supturb89
-
Posts
13 -
Joined
-
Last visited
Content Type
Events
Profiles
Forums
Posts posted by supturb89
-
-
Gringo,
ESET found some threats.
C:\Users\Webb\Downloads\MediaInfo_GUI_0.7.31_Windows_x64.exe Win32/OpenCandy application
C:\Users\Webb\Downloads\MediaInfo_GUI_0.7.36_Windows_i386.exe Win32/OpenCandy application
-
Gringo,
I performed the steps you asked. Computer is running fine.
Malwarebytes Anti-Malware 1.70.0.1100
www.malwarebytes.org
Database version: v2012.12.31.05
Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 8.0.7601.17514
Webb :: HTPC [administrator]
12/31/2012 9:24:09 AM
mbam-log-2012-12-31 (09-24-09).txt
Scan type: Quick scan
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 234327
Time elapsed: 2 minute(s), 9 second(s)
Memory Processes Detected: 0
(No malicious items detected)
Memory Modules Detected: 0
(No malicious items detected)
Registry Keys Detected: 0
(No malicious items detected)
Registry Values Detected: 0
(No malicious items detected)
Registry Data Items Detected: 0
(No malicious items detected)
Folders Detected: 0
(No malicious items detected)
Files Detected: 0
(No malicious items detected)
(end)
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 9:32:20 AM, on 12/31/2012
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v8.00 (8.00.7601.17514)
Boot mode: Normal
Running processes:
C:\Program Files (x86)\Garmin\gStart.exe
C:\Program Files\Alwil Software\Avast5\AvastUI.exe
C:\Program Files (x86)\ZeeVee\ZvRemote\ZvRemote.exe
C:\Windows\SysWOW64\ctfmon.exe
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe
C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_5_502_135.exe
C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_5_502_135.exe
C:\Users\Webb\Desktop\HijackThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Java Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll
O2 - BHO: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\Alwil Software\Avast5\aswWebRepIE.dll
O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
O3 - Toolbar: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\Alwil Software\Avast5\aswWebRepIE.dll
O4 - HKLM\..\Run: [startCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [WatcherHelper] "C:\Program Files (x86)\Sierra Wireless Inc\Watcher\WaHelper.exe"
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [avast] "C:\Program Files\Alwil Software\Avast5\avastUI.exe" /nogui
O4 - HKUS\S-1-5-18\..\RunOnce: [osk.exe] osk.exe (User 'SYSTEM')
O4 - HKUS\S-1-5-18\..\RunOnce: [Application Restart #0] C:\Windows\System32\osk.exe (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\RunOnce: [osk.exe] osk.exe (User 'Default user')
O4 - Startup: ZvRemote.lnk = C:\Program Files (x86)\ZeeVee\ZvRemote\ZvRemote.exe
O4 - Global Startup: Air Mouse.lnk = C:\Program Files (x86)\Air Mouse\Air Mouse\Air Mouse.exe
O4 - Global Startup: Media Browser Service.lnk = C:\Program Files (x86)\MediaBrowser\MediaBrowser\MediaBrowserService.exe
O4 - Global Startup: Windows Home Server.lnk = ?
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: AMD External Events Utility - Unknown owner - C:\Windows\system32\atiesrxx.exe (file missing)
O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files (x86)\Bonjour\mDNSResponder.exe
O23 - Service: COMODO livePCsupport Service (CLPSLS) - COMODO - C:\Program Files (x86)\COMODO\COMODO livePCsupport\CLPSLS.exe
O23 - Service: COMODO Internet Security Helper Service (cmdAgent) - COMODO - C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: Google Update Service (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Google Update Service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: SiSoftware Deployment Agent Service (SandraAgentSrv) - SiSoftware - C:\Program Files\SiSoftware\SiSoftware Sandra Lite 2010c\RpcAgentSrv.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
--
End of file - 8033 bytes
-
Grigo,
I created the scrip and ran it with Comcofix. I ahve attached the log. My computer is running great. Again though the lsass.exe process is no longer running.
ComboFix 12-12-31.01 - Webb 12/31/2012 8:24.2.2 - x64
Microsoft Windows 7 Ultimate 6.1.7601.1.1252.1.1033.18.4095.3094 [GMT -6:00]
Running from: c:\users\Webb\Desktop\ComboFix.exe
Command switches used :: c:\users\Webb\Desktop\CFScript.txt
AV: avast! Antivirus *Disabled/Updated* {2B2D1395-420B-D5C9-657E-930FE358FC3C}
FW: COMODO Firewall *Enabled* {7DB03214-694B-060B-1600-BD4715C36DBB}
SP: avast! Antivirus *Disabled/Updated* {904CF271-6431-DA47-5FCE-A87D98DFB681}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((( Files Created from 2012-11-28 to 2012-12-31 )))))))))))))))))))))))))))))))
.
.
2012-12-31 14:30 . 2012-12-31 14:30 -------- d-----w- c:\users\test\AppData\Local\temp
2012-12-31 14:30 . 2012-12-31 14:30 -------- d-----w- c:\users\test.HTPC\AppData\Local\temp
2012-12-31 14:30 . 2012-12-31 14:30 -------- d-----w- c:\users\Default\AppData\Local\temp
2012-12-31 01:53 . 2012-12-31 01:53 -------- d-----w- c:\program files (x86)\Common Files\Java
2012-12-31 01:53 . 2012-12-31 01:52 95184 ----a-w- c:\windows\SysWow64\WindowsAccessBridge-32.dll
2012-12-31 01:49 . 2012-12-31 01:49 76232 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{CBDA262E-5FCC-4B41-B1E7-7BEC5A2B2BA5}\offreg.dll
2012-12-29 03:03 . 2012-12-29 03:03 -------- d-----w- c:\users\Webb\AppData\Roaming\Malwarebytes
2012-12-29 03:03 . 2012-12-29 03:03 -------- d-----w- c:\programdata\Malwarebytes
2012-12-29 03:03 . 2012-12-29 03:03 -------- d-----w- c:\program files (x86)\Malwarebytes' Anti-Malware
2012-12-29 03:03 . 2012-12-14 22:49 24176 ----a-w- c:\windows\system32\drivers\mbam.sys
2012-12-29 03:02 . 2012-12-29 03:02 -------- d-----w- c:\users\Webb\AppData\Local\Programs
2012-12-28 18:41 . 2012-11-08 17:24 9125352 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{CBDA262E-5FCC-4B41-B1E7-7BEC5A2B2BA5}\mpengine.dll
2012-12-21 13:54 . 2012-12-21 13:56 -------- d-----w- c:\program files (x86)\Google
2012-12-21 09:00 . 2012-12-16 17:11 46080 ----a-w- c:\windows\system32\atmlib.dll
2012-12-21 09:00 . 2012-12-16 14:13 34304 ----a-w- c:\windows\SysWow64\atmlib.dll
2012-12-21 09:00 . 2012-12-16 14:45 367616 ----a-w- c:\windows\system32\atmfd.dll
2012-12-21 09:00 . 2012-12-16 14:13 295424 ----a-w- c:\windows\SysWow64\atmfd.dll
2012-12-11 19:07 . 2012-11-09 05:45 2048 ----a-w- c:\windows\system32\tzres.dll
2012-12-11 19:07 . 2012-11-09 04:42 2048 ----a-w- c:\windows\SysWow64\tzres.dll
2012-12-11 19:05 . 2012-10-04 16:47 274944 ----a-w- c:\windows\SysWow64\KernelBase.dll
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2012-12-31 01:52 . 2012-10-19 11:18 859072 ----a-w- c:\windows\SysWow64\npdeployJava1.dll
2012-12-31 01:52 . 2010-04-25 02:57 779704 ----a-w- c:\windows\SysWow64\deployJava1.dll
2012-12-12 11:13 . 2012-04-07 13:19 697272 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe
2012-12-12 11:13 . 2011-05-21 19:42 73656 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2012-12-12 09:01 . 2010-04-23 02:37 67413224 ----a-w- c:\windows\system32\MRT.exe
2012-11-07 23:38 . 2010-04-09 06:25 94288 ----a-w- c:\windows\system32\drivers\inspect.sys
2012-11-07 23:38 . 2010-04-09 06:25 38144 ----a-w- c:\windows\system32\drivers\cmdhlp.sys
2012-11-07 23:37 . 2010-04-09 06:25 584056 ----a-w- c:\windows\system32\drivers\cmdGuard.sys
2012-11-07 23:37 . 2010-04-09 06:25 22736 ----a-w- c:\windows\system32\drivers\cmderd.sys
2012-11-07 23:37 . 2012-01-18 13:15 41240 ----a-w- c:\windows\system32\cmdcsr.dll
2012-11-07 23:37 . 2010-04-09 06:26 301264 ----a-w- c:\windows\SysWow64\guard32.dll
2012-11-07 23:37 . 2010-04-09 06:26 390392 ----a-w- c:\windows\system32\guard64.dll
2012-10-30 23:51 . 2010-04-23 02:32 59728 ----a-w- c:\windows\system32\drivers\aswTdi.sys
2012-10-30 23:51 . 2011-03-09 01:52 984144 ----a-w- c:\windows\system32\drivers\aswSnx.sys
2012-10-30 23:51 . 2010-04-23 02:32 370288 ----a-w- c:\windows\system32\drivers\aswSP.sys
2012-10-30 23:51 . 2010-04-23 02:32 71600 ----a-w- c:\windows\system32\drivers\aswMonFlt.sys
2012-10-30 23:51 . 2010-04-23 02:32 25232 ----a-w- c:\windows\system32\drivers\aswFsBlk.sys
2012-10-30 23:51 . 2010-07-24 02:43 41224 ----a-w- c:\windows\avastSS.scr
2012-10-30 23:50 . 2010-04-23 02:31 227648 ----a-w- c:\windows\SysWow64\aswBoot.exe
2012-10-30 23:50 . 2011-02-13 22:36 285328 ----a-w- c:\windows\system32\aswBoot.exe
2012-10-19 15:29 . 2012-10-19 15:29 163056 ----a-w- c:\programdata\Microsoft\Windows\Sqm\Manifest\Sqm10142.bin
2012-10-16 08:38 . 2012-11-27 18:55 135168 ----a-w- c:\windows\apppatch\AppPatch64\AcXtrnal.dll
2012-10-16 08:38 . 2012-11-27 18:55 350208 ----a-w- c:\windows\apppatch\AppPatch64\AcLayers.dll
2012-10-16 07:39 . 2012-11-27 18:55 561664 ----a-w- c:\windows\apppatch\AcLayers.dll
2012-10-15 16:59 . 2012-04-07 13:20 54072 ----a-w- c:\windows\system32\drivers\aswRdr2.sys
2012-10-09 18:17 . 2012-11-14 10:50 55296 ----a-w- c:\windows\system32\dhcpcsvc6.dll
2012-10-09 18:17 . 2012-11-14 10:50 226816 ----a-w- c:\windows\system32\dhcpcore6.dll
2012-10-09 17:40 . 2012-11-14 10:50 44032 ----a-w- c:\windows\SysWow64\dhcpcsvc6.dll
2012-10-09 17:40 . 2012-11-14 10:50 193536 ----a-w- c:\windows\SysWow64\dhcpcore6.dll
2012-10-04 20:29 . 2012-03-15 06:40 737072 ----a-w- c:\programdata\Microsoft\eHome\Packages\SportsV2\SportsTemplateCore-2\Microsoft.MediaCenter.Sports.UI.dll
2012-10-04 20:28 . 2012-02-19 21:32 2876528 ----a-w- c:\programdata\Microsoft\eHome\Packages\MCEClientUX\UpdateableMarkup\markup.dll
2012-10-04 20:28 . 2012-02-19 21:32 42776 ----a-w- c:\programdata\Microsoft\eHome\Packages\MCEClientUX\dSM\StartResources.dll
2012-10-04 20:28 . 2012-02-19 21:32 539984 ----a-w- c:\programdata\Microsoft\eHome\Packages\MCESpotlight\MCESpotlight\SpotlightResources.dll
2012-10-04 16:40 . 2012-12-11 19:05 44032 ----a-w- c:\windows\apppatch\acwow64.dll
2012-10-03 17:56 . 2012-11-14 10:49 1914248 ----a-w- c:\windows\system32\drivers\tcpip.sys
2012-10-03 17:44 . 2012-11-14 10:49 70656 ----a-w- c:\windows\system32\nlaapi.dll
2012-10-03 17:44 . 2012-11-14 10:49 303104 ----a-w- c:\windows\system32\nlasvc.dll
2012-10-03 17:44 . 2012-11-14 10:49 246272 ----a-w- c:\windows\system32\netcorehc.dll
2012-10-03 17:44 . 2012-11-14 10:49 18944 ----a-w- c:\windows\system32\netevent.dll
2012-10-03 17:44 . 2012-11-14 10:49 216576 ----a-w- c:\windows\system32\ncsi.dll
2012-10-03 17:42 . 2012-11-14 10:49 569344 ----a-w- c:\windows\system32\iphlpsvc.dll
2012-10-03 16:42 . 2012-11-14 10:49 175104 ----a-w- c:\windows\SysWow64\netcorehc.dll
2012-10-03 16:42 . 2012-11-14 10:49 18944 ----a-w- c:\windows\SysWow64\netevent.dll
2012-10-03 16:42 . 2012-11-14 10:49 156672 ----a-w- c:\windows\SysWow64\ncsi.dll
2012-10-03 16:07 . 2012-11-14 10:49 45568 ----a-w- c:\windows\system32\drivers\tcpipreg.sys
2010-12-07 22:27 . 2010-11-21 17:11 331249 ----a-w- c:\program files (x86)\Clown_BD_v0.79.exe
.
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"StartCCC"="c:\program files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2010-10-27 98304]
"QuickTime Task"="c:\program files (x86)\QuickTime\QTTask.exe" [2010-11-29 421888]
"WatcherHelper"="c:\program files (x86)\Sierra Wireless Inc\Watcher\WaHelper.exe" [2009-06-12 53248]
"Adobe Reader Speed Launcher"="c:\program files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2012-07-31 38872]
"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2012-07-11 919008]
"avast"="c:\program files\Alwil Software\Avast5\avastUI.exe" [2012-10-30 4297136]
.
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"osk.exe"="osk.exe" [2009-07-14 646144]
"Application Restart 0"="c:\windows\System32\osk.exe" [2009-07-14 646144]
.
c:\users\Webb\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
ZvRemote.lnk - c:\program files (x86)\ZeeVee\ZvRemote\ZvRemote.exe [2010-2-10 1565944]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
Air Mouse.lnk - c:\program files (x86)\Air Mouse\Air Mouse\Air Mouse.exe [2010-6-27 1018856]
Media Browser Service.lnk - c:\program files (x86)\MediaBrowser\MediaBrowser\MediaBrowserService.exe [2012-1-14 135168]
Windows Home Server.lnk - c:\windows\Installer\{21E49794-7C13-4E84-8659-55BD378267D5}\WHSTrayApp.exe [2012-1-2 666992]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
"PromptOnSecureDesktop"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\windows]
"LoadAppInit_DLLs"=1 (0x1)
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\CLPSLS]
@="Service"
.
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys [2010-11-20 20992]
R3 SandraAgentSrv;SiSoftware Deployment Agent Service;c:\program files\SiSoftware\SiSoftware Sandra Lite 2010c\RpcAgentSrv.exe [2009-08-24 93336]
R3 Synth3dVsc;Synth3dVsc;c:\windows\system32\drivers\synth3dvsc.sys [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [2010-11-20 59392]
R3 tsusbhub;tsusbhub;c:\windows\system32\drivers\tsusbhub.sys [x]
R3 USBAAPL64;Apple Mobile USB Driver;c:\windows\system32\Drivers\usbaapl64.sys [2011-02-18 51712]
R3 VGPU;VGPU;c:\windows\system32\drivers\rdvgkmd.sys [x]
R3 WatAdminSvc;Windows Activation Technologies Service;c:\windows\system32\Wat\WatAdminSvc.exe [2010-04-23 1255736]
R4 wlcrasvc;Windows Live Mesh remote connections service;c:\program files\Windows Live\Mesh\wlcrasvc.exe [2010-09-23 57184]
S1 aswSnx;aswSnx; [x]
S1 aswSP;aswSP; [x]
S1 cmdGuard;COMODO Internet Security Sandbox Driver;c:\windows\system32\DRIVERS\cmdguard.sys [2012-11-07 584056]
S1 cmdHlp;COMODO Internet Security Helper Driver;c:\windows\system32\DRIVERS\cmdhlp.sys [2012-11-07 38144]
S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe [2010-10-27 203776]
S2 arXfrSvc;Windows Media Center TV Archive Transfer Service;c:\program files\Windows Home Server\Microsoft.HomeServer.Archive.TransferService.exe [2011-01-10 231280]
S2 aswFsBlk;aswFsBlk; [x]
S2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys [2012-10-30 71600]
S2 CLPSLS;COMODO livePCsupport Service;c:\program files (x86)\COMODO\COMODO livePCsupport\CLPSLS.exe [2010-02-19 148744]
S2 esClient;Windows Media Center Client Service;c:\program files\Windows Home Server\esClient.exe [2011-01-10 109936]
S2 WHSConnector;Windows Home Server Connector Service;c:\program files\Windows Home Server\WHSConnector.exe [2011-01-10 489840]
S3 AtiHDAudioService;ATI Function Driver for HD Audio Service;c:\windows\system32\drivers\AtihdW76.sys [2010-09-24 116752]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys [2009-05-22 215040]
.
.
Contents of the 'Scheduled Tasks' folder
.
2012-12-31 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-04-07 11:13]
.
2012-12-31 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2012-12-21 13:54]
.
2012-12-31 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2012-12-21 13:54]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]
@="{472083B0-C522-11CF-8763-00608CC02F24}"
[HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]
2012-10-30 23:50 133400 ----a-w- c:\program files\Alwil Software\Avast5\ashShA64.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"COMODO Internet Security"="c:\program files\COMODO\COMODO Internet Security\cfp.exe" [2012-11-07 9577680]
.
------- Supplementary Scan -------
.
uLocal Page = c:\windows\system32\blank.htm
mLocal Page = c:\windows\SysWOW64\blank.htm
uInternet Settings,ProxyOverride = *.local
TCP: DhcpNameServer = 192.168.1.1
FF - ProfilePath - c:\users\Webb\AppData\Roaming\Mozilla\Firefox\Profiles\ek5gyir8.default\
FF - prefs.js: browser.startup.homepage - www.google.com
.
- - - - ORPHANS REMOVED - - - -
.
Wow6432Node-HKCU-Run-gStart - c:\program files (x86)\Garmin\gStart.exe
SafeBoot-06223878.sys
.
.
.
--------------------- LOCKED REGISTRY KEYS ---------------------
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_5_502_135_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_5_502_135_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_5_502_135_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_5_502_135_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_5_502_135.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.11"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_5_502_135.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_5_502_135.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_5_502_135.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Completion time: 2012-12-31 08:32:27
ComboFix-quarantined-files.txt 2012-12-31 14:32
ComboFix2.txt 2012-12-30 14:11
.
Pre-Run: 97,690,898,432 bytes free
Post-Run: 97,392,054,272 bytes free
.
- - End Of File - - B20D5A267C7EC9E84E2D218E7E8DBAF8
-
Gringo,
I ran the MBrootkit and no threats were found. My computer is running great but as I said in a previous reply the lsass.exe process is no longer running according to the task manager.
Aaron
-
aswMBR version 0.9.9.1707 Copyright© 2011 AVAST Software
Run date: 2012-12-30 14:14:03
-----------------------------
14:14:03.509 OS Version: Windows x64 6.1.7601 Service Pack 1
14:14:03.509 Number of processors: 2 586 0x4303
14:14:03.509 ComputerName: HTPC UserName: Webb
14:14:04.273 Initialize success
14:14:07.736 AVAST engine defs: 12123000
14:14:16.831 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP0T0L0-0
14:14:16.831 Disk 0 Vendor: WDC_WD2500YD-01NVB1 10.02E01 Size: 239372MB BusType: 3
14:14:16.847 Disk 0 MBR read successfully
14:14:16.847 Disk 0 MBR scan
14:14:16.847 Disk 0 Windows 7 default MBR code
14:14:16.862 Disk 0 Partition 1 80 (A) 07 HPFS/NTFS NTFS 188252 MB offset 2048
14:14:16.862 Disk 0 Partition - 00 05 Extended 51113 MB offset 385543935
14:14:16.894 Disk 0 Partition 2 00 82 Linux swap 2133 MB offset 485853858
14:14:16.956 Disk 0 scanning C:\Windows\system32\drivers
14:14:29.982 Service scanning
14:14:46.331 Modules scanning
14:14:46.331 Disk 0 trace - called modules:
14:14:46.347 ntoskrnl.exe CLASSPNP.SYS disk.sys ACPI.sys ataport.SYS pciide.sys
14:14:46.861 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0xfffffa8004893220]
14:14:46.861 3 CLASSPNP.SYS[fffff88001b9243f] -> nt!IofCallDriver -> [0xfffffa800489d9b0]
14:14:46.861 5 ACPI.sys[fffff88000f6d7a1] -> nt!IofCallDriver -> \Device\Ide\IdeDeviceP0T0L0-0[0xfffffa8004885680]
14:14:47.298 AVAST engine scan C:\Windows
14:14:50.637 AVAST engine scan C:\Windows\system32
14:18:03.484 AVAST engine scan C:\Windows\system32\drivers
14:18:15.871 AVAST engine scan C:\Users\Webb
14:20:04.135 AVAST engine scan C:\ProgramData
14:23:36.936 Scan finished successfully
14:24:06.233 Disk 0 MBR has been saved successfully to "C:\Users\Webb\Desktop\MBR.dat"
14:24:06.233 The log file has been saved successfully to "C:\Users\Webb\Desktop\aswMBR.txt"
-
more TDSKiller
14:11:42.0330 4428 C:\Windows\System32\SearchFilterHost.exe - ok
14:11:42.0345 4428 [ 101797BA603D227946B4B5109867EB19 ] C:\Windows\System32\SyncCenter.dll
14:11:42.0345 4428 C:\Windows\System32\SyncCenter.dll - ok
14:11:42.0345 4428 [ 48041BAEB60CE5F34F13CC2A1361E49C ] C:\Windows\System32\mssph.dll
14:11:42.0345 4428 C:\Windows\System32\mssph.dll - ok
14:11:42.0345 4428 [ 021287C2050FD5DB4A8B084E2C38139C ] C:\Windows\System32\WinSATAPI.dll
14:11:42.0345 4428 C:\Windows\System32\WinSATAPI.dll - ok
14:11:42.0361 4428 [ C8541AECCCA9260DE93C85F214110FA8 ] C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\wpfgfx_v0300.dll
14:11:42.0361 4428 C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\wpfgfx_v0300.dll - ok
14:11:42.0361 4428 [ 8F4BB0CFECED925D440ABC2481278360 ] C:\Windows\System32\mapi32.dll
14:11:42.0361 4428 C:\Windows\System32\mapi32.dll - ok
14:11:42.0361 4428 [ 28A7D7C7E2FDD1D55F12F750CD6331EC ] C:\Windows\System32\MSMPEG2ENC.DLL
14:11:42.0361 4428 C:\Windows\System32\MSMPEG2ENC.DLL - ok
14:11:42.0377 4428 [ D47EC6A8E81633DD18D2436B19BAF6DE ] C:\Windows\System32\upnphost.dll
14:11:42.0377 4428 C:\Windows\System32\upnphost.dll - ok
14:11:42.0377 4428 [ 8130391F82D52D36C0441F714136957F ] C:\Windows\System32\imapi2.dll
14:11:42.0377 4428 C:\Windows\System32\imapi2.dll - ok
14:11:42.0377 4428 [ 2730BC63D4896F7976D9D31BC9786EBA ] C:\Program Files (x86)\ASUS\EPU-4 Engine\AsSpindownTimeout.dll
14:11:42.0377 4428 C:\Program Files (x86)\ASUS\EPU-4 Engine\AsSpindownTimeout.dll - ok
14:11:42.0392 4428 [ 6A5C1A8AC0B572679361026D0E900420 ] C:\Windows\System32\hgcpl.dll
14:11:42.0392 4428 C:\Windows\System32\hgcpl.dll - ok
14:11:42.0392 4428 [ D64D99EC088B54FFE8EE67A480386C20 ] C:\Windows\Microsoft.NET\Framework64\v2.0.50727\Culture.dll
14:11:42.0392 4428 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\Culture.dll - ok
14:11:42.0392 4428 [ 07AD88DF9EF73215458867EFC1BFFE9E ] C:\Windows\System32\wbem\wmiprov.dll
14:11:42.0392 4428 C:\Windows\System32\wbem\wmiprov.dll - ok
14:11:42.0392 4428 [ 4C3DAEE652B005B483F16B8E9131C99D ] C:\Windows\System32\d3d9.dll
14:11:42.0392 4428 C:\Windows\System32\d3d9.dll - ok
14:11:42.0408 4428 [ 0438CAB2E03F4FB61455A7956026FE86 ] C:\Windows\System32\fdPHost.dll
14:11:42.0408 4428 C:\Windows\System32\fdPHost.dll - ok
14:11:42.0408 4428 [ 171D7DB433314A868507C4326E8209DC ] C:\Windows\System32\fdWSD.dll
14:11:42.0408 4428 C:\Windows\System32\fdWSD.dll - ok
14:11:42.0408 4428 [ A2E5B2D20954210DCE1A75A1FC8CC36D ] C:\Windows\System32\fdSSDP.dll
14:11:42.0408 4428 C:\Windows\System32\fdSSDP.dll - ok
14:11:42.0423 4428 [ EFDFB3DD38A4376F93E7985173813ABD ] C:\Windows\System32\ListSvc.dll
14:11:42.0423 4428 C:\Windows\System32\ListSvc.dll - ok
14:11:42.0423 4428 [ B6411CED931AFD059E48C52DBFBA95B4 ] C:\Windows\System32\P2P.dll
14:11:42.0423 4428 C:\Windows\System32\P2P.dll - ok
14:11:42.0423 4428 [ 3EAC4455472CC2C97107B5291E0DCAFE ] C:\Windows\System32\pnrpsvc.dll
14:11:42.0423 4428 C:\Windows\System32\pnrpsvc.dll - ok
14:11:42.0439 4428 [ 4A82EA2807B16FF577AEAF8ADB8779FF ] C:\Windows\System32\IdListen.dll
14:11:42.0439 4428 C:\Windows\System32\IdListen.dll - ok
14:11:42.0439 4428 [ A0524499F4C63CADA7E1529FC77F5DC1 ] C:\Windows\System32\hgprint.dll
14:11:42.0439 4428 C:\Windows\System32\hgprint.dll - ok
14:11:42.0439 4428 [ 3044D07ABDF4BBEA27E2EE7B1E0C0C65 ] C:\Windows\System32\d3d8thk.dll
14:11:42.0439 4428 C:\Windows\System32\d3d8thk.dll - ok
14:11:42.0439 4428 [ 927463ECB02179F88E4B9A17568C63C3 ] C:\Windows\System32\p2psvc.dll
14:11:42.0439 4428 C:\Windows\System32\p2psvc.dll - ok
14:11:42.0455 4428 [ C16628F1DFA5495A22E1DA05A852722C ] C:\Windows\System32\atiu9p64.dll
14:11:42.0455 4428 C:\Windows\System32\atiu9p64.dll - ok
14:11:42.0455 4428 [ 3AEE02CEDAA3ACD14F9D7E038E44D6D1 ] C:\Windows\System32\P2PGraph.dll
14:11:42.0455 4428 C:\Windows\System32\P2PGraph.dll - ok
14:11:42.0455 4428 [ 71E68F2443A80BD4DA89181889C457EA ] C:\Windows\System32\udhisapi.dll
14:11:42.0455 4428 C:\Windows\System32\udhisapi.dll - ok
14:11:42.0470 4428 [ 21E0179A49F1E1B50520C1D528D8F7B7 ] C:\Windows\System32\atiumd64.dll
14:11:42.0470 4428 C:\Windows\System32\atiumd64.dll - ok
14:11:42.0470 4428 [ 63C9BE8CD9815CB6BD2C2221A0034BE0 ] C:\Windows\System32\atiumd6a.dll
14:11:42.0470 4428 C:\Windows\System32\atiumd6a.dll - ok
14:11:42.0486 4428 [ 70C8F2121EA29625A4913336AF781725 ] C:\Windows\assembly\NativeImages_v2.0.50727_64\PresentationFramewo#\adcf9e45725f341acbd5d3fcd0a54572\PresentationFramework.Aero.ni.dll
14:11:42.0486 4428 C:\Windows\assembly\NativeImages_v2.0.50727_64\PresentationFramewo#\adcf9e45725f341acbd5d3fcd0a54572\PresentationFramework.Aero.ni.dll - ok
14:11:42.0486 4428 [ B439EFB7F218ED0849B4CC2D4A7FE1D3 ] C:\Windows\assembly\NativeImages_v2.0.50727_64\System.Core\63ba654893f4fc924ff75cf785744150\System.Core.ni.dll
14:11:42.0486 4428 C:\Windows\assembly\NativeImages_v2.0.50727_64\System.Core\63ba654893f4fc924ff75cf785744150\System.Core.ni.dll - ok
14:11:42.0486 4428 [ 0BF4362E18DFC52382F418278DCC52C4 ] C:\Windows\System32\rdpdd.dll
14:11:42.0486 4428 C:\Windows\System32\rdpdd.dll - ok
14:11:42.0501 4428 [ FF6148B1C150DA05D35C68D143AD6DEA ] C:\Windows\System32\RDPENCDD.dll
14:11:42.0501 4428 C:\Windows\System32\RDPENCDD.dll - ok
14:11:42.0501 4428 [ A23A9301EE7152FB6776052E52BDE9D9 ] C:\Windows\System32\RDPREFDD.dll
14:11:42.0501 4428 C:\Windows\System32\RDPREFDD.dll - ok
14:11:42.0501 4428 [ F718374D57E7469C8A633B168D1EBF54 ] C:\Windows\assembly\NativeImages_v2.0.50727_64\Microsoft.MediaCent#\226e588583e180296094202f09fc5ddd\Microsoft.MediaCenter.ni.dll
14:11:42.0501 4428 C:\Windows\assembly\NativeImages_v2.0.50727_64\Microsoft.MediaCent#\226e588583e180296094202f09fc5ddd\Microsoft.MediaCenter.ni.dll - ok
14:11:42.0517 4428 [ BB34C799E8ADB9B3253A375F65D9C2C1 ] C:\ProgramData\MediaBrowser\System.Data.SQLite.dll
14:11:42.0517 4428 C:\ProgramData\MediaBrowser\System.Data.SQLite.dll - ok
14:11:42.0517 4428 [ D233C7FEAE3FAA25F93A9E6B46815ADC ] C:\Windows\winsxs\amd64_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.6161_none_08e61857a83bc251\msvcr90.dll
14:11:42.0517 4428 C:\Windows\winsxs\amd64_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.6161_none_08e61857a83bc251\msvcr90.dll - ok
14:11:42.0517 4428 [ A4D07BCCCDF8211D4027E37A43E20163 ] C:\Windows\assembly\NativeImages_v2.0.50727_64\System.Data\ee5c9facac5c7dbf9c4b1e160f76daae\System.Data.ni.dll
14:11:42.0517 4428 C:\Windows\assembly\NativeImages_v2.0.50727_64\System.Data\ee5c9facac5c7dbf9c4b1e160f76daae\System.Data.ni.dll - ok
14:11:42.0517 4428 [ 98D53BB2DB8E11762D30C3CF41FA140B ] C:\Windows\assembly\GAC_64\System.Data\2.0.0.0__b77a5c561934e089\System.Data.dll
14:11:42.0517 4428 C:\Windows\assembly\GAC_64\System.Data\2.0.0.0__b77a5c561934e089\System.Data.dll - ok
14:11:42.0533 4428 [ E4806AC8BE2D890193252D4BEE7EA95C ] C:\Windows\assembly\GAC_64\System.Transactions\2.0.0.0__b77a5c561934e089\System.Transactions.dll
14:11:42.0533 4428 C:\Windows\assembly\GAC_64\System.Transactions\2.0.0.0__b77a5c561934e089\System.Transactions.dll - ok
14:11:42.0533 4428 [ F0A079CB4F819DD2AB94B06B3C17BF4C ] C:\Windows\assembly\NativeImages_v2.0.50727_64\System.Transactions\2110a213770c5bf08d61fb266706eb6d\System.Transactions.ni.dll
14:11:42.0533 4428 C:\Windows\assembly\NativeImages_v2.0.50727_64\System.Transactions\2110a213770c5bf08d61fb266706eb6d\System.Transactions.ni.dll - ok
14:11:42.0533 4428 [ E4FD4F6D50FB4D4CD66F1611664F7276 ] C:\Windows\assembly\NativeImages_v2.0.50727_64\System.EnterpriseSe#\7b5db8785f8af88c502b492d8f83a90e\System.EnterpriseServices.ni.dll
14:11:42.0533 4428 C:\Windows\assembly\NativeImages_v2.0.50727_64\System.EnterpriseSe#\7b5db8785f8af88c502b492d8f83a90e\System.EnterpriseServices.ni.dll - ok
14:11:42.0548 4428 [ 2E7ADF9B0389CD94605717784D7E416A ] C:\Windows\System32\drttransport.dll
14:11:42.0548 4428 C:\Windows\System32\drttransport.dll - ok
14:11:42.0548 4428 [ C57BC99A4467B3E8F1CC2184A3F46729 ] C:\Windows\System32\drt.dll
14:11:42.0548 4428 C:\Windows\System32\drt.dll - ok
14:11:42.0548 4428 [ C5413BC4F10CEB4C3070BBF04D324117 ] C:\Windows\SysWOW64\msisip.dll
14:11:42.0548 4428 C:\Windows\SysWOW64\msisip.dll - ok
14:11:42.0564 4428 [ E8F6851E4600CD3674422487EE240941 ] C:\Windows\SysWOW64\wshext.dll
14:11:42.0564 4428 C:\Windows\SysWOW64\wshext.dll - ok
14:11:42.0564 4428 [ 2875B386B45B8A77E2343C5E129AE50C ] C:\Windows\SysWOW64\WindowsPowerShell\v1.0\pwrshsip.dll
14:11:42.0564 4428 C:\Windows\SysWOW64\WindowsPowerShell\v1.0\pwrshsip.dll - ok
14:11:42.0564 4428 [ 559D9CBFC29DEE2773B28D38851683BA ] C:\Program Files (x86)\Microsoft Silverlight\xapauthenticodesip.dll
14:11:42.0564 4428 C:\Program Files (x86)\Microsoft Silverlight\xapauthenticodesip.dll - ok
14:11:42.0579 4428 [ 3D3CBD1847F980FB03343A63671E7886 ] C:\Windows\SysWOW64\schannel.dll
14:11:42.0579 4428 C:\Windows\SysWOW64\schannel.dll - ok
14:11:42.0579 4428 [ 7F19838AC317C34FCED020BE529AF71E ] C:\Program Files\Alwil Software\Avast5\AvastEmUpdate.exe
14:11:42.0579 4428 C:\Program Files\Alwil Software\Avast5\AvastEmUpdate.exe - ok
14:11:42.0579 4428 [ 3206A288014B1207F4E86336385CB41D ] C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDPROV.DLL
14:11:42.0579 4428 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDPROV.DLL - ok
14:11:42.0595 4428 [ 81953836F678A7353A797E3F7DE69B55 ] C:\Program Files\Common Files\Microsoft Shared\Windows Live\wlidcli.dll
14:11:42.0595 4428 C:\Program Files\Common Files\Microsoft Shared\Windows Live\wlidcli.dll - ok
14:11:42.0595 4428 [ F2C7BB8ACC97F92E987A2D4087D021B1 ] C:\Windows\System32\notepad.exe
14:11:42.0595 4428 C:\Windows\System32\notepad.exe - ok
14:11:42.0595 4428 [ F146E2BA475893DD77B2370DC1211FC6 ] C:\Windows\System32\drivers\55281566.sys
14:11:42.0595 4428 C:\Windows\System32\drivers\55281566.sys - ok
14:11:42.0611 4428 [ 3819AD4329303EAC88480CA16A650735 ] C:\Windows\System32\UIAnimation.dll
14:11:42.0611 4428 C:\Windows\System32\UIAnimation.dll - ok
14:11:42.0611 4428 [ 102CF6879887BBE846A00C459E6D4ABC ] C:\Windows\SysWOW64\riched20.dll
14:11:42.0611 4428 C:\Windows\SysWOW64\riched20.dll - ok
14:11:42.0611 4428 [ E2A17BCC08D92F42E08AF6BA2F93ABA7 ] C:\Windows\SysWOW64\ExplorerFrame.dll
14:11:42.0611 4428 C:\Windows\SysWOW64\ExplorerFrame.dll - ok
14:11:42.0626 4428 [ 6E1F8165C365D35C8E3C045AF0CDD481 ] C:\Windows\SysWOW64\duser.dll
14:11:42.0626 4428 C:\Windows\SysWOW64\duser.dll - ok
14:11:42.0626 4428 [ EE06B85BC69F18826302348A2AD089E0 ] C:\Windows\SysWOW64\dui70.dll
14:11:42.0626 4428 C:\Windows\SysWOW64\dui70.dll - ok
14:11:42.0626 4428 [ 2898035F522BA2989BBA8B9CFB020FD2 ] C:\Program Files\Alwil Software\Avast5\defs\12123000\aspColl.dll
14:11:42.0626 4428 C:\Program Files\Alwil Software\Avast5\defs\12123000\aspColl.dll - ok
14:11:42.0642 4428 [ C5A75EB48E2344ABDC162BDA79E16841 ] C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
14:11:42.0642 4428 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe - ok
14:11:42.0642 4428 [ E5F7C30EDF0892667933BE879F067D67 ] C:\Windows\SysWOW64\msvcr100_clr0400.dll
14:11:42.0642 4428 C:\Windows\SysWOW64\msvcr100_clr0400.dll - ok
14:11:42.0642 4428 [ D83947A58613E9091B4C9CC0F1546A8D ] C:\Windows\SysWOW64\mscoree.dll
14:11:42.0642 4428 C:\Windows\SysWOW64\mscoree.dll - ok
14:11:42.0657 4428 [ C6F9AF94DCD58122A4D7E89DB6BED29D ] C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
14:11:42.0657 4428 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe - ok
14:11:42.0657 4428 [ CB21CD39637AC13F3455454B2F648257 ] C:\Windows\System32\msvcr100_clr0400.dll
14:11:42.0657 4428 C:\Windows\System32\msvcr100_clr0400.dll - ok
14:11:42.0657 4428 [ 5C4CB4086FB83115B153E47ADD961A0C ] C:\Windows\System32\FntCache.dll
14:11:42.0657 4428 C:\Windows\System32\FntCache.dll - ok
14:11:42.0673 4428 [ E4024CCF225A936207294DE50925D4F6 ] C:\Program Files (x86)\Google\Update\1.3.21.123\goopdateres_en.dll
14:11:42.0673 4428 C:\Program Files (x86)\Google\Update\1.3.21.123\goopdateres_en.dll - ok
14:11:42.0673 4428 [ E17E0188BB90FAE42D83E98707EFA59C ] C:\Windows\System32\sppsvc.exe
14:11:42.0673 4428 C:\Windows\System32\sppsvc.exe - ok
14:11:42.0673 4428 [ FFF95479C7AB1550F0750A5D01744211 ] C:\Windows\System32\drivers\spsys.sys
14:11:42.0673 4428 C:\Windows\System32\drivers\spsys.sys - ok
14:11:42.0689 4428 [ E8B1FE6669397D1772D8196DF0E57A9E ] C:\Windows\System32\wscsvc.dll
14:11:42.0689 4428 C:\Windows\System32\wscsvc.dll - ok
14:11:42.0689 4428 [ C47F35CC6FA4F1BDBEF8F87AC1A46537 ] C:\Windows\System32\wuapi.dll
14:11:42.0689 4428 C:\Windows\System32\wuapi.dll - ok
14:11:42.0689 4428 [ FA43D418BC945D27D0625B697B8442B5 ] C:\Windows\System32\cabinet.dll
14:11:42.0689 4428 C:\Windows\System32\cabinet.dll - ok
14:11:42.0689 4428 [ E746ED90132C6B6313CE9179F56BD31D ] C:\Windows\System32\wups.dll
14:11:42.0689 4428 C:\Windows\System32\wups.dll - ok
14:11:42.0704 4428 [ 7DF186D86CF8C571A12AAB788C777F84 ] C:\Windows\SysWOW64\wscproxystub.dll
14:11:42.0704 4428 C:\Windows\SysWOW64\wscproxystub.dll - ok
14:11:42.0704 4428 [ D9EF901DCA379CFE914E9FA13B73B4C4 ] C:\Windows\System32\wuaueng.dll
14:11:42.0704 4428 C:\Windows\System32\wuaueng.dll - ok
14:11:42.0704 4428 [ 617F6EC0AC677C685479C1D0D1E76C6F ] C:\Windows\System32\mspatcha.dll
14:11:42.0704 4428 C:\Windows\System32\mspatcha.dll - ok
14:11:42.0720 4428 [ F6F22291024906E43D135A4B1705FEAC ] C:\Windows\System32\sppwinob.dll
14:11:42.0720 4428 C:\Windows\System32\sppwinob.dll - ok
14:11:42.0720 4428 [ 7FE0D0C8F53735EA17C9AE93EFE7AD5A ] C:\Windows\System32\wups2.dll
14:11:42.0720 4428 C:\Windows\System32\wups2.dll - ok
14:11:42.0720 4428 [ 2B373B5F7E36B5ED5DA176D4400EF091 ] C:\Windows\System32\sppobjs.dll
14:11:42.0720 4428 C:\Windows\System32\sppobjs.dll - ok
14:11:42.0735 4428 [ 769765CE2CC62867468CEA93969B2242 ] C:\Windows\System32\drivers\asyncmac.sys
14:11:42.0735 4428 C:\Windows\System32\drivers\asyncmac.sys - ok
14:11:42.0735 4428 [ 81252AA3B13743020BCF2089A5A0D911 ] C:\Windows\System32\wscinterop.dll
14:11:42.0735 4428 C:\Windows\System32\wscinterop.dll - ok
14:11:42.0735 4428 [ DF50DAE4C547285E4997A0C61063B632 ] C:\Windows\System32\wscui.cpl
14:11:42.0735 4428 C:\Windows\System32\wscui.cpl - ok
14:11:42.0735 4428 [ F9959237F106F2B2609E61A290C0652E ] C:\Windows\System32\werconcpl.dll
14:11:42.0735 4428 C:\Windows\System32\werconcpl.dll - ok
14:11:42.0751 4428 [ 7E591867422DC788B9E5BD337A669A08 ] C:\Windows\System32\wercplsupport.dll
14:11:42.0751 4428 C:\Windows\System32\wercplsupport.dll - ok
14:11:42.0751 4428 [ 809AE7D4ACE06BBCF621E5C504BF6FC8 ] C:\Windows\System32\hcproviders.dll
14:11:42.0751 4428 C:\Windows\System32\hcproviders.dll - ok
14:11:42.0751 4428 [ 0D893F8D145D3B125B0226727C243A69 ] C:\Windows\System32\security.dll
14:11:42.0751 4428 C:\Windows\System32\security.dll - ok
14:11:42.0767 4428 [ 012787CEB35505EB78DF82E0A0072888 ] C:\Windows\System32\browcli.dll
14:11:42.0767 4428 C:\Windows\System32\browcli.dll - ok
14:11:42.0767 4428 [ C4BFE4B61086416B0529212F92BCE081 ] C:\Windows\System32\schedcli.dll
14:11:42.0767 4428 C:\Windows\System32\schedcli.dll - ok
14:11:42.0767 4428 [ 5EA9A0950F322BFA382AF277801C0307 ] C:\Windows\System32\wbem\wmipcima.dll
14:11:42.0767 4428 C:\Windows\System32\wbem\wmipcima.dll - ok
14:11:42.0782 4428 [ C00DB14550E4BD49737F311C644E45FF ] C:\Windows\System32\wmi.dll
14:11:42.0782 4428 C:\Windows\System32\wmi.dll - ok
14:11:42.0782 4428 [ B6D6886149573278CBA6ABD44C4317F5 ] C:\Windows\System32\slwga.dll
14:11:42.0782 4428 C:\Windows\System32\slwga.dll - ok
14:11:42.0782 4428 ============================================================
14:11:42.0782 4428 Scan finished
14:11:42.0782 4428 ============================================================
14:11:42.0798 2956 Detected object count: 1
14:11:42.0798 2956 Actual detected object count: 1
14:12:22.0071 2956 SandraAgentSrv ( UnsignedFile.Multi.Generic ) - skipped by user
14:12:22.0071 2956 SandraAgentSrv ( UnsignedFile.Multi.Generic ) - User select action: Skip
14:12:28.0202 3828 Deinitialize success
-
more TDSKiller
14:11:39.0693 4428 C:\Program Files\Alwil Software\Avast5\aswStrm.dll - ok
14:11:39.0693 4428 [ F436E847FA799ECD75AD8C313673F450 ] C:\Windows\SysWOW64\cfgmgr32.dll
14:11:39.0693 4428 C:\Windows\SysWOW64\cfgmgr32.dll - ok
14:11:39.0693 4428 [ 262F6592C3299C005FD6BEC90FC4463A ] C:\Windows\System32\schedsvc.dll
14:11:39.0693 4428 C:\Windows\System32\schedsvc.dll - ok
14:11:39.0693 4428 [ 945E54F23C72D37B8CD1987AF0DB63BF ] C:\Windows\System32\fveapi.dll
14:11:39.0693 4428 C:\Windows\System32\fveapi.dll - ok
14:11:39.0709 4428 [ BC414631876B2F28B8DAB08E849C12C5 ] C:\Windows\System32\ktmw32.dll
14:11:39.0709 4428 C:\Windows\System32\ktmw32.dll - ok
14:11:39.0709 4428 [ 891ECFD08E2C538B7948CBC45106D697 ] C:\Windows\System32\fvecerts.dll
14:11:39.0709 4428 C:\Windows\System32\fvecerts.dll - ok
14:11:39.0709 4428 [ 694865362F0965779F92BCFE97712323 ] C:\Windows\System32\tbs.dll
14:11:39.0709 4428 C:\Windows\System32\tbs.dll - ok
14:11:39.0725 4428 [ 8269210DAF3B12BC8300631B28A2A442 ] C:\Windows\System32\wiarpc.dll
14:11:39.0725 4428 C:\Windows\System32\wiarpc.dll - ok
14:11:39.0725 4428 [ 6DC4A7242F565C9E9C9CCC7BB0FA75C7 ] C:\Windows\System32\taskcomp.dll
14:11:39.0725 4428 C:\Windows\System32\taskcomp.dll - ok
14:11:39.0725 4428 [ 0EA7DE1ACB728DD5A369FD742D6EEE28 ] C:\Windows\System32\drivers\http.sys
14:11:39.0725 4428 C:\Windows\System32\drivers\http.sys - ok
14:11:39.0740 4428 [ 85DAA09A98C9286D4EA2BA8D0E644377 ] C:\Windows\System32\spoolsv.exe
14:11:39.0740 4428 C:\Windows\System32\spoolsv.exe - ok
14:11:39.0740 4428 [ 517110BD83835338C037269E603DB55D ] C:\Windows\System32\taskhost.exe
14:11:39.0740 4428 C:\Windows\System32\taskhost.exe - ok
14:11:39.0740 4428 [ 94EEAC26F57811BD1AEFC164412F7FCE ] C:\Windows\System32\PlaySndSrv.dll
14:11:39.0740 4428 C:\Windows\System32\PlaySndSrv.dll - ok
14:11:39.0756 4428 [ 1F1CA9E99DD5BF918BE0BF30B5A42FDA ] C:\Windows\System32\MsCtfMonitor.dll
14:11:39.0756 4428 C:\Windows\System32\MsCtfMonitor.dll - ok
14:11:39.0756 4428 [ F09A9A1AD21FE618C4C8B0A0D830C886 ] C:\Windows\System32\msutb.dll
14:11:39.0756 4428 C:\Windows\System32\msutb.dll - ok
14:11:39.0756 4428 [ 9BB99503D6A4DD62569EDE9E5E2672A5 ] C:\Windows\System32\HotStartUserAgent.dll
14:11:39.0756 4428 C:\Windows\System32\HotStartUserAgent.dll - ok
14:11:39.0771 4428 [ 82974D6A2FD19445CC5171FC378668A4 ] C:\Windows\System32\BFE.DLL
14:11:39.0771 4428 C:\Windows\System32\BFE.DLL - ok
14:11:39.0771 4428 [ 6C02A83164F5CC0A262F4199F0871CF5 ] C:\Windows\System32\drivers\bowser.sys
14:11:39.0771 4428 C:\Windows\System32\drivers\bowser.sys - ok
14:11:39.0771 4428 [ 6C38C9E45AE0EA2FA5E551F2ED5E978F ] C:\Windows\System32\drivers\mpsdrv.sys
14:11:39.0771 4428 C:\Windows\System32\drivers\mpsdrv.sys - ok
14:11:39.0771 4428 [ A5D9106A73DC88564C825D317CAC68AC ] C:\Windows\System32\drivers\mrxsmb.sys
14:11:39.0771 4428 C:\Windows\System32\drivers\mrxsmb.sys - ok
14:11:39.0787 4428 [ D711B3C1D5F42C0C2415687BE09FC163 ] C:\Windows\System32\drivers\mrxsmb10.sys
14:11:39.0787 4428 C:\Windows\System32\drivers\mrxsmb10.sys - ok
14:11:39.0787 4428 [ 54FFC9C8898113ACE189D4AA7199D2C1 ] C:\Windows\System32\MPSSVC.dll
14:11:39.0787 4428 C:\Windows\System32\MPSSVC.dll - ok
14:11:39.0787 4428 [ 9423E9D355C8D303E76B8CFBD8A5C30C ] C:\Windows\System32\drivers\mrxsmb20.sys
14:11:39.0787 4428 C:\Windows\System32\drivers\mrxsmb20.sys - ok
14:11:39.0803 4428 [ 851A1382EED3E3A7476DB004F4EE3E1A ] C:\Windows\System32\wkssvc.dll
14:11:39.0803 4428 C:\Windows\System32\wkssvc.dll - ok
14:11:39.0803 4428 [ C67F8A962B2534224D5908D16D2AD3CE ] C:\Windows\System32\wfapigp.dll
14:11:39.0803 4428 C:\Windows\System32\wfapigp.dll - ok
14:11:39.0803 4428 [ 1834B31C749B86DAC233BBBA1C03BC48 ] C:\Windows\System32\mscms.dll
14:11:39.0803 4428 C:\Windows\System32\mscms.dll - ok
14:11:39.0818 4428 [ 3AEAA8B561E63452C655DC0584922257 ] C:\Windows\System32\pcasvc.dll
14:11:39.0818 4428 C:\Windows\System32\pcasvc.dll - ok
14:11:39.0818 4428 [ 6313F223E817CC09AA41811DAA7F541D ] C:\Windows\System32\snmptrap.exe
14:11:39.0818 4428 C:\Windows\System32\snmptrap.exe - ok
14:11:39.0818 4428 [ 10EAB90C1AE8271B5FE5A8930987EE5C ] C:\Program Files\Windows Live\Mesh\WLRemoteServiceResource.dll
14:11:39.0818 4428 C:\Program Files\Windows Live\Mesh\WLRemoteServiceResource.dll - ok
14:11:39.0834 4428 [ 91A8E32B00BF7899EDAB6783287DDDA6 ] C:\Windows\System32\PeerDistSh.dll
14:11:39.0834 4428 C:\Windows\System32\PeerDistSh.dll - ok
14:11:39.0834 4428 [ 908ACB1F594274965A53926B10C81E89 ] C:\Windows\System32\provsvc.dll
14:11:39.0834 4428 C:\Windows\System32\provsvc.dll - ok
14:11:39.0834 4428 [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB ] C:\Windows\System32\sstpsvc.dll
14:11:39.0834 4428 C:\Windows\System32\sstpsvc.dll - ok
14:11:39.0834 4428 [ 5997D769CDB108390DCFAEBF442BF816 ] C:\Windows\SysWOW64\RpcRtRemote.dll
14:11:39.0834 4428 C:\Windows\SysWOW64\RpcRtRemote.dll - ok
14:11:39.0849 4428 [ A8CDF3768604FF95B54669E20053D569 ] C:\Windows\SysWOW64\wscapi.dll
14:11:39.0849 4428 C:\Windows\SysWOW64\wscapi.dll - ok
14:11:39.0849 4428 [ 8258362DDB18B644A82D8B5061AD9426 ] C:\Windows\SysWOW64\wscisvif.dll
14:11:39.0849 4428 C:\Windows\SysWOW64\wscisvif.dll - ok
14:11:39.0849 4428 [ 20F6F19FE9E753F2780DC2FA083AD597 ] C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
14:11:39.0849 4428 C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe - ok
14:11:39.0865 4428 [ 0B3595A4FF0B36D68E5FC67FD7D70FDC ] C:\Windows\winsxs\x86_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.6195_none_d09154e044272b9a\msvcp80.dll
14:11:39.0865 4428 C:\Windows\winsxs\x86_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.6195_none_d09154e044272b9a\msvcp80.dll - ok
14:11:39.0865 4428 [ C9564CF4976E7E96B4052737AA2492B4 ] C:\Windows\winsxs\x86_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.6195_none_d09154e044272b9a\msvcr80.dll
14:11:39.0865 4428 C:\Windows\winsxs\x86_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.6195_none_d09154e044272b9a\msvcr80.dll - ok
14:11:39.0865 4428 [ 1EBE9524683C7C4EED8B8BC93FB6FBCC ] C:\Windows\SysWOW64\fltLib.dll
14:11:39.0865 4428 C:\Windows\SysWOW64\fltLib.dll - ok
14:11:39.0881 4428 [ 401107CE7913B526FD87CC53F23A102F ] C:\Windows\SysWOW64\guard32.dll
14:11:39.0881 4428 C:\Windows\SysWOW64\guard32.dll - ok
14:11:39.0881 4428 [ DDDD1D04D5F4360371BC99C7C476F70D ] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\ASL.dll
14:11:39.0881 4428 C:\Program Files (x86)\Common Files\Apple\Apple Application Support\ASL.dll - ok
14:11:39.0881 4428 [ DC70310B3D079D667B67F0C7067209F3 ] C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService_main.dll
14:11:39.0881 4428 C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService_main.dll - ok
14:11:39.0896 4428 [ 10FB16B50AFFDA6D44588F3C445DC273 ] C:\Windows\SysWOW64\setupapi.dll
14:11:39.0896 4428 C:\Windows\SysWOW64\setupapi.dll - ok
14:11:39.0896 4428 [ 2EEFF4502F5E13B1BED4A04CCAD64C08 ] C:\Windows\SysWOW64\devobj.dll
14:11:39.0896 4428 C:\Windows\SysWOW64\devobj.dll - ok
14:11:39.0896 4428 [ 9184FA2B677CBF2F8E26098980E47304 ] C:\Program Files\Alwil Software\Avast5\defs\12123000\aswEngin.dll
14:11:39.0896 4428 C:\Program Files\Alwil Software\Avast5\defs\12123000\aswEngin.dll - ok
14:11:39.0912 4428 [ A94AF354E4EA9C835DCF3E60EC75911C ] C:\Program Files\Alwil Software\Avast5\defs\12123000\aswCmnOS.dll
14:11:39.0912 4428 C:\Program Files\Alwil Software\Avast5\defs\12123000\aswCmnOS.dll - ok
14:11:39.0912 4428 [ F8AC522C1DAEED05BDA7C0E4E394BCD7 ] C:\Program Files\Alwil Software\Avast5\defs\12123000\aswCmnIS.dll
14:11:39.0912 4428 C:\Program Files\Alwil Software\Avast5\defs\12123000\aswCmnIS.dll - ok
14:11:39.0912 4428 [ 1E7EAFF858538C516D7358C360605E3A ] C:\Program Files\Alwil Software\Avast5\defs\12123000\aswCmnBS.dll
14:11:39.0912 4428 C:\Program Files\Alwil Software\Avast5\defs\12123000\aswCmnBS.dll - ok
14:11:39.0927 4428 [ 2E929D6CF669AEF225552EEA9BE7E150 ] C:\Program Files\Alwil Software\Avast5\defs\12123000\aswScan.dll
14:11:39.0927 4428 C:\Program Files\Alwil Software\Avast5\defs\12123000\aswScan.dll - ok
14:11:39.0927 4428 [ 1752EE915B9003E1FD1FFB4DE63E538B ] C:\Program Files\Alwil Software\Avast5\defs\12123000\aswRep.dll
14:11:39.0927 4428 C:\Program Files\Alwil Software\Avast5\defs\12123000\aswRep.dll - ok
14:11:39.0927 4428 [ CE7828A0EA430338BBCFFC6914462BAA ] C:\Program Files\Alwil Software\Avast5\defs\12123000\aswFiDb.dll
14:11:39.0927 4428 C:\Program Files\Alwil Software\Avast5\defs\12123000\aswFiDb.dll - ok
14:11:39.0943 4428 [ B9EC9CC2D0013C2DF5E04791E7EDF85D ] C:\Program Files\Alwil Software\Avast5\defs\12123000\algo.dll
14:11:39.0943 4428 C:\Program Files\Alwil Software\Avast5\defs\12123000\algo.dll - ok
14:11:39.0943 4428 [ D025E95247353BA8ADB53CFF3A4E5BBB ] C:\Program Files\Alwil Software\Avast5\Setup\setiface.dll
14:11:39.0943 4428 C:\Program Files\Alwil Software\Avast5\Setup\setiface.dll - ok
14:11:39.0943 4428 [ 29E9794708DF51DB5DC89FB2E903A0F6 ] C:\Windows\SysWOW64\shell32.dll
14:11:39.0943 4428 C:\Windows\SysWOW64\shell32.dll - ok
14:11:39.0959 4428 [ F93674263F6B07C77956E966953242D9 ] C:\Windows\SysWOW64\secur32.dll
14:11:39.0959 4428 C:\Windows\SysWOW64\secur32.dll - ok
14:11:39.0959 4428 [ 749CF03BADC40453F61FD7025E2BA2F5 ] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\CoreFoundation.dll
14:11:39.0959 4428 C:\Program Files (x86)\Common Files\Apple\Apple Application Support\CoreFoundation.dll - ok
14:11:39.0959 4428 [ 418E881201583A3039D81F43E39E6C78 ] C:\Windows\SysWOW64\winsta.dll
14:11:39.0959 4428 C:\Windows\SysWOW64\winsta.dll - ok
14:11:39.0974 4428 [ 9C09AF87AC7351985AB5FFBA3FC52575 ] C:\Program Files\Alwil Software\Avast5\AhResBhv.dll
14:11:39.0974 4428 C:\Program Files\Alwil Software\Avast5\AhResBhv.dll - ok
14:11:39.0974 4428 [ 152F8772D5A5CD7883305C3B8D28470E ] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\pthreadVC2.dll
14:11:39.0974 4428 C:\Program Files (x86)\Common Files\Apple\Apple Application Support\pthreadVC2.dll - ok
14:11:39.0974 4428 [ 65EA57712340C09B1B0C427B4848AE05 ] C:\Windows\System32\taskeng.exe
14:11:39.0974 4428 C:\Windows\System32\taskeng.exe - ok
14:11:39.0990 4428 [ 258D35F5F5F5F3F6045488ECDC14FAAB ] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\objc.dll
14:11:39.0990 4428 C:\Program Files (x86)\Common Files\Apple\Apple Application Support\objc.dll - ok
14:11:39.0990 4428 [ E844C96552989FA1ECA95778583A904C ] C:\Program Files\Alwil Software\Avast5\AhResJs.dll
14:11:39.0990 4428 C:\Program Files\Alwil Software\Avast5\AhResJs.dll - ok
14:11:39.0990 4428 [ 7EF0C8A9A1A57756F4868E3693173C08 ] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libdispatch.dll
14:11:39.0990 4428 C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libdispatch.dll - ok
14:11:40.0005 4428 [ C7B2C357F485A3046DA50DA779068648 ] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\icuin40.dll
14:11:40.0005 4428 C:\Program Files (x86)\Common Files\Apple\Apple Application Support\icuin40.dll - ok
14:11:40.0005 4428 [ D5AEFAD57C08349A4393D987DF7C715D ] C:\Windows\SysWOW64\winmm.dll
14:11:40.0005 4428 C:\Windows\SysWOW64\winmm.dll - ok
14:11:40.0005 4428 [ 805A52C5AE26C28E88FDD9BCCFE6F312 ] C:\Windows\System32\TSChannel.dll
14:11:40.0005 4428 C:\Windows\System32\TSChannel.dll - ok
14:11:40.0021 4428 [ 65CDD43CD0B4876D35C30CA9C7416C05 ] C:\Program Files (x86)\ASUS\EPU-4 Engine\FourEngine.exe
14:11:40.0021 4428 C:\Program Files (x86)\ASUS\EPU-4 Engine\FourEngine.exe - ok
14:11:40.0021 4428 [ EA10AD929B194D042090B16481E4D30B ] C:\Program Files (x86)\ASUS\AASP\1.00.97\AsLoader.exe
14:11:40.0021 4428 C:\Program Files (x86)\ASUS\AASP\1.00.97\AsLoader.exe - ok
14:11:40.0021 4428 [ 0EF9D6C6C04CAB0B87C57330910D20A6 ] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\icuuc40.dll
14:11:40.0021 4428 C:\Program Files (x86)\Common Files\Apple\Apple Application Support\icuuc40.dll - ok
14:11:40.0037 4428 [ F02A533F517EB38333CB12A9E8963773 ] C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
14:11:40.0037 4428 C:\Program Files (x86)\Google\Update\GoogleUpdate.exe - ok
14:11:40.0037 4428 [ 90E11D62F692F5A0B7DFC548F776BAAF ] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\icudt40.dll
14:11:40.0037 4428 C:\Program Files (x86)\Common Files\Apple\Apple Application Support\icudt40.dll - ok
14:11:40.0037 4428 [ 17F5861A03516864A5F4CC04C7324278 ] C:\Program Files\Alwil Software\Avast5\AhResMai.dll
14:11:40.0037 4428 C:\Program Files\Alwil Software\Avast5\AhResMai.dll - ok
14:11:40.0037 4428 [ 8BEC10C53E927CD5E442FE332804F1AC ] C:\Program Files\Alwil Software\Avast5\AhResMes.dll
14:11:40.0037 4428 C:\Program Files\Alwil Software\Avast5\AhResMes.dll - ok
14:11:40.0052 4428 [ 9B2F20ECF609EDF54FEC43E792028261 ] C:\Program Files\Alwil Software\Avast5\AhResNS.dll
14:11:40.0052 4428 C:\Program Files\Alwil Software\Avast5\AhResNS.dll - ok
14:11:40.0052 4428 [ 857661F2E5A677CFB6D3B2CF6E428227 ] C:\Program Files\Alwil Software\Avast5\AhResP2P.dll
14:11:40.0052 4428 C:\Program Files\Alwil Software\Avast5\AhResP2P.dll - ok
14:11:40.0052 4428 [ 2466ED58B8EFB3320BCA73ACF8179D24 ] C:\Program Files\Alwil Software\Avast5\AhResStd.dll
14:11:40.0052 4428 C:\Program Files\Alwil Software\Avast5\AhResStd.dll - ok
14:11:40.0068 4428 [ 5D9550E02D981B92B133E5F8F7BDF8D2 ] C:\Program Files\Alwil Software\Avast5\AhResWS.dll
14:11:40.0068 4428 C:\Program Files\Alwil Software\Avast5\AhResWS.dll - ok
14:11:40.0068 4428 [ 72A7C1EC4D3BF38CB115395AD721AE3C ] C:\Program Files\Alwil Software\Avast5\defs\12123000\ArPot.dll
14:11:40.0068 4428 C:\Program Files\Alwil Software\Avast5\defs\12123000\ArPot.dll - ok
14:11:40.0068 4428 [ 3FD15B4611D9BDA3F8013548C0ECAECA ] C:\Windows\SysWOW64\ntmarta.dll
14:11:40.0068 4428 C:\Windows\SysWOW64\ntmarta.dll - ok
14:11:40.0083 4428 [ A8BB45F9ECAD993461E0FEF8E2A99152 ] C:\Windows\SysWOW64\Wldap32.dll
14:11:40.0083 4428 C:\Windows\SysWOW64\Wldap32.dll - ok
14:11:40.0083 4428 [ 8999B8631C7FD9F7F9EC3CAFD953BA24 ] C:\Windows\SysWOW64\mswsock.dll
14:11:40.0083 4428 C:\Windows\SysWOW64\mswsock.dll - ok
14:11:40.0083 4428 [ F832F1505AD8B83474BD9A5B1B985E01 ] C:\Program Files (x86)\Bonjour\mDNSResponder.exe
14:11:40.0083 4428 C:\Program Files (x86)\Bonjour\mDNSResponder.exe - ok
14:11:40.0099 4428 [ 17448AF0BBA9E7AB5EC955AF93F271BD ] C:\Windows\SysWOW64\wintrust.dll
14:11:40.0099 4428 C:\Windows\SysWOW64\wintrust.dll - ok
14:11:40.0099 4428 [ EE5C8E27C37B79CB54A2FCEEED2DC262 ] C:\Windows\SysWOW64\WSHTCPIP.DLL
14:11:40.0099 4428 C:\Windows\SysWOW64\WSHTCPIP.DLL - ok
14:11:40.0099 4428 [ 1ABFFB6ABE8B70EDA4206F0F3D3D72F4 ] C:\Program Files\Alwil Software\Avast5\ashMaiSv.dll
14:11:40.0099 4428 C:\Program Files\Alwil Software\Avast5\ashMaiSv.dll - ok
14:11:40.0115 4428 [ 7321F18D1F820612ED0E9F2D4B578A7E ] C:\Windows\SysWOW64\cryptsp.dll
14:11:40.0115 4428 C:\Windows\SysWOW64\cryptsp.dll - ok
14:11:40.0115 4428 [ ED8EC63F7522DF4852147C84EC62C36A ] C:\Windows\SysWOW64\rsaenh.dll
14:11:40.0115 4428 C:\Windows\SysWOW64\rsaenh.dll - ok
14:11:40.0115 4428 [ 0BA65122FFA7E37564EE86422DBF7AE8 ] C:\Windows\SysWOW64\nlaapi.dll
14:11:40.0115 4428 C:\Windows\SysWOW64\nlaapi.dll - ok
14:11:40.0115 4428 [ 0B7E85364CB878E2AD531DB7B601A9E5 ] C:\Windows\SysWOW64\NapiNSP.dll
14:11:40.0115 4428 C:\Windows\SysWOW64\NapiNSP.dll - ok
14:11:40.0130 4428 [ 5CF640EDDB1E40A5AB1BB743BCDEC610 ] C:\Windows\SysWOW64\pnrpnsp.dll
14:11:40.0130 4428 C:\Windows\SysWOW64\pnrpnsp.dll - ok
14:11:40.0130 4428 [ CFB3EEDF620E7F32464A3091BA76D5E8 ] C:\Program Files\Alwil Software\Avast5\defs\12123000\exts.dll
14:11:40.0130 4428 C:\Program Files\Alwil Software\Avast5\defs\12123000\exts.dll - ok
14:11:40.0130 4428 [ 9D4A1690AF93F233E15380398BEC7431 ] C:\Program Files (x86)\Common Files\microsoft shared\Windows Live\WLIDNSP.DLL
14:11:40.0130 4428 C:\Program Files (x86)\Common Files\microsoft shared\Windows Live\WLIDNSP.DLL - ok
14:11:40.0146 4428 [ C69DBFA61FE3DEA653A9B83C3A2B052B ] C:\Program Files (x86)\Bonjour\mdnsNSP.dll
14:11:40.0146 4428 C:\Program Files (x86)\Bonjour\mdnsNSP.dll - ok
14:11:40.0146 4428 [ 39EADCAA61372C038BCFED96DF5323DA ] C:\Program Files\Alwil Software\Avast5\ashWebSv.dll
14:11:40.0146 4428 C:\Program Files\Alwil Software\Avast5\ashWebSv.dll - ok
14:11:40.0146 4428 [ B40420876B9288E0A1C8CCA8A84E5DC9 ] C:\Windows\SysWOW64\dnsapi.dll
14:11:40.0146 4428 C:\Windows\SysWOW64\dnsapi.dll - ok
14:11:40.0161 4428 [ A90DC9ABD65DB1A8902F361103029952 ] C:\Windows\SysWOW64\IPHLPAPI.DLL
14:11:40.0161 4428 C:\Windows\SysWOW64\IPHLPAPI.DLL - ok
14:11:40.0161 4428 [ CFF35B879D1618D42C86644C717BA947 ] C:\Windows\SysWOW64\winnsi.dll
14:11:40.0161 4428 C:\Windows\SysWOW64\winnsi.dll - ok
14:11:40.0161 4428 [ 03A03A453F1AAAE0C73AAAF895321C7A ] C:\Windows\SysWOW64\FWPUCLNT.DLL
14:11:40.0161 4428 C:\Windows\SysWOW64\FWPUCLNT.DLL - ok
14:11:40.0177 4428 [ 5DF5D8CFD9B9573FA3B2C89D9061A240 ] C:\Windows\SysWOW64\winrnr.dll
14:11:40.0177 4428 C:\Windows\SysWOW64\winrnr.dll - ok
14:11:40.0177 4428 [ ED6EE83D61EBC683C2CD8E899EA6FEBE ] C:\Windows\SysWOW64\rasadhlp.dll
14:11:40.0177 4428 C:\Windows\SysWOW64\rasadhlp.dll - ok
14:11:40.0177 4428 [ 96386E75BCFED6F339BE01359D6CBFAF ] C:\Program Files\Alwil Software\Avast5\ashWsFtr.dll
14:11:40.0177 4428 C:\Program Files\Alwil Software\Avast5\ashWsFtr.dll - ok
14:11:40.0193 4428 [ 4F6E72B34ED3DC53DCC5E8708E60B61F ] C:\Windows\SysWOW64\security.dll
14:11:40.0193 4428 C:\Windows\SysWOW64\security.dll - ok
14:11:40.0193 4428 [ 352B3DC62A0D259A82A052238425C872 ] C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2\comctl32.dll
14:11:40.0193 4428 C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2\comctl32.dll - ok
14:11:40.0193 4428 [ 73E8667A19FEEDD856DF2695E9E511D4 ] C:\Windows\SysWOW64\wship6.dll
14:11:40.0193 4428 C:\Windows\SysWOW64\wship6.dll - ok
14:11:40.0193 4428 [ D79D3EABD4730970770EFA530D094E0F ] C:\Program Files\Alwil Software\Avast5\snxhk.dll
14:11:40.0193 4428 C:\Program Files\Alwil Software\Avast5\snxhk.dll - ok
14:11:40.0208 4428 [ 08DFDBD2FD4EA951DC46B1C7661ED35A ] C:\Windows\SysWOW64\powrprof.dll
14:11:40.0208 4428 C:\Windows\SysWOW64\powrprof.dll - ok
14:11:40.0208 4428 [ 863F793D15B4026B1A5FDECA873D4D84 ] C:\Windows\SysWOW64\apphelp.dll
14:11:40.0208 4428 C:\Windows\SysWOW64\apphelp.dll - ok
14:11:40.0208 4428 [ 893F8E81D1117C48CB9D6E9E5F64BAB1 ] C:\Program Files\Alwil Software\Avast5\Setup\avast.setup
14:11:40.0208 4428 C:\Program Files\Alwil Software\Avast5\Setup\avast.setup - ok
14:11:40.0224 4428 [ B26F4F737E8F9DF4F31AF6CF31D05820 ] C:\Windows\System32\dps.dll
14:11:40.0224 4428 C:\Windows\System32\dps.dll - ok
14:11:40.0224 4428 [ C4002B6B41975F057D98C439030CEA07 ] C:\Windows\ehome\ehrecvr.exe
14:11:40.0224 4428 C:\Windows\ehome\ehrecvr.exe - ok
14:11:40.0224 4428 [ 81F6C1AE23B1C493D9E996C3103915D7 ] C:\Windows\SysWOW64\dhcpcsvc6.dll
14:11:40.0224 4428 C:\Windows\SysWOW64\dhcpcsvc6.dll - ok
14:11:40.0239 4428 [ 9A85ABCE0FDD1AF8E79E731EB0B679F3 ] C:\Windows\SysWOW64\dhcpcsvc.dll
14:11:40.0239 4428 C:\Windows\SysWOW64\dhcpcsvc.dll - ok
14:11:40.0239 4428 [ 9FF47CD8A3787C8FD3CDFE40441C722E ] C:\Program Files (x86)\Google\Update\1.3.21.123\goopdate.dll
14:11:40.0239 4428 C:\Program Files (x86)\Google\Update\1.3.21.123\goopdate.dll - ok
14:11:40.0239 4428 [ B2DB6ABA2E292235749B80A9C3DFA867 ] C:\Windows\SysWOW64\imagehlp.dll
14:11:40.0239 4428 C:\Windows\SysWOW64\imagehlp.dll - ok
14:11:40.0255 4428 [ BDAC1AA64495D0F7E1FF810EBBF1F018 ] C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_5.82.7601.17514_none_ec83dffa859149af\comctl32.dll
14:11:40.0255 4428 C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_5.82.7601.17514_none_ec83dffa859149af\comctl32.dll - ok
14:11:40.0255 4428 [ A6C29DB53ECA94FA8591C5388D604B82 ] C:\Windows\SysWOW64\msi.dll
14:11:40.0255 4428 C:\Windows\SysWOW64\msi.dll - ok
14:11:40.0255 4428 [ D1DE1EAFDE97BE41CF6585027FF3E732 ] C:\Windows\SysWOW64\comdlg32.dll
14:11:40.0255 4428 C:\Windows\SysWOW64\comdlg32.dll - ok
14:11:40.0271 4428 [ 9E4B0E7472B4CEBA9E17F440B8CB0AB8 ] C:\Windows\SysWOW64\winspool.drv
14:11:40.0271 4428 C:\Windows\SysWOW64\winspool.drv - ok
14:11:40.0271 4428 [ 18AB2E5A40064ED5F7791AC5946A90F3 ] C:\Windows\SysWOW64\msimg32.dll
14:11:40.0271 4428 C:\Windows\SysWOW64\msimg32.dll - ok
14:11:40.0271 4428 [ 936F728E04ACCF3F38801CFFCF1E3F40 ] C:\Windows\SysWOW64\oledlg.dll
14:11:40.0271 4428 C:\Windows\SysWOW64\oledlg.dll - ok
14:11:40.0286 4428 [ CA9F7888B524D8100B977C81F44C3234 ] C:\Windows\SysWOW64\winhttp.dll
14:11:40.0286 4428 C:\Windows\SysWOW64\winhttp.dll - ok
14:11:40.0286 4428 [ FB19FC5951A88F3C523E35C2C98D23C0 ] C:\Windows\SysWOW64\webio.dll
14:11:40.0286 4428 C:\Windows\SysWOW64\webio.dll - ok
14:11:40.0286 4428 [ 9C17DCD6DDFEB1A012544FAF4F2789F6 ] C:\Windows\AppPatch\AcGenral.dll
14:11:40.0286 4428 C:\Windows\AppPatch\AcGenral.dll - ok
14:11:40.0286 4428 [ 26BA928D3FBA2A12589A8A9B1A47FB08 ] C:\Program Files\Alwil Software\Avast5\defs\12123000\aswAR.dll
14:11:40.0286 4428 C:\Program Files\Alwil Software\Avast5\defs\12123000\aswAR.dll - ok
14:11:40.0302 4428 [ 0D0FA4434A9434641AB0A6332AC5560A ] C:\Program Files\Alwil Software\Avast5\defs\12123000\aswRawFS.dll
14:11:40.0302 4428 C:\Program Files\Alwil Software\Avast5\defs\12123000\aswRawFS.dll - ok
14:11:40.0302 4428 [ 9392C25DEEDA9A79FDBF6559D47EAB1F ] C:\Program Files\Alwil Software\Avast5\snxhk64.dll
14:11:40.0302 4428 C:\Program Files\Alwil Software\Avast5\snxhk64.dll - ok
14:11:40.0302 4428 [ 4D842C5081F06E61BFF461CF87D13525 ] C:\Windows\ehome\ehtrace.dll
14:11:40.0302 4428 C:\Windows\ehome\ehtrace.dll - ok
14:11:40.0317 4428 [ C07D5582F2107ACAB4564E1DAE977C64 ] C:\Windows\ehome\ehprivjob.exe
14:11:40.0317 4428 C:\Windows\ehome\ehprivjob.exe - ok
14:11:40.0317 4428 [ 3326166011C9BC13D6A8EFD856E9921C ] C:\Windows\System32\conhost.exe
14:11:40.0317 4428 C:\Windows\System32\conhost.exe - ok
14:11:40.0317 4428 [ DB76DB15EFC6E4D1153A6C5BC895948D ] C:\Windows\System32\sppc.dll
14:11:40.0317 4428 C:\Windows\System32\sppc.dll - ok
14:11:40.0333 4428 [ 4705E8EF9934482C5BB488CE28AFC681 ] C:\Windows\ehome\ehsched.exe
14:11:40.0333 4428 C:\Windows\ehome\ehsched.exe - ok
14:11:40.0333 4428 [ 94B3C06DCF580695EBA5304F3C750256 ] C:\Program Files\Windows Home Server\esClient.exe
14:11:40.0333 4428 C:\Program Files\Windows Home Server\esClient.exe - ok
14:11:40.0333 4428 [ A5AE40808B72A25379A5499AD9977743 ] C:\Windows\System32\sbe.dll
14:11:40.0333 4428 C:\Windows\System32\sbe.dll - ok
14:11:40.0333 4428 [ 43964FA89CCF97BA6BE34D69455AC65F ] C:\Windows\SysWOW64\uxtheme.dll
14:11:40.0333 4428 C:\Windows\SysWOW64\uxtheme.dll - ok
14:11:40.0349 4428 [ 85683DF1F917E4D7F6BE1A04986BF1C8 ] C:\Windows\SysWOW64\msacm32.dll
14:11:40.0349 4428 C:\Windows\SysWOW64\msacm32.dll - ok
14:11:40.0349 4428 [ 68ECCA523ED760AAFC03C5D587569859 ] C:\Windows\SysWOW64\samcli.dll
14:11:40.0349 4428 C:\Windows\SysWOW64\samcli.dll - ok
14:11:40.0349 4428 [ 40CAEEE0EAF1B8569F7C8DF6420F2CB9 ] C:\Windows\SysWOW64\sfc.dll
14:11:40.0349 4428 C:\Windows\SysWOW64\sfc.dll - ok
14:11:40.0364 4428 [ 84799328D87B3091A3BDD251E1AD31F9 ] C:\Windows\SysWOW64\sfc_os.dll
14:11:40.0364 4428 C:\Windows\SysWOW64\sfc_os.dll - ok
14:11:40.0364 4428 [ 39C5F32747B3414D1BB216FDB1DEFC58 ] C:\Windows\SysWOW64\dwmapi.dll
14:11:40.0364 4428 C:\Windows\SysWOW64\dwmapi.dll - ok
14:11:40.0364 4428 [ B9A8CBCFCD3EC9D2EA4740AF347BF108 ] C:\Windows\SysWOW64\mpr.dll
14:11:40.0364 4428 C:\Windows\SysWOW64\mpr.dll - ok
14:11:40.0380 4428 [ 9BAC981F66940ACFF5469D15B769E056 ] C:\Windows\System32\logman.exe
14:11:40.0380 4428 C:\Windows\System32\logman.exe - ok
14:11:40.0380 4428 [ 802496CB59A30349F9A6DD22D6947644 ] C:\Windows\System32\FDResPub.dll
14:11:40.0380 4428 C:\Windows\System32\FDResPub.dll - ok
14:11:40.0380 4428 [ FCD84C381E0140AF901E58D48882D26B ] C:\Windows\System32\IKEEXT.DLL
14:11:40.0380 4428 C:\Windows\System32\IKEEXT.DLL - ok
14:11:40.0395 4428 [ 847D3AE376C0817161A14A82C8922A9E ] C:\Windows\System32\netman.dll
14:11:40.0395 4428 C:\Windows\System32\netman.dll - ok
14:11:40.0395 4428 [ C7CF6A6E137463219E1259E3F0F0DD6C ] C:\Windows\System32\pla.dll
14:11:40.0395 4428 C:\Windows\System32\pla.dll - ok
14:11:40.0395 4428 [ 8AD77806D336673F270DB31645267293 ] C:\Windows\System32\nlasvc.dll
14:11:40.0395 4428 C:\Windows\System32\nlasvc.dll - ok
14:11:40.0411 4428 [ 60C44E5B40F1845800494001464CD627 ] C:\Program Files (x86)\ASUS\EPU-4 Engine\AsAcpi.dll
14:11:40.0411 4428 C:\Program Files (x86)\ASUS\EPU-4 Engine\AsAcpi.dll - ok
14:11:40.0411 4428 [ 1727B2A2F379A32B864C096FA794AADC ] C:\Windows\System32\aepic.dll
14:11:40.0411 4428 C:\Windows\System32\aepic.dll - ok
14:11:40.0411 4428 [ C6DCD1D11ED6827F05C00773C3E7053C ] C:\Windows\System32\sfc.dll
14:11:40.0411 4428 C:\Windows\System32\sfc.dll - ok
14:11:40.0411 4428 [ 895C9AB0A855547445C4181195230757 ] C:\Windows\System32\sfc_os.dll
14:11:40.0411 4428 C:\Windows\System32\sfc_os.dll - ok
14:11:40.0427 4428 [ 539C49CEBB3C50957AC8A09D95ECD880 ] C:\Windows\SysWOW64\shfolder.dll
14:11:40.0427 4428 C:\Windows\SysWOW64\shfolder.dll - ok
14:11:40.0427 4428 [ 68769C3356B3BE5D1C732C97B9A80D6E ] C:\Windows\System32\drivers\PEAuth.sys
14:11:40.0427 4428 C:\Windows\System32\drivers\PEAuth.sys - ok
14:11:40.0427 4428 [ 3EA8A16169C26AFBEB544E0E48421186 ] C:\Windows\System32\drivers\secdrv.sys
14:11:40.0427 4428 C:\Windows\System32\drivers\secdrv.sys - ok
14:11:40.0442 4428 [ 0191E738BF521FE6EC567148E73C086B ] C:\Windows\System32\MSVidCtl.dll
14:11:40.0442 4428 C:\Windows\System32\MSVidCtl.dll - ok
14:11:40.0442 4428 [ AE5A69F44C1F97EDC83237FC0B29B6FB ] C:\Program Files (x86)\Google\Update\1.3.21.123\GoogleCrashHandler.exe
14:11:40.0442 4428 C:\Program Files (x86)\Google\Update\1.3.21.123\GoogleCrashHandler.exe - ok
14:11:40.0442 4428 [ 41938F2C1642459CBBA691B5DBD6395A ] C:\Program Files (x86)\Google\Update\1.3.21.123\GoogleCrashHandler64.exe
14:11:40.0442 4428 C:\Program Files (x86)\Google\Update\1.3.21.123\GoogleCrashHandler64.exe - ok
14:11:40.0458 4428 [ FF5688D309347F2720911D8796912834 ] C:\Windows\SysWOW64\clbcatq.dll
14:11:40.0458 4428 C:\Windows\SysWOW64\clbcatq.dll - ok
14:11:40.0458 4428 [ C5A99A4C0DC9F0F5A95BA0C83D30A549 ] C:\Windows\SysWOW64\mstask.dll
14:11:40.0458 4428 C:\Windows\SysWOW64\mstask.dll - ok
14:11:40.0458 4428 [ F1B205F932F62F94506A5F332C895DAF ] C:\Windows\System32\WSDApi.dll
14:11:40.0458 4428 C:\Windows\System32\WSDApi.dll - ok
14:11:40.0473 4428 [ 27E461F0BE5BFF5FC737328F749538C3 ] C:\Windows\System32\drivers\srvnet.sys
14:11:40.0473 4428 C:\Windows\System32\drivers\srvnet.sys - ok
14:11:40.0473 4428 [ 210FCACAF902B2CD47CF9FD17D846146 ] C:\Windows\System32\aeevts.dll
14:11:40.0473 4428 C:\Windows\System32\aeevts.dll - ok
14:11:40.0473 4428 [ BCEA9AB347E53BC03B2E36BE0B8BA0EF ] C:\Windows\System32\httpapi.dll
14:11:40.0473 4428 C:\Windows\System32\httpapi.dll - ok
14:11:40.0473 4428 [ BC617A4E1B4FA8DF523A061739A0BD87 ] C:\Windows\System32\seclogon.dll
14:11:40.0473 4428 C:\Windows\System32\seclogon.dll - ok
14:11:40.0489 4428 [ BF9CCC0BF39B418C8D0AE8B05CF95B7D ] C:\Windows\System32\sysmain.dll
14:11:40.0489 4428 C:\Windows\System32\sysmain.dll - ok
14:11:40.0489 4428 [ 8DD52E8E6128F4B2DA92CE27402871C1 ] C:\Windows\System32\wiaservc.dll
14:11:40.0489 4428 C:\Windows\System32\wiaservc.dll - ok
14:11:40.0489 4428 [ 77B5035BC6EDF4D1B6265391AECEE4C0 ] C:\Windows\System32\vpnikeapi.dll
14:11:40.0489 4428 C:\Windows\System32\vpnikeapi.dll - ok
14:11:40.0505 4428 [ 44A8B9185030EA57F7999383643ADFFB ] C:\Windows\System32\quartz.dll
14:11:40.0505 4428 C:\Windows\System32\quartz.dll - ok
14:11:40.0505 4428 [ 9E0FF5DDD8B908DA5611445C35D6CD24 ] C:\Windows\System32\slcext.dll
14:11:40.0505 4428 C:\Windows\System32\slcext.dll - ok
14:11:40.0505 4428 [ 6F5BE3F67D7F66FFA861ABBFC6A8C973 ] C:\Windows\System32\sppcext.dll
14:11:40.0505 4428 C:\Windows\System32\sppcext.dll - ok
14:11:40.0520 4428 [ D4FAC263861BAE06971C7F7D0A8EBF15 ] C:\Windows\System32\ncsi.dll
14:11:40.0520 4428 C:\Windows\System32\ncsi.dll - ok
14:11:40.0520 4428 [ 58F4493BF748A3A89689997B7BD00E95 ] C:\Windows\System32\winhttp.dll
14:11:40.0520 4428 C:\Windows\System32\winhttp.dll - ok
14:11:40.0520 4428 [ C55516D98DD5D8F0153C2A9B4227DA86 ] C:\Windows\System32\webservices.dll
14:11:40.0520 4428 C:\Windows\System32\webservices.dll - ok
14:11:40.0536 4428 [ B5055B51BAA0FD0A736A88653DA3C1C0 ] C:\Windows\System32\fundisc.dll
14:11:40.0536 4428 C:\Windows\System32\fundisc.dll - ok
14:11:40.0536 4428 [ 40F0849F65D13EE87B9A9AE3C1DD6823 ] C:\Windows\System32\tapisrv.dll
14:11:40.0536 4428 C:\Windows\System32\tapisrv.dll - ok
14:11:40.0536 4428 [ 603EBD34E216C5654A2D774EAC98D278 ] C:\Windows\System32\webio.dll
14:11:40.0536 4428 C:\Windows\System32\webio.dll - ok
14:11:40.0551 4428 [ CF6850A72BEB4845A3BFFB3F5E8014B2 ] C:\Windows\System32\pdh.dll
14:11:40.0551 4428 C:\Windows\System32\pdh.dll - ok
14:11:40.0551 4428 [ FBD879D17B26D49DD7A48FF58062FAE6 ] C:\Windows\System32\tdh.dll
14:11:40.0551 4428 C:\Windows\System32\tdh.dll - ok
14:11:40.0551 4428 [ 1B16D0BD9841794A6E0CDE0CEF744ABC ] C:\Windows\System32\drivers\tcpipreg.sys
14:11:40.0551 4428 C:\Windows\System32\drivers\tcpipreg.sys - ok
14:11:40.0567 4428 [ 3BDCBB29D727C49DC3E3256253467281 ] C:\Windows\System32\wmdrmsdk.dll
14:11:40.0567 4428 C:\Windows\System32\wmdrmsdk.dll - ok
14:11:40.0567 4428 [ 54B5DCD55B223BC5DF50B82E1E9E86B1 ] C:\Windows\System32\mfplat.dll
14:11:40.0567 4428 C:\Windows\System32\mfplat.dll - ok
14:11:40.0567 4428 [ 7E7AFD841694F6AC397E99D75CEAD49D ] C:\Windows\System32\trkwks.dll
14:11:40.0567 4428 C:\Windows\System32\trkwks.dll - ok
14:11:40.0567 4428 [ 0364256B4A2A93A8C8CDA6B3B5A0EFF5 ] C:\Windows\System32\wiatrace.dll
14:11:40.0567 4428 C:\Windows\System32\wiatrace.dll - ok
14:11:40.0583 4428 [ 19B07E7E8915D701225DA41CB3877306 ] C:\Windows\System32\wbem\WMIsvc.dll
14:11:40.0583 4428 C:\Windows\System32\wbem\WMIsvc.dll - ok
14:11:40.0583 4428 [ 0255C22D99602534F15CBB8D9B6F152F ] C:\Windows\System32\wbem\WinMgmtR.dll
14:11:40.0583 4428 C:\Windows\System32\wbem\WinMgmtR.dll - ok
14:11:40.0583 4428 [ 0C52762C606BCF6A377D5E4688191A6B ] C:\Windows\System32\wbem\WmiDcPrv.dll
14:11:40.0583 4428 C:\Windows\System32\wbem\WmiDcPrv.dll - ok
14:11:40.0598 4428 [ CF318F60A84F15AF352439465A8D05F4 ] C:\Program Files\Windows Defender\MpSvc.dll
14:11:40.0598 4428 C:\Program Files\Windows Defender\MpSvc.dll - ok
14:11:40.0598 4428 [ ADF3E771F429940E762AC097F5A54EAF ] C:\Program Files\Windows Defender\MpClient.dll
14:11:40.0598 4428 C:\Program Files\Windows Defender\MpClient.dll - ok
14:11:40.0598 4428 [ FA5CF5CC82D4E39103DEC713E3790FF9 ] C:\Program Files (x86)\ASUS\EPU-4 Engine\AiGear.dll
14:11:40.0598 4428 C:\Program Files (x86)\ASUS\EPU-4 Engine\AiGear.dll - ok
14:11:40.0614 4428 [ 5EB55F661DEBF156E126160BCD4D89F8 ] C:\Windows\System32\wbem\wbemcore.dll
14:11:40.0614 4428 C:\Windows\System32\wbem\wbemcore.dll - ok
14:11:40.0614 4428 [ 7E47C328FC4768CB8BEAFBCFAFA70362 ] C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
14:11:40.0614 4428 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE - ok
14:11:40.0614 4428 [ 2BBF3FDB70B8965DFA0258CBAB41ECCE ] C:\Windows\System32\ssdpapi.dll
14:11:40.0614 4428 C:\Windows\System32\ssdpapi.dll - ok
14:11:40.0629 4428 [ 522B0466ED967A0762E9AF5B37D8F40A ] C:\Windows\System32\esent.dll
14:11:40.0629 4428 C:\Windows\System32\esent.dll - ok
14:11:40.0629 4428 [ 46767946E7B559D981C1DC04EC0AB36F ] C:\Windows\System32\devenum.dll
14:11:40.0629 4428 C:\Windows\System32\devenum.dll - ok
14:11:40.0629 4428 [ 5F639198C4137075DA50E61C23963C11 ] C:\Windows\System32\drprov.dll
14:11:40.0629 4428 C:\Windows\System32\drprov.dll - ok
14:11:40.0629 4428 [ 558C42D165DB5799B4072DC0A9C27C0B ] C:\Windows\System32\msdmo.dll
14:11:40.0629 4428 C:\Windows\System32\msdmo.dll - ok
14:11:40.0645 4428 [ D38535978F93F9FC9F28BE6093A87DBE ] C:\Windows\System32\msdri.dll
14:11:40.0645 4428 C:\Windows\System32\msdri.dll - ok
14:11:40.0645 4428 [ 96DB78C9C50CEED9DA5050EFFEE272A2 ] C:\Windows\System32\upnp.dll
14:11:40.0645 4428 C:\Windows\System32\upnp.dll - ok
14:11:40.0645 4428 [ B837D1528CE2E3CB79F09496BC08DDC6 ] C:\Windows\System32\SensApi.dll
14:11:40.0645 4428 C:\Windows\System32\SensApi.dll - ok
14:11:40.0661 4428 [ 93812FDC01AA864195816CD814445F95 ] C:\Program Files\Common Files\Microsoft Shared\Windows Live\SQMAPI.DLL
14:11:40.0661 4428 C:\Program Files\Common Files\Microsoft Shared\Windows Live\SQMAPI.DLL - ok
14:11:40.0661 4428 [ 9689A9C7F7C2A1A423CDA2C3B43FFF65 ] C:\Windows\System32\wer.dll
14:11:40.0661 4428 C:\Windows\System32\wer.dll - ok
14:11:40.0661 4428 [ 9149EC69ACD3EFC97B01D5A1BAEB3B57 ] C:\Program Files\Windows Home Server\Microsoft.HomeServer.Archive.TransferService.exe
14:11:40.0661 4428 C:\Program Files\Windows Home Server\Microsoft.HomeServer.Archive.TransferService.exe - ok
14:11:40.0676 4428 [ A08C010D859F8EB42BDD7E1D55B8CA27 ] C:\Windows\System32\mscoree.dll
14:11:40.0676 4428 C:\Windows\System32\mscoree.dll - ok
14:11:40.0676 4428 [ 087D8668C71634A3A3761135ABF16EEE ] C:\Windows\System32\wbem\esscli.dll
14:11:40.0676 4428 C:\Windows\System32\wbem\esscli.dll - ok
14:11:40.0676 4428 [ 63DCDFFCBB7E41540F4D64CCED66536B ] C:\ProgramData\Microsoft\IdentityCRL\production\ppcrlconfig600.dll
14:11:40.0676 4428 C:\ProgramData\Microsoft\IdentityCRL\production\ppcrlconfig600.dll - ok
14:11:40.0692 4428 [ AA794B099F776B37ACCDEAD00E0FBFC9 ] C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscoreei.dll
14:11:40.0692 4428 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscoreei.dll - ok
14:11:40.0692 4428 [ BC566D17914B07ABAAB3A5A385CC3300 ] C:\Windows\System32\ntlanman.dll
14:11:40.0692 4428 C:\Windows\System32\ntlanman.dll - ok
14:11:40.0692 4428 [ 0B2D65FDDE31069299AA6330F359FF9C ] C:\Windows\System32\msxml3.dll
14:11:40.0692 4428 C:\Windows\System32\msxml3.dll - ok
14:11:40.0707 4428 [ EE26D130808D16C0E417BBBED0451B34 ] C:\Windows\System32\ntdsapi.dll
14:11:40.0707 4428 C:\Windows\System32\ntdsapi.dll - ok
14:11:40.0707 4428 [ A3F5E8EC1316C3E2562B82694A251C9E ] C:\Windows\System32\wbem\fastprox.dll
14:11:40.0707 4428 C:\Windows\System32\wbem\fastprox.dll - ok
14:11:40.0707 4428 [ 718B6F51AB7F6FE2988A36868F9AD3AB ] C:\Windows\System32\wbem\wbemsvc.dll
14:11:40.0707 4428 C:\Windows\System32\wbem\wbemsvc.dll - ok
14:11:40.0707 4428 [ 0143DB80DACFB7C2B5B7009ED9063353 ] C:\Windows\System32\wbem\wmiutils.dll
14:11:40.0707 4428 C:\Windows\System32\wbem\wmiutils.dll - ok
14:11:40.0723 4428 [ B3A33600DCDFB84D7FBE09ADEB1C9B8A ] C:\Windows\System32\davclnt.dll
14:11:40.0723 4428 C:\Windows\System32\davclnt.dll - ok
14:11:40.0723 4428 [ 02CD5B2C3B017122CAC00BDB520CD7AC ] C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorwks.dll
14:11:40.0723 4428 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorwks.dll - ok
14:11:40.0723 4428 [ EC6BA7C92FA5B2AA4AFDF4DF22AEDAB7 ] C:\Windows\winsxs\amd64_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.6195_none_88e41e092fab0294\msvcr80.dll
14:11:40.0723 4428 C:\Windows\winsxs\amd64_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.6195_none_88e41e092fab0294\msvcr80.dll - ok
14:11:40.0739 4428 [ 0AB34456654C283DAA13B8D2BA21439B ] C:\Windows\System32\wbem\repdrvfs.dll
14:11:40.0739 4428 C:\Windows\System32\wbem\repdrvfs.dll - ok
14:11:40.0739 4428 [ 01AEA2F16FE0C522DDFD7FAFFC959C6A ] C:\Windows\assembly\NativeImages_v2.0.50727_64\mscorlib\74a5f0c2bc0d0e6e3c4ec4886b9be891\mscorlib.ni.dll
14:11:40.0739 4428 C:\Windows\assembly\NativeImages_v2.0.50727_64\mscorlib\74a5f0c2bc0d0e6e3c4ec4886b9be891\mscorlib.ni.dll - ok
14:11:40.0739 4428 [ 0A94DE4AA9864D312E60D747FD249ABE ] C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsec.dll
14:11:40.0739 4428 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsec.dll - ok
14:11:40.0754 4428 [ 850BD2D2D9CB5894935C3B6333CAD6FD ] C:\Windows\System32\riched20.dll
14:11:40.0754 4428 C:\Windows\System32\riched20.dll - ok
14:11:40.0754 4428 [ 45B24A357C801CE62052FE0CDC8BD4D2 ] C:\Windows\System32\davhlpr.dll
14:11:40.0754 4428 C:\Windows\System32\davhlpr.dll - ok
14:11:40.0754 4428 [ 58A0CDABEA255616827B1C22C9994466 ] C:\Windows\System32\NapiNSP.dll
14:11:40.0754 4428 C:\Windows\System32\NapiNSP.dll - ok
14:11:40.0770 4428 [ 613C8CE10A5FDE582BA5FA64C4D56AAA ] C:\Windows\System32\pnrpnsp.dll
14:11:40.0770 4428 C:\Windows\System32\pnrpnsp.dll - ok
14:11:40.0770 4428 [ 28AD5E311996A34025CFB07E131058DD ] C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL
14:11:40.0770 4428 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL - ok
14:11:40.0770 4428 [ 70A176BF2ED362862944C371838262F8 ] C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
14:11:40.0770 4428 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE - ok
14:11:40.0785 4428 [ F11A57E91FDAECFB41A5CB21EB1EBC8E ] C:\Windows\System32\dssenh.dll
14:11:40.0785 4428 C:\Windows\System32\dssenh.dll - ok
14:11:40.0785 4428 [ 4FDFA3F219692D17011BF1B428857C1E ] C:\Program Files\Windows Defender\MpRTP.dll
14:11:40.0785 4428 C:\Program Files\Windows Defender\MpRTP.dll - ok
14:11:40.0785 4428 [ 3ABB7ADB9CCBCD24D6C55201A3842A94 ] C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorjit.dll
14:11:40.0785 4428 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorjit.dll - ok
14:11:40.0801 4428 [ D527EF4364D2D00443470940B177EAD4 ] C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{CBDA262E-5FCC-4B41-B1E7-7BEC5A2B2BA5}\mpengine.dll
14:11:40.0801 4428 C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{CBDA262E-5FCC-4B41-B1E7-7BEC5A2B2BA5}\mpengine.dll - ok
14:11:40.0801 4428 [ B144A2223EF11ED42310124A7839258E ] C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{CBDA262E-5FCC-4B41-B1E7-7BEC5A2B2BA5}\mpasbase.vdm
14:11:40.0801 4428 C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{CBDA262E-5FCC-4B41-B1E7-7BEC5A2B2BA5}\mpasbase.vdm - ok
14:11:40.0801 4428 [ 9092F57AFC5328F9F98F0936CB4AD391 ] C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{CBDA262E-5FCC-4B41-B1E7-7BEC5A2B2BA5}\mpasdlta.vdm
14:11:40.0801 4428 C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{CBDA262E-5FCC-4B41-B1E7-7BEC5A2B2BA5}\mpasdlta.vdm - ok
14:11:40.0817 4428 [ C8A2FA2EE9241B8D66F9D7DE9AE34AEE ] C:\Program Files\Bonjour\mdnsNSP.dll
14:11:40.0817 4428 C:\Program Files\Bonjour\mdnsNSP.dll - ok
14:11:40.0817 4428 [ 88351B29B622B30962D2FEB6CA8D860B ] C:\Windows\System32\rasadhlp.dll
14:11:40.0817 4428 C:\Windows\System32\rasadhlp.dll - ok
14:11:40.0817 4428 [ 93BB66044FA76734E882C6F3E8EE1900 ] C:\Program Files\Windows Defender\MsMpLics.dll
14:11:40.0817 4428 C:\Program Files\Windows Defender\MsMpLics.dll - ok
14:11:40.0832 4428 [ 218A400108F280428FA22282D3268BBC ] C:\Windows\System32\wscapi.dll
14:11:40.0832 4428 C:\Windows\System32\wscapi.dll - ok
14:11:40.0832 4428 [ B84E2D174DC84916A536572BB8F691A8 ] C:\Windows\System32\wscisvif.dll
14:11:40.0832 4428 C:\Windows\System32\wscisvif.dll - ok
14:11:40.0832 4428 [ 6C1E3C43B35268C17833244C8ED96430 ] C:\Windows\System32\wscproxystub.dll
14:11:40.0832 4428 C:\Windows\System32\wscproxystub.dll - ok
14:11:40.0832 4428 [ 8BE887F1743FBB39ED2C9CA2937742D6 ] C:\Windows\assembly\NativeImages_v2.0.50727_64\System\f3888a2c7b096d416ca0cfc5405219b4\System.ni.dll
14:11:40.0832 4428 C:\Windows\assembly\NativeImages_v2.0.50727_64\System\f3888a2c7b096d416ca0cfc5405219b4\System.ni.dll - ok
14:11:40.0848 4428 [ 020C2F610BE801B9B50AF1BFF4A5B24B ] C:\Windows\assembly\NativeImages_v2.0.50727_64\System.ServiceProce#\c9866f6c2cae33d2c38ab32da622a167\System.ServiceProcess.ni.dll
14:11:40.0848 4428 C:\Windows\assembly\NativeImages_v2.0.50727_64\System.ServiceProce#\c9866f6c2cae33d2c38ab32da622a167\System.ServiceProcess.ni.dll - ok
14:11:40.0848 4428 [ DDD0357A92FA843EFF8915ED17253D6C ] C:\Windows\System32\wbem\WmiPrvSD.dll
14:11:40.0848 4428 C:\Windows\System32\wbem\WmiPrvSD.dll - ok
14:11:40.0848 4428 [ D41FEBD098234F02485A4EA98D4730A4 ] C:\Windows\System32\ncobjapi.dll
14:11:40.0848 4428 C:\Windows\System32\ncobjapi.dll - ok
14:11:40.0863 4428 [ 6F40D6FB05E0C1E5402812B426971AF0 ] C:\Windows\System32\wbem\wbemess.dll
14:11:40.0863 4428 C:\Windows\System32\wbem\wbemess.dll - ok
14:11:40.0863 4428 [ 5BBC951150E738F108C6D3D325BD4029 ] C:\Program Files (x86)\ASUS\EPU-4 Engine\pngio.dll
14:11:40.0863 4428 C:\Program Files (x86)\ASUS\EPU-4 Engine\pngio.dll - ok
14:11:40.0863 4428 [ 839F96DBAAFD3353E0B248A5E0BD2A51 ] C:\Windows\SysWOW64\rasapi32.dll
14:11:40.0863 4428 C:\Windows\SysWOW64\rasapi32.dll - ok
14:11:40.0879 4428 [ FFA7172354B9256DBB2CDD75F16F33FE ] C:\Windows\SysWOW64\rasman.dll
14:11:40.0879 4428 C:\Windows\SysWOW64\rasman.dll - ok
14:11:40.0879 4428 [ 0915C4DB6DBC3BB9E11B7ECBBE4B7159 ] C:\Windows\SysWOW64\rtutils.dll
14:11:40.0879 4428 C:\Windows\SysWOW64\rtutils.dll - ok
14:11:40.0879 4428 [ 6F8E3B7B70E1BBA871212940C1FBDF60 ] C:\Windows\SysWOW64\SensApi.dll
14:11:40.0879 4428 C:\Windows\SysWOW64\SensApi.dll - ok
14:11:40.0895 4428 [ 8C338238C16777A802D6A9211EB2BA50 ] C:\Windows\SysWOW64\netprofm.dll
14:11:40.0895 4428 C:\Windows\SysWOW64\netprofm.dll - ok
14:11:40.0895 4428 [ 212F87EE837B4E35E43A93BBFC44E7A7 ] C:\Windows\SysWOW64\AsIO.dll
14:11:40.0895 4428 C:\Windows\SysWOW64\AsIO.dll - ok
14:11:40.0895 4428 [ DC6612A9EE015A36BA2A27BC9CC12537 ] C:\Windows\SysWOW64\mfc42.dll
14:11:40.0895 4428 C:\Windows\SysWOW64\mfc42.dll - ok
14:11:40.0910 4428 [ 7D34AF98A706230CC2DEDFE0CABF87AB ] C:\Windows\SysWOW64\odbc32.dll
14:11:40.0910 4428 C:\Windows\SysWOW64\odbc32.dll - ok
14:11:40.0910 4428 [ 619A67C9F617B7E69315BB28ECD5E1DF ] C:\Windows\System32\wbem\WmiPrvSE.exe
14:11:40.0910 4428 C:\Windows\System32\wbem\WmiPrvSE.exe - ok
14:11:40.0910 4428 [ 6607C2182C6A53ED983813AFE2F85768 ] C:\Windows\System32\wbem\cimwin32.dll
14:11:40.0910 4428 C:\Windows\System32\wbem\cimwin32.dll - ok
14:11:40.0926 4428 [ 1484B9EBF567346582DE571B0E164AE0 ] C:\Windows\System32\framedynos.dll
14:11:40.0926 4428 C:\Windows\System32\framedynos.dll - ok
14:11:40.0926 4428 [ ABA457BFC7EC0B5E130B2F1E0F549DFF ] C:\Windows\SysWOW64\odbcint.dll
14:11:40.0926 4428 C:\Windows\SysWOW64\odbcint.dll - ok
14:11:40.0926 4428 [ CDAD3376DFF3D9AC7FDCBE2B94B0D3C8 ] C:\Windows\System32\shfolder.dll
14:11:40.0926 4428 C:\Windows\System32\shfolder.dll - ok
14:11:40.0926 4428 [ 06EBB2B3F1588E6182C67F6D95F151EA ] C:\Program Files\COMODO\COMODO Internet Security\platform.dll
14:11:40.0926 4428 C:\Program Files\COMODO\COMODO Internet Security\platform.dll - ok
14:11:40.0941 4428 [ 6D8F59648536E150DC5543E439281AE3 ] C:\Program Files\COMODO\COMODO Internet Security\scanners\common.cav
14:11:40.0941 4428 C:\Program Files\COMODO\COMODO Internet Security\scanners\common.cav - ok
14:11:40.0941 4428 [ 73EC75C38053596DBE594D63E4CD3E79 ] C:\Program Files\COMODO\COMODO Internet Security\signmgr.dll
14:11:40.0941 4428 C:\Program Files\COMODO\COMODO Internet Security\signmgr.dll - ok
14:11:40.0941 4428 [ 77A0AC6A3031FEFCBE2B7A52F4E8C0D3 ] C:\Program Files\COMODO\COMODO Internet Security\scanners\fileid.cav
14:11:40.0941 4428 C:\Program Files\COMODO\COMODO Internet Security\scanners\fileid.cav - ok
14:11:40.0957 4428 [ B598F178B9454BA8700EC7FA16FD4284 ] C:\Program Files\COMODO\COMODO Internet Security\scanners\pkann.dll
14:11:40.0957 4428 C:\Program Files\COMODO\COMODO Internet Security\scanners\pkann.dll - ok
14:11:40.0957 4428 [ 6A9178ADC5A029992399B76AE5E5E96E ] C:\Program Files\COMODO\COMODO Internet Security\scanners\mach32.dll
14:11:40.0957 4428 C:\Program Files\COMODO\COMODO Internet Security\scanners\mach32.dll - ok
14:11:40.0957 4428 [ DDABE79024A488DBBB7DE369FA22A93D ] C:\Program Files\COMODO\COMODO Internet Security\scanners\white.cav
14:11:40.0957 4428 C:\Program Files\COMODO\COMODO Internet Security\scanners\white.cav - ok
14:11:40.0973 4428 [ 2E2072EB48238FCA8FBB7A9F5FABAC45 ] C:\Windows\System32\winrnr.dll
14:11:40.0973 4428 C:\Windows\System32\winrnr.dll - ok
14:11:40.0973 4428 [ A4B3A9FFA483F8CB36E56C19448DDE36 ] C:\Windows\assembly\NativeImages_v2.0.50727_64\System.Xml\52e2da35b160dbd254683f72a0f1b937\System.Xml.ni.dll
14:11:40.0973 4428 C:\Windows\assembly\NativeImages_v2.0.50727_64\System.Xml\52e2da35b160dbd254683f72a0f1b937\System.Xml.ni.dll - ok
14:11:40.0973 4428 [ 0017163E0D5985168792BEE5CF70D5DF ] C:\Windows\Microsoft.NET\Framework64\v2.0.50727\diasymreader.dll
14:11:40.0973 4428 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\diasymreader.dll - ok
14:11:40.0988 4428 [ 5DCD11D0B1CB71E2B035B30670365C35 ] C:\Windows\assembly\NativeImages_v2.0.50727_64\System.Runtime.Remo#\6c3851b925e2a31ddefb3d36bb9163cb\System.Runtime.Remoting.ni.dll
14:11:40.0988 4428 C:\Windows\assembly\NativeImages_v2.0.50727_64\System.Runtime.Remo#\6c3851b925e2a31ddefb3d36bb9163cb\System.Runtime.Remoting.ni.dll - ok
14:11:40.0988 4428 [ 08C2957BB30058E663720C5606885653 ] C:\Windows\System32\iphlpsvc.dll
14:11:40.0988 4428 C:\Windows\System32\iphlpsvc.dll - ok
14:11:40.0988 4428 [ B4ADEBBF5E3677CCE9651E0F01F7CC28 ] C:\Windows\System32\drivers\srv2.sys
14:11:40.0988 4428 C:\Windows\System32\drivers\srv2.sys - ok
14:11:41.0004 4428 [ 1EF54B3220EBF3794439EB072B350F3E ] C:\Program Files\Windows Home Server\WHSConnector.exe
14:11:41.0004 4428 C:\Program Files\Windows Home Server\WHSConnector.exe - ok
14:11:41.0004 4428 [ AB92BDA9FF444B39D22E94DC9D233CF4 ] C:\Program Files\Windows Home Server\PartnerManager.dll
14:11:41.0004 4428 C:\Program Files\Windows Home Server\PartnerManager.dll - ok
14:11:41.0004 4428 [ 441FBA48BFF01FDB9D5969EBC1838F0B ] C:\Windows\System32\drivers\srv.sys
14:11:41.0004 4428 C:\Windows\System32\drivers\srv.sys - ok
14:11:41.0019 4428 [ 222D7D2B40F376038320668F7A909B36 ] C:\Program Files\Windows Home Server\WSCSource.dll
14:11:41.0019 4428 C:\Program Files\Windows Home Server\WSCSource.dll - ok
14:11:41.0019 4428 [ 27B9E163740A226B65E4B9E186117911 ] C:\Windows\System32\sqmapi.dll
14:11:41.0019 4428 C:\Windows\System32\sqmapi.dll - ok
14:11:41.0019 4428 [ 7B38D7916A7CD058C16A0A6CA5077901 ] C:\Windows\System32\wdscore.dll
14:11:41.0019 4428 C:\Windows\System32\wdscore.dll - ok
14:11:41.0035 4428 [ 814A7F6D222E65B065F139D891203656 ] C:\Program Files\Windows Home Server\WHSNotificationFactory.dll
14:11:41.0035 4428 C:\Program Files\Windows Home Server\WHSNotificationFactory.dll - ok
14:11:41.0035 4428 [ 1DB725C6D5B8EF722B0A4CD8A3B51F27 ] C:\Program Files\Windows Home Server\WHSNotificationSource.dll
14:11:41.0035 4428 C:\Program Files\Windows Home Server\WHSNotificationSource.dll - ok
14:11:41.0035 4428 [ 75131819FDCDA81739B1BE87DFD45F4A ] C:\Windows\assembly\NativeImages_v2.0.50727_64\ehRecObj\c241cc03e9b5ac3666acb0e2ab47965b\ehRecObj.ni.dll
14:11:41.0035 4428 C:\Windows\assembly\NativeImages_v2.0.50727_64\ehRecObj\c241cc03e9b5ac3666acb0e2ab47965b\ehRecObj.ni.dll - ok
14:11:41.0051 4428 [ EE867A0870FC9E4972BA9EAAD35651E2 ] C:\Windows\System32\rasmans.dll
14:11:41.0051 4428 C:\Windows\System32\rasmans.dll - ok
14:11:41.0051 4428 [ D9F42719019740BAA6D1C6D536CBDAA6 ] C:\Windows\System32\srvsvc.dll
14:11:41.0051 4428 C:\Windows\System32\srvsvc.dll - ok
14:11:41.0051 4428 [ 05F5A0D14A2EE1D8255C2AA0E9E8E694 ] C:\Windows\System32\browser.dll
14:11:41.0051 4428 C:\Windows\System32\browser.dll - ok
14:11:41.0066 4428 [ CFEFA40DDE34659BE5211966EAD86437 ] C:\Windows\System32\netmsg.dll
14:11:41.0066 4428 C:\Windows\System32\netmsg.dll - ok
14:11:41.0066 4428 [ 44C96B48112EB24AE7764EBF1C527000 ] C:\Windows\System32\rastapi.dll
14:11:41.0066 4428 C:\Windows\System32\rastapi.dll - ok
14:11:41.0066 4428 [ FAFAE01E889DC9C05A6CA2138CFC220B ] C:\Windows\System32\tapi32.dll
14:11:41.0066 4428 C:\Windows\System32\tapi32.dll - ok
14:11:41.0082 4428 [ 03706015DB44368375AEBE6339490E66 ] C:\Windows\System32\netcfgx.dll
14:11:41.0082 4428 C:\Windows\System32\netcfgx.dll - ok
14:11:41.0082 4428 [ 60666289DB3D58D68DCC2C6A54703BC0 ] C:\Windows\assembly\NativeImages_v2.0.50727_64\mcstore\9a109c70eea14b5006fbce07e1db37b5\mcstore.ni.dll
14:11:41.0082 4428 C:\Windows\assembly\NativeImages_v2.0.50727_64\mcstore\9a109c70eea14b5006fbce07e1db37b5\mcstore.ni.dll - ok
14:11:41.0082 4428 [ 5F28111C648F1E24F7DBC87CDEB091B8 ] C:\Windows\System32\netprofm.dll
14:11:41.0082 4428 C:\Windows\System32\netprofm.dll - ok
14:11:41.0082 4428 [ 3B367397320C26DBA890B260F80D1B1B ] C:\Windows\System32\hnetcfg.dll
14:11:41.0082 4428 C:\Windows\System32\hnetcfg.dll - ok
14:11:41.0097 4428 [ D2A0FFA75AB181B19B5EB93BB29C7686 ] C:\Windows\System32\unimdm.tsp
14:11:41.0097 4428 C:\Windows\System32\unimdm.tsp - ok
14:11:41.0097 4428 [ 81749E073AC5857B044A686B406E5244 ] C:\Windows\System32\clusapi.dll
14:11:41.0097 4428 C:\Windows\System32\clusapi.dll - ok
14:11:41.0097 4428 [ FF80CAD87555E8E4D2CFD7B9058343F8 ] C:\Windows\System32\sscore.dll
14:11:41.0097 4428 C:\Windows\System32\sscore.dll - ok
14:11:41.0113 4428 [ 344FCC9850C3A8A3B4D3C65151AF8E4C ] C:\Windows\System32\resutils.dll
14:11:41.0113 4428 C:\Windows\System32\resutils.dll - ok
14:11:41.0113 4428 [ FEB91B4DA0D540865260A33838654FA3 ] C:\Windows\System32\nci.dll
14:11:41.0113 4428 C:\Windows\System32\nci.dll - ok
14:11:41.0113 4428 [ 94B7DF336815B47236724019FAB24B7C ] C:\Windows\System32\uniplat.dll
14:11:41.0113 4428 C:\Windows\System32\uniplat.dll - ok
14:11:41.0129 4428 [ 41326DD08ACC0CDC5F8177AF96C066E8 ] C:\Windows\System32\kmddsp.tsp
14:11:41.0129 4428 C:\Windows\System32\kmddsp.tsp - ok
14:11:41.0129 4428 [ 1D6BC2769DA66C1145F4DA5A65F52E61 ] C:\Windows\System32\ndptsp.tsp
14:11:41.0129 4428 C:\Windows\System32\ndptsp.tsp - ok
14:11:41.0129 4428 [ 7C1BAE7D23D4874FEE256A2B9C00E019 ] C:\Windows\System32\hidphone.tsp
14:11:41.0129 4428 C:\Windows\System32\hidphone.tsp - ok
14:11:41.0129 4428 [ A717A35120DBAB5AB707AB40662AF9DD ] C:\Windows\System32\rasppp.dll
14:11:41.0129 4428 C:\Windows\System32\rasppp.dll - ok
14:11:41.0144 4428 [ 0FE5CD5F9C9248F42D1EF56E495B182E ] C:\Windows\System32\vpnike.dll
14:11:41.0144 4428 C:\Windows\System32\vpnike.dll - ok
14:11:41.0144 4428 [ 6A84E68B538B8B04608BF2F0D426CE6F ] C:\Windows\System32\raschap.dll
14:11:41.0144 4428 C:\Windows\System32\raschap.dll - ok
14:11:41.0144 4428 [ A53B66A443C2B313B12A27A07133594D ] C:\Windows\assembly\NativeImages_v2.0.50727_64\Microsoft.MediaCent#\99adaa00da8830c264898b126ad2af54\Microsoft.MediaCenter.UI.ni.dll
14:11:41.0144 4428 C:\Windows\assembly\NativeImages_v2.0.50727_64\Microsoft.MediaCent#\99adaa00da8830c264898b126ad2af54\Microsoft.MediaCenter.UI.ni.dll - ok
14:11:41.0160 4428 [ DC3E0DFB43ED05FF8290B38E3F94C0DE ] C:\Windows\ehome\ehepgres.dll
14:11:41.0160 4428 C:\Windows\ehome\ehepgres.dll - ok
14:11:41.0160 4428 [ B95F6501A2F8B2E78C697FEC401970CE ] C:\Windows\System32\ipnathlp.dll
14:11:41.0160 4428 C:\Windows\System32\ipnathlp.dll - ok
14:11:41.0160 4428 [ 2DF29664ED261F0FC448E58F338F0671 ] C:\Windows\System32\mprapi.dll
14:11:41.0160 4428 C:\Windows\System32\mprapi.dll - ok
14:11:41.0175 4428 [ A42F2C1EB3B66C54FB3C7B79D30C1A6D ] C:\Windows\System32\netshell.dll
14:11:41.0175 4428 C:\Windows\System32\netshell.dll - ok
14:11:41.0175 4428 [ 2E648163254233755035B46DD7B89123 ] C:\Windows\System32\termsrv.dll
14:11:41.0175 4428 C:\Windows\System32\termsrv.dll - ok
14:11:41.0175 4428 [ BF1FC3F79B863C914687A737C2F3D681 ] C:\Windows\System32\wdi.dll
14:11:41.0175 4428 C:\Windows\System32\wdi.dll - ok
14:11:41.0191 4428 [ F7073C962C4FB7C415565DDE109DE49F ] C:\Windows\System32\npmproxy.dll
14:11:41.0191 4428 C:\Windows\System32\npmproxy.dll - ok
14:11:41.0191 4428 [ BD9EB3958F213F96B97B1D897DEE006D ] C:\Windows\System32\hidserv.dll
14:11:41.0191 4428 C:\Windows\System32\hidserv.dll - ok
14:11:41.0191 4428 [ 51B52FBD583CDE8AA9BA62B8B4298F33 ] C:\Windows\System32\ssdpsrv.dll
14:11:41.0191 4428 C:\Windows\System32\ssdpsrv.dll - ok
14:11:41.0191 4428 [ 93221146D4EBBF314C29B23CD6CC391D ] C:\Windows\System32\wpdbusenum.dll
14:11:41.0191 4428 C:\Windows\System32\wpdbusenum.dll - ok
14:11:41.0207 4428 [ 3977D4A871CA0D4F2ED1E7DB46829731 ] C:\Windows\System32\appinfo.dll
14:11:41.0207 4428 C:\Windows\System32\appinfo.dll - ok
14:11:41.0207 4428 [ 15E298B5EC5B89C5994A59863969D9FF ] C:\Windows\SysWOW64\npmproxy.dll
14:11:41.0207 4428 C:\Windows\SysWOW64\npmproxy.dll - ok
14:11:41.0207 4428 [ BF4AC709BE5BF64F331F5D67773A0C82 ] C:\Windows\System32\perftrack.dll
14:11:41.0207 4428 C:\Windows\System32\perftrack.dll - ok
14:11:41.0222 4428 [ 4449D23E8F197862F1B16F1E6C89C36C ] C:\Windows\System32\diagperf.dll
14:11:41.0222 4428 C:\Windows\System32\diagperf.dll - ok
14:11:41.0222 4428 [ 7E236CC26FF0C2513819FA453E2C5371 ] C:\Windows\System32\icaapi.dll
14:11:41.0222 4428 C:\Windows\System32\icaapi.dll - ok
14:11:41.0222 4428 [ 988121D083B7AB61D4A7E244290BAAB0 ] C:\Windows\System32\lsmproxy.dll
14:11:41.0222 4428 C:\Windows\System32\lsmproxy.dll - ok
14:11:41.0238 4428 [ 9719E3D834F5C8C43F56A93DFA497023 ] C:\Windows\System32\pnpts.dll
14:11:41.0238 4428 C:\Windows\System32\pnpts.dll - ok
14:11:41.0238 4428 [ 46863C4CC5B68EB09EA2D5EEF0F1193A ] C:\Windows\System32\radardt.dll
14:11:41.0238 4428 C:\Windows\System32\radardt.dll - ok
14:11:41.0238 4428 [ E811F8510B133E70CF6E509FB809824F ] C:\Windows\System32\wdiasqmmodule.dll
14:11:41.0238 4428 C:\Windows\System32\wdiasqmmodule.dll - ok
14:11:41.0253 4428 [ E377BBA01F34E4183C32E5BBD688CE83 ] C:\Windows\System32\regapi.dll
14:11:41.0253 4428 C:\Windows\System32\regapi.dll - ok
14:11:41.0253 4428 [ 4F15D75ADF6156BF56ECED6D4A55C389 ] C:\Windows\System32\IPSECSVC.DLL
14:11:41.0253 4428 C:\Windows\System32\IPSECSVC.DLL - ok
14:11:41.0253 4428 [ 92E0508D924512F63FFEEFE498CBD11F ] C:\Windows\System32\p2pcollab.dll
14:11:41.0253 4428 C:\Windows\System32\p2pcollab.dll - ok
14:11:41.0269 4428 [ 5B236296E233CAA6BF86BE0C6501A224 ] C:\Windows\System32\rdpcorekmts.dll
14:11:41.0269 4428 C:\Windows\System32\rdpcorekmts.dll - ok
14:11:41.0269 4428 [ 6D5DCC1579B3961D791ABDE286A1CB5E ] C:\Windows\System32\rdpwsx.dll
14:11:41.0269 4428 C:\Windows\System32\rdpwsx.dll - ok
14:11:41.0269 4428 [ 1B6163C503398B23FF8B939C67747683 ] C:\Windows\System32\drivers\rdpdr.sys
14:11:41.0269 4428 C:\Windows\System32\drivers\rdpdr.sys - ok
14:11:41.0269 4428 [ 582AC6D9873E31DFA28A4547270862DD ] C:\Windows\System32\QAGENTRT.DLL
14:11:41.0269 4428 C:\Windows\System32\QAGENTRT.DLL - ok
14:11:41.0285 4428 [ 1B4A711265FEA91259553D7B4E83394B ] C:\Windows\System32\tlscsp.dll
14:11:41.0285 4428 C:\Windows\System32\tlscsp.dll - ok
14:11:41.0285 4428 [ 506A83A3BEEE9FCA09F0170DE9FC7D1B ] C:\Windows\System32\fveui.dll
14:11:41.0285 4428 C:\Windows\System32\fveui.dll - ok
14:11:41.0285 4428 [ F17D1D393BBC69C5322FBFAFACA28C7F ] C:\Windows\System32\certprop.dll
14:11:41.0285 4428 C:\Windows\System32\certprop.dll - ok
14:11:41.0300 4428 [ 51C5ECEB1CDEE2468A1748BE550CFBC8 ] C:\Windows\System32\drivers\tdtcp.sys
14:11:41.0300 4428 C:\Windows\System32\drivers\tdtcp.sys - ok
14:11:41.0300 4428 [ CE18B2CDFC837C99E5FAE9CA6CBA5D30 ] C:\Windows\System32\drivers\tssecsrv.sys
14:11:41.0300 4428 C:\Windows\System32\drivers\tssecsrv.sys - ok
14:11:41.0300 4428 [ 0B6231BF38174A1628C4AC812CC75804 ] C:\Windows\System32\SessEnv.dll
14:11:41.0300 4428 C:\Windows\System32\SessEnv.dll - ok
14:11:41.0316 4428 [ E61608AA35E98999AF9AAEEEA6114B0A ] C:\Windows\System32\drivers\rdpwd.sys
14:11:41.0316 4428 C:\Windows\System32\drivers\rdpwd.sys - ok
14:11:41.0316 4428 [ 025E7DBDB98866ED3CB2D4DDA70B364D ] C:\Windows\System32\runonce.exe
14:11:41.0316 4428 C:\Windows\System32\runonce.exe - ok
14:11:41.0316 4428 [ D44741F65A1D71F65814A12CF6E2400A ] C:\Windows\SysWOW64\runonce.exe
14:11:41.0316 4428 C:\Windows\SysWOW64\runonce.exe - ok
14:11:41.0331 4428 [ 12C45E3CB6D65F73209549E2D02ECA7A ] C:\Windows\SysWOW64\propsys.dll
14:11:41.0331 4428 C:\Windows\SysWOW64\propsys.dll - ok
14:11:41.0331 4428 [ AD7B9C14083B52BC532FBA5948342B98 ] C:\Windows\SysWOW64\cmd.exe
14:11:41.0331 4428 C:\Windows\SysWOW64\cmd.exe - ok
14:11:41.0331 4428 [ 326C7F76A29897A892AA7726E91C1C67 ] C:\Windows\SysWOW64\winbrand.dll
14:11:41.0331 4428 C:\Windows\SysWOW64\winbrand.dll - ok
14:11:41.0347 4428 [ 4B78B431F225FD8624C5655CB1DE7B61 ] C:\Windows\System32\aelupsvc.dll
14:11:41.0347 4428 C:\Windows\System32\aelupsvc.dll - ok
14:11:41.0347 4428 [ 37F358CBD2A1D82C56A542325DA6D368 ] C:\Windows\SysWOW64\ieframe.dll
14:11:41.0347 4428 C:\Windows\SysWOW64\ieframe.dll - ok
14:11:41.0347 4428 [ E64D9EC8018C55873B40FDEE9DBEF5B3 ] C:\Windows\System32\PortableDeviceApi.dll
14:11:41.0347 4428 C:\Windows\System32\PortableDeviceApi.dll - ok
14:11:41.0363 4428 [ 9BC93C9ACFA34DB5A41B89357B31E4ED ] C:\Windows\System32\FwRemoteSvr.dll
14:11:41.0363 4428 C:\Windows\System32\FwRemoteSvr.dll - ok
14:11:41.0363 4428 [ 8E01332CC4B68BC6B5B7EFFE374442AA ] C:\Windows\SysWOW64\oleacc.dll
14:11:41.0363 4428 C:\Windows\SysWOW64\oleacc.dll - ok
14:11:41.0363 4428 [ BE247AE996A9FDE007A27B51413A6C79 ] C:\Windows\SysWOW64\shdocvw.dll
14:11:41.0363 4428 C:\Windows\SysWOW64\shdocvw.dll - ok
14:11:41.0363 4428 [ EBC984F0CE40E0DAF0454D806EC2A7EC ] C:\Users\Webb\AppData\Local\Temp\D7571601-6271-4813-84C6-6B3CD7101659.exe
14:11:41.0363 4428 C:\Users\Webb\AppData\Local\Temp\D7571601-6271-4813-84C6-6B3CD7101659.exe - ok
14:11:41.0378 4428 [ 10F815BE90A66AAFC6C713D1BD626064 ] C:\Windows\System32\pnidui.dll
14:11:41.0378 4428 C:\Windows\System32\pnidui.dll - ok
14:11:41.0378 4428 [ 591FE0A6CEB19BF886CEB1331F591940 ] C:\Windows\SysWOW64\ncrypt.dll
14:11:41.0378 4428 C:\Windows\SysWOW64\ncrypt.dll - ok
14:11:41.0378 4428 [ CE71B9119A258EDD0A05B37D7B0F92E3 ] C:\Windows\SysWOW64\bcrypt.dll
14:11:41.0378 4428 C:\Windows\SysWOW64\bcrypt.dll - ok
14:11:41.0394 4428 [ E8449FE262D7406BCB2AC2A45C53EC5F ] C:\Windows\SysWOW64\bcryptprimitives.dll
14:11:41.0394 4428 C:\Windows\SysWOW64\bcryptprimitives.dll - ok
14:11:41.0394 4428 [ 1097F3035BAF46CED8B332B3564C5108 ] C:\Windows\SysWOW64\gpapi.dll
14:11:41.0394 4428 C:\Windows\SysWOW64\gpapi.dll - ok
14:11:41.0394 4428 [ CA79539D3D4C0BA66F0F051A5EE5E923 ] C:\Windows\SysWOW64\cryptnet.dll
14:11:41.0394 4428 C:\Windows\SysWOW64\cryptnet.dll - ok
14:11:41.0409 4428 [ 1DB71A41DAEE6B3F8CD0DDA8209FA2D5 ] C:\Windows\SysWOW64\WindowsCodecs.dll
14:11:41.0409 4428 C:\Windows\SysWOW64\WindowsCodecs.dll - ok
14:11:41.0409 4428 [ 846D0E4DB261CFAF363902E41498E961 ] C:\Windows\SysWOW64\EhStorShell.dll
14:11:41.0409 4428 C:\Windows\SysWOW64\EhStorShell.dll - ok
14:11:41.0409 4428 [ 03F3B770DFBED6131653CEDA8CA780F0 ] C:\Windows\SysWOW64\ntshrui.dll
14:11:41.0409 4428 C:\Windows\SysWOW64\ntshrui.dll - ok
14:11:41.0425 4428 [ 827CB0D6C3F8057EA037FF271F8E9795 ] C:\Windows\SysWOW64\imageres.dll
14:11:41.0425 4428 C:\Windows\SysWOW64\imageres.dll - ok
14:11:41.0425 4428 [ 8B74CEC6980D4816B0037AE9A27E538F ] C:\Windows\SysWOW64\slc.dll
14:11:41.0425 4428 C:\Windows\SysWOW64\slc.dll - ok
14:11:41.0425 4428 [ 1EB82516F21F27EED1833B4F9FD9614E ] C:\Windows\System32\wmp.dll
14:11:41.0425 4428 C:\Windows\System32\wmp.dll - ok
14:11:41.0425 4428 [ A293DCD756D04D8492A750D03B9A297C ] C:\Windows\System32\umrdp.dll
14:11:41.0425 4428 C:\Windows\System32\umrdp.dll - ok
14:11:41.0441 4428 [ E1B22739C933BE33F53DB58C5393ADD3 ] C:\Windows\System32\Apphlpdm.dll
14:11:41.0441 4428 C:\Windows\System32\Apphlpdm.dll - ok
14:11:41.0441 4428 [ AFA79C343F9D1555F7E5D5FA70BB2A14 ] C:\Windows\System32\PortableDeviceConnectApi.dll
14:11:41.0441 4428 C:\Windows\System32\PortableDeviceConnectApi.dll - ok
14:11:41.0441 4428 [ 45CFBFA8EDC3DF4E2B7FB0D0260FE051 ] C:\Windows\System32\localspl.dll
14:11:41.0441 4428 C:\Windows\System32\localspl.dll - ok
14:11:41.0456 4428 [ C5AC93CF3BA30D367FB49148A2B673B9 ] C:\Windows\System32\PrintIsolationProxy.dll
14:11:41.0456 4428 C:\Windows\System32\PrintIsolationProxy.dll - ok
14:11:41.0456 4428 [ 3285481F5C12305CA104A6C493CA5A0B ] C:\Windows\System32\spoolss.dll
14:11:41.0456 4428 C:\Windows\System32\spoolss.dll - ok
14:11:41.0456 4428 [ EC98366AD462383659681BDFFD384CED ] C:\Windows\System32\CNBLM4.DLL
14:11:41.0456 4428 C:\Windows\System32\CNBLM4.DLL - ok
14:11:41.0472 4428 [ 19E41CCCEE697CC9465396B370929792 ] C:\Windows\System32\FXSMON.dll
14:11:41.0472 4428 C:\Windows\System32\FXSMON.dll - ok
14:11:41.0472 4428 [ 32A3C8600AF124CBAAD845F13CFAE3CB ] C:\Windows\System32\tcpmon.dll
14:11:41.0472 4428 C:\Windows\System32\tcpmon.dll - ok
14:11:41.0472 4428 [ 93518C6EDE0B61BCBD02BDB02BD05FEE ] C:\Windows\System32\snmpapi.dll
14:11:41.0472 4428 C:\Windows\System32\snmpapi.dll - ok
14:11:41.0487 4428 [ FFF9D00CF16397C64317F213484F94BD ] C:\Windows\System32\wsnmp32.dll
14:11:41.0487 4428 C:\Windows\System32\wsnmp32.dll - ok
14:11:41.0487 4428 [ DF72A9936D0C3F517083119648814B09 ] C:\Windows\System32\usbmon.dll
14:11:41.0487 4428 C:\Windows\System32\usbmon.dll - ok
14:11:41.0487 4428 [ A1D7E3ADCDB07DDB6F423862DCB1A52B ] C:\Windows\System32\WSDMon.dll
14:11:41.0487 4428 C:\Windows\System32\WSDMon.dll - ok
14:11:41.0487 4428 [ 4581716B4BF76ACFD8E167EB0B26D82A ] C:\Windows\System32\fdPnp.dll
14:11:41.0487 4428 C:\Windows\System32\fdPnp.dll - ok
14:11:41.0503 4428 [ 1D626FE2E13C1CE49CA0136CFF214E93 ] C:\Windows\System32\spool\prtprocs\x64\winprint.dll
14:11:41.0503 4428 C:\Windows\System32\spool\prtprocs\x64\winprint.dll - ok
14:11:41.0503 4428 [ 389B0EEE1FFB490D76A556F04C0B268E ] C:\Windows\System32\spool\prtprocs\x64\CNBPP4.DLL
14:11:41.0503 4428 C:\Windows\System32\spool\prtprocs\x64\CNBPP4.DLL - ok
14:11:41.0503 4428 [ 507D5567A0A4EE86C4B0CE2CE1777025 ] C:\Windows\System32\inetpp.dll
14:11:41.0503 4428 C:\Windows\System32\inetpp.dll - ok
14:11:41.0519 4428 [ 548CB980D7876E207CC9F8B60C1587A3 ] C:\Windows\System32\win32spl.dll
14:11:41.0519 4428 C:\Windows\System32\win32spl.dll - ok
14:11:41.0519 4428 [ E629F1A051C82795DDFFD3E8D4855811 ] C:\Windows\System32\dimsjob.dll
14:11:41.0519 4428 C:\Windows\System32\dimsjob.dll - ok
14:11:41.0519 4428 [ 35CB97CBC3EDC463418ED4997AAB29B6 ] C:\Windows\System32\pautoenr.dll
14:11:41.0519 4428 C:\Windows\System32\pautoenr.dll - ok
14:11:41.0534 4428 [ 94DFBB481BF51158B216E23C5C1C9D6E ] C:\Windows\System32\certcli.dll
14:11:41.0534 4428 C:\Windows\System32\certcli.dll - ok
14:11:41.0534 4428 [ 263B26106606A010CF877472B535E4BB ] C:\Windows\System32\CertEnroll.dll
14:11:41.0534 4428 C:\Windows\System32\CertEnroll.dll - ok
14:11:41.0534 4428 [ 162D247E995EAEBF3EF4289069E1111C ] C:\Windows\SysWOW64\devrtl.dll
14:11:41.0534 4428 C:\Windows\SysWOW64\devrtl.dll - ok
14:11:41.0550 4428 [ D56C13F26ADCB3BC0455DB42883F6E7D ] C:\Windows\System32\iedkcs32.dll
14:11:41.0550 4428 C:\Windows\System32\iedkcs32.dll - ok
14:11:41.0550 4428 [ 6D220604AA4240303DD8DEAEAB428377 ] C:\Windows\System32\ie4uinit.exe
14:11:41.0550 4428 C:\Windows\System32\ie4uinit.exe - ok
14:11:41.0550 4428 [ 2C647ABE9A424E55B5F3DAE4629B4277 ] C:\Windows\System32\themeui.dll
14:11:41.0550 4428 C:\Windows\System32\themeui.dll - ok
14:11:41.0565 4428 [ FB10715E4099AF9FA389C71873245226 ] C:\Windows\System32\timedate.cpl
14:11:41.0565 4428 C:\Windows\System32\timedate.cpl - ok
14:11:41.0565 4428 [ E6F0F82788E8BD0F7A616350EFA0761C ] C:\Windows\System32\actxprxy.dll
14:11:41.0565 4428 C:\Windows\System32\actxprxy.dll - ok
14:11:41.0565 4428 [ C4F40F6CACD796A8E16671D0E9A2F319 ] C:\Windows\System32\shdocvw.dll
14:11:41.0565 4428 C:\Windows\System32\shdocvw.dll - ok
14:11:41.0581 4428 [ A0A65D306A5490D2EB8E7DE66898ECFD ] C:\Windows\System32\linkinfo.dll
14:11:41.0581 4428 C:\Windows\System32\linkinfo.dll - ok
14:11:41.0581 4428 [ 3504B34CD2DE00BA3CC1A195F1B739BD ] C:\Windows\System32\gameux.dll
14:11:41.0581 4428 C:\Windows\System32\gameux.dll - ok
14:11:41.0581 4428 [ 1EAC1A8CA6874BF5B15E2EFB9A9A7B86 ] C:\Windows\System32\msftedit.dll
14:11:41.0581 4428 C:\Windows\System32\msftedit.dll - ok
14:11:41.0581 4428 [ 7CB3ACB163DE051169095DC6507B8977 ] C:\Windows\System32\msls31.dll
14:11:41.0581 4428 C:\Windows\System32\msls31.dll - ok
14:11:41.0597 4428 [ 7DBA84667DC18877AEF693E3543DFAD7 ] C:\Program Files\Common Files\Microsoft Shared\ink\tiptsf.dll
14:11:41.0597 4428 C:\Program Files\Common Files\Microsoft Shared\ink\tiptsf.dll - ok
14:11:41.0597 4428 [ 69754747274B76E7FAF287239333D7E6 ] C:\Windows\System32\msiltcfg.dll
14:11:41.0597 4428 C:\Windows\System32\msiltcfg.dll - ok
14:11:41.0597 4428 [ 4C2C4640BF23AAFCF90519E0F34436CE ] C:\Windows\System32\DeviceCenter.dll
14:11:41.0597 4428 C:\Windows\System32\DeviceCenter.dll - ok
14:11:41.0612 4428 [ 405F4D32D2185F1F1BD753D8EEAFFB3A ] C:\Windows\System32\networkexplorer.dll
14:11:41.0612 4428 C:\Windows\System32\networkexplorer.dll - ok
14:11:41.0612 4428 [ 4F7A4BC2C730D881C48D22A6E7EF547C ] C:\Program Files\COMODO\COMODO Internet Security\cfp.exe
14:11:41.0612 4428 C:\Program Files\COMODO\COMODO Internet Security\cfp.exe - ok
14:11:41.0612 4428 [ 24F4B480F335A6C724AF352253C5D98B ] C:\Windows\System32\thumbcache.dll
14:11:41.0612 4428 C:\Windows\System32\thumbcache.dll - ok
14:11:41.0628 4428 [ 263E9A047D17CD50BAA9D3C02910D18D ] C:\Windows\System32\oledlg.dll
14:11:41.0628 4428 C:\Windows\System32\oledlg.dll - ok
14:11:41.0628 4428 [ 4B4F81C294B9A07479F4F4F8FF20E58C ] C:\Program Files (x86)\Garmin\gStart.exe
14:11:41.0628 4428 C:\Program Files (x86)\Garmin\gStart.exe - ok
14:11:41.0628 4428 [ 32DA0F05975B3426C0AD76296ABF3073 ] C:\Program Files (x86)\Garmin\gStart_Lang.dll
14:11:41.0628 4428 C:\Program Files (x86)\Garmin\gStart_Lang.dll - ok
14:11:41.0643 4428 [ 17482ECBD12AF528EA626CFA87361BB0 ] C:\Program Files (x86)\Air Mouse\Air Mouse\Air Mouse.exe
14:11:41.0643 4428 C:\Program Files (x86)\Air Mouse\Air Mouse\Air Mouse.exe - ok
14:11:41.0643 4428 [ E999032BA2304BFAA471AE444AE86C49 ] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe
14:11:41.0643 4428 C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe - ok
14:11:41.0643 4428 [ 0AEE5668EB59912F32FF245BFA72465F ] C:\Program Files (x86)\QuickTime\QTTask.exe
14:11:41.0643 4428 C:\Program Files (x86)\QuickTime\QTTask.exe - ok
14:11:41.0659 4428 [ 0B5511674394666E9D221F8681B2C2E6 ] C:\Windows\System32\consent.exe
14:11:41.0659 4428 C:\Windows\System32\consent.exe - ok
14:11:41.0659 4428 [ EAAD988F5D1C6904DF8D59382D326371 ] C:\Windows\SysWOW64\atiadlxy.dll
14:11:41.0659 4428 C:\Windows\SysWOW64\atiadlxy.dll - ok
14:11:41.0659 4428 [ 0CFBE2D135A73CA98381FC8CC8BC5A03 ] C:\Program Files (x86)\iTunes\iTunesHelper.exe
14:11:41.0659 4428 C:\Program Files (x86)\iTunes\iTunesHelper.exe - ok
14:11:41.0659 4428 [ 18673B7DDECFB675A989EB2B7C51A7F1 ] C:\Program Files\COMODO\COMODO Internet Security\cmdhtml.dll
14:11:41.0659 4428 C:\Program Files\COMODO\COMODO Internet Security\cmdhtml.dll - ok
14:11:41.0675 4428 [ 55520AF0F65D5BD7A337DCEDDE886125 ] C:\Program Files (x86)\iTunes\iTunesHelper.dll
14:11:41.0675 4428 C:\Program Files (x86)\iTunes\iTunesHelper.dll - ok
14:11:41.0675 4428 [ 848BC9A0BB2361E549FD4C22D7548FB8 ] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\AppleVersions.dll
14:11:41.0675 4428 C:\Program Files (x86)\Common Files\Apple\Apple Application Support\AppleVersions.dll - ok
14:11:41.0675 4428 [ 795AEA2511A1C5082FA690D6BD8D202E ] C:\Program Files (x86)\iTunes\iTunesHelper.Resources\iTunesHelper.dll
14:11:41.0675 4428 C:\Program Files (x86)\iTunes\iTunesHelper.Resources\iTunesHelper.dll - ok
14:11:41.0690 4428 [ E7704CBF568815C1CAA6E513387BD3F2 ] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
14:11:41.0690 4428 C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe - ok
14:11:41.0690 4428 [ 4F99047D255B77FDA6E51EA97721E3D8 ] C:\Program Files (x86)\iTunes\iTunesHelper.Resources\en.lproj\iTunesHelperLocalized.dll
14:11:41.0690 4428 C:\Program Files (x86)\iTunes\iTunesHelper.Resources\en.lproj\iTunesHelperLocalized.dll - ok
14:11:41.0690 4428 [ 1EAE09FD191DA65EFF54AF9A2E899711 ] C:\Program Files (x86)\Sierra Wireless Inc\Watcher\WaHelper.exe
14:11:41.0690 4428 C:\Program Files (x86)\Sierra Wireless Inc\Watcher\WaHelper.exe - ok
14:11:41.0706 4428 [ 505F022493D471025ADD399A4162208B ] C:\Program Files (x86)\Adobe\Reader 9.0\Reader\reader_sl.exe
14:11:41.0706 4428 C:\Program Files (x86)\Adobe\Reader 9.0\Reader\reader_sl.exe - ok
14:11:41.0706 4428 [ B8E421C0890356CD4A793D8A346D9096 ] C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
14:11:41.0706 4428 C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe - ok
14:11:41.0706 4428 [ B77081F8221968C7DAB794B0BA55C43E ] C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
14:11:41.0706 4428 C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe - ok
14:11:41.0721 4428 [ 083649EF692A066880C9326020915AFE ] C:\Program Files\Alwil Software\Avast5\AvastUI.exe
14:11:41.0721 4428 C:\Program Files\Alwil Software\Avast5\AvastUI.exe - ok
14:11:41.0721 4428 [ 179EED57FED3C7422A559633641032BA ] C:\Program Files\Alwil Software\Avast5\aswUtil.dll
14:11:41.0721 4428 C:\Program Files\Alwil Software\Avast5\aswUtil.dll - ok
14:11:41.0721 4428 [ 50925A12AD9A8F45609E914D9F941E68 ] C:\Program Files\COMODO\COMODO Internet Security\themes\black.theme
14:11:41.0721 4428 C:\Program Files\COMODO\COMODO Internet Security\themes\black.theme - ok
14:11:41.0737 4428 [ CA6ADE4F7761BB15B3325356DC3B82BB ] C:\Windows\winsxs\x86_microsoft.vc90.mfc_1fc8b3b9a1e18e3b_9.0.30729.6161_none_4bf7e3e2bf9ada4c\mfc90u.dll
14:11:41.0737 4428 C:\Windows\winsxs\x86_microsoft.vc90.mfc_1fc8b3b9a1e18e3b_9.0.30729.6161_none_4bf7e3e2bf9ada4c\mfc90u.dll - ok
14:11:41.0737 4428 [ E2C48CD0132D4D1DC7D0DF9A6BEF686A ] C:\Windows\winsxs\x86_microsoft.vc80.mfc_1fc8b3b9a1e18e3b_8.0.50727.6195_none_cbf5e994470a1a8f\mfc80u.dll
14:11:41.0737 4428 C:\Windows\winsxs\x86_microsoft.vc80.mfc_1fc8b3b9a1e18e3b_8.0.50727.6195_none_cbf5e994470a1a8f\mfc80u.dll - ok
14:11:41.0737 4428 [ 1473768973453DE50DC738C2955FC4DD ] C:\Windows\System32\wdmaud.drv
14:11:41.0737 4428 C:\Windows\System32\wdmaud.drv - ok
14:11:41.0753 4428 [ 8560FFFC8EB3A806DCD4F82252CFC8C6 ] C:\Windows\System32\ksuser.dll
14:11:41.0753 4428 C:\Windows\System32\ksuser.dll - ok
14:11:41.0753 4428 [ 25BEF4C3E9417AE09B017CCFB66B4383 ] C:\Program Files\COMODO\COMODO Internet Security\themes\blue.theme
14:11:41.0753 4428 C:\Program Files\COMODO\COMODO Internet Security\themes\blue.theme - ok
14:11:41.0753 4428 [ DC220AE6F64819099F7EBD6F137E32E7 ] C:\Windows\System32\AudioSes.dll
14:11:41.0753 4428 C:\Windows\System32\AudioSes.dll - ok
14:11:41.0768 4428 [ D79D19EC66106119DCD45D042C6B5170 ] C:\Windows\assembly\NativeImages_v2.0.50727_64\System.Drawing\88f8a6436dc95497fce0dae347646e53\System.Drawing.ni.dll
14:11:41.0768 4428 C:\Windows\assembly\NativeImages_v2.0.50727_64\System.Drawing\88f8a6436dc95497fce0dae347646e53\System.Drawing.ni.dll - ok
14:11:41.0768 4428 [ C7EDDAC1E795976CDF62D785836FE38D ] C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe
14:11:41.0768 4428 C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe - ok
14:11:41.0768 4428 [ 28A09777D2D952122567A8A82F1A2C7B ] C:\Windows\winsxs\x86_microsoft.vc80.mfcloc_1fc8b3b9a1e18e3b_8.0.50727.6195_none_03ce2c72205943d3\mfc80ENU.dll
14:11:41.0768 4428 C:\Windows\winsxs\x86_microsoft.vc80.mfcloc_1fc8b3b9a1e18e3b_8.0.50727.6195_none_03ce2c72205943d3\mfc80ENU.dll - ok
14:11:41.0784 4428 [ 1B7C3A37362C7B2890168C5FC61C8D9B ] C:\Windows\System32\msacm32.drv
14:11:41.0784 4428 C:\Windows\System32\msacm32.drv - ok
14:11:41.0784 4428 [ CC30AA4EF49CA0B3B1C1CBCE325C36AD ] C:\Program Files\COMODO\COMODO Internet Security\themes\default.theme
14:11:41.0784 4428 C:\Program Files\COMODO\COMODO Internet Security\themes\default.theme - ok
14:11:41.0784 4428 [ CA2A0750ED830678997695FF61B04C30 ] C:\Windows\System32\midimap.dll
14:11:41.0784 4428 C:\Windows\System32\midimap.dll - ok
14:11:41.0799 4428 [ 10AC5CE9F78DC281A1BBD9B8CC587B8A ] C:\Windows\System32\msacm32.dll
14:11:41.0799 4428 C:\Windows\System32\msacm32.dll - ok
14:11:41.0799 4428 [ 5EDBB34736DD7AC1A73CF8792A835E10 ] C:\Windows\System32\AudioEng.dll
14:11:41.0799 4428 C:\Windows\System32\AudioEng.dll - ok
14:11:41.0799 4428 [ 5E04C53224E7D946F35DC1208835FD95 ] C:\Program Files\COMODO\COMODO Internet Security\themes\metal.theme
14:11:41.0799 4428 C:\Program Files\COMODO\COMODO Internet Security\themes\metal.theme - ok
14:11:41.0815 4428 [ C1395286B822E306B4FE1568A8A77813 ] C:\Windows\System32\AUDIOKSE.dll
14:11:41.0815 4428 C:\Windows\System32\AUDIOKSE.dll - ok
14:11:41.0815 4428 [ 1EA7969E3271CBC59E1730697DC74682 ] C:\Windows\System32\qmgr.dll
14:11:41.0815 4428 C:\Windows\System32\qmgr.dll - ok
14:11:41.0815 4428 [ D9431DCF90B0253773F51FDEFE7FD42F ] C:\Windows\System32\bitsigd.dll
14:11:41.0815 4428 C:\Windows\System32\bitsigd.dll - ok
14:11:41.0831 4428 [ 29409ED7400CA5BCCC30C0EE5147A60D ] C:\Windows\System32\bitsperf.dll
14:11:41.0831 4428 C:\Windows\System32\bitsperf.dll - ok
14:11:41.0831 4428 [ AC5DF873913B00E554D8F553459BC431 ] C:\Windows\System32\qmgrprxy.dll
14:11:41.0831 4428 C:\Windows\System32\qmgrprxy.dll - ok
14:11:41.0831 4428 [ 85B45B4B285B159ACDB355FC8C1E8925 ] C:\Windows\SysWOW64\qmgrprxy.dll
14:11:41.0831 4428 C:\Windows\SysWOW64\qmgrprxy.dll - ok
14:11:41.0846 4428 [ 1D856E6E7490447FCFAA46E09A2BF9C9 ] C:\Program Files (x86)\QuickTime\QTSystem\QuickTime.qts
14:11:41.0846 4428 C:\Program Files (x86)\QuickTime\QTSystem\QuickTime.qts - ok
14:11:41.0846 4428 [ E424B3EF666B184CEE0B6871AAA8C9F6 ] C:\Windows\System32\msimg32.dll
14:11:41.0846 4428 C:\Windows\System32\msimg32.dll - ok
14:11:41.0846 4428 [ 6F3C559B82F2912354BE5B098744CC8C ] C:\Windows\System32\WMALFXGFXDSP.dll
14:11:41.0846 4428 C:\Windows\System32\WMALFXGFXDSP.dll - ok
14:11:41.0846 4428 [ C3761661C17C2248A9379A8FB89E3DE1 ] C:\Windows\System32\stobject.dll
14:11:41.0846 4428 C:\Windows\System32\stobject.dll - ok
14:11:41.0862 4428 [ F832EEEA97CDDA1AF577E721F652A0D1 ] C:\Windows\System32\batmeter.dll
14:11:41.0862 4428 C:\Windows\System32\batmeter.dll - ok
14:11:41.0862 4428 [ FBFCA1A574D47EE575448B719CBBF2E4 ] C:\Windows\winsxs\x86_microsoft.vc90.mfcloc_1fc8b3b9a1e18e3b_9.0.30729.6161_none_49768ef57548175e\MFC90ENU.DLL
14:11:41.0862 4428 C:\Windows\winsxs\x86_microsoft.vc90.mfcloc_1fc8b3b9a1e18e3b_9.0.30729.6161_none_49768ef57548175e\MFC90ENU.DLL - ok
14:11:41.0862 4428 [ 13790C4FB6311ECE6D6763A7EC2313FB ] C:\Program Files\Alwil Software\Avast5\aswAra.dll
14:11:41.0862 4428 C:\Program Files\Alwil Software\Avast5\aswAra.dll - ok
14:11:41.0877 4428 [ F0E7DEC6F7A3610949BDED0CA8CCB3EA ] C:\Program Files\Alwil Software\Avast5\aswData.dll
14:11:41.0877 4428 C:\Program Files\Alwil Software\Avast5\aswData.dll - ok
14:11:41.0877 4428 [ AB6E3DF509C6BD59062F685A40395C23 ] C:\Program Files\Alwil Software\Avast5\1033\uiLangRes.dll
14:11:41.0877 4428 C:\Program Files\Alwil Software\Avast5\1033\uiLangRes.dll - ok
14:11:41.0877 4428 [ 2D2A6EC8EAD30EC3ACE2FD6FB1B3E122 ] C:\Windows\System32\prnfldr.dll
14:11:41.0877 4428 C:\Windows\System32\prnfldr.dll - ok
14:11:41.0893 4428 [ AB04C6CE5DF23819B914F822E9AA0EDF ] C:\Program Files\Alwil Software\Avast5\CommonRes.dll
14:11:41.0893 4428 C:\Program Files\Alwil Software\Avast5\CommonRes.dll - ok
14:11:41.0893 4428 [ 2A436796758BF2555A26C770FE8A6FEE ] C:\Windows\System32\fdProxy.dll
14:11:41.0893 4428 C:\Windows\System32\fdProxy.dll - ok
14:11:41.0893 4428 [ 42A9CB6906D9A8BEDC83B57163E62924 ] C:\Windows\System32\DXP.dll
14:11:41.0893 4428 C:\Windows\System32\DXP.dll - ok
14:11:41.0893 4428 [ 2BC7C9FD0A9F2C9AFC373F3AD1EE3891 ] C:\Windows\System32\Syncreg.dll
14:11:41.0893 4428 C:\Windows\System32\Syncreg.dll - ok
14:11:41.0909 4428 [ EADFC95980BC24DF3C7EE5B2CD38F043 ] C:\Windows\assembly\NativeImages_v2.0.50727_64\System.Windows.Forms\d6af7216038720b1adeca71e81c14bd6\System.Windows.Forms.ni.dll
14:11:41.0909 4428 C:\Windows\assembly\NativeImages_v2.0.50727_64\System.Windows.Forms\d6af7216038720b1adeca71e81c14bd6\System.Windows.Forms.ni.dll - ok
14:11:41.0909 4428 [ C836175870E00ACC546066632E15BD10 ] C:\Windows\ehome\ehSSO.dll
14:11:41.0909 4428 C:\Windows\ehome\ehSSO.dll - ok
14:11:41.0909 4428 [ 10035E4C014522FE740172FF0B4FF43E ] C:\Windows\ehome\ehtray.exe
14:11:41.0909 4428 C:\Windows\ehome\ehtray.exe - ok
14:11:41.0924 4428 [ E7368F0A8D19445EAF5C5D0DBB8B8DAB ] C:\Windows\System32\AltTab.dll
14:11:41.0924 4428 C:\Windows\System32\AltTab.dll - ok
14:11:41.0924 4428 [ C8FDF0FA9E97E2FAAF3F814716AAA881 ] C:\Windows\System32\WPDShServiceObj.dll
14:11:41.0924 4428 C:\Windows\System32\WPDShServiceObj.dll - ok
14:11:41.0924 4428 [ AFDAE59FE562A7CDB44F9D4ABEDAC316 ] C:\Program Files (x86)\QuickTime\QTSystem\QTCF.dll
14:11:41.0924 4428 C:\Program Files (x86)\QuickTime\QTSystem\QTCF.dll - ok
14:11:41.0940 4428 [ 4F3CD1C59EA71401E155C432BCECE180 ] C:\Windows\System32\PortableDeviceTypes.dll
14:11:41.0940 4428 C:\Windows\System32\PortableDeviceTypes.dll - ok
14:11:41.0940 4428 [ B9F0A4020AA98B7A20287BF7FE99A1FD ] C:\Windows\System32\QUTIL.DLL
14:11:41.0940 4428 C:\Windows\System32\QUTIL.DLL - ok
14:11:41.0940 4428 [ 234AFA322624B3203A2E720F08292B03 ] C:\Windows\System32\cscobj.dll
14:11:41.0940 4428 C:\Windows\System32\cscobj.dll - ok
14:11:41.0955 4428 [ E0B340996A41C9A75DFA3B99BBA9C500 ] C:\Windows\System32\SearchIndexer.exe
14:11:41.0955 4428 C:\Windows\System32\SearchIndexer.exe - ok
14:11:41.0955 4428 [ 5CC7AF82752165A2A966BF557E2C7EB5 ] C:\Windows\ehome\ehProxy.dll
14:11:41.0955 4428 C:\Windows\ehome\ehProxy.dll - ok
14:11:41.0955 4428 [ 4E5FE39C1076D115EC8BFCFE14D75B80 ] C:\Windows\SysWOW64\credssp.dll
14:11:41.0955 4428 C:\Windows\SysWOW64\credssp.dll - ok
14:11:41.0971 4428 [ 7717F84F483002815490033BF069DABD ] C:\Windows\winsxs\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.17825_none_72d273598668a06b\GdiPlus.dll
14:11:41.0971 4428 C:\Windows\winsxs\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.17825_none_72d273598668a06b\GdiPlus.dll - ok
14:11:41.0971 4428 [ DFFAE10E3A1B0C664B9383B7C1809B0A ] C:\Windows\ehome\ehrec.exe
14:11:41.0971 4428 C:\Windows\ehome\ehrec.exe - ok
14:11:41.0971 4428 [ 8569E35D00F45972E506502EEE622BA4 ] C:\Windows\System32\srchadmin.dll
14:11:41.0971 4428 C:\Windows\System32\srchadmin.dll - ok
14:11:41.0987 4428 [ 0E85C11F8850D524B02181C6E02BA9AE ] C:\Windows\SysWOW64\dsound.dll
14:11:41.0987 4428 C:\Windows\SysWOW64\dsound.dll - ok
14:11:41.0987 4428 [ 92DBF0A4C9239169010FC6E07859C82E ] C:\Windows\System32\ActionCenter.dll
14:11:41.0987 4428 C:\Windows\System32\ActionCenter.dll - ok
14:11:41.0987 4428 [ 357BE883C5236BFC7341CB9E82308908 ] C:\Windows\System32\wlanapi.dll
14:11:41.0987 4428 C:\Windows\System32\wlanapi.dll - ok
14:11:41.0987 4428 [ 589DF683A6C81424A6CECE52ABF98A50 ] C:\Windows\System32\tquery.dll
14:11:41.0987 4428 C:\Windows\System32\tquery.dll - ok
14:11:42.0002 4428 [ D855B0E63ECAFE9EBD086AF6691E0016 ] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\CFNetwork.dll
14:11:42.0002 4428 C:\Program Files (x86)\Common Files\Apple\Apple Application Support\CFNetwork.dll - ok
14:11:42.0002 4428 [ D2155709E336C3BC15729EB87FEC6064 ] C:\Windows\System32\rasdlg.dll
14:11:42.0002 4428 C:\Windows\System32\rasdlg.dll - ok
14:11:42.0002 4428 [ 7FDE85776B7A59B5F426262A7719B8C6 ] C:\Windows\assembly\NativeImages_v2.0.50727_64\ehCIR\0b01f92505de7e89aeb9a71160c3b4a9\ehCIR.ni.dll
14:11:42.0002 4428 C:\Windows\assembly\NativeImages_v2.0.50727_64\ehCIR\0b01f92505de7e89aeb9a71160c3b4a9\ehCIR.ni.dll - ok
14:11:42.0018 4428 [ C746F3BF98E92FB137B5BD2B8B5925BD ] C:\Windows\System32\FXSST.dll
14:11:42.0018 4428 C:\Windows\System32\FXSST.dll - ok
14:11:42.0018 4428 [ DB661831A20B7B58995C352F33593F8E ] C:\Windows\assembly\NativeImages_v2.0.50727_64\ehiProxy\b3d4face190a4aaff574574d4d8f6f6b\ehiProxy.ni.dll
14:11:42.0018 4428 C:\Windows\assembly\NativeImages_v2.0.50727_64\ehiProxy\b3d4face190a4aaff574574d4d8f6f6b\ehiProxy.ni.dll - ok
14:11:42.0018 4428 [ 650CAEA856943E29F25A25D31E004B18 ] C:\Windows\System32\FXSAPI.dll
14:11:42.0018 4428 C:\Windows\System32\FXSAPI.dll - ok
14:11:42.0033 4428 [ DF3BF36F93945062B85B02EA408E716F ] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\SQLite3.dll
14:11:42.0033 4428 C:\Program Files (x86)\Common Files\Apple\Apple Application Support\SQLite3.dll - ok
14:11:42.0033 4428 [ C8E8B8239FCF17BEA10E751BE5854631 ] C:\Windows\System32\FXSRESM.dll
14:11:42.0033 4428 C:\Windows\System32\FXSRESM.dll - ok
14:11:42.0033 4428 [ DBEFD454F8318A0EF691FDD2EAAB44EB ] C:\Windows\System32\FXSSVC.exe
14:11:42.0033 4428 C:\Windows\System32\FXSSVC.exe - ok
14:11:42.0049 4428 [ 90044039365B06CECDD8E347AC08BBAE ] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
14:11:42.0049 4428 C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll - ok
14:11:42.0049 4428 [ 18901D2086FBA7D1847CEA87A64EE0D3 ] C:\Program Files (x86)\MediaBrowser\MediaBrowser\MediaBrowserService.exe
14:11:42.0049 4428 C:\Program Files (x86)\MediaBrowser\MediaBrowser\MediaBrowserService.exe - ok
14:11:42.0049 4428 [ 415565755E342CF2BEFE89B778F6EDFA ] C:\Windows\assembly\NativeImages_v2.0.50727_64\mcepg\7c3c9c6ffadcac54f468f7db41ece8b8\mcepg.ni.dll
14:11:42.0049 4428 C:\Windows\assembly\NativeImages_v2.0.50727_64\mcepg\7c3c9c6ffadcac54f468f7db41ece8b8\mcepg.ni.dll - ok
14:11:42.0065 4428 [ F9AFD12BB4B1CFA5FCC0A5B37C604FD2 ] C:\Windows\System32\dot3api.dll
14:11:42.0065 4428 C:\Windows\System32\dot3api.dll - ok
14:11:42.0065 4428 [ 0DA37FC5BFEB4827104B0920A352A9AB ] C:\Program Files\Windows Home Server\WHSTrayApp.exe
14:11:42.0065 4428 C:\Program Files\Windows Home Server\WHSTrayApp.exe - ok
14:11:42.0065 4428 [ 25280FDB1E2F008577B1D66A99973C4E ] C:\Windows\assembly\NativeImages_v2.0.50727_64\mcstoredb\72b219b4add947fa64428f282995e6bb\mcstoredb.ni.dll
14:11:42.0065 4428 C:\Windows\assembly\NativeImages_v2.0.50727_64\mcstoredb\72b219b4add947fa64428f282995e6bb\mcstoredb.ni.dll - ok
14:11:42.0080 4428 [ E4FCA0F99A41E460C84016DEFD31E6EF ] C:\Windows\System32\wlanhlp.dll
14:11:42.0080 4428 C:\Windows\System32\wlanhlp.dll - ok
14:11:42.0080 4428 [ 198552AEFECA69D646867EC8D792DE95 ] C:\Windows\SysWOW64\ddraw.dll
14:11:42.0080 4428 C:\Windows\SysWOW64\ddraw.dll - ok
14:11:42.0080 4428 [ D32088C67317F5B64C13352E6EB5FFB1 ] C:\Windows\assembly\GAC_64\mcstoredb\6.1.0.0__31bf3856ad364e35\mcstoredb.dll
14:11:42.0080 4428 C:\Windows\assembly\GAC_64\mcstoredb\6.1.0.0__31bf3856ad364e35\mcstoredb.dll - ok
14:11:42.0080 4428 [ AA61A7047E854A9E914FDD17C2F35675 ] C:\Windows\System32\sqlceoledb30.dll
14:11:42.0080 4428 C:\Windows\System32\sqlceoledb30.dll - ok
14:11:42.0096 4428 [ 9C75CB8B98610F0CD85D99BB5876308B ] C:\Windows\System32\sqlcese30.dll
14:11:42.0096 4428 C:\Windows\System32\sqlcese30.dll - ok
14:11:42.0096 4428 [ 7568CC720ACE4D03B84AF97817E745EF ] C:\Windows\System32\mssrch.dll
14:11:42.0096 4428 C:\Windows\System32\mssrch.dll - ok
14:11:42.0096 4428 [ 3121A79D13A61562BE9CC902CD46B542 ] C:\Windows\System32\msidle.dll
14:11:42.0096 4428 C:\Windows\System32\msidle.dll - ok
14:11:42.0111 4428 [ ACE1BB07E0377E37A2C514CD2EC119B1 ] C:\Windows\System32\mssprxy.dll
14:11:42.0111 4428 C:\Windows\System32\mssprxy.dll - ok
14:11:42.0111 4428 [ 76F39902E25F43FE9450AD3D6A14D0D8 ] C:\Windows\assembly\NativeImages_v2.0.50727_64\WindowsBase\60ab562d9fe10d1782ed705ef2beb95a\WindowsBase.ni.dll
14:11:42.0111 4428 C:\Windows\assembly\NativeImages_v2.0.50727_64\WindowsBase\60ab562d9fe10d1782ed705ef2beb95a\WindowsBase.ni.dll - ok
14:11:42.0111 4428 [ E5744D18C88737C6356D0A8D6D49D512 ] C:\Windows\System32\sqlceqp30.dll
14:11:42.0111 4428 C:\Windows\System32\sqlceqp30.dll - ok
14:11:42.0127 4428 [ 6699A112A3BDC9B52338512894EBA9D6 ] C:\Program Files\Windows Media Player\wmpnscfg.exe
14:11:42.0127 4428 C:\Program Files\Windows Media Player\wmpnscfg.exe - ok
14:11:42.0127 4428 [ FB355B817AE641BBAE08607E58CB5CE2 ] C:\Windows\System32\hhctrl.ocx
14:11:42.0127 4428 C:\Windows\System32\hhctrl.ocx - ok
14:11:42.0127 4428 [ 5DA219F57A9076FB6FBD3C9C3713A672 ] C:\Windows\System32\WWanAPI.dll
14:11:42.0127 4428 C:\Windows\System32\WWanAPI.dll - ok
14:11:42.0143 4428 [ C7494C67A6BF6FE914808E42F8265FEF ] C:\Program Files\Windows Media Player\wmpnssci.dll
14:11:42.0143 4428 C:\Program Files\Windows Media Player\wmpnssci.dll - ok
14:11:42.0143 4428 [ 55E5B32AE8D1F51A63C82919656FD275 ] C:\Windows\SysWOW64\dciman32.dll
14:11:42.0143 4428 C:\Windows\SysWOW64\dciman32.dll - ok
14:11:42.0143 4428 [ E6748A0ADC22F0595E31448CAC746D3F ] C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\iTunesMobileDevice.dll
14:11:42.0143 4428 C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\iTunesMobileDevice.dll - ok
14:11:42.0158 4428 [ 62C7AACC746C9723468A8F2169ED3E85 ] C:\Windows\System32\wwapi.dll
14:11:42.0158 4428 C:\Windows\System32\wwapi.dll - ok
14:11:42.0158 4428 [ 094497FEA17EFF31DDA242C67C0E474A ] C:\Program Files (x86)\ZeeVee\ZvRemote\ZvRemote.exe
14:11:42.0158 4428 C:\Program Files (x86)\ZeeVee\ZvRemote\ZvRemote.exe - ok
14:11:42.0158 4428 [ E985F13877D4AC8BE9921543FB24663D ] C:\Program Files\Windows Home Server\WHSNotificationSink.dll
14:11:42.0158 4428 C:\Program Files\Windows Home Server\WHSNotificationSink.dll - ok
14:11:42.0158 4428 [ 6B851E682A36453E1B1EE297FFB6E2AB ] C:\Windows\System32\QAGENT.DLL
14:11:42.0158 4428 C:\Windows\System32\QAGENT.DLL - ok
14:11:42.0174 4428 [ 14318553F4D761CFA76389EA4480442A ] C:\Program Files\Windows Home Server\TransportServiceProxy.dll
14:11:42.0174 4428 C:\Program Files\Windows Home Server\TransportServiceProxy.dll - ok
14:11:42.0174 4428 [ 0AA46EC73FAA75DDDB96BA0901088817 ] C:\Program Files\Windows Home Server\BackupApi.dll
14:11:42.0174 4428 C:\Program Files\Windows Home Server\BackupApi.dll - ok
14:11:42.0174 4428 [ CCE5D71F19AB70D969F9819B5C88438D ] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
14:11:42.0174 4428 C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe - ok
14:11:42.0189 4428 [ C9FB9038B15036CA28CF0B4BE2BED9BD ] C:\Windows\System32\en-US\tquery.dll.mui
14:11:42.0189 4428 C:\Windows\System32\en-US\tquery.dll.mui - ok
14:11:42.0189 4428 [ F7A256EC899C72B4ECDD2C02CB592EFD ] C:\Windows\System32\bthprops.cpl
14:11:42.0189 4428 C:\Windows\System32\bthprops.cpl - ok
14:11:42.0189 4428 [ A9F3BFC9345F49614D5859EC95B9E994 ] C:\Program Files\Windows Media Player\wmpnetwk.exe
14:11:42.0189 4428 C:\Program Files\Windows Media Player\wmpnetwk.exe - ok
14:11:42.0205 4428 [ E36112A8A6C7F840169A7E92C12F4203 ] C:\Windows\System32\wsock32.dll
14:11:42.0205 4428 C:\Windows\System32\wsock32.dll - ok
14:11:42.0205 4428 [ 423982DD851406A52B6399DDB196C606 ] C:\Windows\System32\wmdrmdev.dll
14:11:42.0205 4428 C:\Windows\System32\wmdrmdev.dll - ok
14:11:42.0205 4428 [ F8E8676D1B6B2CC12DF9AA6B1A43D929 ] C:\Program Files\iPod\bin\iPodService.exe
14:11:42.0205 4428 C:\Program Files\iPod\bin\iPodService.exe - ok
14:11:42.0221 4428 [ 55E3C4F4D953D8518EBDC5EA9AD786CE ] C:\Windows\System32\ieframe.dll
14:11:42.0221 4428 C:\Windows\System32\ieframe.dll - ok
14:11:42.0221 4428 [ 2C1055E2C6D42753241FB2A129136994 ] C:\Windows\System32\drmv2clt.dll
14:11:42.0221 4428 C:\Windows\System32\drmv2clt.dll - ok
14:11:42.0221 4428 [ 25DEF2EF843275862FFBF55487CEFDDD ] C:\Windows\SysWOW64\Macromed\Flash\Flash32_11_5_502_135.ocx
14:11:42.0221 4428 C:\Windows\SysWOW64\Macromed\Flash\Flash32_11_5_502_135.ocx - ok
14:11:42.0236 4428 [ E19AD0D49BFF5938B3E374873AC174DE ] C:\Windows\System32\wmploc.DLL
14:11:42.0236 4428 C:\Windows\System32\wmploc.DLL - ok
14:11:42.0236 4428 [ 7F17EBCE1B017CDDD3B359137380DD7A ] C:\Program Files\iPod\bin\iPodService.Resources\iPodService.dll
14:11:42.0236 4428 C:\Program Files\iPod\bin\iPodService.Resources\iPodService.dll - ok
14:11:42.0236 4428 [ 9349D633F833994F040C47F4820433EC ] C:\Program Files\iPod\bin\iPodService.Resources\en.lproj\iPodServiceLocalized.dll
14:11:42.0236 4428 C:\Program Files\iPod\bin\iPodService.Resources\en.lproj\iPodServiceLocalized.dll - ok
14:11:42.0252 4428 [ 919001D2BB17DF06CA3F8AC16AD039F6 ] C:\Windows\SysWOW64\sxs.dll
14:11:42.0252 4428 C:\Windows\SysWOW64\sxs.dll - ok
14:11:42.0252 4428 [ 72AB8C3F8AB7B550A896357C9E0896DA ] C:\Windows\assembly\NativeImages_v2.0.50727_64\PresentationCore\2abfa3ca7ad3cc6f199158e6663f3006\PresentationCore.ni.dll
14:11:42.0252 4428 C:\Windows\assembly\NativeImages_v2.0.50727_64\PresentationCore\2abfa3ca7ad3cc6f199158e6663f3006\PresentationCore.ni.dll - ok
14:11:42.0252 4428 [ 252B8748C25F5A5E5B8892F4257A10B3 ] C:\ProgramData\Microsoft\Windows\DRM\Cache\Indiv_SID_S-1-5-20\Indiv01_64.key
14:11:42.0252 4428 C:\ProgramData\Microsoft\Windows\DRM\Cache\Indiv_SID_S-1-5-20\Indiv01_64.key - ok
14:11:42.0267 4428 [ E63EAF09FC29954D7F8EAB2DEF495062 ] C:\Windows\assembly\NativeImages_v2.0.50727_64\System.Web\193e9d54d5a1785730cc76195c3ed9c6\System.Web.ni.dll
14:11:42.0267 4428 C:\Windows\assembly\NativeImages_v2.0.50727_64\System.Web\193e9d54d5a1785730cc76195c3ed9c6\System.Web.ni.dll - ok
14:11:42.0267 4428 [ C733EBBDD79892B96C9980EBDC0CA704 ] C:\Windows\assembly\NativeImages_v2.0.50727_64\PresentationFramewo#\c217382951ed46e82a9a3e27bd6379e7\PresentationFramework.ni.dll
14:11:42.0267 4428 C:\Windows\assembly\NativeImages_v2.0.50727_64\PresentationFramewo#\c217382951ed46e82a9a3e27bd6379e7\PresentationFramework.ni.dll - ok
14:11:42.0267 4428 [ C264145F107437CBD3B30303733AEE4F ] C:\Windows\assembly\GAC_64\PresentationCore\3.0.0.0__31bf3856ad364e35\PresentationCore.dll
14:11:42.0267 4428 C:\Windows\assembly\GAC_64\PresentationCore\3.0.0.0__31bf3856ad364e35\PresentationCore.dll - ok
14:11:42.0283 4428 [ 5D0E28A22860E487148B2820309C0063 ] C:\Windows\assembly\NativeImages_v2.0.50727_64\System.Configuration\ac14913a11af4bfae0b8eb913a46a161\System.Configuration.ni.dll
14:11:42.0283 4428 C:\Windows\assembly\NativeImages_v2.0.50727_64\System.Configuration\ac14913a11af4bfae0b8eb913a46a161\System.Configuration.ni.dll - ok
14:11:42.0283 4428 [ C1D9E25FC988516DF703D6E12ACA915F ] C:\Program Files\Internet Explorer\ieproxy.dll
14:11:42.0283 4428 C:\Program Files\Internet Explorer\ieproxy.dll - ok
14:11:42.0283 4428 [ 64DEC20C088832E46DEF5B5A5B28E028 ] C:\Windows\System32\atipdl64.dll
14:11:42.0283 4428 C:\Windows\System32\atipdl64.dll - ok
14:11:42.0299 4428 [ 7F8678C59F188528D60104E697C2361E ] C:\Windows\SysWOW64\mscms.dll
14:11:42.0299 4428 C:\Windows\SysWOW64\mscms.dll - ok
14:11:42.0299 4428 [ 355A138ABDFD43FBABCAE3A1B06AB93D ] C:\Windows\System32\wmpps.dll
14:11:42.0299 4428 C:\Windows\System32\wmpps.dll - ok
14:11:42.0299 4428 [ F149E8CAE538DBF7059B00326673F602 ] C:\Windows\System32\wmpmde.dll
14:11:42.0299 4428 C:\Windows\System32\wmpmde.dll - ok
14:11:42.0299 4428 [ 47B8DEBEC68FACCD026F99CAE8698C93 ] C:\Windows\System32\webcheck.dll
14:11:42.0299 4428 C:\Windows\System32\webcheck.dll - ok
14:11:42.0314 4428 [ D9E21CBF9E6A87847AFFD39EA3FA28EE ] C:\Windows\System32\SearchProtocolHost.exe
14:11:42.0314 4428 C:\Windows\System32\SearchProtocolHost.exe - ok
14:11:42.0314 4428 [ D2A5B2B09F2AF5ED13BF494508B09788 ] C:\Windows\System32\msshooks.dll
14:11:42.0314 4428 C:\Windows\System32\msshooks.dll - ok
14:11:42.0314 4428 [ 220159496484D34009DE71CA1A68E0D4 ] C:\Windows\System32\wbem\NCProv.dll
14:11:42.0314 4428 C:\Windows\System32\wbem\NCProv.dll - ok
14:11:42.0330 4428 [ 8494E126F0B10180F3293AF861CE1F7A ] C:\Windows\System32\mlang.dll
14:11:42.0330 4428 C:\Windows\System32\mlang.dll - ok
14:11:42.0330 4428 [ 83D0C449C534CC014799BEC0A060726C ] C:\Program Files\Alwil Software\Avast5\defs\12123000\uiext.dll
14:11:42.0330 4428 C:\Program Files\Alwil Software\Avast5\defs\12123000\uiext.dll - ok
14:11:42.0330 4428 [ 49A3AD5CE578CD77F445F3D244AEAB2D ] C:\Windows\System32\SearchFilterHost.exe
-
more TDSKiller
14:11:33.0953 4428 WdiSystemHost - ok
14:11:33.0984 4428 [ 3DB6D04E1C64272F8B14EB8BC4616280 ] WebClient C:\Windows\System32\webclnt.dll
14:11:34.0046 4428 WebClient - ok
14:11:34.0062 4428 [ C749025A679C5103E575E3B48E092C43 ] Wecsvc C:\Windows\system32\wecsvc.dll
14:11:34.0124 4428 Wecsvc - ok
14:11:34.0155 4428 [ 7E591867422DC788B9E5BD337A669A08 ] wercplsupport C:\Windows\System32\wercplsupport.dll
14:11:34.0202 4428 wercplsupport - ok
14:11:34.0233 4428 [ 6D137963730144698CBD10F202E9F251 ] WerSvc C:\Windows\System32\WerSvc.dll
14:11:34.0265 4428 WerSvc - ok
14:11:34.0280 4428 [ 611B23304BF067451A9FDEE01FBDD725 ] WfpLwf C:\Windows\system32\DRIVERS\wfplwf.sys
14:11:34.0311 4428 WfpLwf - ok
14:11:34.0374 4428 [ 1EF54B3220EBF3794439EB072B350F3E ] WHSConnector C:\Program Files\Windows Home Server\WHSConnector.exe
14:11:34.0389 4428 WHSConnector - ok
14:11:34.0405 4428 [ 05ECAEC3E4529A7153B3136CEB49F0EC ] WIMMount C:\Windows\system32\drivers\wimmount.sys
14:11:34.0421 4428 WIMMount - ok
14:11:34.0452 4428 WinDefend - ok
14:11:34.0452 4428 WinHttpAutoProxySvc - ok
14:11:34.0499 4428 [ 19B07E7E8915D701225DA41CB3877306 ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll
14:11:34.0561 4428 Winmgmt - ok
14:11:34.0623 4428 [ BCB1310604AA415C4508708975B3931E ] WinRM C:\Windows\system32\WsmSvc.dll
14:11:34.0733 4428 WinRM - ok
14:11:34.0779 4428 [ FE88B288356E7B47B74B13372ADD906D ] WinUsb C:\Windows\system32\DRIVERS\WinUsb.sys
14:11:34.0795 4428 WinUsb - ok
14:11:34.0842 4428 [ 4FADA86E62F18A1B2F42BA18AE24E6AA ] Wlansvc C:\Windows\System32\wlansvc.dll
14:11:34.0873 4428 Wlansvc - ok
14:11:34.0935 4428 [ 06C8FA1CF39DE6A735B54D906BA791C6 ] wlcrasvc C:\Program Files\Windows Live\Mesh\wlcrasvc.exe
14:11:34.0951 4428 wlcrasvc - ok
14:11:35.0060 4428 [ 7E47C328FC4768CB8BEAFBCFAFA70362 ] wlidsvc C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
14:11:35.0107 4428 wlidsvc - ok
14:11:35.0138 4428 [ F6FF8944478594D0E414D3F048F0D778 ] WmiAcpi C:\Windows\system32\drivers\wmiacpi.sys
14:11:35.0169 4428 WmiAcpi - ok
14:11:35.0201 4428 [ 38B84C94C5A8AF291ADFEA478AE54F93 ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe
14:11:35.0232 4428 wmiApSrv - ok
14:11:35.0279 4428 WMPNetworkSvc - ok
14:11:35.0294 4428 [ 96C6E7100D724C69FCF9E7BF590D1DCA ] WPCSvc C:\Windows\System32\wpcsvc.dll
14:11:35.0310 4428 WPCSvc - ok
14:11:35.0341 4428 [ 93221146D4EBBF314C29B23CD6CC391D ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll
14:11:35.0372 4428 WPDBusEnum - ok
14:11:35.0419 4428 [ 6BCC1D7D2FD2453957C5479A32364E52 ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys
14:11:35.0450 4428 ws2ifsl - ok
14:11:35.0466 4428 [ E8B1FE6669397D1772D8196DF0E57A9E ] wscsvc C:\Windows\system32\wscsvc.dll
14:11:35.0497 4428 wscsvc - ok
14:11:35.0497 4428 WSearch - ok
14:11:35.0637 4428 [ D9EF901DCA379CFE914E9FA13B73B4C4 ] wuauserv C:\Windows\system32\wuaueng.dll
14:11:35.0684 4428 wuauserv - ok
14:11:35.0715 4428 [ AB886378EEB55C6C75B4F2D14B6C869F ] WudfPf C:\Windows\system32\drivers\WudfPf.sys
14:11:35.0747 4428 WudfPf - ok
14:11:35.0778 4428 [ DDA4CAF29D8C0A297F886BFE561E6659 ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys
14:11:35.0809 4428 WUDFRd - ok
14:11:35.0840 4428 [ B20F051B03A966392364C83F009F7D17 ] wudfsvc C:\Windows\System32\WUDFSvc.dll
14:11:35.0871 4428 wudfsvc - ok
14:11:35.0887 4428 [ 9A3452B3C2A46C073166C5CF49FAD1AE ] WwanSvc C:\Windows\System32\wwansvc.dll
14:11:35.0949 4428 WwanSvc - ok
14:11:35.0965 4428 ================ Scan global ===============================
14:11:35.0981 4428 [ BA0CD8C393E8C9F83354106093832C7B ] C:\Windows\system32\basesrv.dll
14:11:36.0012 4428 [ 72CC564BBC70DE268784BCE91EB8A28F ] C:\Windows\system32\winsrv.dll
14:11:36.0043 4428 [ 72CC564BBC70DE268784BCE91EB8A28F ] C:\Windows\system32\winsrv.dll
14:11:36.0059 4428 [ D6160F9D869BA3AF0B787F971DB56368 ] C:\Windows\system32\sxssrv.dll
14:11:36.0137 4428 [ 24ACB7E5BE595468E3B9AA488B9B4FCB ] C:\Windows\system32\services.exe
14:11:36.0137 4428 [Global] - ok
14:11:36.0137 4428 ================ Scan MBR ==================================
14:11:36.0152 4428 [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
14:11:36.0854 4428 \Device\Harddisk0\DR0 - ok
14:11:37.0135 4428 [ 973E9BA32FDBB305C552ED3E1EBF0686 ] \Device\Harddisk1\DR1
14:11:37.0619 4428 \Device\Harddisk1\DR1 - ok
14:11:37.0619 4428 ================ Scan VBR ==================================
14:11:37.0634 4428 [ A2759C58FFBFCA8425E25DA4176B27C5 ] \Device\Harddisk0\DR0\Partition1
14:11:37.0650 4428 \Device\Harddisk0\DR0\Partition1 - ok
14:11:37.0650 4428 [ 135DD926E5C6BA97CACDFA51CFF160B8 ] \Device\Harddisk1\DR1\Partition1
14:11:37.0665 4428 \Device\Harddisk1\DR1\Partition1 - ok
14:11:37.0665 4428 ================ Scan active images ========================
14:11:37.0665 4428 [ 02062C0B390B7729EDC9E69C680A6F3C ] C:\Windows\System32\drivers\atapi.sys
14:11:37.0665 4428 C:\Windows\System32\drivers\atapi.sys - ok
14:11:37.0665 4428 [ 3E588B60EC061686BA05D33574A344C6 ] C:\Windows\System32\drivers\crashdmp.sys
14:11:37.0665 4428 C:\Windows\System32\drivers\crashdmp.sys - ok
14:11:37.0665 4428 [ 839B5FE3D48E9F35B22C21A3D5103F6C ] C:\Windows\System32\drivers\Dumpata.sys
14:11:37.0665 4428 C:\Windows\System32\drivers\Dumpata.sys - ok
14:11:37.0681 4428 [ 814DB88F2641691575A455CF25354098 ] C:\Windows\System32\drivers\dumpfve.sys
14:11:37.0681 4428 C:\Windows\System32\drivers\dumpfve.sys - ok
14:11:37.0681 4428 [ F036CE71586E93D94DAB220D7BDF4416 ] C:\Windows\System32\drivers\cdrom.sys
14:11:37.0681 4428 C:\Windows\System32\drivers\cdrom.sys - ok
14:11:37.0681 4428 [ E71D826A1F3CE9C9DE3E77F2D02AFFBF ] C:\Windows\System32\drivers\aswSnx.sys
14:11:37.0681 4428 C:\Windows\System32\drivers\aswSnx.sys - ok
14:11:37.0697 4428 [ 16A47CE2DECC9B099349A5F840654746 ] C:\Windows\System32\drivers\beep.sys
14:11:37.0697 4428 C:\Windows\System32\drivers\beep.sys - ok
14:11:37.0697 4428 [ 919ACCC22ABDC1C3CA68326C0E5DEAF9 ] C:\Windows\System32\drivers\cmdGuard.sys
14:11:37.0697 4428 C:\Windows\System32\drivers\cmdGuard.sys - ok
14:11:37.0697 4428 [ 9899284589F75FA8724FF3D16AED75C1 ] C:\Windows\System32\drivers\null.sys
14:11:37.0697 4428 C:\Windows\System32\drivers\null.sys - ok
14:11:37.0712 4428 [ 53E92A310193CB3C03BEA963DE7D9CFC ] C:\Windows\System32\drivers\vga.sys
14:11:37.0712 4428 C:\Windows\System32\drivers\vga.sys - ok
14:11:37.0712 4428 [ E7353D59C9842BC7299FAEB7E7E09340 ] C:\Windows\System32\drivers\videoprt.sys
14:11:37.0712 4428 C:\Windows\System32\drivers\videoprt.sys - ok
14:11:37.0712 4428 [ FC438D1430B28618E2D0C7C332A710AD ] C:\Windows\System32\drivers\watchdog.sys
14:11:37.0712 4428 C:\Windows\System32\drivers\watchdog.sys - ok
14:11:37.0728 4428 [ CEA6CC257FC9B7715F1C2B4849286D24 ] C:\Windows\System32\drivers\RDPCDD.sys
14:11:37.0728 4428 C:\Windows\System32\drivers\RDPCDD.sys - ok
14:11:37.0728 4428 [ BB5971A4F00659529A5C44831AF22365 ] C:\Windows\System32\drivers\RDPENCDD.sys
14:11:37.0728 4428 C:\Windows\System32\drivers\RDPENCDD.sys - ok
14:11:37.0728 4428 [ 216F3FA57533D98E1F74DED70113177A ] C:\Windows\System32\drivers\RDPREFMP.sys
14:11:37.0728 4428 C:\Windows\System32\drivers\RDPREFMP.sys - ok
14:11:37.0743 4428 [ AA3FB40E17CE1388FA1BEDAB50EA8F96 ] C:\Windows\System32\drivers\msfs.sys
14:11:37.0743 4428 C:\Windows\System32\drivers\msfs.sys - ok
14:11:37.0743 4428 [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7 ] C:\Windows\System32\drivers\npfs.sys
14:11:37.0743 4428 C:\Windows\System32\drivers\npfs.sys - ok
14:11:37.0743 4428 [ 6F020A220388ECA0AB6062DC27BD16B6 ] C:\Windows\System32\drivers\tdi.sys
14:11:37.0743 4428 C:\Windows\System32\drivers\tdi.sys - ok
14:11:37.0759 4428 [ DDAD5A7AB24D8B65F8D724F5C20FD806 ] C:\Windows\System32\drivers\tdx.sys
14:11:37.0759 4428 C:\Windows\System32\drivers\tdx.sys - ok
14:11:37.0759 4428 [ 6EDC79D73745FD44C41B55B2D13D0B70 ] C:\Windows\System32\drivers\aswTdi.sys
14:11:37.0759 4428 C:\Windows\System32\drivers\aswTdi.sys - ok
14:11:37.0759 4428 [ F8FECE0F1D44C4A58778083B00EEADAC ] C:\Windows\System32\drivers\cmdhlp.sys
14:11:37.0759 4428 C:\Windows\System32\drivers\cmdhlp.sys - ok
14:11:37.0759 4428 [ 1C7857B62DE5994A75B054A9FD4C3825 ] C:\Windows\System32\drivers\afd.sys
14:11:37.0759 4428 C:\Windows\System32\drivers\afd.sys - ok
14:11:37.0775 4428 [ 57768C7DB4681F2510F247F82EF31D4F ] C:\Windows\System32\drivers\aswRdr2.sys
14:11:37.0775 4428 C:\Windows\System32\drivers\aswRdr2.sys - ok
14:11:37.0775 4428 [ 09594D1089C523423B32A4229263F068 ] C:\Windows\System32\drivers\netbt.sys
14:11:37.0775 4428 C:\Windows\System32\drivers\netbt.sys - ok
14:11:37.0775 4428 [ 611B23304BF067451A9FDEE01FBDD725 ] C:\Windows\System32\drivers\wfplwf.sys
14:11:37.0775 4428 C:\Windows\System32\drivers\wfplwf.sys - ok
14:11:37.0790 4428 [ 6BCC1D7D2FD2453957C5479A32364E52 ] C:\Windows\System32\drivers\ws2ifsl.sys
14:11:37.0790 4428 C:\Windows\System32\drivers\ws2ifsl.sys - ok
14:11:37.0790 4428 [ 0557CF5A2556BD58E26384169D72438D ] C:\Windows\System32\drivers\pacer.sys
14:11:37.0790 4428 C:\Windows\System32\drivers\pacer.sys - ok
14:11:37.0790 4428 [ 6A3D66263414FF0D6FA754C646612F3F ] C:\Windows\System32\drivers\vwififlt.sys
14:11:37.0790 4428 C:\Windows\System32\drivers\vwififlt.sys - ok
14:11:37.0806 4428 [ C4E67D3037DC79E39D7136581A947F50 ] C:\Windows\System32\drivers\inspect.sys
14:11:37.0806 4428 C:\Windows\System32\drivers\inspect.sys - ok
14:11:37.0806 4428 [ 86743D9F5D2B1048062B14B1D84501C4 ] C:\Windows\System32\drivers\netbios.sys
14:11:37.0806 4428 C:\Windows\System32\drivers\netbios.sys - ok
14:11:37.0806 4428 [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6 ] C:\Windows\System32\drivers\serial.sys
14:11:37.0806 4428 C:\Windows\System32\drivers\serial.sys - ok
14:11:37.0821 4428 [ 356AFD78A6ED4457169241AC3965230C ] C:\Windows\System32\drivers\wanarp.sys
14:11:37.0821 4428 C:\Windows\System32\drivers\wanarp.sys - ok
14:11:37.0821 4428 [ 561E7E1F06895D78DE991E01DD0FB6E5 ] C:\Windows\System32\drivers\termdd.sys
14:11:37.0821 4428 C:\Windows\System32\drivers\termdd.sys - ok
14:11:37.0821 4428 [ 0EED230E37515A0EAEE3C2E1BC97B288 ] C:\Windows\System32\drivers\mssmbios.sys
14:11:37.0821 4428 C:\Windows\System32\drivers\mssmbios.sys - ok
14:11:37.0837 4428 [ E7F5AE18AF4168178A642A9247C63001 ] C:\Windows\System32\drivers\nsiproxy.sys
14:11:37.0837 4428 C:\Windows\System32\drivers\nsiproxy.sys - ok
14:11:37.0837 4428 [ 77F665941019A1594D887A74F301FA2F ] C:\Windows\System32\drivers\rdbss.sys
14:11:37.0837 4428 C:\Windows\System32\drivers\rdbss.sys - ok
14:11:37.0837 4428 [ 13096B05847EC78F0977F2C0F79E9AB3 ] C:\Windows\System32\drivers\discache.sys
14:11:37.0837 4428 C:\Windows\System32\drivers\discache.sys - ok
14:11:37.0853 4428 [ A05FC7ECA0966EBB70E4D17B855A853B ] C:\Windows\System32\drivers\ElbyCDIO.sys
14:11:37.0853 4428 C:\Windows\System32\drivers\ElbyCDIO.sys - ok
14:11:37.0853 4428 [ 54DA3DFD29ED9F1619B6F53F3CE55E49 ] C:\Windows\System32\drivers\csc.sys
14:11:37.0853 4428 C:\Windows\System32\drivers\csc.sys - ok
14:11:37.0853 4428 [ 61583EE3C3A17003C4ACD0475646B4D3 ] C:\Windows\System32\drivers\blbdrive.sys
14:11:37.0853 4428 C:\Windows\System32\drivers\blbdrive.sys - ok
14:11:37.0868 4428 [ 9BB2EF44EAA163B29C4A4587887A0FE4 ] C:\Windows\System32\drivers\dfsc.sys
14:11:37.0868 4428 C:\Windows\System32\drivers\dfsc.sys - ok
14:11:37.0868 4428 [ 538A32E2C99BF073D4CA76C30BEDAA60 ] C:\Windows\System32\drivers\aswSP.sys
14:11:37.0868 4428 C:\Windows\System32\drivers\aswSP.sys - ok
14:11:37.0868 4428 [ 68726474C69B738EAC3A62E06B33ADDC ] C:\Windows\SysWOW64\drivers\AsIO.sys
14:11:37.0868 4428 C:\Windows\SysWOW64\drivers\AsIO.sys - ok
14:11:37.0884 4428 [ 3566A8DAAFA27AF944F5D705EAA64894 ] C:\Windows\System32\drivers\tunnel.sys
14:11:37.0884 4428 C:\Windows\System32\drivers\tunnel.sys - ok
14:11:37.0884 4428 [ 7024F087CFF1833A806193EF9D22CDA9 ] C:\Windows\System32\drivers\amdk8.sys
14:11:37.0884 4428 C:\Windows\System32\drivers\amdk8.sys - ok
14:11:37.0884 4428 [ F712C26D40BF3CD2C020BB518E8150B1 ] C:\Windows\System32\drivers\atikmpag.sys
14:11:37.0884 4428 C:\Windows\System32\drivers\atikmpag.sys - ok
14:11:37.0899 4428 [ CF95B85FF8D128385ABD411C8CA74DED ] C:\Windows\System32\ntdll.dll
14:11:37.0899 4428 C:\Windows\System32\ntdll.dll - ok
14:11:37.0899 4428 [ 1911A3356FA3F77CCC825CCBAC038C2A ] C:\Windows\System32\smss.exe
14:11:37.0899 4428 C:\Windows\System32\smss.exe - ok
14:11:37.0899 4428 [ 3B536A8BEC3B4F23FFDFD78B11A2AB93 ] C:\Windows\System32\autochk.exe
14:11:37.0899 4428 C:\Windows\System32\autochk.exe - ok
14:11:37.0915 4428 [ 522A8BD1414CC7517FAEC907F138DB9C ] C:\Windows\System32\drivers\atikmdag.sys
14:11:37.0915 4428 C:\Windows\System32\drivers\atikmdag.sys - ok
14:11:37.0915 4428 [ F5BEE30450E18E6B83A5012C100616FD ] C:\Windows\System32\drivers\dxgkrnl.sys
14:11:37.0915 4428 C:\Windows\System32\drivers\dxgkrnl.sys - ok
14:11:37.0915 4428 [ 9CD68BDDF322535C02ADC8331013D13D ] C:\Windows\System32\drivers\dxgmms1.sys
14:11:37.0915 4428 C:\Windows\System32\drivers\dxgmms1.sys - ok
14:11:37.0915 4428 [ 97BFED39B6B79EB12CDDBFEED51F56BB ] C:\Windows\System32\drivers\hdaudbus.sys
14:11:37.0915 4428 C:\Windows\System32\drivers\hdaudbus.sys - ok
14:11:37.0931 4428 [ B49DC435AE3695BAC5623DD94B05732D ] C:\Windows\System32\drivers\Rt64win7.sys
14:11:37.0931 4428 C:\Windows\System32\drivers\Rt64win7.sys - ok
14:11:37.0931 4428 [ 821E7E501226EE344FDB0F40EE46109D ] C:\Windows\System32\drivers\AnyDVD.sys
14:11:37.0931 4428 C:\Windows\System32\drivers\AnyDVD.sys - ok
14:11:37.0931 4428 [ E403AACF8C7BB11375122D2464560311 ] C:\Windows\System32\drivers\GEARAspiWDM.sys
14:11:37.0931 4428 C:\Windows\System32\drivers\GEARAspiWDM.sys - ok
14:11:37.0946 4428 [ AE259C75F9A0B057B6BF9E9695632B09 ] C:\Windows\System32\drivers\usbport.sys
14:11:37.0946 4428 C:\Windows\System32\drivers\usbport.sys - ok
14:11:37.0946 4428 [ 9840FC418B4CBD632D3D0A667A725C31 ] C:\Windows\System32\drivers\usbohci.sys
14:11:37.0946 4428 C:\Windows\System32\drivers\usbohci.sys - ok
14:11:37.0946 4428 [ 7ECFF9B22276B73F43A99A15A6094E90 ] C:\Windows\System32\drivers\agilevpn.sys
14:11:37.0946 4428 C:\Windows\System32\drivers\agilevpn.sys - ok
14:11:37.0962 4428 [ 19B006B181E3875FD254F7B67ACF1E7C ] C:\Windows\System32\drivers\ASACPI.sys
14:11:37.0962 4428 C:\Windows\System32\drivers\ASACPI.sys - ok
14:11:37.0962 4428 [ 03EDB043586CCEBA243D689BDDA370A8 ] C:\Windows\System32\drivers\CompositeBus.sys
14:11:37.0962 4428 C:\Windows\System32\drivers\CompositeBus.sys - ok
14:11:37.0962 4428 [ 0086431C29C35BE1DBC43F52CC273887 ] C:\Windows\System32\drivers\parport.sys
14:11:37.0962 4428 C:\Windows\System32\drivers\parport.sys - ok
14:11:37.0977 4428 [ CB624C0035412AF0DEBEC78C41F5CA1B ] C:\Windows\System32\drivers\serenum.sys
14:11:37.0977 4428 C:\Windows\System32\drivers\serenum.sys - ok
14:11:37.0977 4428 [ C025055FE7B87701EB042095DF1A2D7B ] C:\Windows\System32\drivers\usbehci.sys
14:11:37.0977 4428 C:\Windows\System32\drivers\usbehci.sys - ok
14:11:37.0977 4428 [ F6FF8944478594D0E414D3F048F0D778 ] C:\Windows\System32\drivers\wmiacpi.sys
14:11:37.0977 4428 C:\Windows\System32\drivers\wmiacpi.sys - ok
14:11:37.0993 4428 [ 30639C932D9FEF22B31268FE25A1B6E5 ] C:\Windows\System32\drivers\ndistapi.sys
14:11:37.0993 4428 C:\Windows\System32\drivers\ndistapi.sys - ok
14:11:37.0993 4428 [ 53F7305169863F0A2BDDC49E116C2E11 ] C:\Windows\System32\drivers\ndiswan.sys
14:11:37.0993 4428 C:\Windows\System32\drivers\ndiswan.sys - ok
14:11:37.0993 4428 [ 471815800AE33E6F1C32FB1B97C490CA ] C:\Windows\System32\drivers\rasl2tp.sys
14:11:37.0993 4428 C:\Windows\System32\drivers\rasl2tp.sys - ok
14:11:38.0009 4428 [ 855C9B1CD4756C5E9A2AA58A15F58C25 ] C:\Windows\System32\drivers\raspppoe.sys
14:11:38.0009 4428 C:\Windows\System32\drivers\raspppoe.sys - ok
14:11:38.0009 4428 [ BC02336F1CBA7DCC7D1213BB588A68A5 ] C:\Windows\System32\drivers\kbdclass.sys
14:11:38.0009 4428 C:\Windows\System32\drivers\kbdclass.sys - ok
14:11:38.0009 4428 [ 7D27EA49F3C1F687D357E77A470AEA99 ] C:\Windows\System32\drivers\mouclass.sys
14:11:38.0009 4428 C:\Windows\System32\drivers\mouclass.sys - ok
14:11:38.0024 4428 [ F92A2C41117A11A00BE01CA01A7FCDE9 ] C:\Windows\System32\drivers\raspptp.sys
14:11:38.0024 4428 C:\Windows\System32\drivers\raspptp.sys - ok
14:11:38.0024 4428 [ E8B1E447B008D07FF47D016C2B0EEECB ] C:\Windows\System32\drivers\rassstp.sys
14:11:38.0024 4428 C:\Windows\System32\drivers\rassstp.sys - ok
14:11:38.0024 4428 [ 302DA2A0539F2CF54D7C6CC30C1F2D8D ] C:\Windows\System32\drivers\rdpbus.sys
14:11:38.0024 4428 C:\Windows\System32\drivers\rdpbus.sys - ok
14:11:38.0024 4428 [ 24FBF5CC5C04150073C315A7C83521EE ] C:\Windows\System32\drivers\ks.sys
14:11:38.0024 4428 C:\Windows\System32\drivers\ks.sys - ok
14:11:38.0040 4428 [ D01EC09B6711A5F8E7E6564A4D0FBC90 ] C:\Windows\System32\drivers\swenum.sys
14:11:38.0040 4428 C:\Windows\System32\drivers\swenum.sys - ok
14:11:38.0040 4428 [ DC54A574663A895C8763AF0FA1FF7561 ] C:\Windows\System32\drivers\umbus.sys
14:11:38.0040 4428 C:\Windows\System32\drivers\umbus.sys - ok
14:11:38.0040 4428 [ 4E4FFB09D895AA000DD56D1404F69A7E ] C:\Windows\System32\Wldap32.dll
14:11:38.0040 4428 C:\Windows\System32\Wldap32.dll - ok
14:11:38.0055 4428 [ 044FE45FFD6AD40E3BBBE60B7F41BABE ] C:\Windows\System32\nsi.dll
14:11:38.0055 4428 C:\Windows\System32\nsi.dll - ok
14:11:38.0055 4428 [ 287C6C9410B111B68B52CA298F7B8C24 ] C:\Windows\System32\drivers\usbhub.sys
14:11:38.0055 4428 C:\Windows\System32\drivers\usbhub.sys - ok
14:11:38.0055 4428 [ 015C0D8E0E0421B4CFD48CFFE2825879 ] C:\Windows\System32\drivers\ndproxy.sys
14:11:38.0055 4428 C:\Windows\System32\drivers\ndproxy.sys - ok
14:11:38.0071 4428 [ 21D26064AEDB4988F785BB4A3A2C051E ] C:\Windows\System32\drivers\drmk.sys
14:11:38.0071 4428 C:\Windows\System32\drivers\drmk.sys - ok
14:11:38.0071 4428 [ E02B26650ACC2F4901342D4A66774AD7 ] C:\Windows\System32\drivers\AtihdW76.sys
14:11:38.0071 4428 C:\Windows\System32\drivers\AtihdW76.sys - ok
14:11:38.0071 4428 [ 6869281E78CB31A43E969F06B57347C4 ] C:\Windows\System32\drivers\ksthunk.sys
14:11:38.0071 4428 C:\Windows\System32\drivers\ksthunk.sys - ok
14:11:38.0087 4428 [ 32E11315B5126921FFD9074840EF13D3 ] C:\Windows\System32\drivers\portcls.sys
14:11:38.0087 4428 C:\Windows\System32\drivers\portcls.sys - ok
14:11:38.0087 4428 [ 975761C778E33CD22498059B91E7373A ] C:\Windows\System32\drivers\HdAudio.sys
14:11:38.0087 4428 C:\Windows\System32\drivers\HdAudio.sys - ok
14:11:38.0087 4428 [ 1084AA52CCC324EA54C7121FA24C2221 ] C:\Windows\System32\gdi32.dll
14:11:38.0087 4428 C:\Windows\System32\gdi32.dll - ok
14:11:38.0102 4428 [ FF4232A1A64012BAA1FD97C7B67DF593 ] C:\Windows\System32\drivers\udfs.sys
14:11:38.0102 4428 C:\Windows\System32\drivers\udfs.sys - ok
14:11:38.0102 4428 [ 5D8E6C95156ED1F79A63D1EADE6F9ED5 ] C:\Windows\System32\setupapi.dll
14:11:38.0102 4428 C:\Windows\System32\setupapi.dll - ok
14:11:38.0102 4428 [ 1DC3504CA4C57900F1557E9A3F01D272 ] C:\Windows\System32\kernel32.dll
14:11:38.0102 4428 C:\Windows\System32\kernel32.dll - ok
14:11:38.0102 4428 [ 6DF46D2BD74E3DA1B45F08F10D172732 ] C:\Windows\System32\advapi32.dll
14:11:38.0102 4428 C:\Windows\System32\advapi32.dll - ok
14:11:38.0118 4428 [ D87E1E59C73C1F98D5DED5B3850C40F5 ] C:\Windows\System32\psapi.dll
14:11:38.0118 4428 C:\Windows\System32\psapi.dll - ok
14:11:38.0118 4428 [ 28C0B5024F5C5A438E78B188CFC81B7F ] C:\Windows\System32\normaliz.dll
14:11:38.0118 4428 C:\Windows\System32\normaliz.dll - ok
14:11:38.0118 4428 [ C06B32165E23A72A898B7A89679AD754 ] C:\Windows\System32\oleaut32.dll
14:11:38.0118 4428 C:\Windows\System32\oleaut32.dll - ok
14:11:38.0133 4428 [ 0611473C1AD9E2D991CD9482068417F7 ] C:\Windows\System32\rpcrt4.dll
14:11:38.0133 4428 C:\Windows\System32\rpcrt4.dll - ok
14:11:38.0133 4428 [ 83404DCBCE4925B6A5A77C5170F46D86 ] C:\Windows\System32\sechost.dll
14:11:38.0133 4428 C:\Windows\System32\sechost.dll - ok
14:11:38.0133 4428 [ F7CE0C81C545364020ED8203CF0A633E ] C:\Windows\System32\difxapi.dll
14:11:38.0133 4428 C:\Windows\System32\difxapi.dll - ok
14:11:38.0149 4428 [ C41A504715F1BC09105D1FE8B46E9B2C ] C:\Windows\System32\iertutil.dll
14:11:38.0149 4428 C:\Windows\System32\iertutil.dll - ok
14:11:38.0149 4428 [ 7E04D13661FB771CA4FDBB836AD0BA49 ] C:\Windows\System32\wininet.dll
14:11:38.0149 4428 C:\Windows\System32\wininet.dll - ok
14:11:38.0149 4428 [ 2F8B1E3EE3545D3B5A8D56FA1AE07B65 ] C:\Windows\System32\usp10.dll
14:11:38.0149 4428 C:\Windows\System32\usp10.dll - ok
14:11:38.0165 4428 [ C6689007B3A749C49A5438DCF36E0CE4 ] C:\Windows\System32\shell32.dll
14:11:38.0165 4428 C:\Windows\System32\shell32.dll - ok
14:11:38.0165 4428 [ AA2C08CE85653B1A0D2E4AB407FA176C ] C:\Windows\System32\imm32.dll
14:11:38.0165 4428 C:\Windows\System32\imm32.dll - ok
14:11:38.0165 4428 [ D202223587518B13D72D68937B7E3F70 ] C:\Windows\System32\lpk.dll
14:11:38.0165 4428 C:\Windows\System32\lpk.dll - ok
14:11:38.0180 4428 [ C431EAF5CAA1C82CAC2534A2EAB348A3 ] C:\Windows\System32\msctf.dll
14:11:38.0180 4428 C:\Windows\System32\msctf.dll - ok
14:11:38.0180 4428 [ EAF32CB8C1F810E4715B4DFBE785C7FF ] C:\Windows\System32\shlwapi.dll
14:11:38.0180 4428 C:\Windows\System32\shlwapi.dll - ok
14:11:38.0180 4428 [ 74E96226CB92225E40AACC0E42D27AC0 ] C:\Windows\System32\urlmon.dll
14:11:38.0180 4428 C:\Windows\System32\urlmon.dll - ok
14:11:38.0180 4428 [ 25983DE69B57142039AC8D95E71CD9C9 ] C:\Windows\System32\clbcatq.dll
14:11:38.0180 4428 C:\Windows\System32\clbcatq.dll - ok
14:11:38.0196 4428 [ 9835E63E09F824D22B689D2BB789BAB9 ] C:\Windows\System32\comdlg32.dll
14:11:38.0196 4428 C:\Windows\System32\comdlg32.dll - ok
14:11:38.0196 4428 [ 6C60B5ACA7442EFB794082CDACFC001C ] C:\Windows\System32\ole32.dll
14:11:38.0196 4428 C:\Windows\System32\ole32.dll - ok
14:11:38.0196 4428 [ A1BE6A720D02E37F72E9CD89AE9CB3CF ] C:\Windows\System32\imagehlp.dll
14:11:38.0196 4428 C:\Windows\System32\imagehlp.dll - ok
14:11:38.0211 4428 [ FE70103391A64039A921DBFFF9C7AB1B ] C:\Windows\System32\user32.dll
14:11:38.0211 4428 C:\Windows\System32\user32.dll - ok
14:11:38.0211 4428 [ 4BBFA57F594F7E8A8EDC8F377184C3F0 ] C:\Windows\System32\ws2_32.dll
14:11:38.0211 4428 C:\Windows\System32\ws2_32.dll - ok
14:11:38.0211 4428 [ C391FC68282A000CDF953F8B6B55D2EF ] C:\Windows\System32\msvcrt.dll
14:11:38.0211 4428 C:\Windows\System32\msvcrt.dll - ok
14:11:38.0227 4428 [ 06FEC9E8117103BB1141A560E98077DA ] C:\Windows\System32\devobj.dll
14:11:38.0227 4428 C:\Windows\System32\devobj.dll - ok
14:11:38.0227 4428 [ 12EE6FE9268CEE6D90FDCCBF89236C65 ] C:\Windows\System32\crypt32.dll
14:11:38.0227 4428 C:\Windows\System32\crypt32.dll - ok
14:11:38.0227 4428 [ 2477A28081BDAEE622CF045ACF8EE124 ] C:\Windows\System32\cfgmgr32.dll
14:11:38.0227 4428 C:\Windows\System32\cfgmgr32.dll - ok
14:11:38.0243 4428 [ 14DFDEAF4E589ED3F1FF187A86B9408C ] C:\Windows\System32\comctl32.dll
14:11:38.0243 4428 C:\Windows\System32\comctl32.dll - ok
14:11:38.0243 4428 [ AA06902362B1422D7A7DA7061E07C624 ] C:\Windows\System32\wintrust.dll
14:11:38.0243 4428 C:\Windows\System32\wintrust.dll - ok
14:11:38.0243 4428 [ 6F2E324703E6D22B9934C33DA48F1F01 ] C:\Windows\System32\KernelBase.dll
14:11:38.0243 4428 C:\Windows\System32\KernelBase.dll - ok
14:11:38.0258 4428 [ 884415BD4269C02EAF8E2613BF85500D ] C:\Windows\System32\msasn1.dll
14:11:38.0258 4428 C:\Windows\System32\msasn1.dll - ok
14:11:38.0258 4428 [ CCA2AB1752A61F29C3C941CD79D78CEA ] C:\Windows\System32\drivers\usbd.sys
14:11:38.0258 4428 C:\Windows\System32\drivers\usbd.sys - ok
14:11:38.0258 4428 [ 6F1A3157A1C89435352CEB543CDB359C ] C:\Windows\System32\drivers\usbccgp.sys
14:11:38.0258 4428 C:\Windows\System32\drivers\usbccgp.sys - ok
14:11:38.0274 4428 [ 9C278785347BCC991F8EA2999D90F58D ] C:\Windows\SysWOW64\normaliz.dll
14:11:38.0274 4428 C:\Windows\SysWOW64\normaliz.dll - ok
14:11:38.0274 4428 [ 8B0E40E7E8BBF5ACF390465609D89FF1 ] C:\Windows\System32\drivers\hidclass.sys
14:11:38.0274 4428 C:\Windows\System32\drivers\hidclass.sys - ok
14:11:38.0274 4428 [ 49EE2E52E6CD03947DAD72F65367BE06 ] C:\Windows\System32\drivers\hidparse.sys
14:11:38.0274 4428 C:\Windows\System32\drivers\hidparse.sys - ok
14:11:38.0289 4428 [ 9592090A7E2B61CD582B612B6DF70536 ] C:\Windows\System32\drivers\hidusb.sys
14:11:38.0289 4428 C:\Windows\System32\drivers\hidusb.sys - ok
14:11:38.0289 4428 [ 0705EFF5B42A9DB58548EEC3B26BB484 ] C:\Windows\System32\drivers\kbdhid.sys
14:11:38.0289 4428 C:\Windows\System32\drivers\kbdhid.sys - ok
14:11:38.0289 4428 [ BF24D6F2ED97FE830BFD52B246F98E67 ] C:\Windows\System32\drivers\dxapi.sys
14:11:38.0289 4428 C:\Windows\System32\drivers\dxapi.sys - ok
14:11:38.0289 4428 [ C58923115CDE6071C3BF2FF063546E9F ] C:\Windows\System32\win32k.sys
14:11:38.0289 4428 C:\Windows\System32\win32k.sys - ok
14:11:38.0305 4428 [ D3BF052C40B0C4166D9FD86A4288C1E6 ] C:\Windows\System32\drivers\mouhid.sys
14:11:38.0305 4428 C:\Windows\System32\drivers\mouhid.sys - ok
14:11:38.0305 4428 [ BA0CD8C393E8C9F83354106093832C7B ] C:\Windows\System32\basesrv.dll
14:11:38.0305 4428 C:\Windows\System32\basesrv.dll - ok
14:11:38.0305 4428 [ 96F587CA26A6AA894BD8CACE4540CFFC ] C:\Windows\System32\csrsrv.dll
14:11:38.0305 4428 C:\Windows\System32\csrsrv.dll - ok
14:11:38.0321 4428 [ 60C2862B4BF0FD9F582EF344C2B1EC72 ] C:\Windows\System32\csrss.exe
14:11:38.0321 4428 C:\Windows\System32\csrss.exe - ok
14:11:38.0321 4428 [ FED648B01349A3C8395A5169DB5FB7D6 ] C:\Windows\System32\drivers\USBSTOR.SYS
14:11:38.0321 4428 C:\Windows\System32\drivers\USBSTOR.SYS - ok
14:11:38.0321 4428 [ 72CC564BBC70DE268784BCE91EB8A28F ] C:\Windows\System32\winsrv.dll
14:11:38.0321 4428 C:\Windows\System32\winsrv.dll - ok
14:11:38.0336 4428 [ B03D591DC7DA45ECE20B3B467E6AADAA ] C:\Windows\System32\drivers\monitor.sys
14:11:38.0336 4428 C:\Windows\System32\drivers\monitor.sys - ok
14:11:38.0336 4428 [ D6160F9D869BA3AF0B787F971DB56368 ] C:\Windows\System32\sxssrv.dll
14:11:38.0336 4428 C:\Windows\System32\sxssrv.dll - ok
14:11:38.0336 4428 [ F29FE765E1448EF371CFE05BFAC74ADB ] C:\Windows\System32\tsddd.dll
14:11:38.0336 4428 C:\Windows\System32\tsddd.dll - ok
14:11:38.0352 4428 [ 2C942733A5983DD4502219FF37C7EBC7 ] C:\Windows\System32\profapi.dll
14:11:38.0352 4428 C:\Windows\System32\profapi.dll - ok
14:11:38.0352 4428 [ 94355C28C1970635A31B3FE52EB7CEBA ] C:\Windows\System32\wininit.exe
14:11:38.0352 4428 C:\Windows\System32\wininit.exe - ok
14:11:38.0352 4428 [ C2A8CB1275ECB85D246A9ECC02A728E3 ] C:\Windows\System32\RpcRtRemote.dll
14:11:38.0352 4428 C:\Windows\System32\RpcRtRemote.dll - ok
14:11:38.0367 4428 [ 78523A26F5604C0568FE9D1CE86E36F4 ] C:\Windows\System32\KBDUS.DLL
14:11:38.0367 4428 C:\Windows\System32\KBDUS.DLL - ok
14:11:38.0367 4428 [ 05569A79BF4693670B709144382D02D4 ] C:\Windows\System32\cdd.dll
14:11:38.0367 4428 C:\Windows\System32\cdd.dll - ok
14:11:38.0367 4428 [ B26B1801356760841C3BC69F9F91537F ] C:\Windows\System32\WlS0WndH.dll
14:11:38.0367 4428 C:\Windows\System32\WlS0WndH.dll - ok
14:11:38.0383 4428 [ 9CEAD32E79A62150FE9F8557E58E008B ] C:\Windows\System32\sxs.dll
14:11:38.0383 4428 C:\Windows\System32\sxs.dll - ok
14:11:38.0383 4428 [ 784FA3DF338E2E8F5F0389D6FAC428AF ] C:\Windows\System32\cryptbase.dll
14:11:38.0383 4428 C:\Windows\System32\cryptbase.dll - ok
14:11:38.0383 4428 [ 90499F3163A9F815CF196A205EA3CD5D ] C:\Windows\System32\apphelp.dll
14:11:38.0383 4428 C:\Windows\System32\apphelp.dll - ok
14:11:38.0383 4428 [ 9662EE182644511439F1C53745DC1C88 ] C:\Windows\System32\lsm.exe
14:11:38.0383 4428 C:\Windows\System32\lsm.exe - ok
14:11:38.0399 4428 [ E914A50A151DFFE63D3935226DB5E2C1 ] C:\Windows\System32\scext.dll
14:11:38.0399 4428 C:\Windows\System32\scext.dll - ok
14:11:38.0399 4428 [ 24ACB7E5BE595468E3B9AA488B9B4FCB ] C:\Windows\System32\services.exe
14:11:38.0399 4428 C:\Windows\System32\services.exe - ok
14:11:38.0399 4428 [ B66BC8B20B7F33975865B1DF99783FD8 ] C:\Windows\System32\sspicli.dll
14:11:38.0399 4428 C:\Windows\System32\sspicli.dll - ok
14:11:38.0414 4428 [ 66A6063D0BAAD3F7B2B9868859E0743B ] C:\Windows\System32\lsasrv.dll
14:11:38.0414 4428 C:\Windows\System32\lsasrv.dll - ok
14:11:38.0414 4428 [ C118A82CD78818C29AB228366EBF81C3 ] C:\Windows\System32\lsass.exe
14:11:38.0414 4428 C:\Windows\System32\lsass.exe - ok
14:11:38.0414 4428 [ BBCDF350817BA86416C0F06B6981BE8D ] C:\Windows\System32\scesrv.dll
14:11:38.0414 4428 C:\Windows\System32\scesrv.dll - ok
14:11:38.0430 4428 [ 0144D8D75A0B12938AEEE859E3310A46 ] C:\Windows\System32\secur32.dll
14:11:38.0430 4428 C:\Windows\System32\secur32.dll - ok
14:11:38.0430 4428 [ 3A0CE5FE781708CD6ABD55313607EC8B ] C:\Windows\System32\sspisrv.dll
14:11:38.0430 4428 C:\Windows\System32\sspisrv.dll - ok
14:11:38.0430 4428 [ 68083118797CAF30FB2EA3E71494D67E ] C:\Windows\System32\sysntfy.dll
14:11:38.0430 4428 C:\Windows\System32\sysntfy.dll - ok
14:11:38.0445 4428 [ DEE7267C5D232A3B816866872CE199E6 ] C:\Windows\System32\wmsgapi.dll
14:11:38.0445 4428 C:\Windows\System32\wmsgapi.dll - ok
14:11:38.0445 4428 [ A744BA6E04C8AA4592818178DBF89521 ] C:\Windows\System32\samsrv.dll
14:11:38.0445 4428 C:\Windows\System32\samsrv.dll - ok
14:11:38.0445 4428 [ 3A9C9BAF610B0DD4967086040B3B62A9 ] C:\Windows\System32\srvcli.dll
14:11:38.0445 4428 C:\Windows\System32\srvcli.dll - ok
14:11:38.0445 4428 [ 2D066FBE63F7026C43C662C094B98076 ] C:\Windows\System32\bridgeres.dll
14:11:38.0445 4428 C:\Windows\System32\bridgeres.dll - ok
14:11:38.0461 4428 [ 3A061472B38233BAFF9CFEFF2E49C46B ] C:\Windows\System32\cryptdll.dll
14:11:38.0461 4428 C:\Windows\System32\cryptdll.dll - ok
14:11:38.0461 4428 [ 3C073B0C596A0AF84933E7406766B040 ] C:\Windows\System32\wevtapi.dll
14:11:38.0461 4428 C:\Windows\System32\wevtapi.dll - ok
14:11:38.0461 4428 [ 7FBEBD2229EA5FD48D41B199EC2D541C ] C:\Windows\System32\authz.dll
14:11:38.0461 4428 C:\Windows\System32\authz.dll - ok
14:11:38.0477 4428 [ 86FE1B1F8FD42CD0DB641AB1CDB13093 ] C:\Windows\System32\cngaudit.dll
14:11:38.0477 4428 C:\Windows\System32\cngaudit.dll - ok
14:11:38.0477 4428 [ 400645085A91BF3EB0271329B95AE0BE ] C:\Windows\System32\ncrypt.dll
14:11:38.0477 4428 C:\Windows\System32\ncrypt.dll - ok
14:11:38.0477 4428 [ B9A95365E52F421A20E1501935FADDA5 ] C:\Windows\System32\bcrypt.dll
14:11:38.0477 4428 C:\Windows\System32\bcrypt.dll - ok
14:11:38.0492 4428 [ 02B64609F865A39365FF88580DF11738 ] C:\Windows\System32\msprivs.dll
14:11:38.0492 4428 C:\Windows\System32\msprivs.dll - ok
14:11:38.0492 4428 [ 1151B1BAA6F350B1DB6598E0FEA7C457 ] C:\Windows\System32\winlogon.exe
14:11:38.0492 4428 C:\Windows\System32\winlogon.exe - ok
14:11:38.0492 4428 [ C6505DE3561537BA1004D638C2F93F2F ] C:\Windows\System32\netjoin.dll
14:11:38.0492 4428 C:\Windows\System32\netjoin.dll - ok
14:11:38.0492 4428 [ 0D9764D58C5EFD672B7184854B152E5E ] C:\Windows\System32\winsta.dll
14:11:38.0492 4428 C:\Windows\System32\winsta.dll - ok
14:11:38.0508 4428 [ 44E1A196DFCB53B01FE4B855C3B56A15 ] C:\Windows\System32\kerberos.dll
14:11:38.0508 4428 C:\Windows\System32\kerberos.dll - ok
14:11:38.0508 4428 [ 50532FCD7ECF02DD169CE5C485F02534 ] C:\Windows\System32\negoexts.dll
14:11:38.0508 4428 C:\Windows\System32\negoexts.dll - ok
14:11:38.0508 4428 [ D0C2FBB6D97416B0166478FC7AE2B212 ] C:\Windows\System32\cryptsp.dll
14:11:38.0508 4428 C:\Windows\System32\cryptsp.dll - ok
14:11:38.0523 4428 [ 1D5185A4C7E6695431AE4B55C3D7D333 ] C:\Windows\System32\mswsock.dll
14:11:38.0523 4428 C:\Windows\System32\mswsock.dll - ok
14:11:38.0523 4428 [ 94E026870A55AAEAFF7853C1754091E9 ] C:\Windows\System32\version.dll
14:11:38.0523 4428 C:\Windows\System32\version.dll - ok
14:11:38.0523 4428 [ EC7CBFF96B05ECF3D366355B3C64ADCF ] C:\Windows\System32\wship6.dll
14:11:38.0523 4428 C:\Windows\System32\wship6.dll - ok
14:11:38.0539 4428 [ EF12B8385AA2849999008A977918F96B ] C:\Windows\System32\msv1_0.dll
14:11:38.0539 4428 C:\Windows\System32\msv1_0.dll - ok
14:11:38.0539 4428 [ AA339DD8BB128EF66660DFBBB59043D3 ] C:\Windows\System32\netlogon.dll
14:11:38.0539 4428 C:\Windows\System32\netlogon.dll - ok
14:11:38.0539 4428 [ 492D07D79E7024CA310867B526D9636D ] C:\Windows\System32\dnsapi.dll
14:11:38.0539 4428 C:\Windows\System32\dnsapi.dll - ok
14:11:38.0555 4428 [ 8FFE297B8449386E7B6851458B6E474E ] C:\Windows\System32\logoncli.dll
14:11:38.0555 4428 C:\Windows\System32\logoncli.dll - ok
14:11:38.0555 4428 [ 1573C45E65DE32B1BC3572634F8F1E8E ] C:\Windows\System32\schannel.dll
14:11:38.0555 4428 C:\Windows\System32\schannel.dll - ok
14:11:38.0555 4428 [ 95FB6CA4374E343DDD653FCC43F9D26B ] C:\Windows\System32\wdigest.dll
14:11:38.0555 4428 C:\Windows\System32\wdigest.dll - ok
14:11:38.0570 4428 [ 5D8874A8C11DDDDE29E12DE0E2013493 ] C:\Windows\System32\rsaenh.dll
14:11:38.0570 4428 C:\Windows\System32\rsaenh.dll - ok
14:11:38.0570 4428 [ 8A25506B6948EFBD5A7F37E53CCD36D9 ] C:\Windows\System32\TSpkg.dll
14:11:38.0570 4428 C:\Windows\System32\TSpkg.dll - ok
14:11:38.0570 4428 [ E08088A97F95345E181C3DFCE2C615EF ] C:\Windows\System32\pku2u.dll
14:11:38.0570 4428 C:\Windows\System32\pku2u.dll - ok
14:11:38.0586 4428 [ 55C892560C1B42BC57FB61AEFCED2F22 ] C:\Windows\System32\LIVESSP.DLL
14:11:38.0586 4428 C:\Windows\System32\LIVESSP.DLL - ok
14:11:38.0586 4428 [ D6C7780A364C6BBACFA796BAB9F1B374 ] C:\Windows\System32\bcryptprimitives.dll
14:11:38.0586 4428 C:\Windows\System32\bcryptprimitives.dll - ok
14:11:38.0586 4428 [ 90BDEFC5DF334E5100EAA781D798DE1A ] C:\Windows\System32\efslsaext.dll
14:11:38.0586 4428 C:\Windows\System32\efslsaext.dll - ok
14:11:38.0586 4428 [ 52D3D5E3586988D4D9E34ACAAC33105C ] C:\Windows\System32\credssp.dll
14:11:38.0586 4428 C:\Windows\System32\credssp.dll - ok
14:11:38.0601 4428 [ ED78427259134C63ED69804D2132B86C ] C:\Windows\System32\scecli.dll
14:11:38.0601 4428 C:\Windows\System32\scecli.dll - ok
14:11:38.0601 4428 [ 7CC7DF5B654DA579613F811D8C637E29 ] C:\Windows\System32\ubpm.dll
14:11:38.0601 4428 C:\Windows\System32\ubpm.dll - ok
14:11:38.0601 4428 [ C78655BC80301D76ED4FEF1C1EA40A7D ] C:\Windows\System32\svchost.exe
14:11:38.0601 4428 C:\Windows\System32\svchost.exe - ok
14:11:38.0617 4428 [ E6EB44ABAAF1F330119F854856C53EBE ] C:\Windows\System32\SPInf.dll
14:11:38.0617 4428 C:\Windows\System32\SPInf.dll - ok
14:11:38.0617 4428 [ 25FBDEF06C4D92815B353F6E792C8129 ] C:\Windows\System32\umpnpmgr.dll
14:11:38.0617 4428 C:\Windows\System32\umpnpmgr.dll - ok
14:11:38.0617 4428 [ CD1B5AD07E5F7FEF30E055DCC9E96180 ] C:\Windows\System32\devrtl.dll
14:11:38.0617 4428 C:\Windows\System32\devrtl.dll - ok
14:11:38.0633 4428 [ 9C9307C95671AC962F3D6EB3A4A89BAE ] C:\Windows\System32\gpapi.dll
14:11:38.0633 4428 C:\Windows\System32\gpapi.dll - ok
14:11:38.0633 4428 [ 7A17485DC7D8A7AC81321A42CD034519 ] C:\Windows\System32\userenv.dll
14:11:38.0633 4428 C:\Windows\System32\userenv.dll - ok
14:11:38.0633 4428 [ F6C011B46FAEEF33536B2E80F48B5CBE ] C:\Windows\System32\pcwum.dll
14:11:38.0633 4428 C:\Windows\System32\pcwum.dll - ok
14:11:38.0648 4428 [ 6BA9D927DDED70BD1A9CADED45F8B184 ] C:\Windows\System32\umpo.dll
14:11:38.0648 4428 C:\Windows\System32\umpo.dll - ok
14:11:38.0648 4428 [ 716175021BDA290504CE434273F666BC ] C:\Windows\System32\powrprof.dll
14:11:38.0648 4428 C:\Windows\System32\powrprof.dll - ok
14:11:38.0648 4428 [ 43D0F98E1D56CCDDB0D5254CFF7B356E ] C:\Windows\System32\drivers\luafv.sys
14:11:38.0648 4428 C:\Windows\System32\drivers\luafv.sys - ok
14:11:38.0664 4428 [ B50CDD87772D6A11CB90924AAD399DF8 ] C:\Windows\System32\drivers\aswMonFlt.sys
14:11:38.0664 4428 C:\Windows\System32\drivers\aswMonFlt.sys - ok
14:11:38.0664 4428 [ 56139566E462C1FB1775E140D4EE6B22 ] C:\Program Files (x86)\COMODO\COMODO livePCsupport\CLPSLS.exe
14:11:38.0664 4428 C:\Program Files (x86)\COMODO\COMODO livePCsupport\CLPSLS.exe - ok
14:11:38.0664 4428 [ E73B0F1819602CB6EF176FB78D76A47B ] C:\Windows\SysWOW64\ntdll.dll
14:11:38.0664 4428 C:\Windows\SysWOW64\ntdll.dll - ok
14:11:38.0679 4428 [ 15B30F15BD13640B337A0FC37BD48CDE ] C:\Windows\System32\wow64.dll
14:11:38.0679 4428 C:\Windows\System32\wow64.dll - ok
14:11:38.0679 4428 [ 2970785A72054740E1A5DCEB32485486 ] C:\Windows\System32\wow64win.dll
14:11:38.0679 4428 C:\Windows\System32\wow64win.dll - ok
14:11:38.0679 4428 [ 98168B9B0656A01A321FF1BECB2C03E1 ] C:\Windows\System32\wow64cpu.dll
14:11:38.0679 4428 C:\Windows\System32\wow64cpu.dll - ok
14:11:38.0695 4428 [ D4F3176082566CEFA633B4945802D4C4 ] C:\Windows\SysWOW64\kernel32.dll
14:11:38.0695 4428 C:\Windows\SysWOW64\kernel32.dll - ok
14:11:38.0695 4428 [ 95E2376B3323F062EB562B8586D0F14A ] C:\Windows\SysWOW64\advapi32.dll
14:11:38.0695 4428 C:\Windows\SysWOW64\advapi32.dll - ok
14:11:38.0695 4428 [ 0978C2B33BDD0A7E6C563AA337DC8BA0 ] C:\Windows\SysWOW64\KernelBase.dll
14:11:38.0695 4428 C:\Windows\SysWOW64\KernelBase.dll - ok
14:11:38.0711 4428 [ 9DC80A8AAAAAC397BDAB3C67165A824E ] C:\Windows\SysWOW64\msvcrt.dll
14:11:38.0711 4428 C:\Windows\SysWOW64\msvcrt.dll - ok
14:11:38.0711 4428 [ C5AD8083CF94201F1F8084ECC696A8B7 ] C:\Windows\SysWOW64\rpcrt4.dll
14:11:38.0711 4428 C:\Windows\SysWOW64\rpcrt4.dll - ok
14:11:38.0711 4428 [ CFC97F07904067A1E5FAE195D534DA3A ] C:\Windows\SysWOW64\sechost.dll
14:11:38.0711 4428 C:\Windows\SysWOW64\sechost.dll - ok
14:11:38.0711 4428 [ 4FCAEF0C5BE7629AEB878998E0FE959B ] C:\Windows\System32\drivers\aswFsBlk.sys
14:11:38.0711 4428 C:\Windows\System32\drivers\aswFsBlk.sys - ok
14:11:38.0726 4428 [ F08F6FCD09F9BE94C37ACC1B344685FF ] C:\Windows\SysWOW64\cryptbase.dll
14:11:38.0726 4428 C:\Windows\SysWOW64\cryptbase.dll - ok
14:11:38.0726 4428 [ C733D233B623B7FFCE5031E4B756EE26 ] C:\Windows\SysWOW64\profapi.dll
14:11:38.0726 4428 C:\Windows\SysWOW64\profapi.dll - ok
14:11:38.0726 4428 [ EDA7AD21DF8945528F01F0A86D69E524 ] C:\Windows\SysWOW64\sspicli.dll
14:11:38.0726 4428 C:\Windows\SysWOW64\sspicli.dll - ok
14:11:38.0742 4428 [ D15618A0FF8DBC2C5BF3726BACC75A0B ] C:\Windows\SysWOW64\userenv.dll
14:11:38.0742 4428 C:\Windows\SysWOW64\userenv.dll - ok
14:11:38.0742 4428 [ 6A6B2EE4565A178035BE2A4FF6F2C968 ] C:\Windows\SysWOW64\wtsapi32.dll
14:11:38.0742 4428 C:\Windows\SysWOW64\wtsapi32.dll - ok
14:11:38.0742 4428 [ 5C627D1B1138676C0A7AB2C2C190D123 ] C:\Windows\System32\rpcss.dll
14:11:38.0742 4428 C:\Windows\System32\rpcss.dll - ok
14:11:38.0757 4428 [ E4DC58CF7B3EA515AE917FF0D402A7BB ] C:\Windows\System32\RpcEpMap.dll
14:11:38.0757 4428 C:\Windows\System32\RpcEpMap.dll - ok
14:11:38.0757 4428 [ 31559F3244C6BC00A52030CAA83B6B91 ] C:\Windows\System32\WSHTCPIP.DLL
14:11:38.0757 4428 C:\Windows\System32\WSHTCPIP.DLL - ok
14:11:38.0757 4428 [ 16E964ABF6D1E0F0CC7822FCA9BA754D ] C:\Windows\System32\wshqos.dll
14:11:38.0757 4428 C:\Windows\System32\wshqos.dll - ok
14:11:38.0773 4428 [ 65FB5097D9EE7E3A99E932CFA0E4B344 ] C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe
14:11:38.0773 4428 C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe - ok
14:11:38.0773 4428 [ 9AD9E06F8656F296D91FAE8EE5B95A27 ] C:\Windows\System32\FirewallAPI.dll
14:11:38.0773 4428 C:\Windows\System32\FirewallAPI.dll - ok
14:11:38.0773 4428 [ 715F03B4C7223349768013EA95D9E5B7 ] C:\Windows\System32\LogonUI.exe
14:11:38.0773 4428 C:\Windows\System32\LogonUI.exe - ok
14:11:38.0789 4428 [ 1F4492FE41767CDB8B89D17655847CDD ] C:\Windows\System32\ntmarta.dll
14:11:38.0789 4428 C:\Windows\System32\ntmarta.dll - ok
14:11:38.0789 4428 [ 0BEE002C68E28CE6DA161DCF1376D7D7 ] C:\Windows\System32\authui.dll
14:11:38.0789 4428 C:\Windows\System32\authui.dll - ok
14:11:38.0789 4428 [ A7A8CA53D9C9FD90C07AB0EB38E5316B ] C:\Windows\System32\dbghelp.dll
14:11:38.0789 4428 C:\Windows\System32\dbghelp.dll - ok
14:11:38.0804 4428 [ F3D202F53A222D5F6944D459B73CF967 ] C:\Windows\System32\fltLib.dll
14:11:38.0804 4428 C:\Windows\System32\fltLib.dll - ok
14:11:38.0804 4428 [ BD3674BE7FC9D8D3732C83E8499576ED ] C:\Windows\System32\wtsapi32.dll
14:11:38.0804 4428 C:\Windows\System32\wtsapi32.dll - ok
14:11:38.0804 4428 [ 5EB6E9C8BE1ACC5830780E0F9A846255 ] C:\Windows\System32\msi.dll
14:11:38.0804 4428 C:\Windows\System32\msi.dll - ok
14:11:38.0820 4428 [ EF2AE43BCD46ABB13FC3E5B2B1935C73 ] C:\Windows\System32\winmm.dll
14:11:38.0820 4428 C:\Windows\System32\winmm.dll - ok
14:11:38.0820 4428 [ EEEA40F0EDB0A6E5359E539E15D0BC77 ] C:\Windows\System32\netapi32.dll
14:11:38.0820 4428 C:\Windows\System32\netapi32.dll - ok
14:11:38.0820 4428 [ 6CECA4C6A489C9B2E6073AFDAAE3F607 ] C:\Windows\System32\netutils.dll
14:11:38.0820 4428 C:\Windows\System32\netutils.dll - ok
14:11:38.0835 4428 [ 3C91392D448F6E5D525A85B7550D8BA9 ] C:\Windows\System32\wkscli.dll
14:11:38.0835 4428 C:\Windows\System32\wkscli.dll - ok
14:11:38.0835 4428 [ 6CEF7856A3EFAC59470F6208F0F585CE ] C:\Windows\System32\mpr.dll
14:11:38.0835 4428 C:\Windows\System32\mpr.dll - ok
14:11:38.0835 4428 [ CF636C92B762B26F0B39B38E92380A09 ] C:\Windows\System32\oleacc.dll
14:11:38.0835 4428 C:\Windows\System32\oleacc.dll - ok
14:11:38.0851 4428 [ 0015ACFBBDD164A8A730009908868CA7 ] C:\Windows\System32\winspool.drv
14:11:38.0851 4428 C:\Windows\System32\winspool.drv - ok
14:11:38.0851 4428 [ 14DFDEAF4E589ED3F1FF187A86B9408C ] C:\Windows\winsxs\amd64_microsoft.windows.common-controls_6595b64144ccf1df_5.82.7601.17514_none_a4d6a923711520a9\comctl32.dll
14:11:38.0851 4428 C:\Windows\winsxs\amd64_microsoft.windows.common-controls_6595b64144ccf1df_5.82.7601.17514_none_a4d6a923711520a9\comctl32.dll - ok
14:11:38.0851 4428 [ 019CD868461B646E09BDF04474C19341 ] C:\Windows\System32\rasapi32.dll
14:11:38.0851 4428 C:\Windows\System32\rasapi32.dll - ok
14:11:38.0867 4428 [ B28DEEC597C8DEB70C744C7CF9210E3E ] C:\Windows\System32\rasman.dll
14:11:38.0867 4428 C:\Windows\System32\rasman.dll - ok
14:11:38.0867 4428 [ 9DB705936111BB34B11BB3EEB345AAF6 ] C:\Program Files\COMODO\COMODO Internet Security\framework.dll
14:11:38.0867 4428 C:\Program Files\COMODO\COMODO Internet Security\framework.dll - ok
14:11:38.0867 4428 [ DEAFA4336865C8667B8DAC16D62DBEDC ] C:\Program Files\COMODO\COMODO Internet Security\scanners\rkdscan.dll
14:11:38.0867 4428 C:\Program Files\COMODO\COMODO Internet Security\scanners\rkdscan.dll - ok
14:11:38.0882 4428 [ 9C01375BE382E834CC26D1B7EAF2C4FE ] C:\Windows\System32\cryptsvc.dll
14:11:38.0882 4428 C:\Windows\System32\cryptsvc.dll - ok
14:11:38.0882 4428 [ 666A60F6F5E719856FF6254E0966EFF7 ] C:\Windows\System32\wbem\wbemprox.dll
14:11:38.0882 4428 C:\Windows\System32\wbem\wbemprox.dll - ok
14:11:38.0882 4428 [ 8792BAB371B4B1589E015B6FD1ED3B15 ] C:\Windows\System32\cryptnet.dll
14:11:38.0882 4428 C:\Windows\System32\cryptnet.dll - ok
14:11:38.0898 4428 [ 54716D9BB43733578A5647E9B121141F ] C:\Windows\System32\atiesrxx.exe
14:11:38.0898 4428 C:\Windows\System32\atiesrxx.exe - ok
14:11:38.0898 4428 [ 7DB5AA22A8A8E5C2D335F44853C1F6DE ] C:\Windows\System32\wbemcomn.dll
14:11:38.0898 4428 C:\Windows\System32\wbemcomn.dll - ok
14:11:38.0898 4428 [ 6011714C8C5C55CBFFAD24D61E879FBD ] C:\Windows\System32\wevtsvc.dll
14:11:38.0898 4428 C:\Windows\System32\wevtsvc.dll - ok
14:11:38.0913 4428 [ F23FEF6D569FCE88671949894A8BECF1 ] C:\Windows\System32\audiosrv.dll
14:11:38.0913 4428 C:\Windows\System32\audiosrv.dll - ok
14:11:38.0913 4428 [ 227E2C382A1E02F8D4965E664D3BBE43 ] C:\Windows\System32\MMDevAPI.dll
14:11:38.0913 4428 C:\Windows\System32\MMDevAPI.dll - ok
14:11:38.0913 4428 [ F06BB4E336EA57511FDBAFAFCC47DE62 ] C:\Windows\System32\propsys.dll
14:11:38.0913 4428 C:\Windows\System32\propsys.dll - ok
14:11:38.0929 4428 [ 78A1E65207484B7F8D3217507745F47C ] C:\Windows\System32\avrt.dll
14:11:38.0929 4428 C:\Windows\System32\avrt.dll - ok
14:11:38.0929 4428 [ E40E80D0304A73E8D269F7141D77250B ] C:\Windows\System32\mmcss.dll
14:11:38.0929 4428 C:\Windows\System32\mmcss.dll - ok
14:11:38.0929 4428 [ B3BFBD758506ECB50C5804AAA76318F9 ] C:\Windows\System32\cryptui.dll
14:11:38.0929 4428 C:\Windows\System32\cryptui.dll - ok
14:11:38.0929 4428 [ D5CCA1453B98A5801E6D5FF0FF89DC6C ] C:\Windows\System32\audiodg.exe
14:11:38.0929 4428 C:\Windows\System32\audiodg.exe - ok
14:11:38.0945 4428 [ 3AB183AB4D2C79DCF459CD2C1266B043 ] C:\Windows\System32\cscsvc.dll
14:11:38.0945 4428 C:\Windows\System32\cscsvc.dll - ok
14:11:38.0945 4428 [ 29910D50542B1AA0F162EF3339C61B6D ] C:\Windows\System32\PeerDist.dll
14:11:38.0945 4428 C:\Windows\System32\PeerDist.dll - ok
14:11:38.0945 4428 [ 277BBC7E1AA1EE957F573A10ECA7EF3A ] C:\Windows\System32\gpsvc.dll
14:11:38.0945 4428 C:\Windows\System32\gpsvc.dll - ok
14:11:38.0960 4428 [ 46BB91A169B9B31FF44EB04C48EC1D41 ] C:\Windows\System32\nlaapi.dll
14:11:38.0960 4428 C:\Windows\System32\nlaapi.dll - ok
14:11:38.0960 4428 [ BAAFAF9CEAEC0B73C2A3550A01F6CECB ] C:\Windows\System32\taskschd.dll
14:11:38.0960 4428 C:\Windows\System32\taskschd.dll - ok
14:11:38.0960 4428 [ 862596399AAFD2A21DB2AF9270CD4F70 ] C:\Windows\System32\mstask.dll
14:11:38.0960 4428 C:\Windows\System32\mstask.dll - ok
14:11:38.0976 4428 [ 58775492FFD419248B08325E583C527F ] C:\Windows\System32\atl.dll
14:11:38.0976 4428 C:\Windows\System32\atl.dll - ok
14:11:38.0976 4428 [ 53E83F1F6CF9D62F32801CF66D8352A8 ] C:\Windows\System32\profsvc.dll
14:11:38.0976 4428 C:\Windows\System32\profsvc.dll - ok
14:11:38.0976 4428 [ F0344071948D1A1FA732231785A0664C ] C:\Windows\System32\themeservice.dll
14:11:38.0976 4428 C:\Windows\System32\themeservice.dll - ok
14:11:38.0991 4428 [ A77BE7CB3222B4FB0AC6C71D1C2698D4 ] C:\Windows\System32\dsrole.dll
14:11:38.0991 4428 C:\Windows\System32\dsrole.dll - ok
14:11:38.0991 4428 [ BE097F5BB10F9079FCEB2DC4E7E20F02 ] C:\Windows\System32\slc.dll
14:11:38.0991 4428 C:\Windows\System32\slc.dll - ok
14:11:38.0991 4428 [ 4166F82BE4D24938977DD1746BE9B8A0 ] C:\Windows\System32\es.dll
14:11:38.0991 4428 C:\Windows\System32\es.dll - ok
14:11:39.0007 4428 [ 588CD0C78A7FAAE4186B5EEA0AF3ED67 ] C:\Windows\System32\adtschema.dll
14:11:39.0007 4428 C:\Windows\System32\adtschema.dll - ok
14:11:39.0007 4428 [ 1A47D52E303B7543E4E6026595B95422 ] C:\Windows\System32\comres.dll
14:11:39.0007 4428 C:\Windows\System32\comres.dll - ok
14:11:39.0007 4428 [ 4FADA86E62F18A1B2F42BA18AE24E6AA ] C:\Windows\System32\wlansvc.dll
14:11:39.0007 4428 C:\Windows\System32\wlansvc.dll - ok
14:11:39.0023 4428 [ FE05D03B73000CFF476E1D29109F3A84 ] C:\Program Files\Windows Defender\MpEvMsg.dll
14:11:39.0023 4428 C:\Program Files\Windows Defender\MpEvMsg.dll - ok
14:11:39.0023 4428 [ DA6B67270FD9DB3697B20FCE94950741 ] C:\Windows\System32\drivers\fltMgr.sys
14:11:39.0023 4428 C:\Windows\System32\drivers\fltMgr.sys - ok
14:11:39.0023 4428 [ A3DB3C17EE6CAE65D53602B4E80BCCBC ] C:\Windows\System32\PSHED.DLL
14:11:39.0023 4428 C:\Windows\System32\PSHED.DLL - ok
14:11:39.0038 4428 [ C32AB8FA018EF34C0F113BD501436D21 ] C:\Windows\System32\Sens.dll
14:11:39.0038 4428 C:\Windows\System32\Sens.dll - ok
14:11:39.0038 4428 [ 0E2F58F6E698EDCB9E58FAD0CBCD0567 ] C:\Windows\System32\vssapi.dll
14:11:39.0038 4428 C:\Windows\System32\vssapi.dll - ok
14:11:39.0038 4428 [ FC51229C7D4AFA0D6F186133728B95AB ] C:\Windows\System32\samcli.dll
14:11:39.0038 4428 C:\Windows\System32\samcli.dll - ok
14:11:39.0038 4428 [ 5B3EBFC3DA142324B388DDCC4465E1FF ] C:\Windows\System32\samlib.dll
14:11:39.0038 4428 C:\Windows\System32\samlib.dll - ok
14:11:39.0054 4428 [ 287923557447D7E4BDD7E65B1F0F5428 ] C:\Windows\System32\vsstrace.dll
14:11:39.0054 4428 C:\Windows\System32\vsstrace.dll - ok
14:11:39.0054 4428 [ 7FA8FDC2C2A27817FD0F624E78D3B50C ] C:\Windows\winsxs\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac\comctl32.dll
14:11:39.0054 4428 C:\Windows\winsxs\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac\comctl32.dll - ok
14:11:39.0054 4428 [ 4E9C2DB10F7E6AE91BF761139D4B745B ] C:\Windows\System32\shacct.dll
14:11:39.0054 4428 C:\Windows\System32\shacct.dll - ok
14:11:39.0069 4428 [ EDBB23CBCF2CDF727D64FF9B51A6070E ] C:\Windows\System32\uxsms.dll
14:11:39.0069 4428 C:\Windows\System32\uxsms.dll - ok
14:11:39.0069 4428 [ 1538831CF8AD2979A04C423779465827 ] C:\Windows\System32\drivers\lltdio.sys
14:11:39.0069 4428 C:\Windows\System32\drivers\lltdio.sys - ok
14:11:39.0069 4428 [ 136185F9FB2CC61E573E676AA5402356 ] C:\Windows\System32\drivers\ndisuio.sys
14:11:39.0069 4428 C:\Windows\System32\drivers\ndisuio.sys - ok
14:11:39.0085 4428 [ 1EA3749C4114DB3E3161156FFFFA6B33 ] C:\Windows\System32\drivers\nwifi.sys
14:11:39.0085 4428 C:\Windows\System32\drivers\nwifi.sys - ok
14:11:39.0085 4428 [ DDC86E4F8E7456261E637E3552E804FF ] C:\Windows\System32\drivers\rspndr.sys
14:11:39.0085 4428 C:\Windows\System32\drivers\rspndr.sys - ok
14:11:39.0085 4428 [ 2B81776DA02017A37FE26C662827470E ] C:\Windows\System32\IPHLPAPI.DLL
14:11:39.0085 4428 C:\Windows\System32\IPHLPAPI.DLL - ok
14:11:39.0101 4428 [ F993A32249B66C9D622EA5592A8B76B8 ] C:\Windows\System32\lmhsvc.dll
14:11:39.0101 4428 C:\Windows\System32\lmhsvc.dll - ok
14:11:39.0101 4428 [ D54BFDF3E0C953F823B3D0BFE4732528 ] C:\Windows\System32\nsisvc.dll
14:11:39.0101 4428 C:\Windows\System32\nsisvc.dll - ok
14:11:39.0101 4428 [ D29E998E8277666982B4F0303BF4E7AF ] C:\Windows\System32\uxtheme.dll
14:11:39.0101 4428 C:\Windows\System32\uxtheme.dll - ok
14:11:39.0116 4428 [ 43D808F5D9E1A18E5EEB5EBC83969E4E ] C:\Windows\System32\dhcpcore.dll
14:11:39.0116 4428 C:\Windows\System32\dhcpcore.dll - ok
14:11:39.0116 4428 [ 16835866AAA693C7D7FCEBA8FFF706E4 ] C:\Windows\System32\dnsrslvr.dll
14:11:39.0116 4428 C:\Windows\System32\dnsrslvr.dll - ok
14:11:39.0116 4428 [ 87356377F31DA5F20A833811CD59499C ] C:\Windows\System32\eapphost.dll
14:11:39.0116 4428 C:\Windows\System32\eapphost.dll - ok
14:11:39.0132 4428 [ E2DDA8726DA9CB5B2C4000C9018A9633 ] C:\Windows\System32\eapsvc.dll
14:11:39.0132 4428 C:\Windows\System32\eapsvc.dll - ok
14:11:39.0132 4428 [ F9EC845C5EECF20E9A67F9F805F2EF1F ] C:\Windows\System32\keyiso.dll
14:11:39.0132 4428 C:\Windows\System32\keyiso.dll - ok
14:11:39.0132 4428 [ B73A6E4B319AFFE64582AC5C1801BB3F ] C:\Windows\System32\nrpsrv.dll
14:11:39.0132 4428 C:\Windows\System32\nrpsrv.dll - ok
14:11:39.0147 4428 [ 4C9210E8F4E052F6A4EB87716DA0C24C ] C:\Windows\System32\winnsi.dll
14:11:39.0147 4428 C:\Windows\System32\winnsi.dll - ok
14:11:39.0147 4428 [ 179E8401224D557ECFF3695F2016EA5B ] C:\Windows\winsxs\amd64_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.17825_none_2b253c8271ec7765\GdiPlus.dll
14:11:39.0147 4428 C:\Windows\winsxs\amd64_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.17825_none_2b253c8271ec7765\GdiPlus.dll - ok
14:11:39.0147 4428 [ 3CB6A7286422C72C34DAB54A5DFF1A34 ] C:\Windows\System32\dui70.dll
14:11:39.0147 4428 C:\Windows\System32\dui70.dll - ok
14:11:39.0163 4428 [ 0040C486584A8E582C861CFB57AB5387 ] C:\Windows\System32\FWPUCLNT.DLL
14:11:39.0163 4428 C:\Windows\System32\FWPUCLNT.DLL - ok
14:11:39.0163 4428 [ 9FCA3A84338ADEF2AFF67CDA46EF8539 ] C:\Windows\System32\umb.dll
14:11:39.0163 4428 C:\Windows\System32\umb.dll - ok
14:11:39.0163 4428 [ A648C4A06DE367065B24056D067B4460 ] C:\Windows\System32\wlanmsm.dll
14:11:39.0163 4428 C:\Windows\System32\wlanmsm.dll - ok
14:11:39.0163 4428 [ 3CC16A849E6092E43909F48EF0E60306 ] C:\Windows\System32\dhcpcore6.dll
14:11:39.0163 4428 C:\Windows\System32\dhcpcore6.dll - ok
14:11:39.0179 4428 [ 885D0942E0F28DB90919BE3129ECF279 ] C:\Windows\System32\dnsext.dll
14:11:39.0179 4428 C:\Windows\System32\dnsext.dll - ok
14:11:39.0179 4428 [ 06A1386B6E3A0CBC368665C1840906F4 ] C:\Windows\System32\wlansec.dll
14:11:39.0179 4428 C:\Windows\System32\wlansec.dll - ok
14:11:39.0179 4428 [ 3C06D5A929B798D0B13F6481242A0FD2 ] C:\Windows\System32\dhcpcsvc6.dll
14:11:39.0179 4428 C:\Windows\System32\dhcpcsvc6.dll - ok
14:11:39.0194 4428 [ F568F7C08458D69E4FCD8675BBB107E4 ] C:\Windows\System32\dhcpcsvc.dll
14:11:39.0194 4428 C:\Windows\System32\dhcpcsvc.dll - ok
14:11:39.0194 4428 [ 8CCDE014A4CDF84564E03ACE064CA753 ] C:\Windows\System32\duser.dll
14:11:39.0194 4428 C:\Windows\System32\duser.dll - ok
14:11:39.0194 4428 [ 0D753307D274F3688BD21C377B616700 ] C:\Windows\System32\eappcfg.dll
14:11:39.0194 4428 C:\Windows\System32\eappcfg.dll - ok
14:11:39.0210 4428 [ 65522E77A1360DBC8D199DA3BF5EFFE4 ] C:\Windows\System32\eappprxy.dll
14:11:39.0210 4428 C:\Windows\System32\eappprxy.dll - ok
14:11:39.0210 4428 [ 73FCB7919DEE80EE556F2E498594EBAE ] C:\Windows\System32\onex.dll
14:11:39.0210 4428 C:\Windows\System32\onex.dll - ok
14:11:39.0210 4428 [ D7F1EF374A90709B31591823B002F918 ] C:\Windows\System32\SndVolSSO.dll
14:11:39.0210 4428 C:\Windows\System32\SndVolSSO.dll - ok
14:11:39.0225 4428 [ 896F15A6434D93EDB42519D5E18E6B50 ] C:\Windows\System32\hid.dll
14:11:39.0225 4428 C:\Windows\System32\hid.dll - ok
14:11:39.0225 4428 [ 97E43F324BE1503CB2FFB058534688DA ] C:\Windows\System32\l2gpstore.dll
14:11:39.0225 4428 C:\Windows\System32\l2gpstore.dll - ok
14:11:39.0225 4428 [ 7D5645EE0EA77D539828433D9B95F5EB ] C:\Windows\System32\WinSCard.dll
14:11:39.0225 4428 C:\Windows\System32\WinSCard.dll - ok
14:11:39.0241 4428 [ 7F1B4C6FF3B85F9ADF74055187B8A22C ] C:\Windows\System32\wlanutil.dll
14:11:39.0241 4428 C:\Windows\System32\wlanutil.dll - ok
14:11:39.0241 4428 [ 730BF204A595D5B6D7DC57A247CC741C ] C:\Windows\System32\wlgpclnt.dll
14:11:39.0241 4428 C:\Windows\System32\wlgpclnt.dll - ok
14:11:39.0241 4428 [ DA1B7075260F3872585BFCDD668C648B ] C:\Windows\System32\dwmapi.dll
14:11:39.0241 4428 C:\Windows\System32\dwmapi.dll - ok
14:11:39.0241 4428 [ 4FFDE68C4B7C9993FA551E7E36DDB34D ] C:\Windows\System32\msxml6.dll
14:11:39.0241 4428 C:\Windows\System32\msxml6.dll - ok
14:11:39.0257 4428 [ 6F8B48F3D343E4B186AB6A9E302B7E16 ] C:\Windows\System32\xmllite.dll
14:11:39.0257 4428 C:\Windows\System32\xmllite.dll - ok
14:11:39.0257 4428 [ 26B73A85855681500BCC25C7CD9FF5B1 ] C:\Windows\System32\WindowsCodecs.dll
14:11:39.0257 4428 C:\Windows\System32\WindowsCodecs.dll - ok
14:11:39.0257 4428 [ 8FA553E9AE69808D99C164733A0F9590 ] C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
14:11:39.0257 4428 C:\Program Files\Alwil Software\Avast5\AvastSvc.exe - ok
14:11:39.0272 4428 [ 7FF15A4F092CD4A96055BA69F903E3E9 ] C:\Windows\SysWOW64\ws2_32.dll
14:11:39.0272 4428 C:\Windows\SysWOW64\ws2_32.dll - ok
14:11:39.0272 4428 [ 6377051C63D5552A311935C67E9FDFDC ] C:\Windows\SysWOW64\nsi.dll
14:11:39.0272 4428 C:\Windows\SysWOW64\nsi.dll - ok
14:11:39.0272 4428 [ 9F2BACD5E1776A4BB7CC0EC3C3A4F96D ] C:\Windows\System32\winbrand.dll
14:11:39.0272 4428 C:\Windows\System32\winbrand.dll - ok
14:11:39.0288 4428 [ EB398DED91CFF2F425610EAA2CCF2A23 ] C:\Program Files\Alwil Software\Avast5\aswCmnBS.dll
14:11:39.0288 4428 C:\Program Files\Alwil Software\Avast5\aswCmnBS.dll - ok
14:11:39.0288 4428 [ CA2985996BB49924B677113DF95CFEA7 ] C:\Windows\System32\SmartcardCredentialProvider.dll
14:11:39.0288 4428 C:\Windows\System32\SmartcardCredentialProvider.dll - ok
14:11:39.0288 4428 [ C2762A57DF0EE85E63CE4893C5215313 ] C:\Windows\System32\VaultCredProvider.dll
14:11:39.0288 4428 C:\Windows\System32\VaultCredProvider.dll - ok
14:11:39.0303 4428 [ BF352E73615F5461AA6884472435A544 ] C:\Windows\System32\BioCredProv.dll
14:11:39.0303 4428 C:\Windows\System32\BioCredProv.dll - ok
14:11:39.0303 4428 [ 796B8123A7859AFD3A4AE10514DBAEB5 ] C:\Windows\System32\winbio.dll
14:11:39.0303 4428 C:\Windows\System32\winbio.dll - ok
14:11:39.0303 4428 [ CC0AB40F02D2C2A12209715A3C1B07B8 ] C:\Windows\System32\credui.dll
14:11:39.0303 4428 C:\Windows\System32\credui.dll - ok
14:11:39.0319 4428 [ 44B9C66177651F3F53C87B665D58D17A ] C:\Windows\System32\vaultcli.dll
14:11:39.0319 4428 C:\Windows\System32\vaultcli.dll - ok
14:11:39.0319 4428 [ 972C3301DB3DA91AE06A95F6B4160B1B ] C:\Windows\System32\certCredProvider.dll
14:11:39.0319 4428 C:\Windows\System32\certCredProvider.dll - ok
14:11:39.0319 4428 [ 7097425051CE67B450EBF2B1390AE492 ] C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDCREDPROV.DLL
14:11:39.0319 4428 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDCREDPROV.DLL - ok
14:11:39.0335 4428 [ 87FA0C48C3B2E9FEE518818FE26B15B5 ] C:\Windows\System32\rasplap.dll
14:11:39.0335 4428 C:\Windows\System32\rasplap.dll - ok
14:11:39.0335 4428 [ B53C4B69B695EDA1B7E41D35CA4244E2 ] C:\Windows\System32\rtutils.dll
14:11:39.0335 4428 C:\Windows\System32\rtutils.dll - ok
14:11:39.0335 4428 [ 9BC8610C32C96A2983A65DC21CAFA921 ] C:\Windows\System32\UXInit.dll
14:11:39.0335 4428 C:\Windows\System32\UXInit.dll - ok
14:11:39.0350 4428 [ 34988E1741CA36740284D902F8CC5A2E ] C:\Windows\System32\atieclxx.exe
14:11:39.0350 4428 C:\Windows\System32\atieclxx.exe - ok
14:11:39.0350 4428 [ 178B51198B7B46CD3C5E744474459A63 ] C:\Program Files\Alwil Software\Avast5\aswCmnOS.dll
14:11:39.0350 4428 C:\Program Files\Alwil Software\Avast5\aswCmnOS.dll - ok
14:11:39.0350 4428 [ BABE99A18A382A5E2F99B48E0BC3E0D4 ] C:\Program Files\Alwil Software\Avast5\aswCmnIS.dll
14:11:39.0350 4428 C:\Program Files\Alwil Software\Avast5\aswCmnIS.dll - ok
14:11:39.0366 4428 [ 9C998DB6710BE03FAA3C7D2E506FA774 ] C:\Windows\System32\atiadlxx.dll
14:11:39.0366 4428 C:\Windows\System32\atiadlxx.dll - ok
14:11:39.0366 4428 [ 5AA945234E9D4CCE4F715276B9AA712C ] C:\Windows\System32\imageres.dll
14:11:39.0366 4428 C:\Windows\System32\imageres.dll - ok
14:11:39.0366 4428 [ B0945E538CF906BBDDC5A11C8EE868CC ] C:\Windows\System32\microsoft-windows-kernel-processor-power-events.dll
14:11:39.0366 4428 C:\Windows\System32\microsoft-windows-kernel-processor-power-events.dll - ok
14:11:39.0381 4428 [ CDBE9690CF2B8409FACAD94FAC9479C9 ] C:\Windows\winsxs\x86_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.6161_none_50934f2ebcb7eb57\msvcr90.dll
14:11:39.0381 4428 C:\Windows\winsxs\x86_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.6161_none_50934f2ebcb7eb57\msvcr90.dll - ok
14:11:39.0381 4428 [ A8EDB86FC2A4D6D1285E4C70384AC35A ] C:\Windows\System32\dllhost.exe
14:11:39.0381 4428 C:\Windows\System32\dllhost.exe - ok
14:11:39.0381 4428 [ A0A2C1D812C231C9BFE119FDC68E341B ] C:\Windows\System32\IDStore.dll
14:11:39.0381 4428 C:\Windows\System32\IDStore.dll - ok
14:11:39.0381 4428 [ 23566F9723771108D2E6CD768AC27407 ] C:\Windows\System32\AtBroker.exe
14:11:39.0381 4428 C:\Windows\System32\AtBroker.exe - ok
14:11:39.0397 4428 [ BAFE84E637BF7388C96EF48D4D3FDD53 ] C:\Windows\System32\userinit.exe
14:11:39.0397 4428 C:\Windows\System32\userinit.exe - ok
14:11:39.0397 4428 [ F162D5F5E845B9DC352DD1BAD8CEF1BC ] C:\Windows\System32\dwm.exe
14:11:39.0397 4428 C:\Windows\System32\dwm.exe - ok
14:11:39.0397 4428 [ 4BA77A5EF71C14C764B0ED4701683E3E ] C:\Windows\System32\dwmcore.dll
14:11:39.0397 4428 C:\Windows\System32\dwmcore.dll - ok
14:11:39.0413 4428 [ FCFCD1101C5DA23B4B95F93D02B2C169 ] C:\Windows\System32\dwmredir.dll
14:11:39.0413 4428 C:\Windows\System32\dwmredir.dll - ok
14:11:39.0413 4428 [ 5E0DB2D8B2750543CD2EBB9EA8E6CDD3 ] C:\Windows\SysWOW64\user32.dll
14:11:39.0413 4428 C:\Windows\SysWOW64\user32.dll - ok
14:11:39.0413 4428 [ D6D3AD7BF1D6F6CE9547613ED5E170A2 ] C:\Windows\SysWOW64\gdi32.dll
14:11:39.0413 4428 C:\Windows\SysWOW64\gdi32.dll - ok
14:11:39.0428 4428 [ 384721EF4024890092625E20CADFAF85 ] C:\Windows\SysWOW64\lpk.dll
14:11:39.0428 4428 C:\Windows\SysWOW64\lpk.dll - ok
14:11:39.0428 4428 [ 804AAAFEBB3AD5F49334DD906BCB1DE5 ] C:\Windows\SysWOW64\usp10.dll
14:11:39.0428 4428 C:\Windows\SysWOW64\usp10.dll - ok
14:11:39.0428 4428 [ E1374D37477322D4956604711008C69D ] C:\Windows\System32\d3d10_1.dll
14:11:39.0428 4428 C:\Windows\System32\d3d10_1.dll - ok
14:11:39.0444 4428 [ 426BA4E737A7988FD1202AF2F2B2F4A6 ] C:\Windows\System32\d3d10_1core.dll
14:11:39.0444 4428 C:\Windows\System32\d3d10_1core.dll - ok
14:11:39.0444 4428 [ F404E59DB6A0F122AB26BF4F3E2FD0FA ] C:\Windows\System32\dxgi.dll
14:11:39.0444 4428 C:\Windows\System32\dxgi.dll - ok
14:11:39.0444 4428 [ 4C39358EBDD2FFCD9132A30E1EC31E16 ] C:\Windows\winsxs\x86_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.6161_none_50934f2ebcb7eb57\msvcp90.dll
14:11:39.0444 4428 C:\Windows\winsxs\x86_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.6161_none_50934f2ebcb7eb57\msvcp90.dll - ok
14:11:39.0459 4428 [ 332FEAB1435662FC6C672E25BEB37BE3 ] C:\Windows\explorer.exe
14:11:39.0459 4428 C:\Windows\explorer.exe - ok
14:11:39.0459 4428 [ 73B1901F324E07D6CB46F5CDB2FFE37A ] C:\Windows\System32\aticfx64.dll
14:11:39.0459 4428 C:\Windows\System32\aticfx64.dll - ok
14:11:39.0459 4428 [ 142D78D1D776122DFB0ECFFC0809E4C6 ] C:\Windows\System32\atidxx64.dll
14:11:39.0459 4428 C:\Windows\System32\atidxx64.dll - ok
14:11:39.0475 4428 [ F0C432F39962CC51F357619BA785A74C ] C:\Windows\System32\atiuxp64.dll
14:11:39.0475 4428 C:\Windows\System32\atiuxp64.dll - ok
14:11:39.0475 4428 [ 49E5753D923F1AC63B22D3DCB0B47E00 ] C:\Windows\System32\uDWM.dll
14:11:39.0475 4428 C:\Windows\System32\uDWM.dll - ok
14:11:39.0475 4428 [ 55AFA63F5F2A6CED0C09E2AFE57ECA8D ] C:\Program Files\Alwil Software\Avast5\ashBase.dll
14:11:39.0475 4428 C:\Program Files\Alwil Software\Avast5\ashBase.dll - ok
14:11:39.0491 4428 [ C515CAEC6B3C6970007954C0250A124C ] C:\Program Files\Alwil Software\Avast5\aswEngLdr.dll
14:11:39.0491 4428 C:\Program Files\Alwil Software\Avast5\aswEngLdr.dll - ok
14:11:39.0491 4428 [ A543AC1F7138376D778D630A35FCBC4C ] C:\Windows\SysWOW64\psapi.dll
14:11:39.0491 4428 C:\Windows\SysWOW64\psapi.dll - ok
14:11:39.0491 4428 [ 702254574E7E52052DE39408457B7149 ] C:\Windows\SysWOW64\version.dll
14:11:39.0491 4428 C:\Windows\SysWOW64\version.dll - ok
14:11:39.0506 4428 [ 42C671E0525618E23371D0E68282F37C ] C:\Windows\SysWOW64\wininet.dll
14:11:39.0506 4428 C:\Windows\SysWOW64\wininet.dll - ok
14:11:39.0506 4428 [ DF13A51A5C591887D2EC6AE64CEED0FA ] C:\Windows\SysWOW64\wsock32.dll
14:11:39.0506 4428 C:\Windows\SysWOW64\wsock32.dll - ok
14:11:39.0506 4428 [ 8CC3C111D653E96F3EA1590891491D71 ] C:\Windows\SysWOW64\shlwapi.dll
14:11:39.0506 4428 C:\Windows\SysWOW64\shlwapi.dll - ok
14:11:39.0506 4428 [ 557A086A4659799D63A9CE474ADFEBE8 ] C:\Windows\SysWOW64\urlmon.dll
14:11:39.0506 4428 C:\Windows\SysWOW64\urlmon.dll - ok
14:11:39.0522 4428 [ 928CF7268086631F54C3D8E17238C6DD ] C:\Windows\SysWOW64\ole32.dll
14:11:39.0522 4428 C:\Windows\SysWOW64\ole32.dll - ok
14:11:39.0522 4428 [ 6C765E82B57F2E66CE9C54AC238471D9 ] C:\Windows\SysWOW64\oleaut32.dll
14:11:39.0522 4428 C:\Windows\SysWOW64\oleaut32.dll - ok
14:11:39.0522 4428 [ 60D21799A4AF4EDCE65FB98830E4B0C8 ] C:\Windows\SysWOW64\crypt32.dll
14:11:39.0522 4428 C:\Windows\SysWOW64\crypt32.dll - ok
14:11:39.0537 4428 [ C5D48985BADF6CFEDCBCCDD5D92F526D ] C:\Windows\SysWOW64\iertutil.dll
14:11:39.0537 4428 C:\Windows\SysWOW64\iertutil.dll - ok
14:11:39.0537 4428 [ 938F39B50BAFE13D6F58C7790682C010 ] C:\Windows\SysWOW64\msasn1.dll
14:11:39.0537 4428 C:\Windows\SysWOW64\msasn1.dll - ok
14:11:39.0537 4428 [ EED05D42D91835064703E2318552ED25 ] C:\Windows\System32\ExplorerFrame.dll
14:11:39.0537 4428 C:\Windows\System32\ExplorerFrame.dll - ok
14:11:39.0553 4428 [ 867C93CE4B4CCFCDE65CE48A769CD227 ] C:\Program Files\Alwil Software\Avast5\ashShA64.dll
14:11:39.0553 4428 C:\Program Files\Alwil Software\Avast5\ashShA64.dll - ok
14:11:39.0553 4428 [ B316906B4A04DD39985350D29DE31068 ] C:\PROGRA~1\ALWILS~1\Avast5\1033\Base.dll
14:11:39.0553 4428 C:\PROGRA~1\ALWILS~1\Avast5\1033\Base.dll - ok
14:11:39.0553 4428 [ 024352FEEC9042260BB4CFB4D79A206B ] C:\Windows\System32\EhStorShell.dll
14:11:39.0553 4428 C:\Windows\System32\EhStorShell.dll - ok
14:11:39.0569 4428 [ 7EE5F17A21D9A9101207DF4BC37B085D ] C:\Windows\System32\cscdll.dll
14:11:39.0569 4428 C:\Windows\System32\cscdll.dll - ok
14:11:39.0569 4428 [ 32802C0F6FC7C8F561B9D91F52A46421 ] C:\Windows\System32\cscui.dll
14:11:39.0569 4428 C:\Windows\System32\cscui.dll - ok
14:11:39.0569 4428 [ 1BF0CB861A48FEB1638228760750F3CB ] C:\Windows\System32\cscapi.dll
14:11:39.0569 4428 C:\Windows\System32\cscapi.dll - ok
14:11:39.0584 4428 [ 037A719DAD50603202C978CD802623E4 ] C:\Windows\System32\ntshrui.dll
14:11:39.0584 4428 C:\Windows\System32\ntshrui.dll - ok
14:11:39.0584 4428 [ 1D63F4366288B8A7595397E27010FD44 ] C:\Windows\System32\IconCodecService.dll
14:11:39.0584 4428 C:\Windows\System32\IconCodecService.dll - ok
14:11:39.0584 4428 [ A6F09E5669D9A19035F6D942CAA15882 ] C:\Windows\SysWOW64\imm32.dll
14:11:39.0584 4428 C:\Windows\SysWOW64\imm32.dll - ok
14:11:39.0584 4428 [ C9618BC9B2B0FD7C1138D8774795A79B ] C:\Windows\SysWOW64\msctf.dll
14:11:39.0584 4428 C:\Windows\SysWOW64\msctf.dll - ok
14:11:39.0600 4428 [ 53223B673A3FA2F9A4D1C31C8D3F6CD8 ] C:\Windows\SysWOW64\dbghelp.dll
14:11:39.0600 4428 C:\Windows\SysWOW64\dbghelp.dll - ok
14:11:39.0600 4428 [ 977C54291BFA6FEE7FF865630E51757B ] C:\Program Files\Alwil Software\Avast5\ashServ.dll
14:11:39.0600 4428 C:\Program Files\Alwil Software\Avast5\ashServ.dll - ok
14:11:39.0600 4428 [ AAF932B4011D14052955D4B212A4DA8D ] C:\Windows\System32\shsvcs.dll
14:11:39.0600 4428 C:\Windows\System32\shsvcs.dll - ok
14:11:39.0615 4428 [ 465BEA35F7ED4A4A57686DEA7EA10F47 ] C:\Windows\SysWOW64\cscapi.dll
14:11:39.0615 4428 C:\Windows\SysWOW64\cscapi.dll - ok
14:11:39.0615 4428 [ 2FCA0D2C59A855C54BAFA22AA329DF0F ] C:\Windows\SysWOW64\netapi32.dll
14:11:39.0615 4428 C:\Windows\SysWOW64\netapi32.dll - ok
14:11:39.0615 4428 [ 20B3934DB73EABA2B49B7177873CB81F ] C:\Windows\SysWOW64\netutils.dll
14:11:39.0615 4428 C:\Windows\SysWOW64\netutils.dll - ok
14:11:39.0631 4428 [ 5CCDCD40E732D54E0F7451AC66AC1C87 ] C:\Windows\SysWOW64\srvcli.dll
14:11:39.0631 4428 C:\Windows\SysWOW64\srvcli.dll - ok
14:11:39.0631 4428 [ E5A4A1326A02F8E7B59E6C3270CE7202 ] C:\Windows\SysWOW64\wkscli.dll
14:11:39.0631 4428 C:\Windows\SysWOW64\wkscli.dll - ok
14:11:39.0631 4428 [ 16CE3ED063923253905341C9AF850FE7 ] C:\Program Files\Alwil Software\Avast5\ashTask.dll
14:11:39.0631 4428 C:\Program Files\Alwil Software\Avast5\ashTask.dll - ok
14:11:39.0647 4428 [ 4FF19AC422B7709D786DE58B385C9647 ] C:\Program Files\Alwil Software\Avast5\ashTaskEx.dll
14:11:39.0647 4428 C:\Program Files\Alwil Software\Avast5\ashTaskEx.dll - ok
14:11:39.0647 4428 [ 045EE3DC56B12B404DC07848D8597C66 ] C:\Program Files\Alwil Software\Avast5\aswAux.dll
14:11:39.0647 4428 C:\Program Files\Alwil Software\Avast5\aswAux.dll - ok
14:11:39.0647 4428 [ FCA9CC8611654B790DD6242BF862B7F5 ] C:\Program Files\Alwil Software\Avast5\aswLog.dll
14:11:39.0647 4428 C:\Program Files\Alwil Software\Avast5\aswLog.dll - ok
14:11:39.0662 4428 [ 6F367A9B88CFDD46F42C1D11E5CB7964 ] C:\Program Files\Alwil Software\Avast5\Aavm4h.dll
14:11:39.0662 4428 C:\Program Files\Alwil Software\Avast5\Aavm4h.dll - ok
14:11:39.0662 4428 [ 12B9869E74F9E698F550F04F8989C591 ] C:\Program Files\Alwil Software\Avast5\aswProperty.dll
14:11:39.0662 4428 C:\Program Files\Alwil Software\Avast5\aswProperty.dll - ok
14:11:39.0662 4428 [ F186897E0A3B9D0784041221D0265069 ] C:\Program Files\Alwil Software\Avast5\aswSqLt.dll
14:11:39.0662 4428 C:\Program Files\Alwil Software\Avast5\aswSqLt.dll - ok
14:11:39.0678 4428 [ C2434DEA392826C1687D9BD7FA4845BC ] C:\Program Files\Alwil Software\Avast5\AavmRpch.dll
14:11:39.0678 4428 C:\Program Files\Alwil Software\Avast5\AavmRpch.dll - ok
14:11:39.0678 4428 [ 264B5D8F4C70A26749FF2CEDDE06BA30 ] C:\Program Files\Alwil Software\Avast5\aswDld.dll
14:11:39.0678 4428 C:\Program Files\Alwil Software\Avast5\aswDld.dll - ok
14:11:39.0678 4428 [ 902F670F58193A2BC30AA342B11B2C7B ] C:\Program Files\Alwil Software\Avast5\aswIdle.dll
14:11:39.0678 4428 C:\Program Files\Alwil Software\Avast5\aswIdle.dll - ok
14:11:39.0693 4428 [ 273FD83FC8C4E12F8C55381674F92A44 ] C:\Program Files\Alwil Software\Avast5\aswStrm.dll
-
Gringo,
I have run TDSSkiller and aswMBR and am posting the logs. After running them I opened my task manager and notice that the lsass.exe process is no longer running?
14:08:38.0499 3964 TDSS rootkit removing tool 2.8.15.0 Oct 31 2012 21:47:35
14:08:40.0511 3964 ============================================================
14:08:40.0511 3964 Current date / time: 2012/12/30 14:08:40.0511
14:08:40.0511 3964 SystemInfo:
14:08:40.0511 3964
14:08:40.0511 3964 OS Version: 6.1.7601 ServicePack: 1.0
14:08:40.0511 3964 Product type: Workstation
14:08:40.0511 3964 ComputerName: HTPC
14:08:40.0511 3964 UserName: Webb
14:08:40.0511 3964 Windows directory: C:\Windows
14:08:40.0511 3964 System windows directory: C:\Windows
14:08:40.0511 3964 Running under WOW64
14:08:40.0511 3964 Processor architecture: Intel x64
14:08:40.0511 3964 Number of processors: 2
14:08:40.0511 3964 Page size: 0x1000
14:08:40.0511 3964 Boot type: Normal boot
14:08:40.0511 3964 ============================================================
14:09:34.0191 3964 BG loaded
14:09:34.0784 3964 Drive \Device\Harddisk0\DR0 - Size: 0x3A70C70000 (233.76 Gb), SectorSize: 0x200, Cylinders: 0x7733, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
14:09:34.0909 3964 Drive \Device\Harddisk1\DR1 - Size: 0x7470C05E00 (465.76 Gb), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'W'
14:09:35.0174 3964 ============================================================
14:09:35.0174 3964 \Device\Harddisk0\DR0:
14:09:35.0205 3964 MBR partitions:
14:09:35.0205 3964 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x16FAE6FF
14:09:35.0236 3964 \Device\Harddisk1\DR1:
14:09:35.0236 3964 MBR partitions:
14:09:35.0236 3964 \Device\Harddisk1\DR1\Partition1: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0x3A384C02
14:09:35.0236 3964 ============================================================
14:09:35.0314 3964 C: <-> \Device\Harddisk0\DR0\Partition1
14:09:35.0345 3964 E: <-> \Device\Harddisk1\DR1\Partition1
14:09:35.0345 3964 ============================================================
14:09:35.0345 3964 Initialize success
14:09:35.0345 3964 ============================================================
14:10:53.0377 4428 ============================================================
14:10:53.0377 4428 Scan started
14:10:53.0377 4428 Mode: Manual; SigCheck; TDLFS;
14:10:53.0377 4428 ============================================================
14:10:55.0155 4428 ================ Scan system memory ========================
14:10:55.0155 4428 System memory - ok
14:10:55.0155 4428 ================ Scan services =============================
14:10:56.0325 4428 [ A87D604AEA360176311474C87A63BB88 ] 1394ohci C:\Windows\system32\drivers\1394ohci.sys
14:10:56.0450 4428 1394ohci - ok
14:10:56.0528 4428 [ D81D9E70B8A6DD14D42D7B4EFA65D5F2 ] ACPI C:\Windows\system32\drivers\ACPI.sys
14:10:56.0559 4428 ACPI - ok
14:10:56.0590 4428 [ 99F8E788246D495CE3794D7E7821D2CA ] AcpiPmi C:\Windows\system32\drivers\acpipmi.sys
14:10:56.0653 4428 AcpiPmi - ok
14:10:57.0745 4428 [ 95CE557D16A75606CCC2D7F3B0B0BCCB ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
14:10:57.0776 4428 AdobeFlashPlayerUpdateSvc - ok
14:10:57.0948 4428 [ 2F6B34B83843F0C5118B63AC634F5BF4 ] adp94xx C:\Windows\system32\DRIVERS\adp94xx.sys
14:10:57.0994 4428 adp94xx - ok
14:10:58.0072 4428 [ 597F78224EE9224EA1A13D6350CED962 ] adpahci C:\Windows\system32\DRIVERS\adpahci.sys
14:10:58.0104 4428 adpahci - ok
14:10:58.0150 4428 [ E109549C90F62FB570B9540C4B148E54 ] adpu320 C:\Windows\system32\DRIVERS\adpu320.sys
14:10:58.0182 4428 adpu320 - ok
14:10:58.0228 4428 [ 4B78B431F225FD8624C5655CB1DE7B61 ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
14:10:58.0275 4428 AeLookupSvc - ok
14:10:58.0384 4428 [ 1C7857B62DE5994A75B054A9FD4C3825 ] AFD C:\Windows\system32\drivers\afd.sys
14:10:58.0447 4428 AFD - ok
14:10:58.0494 4428 [ 608C14DBA7299D8CB6ED035A68A15799 ] agp440 C:\Windows\system32\drivers\agp440.sys
14:10:58.0525 4428 agp440 - ok
14:10:58.0572 4428 [ 3290D6946B5E30E70414990574883DDB ] ALG C:\Windows\System32\alg.exe
14:10:58.0634 4428 ALG - ok
14:10:58.0681 4428 [ 5812713A477A3AD7363C7438CA2EE038 ] aliide C:\Windows\system32\drivers\aliide.sys
14:10:58.0712 4428 aliide - ok
14:10:58.0821 4428 [ 54716D9BB43733578A5647E9B121141F ] AMD External Events Utility C:\Windows\system32\atiesrxx.exe
14:10:58.0884 4428 AMD External Events Utility - ok
14:10:58.0915 4428 [ 1FF8B4431C353CE385C875F194924C0C ] amdide C:\Windows\system32\drivers\amdide.sys
14:10:58.0946 4428 amdide - ok
14:10:59.0008 4428 [ 7024F087CFF1833A806193EF9D22CDA9 ] AmdK8 C:\Windows\system32\DRIVERS\amdk8.sys
14:10:59.0071 4428 AmdK8 - ok
14:11:00.0381 4428 [ 522A8BD1414CC7517FAEC907F138DB9C ] amdkmdag C:\Windows\system32\DRIVERS\atikmdag.sys
14:11:00.0506 4428 amdkmdag - ok
14:11:00.0537 4428 [ F712C26D40BF3CD2C020BB518E8150B1 ] amdkmdap C:\Windows\system32\DRIVERS\atikmpag.sys
14:11:00.0584 4428 amdkmdap - ok
14:11:00.0631 4428 [ 1E56388B3FE0D031C44144EB8C4D6217 ] AmdPPM C:\Windows\system32\DRIVERS\amdppm.sys
14:11:00.0662 4428 AmdPPM - ok
14:11:00.0724 4428 [ D4121AE6D0C0E7E13AA221AA57EF2D49 ] amdsata C:\Windows\system32\drivers\amdsata.sys
14:11:00.0740 4428 amdsata - ok
14:11:00.0834 4428 [ F67F933E79241ED32FF46A4F29B5120B ] amdsbs C:\Windows\system32\DRIVERS\amdsbs.sys
14:11:00.0880 4428 amdsbs - ok
14:11:00.0912 4428 [ 540DAF1CEA6094886D72126FD7C33048 ] amdxata C:\Windows\system32\drivers\amdxata.sys
14:11:00.0927 4428 amdxata - ok
14:11:01.0130 4428 [ 821E7E501226EE344FDB0F40EE46109D ] AnyDVD C:\Windows\system32\Drivers\AnyDVD.sys
14:11:01.0161 4428 AnyDVD - ok
14:11:01.0239 4428 [ 89A69C3F2F319B43379399547526D952 ] AppID C:\Windows\system32\drivers\appid.sys
14:11:01.0333 4428 AppID - ok
14:11:01.0380 4428 [ 0BC381A15355A3982216F7172F545DE1 ] AppIDSvc C:\Windows\System32\appidsvc.dll
14:11:01.0442 4428 AppIDSvc - ok
14:11:01.0520 4428 [ 3977D4A871CA0D4F2ED1E7DB46829731 ] Appinfo C:\Windows\System32\appinfo.dll
14:11:01.0567 4428 Appinfo - ok
14:11:01.0848 4428 [ 20F6F19FE9E753F2780DC2FA083AD597 ] Apple Mobile Device C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
14:11:01.0879 4428 Apple Mobile Device - ok
14:11:02.0019 4428 [ 4ABA3E75A76195A3E38ED2766C962899 ] AppMgmt C:\Windows\System32\appmgmts.dll
14:11:02.0050 4428 AppMgmt - ok
14:11:02.0113 4428 [ C484F8CEB1717C540242531DB7845C4E ] arc C:\Windows\system32\DRIVERS\arc.sys
14:11:02.0144 4428 arc - ok
14:11:02.0175 4428 [ 019AF6924AEFE7839F61C830227FE79C ] arcsas C:\Windows\system32\DRIVERS\arcsas.sys
14:11:02.0206 4428 arcsas - ok
14:11:02.0378 4428 [ 9149EC69ACD3EFC97B01D5A1BAEB3B57 ] arXfrSvc C:\Program Files\Windows Home Server\Microsoft.HomeServer.Archive.TransferService.exe
14:11:02.0394 4428 arXfrSvc - ok
14:11:02.0487 4428 [ 68726474C69B738EAC3A62E06B33ADDC ] AsIO C:\Windows\syswow64\drivers\AsIO.sys
14:11:02.0503 4428 AsIO - ok
14:11:02.0581 4428 [ 4FCAEF0C5BE7629AEB878998E0FE959B ] aswFsBlk C:\Windows\system32\drivers\aswFsBlk.sys
14:11:02.0581 4428 aswFsBlk - ok
14:11:02.0659 4428 [ B50CDD87772D6A11CB90924AAD399DF8 ] aswMonFlt C:\Windows\system32\drivers\aswMonFlt.sys
14:11:02.0659 4428 aswMonFlt - ok
14:11:02.0706 4428 [ 57768C7DB4681F2510F247F82EF31D4F ] aswRdr C:\Windows\System32\Drivers\aswrdr2.sys
14:11:02.0721 4428 aswRdr - ok
14:11:02.0971 4428 [ E71D826A1F3CE9C9DE3E77F2D02AFFBF ] aswSnx C:\Windows\system32\drivers\aswSnx.sys
14:11:02.0986 4428 aswSnx - ok
14:11:03.0018 4428 [ 538A32E2C99BF073D4CA76C30BEDAA60 ] aswSP C:\Windows\system32\drivers\aswSP.sys
14:11:03.0033 4428 aswSP - ok
14:11:03.0064 4428 [ 6EDC79D73745FD44C41B55B2D13D0B70 ] aswTdi C:\Windows\system32\drivers\aswTdi.sys
14:11:03.0080 4428 aswTdi - ok
14:11:03.0111 4428 [ 769765CE2CC62867468CEA93969B2242 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys
14:11:03.0158 4428 AsyncMac - ok
14:11:03.0189 4428 [ 02062C0B390B7729EDC9E69C680A6F3C ] atapi C:\Windows\system32\drivers\atapi.sys
14:11:03.0205 4428 atapi - ok
14:11:03.0392 4428 [ E02B26650ACC2F4901342D4A66774AD7 ] AtiHDAudioService C:\Windows\system32\drivers\AtihdW76.sys
14:11:03.0408 4428 AtiHDAudioService - ok
14:11:03.0454 4428 [ 7E2F5A758F63F80F8B03F889B4E6B19F ] AtiHdmiService C:\Windows\system32\drivers\AtiHdmi.sys
14:11:03.0486 4428 AtiHdmiService - ok
14:11:03.0548 4428 [ 7C5D273E29DCC5505469B299C6F29163 ] AtiPcie C:\Windows\system32\DRIVERS\AtiPcie.sys
14:11:03.0579 4428 AtiPcie - ok
14:11:03.0626 4428 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
14:11:03.0704 4428 AudioEndpointBuilder - ok
14:11:03.0766 4428 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioSrv C:\Windows\System32\Audiosrv.dll
14:11:03.0813 4428 AudioSrv - ok
14:11:03.0985 4428 [ 8FA553E9AE69808D99C164733A0F9590 ] avast! Antivirus C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
14:11:04.0000 4428 avast! Antivirus - ok
14:11:04.0078 4428 [ A6BF31A71B409DFA8CAC83159E1E2AFF ] AxInstSV C:\Windows\System32\AxInstSV.dll
14:11:04.0125 4428 AxInstSV - ok
14:11:04.0266 4428 [ 3E5B191307609F7514148C6832BB0842 ] b06bdrv C:\Windows\system32\DRIVERS\bxvbda.sys
14:11:04.0312 4428 b06bdrv - ok
14:11:04.0437 4428 [ B5ACE6968304A3900EEB1EBFD9622DF2 ] b57nd60a C:\Windows\system32\DRIVERS\b57nd60a.sys
14:11:04.0484 4428 b57nd60a - ok
14:11:04.0515 4428 [ FDE360167101B4E45A96F939F388AEB0 ] BDESVC C:\Windows\System32\bdesvc.dll
14:11:04.0562 4428 BDESVC - ok
14:11:04.0609 4428 [ 16A47CE2DECC9B099349A5F840654746 ] Beep C:\Windows\system32\drivers\Beep.sys
14:11:04.0687 4428 Beep - ok
14:11:04.0812 4428 [ 82974D6A2FD19445CC5171FC378668A4 ] BFE C:\Windows\System32\bfe.dll
14:11:04.0890 4428 BFE - ok
14:11:04.0999 4428 [ 1EA7969E3271CBC59E1730697DC74682 ] BITS C:\Windows\system32\qmgr.dll
14:11:05.0077 4428 BITS - ok
14:11:05.0124 4428 [ 61583EE3C3A17003C4ACD0475646B4D3 ] blbdrive C:\Windows\system32\DRIVERS\blbdrive.sys
14:11:05.0155 4428 blbdrive - ok
14:11:05.0295 4428 [ F832F1505AD8B83474BD9A5B1B985E01 ] Bonjour Service C:\Program Files (x86)\Bonjour\mDNSResponder.exe
14:11:05.0311 4428 Bonjour Service - ok
14:11:05.0342 4428 [ 6C02A83164F5CC0A262F4199F0871CF5 ] bowser C:\Windows\system32\DRIVERS\bowser.sys
14:11:05.0373 4428 bowser - ok
14:11:05.0420 4428 [ F09EEE9EDC320B5E1501F749FDE686C8 ] BrFiltLo C:\Windows\system32\DRIVERS\BrFiltLo.sys
14:11:05.0498 4428 BrFiltLo - ok
14:11:05.0514 4428 [ B114D3098E9BDB8BEA8B053685831BE6 ] BrFiltUp C:\Windows\system32\DRIVERS\BrFiltUp.sys
14:11:05.0545 4428 BrFiltUp - ok
14:11:05.0576 4428 [ 5C2F352A4E961D72518261257AAE204B ] BridgeMP C:\Windows\system32\DRIVERS\bridge.sys
14:11:05.0670 4428 BridgeMP - ok
14:11:05.0701 4428 [ 05F5A0D14A2EE1D8255C2AA0E9E8E694 ] Browser C:\Windows\System32\browser.dll
14:11:05.0763 4428 Browser - ok
14:11:05.0794 4428 [ 43BEA8D483BF1870F018E2D02E06A5BD ] Brserid C:\Windows\System32\Drivers\Brserid.sys
14:11:05.0872 4428 Brserid - ok
14:11:05.0888 4428 [ A6ECA2151B08A09CACECA35C07F05B42 ] BrSerWdm C:\Windows\System32\Drivers\BrSerWdm.sys
14:11:05.0950 4428 BrSerWdm - ok
14:11:05.0966 4428 [ B79968002C277E869CF38BD22CD61524 ] BrUsbMdm C:\Windows\System32\Drivers\BrUsbMdm.sys
14:11:06.0013 4428 BrUsbMdm - ok
14:11:06.0028 4428 [ A87528880231C54E75EA7A44943B38BF ] BrUsbSer C:\Windows\System32\Drivers\BrUsbSer.sys
14:11:06.0075 4428 BrUsbSer - ok
14:11:06.0153 4428 [ 9DA669F11D1F894AB4EB69BF546A42E8 ] BTHMODEM C:\Windows\system32\DRIVERS\bthmodem.sys
14:11:06.0216 4428 BTHMODEM - ok
14:11:06.0247 4428 [ 95F9C2976059462CBBF227F7AAB10DE9 ] bthserv C:\Windows\system32\bthserv.dll
14:11:06.0309 4428 bthserv - ok
14:11:06.0325 4428 catchme - ok
14:11:06.0372 4428 [ B8BD2BB284668C84865658C77574381A ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
14:11:06.0434 4428 cdfs - ok
14:11:06.0496 4428 [ F036CE71586E93D94DAB220D7BDF4416 ] cdrom C:\Windows\system32\DRIVERS\cdrom.sys
14:11:06.0528 4428 cdrom - ok
14:11:06.0590 4428 [ F17D1D393BBC69C5322FBFAFACA28C7F ] CertPropSvc C:\Windows\System32\certprop.dll
14:11:06.0652 4428 CertPropSvc - ok
14:11:06.0746 4428 [ D7CD5C4E1B71FA62050515314CFB52CF ] circlass C:\Windows\system32\DRIVERS\circlass.sys
14:11:06.0777 4428 circlass - ok
14:11:06.0886 4428 [ FE1EC06F2253F691FE36217C592A0206 ] CLFS C:\Windows\system32\CLFS.sys
14:11:06.0918 4428 CLFS - ok
14:11:07.0027 4428 [ 56139566E462C1FB1775E140D4EE6B22 ] CLPSLS C:\Program Files (x86)\COMODO\COMODO livePCsupport\CLPSLS.exe
14:11:07.0042 4428 CLPSLS - ok
14:11:07.0292 4428 [ D88040F816FDA31C3B466F0FA0918F29 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
14:11:07.0354 4428 clr_optimization_v2.0.50727_32 - ok
14:11:07.0526 4428 [ D1CEEA2B47CB998321C579651CE3E4F8 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
14:11:07.0557 4428 clr_optimization_v2.0.50727_64 - ok
14:11:07.0651 4428 [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
14:11:07.0744 4428 clr_optimization_v4.0.30319_32 - ok
14:11:07.0822 4428 [ C6F9AF94DCD58122A4D7E89DB6BED29D ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
14:11:07.0838 4428 clr_optimization_v4.0.30319_64 - ok
14:11:07.0885 4428 [ 0840155D0BDDF1190F84A663C284BD33 ] CmBatt C:\Windows\system32\DRIVERS\CmBatt.sys
14:11:07.0916 4428 CmBatt - ok
14:11:08.0571 4428 [ 65FB5097D9EE7E3A99E932CFA0E4B344 ] cmdAgent C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe
14:11:08.0618 4428 cmdAgent - ok
14:11:08.0758 4428 [ 919ACCC22ABDC1C3CA68326C0E5DEAF9 ] cmdGuard C:\Windows\system32\DRIVERS\cmdguard.sys
14:11:08.0774 4428 cmdGuard - ok
14:11:08.0790 4428 [ F8FECE0F1D44C4A58778083B00EEADAC ] cmdHlp C:\Windows\system32\DRIVERS\cmdhlp.sys
14:11:08.0805 4428 cmdHlp - ok
14:11:08.0836 4428 [ E19D3F095812725D88F9001985B94EDD ] cmdide C:\Windows\system32\drivers\cmdide.sys
14:11:08.0852 4428 cmdide - ok
14:11:08.0961 4428 [ 9AC4F97C2D3E93367E2148EA940CD2CD ] CNG C:\Windows\system32\Drivers\cng.sys
14:11:08.0992 4428 CNG - ok
14:11:09.0039 4428 [ 102DE219C3F61415F964C88E9085AD14 ] Compbatt C:\Windows\system32\DRIVERS\compbatt.sys
14:11:09.0070 4428 Compbatt - ok
14:11:09.0133 4428 [ 03EDB043586CCEBA243D689BDDA370A8 ] CompositeBus C:\Windows\system32\drivers\CompositeBus.sys
14:11:09.0164 4428 CompositeBus - ok
14:11:09.0180 4428 COMSysApp - ok
14:11:09.0211 4428 [ 1C827878A998C18847245FE1F34EE597 ] crcdisk C:\Windows\system32\DRIVERS\crcdisk.sys
14:11:09.0242 4428 crcdisk - ok
14:11:09.0320 4428 [ 9C01375BE382E834CC26D1B7EAF2C4FE ] CryptSvc C:\Windows\system32\cryptsvc.dll
14:11:09.0367 4428 CryptSvc - ok
14:11:09.0476 4428 [ 54DA3DFD29ED9F1619B6F53F3CE55E49 ] CSC C:\Windows\system32\drivers\csc.sys
14:11:09.0523 4428 CSC - ok
14:11:09.0554 4428 [ 3AB183AB4D2C79DCF459CD2C1266B043 ] CscService C:\Windows\System32\cscsvc.dll
14:11:09.0601 4428 CscService - ok
14:11:09.0694 4428 [ 5C627D1B1138676C0A7AB2C2C190D123 ] DcomLaunch C:\Windows\system32\rpcss.dll
14:11:09.0741 4428 DcomLaunch - ok
14:11:09.0897 4428 [ 3CEC7631A84943677AA8FA8EE5B6B43D ] defragsvc C:\Windows\System32\defragsvc.dll
14:11:09.0944 4428 defragsvc - ok
14:11:09.0991 4428 [ 9BB2EF44EAA163B29C4A4587887A0FE4 ] DfsC C:\Windows\system32\Drivers\dfsc.sys
14:11:10.0038 4428 DfsC - ok
14:11:10.0131 4428 [ 43D808F5D9E1A18E5EEB5EBC83969E4E ] Dhcp C:\Windows\system32\dhcpcore.dll
14:11:10.0194 4428 Dhcp - ok
14:11:10.0209 4428 [ 13096B05847EC78F0977F2C0F79E9AB3 ] discache C:\Windows\system32\drivers\discache.sys
14:11:10.0256 4428 discache - ok
14:11:10.0303 4428 [ 9819EEE8B5EA3784EC4AF3B137A5244C ] Disk C:\Windows\system32\DRIVERS\disk.sys
14:11:10.0334 4428 Disk - ok
14:11:10.0381 4428 [ 16835866AAA693C7D7FCEBA8FFF706E4 ] Dnscache C:\Windows\System32\dnsrslvr.dll
14:11:10.0412 4428 Dnscache - ok
14:11:10.0490 4428 [ B1FB3DDCA0FDF408750D5843591AFBC6 ] dot3svc C:\Windows\System32\dot3svc.dll
14:11:10.0537 4428 dot3svc - ok
14:11:10.0568 4428 [ B26F4F737E8F9DF4F31AF6CF31D05820 ] DPS C:\Windows\system32\dps.dll
14:11:10.0615 4428 DPS - ok
14:11:10.0677 4428 [ 9B19F34400D24DF84C858A421C205754 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
14:11:10.0724 4428 drmkaud - ok
14:11:10.0896 4428 [ F5BEE30450E18E6B83A5012C100616FD ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
14:11:10.0927 4428 DXGKrnl - ok
14:11:10.0942 4428 [ E2DDA8726DA9CB5B2C4000C9018A9633 ] EapHost C:\Windows\System32\eapsvc.dll
14:11:11.0036 4428 EapHost - ok
14:11:11.0613 4428 [ DC5D737F51BE844D8C82C695EB17372F ] ebdrv C:\Windows\system32\DRIVERS\evbda.sys
14:11:11.0707 4428 ebdrv - ok
14:11:11.0754 4428 [ C118A82CD78818C29AB228366EBF81C3 ] EFS C:\Windows\System32\lsass.exe
14:11:11.0800 4428 EFS - ok
14:11:12.0081 4428 [ C4002B6B41975F057D98C439030CEA07 ] ehRecvr C:\Windows\ehome\ehRecvr.exe
14:11:12.0112 4428 ehRecvr - ok
14:11:12.0253 4428 [ 4705E8EF9934482C5BB488CE28AFC681 ] ehSched C:\Windows\ehome\ehsched.exe
14:11:12.0268 4428 ehSched - ok
14:11:12.0378 4428 [ A05FC7ECA0966EBB70E4D17B855A853B ] ElbyCDIO C:\Windows\system32\Drivers\ElbyCDIO.sys
14:11:12.0393 4428 ElbyCDIO - ok
14:11:12.0534 4428 [ 0E5DA5369A0FCAEA12456DD852545184 ] elxstor C:\Windows\system32\DRIVERS\elxstor.sys
14:11:12.0565 4428 elxstor - ok
14:11:12.0612 4428 [ 34A3C54752046E79A126E15C51DB409B ] ErrDev C:\Windows\system32\drivers\errdev.sys
14:11:12.0658 4428 ErrDev - ok
14:11:12.0783 4428 [ 94B3C06DCF580695EBA5304F3C750256 ] esClient C:\Program Files\Windows Home Server\esClient.exe
14:11:12.0799 4428 esClient - ok
14:11:12.0924 4428 [ 4166F82BE4D24938977DD1746BE9B8A0 ] EventSystem C:\Windows\system32\es.dll
14:11:12.0970 4428 EventSystem - ok
14:11:12.0986 4428 [ A510C654EC00C1E9BDD91EEB3A59823B ] exfat C:\Windows\system32\drivers\exfat.sys
14:11:13.0048 4428 exfat - ok
14:11:13.0111 4428 [ 0ADC83218B66A6DB380C330836F3E36D ] fastfat C:\Windows\system32\drivers\fastfat.sys
14:11:13.0173 4428 fastfat - ok
14:11:13.0392 4428 [ DBEFD454F8318A0EF691FDD2EAAB44EB ] Fax C:\Windows\system32\fxssvc.exe
14:11:13.0423 4428 Fax - ok
14:11:13.0454 4428 [ D765D19CD8EF61F650C384F62FAC00AB ] fdc C:\Windows\system32\DRIVERS\fdc.sys
14:11:13.0485 4428 fdc - ok
14:11:13.0516 4428 [ 0438CAB2E03F4FB61455A7956026FE86 ] fdPHost C:\Windows\system32\fdPHost.dll
14:11:13.0563 4428 fdPHost - ok
14:11:13.0579 4428 [ 802496CB59A30349F9A6DD22D6947644 ] FDResPub C:\Windows\system32\fdrespub.dll
14:11:13.0626 4428 FDResPub - ok
14:11:13.0657 4428 [ 655661BE46B5F5F3FD454E2C3095B930 ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
14:11:13.0672 4428 FileInfo - ok
14:11:13.0688 4428 [ 5F671AB5BC87EEA04EC38A6CD5962A47 ] Filetrace C:\Windows\system32\drivers\filetrace.sys
14:11:13.0750 4428 Filetrace - ok
14:11:13.0766 4428 [ C172A0F53008EAEB8EA33FE10E177AF5 ] flpydisk C:\Windows\system32\DRIVERS\flpydisk.sys
14:11:13.0797 4428 flpydisk - ok
14:11:13.0891 4428 [ DA6B67270FD9DB3697B20FCE94950741 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
14:11:13.0906 4428 FltMgr - ok
14:11:14.0031 4428 [ 5C4CB4086FB83115B153E47ADD961A0C ] FontCache C:\Windows\system32\FntCache.dll
14:11:14.0062 4428 FontCache - ok
14:11:14.0156 4428 [ A8B7F3818AB65695E3A0BB3279F6DCE6 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
14:11:14.0172 4428 FontCache3.0.0.0 - ok
14:11:14.0187 4428 [ D43703496149971890703B4B1B723EAC ] FsDepends C:\Windows\system32\drivers\FsDepends.sys
14:11:14.0218 4428 FsDepends - ok
14:11:14.0250 4428 [ 6BD9295CC032DD3077C671FCCF579A7B ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
14:11:14.0265 4428 Fs_Rec - ok
14:11:14.0359 4428 [ 1F7B25B858FA27015169FE95E54108ED ] fvevol C:\Windows\system32\DRIVERS\fvevol.sys
14:11:14.0390 4428 fvevol - ok
14:11:14.0452 4428 [ 8C778D335C9D272CFD3298AB02ABE3B6 ] gagp30kx C:\Windows\system32\DRIVERS\gagp30kx.sys
14:11:14.0484 4428 gagp30kx - ok
14:11:14.0546 4428 [ E403AACF8C7BB11375122D2464560311 ] GEARAspiWDM C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
14:11:14.0562 4428 GEARAspiWDM - ok
14:11:14.0718 4428 [ 277BBC7E1AA1EE957F573A10ECA7EF3A ] gpsvc C:\Windows\System32\gpsvc.dll
14:11:14.0764 4428 gpsvc - ok
14:11:14.0889 4428 [ 2ED7FF3E1ADA4092632393781518B3A7 ] grmnusb C:\Windows\system32\drivers\grmnusb.sys
14:11:14.0905 4428 grmnusb - ok
14:11:15.0061 4428 [ F02A533F517EB38333CB12A9E8963773 ] gupdate C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
14:11:15.0076 4428 gupdate - ok
14:11:15.0154 4428 [ F02A533F517EB38333CB12A9E8963773 ] gupdatem C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
14:11:15.0170 4428 gupdatem - ok
14:11:15.0186 4428 [ F2523EF6460FC42405B12248338AB2F0 ] hcw85cir C:\Windows\system32\drivers\hcw85cir.sys
14:11:15.0232 4428 hcw85cir - ok
14:11:15.0342 4428 [ 975761C778E33CD22498059B91E7373A ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
14:11:15.0373 4428 HdAudAddService - ok
14:11:15.0404 4428 [ 97BFED39B6B79EB12CDDBFEED51F56BB ] HDAudBus C:\Windows\system32\drivers\HDAudBus.sys
14:11:15.0435 4428 HDAudBus - ok
14:11:15.0466 4428 [ 78E86380454A7B10A5EB255DC44A355F ] HidBatt C:\Windows\system32\DRIVERS\HidBatt.sys
14:11:15.0482 4428 HidBatt - ok
14:11:15.0513 4428 [ 7FD2A313F7AFE5C4DAB14798C48DD104 ] HidBth C:\Windows\system32\DRIVERS\hidbth.sys
14:11:15.0560 4428 HidBth - ok
14:11:15.0591 4428 [ 0A77D29F311B88CFAE3B13F9C1A73825 ] HidIr C:\Windows\system32\DRIVERS\hidir.sys
14:11:15.0638 4428 HidIr - ok
14:11:15.0669 4428 [ BD9EB3958F213F96B97B1D897DEE006D ] hidserv C:\Windows\System32\hidserv.dll
14:11:15.0716 4428 hidserv - ok
14:11:15.0747 4428 [ 9592090A7E2B61CD582B612B6DF70536 ] HidUsb C:\Windows\system32\DRIVERS\hidusb.sys
14:11:15.0763 4428 HidUsb - ok
14:11:15.0794 4428 [ 387E72E739E15E3D37907A86D9FF98E2 ] hkmsvc C:\Windows\system32\kmsvc.dll
14:11:15.0888 4428 hkmsvc - ok
14:11:15.0919 4428 [ EFDFB3DD38A4376F93E7985173813ABD ] HomeGroupListener C:\Windows\system32\ListSvc.dll
14:11:15.0950 4428 HomeGroupListener - ok
14:11:15.0997 4428 [ 908ACB1F594274965A53926B10C81E89 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
14:11:16.0044 4428 HomeGroupProvider - ok
14:11:16.0075 4428 [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC ] HpSAMD C:\Windows\system32\drivers\HpSAMD.sys
14:11:16.0090 4428 HpSAMD - ok
14:11:16.0137 4428 [ 0EA7DE1ACB728DD5A369FD742D6EEE28 ] HTTP C:\Windows\system32\drivers\HTTP.sys
14:11:16.0200 4428 HTTP - ok
14:11:16.0231 4428 [ A5462BD6884960C9DC85ED49D34FF392 ] hwpolicy C:\Windows\system32\drivers\hwpolicy.sys
14:11:16.0246 4428 hwpolicy - ok
14:11:16.0309 4428 [ FA55C73D4AFFA7EE23AC4BE53B4592D3 ] i8042prt C:\Windows\system32\DRIVERS\i8042prt.sys
14:11:16.0324 4428 i8042prt - ok
14:11:16.0356 4428 [ AAAF44DB3BD0B9D1FB6969B23ECC8366 ] iaStorV C:\Windows\system32\drivers\iaStorV.sys
14:11:16.0387 4428 iaStorV - ok
14:11:16.0449 4428 [ 5988FC40F8DB5B0739CD1E3A5D0D78BD ] idsvc C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
14:11:16.0496 4428 idsvc - ok
14:11:16.0512 4428 [ 5C18831C61933628F5BB0EA2675B9D21 ] iirsp C:\Windows\system32\DRIVERS\iirsp.sys
14:11:16.0527 4428 iirsp - ok
14:11:16.0559 4428 [ FCD84C381E0140AF901E58D48882D26B ] IKEEXT C:\Windows\System32\ikeext.dll
14:11:16.0605 4428 IKEEXT - ok
14:11:16.0652 4428 [ C4E67D3037DC79E39D7136581A947F50 ] inspect C:\Windows\system32\DRIVERS\inspect.sys
14:11:16.0668 4428 inspect - ok
14:11:16.0699 4428 [ F00F20E70C6EC3AA366910083A0518AA ] intelide C:\Windows\system32\drivers\intelide.sys
14:11:16.0715 4428 intelide - ok
14:11:16.0746 4428 [ ADA036632C664CAA754079041CF1F8C1 ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys
14:11:16.0777 4428 intelppm - ok
14:11:16.0808 4428 [ 098A91C54546A3B878DAD6A7E90A455B ] IPBusEnum C:\Windows\system32\ipbusenum.dll
14:11:16.0855 4428 IPBusEnum - ok
14:11:16.0902 4428 [ C9F0E1BD74365A8771590E9008D22AB6 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
14:11:17.0058 4428 IpFilterDriver - ok
14:11:17.0214 4428 [ 08C2957BB30058E663720C5606885653 ] iphlpsvc C:\Windows\System32\iphlpsvc.dll
14:11:17.0245 4428 iphlpsvc - ok
14:11:17.0292 4428 [ 0FC1AEA580957AA8817B8F305D18CA3A ] IPMIDRV C:\Windows\system32\drivers\IPMIDrv.sys
14:11:17.0323 4428 IPMIDRV - ok
14:11:17.0339 4428 [ AF9B39A7E7B6CAA203B3862582E9F2D0 ] IPNAT C:\Windows\system32\drivers\ipnat.sys
14:11:17.0401 4428 IPNAT - ok
14:11:17.0463 4428 [ F8E8676D1B6B2CC12DF9AA6B1A43D929 ] iPod Service C:\Program Files\iPod\bin\iPodService.exe
14:11:17.0495 4428 iPod Service - ok
14:11:17.0526 4428 [ 3ABF5E7213EB28966D55D58B515D5CE9 ] IRENUM C:\Windows\system32\drivers\irenum.sys
14:11:18.0228 4428 IRENUM - ok
14:11:18.0275 4428 [ 2F7B28DC3E1183E5EB418DF55C204F38 ] isapnp C:\Windows\system32\drivers\isapnp.sys
14:11:18.0290 4428 isapnp - ok
14:11:18.0321 4428 [ D931D7309DEB2317035B07C9F9E6B0BD ] iScsiPrt C:\Windows\system32\drivers\msiscsi.sys
14:11:18.0353 4428 iScsiPrt - ok
14:11:18.0384 4428 [ BC02336F1CBA7DCC7D1213BB588A68A5 ] kbdclass C:\Windows\system32\DRIVERS\kbdclass.sys
14:11:18.0399 4428 kbdclass - ok
14:11:18.0415 4428 [ 0705EFF5B42A9DB58548EEC3B26BB484 ] kbdhid C:\Windows\system32\DRIVERS\kbdhid.sys
14:11:18.0446 4428 kbdhid - ok
14:11:18.0462 4428 [ C118A82CD78818C29AB228366EBF81C3 ] KeyIso C:\Windows\system32\lsass.exe
14:11:18.0477 4428 KeyIso - ok
14:11:18.0524 4428 [ 97A7070AEA4C058B6418519E869A63B4 ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
14:11:18.0540 4428 KSecDD - ok
14:11:18.0571 4428 [ 26C43A7C2862447EC59DEDA188D1DA07 ] KSecPkg C:\Windows\system32\Drivers\ksecpkg.sys
14:11:18.0602 4428 KSecPkg - ok
14:11:18.0633 4428 [ 6869281E78CB31A43E969F06B57347C4 ] ksthunk C:\Windows\system32\drivers\ksthunk.sys
14:11:18.0680 4428 ksthunk - ok
14:11:18.0743 4428 [ 6AB66E16AA859232F64DEB66887A8C9C ] KtmRm C:\Windows\system32\msdtckrm.dll
14:11:18.0789 4428 KtmRm - ok
14:11:18.0836 4428 [ D9F42719019740BAA6D1C6D536CBDAA6 ] LanmanServer C:\Windows\System32\srvsvc.dll
14:11:18.0883 4428 LanmanServer - ok
14:11:18.0914 4428 [ 851A1382EED3E3A7476DB004F4EE3E1A ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
14:11:18.0977 4428 LanmanWorkstation - ok
14:11:19.0023 4428 [ 1538831CF8AD2979A04C423779465827 ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys
14:11:19.0086 4428 lltdio - ok
14:11:19.0133 4428 [ C1185803384AB3FEED115F79F109427F ] lltdsvc C:\Windows\System32\lltdsvc.dll
14:11:19.0211 4428 lltdsvc - ok
14:11:19.0226 4428 [ F993A32249B66C9D622EA5592A8B76B8 ] lmhosts C:\Windows\System32\lmhsvc.dll
14:11:19.0273 4428 lmhosts - ok
14:11:19.0304 4428 [ 1A93E54EB0ECE102495A51266DCDB6A6 ] LSI_FC C:\Windows\system32\DRIVERS\lsi_fc.sys
14:11:19.0320 4428 LSI_FC - ok
14:11:19.0335 4428 [ 1047184A9FDC8BDBFF857175875EE810 ] LSI_SAS C:\Windows\system32\DRIVERS\lsi_sas.sys
14:11:19.0351 4428 LSI_SAS - ok
14:11:19.0351 4428 [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93 ] LSI_SAS2 C:\Windows\system32\DRIVERS\lsi_sas2.sys
14:11:19.0367 4428 LSI_SAS2 - ok
14:11:19.0382 4428 [ 0504EACAFF0D3C8AED161C4B0D369D4A ] LSI_SCSI C:\Windows\system32\DRIVERS\lsi_scsi.sys
14:11:19.0398 4428 LSI_SCSI - ok
14:11:19.0429 4428 [ 43D0F98E1D56CCDDB0D5254CFF7B356E ] luafv C:\Windows\system32\drivers\luafv.sys
14:11:19.0476 4428 luafv - ok
14:11:19.0601 4428 [ 0BE09CD858ABF9DF6ED259D57A1A1663 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll
14:11:19.0616 4428 Mcx2Svc - ok
14:11:19.0647 4428 [ A55805F747C6EDB6A9080D7C633BD0F4 ] megasas C:\Windows\system32\DRIVERS\megasas.sys
14:11:19.0647 4428 megasas - ok
14:11:19.0679 4428 [ BAF74CE0072480C3B6B7C13B2A94D6B3 ] MegaSR C:\Windows\system32\DRIVERS\MegaSR.sys
14:11:19.0694 4428 MegaSR - ok
14:11:19.0725 4428 [ E40E80D0304A73E8D269F7141D77250B ] MMCSS C:\Windows\system32\mmcss.dll
14:11:19.0772 4428 MMCSS - ok
14:11:19.0788 4428 [ 800BA92F7010378B09F9ED9270F07137 ] Modem C:\Windows\system32\drivers\modem.sys
14:11:19.0850 4428 Modem - ok
14:11:19.0866 4428 [ B03D591DC7DA45ECE20B3B467E6AADAA ] monitor C:\Windows\system32\DRIVERS\monitor.sys
14:11:19.0913 4428 monitor - ok
14:11:19.0928 4428 [ 7D27EA49F3C1F687D357E77A470AEA99 ] mouclass C:\Windows\system32\DRIVERS\mouclass.sys
14:11:19.0944 4428 mouclass - ok
14:11:19.0959 4428 [ D3BF052C40B0C4166D9FD86A4288C1E6 ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys
14:11:19.0991 4428 mouhid - ok
14:11:20.0022 4428 [ 32E7A3D591D671A6DF2DB515A5CBE0FA ] mountmgr C:\Windows\system32\drivers\mountmgr.sys
14:11:20.0053 4428 mountmgr - ok
14:11:20.0162 4428 [ 8C7336950F1E69CDFD811CBBD9CF00A2 ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
14:11:20.0193 4428 MozillaMaintenance - ok
14:11:20.0256 4428 [ A44B420D30BD56E145D6A2BC8768EC58 ] mpio C:\Windows\system32\drivers\mpio.sys
14:11:20.0271 4428 mpio - ok
14:11:20.0287 4428 [ 6C38C9E45AE0EA2FA5E551F2ED5E978F ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
14:11:20.0334 4428 mpsdrv - ok
14:11:20.0396 4428 [ 54FFC9C8898113ACE189D4AA7199D2C1 ] MpsSvc C:\Windows\system32\mpssvc.dll
14:11:20.0474 4428 MpsSvc - ok
14:11:20.0505 4428 [ DC722758B8261E1ABAFD31A3C0A66380 ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
14:11:20.0552 4428 MRxDAV - ok
14:11:20.0583 4428 [ A5D9106A73DC88564C825D317CAC68AC ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
14:11:20.0615 4428 mrxsmb - ok
14:11:20.0661 4428 [ D711B3C1D5F42C0C2415687BE09FC163 ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
14:11:20.0693 4428 mrxsmb10 - ok
14:11:20.0708 4428 [ 9423E9D355C8D303E76B8CFBD8A5C30C ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
14:11:20.0724 4428 mrxsmb20 - ok
14:11:20.0755 4428 [ C25F0BAFA182CBCA2DD3C851C2E75796 ] msahci C:\Windows\system32\drivers\msahci.sys
14:11:20.0771 4428 msahci - ok
14:11:20.0786 4428 [ DB801A638D011B9633829EB6F663C900 ] msdsm C:\Windows\system32\drivers\msdsm.sys
14:11:20.0802 4428 msdsm - ok
14:11:20.0817 4428 [ DE0ECE52236CFA3ED2DBFC03F28253A8 ] MSDTC C:\Windows\System32\msdtc.exe
14:11:20.0849 4428 MSDTC - ok
14:11:20.0895 4428 [ AA3FB40E17CE1388FA1BEDAB50EA8F96 ] Msfs C:\Windows\system32\drivers\Msfs.sys
14:11:20.0927 4428 Msfs - ok
14:11:20.0942 4428 [ F9D215A46A8B9753F61767FA72A20326 ] mshidkmdf C:\Windows\System32\drivers\mshidkmdf.sys
14:11:20.0989 4428 mshidkmdf - ok
14:11:21.0020 4428 [ D916874BBD4F8B07BFB7FA9B3CCAE29D ] msisadrv C:\Windows\system32\drivers\msisadrv.sys
14:11:21.0036 4428 msisadrv - ok
14:11:21.0051 4428 [ 808E98FF49B155C522E6400953177B08 ] MSiSCSI C:\Windows\system32\iscsiexe.dll
14:11:21.0114 4428 MSiSCSI - ok
14:11:21.0114 4428 msiserver - ok
14:11:21.0145 4428 [ 49CCF2C4FEA34FFAD8B1B59D49439366 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys
14:11:21.0192 4428 MSKSSRV - ok
14:11:21.0223 4428 [ BDD71ACE35A232104DDD349EE70E1AB3 ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys
14:11:21.0254 4428 MSPCLOCK - ok
14:11:21.0270 4428 [ 4ED981241DB27C3383D72092B618A1D0 ] MSPQM C:\Windows\system32\drivers\MSPQM.sys
14:11:21.0332 4428 MSPQM - ok
14:11:21.0379 4428 [ 759A9EEB0FA9ED79DA1FB7D4EF78866D ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
14:11:21.0395 4428 MsRPC - ok
14:11:21.0426 4428 [ 0EED230E37515A0EAEE3C2E1BC97B288 ] mssmbios C:\Windows\system32\drivers\mssmbios.sys
14:11:21.0426 4428 mssmbios - ok
14:11:21.0441 4428 [ 2E66F9ECB30B4221A318C92AC2250779 ] MSTEE C:\Windows\system32\drivers\MSTEE.sys
14:11:21.0488 4428 MSTEE - ok
14:11:21.0504 4428 [ 7EA404308934E675BFFDE8EDF0757BCD ] MTConfig C:\Windows\system32\DRIVERS\MTConfig.sys
14:11:21.0535 4428 MTConfig - ok
14:11:21.0597 4428 [ 19B006B181E3875FD254F7B67ACF1E7C ] MTsensor C:\Windows\system32\DRIVERS\ASACPI.sys
14:11:21.0613 4428 MTsensor - ok
14:11:21.0629 4428 [ F9A18612FD3526FE473C1BDA678D61C8 ] Mup C:\Windows\system32\Drivers\mup.sys
14:11:21.0644 4428 Mup - ok
14:11:21.0707 4428 [ 582AC6D9873E31DFA28A4547270862DD ] napagent C:\Windows\system32\qagentRT.dll
14:11:21.0769 4428 napagent - ok
14:11:21.0800 4428 [ 1EA3749C4114DB3E3161156FFFFA6B33 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys
14:11:21.0831 4428 NativeWifiP - ok
14:11:21.0878 4428 [ 760E38053BF56E501D562B70AD796B88 ] NDIS C:\Windows\system32\drivers\ndis.sys
14:11:21.0925 4428 NDIS - ok
14:11:21.0956 4428 [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC ] NdisCap C:\Windows\system32\DRIVERS\ndiscap.sys
14:11:22.0019 4428 NdisCap - ok
14:11:22.0050 4428 [ 30639C932D9FEF22B31268FE25A1B6E5 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys
14:11:22.0081 4428 NdisTapi - ok
14:11:22.0112 4428 [ 136185F9FB2CC61E573E676AA5402356 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys
14:11:22.0159 4428 Ndisuio - ok
14:11:22.0190 4428 [ 53F7305169863F0A2BDDC49E116C2E11 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys
14:11:22.0253 4428 NdisWan - ok
14:11:22.0268 4428 [ 015C0D8E0E0421B4CFD48CFFE2825879 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys
14:11:22.0315 4428 NDProxy - ok
14:11:22.0346 4428 [ 86743D9F5D2B1048062B14B1D84501C4 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys
14:11:22.0377 4428 NetBIOS - ok
14:11:22.0409 4428 [ 09594D1089C523423B32A4229263F068 ] NetBT C:\Windows\system32\DRIVERS\netbt.sys
14:11:22.0440 4428 NetBT - ok
14:11:22.0455 4428 [ C118A82CD78818C29AB228366EBF81C3 ] Netlogon C:\Windows\system32\lsass.exe
14:11:22.0471 4428 Netlogon - ok
14:11:22.0518 4428 [ 847D3AE376C0817161A14A82C8922A9E ] Netman C:\Windows\System32\netman.dll
14:11:22.0565 4428 Netman - ok
14:11:22.0611 4428 [ 5F28111C648F1E24F7DBC87CDEB091B8 ] netprofm C:\Windows\System32\netprofm.dll
14:11:22.0658 4428 netprofm - ok
14:11:22.0705 4428 [ 618C55B392238B9467F9113E13525C49 ] netr28ux C:\Windows\system32\DRIVERS\netr28ux.sys
14:11:22.0752 4428 netr28ux - ok
14:11:22.0799 4428 [ 3E5A36127E201DDF663176B66828FAFE ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe
14:11:22.0814 4428 NetTcpPortSharing - ok
14:11:22.0830 4428 [ 77889813BE4D166CDAB78DDBA990DA92 ] nfrd960 C:\Windows\system32\DRIVERS\nfrd960.sys
14:11:22.0845 4428 nfrd960 - ok
14:11:22.0877 4428 [ 8AD77806D336673F270DB31645267293 ] NlaSvc C:\Windows\System32\nlasvc.dll
14:11:22.0908 4428 NlaSvc - ok
14:11:22.0923 4428 [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7 ] Npfs C:\Windows\system32\drivers\Npfs.sys
14:11:22.0970 4428 Npfs - ok
14:11:22.0986 4428 [ D54BFDF3E0C953F823B3D0BFE4732528 ] nsi C:\Windows\system32\nsisvc.dll
14:11:23.0033 4428 nsi - ok
14:11:23.0033 4428 [ E7F5AE18AF4168178A642A9247C63001 ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys
14:11:23.0079 4428 nsiproxy - ok
14:11:23.0157 4428 [ E453ACF4E7D44E5530B5D5F2B9CA8563 ] Ntfs C:\Windows\system32\drivers\Ntfs.sys
14:11:23.0220 4428 Ntfs - ok
14:11:23.0235 4428 [ 9899284589F75FA8724FF3D16AED75C1 ] Null C:\Windows\system32\drivers\Null.sys
14:11:23.0267 4428 Null - ok
14:11:23.0282 4428 [ 0A92CB65770442ED0DC44834632F66AD ] nvraid C:\Windows\system32\drivers\nvraid.sys
14:11:23.0298 4428 nvraid - ok
14:11:23.0329 4428 [ DAB0E87525C10052BF65F06152F37E4A ] nvstor C:\Windows\system32\drivers\nvstor.sys
14:11:23.0345 4428 nvstor - ok
14:11:23.0376 4428 [ 270D7CD42D6E3979F6DD0146650F0E05 ] nv_agp C:\Windows\system32\drivers\nv_agp.sys
14:11:23.0391 4428 nv_agp - ok
14:11:23.0423 4428 [ 3589478E4B22CE21B41FA1BFC0B8B8A0 ] ohci1394 C:\Windows\system32\drivers\ohci1394.sys
14:11:23.0454 4428 ohci1394 - ok
14:11:23.0469 4428 [ 3EAC4455472CC2C97107B5291E0DCAFE ] p2pimsvc C:\Windows\system32\pnrpsvc.dll
14:11:23.0501 4428 p2pimsvc - ok
14:11:23.0547 4428 [ 927463ECB02179F88E4B9A17568C63C3 ] p2psvc C:\Windows\system32\p2psvc.dll
14:11:23.0563 4428 p2psvc - ok
14:11:23.0579 4428 [ 0086431C29C35BE1DBC43F52CC273887 ] Parport C:\Windows\system32\DRIVERS\parport.sys
14:11:23.0594 4428 Parport - ok
14:11:23.0625 4428 [ E9766131EEADE40A27DC27D2D68FBA9C ] partmgr C:\Windows\system32\drivers\partmgr.sys
14:11:23.0641 4428 partmgr - ok
14:11:23.0672 4428 [ 3AEAA8B561E63452C655DC0584922257 ] PcaSvc C:\Windows\System32\pcasvc.dll
14:11:23.0703 4428 PcaSvc - ok
14:11:23.0719 4428 [ 94575C0571D1462A0F70BDE6BD6EE6B3 ] pci C:\Windows\system32\drivers\pci.sys
14:11:23.0735 4428 pci - ok
14:11:23.0750 4428 [ B5B8B5EF2E5CB34DF8DCF8831E3534FA ] pciide C:\Windows\system32\drivers\pciide.sys
14:11:23.0766 4428 pciide - ok
14:11:23.0781 4428 [ B2E81D4E87CE48589F98CB8C05B01F2F ] pcmcia C:\Windows\system32\DRIVERS\pcmcia.sys
14:11:23.0813 4428 pcmcia - ok
14:11:23.0828 4428 [ D6B9C2E1A11A3A4B26A182FFEF18F603 ] pcw C:\Windows\system32\drivers\pcw.sys
14:11:23.0828 4428 pcw - ok
14:11:23.0859 4428 [ 68769C3356B3BE5D1C732C97B9A80D6E ] PEAUTH C:\Windows\system32\drivers\peauth.sys
14:11:23.0906 4428 PEAUTH - ok
14:11:23.0969 4428 [ B9B0A4299DD2D76A4243F75FD54DC680 ] PeerDistSvc C:\Windows\system32\peerdistsvc.dll
14:11:24.0031 4428 PeerDistSvc - ok
14:11:24.0109 4428 [ E495E408C93141E8FC72DC0C6046DDFA ] PerfHost C:\Windows\SysWow64\perfhost.exe
14:11:24.0140 4428 PerfHost - ok
14:11:24.0187 4428 [ C7CF6A6E137463219E1259E3F0F0DD6C ] pla C:\Windows\system32\pla.dll
14:11:24.0249 4428 pla - ok
14:11:24.0296 4428 [ 25FBDEF06C4D92815B353F6E792C8129 ] PlugPlay C:\Windows\system32\umpnpmgr.dll
14:11:24.0327 4428 PlugPlay - ok
14:11:24.0343 4428 [ 7195581CEC9BB7D12ABE54036ACC2E38 ] PNRPAutoReg C:\Windows\system32\pnrpauto.dll
14:11:24.0374 4428 PNRPAutoReg - ok
14:11:24.0405 4428 [ 3EAC4455472CC2C97107B5291E0DCAFE ] PNRPsvc C:\Windows\system32\pnrpsvc.dll
14:11:24.0421 4428 PNRPsvc - ok
14:11:24.0452 4428 [ 4F15D75ADF6156BF56ECED6D4A55C389 ] PolicyAgent C:\Windows\System32\ipsecsvc.dll
14:11:24.0499 4428 PolicyAgent - ok
14:11:24.0530 4428 [ 6BA9D927DDED70BD1A9CADED45F8B184 ] Power C:\Windows\system32\umpo.dll
14:11:24.0577 4428 Power - ok
14:11:24.0624 4428 [ F92A2C41117A11A00BE01CA01A7FCDE9 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys
14:11:24.0655 4428 PptpMiniport - ok
14:11:24.0671 4428 [ 0D922E23C041EFB1C3FAC2A6F943C9BF ] Processor C:\Windows\system32\DRIVERS\processr.sys
14:11:24.0702 4428 Processor - ok
14:11:24.0749 4428 [ 53E83F1F6CF9D62F32801CF66D8352A8 ] ProfSvc C:\Windows\system32\profsvc.dll
14:11:24.0764 4428 ProfSvc - ok
14:11:24.0764 4428 [ C118A82CD78818C29AB228366EBF81C3 ] ProtectedStorage C:\Windows\system32\lsass.exe
14:11:24.0780 4428 ProtectedStorage - ok
14:11:24.0858 4428 [ 0557CF5A2556BD58E26384169D72438D ] Psched C:\Windows\system32\DRIVERS\pacer.sys
14:11:24.0905 4428 Psched - ok
14:11:24.0951 4428 [ A53A15A11EBFD21077463EE2C7AFEEF0 ] ql2300 C:\Windows\system32\DRIVERS\ql2300.sys
14:11:25.0014 4428 ql2300 - ok
14:11:25.0045 4428 [ 4F6D12B51DE1AAEFF7DC58C4D75423C8 ] ql40xx C:\Windows\system32\DRIVERS\ql40xx.sys
14:11:25.0061 4428 ql40xx - ok
14:11:25.0092 4428 [ 906191634E99AEA92C4816150BDA3732 ] QWAVE C:\Windows\system32\qwave.dll
14:11:25.0123 4428 QWAVE - ok
14:11:25.0154 4428 [ 76707BB36430888D9CE9D705398ADB6C ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys
14:11:25.0217 4428 QWAVEdrv - ok
14:11:25.0232 4428 [ 5A0DA8AD5762FA2D91678A8A01311704 ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys
14:11:25.0279 4428 RasAcd - ok
14:11:25.0326 4428 [ 7ECFF9B22276B73F43A99A15A6094E90 ] RasAgileVpn C:\Windows\system32\DRIVERS\AgileVpn.sys
14:11:25.0373 4428 RasAgileVpn - ok
14:11:25.0388 4428 [ 8F26510C5383B8DBE976DE1CD00FC8C7 ] RasAuto C:\Windows\System32\rasauto.dll
14:11:25.0451 4428 RasAuto - ok
14:11:25.0497 4428 [ 471815800AE33E6F1C32FB1B97C490CA ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys
14:11:25.0544 4428 Rasl2tp - ok
14:11:25.0591 4428 [ EE867A0870FC9E4972BA9EAAD35651E2 ] RasMan C:\Windows\System32\rasmans.dll
14:11:25.0622 4428 RasMan - ok
14:11:25.0653 4428 [ 855C9B1CD4756C5E9A2AA58A15F58C25 ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys
14:11:25.0700 4428 RasPppoe - ok
14:11:25.0716 4428 [ E8B1E447B008D07FF47D016C2B0EEECB ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys
14:11:25.0763 4428 RasSstp - ok
14:11:25.0794 4428 [ 77F665941019A1594D887A74F301FA2F ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys
14:11:25.0841 4428 rdbss - ok
14:11:25.0856 4428 [ 302DA2A0539F2CF54D7C6CC30C1F2D8D ] rdpbus C:\Windows\system32\DRIVERS\rdpbus.sys
14:11:25.0887 4428 rdpbus - ok
14:11:25.0903 4428 [ CEA6CC257FC9B7715F1C2B4849286D24 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys
14:11:25.0950 4428 RDPCDD - ok
14:11:25.0981 4428 [ 1B6163C503398B23FF8B939C67747683 ] RDPDR C:\Windows\system32\drivers\rdpdr.sys
14:11:25.0997 4428 RDPDR - ok
14:11:26.0012 4428 [ BB5971A4F00659529A5C44831AF22365 ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys
14:11:26.0059 4428 RDPENCDD - ok
14:11:26.0075 4428 [ 216F3FA57533D98E1F74DED70113177A ] RDPREFMP C:\Windows\system32\drivers\rdprefmp.sys
14:11:26.0106 4428 RDPREFMP - ok
14:11:26.0153 4428 [ 70CBA1A0C98600A2AA1863479B35CB90 ] RdpVideoMiniport C:\Windows\system32\drivers\rdpvideominiport.sys
14:11:26.0184 4428 RdpVideoMiniport - ok
14:11:26.0215 4428 [ E61608AA35E98999AF9AAEEEA6114B0A ] RDPWD C:\Windows\system32\drivers\RDPWD.sys
14:11:26.0246 4428 RDPWD - ok
14:11:26.0277 4428 [ 34ED295FA0121C241BFEF24764FC4520 ] rdyboost C:\Windows\system32\drivers\rdyboost.sys
14:11:26.0293 4428 rdyboost - ok
14:11:26.0324 4428 [ 254FB7A22D74E5511C73A3F6D802F192 ] RemoteAccess C:\Windows\System32\mprdim.dll
14:11:26.0355 4428 RemoteAccess - ok
14:11:26.0387 4428 [ E4D94F24081440B5FC5AA556C7C62702 ] RemoteRegistry C:\Windows\system32\regsvc.dll
14:11:26.0433 4428 RemoteRegistry - ok
14:11:26.0465 4428 [ E4DC58CF7B3EA515AE917FF0D402A7BB ] RpcEptMapper C:\Windows\System32\RpcEpMap.dll
14:11:26.0511 4428 RpcEptMapper - ok
14:11:26.0543 4428 [ D5BA242D4CF8E384DB90E6A8ED850B8C ] RpcLocator C:\Windows\system32\locator.exe
14:11:26.0574 4428 RpcLocator - ok
14:11:26.0605 4428 [ 5C627D1B1138676C0A7AB2C2C190D123 ] RpcSs C:\Windows\System32\rpcss.dll
14:11:26.0636 4428 RpcSs - ok
14:11:26.0667 4428 [ DDC86E4F8E7456261E637E3552E804FF ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys
14:11:26.0699 4428 rspndr - ok
14:11:26.0730 4428 [ B49DC435AE3695BAC5623DD94B05732D ] RTL8167 C:\Windows\system32\DRIVERS\Rt64win7.sys
14:11:26.0761 4428 RTL8167 - ok
14:11:26.0777 4428 [ E60C0A09F997826C7627B244195AB581 ] s3cap C:\Windows\system32\drivers\vms3cap.sys
14:11:26.0808 4428 s3cap - ok
14:11:26.0823 4428 [ C118A82CD78818C29AB228366EBF81C3 ] SamSs C:\Windows\system32\lsass.exe
14:11:26.0839 4428 SamSs - ok
14:11:26.0886 4428 [ 5EFBBFCC6ADAC121C8E2FE76641ED329 ] SANDRA C:\Program Files\SiSoftware\SiSoftware Sandra Lite 2010c\WNt500x64\Sandra.sys
14:11:26.0901 4428 SANDRA - ok
14:11:26.0917 4428 [ 6E72B22D71A62B7C9162361E5FD0DE9D ] SandraAgentSrv C:\Program Files\SiSoftware\SiSoftware Sandra Lite 2010c\RpcAgentSrv.exe
14:11:26.0933 4428 SandraAgentSrv ( UnsignedFile.Multi.Generic ) - warning
14:11:26.0933 4428 SandraAgentSrv - detected UnsignedFile.Multi.Generic (1)
14:11:26.0964 4428 [ AC03AF3329579FFFB455AA2DAABBE22B ] sbp2port C:\Windows\system32\drivers\sbp2port.sys
14:11:26.0979 4428 sbp2port - ok
14:11:27.0011 4428 [ 9B7395789E3791A3B6D000FE6F8B131E ] SCardSvr C:\Windows\System32\SCardSvr.dll
14:11:27.0057 4428 SCardSvr - ok
14:11:27.0089 4428 [ 253F38D0D7074C02FF8DEB9836C97D2B ] scfilter C:\Windows\system32\DRIVERS\scfilter.sys
14:11:27.0135 4428 scfilter - ok
14:11:27.0167 4428 [ 262F6592C3299C005FD6BEC90FC4463A ] Schedule C:\Windows\system32\schedsvc.dll
14:11:27.0229 4428 Schedule - ok
14:11:27.0260 4428 [ F17D1D393BBC69C5322FBFAFACA28C7F ] SCPolicySvc C:\Windows\System32\certprop.dll
14:11:27.0291 4428 SCPolicySvc - ok
14:11:27.0323 4428 [ 6EA4234DC55346E0709560FE7C2C1972 ] SDRSVC C:\Windows\System32\SDRSVC.dll
14:11:27.0354 4428 SDRSVC - ok
14:11:27.0385 4428 [ 3EA8A16169C26AFBEB544E0E48421186 ] secdrv C:\Windows\system32\drivers\secdrv.sys
14:11:27.0416 4428 secdrv - ok
14:11:27.0447 4428 [ BC617A4E1B4FA8DF523A061739A0BD87 ] seclogon C:\Windows\system32\seclogon.dll
14:11:27.0494 4428 seclogon - ok
14:11:27.0525 4428 [ C32AB8FA018EF34C0F113BD501436D21 ] SENS C:\Windows\system32\sens.dll
14:11:27.0572 4428 SENS - ok
14:11:27.0588 4428 [ 0336CFFAFAAB87A11541F1CF1594B2B2 ] SensrSvc C:\Windows\system32\sensrsvc.dll
14:11:27.0619 4428 SensrSvc - ok
14:11:27.0635 4428 [ CB624C0035412AF0DEBEC78C41F5CA1B ] Serenum C:\Windows\system32\DRIVERS\serenum.sys
14:11:27.0666 4428 Serenum - ok
14:11:27.0681 4428 [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6 ] Serial C:\Windows\system32\DRIVERS\serial.sys
14:11:27.0697 4428 Serial - ok
14:11:27.0728 4428 [ 1C545A7D0691CC4A027396535691C3E3 ] sermouse C:\Windows\system32\DRIVERS\sermouse.sys
14:11:27.0759 4428 sermouse - ok
14:11:27.0791 4428 [ 0B6231BF38174A1628C4AC812CC75804 ] SessionEnv C:\Windows\system32\sessenv.dll
14:11:27.0837 4428 SessionEnv - ok
14:11:27.0869 4428 [ A554811BCD09279536440C964AE35BBF ] sffdisk C:\Windows\system32\drivers\sffdisk.sys
14:11:27.0900 4428 sffdisk - ok
14:11:27.0900 4428 [ FF414F0BAEFEBA59BC6C04B3DB0B87BF ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys
14:11:27.0931 4428 sffp_mmc - ok
14:11:27.0947 4428 [ DD85B78243A19B59F0637DCF284DA63C ] sffp_sd C:\Windows\system32\drivers\sffp_sd.sys
14:11:27.0978 4428 sffp_sd - ok
14:11:27.0993 4428 [ A9D601643A1647211A1EE2EC4E433FF4 ] sfloppy C:\Windows\system32\DRIVERS\sfloppy.sys
14:11:28.0025 4428 sfloppy - ok
14:11:28.0056 4428 [ B95F6501A2F8B2E78C697FEC401970CE ] SharedAccess C:\Windows\System32\ipnathlp.dll
14:11:28.0087 4428 SharedAccess - ok
14:11:28.0118 4428 [ AAF932B4011D14052955D4B212A4DA8D ] ShellHWDetection C:\Windows\System32\shsvcs.dll
14:11:28.0181 4428 ShellHWDetection - ok
14:11:28.0196 4428 [ 843CAF1E5FDE1FFD5FF768F23A51E2E1 ] SiSRaid2 C:\Windows\system32\DRIVERS\SiSRaid2.sys
14:11:28.0212 4428 SiSRaid2 - ok
14:11:28.0227 4428 [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4 ] SiSRaid4 C:\Windows\system32\DRIVERS\sisraid4.sys
14:11:28.0243 4428 SiSRaid4 - ok
14:11:28.0274 4428 [ 548260A7B8654E024DC30BF8A7C5BAA4 ] Smb C:\Windows\system32\DRIVERS\smb.sys
14:11:28.0305 4428 Smb - ok
14:11:28.0337 4428 [ 6313F223E817CC09AA41811DAA7F541D ] SNMPTRAP C:\Windows\System32\snmptrap.exe
14:11:28.0368 4428 SNMPTRAP - ok
14:11:28.0383 4428 [ B9E31E5CACDFE584F34F730A677803F9 ] spldr C:\Windows\system32\drivers\spldr.sys
14:11:28.0399 4428 spldr - ok
14:11:28.0430 4428 [ 85DAA09A98C9286D4EA2BA8D0E644377 ] Spooler C:\Windows\System32\spoolsv.exe
14:11:28.0461 4428 Spooler - ok
14:11:28.0555 4428 [ E17E0188BB90FAE42D83E98707EFA59C ] sppsvc C:\Windows\system32\sppsvc.exe
14:11:28.0617 4428 sppsvc - ok
14:11:28.0633 4428 [ 93D7D61317F3D4BC4F4E9F8A96A7DE45 ] sppuinotify C:\Windows\system32\sppuinotify.dll
14:11:28.0695 4428 sppuinotify - ok
14:11:28.0727 4428 [ 441FBA48BFF01FDB9D5969EBC1838F0B ] srv C:\Windows\system32\DRIVERS\srv.sys
14:11:28.0742 4428 srv - ok
14:11:28.0773 4428 [ B4ADEBBF5E3677CCE9651E0F01F7CC28 ] srv2 C:\Windows\system32\DRIVERS\srv2.sys
14:11:28.0789 4428 srv2 - ok
14:11:28.0805 4428 [ 27E461F0BE5BFF5FC737328F749538C3 ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys
14:11:28.0820 4428 srvnet - ok
14:11:28.0851 4428 [ 51B52FBD583CDE8AA9BA62B8B4298F33 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll
14:11:28.0898 4428 SSDPSRV - ok
14:11:28.0914 4428 [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB ] SstpSvc C:\Windows\system32\sstpsvc.dll
14:11:28.0961 4428 SstpSvc - ok
14:11:28.0976 4428 [ F3817967ED533D08327DC73BC4D5542A ] stexstor C:\Windows\system32\DRIVERS\stexstor.sys
14:11:28.0992 4428 stexstor - ok
14:11:29.0023 4428 [ 8DD52E8E6128F4B2DA92CE27402871C1 ] stisvc C:\Windows\System32\wiaservc.dll
14:11:29.0054 4428 stisvc - ok
14:11:29.0101 4428 [ 7785DC213270D2FC066538DAF94087E7 ] storflt C:\Windows\system32\drivers\vmstorfl.sys
14:11:29.0117 4428 storflt - ok
14:11:29.0148 4428 [ D34E4943D5AC096C8EDEEBFD80D76E23 ] storvsc C:\Windows\system32\drivers\storvsc.sys
14:11:29.0163 4428 storvsc - ok
14:11:29.0195 4428 [ D01EC09B6711A5F8E7E6564A4D0FBC90 ] swenum C:\Windows\system32\drivers\swenum.sys
14:11:29.0210 4428 swenum - ok
14:11:29.0241 4428 [ D294DB3E6B227BA511A454DF4B9A5856 ] swmsflt C:\Windows\System32\drivers\swmsflt.sys
14:11:29.0257 4428 swmsflt - ok
14:11:29.0288 4428 [ 7DAF66ED79A8EE340E6C22252A97DE08 ] SWMX00 C:\Windows\system32\DRIVERS\swmx00.sys
14:11:29.0304 4428 SWMX00 - ok
14:11:29.0335 4428 [ 4A827A6BE651DA66AA85D17726743BF5 ] SWNC5E00 C:\Windows\system32\DRIVERS\SWNC5E00.sys
14:11:29.0366 4428 SWNC5E00 - ok
14:11:29.0413 4428 [ E08E46FDD841B7184194011CA1955A0B ] swprv C:\Windows\System32\swprv.dll
14:11:29.0475 4428 swprv - ok
14:11:29.0475 4428 SWUMX20 - ok
14:11:29.0538 4428 Synth3dVsc - ok
14:11:29.0600 4428 [ BF9CCC0BF39B418C8D0AE8B05CF95B7D ] SysMain C:\Windows\system32\sysmain.dll
14:11:29.0647 4428 SysMain - ok
14:11:29.0678 4428 [ E3C61FD7B7C2557E1F1B0B4CEC713585 ] TabletInputService C:\Windows\System32\TabSvc.dll
14:11:29.0709 4428 TabletInputService - ok
14:11:29.0741 4428 [ 40F0849F65D13EE87B9A9AE3C1DD6823 ] TapiSrv C:\Windows\System32\tapisrv.dll
14:11:29.0803 4428 TapiSrv - ok
14:11:29.0819 4428 [ 1BE03AC720F4D302EA01D40F588162F6 ] TBS C:\Windows\System32\tbssvc.dll
14:11:29.0865 4428 TBS - ok
14:11:29.0928 4428 [ 37608401DFDB388CAF66917F6B2D6FB0 ] Tcpip C:\Windows\system32\drivers\tcpip.sys
14:11:30.0006 4428 Tcpip - ok
14:11:30.0068 4428 [ 37608401DFDB388CAF66917F6B2D6FB0 ] TCPIP6 C:\Windows\system32\DRIVERS\tcpip.sys
14:11:30.0099 4428 TCPIP6 - ok
14:11:30.0131 4428 [ 1B16D0BD9841794A6E0CDE0CEF744ABC ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys
14:11:30.0162 4428 tcpipreg - ok
14:11:30.0193 4428 [ 3371D21011695B16333A3934340C4E7C ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys
14:11:30.0224 4428 TDPIPE - ok
14:11:30.0240 4428 [ 51C5ECEB1CDEE2468A1748BE550CFBC8 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys
14:11:30.0271 4428 TDTCP - ok
14:11:30.0302 4428 [ DDAD5A7AB24D8B65F8D724F5C20FD806 ] tdx C:\Windows\system32\DRIVERS\tdx.sys
14:11:30.0333 4428 tdx - ok
14:11:30.0349 4428 [ 561E7E1F06895D78DE991E01DD0FB6E5 ] TermDD C:\Windows\system32\drivers\termdd.sys
14:11:30.0365 4428 TermDD - ok
14:11:30.0396 4428 [ 2E648163254233755035B46DD7B89123 ] TermService C:\Windows\System32\termsrv.dll
14:11:30.0443 4428 TermService - ok
14:11:30.0458 4428 [ F0344071948D1A1FA732231785A0664C ] Themes C:\Windows\system32\themeservice.dll
14:11:30.0489 4428 Themes - ok
14:11:30.0521 4428 [ E40E80D0304A73E8D269F7141D77250B ] THREADORDER C:\Windows\system32\mmcss.dll
14:11:30.0552 4428 THREADORDER - ok
14:11:30.0567 4428 [ 7E7AFD841694F6AC397E99D75CEAD49D ] TrkWks C:\Windows\System32\trkwks.dll
14:11:30.0614 4428 TrkWks - ok
14:11:30.0677 4428 [ 773212B2AAA24C1E31F10246B15B276C ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
14:11:30.0708 4428 TrustedInstaller - ok
14:11:30.0739 4428 [ CE18B2CDFC837C99E5FAE9CA6CBA5D30 ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys
14:11:30.0786 4428 tssecsrv - ok
14:11:30.0801 4428 [ D11C783E3EF9A3C52C0EBE83CC5000E9 ] TsUsbFlt C:\Windows\system32\drivers\tsusbflt.sys
14:11:30.0833 4428 TsUsbFlt - ok
14:11:30.0833 4428 tsusbhub - ok
14:11:30.0879 4428 [ 3566A8DAAFA27AF944F5D705EAA64894 ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys
14:11:30.0911 4428 tunnel - ok
14:11:30.0926 4428 [ B4DD609BD7E282BFC683CEC7EAAAAD67 ] uagp35 C:\Windows\system32\DRIVERS\uagp35.sys
14:11:30.0942 4428 uagp35 - ok
14:11:30.0973 4428 [ FF4232A1A64012BAA1FD97C7B67DF593 ] udfs C:\Windows\system32\DRIVERS\udfs.sys
14:11:31.0020 4428 udfs - ok
14:11:31.0051 4428 [ 3CBDEC8D06B9968ABA702EBA076364A1 ] UI0Detect C:\Windows\system32\UI0Detect.exe
14:11:31.0082 4428 UI0Detect - ok
14:11:31.0098 4428 [ 4BFE1BC28391222894CBF1E7D0E42320 ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys
14:11:31.0113 4428 uliagpkx - ok
14:11:31.0145 4428 [ DC54A574663A895C8763AF0FA1FF7561 ] umbus C:\Windows\system32\drivers\umbus.sys
14:11:31.0160 4428 umbus - ok
14:11:31.0176 4428 [ B2E8E8CB557B156DA5493BBDDCC1474D ] UmPass C:\Windows\system32\DRIVERS\umpass.sys
14:11:31.0207 4428 UmPass - ok
14:11:31.0223 4428 [ A293DCD756D04D8492A750D03B9A297C ] UmRdpService C:\Windows\System32\umrdp.dll
14:11:31.0254 4428 UmRdpService - ok
14:11:31.0285 4428 [ D47EC6A8E81633DD18D2436B19BAF6DE ] upnphost C:\Windows\System32\upnphost.dll
14:11:31.0347 4428 upnphost - ok
14:11:31.0394 4428 [ 54D4B48D443E7228BF64CF7CDC3118AC ] USBAAPL64 C:\Windows\system32\Drivers\usbaapl64.sys
14:11:31.0410 4428 USBAAPL64 - ok
14:11:31.0441 4428 [ 6F1A3157A1C89435352CEB543CDB359C ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys
14:11:31.0457 4428 usbccgp - ok
14:11:31.0488 4428 [ AF0892A803FDDA7492F595368E3B68E7 ] usbcir C:\Windows\system32\drivers\usbcir.sys
14:11:31.0503 4428 usbcir - ok
14:11:31.0519 4428 [ C025055FE7B87701EB042095DF1A2D7B ] usbehci C:\Windows\system32\DRIVERS\usbehci.sys
14:11:31.0550 4428 usbehci - ok
14:11:31.0581 4428 [ 287C6C9410B111B68B52CA298F7B8C24 ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys
14:11:31.0613 4428 usbhub - ok
14:11:31.0628 4428 [ 9840FC418B4CBD632D3D0A667A725C31 ] usbohci C:\Windows\system32\DRIVERS\usbohci.sys
14:11:31.0644 4428 usbohci - ok
14:11:31.0659 4428 [ 73188F58FB384E75C4063D29413CEE3D ] usbprint C:\Windows\system32\DRIVERS\usbprint.sys
14:11:31.0706 4428 usbprint - ok
14:11:31.0722 4428 [ FED648B01349A3C8395A5169DB5FB7D6 ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS
14:11:31.0753 4428 USBSTOR - ok
14:11:31.0769 4428 [ 62069A34518BCF9C1FD9E74B3F6DB7CD ] usbuhci C:\Windows\system32\drivers\usbuhci.sys
14:11:31.0784 4428 usbuhci - ok
14:11:31.0784 4428 [ EDBB23CBCF2CDF727D64FF9B51A6070E ] UxSms C:\Windows\System32\uxsms.dll
14:11:31.0847 4428 UxSms - ok
14:11:31.0862 4428 [ C118A82CD78818C29AB228366EBF81C3 ] VaultSvc C:\Windows\system32\lsass.exe
14:11:31.0878 4428 VaultSvc - ok
14:11:31.0909 4428 [ C5C876CCFC083FF3B128F933823E87BD ] vdrvroot C:\Windows\system32\drivers\vdrvroot.sys
14:11:31.0925 4428 vdrvroot - ok
14:11:31.0956 4428 [ 8D6B481601D01A456E75C3210F1830BE ] vds C:\Windows\System32\vds.exe
14:11:32.0034 4428 vds - ok
14:11:32.0049 4428 [ DA4DA3F5E02943C2DC8C6ED875DE68DD ] vga C:\Windows\system32\DRIVERS\vgapnp.sys
14:11:32.0081 4428 vga - ok
14:11:32.0081 4428 [ 53E92A310193CB3C03BEA963DE7D9CFC ] VgaSave C:\Windows\System32\drivers\vga.sys
14:11:32.0127 4428 VgaSave - ok
14:11:32.0159 4428 VGPU - ok
14:11:32.0190 4428 [ 2CE2DF28C83AEAF30084E1B1EB253CBB ] vhdmp C:\Windows\system32\drivers\vhdmp.sys
14:11:32.0205 4428 vhdmp - ok
14:11:32.0221 4428 [ E5689D93FFE4E5D66C0178761240DD54 ] viaide C:\Windows\system32\drivers\viaide.sys
14:11:32.0237 4428 viaide - ok
14:11:32.0268 4428 [ 86EA3E79AE350FEA5331A1303054005F ] vmbus C:\Windows\system32\drivers\vmbus.sys
14:11:32.0283 4428 vmbus - ok
14:11:32.0299 4428 [ 7DE90B48F210D29649380545DB45A187 ] VMBusHID C:\Windows\system32\drivers\VMBusHID.sys
14:11:32.0346 4428 VMBusHID - ok
14:11:32.0361 4428 [ D2AAFD421940F640B407AEFAAEBD91B0 ] volmgr C:\Windows\system32\drivers\volmgr.sys
14:11:32.0377 4428 volmgr - ok
14:11:32.0408 4428 [ A255814907C89BE58B79EF2F189B843B ] volmgrx C:\Windows\system32\drivers\volmgrx.sys
14:11:32.0439 4428 volmgrx - ok
14:11:32.0471 4428 [ 0D08D2F3B3FF84E433346669B5E0F639 ] volsnap C:\Windows\system32\drivers\volsnap.sys
14:11:32.0502 4428 volsnap - ok
14:11:32.0533 4428 [ 5E2016EA6EBACA03C04FEAC5F330D997 ] vsmraid C:\Windows\system32\DRIVERS\vsmraid.sys
14:11:32.0549 4428 vsmraid - ok
14:11:32.0767 4428 [ B60BA0BC31B0CB414593E169F6F21CC2 ] VSS C:\Windows\system32\vssvc.exe
14:11:32.0845 4428 VSS - ok
14:11:32.0861 4428 [ 36D4720B72B5C5D9CB2B9C29E9DF67A1 ] vwifibus C:\Windows\system32\DRIVERS\vwifibus.sys
14:11:32.0892 4428 vwifibus - ok
14:11:32.0923 4428 [ 6A3D66263414FF0D6FA754C646612F3F ] vwififlt C:\Windows\system32\DRIVERS\vwififlt.sys
14:11:32.0954 4428 vwififlt - ok
14:11:32.0985 4428 [ 1C9D80CC3849B3788048078C26486E1A ] W32Time C:\Windows\system32\w32time.dll
14:11:33.0063 4428 W32Time - ok
14:11:33.0095 4428 [ 4E9440F4F152A7B944CB1663D3935A3E ] WacomPen C:\Windows\system32\DRIVERS\wacompen.sys
14:11:33.0126 4428 WacomPen - ok
14:11:33.0157 4428 [ 356AFD78A6ED4457169241AC3965230C ] WANARP C:\Windows\system32\DRIVERS\wanarp.sys
14:11:33.0204 4428 WANARP - ok
14:11:33.0219 4428 [ 356AFD78A6ED4457169241AC3965230C ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys
14:11:33.0251 4428 Wanarpv6 - ok
14:11:33.0297 4428 [ 3CEC96DE223E49EAAE3651FCF8FAEA6C ] WatAdminSvc C:\Windows\system32\Wat\WatAdminSvc.exe
14:11:33.0360 4428 WatAdminSvc - ok
14:11:33.0438 4428 [ 78F4E7F5C56CB9716238EB57DA4B6A75 ] wbengine C:\Windows\system32\wbengine.exe
14:11:33.0500 4428 wbengine - ok
14:11:33.0516 4428 [ 3AA101E8EDAB2DB4131333F4325C76A3 ] WbioSrvc C:\Windows\System32\wbiosrvc.dll
14:11:33.0547 4428 WbioSrvc - ok
14:11:33.0609 4428 [ 7368A2AFD46E5A4481D1DE9D14848EDD ] wcncsvc C:\Windows\System32\wcncsvc.dll
14:11:33.0641 4428 wcncsvc - ok
14:11:33.0656 4428 [ 20F7441334B18CEE52027661DF4A6129 ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
14:11:33.0672 4428 WcsPlugInService - ok
14:11:33.0687 4428 [ 72889E16FF12BA0F235467D6091B17DC ] Wd C:\Windows\system32\DRIVERS\wd.sys
14:11:33.0703 4428 Wd - ok
14:11:33.0828 4428 [ 442783E2CB0DA19873B7A63833FF4CB4 ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys
14:11:33.0875 4428 Wdf01000 - ok
14:11:33.0890 4428 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiServiceHost C:\Windows\system32\wdi.dll
14:11:33.0921 4428 WdiServiceHost - ok
14:11:33.0921 4428 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiSystemHost C:\Windows\system32\wdi.dll
-
Gringo,
After running the programs in your first post I replied back that the lsass.exe process was running normal again. That was true for a short time, but as time went by the process started to increase its memory usage. Upon waking this morning it was back up to around 2.8 million K and my computer was really sluggish. I have run Combofix like you asked but the problem still persists.
ComboFix 12-12-30.01 - Webb 12/30/2012 8:00.1.2 - x64
Microsoft Windows 7 Ultimate 6.1.7601.1.1252.1.1033.18.4095.901 [GMT -6:00]
Running from: c:\users\Webb\Desktop\ComboFix.exe
AV: avast! Antivirus *Disabled/Updated* {2B2D1395-420B-D5C9-657E-930FE358FC3C}
FW: COMODO Firewall *Enabled* {7DB03214-694B-060B-1600-BD4715C36DBB}
SP: avast! Antivirus *Disabled/Updated* {904CF271-6431-DA47-5FCE-A87D98DFB681}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\programdata\xmlA717.tmp
c:\programdata\xmlAC94.tmp
c:\programdata\xmlB79D.tmp
c:\users\Webb\AppData\Local\Microsoft\Windows\Temporary Internet Files\install_flash_player_10_active_x.msi
.
.
((((((((((((((((((((((((( Files Created from 2012-11-28 to 2012-12-30 )))))))))))))))))))))))))))))))
.
.
2012-12-30 14:08 . 2012-12-30 14:08 -------- d-----w- c:\users\Default\AppData\Local\temp
2012-12-30 11:10 . 2012-12-30 11:10 76232 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{CBDA262E-5FCC-4B41-B1E7-7BEC5A2B2BA5}\offreg.dll
2012-12-29 03:03 . 2012-12-29 03:03 -------- d-----w- c:\users\Webb\AppData\Roaming\Malwarebytes
2012-12-29 03:03 . 2012-12-29 03:03 -------- d-----w- c:\programdata\Malwarebytes
2012-12-29 03:03 . 2012-12-29 03:03 -------- d-----w- c:\program files (x86)\Malwarebytes' Anti-Malware
2012-12-29 03:03 . 2012-12-14 22:49 24176 ----a-w- c:\windows\system32\drivers\mbam.sys
2012-12-29 03:02 . 2012-12-29 03:02 -------- d-----w- c:\users\Webb\AppData\Local\Programs
2012-12-28 18:41 . 2012-11-08 17:24 9125352 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{CBDA262E-5FCC-4B41-B1E7-7BEC5A2B2BA5}\mpengine.dll
2012-12-21 13:54 . 2012-12-21 13:56 -------- d-----w- c:\program files (x86)\Google
2012-12-21 09:00 . 2012-12-16 17:11 46080 ----a-w- c:\windows\system32\atmlib.dll
2012-12-21 09:00 . 2012-12-16 14:13 34304 ----a-w- c:\windows\SysWow64\atmlib.dll
2012-12-21 09:00 . 2012-12-16 14:45 367616 ----a-w- c:\windows\system32\atmfd.dll
2012-12-21 09:00 . 2012-12-16 14:13 295424 ----a-w- c:\windows\SysWow64\atmfd.dll
2012-12-11 19:07 . 2012-11-09 05:45 2048 ----a-w- c:\windows\system32\tzres.dll
2012-12-11 19:07 . 2012-11-09 04:42 2048 ----a-w- c:\windows\SysWow64\tzres.dll
2012-12-11 19:05 . 2012-10-04 16:47 274944 ----a-w- c:\windows\SysWow64\KernelBase.dll
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2012-12-12 11:13 . 2012-04-07 13:19 697272 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe
2012-12-12 11:13 . 2011-05-21 19:42 73656 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2012-12-12 09:01 . 2010-04-23 02:37 67413224 ----a-w- c:\windows\system32\MRT.exe
2012-11-07 23:38 . 2010-04-09 06:25 94288 ----a-w- c:\windows\system32\drivers\inspect.sys
2012-11-07 23:38 . 2010-04-09 06:25 38144 ----a-w- c:\windows\system32\drivers\cmdhlp.sys
2012-11-07 23:37 . 2010-04-09 06:25 584056 ----a-w- c:\windows\system32\drivers\cmdGuard.sys
2012-11-07 23:37 . 2010-04-09 06:25 22736 ----a-w- c:\windows\system32\drivers\cmderd.sys
2012-11-07 23:37 . 2012-01-18 13:15 41240 ----a-w- c:\windows\system32\cmdcsr.dll
2012-11-07 23:37 . 2010-04-09 06:26 301264 ----a-w- c:\windows\SysWow64\guard32.dll
2012-11-07 23:37 . 2010-04-09 06:26 390392 ----a-w- c:\windows\system32\guard64.dll
2012-10-30 23:51 . 2010-04-23 02:32 59728 ----a-w- c:\windows\system32\drivers\aswTdi.sys
2012-10-30 23:51 . 2011-03-09 01:52 984144 ----a-w- c:\windows\system32\drivers\aswSnx.sys
2012-10-30 23:51 . 2010-04-23 02:32 370288 ----a-w- c:\windows\system32\drivers\aswSP.sys
2012-10-30 23:51 . 2010-04-23 02:32 71600 ----a-w- c:\windows\system32\drivers\aswMonFlt.sys
2012-10-30 23:51 . 2010-04-23 02:32 25232 ----a-w- c:\windows\system32\drivers\aswFsBlk.sys
2012-10-30 23:51 . 2010-07-24 02:43 41224 ----a-w- c:\windows\avastSS.scr
2012-10-30 23:50 . 2010-04-23 02:31 227648 ----a-w- c:\windows\SysWow64\aswBoot.exe
2012-10-30 23:50 . 2011-02-13 22:36 285328 ----a-w- c:\windows\system32\aswBoot.exe
2012-10-19 15:29 . 2012-10-19 15:29 163056 ----a-w- c:\programdata\Microsoft\Windows\Sqm\Manifest\Sqm10142.bin
2012-10-19 11:18 . 2012-10-19 11:18 477168 ----a-w- c:\windows\SysWow64\npdeployJava1.dll
2012-10-19 11:18 . 2010-04-25 02:57 473072 ----a-w- c:\windows\SysWow64\deployJava1.dll
2012-10-16 08:38 . 2012-11-27 18:55 135168 ----a-w- c:\windows\apppatch\AppPatch64\AcXtrnal.dll
2012-10-16 08:38 . 2012-11-27 18:55 350208 ----a-w- c:\windows\apppatch\AppPatch64\AcLayers.dll
2012-10-16 07:39 . 2012-11-27 18:55 561664 ----a-w- c:\windows\apppatch\AcLayers.dll
2012-10-15 16:59 . 2012-04-07 13:20 54072 ----a-w- c:\windows\system32\drivers\aswRdr2.sys
2012-10-09 18:17 . 2012-11-14 10:50 55296 ----a-w- c:\windows\system32\dhcpcsvc6.dll
2012-10-09 18:17 . 2012-11-14 10:50 226816 ----a-w- c:\windows\system32\dhcpcore6.dll
2012-10-09 17:40 . 2012-11-14 10:50 44032 ----a-w- c:\windows\SysWow64\dhcpcsvc6.dll
2012-10-09 17:40 . 2012-11-14 10:50 193536 ----a-w- c:\windows\SysWow64\dhcpcore6.dll
2012-10-04 20:29 . 2012-03-15 06:40 737072 ----a-w- c:\programdata\Microsoft\eHome\Packages\SportsV2\SportsTemplateCore-2\Microsoft.MediaCenter.Sports.UI.dll
2012-10-04 20:28 . 2012-02-19 21:32 2876528 ----a-w- c:\programdata\Microsoft\eHome\Packages\MCEClientUX\UpdateableMarkup\markup.dll
2012-10-04 20:28 . 2012-02-19 21:32 42776 ----a-w- c:\programdata\Microsoft\eHome\Packages\MCEClientUX\dSM\StartResources.dll
2012-10-04 20:28 . 2012-02-19 21:32 539984 ----a-w- c:\programdata\Microsoft\eHome\Packages\MCESpotlight\MCESpotlight\SpotlightResources.dll
2012-10-04 16:40 . 2012-12-11 19:05 44032 ----a-w- c:\windows\apppatch\acwow64.dll
2012-10-03 17:56 . 2012-11-14 10:49 1914248 ----a-w- c:\windows\system32\drivers\tcpip.sys
2012-10-03 17:44 . 2012-11-14 10:49 70656 ----a-w- c:\windows\system32\nlaapi.dll
2012-10-03 17:44 . 2012-11-14 10:49 303104 ----a-w- c:\windows\system32\nlasvc.dll
2012-10-03 17:44 . 2012-11-14 10:49 246272 ----a-w- c:\windows\system32\netcorehc.dll
2012-10-03 17:44 . 2012-11-14 10:49 18944 ----a-w- c:\windows\system32\netevent.dll
2012-10-03 17:44 . 2012-11-14 10:49 216576 ----a-w- c:\windows\system32\ncsi.dll
2012-10-03 17:42 . 2012-11-14 10:49 569344 ----a-w- c:\windows\system32\iphlpsvc.dll
2012-10-03 16:42 . 2012-11-14 10:49 175104 ----a-w- c:\windows\SysWow64\netcorehc.dll
2012-10-03 16:42 . 2012-11-14 10:49 18944 ----a-w- c:\windows\SysWow64\netevent.dll
2012-10-03 16:42 . 2012-11-14 10:49 156672 ----a-w- c:\windows\SysWow64\ncsi.dll
2012-10-03 16:07 . 2012-11-14 10:49 45568 ----a-w- c:\windows\system32\drivers\tcpipreg.sys
2010-12-07 22:27 . 2010-11-21 17:11 331249 ----a-w- c:\program files (x86)\Clown_BD_v0.79.exe
.
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"gStart"="c:\program files (x86)\Garmin\gStart.exe" [2008-08-13 1891416]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"StartCCC"="c:\program files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2010-10-27 98304]
"QuickTime Task"="c:\program files (x86)\QuickTime\QTTask.exe" [2010-11-29 421888]
"iTunesHelper"="c:\program files (x86)\iTunes\iTunesHelper.exe" [2011-03-07 421160]
"WatcherHelper"="c:\program files (x86)\Sierra Wireless Inc\Watcher\WaHelper.exe" [2009-06-12 53248]
"Adobe Reader Speed Launcher"="c:\program files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2012-01-04 37296]
"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2012-01-02 843712]
"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2012-09-17 254896]
"avast"="c:\program files\Alwil Software\Avast5\avastUI.exe" [2012-10-30 4297136]
.
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"osk.exe"="osk.exe" [2009-07-14 646144]
"Application Restart 0"="c:\windows\System32\osk.exe" [2009-07-14 646144]
.
c:\users\Webb\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
ZvRemote.lnk - c:\program files (x86)\ZeeVee\ZvRemote\ZvRemote.exe [2010-2-10 1565944]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
Air Mouse.lnk - c:\program files (x86)\Air Mouse\Air Mouse\Air Mouse.exe [2010-6-27 1018856]
Media Browser Service.lnk - c:\program files (x86)\MediaBrowser\MediaBrowser\MediaBrowserService.exe [2012-1-14 135168]
Windows Home Server.lnk - c:\windows\Installer\{21E49794-7C13-4E84-8659-55BD378267D5}\WHSTrayApp.exe [2012-1-2 666992]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
"PromptOnSecureDesktop"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\windows]
"LoadAppInit_DLLs"=1 (0x1)
"AppInit_DLLs"=c:\windows\SysWOW64\guard32.dll
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\CLPSLS]
@="Service"
.
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys [2010-11-20 20992]
R3 SandraAgentSrv;SiSoftware Deployment Agent Service;c:\program files\SiSoftware\SiSoftware Sandra Lite 2010c\RpcAgentSrv.exe [2009-08-24 93336]
R3 Synth3dVsc;Synth3dVsc;c:\windows\system32\drivers\synth3dvsc.sys [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [2010-11-20 59392]
R3 tsusbhub;tsusbhub;c:\windows\system32\drivers\tsusbhub.sys [x]
R3 USBAAPL64;Apple Mobile USB Driver;c:\windows\system32\Drivers\usbaapl64.sys [2011-02-18 51712]
R3 VGPU;VGPU;c:\windows\system32\drivers\rdvgkmd.sys [x]
R3 WatAdminSvc;Windows Activation Technologies Service;c:\windows\system32\Wat\WatAdminSvc.exe [2010-04-23 1255736]
R4 wlcrasvc;Windows Live Mesh remote connections service;c:\program files\Windows Live\Mesh\wlcrasvc.exe [2010-09-23 57184]
S1 aswSnx;aswSnx; [x]
S1 aswSP;aswSP; [x]
S1 cmdGuard;COMODO Internet Security Sandbox Driver;c:\windows\system32\DRIVERS\cmdguard.sys [2012-11-07 584056]
S1 cmdHlp;COMODO Internet Security Helper Driver;c:\windows\system32\DRIVERS\cmdhlp.sys [2012-11-07 38144]
S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe [2010-10-27 203776]
S2 arXfrSvc;Windows Media Center TV Archive Transfer Service;c:\program files\Windows Home Server\Microsoft.HomeServer.Archive.TransferService.exe [2011-01-10 231280]
S2 aswFsBlk;aswFsBlk; [x]
S2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys [2012-10-30 71600]
S2 CLPSLS;COMODO livePCsupport Service;c:\program files (x86)\COMODO\COMODO livePCsupport\CLPSLS.exe [2010-02-19 148744]
S2 esClient;Windows Media Center Client Service;c:\program files\Windows Home Server\esClient.exe [2011-01-10 109936]
S2 WHSConnector;Windows Home Server Connector Service;c:\program files\Windows Home Server\WHSConnector.exe [2011-01-10 489840]
S3 AtiHDAudioService;ATI Function Driver for HD Audio Service;c:\windows\system32\drivers\AtihdW76.sys [2010-09-24 116752]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys [2009-05-22 215040]
.
.
Contents of the 'Scheduled Tasks' folder
.
2012-12-30 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-04-07 11:13]
.
2012-12-30 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2012-12-21 13:54]
.
2012-12-30 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2012-12-21 13:54]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]
@="{472083B0-C522-11CF-8763-00608CC02F24}"
[HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]
2012-10-30 23:50 133400 ----a-w- c:\program files\Alwil Software\Avast5\ashShA64.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"COMODO Internet Security"="c:\program files\COMODO\COMODO Internet Security\cfp.exe" [2012-11-07 9577680]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLs"=c:\windows\System32\guard64.dll
.
------- Supplementary Scan -------
.
uLocal Page = c:\windows\system32\blank.htm
mLocal Page = c:\windows\SysWOW64\blank.htm
uInternet Settings,ProxyOverride = *.local
TCP: DhcpNameServer = 192.168.1.1
FF - ProfilePath - c:\users\Webb\AppData\Roaming\Mozilla\Firefox\Profiles\ek5gyir8.default\
FF - prefs.js: browser.startup.homepage - www.google.com
.
- - - - ORPHANS REMOVED - - - -
.
URLSearchHooks-{bf7380fa-e3b4-4db2-af3e-9d8783a45bfc} - (no file)
Wow6432Node-HKLM-Run-AirCardEnabler - (no file)
.
.
.
--------------------- LOCKED REGISTRY KEYS ---------------------
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_5_502_135_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_5_502_135_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_5_502_135_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_5_502_135_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_5_502_135.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.11"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_5_502_135.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_5_502_135.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_5_502_135.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Completion time: 2012-12-30 08:11:09
ComboFix-quarantined-files.txt 2012-12-30 14:11
.
Pre-Run: 99,370,250,240 bytes free
Post-Run: 99,080,904,704 bytes free
.
- - End Of File - - 8E977CADB4359AFEAC8BC7F2C3078E16
-
Gringo,
Thank you for the reply. I ran the programs you asked and as of now the lsass.exe process is not eating up the memory it was (currently using 5800K). Here are the logs:
Results of screen317's Security Check version 0.99.56
Windows 7 Service Pack 1 x64 (UAC is disabled!)
Internet Explorer 8 Out of date!
``````````````Antivirus/Firewall Check:``````````````
Windows Firewall Enabled!
Windows Firewall Disabled!
avast! Antivirus
Antivirus up to date!
`````````Anti-malware/Other Utilities Check:`````````
Malwarebytes Anti-Malware version 1.70.0.1100
Java 6 Update 37
Java version out of Date!
Adobe Flash Player 11.5.502.135
Adobe Reader 9 Adobe Reader out of Date!
Mozilla Firefox (17.0.1)
Google Chrome 23.0.1271.97
````````Process Check: objlist.exe by Laurent````````
Comodo Firewall cmdagent.exe
Comodo Firewall cfp.exe
Alwil Software Avast5 AvastSvc.exe
Alwil Software Avast5 AvastUI.exe
`````````````````System Health check`````````````````
Total Fragmentation on Drive C: 0%
````````````````````End of Log``````````````````````
# AdwCleaner v2.104 - Logfile created 12/29/2012 at 15:52:43
# Updated 29/12/2012 by Xplode
# Operating system : Windows 7 Ultimate Service Pack 1 (64 bits)
# User : Webb - HTPC
# Boot Mode : Normal
# Running from : C:\Users\Webb\Desktop\adwcleaner.exe
# Option [Delete]
***** [services] *****
***** [Files / Folders] *****
File Deleted : C:\Windows\SysWOW64\conduitEngine.tmp
Folder Deleted : C:\Users\Webb\AppData\Local\Conduit
Folder Deleted : C:\Users\Webb\AppData\Local\Google\Chrome\User Data\Default\Extensions\bejbohlohkkgompgecdcbbglkpjfjgdj
Folder Deleted : C:\Users\Webb\AppData\LocalLow\Conduit
Folder Deleted : C:\Users\Webb\AppData\Roaming\Mozilla\Firefox\Profiles\ek5gyir8.default\Conduit
Folder Deleted : C:\Users\Webb\AppData\Roaming\Mozilla\Firefox\Profiles\ek5gyir8.default\ConduitCommon
Folder Deleted : C:\Users\Webb\AppData\Roaming\Mozilla\Firefox\Profiles\ek5gyir8.default\ConduitEngine
Folder Deleted : C:\Users\Webb\AppData\Roaming\Mozilla\Firefox\Profiles\ek5gyir8.default\CT2786678
Folder Deleted : C:\Users\Webb\AppData\Roaming\Mozilla\Firefox\Profiles\ek5gyir8.default\extensions\{bf7380fa-e3b4-4db2-af3e-9d8783a45bfc}
Folder Deleted : C:\Users\Webb\AppData\Roaming\Mozilla\Firefox\Profiles\ek5gyir8.default\extensions\engine@conduit.com
***** [Registry] *****
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{AFDBDDAA-5D3F-42EE-B79C-185A7020515B}
Key Deleted : HKLM\SOFTWARE\Classes\Conduit.Engine
Key Deleted : HKLM\SOFTWARE\Classes\Toolbar.CT2786678
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\bejbohlohkkgompgecdcbbglkpjfjgdj
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{AFDBDDAA-5D3F-42EE-B79C-185A7020515B}
***** [internet Browsers] *****
-\\ Internet Explorer v8.0.7601.17514
[OK] Registry is clean.
-\\ Mozilla Firefox v17.0.1 (en-US)
File : C:\Users\Webb\AppData\Roaming\Mozilla\Firefox\Profiles\ek5gyir8.default\prefs.js
Deleted : user_pref("CT2786678..clientLogIsEnabled", false);
Deleted : user_pref("CT2786678..clientLogServiceUrl", "hxxp://clientlog.users.conduit.com/ClientDiagnostics.as[...]
Deleted : user_pref("CT2786678..uninstallLogServiceUrl", "hxxp://uninstall.users.conduit.com/Uninstall.asmx/Re[...]
Deleted : user_pref("CT2786678.ALLOW_SHOWING_HIDDEN_TOOLBAR", false);
Deleted : user_pref("CT2786678.AboutPrivacyUrl", "hxxp://www.conduit.com/privacy/Default.aspx");
Deleted : user_pref("CT2786678.AppTrackingLastCheckTime", "Sat Jul 02 2011 07:21:15 GMT-0500 (Central Daylight[...]
Deleted : user_pref("CT2786678.BrowserCompStateIsOpen_129579220236217502", true);
Deleted : user_pref("CT2786678.CTID", "CT2786678");
Deleted : user_pref("CT2786678.CurrentServerDate", "29-12-2012");
Deleted : user_pref("CT2786678.DialogsAlignMode", "LTR");
Deleted : user_pref("CT2786678.DialogsGetterLastCheckTime", "Fri Dec 28 2012 20:56:22 GMT-0600 (Central Standa[...]
Deleted : user_pref("CT2786678.DownloadReferralCookieData", "");
Deleted : user_pref("CT2786678.EMailNotifierPollDate", "Fri Jul 01 2011 18:17:12 GMT-0500 (Central Daylight Ti[...]
Deleted : user_pref("CT2786678.FeedLastCount5690698542593514850", 159);
Deleted : user_pref("CT2786678.FeedPollDate2429156812186649977", "Fri Jul 01 2011 18:17:13 GMT-0500 (Central D[...]
Deleted : user_pref("CT2786678.FeedPollDate2429156813040823546", "Fri Jul 01 2011 18:17:13 GMT-0500 (Central D[...]
Deleted : user_pref("CT2786678.FeedPollDate2429156813130095866", "Fri Jul 01 2011 18:17:13 GMT-0500 (Central D[...]
Deleted : user_pref("CT2786678.FeedPollDate2429156813224203613", "Fri Jul 01 2011 18:17:13 GMT-0500 (Central D[...]
Deleted : user_pref("CT2786678.FeedPollDate2429156813230837251", "Fri Jul 01 2011 18:17:13 GMT-0500 (Central D[...]
Deleted : user_pref("CT2786678.FeedPollDate2429156813454291735", "Fri Jul 01 2011 18:17:13 GMT-0500 (Central D[...]
Deleted : user_pref("CT2786678.FeedPollDate2429156813729834876", "Fri Jul 01 2011 18:17:13 GMT-0500 (Central D[...]
Deleted : user_pref("CT2786678.FeedPollDate2429156813860870021", "Fri Jul 01 2011 18:17:14 GMT-0500 (Central D[...]
Deleted : user_pref("CT2786678.FeedPollDate2429156814264681793", "Fri Jul 01 2011 18:17:13 GMT-0500 (Central D[...]
Deleted : user_pref("CT2786678.FeedPollDate2429156814863075366", "Fri Jul 01 2011 18:17:13 GMT-0500 (Central D[...]
Deleted : user_pref("CT2786678.FeedPollDate2429156815257761081", "Fri Jul 01 2011 18:17:13 GMT-0500 (Central D[...]
Deleted : user_pref("CT2786678.FeedTTL2429156813040823546", 15);
Deleted : user_pref("CT2786678.FeedTTL2429156813130095866", 10);
Deleted : user_pref("CT2786678.FeedTTL2429156813454291735", 5);
Deleted : user_pref("CT2786678.FeedTTL2429156814264681793", 5);
Deleted : user_pref("CT2786678.FirstServerDate", "2-7-2011");
Deleted : user_pref("CT2786678.FirstTime", true);
Deleted : user_pref("CT2786678.FirstTimeFF3", true);
Deleted : user_pref("CT2786678.FixPageNotFoundErrors", false);
Deleted : user_pref("CT2786678.GroupingServerCheckInterval", 1440);
Deleted : user_pref("CT2786678.GroupingServiceUrl", "hxxp://grouping.services.conduit.com/");
Deleted : user_pref("CT2786678.HasUserGlobalKeys", true);
Deleted : user_pref("CT2786678.HomePageProtectorEnabled", false);
Deleted : user_pref("CT2786678.Initialize", true);
Deleted : user_pref("CT2786678.InitializeCommonPrefs", true);
Deleted : user_pref("CT2786678.InstallationAndCookieDataSentCount", 3);
Deleted : user_pref("CT2786678.InstallationType", "UnknownIntegration");
Deleted : user_pref("CT2786678.InstalledDate", "Fri Jul 01 2011 18:17:12 GMT-0500 (Central Daylight Time)");
Deleted : user_pref("CT2786678.IsAlertDBUpdated", true);
Deleted : user_pref("CT2786678.IsGrouping", false);
Deleted : user_pref("CT2786678.IsInitSetupIni", true);
Deleted : user_pref("CT2786678.IsMulticommunity", false);
Deleted : user_pref("CT2786678.IsOpenThankYouPage", true);
Deleted : user_pref("CT2786678.IsOpenUninstallPage", false);
Deleted : user_pref("CT2786678.LanguagePackLastCheckTime", "Fri Dec 28 2012 20:56:20 GMT-0600 (Central Standar[...]
Deleted : user_pref("CT2786678.LanguagePackReloadIntervalMM", 1440);
Deleted : user_pref("CT2786678.LanguagePackServiceUrl", "hxxp://translation.users.conduit.com/Translation.ashx[...]
Deleted : user_pref("CT2786678.LastLogin_3.13.0.6", "Tue Sep 18 2012 20:15:12 GMT-0500 (Central Daylight Time)[...]
Deleted : user_pref("CT2786678.LastLogin_3.15.1.0", "Sat Dec 29 2012 13:44:30 GMT-0600 (Central Standard Time)[...]
Deleted : user_pref("CT2786678.LastLogin_3.5.0.12", "Sat Jul 02 2011 07:21:05 GMT-0500 (Central Daylight Time)[...]
Deleted : user_pref("CT2786678.LatestVersion", "3.16.0.3");
Deleted : user_pref("CT2786678.Locale", "en");
Deleted : user_pref("CT2786678.MCDetectTooltipHeight", "83");
Deleted : user_pref("CT2786678.MCDetectTooltipShow", false);
Deleted : user_pref("CT2786678.MCDetectTooltipUrl", "hxxp://@EB_INSTALL_LINK@/rank/tooltip/?version=1");
Deleted : user_pref("CT2786678.MCDetectTooltipWidth", "295");
Deleted : user_pref("CT2786678.MyStuffEnabledAtInstallation", true);
Deleted : user_pref("CT2786678.OriginalFirstVersion", "3.5.0.12");
Deleted : user_pref("CT2786678.SearchEngineBeforeUnload", "chrome://browser-region/locale/region.properties");
Deleted : user_pref("CT2786678.SearchFromAddressBarIsInit", true);
Deleted : user_pref("CT2786678.SearchFromAddressBarUrl", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT278[...]
Deleted : user_pref("CT2786678.SearchInNewTabEnabled", true);
Deleted : user_pref("CT2786678.SearchInNewTabIntervalMM", 1440);
Deleted : user_pref("CT2786678.SearchInNewTabLastCheckTime", "Fri Dec 28 2012 20:56:17 GMT-0600 (Central Stand[...]
Deleted : user_pref("CT2786678.SearchInNewTabServiceUrl", "hxxp://newtab.conduit-hosting.com/newtab/?ctid=EB_T[...]
Deleted : user_pref("CT2786678.SearchInNewTabUsageUrl", "hxxp://Usage.Hosting.conduit-services.com/UsageServic[...]
Deleted : user_pref("CT2786678.SearchInNewTabUserEnabled", false);
Deleted : user_pref("CT2786678.SearchProtectorEnabled", false);
Deleted : user_pref("CT2786678.SearchProtectorToolbarDisabled", false);
Deleted : user_pref("CT2786678.ServiceMapLastCheckTime", "Fri Dec 28 2012 20:56:18 GMT-0600 (Central Standard [...]
Deleted : user_pref("CT2786678.SettingsLastCheckTime", "Sat Dec 29 2012 09:44:28 GMT-0600 (Central Standard Ti[...]
Deleted : user_pref("CT2786678.SettingsLastUpdate", "1356550082");
Deleted : user_pref("CT2786678.ThirdPartyComponentsInterval", 504);
Deleted : user_pref("CT2786678.ThirdPartyComponentsLastCheck", "Fri Jul 01 2011 18:17:11 GMT-0500 (Central Day[...]
Deleted : user_pref("CT2786678.ThirdPartyComponentsLastUpdate", "1246786978");
Deleted : user_pref("CT2786678.ToolbarShrinkedFromSetup", false);
Deleted : user_pref("CT2786678.TrusteLinkUrl", "hxxp://trust.conduit.com/CT2786678");
Deleted : user_pref("CT2786678.TrustedApiDomains", "conduit.com,conduit-hosting.com,conduit-services.com,clien[...]
Deleted : user_pref("CT2786678.UserID", "UN21299609397261965");
Deleted : user_pref("CT2786678.WeatherNetwork", "");
Deleted : user_pref("CT2786678.WeatherPollDate", "Fri Jul 01 2011 18:17:13 GMT-0500 (Central Daylight Time)");
Deleted : user_pref("CT2786678.WeatherUnit", "F");
Deleted : user_pref("CT2786678.alertChannelId", "1178763");
Deleted : user_pref("CT2786678.approveUntrustedApps", false);
Deleted : user_pref("CT2786678.backendstorage.scriptsource", "687474703A2F2F3132372E302E302E313A31303030302F67[...]
Deleted : user_pref("CT2786678.backendstorage.url_history", "687474703A2F2F69736F68756E742E636F6D2F746F7272656[...]
Deleted : user_pref("CT2786678.backendstorage.url_history_time", "31333039353632363232383137");
Deleted : user_pref("CT2786678.components.1000034", false);
Deleted : user_pref("CT2786678.components.1000234", false);
Deleted : user_pref("CT2786678.components.129295698017012804", false);
Deleted : user_pref("CT2786678.components.129309485163350924", false);
Deleted : user_pref("CT2786678.components.129309489763975460", false);
Deleted : user_pref("CT2786678.components.129315411424256896", false);
Deleted : user_pref("CT2786678.components.129513460540910967", false);
Deleted : user_pref("CT2786678.components.129526967958500204", false);
Deleted : user_pref("CT2786678.components.5690698542593514850", false);
Deleted : user_pref("CT2786678.generalConfigFromLogin", "{\"ApiMaxAlerts\":\"12\",\"SocialDomains\":\"social.c[...]
Deleted : user_pref("CT2786678.globalFirstTimeInfoLastCheckTime", "Sat Jul 02 2011 07:21:05 GMT-0500 (Central [...]
Deleted : user_pref("CT2786678.homepageProtectorEnableByLogin", true);
Deleted : user_pref("CT2786678.initDone", true);
Deleted : user_pref("CT2786678.isAppTrackingManagerOn", true);
Deleted : user_pref("CT2786678.myStuffEnabled", true);
Deleted : user_pref("CT2786678.myStuffPublihserMinWidth", 400);
Deleted : user_pref("CT2786678.myStuffSearchUrl", "hxxp://Apps.conduit.com/search?q=SEARCH_TERM&SearchSourceOr[...]
Deleted : user_pref("CT2786678.myStuffServiceIntervalMM", 1440);
Deleted : user_pref("CT2786678.myStuffServiceUrl", "hxxp://mystuff.conduit-services.com/MyStuffService.ashx?Co[...]
Deleted : user_pref("CT2786678.oldAppsList", "129295695672325902,129295695672325903,111,1000234,12929569801701[...]
Deleted : user_pref("CT2786678.revertSettingsEnabled", false);
Deleted : user_pref("CT2786678.searchProtectorDialogDelayInSec", 10);
Deleted : user_pref("CT2786678.searchProtectorEnableByLogin", true);
Deleted : user_pref("CT2786678.testingCtid", "");
Deleted : user_pref("CT2786678.toolbarAppMetaDataLastCheckTime", "Fri Dec 28 2012 20:56:18 GMT-0600 (Central S[...]
Deleted : user_pref("CT2786678.toolbarContextMenuLastCheckTime", "Fri Jul 01 2011 18:17:13 GMT-0500 (Central D[...]
Deleted : user_pref("CT2786678.usagesFlag", 2);
Deleted : user_pref("CommunityToolbar.ETag.hxxp://Settings.toolbar.search.conduit.com/root/CT2786678/CT2786678[...]
Deleted : user_pref("CommunityToolbar.ETag.hxxp://alerts.conduit-services.com/root/1178763/1174448/US", "\"0\"[...]
Deleted : user_pref("CommunityToolbar.ETag.hxxp://alerts.conduit-services.com/root/909619/905414/US", "\"0\"")[...]
Deleted : user_pref("CommunityToolbar.ETag.hxxp://appsmetadata.toolbar.conduit-services.com/?ctid=CT2786678", [...]
Deleted : user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-services.com/?name=GottenApps&lo[...]
Deleted : user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-services.com/?name=OtherApps&loc[...]
Deleted : user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-services.com/?name=SharedApps&lo[...]
Deleted : user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-services.com/?name=Toolbar&local[...]
Deleted : user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.alert.conduit-services.com/alert/dlg.pkg", "\[...]
Deleted : user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.engine.conduit-services.com/DLG.pkg?ver=3.3.3[...]
Deleted : user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.toolbar.conduit-services.com/DLG.pkg?ver=3.13[...]
Deleted : user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.toolbar.conduit-services.com/DLG.pkg?ver=3.15[...]
Deleted : user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.toolbar.conduit-services.com/DLG.pkg?ver=3.5.[...]
Deleted : user_pref("CommunityToolbar.ETag.hxxp://servicemap.conduit-services.com/Toolbar/?ownerId=CT2786678",[...]
Deleted : user_pref("CommunityToolbar.ETag.hxxp://settings.engine.conduit-services.com/?browser=FF&lut=0", "63[...]
Deleted : user_pref("CommunityToolbar.ETag.hxxp://settings.engine.conduit-services.com/?browser=FF&lut=3/13/20[...]
Deleted : user_pref("CommunityToolbar.ETag.hxxp://settings.toolbar.search.conduit.com/root/CT2786678/CT2786678[...]
Deleted : user_pref("CommunityToolbar.ETag.hxxp://translation.toolbar.conduit-services.com/?locale=en", "\"bb9[...]
Deleted : user_pref("CommunityToolbar.EngineOwner", "ConduitEngine");
Deleted : user_pref("CommunityToolbar.EngineOwnerGuid", "engine@conduit.com");
Deleted : user_pref("CommunityToolbar.EngineOwnerToolbarId", "conduitengine");
Deleted : user_pref("CommunityToolbar.IsEngineShown", true);
Deleted : user_pref("CommunityToolbar.IsMyStuffImportedToEngine", true);
Deleted : user_pref("CommunityToolbar.LatestLibsPath", "file:///C:\\Users\\Webb\\AppData\\Roaming\\Mozilla\\Fi[...]
Deleted : user_pref("CommunityToolbar.LatestToolbarVersionInstalled", "3.5.0.12");
Deleted : user_pref("CommunityToolbar.OriginalEngineOwner", "ConduitEngine");
Deleted : user_pref("CommunityToolbar.OriginalEngineOwnerGuid", "engine@conduit.com");
Deleted : user_pref("CommunityToolbar.OriginalEngineOwnerToolbarId", "conduitengine");
Deleted : user_pref("CommunityToolbar.SearchFromAddressBarSavedUrl", "chrome://browser-region/locale/region.pr[...]
Deleted : user_pref("CommunityToolbar.ToolbarsList", "CT2786678,ConduitEngine");
Deleted : user_pref("CommunityToolbar.ToolbarsList2", "CT2786678,ConduitEngine");
Deleted : user_pref("CommunityToolbar.ToolbarsList4", "CT2786678");
Deleted : user_pref("CommunityToolbar.alert.alertDialogsGetterLastCheckTime", "Fri Jul 01 2011 18:17:12 GMT-05[...]
Deleted : user_pref("CommunityToolbar.alert.alertInfoInterval", 1440);
Deleted : user_pref("CommunityToolbar.alert.alertInfoLastCheckTime", "Fri Mar 02 2012 18:45:17 GMT-0600 (Centr[...]
Deleted : user_pref("CommunityToolbar.alert.clientsServerUrl", "hxxp://alert.client.conduit.com");
Deleted : user_pref("CommunityToolbar.alert.locale", "en");
Deleted : user_pref("CommunityToolbar.alert.loginIntervalMin", 1440);
Deleted : user_pref("CommunityToolbar.alert.loginLastCheckTime", "Fri Mar 02 2012 18:45:09 GMT-0600 (Central S[...]
Deleted : user_pref("CommunityToolbar.alert.loginLastUpdateTime", "1313487611");
Deleted : user_pref("CommunityToolbar.alert.messageShowTimeSec", 20);
Deleted : user_pref("CommunityToolbar.alert.servicesServerUrl", "hxxp://alert.services.conduit.com");
Deleted : user_pref("CommunityToolbar.alert.showTrayIcon", false);
Deleted : user_pref("CommunityToolbar.alert.userCloseIntervalMin", 300);
Deleted : user_pref("CommunityToolbar.alert.userId", "40b35769-2d50-4383-812c-16c8d9ea92aa");
Deleted : user_pref("CommunityToolbar.facebook.settingsLastCheckTime", "Fri Jul 01 2011 18:17:13 GMT-0500 (Cen[...]
Deleted : user_pref("CommunityToolbar.globalUserId", "1f3741a7-815c-494a-b0b6-1287d12f89d1");
Deleted : user_pref("CommunityToolbar.isAlertUrlAddedToFeedItemTable", true);
Deleted : user_pref("CommunityToolbar.isClickActionAddedToFeedItemTable", true);
Deleted : user_pref("CommunityToolbar.notifications.alertDialogsGetterLastCheckTime", "Fri Jul 01 2011 18:17:1[...]
Deleted : user_pref("CommunityToolbar.notifications.alertInfoInterval", 1440);
Deleted : user_pref("CommunityToolbar.notifications.alertInfoLastCheckTime", "Sat Jul 02 2011 07:21:13 GMT-050[...]
Deleted : user_pref("CommunityToolbar.notifications.clientsServerUrl", "hxxp://alert.client.conduit.com");
Deleted : user_pref("CommunityToolbar.notifications.locale", "en");
Deleted : user_pref("CommunityToolbar.notifications.loginIntervalMin", 1440);
Deleted : user_pref("CommunityToolbar.notifications.loginLastCheckTime", "Fri Jul 01 2011 18:17:12 GMT-0500 (C[...]
Deleted : user_pref("CommunityToolbar.notifications.loginLastUpdateTime", "1305622559");
Deleted : user_pref("CommunityToolbar.notifications.messageShowTimeSec", 20);
Deleted : user_pref("CommunityToolbar.notifications.servicesServerUrl", "hxxp://alert.services.conduit.com");
Deleted : user_pref("CommunityToolbar.notifications.showTrayIcon", false);
Deleted : user_pref("CommunityToolbar.notifications.userCloseIntervalMin", 300);
Deleted : user_pref("CommunityToolbar.notifications.userId", "7a8314af-ff7a-4f72-97e8-bc5e0d1c09cb");
Deleted : user_pref("ConduitEngine.AppTrackingLastCheckTime", "Thu Mar 01 2012 18:45:19 GMT-0600 (Central Stan[...]
Deleted : user_pref("ConduitEngine.CTID", "ConduitEngine");
Deleted : user_pref("ConduitEngine.DialogsGetterLastCheckTime", "Thu Mar 01 2012 18:45:09 GMT-0600 (Central St[...]
Deleted : user_pref("ConduitEngine.FirstServerDate", "07/02/2011 02");
Deleted : user_pref("ConduitEngine.FirstTime", true);
Deleted : user_pref("ConduitEngine.FirstTimeFF3", true);
Deleted : user_pref("ConduitEngine.FixPageNotFoundErrors", false);
Deleted : user_pref("ConduitEngine.HasUserGlobalKeys", true);
Deleted : user_pref("ConduitEngine.Initialize", true);
Deleted : user_pref("ConduitEngine.InitializeCommonPrefs", true);
Deleted : user_pref("ConduitEngine.InstallationType", "UnknownIntegration");
Deleted : user_pref("ConduitEngine.InstalledDate", "Fri Jul 01 2011 18:17:13 GMT-0500 (Central Daylight Time)"[...]
Deleted : user_pref("ConduitEngine.IsMulticommunity", false);
Deleted : user_pref("ConduitEngine.IsOpenThankYouPage", false);
Deleted : user_pref("ConduitEngine.IsOpenUninstallPage", false);
Deleted : user_pref("ConduitEngine.LanguagePackLastCheckTime", "Fri Mar 02 2012 18:45:10 GMT-0600 (Central Sta[...]
Deleted : user_pref("ConduitEngine.LastLogin_3.3.3.2", "Sat Mar 03 2012 06:45:09 GMT-0600 (Central Standard Ti[...]
Deleted : user_pref("ConduitEngine.SearchFromAddressBarIsInit", true);
Deleted : user_pref("ConduitEngine.SearchFromAddressBarUrl", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=C[...]
Deleted : user_pref("ConduitEngine.SettingsLastCheckTime", "Sat Mar 03 2012 06:45:09 GMT-0600 (Central Standar[...]
Deleted : user_pref("ConduitEngine.UserID", "UN54517739767074751");
Deleted : user_pref("ConduitEngine.engineLocale", "en-US");
Deleted : user_pref("ConduitEngine.enngineContextMenuLastCheckTime", "Fri Mar 02 2012 18:45:11 GMT-0600 (Centr[...]
Deleted : user_pref("ConduitEngine.globalFirstTimeInfoLastCheckTime", "Sat Mar 03 2012 06:45:09 GMT-0600 (Cent[...]
Deleted : user_pref("ConduitEngine.initDone", true);
Deleted : user_pref("ConduitEngine.isAppTrackingManagerOn", true);
-\\ Google Chrome v23.0.1271.97
File : C:\Users\Webb\AppData\Local\Google\Chrome\User Data\Default\Preferences
[OK] File is clean.
*************************
AdwCleaner[s1].txt - [20234 octets] - [29/12/2012 15:52:43]
########## EOF - C:\AdwCleaner[s1].txt - [20295 octets] ##########
RogueKiller V8.4.1 [Dec 28 2012] by Tigzy
mail : tigzyRK<at>gmail<dot>com
Feedback : http://www.geekstogo.com/forum/files/file/413-roguekiller/
Website : http://tigzy.geekstogo.com/roguekiller.php
Blog : http://tigzyrk.blogspot.com/
Operating System : Windows 7 (6.1.7601 Service Pack 1) 64 bits version
Started in : Normal mode
User : Webb [Admin rights]
Mode : Scan -- Date : 12/29/2012 15:59:28
¤¤¤ Bad processes : 0 ¤¤¤
¤¤¤ Registry Entries : 8 ¤¤¤
[HJ] HKLM\[...]\System : ConsentPromptBehaviorAdmin (0) -> FOUND
[HJ] HKLM\[...]\Wow6432Node\System : ConsentPromptBehaviorAdmin (0) -> FOUND
[HJ] HKLM\[...]\System : EnableLUA (0) -> FOUND
[HJ] HKLM\[...]\Wow6432Node\System : EnableLUA (0) -> FOUND
[HJ DESK] HKCU\[...]\ClassicStartMenu : {645FF040-5081-101B-9F08-00AA002F954E} (1) -> FOUND
[HJ DESK] HKCU\[...]\NewStartPanel : {645FF040-5081-101B-9F08-00AA002F954E} (1) -> FOUND
[HJ DESK] HKLM\[...]\NewStartPanel : {59031a47-3f72-44a7-89c5-5595fe6b30ee} (1) -> FOUND
[HJ DESK] HKLM\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> FOUND
¤¤¤ Particular Files / Folders: ¤¤¤
¤¤¤ Driver : [NOT LOADED] ¤¤¤
¤¤¤ HOSTS File: ¤¤¤
--> C:\Windows\system32\drivers\etc\hosts
192.168.1.105 HOMESERVER #Windows Home Server#
¤¤¤ MBR Check: ¤¤¤
+++++ PhysicalDrive0: WDC WD2500YD-01NVB1 ATA Device +++++
--- User ---
[MBR] 52b9e6ab410f29e12965d7f2704820f4
[bSP] 5239ee995432644c26a960e1f84967b8 : Windows 7/8 MBR Code
Partition table:
0 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 2048 | Size: 188252 Mo
1 - [XXXXXX] EXTEN (0x05) [VISIBLE] Offset (sectors): 385543935 | Size: 51113 Mo
User = LL1 ... OK!
User = LL2 ... OK!
Finished : << RKreport[1]_S_12292012_02d1559.txt >>
RKreport[1]_S_12292012_02d1559.txt
Thanks!
Aaron
-
Hello,
I have recently started to notice my HTPC running very slowly. Upon inspection of the task manager I have discoved that the lsass.exe process is consuming large amounts of memory, most often as high as 3 million bytes. I have run MB and nothing was found. I'm hopng to get some more in-depth advice on what to do next. I am including the requested logs.
thank you
Aaron
DDS
DDS (Ver_2012-11-20.01) - NTFS_AMD64
Internet Explorer: 8.0.7601.17514 BrowserJavaVersion: 1.6.0_37
Run by Webb at 11:13:26 on 2012-12-29
Microsoft Windows 7 Ultimate 6.1.7601.1.1252.1.1033.18.4095.874 [GMT -6:00]
.
AV: avast! Antivirus *Enabled/Updated* {2B2D1395-420B-D5C9-657E-930FE358FC3C}
SP: avast! Antivirus *Enabled/Updated* {904CF271-6431-DA47-5FCE-A87D98DFB681}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: COMODO Firewall *Enabled* {7DB03214-694B-060B-1600-BD4715C36DBB}
.
============== Running Processes ===============
.
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Program Files (x86)\COMODO\COMODO livePCsupport\CLPSLS.exe
C:\Windows\system32\svchost.exe -k RPCSS
C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\system32\atiesrxx.exe
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\atieclxx.exe
C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\taskhost.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
C:\Windows\system32\taskeng.exe
C:\Program Files (x86)\ASUS\EPU-4 Engine\FourEngine.exe
C:\Program Files (x86)\Bonjour\mDNSResponder.exe
C:\Program Files\Windows Home Server\esClient.exe
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Windows\system32\svchost.exe -k imgsvc
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
C:\Program Files\Windows Home Server\WHSConnector.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
C:\Program Files\COMODO\COMODO Internet Security\cfp.exe
C:\Program Files (x86)\Garmin\gStart.exe
C:\Program Files (x86)\Air Mouse\Air Mouse\Air Mouse.exe
C:\Program Files (x86)\iTunes\iTunesHelper.exe
C:\Program Files (x86)\MediaBrowser\MediaBrowser\MediaBrowserService.exe
C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
C:\Program Files\Windows Home Server\WHSTrayApp.exe
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Program Files\Alwil Software\Avast5\AvastUI.exe
C:\Program Files (x86)\ZeeVee\ZvRemote\ZvRemote.exe
C:\Windows\system32\SearchIndexer.exe
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Program Files\iPod\bin\iPodService.exe
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
C:\Windows\System32\svchost.exe -k secsvcs
C:\Windows\eHome\EHShell.exe
C:\Windows\ehome\ehsched.exe
C:\Windows\eHome\EhTray.exe
C:\Windows\ehome\ehVid.exe
C:\Windows\eHome\ehExtHost.exe
C:\Program Files (x86)\Windows Media Player\wmplayer.exe
C:\Windows\notepad.exe
C:\Windows\notepad.exe
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Windows\system32\taskmgr.exe
C:\Windows\system32\taskeng.exe
C:\Windows\system32\SearchProtocolHost.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\System32\cscript.exe
.
============== Pseudo HJT Report ===============
.
uURLSearchHooks: {bf7380fa-e3b4-4db2-af3e-9d8783a45bfc} - <orphaned>
mWinlogon: Userinit = userinit.exe,
BHO: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
BHO: Java™ Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre6\bin\ssv.dll
BHO: avast! WebRep: {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\Alwil Software\Avast5\aswWebRepIE.dll
BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
BHO: Java™ Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
TB: avast! WebRep: {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\Alwil Software\Avast5\aswWebRepIE.dll
uRun: [gStart] C:\Program Files (x86)\Garmin\gStart.exe
mRun: [startCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
mRun: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
mRun: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe"
mRun: [AirCardEnabler] <no file>
dRunOnce: [osk.exe] osk.exe
dRunOnce: [Application Restart #0] C:\Windows\System32\osk.exe
StartupFolder: C:\Users\Webb\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\ZvRemote.lnk - C:\Program Files (x86)\ZeeVee\ZvRemote\ZvRemote.exe
StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\AIRMOU~1.LNK - C:\Program Files (x86)\Air Mouse\Air Mouse\Air Mouse.exe
StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\MEDIAB~1.LNK - C:\Program Files (x86)\MediaBrowser\MediaBrowser\MediaBrowserService.exe
StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\WINDOW~1.LNK - C:\Windows\Installer\{21E49794-7C13-4E84-8659-55BD378267D5}\WHSTrayApp.exe
uPolicies-Explorer: NoDriveTypeAutoRun = dword:145
mPolicies-Explorer: NoActiveDesktop = dword:1
mPolicies-Explorer: NoActiveDesktopChanges = dword:1
mPolicies-System: ConsentPromptBehaviorAdmin = dword:0
mPolicies-System: ConsentPromptBehaviorUser = dword:3
mPolicies-System: EnableLUA = dword:0
mPolicies-System: EnableUIADesktopToggle = dword:0
mPolicies-System: PromptOnSecureDesktop = dword:0
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_37-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0037-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_37-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_37-windows-i586.cab
TCP: NameServer = 192.168.1.1
TCP: Interfaces\{CF7093E3-9D75-48C1-87A4-676EF6186AFB} : DHCPNameServer = 192.168.1.1
TCP: Interfaces\{E89CDB43-70DF-472F-B0FB-FD2047B10812} : DHCPNameServer = 192.168.1.1
Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
AppInit_DLLs= C:\Windows\SysWOW64\guard32.dll
SSODL: WebCheck - <orphaned>
x64-BHO: avast! WebRep: {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\Alwil Software\Avast5\aswWebRepIE64.dll
x64-BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
x64-BHO: BrowserHelper Class: {9A065C65-4EE7-4DDD-9918-F129089A894A} - C:\Program Files\Windows Home Server\WHSDeskBands.dll
x64-BHO: Java™ Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
x64-TB: Home Server Banner: {D73E76A3-F902-45BD-8FC8-95AE8E014671} - C:\Program Files\Windows Home Server\WHSDeskBands.dll
x64-TB: avast! WebRep: {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\Alwil Software\Avast5\aswWebRepIE64.dll
x64-Run: [COMODO Internet Security] "C:\Program Files\COMODO\COMODO Internet Security\cfp.exe" -h
x64-DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_23-windows-i586.cab
x64-DPF: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_23-windows-i586.cab
x64-DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_23-windows-i586.cab
x64-Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - <orphaned>
x64-SSODL: WebCheck - <orphaned>
Hosts: 192.168.1.105 HOMESERVER #Windows Home Server#
================= FIREFOX ===================
.
FF - ProfilePath - C:\Users\Webb\AppData\Roaming\Mozilla\Firefox\Profiles\ek5gyir8.default\
FF - prefs.js: browser.startup.homepage - www.google.com
FF - component: C:\Users\Webb\AppData\Roaming\Mozilla\Firefox\Profiles\ek5gyir8.default\extensions\{bf7380fa-e3b4-4db2-af3e-9d8783a45bfc}\components\RadioWMPCore.dll
FF - component: C:\Users\Webb\AppData\Roaming\Mozilla\Firefox\Profiles\ek5gyir8.default\extensions\{bf7380fa-e3b4-4db2-af3e-9d8783a45bfc}\components\RadioWMPCoreGecko19.dll
FF - component: C:\Users\Webb\AppData\Roaming\Mozilla\Firefox\Profiles\ek5gyir8.default\extensions\engine@conduit.com\components\RadioWMPCoreGecko19.dll
FF - plugin: C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll
FF - plugin: C:\Program Files (x86)\Google\Update\1.3.21.123\npGoogleUpdate3.dll
FF - plugin: C:\Program Files (x86)\Java\jre6\bin\plugin2\npjp2.dll
FF - plugin: C:\Program Files (x86)\Microsoft Silverlight\5.1.10411.0\npctrlui.dll
FF - plugin: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
FF - plugin: C:\Users\Webb\AppData\Roaming\Mozilla\Firefox\Profiles\ek5gyir8.default\extensions\{bf7380fa-e3b4-4db2-af3e-9d8783a45bfc}\plugins\np-mswmp.dll
FF - plugin: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_5_502_135.dll
FF - plugin: C:\Windows\SysWOW64\npdeployJava1.dll
FF - plugin: C:\Windows\SysWOW64\npmproxy.dll
.
============= SERVICES / DRIVERS ===============
.
R1 aswSnx;aswSnx;C:\Windows\System32\drivers\aswSnx.sys [2011-3-8 984144]
R1 aswSP;aswSP;C:\Windows\System32\drivers\aswSP.sys [2010-4-22 370288]
R1 cmdGuard;COMODO Internet Security Sandbox Driver;C:\Windows\System32\drivers\cmdGuard.sys [2010-4-9 584056]
R1 cmdHlp;COMODO Internet Security Helper Driver;C:\Windows\System32\drivers\cmdhlp.sys [2010-4-9 38144]
R2 AMD External Events Utility;AMD External Events Utility;C:\Windows\System32\atiesrxx.exe [2010-10-26 203776]
R2 aswFsBlk;aswFsBlk;C:\Windows\System32\drivers\aswFsBlk.sys [2010-4-22 25232]
R2 aswMonFlt;aswMonFlt;C:\Windows\System32\drivers\aswMonFlt.sys [2010-4-22 71600]
R2 avast! Antivirus;avast! Antivirus;C:\Program Files\Alwil Software\Avast5\AvastSvc.exe [2012-12-21 44808]
R2 CLPSLS;COMODO livePCsupport Service;C:\Program Files (x86)\COMODO\COMODO livePCsupport\CLPSLS.exe [2010-2-19 148744]
R2 esClient;Windows Media Center Client Service;C:\Program Files\Windows Home Server\esClient.exe [2011-1-10 109936]
R2 WHSConnector;Windows Home Server Connector Service;C:\Program Files\Windows Home Server\WHSConnector.exe [2011-1-10 489840]
R3 AtiHDAudioService;ATI Function Driver for HD Audio Service;C:\Windows\System32\drivers\AtihdW76.sys [2010-9-24 116752]
R3 RTL8167;Realtek 8167 NT Driver;C:\Windows\System32\drivers\Rt64win7.sys [2010-4-22 215040]
S2 arXfrSvc;Windows Media Center TV Archive Transfer Service;C:\Program Files\Windows Home Server\Microsoft.HomeServer.Archive.TransferService.exe [2011-1-10 231280]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576]
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;C:\Windows\System32\drivers\rdpvideominiport.sys [2011-7-7 20992]
S3 SandraAgentSrv;SiSoftware Deployment Agent Service;C:\Program Files\SiSoftware\SiSoftware Sandra Lite 2010c\RpcAgentSrv.exe [2010-5-1 93336]
S3 TsUsbFlt;TsUsbFlt;C:\Windows\System32\drivers\TsUsbFlt.sys [2011-7-7 59392]
S3 USBAAPL64;Apple Mobile USB Driver;C:\Windows\System32\drivers\usbaapl64.sys [2011-2-18 51712]
S3 WatAdminSvc;Windows Activation Technologies Service;C:\Windows\System32\Wat\WatAdminSvc.exe [2010-4-22 1255736]
S4 wlcrasvc;Windows Live Mesh remote connections service;C:\Program Files\Windows Live\Mesh\wlcrasvc.exe [2010-9-22 57184]
.
=============== Created Last 30 ================
.
2012-12-29 09:38:25 76232 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{CBDA262E-5FCC-4B41-B1E7-7BEC5A2B2BA5}\offreg.dll
2012-12-29 03:03:34 -------- d-----w- C:\Users\Webb\AppData\Roaming\Malwarebytes
2012-12-29 03:03:16 -------- d-----w- C:\ProgramData\Malwarebytes
2012-12-29 03:03:14 24176 ----a-w- C:\Windows\System32\drivers\mbam.sys
2012-12-29 03:03:14 -------- d-----w- C:\Program Files (x86)\Malwarebytes' Anti-Malware
2012-12-29 03:02:59 -------- d-----w- C:\Users\Webb\AppData\Local\Programs
2012-12-28 18:41:39 9125352 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{CBDA262E-5FCC-4B41-B1E7-7BEC5A2B2BA5}\mpengine.dll
2012-12-21 09:00:37 46080 ----a-w- C:\Windows\System32\atmlib.dll
2012-12-21 09:00:37 34304 ----a-w- C:\Windows\SysWow64\atmlib.dll
2012-12-21 09:00:35 367616 ----a-w- C:\Windows\System32\atmfd.dll
2012-12-21 09:00:33 295424 ----a-w- C:\Windows\SysWow64\atmfd.dll
2012-12-11 19:07:16 2048 ----a-w- C:\Windows\SysWow64\tzres.dll
2012-12-11 19:07:16 2048 ----a-w- C:\Windows\System32\tzres.dll
2012-12-11 19:05:59 338432 ----a-w- C:\Windows\System32\conhost.exe
.
==================== Find3M ====================
.
2012-12-12 11:13:13 73656 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
2012-12-12 11:13:13 697272 ----a-w- C:\Windows\SysWow64\FlashPlayerApp.exe
2012-11-22 03:26:40 3149824 ----a-w- C:\Windows\System32\win32k.sys
2012-11-12 12:28:37 1638912 ----a-w- C:\Windows\System32\mshtml.tlb
2012-11-12 11:52:18 1638912 ----a-w- C:\Windows\SysWow64\mshtml.tlb
2012-11-07 23:38:00 38144 ----a-w- C:\Windows\System32\drivers\cmdhlp.sys
2012-11-07 23:37:59 584056 ----a-w- C:\Windows\System32\drivers\cmdGuard.sys
2012-11-07 23:37:57 22736 ----a-w- C:\Windows\System32\drivers\cmderd.sys
2012-11-07 23:37:36 41240 ----a-w- C:\Windows\System32\cmdcsr.dll
2012-11-07 23:37:34 301264 ----a-w- C:\Windows\SysWow64\guard32.dll
2012-11-07 23:37:31 390392 ----a-w- C:\Windows\System32\guard64.dll
2012-11-02 05:59:11 478208 ----a-w- C:\Windows\System32\dpnet.dll
2012-11-02 05:11:31 376832 ----a-w- C:\Windows\SysWow64\dpnet.dll
2012-10-30 23:51:55 984144 ----a-w- C:\Windows\System32\drivers\aswSnx.sys
2012-10-30 23:51:55 71600 ----a-w- C:\Windows\System32\drivers\aswMonFlt.sys
2012-10-30 23:51:07 41224 ----a-w- C:\Windows\avastSS.scr
2012-10-27 06:26:55 981504 ----a-w- C:\Windows\SysWow64\wininet.dll
2012-10-27 05:51:21 1188864 ----a-w- C:\Windows\System32\wininet.dll
2012-10-19 11:18:52 477168 ----a-w- C:\Windows\SysWow64\npdeployJava1.dll
2012-10-19 11:18:52 473072 ----a-w- C:\Windows\SysWow64\deployJava1.dll
2012-10-16 08:38:37 135168 ----a-w- C:\Windows\apppatch\AppPatch64\AcXtrnal.dll
2012-10-16 08:38:34 350208 ----a-w- C:\Windows\apppatch\AppPatch64\AcLayers.dll
2012-10-16 07:39:52 561664 ----a-w- C:\Windows\apppatch\AcLayers.dll
2012-10-15 16:59:28 54072 ----a-w- C:\Windows\System32\drivers\aswRdr2.sys
2012-10-09 18:17:13 55296 ----a-w- C:\Windows\System32\dhcpcsvc6.dll
2012-10-09 18:17:13 226816 ----a-w- C:\Windows\System32\dhcpcore6.dll
2012-10-09 17:40:31 44032 ----a-w- C:\Windows\SysWow64\dhcpcsvc6.dll
2012-10-09 17:40:31 193536 ----a-w- C:\Windows\SysWow64\dhcpcore6.dll
2012-10-04 17:46:16 362496 ----a-w- C:\Windows\System32\wow64win.dll
2012-10-04 17:46:15 243200 ----a-w- C:\Windows\System32\wow64.dll
2012-10-04 17:46:15 13312 ----a-w- C:\Windows\System32\wow64cpu.dll
2012-10-04 17:45:55 215040 ----a-w- C:\Windows\System32\winsrv.dll
2012-10-04 17:43:28 16384 ----a-w- C:\Windows\System32\ntvdm64.dll
2012-10-04 17:41:16 424960 ----a-w- C:\Windows\System32\KernelBase.dll
2012-10-04 16:47:41 5120 ----a-w- C:\Windows\SysWow64\wow32.dll
2012-10-04 16:47:41 274944 ----a-w- C:\Windows\SysWow64\KernelBase.dll
2012-10-04 14:46:46 7680 ----a-w- C:\Windows\SysWow64\instnm.exe
2012-10-04 14:46:46 25600 ----a-w- C:\Windows\SysWow64\setup16.exe
2012-10-04 14:46:44 14336 ----a-w- C:\Windows\SysWow64\ntvdm64.dll
2012-10-04 14:46:43 2048 ----a-w- C:\Windows\SysWow64\user.exe
2012-10-04 14:41:50 6144 ---ha-w- C:\Windows\SysWow64\api-ms-win-security-base-l1-1-0.dll
2012-10-04 14:41:50 4608 ---ha-w- C:\Windows\SysWow64\api-ms-win-core-threadpool-l1-1-0.dll
2012-10-04 14:41:50 3584 ---ha-w- C:\Windows\SysWow64\api-ms-win-core-xstate-l1-1-0.dll
2012-10-04 14:41:50 3072 ---ha-w- C:\Windows\SysWow64\api-ms-win-core-util-l1-1-0.dll
2012-10-03 17:56:54 1914248 ----a-w- C:\Windows\System32\drivers\tcpip.sys
2012-10-03 17:44:21 70656 ----a-w- C:\Windows\System32\nlaapi.dll
2012-10-03 17:44:21 303104 ----a-w- C:\Windows\System32\nlasvc.dll
2012-10-03 17:44:17 246272 ----a-w- C:\Windows\System32\netcorehc.dll
2012-10-03 17:44:17 18944 ----a-w- C:\Windows\System32\netevent.dll
2012-10-03 17:44:16 216576 ----a-w- C:\Windows\System32\ncsi.dll
2012-10-03 17:42:16 569344 ----a-w- C:\Windows\System32\iphlpsvc.dll
2012-10-03 16:42:24 18944 ----a-w- C:\Windows\SysWow64\netevent.dll
2012-10-03 16:42:24 175104 ----a-w- C:\Windows\SysWow64\netcorehc.dll
2012-10-03 16:42:23 156672 ----a-w- C:\Windows\SysWow64\ncsi.dll
2012-10-03 16:07:26 45568 ----a-w- C:\Windows\System32\drivers\tcpipreg.sys
2010-12-07 22:27:54 331249 ----a-w- C:\Program Files (x86)\Clown_BD_v0.79.exe
.
============= FINISH: 11:14:21.15 ===============
Attach
.
UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
IF REQUESTED, ZIP IT UP & ATTACH IT
.
DDS (Ver_2012-11-20.01)
.
Microsoft Windows 7 Ultimate
Boot Device: \Device\HarddiskVolume1
Install Date: 4/22/2010 6:38:06 PM
System Uptime: 12/28/2012 9:23:52 PM (14 hours ago)
.
Motherboard: ASUSTeK Computer INC. | | M4A785-M
Processor: AMD Athlon™ 64 X2 Dual Core Processor 5600+ | AM2 | 2800/200mhz
.
==== Disk Partitions =========================
.
C: is FIXED (NTFS) - 184 GiB total, 92.835 GiB free.
D: is CDROM (UDF)
E: is FIXED (NTFS) - 466 GiB total, 446.529 GiB free.
.
==== Disabled Device Manager Items =============
.
==== System Restore Points ===================
.
RP350: 12/18/2012 12:50:38 PM - Windows Update
RP351: 12/21/2012 3:00:11 AM - Windows Update
RP352: 12/25/2012 12:34:33 AM - Windows Update
RP353: 12/28/2012 12:33:05 PM - Restore Operation
RP354: 12/28/2012 12:33:40 PM - Windows Update
RP355: 12/28/2012 12:41:03 PM - Windows Update
.
==== Installed Programs ======================
.
µTorrent
Adobe AIR
Adobe Flash Player 11 ActiveX
Adobe Flash Player 11 Plugin
Adobe Reader 9.5.0
AMD Drag and Drop Transcoding
AnyDVD
Apple Application Support
Apple Mobile Device Support
Apple Software Update
ATI Catalyst Install Manager
avast! Free Antivirus
Bonjour
Boxee
BoxeeIntegration
Catalyst Control Center - Branding
Catalyst Control Center Graphics Previews Common
Catalyst Control Center Graphics Previews Vista
Catalyst Control Center InstallProxy
ccc-core-static
ccc-utility64
CCC Help English
COMODO Internet Security
COMODO livePCsupport
D3DX10
EPU-4 Engine
ffdshow x64 v1.1.3439 [2010-05-14]
G-Force
Garmin Training Center
Garmin USB Drivers
Google Chrome
Google Update Helper
Homeworld Theme - Windows 7 Media Center
Internet TV for Windows Media Center
iTunes
Java Auto Updater
Java™ 6 Update 23 (64-bit)
Java™ 6 Update 37
MakeMKV v1.7.7
Malwarebytes Anti-Malware version 1.70.0.1100
Media Browser
Media Player Classic - Home Cinema v1.5.2.3173 x64
MediaInfo 0.7.31
Mesh Runtime
Microsoft .NET Framework 4 Client Profile
Microsoft Application Error Reporting
Microsoft Silverlight
Microsoft SQL Server 2005 Compact Edition [ENU]
Microsoft Visual C++ 2005 ATL Update kb973923 - x64 8.0.50727.4053
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
Microsoft Visual C++ 2005 Redistributable
Microsoft Visual C++ 2005 Redistributable (x64)
Microsoft Visual C++ 2005 Redistributable (x64) - KB2467175
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x64 9.0.30729.5570
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.30319
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.30319
MKVtoolnix 4.0.0
Mobile Mouse Server
Mozilla Firefox 17.0.1 (x86 en-US)
Mozilla Maintenance Service
MSVCRT
Netflix in Windows Media Center
Notepad++
PC Probe II
QuickTime
Realtek 8136 8168 8169 Ethernet Driver
Security Update for Microsoft .NET Framework 4 Client Profile (KB2160841)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2446708)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2478663)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2518870)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2539636)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2572078)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2604121)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2633870)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656351)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368v2)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656405)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2686827)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2729449)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2737019)
Sierra Wireless Watcher
SiSoftware Sandra Lite 2010c
Update for Microsoft .NET Framework 4 Client Profile (KB2468871)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523)
Update for Microsoft .NET Framework 4 Client Profile (KB2600217)
VLC media player 1.0.5
WhiteCap
Windows Driver Package - Garmin (grmnusb) GARMIN Devices (06/03/2009 2.3.0.0)
Windows Home Server Connector
Windows Live Communications Platform
Windows Live Essentials
Windows Live ID Sign-in Assistant
Windows Live Installer
Windows Live Language Selector
Windows Live Mesh
Windows Live Mesh ActiveX Control for Remote Connections
Windows Live Movie Maker
Windows Live Photo Common
Windows Live Photo Gallery
Windows Live PIMT Platform
Windows Live Remote Client
Windows Live Remote Client Resources
Windows Live Remote Service
Windows Live Remote Service Resources
Windows Live SOXE
Windows Live SOXE Definitions
Windows Live UX Platform
Windows Live UX Platform Language Pack
Windows Media Center Add-in for Flash
WMV9/VC-1 Video Playback
XBMC
XBMCIntegration
Zinc
Zinc Launcher
ZvRemote
.
==== Event Viewer Messages From Past Week ========
.
12/28/2012 9:25:01 PM, Error: Service Control Manager [7009] - A timeout was reached (30000 milliseconds) while waiting for the Windows Media Center TV Archive Transfer Service service to connect.
12/28/2012 9:25:01 PM, Error: Service Control Manager [7000] - The Windows Media Center TV Archive Transfer Service service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion.
12/27/2012 12:28:49 AM, Error: Disk [11] - The driver detected a controller error on \Device\Harddisk1\DR1.
12/26/2012 12:38:48 PM, Error: Service Control Manager [7000] - The Google Update Service (gupdate) service failed to start due to the following error: The pipe has been ended.
12/26/2012 12:38:48 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "109" attempting to start the service gupdate with arguments "/comsvc" in order to run the server: {4EB61BAC-A3B6-4760-9581-655041EF4D69}
12/23/2012 3:06:42 PM, Error: NetBT [4321] - The name "WORKGROUP :1d" could not be registered on the interface with IP address 192.168.1.103. The computer with the IP address 192.168.1.102 did not allow the name to be claimed by this computer.
12/23/2012 2:14:40 PM, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the wlidsvc service.
.
==== End Of File ===========================
Thanks!
lsass.exe using exorbitant memory
in Resolved Malware Removal Logs
Posted
Gringo,
Thanks for all your help. My computer is running great.
Aaron