Results of system analysis

Process List

File name	PID	Description	Copyright	MD5	Information
c:\program files (x86)\asus\aahm\1.00.31\aahmsvc.exe Script: Quarantine, Delete, Delete via BC, Terminate	3156			FC3AAD3BE7CE68A79D18D2C598EC3F8E	952,96 kb, RsAh,created: 22.06.2018 16:46:59,modified: 01.06.2017 16:24:11 Command line: "C:\Program Files (x86)\ASUS\AAHM\1.00.31\aaHMSvc.exe"
C:\Program Files (x86)\ASUS\AAHM\1.00.31\aaHMSvc.exe 22.06.2018 16:46:59, modified: 01.06.2017 16:24:11 Script: Quarantine, Delete, Delete via BC	4194304			FC3AAD3BE7CE68A79D18D2C598EC3F8E	no
c:\program files (x86)\asus\ai suite iii\aisuite3.exe Script: Quarantine, Delete, Delete via BC, Terminate	3328			55499805508D7C276912466E49CF150E	1998,46 kb, rsAh,created: 22.06.2018 16:47:10,modified: 20.06.2017 07:57:56 Command line: "C:\Program Files (x86)\ASUS\AI Suite III\AISuite3.exe" -schedule
C:\Program Files (x86)\ASUS\AI Suite III\AISuite3.exe 22.06.2018 16:47:10, modified: 20.06.2017 07:57:56 Script: Quarantine, Delete, Delete via BC	4194304			55499805508D7C276912466E49CF150E	no
C:\Program Files (x86)\ASUS\AI Suite III\System Information\SystemInfo.dll 22.06.2018 16:49:05, modified: 04.06.2017 00:41:10 Script: Quarantine, Delete, Delete via BC	65798144			EC9771F06477B079214B117FD86EF9C0	no
C:\Program Files (x86)\ASUS\AI Suite III\File Transfer\WiFiGO.dll 22.06.2018 16:48:26, modified: 02.03.2017 15:28:54 Script: Quarantine, Delete, Delete via BC	68288512			7784312B07BD6C2AA1FCC5AB44D40D24	no
C:\Program Files (x86)\ASUS\AI Suite III\EZ Update\EasyUpdt.dll 22.06.2018 16:48:14, modified: 17.05.2017 00:07:04 Script: Quarantine, Delete, Delete via BC	71172096			E4F11D80BAA91E6BAEC688A11DA39303	no
C:\Program Files (x86)\ASUS\AI Suite III\DIP4\dip4.dll 22.06.2018 16:47:55, modified: 25.06.2017 23:30:04 Script: Quarantine, Delete, Delete via BC	73728000			E723F42DDEBBF140F779D0212B15E4B4	no
C:\Program Files (x86)\ASUS\VGA COM\2.00.00\AsusGpuTweak.dll 22.06.2018 16:47:39, modified: 01.06.2017 17:39:18 Script: Quarantine, Delete, Delete via BC	1683619840	TODO: <File description>	TODO: (c) <Company name>. All rights reserved.	168ACA1495389EEB9F539FDC10E3AFD3	no
C:\Program Files (x86)\ASUS\VGA COM\2.00.00\Exeio.dll 22.06.2018 16:47:39, modified: 01.06.2017 17:39:18 Script: Quarantine, Delete, Delete via BC	65011712	Exeio DLL	ASUS (C) 2014	94BA4D26BF3188C818426901AF523320	no
C:\Program Files (x86)\ASUS\VGA COM\2.00.00\EIO.DLL 22.06.2018 16:47:39, modified: 01.06.2017 17:39:18 Script: Quarantine, Delete, Delete via BC	81788928	I2C	Copyright 2017	60FE20223FEC31EF397807FD6FB2547E	no
C:\Program Files (x86)\ASUS\AAHM\1.00.31\aaHMLib.dll 22.06.2018 16:46:59, modified: 01.06.2017 16:24:11 Script: Quarantine, Delete, Delete via BC	122224640			A99FEFBB314F1F08FADA5FFCC702B7A6	no
C:\Program Files (x86)\ASUS\AI Suite III\DIP4\FanInfofromProtocol.dll 22.06.2018 16:47:56, modified: 08.06.2017 01:58:24 Script: Quarantine, Delete, Delete via BC	191430656			E677659DE4C10F6A05F0F078CD075ED7	no
C:\Program Files (x86)\ASUS\AI Suite III\DIP4\DIP4FanCalibration.dll 22.06.2018 16:47:55, modified: 10.06.2017 07:13:34 Script: Quarantine, Delete, Delete via BC	446889984			651720D9DB0548997C2459F8AC61D42E	no
c:\program files (x86)\asus\asus rog connect plus\rc tweakit server\asbclk.exe Script: Quarantine, Delete, Delete via BC, Terminate	4532	BCLK Application	Copyright (C) 2015	F801C678E8387B024888C96D1C27D6B1	7300,46 kb, rsAh,created: 22.06.2018 17:01:46,modified: 16.06.2017 08:35:18 Command line: "C:\Program Files (x86)\ASUS\ASUS ROG Connect Plus\RC TweakIt Server\AsBCLK.exe"
C:\Program Files (x86)\ASUS\ASUS ROG Connect Plus\RC TweakIt Server\AsBCLK.exe 22.06.2018 17:01:46, modified: 16.06.2017 08:35:18 Script: Quarantine, Delete, Delete via BC	4194304	BCLK Application	Copyright (C) 2015	F801C678E8387B024888C96D1C27D6B1	no
c:\program files (x86)\asus\ai suite iii\aspowerbar\aspowerbar.exe Script: Quarantine, Delete, Delete via BC, Terminate	10992			9BFB269241C71F1C819D8B3F64253E9C	1839,46 kb, rsAh,created: 22.06.2018 16:47:10,modified: 20.06.2017 08:21:22 Command line: "C:\Program Files (x86)\ASUS\AI Suite III\AsPowerBar\AsPowerBar.exe"
C:\Program Files (x86)\ASUS\AI Suite III\AsPowerBar\AsPowerBar.exe 22.06.2018 16:47:10, modified: 20.06.2017 08:21:22 Script: Quarantine, Delete, Delete via BC	3211264			9BFB269241C71F1C819D8B3F64253E9C	no
c:\program files (x86)\lightingservice\1.00.14\asrogauragpudllserver.exe Script: Quarantine, Delete, Delete via BC, Terminate	3724			C91303B8D70F976077440AB8A4CAE80A	273,96 kb, RsAh,created: 22.06.2018 17:13:18,modified: 06.07.2017 05:37:40 Command line: "C:\Program Files (x86)\LightingService\1.00.14\AsRogAuraGpuDllServer.exe"
C:\Program Files (x86)\LightingService\1.00.14\AsRogAuraGpuDllServer.exe 22.06.2018 17:13:18, modified: 06.07.2017 05:37:40 Script: Quarantine, Delete, Delete via BC	8781824			C91303B8D70F976077440AB8A4CAE80A	no
c:\program files (x86)\asus\asusfancontrolservice\2.00.16\asusfancontrolservice.exe Script: Quarantine, Delete, Delete via BC, Terminate	3816	ASUS Motherboard Fan Control Service	ASUSTeK Computer Inc. All rights reserved.	2FAA0087BE241F62C6BD9A2DC60437FD	1803,96 kb, RsAh,created: 22.06.2018 16:47:49,modified: 23.06.2017 08:54:54 Command line: "C:\Program Files (x86)\ASUS\AsusFanControlService\2.00.16\AsusFanControlService.exe"
C:\Program Files (x86)\ASUS\AsusFanControlService\2.00.16\AsusFanControlService.exe 22.06.2018 16:47:49, modified: 23.06.2017 08:54:54 Script: Quarantine, Delete, Delete via BC	12451840	ASUS Motherboard Fan Control Service	ASUSTeK Computer Inc. All rights reserved.	2FAA0087BE241F62C6BD9A2DC60437FD	no
C:\Program Files (x86)\ASUS\AsusFanControlService\2.00.16\MSVCP140D.dll 22.06.2018 16:47:50, modified: 05.05.2017 08:39:37 Script: Quarantine, Delete, Delete via BC	1941307392	Microsoft® C Runtime Library	© Microsoft Corporation. All rights reserved.	4106016B316C26206A2F91351AF97992	no
C:\Program Files (x86)\ASUS\AsusFanControlService\2.00.16\libprotobufd.dll 22.06.2018 16:47:49, modified: 05.05.2017 08:39:37 Script: Quarantine, Delete, Delete via BC	1942093824			A7041DB8BA871891CCBE055E13A19834	no
C:\Program Files (x86)\ASUS\AsusFanControlService\2.00.16\VCRUNTIME140D.dll 22.06.2018 16:47:50, modified: 05.05.2017 08:39:37 Script: Quarantine, Delete, Delete via BC	1941110784	Microsoft® C Runtime Library	© Microsoft Corporation. All rights reserved.	1443BA62D2EB61DF66D3E1CF30ABC504	no
C:\Program Files (x86)\ASUS\AsusFanControlService\2.00.16\ucrtbased.dll 22.06.2018 16:47:50, modified: 05.05.2017 08:39:37 Script: Quarantine, Delete, Delete via BC	1939537920	Microsoft® C Runtime Library	© Microsoft Corporation. All rights reserved.	353EE0536A0CE2574C85E8A702926FA6	no
C:\Program Files (x86)\ASUS\AsusFanControlService\2.00.16\ACPIWMI.dll 22.06.2018 16:47:49, modified: 11.04.2017 09:43:09 Script: Quarantine, Delete, Delete via BC	1845297152	ASUS WMI Interface	ASUSTeK COMPUTER INC.	05B8E7B1FC0609F5A323C0B8F9534D40	no
c:\program files (x86)\asus\ai suite iii\file transfer\wi-fi go! assisttool\asusrelayws.exe Script: Quarantine, Delete, Delete via BC, Terminate	10660	ASUSWSAgent	Copyright © 2012	CC19C74542F26DC02A8B6A1F98A8C603	37,30 kb, rsAh,created: 22.06.2018 16:48:33,modified: 30.06.2016 16:50:24 Command line:
c:\program files (x86)\asus\axsp\2.00.08\atkexcomsvc.exe Script: Quarantine, Delete, Delete via BC, Terminate	4080	ASUS Com Service	ASUSTeK Computer Inc. All rights reserved.	67CEAF8FF6C4B8F1FDDCAB71D40F8414	401,46 kb, RsAh,created: 22.06.2018 16:46:58,modified: 15.06.2017 11:57:01 Command line: "C:\Program Files (x86)\ASUS\AXSP\2.00.08\atkexComSvc.exe"
C:\Program Files (x86)\ASUS\AXSP\2.00.08\atkexComSvc.exe 22.06.2018 16:46:58, modified: 15.06.2017 11:57:01 Script: Quarantine, Delete, Delete via BC	2752512	ASUS Com Service	ASUSTeK Computer Inc. All rights reserved.	67CEAF8FF6C4B8F1FDDCAB71D40F8414	no
C:\Program Files (x86)\ASUS\AXSP\2.00.08\ATKEX.dll 22.06.2018 16:46:58, modified: 15.06.2017 11:56:49 Script: Quarantine, Delete, Delete via BC	1948254208			4AA6CCB2073FAE978443359A5F483662	no
C:\Program Files (x86)\ASUS\AXSP\2.00.08\PEbiosinterface32.dll 22.06.2018 16:46:59, modified: 22.06.2018 17:50:35 Script: Quarantine, Delete, Delete via BC	35258368			CE6CDB16DA9008845C9CB9C6C8DE7BEB	no
c:\program files (x86)\kaspersky lab\kaspersky total security 19.0.0\avpui.exe Script: Quarantine, Delete, Delete via BC, Terminate	8364	Kaspersky Anti-Virus	© 2018 AO Kaspersky Lab. All Rights Reserved.	5DA665A9DFAEAB9F16AB40717D7C988C	330,30 kb, rsAh,created: 22.06.2018 16:04:19,modified: 22.06.2018 16:04:19 Command line:
C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 19.0.0\avpui.exe 22.06.2018 16:04:19, modified: 22.06.2018 16:04:19 Script: Quarantine, Delete, Delete via BC	11272192	Kaspersky Anti-Virus	© 2018 AO Kaspersky Lab. All Rights Reserved.	5DA665A9DFAEAB9F16AB40717D7C988C	no
C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 19.0.0\ushata.dll 22.06.2018 16:04:15, modified: 22.06.2018 16:04:15 Script: Quarantine, Delete, Delete via BC	1937047552	Ushata module	© 2018 AO Kaspersky Lab. All Rights Reserved.	7A1FADDB35F4C741AB183B9592E1A744	no
C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 19.0.0\avpuimain.dll 22.06.2018 16:04:19, modified: 22.06.2018 16:04:19 Script: Quarantine, Delete, Delete via BC	1803681792	Kaspersky Anti-Virus	© 2018 AO Kaspersky Lab. All Rights Reserved.	137D4AC8712695DB0B40B9D8D47DE94E	no
C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 19.0.0\product_info.dll 22.06.2018 16:04:20, modified: 22.06.2018 16:04:20 Script: Quarantine, Delete, Delete via BC	1933377536	Kaspersky Product Info library	© 2018 AO Kaspersky Lab. All Rights Reserved.	DDAB0BFA6F8DA939C65ED6E59D69EBC4	no
C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 19.0.0\DumpWriter.dll 22.06.2018 16:04:15, modified: 22.06.2018 16:04:15 Script: Quarantine, Delete, Delete via BC	1929248768	Kaspersky Dump Writer DLL	© 2018 AO Kaspersky Lab. All Rights Reserved.	4EB27E2FA94A1BDFCBF7718C2FAFBCEF	no
C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 19.0.0\prremote.DLL 22.06.2018 16:04:15, modified: 22.06.2018 16:04:15 Script: Quarantine, Delete, Delete via BC	1924136960	PR_REMOTE	© 2018 AO Kaspersky Lab. All Rights Reserved.	26C82B400A7FC89E0BEF8840CEB55535	no
C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 19.0.0\prcore.dll 22.06.2018 16:04:15, modified: 22.06.2018 16:04:15 Script: Quarantine, Delete, Delete via BC	1923743744	Prague Core	© 2018 AO Kaspersky Lab. All Rights Reserved.	C803002A400349121EEA6F6CB3795D71	no
C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 19.0.0\winreg.ppl 22.06.2018 16:04:15, modified: 22.06.2018 16:04:15 Script: Quarantine, Delete, Delete via BC	1923022848	WINREG	© 2018 AO Kaspersky Lab. All Rights Reserved.	FA7490A91328E6EFBC652B72219EEF78	no
C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 19.0.0\pxstub.ppl 22.06.2018 16:04:15, modified: 22.06.2018 16:04:15 Script: Quarantine, Delete, Delete via BC	1922957312	Proxy Stubs	© 2018 AO Kaspersky Lab. All Rights Reserved.	AF1AD141285DC36C2D15CED67F8D9F3C	no
C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 19.0.0\params.ppl 22.06.2018 16:04:15, modified: 22.06.2018 16:04:15 Script: Quarantine, Delete, Delete via BC	1921646592	Structure Serializer	© 2018 AO Kaspersky Lab. All Rights Reserved.	64997AE242C3B434C664AFAB828840F7	no
C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 19.0.0\instrumental_services.dll 22.06.2018 16:04:15, modified: 22.06.2018 16:04:15 Script: Quarantine, Delete, Delete via BC	1925120000	Instrumental services	© 2018 AO Kaspersky Lab. All Rights Reserved.	344D42841F74F81230D020D187CD1D39	no
C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 19.0.0\dblite.dll 22.06.2018 16:04:15, modified: 22.06.2018 16:04:15 Script: Quarantine, Delete, Delete via BC	1924661248	SQLite is a software library that implements a self-contained, serverless, zero-configuration, transactional SQL database engine.	http://www.sqlite.org/copyright.html	FB6DFC240E9C83B0C9A1C844D52D83BD	no
C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 19.0.0\kl_service.dll 22.06.2018 16:04:15, modified: 22.06.2018 16:04:15 Script: Quarantine, Delete, Delete via BC	1802960896	Component service provider	© 2018 AO Kaspersky Lab. All Rights Reserved.	C836CF7CC1BB4B0394C2C36CF0A98B1E	no
C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 19.0.0\avpservice.dll 22.06.2018 16:04:15, modified: 22.06.2018 16:04:15 Script: Quarantine, Delete, Delete via BC	1933115392	Kaspersky Anti-Virus Service library	© 2018 AO Kaspersky Lab. All Rights Reserved.	3A4A7BC77B631F3347EB635520A6C171	no
C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 19.0.0\product_metainfo.DLL 22.06.2018 16:04:15, modified: 22.06.2018 16:04:15 Script: Quarantine, Delete, Delete via BC	1916338176	Product Metainformation	© 2018 AO Kaspersky Lab. All Rights Reserved.	DD3EAF3EED29B0718E9B109FA9C56BFF	no
C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 19.0.0\sw_meta.DLL 22.06.2018 16:04:20, modified: 22.06.2018 16:04:20 Script: Quarantine, Delete, Delete via BC	1915944960	System Watcher Meta Information	© 2018 AO Kaspersky Lab. All Rights Reserved.	22618BC793B4E9951AEF38AE1E1742D1	no
C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 19.0.0\installation_assistant_meta.DLL 22.06.2018 16:04:19, modified: 22.06.2018 16:04:19 Script: Quarantine, Delete, Delete via BC	1915813888	Installation assistant meta	© 2018 AO Kaspersky Lab. All Rights Reserved.	F1322374254AE6ECCA16D8276231B1C4	no
C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 19.0.0\system_interceptors_meta.DLL 22.06.2018 16:04:20, modified: 22.06.2018 16:04:20 Script: Quarantine, Delete, Delete via BC	1915224064		© 2018 AO Kaspersky Lab. All Rights Reserved.	AD9E4C85134FEDBCB93D31702E3C3049	no
C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 19.0.0\KasperskyLab.Kis.UI.Loader.dll 22.06.2018 16:04:19, modified: 22.06.2018 16:04:19 Script: Quarantine, Delete, Delete via BC	1783627776	Loader	© 2018 AO Kaspersky Lab. All Rights Reserved.	2961E18227150049F77A4220E82AC2BF	no
C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 19.0.0\KasperskyLab.Platform.NativeInterop.dll 22.06.2018 16:04:19, modified: 22.06.2018 16:04:19 Script: Quarantine, Delete, Delete via BC	1756233728	Native interop assembly	© 2018 AO Kaspersky Lab. All Rights Reserved.	8BF8D6737E6A145F57B7160D3A2325B1	no
C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 19.0.0\plugins_meta.DLL 22.06.2018 16:04:20, modified: 22.06.2018 16:04:20 Script: Quarantine, Delete, Delete via BC	1915355136	Kaspersky plugins pdk meta	© 2018 AO Kaspersky Lab. All Rights Reserved.	27EA30E7BD14008EAC8D8E71C618FD5E	no
C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 19.0.0\instrumental_meta.DLL 22.06.2018 16:04:15, modified: 22.06.2018 16:04:15 Script: Quarantine, Delete, Delete via BC	1685651456	Instrumental Meta Library	© 2018 AO Kaspersky Lab. All Rights Reserved.	E1AA63792549BA60339DF3A013393998	no
C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 19.0.0\content_filtering_meta.DLL 22.06.2018 16:04:19, modified: 22.06.2018 16:04:19 Script: Quarantine, Delete, Delete via BC	1920139264	Kaspersky content filtering pdk meta	© 2018 AO Kaspersky Lab. All Rights Reserved.	CDD28921D0FA33D7535BFBF3A97FAC68	no
C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 19.0.0\vkbd.dll 22.06.2018 16:04:20, modified: 22.06.2018 16:04:20 Script: Quarantine, Delete, Delete via BC	1673134080	Virtual Keyboard	© 2018 AO Kaspersky Lab. All Rights Reserved.	2B661D25CB31A417DD0575DE561D5367	no
c:\users\stephx\appdata\local\temp\ukni0h0z.cz2\getsysteminfodllcache\avz\avz.exe Script: Quarantine, Delete, Delete via BC, Terminate	4544			42E9C2990E83EE5A0CA0EAE74A1EF485	6795,70 kb, rsAh,created: 22.06.2018 18:26:00,modified: 24.05.2018 12:43:21 Command line: "C:\Users\Stephx\AppData\Local\Temp\ukni0h0z.cz2\GetSystemInfoDllCache\avz\avz.exe" Script="C:\Users\Stephx\AppData\Local\Temp\ukni0h0z.cz2\GetSystemInfoDllCache\avz\asa.avz" HiddenMode="3" SpoolLog="C:\Users\Stephx\AppData\Local\Temp\ukni0h0z.cz2\GetSystemInfo\avz.log" TempFolder="C:\Users\Stephx\AppData\Local\Temp\ukni0h0z.cz2\GetSystemInfo\AvzTemp"
C:\Users\Stephx\AppData\Local\Temp\ukni0h0z.cz2\GetSystemInfoDllCache\avz\avz.exe 22.06.2018 18:26:00, modified: 24.05.2018 12:43:21 Script: Quarantine, Delete, Delete via BC	4194304			42E9C2990E83EE5A0CA0EAE74A1EF485	no
c:\program files (x86)\asus\ai suite iii\dip4\dipawaymode\dipawaymode.exe Script: Quarantine, Delete, Delete via BC, Terminate	4208			B7403911013C4FAFCCC2FF9DE6F0D8A9	1353,46 kb, rsAh,created: 22.06.2018 16:47:57,modified: 07.06.2017 00:25:04 Command line: "C:\Program Files (x86)\ASUS\AI Suite III\DIP4\DIPAwayMode\DipAwayMode.exe"
C:\Program Files (x86)\ASUS\AI Suite III\DIP4\DIPAwayMode\DipAwayMode.exe 22.06.2018 16:47:57, modified: 07.06.2017 00:25:04 Script: Quarantine, Delete, Delete via BC	4194304			B7403911013C4FAFCCC2FF9DE6F0D8A9	no
C:\Program Files (x86)\ASUS\AI Suite III\DIP4\DIPAwayMode\DIPDLL\DIP4cTDPAction.dll 22.06.2018 16:47:57, modified: 25.04.2017 22:51:24 Script: Quarantine, Delete, Delete via BC	54263808			4F481C99DA2C88E6C6B23DC82159B0BB	no
C:\Program Files (x86)\ASUS\AI Suite III\DIP4\DIPAwayMode\DIPDLL\DIP4DIGIPowerControlAction.dll 22.06.2018 16:47:57, modified: 14.04.2017 09:14:00 Script: Quarantine, Delete, Delete via BC	59375616			00CDCC36019A37DEA5B9BCA9E8A1B0BD	no
C:\Program Files (x86)\ASUS\AI Suite III\DIP4\DIPAwayMode\DIPDLL\DIP4FanAction.dll 22.06.2018 16:47:57, modified: 22.06.2017 23:54:56 Script: Quarantine, Delete, Delete via BC	62521344			A0071607FAD31DCA7B1D14634FC70696	no
C:\Program Files (x86)\ASUS\AI Suite III\DIP4\DIPAwayMode\DIPDLL\DIP4TurboVEVOAction.dll 22.06.2018 16:47:57, modified: 14.04.2017 09:14:00 Script: Quarantine, Delete, Delete via BC	66191360			364B9E1A7DCA20CBA259B2210183C377	no
c:\program files (x86)\wireless docking\dockingservice.exe Script: Quarantine, Delete, Delete via BC, Terminate	2884	DockingService	Copyright © Qualcomm 2015	A13F6C9EBBD3BA04E8FBF3FA2D275EC4	35,00 kb, rsAh,created: 11.07.2016 14:35:54,modified: 11.07.2016 14:35:54 Command line:
c:\program files (x86)\asus\ai suite iii\ez update\ezupdt.exe Script: Quarantine, Delete, Delete via BC, Terminate	5496			3267AC5296DC0E9240ADCFFED79F4103	1427,98 kb, rsAh,created: 22.06.2018 16:48:14,modified: 17.05.2017 00:09:14 Command line: "C:\Program Files (x86)\ASUS\AI Suite III\EZ Update\EzUpdt.exe" -onlytray
C:\Program Files (x86)\ASUS\AI Suite III\EZ Update\EzUpdt.exe 22.06.2018 16:48:14, modified: 17.05.2017 00:09:14 Script: Quarantine, Delete, Delete via BC	4194304			3267AC5296DC0E9240ADCFFED79F4103	no
C:\Program Files (x86)\ASUS\AI Suite III\EZ Update\EzULIB.dll 22.06.2018 16:48:14, modified: 05.05.2017 23:11:12 Script: Quarantine, Delete, Delete via BC	268435456			8422071228876B7863E723417C847119	no
C:\Program Files (x86)\ASUS\AI Suite III\EZ Update\UIImprovmentHelper.dll 22.06.2018 16:48:14, modified: 14.03.2017 11:24:40 Script: Quarantine, Delete, Delete via BC	1696595968			6074216F20D630963ED5638F7A70DC2C	no
c:\program files (x86)\asus\ai suite iii\file transfer\wi-fi go! assisttool\file transfer server.exe Script: Quarantine, Delete, Delete via BC, Terminate	10504	ASUS File Transfer Server	TODO: (c) <Company name>. All rights reserved.	4BD870612A5FFA4FC297F32DAE0D8793	8727,48 kb, rsAh,created: 22.06.2018 16:48:33,modified: 12.09.2016 16:08:22 Command line: "C:\Program Files (x86)\ASUS\AI Suite III\File Transfer\Wi-Fi GO! AssistTool\File Transfer Server.exe"
C:\Program Files (x86)\ASUS\AI Suite III\File Transfer\Wi-Fi GO! AssistTool\File Transfer Server.exe 22.06.2018 16:48:33, modified: 12.09.2016 16:08:22 Script: Quarantine, Delete, Delete via BC	4194304	ASUS File Transfer Server	TODO: (c) <Company name>. All rights reserved.	4BD870612A5FFA4FC297F32DAE0D8793	no
C:\Program Files (x86)\ASUS\AI Suite III\File Transfer\Wi-Fi GO! AssistTool\MirrorOpServiceSender.dll 22.06.2018 16:48:34, modified: 30.06.2016 16:50:18 Script: Quarantine, Delete, Delete via BC	268435456	MirrorOp Service Sender API	Copyright (C) 2014	F5507DBAA6C6AF382FC1F9EF9AE6B787	no
C:\Program Files (x86)\ASUS\AI Suite III\File Transfer\Wi-Fi GO! AssistTool\WiFiGO_HookKey.dll 22.06.2018 16:48:34, modified: 30.06.2016 16:50:16 Script: Quarantine, Delete, Delete via BC	58851328			FFC5CC9FFF8872B5E287B63D8B30832A	no
C:\Program Files (x86)\ASUS\AI Suite III\File Transfer\Wi-Fi GO! AssistTool\asusnatnl.dll 22.06.2018 16:48:33, modified: 30.06.2016 16:50:20 Script: Quarantine, Delete, Delete via BC	1344602112	ASUS NAT Tunnel Library	Copyright (C) 2014	3A1CA4DAA65FABD44FB8B37FBF3B79A4	no
c:\users\stephx\downloads\getsysteminfo6.2.exe Script: Quarantine, Delete, Delete via BC, Terminate	14940	Kaspersky Get System Info	?© 2018 AO Kaspersky Lab. All Rights Reserved.	3B5865B38366D4D16638B354F9EEFA1D	10935,83 kb, rsAh,created: 22.06.2018 18:24:35,modified: 22.06.2018 18:24:35 Command line: "C:\Users\Stephx\Downloads\GetSystemInfo6.2.exe"
C:\Users\Stephx\Downloads\GetSystemInfo6.2.exe 22.06.2018 18:24:35, modified: 22.06.2018 18:24:35 Script: Quarantine, Delete, Delete via BC	12648448	Kaspersky Get System Info	?© 2018 AO Kaspersky Lab. All Rights Reserved.	3B5865B38366D4D16638B354F9EEFA1D	no
c:\users\stephx\appdata\local\temp\seis\gsi.exe Script: Quarantine, Delete, Delete via BC, Terminate	14696	Kaspersky Get System Info	2018 AO Kaspersky Lab. All Rights Reserved.	11E5413BA184D8D2FA3B1C6DBAAA642E	1370,82 kb, rsAh,created: 22.06.2018 18:24:41,modified: 24.05.2018 12:43:19 Command line: C:\Users\Stephx\AppData\Local\Temp\seis\GSI.exe
C:\Users\Stephx\AppData\Local\Temp\seis\GSI.exe 22.06.2018 18:24:41, modified: 24.05.2018 12:43:19 Script: Quarantine, Delete, Delete via BC	13369344	Kaspersky Get System Info	2018 AO Kaspersky Lab. All Rights Reserved.	11E5413BA184D8D2FA3B1C6DBAAA642E	no
C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Drawing\233f1cb72840e3821479ae0a879ee0cb\System.Drawing.ni.dll 22.06.2018 16:15:06, modified: 22.06.2018 16:15:06 Script: Quarantine, Delete, Delete via BC	2054356992	.NET Framework	© Microsoft Corporation. All rights reserved.	DCFB8D4FC2AE8A321B30A065B8BCA26C	no
C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Windows.Forms\ad17832faa5f8d9e427f1d6b42642fb8\System.Windows.Forms.ni.dll 22.06.2018 16:15:10, modified: 22.06.2018 16:15:10 Script: Quarantine, Delete, Delete via BC	2058289152	.NET Framework	© Microsoft Corporation. All rights reserved.	A2A2A74DBDC735511E336989B72F1779	no
C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Xml\b219d4630d26b88041b59c21e8e2b95c\System.Xml.ni.dll Script: Quarantine, Delete, Delete via BC	1636696064	.NET Framework	© Microsoft Corporation. All rights reserved.	825E9B7D385424A89690B161D6517C6F	no
C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Configuration\8d67d92724ba494b6c7fd089d6f25b48\System.Configuration.ni.dll Script: Quarantine, Delete, Delete via BC	1610809344	System.Configuration.dll	© Microsoft Corporation. All rights reserved.	705C90CCD5F258A3B3AD090F3CDC4BD6	no
c:\program files\windowsapps\microsoft.windowscommunicationsapps_17.8827.22055.0_x64__8wekyb3d8bbwe\hxtsr.exe Script: Quarantine, Delete, Delete via BC, Terminate	2720	Microsoft Outlook Communications		F6A51F7C21A81C1BA24182E76413BE17	96,17 kb, rsAh,created: 12.04.2018 18:24:42,modified: 12.04.2018 18:24:42 Command line:
c:\windows\system32\iprosetmonitor.exe Script: Quarantine, Delete, Delete via BC, Terminate	3648	Intel® PROSet Monitoring Service	Copyright (C) 2015 Intel Corporation. All rights reserved.	C238848647F5F3BCCD600DD29ACFDB04	error getting file info Command line:
c:\program files (x86)\intel\intel(r) management engine components\dal\jhi_service.exe Script: Quarantine, Delete, Delete via BC, Terminate	6912	Intel(R) Dynamic Application Loader Host Interface	Copyright © 2010-2017, Intel Corporation. All rights reserved.	B358C0D03C59E31E646BE29C041119CC	192,10 kb, rsAh,created: 24.04.2017 11:01:22,modified: 24.04.2017 11:01:22 Command line: "C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe"
C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe Script: Quarantine, Delete, Delete via BC	8388608	Intel(R) Dynamic Application Loader Host Interface	Copyright © 2010-2017, Intel Corporation. All rights reserved.	B358C0D03C59E31E646BE29C041119CC	no
C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\TEETransport.dll Script: Quarantine, Delete, Delete via BC	1772290048	Intel(R) Dynamic Application Loader Host Interface Transport LIB	Copyright © 2010-2017, Intel Corporation. All rights reserved.	E956626639F81AC728E6A164B6D85778	no
c:\program files (x86)\asus\keybot ii\keybotii.exe Script: Quarantine, Delete, Delete via BC, Terminate	4564			DAE8930507A7D4BA66371286A81BC591	1658,46 kb, rsAh,created: 22.06.2018 17:10:00,modified: 06.04.2017 15:03:46 Command line: "C:\Program Files (x86)\ASUS\KeyBot II\KeyBotII.exe" -h
C:\Program Files (x86)\ASUS\KeyBot II\KeyBotII.exe 22.06.2018 17:10:00, modified: 06.04.2017 15:03:46 Script: Quarantine, Delete, Delete via BC	4194304			DAE8930507A7D4BA66371286A81BC591	no
C:\Program Files (x86)\ASUS\KeyBot II\ImageHelper.dll 22.06.2018 17:10:00, modified: 21.02.2017 13:36:26 Script: Quarantine, Delete, Delete via BC	60751872			4E7AB236BE98516AFD7450619011F390	no
c:\program files (x86)\kaspersky lab\kaspersky secure connection 3.0\ksde.exe Script: Quarantine, Delete, Delete via BC, Terminate	2276	Kaspersky Secure Connection	© 2018 AO Kaspersky Lab. All Rights Reserved.	7A9739BACA443BEF2838D7949E0C679F	602,55 kb, rsAh,created: 28.02.2018 23:37:30,modified: 28.02.2018 23:37:30 Command line: "C:\Program Files (x86)\Kaspersky Lab\Kaspersky Secure Connection 3.0\ksde.exe" -r
C:\Program Files (x86)\Kaspersky Lab\Kaspersky Secure Connection 3.0\ksde.exe Script: Quarantine, Delete, Delete via BC	13697024	Kaspersky Secure Connection	© 2018 AO Kaspersky Lab. All Rights Reserved.	7A9739BACA443BEF2838D7949E0C679F	no
C:\Program Files (x86)\Kaspersky Lab\Kaspersky Secure Connection 3.0\ushata.dll 22.06.2018 16:04:53, modified: 22.06.2018 16:04:53 Script: Quarantine, Delete, Delete via BC	1797259264	Ushata module	© 2018 AO Kaspersky Lab. All Rights Reserved.	7A1FADDB35F4C741AB183B9592E1A744	no
C:\Program Files (x86)\Kaspersky Lab\Kaspersky Secure Connection 3.0\product_info.dll 22.06.2018 16:04:54, modified: 22.06.2018 16:04:54 Script: Quarantine, Delete, Delete via BC	1851719680	Kaspersky Product Info library	© 2018 AO Kaspersky Lab. All Rights Reserved.	1FA17226DA2954FD5D3B649D943D3B69	no
C:\Program Files (x86)\Kaspersky Lab\Kaspersky Secure Connection 3.0\avpservice.dll 22.06.2018 16:04:52, modified: 22.06.2018 16:04:52 Script: Quarantine, Delete, Delete via BC	1706033152	Kaspersky Anti-Virus Service library	© 2018 AO Kaspersky Lab. All Rights Reserved.	3A4A7BC77B631F3347EB635520A6C171	no
C:\Program Files (x86)\Kaspersky Lab\Kaspersky Secure Connection 3.0\avpmain.dll 22.06.2018 16:04:52, modified: 22.06.2018 16:04:52 Script: Quarantine, Delete, Delete via BC	1716912128	Kaspersky Anti-Virus	© 2018 AO Kaspersky Lab. All Rights Reserved.	7742AE00FBFC4E466746ACB7475DFB81	no
C:\Program Files (x86)\Kaspersky Lab\Kaspersky Secure Connection 3.0\DumpWriter.dll 22.06.2018 16:04:52, modified: 22.06.2018 16:04:52 Script: Quarantine, Delete, Delete via BC	1727201280	Kaspersky Dump Writer DLL	© 2018 AO Kaspersky Lab. All Rights Reserved.	4EB27E2FA94A1BDFCBF7718C2FAFBCEF	no
C:\Program Files (x86)\Kaspersky Lab\Kaspersky Secure Connection 3.0\instrumental_services.dll 22.06.2018 16:04:52, modified: 22.06.2018 16:04:52 Script: Quarantine, Delete, Delete via BC	261750784	Instrumental services	© 2018 AO Kaspersky Lab. All Rights Reserved.	344D42841F74F81230D020D187CD1D39	no
C:\Program Files (x86)\Kaspersky Lab\Kaspersky Secure Connection 3.0\dblite.dll 22.06.2018 16:04:52, modified: 22.06.2018 16:04:52 Script: Quarantine, Delete, Delete via BC	1723334656	SQLite is a software library that implements a self-contained, serverless, zero-configuration, transactional SQL database engine.	http://www.sqlite.org/copyright.html	FB6DFC240E9C83B0C9A1C844D52D83BD	no
C:\Program Files (x86)\Kaspersky Lab\Kaspersky Secure Connection 3.0\prremote.DLL 22.06.2018 16:04:53, modified: 22.06.2018 16:04:53 Script: Quarantine, Delete, Delete via BC	261160960	PR_REMOTE	© 2018 AO Kaspersky Lab. All Rights Reserved.	26C82B400A7FC89E0BEF8840CEB55535	no
C:\Program Files (x86)\Kaspersky Lab\Kaspersky Secure Connection 3.0\prcore.dll 22.06.2018 16:04:52, modified: 22.06.2018 16:04:52 Script: Quarantine, Delete, Delete via BC	258932736	Prague Core	© 2018 AO Kaspersky Lab. All Rights Reserved.	C803002A400349121EEA6F6CB3795D71	no
C:\Program Files (x86)\Kaspersky Lab\Kaspersky Secure Connection 3.0\nfio.ppl 22.06.2018 16:04:52, modified: 22.06.2018 16:04:52 Script: Quarantine, Delete, Delete via BC	260505600	NFIO	© 2018 AO Kaspersky Lab. All Rights Reserved.	61AF7CCA9215337E17787096E0571D08	no
C:\Program Files (x86)\Kaspersky Lab\Kaspersky Secure Connection 3.0\winreg.ppl 22.06.2018 16:04:53, modified: 22.06.2018 16:04:53 Script: Quarantine, Delete, Delete via BC	1696006144	WINREG	© 2018 AO Kaspersky Lab. All Rights Reserved.	FA7490A91328E6EFBC652B72219EEF78	no
C:\Program Files (x86)\Kaspersky Lab\Kaspersky Secure Connection 3.0\pxstub.ppl 22.06.2018 16:04:53, modified: 22.06.2018 16:04:53 Script: Quarantine, Delete, Delete via BC	2011561984	Proxy Stubs	© 2018 AO Kaspersky Lab. All Rights Reserved.	AF1AD141285DC36C2D15CED67F8D9F3C	no
C:\Program Files (x86)\Kaspersky Lab\Kaspersky Secure Connection 3.0\params.ppl 22.06.2018 16:04:52, modified: 22.06.2018 16:04:52 Script: Quarantine, Delete, Delete via BC	1821048832	Structure Serializer	© 2018 AO Kaspersky Lab. All Rights Reserved.	64997AE242C3B434C664AFAB828840F7	no
C:\Program Files (x86)\Kaspersky Lab\Kaspersky Secure Connection 3.0\app_core_legacy.dll 22.06.2018 16:04:52, modified: 22.06.2018 16:04:52 Script: Quarantine, Delete, Delete via BC	266403840		© 2018 AO Kaspersky Lab. All Rights Reserved.	F142663C6226469123477166DF4C6204	no
C:\Program Files (x86)\Kaspersky Lab\Kaspersky Secure Connection 3.0\product_metainfo.dll 22.06.2018 16:04:53, modified: 22.06.2018 16:04:53 Script: Quarantine, Delete, Delete via BC	1775435776	Product Metainformation	© 2018 AO Kaspersky Lab. All Rights Reserved.	DD3EAF3EED29B0718E9B109FA9C56BFF	no
C:\Program Files (x86)\Kaspersky Lab\Kaspersky Secure Connection 3.0\storage.dll 22.06.2018 16:04:53, modified: 22.06.2018 16:04:53 Script: Quarantine, Delete, Delete via BC	253558784		© 2018 AO Kaspersky Lab. All Rights Reserved.	C90308015A19F8894E8E0AC5ADE51F57	no
C:\Program Files (x86)\Kaspersky Lab\Kaspersky Secure Connection 3.0\thpimpl.ppl 22.06.2018 16:04:53, modified: 22.06.2018 16:04:53 Script: Quarantine, Delete, Delete via BC	2008023040	Thread Pool	© 2018 AO Kaspersky Lab. All Rights Reserved.	8D698BF72C9A857555AE9FAF6493A299	no
C:\Program Files (x86)\Kaspersky Lab\Kaspersky Secure Connection 3.0\propmap.ppl 22.06.2018 16:04:53, modified: 22.06.2018 16:04:53 Script: Quarantine, Delete, Delete via BC	258736128	PROPMAP	© 2018 AO Kaspersky Lab. All Rights Reserved.	7CE150F30DBD65077F16449F0CBA0E78	no
C:\Program Files (x86)\Kaspersky Lab\Kaspersky Secure Connection 3.0\dtreg.ppl 22.06.2018 16:04:52, modified: 22.06.2018 16:04:52 Script: Quarantine, Delete, Delete via BC	260177920	DTREG	© 2018 AO Kaspersky Lab. All Rights Reserved.	AAB60DAB1E5481D08D1EF3F9AB1BAF8A	no
C:\Program Files (x86)\Kaspersky Lab\Kaspersky Secure Connection 3.0\bl_ksde.ppl 22.06.2018 16:04:54, modified: 22.06.2018 16:04:54 Script: Quarantine, Delete, Delete via BC	1814691840	KL Product Business Logic	© 2018 AO Kaspersky Lab. All Rights Reserved.	CA45B1133895B432B0553CC685B1FC40	no
C:\Program Files (x86)\Kaspersky Lab\Kaspersky Secure Connection 3.0\crypto_ssl_1_1.dll 22.06.2018 16:04:51, modified: 22.06.2018 18:15:41 Script: Quarantine, Delete, Delete via BC	40304640	OpenSSL shared library	Copyright 1998-2016 The OpenSSL Authors. All rights reserved.	6663C4F41B1E67D45FD5A8E4CA69C539	no
C:\Program Files (x86)\Kaspersky Lab\Kaspersky Secure Connection 3.0\cbi.dll Script: Quarantine, Delete, Delete via BC	1873870848	KAV CBI DLL	© 2018 AO Kaspersky Lab. All Rights Reserved.	4E241642AB5FDA98266C24DBAE7F0C32	no
C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 19.0.0\product_info.dll 22.06.2018 16:04:20, modified: 22.06.2018 16:04:20 Script: Quarantine, Delete, Delete via BC	1933377536	Kaspersky Product Info library	© 2018 AO Kaspersky Lab. All Rights Reserved.	DDAB0BFA6F8DA939C65ED6E59D69EBC4	no
C:\Program Files (x86)\Kaspersky Lab\Kaspersky Secure Connection 3.0\reportdb.ppl 22.06.2018 16:04:53, modified: 22.06.2018 16:04:53 Script: Quarantine, Delete, Delete via BC	260898816	Report DB System	© 2018 AO Kaspersky Lab. All Rights Reserved.	537B2DDB59AEC4AEA94B6266A771BB2B	no
C:\Program Files (x86)\Kaspersky Lab\Kaspersky Secure Connection 3.0\schedule.ppl 22.06.2018 16:04:53, modified: 22.06.2018 16:04:53 Script: Quarantine, Delete, Delete via BC	265748480	Scheduler	© 2018 AO Kaspersky Lab. All Rights Reserved.	CC99EA1487B6B26D0E2325B352C675C7	no
C:\Program Files (x86)\Kaspersky Lab\Kaspersky Secure Connection 3.0\regmap.ppl 22.06.2018 16:04:53, modified: 22.06.2018 16:04:53 Script: Quarantine, Delete, Delete via BC	1738276864	REGISTRY_MAPPER	© 2018 AO Kaspersky Lab. All Rights Reserved.	CB7FA9135C512642FFA4884655AF2D37	no
C:\Program Files (x86)\Kaspersky Lab\Kaspersky Secure Connection 3.0\timer.ppl 22.06.2018 16:04:53, modified: 22.06.2018 16:04:53 Script: Quarantine, Delete, Delete via BC	1743716352	Timer	© 2018 AO Kaspersky Lab. All Rights Reserved.	00ED79746F0200AA7B643CE17EF6E2FB	no
C:\Program Files (x86)\Kaspersky Lab\Kaspersky Secure Connection 3.0\ndetect.ppl 22.06.2018 16:04:52, modified: 22.06.2018 16:04:52 Script: Quarantine, Delete, Delete via BC	1818296320	Nertwork Detection	© 2018 AO Kaspersky Lab. All Rights Reserved.	E4B542213093DFBA102A258A393603F8	no
C:\Program Files (x86)\Kaspersky Lab\Kaspersky Secure Connection 3.0\ucp_agent.dll 22.06.2018 16:04:53, modified: 22.06.2018 16:04:53 Script: Quarantine, Delete, Delete via BC	69992448	UCP agent service	© 2018 AO Kaspersky Lab. All Rights Reserved.	801F26E618DA226A84672C7E24FD1810	no
C:\Program Files (x86)\Kaspersky Lab\Kaspersky Secure Connection 3.0\ksn_facade.dll 22.06.2018 16:04:52, modified: 22.06.2018 16:04:52 Script: Quarantine, Delete, Delete via BC	72548352	Facade for KSN PDK	© 2018 AO Kaspersky Lab. All Rights Reserved.	E8AF2661F6FF12D087A27A789B3A2D21	no
C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 19.0.0\remote_eka_prague_loader.dll 22.06.2018 16:04:20, modified: 22.06.2018 16:04:20 Script: Quarantine, Delete, Delete via BC	82575360	Helper Library	© 2018 AO Kaspersky Lab. All Rights Reserved.	155EB7790B9AC79D37898F908D3F3B15	no
C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 19.0.0\prremote.dll 22.06.2018 16:04:15, modified: 22.06.2018 16:04:15 Script: Quarantine, Delete, Delete via BC	1924136960	PR_REMOTE	© 2018 AO Kaspersky Lab. All Rights Reserved.	26C82B400A7FC89E0BEF8840CEB55535	no
C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 19.0.0\product_metainfo.dll 22.06.2018 16:04:15, modified: 22.06.2018 16:04:15 Script: Quarantine, Delete, Delete via BC	1916338176	Product Metainformation	© 2018 AO Kaspersky Lab. All Rights Reserved.	DD3EAF3EED29B0718E9B109FA9C56BFF	no
C:\Program Files (x86)\Kaspersky Lab\Kaspersky Secure Connection 3.0\tun_facade.dll 22.06.2018 16:04:54, modified: 22.06.2018 16:04:54 Script: Quarantine, Delete, Delete via BC	1824784384		© 2018 AO Kaspersky Lab. All Rights Reserved.	82EADEE446E3AA26E4A98A74B6E2D697	no
c:\program files (x86)\kaspersky lab\kaspersky secure connection 3.0\ksdeui.exe Script: Quarantine, Delete, Delete via BC, Terminate	9748	Kaspersky Secure Connection	© 2018 AO Kaspersky Lab. All Rights Reserved.	B165CB10960CA616E766129A634A42D3	580,30 kb, rsAh,created: 22.06.2018 16:04:54,modified: 22.06.2018 16:04:54 Command line: "C:\Program Files (x86)\Kaspersky Lab\Kaspersky Secure Connection 3.0\ksdeui.exe" -hidden
C:\Program Files (x86)\Kaspersky Lab\Kaspersky Secure Connection 3.0\ksdeui.exe 22.06.2018 16:04:54, modified: 22.06.2018 16:04:54 Script: Quarantine, Delete, Delete via BC	19333120	Kaspersky Secure Connection	© 2018 AO Kaspersky Lab. All Rights Reserved.	B165CB10960CA616E766129A634A42D3	no
C:\Program Files (x86)\Kaspersky Lab\Kaspersky Secure Connection 3.0\ksdeuimain.dll 22.06.2018 16:04:54, modified: 22.06.2018 16:04:54 Script: Quarantine, Delete, Delete via BC	1770782720	Kaspersky Secure Connection	© 2018 AO Kaspersky Lab. All Rights Reserved.	1FACE1FCACBC0D962703D8A51E5C70C1	no
C:\Program Files (x86)\Kaspersky Lab\Kaspersky Secure Connection 3.0\product_info.dll 22.06.2018 16:04:54, modified: 22.06.2018 16:04:54 Script: Quarantine, Delete, Delete via BC	1851719680	Kaspersky Product Info library	© 2018 AO Kaspersky Lab. All Rights Reserved.	1FA17226DA2954FD5D3B649D943D3B69	no
C:\Program Files (x86)\Kaspersky Lab\Kaspersky Secure Connection 3.0\DumpWriter.dll 22.06.2018 16:04:52, modified: 22.06.2018 16:04:52 Script: Quarantine, Delete, Delete via BC	1727201280	Kaspersky Dump Writer DLL	© 2018 AO Kaspersky Lab. All Rights Reserved.	4EB27E2FA94A1BDFCBF7718C2FAFBCEF	no
C:\Program Files (x86)\Kaspersky Lab\Kaspersky Secure Connection 3.0\prremote.DLL 22.06.2018 16:04:53, modified: 22.06.2018 16:04:53 Script: Quarantine, Delete, Delete via BC	261160960	PR_REMOTE	© 2018 AO Kaspersky Lab. All Rights Reserved.	26C82B400A7FC89E0BEF8840CEB55535	no
C:\Program Files (x86)\Kaspersky Lab\Kaspersky Secure Connection 3.0\prcore.dll 22.06.2018 16:04:52, modified: 22.06.2018 16:04:52 Script: Quarantine, Delete, Delete via BC	258932736	Prague Core	© 2018 AO Kaspersky Lab. All Rights Reserved.	C803002A400349121EEA6F6CB3795D71	no
C:\Program Files (x86)\Kaspersky Lab\Kaspersky Secure Connection 3.0\winreg.ppl 22.06.2018 16:04:53, modified: 22.06.2018 16:04:53 Script: Quarantine, Delete, Delete via BC	1696006144	WINREG	© 2018 AO Kaspersky Lab. All Rights Reserved.	FA7490A91328E6EFBC652B72219EEF78	no
C:\Program Files (x86)\Kaspersky Lab\Kaspersky Secure Connection 3.0\pxstub.ppl 22.06.2018 16:04:53, modified: 22.06.2018 16:04:53 Script: Quarantine, Delete, Delete via BC	2011561984	Proxy Stubs	© 2018 AO Kaspersky Lab. All Rights Reserved.	AF1AD141285DC36C2D15CED67F8D9F3C	no
C:\Program Files (x86)\Kaspersky Lab\Kaspersky Secure Connection 3.0\params.ppl 22.06.2018 16:04:52, modified: 22.06.2018 16:04:52 Script: Quarantine, Delete, Delete via BC	1821048832	Structure Serializer	© 2018 AO Kaspersky Lab. All Rights Reserved.	64997AE242C3B434C664AFAB828840F7	no
C:\Program Files (x86)\Kaspersky Lab\Kaspersky Secure Connection 3.0\instrumental_services.dll 22.06.2018 16:04:52, modified: 22.06.2018 16:04:52 Script: Quarantine, Delete, Delete via BC	261750784	Instrumental services	© 2018 AO Kaspersky Lab. All Rights Reserved.	344D42841F74F81230D020D187CD1D39	no
C:\Program Files (x86)\Kaspersky Lab\Kaspersky Secure Connection 3.0\dblite.dll 22.06.2018 16:04:52, modified: 22.06.2018 16:04:52 Script: Quarantine, Delete, Delete via BC	1723334656	SQLite is a software library that implements a self-contained, serverless, zero-configuration, transactional SQL database engine.	http://www.sqlite.org/copyright.html	FB6DFC240E9C83B0C9A1C844D52D83BD	no
C:\Program Files (x86)\Kaspersky Lab\Kaspersky Secure Connection 3.0\kl_service.DLL 22.06.2018 16:04:52, modified: 22.06.2018 16:04:52 Script: Quarantine, Delete, Delete via BC	252968960	Component service provider	© 2018 AO Kaspersky Lab. All Rights Reserved.	C836CF7CC1BB4B0394C2C36CF0A98B1E	no
C:\Program Files (x86)\Kaspersky Lab\Kaspersky Secure Connection 3.0\app_core_legacy.dll 22.06.2018 16:04:52, modified: 22.06.2018 16:04:52 Script: Quarantine, Delete, Delete via BC	266403840		© 2018 AO Kaspersky Lab. All Rights Reserved.	F142663C6226469123477166DF4C6204	no
C:\Program Files (x86)\Kaspersky Lab\Kaspersky Secure Connection 3.0\product_metainfo.dll 22.06.2018 16:04:53, modified: 22.06.2018 16:04:53 Script: Quarantine, Delete, Delete via BC	1775435776	Product Metainformation	© 2018 AO Kaspersky Lab. All Rights Reserved.	DD3EAF3EED29B0718E9B109FA9C56BFF	no
C:\Program Files (x86)\Kaspersky Lab\Kaspersky Secure Connection 3.0\avpservice.dll 22.06.2018 16:04:52, modified: 22.06.2018 16:04:52 Script: Quarantine, Delete, Delete via BC	1706033152	Kaspersky Anti-Virus Service library	© 2018 AO Kaspersky Lab. All Rights Reserved.	3A4A7BC77B631F3347EB635520A6C171	no
C:\Program Files (x86)\Kaspersky Lab\Kaspersky Secure Connection 3.0\KasperskyLab.Ksde.UI.Loader.dll 22.06.2018 16:04:54, modified: 22.06.2018 16:04:54 Script: Quarantine, Delete, Delete via BC	1748959232	Loader	© 2018 AO Kaspersky Lab. All Rights Reserved.	9C8968B34F10F0491ADD9748FF1C5E4C	no
C:\Windows\assembly\NativeImages_v4.0.30319_32\PresentationCore\820a27781e8540ca263d835ec155f1a5\PresentationCore.ni.dll Script: Quarantine, Delete, Delete via BC	267649024	PresentationCore.dll	© Microsoft Corporation. All rights reserved.	85E1CEAE24A466243FBDF977AADF771F	no
C:\Windows\assembly\NativeImages_v4.0.30319_32\WindowsBase\dd5a228cf16a218ff0d3f02cdcbab8c9\WindowsBase.ni.dll Script: Quarantine, Delete, Delete via BC	1470300160	WindowsBase.dll	© Microsoft Corporation. All rights reserved.	C6A037C6F76E3FB77A4A6BA607EC83C0	no
C:\Program Files (x86)\Kaspersky Lab\Kaspersky Secure Connection 3.0\KasperskyLab.Ksde.NativeInterop.dll 22.06.2018 16:04:54, modified: 22.06.2018 16:04:54 Script: Quarantine, Delete, Delete via BC	1750138880	Native interop assembly	© 2018 AO Kaspersky Lab. All Rights Reserved.	277C48DD0362417277F1190E67486D3C	no
C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Configuration\8d67d92724ba494b6c7fd089d6f25b48\System.Configuration.ni.dll Script: Quarantine, Delete, Delete via BC	1610809344	System.Configuration.dll	© Microsoft Corporation. All rights reserved.	705C90CCD5F258A3B3AD090F3CDC4BD6	no
C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Xml\b219d4630d26b88041b59c21e8e2b95c\System.Xml.ni.dll Script: Quarantine, Delete, Delete via BC	1636696064	.NET Framework	© Microsoft Corporation. All rights reserved.	825E9B7D385424A89690B161D6517C6F	no
C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Xaml\8c85184f1e0cfe359eea86373661a3f8\System.Xaml.ni.dll Script: Quarantine, Delete, Delete via BC	1475280896	System.Xaml.dll	© Microsoft Corporation. All rights reserved.	01B71F092B3ED17EABFBD254FC65F632	no
C:\Windows\assembly\NativeImages_v4.0.30319_32\Presentatio5ae0f00f#\889128adc9a7c9370e5e293f65060164\PresentationFramework.ni.dll Script: Quarantine, Delete, Delete via BC	1437728768	PresentationFramework.dll	© Microsoft Corporation. All rights reserved.	8CFAA5DE9282C5E26A2014EC47A572F4	no
C:\Windows\assembly\NativeImages_v4.0.30319_32\Presentatioaec034ca#\71c166f74def9b205fafc80dbd0c1015\PresentationFramework.Aero2.ni.dll Script: Quarantine, Delete, Delete via BC	260440064	PresentationFramework.Aero2.dll	© Microsoft Corporation. All rights reserved.	477CE8A486C9811331B929EAB78431B3	no
C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Xml.Linq\f54e3a73bfefb71eb6e1de09129af7f0\System.Xml.Linq.ni.dll Script: Quarantine, Delete, Delete via BC	154599424	.NET Framework	© Microsoft Corporation. All rights reserved.	EDB890C27FA35B64547626CF18272AEA	no
C:\Windows\assembly\NativeImages_v4.0.30319_32\UIAutomationTypes\cc2d1668767fa1e11426bf30ad4d0478\UIAutomationTypes.ni.dll 22.06.2018 16:15:05, modified: 22.06.2018 16:15:05 Script: Quarantine, Delete, Delete via BC	1465581568	UIAutomationTypes.dll	© Microsoft Corporation. All rights reserved.	4DF80ED97B6672F7326ECB23E376CBDE	no
C:\Windows\assembly\NativeImages_v4.0.30319_32\UIAutomationProvider\03f5038ded876aa1db27b58b6a37dd38\UIAutomationProvider.ni.dll 22.06.2018 16:15:05, modified: 22.06.2018 16:15:05 Script: Quarantine, Delete, Delete via BC	1670840320	UIAutomationProvider.dll	© Microsoft Corporation. All rights reserved.	19A8520A8207809C35EAE920AA65D075	no
C:\Windows\assembly\NativeImages_v4.0.30319_32\Accessibility\2a550a06559f44499ef2ba11f60c7aea\Accessibility.ni.dll 22.06.2018 16:15:04, modified: 22.06.2018 16:15:04 Script: Quarantine, Delete, Delete via BC	1683881984	.NET Framework	© Microsoft Corporation. All rights reserved.	A5F8059486A32A3D1E294CA52AF6AD2A	no
C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Runt0d283adf#\3d4a39c5a8bbd331e3651b6a59cdc056\System.Runtime.WindowsRuntime.ni.dll Script: Quarantine, Delete, Delete via BC	174260224	.NET Framework	© Microsoft Corporation. All rights reserved.	48E7304C52828585F55336E321D7AAC8	no
C:\Program Files (x86)\ASUS\AI Suite III\File Transfer\Wi-Fi GO! AssistTool\WiFiGO_HookKey.dll 22.06.2018 16:48:34, modified: 30.06.2016 16:50:16 Script: Quarantine, Delete, Delete via BC	236060672			FFC5CC9FFF8872B5E287B63D8B30832A	no
C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 19.0.0\vkbd.dll 22.06.2018 16:04:20, modified: 22.06.2018 16:04:20 Script: Quarantine, Delete, Delete via BC	1673134080	Virtual Keyboard	© 2018 AO Kaspersky Lab. All Rights Reserved.	2B661D25CB31A417DD0575DE561D5367	no
c:\program files (x86)\lightingservice\1.00.14\lightingservice.exe Script: Quarantine, Delete, Delete via BC, Terminate	3536	LightingService	Copyright (C) ASUSTek Computer Inc. 2015-2017	C0017561A0975DF3217DDAD61ABE7FD1	1268,46 kb, RsAh,created: 22.06.2018 17:13:18,modified: 06.07.2017 08:36:42 Command line: "C:\Program Files (x86)\LightingService\1.00.14\LightingService.exe"
C:\Program Files (x86)\LightingService\1.00.14\LightingService.exe 22.06.2018 17:13:18, modified: 06.07.2017 08:36:42 Script: Quarantine, Delete, Delete via BC	14942208	LightingService	Copyright (C) ASUSTek Computer Inc. 2015-2017	C0017561A0975DF3217DDAD61ABE7FD1	no
C:\Program Files (x86)\LightingService\1.00.14\ClaymoreProtocol.dll 22.06.2018 17:13:18, modified: 06.07.2017 05:34:18 Script: Quarantine, Delete, Delete via BC	1746403328			4A2391C7BC9BC52C945D43168E845D5B	no
C:\Program Files (x86)\LightingService\1.00.14\AudioLEDCtrl.dll 22.06.2018 17:13:18, modified: 06.07.2017 05:34:18 Script: Quarantine, Delete, Delete via BC	1700265984	Aura Sync for Audio LED Control	Copyright (C) 2016 ASUSTeK Computer Inc.	962363C4421A6D72F0B6D5A17A802780	no
C:\Program Files (x86)\ASUS\AAHM\1.00.31\aaHMLib.dll 22.06.2018 16:46:59, modified: 01.06.2017 16:24:11 Script: Quarantine, Delete, Delete via BC	45023232			A99FEFBB314F1F08FADA5FFCC702B7A6	no
C:\Program Files (x86)\LightingService\1.00.14\LightingService.exe Script: Quarantine, Delete, Delete via BC, Terminate	4164	LightingService	Copyright (C) ASUSTek Computer Inc. 2015-2017	C0017561A0975DF3217DDAD61ABE7FD1	1268,46 kb, RsAh,created: 22.06.2018 17:13:18,modified: 06.07.2017 08:36:42 Command line:
C:\Program Files (x86)\LightingService\1.00.14\LightingService.exe Script: Quarantine, Delete, Delete via BC, Terminate	4260	LightingService	Copyright (C) ASUSTek Computer Inc. 2015-2017	C0017561A0975DF3217DDAD61ABE7FD1	1268,46 kb, RsAh,created: 22.06.2018 17:13:18,modified: 06.07.2017 08:36:42 Command line:
c:\program files (x86)\intel\intel(r) management engine components\lms\lms.exe Script: Quarantine, Delete, Delete via BC, Terminate	7428	Intel(R) Local Management Service	Copyright © 2006-2017, Intel Corporation. All rights reserved.	E8CFAAEEED77EF4BDC0C213610CCF42D	409,60 kb, rsAh,created: 24.04.2017 11:05:32,modified: 24.04.2017 11:05:32 Command line: "C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe"
C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe Script: Quarantine, Delete, Delete via BC	10944512	Intel(R) Local Management Service	Copyright © 2006-2017, Intel Corporation. All rights reserved.	E8CFAAEEED77EF4BDC0C213610CCF42D	no
C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\ACE.dll Script: Quarantine, Delete, Delete via BC	260112384	ACE		2CD7EA180586A199A8109B6D79879675	no
C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\WsmanClient.dll Script: Quarantine, Delete, Delete via BC	256442368	Wsman Client	Copyright (c) 2010-2017, Intel Corporation. All rights reserved.	9469A172F4077B2BE2EB92B65F96EA89	no
C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\StatusEventHandler.dll Script: Quarantine, Delete, Delete via BC	262864896	Status Event Handler	Copyright © 2010-2017, Intel Corporation. All rights reserved.	13FCC0E50F1588DD5B4176628B12D229	no
C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\Common.dll Script: Quarantine, Delete, Delete via BC	252772352	Common	Copyright © 2010-2017, Intel Corporation. All rights reserved.	22E1F25C6CA0595E229382EC523C641B	no
C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\GmsCommon.dll Script: Quarantine, Delete, Delete via BC	254607360	GMS Common	Copyright © 2010-2017, Intel Corporation. All rights reserved.	AA057493D99F88EB42EB41DA56621D72	no
C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\CONFIGURATOR.dll Script: Quarantine, Delete, Delete via BC	266534912	Configurator	Copyright © 2010-2017, Intel Corporation. All rights reserved.	EF64B8E13C96450537A7C93A35973456	no
C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe Script: Quarantine, Delete, Delete via BC, Terminate	8620	Intel(R) Local Management Service	Copyright © 2006-2017, Intel Corporation. All rights reserved.	E8CFAAEEED77EF4BDC0C213610CCF42D	409,60 kb, rsAh,created: 24.04.2017 11:05:32,modified: 24.04.2017 11:05:32 Command line:
c:\program files (x86)\nvidia corporation\nvcontainer\nvcontainer.exe Script: Quarantine, Delete, Delete via BC, Terminate	1456	NVIDIA Container	(C) 2016 NVIDIA Corporation. All rights reserved.	89931FBAA2783A5999D3103AF0CE13C9	439,44 kb, rsAh,created: 22.06.2018 16:40:38,modified: 28.06.2017 00:39:35 Command line: "C:\Program Files (x86)\NVIDIA Corporation\NvContainer\nvcontainer.exe" -f "C:\ProgramData\NVIDIA\NvContainerUser%d.log" -d "C:\Program Files (x86)\NVIDIA Corporation\NvContainer\plugins\User" -r -l 3 -p 30000 -c
C:\Users\Stephx\AppData\Local\NVIDIA\NvBackend\ApplicationOntology\Ontology.dll 22.06.2018 16:03:28, modified: 22.06.2018 16:03:28 Script: Quarantine, Delete, Delete via BC	255066112	Application Ontology library	(C) 2018 NVIDIA Corporation. All rights reserved.	C2398B2790C35F2342CDF7ECDED8E0B4	no
C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 19.0.0\vkbd.dll 22.06.2018 16:04:20, modified: 22.06.2018 16:04:20 Script: Quarantine, Delete, Delete via BC	1673134080	Virtual Keyboard	© 2018 AO Kaspersky Lab. All Rights Reserved.	2B661D25CB31A417DD0575DE561D5367	no
c:\program files (x86)\nvidia corporation\nvnode\nvidia web helper.exe Script: Quarantine, Delete, Delete via BC, Terminate	9696	NVIDIA Web Helper Service	Copyright Node.js contributors. MIT license.	806AE0B75377067C7535F209F171F14B	15188,94 kb, rsAh,created: 22.06.2018 16:40:42,modified: 28.06.2017 00:39:35 Command line: "C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe" index.js
C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 19.0.0\vkbd.dll 22.06.2018 16:04:20, modified: 22.06.2018 16:04:20 Script: Quarantine, Delete, Delete via BC	1673134080	Virtual Keyboard	© 2018 AO Kaspersky Lab. All Rights Reserved.	2B661D25CB31A417DD0575DE561D5367	no
c:\users\stephx\appdata\local\microsoft\onedrive\onedrive.exe Script: Quarantine, Delete, Delete via BC, Terminate	2580	Microsoft OneDrive	© Microsoft Corporation. All rights reserved.	00F30FDFDE3E276C1A731C2DF951D67E	1469,62 kb, rsAh,created: 22.06.2018 15:41:51,modified: 22.06.2018 15:41:50 Command line: "C:\Users\Stephx\AppData\Local\Microsoft\OneDrive\OneDrive.exe" /background
C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 19.0.0\vkbd.dll 22.06.2018 16:04:20, modified: 22.06.2018 16:04:20 Script: Quarantine, Delete, Delete via BC	1673134080	Virtual Keyboard	© 2018 AO Kaspersky Lab. All Rights Reserved.	2B661D25CB31A417DD0575DE561D5367	no
c:\program files (x86)\ramcache ii\ramcache.exe Script: Quarantine, Delete, Delete via BC, Terminate	8792	Ram Cache II	Copyright (C) FNet	DC7CB78A81AEB5FB897096D061063FB7	4724,80 kb, rsAh,created: 22.06.2018 17:13:47,modified: 22.06.2018 17:13:47 Command line: "C:\Program Files (x86)\RamCache II\RamCache.exe"
C:\Program Files (x86)\RamCache II\RamCache.exe 22.06.2018 17:13:47, modified: 22.06.2018 17:13:47 Script: Quarantine, Delete, Delete via BC	4194304	Ram Cache II	Copyright (C) FNet	DC7CB78A81AEB5FB897096D061063FB7	no
C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 19.0.0\vkbd.dll 22.06.2018 16:04:20, modified: 22.06.2018 16:04:20 Script: Quarantine, Delete, Delete via BC	1673134080	Virtual Keyboard	© 2018 AO Kaspersky Lab. All Rights Reserved.	2B661D25CB31A417DD0575DE561D5367	no
Registry.exe Script: Quarantine, Delete, Delete via BC, Terminate	288				error getting file info Command line:
c:\program files (x86)\asus\ai suite iii\file transfer\wi-fi go! assisttool\wifile\wifiletransfer.exe Script: Quarantine, Delete, Delete via BC, Terminate	8348	WiFil GO! File Transfer	ASUSTeK Computer Inc.	49D72678BEC15603FECE7BCFF2B28A89	1358,80 kb, rsAh,created: 22.06.2018 16:48:34,modified: 30.06.2016 16:50:16 Command line: "C:\Program Files (x86)\ASUS\AI Suite III\File Transfer\Wi-Fi GO! AssistTool\WiFile\WiFileTransfer.exe"
C:\Program Files (x86)\ASUS\AI Suite III\File Transfer\Wi-Fi GO! AssistTool\WiFile\WiFileTransfer.exe 22.06.2018 16:48:34, modified: 30.06.2016 16:50:16 Script: Quarantine, Delete, Delete via BC	4194304	WiFil GO! File Transfer	ASUSTeK Computer Inc.	49D72678BEC15603FECE7BCFF2B28A89	no
C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 19.0.0\vkbd.dll 22.06.2018 16:04:20, modified: 22.06.2018 16:04:20 Script: Quarantine, Delete, Delete via BC	1673134080	Virtual Keyboard	© 2018 AO Kaspersky Lab. All Rights Reserved.	2B661D25CB31A417DD0575DE561D5367	no
c:\program files\winzip\wzpreloader.exe Script: Quarantine, Delete, Delete via BC, Terminate	8656	WinZip Preloader	(c) 1991-2016 VAPC (Lux) S.a.r.L. All rights reserved.	0C88F1F273BEB0C175A06343CC09BD47	130,09 kb, RsAh,created: 25.10.2016 21:00:00,modified: 25.10.2016 21:00:00 Command line:
c:\program files\winzip\wzupdatenotifier.exe Script: Quarantine, Delete, Delete via BC, Terminate	7704	WinZip Update Notifier	Copyright (c) 1991-2016 VAPC (Lux) S.a.r.L. All rights reserved.	A0BA0B08BEE2B0A05567001F62030A48	1764,20 kb, RsAh,created: 25.10.2016 21:00:00,modified: 25.10.2016 21:00:00 Command line:
Detected:173, recognized as trusted 141

Kernel Space Modules Viewer

Module	Redirector	Base address	Size in memory	Description	Manufacturer
C:\Windows\System32\Drivers\klupd_klif_arkmon.sys 230,95 kb, rsAh, created: 22.06.2018 16:05:06, modified: 22.06.2018 16:05:06 Script: Quarantine, Delete, Delete via BC	x64	77810000	0003A000 (237568)	Kaspersky Lab Anti-Rootkit Monitor	© 2018 AO Kaspersky Lab. All Rights Reserved.
C:\Windows\System32\Drivers\klupd_klif_klbg.sys 106,69 kb, rsAh, created: 22.06.2018 16:05:06, modified: 22.06.2018 16:05:06 Script: Quarantine, Delete, Delete via BC	x64	78630000	0001B000 (110592)	Kaspersky Lab Boot Guard Driver	© 2018 AO Kaspersky Lab. All Rights Reserved.
C:\Windows\system32\drivers\netfilter2.sys 77,64 kb, rsAh, created: 22.06.2018 17:14:22, modified: 12.03.2017 19:45:00 Script: Quarantine, Delete, Delete via BC	x64	79210000	00016000 (90112)	NetFilter SDK WFP Driver (WPP)	Copyright © NetFilterSDK.com
C:\Windows\System32\Drivers\dump_diskdump.sys error getting file info Script: Quarantine, Delete, Delete via BC	x64	7C1B0000	0000F000 (61440)
C:\Windows\System32\Drivers\dump_storahci.sys error getting file info Script: Quarantine, Delete, Delete via BC	x64	7C1F0000	0002A000 (172032)
C:\Windows\System32\Drivers\dump_dumpfve.sys error getting file info Script: Quarantine, Delete, Delete via BC	x64	7C240000	0001D000 (118784)
C:\Windows\system32\DRIVERS\asramdisk.sys 108,80 kb, rsAh, created: 22.06.2018 17:13:51, modified: 07.05.2014 14:23:16 Script: Quarantine, Delete, Delete via BC	x64	B6310000	0001E000 (122880)	AsRamDisk Driver	Copyright ?2012 Asus.
C:\Windows\System32\Drivers\klupd_klif_mark.sys 173,68 kb, rsAh, created: 22.06.2018 16:05:05, modified: 22.06.2018 16:05:05 Script: Quarantine, Delete, Delete via BC	x64	B67D0000	0002D000 (184320)	Kaspersky Lab Anti-Rootkit Engine	© 2018 AO Kaspersky Lab. All Rights Reserved.
C:\ProgramData\Kaspersky Lab\AVP19.0.0\Bases\klids.sys 176,74 kb, rsAh, created: 22.06.2018 16:05:08, modified: 22.06.2018 16:05:09 Script: Quarantine, Delete, Delete via BC	x64	79BD0000	0002C000 (180224)	IDS Engine [fre_wnet_x64]	© 2018 AO Kaspersky Lab. All Rights Reserved.
C:\Windows\system32\drivers\IOMap64.sys 33,27 kb, rsah, created: 22.06.2018 17:01:09, modified: 01.06.2017 07:24:12 Script: Quarantine, Delete, Delete via BC	x64	7B420000	00009000 (36864)	ASUS Kernel Mode Driver for NT	Copyright 2017 ASUSTeK Computer Inc.
C:\Program Files (x86)\ASUS\AURA\690b33e1-0462-4e84-9bea-c7552b45432a.sys 14,63 kb, rsAh, created: 22.06.2018 17:16:21, modified: 22.06.2018 17:55:05 Script: Quarantine, Delete, Delete via BC	x64	7B460000	00007000 (28672)
C:\Windows\System32\Drivers\klupd_klif_klark.sys 252,80 kb, rsAh, created: 22.06.2018 16:06:45, modified: 22.06.2018 16:06:45 Script: Quarantine, Delete, Delete via BC	x64	77860000	0003F000 (258048)	Kaspersky Lab Anti-Rootkit	© 2018 AO Kaspersky Lab. All Rights Reserved.
Items found - 208, recognized as trusted - 196

Autoruns

File name	Redirector	Startup method	Description
C:\Windows\System32\icardres.dll error getting file info Script: Quarantine, Delete, Delete via BC	x64	Registry key	HKEY_LOCAL_MACHINE, SYSTEM\CurrentControlSet\Services\Eventlog\Application\CardSpace 4.0.0.0, EventMessageFile
C:\Program Files (x86)\Google\Chrome\Application\67.0.3396.87\eventlog_provider.dll 10,34 kb, rsAh, created: 22.06.2018 18:23:41, modified: 12.06.2018 07:36:30 Script: Quarantine, Delete, Delete via BC	x64	Registry key	HKEY_LOCAL_MACHINE, SYSTEM\CurrentControlSet\Services\Eventlog\Application\Chrome, EventMessageFile
C:\Program Files\Common Files\Microsoft Shared\Ink\IPSEventLogMsg.dll error getting file info Script: Quarantine, Delete, Delete via BC	x64	Registry key	HKEY_LOCAL_MACHINE, SYSTEM\CurrentControlSet\Services\Eventlog\Application\Handwriting Recognition, EventMessageFile
C:\Program Files\Intel\Wired Networking\DMIX\Resource\ProsetWarningMessages.dll 11,56 kb, rsAh, created: 24.04.2017 14:19:02, modified: 24.04.2017 14:19:02 Script: Quarantine, Delete, Delete via BC	x64	Registry key	HKEY_LOCAL_MACHINE, SYSTEM\CurrentControlSet\Services\Eventlog\Application\Intel PROSet Monitor, EventMessageFile
C:\Windows\System32\IusEventLog.dll error getting file info Script: Quarantine, Delete, Delete via BC	x64	Registry key	HKEY_LOCAL_MACHINE, SYSTEM\CurrentControlSet\Services\Eventlog\Application\Intel(R) Capability Licensing Service Interface, EventMessageFile
C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe 192,10 kb, rsAh, created: 24.04.2017 11:01:22, modified: 24.04.2017 11:01:22 Script: Quarantine, Delete, Delete via BC	x64	Registry key	HKEY_LOCAL_MACHINE, SYSTEM\CurrentControlSet\Services\Eventlog\Application\IntelDalJhi, EventMessageFile
C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe 409,60 kb, rsAh, created: 24.04.2017 11:05:32, modified: 24.04.2017 11:05:32 Script: Quarantine, Delete, Delete via BC	x64	Registry key	HKEY_LOCAL_MACHINE, SYSTEM\CurrentControlSet\Services\Eventlog\Application\LMS, EventMessageFile
C:\PROGRA~2\Intel\INTEL(~1\MEWMIP~1\MEProv.dll 1099,10 kb, rsAh, created: 24.04.2017 11:06:10, modified: 24.04.2017 11:06:10 Script: Quarantine, Delete, Delete via BC	x64	Registry key	HKEY_LOCAL_MACHINE, SYSTEM\CurrentControlSet\Services\Eventlog\Application\MEProv, EventMessageFile
c:\d6cd2d3bbd2e3bf145124765aaa45a\DW\DW20.exe error getting file info Script: Quarantine, Delete, Delete via BC	x64	Registry key	HKEY_LOCAL_MACHINE, SYSTEM\CurrentControlSet\Services\Eventlog\Application\VSSetup, EventMessageFile
C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 19.0.0\safe_banking.dll 1831,30 kb, rsAh, created: 22.06.2018 16:04:20, modified: 22.06.2018 16:04:20 Script: Quarantine, Delete, Delete via BC	x64	Registry key	HKEY_LOCAL_MACHINE, SYSTEM\CurrentControlSet\Services\Eventlog\Kaspersky Event Log\pure-safe_banking, EventMessageFile
C:\Windows\System32\Drivers\UMDF\UsbccidDriver.dll error getting file info Script: Quarantine, Delete, Delete via BC	x64	Registry key	HKEY_LOCAL_MACHINE, SYSTEM\CurrentControlSet\Services\Eventlog\System\Microsoft-Windows-USB-CCID, EventMessageFile
$(runtime.system32)\winhttp.dll error getting file info Script: Quarantine, Delete, Delete via BC	x64	Registry key	HKEY_LOCAL_MACHINE, SYSTEM\CurrentControlSet\Services\Eventlog\System\WinHttpAutoProxySvc, EventMessageFile
C:\Program Files (x86)\WinZip\WZUpdateNotifier.exe error getting file info Script: Quarantine, Delete, Delete via BC	x64	Shortcut in Startup folder	C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\, C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Notifications de Mises а jour.lnk,
C:\Program Files (x86)\WinZip\WzPreloader.exe error getting file info Script: Quarantine, Delete, Delete via BC	x64	Shortcut in Startup folder	C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\, C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\WinZip Prйchargeur.lnk,
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe 1551,34 kb, rsAh, created: 22.06.2018 16:11:01, modified: 12.06.2018 07:36:21 Script: Quarantine, Delete, Delete via BC	x64	Shortcut in Startup folder	C:\Users\Stephx\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\, C:\Users\Stephx\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk,
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe 1551,34 kb, rsAh, created: 22.06.2018 16:11:01, modified: 12.06.2018 07:36:21 Script: Quarantine, Delete, Delete via BC	x64	Shortcut in Startup folder	C:\Users\Stephx\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\, C:\Users\Stephx\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk,
C:\Program Files (x86)\ASUS\AI Suite III\File Transfer\Wi-Fi GO! AssistTool\WiFile\WiFileTransfer.exe 1358,80 kb, rsAh, created: 22.06.2018 16:48:34, modified: 30.06.2016 16:50:16 Script: Quarantine, Delete, Delete via BC	x32	Registry key	HKEY_LOCAL_MACHINE, Software\Microsoft\Windows\CurrentVersion\Run, ASUS WiFi GO! FileTransfer Execute Delete
C:\Program Files (x86)\RamCache II\RamCache.exe 4724,80 kb, rsAh, created: 22.06.2018 17:13:47, modified: 22.06.2018 17:13:47 Script: Quarantine, Delete, Delete via BC	x32	Registry key	HKEY_LOCAL_MACHINE, Software\Microsoft\Windows\CurrentVersion\Run, RamCache II Delete
C:\Program Files\DAEMON Tools Lite\DTAgent.exe 4842,69 kb, rsAh, created: 27.03.2017 11:18:28, modified: 27.03.2017 11:18:28 Script: Quarantine, Delete, Delete via BC	x32	Registry key	HKEY_CURRENT_USER, Software\Microsoft\Windows\CurrentVersion\Run, DAEMON Tools Lite Automount Delete
.dll error getting file info Script: Quarantine, Delete, Delete via BC	x32	Registry key	HKEY_LOCAL_MACHINE, System\CurrentControlSet\Control\Lsa, Security Packages
C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 19.0.0\shellex.dll 522,80 kb, rsAh, created: 22.06.2018 16:04:20, modified: 22.06.2018 16:04:20 Script: Quarantine, Delete, Delete via BC	x32	Registry key	HKEY_LOCAL_MACHINE, Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved, {755D388B-420B-4692-A974-84AAF0E577D3} Delete
C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 19.0.0\shellex.dll 522,80 kb, rsAh, created: 22.06.2018 16:04:20, modified: 22.06.2018 16:04:20 Script: Quarantine, Delete, Delete via BC	x32	Registry key	HKEY_LOCAL_MACHINE, Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved, {3A05D698-F33F-4592-81A8-053EBF0017DF} Delete
C:\Program Files\ASUSTeKcomputer.Inc\Sonic Suite 3\Foundation\SS3svc32.exe 1188,00 kb, rsAh, created: 12.04.2017 14:44:24, modified: 12.04.2017 14:44:24 Script: Quarantine, Delete, Delete via BC	x64	Registry key	HKEY_LOCAL_MACHINE, Software\Microsoft\Windows\CurrentVersion\Run, Sonic Studio 3 Delete
C:\Windows\system32\nvspcap64.dll 1858,44 kb, rsAh, created: 22.06.2018 16:40:46, modified: 28.06.2017 00:39:35 Script: Quarantine, Delete, Delete via BC	x64	Registry key	HKEY_LOCAL_MACHINE, Software\Microsoft\Windows\CurrentVersion\Run, ShadowPlay Delete
C:\Program Files\DAEMON Tools Lite\DTAgent.exe 4842,69 kb, rsAh, created: 27.03.2017 11:18:28, modified: 27.03.2017 11:18:28 Script: Quarantine, Delete, Delete via BC	x64	Registry key	HKEY_CURRENT_USER, Software\Microsoft\Windows\CurrentVersion\Run, DAEMON Tools Lite Automount Delete
.dll error getting file info Script: Quarantine, Delete, Delete via BC	x64	Registry key	HKEY_LOCAL_MACHINE, System\CurrentControlSet\Control\Lsa, Security Packages
C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 19.0.0\x64\ShellEx.dll 633,30 kb, rsAh, created: 22.06.2018 16:04:23, modified: 22.06.2018 16:04:23 Script: Quarantine, Delete, Delete via BC	x64	Registry key	HKEY_LOCAL_MACHINE, Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved, {755D388B-420B-4692-A974-84AAF0E577D3} Delete
C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 19.0.0\x64\ShellEx.dll 633,30 kb, rsAh, created: 22.06.2018 16:04:23, modified: 22.06.2018 16:04:23 Script: Quarantine, Delete, Delete via BC	x64	Registry key	HKEY_LOCAL_MACHINE, Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved, {3A05D698-F33F-4592-81A8-053EBF0017DF} Delete
C:\Program Files\NVIDIA Corporation\Display\nvui.dll 5130,44 kb, rsAh, created: 22.06.2018 16:39:58, modified: 27.06.2017 23:03:57 Script: Quarantine, Delete, Delete via BC	x64	Registry key	HKEY_LOCAL_MACHINE, Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved, {A70C977A-BF00-412C-90B7-034C51DA2439} Delete
C:\Windows\system32\nvshext.dll 68,12 kb, rsAh, created: 22.06.2018 16:39:58, modified: 27.06.2017 23:03:55 Script: Quarantine, Delete, Delete via BC	x64	Registry key	HKEY_LOCAL_MACHINE, Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved, {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} Delete
C:\Windows\system32\nv3dappshext.dll 536,44 kb, rsAh, created: 22.06.2018 16:39:58, modified: 27.06.2017 23:03:55 Script: Quarantine, Delete, Delete via BC	x64	Registry key	HKEY_LOCAL_MACHINE, Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved, {A929C4CE-FD36-4270-B4F5-34ECAC5BD63C} Delete
C:\Windows\system32\nv3dappshext.dll 536,44 kb, rsAh, created: 22.06.2018 16:39:58, modified: 27.06.2017 23:03:55 Script: Quarantine, Delete, Delete via BC	x64	Registry key	HKEY_LOCAL_MACHINE, Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved, {E97DEC16-A50D-49bb-AE24-CF682282E08D} Delete
C:\Program Files\WinZip\wzshls64.dll 21,59 kb, RsAh, created: 25.10.2016 21:00:00, modified: 25.10.2016 21:00:00 Script: Quarantine, Delete, Delete via BC	x64	Registry key	HKEY_LOCAL_MACHINE, Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved, {E0D79307-84BE-11CE-9641-444553540000} Delete
C:\Program Files\WinZip\wzshls64.dll 21,59 kb, RsAh, created: 25.10.2016 21:00:00, modified: 25.10.2016 21:00:00 Script: Quarantine, Delete, Delete via BC	x64	Registry key	HKEY_LOCAL_MACHINE, Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved, {E0D79305-84BE-11CE-9641-444553540000} Delete
C:\Program Files\WinZip\wzshls64.dll 21,59 kb, RsAh, created: 25.10.2016 21:00:00, modified: 25.10.2016 21:00:00 Script: Quarantine, Delete, Delete via BC	x64	Registry key	HKEY_LOCAL_MACHINE, Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved, {E0D79304-84BE-11CE-9641-444553540000} Delete
C:\Program Files\WinZip\wzshls64.dll 21,59 kb, RsAh, created: 25.10.2016 21:00:00, modified: 25.10.2016 21:00:00 Script: Quarantine, Delete, Delete via BC	x64	Registry key	HKEY_LOCAL_MACHINE, Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved, {E0D79306-84BE-11CE-9641-444553540000} Delete
Items found - 1016, recognized as trusted - 980

Internet Explorer extension modules (BHOs, Toolbars ...)

File name	Redirector	Type	Description	Manufacturer	CLSID
C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 19.0.0\IEExt\ie_plugin.dll 1150,36 kb, rsAh, created: 22.06.2018 16:04:19, modified: 22.06.2018 16:04:19 Script: Quarantine, Delete, Delete via BC	x32	BHO	Kaspersky Protection plugins	© 2018 AO Kaspersky Lab. All Rights Reserved.	{EC1E29BB-F56A-45D8-B023-D3EF710FA0E0} Delete
C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 19.0.0\IEExt\ie_plugin.dll 1150,36 kb, rsAh, created: 22.06.2018 16:04:19, modified: 22.06.2018 16:04:19 Script: Quarantine, Delete, Delete via BC	x32	Toolbar	Kaspersky Protection plugins	© 2018 AO Kaspersky Lab. All Rights Reserved.	{C500C267-63BF-451F-8797-4D720C9A2ED9} Delete
C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 19.0.0\x64\IEExt\ie_plugin.dll 1376,86 kb, rsAh, created: 22.06.2018 16:04:23, modified: 22.06.2018 16:04:23 Script: Quarantine, Delete, Delete via BC	x64	BHO	Kaspersky Protection plugins	© 2018 AO Kaspersky Lab. All Rights Reserved.	{EC1E29BB-F56A-45D8-B023-D3EF710FA0E0} Delete
C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 19.0.0\x64\IEExt\ie_plugin.dll 1376,86 kb, rsAh, created: 22.06.2018 16:04:23, modified: 22.06.2018 16:04:23 Script: Quarantine, Delete, Delete via BC	x64	Toolbar	Kaspersky Protection plugins	© 2018 AO Kaspersky Lab. All Rights Reserved.	{C500C267-63BF-451F-8797-4D720C9A2ED9} Delete
Items found - 8, recognized as trusted - 4

Windows Explorer extension modules

File name	Redirector	Destination	Description	Manufacturer	$CLSID
error getting file info	x32	Contacts folder			{0F8604A5-4ECE-4DE1-BA7D-CF10F8AA4F48} Delete
error getting file info	x32	WebCheck			{E6FB5E20-DE35-11CF-9C87-00AA005127ED} Delete
C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 19.0.0\shellex.dll 522,80 kb, rsAh, created: 22.06.2018 16:04:20, modified: 22.06.2018 16:04:20 Script: Quarantine, Delete, Delete via BC	x32	Scan with Kaspersky Anti-Virus	Shell Extension	© 2018 AO Kaspersky Lab. All Rights Reserved.	{755D388B-420B-4692-A974-84AAF0E577D3} Delete
C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 19.0.0\shellex.dll 522,80 kb, rsAh, created: 22.06.2018 16:04:20, modified: 22.06.2018 16:04:20 Script: Quarantine, Delete, Delete via BC	x32	Kaspersky Anti-Virus crypto container	Shell Extension	© 2018 AO Kaspersky Lab. All Rights Reserved.	{3A05D698-F33F-4592-81A8-053EBF0017DF} Delete
error getting file info	x32	Contacts folder			{0F8604A5-4ECE-4DE1-BA7D-CF10F8AA4F48} Delete
error getting file info	x32	WebCheck			{E6FB5E20-DE35-11CF-9C87-00AA005127ED} Delete
C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 19.0.0\shellex.dll 522,80 kb, rsAh, created: 22.06.2018 16:04:20, modified: 22.06.2018 16:04:20 Script: Quarantine, Delete, Delete via BC	x32	Scan with Kaspersky Anti-Virus	Shell Extension	© 2018 AO Kaspersky Lab. All Rights Reserved.	{755D388B-420B-4692-A974-84AAF0E577D3} Delete
C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 19.0.0\shellex.dll 522,80 kb, rsAh, created: 22.06.2018 16:04:20, modified: 22.06.2018 16:04:20 Script: Quarantine, Delete, Delete via BC	x32	Kaspersky Anti-Virus crypto container	Shell Extension	© 2018 AO Kaspersky Lab. All Rights Reserved.	{3A05D698-F33F-4592-81A8-053EBF0017DF} Delete
error getting file info	x64	Contacts folder			{0F8604A5-4ECE-4DE1-BA7D-CF10F8AA4F48} Delete
error getting file info	x64	WebCheck			{E6FB5E20-DE35-11CF-9C87-00AA005127ED} Delete
C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 19.0.0\x64\ShellEx.dll 633,30 kb, rsAh, created: 22.06.2018 16:04:23, modified: 22.06.2018 16:04:23 Script: Quarantine, Delete, Delete via BC	x64	Scan with Kaspersky Anti-Virus	Shell Extension	© 2018 AO Kaspersky Lab. All Rights Reserved.	{755D388B-420B-4692-A974-84AAF0E577D3} Delete
C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 19.0.0\x64\ShellEx.dll 633,30 kb, rsAh, created: 22.06.2018 16:04:23, modified: 22.06.2018 16:04:23 Script: Quarantine, Delete, Delete via BC	x64	Kaspersky Anti-Virus crypto container	Shell Extension	© 2018 AO Kaspersky Lab. All Rights Reserved.	{3A05D698-F33F-4592-81A8-053EBF0017DF} Delete
C:\Program Files\NVIDIA Corporation\Display\nvui.dll 5130,44 kb, rsAh, created: 22.06.2018 16:39:58, modified: 27.06.2017 23:03:57 Script: Quarantine, Delete, Delete via BC	x64	NvCpl DesktopContext Class	NVIDIA User Experience Driver Component	(C) 2017 NVIDIA Corporation. All rights reserved.	{A70C977A-BF00-412C-90B7-034C51DA2439} Delete
C:\Windows\system32\nvshext.dll 68,12 kb, rsAh, created: 22.06.2018 16:39:58, modified: 27.06.2017 23:03:55 Script: Quarantine, Delete, Delete via BC	x64	NVIDIA Play On My TV Context Menu Extension	NVIDIA Display Shell Extension	(C) 2017 NVIDIA Corporation. All rights reserved.	{3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} Delete
C:\Windows\system32\nv3dappshext.dll 536,44 kb, rsAh, created: 22.06.2018 16:39:58, modified: 27.06.2017 23:03:55 Script: Quarantine, Delete, Delete via BC	x64	NvAppShExt extension	NVIDIA Shell Extensions	(C) 2017 NVIDIA Corporation. All rights reserved.	{A929C4CE-FD36-4270-B4F5-34ECAC5BD63C} Delete
C:\Windows\system32\nv3dappshext.dll 536,44 kb, rsAh, created: 22.06.2018 16:39:58, modified: 27.06.2017 23:03:55 Script: Quarantine, Delete, Delete via BC	x64	OpenGLShExt extension	NVIDIA Shell Extensions	(C) 2017 NVIDIA Corporation. All rights reserved.	{E97DEC16-A50D-49bb-AE24-CF682282E08D} Delete
C:\Program Files\WinZip\wzshls64.dll 21,59 kb, RsAh, created: 25.10.2016 21:00:00, modified: 25.10.2016 21:00:00 Script: Quarantine, Delete, Delete via BC	x64	WinZip	WinZip Shell Extension DLL	(c) 1991-2016 VAPC (Lux) S.a.r.L. All rights reserved.	{E0D79307-84BE-11CE-9641-444553540000} Delete
C:\Program Files\WinZip\wzshls64.dll 21,59 kb, RsAh, created: 25.10.2016 21:00:00, modified: 25.10.2016 21:00:00 Script: Quarantine, Delete, Delete via BC	x64	WinZip	WinZip Shell Extension DLL	(c) 1991-2016 VAPC (Lux) S.a.r.L. All rights reserved.	{E0D79305-84BE-11CE-9641-444553540000} Delete
C:\Program Files\WinZip\wzshls64.dll 21,59 kb, RsAh, created: 25.10.2016 21:00:00, modified: 25.10.2016 21:00:00 Script: Quarantine, Delete, Delete via BC	x64	WinZip	WinZip Shell Extension DLL	(c) 1991-2016 VAPC (Lux) S.a.r.L. All rights reserved.	{E0D79304-84BE-11CE-9641-444553540000} Delete
C:\Program Files\WinZip\wzshls64.dll 21,59 kb, RsAh, created: 25.10.2016 21:00:00, modified: 25.10.2016 21:00:00 Script: Quarantine, Delete, Delete via BC	x64	WinZip	WinZip Shell Extension DLL	(c) 1991-2016 VAPC (Lux) S.a.r.L. All rights reserved.	{E0D79306-84BE-11CE-9641-444553540000} Delete
error getting file info	x64	Contacts folder			{0F8604A5-4ECE-4DE1-BA7D-CF10F8AA4F48} Delete
error getting file info	x64	WebCheck			{E6FB5E20-DE35-11CF-9C87-00AA005127ED} Delete
C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 19.0.0\x64\ShellEx.dll 633,30 kb, rsAh, created: 22.06.2018 16:04:23, modified: 22.06.2018 16:04:23 Script: Quarantine, Delete, Delete via BC	x64	Scan with Kaspersky Anti-Virus	Shell Extension	© 2018 AO Kaspersky Lab. All Rights Reserved.	{755D388B-420B-4692-A974-84AAF0E577D3} Delete
C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 19.0.0\x64\ShellEx.dll 633,30 kb, rsAh, created: 22.06.2018 16:04:23, modified: 22.06.2018 16:04:23 Script: Quarantine, Delete, Delete via BC	x64	Kaspersky Anti-Virus crypto container	Shell Extension	© 2018 AO Kaspersky Lab. All Rights Reserved.	{3A05D698-F33F-4592-81A8-053EBF0017DF} Delete
C:\Program Files\NVIDIA Corporation\Display\nvui.dll 5130,44 kb, rsAh, created: 22.06.2018 16:39:58, modified: 27.06.2017 23:03:57 Script: Quarantine, Delete, Delete via BC	x64	NvCpl DesktopContext Class	NVIDIA User Experience Driver Component	(C) 2017 NVIDIA Corporation. All rights reserved.	{A70C977A-BF00-412C-90B7-034C51DA2439} Delete
C:\Windows\system32\nvshext.dll 68,12 kb, rsAh, created: 22.06.2018 16:39:58, modified: 27.06.2017 23:03:55 Script: Quarantine, Delete, Delete via BC	x64	NVIDIA Play On My TV Context Menu Extension	NVIDIA Display Shell Extension	(C) 2017 NVIDIA Corporation. All rights reserved.	{3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} Delete
C:\Windows\system32\nv3dappshext.dll 536,44 kb, rsAh, created: 22.06.2018 16:39:58, modified: 27.06.2017 23:03:55 Script: Quarantine, Delete, Delete via BC	x64	NvAppShExt extension	NVIDIA Shell Extensions	(C) 2017 NVIDIA Corporation. All rights reserved.	{A929C4CE-FD36-4270-B4F5-34ECAC5BD63C} Delete
C:\Windows\system32\nv3dappshext.dll 536,44 kb, rsAh, created: 22.06.2018 16:39:58, modified: 27.06.2017 23:03:55 Script: Quarantine, Delete, Delete via BC	x64	OpenGLShExt extension	NVIDIA Shell Extensions	(C) 2017 NVIDIA Corporation. All rights reserved.	{E97DEC16-A50D-49bb-AE24-CF682282E08D} Delete
C:\Program Files\WinZip\wzshls64.dll 21,59 kb, RsAh, created: 25.10.2016 21:00:00, modified: 25.10.2016 21:00:00 Script: Quarantine, Delete, Delete via BC	x64	WinZip	WinZip Shell Extension DLL	(c) 1991-2016 VAPC (Lux) S.a.r.L. All rights reserved.	{E0D79307-84BE-11CE-9641-444553540000} Delete
C:\Program Files\WinZip\wzshls64.dll 21,59 kb, RsAh, created: 25.10.2016 21:00:00, modified: 25.10.2016 21:00:00 Script: Quarantine, Delete, Delete via BC	x64	WinZip	WinZip Shell Extension DLL	(c) 1991-2016 VAPC (Lux) S.a.r.L. All rights reserved.	{E0D79305-84BE-11CE-9641-444553540000} Delete
C:\Program Files\WinZip\wzshls64.dll 21,59 kb, RsAh, created: 25.10.2016 21:00:00, modified: 25.10.2016 21:00:00 Script: Quarantine, Delete, Delete via BC	x64	WinZip	WinZip Shell Extension DLL	(c) 1991-2016 VAPC (Lux) S.a.r.L. All rights reserved.	{E0D79304-84BE-11CE-9641-444553540000} Delete
C:\Program Files\WinZip\wzshls64.dll 21,59 kb, RsAh, created: 25.10.2016 21:00:00, modified: 25.10.2016 21:00:00 Script: Quarantine, Delete, Delete via BC	x64	WinZip	WinZip Shell Extension DLL	(c) 1991-2016 VAPC (Lux) S.a.r.L. All rights reserved.	{E0D79306-84BE-11CE-9641-444553540000} Delete
Items found - 98, recognized as trusted - 66

Printing system extensions (print monitors, providers)

File name	Redirector	Name	Type	Description	Manufacturer
Items found - 9, recognized as trusted - 9

Task Scheduler jobs

File name	Redirector	Job name	Description	Manufacturer	Path	Command line
C:\Program Files (x86)\LightingService\1.00.14\AsRogAuraGpuDllServer.exe 273,96 kb, RsAh, created: 22.06.2018 17:13:18, modified: 06.07.2017 05:37:40 Script: Quarantine, Delete, Delete via BC	x64	AsRogAuraGpuDllServer Script: Delete			C:\Windows\system32\Tasks\ASUS\	C:\Program Files (x86)\LightingService\1.00.14\AsRogAuraGpuDllServer.exe
C:\Program Files (x86)\ASUS\AI Suite III\AISuite3.exe 1998,46 kb, rsAh, created: 22.06.2018 16:47:10, modified: 20.06.2017 07:57:56 Script: Quarantine, Delete, Delete via BC	x64	ASUS AISuiteIII Script: Delete			C:\Windows\system32\Tasks\ASUS\	C:\Program Files (x86)\ASUS\AI Suite III\AISuite3.exe -schedule
C:\PROGRAMDATA\ASUS\AUXIP INSTALLATION\ASANDAWEBSERVICE.EXE 37,46 kb, rsaH, created: 22.06.2018 16:33:24, modified: 24.01.2017 11:14:28 Script: Quarantine, Delete, Delete via BC	x64	ASUS ANDA WEBSERVICE Script: Delete	AsANDAWebService	ASUSTeK COMPUTER INC.	C:\Windows\system32\Tasks\ASUS\	C:\PROGRAMDATA\ASUS\AUXIP INSTALLATION\ASANDAWEBSERVICE.EXE
C:\Program Files (x86)\ASUS\AI Suite III\DIP4\DIPAwayMode\DipAwayMode.exe 1353,46 kb, rsAh, created: 22.06.2018 16:47:57, modified: 07.06.2017 00:25:04 Script: Quarantine, Delete, Delete via BC	x64	ASUS DIPAwayMode Script: Delete			C:\Windows\system32\Tasks\ASUS\	C:\Program Files (x86)\ASUS\AI Suite III\DIP4\DIPAwayMode\DipAwayMode.exe
C:\Program Files (x86)\ASUS\AI Suite III\File Transfer\Wi-Fi GO! AssistTool\File Transfer Server Launcher.exe 1853,98 kb, rsAh, created: 22.06.2018 16:48:33, modified: 21.09.2016 11:37:52 Script: Quarantine, Delete, Delete via BC	x64	ASUS File Transfer Server Launcher Script: Delete	TODO: <File description>	TODO: (c) <Company name>. All rights reserved.	C:\Windows\system32\Tasks\ASUS\	C:\Program Files (x86)\ASUS\AI Suite III\File Transfer\Wi-Fi GO! AssistTool\File Transfer Server Launcher.exe
C:\PROGRAM FILES (X86)\ASUS\ASUS UI IMPROVEMENT PROGRAM\ASUSMonitor.exe 3042,48 kb, rsAh, created: 22.06.2018 16:33:41, modified: 24.03.2017 10:21:20 Script: Quarantine, Delete, Delete via BC	x64	ASUS UI Improvement Monitor Script: Delete	ASUSMonitor	Copyright © 2015	C:\Windows\system32\Tasks\ASUS\	C:\PROGRAM FILES (X86)\ASUS\ASUS UI IMPROVEMENT PROGRAM\ASUSMonitor.exe
C:\PROGRAM FILES (X86)\ASUS\ASUS UI IMPROVEMENT PROGRAM\ASUSMonitor.exe 3042,48 kb, rsAh, created: 22.06.2018 16:33:41, modified: 24.03.2017 10:21:20 Script: Quarantine, Delete, Delete via BC	x64	ASUS UI Improvement Monitor Fixed Time Script: Delete	ASUSMonitor	Copyright © 2015	C:\Windows\system32\Tasks\ASUS\	C:\PROGRAM FILES (X86)\ASUS\ASUS UI IMPROVEMENT PROGRAM\ASUSMonitor.exe
C:\Program Files (x86)\ASUS\AI Suite III\EZ Update\EzUpdt.exe 1427,98 kb, rsAh, created: 22.06.2018 16:48:14, modified: 17.05.2017 00:09:14 Script: Quarantine, Delete, Delete via BC	x64	Ez Update Script: Delete			C:\Windows\system32\Tasks\ASUS\	C:\Program Files (x86)\ASUS\AI Suite III\EZ Update\EzUpdt.exe -onlytray
C:\Program Files (x86)\ASUS\AI Suite III\DIP4\GpuFanHelper.exe 4313,96 kb, rsAh, created: 22.06.2018 16:47:53, modified: 29.12.2016 03:00:22 Script: Quarantine, Delete, Delete via BC	x64	GpuFanHelper Script: Delete	GpuFanHelper	TODO: (c) <Company name>. All rights reserved.	C:\Windows\system32\Tasks\ASUS\	C:\Program Files (x86)\ASUS\AI Suite III\DIP4\GpuFanHelper.exe
C:\Program Files (x86)\ASUS\KeyBot II\KeyBotII.exe 1658,46 kb, rsAh, created: 22.06.2018 17:10:00, modified: 06.04.2017 15:03:46 Script: Quarantine, Delete, Delete via BC	x64	KeyBot II Execute Script: Delete			C:\Windows\system32\Tasks\ASUS\	C:\Program Files (x86)\ASUS\KeyBot II\KeyBotII.exe -h
C:\Program Files (x86)\ASUS\ROG RAMDisk\loadImage.exe 1122,80 kb, rsAh, created: 22.06.2018 17:13:51, modified: 17.02.2014 16:46:50 Script: Quarantine, Delete, Delete via BC	x64	RamDisk Script: Delete			C:\Windows\system32\Tasks\ASUS\	C:\Program Files (x86)\ASUS\ROG RAMDisk\loadImage.exe -TaskAuto
C:\Program Files (x86)\ASUS\ASUS ROG Connect Plus\RC TweakIt Server\AsBCLK.exe 7300,46 kb, rsAh, created: 22.06.2018 17:01:46, modified: 16.06.2017 08:35:18 Script: Quarantine, Delete, Delete via BC	x64	RC TweakIt Server Execute Script: Delete	BCLK Application	Copyright (C) 2015	C:\Windows\system32\Tasks\ASUS\	C:\Program Files (x86)\ASUS\ASUS ROG Connect Plus\RC TweakIt Server\AsBCLK.exe
C:\Program Files\Intel\iCLS Client\IntelPTTEKRecertification.exe 652,80 kb, rsAh, created: 24.02.2017 17:20:38, modified: 24.02.2017 17:20:38 Script: Quarantine, Delete, Delete via BC	x64	Intel PTT EK Recertification Script: Delete	Intel(R)PTT EK Recertification Service	(C) Copyright Intel(R) Corporation	C:\Windows\system32\Tasks\	"C:\Program Files\Intel\iCLS Client\IntelPTTEKRecertification.exe"
C:\ProgramData\NVIDIA\NvContainerDriverUpdateCheck.log error getting file info Script: Quarantine, Delete, Delete via BC	x64	NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} Script: Delete			C:\Windows\system32\Tasks\	C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe -d "C:\Program Files\NVIDIA Corporation\NvDriverUpdateCheck" -l 3 -f C:\ProgramData\NVIDIA\NvContainerDriverUpdateCheck.log
C:\Program Files\ASUSTeKcomputer.Inc\Sonic Suite 3\Foundation\SS3Svc32.exe 1188,00 kb, rsAh, created: 12.04.2017 14:44:24, modified: 12.04.2017 14:44:24 Script: Quarantine, Delete, Delete via BC	x64	SS3Svc32Run Script: Delete	Sonic Suite 3		C:\Windows\system32\Tasks\	"C:\Program Files\ASUSTeKcomputer.Inc\Sonic Suite 3\Foundation\SS3Svc32.exe" $(Arg0) $(Arg1) $(Arg2) $(Arg3) $(Arg4) $(Arg5) $(Arg6) $(Arg7)
C:\Program Files\ASUSTeKcomputer.Inc\Sonic Suite 3\Foundation\x64\SS3Svc64.exe 776,00 kb, rsAh, created: 12.04.2017 14:47:54, modified: 12.04.2017 14:47:54 Script: Quarantine, Delete, Delete via BC	x64	SS3Svc64Run Script: Delete	Sonic Suite 3		C:\Windows\system32\Tasks\	"C:\Program Files\ASUSTeKcomputer.Inc\Sonic Suite 3\Foundation\x64\SS3Svc64.exe" $(Arg0) $(Arg1) $(Arg2) $(Arg3) $(Arg4) $(Arg5) $(Arg6) $(Arg7)
C:\Program Files\WinZip\WzBGTools.exe 243,59 kb, RsAh, created: 25.10.2016 21:00:00, modified: 25.10.2016 21:00:00 Script: Quarantine, Delete, Delete via BC	x64	WinZipBackGroundToolsTask Script: Delete	WinZip Background Tool	(c) 2015-2016 VAPC (Lux) S.a.r.L. All rights reserved.	C:\Windows\system32\Tasks\	C:\Program Files\WinZip\WzBGTools.exe
Items found - 105, recognized as trusted - 88

SPI/LSP settings

Manufacturer	Status	EXE file	Redirector	Description	Manufacturer	GUID
Items found - 14, recognized as trusted - 14

SPI/LSP settings

Protocol Name	EXE file	Redirector	Description	Manufacturer
Items found - 28, recognized as trusted - 28

TCP/UDP ports

Port	Status	Remote Host	Remote Port	Application	Redirector	Notes	Description	Manufacturer
TCP ports
445	LISTENING	0.0.0.0	0	System [4] error getting file info Script: Quarantine, Delete, Delete via BC, Terminate	x64	Microsoft NET
5060	LISTENING	0.0.0.0	0	C:\Program Files (x86)\ASUS\AI Suite III\File Transfer\Wi-Fi GO! AssistTool\File Transfer Server.exe [10504] 8727,48 kb, rsAh, created: 22.06.2018 16:48:33, modified: 12.09.2016 16:08:22 Script: Quarantine, Delete, Delete via BC, Terminate	x64		ASUS File Transfer Server	TODO: (c) <Company name>. All rights reserved.
5064	LISTENING	0.0.0.0	0	C:\Program Files (x86)\ASUS\AI Suite III\File Transfer\Wi-Fi GO! AssistTool\File Transfer Server.exe [10504] 8727,48 kb, rsAh, created: 22.06.2018 16:48:33, modified: 12.09.2016 16:08:22 Script: Quarantine, Delete, Delete via BC, Terminate	x64		ASUS File Transfer Server	TODO: (c) <Company name>. All rights reserved.
5065	LISTENING	0.0.0.0	0	C:\Program Files (x86)\ASUS\AI Suite III\File Transfer\Wi-Fi GO! AssistTool\File Transfer Server.exe [10504] 8727,48 kb, rsAh, created: 22.06.2018 16:48:33, modified: 12.09.2016 16:08:22 Script: Quarantine, Delete, Delete via BC, Terminate	x64		ASUS File Transfer Server	TODO: (c) <Company name>. All rights reserved.
5066	LISTENING	0.0.0.0	0	C:\Program Files (x86)\ASUS\AI Suite III\File Transfer\Wi-Fi GO! AssistTool\File Transfer Server.exe [10504] 8727,48 kb, rsAh, created: 22.06.2018 16:48:33, modified: 12.09.2016 16:08:22 Script: Quarantine, Delete, Delete via BC, Terminate	x64		ASUS File Transfer Server	TODO: (c) <Company name>. All rights reserved.
5067	LISTENING	0.0.0.0	0	C:\Program Files (x86)\ASUS\AI Suite III\File Transfer\Wi-Fi GO! AssistTool\File Transfer Server.exe [10504] 8727,48 kb, rsAh, created: 22.06.2018 16:48:33, modified: 12.09.2016 16:08:22 Script: Quarantine, Delete, Delete via BC, Terminate	x64		ASUS File Transfer Server	TODO: (c) <Company name>. All rights reserved.
5080	LISTENING	0.0.0.0	0	C:\Program Files (x86)\ASUS\AI Suite III\File Transfer\Wi-Fi GO! AssistTool\File Transfer Server.exe [10504] 8727,48 kb, rsAh, created: 22.06.2018 16:48:33, modified: 12.09.2016 16:08:22 Script: Quarantine, Delete, Delete via BC, Terminate	x64		ASUS File Transfer Server	TODO: (c) <Company name>. All rights reserved.
9050	LISTENING	0.0.0.0	0	C:\Program Files (x86)\ASUS\AI Suite III\File Transfer\Wi-Fi GO! AssistTool\File Transfer Server.exe [10504] 8727,48 kb, rsAh, created: 22.06.2018 16:48:33, modified: 12.09.2016 16:08:22 Script: Quarantine, Delete, Delete via BC, Terminate	x64		ASUS File Transfer Server	TODO: (c) <Company name>. All rights reserved.
49664	LISTENING	0.0.0.0	0	wininit.exe [1060] error getting file info Script: Quarantine, Delete, Delete via BC, Terminate	x64
49670	LISTENING	0.0.0.0	0	services.exe [1132] error getting file info Script: Quarantine, Delete, Delete via BC, Terminate	x64
5080	ESTABLISHED	127.0.0.1	49674	C:\Program Files (x86)\ASUS\AI Suite III\File Transfer\Wi-Fi GO! AssistTool\File Transfer Server.exe [10504] 8727,48 kb, rsAh, created: 22.06.2018 16:48:33, modified: 12.09.2016 16:08:22 Script: Quarantine, Delete, Delete via BC, Terminate	x64		ASUS File Transfer Server	TODO: (c) <Company name>. All rights reserved.
49671	LISTENING	0.0.0.0	0	C:\Program Files (x86)\LightingService\1.00.14\LightingService.exe [4164] 1268,46 kb, RsAh, created: 22.06.2018 17:13:18, modified: 06.07.2017 08:36:42 Script: Quarantine, Delete, Delete via BC, Terminate	x64		LightingService	Copyright (C) ASUSTek Computer Inc. 2015-2017
49674	ESTABLISHED	127.0.0.1	5080	C:\Program Files (x86)\ASUS\AI Suite III\File Transfer\Wi-Fi GO! AssistTool\File Transfer Server.exe [10504] 8727,48 kb, rsAh, created: 22.06.2018 16:48:33, modified: 12.09.2016 16:08:22 Script: Quarantine, Delete, Delete via BC, Terminate	x64		ASUS File Transfer Server	TODO: (c) <Company name>. All rights reserved.
50302	ESTABLISHED	127.0.0.1	50303	C:\Program Files (x86)\Kaspersky Lab\Kaspersky Secure Connection 3.0\ksde.exe [2276] 602,55 kb, rsAh, created: 28.02.2018 23:37:30, modified: 28.02.2018 23:37:30 Script: Quarantine, Delete, Delete via BC, Terminate	x64		Kaspersky Secure Connection	© 2018 AO Kaspersky Lab. All Rights Reserved.
50303	ESTABLISHED	127.0.0.1	50302	C:\Program Files (x86)\Kaspersky Lab\Kaspersky Secure Connection 3.0\ksde.exe [2276] 602,55 kb, rsAh, created: 28.02.2018 23:37:30, modified: 28.02.2018 23:37:30 Script: Quarantine, Delete, Delete via BC, Terminate	x64		Kaspersky Secure Connection	© 2018 AO Kaspersky Lab. All Rights Reserved.
50307	ESTABLISHED	127.0.0.1	50308	C:\Program Files (x86)\LightingService\1.00.14\LightingService.exe [4164] 1268,46 kb, RsAh, created: 22.06.2018 17:13:18, modified: 06.07.2017 08:36:42 Script: Quarantine, Delete, Delete via BC, Terminate	x64		LightingService	Copyright (C) ASUSTek Computer Inc. 2015-2017
50308	ESTABLISHED	127.0.0.1	50307	C:\Program Files (x86)\LightingService\1.00.14\LightingService.exe [4164] 1268,46 kb, RsAh, created: 22.06.2018 17:13:18, modified: 06.07.2017 08:36:42 Script: Quarantine, Delete, Delete via BC, Terminate	x64		LightingService	Copyright (C) ASUSTek Computer Inc. 2015-2017
139	LISTENING	0.0.0.0	0	System [4] error getting file info Script: Quarantine, Delete, Delete via BC, Terminate	x64	Microsoft NET
49796	CLOSE_WAIT	93.184.220.29	80	C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.8827.22055.0_x64__8wekyb3d8bbwe\HxTsr.exe [2720] 96,17 kb, rsAh, created: 12.04.2018 18:24:42, modified: 12.04.2018 18:24:42 Script: Quarantine, Delete, Delete via BC, Terminate	x64		Microsoft Outlook Communications
50304	ESTABLISHED	213.155.156.71	443	C:\Program Files (x86)\Kaspersky Lab\Kaspersky Secure Connection 3.0\ksde.exe [2276] 602,55 kb, rsAh, created: 28.02.2018 23:37:30, modified: 28.02.2018 23:37:30 Script: Quarantine, Delete, Delete via BC, Terminate	x64		Kaspersky Secure Connection	© 2018 AO Kaspersky Lab. All Rights Reserved.
50309	ESTABLISHED	213.155.156.74	443	C:\Program Files (x86)\LightingService\1.00.14\LightingService.exe [4164] 1268,46 kb, RsAh, created: 22.06.2018 17:13:18, modified: 06.07.2017 08:36:42 Script: Quarantine, Delete, Delete via BC, Terminate	x64		LightingService	Copyright (C) ASUSTek Computer Inc. 2015-2017
50977	ESTABLISHED	81.19.104.30	443	C:\Program Files (x86)\LightingService\1.00.14\LightingService.exe [4164] 1268,46 kb, RsAh, created: 22.06.2018 17:13:18, modified: 06.07.2017 08:36:42 Script: Quarantine, Delete, Delete via BC, Terminate	x64		LightingService	Copyright (C) ASUSTek Computer Inc. 2015-2017
50986	TIME_WAIT	68.142.70.28	443	[0]	x64
50987	TIME_WAIT	68.142.70.28	443	[0]	x64
50990	TIME_WAIT	2.18.221.75	80	[0]	x64
51002	TIME_WAIT	185.85.15.30	443	[0]	x64
51004	TIME_WAIT	185.85.15.30	443	[0]	x64
51005	TIME_WAIT	185.85.15.30	443	[0]	x64
51007	TIME_WAIT	81.19.104.66	443	[0]	x64
51008	TIME_WAIT	54.192.187.69	443	[0]	x64
51013	TIME_WAIT	172.217.18.206	443	[0]	x64
51014	TIME_WAIT	172.217.18.206	443	[0]	x64
51015	TIME_WAIT	64.233.167.157	443	[0]	x64
51016	TIME_WAIT	64.233.167.157	443	[0]	x64
51018	TIME_WAIT	77.88.21.119	443	[0]	x64
51019	TIME_WAIT	63.140.40.117	443	[0]	x64
51021	TIME_WAIT	172.217.22.132	443	[0]	x64
51022	TIME_WAIT	172.217.22.132	443	[0]	x64
51023	TIME_WAIT	185.85.15.33	443	[0]	x64
51024	TIME_WAIT	185.85.15.33	443	[0]	x64
51025	TIME_WAIT	172.217.19.238	443	[0]	x64
51026	TIME_WAIT	172.217.19.238	443	[0]	x64
51027	TIME_WAIT	216.58.208.195	443	[0]	x64
51028	TIME_WAIT	216.58.208.195	443	[0]	x64
51032	TIME_WAIT	94.100.165.88	443	[0]	x64
51034	TIME_WAIT	81.19.104.33	443	[0]	x64
51035	TIME_WAIT	81.19.104.33	443	[0]	x64
51037	ESTABLISHED	88.221.83.48	80	C:\Program Files (x86)\ASUS\AI Suite III\AISuite3.exe [3328] 1998,46 kb, rsAh, created: 22.06.2018 16:47:10, modified: 20.06.2017 07:57:56 Script: Quarantine, Delete, Delete via BC, Terminate	x64
51038	TIME_WAIT	81.19.104.66	443	[0]	x64
51047	TIME_WAIT	81.19.104.66	443	[0]	x64
UDP ports
9070	LISTENING	--	--	C:\Program Files (x86)\ASUS\AI Suite III\File Transfer\Wi-Fi GO! AssistTool\File Transfer Server.exe [10504] 8727,48 kb, rsAh, created: 22.06.2018 16:48:33, modified: 12.09.2016 16:08:22 Script: Quarantine, Delete, Delete via BC, Terminate	x64		ASUS File Transfer Server	TODO: (c) <Company name>. All rights reserved.
137	LISTENING	--	--	System [4] error getting file info Script: Quarantine, Delete, Delete via BC, Terminate	x64	Microsoft NET
138	LISTENING	--	--	System [4] error getting file info Script: Quarantine, Delete, Delete via BC, Terminate	x64	Microsoft NET
Items found - 134, recognized as trusted - 81

Downloaded Program Files (DPF)

File name	Redirector	Description	Manufacturer	$CLSID	Source URL
Items found - 0, recognized as trusted - 0

Control Panel Applets (CPL)

File name	Redirector	Description	Manufacturer
Items found - 36, recognized as trusted - 36

Active Setup

File name	Redirector	Description	Manufacturer	$CLSID
C:\Program Files (x86)\Google\Chrome\Application\58.0.3029.96\Installer\chrmstp.exe error getting file info Script: Quarantine, Delete, Delete via BC	x32			{8A69D345-D564-463c-AFF1-A69D9E530F96} Delete
C:\Program Files (x86)\Google\Chrome\Application\58.0.3029.96\Installer\chrmstp.exe error getting file info Script: Quarantine, Delete, Delete via BC	x32			{8A69D345-D564-463c-AFF1-A69D9E530F96} Delete
C:\Program Files (x86)\Google\Chrome\Application\67.0.3396.87\Installer\chrmstp.exe 1889,84 kb, rsAh, created: 22.06.2018 18:23:41, modified: 22.06.2018 18:23:07 Script: Quarantine, Delete, Delete via BC	x64	Google Chrome Installer	Copyright 2017 Google Inc. All rights reserved.	{8A69D345-D564-463c-AFF1-A69D9E530F96} Delete
C:\Program Files (x86)\Google\Chrome\Application\67.0.3396.87\Installer\chrmstp.exe 1889,84 kb, rsAh, created: 22.06.2018 18:23:41, modified: 22.06.2018 18:23:07 Script: Quarantine, Delete, Delete via BC	x64	Google Chrome Installer	Copyright 2017 Google Inc. All rights reserved.	{8A69D345-D564-463c-AFF1-A69D9E530F96} Delete
Items found - 14, recognized as trusted - 10

HOSTS file

Hosts file record

Protocols and handlers

File name	Redirector	Type	Description	Manufacturer	$CLSID
Items found - 38, recognized as trusted - 38

Shared resources

Network name	Path	Notes
ADMIN$	C:\Windows	Administration а distance
IPC$		IPC distant
C$	C:\	Partage par dйfaut

Script commands Add commands to script:

Additional operations:

File list