsoft Corporation) C:\Windows\SysWOW64\poqexec.exe
2013-01-15 18:47 - 2011-03-10 22:34 - 01395712 ____A (Microsoft Corporation) C:\Windows\System32\mfc42.dll
2013-01-15 18:47 - 2011-03-10 22:34 - 01359872 ____A (Microsoft Corporation) C:\Windows\System32\mfc42u.dll
2013-01-15 18:47 - 2011-03-10 21:33 - 01164288 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mfc42u.dll
2013-01-15 18:47 - 2011-03-10 21:33 - 01137664 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mfc42.dll
2013-01-15 18:47 - 2011-02-23 22:15 - 00476160 ____A (Microsoft Corporation) C:\Windows\System32\XpsGdiConverter.dll
2013-01-15 18:47 - 2011-02-23 21:38 - 00288256 ____A (Microsoft Corporation) C:\Windows\SysWOW64\XpsGdiConverter.dll
2013-01-15 18:47 - 2011-02-18 02:51 - 00031232 ____A (Microsoft Corporation) C:\Windows\System32\prevhost.exe
2013-01-15 18:47 - 2011-02-17 21:39 - 00031232 ____A (Microsoft Corporation) C:\Windows\SysWOW64\prevhost.exe
2013-01-15 18:47 - 2011-02-05 09:10 - 00642944 ____A (Microsoft Corporation) C:\Windows\System32\winload.efi
2013-01-15 18:47 - 2011-02-05 09:10 - 00020352 ____A (Microsoft Corporation) C:\Windows\System32\kdusb.dll
2013-01-15 18:47 - 2011-02-05 09:10 - 00019328 ____A (Microsoft Corporation) C:\Windows\System32\kd1394.dll
2013-01-15 18:47 - 2011-02-05 09:10 - 00017792 ____A (Microsoft Corporation) C:\Windows\System32\kdcom.dll
2013-01-15 18:47 - 2011-02-05 09:06 - 00605552 ____A (Microsoft Corporation) C:\Windows\System32\winload.exe
2013-01-15 18:47 - 2011-02-05 09:06 - 00566208 ____A (Microsoft Corporation) C:\Windows\System32\winresume.efi
2013-01-15 18:47 - 2011-02-05 09:06 - 00518672 ____A (Microsoft Corporation) C:\Windows\System32\winresume.exe
2013-01-15 18:47 - 2011-01-17 03:09 - 00197120 ____A (Microsoft Corporation) C:\Windows\System32\d3d10_1.dll
2013-01-15 18:47 - 2011-01-16 21:47 - 00161792 ____A (Microsoft Corporation) C:\Windows\SysWOW64\d3d10_1.dll
2013-01-15 18:47 - 2010-11-20 05:27 - 00063488 ____A (Microsoft Corporation) C:\Windows\System32\setbcdlocale.dll
2013-01-15 18:47 - 2010-11-20 05:27 - 00033792 ____A (Microsoft Corporation) C:\Windows\System32\profprov.dll
2013-01-15 18:47 - 2010-11-20 05:26 - 00321024 ____A (Microsoft Corporation) C:\Windows\System32\d3d10_1core.dll
2013-01-15 18:47 - 2010-11-20 05:25 - 00296960 ____A (Microsoft Corporation) C:\Windows\System32\rstrui.exe
2013-01-15 18:47 - 2010-11-20 05:25 - 00207872 ____A (Microsoft Corporation) C:\Windows\System32\cfgmgr32.dll
2013-01-15 18:47 - 2010-11-20 05:24 - 00288256 ____A (Microsoft Corporation) C:\Windows\System32\MSNP.ax
2013-01-15 18:47 - 2010-11-20 05:24 - 00104960 ____A (Microsoft Corporation) C:\Windows\System32\Mpeg2Data.ax
2013-01-15 18:47 - 2010-11-20 05:24 - 00075776 ____A (Microsoft Corporation) C:\Windows\System32\MSDvbNP.ax
2013-01-15 18:47 - 2010-11-20 04:58 - 00003072 ____A (Microsoft Corporation) C:\Windows\System32\dpnaddr.dll
2013-01-15 18:47 - 2010-11-20 04:18 - 00219136 ____A (Microsoft Corporation) C:\Windows\SysWOW64\d3d10_1core.dll
2013-01-15 18:47 - 2010-11-20 04:16 - 00204288 ____A (Microsoft Corporation) C:\Windows\SysWOW64\MSNP.ax
2013-01-15 18:47 - 2010-11-20 04:16 - 00072704 ____A (Microsoft Corporation) C:\Windows\SysWOW64\Mpeg2Data.ax
2013-01-15 18:47 - 2010-11-20 04:16 - 00059904 ____A (Microsoft Corporation) C:\Windows\SysWOW64\MSDvbNP.ax
2013-01-15 18:47 - 2010-11-20 03:57 - 00002560 ____A (Microsoft Corporation) C:\Windows\SysWOW64\dpnaddr.dll
2013-01-15 18:45 - 2013-01-16 14:40 - 00000000 ____D C:\Users\GigabitPony\AppData\Roaming\X-Chat 2
2013-01-15 18:45 - 2013-01-15 18:45 - 00000689 ____A C:\Users\GigabitPony\Desktop\XChat.lnk
2013-01-15 18:44 - 2012-06-05 22:02 - 01133568 ____A (Microsoft Corporation) C:\Windows\System32\cdosys.dll
2013-01-15 18:44 - 2012-06-05 21:03 - 00805376 ____A (Microsoft Corporation) C:\Windows\SysWOW64\cdosys.dll
2013-01-15 18:44 - 2012-05-13 21:26 - 00956928 ____A (Microsoft Corporation) C:\Windows\System32\localspl.dll
2013-01-15 18:44 - 2011-12-16 00:46 - 00634880 ____A (Microsoft Corporation) C:\Windows\System32\msvcrt.dll
2013-01-15 18:44 - 2011-12-15 23:52 - 00690688 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msvcrt.dll
2013-01-15 18:44 - 2011-11-16 22:41 - 01731920 ____A (Microsoft Corporation) C:\Windows\System32\ntdll.dll
2013-01-15 18:44 - 2011-11-16 21:38 - 01292080 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
2013-01-15 18:44 - 2011-10-14 22:31 - 00723456 ____A (Microsoft Corporation) C:\Windows\System32\EncDec.dll
2013-01-15 18:44 - 2011-10-14 21:38 - 00534528 ____A (Microsoft Corporation) C:\Windows\SysWOW64\EncDec.dll
2013-01-15 18:44 - 2011-08-26 21:37 - 00861696 ____A (Microsoft Corporation) C:\Windows\System32\oleaut32.dll
2013-01-15 18:44 - 2011-08-26 21:37 - 00331776 ____A (Microsoft Corporation) C:\Windows\System32\oleacc.dll
2013-01-15 18:44 - 2011-08-26 20:26 - 00571904 ____A (Microsoft Corporation) C:\Windows\SysWOW64\oleaut32.dll
2013-01-15 18:44 - 2011-08-26 20:26 - 00233472 ____A (Microsoft Corporation) C:\Windows\SysWOW64\oleacc.dll
2013-01-15 18:44 - 2011-05-02 21:29 - 00976896 ____A (Microsoft Corporation) C:\Windows\System32\inetcomm.dll
2013-01-15 18:44 - 2011-05-02 20:30 - 00741376 ____A (Microsoft Corporation) C:\Windows\SysWOW64\inetcomm.dll
2013-01-15 18:44 - 2011-02-22 20:55 - 00090624 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\bowser.sys
2013-01-15 18:44 - 2011-02-12 03:34 - 00267776 ____A (Microsoft Corporation) C:\Windows\System32\FXSCOVER.exe
2013-01-15 18:44 - 2010-11-20 05:25 - 00974336 ____A (Microsoft Corporation) C:\Windows\System32\WFS.exe
2013-01-15 18:43 - 2011-11-19 06:58 - 00077312 ____A (Microsoft Corporation) C:\Windows\System32\packager.dll
2013-01-15 18:43 - 2011-11-19 06:01 - 00067072 ____A (Microsoft Corporation) C:\Windows\SysWOW64\packager.dll
2013-01-15 18:41 - 2013-01-15 19:54 - 00003163 ____A C:\Windows\IE10_main.log
2013-01-15 18:41 - 2012-12-27 19:42 - 00000332 ____A C:\Users\GigabitPony\Desktop\Teslacoildiagram.txt
2013-01-15 17:45 - 2012-05-31 08:25 - 00279656 _____ (Microsoft Corporation) C:\Windows\System32\MpSigStub.exe
2013-01-15 17:26 - 2013-01-15 19:51 - 00058016 ____A C:\Users\GigabitPony\AppData\Local\GDIPFONTCACHEV1.DAT
2013-01-15 17:26 - 2013-01-15 17:26 - 00000000 ____D C:\Users\GigabitPony\AppData\Roaming\ATI
2013-01-15 17:26 - 2013-01-15 17:26 - 00000000 ____D C:\Users\GigabitPony\AppData\Local\ATI
2013-01-15 17:26 - 2013-01-15 17:26 - 00000000 ____D C:\Users\GigabitPony\AppData\Local\AMD
2013-01-15 17:26 - 2013-01-15 17:26 - 00000000 ____D C:\Users\All Users\ATI
2013-01-15 17:26 - 2013-01-15 17:26 - 00000000 ____A C:\Windows\ativpsrm.bin
2013-01-15 17:20 - 2013-01-15 17:20 - 00000000 ____D C:\Users\All Users\AMD
2013-01-15 17:20 - 2013-01-15 17:20 - 00000000 ____D C:\Program Files\Common Files\ATI Technologies
2013-01-15 17:20 - 2013-01-15 17:20 - 00000000 ____D C:\Program Files (x86)\AMD AVT
2013-01-15 17:20 - 2013-01-15 17:20 - 00000000 ____D C:\Program Files (x86)\AMD APP
2013-01-15 17:19 - 2013-01-15 17:19 - 00000000 ____D C:\Program Files (x86)\ATI Technologies
2013-01-15 17:18 - 2013-01-15 17:20 - 00000000 ____D C:\Program Files\ATI Technologies
2013-01-15 17:18 - 2013-01-15 17:18 - 00000000 ____D C:\Program Files\ATI
2013-01-15 17:17 - 2013-01-15 17:17 - 00000000 ____D C:\AMD
2013-01-15 17:17 - 2012-02-16 22:38 - 01031680 ____A (Microsoft Corporation) C:\Windows\System32\rdpcore.dll
2013-01-15 17:17 - 2012-02-16 21:34 - 00826880 ____A (Microsoft Corporation) C:\Windows\SysWOW64\rdpcore.dll
2013-01-15 17:17 - 2012-02-16 20:57 - 00023552 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\tdtcp.sys
2013-01-15 17:14 - 2013-01-16 14:40 - 01207593 ____A C:\Windows\WindowsUpdate.log
2013-01-15 17:14 - 2013-01-15 20:22 - 00000000 ____D C:\users\GigabitPony
2013-01-15 17:14 - 2013-01-15 17:14 - 00000020 ___SH C:\Users\GigabitPony\ntuser.ini
2013-01-15 17:14 - 2013-01-15 17:14 - 00000000 __SHD C:\Recovery
2013-01-15 17:14 - 2013-01-15 17:14 - 00000000 ____D C:\Users\GigabitPony\AppData\Local\VirtualStore
2013-01-15 17:14 - 2012-06-02 14:19 - 02428952 ____A (Microsoft Corporation) C:\Windows\System32\wuaueng.dll
2013-01-15 17:14 - 2012-06-02 14:19 - 00701976 ____A (Microsoft Corporation) C:\Windows\System32\wuapi.dll
2013-01-15 17:14 - 2012-06-02 14:19 - 00057880 ____A (Microsoft Corporation) C:\Windows\System32\wuauclt.exe
2013-01-15 17:14 - 2012-06-02 14:19 - 00044056 ____A (Microsoft Corporation) C:\Windows\System32\wups2.dll
2013-01-15 17:14 - 2012-06-02 14:19 - 00038424 ____A (Microsoft Corporation) C:\Windows\System32\wups.dll
2013-01-15 17:14 - 2012-06-02 14:15 - 02622464 ____A (Microsoft Corporation) C:\Windows\System32\wucltux.dll
2013-01-15 17:14 - 2012-06-02 14:15 - 00099840 ____A (Microsoft Corporation) C:\Windows\System32\wudriver.dll
2013-01-15 17:14 - 2012-06-02 12:19 - 00186752 ____A (Microsoft Corporation) C:\Windows\System32\wuwebv.dll
2013-01-15 17:14 - 2012-06-02 12:15 - 00036864 ____A (Microsoft Corporation) C:\Windows\System32\wuapp.exe


==================== One Month Modified Files and Folders =======

2013-01-16 17:58 - 2013-01-16 17:58 - 00000000 ____D C:\FRST
2013-01-16 14:41 - 2013-01-15 20:30 - 01474832 ____A C:\Windows\System32\Drivers\sfi.dat
2013-01-16 14:40 - 2013-01-16 14:22 - 00000000 ____D C:\Users\GigabitPony\AppData\Roaming\Skype
2013-01-16 14:40 - 2013-01-15 18:45 - 00000000 ____D C:\Users\GigabitPony\AppData\Roaming\X-Chat 2
2013-01-16 14:40 - 2013-01-15 17:14 - 01207593 ____A C:\Windows\WindowsUpdate.log
2013-01-16 14:40 - 2009-07-13 19:20 - 00000000 ____D C:\Windows\PolicyDefinitions
2013-01-16 14:39 - 2009-07-13 21:13 - 00726316 ____A C:\Windows\System32\PerfStringBackup.INI
2013-01-16 14:22 - 2013-01-16 14:21 - 00000000 ____D C:\Users\All Users\Skype
2013-01-16 14:17 - 2013-01-16 14:17 - 00000000 ____D C:\Users\GigabitPony\Desktop\bleepingcomputerhelp
2013-01-16 14:11 - 2013-01-16 13:32 - 00000000 ____D C:\Users\GigabitPony\AppData\Roaming\.minecraft
2013-01-16 14:06 - 2013-01-15 20:01 - 00000908 ____A C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2013-01-16 14:00 - 2013-01-16 13:59 - 00000000 ____D C:\Users\GigabitPony\Desktop\Games
2013-01-16 13:44 - 2013-01-16 13:43 - 00000000 ____D C:\Users\GigabitPony\AppData\Roaming\WinRAR
2013-01-16 13:36 - 2009-07-13 20:45 - 00014752 ___AH C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2013-01-16 13:36 - 2009-07-13 20:45 - 00014752 ___AH C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2013-01-16 13:30 - 2013-01-15 20:18 - 00000000 ____D C:\Users\GigabitPony\AppData\Roaming\Dropbox
2013-01-16 13:29 - 2013-01-15 21:02 - 00007258 ____A C:\Windows\PFRO.log
2013-01-16 13:29 - 2013-01-15 20:01 - 00000904 ____A C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2013-01-16 13:29 - 2009-07-13 21:08 - 00000006 ___AH C:\Windows\Tasks\SA.DAT
2013-01-16 13:29 - 2009-07-13 20:51 - 00025073 ____A C:\Windows\setupact.log
2013-01-16 12:57 - 2013-01-16 12:56 - 00000000 ____D C:\Users\All Users\HitmanPro
2013-01-16 12:56 - 2013-01-16 12:56 - 00000000 ____D C:\Program Files\HitmanPro
2013-01-16 12:55 - 2013-01-16 12:55 - 00000938 ____A C:\AdwCleaner[R3].txt
2013-01-16 12:55 - 2013-01-16 12:55 - 00000879 ____A C:\AdwCleaner[R2].txt
2013-01-16 12:49 - 2013-01-16 12:49 - 00000820 ____A C:\AdwCleaner[R1].txt
2013-01-16 12:40 - 2013-01-15 20:29 - 00056072 ____A (COMODO CA Limited) C:\Windows\System32\certsentry.dll
2013-01-16 12:40 - 2013-01-15 20:29 - 00047368 ____A (COMODO CA Limited) C:\Windows\SysWOW64\certsentry.dll
2013-01-16 12:40 - 2013-01-15 20:28 - 00000000 ____D C:\Program Files (x86)\Comodo
2013-01-15 21:58 - 2013-01-15 21:58 - 00000000 ____D C:\Windows\SysWOW64\Adobe
2013-01-15 21:57 - 2013-01-15 21:55 - 00000000 ____D C:\Users\All Users\Adobe
2013-01-15 21:56 - 2013-01-15 21:56 - 00018960 ____A (Logitech, Inc.) C:\Windows\System32\Drivers\LNonPnP.sys
2013-01-15 21:56 - 2013-01-15 21:56 - 00000388 ____A C:\Windows\LkmdfCoInst.log
2013-01-15 21:56 - 2013-01-15 21:56 - 00000000 ____D C:\Users\GigabitPony\AppData\Roaming\Leadertech
2013-01-15 21:56 - 2013-01-15 21:56 - 00000000 ____D C:\Users\GigabitPony\AppData\Local\Logitech
2013-01-15 21:56 - 2013-01-15 21:55 - 00000000 ____D C:\Program Files\Logitech Gaming Software
2013-01-15 21:56 - 2013-01-15 21:45 - 00697864 ____A (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2013-01-15 21:56 - 2013-01-15 19:06 - 00074248 ____A (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2013-01-15 21:55 - 2013-01-15 21:55 - 00000000 ____D C:\Users\GigabitPony\AppData\Roaming\Logitech
2013-01-15 21:55 - 2013-01-15 21:55 - 00000000 ____D C:\Users\GigabitPony\AppData\Roaming\Logishrd
2013-01-15 21:55 - 2013-01-15 21:55 - 00000000 ____D C:\Users\All Users\LogiShrd
2013-01-15 21:46 - 2013-01-15 21:46 - 00000000 ____D C:\Users\GigabitPony\AppData\Local\Macromedia
2013-01-15 21:45 - 2013-01-15 21:45 - 00000000 ____D C:\Windows\System32\Macromed
2013-01-15 21:02 - 2009-07-13 20:45 - 00275712 ____A C:\Windows\System32\FNTCACHE.DAT
2013-01-15 20:58 - 2009-07-13 23:47 - 00000000 ____D C:\Program Files\Windows Journal
2013-01-15 20:58 - 2009-07-13 21:32 - 00000000 ____D C:\Program Files\Windows Sidebar
2013-01-15 20:58 - 2009-07-13 21:32 - 00000000 ____D C:\Program Files\Windows Portable Devices
2013-01-15 20:58 - 2009-07-13 21:32 - 00000000 ____D C:\Program Files\Windows Photo Viewer
2013-01-15 20:58 - 2009-07-13 21:32 - 00000000 ____D C:\Program Files\Windows Defender
2013-01-15 20:58 - 2009-07-13 21:32 - 00000000 ____D C:\Program Files\DVD Maker
2013-01-15 20:58 - 2009-07-13 21:32 - 00000000 ____D C:\Program Files (x86)\Windows Sidebar
2013-01-15 20:58 - 2009-07-13 21:32 - 00000000 ____D C:\Program Files (x86)\Windows Portable Devices
2013-01-15 20:58 - 2009-07-13 21:32 - 00000000 ____D C:\Program Files (x86)\Windows Photo Viewer
2013-01-15 20:58 - 2009-07-13 19:20 - 00000000 ____D C:\Windows\SysWOW64\sppui
2013-01-15 20:58 - 2009-07-13 19:20 - 00000000 ____D C:\Windows\SysWOW64\Setup
2013-01-15 20:58 - 2009-07-13 19:20 - 00000000 ____D C:\Windows\SysWOW64\oobe
2013-01-15 20:58 - 2009-07-13 19:20 - 00000000 ____D C:\Windows\SysWOW64\migwiz
2013-01-15 20:58 - 2009-07-13 19:20 - 00000000 ____D C:\Windows\SysWOW64\manifeststore
2013-01-15 20:58 - 2009-07-13 19:20 - 00000000 ____D C:\Windows\SysWOW64\Dism
2013-01-15 20:58 - 2009-07-13 19:20 - 00000000 ____D C:\Windows\SysWOW64\AdvancedInstallers
2013-01-15 20:58 - 2009-07-13 19:20 - 00000000 ____D C:\Windows\System32\sppui
2013-01-15 20:58 - 2009-07-13 19:20 - 00000000 ____D C:\Windows\System32\Setup
2013-01-15 20:58 - 2009-07-13 19:20 - 00000000 ____D C:\Windows\System32\oobe
2013-01-15 20:58 - 2009-07-13 19:20 - 00000000 ____D C:\Windows\System32\migwiz
2013-01-15 20:58 - 2009-07-13 19:20 - 00000000 ____D C:\Windows\System32\manifeststore
2013-01-15 20:58 - 2009-07-13 19:20 - 00000000 ____D C:\Windows\System32\Dism
2013-01-15 20:58 - 2009-07-13 19:20 - 00000000 ____D C:\Windows\System32\AdvancedInstallers
2013-01-15 20:58 - 2009-07-13 19:20 - 00000000 ____D C:\Windows\servicing
2013-01-15 20:58 - 2009-07-13 19:20 - 00000000 ____D C:\Program Files\Common Files\System
2013-01-15 20:55 - 2009-07-13 18:36 - 00175616 ____A (Microsoft Corporation) C:\Windows\System32\msclmd.dll
2013-01-15 20:55 - 2009-07-13 18:36 - 00152576 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msclmd.dll
2013-01-15 20:36 - 2013-01-15 20:36 - 00000000 ____D C:\Windows\System32\SPReview
2013-01-15 20:36 - 2013-01-15 20:36 - 00000000 ____D C:\Windows\System32\EventProviders
2013-01-15 20:30 - 2013-01-15 20:30 - 00000000 ___SD C:\Users\All Users\Shared Space
2013-01-15 20:30 - 2013-01-15 20:29 - 00000000 ____D C:\Users\All Users\COMODO
2013-01-15 20:29 - 2013-01-15 20:29 - 00000000 ____D C:\Users\GigabitPony\AppData\Local\Comodo
2013-01-15 20:28 - 2013-01-15 20:28 - 01700352 ____A (Microsoft Corporation) C:\Windows\SysWOW64\gdiplus.dll
2013-01-15 20:28 - 2013-01-15 20:28 - 01060864 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mfc71.dll
2013-01-15 20:28 - 2013-01-15 20:28 - 00348160 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msvcr71.dll
2013-01-15 20:28 - 2013-01-15 20:28 - 00000000 ____D C:\Users\All Users\Comodo Downloader
2013-01-15 20:26 - 2013-01-15 20:26 - 00000000 ____D C:\Users\GigabitPony\AppData\Roaming\Malwarebytes
2013-01-15 20:25 - 2013-01-15 20:25 - 00000000 ____D C:\Users\All Users\Malwarebytes
2013-01-15 20:22 - 2013-01-15 17:14 - 00000000 ____D C:\users\GigabitPony
2013-01-15 20:18 - 2013-01-15 20:18 - 00859552 ____A (Oracle Corporation) C:\Windows\SysWOW64\npDeployJava1.dll
2013-01-15 20:18 - 2013-01-15 20:18 - 00780192 ____A (Oracle Corporation) C:\Windows\SysWOW64\deployJava1.dll
2013-01-15 20:18 - 2013-01-15 20:18 - 00261024 ____A (Oracle Corporation) C:\Windows\SysWOW64\javaws.exe
2013-01-15 20:18 - 2013-01-15 20:18 - 00174496 ____A (Oracle Corporation) C:\Windows\SysWOW64\javaw.exe
2013-01-15 20:18 - 2013-01-15 20:18 - 00174496 ____A (Oracle Corporation) C:\Windows\SysWOW64\java.exe
2013-01-15 20:18 - 2013-01-15 20:18 - 00095648 ____A (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2013-01-15 20:18 - 2013-01-15 20:18 - 00000000 ____D C:\Users\All Users\Sun
2013-01-15 20:18 - 2013-01-15 20:18 - 00000000 ____D C:\Program Files (x86)\Java
2013-01-15 20:16 - 2013-01-15 20:16 - 00000000 ____D C:\Users\All Users\McAfee
2013-01-15 20:11 - 2009-07-13 19:20 - 00000000 ____D C:\Windows\rescache
2013-01-15 20:08 - 2013-01-15 20:08 - 00001313 ____A C:\Windows\TSSysprep.log
2013-01-15 20:08 - 2009-07-13 20:46 - 00001774 ____A C:\Windows\DtcInstall.log
2013-01-15 20:08 - 2009-07-13 19:20 - 00000000 ____D C:\Windows\System32\sysprep
2013-01-15 20:06 - 2013-01-15 20:06 - 00000000 ___AH C:\Windows\System32\Drivers\Msft_User_WpdFs_01_09_00.Wdf
2013-01-15 20:06 - 2009-07-13 23:46 - 00000000 ____D C:\Windows\CSC
2013-01-15 20:05 - 2009-07-13 21:38 - 00025600 __ASH C:\Windows\System32\config\BCD-Template.LOG
2013-01-15 20:05 - 2009-07-13 21:32 - 00028672 ____A C:\Windows\System32\config\BCD-Template
2013-01-15 20:04 - 2013-01-15 20:04 - 00000000 ____D C:\Users\GigabitPony\AppData\LocalGoogle
2013-01-15 20:04 - 2013-01-15 20:01 - 00000000 ____D C:\Users\GigabitPony\AppData\Local\Google
2013-01-15 20:04 - 2013-01-15 20:01 - 00000000 ____D C:\Program Files (x86)\Google
2013-01-15 19:54 - 2013-01-15 18:41 - 00003163 ____A C:\Windows\IE10_main.log
2013-01-15 19:51 - 2013-01-15 17:26 - 00058016 ____A C:\Users\GigabitPony\AppData\Local\GDIPFONTCACHEV1.DAT
2013-01-15 19:10 - 2013-01-15 19:10 - 00000000 ____D C:\Users\GigabitPony\AppData\Roaming\Macromedia
2013-01-15 19:10 - 2013-01-15 19:10 - 00000000 ____D C:\Users\GigabitPony\AppData\Roaming\Adobe
2013-01-15 19:08 - 2013-01-15 19:08 - 00000000 ____D C:\Users\GigabitPony\AppData\Roaming\Mozilla
2013-01-15 19:08 - 2013-01-15 19:08 - 00000000 ____D C:\Users\GigabitPony\AppData\Local\Mozilla
2013-01-15 19:08 - 2013-01-15 19:08 - 00000000 ____D C:\Users\All Users\Mozilla
2013-01-15 19:08 - 2013-01-15 19:08 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2013-01-15 19:06 - 2013-01-15 19:06 - 00000000 ____D C:\Windows\SysWOW64\Macromed
2013-01-15 19:01 - 2013-01-15 19:01 - 17811968 ____A (Microsoft Corporation) C:\Windows\System32\mshtml.dll
2013-01-15 19:01 - 2013-01-15 19:01 - 12320256 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2013-01-15 19:01 - 2013-01-15 19:01 - 10925568 ____A (Microsoft Corporation) C:\Windows\System32\ieframe.dll
2013-01-15 19:01 - 2013-01-15 19:01 - 09738240 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2013-01-15 19:01 - 2013-01-15 19:01 - 03695416 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dat
2013-01-15 19:01 - 2013-01-15 19:01 - 03695416 ____A (Microsoft Corporation) C:\Windows\System32\ieapfltr.dat
2013-01-15 19:01 - 2013-01-15 19:01 - 02382848 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2013-01-15 19:01 - 2013-01-15 19:01 - 02382848 ____A (Microsoft Corporation) C:\Windows\System32\mshtml.tlb
2013-01-15 19:01 - 2013-01-15 19:01 - 02312704 ____A (Microsoft Corporation) C:\Windows\System32\jscript9.dll
2013-01-15 19:01 - 2013-01-15 19:01 - 02144768 ____A (Microsoft Corporation) C:\Windows\System32\iertutil.dll
2013-01-15 19:01 - 2013-01-15 19:01 - 01800704 ____A (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2013-01-15 19:01 - 2013-01-15 19:01 - 01793024 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2013-01-15 19:01 - 2013-01-15 19:01 - 01494528 ____A (Microsoft Corporation) C:\Windows\System32\inetcpl.cpl
2013-01-15 19:01 - 2013-01-15 19:01 - 01427968 ____A (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2013-01-15 19:01 - 2013-01-15 19:01 - 01392128 ____A (Microsoft Corporation) C:\Windows\System32\wininet.dll
2013-01-15 19:01 - 2013-01-15 19:01 - 01346048 ____A (Microsoft Corporation) C:\Windows\System32\urlmon.dll
2013-01-15 19:01 - 2013-01-15 19:01 - 01129472 ____A (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2013-01-15 19:01 - 2013-01-15 19:01 - 01103872 ____A (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2013-01-15 19:01 - 2013-01-15 19:01 - 00816640 ____A (Microsoft Corporation) C:\Windows\System32\jscript.dll
2013-01-15 19:01 - 2013-01-15 19:01 - 00729088 ____A (Microsoft Corporation) C:\Windows\System32\msfeeds.dll
2013-01-15 19:01 - 2013-01-15 19:01 - 00717824 ____A (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2013-01-15 19:01 - 2013-01-15 19:01 - 00607744 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2013-01-15 19:01 - 2013-01-15 19:01 - 00599040 ____A (Microsoft Corporation) C:\Windows\System32\vbscript.dll
2013-01-15 19:01 - 2013-01-15 19:01 - 00534528 ____A (Microsoft Corporation) C:\Windows\System32\ieapfltr.dll
2013-01-15 19:01 - 2013-01-15 19:01 - 00452608 ____A (Microsoft Corporation) C:\Windows\System32\dxtmsft.dll
2013-01-15 19:01 - 2013-01-15 19:01 - 00448512 ____A (Microsoft Corporation) C:\Windows\System32\html.iec
2013-01-15 19:01 - 2013-01-15 19:01 - 00434176 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2013-01-15 19:01 - 2013-01-15 19:01 - 00420864 ____A (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2013-01-15 19:01 - 2013-01-15 19:01 - 00403248 ____A (Microsoft Corporation) C:\Windows\System32\iedkcs32.dll
2013-01-15 19:01 - 2013-01-15 19:01 - 00367104 ____A (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2013-01-15 19:01 - 2013-01-15 19:01 - 00353792 ____A (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2013-01-15 19:01 - 2013-01-15 19:01 - 00353584 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2013-01-15 19:01 - 2013-01-15 19:01 - 00282112 ____A (Microsoft Corporation) C:\Windows\System32\dxtrans.dll
2013-01-15 19:01 - 2013-01-15 19:01 - 00267776 ____A (Microsoft Corporation) C:\Windows\System32\ieaksie.dll
2013-01-15 19:01 - 2013-01-15 19:01 - 00249344 ____A (Microsoft Corporation) C:\Windows\System32\webcheck.dll
2013-01-15 19:01 - 2013-01-15 19:01 - 00248320 ____A (Microsoft Corporation) C:\Windows\System32\ieui.dll
2013-01-15 19:01 - 2013-01-15 19:01 - 00237056 ____A (Microsoft Corporation) C:\Windows\System32\url.dll
2013-01-15 19:01 - 2013-01-15 19:01 - 00231936 ____A (Microsoft Corporation) C:\Windows\SysWOW64\url.dll
2013-01-15 19:01 - 2013-01-15 19:01 - 00227840 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieaksie.dll
2013-01-15 19:01 - 2013-01-15 19:01 - 00223232 ____A (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2013-01-15 19:01 - 2013-01-15 19:01 - 00222208 ____A (Microsoft Corporation) C:\Windows\System32\msls31.dll
2013-01-15 19:01 - 2013-01-15 19:01 - 00203776 ____A (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll
2013-01-15 19:01 - 2013-01-15 19:01 - 00197120 ____A (Microsoft Corporation) C:\Windows\System32\msrating.dll
2013-01-15 19:01 - 2013-01-15 19:01 - 00176640 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2013-01-15 19:01 - 2013-01-15 19:01 - 00173056 ____A (Microsoft Corporation) C:\Windows\System32\ieUnatt.exe
2013-01-15 19:01 - 2013-01-15 19:01 - 00165888 ____A (Microsoft Corporation) C:\Windows\System32\iexpress.exe
2013-01-15 19:01 - 2013-01-15 19:01 - 00163840 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieakui.dll
2013-01-15 19:01 - 2013-01-15 19:01 - 00163840 ____A (Microsoft Corporation) C:\Windows\System32\ieakui.dll
2013-01-15 19:01 - 2013-01-15 19:01 - 00162304 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2013-01-15 19:01 - 2013-01-15 19:01 - 00161792 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msls31.dll
2013-01-15 19:01 - 2013-01-15 19:01 - 00160256 ____A (Microsoft Corporation) C:\Windows\System32\wextract.exe
2013-01-15 19:01 - 2013-01-15 19:01 - 00160256 ____A (Microsoft Corporation) C:\Windows\System32\ieakeng.dll
2013-01-15 19:01 - 2013-01-15 19:01 - 00152064 ____A (Microsoft Corporation) C:\Windows\SysWOW64\wextract.exe
2013-01-15 19:01 - 2013-01-15 19:01 - 00150528 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iexpress.exe
2013-01-15 19:01 - 2013-01-15 19:01 - 00149504 ____A (Microsoft Corporation) C:\Windows\System32\occache.dll
2013-01-15 19:01 - 2013-01-15 19:01 - 00145920 ____A (Microsoft Corporation) C:\Windows\System32\iepeers.dll
2013-01-15 19:01 - 2013-01-15 19:01 - 00142848 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2013-01-15 19:01 - 2013-01-15 19:01 - 00135168 ____A (Microsoft Corporation) C:\Windows\System32\IEAdvpack.dll
2013-01-15 19:01 - 2013-01-15 19:01 - 00130560 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieakeng.dll
2013-01-15 19:01 - 2013-01-15 19:01 - 00123392 ____A (Microsoft Corporation) C:\Windows\SysWOW64\occache.dll
2013-01-15 19:01 - 2013-01-15 19:01 - 00118784 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iepeers.dll
2013-01-15 19:01 - 2013-01-15 19:01 - 00114176 ____A (Microsoft Corporation) C:\Windows\System32\admparse.dll
2013-01-15 19:01 - 2013-01-15 19:01 - 00111616 ____A (Microsoft Corporation) C:\Windows\System32\iesysprep.dll
2013-01-15 19:01 - 2013-01-15 19:01 - 00110592 ____A (Microsoft Corporation) C:\Windows\SysWOW64\IEAdvpack.dll
2013-01-15 19:01 - 2013-01-15 19:01 - 00103936 ____A (Microsoft Corporation) C:\Windows\System32\inseng.dll
2013-01-15 19:01 - 2013-01-15 19:01 - 00101888 ____A (Microsoft Corporation) C:\Windows\SysWOW64\admparse.dll
2013-01-15 19:01 - 2013-01-15 19:01 - 00096768 ____A (Microsoft Corporation) C:\Windows\System32\mshtmled.dll
2013-01-15 19:01 - 2013-01-15 19:01 - 00091648 ____A (Microsoft Corporation) C:\Windows\System32\SetIEInstalledDate.exe
2013-01-15 19:01 - 2013-01-15 19:01 - 00089088 ____A (Microsoft Corporation) C:\Windows\System32\RegisterIEPKEYs.exe
2013-01-15 19:01 - 2013-01-15 19:01 - 00089088 ____A (Microsoft Corporation) C:\Windows\System32\ie4uinit.exe
2013-01-15 19:01 - 2013-01-15 19:01 - 00086528 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iesysprep.dll
2013-01-15 19:01 - 2013-01-15 19:01 - 00085504 ____A (Microsoft Corporation) C:\Windows\System32\jsproxy.dll
2013-01-15 19:01 - 2013-01-15 19:01 - 00085504 ____A (Microsoft Corporation) C:\Windows\System32\iesetup.dll
2013-01-15 19:01 - 2013-01-15 19:01 - 00082432 ____A (Microsoft Corporation) C:\Windows\System32\icardie.dll
2013-01-15 19:01 - 2013-01-15 19:01 - 00078848 ____A (Microsoft Corporation) C:\Windows\SysWOW64\inseng.dll
2013-01-15 19:01 - 2013-01-15 19:01 - 00076800 ____A (Microsoft Corporation) C:\Windows\SysWOW64\SetIEInstalledDate.exe
2013-01-15 19:01 - 2013-01-15 19:01 - 00076800 ____A (Microsoft Corporation) C:\Windows\System32\tdc.ocx
2013-01-15 19:01 - 2013-01-15 19:01 - 00074752 ____A (Microsoft Corporation) C:\Windows\SysWOW64\RegisterIEPKEYs.exe
2013-01-15 19:01 - 2013-01-15 19:01 - 00074752 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2013-01-15 19:01 - 2013-01-15 19:01 - 00074240 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ie4uinit.exe
2013-01-15 19:01 - 2013-01-15 19:01 - 00073216 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2013-01-15 19:01 - 2013-01-15 19:01 - 00066048 ____A (Microsoft Corporation) C:\Windows\SysWOW64\icardie.dll
2013-01-15 19:01 - 2013-01-15 19:01 - 00065024 ____A (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2013-01-15 19:01 - 2013-01-15 19:01 - 00065024 ____A (Microsoft Corporation) C:\Windows\System32\pngfilt.dll
2013-01-15 19:01 - 2013-01-15 19:01 - 00063488 ____A (Microsoft Corporation) C:\Windows\SysWOW64\tdc.ocx
2013-01-15 19:01 - 2013-01-15 19:01 - 00055296 ____A (Microsoft Corporation) C:\Windows\System32\msfeedsbs.dll
2013-01-15 19:01 - 2013-01-15 19:01 - 00054272 ____A (Microsoft Corporation) C:\Windows\SysWOW64\pngfilt.dll
2013-01-15 19:01 - 2013-01-15 19:01 - 00049664 ____A (Microsoft Corporation) C:\Windows\System32\imgutil.dll
2013-01-15 19:01 - 2013-01-15 19:01 - 00048640 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtmler.dll
2013-01-15 19:01 - 2013-01-15 19:01 - 00048640 ____A (Microsoft Corporation) C:\Windows\System32\mshtmler.dll
2013-01-15 19:01 - 2013-01-15 19:01 - 00041472 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msfeedsbs.dll
2013-01-15 19:01 - 2013-01-15 19:01 - 00039936 ____A (Microsoft Corporation) C:\Windows\System32\iernonce.dll
2013-01-15 19:01 - 2013-01-15 19:01 - 00035840 ____A (Microsoft Corporation) C:\Windows\SysWOW64\imgutil.dll
2013-01-15 19:01 - 2013-01-15 19:01 - 00031744 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2013-01-15 19:01 - 2013-01-15 19:01 - 00030720 ____A (Microsoft Corporation) C:\Windows\System32\licmgr10.dll
2013-01-15 19:01 - 2013-01-15 19:01 - 00023552 ____A (Microsoft Corporation) C:\Windows\SysWOW64\licmgr10.dll
2013-01-15 19:01 - 2013-01-15 19:01 - 00012288 ____A (Microsoft Corporation) C:\Windows\System32\mshta.exe
2013-01-15 19:01 - 2013-01-15 19:01 - 00011776 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshta.exe
2013-01-15 19:01 - 2013-01-15 19:01 - 00010752 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msfeedssync.exe
2013-01-15 19:01 - 2013-01-15 19:01 - 00010752 ____A (Microsoft Corporation) C:\Windows\System32\msfeedssync.exe
2013-01-15 19:01 - 2013-01-15 18:58 - 00003733 ____A C:\Windows\IE9_main.log
2013-01-15 18:45 - 2013-01-15 18:45 - 00000689 ____A C:\Users\GigabitPony\Desktop\XChat.lnk
2013-01-15 17:26 - 2013-01-15 17:26 - 00000000 ____D C:\Users\GigabitPony\AppData\Roaming\ATI
2013-01-15 17:26 - 2013-01-15 17:26 - 00000000 ____D C:\Users\GigabitPony\AppData\Local\ATI
2013-01-15 17:26 - 2013-01-15 17:26 - 00000000 ____D C:\Users\GigabitPony\AppData\Local\AMD
2013-01-15 17:26 - 2013-01-15 17:26 - 00000000 ____D C:\Users\All Users\ATI
2013-01-15 17:26 - 2013-01-15 17:26 - 00000000 ____A C:\Windows\ativpsrm.bin
2013-01-15 17:20 - 2013-01-15 17:20 - 00000000 ____D C:\Users\All Users\AMD
2013-01-15 17:20 - 2013-01-15 17:20 - 00000000 ____D C:\Program Files\Common Files\ATI Technologies
2013-01-15 17:20 - 2013-01-15 17:20 - 00000000 ____D C:\Program Files (x86)\AMD AVT
2013-01-15 17:20 - 2013-01-15 17:20 - 00000000 ____D C:\Program Files (x86)\AMD APP
2013-01-15 17:20 - 2013-01-15 17:18 - 00000000 ____D C:\Program Files\ATI Technologies
2013-01-15 17:19 - 2013-01-15 17:19 - 00000000 ____D C:\Program Files (x86)\ATI Technologies
2013-01-15 17:19 - 2009-07-13 19:20 - 00000000 ____D C:\Program Files\Common Files\Microsoft Shared
2013-01-15 17:18 - 2013-01-15 17:18 - 00000000 ____D C:\Program Files\ATI
2013-01-15 17:17 - 2013-01-15 17:17 - 00000000 ____D C:\AMD
2013-01-15 17:14 - 2013-01-15 20:05 - 00000000 ____D C:\Windows\Panther
2013-01-15 17:14 - 2013-01-15 17:14 - 00000020 ___SH C:\Users\GigabitPony\ntuser.ini
2013-01-15 17:14 - 2013-01-15 17:14 - 00000000 __SHD C:\Recovery
2013-01-15 17:14 - 2013-01-15 17:14 - 00000000 ____D C:\Users\GigabitPony\AppData\Local\VirtualStore
2013-01-15 17:14 - 2009-07-13 21:32 - 00000000 ____D C:\Windows\System32\restore
2013-01-15 17:14 - 2009-07-13 19:20 - 00000000 ____D C:\Windows\System32\Recovery
2012-12-27 19:42 - 2013-01-15 18:41 - 00000332 ____A C:\Users\GigabitPony\Desktop\Teslacoildiagram.txt

==================== Known DLLs (Whitelisted) =================


==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit

==================== EXE ASSOCIATION =====================

HKLM\...\.exe: exefile => OK
HKLM\...\exefile\DefaultIcon: %1 => OK
HKLM\...\exefile\open\command: "%1" %* => OK

==================== Restore Points =========================


==================== Memory info ===========================

Percentage of memory in use: 15%
Total physical RAM: 4092.53 MB
Available physical RAM: 3461.28 MB
Total Pagefile: 4090.68 MB
Available Pagefile: 3455.17 MB
Total Virtual: 8192 MB
Available Virtual: 8191.88 MB

==================== Partitions =============================

2 Drive c: () (Fixed) (Total:37.17 GB) (Free:19.92 GB) NTFS
3 Drive d: (Programs) (Fixed) (Total:97.66 GB) (Free:77.44 GB) NTFS
4 Drive f: (Media) (Fixed) (Total:244.14 GB) (Free:184.63 GB) NTFS
5 Drive g: (Random) (Fixed) (Total:123.96 GB) (Free:89.19 GB) NTFS
6 Drive h: (GRMCULFRER_EN_DVD) (CDROM) (Total:4.36 GB) (Free:0 GB) UDF
7 Drive i: () (Removable) (Total:7.44 GB) (Free:4.42 GB) FAT32
8 Drive j: () (Removable) (Total:3.76 GB) (Free:3.76 GB) FAT32
9 Drive x: (Boot) (Fixed) (Total:0.03 GB) (Free:0.03 GB) NTFS
10 Drive y: (System Reserved) (Fixed) (Total:0.1 GB) (Free:0.07 GB) NTFS ==>[System with boot components (obtained from reading drive)]

Disk ### Status Size Free Dyn Gpt
-------- ------------- ------- ------- --- ---
Disk 0 Online 37 GB 0 B
Disk 1 Online 465 GB 1024 KB
Disk 2 Online 7633 MB 0 B
Disk 3 Online 3862 MB 0 B

Partitions of Disk 0:
===============

Partition ### Type Size Offset
------------- ---------------- ------- -------
Partition 1 Primary 100 MB 1024 KB
Partition 2 Primary 37 GB 101 MB

==================================================================================

Disk: 0
Partition 1
Type : 07
Hidden: No
Active: Yes

Volume ### Ltr Label Fs Type Size Status Info
---------- --- ----------- ----- ---------- ------- --------- --------
* Volume 1 Y System Rese NTFS Partition 100 MB Healthy

=========================================================

Disk: 0
Partition 2
Type : 07
Hidden: No
Active: No

Volume ### Ltr Label Fs Type Size Status Info
---------- --- ----------- ----- ---------- ------- --------- --------
* Volume 2 C NTFS Partition 37 GB Healthy

=========================================================

Partitions of Disk 1:
===============

Partition ### Type Size Offset
------------- ---------------- ------- -------
Partition 1 Primary 97 GB 1024 KB
Partition 2 Primary 244 GB 97 GB
Partition 3 Primary 123 GB 341 GB

==================================================================================

Disk: 1
Partition 1
Type : 07
Hidden: No
Active: No

Volume ### Ltr Label Fs Type Size Status Info
---------- --- ----------- ----- ---------- ------- --------- --------
* Volume 3 D Programs NTFS Partition 97 GB Healthy

=========================================================

Disk: 1
Partition 2
Type : 07
Hidden: No
Active: No

Volume ### Ltr Label Fs Type Size Status Info
---------- --- ----------- ----- ---------- ------- --------- --------
* Volume 4 F Media NTFS Partition 244 GB Healthy

=========================================================

Disk: 1
Partition 3
Type : 07
Hidden: No
Active: No

Volume ### Ltr Label Fs Type Size Status Info
---------- --- ----------- ----- ---------- ------- --------- --------
* Volume 5 G Random NTFS Partition 123 GB Healthy

=========================================================

Partitions of Disk 2:
===============

Partition ### Type Size Offset
------------- ---------------- ------- -------
Partition 1 Primary 7633 MB 31 KB

==================================================================================

Disk: 2
Partition 1
Type : 0C
Hidden: No
Active: Yes

Volume ### Ltr Label Fs Type Size Status Info
---------- --- ----------- ----- ---------- ------- --------- --------
* Volume 6 I FAT32 Removable 7633 MB Healthy

=========================================================

Partitions of Disk 3:
===============

Partition ### Type Size Offset
------------- ---------------- ------- -------
Partition 1 Primary 3861 MB 28 KB

==================================================================================

Disk: 3
Partition 1
Type : 0C
Hidden: No
Active: Yes

Volume ### Ltr Label Fs Type Size Status Info
---------- --- ----------- ----- ---------- ------- --------- --------
* Volume 7 J FAT32 Removable 3861 MB Healthy

=========================================================

Last Boot: 2013-01-15 20:06

==================== End Of Log =============================

#6 fireman4it

fireman4it

    Bleepin' Fireman


  • Malware Response Team
  • 13,512 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Greenup, Ill USA
  • Local time:01:16 PM

Posted 16 January 2013 - 06:48 PM

Hello,

When you reinstalled did you use a backup of the computer image? Was the image a new one or the one from when the machine was booted up the first time. Is the scour redirects happening in all the browsers or just a specific one?

1.
Please download the latest version of TDSSKiller from here and save it to your Desktop.
  • Doubleclick on TDSSKiller.exe to run the application, then click on Change parameters.
    Posted Image
  • Put a checkmark beside loaded modules.
    Posted Image
  • A reboot will be needed to apply the changes. Do it.
  • TDSSKiller will launch automatically after the reboot. Also your computer may seem very slow and unusable. This is normal. Give it enough time to load your background programs.
  • Then click on Change parameters in TDSSKiller.
  • Check all boxes then click OK.
    Posted Image
  • Click the Start Scan button.
    Posted Image
  • The scan should take no longer than 2 minutes.
  • If a suspicious object is detected, the default action will be Skip, click on Continue.
    Posted Image
  • If malicious objects are found, they will show in the Scan results - Select action for found objects and offer three options.
    Ensure Cure (default) is selected, then click Continue > Reboot now to finish the cleaning process.
    Posted Image
    Note: If Cure is not available, please choose Skip instead, do not choose Delete unless instructed.
  • A report will be created in your root directory, (usually C:\ folder) in the form of "TDSSKiller.[Version]_[Date]_[Time]_log.txt". Please copy and paste the contents of that file here.

2.
Download the yorkyt.exe disinfection tool (1,31 MB).

Save the file to your hard disk; to the Windows Desktop, for example.
Double click the yorkyt.exe file.
A reboot will be requested to install a driver.
Another reboot will be requested to complete the disinfection.
When the disinfection is completed, accept the message that will be displayed.
In order to ensure a full cleanup, run a scan of your PC with the antivirus installed.

3.
Please download GMER from one of the following locations and save it to your desktop:

  • Main Mirror which will download a randomly named file
  • Zipped Mirror - Unzip the file to its own folder such as C:\gmer
  • Disconnect from the Internet and close all running programs
  • Temporarily disable any real-time active protection
  • It is very important you do not use your computer while GMER is running
  • Double-click on the randomly named GMER Posted Image icon
  • GMER will open to the Rootkit/Malware tab and perform an automatic quick scan
  • If you receive a warning about rootkit activity and are asked to fully scan your system click NO
  • Please check in the Quick scan box
  • Please uncheck the following:
    • IAT/EAT
    • Show All <<< Important
    Posted Image
  • Click Scan
  • If you see a rootkit warning window click OK
  • When the scan is finished, Save the results to your desktop as gmer.log
  • Click Copy then paste the results in your reply
  • Exit GMER and be sure to re-enable your Antivirus, Firewall and any other security programs you had disabled
Note:
  • If you encounter any problems, try running GMER in Safe Mode
  • If GMER crashes or keeps resulting in a Blue Screen of Death, uncheck Devices on the right side before scanning


Things to include in your next reply::
The answers to my above questions.
TdssKiller log
yorkyt.exe log
Gmer log
How is your machine running now?

" Extinguishing Malware from the world"

The Virus, Trojan, Spyware, and Malware Removal forum is very busy. If I'm helping you and I've not posted back within 24 hrs., send a PM with your topic link. Thank you.

ALL OTHER HELP REQUESTS VIA THE PM SYSTEM WILL BE IGNORED. The Forums are there for a reason!
Thanks-


  userbar_eis_500.gif

If I have helped you, consider making a donation to help me continue the fight against Malware! Just click btn_donate_LG.gif


#7 GigabitPony

GigabitPony
  • Topic Starter

  • Members
  • 14 posts
  • OFFLINE
  •  
  • Local time:01:16 PM

Posted 16 January 2013 - 06:56 PM

The image was from MSNDAA account through college. I just used the ISO and novacorp wintoflash.

Will run those tools now.

#8 fireman4it

fireman4it

    Bleepin' Fireman


  • Malware Response Team
  • 13,512 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Greenup, Ill USA
  • Local time:01:16 PM

Posted 16 January 2013 - 07:03 PM

So this was purchased through your college? Or an individual?

Edited by fireman4it, 16 January 2013 - 07:03 PM.

" Extinguishing Malware from the world"

The Virus, Trojan, Spyware, and Malware Removal forum is very busy. If I'm helping you and I've not posted back within 24 hrs., send a PM with your topic link. Thank you.

ALL OTHER HELP REQUESTS VIA THE PM SYSTEM WILL BE IGNORED. The Forums are there for a reason!
Thanks-


  userbar_eis_500.gif

If I have helped you, consider making a donation to help me continue the fight against Malware! Just click btn_donate_LG.gif


#9 GigabitPony

GigabitPony
  • Topic Starter

  • Members
  • 14 posts
  • OFFLINE
  •  
  • Local time:01:16 PM

Posted 16 January 2013 - 07:43 PM

I got it for free through my account. because I am in the tech courses. It is single license.

2013-01-16 19:03:37: ****************************************************
2013-01-16 19:03:37: Starting UP ... v 0.0.0.220
2013-01-16 19:03:37: ****************************************************
2013-01-16 19:03:38: Stop TPSRV returns: 2
2013-01-16 19:03:53: Listing processes...
2013-01-16 19:03:53: :[System Process]:0
2013-01-16 19:03:53: :System:4
2013-01-16 19:03:53: :smss.exe:256
2013-01-16 19:03:53: :csrss.exe:360
2013-01-16 19:03:53: :wininit.exe:432
2013-01-16 19:03:53: :csrss.exe:452
2013-01-16 19:03:53: :services.exe:492
2013-01-16 19:03:53: :lsass.exe:516
2013-01-16 19:03:53: :lsm.exe:524
2013-01-16 19:03:53: :svchost.exe:656
2013-01-16 19:03:53: :winlogon.exe:708
2013-01-16 19:03:53: :launcher_service.exe:748
2013-01-16 19:03:53: :svchost.exe:784
2013-01-16 19:03:53: :cmdagent.exe:868
2013-01-16 19:03:53: :svchost.exe:892
2013-01-16 19:03:53: :atiesrxx.exe:932
2013-01-16 19:03:53: :svchost.exe:980
2013-01-16 19:03:53: :svchost.exe:1012
2013-01-16 19:03:53: :svchost.exe:276
2013-01-16 19:03:53: :audiodg.exe:672
2013-01-16 19:03:53: :svchost.exe:296
2013-01-16 19:03:53: :svchost.exe:1096
2013-01-16 19:03:53: :atieclxx.exe:1244
2013-01-16 19:03:53: :hmpsched.exe:1260
2013-01-16 19:03:53: :spoolsv.exe:1484
2013-01-16 19:03:53: :svchost.exe:1512
2013-01-16 19:03:53: :Fuel.Service.exe:1576
2013-01-16 19:03:53: :dragon_updater.exe:1628
2013-01-16 19:03:53: :svchost.exe:1680
2013-01-16 19:03:53: :GeekBuddyRSP.exe:1708
2013-01-16 19:03:53: :MSCamS64.exe:1812
2013-01-16 19:03:53: :c2c_service.exe:1908
2013-01-16 19:03:53: :WUDFHost.exe:2300
2013-01-16 19:03:53: :cavwp.exe:2576
2013-01-16 19:03:53: :taskhost.exe:2956
2013-01-16 19:03:53: :taskeng.exe:3036
2013-01-16 19:03:53: :dwm.exe:3052
2013-01-16 19:03:53: :explorer.exe:2680
2013-01-16 19:03:53: :CisTray.exe:1232
2013-01-16 19:03:53: :LCore.exe:3180
2013-01-16 19:03:53: :googledrivesync.exe:3188
2013-01-16 19:03:53: :Skype.exe:3204
2013-01-16 19:03:53: :jusched.exe:3272
2013-01-16 19:03:53: :GeekBuddyRSP.exe:3280
2013-01-16 19:03:53: :unit_manager.exe:3296
2013-01-16 19:03:53: :googledrivesync.exe:3328
2013-01-16 19:03:53: :MOM.exe:3340
2013-01-16 19:03:53: :Dropbox.exe:3436
2013-01-16 19:03:53: :LCDMedia.exe:3508
2013-01-16 19:03:53: :LCDCountdown.exe:3532
2013-01-16 19:03:53: :LCDClock.exe:3560
2013-01-16 19:03:53: :LCDPOP3.exe:3580
2013-01-16 19:03:53: :LCDRSS.exe:3644
2013-01-16 19:03:53: :unit.exe:3688
2013-01-16 19:03:53: :CCC.exe:4028
2013-01-16 19:03:53: :wmpnetwk.exe:168
2013-01-16 19:03:53: :ielowutil.exe:3232
2013-01-16 19:03:53: :cis.exe:4536
2013-01-16 19:03:53: :WmiPrvSE.exe:4696
2013-01-16 19:03:53: :mscorsvw.exe:1780
2013-01-16 19:03:53: :mscorsvw.exe:2100
2013-01-16 19:03:53: :sppsvc.exe:564
2013-01-16 19:03:53: :yorkyt.exe:884
2013-01-16 19:03:53: :WmiPrvSE.exe:4768
2013-01-16 19:03:53:
2013-01-16 19:03:53: Setting restore point
2013-01-16 19:03:53: RUN mode
2013-01-16 19:03:53: Determining autonomous or dropped mode...
2013-01-16 19:03:53: Autonomus mode
2013-01-16 19:03:53: ---------------------------------------------------------------------
2013-01-16 19:03:53: Found Service: AeLookupSvc
2013-01-16 19:03:53: Real Path: C:\Windows\System32\aelupsvc.dll
2013-01-16 19:03:53: Display Name: @%SystemRoot%\system32\aelupsvc.dll,-1
2013-01-16 19:03:53: Description: @%SystemRoot%\system32\aelupsvc.dll,-2
2013-01-16 19:03:53: ServiceDLL: System32\aelupsvc.dll
2013-01-16 19:03:53: File size: 0
2013-01-16 19:03:53: DLL File name: aelupsvc.dll
2013-01-16 19:03:53: Original File Name: aelupsvc.dll.mui
2013-01-16 19:03:53: Company:
2013-01-16 19:03:53: Mod/Cre/Acc time:
2013-01-16 19:03:53: ---------------------------------------------------------------------
2013-01-16 19:03:53: Found Service: AppIDSvc
2013-01-16 19:03:53: Real Path: C:\Windows\System32\appidsvc.dll
2013-01-16 19:03:53: Display Name: @%systemroot%\system32\appidsvc.dll,-100
2013-01-16 19:03:53: Description: @%systemroot%\system32\appidsvc.dll,-101
2013-01-16 19:03:53: ServiceDLL: System32\appidsvc.dll
2013-01-16 19:03:53: File size: 0
2013-01-16 19:03:53: DLL File name: appidsvc.dll
2013-01-16 19:03:53: Original File Name: appidsvc.dll.mui
2013-01-16 19:03:53: Company:
2013-01-16 19:03:53: Mod/Cre/Acc time:
2013-01-16 19:03:53: ---------------------------------------------------------------------
2013-01-16 19:03:53: Found Service: Appinfo
2013-01-16 19:03:53: Real Path: C:\Windows\System32\appinfo.dll
2013-01-16 19:03:53: Display Name: @%systemroot%\system32\appinfo.dll,-100
2013-01-16 19:03:53: Description: @%systemroot%\system32\appinfo.dll,-101
2013-01-16 19:03:53: ServiceDLL: System32\appinfo.dll
2013-01-16 19:03:53: File size: 0
2013-01-16 19:03:53: DLL File name: appinfo.dll
2013-01-16 19:03:53: Original File Name: appinfo.dll.mui
2013-01-16 19:03:53: Company:
2013-01-16 19:03:53: Mod/Cre/Acc time:
2013-01-16 19:03:53: ---------------------------------------------------------------------
2013-01-16 19:03:53: Found Service: AppMgmt
2013-01-16 19:03:53: Real Path: C:\Windows\System32\appmgmts.dll
2013-01-16 19:03:53: Display Name: @appmgmts.dll,-3250
2013-01-16 19:03:53: Description: @appmgmts.dll,-3251
2013-01-16 19:03:53: ServiceDLL: System32\appmgmts.dll
2013-01-16 19:03:53: File size: 149504
2013-01-16 19:03:53: DLL File name: appmgmts.dll
2013-01-16 19:03:53: Original File Name: appmgmts.dll.mui
2013-01-16 19:03:53: Company:
2013-01-16 19:03:53: Mod/Cre/Acc time: 20090713201453 20090713183834 20090713183834
2013-01-16 19:03:53: ---------------------------------------------------------------------
2013-01-16 19:03:53: Found Service: AudioEndpointBuilder
2013-01-16 19:03:53: Real Path: C:\Windows\System32\Audiosrv.dll
2013-01-16 19:03:53: Display Name: @%SystemRoot%\system32\audiosrv.dll,-204
2013-01-16 19:03:53: Description: @%SystemRoot%\System32\audiosrv.dll,-205
2013-01-16 19:03:53: ServiceDLL: System32\Audiosrv.dll
2013-01-16 19:03:53: File size: 0
2013-01-16 19:03:53: DLL File name: Audiosrv.dll
2013-01-16 19:03:53: Original File Name: audiosrv.dll.mui
2013-01-16 19:03:53: Company:
2013-01-16 19:03:53: Mod/Cre/Acc time:
2013-01-16 19:03:53: ---------------------------------------------------------------------
2013-01-16 19:03:53: Found Service: AudioSrv
2013-01-16 19:03:53: Real Path: C:\Windows\System32\Audiosrv.dll
2013-01-16 19:03:53: Display Name: @%SystemRoot%\system32\audiosrv.dll,-200
2013-01-16 19:03:53: Description: @%SystemRoot%\System32\audiosrv.dll,-201
2013-01-16 19:03:53: ServiceDLL: System32\Audiosrv.dll
2013-01-16 19:03:53: File size: 0
2013-01-16 19:03:53: DLL File name: Audiosrv.dll
2013-01-16 19:03:53: Original File Name: audiosrv.dll.mui
2013-01-16 19:03:53: Company:
2013-01-16 19:03:53: Mod/Cre/Acc time:
2013-01-16 19:03:53: ---------------------------------------------------------------------
2013-01-16 19:03:53: Found Service: AxInstSV
2013-01-16 19:03:53: Real Path: C:\Windows\System32\AxInstSV.dll
2013-01-16 19:03:53: Display Name: @%SystemRoot%\system32\AxInstSV.dll,-103
2013-01-16 19:03:53: Description: @%SystemRoot%\system32\AxInstSV.dll,-104
2013-01-16 19:03:53: ServiceDLL: System32\AxInstSV.dll
2013-01-16 19:03:53: File size: 0
2013-01-16 19:03:53: DLL File name: AxInstSV.dll
2013-01-16 19:03:53: Original File Name: AxInstSv.dll.mui
2013-01-16 19:03:53: Company:
2013-01-16 19:03:53: Mod/Cre/Acc time:
2013-01-16 19:03:53: ---------------------------------------------------------------------
2013-01-16 19:03:53: Found Service: BDESVC
2013-01-16 19:03:53: Real Path: C:\Windows\System32\bdesvc.dll
2013-01-16 19:03:53: Display Name: @%SystemRoot%\system32\bdesvc.dll,-100
2013-01-16 19:03:53: Description: @%SystemRoot%\system32\bdesvc.dll,-101
2013-01-16 19:03:53: ServiceDLL: System32\bdesvc.dll
2013-01-16 19:03:53: File size: 0
2013-01-16 19:03:53: DLL File name: bdesvc.dll
2013-01-16 19:03:53: Original File Name: BDESVC.DLL.MUI
2013-01-16 19:03:53: Company:
2013-01-16 19:03:53: Mod/Cre/Acc time:
2013-01-16 19:03:53: ---------------------------------------------------------------------
2013-01-16 19:03:53: Found Service: BFE
2013-01-16 19:03:53: Real Path: C:\Windows\System32\bfe.dll
2013-01-16 19:03:53: Display Name: @%SystemRoot%\system32\bfe.dll,-1001
2013-01-16 19:03:53: Description: @%SystemRoot%\system32\bfe.dll,-1002
2013-01-16 19:03:53: ServiceDLL: System32\bfe.dll
2013-01-16 19:03:53: File size: 0
2013-01-16 19:03:53: DLL File name: bfe.dll
2013-01-16 19:03:53: Original File Name: BFE.DLL.MUI
2013-01-16 19:03:53: Company:
2013-01-16 19:03:53: Mod/Cre/Acc time:
2013-01-16 19:03:53: ---------------------------------------------------------------------
2013-01-16 19:03:53: Found Service: BITS
2013-01-16 19:03:53: Real Path: C:\Windows\System32\qmgr.dll
2013-01-16 19:03:53: Display Name: @%SystemRoot%\system32\qmgr.dll,-1000
2013-01-16 19:03:53: Description: @%SystemRoot%\system32\qmgr.dll,-1001
2013-01-16 19:03:53: ServiceDLL: System32\qmgr.dll
2013-01-16 19:03:53: File size: 0
2013-01-16 19:03:53: DLL File name: qmgr.dll
2013-01-16 19:03:53: Original File Name: qmgr.dll.mui
2013-01-16 19:03:53: Company:
2013-01-16 19:03:53: Mod/Cre/Acc time:
2013-01-16 19:03:53: ---------------------------------------------------------------------
2013-01-16 19:03:53: Found Service: Browser
2013-01-16 19:03:53: Real Path: C:\Windows\System32\browser.dll
2013-01-16 19:03:53: Display Name: @%systemroot%\system32\browser.dll,-100
2013-01-16 19:03:53: Description: @%systemroot%\system32\browser.dll,-101
2013-01-16 19:03:53: ServiceDLL: System32\browser.dll
2013-01-16 19:03:53: File size: 0
2013-01-16 19:03:53: DLL File name: browser.dll
2013-01-16 19:03:53: Original File Name: browser.dll.mui
2013-01-16 19:03:53: Company:
2013-01-16 19:03:53: Mod/Cre/Acc time:
2013-01-16 19:03:53: ---------------------------------------------------------------------
2013-01-16 19:03:53: Found Service: bthserv
2013-01-16 19:03:53: Real Path: C:\Windows\system32\bthserv.dll
2013-01-16 19:03:53: Display Name: @%SystemRoot%\System32\bthserv.dll,-101
2013-01-16 19:03:53: Description: @%SystemRoot%\System32\bthserv.dll,-102
2013-01-16 19:03:53: ServiceDLL: system32\bthserv.dll
2013-01-16 19:03:53: File size: 0
2013-01-16 19:03:53: DLL File name: bthserv.dll
2013-01-16 19:03:53: Original File Name: BTHSERV.DLL.MUI
2013-01-16 19:03:53: Company:
2013-01-16 19:03:53: Mod/Cre/Acc time:
2013-01-16 19:03:53: ---------------------------------------------------------------------
2013-01-16 19:03:53: Found Service: CertPropSvc
2013-01-16 19:03:53: Real Path: C:\Windows\System32\certprop.dll
2013-01-16 19:03:53: Display Name: @%SystemRoot%\System32\certprop.dll,-11
2013-01-16 19:03:53: Description: @%SystemRoot%\System32\certprop.dll,-12
2013-01-16 19:03:53: ServiceDLL: System32\certprop.dll
2013-01-16 19:03:53: File size: 0
2013-01-16 19:03:53: DLL File name: certprop.dll
2013-01-16 19:03:53: Original File Name: certprop.dll.mui
2013-01-16 19:03:53: Company:
2013-01-16 19:03:53: Mod/Cre/Acc time:
2013-01-16 19:03:53: ---------------------------------------------------------------------
2013-01-16 19:03:53: Found Service: CryptSvc
2013-01-16 19:03:53: Real Path: C:\Windows\system32\cryptsvc.dll
2013-01-16 19:03:53: Display Name: @%SystemRoot%\system32\cryptsvc.dll,-1001
2013-01-16 19:03:53: Description: @%SystemRoot%\system32\cryptsvc.dll,-1002
2013-01-16 19:03:53: ServiceDLL: system32\cryptsvc.dll
2013-01-16 19:03:53: File size: 140288
2013-01-16 19:03:53: DLL File name: cryptsvc.dll
2013-01-16 19:03:53: Original File Name: cryptsvc.dll.mui
2013-01-16 19:03:53: Company:
2013-01-16 19:03:53: Mod/Cre/Acc time: 20120601233629 20130115214710 20130115214710
2013-01-16 19:03:53: ---------------------------------------------------------------------
2013-01-16 19:03:53: Found Service: CscService
2013-01-16 19:03:53: Real Path: C:\Windows\System32\cscsvc.dll
2013-01-16 19:03:53: Display Name: @%systemroot%\system32\cscsvc.dll,-200
2013-01-16 19:03:53: Description: @%systemroot%\system32\cscsvc.dll,-201
2013-01-16 19:03:53: ServiceDLL: System32\cscsvc.dll
2013-01-16 19:03:53: File size: 0
2013-01-16 19:03:53: DLL File name: cscsvc.dll
2013-01-16 19:03:53: Original File Name: cscsvc.dll.mui
2013-01-16 19:03:53: Company:
2013-01-16 19:03:53: Mod/Cre/Acc time:
2013-01-16 19:03:53: ---------------------------------------------------------------------
2013-01-16 19:03:53: Found Service: DcomLaunch
2013-01-16 19:03:53: Real Path: C:\Windows\system32\rpcss.dll
2013-01-16 19:03:53: Display Name: @oleres.dll,-5012
2013-01-16 19:03:53: Description: @oleres.dll,-5013
2013-01-16 19:03:53: ServiceDLL: system32\rpcss.dll
2013-01-16 19:03:53: File size: 0
2013-01-16 19:03:53: DLL File name: rpcss.dll
2013-01-16 19:03:53: Original File Name: rpcss.dll
2013-01-16 19:03:53: Company:
2013-01-16 19:03:53: Mod/Cre/Acc time:
2013-01-16 19:03:53: ---------------------------------------------------------------------
2013-01-16 19:03:53: Found Service: defragsvc
2013-01-16 19:03:53: Real Path: C:\Windows\System32\defragsvc.dll
2013-01-16 19:03:53: Display Name: Disk Defragmenter
2013-01-16 19:03:53: Description: @%SystemRoot%\system32\defragsvc.dll,-102
2013-01-16 19:03:53: ServiceDLL: System32\defragsvc.dll
2013-01-16 19:03:53: File size: 0
2013-01-16 19:03:53: DLL File name: defragsvc.dll
2013-01-16 19:03:53: Original File Name: defragsvc.dll.mui
2013-01-16 19:03:53: Company:
2013-01-16 19:03:53: Mod/Cre/Acc time:
2013-01-16 19:03:53: ---------------------------------------------------------------------
2013-01-16 19:03:53: Found Service: Dhcp
2013-01-16 19:03:53: Real Path: C:\Windows\system32\dhcpcore.dll
2013-01-16 19:03:53: Display Name: @%SystemRoot%\system32\dhcpcore.dll,-100
2013-01-16 19:03:53: Description: @%SystemRoot%\system32\dhcpcore.dll,-101
2013-01-16 19:03:53: ServiceDLL: system32\dhcpcore.dll
2013-01-16 19:03:53: File size: 254464
2013-01-16 19:03:53: DLL File name: dhcpcore.dll
2013-01-16 19:03:53: Original File Name: dhcpcore.dll.mui
2013-01-16 19:03:53: Company:
2013-01-16 19:03:53: Mod/Cre/Acc time: 20101120071830 20130115232959 20130115232959
2013-01-16 19:03:53: ---------------------------------------------------------------------
2013-01-16 19:03:53: Found Service: Dnscache
2013-01-16 19:03:53: Real Path: C:\Windows\System32\dnsrslvr.dll
2013-01-16 19:03:53: Display Name: @%SystemRoot%\System32\dnsapi.dll,-101
2013-01-16 19:03:53: Description: @%SystemRoot%\System32\dnsapi.dll,-102
2013-01-16 19:03:53: ServiceDLL: System32\dnsrslvr.dll
2013-01-16 19:03:53: File size: 0
2013-01-16 19:03:53: DLL File name: dnsrslvr.dll
2013-01-16 19:03:53: Original File Name: dnsrslvr.dll.mui
2013-01-16 19:03:53: Company:
2013-01-16 19:03:53: Mod/Cre/Acc time:
2013-01-16 19:03:53: ---------------------------------------------------------------------
2013-01-16 19:03:53: Found Service: dot3svc
2013-01-16 19:03:53: Real Path: C:\Windows\System32\dot3svc.dll
2013-01-16 19:03:53: Display Name: @%systemroot%\system32\dot3svc.dll,-1102
2013-01-16 19:03:53: Description: @%systemroot%\system32\dot3svc.dll,-1103
2013-01-16 19:03:53: ServiceDLL: System32\dot3svc.dll
2013-01-16 19:03:53: File size: 0
2013-01-16 19:03:53: DLL File name: dot3svc.dll
2013-01-16 19:03:53: Original File Name: dot3svc.dll.mui
2013-01-16 19:03:53: Company:
2013-01-16 19:03:53: Mod/Cre/Acc time:
2013-01-16 19:03:53: ---------------------------------------------------------------------
2013-01-16 19:03:53: Found Service: DPS
2013-01-16 19:03:53: Real Path: C:\Windows\system32\dps.dll
2013-01-16 19:03:53: Display Name: @%systemroot%\system32\dps.dll,-500
2013-01-16 19:03:53: Description: @%systemroot%\system32\dps.dll,-501
2013-01-16 19:03:53: ServiceDLL: system32\dps.dll
2013-01-16 19:03:53: File size: 0
2013-01-16 19:03:53: DLL File name: dps.dll
2013-01-16 19:03:53: Original File Name: dps.dll.mui
2013-01-16 19:03:53: Company:
2013-01-16 19:03:53: Mod/Cre/Acc time:
2013-01-16 19:03:53: ---------------------------------------------------------------------
2013-01-16 19:03:53: Found Service: EapHost
2013-01-16 19:03:53: Real Path: C:\Windows\System32\eapsvc.dll
2013-01-16 19:03:53: Display Name: @%systemroot%\system32\eapsvc.dll,-1
2013-01-16 19:03:53: Description: @%systemroot%\system32\eapsvc.dll,-2
2013-01-16 19:03:53: ServiceDLL: System32\eapsvc.dll
2013-01-16 19:03:53: File size: 0
2013-01-16 19:03:53: DLL File name: eapsvc.dll
2013-01-16 19:03:53: Original File Name: eapsvc.dll.mui
2013-01-16 19:03:53: Company:
2013-01-16 19:03:53: Mod/Cre/Acc time:
2013-01-16 19:03:53: ---------------------------------------------------------------------
2013-01-16 19:03:53: Found Service: EventSystem
2013-01-16 19:03:53: Real Path: C:\Windows\system32\es.dll
2013-01-16 19:03:53: Display Name: @comres.dll,-2450
2013-01-16 19:03:53: Description: @comres.dll,-2451
2013-01-16 19:03:53: ServiceDLL: system32\es.dll
2013-01-16 19:03:53: File size: 271360
2013-01-16 19:03:53: DLL File name: es.dll
2013-01-16 19:03:53: Original File Name: ES.DLL
2013-01-16 19:03:53: Company:
2013-01-16 19:03:53: Mod/Cre/Acc time: 20090713201519 20090713184438 20090713184438
2013-01-16 19:03:53: ---------------------------------------------------------------------
2013-01-16 19:03:53: Found Service: fdPHost
2013-01-16 19:03:53: Real Path: C:\Windows\system32\fdPHost.dll
2013-01-16 19:03:53: Display Name: @%systemroot%\system32\fdPHost.dll,-100
2013-01-16 19:03:53: Description: @%systemroot%\system32\fdPHost.dll,-101
2013-01-16 19:03:53: ServiceDLL: system32\fdPHost.dll
2013-01-16 19:03:53: File size: 0
2013-01-16 19:03:53: DLL File name: fdPHost.dll
2013-01-16 19:03:53: Original File Name: fdPHost.dll.mui
2013-01-16 19:03:53: Company:
2013-01-16 19:03:53: Mod/Cre/Acc time:
2013-01-16 19:03:54: ---------------------------------------------------------------------
2013-01-16 19:03:54: Found Service: FDResPub
2013-01-16 19:03:54: Real Path: C:\Windows\system32\fdrespub.dll
2013-01-16 19:03:54: Display Name: @%systemroot%\system32\fdrespub.dll,-100
2013-01-16 19:03:54: Description: @%systemroot%\system32\fdrespub.dll,-101
2013-01-16 19:03:54: ServiceDLL: system32\fdrespub.dll
2013-01-16 19:03:54: File size: 0
2013-01-16 19:03:54: DLL File name: fdrespub.dll
2013-01-16 19:03:54: Original File Name: FDResPub.dll.mui
2013-01-16 19:03:54: Company:
2013-01-16 19:03:54: Mod/Cre/Acc time:
2013-01-16 19:03:54: !!!!!!!
2013-01-16 19:03:54: Found Service: FontCache
2013-01-16 19:03:54: Real Path: C:\Windows\system32\FntCache.dll
2013-01-16 19:03:54: Display Name: @%systemroot%\system32\FntCache.dll,-100
2013-01-16 19:03:54: Description: @%systemroot%\system32\FntCache.dll,-101
2013-01-16 19:03:54: ServiceDLL: system32\FntCache.dll
2013-01-16 19:03:54: File size: 0
2013-01-16 19:03:54: DLL File name: FntCache.dll
2013-01-16 19:03:54: Original File Name: FontCacheService
2013-01-16 19:03:54: Company:
2013-01-16 19:03:54: Mod/Cre/Acc time:
2013-01-16 19:03:54: !!!!!!!!!
2013-01-16 19:03:54: ---------------------------------------------------------------------
2013-01-16 19:03:54: Found Service: gpsvc
2013-01-16 19:03:54: Real Path: C:\Windows\System32\gpsvc.dll
2013-01-16 19:03:54: Display Name: @gpapi.dll,-112
2013-01-16 19:03:54: Description: @gpapi.dll,-113
2013-01-16 19:03:54: ServiceDLL: System32\gpsvc.dll
2013-01-16 19:03:54: File size: 0
2013-01-16 19:03:54: DLL File name: gpsvc.dll
2013-01-16 19:03:54: Original File Name: gpsvc.dll.mui
2013-01-16 19:03:54: Company:
2013-01-16 19:03:54: Mod/Cre/Acc time:
2013-01-16 19:03:54: ---------------------------------------------------------------------
2013-01-16 19:03:54: Found Service: hidserv
2013-01-16 19:03:54: Real Path: C:\Windows\system32\hidserv.dll
2013-01-16 19:03:54: Display Name: @%SystemRoot%\System32\hidserv.dll,-101
2013-01-16 19:03:54: Description: @%SystemRoot%\System32\hidserv.dll,-102
2013-01-16 19:03:54: ServiceDLL: system32\hidserv.dll
2013-01-16 19:03:54: File size: 49152
2013-01-16 19:03:54: DLL File name: hidserv.dll
2013-01-16 19:03:54: Original File Name: HIDSERV.DLL.MUI
2013-01-16 19:03:54: Company:
2013-01-16 19:03:54: Mod/Cre/Acc time: 20090713201524 20090713185109 20090713185109
2013-01-16 19:03:54: ---------------------------------------------------------------------
2013-01-16 19:03:54: Found Service: hkmsvc
2013-01-16 19:03:54: Real Path: C:\Windows\system32\kmsvc.dll
2013-01-16 19:03:54: Display Name: @%SystemRoot%\system32\kmsvc.dll,-6
2013-01-16 19:03:54: Description: @%SystemRoot%\system32\kmsvc.dll,-7
2013-01-16 19:03:54: ServiceDLL: system32\kmsvc.dll
2013-01-16 19:03:54: File size: 0
2013-01-16 19:03:54: DLL File name: kmsvc.dll
2013-01-16 19:03:54: Original File Name: KmSvc.DLL.MUI
2013-01-16 19:03:54: Company:
2013-01-16 19:03:54: Mod/Cre/Acc time:
2013-01-16 19:03:54: ---------------------------------------------------------------------
2013-01-16 19:03:54: Found Service: HomeGroupListener
2013-01-16 19:03:54: Real Path: C:\Windows\system32\ListSvc.dll
2013-01-16 19:03:54: Display Name: @%SystemRoot%\System32\ListSvc.dll,-100
2013-01-16 19:03:54: Description: @%SystemRoot%\System32\ListSvc.dll,-101
2013-01-16 19:03:54: ServiceDLL: system32\ListSvc.dll
2013-01-16 19:03:54: File size: 0
2013-01-16 19:03:54: DLL File name: ListSvc.dll
2013-01-16 19:03:54: Original File Name: ListSvc.dll.mui
2013-01-16 19:03:54: Company:
2013-01-16 19:03:54: Mod/Cre/Acc time:
2013-01-16 19:03:54: ---------------------------------------------------------------------
2013-01-16 19:03:54: Found Service: HomeGroupProvider
2013-01-16 19:03:54: Real Path: C:\Windows\system32\provsvc.dll
2013-01-16 19:03:54: Display Name: @%SystemRoot%\System32\provsvc.dll,-100
2013-01-16 19:03:54: Description: @%SystemRoot%\System32\provsvc.dll,-101
2013-01-16 19:03:54: ServiceDLL: system32\provsvc.dll
2013-01-16 19:03:54: File size: 165376
2013-01-16 19:03:54: DLL File name: provsvc.dll
2013-01-16 19:03:54: Original File Name: provsvc.dll.mui
2013-01-16 19:03:54: Company:
2013-01-16 19:03:54: Mod/Cre/Acc time: 20101120072057 20130115232941 20130115232941
2013-01-16 19:03:54: ---------------------------------------------------------------------
2013-01-16 19:03:54: Found Service: IKEEXT
2013-01-16 19:03:54: Real Path: C:\Windows\System32\ikeext.dll
2013-01-16 19:03:54: Display Name: @%SystemRoot%\system32\ikeext.dll,-501
2013-01-16 19:03:54: Description: @%SystemRoot%\system32\ikeext.dll,-502
2013-01-16 19:03:54: ServiceDLL: System32\ikeext.dll
2013-01-16 19:03:54: File size: 0
2013-01-16 19:03:54: DLL File name: ikeext.dll
2013-01-16 19:03:54: Original File Name: IKEEXT.DLL.MUI
2013-01-16 19:03:54: Company:
2013-01-16 19:03:54: Mod/Cre/Acc time:
2013-01-16 19:03:54: ---------------------------------------------------------------------
2013-01-16 19:03:54: Found Service: IPBusEnum
2013-01-16 19:03:54: Real Path: C:\Windows\system32\ipbusenum.dll
2013-01-16 19:03:54: Display Name: @%systemroot%\system32\IPBusEnum.dll,-102
2013-01-16 19:03:54: Description: @%systemroot%\system32\IPBusEnum.dll,-103
2013-01-16 19:03:54: ServiceDLL: system32\ipbusenum.dll
2013-01-16 19:03:54: File size: 0
2013-01-16 19:03:54: DLL File name: ipbusenum.dll
2013-01-16 19:03:54: Original File Name: IPBusEnum.dll.mui
2013-01-16 19:03:54: Company:
2013-01-16 19:03:54: Mod/Cre/Acc time:
2013-01-16 19:03:54: ---------------------------------------------------------------------
2013-01-16 19:03:54: Found Service: iphlpsvc
2013-01-16 19:03:54: Real Path: C:\Windows\System32\iphlpsvc.dll
2013-01-16 19:03:54: Display Name: @%SystemRoot%\system32\iphlpsvc.dll,-500
2013-01-16 19:03:54: Description: @%SystemRoot%\system32\iphlpsvc.dll,-501
2013-01-16 19:03:54: ServiceDLL: System32\iphlpsvc.dll
2013-01-16 19:03:54: File size: 0
2013-01-16 19:03:54: DLL File name: iphlpsvc.dll
2013-01-16 19:03:54: Original File Name: iphlpsvc.dll.mui
2013-01-16 19:03:54: Company:
2013-01-16 19:03:54: Mod/Cre/Acc time:
2013-01-16 19:03:54: ---------------------------------------------------------------------
2013-01-16 19:03:54: Found Service: KtmRm
2013-01-16 19:03:54: Real Path: C:\Windows\system32\msdtckrm.dll
2013-01-16 19:03:54: Display Name: @comres.dll,-2946
2013-01-16 19:03:54: Description: @comres.dll,-2947
2013-01-16 19:03:54: ServiceDLL: system32\msdtckrm.dll
2013-01-16 19:03:54: File size: 0
2013-01-16 19:03:54: DLL File name: msdtckrm.dll
2013-01-16 19:03:54: Original File Name: MSDTCKRM.DLL
2013-01-16 19:03:54: Company:
2013-01-16 19:03:54: Mod/Cre/Acc time:
2013-01-16 19:03:54: ---------------------------------------------------------------------
2013-01-16 19:03:54: Found Service: LanmanServer
2013-01-16 19:03:54: Real Path: C:\Windows\system32\srvsvc.dll
2013-01-16 19:03:54: Display Name: @%systemroot%\system32\srvsvc.dll,-100
2013-01-16 19:03:54: Description: @%systemroot%\system32\srvsvc.dll,-101
2013-01-16 19:03:54: ServiceDLL: system32\srvsvc.dll
2013-01-16 19:03:54: File size: 0
2013-01-16 19:03:54: DLL File name: srvsvc.dll
2013-01-16 19:03:54: Original File Name: SRVSVC.DLL.MUI
2013-01-16 19:03:54: Company:
2013-01-16 19:03:54: Mod/Cre/Acc time:
2013-01-16 19:03:54: ---------------------------------------------------------------------
2013-01-16 19:03:54: Found Service: LanmanWorkstation
2013-01-16 19:03:54: Real Path: C:\Windows\System32\wkssvc.dll
2013-01-16 19:03:54: Display Name: @%systemroot%\system32\wkssvc.dll,-100
2013-01-16 19:03:54: Description: @%systemroot%\system32\wkssvc.dll,-101
2013-01-16 19:03:54: ServiceDLL: System32\wkssvc.dll
2013-01-16 19:03:54: File size: 0
2013-01-16 19:03:54: DLL File name: wkssvc.dll
2013-01-16 19:03:54: Original File Name: WKSSVC.DLL.MUI
2013-01-16 19:03:54: Company:
2013-01-16 19:03:54: Mod/Cre/Acc time:
2013-01-16 19:03:54: ---------------------------------------------------------------------
2013-01-16 19:03:54: Found Service: lltdsvc
2013-01-16 19:03:54: Real Path: C:\Windows\System32\lltdsvc.dll
2013-01-16 19:03:54: Display Name: @%SystemRoot%\system32\lltdres.dll,-1
2013-01-16 19:03:54: Description: @%SystemRoot%\system32\lltdres.dll,-2
2013-01-16 19:03:54: ServiceDLL: System32\lltdsvc.dll
2013-01-16 19:03:54: File size: 0
2013-01-16 19:03:54: DLL File name: lltdsvc.dll
2013-01-16 19:03:54: Original File Name: LLTDSVC.DLL
2013-01-16 19:03:54: Company:
2013-01-16 19:03:54: Mod/Cre/Acc time:
2013-01-16 19:03:54: ---------------------------------------------------------------------
2013-01-16 19:03:54: Found Service: lmhosts
2013-01-16 19:03:54: Real Path: C:\Windows\System32\lmhsvc.dll
2013-01-16 19:03:54: Display Name: @%SystemRoot%\system32\lmhsvc.dll,-101
2013-01-16 19:03:54: Description: @%SystemRoot%\system32\lmhsvc.dll,-102
2013-01-16 19:03:54: ServiceDLL: System32\lmhsvc.dll
2013-01-16 19:03:54: File size: 0
2013-01-16 19:03:54: DLL File name: lmhsvc.dll
2013-01-16 19:03:54: Original File Name: lmhsvc.dll.mui
2013-01-16 19:03:54: Company:
2013-01-16 19:03:54: Mod/Cre/Acc time:
2013-01-16 19:03:54: ---------------------------------------------------------------------
2013-01-16 19:03:54: Found Service: Mcx2Svc
2013-01-16 19:03:54: Real Path: C:\Windows\system32\Mcx2Svc.dll
2013-01-16 19:03:54: Display Name: @%SystemRoot%\ehome\ehres.dll,-15501
2013-01-16 19:03:54: Description: @%SystemRoot%\ehome\ehres.dll,-15502
2013-01-16 19:03:54: ServiceDLL: system32\Mcx2Svc.dll
2013-01-16 19:03:54: File size: 0
2013-01-16 19:03:54: DLL File name: Mcx2Svc.dll
2013-01-16 19:03:54: Original File Name: Mcx2Svc.dll
2013-01-16 19:03:54: Company:

2013-01-16 19:03:54: Mod/Cre/Acc time:
2013-01-16 19:03:54: ---------------------------------------------------------------------
2013-01-16 19:03:54: Found Service: MMCSS
2013-01-16 19:03:54: Real Path: C:\Windows\system32\mmcss.dll
2013-01-16 19:03:54: Display Name: @%systemroot%\system32\mmcss.dll,-100
2013-01-16 19:03:54: Description: @%systemroot%\system32\mmcss.dll,-101
2013-01-16 19:03:54: ServiceDLL: system32\mmcss.dll
2013-01-16 19:03:54: File size: 0
2013-01-16 19:03:54: DLL File name: mmcss.dll
2013-01-16 19:03:54: Original File Name: mmcss.dll.mui
2013-01-16 19:03:54: Company:
2013-01-16 19:03:54: Mod/Cre/Acc time:
2013-01-16 19:03:54: ---------------------------------------------------------------------
2013-01-16 19:03:54: Found Service: MpsSvc
2013-01-16 19:03:54: Real Path: C:\Windows\system32\mpssvc.dll
2013-01-16 19:03:54: Display Name: @%SystemRoot%\system32\FirewallAPI.dll,-23090
2013-01-16 19:03:54: Description: @%SystemRoot%\system32\FirewallAPI.dll,-23091
2013-01-16 19:03:54: ServiceDLL: system32\mpssvc.dll
2013-01-16 19:03:54: File size: 0
2013-01-16 19:03:54: DLL File name: mpssvc.dll
2013-01-16 19:03:54: Original File Name: mpssvc.dll.mui
2013-01-16 19:03:54: Company:
2013-01-16 19:03:54: Mod/Cre/Acc time:
2013-01-16 19:03:54: ---------------------------------------------------------------------
2013-01-16 19:03:54: Found Service: MSiSCSI
2013-01-16 19:03:54: Real Path: C:\Windows\system32\iscsiexe.dll
2013-01-16 19:03:54: Display Name: @%SystemRoot%\system32\iscsidsc.dll,-5000
2013-01-16 19:03:54: Description: @%SystemRoot%\system32\iscsidsc.dll,-5001
2013-01-16 19:03:54: ServiceDLL: system32\iscsiexe.dll
2013-01-16 19:03:54: File size: 0
2013-01-16 19:03:54: DLL File name: iscsiexe.dll
2013-01-16 19:03:54: Original File Name: iscsiexe.exe.mui
2013-01-16 19:03:54: Company:
2013-01-16 19:03:54: Mod/Cre/Acc time:
2013-01-16 19:03:54: ---------------------------------------------------------------------
2013-01-16 19:03:54: Found Service: napagent
2013-01-16 19:03:54: Real Path: C:\Windows\system32\qagentRT.dll
2013-01-16 19:03:54: Display Name: @%SystemRoot%\system32\qagentrt.dll,-6
2013-01-16 19:03:54: Description: @%SystemRoot%\system32\qagentrt.dll,-7
2013-01-16 19:03:54: ServiceDLL: system32\qagentRT.dll
2013-01-16 19:03:54: File size: 0
2013-01-16 19:03:54: DLL File name: qagentRT.dll
2013-01-16 19:03:54: Original File Name: QAgentRT.DLL.MUI
2013-01-16 19:03:54: Company:
2013-01-16 19:03:54: Mod/Cre/Acc time:
2013-01-16 19:03:54: ---------------------------------------------------------------------
2013-01-16 19:03:54: Found Service: Netman
2013-01-16 19:03:54: Real Path: C:\Windows\System32\netman.dll
2013-01-16 19:03:54: Display Name: @%SystemRoot%\system32\netman.dll,-109
2013-01-16 19:03:54: Description: @%SystemRoot%\system32\netman.dll,-110
2013-01-16 19:03:54: ServiceDLL: System32\netman.dll
2013-01-16 19:03:54: File size: 0
2013-01-16 19:03:54: DLL File name: netman.dll
2013-01-16 19:03:54: Original File Name: netman.dll.mui
2013-01-16 19:03:54: Company:
2013-01-16 19:03:54: Mod/Cre/Acc time:
2013-01-16 19:03:54: ---------------------------------------------------------------------
2013-01-16 19:03:54: Found Service: netprofm
2013-01-16 19:03:54: Real Path: C:\Windows\System32\netprofm.dll
2013-01-16 19:03:54: Display Name: @%SystemRoot%\system32\netprofm.dll,-202
2013-01-16 19:03:54: Description: @%SystemRoot%\system32\netprofm.dll,-203
2013-01-16 19:03:54: ServiceDLL: System32\netprofm.dll
2013-01-16 19:03:54: File size: 360448
2013-01-16 19:03:54: DLL File name: netprofm.dll
2013-01-16 19:03:54: Original File Name: netprofm.dll.mui
2013-01-16 19:03:54: Company:
2013-01-16 19:03:54: Mod/Cre/Acc time: 20090713201603 20090713185658 20090713185658
2013-01-16 19:03:54: ---------------------------------------------------------------------
2013-01-16 19:03:54: Found Service: NlaSvc
2013-01-16 19:03:54: Real Path: C:\Windows\System32\nlasvc.dll
2013-01-16 19:03:54: Display Name: @%SystemRoot%\System32\nlasvc.dll,-1
2013-01-16 19:03:54: Description: @%SystemRoot%\System32\nlasvc.dll,-2
2013-01-16 19:03:54: ServiceDLL: System32\nlasvc.dll
2013-01-16 19:03:54: File size: 0
2013-01-16 19:03:54: DLL File name: nlasvc.dll
2013-01-16 19:03:54: Original File Name: nlasvc.dll.mui
2013-01-16 19:03:54: Company:
2013-01-16 19:03:54: Mod/Cre/Acc time:
2013-01-16 19:03:54: ---------------------------------------------------------------------
2013-01-16 19:03:54: Found Service: nsi
2013-01-16 19:03:54: Real Path: C:\Windows\system32\nsisvc.dll
2013-01-16 19:03:54: Display Name: @%SystemRoot%\system32\nsisvc.dll,-200
2013-01-16 19:03:54: Description: @%SystemRoot%\system32\nsisvc.dll,-201
2013-01-16 19:03:54: ServiceDLL: system32\nsisvc.dll
2013-01-16 19:03:54: File size: 0
2013-01-16 19:03:54: DLL File name: nsisvc.dll
2013-01-16 19:03:54: Original File Name: nsisvc.dll.mui
2013-01-16 19:03:54: Company:
2013-01-16 19:03:54: Mod/Cre/Acc time:
2013-01-16 19:03:54: ---------------------------------------------------------------------
2013-01-16 19:03:54: Found Service: p2pimsvc
2013-01-16 19:03:54: Real Path: C:\Windows\system32\pnrpsvc.dll
2013-01-16 19:03:54: Display Name: @%SystemRoot%\system32\pnrpsvc.dll,-8004
2013-01-16 19:03:54: Description: @%SystemRoot%\system32\pnrpsvc.dll,-8005
2013-01-16 19:03:54: ServiceDLL: system32\pnrpsvc.dll
2013-01-16 19:03:54: File size: 0
2013-01-16 19:03:54: DLL File name: pnrpsvc.dll
2013-01-16 19:03:54: Original File Name: pnrpsvc.dll.mui
2013-01-16 19:03:54: Company:
2013-01-16 19:03:54: Mod/Cre/Acc time:
2013-01-16 19:03:54: ---------------------------------------------------------------------
2013-01-16 19:03:54: Found Service: p2psvc
2013-01-16 19:03:54: Real Path: C:\Windows\system32\p2psvc.dll
2013-01-16 19:03:54: Display Name: @%SystemRoot%\system32\p2psvc.dll,-8006
2013-01-16 19:03:54: Description: @%SystemRoot%\system32\p2psvc.dll,-8007
2013-01-16 19:03:54: ServiceDLL: system32\p2psvc.dll
2013-01-16 19:03:54: File size: 0
2013-01-16 19:03:54: DLL File name: p2psvc.dll
2013-01-16 19:03:54: Original File Name: p2psvc.dll.mui
2013-01-16 19:03:54: Company:
2013-01-16 19:03:54: Mod/Cre/Acc time:
2013-01-16 19:03:54: !!!!!!!
2013-01-16 19:03:54: Found Service: PcaSvc
2013-01-16 19:03:54: Real Path: C:\Windows\System32\pcasvc.dll
2013-01-16 19:03:54: Display Name: @%SystemRoot%\system32\pcasvc.dll,-1
2013-01-16 19:03:54: Description: @%SystemRoot%\system32\pcasvc.dll,-2
2013-01-16 19:03:54: ServiceDLL: System32\pcasvc.dll
2013-01-16 19:03:54: File size: 0
2013-01-16 19:03:54: DLL File name: pcasvc.dll
2013-01-16 19:03:54: Original File Name:
2013-01-16 19:03:54: Company:
2013-01-16 19:03:54: Mod/Cre/Acc time:
2013-01-16 19:03:54: !!!!!!!!!
2013-01-16 19:03:54: ---------------------------------------------------------------------
2013-01-16 19:03:54: Found Service: PeerDistSvc
2013-01-16 19:03:54: Real Path: C:\Windows\system32\peerdistsvc.dll
2013-01-16 19:03:54: Display Name: @%SystemRoot%\system32\peerdistsvc.dll,-9000
2013-01-16 19:03:54: Description: @%SystemRoot%\system32\peerdistsvc.dll,-9001
2013-01-16 19:03:54: ServiceDLL: system32\peerdistsvc.dll
2013-01-16 19:03:54: File size: 0
2013-01-16 19:03:54: DLL File name: peerdistsvc.dll
2013-01-16 19:03:54: Original File Name: PeerDistSvc.dll.mui
2013-01-16 19:03:54: Company:
2013-01-16 19:03:54: Mod/Cre/Acc time:
2013-01-16 19:03:55: ---------------------------------------------------------------------
2013-01-16 19:03:55: Found Service: pla
2013-01-16 19:03:55: Real Path: C:\Windows\system32\pla.dll
2013-01-16 19:03:55: Display Name: @%systemroot%\system32\pla.dll,-500
2013-01-16 19:03:55: Description: @%systemroot%\system32\pla.dll,-501
2013-01-16 19:03:55: ServiceDLL: system32\pla.dll
2013-01-16 19:03:55: File size: 1508864
2013-01-16 19:03:55: DLL File name: pla.dll
2013-01-16 19:03:55: Original File Name: PLA.DLL.MUI
2013-01-16 19:03:55: Company:
2013-01-16 19:03:55: Mod/Cre/Acc time: 20101120072054 20130115232952 20130115232952
2013-01-16 19:03:55: ---------------------------------------------------------------------
2013-01-16 19:03:55: Found Service: PlugPlay
2013-01-16 19:03:55: Real Path: C:\Windows\system32\umpnpmgr.dll
2013-01-16 19:03:55: Display Name: @%SystemRoot%\system32\umpnpmgr.dll,-100
2013-01-16 19:03:55: Description: @%SystemRoot%\system32\umpnpmgr.dll,-101
2013-01-16 19:03:55: ServiceDLL: system32\umpnpmgr.dll
2013-01-16 19:03:55: File size: 0
2013-01-16 19:03:55: DLL File name: umpnpmgr.dll
2013-01-16 19:03:55: Original File Name: Umpnpmgr.DLL.MUI
2013-01-16 19:03:55: Company:
2013-01-16 19:03:55: Mod/Cre/Acc time:
2013-01-16 19:03:55: ---------------------------------------------------------------------
2013-01-16 19:03:55: Found Service: PNRPAutoReg
2013-01-16 19:03:55: Real Path: C:\Windows\system32\pnrpauto.dll
2013-01-16 19:03:55: Display Name: @%SystemRoot%\system32\pnrpauto.dll,-8002
2013-01-16 19:03:55: Description: @%SystemRoot%\system32\pnrpauto.dll,-8003
2013-01-16 19:03:55: ServiceDLL: system32\pnrpauto.dll
2013-01-16 19:03:55: File size: 0
2013-01-16 19:03:55: DLL File name: pnrpauto.dll
2013-01-16 19:03:55: Original File Name: pnrpauto.dll.mui
2013-01-16 19:03:55: Company:
2013-01-16 19:03:55: Mod/Cre/Acc time:
2013-01-16 19:03:55: ---------------------------------------------------------------------
2013-01-16 19:03:55: Found Service: PNRPsvc
2013-01-16 19:03:55: Real Path: C:\Windows\system32\pnrpsvc.dll
2013-01-16 19:03:55: Display Name: @%SystemRoot%\system32\pnrpsvc.dll,-8000
2013-01-16 19:03:55: Description: @%SystemRoot%\system32\pnrpsvc.dll,-8001
2013-01-16 19:03:55: ServiceDLL: system32\pnrpsvc.dll
2013-01-16 19:03:55: File size: 0
2013-01-16 19:03:55: DLL File name: pnrpsvc.dll
2013-01-16 19:03:55: Original File Name: pnrpsvc.dll.mui
2013-01-16 19:03:55: Company:
2013-01-16 19:03:55: Mod/Cre/Acc time:
2013-01-16 19:03:55: ---------------------------------------------------------------------
2013-01-16 19:03:55: Found Service: PolicyAgent
2013-01-16 19:03:55: Real Path: C:\Windows\System32\ipsecsvc.dll
2013-01-16 19:03:55: Display Name: @%SystemRoot%\System32\polstore.dll,-5010
2013-01-16 19:03:55: Description: @%SystemRoot%\system32\polstore.dll,-5011
2013-01-16 19:03:55: ServiceDLL: System32\ipsecsvc.dll
2013-01-16 19:03:55: File size: 0
2013-01-16 19:03:55: DLL File name: ipsecsvc.dll
2013-01-16 19:03:55: Original File Name: ipsecsvc.dll.mui
2013-01-16 19:03:55: Company:
2013-01-16 19:03:55: Mod/Cre/Acc time:
2013-01-16 19:03:55: ---------------------------------------------------------------------
2013-01-16 19:03:55: Found Service: Power
2013-01-16 19:03:55: Real Path: C:\Windows\system32\umpo.dll
2013-01-16 19:03:55: Display Name: @%SystemRoot%\system32\umpo.dll,-100
2013-01-16 19:03:55: Description: @%SystemRoot%\system32\umpo.dll,-101
2013-01-16 19:03:55: ServiceDLL: system32\umpo.dll
2013-01-16 19:03:55: File size: 0
2013-01-16 19:03:55: DLL File name: umpo.dll
2013-01-16 19:03:55: Original File Name: Umpo.DLL.MUI
2013-01-16 19:03:55: Company:
2013-01-16 19:03:55: Mod/Cre/Acc time:
2013-01-16 19:03:55: ---------------------------------------------------------------------
2013-01-16 19:03:55: Found Service: ProfSvc
2013-01-16 19:03:55: Real Path: C:\Windows\system32\profsvc.dll
2013-01-16 19:03:55: Display Name: @%systemroot%\system32\profsvc.dll,-300
2013-01-16 19:03:55: Description: @%systemroot%\system32\profsvc.dll,-301
2013-01-16 19:03:55: ServiceDLL: system32\profsvc.dll
2013-01-16 19:03:55: File size: 0
2013-01-16 19:03:55: DLL File name: profsvc.dll
2013-01-16 19:03:55: Original File Name: ProfSvc.dll.mui
2013-01-16 19:03:55: Company:
2013-01-16 19:03:55: Mod/Cre/Acc time:
2013-01-16 19:03:55: ---------------------------------------------------------------------
2013-01-16 19:03:55: Found Service: QWAVE
2013-01-16 19:03:55: Real Path: C:\Windows\system32\qwave.dll
2013-01-16 19:03:55: Display Name: @%SystemRoot%\system32\qwave.dll,-1
2013-01-16 19:03:55: Description: @%SystemRoot%\system32\qwave.dll,-2
2013-01-16 19:03:55: ServiceDLL: system32\qwave.dll
2013-01-16 19:03:55: File size: 210944
2013-01-16 19:03:55: DLL File name: qwave.dll
2013-01-16 19:03:55: Original File Name: qwave.dll.mui
2013-01-16 19:03:55: Company:
2013-01-16 19:03:55: Mod/Cre/Acc time: 20090713201612 20090713185415 20090713185415
2013-01-16 19:03:55: ---------------------------------------------------------------------
2013-01-16 19:03:55: Found Service: RasAuto
2013-01-16 19:03:55: Real Path: C:\Windows\System32\rasauto.dll
2013-01-16 19:03:55: Display Name: @%Systemroot%\system32\rasauto.dll,-200
2013-01-16 19:03:55: Description: @%Systemroot%\system32\rasauto.dll,-201
2013-01-16 19:03:55: ServiceDLL: System32\rasauto.dll
2013-01-16 19:03:55: File size: 0
2013-01-16 19:03:55: DLL File name: rasauto.dll
2013-01-16 19:03:55: Original File Name: rasauto.dll.mui
2013-01-16 19:03:55: Company:
2013-01-16 19:03:55: Mod/Cre/Acc time:
2013-01-16 19:03:55: ---------------------------------------------------------------------
2013-01-16 19:03:55: Found Service: RasMan
2013-01-16 19:03:55: Real Path: C:\Windows\System32\rasmans.dll
2013-01-16 19:03:55: Display Name: @%Systemroot%\system32\rasmans.dll,-200
2013-01-16 19:03:55: Description: @%Systemroot%\system32\rasmans.dll,-201
2013-01-16 19:03:55: ServiceDLL: System32\rasmans.dll
2013-01-16 19:03:55: File size: 0
2013-01-16 19:03:55: DLL File name: rasmans.dll
2013-01-16 19:03:55: Original File Name: Rasmans.dll.mui
2013-01-16 19:03:55: Company:
2013-01-16 19:03:55: Mod/Cre/Acc time:
2013-01-16 19:03:55: ---------------------------------------------------------------------
2013-01-16 19:03:55: Found Service: RemoteAccess
2013-01-16 19:03:55: Real Path: C:\Windows\System32\mprdim.dll
2013-01-16 19:03:55: Display Name: @%Systemroot%\system32\mprdim.dll,-200
2013-01-16 19:03:55: Description: @%Systemroot%\system32\mprdim.dll,-201
2013-01-16 19:03:55: ServiceDLL: System32\mprdim.dll
2013-01-16 19:03:55: File size: 75264
2013-01-16 19:03:55: DLL File name: mprdim.dll
2013-01-16 19:03:55: Original File Name: MPRDIM.DLL.MUI
2013-01-16 19:03:55: Company:
2013-01-16 19:03:55: Mod/Cre/Acc time: 20090713201541 20090713185426 20090713185426
2013-01-16 19:03:55: ---------------------------------------------------------------------
2013-01-16 19:03:55: Found Service: RemoteRegistry
2013-01-16 19:03:55: Real Path: C:\Windows\system32\regsvc.dll
2013-01-16 19:03:55: Display Name: @regsvc.dll,-1
2013-01-16 19:03:55: Description: @regsvc.dll,-2
2013-01-16 19:03:55: ServiceDLL: system32\regsvc.dll
2013-01-16 19:03:55: File size: 0
2013-01-16 19:03:55: DLL File name: regsvc.dll
2013-01-16 19:03:55: Original File Name: REGSVC.DLL.MUI
2013-01-16 19:03:55: Company:
2013-01-16 19:03:55: Mod/Cre/Acc time:
2013-01-16 19:03:55: ---------------------------------------------------------------------
2013-01-16 19:03:55: Found Service: RpcEptMapper
2013-01-16 19:03:55: Real Path: C:\Windows\System32\RpcEpMap.dll
2013-01-16 19:03:55: Display Name: @%windir%\system32\RpcEpMap.dll,-1001
2013-01-16 19:03:55: Description: @%windir%\system32\RpcEpMap.dll,-1002
2013-01-16 19:03:55: ServiceDLL: System32\RpcEpMap.dll
2013-01-16 19:03:55: File size: 0
2013-01-16 19:03:55: DLL File name: RpcEpMap.dll
2013-01-16 19:03:55: Original File Name: RpcEpMap.dll.mui
2013-01-16 19:03:55: Company:
2013-01-16 19:03:55: Mod/Cre/Acc time:
2013-01-16 19:03:55: ---------------------------------------------------------------------
2013-01-16 19:03:55: Found Service: RpcSs
2013-01-16 19:03:55: Real Path: C:\Windows\system32\rpcss.dll
2013-01-16 19:03:55: Display Name: @oleres.dll,-5010
2013-01-16 19:03:55: Description: @oleres.dll,-5011
2013-01-16 19:03:55: ServiceDLL: system32\rpcss.dll
2013-01-16 19:03:55: File size: 0
2013-01-16 19:03:55: DLL File name: rpcss.dll
2013-01-16 19:03:55: Original File Name: rpcss.dll
2013-01-16 19:03:55: Company:
2013-01-16 19:03:55: Mod/Cre/Acc time:
2013-01-16 19:03:55: ---------------------------------------------------------------------
2013-01-16 19:03:55: Found Service: SCardSvr
2013-01-16 19:03:55: Real Path: C:\Windows\System32\SCardSvr.dll
2013-01-16 19:03:55: Display Name: @%SystemRoot%\System32\SCardSvr.dll,-1
2013-01-16 19:03:55: Description: @%SystemRoot%\System32\SCardSvr.dll,-5
2013-01-16 19:03:55: ServiceDLL: System32\SCardSvr.dll
2013-01-16 19:03:55: File size: 0
2013-01-16 19:03:55: DLL File name: SCardSvr.dll
2013-01-16 19:03:55: Original File Name: SCardSvr.exe.mui
2013-01-16 19:03:55: Company:
2013-01-16 19:03:55: Mod/Cre/Acc time:
2013-01-16 19:03:55: ---------------------------------------------------------------------
2013-01-16 19:03:55: Found Service: Schedule
2013-01-16 19:03:55: Real Path: C:\Windows\system32\schedsvc.dll
2013-01-16 19:03:55: Display Name: @%SystemRoot%\system32\schedsvc.dll,-100
2013-01-16 19:03:55: Description: @%SystemRoot%\system32\schedsvc.dll,-101
2013-01-16 19:03:55: ServiceDLL: system32\schedsvc.dll
2013-01-16 19:03:55: File size: 0
2013-01-16 19:03:55: DLL File name: schedsvc.dll
2013-01-16 19:03:55: Original File Name: schedsvc.dll.mui
2013-01-16 19:03:55: Company:
2013-01-16 19:03:55: Mod/Cre/Acc time:
2013-01-16 19:03:55: ---------------------------------------------------------------------
2013-01-16 19:03:55: Found Service: SCPolicySvc
2013-01-16 19:03:55: Real Path: C:\Windows\System32\certprop.dll
2013-01-16 19:03:55: Display Name: @%SystemRoot%\System32\certprop.dll,-13
2013-01-16 19:03:55: Description: @%SystemRoot%\System32\certprop.dll,-14
2013-01-16 19:03:55: ServiceDLL: System32\certprop.dll
2013-01-16 19:03:55: File size: 0
2013-01-16 19:03:55: DLL File name: certprop.dll
2013-01-16 19:03:55: Original File Name: certprop.dll.mui
2013-01-16 19:03:55: Company:
2013-01-16 19:03:55: Mod/Cre/Acc time:
2013-01-16 19:03:55: ---------------------------------------------------------------------
2013-01-16 19:03:55: Found Service: SDRSVC
2013-01-16 19:03:55: Real Path: C:\Windows\System32\SDRSVC.dll
2013-01-16 19:03:55: Display Name: @%SystemRoot%\system32\sdrsvc.dll,-107
2013-01-16 19:03:55: Description: @%SystemRoot%\system32\sdrsvc.dll,-102
2013-01-16 19:03:55: ServiceDLL: System32\SDRSVC.dll
2013-01-16 19:03:55: File size: 0
2013-01-16 19:03:55: DLL File name: SDRSVC.dll
2013-01-16 19:03:55: Original File Name: SDRSVC.DLL.MUI
2013-01-16 19:03:55: Company:
2013-01-16 19:03:55: Mod/Cre/Acc time:
2013-01-16 19:03:55: ---------------------------------------------------------------------
2013-01-16 19:03:55: Found Service: seclogon
2013-01-16 19:03:55: Real Path: C:\Windows\system32\seclogon.dll
2013-01-16 19:03:55: Display Name: @%SystemRoot%\system32\seclogon.dll,-7001
2013-01-16 19:03:55: Description: @%SystemRoot%\system32\seclogon.dll,-7000
2013-01-16 19:03:55: ServiceDLL: system32\seclogon.dll
2013-01-16 19:03:55: File size: 0
2013-01-16 19:03:55: DLL File name: seclogon.dll
2013-01-16 19:03:55: Original File Name: SECLOGON.EXE.MUI
2013-01-16 19:03:55: Company:
2013-01-16 19:03:55: Mod/Cre/Acc time:
2013-01-16 19:03:55: ---------------------------------------------------------------------
2013-01-16 19:03:55: Found Service: SENS
2013-01-16 19:03:55: Real Path: C:\Windows\System32\sens.dll
2013-01-16 19:03:55: Display Name: @%SystemRoot%\system32\Sens.dll,-200
2013-01-16 19:03:55: Description: @%SystemRoot%\system32\Sens.dll,-201
2013-01-16 19:03:55: ServiceDLL: System32\sens.dll
2013-01-16 19:03:55: File size: 49664
2013-01-16 19:03:55: DLL File name: sens.dll
2013-01-16 19:03:55: Original File Name: sens.dll.mui
2013-01-16 19:03:55: Company:
2013-01-16 19:03:55: Mod/Cre/Acc time: 20090713201613 20090713182158 20090713182158
2013-01-16 19:03:55: ---------------------------------------------------------------------
2013-01-16 19:03:55: Found Service: SensrSvc
2013-01-16 19:03:55: Real Path: C:\Windows\system32\sensrsvc.dll
2013-01-16 19:03:55: Display Name: @%SystemRoot%\System32\sensrsvc.dll,-1000
2013-01-16 19:03:55: Description: @%SystemRoot%\System32\sensrsvc.dll,-1001
2013-01-16 19:03:55: ServiceDLL: system32\sensrsvc.dll
2013-01-16 19:03:55: File size: 0
2013-01-16 19:03:55: DLL File name: sensrsvc.dll
2013-01-16 19:03:55: Original File Name: sensrsvc.dll.mui
2013-01-16 19:03:55: Company:
2013-01-16 19:03:55: Mod/Cre/Acc time:
2013-01-16 19:03:55: ---------------------------------------------------------------------
2013-01-16 19:03:55: Found Service: SessionEnv
2013-01-16 19:03:55: Real Path: C:\Windows\system32\sessenv.dll
2013-01-16 19:03:55: Display Name: @%SystemRoot%\System32\SessEnv.dll,-1026
2013-01-16 19:03:55: Description: @%SystemRoot%\System32\SessEnv.dll,-1027
2013-01-16 19:03:55: ServiceDLL: system32\sessenv.dll
2013-01-16 19:03:55: File size: 113664
2013-01-16 19:03:55: DLL File name: sessenv.dll
2013-01-16 19:03:55: Original File Name: SessEnv.DLL.MUI
2013-01-16 19:03:55: Company:
2013-01-16 19:03:55: Mod/Cre/Acc time: 20101120072108 20130115233004 20130115233004
2013-01-16 19:03:55: ---------------------------------------------------------------------
2013-01-16 19:03:55: Found Service: SharedAccess
2013-01-16 19:03:55: Real Path: C:\Windows\System32\ipnathlp.dll
2013-01-16 19:03:55: Display Name: @%SystemRoot%\system32\ipnathlp.dll,-106
2013-01-16 19:03:56: Description: @%SystemRoot%\system32\ipnathlp.dll,-107
2013-01-16 19:03:56: ServiceDLL: System32\ipnathlp.dll
2013-01-16 19:03:56: File size: 0
2013-01-16 19:03:56: DLL File name: ipnathlp.dll
2013-01-16 19:03:56: Original File Name: IPNATHLP.DLL.MUI
2013-01-16 19:03:56: Company:
2013-01-16 19:03:56: Mod/Cre/Acc time:
2013-01-16 19:03:56: ---------------------------------------------------------------------
2013-01-16 19:03:56: Found Service: ShellHWDetection
2013-01-16 19:03:56: Real Path: C:\Windows\System32\shsvcs.dll
2013-01-16 19:03:56: Display Name: @%SystemRoot%\System32\shsvcs.dll,-12288
2013-01-16 19:03:56: Description: @%SystemRoot%\System32\shsvcs.dll,-12289
2013-01-16 19:03:56: ServiceDLL: System32\shsvcs.dll
2013-01-16 19:03:56: File size: 328192
2013-01-16 19:03:56: DLL File name: shsvcs.dll
2013-01-16 19:03:56: Original File Name: SHSVCS.DLL.MUI
2013-01-16 19:03:56: Company:
2013-01-16 19:03:56: Mod/Cre/Acc time: 20101120072119 20130115232951 20130115232951
2013-01-16 19:03:56: ---------------------------------------------------------------------
2013-01-16 19:03:56: Found Service: sppuinotify
2013-01-16 19:03:56: Real Path: C:\Windows\system32\sppuinotify.dll
2013-01-16 19:03:56: Display Name: @%SystemRoot%\system32\sppuinotify.dll,-103
2013-01-16 19:03:56: Description: @%SystemRoot%\system32\sppuinotify.dll,-102
2013-01-16 19:03:56: ServiceDLL: system32\sppuinotify.dll
2013-01-16 19:03:56: File size: 0
2013-01-16 19:03:56: DLL File name: sppuinotify.dll
2013-01-16 19:03:56: Original File Name: sppuinotify.dll.mui
2013-01-16 19:03:56: Company:
2013-01-16 19:03:56: Mod/Cre/Acc time:
2013-01-16 19:03:56: ---------------------------------------------------------------------
2013-01-16 19:03:56: Found Service: SSDPSRV
2013-01-16 19:03:56: Real Path: C:\Windows\System32\ssdpsrv.dll
2013-01-16 19:03:56: Display Name: @%systemroot%\system32\ssdpsrv.dll,-100
2013-01-16 19:03:56: Description: @%systemroot%\system32\ssdpsrv.dll,-101
2013-01-16 19:03:56: ServiceDLL: System32\ssdpsrv.dll
2013-01-16 19:03:56: File size: 0
2013-01-16 19:03:56: DLL File name: ssdpsrv.dll
2013-01-16 19:03:56: Original File Name: ssdpsrv.dll.mui
2013-01-16 19:03:56: Company:
2013-01-16 19:03:56: Mod/Cre/Acc time:
2013-01-16 19:03:56: ---------------------------------------------------------------------
2013-01-16 19:03:56: Found Service: SstpSvc
2013-01-16 19:03:56: Real Path: C:\Windows\system32\sstpsvc.dll
2013-01-16 19:03:56: Display Name: @%SystemRoot%\system32\sstpsvc.dll,-200
2013-01-16 19:03:56: Description: @%SystemRoot%\system32\sstpsvc.dll,-201
2013-01-16 19:03:56: ServiceDLL: system32\sstpsvc.dll
2013-01-16 19:03:56: File size: 0
2013-01-16 19:03:56: DLL File name: sstpsvc.dll
2013-01-16 19:03:56: Original File Name: sstpsvc.dll.mui
2013-01-16 19:03:56: Company:
2013-01-16 19:03:56: Mod/Cre/Acc time:
2013-01-16 19:03:56: ---------------------------------------------------------------------
2013-01-16 19:03:56: Found Service: stisvc
2013-01-16 19:03:56: Real Path: C:\Windows\System32\wiaservc.dll
2013-01-16 19:03:56: Display Name: @%SystemRoot%\system32\wiaservc.dll,-9
2013-01-16 19:03:56: Description: @%SystemRoot%\system32\wiaservc.dll,-10
2013-01-16 19:03:56: ServiceDLL: System32\wiaservc.dll
2013-01-16 19:03:56: File size: 0
2013-01-16 19:03:56: DLL File name: wiaservc.dll
2013-01-16 19:03:56: Original File Name: WIASERVC.DLL.MUI
2013-01-16 19:03:56: Company:
2013-01-16 19:03:56: Mod/Cre/Acc time:
2013-01-16 19:03:56: ---------------------------------------------------------------------
2013-01-16 19:03:56: Found Service: StorSvc
2013-01-16 19:03:56: Real Path: C:\Windows\system32\storsvc.dll
2013-01-16 19:03:56: Display Name: @%SystemRoot%\System32\StorSvc.dll,-100
2013-01-16 19:03:56: Description: @%SystemRoot%\System32\StorSvc.dll,-101
2013-01-16 19:03:56: ServiceDLL: system32\storsvc.dll
2013-01-16 19:03:56: File size: 0
2013-01-16 19:03:56: DLL File name: storsvc.dll
2013-01-16 19:03:56: Original File Name: StorSvc.dll.mui
2013-01-16 19:03:56: Company:
2013-01-16 19:03:56: Mod/Cre/Acc time:
2013-01-16 19:03:56: ---------------------------------------------------------------------
2013-01-16 19:03:56: Found Service: swprv
2013-01-16 19:03:56: Real Path: C:\Windows\System32\swprv.dll
2013-01-16 19:03:56: Display Name: @%SystemRoot%\System32\swprv.dll,-103
2013-01-16 19:03:56: Description: @%SystemRoot%\System32\swprv.dll,-102
2013-01-16 19:03:56: ServiceDLL: System32\swprv.dll
2013-01-16 19:03:56: File size: 0
2013-01-16 19:03:56: DLL File name: swprv.dll
2013-01-16 19:03:56: Original File Name: SWPRV.DLL.MUI
2013-01-16 19:03:56: Company:
2013-01-16 19:03:56: Mod/Cre/Acc time:
2013-01-16 19:03:56: ---------------------------------------------------------------------
2013-01-16 19:03:56: Found Service: SysMain
2013-01-16 19:03:56: Real Path: C:\Windows\system32\sysmain.dll
2013-01-16 19:03:56: Display Name: @%SystemRoot%\system32\sysmain.dll,-1000
2013-01-16 19:03:56: Description: @%SystemRoot%\system32\sysmain.dll,-1001
2013-01-16 19:03:56: ServiceDLL: system32\sysmain.dll
2013-01-16 19:03:56: File size: 0
2013-01-16 19:03:56: DLL File name: sysmain.dll
2013-01-16 19:03:56: Original File Name: sysmain.dll.mui
2013-01-16 19:03:56: Company:
2013-01-16 19:03:56: Mod/Cre/Acc time:
2013-01-16 19:03:56: ---------------------------------------------------------------------
2013-01-16 19:03:56: Found Service: TabletInputService
2013-01-16 19:03:56: Real Path: C:\Windows\System32\TabSvc.dll
2013-01-16 19:03:56: Display Name: @%SystemRoot%\system32\TabSvc.dll,-100
2013-01-16 19:03:56: Description: @%SystemRoot%\system32\TabSvc.dll,-101
2013-01-16 19:03:56: ServiceDLL: System32\TabSvc.dll
2013-01-16 19:03:56: File size: 0
2013-01-16 19:03:56: DLL File name: TabSvc.dll
2013-01-16 19:03:56: Original File Name: TabSvc.dll.mui
2013-01-16 19:03:56: Company:
2013-01-16 19:03:56: Mod/Cre/Acc time:
2013-01-16 19:03:56: ---------------------------------------------------------------------
2013-01-16 19:03:56: Found Service: TapiSrv
2013-01-16 19:03:56: Real Path: C:\Windows\System32\tapisrv.dll
2013-01-16 19:03:56: Display Name: @%SystemRoot%\system32\tapisrv.dll,-10100
2013-01-16 19:03:56: Description: @%SystemRoot%\system32\tapisrv.dll,-10101
2013-01-16 19:03:56: ServiceDLL: System32\tapisrv.dll
2013-01-16 19:03:56: File size: 242176
2013-01-16 19:03:56: DLL File name: tapisrv.dll
2013-01-16 19:03:56: Original File Name: TAPISRV.EXE.MUI
2013-01-16 19:03:56: Company:
2013-01-16 19:03:56: Mod/Cre/Acc time: 20101120072128 20130115232945 20130115232945
2013-01-16 19:03:56: ---------------------------------------------------------------------
2013-01-16 19:03:56: Found Service: TBS
2013-01-16 19:03:56: Real Path: C:\Windows\System32\tbssvc.dll
2013-01-16 19:03:56: Display Name: @%SystemRoot%\system32\tbssvc.dll,-100
2013-01-16 19:03:56: Description: @%SystemRoot%\system32\tbssvc.dll,-101
2013-01-16 19:03:56: ServiceDLL: System32\tbssvc.dll
2013-01-16 19:03:56: File size: 0
2013-01-16 19:03:56: DLL File name: tbssvc.dll
2013-01-16 19:03:56: Original File Name: TBSSVC.DLL.MUI
2013-01-16 19:03:56: Company:
2013-01-16 19:03:56: Mod/Cre/Acc time:
2013-01-16 19:03:56: ---------------------------------------------------------------------
2013-01-16 19:03:56: Found Service: TermService
2013-01-16 19:03:56: Real Path: C:\Windows\System32\termsrv.dll
2013-01-16 19:03:56: Display Name: @%SystemRoot%\System32\termsrv.dll,-268
2013-01-16 19:03:56: Description: @%SystemRoot%\System32\termsrv.dll,-267
2013-01-16 19:03:56: ServiceDLL: System32\termsrv.dll
2013-01-16 19:03:56: File size: 0
2013-01-16 19:03:56: DLL File name: termsrv.dll
2013-01-16 19:03:56: Original File Name: termsrv.dll.mui
2013-01-16 19:03:56: Company:
2013-01-16 19:03:56: Mod/Cre/Acc time:
2013-01-16 19:03:56: ---------------------------------------------------------------------
2013-01-16 19:03:56: Found Service: Themes
2013-01-16 19:03:56: Real Path: C:\Windows\system32\themeservice.dll
2013-01-16 19:03:56: Display Name: @%SystemRoot%\System32\themeservice.dll,-8192
2013-01-16 19:03:56: Description: @%SystemRoot%\System32\themeservice.dll,-8193
2013-01-16 19:03:56: ServiceDLL: system32\themeservice.dll
2013-01-16 19:03:56: File size: 0
2013-01-16 19:03:56: DLL File name: themeservice.dll
2013-01-16 19:03:56: Original File Name: THEMESERVICE.DLL.MUI
2013-01-16 19:03:56: Company:
2013-01-16 19:03:56: Mod/Cre/Acc time:
2013-01-16 19:03:56: ---------------------------------------------------------------------
2013-01-16 19:03:56: Found Service: THREADORDER
2013-01-16 19:03:56: Real Path: C:\Windows\system32\mmcss.dll
2013-01-16 19:03:56: Display Name: @%systemroot%\system32\mmcss.dll,-102
2013-01-16 19:03:56: Description: @%systemroot%\system32\mmcss.dll,-103
2013-01-16 19:03:56: ServiceDLL: system32\mmcss.dll
2013-01-16 19:03:56: File size: 0
2013-01-16 19:03:56: DLL File name: mmcss.dll
2013-01-16 19:03:56: Original File Name: mmcss.dll.mui
2013-01-16 19:03:56: Company:
2013-01-16 19:03:56: Mod/Cre/Acc time:
2013-01-16 19:03:56: ---------------------------------------------------------------------
2013-01-16 19:03:56: Found Service: TrkWks
2013-01-16 19:03:56: Real Path: C:\Windows\System32\trkwks.dll
2013-01-16 19:03:56: Display Name: @%SystemRoot%\system32\trkwks.dll,-1
2013-01-16 19:03:56: Description: @%SystemRoot%\system32\trkwks.dll,-2
2013-01-16 19:03:56: ServiceDLL: System32\trkwks.dll
2013-01-16 19:03:56: File size: 0
2013-01-16 19:03:56: DLL File name: trkwks.dll
2013-01-16 19:03:56: Original File Name: trkwks.dll.mui
2013-01-16 19:03:56: Company:
2013-01-16 19:03:56: Mod/Cre/Acc time:
2013-01-16 19:03:56: ---------------------------------------------------------------------
2013-01-16 19:03:56: Found Service: UmRdpService
2013-01-16 19:03:56: Real Path: C:\Windows\System32\umrdp.dll
2013-01-16 19:03:56: Display Name: @%SystemRoot%\system32\umrdp.dll,-1000
2013-01-16 19:03:56: Description: @%SystemRoot%\system32\umrdp.dll,-1001
2013-01-16 19:03:56: ServiceDLL: System32\umrdp.dll
2013-01-16 19:03:56: File size: 0
2013-01-16 19:03:56: DLL File name: umrdp.dll
2013-01-16 19:03:56: Original File Name: umrdp.dll.mui
2013-01-16 19:03:56: Company:
2013-01-16 19:03:56: Mod/Cre/Acc time:
2013-01-16 19:03:56: !!!!!!!
2013-01-16 19:03:56: Found Service: upnphost
2013-01-16 19:03:56: Real Path: C:\Windows\System32\upnphost.dll
2013-01-16 19:03:56: Display Name: @%systemroot%\system32\upnphost.dll,-213
2013-01-16 19:03:56: Description: @%systemroot%\system32\upnphost.dll,-214
2013-01-16 19:03:56: ServiceDLL: System32\upnphost.dll
2013-01-16 19:03:56: File size: 266752
2013-01-16 19:03:56: DLL File name: upnphost.dll
2013-01-16 19:03:56: Original File Name: unpnhost.dll.mui
2013-01-16 19:03:56: Company:
2013-01-16 19:03:56: Mod/Cre/Acc time: 20090713201617 20090713185541 20090713185541
2013-01-16 19:03:56: !!!!!!!!!
2013-01-16 19:03:56: ---------------------------------------------------------------------
2013-01-16 19:03:56: Found Service: UxSms
2013-01-16 19:03:56: Real Path: C:\Windows\System32\uxsms.dll
2013-01-16 19:03:56: Display Name: @%SystemRoot%\system32\dwm.exe,-2000
2013-01-16 19:03:56: Description: @%SystemRoot%\system32\dwm.exe,-2001
2013-01-16 19:03:56: ServiceDLL: System32\uxsms.dll
2013-01-16 19:03:56: File size: 0
2013-01-16 19:03:56: DLL File name: uxsms.dll
2013-01-16 19:03:56: Original File Name: UxSms.dll
2013-01-16 19:03:56: Company:
2013-01-16 19:03:56: Mod/Cre/Acc time:
2013-01-16 19:03:56: ---------------------------------------------------------------------
2013-01-16 19:03:56: Found Service: W32Time
2013-01-16 19:03:56: Real Path: C:\Windows\system32\w32time.dll
2013-01-16 19:03:56: Display Name: @%SystemRoot%\system32\w32time.dll,-200
2013-01-16 19:03:56: Description: @%SystemRoot%\system32\w32time.dll,-201
2013-01-16 19:03:56: ServiceDLL: system32\w32time.dll
2013-01-16 19:03:56: File size: 0
2013-01-16 19:03:56: DLL File name: w32time.dll
2013-01-16 19:03:56: Original File Name: w32time.dll.mui
2013-01-16 19:03:56: Company:
2013-01-16 19:03:56: Mod/Cre/Acc time:
2013-01-16 19:03:56: ---------------------------------------------------------------------
2013-01-16 19:03:56: Found Service: WbioSrvc
2013-01-16 19:03:56: Real Path: C:\Windows\System32\wbiosrvc.dll
2013-01-16 19:03:56: Display Name: @%systemroot%\system32\wbiosrvc.dll,-100
2013-01-16 19:03:56: Description: @%systemroot%\system32\wbiosrvc.dll,-101
2013-01-16 19:03:56: ServiceDLL: System32\wbiosrvc.dll
2013-01-16 19:03:56: File size: 0
2013-01-16 19:03:56: DLL File name: wbiosrvc.dll
2013-01-16 19:03:56: Original File Name: wbiosrvc.dll.mui
2013-01-16 19:03:56: Company:
2013-01-16 19:03:56: Mod/Cre/Acc time:
2013-01-16 19:03:56: ---------------------------------------------------------------------
2013-01-16 19:03:56: Found Service: wcncsvc
2013-01-16 19:03:56: Real Path: C:\Windows\System32\wcncsvc.dll
2013-01-16 19:03:56: Display Name: @%SystemRoot%\system32\wcncsvc.dll,-3
2013-01-16 19:03:56: Description: @%SystemRoot%\system32\wcncsvc.dll,-4
2013-01-16 19:03:56: ServiceDLL: System32\wcncsvc.dll
2013-01-16 19:03:56: File size: 276992
2013-01-16 19:03:56: DLL File name: wcncsvc.dll
2013-01-16 19:03:56: Original File Name: WCNCSVC.DLL.MUI
2013-01-16 19:03:56: Company:
2013-01-16 19:03:56: Mod/Cre/Acc time: 20101120072135 20130115232950 20130115232950
2013-01-16 19:03:57: ---------------------------------------------------------------------
2013-01-16 19:03:57: Found Service: WcsPlugInService
2013-01-16 19:03:57: Real Path: C:\Windows\System32\WcsPlugInService.dll
2013-01-16 19:03:57: Display Name: @%SystemRoot%\system32\WcsPlugInService.dll,-200
2013-01-16 19:03:57: Description: @%SystemRoot%\system32\WcsPlugInService.dll,-201
2013-01-16 19:03:57: ServiceDLL: System32\WcsPlugInService.dll
2013-01-16 19:03:57: File size: 32768
2013-01-16 19:03:57: DLL File name: WcsPlugInService.dll
2013-01-16 19:03:57: Original File Name: WcsPlugInService.DLL.MUI
2013-01-16 19:03:57: Company:
2013-01-16 19:03:57: Mod/Cre/Acc time: 20090713201618 20090713182513 20090713182513
2013-01-16 19:03:57: ---------------------------------------------------------------------
2013-01-16 19:03:57: Found Service: WdiServiceHost
2013-01-16 19:03:57: Real Path: C:\Windows\system32\wdi.dll
2013-01-16 19:03:57: Display Name: @%systemroot%\system32\wdi.dll,-502
2013-01-16 19:03:57: Description: @%systemroot%\system32\wdi.dll,-503
2013-01-16 19:03:57: ServiceDLL: system32\wdi.dll
2013-01-16 19:03:57: File size: 76288
2013-01-16 19:03:57: DLL File name: wdi.dll
2013-01-16 19:03:57: Original File Name: wdi.dll.mui
2013-01-16 19:03:57: Company:
2013-01-16 19:03:57: Mod/Cre/Acc time: 20090713201618 20090713181947 20090713181947
2013-01-16 19:03:57: ---------------------------------------------------------------------
2013-01-16 19:03:57: Found Service: WdiSystemHost
2013-01-16 19:03:57: Real Path: C:\Windows\system32\wdi.dll
2013-01-16 19:03:57: Display Name: @%systemroot%\system32\wdi.dll,-500
2013-01-16 19:03:57: Description: @%systemroot%\system32\wdi.dll,-501
2013-01-16 19:03:57: ServiceDLL: system32\wdi.dll
2013-01-16 19:03:57: File size: 76288
2013-01-16 19:03:57: DLL File name: wdi.dll
2013-01-16 19:03:57: Original File Name: wdi.dll.mui
2013-01-16 19:03:57: Company:
2013-01-16 19:03:57: Mod/Cre/Acc time: 20090713201618 20090713181947 20090713181947
2013-01-16 19:03:57: !!!!!!!
2013-01-16 19:03:57: Found Service: WebClient
2013-01-16 19:03:57: Real Path: C:\Windows\System32\webclnt.dll
2013-01-16 19:03:57: Display Name: @%systemroot%\system32\webclnt.dll,-100
2013-01-16 19:03:57: Description: @%systemroot%\system32\webclnt.dll,-101
2013-01-16 19:03:57: ServiceDLL: System32\webclnt.dll
2013-01-16 19:03:57: File size: 204800
2013-01-16 19:03:57: DLL File name: webclnt.dll
2013-01-16 19:03:57: Original File Name: davsvc.dll.mui
2013-01-16 19:03:57: Company:
2013-01-16 19:03:57: Mod/Cre/Acc time: 20101120072135 20130115233002 20130115233002
2013-01-16 19:03:57: !!!!!!!!!
2013-01-16 19:03:57: ---------------------------------------------------------------------
2013-01-16 19:03:57: Found Service: Wecsvc
2013-01-16 19:03:57: Real Path: C:\Windows\system32\wecsvc.dll
2013-01-16 19:03:57: Display Name: @%SystemRoot%\system32\wecsvc.dll,-200
2013-01-16 19:03:57: Description: @%SystemRoot%\system32\wecsvc.dll,-201
2013-01-16 19:03:57: ServiceDLL: system32\wecsvc.dll
2013-01-16 19:03:57: File size: 0
2013-01-16 19:03:57: DLL File name: wecsvc.dll
2013-01-16 19:03:57: Original File Name: wecsvc.dll.mui
2013-01-16 19:03:57: Company:
2013-01-16 19:03:57: Mod/Cre/Acc time:
2013-01-16 19:03:57: !!!!!!!
2013-01-16 19:03:57: Found Service: wercplsupport
2013-01-16 19:03:57: Real Path: C:\Windows\System32\wercplsupport.dll
2013-01-16 19:03:57: Display Name: @%SystemRoot%\System32\wercplsupport.dll,-101
2013-01-16 19:03:57: Description: @%SystemRoot%\System32\wercplsupport.dll,-100
2013-01-16 19:03:57: ServiceDLL: System32\wercplsupport.dll
2013-01-16 19:03:57: File size: 0
2013-01-16 19:03:57: DLL File name: wercplsupport.dll
2013-01-16 19:03:57: Original File Name: ERC
2013-01-16 19:03:57: Company:
2013-01-16 19:03:57: Mod/Cre/Acc time:
2013-01-16 19:03:57: !!!!!!!!!
2013-01-16 19:03:57: !!!!!!!
2013-01-16 19:03:57: Found Service: WerSvc
2013-01-16 19:03:57: Real Path: C:\Windows\System32\WerSvc.dll
2013-01-16 19:03:57: Display Name: @%SystemRoot%\System32\wersvc.dll,-100
2013-01-16 19:03:57: Description: @%SystemRoot%\System32\wersvc.dll,-101
2013-01-16 19:03:57: ServiceDLL: System32\WerSvc.dll
2013-01-16 19:03:57: File size: 0
2013-01-16 19:03:57: DLL File name: WerSvc.dll
2013-01-16 19:03:57: Original File Name: wersvc
2013-01-16 19:03:57: Company:
2013-01-16 19:03:57: Mod/Cre/Acc time:
2013-01-16 19:03:57: !!!!!!!!!
2013-01-16 19:03:57: ---------------------------------------------------------------------
2013-01-16 19:03:57: Found Service: Winmgmt
2013-01-16 19:03:57: Real Path: C:\Windows\system32\wbem\WMIsvc.dll
2013-01-16 19:03:57: Display Name: @%Systemroot%\system32\wbem\wmisvc.dll,-205
2013-01-16 19:03:57: Description: @%Systemroot%\system32\wbem\wmisvc.dll,-204
2013-01-16 19:03:57: ServiceDLL: system32\wbem\WMIsvc.dll
2013-01-16 19:03:57: File size: 0
2013-01-16 19:03:57: DLL File name: WMIsvc.dll
2013-01-16 19:03:57: Original File Name: wmisvc.dll.mui
2013-01-16 19:03:57: Company:
2013-01-16 19:03:57: Mod/Cre/Acc time:
2013-01-16 19:03:57: ---------------------------------------------------------------------
2013-01-16 19:03:57: Found Service: WinRM
2013-01-16 19:03:57: Real Path: C:\Windows\system32\WsmSvc.dll
2013-01-16 19:03:57: Display Name: @%Systemroot%\system32\wsmsvc.dll,-101
2013-01-16 19:03:57: Description: @%Systemroot%\system32\wsmsvc.dll,-102
2013-01-16 19:03:57: ServiceDLL: system32\WsmSvc.dll
2013-01-16 19:03:57: File size: 1175040
2013-01-16 19:03:57: DLL File name: WsmSvc.dll
2013-01-16 19:03:57: Original File Name: WsmSvc.dll.mui
2013-01-16 19:03:57: Company:
2013-01-16 19:03:57: Mod/Cre/Acc time: 20101120072139 20130115233004 20130115233004
2013-01-16 19:03:57: ---------------------------------------------------------------------
2013-01-16 19:03:57: Found Service: Wlansvc
2013-01-16 19:03:57: Real Path: C:\Windows\System32\wlansvc.dll
2013-01-16 19:03:57: Display Name: @%SystemRoot%\System32\wlansvc.dll,-257
2013-01-16 19:03:57: Description: @%SystemRoot%\System32\wlansvc.dll,-258
2013-01-16 19:03:57: ServiceDLL: System32\wlansvc.dll
2013-01-16 19:03:57: File size: 0
2013-01-16 19:03:57: DLL File name: wlansvc.dll
2013-01-16 19:03:57: Original File Name: wlansvc.dll.mui
2013-01-16 19:03:57: Company:
2013-01-16 19:03:57: Mod/Cre/Acc time:
2013-01-16 19:03:57: ---------------------------------------------------------------------
2013-01-16 19:03:57: Found Service: WPCSvc
2013-01-16 19:03:57: Real Path: C:\Windows\System32\wpcsvc.dll
2013-01-16 19:03:57: Display Name: @%SystemRoot%\system32\wpcsvc.dll,-100
2013-01-16 19:03:57: Description: @%SystemRoot%\system32\wpcsvc.dll,-101
2013-01-16 19:03:57: ServiceDLL: System32\wpcsvc.dll
2013-01-16 19:03:57: File size: 10752
2013-01-16 19:03:57: DLL File name: wpcsvc.dll
2013-01-16 19:03:57: Original File Name: wpcsvc.exe.mui
2013-01-16 19:03:57: Company:
2013-01-16 19:03:57: Mod/Cre/Acc time: 20090713201620 20090713184010 20090713184010
2013-01-16 19:03:57: ---------------------------------------------------------------------
2013-01-16 19:03:57: Found Service: WPDBusEnum
2013-01-16 19:03:57: Real Path: C:\Windows\system32\wpdbusenum.dll
2013-01-16 19:03:57: Display Name: @%SystemRoot%\system32\wpdbusenum.dll,-100
2013-01-16 19:03:57: Description: @%SystemRoot%\system32\wpdbusenum.dll,-101
2013-01-16 19:03:57: ServiceDLL: system32\wpdbusenum.dll
2013-01-16 19:03:57: File size: 0
2013-01-16 19:03:57: DLL File name: wpdbusenum.dll
2013-01-16 19:03:57: Original File Name: WpdBusEnum.DLL.MUI
2013-01-16 19:03:57: Company:
2013-01-16 19:03:57: Mod/Cre/Acc time:
2013-01-16 19:03:57: ---------------------------------------------------------------------
2013-01-16 19:03:57: Found Service: wscsvc
2013-01-16 19:03:57: Real Path: C:\Windows\System32\wscsvc.dll
2013-01-16 19:03:57: Display Name: @%SystemRoot%\System32\wscsvc.dll,-200
2013-01-16 19:03:57: Description: @%SystemRoot%\System32\wscsvc.dll,-201
2013-01-16 19:03:57: ServiceDLL: System32\wscsvc.dll
2013-01-16 19:03:57: File size: 0
2013-01-16 19:03:57: DLL File name: wscsvc.dll
2013-01-16 19:03:57: Original File Name: wscsvc.dll.mui
2013-01-16 19:03:57: Company:
2013-01-16 19:03:57: Mod/Cre/Acc time:
2013-01-16 19:03:57: ---------------------------------------------------------------------
2013-01-16 19:03:57: Found Service: wuauserv
2013-01-16 19:03:57: Real Path: C:\Windows\system32\wuaueng.dll
2013-01-16 19:03:57: Display Name: @%systemroot%\system32\wuaueng.dll,-105
2013-01-16 19:03:57: Description: @%systemroot%\system32\wuaueng.dll,-106
2013-01-16 19:03:57: ServiceDLL: system32\wuaueng.dll
2013-01-16 19:03:57: File size: 0
2013-01-16 19:03:57: DLL File name: wuaueng.dll
2013-01-16 19:03:57: Original File Name: wuaueng.dll.mui
2013-01-16 19:03:57: Company:
2013-01-16 19:03:57: Mod/Cre/Acc time:
2013-01-16 19:03:57: ---------------------------------------------------------------------
2013-01-16 19:03:57: Found Service: wudfsvc
2013-01-16 19:03:57: Real Path: C:\Windows\System32\WUDFSvc.dll
2013-01-16 19:03:57: Display Name: @%SystemRoot%\system32\wudfsvc.dll,-1000
2013-01-16 19:03:57: Description: @%SystemRoot%\system32\wudfsvc.dll,-1001
2013-01-16 19:03:57: ServiceDLL: System32\WUDFSvc.dll
2013-01-16 19:03:57: File size: 0
2013-01-16 19:03:57: DLL File name: WUDFSvc.dll
2013-01-16 19:03:57: Original File Name: WUDFSvc.dll.mui
2013-01-16 19:03:57: Company:
2013-01-16 19:03:57: Mod/Cre/Acc time:
2013-01-16 19:03:57: ---------------------------------------------------------------------
2013-01-16 19:03:57: Found Service: WwanSvc
2013-01-16 19:03:57: Real Path: C:\Windows\System32\wwansvc.dll
2013-01-16 19:03:57: Display Name: @%SystemRoot%\System32\wwansvc.dll,-257
2013-01-16 19:03:57: Description: @%SystemRoot%\System32\wwansvc.dll,-258
2013-01-16 19:03:57: ServiceDLL: System32\wwansvc.dll
2013-01-16 19:03:57: File size: 0
2013-01-16 19:03:57: DLL File name: wwansvc.dll
2013-01-16 19:03:57: Original File Name: WwanSvc.dll.mui
2013-01-16 19:03:57: Company:
2013-01-16 19:03:57: Mod/Cre/Acc time:
2013-01-16 19:03:57:
2013-01-16 19:03:57: Looking for SHELL key
2013-01-16 19:03:57: Now looking for bad DLL files in system32
2013-01-16 19:05:25: Folder: GAC
2013-01-16 19:05:25: Folder: GAC_32
2013-01-16 19:05:25: Folder: GAC_64
2013-01-16 19:05:25: Folder: GAC_MSIL
2013-01-16 19:05:25: Folder: NativeImages_v2.0.50727_32
2013-01-16 19:05:25: Folder: NativeImages_v2.0.50727_64
2013-01-16 19:05:25: Folder: NativeImages_v4.0.30319_32
2013-01-16 19:05:25: Folder: NativeImages_v4.0.30319_64
2013-01-16 19:05:25: Folder: temp
2013-01-16 19:05:25: Folder: tmp
2013-01-16 19:05:25: Checking for bad folder
2013-01-16 19:05:25: Found 1 folders.
2013-01-16 19:05:25: Checking C:\Windows\assembly\tmp
2013-01-16 19:05:25: ... Folder test returns: 1
2013-01-16 19:05:25: Done with folder list in C:\Windows\assembly\ tmp
2013-01-16 19:05:25: Autonomous mode, clearing out yt folder
2013-01-16 19:05:25: cmd.exe /c start "C:\Users\GigabitPony\Desktop\yorkyt.exe"
2013-01-16 19:05:29: Restarting...
2013-01-16 19:06:18: ****************************************************
2013-01-16 19:06:18: Starting UP ... v 0.0.0.220
2013-01-16 19:06:18: ****************************************************
2013-01-16 19:06:19: Stop TPSRV returns: 2
2013-01-16 19:06:34: Listing processes...
2013-01-16 19:06:34: :[System Process]:0
2013-01-16 19:06:34: :System:4
2013-01-16 19:06:34: :smss.exe:256
2013-01-16 19:06:34: :csrss.exe:360
2013-01-16 19:06:34: :wininit.exe:432
2013-01-16 19:06:34: :csrss.exe:452
2013-01-16 19:06:34: :services.exe:492
2013-01-16 19:06:34: :lsass.exe:520
2013-01-16 19:06:34: :lsm.exe:528
2013-01-16 19:06:34: :svchost.exe:632
2013-01-16 19:06:34: :launcher_service.exe:700
2013-01-16 19:06:34: :winlogon.exe:724
2013-01-16 19:06:34: :svchost.exe:780
2013-01-16 19:06:34: :cmdagent.exe:872
2013-01-16 19:06:34: :svchost.exe:912
2013-01-16 19:06:34: :atiesrxx.exe:956
2013-01-16 19:06:34: :svchost.exe:1012
2013-01-16 19:06:34: :svchost.exe:224
2013-01-16 19:06:34: :svchost.exe:408
2013-01-16 19:06:34: :audiodg.exe:764
2013-01-16 19:06:34: :svchost.exe:1036
2013-01-16 19:06:34: :svchost.exe:1112
2013-01-16 19:06:34: :hmpsched.exe:1248
2013-01-16 19:06:34: :atieclxx.exe:1388
2013-01-16 19:06:34: :spoolsv.exe:1488
2013-01-16 19:06:34: :svchost.exe:1520
2013-01-16 19:06:34: :Fuel.Service.exe:1588
2013-01-16 19:06:34: :dragon_updater.exe:1644
2013-01-16 19:06:34: :svchost.exe:1676
2013-01-16 19:06:34: :GeekBuddyRSP.exe:1732
2013-01-16 19:06:34: :MSCamS64.exe:1800
2013-01-16 19:06:34: :c2c_service.exe:1868
2013-01-16 19:06:34: :Updater.exe:1936
2013-01-16 19:06:34: :WmiPrvSE.exe:1848
2013-01-16 19:06:34: :WUDFHost.exe:2264
2013-01-16 19:06:34: :cavwp.exe:2464
2013-01-16 19:06:34: :taskhost.exe:2728
2013-01-16 19:06:34: :taskeng.exe:2764
2013-01-16 19:06:34: :userinit.exe:2780
2013-01-16 19:06:34: :dwm.exe:2888
2013-01-16 19:06:34: :explorer.exe:2920
2013-01-16 19:06:34: :yorkyt.exe:2700
2013-01-16 19:06:34: :CisTray.exe:2564
2013-01-16 19:06:34: :LCore.exe:3276
2013-01-16 19:06:34: :googledrivesync.exe:3292
2013-01-16 19:06:34: :Skype.exe:3328
2013-01-16 19:06:34: :unit_manager.exe:3396
2013-01-16 19:06:34: :jusched.exe:3404
2013-01-16 19:06:34: :googledrivesync.exe:3412
2013-01-16 19:06:34: :GeekBuddyRSP.exe:3420
2013-01-16 19:06:34: :Dropbox.exe:3428
2013-01-16 19:06:34: :MOM.exe:3508
2013-01-16 19:06:34: :LCDMedia.exe:3652
2013-01-16 19:06:34: :LCDCountdown.exe:3660
2013-01-16 19:06:34: :LCDClock.exe:3676
2013-01-16 19:06:34: :LCDPOP3.exe:3684
2013-01-16 19:06:34: :LCDRSS.exe:3704
2013-01-16 19:06:34: :CCC.exe:3828
2013-01-16 19:06:34: :unit.exe:4068
2013-01-16 19:06:34: :ielowutil.exe:3888
2013-01-16 19:06:34: :wmpnetwk.exe:4120
2013-01-16 19:06:34: :cis.exe:4564
2013-01-16 19:06:34: :WmiPrvSE.exe:4620
2013-01-16 19:06:34:
2013-01-16 19:06:34: Starting cleanup mode...
2013-01-16 19:06:34: ... Done with files, now folders
2013-01-16 19:06:42: All DONE

#10 GigabitPony

GigabitPony
  • Topic Starter

  • Members
  • 14 posts
  • OFFLINE
  •  
  • Local time:01:16 PM

Posted 16 January 2013 - 07:45 PM

GMER 2.0.18444 - http://www.gmer.net
Rootkit scan 2013-01-16 19:11:40
Windows 6.1.7601 Service Pack 1 x64 \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP2T0L0-4 INTEL_SSDSA2M040G2GC rev.2CV102M3 37.27GB
Running: nfnil4mr.exe; Driver: C:\Users\GIGABI~1\AppData\Local\Temp\awrirpog.sys


---- User code sections - GMER 2.0 ----

.text C:\Windows\system32\csrss.exe[360] C:\Windows\SYSTEM32\ntdll.dll!NtReplyWaitReceivePort 00000000777213c0 8 bytes JMP 00000000778900d8
.text C:\Windows\system32\csrss.exe[360] C:\Windows\SYSTEM32\ntdll.dll!NtReplyWaitReceivePortEx 00000000777215c0 8 bytes JMP 0000000077890110
.text C:\Windows\system32\csrss.exe[360] C:\Windows\SYSTEM32\ntdll.dll!NtAlpcSendWaitReceivePort 0000000077721b60 8 bytes JMP 0000000077890148
.text C:\Windows\system32\wininit.exe[432] C:\Windows\SYSTEM32\ntdll.dll!LdrUnloadDll 00000000776f3ae0 6 bytes {JMP QWORD [RIP+0x894c550]}
.text C:\Windows\system32\wininit.exe[432] C:\Windows\SYSTEM32\ntdll.dll!NtClose 0000000077721400 6 bytes {JMP QWORD [RIP+0x88fec30]}
.text C:\Windows\system32\wininit.exe[432] C:\Windows\SYSTEM32\ntdll.dll!NtTerminateProcess 00000000777215d0 6 bytes {JMP QWORD [RIP+0x8e7ea60]}
.text C:\Windows\system32\wininit.exe[432] C:\Windows\SYSTEM32\ntdll.dll!NtOpenFile 0000000077721640 6 bytes {JMP QWORD [RIP+0x8f5e9f0]}
.text C:\Windows\system32\wininit.exe[432] C:\Windows\SYSTEM32\ntdll.dll!NtOpenSection 0000000077721680 6 bytes {JMP QWORD [RIP+0x8f1e9b0]}
.text C:\Windows\system32\wininit.exe[432] C:\Windows\SYSTEM32\ntdll.dll!NtAdjustPrivilegesToken 0000000077721720 6 bytes {JMP QWORD [RIP+0x8f7e910]}
.text C:\Windows\system32\wininit.exe[432] C:\Windows\SYSTEM32\ntdll.dll!NtCreateSection 00000000777217b0 6 bytes {JMP QWORD [RIP+0x8efe880]}
.text C:\Windows\system32\wininit.exe[432] C:\Windows\SYSTEM32\ntdll.dll!NtCreateThread 00000000777217f0 6 bytes {JMP QWORD [RIP+0x8dfe840]}
.text C:\Windows\system32\wininit.exe[432] C:\Windows\SYSTEM32\ntdll.dll!NtTerminateThread 0000000077721840 6 bytes {JMP QWORD [RIP+0x8e1e7f0]}
.text C:\Windows\system32\wininit.exe[432] C:\Windows\SYSTEM32\ntdll.dll!NtCreateFile 0000000077721860 6 bytes {JMP QWORD [RIP+0x8f3e7d0]}
.text C:\Windows\system32\wininit.exe[432] C:\Windows\SYSTEM32\ntdll.dll!NtAlpcConnectPort 0000000077721a50 6 bytes {JMP QWORD [RIP+0x8ffe5e0]}
.text C:\Windows\system32\wininit.exe[432] C:\Windows\SYSTEM32\ntdll.dll!NtAlpcSendWaitReceivePort 0000000077721b60 6 bytes {JMP QWORD [RIP+0x8dde4d0]}
.text C:\Windows\system32\wininit.exe[432] C:\Windows\SYSTEM32\ntdll.dll!NtConnectPort 0000000077721c30 6 bytes {JMP QWORD [RIP+0x8e9e400]}
.text C:\Windows\system32\wininit.exe[432] C:\Windows\SYSTEM32\ntdll.dll!NtCreateSymbolicLinkObject 0000000077721d80 6 bytes {JMP QWORD [RIP+0x8f9e2b0]}
.text C:\Windows\system32\wininit.exe[432] C:\Windows\SYSTEM32\ntdll.dll!NtCreateThreadEx 0000000077721d90 6 bytes {JMP QWORD [RIP+0x8fde2a0]}
.text C:\Windows\system32\wininit.exe[432] C:\Windows\SYSTEM32\ntdll.dll!NtLoadDriver 0000000077722100 6 bytes {JMP QWORD [RIP+0x8ebdf30]}
.text C:\Windows\system32\wininit.exe[432] C:\Windows\SYSTEM32\ntdll.dll!NtMakeTemporaryObject 0000000077722190 6 bytes {JMP QWORD [RIP+0x8fbdea0]}
.text C:\Windows\system32\wininit.exe[432] C:\Windows\SYSTEM32\ntdll.dll!NtSetSystemInformation 0000000077722a00 6 bytes {JMP QWORD [RIP+0x8edd630]}
.text C:\Windows\system32\wininit.exe[432] C:\Windows\SYSTEM32\ntdll.dll!NtShutdownSystem 0000000077722a80 6 bytes {JMP QWORD [RIP+0x8e3d5b0]}
.text C:\Windows\system32\wininit.exe[432] C:\Windows\SYSTEM32\ntdll.dll!NtSystemDebugControl 0000000077722b00 6 bytes {JMP QWORD [RIP+0x8e5d530]}
.text C:\Windows\system32\wininit.exe[432] C:\Windows\system32\kernel32.dll!CreateProcessAsUserW 0000000076ffa420 6 bytes {JMP QWORD [RIP+0x90a5c10]}
.text C:\Windows\system32\wininit.exe[432] C:\Windows\system32\kernel32.dll!CreateProcessW 0000000077011b50 6 bytes {JMP QWORD [RIP+0x904e4e0]}
.text C:\Windows\system32\wininit.exe[432] C:\Windows\system32\kernel32.dll!CreateProcessA 0000000077088810 6 bytes {JMP QWORD [RIP+0x8ff7820]}
.text C:\Windows\system32\wininit.exe[432] C:\Windows\system32\KERNELBASE.dll!LoadLibraryExW + 357 000007fefdd29aa5 3 bytes [65, 65, 06]
.text C:\Windows\system32\wininit.exe[432] C:\Windows\system32\KERNELBASE.dll!SetProcessShutdownParameters 000007fefdd35290 5 bytes [FF, 25, A0, AD, 0A]
.text C:\Windows\system32\wininit.exe[432] C:\Windows\system32\USER32.dll!RegisterRawInputDevices 0000000077276ef0 6 bytes {JMP QWORD [RIP+0x9129140]}
.text C:\Windows\system32\wininit.exe[432] C:\Windows\system32\USER32.dll!SystemParametersInfoA 0000000077278184 6 bytes {JMP QWORD [RIP+0x9207eac]}
.text C:\Windows\system32\wininit.exe[432] C:\Windows\system32\USER32.dll!SetParent 0000000077278530 6 bytes {JMP QWORD [RIP+0x9147b00]}
.text C:\Windows\system32\wininit.exe[432] C:\Windows\system32\USER32.dll!PostMessageA 000000007727a404 6 bytes {JMP QWORD [RIP+0x8ee5c2c]}
.text C:\Windows\system32\wininit.exe[432] C:\Windows\system32\USER32.dll!EnableWindow 000000007727aaa0 6 bytes {JMP QWORD [RIP+0x9245590]}
.text C:\Windows\system32\wininit.exe[432] C:\Windows\system32\USER32.dll!MoveWindow 000000007727aad0 6 bytes {JMP QWORD [RIP+0x9165560]}
.text C:\Windows\system32\wininit.exe[432] C:\Windows\system32\USER32.dll!GetAsyncKeyState 000000007727c720 6 bytes {JMP QWORD [RIP+0x9103910]}
.text C:\Windows\system32\wininit.exe[432] C:\Windows\system32\USER32.dll!RegisterHotKey 000000007727cd50 6 bytes {JMP QWORD [RIP+0x91e32e0]}
.text C:\Windows\system32\wininit.exe[432] C:\Windows\system32\USER32.dll!PostThreadMessageA 000000007727d2b0 6 bytes {JMP QWORD [RIP+0x8f22d80]}
.text C:\Windows\system32\wininit.exe[432] C:\Windows\system32\USER32.dll!SendMessageA 000000007727d338 6 bytes {JMP QWORD [RIP+0x8f62cf8]}
.text C:\Windows\system32\wininit.exe[432] C:\Windows\system32\USER32.dll!SendNotifyMessageW 000000007727dc40 6 bytes {JMP QWORD [RIP+0x90423f0]}
.text C:\Windows\system32\wininit.exe[432] C:\Windows\system32\USER32.dll!SystemParametersInfoW 000000007727f510 6 bytes {JMP QWORD [RIP+0x9220b20]}
.text C:\Windows\system32\wininit.exe[432] C:\Windows\system32\USER32.dll!SetWindowsHookExW 000000007727f874 6 bytes {JMP QWORD [RIP+0x8ea07bc]}
.text C:\Windows\system32\wininit.exe[432] C:\Windows\system32\USER32.dll!SendMessageTimeoutW 000000007727fac0 6 bytes {JMP QWORD [RIP+0x8fc0570]}
.text C:\Windows\system32\wininit.exe[432] C:\Windows\system32\USER32.dll!PostThreadMessageW 0000000077280b74 6 bytes {JMP QWORD [RIP+0x8f3f4bc]}
.text C:\Windows\system32\wininit.exe[432] C:\Windows\system32\USER32.dll!SetWinEventHook + 1 0000000077284d4d 5 bytes {JMP QWORD [RIP+0x8ebb2e4]}
.text C:\Windows\system32\wininit.exe[432] C:\Windows\system32\USER32.dll!GetKeyState 0000000077285010 6 bytes {JMP QWORD [RIP+0x90db020]}
.text C:\Windows\system32\wininit.exe[432] C:\Windows\system32\USER32.dll!SendMessageCallbackW 0000000077285438 6 bytes {JMP QWORD [RIP+0x8ffabf8]}
.text C:\Windows\system32\wininit.exe[432] C:\Windows\system32\USER32.dll!SendMessageW 0000000077286b50 6 bytes {JMP QWORD [RIP+0x8f794e0]}
.text C:\Windows\system32\wininit.exe[432] C:\Windows\system32\USER32.dll!PostMessageW 00000000772876e4 6 bytes {JMP QWORD [RIP+0x8ef894c]}
.text C:\Windows\system32\wininit.exe[432] C:\Windows\system32\USER32.dll!SendDlgItemMessageW 000000007728dd90 6 bytes {JMP QWORD [RIP+0x90722a0]}
.text C:\Windows\system32\wininit.exe[432] C:\Windows\system32\USER32.dll!GetClipboardData 000000007728e874 6 bytes {JMP QWORD [RIP+0x91b17bc]}
.text C:\Windows\system32\wininit.exe[432] C:\Windows\system32\USER32.dll!SetClipboardViewer 000000007728f780 6 bytes {JMP QWORD [RIP+0x91708b0]}
.text C:\Windows\system32\wininit.exe[432] C:\Windows\system32\USER32.dll!SendNotifyMessageA 00000000772928e4 6 bytes {JMP QWORD [RIP+0x900d74c]}
.text C:\Windows\system32\wininit.exe[432] C:\Windows\system32\USER32.dll!mouse_event 0000000077293894 6 bytes {JMP QWORD [RIP+0x8e4c79c]}
.text C:\Windows\system32\wininit.exe[432] C:\Windows\system32\USER32.dll!GetKeyboardState 0000000077298a10 6 bytes {JMP QWORD [RIP+0x90a7620]}
.text C:\Windows\system32\wininit.exe[432] C:\Windows\system32\USER32.dll!SendMessageTimeoutA 0000000077298be0 6 bytes {JMP QWORD [RIP+0x8f87450]}
.text C:\Windows\system32\wininit.exe[432] C:\Windows\system32\USER32.dll!SetWindowsHookExA 0000000077298c20 6 bytes {JMP QWORD [RIP+0x8e67410]}
.text C:\Windows\system32\wininit.exe[432] C:\Windows\system32\USER32.dll!SendInput 0000000077298cd0 6 bytes {JMP QWORD [RIP+0x9087360]}
.text C:\Windows\system32\wininit.exe[432] C:\Windows\system32\USER32.dll!BlockInput 000000007729ad60 6 bytes {JMP QWORD [RIP+0x91852d0]}
.text C:\Windows\system32\wininit.exe[432] C:\Windows\system32\USER32.dll!ExitWindowsEx 00000000772c14e0 6 bytes {JMP QWORD [RIP+0x921eb50]}
.text C:\Windows\system32\wininit.exe[432] C:\Windows\system32\USER32.dll!keybd_event 00000000772e45a4 6 bytes {JMP QWORD [RIP+0x8ddba8c]}
.text C:\Windows\system32\wininit.exe[432] C:\Windows\system32\USER32.dll!SendDlgItemMessageA 00000000772ecc08 6 bytes {JMP QWORD [RIP+0x8ff3428]}
.text C:\Windows\system32\wininit.exe[432] C:\Windows\system32\USER32.dll!SendMessageCallbackA 00000000772edf18 6 bytes {JMP QWORD [RIP+0x8f72118]}
.text C:\Windows\system32\wininit.exe[432] C:\Windows\system32\GDI32.dll!DeleteDC 000007feff8322cc 6 bytes {JMP QWORD [RIP+0x1add64]}
.text C:\Windows\system32\wininit.exe[432] C:\Windows\system32\GDI32.dll!BitBlt 000007feff8324c0 6 bytes {JMP QWORD [RIP+0x1ddb70]}
.text C:\Windows\system32\wininit.exe[432] C:\Windows\system32\GDI32.dll!MaskBlt 000007feff835be0 6 bytes {JMP QWORD [RIP+0x1fa450]}
.text C:\Windows\system32\wininit.exe[432] C:\Windows\system32\GDI32.dll!CreateDCW 000007feff838398 6 bytes {JMP QWORD [RIP+0xc7c98]}
.text C:\Windows\system32\wininit.exe[432] C:\Windows\system32\GDI32.dll!CreateDCA 000007feff8389c8 6 bytes {JMP QWORD [RIP+0xa7668]}
.text C:\Windows\system32\wininit.exe[432] C:\Windows\system32\GDI32.dll!GetPixel 000007feff839344 6 bytes {JMP QWORD [RIP+0xe6cec]}
.text C:\Windows\system32\wininit.exe[432] C:\Windows\system32\GDI32.dll!StretchBlt 000007feff83b9e8 6 bytes {JMP QWORD [RIP+0x234648]}
.text C:\Windows\system32\wininit.exe[432] C:\Windows\system32\GDI32.dll!PlgBlt 000007feff845410 6 bytes {JMP QWORD [RIP+0x20ac20]}
.text C:\Windows\system32\csrss.exe[452] C:\Windows\SYSTEM32\ntdll.dll!NtReplyWaitReceivePort 00000000777213c0 8 bytes JMP 00000000778900d8
.text C:\Windows\system32\csrss.exe[452] C:\Windows\SYSTEM32\ntdll.dll!NtReplyWaitReceivePortEx 00000000777215c0 8 bytes JMP 0000000077890110
.text C:\Windows\system32\csrss.exe[452] C:\Windows\SYSTEM32\ntdll.dll!NtAlpcSendWaitReceivePort 0000000077721b60 8 bytes JMP 0000000077890148
.text C:\Windows\system32\services.exe[492] C:\Windows\SYSTEM32\ntdll.dll!LdrUnloadDll 00000000776f3ae0 6 bytes {JMP QWORD [RIP+0x894c550]}
.text C:\Windows\system32\services.exe[492] C:\Windows\SYSTEM32\ntdll.dll!NtClose 0000000077721400 6 bytes {JMP QWORD [RIP+0x88fec30]}
.text C:\Windows\system32\services.exe[492] C:\Windows\SYSTEM32\ntdll.dll!NtTerminateProcess 00000000777215d0 6 bytes {JMP QWORD [RIP+0x8e7ea60]}
.text C:\Windows\system32\services.exe[492] C:\Windows\SYSTEM32\ntdll.dll!NtOpenFile 0000000077721640 6 bytes {JMP QWORD [RIP+0x8f5e9f0]}
.text C:\Windows\system32\services.exe[492] C:\Windows\SYSTEM32\ntdll.dll!NtOpenSection 0000000077721680 6 bytes {JMP QWORD [RIP+0x8f1e9b0]}
.text C:\Windows\system32\services.exe[492] C:\Windows\SYSTEM32\ntdll.dll!NtAdjustPrivilegesToken 0000000077721720 6 bytes {JMP QWORD [RIP+0x8f7e910]}
.text C:\Windows\system32\services.exe[492] C:\Windows\SYSTEM32\ntdll.dll!NtCreateSection 00000000777217b0 6 bytes {JMP QWORD [RIP+0x8efe880]}
.text C:\Windows\system32\services.exe[492] C:\Windows\SYSTEM32\ntdll.dll!NtCreateThread 00000000777217f0 6 bytes {JMP QWORD [RIP+0x8dfe840]}
.text C:\Windows\system32\services.exe[492] C:\Windows\SYSTEM32\ntdll.dll!NtTerminateThread 0000000077721840 6 bytes {JMP QWORD [RIP+0x8e1e7f0]}
.text C:\Windows\system32\services.exe[492] C:\Windows\SYSTEM32\ntdll.dll!NtCreateFile 0000000077721860 6 bytes {JMP QWORD [RIP+0x8f3e7d0]}
.text C:\Windows\system32\services.exe[492] C:\Windows\SYSTEM32\ntdll.dll!NtAlpcConnectPort 0000000077721a50 6 bytes {JMP QWORD [RIP+0x8ffe5e0]}
.text C:\Windows\system32\services.exe[492] C:\Windows\SYSTEM32\ntdll.dll!NtAlpcSendWaitReceivePort 0000000077721b60 6 bytes {JMP QWORD [RIP+0x8dde4d0]}
.text C:\Windows\system32\services.exe[492] C:\Windows\SYSTEM32\ntdll.dll!NtConnectPort 0000000077721c30 6 bytes {JMP QWORD [RIP+0x8e9e400]}
.text C:\Windows\system32\services.exe[492] C:\Windows\SYSTEM32\ntdll.dll!NtCreateSymbolicLinkObject 0000000077721d80 6 bytes {JMP QWORD [RIP+0x8f9e2b0]}
.text C:\Windows\system32\services.exe[492] C:\Windows\SYSTEM32\ntdll.dll!NtCreateThreadEx 0000000077721d90 6 bytes {JMP QWORD [RIP+0x8fde2a0]}
.text C:\Windows\system32\services.exe[492] C:\Windows\SYSTEM32\ntdll.dll!NtLoadDriver 0000000077722100 6 bytes {JMP QWORD [RIP+0x8ebdf30]}
.text C:\Windows\system32\services.exe[492] C:\Windows\SYSTEM32\ntdll.dll!NtMakeTemporaryObject 0000000077722190 6 bytes {JMP QWORD [RIP+0x8fbdea0]}
.text C:\Windows\system32\services.exe[492] C:\Windows\SYSTEM32\ntdll.dll!NtSetSystemInformation 0000000077722a00 6 bytes {JMP QWORD [RIP+0x8edd630]}
.text C:\Windows\system32\services.exe[492] C:\Windows\SYSTEM32\ntdll.dll!NtShutdownSystem 0000000077722a80 6 bytes {JMP QWORD [RIP+0x8e3d5b0]}
.text C:\Windows\system32\services.exe[492] C:\Windows\SYSTEM32\ntdll.dll!NtSystemDebugControl 0000000077722b00 6 bytes {JMP QWORD [RIP+0x8e5d530]}
.text C:\Windows\system32\services.exe[492] C:\Windows\system32\kernel32.dll!CreateProcessAsUserW 0000000076ffa420 6 bytes {JMP QWORD [RIP+0x90a5c10]}
.text C:\Windows\system32\services.exe[492] C:\Windows\system32\kernel32.dll!CreateProcessW 0000000077011b50 6 bytes {JMP QWORD [RIP+0x904e4e0]}
.text C:\Windows\system32\services.exe[492] C:\Windows\system32\kernel32.dll!CreateProcessA 0000000077088810 6 bytes {JMP QWORD [RIP+0x8ff7820]}
.text C:\Windows\system32\services.exe[492] C:\Windows\system32\KERNELBASE.dll!LoadLibraryExW + 357 000007fefdd29aa5 3 bytes [65, 65, 06]
.text C:\Windows\system32\services.exe[492] C:\Windows\system32\KERNELBASE.dll!SetProcessShutdownParameters 000007fefdd35290 5 bytes [FF, 25, A0, AD, 0A]
.text C:\Windows\system32\services.exe[492] C:\Windows\system32\RPCRT4.dll!RpcServerRegisterIfEx 000007feff746bd0 6 bytes {JMP QWORD [RIP+0x199460]}
.text C:\Windows\system32\services.exe[492] C:\Windows\system32\USER32.dll!RegisterRawInputDevices 0000000077276ef0 6 bytes {JMP QWORD [RIP+0x9129140]}
.text C:\Windows\system32\services.exe[492] C:\Windows\system32\USER32.dll!SystemParametersInfoA 0000000077278184 6 bytes {JMP QWORD [RIP+0x9207eac]}
.text C:\Windows\system32\services.exe[492] C:\Windows\system32\USER32.dll!SetParent 0000000077278530 6 bytes {JMP QWORD [RIP+0x9147b00]}
.text C:\Windows\system32\services.exe[492] C:\Windows\system32\USER32.dll!PostMessageA 000000007727a404 6 bytes {JMP QWORD [RIP+0x8ee5c2c]}
.text C:\Windows\system32\services.exe[492] C:\Windows\system32\USER32.dll!EnableWindow 000000007727aaa0 6 bytes {JMP QWORD [RIP+0x9245590]}
.text C:\Windows\system32\services.exe[492] C:\Windows\system32\USER32.dll!MoveWindow 000000007727aad0 6 bytes {JMP QWORD [RIP+0x9165560]}
.text C:\Windows\system32\services.exe[492] C:\Windows\system32\USER32.dll!GetAsyncKeyState 000000007727c720 6 bytes {JMP QWORD [RIP+0x9103910]}
.text C:\Windows\system32\services.exe[492] C:\Windows\system32\USER32.dll!RegisterHotKey 000000007727cd50 6 bytes {JMP QWORD [RIP+0x91e32e0]}
.text C:\Windows\system32\services.exe[492] C:\Windows\system32\USER32.dll!PostThreadMessageA 000000007727d2b0 6 bytes {JMP QWORD [RIP+0x8f22d80]}
.text C:\Windows\system32\services.exe[492] C:\Windows\system32\USER32.dll!SendMessageA 000000007727d338 6 bytes {JMP QWORD [RIP+0x8f62cf8]}
.text C:\Windows\system32\services.exe[492] C:\Windows\system32\USER32.dll!SendNotifyMessageW 000000007727dc40 6 bytes {JMP QWORD [RIP+0x90423f0]}
.text C:\Windows\system32\services.exe[492] C:\Windows\system32\USER32.dll!SystemParametersInfoW 000000007727f510 6 bytes {JMP QWORD [RIP+0x9220b20]}
.text C:\Windows\system32\services.exe[492] C:\Windows\system32\USER32.dll!SetWindowsHookExW 000000007727f874 6 bytes {JMP QWORD [RIP+0x8ea07bc]}
.text C:\Windows\system32\services.exe[492] C:\Windows\system32\USER32.dll!SendMessageTimeoutW 000000007727fac0 6 bytes {JMP QWORD [RIP+0x8fc0570]}
.text C:\Windows\system32\services.exe[492] C:\Windows\system32\USER32.dll!PostThreadMessageW 0000000077280b74 6 bytes {JMP QWORD [RIP+0x8f3f4bc]}
.text C:\Windows\system32\services.exe[492] C:\Windows\system32\USER32.dll!SetWinEventHook + 1 0000000077284d4d 5 bytes {JMP QWORD [RIP+0x8ebb2e4]}
.text C:\Windows\system32\services.exe[492] C:\Windows\system32\USER32.dll!GetKeyState 0000000077285010 6 bytes {JMP QWORD [RIP+0x90db020]}
.text C:\Windows\system32\services.exe[492] C:\Windows\system32\USER32.dll!SendMessageCallbackW 0000000077285438 6 bytes {JMP QWORD [RIP+0x8ffabf8]}
.text C:\Windows\system32\services.exe[492] C:\Windows\system32\USER32.dll!SendMessageW 0000000077286b50 6 bytes {JMP QWORD [RIP+0x8f794e0]}
.text C:\Windows\system32\services.exe[492] C:\Windows\system32\USER32.dll!PostMessageW 00000000772876e4 6 bytes {JMP QWORD [RIP+0x8ef894c]}
.text C:\Windows\system32\services.exe[492] C:\Windows\system32\USER32.dll!SendDlgItemMessageW 000000007728dd90 6 bytes {JMP QWORD [RIP+0x90722a0]}
.text C:\Windows\system32\services.exe[492] C:\Windows\system32\USER32.dll!GetClipboardData 000000007728e874 6 bytes {JMP QWORD [RIP+0x91b17bc]}
.text C:\Windows\system32\services.exe[492] C:\Windows\system32\USER32.dll!SetClipboardViewer 000000007728f780 6 bytes {JMP QWORD [RIP+0x91708b0]}
.text C:\Windows\system32\services.exe[492] C:\Windows\system32\USER32.dll!SendNotifyMessageA 00000000772928e4 6 bytes {JMP QWORD [RIP+0x900d74c]}
.text C:\Windows\system32\services.exe[492] C:\Windows\system32\USER32.dll!mouse_event 0000000077293894 6 bytes {JMP QWORD [RIP+0x8e4c79c]}
.text C:\Windows\system32\services.exe[492] C:\Windows\system32\USER32.dll!GetKeyboardState 0000000077298a10 6 bytes {JMP QWORD [RIP+0x90a7620]}
.text C:\Windows\system32\services.exe[492] C:\Windows\system32\USER32.dll!SendMessageTimeoutA 0000000077298be0 6 bytes {JMP QWORD [RIP+0x8f87450]}
.text C:\Windows\system32\services.exe[492] C:\Windows\system32\USER32.dll!SetWindowsHookExA 0000000077298c20 6 bytes {JMP QWORD [RIP+0x8e67410]}
.text C:\Windows\system32\services.exe[492] C:\Windows\system32\USER32.dll!SendInput 0000000077298cd0 6 bytes {JMP QWORD [RIP+0x9087360]}
.text C:\Windows\system32\services.exe[492] C:\Windows\system32\USER32.dll!BlockInput 000000007729ad60 6 bytes {JMP QWORD [RIP+0x91852d0]}
.text C:\Windows\system32\services.exe[492] C:\Windows\system32\USER32.dll!ExitWindowsEx 00000000772c14e0 6 bytes {JMP QWORD [RIP+0x921eb50]}
.text C:\Windows\system32\services.exe[492] C:\Windows\system32\USER32.dll!keybd_event 00000000772e45a4 6 bytes {JMP QWORD [RIP+0x8ddba8c]}
.text C:\Windows\system32\services.exe[492] C:\Windows\system32\USER32.dll!SendDlgItemMessageA 00000000772ecc08 6 bytes {JMP QWORD [RIP+0x8ff3428]}
.text C:\Windows\system32\services.exe[492] C:\Windows\system32\USER32.dll!SendMessageCallbackA 00000000772edf18 6 bytes {JMP QWORD [RIP+0x8f72118]}
.text C:\Windows\system32\services.exe[492] C:\Windows\system32\GDI32.dll!DeleteDC 000007feff8322cc 6 bytes {JMP QWORD [RIP+0x1ddd64]}
.text C:\Windows\system32\services.exe[492] C:\Windows\system32\GDI32.dll!BitBlt 000007feff8324c0 6 bytes {JMP QWORD [RIP+0x1fdb70]}
.text C:\Windows\system32\services.exe[492] C:\Windows\system32\GDI32.dll!MaskBlt 000007feff835be0 6 bytes {JMP QWORD [RIP+0x21a450]}
.text C:\Windows\system32\services.exe[492] C:\Windows\system32\GDI32.dll!CreateDCW 000007feff838398 6 bytes {JMP QWORD [RIP+0xe7c98]}
.text C:\Windows\system32\services.exe[492] C:\Windows\system32\GDI32.dll!CreateDCA 000007feff8389c8 6 bytes {JMP QWORD [RIP+0xc7668]}
.text C:\Windows\system32\services.exe[492] C:\Windows\system32\GDI32.dll!GetPixel 000007feff839344 6 bytes {JMP QWORD [RIP+0x1a6cec]}
.text C:\Windows\system32\services.exe[492] C:\Windows\system32\GDI32.dll!StretchBlt 000007feff83b9e8 6 bytes {JMP QWORD [RIP+0x254648]}
.text C:\Windows\system32\services.exe[492] C:\Windows\system32\GDI32.dll!PlgBlt 000007feff845410 6 bytes {JMP QWORD [RIP+0x22ac20]}
.text C:\Windows\system32\lsass.exe[520] C:\Windows\SYSTEM32\ntdll.dll!LdrUnloadDll 00000000776f3ae0 6 bytes {JMP QWORD [RIP+0x894c550]}
.text C:\Windows\system32\lsass.exe[520] C:\Windows\SYSTEM32\ntdll.dll!NtClose 0000000077721400 6 bytes {JMP QWORD [RIP+0x88fec30]}
.text C:\Windows\system32\lsass.exe[520] C:\Windows\SYSTEM32\ntdll.dll!NtTerminateProcess 00000000777215d0 6 bytes {JMP QWORD [RIP+0x8e7ea60]}
.text C:\Windows\system32\lsass.exe[520] C:\Windows\SYSTEM32\ntdll.dll!NtOpenFile 0000000077721640 6 bytes {JMP QWORD [RIP+0x8f5e9f0]}
.text C:\Windows\system32\lsass.exe[520] C:\Windows\SYSTEM32\ntdll.dll!NtOpenSection 0000000077721680 6 bytes {JMP QWORD [RIP+0x8f1e9b0]}
.text C:\Windows\system32\lsass.exe[520] C:\Windows\SYSTEM32\ntdll.dll!NtAdjustPrivilegesToken 0000000077721720 6 bytes {JMP QWORD [RIP+0x8f7e910]}
.text C:\Windows\system32\lsass.exe[520] C:\Windows\SYSTEM32\ntdll.dll!NtCreateSection 00000000777217b0 6 bytes {JMP QWORD [RIP+0x8efe880]}
.text C:\Windows\system32\lsass.exe[520] C:\Windows\SYSTEM32\ntdll.dll!NtCreateThread 00000000777217f0 6 bytes {JMP QWORD [RIP+0x8dfe840]}
.text C:\Windows\system32\lsass.exe[520] C:\Windows\SYSTEM32\ntdll.dll!NtTerminateThread 0000000077721840 6 bytes {JMP QWORD [RIP+0x8e1e7f0]}
.text C:\Windows\system32\lsass.exe[520] C:\Windows\SYSTEM32\ntdll.dll!NtCreateFile 0000000077721860 6 bytes {JMP QWORD [RIP+0x8f3e7d0]}
.text C:\Windows\system32\lsass.exe[520] C:\Windows\SYSTEM32\ntdll.dll!NtAlpcConnectPort 0000000077721a50 6 bytes {JMP QWORD [RIP+0x8ffe5e0]}
.text C:\Windows\system32\lsass.exe[520] C:\Windows\SYSTEM32\ntdll.dll!NtAlpcSendWaitReceivePort 0000000077721b60 6 bytes {JMP QWORD [RIP+0x8dde4d0]}
.text C:\Windows\system32\lsass.exe[520] C:\Windows\SYSTEM32\ntdll.dll!NtConnectPort 0000000077721c30 6 bytes {JMP QWORD [RIP+0x8e9e400]}
.text C:\Windows\system32\lsass.exe[520] C:\Windows\SYSTEM32\ntdll.dll!NtCreateSymbolicLinkObject 0000000077721d80 6 bytes {JMP QWORD [RIP+0x8f9e2b0]}
.text C:\Windows\system32\lsass.exe[520] C:\Windows\SYSTEM32\ntdll.dll!NtCreateThreadEx 0000000077721d90 6 bytes {JMP QWORD [RIP+0x8fde2a0]}
.text C:\Windows\system32\lsass.exe[520] C:\Windows\SYSTEM32\ntdll.dll!NtLoadDriver 0000000077722100 6 bytes {JMP QWORD [RIP+0x8ebdf30]}
.text C:\Windows\system32\lsass.exe[520] C:\Windows\SYSTEM32\ntdll.dll!NtMakeTemporaryObject 0000000077722190 6 bytes {JMP QWORD [RIP+0x8fbdea0]}
.text C:\Windows\system32\lsass.exe[520] C:\Windows\SYSTEM32\ntdll.dll!NtSetSystemInformation 0000000077722a00 6 bytes {JMP QWORD [RIP+0x8edd630]}
.text C:\Windows\system32\lsass.exe[520] C:\Windows\SYSTEM32\ntdll.dll!NtShutdownSystem 0000000077722a80 6 bytes {JMP QWORD [RIP+0x8e3d5b0]}
.text C:\Windows\system32\lsass.exe[520] C:\Windows\SYSTEM32\ntdll.dll!NtSystemDebugControl 0000000077722b00 6 bytes {JMP QWORD [RIP+0x8e5d530]}
.text C:\Windows\system32\lsass.exe[520] C:\Windows\system32\KERNELBASE.dll!LoadLibraryExW + 357 000007fefdd29aa5 3 bytes [65, 65, 06]
.text C:\Windows\system32\lsass.exe[520] C:\Windows\system32\KERNELBASE.dll!SetProcessShutdownParameters 000007fefdd35290 5 bytes [FF, 25, A0, AD, 0A]
.text C:\Windows\system32\lsass.exe[520] C:\Windows\system32\GDI32.dll!DeleteDC 000007feff8322cc 6 bytes {JMP QWORD [RIP+0x1add64]}
.text C:\Windows\system32\lsass.exe[520] C:\Windows\system32\GDI32.dll!BitBlt 000007feff8324c0 6 bytes {JMP QWORD [RIP+0x1ddb70]}
.text C:\Windows\system32\lsass.exe[520] C:\Windows\system32\GDI32.dll!MaskBlt 000007feff835be0 6 bytes {JMP QWORD [RIP+0x1fa450]}
.text C:\Windows\system32\lsass.exe[520] C:\Windows\system32\GDI32.dll!CreateDCW 000007feff838398 6 bytes {JMP QWORD [RIP+0xc7c98]}
.text C:\Windows\system32\lsass.exe[520] C:\Windows\system32\GDI32.dll!CreateDCA 000007feff8389c8 6 bytes {JMP QWORD [RIP+0xa7668]}
.text C:\Windows\system32\lsass.exe[520] C:\Windows\system32\GDI32.dll!GetPixel 000007feff839344 6 bytes {JMP QWORD [RIP+0xe6cec]}
.text C:\Windows\system32\lsass.exe[520] C:\Windows\system32\GDI32.dll!StretchBlt 000007feff83b9e8 6 bytes {JMP QWORD [RIP+0x234648]}
.text C:\Windows\system32\lsass.exe[520] C:\Windows\system32\GDI32.dll!PlgBlt 000007feff845410 6 bytes {JMP QWORD [RIP+0x20ac20]}
.text C:\Windows\system32\lsass.exe[520] C:\Windows\system32\ADVAPI32.dll!CreateProcessAsUserA 000007fefe30a1a0 6 bytes {JMP QWORD [RIP+0xb5e90]}
.text C:\Windows\system32\lsm.exe[528] C:\Windows\SYSTEM32\ntdll.dll!LdrUnloadDll 00000000776f3ae0 6 bytes {JMP QWORD [RIP+0x894c550]}
.text C:\Windows\system32\lsm.exe[528] C:\Windows\SYSTEM32\ntdll.dll!NtClose 0000000077721400 6 bytes {JMP QWORD [RIP+0x88fec30]}
.text C:\Windows\system32\lsm.exe[528] C:\Windows\SYSTEM32\ntdll.dll!NtTerminateProcess 00000000777215d0 6 bytes {JMP QWORD [RIP+0x8e7ea60]}
.text C:\Windows\system32\lsm.exe[528] C:\Windows\SYSTEM32\ntdll.dll!NtOpenFile 0000000077721640 6 bytes {JMP QWORD [RIP+0x8f5e9f0]}
.text C:\Windows\system32\lsm.exe[528] C:\Windows\SYSTEM32\ntdll.dll!NtOpenSection 0000000077721680 6 bytes {JMP QWORD [RIP+0x8f1e9b0]}
.text C:\Windows\system32\lsm.exe[528] C:\Windows\SYSTEM32\ntdll.dll!NtAdjustPrivilegesToken 0000000077721720 6 bytes {JMP QWORD [RIP+0x8f7e910]}
.text C:\Windows\system32\lsm.exe[528] C:\Windows\SYSTEM32\ntdll.dll!NtCreateSection 00000000777217b0 6 bytes {JMP QWORD [RIP+0x8efe880]}
.text C:\Windows\system32\lsm.exe[528] C:\Windows\SYSTEM32\ntdll.dll!NtCreateThread 00000000777217f0 6 bytes {JMP QWORD [RIP+0x8dfe840]}
.text C:\Windows\system32\lsm.exe[528] C:\Windows\SYSTEM32\ntdll.dll!NtTerminateThread 0000000077721840 6 bytes {JMP QWORD [RIP+0x8e1e7f0]}
.text C:\Windows\system32\lsm.exe[528] C:\Windows\SYSTEM32\ntdll.dll!NtCreateFile 0000000077721860 6 bytes {JMP QWORD [RIP+0x8f3e7d0]}
.text C:\Windows\system32\lsm.exe[528] C:\Windows\SYSTEM32\ntdll.dll!NtAlpcConnectPort 0000000077721a50 6 bytes {JMP QWORD [RIP+0x8ffe5e0]}
.text C:\Windows\system32\lsm.exe[528] C:\Windows\SYSTEM32\ntdll.dll!NtAlpcSendWaitReceivePort 0000000077721b60 6 bytes {JMP QWORD [RIP+0x8dde4d0]}
.text C:\Windows\system32\lsm.exe[528] C:\Windows\SYSTEM32\ntdll.dll!NtConnectPort 0000000077721c30 6 bytes {JMP QWORD [RIP+0x8e9e400]}
.text C:\Windows\system32\lsm.exe[528] C:\Windows\SYSTEM32\ntdll.dll!NtCreateSymbolicLinkObject 0000000077721d80 6 bytes {JMP QWORD [RIP+0x8f9e2b0]}
.text C:\Windows\system32\lsm.exe[528] C:\Windows\SYSTEM32\ntdll.dll!NtCreateThreadEx 0000000077721d90 6 bytes {JMP QWORD [RIP+0x8fde2a0]}
.text C:\Windows\system32\lsm.exe[528] C:\Windows\SYSTEM32\ntdll.dll!NtLoadDriver 0000000077722100 6 bytes {JMP QWORD [RIP+0x8ebdf30]}
.text C:\Windows\system32\lsm.exe[528] C:\Windows\SYSTEM32\ntdll.dll!NtMakeTemporaryObject 0000000077722190 6 bytes {JMP QWORD [RIP+0x8fbdea0]}
.text C:\Windows\system32\lsm.exe[528] C:\Windows\SYSTEM32\ntdll.dll!NtSetSystemInformation 0000000077722a00 6 bytes {JMP QWORD [RIP+0x8edd630]}
.text C:\Windows\system32\lsm.exe[528] C:\Windows\SYSTEM32\ntdll.dll!NtShutdownSystem 0000000077722a80 6 bytes {JMP QWORD [RIP+0x8e3d5b0]}
.text C:\Windows\system32\lsm.exe[528] C:\Windows\SYSTEM32\ntdll.dll!NtSystemDebugControl 0000000077722b00 6 bytes {JMP QWORD [RIP+0x8e5d530]}
.text C:\Windows\system32\lsm.exe[528] C:\Windows\system32\KERNELBASE.dll!LoadLibraryExW + 357 000007fefdd29aa5 3 bytes [65, 65, 06]
.text C:\Windows\system32\lsm.exe[528] C:\Windows\system32\KERNELBASE.dll!SetProcessShutdownParameters 000007fefdd35290 5 bytes [FF, 25, A0, AD, 0A]
.text C:\Windows\system32\lsm.exe[528] C:\Windows\system32\GDI32.dll!DeleteDC 000007feff8322cc 6 bytes {JMP QWORD [RIP+0x1add64]}
.text C:\Windows\system32\lsm.exe[528] C:\Windows\system32\GDI32.dll!BitBlt 000007feff8324c0 6 bytes {JMP QWORD [RIP+0x1ddb70]}
.text C:\Windows\system32\lsm.exe[528] C:\Windows\system32\GDI32.dll!MaskBlt 000007feff835be0 6 bytes {JMP QWORD [RIP+0x1fa450]}
.text C:\Windows\system32\lsm.exe[528] C:\Windows\system32\GDI32.dll!CreateDCW 000007feff838398 6 bytes {JMP QWORD [RIP+0xc7c98]}
.text C:\Windows\system32\lsm.exe[528] C:\Windows\system32\GDI32.dll!CreateDCA 000007feff8389c8 6 bytes {JMP QWORD [RIP+0xa7668]}
.text C:\Windows\system32\lsm.exe[528] C:\Windows\system32\GDI32.dll!GetPixel 000007feff839344 6 bytes {JMP QWORD [RIP+0xe6cec]}
.text C:\Windows\system32\lsm.exe[528] C:\Windows\system32\GDI32.dll!StretchBlt 000007feff83b9e8 6 bytes {JMP QWORD [RIP+0x234648]}
.text C:\Windows\system32\lsm.exe[528] C:\Windows\system32\GDI32.dll!PlgBlt 000007feff845410 6 bytes {JMP QWORD [RIP+0x20ac20]}
.text C:\Windows\system32\svchost.exe[632] C:\Windows\SYSTEM32\ntdll.dll!LdrUnloadDll 00000000776f3ae0 6 bytes {JMP QWORD [RIP+0x894c550]}
.text C:\Windows\system32\svchost.exe[632] C:\Windows\SYSTEM32\ntdll.dll!NtClose 0000000077721400 6 bytes {JMP QWORD [RIP+0x88fec30]}
.text C:\Windows\system32\svchost.exe[632] C:\Windows\SYSTEM32\ntdll.dll!NtTerminateProcess 00000000777215d0 6 bytes {JMP QWORD [RIP+0x8e7ea60]}
.text C:\Windows\system32\svchost.exe[632] C:\Windows\SYSTEM32\ntdll.dll!NtOpenFile 0000000077721640 6 bytes {JMP QWORD [RIP+0x8f5e9f0]}
.text C:\Windows\system32\svchost.exe[632] C:\Windows\SYSTEM32\ntdll.dll!NtOpenSection 0000000077721680 6 bytes {JMP QWORD [RIP+0x8f1e9b0]}
.text C:\Windows\system32\svchost.exe[632] C:\Windows\SYSTEM32\ntdll.dll!NtAdjustPrivilegesToken 0000000077721720 6 bytes {JMP QWORD [RIP+0x8f7e910]}
.text C:\Windows\system32\svchost.exe[632] C:\Windows\SYSTEM32\ntdll.dll!NtCreateSection 00000000777217b0 6 bytes {JMP QWORD [RIP+0x8efe880]}
.text C:\Windows\system32\svchost.exe[632] C:\Windows\SYSTEM32\ntdll.dll!NtCreateThread 00000000777217f0 6 bytes {JMP QWORD [RIP+0x8dfe840]}
.text C:\Windows\system32\svchost.exe[632] C:\Windows\SYSTEM32\ntdll.dll!NtTerminateThread 0000000077721840 6 bytes {JMP QWORD [RIP+0x8e1e7f0]}
.text C:\Windows\system32\svchost.exe[632] C:\Windows\SYSTEM32\ntdll.dll!NtCreateFile 0000000077721860 6 bytes {JMP QWORD [RIP+0x8f3e7d0]}
.text C:\Windows\system32\svchost.exe[632] C:\Windows\SYSTEM32\ntdll.dll!NtAlpcConnectPort 0000000077721a50 6 bytes {JMP QWORD [RIP+0x8ffe5e0]}
.text C:\Windows\system32\svchost.exe[632] C:\Windows\SYSTEM32\ntdll.dll!NtAlpcSendWaitReceivePort 0000000077721b60 6 bytes {JMP QWORD [RIP+0x8dde4d0]}
.text C:\Windows\system32\svchost.exe[632] C:\Windows\SYSTEM32\ntdll.dll!NtConnectPort 0000000077721c30 6 bytes {JMP QWORD [RIP+0x8e9e400]}
.text C:\Windows\system32\svchost.exe[632] C:\Windows\SYSTEM32\ntdll.dll!NtCreateSymbolicLinkObject 0000000077721d80 6 bytes {JMP QWORD [RIP+0x8f9e2b0]}
.text C:\Windows\system32\svchost.exe[632] C:\Windows\SYSTEM32\ntdll.dll!NtCreateThreadEx 0000000077721d90 6 bytes {JMP QWORD [RIP+0x8fde2a0]}
.text C:\Windows\system32\svchost.exe[632] C:\Windows\SYSTEM32\ntdll.dll!NtLoadDriver 0000000077722100 6 bytes {JMP QWORD [RIP+0x8ebdf30]}
.text C:\Windows\system32\svchost.exe[632] C:\Windows\SYSTEM32\ntdll.dll!NtMakeTemporaryObject 0000000077722190 6 bytes {JMP QWORD [RIP+0x8fbdea0]}
.text C:\Windows\system32\svchost.exe[632] C:\Windows\SYSTEM32\ntdll.dll!NtSetSystemInformation 0000000077722a00 6 bytes {JMP QWORD [RIP+0x8edd630]}
.text C:\Windows\system32\svchost.exe[632] C:\Windows\SYSTEM32\ntdll.dll!NtShutdownSystem 0000000077722a80 6 bytes {JMP QWORD [RIP+0x8e3d5b0]}
.text C:\Windows\system32\svchost.exe[632] C:\Windows\SYSTEM32\ntdll.dll!NtSystemDebugControl 0000000077722b00 6 bytes {JMP QWORD [RIP+0x8e5d530]}
.text C:\Windows\system32\svchost.exe[632] C:\Windows\system32\kernel32.dll!CreateProcessAsUserW 0000000076ffa420 6 bytes {JMP QWORD [RIP+0x90a5c10]}
.text C:\Windows\system32\svchost.exe[632] C:\Windows\system32\kernel32.dll!CreateProcessW 0000000077011b50 6 bytes {JMP QWORD [RIP+0x904e4e0]}
.text C:\Windows\system32\svchost.exe[632] C:\Windows\system32\kernel32.dll!CreateProcessA 0000000077088810 6 bytes {JMP QWORD [RIP+0x8ff7820]}
.text C:\Windows\system32\svchost.exe[632] C:\Windows\system32\KERNELBASE.dll!LoadLibraryExW + 357 000007fefdd29aa5 3 bytes [65, 65, 06]
.text C:\Windows\system32\svchost.exe[632] C:\Windows\system32\KERNELBASE.dll!SetProcessShutdownParameters 000007fefdd35290 5 bytes [FF, 25, A0, AD, 0A]
.text C:\Windows\system32\svchost.exe[632] C:\Windows\system32\RPCRT4.dll!RpcServerRegisterIfEx 000007feff746bd0 6 bytes {JMP QWORD [RIP+0x199460]}
.text C:\Windows\system32\svchost.exe[632] C:\Windows\system32\GDI32.dll!DeleteDC 000007feff8322cc 6 bytes {JMP QWORD [RIP+0x1ddd64]}
.text C:\Windows\system32\svchost.exe[632] C:\Windows\system32\GDI32.dll!BitBlt 000007feff8324c0 6 bytes {JMP QWORD [RIP+0x1fdb70]}
.text C:\Windows\system32\svchost.exe[632] C:\Windows\system32\GDI32.dll!MaskBlt 000007feff835be0 6 bytes {JMP QWORD [RIP+0x21a450]}
.text C:\Windows\system32\svchost.exe[632] C:\Windows\system32\GDI32.dll!CreateDCW 000007feff838398 6 bytes {JMP QWORD [RIP+0xe7c98]}
.text C:\Windows\system32\svchost.exe[632] C:\Windows\system32\GDI32.dll!CreateDCA 000007feff8389c8 6 bytes {JMP QWORD [RIP+0xc7668]}
.text C:\Windows\system32\svchost.exe[632] C:\Windows\system32\GDI32.dll!GetPixel 000007feff839344 6 bytes {JMP QWORD [RIP+0x1a6cec]}
.text C:\Windows\system32\svchost.exe[632] C:\Windows\system32\GDI32.dll!StretchBlt 000007feff83b9e8 6 bytes {JMP QWORD [RIP+0x254648]}
.text C:\Windows\system32\svchost.exe[632] C:\Windows\system32\GDI32.dll!PlgBlt 000007feff845410 6 bytes {JMP QWORD [RIP+0x22ac20]}
.text C:\Program Files (x86)\Common Files\Comodo\launcher_service.exe[700] C:\Windows\SysWOW64\ntdll.dll!NtClose 00000000778cf9c0 3 bytes [FF, 25, 1E]
.text C:\Program Files (x86)\Common Files\Comodo\launcher_service.exe[700] C:\Windows\SysWOW64\ntdll.dll!NtClose + 4 00000000778cf9c4 2 bytes [AE, 71]
.text C:\Program Files (x86)\Common Files\Comodo\launcher_service.exe[700] C:\Windows\SysWOW64\ntdll.dll!NtTerminateProcess 00000000778cfc90 3 bytes [FF, 25, 1E]
.text C:\Program Files (x86)\Common Files\Comodo\launcher_service.exe[700] C:\Windows\SysWOW64\ntdll.dll!NtTerminateProcess + 4 00000000778cfc94 2 bytes [02, 71]
.text C:\Program Files (x86)\Common Files\Comodo\launcher_service.exe[700] C:\Windows\SysWOW64\ntdll.dll!NtOpenFile 00000000778cfd44 3 bytes [FF, 25, 1E]
.text C:\Program Files (x86)\Common Files\Comodo\launcher_service.exe[700] C:\Windows\SysWOW64\ntdll.dll!NtOpenFile + 4 00000000778cfd48 2 bytes [ED, 70]
.text C:\Program Files (x86)\Common Files\Comodo\launcher_service.exe[700] C:\Windows\SysWOW64\ntdll.dll!NtOpenSection 00000000778cfda8 3 bytes [FF, 25, 1E]
.text C:\Program Files (x86)\Common Files\Comodo\launcher_service.exe[700] C:\Windows\SysWOW64\ntdll.dll!NtOpenSection + 4 00000000778cfdac 2 bytes [F3, 70]
.text C:\Program Files (x86)\Common Files\Comodo\launcher_service.exe[700] C:\Windows\SysWOW64\ntdll.dll!NtAdjustPrivilegesToken 00000000778cfea0 3 bytes [FF, 25, 1E]
.text C:\Program Files (x86)\Common Files\Comodo\launcher_service.exe[700] C:\Windows\SysWOW64\ntdll.dll!NtAdjustPrivilegesToken + 4 00000000778cfea4 2 bytes [EA, 70]
.text C:\Program Files (x86)\Common Files\Comodo\launcher_service.exe[700] C:\Windows\SysWOW64\ntdll.dll!NtCreateSection 00000000778cff84 3 bytes [FF, 25, 1E]
.text C:\Program Files (x86)\Common Files\Comodo\launcher_service.exe[700] C:\Windows\SysWOW64\ntdll.dll!NtCreateSection + 4 00000000778cff88 2 bytes [F6, 70]
.text C:\Program Files (x86)\Common Files\Comodo\launcher_service.exe[700] C:\Windows\SysWOW64\ntdll.dll!NtCreateThread 00000000778cffe4 3 bytes [FF, 25, 1E]
.text C:\Program Files (x86)\Common Files\Comodo\launcher_service.exe[700] C:\Windows\SysWOW64\ntdll.dll!NtCreateThread + 4 00000000778cffe8 2 bytes [0E, 71]
.text C:\Program Files (x86)\Common Files\Comodo\launcher_service.exe[700] C:\Windows\SysWOW64\ntdll.dll!NtTerminateThread 00000000778d0064 3 bytes [FF, 25, 1E]
.text C:\Program Files (x86)\Common Files\Comodo\launcher_service.exe[700] C:\Windows\SysWOW64\ntdll.dll!NtTerminateThread + 4 00000000778d0068 2 bytes [0B, 71]
.text C:\Program Files (x86)\Common Files\Comodo\launcher_service.exe[700] C:\Windows\SysWOW64\ntdll.dll!NtCreateFile 00000000778d0094 3 bytes [FF, 25, 1E]
.text C:\Program Files (x86)\Common Files\Comodo\launcher_service.exe[700] C:\Windows\SysWOW64\ntdll.dll!NtCreateFile + 4 00000000778d0098 2 bytes [F0, 70]
.text C:\Program Files (x86)\Common Files\Comodo\launcher_service.exe[700] C:\Windows\SysWOW64\ntdll.dll!NtAlpcConnectPort 00000000778d0398 3 bytes [FF, 25, 1E]
.text C:\Program Files (x86)\Common Files\Comodo\launcher_service.exe[700] C:\Windows\SysWOW64\ntdll.dll!NtAlpcConnectPort + 4 00000000778d039c 2 bytes [DE, 70]
.text C:\Program Files (x86)\Common Files\Comodo\launcher_service.exe[700] C:\Windows\SysWOW64\ntdll.dll!NtAlpcSendWaitReceivePort 00000000778d0530 3 bytes [FF, 25, 1E]
.text C:\Program Files (x86)\Common Files\Comodo\launcher_service.exe[700] C:\Windows\SysWOW64\ntdll.dll!NtAlpcSendWaitReceivePort + 4 00000000778d0534 2 bytes [11, 71]
.text C:\Program Files (x86)\Common Files\Comodo\launcher_service.exe[700] C:\Windows\SysWOW64\ntdll.dll!NtConnectPort 00000000778d0674 3 bytes [FF, 25, 1E]
.text C:\Program Files (x86)\Common Files\Comodo\launcher_service.exe[700] C:\Windows\SysWOW64\ntdll.dll!NtConnectPort + 4 00000000778d0678 2 bytes [FF, 70]
.text C:\Program Files (x86)\Common Files\Comodo\launcher_service.exe[700] C:\Windows\SysWOW64\ntdll.dll!NtCreateSymbolicLinkObject 00000000778d086c 3 bytes [FF, 25, 1E]
.text C:\Program Files (x86)\Common Files\Comodo\launcher_service.exe[700] C:\Windows\SysWOW64\ntdll.dll!NtCreateSymbolicLinkObject + 4 00000000778d0870 2 bytes [E7, 70]
.text C:\Program Files (x86)\Common Files\Comodo\launcher_service.exe[700] C:\Windows\SysWOW64\ntdll.dll!NtCreateThreadEx 00000000778d0884 3 bytes [FF, 25, 1E]
.text C:\Program Files (x86)\Common Files\Comodo\launcher_service.exe[700] C:\Windows\SysWOW64\ntdll.dll!NtCreateThreadEx + 4 00000000778d0888 2 bytes [E1, 70]
.text C:\Program Files (x86)\Common Files\Comodo\launcher_service.exe[700] C:\Windows\SysWOW64\ntdll.dll!NtLoadDriver 00000000778d0dd4 3 bytes [FF, 25, 1E]
.text C:\Program Files (x86)\Common Files\Comodo\launcher_service.exe[700] C:\Windows\SysWOW64\ntdll.dll!NtLoadDriver + 4 00000000778d0dd8 2 bytes [FC, 70]
.text C:\Program Files (x86)\Common Files\Comodo\launcher_service.exe[700] C:\Windows\SysWOW64\ntdll.dll!NtMakeTemporaryObject 00000000778d0eb8 3 bytes [FF, 25, 1E]
.text C:\Program Files (x86)\Common Files\Comodo\launcher_service.exe[700] C:\Windows\SysWOW64\ntdll.dll!NtMakeTemporaryObject + 4 00000000778d0ebc 2 bytes [E4, 70]
.text C:\Program Files (x86)\Common Files\Comodo\launcher_service.exe[700] C:\Windows\SysWOW64\ntdll.dll!NtSetSystemInformation 00000000778d1bc4 3 bytes [FF, 25, 1E]
.text C:\Program Files (x86)\Common Files\Comodo\launcher_service.exe[700] C:\Windows\SysWOW64\ntdll.dll!NtSetSystemInformation + 4 00000000778d1bc8 2 bytes [F9, 70]
.text C:\Program Files (x86)\Common Files\Comodo\launcher_service.exe[700] C:\Windows\SysWOW64\ntdll.dll!NtShutdownSystem 00000000778d1c94 3 bytes [FF, 25, 1E]
.text C:\Program Files (x86)\Common Files\Comodo\launcher_service.exe[700] C:\Windows\SysWOW64\ntdll.dll!NtShutdownSystem + 4 00000000778d1c98 2 bytes [08, 71]
.text C:\Program Files (x86)\Common Files\Comodo\launcher_service.exe[700] C:\Windows\SysWOW64\ntdll.dll!NtSystemDebugControl 00000000778d1d6c 3 bytes [FF, 25, 1E]
.text C:\Program Files (x86)\Common Files\Comodo\launcher_service.exe[700] C:\Windows\SysWOW64\ntdll.dll!NtSystemDebugControl + 4 00000000778d1d70 2 bytes [05, 71]
.text C:\Program Files (x86)\Common Files\Comodo\launcher_service.exe[700] C:\Windows\SysWOW64\ntdll.dll!LdrUnloadDll 00000000778f1217 6 bytes {JMP QWORD [RIP+0x71a7001e]}
.text C:\Program Files (x86)\Common Files\Comodo\launcher_service.exe[700] C:\Windows\syswow64\kernel32.dll!CreateProcessW 000000007689103d 6 bytes {JMP QWORD [RIP+0x719b001e]}
.text C:\Program Files (x86)\Common Files\Comodo\launcher_service.exe[700] C:\Windows\syswow64\kernel32.dll!CreateProcessA 0000000076891072 6 bytes {JMP QWORD [RIP+0x7198001e]}
.text C:\Program Files (x86)\Common Files\Comodo\launcher_service.exe[700] C:\Windows\syswow64\kernel32.dll!CreateProcessAsUserW 00000000768bc9b5 6 bytes {JMP QWORD [RIP+0x7192001e]}
.text C:\Program Files (x86)\Common Files\Comodo\launcher_service.exe[700] C:\Windows\syswow64\KERNELBASE.dll!SetProcessShutdownParameters 0000000076f2f776 6 bytes {JMP QWORD [RIP+0x719e001e]}
.text C:\Program Files (x86)\Common Files\Comodo\launcher_service.exe[700] C:\Windows\syswow64\KERNELBASE.dll!LoadLibraryExW + 493 0000000076f32c91 4 bytes {CALL QWORD [RIP+0x71ac000a]}
.text C:\Program Files (x86)\Common Files\Comodo\launcher_service.exe[700] C:\Windows\syswow64\ADVAPI32.dll!CreateProcessAsUserA 0000000075212538 6 bytes {JMP QWORD [RIP+0x7195001e]}
.text C:\Program Files (x86)\Common Files\Comodo\launcher_service.exe[700] C:\Windows\syswow64\USER32.dll!PostThreadMessageW 0000000076408bff 6 bytes {JMP QWORD [RIP+0x715f001e]}
.text C:\Program Files (x86)\Common Files\Comodo\launcher_service.exe[700] C:\Windows\syswow64\USER32.dll!SystemParametersInfoW 00000000764090d3 6 bytes {JMP QWORD [RIP+0x711a001e]}
.text C:\Program Files (x86)\Common Files\Comodo\launcher_service.exe[700] C:\Windows\syswow64\USER32.dll!SendMessageW 0000000076409679 6 bytes {JMP QWORD [RIP+0x7159001e]}
.text C:\Program Files (x86)\Common Files\Comodo\launcher_service.exe[700] C:\Windows\syswow64\USER32.dll!SendMessageTimeoutW 00000000764097d2 6 bytes {JMP QWORD [RIP+0x7153001e]}
.text C:\Program Files (x86)\Common Files\Comodo\launcher_service.exe[700] C:\Windows\syswow64\USER32.dll!SetWinEventHook 000000007640ee09 6 bytes {JMP QWORD [RIP+0x716b001e]}
.text C:\Program Files (x86)\Common Files\Comodo\launcher_service.exe[700] C:\Windows\syswow64\USER32.dll!RegisterHotKey 000000007640efc9 3 bytes [FF, 25, 1E]
.text C:\Program Files (x86)\Common Files\Comodo\launcher_service.exe[700] C:\Windows\syswow64\USER32.dll!RegisterHotKey + 4 000000007640efcd 2 bytes [20, 71]
.text C:\Program Files (x86)\Common Files\Comodo\launcher_service.exe[700] C:\Windows\syswow64\USER32.dll!PostMessageW 00000000764112a5 6 bytes {JMP QWORD [RIP+0x7165001e]}
.text C:\Program Files (x86)\Common Files\Comodo\launcher_service.exe[700] C:\Windows\syswow64\USER32.dll!GetKeyState 000000007641291f 6 bytes {JMP QWORD [RIP+0x7138001e]}
.text C:\Program Files (x86)\Common Files\Comodo\launcher_service.exe[700] C:\Windows\syswow64\USER32.dll!SetParent 0000000076412d64 3 bytes [FF, 25, 1E]
.text C:\Program Files (x86)\Common Files\Comodo\launcher_service.exe[700] C:\Windows\syswow64\USER32.dll!SetParent + 4 0000000076412d68 2 bytes [2F, 71]
.text C:\Program Files (x86)\Common Files\Comodo\launcher_service.exe[700] C:\Windows\syswow64\USER32.dll!EnableWindow 0000000076412da4 6 bytes {JMP QWORD [RIP+0x7117001e]}
.text C:\Program Files (x86)\Common Files\Comodo\launcher_service.exe[700] C:\Windows\syswow64\USER32.dll!MoveWindow 0000000076413698 3 bytes [FF, 25, 1E]
.text C:\Program Files (x86)\Common Files\Comodo\launcher_service.exe[700] C:\Windows\syswow64\USER32.dll!MoveWindow + 4 000000007641369c 2 bytes [2C, 71]
.text C:\Program Files (x86)\Common Files\Comodo\launcher_service.exe[700] C:\Windows\syswow64\USER32.dll!PostMessageA 0000000076413baa 6 bytes {JMP QWORD [RIP+0x7168001e]}
.text C:\Program Files (x86)\Common Files\Comodo\launcher_service.exe[700] C:\Windows\syswow64\USER32.dll!PostThreadMessageA 0000000076413c61 6 bytes {JMP QWORD [RIP+0x7162001e]}
.text C:\Program Files (x86)\Common Files\Comodo\launcher_service.exe[700] C:\Windows\syswow64\USER32.dll!SendMessageA 000000007641612e 6 bytes {JMP QWORD [RIP+0x715c001e]}
.text C:\Program Files (x86)\Common Files\Comodo\launcher_service.exe[700] C:\Windows\syswow64\USER32.dll!SystemParametersInfoA 0000000076416c30 6 bytes {JMP QWORD [RIP+0x711d001e]}
.text C:\Program Files (x86)\Common Files\Comodo\launcher_service.exe[700] C:\Windows\syswow64\USER32.dll!SetWindowsHookExW 0000000076417603 6 bytes {JMP QWORD [RIP+0x716e001e]}
.text C:\Program Files (x86)\Common Files\Comodo\launcher_service.exe[700] C:\Windows\syswow64\USER32.dll!SendNotifyMessageW 0000000076417668 6 bytes {JMP QWORD [RIP+0x7147001e]}
.text C:\Program Files (x86)\Common Files\Comodo\launcher_service.exe[700] C:\Windows\syswow64\USER32.dll!SendMessageCallbackW 00000000764176e0 6 bytes {JMP QWORD [RIP+0x714d001e]}
.text C:\Program Files (x86)\Common Files\Comodo\launcher_service.exe[700] C:\Windows\syswow64\USER32.dll!SendMessageTimeoutA 000000007641781f 6 bytes {JMP QWORD [RIP+0x7156001e]}
.text C:\Program Files (x86)\Common Files\Comodo\launcher_service.exe[700] C:\Windows\syswow64\USER32.dll!SetWindowsHookExA 000000007641835c 6 bytes {JMP QWORD [RIP+0x7171001e]}
.text C:\Program Files (x86)\Common Files\Comodo\launcher_service.exe[700] C:\Windows\syswow64\USER32.dll!SetClipboardViewer 000000007641c4b6 3 bytes [FF, 25, 1E]
.text C:\Program Files (x86)\Common Files\Comodo\launcher_service.exe[700] C:\Windows\syswow64\USER32.dll!SetClipboardViewer + 4 000000007641c4ba 2 bytes [29, 71]
.text C:\Program Files (x86)\Common Files\Comodo\launcher_service.exe[700] C:\Windows\syswow64\USER32.dll!SendDlgItemMessageA 000000007642c112 6 bytes {JMP QWORD [RIP+0x7144001e]}
.text C:\Program Files (x86)\Common Files\Comodo\launcher_service.exe[700] C:\Windows\syswow64\USER32.dll!SendDlgItemMessageW 000000007642d0f5 6 bytes {JMP QWORD [RIP+0x7141001e]}
.text C:\Program Files (x86)\Common Files\Comodo\launcher_service.exe[700] C:\Windows\syswow64\USER32.dll!GetAsyncKeyState 000000007642eb96 6 bytes {JMP QWORD [RIP+0x7135001e]}
.text C:\Program Files (x86)\Common Files\Comodo\launcher_service.exe[700] C:\Windows\syswow64\USER32.dll!GetKeyboardState 000000007642ec68 3 bytes [FF, 25, 1E]
.text C:\Program Files (x86)\Common Files\Comodo\launcher_service.exe[700] C:\Windows\syswow64\USER32.dll!GetKeyboardState + 4 000000007642ec6c 2 bytes [3B, 71]
.text C:\Program Files (x86)\Common Files\Comodo\launcher_service.exe[700] C:\Windows\syswow64\USER32.dll!SendInput 000000007642ff4a 3 bytes [FF, 25, 1E]
.text C:\Program Files (x86)\Common Files\Comodo\launcher_service.exe[700] C:\Windows\syswow64\USER32.dll!SendInput + 4 000000007642ff4e 2 bytes [3E, 71]
.text C:\Program Files (x86)\Common Files\Comodo\launcher_service.exe[700] C:\Windows\syswow64\USER32.dll!GetClipboardData 0000000076449f1d 6 bytes {JMP QWORD [RIP+0x7123001e]}
.text C:\Program Files (x86)\Common Files\Comodo\launcher_service.exe[700] C:\Windows\syswow64\USER32.dll!ExitWindowsEx 0000000076451497 6 bytes {JMP QWORD [RIP+0x7114001e]}
.text C:\Program Files (x86)\Common Files\Comodo\launcher_service.exe[700] C:\Windows\syswow64\USER32.dll!mouse_event 000000007646027b 6 bytes {JMP QWORD [RIP+0x7174001e]}
.text C:\Program Files (x86)\Common Files\Comodo\launcher_service.exe[700] C:\Windows\syswow64\USER32.dll!keybd_event 00000000764602bf 6 bytes {JMP QWORD [RIP+0x7177001e]}
.text C:\Program Files (x86)\Common Files\Comodo\launcher_service.exe[700] C:\Windows\syswow64\USER32.dll!SendMessageCallbackA 0000000076466cfc 6 bytes {JMP QWORD [RIP+0x7150001e]}
.text C:\Program Files (x86)\Common Files\Comodo\launcher_service.exe[700] C:\Windows\syswow64\USER32.dll!SendNotifyMessageA 0000000076466d5d 6 bytes {JMP QWORD [RIP+0x714a001e]}
.text C:\Program Files (x86)\Common Files\Comodo\launcher_service.exe[700] C:\Windows\syswow64\USER32.dll!BlockInput 0000000076467dd7 3 bytes [FF, 25, 1E]
.text C:\Program Files (x86)\Common Files\Comodo\launcher_service.exe[700] C:\Windows\syswow64\USER32.dll!BlockInput + 4 0000000076467ddb 2 bytes [26, 71]
.text C:\Program Files (x86)\Common Files\Comodo\launcher_service.exe[700] C:\Windows\syswow64\USER32.dll!RegisterRawInputDevices 00000000764688eb 3 bytes [FF, 25, 1E]
.text C:\Program Files (x86)\Common Files\Comodo\launcher_service.exe[700] C:\Windows\syswow64\USER32.dll!RegisterRawInputDevices + 4 00000000764688ef 2 bytes [32, 71]
.text C:\Program Files (x86)\Common Files\Comodo\launcher_service.exe[700] C:\Windows\syswow64\GDI32.dll!DeleteDC 00000000750358b3 6 bytes {JMP QWORD [RIP+0x7186001e]}
.text C:\Program Files (x86)\Common Files\Comodo\launcher_service.exe[700] C:\Windows\syswow64\GDI32.dll!BitBlt 0000000075035ea6 6 bytes {JMP QWORD [RIP+0x7183001e]}
.text C:\Program Files (x86)\Common Files\Comodo\launcher_service.exe[700] C:\Windows\syswow64\GDI32.dll!CreateDCA 0000000075037bcc 6 bytes {JMP QWORD [RIP+0x718f001e]}
.text C:\Program Files (x86)\Common Files\Comodo\launcher_service.exe[700] C:\Windows\syswow64\GDI32.dll!StretchBlt 000000007503b895 6 bytes {JMP QWORD [RIP+0x717a001e]}
.text C:\Program Files (x86)\Common Files\Comodo\launcher_service.exe[700] C:\Windows\syswow64\GDI32.dll!MaskBlt 000000007503c332 6 bytes {JMP QWORD [RIP+0x7180001e]}
.text C:\Program Files (x86)\Common Files\Comodo\launcher_service.exe[700] C:\Windows\syswow64\GDI32.dll!GetPixel 000000007503cbfb 6 bytes {JMP QWORD [RIP+0x7189001e]}
.text C:\Program Files (x86)\Common Files\Comodo\launcher_service.exe[700] C:\Windows\syswow64\GDI32.dll!CreateDCW 000000007503e743 6 bytes {JMP QWORD [RIP+0x718c001e]}
.text C:\Program Files (x86)\Common Files\Comodo\launcher_service.exe[700] C:\Windows\syswow64\GDI32.dll!PlgBlt 0000000075064646 6 bytes {JMP QWORD [RIP+0x717d001e]}
.text C:\Windows\system32\svchost.exe[780] C:\Windows\SYSTEM32\ntdll.dll!LdrUnloadDll 00000000776f3ae0 6 bytes {JMP QWORD [RIP+0x894c550]}
.text C:\Windows\system32\svchost.exe[780] C:\Windows\SYSTEM32\ntdll.dll!NtClose 0000000077721400 6 bytes {JMP QWORD [RIP+0x88fec30]}
.text C:\Windows\system32\svchost.exe[780] C:\Windows\SYSTEM32\ntdll.dll!NtTerminateProcess 00000000777215d0 6 bytes {JMP QWORD [RIP+0x8e7ea60]}
.text C:\Windows\system32\svchost.exe[780] C:\Windows\SYSTEM32\ntdll.dll!NtOpenFile 0000000077721640 6 bytes {JMP QWORD [RIP+0x8f5e9f0]}
.text C:\Windows\system32\svchost.exe[780] C:\Windows\SYSTEM32\ntdll.dll!NtOpenSection 0000000077721680 6 bytes {JMP QWORD [RIP+0x8f1e9b0]}
.text C:\Windows\system32\svchost.exe[780] C:\Windows\SYSTEM32\ntdll.dll!NtAdjustPrivilegesToken 0000000077721720 6 bytes {JMP QWORD [RIP+0x8f7e910]}
.text C:\Windows\system32\svchost.exe[780] C:\Windows\SYSTEM32\ntdll.dll!NtCreateSection 00000000777217b0 6 bytes {JMP QWORD [RIP+0x8efe880]}
.text C:\Windows\system32\svchost.exe[780] C:\Windows\SYSTEM32\ntdll.dll!NtCreateThread 00000000777217f0 6 bytes {JMP QWORD [RIP+0x8dfe840]}
.text C:\Windows\system32\svchost.exe[780] C:\Windows\SYSTEM32\ntdll.dll!NtTerminateThread 0000000077721840 6 bytes {JMP QWORD [RIP+0x8e1e7f0]}
.text C:\Windows\system32\svchost.exe[780] C:\Windows\SYSTEM32\ntdll.dll!NtCreateFile 0000000077721860 6 bytes {JMP QWORD [RIP+0x8f3e7d0]}
.text C:\Windows\system32\svchost.exe[780] C:\Windows\SYSTEM32\ntdll.dll!NtAlpcConnectPort 0000000077721a50 6 bytes {JMP QWORD [RIP+0x8ffe5e0]}
.text C:\Windows\system32\svchost.exe[780] C:\Windows\SYSTEM32\ntdll.dll!NtAlpcSendWaitReceivePort 0000000077721b60 6 bytes {JMP QWORD [RIP+0x8dde4d0]}
.text C:\Windows\system32\svchost.exe[780] C:\Windows\SYSTEM32\ntdll.dll!NtConnectPort 0000000077721c30 6 bytes {JMP QWORD [RIP+0x8e9e400]}
.text C:\Windows\system32\svchost.exe[780] C:\Windows\SYSTEM32\ntdll.dll!NtCreateSymbolicLinkObject 0000000077721d80 6 bytes {JMP QWORD [RIP+0x8f9e2b0]}
.text C:\Windows\system32\svchost.exe[780] C:\Windows\SYSTEM32\ntdll.dll!NtCreateThreadEx 0000000077721d90 6 bytes {JMP QWORD [RIP+0x8fde2a0]}
.text C:\Windows\system32\svchost.exe[780] C:\Windows\SYSTEM32\ntdll.dll!NtLoadDriver 0000000077722100 6 bytes {JMP QWORD [RIP+0x8ebdf30]}
.text C:\Windows\system32\svchost.exe[780] C:\Windows\SYSTEM32\ntdll.dll!NtMakeTemporaryObject 0000000077722190 6 bytes {JMP QWORD [RIP+0x8fbdea0]}
.text C:\Windows\system32\svchost.exe[780] C:\Windows\SYSTEM32\ntdll.dll!NtSetSystemInformation 0000000077722a00 6 bytes {JMP QWORD [RIP+0x8edd630]}
.text C:\Windows\system32\svchost.exe[780] C:\Windows\SYSTEM32\ntdll.dll!NtShutdownSystem 0000000077722a80 6 bytes {JMP QWORD [RIP+0x8e3d5b0]}
.text C:\Windows\system32\svchost.exe[780] C:\Windows\SYSTEM32\ntdll.dll!NtSystemDebugControl 0000000077722b00 6 bytes {JMP QWORD [RIP+0x8e5d530]}
.text C:\Windows\system32\svchost.exe[780] C:\Windows\system32\KERNELBASE.dll!LoadLibraryExW + 357 000007fefdd29aa5 3 bytes [65, 65, 06]
.text C:\Windows\system32\svchost.exe[780] C:\Windows\system32\KERNELBASE.dll!SetProcessShutdownParameters 000007fefdd35290 5 bytes [FF, 25, A0, AD, 0A]
.text C:\Windows\system32\svchost.exe[780] C:\Windows\system32\RPCRT4.dll!RpcServerRegisterIfEx 000007feff746bd0 6 bytes {JMP QWORD [RIP+0x199460]}
.text C:\Windows\system32\svchost.exe[780] C:\Windows\system32\GDI32.dll!DeleteDC 000007feff8322cc 6 bytes {JMP QWORD [RIP+0x1ddd64]}
.text C:\Windows\system32\svchost.exe[780] C:\Windows\system32\GDI32.dll!BitBlt 000007feff8324c0 6 bytes {JMP QWORD [RIP+0x1fdb70]}
.text C:\Windows\system32\svchost.exe[780] C:\Windows\system32\GDI32.dll!MaskBlt 000007feff835be0 6 bytes {JMP QWORD [RIP+0x21a450]}
.text C:\Windows\system32\svchost.exe[780] C:\Windows\system32\GDI32.dll!CreateDCW 000007feff838398 6 bytes {JMP QWORD [RIP+0xe7c98]}
.text C:\Windows\system32\svchost.exe[780] C:\Windows\system32\GDI32.dll!CreateDCA 000007feff8389c8 6 bytes {JMP QWORD [RIP+0xc7668]}
.text C:\Windows\system32\svchost.exe[780] C:\Windows\system32\GDI32.dll!GetPixel 000007feff839344 6 bytes {JMP QWORD [RIP+0x1a6cec]}
.text C:\Windows\system32\svchost.exe[780] C:\Windows\system32\GDI32.dll!StretchBlt 000007feff83b9e8 6 bytes {JMP QWORD [RIP+0x254648]}
.text C:\Windows\system32\svchost.exe[780] C:\Windows\system32\GDI32.dll!PlgBlt 000007feff845410 6 bytes {JMP QWORD [RIP+0x22ac20]}
.text C:\Windows\system32\svchost.exe[780] C:\Windows\system32\ADVAPI32.dll!CreateProcessAsUserA 000007fefe30a1a0 6 bytes {JMP QWORD [RIP+0xb5e90]}
.text C:\Windows\system32\svchost.exe[912] C:\Windows\SYSTEM32\ntdll.dll!LdrUnloadDll 00000000776f3ae0 6 bytes {JMP QWORD [RIP+0x894c550]}
.text C:\Windows\system32\svchost.exe[912] C:\Windows\SYSTEM32\ntdll.dll!NtClose 0000000077721400 6 bytes {JMP QWORD [RIP+0x88fec30]}
.text C:\Windows\system32\svchost.exe[912] C:\Windows\SYSTEM32\ntdll.dll!NtTerminateProcess 00000000777215d0 6 bytes {JMP QWORD [RIP+0x8e7ea60]}
.text C:\Windows\system32\svchost.exe[912] C:\Windows\SYSTEM32\ntdll.dll!NtOpenFile 0000000077721640 6 bytes {JMP QWORD [RIP+0x8f5e9f0]}
.text C:\Windows\system32\svchost.exe[912] C:\Windows\SYSTEM32\ntdll.dll!NtOpenSection 0000000077721680 6 bytes {JMP QWORD [RIP+0x8f1e9b0]}
.text C:\Windows\system32\svchost.exe[912] C:\Windows\SYSTEM32\ntdll.dll!NtAdjustPrivilegesToken 0000000077721720 6 bytes {JMP QWORD [RIP+0x8f7e910]}
.text C:\Windows\system32\svchost.exe[912] C:\Windows\SYSTEM32\ntdll.dll!NtCreateSection 00000000777217b0 6 bytes {JMP QWORD [RIP+0x8efe880]}
.text C:\Windows\system32\svchost.exe[912] C:\Windows\SYSTEM32\ntdll.dll!NtCreateThread 00000000777217f0 6 bytes {JMP QWORD [RIP+0x8dfe840]}
.text C:\Windows\system32\svchost.exe[912] C:\Windows\SYSTEM32\ntdll.dll!NtTerminateThread 0000000077721840 6 bytes {JMP QWORD [RIP+0x8e1e7f0]}
.text C:\Windows\system32\svchost.exe[912] C:\Windows\SYSTEM32\ntdll.dll!NtCreateFile 0000000077721860 6 bytes {JMP QWORD [RIP+0x8f3e7d0]}
.text C:\Windows\system32\svchost.exe[912] C:\Windows\SYSTEM32\ntdll.dll!NtAlpcConnectPort 0000000077721a50 6 bytes {JMP QWORD [RIP+0x8ffe5e0]}
.text C:\Windows\system32\svchost.exe[912] C:\Windows\SYSTEM32\ntdll.dll!NtAlpcSendWaitReceivePort 0000000077721b60 6 bytes {JMP QWORD [RIP+0x8dde4d0]}
.text C:\Windows\system32\svchost.exe[912] C:\Windows\SYSTEM32\ntdll.dll!NtConnectPort 0000000077721c30 6 bytes {JMP QWORD [RIP+0x8e9e400]}
.text C:\Windows\system32\svchost.exe[912] C:\Windows\SYSTEM32\ntdll.dll!NtCreateSymbolicLinkObject 0000000077721d80 6 bytes {JMP QWORD [RIP+0x8f9e2b0]}
.text C:\Windows\system32\svchost.exe[912] C:\Windows\SYSTEM32\ntdll.dll!NtCreateThreadEx 0000000077721d90 6 bytes {JMP QWORD [RIP+0x8fde2a0]}
.text C:\Windows\system32\svchost.exe[912] C:\Windows\SYSTEM32\ntdll.dll!NtLoadDriver 0000000077722100 6 bytes {JMP QWORD [RIP+0x8ebdf30]}
.text C:\Windows\system32\svchost.exe[912] C:\Windows\SYSTEM32\ntdll.dll!NtMakeTemporaryObject 0000000077722190 6 bytes {JMP QWORD [RIP+0x8fbdea0]}
.text C:\Windows\system32\svchost.exe[912] C:\Windows\SYSTEM32\ntdll.dll!NtSetSystemInformation 0000000077722a00 6 bytes {JMP QWORD [RIP+0x8edd630]}
.text C:\Windows\system32\svchost.exe[912] C:\Windows\SYSTEM32\ntdll.dll!NtShutdownSystem 0000000077722a80 6 bytes {JMP QWORD [RIP+0x8e3d5b0]}
.text C:\Windows\system32\svchost.exe[912] C:\Windows\SYSTEM32\ntdll.dll!NtSystemDebugControl 0000000077722b00 6 bytes {JMP QWORD [RIP+0x8e5d530]}
.text C:\Windows\system32\svchost.exe[912] C:\Windows\system32\kernel32.dll!CreateProcessAsUserW 0000000076ffa420 6 bytes {JMP QWORD [RIP+0x90a5c10]}
.text C:\Windows\system32\svchost.exe[912] C:\Windows\system32\kernel32.dll!CreateProcessW 0000000077011b50 6 bytes {JMP QWORD [RIP+0x904e4e0]}
.text C:\Windows\system32\svchost.exe[912] C:\Windows\system32\kernel32.dll!CreateProcessA 0000000077088810 6 bytes {JMP QWORD [RIP+0x8ff7820]}
.text C:\Windows\system32\svchost.exe[912] C:\Windows\system32\KERNELBASE.dll!LoadLibraryExW + 357 000007fefdd29aa5 3 bytes [65, 65, 06]
.text C:\Windows\system32\svchost.exe[912] C:\Windows\system32\KERNELBASE.dll!SetProcessShutdownParameters 000007fefdd35290 5 bytes [FF, 25, A0, AD, 0A]
.text C:\Windows\system32\svchost.exe[912] C:\Windows\system32\GDI32.dll!DeleteDC 000007feff8322cc 6 bytes {JMP QWORD [RIP+0x1add64]}
.text C:\Windows\system32\svchost.exe[912] C:\Windows\system32\GDI32.dll!BitBlt 000007feff8324c0 6 bytes {JMP QWORD [RIP+0x1ddb70]}
.text C:\Windows\system32\svchost.exe[912] C:\Windows\system32\GDI32.dll!MaskBlt 000007feff835be0 6 bytes {JMP QWORD [RIP+0x1fa450]}
.text C:\Windows\system32\svchost.exe[912] C:\Windows\system32\GDI32.dll!CreateDCW 000007feff838398 6 bytes {JMP QWORD [RIP+0xc7c98]}
.text C:\Windows\system32\svchost.exe[912] C:\Windows\system32\GDI32.dll!CreateDCA 000007feff8389c8 6 bytes {JMP QWORD [RIP+0xa7668]}
.text C:\Windows\system32\svchost.exe[912] C:\Windows\system32\GDI32.dll!GetPixel 000007feff839344 6 bytes {JMP QWORD [RIP+0xe6cec]}
.text C:\Windows\system32\svchost.exe[912] C:\Windows\system32\GDI32.dll!StretchBlt 000007feff83b9e8 6 bytes {JMP QWORD [RIP+0x234648]}
.text C:\Windows\system32\svchost.exe[912] C:\Windows\system32\GDI32.dll!PlgBlt 000007feff845410 6 bytes {JMP QWORD [RIP+0x20ac20]}
.text C:\Windows\system32\svchost.exe[912] C:\Windows\system32\ADVAPI32.dll!CreateProcessAsUserA 000007fefe30a1a0 6 bytes {JMP QWORD [RIP+0xb5e90]}
.text C:\Windows\system32\atiesrxx.exe[956] C:\Windows\system32\kernel32.dll!CreateProcessAsUserW 0000000076ffa420 6 bytes {JMP QWORD [RIP+0x90a5c10]}
.text C:\Windows\system32\atiesrxx.exe[956] C:\Windows\system32\kernel32.dll!CreateProcessW 0000000077011b50 6 bytes {JMP QWORD [RIP+0x904e4e0]}
.text C:\Windows\system32\atiesrxx.exe[956] C:\Windows\system32\kernel32.dll!CreateProcessA 0000000077088810 6 bytes {JMP QWORD [RIP+0x8ff7820]}
.text C:\Windows\system32\atiesrxx.exe[956] C:\Windows\system32\KERNELBASE.dll!LoadLibraryExW + 357 000007fefdd29aa5 3 bytes [65, 65, 06]
.text C:\Windows\system32\atiesrxx.exe[956] C:\Windows\system32\KERNELBASE.dll!SetProcessShutdownParameters 000007fefdd35290 5 bytes [FF, 25, A0, AD, 0A]
.text C:\Windows\system32\atiesrxx.exe[956] C:\Windows\system32\GDI32.dll!DeleteDC 000007feff8322cc 6 bytes {JMP QWORD [RIP+0x1add64]}
.text C:\Windows\system32\atiesrxx.exe[956] C:\Windows\system32\GDI32.dll!BitBlt 000007feff8324c0 6 bytes {JMP QWORD [RIP+0x1ddb70]}
.text C:\Windows\system32\atiesrxx.exe[956] C:\Windows\system32\GDI32.dll!MaskBlt 000007feff835be0 6 bytes {JMP QWORD [RIP+0x1fa450]}
.text C:\Windows\system32\atiesrxx.exe[956] C:\Windows\system32\GDI32.dll!CreateDCW 000007feff838398 6 bytes {JMP QWORD [RIP+0xc7c98]}
.text C:\Windows\system32\atiesrxx.exe[956] C:\Windows\system32\GDI32.dll!CreateDCA 000007feff8389c8 6 bytes {JMP QWORD [RIP+0xa7668]}
.text C:\Windows\system32\atiesrxx.exe[956] C:\Windows\system32\GDI32.dll!GetPixel 000007feff839344 6 bytes {JMP QWORD [RIP+0xe6cec]}
.text C:\Windows\system32\atiesrxx.exe[956] C:\Windows\system32\GDI32.dll!StretchBlt 000007feff83b9e8 6 bytes {JMP QWORD [RIP+0x234648]}
.text C:\Windows\system32\atiesrxx.exe[956] C:\Windows\system32\GDI32.dll!PlgBlt 000007feff845410 6 bytes {JMP QWORD [RIP+0x20ac20]}
.text C:\Windows\System32\svchost.exe[1012] C:\Windows\SYSTEM32\ntdll.dll!LdrUnloadDll 00000000776f3ae0 6 bytes {JMP QWORD [RIP+0x894c550]}
.text C:\Windows\System32\svchost.exe[1012] C:\Windows\SYSTEM32\ntdll.dll!NtClose 0000000077721400 6 bytes {JMP QWORD [RIP+0x88fec30]}
.text C:\Windows\System32\svchost.exe[1012] C:\Windows\SYSTEM32\ntdll.dll!NtTerminateProcess 00000000777215d0 6 bytes {JMP QWORD [RIP+0x8e7ea60]}
.text C:\Windows\System32\svchost.exe[1012] C:\Windows\SYSTEM32\ntdll.dll!NtOpenFile 0000000077721640 6 bytes {JMP QWORD [RIP+0x8f5e9f0]}
.text C:\Windows\System32\svchost.exe[1012] C:\Windows\SYSTEM32\ntdll.dll!NtOpenSection 0000000077721680 6 bytes {JMP QWORD [RIP+0x8f1e9b0]}
.text C:\Windows\System32\svchost.exe[1012] C:\Windows\SYSTEM32\ntdll.dll!NtAdjustPrivilegesToken 0000000077721720 6 bytes {JMP QWORD [RIP+0x8f7e910]}
.text C:\Windows\System32\svchost.exe[1012] C:\Windows\SYSTEM32\ntdll.dll!NtCreateSection 00000000777217b0 6 bytes {JMP QWORD [RIP+0x8efe880]}
.text C:\Windows\System32\svchost.exe[1012] C:\Windows\SYSTEM32\ntdll.dll!NtCreateThread 00000000777217f0 6 bytes {JMP QWORD [RIP+0x8dfe840]}
.text C:\Windows\System32\svchost.exe[1012] C:\Windows\SYSTEM32\ntdll.dll!NtTerminateThread 0000000077721840 6 bytes {JMP QWORD [RIP+0x8e1e7f0]}
.text C:\Windows\System32\svchost.exe[1012] C:\Windows\SYSTEM32\ntdll.dll!NtCreateFile 0000000077721860 6 bytes {JMP QWORD [RIP+0x8f3e7d0]}
.text C:\Windows\System32\svchost.exe[1012] C:\Windows\SYSTEM32\ntdll.dll!NtAlpcConnectPort 0000000077721a50 6 bytes {JMP QWORD [RIP+0x8ffe5e0]}
.text C:\Windows\System32\svchost.exe[1012] C:\Windows\SYSTEM32\ntdll.dll!NtAlpcSendWaitReceivePort 0000000077721b60 6 bytes {JMP QWORD [RIP+0x8dde4d0]}
.text C:\Windows\System32\svchost.exe[1012] C:\Windows\SYSTEM32\ntdll.dll!NtConnectPort 0000000077721c30 6 bytes {JMP QWORD [RIP+0x8e9e400]}
.text C:\Windows\System32\svchost.exe[1012] C:\Windows\SYSTEM32

#11 GigabitPony

GigabitPony
  • Topic Starter

  • Members
  • 14 posts
  • OFFLINE
  •  
  • Local time:01:16 PM

Posted 16 January 2013 - 07:47 PM

\ntdll.dll!NtCreateSymbolicLinkObject 0000000077721d80 6 bytes {JMP QWORD [RIP+0x8f9e2b0]}
.text C:\Windows\System32\svchost.exe[1012] C:\Windows\SYSTEM32\ntdll.dll!NtCreateThreadEx 0000000077721d90 6 bytes {JMP QWORD [RIP+0x8fde2a0]}
.text C:\Windows\System32\svchost.exe[1012] C:\Windows\SYSTEM32\ntdll.dll!NtLoadDriver 0000000077722100 6 bytes {JMP QWORD [RIP+0x8ebdf30]}
.text C:\Windows\System32\svchost.exe[1012] C:\Windows\SYSTEM32\ntdll.dll!NtMakeTemporaryObject 0000000077722190 6 bytes {JMP QWORD [RIP+0x8fbdea0]}
.text C:\Windows\System32\svchost.exe[1012] C:\Windows\SYSTEM32\ntdll.dll!NtSetSystemInformation 0000000077722a00 6 bytes {JMP QWORD [RIP+0x8edd630]}
.text C:\Windows\System32\svchost.exe[1012] C:\Windows\SYSTEM32\ntdll.dll!NtShutdownSystem 0000000077722a80 6 bytes {JMP QWORD [RIP+0x8e3d5b0]}
.text C:\Windows\System32\svchost.exe[1012] C:\Windows\SYSTEM32\ntdll.dll!NtSystemDebugControl 0000000077722b00 6 bytes {JMP QWORD [RIP+0x8e5d530]}
.text C:\Windows\System32\svchost.exe[1012] C:\Windows\system32\kernel32.dll!CreateProcessAsUserW 0000000076ffa420 6 bytes {JMP QWORD [RIP+0x90a5c10]}
.text C:\Windows\System32\svchost.exe[1012] C:\Windows\system32\kernel32.dll!CreateProcessW 0000000077011b50 6 bytes {JMP QWORD [RIP+0x904e4e0]}
.text C:\Windows\System32\svchost.exe[1012] C:\Windows\system32\kernel32.dll!CreateProcessA 0000000077088810 6 bytes {JMP QWORD [RIP+0x8ff7820]}
.text C:\Windows\System32\svchost.exe[1012] C:\Windows\system32\KERNELBASE.dll!LoadLibraryExW + 357 000007fefdd29aa5 3 bytes [65, 65, 06]
.text C:\Windows\System32\svchost.exe[1012] C:\Windows\system32\KERNELBASE.dll!SetProcessShutdownParameters 000007fefdd35290 5 bytes [FF, 25, A0, AD, 0A]
.text C:\Windows\System32\svchost.exe[1012] C:\Windows\system32\GDI32.dll!DeleteDC 000007feff8322cc 6 bytes {JMP QWORD [RIP+0x1add64]}
.text C:\Windows\System32\svchost.exe[1012] C:\Windows\system32\GDI32.dll!BitBlt 000007feff8324c0 6 bytes {JMP QWORD [RIP+0x1ddb70]}
.text C:\Windows\System32\svchost.exe[1012] C:\Windows\system32\GDI32.dll!MaskBlt 000007feff835be0 6 bytes {JMP QWORD [RIP+0x1fa450]}
.text C:\Windows\System32\svchost.exe[1012] C:\Windows\system32\GDI32.dll!CreateDCW 000007feff838398 6 bytes {JMP QWORD [RIP+0xc7c98]}
.text C:\Windows\System32\svchost.exe[1012] C:\Windows\system32\GDI32.dll!CreateDCA 000007feff8389c8 6 bytes {JMP QWORD [RIP+0xa7668]}
.text C:\Windows\System32\svchost.exe[1012] C:\Windows\system32\GDI32.dll!GetPixel 000007feff839344 6 bytes {JMP QWORD [RIP+0xe6cec]}
.text C:\Windows\System32\svchost.exe[1012] C:\Windows\system32\GDI32.dll!StretchBlt 000007feff83b9e8 6 bytes {JMP QWORD [RIP+0x234648]}
.text C:\Windows\System32\svchost.exe[1012] C:\Windows\system32\GDI32.dll!PlgBlt 000007feff845410 6 bytes {JMP QWORD [RIP+0x20ac20]}
.text C:\Windows\System32\svchost.exe[224] C:\Windows\SYSTEM32\ntdll.dll!LdrUnloadDll 00000000776f3ae0 6 bytes {JMP QWORD [RIP+0x894c550]}
.text C:\Windows\System32\svchost.exe[224] C:\Windows\SYSTEM32\ntdll.dll!NtClose 0000000077721400 6 bytes {JMP QWORD [RIP+0x88fec30]}
.text C:\Windows\System32\svchost.exe[224] C:\Windows\SYSTEM32\ntdll.dll!NtTerminateProcess 00000000777215d0 6 bytes {JMP QWORD [RIP+0x8e7ea60]}
.text C:\Windows\System32\svchost.exe[224] C:\Windows\SYSTEM32\ntdll.dll!NtOpenFile 0000000077721640 6 bytes {JMP QWORD [RIP+0x8f5e9f0]}
.text C:\Windows\System32\svchost.exe[224] C:\Windows\SYSTEM32\ntdll.dll!NtOpenSection 0000000077721680 6 bytes {JMP QWORD [RIP+0x8f1e9b0]}
.text C:\Windows\System32\svchost.exe[224] C:\Windows\SYSTEM32\ntdll.dll!NtAdjustPrivilegesToken 0000000077721720 6 bytes {JMP QWORD [RIP+0x8f7e910]}
.text C:\Windows\System32\svchost.exe[224] C:\Windows\SYSTEM32\ntdll.dll!NtCreateSection 00000000777217b0 6 bytes {JMP QWORD [RIP+0x8efe880]}
.text C:\Windows\System32\svchost.exe[224] C:\Windows\SYSTEM32\ntdll.dll!NtCreateThread 00000000777217f0 6 bytes {JMP QWORD [RIP+0x8dfe840]}
.text C:\Windows\System32\svchost.exe[224] C:\Windows\SYSTEM32\ntdll.dll!NtTerminateThread 0000000077721840 6 bytes {JMP QWORD [RIP+0x8e1e7f0]}
.text C:\Windows\System32\svchost.exe[224] C:\Windows\SYSTEM32\ntdll.dll!NtCreateFile 0000000077721860 6 bytes {JMP QWORD [RIP+0x8f3e7d0]}
.text C:\Windows\System32\svchost.exe[224] C:\Windows\SYSTEM32\ntdll.dll!NtAlpcConnectPort 0000000077721a50 6 bytes {JMP QWORD [RIP+0x8ffe5e0]}
.text C:\Windows\System32\svchost.exe[224] C:\Windows\SYSTEM32\ntdll.dll!NtAlpcSendWaitReceivePort 0000000077721b60 6 bytes {JMP QWORD [RIP+0x8dde4d0]}
.text C:\Windows\System32\svchost.exe[224] C:\Windows\SYSTEM32\ntdll.dll!NtConnectPort 0000000077721c30 6 bytes {JMP QWORD [RIP+0x8e9e400]}
.text C:\Windows\System32\svchost.exe[224] C:\Windows\SYSTEM32\ntdll.dll!NtCreateSymbolicLinkObject 0000000077721d80 6 bytes {JMP QWORD [RIP+0x8f9e2b0]}
.text C:\Windows\System32\svchost.exe[224] C:\Windows\SYSTEM32\ntdll.dll!NtCreateThreadEx 0000000077721d90 6 bytes {JMP QWORD [RIP+0x8fde2a0]}
.text C:\Windows\System32\svchost.exe[224] C:\Windows\SYSTEM32\ntdll.dll!NtLoadDriver 0000000077722100 6 bytes {JMP QWORD [RIP+0x8ebdf30]}
.text C:\Windows\System32\svchost.exe[224] C:\Windows\SYSTEM32\ntdll.dll!NtMakeTemporaryObject 0000000077722190 6 bytes {JMP QWORD [RIP+0x8fbdea0]}
.text C:\Windows\System32\svchost.exe[224] C:\Windows\SYSTEM32\ntdll.dll!NtSetSystemInformation 0000000077722a00 6 bytes {JMP QWORD [RIP+0x8edd630]}
.text C:\Windows\System32\svchost.exe[224] C:\Windows\SYSTEM32\ntdll.dll!NtShutdownSystem 0000000077722a80 6 bytes {JMP QWORD [RIP+0x8e3d5b0]}
.text C:\Windows\System32\svchost.exe[224] C:\Windows\SYSTEM32\ntdll.dll!NtSystemDebugControl 0000000077722b00 6 bytes {JMP QWORD [RIP+0x8e5d530]}
.text C:\Windows\System32\svchost.exe[224] C:\Windows\system32\kernel32.dll!CreateProcessAsUserW 0000000076ffa420 6 bytes {JMP QWORD [RIP+0x90a5c10]}
.text C:\Windows\System32\svchost.exe[224] C:\Windows\system32\kernel32.dll!CreateProcessW 0000000077011b50 6 bytes {JMP QWORD [RIP+0x904e4e0]}
.text C:\Windows\System32\svchost.exe[224] C:\Windows\system32\kernel32.dll!CreateProcessA 0000000077088810 6 bytes {JMP QWORD [RIP+0x8ff7820]}
.text C:\Windows\System32\svchost.exe[224] C:\Windows\system32\KERNELBASE.dll!LoadLibraryExW + 357 000007fefdd29aa5 3 bytes [65, 65, 06]
.text C:\Windows\System32\svchost.exe[224] C:\Windows\system32\KERNELBASE.dll!SetProcessShutdownParameters 000007fefdd35290 5 bytes [FF, 25, A0, AD, 0A]
.text C:\Windows\System32\svchost.exe[224] C:\Windows\system32\GDI32.dll!DeleteDC 000007feff8322cc 6 bytes {JMP QWORD [RIP+0x1add64]}
.text C:\Windows\System32\svchost.exe[224] C:\Windows\system32\GDI32.dll!BitBlt 000007feff8324c0 6 bytes {JMP QWORD [RIP+0x1ddb70]}
.text C:\Windows\System32\svchost.exe[224] C:\Windows\system32\GDI32.dll!MaskBlt 000007feff835be0 6 bytes {JMP QWORD [RIP+0x1fa450]}
.text C:\Windows\System32\svchost.exe[224] C:\Windows\system32\GDI32.dll!CreateDCW 000007feff838398 6 bytes {JMP QWORD [RIP+0xc7c98]}
.text C:\Windows\System32\svchost.exe[224] C:\Windows\system32\GDI32.dll!CreateDCA 000007feff8389c8 6 bytes {JMP QWORD [RIP+0xa7668]}
.text C:\Windows\System32\svchost.exe[224] C:\Windows\system32\GDI32.dll!GetPixel 000007feff839344 6 bytes {JMP QWORD [RIP+0xe6cec]}
.text C:\Windows\System32\svchost.exe[224] C:\Windows\system32\GDI32.dll!StretchBlt 000007feff83b9e8 6 bytes {JMP QWORD [RIP+0x234648]}
.text C:\Windows\System32\svchost.exe[224] C:\Windows\system32\GDI32.dll!PlgBlt 000007feff845410 6 bytes {JMP QWORD [RIP+0x20ac20]}
.text C:\Windows\System32\svchost.exe[224] C:\Windows\system32\ADVAPI32.dll!CreateProcessAsUserA 000007fefe30a1a0 6 bytes {JMP QWORD [RIP+0xb5e90]}
.text C:\Windows\system32\svchost.exe[408] C:\Windows\SYSTEM32\ntdll.dll!LdrUnloadDll 00000000776f3ae0 6 bytes {JMP QWORD [RIP+0x894c550]}
.text C:\Windows\system32\svchost.exe[408] C:\Windows\SYSTEM32\ntdll.dll!NtClose 0000000077721400 6 bytes {JMP QWORD [RIP+0x88fec30]}
.text C:\Windows\system32\svchost.exe[408] C:\Windows\SYSTEM32\ntdll.dll!NtTerminateProcess 00000000777215d0 6 bytes {JMP QWORD [RIP+0x8e7ea60]}
.text C:\Windows\system32\svchost.exe[408] C:\Windows\SYSTEM32\ntdll.dll!NtOpenFile 0000000077721640 6 bytes {JMP QWORD [RIP+0x8f5e9f0]}
.text C:\Windows\system32\svchost.exe[408] C:\Windows\SYSTEM32\ntdll.dll!NtOpenSection 0000000077721680 6 bytes {JMP QWORD [RIP+0x8f1e9b0]}
.text C:\Windows\system32\svchost.exe[408] C:\Windows\SYSTEM32\ntdll.dll!NtAdjustPrivilegesToken 0000000077721720 6 bytes {JMP QWORD [RIP+0x8f7e910]}
.text C:\Windows\system32\svchost.exe[408] C:\Windows\SYSTEM32\ntdll.dll!NtCreateSection 00000000777217b0 6 bytes {JMP QWORD [RIP+0x8efe880]}
.text C:\Windows\system32\svchost.exe[408] C:\Windows\SYSTEM32\ntdll.dll!NtCreateThread 00000000777217f0 6 bytes {JMP QWORD [RIP+0x8dfe840]}
.text C:\Windows\system32\svchost.exe[408] C:\Windows\SYSTEM32\ntdll.dll!NtTerminateThread 0000000077721840 6 bytes {JMP QWORD [RIP+0x8e1e7f0]}
.text C:\Windows\system32\svchost.exe[408] C:\Windows\SYSTEM32\ntdll.dll!NtCreateFile 0000000077721860 6 bytes {JMP QWORD [RIP+0x8f3e7d0]}
.text C:\Windows\system32\svchost.exe[408] C:\Windows\SYSTEM32\ntdll.dll!NtAlpcConnectPort 0000000077721a50 6 bytes {JMP QWORD [RIP+0x8ffe5e0]}
.text C:\Windows\system32\svchost.exe[408] C:\Windows\SYSTEM32\ntdll.dll!NtAlpcSendWaitReceivePort 0000000077721b60 6 bytes {JMP QWORD [RIP+0x8dde4d0]}
.text C:\Windows\system32\svchost.exe[408] C:\Windows\SYSTEM32\ntdll.dll!NtConnectPort 0000000077721c30 6 bytes {JMP QWORD [RIP+0x8e9e400]}
.text C:\Windows\system32\svchost.exe[408] C:\Windows\SYSTEM32\ntdll.dll!NtCreateSymbolicLinkObject 0000000077721d80 6 bytes {JMP QWORD [RIP+0x8f9e2b0]}
.text C:\Windows\system32\svchost.exe[408] C:\Windows\SYSTEM32\ntdll.dll!NtCreateThreadEx 0000000077721d90 6 bytes {JMP QWORD [RIP+0x8fde2a0]}
.text C:\Windows\system32\svchost.exe[408] C:\Windows\SYSTEM32\ntdll.dll!NtLoadDriver 0000000077722100 6 bytes {JMP QWORD [RIP+0x8ebdf30]}
.text C:\Windows\system32\svchost.exe[408] C:\Windows\SYSTEM32\ntdll.dll!NtMakeTemporaryObject 0000000077722190 6 bytes {JMP QWORD [RIP+0x8fbdea0]}
.text C:\Windows\system32\svchost.exe[408] C:\Windows\SYSTEM32\ntdll.dll!NtSetSystemInformation 0000000077722a00 6 bytes {JMP QWORD [RIP+0x8edd630]}
.text C:\Windows\system32\svchost.exe[408] C:\Windows\SYSTEM32\ntdll.dll!NtShutdownSystem 0000000077722a80 6 bytes {JMP QWORD [RIP+0x8e3d5b0]}
.text C:\Windows\system32\svchost.exe[408] C:\Windows\SYSTEM32\ntdll.dll!NtSystemDebugControl 0000000077722b00 6 bytes {JMP QWORD [RIP+0x8e5d530]}
.text C:\Windows\system32\svchost.exe[408] C:\Windows\system32\kernel32.dll!CreateProcessAsUserW 0000000076ffa420 6 bytes {JMP QWORD [RIP+0x90a5c10]}
.text C:\Windows\system32\svchost.exe[408] C:\Windows\system32\kernel32.dll!CreateProcessW 0000000077011b50 6 bytes {JMP QWORD [RIP+0x904e4e0]}
.text C:\Windows\system32\svchost.exe[408] C:\Windows\system32\kernel32.dll!CreateProcessA 0000000077088810 6 bytes {JMP QWORD [RIP+0x8ff7820]}
.text C:\Windows\system32\svchost.exe[408] C:\Windows\system32\KERNELBASE.dll!LoadLibraryExW + 357 000007fefdd29aa5 3 bytes [65, 65, 06]
.text C:\Windows\system32\svchost.exe[408] C:\Windows\system32\KERNELBASE.dll!SetProcessShutdownParameters 000007fefdd35290 5 bytes [FF, 25, A0, AD, 0A]
.text C:\Windows\system32\svchost.exe[408] C:\Windows\system32\RPCRT4.dll!RpcServerRegisterIfEx 000007feff746bd0 6 bytes {JMP QWORD [RIP+0x199460]}
.text C:\Windows\system32\svchost.exe[408] C:\Windows\system32\GDI32.dll!DeleteDC 000007feff8322cc 6 bytes {JMP QWORD [RIP+0x1ddd64]}
.text C:\Windows\system32\svchost.exe[408] C:\Windows\system32\GDI32.dll!BitBlt 000007feff8324c0 6 bytes {JMP QWORD [RIP+0x1fdb70]}
.text C:\Windows\system32\svchost.exe[408] C:\Windows\system32\GDI32.dll!MaskBlt 000007feff835be0 6 bytes {JMP QWORD [RIP+0x21a450]}
.text C:\Windows\system32\svchost.exe[408] C:\Windows\system32\GDI32.dll!CreateDCW 000007feff838398 6 bytes {JMP QWORD [RIP+0xe7c98]}
.text C:\Windows\system32\svchost.exe[408] C:\Windows\system32\GDI32.dll!CreateDCA 000007feff8389c8 6 bytes {JMP QWORD [RIP+0xc7668]}
.text C:\Windows\system32\svchost.exe[408] C:\Windows\system32\GDI32.dll!GetPixel 000007feff839344 6 bytes {JMP QWORD [RIP+0x1a6cec]}
.text C:\Windows\system32\svchost.exe[408] C:\Windows\system32\GDI32.dll!StretchBlt 000007feff83b9e8 6 bytes {JMP QWORD [RIP+0x254648]}
.text C:\Windows\system32\svchost.exe[408] C:\Windows\system32\GDI32.dll!PlgBlt 000007feff845410 6 bytes {JMP QWORD [RIP+0x22ac20]}
.text C:\Windows\system32\svchost.exe[408] C:\Windows\system32\ADVAPI32.dll!CreateProcessAsUserA 000007fefe30a1a0 6 bytes {JMP QWORD [RIP+0xb5e90]}
.text C:\Windows\system32\AUDIODG.EXE[764] C:\Windows\SYSTEM32\ntdll.dll!LdrUnloadDll 00000000776f3ae0 6 bytes {JMP QWORD [RIP+0x894c550]}
.text C:\Windows\system32\AUDIODG.EXE[764] C:\Windows\SYSTEM32\ntdll.dll!NtClose 0000000077721400 6 bytes {JMP QWORD [RIP+0x88fec30]}
.text C:\Windows\system32\AUDIODG.EXE[764] C:\Windows\SYSTEM32\ntdll.dll!NtTerminateProcess 00000000777215d0 6 bytes {JMP QWORD [RIP+0x8e7ea60]}
.text C:\Windows\system32\AUDIODG.EXE[764] C:\Windows\SYSTEM32\ntdll.dll!NtOpenFile 0000000077721640 6 bytes {JMP QWORD [RIP+0x8f5e9f0]}
.text C:\Windows\system32\AUDIODG.EXE[764] C:\Windows\SYSTEM32\ntdll.dll!NtOpenSection 0000000077721680 6 bytes {JMP QWORD [RIP+0x8f1e9b0]}
.text C:\Windows\system32\AUDIODG.EXE[764] C:\Windows\SYSTEM32\ntdll.dll!NtAdjustPrivilegesToken 0000000077721720 6 bytes {JMP QWORD [RIP+0x8f7e910]}
.text C:\Windows\system32\AUDIODG.EXE[764] C:\Windows\SYSTEM32\ntdll.dll!NtCreateSection 00000000777217b0 6 bytes {JMP QWORD [RIP+0x8efe880]}
.text C:\Windows\system32\AUDIODG.EXE[764] C:\Windows\SYSTEM32\ntdll.dll!NtCreateThread 00000000777217f0 6 bytes {JMP QWORD [RIP+0x8dfe840]}
.text C:\Windows\system32\AUDIODG.EXE[764] C:\Windows\SYSTEM32\ntdll.dll!NtTerminateThread 0000000077721840 6 bytes {JMP QWORD [RIP+0x8e1e7f0]}
.text C:\Windows\system32\AUDIODG.EXE[764] C:\Windows\SYSTEM32\ntdll.dll!NtCreateFile 0000000077721860 6 bytes {JMP QWORD [RIP+0x8f3e7d0]}
.text C:\Windows\system32\AUDIODG.EXE[764] C:\Windows\SYSTEM32\ntdll.dll!NtAlpcConnectPort 0000000077721a50 6 bytes {JMP QWORD [RIP+0x8ffe5e0]}
.text C:\Windows\system32\AUDIODG.EXE[764] C:\Windows\SYSTEM32\ntdll.dll!NtAlpcSendWaitReceivePort 0000000077721b60 6 bytes {JMP QWORD [RIP+0x8dde4d0]}
.text C:\Windows\system32\AUDIODG.EXE[764] C:\Windows\SYSTEM32\ntdll.dll!NtConnectPort 0000000077721c30 6 bytes {JMP QWORD [RIP+0x8e9e400]}
.text C:\Windows\system32\AUDIODG.EXE[764] C:\Windows\SYSTEM32\ntdll.dll!NtCreateSymbolicLinkObject 0000000077721d80 6 bytes {JMP QWORD [RIP+0x8f9e2b0]}
.text C:\Windows\system32\AUDIODG.EXE[764] C:\Windows\SYSTEM32\ntdll.dll!NtCreateThreadEx 0000000077721d90 6 bytes {JMP QWORD [RIP+0x8fde2a0]}
.text C:\Windows\system32\AUDIODG.EXE[764] C:\Windows\SYSTEM32\ntdll.dll!NtLoadDriver 0000000077722100 6 bytes {JMP QWORD [RIP+0x8ebdf30]}
.text C:\Windows\system32\AUDIODG.EXE[764] C:\Windows\SYSTEM32\ntdll.dll!NtMakeTemporaryObject 0000000077722190 6 bytes {JMP QWORD [RIP+0x8fbdea0]}
.text C:\Windows\system32\AUDIODG.EXE[764] C:\Windows\SYSTEM32\ntdll.dll!NtSetSystemInformation 0000000077722a00 6 bytes {JMP QWORD [RIP+0x8edd630]}
.text C:\Windows\system32\AUDIODG.EXE[764] C:\Windows\SYSTEM32\ntdll.dll!NtShutdownSystem 0000000077722a80 6 bytes {JMP QWORD [RIP+0x8e3d5b0]}
.text C:\Windows\system32\AUDIODG.EXE[764] C:\Windows\SYSTEM32\ntdll.dll!NtSystemDebugControl 0000000077722b00 6 bytes {JMP QWORD [RIP+0x8e5d530]}
.text C:\Windows\system32\AUDIODG.EXE[764] C:\Windows\System32\kernel32.dll!CreateProcessAsUserW 0000000076ffa420 6 bytes {JMP QWORD [RIP+0x90a5c10]}
.text C:\Windows\system32\AUDIODG.EXE[764] C:\Windows\System32\kernel32.dll!CreateProcessW 0000000077011b50 6 bytes {JMP QWORD [RIP+0x904e4e0]}
.text C:\Windows\system32\AUDIODG.EXE[764] C:\Windows\System32\kernel32.dll!CreateProcessA 0000000077088810 6 bytes {JMP QWORD [RIP+0x8ff7820]}
.text C:\Windows\system32\AUDIODG.EXE[764] C:\Windows\System32\KERNELBASE.dll!LoadLibraryExW + 357 000007fefdd29aa5 3 bytes [65, 65, 06]
.text C:\Windows\system32\AUDIODG.EXE[764] C:\Windows\System32\KERNELBASE.dll!SetProcessShutdownParameters 000007fefdd35290 5 bytes [FF, 25, A0, AD, 0A]
.text C:\Windows\system32\AUDIODG.EXE[764] C:\Windows\System32\GDI32.dll!DeleteDC 000007feff8322cc 6 bytes {JMP QWORD [RIP+0x1add64]}
.text C:\Windows\system32\AUDIODG.EXE[764] C:\Windows\System32\GDI32.dll!BitBlt 000007feff8324c0 6 bytes {JMP QWORD [RIP+0x1ddb70]}
.text C:\Windows\system32\AUDIODG.EXE[764] C:\Windows\System32\GDI32.dll!MaskBlt 000007feff835be0 6 bytes {JMP QWORD [RIP+0x1fa450]}
.text C:\Windows\system32\AUDIODG.EXE[764] C:\Windows\System32\GDI32.dll!CreateDCW 000007feff838398 6 bytes {JMP QWORD [RIP+0xc7c98]}
.text C:\Windows\system32\AUDIODG.EXE[764] C:\Windows\System32\GDI32.dll!CreateDCA 000007feff8389c8 6 bytes {JMP QWORD [RIP+0xa7668]}
.text C:\Windows\system32\AUDIODG.EXE[764] C:\Windows\System32\GDI32.dll!GetPixel 000007feff839344 6 bytes {JMP QWORD [RIP+0xe6cec]}
.text C:\Windows\system32\AUDIODG.EXE[764] C:\Windows\System32\GDI32.dll!StretchBlt 000007feff83b9e8 6 bytes {JMP QWORD [RIP+0x234648]}
.text C:\Windows\system32\AUDIODG.EXE[764] C:\Windows\System32\GDI32.dll!PlgBlt 000007feff845410 6 bytes {JMP QWORD [RIP+0x20ac20]}
.text C:\Windows\system32\svchost.exe[1036] C:\Windows\system32\KERNELBASE.dll!LoadLibraryExW + 357 000007fefdd29aa5 3 bytes [65, 65, 06]
.text C:\Windows\system32\svchost.exe[1036] C:\Windows\system32\KERNELBASE.dll!SetProcessShutdownParameters 000007fefdd35290 5 bytes [FF, 25, A0, AD, 0A]
.text C:\Windows\system32\svchost.exe[1036] C:\Windows\system32\GDI32.dll!DeleteDC 000007feff8322cc 6 bytes {JMP QWORD [RIP+0x1add64]}
.text C:\Windows\system32\svchost.exe[1036] C:\Windows\system32\GDI32.dll!BitBlt 000007feff8324c0 6 bytes {JMP QWORD [RIP+0x1ddb70]}
.text C:\Windows\system32\svchost.exe[1036] C:\Windows\system32\GDI32.dll!MaskBlt 000007feff835be0 6 bytes {JMP QWORD [RIP+0x1fa450]}
.text C:\Windows\system32\svchost.exe[1036] C:\Windows\system32\GDI32.dll!CreateDCW 000007feff838398 6 bytes {JMP QWORD [RIP+0xc7c98]}
.text C:\Windows\system32\svchost.exe[1036] C:\Windows\system32\GDI32.dll!CreateDCA 000007feff8389c8 6 bytes {JMP QWORD [RIP+0xa7668]}
.text C:\Windows\system32\svchost.exe[1036] C:\Windows\system32\GDI32.dll!GetPixel 000007feff839344 6 bytes {JMP QWORD [RIP+0xe6cec]}
.text C:\Windows\system32\svchost.exe[1036] C:\Windows\system32\GDI32.dll!StretchBlt 000007feff83b9e8 6 bytes {JMP QWORD [RIP+0x234648]}
.text C:\Windows\system32\svchost.exe[1036] C:\Windows\system32\GDI32.dll!PlgBlt 000007feff845410 6 bytes {JMP QWORD [RIP+0x20ac20]}
.text C:\Windows\system32\svchost.exe[1112] C:\Windows\SYSTEM32\ntdll.dll!LdrUnloadDll 00000000776f3ae0 6 bytes {JMP QWORD [RIP+0x894c550]}
.text C:\Windows\system32\svchost.exe[1112] C:\Windows\SYSTEM32\ntdll.dll!NtClose 0000000077721400 6 bytes {JMP QWORD [RIP+0x88fec30]}
.text C:\Windows\system32\svchost.exe[1112] C:\Windows\SYSTEM32\ntdll.dll!NtTerminateProcess 00000000777215d0 6 bytes {JMP QWORD [RIP+0x8e7ea60]}
.text C:\Windows\system32\svchost.exe[1112] C:\Windows\SYSTEM32\ntdll.dll!NtOpenFile 0000000077721640 6 bytes {JMP QWORD [RIP+0x8f5e9f0]}
.text C:\Windows\system32\svchost.exe[1112] C:\Windows\SYSTEM32\ntdll.dll!NtOpenSection 0000000077721680 6 bytes {JMP QWORD [RIP+0x8f1e9b0]}
.text C:\Windows\system32\svchost.exe[1112] C:\Windows\SYSTEM32\ntdll.dll!NtAdjustPrivilegesToken 0000000077721720 6 bytes {JMP QWORD [RIP+0x8f7e910]}
.text C:\Windows\system32\svchost.exe[1112] C:\Windows\SYSTEM32\ntdll.dll!NtCreateSection 00000000777217b0 6 bytes {JMP QWORD [RIP+0x8efe880]}
.text C:\Windows\system32\svchost.exe[1112] C:\Windows\SYSTEM32\ntdll.dll!NtCreateThread 00000000777217f0 6 bytes {JMP QWORD [RIP+0x8dfe840]}
.text C:\Windows\system32\svchost.exe[1112] C:\Windows\SYSTEM32\ntdll.dll!NtTerminateThread 0000000077721840 6 bytes {JMP QWORD [RIP+0x8e1e7f0]}
.text C:\Windows\system32\svchost.exe[1112] C:\Windows\SYSTEM32\ntdll.dll!NtCreateFile 0000000077721860 6 bytes {JMP QWORD [RIP+0x8f3e7d0]}
.text C:\Windows\system32\svchost.exe[1112] C:\Windows\SYSTEM32\ntdll.dll!NtAlpcConnectPort 0000000077721a50 6 bytes {JMP QWORD [RIP+0x8ffe5e0]}
.text C:\Windows\system32\svchost.exe[1112] C:\Windows\SYSTEM32\ntdll.dll!NtAlpcSendWaitReceivePort 0000000077721b60 6 bytes {JMP QWORD [RIP+0x8dde4d0]}
.text C:\Windows\system32\svchost.exe[1112] C:\Windows\SYSTEM32\ntdll.dll!NtConnectPort 0000000077721c30 6 bytes {JMP QWORD [RIP+0x8e9e400]}
.text C:\Windows\system32\svchost.exe[1112] C:\Windows\SYSTEM32\ntdll.dll!NtCreateSymbolicLinkObject 0000000077721d80 6 bytes {JMP QWORD [RIP+0x8f9e2b0]}
.text C:\Windows\system32\svchost.exe[1112] C:\Windows\SYSTEM32\ntdll.dll!NtCreateThreadEx 0000000077721d90 6 bytes {JMP QWORD [RIP+0x8fde2a0]}
.text C:\Windows\system32\svchost.exe[1112] C:\Windows\SYSTEM32\ntdll.dll!NtLoadDriver 0000000077722100 6 bytes {JMP QWORD [RIP+0x8ebdf30]}
.text C:\Windows\system32\svchost.exe[1112] C:\Windows\SYSTEM32\ntdll.dll!NtMakeTemporaryObject 0000000077722190 6 bytes {JMP QWORD [RIP+0x8fbdea0]}
.text C:\Windows\system32\svchost.exe[1112] C:\Windows\SYSTEM32\ntdll.dll!NtSetSystemInformation 0000000077722a00 6 bytes {JMP QWORD [RIP+0x8edd630]}
.text C:\Windows\system32\svchost.exe[1112] C:\Windows\SYSTEM32\ntdll.dll!NtShutdownSystem 0000000077722a80 6 bytes {JMP QWORD [RIP+0x8e3d5b0]}
.text C:\Windows\system32\svchost.exe[1112] C:\Windows\SYSTEM32\ntdll.dll!NtSystemDebugControl 0000000077722b00 6 bytes {JMP QWORD [RIP+0x8e5d530]}
.text C:\Windows\system32\svchost.exe[1112] C:\Windows\system32\kernel32.dll!CreateProcessAsUserW 0000000076ffa420 6 bytes {JMP QWORD [RIP+0x90a5c10]}
.text C:\Windows\system32\svchost.exe[1112] C:\Windows\system32\kernel32.dll!CreateProcessW 0000000077011b50 6 bytes {JMP QWORD [RIP+0x904e4e0]}
.text C:\Windows\system32\svchost.exe[1112] C:\Windows\system32\kernel32.dll!CreateProcessA 0000000077088810 6 bytes {JMP QWORD [RIP+0x8ff7820]}
.text C:\Windows\system32\svchost.exe[1112] C:\Windows\system32\KERNELBASE.dll!LoadLibraryExW + 357 000007fefdd29aa5 3 bytes [65, 65, 06]
.text C:\Windows\system32\svchost.exe[1112] C:\Windows\system32\KERNELBASE.dll!SetProcessShutdownParameters 000007fefdd35290 5 bytes [FF, 25, A0, AD, 0A]
.text C:\Windows\system32\svchost.exe[1112] C:\Windows\system32\GDI32.dll!DeleteDC 000007feff8322cc 6 bytes {JMP QWORD [RIP+0x1add64]}
.text C:\Windows\system32\svchost.exe[1112] C:\Windows\system32\GDI32.dll!BitBlt 000007feff8324c0 6 bytes {JMP QWORD [RIP+0x1ddb70]}
.text C:\Windows\system32\svchost.exe[1112] C:\Windows\system32\GDI32.dll!MaskBlt 000007feff835be0 6 bytes {JMP QWORD [RIP+0x1fa450]}
.text C:\Windows\system32\svchost.exe[1112] C:\Windows\system32\GDI32.dll!CreateDCW 000007feff838398 6 bytes {JMP QWORD [RIP+0xc7c98]}
.text C:\Windows\system32\svchost.exe[1112] C:\Windows\system32\GDI32.dll!CreateDCA 000007feff8389c8 6 bytes {JMP QWORD [RIP+0xa7668]}
.text C:\Windows\system32\svchost.exe[1112] C:\Windows\system32\GDI32.dll!GetPixel 000007feff839344 6 bytes {JMP QWORD [RIP+0xe6cec]}
.text C:\Windows\system32\svchost.exe[1112] C:\Windows\system32\GDI32.dll!StretchBlt 000007feff83b9e8 6 bytes {JMP QWORD [RIP+0x234648]}
.text C:\Windows\system32\svchost.exe[1112] C:\Windows\system32\GDI32.dll!PlgBlt 000007feff845410 6 bytes {JMP QWORD [RIP+0x20ac20]}
.text C:\Program Files\HitmanPro\hmpsched.exe[1248] C:\Windows\system32\KERNELBASE.dll!LoadLibraryExW + 357 000007fefdd29aa5 3 bytes [65, 65, 06]
.text C:\Program Files\HitmanPro\hmpsched.exe[1248] C:\Windows\system32\KERNELBASE.dll!SetProcessShutdownParameters 000007fefdd35290 5 bytes [FF, 25, A0, AD, 0A]
.text C:\Program Files\HitmanPro\hmpsched.exe[1248] C:\Windows\system32\GDI32.dll!DeleteDC 000007feff8322cc 6 bytes {JMP QWORD [RIP+0x23dd64]}
.text C:\Program Files\HitmanPro\hmpsched.exe[1248] C:\Windows\system32\GDI32.dll!BitBlt 000007feff8324c0 6 bytes {JMP QWORD [RIP+0x25db70]}
.text C:\Program Files\HitmanPro\hmpsched.exe[1248] C:\Windows\system32\GDI32.dll!MaskBlt 000007feff835be0 6 bytes {JMP QWORD [RIP+0x27a450]}
.text C:\Program Files\HitmanPro\hmpsched.exe[1248] C:\Windows\system32\GDI32.dll!CreateDCW 000007feff838398 6 bytes {JMP QWORD [RIP+0x1f7c98]}
.text C:\Program Files\HitmanPro\hmpsched.exe[1248] C:\Windows\system32\GDI32.dll!CreateDCA 000007feff8389c8 6 bytes {JMP QWORD [RIP+0x1d7668]}
.text C:\Program Files\HitmanPro\hmpsched.exe[1248] C:\Windows\system32\GDI32.dll!GetPixel 000007feff839344 6 bytes {JMP QWORD [RIP+0x216cec]}
.text C:\Program Files\HitmanPro\hmpsched.exe[1248] C:\Windows\system32\GDI32.dll!StretchBlt 000007feff83b9e8 6 bytes {JMP QWORD [RIP+0x2b4648]}
.text C:\Program Files\HitmanPro\hmpsched.exe[1248] C:\Windows\system32\GDI32.dll!PlgBlt 000007feff845410 6 bytes {JMP QWORD [RIP+0x28ac20]}
.text C:\Windows\system32\atieclxx.exe[1388] C:\Windows\SYSTEM32\ntdll.dll!LdrUnloadDll 00000000776f3ae0 6 bytes {JMP QWORD [RIP+0x894c550]}
.text C:\Windows\system32\atieclxx.exe[1388] C:\Windows\SYSTEM32\ntdll.dll!NtClose 0000000077721400 6 bytes {JMP QWORD [RIP+0x88fec30]}
.text C:\Windows\system32\atieclxx.exe[1388] C:\Windows\SYSTEM32\ntdll.dll!NtTerminateProcess 00000000777215d0 6 bytes {JMP QWORD [RIP+0x8e7ea60]}
.text C:\Windows\system32\atieclxx.exe[1388] C:\Windows\SYSTEM32\ntdll.dll!NtOpenFile 0000000077721640 6 bytes {JMP QWORD [RIP+0x8f5e9f0]}
.text C:\Windows\system32\atieclxx.exe[1388] C:\Windows\SYSTEM32\ntdll.dll!NtOpenSection 0000000077721680 6 bytes {JMP QWORD [RIP+0x8f1e9b0]}
.text C:\Windows\system32\atieclxx.exe[1388] C:\Windows\SYSTEM32\ntdll.dll!NtAdjustPrivilegesToken 0000000077721720 6 bytes {JMP QWORD [RIP+0x8f7e910]}
.text C:\Windows\system32\atieclxx.exe[1388] C:\Windows\SYSTEM32\ntdll.dll!NtCreateSection 00000000777217b0 6 bytes {JMP QWORD [RIP+0x8efe880]}
.text C:\Windows\system32\atieclxx.exe[1388] C:\Windows\SYSTEM32\ntdll.dll!NtCreateThread 00000000777217f0 6 bytes {JMP QWORD [RIP+0x8dfe840]}
.text C:\Windows\system32\atieclxx.exe[1388] C:\Windows\SYSTEM32\ntdll.dll!NtTerminateThread 0000000077721840 6 bytes {JMP QWORD [RIP+0x8e1e7f0]}
.text C:\Windows\system32\atieclxx.exe[1388] C:\Windows\SYSTEM32\ntdll.dll!NtCreateFile 0000000077721860 6 bytes {JMP QWORD [RIP+0x8f3e7d0]}
.text C:\Windows\system32\atieclxx.exe[1388] C:\Windows\SYSTEM32\ntdll.dll!NtAlpcConnectPort 0000000077721a50 6 bytes {JMP QWORD [RIP+0x8ffe5e0]}
.text C:\Windows\system32\atieclxx.exe[1388] C:\Windows\SYSTEM32\ntdll.dll!NtAlpcSendWaitReceivePort 0000000077721b60 6 bytes {JMP QWORD [RIP+0x8dde4d0]}
.text C:\Windows\system32\atieclxx.exe[1388] C:\Windows\SYSTEM32\ntdll.dll!NtConnectPort 0000000077721c30 6 bytes {JMP QWORD [RIP+0x8e9e400]}
.text C:\Windows\system32\atieclxx.exe[1388] C:\Windows\SYSTEM32\ntdll.dll!NtCreateSymbolicLinkObject 0000000077721d80 6 bytes {JMP QWORD [RIP+0x8f9e2b0]}
.text C:\Windows\system32\atieclxx.exe[1388] C:\Windows\SYSTEM32\ntdll.dll!NtCreateThreadEx 0000000077721d90 6 bytes {JMP QWORD [RIP+0x8fde2a0]}
.text C:\Windows\system32\atieclxx.exe[1388] C:\Windows\SYSTEM32\ntdll.dll!NtLoadDriver 0000000077722100 6 bytes {JMP QWORD [RIP+0x8ebdf30]}
.text C:\Windows\system32\atieclxx.exe[1388] C:\Windows\SYSTEM32\ntdll.dll!NtMakeTemporaryObject 0000000077722190 6 bytes {JMP QWORD [RIP+0x8fbdea0]}
.text C:\Windows\system32\atieclxx.exe[1388] C:\Windows\SYSTEM32\ntdll.dll!NtSetSystemInformation 0000000077722a00 6 bytes {JMP QWORD [RIP+0x8edd630]}
.text C:\Windows\system32\atieclxx.exe[1388] C:\Windows\SYSTEM32\ntdll.dll!NtShutdownSystem 0000000077722a80 6 bytes {JMP QWORD [RIP+0x8e3d5b0]}
.text C:\Windows\system32\atieclxx.exe[1388] C:\Windows\SYSTEM32\ntdll.dll!NtSystemDebugControl 0000000077722b00 6 bytes {JMP QWORD [RIP+0x8e5d530]}
.text C:\Windows\system32\atieclxx.exe[1388] C:\Windows\system32\KERNELBASE.dll!LoadLibraryExW + 357 000007fefdd29aa5 3 bytes [65, 65, 06]
.text C:\Windows\system32\atieclxx.exe[1388] C:\Windows\system32\KERNELBASE.dll!SetProcessShutdownParameters 000007fefdd35290 5 bytes [FF, 25, A0, AD, 0A]
.text C:\Windows\system32\atieclxx.exe[1388] C:\Windows\system32\GDI32.dll!DeleteDC 000007feff8322cc 6 bytes {JMP QWORD [RIP+0x23dd64]}
.text C:\Windows\system32\atieclxx.exe[1388] C:\Windows\system32\GDI32.dll!BitBlt 000007feff8324c0 6 bytes {JMP QWORD [RIP+0x25db70]}
.text C:\Windows\system32\atieclxx.exe[1388] C:\Windows\system32\GDI32.dll!MaskBlt 000007feff835be0 6 bytes {JMP QWORD [RIP+0x27a450]}
.text C:\Windows\system32\atieclxx.exe[1388] C:\Windows\system32\GDI32.dll!CreateDCW 000007feff838398 6 bytes {JMP QWORD [RIP+0x1f7c98]}
.text C:\Windows\system32\atieclxx.exe[1388] C:\Windows\system32\GDI32.dll!CreateDCA 000007feff8389c8 6 bytes {JMP QWORD [RIP+0x1d7668]}
.text C:\Windows\system32\atieclxx.exe[1388] C:\Windows\system32\GDI32.dll!GetPixel 000007feff839344 6 bytes {JMP QWORD [RIP+0x216cec]}
.text C:\Windows\system32\atieclxx.exe[1388] C:\Windows\system32\GDI32.dll!StretchBlt 000007feff83b9e8 6 bytes {JMP QWORD [RIP+0x2b4648]}
.text C:\Windows\system32\atieclxx.exe[1388] C:\Windows\system32\GDI32.dll!PlgBlt 000007feff845410 6 bytes {JMP QWORD [RIP+0x28ac20]}
.text C:\Windows\System32\spoolsv.exe[1488] C:\Windows\SYSTEM32\ntdll.dll!LdrUnloadDll 00000000776f3ae0 6 bytes {JMP QWORD [RIP+0x894c550]}
.text C:\Windows\System32\spoolsv.exe[1488] C:\Windows\SYSTEM32\ntdll.dll!NtClose 0000000077721400 6 bytes {JMP QWORD [RIP+0x88fec30]}
.text C:\Windows\System32\spoolsv.exe[1488] C:\Windows\SYSTEM32\ntdll.dll!NtTerminateProcess 00000000777215d0 6 bytes {JMP QWORD [RIP+0x8e7ea60]}
.text C:\Windows\System32\spoolsv.exe[1488] C:\Windows\SYSTEM32\ntdll.dll!NtOpenFile 0000000077721640 6 bytes {JMP QWORD [RIP+0x8f5e9f0]}
.text C:\Windows\System32\spoolsv.exe[1488] C:\Windows\SYSTEM32\ntdll.dll!NtOpenSection 0000000077721680 6 bytes {JMP QWORD [RIP+0x8f1e9b0]}
.text C:\Windows\System32\spoolsv.exe[1488] C:\Windows\SYSTEM32\ntdll.dll!NtAdjustPrivilegesToken 0000000077721720 6 bytes {JMP QWORD [RIP+0x8f7e910]}
.text C:\Windows\System32\spoolsv.exe[1488] C:\Windows\SYSTEM32\ntdll.dll!NtCreateSection 00000000777217b0 6 bytes {JMP QWORD [RIP+0x8efe880]}
.text C:\Windows\System32\spoolsv.exe[1488] C:\Windows\SYSTEM32\ntdll.dll!NtCreateThread 00000000777217f0 6 bytes {JMP QWORD [RIP+0x8dfe840]}
.text C:\Windows\System32\spoolsv.exe[1488] C:\Windows\SYSTEM32\ntdll.dll!NtTerminateThread 0000000077721840 6 bytes {JMP QWORD [RIP+0x8e1e7f0]}
.text C:\Windows\System32\spoolsv.exe[1488] C:\Windows\SYSTEM32\ntdll.dll!NtCreateFile 0000000077721860 6 bytes {JMP QWORD [RIP+0x8f3e7d0]}
.text C:\Windows\System32\spoolsv.exe[1488] C:\Windows\SYSTEM32\ntdll.dll!NtAlpcConnectPort 0000000077721a50 6 bytes {JMP QWORD [RIP+0x8ffe5e0]}
.text C:\Windows\System32\spoolsv.exe[1488] C:\Windows\SYSTEM32\ntdll.dll!NtAlpcSendWaitReceivePort 0000000077721b60 6 bytes {JMP QWORD [RIP+0x8dde4d0]}
.text C:\Windows\System32\spoolsv.exe[1488] C:\Windows\SYSTEM32\ntdll.dll!NtConnectPort 0000000077721c30 6 bytes {JMP QWORD [RIP+0x8e9e400]}
.text C:\Windows\System32\spoolsv.exe[1488] C:\Windows\SYSTEM32\ntdll.dll!NtCreateSymbolicLinkObject 0000000077721d80 6 bytes {JMP QWORD [RIP+0x8f9e2b0]}
.text C:\Windows\System32\spoolsv.exe[1488] C:\Windows\SYSTEM32\ntdll.dll!NtCreateThreadEx 0000000077721d90 6 bytes {JMP QWORD [RIP+0x8fde2a0]}
.text C:\Windows\System32\spoolsv.exe[1488] C:\Windows\SYSTEM32\ntdll.dll!NtLoadDriver 0000000077722100 6 bytes {JMP QWORD [RIP+0x8ebdf30]}
.text C:\Windows\System32\spoolsv.exe[1488] C:\Windows\SYSTEM32\ntdll.dll!NtMakeTemporaryObject 0000000077722190 6 bytes {JMP QWORD [RIP+0x8fbdea0]}
.text C:\Windows\System32\spoolsv.exe[1488] C:\Windows\SYSTEM32\ntdll.dll!NtSetSystemInformation 0000000077722a00 6 bytes {JMP QWORD [RIP+0x8edd630]}
.text C:\Windows\System32\spoolsv.exe[1488] C:\Windows\SYSTEM32\ntdll.dll!NtShutdownSystem 0000000077722a80 6 bytes {JMP QWORD [RIP+0x8e3d5b0]}
.text C:\Windows\System32\spoolsv.exe[1488] C:\Windows\SYSTEM32\ntdll.dll!NtSystemDebugControl 0000000077722b00 6 bytes {JMP QWORD [RIP+0x8e5d530]}
.text C:\Windows\System32\spoolsv.exe[1488] C:\Windows\system32\kernel32.dll!CreateProcessAsUserW 0000000076ffa420 6 bytes {JMP QWORD [RIP+0x90a5c10]}
.text C:\Windows\System32\spoolsv.exe[1488] C:\Windows\system32\kernel32.dll!CreateProcessW 0000000077011b50 6 bytes {JMP QWORD [RIP+0x904e4e0]}
.text C:\Windows\System32\spoolsv.exe[1488] C:\Windows\system32\kernel32.dll!CreateProcessA 0000000077088810 6 bytes {JMP QWORD [RIP+0x8ff7820]}
.text C:\Windows\System32\spoolsv.exe[1488] C:\Windows\system32\KERNELBASE.dll!LoadLibraryExW + 357 000007fefdd29aa5 3 bytes [65, 65, 06]
.text C:\Windows\System32\spoolsv.exe[1488] C:\Windows\system32\KERNELBASE.dll!SetProcessShutdownParameters 000007fefdd35290 5 bytes [FF, 25, A0, AD, 0A]
.text C:\Windows\System32\spoolsv.exe[1488] C:\Windows\system32\GDI32.dll!DeleteDC 000007feff8322cc 6 bytes {JMP QWORD [RIP+0x1add64]}
.text C:\Windows\System32\spoolsv.exe[1488] C:\Windows\system32\GDI32.dll!BitBlt 000007feff8324c0 6 bytes {JMP QWORD [RIP+0x1ddb70]}
.text C:\Windows\System32\spoolsv.exe[1488] C:\Windows\system32\GDI32.dll!MaskBlt 000007feff835be0 6 bytes {JMP QWORD [RIP+0x1fa450]}
.text C:\Windows\System32\spoolsv.exe[1488] C:\Windows\system32\GDI32.dll!CreateDCW 000007feff838398 6 bytes {JMP QWORD [RIP+0xc7c98]}
.text C:\Windows\System32\spoolsv.exe[1488] C:\Windows\system32\GDI32.dll!CreateDCA 000007feff8389c8 6 bytes {JMP QWORD [RIP+0xa7668]}
.text C:\Windows\System32\spoolsv.exe[1488] C:\Windows\system32\GDI32.dll!GetPixel 000007feff839344 6 bytes {JMP QWORD [RIP+0xe6cec]}
.text C:\Windows\System32\spoolsv.exe[1488] C:\Windows\system32\GDI32.dll!StretchBlt 000007feff83b9e8 6 bytes {JMP QWORD [RIP+0x234648]}
.text C:\Windows\System32\spoolsv.exe[1488] C:\Windows\system32\GDI32.dll!PlgBlt 000007feff845410 6 bytes {JMP QWORD [RIP+0x20ac20]}
.text C:\Windows\system32\svchost.exe[1520] C:\Windows\SYSTEM32\ntdll.dll!LdrUnloadDll 00000000776f3ae0 6 bytes {JMP QWORD [RIP+0x894c550]}
.text C:\Windows\system32\svchost.exe[1520] C:\Windows\SYSTEM32\ntdll.dll!NtClose 0000000077721400 6 bytes {JMP QWORD [RIP+0x88fec30]}
.text C:\Windows\system32\svchost.exe[1520] C:\Windows\SYSTEM32\ntdll.dll!NtTerminateProcess 00000000777215d0 6 bytes {JMP QWORD [RIP+0x8e7ea60]}
.text C:\Windows\system32\svchost.exe[1520] C:\Windows\SYSTEM32\ntdll.dll!NtOpenFile 0000000077721640 6 bytes {JMP QWORD [RIP+0x8f5e9f0]}
.text C:\Windows\system32\svchost.exe[1520] C:\Windows\SYSTEM32\ntdll.dll!NtOpenSection 0000000077721680 6 bytes {JMP QWORD [RIP+0x8f1e9b0]}
.text C:\Windows\system32\svchost.exe[1520] C:\Windows\SYSTEM32\ntdll.dll!NtAdjustPrivilegesToken 0000000077721720 6 bytes {JMP QWORD [RIP+0x8f7e910]}
.text C:\Windows\system32\svchost.exe[1520] C:\Windows\SYSTEM32\ntdll.dll!NtCreateSection 00000000777217b0 6 bytes {JMP QWORD [RIP+0x8efe880]}
.text C:\Windows\system32\svchost.exe[1520] C:\Windows\SYSTEM32\ntdll.dll!NtCreateThread 00000000777217f0 6 bytes {JMP QWORD [RIP+0x8dfe840]}
.text C:\Windows\system32\svchost.exe[1520] C:\Windows\SYSTEM32\ntdll.dll!NtTerminateThread 0000000077721840 6 bytes {JMP QWORD [RIP+0x8e1e7f0]}
.text C:\Windows\system32\svchost.exe[1520] C:\Windows\SYSTEM32\ntdll.dll!NtCreateFile 0000000077721860 6 bytes {JMP QWORD [RIP+0x8f3e7d0]}
.text C:\Windows\system32\svchost.exe[1520] C:\Windows\SYSTEM32\ntdll.dll!NtAlpcConnectPort 0000000077721a50 6 bytes {JMP QWORD [RIP+0x8ffe5e0]}
.text C:\Windows\system32\svchost.exe[1520] C:\Windows\SYSTEM32\ntdll.dll!NtAlpcSendWaitReceivePort 0000000077721b60 6 bytes {JMP QWORD [RIP+0x8dde4d0]}
.text C:\Windows\system32\svchost.exe[1520] C:\Windows\SYSTEM32\ntdll.dll!NtConnectPort 0000000077721c30 6 bytes {JMP QWORD [RIP+0x8e9e400]}
.text C:\Windows\system32\svchost.exe[1520] C:\Windows\SYSTEM32\ntdll.dll!NtCreateSymbolicLinkObject 0000000077721d80 6 bytes {JMP QWORD [RIP+0x8f9e2b0]}
.text C:\Windows\system32\svchost.exe[1520] C:\Windows\SYSTEM32\ntdll.dll!NtCreateThreadEx 0000000077721d90 6 bytes {JMP QWORD [RIP+0x8fde2a0]}
.text C:\Windows\system32\svchost.exe[1520] C:\Windows\SYSTEM32\ntdll.dll!NtLoadDriver 0000000077722100 6 bytes {JMP QWORD [RIP+0x8ebdf30]}
.text C:\Windows\system32\svchost.exe[1520] C:\Windows\SYSTEM32\ntdll.dll!NtMakeTemporaryObject 0000000077722190 6 bytes {JMP QWORD [RIP+0x8fbdea0]}
.text C:\Windows\system32\svchost.exe[1520] C:\Windows\SYSTEM32\ntdll.dll!NtSetSystemInformation 0000000077722a00 6 bytes {JMP QWORD [RIP+0x8edd630]}
.text C:\Windows\system32\svchost.exe[1520] C:\Windows\SYSTEM32\ntdll.dll!NtShutdownSystem 0000000077722a80 6 bytes {JMP QWORD [RIP+0x8e3d5b0]}
.text C:\Windows\system32\svchost.exe[1520] C:\Windows\SYSTEM32\ntdll.dll!NtSystemDebugControl 0000000077722b00 6 bytes {JMP QWORD [RIP+0x8e5d530]}
.text C:\Windows\system32\svchost.exe[1520] C:\Windows\system32\kernel32.dll!CreateProcessAsUserW 0000000076ffa420 6 bytes {JMP QWORD [RIP+0x90a5c10]}
.text C:\Windows\system32\svchost.exe[1520] C:\Windows\system32\kernel32.dll!CreateProcessW 0000000077011b50 6 bytes {JMP QWORD [RIP+0x904e4e0]}
.text C:\Windows\system32\svchost.exe[1520] C:\Windows\system32\kernel32.dll!CreateProcessA 0000000077088810 6 bytes {JMP QWORD [RIP+0x8ff7820]}
.text C:\Windows\system32\svchost.exe[1520] C:\Windows\system32\KERNELBASE.dll!LoadLibraryExW + 357 000007fefdd29aa5 3 bytes [65, 65, 06]
.text C:\Windows\system32\svchost.exe[1520] C:\Windows\system32\KERNELBASE.dll!SetProcessShutdownParameters 000007fefdd35290 5 bytes [FF, 25, A0, AD, 0A]
.text C:\Windows\system32\svchost.exe[1520] C:\Windows\system32\RPCRT4.dll!RpcServerRegisterIfEx 000007feff746bd0 6 bytes {JMP QWORD [RIP+0x199460]}
.text C:\Windows\system32\svchost.exe[1520] C:\Windows\system32\GDI32.dll!DeleteDC 000007feff8322cc 6 bytes {JMP QWORD [RIP+0x1ddd64]}
.text C:\Windows\system32\svchost.exe[1520] C:\Windows\system32\GDI32.dll!BitBlt 000007feff8324c0 6 bytes {JMP QWORD [RIP+0x1fdb70]}
.text C:\Windows\system32\svchost.exe[1520] C:\Windows\system32\GDI32.dll!MaskBlt 000007feff835be0 6 bytes {JMP QWORD [RIP+0x21a450]}
.text C:\Windows\system32\svchost.exe[1520] C:\Windows\system32\GDI32.dll!CreateDCW 000007feff838398 6 bytes {JMP QWORD [RIP+0xe7c98]}
.text C:\Windows\system32\svchost.exe[1520] C:\Windows\system32\GDI32.dll!CreateDCA 000007feff8389c8 6 bytes {JMP QWORD [RIP+0xc7668]}
.text C:\Windows\system32\svchost.exe[1520] C:\Windows\system32\GDI32.dll!GetPixel 000007feff839344 6 bytes {JMP QWORD [RIP+0x1a6cec]}
.text C:\Windows\system32\svchost.exe[1520] C:\Windows\system32\GDI32.dll!StretchBlt 000007feff83b9e8 6 bytes {JMP QWORD [RIP+0x254648]}
.text C:\Windows\system32\svchost.exe[1520] C:\Windows\system32\GDI32.dll!PlgBlt 000007feff845410 6 bytes {JMP QWORD [RIP+0x22ac20]}
.text C:\Windows\system32\svchost.exe[1520] C:\Windows\system32\ADVAPI32.dll!CreateProcessAsUserA 000007fefe30a1a0 6 bytes {JMP QWORD [RIP+0xb5e90]}
.text C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe[1588] C:\Windows\SYSTEM32\ntdll.dll!LdrUnloadDll 00000000776f3ae0 6 bytes {JMP QWORD [RIP+0x894c550]}
.text C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe[1588] C:\Windows\SYSTEM32\ntdll.dll!NtClose 0000000077721400 6 bytes {JMP QWORD [RIP+0x88fec30]}
.text C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe[1588] C:\Windows\SYSTEM32\ntdll.dll!NtTerminateProcess 00000000777215d0 6 bytes {JMP QWORD [RIP+0x8e7ea60]}
.text C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe[1588] C:\Windows\SYSTEM32\ntdll.dll!NtOpenFile 0000000077721640 6 bytes {JMP QWORD [RIP+0x8f5e9f0]}
.text C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe[1588] C:\Windows\SYSTEM32\ntdll.dll!NtOpenSection 0000000077721680 6 bytes {JMP QWORD [RIP+0x8f1e9b0]}
.text C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe[1588] C:\Windows\SYSTEM32\ntdll.dll!NtAdjustPrivilegesToken 0000000077721720 6 bytes {JMP QWORD [RIP+0x8f7e910]}
.text C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe[1588] C:\Windows\SYSTEM32\ntdll.dll!NtCreateSection 00000000777217b0 6 bytes {JMP QWORD [RIP+0x8efe880]}
.text C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe[1588] C:\Windows\SYSTEM32\ntdll.dll!NtCreateThread 00000000777217f0 6 bytes {JMP QWORD [RIP+0x8dfe840]}
.text C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe[1588] C:\Windows\SYSTEM32\ntdll.dll!NtTerminateThread 0000000077721840 6 bytes {JMP QWORD [RIP+0x8e1e7f0]}
.text C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe[1588] C:\Windows\SYSTEM32\ntdll.dll!NtCreateFile 0000000077721860 6 bytes {JMP QWORD [RIP+0x8f3e7d0]}
.text C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe[1588] C:\Windows\SYSTEM32\ntdll.dll!NtAlpcConnectPort 0000000077721a50 6 bytes {JMP QWORD [RIP+0x8ffe5e0]}
.text C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe[1588] C:\Windows\SYSTEM32\ntdll.dll!NtAlpcSendWaitReceivePort 0000000077721b60 6 bytes {JMP QWORD [RIP+0x8dde4d0]}
.text C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe[1588] C:\Windows\SYSTEM32\ntdll.dll!NtConnectPort 0000000077721c30 6 bytes {JMP QWORD [RIP+0x8e9e400]}
.text C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe[1588] C:\Windows\SYSTEM32\ntdll.dll!NtCreateSymbolicLinkObject 0000000077721d80 6 bytes {JMP QWORD [RIP+0x8f9e2b0]}
.text C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe[1588] C:\Windows\SYSTEM32\ntdll.dll!NtCreateThreadEx 0000000077721d90 6 bytes {JMP QWORD [RIP+0x8fde2a0]}
.text C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe[1588] C:\Windows\SYSTEM32\ntdll.dll!NtLoadDriver 0000000077722100 6 bytes {JMP QWORD [RIP+0x8ebdf30]}
.text C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe[1588] C:\Windows\SYSTEM32\ntdll.dll!NtMakeTemporaryObject 0000000077722190 6 bytes {JMP QWORD [RIP+0x8fbdea0]}
.text C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe[1588] C:\Windows\SYSTEM32\ntdll.dll!NtSetSystemInformation 0000000077722a00 6 bytes {JMP QWORD [RIP+0x8edd630]}
.text C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe[1588] C:\Windows\SYSTEM32\ntdll.dll!NtShutdownSystem 0000000077722a80 6 bytes {JMP QWORD [RIP+0x8e3d5b0]}
.text C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe[1588] C:\Windows\SYSTEM32\ntdll.dll!NtSystemDebugControl 0000000077722b00 6 bytes {JMP QWORD [RIP+0x8e5d530]}
.text C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe[1588] C:\Windows\system32\kernel32.dll!CreateProcessAsUserW 0000000076ffa420 6 bytes {JMP QWORD [RIP+0x90a5c10]}
.text C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe[1588] C:\Windows\system32\kernel32.dll!CreateProcessW 0000000077011b50 6 bytes {JMP QWORD [RIP+0x904e4e0]}
.text C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe[1588] C:\Windows\system32\kernel32.dll!CreateProcessA 0000000077088810 6 bytes {JMP QWORD [RIP+0x8ff7820]}
.text C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe[1588] C:\Windows\system32\KERNELBASE.dll!LoadLibraryExW + 357 000007fefdd29aa5 3 bytes [65, 65, 06]
.text C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe[1588] C:\Windows\system32\KERNELBASE.dll!SetProcessShutdownParameters 000007fefdd35290 5 bytes [FF, 25, A0, AD, 0A]
.text C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe[1588] C:\Windows\system32\GDI32.dll!DeleteDC 000007feff8322cc 6 bytes {JMP QWORD [RIP+0x23dd64]}
.text C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe[1588] C:\Windows\system32\GDI32.dll!BitBlt 000007feff8324c0 6 bytes {JMP QWORD [RIP+0x25db70]}
.text C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe[1588] C:\Windows\system32\GDI32.dll!MaskBlt 000007feff835be0 6 bytes {JMP QWORD [RIP+0x27a450]}
.text C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe[1588] C:\Windows\system32\GDI32.dll!CreateDCW 000007feff838398 6 bytes {JMP QWORD [RIP+0x1f7c98]}
.text C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe[1588] C:\Windows\system32\GDI32.dll!CreateDCA 000007feff8389c8 6 bytes {JMP QWORD [RIP+0x1d7668]}
.text C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe[1588] C:\Windows\system32\GDI32.dll!GetPixel 000007feff839344 6 bytes {JMP QWORD [RIP+0x216cec]}
.text C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe[1588] C:\Windows\system32\GDI32.dll!StretchBlt 000007feff83b9e8 6 bytes {JMP QWORD [RIP+0x2b4648]}
.text C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe[1588] C:\Windows\system32\GDI32.dll!PlgBlt 000007feff845410 6 bytes {JMP QWORD [RIP+0x28ac20]}
.text C:\Program Files (x86)\Comodo\Dragon\dragon_updater.exe[1644] C:\Windows\SysWOW64\ntdll.dll!NtClose 00000000778cf9c0 3 bytes [FF, 25, 1E]
.text C:\Program Files (x86)\Comodo\Dragon\dragon_updater.exe[1644] C:\Windows\SysWOW64\ntdll.dll!NtClose + 4 00000000778cf9c4 2 bytes [AE, 71]
.text C:\Program Files (x86)\Comodo\Dragon\dragon_updater.exe[1644] C:\Windows\SysWOW64\ntdll.dll!NtTerminateProcess 00000000778cfc90 3 bytes [FF, 25, 1E]
.text C:\Program Files (x86)\Comodo\Dragon\dragon_updater.exe[1644] C:\Windows\SysWOW64\ntdll.dll!NtTerminateProcess + 4 00000000778cfc94 2 bytes [FC, 70]
.text C:\Program Files (x86)\Comodo\Dragon\dragon_updater.exe[1644] C:\Windows\SysWOW64\ntdll.dll!NtOpenFile 00000000778cfd44 3 bytes [FF, 25, 1E]
.text C:\Program Files (x86)\Comodo\Dragon\dragon_updater.exe[1644] C:\Windows\SysWOW64\ntdll.dll!NtOpenFile + 4 00000000778cfd48 2 bytes [E7, 70]
.text C:\Program Files (x86)\Comodo\Dragon\dragon_updater.exe[1644] C:\Windows\SysWOW64\ntdll.dll!NtOpenSection 00000000778cfda8 3 bytes [FF, 25, 1E]
.text C:\Program Files (x86)\Comodo\Dragon\dragon_updater.exe[1644] C:\Windows\SysWOW64\ntdll.dll!NtOpenSection + 4 00000000778cfdac 2 bytes [ED, 70]
.text C:\Program Files (x86)\Comodo\Dragon\dragon_updater.exe[1644] C:\Windows\SysWOW64\ntdll.dll!NtAdjustPrivilegesToken 00000000778cfea0 3 bytes [FF, 25, 1E]
.text C:\Program Files (x86)\Comodo\Dragon\dragon_updater.exe[1644] C:\Windows\SysWOW64\ntdll.dll!NtAdjustPrivilegesToken + 4 00000000778cfea4 2 bytes [E4, 70]
.text C:\Program Files (x86)\Comodo\Dragon\dragon_updater.exe[1644] C:\Windows\SysWOW64\ntdll.dll!NtCreateSection 00000000778cff84 3 bytes [FF, 25, 1E]
.text C:\Program Files (x86)\Comodo\Dragon\dragon_updater.exe[1644] C:\Windows\SysWOW64\ntdll.dll!NtCreateSection + 4 00000000778cff88 2 bytes [F0, 70]
.text C:\Program Files (x86)\Comodo\Dragon\dragon_updater.exe[1644] C:\Windows\SysWOW64\ntdll.dll!NtCreateThread 00000000778cffe4 3 bytes [FF, 25, 1E]
.text C:\Program Files (x86)\Comodo\Dragon\dragon_updater.exe[1644] C:\Windows\SysWOW64\ntdll.dll!NtCreateThread + 4 00000000778cffe8 2 bytes [08, 71]
.text C:\Program Files (x86)\Comodo\Dragon\dragon_updater.exe[1644] C:\Windows\SysWOW64\ntdll.dll!NtTerminateThread 00000000778d0064 3 bytes [FF, 25, 1E]
.text C:\Program Files (x86)\Comodo\Dragon\dragon_updater.exe[1644] C:\Windows\SysWOW64\ntdll.dll!NtTerminateThread + 4 00000000778d0068 2 bytes [05, 71]
.text C:\Program Files (x86)\Comodo\Dragon\dragon_updater.exe[1644] C:\Windows\SysWOW64\ntdll.dll!NtCreateFile 00000000778d0094 3 bytes [FF, 25, 1E]
.text C:\Program Files (x86)\Comodo\Dragon\dragon_updater.exe[1644] C:\Windows\SysWOW64\ntdll.dll!NtCreateFile + 4 00000000778d0098 2 bytes [EA, 70]
.text C:\Program Files (x86)\Comodo\Dragon\dragon_updater.exe[1644] C:\Windows\SysWOW64\ntdll.dll!NtAlpcConnectPort 00000000778d0398 3 bytes [FF, 25, 1E]
.text C:\Program Files (x86)\Comodo\Dragon\dragon_updater.exe[1644] C:\Windows\SysWOW64\ntdll.dll!NtAlpcConnectPort + 4 00000000778d039c 2 bytes [D8, 70]
.text C:\Program Files (x86)\Comodo\Dragon\dragon_updater.exe[1644] C:\Windows\SysWOW64\ntdll.dll!NtAlpcSendWaitReceivePort 00000000778d0530 3 bytes [FF, 25, 1E]
.text C:\Program Files (x86)\Comodo\Dragon\dragon_updater.exe[1644] C:\Windows\SysWOW64\ntdll.dll!NtAlpcSendWaitReceivePort + 4 00000000778d0534 2 bytes [0B, 71]
.text C:\Program Files (x86)\Comodo\Dragon\dragon_updater.exe[1644] C:\Windows\SysWOW64\ntdll.dll!NtConnectPort 00000000778d0674 3 bytes [FF, 25, 1E]
.text C:\Program Files (x86)\Comodo\Dragon\dragon_updater.exe[1644] C:\Windows\SysWOW64\ntdll.dll!NtConnectPort + 4 00000000778d0678 2 bytes [F9, 70]
.text C:\Program Files (x86)\Comodo\Dragon\dragon_updater.exe[1644] C:\Windows\SysWOW64\ntdll.dll!NtCreateSymbolicLinkObject 00000000778d086c 3 bytes [FF, 25, 1E]
.text C:\Program Files (x86)\Comodo\Dragon\dragon_updater.exe[1644] C:\Windows\SysWOW64\ntdll.dll!NtCreateSymbolicLinkObject + 4 00000000778d0870 2 bytes [E1, 70]
.text C:\Program Files (x86)\Comodo\Dragon\dragon_updater.exe[1644] C:\Windows\SysWOW64\ntdll.dll!NtCreateThreadEx 00000000778d0884 3 bytes [FF, 25, 1E]
.text C:\Program Files (x86)\Comodo\Dragon\dragon_updater.exe[1644] C:\Windows\SysWOW64\ntdll.dll!NtCreateThreadEx + 4 00000000778d0888 2 bytes [DB, 70]
.text C:\Program Files (x86)\Comodo\Dragon\dragon_updater.exe[1644] C:\Windows\SysWOW64\ntdll.dll!NtLoadDriver 00000000778d0dd4 3 bytes [FF, 25, 1E]
.text C:\Program Files (x86)\Comodo\Dragon\dragon_updater.exe[1644] C:\Windows\SysWOW64\ntdll.dll!NtLoadDriver + 4 00000000778d0dd8 2 bytes [F6, 70]
.text C:\Program Files (x86)\Comodo\Dragon\dragon_updater.exe[1644] C:\Windows\SysWOW64\ntdll.dll!NtMakeTemporaryObject 00000000778d0eb8 3 bytes [FF, 25, 1E]
.text C:\Program Files (x86)\Comodo\Dragon\dragon_updater.exe[1644] C:\Windows\SysWOW64\ntdll.dll!NtMakeTemporaryObject + 4 00000000778d0ebc 2 bytes [DE, 70]
.text C:\Program Files (x86)\Comodo\Dragon\dragon_updater.exe[1644] C:\Windows\SysWOW64\ntdll.dll!NtSetSystemInformation 00000000778d1bc4 3 bytes [FF, 25, 1E]
.text C:\Program Files (x86)\Comodo\Dragon\dragon_updater.exe[1644] C:\Windows\SysWOW64\ntdll.dll!NtSetSystemInformation + 4 00000000778d1bc8 2 bytes [F3, 70]
.text C:\Program Files (x86)\Comodo\Dragon\dragon_updater.exe[1644] C:\Windows\SysWOW64\ntdll.dll!NtShutdownSystem 00000000778d1c94 3 bytes [FF, 25, 1E]
.text C:\Program Files (x86)\Comodo\Dragon\dragon_updater.exe[1644] C:\Windows\SysWOW64\ntdll.dll!NtShutdownSystem + 4 00000000778d1c98 2 bytes [02, 71]
.text C:\Program Files (x86)\Comodo\Dragon\dragon_updater.exe[1644] C:\Windows\SysWOW64\ntdll.dll!NtSystemDebugControl 00000000778d1d6c 3 bytes [FF, 25, 1E]
.text C:\Program Files (x86)\Comodo\Dragon\dragon_updater.exe[1644] C:\Windows\SysWOW64\ntdll.dll!NtSystemDebugControl + 4 00000000778d1d70 2 bytes [FF, 70]
.text C:\Program Files (x86)\Comodo\Dragon\dragon_updater.exe[1644] C:\Windows\SysWOW64\ntdll.dll!LdrUnloadDll 00000000778f1217 6 bytes {JMP QWORD [RIP+0x71a7001e]}
.text C:\Program Files (x86)\Comodo\Dragon\dragon_updater.exe[1644] C:\Windows\syswow64\kernel32.dll!CreateProcessW 000000007689103d 6 bytes {JMP QWORD [RIP+0x719b001e]}
.text C:\Program Files (x86)\Comodo\Dragon\dragon_updater.exe[1644] C:\Windows\syswow64\kernel32.dll!CreateProcessA 0000000076891072 6 bytes {JMP QWORD [RIP+0x7198001e]}
.text C:\Program Files (x86)\Comodo\Dragon\dragon_updater.exe[1644] C:\Windows\syswow64\kernel32.dll!CreateProcessAsUserW 00000000768bc9b5 6 bytes {JMP QWORD [RIP+0x7192001e]}
.text C:\Program Files (x86)\Comodo\Dragon\dragon_updater.exe[1644] C:\Windows\syswow64\KERNELBASE.dll!SetProcessShutdownParameters 0000000076f2f776 6 bytes {JMP QWORD [RIP+0x719e001e]}
.text C:\Program Files (x86)\Comodo\Dragon\dragon_updater.exe[1644] C:\Windows\syswow64\KERNELBASE.dll!LoadLibraryExW + 493 0000000076f32c91 4 bytes {CALL QWORD [RIP+0x71ac000a]}
.text C:\Program Files (x86)\Comodo\Dragon\dragon_updater.exe[1644] C:\Windows\syswow64\ADVAPI32.dll!CreateProcessAsUserA 0000000075212538 6 bytes {JMP QWORD [RIP+0x7195001e]}
.text C:\Program Files (x86)\Comodo\Dragon\dragon_updater.exe[1644] C:\Windows\syswow64\GDI32.dll!DeleteDC 00000000750358b3 6 bytes {JMP QWORD [RIP+0x7180001e]}
.text C:\Program Files (x86)\Comodo\Dragon\dragon_updater.exe[1644] C:\Windows\syswow64\GDI32.dll!BitBlt 0000000075035ea6 6 bytes {JMP QWORD [RIP+0x717d001e]}
.text C:\Program Files (x86)\Comodo\Dragon\dragon_updater.exe[1644] C:\Windows\syswow64\GDI32.dll!CreateDCA 0000000075037bcc 6 bytes {JMP QWORD [RIP+0x718f001e]}
.text C:\Program Files (x86)\Comodo\Dragon\dragon_updater.exe[1644] C:\Windows\syswow64\GDI32.dll!StretchBlt 000000007503b895 6 bytes {JMP QWORD [RIP+0x7174001e]}
.text C:\Program Files (x86)\Comodo\Dragon\dragon_updater.exe[1644] C:\Windows\syswow64\GDI32.dll!MaskBlt 000000007503c332 6 bytes {JMP QWORD [RIP+0x717a001e]}
.text C:\Program Files (x86)\Comodo\Dragon\dragon_updater.exe[1644] C:\Windows\syswow64\GDI32.dll!GetPixel 000000007503cbfb 6 bytes {JMP QWORD [RIP+0x7189001e]}
.text C:\Program Files (x86)\Comodo\Dragon\dragon_updater.exe[1644] C:\Windows\syswow64\GDI32.dll!CreateDCW 000000007503e743 6 bytes {JMP QWORD [RIP+0x718c001e]}
.text C:\Program Files (x86)\Comodo\Dragon\dragon_updater.exe[1644] C:\Windows\syswow64\GDI32.dll!PlgBlt 0000000075064646 6 bytes {JMP QWORD [RIP+0x7177001e]}
.text C:\Program Files (x86)\Comodo\Dragon\dragon_updater.exe[1644] C:\Windows\syswow64\USER32.dll!PostThreadMessageW 0000000076408bff 6 bytes {JMP QWORD [RIP+0x7159001e]}
.text C:\Program Files (x86)\Comodo\Dragon\dragon_updater.exe[1644] C:\Windows\syswow64\USER32.dll!SystemParametersInfoW 00000000764090d3 6 bytes {JMP QWORD [RIP+0x7114001e]}
.text C:\Program Files (x86)\Comodo\Dragon\dragon_updater.exe[1644] C:\Windows\syswow64\USER32.dll!SendMessageW 0000000076409679 6 bytes {JMP QWORD [RIP+0x7153001e]}
.text C:\Program Files (x86)\Comodo\Dragon\dragon_updater.exe[1644] C:\Windows\syswow64\USER32.dll!SendMessageTimeoutW 00000000764097d2 6 bytes {JMP QWORD [RIP+0x714d001e]}
.text C:\Program Files (x86)\Comodo\Dragon\dragon_updater.exe[1644] C:\Windows\syswow64\USER32.dll!SetWinEventHook 000000007640ee09 6 bytes {JMP QWORD [RIP+0x7165001e]}
.text C:\Program Files (x86)\Comodo\Dragon\dragon_updater.exe[1644] C:\Windows\syswow64\USER32.dll!RegisterHotKey 000000007640efc9 3 bytes [FF, 25, 1E]
.text C:\Program Files (x86)\Comodo\Dragon\dragon_updater.exe[1644] C:\Windows\syswow64\USER32.dll!RegisterHotKey + 4 000000007640efcd 2 bytes [1A, 71]
.text C:\Program Files (x86)\Comodo\Dragon\dragon_updater.exe[1644] C:\Windows\syswow64\USER32.dll!PostMessageW 00000000764112a5 6 bytes {JMP QWORD [RIP+0x715f001e]}
.text C:\Program Files (x86)\Comodo\Dragon\dragon_updater.exe[1644] C:\Windows\syswow64\USER32.dll!GetKeyState 000000007641291f 6 bytes {JMP QWORD [RIP+0x7132001e]}
.text C:\Program Files (x86)\Comodo\Dragon\dragon_updater.exe[1644] C:\Windows\syswow64\USER32.dll!SetParent 0000000076412d64 3 bytes [FF, 25, 1E]
.text C:\Program Files (x86)\Comodo\Dragon\dragon_updater.exe[1644] C:\Windows\syswow64\USER32.dll!SetParent + 4 0000000076412d68 2 bytes [29, 71]
.text C:\Program Files (x86)\Comodo\Dragon\dragon_updater.exe[1644] C:\Windows\syswow64\USER32.dll!EnableWindow 0000000076412da4 6 bytes {JMP QWORD [RIP+0x7111001e]}
.text C:\Program Files (x86)\Comodo\Dragon\dragon_updater.exe[1644] C:\Windows\syswow64\USER32.dll!MoveWindow 0000000076413698 3 bytes [FF, 25, 1E]
.text C:\Program Files (x86)\Comodo\Dragon\dragon_updater.exe[1644] C:\Windows\syswow64\USER32.dll!MoveWindow + 4 000000007641369c 2 bytes [26, 71]
.text C:\Program Files (x86)\Comodo\Dragon\dragon_updater.exe[1644] C:\Windows\syswow64\USER32.dll!PostMessageA 0000000076413baa 6 bytes {JMP QWORD [RIP+0x7162001e]}
.text C:\Program Files (x86)\Comodo\Dragon\dragon_updater.exe[1644] C:\Windows\syswow64\USER32.dll!PostThreadMessageA 0000000076413c61 6 bytes {JMP QWORD [RIP+0x715c001e]}
.text C:\Program Files (x86)\Comodo\Dragon\dragon_updater.exe[1644] C:\Windows\syswow64\USER32.dll!SendMessageA 000000007641612e 6 bytes {JMP QWORD [RIP+0x7156001e]}
.text C:\Program Files (x86)\Comodo\Dragon\dragon_updater.exe[1644] C:\Windows\syswow64\USER32.dll!SystemParametersInfoA 0000000076416c30 6 bytes {JMP QWORD [RIP+0x7117001e]}
.text C:\Program Files (x86)\Comodo\Dragon\dragon_updater.exe[1644] C:\Windows\syswow64\USER32.dll!SetWindowsHookExW 0000000076417603 6 bytes {JMP QWORD [RIP+0x7168001e]}
.text C:\Program Files (x86)\Comodo\Dragon\dragon_updater.exe[1644] C:\Windows\syswow64\USER32.dll!SendNotifyMessageW 0000000076417668 6 bytes {JMP QWORD [RIP+0x7141001e]}
.text C:\Program Files (x86)\Comodo\Dragon\dragon_updater.exe[1644] C:\Windows\syswow64\USER32.dll!SendMessageCallbackW 00000000764176e0 6 bytes {JMP QWORD [RIP+0x7147001e]}
.text C:\Program Files (x86)\Comodo\Dragon\dragon_updater.exe[1644] C:\Windows\syswow64\USER32.dll!SendMessageTimeoutA 000000007641781f 6 bytes {JMP QWORD [RIP+0x7150001e]}
.text C:\Program Files (x86)\Comodo\Dragon\dragon_updater.exe[1644] C:\Windows\syswow64\USER32.dll!SetWindowsHookExA 000000007641835c 6 bytes {JMP QWORD [RIP+0x716b001e]}
.text C:\Program Files (x86)\Comodo\Dragon\dragon_updater.exe[1644] C:\Windows\syswow64\USER32.dll!SetClipboardViewer 000000007641c4b6 3 bytes [FF, 25, 1E]
.text C:\Program Files (x86)\Comodo\Dragon\dragon_updater.exe[1644] C:\Windows\syswow64\USER32.dll!SetClipboardViewer + 4 000000007641c4ba 2 bytes [23, 71]
.text C:\Program Files (x86)\Comodo\Dragon\dragon_updater.exe[1644] C:\Windows\syswow64\USER32.dll!SendDlgItemMessageA 000000007642c112 6 bytes {JMP QWORD [RIP+0x713e001e]}
.text C:\Program Files (x86)\Comodo\Dragon\dragon_updater.exe[1644] C:\Windows\syswow64\USER32.dll!SendDlgItemMessageW 000000007642d0f5 6 bytes {JMP QWORD [RIP+0x713b001e]}
.text C:\Program Files (x86)\Comodo\Dragon\dragon_updater.exe[1644] C:\Windows\syswow64\USER32.dll!GetAsyncKeyState 000000007642eb96 6 bytes {JMP QWORD [RIP+0x712f001e]}
.text C:\Program Files (x86)\Comodo\Dragon\dragon_updater.exe[1644] C:\Windows\syswow64\USER32.dll!GetKeyboardState 000000007642ec68 3 bytes [FF, 25, 1E]
.text C:\Program Files (x86)\Comodo\Dragon\dragon_updater.exe[1644] C:\Windows\syswow64\USER32.dll!GetKeyboardState + 4 000000007642ec6c 2 bytes [35, 71]
.text C:\Program Files (x86)\Comodo\Dragon\dragon_updater.exe[1644] C:\Windows\syswow64\USER32.dll!SendInput 000000007642ff4a 3 bytes [FF, 25, 1E]
.text C:\Program Files (x86)\Comodo\Dragon\dragon_updater.exe[1644] C:\Windows\syswow64\USER32.dll!SendInput + 4 000000007642ff4e 2 bytes [38, 71]
.text C:\Program Files (x86)\Comodo\Dragon\dragon_updater.exe[1644] C:\Windows\syswow64\USER32.dll!GetClipboardData 0000000076449f1d 6 bytes {JMP QWORD [RIP+0x711d001e]}
.text C:\Program Files (x86)\Comodo\Dragon\dragon_updater.exe[1644] C:\Windows\syswow64\USER32.dll!ExitWindowsEx 0000000076451497 6 bytes {JMP QWORD [RIP+0x710e001e]}
.text C:\Program Files (x86)\Comodo\Dragon\dragon_updater.exe[1644] C:\Windows\syswow64\USER32.dll!mouse_event 000000007646027b 6 bytes {JMP QWORD [RIP+0x716e001e]}
.text C:\Program Files (x86)\Comodo\Dragon\dragon_updater.exe[1644] C:\Windows\syswow64\USER32.dll!keybd_event 00000000764602bf 6 bytes {JMP QWORD [RIP+0x7171001e]}
.text C:\Program Files (x86)\Comodo\Dragon\dragon_updater.exe[1644] C:\Windows\syswow64\USER32.dll!SendMessageCallbackA 0000000076466cfc 6 bytes {JMP QWORD [RIP+0x714a001e]}
.text C:\Program Files (x86)\Comodo\Dragon\dragon_updater.exe[1644] C:\Windows\syswow64\USER32.dll!SendNotifyMessageA 0000000076466d5d 6 bytes {JMP QWORD [RIP+0x7144001e]}
.text C:\Program Files (x86)\Comodo\Dragon\dragon_updater.exe[1644] C:\Windows\syswow64\USER32.dll!BlockInput 0000000076467dd7 3 bytes [FF, 25, 1E]
.text C:\Program Files (x86)\Comodo\Dragon\dragon_updater.exe[1644] C:\Windows\syswow64\USER32.dll!BlockInput + 4 0000000076467ddb 2 bytes [20, 71]
.text C:\Program Files (x86)\Comodo\Dragon\dragon_updater.exe[1644] C:\Windows\syswow64\USER32.dll!RegisterRawInputDevices 00000000764688eb 3 bytes [FF, 25, 1E]
.text C:\Program Files (x86)\Comodo\Dragon\dragon_updater.exe[1644] C:\Windows\syswow64\USER32.dll!RegisterRawInputDevices + 4 00000000764688ef 2 bytes [2C, 71]
.text C:\Windows\system32\svchost.exe[1676] C:\Windows\SYSTEM32\ntdll.dll!LdrUnloadDll 00000000776f3ae0 6 bytes {JMP QWORD [RIP+0x894c550]}
.text C:\Windows\system32\svchost.exe[1676] C:\Windows\SYSTEM32\ntdll.dll!NtClose 0000000077721400 6 bytes {JMP QWORD [RIP+0x88fec30]}
.text C:\Windows\system32\svchost.exe[1676] C:\Windows\SYSTEM32\ntdll.dll!NtTerminateProcess 00000000777215d0 6 bytes {JMP QWORD [RIP+0x8e7ea60]}
.text C:\Windows\system32\svchost.exe[1676] C:\Windows\SYSTEM32\ntdll.dll!NtOpenFile 0000000077721640 6 bytes {JMP QWORD [RIP+0x8f5e9f0]}
.text C:\Windows\system32\svchost.exe[1676] C:\Windows\SYSTEM32\ntdll.dll!NtOpenSection 0000000077721680 6 bytes {JMP QWORD [RIP+0x8f1e9b0]}
.text C:\Windows\system32\svchost.exe[1676] C:\Windows\SYSTEM32\ntdll.dll!NtAdjustPrivilegesToken 0000000077721720 6 bytes {JMP QWORD [RIP+0x8f7e910]}
.text C:\Windows\system32\svchost.exe[1676] C:\Windows\SYSTEM32\ntdll.dll!NtCreateSection 00000000777217b0 6 bytes {JMP QWORD [RIP+0x8efe880]}
.text C:\Windows\system32\svchost.exe[1676] C:\Windows\SYSTEM32\ntdll.dll!NtCreateThread 00000000777217f0 6 bytes {JMP QWORD [RIP+0x8dfe840]}
.text C:\Windows\system32\svchost.exe[1676] C:\Windows\SYSTEM32\ntdll.dll!NtTerminateThread 0000000077721840 6 bytes {JMP QWORD [RIP+0x8e1e7f0]}
.text C:\Windows\system32\svchost.exe[1676] C:\Windows\SYSTEM32\ntdll.dll!NtCreateFile 0000000077721860 6 bytes {JMP QWORD [RIP+0x8f3e7d0]}
.text C:\Windows\system32\svchost.exe[1676] C:\Windows\SYSTEM32\ntdll.dll!NtAlpcConnectPort 0000000077721a50 6 bytes {JMP QWORD [RIP+0x8ffe5e0]}
.text C:\Windows\system32\svchost.exe[1676] C:\Windows\SYSTEM32\ntdll.dll!NtAlpcSendWaitReceivePort 0000000077721b60 6 bytes {JMP QWORD [RIP+0x8dde4d0]}
.text C:\Windows\system32\svchost.exe[1676] C:\Windows\SYSTEM32\ntdll.dll!NtConnectPort 0000000077721c30 6 bytes {JMP QWORD [RIP+0x8e9e400]}
.text C:\Windows\system32\svchost.exe[1676] C:\Windows\SYSTEM32\ntdll.dll!NtCreateSymbolicLinkObject 0000000077721d80 6 bytes {JMP QWORD [RIP+0x8f9e2b0]}
.text C:\Windows\system32\svchost.exe[1676] C:\Windows\SYSTEM32\ntdll.dll!NtCreateThreadEx 0000000077721d90 6 bytes {JMP QWORD [RIP+0x8fde2a0]}
.text C:\Windows\system32\svchost.exe[1676] C:\Windows\SYSTEM32\ntdll.dll!NtLoadDriver 0000000077722100 6 bytes {JMP QWORD [RIP+0x8ebdf30]}
.text C:\Windows\system32\svchost.exe[1676] C:\Windows\SYSTEM32\ntdll.dll!NtMakeTemporaryObject 0000000077722190 6 bytes {JMP QWORD [RIP+0x8fbdea0]}
.text C:\Windows\system32\svchost.exe[1676] C:\Windows\SYSTEM32\ntdll.dll!NtSetSystemInformation 0000000077722a00 6 bytes {JMP QWORD [RIP+0x8edd630]}
.text C:\Windows\system32\svchost.exe[1676] C:\Windows\SYSTEM32\ntdll.dll!NtShutdownSystem 0000000077722a80 6 bytes {JMP QWORD [RIP+0x8e3d5b0]}
.text C:\Windows\system32\svchost.exe[1676] C:\Windows\SYSTEM32\ntdll.dll!NtSystemDebugControl 0000000077722b00 6 bytes {JMP QWORD [RIP+0x8e5d530]}
.text C:\Windows\system32\svchost.exe[1676] C:\Windows\system32\KERNELBASE.dll!LoadLibraryExW + 357 000007fefdd29aa5 3 bytes [65, 65, 06]
.text C:\Windows\system32\svchost.exe[1676] C:\Windows\system32\KERNELBASE.dll!SetProcessShutdownParameters 000007fefdd35290 5 bytes [FF, 25, A0, AD, 0A]
.text C:\Windows\system32\svchost.exe[1676] C:\Windows\system32\GDI32.dll!DeleteDC 000007feff8322cc 6 bytes {JMP QWORD [RIP+0x1add64]}
.text C:\Windows\system32\svchost.exe[1676] C:\Windows\system32\GDI32.dll!BitBlt 000007feff8324c0 6 bytes {JMP QWORD [RIP+0x1ddb70]}
.text C:\Windows\system32\svchost.exe[1676] C:\Windows\system32\GDI32.dll!MaskBlt 000007feff835be0 6 bytes {JMP QWORD [RIP+0x1fa450]}
.text C:\Windows\system32\svchost.exe[1676] C:\Windows\system32\GDI32.dll!CreateDCW 000007feff838398 6 bytes {JMP QWORD [RIP+0xc7c98]}
.text C:\Windows\system32\svchost.exe[1676] C:\Windows\system32\GDI32.dll!CreateDCA 000007feff8389c8 6 bytes {JMP QWORD [RIP+0xa7668]}
.text C:\Windows\system32\svchost.exe[1676] C:\Windows\system32\GDI32.dll!GetPixel 000007feff839344 6 bytes {JMP QWORD [RIP+0xe6cec]}
.text C:\Windows\system32\svchost.exe[1676] C:\Windows\system32\GDI32.dll!StretchBlt 000007feff83b9e8 6 bytes {JMP QWORD [RIP+0x234648]}
.text C:\Windows\system32\svchost.exe[1676] C:\Windows\system32\GDI32.dll!PlgBlt 000007feff845410 6 bytes {JMP QWORD [RIP+0x20ac20]}
.text C:\Program Files (x86)\Common Files\Comodo\GeekBuddyRSP.exe[1732] C:\Windows\SysWOW64\ntdll.dll!NtClose 00000000778cf9c0 3 bytes [FF, 25, 1E]
.text C:\Program Files (x86)\Common Files\Comodo\GeekBuddyRSP.exe[1732] C:\Windows\SysWOW64\ntdll.dll!NtClose + 4 00000000778cf9c4 2 bytes [AE, 71]
.text C:\Program Files (x86)\Common Files\Comodo\GeekBuddyRSP.exe[1732] C:\Windows\SysWOW64\ntdll.dll!NtTerminateProcess 00000000778cfc90 3 bytes [FF, 25, 1E]
.text C:\Program Files (x86)\Common Files\Comodo\GeekBuddyRSP.exe[1732] C:\Windows\SysWOW64\ntdll.dll!NtTerminateProcess + 4 00000000778cfc94 2 bytes [02, 71]
.text C:\Program Files (x86)\Common Files\Comodo\GeekBuddyRSP.exe[1732] C:\Windows\SysWOW64\ntdll.dll!NtOpenFile 00000000778cfd44 3 bytes [FF, 25, 1E]
.text C:\Program Files (x86)\Common Files\Comodo\GeekBuddyRSP.exe[1732] C:\Windows\SysWOW64\ntdll.dll!NtOpenFile + 4 00000000778cfd48 2 bytes [ED, 70]
.text C:\Program Files (x86)\Common Files\Comodo\GeekBuddyRSP.exe[1732] C:\Windows\SysWOW64\ntdll.dll!NtOpenSection 00000000778cfda8 3 bytes [FF, 25, 1E]
.text C:\Program Files (x86)\Common Files\Comodo\GeekBuddyRSP.exe[1732] C:\Windows\SysWOW64\ntdll.dll!NtOpenSection + 4 00000000778cfdac 2 bytes [F3, 70]
.text C:\Program Files (x86)\Common Files\Comodo\GeekBuddyRSP.exe[1732] C:\Windows\SysWOW64\ntdll.dll!NtAdjustPrivilegesToken 00000000778cfea0 3 bytes [FF, 25, 1E]
.text C:\Program Files (x86)\Common Files\Comodo\GeekBuddyRSP.exe[1732] C:\Windows\SysWOW64\ntdll.dll!NtAdjustPrivilegesToken + 4 00000000778cfea4 2 bytes [EA, 70]
.text C:\Program Files (x86)\Common Files\Comodo\GeekBuddyRSP.exe[1732] C:\Windows\SysWOW64\ntdll.dll!NtCreateSection 00000000778cff84 3 bytes [FF, 25, 1E]
.text C:\Program Files (x86)\Common Files\Comodo\GeekBuddyRSP.exe[1732] C:\Windows\SysWOW64\ntdll.dll!NtCreateSection + 4 00000000778cff88 2 bytes [F6, 70]
.text C:\Program Files (x86)\Common Files\Comodo\GeekBuddyRSP.exe[1732] C:\Windows\SysWOW64\ntdll.dll!NtCreateThread 00000000778cffe4 3 bytes [FF, 25, 1E]
.text C:\Program Files (x86)\Common Files\Comodo\GeekBuddyRSP.exe[1732] C:\Windows\SysWOW64\ntdll.dll!NtCreateThread + 4 00000000778cffe8 2 bytes [0E, 71]
.text C:\Program Files (x86)\Common Files\Comodo\GeekBuddyRSP.exe[1732] C:\Windows\SysWOW64\ntdll.dll!NtTerminateThread 00000000778d0064 3 bytes [FF, 25, 1E]
.text C:\Program Files (x86)\Common Files\Comodo\GeekBuddyRSP.exe[1732] C:\Windows\SysWOW64\ntdll.dll!NtTerminateThread + 4 00000000778d0068 2 bytes [0B, 71]
.text C:\Program Files (x86)\Common Files\Comodo\GeekBuddyRSP.exe[1732] C:\Windows\SysWOW64\ntdll.dll!NtCreateFile 00000000778d0094 3 bytes [FF, 25, 1E]
.text C:\Program Files (x86)\Common Files\Comodo\GeekBuddyRSP.exe[1732] C:\Windows\SysWOW64\ntdll.dll!NtCreateFile + 4 00000000778d0098 2 bytes [F0, 70]
.text C:\Program Files (x86)\Common Files\Comodo\GeekBuddyRSP.exe[1732] C:\Windows\SysWOW64\ntdll.dll!NtAlpcConnectPort 00000000778d0398 3 bytes [FF, 25, 1E]
.text C:\Program Files (x86)\Common Files\Comodo\GeekBuddyRSP.exe[1732] C:\Windows\SysWOW64\ntdll.dll!NtAlpcConnectPort + 4 00000000778d039c 2 bytes [DE, 70]
.text C:\Program Files (x86)\Common Files\Comodo\GeekBuddyRSP.exe[1732] C:\Windows\SysWOW64\ntdll.dll!NtAlpcSendWaitReceivePort 00000000778d0530 3 bytes [FF, 25, 1E]
.text C:\Program Files (x86)\Common Files\Comodo\GeekBuddyRSP.exe[1732] C:\Windows\SysWOW64\ntdll.dll!NtAlpcSendWaitReceivePort + 4 00000000778d0534 2 bytes [11, 71]
.text C:\Program Files (x86)\Common Files\Comodo\GeekBuddyRSP.exe[1732] C:\Windows\SysWOW64\ntdll.dll!NtConnectPort 00000000778d0674 3 bytes [FF, 25, 1E]
.text C:\Program Files (x86)\Common Files\Comodo\GeekBuddyRSP.exe[1732] C:\Windows\SysWOW64\ntdll.dll!NtConnectPort + 4 00000000778d0678 2 bytes [FF, 70]
.text C:\Program Files (x86)\Common Files\Comodo\GeekBuddyRSP.exe[1732] C:\Windows\SysWOW64\ntdll.dll!NtCreateSymbolicLinkObject 00000000778d086c 3 bytes [FF, 25, 1E]
.text C:\Program Files (x86)\Common Files\Comodo\GeekBuddyRSP.exe[1732] C:\Windows\SysWOW64\ntdll.dll!NtCreateSymbolicLinkObject + 4 00000000778d0870 2 bytes [E7, 70]
.text C:\Program Files (x86)\Common Files\Comodo\GeekBuddyRSP.exe[1732] C:\Windows\SysWOW64\ntdll.dll!NtCreateThreadEx 00000000778d0884 3 bytes [FF, 25, 1E]
.text C:\Program Files (x86)\Common Files\Comodo\GeekBuddyRSP.exe[1732] C:\Windows\SysWOW64\ntdll.dll!NtCreateThreadEx + 4 00000000778d0888 2 bytes [E1, 70]
.text C:\Program Files (x86)\Common Files\Comodo\GeekBuddyRSP.exe[1732] C:\Windows\SysWOW64\ntdll.dll!NtLoadDriver 00000000778d0dd4 3 bytes [FF, 25, 1E]
.text C:\Program Files (x86)\Common Files\Comodo\GeekBuddyRSP.exe[1732] C:\Windows\SysWOW64\ntdll.dll!NtLoadDriver + 4 00000000778d0dd8 2 bytes [FC, 70]
.text C:\Program Files (x86)\Common Files\Comodo\GeekBuddyRSP.exe[1732] C:\Windows\SysWOW64\ntdll.dll!NtMakeTemporaryObject 00000000778d0eb8 3 bytes [FF, 25, 1E]
.text C:\Program Files (x86)\Common Files\Comodo\GeekBuddyRSP.exe[1732] C:\Windows\SysWOW64\ntdll.dll!NtMakeTemporaryObject + 4 00000000778d0ebc 2 bytes [E4, 70]
.text C:\Program Files (x86)\Common Files\Comodo\GeekBuddyRSP.exe[1732] C:\Windows\SysWOW64\ntdll.dll!NtSetSystemInformation 00000000778d1bc4 3 bytes [FF, 25, 1E]
.text C:\Program Files (x86)\Common Files\Comodo\GeekBuddyRSP.exe[1732] C:\Windows\SysWOW64\ntdll.dll!NtSetSystemInformation + 4 00000000778d1bc8 2 bytes [F9, 70]
.text C:\Program Files (x86)\Common Files\Comodo\GeekBuddyRSP.exe[1732] C:\Windows\SysWOW64\ntdll.dll!NtShutdownSystem 00000000778d1c94 3 bytes [FF, 25, 1E]
.text C:\Program Files (x86)\Common Files\Comodo\GeekBuddyRSP.exe[1732] C:\Windows\SysWOW64\ntdll.dll!NtShutdownSystem + 4 00000000778d1c98 2 bytes [08, 71]
.text C:\Program Files (x86)\Common Files\Comodo\GeekBuddyRSP.exe[1732] C:\Windows\SysWOW64\ntdll.dll!NtSystemDebugControl 00000000778d1d6c 3 bytes [FF, 25, 1E]
.text C:\Program Files (x86)\Common Files\Comodo\GeekBuddyRSP.exe[1732] C:\Windows\SysWOW64\ntdll.dll!NtSystemDebugControl + 4 00000000778d1d70 2 bytes [05, 71]
.text C:\Program Files (x86)\Common Files\Comodo\GeekBuddyRSP.exe[1732] C:\Windows\SysWOW64\ntdll.dll!LdrUnloadDll 00000000778f1217 6 bytes {JMP QWORD [RIP+0x71a7001e]}
.text C:\Program Files (x86)\Common Files\Comodo\GeekBuddyRSP.exe[1732] C:\Windows\syswow64\kernel32.dll!CreateProcessW 000000007689103d 6 bytes {JMP QWORD [RIP+0x719b001e]}
.text C:\Program Files (x86)\Common Files\Comodo\GeekBuddyRSP.exe[1732] C:\Windows\syswow64\kernel32.dll!CreateProcessA 0000000076891072 6 bytes {JMP QWORD [RIP+0x7198001e]}
.text C:\Program Files (x86)\Common Files\Comodo\GeekBuddyRSP.exe[1732] C:\Windows\syswow64\kernel32.dll!CreateProcessAsUserW 00000000768bc9b5 6 bytes {JMP QWORD [RIP+0x7192001e]}
.text C:\Program Files (x86)\Common Files\Comodo\GeekBuddyRSP.exe[1732] C:\Windows\syswow64\KERNELBASE.dll!SetProcessShutdownParameters 0000000076f2f776 6 bytes {JMP QWORD [RIP+0x719e001e]}
.text C:\Program Files (x86)\Common Files\Comodo\GeekBuddyRSP.exe[1732] C:\Windows\syswow64\KERNELBASE.dll!LoadLibraryExW + 493 0000000076f32c91 4 bytes {CALL QWORD [RIP+0x71ac000a]}
.text C:\Program Files (x86)\Common Files\Comodo\GeekBuddyRSP.exe[1732] C:\Windows\syswow64\USER32.dll!PostThreadMessageW 0000000076408bff 6 bytes {JMP QWORD [RIP+0x715f001e]}
.text C:\Program Files (x86)\Common Files\Comodo\GeekBuddyRSP.exe[1732] C:\Windows\syswow64\USER32.dll!SystemParametersInfoW 00000000764090d3 6 bytes {JMP QWORD [RIP+0x711a001e]}
.text C:\Program Files (x86)\Common Files\Comodo\GeekBuddyRSP.exe[1732] C:\Windows\syswow64\USER32.dll!SendMessageW 0000000076409679 6 bytes {JMP QWORD [RIP+0x7159001e]}
.text C:\Program Files (x86)\Common Files\Comodo\GeekBuddyRSP.exe[1732] C:\Windows\syswow64\USER32.dll!SendMessageTimeoutW 00000000764097d2 6 bytes {JMP QWORD [RIP+0x7153001e]}
.text C:\Program Files (x86)\Common Files\Comodo\GeekBuddyRSP.exe[1732] C:\Windows\syswow64\USER32.dll!SetWinEventHook 000000007640ee09 6 bytes {JMP QWORD [RIP+0x716b001e]}
.text C:\Program Files (x86)\Common Files\Comodo\GeekBuddyRSP.exe[1732] C:\Windows\syswow64\USER32.dll!RegisterHotKey 000000007640efc9 3 bytes [FF, 25, 1E]
.text C:\Program Files (x86)\Common Files\Comodo\GeekBuddyRSP.exe[1732] C:\Windows\syswow64\USER32.dll!RegisterHotKey + 4 000000007640efcd 2 bytes [20, 71]
.text C:\Program Files (x86)\Common Files\Comodo\GeekBuddyRSP.exe[1732] C:\Windows\syswow64\USER32.dll!PostMessageW 00000000764112a5 6 bytes {JMP QWORD [RIP+0x7165001e]}
.text C:\Program Files (x86)\Common Files\Comodo\GeekBuddyRSP.exe[1732] C:\Windows\syswow64\USER32.dll!GetKeyState 000000007641291f 6 bytes {JMP QWORD [RIP+0x7138001e]}
.text C:\Program Files (x86)\Common Files\Comodo\GeekBuddyRSP.exe[1732] C:\Windows\syswow64\USER32.dll!SetParent 0000000076412d64 3 bytes [FF, 25, 1E]
.text C:\Program Files (x86)\Common Files\Comodo\GeekBuddyRSP.exe[1732] C:\Windows\syswow64\USER32.dll!SetParent + 4 0000000076412d68 2 bytes [2F, 71]
.text C:\Program Files (x86)\Common Files\Comodo\GeekBuddyRSP.exe[1732] C:\Windows\syswow64\USER32.dll!EnableWindow 0000000076412da4 6 bytes {JMP QWORD [RIP+0x7117001e]}
.text C:\Program Files (x86)\Common Files\Comodo\GeekBuddyRSP.exe[1732] C:\Windows\syswow64\USER32.dll!MoveWindow 0000000076413698 3 bytes [FF, 25, 1E]
.text C:\Program Files (x86)\Common Files\Comodo\GeekBuddyRSP.exe[1732] C:\Windows\syswow64\USER32.dll!MoveWindow + 4 000000007641369c 2 bytes [2C, 71]
.text C:\Program Files (x86)\Common Files\Comodo\GeekBuddyRSP.exe[1732] C:\Windows\syswow64\USER32.dll!PostMessageA 0000000076413baa 6 bytes {JMP QWORD [RIP+0x7168001e]}
.text C:\Program Files (x86)\Common Files\Comodo\GeekBuddyRSP.exe[1732] C:\Windows\syswow64\USER32.dll!PostThreadMessageA 0000000076413c61 6 bytes {JMP QWORD [RIP+0x7162001e]}
.text C:\Program Files (x86)\Common Files\Comodo\GeekBuddyRSP.exe[1732] C:\Windows\syswow64\USER32.dll!SendMessageA 000000007641612e 6 bytes {JMP QWORD [RIP+0x715c001e]}
.text C:\Program Files (x86)\Common Files\Comodo\GeekBuddyRSP.exe[1732] C:\Windows\syswow64\USER32.dll!SystemParametersInfoA 0000000076416c30 6 bytes {JMP QWORD [RIP+0x711d001e]}
.text C:\Program Files (x86)\Common Files\Comodo\GeekBuddyRSP.exe[1732] C:\Windows\syswow64\USER32.dll!SetWindowsHookExW 0000000076417603 6 bytes {JMP QWORD [RIP+0x716e001e]}
.text C:\Program Files (x86)\Common Files\Comodo\GeekBuddyRSP.exe[1732] C:\Windows\syswow64\USER32.dll!SendNotifyMessageW 0000000076417668 6 bytes {JMP QWORD [RIP+0x7147001e]}
.text C:\Program Files (x86)\Common Files\Comodo\GeekBuddyRSP.exe[1732] C:\Windows\syswow64\USER32.dll!SendMessageCallbackW 00000000764176e0 6 bytes {JMP QWORD [RIP+0x714d001e]}
.text C:\Program Files (x86)\Common Files\Comodo\GeekBuddyRSP.exe[1732] C:\Windows\syswow64\USER32.dll!SendMessageTimeoutA 000000007641781f 6 bytes {JMP QWORD [RIP+0x7156001e]}
.text C:\Program Files (x86)\Common Files\Comodo\GeekBuddyRSP.exe[1732] C:\Windows\syswow64\USER32.dll!SetWindowsHookExA 000000007641835c 6 bytes {JMP QWORD [RIP+0x7171001e]}
.text C:\Program Files (x86)\Common Files\Comodo\GeekBuddyRSP.exe[1732] C:\Windows\syswow64\USER32.dll!SetClipboardViewer 000000007641c4b6 3 bytes [FF, 25, 1E]
.text C:\Program Files (x86)\Common Files\Comodo\GeekBuddyRSP.exe[1732] C:\Windows\syswow64\USER32.dll!SetClipboardViewer + 4 000000007641c4ba 2 bytes [29, 71]
.text C:\Program Files (x86)\Common Files\Comodo\GeekBuddyRSP.exe[1732] C:\Windows\syswow64\USER32.dll!SendDlgItemMessageA 000000007642c112 6 bytes {JMP QWORD [RIP+0x7144001e]}
.text C:\Program Files (x86)\Common Files\Comodo\GeekBuddyRSP.exe[1732] C:\Windows\syswow64\USER32.dll!SendDlgItemMessageW 000000007642d0f5 6 bytes {JMP QWORD [RIP+0x7141001e]}
.text C:\Program Files (x86)\Common Files\Comodo\GeekBuddyRSP.exe[1732] C:\Windows\syswow64

#12 GigabitPony

GigabitPony
  • Topic Starter

  • Members
  • 14 posts
  • OFFLINE
  •  
  • Local time:01:16 PM

Posted 16 January 2013 - 07:49 PM

Okay I am attaching the files. The logs are huge..

I will upload the other to my drive and give oyu the link, it is 762kb
Here is the Gmer Log
https://docs.google.com/document/d/1RuI_3spWQQ1t0V4a8uDea9i5wQx-_NwAfPn4eMK8S9Y/edit

Attached Files


Edited by GigabitPony, 16 January 2013 - 07:57 PM.


#13 fireman4it

fireman4it

    Bleepin' Fireman


  • Malware Response Team
  • 13,512 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Greenup, Ill USA
  • Local time:01:16 PM

Posted 16 January 2013 - 09:54 PM

https://docs.google.com/document/d/1RuI_3spWQQ1t0V4a8uDea9i5wQx-_NwAfPn4eMK8S9Y/edit

That does not give me the gmer log check your link. I am also looking for the TDssKiller log which should have been run before these others. I'm also wanting the answer to my questions about which browser or is it every browser redirecting? Have you reset your router?

" Extinguishing Malware from the world"

The Virus, Trojan, Spyware, and Malware Removal forum is very busy. If I'm helping you and I've not posted back within 24 hrs., send a PM with your topic link. Thank you.

ALL OTHER HELP REQUESTS VIA THE PM SYSTEM WILL BE IGNORED. The Forums are there for a reason!
Thanks-


  userbar_eis_500.gif

If I have helped you, consider making a donation to help me continue the fight against Malware! Just click btn_donate_LG.gif


#14 GigabitPony

GigabitPony
  • Topic Starter

  • Members
  • 14 posts
  • OFFLINE
  •  
  • Local time:01:16 PM

Posted 16 January 2013 - 11:55 PM

Ah yes It is Firefox that has been doing it. I have reinstalled it when I reformatted. The router has been reset once. I can do it again to make sure.
Also Let me pull the tdsskiller log again.

19:01:53.0091 2924 TDSS rootkit removing tool 2.8.15.0 Oct 31 2012 21:47:35
19:01:53.0481 2924 ============================================================
19:01:53.0481 2924 Current date / time: 2013/01/16 19:01:53.0481
19:01:53.0481 2924 SystemInfo:
19:01:53.0481 2924
19:01:53.0481 2924 OS Version: 6.1.7601 ServicePack: 1.0
19:01:53.0481 2924 Product type: Workstation
19:01:53.0481 2924 ComputerName: GIGABITPONY-PC
19:01:53.0481 2924 UserName: GigabitPony
19:01:53.0481 2924 Windows directory: C:\Windows
19:01:53.0481 2924 System windows directory: C:\Windows
19:01:53.0481 2924 Running under WOW64
19:01:53.0481 2924 Processor architecture: Intel x64
19:01:53.0481 2924 Number of processors: 4
19:01:53.0481 2924 Page size: 0x1000
19:01:53.0481 2924 Boot type: Normal boot
19:01:53.0481 2924 ============================================================
19:01:54.0308 2924 BG loaded
19:01:54.0458 2924 Drive \Device\Harddisk0\DR0 - Size: 0x9516AE000 (37.27 Gb), SectorSize: 0x200, Cylinders: 0x1301, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
19:01:54.0468 2924 Drive \Device\Harddisk1\DR1 - Size: 0x74707FDE00 (465.76 Gb), SectorSize: 0x200, Cylinders: 0xED80, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
19:01:54.0478 2924 Drive \Device\Harddisk2\DR2 - Size: 0x1DD180000 (7.45 Gb), SectorSize: 0x200, Cylinders: 0x3CD, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'W'
19:01:54.0478 2924 ============================================================
19:01:54.0478 2924 \Device\Harddisk0\DR0:
19:01:54.0478 2924 MBR partitions:
19:01:54.0478 2924 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x32000
19:01:54.0478 2924 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x32800, BlocksNum 0x4A58000
19:01:54.0478 2924 \Device\Harddisk1\DR1:
19:01:54.0478 2924 MBR partitions:
19:01:54.0478 2924 \Device\Harddisk1\DR1\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0xC350000
19:01:54.0478 2924 \Device\Harddisk1\DR1\Partition2: MBR, Type 0x7, StartLBA 0xC350800, BlocksNum 0x1E848000
19:01:54.0478 2924 \Device\Harddisk1\DR1\Partition3: MBR, Type 0x7, StartLBA 0x2AB98800, BlocksNum 0xF7EA000
19:01:54.0478 2924 \Device\Harddisk2\DR2:
19:01:54.0478 2924 MBR partitions:
19:01:54.0478 2924 \Device\Harddisk2\DR2\Partition1: MBR, Type 0xC, StartLBA 0x3F, BlocksNum 0xEE8BC1
19:01:54.0478 2924 ============================================================
19:01:54.0478 2924 C: <-> \Device\Harddisk0\DR0\Partition2
19:01:54.0503 2924 D: <-> \Device\Harddisk1\DR1\Partition1
19:01:54.0535 2924 E: <-> \Device\Harddisk1\DR1\Partition2
19:01:54.0550 2924 Z: <-> \Device\Harddisk1\DR1\Partition3
19:01:54.0550 2924 ============================================================
19:01:54.0550 2924 Initialize success
19:01:54.0550 2924 ============================================================
19:02:04.0338 4592 ============================================================
19:02:04.0338 4592 Scan started
19:02:04.0338 4592 Mode: Manual;
19:02:04.0338 4592 ============================================================
19:02:04.0957 4592 ================ Scan system memory ========================
19:02:04.0957 4592 System memory - ok
19:02:04.0957 4592 ================ Scan services =============================
19:02:05.0032 4592 [ A87D604AEA360176311474C87A63BB88 ] 1394ohci C:\Windows\system32\drivers\1394ohci.sys
19:02:05.0033 4592 1394ohci - ok
19:02:05.0040 4592 [ D81D9E70B8A6DD14D42D7B4EFA65D5F2 ] ACPI C:\Windows\system32\drivers\ACPI.sys
19:02:05.0041 4592 ACPI - ok
19:02:05.0044 4592 [ 99F8E788246D495CE3794D7E7821D2CA ] AcpiPmi C:\Windows\system32\drivers\acpipmi.sys
19:02:05.0045 4592 AcpiPmi - ok
19:02:05.0053 4592 [ 2F6B34B83843F0C5118B63AC634F5BF4 ] adp94xx C:\Windows\system32\DRIVERS\adp94xx.sys
19:02:05.0055 4592 adp94xx - ok
19:02:05.0062 4592 [ 597F78224EE9224EA1A13D6350CED962 ] adpahci C:\Windows\system32\DRIVERS\adpahci.sys
19:02:05.0064 4592 adpahci - ok
19:02:05.0069 4592 [ E109549C90F62FB570B9540C4B148E54 ] adpu320 C:\Windows\system32\DRIVERS\adpu320.sys
19:02:05.0070 4592 adpu320 - ok
19:02:05.0075 4592 [ 4B78B431F225FD8624C5655CB1DE7B61 ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
19:02:05.0076 4592 AeLookupSvc - ok
19:02:05.0085 4592 [ 1C7857B62DE5994A75B054A9FD4C3825 ] AFD C:\Windows\system32\drivers\afd.sys
19:02:05.0087 4592 AFD - ok
19:02:05.0091 4592 [ 608C14DBA7299D8CB6ED035A68A15799 ] agp440 C:\Windows\system32\drivers\agp440.sys
19:02:05.0092 4592 agp440 - ok
19:02:05.0095 4592 [ 3290D6946B5E30E70414990574883DDB ] ALG C:\Windows\System32\alg.exe
19:02:05.0096 4592 ALG - ok
19:02:05.0099 4592 [ 5812713A477A3AD7363C7438CA2EE038 ] aliide C:\Windows\system32\drivers\aliide.sys
19:02:05.0099 4592 aliide - ok
19:02:05.0104 4592 [ 4C1E3649C89C7D542CD18ECC5210099D ] AMD External Events Utility C:\Windows\system32\atiesrxx.exe
19:02:05.0105 4592 AMD External Events Utility - ok
19:02:05.0109 4592 AMD FUEL Service - ok
19:02:05.0113 4592 [ 1FF8B4431C353CE385C875F194924C0C ] amdide C:\Windows\system32\drivers\amdide.sys
19:02:05.0113 4592 amdide - ok
19:02:05.0118 4592 [ 7024F087CFF1833A806193EF9D22CDA9 ] AmdK8 C:\Windows\system32\DRIVERS\amdk8.sys
19:02:05.0118 4592 AmdK8 - ok
19:02:05.0228 4592 [ A3C0A15B39F979E8F3EABA901D72ECD7 ] amdkmdag C:\Windows\system32\DRIVERS\atikmdag.sys
19:02:05.0271 4592 amdkmdag - ok
19:02:05.0281 4592 [ 20F3CD38B107C1BD747C0EA37D450165 ] amdkmdap C:\Windows\system32\DRIVERS\atikmpag.sys
19:02:05.0283 4592 amdkmdap - ok
19:02:05.0287 4592 [ 1E56388B3FE0D031C44144EB8C4D6217 ] AmdPPM C:\Windows\system32\DRIVERS\amdppm.sys
19:02:05.0287 4592 AmdPPM - ok
19:02:05.0291 4592 [ D4121AE6D0C0E7E13AA221AA57EF2D49 ] amdsata C:\Windows\system32\drivers\amdsata.sys
19:02:05.0292 4592 amdsata - ok
19:02:05.0298 4592 [ F67F933E79241ED32FF46A4F29B5120B ] amdsbs C:\Windows\system32\DRIVERS\amdsbs.sys
19:02:05.0299 4592 amdsbs - ok
19:02:05.0302 4592 [ 540DAF1CEA6094886D72126FD7C33048 ] amdxata C:\Windows\system32\drivers\amdxata.sys
19:02:05.0303 4592 amdxata - ok
19:02:05.0306 4592 [ 5A528A540B1AEE8B1C77ED65094E8CDF ] AODDriver4.2 C:\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys
19:02:05.0306 4592 AODDriver4.2 - ok
19:02:05.0310 4592 [ 89A69C3F2F319B43379399547526D952 ] AppID C:\Windows\system32\drivers\appid.sys
19:02:05.0311 4592 AppID - ok
19:02:05.0314 4592 [ 0BC381A15355A3982216F7172F545DE1 ] AppIDSvc C:\Windows\System32\appidsvc.dll
19:02:05.0314 4592 AppIDSvc - ok
19:02:05.0318 4592 [ 3977D4A871CA0D4F2ED1E7DB46829731 ] Appinfo C:\Windows\System32\appinfo.dll
19:02:05.0319 4592 Appinfo - ok
19:02:05.0329 4592 [ 4ABA3E75A76195A3E38ED2766C962899 ] AppMgmt C:\Windows\System32\appmgmts.dll
19:02:05.0330 4592 AppMgmt - ok
19:02:05.0334 4592 [ C484F8CEB1717C540242531DB7845C4E ] arc C:\Windows\system32\DRIVERS\arc.sys
19:02:05.0334 4592 arc - ok
19:02:05.0339 4592 [ 019AF6924AEFE7839F61C830227FE79C ] arcsas C:\Windows\system32\DRIVERS\arcsas.sys
19:02:05.0339 4592 arcsas - ok
19:02:05.0342 4592 [ 769765CE2CC62867468CEA93969B2242 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys
19:02:05.0343 4592 AsyncMac - ok
19:02:05.0346 4592 [ 02062C0B390B7729EDC9E69C680A6F3C ] atapi C:\Windows\system32\drivers\atapi.sys
19:02:05.0346 4592 atapi - ok
19:02:05.0351 4592 [ B0790FF0E25B7A2674296052F2162C1A ] AtiHDAudioService C:\Windows\system32\drivers\AtihdW76.sys
19:02:05.0352 4592 AtiHDAudioService - ok
19:02:05.0363 4592 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
19:02:05.0366 4592 AudioEndpointBuilder - ok
19:02:05.0376 4592 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioSrv C:\Windows\System32\Audiosrv.dll
19:02:05.0379 4592 AudioSrv - ok
19:02:05.0383 4592 [ A6BF31A71B409DFA8CAC83159E1E2AFF ] AxInstSV C:\Windows\System32\AxInstSV.dll
19:02:05.0384 4592 AxInstSV - ok
19:02:05.0392 4592 [ 3E5B191307609F7514148C6832BB0842 ] b06bdrv C:\Windows\system32\DRIVERS\bxvbda.sys
19:02:05.0395 4592 b06bdrv - ok
19:02:05.0401 4592 [ B5ACE6968304A3900EEB1EBFD9622DF2 ] b57nd60a C:\Windows\system32\DRIVERS\b57nd60a.sys
19:02:05.0402 4592 b57nd60a - ok
19:02:05.0407 4592 [ FDE360167101B4E45A96F939F388AEB0 ] BDESVC C:\Windows\System32\bdesvc.dll
19:02:05.0408 4592 BDESVC - ok
19:02:05.0411 4592 [ 16A47CE2DECC9B099349A5F840654746 ] Beep C:\Windows\system32\drivers\Beep.sys
19:02:05.0412 4592 Beep - ok
19:02:05.0424 4592 [ 82974D6A2FD19445CC5171FC378668A4 ] BFE C:\Windows\System32\bfe.dll
19:02:05.0427 4592 BFE - ok
19:02:05.0440 4592 [ 1EA7969E3271CBC59E1730697DC74682 ] BITS C:\Windows\System32\qmgr.dll
19:02:05.0444 4592 BITS - ok
19:02:05.0447 4592 [ 61583EE3C3A17003C4ACD0475646B4D3 ] blbdrive C:\Windows\system32\DRIVERS\blbdrive.sys
19:02:05.0448 4592 blbdrive - ok
19:02:05.0452 4592 [ 6C02A83164F5CC0A262F4199F0871CF5 ] bowser C:\Windows\system32\DRIVERS\bowser.sys
19:02:05.0453 4592 bowser - ok
19:02:05.0456 4592 [ F09EEE9EDC320B5E1501F749FDE686C8 ] BrFiltLo C:\Windows\system32\DRIVERS\BrFiltLo.sys
19:02:05.0456 4592 BrFiltLo - ok
19:02:05.0459 4592 [ B114D3098E9BDB8BEA8B053685831BE6 ] BrFiltUp C:\Windows\system32\DRIVERS\BrFiltUp.sys
19:02:05.0460 4592 BrFiltUp - ok
19:02:05.0464 4592 [ 05F5A0D14A2EE1D8255C2AA0E9E8E694 ] Browser C:\Windows\System32\browser.dll
19:02:05.0465 4592 Browser - ok
19:02:05.0471 4592 [ 43BEA8D483BF1870F018E2D02E06A5BD ] Brserid C:\Windows\System32\Drivers\Brserid.sys
19:02:05.0473 4592 Brserid - ok
19:02:05.0476 4592 [ A6ECA2151B08A09CACECA35C07F05B42 ] BrSerWdm C:\Windows\System32\Drivers\BrSerWdm.sys
19:02:05.0476 4592 BrSerWdm - ok
19:02:05.0480 4592 [ B79968002C277E869CF38BD22CD61524 ] BrUsbMdm C:\Windows\System32\Drivers\BrUsbMdm.sys
19:02:05.0481 4592 BrUsbMdm - ok
19:02:05.0483 4592 [ A87528880231C54E75EA7A44943B38BF ] BrUsbSer C:\Windows\System32\Drivers\BrUsbSer.sys
19:02:05.0484 4592 BrUsbSer - ok
19:02:05.0488 4592 [ 9DA669F11D1F894AB4EB69BF546A42E8 ] BTHMODEM C:\Windows\system32\DRIVERS\bthmodem.sys
19:02:05.0488 4592 BTHMODEM - ok
19:02:05.0493 4592 [ 95F9C2976059462CBBF227F7AAB10DE9 ] bthserv C:\Windows\system32\bthserv.dll
19:02:05.0494 4592 bthserv - ok
19:02:05.0498 4592 [ B8BD2BB284668C84865658C77574381A ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
19:02:05.0498 4592 cdfs - ok
19:02:05.0503 4592 [ F036CE71586E93D94DAB220D7BDF4416 ] cdrom C:\Windows\system32\drivers\cdrom.sys
19:02:05.0504 4592 cdrom - ok
19:02:05.0508 4592 [ F17D1D393BBC69C5322FBFAFACA28C7F ] CertPropSvc C:\Windows\System32\certprop.dll
19:02:05.0508 4592 CertPropSvc - ok
19:02:05.0511 4592 CFRMD - ok
19:02:05.0515 4592 [ D7CD5C4E1B71FA62050515314CFB52CF ] circlass C:\Windows\system32\DRIVERS\circlass.sys
19:02:05.0515 4592 circlass - ok
19:02:05.0522 4592 [ FE1EC06F2253F691FE36217C592A0206 ] CLFS C:\Windows\system32\CLFS.sys
19:02:05.0524 4592 CLFS - ok
19:02:05.0529 4592 [ 5EFF2D9DC1D80C1934DE81321599C8DB ] CLPSLauncher C:\Program Files (x86)\Common Files\Comodo\launcher_service.exe
19:02:05.0529 4592 CLPSLauncher - ok
19:02:05.0536 4592 [ D88040F816FDA31C3B466F0FA0918F29 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
19:02:05.0538 4592 clr_optimization_v2.0.50727_32 - ok
19:02:05.0544 4592 [ D1CEEA2B47CB998321C579651CE3E4F8 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
19:02:05.0545 4592 clr_optimization_v2.0.50727_64 - ok
19:02:05.0553 4592 [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
19:02:05.0558 4592 clr_optimization_v4.0.30319_32 - ok
19:02:05.0566 4592 [ C6F9AF94DCD58122A4D7E89DB6BED29D ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
19:02:05.0567 4592 clr_optimization_v4.0.30319_64 - ok
19:02:05.0570 4592 [ 0840155D0BDDF1190F84A663C284BD33 ] CmBatt C:\Windows\system32\DRIVERS\CmBatt.sys
19:02:05.0571 4592 CmBatt - ok
19:02:05.0653 4592 [ A8D8C1A401A2C50714A7C60F67E63657 ] cmdAgent D:\Programs\COMODO\COMODO Internet Security\cmdagent.exe
19:02:05.0667 4592 cmdAgent - ok
19:02:05.0673 4592 [ 304A483EAA36A902528A270B2355B81A ] cmderd C:\Windows\system32\DRIVERS\cmderd.sys
19:02:05.0673 4592 cmderd - ok
19:02:05.0692 4592 [ 548573D78FDD43DE2ADE2DDA7A5644AC ] cmdGuard C:\Windows\system32\DRIVERS\cmdguard.sys
19:02:05.0695 4592 cmdGuard - ok
19:02:05.0699 4592 [ E19D3F095812725D88F9001985B94EDD ] cmdide C:\Windows\system32\drivers\cmdide.sys
19:02:05.0699 4592 cmdide - ok
19:02:05.0707 4592 [ 385513BBCE70F13AB634CBBB0CA2A55B ] cmdvirth D:\Programs\COMODO\COMODO Internet Security\cmdvirth.exe
19:02:05.0708 4592 cmdvirth - ok
19:02:05.0717 4592 [ AAFCB52FE0037207FB6FBEA070D25EFE ] CNG C:\Windows\system32\Drivers\cng.sys
19:02:05.0719 4592 CNG - ok
19:02:05.0722 4592 [ 102DE219C3F61415F964C88E9085AD14 ] Compbatt C:\Windows\system32\DRIVERS\compbatt.sys
19:02:05.0723 4592 Compbatt - ok
19:02:05.0727 4592 [ 03EDB043586CCEBA243D689BDDA370A8 ] CompositeBus C:\Windows\system32\drivers\CompositeBus.sys
19:02:05.0727 4592 CompositeBus - ok
19:02:05.0730 4592 COMSysApp - ok
19:02:05.0734 4592 [ 1C827878A998C18847245FE1F34EE597 ] crcdisk C:\Windows\system32\DRIVERS\crcdisk.sys
19:02:05.0735 4592 crcdisk - ok
19:02:05.0741 4592 [ 9C01375BE382E834CC26D1B7EAF2C4FE ] CryptSvc C:\Windows\system32\cryptsvc.dll
19:02:05.0742 4592 CryptSvc - ok
19:02:05.0751 4592 [ 54DA3DFD29ED9F1619B6F53F3CE55E49 ] CSC C:\Windows\system32\drivers\csc.sys
19:02:05.0754 4592 CSC - ok
19:02:05.0764 4592 [ 3AB183AB4D2C79DCF459CD2C1266B043 ] CscService C:\Windows\System32\cscsvc.dll
19:02:05.0767 4592 CscService - ok
19:02:05.0779 4592 [ 5C627D1B1138676C0A7AB2C2C190D123 ] DcomLaunch C:\Windows\system32\rpcss.dll
19:02:05.0782 4592 DcomLaunch - ok
19:02:05.0789 4592 [ 3CEC7631A84943677AA8FA8EE5B6B43D ] defragsvc C:\Windows\System32\defragsvc.dll
19:02:05.0793 4592 defragsvc - ok
19:02:05.0797 4592 [ 9BB2EF44EAA163B29C4A4587887A0FE4 ] DfsC C:\Windows\system32\Drivers\dfsc.sys
19:02:05.0797 4592 DfsC - ok
19:02:05.0804 4592 [ 43D808F5D9E1A18E5EEB5EBC83969E4E ] Dhcp C:\Windows\system32\dhcpcore.dll
19:02:05.0806 4592 Dhcp - ok
19:02:05.0809 4592 [ 13096B05847EC78F0977F2C0F79E9AB3 ] discache C:\Windows\system32\drivers\discache.sys
19:02:05.0809 4592 discache - ok
19:02:05.0813 4592 [ 9819EEE8B5EA3784EC4AF3B137A5244C ] Disk C:\Windows\system32\DRIVERS\disk.sys
19:02:05.0813 4592 Disk - ok
19:02:05.0818 4592 [ 16835866AAA693C7D7FCEBA8FFF706E4 ] Dnscache C:\Windows\System32\dnsrslvr.dll
19:02:05.0820 4592 Dnscache - ok
19:02:05.0825 4592 [ B1FB3DDCA0FDF408750D5843591AFBC6 ] dot3svc C:\Windows\System32\dot3svc.dll
19:02:05.0827 4592 dot3svc - ok
19:02:05.0832 4592 [ B26F4F737E8F9DF4F31AF6CF31D05820 ] DPS C:\Windows\system32\dps.dll
19:02:05.0833 4592 DPS - ok
19:02:05.0861 4592 [ C2A43D645FCC1DD154DF6CE029ED5C48 ] DragonUpdater C:\Program Files (x86)\Comodo\Dragon\dragon_updater.exe
19:02:05.0869 4592 DragonUpdater - ok
19:02:05.0872 4592 [ 9B19F34400D24DF84C858A421C205754 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
19:02:05.0872 4592 drmkaud - ok
19:02:05.0888 4592 [ F5BEE30450E18E6B83A5012C100616FD ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
19:02:05.0892 4592 DXGKrnl - ok
19:02:05.0897 4592 [ E2DDA8726DA9CB5B2C4000C9018A9633 ] EapHost C:\Windows\System32\eapsvc.dll
19:02:05.0898 4592 EapHost - ok
19:02:05.0942 4592 [ DC5D737F51BE844D8C82C695EB17372F ] ebdrv C:\Windows\system32\DRIVERS\evbda.sys
19:02:05.0955 4592 ebdrv - ok
19:02:05.0960 4592 [ C118A82CD78818C29AB228366EBF81C3 ] EFS C:\Windows\System32\lsass.exe
19:02:05.0960 4592 EFS - ok
19:02:05.0973 4592 [ C4002B6B41975F057D98C439030CEA07 ] ehRecvr C:\Windows\ehome\ehRecvr.exe
19:02:05.0976 4592 ehRecvr - ok
19:02:05.0980 4592 [ 4705E8EF9934482C5BB488CE28AFC681 ] ehSched C:\Windows\ehome\ehsched.exe
19:02:05.0981 4592 ehSched - ok
19:02:05.0990 4592 [ 0E5DA5369A0FCAEA12456DD852545184 ] elxstor C:\Windows\system32\DRIVERS\elxstor.sys
19:02:05.0993 4592 elxstor - ok
19:02:05.0996 4592 [ 34A3C54752046E79A126E15C51DB409B ] ErrDev C:\Windows\system32\drivers\errdev.sys
19:02:05.0996 4592 ErrDev - ok
19:02:06.0007 4592 [ 4166F82BE4D24938977DD1746BE9B8A0 ] EventSystem C:\Windows\system32\es.dll
19:02:06.0009 4592 EventSystem - ok
19:02:06.0015 4592 [ A510C654EC00C1E9BDD91EEB3A59823B ] exfat C:\Windows\system32\drivers\exfat.sys
19:02:06.0018 4592 exfat - ok
19:02:06.0023 4592 [ 0ADC83218B66A6DB380C330836F3E36D ] fastfat C:\Windows\system32\drivers\fastfat.sys
19:02:06.0024 4592 fastfat - ok
19:02:06.0036 4592 [ DBEFD454F8318A0EF691FDD2EAAB44EB ] Fax C:\Windows\system32\fxssvc.exe
19:02:06.0039 4592 Fax - ok
19:02:06.0043 4592 [ D765D19CD8EF61F650C384F62FAC00AB ] fdc C:\Windows\system32\DRIVERS\fdc.sys
19:02:06.0043 4592 fdc - ok
19:02:06.0047 4592 [ 0438CAB2E03F4FB61455A7956026FE86 ] fdPHost C:\Windows\system32\fdPHost.dll
19:02:06.0047 4592 fdPHost - ok
19:02:06.0051 4592 [ 802496CB59A30349F9A6DD22D6947644 ] FDResPub C:\Windows\system32\fdrespub.dll
19:02:06.0052 4592 FDResPub - ok
19:02:06.0055 4592 [ 655661BE46B5F5F3FD454E2C3095B930 ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
19:02:06.0056 4592 FileInfo - ok
19:02:06.0059 4592 [ 5F671AB5BC87EEA04EC38A6CD5962A47 ] Filetrace C:\Windows\system32\drivers\filetrace.sys
19:02:06.0060 4592 Filetrace - ok
19:02:06.0063 4592 [ C172A0F53008EAEB8EA33FE10E177AF5 ] flpydisk C:\Windows\system32\DRIVERS\flpydisk.sys
19:02:06.0063 4592 flpydisk - ok
19:02:06.0070 4592 [ DA6B67270FD9DB3697B20FCE94950741 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
19:02:06.0071 4592 FltMgr - ok
19:02:06.0087 4592 [ 5C4CB4086FB83115B153E47ADD961A0C ] FontCache C:\Windows\system32\FntCache.dll
19:02:06.0092 4592 FontCache - ok
19:02:06.0096 4592 [ A8B7F3818AB65695E3A0BB3279F6DCE6 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
19:02:06.0097 4592 FontCache3.0.0.0 - ok
19:02:06.0100 4592 [ D43703496149971890703B4B1B723EAC ] FsDepends C:\Windows\system32\drivers\FsDepends.sys
19:02:06.0101 4592 FsDepends - ok
19:02:06.0104 4592 [ 6BD9295CC032DD3077C671FCCF579A7B ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
19:02:06.0105 4592 Fs_Rec - ok
19:02:06.0110 4592 [ 1F7B25B858FA27015169FE95E54108ED ] fvevol C:\Windows\system32\DRIVERS\fvevol.sys
19:02:06.0111 4592 fvevol - ok
19:02:06.0114 4592 [ 8C778D335C9D272CFD3298AB02ABE3B6 ] gagp30kx C:\Windows\system32\DRIVERS\gagp30kx.sys
19:02:06.0115 4592 gagp30kx - ok
19:02:06.0136 4592 [ 24B6902AE2735C7C8ED6670E5E323EC9 ] GeekBuddyRSP C:\Program Files (x86)\Common Files\Comodo\GeekBuddyRSP.exe
19:02:06.0144 4592 GeekBuddyRSP - ok
19:02:06.0157 4592 [ 277BBC7E1AA1EE957F573A10ECA7EF3A ] gpsvc C:\Windows\System32\gpsvc.dll
19:02:06.0161 4592 gpsvc - ok
19:02:06.0165 4592 [ 506708142BC63DABA64F2D3AD1DCD5BF ] gupdate C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
19:02:06.0166 4592 gupdate - ok
19:02:06.0169 4592 [ 506708142BC63DABA64F2D3AD1DCD5BF ] gupdatem C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
19:02:06.0170 4592 gupdatem - ok
19:02:06.0173 4592 [ F2523EF6460FC42405B12248338AB2F0 ] hcw85cir C:\Windows\system32\drivers\hcw85cir.sys
19:02:06.0173 4592 hcw85cir - ok
19:02:06.0180 4592 [ 975761C778E33CD22498059B91E7373A ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
19:02:06.0181 4592 HdAudAddService - ok
19:02:06.0187 4592 [ 97BFED39B6B79EB12CDDBFEED51F56BB ] HDAudBus C:\Windows\system32\drivers\HDAudBus.sys
19:02:06.0187 4592 HDAudBus - ok
19:02:06.0191 4592 [ 78E86380454A7B10A5EB255DC44A355F ] HidBatt C:\Windows\system32\DRIVERS\HidBatt.sys
19:02:06.0191 4592 HidBatt - ok
19:02:06.0195 4592 [ 7FD2A313F7AFE5C4DAB14798C48DD104 ] HidBth C:\Windows\system32\DRIVERS\hidbth.sys
19:02:06.0196 4592 HidBth - ok
19:02:06.0199 4592 [ 0A77D29F311B88CFAE3B13F9C1A73825 ] HidIr C:\Windows\system32\DRIVERS\hidir.sys
19:02:06.0200 4592 HidIr - ok
19:02:06.0203 4592 [ BD9EB3958F213F96B97B1D897DEE006D ] hidserv C:\Windows\system32\hidserv.dll
19:02:06.0203 4592 hidserv - ok
19:02:06.0207 4592 [ 9592090A7E2B61CD582B612B6DF70536 ] HidUsb C:\Windows\system32\DRIVERS\hidusb.sys
19:02:06.0207 4592 HidUsb - ok
19:02:06.0212 4592 [ 9C66FEEFCA9D5DD712AB78D17BB16DA8 ] HitmanProScheduler C:\Program Files\HitmanPro\hmpsched.exe
19:02:06.0213 4592 HitmanProScheduler - ok
19:02:06.0218 4592 [ 387E72E739E15E3D37907A86D9FF98E2 ] hkmsvc C:\Windows\system32\kmsvc.dll
19:02:06.0219 4592 hkmsvc - ok
19:02:06.0224 4592 [ EFDFB3DD38A4376F93E7985173813ABD ] HomeGroupListener C:\Windows\system32\ListSvc.dll
19:02:06.0225 4592 HomeGroupListener - ok
19:02:06.0230 4592 [ 908ACB1F594274965A53926B10C81E89 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
19:02:06.0232 4592 HomeGroupProvider - ok
19:02:06.0235 4592 [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC ] HpSAMD C:\Windows\system32\drivers\HpSAMD.sys
19:02:06.0236 4592 HpSAMD - ok
19:02:06.0246 4592 [ 0EA7DE1ACB728DD5A369FD742D6EEE28 ] HTTP C:\Windows\system32\drivers\HTTP.sys
19:02:06.0249 4592 HTTP - ok
19:02:06.0253 4592 [ A5462BD6884960C9DC85ED49D34FF392 ] hwpolicy C:\Windows\system32\drivers\hwpolicy.sys
19:02:06.0253 4592 hwpolicy - ok
19:02:06.0258 4592 [ FA55C73D4AFFA7EE23AC4BE53B4592D3 ] i8042prt C:\Windows\system32\drivers\i8042prt.sys
19:02:06.0258 4592 i8042prt - ok
19:02:06.0266 4592 [ AAAF44DB3BD0B9D1FB6969B23ECC8366 ] iaStorV C:\Windows\system32\drivers\iaStorV.sys
19:02:06.0268 4592 iaStorV - ok
19:02:06.0281 4592 [ 5988FC40F8DB5B0739CD1E3A5D0D78BD ] idsvc C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
19:02:06.0285 4592 idsvc - ok
19:02:06.0288 4592 [ 5C18831C61933628F5BB0EA2675B9D21 ] iirsp C:\Windows\system32\DRIVERS\iirsp.sys
19:02:06.0289 4592 iirsp - ok
19:02:06.0301 4592 [ FCD84C381E0140AF901E58D48882D26B ] IKEEXT C:\Windows\System32\ikeext.dll
19:02:06.0305 4592 IKEEXT - ok
19:02:06.0312 4592 [ F00F20E70C6EC3AA366910083A0518AA ] intelide C:\Windows\system32\drivers\intelide.sys
19:02:06.0313 4592 intelide - ok
19:02:06.0317 4592 [ ADA036632C664CAA754079041CF1F8C1 ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys
19:02:06.0318 4592 intelppm - ok
19:02:06.0322 4592 [ 098A91C54546A3B878DAD6A7E90A455B ] IPBusEnum C:\Windows\system32\ipbusenum.dll
19:02:06.0323 4592 IPBusEnum - ok
19:02:06.0327 4592 [ C9F0E1BD74365A8771590E9008D22AB6 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
19:02:06.0328 4592 IpFilterDriver - ok
19:02:06.0338 4592 [ 08C2957BB30058E663720C5606885653 ] iphlpsvc C:\Windows\System32\iphlpsvc.dll
19:02:06.0341 4592 iphlpsvc - ok
19:02:06.0346 4592 [ 0FC1AEA580957AA8817B8F305D18CA3A ] IPMIDRV C:\Windows\system32\drivers\IPMIDrv.sys
19:02:06.0346 4592 IPMIDRV - ok
19:02:06.0351 4592 [ AF9B39A7E7B6CAA203B3862582E9F2D0 ] IPNAT C:\Windows\system32\drivers\ipnat.sys
19:02:06.0352 4592 IPNAT - ok
19:02:06.0355 4592 [ 3ABF5E7213EB28966D55D58B515D5CE9 ] IRENUM C:\Windows\system32\drivers\irenum.sys
19:02:06.0356 4592 IRENUM - ok
19:02:06.0359 4592 [ 2F7B28DC3E1183E5EB418DF55C204F38 ] isapnp C:\Windows\system32\drivers\isapnp.sys
19:02:06.0360 4592 isapnp - ok
19:02:06.0367 4592 [ D931D7309DEB2317035B07C9F9E6B0BD ] iScsiPrt C:\Windows\system32\drivers\msiscsi.sys
19:02:06.0368 4592 iScsiPrt - ok
19:02:06.0372 4592 [ BC02336F1CBA7DCC7D1213BB588A68A5 ] kbdclass C:\Windows\system32\DRIVERS\kbdclass.sys
19:02:06.0372 4592 kbdclass - ok
19:02:06.0375 4592 [ 0705EFF5B42A9DB58548EEC3B26BB484 ] kbdhid C:\Windows\system32\DRIVERS\kbdhid.sys
19:02:06.0376 4592 kbdhid - ok
19:02:06.0380 4592 [ C118A82CD78818C29AB228366EBF81C3 ] KeyIso C:\Windows\system32\lsass.exe
19:02:06.0381 4592 KeyIso - ok
19:02:06.0385 4592 [ 97A7070AEA4C058B6418519E869A63B4 ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
19:02:06.0386 4592 KSecDD - ok
19:02:06.0390 4592 [ 7EFB9333E4ECCE6AE4AE9D777D9E553E ] KSecPkg C:\Windows\system32\Drivers\ksecpkg.sys
19:02:06.0391 4592 KSecPkg - ok
19:02:06.0394 4592 [ 6869281E78CB31A43E969F06B57347C4 ] ksthunk C:\Windows\system32\drivers\ksthunk.sys
19:02:06.0394 4592 ksthunk - ok
19:02:06.0401 4592 [ 6AB66E16AA859232F64DEB66887A8C9C ] KtmRm C:\Windows\system32\msdtckrm.dll
19:02:06.0406 4592 KtmRm - ok
19:02:06.0412 4592 [ D9F42719019740BAA6D1C6D536CBDAA6 ] LanmanServer C:\Windows\system32\srvsvc.dll
19:02:06.0414 4592 LanmanServer - ok
19:02:06.0418 4592 [ 851A1382EED3E3A7476DB004F4EE3E1A ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
19:02:06.0420 4592 LanmanWorkstation - ok
19:02:06.0424 4592 [ FA529FB35694C24BF98A9EF67C1CD9D0 ] LGBusEnum C:\Windows\system32\drivers\LGBusEnum.sys
19:02:06.0425 4592 LGBusEnum - ok
19:02:06.0429 4592 [ F7205E939F50B1C8D16F895916BE6756 ] LGSHidFilt C:\Windows\system32\DRIVERS\LGSHidFilt.Sys
19:02:06.0429 4592 LGSHidFilt - ok
19:02:06.0433 4592 [ 94B29CE153765E768F004FB3440BE2B0 ] LGVirHid C:\Windows\system32\drivers\LGVirHid.sys
19:02:06.0433 4592 LGVirHid - ok
19:02:06.0436 4592 [ 1538831CF8AD2979A04C423779465827 ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys
19:02:06.0437 4592 lltdio - ok
19:02:06.0443 4592 [ C1185803384AB3FEED115F79F109427F ] lltdsvc C:\Windows\System32\lltdsvc.dll
19:02:06.0447 4592 lltdsvc - ok
19:02:06.0450 4592 [ F993A32249B66C9D622EA5592A8B76B8 ] lmhosts C:\Windows\System32\lmhsvc.dll
19:02:06.0451 4592 lmhosts - ok
19:02:06.0456 4592 [ 1A93E54EB0ECE102495A51266DCDB6A6 ] LSI_FC C:\Windows\system32\DRIVERS\lsi_fc.sys
19:02:06.0457 4592 LSI_FC - ok
19:02:06.0461 4592 [ 1047184A9FDC8BDBFF857175875EE810 ] LSI_SAS C:\Windows\system32\DRIVERS\lsi_sas.sys
19:02:06.0462 4592 LSI_SAS - ok
19:02:06.0465 4592 [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93 ] LSI_SAS2 C:\Windows\system32\DRIVERS\lsi_sas2.sys
19:02:06.0466 4592 LSI_SAS2 - ok
19:02:06.0469 4592 [ 0504EACAFF0D3C8AED161C4B0D369D4A ] LSI_SCSI C:\Windows\system32\DRIVERS\lsi_scsi.sys
19:02:06.0470 4592 LSI_SCSI - ok
19:02:06.0474 4592 [ 43D0F98E1D56CCDDB0D5254CFF7B356E ] luafv C:\Windows\system32\drivers\luafv.sys
19:02:06.0475 4592 luafv - ok
19:02:06.0478 4592 [ 0BE09CD858ABF9DF6ED259D57A1A1663 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll
19:02:06.0480 4592 Mcx2Svc - ok
19:02:06.0484 4592 [ A55805F747C6EDB6A9080D7C633BD0F4 ] megasas C:\Windows\system32\DRIVERS\megasas.sys
19:02:06.0484 4592 megasas - ok
19:02:06.0490 4592 [ BAF74CE0072480C3B6B7C13B2A94D6B3 ] MegaSR C:\Windows\system32\DRIVERS\MegaSR.sys
19:02:06.0491 4592 MegaSR - ok
19:02:06.0495 4592 [ E40E80D0304A73E8D269F7141D77250B ] MMCSS C:\Windows\system32\mmcss.dll
19:02:06.0496 4592 MMCSS - ok
19:02:06.0499 4592 [ 800BA92F7010378B09F9ED9270F07137 ] Modem C:\Windows\system32\drivers\modem.sys
19:02:06.0499 4592 Modem - ok
19:02:06.0503 4592 [ B03D591DC7DA45ECE20B3B467E6AADAA ] monitor C:\Windows\system32\DRIVERS\monitor.sys
19:02:06.0503 4592 monitor - ok
19:02:06.0506 4592 [ 7D27EA49F3C1F687D357E77A470AEA99 ] mouclass C:\Windows\system32\DRIVERS\mouclass.sys
19:02:06.0507 4592 mouclass - ok
19:02:06.0510 4592 [ D3BF052C40B0C4166D9FD86A4288C1E6 ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys
19:02:06.0510 4592 mouhid - ok
19:02:06.0514 4592 [ 32E7A3D591D671A6DF2DB515A5CBE0FA ] mountmgr C:\Windows\system32\drivers\mountmgr.sys
19:02:06.0515 4592 mountmgr - ok
19:02:06.0518 4592 [ 730A519505621DF46BCBF9CDAC9FB6AD ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
19:02:06.0519 4592 MozillaMaintenance - ok
19:02:06.0523 4592 [ A44B420D30BD56E145D6A2BC8768EC58 ] mpio C:\Windows\system32\drivers\mpio.sys
19:02:06.0524 4592 mpio - ok
19:02:06.0528 4592 [ 6C38C9E45AE0EA2FA5E551F2ED5E978F ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
19:02:06.0529 4592 mpsdrv - ok
19:02:06.0542 4592 [ 54FFC9C8898113ACE189D4AA7199D2C1 ] MpsSvc C:\Windows\system32\mpssvc.dll
19:02:06.0546 4592 MpsSvc - ok
19:02:06.0551 4592 [ DC722758B8261E1ABAFD31A3C0A66380 ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
19:02:06.0551 4592 MRxDAV - ok
19:02:06.0556 4592 [ A5D9106A73DC88564C825D317CAC68AC ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
19:02:06.0557 4592 mrxsmb - ok
19:02:06.0563 4592 [ D711B3C1D5F42C0C2415687BE09FC163 ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
19:02:06.0564 4592 mrxsmb10 - ok
19:02:06.0568 4592 [ 9423E9D355C8D303E76B8CFBD8A5C30C ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
19:02:06.0569 4592 mrxsmb20 - ok
19:02:06.0572 4592 [ C25F0BAFA182CBCA2DD3C851C2E75796 ] msahci C:\Windows\system32\drivers\msahci.sys
19:02:06.0573 4592 msahci - ok
19:02:06.0577 4592 [ 41FB1D61DF09C36CCAB0B04EEC66F6D5 ] MSCamSvc C:\Program Files\Microsoft LifeCam\MSCamS64.exe
19:02:06.0578 4592 MSCamSvc - ok
19:02:06.0583 4592 [ DB801A638D011B9633829EB6F663C900 ] msdsm C:\Windows\system32\drivers\msdsm.sys
19:02:06.0584 4592 msdsm - ok
19:02:06.0588 4592 [ DE0ECE52236CFA3ED2DBFC03F28253A8 ] MSDTC C:\Windows\System32\msdtc.exe
19:02:06.0589 4592 MSDTC - ok
19:02:06.0595 4592 [ AA3FB40E17CE1388FA1BEDAB50EA8F96 ] Msfs C:\Windows\system32\drivers\Msfs.sys
19:02:06.0596 4592 Msfs - ok
19:02:06.0598 4592 [ F9D215A46A8B9753F61767FA72A20326 ] mshidkmdf C:\Windows\System32\drivers\mshidkmdf.sys
19:02:06.0599 4592 mshidkmdf - ok
19:02:06.0602 4592 [ BB590070D606AE6F008341FC9A7B2AD7 ] MSHUSBVideo C:\Windows\system32\Drivers\nx6000.sys
19:02:06.0603 4592 MSHUSBVideo - ok
19:02:06.0606 4592 [ D916874BBD4F8B07BFB7FA9B3CCAE29D ] msisadrv C:\Windows\system32\drivers\msisadrv.sys
19:02:06.0606 4592 msisadrv - ok
19:02:06.0611 4592 [ 808E98FF49B155C522E6400953177B08 ] MSiSCSI C:\Windows\system32\iscsiexe.dll
19:02:06.0614 4592 MSiSCSI - ok
19:02:06.0616 4592 msiserver - ok
19:02:06.0620 4592 [ 49CCF2C4FEA34FFAD8B1B59D49439366 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys
19:02:06.0620 4592 MSKSSRV - ok
19:02:06.0623 4592 [ BDD71ACE35A232104DDD349EE70E1AB3 ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys
19:02:06.0624 4592 MSPCLOCK - ok
19:02:06.0627 4592 [ 4ED981241DB27C3383D72092B618A1D0 ] MSPQM C:\Windows\system32\drivers\MSPQM.sys
19:02:06.0627 4592 MSPQM - ok
19:02:06.0635 4592 [ 759A9EEB0FA9ED79DA1FB7D4EF78866D ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
19:02:06.0639 4592 MsRPC - ok
19:02:06.0644 4592 [ 0EED230E37515A0EAEE3C2E1BC97B288 ] mssmbios C:\Windows\system32\drivers\mssmbios.sys
19:02:06.0644 4592 mssmbios - ok
19:02:06.0647 4592 [ 2E66F9ECB30B4221A318C92AC2250779 ] MSTEE C:\Windows\system32\drivers\MSTEE.sys
19:02:06.0648 4592 MSTEE - ok
19:02:06.0651 4592 [ 7EA404308934E675BFFDE8EDF0757BCD ] MTConfig C:\Windows\system32\DRIVERS\MTConfig.sys
19:02:06.0651 4592 MTConfig - ok
19:02:06.0654 4592 [ F9A18612FD3526FE473C1BDA678D61C8 ] Mup C:\Windows\system32\Drivers\mup.sys
19:02:06.0655 4592 Mup - ok
19:02:06.0667 4592 [ 582AC6D9873E31DFA28A4547270862DD ] napagent C:\Windows\system32\qagentRT.dll
19:02:06.0670 4592 napagent - ok
19:02:06.0677 4592 [ 1EA3749C4114DB3E3161156FFFFA6B33 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys
19:02:06.0678 4592 NativeWifiP - ok
19:02:06.0693 4592 [ 760E38053BF56E501D562B70AD796B88 ] NDIS C:\Windows\system32\drivers\ndis.sys
19:02:06.0697 4592 NDIS - ok
19:02:06.0700 4592 [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC ] NdisCap C:\Windows\system32\DRIVERS\ndiscap.sys
19:02:06.0701 4592 NdisCap - ok
19:02:06.0704 4592 [ 30639C932D9FEF22B31268FE25A1B6E5 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys
19:02:06.0704 4592 NdisTapi - ok
19:02:06.0708 4592 [ 136185F9FB2CC61E573E676AA5402356 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys
19:02:06.0708 4592 Ndisuio - ok
19:02:06.0713 4592 [ 53F7305169863F0A2BDDC49E116C2E11 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys
19:02:06.0714 4592 NdisWan - ok
19:02:06.0718 4592 [ 015C0D8E0E0421B4CFD48CFFE2825879 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys
19:02:06.0718 4592 NDProxy - ok
19:02:06.0722 4592 [ 86743D9F5D2B1048062B14B1D84501C4 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys
19:02:06.0722 4592 NetBIOS - ok
19:02:06.0728 4592 [ 09594D1089C523423B32A4229263F068 ] NetBT C:\Windows\system32\DRIVERS\netbt.sys
19:02:06.0729 4592 NetBT - ok
19:02:06.0733 4592 [ C118A82CD78818C29AB228366EBF81C3 ] Netlogon C:\Windows\system32\lsass.exe
19:02:06.0733 4592 Netlogon - ok
19:02:06.0740 4592 [ 847D3AE376C0817161A14A82C8922A9E ] Netman C:\Windows\System32\netman.dll
19:02:06.0742 4592 Netman - ok
19:02:06.0750 4592 [ 5F28111C648F1E24F7DBC87CDEB091B8 ] netprofm C:\Windows\System32\netprofm.dll
19:02:06.0753 4592 netprofm - ok
19:02:06.0763 4592 [ D66596DB0A0739A89C25B590CE36D628 ] netr28x C:\Windows\system32\DRIVERS\netr28x.sys
19:02:06.0766 4592 netr28x - ok
19:02:06.0770 4592 [ 3E5A36127E201DDF663176B66828FAFE ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe
19:02:06.0771 4592 NetTcpPortSharing - ok
19:02:06.0775 4592 [ 77889813BE4D166CDAB78DDBA990DA92 ] nfrd960 C:\Windows\system32\DRIVERS\nfrd960.sys
19:02:06.0777 4592 nfrd960 - ok
19:02:06.0788 4592 [ 8AD77806D336673F270DB31645267293 ] NlaSvc C:\Windows\System32\nlasvc.dll
19:02:06.0790 4592 NlaSvc - ok
19:02:06.0799 4592 [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7 ] Npfs C:\Windows\system32\drivers\Npfs.sys
19:02:06.0800 4592 Npfs - ok
19:02:06.0803 4592 [ D54BFDF3E0C953F823B3D0BFE4732528 ] nsi C:\Windows\system32\nsisvc.dll
19:02:06.0804 4592 nsi - ok
19:02:06.0807 4592 [ E7F5AE18AF4168178A642A9247C63001 ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys
19:02:06.0807 4592 nsiproxy - ok
19:02:06.0828 4592 [ E453ACF4E7D44E5530B5D5F2B9CA8563 ] Ntfs C:\Windows\system32\drivers\Ntfs.sys
19:02:06.0846 4592 Ntfs - ok
19:02:06.0852 4592 [ 9899284589F75FA8724FF3D16AED75C1 ] Null C:\Windows\system32\drivers\Null.sys
19:02:06.0853 4592 Null - ok
19:02:06.0858 4592 [ 49BBEC6F48D5F9284B03ABF3A959B19B ] nusb3xhc C:\Windows\system32\DRIVERS\nusb3xhc.sys
19:02:06.0859 4592 nusb3xhc - ok
19:02:06.0863 4592 [ 0A92CB65770442ED0DC44834632F66AD ] nvraid C:\Windows\system32\drivers\nvraid.sys
19:02:06.0864 4592 nvraid - ok
19:02:06.0869 4592 [ DAB0E87525C10052BF65F06152F37E4A ] nvstor C:\Windows\system32\drivers\nvstor.sys
19:02:06.0870 4592 nvstor - ok
19:02:06.0875 4592 [ 270D7CD42D6E3979F6DD0146650F0E05 ] nv_agp C:\Windows\system32\drivers\nv_agp.sys
19:02:06.0876 4592 nv_agp - ok
19:02:06.0880 4592 [ 3589478E4B22CE21B41FA1BFC0B8B8A0 ] ohci1394 C:\Windows\system32\drivers\ohci1394.sys
19:02:06.0881 4592 ohci1394 - ok
19:02:06.0887 4592 [ 3EAC4455472CC2C97107B5291E0DCAFE ] p2pimsvc C:\Windows\system32\pnrpsvc.dll
19:02:06.0889 4592 p2pimsvc - ok
19:02:06.0897 4592 [ 927463ECB02179F88E4B9A17568C63C3 ] p2psvc C:\Windows\system32\p2psvc.dll
19:02:06.0900 4592 p2psvc - ok
19:02:06.0904 4592 [ 0086431C29C35BE1DBC43F52CC273887 ] Parport C:\Windows\system32\DRIVERS\parport.sys
19:02:06.0905 4592 Parport - ok
19:02:06.0908 4592 [ E9766131EEADE40A27DC27D2D68FBA9C ] partmgr C:\Windows\system32\drivers\partmgr.sys
19:02:06.0909 4592 partmgr - ok
19:02:06.0914 4592 [ 3AEAA8B561E63452C655DC0584922257 ] PcaSvc C:\Windows\System32\pcasvc.dll
19:02:06.0915 4592 PcaSvc - ok
19:02:06.0920 4592 [ 94575C0571D1462A0F70BDE6BD6EE6B3 ] pci C:\Windows\system32\drivers\pci.sys
19:02:06.0921 4592 pci - ok
19:02:06.0924 4592 [ B5B8B5EF2E5CB34DF8DCF8831E3534FA ] pciide C:\Windows\system32\drivers\pciide.sys
19:02:06.0925 4592 pciide - ok
19:02:06.0930 4592 [ B2E81D4E87CE48589F98CB8C05B01F2F ] pcmcia C:\Windows\system32\DRIVERS\pcmcia.sys
19:02:06.0931 4592 pcmcia - ok
19:02:06.0934 4592 [ D6B9C2E1A11A3A4B26A182FFEF18F603 ] pcw C:\Windows\system32\drivers\pcw.sys
19:02:06.0935 4592 pcw - ok
19:02:06.0945 4592 [ 68769C3356B3BE5D1C732C97B9A80D6E ] PEAUTH C:\Windows\system32\drivers\peauth.sys
19:02:06.0947 4592 PEAUTH - ok
19:02:06.0965 4592 [ B9B0A4299DD2D76A4243F75FD54DC680 ] PeerDistSvc C:\Windows\system32\peerdistsvc.dll
19:02:06.0971 4592 PeerDistSvc - ok
19:02:06.0999 4592 [ E495E408C93141E8FC72DC0C6046DDFA ] PerfHost C:\Windows\SysWow64\perfhost.exe
19:02:07.0000 4592 PerfHost - ok
19:02:07.0023 4592 [ C7CF6A6E137463219E1259E3F0F0DD6C ] pla C:\Windows\system32\pla.dll
19:02:07.0030 4592 pla - ok
19:02:07.0038 4592 [ 25FBDEF06C4D92815B353F6E792C8129 ] PlugPlay C:\Windows\system32\umpnpmgr.dll
19:02:07.0041 4592 PlugPlay - ok
19:02:07.0043 4592 [ 7195581CEC9BB7D12ABE54036ACC2E38 ] PNRPAutoReg C:\Windows\system32\pnrpauto.dll
19:02:07.0045 4592 PNRPAutoReg - ok
19:02:07.0051 4592 [ 3EAC4455472CC2C97107B5291E0DCAFE ] PNRPsvc C:\Windows\system32\pnrpsvc.dll
19:02:07.0053 4592 PNRPsvc - ok
19:02:07.0062 4592 [ 4F15D75ADF6156BF56ECED6D4A55C389 ] PolicyAgent C:\Windows\System32\ipsecsvc.dll
19:02:07.0068 4592 PolicyAgent - ok
19:02:07.0074 4592 [ 6BA9D927DDED70BD1A9CADED45F8B184 ] Power C:\Windows\system32\umpo.dll
19:02:07.0076 4592 Power - ok
19:02:07.0080 4592 [ F92A2C41117A11A00BE01CA01A7FCDE9 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys
19:02:07.0080 4592 PptpMiniport - ok
19:02:07.0084 4592 [ 0D922E23C041EFB1C3FAC2A6F943C9BF ] Processor C:\Windows\system32\DRIVERS\processr.sys
19:02:07.0084 4592 Processor - ok
19:02:07.0089 4592 [ 53E83F1F6CF9D62F32801CF66D8352A8 ] ProfSvc C:\Windows\system32\profsvc.dll
19:02:07.0091 4592 ProfSvc - ok
19:02:07.0094 4592 [ C118A82CD78818C29AB228366EBF81C3 ] ProtectedStorage C:\Windows\system32\lsass.exe
19:02:07.0095 4592 ProtectedStorage - ok
19:02:07.0099 4592 [ 0557CF5A2556BD58E26384169D72438D ] Psched C:\Windows\system32\DRIVERS\pacer.sys
19:02:07.0100 4592 Psched - ok
19:02:07.0119 4592 [ A53A15A11EBFD21077463EE2C7AFEEF0 ] ql2300 C:\Windows\system32\DRIVERS\ql2300.sys
19:02:07.0125 4592 ql2300 - ok
19:02:07.0130 4592 [ 4F6D12B51DE1AAEFF7DC58C4D75423C8 ] ql40xx C:\Windows\system32\DRIVERS\ql40xx.sys
19:02:07.0131 4592 ql40xx - ok
19:02:07.0136 4592 [ 906191634E99AEA92C4816150BDA3732 ] QWAVE C:\Windows\system32\qwave.dll
19:02:07.0138 4592 QWAVE - ok
19:02:07.0141 4592 [ 76707BB36430888D9CE9D705398ADB6C ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys
19:02:07.0142 4592 QWAVEdrv - ok
19:02:07.0145 4592 [ 5A0DA8AD5762FA2D91678A8A01311704 ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys
19:02:07.0145 4592 RasAcd - ok
19:02:07.0149 4592 [ 7ECFF9B22276B73F43A99A15A6094E90 ] RasAgileVpn C:\Windows\system32\DRIVERS\AgileVpn.sys
19:02:07.0149 4592 RasAgileVpn - ok
19:02:07.0153 4592 [ 8F26510C5383B8DBE976DE1CD00FC8C7 ] RasAuto C:\Windows\System32\rasauto.dll
19:02:07.0154 4592 RasAuto - ok
19:02:07.0159 4592 [ 471815800AE33E6F1C32FB1B97C490CA ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys
19:02:07.0159 4592 Rasl2tp - ok
19:02:07.0166 4592 [ EE867A0870FC9E4972BA9EAAD35651E2 ] RasMan C:\Windows\System32\rasmans.dll
19:02:07.0168 4592 RasMan - ok
19:02:07.0172 4592 [ 855C9B1CD4756C5E9A2AA58A15F58C25 ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys
19:02:07.0173 4592 RasPppoe - ok
19:02:07.0176 4592 [ E8B1E447B008D07FF47D016C2B0EEECB ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys
19:02:07.0177 4592 RasSstp - ok
19:02:07.0183 4592 [ 77F665941019A1594D887A74F301FA2F ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys
19:02:07.0185 4592 rdbss - ok
19:02:07.0187 4592 [ 302DA2A0539F2CF54D7C6CC30C1F2D8D ] rdpbus C:\Windows\system32\DRIVERS\rdpbus.sys
19:02:07.0188 4592 rdpbus - ok
19:02:07.0191 4592 [ CEA6CC257FC9B7715F1C2B4849286D24 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys
19:02:07.0191 4592 RDPCDD - ok
19:02:07.0198 4592 [ 1B6163C503398B23FF8B939C67747683 ] RDPDR C:\Windows\system32\drivers\rdpdr.sys
19:02:07.0199 4592 RDPDR - ok
19:02:07.0201 4592 [ BB5971A4F00659529A5C44831AF22365 ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys
19:02:07.0202 4592 RDPENCDD - ok
19:02:07.0206 4592 [ 216F3FA57533D98E1F74DED70113177A ] RDPREFMP C:\Windows\system32\drivers\rdprefmp.sys
19:02:07.0207 4592 RDPREFMP - ok
19:02:07.0213 4592 [ 313F68E1A3E6345A4F47A36B07062F34 ] RdpVideoMiniport C:\Windows\system32\drivers\rdpvideominiport.sys
19:02:07.0213 4592 RdpVideoMiniport - ok
19:02:07.0219 4592 [ E61608AA35E98999AF9AAEEEA6114B0A ] RDPWD C:\Windows\system32\drivers\RDPWD.sys
19:02:07.0221 4592 RDPWD - ok
19:02:07.0227 4592 [ 34ED295FA0121C241BFEF24764FC4520 ] rdyboost C:\Windows\system32\drivers\rdyboost.sys
19:02:07.0228 4592 rdyboost - ok
19:02:07.0232 4592 [ 254FB7A22D74E5511C73A3F6D802F192 ] RemoteAccess C:\Windows\System32\mprdim.dll
19:02:07.0233 4592 RemoteAccess - ok
19:02:07.0238 4592 [ E4D94F24081440B5FC5AA556C7C62702 ] RemoteRegistry C:\Windows\system32\regsvc.dll
19:02:07.0239 4592 RemoteRegistry - ok
19:02:07.0243 4592 [ E4DC58CF7B3EA515AE917FF0D402A7BB ] RpcEptMapper C:\Windows\System32\RpcEpMap.dll
19:02:07.0244 4592 RpcEptMapper - ok
19:02:07.0248 4592 [ D5BA242D4CF8E384DB90E6A8ED850B8C ] RpcLocator C:\Windows\system32\locator.exe
19:02:07.0248 4592 RpcLocator - ok
19:02:07.0258 4592 [ 5C627D1B1138676C0A7AB2C2C190D123 ] RpcSs C:\Windows\system32\rpcss.dll
19:02:07.0261 4592 RpcSs - ok
19:02:07.0265 4592 [ DDC86E4F8E7456261E637E3552E804FF ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys
19:02:07.0265 4592 rspndr - ok
19:02:07.0270 4592 [ ABCB5A38A0D85BDF69B7877E1AD1EED5 ] RTL8167 C:\Windows\system32\DRIVERS\Rt64win7.sys
19:02:07.0271 4592 RTL8167 - ok
19:02:07.0274 4592 [ E60C0A09F997826C7627B244195AB581 ] s3cap C:\Windows\system32\drivers\vms3cap.sys
19:02:07.0275 4592 s3cap - ok
19:02:07.0278 4592 [ C118A82CD78818C29AB228366EBF81C3 ] SamSs C:\Windows\system32\lsass.exe
19:02:07.0279 4592 SamSs - ok
19:02:07.0283 4592 [ AC03AF3329579FFFB455AA2DAABBE22B ] sbp2port C:\Windows\system32\drivers\sbp2port.sys
19:02:07.0284 4592 sbp2port - ok
19:02:07.0289 4592 [ 9B7395789E3791A3B6D000FE6F8B131E ] SCardSvr C:\Windows\System32\SCardSvr.dll
19:02:07.0291 4592 SCardSvr - ok
19:02:07.0294 4592 [ 253F38D0D7074C02FF8DEB9836C97D2B ] scfilter C:\Windows\system32\DRIVERS\scfilter.sys
19:02:07.0295 4592 scfilter - ok
19:02:07.0309 4592 [ 262F6592C3299C005FD6BEC90FC4463A ] Schedule C:\Windows\system32\schedsvc.dll
19:02:07.0314 4592 Schedule - ok
19:02:07.0319 4592 [ F17D1D393BBC69C5322FBFAFACA28C7F ] SCPolicySvc C:\Windows\System32\certprop.dll
19:02:07.0319 4592 SCPolicySvc - ok
19:02:07.0324 4592 [ 6EA4234DC55346E0709560FE7C2C1972 ] SDRSVC C:\Windows\System32\SDRSVC.dll
19:02:07.0326 4592 SDRSVC - ok
19:02:07.0329 4592 [ 3EA8A16169C26AFBEB544E0E48421186 ] secdrv C:\Windows\system32\drivers\secdrv.sys
19:02:07.0329 4592 secdrv - ok
19:02:07.0333 4592 [ BC617A4E1B4FA8DF523A061739A0BD87 ] seclogon C:\Windows\system32\seclogon.dll
19:02:07.0334 4592 seclogon - ok
19:02:07.0337 4592 [ C32AB8FA018EF34C0F113BD501436D21 ] SENS C:\Windows\System32\sens.dll
19:02:07.0338 4592 SENS - ok
19:02:07.0342 4592 [ 0336CFFAFAAB87A11541F1CF1594B2B2 ] SensrSvc C:\Windows\system32\sensrsvc.dll
19:02:07.0343 4592 SensrSvc - ok
19:02:07.0346 4592 [ CB624C0035412AF0DEBEC78C41F5CA1B ] Serenum C:\Windows\system32\DRIVERS\serenum.sys
19:02:07.0346 4592 Serenum - ok
19:02:07.0350 4592 [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6 ] Serial C:\Windows\system32\DRIVERS\serial.sys
19:02:07.0350 4592 Serial - ok
19:02:07.0353 4592 [ 1C545A7D0691CC4A027396535691C3E3 ] sermouse C:\Windows\system32\DRIVERS\sermouse.sys
19:02:07.0354 4592 sermouse - ok
19:02:07.0363 4592 [ 0B6231BF38174A1628C4AC812CC75804 ] SessionEnv C:\Windows\system32\sessenv.dll
19:02:07.0364 4592 SessionEnv - ok
19:02:07.0367 4592 [ A554811BCD09279536440C964AE35BBF ] sffdisk C:\Windows\system32\drivers\sffdisk.sys
19:02:07.0367 4592 sffdisk - ok
19:02:07.0370 4592 [ FF414F0BAEFEBA59BC6C04B3DB0B87BF ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys
19:02:07.0370 4592 sffp_mmc - ok
19:02:07.0373 4592 [ DD85B78243A19B59F0637DCF284DA63C ] sffp_sd C:\Windows\system32\drivers\sffp_sd.sys
19:02:07.0374 4592 sffp_sd - ok
19:02:07.0377 4592 [ A9D601643A1647211A1EE2EC4E433FF4 ] sfloppy C:\Windows\system32\DRIVERS\sfloppy.sys
19:02:07.0378 4592 sfloppy - ok
19:02:07.0384 4592 [ B95F6501A2F8B2E78C697FEC401970CE ] SharedAccess C:\Windows\System32\ipnathlp.dll
19:02:07.0386 4592 SharedAccess - ok
19:02:07.0393 4592 [ AAF932B4011D14052955D4B212A4DA8D ] ShellHWDetection C:\Windows\System32\shsvcs.dll
19:02:07.0396 4592 ShellHWDetection - ok
19:02:07.0399 4592 [ 843CAF1E5FDE1FFD5FF768F23A51E2E1 ] SiSRaid2 C:\Windows\system32\DRIVERS\SiSRaid2.sys
19:02:07.0400 4592 SiSRaid2 - ok
19:02:07.0403 4592 [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4 ] SiSRaid4 C:\Windows\system32\DRIVERS\sisraid4.sys
19:02:07.0404 4592 SiSRaid4 - ok
19:02:07.0444 4592 [ 183F04C6742902F33039913A96F5B574 ] Skype C2C Service C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe
19:02:07.0457 4592 Skype C2C Service - ok
19:02:07.0471 4592 [ 011E958267FEB6ED72F1BFA80072943C ] SkypeUpdate D:\Programs\Skype\Updater\Updater.exe
19:02:07.0472 4592 SkypeUpdate - ok
19:02:07.0476 4592 [ 548260A7B8654E024DC30BF8A7C5BAA4 ] Smb C:\Windows\system32\DRIVERS\smb.sys
19:02:07.0476 4592 Smb - ok
19:02:07.0482 4592 [ 6313F223E817CC09AA41811DAA7F541D ] SNMPTRAP C:\Windows\System32\snmptrap.exe
19:02:07.0484 4592 SNMPTRAP - ok
19:02:07.0487 4592 [ B9E31E5CACDFE584F34F730A677803F9 ] spldr C:\Windows\system32\drivers\spldr.sys
19:02:07.0488 4592 spldr - ok
19:02:07.0497 4592 [ 85DAA09A98C9286D4EA2BA8D0E644377 ] Spooler C:\Windows\System32\spoolsv.exe
19:02:07.0500 4592 Spooler - ok
19:02:07.0541 4592 [ E17E0188BB90FAE42D83E98707EFA59C ] sppsvc C:\Windows\system32\sppsvc.exe
19:02:07.0556 4592 sppsvc - ok
19:02:07.0561 4592 [ 93D7D61317F3D4BC4F4E9F8A96A7DE45 ] sppuinotify C:\Windows\system32\sppuinotify.dll
19:02:07.0562 4592 sppuinotify - ok
19:02:07.0570 4592 [ 441FBA48BFF01FDB9D5969EBC1838F0B ] srv C:\Windows\system32\DRIVERS\srv.sys
19:02:07.0573 4592 srv - ok
19:02:07.0580 4592 [ B4ADEBBF5E3677CCE9651E0F01F7CC28 ] srv2 C:\Windows\system32\DRIVERS\srv2.sys
19:02:07.0582 4592 srv2 - ok
19:02:07.0587 4592 [ 27E461F0BE5BFF5FC737328F749538C3 ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys
19:02:07.0588 4592 srvnet - ok
19:02:07.0593 4592 [ 51B52FBD583CDE8AA9BA62B8B4298F33 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll
19:02:07.0595 4592 SSDPSRV - ok
19:02:07.0599 4592 [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB ] SstpSvc C:\Windows\system32\sstpsvc.dll
19:02:07.0600 4592 SstpSvc - ok
19:02:07.0603 4592 [ F3817967ED533D08327DC73BC4D5542A ] stexstor C:\Windows\system32\DRIVERS\stexstor.sys
19:02:07.0604 4592 stexstor - ok
19:02:07.0613 4592 [ 8DD52E8E6128F4B2DA92CE27402871C1 ] stisvc C:\Windows\System32\wiaservc.dll
19:02:07.0616 4592 stisvc - ok
19:02:07.0620 4592 [ 7785DC213270D2FC066538DAF94087E7 ] storflt C:\Windows\system32\drivers\vmstorfl.sys
19:02:07.0620 4592 storflt - ok
19:02:07.0623 4592 [ C40841817EF57D491F22EB103DA587CC ] StorSvc C:\Windows\system32\storsvc.dll
19:02:07.0625 4592 StorSvc - ok
19:02:07.0628 4592 [ D34E4943D5AC096C8EDEEBFD80D76E23 ] storvsc C:\Windows\system32\drivers\storvsc.sys
19:02:07.0628 4592 storvsc - ok
19:02:07.0631 4592 [ D01EC09B6711A5F8E7E6564A4D0FBC90 ] swenum C:\Windows\system32\drivers\swenum.sys
19:02:07.0632 4592 swenum - ok
19:02:07.0640 4592 [ E08E46FDD841B7184194011CA1955A0B ] swprv C:\Windows\System32\swprv.dll
19:02:07.0643 4592 swprv - ok
19:02:07.0664 4592 [ BF9CCC0BF39B418C8D0AE8B05CF95B7D ] SysMain C:\Windows\system32\sysmain.dll
19:02:07.0672 4592 SysMain - ok
19:02:07.0676 4592 [ E3C61FD7B7C2557E1F1B0B4CEC713585 ] TabletInputService C:\Windows\System32\TabSvc.dll
19:02:07.0678 4592 TabletInputService - ok
19:02:07.0684 4592 [ 40F0849F65D13EE87B9A9AE3C1DD6823 ] TapiSrv C:\Windows\System32\tapisrv.dll
19:02:07.0686 4592 TapiSrv - ok
19:02:07.0690 4592 [ 1BE03AC720F4D302EA01D40F588162F6 ] TBS C:\Windows\System32\tbssvc.dll
19:02:07.0691 4592 TBS - ok
19:02:07.0713 4592 [ 37608401DFDB388CAF66917F6B2D6FB0 ] Tcpip C:\Windows\system32\drivers\tcpip.sys
19:02:07.0721 4592 Tcpip - ok
19:02:07.0744 4592 [ 37608401DFDB388CAF66917F6B2D6FB0 ] TCPIP6 C:\Windows\system32\DRIVERS\tcpip.sys
19:02:07.0751 4592 TCPIP6 - ok
19:02:07.0757 4592 [ 1B16D0BD9841794A6E0CDE0CEF744ABC ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys
19:02:07.0758 4592 tcpipreg - ok
19:02:07.0762 4592 [ 3371D21011695B16333A3934340C4E7C ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys
19:02:07.0763 4592 TDPIPE - ok
19:02:07.0766 4592 [ 51C5ECEB1CDEE2468A1748BE550CFBC8 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys
19:02:07.0766 4592 TDTCP - ok
19:02:07.0770 4592 [ DDAD5A7AB24D8B65F8D724F5C20FD806 ] tdx C:\Windows\system32\DRIVERS\tdx.sys
19:02:07.0771 4592 tdx - ok
19:02:07.0774 4592 [ 561E7E1F06895D78DE991E01DD0FB6E5 ] TermDD C:\Windows\system32\drivers\termdd.sys
19:02:07.0775 4592 TermDD - ok
19:02:07.0786 4592 [ 2E648163254233755035B46DD7B89123 ] TermService C:\Windows\System32\termsrv.dll
19:02:07.0790 4592 TermService - ok
19:02:07.0794 4592 [ F0344071948D1A1FA732231785A0664C ] Themes C:\Windows\system32\themeservice.dll
19:02:07.0795 4592 Themes - ok
19:02:07.0798 4592 [ E40E80D0304A73E8D269F7141D77250B ] THREADORDER C:\Windows\system32\mmcss.dll
19:02:07.0799 4592 THREADORDER - ok
19:02:07.0803 4592 [ 7E7AFD841694F6AC397E99D75CEAD49D ] TrkWks C:\Windows\System32\trkwks.dll
19:02:07.0805 4592 TrkWks - ok
19:02:07.0809 4592 [ 773212B2AAA24C1E31F10246B15B276C ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
19:02:07.0810 4592 TrustedInstaller - ok
19:02:07.0815 4592 [ CE18B2CDFC837C99E5FAE9CA6CBA5D30 ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys
19:02:07.0816 4592 tssecsrv - ok
19:02:07.0819 4592 [ 17C6B51CBCCDED95B3CC14E22791F85E ] TsUsbFlt C:\Windows\system32\drivers\tsusbflt.sys
19:02:07.0820 4592 TsUsbFlt - ok
19:02:07.0824 4592 [ 3566A8DAAFA27AF944F5D705EAA64894 ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys
19:02:07.0825 4592 tunnel - ok
19:02:07.0828 4592 [ B4DD609BD7E282BFC683CEC7EAAAAD67 ] uagp35 C:\Windows\system32\DRIVERS\uagp35.sys
19:02:07.0829 4592 uagp35 - ok
19:02:07.0835 4592 [ FF4232A1A64012BAA1FD97C7B67DF593 ] udfs C:\Windows\system32\DRIVERS\udfs.sys
19:02:07.0837 4592 udfs - ok
19:02:07.0844 4592 [ 3CBDEC8D06B9968ABA702EBA076364A1 ] UI0Detect C:\Windows\system32\UI0Detect.exe
19:02:07.0846 4592 UI0Detect - ok
19:02:07.0849 4592 [ 4BFE1BC28391222894CBF1E7D0E42320 ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys
19:02:07.0850 4592 uliagpkx - ok
19:02:07.0853 4592 [ DC54A574663A895C8763AF0FA1FF7561 ] umbus C:\Windows\system32\drivers\umbus.sys
19:02:07.0854 4592 umbus - ok
19:02:07.0857 4592 [ B2E8E8CB557B156DA5493BBDDCC1474D ] UmPass C:\Windows\system32\DRIVERS\umpass.sys
19:02:07.0857 4592 UmPass - ok
19:02:07.0863 4592 [ A293DCD756D04D8492A750D03B9A297C ] UmRdpService C:\Windows\System32\umrdp.dll
19:02:07.0865 4592 UmRdpService - ok
19:02:07.0872 4592 [ D47EC6A8E81633DD18D2436B19BAF6DE ] upnphost C:\Windows\System32\upnphost.dll
19:02:07.0874 4592 upnphost - ok
19:02:07.0879 4592 [ 82E8F44688E6FAC57B5B7C6FC7ADBC2A ] usbaudio C:\Windows\system32\drivers\usbaudio.sys
19:02:07.0879 4592 usbaudio - ok
19:02:07.0883 4592 [ 6F1A3157A1C89435352CEB543CDB359C ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys
19:02:07.0884 4592 usbccgp - ok
19:02:07.0889 4592 [ AF0892A803FDDA7492F595368E3B68E7 ] usbcir C:\Windows\system32\drivers\usbcir.sys
19:02:07.0889 4592 usbcir - ok
19:02:07.0893 4592 [ C025055FE7B87701EB042095DF1A2D7B ] usbehci C:\Windows\system32\DRIVERS\usbehci.sys
19:02:07.0893 4592 usbehci - ok
19:02:07.0901 4592 [ 287C6C9410B111B68B52CA298F7B8C24 ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys
19:02:07.0902 4592 usbhub - ok
19:02:07.0906 4592 [ 9840FC418B4CBD632D3D0A667A725C31 ] usbohci C:\Windows\system32\DRIVERS\usbohci.sys
19:02:07.0906 4592 usbohci - ok
19:02:07.0909 4592 [ 73188F58FB384E75C4063D29413CEE3D ] usbprint C:\Windows\system32\DRIVERS\usbprint.sys
19:02:07.0910 4592 usbprint - ok
19:02:07.0914 4592 [ FED648B01349A3C8395A5169DB5FB7D6 ] USBSTOR C:\Windows\system32\drivers\USBSTOR.SYS
19:02:07.0915 4592 USBSTOR - ok
19:02:07.0918 4592 [ 62069A34518BCF9C1FD9E74B3F6DB7CD ] usbuhci C:\Windows\system32\drivers\usbuhci.sys
19:02:07.0919 4592 usbuhci - ok
19:02:07.0923 4592 [ 454800C2BC7F3927CE030141EE4F4C50 ] usbvideo C:\Windows\system32\Drivers\usbvideo.sys
19:02:07.0924 4592 usbvideo - ok
19:02:07.0928 4592 [ EDBB23CBCF2CDF727D64FF9B51A6070E ] UxSms C:\Windows\System32\uxsms.dll
19:02:07.0930 4592 UxSms - ok
19:02:07.0933 4592 [ C118A82CD78818C29AB228366EBF81C3 ] VaultSvc C:\Windows\system32\lsass.exe
19:02:07.0934 4592 VaultSvc - ok
19:02:07.0937 4592 [ C5C876CCFC083FF3B128F933823E87BD ] vdrvroot C:\Windows\system32\drivers\vdrvroot.sys
19:02:07.0937 4592 vdrvroot - ok
19:02:07.0948 4592 [ 8D6B481601D01A456E75C3210F1830BE ] vds C:\Windows\System32\vds.exe
19:02:07.0951 4592 vds - ok
19:02:07.0954 4592 [ DA4DA3F5E02943C2DC8C6ED875DE68DD ] vga C:\Windows\system32\DRIVERS\vgapnp.sys
19:02:07.0955 4592 vga - ok
19:02:07.0958 4592 [ 53E92A310193CB3C03BEA963DE7D9CFC ] VgaSave C:\Windows\System32\drivers\vga.sys
19:02:07.0958 4592 VgaSave - ok
19:02:07.0963 4592 [ 2CE2DF28C83AEAF30084E1B1EB253CBB ] vhdmp C:\Windows\system32\drivers\vhdmp.sys
19:02:07.0965 4592 vhdmp - ok
19:02:07.0968 4592 [ E5689D93FFE4E5D66C0178761240DD54 ] viaide C:\Windows\system32\drivers\viaide.sys
19:02:07.0968 4592 viaide - ok
19:02:07.0973 4592 [ 86EA3E79AE350FEA5331A1303054005F ] vmbus C:\Windows\system32\drivers\vmbus.sys
19:02:07.0975 4592 vmbus - ok
19:02:07.0978 4592 [ 7DE90B48F210D29649380545DB45A187 ] VMBusHID C:\Windows\system32\drivers\VMBusHID.sys
19:02:07.0979 4592 VMBusHID - ok
19:02:07.0982 4592 [ D2AAFD421940F640B407AEFAAEBD91B0 ] volmgr C:\Windows\system32\drivers\volmgr.sys
19:02:07.0983 4592 volmgr - ok
19:02:07.0992 4592 [ A255814907C89BE58B79EF2F189B843B ] volmgrx C:\Windows\system32\drivers\volmgrx.sys
19:02:07.0993 4592 volmgrx - ok
19:02:08.0006 4592 [ 0D08D2F3B3FF84E433346669B5E0F639 ] volsnap C:\Windows\system32\drivers\volsnap.sys
19:02:08.0007 4592 volsnap - ok
19:02:08.0014 4592 [ 5E2016EA6EBACA03C04FEAC5F330D997 ] vsmraid C:\Windows\system32\DRIVERS\vsmraid.sys
19:02:08.0015 4592 vsmraid - ok
19:02:08.0035 4592 [ B60BA0BC31B0CB414593E169F6F21CC2 ] VSS C:\Windows\system32\vssvc.exe
19:02:08.0043 4592 VSS - ok
19:02:08.0047 4592 [ 36D4720B72B5C5D9CB2B9C29E9DF67A1 ] vwifibus C:\Windows\system32\DRIVERS\vwifibus.sys
19:02:08.0048 4592 vwifibus - ok
19:02:08.0052 4592 [ 6A3D66263414FF0D6FA754C646612F3F ] vwififlt C:\Windows\system32\DRIVERS\vwififlt.sys
19:02:08.0053 4592 vwififlt - ok
19:02:08.0060 4592 [ 1C9D80CC3849B3788048078C26486E1A ] W32Time C:\Windows\system32\w32time.dll
19:02:08.0063 4592 W32Time - ok
19:02:08.0068 4592 [ 4E9440F4F152A7B944CB1663D3935A3E ] WacomPen C:\Windows\system32\DRIVERS\wacompen.sys
19:02:08.0068 4592 WacomPen - ok
19:02:08.0073 4592 [ 356AFD78A6ED4457169241AC3965230C ] WANARP C:\Windows\system32\DRIVERS\wanarp.sys
19:02:08.0074 4592 WANARP - ok
19:02:08.0078 4592 [ 356AFD78A6ED4457169241AC3965230C ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys
19:02:08.0078 4592 Wanarpv6 - ok
19:02:08.0097 4592 [ 3CEC96DE223E49EAAE3651FCF8FAEA6C ] WatAdminSvc C:\Windows\system32\Wat\WatAdminSvc.exe
19:02:08.0102 4592 WatAdminSvc - ok
19:02:08.0125 4592 [ 78F4E7F5C56CB9716238EB57DA4B6A75 ] wbengine C:\Windows\system32\wbengine.exe
19:02:08.0133 4592 wbengine - ok
19:02:08.0138 4592 [ 3AA101E8EDAB2DB4131333F4325C76A3 ] WbioSrvc C:\Windows\System32\wbiosrvc.dll
19:02:08.0140 4592 WbioSrvc - ok
19:02:08.0148 4592 [ 7368A2AFD46E5A4481D1DE9D14848EDD ] wcncsvc C:\Windows\System32\wcncsvc.dll
19:02:08.0151 4592 wcncsvc - ok
19:02:08.0154 4592 [ 20F7441334B18CEE52027661DF4A6129 ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
19:02:08.0156 4592 WcsPlugInService - ok
19:02:08.0159 4592 [ 72889E16FF12BA0F235467D6091B17DC ] Wd C:\Windows\system32\DRIVERS\wd.sys
19:02:08.0159 4592 Wd - ok
19:02:08.0172 4592 [ 442783E2CB0DA19873B7A63833FF4CB4 ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys
19:02:08.0176 4592 Wdf01000 - ok
19:02:08.0180 4592 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiServiceHost C:\Windows\system32\wdi.dll
19:02:08.0181 4592 WdiServiceHost - ok
19:02:08.0184 4592 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiSystemHost C:\Windows\system32\wdi.dll
19:02:08.0186 4592 WdiSystemHost - ok
19:02:08.0191 4592 [ 3DB6D04E1C64272F8B14EB8BC4616280 ] WebClient C:\Windows\System32\webclnt.dll
19:02:08.0194 4592 WebClient - ok
19:02:08.0199 4592 [ C749025A679C5103E575E3B48E092C43 ] Wecsvc C:\Windows\system32\wecsvc.dll
19:02:08.0201 4592 Wecsvc - ok
19:02:08.0205 4592 [ 7E591867422DC788B9E5BD337A669A08 ] wercplsupport C:\Windows\System32\wercplsupport.dll
19:02:08.0206 4592 wercplsupport - ok
19:02:08.0210 4592 [ 6D137963730144698CBD10F202E9F251 ] WerSvc C:\Windows\System32\WerSvc.dll
19:02:08.0212 4592 WerSvc - ok
19:02:08.0215 4592 [ 611B23304BF067451A9FDEE01FBDD725 ] WfpLwf C:\Windows\system32\DRIVERS\wfplwf.sys
19:02:08.0215 4592 WfpLwf - ok
19:02:08.0218 4592 [ 05ECAEC3E4529A7153B3136CEB49F0EC ] WIMMount C:\Windows\system32\drivers\wimmount.sys
19:02:08.0219 4592 WIMMount - ok
19:02:08.0222 4592 WinDefend - ok
19:02:08.0227 4592 WinHttpAutoProxySvc - ok
19:02:08.0238 4592 [ 19B07E7E8915D701225DA41CB3877306 ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll
19:02:08.0239 4592 Winmgmt - ok
19:02:08.0266 4592 [ BCB1310604AA415C4508708975B3931E ] WinRM C:\Windows\system32\WsmSvc.dll
19:02:08.0275 4592 WinRM - ok
19:02:08.0292 4592 [ 4FADA86E62F18A1B2F42BA18AE24E6AA ] Wlansvc C:\Windows\System32\wlansvc.dll
19:02:08.0297 4592 Wlansvc - ok
19:02:08.0301 4592 [ F6FF8944478594D0E414D3F048F0D778 ] WmiAcpi C:\Windows\system32\drivers\wmiacpi.sys
19:02:08.0301 4592 WmiAcpi - ok
19:02:08.0311 4592 [ 38B84C94C5A8AF291ADFEA478AE54F93 ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe
19:02:08.0312 4592 wmiApSrv - ok
19:02:08.0314 4592 WMPNetworkSvc - ok
19:02:08.0319 4592 [ 96C6E7100D724C69FCF9E7BF590D1DCA ] WPCSvc C:\Windows\System32\wpcsvc.dll
19:02:08.0320 4592 WPCSvc - ok
19:02:08.0324 4592 [ 93221146D4EBBF314C29B23CD6CC391D ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll
19:02:08.0326 4592 WPDBusEnum - ok
19:02:08.0329 4592 [ 6BCC1D7D2FD2453957C5479A32364E52 ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys
19:02:08.0329 4592 ws2ifsl - ok
19:02:08.0334 4592 [ E8B1FE6669397D1772D8196DF0E57A9E ] wscsvc C:\Windows\System32\wscsvc.dll
19:02:08.0335 4592 wscsvc - ok
19:02:08.0338 4592 WSearch - ok
19:02:08.0372 4592 [ D9EF901DCA379CFE914E9FA13B73B4C4 ] wuauserv C:\Windows\system32\wuaueng.dll
19:02:08.0384 4592 wuauserv - ok
19:02:08.0388 4592 [ AB886378EEB55C6C75B4F2D14B6C869F ] WudfPf C:\Windows\system32\drivers\WudfPf.sys
19:02:08.0389 4592 WudfPf - ok
19:02:08.0394 4592 [ DDA4CAF29D8C0A297F886BFE561E6659 ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys
19:02:08.0395 4592 WUDFRd - ok
19:02:08.0399 4592 [ B20F051B03A966392364C83F009F7D17 ] wudfsvc C:\Windows\System32\WUDFSvc.dll
19:02:08.0401 4592 wudfsvc - ok
19:02:08.0407 4592 [ 9A3452B3C2A46C073166C5CF49FAD1AE ] WwanSvc C:\Windows\System32\wwansvc.dll
19:02:08.0409 4592 WwanSvc - ok
19:02:08.0415 4592 ================ Scan global ===============================
19:02:08.0418 4592 [ BA0CD8C393E8C9F83354106093832C7B ] C:\Windows\system32\basesrv.dll
19:02:08.0422 4592 [ 9E479C2B605C25DA4971ABA36250FAEF ] C:\Windows\system32\winsrv.dll
19:02:08.0429 4592 [ 9E479C2B605C25DA4971ABA36250FAEF ] C:\Windows\system32\winsrv.dll
19:02:08.0432 4592 [ D6160F9D869BA3AF0B787F971DB56368 ] C:\Windows\system32\sxssrv.dll
19:02:08.0439 4592 [ 24ACB7E5BE595468E3B9AA488B9B4FCB ] C:\Windows\system32\services.exe
19:02:08.0441 4592 [Global] - ok
19:02:08.0441 4592 ================ Scan MBR ==================================
19:02:08.0444 4592 [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
19:02:08.0516 4592 \Device\Harddisk0\DR0 - ok
19:02:08.0528 4592 [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk1\DR1
19:02:08.0531 4592 \Device\Harddisk1\DR1 - ok
19:02:08.0537 4592 [ 739B36F7A373FC81121D831231B6D311 ] \Device\Harddisk2\DR2
19:02:09.0673 4592 \Device\Harddisk2\DR2 - ok
19:02:09.0674 4592 ================ Scan VBR ==================================
19:02:09.0675 4592 [ 3D73601CDA3649A57CD7421ADA4349DE ] \Device\Harddisk0\DR0\Partition1
19:02:09.0677 4592 \Device\Harddisk0\DR0\Partition1 - ok
19:02:09.0679 4592 [ 4E56B284DACB17B26C44C164AFC0E786 ] \Device\Harddisk0\DR0\Partition2
19:02:09.0680 4592 \Device\Harddisk0\DR0\Partition2 - ok
19:02:09.0686 4592 [ 7DEAA00A708183CDF0B7DC8FFBEA2C11 ] \Device\Harddisk1\DR1\Partition1
19:02:09.0687 4592 \Device\Harddisk1\DR1\Partition1 - ok
19:02:09.0702 4592 [ 52968E9D43D657B596AA4DFCFB615F14 ] \Device\Harddisk1\DR1\Partition2
19:02:09.0703 4592 \Device\Harddisk1\DR1\Partition2 - ok
19:02:09.0718 4592 [ 7714DF4E4C243E38032B227D67D00A1C ] \Device\Harddisk1\DR1\Partition3
19:02:09.0720 4592 \Device\Harddisk1\DR1\Partition3 - ok
19:02:09.0723 4592 [ A56CD2CAA244B4506FD4352EF369F829 ] \Device\Harddisk2\DR2\Partition1
19:02:09.0724 4592 \Device\Harddisk2\DR2\Partition1 - ok
19:02:09.0724 4592 ================ Scan active images ========================
19:02:09.0726 4592 [ 3E588B60EC061686BA05D33574A344C6 ] C:\Windows\System32\drivers\crashdmp.sys
19:02:09.0726 4592 C:\Windows\System32\drivers\crashdmp.sys - ok
19:02:09.0730 4592 [ 304A483EAA36A902528A270B2355B81A ] C:\Windows\System32\drivers\cmderd.sys
19:02:09.0730 4592 C:\Windows\System32\drivers\cmderd.sys - ok
19:02:09.0733 4592 [ F036CE71586E93D94DAB220D7BDF4416 ] C:\Windows\System32\drivers\cdrom.sys
19:02:09.0733 4592 C:\Windows\System32\drivers\cdrom.sys - ok
19:02:09.0736 4592 [ 548573D78FDD43DE2ADE2DDA7A5644AC ] C:\Windows\System32\drivers\cmdguard.sys
19:02:09.0736 4592 C:\Windows\System32\drivers\cmdguard.sys - ok
19:02:09.0739 4592 [ 16A47CE2DECC9B099349A5F840654746 ] C:\Windows\System32\drivers\beep.sys
19:02:09.0739 4592 C:\Windows\System32\drivers\beep.sys - ok
19:02:09.0743 4592 [ 9899284589F75FA8724FF3D16AED75C1 ] C:\Windows\System32\drivers\null.sys
19:02:09.0743 4592 C:\Windows\System32\drivers\null.sys - ok
19:02:09.0746 4592 [ AA3FB40E17CE1388FA1BEDAB50EA8F96 ] C:\Windows\System32\drivers\msfs.sys
19:02:09.0746 4592 C:\Windows\System32\drivers\msfs.sys - ok
19:02:09.0749 4592 [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7 ] C:\Windows\System32\drivers\npfs.sys
19:02:09.0749 4592 C:\Windows\System32\drivers\npfs.sys - ok
19:02:09.0752 4592 [ CEA6CC257FC9B7715F1C2B4849286D24 ] C:\Windows\System32\drivers\RDPCDD.sys
19:02:09.0752 4592 C:\Windows\System32\drivers\RDPCDD.sys - ok
19:02:09.0756 4592 [ BB5971A4F00659529A5C44831AF22365 ] C:\Windows\System32\drivers\RDPENCDD.sys
19:02:09.0756 4592 C:\Windows\System32\drivers\RDPENCDD.sys - ok
19:02:09.0759 4592 [ 216F3FA57533D98E1F74DED70113177A ] C:\Windows\System32\drivers\RDPREFMP.sys
19:02:09.0759 4592 C:\Windows\System32\drivers\RDPREFMP.sys - ok
19:02:09.0762 4592 [ 6F020A220388ECA0AB6062DC27BD16B6 ] C:\Windows\System32\drivers\tdi.sys
19:02:09.0762 4592 C:\Windows\System32\drivers\tdi.sys - ok
19:02:09.0765 4592 [ DDAD5A7AB24D8B65F8D724F5C20FD806 ] C:\Windows\System32\drivers\tdx.sys
19:02:09.0765 4592 C:\Windows\System32\drivers\tdx.sys - ok
19:02:09.0768 4592 [ 53E92A310193CB3C03BEA963DE7D9CFC ] C:\Windows\System32\drivers\vga.sys
19:02:09.0769 4592 C:\Windows\System32\drivers\vga.sys - ok
19:02:09.0772 4592 [ E7353D59C9842BC7299FAEB7E7E09340 ] C:\Windows\System32\drivers\videoprt.sys
19:02:09.0772 4592 C:\Windows\System32\drivers\videoprt.sys - ok
19:02:09.0775 4592 [ FC438D1430B28618E2D0C7C332A710AD ] C:\Windows\System32\drivers\watchdog.sys
19:02:09.0775 4592 C:\Windows\System32\drivers\watchdog.sys - ok
19:02:09.0778 4592 [ 1C7857B62DE5994A75B054A9FD4C3825 ] C:\Windows\System32\drivers\afd.sys
19:02:09.0778 4592 C:\Windows\System32\drivers\afd.sys - ok
19:02:09.0782 4592 [ 09594D1089C523423B32A4229263F068 ] C:\Windows\System32\drivers\netbt.sys
19:02:09.0782 4592 C:\Windows\System32\drivers\netbt.sys - ok
19:02:09.0785 4592 [ 611B23304BF067451A9FDEE01FBDD725 ] C:\Windows\System32\drivers\wfplwf.sys
19:02:09.0785 4592 C:\Windows\System32\drivers\wfplwf.sys - ok
19:02:09.0788 4592 [ 86743D9F5D2B1048062B14B1D84501C4 ] C:\Windows\System32\drivers\netbios.sys
19:02:09.0788 4592 C:\Windows\System32\drivers\netbios.sys - ok
19:02:09.0791 4592 [ 0557CF5A2556BD58E26384169D72438D ] C:\Windows\System32\drivers\pacer.sys
19:02:09.0791 4592 C:\Windows\System32\drivers\pacer.sys - ok
19:02:09.0794 4592 [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6 ] C:\Windows\System32\drivers\serial.sys
19:02:09.0795 4592 C:\Windows\System32\drivers\serial.sys - ok
19:02:09.0798 4592 [ 6A3D66263414FF0D6FA754C646612F3F ] C:\Windows\System32\drivers\vwififlt.sys
19:02:09.0798 4592 C:\Windows\System32\drivers\vwififlt.sys - ok
19:02:09.0801 4592 [ 356AFD78A6ED4457169241AC3965230C ] C:\Windows\System32\drivers\wanarp.sys
19:02:09.0801 4592 C:\Windows\System32\drivers\wanarp.sys - ok
19:02:09.0804 4592 [ 13096B05847EC78F0977F2C0F79E9AB3 ] C:\Windows\System32\drivers\discache.sys
19:02:09.0804 4592 C:\Windows\System32\drivers\discache.sys - ok
19:02:09.0808 4592 [ 0EED230E37515A0EAEE3C2E1BC97B288 ] C:\Windows\System32\drivers\mssmbios.sys
19:02:09.0808 4592 C:\Windows\System32\drivers\mssmbios.sys - ok
19:02:09.0811 4592 [ E7F5AE18AF4168178A642A9247C63001 ] C:\Windows\System32\drivers\nsiproxy.sys
19:02:09.0811 4592 C:\Windows\System32\drivers\nsiproxy.sys - ok
19:02:09.0814 4592 [ 77F665941019A1594D887A74F301FA2F ] C:\Windows\System32\drivers\rdbss.sys
19:02:09.0814 4592 C:\Windows\System32\drivers\rdbss.sys - ok
19:02:09.0817 4592 [ 561E7E1F06895D78DE991E01DD0FB6E5 ] C:\Windows\System32\drivers\termdd.sys
19:02:09.0818 4592 C:\Windows\System32\drivers\termdd.sys - ok
19:02:09.0821 4592 [ 61583EE3C3A17003C4ACD0475646B4D3 ] C:\Windows\System32\drivers\blbdrive.sys
19:02:09.0821 4592 C:\Windows\System32\drivers\blbdrive.sys - ok
19:02:09.0824 4592 [ 54DA3DFD29ED9F1619B6F53F3CE55E49 ] C:\Windows\System32\drivers\csc.sys
19:02:09.0824 4592 C:\Windows\System32\drivers\csc.sys - ok
19:02:09.0827 4592 [ 9BB2EF44EAA163B29C4A4587887A0FE4 ] C:\Windows\System32\drivers\dfsc.sys
19:02:09.0827 4592 C:\Windows\System32\drivers\dfsc.sys - ok
19:02:09.0831 4592 [ 3566A8DAAFA27AF944F5D705EAA64894 ] C:\Windows\System32\drivers\tunnel.sys
19:02:09.0831 4592 C:\Windows\System32\drivers\tunnel.sys - ok
19:02:09.0835 4592 [ 1E56388B3FE0D031C44144EB8C4D6217 ] C:\Windows\System32\drivers\amdppm.sys
19:02:09.0835 4592 C:\Windows\System32\drivers\amdppm.sys - ok
19:02:09.0838 4592 [ CF95B85FF8D128385ABD411C8CA74DED ] C:\Windows\System32\ntdll.dll
19:02:09.0838 4592 C:\Windows\System32\ntdll.dll - ok
19:02:09.0840 4592 [ 1911A3356FA3F77CCC825CCBAC038C2A ] C:\Windows\System32\smss.exe
19:02:09.0840 4592 C:\Windows\System32\smss.exe - ok
19:02:09.0843 4592 [ 3B536A8BEC3B4F23FFDFD78B11A2AB93 ] C:\Windows\System32\autochk.exe
19:02:09.0843 4592 C:\Windows\System32\autochk.exe - ok
19:02:09.0846 4592 [ F6FF8944478594D0E414D3F048F0D778 ] C:\Windows\System32\drivers\wmiacpi.sys
19:02:09.0846 4592 C:\Windows\System32\drivers\wmiacpi.sys - ok
19:02:09.0850 4592 [ 20F3CD38B107C1BD747C0EA37D450165 ] C:\Windows\System32\drivers\atikmpag.sys
19:02:09.0850 4592 C:\Windows\System32\drivers\atikmpag.sys - ok
19:02:09.0853 4592 [ 0611473C1AD9E2D991CD9482068417F7 ] C:\Windows\System32\rpcrt4.dll
19:02:09.0853 4592 C:\Windows\System32\rpcrt4.dll - ok
19:02:09.0856 4592 [ DBF99FD9CAF75CA66D042BD8D050FF71 ] C:\Windows\System32\usp10.dll
19:02:09.0856 4592 C:\Windows\System32\usp10.dll - ok
19:02:09.0859 4592 [ F7CE0C81C545364020ED8203CF0A633E ] C:\Windows\System32\difxapi.dll
19:02:09.0859 4592 C:\Windows\System32\difxapi.dll - ok
19:02:09.0863 4592 [ C391FC68282A000CDF953F8B6B55D2EF ] C:\Windows\System32\msvcrt.dll
19:02:09.0863 4592 C:\Windows\System32\msvcrt.dll - ok
19:02:09.0866 4592 [ 28C0B5024F5C5A438E78B188CFC81B7F ] C:\Windows\System32\normaliz.dll
19:02:09.0866 4592 C:\Windows\System32\normaliz.dll - ok
19:02:09.0869 4592 [ 4E4FFB09D895AA000DD56D1404F69A7E ] C:\Windows\System32\Wldap32.dll
19:02:09.0869 4592 C:\Windows\System32\Wldap32.dll - ok
19:02:09.0872 4592 [ A0F52880DDD164F968BE903C1FECD27E ] C:\Windows\System32\iertutil.dll
19:02:09.0872 4592 C:\Windows\System32\iertutil.dll - ok
19:02:09.0875 4592 [ C431EAF5CAA1C82CAC2534A2EAB348A3 ] C:\Windows\System32\msctf.dll
19:02:09.0875 4592 C:\Windows\System32\msctf.dll - ok
19:02:09.0879 4592 [ A3C0A15B39F979E8F3EABA901D72ECD7 ] C:\Windows\System32\drivers\atikmdag.sys
19:02:09.0879 4592 C:\Windows\System32\drivers\atikmdag.sys - ok
19:02:09.0882 4592 [ F5BEE30450E18E6B83A5012C100616FD ] C:\Windows\System32\drivers\dxgkrnl.sys
19:02:09.0882 4592 C:\Windows\System32\drivers\dxgkrnl.sys - ok
19:02:09.0885 4592 [ 9CD68BDDF322535C02ADC8331013D13D ] C:\Windows\System32\drivers\dxgmms1.sys
19:02:09.0885 4592 C:\Windows\System32\drivers\dxgmms1.sys - ok
19:02:09.0889 4592 [ 97BFED39B6B79EB12CDDBFEED51F56BB ] C:\Windows\System32\drivers\hdaudbus.sys
19:02:09.0889 4592 C:\Windows\System32\drivers\hdaudbus.sys - ok
19:02:09.0892 4592 [ C06B32165E23A72A898B7A89679AD754 ] C:\Windows\System32\oleaut32.dll
19:02:09.0892 4592 C:\Windows\System32\oleaut32.dll - ok
19:02:09.0896 4592 [ 5121DB613E10A46A3C5085B479026AA7 ] C:\Windows\System32\wininet.dll
19:02:09.0896 4592 C:\Windows\System32\wininet.dll - ok
19:02:09.0899 4592 [ 1DBA462CF92D890D8F8E6472E7E8B4B4 ] C:\Windows\System32\urlmon.dll
19:02:09.0899 4592 C:\Windows\System32\urlmon.dll - ok
19:02:09.0902 4592 [ 65C113214F7B05820F6D8A65B1485196 ] C:\Windows\System32\kernel32.dll
19:02:09.0902 4592 C:\Windows\System32\kernel32.dll - ok
19:02:09.0905 4592 [ FE70103391A64039A921DBFFF9C7AB1B ] C:\Windows\System32\user32.dll
19:02:09.0905 4592 C:\Windows\System32\user32.dll - ok
19:02:09.0908 4592 [ 25983DE69B57142039AC8D95E71CD9C9 ] C:\Windows\System32\clbcatq.dll
19:02:09.0908 4592 C:\Windows\System32\clbcatq.dll - ok
19:02:09.0911 4592 [ AA2C08CE85653B1A0D2E4AB407FA176C ] C:\Windows\System32\imm32.dll
19:02:09.0911 4592 C:\Windows\System32\imm32.dll - ok
19:02:09.0915 4592 [ 5D8E6C95156ED1F79A63D1EADE6F9ED5 ] C:\Windows\System32\setupapi.dll
19:02:09.0915 4592 C:\Windows\System32\setupapi.dll - ok
19:02:09.0918 4592 [ D202223587518B13D72D68937B7E3F70 ] C:\Windows\System32\lpk.dll
19:02:09.0918 4592 C:\Windows\System32\lpk.dll - ok
19:02:09.0921 4592 [ D87E1E59C73C1F98D5DED5B3850C40F5 ] C:\Windows\System32\psapi.dll
19:02:09.0921 4592 C:\Windows\System32\psapi.dll - ok
19:02:09.0924 4592 [ C6689007B3A749C49A5438DCF36E0CE4 ] C:\Windows\System32\shell32.dll
19:02:09.0924 4592 C:\Windows\System32\shell32.dll - ok
19:02:09.0925 4592 [ 044FE45FFD6AD40E3BBBE60B7F41BABE ] C:\Windows\System32\nsi.dll
19:02:09.0925 4592 C:\Windows\System32\nsi.dll - ok
19:02:09.0925 4592 [ 6C60B5ACA7442EFB794082CDACFC001C ] C:\Windows\System32\ole32.dll
19:02:09.0925 4592 C:\Windows\System32\ole32.dll - ok
19:02:09.0925 4592 [ 4BBFA57F594F7E8A8EDC8F377184C3F0 ] C:\Windows\System32\ws2_32.dll
19:02:09.0925 4592 C:\Windows\System32\ws2_32.dll - ok
19:02:09.0925 4592 [ 6DF46D2BD74E3DA1B45F08F10D172732 ] C:\Windows\System32\advapi32.dll
19:02:09.0925 4592 C:\Windows\System32\advapi32.dll - ok
19:02:09.0925 4592 [ A1BE6A720D02E37F72E9CD89AE9CB3CF ] C:\Windows\System32\imagehlp.dll
19:02:09.0925 4592 C:\Windows\System32\imagehlp.dll - ok
19:02:09.0941 4592 [ 9835E63E09F824D22B689D2BB789BAB9 ] C:\Windows\System32\comdlg32.dll
19:02:09.0941 4592 C:\Windows\System32\comdlg32.dll - ok
19:02:09.0941 4592 [ 1084AA52CCC324EA54C7121FA24C2221 ] C:\Windows\System32\gdi32.dll
19:02:09.0941 4592 C:\Windows\System32\gdi32.dll - ok
19:02:09.0941 4592 [ 83404DCBCE4925B6A5A77C5170F46D86 ] C:\Windows\System32\sechost.dll
19:02:09.0941 4592 C:\Windows\System32\sechost.dll - ok
19:02:09.0941 4592 [ 12EE6FE9268CEE6D90FDCCBF89236C65 ] C:\Windows\System32\crypt32.dll
19:02:09.0941 4592 C:\Windows\System32\crypt32.dll - ok
19:02:09.0941 4592 [ EAF32CB8C1F810E4715B4DFBE785C7FF ] C:\Windows\System32\shlwapi.dll
19:02:09.0941 4592 C:\Windows\System32\shlwapi.dll - ok
19:02:09.0957 4592 [ 14DFDEAF4E589ED3F1FF187A86B9408C ] C:\Windows\System32\comctl32.dll
19:02:09.0957 4592 C:\Windows\System32\comctl32.dll - ok
19:02:09.0957 4592 [ 2477A28081BDAEE622CF045ACF8EE124 ] C:\Windows\System32\cfgmgr32.dll
19:02:09.0957 4592 C:\Windows\System32\cfgmgr32.dll - ok
19:02:09.0957 4592 [ 1F56F209585F350A5666E3CC7931FD67 ] C:\Windows\System32\KernelBase.dll
19:02:09.0957 4592 C:\Windows\System32\KernelBase.dll - ok
19:02:09.0957 4592 [ AA06902362B1422D7A7DA7061E07C624 ] C:\Windows\System32\wintrust.dll
19:02:09.0957 4592 C:\Windows\System32\wintrust.dll - ok
19:02:09.0972 4592 [ 06FEC9E8117103BB1141A560E98077DA ] C:\Windows\System32\devobj.dll
19:02:09.0972 4592 C:\Windows\System32\devobj.dll - ok
19:02:09.0972 4592 [ 884415BD4269C02EAF8E2613BF85500D ] C:\Windows\System32\msasn1.dll
19:02:09.0972 4592 C:\Windows\System32\msasn1.dll - ok
19:02:09.0972 4592 [ 9C278785347BCC991F8EA2999D90F58D ] C:\Windows\SysWOW64\normaliz.dll
19:02:09.0972 4592 C:\Windows\SysWOW64\normaliz.dll - ok
19:02:09.0972 4592 [ 49BBEC6F48D5F9284B03ABF3A959B19B ] C:\Windows\System32\drivers\nusb3xhc.sys
19:02:09.0972 4592 C:\Windows\System32\drivers\nusb3xhc.sys - ok
19:02:09.0972 4592 [ ABCB5A38A0D85BDF69B7877E1AD1EED5 ] C:\Windows\System32\drivers\Rt64win7.sys
19:02:09.0972 4592 C:\Windows\System32\drivers\Rt64win7.sys - ok
19:02:09.0988 4592 [ CCA2AB1752A61F29C3C941CD79D78CEA ] C:\Windows\System32\drivers\usbd.sys
19:02:09.0988 4592 C:\Windows\System32\drivers\usbd.sys - ok
19:02:09.0988 4592 [ D66596DB0A0739A89C25B590CE36D628 ] C:\Windows\System32\drivers\netr28x.sys
19:02:09.0988 4592 C:\Windows\System32\drivers\netr28x.sys - ok
19:02:09.0988 4592 [ C025055FE7B87701EB042095DF1A2D7B ] C:\Windows\System32\drivers\usbehci.sys
19:02:09.0988 4592 C:\Windows\System32\drivers\usbehci.sys - ok
19:02:09.0988 4592 [ 9840FC418B4CBD632D3D0A667A725C31 ] C:\Windows\System32\drivers\usbohci.sys
19:02:09.0988 4592 C:\Windows\System32\drivers\usbohci.sys - ok
19:02:09.0988 4592 [ AE259C75F9A0B057B6BF9E9695632B09 ] C:\Windows\System32\drivers\usbport.sys
19:02:09.0988 4592 C:\Windows\System32\drivers\usbport.sys - ok
19:02:10.0003 4592 [ A87D604AEA360176311474C87A63BB88 ] C:\Windows\System32\drivers\1394ohci.sys
19:02:10.0003 4592 C:\Windows\System32\drivers\1394ohci.sys - ok
19:02:10.0003 4592 [ 7ECFF9B22276B73F43A99A15A6094E90 ] C:\Windows\System32\drivers\agilevpn.sys
19:02:10.0003 4592 C:\Windows\System32\drivers\agilevpn.sys - ok
19:02:10.0003 4592 [ 03EDB043586CCEBA243D689BDDA370A8 ] C:\Windows\System32\drivers\CompositeBus.sys
19:02:10.0003 4592 C:\Windows\System32\drivers\CompositeBus.sys - ok
19:02:10.0003 4592 [ D765D19CD8EF61F650C384F62FAC00AB ] C:\Windows\System32\drivers\fdc.sys
19:02:10.0003 4592 C:\Windows\System32\drivers\fdc.sys - ok
19:02:10.0003 4592 [ CB624C0035412AF0DEBEC78C41F5CA1B ] C:\Windows\System32\drivers\serenum.sys
19:02:10.0003 4592 C:\Windows\System32\drivers\serenum.sys - ok
19:02:10.0019 4592 [ 36D4720B72B5C5D9CB2B9C29E9DF67A1 ] C:\Windows\System32\drivers\vwifibus.sys
19:02:10.0019 4592 C:\Windows\System32\drivers\vwifibus.sys - ok
19:02:10.0019 4592 [ 30639C932D9FEF22B31268FE25A1B6E5 ] C:\Windows\System32\drivers\ndistapi.sys
19:02:10.0019 4592 C:\Windows\System32\drivers\ndistapi.sys - ok
19:02:10.0019 4592 [ 53F7305169863F0A2BDDC49E116C2E11 ] C:\Windows\System32\drivers\ndiswan.sys
19:02:10.0019 4592 C:\Windows\System32\drivers\ndiswan.sys - ok
19:02:10.0019 4592 [ 471815800AE33E6F1C32FB1B97C490CA ] C:\Windows\System32\drivers\rasl2tp.sys
19:02:10.0019 4592 C:\Windows\System32\drivers\rasl2tp.sys - ok
19:02:10.0019 4592 [ 855C9B1CD4756C5E9A2AA58A15F58C25 ] C:\Windows\System32\drivers\raspppoe.sys
19:02:10.0019 4592 C:\Windows\System32\drivers\raspppoe.sys - ok
19:02:10.0035 4592 [ F92A2C41117A11A00BE01CA01A7FCDE9 ] C:\Windows\System32\drivers\raspptp.sys
19:02:10.0035 4592 C:\Windows\System32\drivers\raspptp.sys - ok
19:02:10.0035 4592 [ E8B1E447B008D07FF47D016C2B0EEECB ] C:\Windows\System32\drivers\rassstp.sys
19:02:10.0035 4592 C:\Windows\System32\drivers\rassstp.sys - ok
19:02:10.0035 4592 [ 302DA2A0539F2CF54D7C6CC30C1F2D8D ] C:\Windows\System32\drivers\rdpbus.sys
19:02:10.0035 4592 C:\Windows\System32\drivers\rdpbus.sys - ok
19:02:10.0035 4592 [ BC02336F1CBA7DCC7D1213BB588A68A5 ] C:\Windows\System32\drivers\kbdclass.sys
19:02:10.0035 4592 C:\Windows\System32\drivers\kbdclass.sys - ok
19:02:10.0035 4592 [ 24FBF5CC5C04150073C315A7C83521EE ] C:\Windows\System32\drivers\ks.sys
19:02:10.0035 4592 C:\Windows\System32\drivers\ks.sys - ok
19:02:10.0050 4592 [ FA529FB35694C24BF98A9EF67C1CD9D0 ] C:\Windows\System32\drivers\LGBusEnum.sys
19:02:10.0050 4592 C:\Windows\System32\drivers\LGBusEnum.sys - ok
19:02:10.0050 4592 [ 7D27EA49F3C1F687D357E77A470AEA99 ] C:\Windows\System32\drivers\mouclass.sys
19:02:10.0050 4592 C:\Windows\System32\drivers\mouclass.sys - ok
19:02:10.0050 4592 [ D01EC09B6711A5F8E7E6564A4D0FBC90 ] C:\Windows\System32\drivers\swenum.sys
19:02:10.0050 4592 C:\Windows\System32\drivers\swenum.sys - ok
19:02:10.0050 4592 [ DC54A574663A895C8763AF0FA1FF7561 ] C:\Windows\System32\drivers\umbus.sys
19:02:10.0050 4592 C:\Windows\System32\drivers\umbus.sys - ok
19:02:10.0066 4592 [ 287C6C9410B111B68B52CA298F7B8C24 ] C:\Windows\System32\drivers\usbhub.sys
19:02:10.0066 4592 C:\Windows\System32\drivers\usbhub.sys - ok
19:02:10.0066 4592 [ C172A0F53008EAEB8EA33FE10E177AF5 ] C:\Windows\System32\drivers\flpydisk.sys
19:02:10.0066 4592 C:\Windows\System32\drivers\flpydisk.sys - ok
19:02:10.0066 4592 [ 015C0D8E0E0421B4CFD48CFFE2825879 ] C:\Windows\System32\drivers\ndproxy.sys
19:02:10.0066 4592 C:\Windows\System32\drivers\ndproxy.sys - ok
19:02:10.0066 4592 [ B0790FF0E25B7A2674296052F2162C1A ] C:\Windows\System32\drivers\AtihdW76.sys
19:02:10.0066 4592 C:\Windows\System32\drivers\AtihdW76.sys - ok
19:02:10.0066 4592 [ 21D26064AEDB4988F785BB4A3A2C051E ] C:\Windows\System32\drivers\drmk.sys
19:02:10.0066 4592 C:\Windows\System32\drivers\drmk.sys - ok
19:02:10.0081 4592 [ 32E11315B5126921FFD9074840EF13D3 ] C:\Windows\System32\drivers\portcls.sys
19:02:10.0081 4592 C:\Windows\System32\drivers\portcls.sys - ok
19:02:10.0081 4592 [ 975761C778E33CD22498059B91E7373A ] C:\Windows\System32\drivers\HdAudio.sys
19:02:10.0081 4592 C:\Windows\System32\drivers\HdAudio.sys - ok
19:02:10.0081 4592 [ 6869281E78CB31A43E969F06B57347C4 ] C:\Windows\System32\drivers\ksthunk.sys
19:02:10.0081 4592 C:\Windows\System32\drivers\ksthunk.sys - ok
19:02:10.0081 4592 [ BF24D6F2ED97FE830BFD52B246F98E67 ] C:\Windows\System32\drivers\dxapi.sys
19:02:10.0081 4592 C:\Windows\System32\drivers\dxapi.sys - ok
19:02:10.0081 4592 [ 523B9B64F2B6C630A2E0A87116C05F12 ] C:\Windows\System32\win32k.sys
19:02:10.0081 4592 C:\Windows\System32\win32k.sys - ok
19:02:10.0097 4592 [ BA0CD8C393E8C9F83354106093832C7B ] C:\Windows\System32\basesrv.dll
19:02:10.0097 4592 C:\Windows\System32\basesrv.dll - ok
19:02:10.0097 4592 [ 1C97E1FC0C78A00B0779B28DD953D21D ] C:\Windows\System32\cmdcsr.dll
19:02:10.0097 4592 C:\Windows\System32\cmdcsr.dll - ok
19:02:10.0097 4592 [ 96F587CA26A6AA894BD8CACE4540CFFC ] C:\Windows\System32\csrsrv.dll
19:02:10.0097 4592 C:\Windows\System32\csrsrv.dll - ok
19:02:10.0097 4592 [ 60C2862B4BF0FD9F582EF344C2B1EC72 ] C:\Windows\System32\csrss.exe
19:02:10.0097 4592 C:\Windows\System32\csrss.exe - ok
19:02:10.0097 4592 [ 9E479C2B605C25DA4971ABA36250FAEF ] C:\Windows\System32\winsrv.dll
19:02:10.0097 4592 C:\Windows\System32\winsrv.dll - ok
19:02:10.0113 4592 [ 6F1A3157A1C89435352CEB543CDB359C ] C:\Windows\System32\drivers\usbccgp.sys
19:02:10.0113 4592 C:\Windows\System32\drivers\usbccgp.sys - ok
19:02:10.0113 4592 [ 8B0E40E7E8BBF5ACF390465609D89FF1 ] C:\Windows\System32\drivers\hidclass.sys
19:02:10.0113 4592 C:\Windows\System32\drivers\hidclass.sys - ok
19:02:10.0113 4592 [ 49EE2E52E6CD03947DAD72F65367BE06 ] C:\Windows\System32\drivers\hidparse.sys
19:02:10.0113 4592 C:\Windows\System32\drivers\hidparse.sys - ok
19:02:10.0113 4592 [ 9592090A7E2B61CD582B612B6DF70536 ] C:\Windows\System32\drivers\hidusb.sys
19:02:10.0113 4592 C:\Windows\System32\drivers\hidusb.sys - ok
19:02:10.0113 4592 [ F7205E939F50B1C8D16F895916BE6756 ] C:\Windows\System32\drivers\LGSHidFilt.Sys
19:02:10.0113 4592 C:\Windows\System32\drivers\LGSHidFilt.Sys - ok
19:02:10.0128 4592 [ 0705EFF5B42A9DB58548EEC3B26BB484 ] C:\Windows\System32\drivers\kbdhid.sys
19:02:10.0128 4592 C:\Windows\System32\drivers\kbdhid.sys - ok
19:02:10.0128 4592 [ D3BF052C40B0C4166D9FD86A4288C1E6 ] C:\Windows\System32\drivers\mouhid.sys
19:02:10.0128 4592 C:\Windows\System32\drivers\mouhid.sys - ok
19:02:10.0128 4592 [ BB590070D606AE6F008341FC9A7B2AD7 ] C:\Windows\System32\drivers\nx6000.sys
19:02:10.0128 4592 C:\Windows\System32\drivers\nx6000.sys - ok
19:02:10.0128 4592 [ 82E8F44688E6FAC57B5B7C6FC7ADBC2A ] C:\Windows\System32\drivers\USBAUDIO.sys
19:02:10.0128 4592 C:\Windows\System32\drivers\USBAUDIO.sys - ok
19:02:10.0128 4592 [ 454800C2BC7F3927CE030141EE4F4C50 ] C:\Windows\System32\drivers\usbvideo.sys
19:02:10.0128 4592 C:\Windows\System32\drivers\usbvideo.sys - ok
19:02:10.0144 4592 [ B03D591DC7DA45ECE20B3B467E6AADAA ] C:\Windows\System32\drivers\monitor.sys
19:02:10.0144 4592 C:\Windows\System32\drivers\monitor.sys - ok
19:02:10.0144 4592 [ D6160F9D869BA3AF0B787F971DB56368 ] C:\Windows\System32\sxssrv.dll
19:02:10.0144 4592 C:\Windows\System32\sxssrv.dll - ok
19:02:10.0144 4592 [ F29FE765E1448EF371CFE05BFAC74ADB ] C:\Windows\System32\tsddd.dll
19:02:10.0144 4592 C:\Windows\System32\tsddd.dll - ok
19:02:10.0144 4592 [ 94355C28C1970635A31B3FE52EB7CEBA ] C:\Windows\System32\wininit.exe
19:02:10.0144 4592 C:\Windows\System32\wininit.exe - ok
19:02:10.0144 4592 [ F3D202F53A222D5F6944D459B73CF967 ] C:\Windows\System32\fltLib.dll
19:02:10.0144 4592 C:\Windows\System32\fltLib.dll - ok
19:02:10.0159 4592 [ D629AA05580D75664FCCE4668901D594 ] C:\Windows\System32\guard64.dll
19:02:10.0159 4592 C:\Windows\System32\guard64.dll - ok
19:02:10.0159 4592 [ 2C942733A5983DD4502219FF37C7EBC7 ] C:\Windows\System32\profapi.dll
19:02:10.0159 4592 C:\Windows\System32\profapi.dll - ok
19:02:10.0159 4592 [ 05569A79BF4693670B709144382D02D4 ] C:\Windows\System32\cdd.dll
19:02:10.0159 4592 C:\Windows\System32\cdd.dll - ok
19:02:10.0159 4592 [ 78523A26F5604C0568FE9D1CE86E36F4 ] C:\Windows\System32\KBDUS.DLL
19:02:10.0159 4592 C:\Windows\System32\KBDUS.DLL - ok
19:02:10.0159 4592 [ C2A8CB1275ECB85D246A9ECC02A728E3 ] C:\Windows\System32\RpcRtRemote.dll
19:02:10.0159 4592 C:\Windows\System32\RpcRtRemote.dll - ok
19:02:10.0175 4592 [ 9CEAD32E79A62150FE9F8557E58E008B ] C:\Windows\System32\sxs.dll
19:02:10.0175 4592 C:\Windows\System32\sxs.dll - ok
19:02:10.0175 4592 [ B26B1801356760841C3BC69F9F91537F ] C:\Windows\System32\WlS0WndH.dll
19:02:10.0175 4592 C:\Windows\System32\WlS0WndH.dll - ok
19:02:10.0175 4592 [ 784FA3DF338E2E8F5F0389D6FAC428AF ] C:\Windows\System32\cryptbase.dll
19:02:10.0175 4592 C:\Windows\System32\cryptbase.dll - ok
19:02:10.0175 4592 [ FED648B01349A3C8395A5169DB5FB7D6 ] C:\Windows\System32\drivers\USBSTOR.SYS
19:02:10.0175 4592 C:\Windows\System32\drivers\USBSTOR.SYS - ok
19:02:10.0175 4592 [ 90499F3163A9F815CF196A205EA3CD5D ] C:\Windows\System32\apphelp.dll
19:02:10.0175 4592 C:\Windows\System32\apphelp.dll - ok
19:02:10.0191 4592 [ C118A82CD78818C29AB228366EBF81C3 ] C:\Windows\System32\lsass.exe
19:02:10.0191 4592 C:\Windows\System32\lsass.exe - ok
19:02:10.0191 4592 [ 9662EE182644511439F1C53745DC1C88 ] C:\Windows\System32\lsm.exe
19:02:10.0191 4592 C:\Windows\System32\lsm.exe - ok
19:02:10.0191 4592 [ 24ACB7E5BE595468E3B9AA488B9B4FCB ] C:\Windows\System32\services.exe
19:02:10.0191 4592 C:\Windows\System32\services.exe - ok
19:02:10.0191 4592 [ B66BC8B20B7F33975865B1DF99783FD8 ] C:\Windows\System32\sspicli.dll
19:02:10.0191 4592 C:\Windows\System32\sspicli.dll - ok
19:02:10.0191 4592 [ 3A0CE5FE781708CD6ABD55313607EC8B ] C:\Windows\System32\sspisrv.dll
19:02:10.0191 4592 C:\Windows\System32\sspisrv.dll - ok
19:02:10.0206 4592 [ 68083118797CAF30FB2EA3E71494D67E ] C:\Windows\System32\sysntfy.dll
19:02:10.0206 4592 C:\Windows\System32\sysntfy.dll - ok
19:02:10.0206 4592 [ DEE7267C5D232A3B816866872CE199E6 ] C:\Windows\System32\wmsgapi.dll
19:02:10.0206 4592 C:\Windows\System32\wmsgapi.dll - ok
19:02:10.0206 4592 [ 685527DA09EBFB681E98C515978BDEE2 ] C:\Windows\System32\lsasrv.dll
19:02:10.0206 4592 C:\Windows\System32\lsasrv.dll - ok
19:02:10.0206 4592 [ 4B78B431F225FD8624C5655CB1DE7B61 ] C:\Windows\System32\aelupsvc.dll
19:02:10.0206 4592 C:\Windows\System32\aelupsvc.dll - ok
19:02:10.0206 4592 [ A744BA6E04C8AA4592818178DBF89521 ] C:\Windows\System32\samsrv.dll
19:02:10.0206 4592 C:\Windows\System32\samsrv.dll - ok
19:02:10.0222 4592 [ BBCDF350817BA86416C0F06B6981BE8D ] C:\Windows\System32\scesrv.dll
19:02:10.0222 4592 C:\Windows\System32\scesrv.dll - ok
19:02:10.0222 4592 [ E914A50A151DFFE63D3935226DB5E2C1 ] C:\Windows\System32\scext.dll
19:02:10.0222 4592 C:\Windows\System32\scext.dll - ok
19:02:10.0222 4592 [ 0144D8D75A0B12938AEEE859E3310A46 ] C:\Windows\System32\secur32.dll
19:02:10.0222 4592 C:\Windows\System32\secur32.dll - ok
19:02:10.0222 4592 [ 3A9C9BAF610B0DD4967086040B3B62A9 ] C:\Windows\System32\srvcli.dll
19:02:10.0222 4592 C:\Windows\System32\srvcli.dll - ok
19:02:10.0222 4592 [ 3290D6946B5E30E70414990574883DDB ] C:\Windows\System32\alg.exe
19:02:10.0222 4592 C:\Windows\System32\alg.exe - ok
19:02:10.0237 4592 [ 0BC381A15355A3982216F7172F545DE1 ] C:\Windows\System32\appidsvc.dll
19:02:10.0237 4592 C:\Windows\System32\appidsvc.dll - ok
19:02:10.0237 4592 [ 3977D4A871CA0D4F2ED1E7DB46829731 ] C:\Windows\System32\appinfo.dll
19:02:10.0237 4592 C:\Windows\System32\appinfo.dll - ok
19:02:10.0237 4592 [ 4ABA3E75A76195A3E38ED2766C962899 ] C:\Windows\System32\appmgmts.dll
19:02:10.0237 4592 C:\Windows\System32\appmgmts.dll - ok
19:02:10.0237 4592 [ 7FBEBD2229EA5FD48D41B199EC2D541C ] C:\Windows\System32\authz.dll
19:02:10.0237 4592 C:\Windows\System32\authz.dll - ok
19:02:10.0237 4592 [ 86FE1B1F8FD42CD0DB641AB1CDB13093 ] C:\Windows\System32\cngaudit.dll
19:02:10.0237 4592 C:\Windows\System32\cngaudit.dll - ok
19:02:10.0253 4592 [ 3A061472B38233BAFF9CFEFF2E49C46B ] C:\Windows\System32\cryptdll.dll
19:02:10.0253 4592 C:\Windows\System32\cryptdll.dll - ok
19:02:10.0253 4592 [ 3D6AF45673C4B31CDECD7F80AF09D443 ] C:\Windows\System32\rascfg.dll
19:02:10.0253 4592 C:\Windows\System32\rascfg.dll - ok
19:02:10.0253 4592 [ 3C073B0C596A0AF84933E7406766B040 ] C:\Windows\System32\wevtapi.dll
19:02:10.0253 4592 C:\Windows\System32\wevtapi.dll - ok
19:02:10.0253 4592 [ F23FEF6D569FCE88671949894A8BECF1 ] C:\Windows\System32\audiosrv.dll
19:02:10.0253 4592 C:\Windows\System32\audiosrv.dll - ok
19:02:10.0253 4592 [ A6BF31A71B409DFA8CAC83159E1E2AFF ] C:\Windows\System32\AxInstSv.dll
19:02:10.0253 4592 C:\Windows\System32\AxInstSv.dll - ok
19:02:10.0269 4592 [ B9A95365E52F421A20E1501935FADDA5 ] C:\Windows\System32\bcrypt.dll
19:02:10.0269 4592 C:\Windows\System32\bcrypt.dll - ok
19:02:10.0269 4592 [ FDE360167101B4E45A96F939F388AEB0 ] C:\Windows\System32\bdesvc.dll
19:02:10.0269 4592 C:\Windows\System32\bdesvc.dll - ok
19:02:10.0269 4592 [ 02B64609F865A39365FF88580DF11738 ] C:\Windows\System32\msprivs.dll
19:02:10.0269 4592 C:\Windows\System32\msprivs.dll - ok
19:02:10.0269 4592 [ 5F3307352216618221A17CFEF273EEE2 ] C:\Windows\System32\ncrypt.dll
19:02:10.0269 4592 C:\Windows\System32\ncrypt.dll - ok
19:02:10.0269 4592 [ C6505DE3561537BA1004D638C2F93F2F ] C:\Windows\System32\netjoin.dll
19:02:10.0269 4592 C:\Windows\System32\netjoin.dll - ok
19:02:10.0284 4592 [ 82974D6A2FD19445CC5171FC378668A4 ] C:\Windows\System32\BFE.DLL
19:02:10.0284 4592 C:\Windows\System32\BFE.DLL - ok
19:02:10.0284 4592 [ D0C2FBB6D97416B0166478FC7AE2B212 ] C:\Windows\System32\cryptsp.dll
19:02:10.0284 4592 C:\Windows\System32\cryptsp.dll - ok
19:02:10.0284 4592 [ 44E1A196DFCB53B01FE4B855C3B56A15 ] C:\Windows\System32\kerberos.dll
19:02:10.0284 4592 C:\Windows\System32\kerberos.dll - ok
19:02:10.0284 4592 [ 50532FCD7ECF02DD169CE5C485F02534 ] C:\Windows\System32\negoexts.dll
19:02:10.0284 4592 C:\Windows\System32\negoexts.dll - ok
19:02:10.0284 4592 [ 1EA7969E3271CBC59E1730697DC74682 ] C:\Windows\System32\qmgr.dll
19:02:10.0284 4592 C:\Windows\System32\qmgr.dll - ok
19:02:10.0300 4592 [ 05F5A0D14A2EE1D8255C2AA0E9E8E694 ] C:\Windows\System32\browser.dll
19:02:10.0300 4592 C:\Windows\System32\browser.dll - ok
19:02:10.0300 4592 [ 95F9C2976059462CBBF227F7AAB10DE9 ] C:\Windows\System32\bthserv.dll
19:02:10.0300 4592 C:\Windows\System32\bthserv.dll - ok
19:02:10.0300 4592 [ EF12B8385AA2849999008A977918F96B ] C:\Windows\System32\msv1_0.dll
19:02:10.0300 4592 C:\Windows\System32\msv1_0.dll - ok
19:02:10.0300 4592 [ 1D5185A4C7E6695431AE4B55C3D7D333 ] C:\Windows\System32\mswsock.dll
19:02:10.0300 4592 C:\Windows\System32\mswsock.dll - ok
19:02:10.0300 4592 [ AA339DD8BB128EF66660DFBBB59043D3 ] C:\Windows\System32\netlogon.dll
19:02:10.0300 4592 C:\Windows\System32\netlogon.dll - ok
19:02:10.0315 4592 [ EC7CBFF96B05ECF3D366355B3C64ADCF ] C:\Windows\System32\wship6.dll
19:02:10.0315 4592 C:\Windows\System32\wship6.dll - ok
19:02:10.0315 4592 [ F17D1D393BBC69C5322FBFAFACA28C7F ] C:\Windows\System32\certprop.dll
19:02:10.0315 4592 C:\Windows\System32\certprop.dll - ok
19:02:10.0315 4592 [ FE1EC06F2253F691FE36217C592A0206 ] C:\Windows\System32\clfs.sys
19:02:10.0315 4592 C:\Windows\System32\clfs.sys - ok
19:02:10.0315 4592 [ 1A47D52E303B7543E4E6026595B95422 ] C:\Windows\System32\comres.dll
19:02:10.0315 4592 C:\Windows\System32\comres.dll - ok
19:02:10.0315 4592 [ 492D07D79E7024CA310867B526D9636D ] C:\Windows\System32\dnsapi.dll
19:02:10.0315 4592 C:\Windows\System32\dnsapi.dll - ok
19:02:10.0331 4592 [ 8FFE297B8449386E7B6851458B6E474E ] C:\Windows\System32\logoncli.dll
19:02:10.0331 4592 C:\Windows\System32\logoncli.dll - ok
19:02:10.0331 4592 [ B7D42CB36C08FA017E73FF2433CD7287 ] C:\Windows\System32\schannel.dll
19:02:10.0331 4592 C:\Windows\System32\schannel.dll - ok
19:02:10.0331 4592 [ 95FB6CA4374E343DDD653FCC43F9D26B ] C:\Windows\System32\wdigest.dll
19:02:10.0331 4592 C:\Windows\System32\wdigest.dll - ok
19:02:10.0331 4592 [ D6C7780A364C6BBACFA796BAB9F1B374 ] C:\Windows\System32\bcryptprimitives.dll
19:02:10.0331 4592 C:\Windows\System32\bcryptprimitives.dll - ok
19:02:10.0347 4592 [ 9C01375BE382E834CC26D1B7EAF2C4FE ] C:\Windows\System32\cryptsvc.dll
19:02:10.0347 4592 C:\Windows\System32\cryptsvc.dll - ok
19:02:10.0347 4592 [ 3AB183AB4D2C79DCF459CD2C1266B043 ] C:\Windows\System32\cscsvc.dll
19:02:10.0347 4592 C:\Windows\System32\cscsvc.dll - ok
19:02:10.0347 4592 [ E08088A97F95345E181C3DFCE2C615EF ] C:\Windows\System32\pku2u.dll
19:02:10.0347 4592 C:\Windows\System32\pku2u.dll - ok
19:02:10.0347 4592 [ 5D8874A8C11DDDDE29E12DE0E2013493 ] C:\Windows\System32\rsaenh.dll
19:02:10.0347 4592 C:\Windows\System32\rsaenh.dll - ok
19:02:10.0347 4592 [ 8A25506B6948EFBD5A7F37E53CCD36D9 ] C:\Windows\System32\TSpkg.dll
19:02:10.0347 4592 C:\Windows\System32\TSpkg.dll - ok
19:02:10.0362 4592 [ 52D3D5E3586988D4D9E34ACAAC33105C ] C:\Windows\System32\credssp.dll
19:02:10.0362 4592 C:\Windows\System32\credssp.dll - ok
19:02:10.0362 4592 [ 43D808F5D9E1A18E5EEB5EBC83969E4E ] C:\Windows\System32\dhcpcore.dll
19:02:10.0362 4592 C:\Windows\System32\dhcpcore.dll - ok
19:02:10.0362 4592 [ B1FB3DDCA0FDF408750D5843591AFBC6 ] C:\Windows\System32\dot3svc.dll
19:02:10.0362 4592 C:\Windows\System32\dot3svc.dll - ok
19:02:10.0362 4592 [ 90BDEFC5DF334E5100EAA781D798DE1A ] C:\Windows\System32\efslsaext.dll
19:02:10.0362 4592 C:\Windows\System32\efslsaext.dll - ok
19:02:10.0362 4592 [ 732E668096B1A37B7BFD4B9021E69A8E ] C:\Windows\System32\oleres.dll
19:02:10.0362 4592 C:\Windows\System32\oleres.dll - ok
19:02:10.0362 4592 [ ED78427259134C63ED69804D2132B86C ] C:\Windows\System32\scecli.dll
19:02:10.0362 4592 C:\Windows\System32\scecli.dll - ok
19:02:10.0378 4592 [ C4002B6B41975F057D98C439030CEA07 ] C:\Windows\ehome\ehrecvr.exe
19:02:10.0378 4592 C:\Windows\ehome\ehrecvr.exe - ok
19:02:10.0378 4592 [ B26F4F737E8F9DF4F31AF6CF31D05820 ] C:\Windows\System32\dps.dll
19:02:10.0378 4592 C:\Windows\System32\dps.dll - ok
19:02:10.0378 4592 [ E2DDA8726DA9CB5B2C4000C9018A9633 ] C:\Windows\System32\eapsvc.dll
19:02:10.0378 4592 C:\Windows\System32\eapsvc.dll - ok
19:02:10.0378 4592 [ 0C043B0ABBB5E14E68906AB80365395B ] C:\Windows\System32\efssvc.dll
19:02:10.0378 4592 C:\Windows\System32\efssvc.dll - ok
19:02:10.0378 4592 [ 4705E8EF9934482C5BB488CE28AFC681 ] C:\Windows\ehome\ehsched.exe
19:02:10.0378 4592 C:\Windows\ehome\ehsched.exe - ok
19:02:10.0393 4592 [ 6011714C8C5C55CBFFAD24D61E879FBD ] C:\Windows\System32\wevtsvc.dll
19:02:10.0393 4592 C:\Windows\System32\wevtsvc.dll - ok
19:02:10.0393 4592 [ C8E8B8239FCF17BEA10E751BE5854631 ] C:\Windows\System32\FXSRESM.dll
19:02:10.0393 4592 C:\Windows\System32\FXSRESM.dll - ok
19:02:10.0393 4592 [ 655661BE46B5F5F3FD454E2C3095B930 ] C:\Windows\System32\drivers\fileinfo.sys
19:02:10.0393 4592 C:\Windows\System32\drivers\fileinfo.sys - ok
19:02:10.0393 4592 [ 5F671AB5BC87EEA04EC38A6CD5962A47 ] C:\Windows\System32\drivers\filetrace.sys
19:02:10.0393 4592 C:\Windows\System32\drivers\filetrace.sys - ok
19:02:10.0393 4592 [ DA6B67270FD9DB3697B20FCE94950741 ] C:\Windows\System32\drivers\fltMgr.sys
19:02:10.0393 4592 C:\Windows\System32\drivers\fltMgr.sys - ok
19:02:10.0409 4592 [ 0438CAB2E03F4FB61455A7956026FE86 ] C:\Windows\System32\fdPHost.dll
19:02:10.0409 4592 C:\Windows\System32\fdPHost.dll - ok
19:02:10.0409 4592 [ 802496CB59A30349F9A6DD22D6947644 ] C:\Windows\System32\FDResPub.dll
19:02:10.0409 4592 C:\Windows\System32\FDResPub.dll - ok
19:02:10.0409 4592 [ 5C4CB4086FB83115B153E47ADD961A0C ] C:\Windows\System32\FntCache.dll
19:02:10.0409 4592 C:\Windows\System32\FntCache.dll - ok
19:02:10.0409 4592 [ 8A1846C0817513AD18BA48B4427771FC ] C:\Windows\System32\PresentationHost.exe
19:02:10.0409 4592 C:\Windows\System32\PresentationHost.exe - ok
19:02:10.0409 4592 [ D43703496149971890703B4B1B723EAC ] C:\Windows\System32\drivers\fsdepends.sys
19:02:10.0409 4592 C:\Windows\System32\drivers\fsdepends.sys - ok
19:02:10.0425 4592 [ 1F7B25B858FA27015169FE95E54108ED ] C:\Windows\System32\drivers\fvevol.sys
19:02:10.0425 4592 C:\Windows\System32\drivers\fvevol.sys - ok
19:02:10.0425 4592 [ 9C9307C95671AC962F3D6EB3A4A89BAE ] C:\Windows\System32\gpapi.dll
19:02:10.0425 4592 C:\Windows\System32\gpapi.dll - ok
19:02:10.0425 4592 [ BD9EB3958F213F96B97B1D897DEE006D ] C:\Windows\System32\hidserv.dll
19:02:10.0425 4592 C:\Windows\System32\hidserv.dll - ok
19:02:10.0425 4592 [ 387E72E739E15E3D37907A86D9FF98E2 ] C:\Windows\System32\KMSVC.DLL
19:02:10.0425 4592 C:\Windows\System32\KMSVC.DLL - ok
19:02:10.0425 4592 [ EFDFB3DD38A4376F93E7985173813ABD ] C:\Windows\System32\ListSvc.dll
19:02:10.0425 4592 C:\Windows\System32\ListSvc.dll - ok
19:02:10.0440 4592 [ B9E2DAF71E44626011D70B4889171504 ] C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\ServiceModelInstallRC.dll
19:02:10.0440 4592 C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\ServiceModelInstallRC.dll - ok
19:02:10.0440 4592 [ 0EA7DE1ACB728DD5A369FD742D6EEE28 ] C:\Windows\System32\drivers\http.sys
19:02:10.0440 4592 C:\Windows\System32\drivers\http.sys - ok
19:02:10.0440 4592 [ A5462BD6884960C9DC85ED49D34FF392 ] C:\Windows\System32\drivers\hwpolicy.sys
19:02:10.0440 4592 C:\Windows\System32\drivers\hwpolicy.sys - ok
19:02:10.0440 4592 [ FCD84C381E0140AF901E58D48882D26B ] C:\Windows\System32\IKEEXT.DLL
19:02:10.0440 4592 C:\Windows\System32\IKEEXT.DLL - ok
19:02:10.0456 4592 [ 908ACB1F594274965A53926B10C81E89 ] C:\Windows\System32\provsvc.dll
19:02:10.0456 4592 C:\Windows\System32\provsvc.dll - ok
19:02:10.0456 4592 [ 098A91C54546A3B878DAD6A7E90A455B ] C:\Windows\System32\IPBusEnum.dll
19:02:10.0456 4592 C:\Windows\System32\IPBusEnum.dll - ok
19:02:10.0456 4592 [ 08C2957BB30058E663720C5606885653 ] C:\Windows\System32\iphlpsvc.dll
19:02:10.0456 4592 C:\Windows\System32\iphlpsvc.dll - ok
19:02:10.0456 4592 [ E5DE3FFD785B6730291AD98E491D58BA ] C:\Windows\ehome\ehres.dll
19:02:10.0456 4592 C:\Windows\ehome\ehres.dll - ok
19:02:10.0456 4592 [ 3ABF5E7213EB28966D55D58B515D5CE9 ] C:\Windows\System32\drivers\irenum.sys
19:02:10.0456 4592 C:\Windows\System32\drivers\irenum.sys - ok
19:02:10.0471 4592 [ 43D0F98E1D56CCDDB0D5254CFF7B356E ] C:\Windows\System32\drivers\luafv.sys
19:02:10.0471 4592 C:\Windows\System32\drivers\luafv.sys - ok
19:02:10.0471 4592 [ F9EC845C5EECF20E9A67F9F805F2EF1F ] C:\Windows\System32\keyiso.dll
19:02:10.0471 4592 C:\Windows\System32\keyiso.dll - ok
19:02:10.0471 4592 [ 7A757C41C3879CD34BDE15F0563C0CE2 ] C:\Windows\System32\lltdres.dll
19:02:10.0471 4592 C:\Windows\System32\lltdres.dll - ok
19:02:10.0471 4592 [ F993A32249B66C9D622EA5592A8B76B8 ] C:\Windows\System32\lmhsvc.dll
19:02:10.0471 4592 C:\Windows\System32\lmhsvc.dll - ok
19:02:10.0471 4592 [ D9F42719019740BAA6D1C6D536CBDAA6 ] C:\Windows\System32\srvsvc.dll
19:02:10.0471 4592 C:\Windows\System32\srvsvc.dll - ok
19:02:10.0487 4592 [ 851A1382EED3E3A7476DB004F4EE3E1A ] C:\Windows\System32\wkssvc.dll
19:02:10.0487 4592 C:\Windows\System32\wkssvc.dll - ok
19:02:10.0487 4592 [ 32E7A3D591D671A6DF2DB515A5CBE0FA ] C:\Windows\System32\drivers\mountmgr.sys
19:02:10.0487 4592 C:\Windows\System32\drivers\mountmgr.sys - ok
19:02:10.0487 4592 [ 9AD9E06F8656F296D91FAE8EE5B95A27 ] C:\Windows\System32\FirewallAPI.dll
19:02:10.0487 4592 C:\Windows\System32\FirewallAPI.dll - ok
19:02:10.0487 4592 [ E40E80D0304A73E8D269F7141D77250B ] C:\Windows\System32\mmcss.dll
19:02:10.0487 4592 C:\Windows\System32\mmcss.dll - ok
19:02:10.0487 4592 [ F9D215A46A8B9753F61767FA72A20326 ] C:\Windows\System32\drivers\mshidkmdf.sys
19:02:10.0487 4592 C:\Windows\System32\drivers\mshidkmdf.sys - ok
19:02:10.0503 4592 [ E11E3F3BBEFDC5C0C160BE13B65E25E4 ] C:\Windows\System32\iscsidsc.dll
19:02:10.0503 4592 C:\Windows\System32\iscsidsc.dll - ok
19:02:10.0503 4592 [ 3DB6D04E1C64272F8B14EB8BC4616280 ] C:\Windows\System32\WebClnt.dll
19:02:10.0503 4592 C:\Windows\System32\WebClnt.dll - ok
19:02:10.0503 4592 [ F9A18612FD3526FE473C1BDA678D61C8 ] C:\Windows\System32\drivers\mup.sys
19:02:10.0503 4592 C:\Windows\System32\drivers\mup.sys - ok
19:02:10.0503 4592 [ 760E38053BF56E501D562B70AD796B88 ] C:\Windows\System32\drivers\ndis.sys
19:02:10.0503 4592 C:\Windows\System32\drivers\ndis.sys - ok
19:02:10.0503 4592 [ 8EE1C893C50D1C02D4675978BAC756BA ] C:\Windows\System32\msimsg.dll
19:02:10.0503 4592 C:\Windows\System32\msimsg.dll - ok
19:02:10.0518 4592 [ 582AC6D9873E31DFA28A4547270862DD ] C:\Windows\System32\QAGENTRT.DLL
19:02:10.0518 4592 C:\Windows\System32\QAGENTRT.DLL - ok
19:02:10.0518 4592 [ 847D3AE376C0817161A14A82C8922A9E ] C:\Windows\System32\netman.dll
19:02:10.0518 4592 C:\Windows\System32\netman.dll - ok
19:02:10.0518 4592 [ 5F28111C648F1E24F7DBC87CDEB091B8 ] C:\Windows\System32\netprofm.dll
19:02:10.0518 4592 C:\Windows\System32\netprofm.dll - ok
19:02:10.0518 4592 [ 8AD77806D336673F270DB31645267293 ] C:\Windows\System32\nlasvc.dll
19:02:10.0518 4592 C:\Windows\System32\nlasvc.dll - ok
19:02:10.0518 4592 [ D54BFDF3E0C953F823B3D0BFE4732528 ] C:\Windows\System32\nsisvc.dll
19:02:10.0518 4592 C:\Windows\System32\nsisvc.dll - ok
19:02:10.0534 4592 [ 927463ECB02179F88E4B9A17568C63C3 ] C:\Windows\System32\p2psvc.dll
19:02:10.0534 4592 C:\Windows\System32\p2psvc.dll - ok
19:02:10.0534 4592 [ 3EAC4455472CC2C97107B5291E0DCAFE ] C:\Windows\System32\pnrpsvc.dll
19:02:10.0534 4592 C:\Windows\System32\pnrpsvc.dll - ok
19:02:10.0534 4592 [ E9766131EEADE40A27DC27D2D68FBA9C ] C:\Windows\System32\drivers\partmgr.sys
19:02:10.0534 4592 C:\Windows\System32\drivers\partmgr.sys - ok
19:02:10.0534 4592 [ 3AEAA8B561E63452C655DC0584922257 ] C:\Windows\System32\pcasvc.dll
19:02:10.0534 4592 C:\Windows\System32\pcasvc.dll - ok
19:02:10.0534 4592 [ B9B0A4299DD2D76A4243F75FD54DC680 ] C:\Windows\System32\PeerDistSvc.dll
19:02:10.0534 4592 C:\Windows\System32\PeerDistSvc.dll - ok
19:02:10.0549 4592 [ C7CF6A6E137463219E1259E3F0F0DD6C ] C:\Windows\System32\pla.dll
19:02:10.0549 4592 C:\Windows\System32\pla.dll - ok
19:02:10.0549 4592 [ 7195581CEC9BB7D12ABE54036ACC2E38 ] C:\Windows\System32\pnrpauto.dll
19:02:10.0549 4592 C:\Windows\System32\pnrpauto.dll - ok
19:02:10.0549 4592 [ 8DEC9C6DD13C4B3B62CD8D5A0FEF1650 ] C:\Windows\System32\polstore.dll
19:02:10.0549 4592 C:\Windows\System32\polstore.dll - ok
19:02:10.0549 4592 [ 25FBDEF06C4D92815B353F6E792C8129 ] C:\Windows\System32\umpnpmgr.dll
19:02:10.0549 4592 C:\Windows\System32\umpnpmgr.dll - ok
19:02:10.0549 4592 [ 6BA9D927DDED70BD1A9CADED45F8B184 ] C:\Windows\System32\umpo.dll
19:02:10.0549 4592 C:\Windows\System32\umpo.dll - ok
19:02:10.0565 4592 [ 76707BB36430888D9CE9D705398ADB6C ] C:\Windows\System32\drivers\qwavedrv.sys
19:02:10.0565 4592 C:\Windows\System32\drivers\qwavedrv.sys - ok
19:02:10.0565 4592 [ 53E83F1F6CF9D62F32801CF66D8352A8 ] C:\Windows\System32\profsvc.dll
19:02:10.0565 4592 C:\Windows\System32\profsvc.dll - ok
19:02:10.0565 4592 [ AB95FBAE4F9A5A56B177CEC427B2B35E ] C:\Windows\System32\psbase.dll
19:02:10.0565 4592 C:\Windows\System32\psbase.dll - ok
19:02:10.0565 4592 [ 906191634E99AEA92C4816150BDA3732 ] C:\Windows\System32\qwave.dll
19:02:10.0565 4592 C:\Windows\System32\qwave.dll - ok
19:02:10.0565 4592 [ 8F26510C5383B8DBE976DE1CD00FC8C7 ] C:\Windows\System32\rasauto.dll
19:02:10.0565 4592 C:\Windows\System32\rasauto.dll - ok
19:02:10.0581 4592 [ 254FB7A22D74E5511C73A3F6D802F192 ] C:\Windows\System32\mprdim.dll
19:02:10.0581 4592 C:\Windows\System32\mprdim.dll - ok
19:02:10.0581 4592 [ EE867A0870FC9E4972BA9EAAD35651E2 ] C:\Windows\System32\rasmans.dll
19:02:10.0581 4592 C:\Windows\System32\rasmans.dll - ok
19:02:10.0581 4592 [ E4D94F24081440B5FC5AA556C7C62702 ] C:\Windows\System32\regsvc.dll
19:02:10.0581 4592 C:\Windows\System32\regsvc.dll - ok
19:02:10.0581 4592 [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB ] C:\Windows\System32\sstpsvc.dll
19:02:10.0581 4592 C:\Windows\System32\sstpsvc.dll - ok
19:02:10.0581 4592 [ 253F38D0D7074C02FF8DEB9836C97D2B ] C:\Windows\System32\drivers\scfilter.sys
19:02:10.0581 4592 C:\Windows\System32\drivers\scfilter.sys - ok
19:02:10.0596 4592 [ D5BA242D4CF8E384DB90E6A8ED850B8C ] C:\Windows\System32\Locator.exe
19:02:10.0596 4592 C:\Windows\System32\Locator.exe - ok
19:02:10.0596 4592 [ E4DC58CF7B3EA515AE917FF0D402A7BB ] C:\Windows\System32\RpcEpMap.dll
19:02:10.0596 4592 C:\Windows\System32\RpcEpMap.dll - ok
19:02:10.0596 4592 [ 9B7395789E3791A3B6D000FE6F8B131E ] C:\Windows\System32\SCardSvr.dll
19:02:10.0596 4592 C:\Windows\System32\SCardSvr.dll - ok
19:02:10.0596 4592 [ 262F6592C3299C005FD6BEC90FC4463A ] C:\Windows\System32\schedsvc.dll
19:02:10.0596 4592 C:\Windows\System32\schedsvc.dll - ok
19:02:10.0596 4592 [ 6EA4234DC55346E0709560FE7C2C1972 ] C:\Windows\System32\sdrsvc.dll
19:02:10.0596 4592 C:\Windows\System32\sdrsvc.dll - ok
19:02:10.0612 4592 [ BC617A4E1B4FA8DF523A061739A0BD87 ] C:\Windows\System32\seclogon.dll
19:02:10.0612 4592 C:\Windows\System32\seclogon.dll - ok
19:02:10.0612 4592 [ C32AB8FA018EF34C0F113BD501436D21 ] C:\Windows\System32\Sens.dll
19:02:10.0612 4592 C:\Windows\System32\Sens.dll - ok
19:02:10.0612 4592 [ B95F6501A2F8B2E78C697FEC401970CE ] C:\Windows\System32\ipnathlp.dll
19:02:10.0612 4592 C:\Windows\System32\ipnathlp.dll - ok
19:02:10.0612 4592 [ 0336CFFAFAAB87A11541F1CF1594B2B2 ] C:\Windows\System32\sensrsvc.dll
19:02:10.0612 4592 C:\Windows\System32\sensrsvc.dll - ok
19:02:10.0612 4592 [ 0B6231BF38174A1628C4AC812CC75804 ] C:\Windows\System32\SessEnv.dll
19:02:10.0612 4592 C:\Windows\System32\SessEnv.dll - ok
19:02:10.0627 4592 [ AAF932B4011D14052955D4B212A4DA8D ] C:\Windows\System32\shsvcs.dll
19:02:10.0627 4592 C:\Windows\System32\shsvcs.dll - ok
19:02:10.0627 4592 [ 6313F223E817CC09AA41811DAA7F541D ] C:\Windows\System32\snmptrap.exe
19:02:10.0627 4592 C:\Windows\System32\snmptrap.exe - ok
19:02:10.0627 4592 [ 85DAA09A98C9286D4EA2BA8D0E644377 ] C:\Windows\System32\spoolsv.exe
19:02:10.0627 4592 C:\Windows\System32\spoolsv.exe - ok
19:02:10.0627 4592 [ E17E0188BB90FAE42D83E98707EFA59C ] C:\Windows\System32\sppsvc.exe
19:02:10.0627 4592 C:\Windows\System32\sppsvc.exe - ok
19:02:10.0627 4592 [ 55DE45B116711881C852D2841E4C84DD ] C:\Windows\System32\tcpipcfg.dll
19:02:10.0627 4592 C:\Windows\System32\tcpipcfg.dll - ok
19:02:10.0643 4592 [ 93D7D61317F3D4BC4F4E9F8A96A7DE45 ] C:\Windows\System32\sppuinotify.dll
19:02:10.0643 4592 C:\Windows\System32\sppuinotify.dll - ok
19:02:10.0643 4592 [ 51B52FBD583CDE8AA9BA62B8B4298F33 ] C:\Windows\System32\ssdpsrv.dll
19:02:10.0643 4592 C:\Windows\System32\ssdpsrv.dll - ok
19:02:10.0643 4592 [ C40841817EF57D491F22EB103DA587CC ] C:\Windows\System32\StorSvc.dll
19:02:10.0643 4592 C:\Windows\System32\StorSvc.dll - ok
19:02:10.0643 4592 [ E08E46FDD841B7184194011CA1955A0B ] C:\Windows\System32\swprv.dll
19:02:10.0643 4592 C:\Windows\System32\swprv.dll - ok
19:02:10.0643 4592 [ D289D2E949609B696161039C3D86FFE9 ] C:\Windows\System32\vmstorfltres.dll
19:02:10.0643 4592 C:\Windows\System32\vmstorfltres.dll - ok
19:02:10.0659 4592 [ 8DD52E8E6128F4B2DA92CE27402871C1 ] C:\Windows\System32\wiaservc.dll
19:02:10.0659 4592 C:\Windows\System32\wiaservc.dll - ok
19:02:10.0659 4592 [ BF9CCC0BF39B418C8D0AE8B05CF95B7D ] C:\Windows\System32\sysmain.dll
19:02:10.0659 4592 C:\Windows\System32\sysmain.dll - ok
19:02:10.0659 4592 [ E3C61FD7B7C2557E1F1B0B4CEC713585 ] C:\Windows\System32\TabSvc.dll
19:02:10.0659 4592 C:\Windows\System32\TabSvc.dll - ok
19:02:10.0659 4592 [ 40F0849F65D13EE87B9A9AE3C1DD6823 ] C:\Windows\System32\tapisrv.dll
19:02:10.0659 4592 C:\Windows\System32\tapisrv.dll - ok
19:02:10.0659 4592 [ 1BE03AC720F4D302EA01D40F588162F6 ] C:\Windows\System32\tbssvc.dll
19:02:10.0659 4592 C:\Windows\System32\tbssvc.dll - ok
19:02:10.0674 4592 [ 2E648163254233755035B46DD7B89123 ] C:\Windows\System32\termsrv.dll
19:02:10.0674 4592 C:\Windows\System32\termsrv.dll - ok
19:02:10.0674 4592 [ 773212B2AAA24C1E31F10246B15B276C ] C:\Windows\servicing\TrustedInstaller.exe
19:02:10.0674 4592 C:\Windows\servicing\TrustedInstaller.exe - ok
19:02:10.0674 4592 [ CE18B2CDFC837C99E5FAE9CA6CBA5D30 ] C:\Windows\System32\drivers\tssecsrv.sys
19:02:10.0674 4592 C:\Windows\System32\drivers\tssecsrv.sys - ok
19:02:10.0674 4592 [ F0344071948D1A1FA732231785A0664C ] C:\Windows\System32\themeservice.dll
19:02:10.0674 4592 C:\Windows\System32\themeservice.dll - ok
19:02:10.0674 4592 [ 7E7AFD841694F6AC397E99D75CEAD49D ] C:\Windows\System32\trkwks.dll
19:02:10.0674 4592 C:\Windows\System32\trkwks.dll - ok
19:02:10.0690 4592 [ 3CBDEC8D06B9968ABA702EBA076364A1 ] C:\Windows\System32\UI0Detect.exe
19:02:10.0690 4592 C:\Windows\System32\UI0Detect.exe - ok
19:02:10.0690 4592 [ A293DCD756D04D8492A750D03B9A297C ] C:\Windows\System32\umrdp.dll
19:02:10.0690 4592 C:\Windows\System32\umrdp.dll - ok
19:02:10.0690 4592 [ D47EC6A8E81633DD18D2436B19BAF6DE ] C:\Windows\System32\upnphost.dll
19:02:10.0690 4592 C:\Windows\System32\upnphost.dll - ok
19:02:10.0690 4592 [ F162D5F5E845B9DC352DD1BAD8CEF1BC ] C:\Windows\System32\dwm.exe
19:02:10.0690 4592 C:\Windows\System32\dwm.exe - ok
19:02:10.0690 4592 [ 567BC1309E05FCFA680ADB6E02260736 ] C:\Windows\System32\vaultsvc.dll
19:02:10.0690 4592 C:\Windows\System32\vaultsvc.dll - ok
19:02:10.0705 4592 [ A255814907C89BE58B79EF2F189B843B ] C:\Windows\System32\drivers\volmgrx.sys
19:02:10.0705 4592 C:\Windows\System32\drivers\volmgrx.sys - ok
19:02:10.0705 4592 [ 8D6B481601D01A456E75C3210F1830BE ] C:\Windows\System32\vds.exe
19:02:10.0705 4592 C:\Windows\System32\vds.exe - ok
19:02:10.0705 4592 [ E48FCE3820487A9CDDD83BBABC6B962C ] C:\Windows\System32\vmbusres.dll
19:02:10.0705 4592 C:\Windows\System32\vmbusres.dll - ok
19:02:10.0705 4592 [ B60BA0BC31B0CB414593E169F6F21CC2 ] C:\Windows\System32\VSSVC.exe
19:02:10.0705 4592 C:\Windows\System32\VSSVC.exe - ok
19:02:10.0705 4592 [ 1C9D80CC3849B3788048078C26486E1A ] C:\Windows\System32\w32time.dll
19:02:10.0705 4592 C:\Windows\System32\w32time.dll - ok
19:02:10.0721 4592 [ 05E9265E2228799B68DC0F58A94E1AB8 ] C:\Windows\System32\Wat\WatUX.exe
19:02:10.0721 4592 C:\Windows\System32\Wat\WatUX.exe - ok
19:02:10.0721 4592 [ 78F4E7F5C56CB9716238EB57DA4B6A75 ] C:\Windows\System32\wbengine.exe
19:02:10.0721 4592 C:\Windows\System32\wbengine.exe - ok
19:02:10.0721 4592 [ 3AA101E8EDAB2DB4131333F4325C76A3 ] C:\Windows\System32\wbiosrvc.dll
19:02:10.0721 4592 C:\Windows\System32\wbiosrvc.dll - ok
19:02:10.0721 4592 [ 7368A2AFD46E5A4481D1DE9D14848EDD ] C:\Windows\System32\wcncsvc.dll
19:02:10.0721 4592 C:\Windows\System32\wcncsvc.dll - ok
19:02:10.0721 4592 [ 20F7441334B18CEE52027661DF4A6129 ] C:\Windows\System32\WcsPlugInService.dll
19:02:10.0721 4592 C:\Windows\System32\WcsPlugInService.dll - ok
19:02:10.0737 4592 [ 442783E2CB0DA19873B7A63833FF4CB4 ] C:\Windows\System32\drivers\Wdf01000.sys
19:02:10.0737 4592 C:\Windows\System32\drivers\Wdf01000.sys - ok
19:02:10.0737 4592 [ 2DA738A0A6BEE483A5647A76695AF3B0 ] C:\Program Files\Windows Defender\MsMpRes.dll
19:02:10.0737 4592 C:\Program Files\Windows Defender\MsMpRes.dll - ok
19:02:10.0737 4592 [ BF1FC3F79B863C914687A737C2F3D681 ] C:\Windows\System32\wdi.dll
19:02:10.0737 4592 C:\Windows\System32\wdi.dll - ok
19:02:10.0737 4592 [ C749025A679C5103E575E3B48E092C43 ] C:\Windows\System32\wecsvc.dll
19:02:10.0737 4592 C:\Windows\System32\wecsvc.dll - ok
19:02:10.0737 4592 [ 7E591867422DC788B9E5BD337A669A08 ] C:\Windows\System32\wercplsupport.dll
19:02:10.0737 4592 C:\Windows\System32\wercplsupport.dll - ok
19:02:10.0752 4592 [ 6D137963730144698CBD10F202E9F251 ] C:\Windows\System32\wersvc.dll
19:02:10.0752 4592 C:\Windows\System32\wersvc.dll - ok
19:02:10.0752 4592 [ 58F4493BF748A3A89689997B7BD00E95 ] C:\Windows\System32\winhttp.dll
19:02:10.0752 4592 C:\Windows\System32\winhttp.dll - ok
19:02:10.0752 4592 [ 19B07E7E8915D701225DA41CB3877306 ] C:\Windows\System32\wbem\WMIsvc.dll
19:02:10.0752 4592 C:\Windows\System32\wbem\WMIsvc.dll - ok
19:02:10.0752 4592 [ BCB1310604AA415C4508708975B3931E ] C:\Windows\System32\WsmSvc.dll
19:02:10.0752 4592 C:\Windows\System32\WsmSvc.dll - ok
19:02:10.0752 4592 [ 4FADA86E62F18A1B2F42BA18AE24E6AA ] C:\Windows\System32\wlansvc.dll
19:02:10.0752 4592 C:\Windows\System32\wlansvc.dll - ok
19:02:10.0768 4592 [ 38B84C94C5A8AF291ADFEA478AE54F93 ] C:\Windows\System32\wbem\WmiApSrv.exe
19:02:10.0768 4592 C:\Windows\System32\wbem\WmiApSrv.exe - ok
19:02:10.0768 4592 [ A9F3BFC9345F49614D5859EC95B9E994 ] C:\Program Files\Windows Media Player\wmpnetwk.exe
19:02:10.0768 4592 C:\Program Files\Windows Media Player\wmpnetwk.exe - ok
19:02:10.0768 4592 [ 96C6E7100D724C69FCF9E7BF590D1DCA ] C:\Windows\System32\wpcsvc.dll
19:02:10.0768 4592 C:\Windows\System32\wpcsvc.dll - ok
19:02:10.0768 4592 [ 6BCC1D7D2FD2453957C5479A32364E52 ] C:\Windows\System32\drivers\ws2ifsl.sys
19:02:10.0768 4592 C:\Windows\System32\drivers\ws2ifsl.sys - ok
19:02:10.0768 4592 [ 93221146D4EBBF314C29B23CD6CC391D ] C:\Windows\System32\wpdbusenum.dll
19:02:10.0768 4592 C:\Windows\System32\wpdbusenum.dll - ok
19:02:10.0783 4592 [ E8B1FE6669397D1772D8196DF0E57A9E ] C:\Windows\System32\wscsvc.dll
19:02:10.0783 4592 C:\Windows\System32\wscsvc.dll - ok
19:02:10.0783 4592 [ D9EF901DCA379CFE914E9FA13B73B4C4 ] C:\Windows\System32\wuaueng.dll
19:02:10.0783 4592 C:\Windows\System32\wuaueng.dll - ok
19:02:10.0783 4592 [ AB886378EEB55C6C75B4F2D14B6C869F ] C:\Windows\System32\drivers\WUDFPf.sys
19:02:10.0783 4592 C:\Windows\System32\drivers\WUDFPf.sys - ok
19:02:10.0783 4592 [ B20F051B03A966392364C83F009F7D17 ] C:\Windows\System32\WUDFSvc.dll
19:02:10.0783 4592 C:\Windows\System32\WUDFSvc.dll - ok
19:02:10.0799 4592 [ 9A3452B3C2A46C073166C5CF49FAD1AE ] C:\Windows\System32\wwansvc.dll
19:02:10.0799 4592 C:\Windows\System32\wwansvc.dll - ok
19:02:10.0799 4592 [ 7CC7DF5B654DA579613F811D8C637E29 ] C:\Windows\System32\ubpm.dll
19:02:10.0799 4592 C:\Windows\System32\ubpm.dll - ok
19:02:10.0799 4592 [ C78655BC80301D76ED4FEF1C1EA40A7D ] C:\Windows\System32\svchost.exe
19:02:10.0799 4592 C:\Windows\System32\svchost.exe - ok
19:02:10.0799 4592 [ 0D9764D58C5EFD672B7184854B152E5E ] C:\Windows\System32\winsta.dll
19:02:10.0799 4592 C:\Windows\System32\winsta.dll - ok
19:02:10.0799 4592 [ CD1B5AD07E5F7FEF30E055DCC9E96180 ] C:\Windows\System32\devrtl.dll
19:02:10.0799 4592 C:\Windows\System32\devrtl.dll - ok
19:02:10.0815 4592 [ E6EB44ABAAF1F330119F854856C53EBE ] C:\Windows\System32\SPInf.dll
19:02:10.0815 4592 C:\Windows\System32\SPInf.dll - ok
19:02:10.0815 4592 [ 7A17485DC7D8A7AC81321A42CD034519 ] C:\Windows\System32\userenv.dll
19:02:10.0815 4592 C:\Windows\System32\userenv.dll - ok
19:02:10.0815 4592 [ F6C011B46FAEEF33536B2E80F48B5CBE ] C:\Windows\System32\pcwum.dll
19:02:10.0815 4592 C:\Windows\System32\pcwum.dll - ok
19:02:10.0815 4592 [ 1151B1BAA6F350B1DB6598E0FEA7C457 ] C:\Windows\System32\winlogon.exe
19:02:10.0815 4592 C:\Windows\System32\winlogon.exe - ok
19:02:10.0815 4592 [ 716175021BDA290504CE434273F666BC ] C:\Windows\System32\powrprof.dll
19:02:10.0815 4592 C:\Windows\System32\powrprof.dll - ok
19:02:10.0830 4592 [ 5EFF2D9DC1D80C1934DE81321599C8DB ] C:\Program Files (x86)\Common Files\Comodo\launcher_service.exe
19:02:10.0830 4592 C:\Program Files (x86)\Common Files\Comodo\launcher_service.exe - ok
19:02:10.0830 4592 [ E73B0F1819602CB6EF176FB78D76A47B ] C:\Windows\SysWOW64\ntdll.dll
19:02:10.0830 4592 C:\Windows\SysWOW64\ntdll.dll - ok
19:02:10.0830 4592 [ 259EB5F7D95A29842B476C5B3EB6E186 ] C:\Windows\System32\wow64.dll
19:02:10.0830 4592 C:\Windows\System32\wow64.dll - ok
19:02:10.0830 4592 [ 3EE3AA76D8AB6D5644C4C8F34471CEB3 ] C:\Windows\System32\wow64cpu.dll
19:02:10.0830 4592 C:\Windows\System32\wow64cpu.dll - ok
19:02:10.0830 4592 [ 5674E21E82CFBEA36DDAD5DB285D6DBC ] C:\Windows\System32\wow64win.dll
19:02:10.0830 4592 C:\Windows\System32\wow64win.dll - ok
19:02:10.0846 4592 [ AC0B6F41882FC6ED186962D770EBF1D2 ] C:\Windows\SysWOW64\kernel32.dll
19:02:10.0846 4592 C:\Windows\SysWOW64\kernel32.dll - ok
19:02:10.0846 4592 [ E954A79D6A754A5475582CACED1565E6 ] C:\Windows\SysWOW64\KernelBase.dll
19:02:10.0846 4592 C:\Windows\SysWOW64\KernelBase.dll - ok
19:02:10.0846 4592 [ 9DC80A8AAAAAC397BDAB3C67165A824E ] C:\Windows\SysWOW64\msvcrt.dll
19:02:10.0846 4592 C:\Windows\SysWOW64\msvcrt.dll - ok
19:02:10.0846 4592 [ C5AD8083CF94201F1F8084ECC696A8B7 ] C:\Windows\SysWOW64\rpcrt4.dll
19:02:10.0846 4592 C:\Windows\SysWOW64\rpcrt4.dll - ok
19:02:10.0846 4592 [ D15618A0FF8DBC2C5BF3726BACC75A0B ] C:\Windows\SysWOW64\userenv.dll
19:02:10.0846 4592 C:\Windows\SysWOW64\userenv.dll - ok
19:02:10.0861 4592 [ 60D21799A4AF4EDCE65FB98830E4B0C8 ] C:\Windows\SysWOW64\crypt32.dll
19:02:10.0861 4592 C:\Windows\SysWOW64\crypt32.dll - ok
19:02:10.0861 4592 [ F08F6FCD09F9BE94C37ACC1B344685FF ] C:\Windows\SysWOW64\cryptbase.dll
19:02:10.0861 4592 C:\Windows\SysWOW64\cryptbase.dll - ok
19:02:10.0861 4592 [ C733D233B623B7FFCE5031E4B756EE26 ] C:\Windows\SysWOW64\profapi.dll
19:02:10.0861 4592 C:\Windows\SysWOW64\profapi.dll - ok
19:02:10.0861 4592 [ CFC97F07904067A1E5FAE195D534DA3A ] C:\Windows\SysWOW64\sechost.dll
19:02:10.0861 4592 C:\Windows\SysWOW64\sechost.dll - ok
19:02:10.0861 4592 [ BFB26890612FB8AE8B0463EBEBE84B7E ] C:\Windows\SysWOW64\sspicli.dll
19:02:10.0861 4592 C:\Windows\SysWOW64\sspicli.dll - ok
19:02:10.0877 4592 [ 17448AF0BBA9E7AB5EC955AF93F271BD ] C:\Windows\SysWOW64\wintrust.dll
19:02:10.0877 4592 C:\Windows\SysWOW64\wintrust.dll - ok
19:02:10.0877 4592 [ 96C70BD48D49B87475F4572DEDC62EB9 ] C:\Windows\AppPatch\AcLayers.dll
19:02:10.0877 4592 C:\Windows\AppPatch\AcLayers.dll - ok
19:02:10.0877 4592 [ 95E2376B3323F062EB562B8586D0F14A ] C:\Windows\SysWOW64\advapi32.dll
19:02:10.0877 4592 C:\Windows\SysWOW64\advapi32.dll - ok
19:02:10.0877 4592 [ 863F793D15B4026B1A5FDECA873D4D84 ] C:\Windows\SysWOW64\apphelp.dll
19:02:10.0877 4592 C:\Windows\SysWOW64\apphelp.dll - ok
19:02:10.0877 4592 [ B2DB6ABA2E292235749B80A9C3DFA867 ] C:\Windows\SysWOW64\imagehlp.dll
19:02:10.0877 4592 C:\Windows\SysWOW64\imagehlp.dll - ok
19:02:10.0893 4592 [ 938F39B50BAFE13D6F58C7790682C010 ] C:\Windows\SysWOW64\msasn1.dll
19:02:10.0893 4592 C:\Windows\SysWOW64\msasn1.dll - ok
19:02:10.0893 4592 [ D6D3AD7BF1D6F6CE9547613ED5E170A2 ] C:\Windows\SysWOW64\gdi32.dll
19:02:10.0893 4592 C:\Windows\SysWOW64\gdi32.dll - ok
19:02:10.0893 4592 [ 384721EF4024890092625E20CADFAF85 ] C:\Windows\SysWOW64\lpk.dll
19:02:10.0893 4592 C:\Windows\SysWOW64\lpk.dll - ok
19:02:10.0893 4592 [ 5E0DB2D8B2750543CD2EBB9EA8E6CDD3 ] C:\Windows\SysWOW64\user32.dll
19:02:10.0893 4592 C:\Windows\SysWOW64\user32.dll - ok
19:02:10.0893 4592 [ B7230010D97787AF3D25E4C82F2B06B9 ] C:\Windows\SysWOW64\usp10.dll
19:02:10.0893 4592 C:\Windows\SysWOW64\usp10.dll - ok
19:02:10.0893 4592 [ 29E9794708DF51DB5DC89FB2E903A0F6 ] C:\Windows\SysWOW64\shell32.dll
19:02:10.0893 4592 C:\Windows\SysWOW64\shell32.dll - ok
19:02:10.0908 4592 [ 928CF7268086631F54C3D8E17238C6DD ] C:\Windows\SysWOW64\ole32.dll
19:02:10.0908 4592 C:\Windows\SysWOW64\ole32.dll - ok
19:02:10.0908 4592 [ 6C765E82B57F2E66CE9C54AC238471D9 ] C:\Windows\SysWOW64\oleaut32.dll
19:02:10.0908 4592 C:\Windows\SysWOW64\oleaut32.dll - ok
19:02:10.0908 4592 [ 8CC3C111D653E96F3EA1590891491D71 ] C:\Windows\SysWOW64\shlwapi.dll
19:02:10.0908 4592 C:\Windows\SysWOW64\shlwapi.dll - ok
19:02:10.0908 4592 [ A6F09E5669D9A19035F6D942CAA15882 ] C:\Windows\SysWOW64\imm32.dll
19:02:10.0908 4592 C:\Windows\SysWOW64\imm32.dll - ok
19:02:10.0908 4592 [ B9A8CBCFCD3EC9D2EA4740AF347BF108 ] C:\Windows\SysWOW64\mpr.dll
19:02:10.0908 4592 C:\Windows\SysWOW64\mpr.dll - ok
19:02:10.0924 4592 [ C9618BC9B2B0FD7C1138D8774795A79B ] C:\Windows\SysWOW64\msctf.dll
19:02:10.0924 4592 C:\Windows\SysWOW64\msctf.dll - ok
19:02:10.0924 4592 [ 9E4B0E7472B4CEBA9E17F440B8CB0AB8 ] C:\Windows\SysWOW64\winspool.drv
19:02:10.0924 4592 C:\Windows\SysWOW64\winspool.drv - ok
19:02:10.0924 4592 [ 1EBE9524683C7C4EED8B8BC93FB6FBCC ] C:\Windows\SysWOW64\fltLib.dll
19:02:10.0924 4592 C:\Windows\SysWOW64\fltLib.dll - ok
19:02:10.0924 4592 [ 235B0327FBB08C47CE12682CD44B99D9 ] C:\Windows\SysWOW64\guard32.dll
19:02:10.0924 4592 C:\Windows\SysWOW64\guard32.dll - ok
19:02:10.0924 4592 [ 702254574E7E52052DE39408457B7149 ] C:\Windows\SysWOW64\version.dll
19:02:10.0924 4592 C:\Windows\SysWOW64\version.dll - ok
19:02:10.0939 4592 [ 5C627D1B1138676C0A7AB2C2C190D123 ] C:\Windows\System32\rpcss.dll
19:02:10.0939 4592 C:\Windows\System32\rpcss.dll - ok
19:02:10.0939 4592 [ 16E964ABF6D1E0F0CC7822FCA9BA754D ] C:\Windows\System32\wshqos.dll
19:02:10.0939 4592 C:\Windows\System32\wshqos.dll - ok
19:02:10.0939 4592 [ 31559F3244C6BC00A52030CAA83B6B91 ] C:\Windows\System32\WSHTCPIP.DLL
19:02:10.0939 4592 C:\Windows\System32\WSHTCPIP.DLL - ok
19:02:10.0939 4592 [ A8D8C1A401A2C50714A7C60F67E63657 ] D:\Programs\Comodo\COMODO Internet Security\cmdagent.exe
19:02:10.0939 4592 D:\Programs\Comodo\COMODO Internet Security\cmdagent.exe - ok
19:02:10.0955 4592 [ 94E026870A55AAEAFF7853C1754091E9 ] C:\Windows\System32\version.dll
19:02:10.0955 4592 C:\Windows\System32\version.dll - ok
19:02:10.0955 4592 [ 2B81776DA02017A37FE26C662827470E ] C:\Windows\System32\IPHLPAPI.DLL
19:02:10.0955 4592 C:\Windows\System32\IPHLPAPI.DLL - ok
19:02:10.0955 4592 [ 4C9210E8F4E052F6A4EB87716DA0C24C ] C:\Windows\System32\winnsi.dll
19:02:10.0955 4592 C:\Windows\System32\winnsi.dll - ok
19:02:10.0955 4592 [ A7A8CA53D9C9FD90C07AB0EB38E5316B ] C:\Windows\System32\dbghelp.dll
19:02:10.0955 4592 C:\Windows\System32\dbghelp.dll - ok
19:02:10.0955 4592 [ 5EB6E9C8BE1ACC5830780E0F9A846255 ] C:\Windows\System32\msi.dll
19:02:10.0955 4592 C:\Windows\System32\msi.dll - ok
19:02:10.0971 4592 [ BD3674BE7FC9D8D3732C83E8499576ED ] C:\Windows\System32\wtsapi32.dll
19:02:10.0971 4592 C:\Windows\System32\wtsapi32.dll - ok
19:02:10.0971 4592 [ 6CEF7856A3EFAC59470F6208F0F585CE ] C:\Windows\System32\mpr.dll
19:02:10.0971 4592 C:\Windows\System32\mpr.dll - ok
19:02:10.0971 4592 [ EEEA40F0EDB0A6E5359E539E15D0BC77 ] C:\Windows\System32\netapi32.dll
19:02:10.0971 4592 C:\Windows\System32\netapi32.dll - ok
19:02:10.0971 4592 [ 6CECA4C6A489C9B2E6073AFDAAE3F607 ] C:\Windows\System32\netutils.dll
19:02:10.0971 4592 C:\Windows\System32\netutils.dll - ok
19:02:10.0971 4592 [ CF636C92B762B26F0B39B38E92380A09 ] C:\Windows\System32\oleacc.dll
19:02:10.0971 4592 C:\Windows\System32\oleacc.dll - ok
19:02:10.0986 4592 [ EF2AE43BCD46ABB13FC3E5B2B1935C73 ] C:\Windows\System32\winmm.dll
19:02:10.0986 4592 C:\Windows\System32\winmm.dll - ok
19:02:10.0986 4592 [ 3C91392D448F6E5D525A85B7550D8BA9 ] C:\Windows\System32\wkscli.dll
19:02:10.0986 4592 C:\Windows\System32\wkscli.dll - ok
19:02:10.0986 4592 [ 0015ACFBBDD164A8A730009908868CA7 ] C:\Windows\System32\winspool.drv
19:02:10.0986 4592 C:\Windows\System32\winspool.drv - ok
19:02:10.0986 4592 [ 14DFDEAF4E589ED3F1FF187A86B9408C ] C:\Windows\winsxs\amd64_microsoft.windows.common-controls_6595b64144ccf1df_5.82.7601.17514_none_a4d6a923711520a9\comctl32.dll
19:02:10.0986 4592 C:\Windows\winsxs\amd64_microsoft.windows.common-controls_6595b64144ccf1df_5.82.7601.17514_none_a4d6a923711520a9\comctl32.dll - ok
19:02:10.0986 4592 [ 7DB5AA22A8A8E5C2D335F44853C1F6DE ] C:\Windows\System32\wbemcomn.dll
19:02:10.0986 4592 C:\Windows\System32\wbemcomn.dll - ok
19:02:11.0002 4592 [ 666A60F6F5E719856FF6254E0966EFF7 ] C:\Windows\System32\wbem\wbemprox.dll
19:02:11.0002 4592 C:\Windows\System32\wbem\wbemprox.dll - ok
19:02:11.0002 4592 [ 4C1E3649C89C7D542CD18ECC5210099D ] C:\Windows\System32\atiesrxx.exe
19:02:11.0002 4592 C:\Windows\System32\atiesrxx.exe - ok
19:02:11.0002 4592 [ 8792BAB371B4B1589E015B6FD1ED3B15 ] C:\Windows\System32\cryptnet.dll
19:02:11.0002 4592 C:\Windows\System32\cryptnet.dll - ok
19:02:11.0002 4592 [ 715F03B4C7223349768013EA95D9E5B7 ] C:\Windows\System32\LogonUI.exe
19:02:11.0002 4592 C:\Windows\System32\LogonUI.exe - ok
19:02:11.0002 4592 [ 0BEE002C68E28CE6DA161DCF1376D7D7 ] C:\Windows\System32\authui.dll
19:02:11.0002 4592 C:\Windows\System32\authui.dll - ok
19:02:11.0017 4592 [ 227E2C382A1E02F8D4965E664D3BBE43 ] C:\Windows\System32\MMDevAPI.dll
19:02:11.0017 4592 C:\Windows\System32\MMDevAPI.dll - ok
19:02:11.0017 4592 [ F06BB4E336EA57511FDBAFAFCC47DE62 ] C:\Windows\System32\propsys.dll
19:02:11.0017 4592 C:\Windows\System32\propsys.dll - ok
19:02:11.0017 4592 [ 78A1E65207484B7F8D3217507745F47C ] C:\Windows\System32\avrt.dll
19:02:11.0017 4592 C:\Windows\System32\avrt.dll - ok
19:02:11.0017 4592 [ B3BFBD758506ECB50C5804AAA76318F9 ] C:\Windows\System32\cryptui.dll
19:02:11.0017 4592 C:\Windows\System32\cryptui.dll - ok
19:02:11.0017 4592 [ 7FA8FDC2C2A27817FD0F624E78D3B50C ] C:\Windows\winsxs\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac\comctl32.dll
19:02:11.0017 4592 C:\Windows\winsxs\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac\comctl32.dll - ok
19:02:11.0033 4592 [ 5B3EBFC3DA142324B388DDCC4465E1FF ] C:\Windows\System32\samlib.dll
19:02:11.0033 4592 C:\Windows\System32\samlib.dll - ok
19:02:11.0033 4592 [ 4E9C2DB10F7E6AE91BF761139D4B745B ] C:\Windows\System32\shacct.dll
19:02:11.0033 4592 C:\Windows\System32\shacct.dll - ok
19:02:11.0033 4592 [ D29E998E8277666982B4F0303BF4E7AF ] C:\Windows\System32\uxtheme.dll
19:02:11.0033 4592 C:\Windows\System32\uxtheme.dll - ok
19:02:11.0033 4592 [ 179E8401224D557ECFF3695F2016EA5B ] C:\Windows\winsxs\amd64_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.17825_none_2b253c8271ec7765\GdiPlus.dll
19:02:11.0033 4592 C:\Windows\winsxs\amd64_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.17825_none_2b253c8271ec7765\GdiPlus.dll - ok
19:02:11.0033 4592 [ 3CB6A7286422C72C34DAB54A5DFF1A34 ] C:\Windows\System32\dui70.dll
19:02:11.0033 4592 C:\Windows\System32\dui70.dll - ok
19:02:11.0049 4592 [ 8CCDE014A4CDF84564E03ACE064CA753 ] C:\Windows\System32\duser.dll
19:02:11.0049 4592 C:\Windows\System32\duser.dll - ok
19:02:11.0049 4592 [ 896F15A6434D93EDB42519D5E18E6B50 ] C:\Windows\System32\hid.dll
19:02:11.0049 4592 C:\Windows\System32\hid.dll - ok
19:02:11.0049 4592 [ D7F1EF374A90709B31591823B002F918 ] C:\Windows\System32\SndVolSSO.dll
19:02:11.0049 4592 C:\Windows\System32\SndVolSSO.dll - ok
19:02:11.0049 4592 [ DA1B7075260F3872585BFCDD668C648B ] C:\Windows\System32\dwmapi.dll
19:02:11.0049 4592 C:\Windows\System32\dwmapi.dll - ok
19:02:11.0049 4592 [ 6F8B48F3D343E4B186AB6A9E302B7E16 ] C:\Windows\System32\xmllite.dll
19:02:11.0049 4592 C:\Windows\System32\xmllite.dll - ok
19:02:11.0064 4592 [ 26B73A85855681500BCC25C7CD9FF5B1 ] C:\Windows\System32\WindowsCodecs.dll
19:02:11.0064 4592 C:\Windows\System32\WindowsCodecs.dll - ok
19:02:11.0064 4592 [ 588CD0C78A7FAAE4186B5EEA0AF3ED67 ] C:\Windows\System32\adtschema.dll
19:02:11.0064 4592 C:\Windows\System32\adtschema.dll - ok
19:02:11.0064 4592 [ 54FFC9C8898113ACE189D4AA7199D2C1 ] C:\Windows\System32\MPSSVC.dll
19:02:11.0064 4592 C:\Windows\System32\MPSSVC.dll - ok
19:02:11.0064 4592 [ 50544D04AD845C43130B70212EC05CCD ] C:\Windows\System32\microsoft-windows-kernel-power-events.dll
19:02:11.0064 4592 C:\Windows\System32\microsoft-windows-kernel-power-events.dll - ok
19:02:11.0064 4592 [ B1DF2D87DC8BF6072699AC8301B37796 ] C:\Windows\System32\WUDFPlatform.dll
19:02:11.0080 4592 C:\Windows\System32\WUDFPlatform.dll - ok
19:02:11.0080 4592 [ A3DB3C17EE6CAE65D53602B4E80BCCBC ] C:\Windows\System32\PSHED.DLL
19:02:11.0080 4592 C:\Windows\System32\PSHED.DLL - ok
19:02:11.0080 4592 [ B0945E538CF906BBDDC5A11C8EE868CC ] C:\Windows\System32\microsoft-windows-kernel-processor-power-events.dll
19:02:11.0080 4592 C:\Windows\System32\microsoft-windows-kernel-processor-power-events.dll - ok
19:02:11.0080 4592 [ D5CCA1453B98A5801E6D5FF0FF89DC6C ] C:\Windows\System32\audiodg.exe
19:02:11.0080 4592 C:\Windows\System32\audiodg.exe - ok
19:02:11.0080 4592 [ 1F4492FE41767CDB8B89D17655847CDD ] C:\Windows\System32\ntmarta.dll
19:02:11.0080 4592 C:\Windows\System32\ntmarta.dll - ok
19:02:11.0095 4592 [ 8560FFFC8EB3A806DCD4F82252CFC8C6 ] C:\Windows\System32\ksuser.dll
19:02:11.0095 4592 C:\Windows\System32\ksuser.dll - ok
19:02:11.0095 4592 [ 29910D50542B1AA0F162EF3339C61B6D ] C:\Windows\System32\PeerDist.dll
19:02:11.0095 4592 C:\Windows\System32\PeerDist.dll - ok
19:02:11.0095 4592 [ BAAFAF9CEAEC0B73C2A3550A01F6CECB ] C:\Windows\System32\taskschd.dll
19:02:11.0095 4592 C:\Windows\System32\taskschd.dll - ok
19:02:11.0095 4592 [ 1473768973453DE50DC738C2955FC4DD ] C:\Windows\System32\wdmaud.drv
19:02:11.0095 4592 C:\Windows\System32\wdmaud.drv - ok
19:02:11.0095 4592 [ DC220AE6F64819099F7EBD6F137E32E7 ] C:\Windows\System32\AudioSes.dll
19:02:11.0095 4592 C:\Windows\System32\AudioSes.dll - ok
19:02:11.0111 4592 [ 862596399AAFD2A21DB2AF9270CD4F70 ] C:\Windows\System32\mstask.dll
19:02:11.0111 4592 C:\Windows\System32\mstask.dll - ok
19:02:11.0111 4592 [ CA2A0750ED830678997695FF61B04C30 ] C:\Windows\System32\midimap.dll
19:02:11.0111 4592 C:\Windows\System32\midimap.dll - ok
19:02:11.0111 4592 [ 10AC5CE9F78DC281A1BBD9B8CC587B8A ] C:\Windows\System32\msacm32.dll
19:02:11.0111 4592 C:\Windows\System32\msacm32.dll - ok
19:02:11.0111 4592 [ 1B7C3A37362C7B2890168C5FC61C8D9B ] C:\Windows\System32\msacm32.drv
19:02:11.0111 4592 C:\Windows\System32\msacm32.drv - ok
19:02:11.0111 4592 [ 58775492FFD419248B08325E583C527F ] C:\Windows\System32\atl.dll
19:02:11.0111 4592 C:\Windows\System32\atl.dll - ok
19:02:11.0127 4592 [ 5EDBB34736DD7AC1A73CF8792A835E10 ] C:\Windows\System32\AudioEng.dll
19:02:11.0127 4592 C:\Windows\System32\AudioEng.dll - ok
19:02:11.0127 4592 [ 277BBC7E1AA1EE957F573A10ECA7EF3A ] C:\Windows\System32\gpsvc.dll
19:02:11.0127 4592 C:\Windows\System32\gpsvc.dll - ok
19:02:11.0127 4592 [ C1395286B822E306B4FE1568A8A77813 ] C:\Windows\System32\AUDIOKSE.dll
19:02:11.0127 4592 C:\Windows\System32\AUDIOKSE.dll - ok
19:02:11.0127 4592 [ A77BE7CB3222B4FB0AC6C71D1C2698D4 ] C:\Windows\System32\dsrole.dll
19:02:11.0127 4592 C:\Windows\System32\dsrole.dll - ok
19:02:11.0127 4592 [ 46BB91A169B9B31FF44EB04C48EC1D41 ] C:\Windows\System32\nlaapi.dll
19:02:11.0127 4592 C:\Windows\System32\nlaapi.dll - ok
19:02:11.0142 4592 [ BE097F5BB10F9079FCEB2DC4E7E20F02 ] C:\Windows\System32\slc.dll
19:02:11.0142 4592 C:\Windows\System32\slc.dll - ok
19:02:11.0142 4592 [ CA2985996BB49924B677113DF95CFEA7 ] C:\Windows\System32\SmartcardCredentialProvider.dll
19:02:11.0142 4592 C:\Windows\System32\SmartcardCredentialProvider.dll - ok
19:02:11.0142 4592 [ C2762A57DF0EE85E63CE4893C5215313 ] C:\Windows\System32\VaultCredProvider.dll
19:02:11.0142 4592 C:\Windows\System32\VaultCredProvider.dll - ok
19:02:11.0142 4592 [ 9F2BACD5E1776A4BB7CC0EC3C3A4F96D ] C:\Windows\System32\winbrand.dll
19:02:11.0142 4592 C:\Windows\System32\winbrand.dll - ok
19:02:11.0142 4592 [ 6F3C559B82F2912354BE5B098744CC8C ] C:\Windows\System32\WMALFXGFXDSP.dll
19:02:11.0142 4592 C:\Windows\System32\WMALFXGFXDSP.dll - ok
19:02:11.0158 4592 [ BF352E73615F5461AA6884472435A544 ] C:\Windows\System32\BioCredProv.dll
19:02:11.0158 4592 C:\Windows\System32\BioCredProv.dll - ok
19:02:11.0158 4592 [ CC0AB40F02D2C2A12209715A3C1B07B8 ] C:\Windows\System32\credui.dll
19:02:11.0158 4592 C:\Windows\System32\credui.dll - ok
19:02:11.0158 4592 [ 4166F82BE4D24938977DD1746BE9B8A0 ] C:\Windows\System32\es.dll
19:02:11.0158 4592 C:\Windows\System32\es.dll - ok
19:02:11.0158 4592 [ 54B5DCD55B223BC5DF50B82E1E9E86B1 ] C:\Windows\System32\mfplat.dll
19:02:11.0158 4592 C:\Windows\System32\mfplat.dll - ok
19:02:11.0158 4592 [ FC51229C7D4AFA0D6F186133728B95AB ] C:\Windows\System32\samcli.dll
19:02:11.0158 4592 C:\Windows\System32\samcli.dll - ok
19:02:11.0158 4592 [ 44B9C66177651F3F53C87B665D58D17A ] C:\Windows\System32\vaultcli.dll
19:02:11.0158 4592 C:\Windows\System32\vaultcli.dll - ok
19:02:11.0173 4592 [ 796B8123A7859AFD3A4AE10514DBAEB5 ] C:\Windows\System32\winbio.dll
19:02:11.0173 4592 C:\Windows\System32\winbio.dll - ok
19:02:11.0173 4592 [ 972C3301DB3DA91AE06A95F6B4160B1B ] C:\Windows\System32\certCredProvider.dll
19:02:11.0173 4592 C:\Windows\System32\certCredProvider.dll - ok
19:02:11.0173 4592 [ 019CD868461B646E09BDF04474C19341 ] C:\Windows\System32\rasapi32.dll
19:02:11.0173 4592 C:\Windows\System32\rasapi32.dll - ok
19:02:11.0173 4592 [ 87FA0C48C3B2E9FEE518818FE26B15B5 ] C:\Windows\System32\rasplap.dll
19:02:11.0173 4592 C:\Windows\System32\rasplap.dll - ok
19:02:11.0173 4592 [ B28DEEC597C8DEB70C744C7CF9210E3E ] C:\Windows\System32\rasman.dll
19:02:11.0173 4592 C:\Windows\System32\rasman.dll - ok
19:02:11.0189 4592 [ B53C4B69B695EDA1B7E41D35CA4244E2 ] C:\Windows\System32\rtutils.dll
19:02:11.0189 4592 C:\Windows\System32\rtutils.dll - ok
19:02:11.0189 4592 [ EDBB23CBCF2CDF727D64FF9B51A6070E ] C:\Windows\System32\uxsms.dll
19:02:11.0189 4592 C:\Windows\System32\uxsms.dll - ok
19:02:11.0189 4592 [ 16E116784B900D8A58DA4FB2FF1F0931 ] C:\Windows\System32\atieclxx.exe
19:02:11.0189 4592 C:\Windows\System32\atieclxx.exe - ok
19:02:11.0189 4592 [ 9BC8610C32C96A2983A65DC21CAFA921 ] C:\Windows\System32\UXInit.dll
19:02:11.0189 4592 C:\Windows\System32\UXInit.dll - ok
19:02:11.0205 4592 [ 9C66FEEFCA9D5DD712AB78D17BB16DA8 ] C:\Program Files\HitmanPro\hmpsched.exe
19:02:11.0205 4592 C:\Program Files\HitmanPro\hmpsched.exe - ok
19:02:11.0205 4592 [ F76BE04CD180721363FBD7884C90C09E ] C:\Windows\System32\atiadlxx.dll
19:02:11.0205 4592 C:\Windows\System32\atiadlxx.dll - ok
19:02:11.0205 4592 [ 1538831CF8AD2979A04C423779465827 ] C:\Windows\System32\drivers\lltdio.sys
19:02:11.0205 4592 C:\Windows\System32\drivers\lltdio.sys - ok
19:02:11.0205 4592 [ 0E2F58F6E698EDCB9E58FAD0CBCD0567 ] C:\Windows\System32\vssapi.dll
19:02:11.0205 4592 C:\Windows\System32\vssapi.dll - ok
19:02:11.0205 4592 [ E36112A8A6C7F840169A7E92C12F4203 ] C:\Windows\System32\wsock32.dll
19:02:11.0205 4592 C:\Windows\System32\wsock32.dll - ok
19:02:11.0220 4592 [ 5AA945234E9D4CCE4F715276B9AA712C ] C:\Windows\System32\imageres.dll
19:02:11.0220 4592 C:\Windows\System32\imageres.dll - ok
19:02:11.0220 4592 [ 287923557447D7E4BDD7E65B1F0F5428 ] C:\Windows\System32\vsstrace.dll
19:02:11.0220 4592 C:\Windows\System32\vsstrace.dll - ok
19:02:11.0220 4592 [ 1EA3749C4114DB3E3161156FFFFA6B33 ] C:\Windows\System32\drivers\nwifi.sys
19:02:11.0220 4592 C:\Windows\System32\drivers\nwifi.sys - ok
19:02:11.0220 4592 [ 16835866AAA693C7D7FCEBA8FFF706E4 ] C:\Windows\System32\dnsrslvr.dll
19:02:11.0220 4592 C:\Windows\System32\dnsrslvr.dll - ok
19:02:11.0220 4592 [ 136185F9FB2CC61E573E676AA5402356 ] C:\Windows\System32\drivers\ndisuio.sys
19:02:11.0220 4592 C:\Windows\System32\drivers\ndisuio.sys - ok
19:02:11.0236 4592 [ DDC86E4F8E7456261E637E3552E804FF ] C:\Windows\System32\drivers\rspndr.sys
19:02:11.0236 4592 C:\Windows\System32\drivers\rspndr.sys - ok
19:02:11.0236 4592 [ B73A6E4B319AFFE64582AC5C1801BB3F ] C:\Windows\System32\nrpsrv.dll
19:02:11.0236 4592 C:\Windows\System32\nrpsrv.dll - ok
19:02:11.0236 4592 [ 3CC16A849E6092E43909F48EF0E60306 ] C:\Windows\System32\dhcpcore6.dll
19:02:11.0236 4592 C:\Windows\System32\dhcpcore6.dll - ok
19:02:11.0236 4592 [ 885D0942E0F28DB90919BE3129ECF279 ] C:\Windows\System32\dnsext.dll
19:02:11.0236 4592 C:\Windows\System32\dnsext.dll - ok
19:02:11.0236 4592 [ 87356377F31DA5F20A833811CD59499C ] C:\Windows\System32\eapphost.dll
19:02:11.0236 4592 C:\Windows\System32\eapphost.dll - ok
19:02:11.0251 4592 [ 0040C486584A8E582C861CFB57AB5387 ] C:\Windows\System32\FWPUCLNT.DLL
19:02:11.0251 4592 C:\Windows\System32\FWPUCLNT.DLL - ok
19:02:11.0251 4592 [ 7373DE70D405FF08DC53336B83989138 ] C:\Windows\System32\rastls.dll
19:02:11.0251 4592 C:\Windows\System32\rastls.dll - ok
19:02:11.0251 4592 [ F568F7C08458D69E4FCD8675BBB107E4 ] C:\Windows\System32\dhcpcsvc.dll
19:02:11.0251 4592 C:\Windows\System32\dhcpcsvc.dll - ok
19:02:11.0251 4592 [ 3C06D5A929B798D0B13F6481242A0FD2 ] C:\Windows\System32\dhcpcsvc6.dll
19:02:11.0251 4592 C:\Windows\System32\dhcpcsvc6.dll - ok
19:02:11.0251 4592 [ 6A84E68B538B8B04608BF2F0D426CE6F ] C:\Windows\System32\raschap.dll
19:02:11.0251 4592 C:\Windows\System32\raschap.dll - ok
19:02:11.0267 4592 [ 9FCA3A84338ADEF2AFF67CDA46EF8539 ] C:\Windows\System32\umb.dll
19:02:11.0267 4592 C:\Windows\System32\umb.dll - ok
19:02:11.0267 4592 [ A648C4A06DE367065B24056D067B4460 ] C:\Windows\System32\wlanmsm.dll
19:02:11.0267 4592 C:\Windows\System32\wlanmsm.dll - ok
19:02:11.0267 4592 [ 06A1386B6E3A0CBC368665C1840906F4 ] C:\Windows\System32\wlansec.dll
19:02:11.0267 4592 C:\Windows\System32\wlansec.dll - ok
19:02:11.0267 4592 [ 65522E77A1360DBC8D199DA3BF5EFFE4 ] C:\Windows\System32\eappprxy.dll
19:02:11.0267 4592 C:\Windows\System32\eappprxy.dll - ok
19:02:11.0267 4592 [ 73FCB7919DEE80EE556F2E498594EBAE ] C:\Windows\System32\onex.dll
19:02:11.0267 4592 C:\Windows\System32\onex.dll - ok
19:02:11.0283 4592 [ 0D753307D274F3688BD21C377B616700 ] C:\Windows\System32\eappcfg.dll
19:02:11.0283 4592 C:\Windows\System32\eappcfg.dll - ok
19:02:11.0283 4592 [ 97E43F324BE1503CB2FFB058534688DA ] C:\Windows\System32\l2gpstore.dll
19:02:11.0283 4592 C:\Windows\System32\l2gpstore.dll - ok
19:02:11.0283 4592 [ 7D5645EE0EA77D539828433D9B95F5EB ] C:\Windows\System32\WinSCard.dll
19:02:11.0283 4592 C:\Windows\System32\WinSCard.dll - ok
19:02:11.0283 4592 [ 7F1B4C6FF3B85F9ADF74055187B8A22C ] C:\Windows\System32\wlanutil.dll
19:02:11.0283 4592 C:\Windows\System32\wlanutil.dll - ok
19:02:11.0283 4592 [ 730BF204A595D5B6D7DC57A247CC741C ] C:\Windows\System32\wlgpclnt.dll
19:02:11.0283 4592 C:\Windows\System32\wlgpclnt.dll - ok
19:02:11.0298 4592 [ 99B91C5D2FCEF218CAD3600ECB62A799 ] C:\Windows\System32\msxml6.dll
19:02:11.0298 4592 C:\Windows\System32\msxml6.dll - ok
19:02:11.0298 4592 [ BC414631876B2F28B8DAB08E849C12C5 ] C:\Windows\System32\ktmw32.dll
19:02:11.0298 4592 C:\Windows\System32\ktmw32.dll - ok
19:02:11.0298 4592 [ 03706015DB44368375AEBE6339490E66 ] C:\Windows\System32\netcfgx.dll
19:02:11.0298 4592 C:\Windows\System32\netcfgx.dll - ok
19:02:11.0298 4592 [ 6DC4A7242F565C9E9C9CCC7BB0FA75C7 ] C:\Windows\System32\taskcomp.dll
19:02:11.0298 4592 C:\Windows\System32\taskcomp.dll - ok
19:02:11.0298 4592 [ 6C02A83164F5CC0A262F4199F0871CF5 ] C:\Windows\System32\drivers\bowser.sys
19:02:11.0298 4592 C:\Windows\System32\drivers\bowser.sys - ok
19:02:11.0314 4592 [ 6C38C9E45AE0EA2FA5E551F2ED5E978F ] C:\Windows\System32\drivers\mpsdrv.sys
19:02:11.0314 4592 C:\Windows\System32\drivers\mpsdrv.sys - ok
19:02:11.0314 4592 [ A5D9106A73DC88564C825D317CAC68AC ] C:\Windows\System32\drivers\mrxsmb.sys
19:02:11.0314 4592 C:\Windows\System32\drivers\mrxsmb.sys - ok
19:02:11.0314 4592 [ D711B3C1D5F42C0C2415687BE09FC163 ] C:\Windows\System32\drivers\mrxsmb10.sys
19:02:11.0314 4592 C:\Windows\System32\drivers\mrxsmb10.sys - ok
19:02:11.0314 4592 [ 9423E9D355C8D303E76B8CFBD8A5C30C ] C:\Windows\System32\drivers\mrxsmb20.sys
19:02:11.0314 4592 C:\Windows\System32\drivers\mrxsmb20.sys - ok
19:02:11.0314 4592 [ B8590E612C0DC80DF2BBC543F744BA92 ] C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe
19:02:11.0314 4592 C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe - ok
19:02:11.0329 4592 [ CAED4A65CAF1EF80AA81E9B135326658 ] C:\Windows\System32\msvcp100.dll
19:02:11.0329 4592 C:\Windows\System32\msvcp100.dll - ok
19:02:11.0329 4592 [ AED6D63CFA5A3EF7021AF9C457FEE994 ] C:\Windows\System32\msvcr100.dll
19:02:11.0329 4592 C:\Windows\System32\msvcr100.dll - ok
19:02:11.0329 4592 [ C67F8A962B2534224D5908D16D2AD3CE ] C:\Windows\System32\wfapigp.dll
19:02:11.0329 4592 C:\Windows\System32\wfapigp.dll - ok
19:02:11.0329 4592 [ 1834B31C749B86DAC233BBBA1C03BC48 ] C:\Windows\System32\mscms.dll
19:02:11.0329 4592 C:\Windows\System32\mscms.dll - ok
19:02:11.0329 4592 [ 5A528A540B1AEE8B1C77ED65094E8CDF ] C:\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\aoddriver2.sys
19:02:11.0329 4592 C:\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\aoddriver2.sys - ok
19:02:11.0345 4592 [ 5D306463535067E4E275C12B678311AF ] C:\Program Files\ATI Technologies\ATI.ACE\Fuel\device.dll
19:02:11.0345 4592 C:\Program Files\ATI Technologies\ATI.ACE\Fuel\device.dll - ok
19:02:11.0345 4592 [ 0F30820D2C84A695E511AEA844890307 ] C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Container.PerformanceTuning.dll
19:02:11.0345 4592 C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Container.PerformanceTuning.dll - ok
19:02:11.0345 4592 [ 7AE92C896AF9ABFBDB18C1D055B6EBA7 ] C:\Windows\winsxs\amd64_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.4940_none_88df89932faf0bf6\msvcp80.dll
19:02:11.0345 4592 C:\Windows\winsxs\amd64_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.4940_none_88df89932faf0bf6\msvcp80.dll - ok
19:02:11.0345 4592 [ 91A8E32B00BF7899EDAB6783287DDDA6 ] C:\Windows\System32\PeerDistSh.dll
19:02:11.0345 4592 C:\Windows\System32\PeerDistSh.dll - ok
19:02:11.0361 4592 [ E9A0777DCA9148157E0EF9B71D7DE353 ] C:\Windows\System32\RdpGroupPolicyExtension.dll
19:02:11.0361 4592 C:\Windows\System32\RdpGroupPolicyExtension.dll - ok
19:02:11.0361 4592 [ 06A754FE28A06F780A099703CFCAAA22 ] C:\Windows\winsxs\amd64_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.4940_none_88df89932faf0bf6\msvcr80.dll
19:02:11.0361 4592 C:\Windows\winsxs\amd64_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.4940_none_88df89932faf0bf6\msvcr80.dll - ok
19:02:11.0361 4592 [ 2C0A8B0B4CB11F3F61090B5CB3ADEAA8 ] C:\Program Files\ATI Technologies\ATI.ACE\Fuel\platform.dll
19:02:11.0361 4592 C:\Program Files\ATI Technologies\ATI.ACE\Fuel\platform.dll - ok
19:02:11.0361 4592 [ C2A43D645FCC1DD154DF6CE029ED5C48 ] C:\Program Files (x86)\Comodo\Dragon\dragon_updater.exe
19:02:11.0361 4592 C:\Program Files (x86)\Comodo\Dragon\dragon_updater.exe - ok
19:02:11.0361 4592 [ D437B26284235A51D3439A049CBA2CFD ] C:\Program Files (x86)\Comodo\Dragon\distribution.dll
19:02:11.0361 4592 C:\Program Files (x86)\Comodo\Dragon\distribution.dll - ok
19:02:11.0376 4592 [ 18AB2E5A40064ED5F7791AC5946A90F3 ] C:\Windows\SysWOW64\msimg32.dll
19:02:11.0376 4592 C:\Windows\SysWOW64\msimg32.dll - ok
19:02:11.0376 4592 [ BDAC1AA64495D0F7E1FF810EBBF1F018 ] C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_5.82.7601.17514_none_ec83dffa859149af\comctl32.dll
19:02:11.0376 4592 C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_5.82.7601.17514_none_ec83dffa859149af\comctl32.dll - ok
19:02:11.0376 4592 [ 780E80E5502015EDAEC91DC0A0C96A79 ] C:\Windows\SysWOW64\iertutil.dll
19:02:11.0376 4592 C:\Windows\SysWOW64\iertutil.dll - ok
19:02:11.0376 4592 [ 7FA3A810F383588D46220967DE8B64FF ] C:\Windows\SysWOW64\wininet.dll
19:02:11.0376 4592 C:\Windows\SysWOW64\wininet.dll - ok
19:02:11.0376 4592 [ 4266A3230981DD4434C55957F6DD497D ] C:\Windows\SysWOW64\urlmon.dll
19:02:11.0376 4592 C:\Windows\SysWOW64\urlmon.dll - ok
19:02:11.0392 4592 [ 8E01332CC4B68BC6B5B7EFFE374442AA ] C:\Windows\SysWOW64\oleacc.dll
19:02:11.0392 4592 C:\Windows\SysWOW64\oleacc.dll - ok
19:02:11.0392 4592 [ 7717F84F483002815490033BF069DABD ] C:\Windows\winsxs\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.17825_none_72d273598668a06b\GdiPlus.dll
19:02:11.0392 4592 C:\Windows\winsxs\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.17825_none_72d273598668a06b\GdiPlus.dll - ok
19:02:11.0392 4592 [ D1DE1EAFDE97BE41CF6585027FF3E732 ] C:\Windows\SysWOW64\comdlg32.dll
19:02:11.0392 4592 C:\Windows\SysWOW64\comdlg32.dll - ok
19:02:11.0392 4592 [ D5AEFAD57C08349A4393D987DF7C715D ] C:\Windows\SysWOW64\winmm.dll
19:02:11.0392 4592 C:\Windows\SysWOW64\winmm.dll - ok
19:02:11.0392 4592 [ 39C5F32747B3414D1BB216FDB1DEFC58 ] C:\Windows\SysWOW64\dwmapi.dll
19:02:11.0392 4592 C:\Windows\SysWOW64\dwmapi.dll - ok
19:02:11.0407 4592 [ 43964FA89CCF97BA6BE34D69455AC65F ] C:\Windows\SysWOW64\uxtheme.dll
19:02:11.0407 4592 C:\Windows\SysWOW64\uxtheme.dll - ok
19:02:11.0407 4592 [ A113AFEED3159A1ED52D78CB0226006D ] C:\Windows\SysWOW64\secur32.dll
19:02:11.0407 4592 C:\Windows\SysWOW64\secur32.dll - ok
19:02:11.0407 4592 [ 352B3DC62A0D259A82A052238425C872 ] C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2\comctl32.dll
19:02:11.0407 4592 C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2\comctl32.dll - ok
19:02:11.0407 4592 [ F1B205F932F62F94506A5F332C895DAF ] C:\Windows\System32\WSDApi.dll
19:02:11.0407 4592 C:\Windows\System32\WSDApi.dll - ok
19:02:11.0423 4592 [ 6377051C63D5552A311935C67E9FDFDC ] C:\Windows\SysWOW64\nsi.dll
19:02:11.0423 4592 C:\Windows\SysWOW64\nsi.dll - ok
19:02:11.0423 4592 [ 3FD15B4611D9BDA3F8013548C0ECAECA ] C:\Windows\SysWOW64\ntmarta.dll
19:02:11.0423 4592 C:\Windows\SysWOW64\ntmarta.dll - ok
19:02:11.0423 4592 [ A8BB45F9ECAD993461E0FEF8E2A99152 ] C:\Windows\SysWOW64\Wldap32.dll
19:02:11.0423 4592 C:\Windows\SysWOW64\Wldap32.dll - ok
19:02:11.0423 4592 [ 7FF15A4F092CD4A96055BA69F903E3E9 ] C:\Windows\SysWOW64\ws2_32.dll
19:02:11.0423 4592 C:\Windows\SysWOW64\ws2_32.dll - ok
19:02:11.0423 4592 [ 24B6902AE2735C7C8ED6670E5E323EC9 ] C:\Program Files (x86)\Common Files\Comodo\GeekBuddyRSP.exe
19:02:11.0423 4592 C:\Program Files (x86)\Common Files\Comodo\GeekBuddyRSP.exe - ok
19:02:11.0423 4592 [ C55516D98DD5D8F0153C2A9B4227DA86 ] C:\Windows\System32\webservices.dll
19:02:11.0423 4592 C:\Windows\System32\webservices.dll - ok
19:02:11.0439 4592 [ B40420876B9288E0A1C8CCA8A84E5DC9 ] C:\Windows\SysWOW64\dnsapi.dll
19:02:11.0439 4592 C:\Windows\SysWOW64\dnsapi.dll - ok
19:02:11.0439 4592 [ A90DC9ABD65DB1A8902F361103029952 ] C:\Windows\SysWOW64\IPHLPAPI.DLL
19:02:11.0439 4592 C:\Windows\SysWOW64\IPHLPAPI.DLL - ok
19:02:11.0439 4592 [ 839F96DBAAFD3353E0B248A5E0BD2A51 ] C:\Windows\SysWOW64\rasapi32.dll
19:02:11.0439 4592 C:\Windows\SysWOW64\rasapi32.dll - ok
19:02:11.0439 4592 [ CFF35B879D1618D42C86644C717BA947 ] C:\Windows\SysWOW64\winnsi.dll
19:02:11.0439 4592 C:\Windows\SysWOW64\winnsi.dll - ok
19:02:11.0454 4592 [ B5055B51BAA0FD0A736A88653DA3C1C0 ] C:\Windows\System32\fundisc.dll
19:02:11.0454 4592 C:\Windows\System32\fundisc.dll - ok
19:02:11.0454 4592 [ FFA7172354B9256DBB2CDD75F16F33FE ] C:\Windows\SysWOW64\rasman.dll
19:02:11.0454 4592 C:\Windows\SysWOW64\rasman.dll - ok
19:02:11.0454 4592 [ 0915C4DB6DBC3BB9E11B7ECBBE4B7159 ] C:\Windows\SysWOW64\rtutils.dll
19:02:11.0454 4592 C:\Windows\SysWOW64\rtutils.dll - ok
19:02:11.0454 4592 [ 371948BC5911ABA06168FAC91ED25F06 ] C:\Windows\System32\msxml3.dll
19:02:11.0454 4592 C:\Windows\System32\msxml3.dll - ok
19:02:11.0454 4592 [ BCEA9AB347E53BC03B2E36BE0B8BA0EF ] C:\Windows\System32\httpapi.dll
19:02:11.0454 4592 C:\Windows\System32\httpapi.dll - ok
19:02:11.0470 4592 [ 603EBD34E216C5654A2D774EAC98D278 ] C:\Windows\System32\webio.dll
19:02:11.0470 4592 C:\Windows\System32\webio.dll - ok
19:02:11.0470 4592 [ CFFDEE337B36F82DFAF7265DEB552E0A ] C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Container.Wlan.dll
19:02:11.0470 4592 C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Container.Wlan.dll - ok
19:02:11.0470 4592 [ 357BE883C5236BFC7341CB9E82308908 ] C:\Windows\System32\wlanapi.dll
19:02:11.0470 4592 C:\Windows\System32\wlanapi.dll - ok
19:02:11.0470 4592 [ 8999B8631C7FD9F7F9EC3CAFD953BA24 ] C:\Windows\SysWOW64\mswsock.dll
19:02:11.0470 4592 C:\Windows\SysWOW64\mswsock.dll - ok
19:02:11.0470 4592 [ 6F8E3B7B70E1BBA871212940C1FBDF60 ] C:\Windows\SysWOW64\SensApi.dll
19:02:11.0470 4592 C:\Windows\SysWOW64\SensApi.dll - ok
19:02:11.0485 4592 [ FF5688D309347F2720911D8796912834 ] C:\Windows\SysWOW64\clbcatq.dll
19:02:11.0485 4592 C:\Windows\SysWOW64\clbcatq.dll - ok
19:02:11.0485 4592 [ 8C338238C16777A802D6A9211EB2BA50 ] C:\Windows\SysWOW64\netprofm.dll
19:02:11.0485 4592 C:\Windows\SysWOW64\netprofm.dll - ok
19:02:11.0485 4592 [ 73E8667A19FEEDD856DF2695E9E511D4 ] C:\Windows\SysWOW64\wship6.dll
19:02:11.0485 4592 C:\Windows\SysWOW64\wship6.dll - ok
19:02:11.0485 4592 [ 7321F18D1F820612ED0E9F2D4B578A7E ] C:\Windows\SysWOW64\cryptsp.dll
19:02:11.0485 4592 C:\Windows\SysWOW64\cryptsp.dll - ok
19:02:11.0485 4592 [ 0BA65122FFA7E37564EE86422DBF7AE8 ] C:\Windows\SysWOW64\nlaapi.dll
19:02:11.0485 4592 C:\Windows\SysWOW64\nlaapi.dll - ok
19:02:11.0501 4592 [ 5997D769CDB108390DCFAEBF442BF816 ] C:\Windows\SysWOW64\RpcRtRemote.dll
19:02:11.0501 4592 C:\Windows\SysWOW64\RpcRtRemote.dll - ok
19:02:11.0501 4592 [ ED8EC63F7522DF4852147C84EC62C36A ] C:\Windows\SysWOW64\rsaenh.dll
19:02:11.0501 4592 C:\Windows\SysWOW64\rsaenh.dll - ok
19:02:11.0501 4592 [ A543AC1F7138376D778D630A35FCBC4C ] C:\Windows\SysWOW64\psapi.dll
19:02:11.0501 4592 C:\Windows\SysWOW64\psapi.dll - ok
19:02:11.0501 4592 [ 6A6B2EE4565A178035BE2A4FF6F2C968 ] C:\Windows\SysWOW64\wtsapi32.dll
19:02:11.0501 4592 C:\Windows\SysWOW64\wtsapi32.dll - ok
19:02:11.0501 4592 [ 0B7E85364CB878E2AD531DB7B601A9E5 ] C:\Windows\SysWOW64\NapiNSP.dll
19:02:11.0501 4592 C:\Windows\SysWOW64\NapiNSP.dll - ok
19:02:11.0517 4592 [ 5CF640EDDB1E40A5AB1BB743BCDEC610 ] C:\Windows\SysWOW64\pnrpnsp.dll
19:02:11.0517 4592 C:\Windows\SysWOW64\pnrpnsp.dll - ok
19:02:11.0517 4592 [ 5DF5D8CFD9B9573FA3B2C89D9061A240 ] C:\Windows\SysWOW64\winrnr.dll
19:02:11.0517 4592 C:\Windows\SysWOW64\winrnr.dll - ok
19:02:11.0517 4592 [ EE5C8E27C37B79CB54A2FCEEED2DC262 ] C:\Windows\SysWOW64\WSHTCPIP.DLL
19:02:11.0517 4592 C:\Windows\SysWOW64\WSHTCPIP.DLL - ok
19:02:11.0517 4592 [ 03A03A453F1AAAE0C73AAAF895321C7A ] C:\Windows\SysWOW64\FWPUCLNT.DLL
19:02:11.0517 4592 C:\Windows\SysWOW64\FWPUCLNT.DLL - ok
19:02:11.0517 4592 [ ED6EE83D61EBC683C2CD8E899EA6FEBE ] C:\Windows\SysWOW64\rasadhlp.dll
19:02:11.0517 4592 C:\Windows\SysWOW64\rasadhlp.dll - ok
19:02:11.0532 4592 [ 41FB1D61DF09C36CCAB0B04EEC66F6D5 ] C:\Program Files\Microsoft LifeCam\MSCamS64.exe
19:02:11.0532 4592 C:\Program Files\Microsoft LifeCam\MSCamS64.exe - ok
19:02:11.0532 4592 [ BE165318E0052A91F7EA36F515B5F2B1 ] C:\Windows\winsxs\amd64_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.4940_none_08e4299fa83d7e3c\msvcp90.dll
19:02:11.0532 4592 C:\Windows\winsxs\amd64_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.4940_none_08e4299fa83d7e3c\msvcp90.dll - ok
19:02:11.0532 4592 [ 0D7BE936A44E6B70F822D272A5CEBC22 ] C:\Windows\winsxs\amd64_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.4940_none_08e4299fa83d7e3c\msvcr90.dll
19:02:11.0532 4592 C:\Windows\winsxs\amd64_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.4940_none_08e4299fa83d7e3c\msvcr90.dll - ok
19:02:11.0532 4592 [ BB451BDA66AF25A21DBC922538A83C2C ] C:\Program Files\Microsoft LifeCam\CAL264.dll
19:02:11.0532 4592 C:\Program Files\Microsoft LifeCam\CAL264.dll - ok
19:02:11.0532 4592 [ 1727B2A2F379A32B864C096FA794AADC ] C:\Windows\System32\aepic.dll
19:02:11.0532 4592 C:\Windows\System32\aepic.dll - ok
19:02:11.0548 4592 [ D4FAC263861BAE06971C7F7D0A8EBF15 ] C:\Windows\System32\ncsi.dll
19:02:11.0548 4592 C:\Windows\System32\ncsi.dll - ok
19:02:11.0548 4592 [ C6DCD1D11ED6827F05C00773C3E7053C ] C:\Windows\System32\sfc.dll
19:02:11.0548 4592 C:\Windows\System32\sfc.dll - ok
19:02:11.0548 4592 [ 895C9AB0A855547445C4181195230757 ] C:\Windows\System32\sfc_os.dll
19:02:11.0548 4592 C:\Windows\System32\sfc_os.dll - ok
19:02:11.0548 4592 [ 68769C3356B3BE5D1C732C97B9A80D6E ] C:\Windows\System32\drivers\PEAuth.sys
19:02:11.0548 4592 C:\Windows\System32\drivers\PEAuth.sys - ok
19:02:11.0548 4592 [ 3EA8A16169C26AFBEB544E0E48421186 ] C:\Windows\System32\drivers\secdrv.sys
19:02:11.0548 4592 C:\Windows\System32\drivers\secdrv.sys - ok
19:02:11.0563 4592 [ 2BBF3FDB70B8965DFA0258CBAB41ECCE ] C:\Windows\System32\ssdpapi.dll
19:02:11.0563 4592 C:\Windows\System32\ssdpapi.dll - ok
19:02:11.0563 4592 [ 183F04C6742902F33039913A96F5B574 ] C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe
19:02:11.0563 4592 C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe - ok
19:02:11.0563 4592 [ 46767946E7B559D981C1DC04EC0AB36F ] C:\Windows\System32\devenum.dll
19:02:11.0563 4592 C:\Windows\System32\devenum.dll - ok
19:02:11.0563 4592 [ 558C42D165DB5799B4072DC0A9C27C0B ] C:\Windows\System32\msdmo.dll
19:02:11.0563 4592 C:\Windows\System32\msdmo.dll - ok
19:02:11.0563 4592 [ F2FDCE462E582B7EFF3311BC77979BAE ] C:\Windows\System32\LcProxy2.ax
19:02:11.0563 4592 C:\Windows\System32\LcProxy2.ax - ok
19:02:11.0579 4592 [ A6C29DB53ECA94FA8591C5388D604B82 ] C:\Windows\SysWOW64\msi.dll
19:02:11.0579 4592 C:\Windows\SysWOW64\msi.dll - ok
19:02:11.0579 4592 [ 4C3DAEE652B005B483F16B8E9131C99D ] C:\Windows\System32\d3d9.dll
19:02:11.0579 4592 C:\Windows\System32\d3d9.dll - ok
19:02:11.0579 4592 [ 2D66F79983F266621E6450E08A536DAD ] C:\Windows\System32\ksproxy.ax
19:02:11.0579 4592 C:\Windows\System32\ksproxy.ax - ok
19:02:11.0579 4592 [ CA9F7888B524D8100B977C81F44C3234 ] C:\Windows\SysWOW64\winhttp.dll
19:02:11.0579 4592 C:\Windows\SysWOW64\winhttp.dll - ok
19:02:11.0579 4592 [ 3044D07ABDF4BBEA27E2EE7B1E0C0C65 ] C:\Windows\System32\d3d8thk.dll
19:02:11.0579 4592 C:\Windows\System32\d3d8thk.dll - ok
19:02:11.0595 4592 [ FB19FC5951A88F3C523E35C2C98D23C0 ] C:\Windows\SysWOW64\webio.dll
19:02:11.0595 4592 C:\Windows\SysWOW64\webio.dll - ok
19:02:11.0595 4592 [ B84CB0F6C83F5D515570334AC505720C ] C:\Windows\System32\Kswdmcap.ax
19:02:11.0595 4592 C:\Windows\System32\Kswdmcap.ax - ok
19:02:11.0595 4592 [ 7E1CF52C347D8755E5CA5ED0E99B401E ] C:\Windows\System32\mfc42.dll
19:02:11.0595 4592 C:\Windows\System32\mfc42.dll - ok
19:02:11.0595 4592 [ ECA2CAD0712683D1A7AA2AB47E180B63 ] C:\Windows\System32\vidcap.ax
19:02:11.0595 4592 C:\Windows\System32\vidcap.ax - ok
19:02:11.0595 4592 [ 7FF8E121AFA05BDAB23B9FEDCDAB7A33 ] C:\Windows\System32\odbc32.dll
19:02:11.0595 4592 C:\Windows\System32\odbc32.dll - ok
19:02:11.0610 4592 [ 3E466073C3B1033FF92ADE9031E3D4A2 ] C:\Windows\System32\odbcint.dll
19:02:11.0610 4592 C:\Windows\System32\odbcint.dll - ok
19:02:11.0610 4592 [ 44A8B9185030EA57F7999383643ADFFB ] C:\Windows\System32\quartz.dll
19:02:11.0610 4592 C:\Windows\System32\quartz.dll - ok
19:02:11.0610 4592 [ 011E958267FEB6ED72F1BFA80072943C ] D:\Programs\Skype\Updater\Updater.exe
19:02:11.0610 4592 D:\Programs\Skype\Updater\Updater.exe - ok
19:02:11.0610 4592 [ 27E461F0BE5BFF5FC737328F749538C3 ] C:\Windows\System32\drivers\srvnet.sys
19:02:11.0610 4592 C:\Windows\System32\drivers\srvnet.sys - ok
19:02:11.0610 4592 [ B4ADEBBF5E3677CCE9651E0F01F7CC28 ] C:\Windows\System32\drivers\srv2.sys
19:02:11.0610 4592 C:\Windows\System32\drivers\srv2.sys - ok
19:02:11.0626 4592 [ 1B16D0BD9841794A6E0CDE0CEF744ABC ] C:\Windows\System32\drivers\tcpipreg.sys
19:02:11.0626 4592 C:\Windows\System32\drivers\tcpipreg.sys - ok
19:02:11.0626 4592 [ 441FBA48BFF01FDB9D5969EBC1838F0B ] C:\Windows\System32\drivers\srv.sys
19:02:11.0626 4592 C:\Windows\System32\drivers\srv.sys - ok
19:02:11.0626 4592 [ 27B9E163740A226B65E4B9E186117911 ] C:\Windows\System32\sqmapi.dll
19:02:11.0626 4592 C:\Windows\System32\sqmapi.dll - ok
19:02:11.0626 4592 [ A3F5E8EC1316C3E2562B82694A251C9E ] C:\Windows\System32\wbem\fastprox.dll
19:02:11.0626 4592 C:\Windows\System32\wbem\fastprox.dll - ok
19:02:11.0641 4592 [ 0255C22D99602534F15CBB8D9B6F152F ] C:\Windows\System32\wbem\WinMgmtR.dll
19:02:11.0641 4592 C:\Windows\System32\wbem\WinMgmtR.dll - ok
19:02:11.0641 4592 [ 0C52762C606BCF6A377D5E4688191A6B ] C:\Windows\System32\wbem\WmiDcPrv.dll
19:02:11.0641 4592 C:\Windows\System32\wbem\WmiDcPrv.dll - ok
19:02:11.0641 4592 [ 7B38D7916A7CD058C16A0A6CA5077901 ] C:\Windows\System32\wdscore.dll
19:02:11.0641 4592 C:\Windows\System32\wdscore.dll - ok
19:02:11.0641 4592 [ CFEFA40DDE34659BE5211966EAD86437 ] C:\Windows\System32\netmsg.dll
19:02:11.0641 4592 C:\Windows\System32\netmsg.dll - ok
19:02:11.0641 4592 [ EE26D130808D16C0E417BBBED0451B34 ] C:\Windows\System32\ntdsapi.dll
19:02:11.0641 4592 C:\Windows\System32\ntdsapi.dll - ok
19:02:11.0657 4592 [ 3B367397320C26DBA890B260F80D1B1B ] C:\Windows\System32\hnetcfg.dll
19:02:11.0657 4592 C:\Windows\System32\hnetcfg.dll - ok
19:02:11.0657 4592 [ 81749E073AC5857B044A686B406E5244 ] C:\Windows\System32\clusapi.dll
19:02:11.0657 4592 C:\Windows\System32\clusapi.dll - ok
19:02:11.0657 4592 [ FEB91B4DA0D540865260A33838654FA3 ] C:\Windows\System32\nci.dll
19:02:11.0657 4592 C:\Windows\System32\nci.dll - ok
19:02:11.0657 4592 [ 344FCC9850C3A8A3B4D3C65151AF8E4C ] C:\Windows\System32\resutils.dll
19:02:11.0657 4592 C:\Windows\System32\resutils.dll - ok
19:02:11.0657 4592 [ FF80CAD87555E8E4D2CFD7B9058343F8 ] C:\Windows\System32\sscore.dll
19:02:11.0657 4592 C:\Windows\System32\sscore.dll - ok
19:02:11.0673 4592 [ 5EB55F661DEBF156E126160BCD4D89F8 ] C:\Windows\System32\wbem\wbemcore.dll
19:02:11.0673 4592 C:\Windows\System32\wbem\wbemcore.dll - ok
19:02:11.0673 4592 [ 087D8668C71634A3A3761135ABF16EEE ] C:\Windows\System32\wbem\esscli.dll
19:02:11.0673 4592 C:\Windows\System32\wbem\esscli.dll - ok
19:02:11.0673 4592 [ 718B6F51AB7F6FE2988A36868F9AD3AB ] C:\Windows\System32\wbem\wbemsvc.dll
19:02:11.0673 4592 C:\Windows\System32\wbem\wbemsvc.dll - ok
19:02:11.0673 4592 [ 0143DB80DACFB7C2B5B7009ED9063353 ] C:\Windows\System32\wbem\wmiutils.dll
19:02:11.0673 4592 C:\Windows\System32\wbem\wmiutils.dll - ok
19:02:11.0673 4592 [ 0AB34456654C283DAA13B8D2BA21439B ] C:\Windows\System32\wbem\repdrvfs.dll
19:02:11.0673 4592 C:\Windows\System32\wbem\repdrvfs.dll - ok
19:02:11.0688 4592 [ DDD0357A92FA843EFF8915ED17253D6C ] C:\Windows\System32\wbem\WmiPrvSD.dll
19:02:11.0688 4592 C:\Windows\System32\wbem\WmiPrvSD.dll - ok
19:02:11.0688 4592 [ D41FEBD098234F02485A4EA98D4730A4 ] C:\Windows\System32\ncobjapi.dll
19:02:11.0688 4592 C:\Windows\System32\ncobjapi.dll - ok
19:02:11.0688 4592 [ 6F40D6FB05E0C1E5402812B426971AF0 ] C:\Windows\System32\wbem\wbemess.dll
19:02:11.0688 4592 C:\Windows\System32\wbem\wbemess.dll - ok

Edited by GigabitPony, 16 January 2013 - 11:57 PM.


#15 GigabitPony

GigabitPony
  • Topic Starter

  • Members
  • 14 posts
  • OFFLINE
  •  
  • Local time:01:16 PM

Posted 17 January 2013 - 12:00 AM

19:02:11.0688 4592 [ 2DF29664ED261F0FC448E58F338F0671 ] C:\Windows\System32\mprapi.dll
19:02:11.0688 4592 C:\Windows\System32\mprapi.dll - ok
19:02:11.0688 4592 [ 1CF21800E337F4039AAD4C94B4280EE4 ] C:\Windows\System32\mprmsg.dll
19:02:11.0688 4592 C:\Windows\System32\mprmsg.dll - ok
19:02:11.0704 4592 [ 79AFFC7FEEA9CD2FEFEA5EF3B631A02C ] C:\Windows\System32\ndiscapCfg.dll
19:02:11.0704 4592 C:\Windows\System32\ndiscapCfg.dll - ok
19:02:11.0704 4592 [ 619A67C9F617B7E69315BB28ECD5E1DF ] C:\Windows\System32\wbem\WmiPrvSE.exe
19:02:11.0704 4592 C:\Windows\System32\wbem\WmiPrvSE.exe - ok
19:02:11.0704 4592 [ 6607C2182C6A53ED983813AFE2F85768 ] C:\Windows\System32\wbem\cimwin32.dll
19:02:11.0704 4592 C:\Windows\System32\wbem\cimwin32.dll - ok
19:02:11.0704 4592 [ 88351B29B622B30962D2FEB6CA8D860B ] C:\Windows\System32\rasadhlp.dll
19:02:11.0704 4592 C:\Windows\System32\rasadhlp.dll - ok
19:02:11.0704 4592 [ 1484B9EBF567346582DE571B0E164AE0 ] C:\Windows\System32\framedynos.dll
19:02:11.0704 4592 C:\Windows\System32\framedynos.dll - ok
19:02:11.0719 4592 [ 945E54F23C72D37B8CD1987AF0DB63BF ] C:\Windows\System32\fveapi.dll
19:02:11.0719 4592 C:\Windows\System32\fveapi.dll - ok
19:02:11.0719 4592 [ F7073C962C4FB7C415565DDE109DE49F ] C:\Windows\System32\npmproxy.dll
19:02:11.0719 4592 C:\Windows\System32\npmproxy.dll - ok
19:02:11.0719 4592 [ 15E298B5EC5B89C5994A59863969D9FF ] C:\Windows\SysWOW64\npmproxy.dll
19:02:11.0719 4592 C:\Windows\SysWOW64\npmproxy.dll - ok
19:02:11.0719 4592 [ 4449D23E8F197862F1B16F1E6C89C36C ] C:\Windows\System32\diagperf.dll
19:02:11.0719 4592 C:\Windows\System32\diagperf.dll - ok
19:02:11.0719 4592 [ 891ECFD08E2C538B7948CBC45106D697 ] C:\Windows\System32\fvecerts.dll
19:02:11.0719 4592 C:\Windows\System32\fvecerts.dll - ok
19:02:11.0735 4592 [ E64D9EC8018C55873B40FDEE9DBEF5B3 ] C:\Windows\System32\PortableDeviceApi.dll
19:02:11.0735 4592 C:\Windows\System32\PortableDeviceApi.dll - ok
19:02:11.0735 4592 [ 694865362F0965779F92BCFE97712323 ] C:\Windows\System32\tbs.dll
19:02:11.0735 4592 C:\Windows\System32\tbs.dll - ok
19:02:11.0735 4592 [ 9A85ABCE0FDD1AF8E79E731EB0B679F3 ] C:\Windows\SysWOW64\dhcpcsvc.dll
19:02:11.0735 4592 C:\Windows\SysWOW64\dhcpcsvc.dll - ok
19:02:11.0735 4592 [ 81F6C1AE23B1C493D9E996C3103915D7 ] C:\Windows\SysWOW64\dhcpcsvc6.dll
19:02:11.0735 4592 C:\Windows\SysWOW64\dhcpcsvc6.dll - ok
19:02:11.0735 4592 [ 29409ED7400CA5BCCC30C0EE5147A60D ] C:\Windows\System32\bitsperf.dll
19:02:11.0735 4592 C:\Windows\System32\bitsperf.dll - ok
19:02:11.0751 4592 [ D9431DCF90B0253773F51FDEFE7FD42F ] C:\Windows\System32\bitsigd.dll
19:02:11.0751 4592 C:\Windows\System32\bitsigd.dll - ok
19:02:11.0751 4592 [ 0ADC83218B66A6DB380C330836F3E36D ] C:\Windows\System32\drivers\fastfat.sys
19:02:11.0751 4592 C:\Windows\System32\drivers\fastfat.sys - ok
19:02:11.0751 4592 [ AFA79C343F9D1555F7E5D5FA70BB2A14 ] C:\Windows\System32\PortableDeviceConnectApi.dll
19:02:11.0751 4592 C:\Windows\System32\PortableDeviceConnectApi.dll - ok
19:02:11.0751 4592 [ 96DB78C9C50CEED9DA5050EFFEE272A2 ] C:\Windows\System32\upnp.dll
19:02:11.0751 4592 C:\Windows\System32\upnp.dll - ok
19:02:11.0751 4592 [ E1B22739C933BE33F53DB58C5393ADD3 ] C:\Windows\System32\Apphlpdm.dll
19:02:11.0751 4592 C:\Windows\System32\Apphlpdm.dll - ok
19:02:11.0766 4592 [ BF4AC709BE5BF64F331F5D67773A0C82 ] C:\Windows\System32\perftrack.dll
19:02:11.0766 4592 C:\Windows\System32\perftrack.dll - ok
19:02:11.0766 4592 [ 9719E3D834F5C8C43F56A93DFA497023 ] C:\Windows\System32\pnpts.dll
19:02:11.0766 4592 C:\Windows\System32\pnpts.dll - ok
19:02:11.0766 4592 [ E811F8510B133E70CF6E509FB809824F ] C:\Windows\System32\wdiasqmmodule.dll
19:02:11.0766 4592 C:\Windows\System32\wdiasqmmodule.dll - ok
19:02:11.0766 4592 [ 9689A9C7F7C2A1A423CDA2C3B43FFF65 ] C:\Windows\System32\wer.dll
19:02:11.0766 4592 C:\Windows\System32\wer.dll - ok
19:02:11.0766 4592 [ DDA4CAF29D8C0A297F886BFE561E6659 ] C:\Windows\System32\drivers\WUDFRd.sys
19:02:11.0766 4592 C:\Windows\System32\drivers\WUDFRd.sys - ok
19:02:11.0782 4592 [ 8ABFE00F213F2571498F1B8FD7939A98 ] C:\Windows\System32\WUDFHost.exe
19:02:11.0782 4592 C:\Windows\System32\WUDFHost.exe - ok
19:02:11.0782 4592 [ 06513E2CEF835DE27F59D6AE148DFC61 ] D:\Programs\Comodo\COMODO Internet Security\cmdavcen.dll
19:02:11.0782 4592 D:\Programs\Comodo\COMODO Internet Security\cmdavcen.dll - ok
19:02:11.0782 4592 [ 25AE683DCB4AE7E6F1B193A0CB9DB35F ] C:\Windows\System32\WUDFx.dll
19:02:11.0782 4592 C:\Windows\System32\WUDFx.dll - ok
19:02:11.0782 4592 [ 91D6F0AB79AA36FFB932157865206F35 ] C:\Windows\System32\drivers\UMDF\WpdFs.dll
19:02:11.0782 4592 C:\Windows\System32\drivers\UMDF\WpdFs.dll - ok
19:02:11.0782 4592 [ 2B4897F6BBC970944BD8C27334761AAE ] D:\Programs\Comodo\COMODO Internet Security\cmdboost.dll
19:02:11.0782 4592 D:\Programs\Comodo\COMODO Internet Security\cmdboost.dll - ok
19:02:11.0797 4592 [ 9864D52F15AD32094A636C6B5281D9E7 ] C:\Windows\System32\WMVCORE.DLL
19:02:11.0797 4592 C:\Windows\System32\WMVCORE.DLL - ok
19:02:11.0797 4592 [ AACC48FE239F0DF126DA2F28930A5B83 ] C:\Windows\System32\WMASF.DLL
19:02:11.0797 4592 C:\Windows\System32\WMASF.DLL - ok
19:02:11.0797 4592 [ 389CA818132C1D7DCF0C791E8D9035DE ] C:\Windows\System32\PortableDeviceClassExtension.dll
19:02:11.0797 4592 C:\Windows\System32\PortableDeviceClassExtension.dll - ok
19:02:11.0797 4592 [ 4F3CD1C59EA71401E155C432BCECE180 ] C:\Windows\System32\PortableDeviceTypes.dll
19:02:11.0797 4592 C:\Windows\System32\PortableDeviceTypes.dll - ok
19:02:11.0797 4592 [ AC5DF873913B00E554D8F553459BC431 ] C:\Windows\System32\qmgrprxy.dll
19:02:11.0797 4592 C:\Windows\System32\qmgrprxy.dll - ok
19:02:11.0813 4592 [ 85B45B4B285B159ACDB355FC8C1E8925 ] C:\Windows\SysWOW64\qmgrprxy.dll
19:02:11.0813 4592 C:\Windows\SysWOW64\qmgrprxy.dll - ok
19:02:11.0813 4592 [ 210FCACAF902B2CD47CF9FD17D846146 ] C:\Windows\System32\aeevts.dll
19:02:11.0813 4592 C:\Windows\System32\aeevts.dll - ok
19:02:11.0813 4592 [ 58A0CDABEA255616827B1C22C9994466 ] C:\Windows\System32\NapiNSP.dll
19:02:11.0813 4592 C:\Windows\System32\NapiNSP.dll - ok
19:02:11.0813 4592 [ 613C8CE10A5FDE582BA5FA64C4D56AAA ] C:\Windows\System32\pnrpnsp.dll
19:02:11.0813 4592 C:\Windows\System32\pnrpnsp.dll - ok
19:02:11.0829 4592 [ 2E2072EB48238FCA8FBB7A9F5FABAC45 ] C:\Windows\System32\winrnr.dll
19:02:11.0829 4592 C:\Windows\System32\winrnr.dll - ok
19:02:11.0829 4592 [ 88F59757EFA13E29EA5F5B66D2FA2A86 ] D:\Programs\Comodo\COMODO Internet Security\cmdtrust.dll
19:02:11.0829 4592 D:\Programs\Comodo\COMODO Internet Security\cmdtrust.dll - ok
19:02:11.0829 4592 [ 1C93A7A56A30619D2F9CF26FF0FAC788 ] D:\Programs\Comodo\COMODO Internet Security\cmdcfg.dll
19:02:11.0829 4592 D:\Programs\Comodo\COMODO Internet Security\cmdcfg.dll - ok
19:02:11.0829 4592 [ 5EF56F0CD0DD6068CF49C702E188B54D ] D:\Programs\Comodo\COMODO Internet Security\cmdcloud.dll
19:02:11.0829 4592 D:\Programs\Comodo\COMODO Internet Security\cmdcloud.dll - ok
19:02:11.0829 4592 [ 85B2E6C512242390176D69902FAEC492 ] D:\Programs\Comodo\COMODO Internet Security\cavwp.exe
19:02:11.0829 4592 D:\Programs\Comodo\COMODO Internet Security\cavwp.exe - ok
19:02:11.0844 4592 [ 8E3357C245979BC5A00FBAB3EC9DE58D ] D:\Programs\Comodo\COMODO Internet Security\framework.dll
19:02:11.0844 4592 D:\Programs\Comodo\COMODO Internet Security\framework.dll - ok
19:02:11.0844 4592 [ BF02B868ACA81EEEBDC7C3130E4A690E ] D:\Programs\Comodo\COMODO Internet Security\cavwpps.dll
19:02:11.0844 4592 D:\Programs\Comodo\COMODO Internet Security\cavwpps.dll - ok
19:02:11.0844 4592 [ DC7FD6FE12F9E606A29282106B4B3AD4 ] D:\Programs\Comodo\COMODO Internet Security\platform.dll
19:02:11.0844 4592 D:\Programs\Comodo\COMODO Internet Security\platform.dll - ok
19:02:11.0844 4592 [ 6AB69CE0219F44A0D7641672D3CC1ADA ] D:\Programs\Comodo\COMODO Internet Security\scanners\common.cav
19:02:11.0844 4592 D:\Programs\Comodo\COMODO Internet Security\scanners\common.cav - ok
19:02:11.0844 4592 [ BA8996F7C757E1ADB5AC8FCB8E817F14 ] D:\Programs\Comodo\COMODO Internet Security\signmgr.dll
19:02:11.0844 4592 D:\Programs\Comodo\COMODO Internet Security\signmgr.dll - ok
19:02:11.0860 4592 [ ECCD213F71C3717311644EAA14D4896A ] D:\Programs\Comodo\COMODO Internet Security\scanners\fileid.cav
19:02:11.0860 4592 D:\Programs\Comodo\COMODO Internet Security\scanners\fileid.cav - ok
19:02:11.0860 4592 [ 9D1F0290AB8B0865E8F51513265526D3 ] D:\Programs\Comodo\COMODO Internet Security\scanners\pkann.dll
19:02:11.0860 4592 D:\Programs\Comodo\COMODO Internet Security\scanners\pkann.dll - ok
19:02:11.0860 4592 [ E30A848814C3FDF577C2788285480C10 ] D:\Programs\Comodo\COMODO Internet Security\scanners\mach32.dll
19:02:11.0860 4592 D:\Programs\Comodo\COMODO Internet Security\scanners\mach32.dll - ok
19:02:11.0860 4592 [ D69B60F786292FE40D2D4C4D358EBFA4 ] D:\Programs\Comodo\COMODO Internet Security\scanners\dosmz.cav
19:02:11.0860 4592 D:\Programs\Comodo\COMODO Internet Security\scanners\dosmz.cav - ok
19:02:11.0875 4592 [ E26452467CEF0CA422F843E5D4BF9C51 ] D:\Programs\Comodo\COMODO Internet Security\scanners\pe.cav
19:02:11.0875 4592 D:\Programs\Comodo\COMODO Internet Security\scanners\pe.cav - ok
19:02:11.0875 4592 [ 376CD3D55EBA78FD6E328A9E9BE79130 ] D:\Programs\Comodo\COMODO Internet Security\scanners\pe32.cav
19:02:11.0875 4592 D:\Programs\Comodo\COMODO Internet Security\scanners\pe32.cav - ok
19:02:11.0875 4592 [ DA5F904B6F2F9356CE87FAA1A217F6C1 ] D:\Programs\Comodo\COMODO Internet Security\scanners\script.cav
19:02:11.0875 4592 D:\Programs\Comodo\COMODO Internet Security\scanners\script.cav - ok
19:02:11.0875 4592 [ 5B70BA0517DCFEFBD86C8D3C120A179D ] D:\Programs\Comodo\COMODO Internet Security\scanners\heur.cav
19:02:11.0875 4592 D:\Programs\Comodo\COMODO Internet Security\scanners\heur.cav - ok
19:02:11.0875 4592 [ 68E73F511F6E4B12D6A2FB685A40D2C8 ] D:\Programs\Comodo\COMODO Internet Security\scanners\white.cav
19:02:11.0875 4592 D:\Programs\Comodo\COMODO Internet Security\scanners\white.cav - ok
19:02:11.0891 4592 [ 2659172BAB892F524B68FA8405996D34 ] D:\Programs\Comodo\COMODO Internet Security\scanners\mem.cav
19:02:11.0891 4592 D:\Programs\Comodo\COMODO Internet Security\scanners\mem.cav - ok
19:02:11.0891 4592 [ C24C5830E746F55E618EEE68314F043D ] D:\Programs\Comodo\COMODO Internet Security\scanners\unpack.cav
19:02:11.0891 4592 D:\Programs\Comodo\COMODO Internet Security\scanners\unpack.cav - ok
19:02:11.0891 4592 [ 29FA029BB1A52122E5BB31ACEF5A45F2 ] D:\Programs\Comodo\COMODO Internet Security\scanners\dunpack.cav
19:02:11.0891 4592 D:\Programs\Comodo\COMODO Internet Security\scanners\dunpack.cav - ok
19:02:11.0891 4592 [ F6A13BAC5AFE9BF536956301844EF9FF ] D:\Programs\Comodo\COMODO Internet Security\scanners\unarch.cav
19:02:11.0891 4592 D:\Programs\Comodo\COMODO Internet Security\scanners\unarch.cav - ok
19:02:11.0891 4592 [ E826D80E11118614472814ACDA0FA79E ] D:\Programs\Comodo\COMODO Internet Security\scanners\gunpack.cav
19:02:11.0891 4592 D:\Programs\Comodo\COMODO Internet Security\scanners\gunpack.cav - ok
19:02:11.0907 4592 [ 75F167CB0B3BA04F23CBAB7DDAC562E7 ] D:\Programs\Comodo\COMODO Internet Security\scanners\extra.cav
19:02:11.0907 4592 D:\Programs\Comodo\COMODO Internet Security\scanners\extra.cav - ok
19:02:11.0907 4592 [ 786A59CDF72E85B6F0955A8468856AA3 ] D:\Programs\Comodo\COMODO Internet Security\scanners\scrtemu.cav
19:02:11.0907 4592 D:\Programs\Comodo\COMODO Internet Security\scanners\scrtemu.cav - ok
19:02:11.0907 4592 [ E031F425F520B699C67595C4D734E27C ] D:\Programs\Comodo\COMODO Internet Security\scanners\smart.cav
19:02:11.0907 4592 D:\Programs\Comodo\COMODO Internet Security\scanners\smart.cav - ok
19:02:11.0907 4592 [ FF4232A1A64012BAA1FD97C7B67DF593 ] C:\Windows\System32\drivers\udfs.sys
19:02:11.0907 4592 C:\Windows\System32\drivers\udfs.sys - ok
19:02:11.0922 4592 [ 8269210DAF3B12BC8300631B28A2A442 ] C:\Windows\System32\wiarpc.dll
19:02:11.0922 4592 C:\Windows\System32\wiarpc.dll - ok
19:02:11.0922 4592 [ 639774C9ACD063F028F6084ABF5593AD ] C:\Windows\System32\taskhost.exe
19:02:11.0922 4592 C:\Windows\System32\taskhost.exe - ok
19:02:11.0922 4592 [ E629F1A051C82795DDFFD3E8D4855811 ] C:\Windows\System32\dimsjob.dll
19:02:11.0922 4592 C:\Windows\System32\dimsjob.dll - ok
19:02:11.0922 4592 [ 94DFBB481BF51158B216E23C5C1C9D6E ] C:\Windows\System32\certcli.dll
19:02:11.0922 4592 C:\Windows\System32\certcli.dll - ok
19:02:11.0922 4592 [ 263B26106606A010CF877472B535E4BB ] C:\Windows\System32\CertEnroll.dll
19:02:11.0922 4592 C:\Windows\System32\CertEnroll.dll - ok
19:02:11.0938 4592 [ 35CB97CBC3EDC463418ED4997AAB29B6 ] C:\Windows\System32\pautoenr.dll
19:02:11.0938 4592 C:\Windows\System32\pautoenr.dll - ok
19:02:11.0938 4592 [ A8EDB86FC2A4D6D1285E4C70384AC35A ] C:\Windows\System32\dllhost.exe
19:02:11.0938 4592 C:\Windows\System32\dllhost.exe - ok
19:02:11.0938 4592 [ A0A2C1D812C231C9BFE119FDC68E341B ] C:\Windows\System32\IDStore.dll
19:02:11.0938 4592 C:\Windows\System32\IDStore.dll - ok
19:02:11.0938 4592 [ F17E6B94BD68109FA517F8C8D9C7092D ] C:\Program Files\HitmanPro\HitmanPro.exe
19:02:11.0938 4592 C:\Program Files\HitmanPro\HitmanPro.exe - ok
19:02:11.0938 4592 [ BAFE84E637BF7388C96EF48D4D3FDD53 ] C:\Windows\System32\userinit.exe
19:02:11.0938 4592 C:\Windows\System32\userinit.exe - ok
19:02:11.0953 4592 [ 1F1CA9E99DD5BF918BE0BF30B5A42FDA ] C:\Windows\System32\MsCtfMonitor.dll
19:02:11.0953 4592 C:\Windows\System32\MsCtfMonitor.dll - ok
19:02:11.0953 4592 [ F09A9A1AD21FE618C4C8B0A0D830C886 ] C:\Windows\System32\msutb.dll
19:02:11.0953 4592 C:\Windows\System32\msutb.dll - ok
19:02:11.0953 4592 [ 65EA57712340C09B1B0C427B4848AE05 ] C:\Windows\System32\taskeng.exe
19:02:11.0953 4592 C:\Windows\System32\taskeng.exe - ok
19:02:11.0953 4592 [ 45CFBFA8EDC3DF4E2B7FB0D0260FE051 ] C:\Windows\System32\localspl.dll
19:02:11.0953 4592 C:\Windows\System32\localspl.dll - ok
19:02:11.0953 4592 [ 19E41CCCEE697CC9465396B370929792 ] C:\Windows\System32\FXSMON.dll
19:02:11.0953 4592 C:\Windows\System32\FXSMON.dll - ok
19:02:11.0953 4592 [ C5AC93CF3BA30D367FB49148A2B673B9 ] C:\Windows\System32\PrintIsolationProxy.dll
19:02:11.0953 4592 C:\Windows\System32\PrintIsolationProxy.dll - ok
19:02:11.0969 4592 [ 3285481F5C12305CA104A6C493CA5A0B ] C:\Windows\System32\spoolss.dll
19:02:11.0969 4592 C:\Windows\System32\spoolss.dll - ok
19:02:11.0969 4592 [ 9BB99503D6A4DD62569EDE9E5E2672A5 ] C:\Windows\System32\HotStartUserAgent.dll
19:02:11.0969 4592 C:\Windows\System32\HotStartUserAgent.dll - ok
19:02:11.0969 4592 [ 94EEAC26F57811BD1AEFC164412F7FCE ] C:\Windows\System32\PlaySndSrv.dll
19:02:11.0969 4592 C:\Windows\System32\PlaySndSrv.dll - ok
19:02:11.0969 4592 [ 93518C6EDE0B61BCBD02BDB02BD05FEE ] C:\Windows\System32\snmpapi.dll
19:02:11.0969 4592 C:\Windows\System32\snmpapi.dll - ok
19:02:11.0985 4592 [ 32A3C8600AF124CBAAD845F13CFAE3CB ] C:\Windows\System32\tcpmon.dll
19:02:11.0985 4592 C:\Windows\System32\tcpmon.dll - ok
19:02:11.0985 4592 [ FFF9D00CF16397C64317F213484F94BD ] C:\Windows\System32\wsnmp32.dll
19:02:11.0985 4592 C:\Windows\System32\wsnmp32.dll - ok
19:02:11.0985 4592 [ DF72A9936D0C3F517083119648814B09 ] C:\Windows\System32\usbmon.dll
19:02:11.0985 4592 C:\Windows\System32\usbmon.dll - ok
19:02:11.0985 4592 [ A1D7E3ADCDB07DDB6F423862DCB1A52B ] C:\Windows\System32\WSDMon.dll
19:02:11.0985 4592 C:\Windows\System32\WSDMon.dll - ok
19:02:11.0985 4592 [ 4BA77A5EF71C14C764B0ED4701683E3E ] C:\Windows\System32\dwmcore.dll
19:02:11.0985 4592 C:\Windows\System32\dwmcore.dll - ok
19:02:12.0000 4592 [ FCFCD1101C5DA23B4B95F93D02B2C169 ] C:\Windows\System32\dwmredir.dll
19:02:12.0000 4592 C:\Windows\System32\dwmredir.dll - ok
19:02:12.0000 4592 [ 4581716B4BF76ACFD8E167EB0B26D82A ] C:\Windows\System32\fdPnp.dll
19:02:12.0000 4592 C:\Windows\System32\fdPnp.dll - ok
19:02:12.0000 4592 [ 1D626FE2E13C1CE49CA0136CFF214E93 ] C:\Windows\System32\spool\prtprocs\x64\winprint.dll
19:02:12.0000 4592 C:\Windows\System32\spool\prtprocs\x64\winprint.dll - ok
19:02:12.0000 4592 [ 0353B239C28B0E9EBC7FA3D1F6181661 ] C:\Windows\System32\win32spl.dll
19:02:12.0000 4592 C:\Windows\System32\win32spl.dll - ok
19:02:12.0000 4592 [ 1BF0CB861A48FEB1638228760750F3CB ] C:\Windows\System32\cscapi.dll
19:02:12.0000 4592 C:\Windows\System32\cscapi.dll - ok
19:02:12.0016 4592 [ E1374D37477322D4956604711008C69D ] C:\Windows\System32\d3d10_1.dll
19:02:12.0016 4592 C:\Windows\System32\d3d10_1.dll - ok
19:02:12.0016 4592 [ 426BA4E737A7988FD1202AF2F2B2F4A6 ] C:\Windows\System32\d3d10_1core.dll
19:02:12.0016 4592 C:\Windows\System32\d3d10_1core.dll - ok
19:02:12.0016 4592 [ F404E59DB6A0F122AB26BF4F3E2FD0FA ] C:\Windows\System32\dxgi.dll
19:02:12.0016 4592 C:\Windows\System32\dxgi.dll - ok
19:02:12.0016 4592 [ 507D5567A0A4EE86C4B0CE2CE1777025 ] C:\Windows\System32\inetpp.dll
19:02:12.0016 4592 C:\Windows\System32\inetpp.dll - ok
19:02:12.0016 4592 [ 332FEAB1435662FC6C672E25BEB37BE3 ] C:\Windows\explorer.exe
19:02:12.0016 4592 C:\Windows\explorer.exe - ok
19:02:12.0031 4592 [ 8696D6FA6F96F34EB9151704ABAF133A ] C:\Windows\System32\aticfx64.dll
19:02:12.0031 4592 C:\Windows\System32\aticfx64.dll - ok
19:02:12.0031 4592 [ FA705724D337C7555FE22C0D4E93F790 ] C:\Windows\System32\atidxx64.dll
19:02:12.0031 4592 C:\Windows\System32\atidxx64.dll - ok
19:02:12.0031 4592 [ 297A16EB62460FF10506539AAC515527 ] C:\Windows\System32\atiuxp64.dll
19:02:12.0031 4592 C:\Windows\System32\atiuxp64.dll - ok
19:02:12.0031 4592 [ 805A52C5AE26C28E88FDD9BCCFE6F312 ] C:\Windows\System32\TSChannel.dll
19:02:12.0031 4592 C:\Windows\System32\TSChannel.dll - ok
19:02:12.0031 4592 [ 506708142BC63DABA64F2D3AD1DCD5BF ] C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
19:02:12.0031 4592 C:\Program Files (x86)\Google\Update\GoogleUpdate.exe - ok
19:02:12.0047 4592 [ EED05D42D91835064703E2318552ED25 ] C:\Windows\System32\ExplorerFrame.dll
19:02:12.0047 4592 C:\Windows\System32\ExplorerFrame.dll - ok
19:02:12.0047 4592 [ 49E5753D923F1AC63B22D3DCB0B47E00 ] C:\Windows\System32\uDWM.dll
19:02:12.0047 4592 C:\Windows\System32\uDWM.dll - ok
19:02:12.0047 4592 [ 5877A3341AA7DF58789294CEBA38AE2B ] C:\Users\GigabitPony\AppData\Roaming\Dropbox\bin\DropboxExt64.17.dll
19:02:12.0047 4592 C:\Users\GigabitPony\AppData\Roaming\Dropbox\bin\DropboxExt64.17.dll - ok
19:02:12.0047 4592 [ 0ABA7E925E54A222331B16BEF25A5958 ] C:\Program Files (x86)\Google\Drive\googledrivesync64.dll
19:02:12.0047 4592 C:\Program Files (x86)\Google\Drive\googledrivesync64.dll - ok
19:02:12.0047 4592 [ 024352FEEC9042260BB4CFB4D79A206B ] C:\Windows\System32\EhStorShell.dll
19:02:12.0047 4592 C:\Windows\System32\EhStorShell.dll - ok
19:02:12.0063 4592 [ 7EE5F17A21D9A9101207DF4BC37B085D ] C:\Windows\System32\cscdll.dll
19:02:12.0063 4592 C:\Windows\System32\cscdll.dll - ok
19:02:12.0063 4592 [ 32802C0F6FC7C8F561B9D91F52A46421 ] C:\Windows\System32\cscui.dll
19:02:12.0063 4592 C:\Windows\System32\cscui.dll - ok
19:02:12.0063 4592 [ 037A719DAD50603202C978CD802623E4 ] C:\Windows\System32\ntshrui.dll
19:02:12.0063 4592 C:\Windows\System32\ntshrui.dll - ok
19:02:12.0063 4592 [ 1D63F4366288B8A7595397E27010FD44 ] C:\Windows\System32\IconCodecService.dll
19:02:12.0063 4592 C:\Windows\System32\IconCodecService.dll - ok
19:02:12.0063 4592 [ 07F7AE68602448F4B6D5A9A40BBA977C ] C:\Program Files (x86)\Google\Update\1.3.21.124\goopdate.dll
19:02:12.0063 4592 C:\Program Files (x86)\Google\Update\1.3.21.124\goopdate.dll - ok
19:02:12.0078 4592 [ 2FCA0D2C59A855C54BAFA22AA329DF0F ] C:\Windows\SysWOW64\netapi32.dll
19:02:12.0078 4592 C:\Windows\SysWOW64\netapi32.dll - ok
19:02:12.0078 4592 [ 20B3934DB73EABA2B49B7177873CB81F ] C:\Windows\SysWOW64\netutils.dll
19:02:12.0078 4592 C:\Windows\SysWOW64\netutils.dll - ok
19:02:12.0078 4592 [ 5CCDCD40E732D54E0F7451AC66AC1C87 ] C:\Windows\SysWOW64\srvcli.dll
19:02:12.0078 4592 C:\Windows\SysWOW64\srvcli.dll - ok
19:02:12.0078 4592 [ E5A4A1326A02F8E7B59E6C3270CE7202 ] C:\Windows\SysWOW64\wkscli.dll
19:02:12.0078 4592 C:\Windows\SysWOW64\wkscli.dll - ok
19:02:12.0078 4592 [ 46863C4CC5B68EB09EA2D5EEF0F1193A ] C:\Windows\System32\radardt.dll
19:02:12.0078 4592 C:\Windows\System32\radardt.dll - ok
19:02:12.0094 4592 [ 025E7DBDB98866ED3CB2D4DDA70B364D ] C:\Windows\System32\runonce.exe
19:02:12.0094 4592 C:\Windows\System32\runonce.exe - ok
19:02:12.0094 4592 [ 465BEA35F7ED4A4A57686DEA7EA10F47 ] C:\Windows\SysWOW64\cscapi.dll
19:02:12.0094 4592 C:\Windows\SysWOW64\cscapi.dll - ok
19:02:12.0094 4592 [ D44741F65A1D71F65814A12CF6E2400A ] C:\Windows\SysWOW64\runonce.exe
19:02:12.0094 4592 C:\Windows\SysWOW64\runonce.exe - ok
19:02:12.0094 4592 [ 53223B673A3FA2F9A4D1C31C8D3F6CD8 ] C:\Windows\SysWOW64\dbghelp.dll
19:02:12.0094 4592 C:\Windows\SysWOW64\dbghelp.dll - ok
19:02:12.0094 4592 [ AE5A69F44C1F97EDC83237FC0B29B6FB ] C:\Program Files (x86)\Google\Update\1.3.21.124\GoogleCrashHandler.exe
19:02:12.0094 4592 C:\Program Files (x86)\Google\Update\1.3.21.124\GoogleCrashHandler.exe - ok
19:02:12.0109 4592 [ 41938F2C1642459CBBA691B5DBD6395A ] C:\Program Files (x86)\Google\Update\1.3.21.124\GoogleCrashHandler64.exe
19:02:12.0109 4592 C:\Program Files (x86)\Google\Update\1.3.21.124\GoogleCrashHandler64.exe - ok
19:02:12.0109 4592 [ C5A99A4C0DC9F0F5A95BA0C83D30A549 ] C:\Windows\SysWOW64\mstask.dll
19:02:12.0109 4592 C:\Windows\SysWOW64\mstask.dll - ok
19:02:12.0109 4592 [ 10FB16B50AFFDA6D44588F3C445DC273 ] C:\Windows\SysWOW64\setupapi.dll
19:02:12.0109 4592 C:\Windows\SysWOW64\setupapi.dll - ok
19:02:12.0109 4592 [ F436E847FA799ECD75AD8C313673F450 ] C:\Windows\SysWOW64\cfgmgr32.dll
19:02:12.0109 4592 C:\Windows\SysWOW64\cfgmgr32.dll - ok
19:02:12.0125 4592 [ 2EEFF4502F5E13B1BED4A04CCAD64C08 ] C:\Windows\SysWOW64\devobj.dll
19:02:12.0125 4592 C:\Windows\SysWOW64\devobj.dll - ok
19:02:12.0125 4592 [ 12C45E3CB6D65F73209549E2D02ECA7A ] C:\Windows\SysWOW64\propsys.dll
19:02:12.0125 4592 C:\Windows\SysWOW64\propsys.dll - ok
19:02:12.0125 4592 [ 5746BD7E255DD6A8AFA06F7C42C1BA41 ] C:\Windows\System32\cmd.exe
19:02:12.0125 4592 C:\Windows\System32\cmd.exe - ok
19:02:12.0125 4592 [ AD7B9C14083B52BC532FBA5948342B98 ] C:\Windows\SysWOW64\cmd.exe
19:02:12.0125 4592 C:\Windows\SysWOW64\cmd.exe - ok
19:02:12.0125 4592 [ 1BCDB508143B517F21BBDAC10F5777BF ] C:\Windows\System32\conhost.exe
19:02:12.0125 4592 C:\Windows\System32\conhost.exe - ok
19:02:12.0141 4592 [ 326C7F76A29897A892AA7726E91C1C67 ] C:\Windows\SysWOW64\winbrand.dll
19:02:12.0141 4592 C:\Windows\SysWOW64\winbrand.dll - ok
19:02:12.0141 4592 [ 5466DCAEF5A648E04D1B6580F2C901B5 ] C:\Windows\SysWOW64\ieframe.dll
19:02:12.0141 4592 C:\Windows\SysWOW64\ieframe.dll - ok
19:02:12.0141 4592 [ BE247AE996A9FDE007A27B51413A6C79 ] C:\Windows\SysWOW64\shdocvw.dll
19:02:12.0141 4592 C:\Windows\SysWOW64\shdocvw.dll - ok
19:02:12.0141 4592 [ EBC984F0CE40E0DAF0454D806EC2A7EC ] C:\Users\GigabitPony\AppData\Local\Temp\9E240E46-6BA8-47FA-8AE4-AE451B8826B7.exe
19:02:12.0141 4592 C:\Users\GigabitPony\AppData\Local\Temp\9E240E46-6BA8-47FA-8AE4-AE451B8826B7.exe - ok
19:02:12.0141 4592 [ CE71B9119A258EDD0A05B37D7B0F92E3 ] C:\Windows\SysWOW64\bcrypt.dll
19:02:12.0141 4592 C:\Windows\SysWOW64\bcrypt.dll - ok
19:02:12.0156 4592 [ BF6D6ED5FADCEEE885BD0144ECF1BA27 ] C:\Windows\SysWOW64\ncrypt.dll
19:02:12.0156 4592 C:\Windows\SysWOW64\ncrypt.dll - ok
19:02:12.0156 4592 [ E8449FE262D7406BCB2AC2A45C53EC5F ] C:\Windows\SysWOW64\bcryptprimitives.dll
19:02:12.0156 4592 C:\Windows\SysWOW64\bcryptprimitives.dll - ok
19:02:12.0156 4592 [ 1097F3035BAF46CED8B332B3564C5108 ] C:\Windows\SysWOW64\gpapi.dll
19:02:12.0156 4592 C:\Windows\SysWOW64\gpapi.dll - ok
19:02:12.0156 4592 [ 7A6986DD659B96398A11AF5173892715 ] C:\Windows\SysWOW64\cabinet.dll
19:02:12.0156 4592 C:\Windows\SysWOW64\cabinet.dll - ok
19:02:12.0156 4592 [ D5FB8F0882BA6D21D5842C89AA72AC72 ] C:\Windows\SysWOW64\certsentry.dll
19:02:12.0156 4592 C:\Windows\SysWOW64\certsentry.dll - ok
19:02:12.0172 4592 [ CA79539D3D4C0BA66F0F051A5EE5E923 ] C:\Windows\SysWOW64\cryptnet.dll
19:02:12.0172 4592 C:\Windows\SysWOW64\cryptnet.dll - ok
19:02:12.0172 4592 [ 28CA821606669BB9215CE010767720FA ] C:\Windows\SysWOW64\cryptui.dll
19:02:12.0172 4592 C:\Windows\SysWOW64\cryptui.dll - ok
19:02:12.0172 4592 [ 1DB71A41DAEE6B3F8CD0DDA8209FA2D5 ] C:\Windows\SysWOW64\WindowsCodecs.dll
19:02:12.0172 4592 C:\Windows\SysWOW64\WindowsCodecs.dll - ok
19:02:12.0172 4592 [ 846D0E4DB261CFAF363902E41498E961 ] C:\Windows\SysWOW64\EhStorShell.dll
19:02:12.0172 4592 C:\Windows\SysWOW64\EhStorShell.dll - ok
19:02:12.0172 4592 [ 03F3B770DFBED6131653CEDA8CA780F0 ] C:\Windows\SysWOW64\ntshrui.dll
19:02:12.0172 4592 C:\Windows\SysWOW64\ntshrui.dll - ok
19:02:12.0187 4592 [ 827CB0D6C3F8057EA037FF271F8E9795 ] C:\Windows\SysWOW64\imageres.dll
19:02:12.0187 4592 C:\Windows\SysWOW64\imageres.dll - ok
19:02:12.0187 4592 [ 8B74CEC6980D4816B0037AE9A27E538F ] C:\Windows\SysWOW64\slc.dll
19:02:12.0187 4592 C:\Windows\SysWOW64\slc.dll - ok
19:02:12.0187 4592 [ 162D247E995EAEBF3EF4289069E1111C ] C:\Windows\SysWOW64\devrtl.dll
19:02:12.0187 4592 C:\Windows\SysWOW64\devrtl.dll - ok
19:02:12.0187 4592 [ 40CAEEE0EAF1B8569F7C8DF6420F2CB9 ] C:\Windows\SysWOW64\sfc.dll
19:02:12.0187 4592 C:\Windows\SysWOW64\sfc.dll - ok
19:02:12.0187 4592 [ 84799328D87B3091A3BDD251E1AD31F9 ] C:\Windows\SysWOW64\sfc_os.dll
19:02:12.0187 4592 C:\Windows\SysWOW64\sfc_os.dll - ok
19:02:12.0203 4592 [ E19AD0D49BFF5938B3E374873AC174DE ] C:\Windows\System32\wmploc.DLL
19:02:12.0203 4592 C:\Windows\System32\wmploc.DLL - ok
19:02:12.0203 4592 [ 2C647ABE9A424E55B5F3DAE4629B4277 ] C:\Windows\System32\themeui.dll
19:02:12.0203 4592 C:\Windows\System32\themeui.dll - ok
19:02:12.0203 4592 [ B519848DFA30AE2B306576B51321D102 ] C:\Windows\System32\ie4uinit.exe
19:02:12.0203 4592 C:\Windows\System32\ie4uinit.exe - ok
19:02:12.0203 4592 [ C3E98C42EDF7EF237A4BAB91FEAC7426 ] C:\Windows\System32\iedkcs32.dll
19:02:12.0203 4592 C:\Windows\System32\iedkcs32.dll - ok
19:02:12.0203 4592 [ FB10715E4099AF9FA389C71873245226 ] C:\Windows\System32\timedate.cpl
19:02:12.0203 4592 C:\Windows\System32\timedate.cpl - ok
19:02:12.0219 4592 [ 4E5FE39C1076D115EC8BFCFE14D75B80 ] C:\Windows\SysWOW64\credssp.dll
19:02:12.0219 4592 C:\Windows\SysWOW64\credssp.dll - ok
19:02:12.0219 4592 [ E6F0F82788E8BD0F7A616350EFA0761C ] C:\Windows\System32\actxprxy.dll
19:02:12.0219 4592 C:\Windows\System32\actxprxy.dll - ok
19:02:12.0219 4592 [ C4F40F6CACD796A8E16671D0E9A2F319 ] C:\Windows\System32\shdocvw.dll
19:02:12.0219 4592 C:\Windows\System32\shdocvw.dll - ok
19:02:12.0219 4592 [ A0A65D306A5490D2EB8E7DE66898ECFD ] C:\Windows\System32\linkinfo.dll
19:02:12.0219 4592 C:\Windows\System32\linkinfo.dll - ok
19:02:12.0219 4592 [ 1EAC1A8CA6874BF5B15E2EFB9A9A7B86 ] C:\Windows\System32\msftedit.dll
19:02:12.0219 4592 C:\Windows\System32\msftedit.dll - ok
19:02:12.0234 4592 [ 7DBA84667DC18877AEF693E3543DFAD7 ] C:\Program Files\Common Files\Microsoft Shared\ink\tiptsf.dll
19:02:12.0234 4592 C:\Program Files\Common Files\Microsoft Shared\ink\tiptsf.dll - ok
19:02:12.0234 4592 [ 7FCAB194F01E3403C300EB034E480B36 ] C:\Windows\System32\msls31.dll
19:02:12.0234 4592 C:\Windows\System32\msls31.dll - ok
19:02:12.0234 4592 [ 2BCBA6052374959A30BD7948444DBB79 ] C:\Windows\System32\gameux.dll
19:02:12.0234 4592 C:\Windows\System32\gameux.dll - ok
19:02:12.0234 4592 [ 55E3F3437825DE824EFDD1B0615E250A ] D:\Programs\Comodo\COMODO Internet Security\CisTray.exe
19:02:12.0234 4592 D:\Programs\Comodo\COMODO Internet Security\CisTray.exe - ok
19:02:12.0234 4592 [ 405F4D32D2185F1F1BD753D8EEAFFB3A ] C:\Windows\System32\networkexplorer.dll
19:02:12.0234 4592 C:\Windows\System32\networkexplorer.dll - ok
19:02:12.0250 4592 [ 24F4B480F335A6C724AF352253C5D98B ] C:\Windows\System32\thumbcache.dll
19:02:12.0250 4592 C:\Windows\System32\thumbcache.dll - ok
19:02:12.0250 4592 [ 430FEA290AC80AB313D54AC5718219FB ] C:\Program Files\Logitech Gaming Software\LCore.exe
19:02:12.0250 4592 C:\Program Files\Logitech Gaming Software\LCore.exe - ok
19:02:12.0250 4592 [ 30D6A79E398CB16AA8FB8287FB69DC06 ] D:\Programs\Comodo\COMODO Internet Security\cmdcomps.dll
19:02:12.0250 4592 D:\Programs\Comodo\COMODO Internet Security\cmdcomps.dll - ok
19:02:12.0250 4592 [ 0B5511674394666E9D221F8681B2C2E6 ] C:\Windows\System32\consent.exe
19:02:12.0250 4592 C:\Windows\System32\consent.exe - ok
19:02:12.0250 4592 [ 4B2F2B283B33B74CFEEA0A31D95153D0 ] C:\Windows\System32\certsentry.dll
19:02:12.0250 4592 C:\Windows\System32\certsentry.dll - ok
19:02:12.0265 4592 [ FA43D418BC945D27D0625B697B8442B5 ] C:\Windows\System32\cabinet.dll
19:02:12.0265 4592 C:\Windows\System32\cabinet.dll - ok
19:02:12.0265 4592 [ E424B3EF666B184CEE0B6871AAA8C9F6 ] C:\Windows\System32\msimg32.dll
19:02:12.0265 4592 C:\Windows\System32\msimg32.dll - ok
19:02:12.0265 4592 [ B837D1528CE2E3CB79F09496BC08DDC6 ] C:\Windows\System32\SensApi.dll
19:02:12.0265 4592 C:\Windows\System32\SensApi.dll - ok
19:02:12.0265 4592 [ C1D0691BE5DDB0C230D8370BD96BBE8B ] C:\Program Files\Internet Explorer\ieproxy.dll
19:02:12.0265 4592 C:\Program Files\Internet Explorer\ieproxy.dll - ok
19:02:12.0265 4592 [ D5845226D50F3842122BC4F391668E3A ] C:\Program Files\Logitech Gaming Software\QtCore4.dll
19:02:12.0265 4592 C:\Program Files\Logitech Gaming Software\QtCore4.dll - ok
19:02:12.0281 4592 [ DDD10047BF0E5C3C21A60B5A6F58D06B ] C:\Program Files\Logitech Gaming Software\QtGui4.dll
19:02:12.0281 4592 C:\Program Files\Logitech Gaming Software\QtGui4.dll - ok
19:02:12.0281 4592 [ F146E2BA475893DD77B2370DC1211FC6 ] C:\Windows\System32\drivers\28696308.sys
19:02:12.0281 4592 C:\Windows\System32\drivers\28696308.sys - ok
19:02:12.0281 4592 [ ECE9413226D1C6778A9EE4DFC199C1D4 ] C:\Program Files (x86)\Google\Drive\googledrivesync.exe
19:02:12.0281 4592 C:\Program Files (x86)\Google\Drive\googledrivesync.exe - ok
19:02:12.0281 4592 [ D80CF8842ADF3EBF897204E7E537347E ] C:\Program Files\Logitech Gaming Software\QtXml4.dll
19:02:12.0281 4592 C:\Program Files\Logitech Gaming Software\QtXml4.dll - ok
19:02:12.0297 4592 [ 102CF6879887BBE846A00C459E6D4ABC ] C:\Windows\SysWOW64\riched20.dll
19:02:12.0297 4592 C:\Windows\SysWOW64\riched20.dll - ok
19:02:12.0297 4592 [ 484DFA779B9BA15F69E4432144B04F8D ] C:\Program Files\Logitech Gaming Software\QtNetwork4.dll
19:02:12.0297 4592 C:\Program Files\Logitech Gaming Software\QtNetwork4.dll - ok
19:02:12.0297 4592 [ E2A17BCC08D92F42E08AF6BA2F93ABA7 ] C:\Windows\SysWOW64\ExplorerFrame.dll
19:02:12.0297 4592 C:\Windows\SysWOW64\ExplorerFrame.dll - ok
19:02:12.0297 4592 [ 63056E0A1732E019F12B4ACCCA8BA0BE ] C:\Program Files\Logitech Gaming Software\QtScript4.dll
19:02:12.0297 4592 C:\Program Files\Logitech Gaming Software\QtScript4.dll - ok
19:02:12.0297 4592 [ 6E1F8165C365D35C8E3C045AF0CDD481 ] C:\Windows\SysWOW64\duser.dll
19:02:12.0297 4592 C:\Windows\SysWOW64\duser.dll - ok
19:02:12.0312 4592 [ EE06B85BC69F18826302348A2AD089E0 ] C:\Windows\SysWOW64\dui70.dll
19:02:12.0312 4592 C:\Windows\SysWOW64\dui70.dll - ok
19:02:12.0312 4592 [ 1406C921F0697B61FA1799AA6959D93F ] C:\Program Files\Logitech Gaming Software\QtHelp4.dll
19:02:12.0312 4592 C:\Program Files\Logitech Gaming Software\QtHelp4.dll - ok
19:02:12.0312 4592 [ B83E9EECB6A07483303CD9E53D04A90A ] C:\Program Files\Logitech Gaming Software\QtSql4.dll
19:02:12.0312 4592 C:\Program Files\Logitech Gaming Software\QtSql4.dll - ok
19:02:12.0312 4592 [ 3819AD4329303EAC88480CA16A650735 ] C:\Windows\System32\UIAnimation.dll
19:02:12.0312 4592 C:\Windows\System32\UIAnimation.dll - ok
19:02:12.0312 4592 [ DA8714A83ED94058CE0F766D2D029037 ] C:\Program Files\Logitech Gaming Software\QtCLucene4.dll
19:02:12.0312 4592 C:\Program Files\Logitech Gaming Software\QtCLucene4.dll - ok
19:02:12.0328 4592 [ 383CA6882A729B1404C553C3D4FC8BCE ] C:\Program Files\Logitech Gaming Software\QtOpenGL4.dll
19:02:12.0328 4592 C:\Program Files\Logitech Gaming Software\QtOpenGL4.dll - ok
19:02:12.0328 4592 [ F2967C0A97C0EA67D79D7F557213950D ] C:\Windows\System32\glu32.dll
19:02:12.0328 4592 C:\Windows\System32\glu32.dll - ok
19:02:12.0328 4592 [ 585FED4CDB8034B8B58AEB8008255817 ] C:\Windows\System32\opengl32.dll
19:02:12.0328 4592 C:\Windows\System32\opengl32.dll - ok
19:02:12.0328 4592 [ B4C31E1170234C2306ECD92160A33E8D ] C:\Windows\System32\atig6pxx.dll
19:02:12.0328 4592 C:\Windows\System32\atig6pxx.dll - ok
19:02:12.0328 4592 [ 29C22748937F45C26590909E9F8E7137 ] C:\Windows\System32\dciman32.dll
19:02:12.0328 4592 C:\Windows\System32\dciman32.dll - ok
19:02:12.0343 4592 [ A6C09924C6730DE8DEED9890A12AA691 ] C:\Windows\System32\ddraw.dll
19:02:12.0343 4592 C:\Windows\System32\ddraw.dll - ok
19:02:12.0343 4592 [ 92EF4DE858702680A8BB35DB28271632 ] C:\Windows\System32\atio6axx.dll
19:02:12.0343 4592 C:\Windows\System32\atio6axx.dll - ok
19:02:12.0343 4592 [ 35BC75B71062D3B97BFC43FD356BC0F7 ] D:\Programs\Skype\Phone\Skype.exe
19:02:12.0343 4592 D:\Programs\Skype\Phone\Skype.exe - ok
19:02:12.0343 4592 [ F635A17E3501629A870E4F40759491B0 ] C:\Program Files (x86)\Comodo\GeekBuddy\launcher.exe
19:02:12.0343 4592 C:\Program Files (x86)\Comodo\GeekBuddy\launcher.exe - ok
19:02:12.0343 4592 [ 7E88404F838D7E99727C2741D3990A46 ] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe
19:02:12.0343 4592 C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe - ok
19:02:12.0359 4592 [ 12916E0642E92561C98B18A2A2D01B14 ] C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
19:02:12.0359 4592 C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe - ok
19:02:12.0359 4592 [ FA87C6A22F3339B9EDC2F2079BC1E996 ] C:\Program Files (x86)\Microsoft LifeCam\LifeExp.exe
19:02:12.0359 4592 C:\Program Files (x86)\Microsoft LifeCam\LifeExp.exe - ok
19:02:12.0359 4592 [ E5CC42D5D8AB979BEFE132A9741E8F59 ] C:\Windows\SysWOW64\atiadlxy.dll
19:02:12.0359 4592 C:\Windows\SysWOW64\atiadlxy.dll - ok
19:02:12.0359 4592 [ B75659978C81E0E41732A4AF3042934E ] C:\Program Files (x86)\Comodo\GeekBuddy\unit_manager.exe
19:02:12.0359 4592 C:\Program Files (x86)\Comodo\GeekBuddy\unit_manager.exe - ok
19:02:12.0375 4592 [ DF13A51A5C591887D2EC6AE64CEED0FA ] C:\Windows\SysWOW64\wsock32.dll
19:02:12.0375 4592 C:\Windows\SysWOW64\wsock32.dll - ok
19:02:12.0375 4592 [ DB001FAEA818AE2E14A74E0ADC530FC0 ] C:\Windows\winsxs\x86_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.4940_none_50916076bcb9a742\msvcp90.dll
19:02:12.0375 4592 C:\Windows\winsxs\x86_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.4940_none_50916076bcb9a742\msvcp90.dll - ok
19:02:12.0375 4592 [ B3892E6DA8E2C8CE4B0A9D3EB9A185E5 ] C:\Windows\winsxs\x86_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.4940_none_50916076bcb9a742\msvcr90.dll
19:02:12.0375 4592 C:\Windows\winsxs\x86_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.4940_none_50916076bcb9a742\msvcr90.dll - ok
19:02:12.0375 4592 [ 55DBF26754A830C5049B223C23704F15 ] C:\Program Files (x86)\Comodo\GeekBuddy\unity_core.dll
19:02:12.0375 4592 C:\Program Files (x86)\Comodo\GeekBuddy\unity_core.dll - ok
19:02:12.0375 4592 [ 2F217FCD60307107E5E45F8029E5FA31 ] C:\Program Files (x86)\Comodo\GeekBuddy\QtNetwork4.dll
19:02:12.0375 4592 C:\Program Files (x86)\Comodo\GeekBuddy\QtNetwork4.dll - ok
19:02:12.0390 4592 [ 92BC1713396A7E5CA9ADEFF673ACE8AD ] C:\Windows\System32\atig6txx.dll
19:02:12.0390 4592 C:\Windows\System32\atig6txx.dll - ok
19:02:12.0390 4592 [ 8F75D0D3E81E3C040757F515777808BC ] C:\Program Files (x86)\Comodo\GeekBuddy\QtCore4.dll
19:02:12.0390 4592 C:\Program Files (x86)\Comodo\GeekBuddy\QtCore4.dll - ok
19:02:12.0390 4592 [ 1E09DFA4048196C9D3CC40C485A39422 ] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
19:02:12.0390 4592 C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe - ok
19:02:12.0390 4592 [ E5DF673F6EFD01D90592AC3804BAB169 ] C:\Program Files (x86)\Comodo\GeekBuddy\web-client.dll
19:02:12.0390 4592 C:\Program Files (x86)\Comodo\GeekBuddy\web-client.dll - ok
19:02:12.0390 4592 [ A08C010D859F8EB42BDD7E1D55B8CA27 ] C:\Windows\System32\mscoree.dll
19:02:12.0390 4592 C:\Windows\System32\mscoree.dll - ok
19:02:12.0406 4592 [ AA794B099F776B37ACCDEAD00E0FBFC9 ] C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscoreei.dll
19:02:12.0406 4592 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscoreei.dll - ok
19:02:12.0406 4592 [ 30F3D3E322C5339004415D7BC8BF246E ] C:\Users\GIGABI~1\AppData\Local\Temp\_MEI31882\python26.dll
19:02:12.0406 4592 C:\Users\GIGABI~1\AppData\Local\Temp\_MEI31882\python26.dll - ok
19:02:12.0406 4592 [ 526D928D13E0E141C01BA3799FD8338B ] C:\Users\GIGABI~1\AppData\Local\Temp\_MEI31882\win32api.pyd
19:02:12.0406 4592 C:\Users\GIGABI~1\AppData\Local\Temp\_MEI31882\win32api.pyd - ok
19:02:12.0406 4592 [ 08DFDBD2FD4EA951DC46B1C7661ED35A ] C:\Windows\SysWOW64\powrprof.dll
19:02:12.0406 4592 C:\Windows\SysWOW64\powrprof.dll - ok
19:02:12.0421 4592 [ 3E3034604BB04CB7F21DC0604ED2AF3D ] C:\Program Files\Logitech Gaming Software\imageformats\qjpeg4.dll
19:02:12.0421 4592 C:\Program Files\Logitech Gaming Software\imageformats\qjpeg4.dll - ok
19:02:12.0421 4592 [ ABC5DCAC962AE8AF7AF214DD0D6D4FF6 ] C:\Users\GIGABI~1\AppData\Local\Temp\_MEI31882\PyWinTypes26.dll
19:02:12.0421 4592 C:\Users\GIGABI~1\AppData\Local\Temp\_MEI31882\PyWinTypes26.dll - ok
19:02:12.0421 4592 [ 3DBEAEE8645FAF1232CE464C2CAC12EF ] C:\Windows\Microsoft.NET\Framework64\v4.0.30319\clr.dll
19:02:12.0421 4592 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\clr.dll - ok
19:02:12.0421 4592 [ 65EE7A7C20134DED91485AEF23C882D4 ] C:\Users\GIGABI~1\AppData\Local\Temp\_MEI31882\pythoncom26.dll
19:02:12.0421 4592 C:\Users\GIGABI~1\AppData\Local\Temp\_MEI31882\pythoncom26.dll - ok
19:02:12.0421 4592 [ A78890BF2712D6E472788711FB60113B ] C:\Users\GIGABI~1\AppData\Local\Temp\_MEI31882\win32com.shell.shell.pyd
19:02:12.0421 4592 C:\Users\GIGABI~1\AppData\Local\Temp\_MEI31882\win32com.shell.shell.pyd - ok
19:02:12.0437 4592 [ 2931B1A98FA187834F7E39A598B947E1 ] C:\Users\GIGABI~1\AppData\Local\Temp\_MEI31882\_socket.pyd
19:02:12.0437 4592 C:\Users\GIGABI~1\AppData\Local\Temp\_MEI31882\_socket.pyd - ok
19:02:12.0437 4592 [ 234CF1A2306CD5645011A298F0D3584A ] C:\Users\GIGABI~1\AppData\Local\Temp\_MEI31882\_ssl.pyd
19:02:12.0437 4592 C:\Users\GIGABI~1\AppData\Local\Temp\_MEI31882\_ssl.pyd - ok
19:02:12.0437 4592 [ 94B29CE153765E768F004FB3440BE2B0 ] C:\Windows\System32\drivers\LGVirHid.sys
19:02:12.0437 4592 C:\Windows\System32\drivers\LGVirHid.sys - ok
19:02:12.0437 4592 [ DAFA56C9092C7CC163CD85A246E5A674 ] C:\Users\GIGABI~1\AppData\Local\Temp\_MEI31882\wx._core_.pyd
19:02:12.0437 4592 C:\Users\GIGABI~1\AppData\Local\Temp\_MEI31882\wx._core_.pyd - ok
19:02:12.0437 4592 [ 9E6AD2917D6FD7730FF37B50F7053183 ] C:\Users\GIGABI~1\AppData\Local\Temp\_MEI31882\wxbase293u_vc.dll
19:02:12.0437 4592 C:\Users\GIGABI~1\AppData\Local\Temp\_MEI31882\wxbase293u_vc.dll - ok
19:02:12.0453 4592 [ 29CD1F3E9148FCD542DEC355A41776AF ] C:\Users\GIGABI~1\AppData\Local\Temp\_MEI31882\wxbase293u_net_vc.dll
19:02:12.0453 4592 C:\Users\GIGABI~1\AppData\Local\Temp\_MEI31882\wxbase293u_net_vc.dll - ok
19:02:12.0453 4592 [ 2B9A6B7B7A3997C12841A5D869F022A4 ] C:\Users\GIGABI~1\AppData\Local\Temp\_MEI31882\wxmsw293u_core_vc.dll
19:02:12.0453 4592 C:\Users\GIGABI~1\AppData\Local\Temp\_MEI31882\wxmsw293u_core_vc.dll - ok
19:02:12.0453 4592 [ FF13BC0EAD656E2DE88BD245BA3D2BF7 ] C:\Users\GIGABI~1\AppData\Local\Temp\_MEI31882\wxmsw293u_adv_vc.dll
19:02:12.0453 4592 C:\Users\GIGABI~1\AppData\Local\Temp\_MEI31882\wxmsw293u_adv_vc.dll - ok
19:02:12.0453 4592 [ 86AEF2219E35F086AB78BA9FBC0FA1E7 ] C:\Users\GIGABI~1\AppData\Local\Temp\_MEI31882\wx._gdi_.pyd
19:02:12.0453 4592 C:\Users\GIGABI~1\AppData\Local\Temp\_MEI31882\wx._gdi_.pyd - ok
19:02:12.0468 4592 [ 6CB0403BDFB83F114F6EBFBD1163B220 ] C:\Users\GIGABI~1\AppData\Local\Temp\_MEI31882\wx._windows_.pyd
19:02:12.0468 4592 C:\Users\GIGABI~1\AppData\Local\Temp\_MEI31882\wx._windows_.pyd - ok
19:02:12.0468 4592 [ 699EFC4D6FE0A2FE24D7049608F2D543 ] C:\Users\GIGABI~1\AppData\Local\Temp\_MEI31882\wxmsw293u_html_vc.dll
19:02:12.0468 4592 C:\Users\GIGABI~1\AppData\Local\Temp\_MEI31882\wxmsw293u_html_vc.dll - ok
19:02:12.0468 4592 [ 09B6A5A2F9EAD10D50E3AEA7934E6DE4 ] C:\Users\GIGABI~1\AppData\Local\Temp\_MEI31882\wx._controls_.pyd
19:02:12.0468 4592 C:\Users\GIGABI~1\AppData\Local\Temp\_MEI31882\wx._controls_.pyd - ok
19:02:12.0468 4592 [ CB21CD39637AC13F3455454B2F648257 ] C:\Windows\System32\msvcr100_clr0400.dll
19:02:12.0468 4592 C:\Windows\System32\msvcr100_clr0400.dll - ok
19:02:12.0468 4592 [ 03B6D87D79E269526AA2B1370DE65675 ] C:\Users\GIGABI~1\AppData\Local\Temp\_MEI31882\wx._misc_.pyd
19:02:12.0468 4592 C:\Users\GIGABI~1\AppData\Local\Temp\_MEI31882\wx._misc_.pyd - ok
19:02:12.0484 4592 [ FE4D9C36122778C9C2A84ACA08D54321 ] C:\Windows\assembly\NativeImages_v4.0.30319_64\mscorlib\4f52500ab48877b85e71430f4f46670f\mscorlib.ni.dll
19:02:12.0484 4592 C:\Windows\assembly\NativeImages_v4.0.30319_64\mscorlib\4f52500ab48877b85e71430f4f46670f\mscorlib.ni.dll - ok
19:02:12.0484 4592 [ 37FAE00D4F6DEC20EFAFC157C4B3499A ] C:\Users\GIGABI~1\AppData\Local\Temp\_MEI31882\_elementtree.pyd
19:02:12.0484 4592 C:\Users\GIGABI~1\AppData\Local\Temp\_MEI31882\_elementtree.pyd - ok
19:02:12.0484 4592 [ 6EF5F3F18413C367195F06E503AB86A6 ] C:\Windows\SysWOW64\d3d9.dll
19:02:12.0484 4592 C:\Windows\SysWOW64\d3d9.dll - ok
19:02:12.0484 4592 [ DF495F31AA306DBFEC3E7CDBB2711CF1 ] C:\Users\GIGABI~1\AppData\Local\Temp\_MEI31882\pyexpat.pyd
19:02:12.0484 4592 C:\Users\GIGABI~1\AppData\Local\Temp\_MEI31882\pyexpat.pyd - ok
19:02:12.0484 4592 [ 77B1471A490B53B24EFE136F09F76550 ] C:\Windows\SysWOW64\d3d8thk.dll
19:02:12.0484 4592 C:\Windows\SysWOW64\d3d8thk.dll - ok
19:02:12.0499 4592 [ 78B16D439F3562552AEB38D352F00567 ] C:\Users\GIGABI~1\AppData\Local\Temp\_MEI31882\_hashlib.pyd
19:02:12.0499 4592 C:\Users\GIGABI~1\AppData\Local\Temp\_MEI31882\_hashlib.pyd - ok
19:02:12.0499 4592 [ 15DE81EC02716D08B17EBF5AFC2190B8 ] C:\Users\GIGABI~1\AppData\Local\Temp\_MEI31882\pysqlite2._sqlite.pyd
19:02:12.0499 4592 C:\Users\GIGABI~1\AppData\Local\Temp\_MEI31882\pysqlite2._sqlite.pyd - ok
19:02:12.0499 4592 [ 8DC2EB39AF2A01C5C28E50685F5B78A5 ] C:\Users\GIGABI~1\AppData\Local\Temp\_MEI31882\_ctypes.pyd
19:02:12.0499 4592 C:\Users\GIGABI~1\AppData\Local\Temp\_MEI31882\_ctypes.pyd - ok
19:02:12.0499 4592 [ 94CD8007843957C9A499F3B4ECBAF0D8 ] C:\Users\GIGABI~1\AppData\Local\Temp\_MEI31882\win32file.pyd
19:02:12.0499 4592 C:\Users\GIGABI~1\AppData\Local\Temp\_MEI31882\win32file.pyd - ok
19:02:12.0515 4592 [ 3C1E19C2E71967311F2D7B2790D18615 ] C:\Users\GIGABI~1\AppData\Local\Temp\_MEI31882\win32security.pyd
19:02:12.0515 4592 C:\Users\GIGABI~1\AppData\Local\Temp\_MEI31882\win32security.pyd - ok
19:02:12.0515 4592 [ 8EA53101FF2B15BDFF934B62A8FB326D ] C:\Windows\SysWOW64\logoncli.dll
19:02:12.0515 4592 C:\Windows\SysWOW64\logoncli.dll - ok
19:02:12.0515 4592 [ E3E811471DE781900FF21C1FD84E941E ] C:\Windows\SysWOW64\ntdsapi.dll
19:02:12.0515 4592 C:\Windows\SysWOW64\ntdsapi.dll - ok
19:02:12.0515 4592 [ 4F6E72B34ED3DC53DCC5E8708E60B61F ] C:\Windows\SysWOW64\security.dll
19:02:12.0515 4592 C:\Windows\SysWOW64\security.dll - ok
19:02:12.0515 4592 [ E282EA80BE94B90E656A475EFCAC89C2 ] C:\Users\GIGABI~1\AppData\Local\Temp\_MEI31882\win32event.pyd
19:02:12.0515 4592 C:\Users\GIGABI~1\AppData\Local\Temp\_MEI31882\win32event.pyd - ok
19:02:12.0531 4592 [ A294A77B4271CE24BC830F8CA376E018 ] C:\Users\GIGABI~1\AppData\Local\Temp\_MEI31882\win32inet.pyd
19:02:12.0531 4592 C:\Users\GIGABI~1\AppData\Local\Temp\_MEI31882\win32inet.pyd - ok
19:02:12.0531 4592 [ 7106BE04428936372FB6D826956A12D4 ] C:\Users\GIGABI~1\AppData\Local\Temp\_MEI31882\wx._wizard.pyd
19:02:12.0531 4592 C:\Users\GIGABI~1\AppData\Local\Temp\_MEI31882\wx._wizard.pyd - ok
19:02:12.0531 4592 [ BA3C226B01FF615107659411AE01E3B0 ] C:\Users\GIGABI~1\AppData\Local\Temp\_MEI31882\unicodedata.pyd
19:02:12.0531 4592 C:\Users\GIGABI~1\AppData\Local\Temp\_MEI31882\unicodedata.pyd - ok
19:02:12.0531 4592 [ 3A4F66ADDDF413DCD1C714B2BEBAF98A ] C:\Users\GIGABI~1\AppData\Local\Temp\_MEI31882\wx._html2.pyd
19:02:12.0531 4592 C:\Users\GIGABI~1\AppData\Local\Temp\_MEI31882\wx._html2.pyd - ok
19:02:12.0531 4592 [ 3D01C7F884349A6170A1E0D3CF812333 ] C:\Users\GIGABI~1\AppData\Local\Temp\_MEI31882\wxmsw293u_webview_vc.dll
19:02:12.0531 4592 C:\Users\GIGABI~1\AppData\Local\Temp\_MEI31882\wxmsw293u_webview_vc.dll - ok
19:02:12.0546 4592 [ 61A4E2E48CD692390EC964F0F1BBEFE2 ] C:\Users\GIGABI~1\AppData\Local\Temp\_MEI31882\win32pdh.pyd
19:02:12.0546 4592 C:\Users\GIGABI~1\AppData\Local\Temp\_MEI31882\win32pdh.pyd - ok
19:02:12.0546 4592 [ 487F44B08EFEAF5AD087878357B9403D ] C:\Windows\SysWOW64\pdh.dll
19:02:12.0546 4592 C:\Windows\SysWOW64\pdh.dll - ok
19:02:12.0546 4592 [ 7BBEC5E9BDC9B406F693D3C868D11227 ] C:\Users\GIGABI~1\AppData\Local\Temp\_MEI31882\windows._cacheinvalidation.pyd
19:02:12.0546 4592 C:\Users\GIGABI~1\AppData\Local\Temp\_MEI31882\windows._cacheinvalidation.pyd - ok
19:02:12.0546 4592 [ 3C303C9D3EA9C64742931CAC0E351910 ] C:\Users\GIGABI~1\AppData\Local\Temp\_MEI31882\select.pyd
19:02:12.0546 4592 C:\Users\GIGABI~1\AppData\Local\Temp\_MEI31882\select.pyd - ok
19:02:12.0562 4592 [ 6EC174E577B7AB75B3A1A9858B2DB261 ] C:\Users\GIGABI~1\AppData\Local\Temp\_MEI31882\win32crypt.pyd
19:02:12.0562 4592 C:\Users\GIGABI~1\AppData\Local\Temp\_MEI31882\win32crypt.pyd - ok
19:02:12.0562 4592 [ 5BF6BA38B703DF5BBE18358A3188C929 ] C:\Users\GIGABI~1\AppData\Local\Temp\_MEI31882\win32process.pyd
19:02:12.0562 4592 C:\Users\GIGABI~1\AppData\Local\Temp\_MEI31882\win32process.pyd - ok
19:02:12.0562 4592 [ 76014D0C563859FBE8777AB4521D18AC ] C:\Users\GIGABI~1\AppData\Local\Temp\_MEI31882\win32profile.pyd
19:02:12.0562 4592 C:\Users\GIGABI~1\AppData\Local\Temp\_MEI31882\win32profile.pyd - ok
19:02:12.0562 4592 [ 969D2374476243CCF7ABC1835481F7CB ] C:\Users\GIGABI~1\AppData\Local\Temp\_MEI31882\win32ts.pyd
19:02:12.0562 4592 C:\Users\GIGABI~1\AppData\Local\Temp\_MEI31882\win32ts.pyd - ok
19:02:12.0562 4592 [ 403775B7C24DF512D87326671479ABEB ] C:\Users\GigabitPony\AppData\Roaming\Dropbox\bin\Dropbox.exe
19:02:12.0562 4592 C:\Users\GigabitPony\AppData\Roaming\Dropbox\bin\Dropbox.exe - ok
19:02:12.0577 4592 [ 4374B2528BCBB8F95FB12CC6C8FF0773 ] C:\Windows\Microsoft.NET\Framework64\v4.0.30319\nlssorting.dll
19:02:12.0577 4592 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\nlssorting.dll - ok
19:02:12.0577 4592 [ 85683DF1F917E4D7F6BE1A04986BF1C8 ] C:\Windows\SysWOW64\msacm32.dll
19:02:12.0577 4592 C:\Windows\SysWOW64\msacm32.dll - ok
19:02:12.0577 4592 [ 539C49CEBB3C50957AC8A09D95ECD880 ] C:\Windows\SysWOW64\shfolder.dll
19:02:12.0577 4592 C:\Windows\SysWOW64\shfolder.dll - ok
19:02:12.0577 4592 [ 51621E4B29575A8CF429E6F6DA58A577 ] C:\Windows\Microsoft.NET\Framework64\v4.0.30319\clrjit.dll
19:02:12.0577 4592 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\clrjit.dll - ok
19:02:12.0577 4592 [ 101797BA603D227946B4B5109867EB19 ] C:\Windows\System32\SyncCenter.dll
19:02:12.0577 4592 C:\Windows\System32\SyncCenter.dll - ok
19:02:12.0593 4592 [ 703FFD301AB900B047337C5D40FD6F96 ] C:\Windows\SysWOW64\olepro32.dll
19:02:12.0593 4592 C:\Windows\SysWOW64\olepro32.dll - ok
19:02:12.0593 4592 [ 610154E29EF9F29C56E2B8F187E3EAD1 ] C:\Program Files\Logitech Gaming Software\Applets\LCDCountdown.exe
19:02:12.0593 4592 C:\Program Files\Logitech Gaming Software\Applets\LCDCountdown.exe - ok
19:02:12.0593 4592 [ 9382AF9684AE91035809A252C9245606 ] C:\Program Files\Logitech Gaming Software\Applets\LCDMedia.exe
19:02:12.0593 4592 C:\Program Files\Logitech Gaming Software\Applets\LCDMedia.exe - ok
19:02:12.0593 4592 [ 139D3AB6AA920C34C50CBFFB9EB7D222 ] C:\Windows\SysWOW64\avrt.dll
19:02:12.0593 4592 C:\Windows\SysWOW64\avrt.dll - ok
19:02:12.0609 4592 [ 63DF770DF74ACB370EF5A16727069AAF ] C:\Windows\SysWOW64\hid.dll
19:02:12.0609 4592 C:\Windows\SysWOW64\hid.dll - ok
19:02:12.0609 4592 [ 344E5CC5B79EF3BCD7A267F60DE44F5D ] C:\Program Files\Logitech Gaming Software\Applets\LCDClock.exe
19:02:12.0609 4592 C:\Program Files\Logitech Gaming Software\Applets\LCDClock.exe - ok
19:02:12.0609 4592 [ 5512238DB69736055565E6F5DE62574A ] C:\Program Files\Logitech Gaming Software\EReg\eReg.exe
19:02:12.0609 4592 C:\Program Files\Logitech Gaming Software\EReg\eReg.exe - ok
19:02:12.0609 4592 [ 8BC9DB92C4B2F3BE89185BEAB2AFC1F6 ] C:\Windows\SysWOW64\mapi32.dll
19:02:12.0609 4592 C:\Windows\SysWOW64\mapi32.dll - ok
19:02:12.0609 4592 [ 919001D2BB17DF06CA3F8AC16AD039F6 ] C:\Windows\SysWOW64\sxs.dll
19:02:12.0609 4592 C:\Windows\SysWOW64\sxs.dll - ok
19:02:12.0624 4592 [ 263E9A047D17CD50BAA9D3C02910D18D ] C:\Windows\System32\oledlg.dll
19:02:12.0624 4592 C:\Windows\System32\oledlg.dll - ok
19:02:12.0624 4592 [ C335EC1182AC10B188705554E0BC1186 ] C:\Windows\SysWOW64\msvfw32.dll
19:02:12.0624 4592 C:\Windows\SysWOW64\msvfw32.dll - ok
19:02:12.0624 4592 [ 67AB55605233E8A1CB652B295C3CA9EC ] C:\Program Files\Logitech Gaming Software\Applets\LCDPOP3.exe
19:02:12.0624 4592 C:\Program Files\Logitech Gaming Software\Applets\LCDPOP3.exe - ok
19:02:12.0624 4592 [ 936F728E04ACCF3F38801CFFCF1E3F40 ] C:\Windows\SysWOW64\oledlg.dll
19:02:12.0624 4592 C:\Windows\SysWOW64\oledlg.dll - ok
19:02:12.0624 4592 [ BA32509D9B340162327B341013DE6522 ] C:\Windows\SysWOW64\tapi32.dll
19:02:12.0624 4592 C:\Windows\SysWOW64\tapi32.dll - ok
19:02:12.0640 4592 [ 6E5EC0AB431C2E2F00EDCEC66DFF3915 ] C:\Program Files\Logitech Gaming Software\Applets\LCDRSS.exe
19:02:12.0640 4592 C:\Program Files\Logitech Gaming Software\Applets\LCDRSS.exe - ok
19:02:12.0640 4592 [ 3E9FC80F084589CDA4AE3322EEECFFC0 ] C:\Windows\assembly\NativeImages_v4.0.30319_64\System\a91f32875cb3ba779f1b3ceff1690251\System.ni.dll
19:02:12.0640 4592 C:\Windows\assembly\NativeImages_v4.0.30319_64\System\a91f32875cb3ba779f1b3ceff1690251\System.ni.dll - ok
19:02:12.0640 4592 [ B010CF886420EE29C2C276646721D255 ] C:\Windows\SysWOW64\wlanapi.dll
19:02:12.0640 4592 C:\Windows\SysWOW64\wlanapi.dll - ok
19:02:12.0640 4592 [ 1D6A771D1D702AE07919DB52C889A249 ] C:\Windows\SysWOW64\wlanutil.dll
19:02:12.0640 4592 C:\Windows\SysWOW64\wlanutil.dll - ok
19:02:12.0640 4592 [ 330E468406220AA673AA9D5D95E0862C ] C:\Program Files (x86)\Comodo\GeekBuddy\unit.exe
19:02:12.0640 4592 C:\Program Files (x86)\Comodo\GeekBuddy\unit.exe - ok
19:02:12.0655 4592 [ 70862FB65B7B6F51FFC6C5D3D63D6B4F ] C:\Program Files\Logitech Gaming Software\LcdApi\x86\LgLcdApi.dll
19:02:12.0655 4592 C:\Program Files\Logitech Gaming Software\LcdApi\x86\LgLcdApi.dll - ok
19:02:12.0655 4592 [ 0647ED6DF0D2D96E6A400B750191DEC2 ] C:\Program Files (x86)\Comodo\GeekBuddy\QtGui4.dll
19:02:12.0655 4592 C:\Program Files (x86)\Comodo\GeekBuddy\QtGui4.dll - ok
19:02:12.0655 4592 [ AC8E6AB70D520D5275DD69A616ABB0BB ] C:\Program Files\Logitech Gaming Software\LcdApi\x64\LgLcdApi.dll
19:02:12.0655 4592 C:\Program Files\Logitech Gaming Software\LcdApi\x64\LgLcdApi.dll - ok
19:02:12.0655 4592 [ 243974EC02F7AE49E4179C54624143AB ] C:\Windows\SysWOW64\MMDevAPI.dll
19:02:12.0655 4592 C:\Windows\SysWOW64\MMDevAPI.dll - ok
19:02:12.0655 4592 [ C940F2F5C60B3727C5F18840735B229C ] C:\Windows\SysWOW64\AudioSes.dll
19:02:12.0655 4592 C:\Windows\SysWOW64\AudioSes.dll - ok
19:02:12.0671 4592 [ 55E5B32AE8D1F51A63C82919656FD275 ] C:\Windows\SysWOW64\dciman32.dll
19:02:12.0671 4592 C:\Windows\SysWOW64\dciman32.dll - ok
19:02:12.0671 4592 [ 07F649CD36F266BBE33B814FA678AA43 ] C:\Windows\SysWOW64\mshtml.dll
19:02:12.0671 4592 C:\Windows\SysWOW64\mshtml.dll - ok
19:02:12.0671 4592 [ CDAD3376DFF3D9AC7FDCBE2B94B0D3C8 ] C:\Windows\System32\shfolder.dll
19:02:12.0671 4592 C:\Windows\System32\shfolder.dll - ok
19:02:12.0671 4592 [ 7F8BB5F228CF551C44A5C001712C1A39 ] C:\Windows\SysWOW64\aticfx32.dll
19:02:12.0671 4592 C:\Windows\SysWOW64\aticfx32.dll - ok
19:02:12.0671 4592 [ 5987EA8A82C53359BCD2C29D6588583E ] C:\Windows\SysWOW64\linkinfo.dll
19:02:12.0671 4592 C:\Windows\SysWOW64\linkinfo.dll - ok
19:02:12.0687 4592 [ C71E7ABB1A34E56CE73AE117C8DD566F ] C:\Windows\System32\ieframe.dll
19:02:12.0687 4592 C:\Windows\System32\ieframe.dll - ok
19:02:12.0687 4592 [ 75A9BA2E84C0C9F661ACA17EA4E1F233 ] C:\Windows\SysWOW64\atiu9pag.dll
19:02:12.0687 4592 C:\Windows\SysWOW64\atiu9pag.dll - ok
19:02:12.0687 4592 [ 544CF876CF2327D21246BC1B66700F95 ] C:\Windows\SysWOW64\atiumdag.dll
19:02:12.0687 4592 C:\Windows\SysWOW64\atiumdag.dll - ok
19:02:12.0687 4592 [ A1156481B844AAF74560D3FB970559D1 ] C:\Windows\SysWOW64\atiumdva.dll
19:02:12.0687 4592 C:\Windows\SysWOW64\atiumdva.dll - ok
19:02:12.0702 4592 [ 760463846551E3B88E7BE422B28E9228 ] C:\Program Files (x86)\Comodo\GeekBuddy\lps-cspm\components\core\component-2\export.dll
19:02:12.0702 4592 C:\Program Files (x86)\Comodo\GeekBuddy\lps-cspm\components\core\component-2\export.dll - ok
19:02:12.0702 4592 [ F832EEEA97CDDA1AF577E721F652A0D1 ] C:\Windows\System32\batmeter.dll
19:02:12.0702 4592 C:\Windows\System32\batmeter.dll - ok
19:02:12.0702 4592 [ C3761661C17C2248A9379A8FB89E3DE1 ] C:\Windows\System32\stobject.dll
19:02:12.0702 4592 C:\Windows\System32\stobject.dll - ok
19:02:12.0702 4592 [ 3B12F35882DAC50FE7BD82312CC476EF ] C:\Program Files (x86)\Comodo\GeekBuddy\lps-cspm\components\core\component-0\export.dll
19:02:12.0702 4592 C:\Program Files (x86)\Comodo\GeekBuddy\lps-cspm\components\core\component-0\export.dll - ok
19:02:12.0702 4592 [ D1F4EF194A129726FBF30E2F514824AA ] C:\Users\GigabitPony\AppData\Roaming\Dropbox\bin\DropboxExt.17.dll
19:02:12.0702 4592 C:\Users\GigabitPony\AppData\Roaming\Dropbox\bin\DropboxExt.17.dll - ok
19:02:12.0718 4592 [ 74CDE657245C114B98816E89B8D4CCD1 ] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
19:02:12.0718 4592 C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe - ok
19:02:12.0718 4592 [ CC93F1997156A7B1A14DFEC43FA022B3 ] C:\Program Files (x86)\Comodo\GeekBuddy\lps-cspm\components\core\component-3\export.dll
19:02:12.0718 4592 C:\Program Files (x86)\Comodo\GeekBuddy\lps-cspm\components\core\component-3\export.dll - ok
19:02:12.0718 4592 [ 2D2A6EC8EAD30EC3ACE2FD6FB1B3E122 ] C:\Windows\System32\prnfldr.dll
19:02:12.0718 4592 C:\Windows\System32\prnfldr.dll - ok
19:02:12.0718 4592 [ 00F5677474F19412E470D9267BED1116 ] C:\Program Files (x86)\Comodo\GeekBuddy\lps-cspm\components\core\component-3\AutorunsWrapper.dll
19:02:12.0718 4592 C:\Program Files (x86)\Comodo\GeekBuddy\lps-cspm\components\core\component-3\AutorunsWrapper.dll - ok
19:02:12.0718 4592 [ C9BC805CC69FEB134EE881BD12A7BB98 ] C:\Program Files (x86)\Comodo\GeekBuddy\lps-cspm\components\core\component-3\offreg.dll
19:02:12.0718 4592 C:\Program Files (x86)\Comodo\GeekBuddy\lps-cspm\components\core\component-3\offreg.dll - ok
19:02:12.0733 4592 [ 418E881201583A3039D81F43E39E6C78 ] C:\Windows\SysWOW64\winsta.dll
19:02:12.0733 4592 C:\Windows\SysWOW64\winsta.dll - ok
19:02:12.0733 4592 [ 544EFF88AC6C85DF5A4D6F18DFE08CFC ] C:\Windows\SysWOW64\taskschd.dll
19:02:12.0733 4592 C:\Windows\SysWOW64\taskschd.dll - ok
19:02:12.0733 4592 [ 968F41502610AC8DEDD150DEB7EA7365 ] C:\Program Files (x86)\Comodo\GeekBuddy\lps-cspm\components\core\component-5\export.dll
19:02:12.0733 4592 C:\Program Files (x86)\Comodo\GeekBuddy\lps-cspm\components\core\component-5\export.dll - ok
19:02:12.0733 4592 [ 3E362F73A6428FC7A5BE8B387E566983 ] C:\Program Files (x86)\Comodo\GeekBuddy\lps-cspm\components\core\component-5\eventmonitorapi.dll
19:02:12.0733 4592 C:\Program Files (x86)\Comodo\GeekBuddy\lps-cspm\components\core\component-5\eventmonitorapi.dll - ok
19:02:12.0749 4592 [ 82C089EA2A3EEFADF3588EA71E8BDADA ] C:\Windows\SysWOW64\wevtapi.dll
19:02:12.0749 4592 C:\Windows\SysWOW64\wevtapi.dll - ok
19:02:12.0749 4592 [ 42A9CB6906D9A8BEDC83B57163E62924 ] C:\Windows\System32\DXP.dll
19:02:12.0749 4592 C:\Windows\System32\DXP.dll - ok
19:02:12.0749 4592 [ 783AE23D8C21CAF33448001DFFC8580F ] C:\Program Files (x86)\Comodo\GeekBuddy\lps-cspm\components\core\component-7\export.dll
19:02:12.0749 4592 C:\Program Files (x86)\Comodo\GeekBuddy\lps-cspm\components\core\component-7\export.dll - ok
19:02:12.0749 4592 [ 2BC7C9FD0A9F2C9AFC373F3AD1EE3891 ] C:\Windows\System32\Syncreg.dll
19:02:12.0749 4592 C:\Windows\System32\Syncreg.dll - ok
19:02:12.0749 4592 [ C836175870E00ACC546066632E15BD10 ] C:\Windows\ehome\ehSSO.dll
19:02:12.0749 4592 C:\Windows\ehome\ehSSO.dll - ok
19:02:12.0749 4592 [ A42F2C1EB3B66C54FB3C7B79D30C1A6D ] C:\Windows\System32\netshell.dll
19:02:12.0749 4592 C:\Windows\System32\netshell.dll - ok
19:02:12.0765 4592 [ 1D43EAFDC2DE4EC1C03649D18B93942C ] C:\Program Files (x86)\Comodo\GeekBuddy\lps-cspm\components\core\component-8\addonscontroller.dll
19:02:12.0765 4592 C:\Program Files (x86)\Comodo\GeekBuddy\lps-cspm\components\core\component-8\addonscontroller.dll - ok
19:02:12.0765 4592 [ 01B7F366EDCD8A6072B753F78C946BCE ] C:\Program Files (x86)\Comodo\GeekBuddy\lps-cspm\components\core\component-8\export.dll
19:02:12.0765 4592 C:\Program Files (x86)\Comodo\GeekBuddy\lps-cspm\components\core\component-8\export.dll - ok
19:02:12.0765 4592 [ D81D9E70B8A6DD14D42D7B4EFA65D5F2 ] C:\Windows\System32\drivers\acpi.sys
19:02:12.0765 4592 C:\Windows\System32\drivers\acpi.sys - ok
19:02:12.0765 4592 [ FAD05833D11199FDC7CBC2272E223A8A ] C:\Program Files (x86)\Comodo\GeekBuddy\QtScript4.dll
19:02:12.0765 4592 C:\Program Files (x86)\Comodo\GeekBuddy\QtScript4.dll - ok
19:02:12.0765 4592 [ 99F8E788246D495CE3794D7E7821D2CA ] C:\Windows\System32\drivers\acpipmi.sys
19:02:12.0765 4592 C:\Windows\System32\drivers\acpipmi.sys - ok
19:02:12.0780 4592 [ 2F6B34B83843F0C5118B63AC634F5BF4 ] C:\Windows\System32\drivers\adp94xx.sys
19:02:12.0780 4592 C:\Windows\System32\drivers\adp94xx.sys - ok
19:02:12.0780 4592 [ 597F78224EE9224EA1A13D6350CED962 ] C:\Windows\System32\drivers\adpahci.sys
19:02:12.0780 4592 C:\Windows\System32\drivers\adpahci.sys - ok
19:02:12.0780 4592 [ E109549C90F62FB570B9540C4B148E54 ] C:\Windows\System32\drivers\adpu320.sys
19:02:12.0780 4592 C:\Windows\System32\drivers\adpu320.sys - ok
19:02:12.0780 4592 [ 54A47F6B5E09A77E61649109C6A08866 ] C:\Windows\SysWOW64\svchost.exe
19:02:12.0780 4592 C:\Windows\SysWOW64\svchost.exe - ok
19:02:12.0796 4592 [ 608C14DBA7299D8CB6ED035A68A15799 ] C:\Windows\System32\drivers\AGP440.sys
19:02:12.0796 4592 C:\Windows\System32\drivers\AGP440.sys - ok
19:02:12.0796 4592 [ 5812713A477A3AD7363C7438CA2EE038 ] C:\Windows\System32\drivers\aliide.sys
19:02:12.0796 4592 C:\Windows\System32\drivers\aliide.sys - ok
19:02:12.0796 4592 [ 1FF8B4431C353CE385C875F194924C0C ] C:\Windows\System32\drivers\amdide.sys
19:02:12.0796 4592 C:\Windows\System32\drivers\amdide.sys - ok
19:02:12.0796 4592 [ 7024F087CFF1833A806193EF9D22CDA9 ] C:\Windows\System32\drivers\amdk8.sys
19:02:12.0796 4592 C:\Windows\System32\drivers\amdk8.sys - ok
19:02:12.0796 4592 [ D4121AE6D0C0E7E13AA221AA57EF2D49 ] C:\Windows\System32\drivers\amdsata.sys
19:02:12.0796 4592 C:\Windows\System32\drivers\amdsata.sys - ok
19:02:12.0811 4592 [ F67F933E79241ED32FF46A4F29B5120B ] C:\Windows\System32\drivers\amdsbs.sys
19:02:12.0811 4592 C:\Windows\System32\drivers\amdsbs.sys - ok
19:02:12.0811 4592 [ 540DAF1CEA6094886D72126FD7C33048 ] C:\Windows\System32\drivers\amdxata.sys
19:02:12.0811 4592 C:\Windows\System32\drivers\amdxata.sys - ok
19:02:12.0811 4592 [ 89A69C3F2F319B43379399547526D952 ] C:\Windows\System32\drivers\appid.sys
19:02:12.0811 4592 C:\Windows\System32\drivers\appid.sys - ok
19:02:12.0811 4592 [ E7368F0A8D19445EAF5C5D0DBB8B8DAB ] C:\Windows\System32\AltTab.dll
19:02:12.0811 4592 C:\Windows\System32\AltTab.dll - ok
19:02:12.0811 4592 [ C484F8CEB1717C540242531DB7845C4E ] C:\Windows\System32\drivers\arc.sys
19:02:12.0811 4592 C:\Windows\System32\drivers\arc.sys - ok
19:02:12.0827 4592 [ 019AF6924AEFE7839F61C830227FE79C ] C:\Windows\System32\drivers\arcsas.sys
19:02:12.0827 4592 C:\Windows\System32\drivers\arcsas.sys - ok
19:02:12.0827 4592 [ 769765CE2CC62867468CEA93969B2242 ] C:\Windows\System32\drivers\asyncmac.sys
19:02:12.0827 4592 C:\Windows\System32\drivers\asyncmac.sys - ok
19:02:12.0827 4592 [ 02062C0B390B7729EDC9E69C680A6F3C ] C:\Windows\System32\drivers\atapi.sys
19:02:12.0827 4592 C:\Windows\System32\drivers\atapi.sys - ok
19:02:12.0827 4592 [ B5ACE6968304A3900EEB1EBFD9622DF2 ] C:\Windows\System32\drivers\b57nd60a.sys
19:02:12.0827 4592 C:\Windows\System32\drivers\b57nd60a.sys - ok
19:02:12.0827 4592 [ 3E5B191307609F7514148C6832BB0842 ] C:\Windows\System32\drivers\bxvbda.sys
19:02:12.0827 4592 C:\Windows\System32\drivers\bxvbda.sys - ok
19:02:12.0827 4592 [ F09EEE9EDC320B5E1501F749FDE686C8 ] C:\Windows\System32\drivers\BrFiltLo.sys
19:02:12.0827 4592 C:\Windows\System32\drivers\BrFiltLo.sys - ok
19:02:12.0827 4592 [ B114D3098E9BDB8BEA8B053685831BE6 ] C:\Windows\System32\drivers\BrFiltUp.sys
19:02:12.0827 4592 C:\Windows\System32\drivers\BrFiltUp.sys - ok
19:02:12.0843 4592 [ 43BEA8D483BF1870F018E2D02E06A5BD ] C:\Windows\System32\drivers\BrSerId.sys
19:02:12.0843 4592 C:\Windows\System32\drivers\BrSerId.sys - ok
19:02:12.0843 4592 [ A6ECA2151B08A09CACECA35C07F05B42 ] C:\Windows\System32\drivers\BrSerWdm.sys
19:02:12.0843 4592 C:\Windows\System32\drivers\BrSerWdm.sys - ok
19:02:12.0843 4592 [ B79968002C277E869CF38BD22CD61524 ] C:\Windows\System32\drivers\BrUsbMdm.sys
19:02:12.0843 4592 C:\Windows\System32\drivers\BrUsbMdm.sys - ok
19:02:12.0843 4592 [ A87528880231C54E75EA7A44943B38BF ] C:\Windows\System32\drivers\BrUsbSer.sys
19:02:12.0843 4592 C:\Windows\System32\drivers\BrUsbSer.sys - ok
19:02:12.0858 4592 [ 9DA669F11D1F894AB4EB69BF546A42E8 ] C:\Windows\System32\drivers\bthmodem.sys
19:02:12.0858 4592 C:\Windows\System32\drivers\bthmodem.sys - ok
19:02:12.0858 4592 [ B8BD2BB284668C84865658C77574381A ] C:\Windows\System32\drivers\cdfs.sys
19:02:12.0858 4592 C:\Windows\System32\drivers\cdfs.sys - ok
19:02:12.0858 4592 [ 7AD735DB1A9CC82D75E8854952EE8052 ] C:\Windows\SysWOW64\drivers\CFRMD.sys
19:02:12.0858 4592 C:\Windows\SysWOW64\drivers\CFRMD.sys - ok
19:02:12.0858 4592 [ C8FDF0FA9E97E2FAAF3F814716AAA881 ] C:\Windows\System32\WPDShServiceObj.dll
19:02:12.0858 4592 C:\Windows\System32\WPDShServiceObj.dll - ok
19:02:12.0858 4592 [ 69F9732915DD9AA86D1686CB0156D45C ] C:\Program Files (x86)\Comodo\GeekBuddy\lps-cspm\components\core\component-10\export.dll
19:02:12.0858 4592 C:\Program Files (x86)\Comodo\GeekBuddy\lps-cspm\components\core\component-10\export.dll - ok
19:02:12.0874 4592 [ 5BB8C06EB5EA4BA22EE8A678F2D79B25 ] C:\Windows\SysWOW64\devenum.dll
19:02:12.0874 4592 C:\Windows\SysWOW64\devenum.dll - ok
19:02:12.0874 4592 [ D7CD5C4E1B71FA62050515314CFB52CF ] C:\Windows\System32\drivers\circlass.sys
19:02:12.0874 4592 C:\Windows\System32\drivers\circlass.sys - ok
19:02:12.0874 4592 [ 7069AAB8536F29ED7323140973A2894B ] C:\Windows\SysWOW64\msdmo.dll
19:02:12.0874 4592 C:\Windows\SysWOW64\msdmo.dll - ok
19:02:12.0874 4592 [ E24FE90E9DE8D8AE70E59F7B01675DEF ] C:\Windows\SysWOW64\avicap32.dll
19:02:12.0874 4592 C:\Windows\SysWOW64\avicap32.dll - ok
19:02:12.0874 4592 [ 3F50200237961034FACE602373838980 ] C:\Windows\SysWOW64\FirewallAPI.dll
19:02:12.0874 4592 C:\Windows\SysWOW64\FirewallAPI.dll - ok
19:02:12.0889 4592 [ 24498D084FAA7A459C91066EC241E1CE ] C:\Windows\SysWOW64\vfwwdm32.dll
19:02:12.0889 4592 C:\Windows\SysWOW64\vfwwdm32.dll - ok
19:02:12.0889 4592 [ D88040F816FDA31C3B466F0FA0918F29 ] C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
19:02:12.0889 4592 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe - ok
19:02:12.0889 4592 [ D1CEEA2B47CB998321C579651CE3E4F8 ] C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
19:02:12.0889 4592 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe - ok
19:02:12.0889 4592 [ C5A75EB48E2344ABDC162BDA79E16841 ] C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
19:02:12.0889 4592 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe - ok
19:02:12.0889 4592 [ 10F815BE90A66AAFC6C713D1BD626064 ] C:\Windows\System32\pnidui.dll
19:02:12.0889 4592 C:\Windows\System32\pnidui.dll - ok
19:02:12.0905 4592 [ C6F9AF94DCD58122A4D7E89DB6BED29D ] C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
19:02:12.0905 4592 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe - ok
19:02:12.0905 4592 [ 0840155D0BDDF1190F84A663C284BD33 ] C:\Windows\System32\drivers\CmBatt.sys
19:02:12.0905 4592 C:\Windows\System32\drivers\CmBatt.sys - ok
19:02:12.0905 4592 [ E19D3F095812725D88F9001985B94EDD ] C:\Windows\System32\drivers\cmdide.sys
19:02:12.0905 4592 C:\Windows\System32\drivers\cmdide.sys - ok
19:02:12.0905 4592 [ B9F0A4020AA98B7A20287BF7FE99A1FD ] C:\Windows\System32\QUTIL.DLL
19:02:12.0905 4592 C:\Windows\System32\QUTIL.DLL - ok
19:02:12.0905 4592 [ 385513BBCE70F13AB634CBBB0CA2A55B ] D:\Programs\Comodo\COMODO Internet Security\cmdvirth.exe
19:02:12.0905 4592 D:\Programs\Comodo\COMODO Internet Security\cmdvirth.exe - ok
19:02:12.0905 4592 [ AAFCB52FE0037207FB6FBEA070D25EFE ] C:\Windows\System32\drivers\cng.sys
19:02:12.0905 4592 C:\Windows\System32\drivers\cng.sys - ok
19:02:12.0921 4592 [ 102DE219C3F61415F964C88E9085AD14 ] C:\Windows\System32\drivers\compbatt.sys
19:02:12.0921 4592 C:\Windows\System32\drivers\compbatt.sys - ok
19:02:12.0921 4592 [ A63DC5C2EA944E6657203E0C8EDEAF61 ] C:\Windows\SysWOW64\dllhost.exe
19:02:12.0921 4592 C:\Windows\SysWOW64\dllhost.exe - ok
19:02:12.0921 4592 [ 1C827878A998C18847245FE1F34EE597 ] C:\Windows\System32\drivers\crcdisk.sys
19:02:12.0921 4592 C:\Windows\System32\drivers\crcdisk.sys - ok
19:02:12.0921 4592 [ 9819EEE8B5EA3784EC4AF3B137A5244C ] C:\Windows\System32\drivers\disk.sys
19:02:12.0921 4592 C:\Windows\System32\drivers\disk.sys - ok
19:02:12.0921 4592 [ 234AFA322624B3203A2E720F08292B03 ] C:\Windows\System32\cscobj.dll
19:02:12.0921 4592 C:\Windows\System32\cscobj.dll - ok
19:02:12.0921 4592 [ 9B19F34400D24DF84C858A421C205754 ] C:\Windows\System32\drivers\drmkaud.sys
19:02:12.0921 4592 C:\Windows\System32\drivers\drmkaud.sys - ok
19:02:12.0936 4592 [ DC5D737F51BE844D8C82C695EB17372F ] C:\Windows\System32\drivers\evbda.sys
19:02:12.0936 4592 C:\Windows\System32\drivers\evbda.sys - ok
19:02:12.0936 4592 [ D2155709E336C3BC15729EB87FEC6064 ] C:\Windows\System32\rasdlg.dll
19:02:12.0936 4592 C:\Windows\System32\rasdlg.dll - ok
19:02:12.0936 4592 [ CB621818A3A8CDE693AA2E6F049254BF ] C:\Windows\SysWOW64\LcProxy2.ax
19:02:12.0936 4592 C:\Windows\SysWOW64\LcProxy2.ax - ok
19:02:12.0936 4592 [ 9C67F6BBDA3881CFD02095160CF91576 ] C:\Windows\SysWOW64\ksuser.dll
19:02:12.0936 4592 C:\Windows\SysWOW64\ksuser.dll - ok
19:02:12.0936 4592 [ C140F86932B5B61F54A4D836E2D34AB2 ] C:\Windows\SysWOW64\ksproxy.ax
19:02:12.0936 4592 C:\Windows\SysWOW64\ksproxy.ax - ok
19:02:12.0936 4592 [ 81F08948A0F1475894C99D4D19A158A8 ] C:\Windows\SysWOW64\wshqos.dll
19:02:12.0936 4592 C:\Windows\SysWOW64\wshqos.dll - ok
19:02:12.0952 4592 [ 4DDACA8A66B95ABA02812FF3C13DE198 ] C:\Windows\SysWOW64\vidcap.ax
19:02:12.0952 4592 C:\Windows\SysWOW64\vidcap.ax - ok
19:02:12.0952 4592 [ F9AFD12BB4B1CFA5FCC0A5B37C604FD2 ] C:\Windows\System32\dot3api.dll
19:02:12.0952 4592 C:\Windows\System32\dot3api.dll - ok
19:02:12.0952 4592 [ 630A31F277349109299E590856A4B004 ] C:\Windows\SysWOW64\Kswdmcap.ax
19:02:12.0952 4592 C:\Windows\SysWOW64\Kswdmcap.ax - ok
19:02:12.0952 4592 [ E4FCA0F99A41E460C84016DEFD31E6EF ] C:\Windows\System32\wlanhlp.dll
19:02:12.0952 4592 C:\Windows\System32\wlanhlp.dll - ok
19:02:12.0952 4592 [ DC6612A9EE015A36BA2A27BC9CC12537 ] C:\Windows\SysWOW64\mfc42.dll
19:02:12.0952 4592 C:\Windows\SysWOW64\mfc42.dll - ok
19:02:12.0952 4592 [ 7D34AF98A706230CC2DEDFE0CABF87AB ] C:\Windows\SysWOW64\odbc32.dll
19:02:12.0952 4592 C:\Windows\SysWOW64\odbc32.dll - ok
19:02:12.0952 4592 [ 7F27D933FCA60248C704C0EAE2B53D21 ] C:\Program Files (x86)\Comodo\GeekBuddy\lps-cspm\components\core\component-13\export.dll
19:02:12.0952 4592 C:\Program Files (x86)\Comodo\GeekBuddy\lps-cspm\components\core\component-13\export.dll - ok
19:02:12.0967 4592 [ 6699A112A3BDC9B52338512894EBA9D6 ] C:\Program Files\Windows Media Player\wmpnscfg.exe
19:02:12.0967 4592 C:\Program Files\Windows Media Player\wmpnscfg.exe - ok
19:02:12.0967 4592 [ 8569E35D00F45972E506502EEE622BA4 ] C:\Windows\System32\srchadmin.dll
19:02:12.0967 4592 C:\Windows\System32\srchadmin.dll - ok
19:02:12.0967 4592 [ ABA457BFC7EC0B5E130B2F1E0F549DFF ] C:\Windows\SysWOW64\odbcint.dll
19:02:12.0967 4592 C:\Windows\SysWOW64\odbcint.dll - ok
19:02:12.0967 4592 [ 0E5DA5369A0FCAEA12456DD852545184 ] C:\Windows\System32\drivers\elxstor.sys
19:02:12.0967 4592 C:\Windows\System32\drivers\elxstor.sys - ok
19:02:12.0967 4592 [ 5DA219F57A9076FB6FBD3C9C3713A672 ] C:\Windows\System32\WWanAPI.dll
19:02:12.0967 4592 C:\Windows\System32\WWanAPI.dll - ok
19:02:12.0983 4592 [ 357C8002556BD779681DA40BC3B94061 ] C:\Program Files (x86)\Microsoft LifeCam\CAL2.dll
19:02:12.0983 4592 C:\Program Files (x86)\Microsoft LifeCam\CAL2.dll - ok
19:02:12.0983 4592 [ 34A3C54752046E79A126E15C51DB409B ] C:\Windows\System32\drivers\errdev.sys
19:02:12.0983 4592 C:\Windows\System32\drivers\errdev.sys - ok
19:02:12.0983 4592 [ 62C7AACC746C9723468A8F2169ED3E85 ] C:\Windows\System32\wwapi.dll
19:02:12.0983 4592 C:\Windows\System32\wwapi.dll - ok
19:02:12.0983 4592 [ 6B851E682A36453E1B1EE297FFB6E2AB ] C:\Windows\System32\QAGENT.DLL
19:02:12.0983 4592 C:\Windows\System32\QAGENT.DLL - ok
19:02:12.0983 4592 [ DBEFD454F8318A0EF691FDD2EAAB44EB ] C:\Windows\System32\FXSSVC.exe
19:02:12.0983 4592 C:\Windows\System32\FXSSVC.exe - ok
19:02:12.0999 4592 [ EAADD6E47ED2A7003ACE1793B98CF63F ] C:\Windows\SysWOW64\msxml6.dll
19:02:12.0999 4592 C:\Windows\SysWOW64\msxml6.dll - ok
19:02:12.0999 4592 [ D7CEAEDD5F75D2C8A2E80887D7C114CE ] C:\Windows\System32\webcheck.dll
19:02:12.0999 4592 C:\Windows\System32\webcheck.dll - ok
19:02:12.0999 4592 [ 8494E126F0B10180F3293AF861CE1F7A ] C:\Windows\System32\mlang.dll
19:02:12.0999 4592 C:\Windows\System32\mlang.dll - ok
19:02:12.0999 4592 [ A8B7F3818AB65695E3A0BB3279F6DCE6 ] C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
19:02:12.0999 4592 C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe - ok
19:02:12.0999 4592 [ 8C778D335C9D272CFD3298AB02ABE3B6 ] C:\Windows\System32\drivers\GAGP30KX.SYS
19:02:12.0999 4592 C:\Windows\System32\drivers\GAGP30KX.SYS - ok
19:02:13.0014 4592 [ C7494C67A6BF6FE914808E42F8265FEF ] C:\Program Files\Windows Media Player\wmpnssci.dll
19:02:13.0014 4592 C:\Program Files\Windows Media Player\wmpnssci.dll - ok
19:02:13.0014 4592 [ 0AE0C4955E1DE29CCDC9DA1B816FE5EE ] C:\Windows\SysWOW64\quartz.dll
19:02:13.0014 4592 C:\Windows\SysWOW64\quartz.dll - ok
19:02:13.0014 4592 [ F2523EF6460FC42405B12248338AB2F0 ] C:\Windows\System32\drivers\hcw85cir.sys
19:02:13.0014 4592 C:\Windows\System32\drivers\hcw85cir.sys - ok
19:02:13.0014 4592 [ 78E86380454A7B10A5EB255DC44A355F ] C:\Windows\System32\drivers\hidbatt.sys
19:02:13.0014 4592 C:\Windows\System32\drivers\hidbatt.sys - ok
19:02:13.0014 4592 [ 7FD2A313F7AFE5C4DAB14798C48DD104 ] C:\Windows\System32\drivers\hidbth.sys
19:02:13.0014 4592 C:\Windows\System32\drivers\hidbth.sys - ok
19:02:13.0030 4592 [ 0A77D29F311B88CFAE3B13F9C1A73825 ] C:\Windows\System32\drivers\hidir.sys
19:02:13.0030 4592 C:\Windows\System32\drivers\hidir.sys - ok
19:02:13.0030 4592 [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC ] C:\Windows\System32\drivers\HpSAMD.sys
19:02:13.0030 4592 C:\Windows\System32\drivers\HpSAMD.sys - ok
19:02:13.0030 4592 [ F7A256EC899C72B4ECDD2C02CB592EFD ] C:\Windows\System32\bthprops.cpl
19:02:13.0030 4592 C:\Windows\System32\bthprops.cpl - ok
19:02:13.0030 4592 [ FA55C73D4AFFA7EE23AC4BE53B4592D3 ] C:\Windows\System32\drivers\i8042prt.sys
19:02:13.0030 4592 C:\Windows\System32\drivers\i8042prt.sys - ok
19:02:13.0030 4592 [ AAAF44DB3BD0B9D1FB6969B23ECC8366 ] C:\Windows\System32\drivers\iaStorV.sys
19:02:13.0030 4592 C:\Windows\System32\drivers\iaStorV.sys - ok
19:02:13.0045 4592 [ 5988FC40F8DB5B0739CD1E3A5D0D78BD ] C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
19:02:13.0045 4592 C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe - ok
19:02:13.0045 4592 [ 8911702CC546B76FE8F9C61987C68C43 ] C:\Program Files (x86)\Internet Explorer\ielowutil.exe
19:02:13.0045 4592 C:\Program Files (x86)\Internet Explorer\ielowutil.exe - ok
19:02:13.0045 4592 [ 5C18831C61933628F5BB0EA2675B9D21 ] C:\Windows\System32\drivers\iirsp.sys
19:02:13.0045 4592 C:\Windows\System32\drivers\iirsp.sys - ok
19:02:13.0045 4592 [ F00F20E70C6EC3AA366910083A0518AA ] C:\Windows\System32\drivers\intelide.sys
19:02:13.0045 4592 C:\Windows\System32\drivers\intelide.sys - ok
19:02:13.0061 4592 [ ADA036632C664CAA754079041CF1F8C1 ] C:\Windows\System32\drivers\intelppm.sys
19:02:13.0061 4592 C:\Windows\System32\drivers\intelppm.sys - ok
19:02:13.0061 4592 [ 92DBF0A4C9239169010FC6E07859C82E ] C:\Windows\System32\ActionCenter.dll
19:02:13.0061 4592 C:\Windows\System32\ActionCenter.dll - ok
19:02:13.0061 4592 [ C9F0E1BD74365A8771590E9008D22AB6 ] C:\Windows\System32\drivers\ipfltdrv.sys
19:02:13.0061 4592 C:\Windows\System32\drivers\ipfltdrv.sys - ok
19:02:13.0061 4592 [ 0FC1AEA580957AA8817B8F305D18CA3A ] C:\Windows\System32\drivers\IPMIDrv.sys
19:02:13.0061 4592 C:\Windows\System32\drivers\IPMIDrv.sys - ok
19:02:13.0061 4592 [ AF9B39A7E7B6CAA203B3862582E9F2D0 ] C:\Windows\System32\drivers\ipnat.sys
19:02:13.0061 4592 C:\Windows\System32\drivers\ipnat.sys - ok
19:02:13.0077 4592 [ 2F7B28DC3E1183E5EB418DF55C204F38 ] C:\Windows\System32\drivers\isapnp.sys
19:02:13.0077 4592 C:\Windows\System32\drivers\isapnp.sys - ok
19:02:13.0077 4592 [ D931D7309DEB2317035B07C9F9E6B0BD ] C:\Windows\System32\drivers\msiscsi.sys
19:02:13.0077 4592 C:\Windows\System32\drivers\msiscsi.sys - ok
19:02:13.0077 4592 [ 423982DD851406A52B6399DDB196C606 ] C:\Windows\System32\wmdrmdev.dll
19:02:13.0077 4592 C:\Windows\System32\wmdrmdev.dll - ok
19:02:13.0077 4592 [ 2C1055E2C6D42753241FB2A129136994 ] C:\Windows\System32\drmv2clt.dll
19:02:13.0077 4592 C:\Windows\System32\drmv2clt.dll - ok
19:02:13.0077 4592 [ 522B0466ED967A0762E9AF5B37D8F40A ] C:\Windows\System32\esent.dll
19:02:13.0077 4592 C:\Windows\System32\esent.dll - ok
19:02:13.0092 4592 [ 97A7070AEA4C058B6418519E869A63B4 ] C:\Windows\System32\drivers\ksecdd.sys
19:02:13.0092 4592 C:\Windows\System32\drivers\ksecdd.sys - ok
19:02:13.0092 4592 [ 7EFB9333E4ECCE6AE4AE9D777D9E553E ] C:\Windows\System32\drivers\ksecpkg.sys
19:02:13.0092 4592 C:\Windows\System32\drivers\ksecpkg.sys - ok
19:02:13.0092 4592 [ 62CBF36E3E10BAA74224BC7A6DD998B5 ] C:\Program Files (x86)\Internet Explorer\ieproxy.dll
19:02:13.0092 4592 C:\Program Files (x86)\Internet Explorer\ieproxy.dll - ok
19:02:13.0092 4592 [ 8130391F82D52D36C0441F714136957F ] C:\Windows\System32\imapi2.dll
19:02:13.0092 4592 C:\Windows\System32\imapi2.dll - ok
19:02:13.0092 4592 [ 1A93E54EB0ECE102495A51266DCDB6A6 ] C:\Windows\System32\drivers\lsi_fc.sys
19:02:13.0092 4592 C:\Windows\System32\drivers\lsi_fc.sys - ok
19:02:13.0108 4592 [ 1047184A9FDC8BDBFF857175875EE810 ] C:\Windows\System32\drivers\lsi_sas.sys
19:02:13.0108 4592 C:\Windows\System32\drivers\lsi_sas.sys - ok
19:02:13.0108 4592 [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93 ] C:\Windows\System32\drivers\lsi_sas2.sys
19:02:13.0108 4592 C:\Windows\System32\drivers\lsi_sas2.sys - ok
19:02:13.0108 4592 [ 0504EACAFF0D3C8AED161C4B0D369D4A ] C:\Windows\System32\drivers\lsi_scsi.sys
19:02:13.0108 4592 C:\Windows\System32\drivers\lsi_scsi.sys - ok
19:02:13.0108 4592 [ A55805F747C6EDB6A9080D7C633BD0F4 ] C:\Windows\System32\drivers\megasas.sys
19:02:13.0108 4592 C:\Windows\System32\drivers\megasas.sys - ok
19:02:13.0108 4592 [ BAF74CE0072480C3B6B7C13B2A94D6B3 ] C:\Windows\System32\drivers\MegaSR.sys
19:02:13.0108 4592 C:\Windows\System32\drivers\MegaSR.sys - ok
19:02:13.0108 4592 [ 800BA92F7010378B09F9ED9270F07137 ] C:\Windows\System32\drivers\modem.sys
19:02:13.0108 4592 C:\Windows\System32\drivers\modem.sys - ok
19:02:13.0123 4592 [ 730A519505621DF46BCBF9CDAC9FB6AD ] C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
19:02:13.0123 4592 C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe - ok
19:02:13.0123 4592 [ A44B420D30BD56E145D6A2BC8768EC58 ] C:\Windows\System32\drivers\mpio.sys
19:02:13.0123 4592 C:\Windows\System32\drivers\mpio.sys - ok
19:02:13.0123 4592 [ DC722758B8261E1ABAFD31A3C0A66380 ] C:\Windows\System32\drivers\mrxdav.sys
19:02:13.0123 4592 C:\Windows\System32\drivers\mrxdav.sys - ok
19:02:13.0123 4592 [ C25F0BAFA182CBCA2DD3C851C2E75796 ] C:\Windows\System32\drivers\msahci.sys
19:02:13.0123 4592 C:\Windows\System32\drivers\msahci.sys - ok
19:02:13.0123 4592 [ DB801A638D011B9633829EB6F663C900 ] C:\Windows\System32\drivers\msdsm.sys
19:02:13.0123 4592 C:\Windows\System32\drivers\msdsm.sys - ok
19:02:13.0139 4592 [ DE0ECE52236CFA3ED2DBFC03F28253A8 ] C:\Windows\System32\msdtc.exe
19:02:13.0139 4592 C:\Windows\System32\msdtc.exe - ok
19:02:13.0139 4592 [ D916874BBD4F8B07BFB7FA9B3CCAE29D ] C:\Windows\System32\drivers\msisadrv.sys
19:02:13.0139 4592 C:\Windows\System32\drivers\msisadrv.sys - ok
19:02:13.0139 4592 [ 97A891E2BF7FDA830BCFC6269DA3F5E9 ] C:\Windows\System32\blackbox.dll
19:02:13.0139 4592 C:\Windows\System32\blackbox.dll - ok
19:02:13.0139 4592 [ EEE470F2A771FC0B543BDEEF74FCECA0 ] C:\Windows\SysWOW64\msiexec.exe
19:02:13.0139 4592 C:\Windows\SysWOW64\msiexec.exe - ok
19:02:13.0139 4592 [ 49CCF2C4FEA34FFAD8B1B59D49439366 ] C:\Windows\System32\drivers\mskssrv.sys
19:02:13.0139 4592 C:\Windows\System32\drivers\mskssrv.sys - ok
19:02:13.0139 4592 [ BDD71ACE35A232104DDD349EE70E1AB3 ] C:\Windows\System32\drivers\mspclock.sys
19:02:13.0139 4592 C:\Windows\System32\drivers\mspclock.sys - ok
19:02:13.0139 4592 [ 4ED981241DB27C3383D72092B618A1D0 ] C:\Windows\System32\drivers\mspqm.sys
19:02:13.0139 4592 C:\Windows\System32\drivers\mspqm.sys - ok
19:02:13.0155 4592 [ 2E66F9ECB30B4221A318C92AC2250779 ] C:\Windows\System32\drivers\mstee.sys
19:02:13.0155 4592 C:\Windows\System32\drivers\mstee.sys - ok
19:02:13.0155 4592 [ 7EA404308934E675BFFDE8EDF0757BCD ] C:\Windows\System32\drivers\MTConfig.sys
19:02:13.0155 4592 C:\Windows\System32\drivers\MTConfig.sys - ok
19:02:13.0155 4592 [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC ] C:\Windows\System32\drivers\ndiscap.sys
19:02:13.0155 4592 C:\Windows\System32\drivers\ndiscap.sys - ok
19:02:13.0155 4592 [ 3E5A36127E201DDF663176B66828FAFE ] C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe
19:02:13.0155 4592 C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe - ok
19:02:13.0155 4592 [ 1EB82516F21F27EED1833B4F9FD9614E ] C:\Windows\System32\wmp.dll
19:02:13.0155 4592 C:\Windows\System32\wmp.dll - ok
19:02:13.0170 4592 [ 77889813BE4D166CDAB78DDBA990DA92 ] C:\Windows\System32\drivers\nfrd960.sys
19:02:13.0170 4592 C:\Windows\System32\drivers\nfrd960.sys - ok
19:02:13.0170 4592 [ 0A92CB65770442ED0DC44834632F66AD ] C:\Windows\System32\drivers\nvraid.sys
19:02:13.0170 4592 C:\Windows\System32\drivers\nvraid.sys - ok
19:02:13.0170 4592 [ DAB0E87525C10052BF65F06152F37E4A ] C:\Windows\System32\drivers\nvstor.sys
19:02:13.0170 4592 C:\Windows\System32\drivers\nvstor.sys - ok
19:02:13.0170 4592 [ 270D7CD42D6E3979F6DD0146650F0E05 ] C:\Windows\System32\drivers\NV_AGP.SYS
19:02:13.0170 4592 C:\Windows\System32\drivers\NV_AGP.SYS - ok
19:02:13.0170 4592 [ 3589478E4B22CE21B41FA1BFC0B8B8A0 ] C:\Windows\System32\drivers\ohci1394.sys
19:02:13.0170 4592 C:\Windows\System32\drivers\ohci1394.sys - ok
19:02:13.0186 4592 [ 0086431C29C35BE1DBC43F52CC273887 ] C:\Windows\System32\drivers\parport.sys
19:02:13.0186 4592 C:\Windows\System32\drivers\parport.sys - ok
19:02:13.0186 4592 [ 94575C0571D1462A0F70BDE6BD6EE6B3 ] C:\Windows\System32\drivers\pci.sys
19:02:13.0186 4592 C:\Windows\System32\drivers\pci.sys - ok
19:02:13.0186 4592 [ B5B8B5EF2E5CB34DF8DCF8831E3534FA ] C:\Windows\System32\drivers\pciide.sys
19:02:13.0186 4592 C:\Windows\System32\drivers\pciide.sys - ok
19:02:13.0186 4592 [ B2E81D4E87CE48589F98CB8C05B01F2F ] C:\Windows\System32\drivers\pcmcia.sys
19:02:13.0186 4592 C:\Windows\System32\drivers\pcmcia.sys - ok
19:02:13.0186 4592 [ D6B9C2E1A11A3A4B26A182FFEF18F603 ] C:\Windows\System32\drivers\pcw.sys
19:02:13.0186 4592 C:\Windows\System32\drivers\pcw.sys - ok
19:02:13.0201 4592 [ E495E408C93141E8FC72DC0C6046DDFA ] C:\Windows\SysWOW64\perfhost.exe
19:02:13.0201 4592 C:\Windows\SysWOW64\perfhost.exe - ok
19:02:13.0201 4592 [ 0D922E23C041EFB1C3FAC2A6F943C9BF ] C:\Windows\System32\drivers\processr.sys
19:02:13.0201 4592 C:\Windows\System32\drivers\processr.sys - ok
19:02:13.0201 4592 [ A53A15A11EBFD21077463EE2C7AFEEF0 ] C:\Windows\System32\drivers\ql2300.sys
19:02:13.0201 4592 C:\Windows\System32\drivers\ql2300.sys - ok
19:02:13.0201 4592 [ 4F6D12B51DE1AAEFF7DC58C4D75423C8 ] C:\Windows\System32\drivers\ql40xx.sys
19:02:13.0201 4592 C:\Windows\System32\drivers\ql40xx.sys - ok
19:02:13.0201 4592 [ 5A0DA8AD5762FA2D91678A8A01311704 ] C:\Windows\System32\drivers\rasacd.sys
19:02:13.0201 4592 C:\Windows\System32\drivers\rasacd.sys - ok
19:02:13.0217 4592 [ 355A138ABDFD43FBABCAE3A1B06AB93D ] C:\Windows\System32\wmpps.dll
19:02:13.0217 4592 C:\Windows\System32\wmpps.dll - ok
19:02:13.0217 4592 [ 1B6163C503398B23FF8B939C67747683 ] C:\Windows\System32\drivers\rdpdr.sys
19:02:13.0217 4592 C:\Windows\System32\drivers\rdpdr.sys - ok
19:02:13.0217 4592 [ 313F68E1A3E6345A4F47A36B07062F34 ] C:\Windows\System32\drivers\rdpvideominiport.sys
19:02:13.0217 4592 C:\Windows\System32\drivers\rdpvideominiport.sys - ok
19:02:13.0217 4592 [ 34ED295FA0121C241BFEF24764FC4520 ] C:\Windows\System32\drivers\rdyboost.sys
19:02:13.0217 4592 C:\Windows\System32\drivers\rdyboost.sys - ok
19:02:13.0233 4592 [ E60C0A09F997826C7627B244195AB581 ] C:\Windows\System32\drivers\vms3cap.sys
19:02:13.0233 4592 C:\Windows\System32\drivers\vms3cap.sys - ok
19:02:13.0233 4592 [ AC03AF3329579FFFB455AA2DAABBE22B ] C:\Windows\System32\drivers\sbp2port.sys
19:02:13.0233 4592 C:\Windows\System32\drivers\sbp2port.sys - ok
19:02:13.0233 4592 [ 1C545A7D0691CC4A027396535691C3E3 ] C:\Windows\System32\drivers\sermouse.sys
19:02:13.0233 4592 C:\Windows\System32\drivers\sermouse.sys - ok
19:02:13.0233 4592 [ A554811BCD09279536440C964AE35BBF ] C:\Windows\System32\drivers\sffdisk.sys
19:02:13.0233 4592 C:\Windows\System32\drivers\sffdisk.sys - ok
19:02:13.0233 4592 [ FF414F0BAEFEBA59BC6C04B3DB0B87BF ] C:\Windows\System32\drivers\sffp_mmc.sys
19:02:13.0233 4592 C:\Windows\System32\drivers\sffp_mmc.sys - ok
19:02:13.0248 4592 [ DD85B78243A19B59F0637DCF284DA63C ] C:\Windows\System32\drivers\sffp_sd.sys
19:02:13.0248 4592 C:\Windows\System32\drivers\sffp_sd.sys - ok
19:02:13.0248 4592 [ A9D601643A1647211A1EE2EC4E433FF4 ] C:\Windows\System32\drivers\sfloppy.sys
19:02:13.0248 4592 C:\Windows\System32\drivers\sfloppy.sys - ok
19:02:13.0248 4592 [ 843CAF1E5FDE1FFD5FF768F23A51E2E1 ] C:\Windows\System32\drivers\sisraid2.sys
19:02:13.0248 4592 C:\Windows\System32\drivers\sisraid2.sys - ok
19:02:13.0248 4592 [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4 ] C:\Windows\System32\drivers\sisraid4.sys
19:02:13.0248 4592 C:\Windows\System32\drivers\sisraid4.sys - ok
19:02:13.0248 4592 [ 548260A7B8654E024DC30BF8A7C5BAA4 ] C:\Windows\System32\drivers\smb.sys
19:02:13.0248 4592 C:\Windows\System32\drivers\smb.sys - ok
19:02:13.0264 4592 [ F3817967ED533D08327DC73BC4D5542A ] C:\Windows\System32\drivers\stexstor.sys
19:02:13.0264 4592 C:\Windows\System32\drivers\stexstor.sys - ok
19:02:13.0264 4592 [ 7785DC213270D2FC066538DAF94087E7 ] C:\Windows\System32\drivers\vmstorfl.sys
19:02:13.0264 4592 C:\Windows\System32\drivers\vmstorfl.sys - ok
19: