supturb89 Posted December 29, 2012 ID:628059 Share Posted December 29, 2012 Hello,I have recently started to notice my HTPC running very slowly. Upon inspection of the task manager I have discoved that the lsass.exe process is consuming large amounts of memory, most often as high as 3 million bytes. I have run MB and nothing was found. I'm hopng to get some more in-depth advice on what to do next. I am including the requested logs.thank youAaronDDSDDS (Ver_2012-11-20.01) - NTFS_AMD64Internet Explorer: 8.0.7601.17514 BrowserJavaVersion: 1.6.0_37Run by Webb at 11:13:26 on 2012-12-29Microsoft Windows 7 Ultimate 6.1.7601.1.1252.1.1033.18.4095.874 [GMT -6:00].AV: avast! Antivirus *Enabled/Updated* {2B2D1395-420B-D5C9-657E-930FE358FC3C}SP: avast! Antivirus *Enabled/Updated* {904CF271-6431-DA47-5FCE-A87D98DFB681}SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}FW: COMODO Firewall *Enabled* {7DB03214-694B-060B-1600-BD4715C36DBB}.============== Running Processes ===============.C:\Windows\system32\lsm.exeC:\Windows\system32\svchost.exe -k DcomLaunchC:\Program Files (x86)\COMODO\COMODO livePCsupport\CLPSLS.exeC:\Windows\system32\svchost.exe -k RPCSSC:\Program Files\COMODO\COMODO Internet Security\cmdagent.exeC:\Windows\system32\svchost.exe -k NetworkServiceC:\Windows\system32\atiesrxx.exeC:\Windows\System32\svchost.exe -k LocalServiceNetworkRestrictedC:\Windows\System32\svchost.exe -k LocalSystemNetworkRestrictedC:\Windows\system32\svchost.exe -k netsvcsC:\Windows\system32\svchost.exe -k LocalServiceC:\Windows\system32\atieclxx.exeC:\Program Files\Alwil Software\Avast5\AvastSvc.exeC:\Windows\system32\Dwm.exeC:\Windows\Explorer.EXEC:\Windows\System32\spoolsv.exeC:\Windows\system32\taskhost.exeC:\Windows\system32\svchost.exe -k LocalServiceNoNetworkC:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exeC:\Windows\system32\taskeng.exeC:\Program Files (x86)\ASUS\EPU-4 Engine\FourEngine.exeC:\Program Files (x86)\Bonjour\mDNSResponder.exeC:\Program Files\Windows Home Server\esClient.exeC:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonationC:\Windows\system32\svchost.exe -k imgsvcC:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXEC:\Program Files\Windows Home Server\WHSConnector.exeC:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exeC:\Program Files\COMODO\COMODO Internet Security\cfp.exeC:\Program Files (x86)\Garmin\gStart.exeC:\Program Files (x86)\Air Mouse\Air Mouse\Air Mouse.exeC:\Program Files (x86)\iTunes\iTunesHelper.exeC:\Program Files (x86)\MediaBrowser\MediaBrowser\MediaBrowserService.exeC:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exeC:\Program Files\Windows Home Server\WHSTrayApp.exeC:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exeC:\Program Files (x86)\Common Files\Java\Java Update\jusched.exeC:\Program Files\Alwil Software\Avast5\AvastUI.exeC:\Program Files (x86)\ZeeVee\ZvRemote\ZvRemote.exeC:\Windows\system32\SearchIndexer.exeC:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestrictedC:\Program Files\iPod\bin\iPodService.exeC:\Windows\System32\svchost.exe -k LocalServicePeerNetC:\Program Files\Windows Media Player\wmpnetwk.exeC:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exeC:\Windows\System32\svchost.exe -k secsvcsC:\Windows\eHome\EHShell.exeC:\Windows\ehome\ehsched.exeC:\Windows\eHome\EhTray.exeC:\Windows\ehome\ehVid.exeC:\Windows\eHome\ehExtHost.exeC:\Program Files (x86)\Windows Media Player\wmplayer.exeC:\Windows\notepad.exeC:\Windows\notepad.exeC:\Program Files (x86)\Mozilla Firefox\firefox.exeC:\Windows\system32\taskmgr.exeC:\Windows\system32\taskeng.exeC:\Windows\system32\SearchProtocolHost.exeC:\Windows\system32\SearchFilterHost.exeC:\Windows\system32\wbem\wmiprvse.exeC:\Windows\System32\cscript.exe.============== Pseudo HJT Report ===============.uURLSearchHooks: {bf7380fa-e3b4-4db2-af3e-9d8783a45bfc} - <orphaned>mWinlogon: Userinit = userinit.exe,BHO: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dllBHO: Java™ Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre6\bin\ssv.dllBHO: avast! WebRep: {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\Alwil Software\Avast5\aswWebRepIE.dllBHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dllBHO: Java™ Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dllTB: avast! WebRep: {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\Alwil Software\Avast5\aswWebRepIE.dlluRun: [gStart] C:\Program Files (x86)\Garmin\gStart.exemRun: [startCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRunmRun: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottimemRun: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe"mRun: [AirCardEnabler] <no file>dRunOnce: [osk.exe] osk.exedRunOnce: [Application Restart #0] C:\Windows\System32\osk.exeStartupFolder: C:\Users\Webb\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\ZvRemote.lnk - C:\Program Files (x86)\ZeeVee\ZvRemote\ZvRemote.exeStartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\AIRMOU~1.LNK - C:\Program Files (x86)\Air Mouse\Air Mouse\Air Mouse.exeStartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\MEDIAB~1.LNK - C:\Program Files (x86)\MediaBrowser\MediaBrowser\MediaBrowserService.exeStartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\WINDOW~1.LNK - C:\Windows\Installer\{21E49794-7C13-4E84-8659-55BD378267D5}\WHSTrayApp.exeuPolicies-Explorer: NoDriveTypeAutoRun = dword:145mPolicies-Explorer: NoActiveDesktop = dword:1mPolicies-Explorer: NoActiveDesktopChanges = dword:1mPolicies-System: ConsentPromptBehaviorAdmin = dword:0mPolicies-System: ConsentPromptBehaviorUser = dword:3mPolicies-System: EnableLUA = dword:0mPolicies-System: EnableUIADesktopToggle = dword:0mPolicies-System: PromptOnSecureDesktop = dword:0DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_37-windows-i586.cabDPF: {CAFEEFAC-0016-0000-0037-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_37-windows-i586.cabDPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_37-windows-i586.cabTCP: NameServer = 192.168.1.1TCP: Interfaces\{CF7093E3-9D75-48C1-87A4-676EF6186AFB} : DHCPNameServer = 192.168.1.1TCP: Interfaces\{E89CDB43-70DF-472F-B0FB-FD2047B10812} : DHCPNameServer = 192.168.1.1Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dllAppInit_DLLs= C:\Windows\SysWOW64\guard32.dllSSODL: WebCheck - <orphaned>x64-BHO: avast! WebRep: {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\Alwil Software\Avast5\aswWebRepIE64.dllx64-BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dllx64-BHO: BrowserHelper Class: {9A065C65-4EE7-4DDD-9918-F129089A894A} - C:\Program Files\Windows Home Server\WHSDeskBands.dllx64-BHO: Java™ Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dllx64-TB: Home Server Banner: {D73E76A3-F902-45BD-8FC8-95AE8E014671} - C:\Program Files\Windows Home Server\WHSDeskBands.dllx64-TB: avast! WebRep: {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\Alwil Software\Avast5\aswWebRepIE64.dllx64-Run: [COMODO Internet Security] "C:\Program Files\COMODO\COMODO Internet Security\cfp.exe" -hx64-DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_23-windows-i586.cabx64-DPF: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_23-windows-i586.cabx64-DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_23-windows-i586.cabx64-Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - <orphaned>x64-SSODL: WebCheck - <orphaned>Hosts: 192.168.1.105 HOMESERVER #Windows Home Server#================= FIREFOX ===================.FF - ProfilePath - C:\Users\Webb\AppData\Roaming\Mozilla\Firefox\Profiles\ek5gyir8.default\FF - prefs.js: browser.startup.homepage - www.google.comFF - component: C:\Users\Webb\AppData\Roaming\Mozilla\Firefox\Profiles\ek5gyir8.default\extensions\{bf7380fa-e3b4-4db2-af3e-9d8783a45bfc}\components\RadioWMPCore.dllFF - component: C:\Users\Webb\AppData\Roaming\Mozilla\Firefox\Profiles\ek5gyir8.default\extensions\{bf7380fa-e3b4-4db2-af3e-9d8783a45bfc}\components\RadioWMPCoreGecko19.dllFF - component: C:\Users\Webb\AppData\Roaming\Mozilla\Firefox\Profiles\ek5gyir8.default\extensions\engine@conduit.com\components\RadioWMPCoreGecko19.dllFF - plugin: C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AIR\nppdf32.dllFF - plugin: C:\Program Files (x86)\Google\Update\1.3.21.123\npGoogleUpdate3.dllFF - plugin: C:\Program Files (x86)\Java\jre6\bin\plugin2\npjp2.dllFF - plugin: C:\Program Files (x86)\Microsoft Silverlight\5.1.10411.0\npctrlui.dllFF - plugin: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dllFF - plugin: C:\Users\Webb\AppData\Roaming\Mozilla\Firefox\Profiles\ek5gyir8.default\extensions\{bf7380fa-e3b4-4db2-af3e-9d8783a45bfc}\plugins\np-mswmp.dllFF - plugin: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_5_502_135.dllFF - plugin: C:\Windows\SysWOW64\npdeployJava1.dllFF - plugin: C:\Windows\SysWOW64\npmproxy.dll.============= SERVICES / DRIVERS ===============.R1 aswSnx;aswSnx;C:\Windows\System32\drivers\aswSnx.sys [2011-3-8 984144]R1 aswSP;aswSP;C:\Windows\System32\drivers\aswSP.sys [2010-4-22 370288]R1 cmdGuard;COMODO Internet Security Sandbox Driver;C:\Windows\System32\drivers\cmdGuard.sys [2010-4-9 584056]R1 cmdHlp;COMODO Internet Security Helper Driver;C:\Windows\System32\drivers\cmdhlp.sys [2010-4-9 38144]R2 AMD External Events Utility;AMD External Events Utility;C:\Windows\System32\atiesrxx.exe [2010-10-26 203776]R2 aswFsBlk;aswFsBlk;C:\Windows\System32\drivers\aswFsBlk.sys [2010-4-22 25232]R2 aswMonFlt;aswMonFlt;C:\Windows\System32\drivers\aswMonFlt.sys [2010-4-22 71600]R2 avast! Antivirus;avast! Antivirus;C:\Program Files\Alwil Software\Avast5\AvastSvc.exe [2012-12-21 44808]R2 CLPSLS;COMODO livePCsupport Service;C:\Program Files (x86)\COMODO\COMODO livePCsupport\CLPSLS.exe [2010-2-19 148744]R2 esClient;Windows Media Center Client Service;C:\Program Files\Windows Home Server\esClient.exe [2011-1-10 109936]R2 WHSConnector;Windows Home Server Connector Service;C:\Program Files\Windows Home Server\WHSConnector.exe [2011-1-10 489840]R3 AtiHDAudioService;ATI Function Driver for HD Audio Service;C:\Windows\System32\drivers\AtihdW76.sys [2010-9-24 116752]R3 RTL8167;Realtek 8167 NT Driver;C:\Windows\System32\drivers\Rt64win7.sys [2010-4-22 215040]S2 arXfrSvc;Windows Media Center TV Archive Transfer Service;C:\Program Files\Windows Home Server\Microsoft.HomeServer.Archive.TransferService.exe [2011-1-10 231280]S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576]S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;C:\Windows\System32\drivers\rdpvideominiport.sys [2011-7-7 20992]S3 SandraAgentSrv;SiSoftware Deployment Agent Service;C:\Program Files\SiSoftware\SiSoftware Sandra Lite 2010c\RpcAgentSrv.exe [2010-5-1 93336]S3 TsUsbFlt;TsUsbFlt;C:\Windows\System32\drivers\TsUsbFlt.sys [2011-7-7 59392]S3 USBAAPL64;Apple Mobile USB Driver;C:\Windows\System32\drivers\usbaapl64.sys [2011-2-18 51712]S3 WatAdminSvc;Windows Activation Technologies Service;C:\Windows\System32\Wat\WatAdminSvc.exe [2010-4-22 1255736]S4 wlcrasvc;Windows Live Mesh remote connections service;C:\Program Files\Windows Live\Mesh\wlcrasvc.exe [2010-9-22 57184].=============== Created Last 30 ================.2012-12-29 09:38:25 76232 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{CBDA262E-5FCC-4B41-B1E7-7BEC5A2B2BA5}\offreg.dll2012-12-29 03:03:34 -------- d-----w- C:\Users\Webb\AppData\Roaming\Malwarebytes2012-12-29 03:03:16 -------- d-----w- C:\ProgramData\Malwarebytes2012-12-29 03:03:14 24176 ----a-w- C:\Windows\System32\drivers\mbam.sys2012-12-29 03:03:14 -------- d-----w- C:\Program Files (x86)\Malwarebytes' Anti-Malware2012-12-29 03:02:59 -------- d-----w- C:\Users\Webb\AppData\Local\Programs2012-12-28 18:41:39 9125352 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{CBDA262E-5FCC-4B41-B1E7-7BEC5A2B2BA5}\mpengine.dll2012-12-21 09:00:37 46080 ----a-w- C:\Windows\System32\atmlib.dll2012-12-21 09:00:37 34304 ----a-w- C:\Windows\SysWow64\atmlib.dll2012-12-21 09:00:35 367616 ----a-w- C:\Windows\System32\atmfd.dll2012-12-21 09:00:33 295424 ----a-w- C:\Windows\SysWow64\atmfd.dll2012-12-11 19:07:16 2048 ----a-w- C:\Windows\SysWow64\tzres.dll2012-12-11 19:07:16 2048 ----a-w- C:\Windows\System32\tzres.dll2012-12-11 19:05:59 338432 ----a-w- C:\Windows\System32\conhost.exe.==================== Find3M ====================.2012-12-12 11:13:13 73656 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl2012-12-12 11:13:13 697272 ----a-w- C:\Windows\SysWow64\FlashPlayerApp.exe2012-11-22 03:26:40 3149824 ----a-w- C:\Windows\System32\win32k.sys2012-11-12 12:28:37 1638912 ----a-w- C:\Windows\System32\mshtml.tlb2012-11-12 11:52:18 1638912 ----a-w- C:\Windows\SysWow64\mshtml.tlb2012-11-07 23:38:00 38144 ----a-w- C:\Windows\System32\drivers\cmdhlp.sys2012-11-07 23:37:59 584056 ----a-w- C:\Windows\System32\drivers\cmdGuard.sys2012-11-07 23:37:57 22736 ----a-w- C:\Windows\System32\drivers\cmderd.sys2012-11-07 23:37:36 41240 ----a-w- C:\Windows\System32\cmdcsr.dll2012-11-07 23:37:34 301264 ----a-w- C:\Windows\SysWow64\guard32.dll2012-11-07 23:37:31 390392 ----a-w- C:\Windows\System32\guard64.dll2012-11-02 05:59:11 478208 ----a-w- C:\Windows\System32\dpnet.dll2012-11-02 05:11:31 376832 ----a-w- C:\Windows\SysWow64\dpnet.dll2012-10-30 23:51:55 984144 ----a-w- C:\Windows\System32\drivers\aswSnx.sys2012-10-30 23:51:55 71600 ----a-w- C:\Windows\System32\drivers\aswMonFlt.sys2012-10-30 23:51:07 41224 ----a-w- C:\Windows\avastSS.scr2012-10-27 06:26:55 981504 ----a-w- C:\Windows\SysWow64\wininet.dll2012-10-27 05:51:21 1188864 ----a-w- C:\Windows\System32\wininet.dll2012-10-19 11:18:52 477168 ----a-w- C:\Windows\SysWow64\npdeployJava1.dll2012-10-19 11:18:52 473072 ----a-w- C:\Windows\SysWow64\deployJava1.dll2012-10-16 08:38:37 135168 ----a-w- C:\Windows\apppatch\AppPatch64\AcXtrnal.dll2012-10-16 08:38:34 350208 ----a-w- C:\Windows\apppatch\AppPatch64\AcLayers.dll2012-10-16 07:39:52 561664 ----a-w- C:\Windows\apppatch\AcLayers.dll2012-10-15 16:59:28 54072 ----a-w- C:\Windows\System32\drivers\aswRdr2.sys2012-10-09 18:17:13 55296 ----a-w- C:\Windows\System32\dhcpcsvc6.dll2012-10-09 18:17:13 226816 ----a-w- C:\Windows\System32\dhcpcore6.dll2012-10-09 17:40:31 44032 ----a-w- C:\Windows\SysWow64\dhcpcsvc6.dll2012-10-09 17:40:31 193536 ----a-w- C:\Windows\SysWow64\dhcpcore6.dll2012-10-04 17:46:16 362496 ----a-w- C:\Windows\System32\wow64win.dll2012-10-04 17:46:15 243200 ----a-w- C:\Windows\System32\wow64.dll2012-10-04 17:46:15 13312 ----a-w- C:\Windows\System32\wow64cpu.dll2012-10-04 17:45:55 215040 ----a-w- C:\Windows\System32\winsrv.dll2012-10-04 17:43:28 16384 ----a-w- C:\Windows\System32\ntvdm64.dll2012-10-04 17:41:16 424960 ----a-w- C:\Windows\System32\KernelBase.dll2012-10-04 16:47:41 5120 ----a-w- C:\Windows\SysWow64\wow32.dll2012-10-04 16:47:41 274944 ----a-w- C:\Windows\SysWow64\KernelBase.dll2012-10-04 14:46:46 7680 ----a-w- C:\Windows\SysWow64\instnm.exe2012-10-04 14:46:46 25600 ----a-w- C:\Windows\SysWow64\setup16.exe2012-10-04 14:46:44 14336 ----a-w- C:\Windows\SysWow64\ntvdm64.dll2012-10-04 14:46:43 2048 ----a-w- C:\Windows\SysWow64\user.exe2012-10-04 14:41:50 6144 ---ha-w- C:\Windows\SysWow64\api-ms-win-security-base-l1-1-0.dll2012-10-04 14:41:50 4608 ---ha-w- C:\Windows\SysWow64\api-ms-win-core-threadpool-l1-1-0.dll2012-10-04 14:41:50 3584 ---ha-w- C:\Windows\SysWow64\api-ms-win-core-xstate-l1-1-0.dll2012-10-04 14:41:50 3072 ---ha-w- C:\Windows\SysWow64\api-ms-win-core-util-l1-1-0.dll2012-10-03 17:56:54 1914248 ----a-w- C:\Windows\System32\drivers\tcpip.sys2012-10-03 17:44:21 70656 ----a-w- C:\Windows\System32\nlaapi.dll2012-10-03 17:44:21 303104 ----a-w- C:\Windows\System32\nlasvc.dll2012-10-03 17:44:17 246272 ----a-w- C:\Windows\System32\netcorehc.dll2012-10-03 17:44:17 18944 ----a-w- C:\Windows\System32\netevent.dll2012-10-03 17:44:16 216576 ----a-w- C:\Windows\System32\ncsi.dll2012-10-03 17:42:16 569344 ----a-w- C:\Windows\System32\iphlpsvc.dll2012-10-03 16:42:24 18944 ----a-w- C:\Windows\SysWow64\netevent.dll2012-10-03 16:42:24 175104 ----a-w- C:\Windows\SysWow64\netcorehc.dll2012-10-03 16:42:23 156672 ----a-w- C:\Windows\SysWow64\ncsi.dll2012-10-03 16:07:26 45568 ----a-w- C:\Windows\System32\drivers\tcpipreg.sys2010-12-07 22:27:54 331249 ----a-w- C:\Program Files (x86)\Clown_BD_v0.79.exe.============= FINISH: 11:14:21.15 ===============Attach.UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.IF REQUESTED, ZIP IT UP & ATTACH IT.DDS (Ver_2012-11-20.01).Microsoft Windows 7 UltimateBoot Device: \Device\HarddiskVolume1Install Date: 4/22/2010 6:38:06 PMSystem Uptime: 12/28/2012 9:23:52 PM (14 hours ago).Motherboard: ASUSTeK Computer INC. | | M4A785-MProcessor: AMD Athlon™ 64 X2 Dual Core Processor 5600+ | AM2 | 2800/200mhz.==== Disk Partitions =========================.C: is FIXED (NTFS) - 184 GiB total, 92.835 GiB free.D: is CDROM (UDF)E: is FIXED (NTFS) - 466 GiB total, 446.529 GiB free..==== Disabled Device Manager Items =============.==== System Restore Points ===================.RP350: 12/18/2012 12:50:38 PM - Windows UpdateRP351: 12/21/2012 3:00:11 AM - Windows UpdateRP352: 12/25/2012 12:34:33 AM - Windows UpdateRP353: 12/28/2012 12:33:05 PM - Restore OperationRP354: 12/28/2012 12:33:40 PM - Windows UpdateRP355: 12/28/2012 12:41:03 PM - Windows Update.==== Installed Programs ======================.µTorrentAdobe AIRAdobe Flash Player 11 ActiveXAdobe Flash Player 11 PluginAdobe Reader 9.5.0AMD Drag and Drop TranscodingAnyDVDApple Application SupportApple Mobile Device SupportApple Software UpdateATI Catalyst Install Manageravast! Free AntivirusBonjourBoxeeBoxeeIntegrationCatalyst Control Center - BrandingCatalyst Control Center Graphics Previews CommonCatalyst Control Center Graphics Previews VistaCatalyst Control Center InstallProxyccc-core-staticccc-utility64CCC Help EnglishCOMODO Internet SecurityCOMODO livePCsupportD3DX10EPU-4 Engineffdshow x64 v1.1.3439 [2010-05-14]G-ForceGarmin Training CenterGarmin USB DriversGoogle ChromeGoogle Update HelperHomeworld Theme - Windows 7 Media CenterInternet TV for Windows Media CenteriTunesJava Auto UpdaterJava™ 6 Update 23 (64-bit)Java™ 6 Update 37MakeMKV v1.7.7Malwarebytes Anti-Malware version 1.70.0.1100Media BrowserMedia Player Classic - Home Cinema v1.5.2.3173 x64MediaInfo 0.7.31Mesh RuntimeMicrosoft .NET Framework 4 Client ProfileMicrosoft Application Error ReportingMicrosoft SilverlightMicrosoft SQL Server 2005 Compact Edition [ENU]Microsoft Visual C++ 2005 ATL Update kb973923 - x64 8.0.50727.4053Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053Microsoft Visual C++ 2005 RedistributableMicrosoft Visual C++ 2005 Redistributable (x64)Microsoft Visual C++ 2005 Redistributable (x64) - KB2467175Microsoft Visual C++ 2008 Redistributable - KB2467174 - x64 9.0.30729.5570Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161Microsoft Visual C++ 2010 x64 Redistributable - 10.0.30319Microsoft Visual C++ 2010 x86 Redistributable - 10.0.30319MKVtoolnix 4.0.0Mobile Mouse ServerMozilla Firefox 17.0.1 (x86 en-US)Mozilla Maintenance ServiceMSVCRTNetflix in Windows Media CenterNotepad++PC Probe IIQuickTimeRealtek 8136 8168 8169 Ethernet DriverSecurity Update for Microsoft .NET Framework 4 Client Profile (KB2160841)Security Update for Microsoft .NET Framework 4 Client Profile (KB2446708)Security Update for Microsoft .NET Framework 4 Client Profile (KB2478663)Security Update for Microsoft .NET Framework 4 Client Profile (KB2518870)Security Update for Microsoft .NET Framework 4 Client Profile (KB2539636)Security Update for Microsoft .NET Framework 4 Client Profile (KB2572078)Security Update for Microsoft .NET Framework 4 Client Profile (KB2604121)Security Update for Microsoft .NET Framework 4 Client Profile (KB2633870)Security Update for Microsoft .NET Framework 4 Client Profile (KB2656351)Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368)Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368v2)Security Update for Microsoft .NET Framework 4 Client Profile (KB2656405)Security Update for Microsoft .NET Framework 4 Client Profile (KB2686827)Security Update for Microsoft .NET Framework 4 Client Profile (KB2729449)Security Update for Microsoft .NET Framework 4 Client Profile (KB2737019)Sierra Wireless WatcherSiSoftware Sandra Lite 2010cUpdate for Microsoft .NET Framework 4 Client Profile (KB2468871)Update for Microsoft .NET Framework 4 Client Profile (KB2533523)Update for Microsoft .NET Framework 4 Client Profile (KB2600217)VLC media player 1.0.5WhiteCapWindows Driver Package - Garmin (grmnusb) GARMIN Devices (06/03/2009 2.3.0.0)Windows Home Server ConnectorWindows Live Communications PlatformWindows Live EssentialsWindows Live ID Sign-in AssistantWindows Live InstallerWindows Live Language SelectorWindows Live MeshWindows Live Mesh ActiveX Control for Remote ConnectionsWindows Live Movie MakerWindows Live Photo CommonWindows Live Photo GalleryWindows Live PIMT PlatformWindows Live Remote ClientWindows Live Remote Client ResourcesWindows Live Remote ServiceWindows Live Remote Service ResourcesWindows Live SOXEWindows Live SOXE DefinitionsWindows Live UX PlatformWindows Live UX Platform Language PackWindows Media Center Add-in for FlashWMV9/VC-1 Video PlaybackXBMCXBMCIntegrationZincZinc LauncherZvRemote.==== Event Viewer Messages From Past Week ========.12/28/2012 9:25:01 PM, Error: Service Control Manager [7009] - A timeout was reached (30000 milliseconds) while waiting for the Windows Media Center TV Archive Transfer Service service to connect.12/28/2012 9:25:01 PM, Error: Service Control Manager [7000] - The Windows Media Center TV Archive Transfer Service service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion.12/27/2012 12:28:49 AM, Error: Disk [11] - The driver detected a controller error on \Device\Harddisk1\DR1.12/26/2012 12:38:48 PM, Error: Service Control Manager [7000] - The Google Update Service (gupdate) service failed to start due to the following error: The pipe has been ended.12/26/2012 12:38:48 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "109" attempting to start the service gupdate with arguments "/comsvc" in order to run the server: {4EB61BAC-A3B6-4760-9581-655041EF4D69}12/23/2012 3:06:42 PM, Error: NetBT [4321] - The name "WORKGROUP :1d" could not be registered on the interface with IP address 192.168.1.103. The computer with the IP address 192.168.1.102 did not allow the name to be claimed by this computer.12/23/2012 2:14:40 PM, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the wlidsvc service..==== End Of File ===========================Thanks! Link to post Share on other sites More sharing options...
Staff gringo_pr Posted December 29, 2012 Staff ID:628098 Share Posted December 29, 2012 Greetings and Welcome to The Forums!!My name is Gringo and I'll be glad to help you with your malware problems.I have put together somethings for you to keep in mind while I am helping you to make things go easier and faster for both of usPlease do not run any tools unless instructed to do so.We ask you to run different tools in a specific order to ensure the malware is completely removed from your machine, and running any additional tools may detect false positives, interfere with our tools, or cause unforeseen damage or system instability.[*]Please do not attach logs or use code boxes, just copy and paste the text.Due to the high volume of logs we receive it helps to receive everything in the same format, and code boxes make the logs very difficult to read. Also, attachments require us to download and open the reports when it is easier to just read the reports in your post.[*]Please read every post completely before doing anything.Pay special attention to the NOTE: lines, these entries identify an individual issue or important step in the cleanup process.[*]Please provide feedback about your experience as we go.A short statement describing how the computer is working helps us understand where to go next, for example: I am still getting redirected, the computer is running normally, etc. Please do not describe the computer as "the same", this requires the extra step of looking back at your previous post.NOTE: At the top of your post, click on the Watch Topic Button, select Immediate Notification, and click on Proceed. This will send you an e-mail as soon as I reply to your topic, allowing us to resolve the issue faster.NOTE: Backup any files that cannot be replaced. Removing malware can be unpredictable and this step can save a lot of heartaches if things don't go as planed. You can put them on a CD/DVD, external drive or a pen drive, anywhere except on the computer.NOTE: It is good practice to copy and paste the instructions into notepad and print them in case it is necessary for you to go offline during the cleanup process. To open notepad, navigate to Start Menu > All Programs > Accessories > Notepad. Please remember to copy the entire post so you do not miss any instructions.These are the programs I would like you to run next, if you have any problems with these just skip it and run the next one.-Security Check-Download Security Check by screen317 from here.Save it to your Desktop.Double click SecurityCheck.exe and follow the onscreen instructions inside of the black box.A Notepad document should open automatically called checkup.txt; please post the contents of that document.-AdwCleaner-Please download AdwCleaner by Xplode onto your desktop.Close all open programs and internet browsers.Double click on AdwCleaner.exe to run the tool.Click on Delete.Confirm each time with Ok.Your computer will be rebooted automatically. A text file will open after the restart.Please post the content of that logfile with your next answer.You can find the logfile at C:\AdwCleaner[s1].txt as well.--RogueKiller-- Download & SAVE to your Desktop RogueKiller or from here Quit all programs that you may have started. Please disconnect any USB or external drives from the computer before you run this scan! For Vista or Windows 7, right-click and select "Run as Administrator to start"For Windows XP, double-click to start. Wait until Prescan has finished ... Then Click on "Scan" button Wait until the Status box shows "Scan Finished"click on "delete" Wait until the Status box shows "Deleting Finished" Click on "Report" and copy/paste the content of the Notepad into your next reply.The log should be found in RKreport[1].txt on your DesktopExit/Close RogueKiller+Gringo Link to post Share on other sites More sharing options...
supturb89 Posted December 29, 2012 Author ID:628178 Share Posted December 29, 2012 Gringo,Thank you for the reply. I ran the programs you asked and as of now the lsass.exe process is not eating up the memory it was (currently using 5800K). Here are the logs: Results of screen317's Security Check version 0.99.56 Windows 7 Service Pack 1 x64 (UAC is disabled!) Internet Explorer 8 Out of date!``````````````Antivirus/Firewall Check:`````````````` Windows Firewall Enabled! Windows Firewall Disabled! avast! Antivirus Antivirus up to date! `````````Anti-malware/Other Utilities Check:````````` Malwarebytes Anti-Malware version 1.70.0.1100 Java 6 Update 37 Java version out of Date! Adobe Flash Player 11.5.502.135 Adobe Reader 9 Adobe Reader out of Date! Mozilla Firefox (17.0.1) Google Chrome 23.0.1271.97 ````````Process Check: objlist.exe by Laurent```````` Comodo Firewall cmdagent.exe Comodo Firewall cfp.exe Alwil Software Avast5 AvastSvc.exe Alwil Software Avast5 AvastUI.exe `````````````````System Health check````````````````` Total Fragmentation on Drive C: 0%````````````````````End of Log``````````````````````# AdwCleaner v2.104 - Logfile created 12/29/2012 at 15:52:43# Updated 29/12/2012 by Xplode# Operating system : Windows 7 Ultimate Service Pack 1 (64 bits)# User : Webb - HTPC# Boot Mode : Normal# Running from : C:\Users\Webb\Desktop\adwcleaner.exe# Option [Delete]***** [services] ********** [Files / Folders] *****File Deleted : C:\Windows\SysWOW64\conduitEngine.tmpFolder Deleted : C:\Users\Webb\AppData\Local\ConduitFolder Deleted : C:\Users\Webb\AppData\Local\Google\Chrome\User Data\Default\Extensions\bejbohlohkkgompgecdcbbglkpjfjgdjFolder Deleted : C:\Users\Webb\AppData\LocalLow\ConduitFolder Deleted : C:\Users\Webb\AppData\Roaming\Mozilla\Firefox\Profiles\ek5gyir8.default\ConduitFolder Deleted : C:\Users\Webb\AppData\Roaming\Mozilla\Firefox\Profiles\ek5gyir8.default\ConduitCommonFolder Deleted : C:\Users\Webb\AppData\Roaming\Mozilla\Firefox\Profiles\ek5gyir8.default\ConduitEngineFolder Deleted : C:\Users\Webb\AppData\Roaming\Mozilla\Firefox\Profiles\ek5gyir8.default\CT2786678Folder Deleted : C:\Users\Webb\AppData\Roaming\Mozilla\Firefox\Profiles\ek5gyir8.default\extensions\{bf7380fa-e3b4-4db2-af3e-9d8783a45bfc}Folder Deleted : C:\Users\Webb\AppData\Roaming\Mozilla\Firefox\Profiles\ek5gyir8.default\extensions\engine@conduit.com***** [Registry] *****Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{AFDBDDAA-5D3F-42EE-B79C-185A7020515B}Key Deleted : HKLM\SOFTWARE\Classes\Conduit.EngineKey Deleted : HKLM\SOFTWARE\Classes\Toolbar.CT2786678Key Deleted : HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\bejbohlohkkgompgecdcbbglkpjfjgdjKey Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{AFDBDDAA-5D3F-42EE-B79C-185A7020515B}***** [internet Browsers] *****-\\ Internet Explorer v8.0.7601.17514[OK] Registry is clean.-\\ Mozilla Firefox v17.0.1 (en-US)File : C:\Users\Webb\AppData\Roaming\Mozilla\Firefox\Profiles\ek5gyir8.default\prefs.jsDeleted : user_pref("CT2786678..clientLogIsEnabled", false);Deleted : user_pref("CT2786678..clientLogServiceUrl", "hxxp://clientlog.users.conduit.com/ClientDiagnostics.as[...]Deleted : user_pref("CT2786678..uninstallLogServiceUrl", "hxxp://uninstall.users.conduit.com/Uninstall.asmx/Re[...]Deleted : user_pref("CT2786678.ALLOW_SHOWING_HIDDEN_TOOLBAR", false);Deleted : user_pref("CT2786678.AboutPrivacyUrl", "hxxp://www.conduit.com/privacy/Default.aspx");Deleted : user_pref("CT2786678.AppTrackingLastCheckTime", "Sat Jul 02 2011 07:21:15 GMT-0500 (Central Daylight[...]Deleted : user_pref("CT2786678.BrowserCompStateIsOpen_129579220236217502", true);Deleted : user_pref("CT2786678.CTID", "CT2786678");Deleted : user_pref("CT2786678.CurrentServerDate", "29-12-2012");Deleted : user_pref("CT2786678.DialogsAlignMode", "LTR");Deleted : user_pref("CT2786678.DialogsGetterLastCheckTime", "Fri Dec 28 2012 20:56:22 GMT-0600 (Central Standa[...]Deleted : user_pref("CT2786678.DownloadReferralCookieData", "");Deleted : user_pref("CT2786678.EMailNotifierPollDate", "Fri Jul 01 2011 18:17:12 GMT-0500 (Central Daylight Ti[...]Deleted : user_pref("CT2786678.FeedLastCount5690698542593514850", 159);Deleted : user_pref("CT2786678.FeedPollDate2429156812186649977", "Fri Jul 01 2011 18:17:13 GMT-0500 (Central D[...]Deleted : user_pref("CT2786678.FeedPollDate2429156813040823546", "Fri Jul 01 2011 18:17:13 GMT-0500 (Central D[...]Deleted : user_pref("CT2786678.FeedPollDate2429156813130095866", "Fri Jul 01 2011 18:17:13 GMT-0500 (Central D[...]Deleted : user_pref("CT2786678.FeedPollDate2429156813224203613", "Fri Jul 01 2011 18:17:13 GMT-0500 (Central D[...]Deleted : user_pref("CT2786678.FeedPollDate2429156813230837251", "Fri Jul 01 2011 18:17:13 GMT-0500 (Central D[...]Deleted : user_pref("CT2786678.FeedPollDate2429156813454291735", "Fri Jul 01 2011 18:17:13 GMT-0500 (Central D[...]Deleted : user_pref("CT2786678.FeedPollDate2429156813729834876", "Fri Jul 01 2011 18:17:13 GMT-0500 (Central D[...]Deleted : user_pref("CT2786678.FeedPollDate2429156813860870021", "Fri Jul 01 2011 18:17:14 GMT-0500 (Central D[...]Deleted : user_pref("CT2786678.FeedPollDate2429156814264681793", "Fri Jul 01 2011 18:17:13 GMT-0500 (Central D[...]Deleted : user_pref("CT2786678.FeedPollDate2429156814863075366", "Fri Jul 01 2011 18:17:13 GMT-0500 (Central D[...]Deleted : user_pref("CT2786678.FeedPollDate2429156815257761081", "Fri Jul 01 2011 18:17:13 GMT-0500 (Central D[...]Deleted : user_pref("CT2786678.FeedTTL2429156813040823546", 15);Deleted : user_pref("CT2786678.FeedTTL2429156813130095866", 10);Deleted : user_pref("CT2786678.FeedTTL2429156813454291735", 5);Deleted : user_pref("CT2786678.FeedTTL2429156814264681793", 5);Deleted : user_pref("CT2786678.FirstServerDate", "2-7-2011");Deleted : user_pref("CT2786678.FirstTime", true);Deleted : user_pref("CT2786678.FirstTimeFF3", true);Deleted : user_pref("CT2786678.FixPageNotFoundErrors", false);Deleted : user_pref("CT2786678.GroupingServerCheckInterval", 1440);Deleted : user_pref("CT2786678.GroupingServiceUrl", "hxxp://grouping.services.conduit.com/");Deleted : user_pref("CT2786678.HasUserGlobalKeys", true);Deleted : user_pref("CT2786678.HomePageProtectorEnabled", false);Deleted : user_pref("CT2786678.Initialize", true);Deleted : user_pref("CT2786678.InitializeCommonPrefs", true);Deleted : user_pref("CT2786678.InstallationAndCookieDataSentCount", 3);Deleted : user_pref("CT2786678.InstallationType", "UnknownIntegration");Deleted : user_pref("CT2786678.InstalledDate", "Fri Jul 01 2011 18:17:12 GMT-0500 (Central Daylight Time)");Deleted : user_pref("CT2786678.IsAlertDBUpdated", true);Deleted : user_pref("CT2786678.IsGrouping", false);Deleted : user_pref("CT2786678.IsInitSetupIni", true);Deleted : user_pref("CT2786678.IsMulticommunity", false);Deleted : user_pref("CT2786678.IsOpenThankYouPage", true);Deleted : user_pref("CT2786678.IsOpenUninstallPage", false);Deleted : user_pref("CT2786678.LanguagePackLastCheckTime", "Fri Dec 28 2012 20:56:20 GMT-0600 (Central Standar[...]Deleted : user_pref("CT2786678.LanguagePackReloadIntervalMM", 1440);Deleted : user_pref("CT2786678.LanguagePackServiceUrl", "hxxp://translation.users.conduit.com/Translation.ashx[...]Deleted : user_pref("CT2786678.LastLogin_3.13.0.6", "Tue Sep 18 2012 20:15:12 GMT-0500 (Central Daylight Time)[...]Deleted : user_pref("CT2786678.LastLogin_3.15.1.0", "Sat Dec 29 2012 13:44:30 GMT-0600 (Central Standard Time)[...]Deleted : user_pref("CT2786678.LastLogin_3.5.0.12", "Sat Jul 02 2011 07:21:05 GMT-0500 (Central Daylight Time)[...]Deleted : user_pref("CT2786678.LatestVersion", "3.16.0.3");Deleted : user_pref("CT2786678.Locale", "en");Deleted : user_pref("CT2786678.MCDetectTooltipHeight", "83");Deleted : user_pref("CT2786678.MCDetectTooltipShow", false);Deleted : user_pref("CT2786678.MCDetectTooltipUrl", "hxxp://@EB_INSTALL_LINK@/rank/tooltip/?version=1");Deleted : user_pref("CT2786678.MCDetectTooltipWidth", "295");Deleted : user_pref("CT2786678.MyStuffEnabledAtInstallation", true);Deleted : user_pref("CT2786678.OriginalFirstVersion", "3.5.0.12");Deleted : user_pref("CT2786678.SearchEngineBeforeUnload", "chrome://browser-region/locale/region.properties");Deleted : user_pref("CT2786678.SearchFromAddressBarIsInit", true);Deleted : user_pref("CT2786678.SearchFromAddressBarUrl", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT278[...]Deleted : user_pref("CT2786678.SearchInNewTabEnabled", true);Deleted : user_pref("CT2786678.SearchInNewTabIntervalMM", 1440);Deleted : user_pref("CT2786678.SearchInNewTabLastCheckTime", "Fri Dec 28 2012 20:56:17 GMT-0600 (Central Stand[...]Deleted : user_pref("CT2786678.SearchInNewTabServiceUrl", "hxxp://newtab.conduit-hosting.com/newtab/?ctid=EB_T[...]Deleted : user_pref("CT2786678.SearchInNewTabUsageUrl", "hxxp://Usage.Hosting.conduit-services.com/UsageServic[...]Deleted : user_pref("CT2786678.SearchInNewTabUserEnabled", false);Deleted : user_pref("CT2786678.SearchProtectorEnabled", false);Deleted : user_pref("CT2786678.SearchProtectorToolbarDisabled", false);Deleted : user_pref("CT2786678.ServiceMapLastCheckTime", "Fri Dec 28 2012 20:56:18 GMT-0600 (Central Standard [...]Deleted : user_pref("CT2786678.SettingsLastCheckTime", "Sat Dec 29 2012 09:44:28 GMT-0600 (Central Standard Ti[...]Deleted : user_pref("CT2786678.SettingsLastUpdate", "1356550082");Deleted : user_pref("CT2786678.ThirdPartyComponentsInterval", 504);Deleted : user_pref("CT2786678.ThirdPartyComponentsLastCheck", "Fri Jul 01 2011 18:17:11 GMT-0500 (Central Day[...]Deleted : user_pref("CT2786678.ThirdPartyComponentsLastUpdate", "1246786978");Deleted : user_pref("CT2786678.ToolbarShrinkedFromSetup", false);Deleted : user_pref("CT2786678.TrusteLinkUrl", "hxxp://trust.conduit.com/CT2786678");Deleted : user_pref("CT2786678.TrustedApiDomains", "conduit.com,conduit-hosting.com,conduit-services.com,clien[...]Deleted : user_pref("CT2786678.UserID", "UN21299609397261965");Deleted : user_pref("CT2786678.WeatherNetwork", "");Deleted : user_pref("CT2786678.WeatherPollDate", "Fri Jul 01 2011 18:17:13 GMT-0500 (Central Daylight Time)");Deleted : user_pref("CT2786678.WeatherUnit", "F");Deleted : user_pref("CT2786678.alertChannelId", "1178763");Deleted : user_pref("CT2786678.approveUntrustedApps", false);Deleted : user_pref("CT2786678.backendstorage.scriptsource", "687474703A2F2F3132372E302E302E313A31303030302F67[...]Deleted : user_pref("CT2786678.backendstorage.url_history", "687474703A2F2F69736F68756E742E636F6D2F746F7272656[...]Deleted : user_pref("CT2786678.backendstorage.url_history_time", "31333039353632363232383137");Deleted : user_pref("CT2786678.components.1000034", false);Deleted : user_pref("CT2786678.components.1000234", false);Deleted : user_pref("CT2786678.components.129295698017012804", false);Deleted : user_pref("CT2786678.components.129309485163350924", false);Deleted : user_pref("CT2786678.components.129309489763975460", false);Deleted : user_pref("CT2786678.components.129315411424256896", false);Deleted : user_pref("CT2786678.components.129513460540910967", false);Deleted : user_pref("CT2786678.components.129526967958500204", false);Deleted : user_pref("CT2786678.components.5690698542593514850", false);Deleted : user_pref("CT2786678.generalConfigFromLogin", "{\"ApiMaxAlerts\":\"12\",\"SocialDomains\":\"social.c[...]Deleted : user_pref("CT2786678.globalFirstTimeInfoLastCheckTime", "Sat Jul 02 2011 07:21:05 GMT-0500 (Central [...]Deleted : user_pref("CT2786678.homepageProtectorEnableByLogin", true);Deleted : user_pref("CT2786678.initDone", true);Deleted : user_pref("CT2786678.isAppTrackingManagerOn", true);Deleted : user_pref("CT2786678.myStuffEnabled", true);Deleted : user_pref("CT2786678.myStuffPublihserMinWidth", 400);Deleted : user_pref("CT2786678.myStuffSearchUrl", "hxxp://Apps.conduit.com/search?q=SEARCH_TERM&SearchSourceOr[...]Deleted : user_pref("CT2786678.myStuffServiceIntervalMM", 1440);Deleted : user_pref("CT2786678.myStuffServiceUrl", "hxxp://mystuff.conduit-services.com/MyStuffService.ashx?Co[...]Deleted : user_pref("CT2786678.oldAppsList", "129295695672325902,129295695672325903,111,1000234,12929569801701[...]Deleted : user_pref("CT2786678.revertSettingsEnabled", false);Deleted : user_pref("CT2786678.searchProtectorDialogDelayInSec", 10);Deleted : user_pref("CT2786678.searchProtectorEnableByLogin", true);Deleted : user_pref("CT2786678.testingCtid", "");Deleted : user_pref("CT2786678.toolbarAppMetaDataLastCheckTime", "Fri Dec 28 2012 20:56:18 GMT-0600 (Central S[...]Deleted : user_pref("CT2786678.toolbarContextMenuLastCheckTime", "Fri Jul 01 2011 18:17:13 GMT-0500 (Central D[...]Deleted : user_pref("CT2786678.usagesFlag", 2);Deleted : user_pref("CommunityToolbar.ETag.hxxp://Settings.toolbar.search.conduit.com/root/CT2786678/CT2786678[...]Deleted : user_pref("CommunityToolbar.ETag.hxxp://alerts.conduit-services.com/root/1178763/1174448/US", "\"0\"[...]Deleted : user_pref("CommunityToolbar.ETag.hxxp://alerts.conduit-services.com/root/909619/905414/US", "\"0\"")[...]Deleted : user_pref("CommunityToolbar.ETag.hxxp://appsmetadata.toolbar.conduit-services.com/?ctid=CT2786678", [...]Deleted : user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-services.com/?name=GottenApps&lo[...]Deleted : user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-services.com/?name=OtherApps&loc[...]Deleted : user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-services.com/?name=SharedApps&lo[...]Deleted : user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-services.com/?name=Toolbar&local[...]Deleted : user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.alert.conduit-services.com/alert/dlg.pkg", "\[...]Deleted : user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.engine.conduit-services.com/DLG.pkg?ver=3.3.3[...]Deleted : user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.toolbar.conduit-services.com/DLG.pkg?ver=3.13[...]Deleted : user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.toolbar.conduit-services.com/DLG.pkg?ver=3.15[...]Deleted : user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.toolbar.conduit-services.com/DLG.pkg?ver=3.5.[...]Deleted : user_pref("CommunityToolbar.ETag.hxxp://servicemap.conduit-services.com/Toolbar/?ownerId=CT2786678",[...]Deleted : user_pref("CommunityToolbar.ETag.hxxp://settings.engine.conduit-services.com/?browser=FF&lut=0", "63[...]Deleted : user_pref("CommunityToolbar.ETag.hxxp://settings.engine.conduit-services.com/?browser=FF&lut=3/13/20[...]Deleted : user_pref("CommunityToolbar.ETag.hxxp://settings.toolbar.search.conduit.com/root/CT2786678/CT2786678[...]Deleted : user_pref("CommunityToolbar.ETag.hxxp://translation.toolbar.conduit-services.com/?locale=en", "\"bb9[...]Deleted : user_pref("CommunityToolbar.EngineOwner", "ConduitEngine");Deleted : user_pref("CommunityToolbar.EngineOwnerGuid", "engine@conduit.com");Deleted : user_pref("CommunityToolbar.EngineOwnerToolbarId", "conduitengine");Deleted : user_pref("CommunityToolbar.IsEngineShown", true);Deleted : user_pref("CommunityToolbar.IsMyStuffImportedToEngine", true);Deleted : user_pref("CommunityToolbar.LatestLibsPath", "file:///C:\\Users\\Webb\\AppData\\Roaming\\Mozilla\\Fi[...]Deleted : user_pref("CommunityToolbar.LatestToolbarVersionInstalled", "3.5.0.12");Deleted : user_pref("CommunityToolbar.OriginalEngineOwner", "ConduitEngine");Deleted : user_pref("CommunityToolbar.OriginalEngineOwnerGuid", "engine@conduit.com");Deleted : user_pref("CommunityToolbar.OriginalEngineOwnerToolbarId", "conduitengine");Deleted : user_pref("CommunityToolbar.SearchFromAddressBarSavedUrl", "chrome://browser-region/locale/region.pr[...]Deleted : user_pref("CommunityToolbar.ToolbarsList", "CT2786678,ConduitEngine");Deleted : user_pref("CommunityToolbar.ToolbarsList2", "CT2786678,ConduitEngine");Deleted : user_pref("CommunityToolbar.ToolbarsList4", "CT2786678");Deleted : user_pref("CommunityToolbar.alert.alertDialogsGetterLastCheckTime", "Fri Jul 01 2011 18:17:12 GMT-05[...]Deleted : user_pref("CommunityToolbar.alert.alertInfoInterval", 1440);Deleted : user_pref("CommunityToolbar.alert.alertInfoLastCheckTime", "Fri Mar 02 2012 18:45:17 GMT-0600 (Centr[...]Deleted : user_pref("CommunityToolbar.alert.clientsServerUrl", "hxxp://alert.client.conduit.com");Deleted : user_pref("CommunityToolbar.alert.locale", "en");Deleted : user_pref("CommunityToolbar.alert.loginIntervalMin", 1440);Deleted : user_pref("CommunityToolbar.alert.loginLastCheckTime", "Fri Mar 02 2012 18:45:09 GMT-0600 (Central S[...]Deleted : user_pref("CommunityToolbar.alert.loginLastUpdateTime", "1313487611");Deleted : user_pref("CommunityToolbar.alert.messageShowTimeSec", 20);Deleted : user_pref("CommunityToolbar.alert.servicesServerUrl", "hxxp://alert.services.conduit.com");Deleted : user_pref("CommunityToolbar.alert.showTrayIcon", false);Deleted : user_pref("CommunityToolbar.alert.userCloseIntervalMin", 300);Deleted : user_pref("CommunityToolbar.alert.userId", "40b35769-2d50-4383-812c-16c8d9ea92aa");Deleted : user_pref("CommunityToolbar.facebook.settingsLastCheckTime", "Fri Jul 01 2011 18:17:13 GMT-0500 (Cen[...]Deleted : user_pref("CommunityToolbar.globalUserId", "1f3741a7-815c-494a-b0b6-1287d12f89d1");Deleted : user_pref("CommunityToolbar.isAlertUrlAddedToFeedItemTable", true);Deleted : user_pref("CommunityToolbar.isClickActionAddedToFeedItemTable", true);Deleted : user_pref("CommunityToolbar.notifications.alertDialogsGetterLastCheckTime", "Fri Jul 01 2011 18:17:1[...]Deleted : user_pref("CommunityToolbar.notifications.alertInfoInterval", 1440);Deleted : user_pref("CommunityToolbar.notifications.alertInfoLastCheckTime", "Sat Jul 02 2011 07:21:13 GMT-050[...]Deleted : user_pref("CommunityToolbar.notifications.clientsServerUrl", "hxxp://alert.client.conduit.com");Deleted : user_pref("CommunityToolbar.notifications.locale", "en");Deleted : user_pref("CommunityToolbar.notifications.loginIntervalMin", 1440);Deleted : user_pref("CommunityToolbar.notifications.loginLastCheckTime", "Fri Jul 01 2011 18:17:12 GMT-0500 (C[...]Deleted : user_pref("CommunityToolbar.notifications.loginLastUpdateTime", "1305622559");Deleted : user_pref("CommunityToolbar.notifications.messageShowTimeSec", 20);Deleted : user_pref("CommunityToolbar.notifications.servicesServerUrl", "hxxp://alert.services.conduit.com");Deleted : user_pref("CommunityToolbar.notifications.showTrayIcon", false);Deleted : user_pref("CommunityToolbar.notifications.userCloseIntervalMin", 300);Deleted : user_pref("CommunityToolbar.notifications.userId", "7a8314af-ff7a-4f72-97e8-bc5e0d1c09cb");Deleted : user_pref("ConduitEngine.AppTrackingLastCheckTime", "Thu Mar 01 2012 18:45:19 GMT-0600 (Central Stan[...]Deleted : user_pref("ConduitEngine.CTID", "ConduitEngine");Deleted : user_pref("ConduitEngine.DialogsGetterLastCheckTime", "Thu Mar 01 2012 18:45:09 GMT-0600 (Central St[...]Deleted : user_pref("ConduitEngine.FirstServerDate", "07/02/2011 02");Deleted : user_pref("ConduitEngine.FirstTime", true);Deleted : user_pref("ConduitEngine.FirstTimeFF3", true);Deleted : user_pref("ConduitEngine.FixPageNotFoundErrors", false);Deleted : user_pref("ConduitEngine.HasUserGlobalKeys", true);Deleted : user_pref("ConduitEngine.Initialize", true);Deleted : user_pref("ConduitEngine.InitializeCommonPrefs", true);Deleted : user_pref("ConduitEngine.InstallationType", "UnknownIntegration");Deleted : user_pref("ConduitEngine.InstalledDate", "Fri Jul 01 2011 18:17:13 GMT-0500 (Central Daylight Time)"[...]Deleted : user_pref("ConduitEngine.IsMulticommunity", false);Deleted : user_pref("ConduitEngine.IsOpenThankYouPage", false);Deleted : user_pref("ConduitEngine.IsOpenUninstallPage", false);Deleted : user_pref("ConduitEngine.LanguagePackLastCheckTime", "Fri Mar 02 2012 18:45:10 GMT-0600 (Central Sta[...]Deleted : user_pref("ConduitEngine.LastLogin_3.3.3.2", "Sat Mar 03 2012 06:45:09 GMT-0600 (Central Standard Ti[...]Deleted : user_pref("ConduitEngine.SearchFromAddressBarIsInit", true);Deleted : user_pref("ConduitEngine.SearchFromAddressBarUrl", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=C[...]Deleted : user_pref("ConduitEngine.SettingsLastCheckTime", "Sat Mar 03 2012 06:45:09 GMT-0600 (Central Standar[...]Deleted : user_pref("ConduitEngine.UserID", "UN54517739767074751");Deleted : user_pref("ConduitEngine.engineLocale", "en-US");Deleted : user_pref("ConduitEngine.enngineContextMenuLastCheckTime", "Fri Mar 02 2012 18:45:11 GMT-0600 (Centr[...]Deleted : user_pref("ConduitEngine.globalFirstTimeInfoLastCheckTime", "Sat Mar 03 2012 06:45:09 GMT-0600 (Cent[...]Deleted : user_pref("ConduitEngine.initDone", true);Deleted : user_pref("ConduitEngine.isAppTrackingManagerOn", true);-\\ Google Chrome v23.0.1271.97File : C:\Users\Webb\AppData\Local\Google\Chrome\User Data\Default\Preferences[OK] File is clean.*************************AdwCleaner[s1].txt - [20234 octets] - [29/12/2012 15:52:43]########## EOF - C:\AdwCleaner[s1].txt - [20295 octets] ##########RogueKiller V8.4.1 [Dec 28 2012] by Tigzymail : tigzyRK<at>gmail<dot>comFeedback : http://www.geekstogo.com/forum/files/file/413-roguekiller/Website : http://tigzy.geekstogo.com/roguekiller.phpBlog : http://tigzyrk.blogspot.com/Operating System : Windows 7 (6.1.7601 Service Pack 1) 64 bits versionStarted in : Normal modeUser : Webb [Admin rights]Mode : Scan -- Date : 12/29/2012 15:59:28¤¤¤ Bad processes : 0 ¤¤¤¤¤¤ Registry Entries : 8 ¤¤¤[HJ] HKLM\[...]\System : ConsentPromptBehaviorAdmin (0) -> FOUND[HJ] HKLM\[...]\Wow6432Node\System : ConsentPromptBehaviorAdmin (0) -> FOUND[HJ] HKLM\[...]\System : EnableLUA (0) -> FOUND[HJ] HKLM\[...]\Wow6432Node\System : EnableLUA (0) -> FOUND[HJ DESK] HKCU\[...]\ClassicStartMenu : {645FF040-5081-101B-9F08-00AA002F954E} (1) -> FOUND[HJ DESK] HKCU\[...]\NewStartPanel : {645FF040-5081-101B-9F08-00AA002F954E} (1) -> FOUND[HJ DESK] HKLM\[...]\NewStartPanel : {59031a47-3f72-44a7-89c5-5595fe6b30ee} (1) -> FOUND[HJ DESK] HKLM\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> FOUND¤¤¤ Particular Files / Folders: ¤¤¤¤¤¤ Driver : [NOT LOADED] ¤¤¤¤¤¤ HOSTS File: ¤¤¤--> C:\Windows\system32\drivers\etc\hosts192.168.1.105 HOMESERVER #Windows Home Server#¤¤¤ MBR Check: ¤¤¤+++++ PhysicalDrive0: WDC WD2500YD-01NVB1 ATA Device +++++--- User ---[MBR] 52b9e6ab410f29e12965d7f2704820f4[bSP] 5239ee995432644c26a960e1f84967b8 : Windows 7/8 MBR CodePartition table:0 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 2048 | Size: 188252 Mo1 - [XXXXXX] EXTEN (0x05) [VISIBLE] Offset (sectors): 385543935 | Size: 51113 MoUser = LL1 ... OK!User = LL2 ... OK!Finished : << RKreport[1]_S_12292012_02d1559.txt >>RKreport[1]_S_12292012_02d1559.txtThanks!Aaron Link to post Share on other sites More sharing options...
Staff gringo_pr Posted December 30, 2012 Staff ID:628415 Share Posted December 30, 2012 HelloI Would like you to do the following.Please print out or make a copy in notepad of any instructions given, as sometimes it is necessary to go offline and you will lose access to them.Run Combofix:You may be asked to install or update the Recovery Console (Win XP Only) if this happens please allow it to do so (you will need to be connected to the internet for this)Before you run Combofix I will need you to turn off any security software you have running, If you do not know how to do this you can find out >here< or >here<Combofix may need to reboot your computer more than once to do its job this is normal.You can download Combofix from one of these links. I want you to save it to the desktop and run it from there.Link 1Link 2Link 31. Close any open browsers or any other programs that are open.2. Close/disable all anti virus and anti malware programs so they do not interfere with the running of ComboFix.Double click on combofix.exe & follow the prompts.When finished, it will produce a report for you. Note 1: Do not mouseclick combofix's window while it's running. That may cause it to stallNote 2: If you receive an error "Illegal operation attempted on a registry key that has been marked for deletion." Please restart the computer"information and logs"In your next post I need the followingLog from Combofixlet me know of any problems you may have hadHow is the computer doing now?Gringo Link to post Share on other sites More sharing options...
supturb89 Posted December 30, 2012 Author ID:628428 Share Posted December 30, 2012 Gringo,After running the programs in your first post I replied back that the lsass.exe process was running normal again. That was true for a short time, but as time went by the process started to increase its memory usage. Upon waking this morning it was back up to around 2.8 million K and my computer was really sluggish. I have run Combofix like you asked but the problem still persists. ComboFix 12-12-30.01 - Webb 12/30/2012 8:00.1.2 - x64Microsoft Windows 7 Ultimate 6.1.7601.1.1252.1.1033.18.4095.901 [GMT -6:00]Running from: c:\users\Webb\Desktop\ComboFix.exeAV: avast! Antivirus *Disabled/Updated* {2B2D1395-420B-D5C9-657E-930FE358FC3C}FW: COMODO Firewall *Enabled* {7DB03214-694B-060B-1600-BD4715C36DBB}SP: avast! Antivirus *Disabled/Updated* {904CF271-6431-DA47-5FCE-A87D98DFB681}SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}..((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))..c:\programdata\xmlA717.tmpc:\programdata\xmlAC94.tmpc:\programdata\xmlB79D.tmpc:\users\Webb\AppData\Local\Microsoft\Windows\Temporary Internet Files\install_flash_player_10_active_x.msi..((((((((((((((((((((((((( Files Created from 2012-11-28 to 2012-12-30 )))))))))))))))))))))))))))))))..2012-12-30 14:08 . 2012-12-30 14:08 -------- d-----w- c:\users\Default\AppData\Local\temp2012-12-30 11:10 . 2012-12-30 11:10 76232 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{CBDA262E-5FCC-4B41-B1E7-7BEC5A2B2BA5}\offreg.dll2012-12-29 03:03 . 2012-12-29 03:03 -------- d-----w- c:\users\Webb\AppData\Roaming\Malwarebytes2012-12-29 03:03 . 2012-12-29 03:03 -------- d-----w- c:\programdata\Malwarebytes2012-12-29 03:03 . 2012-12-29 03:03 -------- d-----w- c:\program files (x86)\Malwarebytes' Anti-Malware2012-12-29 03:03 . 2012-12-14 22:49 24176 ----a-w- c:\windows\system32\drivers\mbam.sys2012-12-29 03:02 . 2012-12-29 03:02 -------- d-----w- c:\users\Webb\AppData\Local\Programs2012-12-28 18:41 . 2012-11-08 17:24 9125352 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{CBDA262E-5FCC-4B41-B1E7-7BEC5A2B2BA5}\mpengine.dll2012-12-21 13:54 . 2012-12-21 13:56 -------- d-----w- c:\program files (x86)\Google2012-12-21 09:00 . 2012-12-16 17:11 46080 ----a-w- c:\windows\system32\atmlib.dll2012-12-21 09:00 . 2012-12-16 14:13 34304 ----a-w- c:\windows\SysWow64\atmlib.dll2012-12-21 09:00 . 2012-12-16 14:45 367616 ----a-w- c:\windows\system32\atmfd.dll2012-12-21 09:00 . 2012-12-16 14:13 295424 ----a-w- c:\windows\SysWow64\atmfd.dll2012-12-11 19:07 . 2012-11-09 05:45 2048 ----a-w- c:\windows\system32\tzres.dll2012-12-11 19:07 . 2012-11-09 04:42 2048 ----a-w- c:\windows\SysWow64\tzres.dll2012-12-11 19:05 . 2012-10-04 16:47 274944 ----a-w- c:\windows\SysWow64\KernelBase.dll...(((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))).2012-12-12 11:13 . 2012-04-07 13:19 697272 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe2012-12-12 11:13 . 2011-05-21 19:42 73656 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl2012-12-12 09:01 . 2010-04-23 02:37 67413224 ----a-w- c:\windows\system32\MRT.exe2012-11-07 23:38 . 2010-04-09 06:25 94288 ----a-w- c:\windows\system32\drivers\inspect.sys2012-11-07 23:38 . 2010-04-09 06:25 38144 ----a-w- c:\windows\system32\drivers\cmdhlp.sys2012-11-07 23:37 . 2010-04-09 06:25 584056 ----a-w- c:\windows\system32\drivers\cmdGuard.sys2012-11-07 23:37 . 2010-04-09 06:25 22736 ----a-w- c:\windows\system32\drivers\cmderd.sys2012-11-07 23:37 . 2012-01-18 13:15 41240 ----a-w- c:\windows\system32\cmdcsr.dll2012-11-07 23:37 . 2010-04-09 06:26 301264 ----a-w- c:\windows\SysWow64\guard32.dll2012-11-07 23:37 . 2010-04-09 06:26 390392 ----a-w- c:\windows\system32\guard64.dll2012-10-30 23:51 . 2010-04-23 02:32 59728 ----a-w- c:\windows\system32\drivers\aswTdi.sys2012-10-30 23:51 . 2011-03-09 01:52 984144 ----a-w- c:\windows\system32\drivers\aswSnx.sys2012-10-30 23:51 . 2010-04-23 02:32 370288 ----a-w- c:\windows\system32\drivers\aswSP.sys2012-10-30 23:51 . 2010-04-23 02:32 71600 ----a-w- c:\windows\system32\drivers\aswMonFlt.sys2012-10-30 23:51 . 2010-04-23 02:32 25232 ----a-w- c:\windows\system32\drivers\aswFsBlk.sys2012-10-30 23:51 . 2010-07-24 02:43 41224 ----a-w- c:\windows\avastSS.scr2012-10-30 23:50 . 2010-04-23 02:31 227648 ----a-w- c:\windows\SysWow64\aswBoot.exe2012-10-30 23:50 . 2011-02-13 22:36 285328 ----a-w- c:\windows\system32\aswBoot.exe2012-10-19 15:29 . 2012-10-19 15:29 163056 ----a-w- c:\programdata\Microsoft\Windows\Sqm\Manifest\Sqm10142.bin2012-10-19 11:18 . 2012-10-19 11:18 477168 ----a-w- c:\windows\SysWow64\npdeployJava1.dll2012-10-19 11:18 . 2010-04-25 02:57 473072 ----a-w- c:\windows\SysWow64\deployJava1.dll2012-10-16 08:38 . 2012-11-27 18:55 135168 ----a-w- c:\windows\apppatch\AppPatch64\AcXtrnal.dll2012-10-16 08:38 . 2012-11-27 18:55 350208 ----a-w- c:\windows\apppatch\AppPatch64\AcLayers.dll2012-10-16 07:39 . 2012-11-27 18:55 561664 ----a-w- c:\windows\apppatch\AcLayers.dll2012-10-15 16:59 . 2012-04-07 13:20 54072 ----a-w- c:\windows\system32\drivers\aswRdr2.sys2012-10-09 18:17 . 2012-11-14 10:50 55296 ----a-w- c:\windows\system32\dhcpcsvc6.dll2012-10-09 18:17 . 2012-11-14 10:50 226816 ----a-w- c:\windows\system32\dhcpcore6.dll2012-10-09 17:40 . 2012-11-14 10:50 44032 ----a-w- c:\windows\SysWow64\dhcpcsvc6.dll2012-10-09 17:40 . 2012-11-14 10:50 193536 ----a-w- c:\windows\SysWow64\dhcpcore6.dll2012-10-04 20:29 . 2012-03-15 06:40 737072 ----a-w- c:\programdata\Microsoft\eHome\Packages\SportsV2\SportsTemplateCore-2\Microsoft.MediaCenter.Sports.UI.dll2012-10-04 20:28 . 2012-02-19 21:32 2876528 ----a-w- c:\programdata\Microsoft\eHome\Packages\MCEClientUX\UpdateableMarkup\markup.dll2012-10-04 20:28 . 2012-02-19 21:32 42776 ----a-w- c:\programdata\Microsoft\eHome\Packages\MCEClientUX\dSM\StartResources.dll2012-10-04 20:28 . 2012-02-19 21:32 539984 ----a-w- c:\programdata\Microsoft\eHome\Packages\MCESpotlight\MCESpotlight\SpotlightResources.dll2012-10-04 16:40 . 2012-12-11 19:05 44032 ----a-w- c:\windows\apppatch\acwow64.dll2012-10-03 17:56 . 2012-11-14 10:49 1914248 ----a-w- c:\windows\system32\drivers\tcpip.sys2012-10-03 17:44 . 2012-11-14 10:49 70656 ----a-w- c:\windows\system32\nlaapi.dll2012-10-03 17:44 . 2012-11-14 10:49 303104 ----a-w- c:\windows\system32\nlasvc.dll2012-10-03 17:44 . 2012-11-14 10:49 246272 ----a-w- c:\windows\system32\netcorehc.dll2012-10-03 17:44 . 2012-11-14 10:49 18944 ----a-w- c:\windows\system32\netevent.dll2012-10-03 17:44 . 2012-11-14 10:49 216576 ----a-w- c:\windows\system32\ncsi.dll2012-10-03 17:42 . 2012-11-14 10:49 569344 ----a-w- c:\windows\system32\iphlpsvc.dll2012-10-03 16:42 . 2012-11-14 10:49 175104 ----a-w- c:\windows\SysWow64\netcorehc.dll2012-10-03 16:42 . 2012-11-14 10:49 18944 ----a-w- c:\windows\SysWow64\netevent.dll2012-10-03 16:42 . 2012-11-14 10:49 156672 ----a-w- c:\windows\SysWow64\ncsi.dll2012-10-03 16:07 . 2012-11-14 10:49 45568 ----a-w- c:\windows\system32\drivers\tcpipreg.sys2010-12-07 22:27 . 2010-11-21 17:11 331249 ----a-w- c:\program files (x86)\Clown_BD_v0.79.exe..((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))..*Note* empty entries & legit default entries are not shownREGEDIT4.[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]"gStart"="c:\program files (x86)\Garmin\gStart.exe" [2008-08-13 1891416].[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]"StartCCC"="c:\program files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2010-10-27 98304]"QuickTime Task"="c:\program files (x86)\QuickTime\QTTask.exe" [2010-11-29 421888]"iTunesHelper"="c:\program files (x86)\iTunes\iTunesHelper.exe" [2011-03-07 421160]"WatcherHelper"="c:\program files (x86)\Sierra Wireless Inc\Watcher\WaHelper.exe" [2009-06-12 53248]"Adobe Reader Speed Launcher"="c:\program files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2012-01-04 37296]"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2012-01-02 843712]"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2012-09-17 254896]"avast"="c:\program files\Alwil Software\Avast5\avastUI.exe" [2012-10-30 4297136].[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\RunOnce]"osk.exe"="osk.exe" [2009-07-14 646144]"Application Restart 0"="c:\windows\System32\osk.exe" [2009-07-14 646144].c:\users\Webb\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ZvRemote.lnk - c:\program files (x86)\ZeeVee\ZvRemote\ZvRemote.exe [2010-2-10 1565944].c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\Air Mouse.lnk - c:\program files (x86)\Air Mouse\Air Mouse\Air Mouse.exe [2010-6-27 1018856]Media Browser Service.lnk - c:\program files (x86)\MediaBrowser\MediaBrowser\MediaBrowserService.exe [2012-1-14 135168]Windows Home Server.lnk - c:\windows\Installer\{21E49794-7C13-4E84-8659-55BD378267D5}\WHSTrayApp.exe [2012-1-2 666992].[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]"ConsentPromptBehaviorUser"= 3 (0x3)"EnableUIADesktopToggle"= 0 (0x0)"PromptOnSecureDesktop"= 0 (0x0).[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\windows]"LoadAppInit_DLLs"=1 (0x1)"AppInit_DLLs"=c:\windows\SysWOW64\guard32.dll.[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\CLPSLS]@="Service".R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys [2010-11-20 20992]R3 SandraAgentSrv;SiSoftware Deployment Agent Service;c:\program files\SiSoftware\SiSoftware Sandra Lite 2010c\RpcAgentSrv.exe [2009-08-24 93336]R3 Synth3dVsc;Synth3dVsc;c:\windows\system32\drivers\synth3dvsc.sys [x]R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [2010-11-20 59392]R3 tsusbhub;tsusbhub;c:\windows\system32\drivers\tsusbhub.sys [x]R3 USBAAPL64;Apple Mobile USB Driver;c:\windows\system32\Drivers\usbaapl64.sys [2011-02-18 51712]R3 VGPU;VGPU;c:\windows\system32\drivers\rdvgkmd.sys [x]R3 WatAdminSvc;Windows Activation Technologies Service;c:\windows\system32\Wat\WatAdminSvc.exe [2010-04-23 1255736]R4 wlcrasvc;Windows Live Mesh remote connections service;c:\program files\Windows Live\Mesh\wlcrasvc.exe [2010-09-23 57184]S1 aswSnx;aswSnx; [x]S1 aswSP;aswSP; [x]S1 cmdGuard;COMODO Internet Security Sandbox Driver;c:\windows\system32\DRIVERS\cmdguard.sys [2012-11-07 584056]S1 cmdHlp;COMODO Internet Security Helper Driver;c:\windows\system32\DRIVERS\cmdhlp.sys [2012-11-07 38144]S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe [2010-10-27 203776]S2 arXfrSvc;Windows Media Center TV Archive Transfer Service;c:\program files\Windows Home Server\Microsoft.HomeServer.Archive.TransferService.exe [2011-01-10 231280]S2 aswFsBlk;aswFsBlk; [x]S2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys [2012-10-30 71600]S2 CLPSLS;COMODO livePCsupport Service;c:\program files (x86)\COMODO\COMODO livePCsupport\CLPSLS.exe [2010-02-19 148744]S2 esClient;Windows Media Center Client Service;c:\program files\Windows Home Server\esClient.exe [2011-01-10 109936]S2 WHSConnector;Windows Home Server Connector Service;c:\program files\Windows Home Server\WHSConnector.exe [2011-01-10 489840]S3 AtiHDAudioService;ATI Function Driver for HD Audio Service;c:\windows\system32\drivers\AtihdW76.sys [2010-09-24 116752]S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys [2009-05-22 215040]..Contents of the 'Scheduled Tasks' folder.2012-12-30 c:\windows\Tasks\Adobe Flash Player Updater.job- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-04-07 11:13].2012-12-30 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2012-12-21 13:54].2012-12-30 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2012-12-21 13:54]..--------- X64 Entries -----------..[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]@="{472083B0-C522-11CF-8763-00608CC02F24}"[HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]2012-10-30 23:50 133400 ----a-w- c:\program files\Alwil Software\Avast5\ashShA64.dll.[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]"COMODO Internet Security"="c:\program files\COMODO\COMODO Internet Security\cfp.exe" [2012-11-07 9577680].[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]"AppInit_DLLs"=c:\windows\System32\guard64.dll.------- Supplementary Scan -------.uLocal Page = c:\windows\system32\blank.htmmLocal Page = c:\windows\SysWOW64\blank.htmuInternet Settings,ProxyOverride = *.localTCP: DhcpNameServer = 192.168.1.1FF - ProfilePath - c:\users\Webb\AppData\Roaming\Mozilla\Firefox\Profiles\ek5gyir8.default\FF - prefs.js: browser.startup.homepage - www.google.com.- - - - ORPHANS REMOVED - - - -.URLSearchHooks-{bf7380fa-e3b4-4db2-af3e-9d8783a45bfc} - (no file)Wow6432Node-HKLM-Run-AirCardEnabler - (no file)...--------------------- LOCKED REGISTRY KEYS ---------------------.[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]@Denied: (A 2) (Everyone)@="FlashBroker""LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_5_502_135_ActiveX.exe,-101".[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]"Enabled"=dword:00000001.[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]@="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_5_502_135_ActiveX.exe".[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}".[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]@Denied: (A 2) (Everyone)@="IFlashBroker5".[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]@="{00020424-0000-0000-C000-000000000046}".[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}""Version"="1.0".[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]@Denied: (A 2) (Everyone)@="FlashBroker""LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_5_502_135_ActiveX.exe,-101".[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]"Enabled"=dword:00000001.[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_5_502_135_ActiveX.exe".[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}".[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]@Denied: (A 2) (Everyone)@="Shockwave Flash Object".[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_5_502_135.ocx""ThreadingModel"="Apartment".[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]@="0".[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]@="ShockwaveFlash.ShockwaveFlash.11".[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_5_502_135.ocx, 1".[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]@="{D27CDB6B-AE6D-11cf-96B8-444553540000}".[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]@="1.0".[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]@="ShockwaveFlash.ShockwaveFlash".[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]@Denied: (A 2) (Everyone)@="Macromedia Flash Factory Object".[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_5_502_135.ocx""ThreadingModel"="Apartment".[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]@="FlashFactory.FlashFactory.1".[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_5_502_135.ocx, 1".[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]@="{D27CDB6B-AE6D-11cf-96B8-444553540000}".[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]@="1.0".[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]@="FlashFactory.FlashFactory".[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]@Denied: (A 2) (Everyone)@="IFlashBroker5".[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]@="{00020424-0000-0000-C000-000000000046}".[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}""Version"="1.0".[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]@Denied: (A) (Users)@Denied: (A) (Everyone)@Allowed: (B 1 2 3 4 5) (S-1-5-20)"BlindDial"=dword:00000000.[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]@Denied: (Full) (Everyone).Completion time: 2012-12-30 08:11:09ComboFix-quarantined-files.txt 2012-12-30 14:11.Pre-Run: 99,370,250,240 bytes freePost-Run: 99,080,904,704 bytes free.- - End Of File - - 8E977CADB4359AFEAC8BC7F2C3078E16 Link to post Share on other sites More sharing options...
Staff gringo_pr Posted December 30, 2012 Staff ID:628459 Share Posted December 30, 2012 GreetingsI want you to run these next,Please download the latest version of TDSSKiller from here and save it to your Desktop.Doubleclick on TDSSKiller.exe to run the application, then click on Change parameters.Put a checkmark beside loaded modules.A reboot will be needed to apply the changes. Do it.TDSSKiller will launch automatically after the reboot. Also your computer may seem very slow and unusable. This is normal. Give it enough time to load your background programs.Then click on Change parameters in TDSSKiller.Check all boxes then click OK.Click the Start Scan button.The scan should take no longer than 2 minutes.If a suspicious object is detected, the default action will be Skip, click on Continue. If malicious objects are found, they will show in the Scan resultsEnsure Cure (default) is selected, then click Continue > Reboot now to finish the cleaning process.Note: If Cure is not available, please choose Skip instead, do not choose Delete unless instructed.A report will be created in your root directory, (usually C:\ folder) in the form of "TDSSKiller.[Version]_[Date]_[Time]_log.txt". Please copy and paste the contents of that file here.Please download aswMBR to your desktop.Double click the aswMBR.exe icon to run it it will ask to download extra definitions - ALLOW ITClick the Scan button to start the scanOn completion of the scan, click the save log button, save it to your desktop and post it in your next reply.If you have any problems running either one come back and let me knowplease reply with the reports from TDSSKiller and aswMBRGringo Link to post Share on other sites More sharing options...
supturb89 Posted December 30, 2012 Author ID:628558 Share Posted December 30, 2012 Gringo,I have run TDSSkiller and aswMBR and am posting the logs. After running them I opened my task manager and notice that the lsass.exe process is no longer running?14:08:38.0499 3964 TDSS rootkit removing tool 2.8.15.0 Oct 31 2012 21:47:3514:08:40.0511 3964 ============================================================14:08:40.0511 3964 Current date / time: 2012/12/30 14:08:40.051114:08:40.0511 3964 SystemInfo:14:08:40.0511 3964 14:08:40.0511 3964 OS Version: 6.1.7601 ServicePack: 1.014:08:40.0511 3964 Product type: Workstation14:08:40.0511 3964 ComputerName: HTPC14:08:40.0511 3964 UserName: Webb14:08:40.0511 3964 Windows directory: C:\Windows14:08:40.0511 3964 System windows directory: C:\Windows14:08:40.0511 3964 Running under WOW6414:08:40.0511 3964 Processor architecture: Intel x6414:08:40.0511 3964 Number of processors: 214:08:40.0511 3964 Page size: 0x100014:08:40.0511 3964 Boot type: Normal boot14:08:40.0511 3964 ============================================================14:09:34.0191 3964 BG loaded14:09:34.0784 3964 Drive \Device\Harddisk0\DR0 - Size: 0x3A70C70000 (233.76 Gb), SectorSize: 0x200, Cylinders: 0x7733, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x0000004014:09:34.0909 3964 Drive \Device\Harddisk1\DR1 - Size: 0x7470C05E00 (465.76 Gb), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'W'14:09:35.0174 3964 ============================================================14:09:35.0174 3964 \Device\Harddisk0\DR0:14:09:35.0205 3964 MBR partitions:14:09:35.0205 3964 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x16FAE6FF14:09:35.0236 3964 \Device\Harddisk1\DR1:14:09:35.0236 3964 MBR partitions:14:09:35.0236 3964 \Device\Harddisk1\DR1\Partition1: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0x3A384C0214:09:35.0236 3964 ============================================================14:09:35.0314 3964 C: <-> \Device\Harddisk0\DR0\Partition114:09:35.0345 3964 E: <-> \Device\Harddisk1\DR1\Partition114:09:35.0345 3964 ============================================================14:09:35.0345 3964 Initialize success14:09:35.0345 3964 ============================================================14:10:53.0377 4428 ============================================================14:10:53.0377 4428 Scan started14:10:53.0377 4428 Mode: Manual; SigCheck; TDLFS;14:10:53.0377 4428 ============================================================14:10:55.0155 4428 ================ Scan system memory ========================14:10:55.0155 4428 System memory - ok14:10:55.0155 4428 ================ Scan services =============================14:10:56.0325 4428 [ A87D604AEA360176311474C87A63BB88 ] 1394ohci C:\Windows\system32\drivers\1394ohci.sys14:10:56.0450 4428 1394ohci - ok14:10:56.0528 4428 [ D81D9E70B8A6DD14D42D7B4EFA65D5F2 ] ACPI C:\Windows\system32\drivers\ACPI.sys14:10:56.0559 4428 ACPI - ok14:10:56.0590 4428 [ 99F8E788246D495CE3794D7E7821D2CA ] AcpiPmi C:\Windows\system32\drivers\acpipmi.sys14:10:56.0653 4428 AcpiPmi - ok14:10:57.0745 4428 [ 95CE557D16A75606CCC2D7F3B0B0BCCB ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe14:10:57.0776 4428 AdobeFlashPlayerUpdateSvc - ok14:10:57.0948 4428 [ 2F6B34B83843F0C5118B63AC634F5BF4 ] adp94xx C:\Windows\system32\DRIVERS\adp94xx.sys14:10:57.0994 4428 adp94xx - ok14:10:58.0072 4428 [ 597F78224EE9224EA1A13D6350CED962 ] adpahci C:\Windows\system32\DRIVERS\adpahci.sys14:10:58.0104 4428 adpahci - ok14:10:58.0150 4428 [ E109549C90F62FB570B9540C4B148E54 ] adpu320 C:\Windows\system32\DRIVERS\adpu320.sys14:10:58.0182 4428 adpu320 - ok14:10:58.0228 4428 [ 4B78B431F225FD8624C5655CB1DE7B61 ] AeLookupSvc C:\Windows\System32\aelupsvc.dll14:10:58.0275 4428 AeLookupSvc - ok14:10:58.0384 4428 [ 1C7857B62DE5994A75B054A9FD4C3825 ] AFD C:\Windows\system32\drivers\afd.sys14:10:58.0447 4428 AFD - ok14:10:58.0494 4428 [ 608C14DBA7299D8CB6ED035A68A15799 ] agp440 C:\Windows\system32\drivers\agp440.sys14:10:58.0525 4428 agp440 - ok14:10:58.0572 4428 [ 3290D6946B5E30E70414990574883DDB ] ALG C:\Windows\System32\alg.exe14:10:58.0634 4428 ALG - ok14:10:58.0681 4428 [ 5812713A477A3AD7363C7438CA2EE038 ] aliide C:\Windows\system32\drivers\aliide.sys14:10:58.0712 4428 aliide - ok14:10:58.0821 4428 [ 54716D9BB43733578A5647E9B121141F ] AMD External Events Utility C:\Windows\system32\atiesrxx.exe14:10:58.0884 4428 AMD External Events Utility - ok14:10:58.0915 4428 [ 1FF8B4431C353CE385C875F194924C0C ] amdide C:\Windows\system32\drivers\amdide.sys14:10:58.0946 4428 amdide - ok14:10:59.0008 4428 [ 7024F087CFF1833A806193EF9D22CDA9 ] AmdK8 C:\Windows\system32\DRIVERS\amdk8.sys14:10:59.0071 4428 AmdK8 - ok14:11:00.0381 4428 [ 522A8BD1414CC7517FAEC907F138DB9C ] amdkmdag C:\Windows\system32\DRIVERS\atikmdag.sys14:11:00.0506 4428 amdkmdag - ok14:11:00.0537 4428 [ F712C26D40BF3CD2C020BB518E8150B1 ] amdkmdap C:\Windows\system32\DRIVERS\atikmpag.sys14:11:00.0584 4428 amdkmdap - ok14:11:00.0631 4428 [ 1E56388B3FE0D031C44144EB8C4D6217 ] AmdPPM C:\Windows\system32\DRIVERS\amdppm.sys14:11:00.0662 4428 AmdPPM - ok14:11:00.0724 4428 [ D4121AE6D0C0E7E13AA221AA57EF2D49 ] amdsata C:\Windows\system32\drivers\amdsata.sys14:11:00.0740 4428 amdsata - ok14:11:00.0834 4428 [ F67F933E79241ED32FF46A4F29B5120B ] amdsbs C:\Windows\system32\DRIVERS\amdsbs.sys14:11:00.0880 4428 amdsbs - ok14:11:00.0912 4428 [ 540DAF1CEA6094886D72126FD7C33048 ] amdxata C:\Windows\system32\drivers\amdxata.sys14:11:00.0927 4428 amdxata - ok14:11:01.0130 4428 [ 821E7E501226EE344FDB0F40EE46109D ] AnyDVD C:\Windows\system32\Drivers\AnyDVD.sys14:11:01.0161 4428 AnyDVD - ok14:11:01.0239 4428 [ 89A69C3F2F319B43379399547526D952 ] AppID C:\Windows\system32\drivers\appid.sys14:11:01.0333 4428 AppID - ok14:11:01.0380 4428 [ 0BC381A15355A3982216F7172F545DE1 ] AppIDSvc C:\Windows\System32\appidsvc.dll14:11:01.0442 4428 AppIDSvc - ok14:11:01.0520 4428 [ 3977D4A871CA0D4F2ED1E7DB46829731 ] Appinfo C:\Windows\System32\appinfo.dll14:11:01.0567 4428 Appinfo - ok14:11:01.0848 4428 [ 20F6F19FE9E753F2780DC2FA083AD597 ] Apple Mobile Device C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe14:11:01.0879 4428 Apple Mobile Device - ok14:11:02.0019 4428 [ 4ABA3E75A76195A3E38ED2766C962899 ] AppMgmt C:\Windows\System32\appmgmts.dll14:11:02.0050 4428 AppMgmt - ok14:11:02.0113 4428 [ C484F8CEB1717C540242531DB7845C4E ] arc C:\Windows\system32\DRIVERS\arc.sys14:11:02.0144 4428 arc - ok14:11:02.0175 4428 [ 019AF6924AEFE7839F61C830227FE79C ] arcsas C:\Windows\system32\DRIVERS\arcsas.sys14:11:02.0206 4428 arcsas - ok14:11:02.0378 4428 [ 9149EC69ACD3EFC97B01D5A1BAEB3B57 ] arXfrSvc C:\Program Files\Windows Home Server\Microsoft.HomeServer.Archive.TransferService.exe14:11:02.0394 4428 arXfrSvc - ok14:11:02.0487 4428 [ 68726474C69B738EAC3A62E06B33ADDC ] AsIO C:\Windows\syswow64\drivers\AsIO.sys14:11:02.0503 4428 AsIO - ok14:11:02.0581 4428 [ 4FCAEF0C5BE7629AEB878998E0FE959B ] aswFsBlk C:\Windows\system32\drivers\aswFsBlk.sys14:11:02.0581 4428 aswFsBlk - ok14:11:02.0659 4428 [ B50CDD87772D6A11CB90924AAD399DF8 ] aswMonFlt C:\Windows\system32\drivers\aswMonFlt.sys14:11:02.0659 4428 aswMonFlt - ok14:11:02.0706 4428 [ 57768C7DB4681F2510F247F82EF31D4F ] aswRdr C:\Windows\System32\Drivers\aswrdr2.sys14:11:02.0721 4428 aswRdr - ok14:11:02.0971 4428 [ E71D826A1F3CE9C9DE3E77F2D02AFFBF ] aswSnx C:\Windows\system32\drivers\aswSnx.sys14:11:02.0986 4428 aswSnx - ok14:11:03.0018 4428 [ 538A32E2C99BF073D4CA76C30BEDAA60 ] aswSP C:\Windows\system32\drivers\aswSP.sys14:11:03.0033 4428 aswSP - ok14:11:03.0064 4428 [ 6EDC79D73745FD44C41B55B2D13D0B70 ] aswTdi C:\Windows\system32\drivers\aswTdi.sys14:11:03.0080 4428 aswTdi - ok14:11:03.0111 4428 [ 769765CE2CC62867468CEA93969B2242 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys14:11:03.0158 4428 AsyncMac - ok14:11:03.0189 4428 [ 02062C0B390B7729EDC9E69C680A6F3C ] atapi C:\Windows\system32\drivers\atapi.sys14:11:03.0205 4428 atapi - ok14:11:03.0392 4428 [ E02B26650ACC2F4901342D4A66774AD7 ] AtiHDAudioService C:\Windows\system32\drivers\AtihdW76.sys14:11:03.0408 4428 AtiHDAudioService - ok14:11:03.0454 4428 [ 7E2F5A758F63F80F8B03F889B4E6B19F ] AtiHdmiService C:\Windows\system32\drivers\AtiHdmi.sys14:11:03.0486 4428 AtiHdmiService - ok14:11:03.0548 4428 [ 7C5D273E29DCC5505469B299C6F29163 ] AtiPcie C:\Windows\system32\DRIVERS\AtiPcie.sys14:11:03.0579 4428 AtiPcie - ok14:11:03.0626 4428 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll14:11:03.0704 4428 AudioEndpointBuilder - ok14:11:03.0766 4428 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioSrv C:\Windows\System32\Audiosrv.dll14:11:03.0813 4428 AudioSrv - ok14:11:03.0985 4428 [ 8FA553E9AE69808D99C164733A0F9590 ] avast! Antivirus C:\Program Files\Alwil Software\Avast5\AvastSvc.exe14:11:04.0000 4428 avast! Antivirus - ok14:11:04.0078 4428 [ A6BF31A71B409DFA8CAC83159E1E2AFF ] AxInstSV C:\Windows\System32\AxInstSV.dll14:11:04.0125 4428 AxInstSV - ok14:11:04.0266 4428 [ 3E5B191307609F7514148C6832BB0842 ] b06bdrv C:\Windows\system32\DRIVERS\bxvbda.sys14:11:04.0312 4428 b06bdrv - ok14:11:04.0437 4428 [ B5ACE6968304A3900EEB1EBFD9622DF2 ] b57nd60a C:\Windows\system32\DRIVERS\b57nd60a.sys14:11:04.0484 4428 b57nd60a - ok14:11:04.0515 4428 [ FDE360167101B4E45A96F939F388AEB0 ] BDESVC C:\Windows\System32\bdesvc.dll14:11:04.0562 4428 BDESVC - ok14:11:04.0609 4428 [ 16A47CE2DECC9B099349A5F840654746 ] Beep C:\Windows\system32\drivers\Beep.sys14:11:04.0687 4428 Beep - ok14:11:04.0812 4428 [ 82974D6A2FD19445CC5171FC378668A4 ] BFE C:\Windows\System32\bfe.dll14:11:04.0890 4428 BFE - ok14:11:04.0999 4428 [ 1EA7969E3271CBC59E1730697DC74682 ] BITS C:\Windows\system32\qmgr.dll14:11:05.0077 4428 BITS - ok14:11:05.0124 4428 [ 61583EE3C3A17003C4ACD0475646B4D3 ] blbdrive C:\Windows\system32\DRIVERS\blbdrive.sys14:11:05.0155 4428 blbdrive - ok14:11:05.0295 4428 [ F832F1505AD8B83474BD9A5B1B985E01 ] Bonjour Service C:\Program Files (x86)\Bonjour\mDNSResponder.exe14:11:05.0311 4428 Bonjour Service - ok14:11:05.0342 4428 [ 6C02A83164F5CC0A262F4199F0871CF5 ] bowser C:\Windows\system32\DRIVERS\bowser.sys14:11:05.0373 4428 bowser - ok14:11:05.0420 4428 [ F09EEE9EDC320B5E1501F749FDE686C8 ] BrFiltLo C:\Windows\system32\DRIVERS\BrFiltLo.sys14:11:05.0498 4428 BrFiltLo - ok14:11:05.0514 4428 [ B114D3098E9BDB8BEA8B053685831BE6 ] BrFiltUp C:\Windows\system32\DRIVERS\BrFiltUp.sys14:11:05.0545 4428 BrFiltUp - ok14:11:05.0576 4428 [ 5C2F352A4E961D72518261257AAE204B ] BridgeMP C:\Windows\system32\DRIVERS\bridge.sys14:11:05.0670 4428 BridgeMP - ok14:11:05.0701 4428 [ 05F5A0D14A2EE1D8255C2AA0E9E8E694 ] Browser C:\Windows\System32\browser.dll14:11:05.0763 4428 Browser - ok14:11:05.0794 4428 [ 43BEA8D483BF1870F018E2D02E06A5BD ] Brserid C:\Windows\System32\Drivers\Brserid.sys14:11:05.0872 4428 Brserid - ok14:11:05.0888 4428 [ A6ECA2151B08A09CACECA35C07F05B42 ] BrSerWdm C:\Windows\System32\Drivers\BrSerWdm.sys14:11:05.0950 4428 BrSerWdm - ok14:11:05.0966 4428 [ B79968002C277E869CF38BD22CD61524 ] BrUsbMdm C:\Windows\System32\Drivers\BrUsbMdm.sys14:11:06.0013 4428 BrUsbMdm - ok14:11:06.0028 4428 [ A87528880231C54E75EA7A44943B38BF ] BrUsbSer C:\Windows\System32\Drivers\BrUsbSer.sys14:11:06.0075 4428 BrUsbSer - ok14:11:06.0153 4428 [ 9DA669F11D1F894AB4EB69BF546A42E8 ] BTHMODEM C:\Windows\system32\DRIVERS\bthmodem.sys14:11:06.0216 4428 BTHMODEM - ok14:11:06.0247 4428 [ 95F9C2976059462CBBF227F7AAB10DE9 ] bthserv C:\Windows\system32\bthserv.dll14:11:06.0309 4428 bthserv - ok14:11:06.0325 4428 catchme - ok14:11:06.0372 4428 [ B8BD2BB284668C84865658C77574381A ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys14:11:06.0434 4428 cdfs - ok14:11:06.0496 4428 [ F036CE71586E93D94DAB220D7BDF4416 ] cdrom C:\Windows\system32\DRIVERS\cdrom.sys14:11:06.0528 4428 cdrom - ok14:11:06.0590 4428 [ F17D1D393BBC69C5322FBFAFACA28C7F ] CertPropSvc C:\Windows\System32\certprop.dll14:11:06.0652 4428 CertPropSvc - ok14:11:06.0746 4428 [ D7CD5C4E1B71FA62050515314CFB52CF ] circlass C:\Windows\system32\DRIVERS\circlass.sys14:11:06.0777 4428 circlass - ok14:11:06.0886 4428 [ FE1EC06F2253F691FE36217C592A0206 ] CLFS C:\Windows\system32\CLFS.sys14:11:06.0918 4428 CLFS - ok14:11:07.0027 4428 [ 56139566E462C1FB1775E140D4EE6B22 ] CLPSLS C:\Program Files (x86)\COMODO\COMODO livePCsupport\CLPSLS.exe14:11:07.0042 4428 CLPSLS - ok14:11:07.0292 4428 [ D88040F816FDA31C3B466F0FA0918F29 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe14:11:07.0354 4428 clr_optimization_v2.0.50727_32 - ok14:11:07.0526 4428 [ D1CEEA2B47CB998321C579651CE3E4F8 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe14:11:07.0557 4428 clr_optimization_v2.0.50727_64 - ok14:11:07.0651 4428 [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe14:11:07.0744 4428 clr_optimization_v4.0.30319_32 - ok14:11:07.0822 4428 [ C6F9AF94DCD58122A4D7E89DB6BED29D ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe14:11:07.0838 4428 clr_optimization_v4.0.30319_64 - ok14:11:07.0885 4428 [ 0840155D0BDDF1190F84A663C284BD33 ] CmBatt C:\Windows\system32\DRIVERS\CmBatt.sys14:11:07.0916 4428 CmBatt - ok14:11:08.0571 4428 [ 65FB5097D9EE7E3A99E932CFA0E4B344 ] cmdAgent C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe14:11:08.0618 4428 cmdAgent - ok14:11:08.0758 4428 [ 919ACCC22ABDC1C3CA68326C0E5DEAF9 ] cmdGuard C:\Windows\system32\DRIVERS\cmdguard.sys14:11:08.0774 4428 cmdGuard - ok14:11:08.0790 4428 [ F8FECE0F1D44C4A58778083B00EEADAC ] cmdHlp C:\Windows\system32\DRIVERS\cmdhlp.sys14:11:08.0805 4428 cmdHlp - ok14:11:08.0836 4428 [ E19D3F095812725D88F9001985B94EDD ] cmdide C:\Windows\system32\drivers\cmdide.sys14:11:08.0852 4428 cmdide - ok14:11:08.0961 4428 [ 9AC4F97C2D3E93367E2148EA940CD2CD ] CNG C:\Windows\system32\Drivers\cng.sys14:11:08.0992 4428 CNG - ok14:11:09.0039 4428 [ 102DE219C3F61415F964C88E9085AD14 ] Compbatt C:\Windows\system32\DRIVERS\compbatt.sys14:11:09.0070 4428 Compbatt - ok14:11:09.0133 4428 [ 03EDB043586CCEBA243D689BDDA370A8 ] CompositeBus C:\Windows\system32\drivers\CompositeBus.sys14:11:09.0164 4428 CompositeBus - ok14:11:09.0180 4428 COMSysApp - ok14:11:09.0211 4428 [ 1C827878A998C18847245FE1F34EE597 ] crcdisk C:\Windows\system32\DRIVERS\crcdisk.sys14:11:09.0242 4428 crcdisk - ok14:11:09.0320 4428 [ 9C01375BE382E834CC26D1B7EAF2C4FE ] CryptSvc C:\Windows\system32\cryptsvc.dll14:11:09.0367 4428 CryptSvc - ok14:11:09.0476 4428 [ 54DA3DFD29ED9F1619B6F53F3CE55E49 ] CSC C:\Windows\system32\drivers\csc.sys14:11:09.0523 4428 CSC - ok14:11:09.0554 4428 [ 3AB183AB4D2C79DCF459CD2C1266B043 ] CscService C:\Windows\System32\cscsvc.dll14:11:09.0601 4428 CscService - ok14:11:09.0694 4428 [ 5C627D1B1138676C0A7AB2C2C190D123 ] DcomLaunch C:\Windows\system32\rpcss.dll14:11:09.0741 4428 DcomLaunch - ok14:11:09.0897 4428 [ 3CEC7631A84943677AA8FA8EE5B6B43D ] defragsvc C:\Windows\System32\defragsvc.dll14:11:09.0944 4428 defragsvc - ok14:11:09.0991 4428 [ 9BB2EF44EAA163B29C4A4587887A0FE4 ] DfsC C:\Windows\system32\Drivers\dfsc.sys14:11:10.0038 4428 DfsC - ok14:11:10.0131 4428 [ 43D808F5D9E1A18E5EEB5EBC83969E4E ] Dhcp C:\Windows\system32\dhcpcore.dll14:11:10.0194 4428 Dhcp - ok14:11:10.0209 4428 [ 13096B05847EC78F0977F2C0F79E9AB3 ] discache C:\Windows\system32\drivers\discache.sys14:11:10.0256 4428 discache - ok14:11:10.0303 4428 [ 9819EEE8B5EA3784EC4AF3B137A5244C ] Disk C:\Windows\system32\DRIVERS\disk.sys14:11:10.0334 4428 Disk - ok14:11:10.0381 4428 [ 16835866AAA693C7D7FCEBA8FFF706E4 ] Dnscache C:\Windows\System32\dnsrslvr.dll14:11:10.0412 4428 Dnscache - ok14:11:10.0490 4428 [ B1FB3DDCA0FDF408750D5843591AFBC6 ] dot3svc C:\Windows\System32\dot3svc.dll14:11:10.0537 4428 dot3svc - ok14:11:10.0568 4428 [ B26F4F737E8F9DF4F31AF6CF31D05820 ] DPS C:\Windows\system32\dps.dll14:11:10.0615 4428 DPS - ok14:11:10.0677 4428 [ 9B19F34400D24DF84C858A421C205754 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys14:11:10.0724 4428 drmkaud - ok14:11:10.0896 4428 [ F5BEE30450E18E6B83A5012C100616FD ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys14:11:10.0927 4428 DXGKrnl - ok14:11:10.0942 4428 [ E2DDA8726DA9CB5B2C4000C9018A9633 ] EapHost C:\Windows\System32\eapsvc.dll14:11:11.0036 4428 EapHost - ok14:11:11.0613 4428 [ DC5D737F51BE844D8C82C695EB17372F ] ebdrv C:\Windows\system32\DRIVERS\evbda.sys14:11:11.0707 4428 ebdrv - ok14:11:11.0754 4428 [ C118A82CD78818C29AB228366EBF81C3 ] EFS C:\Windows\System32\lsass.exe14:11:11.0800 4428 EFS - ok14:11:12.0081 4428 [ C4002B6B41975F057D98C439030CEA07 ] ehRecvr C:\Windows\ehome\ehRecvr.exe14:11:12.0112 4428 ehRecvr - ok14:11:12.0253 4428 [ 4705E8EF9934482C5BB488CE28AFC681 ] ehSched C:\Windows\ehome\ehsched.exe14:11:12.0268 4428 ehSched - ok14:11:12.0378 4428 [ A05FC7ECA0966EBB70E4D17B855A853B ] ElbyCDIO C:\Windows\system32\Drivers\ElbyCDIO.sys14:11:12.0393 4428 ElbyCDIO - ok14:11:12.0534 4428 [ 0E5DA5369A0FCAEA12456DD852545184 ] elxstor C:\Windows\system32\DRIVERS\elxstor.sys14:11:12.0565 4428 elxstor - ok14:11:12.0612 4428 [ 34A3C54752046E79A126E15C51DB409B ] ErrDev C:\Windows\system32\drivers\errdev.sys14:11:12.0658 4428 ErrDev - ok14:11:12.0783 4428 [ 94B3C06DCF580695EBA5304F3C750256 ] esClient C:\Program Files\Windows Home Server\esClient.exe14:11:12.0799 4428 esClient - ok14:11:12.0924 4428 [ 4166F82BE4D24938977DD1746BE9B8A0 ] EventSystem C:\Windows\system32\es.dll14:11:12.0970 4428 EventSystem - ok14:11:12.0986 4428 [ A510C654EC00C1E9BDD91EEB3A59823B ] exfat C:\Windows\system32\drivers\exfat.sys14:11:13.0048 4428 exfat - ok14:11:13.0111 4428 [ 0ADC83218B66A6DB380C330836F3E36D ] fastfat C:\Windows\system32\drivers\fastfat.sys14:11:13.0173 4428 fastfat - ok14:11:13.0392 4428 [ DBEFD454F8318A0EF691FDD2EAAB44EB ] Fax C:\Windows\system32\fxssvc.exe14:11:13.0423 4428 Fax - ok14:11:13.0454 4428 [ D765D19CD8EF61F650C384F62FAC00AB ] fdc C:\Windows\system32\DRIVERS\fdc.sys14:11:13.0485 4428 fdc - ok14:11:13.0516 4428 [ 0438CAB2E03F4FB61455A7956026FE86 ] fdPHost C:\Windows\system32\fdPHost.dll14:11:13.0563 4428 fdPHost - ok14:11:13.0579 4428 [ 802496CB59A30349F9A6DD22D6947644 ] FDResPub C:\Windows\system32\fdrespub.dll14:11:13.0626 4428 FDResPub - ok14:11:13.0657 4428 [ 655661BE46B5F5F3FD454E2C3095B930 ] FileInfo C:\Windows\system32\drivers\fileinfo.sys14:11:13.0672 4428 FileInfo - ok14:11:13.0688 4428 [ 5F671AB5BC87EEA04EC38A6CD5962A47 ] Filetrace C:\Windows\system32\drivers\filetrace.sys14:11:13.0750 4428 Filetrace - ok14:11:13.0766 4428 [ C172A0F53008EAEB8EA33FE10E177AF5 ] flpydisk C:\Windows\system32\DRIVERS\flpydisk.sys14:11:13.0797 4428 flpydisk - ok14:11:13.0891 4428 [ DA6B67270FD9DB3697B20FCE94950741 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys14:11:13.0906 4428 FltMgr - ok14:11:14.0031 4428 [ 5C4CB4086FB83115B153E47ADD961A0C ] FontCache C:\Windows\system32\FntCache.dll14:11:14.0062 4428 FontCache - ok14:11:14.0156 4428 [ A8B7F3818AB65695E3A0BB3279F6DCE6 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe14:11:14.0172 4428 FontCache3.0.0.0 - ok14:11:14.0187 4428 [ D43703496149971890703B4B1B723EAC ] FsDepends C:\Windows\system32\drivers\FsDepends.sys14:11:14.0218 4428 FsDepends - ok14:11:14.0250 4428 [ 6BD9295CC032DD3077C671FCCF579A7B ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys14:11:14.0265 4428 Fs_Rec - ok14:11:14.0359 4428 [ 1F7B25B858FA27015169FE95E54108ED ] fvevol C:\Windows\system32\DRIVERS\fvevol.sys14:11:14.0390 4428 fvevol - ok14:11:14.0452 4428 [ 8C778D335C9D272CFD3298AB02ABE3B6 ] gagp30kx C:\Windows\system32\DRIVERS\gagp30kx.sys14:11:14.0484 4428 gagp30kx - ok14:11:14.0546 4428 [ E403AACF8C7BB11375122D2464560311 ] GEARAspiWDM C:\Windows\system32\DRIVERS\GEARAspiWDM.sys14:11:14.0562 4428 GEARAspiWDM - ok14:11:14.0718 4428 [ 277BBC7E1AA1EE957F573A10ECA7EF3A ] gpsvc C:\Windows\System32\gpsvc.dll14:11:14.0764 4428 gpsvc - ok14:11:14.0889 4428 [ 2ED7FF3E1ADA4092632393781518B3A7 ] grmnusb C:\Windows\system32\drivers\grmnusb.sys14:11:14.0905 4428 grmnusb - ok14:11:15.0061 4428 [ F02A533F517EB38333CB12A9E8963773 ] gupdate C:\Program Files (x86)\Google\Update\GoogleUpdate.exe14:11:15.0076 4428 gupdate - ok14:11:15.0154 4428 [ F02A533F517EB38333CB12A9E8963773 ] gupdatem C:\Program Files (x86)\Google\Update\GoogleUpdate.exe14:11:15.0170 4428 gupdatem - ok14:11:15.0186 4428 [ F2523EF6460FC42405B12248338AB2F0 ] hcw85cir C:\Windows\system32\drivers\hcw85cir.sys14:11:15.0232 4428 hcw85cir - ok14:11:15.0342 4428 [ 975761C778E33CD22498059B91E7373A ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys14:11:15.0373 4428 HdAudAddService - ok14:11:15.0404 4428 [ 97BFED39B6B79EB12CDDBFEED51F56BB ] HDAudBus C:\Windows\system32\drivers\HDAudBus.sys14:11:15.0435 4428 HDAudBus - ok14:11:15.0466 4428 [ 78E86380454A7B10A5EB255DC44A355F ] HidBatt C:\Windows\system32\DRIVERS\HidBatt.sys14:11:15.0482 4428 HidBatt - ok14:11:15.0513 4428 [ 7FD2A313F7AFE5C4DAB14798C48DD104 ] HidBth C:\Windows\system32\DRIVERS\hidbth.sys14:11:15.0560 4428 HidBth - ok14:11:15.0591 4428 [ 0A77D29F311B88CFAE3B13F9C1A73825 ] HidIr C:\Windows\system32\DRIVERS\hidir.sys14:11:15.0638 4428 HidIr - ok14:11:15.0669 4428 [ BD9EB3958F213F96B97B1D897DEE006D ] hidserv C:\Windows\System32\hidserv.dll14:11:15.0716 4428 hidserv - ok14:11:15.0747 4428 [ 9592090A7E2B61CD582B612B6DF70536 ] HidUsb C:\Windows\system32\DRIVERS\hidusb.sys14:11:15.0763 4428 HidUsb - ok14:11:15.0794 4428 [ 387E72E739E15E3D37907A86D9FF98E2 ] hkmsvc C:\Windows\system32\kmsvc.dll14:11:15.0888 4428 hkmsvc - ok14:11:15.0919 4428 [ EFDFB3DD38A4376F93E7985173813ABD ] HomeGroupListener C:\Windows\system32\ListSvc.dll14:11:15.0950 4428 HomeGroupListener - ok14:11:15.0997 4428 [ 908ACB1F594274965A53926B10C81E89 ] HomeGroupProvider C:\Windows\system32\provsvc.dll14:11:16.0044 4428 HomeGroupProvider - ok14:11:16.0075 4428 [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC ] HpSAMD C:\Windows\system32\drivers\HpSAMD.sys14:11:16.0090 4428 HpSAMD - ok14:11:16.0137 4428 [ 0EA7DE1ACB728DD5A369FD742D6EEE28 ] HTTP C:\Windows\system32\drivers\HTTP.sys14:11:16.0200 4428 HTTP - ok14:11:16.0231 4428 [ A5462BD6884960C9DC85ED49D34FF392 ] hwpolicy C:\Windows\system32\drivers\hwpolicy.sys14:11:16.0246 4428 hwpolicy - ok14:11:16.0309 4428 [ FA55C73D4AFFA7EE23AC4BE53B4592D3 ] i8042prt C:\Windows\system32\DRIVERS\i8042prt.sys14:11:16.0324 4428 i8042prt - ok14:11:16.0356 4428 [ AAAF44DB3BD0B9D1FB6969B23ECC8366 ] iaStorV C:\Windows\system32\drivers\iaStorV.sys14:11:16.0387 4428 iaStorV - ok14:11:16.0449 4428 [ 5988FC40F8DB5B0739CD1E3A5D0D78BD ] idsvc C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe14:11:16.0496 4428 idsvc - ok14:11:16.0512 4428 [ 5C18831C61933628F5BB0EA2675B9D21 ] iirsp C:\Windows\system32\DRIVERS\iirsp.sys14:11:16.0527 4428 iirsp - ok14:11:16.0559 4428 [ FCD84C381E0140AF901E58D48882D26B ] IKEEXT C:\Windows\System32\ikeext.dll14:11:16.0605 4428 IKEEXT - ok14:11:16.0652 4428 [ C4E67D3037DC79E39D7136581A947F50 ] inspect C:\Windows\system32\DRIVERS\inspect.sys14:11:16.0668 4428 inspect - ok14:11:16.0699 4428 [ F00F20E70C6EC3AA366910083A0518AA ] intelide C:\Windows\system32\drivers\intelide.sys14:11:16.0715 4428 intelide - ok14:11:16.0746 4428 [ ADA036632C664CAA754079041CF1F8C1 ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys14:11:16.0777 4428 intelppm - ok14:11:16.0808 4428 [ 098A91C54546A3B878DAD6A7E90A455B ] IPBusEnum C:\Windows\system32\ipbusenum.dll14:11:16.0855 4428 IPBusEnum - ok14:11:16.0902 4428 [ C9F0E1BD74365A8771590E9008D22AB6 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys14:11:17.0058 4428 IpFilterDriver - ok14:11:17.0214 4428 [ 08C2957BB30058E663720C5606885653 ] iphlpsvc C:\Windows\System32\iphlpsvc.dll14:11:17.0245 4428 iphlpsvc - ok14:11:17.0292 4428 [ 0FC1AEA580957AA8817B8F305D18CA3A ] IPMIDRV C:\Windows\system32\drivers\IPMIDrv.sys14:11:17.0323 4428 IPMIDRV - ok14:11:17.0339 4428 [ AF9B39A7E7B6CAA203B3862582E9F2D0 ] IPNAT C:\Windows\system32\drivers\ipnat.sys14:11:17.0401 4428 IPNAT - ok14:11:17.0463 4428 [ F8E8676D1B6B2CC12DF9AA6B1A43D929 ] iPod Service C:\Program Files\iPod\bin\iPodService.exe14:11:17.0495 4428 iPod Service - ok14:11:17.0526 4428 [ 3ABF5E7213EB28966D55D58B515D5CE9 ] IRENUM C:\Windows\system32\drivers\irenum.sys14:11:18.0228 4428 IRENUM - ok14:11:18.0275 4428 [ 2F7B28DC3E1183E5EB418DF55C204F38 ] isapnp C:\Windows\system32\drivers\isapnp.sys14:11:18.0290 4428 isapnp - ok14:11:18.0321 4428 [ D931D7309DEB2317035B07C9F9E6B0BD ] iScsiPrt C:\Windows\system32\drivers\msiscsi.sys14:11:18.0353 4428 iScsiPrt - ok14:11:18.0384 4428 [ BC02336F1CBA7DCC7D1213BB588A68A5 ] kbdclass C:\Windows\system32\DRIVERS\kbdclass.sys14:11:18.0399 4428 kbdclass - ok14:11:18.0415 4428 [ 0705EFF5B42A9DB58548EEC3B26BB484 ] kbdhid C:\Windows\system32\DRIVERS\kbdhid.sys14:11:18.0446 4428 kbdhid - ok14:11:18.0462 4428 [ C118A82CD78818C29AB228366EBF81C3 ] KeyIso C:\Windows\system32\lsass.exe14:11:18.0477 4428 KeyIso - ok14:11:18.0524 4428 [ 97A7070AEA4C058B6418519E869A63B4 ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys14:11:18.0540 4428 KSecDD - ok14:11:18.0571 4428 [ 26C43A7C2862447EC59DEDA188D1DA07 ] KSecPkg C:\Windows\system32\Drivers\ksecpkg.sys14:11:18.0602 4428 KSecPkg - ok14:11:18.0633 4428 [ 6869281E78CB31A43E969F06B57347C4 ] ksthunk C:\Windows\system32\drivers\ksthunk.sys14:11:18.0680 4428 ksthunk - ok14:11:18.0743 4428 [ 6AB66E16AA859232F64DEB66887A8C9C ] KtmRm C:\Windows\system32\msdtckrm.dll14:11:18.0789 4428 KtmRm - ok14:11:18.0836 4428 [ D9F42719019740BAA6D1C6D536CBDAA6 ] LanmanServer C:\Windows\System32\srvsvc.dll14:11:18.0883 4428 LanmanServer - ok14:11:18.0914 4428 [ 851A1382EED3E3A7476DB004F4EE3E1A ] LanmanWorkstation C:\Windows\System32\wkssvc.dll14:11:18.0977 4428 LanmanWorkstation - ok14:11:19.0023 4428 [ 1538831CF8AD2979A04C423779465827 ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys14:11:19.0086 4428 lltdio - ok14:11:19.0133 4428 [ C1185803384AB3FEED115F79F109427F ] lltdsvc C:\Windows\System32\lltdsvc.dll14:11:19.0211 4428 lltdsvc - ok14:11:19.0226 4428 [ F993A32249B66C9D622EA5592A8B76B8 ] lmhosts C:\Windows\System32\lmhsvc.dll14:11:19.0273 4428 lmhosts - ok14:11:19.0304 4428 [ 1A93E54EB0ECE102495A51266DCDB6A6 ] LSI_FC C:\Windows\system32\DRIVERS\lsi_fc.sys14:11:19.0320 4428 LSI_FC - ok14:11:19.0335 4428 [ 1047184A9FDC8BDBFF857175875EE810 ] LSI_SAS C:\Windows\system32\DRIVERS\lsi_sas.sys14:11:19.0351 4428 LSI_SAS - ok14:11:19.0351 4428 [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93 ] LSI_SAS2 C:\Windows\system32\DRIVERS\lsi_sas2.sys14:11:19.0367 4428 LSI_SAS2 - ok14:11:19.0382 4428 [ 0504EACAFF0D3C8AED161C4B0D369D4A ] LSI_SCSI C:\Windows\system32\DRIVERS\lsi_scsi.sys14:11:19.0398 4428 LSI_SCSI - ok14:11:19.0429 4428 [ 43D0F98E1D56CCDDB0D5254CFF7B356E ] luafv C:\Windows\system32\drivers\luafv.sys14:11:19.0476 4428 luafv - ok14:11:19.0601 4428 [ 0BE09CD858ABF9DF6ED259D57A1A1663 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll14:11:19.0616 4428 Mcx2Svc - ok14:11:19.0647 4428 [ A55805F747C6EDB6A9080D7C633BD0F4 ] megasas C:\Windows\system32\DRIVERS\megasas.sys14:11:19.0647 4428 megasas - ok14:11:19.0679 4428 [ BAF74CE0072480C3B6B7C13B2A94D6B3 ] MegaSR C:\Windows\system32\DRIVERS\MegaSR.sys14:11:19.0694 4428 MegaSR - ok14:11:19.0725 4428 [ E40E80D0304A73E8D269F7141D77250B ] MMCSS C:\Windows\system32\mmcss.dll14:11:19.0772 4428 MMCSS - ok14:11:19.0788 4428 [ 800BA92F7010378B09F9ED9270F07137 ] Modem C:\Windows\system32\drivers\modem.sys14:11:19.0850 4428 Modem - ok14:11:19.0866 4428 [ B03D591DC7DA45ECE20B3B467E6AADAA ] monitor C:\Windows\system32\DRIVERS\monitor.sys14:11:19.0913 4428 monitor - ok14:11:19.0928 4428 [ 7D27EA49F3C1F687D357E77A470AEA99 ] mouclass C:\Windows\system32\DRIVERS\mouclass.sys14:11:19.0944 4428 mouclass - ok14:11:19.0959 4428 [ D3BF052C40B0C4166D9FD86A4288C1E6 ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys14:11:19.0991 4428 mouhid - ok14:11:20.0022 4428 [ 32E7A3D591D671A6DF2DB515A5CBE0FA ] mountmgr C:\Windows\system32\drivers\mountmgr.sys14:11:20.0053 4428 mountmgr - ok14:11:20.0162 4428 [ 8C7336950F1E69CDFD811CBBD9CF00A2 ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe14:11:20.0193 4428 MozillaMaintenance - ok14:11:20.0256 4428 [ A44B420D30BD56E145D6A2BC8768EC58 ] mpio C:\Windows\system32\drivers\mpio.sys14:11:20.0271 4428 mpio - ok14:11:20.0287 4428 [ 6C38C9E45AE0EA2FA5E551F2ED5E978F ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys14:11:20.0334 4428 mpsdrv - ok14:11:20.0396 4428 [ 54FFC9C8898113ACE189D4AA7199D2C1 ] MpsSvc C:\Windows\system32\mpssvc.dll14:11:20.0474 4428 MpsSvc - ok14:11:20.0505 4428 [ DC722758B8261E1ABAFD31A3C0A66380 ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys14:11:20.0552 4428 MRxDAV - ok14:11:20.0583 4428 [ A5D9106A73DC88564C825D317CAC68AC ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys14:11:20.0615 4428 mrxsmb - ok14:11:20.0661 4428 [ D711B3C1D5F42C0C2415687BE09FC163 ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys14:11:20.0693 4428 mrxsmb10 - ok14:11:20.0708 4428 [ 9423E9D355C8D303E76B8CFBD8A5C30C ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys14:11:20.0724 4428 mrxsmb20 - ok14:11:20.0755 4428 [ C25F0BAFA182CBCA2DD3C851C2E75796 ] msahci C:\Windows\system32\drivers\msahci.sys14:11:20.0771 4428 msahci - ok14:11:20.0786 4428 [ DB801A638D011B9633829EB6F663C900 ] msdsm C:\Windows\system32\drivers\msdsm.sys14:11:20.0802 4428 msdsm - ok14:11:20.0817 4428 [ DE0ECE52236CFA3ED2DBFC03F28253A8 ] MSDTC C:\Windows\System32\msdtc.exe14:11:20.0849 4428 MSDTC - ok14:11:20.0895 4428 [ AA3FB40E17CE1388FA1BEDAB50EA8F96 ] Msfs C:\Windows\system32\drivers\Msfs.sys14:11:20.0927 4428 Msfs - ok14:11:20.0942 4428 [ F9D215A46A8B9753F61767FA72A20326 ] mshidkmdf C:\Windows\System32\drivers\mshidkmdf.sys14:11:20.0989 4428 mshidkmdf - ok14:11:21.0020 4428 [ D916874BBD4F8B07BFB7FA9B3CCAE29D ] msisadrv C:\Windows\system32\drivers\msisadrv.sys14:11:21.0036 4428 msisadrv - ok14:11:21.0051 4428 [ 808E98FF49B155C522E6400953177B08 ] MSiSCSI C:\Windows\system32\iscsiexe.dll14:11:21.0114 4428 MSiSCSI - ok14:11:21.0114 4428 msiserver - ok14:11:21.0145 4428 [ 49CCF2C4FEA34FFAD8B1B59D49439366 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys14:11:21.0192 4428 MSKSSRV - ok14:11:21.0223 4428 [ BDD71ACE35A232104DDD349EE70E1AB3 ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys14:11:21.0254 4428 MSPCLOCK - ok14:11:21.0270 4428 [ 4ED981241DB27C3383D72092B618A1D0 ] MSPQM C:\Windows\system32\drivers\MSPQM.sys14:11:21.0332 4428 MSPQM - ok14:11:21.0379 4428 [ 759A9EEB0FA9ED79DA1FB7D4EF78866D ] MsRPC C:\Windows\system32\drivers\MsRPC.sys14:11:21.0395 4428 MsRPC - ok14:11:21.0426 4428 [ 0EED230E37515A0EAEE3C2E1BC97B288 ] mssmbios C:\Windows\system32\drivers\mssmbios.sys14:11:21.0426 4428 mssmbios - ok14:11:21.0441 4428 [ 2E66F9ECB30B4221A318C92AC2250779 ] MSTEE C:\Windows\system32\drivers\MSTEE.sys14:11:21.0488 4428 MSTEE - ok14:11:21.0504 4428 [ 7EA404308934E675BFFDE8EDF0757BCD ] MTConfig C:\Windows\system32\DRIVERS\MTConfig.sys14:11:21.0535 4428 MTConfig - ok14:11:21.0597 4428 [ 19B006B181E3875FD254F7B67ACF1E7C ] MTsensor C:\Windows\system32\DRIVERS\ASACPI.sys14:11:21.0613 4428 MTsensor - ok14:11:21.0629 4428 [ F9A18612FD3526FE473C1BDA678D61C8 ] Mup C:\Windows\system32\Drivers\mup.sys14:11:21.0644 4428 Mup - ok14:11:21.0707 4428 [ 582AC6D9873E31DFA28A4547270862DD ] napagent C:\Windows\system32\qagentRT.dll14:11:21.0769 4428 napagent - ok14:11:21.0800 4428 [ 1EA3749C4114DB3E3161156FFFFA6B33 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys14:11:21.0831 4428 NativeWifiP - ok14:11:21.0878 4428 [ 760E38053BF56E501D562B70AD796B88 ] NDIS C:\Windows\system32\drivers\ndis.sys14:11:21.0925 4428 NDIS - ok14:11:21.0956 4428 [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC ] NdisCap C:\Windows\system32\DRIVERS\ndiscap.sys14:11:22.0019 4428 NdisCap - ok14:11:22.0050 4428 [ 30639C932D9FEF22B31268FE25A1B6E5 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys14:11:22.0081 4428 NdisTapi - ok14:11:22.0112 4428 [ 136185F9FB2CC61E573E676AA5402356 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys14:11:22.0159 4428 Ndisuio - ok14:11:22.0190 4428 [ 53F7305169863F0A2BDDC49E116C2E11 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys14:11:22.0253 4428 NdisWan - ok14:11:22.0268 4428 [ 015C0D8E0E0421B4CFD48CFFE2825879 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys14:11:22.0315 4428 NDProxy - ok14:11:22.0346 4428 [ 86743D9F5D2B1048062B14B1D84501C4 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys14:11:22.0377 4428 NetBIOS - ok14:11:22.0409 4428 [ 09594D1089C523423B32A4229263F068 ] NetBT C:\Windows\system32\DRIVERS\netbt.sys14:11:22.0440 4428 NetBT - ok14:11:22.0455 4428 [ C118A82CD78818C29AB228366EBF81C3 ] Netlogon C:\Windows\system32\lsass.exe14:11:22.0471 4428 Netlogon - ok14:11:22.0518 4428 [ 847D3AE376C0817161A14A82C8922A9E ] Netman C:\Windows\System32\netman.dll14:11:22.0565 4428 Netman - ok14:11:22.0611 4428 [ 5F28111C648F1E24F7DBC87CDEB091B8 ] netprofm C:\Windows\System32\netprofm.dll14:11:22.0658 4428 netprofm - ok14:11:22.0705 4428 [ 618C55B392238B9467F9113E13525C49 ] netr28ux C:\Windows\system32\DRIVERS\netr28ux.sys14:11:22.0752 4428 netr28ux - ok14:11:22.0799 4428 [ 3E5A36127E201DDF663176B66828FAFE ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe14:11:22.0814 4428 NetTcpPortSharing - ok14:11:22.0830 4428 [ 77889813BE4D166CDAB78DDBA990DA92 ] nfrd960 C:\Windows\system32\DRIVERS\nfrd960.sys14:11:22.0845 4428 nfrd960 - ok14:11:22.0877 4428 [ 8AD77806D336673F270DB31645267293 ] NlaSvc C:\Windows\System32\nlasvc.dll14:11:22.0908 4428 NlaSvc - ok14:11:22.0923 4428 [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7 ] Npfs C:\Windows\system32\drivers\Npfs.sys14:11:22.0970 4428 Npfs - ok14:11:22.0986 4428 [ D54BFDF3E0C953F823B3D0BFE4732528 ] nsi C:\Windows\system32\nsisvc.dll14:11:23.0033 4428 nsi - ok14:11:23.0033 4428 [ E7F5AE18AF4168178A642A9247C63001 ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys14:11:23.0079 4428 nsiproxy - ok14:11:23.0157 4428 [ E453ACF4E7D44E5530B5D5F2B9CA8563 ] Ntfs C:\Windows\system32\drivers\Ntfs.sys14:11:23.0220 4428 Ntfs - ok14:11:23.0235 4428 [ 9899284589F75FA8724FF3D16AED75C1 ] Null C:\Windows\system32\drivers\Null.sys14:11:23.0267 4428 Null - ok14:11:23.0282 4428 [ 0A92CB65770442ED0DC44834632F66AD ] nvraid C:\Windows\system32\drivers\nvraid.sys14:11:23.0298 4428 nvraid - ok14:11:23.0329 4428 [ DAB0E87525C10052BF65F06152F37E4A ] nvstor C:\Windows\system32\drivers\nvstor.sys14:11:23.0345 4428 nvstor - ok14:11:23.0376 4428 [ 270D7CD42D6E3979F6DD0146650F0E05 ] nv_agp C:\Windows\system32\drivers\nv_agp.sys14:11:23.0391 4428 nv_agp - ok14:11:23.0423 4428 [ 3589478E4B22CE21B41FA1BFC0B8B8A0 ] ohci1394 C:\Windows\system32\drivers\ohci1394.sys14:11:23.0454 4428 ohci1394 - ok14:11:23.0469 4428 [ 3EAC4455472CC2C97107B5291E0DCAFE ] p2pimsvc C:\Windows\system32\pnrpsvc.dll14:11:23.0501 4428 p2pimsvc - ok14:11:23.0547 4428 [ 927463ECB02179F88E4B9A17568C63C3 ] p2psvc C:\Windows\system32\p2psvc.dll14:11:23.0563 4428 p2psvc - ok14:11:23.0579 4428 [ 0086431C29C35BE1DBC43F52CC273887 ] Parport C:\Windows\system32\DRIVERS\parport.sys14:11:23.0594 4428 Parport - ok14:11:23.0625 4428 [ E9766131EEADE40A27DC27D2D68FBA9C ] partmgr C:\Windows\system32\drivers\partmgr.sys14:11:23.0641 4428 partmgr - ok14:11:23.0672 4428 [ 3AEAA8B561E63452C655DC0584922257 ] PcaSvc C:\Windows\System32\pcasvc.dll14:11:23.0703 4428 PcaSvc - ok14:11:23.0719 4428 [ 94575C0571D1462A0F70BDE6BD6EE6B3 ] pci C:\Windows\system32\drivers\pci.sys14:11:23.0735 4428 pci - ok14:11:23.0750 4428 [ B5B8B5EF2E5CB34DF8DCF8831E3534FA ] pciide C:\Windows\system32\drivers\pciide.sys14:11:23.0766 4428 pciide - ok14:11:23.0781 4428 [ B2E81D4E87CE48589F98CB8C05B01F2F ] pcmcia C:\Windows\system32\DRIVERS\pcmcia.sys14:11:23.0813 4428 pcmcia - ok14:11:23.0828 4428 [ D6B9C2E1A11A3A4B26A182FFEF18F603 ] pcw C:\Windows\system32\drivers\pcw.sys14:11:23.0828 4428 pcw - ok14:11:23.0859 4428 [ 68769C3356B3BE5D1C732C97B9A80D6E ] PEAUTH C:\Windows\system32\drivers\peauth.sys14:11:23.0906 4428 PEAUTH - ok14:11:23.0969 4428 [ B9B0A4299DD2D76A4243F75FD54DC680 ] PeerDistSvc C:\Windows\system32\peerdistsvc.dll14:11:24.0031 4428 PeerDistSvc - ok14:11:24.0109 4428 [ E495E408C93141E8FC72DC0C6046DDFA ] PerfHost C:\Windows\SysWow64\perfhost.exe14:11:24.0140 4428 PerfHost - ok14:11:24.0187 4428 [ C7CF6A6E137463219E1259E3F0F0DD6C ] pla C:\Windows\system32\pla.dll14:11:24.0249 4428 pla - ok14:11:24.0296 4428 [ 25FBDEF06C4D92815B353F6E792C8129 ] PlugPlay C:\Windows\system32\umpnpmgr.dll14:11:24.0327 4428 PlugPlay - ok14:11:24.0343 4428 [ 7195581CEC9BB7D12ABE54036ACC2E38 ] PNRPAutoReg C:\Windows\system32\pnrpauto.dll14:11:24.0374 4428 PNRPAutoReg - ok14:11:24.0405 4428 [ 3EAC4455472CC2C97107B5291E0DCAFE ] PNRPsvc C:\Windows\system32\pnrpsvc.dll14:11:24.0421 4428 PNRPsvc - ok14:11:24.0452 4428 [ 4F15D75ADF6156BF56ECED6D4A55C389 ] PolicyAgent C:\Windows\System32\ipsecsvc.dll14:11:24.0499 4428 PolicyAgent - ok14:11:24.0530 4428 [ 6BA9D927DDED70BD1A9CADED45F8B184 ] Power C:\Windows\system32\umpo.dll14:11:24.0577 4428 Power - ok14:11:24.0624 4428 [ F92A2C41117A11A00BE01CA01A7FCDE9 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys14:11:24.0655 4428 PptpMiniport - ok14:11:24.0671 4428 [ 0D922E23C041EFB1C3FAC2A6F943C9BF ] Processor C:\Windows\system32\DRIVERS\processr.sys14:11:24.0702 4428 Processor - ok14:11:24.0749 4428 [ 53E83F1F6CF9D62F32801CF66D8352A8 ] ProfSvc C:\Windows\system32\profsvc.dll14:11:24.0764 4428 ProfSvc - ok14:11:24.0764 4428 [ C118A82CD78818C29AB228366EBF81C3 ] ProtectedStorage C:\Windows\system32\lsass.exe14:11:24.0780 4428 ProtectedStorage - ok14:11:24.0858 4428 [ 0557CF5A2556BD58E26384169D72438D ] Psched C:\Windows\system32\DRIVERS\pacer.sys14:11:24.0905 4428 Psched - ok14:11:24.0951 4428 [ A53A15A11EBFD21077463EE2C7AFEEF0 ] ql2300 C:\Windows\system32\DRIVERS\ql2300.sys14:11:25.0014 4428 ql2300 - ok14:11:25.0045 4428 [ 4F6D12B51DE1AAEFF7DC58C4D75423C8 ] ql40xx C:\Windows\system32\DRIVERS\ql40xx.sys14:11:25.0061 4428 ql40xx - ok14:11:25.0092 4428 [ 906191634E99AEA92C4816150BDA3732 ] QWAVE C:\Windows\system32\qwave.dll14:11:25.0123 4428 QWAVE - ok14:11:25.0154 4428 [ 76707BB36430888D9CE9D705398ADB6C ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys14:11:25.0217 4428 QWAVEdrv - ok14:11:25.0232 4428 [ 5A0DA8AD5762FA2D91678A8A01311704 ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys14:11:25.0279 4428 RasAcd - ok14:11:25.0326 4428 [ 7ECFF9B22276B73F43A99A15A6094E90 ] RasAgileVpn C:\Windows\system32\DRIVERS\AgileVpn.sys14:11:25.0373 4428 RasAgileVpn - ok14:11:25.0388 4428 [ 8F26510C5383B8DBE976DE1CD00FC8C7 ] RasAuto C:\Windows\System32\rasauto.dll14:11:25.0451 4428 RasAuto - ok14:11:25.0497 4428 [ 471815800AE33E6F1C32FB1B97C490CA ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys14:11:25.0544 4428 Rasl2tp - ok14:11:25.0591 4428 [ EE867A0870FC9E4972BA9EAAD35651E2 ] RasMan C:\Windows\System32\rasmans.dll14:11:25.0622 4428 RasMan - ok14:11:25.0653 4428 [ 855C9B1CD4756C5E9A2AA58A15F58C25 ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys14:11:25.0700 4428 RasPppoe - ok14:11:25.0716 4428 [ E8B1E447B008D07FF47D016C2B0EEECB ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys14:11:25.0763 4428 RasSstp - ok14:11:25.0794 4428 [ 77F665941019A1594D887A74F301FA2F ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys14:11:25.0841 4428 rdbss - ok14:11:25.0856 4428 [ 302DA2A0539F2CF54D7C6CC30C1F2D8D ] rdpbus C:\Windows\system32\DRIVERS\rdpbus.sys14:11:25.0887 4428 rdpbus - ok14:11:25.0903 4428 [ CEA6CC257FC9B7715F1C2B4849286D24 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys14:11:25.0950 4428 RDPCDD - ok14:11:25.0981 4428 [ 1B6163C503398B23FF8B939C67747683 ] RDPDR C:\Windows\system32\drivers\rdpdr.sys14:11:25.0997 4428 RDPDR - ok14:11:26.0012 4428 [ BB5971A4F00659529A5C44831AF22365 ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys14:11:26.0059 4428 RDPENCDD - ok14:11:26.0075 4428 [ 216F3FA57533D98E1F74DED70113177A ] RDPREFMP C:\Windows\system32\drivers\rdprefmp.sys14:11:26.0106 4428 RDPREFMP - ok14:11:26.0153 4428 [ 70CBA1A0C98600A2AA1863479B35CB90 ] RdpVideoMiniport C:\Windows\system32\drivers\rdpvideominiport.sys14:11:26.0184 4428 RdpVideoMiniport - ok14:11:26.0215 4428 [ E61608AA35E98999AF9AAEEEA6114B0A ] RDPWD C:\Windows\system32\drivers\RDPWD.sys14:11:26.0246 4428 RDPWD - ok14:11:26.0277 4428 [ 34ED295FA0121C241BFEF24764FC4520 ] rdyboost C:\Windows\system32\drivers\rdyboost.sys14:11:26.0293 4428 rdyboost - ok14:11:26.0324 4428 [ 254FB7A22D74E5511C73A3F6D802F192 ] RemoteAccess C:\Windows\System32\mprdim.dll14:11:26.0355 4428 RemoteAccess - ok14:11:26.0387 4428 [ E4D94F24081440B5FC5AA556C7C62702 ] RemoteRegistry C:\Windows\system32\regsvc.dll14:11:26.0433 4428 RemoteRegistry - ok14:11:26.0465 4428 [ E4DC58CF7B3EA515AE917FF0D402A7BB ] RpcEptMapper C:\Windows\System32\RpcEpMap.dll14:11:26.0511 4428 RpcEptMapper - ok14:11:26.0543 4428 [ D5BA242D4CF8E384DB90E6A8ED850B8C ] RpcLocator C:\Windows\system32\locator.exe14:11:26.0574 4428 RpcLocator - ok14:11:26.0605 4428 [ 5C627D1B1138676C0A7AB2C2C190D123 ] RpcSs C:\Windows\System32\rpcss.dll14:11:26.0636 4428 RpcSs - ok14:11:26.0667 4428 [ DDC86E4F8E7456261E637E3552E804FF ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys14:11:26.0699 4428 rspndr - ok14:11:26.0730 4428 [ B49DC435AE3695BAC5623DD94B05732D ] RTL8167 C:\Windows\system32\DRIVERS\Rt64win7.sys14:11:26.0761 4428 RTL8167 - ok14:11:26.0777 4428 [ E60C0A09F997826C7627B244195AB581 ] s3cap C:\Windows\system32\drivers\vms3cap.sys14:11:26.0808 4428 s3cap - ok14:11:26.0823 4428 [ C118A82CD78818C29AB228366EBF81C3 ] SamSs C:\Windows\system32\lsass.exe14:11:26.0839 4428 SamSs - ok14:11:26.0886 4428 [ 5EFBBFCC6ADAC121C8E2FE76641ED329 ] SANDRA C:\Program Files\SiSoftware\SiSoftware Sandra Lite 2010c\WNt500x64\Sandra.sys14:11:26.0901 4428 SANDRA - ok14:11:26.0917 4428 [ 6E72B22D71A62B7C9162361E5FD0DE9D ] SandraAgentSrv C:\Program Files\SiSoftware\SiSoftware Sandra Lite 2010c\RpcAgentSrv.exe14:11:26.0933 4428 SandraAgentSrv ( UnsignedFile.Multi.Generic ) - warning14:11:26.0933 4428 SandraAgentSrv - detected UnsignedFile.Multi.Generic (1)14:11:26.0964 4428 [ AC03AF3329579FFFB455AA2DAABBE22B ] sbp2port C:\Windows\system32\drivers\sbp2port.sys14:11:26.0979 4428 sbp2port - ok14:11:27.0011 4428 [ 9B7395789E3791A3B6D000FE6F8B131E ] SCardSvr C:\Windows\System32\SCardSvr.dll14:11:27.0057 4428 SCardSvr - ok14:11:27.0089 4428 [ 253F38D0D7074C02FF8DEB9836C97D2B ] scfilter C:\Windows\system32\DRIVERS\scfilter.sys14:11:27.0135 4428 scfilter - ok14:11:27.0167 4428 [ 262F6592C3299C005FD6BEC90FC4463A ] Schedule C:\Windows\system32\schedsvc.dll14:11:27.0229 4428 Schedule - ok14:11:27.0260 4428 [ F17D1D393BBC69C5322FBFAFACA28C7F ] SCPolicySvc C:\Windows\System32\certprop.dll14:11:27.0291 4428 SCPolicySvc - ok14:11:27.0323 4428 [ 6EA4234DC55346E0709560FE7C2C1972 ] SDRSVC C:\Windows\System32\SDRSVC.dll14:11:27.0354 4428 SDRSVC - ok14:11:27.0385 4428 [ 3EA8A16169C26AFBEB544E0E48421186 ] secdrv C:\Windows\system32\drivers\secdrv.sys14:11:27.0416 4428 secdrv - ok14:11:27.0447 4428 [ BC617A4E1B4FA8DF523A061739A0BD87 ] seclogon C:\Windows\system32\seclogon.dll14:11:27.0494 4428 seclogon - ok14:11:27.0525 4428 [ C32AB8FA018EF34C0F113BD501436D21 ] SENS C:\Windows\system32\sens.dll14:11:27.0572 4428 SENS - ok14:11:27.0588 4428 [ 0336CFFAFAAB87A11541F1CF1594B2B2 ] SensrSvc C:\Windows\system32\sensrsvc.dll14:11:27.0619 4428 SensrSvc - ok14:11:27.0635 4428 [ CB624C0035412AF0DEBEC78C41F5CA1B ] Serenum C:\Windows\system32\DRIVERS\serenum.sys14:11:27.0666 4428 Serenum - ok14:11:27.0681 4428 [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6 ] Serial C:\Windows\system32\DRIVERS\serial.sys14:11:27.0697 4428 Serial - ok14:11:27.0728 4428 [ 1C545A7D0691CC4A027396535691C3E3 ] sermouse C:\Windows\system32\DRIVERS\sermouse.sys14:11:27.0759 4428 sermouse - ok14:11:27.0791 4428 [ 0B6231BF38174A1628C4AC812CC75804 ] SessionEnv C:\Windows\system32\sessenv.dll14:11:27.0837 4428 SessionEnv - ok14:11:27.0869 4428 [ A554811BCD09279536440C964AE35BBF ] sffdisk C:\Windows\system32\drivers\sffdisk.sys14:11:27.0900 4428 sffdisk - ok14:11:27.0900 4428 [ FF414F0BAEFEBA59BC6C04B3DB0B87BF ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys14:11:27.0931 4428 sffp_mmc - ok14:11:27.0947 4428 [ DD85B78243A19B59F0637DCF284DA63C ] sffp_sd C:\Windows\system32\drivers\sffp_sd.sys14:11:27.0978 4428 sffp_sd - ok14:11:27.0993 4428 [ A9D601643A1647211A1EE2EC4E433FF4 ] sfloppy C:\Windows\system32\DRIVERS\sfloppy.sys14:11:28.0025 4428 sfloppy - ok14:11:28.0056 4428 [ B95F6501A2F8B2E78C697FEC401970CE ] SharedAccess C:\Windows\System32\ipnathlp.dll14:11:28.0087 4428 SharedAccess - ok14:11:28.0118 4428 [ AAF932B4011D14052955D4B212A4DA8D ] ShellHWDetection C:\Windows\System32\shsvcs.dll14:11:28.0181 4428 ShellHWDetection - ok14:11:28.0196 4428 [ 843CAF1E5FDE1FFD5FF768F23A51E2E1 ] SiSRaid2 C:\Windows\system32\DRIVERS\SiSRaid2.sys14:11:28.0212 4428 SiSRaid2 - ok14:11:28.0227 4428 [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4 ] SiSRaid4 C:\Windows\system32\DRIVERS\sisraid4.sys14:11:28.0243 4428 SiSRaid4 - ok14:11:28.0274 4428 [ 548260A7B8654E024DC30BF8A7C5BAA4 ] Smb C:\Windows\system32\DRIVERS\smb.sys14:11:28.0305 4428 Smb - ok14:11:28.0337 4428 [ 6313F223E817CC09AA41811DAA7F541D ] SNMPTRAP C:\Windows\System32\snmptrap.exe14:11:28.0368 4428 SNMPTRAP - ok14:11:28.0383 4428 [ B9E31E5CACDFE584F34F730A677803F9 ] spldr C:\Windows\system32\drivers\spldr.sys14:11:28.0399 4428 spldr - ok14:11:28.0430 4428 [ 85DAA09A98C9286D4EA2BA8D0E644377 ] Spooler C:\Windows\System32\spoolsv.exe14:11:28.0461 4428 Spooler - ok14:11:28.0555 4428 [ E17E0188BB90FAE42D83E98707EFA59C ] sppsvc C:\Windows\system32\sppsvc.exe14:11:28.0617 4428 sppsvc - ok14:11:28.0633 4428 [ 93D7D61317F3D4BC4F4E9F8A96A7DE45 ] sppuinotify C:\Windows\system32\sppuinotify.dll14:11:28.0695 4428 sppuinotify - ok14:11:28.0727 4428 [ 441FBA48BFF01FDB9D5969EBC1838F0B ] srv C:\Windows\system32\DRIVERS\srv.sys14:11:28.0742 4428 srv - ok14:11:28.0773 4428 [ B4ADEBBF5E3677CCE9651E0F01F7CC28 ] srv2 C:\Windows\system32\DRIVERS\srv2.sys14:11:28.0789 4428 srv2 - ok14:11:28.0805 4428 [ 27E461F0BE5BFF5FC737328F749538C3 ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys14:11:28.0820 4428 srvnet - ok14:11:28.0851 4428 [ 51B52FBD583CDE8AA9BA62B8B4298F33 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll14:11:28.0898 4428 SSDPSRV - ok14:11:28.0914 4428 [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB ] SstpSvc C:\Windows\system32\sstpsvc.dll14:11:28.0961 4428 SstpSvc - ok14:11:28.0976 4428 [ F3817967ED533D08327DC73BC4D5542A ] stexstor C:\Windows\system32\DRIVERS\stexstor.sys14:11:28.0992 4428 stexstor - ok14:11:29.0023 4428 [ 8DD52E8E6128F4B2DA92CE27402871C1 ] stisvc C:\Windows\System32\wiaservc.dll14:11:29.0054 4428 stisvc - ok14:11:29.0101 4428 [ 7785DC213270D2FC066538DAF94087E7 ] storflt C:\Windows\system32\drivers\vmstorfl.sys14:11:29.0117 4428 storflt - ok14:11:29.0148 4428 [ D34E4943D5AC096C8EDEEBFD80D76E23 ] storvsc C:\Windows\system32\drivers\storvsc.sys14:11:29.0163 4428 storvsc - ok14:11:29.0195 4428 [ D01EC09B6711A5F8E7E6564A4D0FBC90 ] swenum C:\Windows\system32\drivers\swenum.sys14:11:29.0210 4428 swenum - ok14:11:29.0241 4428 [ D294DB3E6B227BA511A454DF4B9A5856 ] swmsflt C:\Windows\System32\drivers\swmsflt.sys14:11:29.0257 4428 swmsflt - ok14:11:29.0288 4428 [ 7DAF66ED79A8EE340E6C22252A97DE08 ] SWMX00 C:\Windows\system32\DRIVERS\swmx00.sys14:11:29.0304 4428 SWMX00 - ok14:11:29.0335 4428 [ 4A827A6BE651DA66AA85D17726743BF5 ] SWNC5E00 C:\Windows\system32\DRIVERS\SWNC5E00.sys14:11:29.0366 4428 SWNC5E00 - ok14:11:29.0413 4428 [ E08E46FDD841B7184194011CA1955A0B ] swprv C:\Windows\System32\swprv.dll14:11:29.0475 4428 swprv - ok14:11:29.0475 4428 SWUMX20 - ok14:11:29.0538 4428 Synth3dVsc - ok14:11:29.0600 4428 [ BF9CCC0BF39B418C8D0AE8B05CF95B7D ] SysMain C:\Windows\system32\sysmain.dll14:11:29.0647 4428 SysMain - ok14:11:29.0678 4428 [ E3C61FD7B7C2557E1F1B0B4CEC713585 ] TabletInputService C:\Windows\System32\TabSvc.dll14:11:29.0709 4428 TabletInputService - ok14:11:29.0741 4428 [ 40F0849F65D13EE87B9A9AE3C1DD6823 ] TapiSrv C:\Windows\System32\tapisrv.dll14:11:29.0803 4428 TapiSrv - ok14:11:29.0819 4428 [ 1BE03AC720F4D302EA01D40F588162F6 ] TBS C:\Windows\System32\tbssvc.dll14:11:29.0865 4428 TBS - ok14:11:29.0928 4428 [ 37608401DFDB388CAF66917F6B2D6FB0 ] Tcpip C:\Windows\system32\drivers\tcpip.sys14:11:30.0006 4428 Tcpip - ok14:11:30.0068 4428 [ 37608401DFDB388CAF66917F6B2D6FB0 ] TCPIP6 C:\Windows\system32\DRIVERS\tcpip.sys14:11:30.0099 4428 TCPIP6 - ok14:11:30.0131 4428 [ 1B16D0BD9841794A6E0CDE0CEF744ABC ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys14:11:30.0162 4428 tcpipreg - ok14:11:30.0193 4428 [ 3371D21011695B16333A3934340C4E7C ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys14:11:30.0224 4428 TDPIPE - ok14:11:30.0240 4428 [ 51C5ECEB1CDEE2468A1748BE550CFBC8 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys14:11:30.0271 4428 TDTCP - ok14:11:30.0302 4428 [ DDAD5A7AB24D8B65F8D724F5C20FD806 ] tdx C:\Windows\system32\DRIVERS\tdx.sys14:11:30.0333 4428 tdx - ok14:11:30.0349 4428 [ 561E7E1F06895D78DE991E01DD0FB6E5 ] TermDD C:\Windows\system32\drivers\termdd.sys14:11:30.0365 4428 TermDD - ok14:11:30.0396 4428 [ 2E648163254233755035B46DD7B89123 ] TermService C:\Windows\System32\termsrv.dll14:11:30.0443 4428 TermService - ok14:11:30.0458 4428 [ F0344071948D1A1FA732231785A0664C ] Themes C:\Windows\system32\themeservice.dll14:11:30.0489 4428 Themes - ok14:11:30.0521 4428 [ E40E80D0304A73E8D269F7141D77250B ] THREADORDER C:\Windows\system32\mmcss.dll14:11:30.0552 4428 THREADORDER - ok14:11:30.0567 4428 [ 7E7AFD841694F6AC397E99D75CEAD49D ] TrkWks C:\Windows\System32\trkwks.dll14:11:30.0614 4428 TrkWks - ok14:11:30.0677 4428 [ 773212B2AAA24C1E31F10246B15B276C ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe14:11:30.0708 4428 TrustedInstaller - ok14:11:30.0739 4428 [ CE18B2CDFC837C99E5FAE9CA6CBA5D30 ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys14:11:30.0786 4428 tssecsrv - ok14:11:30.0801 4428 [ D11C783E3EF9A3C52C0EBE83CC5000E9 ] TsUsbFlt C:\Windows\system32\drivers\tsusbflt.sys14:11:30.0833 4428 TsUsbFlt - ok14:11:30.0833 4428 tsusbhub - ok14:11:30.0879 4428 [ 3566A8DAAFA27AF944F5D705EAA64894 ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys14:11:30.0911 4428 tunnel - ok14:11:30.0926 4428 [ B4DD609BD7E282BFC683CEC7EAAAAD67 ] uagp35 C:\Windows\system32\DRIVERS\uagp35.sys14:11:30.0942 4428 uagp35 - ok14:11:30.0973 4428 [ FF4232A1A64012BAA1FD97C7B67DF593 ] udfs C:\Windows\system32\DRIVERS\udfs.sys14:11:31.0020 4428 udfs - ok14:11:31.0051 4428 [ 3CBDEC8D06B9968ABA702EBA076364A1 ] UI0Detect C:\Windows\system32\UI0Detect.exe14:11:31.0082 4428 UI0Detect - ok14:11:31.0098 4428 [ 4BFE1BC28391222894CBF1E7D0E42320 ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys14:11:31.0113 4428 uliagpkx - ok14:11:31.0145 4428 [ DC54A574663A895C8763AF0FA1FF7561 ] umbus C:\Windows\system32\drivers\umbus.sys14:11:31.0160 4428 umbus - ok14:11:31.0176 4428 [ B2E8E8CB557B156DA5493BBDDCC1474D ] UmPass C:\Windows\system32\DRIVERS\umpass.sys14:11:31.0207 4428 UmPass - ok14:11:31.0223 4428 [ A293DCD756D04D8492A750D03B9A297C ] UmRdpService C:\Windows\System32\umrdp.dll14:11:31.0254 4428 UmRdpService - ok14:11:31.0285 4428 [ D47EC6A8E81633DD18D2436B19BAF6DE ] upnphost C:\Windows\System32\upnphost.dll14:11:31.0347 4428 upnphost - ok14:11:31.0394 4428 [ 54D4B48D443E7228BF64CF7CDC3118AC ] USBAAPL64 C:\Windows\system32\Drivers\usbaapl64.sys14:11:31.0410 4428 USBAAPL64 - ok14:11:31.0441 4428 [ 6F1A3157A1C89435352CEB543CDB359C ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys14:11:31.0457 4428 usbccgp - ok14:11:31.0488 4428 [ AF0892A803FDDA7492F595368E3B68E7 ] usbcir C:\Windows\system32\drivers\usbcir.sys14:11:31.0503 4428 usbcir - ok14:11:31.0519 4428 [ C025055FE7B87701EB042095DF1A2D7B ] usbehci C:\Windows\system32\DRIVERS\usbehci.sys14:11:31.0550 4428 usbehci - ok14:11:31.0581 4428 [ 287C6C9410B111B68B52CA298F7B8C24 ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys14:11:31.0613 4428 usbhub - ok14:11:31.0628 4428 [ 9840FC418B4CBD632D3D0A667A725C31 ] usbohci C:\Windows\system32\DRIVERS\usbohci.sys14:11:31.0644 4428 usbohci - ok14:11:31.0659 4428 [ 73188F58FB384E75C4063D29413CEE3D ] usbprint C:\Windows\system32\DRIVERS\usbprint.sys14:11:31.0706 4428 usbprint - ok14:11:31.0722 4428 [ FED648B01349A3C8395A5169DB5FB7D6 ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS14:11:31.0753 4428 USBSTOR - ok14:11:31.0769 4428 [ 62069A34518BCF9C1FD9E74B3F6DB7CD ] usbuhci C:\Windows\system32\drivers\usbuhci.sys14:11:31.0784 4428 usbuhci - ok14:11:31.0784 4428 [ EDBB23CBCF2CDF727D64FF9B51A6070E ] UxSms C:\Windows\System32\uxsms.dll14:11:31.0847 4428 UxSms - ok14:11:31.0862 4428 [ C118A82CD78818C29AB228366EBF81C3 ] VaultSvc C:\Windows\system32\lsass.exe14:11:31.0878 4428 VaultSvc - ok14:11:31.0909 4428 [ C5C876CCFC083FF3B128F933823E87BD ] vdrvroot C:\Windows\system32\drivers\vdrvroot.sys14:11:31.0925 4428 vdrvroot - ok14:11:31.0956 4428 [ 8D6B481601D01A456E75C3210F1830BE ] vds C:\Windows\System32\vds.exe14:11:32.0034 4428 vds - ok14:11:32.0049 4428 [ DA4DA3F5E02943C2DC8C6ED875DE68DD ] vga C:\Windows\system32\DRIVERS\vgapnp.sys14:11:32.0081 4428 vga - ok14:11:32.0081 4428 [ 53E92A310193CB3C03BEA963DE7D9CFC ] VgaSave C:\Windows\System32\drivers\vga.sys14:11:32.0127 4428 VgaSave - ok14:11:32.0159 4428 VGPU - ok14:11:32.0190 4428 [ 2CE2DF28C83AEAF30084E1B1EB253CBB ] vhdmp C:\Windows\system32\drivers\vhdmp.sys14:11:32.0205 4428 vhdmp - ok14:11:32.0221 4428 [ E5689D93FFE4E5D66C0178761240DD54 ] viaide C:\Windows\system32\drivers\viaide.sys14:11:32.0237 4428 viaide - ok14:11:32.0268 4428 [ 86EA3E79AE350FEA5331A1303054005F ] vmbus C:\Windows\system32\drivers\vmbus.sys14:11:32.0283 4428 vmbus - ok14:11:32.0299 4428 [ 7DE90B48F210D29649380545DB45A187 ] VMBusHID C:\Windows\system32\drivers\VMBusHID.sys14:11:32.0346 4428 VMBusHID - ok14:11:32.0361 4428 [ D2AAFD421940F640B407AEFAAEBD91B0 ] volmgr C:\Windows\system32\drivers\volmgr.sys14:11:32.0377 4428 volmgr - ok14:11:32.0408 4428 [ A255814907C89BE58B79EF2F189B843B ] volmgrx C:\Windows\system32\drivers\volmgrx.sys14:11:32.0439 4428 volmgrx - ok14:11:32.0471 4428 [ 0D08D2F3B3FF84E433346669B5E0F639 ] volsnap C:\Windows\system32\drivers\volsnap.sys14:11:32.0502 4428 volsnap - ok14:11:32.0533 4428 [ 5E2016EA6EBACA03C04FEAC5F330D997 ] vsmraid C:\Windows\system32\DRIVERS\vsmraid.sys14:11:32.0549 4428 vsmraid - ok14:11:32.0767 4428 [ B60BA0BC31B0CB414593E169F6F21CC2 ] VSS C:\Windows\system32\vssvc.exe14:11:32.0845 4428 VSS - ok14:11:32.0861 4428 [ 36D4720B72B5C5D9CB2B9C29E9DF67A1 ] vwifibus C:\Windows\system32\DRIVERS\vwifibus.sys14:11:32.0892 4428 vwifibus - ok14:11:32.0923 4428 [ 6A3D66263414FF0D6FA754C646612F3F ] vwififlt C:\Windows\system32\DRIVERS\vwififlt.sys14:11:32.0954 4428 vwififlt - ok14:11:32.0985 4428 [ 1C9D80CC3849B3788048078C26486E1A ] W32Time C:\Windows\system32\w32time.dll14:11:33.0063 4428 W32Time - ok14:11:33.0095 4428 [ 4E9440F4F152A7B944CB1663D3935A3E ] WacomPen C:\Windows\system32\DRIVERS\wacompen.sys14:11:33.0126 4428 WacomPen - ok14:11:33.0157 4428 [ 356AFD78A6ED4457169241AC3965230C ] WANARP C:\Windows\system32\DRIVERS\wanarp.sys14:11:33.0204 4428 WANARP - ok14:11:33.0219 4428 [ 356AFD78A6ED4457169241AC3965230C ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys14:11:33.0251 4428 Wanarpv6 - ok14:11:33.0297 4428 [ 3CEC96DE223E49EAAE3651FCF8FAEA6C ] WatAdminSvc C:\Windows\system32\Wat\WatAdminSvc.exe14:11:33.0360 4428 WatAdminSvc - ok14:11:33.0438 4428 [ 78F4E7F5C56CB9716238EB57DA4B6A75 ] wbengine C:\Windows\system32\wbengine.exe14:11:33.0500 4428 wbengine - ok14:11:33.0516 4428 [ 3AA101E8EDAB2DB4131333F4325C76A3 ] WbioSrvc C:\Windows\System32\wbiosrvc.dll14:11:33.0547 4428 WbioSrvc - ok14:11:33.0609 4428 [ 7368A2AFD46E5A4481D1DE9D14848EDD ] wcncsvc C:\Windows\System32\wcncsvc.dll14:11:33.0641 4428 wcncsvc - ok14:11:33.0656 4428 [ 20F7441334B18CEE52027661DF4A6129 ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll14:11:33.0672 4428 WcsPlugInService - ok14:11:33.0687 4428 [ 72889E16FF12BA0F235467D6091B17DC ] Wd C:\Windows\system32\DRIVERS\wd.sys14:11:33.0703 4428 Wd - ok14:11:33.0828 4428 [ 442783E2CB0DA19873B7A63833FF4CB4 ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys14:11:33.0875 4428 Wdf01000 - ok14:11:33.0890 4428 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiServiceHost C:\Windows\system32\wdi.dll14:11:33.0921 4428 WdiServiceHost - ok14:11:33.0921 4428 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiSystemHost C:\Windows\system32\wdi.dll Link to post Share on other sites More sharing options...
supturb89 Posted December 30, 2012 Author ID:628559 Share Posted December 30, 2012 more TDSKiller14:11:33.0953 4428 WdiSystemHost - ok14:11:33.0984 4428 [ 3DB6D04E1C64272F8B14EB8BC4616280 ] WebClient C:\Windows\System32\webclnt.dll14:11:34.0046 4428 WebClient - ok14:11:34.0062 4428 [ C749025A679C5103E575E3B48E092C43 ] Wecsvc C:\Windows\system32\wecsvc.dll14:11:34.0124 4428 Wecsvc - ok14:11:34.0155 4428 [ 7E591867422DC788B9E5BD337A669A08 ] wercplsupport C:\Windows\System32\wercplsupport.dll14:11:34.0202 4428 wercplsupport - ok14:11:34.0233 4428 [ 6D137963730144698CBD10F202E9F251 ] WerSvc C:\Windows\System32\WerSvc.dll14:11:34.0265 4428 WerSvc - ok14:11:34.0280 4428 [ 611B23304BF067451A9FDEE01FBDD725 ] WfpLwf C:\Windows\system32\DRIVERS\wfplwf.sys14:11:34.0311 4428 WfpLwf - ok14:11:34.0374 4428 [ 1EF54B3220EBF3794439EB072B350F3E ] WHSConnector C:\Program Files\Windows Home Server\WHSConnector.exe14:11:34.0389 4428 WHSConnector - ok14:11:34.0405 4428 [ 05ECAEC3E4529A7153B3136CEB49F0EC ] WIMMount C:\Windows\system32\drivers\wimmount.sys14:11:34.0421 4428 WIMMount - ok14:11:34.0452 4428 WinDefend - ok14:11:34.0452 4428 WinHttpAutoProxySvc - ok14:11:34.0499 4428 [ 19B07E7E8915D701225DA41CB3877306 ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll14:11:34.0561 4428 Winmgmt - ok14:11:34.0623 4428 [ BCB1310604AA415C4508708975B3931E ] WinRM C:\Windows\system32\WsmSvc.dll14:11:34.0733 4428 WinRM - ok14:11:34.0779 4428 [ FE88B288356E7B47B74B13372ADD906D ] WinUsb C:\Windows\system32\DRIVERS\WinUsb.sys14:11:34.0795 4428 WinUsb - ok14:11:34.0842 4428 [ 4FADA86E62F18A1B2F42BA18AE24E6AA ] Wlansvc C:\Windows\System32\wlansvc.dll14:11:34.0873 4428 Wlansvc - ok14:11:34.0935 4428 [ 06C8FA1CF39DE6A735B54D906BA791C6 ] wlcrasvc C:\Program Files\Windows Live\Mesh\wlcrasvc.exe14:11:34.0951 4428 wlcrasvc - ok14:11:35.0060 4428 [ 7E47C328FC4768CB8BEAFBCFAFA70362 ] wlidsvc C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE14:11:35.0107 4428 wlidsvc - ok14:11:35.0138 4428 [ F6FF8944478594D0E414D3F048F0D778 ] WmiAcpi C:\Windows\system32\drivers\wmiacpi.sys14:11:35.0169 4428 WmiAcpi - ok14:11:35.0201 4428 [ 38B84C94C5A8AF291ADFEA478AE54F93 ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe14:11:35.0232 4428 wmiApSrv - ok14:11:35.0279 4428 WMPNetworkSvc - ok14:11:35.0294 4428 [ 96C6E7100D724C69FCF9E7BF590D1DCA ] WPCSvc C:\Windows\System32\wpcsvc.dll14:11:35.0310 4428 WPCSvc - ok14:11:35.0341 4428 [ 93221146D4EBBF314C29B23CD6CC391D ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll14:11:35.0372 4428 WPDBusEnum - ok14:11:35.0419 4428 [ 6BCC1D7D2FD2453957C5479A32364E52 ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys14:11:35.0450 4428 ws2ifsl - ok14:11:35.0466 4428 [ E8B1FE6669397D1772D8196DF0E57A9E ] wscsvc C:\Windows\system32\wscsvc.dll14:11:35.0497 4428 wscsvc - ok14:11:35.0497 4428 WSearch - ok14:11:35.0637 4428 [ D9EF901DCA379CFE914E9FA13B73B4C4 ] wuauserv C:\Windows\system32\wuaueng.dll14:11:35.0684 4428 wuauserv - ok14:11:35.0715 4428 [ AB886378EEB55C6C75B4F2D14B6C869F ] WudfPf C:\Windows\system32\drivers\WudfPf.sys14:11:35.0747 4428 WudfPf - ok14:11:35.0778 4428 [ DDA4CAF29D8C0A297F886BFE561E6659 ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys14:11:35.0809 4428 WUDFRd - ok14:11:35.0840 4428 [ B20F051B03A966392364C83F009F7D17 ] wudfsvc C:\Windows\System32\WUDFSvc.dll14:11:35.0871 4428 wudfsvc - ok14:11:35.0887 4428 [ 9A3452B3C2A46C073166C5CF49FAD1AE ] WwanSvc C:\Windows\System32\wwansvc.dll14:11:35.0949 4428 WwanSvc - ok14:11:35.0965 4428 ================ Scan global ===============================14:11:35.0981 4428 [ BA0CD8C393E8C9F83354106093832C7B ] C:\Windows\system32\basesrv.dll14:11:36.0012 4428 [ 72CC564BBC70DE268784BCE91EB8A28F ] C:\Windows\system32\winsrv.dll14:11:36.0043 4428 [ 72CC564BBC70DE268784BCE91EB8A28F ] C:\Windows\system32\winsrv.dll14:11:36.0059 4428 [ D6160F9D869BA3AF0B787F971DB56368 ] C:\Windows\system32\sxssrv.dll14:11:36.0137 4428 [ 24ACB7E5BE595468E3B9AA488B9B4FCB ] C:\Windows\system32\services.exe14:11:36.0137 4428 [Global] - ok14:11:36.0137 4428 ================ Scan MBR ==================================14:11:36.0152 4428 [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR014:11:36.0854 4428 \Device\Harddisk0\DR0 - ok14:11:37.0135 4428 [ 973E9BA32FDBB305C552ED3E1EBF0686 ] \Device\Harddisk1\DR114:11:37.0619 4428 \Device\Harddisk1\DR1 - ok14:11:37.0619 4428 ================ Scan VBR ==================================14:11:37.0634 4428 [ A2759C58FFBFCA8425E25DA4176B27C5 ] \Device\Harddisk0\DR0\Partition114:11:37.0650 4428 \Device\Harddisk0\DR0\Partition1 - ok14:11:37.0650 4428 [ 135DD926E5C6BA97CACDFA51CFF160B8 ] \Device\Harddisk1\DR1\Partition114:11:37.0665 4428 \Device\Harddisk1\DR1\Partition1 - ok14:11:37.0665 4428 ================ Scan active images ========================14:11:37.0665 4428 [ 02062C0B390B7729EDC9E69C680A6F3C ] C:\Windows\System32\drivers\atapi.sys14:11:37.0665 4428 C:\Windows\System32\drivers\atapi.sys - ok14:11:37.0665 4428 [ 3E588B60EC061686BA05D33574A344C6 ] C:\Windows\System32\drivers\crashdmp.sys14:11:37.0665 4428 C:\Windows\System32\drivers\crashdmp.sys - ok14:11:37.0665 4428 [ 839B5FE3D48E9F35B22C21A3D5103F6C ] C:\Windows\System32\drivers\Dumpata.sys14:11:37.0665 4428 C:\Windows\System32\drivers\Dumpata.sys - ok14:11:37.0681 4428 [ 814DB88F2641691575A455CF25354098 ] C:\Windows\System32\drivers\dumpfve.sys14:11:37.0681 4428 C:\Windows\System32\drivers\dumpfve.sys - ok14:11:37.0681 4428 [ F036CE71586E93D94DAB220D7BDF4416 ] C:\Windows\System32\drivers\cdrom.sys14:11:37.0681 4428 C:\Windows\System32\drivers\cdrom.sys - ok14:11:37.0681 4428 [ E71D826A1F3CE9C9DE3E77F2D02AFFBF ] C:\Windows\System32\drivers\aswSnx.sys14:11:37.0681 4428 C:\Windows\System32\drivers\aswSnx.sys - ok14:11:37.0697 4428 [ 16A47CE2DECC9B099349A5F840654746 ] C:\Windows\System32\drivers\beep.sys14:11:37.0697 4428 C:\Windows\System32\drivers\beep.sys - ok14:11:37.0697 4428 [ 919ACCC22ABDC1C3CA68326C0E5DEAF9 ] C:\Windows\System32\drivers\cmdGuard.sys14:11:37.0697 4428 C:\Windows\System32\drivers\cmdGuard.sys - ok14:11:37.0697 4428 [ 9899284589F75FA8724FF3D16AED75C1 ] C:\Windows\System32\drivers\null.sys14:11:37.0697 4428 C:\Windows\System32\drivers\null.sys - ok14:11:37.0712 4428 [ 53E92A310193CB3C03BEA963DE7D9CFC ] C:\Windows\System32\drivers\vga.sys14:11:37.0712 4428 C:\Windows\System32\drivers\vga.sys - ok14:11:37.0712 4428 [ E7353D59C9842BC7299FAEB7E7E09340 ] C:\Windows\System32\drivers\videoprt.sys14:11:37.0712 4428 C:\Windows\System32\drivers\videoprt.sys - ok14:11:37.0712 4428 [ FC438D1430B28618E2D0C7C332A710AD ] C:\Windows\System32\drivers\watchdog.sys14:11:37.0712 4428 C:\Windows\System32\drivers\watchdog.sys - ok14:11:37.0728 4428 [ CEA6CC257FC9B7715F1C2B4849286D24 ] C:\Windows\System32\drivers\RDPCDD.sys14:11:37.0728 4428 C:\Windows\System32\drivers\RDPCDD.sys - ok14:11:37.0728 4428 [ BB5971A4F00659529A5C44831AF22365 ] C:\Windows\System32\drivers\RDPENCDD.sys14:11:37.0728 4428 C:\Windows\System32\drivers\RDPENCDD.sys - ok14:11:37.0728 4428 [ 216F3FA57533D98E1F74DED70113177A ] C:\Windows\System32\drivers\RDPREFMP.sys14:11:37.0728 4428 C:\Windows\System32\drivers\RDPREFMP.sys - ok14:11:37.0743 4428 [ AA3FB40E17CE1388FA1BEDAB50EA8F96 ] C:\Windows\System32\drivers\msfs.sys14:11:37.0743 4428 C:\Windows\System32\drivers\msfs.sys - ok14:11:37.0743 4428 [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7 ] C:\Windows\System32\drivers\npfs.sys14:11:37.0743 4428 C:\Windows\System32\drivers\npfs.sys - ok14:11:37.0743 4428 [ 6F020A220388ECA0AB6062DC27BD16B6 ] C:\Windows\System32\drivers\tdi.sys14:11:37.0743 4428 C:\Windows\System32\drivers\tdi.sys - ok14:11:37.0759 4428 [ DDAD5A7AB24D8B65F8D724F5C20FD806 ] C:\Windows\System32\drivers\tdx.sys14:11:37.0759 4428 C:\Windows\System32\drivers\tdx.sys - ok14:11:37.0759 4428 [ 6EDC79D73745FD44C41B55B2D13D0B70 ] C:\Windows\System32\drivers\aswTdi.sys14:11:37.0759 4428 C:\Windows\System32\drivers\aswTdi.sys - ok14:11:37.0759 4428 [ F8FECE0F1D44C4A58778083B00EEADAC ] C:\Windows\System32\drivers\cmdhlp.sys14:11:37.0759 4428 C:\Windows\System32\drivers\cmdhlp.sys - ok14:11:37.0759 4428 [ 1C7857B62DE5994A75B054A9FD4C3825 ] C:\Windows\System32\drivers\afd.sys14:11:37.0759 4428 C:\Windows\System32\drivers\afd.sys - ok14:11:37.0775 4428 [ 57768C7DB4681F2510F247F82EF31D4F ] C:\Windows\System32\drivers\aswRdr2.sys14:11:37.0775 4428 C:\Windows\System32\drivers\aswRdr2.sys - ok14:11:37.0775 4428 [ 09594D1089C523423B32A4229263F068 ] C:\Windows\System32\drivers\netbt.sys14:11:37.0775 4428 C:\Windows\System32\drivers\netbt.sys - ok14:11:37.0775 4428 [ 611B23304BF067451A9FDEE01FBDD725 ] C:\Windows\System32\drivers\wfplwf.sys14:11:37.0775 4428 C:\Windows\System32\drivers\wfplwf.sys - ok14:11:37.0790 4428 [ 6BCC1D7D2FD2453957C5479A32364E52 ] C:\Windows\System32\drivers\ws2ifsl.sys14:11:37.0790 4428 C:\Windows\System32\drivers\ws2ifsl.sys - ok14:11:37.0790 4428 [ 0557CF5A2556BD58E26384169D72438D ] C:\Windows\System32\drivers\pacer.sys14:11:37.0790 4428 C:\Windows\System32\drivers\pacer.sys - ok14:11:37.0790 4428 [ 6A3D66263414FF0D6FA754C646612F3F ] C:\Windows\System32\drivers\vwififlt.sys14:11:37.0790 4428 C:\Windows\System32\drivers\vwififlt.sys - ok14:11:37.0806 4428 [ C4E67D3037DC79E39D7136581A947F50 ] C:\Windows\System32\drivers\inspect.sys14:11:37.0806 4428 C:\Windows\System32\drivers\inspect.sys - ok14:11:37.0806 4428 [ 86743D9F5D2B1048062B14B1D84501C4 ] C:\Windows\System32\drivers\netbios.sys14:11:37.0806 4428 C:\Windows\System32\drivers\netbios.sys - ok14:11:37.0806 4428 [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6 ] C:\Windows\System32\drivers\serial.sys14:11:37.0806 4428 C:\Windows\System32\drivers\serial.sys - ok14:11:37.0821 4428 [ 356AFD78A6ED4457169241AC3965230C ] C:\Windows\System32\drivers\wanarp.sys14:11:37.0821 4428 C:\Windows\System32\drivers\wanarp.sys - ok14:11:37.0821 4428 [ 561E7E1F06895D78DE991E01DD0FB6E5 ] C:\Windows\System32\drivers\termdd.sys14:11:37.0821 4428 C:\Windows\System32\drivers\termdd.sys - ok14:11:37.0821 4428 [ 0EED230E37515A0EAEE3C2E1BC97B288 ] C:\Windows\System32\drivers\mssmbios.sys14:11:37.0821 4428 C:\Windows\System32\drivers\mssmbios.sys - ok14:11:37.0837 4428 [ E7F5AE18AF4168178A642A9247C63001 ] C:\Windows\System32\drivers\nsiproxy.sys14:11:37.0837 4428 C:\Windows\System32\drivers\nsiproxy.sys - ok14:11:37.0837 4428 [ 77F665941019A1594D887A74F301FA2F ] C:\Windows\System32\drivers\rdbss.sys14:11:37.0837 4428 C:\Windows\System32\drivers\rdbss.sys - ok14:11:37.0837 4428 [ 13096B05847EC78F0977F2C0F79E9AB3 ] C:\Windows\System32\drivers\discache.sys14:11:37.0837 4428 C:\Windows\System32\drivers\discache.sys - ok14:11:37.0853 4428 [ A05FC7ECA0966EBB70E4D17B855A853B ] C:\Windows\System32\drivers\ElbyCDIO.sys14:11:37.0853 4428 C:\Windows\System32\drivers\ElbyCDIO.sys - ok14:11:37.0853 4428 [ 54DA3DFD29ED9F1619B6F53F3CE55E49 ] C:\Windows\System32\drivers\csc.sys14:11:37.0853 4428 C:\Windows\System32\drivers\csc.sys - ok14:11:37.0853 4428 [ 61583EE3C3A17003C4ACD0475646B4D3 ] C:\Windows\System32\drivers\blbdrive.sys14:11:37.0853 4428 C:\Windows\System32\drivers\blbdrive.sys - ok14:11:37.0868 4428 [ 9BB2EF44EAA163B29C4A4587887A0FE4 ] C:\Windows\System32\drivers\dfsc.sys14:11:37.0868 4428 C:\Windows\System32\drivers\dfsc.sys - ok14:11:37.0868 4428 [ 538A32E2C99BF073D4CA76C30BEDAA60 ] C:\Windows\System32\drivers\aswSP.sys14:11:37.0868 4428 C:\Windows\System32\drivers\aswSP.sys - ok14:11:37.0868 4428 [ 68726474C69B738EAC3A62E06B33ADDC ] C:\Windows\SysWOW64\drivers\AsIO.sys14:11:37.0868 4428 C:\Windows\SysWOW64\drivers\AsIO.sys - ok14:11:37.0884 4428 [ 3566A8DAAFA27AF944F5D705EAA64894 ] C:\Windows\System32\drivers\tunnel.sys14:11:37.0884 4428 C:\Windows\System32\drivers\tunnel.sys - ok14:11:37.0884 4428 [ 7024F087CFF1833A806193EF9D22CDA9 ] C:\Windows\System32\drivers\amdk8.sys14:11:37.0884 4428 C:\Windows\System32\drivers\amdk8.sys - ok14:11:37.0884 4428 [ F712C26D40BF3CD2C020BB518E8150B1 ] C:\Windows\System32\drivers\atikmpag.sys14:11:37.0884 4428 C:\Windows\System32\drivers\atikmpag.sys - ok14:11:37.0899 4428 [ CF95B85FF8D128385ABD411C8CA74DED ] C:\Windows\System32\ntdll.dll14:11:37.0899 4428 C:\Windows\System32\ntdll.dll - ok14:11:37.0899 4428 [ 1911A3356FA3F77CCC825CCBAC038C2A ] C:\Windows\System32\smss.exe14:11:37.0899 4428 C:\Windows\System32\smss.exe - ok14:11:37.0899 4428 [ 3B536A8BEC3B4F23FFDFD78B11A2AB93 ] C:\Windows\System32\autochk.exe14:11:37.0899 4428 C:\Windows\System32\autochk.exe - ok14:11:37.0915 4428 [ 522A8BD1414CC7517FAEC907F138DB9C ] C:\Windows\System32\drivers\atikmdag.sys14:11:37.0915 4428 C:\Windows\System32\drivers\atikmdag.sys - ok14:11:37.0915 4428 [ F5BEE30450E18E6B83A5012C100616FD ] C:\Windows\System32\drivers\dxgkrnl.sys14:11:37.0915 4428 C:\Windows\System32\drivers\dxgkrnl.sys - ok14:11:37.0915 4428 [ 9CD68BDDF322535C02ADC8331013D13D ] C:\Windows\System32\drivers\dxgmms1.sys14:11:37.0915 4428 C:\Windows\System32\drivers\dxgmms1.sys - ok14:11:37.0915 4428 [ 97BFED39B6B79EB12CDDBFEED51F56BB ] C:\Windows\System32\drivers\hdaudbus.sys14:11:37.0915 4428 C:\Windows\System32\drivers\hdaudbus.sys - ok14:11:37.0931 4428 [ B49DC435AE3695BAC5623DD94B05732D ] C:\Windows\System32\drivers\Rt64win7.sys14:11:37.0931 4428 C:\Windows\System32\drivers\Rt64win7.sys - ok14:11:37.0931 4428 [ 821E7E501226EE344FDB0F40EE46109D ] C:\Windows\System32\drivers\AnyDVD.sys14:11:37.0931 4428 C:\Windows\System32\drivers\AnyDVD.sys - ok14:11:37.0931 4428 [ E403AACF8C7BB11375122D2464560311 ] C:\Windows\System32\drivers\GEARAspiWDM.sys14:11:37.0931 4428 C:\Windows\System32\drivers\GEARAspiWDM.sys - ok14:11:37.0946 4428 [ AE259C75F9A0B057B6BF9E9695632B09 ] C:\Windows\System32\drivers\usbport.sys14:11:37.0946 4428 C:\Windows\System32\drivers\usbport.sys - ok14:11:37.0946 4428 [ 9840FC418B4CBD632D3D0A667A725C31 ] C:\Windows\System32\drivers\usbohci.sys14:11:37.0946 4428 C:\Windows\System32\drivers\usbohci.sys - ok14:11:37.0946 4428 [ 7ECFF9B22276B73F43A99A15A6094E90 ] C:\Windows\System32\drivers\agilevpn.sys14:11:37.0946 4428 C:\Windows\System32\drivers\agilevpn.sys - ok14:11:37.0962 4428 [ 19B006B181E3875FD254F7B67ACF1E7C ] C:\Windows\System32\drivers\ASACPI.sys14:11:37.0962 4428 C:\Windows\System32\drivers\ASACPI.sys - ok14:11:37.0962 4428 [ 03EDB043586CCEBA243D689BDDA370A8 ] C:\Windows\System32\drivers\CompositeBus.sys14:11:37.0962 4428 C:\Windows\System32\drivers\CompositeBus.sys - ok14:11:37.0962 4428 [ 0086431C29C35BE1DBC43F52CC273887 ] C:\Windows\System32\drivers\parport.sys14:11:37.0962 4428 C:\Windows\System32\drivers\parport.sys - ok14:11:37.0977 4428 [ CB624C0035412AF0DEBEC78C41F5CA1B ] C:\Windows\System32\drivers\serenum.sys14:11:37.0977 4428 C:\Windows\System32\drivers\serenum.sys - ok14:11:37.0977 4428 [ C025055FE7B87701EB042095DF1A2D7B ] C:\Windows\System32\drivers\usbehci.sys14:11:37.0977 4428 C:\Windows\System32\drivers\usbehci.sys - ok14:11:37.0977 4428 [ F6FF8944478594D0E414D3F048F0D778 ] C:\Windows\System32\drivers\wmiacpi.sys14:11:37.0977 4428 C:\Windows\System32\drivers\wmiacpi.sys - ok14:11:37.0993 4428 [ 30639C932D9FEF22B31268FE25A1B6E5 ] C:\Windows\System32\drivers\ndistapi.sys14:11:37.0993 4428 C:\Windows\System32\drivers\ndistapi.sys - ok14:11:37.0993 4428 [ 53F7305169863F0A2BDDC49E116C2E11 ] C:\Windows\System32\drivers\ndiswan.sys14:11:37.0993 4428 C:\Windows\System32\drivers\ndiswan.sys - ok14:11:37.0993 4428 [ 471815800AE33E6F1C32FB1B97C490CA ] C:\Windows\System32\drivers\rasl2tp.sys14:11:37.0993 4428 C:\Windows\System32\drivers\rasl2tp.sys - ok14:11:38.0009 4428 [ 855C9B1CD4756C5E9A2AA58A15F58C25 ] C:\Windows\System32\drivers\raspppoe.sys14:11:38.0009 4428 C:\Windows\System32\drivers\raspppoe.sys - ok14:11:38.0009 4428 [ BC02336F1CBA7DCC7D1213BB588A68A5 ] C:\Windows\System32\drivers\kbdclass.sys14:11:38.0009 4428 C:\Windows\System32\drivers\kbdclass.sys - ok14:11:38.0009 4428 [ 7D27EA49F3C1F687D357E77A470AEA99 ] C:\Windows\System32\drivers\mouclass.sys14:11:38.0009 4428 C:\Windows\System32\drivers\mouclass.sys - ok14:11:38.0024 4428 [ F92A2C41117A11A00BE01CA01A7FCDE9 ] C:\Windows\System32\drivers\raspptp.sys14:11:38.0024 4428 C:\Windows\System32\drivers\raspptp.sys - ok14:11:38.0024 4428 [ E8B1E447B008D07FF47D016C2B0EEECB ] C:\Windows\System32\drivers\rassstp.sys14:11:38.0024 4428 C:\Windows\System32\drivers\rassstp.sys - ok14:11:38.0024 4428 [ 302DA2A0539F2CF54D7C6CC30C1F2D8D ] C:\Windows\System32\drivers\rdpbus.sys14:11:38.0024 4428 C:\Windows\System32\drivers\rdpbus.sys - ok14:11:38.0024 4428 [ 24FBF5CC5C04150073C315A7C83521EE ] C:\Windows\System32\drivers\ks.sys14:11:38.0024 4428 C:\Windows\System32\drivers\ks.sys - ok14:11:38.0040 4428 [ D01EC09B6711A5F8E7E6564A4D0FBC90 ] C:\Windows\System32\drivers\swenum.sys14:11:38.0040 4428 C:\Windows\System32\drivers\swenum.sys - ok14:11:38.0040 4428 [ DC54A574663A895C8763AF0FA1FF7561 ] C:\Windows\System32\drivers\umbus.sys14:11:38.0040 4428 C:\Windows\System32\drivers\umbus.sys - ok14:11:38.0040 4428 [ 4E4FFB09D895AA000DD56D1404F69A7E ] C:\Windows\System32\Wldap32.dll14:11:38.0040 4428 C:\Windows\System32\Wldap32.dll - ok14:11:38.0055 4428 [ 044FE45FFD6AD40E3BBBE60B7F41BABE ] C:\Windows\System32\nsi.dll14:11:38.0055 4428 C:\Windows\System32\nsi.dll - ok14:11:38.0055 4428 [ 287C6C9410B111B68B52CA298F7B8C24 ] C:\Windows\System32\drivers\usbhub.sys14:11:38.0055 4428 C:\Windows\System32\drivers\usbhub.sys - ok14:11:38.0055 4428 [ 015C0D8E0E0421B4CFD48CFFE2825879 ] C:\Windows\System32\drivers\ndproxy.sys14:11:38.0055 4428 C:\Windows\System32\drivers\ndproxy.sys - ok14:11:38.0071 4428 [ 21D26064AEDB4988F785BB4A3A2C051E ] C:\Windows\System32\drivers\drmk.sys14:11:38.0071 4428 C:\Windows\System32\drivers\drmk.sys - ok14:11:38.0071 4428 [ E02B26650ACC2F4901342D4A66774AD7 ] C:\Windows\System32\drivers\AtihdW76.sys14:11:38.0071 4428 C:\Windows\System32\drivers\AtihdW76.sys - ok14:11:38.0071 4428 [ 6869281E78CB31A43E969F06B57347C4 ] C:\Windows\System32\drivers\ksthunk.sys14:11:38.0071 4428 C:\Windows\System32\drivers\ksthunk.sys - ok14:11:38.0087 4428 [ 32E11315B5126921FFD9074840EF13D3 ] C:\Windows\System32\drivers\portcls.sys14:11:38.0087 4428 C:\Windows\System32\drivers\portcls.sys - ok14:11:38.0087 4428 [ 975761C778E33CD22498059B91E7373A ] C:\Windows\System32\drivers\HdAudio.sys14:11:38.0087 4428 C:\Windows\System32\drivers\HdAudio.sys - ok14:11:38.0087 4428 [ 1084AA52CCC324EA54C7121FA24C2221 ] C:\Windows\System32\gdi32.dll14:11:38.0087 4428 C:\Windows\System32\gdi32.dll - ok14:11:38.0102 4428 [ FF4232A1A64012BAA1FD97C7B67DF593 ] C:\Windows\System32\drivers\udfs.sys14:11:38.0102 4428 C:\Windows\System32\drivers\udfs.sys - ok14:11:38.0102 4428 [ 5D8E6C95156ED1F79A63D1EADE6F9ED5 ] C:\Windows\System32\setupapi.dll14:11:38.0102 4428 C:\Windows\System32\setupapi.dll - ok14:11:38.0102 4428 [ 1DC3504CA4C57900F1557E9A3F01D272 ] C:\Windows\System32\kernel32.dll14:11:38.0102 4428 C:\Windows\System32\kernel32.dll - ok14:11:38.0102 4428 [ 6DF46D2BD74E3DA1B45F08F10D172732 ] C:\Windows\System32\advapi32.dll14:11:38.0102 4428 C:\Windows\System32\advapi32.dll - ok14:11:38.0118 4428 [ D87E1E59C73C1F98D5DED5B3850C40F5 ] C:\Windows\System32\psapi.dll14:11:38.0118 4428 C:\Windows\System32\psapi.dll - ok14:11:38.0118 4428 [ 28C0B5024F5C5A438E78B188CFC81B7F ] C:\Windows\System32\normaliz.dll14:11:38.0118 4428 C:\Windows\System32\normaliz.dll - ok14:11:38.0118 4428 [ C06B32165E23A72A898B7A89679AD754 ] C:\Windows\System32\oleaut32.dll14:11:38.0118 4428 C:\Windows\System32\oleaut32.dll - ok14:11:38.0133 4428 [ 0611473C1AD9E2D991CD9482068417F7 ] C:\Windows\System32\rpcrt4.dll14:11:38.0133 4428 C:\Windows\System32\rpcrt4.dll - ok14:11:38.0133 4428 [ 83404DCBCE4925B6A5A77C5170F46D86 ] C:\Windows\System32\sechost.dll14:11:38.0133 4428 C:\Windows\System32\sechost.dll - ok14:11:38.0133 4428 [ F7CE0C81C545364020ED8203CF0A633E ] C:\Windows\System32\difxapi.dll14:11:38.0133 4428 C:\Windows\System32\difxapi.dll - ok14:11:38.0149 4428 [ C41A504715F1BC09105D1FE8B46E9B2C ] C:\Windows\System32\iertutil.dll14:11:38.0149 4428 C:\Windows\System32\iertutil.dll - ok14:11:38.0149 4428 [ 7E04D13661FB771CA4FDBB836AD0BA49 ] C:\Windows\System32\wininet.dll14:11:38.0149 4428 C:\Windows\System32\wininet.dll - ok14:11:38.0149 4428 [ 2F8B1E3EE3545D3B5A8D56FA1AE07B65 ] C:\Windows\System32\usp10.dll14:11:38.0149 4428 C:\Windows\System32\usp10.dll - ok14:11:38.0165 4428 [ C6689007B3A749C49A5438DCF36E0CE4 ] C:\Windows\System32\shell32.dll14:11:38.0165 4428 C:\Windows\System32\shell32.dll - ok14:11:38.0165 4428 [ AA2C08CE85653B1A0D2E4AB407FA176C ] C:\Windows\System32\imm32.dll14:11:38.0165 4428 C:\Windows\System32\imm32.dll - ok14:11:38.0165 4428 [ D202223587518B13D72D68937B7E3F70 ] C:\Windows\System32\lpk.dll14:11:38.0165 4428 C:\Windows\System32\lpk.dll - ok14:11:38.0180 4428 [ C431EAF5CAA1C82CAC2534A2EAB348A3 ] C:\Windows\System32\msctf.dll14:11:38.0180 4428 C:\Windows\System32\msctf.dll - ok14:11:38.0180 4428 [ EAF32CB8C1F810E4715B4DFBE785C7FF ] C:\Windows\System32\shlwapi.dll14:11:38.0180 4428 C:\Windows\System32\shlwapi.dll - ok14:11:38.0180 4428 [ 74E96226CB92225E40AACC0E42D27AC0 ] C:\Windows\System32\urlmon.dll14:11:38.0180 4428 C:\Windows\System32\urlmon.dll - ok14:11:38.0180 4428 [ 25983DE69B57142039AC8D95E71CD9C9 ] C:\Windows\System32\clbcatq.dll14:11:38.0180 4428 C:\Windows\System32\clbcatq.dll - ok14:11:38.0196 4428 [ 9835E63E09F824D22B689D2BB789BAB9 ] C:\Windows\System32\comdlg32.dll14:11:38.0196 4428 C:\Windows\System32\comdlg32.dll - ok14:11:38.0196 4428 [ 6C60B5ACA7442EFB794082CDACFC001C ] C:\Windows\System32\ole32.dll14:11:38.0196 4428 C:\Windows\System32\ole32.dll - ok14:11:38.0196 4428 [ A1BE6A720D02E37F72E9CD89AE9CB3CF ] C:\Windows\System32\imagehlp.dll14:11:38.0196 4428 C:\Windows\System32\imagehlp.dll - ok14:11:38.0211 4428 [ FE70103391A64039A921DBFFF9C7AB1B ] C:\Windows\System32\user32.dll14:11:38.0211 4428 C:\Windows\System32\user32.dll - ok14:11:38.0211 4428 [ 4BBFA57F594F7E8A8EDC8F377184C3F0 ] C:\Windows\System32\ws2_32.dll14:11:38.0211 4428 C:\Windows\System32\ws2_32.dll - ok14:11:38.0211 4428 [ C391FC68282A000CDF953F8B6B55D2EF ] C:\Windows\System32\msvcrt.dll14:11:38.0211 4428 C:\Windows\System32\msvcrt.dll - ok14:11:38.0227 4428 [ 06FEC9E8117103BB1141A560E98077DA ] C:\Windows\System32\devobj.dll14:11:38.0227 4428 C:\Windows\System32\devobj.dll - ok14:11:38.0227 4428 [ 12EE6FE9268CEE6D90FDCCBF89236C65 ] C:\Windows\System32\crypt32.dll14:11:38.0227 4428 C:\Windows\System32\crypt32.dll - ok14:11:38.0227 4428 [ 2477A28081BDAEE622CF045ACF8EE124 ] C:\Windows\System32\cfgmgr32.dll14:11:38.0227 4428 C:\Windows\System32\cfgmgr32.dll - ok14:11:38.0243 4428 [ 14DFDEAF4E589ED3F1FF187A86B9408C ] C:\Windows\System32\comctl32.dll14:11:38.0243 4428 C:\Windows\System32\comctl32.dll - ok14:11:38.0243 4428 [ AA06902362B1422D7A7DA7061E07C624 ] C:\Windows\System32\wintrust.dll14:11:38.0243 4428 C:\Windows\System32\wintrust.dll - ok14:11:38.0243 4428 [ 6F2E324703E6D22B9934C33DA48F1F01 ] C:\Windows\System32\KernelBase.dll14:11:38.0243 4428 C:\Windows\System32\KernelBase.dll - ok14:11:38.0258 4428 [ 884415BD4269C02EAF8E2613BF85500D ] C:\Windows\System32\msasn1.dll14:11:38.0258 4428 C:\Windows\System32\msasn1.dll - ok14:11:38.0258 4428 [ CCA2AB1752A61F29C3C941CD79D78CEA ] C:\Windows\System32\drivers\usbd.sys14:11:38.0258 4428 C:\Windows\System32\drivers\usbd.sys - ok14:11:38.0258 4428 [ 6F1A3157A1C89435352CEB543CDB359C ] C:\Windows\System32\drivers\usbccgp.sys14:11:38.0258 4428 C:\Windows\System32\drivers\usbccgp.sys - ok14:11:38.0274 4428 [ 9C278785347BCC991F8EA2999D90F58D ] C:\Windows\SysWOW64\normaliz.dll14:11:38.0274 4428 C:\Windows\SysWOW64\normaliz.dll - ok14:11:38.0274 4428 [ 8B0E40E7E8BBF5ACF390465609D89FF1 ] C:\Windows\System32\drivers\hidclass.sys14:11:38.0274 4428 C:\Windows\System32\drivers\hidclass.sys - ok14:11:38.0274 4428 [ 49EE2E52E6CD03947DAD72F65367BE06 ] C:\Windows\System32\drivers\hidparse.sys14:11:38.0274 4428 C:\Windows\System32\drivers\hidparse.sys - ok14:11:38.0289 4428 [ 9592090A7E2B61CD582B612B6DF70536 ] C:\Windows\System32\drivers\hidusb.sys14:11:38.0289 4428 C:\Windows\System32\drivers\hidusb.sys - ok14:11:38.0289 4428 [ 0705EFF5B42A9DB58548EEC3B26BB484 ] C:\Windows\System32\drivers\kbdhid.sys14:11:38.0289 4428 C:\Windows\System32\drivers\kbdhid.sys - ok14:11:38.0289 4428 [ BF24D6F2ED97FE830BFD52B246F98E67 ] C:\Windows\System32\drivers\dxapi.sys14:11:38.0289 4428 C:\Windows\System32\drivers\dxapi.sys - ok14:11:38.0289 4428 [ C58923115CDE6071C3BF2FF063546E9F ] C:\Windows\System32\win32k.sys14:11:38.0289 4428 C:\Windows\System32\win32k.sys - ok14:11:38.0305 4428 [ D3BF052C40B0C4166D9FD86A4288C1E6 ] C:\Windows\System32\drivers\mouhid.sys14:11:38.0305 4428 C:\Windows\System32\drivers\mouhid.sys - ok14:11:38.0305 4428 [ BA0CD8C393E8C9F83354106093832C7B ] C:\Windows\System32\basesrv.dll14:11:38.0305 4428 C:\Windows\System32\basesrv.dll - ok14:11:38.0305 4428 [ 96F587CA26A6AA894BD8CACE4540CFFC ] C:\Windows\System32\csrsrv.dll14:11:38.0305 4428 C:\Windows\System32\csrsrv.dll - ok14:11:38.0321 4428 [ 60C2862B4BF0FD9F582EF344C2B1EC72 ] C:\Windows\System32\csrss.exe14:11:38.0321 4428 C:\Windows\System32\csrss.exe - ok14:11:38.0321 4428 [ FED648B01349A3C8395A5169DB5FB7D6 ] C:\Windows\System32\drivers\USBSTOR.SYS14:11:38.0321 4428 C:\Windows\System32\drivers\USBSTOR.SYS - ok14:11:38.0321 4428 [ 72CC564BBC70DE268784BCE91EB8A28F ] C:\Windows\System32\winsrv.dll14:11:38.0321 4428 C:\Windows\System32\winsrv.dll - ok14:11:38.0336 4428 [ B03D591DC7DA45ECE20B3B467E6AADAA ] C:\Windows\System32\drivers\monitor.sys14:11:38.0336 4428 C:\Windows\System32\drivers\monitor.sys - ok14:11:38.0336 4428 [ D6160F9D869BA3AF0B787F971DB56368 ] C:\Windows\System32\sxssrv.dll14:11:38.0336 4428 C:\Windows\System32\sxssrv.dll - ok14:11:38.0336 4428 [ F29FE765E1448EF371CFE05BFAC74ADB ] C:\Windows\System32\tsddd.dll14:11:38.0336 4428 C:\Windows\System32\tsddd.dll - ok14:11:38.0352 4428 [ 2C942733A5983DD4502219FF37C7EBC7 ] C:\Windows\System32\profapi.dll14:11:38.0352 4428 C:\Windows\System32\profapi.dll - ok14:11:38.0352 4428 [ 94355C28C1970635A31B3FE52EB7CEBA ] C:\Windows\System32\wininit.exe14:11:38.0352 4428 C:\Windows\System32\wininit.exe - ok14:11:38.0352 4428 [ C2A8CB1275ECB85D246A9ECC02A728E3 ] C:\Windows\System32\RpcRtRemote.dll14:11:38.0352 4428 C:\Windows\System32\RpcRtRemote.dll - ok14:11:38.0367 4428 [ 78523A26F5604C0568FE9D1CE86E36F4 ] C:\Windows\System32\KBDUS.DLL14:11:38.0367 4428 C:\Windows\System32\KBDUS.DLL - ok14:11:38.0367 4428 [ 05569A79BF4693670B709144382D02D4 ] C:\Windows\System32\cdd.dll14:11:38.0367 4428 C:\Windows\System32\cdd.dll - ok14:11:38.0367 4428 [ B26B1801356760841C3BC69F9F91537F ] C:\Windows\System32\WlS0WndH.dll14:11:38.0367 4428 C:\Windows\System32\WlS0WndH.dll - ok14:11:38.0383 4428 [ 9CEAD32E79A62150FE9F8557E58E008B ] C:\Windows\System32\sxs.dll14:11:38.0383 4428 C:\Windows\System32\sxs.dll - ok14:11:38.0383 4428 [ 784FA3DF338E2E8F5F0389D6FAC428AF ] C:\Windows\System32\cryptbase.dll14:11:38.0383 4428 C:\Windows\System32\cryptbase.dll - ok14:11:38.0383 4428 [ 90499F3163A9F815CF196A205EA3CD5D ] C:\Windows\System32\apphelp.dll14:11:38.0383 4428 C:\Windows\System32\apphelp.dll - ok14:11:38.0383 4428 [ 9662EE182644511439F1C53745DC1C88 ] C:\Windows\System32\lsm.exe14:11:38.0383 4428 C:\Windows\System32\lsm.exe - ok14:11:38.0399 4428 [ E914A50A151DFFE63D3935226DB5E2C1 ] C:\Windows\System32\scext.dll14:11:38.0399 4428 C:\Windows\System32\scext.dll - ok14:11:38.0399 4428 [ 24ACB7E5BE595468E3B9AA488B9B4FCB ] C:\Windows\System32\services.exe14:11:38.0399 4428 C:\Windows\System32\services.exe - ok14:11:38.0399 4428 [ B66BC8B20B7F33975865B1DF99783FD8 ] C:\Windows\System32\sspicli.dll14:11:38.0399 4428 C:\Windows\System32\sspicli.dll - ok14:11:38.0414 4428 [ 66A6063D0BAAD3F7B2B9868859E0743B ] C:\Windows\System32\lsasrv.dll14:11:38.0414 4428 C:\Windows\System32\lsasrv.dll - ok14:11:38.0414 4428 [ C118A82CD78818C29AB228366EBF81C3 ] C:\Windows\System32\lsass.exe14:11:38.0414 4428 C:\Windows\System32\lsass.exe - ok14:11:38.0414 4428 [ BBCDF350817BA86416C0F06B6981BE8D ] C:\Windows\System32\scesrv.dll14:11:38.0414 4428 C:\Windows\System32\scesrv.dll - ok14:11:38.0430 4428 [ 0144D8D75A0B12938AEEE859E3310A46 ] C:\Windows\System32\secur32.dll14:11:38.0430 4428 C:\Windows\System32\secur32.dll - ok14:11:38.0430 4428 [ 3A0CE5FE781708CD6ABD55313607EC8B ] C:\Windows\System32\sspisrv.dll14:11:38.0430 4428 C:\Windows\System32\sspisrv.dll - ok14:11:38.0430 4428 [ 68083118797CAF30FB2EA3E71494D67E ] C:\Windows\System32\sysntfy.dll14:11:38.0430 4428 C:\Windows\System32\sysntfy.dll - ok14:11:38.0445 4428 [ DEE7267C5D232A3B816866872CE199E6 ] C:\Windows\System32\wmsgapi.dll14:11:38.0445 4428 C:\Windows\System32\wmsgapi.dll - ok14:11:38.0445 4428 [ A744BA6E04C8AA4592818178DBF89521 ] C:\Windows\System32\samsrv.dll14:11:38.0445 4428 C:\Windows\System32\samsrv.dll - ok14:11:38.0445 4428 [ 3A9C9BAF610B0DD4967086040B3B62A9 ] C:\Windows\System32\srvcli.dll14:11:38.0445 4428 C:\Windows\System32\srvcli.dll - ok14:11:38.0445 4428 [ 2D066FBE63F7026C43C662C094B98076 ] C:\Windows\System32\bridgeres.dll14:11:38.0445 4428 C:\Windows\System32\bridgeres.dll - ok14:11:38.0461 4428 [ 3A061472B38233BAFF9CFEFF2E49C46B ] C:\Windows\System32\cryptdll.dll14:11:38.0461 4428 C:\Windows\System32\cryptdll.dll - ok14:11:38.0461 4428 [ 3C073B0C596A0AF84933E7406766B040 ] C:\Windows\System32\wevtapi.dll14:11:38.0461 4428 C:\Windows\System32\wevtapi.dll - ok14:11:38.0461 4428 [ 7FBEBD2229EA5FD48D41B199EC2D541C ] C:\Windows\System32\authz.dll14:11:38.0461 4428 C:\Windows\System32\authz.dll - ok14:11:38.0477 4428 [ 86FE1B1F8FD42CD0DB641AB1CDB13093 ] C:\Windows\System32\cngaudit.dll14:11:38.0477 4428 C:\Windows\System32\cngaudit.dll - ok14:11:38.0477 4428 [ 400645085A91BF3EB0271329B95AE0BE ] C:\Windows\System32\ncrypt.dll14:11:38.0477 4428 C:\Windows\System32\ncrypt.dll - ok14:11:38.0477 4428 [ B9A95365E52F421A20E1501935FADDA5 ] C:\Windows\System32\bcrypt.dll14:11:38.0477 4428 C:\Windows\System32\bcrypt.dll - ok14:11:38.0492 4428 [ 02B64609F865A39365FF88580DF11738 ] C:\Windows\System32\msprivs.dll14:11:38.0492 4428 C:\Windows\System32\msprivs.dll - ok14:11:38.0492 4428 [ 1151B1BAA6F350B1DB6598E0FEA7C457 ] C:\Windows\System32\winlogon.exe14:11:38.0492 4428 C:\Windows\System32\winlogon.exe - ok14:11:38.0492 4428 [ C6505DE3561537BA1004D638C2F93F2F ] C:\Windows\System32\netjoin.dll14:11:38.0492 4428 C:\Windows\System32\netjoin.dll - ok14:11:38.0492 4428 [ 0D9764D58C5EFD672B7184854B152E5E ] C:\Windows\System32\winsta.dll14:11:38.0492 4428 C:\Windows\System32\winsta.dll - ok14:11:38.0508 4428 [ 44E1A196DFCB53B01FE4B855C3B56A15 ] C:\Windows\System32\kerberos.dll14:11:38.0508 4428 C:\Windows\System32\kerberos.dll - ok14:11:38.0508 4428 [ 50532FCD7ECF02DD169CE5C485F02534 ] C:\Windows\System32\negoexts.dll14:11:38.0508 4428 C:\Windows\System32\negoexts.dll - ok14:11:38.0508 4428 [ D0C2FBB6D97416B0166478FC7AE2B212 ] C:\Windows\System32\cryptsp.dll14:11:38.0508 4428 C:\Windows\System32\cryptsp.dll - ok14:11:38.0523 4428 [ 1D5185A4C7E6695431AE4B55C3D7D333 ] C:\Windows\System32\mswsock.dll14:11:38.0523 4428 C:\Windows\System32\mswsock.dll - ok14:11:38.0523 4428 [ 94E026870A55AAEAFF7853C1754091E9 ] C:\Windows\System32\version.dll14:11:38.0523 4428 C:\Windows\System32\version.dll - ok14:11:38.0523 4428 [ EC7CBFF96B05ECF3D366355B3C64ADCF ] C:\Windows\System32\wship6.dll14:11:38.0523 4428 C:\Windows\System32\wship6.dll - ok14:11:38.0539 4428 [ EF12B8385AA2849999008A977918F96B ] C:\Windows\System32\msv1_0.dll14:11:38.0539 4428 C:\Windows\System32\msv1_0.dll - ok14:11:38.0539 4428 [ AA339DD8BB128EF66660DFBBB59043D3 ] C:\Windows\System32\netlogon.dll14:11:38.0539 4428 C:\Windows\System32\netlogon.dll - ok14:11:38.0539 4428 [ 492D07D79E7024CA310867B526D9636D ] C:\Windows\System32\dnsapi.dll14:11:38.0539 4428 C:\Windows\System32\dnsapi.dll - ok14:11:38.0555 4428 [ 8FFE297B8449386E7B6851458B6E474E ] C:\Windows\System32\logoncli.dll14:11:38.0555 4428 C:\Windows\System32\logoncli.dll - ok14:11:38.0555 4428 [ 1573C45E65DE32B1BC3572634F8F1E8E ] C:\Windows\System32\schannel.dll14:11:38.0555 4428 C:\Windows\System32\schannel.dll - ok14:11:38.0555 4428 [ 95FB6CA4374E343DDD653FCC43F9D26B ] C:\Windows\System32\wdigest.dll14:11:38.0555 4428 C:\Windows\System32\wdigest.dll - ok14:11:38.0570 4428 [ 5D8874A8C11DDDDE29E12DE0E2013493 ] C:\Windows\System32\rsaenh.dll14:11:38.0570 4428 C:\Windows\System32\rsaenh.dll - ok14:11:38.0570 4428 [ 8A25506B6948EFBD5A7F37E53CCD36D9 ] C:\Windows\System32\TSpkg.dll14:11:38.0570 4428 C:\Windows\System32\TSpkg.dll - ok14:11:38.0570 4428 [ E08088A97F95345E181C3DFCE2C615EF ] C:\Windows\System32\pku2u.dll14:11:38.0570 4428 C:\Windows\System32\pku2u.dll - ok14:11:38.0586 4428 [ 55C892560C1B42BC57FB61AEFCED2F22 ] C:\Windows\System32\LIVESSP.DLL14:11:38.0586 4428 C:\Windows\System32\LIVESSP.DLL - ok14:11:38.0586 4428 [ D6C7780A364C6BBACFA796BAB9F1B374 ] C:\Windows\System32\bcryptprimitives.dll14:11:38.0586 4428 C:\Windows\System32\bcryptprimitives.dll - ok14:11:38.0586 4428 [ 90BDEFC5DF334E5100EAA781D798DE1A ] C:\Windows\System32\efslsaext.dll14:11:38.0586 4428 C:\Windows\System32\efslsaext.dll - ok14:11:38.0586 4428 [ 52D3D5E3586988D4D9E34ACAAC33105C ] C:\Windows\System32\credssp.dll14:11:38.0586 4428 C:\Windows\System32\credssp.dll - ok14:11:38.0601 4428 [ ED78427259134C63ED69804D2132B86C ] C:\Windows\System32\scecli.dll14:11:38.0601 4428 C:\Windows\System32\scecli.dll - ok14:11:38.0601 4428 [ 7CC7DF5B654DA579613F811D8C637E29 ] C:\Windows\System32\ubpm.dll14:11:38.0601 4428 C:\Windows\System32\ubpm.dll - ok14:11:38.0601 4428 [ C78655BC80301D76ED4FEF1C1EA40A7D ] C:\Windows\System32\svchost.exe14:11:38.0601 4428 C:\Windows\System32\svchost.exe - ok14:11:38.0617 4428 [ E6EB44ABAAF1F330119F854856C53EBE ] C:\Windows\System32\SPInf.dll14:11:38.0617 4428 C:\Windows\System32\SPInf.dll - ok14:11:38.0617 4428 [ 25FBDEF06C4D92815B353F6E792C8129 ] C:\Windows\System32\umpnpmgr.dll14:11:38.0617 4428 C:\Windows\System32\umpnpmgr.dll - ok14:11:38.0617 4428 [ CD1B5AD07E5F7FEF30E055DCC9E96180 ] C:\Windows\System32\devrtl.dll14:11:38.0617 4428 C:\Windows\System32\devrtl.dll - ok14:11:38.0633 4428 [ 9C9307C95671AC962F3D6EB3A4A89BAE ] C:\Windows\System32\gpapi.dll14:11:38.0633 4428 C:\Windows\System32\gpapi.dll - ok14:11:38.0633 4428 [ 7A17485DC7D8A7AC81321A42CD034519 ] C:\Windows\System32\userenv.dll14:11:38.0633 4428 C:\Windows\System32\userenv.dll - ok14:11:38.0633 4428 [ F6C011B46FAEEF33536B2E80F48B5CBE ] C:\Windows\System32\pcwum.dll14:11:38.0633 4428 C:\Windows\System32\pcwum.dll - ok14:11:38.0648 4428 [ 6BA9D927DDED70BD1A9CADED45F8B184 ] C:\Windows\System32\umpo.dll14:11:38.0648 4428 C:\Windows\System32\umpo.dll - ok14:11:38.0648 4428 [ 716175021BDA290504CE434273F666BC ] C:\Windows\System32\powrprof.dll14:11:38.0648 4428 C:\Windows\System32\powrprof.dll - ok14:11:38.0648 4428 [ 43D0F98E1D56CCDDB0D5254CFF7B356E ] C:\Windows\System32\drivers\luafv.sys14:11:38.0648 4428 C:\Windows\System32\drivers\luafv.sys - ok14:11:38.0664 4428 [ B50CDD87772D6A11CB90924AAD399DF8 ] C:\Windows\System32\drivers\aswMonFlt.sys14:11:38.0664 4428 C:\Windows\System32\drivers\aswMonFlt.sys - ok14:11:38.0664 4428 [ 56139566E462C1FB1775E140D4EE6B22 ] C:\Program Files (x86)\COMODO\COMODO livePCsupport\CLPSLS.exe14:11:38.0664 4428 C:\Program Files (x86)\COMODO\COMODO livePCsupport\CLPSLS.exe - ok14:11:38.0664 4428 [ E73B0F1819602CB6EF176FB78D76A47B ] C:\Windows\SysWOW64\ntdll.dll14:11:38.0664 4428 C:\Windows\SysWOW64\ntdll.dll - ok14:11:38.0679 4428 [ 15B30F15BD13640B337A0FC37BD48CDE ] C:\Windows\System32\wow64.dll14:11:38.0679 4428 C:\Windows\System32\wow64.dll - ok14:11:38.0679 4428 [ 2970785A72054740E1A5DCEB32485486 ] C:\Windows\System32\wow64win.dll14:11:38.0679 4428 C:\Windows\System32\wow64win.dll - ok14:11:38.0679 4428 [ 98168B9B0656A01A321FF1BECB2C03E1 ] C:\Windows\System32\wow64cpu.dll14:11:38.0679 4428 C:\Windows\System32\wow64cpu.dll - ok14:11:38.0695 4428 [ D4F3176082566CEFA633B4945802D4C4 ] C:\Windows\SysWOW64\kernel32.dll14:11:38.0695 4428 C:\Windows\SysWOW64\kernel32.dll - ok14:11:38.0695 4428 [ 95E2376B3323F062EB562B8586D0F14A ] C:\Windows\SysWOW64\advapi32.dll14:11:38.0695 4428 C:\Windows\SysWOW64\advapi32.dll - ok14:11:38.0695 4428 [ 0978C2B33BDD0A7E6C563AA337DC8BA0 ] C:\Windows\SysWOW64\KernelBase.dll14:11:38.0695 4428 C:\Windows\SysWOW64\KernelBase.dll - ok14:11:38.0711 4428 [ 9DC80A8AAAAAC397BDAB3C67165A824E ] C:\Windows\SysWOW64\msvcrt.dll14:11:38.0711 4428 C:\Windows\SysWOW64\msvcrt.dll - ok14:11:38.0711 4428 [ C5AD8083CF94201F1F8084ECC696A8B7 ] C:\Windows\SysWOW64\rpcrt4.dll14:11:38.0711 4428 C:\Windows\SysWOW64\rpcrt4.dll - ok14:11:38.0711 4428 [ CFC97F07904067A1E5FAE195D534DA3A ] C:\Windows\SysWOW64\sechost.dll14:11:38.0711 4428 C:\Windows\SysWOW64\sechost.dll - ok14:11:38.0711 4428 [ 4FCAEF0C5BE7629AEB878998E0FE959B ] C:\Windows\System32\drivers\aswFsBlk.sys14:11:38.0711 4428 C:\Windows\System32\drivers\aswFsBlk.sys - ok14:11:38.0726 4428 [ F08F6FCD09F9BE94C37ACC1B344685FF ] C:\Windows\SysWOW64\cryptbase.dll14:11:38.0726 4428 C:\Windows\SysWOW64\cryptbase.dll - ok14:11:38.0726 4428 [ C733D233B623B7FFCE5031E4B756EE26 ] C:\Windows\SysWOW64\profapi.dll14:11:38.0726 4428 C:\Windows\SysWOW64\profapi.dll - ok14:11:38.0726 4428 [ EDA7AD21DF8945528F01F0A86D69E524 ] C:\Windows\SysWOW64\sspicli.dll14:11:38.0726 4428 C:\Windows\SysWOW64\sspicli.dll - ok14:11:38.0742 4428 [ D15618A0FF8DBC2C5BF3726BACC75A0B ] C:\Windows\SysWOW64\userenv.dll14:11:38.0742 4428 C:\Windows\SysWOW64\userenv.dll - ok14:11:38.0742 4428 [ 6A6B2EE4565A178035BE2A4FF6F2C968 ] C:\Windows\SysWOW64\wtsapi32.dll14:11:38.0742 4428 C:\Windows\SysWOW64\wtsapi32.dll - ok14:11:38.0742 4428 [ 5C627D1B1138676C0A7AB2C2C190D123 ] C:\Windows\System32\rpcss.dll14:11:38.0742 4428 C:\Windows\System32\rpcss.dll - ok14:11:38.0757 4428 [ E4DC58CF7B3EA515AE917FF0D402A7BB ] C:\Windows\System32\RpcEpMap.dll14:11:38.0757 4428 C:\Windows\System32\RpcEpMap.dll - ok14:11:38.0757 4428 [ 31559F3244C6BC00A52030CAA83B6B91 ] C:\Windows\System32\WSHTCPIP.DLL14:11:38.0757 4428 C:\Windows\System32\WSHTCPIP.DLL - ok14:11:38.0757 4428 [ 16E964ABF6D1E0F0CC7822FCA9BA754D ] C:\Windows\System32\wshqos.dll14:11:38.0757 4428 C:\Windows\System32\wshqos.dll - ok14:11:38.0773 4428 [ 65FB5097D9EE7E3A99E932CFA0E4B344 ] C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe14:11:38.0773 4428 C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe - ok14:11:38.0773 4428 [ 9AD9E06F8656F296D91FAE8EE5B95A27 ] C:\Windows\System32\FirewallAPI.dll14:11:38.0773 4428 C:\Windows\System32\FirewallAPI.dll - ok14:11:38.0773 4428 [ 715F03B4C7223349768013EA95D9E5B7 ] C:\Windows\System32\LogonUI.exe14:11:38.0773 4428 C:\Windows\System32\LogonUI.exe - ok14:11:38.0789 4428 [ 1F4492FE41767CDB8B89D17655847CDD ] C:\Windows\System32\ntmarta.dll14:11:38.0789 4428 C:\Windows\System32\ntmarta.dll - ok14:11:38.0789 4428 [ 0BEE002C68E28CE6DA161DCF1376D7D7 ] C:\Windows\System32\authui.dll14:11:38.0789 4428 C:\Windows\System32\authui.dll - ok14:11:38.0789 4428 [ A7A8CA53D9C9FD90C07AB0EB38E5316B ] C:\Windows\System32\dbghelp.dll14:11:38.0789 4428 C:\Windows\System32\dbghelp.dll - ok14:11:38.0804 4428 [ F3D202F53A222D5F6944D459B73CF967 ] C:\Windows\System32\fltLib.dll14:11:38.0804 4428 C:\Windows\System32\fltLib.dll - ok14:11:38.0804 4428 [ BD3674BE7FC9D8D3732C83E8499576ED ] C:\Windows\System32\wtsapi32.dll14:11:38.0804 4428 C:\Windows\System32\wtsapi32.dll - ok14:11:38.0804 4428 [ 5EB6E9C8BE1ACC5830780E0F9A846255 ] C:\Windows\System32\msi.dll14:11:38.0804 4428 C:\Windows\System32\msi.dll - ok14:11:38.0820 4428 [ EF2AE43BCD46ABB13FC3E5B2B1935C73 ] C:\Windows\System32\winmm.dll14:11:38.0820 4428 C:\Windows\System32\winmm.dll - ok14:11:38.0820 4428 [ EEEA40F0EDB0A6E5359E539E15D0BC77 ] C:\Windows\System32\netapi32.dll14:11:38.0820 4428 C:\Windows\System32\netapi32.dll - ok14:11:38.0820 4428 [ 6CECA4C6A489C9B2E6073AFDAAE3F607 ] C:\Windows\System32\netutils.dll14:11:38.0820 4428 C:\Windows\System32\netutils.dll - ok14:11:38.0835 4428 [ 3C91392D448F6E5D525A85B7550D8BA9 ] C:\Windows\System32\wkscli.dll14:11:38.0835 4428 C:\Windows\System32\wkscli.dll - ok14:11:38.0835 4428 [ 6CEF7856A3EFAC59470F6208F0F585CE ] C:\Windows\System32\mpr.dll14:11:38.0835 4428 C:\Windows\System32\mpr.dll - ok14:11:38.0835 4428 [ CF636C92B762B26F0B39B38E92380A09 ] C:\Windows\System32\oleacc.dll14:11:38.0835 4428 C:\Windows\System32\oleacc.dll - ok14:11:38.0851 4428 [ 0015ACFBBDD164A8A730009908868CA7 ] C:\Windows\System32\winspool.drv14:11:38.0851 4428 C:\Windows\System32\winspool.drv - ok14:11:38.0851 4428 [ 14DFDEAF4E589ED3F1FF187A86B9408C ] C:\Windows\winsxs\amd64_microsoft.windows.common-controls_6595b64144ccf1df_5.82.7601.17514_none_a4d6a923711520a9\comctl32.dll14:11:38.0851 4428 C:\Windows\winsxs\amd64_microsoft.windows.common-controls_6595b64144ccf1df_5.82.7601.17514_none_a4d6a923711520a9\comctl32.dll - ok14:11:38.0851 4428 [ 019CD868461B646E09BDF04474C19341 ] C:\Windows\System32\rasapi32.dll14:11:38.0851 4428 C:\Windows\System32\rasapi32.dll - ok14:11:38.0867 4428 [ B28DEEC597C8DEB70C744C7CF9210E3E ] C:\Windows\System32\rasman.dll14:11:38.0867 4428 C:\Windows\System32\rasman.dll - ok14:11:38.0867 4428 [ 9DB705936111BB34B11BB3EEB345AAF6 ] C:\Program Files\COMODO\COMODO Internet Security\framework.dll14:11:38.0867 4428 C:\Program Files\COMODO\COMODO Internet Security\framework.dll - ok14:11:38.0867 4428 [ DEAFA4336865C8667B8DAC16D62DBEDC ] C:\Program Files\COMODO\COMODO Internet Security\scanners\rkdscan.dll14:11:38.0867 4428 C:\Program Files\COMODO\COMODO Internet Security\scanners\rkdscan.dll - ok14:11:38.0882 4428 [ 9C01375BE382E834CC26D1B7EAF2C4FE ] C:\Windows\System32\cryptsvc.dll14:11:38.0882 4428 C:\Windows\System32\cryptsvc.dll - ok14:11:38.0882 4428 [ 666A60F6F5E719856FF6254E0966EFF7 ] C:\Windows\System32\wbem\wbemprox.dll14:11:38.0882 4428 C:\Windows\System32\wbem\wbemprox.dll - ok14:11:38.0882 4428 [ 8792BAB371B4B1589E015B6FD1ED3B15 ] C:\Windows\System32\cryptnet.dll14:11:38.0882 4428 C:\Windows\System32\cryptnet.dll - ok14:11:38.0898 4428 [ 54716D9BB43733578A5647E9B121141F ] C:\Windows\System32\atiesrxx.exe14:11:38.0898 4428 C:\Windows\System32\atiesrxx.exe - ok14:11:38.0898 4428 [ 7DB5AA22A8A8E5C2D335F44853C1F6DE ] C:\Windows\System32\wbemcomn.dll14:11:38.0898 4428 C:\Windows\System32\wbemcomn.dll - ok14:11:38.0898 4428 [ 6011714C8C5C55CBFFAD24D61E879FBD ] C:\Windows\System32\wevtsvc.dll14:11:38.0898 4428 C:\Windows\System32\wevtsvc.dll - ok14:11:38.0913 4428 [ F23FEF6D569FCE88671949894A8BECF1 ] C:\Windows\System32\audiosrv.dll14:11:38.0913 4428 C:\Windows\System32\audiosrv.dll - ok14:11:38.0913 4428 [ 227E2C382A1E02F8D4965E664D3BBE43 ] C:\Windows\System32\MMDevAPI.dll14:11:38.0913 4428 C:\Windows\System32\MMDevAPI.dll - ok14:11:38.0913 4428 [ F06BB4E336EA57511FDBAFAFCC47DE62 ] C:\Windows\System32\propsys.dll14:11:38.0913 4428 C:\Windows\System32\propsys.dll - ok14:11:38.0929 4428 [ 78A1E65207484B7F8D3217507745F47C ] C:\Windows\System32\avrt.dll14:11:38.0929 4428 C:\Windows\System32\avrt.dll - ok14:11:38.0929 4428 [ E40E80D0304A73E8D269F7141D77250B ] C:\Windows\System32\mmcss.dll14:11:38.0929 4428 C:\Windows\System32\mmcss.dll - ok14:11:38.0929 4428 [ B3BFBD758506ECB50C5804AAA76318F9 ] C:\Windows\System32\cryptui.dll14:11:38.0929 4428 C:\Windows\System32\cryptui.dll - ok14:11:38.0929 4428 [ D5CCA1453B98A5801E6D5FF0FF89DC6C ] C:\Windows\System32\audiodg.exe14:11:38.0929 4428 C:\Windows\System32\audiodg.exe - ok14:11:38.0945 4428 [ 3AB183AB4D2C79DCF459CD2C1266B043 ] C:\Windows\System32\cscsvc.dll14:11:38.0945 4428 C:\Windows\System32\cscsvc.dll - ok14:11:38.0945 4428 [ 29910D50542B1AA0F162EF3339C61B6D ] C:\Windows\System32\PeerDist.dll14:11:38.0945 4428 C:\Windows\System32\PeerDist.dll - ok14:11:38.0945 4428 [ 277BBC7E1AA1EE957F573A10ECA7EF3A ] C:\Windows\System32\gpsvc.dll14:11:38.0945 4428 C:\Windows\System32\gpsvc.dll - ok14:11:38.0960 4428 [ 46BB91A169B9B31FF44EB04C48EC1D41 ] C:\Windows\System32\nlaapi.dll14:11:38.0960 4428 C:\Windows\System32\nlaapi.dll - ok14:11:38.0960 4428 [ BAAFAF9CEAEC0B73C2A3550A01F6CECB ] C:\Windows\System32\taskschd.dll14:11:38.0960 4428 C:\Windows\System32\taskschd.dll - ok14:11:38.0960 4428 [ 862596399AAFD2A21DB2AF9270CD4F70 ] C:\Windows\System32\mstask.dll14:11:38.0960 4428 C:\Windows\System32\mstask.dll - ok14:11:38.0976 4428 [ 58775492FFD419248B08325E583C527F ] C:\Windows\System32\atl.dll14:11:38.0976 4428 C:\Windows\System32\atl.dll - ok14:11:38.0976 4428 [ 53E83F1F6CF9D62F32801CF66D8352A8 ] C:\Windows\System32\profsvc.dll14:11:38.0976 4428 C:\Windows\System32\profsvc.dll - ok14:11:38.0976 4428 [ F0344071948D1A1FA732231785A0664C ] C:\Windows\System32\themeservice.dll14:11:38.0976 4428 C:\Windows\System32\themeservice.dll - ok14:11:38.0991 4428 [ A77BE7CB3222B4FB0AC6C71D1C2698D4 ] C:\Windows\System32\dsrole.dll14:11:38.0991 4428 C:\Windows\System32\dsrole.dll - ok14:11:38.0991 4428 [ BE097F5BB10F9079FCEB2DC4E7E20F02 ] C:\Windows\System32\slc.dll14:11:38.0991 4428 C:\Windows\System32\slc.dll - ok14:11:38.0991 4428 [ 4166F82BE4D24938977DD1746BE9B8A0 ] C:\Windows\System32\es.dll14:11:38.0991 4428 C:\Windows\System32\es.dll - ok14:11:39.0007 4428 [ 588CD0C78A7FAAE4186B5EEA0AF3ED67 ] C:\Windows\System32\adtschema.dll14:11:39.0007 4428 C:\Windows\System32\adtschema.dll - ok14:11:39.0007 4428 [ 1A47D52E303B7543E4E6026595B95422 ] C:\Windows\System32\comres.dll14:11:39.0007 4428 C:\Windows\System32\comres.dll - ok14:11:39.0007 4428 [ 4FADA86E62F18A1B2F42BA18AE24E6AA ] C:\Windows\System32\wlansvc.dll14:11:39.0007 4428 C:\Windows\System32\wlansvc.dll - ok14:11:39.0023 4428 [ FE05D03B73000CFF476E1D29109F3A84 ] C:\Program Files\Windows Defender\MpEvMsg.dll14:11:39.0023 4428 C:\Program Files\Windows Defender\MpEvMsg.dll - ok14:11:39.0023 4428 [ DA6B67270FD9DB3697B20FCE94950741 ] C:\Windows\System32\drivers\fltMgr.sys14:11:39.0023 4428 C:\Windows\System32\drivers\fltMgr.sys - ok14:11:39.0023 4428 [ A3DB3C17EE6CAE65D53602B4E80BCCBC ] C:\Windows\System32\PSHED.DLL14:11:39.0023 4428 C:\Windows\System32\PSHED.DLL - ok14:11:39.0038 4428 [ C32AB8FA018EF34C0F113BD501436D21 ] C:\Windows\System32\Sens.dll14:11:39.0038 4428 C:\Windows\System32\Sens.dll - ok14:11:39.0038 4428 [ 0E2F58F6E698EDCB9E58FAD0CBCD0567 ] C:\Windows\System32\vssapi.dll14:11:39.0038 4428 C:\Windows\System32\vssapi.dll - ok14:11:39.0038 4428 [ FC51229C7D4AFA0D6F186133728B95AB ] C:\Windows\System32\samcli.dll14:11:39.0038 4428 C:\Windows\System32\samcli.dll - ok14:11:39.0038 4428 [ 5B3EBFC3DA142324B388DDCC4465E1FF ] C:\Windows\System32\samlib.dll14:11:39.0038 4428 C:\Windows\System32\samlib.dll - ok14:11:39.0054 4428 [ 287923557447D7E4BDD7E65B1F0F5428 ] C:\Windows\System32\vsstrace.dll14:11:39.0054 4428 C:\Windows\System32\vsstrace.dll - ok14:11:39.0054 4428 [ 7FA8FDC2C2A27817FD0F624E78D3B50C ] C:\Windows\winsxs\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac\comctl32.dll14:11:39.0054 4428 C:\Windows\winsxs\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac\comctl32.dll - ok14:11:39.0054 4428 [ 4E9C2DB10F7E6AE91BF761139D4B745B ] C:\Windows\System32\shacct.dll14:11:39.0054 4428 C:\Windows\System32\shacct.dll - ok14:11:39.0069 4428 [ EDBB23CBCF2CDF727D64FF9B51A6070E ] C:\Windows\System32\uxsms.dll14:11:39.0069 4428 C:\Windows\System32\uxsms.dll - ok14:11:39.0069 4428 [ 1538831CF8AD2979A04C423779465827 ] C:\Windows\System32\drivers\lltdio.sys14:11:39.0069 4428 C:\Windows\System32\drivers\lltdio.sys - ok14:11:39.0069 4428 [ 136185F9FB2CC61E573E676AA5402356 ] C:\Windows\System32\drivers\ndisuio.sys14:11:39.0069 4428 C:\Windows\System32\drivers\ndisuio.sys - ok14:11:39.0085 4428 [ 1EA3749C4114DB3E3161156FFFFA6B33 ] C:\Windows\System32\drivers\nwifi.sys14:11:39.0085 4428 C:\Windows\System32\drivers\nwifi.sys - ok14:11:39.0085 4428 [ DDC86E4F8E7456261E637E3552E804FF ] C:\Windows\System32\drivers\rspndr.sys14:11:39.0085 4428 C:\Windows\System32\drivers\rspndr.sys - ok14:11:39.0085 4428 [ 2B81776DA02017A37FE26C662827470E ] C:\Windows\System32\IPHLPAPI.DLL14:11:39.0085 4428 C:\Windows\System32\IPHLPAPI.DLL - ok14:11:39.0101 4428 [ F993A32249B66C9D622EA5592A8B76B8 ] C:\Windows\System32\lmhsvc.dll14:11:39.0101 4428 C:\Windows\System32\lmhsvc.dll - ok14:11:39.0101 4428 [ D54BFDF3E0C953F823B3D0BFE4732528 ] C:\Windows\System32\nsisvc.dll14:11:39.0101 4428 C:\Windows\System32\nsisvc.dll - ok14:11:39.0101 4428 [ D29E998E8277666982B4F0303BF4E7AF ] C:\Windows\System32\uxtheme.dll14:11:39.0101 4428 C:\Windows\System32\uxtheme.dll - ok14:11:39.0116 4428 [ 43D808F5D9E1A18E5EEB5EBC83969E4E ] C:\Windows\System32\dhcpcore.dll14:11:39.0116 4428 C:\Windows\System32\dhcpcore.dll - ok14:11:39.0116 4428 [ 16835866AAA693C7D7FCEBA8FFF706E4 ] C:\Windows\System32\dnsrslvr.dll14:11:39.0116 4428 C:\Windows\System32\dnsrslvr.dll - ok14:11:39.0116 4428 [ 87356377F31DA5F20A833811CD59499C ] C:\Windows\System32\eapphost.dll14:11:39.0116 4428 C:\Windows\System32\eapphost.dll - ok14:11:39.0132 4428 [ E2DDA8726DA9CB5B2C4000C9018A9633 ] C:\Windows\System32\eapsvc.dll14:11:39.0132 4428 C:\Windows\System32\eapsvc.dll - ok14:11:39.0132 4428 [ F9EC845C5EECF20E9A67F9F805F2EF1F ] C:\Windows\System32\keyiso.dll14:11:39.0132 4428 C:\Windows\System32\keyiso.dll - ok14:11:39.0132 4428 [ B73A6E4B319AFFE64582AC5C1801BB3F ] C:\Windows\System32\nrpsrv.dll14:11:39.0132 4428 C:\Windows\System32\nrpsrv.dll - ok14:11:39.0147 4428 [ 4C9210E8F4E052F6A4EB87716DA0C24C ] C:\Windows\System32\winnsi.dll14:11:39.0147 4428 C:\Windows\System32\winnsi.dll - ok14:11:39.0147 4428 [ 179E8401224D557ECFF3695F2016EA5B ] C:\Windows\winsxs\amd64_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.17825_none_2b253c8271ec7765\GdiPlus.dll14:11:39.0147 4428 C:\Windows\winsxs\amd64_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.17825_none_2b253c8271ec7765\GdiPlus.dll - ok14:11:39.0147 4428 [ 3CB6A7286422C72C34DAB54A5DFF1A34 ] C:\Windows\System32\dui70.dll14:11:39.0147 4428 C:\Windows\System32\dui70.dll - ok14:11:39.0163 4428 [ 0040C486584A8E582C861CFB57AB5387 ] C:\Windows\System32\FWPUCLNT.DLL14:11:39.0163 4428 C:\Windows\System32\FWPUCLNT.DLL - ok14:11:39.0163 4428 [ 9FCA3A84338ADEF2AFF67CDA46EF8539 ] C:\Windows\System32\umb.dll14:11:39.0163 4428 C:\Windows\System32\umb.dll - ok14:11:39.0163 4428 [ A648C4A06DE367065B24056D067B4460 ] C:\Windows\System32\wlanmsm.dll14:11:39.0163 4428 C:\Windows\System32\wlanmsm.dll - ok14:11:39.0163 4428 [ 3CC16A849E6092E43909F48EF0E60306 ] C:\Windows\System32\dhcpcore6.dll14:11:39.0163 4428 C:\Windows\System32\dhcpcore6.dll - ok14:11:39.0179 4428 [ 885D0942E0F28DB90919BE3129ECF279 ] C:\Windows\System32\dnsext.dll14:11:39.0179 4428 C:\Windows\System32\dnsext.dll - ok14:11:39.0179 4428 [ 06A1386B6E3A0CBC368665C1840906F4 ] C:\Windows\System32\wlansec.dll14:11:39.0179 4428 C:\Windows\System32\wlansec.dll - ok14:11:39.0179 4428 [ 3C06D5A929B798D0B13F6481242A0FD2 ] C:\Windows\System32\dhcpcsvc6.dll14:11:39.0179 4428 C:\Windows\System32\dhcpcsvc6.dll - ok14:11:39.0194 4428 [ F568F7C08458D69E4FCD8675BBB107E4 ] C:\Windows\System32\dhcpcsvc.dll14:11:39.0194 4428 C:\Windows\System32\dhcpcsvc.dll - ok14:11:39.0194 4428 [ 8CCDE014A4CDF84564E03ACE064CA753 ] C:\Windows\System32\duser.dll14:11:39.0194 4428 C:\Windows\System32\duser.dll - ok14:11:39.0194 4428 [ 0D753307D274F3688BD21C377B616700 ] C:\Windows\System32\eappcfg.dll14:11:39.0194 4428 C:\Windows\System32\eappcfg.dll - ok14:11:39.0210 4428 [ 65522E77A1360DBC8D199DA3BF5EFFE4 ] C:\Windows\System32\eappprxy.dll14:11:39.0210 4428 C:\Windows\System32\eappprxy.dll - ok14:11:39.0210 4428 [ 73FCB7919DEE80EE556F2E498594EBAE ] C:\Windows\System32\onex.dll14:11:39.0210 4428 C:\Windows\System32\onex.dll - ok14:11:39.0210 4428 [ D7F1EF374A90709B31591823B002F918 ] C:\Windows\System32\SndVolSSO.dll14:11:39.0210 4428 C:\Windows\System32\SndVolSSO.dll - ok14:11:39.0225 4428 [ 896F15A6434D93EDB42519D5E18E6B50 ] C:\Windows\System32\hid.dll14:11:39.0225 4428 C:\Windows\System32\hid.dll - ok14:11:39.0225 4428 [ 97E43F324BE1503CB2FFB058534688DA ] C:\Windows\System32\l2gpstore.dll14:11:39.0225 4428 C:\Windows\System32\l2gpstore.dll - ok14:11:39.0225 4428 [ 7D5645EE0EA77D539828433D9B95F5EB ] C:\Windows\System32\WinSCard.dll14:11:39.0225 4428 C:\Windows\System32\WinSCard.dll - ok14:11:39.0241 4428 [ 7F1B4C6FF3B85F9ADF74055187B8A22C ] C:\Windows\System32\wlanutil.dll14:11:39.0241 4428 C:\Windows\System32\wlanutil.dll - ok14:11:39.0241 4428 [ 730BF204A595D5B6D7DC57A247CC741C ] C:\Windows\System32\wlgpclnt.dll14:11:39.0241 4428 C:\Windows\System32\wlgpclnt.dll - ok14:11:39.0241 4428 [ DA1B7075260F3872585BFCDD668C648B ] C:\Windows\System32\dwmapi.dll14:11:39.0241 4428 C:\Windows\System32\dwmapi.dll - ok14:11:39.0241 4428 [ 4FFDE68C4B7C9993FA551E7E36DDB34D ] C:\Windows\System32\msxml6.dll14:11:39.0241 4428 C:\Windows\System32\msxml6.dll - ok14:11:39.0257 4428 [ 6F8B48F3D343E4B186AB6A9E302B7E16 ] C:\Windows\System32\xmllite.dll14:11:39.0257 4428 C:\Windows\System32\xmllite.dll - ok14:11:39.0257 4428 [ 26B73A85855681500BCC25C7CD9FF5B1 ] C:\Windows\System32\WindowsCodecs.dll14:11:39.0257 4428 C:\Windows\System32\WindowsCodecs.dll - ok14:11:39.0257 4428 [ 8FA553E9AE69808D99C164733A0F9590 ] C:\Program Files\Alwil Software\Avast5\AvastSvc.exe14:11:39.0257 4428 C:\Program Files\Alwil Software\Avast5\AvastSvc.exe - ok14:11:39.0272 4428 [ 7FF15A4F092CD4A96055BA69F903E3E9 ] C:\Windows\SysWOW64\ws2_32.dll14:11:39.0272 4428 C:\Windows\SysWOW64\ws2_32.dll - ok14:11:39.0272 4428 [ 6377051C63D5552A311935C67E9FDFDC ] C:\Windows\SysWOW64\nsi.dll14:11:39.0272 4428 C:\Windows\SysWOW64\nsi.dll - ok14:11:39.0272 4428 [ 9F2BACD5E1776A4BB7CC0EC3C3A4F96D ] C:\Windows\System32\winbrand.dll14:11:39.0272 4428 C:\Windows\System32\winbrand.dll - ok14:11:39.0288 4428 [ EB398DED91CFF2F425610EAA2CCF2A23 ] C:\Program Files\Alwil Software\Avast5\aswCmnBS.dll14:11:39.0288 4428 C:\Program Files\Alwil Software\Avast5\aswCmnBS.dll - ok14:11:39.0288 4428 [ CA2985996BB49924B677113DF95CFEA7 ] C:\Windows\System32\SmartcardCredentialProvider.dll14:11:39.0288 4428 C:\Windows\System32\SmartcardCredentialProvider.dll - ok14:11:39.0288 4428 [ C2762A57DF0EE85E63CE4893C5215313 ] C:\Windows\System32\VaultCredProvider.dll14:11:39.0288 4428 C:\Windows\System32\VaultCredProvider.dll - ok14:11:39.0303 4428 [ BF352E73615F5461AA6884472435A544 ] C:\Windows\System32\BioCredProv.dll14:11:39.0303 4428 C:\Windows\System32\BioCredProv.dll - ok14:11:39.0303 4428 [ 796B8123A7859AFD3A4AE10514DBAEB5 ] C:\Windows\System32\winbio.dll14:11:39.0303 4428 C:\Windows\System32\winbio.dll - ok14:11:39.0303 4428 [ CC0AB40F02D2C2A12209715A3C1B07B8 ] C:\Windows\System32\credui.dll14:11:39.0303 4428 C:\Windows\System32\credui.dll - ok14:11:39.0319 4428 [ 44B9C66177651F3F53C87B665D58D17A ] C:\Windows\System32\vaultcli.dll14:11:39.0319 4428 C:\Windows\System32\vaultcli.dll - ok14:11:39.0319 4428 [ 972C3301DB3DA91AE06A95F6B4160B1B ] C:\Windows\System32\certCredProvider.dll14:11:39.0319 4428 C:\Windows\System32\certCredProvider.dll - ok14:11:39.0319 4428 [ 7097425051CE67B450EBF2B1390AE492 ] C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDCREDPROV.DLL14:11:39.0319 4428 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDCREDPROV.DLL - ok14:11:39.0335 4428 [ 87FA0C48C3B2E9FEE518818FE26B15B5 ] C:\Windows\System32\rasplap.dll14:11:39.0335 4428 C:\Windows\System32\rasplap.dll - ok14:11:39.0335 4428 [ B53C4B69B695EDA1B7E41D35CA4244E2 ] C:\Windows\System32\rtutils.dll14:11:39.0335 4428 C:\Windows\System32\rtutils.dll - ok14:11:39.0335 4428 [ 9BC8610C32C96A2983A65DC21CAFA921 ] C:\Windows\System32\UXInit.dll14:11:39.0335 4428 C:\Windows\System32\UXInit.dll - ok14:11:39.0350 4428 [ 34988E1741CA36740284D902F8CC5A2E ] C:\Windows\System32\atieclxx.exe14:11:39.0350 4428 C:\Windows\System32\atieclxx.exe - ok14:11:39.0350 4428 [ 178B51198B7B46CD3C5E744474459A63 ] C:\Program Files\Alwil Software\Avast5\aswCmnOS.dll14:11:39.0350 4428 C:\Program Files\Alwil Software\Avast5\aswCmnOS.dll - ok14:11:39.0350 4428 [ BABE99A18A382A5E2F99B48E0BC3E0D4 ] C:\Program Files\Alwil Software\Avast5\aswCmnIS.dll14:11:39.0350 4428 C:\Program Files\Alwil Software\Avast5\aswCmnIS.dll - ok14:11:39.0366 4428 [ 9C998DB6710BE03FAA3C7D2E506FA774 ] C:\Windows\System32\atiadlxx.dll14:11:39.0366 4428 C:\Windows\System32\atiadlxx.dll - ok14:11:39.0366 4428 [ 5AA945234E9D4CCE4F715276B9AA712C ] C:\Windows\System32\imageres.dll14:11:39.0366 4428 C:\Windows\System32\imageres.dll - ok14:11:39.0366 4428 [ B0945E538CF906BBDDC5A11C8EE868CC ] C:\Windows\System32\microsoft-windows-kernel-processor-power-events.dll14:11:39.0366 4428 C:\Windows\System32\microsoft-windows-kernel-processor-power-events.dll - ok14:11:39.0381 4428 [ CDBE9690CF2B8409FACAD94FAC9479C9 ] C:\Windows\winsxs\x86_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.6161_none_50934f2ebcb7eb57\msvcr90.dll14:11:39.0381 4428 C:\Windows\winsxs\x86_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.6161_none_50934f2ebcb7eb57\msvcr90.dll - ok14:11:39.0381 4428 [ A8EDB86FC2A4D6D1285E4C70384AC35A ] C:\Windows\System32\dllhost.exe14:11:39.0381 4428 C:\Windows\System32\dllhost.exe - ok14:11:39.0381 4428 [ A0A2C1D812C231C9BFE119FDC68E341B ] C:\Windows\System32\IDStore.dll14:11:39.0381 4428 C:\Windows\System32\IDStore.dll - ok14:11:39.0381 4428 [ 23566F9723771108D2E6CD768AC27407 ] C:\Windows\System32\AtBroker.exe14:11:39.0381 4428 C:\Windows\System32\AtBroker.exe - ok14:11:39.0397 4428 [ BAFE84E637BF7388C96EF48D4D3FDD53 ] C:\Windows\System32\userinit.exe14:11:39.0397 4428 C:\Windows\System32\userinit.exe - ok14:11:39.0397 4428 [ F162D5F5E845B9DC352DD1BAD8CEF1BC ] C:\Windows\System32\dwm.exe14:11:39.0397 4428 C:\Windows\System32\dwm.exe - ok14:11:39.0397 4428 [ 4BA77A5EF71C14C764B0ED4701683E3E ] C:\Windows\System32\dwmcore.dll14:11:39.0397 4428 C:\Windows\System32\dwmcore.dll - ok14:11:39.0413 4428 [ FCFCD1101C5DA23B4B95F93D02B2C169 ] C:\Windows\System32\dwmredir.dll14:11:39.0413 4428 C:\Windows\System32\dwmredir.dll - ok14:11:39.0413 4428 [ 5E0DB2D8B2750543CD2EBB9EA8E6CDD3 ] C:\Windows\SysWOW64\user32.dll14:11:39.0413 4428 C:\Windows\SysWOW64\user32.dll - ok14:11:39.0413 4428 [ D6D3AD7BF1D6F6CE9547613ED5E170A2 ] C:\Windows\SysWOW64\gdi32.dll14:11:39.0413 4428 C:\Windows\SysWOW64\gdi32.dll - ok14:11:39.0428 4428 [ 384721EF4024890092625E20CADFAF85 ] C:\Windows\SysWOW64\lpk.dll14:11:39.0428 4428 C:\Windows\SysWOW64\lpk.dll - ok14:11:39.0428 4428 [ 804AAAFEBB3AD5F49334DD906BCB1DE5 ] C:\Windows\SysWOW64\usp10.dll14:11:39.0428 4428 C:\Windows\SysWOW64\usp10.dll - ok14:11:39.0428 4428 [ E1374D37477322D4956604711008C69D ] C:\Windows\System32\d3d10_1.dll14:11:39.0428 4428 C:\Windows\System32\d3d10_1.dll - ok14:11:39.0444 4428 [ 426BA4E737A7988FD1202AF2F2B2F4A6 ] C:\Windows\System32\d3d10_1core.dll14:11:39.0444 4428 C:\Windows\System32\d3d10_1core.dll - ok14:11:39.0444 4428 [ F404E59DB6A0F122AB26BF4F3E2FD0FA ] C:\Windows\System32\dxgi.dll14:11:39.0444 4428 C:\Windows\System32\dxgi.dll - ok14:11:39.0444 4428 [ 4C39358EBDD2FFCD9132A30E1EC31E16 ] C:\Windows\winsxs\x86_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.6161_none_50934f2ebcb7eb57\msvcp90.dll14:11:39.0444 4428 C:\Windows\winsxs\x86_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.6161_none_50934f2ebcb7eb57\msvcp90.dll - ok14:11:39.0459 4428 [ 332FEAB1435662FC6C672E25BEB37BE3 ] C:\Windows\explorer.exe14:11:39.0459 4428 C:\Windows\explorer.exe - ok14:11:39.0459 4428 [ 73B1901F324E07D6CB46F5CDB2FFE37A ] C:\Windows\System32\aticfx64.dll14:11:39.0459 4428 C:\Windows\System32\aticfx64.dll - ok14:11:39.0459 4428 [ 142D78D1D776122DFB0ECFFC0809E4C6 ] C:\Windows\System32\atidxx64.dll14:11:39.0459 4428 C:\Windows\System32\atidxx64.dll - ok14:11:39.0475 4428 [ F0C432F39962CC51F357619BA785A74C ] C:\Windows\System32\atiuxp64.dll14:11:39.0475 4428 C:\Windows\System32\atiuxp64.dll - ok14:11:39.0475 4428 [ 49E5753D923F1AC63B22D3DCB0B47E00 ] C:\Windows\System32\uDWM.dll14:11:39.0475 4428 C:\Windows\System32\uDWM.dll - ok14:11:39.0475 4428 [ 55AFA63F5F2A6CED0C09E2AFE57ECA8D ] C:\Program Files\Alwil Software\Avast5\ashBase.dll14:11:39.0475 4428 C:\Program Files\Alwil Software\Avast5\ashBase.dll - ok14:11:39.0491 4428 [ C515CAEC6B3C6970007954C0250A124C ] C:\Program Files\Alwil Software\Avast5\aswEngLdr.dll14:11:39.0491 4428 C:\Program Files\Alwil Software\Avast5\aswEngLdr.dll - ok14:11:39.0491 4428 [ A543AC1F7138376D778D630A35FCBC4C ] C:\Windows\SysWOW64\psapi.dll14:11:39.0491 4428 C:\Windows\SysWOW64\psapi.dll - ok14:11:39.0491 4428 [ 702254574E7E52052DE39408457B7149 ] C:\Windows\SysWOW64\version.dll14:11:39.0491 4428 C:\Windows\SysWOW64\version.dll - ok14:11:39.0506 4428 [ 42C671E0525618E23371D0E68282F37C ] C:\Windows\SysWOW64\wininet.dll14:11:39.0506 4428 C:\Windows\SysWOW64\wininet.dll - ok14:11:39.0506 4428 [ DF13A51A5C591887D2EC6AE64CEED0FA ] C:\Windows\SysWOW64\wsock32.dll14:11:39.0506 4428 C:\Windows\SysWOW64\wsock32.dll - ok14:11:39.0506 4428 [ 8CC3C111D653E96F3EA1590891491D71 ] C:\Windows\SysWOW64\shlwapi.dll14:11:39.0506 4428 C:\Windows\SysWOW64\shlwapi.dll - ok14:11:39.0506 4428 [ 557A086A4659799D63A9CE474ADFEBE8 ] C:\Windows\SysWOW64\urlmon.dll14:11:39.0506 4428 C:\Windows\SysWOW64\urlmon.dll - ok14:11:39.0522 4428 [ 928CF7268086631F54C3D8E17238C6DD ] C:\Windows\SysWOW64\ole32.dll14:11:39.0522 4428 C:\Windows\SysWOW64\ole32.dll - ok14:11:39.0522 4428 [ 6C765E82B57F2E66CE9C54AC238471D9 ] C:\Windows\SysWOW64\oleaut32.dll14:11:39.0522 4428 C:\Windows\SysWOW64\oleaut32.dll - ok14:11:39.0522 4428 [ 60D21799A4AF4EDCE65FB98830E4B0C8 ] C:\Windows\SysWOW64\crypt32.dll14:11:39.0522 4428 C:\Windows\SysWOW64\crypt32.dll - ok14:11:39.0537 4428 [ C5D48985BADF6CFEDCBCCDD5D92F526D ] C:\Windows\SysWOW64\iertutil.dll14:11:39.0537 4428 C:\Windows\SysWOW64\iertutil.dll - ok14:11:39.0537 4428 [ 938F39B50BAFE13D6F58C7790682C010 ] C:\Windows\SysWOW64\msasn1.dll14:11:39.0537 4428 C:\Windows\SysWOW64\msasn1.dll - ok14:11:39.0537 4428 [ EED05D42D91835064703E2318552ED25 ] C:\Windows\System32\ExplorerFrame.dll14:11:39.0537 4428 C:\Windows\System32\ExplorerFrame.dll - ok14:11:39.0553 4428 [ 867C93CE4B4CCFCDE65CE48A769CD227 ] C:\Program Files\Alwil Software\Avast5\ashShA64.dll14:11:39.0553 4428 C:\Program Files\Alwil Software\Avast5\ashShA64.dll - ok14:11:39.0553 4428 [ B316906B4A04DD39985350D29DE31068 ] C:\PROGRA~1\ALWILS~1\Avast5\1033\Base.dll14:11:39.0553 4428 C:\PROGRA~1\ALWILS~1\Avast5\1033\Base.dll - ok14:11:39.0553 4428 [ 024352FEEC9042260BB4CFB4D79A206B ] C:\Windows\System32\EhStorShell.dll14:11:39.0553 4428 C:\Windows\System32\EhStorShell.dll - ok14:11:39.0569 4428 [ 7EE5F17A21D9A9101207DF4BC37B085D ] C:\Windows\System32\cscdll.dll14:11:39.0569 4428 C:\Windows\System32\cscdll.dll - ok14:11:39.0569 4428 [ 32802C0F6FC7C8F561B9D91F52A46421 ] C:\Windows\System32\cscui.dll14:11:39.0569 4428 C:\Windows\System32\cscui.dll - ok14:11:39.0569 4428 [ 1BF0CB861A48FEB1638228760750F3CB ] C:\Windows\System32\cscapi.dll14:11:39.0569 4428 C:\Windows\System32\cscapi.dll - ok14:11:39.0584 4428 [ 037A719DAD50603202C978CD802623E4 ] C:\Windows\System32\ntshrui.dll14:11:39.0584 4428 C:\Windows\System32\ntshrui.dll - ok14:11:39.0584 4428 [ 1D63F4366288B8A7595397E27010FD44 ] C:\Windows\System32\IconCodecService.dll14:11:39.0584 4428 C:\Windows\System32\IconCodecService.dll - ok14:11:39.0584 4428 [ A6F09E5669D9A19035F6D942CAA15882 ] C:\Windows\SysWOW64\imm32.dll14:11:39.0584 4428 C:\Windows\SysWOW64\imm32.dll - ok14:11:39.0584 4428 [ C9618BC9B2B0FD7C1138D8774795A79B ] C:\Windows\SysWOW64\msctf.dll14:11:39.0584 4428 C:\Windows\SysWOW64\msctf.dll - ok14:11:39.0600 4428 [ 53223B673A3FA2F9A4D1C31C8D3F6CD8 ] C:\Windows\SysWOW64\dbghelp.dll14:11:39.0600 4428 C:\Windows\SysWOW64\dbghelp.dll - ok14:11:39.0600 4428 [ 977C54291BFA6FEE7FF865630E51757B ] C:\Program Files\Alwil Software\Avast5\ashServ.dll14:11:39.0600 4428 C:\Program Files\Alwil Software\Avast5\ashServ.dll - ok14:11:39.0600 4428 [ AAF932B4011D14052955D4B212A4DA8D ] C:\Windows\System32\shsvcs.dll14:11:39.0600 4428 C:\Windows\System32\shsvcs.dll - ok14:11:39.0615 4428 [ 465BEA35F7ED4A4A57686DEA7EA10F47 ] C:\Windows\SysWOW64\cscapi.dll14:11:39.0615 4428 C:\Windows\SysWOW64\cscapi.dll - ok14:11:39.0615 4428 [ 2FCA0D2C59A855C54BAFA22AA329DF0F ] C:\Windows\SysWOW64\netapi32.dll14:11:39.0615 4428 C:\Windows\SysWOW64\netapi32.dll - ok14:11:39.0615 4428 [ 20B3934DB73EABA2B49B7177873CB81F ] C:\Windows\SysWOW64\netutils.dll14:11:39.0615 4428 C:\Windows\SysWOW64\netutils.dll - ok14:11:39.0631 4428 [ 5CCDCD40E732D54E0F7451AC66AC1C87 ] C:\Windows\SysWOW64\srvcli.dll14:11:39.0631 4428 C:\Windows\SysWOW64\srvcli.dll - ok14:11:39.0631 4428 [ E5A4A1326A02F8E7B59E6C3270CE7202 ] C:\Windows\SysWOW64\wkscli.dll14:11:39.0631 4428 C:\Windows\SysWOW64\wkscli.dll - ok14:11:39.0631 4428 [ 16CE3ED063923253905341C9AF850FE7 ] C:\Program Files\Alwil Software\Avast5\ashTask.dll14:11:39.0631 4428 C:\Program Files\Alwil Software\Avast5\ashTask.dll - ok14:11:39.0647 4428 [ 4FF19AC422B7709D786DE58B385C9647 ] C:\Program Files\Alwil Software\Avast5\ashTaskEx.dll14:11:39.0647 4428 C:\Program Files\Alwil Software\Avast5\ashTaskEx.dll - ok14:11:39.0647 4428 [ 045EE3DC56B12B404DC07848D8597C66 ] C:\Program Files\Alwil Software\Avast5\aswAux.dll14:11:39.0647 4428 C:\Program Files\Alwil Software\Avast5\aswAux.dll - ok14:11:39.0647 4428 [ FCA9CC8611654B790DD6242BF862B7F5 ] C:\Program Files\Alwil Software\Avast5\aswLog.dll14:11:39.0647 4428 C:\Program Files\Alwil Software\Avast5\aswLog.dll - ok14:11:39.0662 4428 [ 6F367A9B88CFDD46F42C1D11E5CB7964 ] C:\Program Files\Alwil Software\Avast5\Aavm4h.dll14:11:39.0662 4428 C:\Program Files\Alwil Software\Avast5\Aavm4h.dll - ok14:11:39.0662 4428 [ 12B9869E74F9E698F550F04F8989C591 ] C:\Program Files\Alwil Software\Avast5\aswProperty.dll14:11:39.0662 4428 C:\Program Files\Alwil Software\Avast5\aswProperty.dll - ok14:11:39.0662 4428 [ F186897E0A3B9D0784041221D0265069 ] C:\Program Files\Alwil Software\Avast5\aswSqLt.dll14:11:39.0662 4428 C:\Program Files\Alwil Software\Avast5\aswSqLt.dll - ok14:11:39.0678 4428 [ C2434DEA392826C1687D9BD7FA4845BC ] C:\Program Files\Alwil Software\Avast5\AavmRpch.dll14:11:39.0678 4428 C:\Program Files\Alwil Software\Avast5\AavmRpch.dll - ok14:11:39.0678 4428 [ 264B5D8F4C70A26749FF2CEDDE06BA30 ] C:\Program Files\Alwil Software\Avast5\aswDld.dll14:11:39.0678 4428 C:\Program Files\Alwil Software\Avast5\aswDld.dll - ok14:11:39.0678 4428 [ 902F670F58193A2BC30AA342B11B2C7B ] C:\Program Files\Alwil Software\Avast5\aswIdle.dll14:11:39.0678 4428 C:\Program Files\Alwil Software\Avast5\aswIdle.dll - ok14:11:39.0693 4428 [ 273FD83FC8C4E12F8C55381674F92A44 ] C:\Program Files\Alwil Software\Avast5\aswStrm.dll Link to post Share on other sites More sharing options...
supturb89 Posted December 30, 2012 Author ID:628560 Share Posted December 30, 2012 more TDSKiller14:11:39.0693 4428 C:\Program Files\Alwil Software\Avast5\aswStrm.dll - ok14:11:39.0693 4428 [ F436E847FA799ECD75AD8C313673F450 ] C:\Windows\SysWOW64\cfgmgr32.dll14:11:39.0693 4428 C:\Windows\SysWOW64\cfgmgr32.dll - ok14:11:39.0693 4428 [ 262F6592C3299C005FD6BEC90FC4463A ] C:\Windows\System32\schedsvc.dll14:11:39.0693 4428 C:\Windows\System32\schedsvc.dll - ok14:11:39.0693 4428 [ 945E54F23C72D37B8CD1987AF0DB63BF ] C:\Windows\System32\fveapi.dll14:11:39.0693 4428 C:\Windows\System32\fveapi.dll - ok14:11:39.0709 4428 [ BC414631876B2F28B8DAB08E849C12C5 ] C:\Windows\System32\ktmw32.dll14:11:39.0709 4428 C:\Windows\System32\ktmw32.dll - ok14:11:39.0709 4428 [ 891ECFD08E2C538B7948CBC45106D697 ] C:\Windows\System32\fvecerts.dll14:11:39.0709 4428 C:\Windows\System32\fvecerts.dll - ok14:11:39.0709 4428 [ 694865362F0965779F92BCFE97712323 ] C:\Windows\System32\tbs.dll14:11:39.0709 4428 C:\Windows\System32\tbs.dll - ok14:11:39.0725 4428 [ 8269210DAF3B12BC8300631B28A2A442 ] C:\Windows\System32\wiarpc.dll14:11:39.0725 4428 C:\Windows\System32\wiarpc.dll - ok14:11:39.0725 4428 [ 6DC4A7242F565C9E9C9CCC7BB0FA75C7 ] C:\Windows\System32\taskcomp.dll14:11:39.0725 4428 C:\Windows\System32\taskcomp.dll - ok14:11:39.0725 4428 [ 0EA7DE1ACB728DD5A369FD742D6EEE28 ] C:\Windows\System32\drivers\http.sys14:11:39.0725 4428 C:\Windows\System32\drivers\http.sys - ok14:11:39.0740 4428 [ 85DAA09A98C9286D4EA2BA8D0E644377 ] C:\Windows\System32\spoolsv.exe14:11:39.0740 4428 C:\Windows\System32\spoolsv.exe - ok14:11:39.0740 4428 [ 517110BD83835338C037269E603DB55D ] C:\Windows\System32\taskhost.exe14:11:39.0740 4428 C:\Windows\System32\taskhost.exe - ok14:11:39.0740 4428 [ 94EEAC26F57811BD1AEFC164412F7FCE ] C:\Windows\System32\PlaySndSrv.dll14:11:39.0740 4428 C:\Windows\System32\PlaySndSrv.dll - ok14:11:39.0756 4428 [ 1F1CA9E99DD5BF918BE0BF30B5A42FDA ] C:\Windows\System32\MsCtfMonitor.dll14:11:39.0756 4428 C:\Windows\System32\MsCtfMonitor.dll - ok14:11:39.0756 4428 [ F09A9A1AD21FE618C4C8B0A0D830C886 ] C:\Windows\System32\msutb.dll14:11:39.0756 4428 C:\Windows\System32\msutb.dll - ok14:11:39.0756 4428 [ 9BB99503D6A4DD62569EDE9E5E2672A5 ] C:\Windows\System32\HotStartUserAgent.dll14:11:39.0756 4428 C:\Windows\System32\HotStartUserAgent.dll - ok14:11:39.0771 4428 [ 82974D6A2FD19445CC5171FC378668A4 ] C:\Windows\System32\BFE.DLL14:11:39.0771 4428 C:\Windows\System32\BFE.DLL - ok14:11:39.0771 4428 [ 6C02A83164F5CC0A262F4199F0871CF5 ] C:\Windows\System32\drivers\bowser.sys14:11:39.0771 4428 C:\Windows\System32\drivers\bowser.sys - ok14:11:39.0771 4428 [ 6C38C9E45AE0EA2FA5E551F2ED5E978F ] C:\Windows\System32\drivers\mpsdrv.sys14:11:39.0771 4428 C:\Windows\System32\drivers\mpsdrv.sys - ok14:11:39.0771 4428 [ A5D9106A73DC88564C825D317CAC68AC ] C:\Windows\System32\drivers\mrxsmb.sys14:11:39.0771 4428 C:\Windows\System32\drivers\mrxsmb.sys - ok14:11:39.0787 4428 [ D711B3C1D5F42C0C2415687BE09FC163 ] C:\Windows\System32\drivers\mrxsmb10.sys14:11:39.0787 4428 C:\Windows\System32\drivers\mrxsmb10.sys - ok14:11:39.0787 4428 [ 54FFC9C8898113ACE189D4AA7199D2C1 ] C:\Windows\System32\MPSSVC.dll14:11:39.0787 4428 C:\Windows\System32\MPSSVC.dll - ok14:11:39.0787 4428 [ 9423E9D355C8D303E76B8CFBD8A5C30C ] C:\Windows\System32\drivers\mrxsmb20.sys14:11:39.0787 4428 C:\Windows\System32\drivers\mrxsmb20.sys - ok14:11:39.0803 4428 [ 851A1382EED3E3A7476DB004F4EE3E1A ] C:\Windows\System32\wkssvc.dll14:11:39.0803 4428 C:\Windows\System32\wkssvc.dll - ok14:11:39.0803 4428 [ C67F8A962B2534224D5908D16D2AD3CE ] C:\Windows\System32\wfapigp.dll14:11:39.0803 4428 C:\Windows\System32\wfapigp.dll - ok14:11:39.0803 4428 [ 1834B31C749B86DAC233BBBA1C03BC48 ] C:\Windows\System32\mscms.dll14:11:39.0803 4428 C:\Windows\System32\mscms.dll - ok14:11:39.0818 4428 [ 3AEAA8B561E63452C655DC0584922257 ] C:\Windows\System32\pcasvc.dll14:11:39.0818 4428 C:\Windows\System32\pcasvc.dll - ok14:11:39.0818 4428 [ 6313F223E817CC09AA41811DAA7F541D ] C:\Windows\System32\snmptrap.exe14:11:39.0818 4428 C:\Windows\System32\snmptrap.exe - ok14:11:39.0818 4428 [ 10EAB90C1AE8271B5FE5A8930987EE5C ] C:\Program Files\Windows Live\Mesh\WLRemoteServiceResource.dll14:11:39.0818 4428 C:\Program Files\Windows Live\Mesh\WLRemoteServiceResource.dll - ok14:11:39.0834 4428 [ 91A8E32B00BF7899EDAB6783287DDDA6 ] C:\Windows\System32\PeerDistSh.dll14:11:39.0834 4428 C:\Windows\System32\PeerDistSh.dll - ok14:11:39.0834 4428 [ 908ACB1F594274965A53926B10C81E89 ] C:\Windows\System32\provsvc.dll14:11:39.0834 4428 C:\Windows\System32\provsvc.dll - ok14:11:39.0834 4428 [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB ] C:\Windows\System32\sstpsvc.dll14:11:39.0834 4428 C:\Windows\System32\sstpsvc.dll - ok14:11:39.0834 4428 [ 5997D769CDB108390DCFAEBF442BF816 ] C:\Windows\SysWOW64\RpcRtRemote.dll14:11:39.0834 4428 C:\Windows\SysWOW64\RpcRtRemote.dll - ok14:11:39.0849 4428 [ A8CDF3768604FF95B54669E20053D569 ] C:\Windows\SysWOW64\wscapi.dll14:11:39.0849 4428 C:\Windows\SysWOW64\wscapi.dll - ok14:11:39.0849 4428 [ 8258362DDB18B644A82D8B5061AD9426 ] C:\Windows\SysWOW64\wscisvif.dll14:11:39.0849 4428 C:\Windows\SysWOW64\wscisvif.dll - ok14:11:39.0849 4428 [ 20F6F19FE9E753F2780DC2FA083AD597 ] C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe14:11:39.0849 4428 C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe - ok14:11:39.0865 4428 [ 0B3595A4FF0B36D68E5FC67FD7D70FDC ] C:\Windows\winsxs\x86_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.6195_none_d09154e044272b9a\msvcp80.dll14:11:39.0865 4428 C:\Windows\winsxs\x86_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.6195_none_d09154e044272b9a\msvcp80.dll - ok14:11:39.0865 4428 [ C9564CF4976E7E96B4052737AA2492B4 ] C:\Windows\winsxs\x86_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.6195_none_d09154e044272b9a\msvcr80.dll14:11:39.0865 4428 C:\Windows\winsxs\x86_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.6195_none_d09154e044272b9a\msvcr80.dll - ok14:11:39.0865 4428 [ 1EBE9524683C7C4EED8B8BC93FB6FBCC ] C:\Windows\SysWOW64\fltLib.dll14:11:39.0865 4428 C:\Windows\SysWOW64\fltLib.dll - ok14:11:39.0881 4428 [ 401107CE7913B526FD87CC53F23A102F ] C:\Windows\SysWOW64\guard32.dll14:11:39.0881 4428 C:\Windows\SysWOW64\guard32.dll - ok14:11:39.0881 4428 [ DDDD1D04D5F4360371BC99C7C476F70D ] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\ASL.dll14:11:39.0881 4428 C:\Program Files (x86)\Common Files\Apple\Apple Application Support\ASL.dll - ok14:11:39.0881 4428 [ DC70310B3D079D667B67F0C7067209F3 ] C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService_main.dll14:11:39.0881 4428 C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService_main.dll - ok14:11:39.0896 4428 [ 10FB16B50AFFDA6D44588F3C445DC273 ] C:\Windows\SysWOW64\setupapi.dll14:11:39.0896 4428 C:\Windows\SysWOW64\setupapi.dll - ok14:11:39.0896 4428 [ 2EEFF4502F5E13B1BED4A04CCAD64C08 ] C:\Windows\SysWOW64\devobj.dll14:11:39.0896 4428 C:\Windows\SysWOW64\devobj.dll - ok14:11:39.0896 4428 [ 9184FA2B677CBF2F8E26098980E47304 ] C:\Program Files\Alwil Software\Avast5\defs\12123000\aswEngin.dll14:11:39.0896 4428 C:\Program Files\Alwil Software\Avast5\defs\12123000\aswEngin.dll - ok14:11:39.0912 4428 [ A94AF354E4EA9C835DCF3E60EC75911C ] C:\Program Files\Alwil Software\Avast5\defs\12123000\aswCmnOS.dll14:11:39.0912 4428 C:\Program Files\Alwil Software\Avast5\defs\12123000\aswCmnOS.dll - ok14:11:39.0912 4428 [ F8AC522C1DAEED05BDA7C0E4E394BCD7 ] C:\Program Files\Alwil Software\Avast5\defs\12123000\aswCmnIS.dll14:11:39.0912 4428 C:\Program Files\Alwil Software\Avast5\defs\12123000\aswCmnIS.dll - ok14:11:39.0912 4428 [ 1E7EAFF858538C516D7358C360605E3A ] C:\Program Files\Alwil Software\Avast5\defs\12123000\aswCmnBS.dll14:11:39.0912 4428 C:\Program Files\Alwil Software\Avast5\defs\12123000\aswCmnBS.dll - ok14:11:39.0927 4428 [ 2E929D6CF669AEF225552EEA9BE7E150 ] C:\Program Files\Alwil Software\Avast5\defs\12123000\aswScan.dll14:11:39.0927 4428 C:\Program Files\Alwil Software\Avast5\defs\12123000\aswScan.dll - ok14:11:39.0927 4428 [ 1752EE915B9003E1FD1FFB4DE63E538B ] C:\Program Files\Alwil Software\Avast5\defs\12123000\aswRep.dll14:11:39.0927 4428 C:\Program Files\Alwil Software\Avast5\defs\12123000\aswRep.dll - ok14:11:39.0927 4428 [ CE7828A0EA430338BBCFFC6914462BAA ] C:\Program Files\Alwil Software\Avast5\defs\12123000\aswFiDb.dll14:11:39.0927 4428 C:\Program Files\Alwil Software\Avast5\defs\12123000\aswFiDb.dll - ok14:11:39.0943 4428 [ B9EC9CC2D0013C2DF5E04791E7EDF85D ] C:\Program Files\Alwil Software\Avast5\defs\12123000\algo.dll14:11:39.0943 4428 C:\Program Files\Alwil Software\Avast5\defs\12123000\algo.dll - ok14:11:39.0943 4428 [ D025E95247353BA8ADB53CFF3A4E5BBB ] C:\Program Files\Alwil Software\Avast5\Setup\setiface.dll14:11:39.0943 4428 C:\Program Files\Alwil Software\Avast5\Setup\setiface.dll - ok14:11:39.0943 4428 [ 29E9794708DF51DB5DC89FB2E903A0F6 ] C:\Windows\SysWOW64\shell32.dll14:11:39.0943 4428 C:\Windows\SysWOW64\shell32.dll - ok14:11:39.0959 4428 [ F93674263F6B07C77956E966953242D9 ] C:\Windows\SysWOW64\secur32.dll14:11:39.0959 4428 C:\Windows\SysWOW64\secur32.dll - ok14:11:39.0959 4428 [ 749CF03BADC40453F61FD7025E2BA2F5 ] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\CoreFoundation.dll14:11:39.0959 4428 C:\Program Files (x86)\Common Files\Apple\Apple Application Support\CoreFoundation.dll - ok14:11:39.0959 4428 [ 418E881201583A3039D81F43E39E6C78 ] C:\Windows\SysWOW64\winsta.dll14:11:39.0959 4428 C:\Windows\SysWOW64\winsta.dll - ok14:11:39.0974 4428 [ 9C09AF87AC7351985AB5FFBA3FC52575 ] C:\Program Files\Alwil Software\Avast5\AhResBhv.dll14:11:39.0974 4428 C:\Program Files\Alwil Software\Avast5\AhResBhv.dll - ok14:11:39.0974 4428 [ 152F8772D5A5CD7883305C3B8D28470E ] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\pthreadVC2.dll14:11:39.0974 4428 C:\Program Files (x86)\Common Files\Apple\Apple Application Support\pthreadVC2.dll - ok14:11:39.0974 4428 [ 65EA57712340C09B1B0C427B4848AE05 ] C:\Windows\System32\taskeng.exe14:11:39.0974 4428 C:\Windows\System32\taskeng.exe - ok14:11:39.0990 4428 [ 258D35F5F5F5F3F6045488ECDC14FAAB ] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\objc.dll14:11:39.0990 4428 C:\Program Files (x86)\Common Files\Apple\Apple Application Support\objc.dll - ok14:11:39.0990 4428 [ E844C96552989FA1ECA95778583A904C ] C:\Program Files\Alwil Software\Avast5\AhResJs.dll14:11:39.0990 4428 C:\Program Files\Alwil Software\Avast5\AhResJs.dll - ok14:11:39.0990 4428 [ 7EF0C8A9A1A57756F4868E3693173C08 ] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libdispatch.dll14:11:39.0990 4428 C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libdispatch.dll - ok14:11:40.0005 4428 [ C7B2C357F485A3046DA50DA779068648 ] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\icuin40.dll14:11:40.0005 4428 C:\Program Files (x86)\Common Files\Apple\Apple Application Support\icuin40.dll - ok14:11:40.0005 4428 [ D5AEFAD57C08349A4393D987DF7C715D ] C:\Windows\SysWOW64\winmm.dll14:11:40.0005 4428 C:\Windows\SysWOW64\winmm.dll - ok14:11:40.0005 4428 [ 805A52C5AE26C28E88FDD9BCCFE6F312 ] C:\Windows\System32\TSChannel.dll14:11:40.0005 4428 C:\Windows\System32\TSChannel.dll - ok14:11:40.0021 4428 [ 65CDD43CD0B4876D35C30CA9C7416C05 ] C:\Program Files (x86)\ASUS\EPU-4 Engine\FourEngine.exe14:11:40.0021 4428 C:\Program Files (x86)\ASUS\EPU-4 Engine\FourEngine.exe - ok14:11:40.0021 4428 [ EA10AD929B194D042090B16481E4D30B ] C:\Program Files (x86)\ASUS\AASP\1.00.97\AsLoader.exe14:11:40.0021 4428 C:\Program Files (x86)\ASUS\AASP\1.00.97\AsLoader.exe - ok14:11:40.0021 4428 [ 0EF9D6C6C04CAB0B87C57330910D20A6 ] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\icuuc40.dll14:11:40.0021 4428 C:\Program Files (x86)\Common Files\Apple\Apple Application Support\icuuc40.dll - ok14:11:40.0037 4428 [ F02A533F517EB38333CB12A9E8963773 ] C:\Program Files (x86)\Google\Update\GoogleUpdate.exe14:11:40.0037 4428 C:\Program Files (x86)\Google\Update\GoogleUpdate.exe - ok14:11:40.0037 4428 [ 90E11D62F692F5A0B7DFC548F776BAAF ] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\icudt40.dll14:11:40.0037 4428 C:\Program Files (x86)\Common Files\Apple\Apple Application Support\icudt40.dll - ok14:11:40.0037 4428 [ 17F5861A03516864A5F4CC04C7324278 ] C:\Program Files\Alwil Software\Avast5\AhResMai.dll14:11:40.0037 4428 C:\Program Files\Alwil Software\Avast5\AhResMai.dll - ok14:11:40.0037 4428 [ 8BEC10C53E927CD5E442FE332804F1AC ] C:\Program Files\Alwil Software\Avast5\AhResMes.dll14:11:40.0037 4428 C:\Program Files\Alwil Software\Avast5\AhResMes.dll - ok14:11:40.0052 4428 [ 9B2F20ECF609EDF54FEC43E792028261 ] C:\Program Files\Alwil Software\Avast5\AhResNS.dll14:11:40.0052 4428 C:\Program Files\Alwil Software\Avast5\AhResNS.dll - ok14:11:40.0052 4428 [ 857661F2E5A677CFB6D3B2CF6E428227 ] C:\Program Files\Alwil Software\Avast5\AhResP2P.dll14:11:40.0052 4428 C:\Program Files\Alwil Software\Avast5\AhResP2P.dll - ok14:11:40.0052 4428 [ 2466ED58B8EFB3320BCA73ACF8179D24 ] C:\Program Files\Alwil Software\Avast5\AhResStd.dll14:11:40.0052 4428 C:\Program Files\Alwil Software\Avast5\AhResStd.dll - ok14:11:40.0068 4428 [ 5D9550E02D981B92B133E5F8F7BDF8D2 ] C:\Program Files\Alwil Software\Avast5\AhResWS.dll14:11:40.0068 4428 C:\Program Files\Alwil Software\Avast5\AhResWS.dll - ok14:11:40.0068 4428 [ 72A7C1EC4D3BF38CB115395AD721AE3C ] C:\Program Files\Alwil Software\Avast5\defs\12123000\ArPot.dll14:11:40.0068 4428 C:\Program Files\Alwil Software\Avast5\defs\12123000\ArPot.dll - ok14:11:40.0068 4428 [ 3FD15B4611D9BDA3F8013548C0ECAECA ] C:\Windows\SysWOW64\ntmarta.dll14:11:40.0068 4428 C:\Windows\SysWOW64\ntmarta.dll - ok14:11:40.0083 4428 [ A8BB45F9ECAD993461E0FEF8E2A99152 ] C:\Windows\SysWOW64\Wldap32.dll14:11:40.0083 4428 C:\Windows\SysWOW64\Wldap32.dll - ok14:11:40.0083 4428 [ 8999B8631C7FD9F7F9EC3CAFD953BA24 ] C:\Windows\SysWOW64\mswsock.dll14:11:40.0083 4428 C:\Windows\SysWOW64\mswsock.dll - ok14:11:40.0083 4428 [ F832F1505AD8B83474BD9A5B1B985E01 ] C:\Program Files (x86)\Bonjour\mDNSResponder.exe14:11:40.0083 4428 C:\Program Files (x86)\Bonjour\mDNSResponder.exe - ok14:11:40.0099 4428 [ 17448AF0BBA9E7AB5EC955AF93F271BD ] C:\Windows\SysWOW64\wintrust.dll14:11:40.0099 4428 C:\Windows\SysWOW64\wintrust.dll - ok14:11:40.0099 4428 [ EE5C8E27C37B79CB54A2FCEEED2DC262 ] C:\Windows\SysWOW64\WSHTCPIP.DLL14:11:40.0099 4428 C:\Windows\SysWOW64\WSHTCPIP.DLL - ok14:11:40.0099 4428 [ 1ABFFB6ABE8B70EDA4206F0F3D3D72F4 ] C:\Program Files\Alwil Software\Avast5\ashMaiSv.dll14:11:40.0099 4428 C:\Program Files\Alwil Software\Avast5\ashMaiSv.dll - ok14:11:40.0115 4428 [ 7321F18D1F820612ED0E9F2D4B578A7E ] C:\Windows\SysWOW64\cryptsp.dll14:11:40.0115 4428 C:\Windows\SysWOW64\cryptsp.dll - ok14:11:40.0115 4428 [ ED8EC63F7522DF4852147C84EC62C36A ] C:\Windows\SysWOW64\rsaenh.dll14:11:40.0115 4428 C:\Windows\SysWOW64\rsaenh.dll - ok14:11:40.0115 4428 [ 0BA65122FFA7E37564EE86422DBF7AE8 ] C:\Windows\SysWOW64\nlaapi.dll14:11:40.0115 4428 C:\Windows\SysWOW64\nlaapi.dll - ok14:11:40.0115 4428 [ 0B7E85364CB878E2AD531DB7B601A9E5 ] C:\Windows\SysWOW64\NapiNSP.dll14:11:40.0115 4428 C:\Windows\SysWOW64\NapiNSP.dll - ok14:11:40.0130 4428 [ 5CF640EDDB1E40A5AB1BB743BCDEC610 ] C:\Windows\SysWOW64\pnrpnsp.dll14:11:40.0130 4428 C:\Windows\SysWOW64\pnrpnsp.dll - ok14:11:40.0130 4428 [ CFB3EEDF620E7F32464A3091BA76D5E8 ] C:\Program Files\Alwil Software\Avast5\defs\12123000\exts.dll14:11:40.0130 4428 C:\Program Files\Alwil Software\Avast5\defs\12123000\exts.dll - ok14:11:40.0130 4428 [ 9D4A1690AF93F233E15380398BEC7431 ] C:\Program Files (x86)\Common Files\microsoft shared\Windows Live\WLIDNSP.DLL14:11:40.0130 4428 C:\Program Files (x86)\Common Files\microsoft shared\Windows Live\WLIDNSP.DLL - ok14:11:40.0146 4428 [ C69DBFA61FE3DEA653A9B83C3A2B052B ] C:\Program Files (x86)\Bonjour\mdnsNSP.dll14:11:40.0146 4428 C:\Program Files (x86)\Bonjour\mdnsNSP.dll - ok14:11:40.0146 4428 [ 39EADCAA61372C038BCFED96DF5323DA ] C:\Program Files\Alwil Software\Avast5\ashWebSv.dll14:11:40.0146 4428 C:\Program Files\Alwil Software\Avast5\ashWebSv.dll - ok14:11:40.0146 4428 [ B40420876B9288E0A1C8CCA8A84E5DC9 ] C:\Windows\SysWOW64\dnsapi.dll14:11:40.0146 4428 C:\Windows\SysWOW64\dnsapi.dll - ok14:11:40.0161 4428 [ A90DC9ABD65DB1A8902F361103029952 ] C:\Windows\SysWOW64\IPHLPAPI.DLL14:11:40.0161 4428 C:\Windows\SysWOW64\IPHLPAPI.DLL - ok14:11:40.0161 4428 [ CFF35B879D1618D42C86644C717BA947 ] C:\Windows\SysWOW64\winnsi.dll14:11:40.0161 4428 C:\Windows\SysWOW64\winnsi.dll - ok14:11:40.0161 4428 [ 03A03A453F1AAAE0C73AAAF895321C7A ] C:\Windows\SysWOW64\FWPUCLNT.DLL14:11:40.0161 4428 C:\Windows\SysWOW64\FWPUCLNT.DLL - ok14:11:40.0177 4428 [ 5DF5D8CFD9B9573FA3B2C89D9061A240 ] C:\Windows\SysWOW64\winrnr.dll14:11:40.0177 4428 C:\Windows\SysWOW64\winrnr.dll - ok14:11:40.0177 4428 [ ED6EE83D61EBC683C2CD8E899EA6FEBE ] C:\Windows\SysWOW64\rasadhlp.dll14:11:40.0177 4428 C:\Windows\SysWOW64\rasadhlp.dll - ok14:11:40.0177 4428 [ 96386E75BCFED6F339BE01359D6CBFAF ] C:\Program Files\Alwil Software\Avast5\ashWsFtr.dll14:11:40.0177 4428 C:\Program Files\Alwil Software\Avast5\ashWsFtr.dll - ok14:11:40.0193 4428 [ 4F6E72B34ED3DC53DCC5E8708E60B61F ] C:\Windows\SysWOW64\security.dll14:11:40.0193 4428 C:\Windows\SysWOW64\security.dll - ok14:11:40.0193 4428 [ 352B3DC62A0D259A82A052238425C872 ] C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2\comctl32.dll14:11:40.0193 4428 C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2\comctl32.dll - ok14:11:40.0193 4428 [ 73E8667A19FEEDD856DF2695E9E511D4 ] C:\Windows\SysWOW64\wship6.dll14:11:40.0193 4428 C:\Windows\SysWOW64\wship6.dll - ok14:11:40.0193 4428 [ D79D3EABD4730970770EFA530D094E0F ] C:\Program Files\Alwil Software\Avast5\snxhk.dll14:11:40.0193 4428 C:\Program Files\Alwil Software\Avast5\snxhk.dll - ok14:11:40.0208 4428 [ 08DFDBD2FD4EA951DC46B1C7661ED35A ] C:\Windows\SysWOW64\powrprof.dll14:11:40.0208 4428 C:\Windows\SysWOW64\powrprof.dll - ok14:11:40.0208 4428 [ 863F793D15B4026B1A5FDECA873D4D84 ] C:\Windows\SysWOW64\apphelp.dll14:11:40.0208 4428 C:\Windows\SysWOW64\apphelp.dll - ok14:11:40.0208 4428 [ 893F8E81D1117C48CB9D6E9E5F64BAB1 ] C:\Program Files\Alwil Software\Avast5\Setup\avast.setup14:11:40.0208 4428 C:\Program Files\Alwil Software\Avast5\Setup\avast.setup - ok14:11:40.0224 4428 [ B26F4F737E8F9DF4F31AF6CF31D05820 ] C:\Windows\System32\dps.dll14:11:40.0224 4428 C:\Windows\System32\dps.dll - ok14:11:40.0224 4428 [ C4002B6B41975F057D98C439030CEA07 ] C:\Windows\ehome\ehrecvr.exe14:11:40.0224 4428 C:\Windows\ehome\ehrecvr.exe - ok14:11:40.0224 4428 [ 81F6C1AE23B1C493D9E996C3103915D7 ] C:\Windows\SysWOW64\dhcpcsvc6.dll14:11:40.0224 4428 C:\Windows\SysWOW64\dhcpcsvc6.dll - ok14:11:40.0239 4428 [ 9A85ABCE0FDD1AF8E79E731EB0B679F3 ] C:\Windows\SysWOW64\dhcpcsvc.dll14:11:40.0239 4428 C:\Windows\SysWOW64\dhcpcsvc.dll - ok14:11:40.0239 4428 [ 9FF47CD8A3787C8FD3CDFE40441C722E ] C:\Program Files (x86)\Google\Update\1.3.21.123\goopdate.dll14:11:40.0239 4428 C:\Program Files (x86)\Google\Update\1.3.21.123\goopdate.dll - ok14:11:40.0239 4428 [ B2DB6ABA2E292235749B80A9C3DFA867 ] C:\Windows\SysWOW64\imagehlp.dll14:11:40.0239 4428 C:\Windows\SysWOW64\imagehlp.dll - ok14:11:40.0255 4428 [ BDAC1AA64495D0F7E1FF810EBBF1F018 ] C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_5.82.7601.17514_none_ec83dffa859149af\comctl32.dll14:11:40.0255 4428 C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_5.82.7601.17514_none_ec83dffa859149af\comctl32.dll - ok14:11:40.0255 4428 [ A6C29DB53ECA94FA8591C5388D604B82 ] C:\Windows\SysWOW64\msi.dll14:11:40.0255 4428 C:\Windows\SysWOW64\msi.dll - ok14:11:40.0255 4428 [ D1DE1EAFDE97BE41CF6585027FF3E732 ] C:\Windows\SysWOW64\comdlg32.dll14:11:40.0255 4428 C:\Windows\SysWOW64\comdlg32.dll - ok14:11:40.0271 4428 [ 9E4B0E7472B4CEBA9E17F440B8CB0AB8 ] C:\Windows\SysWOW64\winspool.drv14:11:40.0271 4428 C:\Windows\SysWOW64\winspool.drv - ok14:11:40.0271 4428 [ 18AB2E5A40064ED5F7791AC5946A90F3 ] C:\Windows\SysWOW64\msimg32.dll14:11:40.0271 4428 C:\Windows\SysWOW64\msimg32.dll - ok14:11:40.0271 4428 [ 936F728E04ACCF3F38801CFFCF1E3F40 ] C:\Windows\SysWOW64\oledlg.dll14:11:40.0271 4428 C:\Windows\SysWOW64\oledlg.dll - ok14:11:40.0286 4428 [ CA9F7888B524D8100B977C81F44C3234 ] C:\Windows\SysWOW64\winhttp.dll14:11:40.0286 4428 C:\Windows\SysWOW64\winhttp.dll - ok14:11:40.0286 4428 [ FB19FC5951A88F3C523E35C2C98D23C0 ] C:\Windows\SysWOW64\webio.dll14:11:40.0286 4428 C:\Windows\SysWOW64\webio.dll - ok14:11:40.0286 4428 [ 9C17DCD6DDFEB1A012544FAF4F2789F6 ] C:\Windows\AppPatch\AcGenral.dll14:11:40.0286 4428 C:\Windows\AppPatch\AcGenral.dll - ok14:11:40.0286 4428 [ 26BA928D3FBA2A12589A8A9B1A47FB08 ] C:\Program Files\Alwil Software\Avast5\defs\12123000\aswAR.dll14:11:40.0286 4428 C:\Program Files\Alwil Software\Avast5\defs\12123000\aswAR.dll - ok14:11:40.0302 4428 [ 0D0FA4434A9434641AB0A6332AC5560A ] C:\Program Files\Alwil Software\Avast5\defs\12123000\aswRawFS.dll14:11:40.0302 4428 C:\Program Files\Alwil Software\Avast5\defs\12123000\aswRawFS.dll - ok14:11:40.0302 4428 [ 9392C25DEEDA9A79FDBF6559D47EAB1F ] C:\Program Files\Alwil Software\Avast5\snxhk64.dll14:11:40.0302 4428 C:\Program Files\Alwil Software\Avast5\snxhk64.dll - ok14:11:40.0302 4428 [ 4D842C5081F06E61BFF461CF87D13525 ] C:\Windows\ehome\ehtrace.dll14:11:40.0302 4428 C:\Windows\ehome\ehtrace.dll - ok14:11:40.0317 4428 [ C07D5582F2107ACAB4564E1DAE977C64 ] C:\Windows\ehome\ehprivjob.exe14:11:40.0317 4428 C:\Windows\ehome\ehprivjob.exe - ok14:11:40.0317 4428 [ 3326166011C9BC13D6A8EFD856E9921C ] C:\Windows\System32\conhost.exe14:11:40.0317 4428 C:\Windows\System32\conhost.exe - ok14:11:40.0317 4428 [ DB76DB15EFC6E4D1153A6C5BC895948D ] C:\Windows\System32\sppc.dll14:11:40.0317 4428 C:\Windows\System32\sppc.dll - ok14:11:40.0333 4428 [ 4705E8EF9934482C5BB488CE28AFC681 ] C:\Windows\ehome\ehsched.exe14:11:40.0333 4428 C:\Windows\ehome\ehsched.exe - ok14:11:40.0333 4428 [ 94B3C06DCF580695EBA5304F3C750256 ] C:\Program Files\Windows Home Server\esClient.exe14:11:40.0333 4428 C:\Program Files\Windows Home Server\esClient.exe - ok14:11:40.0333 4428 [ A5AE40808B72A25379A5499AD9977743 ] C:\Windows\System32\sbe.dll14:11:40.0333 4428 C:\Windows\System32\sbe.dll - ok14:11:40.0333 4428 [ 43964FA89CCF97BA6BE34D69455AC65F ] C:\Windows\SysWOW64\uxtheme.dll14:11:40.0333 4428 C:\Windows\SysWOW64\uxtheme.dll - ok14:11:40.0349 4428 [ 85683DF1F917E4D7F6BE1A04986BF1C8 ] C:\Windows\SysWOW64\msacm32.dll14:11:40.0349 4428 C:\Windows\SysWOW64\msacm32.dll - ok14:11:40.0349 4428 [ 68ECCA523ED760AAFC03C5D587569859 ] C:\Windows\SysWOW64\samcli.dll14:11:40.0349 4428 C:\Windows\SysWOW64\samcli.dll - ok14:11:40.0349 4428 [ 40CAEEE0EAF1B8569F7C8DF6420F2CB9 ] C:\Windows\SysWOW64\sfc.dll14:11:40.0349 4428 C:\Windows\SysWOW64\sfc.dll - ok14:11:40.0364 4428 [ 84799328D87B3091A3BDD251E1AD31F9 ] C:\Windows\SysWOW64\sfc_os.dll14:11:40.0364 4428 C:\Windows\SysWOW64\sfc_os.dll - ok14:11:40.0364 4428 [ 39C5F32747B3414D1BB216FDB1DEFC58 ] C:\Windows\SysWOW64\dwmapi.dll14:11:40.0364 4428 C:\Windows\SysWOW64\dwmapi.dll - ok14:11:40.0364 4428 [ B9A8CBCFCD3EC9D2EA4740AF347BF108 ] C:\Windows\SysWOW64\mpr.dll14:11:40.0364 4428 C:\Windows\SysWOW64\mpr.dll - ok14:11:40.0380 4428 [ 9BAC981F66940ACFF5469D15B769E056 ] C:\Windows\System32\logman.exe14:11:40.0380 4428 C:\Windows\System32\logman.exe - ok14:11:40.0380 4428 [ 802496CB59A30349F9A6DD22D6947644 ] C:\Windows\System32\FDResPub.dll14:11:40.0380 4428 C:\Windows\System32\FDResPub.dll - ok14:11:40.0380 4428 [ FCD84C381E0140AF901E58D48882D26B ] C:\Windows\System32\IKEEXT.DLL14:11:40.0380 4428 C:\Windows\System32\IKEEXT.DLL - ok14:11:40.0395 4428 [ 847D3AE376C0817161A14A82C8922A9E ] C:\Windows\System32\netman.dll14:11:40.0395 4428 C:\Windows\System32\netman.dll - ok14:11:40.0395 4428 [ C7CF6A6E137463219E1259E3F0F0DD6C ] C:\Windows\System32\pla.dll14:11:40.0395 4428 C:\Windows\System32\pla.dll - ok14:11:40.0395 4428 [ 8AD77806D336673F270DB31645267293 ] C:\Windows\System32\nlasvc.dll14:11:40.0395 4428 C:\Windows\System32\nlasvc.dll - ok14:11:40.0411 4428 [ 60C44E5B40F1845800494001464CD627 ] C:\Program Files (x86)\ASUS\EPU-4 Engine\AsAcpi.dll14:11:40.0411 4428 C:\Program Files (x86)\ASUS\EPU-4 Engine\AsAcpi.dll - ok14:11:40.0411 4428 [ 1727B2A2F379A32B864C096FA794AADC ] C:\Windows\System32\aepic.dll14:11:40.0411 4428 C:\Windows\System32\aepic.dll - ok14:11:40.0411 4428 [ C6DCD1D11ED6827F05C00773C3E7053C ] C:\Windows\System32\sfc.dll14:11:40.0411 4428 C:\Windows\System32\sfc.dll - ok14:11:40.0411 4428 [ 895C9AB0A855547445C4181195230757 ] C:\Windows\System32\sfc_os.dll14:11:40.0411 4428 C:\Windows\System32\sfc_os.dll - ok14:11:40.0427 4428 [ 539C49CEBB3C50957AC8A09D95ECD880 ] C:\Windows\SysWOW64\shfolder.dll14:11:40.0427 4428 C:\Windows\SysWOW64\shfolder.dll - ok14:11:40.0427 4428 [ 68769C3356B3BE5D1C732C97B9A80D6E ] C:\Windows\System32\drivers\PEAuth.sys14:11:40.0427 4428 C:\Windows\System32\drivers\PEAuth.sys - ok14:11:40.0427 4428 [ 3EA8A16169C26AFBEB544E0E48421186 ] C:\Windows\System32\drivers\secdrv.sys14:11:40.0427 4428 C:\Windows\System32\drivers\secdrv.sys - ok14:11:40.0442 4428 [ 0191E738BF521FE6EC567148E73C086B ] C:\Windows\System32\MSVidCtl.dll14:11:40.0442 4428 C:\Windows\System32\MSVidCtl.dll - ok14:11:40.0442 4428 [ AE5A69F44C1F97EDC83237FC0B29B6FB ] C:\Program Files (x86)\Google\Update\1.3.21.123\GoogleCrashHandler.exe14:11:40.0442 4428 C:\Program Files (x86)\Google\Update\1.3.21.123\GoogleCrashHandler.exe - ok14:11:40.0442 4428 [ 41938F2C1642459CBBA691B5DBD6395A ] C:\Program Files (x86)\Google\Update\1.3.21.123\GoogleCrashHandler64.exe14:11:40.0442 4428 C:\Program Files (x86)\Google\Update\1.3.21.123\GoogleCrashHandler64.exe - ok14:11:40.0458 4428 [ FF5688D309347F2720911D8796912834 ] C:\Windows\SysWOW64\clbcatq.dll14:11:40.0458 4428 C:\Windows\SysWOW64\clbcatq.dll - ok14:11:40.0458 4428 [ C5A99A4C0DC9F0F5A95BA0C83D30A549 ] C:\Windows\SysWOW64\mstask.dll14:11:40.0458 4428 C:\Windows\SysWOW64\mstask.dll - ok14:11:40.0458 4428 [ F1B205F932F62F94506A5F332C895DAF ] C:\Windows\System32\WSDApi.dll14:11:40.0458 4428 C:\Windows\System32\WSDApi.dll - ok14:11:40.0473 4428 [ 27E461F0BE5BFF5FC737328F749538C3 ] C:\Windows\System32\drivers\srvnet.sys14:11:40.0473 4428 C:\Windows\System32\drivers\srvnet.sys - ok14:11:40.0473 4428 [ 210FCACAF902B2CD47CF9FD17D846146 ] C:\Windows\System32\aeevts.dll14:11:40.0473 4428 C:\Windows\System32\aeevts.dll - ok14:11:40.0473 4428 [ BCEA9AB347E53BC03B2E36BE0B8BA0EF ] C:\Windows\System32\httpapi.dll14:11:40.0473 4428 C:\Windows\System32\httpapi.dll - ok14:11:40.0473 4428 [ BC617A4E1B4FA8DF523A061739A0BD87 ] C:\Windows\System32\seclogon.dll14:11:40.0473 4428 C:\Windows\System32\seclogon.dll - ok14:11:40.0489 4428 [ BF9CCC0BF39B418C8D0AE8B05CF95B7D ] C:\Windows\System32\sysmain.dll14:11:40.0489 4428 C:\Windows\System32\sysmain.dll - ok14:11:40.0489 4428 [ 8DD52E8E6128F4B2DA92CE27402871C1 ] C:\Windows\System32\wiaservc.dll14:11:40.0489 4428 C:\Windows\System32\wiaservc.dll - ok14:11:40.0489 4428 [ 77B5035BC6EDF4D1B6265391AECEE4C0 ] C:\Windows\System32\vpnikeapi.dll14:11:40.0489 4428 C:\Windows\System32\vpnikeapi.dll - ok14:11:40.0505 4428 [ 44A8B9185030EA57F7999383643ADFFB ] C:\Windows\System32\quartz.dll14:11:40.0505 4428 C:\Windows\System32\quartz.dll - ok14:11:40.0505 4428 [ 9E0FF5DDD8B908DA5611445C35D6CD24 ] C:\Windows\System32\slcext.dll14:11:40.0505 4428 C:\Windows\System32\slcext.dll - ok14:11:40.0505 4428 [ 6F5BE3F67D7F66FFA861ABBFC6A8C973 ] C:\Windows\System32\sppcext.dll14:11:40.0505 4428 C:\Windows\System32\sppcext.dll - ok14:11:40.0520 4428 [ D4FAC263861BAE06971C7F7D0A8EBF15 ] C:\Windows\System32\ncsi.dll14:11:40.0520 4428 C:\Windows\System32\ncsi.dll - ok14:11:40.0520 4428 [ 58F4493BF748A3A89689997B7BD00E95 ] C:\Windows\System32\winhttp.dll14:11:40.0520 4428 C:\Windows\System32\winhttp.dll - ok14:11:40.0520 4428 [ C55516D98DD5D8F0153C2A9B4227DA86 ] C:\Windows\System32\webservices.dll14:11:40.0520 4428 C:\Windows\System32\webservices.dll - ok14:11:40.0536 4428 [ B5055B51BAA0FD0A736A88653DA3C1C0 ] C:\Windows\System32\fundisc.dll14:11:40.0536 4428 C:\Windows\System32\fundisc.dll - ok14:11:40.0536 4428 [ 40F0849F65D13EE87B9A9AE3C1DD6823 ] C:\Windows\System32\tapisrv.dll14:11:40.0536 4428 C:\Windows\System32\tapisrv.dll - ok14:11:40.0536 4428 [ 603EBD34E216C5654A2D774EAC98D278 ] C:\Windows\System32\webio.dll14:11:40.0536 4428 C:\Windows\System32\webio.dll - ok14:11:40.0551 4428 [ CF6850A72BEB4845A3BFFB3F5E8014B2 ] C:\Windows\System32\pdh.dll14:11:40.0551 4428 C:\Windows\System32\pdh.dll - ok14:11:40.0551 4428 [ FBD879D17B26D49DD7A48FF58062FAE6 ] C:\Windows\System32\tdh.dll14:11:40.0551 4428 C:\Windows\System32\tdh.dll - ok14:11:40.0551 4428 [ 1B16D0BD9841794A6E0CDE0CEF744ABC ] C:\Windows\System32\drivers\tcpipreg.sys14:11:40.0551 4428 C:\Windows\System32\drivers\tcpipreg.sys - ok14:11:40.0567 4428 [ 3BDCBB29D727C49DC3E3256253467281 ] C:\Windows\System32\wmdrmsdk.dll14:11:40.0567 4428 C:\Windows\System32\wmdrmsdk.dll - ok14:11:40.0567 4428 [ 54B5DCD55B223BC5DF50B82E1E9E86B1 ] C:\Windows\System32\mfplat.dll14:11:40.0567 4428 C:\Windows\System32\mfplat.dll - ok14:11:40.0567 4428 [ 7E7AFD841694F6AC397E99D75CEAD49D ] C:\Windows\System32\trkwks.dll14:11:40.0567 4428 C:\Windows\System32\trkwks.dll - ok14:11:40.0567 4428 [ 0364256B4A2A93A8C8CDA6B3B5A0EFF5 ] C:\Windows\System32\wiatrace.dll14:11:40.0567 4428 C:\Windows\System32\wiatrace.dll - ok14:11:40.0583 4428 [ 19B07E7E8915D701225DA41CB3877306 ] C:\Windows\System32\wbem\WMIsvc.dll14:11:40.0583 4428 C:\Windows\System32\wbem\WMIsvc.dll - ok14:11:40.0583 4428 [ 0255C22D99602534F15CBB8D9B6F152F ] C:\Windows\System32\wbem\WinMgmtR.dll14:11:40.0583 4428 C:\Windows\System32\wbem\WinMgmtR.dll - ok14:11:40.0583 4428 [ 0C52762C606BCF6A377D5E4688191A6B ] C:\Windows\System32\wbem\WmiDcPrv.dll14:11:40.0583 4428 C:\Windows\System32\wbem\WmiDcPrv.dll - ok14:11:40.0598 4428 [ CF318F60A84F15AF352439465A8D05F4 ] C:\Program Files\Windows Defender\MpSvc.dll14:11:40.0598 4428 C:\Program Files\Windows Defender\MpSvc.dll - ok14:11:40.0598 4428 [ ADF3E771F429940E762AC097F5A54EAF ] C:\Program Files\Windows Defender\MpClient.dll14:11:40.0598 4428 C:\Program Files\Windows Defender\MpClient.dll - ok14:11:40.0598 4428 [ FA5CF5CC82D4E39103DEC713E3790FF9 ] C:\Program Files (x86)\ASUS\EPU-4 Engine\AiGear.dll14:11:40.0598 4428 C:\Program Files (x86)\ASUS\EPU-4 Engine\AiGear.dll - ok14:11:40.0614 4428 [ 5EB55F661DEBF156E126160BCD4D89F8 ] C:\Windows\System32\wbem\wbemcore.dll14:11:40.0614 4428 C:\Windows\System32\wbem\wbemcore.dll - ok14:11:40.0614 4428 [ 7E47C328FC4768CB8BEAFBCFAFA70362 ] C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE14:11:40.0614 4428 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE - ok14:11:40.0614 4428 [ 2BBF3FDB70B8965DFA0258CBAB41ECCE ] C:\Windows\System32\ssdpapi.dll14:11:40.0614 4428 C:\Windows\System32\ssdpapi.dll - ok14:11:40.0629 4428 [ 522B0466ED967A0762E9AF5B37D8F40A ] C:\Windows\System32\esent.dll14:11:40.0629 4428 C:\Windows\System32\esent.dll - ok14:11:40.0629 4428 [ 46767946E7B559D981C1DC04EC0AB36F ] C:\Windows\System32\devenum.dll14:11:40.0629 4428 C:\Windows\System32\devenum.dll - ok14:11:40.0629 4428 [ 5F639198C4137075DA50E61C23963C11 ] C:\Windows\System32\drprov.dll14:11:40.0629 4428 C:\Windows\System32\drprov.dll - ok14:11:40.0629 4428 [ 558C42D165DB5799B4072DC0A9C27C0B ] C:\Windows\System32\msdmo.dll14:11:40.0629 4428 C:\Windows\System32\msdmo.dll - ok14:11:40.0645 4428 [ D38535978F93F9FC9F28BE6093A87DBE ] C:\Windows\System32\msdri.dll14:11:40.0645 4428 C:\Windows\System32\msdri.dll - ok14:11:40.0645 4428 [ 96DB78C9C50CEED9DA5050EFFEE272A2 ] C:\Windows\System32\upnp.dll14:11:40.0645 4428 C:\Windows\System32\upnp.dll - ok14:11:40.0645 4428 [ B837D1528CE2E3CB79F09496BC08DDC6 ] C:\Windows\System32\SensApi.dll14:11:40.0645 4428 C:\Windows\System32\SensApi.dll - ok14:11:40.0661 4428 [ 93812FDC01AA864195816CD814445F95 ] C:\Program Files\Common Files\Microsoft Shared\Windows Live\SQMAPI.DLL14:11:40.0661 4428 C:\Program Files\Common Files\Microsoft Shared\Windows Live\SQMAPI.DLL - ok14:11:40.0661 4428 [ 9689A9C7F7C2A1A423CDA2C3B43FFF65 ] C:\Windows\System32\wer.dll14:11:40.0661 4428 C:\Windows\System32\wer.dll - ok14:11:40.0661 4428 [ 9149EC69ACD3EFC97B01D5A1BAEB3B57 ] C:\Program Files\Windows Home Server\Microsoft.HomeServer.Archive.TransferService.exe14:11:40.0661 4428 C:\Program Files\Windows Home Server\Microsoft.HomeServer.Archive.TransferService.exe - ok14:11:40.0676 4428 [ A08C010D859F8EB42BDD7E1D55B8CA27 ] C:\Windows\System32\mscoree.dll14:11:40.0676 4428 C:\Windows\System32\mscoree.dll - ok14:11:40.0676 4428 [ 087D8668C71634A3A3761135ABF16EEE ] C:\Windows\System32\wbem\esscli.dll14:11:40.0676 4428 C:\Windows\System32\wbem\esscli.dll - ok14:11:40.0676 4428 [ 63DCDFFCBB7E41540F4D64CCED66536B ] C:\ProgramData\Microsoft\IdentityCRL\production\ppcrlconfig600.dll14:11:40.0676 4428 C:\ProgramData\Microsoft\IdentityCRL\production\ppcrlconfig600.dll - ok14:11:40.0692 4428 [ AA794B099F776B37ACCDEAD00E0FBFC9 ] C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscoreei.dll14:11:40.0692 4428 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscoreei.dll - ok14:11:40.0692 4428 [ BC566D17914B07ABAAB3A5A385CC3300 ] C:\Windows\System32\ntlanman.dll14:11:40.0692 4428 C:\Windows\System32\ntlanman.dll - ok14:11:40.0692 4428 [ 0B2D65FDDE31069299AA6330F359FF9C ] C:\Windows\System32\msxml3.dll14:11:40.0692 4428 C:\Windows\System32\msxml3.dll - ok14:11:40.0707 4428 [ EE26D130808D16C0E417BBBED0451B34 ] C:\Windows\System32\ntdsapi.dll14:11:40.0707 4428 C:\Windows\System32\ntdsapi.dll - ok14:11:40.0707 4428 [ A3F5E8EC1316C3E2562B82694A251C9E ] C:\Windows\System32\wbem\fastprox.dll14:11:40.0707 4428 C:\Windows\System32\wbem\fastprox.dll - ok14:11:40.0707 4428 [ 718B6F51AB7F6FE2988A36868F9AD3AB ] C:\Windows\System32\wbem\wbemsvc.dll14:11:40.0707 4428 C:\Windows\System32\wbem\wbemsvc.dll - ok14:11:40.0707 4428 [ 0143DB80DACFB7C2B5B7009ED9063353 ] C:\Windows\System32\wbem\wmiutils.dll14:11:40.0707 4428 C:\Windows\System32\wbem\wmiutils.dll - ok14:11:40.0723 4428 [ B3A33600DCDFB84D7FBE09ADEB1C9B8A ] C:\Windows\System32\davclnt.dll14:11:40.0723 4428 C:\Windows\System32\davclnt.dll - ok14:11:40.0723 4428 [ 02CD5B2C3B017122CAC00BDB520CD7AC ] C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorwks.dll14:11:40.0723 4428 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorwks.dll - ok14:11:40.0723 4428 [ EC6BA7C92FA5B2AA4AFDF4DF22AEDAB7 ] C:\Windows\winsxs\amd64_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.6195_none_88e41e092fab0294\msvcr80.dll14:11:40.0723 4428 C:\Windows\winsxs\amd64_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.6195_none_88e41e092fab0294\msvcr80.dll - ok14:11:40.0739 4428 [ 0AB34456654C283DAA13B8D2BA21439B ] C:\Windows\System32\wbem\repdrvfs.dll14:11:40.0739 4428 C:\Windows\System32\wbem\repdrvfs.dll - ok14:11:40.0739 4428 [ 01AEA2F16FE0C522DDFD7FAFFC959C6A ] C:\Windows\assembly\NativeImages_v2.0.50727_64\mscorlib\74a5f0c2bc0d0e6e3c4ec4886b9be891\mscorlib.ni.dll14:11:40.0739 4428 C:\Windows\assembly\NativeImages_v2.0.50727_64\mscorlib\74a5f0c2bc0d0e6e3c4ec4886b9be891\mscorlib.ni.dll - ok14:11:40.0739 4428 [ 0A94DE4AA9864D312E60D747FD249ABE ] C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsec.dll14:11:40.0739 4428 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsec.dll - ok14:11:40.0754 4428 [ 850BD2D2D9CB5894935C3B6333CAD6FD ] C:\Windows\System32\riched20.dll14:11:40.0754 4428 C:\Windows\System32\riched20.dll - ok14:11:40.0754 4428 [ 45B24A357C801CE62052FE0CDC8BD4D2 ] C:\Windows\System32\davhlpr.dll14:11:40.0754 4428 C:\Windows\System32\davhlpr.dll - ok14:11:40.0754 4428 [ 58A0CDABEA255616827B1C22C9994466 ] C:\Windows\System32\NapiNSP.dll14:11:40.0754 4428 C:\Windows\System32\NapiNSP.dll - ok14:11:40.0770 4428 [ 613C8CE10A5FDE582BA5FA64C4D56AAA ] C:\Windows\System32\pnrpnsp.dll14:11:40.0770 4428 C:\Windows\System32\pnrpnsp.dll - ok14:11:40.0770 4428 [ 28AD5E311996A34025CFB07E131058DD ] C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL14:11:40.0770 4428 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL - ok14:11:40.0770 4428 [ 70A176BF2ED362862944C371838262F8 ] C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE14:11:40.0770 4428 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE - ok14:11:40.0785 4428 [ F11A57E91FDAECFB41A5CB21EB1EBC8E ] C:\Windows\System32\dssenh.dll14:11:40.0785 4428 C:\Windows\System32\dssenh.dll - ok14:11:40.0785 4428 [ 4FDFA3F219692D17011BF1B428857C1E ] C:\Program Files\Windows Defender\MpRTP.dll14:11:40.0785 4428 C:\Program Files\Windows Defender\MpRTP.dll - ok14:11:40.0785 4428 [ 3ABB7ADB9CCBCD24D6C55201A3842A94 ] C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorjit.dll14:11:40.0785 4428 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorjit.dll - ok14:11:40.0801 4428 [ D527EF4364D2D00443470940B177EAD4 ] C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{CBDA262E-5FCC-4B41-B1E7-7BEC5A2B2BA5}\mpengine.dll14:11:40.0801 4428 C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{CBDA262E-5FCC-4B41-B1E7-7BEC5A2B2BA5}\mpengine.dll - ok14:11:40.0801 4428 [ B144A2223EF11ED42310124A7839258E ] C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{CBDA262E-5FCC-4B41-B1E7-7BEC5A2B2BA5}\mpasbase.vdm14:11:40.0801 4428 C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{CBDA262E-5FCC-4B41-B1E7-7BEC5A2B2BA5}\mpasbase.vdm - ok14:11:40.0801 4428 [ 9092F57AFC5328F9F98F0936CB4AD391 ] C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{CBDA262E-5FCC-4B41-B1E7-7BEC5A2B2BA5}\mpasdlta.vdm14:11:40.0801 4428 C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{CBDA262E-5FCC-4B41-B1E7-7BEC5A2B2BA5}\mpasdlta.vdm - ok14:11:40.0817 4428 [ C8A2FA2EE9241B8D66F9D7DE9AE34AEE ] C:\Program Files\Bonjour\mdnsNSP.dll14:11:40.0817 4428 C:\Program Files\Bonjour\mdnsNSP.dll - ok14:11:40.0817 4428 [ 88351B29B622B30962D2FEB6CA8D860B ] C:\Windows\System32\rasadhlp.dll14:11:40.0817 4428 C:\Windows\System32\rasadhlp.dll - ok14:11:40.0817 4428 [ 93BB66044FA76734E882C6F3E8EE1900 ] C:\Program Files\Windows Defender\MsMpLics.dll14:11:40.0817 4428 C:\Program Files\Windows Defender\MsMpLics.dll - ok14:11:40.0832 4428 [ 218A400108F280428FA22282D3268BBC ] C:\Windows\System32\wscapi.dll14:11:40.0832 4428 C:\Windows\System32\wscapi.dll - ok14:11:40.0832 4428 [ B84E2D174DC84916A536572BB8F691A8 ] C:\Windows\System32\wscisvif.dll14:11:40.0832 4428 C:\Windows\System32\wscisvif.dll - ok14:11:40.0832 4428 [ 6C1E3C43B35268C17833244C8ED96430 ] C:\Windows\System32\wscproxystub.dll14:11:40.0832 4428 C:\Windows\System32\wscproxystub.dll - ok14:11:40.0832 4428 [ 8BE887F1743FBB39ED2C9CA2937742D6 ] C:\Windows\assembly\NativeImages_v2.0.50727_64\System\f3888a2c7b096d416ca0cfc5405219b4\System.ni.dll14:11:40.0832 4428 C:\Windows\assembly\NativeImages_v2.0.50727_64\System\f3888a2c7b096d416ca0cfc5405219b4\System.ni.dll - ok14:11:40.0848 4428 [ 020C2F610BE801B9B50AF1BFF4A5B24B ] C:\Windows\assembly\NativeImages_v2.0.50727_64\System.ServiceProce#\c9866f6c2cae33d2c38ab32da622a167\System.ServiceProcess.ni.dll14:11:40.0848 4428 C:\Windows\assembly\NativeImages_v2.0.50727_64\System.ServiceProce#\c9866f6c2cae33d2c38ab32da622a167\System.ServiceProcess.ni.dll - ok14:11:40.0848 4428 [ DDD0357A92FA843EFF8915ED17253D6C ] C:\Windows\System32\wbem\WmiPrvSD.dll14:11:40.0848 4428 C:\Windows\System32\wbem\WmiPrvSD.dll - ok14:11:40.0848 4428 [ D41FEBD098234F02485A4EA98D4730A4 ] C:\Windows\System32\ncobjapi.dll14:11:40.0848 4428 C:\Windows\System32\ncobjapi.dll - ok14:11:40.0863 4428 [ 6F40D6FB05E0C1E5402812B426971AF0 ] C:\Windows\System32\wbem\wbemess.dll14:11:40.0863 4428 C:\Windows\System32\wbem\wbemess.dll - ok14:11:40.0863 4428 [ 5BBC951150E738F108C6D3D325BD4029 ] C:\Program Files (x86)\ASUS\EPU-4 Engine\pngio.dll14:11:40.0863 4428 C:\Program Files (x86)\ASUS\EPU-4 Engine\pngio.dll - ok14:11:40.0863 4428 [ 839F96DBAAFD3353E0B248A5E0BD2A51 ] C:\Windows\SysWOW64\rasapi32.dll14:11:40.0863 4428 C:\Windows\SysWOW64\rasapi32.dll - ok14:11:40.0879 4428 [ FFA7172354B9256DBB2CDD75F16F33FE ] C:\Windows\SysWOW64\rasman.dll14:11:40.0879 4428 C:\Windows\SysWOW64\rasman.dll - ok14:11:40.0879 4428 [ 0915C4DB6DBC3BB9E11B7ECBBE4B7159 ] C:\Windows\SysWOW64\rtutils.dll14:11:40.0879 4428 C:\Windows\SysWOW64\rtutils.dll - ok14:11:40.0879 4428 [ 6F8E3B7B70E1BBA871212940C1FBDF60 ] C:\Windows\SysWOW64\SensApi.dll14:11:40.0879 4428 C:\Windows\SysWOW64\SensApi.dll - ok14:11:40.0895 4428 [ 8C338238C16777A802D6A9211EB2BA50 ] C:\Windows\SysWOW64\netprofm.dll14:11:40.0895 4428 C:\Windows\SysWOW64\netprofm.dll - ok14:11:40.0895 4428 [ 212F87EE837B4E35E43A93BBFC44E7A7 ] C:\Windows\SysWOW64\AsIO.dll14:11:40.0895 4428 C:\Windows\SysWOW64\AsIO.dll - ok14:11:40.0895 4428 [ DC6612A9EE015A36BA2A27BC9CC12537 ] C:\Windows\SysWOW64\mfc42.dll14:11:40.0895 4428 C:\Windows\SysWOW64\mfc42.dll - ok14:11:40.0910 4428 [ 7D34AF98A706230CC2DEDFE0CABF87AB ] C:\Windows\SysWOW64\odbc32.dll14:11:40.0910 4428 C:\Windows\SysWOW64\odbc32.dll - ok14:11:40.0910 4428 [ 619A67C9F617B7E69315BB28ECD5E1DF ] C:\Windows\System32\wbem\WmiPrvSE.exe14:11:40.0910 4428 C:\Windows\System32\wbem\WmiPrvSE.exe - ok14:11:40.0910 4428 [ 6607C2182C6A53ED983813AFE2F85768 ] C:\Windows\System32\wbem\cimwin32.dll14:11:40.0910 4428 C:\Windows\System32\wbem\cimwin32.dll - ok14:11:40.0926 4428 [ 1484B9EBF567346582DE571B0E164AE0 ] C:\Windows\System32\framedynos.dll14:11:40.0926 4428 C:\Windows\System32\framedynos.dll - ok14:11:40.0926 4428 [ ABA457BFC7EC0B5E130B2F1E0F549DFF ] C:\Windows\SysWOW64\odbcint.dll14:11:40.0926 4428 C:\Windows\SysWOW64\odbcint.dll - ok14:11:40.0926 4428 [ CDAD3376DFF3D9AC7FDCBE2B94B0D3C8 ] C:\Windows\System32\shfolder.dll14:11:40.0926 4428 C:\Windows\System32\shfolder.dll - ok14:11:40.0926 4428 [ 06EBB2B3F1588E6182C67F6D95F151EA ] C:\Program Files\COMODO\COMODO Internet Security\platform.dll14:11:40.0926 4428 C:\Program Files\COMODO\COMODO Internet Security\platform.dll - ok14:11:40.0941 4428 [ 6D8F59648536E150DC5543E439281AE3 ] C:\Program Files\COMODO\COMODO Internet Security\scanners\common.cav14:11:40.0941 4428 C:\Program Files\COMODO\COMODO Internet Security\scanners\common.cav - ok14:11:40.0941 4428 [ 73EC75C38053596DBE594D63E4CD3E79 ] C:\Program Files\COMODO\COMODO Internet Security\signmgr.dll14:11:40.0941 4428 C:\Program Files\COMODO\COMODO Internet Security\signmgr.dll - ok14:11:40.0941 4428 [ 77A0AC6A3031FEFCBE2B7A52F4E8C0D3 ] C:\Program Files\COMODO\COMODO Internet Security\scanners\fileid.cav14:11:40.0941 4428 C:\Program Files\COMODO\COMODO Internet Security\scanners\fileid.cav - ok14:11:40.0957 4428 [ B598F178B9454BA8700EC7FA16FD4284 ] C:\Program Files\COMODO\COMODO Internet Security\scanners\pkann.dll14:11:40.0957 4428 C:\Program Files\COMODO\COMODO Internet Security\scanners\pkann.dll - ok14:11:40.0957 4428 [ 6A9178ADC5A029992399B76AE5E5E96E ] C:\Program Files\COMODO\COMODO Internet Security\scanners\mach32.dll14:11:40.0957 4428 C:\Program Files\COMODO\COMODO Internet Security\scanners\mach32.dll - ok14:11:40.0957 4428 [ DDABE79024A488DBBB7DE369FA22A93D ] C:\Program Files\COMODO\COMODO Internet Security\scanners\white.cav14:11:40.0957 4428 C:\Program Files\COMODO\COMODO Internet Security\scanners\white.cav - ok14:11:40.0973 4428 [ 2E2072EB48238FCA8FBB7A9F5FABAC45 ] C:\Windows\System32\winrnr.dll14:11:40.0973 4428 C:\Windows\System32\winrnr.dll - ok14:11:40.0973 4428 [ A4B3A9FFA483F8CB36E56C19448DDE36 ] C:\Windows\assembly\NativeImages_v2.0.50727_64\System.Xml\52e2da35b160dbd254683f72a0f1b937\System.Xml.ni.dll14:11:40.0973 4428 C:\Windows\assembly\NativeImages_v2.0.50727_64\System.Xml\52e2da35b160dbd254683f72a0f1b937\System.Xml.ni.dll - ok14:11:40.0973 4428 [ 0017163E0D5985168792BEE5CF70D5DF ] C:\Windows\Microsoft.NET\Framework64\v2.0.50727\diasymreader.dll14:11:40.0973 4428 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\diasymreader.dll - ok14:11:40.0988 4428 [ 5DCD11D0B1CB71E2B035B30670365C35 ] C:\Windows\assembly\NativeImages_v2.0.50727_64\System.Runtime.Remo#\6c3851b925e2a31ddefb3d36bb9163cb\System.Runtime.Remoting.ni.dll14:11:40.0988 4428 C:\Windows\assembly\NativeImages_v2.0.50727_64\System.Runtime.Remo#\6c3851b925e2a31ddefb3d36bb9163cb\System.Runtime.Remoting.ni.dll - ok14:11:40.0988 4428 [ 08C2957BB30058E663720C5606885653 ] C:\Windows\System32\iphlpsvc.dll14:11:40.0988 4428 C:\Windows\System32\iphlpsvc.dll - ok14:11:40.0988 4428 [ B4ADEBBF5E3677CCE9651E0F01F7CC28 ] C:\Windows\System32\drivers\srv2.sys14:11:40.0988 4428 C:\Windows\System32\drivers\srv2.sys - ok14:11:41.0004 4428 [ 1EF54B3220EBF3794439EB072B350F3E ] C:\Program Files\Windows Home Server\WHSConnector.exe14:11:41.0004 4428 C:\Program Files\Windows Home Server\WHSConnector.exe - ok14:11:41.0004 4428 [ AB92BDA9FF444B39D22E94DC9D233CF4 ] C:\Program Files\Windows Home Server\PartnerManager.dll14:11:41.0004 4428 C:\Program Files\Windows Home Server\PartnerManager.dll - ok14:11:41.0004 4428 [ 441FBA48BFF01FDB9D5969EBC1838F0B ] C:\Windows\System32\drivers\srv.sys14:11:41.0004 4428 C:\Windows\System32\drivers\srv.sys - ok14:11:41.0019 4428 [ 222D7D2B40F376038320668F7A909B36 ] C:\Program Files\Windows Home Server\WSCSource.dll14:11:41.0019 4428 C:\Program Files\Windows Home Server\WSCSource.dll - ok14:11:41.0019 4428 [ 27B9E163740A226B65E4B9E186117911 ] C:\Windows\System32\sqmapi.dll14:11:41.0019 4428 C:\Windows\System32\sqmapi.dll - ok14:11:41.0019 4428 [ 7B38D7916A7CD058C16A0A6CA5077901 ] C:\Windows\System32\wdscore.dll14:11:41.0019 4428 C:\Windows\System32\wdscore.dll - ok14:11:41.0035 4428 [ 814A7F6D222E65B065F139D891203656 ] C:\Program Files\Windows Home Server\WHSNotificationFactory.dll14:11:41.0035 4428 C:\Program Files\Windows Home Server\WHSNotificationFactory.dll - ok14:11:41.0035 4428 [ 1DB725C6D5B8EF722B0A4CD8A3B51F27 ] C:\Program Files\Windows Home Server\WHSNotificationSource.dll14:11:41.0035 4428 C:\Program Files\Windows Home Server\WHSNotificationSource.dll - ok14:11:41.0035 4428 [ 75131819FDCDA81739B1BE87DFD45F4A ] C:\Windows\assembly\NativeImages_v2.0.50727_64\ehRecObj\c241cc03e9b5ac3666acb0e2ab47965b\ehRecObj.ni.dll14:11:41.0035 4428 C:\Windows\assembly\NativeImages_v2.0.50727_64\ehRecObj\c241cc03e9b5ac3666acb0e2ab47965b\ehRecObj.ni.dll - ok14:11:41.0051 4428 [ EE867A0870FC9E4972BA9EAAD35651E2 ] C:\Windows\System32\rasmans.dll14:11:41.0051 4428 C:\Windows\System32\rasmans.dll - ok14:11:41.0051 4428 [ D9F42719019740BAA6D1C6D536CBDAA6 ] C:\Windows\System32\srvsvc.dll14:11:41.0051 4428 C:\Windows\System32\srvsvc.dll - ok14:11:41.0051 4428 [ 05F5A0D14A2EE1D8255C2AA0E9E8E694 ] C:\Windows\System32\browser.dll14:11:41.0051 4428 C:\Windows\System32\browser.dll - ok14:11:41.0066 4428 [ CFEFA40DDE34659BE5211966EAD86437 ] C:\Windows\System32\netmsg.dll14:11:41.0066 4428 C:\Windows\System32\netmsg.dll - ok14:11:41.0066 4428 [ 44C96B48112EB24AE7764EBF1C527000 ] C:\Windows\System32\rastapi.dll14:11:41.0066 4428 C:\Windows\System32\rastapi.dll - ok14:11:41.0066 4428 [ FAFAE01E889DC9C05A6CA2138CFC220B ] C:\Windows\System32\tapi32.dll14:11:41.0066 4428 C:\Windows\System32\tapi32.dll - ok14:11:41.0082 4428 [ 03706015DB44368375AEBE6339490E66 ] C:\Windows\System32\netcfgx.dll14:11:41.0082 4428 C:\Windows\System32\netcfgx.dll - ok14:11:41.0082 4428 [ 60666289DB3D58D68DCC2C6A54703BC0 ] C:\Windows\assembly\NativeImages_v2.0.50727_64\mcstore\9a109c70eea14b5006fbce07e1db37b5\mcstore.ni.dll14:11:41.0082 4428 C:\Windows\assembly\NativeImages_v2.0.50727_64\mcstore\9a109c70eea14b5006fbce07e1db37b5\mcstore.ni.dll - ok14:11:41.0082 4428 [ 5F28111C648F1E24F7DBC87CDEB091B8 ] C:\Windows\System32\netprofm.dll14:11:41.0082 4428 C:\Windows\System32\netprofm.dll - ok14:11:41.0082 4428 [ 3B367397320C26DBA890B260F80D1B1B ] C:\Windows\System32\hnetcfg.dll14:11:41.0082 4428 C:\Windows\System32\hnetcfg.dll - ok14:11:41.0097 4428 [ D2A0FFA75AB181B19B5EB93BB29C7686 ] C:\Windows\System32\unimdm.tsp14:11:41.0097 4428 C:\Windows\System32\unimdm.tsp - ok14:11:41.0097 4428 [ 81749E073AC5857B044A686B406E5244 ] C:\Windows\System32\clusapi.dll14:11:41.0097 4428 C:\Windows\System32\clusapi.dll - ok14:11:41.0097 4428 [ FF80CAD87555E8E4D2CFD7B9058343F8 ] C:\Windows\System32\sscore.dll14:11:41.0097 4428 C:\Windows\System32\sscore.dll - ok14:11:41.0113 4428 [ 344FCC9850C3A8A3B4D3C65151AF8E4C ] C:\Windows\System32\resutils.dll14:11:41.0113 4428 C:\Windows\System32\resutils.dll - ok14:11:41.0113 4428 [ FEB91B4DA0D540865260A33838654FA3 ] C:\Windows\System32\nci.dll14:11:41.0113 4428 C:\Windows\System32\nci.dll - ok14:11:41.0113 4428 [ 94B7DF336815B47236724019FAB24B7C ] C:\Windows\System32\uniplat.dll14:11:41.0113 4428 C:\Windows\System32\uniplat.dll - ok14:11:41.0129 4428 [ 41326DD08ACC0CDC5F8177AF96C066E8 ] C:\Windows\System32\kmddsp.tsp14:11:41.0129 4428 C:\Windows\System32\kmddsp.tsp - ok14:11:41.0129 4428 [ 1D6BC2769DA66C1145F4DA5A65F52E61 ] C:\Windows\System32\ndptsp.tsp14:11:41.0129 4428 C:\Windows\System32\ndptsp.tsp - ok14:11:41.0129 4428 [ 7C1BAE7D23D4874FEE256A2B9C00E019 ] C:\Windows\System32\hidphone.tsp14:11:41.0129 4428 C:\Windows\System32\hidphone.tsp - ok14:11:41.0129 4428 [ A717A35120DBAB5AB707AB40662AF9DD ] C:\Windows\System32\rasppp.dll14:11:41.0129 4428 C:\Windows\System32\rasppp.dll - ok14:11:41.0144 4428 [ 0FE5CD5F9C9248F42D1EF56E495B182E ] C:\Windows\System32\vpnike.dll14:11:41.0144 4428 C:\Windows\System32\vpnike.dll - ok14:11:41.0144 4428 [ 6A84E68B538B8B04608BF2F0D426CE6F ] C:\Windows\System32\raschap.dll14:11:41.0144 4428 C:\Windows\System32\raschap.dll - ok14:11:41.0144 4428 [ A53B66A443C2B313B12A27A07133594D ] C:\Windows\assembly\NativeImages_v2.0.50727_64\Microsoft.MediaCent#\99adaa00da8830c264898b126ad2af54\Microsoft.MediaCenter.UI.ni.dll14:11:41.0144 4428 C:\Windows\assembly\NativeImages_v2.0.50727_64\Microsoft.MediaCent#\99adaa00da8830c264898b126ad2af54\Microsoft.MediaCenter.UI.ni.dll - ok14:11:41.0160 4428 [ DC3E0DFB43ED05FF8290B38E3F94C0DE ] C:\Windows\ehome\ehepgres.dll14:11:41.0160 4428 C:\Windows\ehome\ehepgres.dll - ok14:11:41.0160 4428 [ B95F6501A2F8B2E78C697FEC401970CE ] C:\Windows\System32\ipnathlp.dll14:11:41.0160 4428 C:\Windows\System32\ipnathlp.dll - ok14:11:41.0160 4428 [ 2DF29664ED261F0FC448E58F338F0671 ] C:\Windows\System32\mprapi.dll14:11:41.0160 4428 C:\Windows\System32\mprapi.dll - ok14:11:41.0175 4428 [ A42F2C1EB3B66C54FB3C7B79D30C1A6D ] C:\Windows\System32\netshell.dll14:11:41.0175 4428 C:\Windows\System32\netshell.dll - ok14:11:41.0175 4428 [ 2E648163254233755035B46DD7B89123 ] C:\Windows\System32\termsrv.dll14:11:41.0175 4428 C:\Windows\System32\termsrv.dll - ok14:11:41.0175 4428 [ BF1FC3F79B863C914687A737C2F3D681 ] C:\Windows\System32\wdi.dll14:11:41.0175 4428 C:\Windows\System32\wdi.dll - ok14:11:41.0191 4428 [ F7073C962C4FB7C415565DDE109DE49F ] C:\Windows\System32\npmproxy.dll14:11:41.0191 4428 C:\Windows\System32\npmproxy.dll - ok14:11:41.0191 4428 [ BD9EB3958F213F96B97B1D897DEE006D ] C:\Windows\System32\hidserv.dll14:11:41.0191 4428 C:\Windows\System32\hidserv.dll - ok14:11:41.0191 4428 [ 51B52FBD583CDE8AA9BA62B8B4298F33 ] C:\Windows\System32\ssdpsrv.dll14:11:41.0191 4428 C:\Windows\System32\ssdpsrv.dll - ok14:11:41.0191 4428 [ 93221146D4EBBF314C29B23CD6CC391D ] C:\Windows\System32\wpdbusenum.dll14:11:41.0191 4428 C:\Windows\System32\wpdbusenum.dll - ok14:11:41.0207 4428 [ 3977D4A871CA0D4F2ED1E7DB46829731 ] C:\Windows\System32\appinfo.dll14:11:41.0207 4428 C:\Windows\System32\appinfo.dll - ok14:11:41.0207 4428 [ 15E298B5EC5B89C5994A59863969D9FF ] C:\Windows\SysWOW64\npmproxy.dll14:11:41.0207 4428 C:\Windows\SysWOW64\npmproxy.dll - ok14:11:41.0207 4428 [ BF4AC709BE5BF64F331F5D67773A0C82 ] C:\Windows\System32\perftrack.dll14:11:41.0207 4428 C:\Windows\System32\perftrack.dll - ok14:11:41.0222 4428 [ 4449D23E8F197862F1B16F1E6C89C36C ] C:\Windows\System32\diagperf.dll14:11:41.0222 4428 C:\Windows\System32\diagperf.dll - ok14:11:41.0222 4428 [ 7E236CC26FF0C2513819FA453E2C5371 ] C:\Windows\System32\icaapi.dll14:11:41.0222 4428 C:\Windows\System32\icaapi.dll - ok14:11:41.0222 4428 [ 988121D083B7AB61D4A7E244290BAAB0 ] C:\Windows\System32\lsmproxy.dll14:11:41.0222 4428 C:\Windows\System32\lsmproxy.dll - ok14:11:41.0238 4428 [ 9719E3D834F5C8C43F56A93DFA497023 ] C:\Windows\System32\pnpts.dll14:11:41.0238 4428 C:\Windows\System32\pnpts.dll - ok14:11:41.0238 4428 [ 46863C4CC5B68EB09EA2D5EEF0F1193A ] C:\Windows\System32\radardt.dll14:11:41.0238 4428 C:\Windows\System32\radardt.dll - ok14:11:41.0238 4428 [ E811F8510B133E70CF6E509FB809824F ] C:\Windows\System32\wdiasqmmodule.dll14:11:41.0238 4428 C:\Windows\System32\wdiasqmmodule.dll - ok14:11:41.0253 4428 [ E377BBA01F34E4183C32E5BBD688CE83 ] C:\Windows\System32\regapi.dll14:11:41.0253 4428 C:\Windows\System32\regapi.dll - ok14:11:41.0253 4428 [ 4F15D75ADF6156BF56ECED6D4A55C389 ] C:\Windows\System32\IPSECSVC.DLL14:11:41.0253 4428 C:\Windows\System32\IPSECSVC.DLL - ok14:11:41.0253 4428 [ 92E0508D924512F63FFEEFE498CBD11F ] C:\Windows\System32\p2pcollab.dll14:11:41.0253 4428 C:\Windows\System32\p2pcollab.dll - ok14:11:41.0269 4428 [ 5B236296E233CAA6BF86BE0C6501A224 ] C:\Windows\System32\rdpcorekmts.dll14:11:41.0269 4428 C:\Windows\System32\rdpcorekmts.dll - ok14:11:41.0269 4428 [ 6D5DCC1579B3961D791ABDE286A1CB5E ] C:\Windows\System32\rdpwsx.dll14:11:41.0269 4428 C:\Windows\System32\rdpwsx.dll - ok14:11:41.0269 4428 [ 1B6163C503398B23FF8B939C67747683 ] C:\Windows\System32\drivers\rdpdr.sys14:11:41.0269 4428 C:\Windows\System32\drivers\rdpdr.sys - ok14:11:41.0269 4428 [ 582AC6D9873E31DFA28A4547270862DD ] C:\Windows\System32\QAGENTRT.DLL14:11:41.0269 4428 C:\Windows\System32\QAGENTRT.DLL - ok14:11:41.0285 4428 [ 1B4A711265FEA91259553D7B4E83394B ] C:\Windows\System32\tlscsp.dll14:11:41.0285 4428 C:\Windows\System32\tlscsp.dll - ok14:11:41.0285 4428 [ 506A83A3BEEE9FCA09F0170DE9FC7D1B ] C:\Windows\System32\fveui.dll14:11:41.0285 4428 C:\Windows\System32\fveui.dll - ok14:11:41.0285 4428 [ F17D1D393BBC69C5322FBFAFACA28C7F ] C:\Windows\System32\certprop.dll14:11:41.0285 4428 C:\Windows\System32\certprop.dll - ok14:11:41.0300 4428 [ 51C5ECEB1CDEE2468A1748BE550CFBC8 ] C:\Windows\System32\drivers\tdtcp.sys14:11:41.0300 4428 C:\Windows\System32\drivers\tdtcp.sys - ok14:11:41.0300 4428 [ CE18B2CDFC837C99E5FAE9CA6CBA5D30 ] C:\Windows\System32\drivers\tssecsrv.sys14:11:41.0300 4428 C:\Windows\System32\drivers\tssecsrv.sys - ok14:11:41.0300 4428 [ 0B6231BF38174A1628C4AC812CC75804 ] C:\Windows\System32\SessEnv.dll14:11:41.0300 4428 C:\Windows\System32\SessEnv.dll - ok14:11:41.0316 4428 [ E61608AA35E98999AF9AAEEEA6114B0A ] C:\Windows\System32\drivers\rdpwd.sys14:11:41.0316 4428 C:\Windows\System32\drivers\rdpwd.sys - ok14:11:41.0316 4428 [ 025E7DBDB98866ED3CB2D4DDA70B364D ] C:\Windows\System32\runonce.exe14:11:41.0316 4428 C:\Windows\System32\runonce.exe - ok14:11:41.0316 4428 [ D44741F65A1D71F65814A12CF6E2400A ] C:\Windows\SysWOW64\runonce.exe14:11:41.0316 4428 C:\Windows\SysWOW64\runonce.exe - ok14:11:41.0331 4428 [ 12C45E3CB6D65F73209549E2D02ECA7A ] C:\Windows\SysWOW64\propsys.dll14:11:41.0331 4428 C:\Windows\SysWOW64\propsys.dll - ok14:11:41.0331 4428 [ AD7B9C14083B52BC532FBA5948342B98 ] C:\Windows\SysWOW64\cmd.exe14:11:41.0331 4428 C:\Windows\SysWOW64\cmd.exe - ok14:11:41.0331 4428 [ 326C7F76A29897A892AA7726E91C1C67 ] C:\Windows\SysWOW64\winbrand.dll14:11:41.0331 4428 C:\Windows\SysWOW64\winbrand.dll - ok14:11:41.0347 4428 [ 4B78B431F225FD8624C5655CB1DE7B61 ] C:\Windows\System32\aelupsvc.dll14:11:41.0347 4428 C:\Windows\System32\aelupsvc.dll - ok14:11:41.0347 4428 [ 37F358CBD2A1D82C56A542325DA6D368 ] C:\Windows\SysWOW64\ieframe.dll14:11:41.0347 4428 C:\Windows\SysWOW64\ieframe.dll - ok14:11:41.0347 4428 [ E64D9EC8018C55873B40FDEE9DBEF5B3 ] C:\Windows\System32\PortableDeviceApi.dll14:11:41.0347 4428 C:\Windows\System32\PortableDeviceApi.dll - ok14:11:41.0363 4428 [ 9BC93C9ACFA34DB5A41B89357B31E4ED ] C:\Windows\System32\FwRemoteSvr.dll14:11:41.0363 4428 C:\Windows\System32\FwRemoteSvr.dll - ok14:11:41.0363 4428 [ 8E01332CC4B68BC6B5B7EFFE374442AA ] C:\Windows\SysWOW64\oleacc.dll14:11:41.0363 4428 C:\Windows\SysWOW64\oleacc.dll - ok14:11:41.0363 4428 [ BE247AE996A9FDE007A27B51413A6C79 ] C:\Windows\SysWOW64\shdocvw.dll14:11:41.0363 4428 C:\Windows\SysWOW64\shdocvw.dll - ok14:11:41.0363 4428 [ EBC984F0CE40E0DAF0454D806EC2A7EC ] C:\Users\Webb\AppData\Local\Temp\D7571601-6271-4813-84C6-6B3CD7101659.exe14:11:41.0363 4428 C:\Users\Webb\AppData\Local\Temp\D7571601-6271-4813-84C6-6B3CD7101659.exe - ok14:11:41.0378 4428 [ 10F815BE90A66AAFC6C713D1BD626064 ] C:\Windows\System32\pnidui.dll14:11:41.0378 4428 C:\Windows\System32\pnidui.dll - ok14:11:41.0378 4428 [ 591FE0A6CEB19BF886CEB1331F591940 ] C:\Windows\SysWOW64\ncrypt.dll14:11:41.0378 4428 C:\Windows\SysWOW64\ncrypt.dll - ok14:11:41.0378 4428 [ CE71B9119A258EDD0A05B37D7B0F92E3 ] C:\Windows\SysWOW64\bcrypt.dll14:11:41.0378 4428 C:\Windows\SysWOW64\bcrypt.dll - ok14:11:41.0394 4428 [ E8449FE262D7406BCB2AC2A45C53EC5F ] C:\Windows\SysWOW64\bcryptprimitives.dll14:11:41.0394 4428 C:\Windows\SysWOW64\bcryptprimitives.dll - ok14:11:41.0394 4428 [ 1097F3035BAF46CED8B332B3564C5108 ] C:\Windows\SysWOW64\gpapi.dll14:11:41.0394 4428 C:\Windows\SysWOW64\gpapi.dll - ok14:11:41.0394 4428 [ CA79539D3D4C0BA66F0F051A5EE5E923 ] C:\Windows\SysWOW64\cryptnet.dll14:11:41.0394 4428 C:\Windows\SysWOW64\cryptnet.dll - ok14:11:41.0409 4428 [ 1DB71A41DAEE6B3F8CD0DDA8209FA2D5 ] C:\Windows\SysWOW64\WindowsCodecs.dll14:11:41.0409 4428 C:\Windows\SysWOW64\WindowsCodecs.dll - ok14:11:41.0409 4428 [ 846D0E4DB261CFAF363902E41498E961 ] C:\Windows\SysWOW64\EhStorShell.dll14:11:41.0409 4428 C:\Windows\SysWOW64\EhStorShell.dll - ok14:11:41.0409 4428 [ 03F3B770DFBED6131653CEDA8CA780F0 ] C:\Windows\SysWOW64\ntshrui.dll14:11:41.0409 4428 C:\Windows\SysWOW64\ntshrui.dll - ok14:11:41.0425 4428 [ 827CB0D6C3F8057EA037FF271F8E9795 ] C:\Windows\SysWOW64\imageres.dll14:11:41.0425 4428 C:\Windows\SysWOW64\imageres.dll - ok14:11:41.0425 4428 [ 8B74CEC6980D4816B0037AE9A27E538F ] C:\Windows\SysWOW64\slc.dll14:11:41.0425 4428 C:\Windows\SysWOW64\slc.dll - ok14:11:41.0425 4428 [ 1EB82516F21F27EED1833B4F9FD9614E ] C:\Windows\System32\wmp.dll14:11:41.0425 4428 C:\Windows\System32\wmp.dll - ok14:11:41.0425 4428 [ A293DCD756D04D8492A750D03B9A297C ] C:\Windows\System32\umrdp.dll14:11:41.0425 4428 C:\Windows\System32\umrdp.dll - ok14:11:41.0441 4428 [ E1B22739C933BE33F53DB58C5393ADD3 ] C:\Windows\System32\Apphlpdm.dll14:11:41.0441 4428 C:\Windows\System32\Apphlpdm.dll - ok14:11:41.0441 4428 [ AFA79C343F9D1555F7E5D5FA70BB2A14 ] C:\Windows\System32\PortableDeviceConnectApi.dll14:11:41.0441 4428 C:\Windows\System32\PortableDeviceConnectApi.dll - ok14:11:41.0441 4428 [ 45CFBFA8EDC3DF4E2B7FB0D0260FE051 ] C:\Windows\System32\localspl.dll14:11:41.0441 4428 C:\Windows\System32\localspl.dll - ok14:11:41.0456 4428 [ C5AC93CF3BA30D367FB49148A2B673B9 ] C:\Windows\System32\PrintIsolationProxy.dll14:11:41.0456 4428 C:\Windows\System32\PrintIsolationProxy.dll - ok14:11:41.0456 4428 [ 3285481F5C12305CA104A6C493CA5A0B ] C:\Windows\System32\spoolss.dll14:11:41.0456 4428 C:\Windows\System32\spoolss.dll - ok14:11:41.0456 4428 [ EC98366AD462383659681BDFFD384CED ] C:\Windows\System32\CNBLM4.DLL14:11:41.0456 4428 C:\Windows\System32\CNBLM4.DLL - ok14:11:41.0472 4428 [ 19E41CCCEE697CC9465396B370929792 ] C:\Windows\System32\FXSMON.dll14:11:41.0472 4428 C:\Windows\System32\FXSMON.dll - ok14:11:41.0472 4428 [ 32A3C8600AF124CBAAD845F13CFAE3CB ] C:\Windows\System32\tcpmon.dll14:11:41.0472 4428 C:\Windows\System32\tcpmon.dll - ok14:11:41.0472 4428 [ 93518C6EDE0B61BCBD02BDB02BD05FEE ] C:\Windows\System32\snmpapi.dll14:11:41.0472 4428 C:\Windows\System32\snmpapi.dll - ok14:11:41.0487 4428 [ FFF9D00CF16397C64317F213484F94BD ] C:\Windows\System32\wsnmp32.dll14:11:41.0487 4428 C:\Windows\System32\wsnmp32.dll - ok14:11:41.0487 4428 [ DF72A9936D0C3F517083119648814B09 ] C:\Windows\System32\usbmon.dll14:11:41.0487 4428 C:\Windows\System32\usbmon.dll - ok14:11:41.0487 4428 [ A1D7E3ADCDB07DDB6F423862DCB1A52B ] C:\Windows\System32\WSDMon.dll14:11:41.0487 4428 C:\Windows\System32\WSDMon.dll - ok14:11:41.0487 4428 [ 4581716B4BF76ACFD8E167EB0B26D82A ] C:\Windows\System32\fdPnp.dll14:11:41.0487 4428 C:\Windows\System32\fdPnp.dll - ok14:11:41.0503 4428 [ 1D626FE2E13C1CE49CA0136CFF214E93 ] C:\Windows\System32\spool\prtprocs\x64\winprint.dll14:11:41.0503 4428 C:\Windows\System32\spool\prtprocs\x64\winprint.dll - ok14:11:41.0503 4428 [ 389B0EEE1FFB490D76A556F04C0B268E ] C:\Windows\System32\spool\prtprocs\x64\CNBPP4.DLL14:11:41.0503 4428 C:\Windows\System32\spool\prtprocs\x64\CNBPP4.DLL - ok14:11:41.0503 4428 [ 507D5567A0A4EE86C4B0CE2CE1777025 ] C:\Windows\System32\inetpp.dll14:11:41.0503 4428 C:\Windows\System32\inetpp.dll - ok14:11:41.0519 4428 [ 548CB980D7876E207CC9F8B60C1587A3 ] C:\Windows\System32\win32spl.dll14:11:41.0519 4428 C:\Windows\System32\win32spl.dll - ok14:11:41.0519 4428 [ E629F1A051C82795DDFFD3E8D4855811 ] C:\Windows\System32\dimsjob.dll14:11:41.0519 4428 C:\Windows\System32\dimsjob.dll - ok14:11:41.0519 4428 [ 35CB97CBC3EDC463418ED4997AAB29B6 ] C:\Windows\System32\pautoenr.dll14:11:41.0519 4428 C:\Windows\System32\pautoenr.dll - ok14:11:41.0534 4428 [ 94DFBB481BF51158B216E23C5C1C9D6E ] C:\Windows\System32\certcli.dll14:11:41.0534 4428 C:\Windows\System32\certcli.dll - ok14:11:41.0534 4428 [ 263B26106606A010CF877472B535E4BB ] C:\Windows\System32\CertEnroll.dll14:11:41.0534 4428 C:\Windows\System32\CertEnroll.dll - ok14:11:41.0534 4428 [ 162D247E995EAEBF3EF4289069E1111C ] C:\Windows\SysWOW64\devrtl.dll14:11:41.0534 4428 C:\Windows\SysWOW64\devrtl.dll - ok14:11:41.0550 4428 [ D56C13F26ADCB3BC0455DB42883F6E7D ] C:\Windows\System32\iedkcs32.dll14:11:41.0550 4428 C:\Windows\System32\iedkcs32.dll - ok14:11:41.0550 4428 [ 6D220604AA4240303DD8DEAEAB428377 ] C:\Windows\System32\ie4uinit.exe14:11:41.0550 4428 C:\Windows\System32\ie4uinit.exe - ok14:11:41.0550 4428 [ 2C647ABE9A424E55B5F3DAE4629B4277 ] C:\Windows\System32\themeui.dll14:11:41.0550 4428 C:\Windows\System32\themeui.dll - ok14:11:41.0565 4428 [ FB10715E4099AF9FA389C71873245226 ] C:\Windows\System32\timedate.cpl14:11:41.0565 4428 C:\Windows\System32\timedate.cpl - ok14:11:41.0565 4428 [ E6F0F82788E8BD0F7A616350EFA0761C ] C:\Windows\System32\actxprxy.dll14:11:41.0565 4428 C:\Windows\System32\actxprxy.dll - ok14:11:41.0565 4428 [ C4F40F6CACD796A8E16671D0E9A2F319 ] C:\Windows\System32\shdocvw.dll14:11:41.0565 4428 C:\Windows\System32\shdocvw.dll - ok14:11:41.0581 4428 [ A0A65D306A5490D2EB8E7DE66898ECFD ] C:\Windows\System32\linkinfo.dll14:11:41.0581 4428 C:\Windows\System32\linkinfo.dll - ok14:11:41.0581 4428 [ 3504B34CD2DE00BA3CC1A195F1B739BD ] C:\Windows\System32\gameux.dll14:11:41.0581 4428 C:\Windows\System32\gameux.dll - ok14:11:41.0581 4428 [ 1EAC1A8CA6874BF5B15E2EFB9A9A7B86 ] C:\Windows\System32\msftedit.dll14:11:41.0581 4428 C:\Windows\System32\msftedit.dll - ok14:11:41.0581 4428 [ 7CB3ACB163DE051169095DC6507B8977 ] C:\Windows\System32\msls31.dll14:11:41.0581 4428 C:\Windows\System32\msls31.dll - ok14:11:41.0597 4428 [ 7DBA84667DC18877AEF693E3543DFAD7 ] C:\Program Files\Common Files\Microsoft Shared\ink\tiptsf.dll14:11:41.0597 4428 C:\Program Files\Common Files\Microsoft Shared\ink\tiptsf.dll - ok14:11:41.0597 4428 [ 69754747274B76E7FAF287239333D7E6 ] C:\Windows\System32\msiltcfg.dll14:11:41.0597 4428 C:\Windows\System32\msiltcfg.dll - ok14:11:41.0597 4428 [ 4C2C4640BF23AAFCF90519E0F34436CE ] C:\Windows\System32\DeviceCenter.dll14:11:41.0597 4428 C:\Windows\System32\DeviceCenter.dll - ok14:11:41.0612 4428 [ 405F4D32D2185F1F1BD753D8EEAFFB3A ] C:\Windows\System32\networkexplorer.dll14:11:41.0612 4428 C:\Windows\System32\networkexplorer.dll - ok14:11:41.0612 4428 [ 4F7A4BC2C730D881C48D22A6E7EF547C ] C:\Program Files\COMODO\COMODO Internet Security\cfp.exe14:11:41.0612 4428 C:\Program Files\COMODO\COMODO Internet Security\cfp.exe - ok14:11:41.0612 4428 [ 24F4B480F335A6C724AF352253C5D98B ] C:\Windows\System32\thumbcache.dll14:11:41.0612 4428 C:\Windows\System32\thumbcache.dll - ok14:11:41.0628 4428 [ 263E9A047D17CD50BAA9D3C02910D18D ] C:\Windows\System32\oledlg.dll14:11:41.0628 4428 C:\Windows\System32\oledlg.dll - ok14:11:41.0628 4428 [ 4B4F81C294B9A07479F4F4F8FF20E58C ] C:\Program Files (x86)\Garmin\gStart.exe14:11:41.0628 4428 C:\Program Files (x86)\Garmin\gStart.exe - ok14:11:41.0628 4428 [ 32DA0F05975B3426C0AD76296ABF3073 ] C:\Program Files (x86)\Garmin\gStart_Lang.dll14:11:41.0628 4428 C:\Program Files (x86)\Garmin\gStart_Lang.dll - ok14:11:41.0643 4428 [ 17482ECBD12AF528EA626CFA87361BB0 ] C:\Program Files (x86)\Air Mouse\Air Mouse\Air Mouse.exe14:11:41.0643 4428 C:\Program Files (x86)\Air Mouse\Air Mouse\Air Mouse.exe - ok14:11:41.0643 4428 [ E999032BA2304BFAA471AE444AE86C49 ] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe14:11:41.0643 4428 C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe - ok14:11:41.0643 4428 [ 0AEE5668EB59912F32FF245BFA72465F ] C:\Program Files (x86)\QuickTime\QTTask.exe14:11:41.0643 4428 C:\Program Files (x86)\QuickTime\QTTask.exe - ok14:11:41.0659 4428 [ 0B5511674394666E9D221F8681B2C2E6 ] C:\Windows\System32\consent.exe14:11:41.0659 4428 C:\Windows\System32\consent.exe - ok14:11:41.0659 4428 [ EAAD988F5D1C6904DF8D59382D326371 ] C:\Windows\SysWOW64\atiadlxy.dll14:11:41.0659 4428 C:\Windows\SysWOW64\atiadlxy.dll - ok14:11:41.0659 4428 [ 0CFBE2D135A73CA98381FC8CC8BC5A03 ] C:\Program Files (x86)\iTunes\iTunesHelper.exe14:11:41.0659 4428 C:\Program Files (x86)\iTunes\iTunesHelper.exe - ok14:11:41.0659 4428 [ 18673B7DDECFB675A989EB2B7C51A7F1 ] C:\Program Files\COMODO\COMODO Internet Security\cmdhtml.dll14:11:41.0659 4428 C:\Program Files\COMODO\COMODO Internet Security\cmdhtml.dll - ok14:11:41.0675 4428 [ 55520AF0F65D5BD7A337DCEDDE886125 ] C:\Program Files (x86)\iTunes\iTunesHelper.dll14:11:41.0675 4428 C:\Program Files (x86)\iTunes\iTunesHelper.dll - ok14:11:41.0675 4428 [ 848BC9A0BB2361E549FD4C22D7548FB8 ] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\AppleVersions.dll14:11:41.0675 4428 C:\Program Files (x86)\Common Files\Apple\Apple Application Support\AppleVersions.dll - ok14:11:41.0675 4428 [ 795AEA2511A1C5082FA690D6BD8D202E ] C:\Program Files (x86)\iTunes\iTunesHelper.Resources\iTunesHelper.dll14:11:41.0675 4428 C:\Program Files (x86)\iTunes\iTunesHelper.Resources\iTunesHelper.dll - ok14:11:41.0690 4428 [ E7704CBF568815C1CAA6E513387BD3F2 ] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe14:11:41.0690 4428 C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe - ok14:11:41.0690 4428 [ 4F99047D255B77FDA6E51EA97721E3D8 ] C:\Program Files (x86)\iTunes\iTunesHelper.Resources\en.lproj\iTunesHelperLocalized.dll14:11:41.0690 4428 C:\Program Files (x86)\iTunes\iTunesHelper.Resources\en.lproj\iTunesHelperLocalized.dll - ok14:11:41.0690 4428 [ 1EAE09FD191DA65EFF54AF9A2E899711 ] C:\Program Files (x86)\Sierra Wireless Inc\Watcher\WaHelper.exe14:11:41.0690 4428 C:\Program Files (x86)\Sierra Wireless Inc\Watcher\WaHelper.exe - ok14:11:41.0706 4428 [ 505F022493D471025ADD399A4162208B ] C:\Program Files (x86)\Adobe\Reader 9.0\Reader\reader_sl.exe14:11:41.0706 4428 C:\Program Files (x86)\Adobe\Reader 9.0\Reader\reader_sl.exe - ok14:11:41.0706 4428 [ B8E421C0890356CD4A793D8A346D9096 ] C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe14:11:41.0706 4428 C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe - ok14:11:41.0706 4428 [ B77081F8221968C7DAB794B0BA55C43E ] C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe14:11:41.0706 4428 C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe - ok14:11:41.0721 4428 [ 083649EF692A066880C9326020915AFE ] C:\Program Files\Alwil Software\Avast5\AvastUI.exe14:11:41.0721 4428 C:\Program Files\Alwil Software\Avast5\AvastUI.exe - ok14:11:41.0721 4428 [ 179EED57FED3C7422A559633641032BA ] C:\Program Files\Alwil Software\Avast5\aswUtil.dll14:11:41.0721 4428 C:\Program Files\Alwil Software\Avast5\aswUtil.dll - ok14:11:41.0721 4428 [ 50925A12AD9A8F45609E914D9F941E68 ] C:\Program Files\COMODO\COMODO Internet Security\themes\black.theme14:11:41.0721 4428 C:\Program Files\COMODO\COMODO Internet Security\themes\black.theme - ok14:11:41.0737 4428 [ CA6ADE4F7761BB15B3325356DC3B82BB ] C:\Windows\winsxs\x86_microsoft.vc90.mfc_1fc8b3b9a1e18e3b_9.0.30729.6161_none_4bf7e3e2bf9ada4c\mfc90u.dll14:11:41.0737 4428 C:\Windows\winsxs\x86_microsoft.vc90.mfc_1fc8b3b9a1e18e3b_9.0.30729.6161_none_4bf7e3e2bf9ada4c\mfc90u.dll - ok14:11:41.0737 4428 [ E2C48CD0132D4D1DC7D0DF9A6BEF686A ] C:\Windows\winsxs\x86_microsoft.vc80.mfc_1fc8b3b9a1e18e3b_8.0.50727.6195_none_cbf5e994470a1a8f\mfc80u.dll14:11:41.0737 4428 C:\Windows\winsxs\x86_microsoft.vc80.mfc_1fc8b3b9a1e18e3b_8.0.50727.6195_none_cbf5e994470a1a8f\mfc80u.dll - ok14:11:41.0737 4428 [ 1473768973453DE50DC738C2955FC4DD ] C:\Windows\System32\wdmaud.drv14:11:41.0737 4428 C:\Windows\System32\wdmaud.drv - ok14:11:41.0753 4428 [ 8560FFFC8EB3A806DCD4F82252CFC8C6 ] C:\Windows\System32\ksuser.dll14:11:41.0753 4428 C:\Windows\System32\ksuser.dll - ok14:11:41.0753 4428 [ 25BEF4C3E9417AE09B017CCFB66B4383 ] C:\Program Files\COMODO\COMODO Internet Security\themes\blue.theme14:11:41.0753 4428 C:\Program Files\COMODO\COMODO Internet Security\themes\blue.theme - ok14:11:41.0753 4428 [ DC220AE6F64819099F7EBD6F137E32E7 ] C:\Windows\System32\AudioSes.dll14:11:41.0753 4428 C:\Windows\System32\AudioSes.dll - ok14:11:41.0768 4428 [ D79D19EC66106119DCD45D042C6B5170 ] C:\Windows\assembly\NativeImages_v2.0.50727_64\System.Drawing\88f8a6436dc95497fce0dae347646e53\System.Drawing.ni.dll14:11:41.0768 4428 C:\Windows\assembly\NativeImages_v2.0.50727_64\System.Drawing\88f8a6436dc95497fce0dae347646e53\System.Drawing.ni.dll - ok14:11:41.0768 4428 [ C7EDDAC1E795976CDF62D785836FE38D ] C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe14:11:41.0768 4428 C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe - ok14:11:41.0768 4428 [ 28A09777D2D952122567A8A82F1A2C7B ] C:\Windows\winsxs\x86_microsoft.vc80.mfcloc_1fc8b3b9a1e18e3b_8.0.50727.6195_none_03ce2c72205943d3\mfc80ENU.dll14:11:41.0768 4428 C:\Windows\winsxs\x86_microsoft.vc80.mfcloc_1fc8b3b9a1e18e3b_8.0.50727.6195_none_03ce2c72205943d3\mfc80ENU.dll - ok14:11:41.0784 4428 [ 1B7C3A37362C7B2890168C5FC61C8D9B ] C:\Windows\System32\msacm32.drv14:11:41.0784 4428 C:\Windows\System32\msacm32.drv - ok14:11:41.0784 4428 [ CC30AA4EF49CA0B3B1C1CBCE325C36AD ] C:\Program Files\COMODO\COMODO Internet Security\themes\default.theme14:11:41.0784 4428 C:\Program Files\COMODO\COMODO Internet Security\themes\default.theme - ok14:11:41.0784 4428 [ CA2A0750ED830678997695FF61B04C30 ] C:\Windows\System32\midimap.dll14:11:41.0784 4428 C:\Windows\System32\midimap.dll - ok14:11:41.0799 4428 [ 10AC5CE9F78DC281A1BBD9B8CC587B8A ] C:\Windows\System32\msacm32.dll14:11:41.0799 4428 C:\Windows\System32\msacm32.dll - ok14:11:41.0799 4428 [ 5EDBB34736DD7AC1A73CF8792A835E10 ] C:\Windows\System32\AudioEng.dll14:11:41.0799 4428 C:\Windows\System32\AudioEng.dll - ok14:11:41.0799 4428 [ 5E04C53224E7D946F35DC1208835FD95 ] C:\Program Files\COMODO\COMODO Internet Security\themes\metal.theme14:11:41.0799 4428 C:\Program Files\COMODO\COMODO Internet Security\themes\metal.theme - ok14:11:41.0815 4428 [ C1395286B822E306B4FE1568A8A77813 ] C:\Windows\System32\AUDIOKSE.dll14:11:41.0815 4428 C:\Windows\System32\AUDIOKSE.dll - ok14:11:41.0815 4428 [ 1EA7969E3271CBC59E1730697DC74682 ] C:\Windows\System32\qmgr.dll14:11:41.0815 4428 C:\Windows\System32\qmgr.dll - ok14:11:41.0815 4428 [ D9431DCF90B0253773F51FDEFE7FD42F ] C:\Windows\System32\bitsigd.dll14:11:41.0815 4428 C:\Windows\System32\bitsigd.dll - ok14:11:41.0831 4428 [ 29409ED7400CA5BCCC30C0EE5147A60D ] C:\Windows\System32\bitsperf.dll14:11:41.0831 4428 C:\Windows\System32\bitsperf.dll - ok14:11:41.0831 4428 [ AC5DF873913B00E554D8F553459BC431 ] C:\Windows\System32\qmgrprxy.dll14:11:41.0831 4428 C:\Windows\System32\qmgrprxy.dll - ok14:11:41.0831 4428 [ 85B45B4B285B159ACDB355FC8C1E8925 ] C:\Windows\SysWOW64\qmgrprxy.dll14:11:41.0831 4428 C:\Windows\SysWOW64\qmgrprxy.dll - ok14:11:41.0846 4428 [ 1D856E6E7490447FCFAA46E09A2BF9C9 ] C:\Program Files (x86)\QuickTime\QTSystem\QuickTime.qts14:11:41.0846 4428 C:\Program Files (x86)\QuickTime\QTSystem\QuickTime.qts - ok14:11:41.0846 4428 [ E424B3EF666B184CEE0B6871AAA8C9F6 ] C:\Windows\System32\msimg32.dll14:11:41.0846 4428 C:\Windows\System32\msimg32.dll - ok14:11:41.0846 4428 [ 6F3C559B82F2912354BE5B098744CC8C ] C:\Windows\System32\WMALFXGFXDSP.dll14:11:41.0846 4428 C:\Windows\System32\WMALFXGFXDSP.dll - ok14:11:41.0846 4428 [ C3761661C17C2248A9379A8FB89E3DE1 ] C:\Windows\System32\stobject.dll14:11:41.0846 4428 C:\Windows\System32\stobject.dll - ok14:11:41.0862 4428 [ F832EEEA97CDDA1AF577E721F652A0D1 ] C:\Windows\System32\batmeter.dll14:11:41.0862 4428 C:\Windows\System32\batmeter.dll - ok14:11:41.0862 4428 [ FBFCA1A574D47EE575448B719CBBF2E4 ] C:\Windows\winsxs\x86_microsoft.vc90.mfcloc_1fc8b3b9a1e18e3b_9.0.30729.6161_none_49768ef57548175e\MFC90ENU.DLL14:11:41.0862 4428 C:\Windows\winsxs\x86_microsoft.vc90.mfcloc_1fc8b3b9a1e18e3b_9.0.30729.6161_none_49768ef57548175e\MFC90ENU.DLL - ok14:11:41.0862 4428 [ 13790C4FB6311ECE6D6763A7EC2313FB ] C:\Program Files\Alwil Software\Avast5\aswAra.dll14:11:41.0862 4428 C:\Program Files\Alwil Software\Avast5\aswAra.dll - ok14:11:41.0877 4428 [ F0E7DEC6F7A3610949BDED0CA8CCB3EA ] C:\Program Files\Alwil Software\Avast5\aswData.dll14:11:41.0877 4428 C:\Program Files\Alwil Software\Avast5\aswData.dll - ok14:11:41.0877 4428 [ AB6E3DF509C6BD59062F685A40395C23 ] C:\Program Files\Alwil Software\Avast5\1033\uiLangRes.dll14:11:41.0877 4428 C:\Program Files\Alwil Software\Avast5\1033\uiLangRes.dll - ok14:11:41.0877 4428 [ 2D2A6EC8EAD30EC3ACE2FD6FB1B3E122 ] C:\Windows\System32\prnfldr.dll14:11:41.0877 4428 C:\Windows\System32\prnfldr.dll - ok14:11:41.0893 4428 [ AB04C6CE5DF23819B914F822E9AA0EDF ] C:\Program Files\Alwil Software\Avast5\CommonRes.dll14:11:41.0893 4428 C:\Program Files\Alwil Software\Avast5\CommonRes.dll - ok14:11:41.0893 4428 [ 2A436796758BF2555A26C770FE8A6FEE ] C:\Windows\System32\fdProxy.dll14:11:41.0893 4428 C:\Windows\System32\fdProxy.dll - ok14:11:41.0893 4428 [ 42A9CB6906D9A8BEDC83B57163E62924 ] C:\Windows\System32\DXP.dll14:11:41.0893 4428 C:\Windows\System32\DXP.dll - ok14:11:41.0893 4428 [ 2BC7C9FD0A9F2C9AFC373F3AD1EE3891 ] C:\Windows\System32\Syncreg.dll14:11:41.0893 4428 C:\Windows\System32\Syncreg.dll - ok14:11:41.0909 4428 [ EADFC95980BC24DF3C7EE5B2CD38F043 ] C:\Windows\assembly\NativeImages_v2.0.50727_64\System.Windows.Forms\d6af7216038720b1adeca71e81c14bd6\System.Windows.Forms.ni.dll14:11:41.0909 4428 C:\Windows\assembly\NativeImages_v2.0.50727_64\System.Windows.Forms\d6af7216038720b1adeca71e81c14bd6\System.Windows.Forms.ni.dll - ok14:11:41.0909 4428 [ C836175870E00ACC546066632E15BD10 ] C:\Windows\ehome\ehSSO.dll14:11:41.0909 4428 C:\Windows\ehome\ehSSO.dll - ok14:11:41.0909 4428 [ 10035E4C014522FE740172FF0B4FF43E ] C:\Windows\ehome\ehtray.exe14:11:41.0909 4428 C:\Windows\ehome\ehtray.exe - ok14:11:41.0924 4428 [ E7368F0A8D19445EAF5C5D0DBB8B8DAB ] C:\Windows\System32\AltTab.dll14:11:41.0924 4428 C:\Windows\System32\AltTab.dll - ok14:11:41.0924 4428 [ C8FDF0FA9E97E2FAAF3F814716AAA881 ] C:\Windows\System32\WPDShServiceObj.dll14:11:41.0924 4428 C:\Windows\System32\WPDShServiceObj.dll - ok14:11:41.0924 4428 [ AFDAE59FE562A7CDB44F9D4ABEDAC316 ] C:\Program Files (x86)\QuickTime\QTSystem\QTCF.dll14:11:41.0924 4428 C:\Program Files (x86)\QuickTime\QTSystem\QTCF.dll - ok14:11:41.0940 4428 [ 4F3CD1C59EA71401E155C432BCECE180 ] C:\Windows\System32\PortableDeviceTypes.dll14:11:41.0940 4428 C:\Windows\System32\PortableDeviceTypes.dll - ok14:11:41.0940 4428 [ B9F0A4020AA98B7A20287BF7FE99A1FD ] C:\Windows\System32\QUTIL.DLL14:11:41.0940 4428 C:\Windows\System32\QUTIL.DLL - ok14:11:41.0940 4428 [ 234AFA322624B3203A2E720F08292B03 ] C:\Windows\System32\cscobj.dll14:11:41.0940 4428 C:\Windows\System32\cscobj.dll - ok14:11:41.0955 4428 [ E0B340996A41C9A75DFA3B99BBA9C500 ] C:\Windows\System32\SearchIndexer.exe14:11:41.0955 4428 C:\Windows\System32\SearchIndexer.exe - ok14:11:41.0955 4428 [ 5CC7AF82752165A2A966BF557E2C7EB5 ] C:\Windows\ehome\ehProxy.dll14:11:41.0955 4428 C:\Windows\ehome\ehProxy.dll - ok14:11:41.0955 4428 [ 4E5FE39C1076D115EC8BFCFE14D75B80 ] C:\Windows\SysWOW64\credssp.dll14:11:41.0955 4428 C:\Windows\SysWOW64\credssp.dll - ok14:11:41.0971 4428 [ 7717F84F483002815490033BF069DABD ] C:\Windows\winsxs\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.17825_none_72d273598668a06b\GdiPlus.dll14:11:41.0971 4428 C:\Windows\winsxs\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.17825_none_72d273598668a06b\GdiPlus.dll - ok14:11:41.0971 4428 [ DFFAE10E3A1B0C664B9383B7C1809B0A ] C:\Windows\ehome\ehrec.exe14:11:41.0971 4428 C:\Windows\ehome\ehrec.exe - ok14:11:41.0971 4428 [ 8569E35D00F45972E506502EEE622BA4 ] C:\Windows\System32\srchadmin.dll14:11:41.0971 4428 C:\Windows\System32\srchadmin.dll - ok14:11:41.0987 4428 [ 0E85C11F8850D524B02181C6E02BA9AE ] C:\Windows\SysWOW64\dsound.dll14:11:41.0987 4428 C:\Windows\SysWOW64\dsound.dll - ok14:11:41.0987 4428 [ 92DBF0A4C9239169010FC6E07859C82E ] C:\Windows\System32\ActionCenter.dll14:11:41.0987 4428 C:\Windows\System32\ActionCenter.dll - ok14:11:41.0987 4428 [ 357BE883C5236BFC7341CB9E82308908 ] C:\Windows\System32\wlanapi.dll14:11:41.0987 4428 C:\Windows\System32\wlanapi.dll - ok14:11:41.0987 4428 [ 589DF683A6C81424A6CECE52ABF98A50 ] C:\Windows\System32\tquery.dll14:11:41.0987 4428 C:\Windows\System32\tquery.dll - ok14:11:42.0002 4428 [ D855B0E63ECAFE9EBD086AF6691E0016 ] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\CFNetwork.dll14:11:42.0002 4428 C:\Program Files (x86)\Common Files\Apple\Apple Application Support\CFNetwork.dll - ok14:11:42.0002 4428 [ D2155709E336C3BC15729EB87FEC6064 ] C:\Windows\System32\rasdlg.dll14:11:42.0002 4428 C:\Windows\System32\rasdlg.dll - ok14:11:42.0002 4428 [ 7FDE85776B7A59B5F426262A7719B8C6 ] C:\Windows\assembly\NativeImages_v2.0.50727_64\ehCIR\0b01f92505de7e89aeb9a71160c3b4a9\ehCIR.ni.dll14:11:42.0002 4428 C:\Windows\assembly\NativeImages_v2.0.50727_64\ehCIR\0b01f92505de7e89aeb9a71160c3b4a9\ehCIR.ni.dll - ok14:11:42.0018 4428 [ C746F3BF98E92FB137B5BD2B8B5925BD ] C:\Windows\System32\FXSST.dll14:11:42.0018 4428 C:\Windows\System32\FXSST.dll - ok14:11:42.0018 4428 [ DB661831A20B7B58995C352F33593F8E ] C:\Windows\assembly\NativeImages_v2.0.50727_64\ehiProxy\b3d4face190a4aaff574574d4d8f6f6b\ehiProxy.ni.dll14:11:42.0018 4428 C:\Windows\assembly\NativeImages_v2.0.50727_64\ehiProxy\b3d4face190a4aaff574574d4d8f6f6b\ehiProxy.ni.dll - ok14:11:42.0018 4428 [ 650CAEA856943E29F25A25D31E004B18 ] C:\Windows\System32\FXSAPI.dll14:11:42.0018 4428 C:\Windows\System32\FXSAPI.dll - ok14:11:42.0033 4428 [ DF3BF36F93945062B85B02EA408E716F ] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\SQLite3.dll14:11:42.0033 4428 C:\Program Files (x86)\Common Files\Apple\Apple Application Support\SQLite3.dll - ok14:11:42.0033 4428 [ C8E8B8239FCF17BEA10E751BE5854631 ] C:\Windows\System32\FXSRESM.dll14:11:42.0033 4428 C:\Windows\System32\FXSRESM.dll - ok14:11:42.0033 4428 [ DBEFD454F8318A0EF691FDD2EAAB44EB ] C:\Windows\System32\FXSSVC.exe14:11:42.0033 4428 C:\Windows\System32\FXSSVC.exe - ok14:11:42.0049 4428 [ 90044039365B06CECDD8E347AC08BBAE ] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll14:11:42.0049 4428 C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll - ok14:11:42.0049 4428 [ 18901D2086FBA7D1847CEA87A64EE0D3 ] C:\Program Files (x86)\MediaBrowser\MediaBrowser\MediaBrowserService.exe14:11:42.0049 4428 C:\Program Files (x86)\MediaBrowser\MediaBrowser\MediaBrowserService.exe - ok14:11:42.0049 4428 [ 415565755E342CF2BEFE89B778F6EDFA ] C:\Windows\assembly\NativeImages_v2.0.50727_64\mcepg\7c3c9c6ffadcac54f468f7db41ece8b8\mcepg.ni.dll14:11:42.0049 4428 C:\Windows\assembly\NativeImages_v2.0.50727_64\mcepg\7c3c9c6ffadcac54f468f7db41ece8b8\mcepg.ni.dll - ok14:11:42.0065 4428 [ F9AFD12BB4B1CFA5FCC0A5B37C604FD2 ] C:\Windows\System32\dot3api.dll14:11:42.0065 4428 C:\Windows\System32\dot3api.dll - ok14:11:42.0065 4428 [ 0DA37FC5BFEB4827104B0920A352A9AB ] C:\Program Files\Windows Home Server\WHSTrayApp.exe14:11:42.0065 4428 C:\Program Files\Windows Home Server\WHSTrayApp.exe - ok14:11:42.0065 4428 [ 25280FDB1E2F008577B1D66A99973C4E ] C:\Windows\assembly\NativeImages_v2.0.50727_64\mcstoredb\72b219b4add947fa64428f282995e6bb\mcstoredb.ni.dll14:11:42.0065 4428 C:\Windows\assembly\NativeImages_v2.0.50727_64\mcstoredb\72b219b4add947fa64428f282995e6bb\mcstoredb.ni.dll - ok14:11:42.0080 4428 [ E4FCA0F99A41E460C84016DEFD31E6EF ] C:\Windows\System32\wlanhlp.dll14:11:42.0080 4428 C:\Windows\System32\wlanhlp.dll - ok14:11:42.0080 4428 [ 198552AEFECA69D646867EC8D792DE95 ] C:\Windows\SysWOW64\ddraw.dll14:11:42.0080 4428 C:\Windows\SysWOW64\ddraw.dll - ok14:11:42.0080 4428 [ D32088C67317F5B64C13352E6EB5FFB1 ] C:\Windows\assembly\GAC_64\mcstoredb\6.1.0.0__31bf3856ad364e35\mcstoredb.dll14:11:42.0080 4428 C:\Windows\assembly\GAC_64\mcstoredb\6.1.0.0__31bf3856ad364e35\mcstoredb.dll - ok14:11:42.0080 4428 [ AA61A7047E854A9E914FDD17C2F35675 ] C:\Windows\System32\sqlceoledb30.dll14:11:42.0080 4428 C:\Windows\System32\sqlceoledb30.dll - ok14:11:42.0096 4428 [ 9C75CB8B98610F0CD85D99BB5876308B ] C:\Windows\System32\sqlcese30.dll14:11:42.0096 4428 C:\Windows\System32\sqlcese30.dll - ok14:11:42.0096 4428 [ 7568CC720ACE4D03B84AF97817E745EF ] C:\Windows\System32\mssrch.dll14:11:42.0096 4428 C:\Windows\System32\mssrch.dll - ok14:11:42.0096 4428 [ 3121A79D13A61562BE9CC902CD46B542 ] C:\Windows\System32\msidle.dll14:11:42.0096 4428 C:\Windows\System32\msidle.dll - ok14:11:42.0111 4428 [ ACE1BB07E0377E37A2C514CD2EC119B1 ] C:\Windows\System32\mssprxy.dll14:11:42.0111 4428 C:\Windows\System32\mssprxy.dll - ok14:11:42.0111 4428 [ 76F39902E25F43FE9450AD3D6A14D0D8 ] C:\Windows\assembly\NativeImages_v2.0.50727_64\WindowsBase\60ab562d9fe10d1782ed705ef2beb95a\WindowsBase.ni.dll14:11:42.0111 4428 C:\Windows\assembly\NativeImages_v2.0.50727_64\WindowsBase\60ab562d9fe10d1782ed705ef2beb95a\WindowsBase.ni.dll - ok14:11:42.0111 4428 [ E5744D18C88737C6356D0A8D6D49D512 ] C:\Windows\System32\sqlceqp30.dll14:11:42.0111 4428 C:\Windows\System32\sqlceqp30.dll - ok14:11:42.0127 4428 [ 6699A112A3BDC9B52338512894EBA9D6 ] C:\Program Files\Windows Media Player\wmpnscfg.exe14:11:42.0127 4428 C:\Program Files\Windows Media Player\wmpnscfg.exe - ok14:11:42.0127 4428 [ FB355B817AE641BBAE08607E58CB5CE2 ] C:\Windows\System32\hhctrl.ocx14:11:42.0127 4428 C:\Windows\System32\hhctrl.ocx - ok14:11:42.0127 4428 [ 5DA219F57A9076FB6FBD3C9C3713A672 ] C:\Windows\System32\WWanAPI.dll14:11:42.0127 4428 C:\Windows\System32\WWanAPI.dll - ok14:11:42.0143 4428 [ C7494C67A6BF6FE914808E42F8265FEF ] C:\Program Files\Windows Media Player\wmpnssci.dll14:11:42.0143 4428 C:\Program Files\Windows Media Player\wmpnssci.dll - ok14:11:42.0143 4428 [ 55E5B32AE8D1F51A63C82919656FD275 ] C:\Windows\SysWOW64\dciman32.dll14:11:42.0143 4428 C:\Windows\SysWOW64\dciman32.dll - ok14:11:42.0143 4428 [ E6748A0ADC22F0595E31448CAC746D3F ] C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\iTunesMobileDevice.dll14:11:42.0143 4428 C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\iTunesMobileDevice.dll - ok14:11:42.0158 4428 [ 62C7AACC746C9723468A8F2169ED3E85 ] C:\Windows\System32\wwapi.dll14:11:42.0158 4428 C:\Windows\System32\wwapi.dll - ok14:11:42.0158 4428 [ 094497FEA17EFF31DDA242C67C0E474A ] C:\Program Files (x86)\ZeeVee\ZvRemote\ZvRemote.exe14:11:42.0158 4428 C:\Program Files (x86)\ZeeVee\ZvRemote\ZvRemote.exe - ok14:11:42.0158 4428 [ E985F13877D4AC8BE9921543FB24663D ] C:\Program Files\Windows Home Server\WHSNotificationSink.dll14:11:42.0158 4428 C:\Program Files\Windows Home Server\WHSNotificationSink.dll - ok14:11:42.0158 4428 [ 6B851E682A36453E1B1EE297FFB6E2AB ] C:\Windows\System32\QAGENT.DLL14:11:42.0158 4428 C:\Windows\System32\QAGENT.DLL - ok14:11:42.0174 4428 [ 14318553F4D761CFA76389EA4480442A ] C:\Program Files\Windows Home Server\TransportServiceProxy.dll14:11:42.0174 4428 C:\Program Files\Windows Home Server\TransportServiceProxy.dll - ok14:11:42.0174 4428 [ 0AA46EC73FAA75DDDB96BA0901088817 ] C:\Program Files\Windows Home Server\BackupApi.dll14:11:42.0174 4428 C:\Program Files\Windows Home Server\BackupApi.dll - ok14:11:42.0174 4428 [ CCE5D71F19AB70D969F9819B5C88438D ] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe14:11:42.0174 4428 C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe - ok14:11:42.0189 4428 [ C9FB9038B15036CA28CF0B4BE2BED9BD ] C:\Windows\System32\en-US\tquery.dll.mui14:11:42.0189 4428 C:\Windows\System32\en-US\tquery.dll.mui - ok14:11:42.0189 4428 [ F7A256EC899C72B4ECDD2C02CB592EFD ] C:\Windows\System32\bthprops.cpl14:11:42.0189 4428 C:\Windows\System32\bthprops.cpl - ok14:11:42.0189 4428 [ A9F3BFC9345F49614D5859EC95B9E994 ] C:\Program Files\Windows Media Player\wmpnetwk.exe14:11:42.0189 4428 C:\Program Files\Windows Media Player\wmpnetwk.exe - ok14:11:42.0205 4428 [ E36112A8A6C7F840169A7E92C12F4203 ] C:\Windows\System32\wsock32.dll14:11:42.0205 4428 C:\Windows\System32\wsock32.dll - ok14:11:42.0205 4428 [ 423982DD851406A52B6399DDB196C606 ] C:\Windows\System32\wmdrmdev.dll14:11:42.0205 4428 C:\Windows\System32\wmdrmdev.dll - ok14:11:42.0205 4428 [ F8E8676D1B6B2CC12DF9AA6B1A43D929 ] C:\Program Files\iPod\bin\iPodService.exe14:11:42.0205 4428 C:\Program Files\iPod\bin\iPodService.exe - ok14:11:42.0221 4428 [ 55E3C4F4D953D8518EBDC5EA9AD786CE ] C:\Windows\System32\ieframe.dll14:11:42.0221 4428 C:\Windows\System32\ieframe.dll - ok14:11:42.0221 4428 [ 2C1055E2C6D42753241FB2A129136994 ] C:\Windows\System32\drmv2clt.dll14:11:42.0221 4428 C:\Windows\System32\drmv2clt.dll - ok14:11:42.0221 4428 [ 25DEF2EF843275862FFBF55487CEFDDD ] C:\Windows\SysWOW64\Macromed\Flash\Flash32_11_5_502_135.ocx14:11:42.0221 4428 C:\Windows\SysWOW64\Macromed\Flash\Flash32_11_5_502_135.ocx - ok14:11:42.0236 4428 [ E19AD0D49BFF5938B3E374873AC174DE ] C:\Windows\System32\wmploc.DLL14:11:42.0236 4428 C:\Windows\System32\wmploc.DLL - ok14:11:42.0236 4428 [ 7F17EBCE1B017CDDD3B359137380DD7A ] C:\Program Files\iPod\bin\iPodService.Resources\iPodService.dll14:11:42.0236 4428 C:\Program Files\iPod\bin\iPodService.Resources\iPodService.dll - ok14:11:42.0236 4428 [ 9349D633F833994F040C47F4820433EC ] C:\Program Files\iPod\bin\iPodService.Resources\en.lproj\iPodServiceLocalized.dll14:11:42.0236 4428 C:\Program Files\iPod\bin\iPodService.Resources\en.lproj\iPodServiceLocalized.dll - ok14:11:42.0252 4428 [ 919001D2BB17DF06CA3F8AC16AD039F6 ] C:\Windows\SysWOW64\sxs.dll14:11:42.0252 4428 C:\Windows\SysWOW64\sxs.dll - ok14:11:42.0252 4428 [ 72AB8C3F8AB7B550A896357C9E0896DA ] C:\Windows\assembly\NativeImages_v2.0.50727_64\PresentationCore\2abfa3ca7ad3cc6f199158e6663f3006\PresentationCore.ni.dll14:11:42.0252 4428 C:\Windows\assembly\NativeImages_v2.0.50727_64\PresentationCore\2abfa3ca7ad3cc6f199158e6663f3006\PresentationCore.ni.dll - ok14:11:42.0252 4428 [ 252B8748C25F5A5E5B8892F4257A10B3 ] C:\ProgramData\Microsoft\Windows\DRM\Cache\Indiv_SID_S-1-5-20\Indiv01_64.key14:11:42.0252 4428 C:\ProgramData\Microsoft\Windows\DRM\Cache\Indiv_SID_S-1-5-20\Indiv01_64.key - ok14:11:42.0267 4428 [ E63EAF09FC29954D7F8EAB2DEF495062 ] C:\Windows\assembly\NativeImages_v2.0.50727_64\System.Web\193e9d54d5a1785730cc76195c3ed9c6\System.Web.ni.dll14:11:42.0267 4428 C:\Windows\assembly\NativeImages_v2.0.50727_64\System.Web\193e9d54d5a1785730cc76195c3ed9c6\System.Web.ni.dll - ok14:11:42.0267 4428 [ C733EBBDD79892B96C9980EBDC0CA704 ] C:\Windows\assembly\NativeImages_v2.0.50727_64\PresentationFramewo#\c217382951ed46e82a9a3e27bd6379e7\PresentationFramework.ni.dll14:11:42.0267 4428 C:\Windows\assembly\NativeImages_v2.0.50727_64\PresentationFramewo#\c217382951ed46e82a9a3e27bd6379e7\PresentationFramework.ni.dll - ok14:11:42.0267 4428 [ C264145F107437CBD3B30303733AEE4F ] C:\Windows\assembly\GAC_64\PresentationCore\3.0.0.0__31bf3856ad364e35\PresentationCore.dll14:11:42.0267 4428 C:\Windows\assembly\GAC_64\PresentationCore\3.0.0.0__31bf3856ad364e35\PresentationCore.dll - ok14:11:42.0283 4428 [ 5D0E28A22860E487148B2820309C0063 ] C:\Windows\assembly\NativeImages_v2.0.50727_64\System.Configuration\ac14913a11af4bfae0b8eb913a46a161\System.Configuration.ni.dll14:11:42.0283 4428 C:\Windows\assembly\NativeImages_v2.0.50727_64\System.Configuration\ac14913a11af4bfae0b8eb913a46a161\System.Configuration.ni.dll - ok14:11:42.0283 4428 [ C1D9E25FC988516DF703D6E12ACA915F ] C:\Program Files\Internet Explorer\ieproxy.dll14:11:42.0283 4428 C:\Program Files\Internet Explorer\ieproxy.dll - ok14:11:42.0283 4428 [ 64DEC20C088832E46DEF5B5A5B28E028 ] C:\Windows\System32\atipdl64.dll14:11:42.0283 4428 C:\Windows\System32\atipdl64.dll - ok14:11:42.0299 4428 [ 7F8678C59F188528D60104E697C2361E ] C:\Windows\SysWOW64\mscms.dll14:11:42.0299 4428 C:\Windows\SysWOW64\mscms.dll - ok14:11:42.0299 4428 [ 355A138ABDFD43FBABCAE3A1B06AB93D ] C:\Windows\System32\wmpps.dll14:11:42.0299 4428 C:\Windows\System32\wmpps.dll - ok14:11:42.0299 4428 [ F149E8CAE538DBF7059B00326673F602 ] C:\Windows\System32\wmpmde.dll14:11:42.0299 4428 C:\Windows\System32\wmpmde.dll - ok14:11:42.0299 4428 [ 47B8DEBEC68FACCD026F99CAE8698C93 ] C:\Windows\System32\webcheck.dll14:11:42.0299 4428 C:\Windows\System32\webcheck.dll - ok14:11:42.0314 4428 [ D9E21CBF9E6A87847AFFD39EA3FA28EE ] C:\Windows\System32\SearchProtocolHost.exe14:11:42.0314 4428 C:\Windows\System32\SearchProtocolHost.exe - ok14:11:42.0314 4428 [ D2A5B2B09F2AF5ED13BF494508B09788 ] C:\Windows\System32\msshooks.dll14:11:42.0314 4428 C:\Windows\System32\msshooks.dll - ok14:11:42.0314 4428 [ 220159496484D34009DE71CA1A68E0D4 ] C:\Windows\System32\wbem\NCProv.dll14:11:42.0314 4428 C:\Windows\System32\wbem\NCProv.dll - ok14:11:42.0330 4428 [ 8494E126F0B10180F3293AF861CE1F7A ] C:\Windows\System32\mlang.dll14:11:42.0330 4428 C:\Windows\System32\mlang.dll - ok14:11:42.0330 4428 [ 83D0C449C534CC014799BEC0A060726C ] C:\Program Files\Alwil Software\Avast5\defs\12123000\uiext.dll14:11:42.0330 4428 C:\Program Files\Alwil Software\Avast5\defs\12123000\uiext.dll - ok14:11:42.0330 4428 [ 49A3AD5CE578CD77F445F3D244AEAB2D ] C:\Windows\System32\SearchFilterHost.exe Link to post Share on other sites More sharing options...
supturb89 Posted December 30, 2012 Author ID:628562 Share Posted December 30, 2012 more TDSKiller14:11:42.0330 4428 C:\Windows\System32\SearchFilterHost.exe - ok14:11:42.0345 4428 [ 101797BA603D227946B4B5109867EB19 ] C:\Windows\System32\SyncCenter.dll14:11:42.0345 4428 C:\Windows\System32\SyncCenter.dll - ok14:11:42.0345 4428 [ 48041BAEB60CE5F34F13CC2A1361E49C ] C:\Windows\System32\mssph.dll14:11:42.0345 4428 C:\Windows\System32\mssph.dll - ok14:11:42.0345 4428 [ 021287C2050FD5DB4A8B084E2C38139C ] C:\Windows\System32\WinSATAPI.dll14:11:42.0345 4428 C:\Windows\System32\WinSATAPI.dll - ok14:11:42.0361 4428 [ C8541AECCCA9260DE93C85F214110FA8 ] C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\wpfgfx_v0300.dll14:11:42.0361 4428 C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\wpfgfx_v0300.dll - ok14:11:42.0361 4428 [ 8F4BB0CFECED925D440ABC2481278360 ] C:\Windows\System32\mapi32.dll14:11:42.0361 4428 C:\Windows\System32\mapi32.dll - ok14:11:42.0361 4428 [ 28A7D7C7E2FDD1D55F12F750CD6331EC ] C:\Windows\System32\MSMPEG2ENC.DLL14:11:42.0361 4428 C:\Windows\System32\MSMPEG2ENC.DLL - ok14:11:42.0377 4428 [ D47EC6A8E81633DD18D2436B19BAF6DE ] C:\Windows\System32\upnphost.dll14:11:42.0377 4428 C:\Windows\System32\upnphost.dll - ok14:11:42.0377 4428 [ 8130391F82D52D36C0441F714136957F ] C:\Windows\System32\imapi2.dll14:11:42.0377 4428 C:\Windows\System32\imapi2.dll - ok14:11:42.0377 4428 [ 2730BC63D4896F7976D9D31BC9786EBA ] C:\Program Files (x86)\ASUS\EPU-4 Engine\AsSpindownTimeout.dll14:11:42.0377 4428 C:\Program Files (x86)\ASUS\EPU-4 Engine\AsSpindownTimeout.dll - ok14:11:42.0392 4428 [ 6A5C1A8AC0B572679361026D0E900420 ] C:\Windows\System32\hgcpl.dll14:11:42.0392 4428 C:\Windows\System32\hgcpl.dll - ok14:11:42.0392 4428 [ D64D99EC088B54FFE8EE67A480386C20 ] C:\Windows\Microsoft.NET\Framework64\v2.0.50727\Culture.dll14:11:42.0392 4428 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\Culture.dll - ok14:11:42.0392 4428 [ 07AD88DF9EF73215458867EFC1BFFE9E ] C:\Windows\System32\wbem\wmiprov.dll14:11:42.0392 4428 C:\Windows\System32\wbem\wmiprov.dll - ok14:11:42.0392 4428 [ 4C3DAEE652B005B483F16B8E9131C99D ] C:\Windows\System32\d3d9.dll14:11:42.0392 4428 C:\Windows\System32\d3d9.dll - ok14:11:42.0408 4428 [ 0438CAB2E03F4FB61455A7956026FE86 ] C:\Windows\System32\fdPHost.dll14:11:42.0408 4428 C:\Windows\System32\fdPHost.dll - ok14:11:42.0408 4428 [ 171D7DB433314A868507C4326E8209DC ] C:\Windows\System32\fdWSD.dll14:11:42.0408 4428 C:\Windows\System32\fdWSD.dll - ok14:11:42.0408 4428 [ A2E5B2D20954210DCE1A75A1FC8CC36D ] C:\Windows\System32\fdSSDP.dll14:11:42.0408 4428 C:\Windows\System32\fdSSDP.dll - ok14:11:42.0423 4428 [ EFDFB3DD38A4376F93E7985173813ABD ] C:\Windows\System32\ListSvc.dll14:11:42.0423 4428 C:\Windows\System32\ListSvc.dll - ok14:11:42.0423 4428 [ B6411CED931AFD059E48C52DBFBA95B4 ] C:\Windows\System32\P2P.dll14:11:42.0423 4428 C:\Windows\System32\P2P.dll - ok14:11:42.0423 4428 [ 3EAC4455472CC2C97107B5291E0DCAFE ] C:\Windows\System32\pnrpsvc.dll14:11:42.0423 4428 C:\Windows\System32\pnrpsvc.dll - ok14:11:42.0439 4428 [ 4A82EA2807B16FF577AEAF8ADB8779FF ] C:\Windows\System32\IdListen.dll14:11:42.0439 4428 C:\Windows\System32\IdListen.dll - ok14:11:42.0439 4428 [ A0524499F4C63CADA7E1529FC77F5DC1 ] C:\Windows\System32\hgprint.dll14:11:42.0439 4428 C:\Windows\System32\hgprint.dll - ok14:11:42.0439 4428 [ 3044D07ABDF4BBEA27E2EE7B1E0C0C65 ] C:\Windows\System32\d3d8thk.dll14:11:42.0439 4428 C:\Windows\System32\d3d8thk.dll - ok14:11:42.0439 4428 [ 927463ECB02179F88E4B9A17568C63C3 ] C:\Windows\System32\p2psvc.dll14:11:42.0439 4428 C:\Windows\System32\p2psvc.dll - ok14:11:42.0455 4428 [ C16628F1DFA5495A22E1DA05A852722C ] C:\Windows\System32\atiu9p64.dll14:11:42.0455 4428 C:\Windows\System32\atiu9p64.dll - ok14:11:42.0455 4428 [ 3AEE02CEDAA3ACD14F9D7E038E44D6D1 ] C:\Windows\System32\P2PGraph.dll14:11:42.0455 4428 C:\Windows\System32\P2PGraph.dll - ok14:11:42.0455 4428 [ 71E68F2443A80BD4DA89181889C457EA ] C:\Windows\System32\udhisapi.dll14:11:42.0455 4428 C:\Windows\System32\udhisapi.dll - ok14:11:42.0470 4428 [ 21E0179A49F1E1B50520C1D528D8F7B7 ] C:\Windows\System32\atiumd64.dll14:11:42.0470 4428 C:\Windows\System32\atiumd64.dll - ok14:11:42.0470 4428 [ 63C9BE8CD9815CB6BD2C2221A0034BE0 ] C:\Windows\System32\atiumd6a.dll14:11:42.0470 4428 C:\Windows\System32\atiumd6a.dll - ok14:11:42.0486 4428 [ 70C8F2121EA29625A4913336AF781725 ] C:\Windows\assembly\NativeImages_v2.0.50727_64\PresentationFramewo#\adcf9e45725f341acbd5d3fcd0a54572\PresentationFramework.Aero.ni.dll14:11:42.0486 4428 C:\Windows\assembly\NativeImages_v2.0.50727_64\PresentationFramewo#\adcf9e45725f341acbd5d3fcd0a54572\PresentationFramework.Aero.ni.dll - ok14:11:42.0486 4428 [ B439EFB7F218ED0849B4CC2D4A7FE1D3 ] C:\Windows\assembly\NativeImages_v2.0.50727_64\System.Core\63ba654893f4fc924ff75cf785744150\System.Core.ni.dll14:11:42.0486 4428 C:\Windows\assembly\NativeImages_v2.0.50727_64\System.Core\63ba654893f4fc924ff75cf785744150\System.Core.ni.dll - ok14:11:42.0486 4428 [ 0BF4362E18DFC52382F418278DCC52C4 ] C:\Windows\System32\rdpdd.dll14:11:42.0486 4428 C:\Windows\System32\rdpdd.dll - ok14:11:42.0501 4428 [ FF6148B1C150DA05D35C68D143AD6DEA ] C:\Windows\System32\RDPENCDD.dll14:11:42.0501 4428 C:\Windows\System32\RDPENCDD.dll - ok14:11:42.0501 4428 [ A23A9301EE7152FB6776052E52BDE9D9 ] C:\Windows\System32\RDPREFDD.dll14:11:42.0501 4428 C:\Windows\System32\RDPREFDD.dll - ok14:11:42.0501 4428 [ F718374D57E7469C8A633B168D1EBF54 ] C:\Windows\assembly\NativeImages_v2.0.50727_64\Microsoft.MediaCent#\226e588583e180296094202f09fc5ddd\Microsoft.MediaCenter.ni.dll14:11:42.0501 4428 C:\Windows\assembly\NativeImages_v2.0.50727_64\Microsoft.MediaCent#\226e588583e180296094202f09fc5ddd\Microsoft.MediaCenter.ni.dll - ok14:11:42.0517 4428 [ BB34C799E8ADB9B3253A375F65D9C2C1 ] C:\ProgramData\MediaBrowser\System.Data.SQLite.dll14:11:42.0517 4428 C:\ProgramData\MediaBrowser\System.Data.SQLite.dll - ok14:11:42.0517 4428 [ D233C7FEAE3FAA25F93A9E6B46815ADC ] C:\Windows\winsxs\amd64_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.6161_none_08e61857a83bc251\msvcr90.dll14:11:42.0517 4428 C:\Windows\winsxs\amd64_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.6161_none_08e61857a83bc251\msvcr90.dll - ok14:11:42.0517 4428 [ A4D07BCCCDF8211D4027E37A43E20163 ] C:\Windows\assembly\NativeImages_v2.0.50727_64\System.Data\ee5c9facac5c7dbf9c4b1e160f76daae\System.Data.ni.dll14:11:42.0517 4428 C:\Windows\assembly\NativeImages_v2.0.50727_64\System.Data\ee5c9facac5c7dbf9c4b1e160f76daae\System.Data.ni.dll - ok14:11:42.0517 4428 [ 98D53BB2DB8E11762D30C3CF41FA140B ] C:\Windows\assembly\GAC_64\System.Data\2.0.0.0__b77a5c561934e089\System.Data.dll14:11:42.0517 4428 C:\Windows\assembly\GAC_64\System.Data\2.0.0.0__b77a5c561934e089\System.Data.dll - ok14:11:42.0533 4428 [ E4806AC8BE2D890193252D4BEE7EA95C ] C:\Windows\assembly\GAC_64\System.Transactions\2.0.0.0__b77a5c561934e089\System.Transactions.dll14:11:42.0533 4428 C:\Windows\assembly\GAC_64\System.Transactions\2.0.0.0__b77a5c561934e089\System.Transactions.dll - ok14:11:42.0533 4428 [ F0A079CB4F819DD2AB94B06B3C17BF4C ] C:\Windows\assembly\NativeImages_v2.0.50727_64\System.Transactions\2110a213770c5bf08d61fb266706eb6d\System.Transactions.ni.dll14:11:42.0533 4428 C:\Windows\assembly\NativeImages_v2.0.50727_64\System.Transactions\2110a213770c5bf08d61fb266706eb6d\System.Transactions.ni.dll - ok14:11:42.0533 4428 [ E4FD4F6D50FB4D4CD66F1611664F7276 ] C:\Windows\assembly\NativeImages_v2.0.50727_64\System.EnterpriseSe#\7b5db8785f8af88c502b492d8f83a90e\System.EnterpriseServices.ni.dll14:11:42.0533 4428 C:\Windows\assembly\NativeImages_v2.0.50727_64\System.EnterpriseSe#\7b5db8785f8af88c502b492d8f83a90e\System.EnterpriseServices.ni.dll - ok14:11:42.0548 4428 [ 2E7ADF9B0389CD94605717784D7E416A ] C:\Windows\System32\drttransport.dll14:11:42.0548 4428 C:\Windows\System32\drttransport.dll - ok14:11:42.0548 4428 [ C57BC99A4467B3E8F1CC2184A3F46729 ] C:\Windows\System32\drt.dll14:11:42.0548 4428 C:\Windows\System32\drt.dll - ok14:11:42.0548 4428 [ C5413BC4F10CEB4C3070BBF04D324117 ] C:\Windows\SysWOW64\msisip.dll14:11:42.0548 4428 C:\Windows\SysWOW64\msisip.dll - ok14:11:42.0564 4428 [ E8F6851E4600CD3674422487EE240941 ] C:\Windows\SysWOW64\wshext.dll14:11:42.0564 4428 C:\Windows\SysWOW64\wshext.dll - ok14:11:42.0564 4428 [ 2875B386B45B8A77E2343C5E129AE50C ] C:\Windows\SysWOW64\WindowsPowerShell\v1.0\pwrshsip.dll14:11:42.0564 4428 C:\Windows\SysWOW64\WindowsPowerShell\v1.0\pwrshsip.dll - ok14:11:42.0564 4428 [ 559D9CBFC29DEE2773B28D38851683BA ] C:\Program Files (x86)\Microsoft Silverlight\xapauthenticodesip.dll14:11:42.0564 4428 C:\Program Files (x86)\Microsoft Silverlight\xapauthenticodesip.dll - ok14:11:42.0579 4428 [ 3D3CBD1847F980FB03343A63671E7886 ] C:\Windows\SysWOW64\schannel.dll14:11:42.0579 4428 C:\Windows\SysWOW64\schannel.dll - ok14:11:42.0579 4428 [ 7F19838AC317C34FCED020BE529AF71E ] C:\Program Files\Alwil Software\Avast5\AvastEmUpdate.exe14:11:42.0579 4428 C:\Program Files\Alwil Software\Avast5\AvastEmUpdate.exe - ok14:11:42.0579 4428 [ 3206A288014B1207F4E86336385CB41D ] C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDPROV.DLL14:11:42.0579 4428 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDPROV.DLL - ok14:11:42.0595 4428 [ 81953836F678A7353A797E3F7DE69B55 ] C:\Program Files\Common Files\Microsoft Shared\Windows Live\wlidcli.dll14:11:42.0595 4428 C:\Program Files\Common Files\Microsoft Shared\Windows Live\wlidcli.dll - ok14:11:42.0595 4428 [ F2C7BB8ACC97F92E987A2D4087D021B1 ] C:\Windows\System32\notepad.exe14:11:42.0595 4428 C:\Windows\System32\notepad.exe - ok14:11:42.0595 4428 [ F146E2BA475893DD77B2370DC1211FC6 ] C:\Windows\System32\drivers\55281566.sys14:11:42.0595 4428 C:\Windows\System32\drivers\55281566.sys - ok14:11:42.0611 4428 [ 3819AD4329303EAC88480CA16A650735 ] C:\Windows\System32\UIAnimation.dll14:11:42.0611 4428 C:\Windows\System32\UIAnimation.dll - ok14:11:42.0611 4428 [ 102CF6879887BBE846A00C459E6D4ABC ] C:\Windows\SysWOW64\riched20.dll14:11:42.0611 4428 C:\Windows\SysWOW64\riched20.dll - ok14:11:42.0611 4428 [ E2A17BCC08D92F42E08AF6BA2F93ABA7 ] C:\Windows\SysWOW64\ExplorerFrame.dll14:11:42.0611 4428 C:\Windows\SysWOW64\ExplorerFrame.dll - ok14:11:42.0626 4428 [ 6E1F8165C365D35C8E3C045AF0CDD481 ] C:\Windows\SysWOW64\duser.dll14:11:42.0626 4428 C:\Windows\SysWOW64\duser.dll - ok14:11:42.0626 4428 [ EE06B85BC69F18826302348A2AD089E0 ] C:\Windows\SysWOW64\dui70.dll14:11:42.0626 4428 C:\Windows\SysWOW64\dui70.dll - ok14:11:42.0626 4428 [ 2898035F522BA2989BBA8B9CFB020FD2 ] C:\Program Files\Alwil Software\Avast5\defs\12123000\aspColl.dll14:11:42.0626 4428 C:\Program Files\Alwil Software\Avast5\defs\12123000\aspColl.dll - ok14:11:42.0642 4428 [ C5A75EB48E2344ABDC162BDA79E16841 ] C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe14:11:42.0642 4428 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe - ok14:11:42.0642 4428 [ E5F7C30EDF0892667933BE879F067D67 ] C:\Windows\SysWOW64\msvcr100_clr0400.dll14:11:42.0642 4428 C:\Windows\SysWOW64\msvcr100_clr0400.dll - ok14:11:42.0642 4428 [ D83947A58613E9091B4C9CC0F1546A8D ] C:\Windows\SysWOW64\mscoree.dll14:11:42.0642 4428 C:\Windows\SysWOW64\mscoree.dll - ok14:11:42.0657 4428 [ C6F9AF94DCD58122A4D7E89DB6BED29D ] C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe14:11:42.0657 4428 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe - ok14:11:42.0657 4428 [ CB21CD39637AC13F3455454B2F648257 ] C:\Windows\System32\msvcr100_clr0400.dll14:11:42.0657 4428 C:\Windows\System32\msvcr100_clr0400.dll - ok14:11:42.0657 4428 [ 5C4CB4086FB83115B153E47ADD961A0C ] C:\Windows\System32\FntCache.dll14:11:42.0657 4428 C:\Windows\System32\FntCache.dll - ok14:11:42.0673 4428 [ E4024CCF225A936207294DE50925D4F6 ] C:\Program Files (x86)\Google\Update\1.3.21.123\goopdateres_en.dll14:11:42.0673 4428 C:\Program Files (x86)\Google\Update\1.3.21.123\goopdateres_en.dll - ok14:11:42.0673 4428 [ E17E0188BB90FAE42D83E98707EFA59C ] C:\Windows\System32\sppsvc.exe14:11:42.0673 4428 C:\Windows\System32\sppsvc.exe - ok14:11:42.0673 4428 [ FFF95479C7AB1550F0750A5D01744211 ] C:\Windows\System32\drivers\spsys.sys14:11:42.0673 4428 C:\Windows\System32\drivers\spsys.sys - ok14:11:42.0689 4428 [ E8B1FE6669397D1772D8196DF0E57A9E ] C:\Windows\System32\wscsvc.dll14:11:42.0689 4428 C:\Windows\System32\wscsvc.dll - ok14:11:42.0689 4428 [ C47F35CC6FA4F1BDBEF8F87AC1A46537 ] C:\Windows\System32\wuapi.dll14:11:42.0689 4428 C:\Windows\System32\wuapi.dll - ok14:11:42.0689 4428 [ FA43D418BC945D27D0625B697B8442B5 ] C:\Windows\System32\cabinet.dll14:11:42.0689 4428 C:\Windows\System32\cabinet.dll - ok14:11:42.0689 4428 [ E746ED90132C6B6313CE9179F56BD31D ] C:\Windows\System32\wups.dll14:11:42.0689 4428 C:\Windows\System32\wups.dll - ok14:11:42.0704 4428 [ 7DF186D86CF8C571A12AAB788C777F84 ] C:\Windows\SysWOW64\wscproxystub.dll14:11:42.0704 4428 C:\Windows\SysWOW64\wscproxystub.dll - ok14:11:42.0704 4428 [ D9EF901DCA379CFE914E9FA13B73B4C4 ] C:\Windows\System32\wuaueng.dll14:11:42.0704 4428 C:\Windows\System32\wuaueng.dll - ok14:11:42.0704 4428 [ 617F6EC0AC677C685479C1D0D1E76C6F ] C:\Windows\System32\mspatcha.dll14:11:42.0704 4428 C:\Windows\System32\mspatcha.dll - ok14:11:42.0720 4428 [ F6F22291024906E43D135A4B1705FEAC ] C:\Windows\System32\sppwinob.dll14:11:42.0720 4428 C:\Windows\System32\sppwinob.dll - ok14:11:42.0720 4428 [ 7FE0D0C8F53735EA17C9AE93EFE7AD5A ] C:\Windows\System32\wups2.dll14:11:42.0720 4428 C:\Windows\System32\wups2.dll - ok14:11:42.0720 4428 [ 2B373B5F7E36B5ED5DA176D4400EF091 ] C:\Windows\System32\sppobjs.dll14:11:42.0720 4428 C:\Windows\System32\sppobjs.dll - ok14:11:42.0735 4428 [ 769765CE2CC62867468CEA93969B2242 ] C:\Windows\System32\drivers\asyncmac.sys14:11:42.0735 4428 C:\Windows\System32\drivers\asyncmac.sys - ok14:11:42.0735 4428 [ 81252AA3B13743020BCF2089A5A0D911 ] C:\Windows\System32\wscinterop.dll14:11:42.0735 4428 C:\Windows\System32\wscinterop.dll - ok14:11:42.0735 4428 [ DF50DAE4C547285E4997A0C61063B632 ] C:\Windows\System32\wscui.cpl14:11:42.0735 4428 C:\Windows\System32\wscui.cpl - ok14:11:42.0735 4428 [ F9959237F106F2B2609E61A290C0652E ] C:\Windows\System32\werconcpl.dll14:11:42.0735 4428 C:\Windows\System32\werconcpl.dll - ok14:11:42.0751 4428 [ 7E591867422DC788B9E5BD337A669A08 ] C:\Windows\System32\wercplsupport.dll14:11:42.0751 4428 C:\Windows\System32\wercplsupport.dll - ok14:11:42.0751 4428 [ 809AE7D4ACE06BBCF621E5C504BF6FC8 ] C:\Windows\System32\hcproviders.dll14:11:42.0751 4428 C:\Windows\System32\hcproviders.dll - ok14:11:42.0751 4428 [ 0D893F8D145D3B125B0226727C243A69 ] C:\Windows\System32\security.dll14:11:42.0751 4428 C:\Windows\System32\security.dll - ok14:11:42.0767 4428 [ 012787CEB35505EB78DF82E0A0072888 ] C:\Windows\System32\browcli.dll14:11:42.0767 4428 C:\Windows\System32\browcli.dll - ok14:11:42.0767 4428 [ C4BFE4B61086416B0529212F92BCE081 ] C:\Windows\System32\schedcli.dll14:11:42.0767 4428 C:\Windows\System32\schedcli.dll - ok14:11:42.0767 4428 [ 5EA9A0950F322BFA382AF277801C0307 ] C:\Windows\System32\wbem\wmipcima.dll14:11:42.0767 4428 C:\Windows\System32\wbem\wmipcima.dll - ok14:11:42.0782 4428 [ C00DB14550E4BD49737F311C644E45FF ] C:\Windows\System32\wmi.dll14:11:42.0782 4428 C:\Windows\System32\wmi.dll - ok14:11:42.0782 4428 [ B6D6886149573278CBA6ABD44C4317F5 ] C:\Windows\System32\slwga.dll14:11:42.0782 4428 C:\Windows\System32\slwga.dll - ok14:11:42.0782 4428 ============================================================14:11:42.0782 4428 Scan finished14:11:42.0782 4428 ============================================================14:11:42.0798 2956 Detected object count: 114:11:42.0798 2956 Actual detected object count: 114:12:22.0071 2956 SandraAgentSrv ( UnsignedFile.Multi.Generic ) - skipped by user14:12:22.0071 2956 SandraAgentSrv ( UnsignedFile.Multi.Generic ) - User select action: Skip14:12:28.0202 3828 Deinitialize success Link to post Share on other sites More sharing options...
supturb89 Posted December 30, 2012 Author ID:628563 Share Posted December 30, 2012 aswMBR version 0.9.9.1707 Copyright© 2011 AVAST SoftwareRun date: 2012-12-30 14:14:03-----------------------------14:14:03.509 OS Version: Windows x64 6.1.7601 Service Pack 114:14:03.509 Number of processors: 2 586 0x430314:14:03.509 ComputerName: HTPC UserName: Webb14:14:04.273 Initialize success14:14:07.736 AVAST engine defs: 1212300014:14:16.831 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP0T0L0-014:14:16.831 Disk 0 Vendor: WDC_WD2500YD-01NVB1 10.02E01 Size: 239372MB BusType: 314:14:16.847 Disk 0 MBR read successfully14:14:16.847 Disk 0 MBR scan14:14:16.847 Disk 0 Windows 7 default MBR code14:14:16.862 Disk 0 Partition 1 80 (A) 07 HPFS/NTFS NTFS 188252 MB offset 204814:14:16.862 Disk 0 Partition - 00 05 Extended 51113 MB offset 38554393514:14:16.894 Disk 0 Partition 2 00 82 Linux swap 2133 MB offset 48585385814:14:16.956 Disk 0 scanning C:\Windows\system32\drivers14:14:29.982 Service scanning14:14:46.331 Modules scanning14:14:46.331 Disk 0 trace - called modules:14:14:46.347 ntoskrnl.exe CLASSPNP.SYS disk.sys ACPI.sys ataport.SYS pciide.sys14:14:46.861 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0xfffffa8004893220]14:14:46.861 3 CLASSPNP.SYS[fffff88001b9243f] -> nt!IofCallDriver -> [0xfffffa800489d9b0]14:14:46.861 5 ACPI.sys[fffff88000f6d7a1] -> nt!IofCallDriver -> \Device\Ide\IdeDeviceP0T0L0-0[0xfffffa8004885680]14:14:47.298 AVAST engine scan C:\Windows14:14:50.637 AVAST engine scan C:\Windows\system3214:18:03.484 AVAST engine scan C:\Windows\system32\drivers14:18:15.871 AVAST engine scan C:\Users\Webb14:20:04.135 AVAST engine scan C:\ProgramData14:23:36.936 Scan finished successfully14:24:06.233 Disk 0 MBR has been saved successfully to "C:\Users\Webb\Desktop\MBR.dat"14:24:06.233 The log file has been saved successfully to "C:\Users\Webb\Desktop\aswMBR.txt" Link to post Share on other sites More sharing options...
Staff gringo_pr Posted December 30, 2012 Staff ID:628571 Share Posted December 30, 2012 Malwarebytes Anti-Rootkit1.Download Malwarebytes Anti-Rootkit2.Unzip the contents to a folder in a convenient location.3.Open the folder where the contents were unzipped and run mbar.exe4.Follow the instructions in the wizard to update and allow the program to scan your computer for threats.5.Click on the Cleanup button to remove any threats and reboot if prompted to do so.6.Wait while the system shuts down and the cleanup process is performed.7.Perform another scan with Malwarebytes Anti-Rootkit to verify that no threats remain. If they do, then click Cleanup once more and repeat the process.8.If no additional threats were found, verify that your system is now running normally, making sure that the following items are functional:•Internet access•Windows Update•Windows Firewall9.If there are additional problems with your system, such as any of those listed above or other system issues, then run the 'fixdamage' tool included with Malwarebytes Anti-Rootkit and reboot.10.Verify that your system is now functioning normally. Link to post Share on other sites More sharing options...
supturb89 Posted December 31, 2012 Author ID:628661 Share Posted December 31, 2012 Gringo,I ran the MBrootkit and no threats were found. My computer is running great but as I said in a previous reply the lsass.exe process is no longer running according to the task manager.Aaron Link to post Share on other sites More sharing options...
Staff gringo_pr Posted December 31, 2012 Staff ID:628668 Share Posted December 31, 2012 GreetingsAt this time I would like you to run this script for me and it is a good time to check out the computer to see if there is anything else that needs to be addressed.:Run CFScript:Open Notepad and copy/paste the text in the box into the window: ClearJavaCache:: Save it to your desktop as CFScript.txtRefering to the picture above, drag CFScript.txt into ComboFix.exeThis will let ComboFix run again.Restart if you have to.Save the produced logfile to your desktop.Note: Do not mouseclick combofix's window whilst it's running. That may cause it to stallNote 2: If you recieve an error "Illegal operation attempted on a registery key that has been marked for deletion." Please restart the computer"information and logs"In your next post I need the followingreport from Combofixlet me know of any problems you may have hadHow is the computer doing now after running the script?Gringo Link to post Share on other sites More sharing options...
supturb89 Posted December 31, 2012 Author ID:628819 Share Posted December 31, 2012 Grigo,I created the scrip and ran it with Comcofix. I ahve attached the log. My computer is running great. Again though the lsass.exe process is no longer running.ComboFix 12-12-31.01 - Webb 12/31/2012 8:24.2.2 - x64Microsoft Windows 7 Ultimate 6.1.7601.1.1252.1.1033.18.4095.3094 [GMT -6:00]Running from: c:\users\Webb\Desktop\ComboFix.exeCommand switches used :: c:\users\Webb\Desktop\CFScript.txtAV: avast! Antivirus *Disabled/Updated* {2B2D1395-420B-D5C9-657E-930FE358FC3C}FW: COMODO Firewall *Enabled* {7DB03214-694B-060B-1600-BD4715C36DBB}SP: avast! Antivirus *Disabled/Updated* {904CF271-6431-DA47-5FCE-A87D98DFB681}SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}..((((((((((((((((((((((((( Files Created from 2012-11-28 to 2012-12-31 )))))))))))))))))))))))))))))))..2012-12-31 14:30 . 2012-12-31 14:30 -------- d-----w- c:\users\test\AppData\Local\temp2012-12-31 14:30 . 2012-12-31 14:30 -------- d-----w- c:\users\test.HTPC\AppData\Local\temp2012-12-31 14:30 . 2012-12-31 14:30 -------- d-----w- c:\users\Default\AppData\Local\temp2012-12-31 01:53 . 2012-12-31 01:53 -------- d-----w- c:\program files (x86)\Common Files\Java2012-12-31 01:53 . 2012-12-31 01:52 95184 ----a-w- c:\windows\SysWow64\WindowsAccessBridge-32.dll2012-12-31 01:49 . 2012-12-31 01:49 76232 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{CBDA262E-5FCC-4B41-B1E7-7BEC5A2B2BA5}\offreg.dll2012-12-29 03:03 . 2012-12-29 03:03 -------- d-----w- c:\users\Webb\AppData\Roaming\Malwarebytes2012-12-29 03:03 . 2012-12-29 03:03 -------- d-----w- c:\programdata\Malwarebytes2012-12-29 03:03 . 2012-12-29 03:03 -------- d-----w- c:\program files (x86)\Malwarebytes' Anti-Malware2012-12-29 03:03 . 2012-12-14 22:49 24176 ----a-w- c:\windows\system32\drivers\mbam.sys2012-12-29 03:02 . 2012-12-29 03:02 -------- d-----w- c:\users\Webb\AppData\Local\Programs2012-12-28 18:41 . 2012-11-08 17:24 9125352 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{CBDA262E-5FCC-4B41-B1E7-7BEC5A2B2BA5}\mpengine.dll2012-12-21 13:54 . 2012-12-21 13:56 -------- d-----w- c:\program files (x86)\Google2012-12-21 09:00 . 2012-12-16 17:11 46080 ----a-w- c:\windows\system32\atmlib.dll2012-12-21 09:00 . 2012-12-16 14:13 34304 ----a-w- c:\windows\SysWow64\atmlib.dll2012-12-21 09:00 . 2012-12-16 14:45 367616 ----a-w- c:\windows\system32\atmfd.dll2012-12-21 09:00 . 2012-12-16 14:13 295424 ----a-w- c:\windows\SysWow64\atmfd.dll2012-12-11 19:07 . 2012-11-09 05:45 2048 ----a-w- c:\windows\system32\tzres.dll2012-12-11 19:07 . 2012-11-09 04:42 2048 ----a-w- c:\windows\SysWow64\tzres.dll2012-12-11 19:05 . 2012-10-04 16:47 274944 ----a-w- c:\windows\SysWow64\KernelBase.dll...(((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))).2012-12-31 01:52 . 2012-10-19 11:18 859072 ----a-w- c:\windows\SysWow64\npdeployJava1.dll2012-12-31 01:52 . 2010-04-25 02:57 779704 ----a-w- c:\windows\SysWow64\deployJava1.dll2012-12-12 11:13 . 2012-04-07 13:19 697272 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe2012-12-12 11:13 . 2011-05-21 19:42 73656 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl2012-12-12 09:01 . 2010-04-23 02:37 67413224 ----a-w- c:\windows\system32\MRT.exe2012-11-07 23:38 . 2010-04-09 06:25 94288 ----a-w- c:\windows\system32\drivers\inspect.sys2012-11-07 23:38 . 2010-04-09 06:25 38144 ----a-w- c:\windows\system32\drivers\cmdhlp.sys2012-11-07 23:37 . 2010-04-09 06:25 584056 ----a-w- c:\windows\system32\drivers\cmdGuard.sys2012-11-07 23:37 . 2010-04-09 06:25 22736 ----a-w- c:\windows\system32\drivers\cmderd.sys2012-11-07 23:37 . 2012-01-18 13:15 41240 ----a-w- c:\windows\system32\cmdcsr.dll2012-11-07 23:37 . 2010-04-09 06:26 301264 ----a-w- c:\windows\SysWow64\guard32.dll2012-11-07 23:37 . 2010-04-09 06:26 390392 ----a-w- c:\windows\system32\guard64.dll2012-10-30 23:51 . 2010-04-23 02:32 59728 ----a-w- c:\windows\system32\drivers\aswTdi.sys2012-10-30 23:51 . 2011-03-09 01:52 984144 ----a-w- c:\windows\system32\drivers\aswSnx.sys2012-10-30 23:51 . 2010-04-23 02:32 370288 ----a-w- c:\windows\system32\drivers\aswSP.sys2012-10-30 23:51 . 2010-04-23 02:32 71600 ----a-w- c:\windows\system32\drivers\aswMonFlt.sys2012-10-30 23:51 . 2010-04-23 02:32 25232 ----a-w- c:\windows\system32\drivers\aswFsBlk.sys2012-10-30 23:51 . 2010-07-24 02:43 41224 ----a-w- c:\windows\avastSS.scr2012-10-30 23:50 . 2010-04-23 02:31 227648 ----a-w- c:\windows\SysWow64\aswBoot.exe2012-10-30 23:50 . 2011-02-13 22:36 285328 ----a-w- c:\windows\system32\aswBoot.exe2012-10-19 15:29 . 2012-10-19 15:29 163056 ----a-w- c:\programdata\Microsoft\Windows\Sqm\Manifest\Sqm10142.bin2012-10-16 08:38 . 2012-11-27 18:55 135168 ----a-w- c:\windows\apppatch\AppPatch64\AcXtrnal.dll2012-10-16 08:38 . 2012-11-27 18:55 350208 ----a-w- c:\windows\apppatch\AppPatch64\AcLayers.dll2012-10-16 07:39 . 2012-11-27 18:55 561664 ----a-w- c:\windows\apppatch\AcLayers.dll2012-10-15 16:59 . 2012-04-07 13:20 54072 ----a-w- c:\windows\system32\drivers\aswRdr2.sys2012-10-09 18:17 . 2012-11-14 10:50 55296 ----a-w- c:\windows\system32\dhcpcsvc6.dll2012-10-09 18:17 . 2012-11-14 10:50 226816 ----a-w- c:\windows\system32\dhcpcore6.dll2012-10-09 17:40 . 2012-11-14 10:50 44032 ----a-w- c:\windows\SysWow64\dhcpcsvc6.dll2012-10-09 17:40 . 2012-11-14 10:50 193536 ----a-w- c:\windows\SysWow64\dhcpcore6.dll2012-10-04 20:29 . 2012-03-15 06:40 737072 ----a-w- c:\programdata\Microsoft\eHome\Packages\SportsV2\SportsTemplateCore-2\Microsoft.MediaCenter.Sports.UI.dll2012-10-04 20:28 . 2012-02-19 21:32 2876528 ----a-w- c:\programdata\Microsoft\eHome\Packages\MCEClientUX\UpdateableMarkup\markup.dll2012-10-04 20:28 . 2012-02-19 21:32 42776 ----a-w- c:\programdata\Microsoft\eHome\Packages\MCEClientUX\dSM\StartResources.dll2012-10-04 20:28 . 2012-02-19 21:32 539984 ----a-w- c:\programdata\Microsoft\eHome\Packages\MCESpotlight\MCESpotlight\SpotlightResources.dll2012-10-04 16:40 . 2012-12-11 19:05 44032 ----a-w- c:\windows\apppatch\acwow64.dll2012-10-03 17:56 . 2012-11-14 10:49 1914248 ----a-w- c:\windows\system32\drivers\tcpip.sys2012-10-03 17:44 . 2012-11-14 10:49 70656 ----a-w- c:\windows\system32\nlaapi.dll2012-10-03 17:44 . 2012-11-14 10:49 303104 ----a-w- c:\windows\system32\nlasvc.dll2012-10-03 17:44 . 2012-11-14 10:49 246272 ----a-w- c:\windows\system32\netcorehc.dll2012-10-03 17:44 . 2012-11-14 10:49 18944 ----a-w- c:\windows\system32\netevent.dll2012-10-03 17:44 . 2012-11-14 10:49 216576 ----a-w- c:\windows\system32\ncsi.dll2012-10-03 17:42 . 2012-11-14 10:49 569344 ----a-w- c:\windows\system32\iphlpsvc.dll2012-10-03 16:42 . 2012-11-14 10:49 175104 ----a-w- c:\windows\SysWow64\netcorehc.dll2012-10-03 16:42 . 2012-11-14 10:49 18944 ----a-w- c:\windows\SysWow64\netevent.dll2012-10-03 16:42 . 2012-11-14 10:49 156672 ----a-w- c:\windows\SysWow64\ncsi.dll2012-10-03 16:07 . 2012-11-14 10:49 45568 ----a-w- c:\windows\system32\drivers\tcpipreg.sys2010-12-07 22:27 . 2010-11-21 17:11 331249 ----a-w- c:\program files (x86)\Clown_BD_v0.79.exe..((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))..*Note* empty entries & legit default entries are not shownREGEDIT4.[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]"StartCCC"="c:\program files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2010-10-27 98304]"QuickTime Task"="c:\program files (x86)\QuickTime\QTTask.exe" [2010-11-29 421888]"WatcherHelper"="c:\program files (x86)\Sierra Wireless Inc\Watcher\WaHelper.exe" [2009-06-12 53248]"Adobe Reader Speed Launcher"="c:\program files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2012-07-31 38872]"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2012-07-11 919008]"avast"="c:\program files\Alwil Software\Avast5\avastUI.exe" [2012-10-30 4297136].[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\RunOnce]"osk.exe"="osk.exe" [2009-07-14 646144]"Application Restart 0"="c:\windows\System32\osk.exe" [2009-07-14 646144].c:\users\Webb\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ZvRemote.lnk - c:\program files (x86)\ZeeVee\ZvRemote\ZvRemote.exe [2010-2-10 1565944].c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\Air Mouse.lnk - c:\program files (x86)\Air Mouse\Air Mouse\Air Mouse.exe [2010-6-27 1018856]Media Browser Service.lnk - c:\program files (x86)\MediaBrowser\MediaBrowser\MediaBrowserService.exe [2012-1-14 135168]Windows Home Server.lnk - c:\windows\Installer\{21E49794-7C13-4E84-8659-55BD378267D5}\WHSTrayApp.exe [2012-1-2 666992].[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]"ConsentPromptBehaviorUser"= 3 (0x3)"EnableUIADesktopToggle"= 0 (0x0)"PromptOnSecureDesktop"= 0 (0x0).[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\windows]"LoadAppInit_DLLs"=1 (0x1).[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\CLPSLS]@="Service".R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys [2010-11-20 20992]R3 SandraAgentSrv;SiSoftware Deployment Agent Service;c:\program files\SiSoftware\SiSoftware Sandra Lite 2010c\RpcAgentSrv.exe [2009-08-24 93336]R3 Synth3dVsc;Synth3dVsc;c:\windows\system32\drivers\synth3dvsc.sys [x]R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [2010-11-20 59392]R3 tsusbhub;tsusbhub;c:\windows\system32\drivers\tsusbhub.sys [x]R3 USBAAPL64;Apple Mobile USB Driver;c:\windows\system32\Drivers\usbaapl64.sys [2011-02-18 51712]R3 VGPU;VGPU;c:\windows\system32\drivers\rdvgkmd.sys [x]R3 WatAdminSvc;Windows Activation Technologies Service;c:\windows\system32\Wat\WatAdminSvc.exe [2010-04-23 1255736]R4 wlcrasvc;Windows Live Mesh remote connections service;c:\program files\Windows Live\Mesh\wlcrasvc.exe [2010-09-23 57184]S1 aswSnx;aswSnx; [x]S1 aswSP;aswSP; [x]S1 cmdGuard;COMODO Internet Security Sandbox Driver;c:\windows\system32\DRIVERS\cmdguard.sys [2012-11-07 584056]S1 cmdHlp;COMODO Internet Security Helper Driver;c:\windows\system32\DRIVERS\cmdhlp.sys [2012-11-07 38144]S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe [2010-10-27 203776]S2 arXfrSvc;Windows Media Center TV Archive Transfer Service;c:\program files\Windows Home Server\Microsoft.HomeServer.Archive.TransferService.exe [2011-01-10 231280]S2 aswFsBlk;aswFsBlk; [x]S2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys [2012-10-30 71600]S2 CLPSLS;COMODO livePCsupport Service;c:\program files (x86)\COMODO\COMODO livePCsupport\CLPSLS.exe [2010-02-19 148744]S2 esClient;Windows Media Center Client Service;c:\program files\Windows Home Server\esClient.exe [2011-01-10 109936]S2 WHSConnector;Windows Home Server Connector Service;c:\program files\Windows Home Server\WHSConnector.exe [2011-01-10 489840]S3 AtiHDAudioService;ATI Function Driver for HD Audio Service;c:\windows\system32\drivers\AtihdW76.sys [2010-09-24 116752]S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys [2009-05-22 215040]..Contents of the 'Scheduled Tasks' folder.2012-12-31 c:\windows\Tasks\Adobe Flash Player Updater.job- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-04-07 11:13].2012-12-31 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2012-12-21 13:54].2012-12-31 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2012-12-21 13:54]..--------- X64 Entries -----------..[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]@="{472083B0-C522-11CF-8763-00608CC02F24}"[HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]2012-10-30 23:50 133400 ----a-w- c:\program files\Alwil Software\Avast5\ashShA64.dll.[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]"COMODO Internet Security"="c:\program files\COMODO\COMODO Internet Security\cfp.exe" [2012-11-07 9577680].------- Supplementary Scan -------.uLocal Page = c:\windows\system32\blank.htmmLocal Page = c:\windows\SysWOW64\blank.htmuInternet Settings,ProxyOverride = *.localTCP: DhcpNameServer = 192.168.1.1FF - ProfilePath - c:\users\Webb\AppData\Roaming\Mozilla\Firefox\Profiles\ek5gyir8.default\FF - prefs.js: browser.startup.homepage - www.google.com.- - - - ORPHANS REMOVED - - - -.Wow6432Node-HKCU-Run-gStart - c:\program files (x86)\Garmin\gStart.exeSafeBoot-06223878.sys...--------------------- LOCKED REGISTRY KEYS ---------------------.[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]@Denied: (A 2) (Everyone)@="FlashBroker""LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_5_502_135_ActiveX.exe,-101".[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]"Enabled"=dword:00000001.[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]@="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_5_502_135_ActiveX.exe".[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}".[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]@Denied: (A 2) (Everyone)@="IFlashBroker5".[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]@="{00020424-0000-0000-C000-000000000046}".[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}""Version"="1.0".[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]@Denied: (A 2) (Everyone)@="FlashBroker""LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_5_502_135_ActiveX.exe,-101".[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]"Enabled"=dword:00000001.[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_5_502_135_ActiveX.exe".[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}".[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]@Denied: (A 2) (Everyone)@="Shockwave Flash Object".[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_5_502_135.ocx""ThreadingModel"="Apartment".[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]@="0".[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]@="ShockwaveFlash.ShockwaveFlash.11".[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_5_502_135.ocx, 1".[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]@="{D27CDB6B-AE6D-11cf-96B8-444553540000}".[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]@="1.0".[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]@="ShockwaveFlash.ShockwaveFlash".[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]@Denied: (A 2) (Everyone)@="Macromedia Flash Factory Object".[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_5_502_135.ocx""ThreadingModel"="Apartment".[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]@="FlashFactory.FlashFactory.1".[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_5_502_135.ocx, 1".[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]@="{D27CDB6B-AE6D-11cf-96B8-444553540000}".[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]@="1.0".[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]@="FlashFactory.FlashFactory".[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]@Denied: (A 2) (Everyone)@="IFlashBroker5".[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]@="{00020424-0000-0000-C000-000000000046}".[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}""Version"="1.0".[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]@Denied: (A) (Users)@Denied: (A) (Everyone)@Allowed: (B 1 2 3 4 5) (S-1-5-20)"BlindDial"=dword:00000000.[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]@Denied: (Full) (Everyone).Completion time: 2012-12-31 08:32:27ComboFix-quarantined-files.txt 2012-12-31 14:32ComboFix2.txt 2012-12-30 14:11.Pre-Run: 97,690,898,432 bytes freePost-Run: 97,392,054,272 bytes free.- - End Of File - - B20D5A267C7EC9E84E2D218E7E8DBAF8 Link to post Share on other sites More sharing options...
Staff gringo_pr Posted December 31, 2012 Staff ID:628822 Share Posted December 31, 2012 Hello:P2P Warning!:IMPORTANT I notice there are signs of one or more P2P (Person to Person) File Sharing Programs on your computer.Please note that as long as you are using any form of Peer-to-Peer networking and downloading files from non-documented sources, you can expect infestations of malware to occurOnce upon a time, P2P file sharing was fairly safe. That is no longer true. P2P programs form a direct conduit on to your computer, their security measures are easily circumvented and malware writers are increasingly exploiting them to spread their wares on to your computer. Further to that, if your P2P program is not configured correctly, your computer may be sharing more files than you realize. There have been cases where people's passwords, address books and other personal, private, and financial details have been exposed to a file sharing network by a badly configured program.Please read these short reports on the dangers of peer-2-peer programs and file sharing.FBI Cyber Education LetterFile sharing infects 500,000 computersUSATodayinfoworldThese logs are looking allot better. But we still have some work to do.uninstall some programsNOTE** Because of the cleanup process some of the programs I have listed may not be in add/remove anymore this is fine just move to the next item on the list.You can remove these programs using add/remove or you can use the free uninstaller from Revo (it does allot better of a jobPrograms to remove µTorrentAdobe Reader 9.5.0Java™ 6 Update 23 (64-bit)Java™ 6 Update 37Please download and install Revo Uninstaller FreeDouble click Revo Uninstaller to run it.From the list of programs double click on The Program to removeWhen prompted if you want to uninstall click Yes.Be sure the Moderate option is selected then click Next.The program will run, If prompted again click Yes when the built-in uninstaller is finished click on Next.Once the program has searched for leftovers click Next.Check/tick the bolded items only on the list then click Deletewhen prompted click on Yes and then on next.put a check on any folders that are found and select deletewhen prompted select yes then on nextOnce done click Finish..Update Adobe readerRecently there have been vulnerabilities detected in older versions of Adobe Reader. It is strongly suggested that you update to the current version.You can download it from http://www.adobe.com/products/acrobat/readstep2.htmlAfter installing the latest Adobe Reader, uninstall all previous versions.If you already have Adobe Photoshop® Album Starter Edition installed or do not wish to have it installed UNcheck the box which says Also Download Adobe Photoshop® Album Starter Edition.If you don't like Adobe Reader (53 MB), you can download Foxit PDF Reader(7 MB) from here. It's a much smaller file to download and uses a lot less resources than Adobe Reader.Note: When installing FoxitReader, be careful not to install anything to do with AskBar.Install Java:Please go here to install Javaclick on the Free Java Download Buttonclick on Agree and start Free downloadclick on Runclick on run againclick on installwhen install is complete click on closeClean Out Temp FilesThis small application you may want to keep and use once a week to keep the computer clean.Download CCleaner from here http://www.ccleaner.com/Run the installer to install the application.When it gives you the option to install Yahoo toolbar uncheck the box next to it.Run CCleaner. (make sure under Windows tab all the boxes of Internet Explorer and Windows explorer are checked. Under System check Empty Recycle Bin and Temporary Files. Under Application tab all the boxes should be checked).Click Run Cleaner.Close CCleaner.: Malwarebytes' Anti-Malware :I see you have MBAM installed - I think this is a great program and would like you to run a quick scan at this timeDouble-click mbam icongo to the update tab at the topclick on check for updatesIf an update is found, it will download and install the latest version.Once the program has loaded, select Perform quick scan, then click Scan.When the scan is complete, click OK, then Show Results to view the results.Be sure that everything is Checked (ticked) except items in the C:\System Volume Information folder and click on Remove Selected.When completed, a log will open in Notepad. please copy and paste the log into your next reply If you accidentally close it, the log file is saved here and will be named like this:C:\Documents and Settings\Username\Application Data\Malwarebytes\Malwarebytes' Anti-Malware\Logs\mbam-log-date (time).txtNote: If MBAM encounters a file that is difficult to remove, you will be presented with 1 of 2 prompts.Click OK to either and let MBAM proceed with the disinfection process.If asked to restart the computer, please do so immediately. Failure to reboot will prevent MBAM from removing all the malware.Download HijackThis Go Here to download HijackThis program Save HijackThis to your desktop. Right Click on Hijackthis and select "Run as Admin" (XP users just need to double click to run) Click on "Do A system scan and save a logfile" (if you do not see "Do A system scan and save a logfile" then click on main menu) copy and paste hijackthis report into the topic"information and logs"In your next post I need the followingLog From MBAMreport from Hijackthislet me know of any problems you may have hadHow is the computer doing now?Gringo Link to post Share on other sites More sharing options...
supturb89 Posted December 31, 2012 Author ID:628842 Share Posted December 31, 2012 Gringo,I performed the steps you asked. Computer is running fine.Malwarebytes Anti-Malware 1.70.0.1100www.malwarebytes.orgDatabase version: v2012.12.31.05Windows 7 Service Pack 1 x64 NTFSInternet Explorer 8.0.7601.17514Webb :: HTPC [administrator]12/31/2012 9:24:09 AMmbam-log-2012-12-31 (09-24-09).txtScan type: Quick scanScan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUMScan options disabled: P2PObjects scanned: 234327Time elapsed: 2 minute(s), 9 second(s)Memory Processes Detected: 0(No malicious items detected)Memory Modules Detected: 0(No malicious items detected)Registry Keys Detected: 0(No malicious items detected)Registry Values Detected: 0(No malicious items detected)Registry Data Items Detected: 0(No malicious items detected)Folders Detected: 0(No malicious items detected)Files Detected: 0(No malicious items detected)(end)Logfile of Trend Micro HijackThis v2.0.4Scan saved at 9:32:20 AM, on 12/31/2012Platform: Windows 7 SP1 (WinNT 6.00.3505)MSIE: Internet Explorer v8.00 (8.00.7601.17514)Boot mode: NormalRunning processes:C:\Program Files (x86)\Garmin\gStart.exeC:\Program Files\Alwil Software\Avast5\AvastUI.exeC:\Program Files (x86)\ZeeVee\ZvRemote\ZvRemote.exeC:\Windows\SysWOW64\ctfmon.exeC:\Program Files (x86)\Mozilla Firefox\firefox.exeC:\Program Files (x86)\Mozilla Firefox\plugin-container.exeC:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_5_502_135.exeC:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_5_502_135.exeC:\Users\Webb\Desktop\HijackThis.exeR0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htmR1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.localR0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dllO2 - BHO: Java Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dllO2 - BHO: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\Alwil Software\Avast5\aswWebRepIE.dllO2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dllO2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dllO3 - Toolbar: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\Alwil Software\Avast5\aswWebRepIE.dllO4 - HKLM\..\Run: [startCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRunO4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottimeO4 - HKLM\..\Run: [WatcherHelper] "C:\Program Files (x86)\Sierra Wireless Inc\Watcher\WaHelper.exe"O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe"O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"O4 - HKLM\..\Run: [avast] "C:\Program Files\Alwil Software\Avast5\avastUI.exe" /noguiO4 - HKUS\S-1-5-18\..\RunOnce: [osk.exe] osk.exe (User 'SYSTEM')O4 - HKUS\S-1-5-18\..\RunOnce: [Application Restart #0] C:\Windows\System32\osk.exe (User 'SYSTEM')O4 - HKUS\.DEFAULT\..\RunOnce: [osk.exe] osk.exe (User 'Default user')O4 - Startup: ZvRemote.lnk = C:\Program Files (x86)\ZeeVee\ZvRemote\ZvRemote.exeO4 - Global Startup: Air Mouse.lnk = C:\Program Files (x86)\Air Mouse\Air Mouse\Air Mouse.exeO4 - Global Startup: Media Browser Service.lnk = C:\Program Files (x86)\MediaBrowser\MediaBrowser\MediaBrowserService.exeO4 - Global Startup: Windows Home Server.lnk = ?O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dllO10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dllO18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dllO23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exeO23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)O23 - Service: AMD External Events Utility - Unknown owner - C:\Windows\system32\atiesrxx.exe (file missing)O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\Alwil Software\Avast5\AvastSvc.exeO23 - Service: Bonjour Service - Apple Inc. - C:\Program Files (x86)\Bonjour\mDNSResponder.exeO23 - Service: COMODO livePCsupport Service (CLPSLS) - COMODO - C:\Program Files (x86)\COMODO\COMODO livePCsupport\CLPSLS.exeO23 - Service: COMODO Internet Security Helper Service (cmdAgent) - COMODO - C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exeO23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)O23 - Service: Google Update Service (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exeO23 - Service: Google Update Service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exeO23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exeO23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)O23 - Service: SiSoftware Deployment Agent Service (SandraAgentSrv) - SiSoftware - C:\Program Files\SiSoftware\SiSoftware Sandra Lite 2010c\RpcAgentSrv.exeO23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)--End of file - 8033 bytes Link to post Share on other sites More sharing options...
Staff gringo_pr Posted December 31, 2012 Staff ID:628851 Share Posted December 31, 2012 HelloThese logs are looking very good, we are almost done!!! Just one more scan to go.:Remove unneeded start-up entries:This part of the fix is purely optionalThese are programs that start up when you turn on your computer but don't need to be, any of these programs you can click on their icons (or start from the control panel) and start the program when you need it. By stopping these programs you will boot up faster and your computer will work faster.If you have any problems running Hijackthis see NOTE** below (Host file not read, blank notepad ...) Run HijackThis Click on the Scan button Put a check beside all of the items listed below (if present):O4 - HKLM\..\Run: [startCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRunO4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottimeO4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe"O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"O4 - Startup: ZvRemote.lnk = C:\Program Files (x86)\ZeeVee\ZvRemote\ZvRemote.exeO4 - Global Startup: Media Browser Service.lnk = C:\Program Files (x86)\MediaBrowser\MediaBrowser\MediaBrowserService.exe[*] Close all open windows and browsers/email, etc...[*] Click on the "Fix Checked" button[*] When completed, close the application.NOTE**You can research each of those lines >here< and see if you want to keep them or notjust copy the name between the brackets and paste into the search spaceO4 - HKLM\..\Run: [IntelliPoint]NOTE**sometimes we have to run it like this To run HijackThis as an administrator, right-click HijackThis.exe(located: C:\Program Files\Trend Micro\HiJackThis\HiJackThis.exe)<--32bit(located: C:\Program Files(86)\Trend Micro\HiJackThis\HiJackThis.exe)<--64bitand select to run as administratorEset Online Scanner**Note** You will need to use Internet explorer for this scan - Vista and win 7 right click on IE shortcut and run as adminGo Eset web page to run an online scanner from ESET. Turn off the real time scanner of any existing antivirus program while performing the online scanclick on the Run ESET Online Scanner buttonTick the box next to YES, I accept the Terms of Use.Click Start[*]When asked, allow the add/on to be installedClick Start[*]Make sure that the option Remove found threats is unticked[*]Click on Advanced Settings, ensure the optionsScan for potentially unwanted applications, Scan for potentially unsafe applications, and Enable Anti-Stealth Technology are ticked.[*]Click Scan[*]wait for the virus definitions to be downloaded[*]Wait for the scan to finishWhen the scan is completeIf no threats were foundput a checkmark in "Uninstall application on close"close programreport to me that nothing was foundIf threats were foundclick on "list of threats found"click on "export to text file" and save it as ESET SCAN and save to the desktopClick on backput a checkmark in "Uninstall application on close"click on finishclose programcopy and paste the report hereGringo Link to post Share on other sites More sharing options...
supturb89 Posted January 1, 2013 Author ID:629112 Share Posted January 1, 2013 Gringo,ESET found some threats. C:\Users\Webb\Downloads\MediaInfo_GUI_0.7.31_Windows_x64.exe Win32/OpenCandy applicationC:\Users\Webb\Downloads\MediaInfo_GUI_0.7.36_Windows_i386.exe Win32/OpenCandy application Link to post Share on other sites More sharing options...
Staff gringo_pr Posted January 1, 2013 Staff ID:629116 Share Posted January 1, 2013 HelloThere are some minor things in your online scan that should be removed. delete filesCopy all text in the quote box (below)...to Notepad.@echo offdel /f /s /q "C:\Users\Webb\Downloads\MediaInfo_GUI_0.7.31_Windows_x64.exe"del /f /s /q "C:\Users\Webb\Downloads\MediaInfo_GUI_0.7.36_Windows_i386.exe"del %0Save the Notepad file on your desktop...as delfile.bat... save type as "All Files"It should look like this: <--XP<--vistaDouble click on delfile.bat to execute it.A black CMD window will flash, then disappear...this is normal.The files and folders, if found...will have been deleted and the "delfile.bat" file will also be deleted. The rest of the Online scan is only reporting backups created during the course of this fix C:\Qoobox\Quarantine\, and/or items located in System Restore's cache C:\System Volume Information\, Whatever is in these folders can't harm you unless you choose to perform a manual restore. the following steps will remove these backups. Very well done!! This is my general post for when your logs show no more signs of malware - Please let me know if you still are having problems with your computer and what these problems are. :Why we need to remove some of our tools: Some of the tools we have used to clean your computer were made by fellow malware fighters and are very powerful and if used incorrectly or at the wronge time can make the computer an expensive paper weight.They are updated all the time and some of them more than once a day so by the time you are ready to use them again they will already be outdated.The following procedures will implement some cleanup procedures to remove these tools. It will also reset your System Restore by flushing out previous restore points and create a new restore point. It will also remove all the backups our tools may have made.:DeFogger:Note** Defogger only needs to be run if it was run when we first started. If you have not already run it then skip this.To re-enable your Emulation drivers, double click DeFogger to run the tool. The application window will appear Click the Re-enable button to re-enable your CD Emulation drivers Click Yes to continue A 'Finished!' message will appear Click OK DeFogger will now ask to reboot the machine - click OK.Your Emulation drivers are now re-enabled.:Uninstall ComboFix:turn off all active protection softwarepush the "windows key" + "R" (between the "Ctrl" button and "Alt" Button) please copy and past the following into the box ComboFix /Uninstall and click OK. Note the space between the X and the /Uninstall, it needs to be there.:Remove the rest of our tools:Please download OTCleanIt and save it to desktop. This tool will remove all the tools we used to clean your pc.Double-click OTCleanIt.exe.Click the CleanUp! button.Select Yes when the "Begin cleanup Process?" prompt appears.If you are prompted to Reboot during the cleanup, select Yes.The tool will delete itself once it finishes, if not delete it by yourself. If asked to restart the computer, please do soNote: If you receive a warning from your firewall or other security programs regarding OTCleanIt attempting to contact the internet, please allow it to do so.:The programs you can keep:Some of the programs that we have used would be a good idea to keep and used often in helping to keep the computer clean. I use these programs on my computer.Revo Uninstaller Free - this is the uninstaller that I had you download and works allot better than add/remove in windows and has saved me more than once from corrupted installs and uninstallsCCleaner - This is a good program to clean out temp files, I would use this once a week or before any malware scan to remove unwanted temp files - It has a built in registry cleaner but I would leave that alone and not use any registry cleanerMalwarebytes' Anti-Malware The Gold standerd today in antimalware scanners:Security programs:One of the questions I am asked all the time is "What programs do you use" I have at this time 4 computers in my home and I have this setup on all 4 of them.Microsoft Security Essentials - provides real-time protection for your home PC that guards against viruses, spyware, and other malicious software.WinPatrol As a robust security monitor, WinPatrol will alert you to hijackings, malware attacks and critical changes made to your computer without your permission. WinPatrol takes snapshot of your critical system resources and alerts you to any changes that may occur without your knowledge.Malwarebytes' Anti-Malware Malwarebytes' Anti-Malware is a new and powerful anti-malware tool. It istotally free but for real-time protection you will have to pay a small one-time fee. We used this to help clean your computer and recomend keeping it and using often. (I have upgraded to the paid version of MBAM and I am glad I did) Note** If you decide to install MSE you will need to uninstall your present Antivirus:Security awareness:The other question I am asked all the time is "How can I prevent this from happening again." and the short answer to that is to be aware of what is out there and how to start spotting dangers.Here are some articles that are must reads and should be read by everybody in your household that uses the internetinternetsafetyInternet Safety for KidsHere is some more reading for you from some of my collegesPC Safety and Security - What Do I Need? from my friends at Tech Support ForumCOMPUTER SECURITY - a short guide to staying safer online from my friends at Malware Removalquoted from Tech Support ForumConclusionThere is no such thing as ‘perfect security’. This applies to many things, not just computer systems. Using the above guide you should be able to take all the reasonable steps you can to prevent infection. However, the most important part of all this is you, the user. Surf sensibly and think before you download a file or click on a link. Take a few moments to assess the possible risks and you should be able to enjoy all the internet has to offer.I'd be grateful if you could reply to this post so that I know you have read it and, if you've no other questions, the thread can then be closed.I Will Keep This Open For About Three Days, If Anything Comes Up - Just Come Back And Let Me Know, after that time you will have to send me a PMMy help is free, however, if you wish to make a small donation to show your appreciation or to help me continue the fight against Malware, then click here --><-- Don't worry every little bit helps.Gringo Link to post Share on other sites More sharing options...
supturb89 Posted January 1, 2013 Author ID:629192 Share Posted January 1, 2013 Gringo,Thanks for all your help. My computer is running great.Aaron Link to post Share on other sites More sharing options...
Staff gringo_pr Posted January 1, 2013 Staff ID:629328 Share Posted January 1, 2013 you are more than welcomegringo Link to post Share on other sites More sharing options...
Recommended Posts