Jump to content

Please help with $Recycle.Bin&svchost.exe - No safemode


Recommended Posts

Hello, today I come to seek for help for this $Recycle.Bin promblem. This had kept me up and I had not yet fallen asleep due to this problem! Please I am looking for someone who could give me an easy step-by-step guide for this issue! I am not good with computers when it comes to these kind of problems, I am afraid I might make a mistake and damage my laptop as it is!

And as for the svchost problem, I had installed Malwarebytes Anti-Malware and each second it keeps poping up this error that is saying

"Malwarebytes Anti-Malware has blocked and quarantined a threat:

C:\Windows\svchost.exe

Trojan.Agent

Click here to display quarantine."

I would like to takecare of the $Recycle.Bin first since it is more dangerous..

Link to post
Share on other sites

Hello HMW0139 and :welcome:! My name is Maniac and I will be glad to help you solve your malware problem.

Please note:

  • If you are a paying customer, you have the privilege to contact the help desk at Consumer Support. If you choose this option to get help, please let me know.
  • I recommend you to keep the instructions I will be giving you so that they are available to you at any time. You can save them in a text file or print them.
  • Make sure you read all of the instructions and fixes thoroughly before continuing with them.
  • Follow my instructions strictly and don’t hesitate to stop and ask me if you have any questions.
  • Post your log files, don't attach them. Every log file should be copy/pasted in your next reply.
  • Do not perform any kind of scanning and fixing without my instructions. If you want to proceed on your own, please let me know.

Please follow the instructions here and post your log files:

http://forums.malwarebytes.org/index.php?showtopic=9573

Link to post
Share on other sites

Hello Maniac! Thank you for your cooperation! I do not have money, so I will take this option instead!

And as for the dds text, here it is! Do I post the Attach text as well?

DDS (Ver_2012-11-20.01) - NTFS_AMD64

Internet Explorer: 9.0.8112.16476 BrowserJavaVersion: 10.17.2

Run by Heavy Metal Miku at 8:35:32 on 2013-05-06

Microsoft Windows 7 Home Premium 6.1.7601.1.932.81.1033.18.3907.1815 [GMT -5:00]

.

AV: avast! Antivirus *Disabled/Outdated* {2B2D1395-420B-D5C9-657E-930FE358FC3C}

AV: Norton Internet Security *Disabled/Updated* {63DF5164-9100-186D-2187-8DC619EFD8BF}

SP: avast! Antivirus *Disabled/Outdated* {904CF271-6431-DA47-5FCE-A87D98DFB681}

SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

SP: Norton Internet Security *Disabled/Updated* {D8BEB080-B73A-17E3-1B37-B6B462689202}

FW: Norton Internet Security *Disabled* {5BE4D041-DB6F-1935-0AD8-24F3E73C9FC4}

.

============== Running Processes ===============

.

C:\Windows\system32\lsm.exe

C:\Windows\system32\svchost.exe -k DcomLaunch

C:\Windows\system32\svchost.exe -k RPCSS

C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted

C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted

C:\Windows\system32\svchost.exe -k LocalService

C:\Windows\system32\svchost.exe -k netsvcs

C:\Windows\system32\svchost.exe -k NetworkService

C:\Windows\system32\WLANExt.exe

C:\Program Files\AVAST Software\Avast\AvastSvc.exe

C:\Windows\System32\spoolsv.exe

C:\Program Files (x86)\Adobe\Elements 9 Organizer\PhotoshopElementsFileAgent.exe

c:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe

C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE

C:\Windows\System32\svchost.exe -k LocalServiceNoNetwork

C:\Program Files (x86)\Launch Manager\dsiwmis.exe

C:\Program Files\Acer\Acer ePower Management\ePowerSvc.exe

C:\Program Files (x86)\Launch Manager\LMutilps32.exe

C:\Program Files (x86)\Acer\Registration\GREGsvc.exe

C:\Program Files\Acer\Acer Updater\UpdaterService.exe

C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe

C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe

C:\Program Files (x86)\Norton Internet Security\Engine\19.1.0.28\ccSvcHst.exe

C:\Program Files (x86)\NTI\Acer Backup Manager\IScheduleSvc.exe

C:\Windows\SysWOW64\PnkBstrA.exe

C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe

C:\Windows\system32\taskhost.exe

C:\Windows\system32\Dwm.exe

C:\Windows\Explorer.EXE

C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe

C:\Windows\system32\svchost.exe -k imgsvc

C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe

C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe

C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE

C:\Windows\system32\taskeng.exe

C:\Windows\System32\igfxtray.exe

C:\Windows\System32\hkcmd.exe

C:\Windows\System32\igfxpers.exe

C:\Program Files (x86)\Acer\clear.fi\MVP\clear.fiAgent.exe

C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe

C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe

C:\Program Files (x86)\Acer\clear.fi\MVP\.\Kernel\DMR\DMREngine.exe

C:\Program Files\Synaptics\SynTP\SynTPEnh.exe

C:\Program Files\Acer\Acer ePower Management\ePowerTray.exe

C:\PROGRAM FILES\SYNAPTICS\SYNTP\SYNTPHELPER.EXE

C:\Windows\system32\igfxext.exe

C:\Windows\system32\igfxsrvc.exe

C:\Windows\system32\wbem\unsecapp.exe

C:\Windows\system32\wbem\wmiprvse.exe

C:\Windows\system32\SearchIndexer.exe

C:\Users\Heavy Metal Miku\AppData\Roaming\SanDisk\Sansa Updater\SansaDispatch.exe

C:\Program Files\Acer\Acer ePower Management\ePowerEvent.exe

C:\Program Files (x86)\BitTorrent\BitTorrent.exe

C:\Program Files (x86)\DuckLink\DuckCapture\DuckCapture.exe

C:\Program Files (x86)\Sony\Content Manager Assistant\CMA.exe

C:\Program Files (x86)\NTI\Acer Backup Manager\BackupManagerTray.exe

C:\Dolby PCEE4\pcee4.exe

C:\Program Files (x86)\Launch Manager\LManager.exe

C:\Program Files (x86)\Acer\clear.fi\Movie\clear.fiMovieService.exe

C:\Program Files (x86)\Sony\Content Manager Assistant\CMAWatcher.exe

C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation

C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe

C:\Program Files\AVAST Software\Avast\AvastUI.exe

C:\Program Files (x86)\Launch Manager\MMDx64Fx.exe

C:\Program Files (x86)\Launch Manager\LMworker.exe

C:\Program Files (x86)\Mozilla Firefox\firefox.exe

C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe

C:\Program Files\Windows Media Player\wmpnetwk.exe

C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe

C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe

C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_7_700_169.exe

C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_7_700_169.exe

C:\Program Files (x86)\Common Files\Java\Java Update\jucheck.exe

C:\Program Files\EgisTec IPS\PMMUpdate.exe

C:\Program Files\EgisTec IPS\EgisUpdate.exe

C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbam.exe

C:\Windows\system32\vssvc.exe

C:\Windows\System32\svchost.exe -k swprv

C:\Windows\SysWOW64\NOTEPAD.EXE

C:\Windows\system32\SearchProtocolHost.exe

C:\Windows\system32\SearchFilterHost.exe

C:\Windows\system32\wbem\wmiprvse.exe

C:\Windows\System32\cscript.exe

.

============== Pseudo HJT Report ===============

.

uStart Page = hxxp://search.conduit.com?SearchSource=10&ctid=CT2801948

uSearch Bar = hxxp://www.google.com/ie

uSearch Page = hxxp://www.google.com

uDefault_Page_URL = hxxp://acer.msn.com

uDefault_Search_URL = hxxp://www.google.com/ie

mStart Page = hxxp://acer.msn.com

mDefault_Page_URL = hxxp://acer.msn.com

uSearchAssistant = hxxp://www.google.com/ie

uSearchURL,(Default) = hxxp://www.google.com/search?q=%s

mWinlogon: Userinit = userinit.exe,

BHO: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll

BHO: Norton Identity Protection: {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files (x86)\Norton Internet Security\Engine\19.1.0.28\CoIEPlg.dll

BHO: Norton Vulnerability Protection: {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files (x86)\Norton Internet Security\Engine\19.1.0.28\IPS\IPSBHO.dll

BHO: Java Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll

BHO: avast! Online Security: {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll

BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll

BHO: Skype Browser Helper: {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll

BHO: Bing Bar Helper: {d2ce3e00-f94a-4740-988e-03dc2f38c34f} -

BHO: Java Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll

TB: Bing Bar: {8dcb7100-df86-4384-8842-8fa844297b3f} -

TB: Norton Toolbar: {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Internet Security\Engine\19.1.0.28\CoIEPlg.dll

TB: avast! Online Security: {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll

uRun: [sansaDispatch] C:\Users\Heavy Metal Miku\AppData\Roaming\SanDisk\Sansa Updater\SansaDispatch.exe

uRun: [bitTorrent] "C:\Program Files (x86)\BitTorrent\BitTorrent.exe" /MINIMIZED

uRun: [DuckCapture] "C:\Program Files (x86)\DuckLink\DuckCapture\DuckCapture.exe" /autorun

uRun: [DAEMON Tools Lite] "C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun

uRun: [GoogleChromeAutoLaunch_31CA42A8BD0706FB99B52FCA9D6C359A] "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --no-startup-window

mRun: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"

mRun: [backupManagerTray] "C:\Program Files (x86)\NTI\Acer Backup Manager\BackupManagerTray.exe" -h -k

mRun: [Dolby Advanced Audio v2] "C:\Dolby PCEE4\pcee4.exe" -autostart

mRun: [LManager] C:\Program Files (x86)\Launch Manager\LManager.exe

mRun: [ArcadeMovieService] "C:\Program Files (x86)\Acer\clear.fi\Movie\clear.fiMovieService.exe"

mRun: [suiteTray] "C:\Program Files (x86)\EgisTec MyWinLockerSuite\x86\SuiteTray.exe"

mRun: [Wondershare Helper Compact.exe] C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe

mRun: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"

mRun: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime

mRun: [sunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"

mRun: [avast] "C:\Program Files\AVAST Software\Avast\avastUI.exe" /nogui

dRunOnce: [isMyWinLockerReboot] msiexec.exe /qn /x{voidguid}

StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\CONTEN~1.LNK - C:\Program Files (x86)\Sony\Content Manager Assistant\CMA.exe

mPolicies-Explorer: NoActiveDesktop = dword:1

mPolicies-System: ConsentPromptBehaviorAdmin = dword:0

mPolicies-System: ConsentPromptBehaviorUser = dword:3

mPolicies-System: EnableLUA = dword:0

mPolicies-System: EnableUIADesktopToggle = dword:0

mPolicies-System: PromptOnSecureDesktop = dword:0

IE: Add to Google Photos Screensa&ver - C:\Windows\System32\GPhotos.scr/200

IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll

IE: {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll

LSP: mswsock.dll

TCP: NameServer = 192.168.1.1

TCP: Interfaces\{07ADFD23-9263-42A8-BEE5-BC72B988C78D} : NameServer = 192.168.1.13

TCP: Interfaces\{32642FBE-3AD4-4709-B711-4C00C789727B} : DHCPNameServer = 192.168.1.1

Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll

Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll

Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll

SSODL: WebCheck - <orphaned>

mASetup: {8A69D345-D564-463c-AFF1-A69D9E530F96} - "C:\Program Files (x86)\Google\Chrome\Application\26.0.1410.64\Installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level --multi-install --chrome

x64-mStart Page = hxxp://acer.msn.com

x64-mDefault_Page_URL = hxxp://acer.msn.com

x64-BHO: avast! Online Security: {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll

x64-BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll

x64-BHO: Skype add-on for Internet Explorer: {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll

x64-TB: avast! Online Security: {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll

x64-Run: [igfxTray] C:\Windows\System32\igfxtray.exe

x64-Run: [HotKeysCmds] C:\Windows\System32\hkcmd.exe

x64-Run: [Persistence] C:\Windows\System32\igfxpers.exe

x64-Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe -s

x64-Run: [RtHDVBg_Dolby] C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe /FORPCEE4

x64-Run: [synTPEnh] C:\Program Files (x86)\Synaptics\SynTP\SynTPEnh.exe

x64-Run: [Power Management] C:\Program Files\Acer\Acer ePower Management\ePowerTray.exe

x64-Run: [AdobeAAMUpdater-1.0] "C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe"

x64-IE: {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll

x64-Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll

x64-Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - <orphaned>

x64-Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - <orphaned>

x64-Notify: igfxcui - igfxdev.dll

x64-SSODL: WebCheck - <orphaned>

.

================= FIREFOX ===================

.

FF - ProfilePath - C:\Users\Heavy Metal Miku\AppData\Roaming\Mozilla\Firefox\Profiles\dll6rgnn.default\

FF - prefs.js: browser.search.selectedEngine - NCH EN Customized Web Search

FF - prefs.js: browser.startup.homepage - google.com

FF - prefs.js: keyword.URL - hxxp://search.conduit.com/ResultsExt.aspx?SSPV=FFOLD1SB&ctid=CT2801948&SearchSource=2&q=

FF - prefs.js: network.proxy.http - 217.11.177.26

FF - prefs.js: network.proxy.http_port - 3128

FF - prefs.js: network.proxy.type - 0

FF - plugin: C:\PROGRA~2\MICROS~4\Office14\NPSPWRAP.DLL

FF - plugin: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll

FF - plugin: C:\Program Files (x86)\Battlelog Web Plugins\1.138.0\npesnlaunch.dll

FF - plugin: C:\Program Files (x86)\Battlelog Web Plugins\1.140.0\npesnlaunch.dll

FF - plugin: C:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.4\npesnsonar.dll

FF - plugin: C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll

FF - plugin: C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll

FF - plugin: C:\Program Files (x86)\Google\Update\1.3.21.135\npGoogleUpdate3.dll

FF - plugin: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll

FF - plugin: C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\0\NP_wtapp.dll

FF - plugin: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll

FF - plugin: C:\Users\Heavy Metal Miku\AppData\Roaming\Mozilla\Firefox\Profiles\dll6rgnn.default\extensions\battlefieldplay4free@ea.com\plugins\npBP4FUpdater.dll

FF - plugin: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_5_502_110.dll

FF - plugin: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_7_700_169.dll

FF - plugin: C:\Windows\SysWOW64\npDeployJava1.dll

FF - plugin: C:\Windows\SysWOW64\npmproxy.dll

FF - ExtSQL: 2013-05-06 04:38; wrc@avast.com; C:\Program Files\AVAST Software\Avast\WebRep\FF

.

---- FIREFOX POLICIES ----

FF - user.js: extensions.BabylonToolbar_i.babTrack - affID=109935&tt=050412_30b

FF - user.js: extensions.BabylonToolbar_i.babExt -

FF - user.js: extensions.BabylonToolbar_i.srcExt - ss

FF - user.js: extensions.BabylonToolbar_i.id - c04b0e1e000000000000226a8a6a60b1

FF - user.js: extensions.BabylonToolbar_i.hardId - c04b0e1e000000000000226a8a6a60b1

FF - user.js: extensions.BabylonToolbar_i.instlDay - 15437

FF - user.js: extensions.BabylonToolbar_i.vrsn - 1.5.3.17

FF - user.js: extensions.BabylonToolbar_i.vrsni - 1.5.3.17

FF - user.js: extensions.BabylonToolbar_i.vrsnTs - 1.5.3.175:06:43

FF - user.js: extensions.BabylonToolbar_i.prtnrId - babylon

FF - user.js: extensions.BabylonToolbar_i.prdct - BabylonToolbar

FF - user.js: extensions.BabylonToolbar_i.aflt - babsst

FF - user.js: extensions.BabylonToolbar_i.smplGrp - none

FF - user.js: extensions.BabylonToolbar_i.tlbrId - tb9

FF - user.js: extensions.BabylonToolbar_i.instlRef - sst

.

============= SERVICES / DRIVERS ===============

.

R0 93093138;93093138;C:\Windows\System32\drivers\93093138.sys [2013-5-6 460888]

R0 aswRvrt;aswRvrt;C:\Windows\System32\drivers\aswRvrt.sys [2013-5-6 65336]

R0 aswVmm;aswVmm;C:\Windows\System32\drivers\aswVmm.sys [2013-5-6 189936]

R0 PxHlpa64;PxHlpa64;C:\Windows\System32\drivers\PxHlpa64.sys [2012-8-8 55856]

R0 SymDS;Symantec Data Store;C:\Windows\System32\drivers\NISx64\1301000.01C\SymDS64.sys [2012-11-3 451192]

R0 SymEFA;Symantec Extended File Attributes;C:\Windows\System32\drivers\NISx64\1301000.01C\SymEFA64.sys [2012-11-3 1084536]

R1 4170085drv;4170085drv;C:\Windows\System32\drivers\4170085drv.sys [2013-5-6 556632]

R1 aswSnx;aswSnx;C:\Windows\System32\drivers\aswSnx.sys [2013-5-6 1025808]

R1 aswSP;aswSP;C:\Windows\System32\drivers\aswSP.sys [2013-5-6 378432]

R1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;C:\Windows\System32\drivers\dtsoftbus01.sys [2012-12-5 283200]

R1 IDSVia64;IDSVia64;C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.1.0.28\Definitions\IPSDefs\20110726.001\IDSviA64.sys [2012-11-3 488568]

R1 mwlPSDFilter;mwlPSDFilter;C:\Windows\System32\drivers\mwlPSDFilter.sys [2011-12-8 22648]

R1 mwlPSDNServ;mwlPSDNServ;C:\Windows\System32\drivers\mwlPSDNserv.sys [2011-12-8 20520]

R1 mwlPSDVDisk;mwlPSDVDisk;C:\Windows\System32\drivers\mwlPSDVDisk.sys [2011-12-8 62776]

R1 SymNetS;Symantec Network Security WFP Driver;C:\Windows\System32\drivers\NISx64\1301000.01C\symnets.sys [2012-11-3 401016]

R2 AdobeActiveFileMonitor9.0;Adobe Active File Monitor V9;C:\Program Files (x86)\Adobe\Elements 9 Organizer\PhotoshopElementsFileAgent.exe [2010-9-30 169408]

R2 aswFsBlk;aswFsBlk;C:\Windows\System32\drivers\aswFsBlk.sys [2013-5-6 33400]

R2 aswMonFlt;aswMonFlt;C:\Windows\System32\drivers\aswMonFlt.sys [2013-5-6 80816]

R2 avast! Antivirus;avast! Antivirus;C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2013-5-6 46808]

R2 BBUpdate;BBUpdate;C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE [2011-5-12 249648]

R2 cvhsvc;Client Virtualization Handler;C:\Program Files (x86)\Common Files\microsoft shared\Virtualization Handler\CVHSVC.EXE [2012-1-4 822624]

R2 DsiWMIService;Dritek WMI Service;C:\Program Files (x86)\Launch Manager\dsiwmis.exe [2011-12-8 352336]

R2 ePowerSvc;ePower Service;C:\Program Files\Acer\Acer ePower Management\ePowerSvc.exe [2011-12-8 872552]

R2 GREGService;GREGService;C:\Program Files (x86)\Acer\Registration\GREGsvc.exe [2011-5-29 36456]

R2 Live Updater Service;Live Updater Service;C:\Program Files\Acer\Acer Updater\UpdaterService.exe [2011-10-18 255376]

R2 MBAMScheduler;MBAMScheduler;C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [2013-5-6 418376]

R2 MBAMService;MBAMService;C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [2013-5-6 701512]

R2 NIS;Norton Internet Security;C:\Program Files (x86)\Norton Internet Security\Engine\19.1.0.28\ccSvcHst.exe [2012-11-3 138760]

R2 NTI IScheduleSvc;NTI IScheduleSvc;C:\Program Files (x86)\NTI\Acer Backup Manager\IScheduleSvc.exe [2011-4-23 256832]

R2 sftlist;Application Virtualization Client;C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe [2011-10-1 508776]

R2 Skype C2C Service;Skype C2C Service;C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe [2013-4-15 3289208]

R2 UNS;Intel® Management and Security Application User Notification Service;C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe [2011-12-8 2656280]

R3 b57xdbd;Broadcom xD Picture Bus Driver Service;C:\Windows\System32\drivers\b57xdbd.sys [2010-12-11 67112]

R3 b57xdmp;Broadcom xD Picture vstorp client drv;C:\Windows\System32\drivers\b57xdmp.sys [2010-12-11 19496]

R3 bScsiMSa;bScsiMSa;C:\Windows\System32\drivers\bScsiMSa.sys [2010-12-10 35368]

R3 bScsiSDa;bScsiSDa;C:\Windows\System32\drivers\bScsiSDa.sys [2010-12-11 85544]

R3 IntcDAud;Intel® Display Audio;C:\Windows\System32\drivers\IntcDAud.sys [2011-12-8 317440]

R3 k57nd60a;Broadcom NetLink Gigabit Ethernet - NDIS 6.0;C:\Windows\System32\drivers\k57nd60a.sys [2010-11-1 410152]

R3 MBAMProtector;MBAMProtector;C:\Windows\System32\drivers\mbam.sys [2013-5-6 25928]

R3 Sftfs;Sftfs;C:\Windows\System32\drivers\Sftfslh.sys [2011-10-1 764264]

R3 Sftplay;Sftplay;C:\Windows\System32\drivers\Sftplaylh.sys [2011-10-1 268648]

R3 Sftredir;Sftredir;C:\Windows\System32\drivers\Sftredirlh.sys [2011-10-1 25960]

R3 Sftvol;Sftvol;C:\Windows\System32\drivers\Sftvollh.sys [2011-10-1 22376]

R3 sftvsa;Application Virtualization Service Agent;C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe [2011-10-1 219496]

R3 TotRec8;Total Recorder WDM audio filter driver;C:\Windows\System32\drivers\TotRec8.sys [2013-1-17 124176]

RUnknown asdnet;asdnet; [x]

RUnknown asdws;asdws; [x]

S1 BHDrvx64;BHDrvx64;C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.1.0.28\Definitions\BASHDefs\20110723.001\BHDrvx64.sys [2012-11-3 1151096]

S1 ccSet_NIS;Norton Internet Security Settings Manager;C:\Windows\System32\drivers\NISx64\1301000.01C\ccSetx64.sys [2012-11-3 167048]

S1 SymIRON;Symantec Iron Driver;C:\Windows\System32\drivers\NISx64\1301000.01C\Ironx64.sys [2012-11-3 189560]

S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]

S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576]

S2 SkypeUpdate;Skype Updater;C:\Program Files (x86)\Skype\Updater\Updater.exe [2013-2-28 161384]

S3 BBSvc;Bing Bar Update Service;C:\Program Files (x86)\Microsoft\BingBar\BBSvc.EXE [2011-6-7 191752]

S3 EgisTec Ticket Service;EgisTec Ticket Service;C:\Program Files (x86)\Common Files\EgisTec\Services\EgisTicketService.exe [2011-6-21 173424]

S3 GamesAppService;GamesAppService;C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe [2010-10-12 206072]

S3 npggsvc;nProtect GameGuard Service;C:\Windows\System32\GameMon.des -service --> C:\Windows\System32\GameMon.des -service [?]

S3 TsUsbFlt;TsUsbFlt;C:\Windows\System32\drivers\TsUsbFlt.sys [2010-11-20 59392]

S3 TsUsbGD;Remote Desktop Generic USB Device;C:\Windows\System32\drivers\TsUsbGD.sys [2010-11-20 31232]

S3 WatAdminSvc;Windows Activation Technologies Service;C:\Windows\System32\Wat\WatAdminSvc.exe [2012-3-10 1255736]

S4 wlcrasvc;Windows Live Mesh remote connections service;C:\Program Files\Windows Live\Mesh\wlcrasvc.exe [2010-9-22 57184]

SUnknown asdrm;asdrm; [x]

.

=============== Created Last 30 ================

.

2013-05-06 12:50:48 -------- d-sh--w- C:\found.001

2013-05-06 12:07:42 -------- d-----w- C:\Program Files (x86)\ESET

2013-05-06 09:39:13 72016 ----a-w- C:\Windows\System32\drivers\aswRdr2.sys

2013-05-06 09:39:12 189936 ----a-w- C:\Windows\System32\drivers\aswVmm.sys

2013-05-06 09:39:12 1025808 ----a-w- C:\Windows\System32\drivers\aswSnx.sys

2013-05-06 09:39:11 80816 ----a-w- C:\Windows\System32\drivers\aswMonFlt.sys

2013-05-06 09:39:11 65336 ----a-w- C:\Windows\System32\drivers\aswRvrt.sys

2013-05-06 09:37:42 41664 ----a-w- C:\Windows\avastSS.scr

2013-05-06 09:31:52 -------- d-----w- C:\Users\Heavy Metal Miku\AppData\Roaming\Malwarebytes

2013-05-06 09:31:36 -------- d-----w- C:\ProgramData\Malwarebytes

2013-05-06 09:31:34 25928 ----a-w- C:\Windows\System32\drivers\mbam.sys

2013-05-06 09:31:34 -------- d-----w- C:\Program Files (x86)\Malwarebytes' Anti-Malware

2013-05-06 09:31:21 -------- d-----w- C:\Users\Heavy Metal Miku\AppData\Local\Programs

2013-05-06 08:37:58 -------- d-----w- C:\ProgramData\Kaspersky Lab

2013-05-06 08:31:46 556632 ----a-w- C:\Windows\System32\drivers\4170085drv.sys

2013-05-06 08:31:46 460888 ----a-w- C:\Windows\System32\drivers\93093138.sys

2013-05-06 07:34:44 -------- d-----w- C:\Users\Heavy Metal Miku\AppData\Roaming\Anvisoft

2013-05-06 07:34:00 -------- d-----w- C:\ProgramData\Anvisoft

2013-05-06 07:33:55 -------- d-----w- C:\Program Files (x86)\Anvisoft

2013-05-06 06:41:26 -------- d-sh--w- C:\Windows\SysWow64\%APPDATA%

2013-05-05 07:46:47 76232 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{D081C12D-44EC-4A13-938C-70DBEF4D5F7B}\offreg.dll

2013-05-03 18:52:18 9317456 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{D081C12D-44EC-4A13-938C-70DBEF4D5F7B}\mpengine.dll

2013-04-23 21:44:02 1656680 ----a-w- C:\Windows\System32\drivers\ntfs.sys

2013-04-15 20:32:30 6128760 ----a-w- C:\Program Files (x86)\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}\components\SkypeFfComponent.dll

2013-04-15 20:32:30 6128760 ----a-w- C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}\components\SkypeFfComponent.dll

2013-04-14 20:54:31 95648 ----a-w- C:\Windows\SysWow64\WindowsAccessBridge-32.dll

2013-04-13 18:30:06 0 ----a-w- C:\Windows\SysWow64\sho4329.tmp

2013-04-13 15:49:17 -------- d-----w- C:\Users\Heavy Metal Miku\AppData\Local\Line

2013-04-13 15:47:41 -------- d-----w- C:\Program Files (x86)\Naver

2013-04-12 02:52:10 26520 ----a-w- C:\Program Files (x86)\Mozilla Firefox\plugin-hang-ui.exe

2013-04-10 21:36:04 3153408 ----a-w- C:\Windows\System32\win32k.sys

2013-04-10 21:35:44 3717632 ----a-w- C:\Windows\System32\mstscax.dll

2013-04-10 21:35:43 44032 ----a-w- C:\Windows\System32\tsgqec.dll

2013-04-10 21:35:43 36864 ----a-w- C:\Windows\SysWow64\tsgqec.dll

2013-04-10 21:35:43 3217408 ----a-w- C:\Windows\SysWow64\mstscax.dll

2013-04-10 21:35:43 158720 ----a-w- C:\Windows\System32\aaclient.dll

2013-04-10 21:35:43 131584 ----a-w- C:\Windows\SysWow64\aaclient.dll

2013-04-10 21:35:27 223752 ----a-w- C:\Windows\System32\drivers\fvevol.sys

2013-04-07 18:18:58 -------- d-----w- C:\Users\Heavy Metal Miku\AppData\Local\{EE53C263-CB5D-4643-AE96-7BCA0016C577}

.

==================== Find3M ====================

.

2013-05-02 07:06:08 278800 ------w- C:\Windows\System32\MpSigStub.exe

2013-04-24 20:38:01 691592 ----a-w- C:\Windows\SysWow64\FlashPlayerApp.exe

2013-04-24 20:38:00 71048 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl

2013-04-14 20:54:08 861088 ----a-w- C:\Windows\SysWow64\npDeployJava1.dll

2013-04-14 20:54:08 782240 ----a-w- C:\Windows\SysWow64\deployJava1.dll

2013-04-02 14:09:52 4550656 ----a-w- C:\Windows\SysWow64\GPhotos.scr

2013-02-26 16:00:32 0 ----a-w- C:\Windows\SysWow64\sho3C80.tmp

2013-02-22 06:27:49 2312704 ----a-w- C:\Windows\System32\jscript9.dll

2013-02-22 06:20:51 1392128 ----a-w- C:\Windows\System32\wininet.dll

2013-02-22 06:19:37 1494528 ----a-w- C:\Windows\System32\inetcpl.cpl

2013-02-22 06:15:48 173056 ----a-w- C:\Windows\System32\ieUnatt.exe

2013-02-22 06:15:23 599040 ----a-w- C:\Windows\System32\vbscript.dll

2013-02-22 06:12:41 2382848 ----a-w- C:\Windows\System32\mshtml.tlb

2013-02-22 03:46:00 1800704 ----a-w- C:\Windows\SysWow64\jscript9.dll

2013-02-22 03:38:00 1129472 ----a-w- C:\Windows\SysWow64\wininet.dll

2013-02-22 03:37:50 1427968 ----a-w- C:\Windows\SysWow64\inetcpl.cpl

2013-02-22 03:34:17 142848 ----a-w- C:\Windows\SysWow64\ieUnatt.exe

2013-02-22 03:34:03 420864 ----a-w- C:\Windows\SysWow64\vbscript.dll

2013-02-22 03:31:46 2382848 ----a-w- C:\Windows\SysWow64\mshtml.tlb

2013-02-14 10:41:56 0 ----a-w- C:\Windows\SysWow64\sho7A78.tmp

2013-02-12 05:45:24 135168 ----a-w- C:\Windows\apppatch\AppPatch64\AcXtrnal.dll

2013-02-12 05:45:22 350208 ----a-w- C:\Windows\apppatch\AppPatch64\AcLayers.dll

2013-02-12 05:45:22 308736 ----a-w- C:\Windows\apppatch\AppPatch64\AcGenral.dll

2013-02-12 05:45:22 111104 ----a-w- C:\Windows\apppatch\AppPatch64\acspecfc.dll

2013-02-12 04:48:31 474112 ----a-w- C:\Windows\apppatch\AcSpecfc.dll

2013-02-12 04:48:26 2176512 ----a-w- C:\Windows\apppatch\AcGenral.dll

2013-02-12 04:12:06 19968 ----a-w- C:\Windows\System32\drivers\usb8023x.sys

2013-02-12 04:12:05 19968 ----a-w- C:\Windows\System32\drivers\usb8023.sys

.

============= FINISH: 8:36:16.58 ===============

Link to post
Share on other sites

Oh, of course. Here is the Attach text. Sorry I'm really tired, and I have gone throughout the night trying to get rid of this issue..

.

UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.

IF REQUESTED, ZIP IT UP & ATTACH IT

.

DDS (Ver_2012-11-20.01)

.

Microsoft Windows 7 Home Premium

Boot Device: \Device\HarddiskVolume2

Install Date: 3/7/2012 6:15:09 PM

System Uptime: 5/6/2013 8:02:48 AM (0 hours ago)

.

Motherboard: Acer | | Aspire 4752

Processor: Intel® Pentium® CPU B960 @ 2.20GHz | CPU | 792/100mhz

.

==== Disk Partitions =========================

.

C: is FIXED (NTFS) - 450 GiB total, 16.369 GiB free.

D: is CDROM ()

F: is CDROM (CDFS)

G: is CDROM ()

H: is CDROM (UDF)

.

==== Disabled Device Manager Items =============

.

Class GUID: {8ECC055D-047F-11D1-A537-0000F8753ED1}

Description: BHDrvx64

Device ID: ROOT\LEGACY_BHDRVX64\0000

Manufacturer:

Name: BHDrvx64

PNP Device ID: ROOT\LEGACY_BHDRVX64\0000

Service: BHDrvx64

.

Class GUID: {8ECC055D-047F-11D1-A537-0000F8753ED1}

Description: Norton Internet Security Settings Manager

Device ID: ROOT\LEGACY_CCSET_NIS\0000

Manufacturer:

Name: Norton Internet Security Settings Manager

PNP Device ID: ROOT\LEGACY_CCSET_NIS\0000

Service: ccSet_NIS

.

Class GUID: {8ECC055D-047F-11D1-A537-0000F8753ED1}

Description: Symantec Iron Driver

Device ID: ROOT\LEGACY_SYMIRON\0000

Manufacturer:

Name: Symantec Iron Driver

PNP Device ID: ROOT\LEGACY_SYMIRON\0000

Service: SymIRON

.

==== System Restore Points ===================

.

RP350: 5/6/2013 2:57:56 AM - avast! Free Antivirus Setup

RP351: 5/6/2013 4:36:21 AM - avast! Free Antivirus Setup

RP352: 5/6/2013 7:15:31 AM - Installed Microsoft Fix it 50267

.

==== Installed Programs ======================

.

Acer Backup Manager

Acer Crystal Eye Webcam

Acer ePower Management

Acer eRecovery Management

Acer Games

Acer Registration

Acer ScreenSaver

Acer Updater

Adobe AIR

Adobe Community Help

Adobe Flash Player 11 ActiveX

Adobe Flash Player 11 Plugin

Adobe Photoshop Elements 9

Adobe Photoshop.com Inspiration Browser

Adobe Reader X (10.1.6) MUI

Agatha Christie - Death on the Nile

Apple Application Support

avast! Free Antivirus

Backup Manager V3

Battlefield Play4Free

Battlelog Web Plugins

Bejeweled 2 Deluxe

Bing Bar

BitTorrent

Broadcom Card Reader Driver Installer

Broadcom Gigabit NetLink Controller

Build-a-lot 4 - Power Source

Chronicles of Albian

Chuzzle Deluxe

clear.fi

clear.fi Client

Content Manager Assistant for PlayStation®

Cradle of Rome 2

D3DX10

DAEMON Tools Lite

Debut Video Capture Software

Dolby Advanced Audio v2

Dora's World Adventure

DuckCapture Standard 2.7

eBay Worldwide

Elements 9 Organizer

Elements STI Installer

ESET Online Scanner v3

ESN Sonar

FATE: The Cursed King

Final Drive: Nitro

Galerie de photos Windows Live

GIMP 2.8.2

Google Chrome

Google Earth Plug-in

Google Update Helper

Governor of Poker 2 Premium Edition

HandBrake 0.9.8

Identity Card

Intel® Control Center

Intel® Management Engine Components

Intel® Processor Graphics

Intel® Rapid Storage Technology

Java 7 Update 17

Java Auto Updater

JavaFX 2.1.0

JDownloader 0.9

Jewel Match 3

Junk Mail filter update

Launch Manager

LINE

Malwarebytes Anti-Malware version 1.75.0.1300

Mesh Runtime

Microsoft .NET Framework 4 Client Profile

Microsoft Application Error Reporting

Microsoft Office 2010

Microsoft Office Click-to-Run 2010

Microsoft Office PowerPoint Viewer 2007 (English)

Microsoft Office Starter 2010 - English

Microsoft Silverlight

Microsoft SQL Server 2005 Compact Edition [ENU]

Microsoft Visual C++ 2005 Redistributable

Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148

Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161

Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219

Microsoft_VC80_CRT_x86

Microsoft_VC80_MFC_x86

Microsoft_VC80_MFCLOC_x86

Microsoft_VC90_CRT_x86

Mozilla Firefox 20.0.1 (x86 en-US)

Mozilla Maintenance Service

MSVCRT

MSVCRT_amd64

Mystery of Mortlake Mansion

MyWinLocker

MyWinLocker 4

MyWinLocker Suite

newsXpresso

NOOK for PC

Norton Internet Security

NTI Media Maker 9

Penguins!

PHANTASY STAR ONLINE 2

Picasa 3

Plants vs. Zombies - Game of the Year

Polar Bowler

Polar Golfer

PunkBuster Services

QuickTime

Realtek High Definition Audio Driver

Sansa Updater

Security Update for Microsoft .NET Framework 4 Client Profile (KB2518870)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2572078)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2604121)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2633870)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2656351)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368v2)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2656405)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2686827)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2729449)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2737019)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2742595)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2789642)

Shredder

Skype Click to Call

Skype? 6.3

SMPlayer 0.8.0

Synaptics Pointing Device Driver

Torchlight

Total Recorder 8.4 Standard Edition

Update for Microsoft .NET Framework 4 Client Profile (KB2468871)

Update for Microsoft .NET Framework 4 Client Profile (KB2533523)

Update for Microsoft .NET Framework 4 Client Profile (KB2600217)

Update Installer for WildTangent Games App

Virtual Villagers 5 - New Believers

VLC media player 2.0.6

WBFS Manager 3.0

Welcome Center

WildTangent Games App (Acer Games)

Windows Live

Windows Live Communications Platform

Windows Live Essentials

Windows Live ID Sign-in Assistant

Windows Live Installer

Windows Live Language Selector

Windows Live Mail

Windows Live Mesh

Windows Live Messenger

Windows Live MIME IFilter

Windows Live Movie Maker

Windows Live Photo Common

Windows Live Photo Gallery

Windows Live PIMT Platform

Windows Live Remote Client

Windows Live Remote Client Resources

Windows Live Remote Service

Windows Live Remote Service Resources

Windows Live SOXE

Windows Live SOXE Definitions

Windows Live UX Platform

Windows Live UX Platform Language Pack

Windows Live Writer

Windows Live Writer Resources

Windows Movie Maker 2.6

WinRAR 4.11 (32-bit)

Zuma's Revenge

日本hao123ショートカット

.

==== Event Viewer Messages From Past Week ========

.

5/6/2013 8:06:58 AM, Error: Service Control Manager [7023] - The Function Discovery Resource Publication service terminated with the following error: %%-2147024891

5/6/2013 8:06:58 AM, Error: Service Control Manager [7001] - The HomeGroup Provider service depends on the Function Discovery Resource Publication service which failed to start because of the following error: %%-2147024891

5/6/2013 8:06:15 AM, Error: Microsoft-Windows-WMPNSS-Service [14332] - Service 'WMPNetworkSvc' did not start correctly because CoCreateInstance(CLSID_UPnPDeviceFinder) encountered error '0x80004005'. Verify that the UPnPHost service is running and that the UPnPHost component of Windows is installed properly.

5/6/2013 8:04:53 AM, Error: Service Control Manager [7026] - The following boot-start or system-start driver(s) failed to load: BHDrvx64 ccSet_NIS SRTSP SymIRON

5/6/2013 8:04:02 AM, Error: Service Control Manager [7003] - The IPsec Policy Agent service depends the following service: BFE. This service might not be installed.

5/6/2013 8:03:55 AM, Error: Service Control Manager [7003] - The IKE and AuthIP IPsec Keying Modules service depends the following service: BFE. This service might not be installed.

5/6/2013 8:03:50 AM, Error: Service Control Manager [7023] - The Computer Browser service terminated with the following error: The specified service does not exist as an installed service.

5/6/2013 8:03:23 AM, Error: SRTSP [5] - Error loading Symantec real time Anti-Virus driver.

5/6/2013 8:03:23 AM, Error: SRTSP [4] - Error loading virus definitions.

5/6/2013 7:18:09 AM, Error: Microsoft-Windows-DNS-Client [1012] - There was an error while attempting to read the local hosts file.

5/6/2013 5:43:06 AM, Error: VDS Basic Provider [1] - Unexpected failure. Error code: 490@01010004

5/6/2013 3:03:21 AM, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the avast! Antivirus service.

5/5/2013 7:49:10 AM, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the wscsvc service.

5/5/2013 7:49:05 AM, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the BFE service.

5/5/2013 3:05:07 AM, Error: Microsoft-Windows-WindowsUpdateClient [20] - Installation Failure: Windows failed to install the following update with error 0x80070643: Security Update for Windows 7 for x64-based Systems (KB2813170).

5/5/2013 10:20:41 PM, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the GREGService service.

5/5/2013 1:07:40 PM, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the SysMain service.

5/4/2013 6:39:56 PM, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the WinDefend service.

5/4/2013 3:46:42 AM, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the ShellHWDetection service.

5/4/2013 3:46:42 AM, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the lmhosts service.

5/4/2013 3:46:42 AM, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the DsiWMIService service.

5/4/2013 3:05:39 AM, Error: Service Control Manager [7009] - A timeout was reached (30000 milliseconds) while waiting for the Windows Error Reporting Service service to connect.

5/3/2013 1:37:22 PM, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the TrustedInstaller service.

5/3/2013 1:36:14 PM, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the Schedule service.

5/2/2013 7:58:04 AM, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the MMCSS service.

4/30/2013 6:24:05 PM, Error: bowser [8003] - The master browser has received a server announcement from the computer SILVIALOZANO-PC that believes that it is the master browser for the domain on transport NetBT_Tcpip_{32642FBE-3AD4-4709-B711-4C00C789727B}. The master browser is stopping or an election is being forced.

4/29/2013 1:02:48 AM, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the PlugPlay service.

.

==== End Of File ===========================

Link to post
Share on other sites

Step 1

Anti-Virus programs take up an enormous amount of your computer's resources when they are actively scanning your computer. Having two anti-virus programs running at the same time can cause your computer to run very slow, become unstable and even, in rare cases, crash. My suggestion is to uninstall avast! Free Antivirus and to keep Norton Internet Security, but only if you have license for Norton.

Also, please uninstall: BitTorrent

At the end, restart your computer.

Step 2

Please download Junkware Removal Tool to your desktop.

  • Shut down your protection software now to avoid potential conflicts.
  • Run the tool by double-clicking it. If you are using Windows Vista or Seven, right-mouse click it and select Run as Administrator.
  • The tool will open and start scanning your system.
  • Please be patient as this can take a while to complete depending on your system's specifications.
  • On completion, a log (JRT.txt) is saved to your desktop and will automatically open.
  • Post the contents of JRT.txt into your next message.

Step 3

  • Launch Malwarebytes' Anti-Malware
  • Go to Update tab and select Check for Updates. If an update is found, it will download and install the latest version.
  • Go to Scanner tab and select Perform Quick Scan, then click Scan.
  • The scan may take some time to finish,so please be patient.
  • When the scan is complete, click OK, then Show Results to view the results.
  • Make sure that everything is checked, and click Remove Selected.
  • When disinfection is completed, a log will open in Notepad and you may be prompted to Restart. (See Extra Note)
  • The log is automatically saved by MBAM and can be viewed by clicking the Logs tab in MBAM.
  • Copy&Paste the entire report in your next reply.

Extra Note: If MBAM encounters a file that is difficult to remove, you will be presented with 1 of 2 prompts, click OK to either and let MBAM proceed with the disinfection process, if asked to restart the computer,please do so immediately.

Step 4

  • Download on the desktop RogueKiller
  • Quit all programs
  • Start RogueKiller.exe
  • Wait until Prescan has finished ...
  • Click on Scan. Click on Report and copy/paste the content of the notepad in your next reply.

In your next reply, post the following log files:

  • Junkware Removal Tool log
  • Malwarebytes' Anti-Malware log
  • RogueKiller log
  • a new fresh DDS log

Link to post
Share on other sites

Here is the JRT text!

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

Junkware Removal Tool (JRT) by Thisisu

Version: 4.9.3 (04.29.2013:2)

OS: Windows 7 Home Premium x64

Ran by Heavy Metal Miku on 05/06/2013 Mon at 10:19:37.92

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

~~~ Services

~~~ Registry Values

Successfully repaired: [Registry Value] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\\Start Page

Successfully repaired: [Registry Value] HKEY_USERS\.DEFAULT\Software\Microsoft\Internet Explorer\Main\\Start Page

Successfully repaired: [Registry Value] HKEY_USERS\S-1-5-18\Software\Microsoft\Internet Explorer\Main\\Start Page

Successfully repaired: [Registry Value] HKEY_USERS\S-1-5-19\Software\Microsoft\Internet Explorer\Main\\Start Page

Successfully repaired: [Registry Value] HKEY_USERS\S-1-5-20\Software\Microsoft\Internet Explorer\Main\\Start Page

Successfully repaired: [Registry Value] HKEY_USERS\S-1-5-21-479844974-4173024955-3454779408-1001\Software\Microsoft\Internet Explorer\Main\\Start Page

Successfully repaired: [Registry Value] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\\DefaultScope

~~~ Registry Keys

Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\babylon

Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\conduit

Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\conduit

Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\AppDataLow\Software\conduit

Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\AppDataLow\Software\smartbar

Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\appid\escort.dll

Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\bbylntlbr.bbylntlbrhlpr

Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\bbylntlbr.bbylntlbrhlpr.1

Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\prod.cap

Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\tracing\conduitinstaller_rasapi32

Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\tracing\conduitinstaller_rasmancs

Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\tracing\mybabylontb_rasapi32

Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\tracing\mybabylontb_rasmancs

Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\classes\Toolbar.CT2801948

Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}

~~~ Files

Successfully deleted: [File] C:\Windows\syswow64\sho1ED4.tmp

Successfully deleted: [File] C:\Windows\syswow64\sho3C80.tmp

Successfully deleted: [File] C:\Windows\syswow64\sho4329.tmp

Successfully deleted: [File] C:\Windows\syswow64\sho7A78.tmp

Failed to delete [File] C:\Windows\svchost.exe [Check for TDL4 Rootkit!]

~~~ Folders

Successfully deleted: [Folder] "C:\ProgramData\babylon"

Successfully deleted: [Folder] "C:\ProgramData\wecarereminder"

Successfully deleted: [Folder] "C:\Users\Heavy Metal Miku\AppData\Roaming\babylon"

Successfully deleted: [Folder] "C:\Users\Heavy Metal Miku\AppData\Roaming\baidu"

Successfully deleted: [Folder] "C:\Users\Heavy Metal Miku\AppData\Roaming\opencandy"

Successfully deleted: [Folder] "C:\Users\Heavy Metal Miku\AppData\Roaming\strongvault"

Successfully deleted: [Folder] "C:\Users\Heavy Metal Miku\appdata\local\babylon"

Successfully deleted: [Folder] "C:\Users\Heavy Metal Miku\appdata\local\conduit"

Successfully deleted: [Folder] "C:\Users\Heavy Metal Miku\appdata\local\wondershare"

Successfully deleted: [Folder] "C:\Users\Heavy Metal Miku\appdata\locallow\conduit"

Successfully deleted: [Folder] "C:\Program Files (x86)\conduit"

Successfully deleted: [Folder] "C:\Program Files (x86)\Common Files\Wondershare"

Successfully deleted: [Folder] "C:\ai_recyclebin"

Successfully deleted: [Folder] "C:\Windows\syswow64\ai_recyclebin"

Successfully deleted: [Empty Folder] C:\Users\Heavy Metal Miku\appdata\local\{0800F0A8-08B6-4304-8EE6-0840E779318F}

Successfully deleted: [Empty Folder] C:\Users\Heavy Metal Miku\appdata\local\{11D0B9CD-7BD6-4DFD-8BD7-1EB13ED1DC6D}

Successfully deleted: [Empty Folder] C:\Users\Heavy Metal Miku\appdata\local\{26560385-02D2-47AF-97DF-4D309624C21B}

Successfully deleted: [Empty Folder] C:\Users\Heavy Metal Miku\appdata\local\{387F7F51-BC03-4070-815F-4422A720C5BA}

Successfully deleted: [Empty Folder] C:\Users\Heavy Metal Miku\appdata\local\{516B79A3-6293-4289-86C2-B8234E583CA8}

Successfully deleted: [Empty Folder] C:\Users\Heavy Metal Miku\appdata\local\{835EE899-F484-4D65-A0FD-E733FA0CF628}

Successfully deleted: [Empty Folder] C:\Users\Heavy Metal Miku\appdata\local\{8C4115E3-9998-4508-ABA0-EF009F2C05D0}

Successfully deleted: [Empty Folder] C:\Users\Heavy Metal Miku\appdata\local\{9E55457D-5A43-41BD-ADD1-30E6C561BA4C}

Successfully deleted: [Empty Folder] C:\Users\Heavy Metal Miku\appdata\local\{A04673CF-EFDA-4A9F-A563-34BC962BD041}

Successfully deleted: [Empty Folder] C:\Users\Heavy Metal Miku\appdata\local\{A32AB2C5-429B-4F6F-B854-D0145B2E2FD6}

Successfully deleted: [Empty Folder] C:\Users\Heavy Metal Miku\appdata\local\{CB7014D9-CF8D-4D96-9B1B-4FD179ECCAA2}

Successfully deleted: [Empty Folder] C:\Users\Heavy Metal Miku\appdata\local\{E35DD305-54C1-4059-81E6-CC285C9AD82E}

Successfully deleted: [Empty Folder] C:\Users\Heavy Metal Miku\appdata\local\{E69A2327-65EB-4989-84CD-04E2F30C87B2}

Successfully deleted: [Empty Folder] C:\Users\Heavy Metal Miku\appdata\local\{E8779472-A470-430D-8A00-CEE2AAFA337B}

Successfully deleted: [Empty Folder] C:\Users\Heavy Metal Miku\appdata\local\{EE53C263-CB5D-4643-AE96-7BCA0016C577}

~~~ FireFox

Successfully deleted: [File] C:\user.js

Successfully deleted: [File] "C:\Program Files (x86)\Mozilla Firefox\searchplugins\babylon.xml"

Successfully deleted: [File] C:\Users\Heavy Metal Miku\AppData\Roaming\mozilla\firefox\profiles\dll6rgnn.default\user.js

Successfully deleted: [File] C:\Users\Heavy Metal Miku\AppData\Roaming\mozilla\firefox\profiles\dll6rgnn.default\extensions\mvmfepyiej@mvmfepyiej.org.xpi [Tracur]

Successfully deleted: [File] "C:\Users\Heavy Metal Miku\AppData\Roaming\mozilla\firefox\profiles\dll6rgnn.default\extensions\jid1-F9UJ2thwoAm5gQ@jetpack.xpi"

Successfully deleted: [Folder] C:\Users\Heavy Metal Miku\AppData\Roaming\mozilla\firefox\profiles\dll6rgnn.default\jetpack

Successfully deleted: [Folder] C:\Users\Heavy Metal Miku\AppData\Roaming\mozilla\firefox\profiles\dll6rgnn.default\extensions\jid1-qQSMEVsYTOjgYA@jetpack

Successfully deleted the following from C:\Users\Heavy Metal Miku\AppData\Roaming\mozilla\firefox\profiles\dll6rgnn.default\prefs.js

user_pref("CT2801948.navigationAliasesJson", "{\"EB_MAIN_FRAME_URL\":\"hxxp%3A%2F%2Fjapanese.about.com%2Flibrary%2Fweekly%2Faa021101a.htm\",\"EB_MAIN_FRAME_TITLE\":\"I%20love%

user_pref("CT2801948_Firefox.csv", "[{\"from\":\"Abs Layer\",\"action\":\"loading toolbar\",\"time\":1355940855747,\"isWithState\":\"\",\"timeFromStart\":0,\"timeFromPrev\":0}

user_pref("Smartbar.ConduitHomepagesList", "");

user_pref("Smartbar.ConduitSearchEngineList", "NCH EN Customized Web Search");

user_pref("Smartbar.ConduitSearchUrlList", "hxxp://search.conduit.com/ResultsExt.aspx?SSPV=FFOLD1SB&ctid=CT2801948&SearchSource=2&q=");

user_pref("Smartbar.keywordURLSelectedCTID", "CT2801948");

user_pref("browser.search.selectedEngine", "NCH EN Customized Web Search");

user_pref("extensions.BabylonToolbar_i.aflt", "babsst");

user_pref("extensions.BabylonToolbar_i.babExt", "");

user_pref("extensions.BabylonToolbar_i.babTrack", "affID=109935&tt=050412_30b");

user_pref("extensions.BabylonToolbar_i.hardId", "c04b0e1e000000000000226a8a6a60b1");

user_pref("extensions.BabylonToolbar_i.id", "c04b0e1e000000000000226a8a6a60b1");

user_pref("extensions.BabylonToolbar_i.instlDay", "15437");

user_pref("extensions.BabylonToolbar_i.instlRef", "sst");

user_pref("extensions.BabylonToolbar_i.prdct", "BabylonToolbar");

user_pref("extensions.BabylonToolbar_i.prtnrId", "babylon");

user_pref("extensions.BabylonToolbar_i.smplGrp", "none");

user_pref("extensions.BabylonToolbar_i.srcExt", "ss");

user_pref("extensions.BabylonToolbar_i.tlbrId", "tb9");

user_pref("extensions.BabylonToolbar_i.vrsn", "1.5.3.17");

user_pref("extensions.BabylonToolbar_i.vrsnTs", "1.5.3.175:06:43");

user_pref("extensions.BabylonToolbar_i.vrsni", "1.5.3.17");

user_pref("keyword.URL", "hxxp://search.conduit.com/ResultsExt.aspx?SSPV=FFOLD1SB&ctid=CT2801948&SearchSource=2&q=");

Emptied folder: C:\Users\Heavy Metal Miku\AppData\Roaming\mozilla\firefox\profiles\dll6rgnn.default\minidumps [127 files]

~~~ Chrome

Dumping contents of C:\Users\Heavy Metal Miku\appdata\local\Google\Chrome\User Data\Default\Default

C:\Users\Heavy Metal Miku\appdata\local\Google\Chrome\User Data\Default\Default\aadbdigcgfgbdjdcgfggdgdddedjdedd

C:\Users\Heavy Metal Miku\appdata\local\Google\Chrome\User Data\Default\Default\Extensions

C:\Users\Heavy Metal Miku\appdata\local\Google\Chrome\User Data\Default\Default\Preferences

C:\Users\Heavy Metal Miku\appdata\local\Google\Chrome\User Data\Default\Default\Web Data

C:\Users\Heavy Metal Miku\appdata\local\Google\Chrome\User Data\Default\Default\aadbdigcgfgbdjdcgfggdgdddedjdedd\background.html

C:\Users\Heavy Metal Miku\appdata\local\Google\Chrome\User Data\Default\Default\aadbdigcgfgbdjdcgfggdgdddedjdedd\ContentScript.js

C:\Users\Heavy Metal Miku\appdata\local\Google\Chrome\User Data\Default\Default\aadbdigcgfgbdjdcgfggdgdddedjdedd\manifest.json

C:\Users\Heavy Metal Miku\appdata\local\Google\Chrome\User Data\Default\Default\Extensions\gclijllifhfpomppedeljakfegbcpojn

Successfully deleted: [Folder] C:\Users\Heavy Metal Miku\appdata\local\Google\Chrome\User Data\Default\Default [Default Extension 1.0]

~~~ Event Viewer Logs were cleared

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

Scan was completed on 05/06/2013 Mon at 10:34:00.72

End of JRT log

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

Link to post
Share on other sites

BACKDOOR WARNING

One or more of the identified infections is known to use a backdoor.

This allows hackers to remotely control your computer, steal critical system information and download and execute files.

I would advice you to disconnect this PC from the Internet immediately. If you do any banking or other financial transactions on the PC or if it should contain any other sensitive information, please get to a known clean computer and change all passwords where applicable, and it would be wise to contact those same financial institutions to apprise them of your situation.

Though the infection has been identified and can be killed, because of it's backdoor functionality, your PC is very likely compromised and there is no way to be sure your computer can ever again be trusted. Many experts in the security community believe that once infected with this type of trojan, the best course of action would be a reformat and reinstall of the OS. Please read these for more information:

Help: I Got Hacked. Now What Do I Do?

Help: I Got Hacked. Now What Do I Do? Part II

How Do I Handle Possible Identify Theft, Internet Fraud and CC Fraud?

When Should I Format, How Should I Reinstall

We can still clean this machine but I can't guarantee that it will be 100% secure afterwards. Let me know what you decide to do. If you decide to go through with the cleanup, please let me know.

Link to post
Share on other sites

Wow, that isn't good do I still follow the steps?? Here's step 3 if you want it, I will go to other my computer and start changing all passwords..

Malwarebytes Anti-Malware (Trial) 1.75.0.1300

www.malwarebytes.org

Database version: v2013.05.06.06

Windows 7 Service Pack 1 x64 NTFS

Internet Explorer 9.0.8112.16421

Heavy Metal Miku :: 誓いのメタル・ [administrator]

Protection: Enabled

5/6/2013 10:41:22 AM

mbam-log-2013-05-06 (10-41-22).txt

Scan type: Quick scan

Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM

Scan options disabled: P2P

Objects scanned: 298617

Time elapsed: 13 minute(s), 23 second(s)

Memory Processes Detected: 1

C:\Windows\svchost.exe (Trojan.Agent) -> 2452 -> Delete on reboot.

Memory Modules Detected: 0

(No malicious items detected)

Registry Keys Detected: 0

(No malicious items detected)

Registry Values Detected: 0

(No malicious items detected)

Registry Data Items Detected: 0

(No malicious items detected)

Folders Detected: 0

(No malicious items detected)

Files Detected: 3

C:\Users\Heavy Metal Miku\AppData\Local\Temp\HyKM4Qkb.zip.part (Trojan.Zbot.ED) -> Quarantined and deleted successfully.

C:\Users\Heavy Metal Miku\AppData\Local\Temp\pCHVuKIN.zip.part (Trojan.Zbot.ED) -> Quarantined and deleted successfully.

C:\Windows\svchost.exe (Trojan.Agent) -> Delete on reboot.

(end)

Link to post
Share on other sites

Oh, wow meant step 4. But here's the Report

RogueKiller V8.5.4 [Mar 18 2013] by Tigzy

mail : tigzyRK<at>gmail<dot>com

Feedback : http://www.geekstogo.com/forum/files/file/413-roguekiller/

Website : http://tigzy.geekstogo.com/roguekiller.php

Blog : http://tigzyrk.blogspot.com/

Operating System : Windows 7 (6.1.7601 Service Pack 1) 64 bits version

Started in : Normal mode

User : Heavy Metal Miku [Admin rights]

Mode : Scan -- Date : 05/06/2013 11:22:11

| ARK || FAK || MBR |

¤¤¤ Bad processes : 0 ¤¤¤

¤¤¤ Registry Entries : 11 ¤¤¤

[services][ROGUE ST] HKLM\[...]\ControlSet001\Services\93093138 (C:\Windows\system32\DRIVERS\93093138.sys) -> FOUND

[services][ROGUE ST] HKLM\[...]\ControlSet002\Services\93093138 (C:\Windows\system32\DRIVERS\93093138.sys) -> FOUND

[HJPOL] HKCU\[...]\System : DisableTaskMgr (0) -> FOUND

[HJPOL] HKCU\[...]\System : DisableRegistryTools (0) -> FOUND

[HJ] HKLM\[...]\System : ConsentPromptBehaviorAdmin (0) -> FOUND

[HJ] HKLM\[...]\Wow6432Node\System : ConsentPromptBehaviorAdmin (0) -> FOUND

[HJ] HKLM\[...]\System : EnableLUA (0) -> FOUND

[HJ] HKLM\[...]\Wow6432Node\System : EnableLUA (0) -> FOUND

[HJ DESK] HKLM\[...]\NewStartPanel : {59031a47-3f72-44a7-89c5-5595fe6b30ee} (1) -> FOUND

[HJ DESK] HKLM\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> FOUND

[HJ INPROC][ZeroAccess] HKCR\[...]\InprocServer32 : (C:\$Recycle.Bin\S-1-5-21-479844974-4173024955-3454779408-1001\$b4c2ce1b1ce475eb38a4e4641f633395\n.) [x] -> FOUND

¤¤¤ Particular Files / Folders: ¤¤¤

[ZeroAccess][FILE] @ : C:\$recycle.bin\S-1-5-18\$b4c2ce1b1ce475eb38a4e4641f633395\@ [-] --> FOUND

[ZeroAccess][FOLDER] U : C:\$recycle.bin\S-1-5-18\$b4c2ce1b1ce475eb38a4e4641f633395\U --> FOUND

[ZeroAccess][FOLDER] L : C:\$recycle.bin\S-1-5-18\$b4c2ce1b1ce475eb38a4e4641f633395\L --> FOUND

[ZeroAccess][FILE] Desktop.ini : C:\Windows\Assembly\GAC_32\Desktop.ini [-] --> FOUND

[ZeroAccess][FILE] Desktop.ini : C:\Windows\Assembly\GAC_64\Desktop.ini [-] --> FOUND

¤¤¤ Driver : [NOT LOADED] ¤¤¤

¤¤¤ Infection : ZeroAccess ¤¤¤

¤¤¤ HOSTS File: ¤¤¤

--> C:\Windows\system32\drivers\etc\hosts

¤¤¤ MBR Check: ¤¤¤

+++++ PhysicalDrive0: WDC WD5000BPVT-22HXZT3 +++++

--- User ---

[MBR] ab5b2a2178d934e46a097392fc74a492

[bSP] d91e5613f8f4ccd2c154d597635b8a24 : Windows 7/8 MBR Code

Partition table:

0 - [XXXXXX] ACER (0x27) [VISIBLE] Offset (sectors): 2048 | Size: 16500 Mo

1 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 33794048 | Size: 100 Mo

2 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 33998848 | Size: 460338 Mo

User != LL1 ... KO!

--- LL1 ---

[MBR] 0a91a12480876a3bc554aa6f828d13ad

[bSP] d91e5613f8f4ccd2c154d597635b8a24 : Windows 7/8 MBR Code

Partition table:

1 - [XXXXXX] ACER (0x27) [VISIBLE] Offset (sectors): 2048 | Size: 16500 Mo

2 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 33794048 | Size: 100 Mo

3 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 33998848 | Size: 460338 Mo

User != LL2 ... KO!

--- LL2 ---

[MBR] 0a91a12480876a3bc554aa6f828d13ad

[bSP] d91e5613f8f4ccd2c154d597635b8a24 : Windows 7/8 MBR Code

Partition table:

1 - [XXXXXX] ACER (0x27) [VISIBLE] Offset (sectors): 2048 | Size: 16500 Mo

2 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 33794048 | Size: 100 Mo

3 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 33998848 | Size: 460338 Mo

Finished : << RKreport[1]_S_05062013_02d1122.txt >>

RKreport[1]_S_05062013_02d1122.txt

Link to post
Share on other sites

Please download the latest version of TDSSKiller from here and save it to your Desktop.

  • Doubleclick on TDSSKiller.exe to run the application, then click on Change parameters.
    image000q.png
  • Put a checkmark beside loaded modules.
    2012081514h0118.png
  • A reboot will be needed to apply the changes. Do it.
  • TDSSKiller will launch automatically after the reboot. Also your computer may seem very slow and unusable. This is normal. Give it enough time to load your background programs.
  • Then click on Change parameters in TDSSKiller.
  • Check all boxes then click OK.
    2012081517h0349.png
  • Click the Start Scan button.
    19695967.jpg
  • The scan should take no longer than 2 minutes.
  • If a suspicious object is detected, the default action will be Skip, click on Continue.
    67776163.jpg
  • If malicious objects are found, they will show in the Scan results - Select action for found objects and offer three options.
    Ensure Cure (default) is selected, then click Continue > Reboot now to finish the cleaning process.
    62117367.jpg
    Note: If Cure is not available, please choose Skip instead, do not choose Delete unless instructed.
  • A report will be created in your root directory, (usually C:\ folder) in the form of "TDSSKiller.[Version]_[Date]_[Time]_log.txt". Please copy and paste the contents of that file here.

Link to post
Share on other sites

11:34:05.0541 2980 TDSS rootkit removing tool 2.8.16.0 Feb 11 2013 18:50:42

11:34:07.0491 2980 ============================================================

11:34:07.0491 2980 Current date / time: 2013/05/06 11:34:07.0491

11:34:07.0491 2980 SystemInfo:

11:34:07.0491 2980

11:34:07.0491 2980 OS Version: 6.1.7601 ServicePack: 1.0

11:34:07.0491 2980 Product type: Workstation

11:34:07.0491 2980 ComputerName: 誓いのメタル・

11:34:07.0491 2980 UserName: Heavy Metal Miku

11:34:07.0491 2980 Windows directory: C:\Windows

11:34:07.0491 2980 System windows directory: C:\Windows

11:34:07.0491 2980 Running under WOW64

11:34:07.0491 2980 Processor architecture: Intel x64

11:34:07.0491 2980 Number of processors: 2

11:34:07.0491 2980 Page size: 0x1000

11:34:07.0491 2980 Boot type: Normal boot

11:34:07.0491 2980 ============================================================

11:34:08.0286 2980 BG loaded

11:34:09.0955 2980 Drive \Device\Harddisk0\DR0 - Size: 0x7470C06000 (465.76 Gb), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040

11:34:09.0955 2980 ============================================================

11:34:09.0955 2980 \Device\Harddisk0\DR0:

11:34:09.0955 2980 MBR partitions:

11:34:09.0955 2980 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x203A800, BlocksNum 0x32000

11:34:09.0955 2980 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x206C800, BlocksNum 0x38319000

11:34:09.0955 2980 ============================================================

11:34:10.0143 2980 C: <-> \Device\Harddisk0\DR0\Partition2

11:34:10.0143 2980 ============================================================

11:34:10.0143 2980 Initialize success

11:34:10.0143 2980 ============================================================

11:34:54.0660 4812 ============================================================

11:34:54.0660 4812 Scan started

11:34:54.0675 4812 Mode: Manual; SigCheck; TDLFS;

11:34:54.0675 4812 ============================================================

11:35:06.0469 4812 ================ Scan system memory ========================

11:35:06.0469 4812 System memory - ok

11:35:06.0469 4812 ================ Scan services =============================

11:35:07.0857 4812 [ A87D604AEA360176311474C87A63BB88 ] 1394ohci C:\Windows\system32\drivers\1394ohci.sys

11:35:09.0199 4812 1394ohci - ok

11:35:10.0182 4812 [ 8ACBB0D11A99EF06BFFD09C5B4DF0925 ] 4170085drv C:\Windows\system32\DRIVERS\4170085drv.sys

11:35:10.0260 4812 4170085drv - ok

11:35:10.0650 4812 [ E656FE10D6D27794AFA08136685A69E8 ] 93093138 C:\Windows\system32\DRIVERS\93093138.sys

11:35:10.0712 4812 93093138 - ok

11:35:10.0837 4812 [ D81D9E70B8A6DD14D42D7B4EFA65D5F2 ] ACPI C:\Windows\system32\drivers\ACPI.sys

11:35:10.0899 4812 ACPI - ok

11:35:11.0040 4812 [ 99F8E788246D495CE3794D7E7821D2CA ] AcpiPmi C:\Windows\system32\drivers\acpipmi.sys

11:35:12.0381 4812 AcpiPmi - ok

11:35:13.0177 4812 [ 1474F121C3DF1232D3E7239C03691EE6 ] AdobeActiveFileMonitor9.0 C:\Program Files (x86)\Adobe\Elements 9 Organizer\PhotoshopElementsFileAgent.exe

11:35:13.0208 4812 AdobeActiveFileMonitor9.0 - ok

11:35:13.0723 4812 [ 3927397AC60D943DAF8808AFFED582B7 ] AdobeARMservice c:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe

11:35:13.0770 4812 AdobeARMservice - ok

11:35:14.0347 4812 [ 479901C99FA62D1C3261B7ACB1228DAD ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe

11:35:14.0378 4812 AdobeFlashPlayerUpdateSvc - ok

11:35:14.0659 4812 [ 2F6B34B83843F0C5118B63AC634F5BF4 ] adp94xx C:\Windows\system32\drivers\adp94xx.sys

11:35:14.0721 4812 adp94xx - ok

11:35:14.0955 4812 [ 597F78224EE9224EA1A13D6350CED962 ] adpahci C:\Windows\system32\drivers\adpahci.sys

11:35:15.0002 4812 adpahci - ok

11:35:15.0127 4812 [ E109549C90F62FB570B9540C4B148E54 ] adpu320 C:\Windows\system32\drivers\adpu320.sys

11:35:15.0158 4812 adpu320 - ok

11:35:15.0564 4812 [ 4B78B431F225FD8624C5655CB1DE7B61 ] AeLookupSvc C:\Windows\System32\aelupsvc.dll

11:35:15.0689 4812 AeLookupSvc - ok

11:35:16.0016 4812 [ 1C7857B62DE5994A75B054A9FD4C3825 ] AFD C:\Windows\system32\drivers\afd.sys

11:35:16.0687 4812 AFD - ok

11:35:17.0030 4812 [ 608C14DBA7299D8CB6ED035A68A15799 ] agp440 C:\Windows\system32\drivers\agp440.sys

11:35:17.0186 4812 agp440 - ok

11:35:17.0311 4812 [ 3290D6946B5E30E70414990574883DDB ] ALG C:\Windows\System32\alg.exe

11:35:17.0810 4812 ALG - ok

11:35:17.0997 4812 [ 5812713A477A3AD7363C7438CA2EE038 ] aliide C:\Windows\system32\drivers\aliide.sys

11:35:18.0060 4812 aliide - ok

11:35:18.0185 4812 [ 1FF8B4431C353CE385C875F194924C0C ] amdide C:\Windows\system32\drivers\amdide.sys

11:35:18.0231 4812 amdide - ok

11:35:18.0372 4812 [ 7024F087CFF1833A806193EF9D22CDA9 ] AmdK8 C:\Windows\system32\drivers\amdk8.sys

11:35:18.0528 4812 AmdK8 - ok

11:35:18.0684 4812 [ 1E56388B3FE0D031C44144EB8C4D6217 ] AmdPPM C:\Windows\system32\drivers\amdppm.sys

11:35:18.0809 4812 AmdPPM - ok

11:35:18.0933 4812 [ D4121AE6D0C0E7E13AA221AA57EF2D49 ] amdsata C:\Windows\system32\drivers\amdsata.sys

11:35:18.0965 4812 amdsata - ok

11:35:19.0136 4812 [ F67F933E79241ED32FF46A4F29B5120B ] amdsbs C:\Windows\system32\drivers\amdsbs.sys

11:35:19.0183 4812 amdsbs - ok

11:35:19.0230 4812 [ 540DAF1CEA6094886D72126FD7C33048 ] amdxata C:\Windows\system32\drivers\amdxata.sys

11:35:19.0277 4812 amdxata - ok

11:35:19.0401 4812 [ 89A69C3F2F319B43379399547526D952 ] AppID C:\Windows\system32\drivers\appid.sys

11:35:19.0589 4812 AppID - ok

11:35:19.0823 4812 [ 0BC381A15355A3982216F7172F545DE1 ] AppIDSvc C:\Windows\System32\appidsvc.dll

11:35:20.0041 4812 AppIDSvc - ok

11:35:20.0197 4812 [ 3977D4A871CA0D4F2ED1E7DB46829731 ] Appinfo C:\Windows\System32\appinfo.dll

11:35:20.0415 4812 Appinfo - ok

11:35:20.0509 4812 [ C484F8CEB1717C540242531DB7845C4E ] arc C:\Windows\system32\drivers\arc.sys

11:35:20.0556 4812 arc - ok

11:35:20.0759 4812 [ 019AF6924AEFE7839F61C830227FE79C ] arcsas C:\Windows\system32\drivers\arcsas.sys

11:35:20.0790 4812 arcsas - ok

11:35:20.0946 4812 [ F3F5F2FDE0DEABA4F2CE336E9454FAE2 ] aswFsBlk C:\Windows\system32\drivers\aswFsBlk.sys

11:35:21.0102 4812 aswFsBlk - ok

11:35:21.0242 4812 [ 90980D5291F8E725700272E4B64EDA10 ] aswMonFlt C:\Windows\system32\drivers\aswMonFlt.sys

11:35:21.0273 4812 aswMonFlt - ok

11:35:21.0398 4812 [ A4C94945B8A1FFE449A500C2CF0B5882 ] aswRdr C:\Windows\System32\Drivers\aswrdr2.sys

11:35:21.0445 4812 aswRdr - ok

11:35:21.0476 4812 [ A06E330475C1957C50C13B483D41F2BD ] aswRvrt C:\Windows\system32\drivers\aswRvrt.sys

11:35:21.0523 4812 aswRvrt - ok

11:35:21.0929 4812 [ 9237BE2AB3C7D611F1F8FB7018691BAC ] aswSnx C:\Windows\system32\drivers\aswSnx.sys

11:35:22.0007 4812 aswSnx - ok

11:35:22.0100 4812 [ D8FEC7F7BFE1BAD685DC8D1EF384693D ] aswSP C:\Windows\system32\drivers\aswSP.sys

11:35:22.0163 4812 aswSP - ok

11:35:22.0194 4812 [ 3D9BA0EF6C5847E4482FC01ABCD26683 ] aswTdi C:\Windows\system32\drivers\aswTdi.sys

11:35:22.0225 4812 aswTdi - ok

11:35:22.0334 4812 [ 3C7D772F6059C142991D00FE3AB61D40 ] aswVmm C:\Windows\system32\drivers\aswVmm.sys

11:35:22.0381 4812 aswVmm - ok

11:35:22.0443 4812 [ 769765CE2CC62867468CEA93969B2242 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys

11:35:22.0646 4812 AsyncMac - ok

11:35:22.0740 4812 [ 02062C0B390B7729EDC9E69C680A6F3C ] atapi C:\Windows\system32\drivers\atapi.sys

11:35:22.0787 4812 atapi - ok

11:35:23.0099 4812 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll

11:35:23.0255 4812 AudioEndpointBuilder - ok

11:35:23.0270 4812 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioSrv C:\Windows\System32\Audiosrv.dll

11:35:23.0395 4812 AudioSrv - ok

11:35:23.0832 4812 [ 6F702A7EA2D5F2B55CC90C333FBE9978 ] avast! Antivirus C:\Program Files\AVAST Software\Avast\AvastSvc.exe

11:35:23.0879 4812 avast! Antivirus - ok

11:35:24.0113 4812 [ A6BF31A71B409DFA8CAC83159E1E2AFF ] AxInstSV C:\Windows\System32\AxInstSV.dll

11:35:24.0253 4812 AxInstSV - ok

11:35:24.0549 4812 [ 3E5B191307609F7514148C6832BB0842 ] b06bdrv C:\Windows\system32\drivers\bxvbda.sys

11:35:24.0627 4812 b06bdrv - ok

11:35:24.0939 4812 [ B5ACE6968304A3900EEB1EBFD9622DF2 ] b57nd60a C:\Windows\system32\DRIVERS\b57nd60a.sys

11:35:25.0049 4812 b57nd60a - ok

11:35:25.0127 4812 [ 2618E15514736FB469B105CE729B6D9D ] b57xdbd C:\Windows\system32\DRIVERS\b57xdbd.sys

11:35:25.0173 4812 b57xdbd - ok

11:35:25.0220 4812 [ BABA4F0E2978B69B4E0B260EF7150DD6 ] b57xdmp C:\Windows\system32\DRIVERS\b57xdmp.sys

11:35:25.0267 4812 b57xdmp - ok

11:35:25.0439 4812 [ 87F3BCF82A63E900AF896CD930BF7E05 ] BBSvc C:\Program Files (x86)\Microsoft\BingBar\BBSvc.EXE

11:35:25.0485 4812 BBSvc - ok

11:35:25.0517 4812 [ 78779EE07231C658B483B1F38B5088DF ] BBUpdate C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE

11:35:25.0563 4812 BBUpdate - ok

11:35:26.0094 4812 [ 85111026F1C5A1C4CCE3697F0DA7BC1A ] BCM43XX C:\Windows\system32\DRIVERS\bcmwl664.sys

11:35:26.0312 4812 BCM43XX - ok

11:35:26.0390 4812 [ FDE360167101B4E45A96F939F388AEB0 ] BDESVC C:\Windows\System32\bdesvc.dll

11:35:26.0468 4812 BDESVC - ok

11:35:26.0562 4812 [ 16A47CE2DECC9B099349A5F840654746 ] Beep C:\Windows\system32\drivers\Beep.sys

11:35:26.0749 4812 Beep - ok

11:35:26.0843 4812 [ 61583EE3C3A17003C4ACD0475646B4D3 ] blbdrive C:\Windows\system32\drivers\blbdrive.sys

11:35:26.0921 4812 blbdrive - ok

11:35:26.0983 4812 [ 6C02A83164F5CC0A262F4199F0871CF5 ] bowser C:\Windows\system32\DRIVERS\bowser.sys

11:35:27.0077 4812 bowser - ok

11:35:27.0108 4812 [ F09EEE9EDC320B5E1501F749FDE686C8 ] BrFiltLo C:\Windows\system32\drivers\BrFiltLo.sys

11:35:27.0217 4812 BrFiltLo - ok

11:35:27.0233 4812 [ B114D3098E9BDB8BEA8B053685831BE6 ] BrFiltUp C:\Windows\system32\drivers\BrFiltUp.sys

11:35:27.0295 4812 BrFiltUp - ok

11:35:27.0389 4812 [ 5C2F352A4E961D72518261257AAE204B ] Bridge C:\Windows\system32\DRIVERS\bridge.sys

11:35:27.0545 4812 Bridge - ok

11:35:27.0607 4812 [ 5C2F352A4E961D72518261257AAE204B ] BridgeMP C:\Windows\system32\DRIVERS\bridge.sys

11:35:27.0716 4812 BridgeMP - ok

11:35:27.0779 4812 [ 05F5A0D14A2EE1D8255C2AA0E9E8E694 ] Browser C:\Windows\System32\browser.dll

11:35:27.0872 4812 Browser - ok

11:35:27.0935 4812 [ 43BEA8D483BF1870F018E2D02E06A5BD ] Brserid C:\Windows\System32\Drivers\Brserid.sys

11:35:28.0028 4812 Brserid - ok

11:35:28.0106 4812 [ A6ECA2151B08A09CACECA35C07F05B42 ] BrSerWdm C:\Windows\System32\Drivers\BrSerWdm.sys

11:35:28.0200 4812 BrSerWdm - ok

11:35:28.0247 4812 [ B79968002C277E869CF38BD22CD61524 ] BrUsbMdm C:\Windows\System32\Drivers\BrUsbMdm.sys

11:35:28.0325 4812 BrUsbMdm - ok

11:35:28.0371 4812 [ A87528880231C54E75EA7A44943B38BF ] BrUsbSer C:\Windows\System32\Drivers\BrUsbSer.sys

11:35:28.0465 4812 BrUsbSer - ok

11:35:28.0543 4812 [ FF7AA31BFFDC6C6870F64EAF8DEFE930 ] bScsiMSa C:\Windows\system32\DRIVERS\bScsiMSa.sys

11:35:28.0574 4812 bScsiMSa - ok

11:35:28.0637 4812 [ E6CC56662F6C6B787A1FBEA4CD247AE0 ] bScsiSDa C:\Windows\system32\DRIVERS\bScsiSDa.sys

11:35:28.0668 4812 bScsiSDa - ok

11:35:28.0699 4812 [ 9DA669F11D1F894AB4EB69BF546A42E8 ] BTHMODEM C:\Windows\system32\drivers\bthmodem.sys

11:35:28.0808 4812 BTHMODEM - ok

11:35:28.0902 4812 [ 95F9C2976059462CBBF227F7AAB10DE9 ] bthserv C:\Windows\system32\bthserv.dll

11:35:29.0073 4812 bthserv - ok

11:35:29.0136 4812 [ B8BD2BB284668C84865658C77574381A ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys

11:35:29.0276 4812 cdfs - ok

11:35:29.0354 4812 [ F036CE71586E93D94DAB220D7BDF4416 ] cdrom C:\Windows\system32\DRIVERS\cdrom.sys

11:35:29.0432 4812 cdrom - ok

11:35:29.0479 4812 [ F17D1D393BBC69C5322FBFAFACA28C7F ] CertPropSvc C:\Windows\System32\certprop.dll

11:35:29.0635 4812 CertPropSvc - ok

11:35:29.0651 4812 [ D7CD5C4E1B71FA62050515314CFB52CF ] circlass C:\Windows\system32\drivers\circlass.sys

11:35:29.0729 4812 circlass - ok

11:35:29.0775 4812 [ FE1EC06F2253F691FE36217C592A0206 ] CLFS C:\Windows\system32\CLFS.sys

11:35:29.0838 4812 CLFS - ok

11:35:30.0197 4812 [ D88040F816FDA31C3B466F0FA0918F29 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe

11:35:30.0243 4812 clr_optimization_v2.0.50727_32 - ok

11:35:30.0477 4812 [ D1CEEA2B47CB998321C579651CE3E4F8 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe

11:35:30.0509 4812 clr_optimization_v2.0.50727_64 - ok

11:35:30.0633 4812 [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe

11:35:30.0743 4812 clr_optimization_v4.0.30319_32 - ok

11:35:30.0821 4812 [ C6F9AF94DCD58122A4D7E89DB6BED29D ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe

11:35:30.0867 4812 clr_optimization_v4.0.30319_64 - ok

11:35:30.0930 4812 [ 0840155D0BDDF1190F84A663C284BD33 ] CmBatt C:\Windows\system32\drivers\CmBatt.sys

11:35:31.0008 4812 CmBatt - ok

11:35:31.0039 4812 [ E19D3F095812725D88F9001985B94EDD ] cmdide C:\Windows\system32\drivers\cmdide.sys

11:35:31.0070 4812 cmdide - ok

11:35:31.0179 4812 [ 9AC4F97C2D3E93367E2148EA940CD2CD ] CNG C:\Windows\system32\Drivers\cng.sys

11:35:31.0257 4812 CNG - ok

11:35:31.0304 4812 [ 102DE219C3F61415F964C88E9085AD14 ] Compbatt C:\Windows\system32\drivers\compbatt.sys

11:35:31.0351 4812 Compbatt - ok

11:35:31.0382 4812 [ 03EDB043586CCEBA243D689BDDA370A8 ] CompositeBus C:\Windows\system32\drivers\CompositeBus.sys

11:35:31.0460 4812 CompositeBus - ok

11:35:31.0491 4812 COMSysApp - ok

11:35:31.0523 4812 [ 1C827878A998C18847245FE1F34EE597 ] crcdisk C:\Windows\system32\drivers\crcdisk.sys

11:35:31.0554 4812 crcdisk - ok

11:35:31.0616 4812 [ 9C01375BE382E834CC26D1B7EAF2C4FE ] CryptSvc C:\Windows\system32\cryptsvc.dll

11:35:31.0694 4812 CryptSvc - ok

11:35:31.0866 4812 [ 72794D112CBAFF3BC0C29BF7350D4741 ] cvhsvc C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE

11:35:31.0928 4812 cvhsvc - ok

11:35:32.0006 4812 [ 5C627D1B1138676C0A7AB2C2C190D123 ] DcomLaunch C:\Windows\system32\rpcss.dll

11:35:32.0162 4812 DcomLaunch - ok

11:35:32.0240 4812 [ 3CEC7631A84943677AA8FA8EE5B6B43D ] defragsvc C:\Windows\System32\defragsvc.dll

11:35:32.0396 4812 defragsvc - ok

11:35:32.0443 4812 [ 9BB2EF44EAA163B29C4A4587887A0FE4 ] DfsC C:\Windows\system32\Drivers\dfsc.sys

11:35:32.0583 4812 DfsC - ok

11:35:32.0661 4812 [ 43D808F5D9E1A18E5EEB5EBC83969E4E ] Dhcp C:\Windows\system32\dhcpcore.dll

11:35:32.0755 4812 Dhcp - ok

11:35:32.0833 4812 [ 13096B05847EC78F0977F2C0F79E9AB3 ] discache C:\Windows\system32\drivers\discache.sys

11:35:32.0958 4812 discache - ok

11:35:33.0083 4812 [ 9819EEE8B5EA3784EC4AF3B137A5244C ] Disk C:\Windows\system32\drivers\disk.sys

11:35:33.0161 4812 Disk - ok

11:35:33.0207 4812 [ 16835866AAA693C7D7FCEBA8FFF706E4 ] Dnscache C:\Windows\System32\dnsrslvr.dll

11:35:33.0301 4812 Dnscache - ok

11:35:33.0379 4812 [ B1FB3DDCA0FDF408750D5843591AFBC6 ] dot3svc C:\Windows\System32\dot3svc.dll

11:35:33.0519 4812 dot3svc - ok

11:35:33.0582 4812 [ B26F4F737E8F9DF4F31AF6CF31D05820 ] DPS C:\Windows\system32\dps.dll

11:35:33.0722 4812 DPS - ok

11:35:33.0769 4812 [ 9B19F34400D24DF84C858A421C205754 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys

11:35:33.0863 4812 drmkaud - ok

11:35:33.0956 4812 [ 4AB2A58816CC6BE771F1D8C768B804C5 ] DsiWMIService C:\Program Files (x86)\Launch Manager\dsiwmis.exe

11:35:34.0003 4812 DsiWMIService - ok

11:35:34.0065 4812 [ 46571ED73AE84469DCA53081D33CF3C8 ] dtsoftbus01 C:\Windows\system32\DRIVERS\dtsoftbus01.sys

11:35:34.0097 4812 dtsoftbus01 - ok

11:35:34.0206 4812 [ F5BEE30450E18E6B83A5012C100616FD ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys

11:35:34.0268 4812 DXGKrnl - ok

11:35:34.0362 4812 [ E2DDA8726DA9CB5B2C4000C9018A9633 ] EapHost C:\Windows\System32\eapsvc.dll

11:35:34.0487 4812 EapHost - ok

11:35:35.0001 4812 [ DC5D737F51BE844D8C82C695EB17372F ] ebdrv C:\Windows\system32\drivers\evbda.sys

11:35:35.0189 4812 ebdrv - ok

11:35:35.0267 4812 [ C118A82CD78818C29AB228366EBF81C3 ] EFS C:\Windows\System32\lsass.exe

11:35:35.0407 4812 EFS - ok

11:35:35.0516 4812 [ 5332EC2BA1C112BD4BB1F38127848FEF ] EgisTec Ticket Service C:\Program Files (x86)\Common Files\EgisTec\Services\EgisTicketService.exe

11:35:35.0547 4812 EgisTec Ticket Service - ok

11:35:35.0797 4812 [ C4002B6B41975F057D98C439030CEA07 ] ehRecvr C:\Windows\ehome\ehRecvr.exe

11:35:35.0922 4812 ehRecvr - ok

11:35:35.0937 4812 [ 4705E8EF9934482C5BB488CE28AFC681 ] ehSched C:\Windows\ehome\ehsched.exe

11:35:36.0000 4812 ehSched - ok

11:35:36.0795 4812 [ 0E5DA5369A0FCAEA12456DD852545184 ] elxstor C:\Windows\system32\drivers\elxstor.sys

11:35:36.0889 4812 elxstor - ok

11:35:37.0217 4812 [ 48425C93B6F36529707206E4FA680CF3 ] ePowerSvc C:\Program Files\Acer\Acer ePower Management\ePowerSvc.exe

11:35:37.0295 4812 ePowerSvc - ok

11:35:37.0388 4812 [ 34A3C54752046E79A126E15C51DB409B ] ErrDev C:\Windows\system32\drivers\errdev.sys

11:35:37.0575 4812 ErrDev - ok

11:35:37.0794 4812 [ 4166F82BE4D24938977DD1746BE9B8A0 ] EventSystem C:\Windows\system32\es.dll

11:35:38.0012 4812 EventSystem - ok

11:35:38.0075 4812 [ A510C654EC00C1E9BDD91EEB3A59823B ] exfat C:\Windows\system32\drivers\exfat.sys

11:35:38.0215 4812 exfat - ok

11:35:38.0246 4812 [ 0ADC83218B66A6DB380C330836F3E36D ] fastfat C:\Windows\system32\drivers\fastfat.sys

11:35:38.0387 4812 fastfat - ok

11:35:38.0465 4812 [ DBEFD454F8318A0EF691FDD2EAAB44EB ] Fax C:\Windows\system32\fxssvc.exe

11:35:38.0558 4812 Fax - ok

11:35:38.0667 4812 [ D765D19CD8EF61F650C384F62FAC00AB ] fdc C:\Windows\system32\drivers\fdc.sys

11:35:38.0745 4812 fdc - ok

11:35:38.0823 4812 [ 0438CAB2E03F4FB61455A7956026FE86 ] fdPHost C:\Windows\system32\fdPHost.dll

11:35:38.0979 4812 fdPHost - ok

11:35:39.0026 4812 [ 802496CB59A30349F9A6DD22D6947644 ] FDResPub C:\Windows\system32\fdrespub.dll

11:35:39.0182 4812 FDResPub - ok

11:35:39.0307 4812 [ 655661BE46B5F5F3FD454E2C3095B930 ] FileInfo C:\Windows\system32\drivers\fileinfo.sys

11:35:39.0338 4812 FileInfo - ok

11:35:39.0385 4812 [ 5F671AB5BC87EEA04EC38A6CD5962A47 ] Filetrace C:\Windows\system32\drivers\filetrace.sys

11:35:39.0650 4812 Filetrace - ok

11:35:39.0900 4812 [ BB0667B0171B632B97EA759515476F07 ] FLEXnet Licensing Service C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe

11:35:39.0947 4812 FLEXnet Licensing Service - ok

11:35:40.0087 4812 [ C172A0F53008EAEB8EA33FE10E177AF5 ] flpydisk C:\Windows\system32\drivers\flpydisk.sys

11:35:40.0149 4812 flpydisk - ok

11:35:40.0165 4812 [ DA6B67270FD9DB3697B20FCE94950741 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys

11:35:40.0212 4812 FltMgr - ok

11:35:40.0430 4812 [ C4C183E6551084039EC862DA1C945E3D ] FontCache C:\Windows\system32\FntCache.dll

11:35:40.0493 4812 FontCache - ok

11:35:40.0586 4812 [ A8B7F3818AB65695E3A0BB3279F6DCE6 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe

11:35:40.0617 4812 FontCache3.0.0.0 - ok

11:35:40.0695 4812 [ D43703496149971890703B4B1B723EAC ] FsDepends C:\Windows\system32\drivers\FsDepends.sys

11:35:40.0727 4812 FsDepends - ok

11:35:40.0851 4812 [ 6BD9295CC032DD3077C671FCCF579A7B ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys

11:35:40.0883 4812 Fs_Rec - ok

11:35:41.0070 4812 [ 8F6322049018354F45F05A2FD2D4E5E0 ] fvevol C:\Windows\system32\DRIVERS\fvevol.sys

11:35:41.0117 4812 fvevol - ok

11:35:41.0163 4812 [ 8C778D335C9D272CFD3298AB02ABE3B6 ] gagp30kx C:\Windows\system32\drivers\gagp30kx.sys

11:35:41.0210 4812 gagp30kx - ok

11:35:41.0351 4812 [ C403C5DB49A0F9AAF4F2128EDC0106D8 ] GamesAppService C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe

11:35:41.0397 4812 GamesAppService - ok

11:35:41.0553 4812 [ 277BBC7E1AA1EE957F573A10ECA7EF3A ] gpsvc C:\Windows\System32\gpsvc.dll

11:35:41.0663 4812 gpsvc - ok

11:35:41.0756 4812 [ C9B2D1D3F86FD3673EF847DEF73B6F9E ] GREGService C:\Program Files (x86)\Acer\Registration\GREGsvc.exe

11:35:41.0772 4812 GREGService - ok

11:35:42.0021 4812 [ 506708142BC63DABA64F2D3AD1DCD5BF ] gupdate C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

11:35:42.0053 4812 gupdate - ok

11:35:42.0053 4812 [ 506708142BC63DABA64F2D3AD1DCD5BF ] gupdatem C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

11:35:42.0084 4812 gupdatem - ok

11:35:42.0209 4812 [ C1B577B2169900F4CF7190C39F085794 ] gusvc C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe

11:35:42.0255 4812 gusvc - ok

11:35:42.0318 4812 [ F2523EF6460FC42405B12248338AB2F0 ] hcw85cir C:\Windows\system32\drivers\hcw85cir.sys

11:35:42.0380 4812 hcw85cir - ok

11:35:42.0443 4812 [ 975761C778E33CD22498059B91E7373A ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys

11:35:42.0536 4812 HdAudAddService - ok

11:35:42.0583 4812 [ 97BFED39B6B79EB12CDDBFEED51F56BB ] HDAudBus C:\Windows\system32\drivers\HDAudBus.sys

11:35:42.0677 4812 HDAudBus - ok

11:35:42.0692 4812 [ 78E86380454A7B10A5EB255DC44A355F ] HidBatt C:\Windows\system32\drivers\HidBatt.sys

11:35:42.0817 4812 HidBatt - ok

11:35:42.0833 4812 [ 7FD2A313F7AFE5C4DAB14798C48DD104 ] HidBth C:\Windows\system32\drivers\hidbth.sys

11:35:42.0957 4812 HidBth - ok

11:35:43.0067 4812 [ 0A77D29F311B88CFAE3B13F9C1A73825 ] HidIr C:\Windows\system32\drivers\hidir.sys

11:35:43.0113 4812 HidIr - ok

11:35:43.0207 4812 [ BD9EB3958F213F96B97B1D897DEE006D ] hidserv C:\Windows\system32\hidserv.dll

11:35:43.0332 4812 hidserv - ok

11:35:43.0394 4812 [ 9592090A7E2B61CD582B612B6DF70536 ] HidUsb C:\Windows\system32\DRIVERS\hidusb.sys

11:35:43.0441 4812 HidUsb - ok

11:35:43.0566 4812 [ 387E72E739E15E3D37907A86D9FF98E2 ] hkmsvc C:\Windows\system32\kmsvc.dll

11:35:43.0769 4812 hkmsvc - ok

11:35:43.0878 4812 [ EFDFB3DD38A4376F93E7985173813ABD ] HomeGroupListener C:\Windows\system32\ListSvc.dll

11:35:43.0956 4812 HomeGroupListener - ok

11:35:44.0049 4812 [ 908ACB1F594274965A53926B10C81E89 ] HomeGroupProvider C:\Windows\system32\provsvc.dll

11:35:44.0127 4812 HomeGroupProvider - ok

11:35:44.0190 4812 [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC ] HpSAMD C:\Windows\system32\drivers\HpSAMD.sys

11:35:44.0237 4812 HpSAMD - ok

11:35:44.0471 4812 [ 0EA7DE1ACB728DD5A369FD742D6EEE28 ] HTTP C:\Windows\system32\drivers\HTTP.sys

11:35:44.0673 4812 HTTP - ok

11:35:44.0720 4812 [ A5462BD6884960C9DC85ED49D34FF392 ] hwpolicy C:\Windows\system32\drivers\hwpolicy.sys

11:35:44.0767 4812 hwpolicy - ok

11:35:44.0829 4812 [ FA55C73D4AFFA7EE23AC4BE53B4592D3 ] i8042prt C:\Windows\system32\DRIVERS\i8042prt.sys

11:35:44.0876 4812 i8042prt - ok

11:35:44.0970 4812 [ 53CC5BF8B5A219119953C7ABB19A7705 ] iaStor C:\Windows\system32\drivers\iaStor.sys

11:35:45.0017 4812 iaStor - ok

11:35:45.0079 4812 [ AAAF44DB3BD0B9D1FB6969B23ECC8366 ] iaStorV C:\Windows\system32\drivers\iaStorV.sys

11:35:45.0141 4812 iaStorV - ok

11:35:45.0391 4812 [ 5988FC40F8DB5B0739CD1E3A5D0D78BD ] idsvc C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe

11:35:45.0469 4812 idsvc - ok

11:35:46.0187 4812 [ 978D876A581D57E0DE6437674EB0014D ] igfx C:\Windows\system32\DRIVERS\igdkmd64.sys

11:35:46.0639 4812 igfx - ok

11:35:46.0717 4812 [ 5C18831C61933628F5BB0EA2675B9D21 ] iirsp C:\Windows\system32\drivers\iirsp.sys

11:35:46.0764 4812 iirsp - ok

11:35:46.0920 4812 [ FCD84C381E0140AF901E58D48882D26B ] IKEEXT C:\Windows\System32\ikeext.dll

11:35:47.0091 4812 IKEEXT - ok

11:35:47.0871 4812 [ 98F4E841EA43ED5A442F0DC60CAB4326 ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHD64.sys

11:35:48.0027 4812 IntcAzAudAddService - ok

11:35:48.0199 4812 [ AE594CC17C33AC146739494615E14851 ] IntcDAud C:\Windows\system32\DRIVERS\IntcDAud.sys

11:35:48.0293 4812 IntcDAud - ok

11:35:48.0371 4812 [ F00F20E70C6EC3AA366910083A0518AA ] intelide C:\Windows\system32\drivers\intelide.sys

11:35:48.0402 4812 intelide - ok

11:35:48.0464 4812 [ ADA036632C664CAA754079041CF1F8C1 ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys

11:35:48.0542 4812 intelppm - ok

11:35:48.0589 4812 [ 098A91C54546A3B878DAD6A7E90A455B ] IPBusEnum C:\Windows\system32\ipbusenum.dll

11:35:48.0729 4812 IPBusEnum - ok

11:35:48.0792 4812 [ C9F0E1BD74365A8771590E9008D22AB6 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys

11:35:48.0901 4812 IpFilterDriver - ok

11:35:48.0932 4812 [ 0FC1AEA580957AA8817B8F305D18CA3A ] IPMIDRV C:\Windows\system32\drivers\IPMIDrv.sys

11:35:49.0010 4812 IPMIDRV - ok

11:35:49.0088 4812 [ AF9B39A7E7B6CAA203B3862582E9F2D0 ] IPNAT C:\Windows\system32\drivers\ipnat.sys

11:35:49.0244 4812 IPNAT - ok

11:35:49.0307 4812 [ 3ABF5E7213EB28966D55D58B515D5CE9 ] IRENUM C:\Windows\system32\drivers\irenum.sys

11:35:49.0385 4812 IRENUM - ok

11:35:49.0447 4812 [ 2F7B28DC3E1183E5EB418DF55C204F38 ] isapnp C:\Windows\system32\drivers\isapnp.sys

11:35:49.0494 4812 isapnp - ok

11:35:49.0634 4812 [ D931D7309DEB2317035B07C9F9E6B0BD ] iScsiPrt C:\Windows\system32\drivers\msiscsi.sys

11:35:49.0697 4812 iScsiPrt - ok

11:35:49.0915 4812 [ BD63E1904D19B624291C9F313A7B0ABB ] k57nd60a C:\Windows\system32\DRIVERS\k57nd60a.sys

11:35:50.0055 4812 k57nd60a - ok

11:35:50.0133 4812 [ BC02336F1CBA7DCC7D1213BB588A68A5 ] kbdclass C:\Windows\system32\drivers\kbdclass.sys

11:35:50.0180 4812 kbdclass - ok

11:35:50.0243 4812 [ 0705EFF5B42A9DB58548EEC3B26BB484 ] kbdhid C:\Windows\system32\drivers\kbdhid.sys

11:35:50.0321 4812 kbdhid - ok

11:35:50.0352 4812 [ C118A82CD78818C29AB228366EBF81C3 ] KeyIso C:\Windows\system32\lsass.exe

11:35:50.0399 4812 KeyIso - ok

11:35:50.0461 4812 [ 97A7070AEA4C058B6418519E869A63B4 ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys

11:35:50.0492 4812 KSecDD - ok

11:35:50.0570 4812 [ 26C43A7C2862447EC59DEDA188D1DA07 ] KSecPkg C:\Windows\system32\Drivers\ksecpkg.sys

11:35:50.0617 4812 KSecPkg - ok

11:35:50.0726 4812 [ 6869281E78CB31A43E969F06B57347C4 ] ksthunk C:\Windows\system32\drivers\ksthunk.sys

11:35:50.0851 4812 ksthunk - ok

11:35:50.0991 4812 [ 6AB66E16AA859232F64DEB66887A8C9C ] KtmRm C:\Windows\system32\msdtckrm.dll

11:35:51.0163 4812 KtmRm - ok

11:35:51.0210 4812 [ 2AC603C3188C704CFCE353659AA7AD71 ] L1E C:\Windows\system32\DRIVERS\L1E62x64.sys

11:35:51.0257 4812 L1E - ok

11:35:51.0413 4812 [ D9F42719019740BAA6D1C6D536CBDAA6 ] LanmanServer C:\Windows\system32\srvsvc.dll

11:35:51.0569 4812 LanmanServer - ok

11:35:51.0647 4812 [ 851A1382EED3E3A7476DB004F4EE3E1A ] LanmanWorkstation C:\Windows\System32\wkssvc.dll

11:35:51.0803 4812 LanmanWorkstation - ok

11:35:52.0130 4812 [ 93B73DED2BC688F140C6AE2FBAD45789 ] Live Updater Service C:\Program Files\Acer\Acer Updater\UpdaterService.exe

11:35:52.0177 4812 Live Updater Service - ok

11:35:52.0255 4812 [ 1538831CF8AD2979A04C423779465827 ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys

11:35:52.0380 4812 lltdio - ok

11:35:52.0505 4812 [ C1185803384AB3FEED115F79F109427F ] lltdsvc C:\Windows\System32\lltdsvc.dll

11:35:52.0661 4812 lltdsvc - ok

11:35:52.0723 4812 [ F993A32249B66C9D622EA5592A8B76B8 ] lmhosts C:\Windows\System32\lmhsvc.dll

11:35:52.0848 4812 lmhosts - ok

11:35:53.0066 4812 [ E7859BA062DB5E23C6DD34AD66B09F50 ] LMS C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe

11:35:53.0113 4812 LMS - ok

11:35:53.0175 4812 [ 1A93E54EB0ECE102495A51266DCDB6A6 ] LSI_FC C:\Windows\system32\drivers\lsi_fc.sys

11:35:53.0222 4812 LSI_FC - ok

11:35:53.0253 4812 [ 1047184A9FDC8BDBFF857175875EE810 ] LSI_SAS C:\Windows\system32\drivers\lsi_sas.sys

11:35:53.0300 4812 LSI_SAS - ok

11:35:53.0394 4812 [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93 ] LSI_SAS2 C:\Windows\system32\drivers\lsi_sas2.sys

11:35:53.0441 4812 LSI_SAS2 - ok

11:35:53.0487 4812 [ 0504EACAFF0D3C8AED161C4B0D369D4A ] LSI_SCSI C:\Windows\system32\drivers\lsi_scsi.sys

11:35:53.0534 4812 LSI_SCSI - ok

11:35:53.0565 4812 [ 43D0F98E1D56CCDDB0D5254CFF7B356E ] luafv C:\Windows\system32\drivers\luafv.sys

11:35:53.0706 4812 luafv - ok

11:35:53.0799 4812 [ 0BB97D43299910CBFBA59C461B99B910 ] MBAMProtector C:\Windows\system32\drivers\mbam.sys

11:35:53.0846 4812 MBAMProtector - ok

11:35:54.0111 4812 [ 65085456FD9A74D7F1A999520C299ECB ] MBAMScheduler C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe

11:35:54.0158 4812 MBAMScheduler - ok

11:35:54.0392 4812 [ E0D7732F2D2E24B2DB3F67B6750295B8 ] MBAMService C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe

11:35:54.0455 4812 MBAMService - ok

11:35:54.0501 4812 [ 0BE09CD858ABF9DF6ED259D57A1A1663 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll

11:35:54.0579 4812 Mcx2Svc - ok

11:35:54.0642 4812 [ A55805F747C6EDB6A9080D7C633BD0F4 ] megasas C:\Windows\system32\drivers\megasas.sys

11:35:54.0673 4812 megasas - ok

11:35:54.0767 4812 [ BAF74CE0072480C3B6B7C13B2A94D6B3 ] MegaSR C:\Windows\system32\drivers\MegaSR.sys

11:35:54.0813 4812 MegaSR - ok

11:35:54.0907 4812 [ A6518DCC42F7A6E999BB3BEA8FD87567 ] MEIx64 C:\Windows\system32\DRIVERS\HECIx64.sys

11:35:54.0938 4812 MEIx64 - ok

11:35:55.0047 4812 [ E40E80D0304A73E8D269F7141D77250B ] MMCSS C:\Windows\system32\mmcss.dll

11:35:55.0172 4812 MMCSS - ok

11:35:55.0203 4812 [ 800BA92F7010378B09F9ED9270F07137 ] Modem C:\Windows\system32\drivers\modem.sys

11:35:55.0344 4812 Modem - ok

11:35:55.0437 4812 [ B03D591DC7DA45ECE20B3B467E6AADAA ] monitor C:\Windows\system32\DRIVERS\monitor.sys

11:35:55.0500 4812 monitor - ok

11:35:55.0609 4812 [ 7D27EA49F3C1F687D357E77A470AEA99 ] mouclass C:\Windows\system32\DRIVERS\mouclass.sys

11:35:55.0640 4812 mouclass - ok

11:35:55.0781 4812 [ D3BF052C40B0C4166D9FD86A4288C1E6 ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys

11:35:55.0843 4812 mouhid - ok

11:35:55.0874 4812 [ 32E7A3D591D671A6DF2DB515A5CBE0FA ] mountmgr C:\Windows\system32\drivers\mountmgr.sys

11:35:55.0921 4812 mountmgr - ok

11:35:56.0093 4812 [ 7EDBBB9351A38C6BB0FE98CFD44DB430 ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe

11:35:56.0139 4812 MozillaMaintenance - ok

11:35:56.0217 4812 [ A44B420D30BD56E145D6A2BC8768EC58 ] mpio C:\Windows\system32\drivers\mpio.sys

11:35:56.0249 4812 mpio - ok

11:35:56.0295 4812 [ 6C38C9E45AE0EA2FA5E551F2ED5E978F ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys

11:35:56.0405 4812 mpsdrv - ok

11:35:56.0451 4812 [ DC722758B8261E1ABAFD31A3C0A66380 ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys

11:35:56.0545 4812 MRxDAV - ok

11:35:56.0654 4812 [ A5D9106A73DC88564C825D317CAC68AC ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys

11:35:56.0732 4812 mrxsmb - ok

11:35:56.0841 4812 [ D711B3C1D5F42C0C2415687BE09FC163 ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys

11:35:56.0904 4812 mrxsmb10 - ok

11:35:56.0935 4812 [ 9423E9D355C8D303E76B8CFBD8A5C30C ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys

11:35:56.0982 4812 mrxsmb20 - ok

11:35:57.0060 4812 [ C25F0BAFA182CBCA2DD3C851C2E75796 ] msahci C:\Windows\system32\drivers\msahci.sys

11:35:57.0091 4812 msahci - ok

11:35:57.0153 4812 [ DB801A638D011B9633829EB6F663C900 ] msdsm C:\Windows\system32\drivers\msdsm.sys

11:35:57.0200 4812 msdsm - ok

11:35:57.0263 4812 [ DE0ECE52236CFA3ED2DBFC03F28253A8 ] MSDTC C:\Windows\System32\msdtc.exe

11:35:57.0341 4812 MSDTC - ok

11:35:57.0387 4812 [ AA3FB40E17CE1388FA1BEDAB50EA8F96 ] Msfs C:\Windows\system32\drivers\Msfs.sys

11:35:57.0481 4812 Msfs - ok

11:35:57.0543 4812 [ F9D215A46A8B9753F61767FA72A20326 ] mshidkmdf C:\Windows\System32\drivers\mshidkmdf.sys

11:35:57.0684 4812 mshidkmdf - ok

11:35:57.0715 4812 [ D916874BBD4F8B07BFB7FA9B3CCAE29D ] msisadrv C:\Windows\system32\drivers\msisadrv.sys

11:35:57.0762 4812 msisadrv - ok

11:35:57.0871 4812 [ 808E98FF49B155C522E6400953177B08 ] MSiSCSI C:\Windows\system32\iscsiexe.dll

11:35:58.0027 4812 MSiSCSI - ok

11:35:58.0027 4812 msiserver - ok

11:35:58.0121 4812 [ 49CCF2C4FEA34FFAD8B1B59D49439366 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys

11:35:58.0246 4812 MSKSSRV - ok

11:35:58.0308 4812 [ BDD71ACE35A232104DDD349EE70E1AB3 ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys

11:35:58.0448 4812 MSPCLOCK - ok

11:35:58.0480 4812 [ 4ED981241DB27C3383D72092B618A1D0 ] MSPQM C:\Windows\system32\drivers\MSPQM.sys

11:35:58.0604 4812 MSPQM - ok

11:35:58.0714 4812 [ 759A9EEB0FA9ED79DA1FB7D4EF78866D ] MsRPC C:\Windows\system32\drivers\MsRPC.sys

11:35:58.0776 4812 MsRPC - ok

11:35:58.0807 4812 [ 0EED230E37515A0EAEE3C2E1BC97B288 ] mssmbios C:\Windows\system32\drivers\mssmbios.sys

11:35:58.0838 4812 mssmbios - ok

11:35:58.0885 4812 [ 2E66F9ECB30B4221A318C92AC2250779 ] MSTEE C:\Windows\system32\drivers\MSTEE.sys

11:35:59.0026 4812 MSTEE - ok

11:35:59.0088 4812 [ 7EA404308934E675BFFDE8EDF0757BCD ] MTConfig C:\Windows\system32\drivers\MTConfig.sys

11:35:59.0135 4812 MTConfig - ok

11:35:59.0197 4812 [ F9A18612FD3526FE473C1BDA678D61C8 ] Mup C:\Windows\system32\Drivers\mup.sys

11:35:59.0244 4812 Mup - ok

11:35:59.0322 4812 [ C009123B206C56854F4E88596035231D ] mwlPSDFilter C:\Windows\system32\DRIVERS\mwlPSDFilter.sys

11:35:59.0353 4812 mwlPSDFilter - ok

11:35:59.0384 4812 [ BF3739EEB9F008B1DEBAC115089A53F8 ] mwlPSDNServ C:\Windows\system32\DRIVERS\mwlPSDNServ.sys

11:35:59.0431 4812 mwlPSDNServ - ok

11:35:59.0447 4812 [ 38DD143D95E7A01B86F219DDA9C28779 ] mwlPSDVDisk C:\Windows\system32\DRIVERS\mwlPSDVDisk.sys

11:35:59.0478 4812 mwlPSDVDisk - ok

11:35:59.0650 4812 [ 582AC6D9873E31DFA28A4547270862DD ] napagent C:\Windows\system32\qagentRT.dll

11:35:59.0821 4812 napagent - ok

11:36:00.0040 4812 [ 1EA3749C4114DB3E3161156FFFFA6B33 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys

11:36:00.0133 4812 NativeWifiP - ok

11:36:00.0617 4812 [ 760E38053BF56E501D562B70AD796B88 ] NDIS C:\Windows\system32\drivers\ndis.sys

11:36:00.0695 4812 NDIS - ok

11:36:00.0788 4812 [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC ] NdisCap C:\Windows\system32\DRIVERS\ndiscap.sys

11:36:00.0929 4812 NdisCap - ok

11:36:00.0976 4812 [ 30639C932D9FEF22B31268FE25A1B6E5 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys

11:36:01.0085 4812 NdisTapi - ok

11:36:01.0163 4812 [ 136185F9FB2CC61E573E676AA5402356 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys

11:36:01.0303 4812 Ndisuio - ok

11:36:01.0366 4812 [ 53F7305169863F0A2BDDC49E116C2E11 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys

11:36:01.0490 4812 NdisWan - ok

11:36:01.0537 4812 [ 015C0D8E0E0421B4CFD48CFFE2825879 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys

11:36:01.0646 4812 NDProxy - ok

11:36:01.0724 4812 [ 86743D9F5D2B1048062B14B1D84501C4 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys

11:36:01.0865 4812 NetBIOS - ok

11:36:01.0958 4812 [ 09594D1089C523423B32A4229263F068 ] NetBT C:\Windows\system32\DRIVERS\netbt.sys

11:36:02.0068 4812 NetBT - ok

11:36:02.0114 4812 [ C118A82CD78818C29AB228366EBF81C3 ] Netlogon C:\Windows\system32\lsass.exe

11:36:02.0161 4812 Netlogon - ok

11:36:02.0317 4812 [ 847D3AE376C0817161A14A82C8922A9E ] Netman C:\Windows\System32\netman.dll

11:36:02.0458 4812 Netman - ok

11:36:02.0629 4812 [ 5F28111C648F1E24F7DBC87CDEB091B8 ] netprofm C:\Windows\System32\netprofm.dll

11:36:02.0770 4812 netprofm - ok

11:36:02.0832 4812 [ 3E5A36127E201DDF663176B66828FAFE ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe

11:36:02.0863 4812 NetTcpPortSharing - ok

11:36:02.0988 4812 [ 77889813BE4D166CDAB78DDBA990DA92 ] nfrd960 C:\Windows\system32\drivers\nfrd960.sys

11:36:03.0019 4812 nfrd960 - ok

11:36:03.0128 4812 [ 8AD77806D336673F270DB31645267293 ] NlaSvc C:\Windows\System32\nlasvc.dll

11:36:03.0238 4812 NlaSvc - ok

11:36:03.0284 4812 [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7 ] Npfs C:\Windows\system32\drivers\Npfs.sys

11:36:03.0394 4812 Npfs - ok

11:36:03.0409 4812 npggsvc - ok

11:36:03.0503 4812 [ D54BFDF3E0C953F823B3D0BFE4732528 ] nsi C:\Windows\system32\nsisvc.dll

11:36:03.0674 4812 nsi - ok

11:36:03.0752 4812 [ E7F5AE18AF4168178A642A9247C63001 ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys

11:36:03.0924 4812 nsiproxy - ok

11:36:04.0408 4812 [ B98F8C6E31CD07B2E6F71F7F648E38C0 ] Ntfs C:\Windows\system32\drivers\Ntfs.sys

11:36:04.0517 4812 Ntfs - ok

11:36:04.0720 4812 [ 1873214666F6F0A883742DF91FBC48C9 ] NTI IScheduleSvc C:\Program Files (x86)\NTI\Acer Backup Manager\IScheduleSvc.exe

11:36:04.0751 4812 NTI IScheduleSvc - ok

11:36:04.0829 4812 [ EE3BA1024594D5D09E314F206B94069E ] NTIDrvr C:\Windows\system32\drivers\NTIDrvr.sys

11:36:04.0860 4812 NTIDrvr - ok

11:36:04.0938 4812 [ 9899284589F75FA8724FF3D16AED75C1 ] Null C:\Windows\system32\drivers\Null.sys

11:36:05.0047 4812 Null - ok

11:36:05.0125 4812 [ 0A92CB65770442ED0DC44834632F66AD ] nvraid C:\Windows\system32\drivers\nvraid.sys

11:36:05.0172 4812 nvraid - ok

11:36:05.0250 4812 [ DAB0E87525C10052BF65F06152F37E4A ] nvstor C:\Windows\system32\drivers\nvstor.sys

11:36:05.0297 4812 nvstor - ok

11:36:05.0344 4812 [ 270D7CD42D6E3979F6DD0146650F0E05 ] nv_agp C:\Windows\system32\drivers\nv_agp.sys

11:36:05.0390 4812 nv_agp - ok

11:36:05.0406 4812 [ 3589478E4B22CE21B41FA1BFC0B8B8A0 ] ohci1394 C:\Windows\system32\drivers\ohci1394.sys

11:36:05.0453 4812 ohci1394 - ok

11:36:05.0749 4812 [ 9D10F99A6712E28F8ACD5641E3A7EA6B ] ose C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE

11:36:05.0796 4812 ose - ok

11:36:07.0340 4812 [ 61BFFB5F57AD12F83AB64B7181829B34 ] osppsvc C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE

11:36:07.0746 4812 osppsvc - ok

11:36:07.0886 4812 [ 3EAC4455472CC2C97107B5291E0DCAFE ] p2pimsvc C:\Windows\system32\pnrpsvc.dll

11:36:07.0964 4812 p2pimsvc - ok

11:36:08.0136 4812 [ 927463ECB02179F88E4B9A17568C63C3 ] p2psvc C:\Windows\system32\p2psvc.dll

11:36:08.0198 4812 p2psvc - ok

11:36:08.0261 4812 [ 0086431C29C35BE1DBC43F52CC273887 ] Parport C:\Windows\system32\drivers\parport.sys

11:36:08.0323 4812 Parport - ok

11:36:08.0370 4812 [ E9766131EEADE40A27DC27D2D68FBA9C ] partmgr C:\Windows\system32\drivers\partmgr.sys

11:36:08.0401 4812 partmgr - ok

11:36:08.0479 4812 [ 3AEAA8B561E63452C655DC0584922257 ] PcaSvc C:\Windows\System32\pcasvc.dll

11:36:08.0588 4812 PcaSvc - ok

11:36:08.0666 4812 [ 94575C0571D1462A0F70BDE6BD6EE6B3 ] pci C:\Windows\system32\drivers\pci.sys

11:36:08.0713 4812 pci - ok

11:36:08.0729 4812 [ B5B8B5EF2E5CB34DF8DCF8831E3534FA ] pciide C:\Windows\system32\drivers\pciide.sys

11:36:08.0776 4812 pciide - ok

11:36:08.0838 4812 [ B2E81D4E87CE48589F98CB8C05B01F2F ] pcmcia C:\Windows\system32\drivers\pcmcia.sys

11:36:08.0885 4812 pcmcia - ok

11:36:08.0916 4812 [ D6B9C2E1A11A3A4B26A182FFEF18F603 ] pcw C:\Windows\system32\drivers\pcw.sys

11:36:08.0947 4812 pcw - ok

11:36:08.0994 4812 [ 68769C3356B3BE5D1C732C97B9A80D6E ] PEAUTH C:\Windows\system32\drivers\peauth.sys

11:36:09.0150 4812 PEAUTH - ok

11:36:10.0211 4812 [ E495E408C93141E8FC72DC0C6046DDFA ] PerfHost C:\Windows\SysWow64\perfhost.exe

11:36:10.0304 4812 PerfHost - ok

11:36:10.0523 4812 [ C7CF6A6E137463219E1259E3F0F0DD6C ] pla C:\Windows\system32\pla.dll

11:36:10.0741 4812 pla - ok

11:36:10.0850 4812 [ 25FBDEF06C4D92815B353F6E792C8129 ] PlugPlay C:\Windows\system32\umpnpmgr.dll

11:36:10.0944 4812 PlugPlay - ok

11:36:11.0006 4812 PnkBstrA - ok

11:36:11.0069 4812 [ 7195581CEC9BB7D12ABE54036ACC2E38 ] PNRPAutoReg C:\Windows\system32\pnrpauto.dll

11:36:11.0147 4812 PNRPAutoReg - ok

11:36:11.0225 4812 [ 3EAC4455472CC2C97107B5291E0DCAFE ] PNRPsvc C:\Windows\system32\pnrpsvc.dll

11:36:11.0287 4812 PNRPsvc - ok

11:36:11.0365 4812 [ 4F15D75ADF6156BF56ECED6D4A55C389 ] PolicyAgent C:\Windows\System32\ipsecsvc.dll

11:36:11.0521 4812 PolicyAgent - ok

11:36:11.0584 4812 [ 6BA9D927DDED70BD1A9CADED45F8B184 ] Power C:\Windows\system32\umpo.dll

11:36:11.0755 4812 Power - ok

11:36:11.0833 4812 [ F92A2C41117A11A00BE01CA01A7FCDE9 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys

11:36:11.0974 4812 PptpMiniport - ok

11:36:12.0052 4812 [ 0D922E23C041EFB1C3FAC2A6F943C9BF ] Processor C:\Windows\system32\drivers\processr.sys

11:36:12.0130 4812 Processor - ok

11:36:12.0239 4812 [ 53E83F1F6CF9D62F32801CF66D8352A8 ] ProfSvc C:\Windows\system32\profsvc.dll

11:36:12.0332 4812 ProfSvc - ok

11:36:12.0364 4812 [ C118A82CD78818C29AB228366EBF81C3 ] ProtectedStorage C:\Windows\system32\lsass.exe

11:36:12.0410 4812 ProtectedStorage - ok

11:36:12.0473 4812 [ 0557CF5A2556BD58E26384169D72438D ] Psched C:\Windows\system32\DRIVERS\pacer.sys

11:36:12.0613 4812 Psched - ok

11:36:12.0691 4812 [ 87B04878A6D59D6C79251DC960C674C1 ] PxHlpa64 C:\Windows\system32\Drivers\PxHlpa64.sys

11:36:12.0738 4812 PxHlpa64 - ok

11:36:12.0894 4812 [ A53A15A11EBFD21077463EE2C7AFEEF0 ] ql2300 C:\Windows\system32\drivers\ql2300.sys

11:36:13.0050 4812 ql2300 - ok

11:36:13.0066 4812 [ 4F6D12B51DE1AAEFF7DC58C4D75423C8 ] ql40xx C:\Windows\system32\drivers\ql40xx.sys

11:36:13.0097 4812 ql40xx - ok

11:36:13.0175 4812 [ 906191634E99AEA92C4816150BDA3732 ] QWAVE C:\Windows\system32\qwave.dll

11:36:13.0253 4812 QWAVE - ok

11:36:13.0268 4812 [ 76707BB36430888D9CE9D705398ADB6C ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys

11:36:13.0362 4812 QWAVEdrv - ok

11:36:13.0409 4812 [ 5A0DA8AD5762FA2D91678A8A01311704 ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys

11:36:13.0565 4812 RasAcd - ok

11:36:13.0643 4812 [ 7ECFF9B22276B73F43A99A15A6094E90 ] RasAgileVpn C:\Windows\system32\DRIVERS\AgileVpn.sys

11:36:13.0736 4812 RasAgileVpn - ok

11:36:13.0799 4812 [ 8F26510C5383B8DBE976DE1CD00FC8C7 ] RasAuto C:\Windows\System32\rasauto.dll

11:36:13.0939 4812 RasAuto - ok

11:36:13.0970 4812 [ 471815800AE33E6F1C32FB1B97C490CA ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys

11:36:14.0111 4812 Rasl2tp - ok

11:36:14.0189 4812 [ EE867A0870FC9E4972BA9EAAD35651E2 ] RasMan C:\Windows\System32\rasmans.dll

11:36:14.0360 4812 RasMan - ok

11:36:14.0392 4812 [ 855C9B1CD4756C5E9A2AA58A15F58C25 ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys

11:36:14.0532 4812 RasPppoe - ok

11:36:14.0563 4812 [ E8B1E447B008D07FF47D016C2B0EEECB ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys

11:36:14.0704 4812 RasSstp - ok

11:36:14.0875 4812 [ 77F665941019A1594D887A74F301FA2F ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys

11:36:15.0031 4812 rdbss - ok

11:36:15.0125 4812 [ 302DA2A0539F2CF54D7C6CC30C1F2D8D ] rdpbus C:\Windows\system32\drivers\rdpbus.sys

11:36:15.0234 4812 rdpbus - ok

11:36:15.0296 4812 [ CEA6CC257FC9B7715F1C2B4849286D24 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys

11:36:15.0437 4812 RDPCDD - ok

11:36:15.0515 4812 [ BB5971A4F00659529A5C44831AF22365 ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys

11:36:15.0655 4812 RDPENCDD - ok

11:36:15.0733 4812 [ 216F3FA57533D98E1F74DED70113177A ] RDPREFMP C:\Windows\system32\drivers\rdprefmp.sys

11:36:15.0827 4812 RDPREFMP - ok

11:36:15.0967 4812 [ E61608AA35E98999AF9AAEEEA6114B0A ] RDPWD C:\Windows\system32\drivers\RDPWD.sys

11:36:16.0030 4812 RDPWD - ok

11:36:16.0061 4812 [ 34ED295FA0121C241BFEF24764FC4520 ] rdyboost C:\Windows\system32\drivers\rdyboost.sys

11:36:16.0108 4812 rdyboost - ok

11:36:16.0186 4812 [ 254FB7A22D74E5511C73A3F6D802F192 ] RemoteAccess C:\Windows\System32\mprdim.dll

11:36:16.0326 4812 RemoteAccess - ok

11:36:16.0388 4812 [ E4D94F24081440B5FC5AA556C7C62702 ] RemoteRegistry C:\Windows\system32\regsvc.dll

11:36:16.0513 4812 RemoteRegistry - ok

11:36:16.0607 4812 [ 7B04C9843921AB1F695FB395422C5360 ] RimUsb C:\Windows\system32\Drivers\RimUsb_AMD64.sys

11:36:16.0638 4812 RimUsb - ok

11:36:16.0747 4812 [ E4DC58CF7B3EA515AE917FF0D402A7BB ] RpcEptMapper C:\Windows\System32\RpcEpMap.dll

11:36:16.0919 4812 RpcEptMapper - ok

11:36:17.0012 4812 [ D5BA242D4CF8E384DB90E6A8ED850B8C ] RpcLocator C:\Windows\system32\locator.exe

11:36:17.0059 4812 RpcLocator - ok

11:36:17.0246 4812 [ 5C627D1B1138676C0A7AB2C2C190D123 ] RpcSs C:\Windows\system32\rpcss.dll

11:36:17.0371 4812 RpcSs - ok

11:36:17.0480 4812 [ DDC86E4F8E7456261E637E3552E804FF ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys

11:36:17.0605 4812 rspndr - ok

11:36:17.0668 4812 [ C118A82CD78818C29AB228366EBF81C3 ] SamSs C:\Windows\system32\lsass.exe

11:36:17.0714 4812 SamSs - ok

11:36:17.0761 4812 [ AC03AF3329579FFFB455AA2DAABBE22B ] sbp2port C:\Windows\system32\drivers\sbp2port.sys

11:36:17.0808 4812 sbp2port - ok

11:36:17.0886 4812 [ 9B7395789E3791A3B6D000FE6F8B131E ] SCardSvr C:\Windows\System32\SCardSvr.dll

11:36:18.0011 4812 SCardSvr - ok

11:36:18.0042 4812 [ 253F38D0D7074C02FF8DEB9836C97D2B ] scfilter C:\Windows\system32\DRIVERS\scfilter.sys

11:36:18.0214 4812 scfilter - ok

11:36:18.0463 4812 [ 262F6592C3299C005FD6BEC90FC4463A ] Schedule C:\Windows\system32\schedsvc.dll

11:36:18.0650 4812 Schedule - ok

11:36:18.0728 4812 [ F17D1D393BBC69C5322FBFAFACA28C7F ] SCPolicySvc C:\Windows\System32\certprop.dll

11:36:18.0822 4812 SCPolicySvc - ok

11:36:18.0916 4812 [ 111E0EBC0AD79CB0FA014B907B231CF0 ] sdbus C:\Windows\system32\DRIVERS\sdbus.sys

11:36:19.0009 4812 sdbus - ok

11:36:19.0040 4812 [ 6EA4234DC55346E0709560FE7C2C1972 ] SDRSVC C:\Windows\System32\SDRSVC.dll

11:36:19.0134 4812 SDRSVC - ok

11:36:19.0196 4812 [ 3EA8A16169C26AFBEB544E0E48421186 ] secdrv C:\Windows\system32\drivers\secdrv.sys

11:36:19.0337 4812 secdrv - ok

11:36:19.0384 4812 [ BC617A4E1B4FA8DF523A061739A0BD87 ] seclogon C:\Windows\system32\seclogon.dll

11:36:19.0493 4812 seclogon - ok

11:36:19.0540 4812 [ C32AB8FA018EF34C0F113BD501436D21 ] SENS C:\Windows\System32\sens.dll

11:36:19.0680 4812 SENS - ok

11:36:19.0711 4812 [ 0336CFFAFAAB87A11541F1CF1594B2B2 ] SensrSvc C:\Windows\system32\sensrsvc.dll

11:36:19.0789 4812 SensrSvc - ok

11:36:19.0836 4812 [ CB624C0035412AF0DEBEC78C41F5CA1B ] Serenum C:\Windows\system32\drivers\serenum.sys

11:36:19.0914 4812 Serenum - ok

11:36:19.0976 4812 [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6 ] Serial C:\Windows\system32\drivers\serial.sys

11:36:20.0039 4812 Serial - ok

11:36:20.0086 4812 [ 1C545A7D0691CC4A027396535691C3E3 ] sermouse C:\Windows\system32\drivers\sermouse.sys

11:36:20.0164 4812 sermouse - ok

11:36:20.0210 4812 [ 0B6231BF38174A1628C4AC812CC75804 ] SessionEnv C:\Windows\system32\sessenv.dll

11:36:20.0366 4812 SessionEnv - ok

11:36:20.0398 4812 [ A554811BCD09279536440C964AE35BBF ] sffdisk C:\Windows\system32\drivers\sffdisk.sys

11:36:20.0444 4812 sffdisk - ok

11:36:20.0476 4812 [ FF414F0BAEFEBA59BC6C04B3DB0B87BF ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys

11:36:20.0554 4812 sffp_mmc - ok

11:36:20.0600 4812 [ DD85B78243A19B59F0637DCF284DA63C ] sffp_sd C:\Windows\system32\drivers\sffp_sd.sys

11:36:20.0694 4812 sffp_sd - ok

11:36:20.0756 4812 [ A9D601643A1647211A1EE2EC4E433FF4 ] sfloppy C:\Windows\system32\drivers\sfloppy.sys

11:36:20.0788 4812 sfloppy - ok

11:36:20.0897 4812 [ C6CC9297BD53E5229653303E556AA539 ] Sftfs C:\Windows\system32\DRIVERS\Sftfslh.sys

11:36:20.0959 4812 Sftfs - ok

11:36:21.0193 4812 [ 13693B6354DD6E72DC5131DA7D764B90 ] sftlist C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe

11:36:21.0224 4812 sftlist - ok

11:36:21.0302 4812 [ 390AA7BC52CEE43F6790CDEA1E776703 ] Sftplay C:\Windows\system32\DRIVERS\Sftplaylh.sys

11:36:21.0334 4812 Sftplay - ok

11:36:21.0380 4812 [ 617E29A0B0A2807466560D4C4E338D3E ] Sftredir C:\Windows\system32\DRIVERS\Sftredirlh.sys

11:36:21.0396 4812 Sftredir - ok

11:36:21.0443 4812 [ 8F571F016FA1976F445147E9E6C8AE9B ] Sftvol C:\Windows\system32\DRIVERS\Sftvollh.sys

11:36:21.0474 4812 Sftvol - ok

11:36:21.0614 4812 [ C3CDDD18F43D44AB713CF8C4916F7696 ] sftvsa C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe

11:36:21.0661 4812 sftvsa - ok

11:36:21.0770 4812 [ AAF932B4011D14052955D4B212A4DA8D ] ShellHWDetection C:\Windows\System32\shsvcs.dll

11:36:21.0926 4812 ShellHWDetection - ok

11:36:21.0989 4812 [ 843CAF1E5FDE1FFD5FF768F23A51E2E1 ] SiSRaid2 C:\Windows\system32\drivers\SiSRaid2.sys

11:36:22.0036 4812 SiSRaid2 - ok

11:36:22.0051 4812 [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4 ] SiSRaid4 C:\Windows\system32\drivers\sisraid4.sys

11:36:22.0098 4812 SiSRaid4 - ok

11:36:22.0753 4812 [ 0C1B2E3A897397738D9F81CD3D152AF0 ] Skype C2C Service C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe

11:36:22.0925 4812 Skype C2C Service - ok

11:36:23.0081 4812 [ 7C15061CD0372487903B07B9BB03AFAD ] SkypeUpdate C:\Program Files (x86)\Skype\Updater\Updater.exe

11:36:23.0112 4812 SkypeUpdate - ok

11:36:23.0190 4812 [ 548260A7B8654E024DC30BF8A7C5BAA4 ] Smb C:\Windows\system32\DRIVERS\smb.sys

11:36:23.0330 4812 Smb - ok

11:36:23.0393 4812 [ 6313F223E817CC09AA41811DAA7F541D ] SNMPTRAP C:\Windows\System32\snmptrap.exe

11:36:23.0502 4812 SNMPTRAP - ok

11:36:23.0533 4812 [ B9E31E5CACDFE584F34F730A677803F9 ] spldr C:\Windows\system32\drivers\spldr.sys

11:36:23.0580 4812 spldr - ok

11:36:23.0720 4812 [ 85DAA09A98C9286D4EA2BA8D0E644377 ] Spooler C:\Windows\System32\spoolsv.exe

11:36:23.0783 4812 Spooler - ok

11:36:24.0298 4812 [ E17E0188BB90FAE42D83E98707EFA59C ] sppsvc C:\Windows\system32\sppsvc.exe

11:36:24.0532 4812 sppsvc - ok

11:36:24.0578 4812 [ 93D7D61317F3D4BC4F4E9F8A96A7DE45 ] sppuinotify C:\Windows\system32\sppuinotify.dll

11:36:24.0688 4812 sppuinotify - ok

11:36:24.0844 4812 [ D6AB7C13FCDD2E4CAC35244D2C172D9A ] sptd C:\Windows\System32\Drivers\sptd.sys

11:36:24.0906 4812 sptd - ok

11:36:24.0953 4812 [ 441FBA48BFF01FDB9D5969EBC1838F0B ] srv C:\Windows\system32\DRIVERS\srv.sys

11:36:25.0062 4812 srv - ok

11:36:25.0156 4812 [ B4ADEBBF5E3677CCE9651E0F01F7CC28 ] srv2 C:\Windows\system32\DRIVERS\srv2.sys

11:36:25.0249 4812 srv2 - ok

11:36:25.0343 4812 [ 27E461F0BE5BFF5FC737328F749538C3 ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys

11:36:25.0390 4812 srvnet - ok

11:36:25.0468 4812 [ 51B52FBD583CDE8AA9BA62B8B4298F33 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll

11:36:25.0608 4812 SSDPSRV - ok

11:36:25.0655 4812 [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB ] SstpSvc C:\Windows\system32\sstpsvc.dll

11:36:25.0764 4812 SstpSvc - ok

11:36:25.0811 4812 [ F3817967ED533D08327DC73BC4D5542A ] stexstor C:\Windows\system32\drivers\stexstor.sys

11:36:25.0858 4812 stexstor - ok

11:36:25.0920 4812 [ 8DD52E8E6128F4B2DA92CE27402871C1 ] stisvc C:\Windows\System32\wiaservc.dll

11:36:25.0998 4812 stisvc - ok

11:36:26.0045 4812 [ D01EC09B6711A5F8E7E6564A4D0FBC90 ] swenum C:\Windows\system32\drivers\swenum.sys

11:36:26.0076 4812 swenum - ok

11:36:26.0279 4812 [ E08E46FDD841B7184194011CA1955A0B ] swprv C:\Windows\System32\swprv.dll

11:36:26.0435 4812 swprv - ok

11:36:26.0528 4812 [ 57B534A913E81E7CF91C3D5854D2F80E ] SynTP C:\Windows\system32\DRIVERS\SynTP.sys

11:36:26.0575 4812 SynTP - ok

11:36:26.0716 4812 [ BF9CCC0BF39B418C8D0AE8B05CF95B7D ] SysMain C:\Windows\system32\sysmain.dll

11:36:26.0872 4812 SysMain - ok

11:36:26.0965 4812 [ E3C61FD7B7C2557E1F1B0B4CEC713585 ] TabletInputService C:\Windows\System32\TabSvc.dll

11:36:27.0028 4812 TabletInputService - ok

11:36:27.0168 4812 [ 40F0849F65D13EE87B9A9AE3C1DD6823 ] TapiSrv C:\Windows\System32\tapisrv.dll

11:36:27.0308 4812 TapiSrv - ok

11:36:27.0386 4812 [ 1BE03AC720F4D302EA01D40F588162F6 ] TBS C:\Windows\System32\tbssvc.dll

11:36:27.0496 4812 TBS - ok

11:36:27.0636 4812 [ B62A953F2BF3922C8764A29C34A22899 ] Tcpip C:\Windows\system32\drivers\tcpip.sys

11:36:27.0839 4812 Tcpip - ok

11:36:27.0917 4812 [ B62A953F2BF3922C8764A29C34A22899 ] TCPIP6 C:\Windows\system32\DRIVERS\tcpip.sys

11:36:28.0026 4812 TCPIP6 - ok

11:36:28.0104 4812 [ 1B16D0BD9841794A6E0CDE0CEF744ABC ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys

11:36:28.0135 4812 tcpipreg - ok

11:36:28.0229 4812 [ 3371D21011695B16333A3934340C4E7C ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys

11:36:28.0322 4812 TDPIPE - ok

11:36:28.0400 4812 [ 51C5ECEB1CDEE2468A1748BE550CFBC8 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys

11:36:28.0510 4812 TDTCP - ok

11:36:28.0541 4812 [ DDAD5A7AB24D8B65F8D724F5C20FD806 ] tdx C:\Windows\system32\DRIVERS\tdx.sys

11:36:28.0650 4812 tdx - ok

11:36:28.0697 4812 [ 561E7E1F06895D78DE991E01DD0FB6E5 ] TermDD C:\Windows\system32\drivers\termdd.sys

11:36:28.0744 4812 TermDD - ok

11:36:28.0837 4812 [ 2E648163254233755035B46DD7B89123 ] TermService C:\Windows\System32\termsrv.dll

11:36:29.0024 4812 TermService - ok

11:36:29.0056 4812 [ F0344071948D1A1FA732231785A0664C ] Themes C:\Windows\system32\themeservice.dll

11:36:29.0118 4812 Themes - ok

11:36:29.0212 4812 [ E40E80D0304A73E8D269F7141D77250B ] THREADORDER C:\Windows\system32\mmcss.dll

11:36:29.0321 4812 THREADORDER - ok

11:36:29.0399 4812 [ 36E1383019695CB722E685083C005FDD ] TotRec8 C:\Windows\system32\drivers\TotRec8.sys

11:36:29.0430 4812 TotRec8 - ok

11:36:29.0461 4812 [ 7E7AFD841694F6AC397E99D75CEAD49D ] TrkWks C:\Windows\System32\trkwks.dll

11:36:29.0633 4812 TrkWks - ok

11:36:29.0820 4812 [ 773212B2AAA24C1E31F10246B15B276C ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe

11:36:29.0992 4812 TrustedInstaller - ok

11:36:30.0085 4812 [ CE18B2CDFC837C99E5FAE9CA6CBA5D30 ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys

11:36:30.0226 4812 tssecsrv - ok

11:36:30.0304 4812 [ D11C783E3EF9A3C52C0EBE83CC5000E9 ] TsUsbFlt C:\Windows\system32\drivers\tsusbflt.sys

11:36:30.0350 4812 TsUsbFlt - ok

11:36:30.0382 4812 [ 9CC2CCAE8A84820EAECB886D477CBCB8 ] TsUsbGD C:\Windows\system32\drivers\TsUsbGD.sys

11:36:30.0460 4812 TsUsbGD - ok

11:36:30.0522 4812 [ 3566A8DAAFA27AF944F5D705EAA64894 ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys

11:36:30.0662 4812 tunnel - ok

11:36:30.0694 4812 [ B4DD609BD7E282BFC683CEC7EAAAAD67 ] uagp35 C:\Windows\system32\drivers\uagp35.sys

11:36:30.0725 4812 uagp35 - ok

11:36:30.0818 4812 [ A17D5E1A6DF4EAB0A480F2C490DE4C9D ] UBHelper C:\Windows\system32\drivers\UBHelper.sys

11:36:30.0850 4812 UBHelper - ok

11:36:30.0896 4812 [ FF4232A1A64012BAA1FD97C7B67DF593 ] udfs C:\Windows\system32\DRIVERS\udfs.sys

11:36:31.0068 4812 udfs - ok

11:36:31.0115 4812 [ 3CBDEC8D06B9968ABA702EBA076364A1 ] UI0Detect C:\Windows\system32\UI0Detect.exe

11:36:31.0193 4812 UI0Detect - ok

11:36:31.0271 4812 [ 4BFE1BC28391222894CBF1E7D0E42320 ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys

11:36:31.0302 4812 uliagpkx - ok

11:36:31.0364 4812 [ DC54A574663A895C8763AF0FA1FF7561 ] umbus C:\Windows\system32\DRIVERS\umbus.sys

11:36:31.0442 4812 umbus - ok

11:36:31.0505 4812 [ B2E8E8CB557B156DA5493BBDDCC1474D ] UmPass C:\Windows\system32\drivers\umpass.sys

11:36:31.0567 4812 UmPass - ok

11:36:32.0254 4812 [ E91F8AFBD7FB96C94B266579D6BFA77A ] UNS C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe

11:36:32.0394 4812 UNS - ok

11:36:32.0581 4812 [ D47EC6A8E81633DD18D2436B19BAF6DE ] upnphost C:\Windows\System32\upnphost.dll

11:36:32.0737 4812 upnphost - ok

11:36:32.0800 4812 [ 6F1A3157A1C89435352CEB543CDB359C ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys

11:36:32.0846 4812 usbccgp - ok

11:36:32.0893 4812 [ AF0892A803FDDA7492F595368E3B68E7 ] usbcir C:\Windows\system32\drivers\usbcir.sys

11:36:32.0940 4812 usbcir - ok

11:36:32.0971 4812 [ C025055FE7B87701EB042095DF1A2D7B ] usbehci C:\Windows\system32\drivers\usbehci.sys

11:36:33.0049 4812 usbehci - ok

11:36:33.0112 4812 [ 287C6C9410B111B68B52CA298F7B8C24 ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys

11:36:33.0190 4812 usbhub - ok

11:36:33.0236 4812 [ 9840FC418B4CBD632D3D0A667A725C31 ] usbohci C:\Windows\system32\drivers\usbohci.sys

11:36:33.0299 4812 usbohci - ok

11:36:33.0346 4812 [ 73188F58FB384E75C4063D29413CEE3D ] usbprint C:\Windows\system32\drivers\usbprint.sys

11:36:33.0424 4812 usbprint - ok

11:36:33.0470 4812 [ FED648B01349A3C8395A5169DB5FB7D6 ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS

11:36:33.0548 4812 USBSTOR - ok

11:36:33.0595 4812 [ 62069A34518BCF9C1FD9E74B3F6DB7CD ] usbuhci C:\Windows\system32\drivers\usbuhci.sys

11:36:33.0658 4812 usbuhci - ok

11:36:33.0704 4812 [ 454800C2BC7F3927CE030141EE4F4C50 ] usbvideo C:\Windows\system32\Drivers\usbvideo.sys

11:36:33.0782 4812 usbvideo - ok

11:36:33.0845 4812 [ 7B28E2FBE75115660FAB31079C0A9F29 ] usb_rndisx C:\Windows\system32\drivers\usb8023x.sys

11:36:33.0892 4812 usb_rndisx - ok

11:36:33.0938 4812 [ EDBB23CBCF2CDF727D64FF9B51A6070E ] UxSms C:\Windows\System32\uxsms.dll

11:36:34.0079 4812 UxSms - ok

11:36:34.0126 4812 [ C118A82CD78818C29AB228366EBF81C3 ] VaultSvc C:\Windows\system32\lsass.exe

11:36:34.0172 4812 VaultSvc - ok

11:36:34.0235 4812 [ C5C876CCFC083FF3B128F933823E87BD ] vdrvroot C:\Windows\system32\drivers\vdrvroot.sys

11:36:34.0282 4812 vdrvroot - ok

11:36:34.0328 4812 [ 8D6B481601D01A456E75C3210F1830BE ] vds C:\Windows\System32\vds.exe

11:36:34.0531 4812 vds - ok

11:36:34.0562 4812 [ DA4DA3F5E02943C2DC8C6ED875DE68DD ] vga C:\Windows\system32\DRIVERS\vgapnp.sys

11:36:34.0609 4812 vga - ok

11:36:34.0656 4812 [ 53E92A310193CB3C03BEA963DE7D9CFC ] VgaSave C:\Windows\System32\drivers\vga.sys

11:36:34.0781 4812 VgaSave - ok

11:36:34.0859 4812 [ 2CE2DF28C83AEAF30084E1B1EB253CBB ] vhdmp C:\Windows\system32\drivers\vhdmp.sys

11:36:34.0906 4812 vhdmp - ok

11:36:34.0921 4812 [ E5689D93FFE4E5D66C0178761240DD54 ] viaide C:\Windows\system32\drivers\viaide.sys

11:36:34.0968 4812 viaide - ok

11:36:34.0999 4812 [ D2AAFD421940F640B407AEFAAEBD91B0 ] volmgr C:\Windows\system32\drivers\volmgr.sys

11:36:35.0046 4812 volmgr - ok

11:36:35.0093 4812 [ A255814907C89BE58B79EF2F189B843B ] volmgrx C:\Windows\system32\drivers\volmgrx.sys

11:36:35.0140 4812 volmgrx - ok

11:36:35.0186 4812 [ 0D08D2F3B3FF84E433346669B5E0F639 ] volsnap C:\Windows\system32\drivers\volsnap.sys

11:36:35.0233 4812 volsnap - ok

11:36:35.0280 4812 [ 5E2016EA6EBACA03C04FEAC5F330D997 ] vsmraid C:\Windows\system32\drivers\vsmraid.sys

11:36:35.0327 4812 vsmraid - ok

11:36:35.0639 4812 [ B60BA0BC31B0CB414593E169F6F21CC2 ] VSS C:\Windows\system32\vssvc.exe

11:36:35.0826 4812 VSS - ok

11:36:35.0857 4812 [ 36D4720B72B5C5D9CB2B9C29E9DF67A1 ] vwifibus C:\Windows\system32\DRIVERS\vwifibus.sys

11:36:35.0935 4812 vwifibus - ok

11:36:36.0013 4812 [ 6A3D66263414FF0D6FA754C646612F3F ] vwififlt C:\Windows\system32\DRIVERS\vwififlt.sys

11:36:36.0122 4812 vwififlt - ok

11:36:36.0169 4812 [ 1C9D80CC3849B3788048078C26486E1A ] W32Time C:\Windows\system32\w32time.dll

11:36:36.0294 4812 W32Time - ok

11:36:36.0403 4812 [ 4E9440F4F152A7B944CB1663D3935A3E ] WacomPen C:\Windows\system32\drivers\wacompen.sys

11:36:36.0466 4812 WacomPen - ok

11:36:36.0528 4812 [ 356AFD78A6ED4457169241AC3965230C ] WANARP C:\Windows\system32\DRIVERS\wanarp.sys

11:36:36.0668 4812 WANARP - ok

11:36:36.0700 4812 [ 356AFD78A6ED4457169241AC3965230C ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys

11:36:36.0809 4812 Wanarpv6 - ok

11:36:36.0902 4812 [ 3CEC96DE223E49EAAE3651FCF8FAEA6C ] WatAdminSvc C:\Windows\system32\Wat\WatAdminSvc.exe

11:36:37.0012 4812 WatAdminSvc - ok

11:36:37.0370 4812 [ 78F4E7F5C56CB9716238EB57DA4B6A75 ] wbengine C:\Windows\system32\wbengine.exe

11:36:37.0511 4812 wbengine - ok

11:36:37.0589 4812 [ 3AA101E8EDAB2DB4131333F4325C76A3 ] WbioSrvc C:\Windows\System32\wbiosrvc.dll

11:36:37.0667 4812 WbioSrvc - ok

11:36:37.0714 4812 [ 7368A2AFD46E5A4481D1DE9D14848EDD ] wcncsvc C:\Windows\System32\wcncsvc.dll

11:36:37.0823 4812 wcncsvc - ok

11:36:37.0870 4812 [ 20F7441334B18CEE52027661DF4A6129 ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll

11:36:37.0916 4812 WcsPlugInService - ok

11:36:37.0979 4812 [ 72889E16FF12BA0F235467D6091B17DC ] Wd C:\Windows\system32\drivers\wd.sys

11:36:38.0010 4812 Wd - ok

11:36:38.0275 4812 [ 442783E2CB0DA19873B7A63833FF4CB4 ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys

11:36:38.0338 4812 Wdf01000 - ok

11:36:38.0431 4812 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiServiceHost C:\Windows\system32\wdi.dll

11:36:38.0525 4812 WdiServiceHost - ok

11:36:38.0540 4812 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiSystemHost C:\Windows\system32\wdi.dll

11:36:38.0603 4812 WdiSystemHost - ok

11:36:38.0665 4812 [ 3DB6D04E1C64272F8B14EB8BC4616280 ] WebClient C:\Windows\System32\webclnt.dll

11:36:38.0774 4812 WebClient - ok

11:36:38.0868 4812 [ C749025A679C5103E575E3B48E092C43 ] Wecsvc C:\Windows\system32\wecsvc.dll

11:36:38.0993 4812 Wecsvc - ok

11:36:39.0024 4812 [ 7E591867422DC788B9E5BD337A669A08 ] wercplsupport C:\Windows\System32\wercplsupport.dll

11:36:39.0118 4812 wercplsupport - ok

11:36:39.0180 4812 [ 6D137963730144698CBD10F202E9F251 ] WerSvc C:\Windows\System32\WerSvc.dll

11:36:39.0274 4812 WerSvc - ok

11:36:39.0320 4812 [ 611B23304BF067451A9FDEE01FBDD725 ] WfpLwf C:\Windows\system32\DRIVERS\wfplwf.sys

11:36:39.0398 4812 WfpLwf - ok

11:36:39.0430 4812 [ 05ECAEC3E4529A7153B3136CEB49F0EC ] WIMMount C:\Windows\system32\drivers\wimmount.sys

11:36:39.0461 4812 WIMMount - ok

11:36:39.0476 4812 WinHttpAutoProxySvc - ok

11:36:39.0648 4812 [ 19B07E7E8915D701225DA41CB3877306 ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll

11:36:39.0726 4812 Winmgmt - ok

11:36:40.0038 4812 [ BCB1310604AA415C4508708975B3931E ] WinRM C:\Windows\system32\WsmSvc.dll

11:36:40.0163 4812 WinRM - ok

11:36:40.0256 4812 [ FE88B288356E7B47B74B13372ADD906D ] WinUsb C:\Windows\system32\DRIVERS\WinUsb.sys

11:36:40.0288 4812 WinUsb - ok

11:36:40.0334 4812 [ 4FADA86E62F18A1B2F42BA18AE24E6AA ] Wlansvc C:\Windows\System32\wlansvc.dll

11:36:40.0428 4812 Wlansvc - ok

11:36:40.0522 4812 [ 06C8FA1CF39DE6A735B54D906BA791C6 ] wlcrasvc C:\Program Files\Windows Live\Mesh\wlcrasvc.exe

11:36:40.0553 4812 wlcrasvc - ok

11:36:40.0880 4812 [ 2BACD71123F42CEA603F4E205E1AE337 ] wlidsvc C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE

11:36:40.0974 4812 wlidsvc - ok

11:36:41.0005 4812 [ F6FF8944478594D0E414D3F048F0D778 ] WmiAcpi C:\Windows\system32\drivers\wmiacpi.sys

11:36:41.0068 4812 WmiAcpi - ok

11:36:41.0130 4812 [ 38B84C94C5A8AF291ADFEA478AE54F93 ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe

11:36:41.0192 4812 wmiApSrv - ok

11:36:41.0255 4812 WMPNetworkSvc - ok

11:36:41.0286 4812 [ 96C6E7100D724C69FCF9E7BF590D1DCA ] WPCSvc C:\Windows\System32\wpcsvc.dll

11:36:41.0317 4812 WPCSvc - ok

11:36:41.0333 4812 [ 93221146D4EBBF314C29B23CD6CC391D ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll

11:36:41.0380 4812 WPDBusEnum - ok

11:36:41.0426 4812 [ 6BCC1D7D2FD2453957C5479A32364E52 ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys

11:36:41.0551 4812 ws2ifsl - ok

11:36:41.0567 4812 WSearch - ok

11:36:41.0614 4812 [ AB886378EEB55C6C75B4F2D14B6C869F ] WudfPf C:\Windows\system32\drivers\WudfPf.sys

11:36:41.0723 4812 WudfPf - ok

11:36:41.0770 4812 [ B20F051B03A966392364C83F009F7D17 ] wudfsvc C:\Windows\System32\WUDFSvc.dll

11:36:41.0816 4812 wudfsvc - ok

11:36:41.0848 4812 [ 9A3452B3C2A46C073166C5CF49FAD1AE ] WwanSvc C:\Windows\System32\wwansvc.dll

11:36:41.0926 4812 WwanSvc - ok

Link to post
Share on other sites

11:36:41.0972 4812 ================ Scan global ===============================

11:36:42.0004 4812 [ BA0CD8C393E8C9F83354106093832C7B ] C:\Windows\system32\basesrv.dll

11:36:42.0050 4812 [ 0C27239FEA4DB8A2AAC9E502186B7264 ] C:\Windows\system32\winsrv.dll

11:36:42.0066 4812 [ 0C27239FEA4DB8A2AAC9E502186B7264 ] C:\Windows\system32\winsrv.dll

11:36:42.0144 4812 [ D6160F9D869BA3AF0B787F971DB56368 ] C:\Windows\system32\sxssrv.dll

11:36:42.0222 4812 [ 24ACB7E5BE595468E3B9AA488B9B4FCB ] C:\Windows\system32\services.exe

11:36:42.0238 4812 [Global] - ok

11:36:42.0238 4812 ================ Scan MBR ==================================

11:36:42.0253 4812 [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0

11:36:42.0253 4812 Suspicious mbr (Forged): \Device\Harddisk0\DR0

11:36:42.0316 4812 \Device\Harddisk0\DR0 ( Rootkit.Boot.Pihar.c ) - infected

11:36:42.0316 4812 \Device\Harddisk0\DR0 - detected Rootkit.Boot.Pihar.c (0)

11:36:42.0487 4812 \Device\Harddisk0\DR0 ( TDSS File System ) - warning

11:36:42.0487 4812 \Device\Harddisk0\DR0 - detected TDSS File System (1)

11:36:42.0487 4812 ================ Scan VBR ==================================

11:36:42.0487 4812 [ 7103A60FABD7341C428C935A77B488FA ] \Device\Harddisk0\DR0\Partition1

11:36:42.0503 4812 \Device\Harddisk0\DR0\Partition1 - ok

11:36:42.0518 4812 [ 67070D6EC98CE25FD39F4931AAD47DF3 ] \Device\Harddisk0\DR0\Partition2

11:36:42.0518 4812 \Device\Harddisk0\DR0\Partition2 - ok

11:36:42.0518 4812 ================ Scan active images ========================

11:36:42.0534 4812 [ 3E588B60EC061686BA05D33574A344C6 ] C:\Windows\System32\drivers\crashdmp.sys

11:36:42.0534 4812 C:\Windows\System32\drivers\crashdmp.sys - ok

11:36:42.0534 4812 [ 814DB88F2641691575A455CF25354098 ] C:\Windows\System32\drivers\dumpfve.sys

11:36:42.0534 4812 C:\Windows\System32\drivers\dumpfve.sys - ok

11:36:42.0534 4812 [ 53CC5BF8B5A219119953C7ABB19A7705 ] C:\Windows\System32\drivers\iaStor.sys

11:36:42.0534 4812 C:\Windows\System32\drivers\iaStor.sys - ok

11:36:42.0550 4812 [ 46571ED73AE84469DCA53081D33CF3C8 ] C:\Windows\System32\drivers\dtsoftbus01.sys

11:36:42.0550 4812 C:\Windows\System32\drivers\dtsoftbus01.sys - ok

11:36:42.0550 4812 [ F036CE71586E93D94DAB220D7BDF4416 ] C:\Windows\System32\drivers\cdrom.sys

11:36:42.0550 4812 C:\Windows\System32\drivers\cdrom.sys - ok

11:36:42.0565 4812 [ 9237BE2AB3C7D611F1F8FB7018691BAC ] C:\Windows\System32\drivers\aswSnx.sys

11:36:42.0565 4812 C:\Windows\System32\drivers\aswSnx.sys - ok

11:36:42.0565 4812 [ C009123B206C56854F4E88596035231D ] C:\Windows\System32\drivers\mwlPSDFilter.sys

11:36:42.0565 4812 C:\Windows\System32\drivers\mwlPSDFilter.sys - ok

11:36:42.0581 4812 [ 8ACBB0D11A99EF06BFFD09C5B4DF0925 ] C:\Windows\System32\drivers\4170085drv.sys

11:36:42.0581 4812 C:\Windows\System32\drivers\4170085drv.sys - ok

11:36:42.0581 4812 [ 16A47CE2DECC9B099349A5F840654746 ] C:\Windows\System32\drivers\beep.sys

11:36:42.0581 4812 C:\Windows\System32\drivers\beep.sys - ok

11:36:42.0596 4812 [ 9899284589F75FA8724FF3D16AED75C1 ] C:\Windows\System32\drivers\null.sys

11:36:42.0596 4812 C:\Windows\System32\drivers\null.sys - ok

11:36:42.0596 4812 [ AA3FB40E17CE1388FA1BEDAB50EA8F96 ] C:\Windows\System32\drivers\msfs.sys

11:36:42.0596 4812 C:\Windows\System32\drivers\msfs.sys - ok

11:36:42.0596 4812 [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7 ] C:\Windows\System32\drivers\npfs.sys

11:36:42.0596 4812 C:\Windows\System32\drivers\npfs.sys - ok

11:36:42.0612 4812 [ CEA6CC257FC9B7715F1C2B4849286D24 ] C:\Windows\System32\drivers\RDPCDD.sys

11:36:42.0612 4812 C:\Windows\System32\drivers\RDPCDD.sys - ok

11:36:42.0612 4812 [ BB5971A4F00659529A5C44831AF22365 ] C:\Windows\System32\drivers\RDPENCDD.sys

11:36:42.0612 4812 C:\Windows\System32\drivers\RDPENCDD.sys - ok

11:36:42.0628 4812 [ 216F3FA57533D98E1F74DED70113177A ] C:\Windows\System32\drivers\RDPREFMP.sys

11:36:42.0628 4812 C:\Windows\System32\drivers\RDPREFMP.sys - ok

11:36:42.0628 4812 [ 53E92A310193CB3C03BEA963DE7D9CFC ] C:\Windows\System32\drivers\vga.sys

11:36:42.0628 4812 C:\Windows\System32\drivers\vga.sys - ok

11:36:42.0643 4812 [ E7353D59C9842BC7299FAEB7E7E09340 ] C:\Windows\System32\drivers\videoprt.sys

11:36:42.0643 4812 C:\Windows\System32\drivers\videoprt.sys - ok

11:36:42.0643 4812 [ FC438D1430B28618E2D0C7C332A710AD ] C:\Windows\System32\drivers\watchdog.sys

11:36:42.0643 4812 C:\Windows\System32\drivers\watchdog.sys - ok

11:36:42.0643 4812 [ 3D9BA0EF6C5847E4482FC01ABCD26683 ] C:\Windows\System32\drivers\aswTdi.sys

11:36:42.0643 4812 C:\Windows\System32\drivers\aswTdi.sys - ok

11:36:42.0659 4812 [ 6F020A220388ECA0AB6062DC27BD16B6 ] C:\Windows\System32\drivers\tdi.sys

11:36:42.0659 4812 C:\Windows\System32\drivers\tdi.sys - ok

11:36:42.0659 4812 [ DDAD5A7AB24D8B65F8D724F5C20FD806 ] C:\Windows\System32\drivers\tdx.sys

11:36:42.0659 4812 C:\Windows\System32\drivers\tdx.sys - ok

11:36:42.0674 4812 [ 09594D1089C523423B32A4229263F068 ] C:\Windows\System32\drivers\netbt.sys

11:36:42.0674 4812 C:\Windows\System32\drivers\netbt.sys - ok

11:36:42.0674 4812 [ 1C7857B62DE5994A75B054A9FD4C3825 ] C:\Windows\System32\drivers\afd.sys

11:36:42.0674 4812 C:\Windows\System32\drivers\afd.sys - ok

11:36:42.0674 4812 [ A4C94945B8A1FFE449A500C2CF0B5882 ] C:\Windows\System32\drivers\aswRdr2.sys

11:36:42.0674 4812 C:\Windows\System32\drivers\aswRdr2.sys - ok

11:36:42.0690 4812 [ 0557CF5A2556BD58E26384169D72438D ] C:\Windows\System32\drivers\pacer.sys

11:36:42.0690 4812 C:\Windows\System32\drivers\pacer.sys - ok

11:36:42.0690 4812 [ 611B23304BF067451A9FDEE01FBDD725 ] C:\Windows\System32\drivers\wfplwf.sys

11:36:42.0690 4812 C:\Windows\System32\drivers\wfplwf.sys - ok

11:36:42.0706 4812 [ 86743D9F5D2B1048062B14B1D84501C4 ] C:\Windows\System32\drivers\netbios.sys

11:36:42.0706 4812 C:\Windows\System32\drivers\netbios.sys - ok

11:36:42.0706 4812 [ 6A3D66263414FF0D6FA754C646612F3F ] C:\Windows\System32\drivers\vwififlt.sys

11:36:42.0706 4812 C:\Windows\System32\drivers\vwififlt.sys - ok

11:36:42.0706 4812 [ 356AFD78A6ED4457169241AC3965230C ] C:\Windows\System32\drivers\wanarp.sys

11:36:42.0706 4812 C:\Windows\System32\drivers\wanarp.sys - ok

11:36:42.0721 4812 [ BF3739EEB9F008B1DEBAC115089A53F8 ] C:\Windows\System32\drivers\mwlPSDNserv.sys

11:36:42.0721 4812 C:\Windows\System32\drivers\mwlPSDNserv.sys - ok

11:36:42.0721 4812 [ 38DD143D95E7A01B86F219DDA9C28779 ] C:\Windows\System32\drivers\mwlPSDVDisk.sys

11:36:42.0721 4812 C:\Windows\System32\drivers\mwlPSDVDisk.sys - ok

11:36:42.0737 4812 [ E7F5AE18AF4168178A642A9247C63001 ] C:\Windows\System32\drivers\nsiproxy.sys

11:36:42.0737 4812 C:\Windows\System32\drivers\nsiproxy.sys - ok

11:36:42.0737 4812 [ 77F665941019A1594D887A74F301FA2F ] C:\Windows\System32\drivers\rdbss.sys

11:36:42.0737 4812 C:\Windows\System32\drivers\rdbss.sys - ok

11:36:42.0752 4812 [ 561E7E1F06895D78DE991E01DD0FB6E5 ] C:\Windows\System32\drivers\termdd.sys

11:36:42.0752 4812 C:\Windows\System32\drivers\termdd.sys - ok

11:36:42.0752 4812 [ D8FEC7F7BFE1BAD685DC8D1EF384693D ] C:\Windows\System32\drivers\aswSP.sys

11:36:42.0752 4812 C:\Windows\System32\drivers\aswSP.sys - ok

11:36:42.0752 4812 [ 61583EE3C3A17003C4ACD0475646B4D3 ] C:\Windows\System32\drivers\blbdrive.sys

11:36:42.0752 4812 C:\Windows\System32\drivers\blbdrive.sys - ok

11:36:42.0768 4812 [ 9BB2EF44EAA163B29C4A4587887A0FE4 ] C:\Windows\System32\drivers\dfsc.sys

11:36:42.0768 4812 C:\Windows\System32\drivers\dfsc.sys - ok

11:36:42.0768 4812 [ 13096B05847EC78F0977F2C0F79E9AB3 ] C:\Windows\System32\drivers\discache.sys

11:36:42.0768 4812 C:\Windows\System32\drivers\discache.sys - ok

11:36:42.0784 4812 [ 0EED230E37515A0EAEE3C2E1BC97B288 ] C:\Windows\System32\drivers\mssmbios.sys

11:36:42.0784 4812 C:\Windows\System32\drivers\mssmbios.sys - ok

11:36:42.0784 4812 [ 3566A8DAAFA27AF944F5D705EAA64894 ] C:\Windows\System32\drivers\tunnel.sys

11:36:42.0784 4812 C:\Windows\System32\drivers\tunnel.sys - ok

11:36:42.0784 4812 [ CF95B85FF8D128385ABD411C8CA74DED ] C:\Windows\System32\ntdll.dll

11:36:42.0784 4812 C:\Windows\System32\ntdll.dll - ok

11:36:42.0799 4812 [ 1911A3356FA3F77CCC825CCBAC038C2A ] C:\Windows\System32\smss.exe

11:36:42.0799 4812 C:\Windows\System32\smss.exe - ok

11:36:42.0799 4812 [ 3B536A8BEC3B4F23FFDFD78B11A2AB93 ] C:\Windows\System32\autochk.exe

11:36:42.0799 4812 C:\Windows\System32\autochk.exe - ok

11:36:42.0815 4812 [ 978D876A581D57E0DE6437674EB0014D ] C:\Windows\System32\drivers\igdkmd64.sys

11:36:42.0815 4812 C:\Windows\System32\drivers\igdkmd64.sys - ok

11:36:42.0815 4812 [ F5BEE30450E18E6B83A5012C100616FD ] C:\Windows\System32\drivers\dxgkrnl.sys

11:36:42.0815 4812 C:\Windows\System32\drivers\dxgkrnl.sys - ok

11:36:42.0815 4812 [ 9CD68BDDF322535C02ADC8331013D13D ] C:\Windows\System32\drivers\dxgmms1.sys

11:36:42.0815 4812 C:\Windows\System32\drivers\dxgmms1.sys - ok

11:36:42.0830 4812 [ A6518DCC42F7A6E999BB3BEA8FD87567 ] C:\Windows\System32\drivers\HECIx64.sys

11:36:42.0830 4812 C:\Windows\System32\drivers\HECIx64.sys - ok

11:36:42.0830 4812 [ AE259C75F9A0B057B6BF9E9695632B09 ] C:\Windows\System32\drivers\usbport.sys

11:36:42.0830 4812 C:\Windows\System32\drivers\usbport.sys - ok

11:36:42.0846 4812 [ 97BFED39B6B79EB12CDDBFEED51F56BB ] C:\Windows\System32\drivers\hdaudbus.sys

11:36:42.0846 4812 C:\Windows\System32\drivers\hdaudbus.sys - ok

11:36:42.0846 4812 [ C025055FE7B87701EB042095DF1A2D7B ] C:\Windows\System32\drivers\usbehci.sys

11:36:42.0846 4812 C:\Windows\System32\drivers\usbehci.sys - ok

11:36:42.0846 4812 [ 85111026F1C5A1C4CCE3697F0DA7BC1A ] C:\Windows\System32\drivers\BCMWL664.SYS

11:36:42.0846 4812 C:\Windows\System32\drivers\BCMWL664.SYS - ok

11:36:42.0862 4812 [ BD63E1904D19B624291C9F313A7B0ABB ] C:\Windows\System32\drivers\k57nd60a.sys

11:36:42.0862 4812 C:\Windows\System32\drivers\k57nd60a.sys - ok

11:36:42.0862 4812 [ 36D4720B72B5C5D9CB2B9C29E9DF67A1 ] C:\Windows\System32\drivers\vwifibus.sys

11:36:42.0862 4812 C:\Windows\System32\drivers\vwifibus.sys - ok

11:36:42.0877 4812 [ 2618E15514736FB469B105CE729B6D9D ] C:\Windows\System32\drivers\b57xdbd.sys

11:36:42.0877 4812 C:\Windows\System32\drivers\b57xdbd.sys - ok

11:36:42.0877 4812 [ FF7AA31BFFDC6C6870F64EAF8DEFE930 ] C:\Windows\System32\drivers\bScsiMSa.sys

11:36:42.0877 4812 C:\Windows\System32\drivers\bScsiMSa.sys - ok

11:36:42.0893 4812 [ E6CC56662F6C6B787A1FBEA4CD247AE0 ] C:\Windows\System32\drivers\bScsiSDa.sys

11:36:42.0893 4812 C:\Windows\System32\drivers\bScsiSDa.sys - ok

11:36:42.0893 4812 [ 1B1E264203D4EF9D3DA1987AD70355AB ] C:\Windows\System32\drivers\scsiport.sys

11:36:42.0893 4812 C:\Windows\System32\drivers\scsiport.sys - ok

11:36:42.0893 4812 [ 0840155D0BDDF1190F84A663C284BD33 ] C:\Windows\System32\drivers\CmBatt.sys

11:36:42.0893 4812 C:\Windows\System32\drivers\CmBatt.sys - ok

11:36:42.0908 4812 [ FA55C73D4AFFA7EE23AC4BE53B4592D3 ] C:\Windows\System32\drivers\i8042prt.sys

11:36:42.0908 4812 C:\Windows\System32\drivers\i8042prt.sys - ok

11:36:42.0908 4812 [ BC02336F1CBA7DCC7D1213BB588A68A5 ] C:\Windows\System32\drivers\kbdclass.sys

11:36:42.0908 4812 C:\Windows\System32\drivers\kbdclass.sys - ok

11:36:42.0924 4812 [ 57B534A913E81E7CF91C3D5854D2F80E ] C:\Windows\System32\drivers\SynTP.sys

11:36:42.0924 4812 C:\Windows\System32\drivers\SynTP.sys - ok

11:36:42.0924 4812 [ CCA2AB1752A61F29C3C941CD79D78CEA ] C:\Windows\System32\drivers\usbd.sys

11:36:42.0924 4812 C:\Windows\System32\drivers\usbd.sys - ok

11:36:42.0924 4812 [ 7D27EA49F3C1F687D357E77A470AEA99 ] C:\Windows\System32\drivers\mouclass.sys

11:36:42.0924 4812 C:\Windows\System32\drivers\mouclass.sys - ok

11:36:42.0940 4812 [ EE3BA1024594D5D09E314F206B94069E ] C:\Windows\System32\drivers\NTIDrvr.sys

11:36:42.0940 4812 C:\Windows\System32\drivers\NTIDrvr.sys - ok

11:36:42.0940 4812 [ A17D5E1A6DF4EAB0A480F2C490DE4C9D ] C:\Windows\System32\drivers\UBHelper.sys

11:36:42.0940 4812 C:\Windows\System32\drivers\UBHelper.sys - ok

11:36:42.0955 4812 [ 0FAD70B541338024A667AA5858BCFE62 ] \Device\1125141284

11:36:42.0955 4812 \Device\1125141284 - ok

11:36:42.0955 4812 [ 7ECFF9B22276B73F43A99A15A6094E90 ] C:\Windows\System32\drivers\agilevpn.sys

11:36:42.0955 4812 C:\Windows\System32\drivers\agilevpn.sys - ok

11:36:42.0955 4812 [ 03EDB043586CCEBA243D689BDDA370A8 ] C:\Windows\System32\drivers\CompositeBus.sys

11:36:42.0955 4812 C:\Windows\System32\drivers\CompositeBus.sys - ok

11:36:42.0971 4812 [ ADA036632C664CAA754079041CF1F8C1 ] C:\Windows\System32\drivers\intelppm.sys

11:36:42.0971 4812 C:\Windows\System32\drivers\intelppm.sys - ok

11:36:42.0971 4812 [ F6FF8944478594D0E414D3F048F0D778 ] C:\Windows\System32\drivers\wmiacpi.sys

11:36:42.0971 4812 C:\Windows\System32\drivers\wmiacpi.sys - ok

11:36:42.0971 4812 [ 5C2F352A4E961D72518261257AAE204B ] C:\Windows\System32\drivers\bridge.sys

11:36:42.0971 4812 C:\Windows\System32\drivers\bridge.sys - ok

11:36:42.0986 4812 [ 30639C932D9FEF22B31268FE25A1B6E5 ] C:\Windows\System32\drivers\ndistapi.sys

11:36:42.0986 4812 C:\Windows\System32\drivers\ndistapi.sys - ok

11:36:42.0986 4812 [ 53F7305169863F0A2BDDC49E116C2E11 ] C:\Windows\System32\drivers\ndiswan.sys

11:36:42.0986 4812 C:\Windows\System32\drivers\ndiswan.sys - ok

11:36:43.0002 4812 [ 471815800AE33E6F1C32FB1B97C490CA ] C:\Windows\System32\drivers\rasl2tp.sys

11:36:43.0002 4812 C:\Windows\System32\drivers\rasl2tp.sys - ok

11:36:43.0002 4812 [ 24FBF5CC5C04150073C315A7C83521EE ] C:\Windows\System32\drivers\ks.sys

11:36:43.0002 4812 C:\Windows\System32\drivers\ks.sys - ok

11:36:43.0018 4812 [ 855C9B1CD4756C5E9A2AA58A15F58C25 ] C:\Windows\System32\drivers\raspppoe.sys

11:36:43.0018 4812 C:\Windows\System32\drivers\raspppoe.sys - ok

11:36:43.0018 4812 [ F92A2C41117A11A00BE01CA01A7FCDE9 ] C:\Windows\System32\drivers\raspptp.sys

11:36:43.0018 4812 C:\Windows\System32\drivers\raspptp.sys - ok

11:36:43.0018 4812 [ E8B1E447B008D07FF47D016C2B0EEECB ] C:\Windows\System32\drivers\rassstp.sys

11:36:43.0018 4812 C:\Windows\System32\drivers\rassstp.sys - ok

11:36:43.0033 4812 [ D01EC09B6711A5F8E7E6564A4D0FBC90 ] C:\Windows\System32\drivers\swenum.sys

11:36:43.0033 4812 C:\Windows\System32\drivers\swenum.sys - ok

11:36:43.0033 4812 [ DC54A574663A895C8763AF0FA1FF7561 ] C:\Windows\System32\drivers\umbus.sys

11:36:43.0033 4812 C:\Windows\System32\drivers\umbus.sys - ok

11:36:43.0049 4812 [ 287C6C9410B111B68B52CA298F7B8C24 ] C:\Windows\System32\drivers\usbhub.sys

11:36:43.0049 4812 C:\Windows\System32\drivers\usbhub.sys - ok

11:36:43.0049 4812 [ 1084AA52CCC324EA54C7121FA24C2221 ] C:\Windows\System32\gdi32.dll

11:36:43.0049 4812 C:\Windows\System32\gdi32.dll - ok

11:36:43.0049 4812 [ 9835E63E09F824D22B689D2BB789BAB9 ] C:\Windows\System32\comdlg32.dll

11:36:43.0049 4812 C:\Windows\System32\comdlg32.dll - ok

11:36:43.0064 4812 [ 4E4FFB09D895AA000DD56D1404F69A7E ] C:\Windows\System32\Wldap32.dll

11:36:43.0064 4812 C:\Windows\System32\Wldap32.dll - ok

11:36:43.0064 4812 [ 8D4DEA45FCDF9FCFD9E31232A07E6EF9 ] C:\Windows\System32\iertutil.dll

11:36:43.0064 4812 C:\Windows\System32\iertutil.dll - ok

11:36:43.0080 4812 [ 25983DE69B57142039AC8D95E71CD9C9 ] C:\Windows\System32\clbcatq.dll

11:36:43.0080 4812 C:\Windows\System32\clbcatq.dll - ok

11:36:43.0080 4812 [ C6689007B3A749C49A5438DCF36E0CE4 ] C:\Windows\System32\shell32.dll

11:36:43.0080 4812 C:\Windows\System32\shell32.dll - ok

11:36:43.0080 4812 [ 83404DCBCE4925B6A5A77C5170F46D86 ] C:\Windows\System32\sechost.dll

11:36:43.0080 4812 C:\Windows\System32\sechost.dll - ok

11:36:43.0096 4812 [ A1BE6A720D02E37F72E9CD89AE9CB3CF ] C:\Windows\System32\imagehlp.dll

11:36:43.0096 4812 C:\Windows\System32\imagehlp.dll - ok

11:36:43.0096 4812 [ A4F6142CABA82FB7293ECE5FF864B440 ] C:\Windows\System32\wininet.dll

11:36:43.0096 4812 C:\Windows\System32\wininet.dll - ok

11:36:43.0111 4812 [ C06B32165E23A72A898B7A89679AD754 ] C:\Windows\System32\oleaut32.dll

11:36:43.0111 4812 C:\Windows\System32\oleaut32.dll - ok

11:36:43.0111 4812 [ D202223587518B13D72D68937B7E3F70 ] C:\Windows\System32\lpk.dll

11:36:43.0111 4812 C:\Windows\System32\lpk.dll - ok

11:36:43.0111 4812 [ C391FC68282A000CDF953F8B6B55D2EF ] C:\Windows\System32\msvcrt.dll

11:36:43.0111 4812 C:\Windows\System32\msvcrt.dll - ok

11:36:43.0127 4812 [ D87E1E59C73C1F98D5DED5B3850C40F5 ] C:\Windows\System32\psapi.dll

11:36:43.0127 4812 C:\Windows\System32\psapi.dll - ok

11:36:43.0127 4812 [ 0611473C1AD9E2D991CD9482068417F7 ] C:\Windows\System32\rpcrt4.dll

11:36:43.0127 4812 C:\Windows\System32\rpcrt4.dll - ok

11:36:43.0142 4812 [ FE70103391A64039A921DBFFF9C7AB1B ] C:\Windows\System32\user32.dll

11:36:43.0142 4812 C:\Windows\System32\user32.dll - ok

11:36:43.0142 4812 [ 015C0D8E0E0421B4CFD48CFFE2825879 ] C:\Windows\System32\drivers\ndproxy.sys

11:36:43.0142 4812 C:\Windows\System32\drivers\ndproxy.sys - ok

11:36:43.0142 4812 [ 21D26064AEDB4988F785BB4A3A2C051E ] C:\Windows\System32\drivers\drmk.sys

11:36:43.0142 4812 C:\Windows\System32\drivers\drmk.sys - ok

11:36:43.0158 4812 [ 32E11315B5126921FFD9074840EF13D3 ] C:\Windows\System32\drivers\portcls.sys

11:36:43.0158 4812 C:\Windows\System32\drivers\portcls.sys - ok

11:36:43.0158 4812 [ 98F4E841EA43ED5A442F0DC60CAB4326 ] C:\Windows\System32\drivers\RTKVHD64.sys

11:36:43.0158 4812 C:\Windows\System32\drivers\RTKVHD64.sys - ok

11:36:43.0174 4812 [ 6869281E78CB31A43E969F06B57347C4 ] C:\Windows\System32\drivers\ksthunk.sys

11:36:43.0174 4812 C:\Windows\System32\drivers\ksthunk.sys - ok

11:36:43.0174 4812 [ 36E1383019695CB722E685083C005FDD ] C:\Windows\System32\drivers\TotRec8.sys

11:36:43.0174 4812 C:\Windows\System32\drivers\TotRec8.sys - ok

11:36:43.0174 4812 [ BABA4F0E2978B69B4E0B260EF7150DD6 ] C:\Windows\System32\drivers\b57xdmp.sys

11:36:43.0174 4812 C:\Windows\System32\drivers\b57xdmp.sys - ok

11:36:43.0189 4812 [ AE594CC17C33AC146739494615E14851 ] C:\Windows\System32\drivers\IntcDAud.sys

11:36:43.0189 4812 C:\Windows\System32\drivers\IntcDAud.sys - ok

11:36:43.0189 4812 [ 044FE45FFD6AD40E3BBBE60B7F41BABE ] C:\Windows\System32\nsi.dll

11:36:43.0189 4812 C:\Windows\System32\nsi.dll - ok

11:36:43.0205 4812 [ 5D8E6C95156ED1F79A63D1EADE6F9ED5 ] C:\Windows\System32\setupapi.dll

11:36:43.0205 4812 C:\Windows\System32\setupapi.dll - ok

11:36:43.0205 4812 [ 6C60B5ACA7442EFB794082CDACFC001C ] C:\Windows\System32\ole32.dll

11:36:43.0205 4812 C:\Windows\System32\ole32.dll - ok

11:36:43.0205 4812 [ 6F1A3157A1C89435352CEB543CDB359C ] C:\Windows\System32\drivers\usbccgp.sys

11:36:43.0205 4812 C:\Windows\System32\drivers\usbccgp.sys - ok

11:36:43.0220 4812 [ 454800C2BC7F3927CE030141EE4F4C50 ] C:\Windows\System32\drivers\usbvideo.sys

11:36:43.0220 4812 C:\Windows\System32\drivers\usbvideo.sys - ok

11:36:43.0220 4812 [ 4BBFA57F594F7E8A8EDC8F377184C3F0 ] C:\Windows\System32\ws2_32.dll

11:36:43.0220 4812 C:\Windows\System32\ws2_32.dll - ok

11:36:43.0236 4812 [ D3A6792AED4841B4D055C7C80C815BB7 ] C:\Windows\System32\urlmon.dll

11:36:43.0236 4812 C:\Windows\System32\urlmon.dll - ok

11:36:43.0236 4812 [ EAF32CB8C1F810E4715B4DFBE785C7FF ] C:\Windows\System32\shlwapi.dll

11:36:43.0236 4812 C:\Windows\System32\shlwapi.dll - ok

11:36:43.0236 4812 [ 65C113214F7B05820F6D8A65B1485196 ] C:\Windows\System32\kernel32.dll

11:36:43.0236 4812 C:\Windows\System32\kernel32.dll - ok

11:36:43.0236 4812 [ C431EAF5CAA1C82CAC2534A2EAB348A3 ] C:\Windows\System32\msctf.dll

11:36:43.0236 4812 C:\Windows\System32\msctf.dll - ok

11:36:43.0252 4812 [ F7CE0C81C545364020ED8203CF0A633E ] C:\Windows\System32\difxapi.dll

11:36:43.0252 4812 C:\Windows\System32\difxapi.dll - ok

11:36:43.0252 4812 [ 6DF46D2BD74E3DA1B45F08F10D172732 ] C:\Windows\System32\advapi32.dll

11:36:43.0252 4812 C:\Windows\System32\advapi32.dll - ok

11:36:43.0252 4812 [ DBF99FD9CAF75CA66D042BD8D050FF71 ] C:\Windows\System32\usp10.dll

11:36:43.0252 4812 C:\Windows\System32\usp10.dll - ok

11:36:43.0267 4812 [ AA2C08CE85653B1A0D2E4AB407FA176C ] C:\Windows\System32\imm32.dll

11:36:43.0267 4812 C:\Windows\System32\imm32.dll - ok

11:36:43.0267 4812 [ 28C0B5024F5C5A438E78B188CFC81B7F ] C:\Windows\System32\normaliz.dll

11:36:43.0267 4812 C:\Windows\System32\normaliz.dll - ok

11:36:43.0283 4812 [ 12EE6FE9268CEE6D90FDCCBF89236C65 ] C:\Windows\System32\crypt32.dll

11:36:43.0283 4812 C:\Windows\System32\crypt32.dll - ok

11:36:43.0283 4812 [ 1F56F209585F350A5666E3CC7931FD67 ] C:\Windows\System32\KernelBase.dll

11:36:43.0283 4812 C:\Windows\System32\KernelBase.dll - ok

11:36:43.0283 4812 [ 2477A28081BDAEE622CF045ACF8EE124 ] C:\Windows\System32\cfgmgr32.dll

11:36:43.0283 4812 C:\Windows\System32\cfgmgr32.dll - ok

11:36:43.0298 4812 [ 14DFDEAF4E589ED3F1FF187A86B9408C ] C:\Windows\System32\comctl32.dll

11:36:43.0298 4812 C:\Windows\System32\comctl32.dll - ok

11:36:43.0298 4812 [ 06FEC9E8117103BB1141A560E98077DA ] C:\Windows\System32\devobj.dll

11:36:43.0298 4812 C:\Windows\System32\devobj.dll - ok

11:36:43.0298 4812 [ AA06902362B1422D7A7DA7061E07C624 ] C:\Windows\System32\wintrust.dll

11:36:43.0298 4812 C:\Windows\System32\wintrust.dll - ok

11:36:43.0314 4812 [ 884415BD4269C02EAF8E2613BF85500D ] C:\Windows\System32\msasn1.dll

11:36:43.0314 4812 C:\Windows\System32\msasn1.dll - ok

11:36:43.0314 4812 [ 9C278785347BCC991F8EA2999D90F58D ] C:\Windows\SysWOW64\normaliz.dll

11:36:43.0314 4812 C:\Windows\SysWOW64\normaliz.dll - ok

11:36:43.0330 4812 [ BF24D6F2ED97FE830BFD52B246F98E67 ] C:\Windows\System32\drivers\dxapi.sys

11:36:43.0330 4812 C:\Windows\System32\drivers\dxapi.sys - ok

11:36:43.0330 4812 [ 86F96630D28523F1C402C783F046DEF1 ] C:\Windows\System32\win32k.sys

11:36:43.0330 4812 C:\Windows\System32\win32k.sys - ok

11:36:43.0330 4812 [ 96F587CA26A6AA894BD8CACE4540CFFC ] C:\Windows\System32\csrsrv.dll

11:36:43.0330 4812 C:\Windows\System32\csrsrv.dll - ok

11:36:43.0345 4812 [ 60C2862B4BF0FD9F582EF344C2B1EC72 ] C:\Windows\System32\csrss.exe

11:36:43.0345 4812 C:\Windows\System32\csrss.exe - ok

11:36:43.0345 4812 [ BA0CD8C393E8C9F83354106093832C7B ] C:\Windows\System32\basesrv.dll

11:36:43.0345 4812 C:\Windows\System32\basesrv.dll - ok

11:36:43.0345 4812 [ 0C27239FEA4DB8A2AAC9E502186B7264 ] C:\Windows\System32\winsrv.dll

11:36:43.0345 4812 C:\Windows\System32\winsrv.dll - ok

11:36:43.0361 4812 [ B03D591DC7DA45ECE20B3B467E6AADAA ] C:\Windows\System32\drivers\monitor.sys

11:36:43.0361 4812 C:\Windows\System32\drivers\monitor.sys - ok

11:36:43.0361 4812 [ D6160F9D869BA3AF0B787F971DB56368 ] C:\Windows\System32\sxssrv.dll

11:36:43.0361 4812 C:\Windows\System32\sxssrv.dll - ok

11:36:43.0361 4812 [ F29FE765E1448EF371CFE05BFAC74ADB ] C:\Windows\System32\tsddd.dll

11:36:43.0361 4812 C:\Windows\System32\tsddd.dll - ok

11:36:43.0376 4812 [ 94355C28C1970635A31B3FE52EB7CEBA ] C:\Windows\System32\wininit.exe

11:36:43.0376 4812 C:\Windows\System32\wininit.exe - ok

11:36:43.0376 4812 [ 78523A26F5604C0568FE9D1CE86E36F4 ] C:\Windows\System32\KBDUS.DLL

11:36:43.0376 4812 C:\Windows\System32\KBDUS.DLL - ok

11:36:43.0376 4812 [ 2C942733A5983DD4502219FF37C7EBC7 ] C:\Windows\System32\profapi.dll

11:36:43.0376 4812 C:\Windows\System32\profapi.dll - ok

11:36:43.0392 4812 [ C2A8CB1275ECB85D246A9ECC02A728E3 ] C:\Windows\System32\RpcRtRemote.dll

11:36:43.0392 4812 C:\Windows\System32\RpcRtRemote.dll - ok

11:36:43.0392 4812 [ 05569A79BF4693670B709144382D02D4 ] C:\Windows\System32\cdd.dll

11:36:43.0392 4812 C:\Windows\System32\cdd.dll - ok

11:36:43.0392 4812 [ 9CEAD32E79A62150FE9F8557E58E008B ] C:\Windows\System32\sxs.dll

11:36:43.0392 4812 C:\Windows\System32\sxs.dll - ok

11:36:43.0408 4812 [ B26B1801356760841C3BC69F9F91537F ] C:\Windows\System32\WlS0WndH.dll

11:36:43.0408 4812 C:\Windows\System32\WlS0WndH.dll - ok

11:36:43.0408 4812 [ 784FA3DF338E2E8F5F0389D6FAC428AF ] C:\Windows\System32\cryptbase.dll

11:36:43.0408 4812 C:\Windows\System32\cryptbase.dll - ok

11:36:43.0408 4812 [ 90499F3163A9F815CF196A205EA3CD5D ] C:\Windows\System32\apphelp.dll

11:36:43.0423 4812 C:\Windows\System32\apphelp.dll - ok

11:36:43.0423 4812 [ 24ACB7E5BE595468E3B9AA488B9B4FCB ] C:\Windows\System32\services.exe

11:36:43.0423 4812 C:\Windows\System32\services.exe - ok

11:36:43.0423 4812 [ C118A82CD78818C29AB228366EBF81C3 ] C:\Windows\System32\lsass.exe

11:36:43.0423 4812 C:\Windows\System32\lsass.exe - ok

11:36:43.0439 4812 [ 9662EE182644511439F1C53745DC1C88 ] C:\Windows\System32\lsm.exe

11:36:43.0439 4812 C:\Windows\System32\lsm.exe - ok

11:36:43.0439 4812 [ 8784236EED5079493DA9FC95B28B89F8 ] C:\Windows\System32\WerFault.exe

11:36:43.0439 4812 C:\Windows\System32\WerFault.exe - ok

11:36:43.0439 4812 [ 1151B1BAA6F350B1DB6598E0FEA7C457 ] C:\Windows\System32\winlogon.exe

11:36:43.0439 4812 C:\Windows\System32\winlogon.exe - ok

11:36:43.0454 4812 [ 3A0CE5FE781708CD6ABD55313607EC8B ] C:\Windows\System32\sspisrv.dll

11:36:43.0454 4812 C:\Windows\System32\sspisrv.dll - ok

11:36:43.0454 4812 [ 66A6063D0BAAD3F7B2B9868859E0743B ] C:\Windows\System32\lsasrv.dll

11:36:43.0454 4812 C:\Windows\System32\lsasrv.dll - ok

11:36:43.0454 4812 [ B66BC8B20B7F33975865B1DF99783FD8 ] C:\Windows\System32\sspicli.dll

11:36:43.0454 4812 C:\Windows\System32\sspicli.dll - ok

11:36:43.0470 4812 [ 68083118797CAF30FB2EA3E71494D67E ] C:\Windows\System32\sysntfy.dll

11:36:43.0470 4812 C:\Windows\System32\sysntfy.dll - ok

11:36:43.0470 4812 [ 9689A9C7F7C2A1A423CDA2C3B43FFF65 ] C:\Windows\System32\wer.dll

11:36:43.0470 4812 C:\Windows\System32\wer.dll - ok

11:36:43.0470 4812 [ 0D9764D58C5EFD672B7184854B152E5E ] C:\Windows\System32\winsta.dll

11:36:43.0470 4812 C:\Windows\System32\winsta.dll - ok

11:36:43.0486 4812 [ DEE7267C5D232A3B816866872CE199E6 ] C:\Windows\System32\wmsgapi.dll

11:36:43.0486 4812 C:\Windows\System32\wmsgapi.dll - ok

11:36:43.0486 4812 [ A744BA6E04C8AA4592818178DBF89521 ] C:\Windows\System32\samsrv.dll

11:36:43.0486 4812 C:\Windows\System32\samsrv.dll - ok

11:36:43.0486 4812 [ BBCDF350817BA86416C0F06B6981BE8D ] C:\Windows\System32\scesrv.dll

11:36:43.0486 4812 C:\Windows\System32\scesrv.dll - ok

11:36:43.0501 4812 [ E914A50A151DFFE63D3935226DB5E2C1 ] C:\Windows\System32\scext.dll

11:36:43.0501 4812 C:\Windows\System32\scext.dll - ok

11:36:43.0501 4812 [ 0144D8D75A0B12938AEEE859E3310A46 ] C:\Windows\System32\secur32.dll

11:36:43.0501 4812 C:\Windows\System32\secur32.dll - ok

11:36:43.0501 4812 [ 7FA8FDC2C2A27817FD0F624E78D3B50C ] C:\Windows\winsxs\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac\comctl32.dll

11:36:43.0501 4812 C:\Windows\winsxs\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac\comctl32.dll - ok

11:36:43.0517 4812 [ 3A9C9BAF610B0DD4967086040B3B62A9 ] C:\Windows\System32\srvcli.dll

11:36:43.0517 4812 C:\Windows\System32\srvcli.dll - ok

11:36:43.0517 4812 [ 3A061472B38233BAFF9CFEFF2E49C46B ] C:\Windows\System32\cryptdll.dll

11:36:43.0517 4812 C:\Windows\System32\cryptdll.dll - ok

11:36:43.0532 4812 [ F152755F131ADFE452D534F4E9383590 ] C:\Windows\System32\Faultrep.dll

11:36:43.0532 4812 C:\Windows\System32\Faultrep.dll - ok

11:36:43.0532 4812 [ 3C073B0C596A0AF84933E7406766B040 ] C:\Windows\System32\wevtapi.dll

11:36:43.0532 4812 C:\Windows\System32\wevtapi.dll - ok

11:36:43.0532 4812 [ 7FBEBD2229EA5FD48D41B199EC2D541C ] C:\Windows\System32\authz.dll

11:36:43.0532 4812 C:\Windows\System32\authz.dll - ok

11:36:43.0548 4812 [ 86FE1B1F8FD42CD0DB641AB1CDB13093 ] C:\Windows\System32\cngaudit.dll

11:36:43.0548 4812 C:\Windows\System32\cngaudit.dll - ok

11:36:43.0548 4812 [ 3C91392D448F6E5D525A85B7550D8BA9 ] C:\Windows\System32\wkscli.dll

11:36:43.0548 4812 C:\Windows\System32\wkscli.dll - ok

11:36:43.0548 4812 [ 5F3307352216618221A17CFEF273EEE2 ] C:\Windows\System32\ncrypt.dll

11:36:43.0548 4812 C:\Windows\System32\ncrypt.dll - ok

11:36:43.0564 4812 [ B9A95365E52F421A20E1501935FADDA5 ] C:\Windows\System32\bcrypt.dll

11:36:43.0564 4812 C:\Windows\System32\bcrypt.dll - ok

11:36:43.0564 4812 [ 02B64609F865A39365FF88580DF11738 ] C:\Windows\System32\msprivs.dll

11:36:43.0564 4812 C:\Windows\System32\msprivs.dll - ok

11:36:43.0564 4812 [ 50532FCD7ECF02DD169CE5C485F02534 ] C:\Windows\System32\negoexts.dll

11:36:43.0564 4812 C:\Windows\System32\negoexts.dll - ok

11:36:43.0579 4812 [ C6505DE3561537BA1004D638C2F93F2F ] C:\Windows\System32\netjoin.dll

11:36:43.0579 4812 C:\Windows\System32\netjoin.dll - ok

11:36:43.0579 4812 [ 44E1A196DFCB53B01FE4B855C3B56A15 ] C:\Windows\System32\kerberos.dll

11:36:43.0579 4812 C:\Windows\System32\kerberos.dll - ok

11:36:43.0579 4812 [ D0C2FBB6D97416B0166478FC7AE2B212 ] C:\Windows\System32\cryptsp.dll

11:36:43.0579 4812 C:\Windows\System32\cryptsp.dll - ok

11:36:43.0595 4812 [ 1D5185A4C7E6695431AE4B55C3D7D333 ] C:\Windows\System32\mswsock.dll

11:36:43.0595 4812 C:\Windows\System32\mswsock.dll - ok

11:36:43.0595 4812 [ EF12B8385AA2849999008A977918F96B ] C:\Windows\System32\msv1_0.dll

11:36:43.0595 4812 C:\Windows\System32\msv1_0.dll - ok

11:36:43.0595 4812 [ EC7CBFF96B05ECF3D366355B3C64ADCF ] C:\Windows\System32\wship6.dll

11:36:43.0595 4812 C:\Windows\System32\wship6.dll - ok

11:36:43.0610 4812 [ AA339DD8BB128EF66660DFBBB59043D3 ] C:\Windows\System32\netlogon.dll

11:36:43.0610 4812 C:\Windows\System32\netlogon.dll - ok

11:36:43.0610 4812 [ 492D07D79E7024CA310867B526D9636D ] C:\Windows\System32\dnsapi.dll

11:36:43.0610 4812 C:\Windows\System32\dnsapi.dll - ok

11:36:43.0626 4812 [ 8FFE297B8449386E7B6851458B6E474E ] C:\Windows\System32\logoncli.dll

11:36:43.0626 4812 C:\Windows\System32\logoncli.dll - ok

11:36:43.0626 4812 [ 1573C45E65DE32B1BC3572634F8F1E8E ] C:\Windows\System32\schannel.dll

11:36:43.0626 4812 C:\Windows\System32\schannel.dll - ok

11:36:43.0626 4812 [ 95FB6CA4374E343DDD653FCC43F9D26B ] C:\Windows\System32\wdigest.dll

11:36:43.0626 4812 C:\Windows\System32\wdigest.dll - ok

11:36:43.0642 4812 [ 5D8874A8C11DDDDE29E12DE0E2013493 ] C:\Windows\System32\rsaenh.dll

11:36:43.0642 4812 C:\Windows\System32\rsaenh.dll - ok

11:36:43.0642 4812 [ 8A25506B6948EFBD5A7F37E53CCD36D9 ] C:\Windows\System32\TSpkg.dll

11:36:43.0642 4812 C:\Windows\System32\TSpkg.dll - ok

11:36:43.0642 4812 [ E08088A97F95345E181C3DFCE2C615EF ] C:\Windows\System32\pku2u.dll

11:36:43.0642 4812 C:\Windows\System32\pku2u.dll - ok

11:36:43.0657 4812 [ 7DBA64AD70C2E2481C68D9E0F7CD7840 ] C:\Windows\System32\LIVESSP.DLL

11:36:43.0657 4812 C:\Windows\System32\LIVESSP.DLL - ok

11:36:43.0657 4812 [ D6C7780A364C6BBACFA796BAB9F1B374 ] C:\Windows\System32\bcryptprimitives.dll

11:36:43.0657 4812 C:\Windows\System32\bcryptprimitives.dll - ok

11:36:43.0657 4812 [ 52D3D5E3586988D4D9E34ACAAC33105C ] C:\Windows\System32\credssp.dll

11:36:43.0657 4812 C:\Windows\System32\credssp.dll - ok

11:36:43.0673 4812 [ 90BDEFC5DF334E5100EAA781D798DE1A ] C:\Windows\System32\efslsaext.dll

11:36:43.0673 4812 C:\Windows\System32\efslsaext.dll - ok

11:36:43.0673 4812 [ ED78427259134C63ED69804D2132B86C ] C:\Windows\System32\scecli.dll

11:36:43.0673 4812 C:\Windows\System32\scecli.dll - ok

11:36:43.0673 4812 [ 7CC7DF5B654DA579613F811D8C637E29 ] C:\Windows\System32\ubpm.dll

11:36:43.0673 4812 C:\Windows\System32\ubpm.dll - ok

11:36:43.0688 4812 [ 6CECA4C6A489C9B2E6073AFDAAE3F607 ] C:\Windows\System32\netutils.dll

11:36:43.0688 4812 C:\Windows\System32\netutils.dll - ok

11:36:43.0688 4812 [ C78655BC80301D76ED4FEF1C1EA40A7D ] C:\Windows\System32\svchost.exe

11:36:43.0688 4812 C:\Windows\System32\svchost.exe - ok

11:36:43.0688 4812 [ 25FBDEF06C4D92815B353F6E792C8129 ] C:\Windows\System32\umpnpmgr.dll

11:36:43.0688 4812 C:\Windows\System32\umpnpmgr.dll - ok

11:36:43.0704 4812 [ E6EB44ABAAF1F330119F854856C53EBE ] C:\Windows\System32\SPInf.dll

11:36:43.0704 4812 C:\Windows\System32\SPInf.dll - ok

11:36:43.0704 4812 [ CD1B5AD07E5F7FEF30E055DCC9E96180 ] C:\Windows\System32\devrtl.dll

11:36:43.0704 4812 C:\Windows\System32\devrtl.dll - ok

11:36:43.0704 4812 [ 9C9307C95671AC962F3D6EB3A4A89BAE ] C:\Windows\System32\gpapi.dll

11:36:43.0704 4812 C:\Windows\System32\gpapi.dll - ok

11:36:43.0720 4812 [ 7A17485DC7D8A7AC81321A42CD034519 ] C:\Windows\System32\userenv.dll

11:36:43.0720 4812 C:\Windows\System32\userenv.dll - ok

11:36:43.0720 4812 [ F6C011B46FAEEF33536B2E80F48B5CBE ] C:\Windows\System32\pcwum.dll

11:36:43.0720 4812 C:\Windows\System32\pcwum.dll - ok

11:36:43.0735 4812 [ 6BA9D927DDED70BD1A9CADED45F8B184 ] C:\Windows\System32\umpo.dll

11:36:43.0735 4812 C:\Windows\System32\umpo.dll - ok

11:36:43.0735 4812 [ 716175021BDA290504CE434273F666BC ] C:\Windows\System32\powrprof.dll

11:36:43.0735 4812 C:\Windows\System32\powrprof.dll - ok

11:36:43.0735 4812 [ 43D0F98E1D56CCDDB0D5254CFF7B356E ] C:\Windows\System32\drivers\luafv.sys

11:36:43.0735 4812 C:\Windows\System32\drivers\luafv.sys - ok

11:36:43.0751 4812 [ F3F5F2FDE0DEABA4F2CE336E9454FAE2 ] C:\Windows\System32\drivers\aswFsBlk.sys

11:36:43.0751 4812 C:\Windows\System32\drivers\aswFsBlk.sys - ok

11:36:43.0751 4812 [ 90980D5291F8E725700272E4B64EDA10 ] C:\Windows\System32\drivers\aswMonFlt.sys

11:36:43.0751 4812 C:\Windows\System32\drivers\aswMonFlt.sys - ok

11:36:43.0751 4812 [ 0BB97D43299910CBFBA59C461B99B910 ] C:\Windows\System32\drivers\mbam.sys

11:36:43.0751 4812 C:\Windows\System32\drivers\mbam.sys - ok

11:36:43.0766 4812 [ 8F571F016FA1976F445147E9E6C8AE9B ] C:\Windows\System32\drivers\Sftvollh.sys

11:36:43.0766 4812 C:\Windows\System32\drivers\Sftvollh.sys - ok

11:36:43.0766 4812 [ 5C627D1B1138676C0A7AB2C2C190D123 ] C:\Windows\System32\rpcss.dll

11:36:43.0766 4812 C:\Windows\System32\rpcss.dll - ok

11:36:43.0766 4812 [ E4DC58CF7B3EA515AE917FF0D402A7BB ] C:\Windows\System32\RpcEpMap.dll

11:36:43.0766 4812 C:\Windows\System32\RpcEpMap.dll - ok

11:36:43.0782 4812 [ 31559F3244C6BC00A52030CAA83B6B91 ] C:\Windows\System32\WSHTCPIP.DLL

11:36:43.0782 4812 C:\Windows\System32\WSHTCPIP.DLL - ok

11:36:43.0782 4812 [ 16E964ABF6D1E0F0CC7822FCA9BA754D ] C:\Windows\System32\wshqos.dll

11:36:43.0782 4812 C:\Windows\System32\wshqos.dll - ok

11:36:43.0782 4812 [ 9AD9E06F8656F296D91FAE8EE5B95A27 ] C:\Windows\System32\FirewallAPI.dll

11:36:43.0782 4812 C:\Windows\System32\FirewallAPI.dll - ok

11:36:43.0798 4812 [ 715F03B4C7223349768013EA95D9E5B7 ] C:\Windows\System32\LogonUI.exe

11:36:43.0798 4812 C:\Windows\System32\LogonUI.exe - ok

11:36:43.0798 4812 [ 0BEE002C68E28CE6DA161DCF1376D7D7 ] C:\Windows\System32\authui.dll

11:36:43.0798 4812 C:\Windows\System32\authui.dll - ok

11:36:43.0798 4812 [ 94E026870A55AAEAFF7853C1754091E9 ] C:\Windows\System32\version.dll

11:36:43.0798 4812 C:\Windows\System32\version.dll - ok

11:36:43.0813 4812 [ 6011714C8C5C55CBFFAD24D61E879FBD ] C:\Windows\System32\wevtsvc.dll

11:36:43.0813 4812 C:\Windows\System32\wevtsvc.dll - ok

11:36:43.0813 4812 [ B3BFBD758506ECB50C5804AAA76318F9 ] C:\Windows\System32\cryptui.dll

11:36:43.0813 4812 C:\Windows\System32\cryptui.dll - ok

11:36:43.0829 4812 [ 4E9C2DB10F7E6AE91BF761139D4B745B ] C:\Windows\System32\shacct.dll

11:36:43.0829 4812 C:\Windows\System32\shacct.dll - ok

11:36:43.0829 4812 [ 5B3EBFC3DA142324B388DDCC4465E1FF ] C:\Windows\System32\samlib.dll

11:36:43.0829 4812 C:\Windows\System32\samlib.dll - ok

11:36:43.0829 4812 [ 5F28111C648F1E24F7DBC87CDEB091B8 ] C:\Windows\System32\netprofm.dll

11:36:43.0829 4812 C:\Windows\System32\netprofm.dll - ok

11:36:43.0844 4812 [ F06BB4E336EA57511FDBAFAFCC47DE62 ] C:\Windows\System32\propsys.dll

11:36:43.0844 4812 C:\Windows\System32\propsys.dll - ok

11:36:43.0844 4812 [ F23FEF6D569FCE88671949894A8BECF1 ] C:\Windows\System32\audiosrv.dll

11:36:43.0844 4812 C:\Windows\System32\audiosrv.dll - ok

11:36:43.0844 4812 [ C4C183E6551084039EC862DA1C945E3D ] C:\Windows\System32\FntCache.dll

11:36:43.0844 4812 C:\Windows\System32\FntCache.dll - ok

11:36:43.0860 4812 [ 78A1E65207484B7F8D3217507745F47C ] C:\Windows\System32\avrt.dll

11:36:43.0860 4812 C:\Windows\System32\avrt.dll - ok

11:36:43.0860 4812 [ E40E80D0304A73E8D269F7141D77250B ] C:\Windows\System32\mmcss.dll

11:36:43.0860 4812 C:\Windows\System32\mmcss.dll - ok

11:36:43.0860 4812 [ 588CD0C78A7FAAE4186B5EEA0AF3ED67 ] C:\Windows\System32\adtschema.dll

11:36:43.0860 4812 C:\Windows\System32\adtschema.dll - ok

11:36:43.0860 4812 [ 227E2C382A1E02F8D4965E664D3BBE43 ] C:\Windows\System32\MMDevAPI.dll

11:36:43.0860 4812 C:\Windows\System32\MMDevAPI.dll - ok

11:36:43.0876 4812 [ D29E998E8277666982B4F0303BF4E7AF ] C:\Windows\System32\uxtheme.dll

11:36:43.0876 4812 C:\Windows\System32\uxtheme.dll - ok

11:36:43.0876 4812 [ 179E8401224D557ECFF3695F2016EA5B ] C:\Windows\winsxs\amd64_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.17825_none_2b253c8271ec7765\GdiPlus.dll

11:36:43.0876 4812 C:\Windows\winsxs\amd64_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.17825_none_2b253c8271ec7765\GdiPlus.dll - ok

11:36:43.0876 4812 [ 4FADA86E62F18A1B2F42BA18AE24E6AA ] C:\Windows\System32\wlansvc.dll

11:36:43.0876 4812 C:\Windows\System32\wlansvc.dll - ok

11:36:43.0891 4812 [ D5CCA1453B98A5801E6D5FF0FF89DC6C ] C:\Windows\System32\audiodg.exe

11:36:43.0891 4812 C:\Windows\System32\audiodg.exe - ok

11:36:43.0891 4812 [ 50544D04AD845C43130B70212EC05CCD ] C:\Windows\System32\microsoft-windows-kernel-power-events.dll

11:36:43.0891 4812 C:\Windows\System32\microsoft-windows-kernel-power-events.dll - ok

11:36:43.0907 4812 [ DA6B67270FD9DB3697B20FCE94950741 ] C:\Windows\System32\drivers\fltMgr.sys

11:36:43.0907 4812 C:\Windows\System32\drivers\fltMgr.sys - ok

11:36:43.0907 4812 [ 1F4492FE41767CDB8B89D17655847CDD ] C:\Windows\System32\ntmarta.dll

11:36:43.0907 4812 C:\Windows\System32\ntmarta.dll - ok

11:36:43.0907 4812 [ A3DB3C17EE6CAE65D53602B4E80BCCBC ] C:\Windows\System32\PSHED.DLL

11:36:43.0907 4812 C:\Windows\System32\PSHED.DLL - ok

11:36:43.0922 4812 [ B0945E538CF906BBDDC5A11C8EE868CC ] C:\Windows\System32\microsoft-windows-kernel-processor-power-events.dll

11:36:43.0922 4812 C:\Windows\System32\microsoft-windows-kernel-processor-power-events.dll - ok

11:36:43.0922 4812 [ 3CB6A7286422C72C34DAB54A5DFF1A34 ] C:\Windows\System32\dui70.dll

11:36:43.0922 4812 C:\Windows\System32\dui70.dll - ok

11:36:43.0922 4812 [ 277BBC7E1AA1EE957F573A10ECA7EF3A ] C:\Windows\System32\gpsvc.dll

11:36:43.0922 4812 C:\Windows\System32\gpsvc.dll - ok

11:36:43.0922 4812 [ 8CCDE014A4CDF84564E03ACE064CA753 ] C:\Windows\System32\duser.dll

11:36:43.0922 4812 C:\Windows\System32\duser.dll - ok

11:36:43.0938 4812 [ EF2AE43BCD46ABB13FC3E5B2B1935C73 ] C:\Windows\System32\winmm.dll

11:36:43.0938 4812 C:\Windows\System32\winmm.dll - ok

11:36:43.0938 4812 [ 46BB91A169B9B31FF44EB04C48EC1D41 ] C:\Windows\System32\nlaapi.dll

11:36:43.0938 4812 C:\Windows\System32\nlaapi.dll - ok

11:36:43.0954 4812 [ 53E83F1F6CF9D62F32801CF66D8352A8 ] C:\Windows\System32\profsvc.dll

11:36:43.0954 4812 C:\Windows\System32\profsvc.dll - ok

11:36:43.0954 4812 [ D7F1EF374A90709B31591823B002F918 ] C:\Windows\System32\SndVolSSO.dll

11:36:43.0954 4812 C:\Windows\System32\SndVolSSO.dll - ok

11:36:43.0954 4812 [ 58775492FFD419248B08325E583C527F ] C:\Windows\System32\atl.dll

11:36:43.0954 4812 C:\Windows\System32\atl.dll - ok

11:36:43.0954 4812 [ 896F15A6434D93EDB42519D5E18E6B50 ] C:\Windows\System32\hid.dll

11:36:43.0954 4812 C:\Windows\System32\hid.dll - ok

11:36:43.0969 4812 [ 1473768973453DE50DC738C2955FC4DD ] C:\Windows\System32\wdmaud.drv

11:36:43.0969 4812 C:\Windows\System32\wdmaud.drv - ok

11:36:43.0969 4812 [ A77BE7CB3222B4FB0AC6C71D1C2698D4 ] C:\Windows\System32\dsrole.dll

11:36:43.0969 4812 C:\Windows\System32\dsrole.dll - ok

11:36:43.0969 4812 [ 8560FFFC8EB3A806DCD4F82252CFC8C6 ] C:\Windows\System32\ksuser.dll

11:36:43.0969 4812 C:\Windows\System32\ksuser.dll - ok

11:36:43.0985 4812 [ BE097F5BB10F9079FCEB2DC4E7E20F02 ] C:\Windows\System32\slc.dll

11:36:43.0985 4812 C:\Windows\System32\slc.dll - ok

11:36:43.0985 4812 [ F0344071948D1A1FA732231785A0664C ] C:\Windows\System32\themeservice.dll

11:36:43.0985 4812 C:\Windows\System32\themeservice.dll - ok

11:36:43.0985 4812 [ DA1B7075260F3872585BFCDD668C648B ] C:\Windows\System32\dwmapi.dll

11:36:43.0985 4812 C:\Windows\System32\dwmapi.dll - ok

11:36:44.0000 4812 [ 4166F82BE4D24938977DD1746BE9B8A0 ] C:\Windows\System32\es.dll

11:36:44.0000 4812 C:\Windows\System32\es.dll - ok

11:36:44.0000 4812 [ 6F8B48F3D343E4B186AB6A9E302B7E16 ] C:\Windows\System32\xmllite.dll

11:36:44.0000 4812 C:\Windows\System32\xmllite.dll - ok

11:36:44.0000 4812 [ 1A47D52E303B7543E4E6026595B95422 ] C:\Windows\System32\comres.dll

11:36:44.0000 4812 C:\Windows\System32\comres.dll - ok

11:36:44.0016 4812 [ C32AB8FA018EF34C0F113BD501436D21 ] C:\Windows\System32\Sens.dll

11:36:44.0016 4812 C:\Windows\System32\Sens.dll - ok

11:36:44.0016 4812 [ 1538831CF8AD2979A04C423779465827 ] C:\Windows\System32\drivers\lltdio.sys

11:36:44.0016 4812 C:\Windows\System32\drivers\lltdio.sys - ok

11:36:44.0016 4812 [ 1EA3749C4114DB3E3161156FFFFA6B33 ] C:\Windows\System32\drivers\nwifi.sys

11:36:44.0016 4812 C:\Windows\System32\drivers\nwifi.sys - ok

11:36:44.0032 4812 [ EDBB23CBCF2CDF727D64FF9B51A6070E ] C:\Windows\System32\uxsms.dll

11:36:44.0032 4812 C:\Windows\System32\uxsms.dll - ok

11:36:44.0032 4812 [ BD3674BE7FC9D8D3732C83E8499576ED ] C:\Windows\System32\wtsapi32.dll

11:36:44.0032 4812 C:\Windows\System32\wtsapi32.dll - ok

11:36:44.0032 4812 [ DC220AE6F64819099F7EBD6F137E32E7 ] C:\Windows\System32\AudioSes.dll

11:36:44.0032 4812 C:\Windows\System32\AudioSes.dll - ok

11:36:44.0047 4812 [ 136185F9FB2CC61E573E676AA5402356 ] C:\Windows\System32\drivers\ndisuio.sys

11:36:44.0047 4812 C:\Windows\System32\drivers\ndisuio.sys - ok

11:36:44.0047 4812 [ DDC86E4F8E7456261E637E3552E804FF ] C:\Windows\System32\drivers\rspndr.sys

11:36:44.0047 4812 C:\Windows\System32\drivers\rspndr.sys - ok

11:36:44.0047 4812 [ 2B81776DA02017A37FE26C662827470E ] C:\Windows\System32\IPHLPAPI.DLL

11:36:44.0047 4812 C:\Windows\System32\IPHLPAPI.DLL - ok

11:36:44.0063 4812 [ F993A32249B66C9D622EA5592A8B76B8 ] C:\Windows\System32\lmhsvc.dll

11:36:44.0063 4812 C:\Windows\System32\lmhsvc.dll - ok

11:36:44.0063 4812 [ D54BFDF3E0C953F823B3D0BFE4732528 ] C:\Windows\System32\nsisvc.dll

11:36:44.0063 4812 C:\Windows\System32\nsisvc.dll - ok

11:36:44.0063 4812 [ 43D808F5D9E1A18E5EEB5EBC83969E4E ] C:\Windows\System32\dhcpcore.dll

11:36:44.0063 4812 C:\Windows\System32\dhcpcore.dll - ok

11:36:44.0078 4812 [ B73A6E4B319AFFE64582AC5C1801BB3F ] C:\Windows\System32\nrpsrv.dll

11:36:44.0078 4812 C:\Windows\System32\nrpsrv.dll - ok

11:36:44.0078 4812 [ 4C9210E8F4E052F6A4EB87716DA0C24C ] C:\Windows\System32\winnsi.dll

11:36:44.0078 4812 C:\Windows\System32\winnsi.dll - ok

11:36:44.0078 4812 [ BDDF242A49E7B7DC5CCEC291BCE53ACB ] C:\Windows\System32\WindowsCodecs.dll

11:36:44.0078 4812 C:\Windows\System32\WindowsCodecs.dll - ok

11:36:44.0094 4812 [ 3CC16A849E6092E43909F48EF0E60306 ] C:\Windows\System32\dhcpcore6.dll

11:36:44.0094 4812 C:\Windows\System32\dhcpcore6.dll - ok

11:36:44.0094 4812 [ 16835866AAA693C7D7FCEBA8FFF706E4 ] C:\Windows\System32\dnsrslvr.dll

11:36:44.0094 4812 C:\Windows\System32\dnsrslvr.dll - ok

11:36:44.0094 4812 [ 87356377F31DA5F20A833811CD59499C ] C:\Windows\System32\eapphost.dll

11:36:44.0094 4812 C:\Windows\System32\eapphost.dll - ok

11:36:44.0110 4812 [ E2DDA8726DA9CB5B2C4000C9018A9633 ] C:\Windows\System32\eapsvc.dll

11:36:44.0110 4812 C:\Windows\System32\eapsvc.dll - ok

11:36:44.0110 4812 [ F9EC845C5EECF20E9A67F9F805F2EF1F ] C:\Windows\System32\keyiso.dll

11:36:44.0110 4812 C:\Windows\System32\keyiso.dll - ok

11:36:44.0110 4812 [ 1B7C3A37362C7B2890168C5FC61C8D9B ] C:\Windows\System32\msacm32.drv

11:36:44.0110 4812 C:\Windows\System32\msacm32.drv - ok

11:36:44.0125 4812 [ 10AC5CE9F78DC281A1BBD9B8CC587B8A ] C:\Windows\System32\msacm32.dll

11:36:44.0125 4812 C:\Windows\System32\msacm32.dll - ok

11:36:44.0125 4812 [ 0040C486584A8E582C861CFB57AB5387 ] C:\Windows\System32\FWPUCLNT.DLL

11:36:44.0125 4812 C:\Windows\System32\FWPUCLNT.DLL - ok

11:36:44.0125 4812 [ CA2A0750ED830678997695FF61B04C30 ] C:\Windows\System32\midimap.dll

11:36:44.0125 4812 C:\Windows\System32\midimap.dll - ok

11:36:44.0141 4812 [ 9FCA3A84338ADEF2AFF67CDA46EF8539 ] C:\Windows\System32\umb.dll

11:36:44.0141 4812 C:\Windows\System32\umb.dll - ok

11:36:44.0141 4812 [ 885D0942E0F28DB90919BE3129ECF279 ] C:\Windows\System32\dnsext.dll

11:36:44.0141 4812 C:\Windows\System32\dnsext.dll - ok

11:36:44.0141 4812 [ A648C4A06DE367065B24056D067B4460 ] C:\Windows\System32\wlanmsm.dll

11:36:44.0141 4812 C:\Windows\System32\wlanmsm.dll - ok

11:36:44.0156 4812 [ 5EDBB34736DD7AC1A73CF8792A835E10 ] C:\Windows\System32\AudioEng.dll

11:36:44.0156 4812 C:\Windows\System32\AudioEng.dll - ok

11:36:44.0156 4812 [ F568F7C08458D69E4FCD8675BBB107E4 ] C:\Windows\System32\dhcpcsvc.dll

11:36:44.0156 4812 C:\Windows\System32\dhcpcsvc.dll - ok

11:36:44.0156 4812 [ 3C06D5A929B798D0B13F6481242A0FD2 ] C:\Windows\System32\dhcpcsvc6.dll

11:36:44.0156 4812 C:\Windows\System32\dhcpcsvc6.dll - ok

11:36:44.0172 4812 [ 06A1386B6E3A0CBC368665C1840906F4 ] C:\Windows\System32\wlansec.dll

11:36:44.0172 4812 C:\Windows\System32\wlansec.dll - ok

11:36:44.0172 4812 [ 9F2BACD5E1776A4BB7CC0EC3C3A4F96D ] C:\Windows\System32\winbrand.dll

11:36:44.0172 4812 C:\Windows\System32\winbrand.dll - ok

11:36:44.0172 4812 [ C2762A57DF0EE85E63CE4893C5215313 ] C:\Windows\System32\VaultCredProvider.dll

11:36:44.0172 4812 C:\Windows\System32\VaultCredProvider.dll - ok

11:36:44.0188 4812 [ 73FCB7919DEE80EE556F2E498594EBAE ] C:\Windows\System32\onex.dll

11:36:44.0188 4812 C:\Windows\System32\onex.dll - ok

11:36:44.0188 4812 [ C1395286B822E306B4FE1568A8A77813 ] C:\Windows\System32\AUDIOKSE.dll

11:36:44.0188 4812 C:\Windows\System32\AUDIOKSE.dll - ok

11:36:44.0188 4812 [ 65522E77A1360DBC8D199DA3BF5EFFE4 ] C:\Windows\System32\eappprxy.dll

11:36:44.0188 4812 C:\Windows\System32\eappprxy.dll - ok

11:36:44.0203 4812 [ CA2985996BB49924B677113DF95CFEA7 ] C:\Windows\System32\SmartcardCredentialProvider.dll

11:36:44.0203 4812 C:\Windows\System32\SmartcardCredentialProvider.dll - ok

11:36:44.0203 4812 [ 0D753307D274F3688BD21C377B616700 ] C:\Windows\System32\eappcfg.dll

11:36:44.0203 4812 C:\Windows\System32\eappcfg.dll - ok

11:36:44.0203 4812 [ BF352E73615F5461AA6884472435A544 ] C:\Windows\System32\BioCredProv.dll

11:36:44.0203 4812 C:\Windows\System32\BioCredProv.dll - ok

11:36:44.0219 4812 [ 448E073D8FA3016DBA69EF2421B6F9D9 ] C:\Windows\System32\RtkAPO64.dll

11:36:44.0219 4812 C:\Windows\System32\RtkAPO64.dll - ok

11:36:44.0219 4812 [ 796B8123A7859AFD3A4AE10514DBAEB5 ] C:\Windows\System32\winbio.dll

11:36:44.0219 4812 C:\Windows\System32\winbio.dll - ok

11:36:44.0219 4812 [ CC0AB40F02D2C2A12209715A3C1B07B8 ] C:\Windows\System32\credui.dll

11:36:44.0219 4812 C:\Windows\System32\credui.dll - ok

11:36:44.0234 4812 [ 730BF204A595D5B6D7DC57A247CC741C ] C:\Windows\System32\wlgpclnt.dll

11:36:44.0234 4812 C:\Windows\System32\wlgpclnt.dll - ok

11:36:44.0234 4812 [ 97E43F324BE1503CB2FFB058534688DA ] C:\Windows\System32\l2gpstore.dll

11:36:44.0234 4812 C:\Windows\System32\l2gpstore.dll - ok

11:36:44.0234 4812 [ 7D5645EE0EA77D539828433D9B95F5EB ] C:\Windows\System32\WinSCard.dll

11:36:44.0234 4812 C:\Windows\System32\WinSCard.dll - ok

11:36:44.0250 4812 [ 7F1B4C6FF3B85F9ADF74055187B8A22C ] C:\Windows\System32\wlanutil.dll

11:36:44.0250 4812 C:\Windows\System32\wlanutil.dll - ok

11:36:44.0250 4812 [ EEEA40F0EDB0A6E5359E539E15D0BC77 ] C:\Windows\System32\netapi32.dll

11:36:44.0250 4812 C:\Windows\System32\netapi32.dll - ok

11:36:44.0250 4812 [ 44B9C66177651F3F53C87B665D58D17A ] C:\Windows\System32\vaultcli.dll

11:36:44.0250 4812 C:\Windows\System32\vaultcli.dll - ok

11:36:44.0266 4812 [ FC51229C7D4AFA0D6F186133728B95AB ] C:\Windows\System32\samcli.dll

11:36:44.0266 4812 C:\Windows\System32\samcli.dll - ok

11:36:44.0266 4812 [ 99B91C5D2FCEF218CAD3600ECB62A799 ] C:\Windows\System32\msxml6.dll

11:36:44.0266 4812 C:\Windows\System32\msxml6.dll - ok

11:36:44.0266 4812 [ 972C3301DB3DA91AE06A95F6B4160B1B ] C:\Windows\System32\certCredProvider.dll

11:36:44.0266 4812 C:\Windows\System32\certCredProvider.dll - ok

11:36:44.0281 4812 [ 032229246107C5C7211E6D1498B52D3D ] C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDCREDPROV.DLL

11:36:44.0281 4812 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDCREDPROV.DLL - ok

11:36:44.0281 4812 [ 87FA0C48C3B2E9FEE518818FE26B15B5 ] C:\Windows\System32\rasplap.dll

11:36:44.0281 4812 C:\Windows\System32\rasplap.dll - ok

11:36:44.0281 4812 [ 019CD868461B646E09BDF04474C19341 ] C:\Windows\System32\rasapi32.dll

11:36:44.0281 4812 C:\Windows\System32\rasapi32.dll - ok

11:36:44.0297 4812 [ B28DEEC597C8DEB70C744C7CF9210E3E ] C:\Windows\System32\rasman.dll

11:36:44.0297 4812 C:\Windows\System32\rasman.dll - ok

11:36:44.0297 4812 [ B53C4B69B695EDA1B7E41D35CA4244E2 ] C:\Windows\System32\rtutils.dll

11:36:44.0297 4812 C:\Windows\System32\rtutils.dll - ok

11:36:44.0297 4812 [ 9BC8610C32C96A2983A65DC21CAFA921 ] C:\Windows\System32\UXInit.dll

11:36:44.0297 4812 C:\Windows\System32\UXInit.dll - ok

11:36:44.0312 4812 [ 43FAB56AE5F639AD59D7209693F4C4C2 ] C:\Windows\System32\wlanext.exe

11:36:44.0312 4812 C:\Windows\System32\wlanext.exe - ok

11:36:44.0312 4812 [ 6F702A7EA2D5F2B55CC90C333FBE9978 ] C:\Program Files\AVAST Software\Avast\AvastSvc.exe

11:36:44.0312 4812 C:\Program Files\AVAST Software\Avast\AvastSvc.exe - ok

11:36:44.0312 4812 [ B90443404596E62B2E60A9EEA5FAF5CA ] C:\Windows\System32\R4EED64A.dll

11:36:44.0312 4812 C:\Windows\System32\R4EED64A.dll - ok

11:36:44.0328 4812 [ E0B4052B55114ACD0BFE627AE050E751 ] C:\Windows\System32\R4EEL64A.dll

11:36:44.0328 4812 C:\Windows\System32\R4EEL64A.dll - ok

11:36:44.0328 4812 [ 5AA945234E9D4CCE4F715276B9AA712C ] C:\Windows\System32\imageres.dll

11:36:44.0328 4812 C:\Windows\System32\imageres.dll - ok

11:36:44.0328 4812 [ E73B0F1819602CB6EF176FB78D76A47B ] C:\Windows\SysWOW64\ntdll.dll

11:36:44.0328 4812 C:\Windows\SysWOW64\ntdll.dll - ok

11:36:44.0344 4812 [ 1BCDB508143B517F21BBDAC10F5777BF ] C:\Windows\System32\conhost.exe

11:36:44.0344 4812 C:\Windows\System32\conhost.exe - ok

11:36:44.0344 4812 [ C815DC37FF8DC0F2F3FD5DA3174373D8 ] C:\Windows\System32\bcmihvsrv64.dll

11:36:44.0344 4812 C:\Windows\System32\bcmihvsrv64.dll - ok

11:36:44.0344 4812 [ 259EB5F7D95A29842B476C5B3EB6E186 ] C:\Windows\System32\wow64.dll

11:36:44.0344 4812 C:\Windows\System32\wow64.dll - ok

11:36:44.0359 4812 [ 5674E21E82CFBEA36DDAD5DB285D6DBC ] C:\Windows\System32\wow64win.dll

11:36:44.0359 4812 C:\Windows\System32\wow64win.dll - ok

11:36:44.0359 4812 [ 3EE3AA76D8AB6D5644C4C8F34471CEB3 ] C:\Windows\System32\wow64cpu.dll

11:36:44.0359 4812 C:\Windows\System32\wow64cpu.dll - ok

11:36:44.0359 4812 [ AC0B6F41882FC6ED186962D770EBF1D2 ] C:\Windows\SysWOW64\kernel32.dll

11:36:44.0359 4812 C:\Windows\SysWOW64\kernel32.dll - ok

11:36:44.0375 4812 [ E954A79D6A754A5475582CACED1565E6 ] C:\Windows\SysWOW64\KernelBase.dll

11:36:44.0375 4812 C:\Windows\SysWOW64\KernelBase.dll - ok

11:36:44.0375 4812 [ 9DC80A8AAAAAC397BDAB3C67165A824E ] C:\Windows\SysWOW64\msvcrt.dll

11:36:44.0375 4812 C:\Windows\SysWOW64\msvcrt.dll - ok

11:36:44.0375 4812 [ 7FF15A4F092CD4A96055BA69F903E3E9 ] C:\Windows\SysWOW64\ws2_32.dll

11:36:44.0375 4812 C:\Windows\SysWOW64\ws2_32.dll - ok

11:36:44.0390 4812 [ 357BE883C5236BFC7341CB9E82308908 ] C:\Windows\System32\wlanapi.dll

11:36:44.0390 4812 C:\Windows\System32\wlanapi.dll - ok

11:36:44.0390 4812 [ C5AD8083CF94201F1F8084ECC696A8B7 ] C:\Windows\SysWOW64\rpcrt4.dll

11:36:44.0390 4812 C:\Windows\SysWOW64\rpcrt4.dll - ok

11:36:44.0390 4812 [ F08F6FCD09F9BE94C37ACC1B344685FF ] C:\Windows\SysWOW64\cryptbase.dll

11:36:44.0390 4812 C:\Windows\SysWOW64\cryptbase.dll - ok

11:36:44.0406 4812 [ 6377051C63D5552A311935C67E9FDFDC ] C:\Windows\SysWOW64\nsi.dll

11:36:44.0406 4812 C:\Windows\SysWOW64\nsi.dll - ok

11:36:44.0406 4812 [ CFC97F07904067A1E5FAE195D534DA3A ] C:\Windows\SysWOW64\sechost.dll

11:36:44.0406 4812 C:\Windows\SysWOW64\sechost.dll - ok

11:36:44.0406 4812 [ EDA7AD21DF8945528F01F0A86D69E524 ] C:\Windows\SysWOW64\sspicli.dll

11:36:44.0406 4812 C:\Windows\SysWOW64\sspicli.dll - ok

11:36:44.0422 4812 [ 03706015DB44368375AEBE6339490E66 ] C:\Windows\System32\netcfgx.dll

11:36:44.0422 4812 C:\Windows\System32\netcfgx.dll - ok

11:36:44.0422 4812 [ E98E2320D1F9054A0DEF120424370731 ] C:\Program Files\AVAST Software\Avast\aswCmnBS.dll

11:36:44.0422 4812 C:\Program Files\AVAST Software\Avast\aswCmnBS.dll - ok

11:36:44.0422 4812 [ 1A9C97986CCC3B2175C1FB5AA2E6C723 ] C:\Program Files\AVAST Software\Avast\aswCmnOS.dll

11:36:44.0422 4812 C:\Program Files\AVAST Software\Avast\aswCmnOS.dll - ok

11:36:44.0437 4812 [ 35C32583274ECD29D1E8ACE82B26B86D ] C:\Program Files\AVAST Software\Avast\aswCmnIS.dll

11:36:44.0437 4812 C:\Program Files\AVAST Software\Avast\aswCmnIS.dll - ok

11:36:44.0437 4812 [ CDBE9690CF2B8409FACAD94FAC9479C9 ] C:\Windows\winsxs\x86_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.6161_none_50934f2ebcb7eb57\msvcr90.dll

11:36:44.0437 4812 C:\Windows\winsxs\x86_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.6161_none_50934f2ebcb7eb57\msvcr90.dll - ok

11:36:44.0437 4812 [ 5E0DB2D8B2750543CD2EBB9EA8E6CDD3 ] C:\Windows\SysWOW64\user32.dll

11:36:44.0437 4812 C:\Windows\SysWOW64\user32.dll - ok

11:36:44.0453 4812 [ D6D3AD7BF1D6F6CE9547613ED5E170A2 ] C:\Windows\SysWOW64\gdi32.dll

11:36:44.0453 4812 C:\Windows\SysWOW64\gdi32.dll - ok

11:36:44.0453 4812 [ 384721EF4024890092625E20CADFAF85 ] C:\Windows\SysWOW64\lpk.dll

11:36:44.0453 4812 C:\Windows\SysWOW64\lpk.dll - ok

11:36:44.0453 4812 [ B7230010D97787AF3D25E4C82F2B06B9 ] C:\Windows\SysWOW64\usp10.dll

11:36:44.0453 4812 C:\Windows\SysWOW64\usp10.dll - ok

11:36:44.0468 4812 [ 95E2376B3323F062EB562B8586D0F14A ] C:\Windows\SysWOW64\advapi32.dll

11:36:44.0468 4812 C:\Windows\SysWOW64\advapi32.dll - ok

11:36:44.0468 4812 [ 928CF7268086631F54C3D8E17238C6DD ] C:\Windows\SysWOW64\ole32.dll

11:36:44.0468 4812 C:\Windows\SysWOW64\ole32.dll - ok

11:36:44.0468 4812 [ 4C39358EBDD2FFCD9132A30E1EC31E16 ] C:\Windows\winsxs\x86_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.6161_none_50934f2ebcb7eb57\msvcp90.dll

11:36:44.0468 4812 C:\Windows\winsxs\x86_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.6161_none_50934f2ebcb7eb57\msvcp90.dll - ok

11:36:44.0484 4812 [ 63EAA3A49AC370CCD93C7469991EC8CE ] C:\Program Files\AVAST Software\Avast\ashBase.dll

11:36:44.0484 4812 C:\Program Files\AVAST Software\Avast\ashBase.dll - ok

11:36:44.0484 4812 [ DF13A51A5C591887D2EC6AE64CEED0FA ] C:\Windows\SysWOW64\wsock32.dll

11:36:44.0484 4812 C:\Windows\SysWOW64\wsock32.dll - ok

11:36:44.0484 4812 [ 702254574E7E52052DE39408457B7149 ] C:\Windows\SysWOW64\version.dll

11:36:44.0484 4812 C:\Windows\SysWOW64\version.dll - ok

11:36:44.0500 4812 [ 3E3D34F70C026755069F97FB94DA44F3 ] C:\Program Files\AVAST Software\Avast\aswEngLdr.dll

11:36:44.0500 4812 C:\Program Files\AVAST Software\Avast\aswEngLdr.dll - ok

11:36:44.0500 4812 [ 60D21799A4AF4EDCE65FB98830E4B0C8 ] C:\Windows\SysWOW64\crypt32.dll

11:36:44.0500 4812 C:\Windows\SysWOW64\crypt32.dll - ok

11:36:44.0500 4812 [ A543AC1F7138376D778D630A35FCBC4C ] C:\Windows\SysWOW64\psapi.dll

11:36:44.0500 4812 C:\Windows\SysWOW64\psapi.dll - ok

11:36:44.0515 4812 [ 938F39B50BAFE13D6F58C7790682C010 ] C:\Windows\SysWOW64\msasn1.dll

11:36:44.0515 4812 C:\Windows\SysWOW64\msasn1.dll - ok

11:36:44.0515 4812 [ C5B6468422DB1C8AA36C32CBB0197E5E ] C:\Windows\SysWOW64\wininet.dll

11:36:44.0515 4812 C:\Windows\SysWOW64\wininet.dll - ok

11:36:44.0515 4812 [ 8CC3C111D653E96F3EA1590891491D71 ] C:\Windows\SysWOW64\shlwapi.dll

11:36:44.0515 4812 C:\Windows\SysWOW64\shlwapi.dll - ok

11:36:44.0531 4812 [ 9BDDA34DC4890169DE5BA21134B33EFB ] C:\Windows\SysWOW64\iertutil.dll

11:36:44.0531 4812 C:\Windows\SysWOW64\iertutil.dll - ok

11:36:44.0531 4812 [ 4E7F83E1F6AEFA38E270EA7353D6911E ] C:\Windows\SysWOW64\urlmon.dll

11:36:44.0531 4812 C:\Windows\SysWOW64\urlmon.dll - ok

11:36:44.0531 4812 [ 6C765E82B57F2E66CE9C54AC238471D9 ] C:\Windows\SysWOW64\oleaut32.dll

11:36:44.0531 4812 C:\Windows\SysWOW64\oleaut32.dll - ok

11:36:44.0546 4812 [ A6F09E5669D9A19035F6D942CAA15882 ] C:\Windows\SysWOW64\imm32.dll

11:36:44.0546 4812 C:\Windows\SysWOW64\imm32.dll - ok

11:36:44.0546 4812 [ C9618BC9B2B0FD7C1138D8774795A79B ] C:\Windows\SysWOW64\msctf.dll

11:36:44.0546 4812 C:\Windows\SysWOW64\msctf.dll - ok

11:36:44.0546 4812 [ BD5FA21C26EBB59CB600200A8671227A ] C:\Program Files\AVAST Software\Avast\avBugReport.exe

11:36:44.0546 4812 C:\Program Files\AVAST Software\Avast\avBugReport.exe - ok

11:36:44.0562 4812 [ 863F793D15B4026B1A5FDECA873D4D84 ] C:\Windows\SysWOW64\apphelp.dll

11:36:44.0562 4812 C:\Windows\SysWOW64\apphelp.dll - ok

11:36:44.0562 4812 [ 5C5E3AFD499E5146FEF1DA5EF8A23205 ] C:\Program Files\AVAST Software\Avast\dbghelp.dll

11:36:44.0562 4812 C:\Program Files\AVAST Software\Avast\dbghelp.dll - ok

11:36:44.0562 4812 [ A5D89E141E45EF43ECBDCE542DA4756D ] C:\Program Files\AVAST Software\Avast\1033\Base.dll

11:36:44.0562 4812 C:\Program Files\AVAST Software\Avast\1033\Base.dll - ok

11:36:44.0562 4812 [ 71B8796EFAD104E0ED00FC3F9BB6420D ] C:\Program Files\AVAST Software\Avast\ashServ.dll

11:36:44.0562 4812 C:\Program Files\AVAST Software\Avast\ashServ.dll - ok

11:36:44.0578 4812 [ A61AF2CB66DE554C66707B9BECB25514 ] C:\Program Files\AVAST Software\Avast\aswAux.dll

11:36:44.0578 4812 C:\Program Files\AVAST Software\Avast\aswAux.dll - ok

11:36:44.0578 4812 [ AAF932B4011D14052955D4B212A4DA8D ] C:\Windows\System32\shsvcs.dll

11:36:44.0578 4812 C:\Windows\System32\shsvcs.dll - ok

11:36:44.0578 4812 [ 5FF1382716DED97328800ACF723735F1 ] C:\Program Files\AVAST Software\Avast\ashTask.dll

11:36:44.0578 4812 C:\Program Files\AVAST Software\Avast\ashTask.dll - ok

11:36:44.0593 4812 [ A8A18342AFADD0FF96F574B1584183E5 ] C:\Program Files\AVAST Software\Avast\ashTaskEx.dll

11:36:44.0593 4812 C:\Program Files\AVAST Software\Avast\ashTaskEx.dll - ok

11:36:44.0593 4812 [ 84197F4A9771F1449AECD875ABBD1714 ] C:\Program Files\AVAST Software\Avast\aswLog.dll

11:36:44.0593 4812 C:\Program Files\AVAST Software\Avast\aswLog.dll - ok

11:36:44.0609 4812 [ 2BE7DE09FAFB15D63B0B29CCADAE45F0 ] C:\Program Files\AVAST Software\Avast\aswProperty.dll

11:36:44.0609 4812 C:\Program Files\AVAST Software\Avast\aswProperty.dll - ok

11:36:44.0609 4812 [ DA78BBCACDC47DA176EF73B873F56E5B ] C:\Program Files\AVAST Software\Avast\aswSqLt.dll

11:36:44.0609 4812 C:\Program Files\AVAST Software\Avast\aswSqLt.dll - ok

11:36:44.0609 4812 [ 140160C67EE2CDCFD519B4E748D0D647 ] C:\Program Files\AVAST Software\Avast\Aavm4h.dll

11:36:44.0609 4812 C:\Program Files\AVAST Software\Avast\Aavm4h.dll - ok

11:36:44.0624 4812 [ 2F6762E0EFA2DB10FC1BD016E5173633 ] C:\Program Files\AVAST Software\Avast\AavmRpch.dll

11:36:44.0624 4812 C:\Program Files\AVAST Software\Avast\AavmRpch.dll - ok

11:36:44.0624 4812 [ 62D4ECAE2F624C79CED6FB1616EA0F63 ] C:\Program Files\AVAST Software\Avast\avastIP.dll

11:36:44.0624 4812 C:\Program Files\AVAST Software\Avast\avastIP.dll - ok

11:36:44.0624 4812 [ A90DC9ABD65DB1A8902F361103029952 ] C:\Windows\SysWOW64\IPHLPAPI.DLL

11:36:44.0624 4812 C:\Windows\SysWOW64\IPHLPAPI.DLL - ok

11:36:44.0640 4812 [ FE7C897B1D6C7C1EB1C6D6E012861F03 ] C:\Program Files\AVAST Software\Avast\aswDld.dll

11:36:44.0640 4812 C:\Program Files\AVAST Software\Avast\aswDld.dll - ok

11:36:44.0640 4812 [ 0D16A422EF8C031796B602D7A6B57B3C ] C:\Program Files\AVAST Software\Avast\aswIdle.dll

11:36:44.0640 4812 C:\Program Files\AVAST Software\Avast\aswIdle.dll - ok

11:36:44.0640 4812 [ 88A5CA827BEFFC6B47EEEE2BD277E092 ] C:\Program Files\AVAST Software\Avast\aswStrm.dll

11:36:44.0640 4812 C:\Program Files\AVAST Software\Avast\aswStrm.dll - ok

Link to post
Share on other sites

FC5951A88F3C523E35C2C98D23C0 ] C:\Windows\SysWOW64\webio.dll

11:36:44.0656 4812 C:\Windows\SysWOW64\webio.dll - ok

11:36:44.0656 4812 [ CA9F7888B524D8100B977C81F44C3234 ] C:\Windows\SysWOW64\winhttp.dll

11:36:44.0656 4812 C:\Windows\SysWOW64\winhttp.dll - ok

11:36:44.0656 4812 [ CFF35B879D1618D42C86644C717BA947 ] C:\Windows\SysWOW64\winnsi.dll

11:36:44.0656 4812 C:\Windows\SysWOW64\winnsi.dll - ok

11:36:44.0671 4812 [ F436E847FA799ECD75AD8C313673F450 ] C:\Windows\SysWOW64\cfgmgr32.dll

11:36:44.0671 4812 C:\Windows\SysWOW64\cfgmgr32.dll - ok

11:36:44.0671 4812 [ 262F6592C3299C005FD6BEC90FC4463A ] C:\Windows\System32\schedsvc.dll

11:36:44.0671 4812 C:\Windows\System32\schedsvc.dll - ok

11:36:44.0671 4812 [ 5997D769CDB108390DCFAEBF442BF816 ] C:\Windows\SysWOW64\RpcRtRemote.dll

11:36:44.0671 4812 C:\Windows\SysWOW64\RpcRtRemote.dll - ok

11:36:44.0687 4812 [ A8CDF3768604FF95B54669E20053D569 ] C:\Windows\SysWOW64\wscapi.dll

11:36:44.0687 4812 C:\Windows\SysWOW64\wscapi.dll - ok

11:36:44.0687 4812 [ 8258362DDB18B644A82D8B5061AD9426 ] C:\Windows\SysWOW64\wscisvif.dll

11:36:44.0687 4812 C:\Windows\SysWOW64\wscisvif.dll - ok

11:36:44.0687 4812 [ 4E5FE39C1076D115EC8BFCFE14D75B80 ] C:\Windows\SysWOW64\credssp.dll

11:36:44.0687 4812 C:\Windows\SysWOW64\credssp.dll - ok

11:36:44.0702 4812 [ 7321F18D1F820612ED0E9F2D4B578A7E ] C:\Windows\SysWOW64\cryptsp.dll

11:36:44.0702 4812 C:\Windows\SysWOW64\cryptsp.dll - ok

11:36:44.0702 4812 [ 8999B8631C7FD9F7F9EC3CAFD953BA24 ] C:\Windows\SysWOW64\mswsock.dll

11:36:44.0702 4812 C:\Windows\SysWOW64\mswsock.dll - ok

11:36:44.0702 4812 [ EE5C8E27C37B79CB54A2FCEEED2DC262 ] C:\Windows\SysWOW64\WSHTCPIP.DLL

11:36:44.0702 4812 C:\Windows\SysWOW64\WSHTCPIP.DLL - ok

11:36:44.0718 4812 [ 73E8667A19FEEDD856DF2695E9E511D4 ] C:\Windows\SysWOW64\wship6.dll

11:36:44.0718 4812 C:\Windows\SysWOW64\wship6.dll - ok

11:36:44.0718 4812 [ BC414631876B2F28B8DAB08E849C12C5 ] C:\Windows\System32\ktmw32.dll

11:36:44.0718 4812 C:\Windows\System32\ktmw32.dll - ok

11:36:44.0718 4812 [ 945E54F23C72D37B8CD1987AF0DB63BF ] C:\Windows\System32\fveapi.dll

11:36:44.0718 4812 C:\Windows\System32\fveapi.dll - ok

11:36:44.0718 4812 [ 694865362F0965779F92BCFE97712323 ] C:\Windows\System32\tbs.dll

11:36:44.0718 4812 C:\Windows\System32\tbs.dll - ok

11:36:44.0734 4812 [ 891ECFD08E2C538B7948CBC45106D697 ] C:\Windows\System32\fvecerts.dll

11:36:44.0734 4812 C:\Windows\System32\fvecerts.dll - ok

11:36:44.0734 4812 [ 8269210DAF3B12BC8300631B28A2A442 ] C:\Windows\System32\wiarpc.dll

11:36:44.0734 4812 C:\Windows\System32\wiarpc.dll - ok

11:36:44.0734 4812 [ CB2979C3F152BFE6C4F6AFA1A02695E6 ] C:\Program Files\AVAST Software\Avast\defs\13050600\aswEngin.dll

11:36:44.0734 4812 C:\Program Files\AVAST Software\Avast\defs\13050600\aswEngin.dll - ok

11:36:44.0749 4812 [ 6DC4A7242F565C9E9C9CCC7BB0FA75C7 ] C:\Windows\System32\taskcomp.dll

11:36:44.0749 4812 C:\Windows\System32\taskcomp.dll - ok

11:36:44.0749 4812 [ 64790077F7574E0EB97F3CD2C7B46796 ] C:\Program Files\AVAST Software\Avast\defs\13050600\aswCmnIS.dll

11:36:44.0749 4812 C:\Program Files\AVAST Software\Avast\defs\13050600\aswCmnIS.dll - ok

11:36:44.0765 4812 [ 09C5CB1DEEFFB23C29FDF135C70E506E ] C:\Program Files\AVAST Software\Avast\defs\13050600\aswCmnOS.dll

11:36:44.0765 4812 C:\Program Files\AVAST Software\Avast\defs\13050600\aswCmnOS.dll - ok

11:36:44.0765 4812 [ 62378187B9E30A2DD5333E35D06A6C7D ] C:\Program Files\AVAST Software\Avast\defs\13050600\aswCmnBS.dll

11:36:44.0765 4812 C:\Program Files\AVAST Software\Avast\defs\13050600\aswCmnBS.dll - ok

11:36:44.0765 4812 [ 0EA7DE1ACB728DD5A369FD742D6EEE28 ] C:\Windows\System32\drivers\http.sys

11:36:44.0765 4812 C:\Windows\System32\drivers\http.sys - ok

11:36:44.0780 4812 [ F4B53E84EBD4EDC4938E9B40B583D6FE ] C:\Program Files\AVAST Software\Avast\defs\13050600\aswScan.dll

11:36:44.0780 4812 C:\Program Files\AVAST Software\Avast\defs\13050600\aswScan.dll - ok

11:36:44.0780 4812 [ 631EAABB9F82ACEDF8DE3DD20FD5ACC6 ] C:\Program Files\AVAST Software\Avast\defs\13050600\aswRep.dll

11:36:44.0780 4812 C:\Program Files\AVAST Software\Avast\defs\13050600\aswRep.dll - ok

11:36:44.0796 4812 [ 85DAA09A98C9286D4EA2BA8D0E644377 ] C:\Windows\System32\spoolsv.exe

11:36:44.0796 4812 C:\Windows\System32\spoolsv.exe - ok

11:36:44.0796 4812 [ 27E461F0BE5BFF5FC737328F749538C3 ] C:\Windows\System32\drivers\srvnet.sys

11:36:44.0796 4812 C:\Windows\System32\drivers\srvnet.sys - ok

11:36:44.0796 4812 [ 6C02A83164F5CC0A262F4199F0871CF5 ] C:\Windows\System32\drivers\bowser.sys

11:36:44.0796 4812 C:\Windows\System32\drivers\bowser.sys - ok

11:36:44.0812 4812 [ A5D9106A73DC88564C825D317CAC68AC ] C:\Windows\System32\drivers\mrxsmb.sys

11:36:44.0812 4812 C:\Windows\System32\drivers\mrxsmb.sys - ok

11:36:44.0812 4812 [ D711B3C1D5F42C0C2415687BE09FC163 ] C:\Windows\System32\drivers\mrxsmb10.sys

11:36:44.0812 4812 C:\Windows\System32\drivers\mrxsmb10.sys - ok

11:36:44.0812 4812 [ 9423E9D355C8D303E76B8CFBD8A5C30C ] C:\Windows\System32\drivers\mrxsmb20.sys

11:36:44.0812 4812 C:\Windows\System32\drivers\mrxsmb20.sys - ok

11:36:44.0827 4812 [ B4ADEBBF5E3677CCE9651E0F01F7CC28 ] C:\Windows\System32\drivers\srv2.sys

11:36:44.0827 4812 C:\Windows\System32\drivers\srv2.sys - ok

11:36:44.0827 4812 [ 441FBA48BFF01FDB9D5969EBC1838F0B ] C:\Windows\System32\drivers\srv.sys

11:36:44.0827 4812 C:\Windows\System32\drivers\srv.sys - ok

11:36:44.0827 4812 [ 851A1382EED3E3A7476DB004F4EE3E1A ] C:\Windows\System32\wkssvc.dll

11:36:44.0827 4812 C:\Windows\System32\wkssvc.dll - ok

11:36:44.0827 4812 [ D9F42719019740BAA6D1C6D536CBDAA6 ] C:\Windows\System32\srvsvc.dll

11:36:44.0843 4812 C:\Windows\System32\srvsvc.dll - ok

11:36:44.0843 4812 [ 05F5A0D14A2EE1D8255C2AA0E9E8E694 ] C:\Windows\System32\browser.dll

11:36:44.0843 4812 C:\Windows\System32\browser.dll - ok

11:36:44.0843 4812 [ CFEFA40DDE34659BE5211966EAD86437 ] C:\Windows\System32\netmsg.dll

11:36:44.0843 4812 C:\Windows\System32\netmsg.dll - ok

11:36:44.0843 4812 [ 81749E073AC5857B044A686B406E5244 ] C:\Windows\System32\clusapi.dll

11:36:44.0843 4812 C:\Windows\System32\clusapi.dll - ok

11:36:44.0858 4812 [ FF80CAD87555E8E4D2CFD7B9058343F8 ] C:\Windows\System32\sscore.dll

11:36:44.0858 4812 C:\Windows\System32\sscore.dll - ok

11:36:44.0858 4812 [ 344FCC9850C3A8A3B4D3C65151AF8E4C ] C:\Windows\System32\resutils.dll

11:36:44.0858 4812 C:\Windows\System32\resutils.dll - ok

11:36:44.0858 4812 [ AFB5B500AD69E24ED1BC15D1161641EF ] C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL

11:36:44.0858 4812 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL - ok

11:36:44.0874 4812 [ 88351B29B622B30962D2FEB6CA8D860B ] C:\Windows\System32\rasadhlp.dll

11:36:44.0874 4812 C:\Windows\System32\rasadhlp.dll - ok

11:36:44.0874 4812 [ 2399F8068E969D9C25A05B6F779A790A ] C:\Program Files\AVAST Software\Avast\defs\13050600\aswFiDb.dll

11:36:44.0874 4812 C:\Program Files\AVAST Software\Avast\defs\13050600\aswFiDb.dll - ok

11:36:44.0890 4812 [ BC7D2DE14AB9591FA1DE886C0C701646 ] C:\Program Files\AVAST Software\Avast\defs\13050600\algo.dll

11:36:44.0890 4812 C:\Program Files\AVAST Software\Avast\defs\13050600\algo.dll - ok

11:36:44.0890 4812 [ 01345024BBD84AC68FF872FBB7B7F834 ] C:\Program Files\AVAST Software\Avast\Setup\setiface.dll

11:36:44.0890 4812 C:\Program Files\AVAST Software\Avast\Setup\setiface.dll - ok

11:36:44.0890 4812 [ 29E9794708DF51DB5DC89FB2E903A0F6 ] C:\Windows\SysWOW64\shell32.dll

11:36:44.0890 4812 C:\Windows\SysWOW64\shell32.dll - ok

11:36:44.0905 4812 [ 1474F121C3DF1232D3E7239C03691EE6 ] C:\Program Files (x86)\Adobe\Elements 9 Organizer\PhotoshopElementsFileAgent.exe

11:36:44.0905 4812 C:\Program Files (x86)\Adobe\Elements 9 Organizer\PhotoshopElementsFileAgent.exe - ok

11:36:44.0905 4812 [ A8EDB86FC2A4D6D1285E4C70384AC35A ] C:\Windows\System32\dllhost.exe

11:36:44.0905 4812 C:\Windows\System32\dllhost.exe - ok

11:36:44.0905 4812 [ 14DFDEAF4E589ED3F1FF187A86B9408C ] C:\Windows\winsxs\amd64_microsoft.windows.common-controls_6595b64144ccf1df_5.82.7601.17514_none_a4d6a923711520a9\comctl32.dll

11:36:44.0905 4812 C:\Windows\winsxs\amd64_microsoft.windows.common-controls_6595b64144ccf1df_5.82.7601.17514_none_a4d6a923711520a9\comctl32.dll - ok

11:36:44.0921 4812 [ A0A2C1D812C231C9BFE119FDC68E341B ] C:\Windows\System32\IDStore.dll

11:36:44.0921 4812 C:\Windows\System32\IDStore.dll - ok

11:36:44.0921 4812 [ 639774C9ACD063F028F6084ABF5593AD ] C:\Windows\System32\taskhost.exe

11:36:44.0921 4812 C:\Windows\System32\taskhost.exe - ok

11:36:44.0921 4812 [ 001D7099C3DB8E53A955FF4D66E25AA2 ] C:\Windows\System32\kbd101.dll

11:36:44.0921 4812 C:\Windows\System32\kbd101.dll - ok

11:36:44.0936 4812 [ A1D990022654CFE37E2561E540F0253B ] C:\Windows\System32\kbd106.dll

11:36:44.0936 4812 C:\Windows\System32\kbd106.dll - ok

11:36:44.0936 4812 [ 6D707786D7163383C64F07263BB9478E ] C:\Windows\System32\KBDJPN.DLL

11:36:44.0936 4812 C:\Windows\System32\KBDJPN.DLL - ok

11:36:44.0936 4812 [ 117865AD39587EB4DA218AAF2E559B8C ] C:\Windows\System32\kbdnec.dll

11:36:44.0936 4812 C:\Windows\System32\kbdnec.dll - ok

11:36:44.0952 4812 [ 23566F9723771108D2E6CD768AC27407 ] C:\Windows\System32\AtBroker.exe

11:36:44.0952 4812 C:\Windows\System32\AtBroker.exe - ok

11:36:44.0952 4812 [ 6CEF7856A3EFAC59470F6208F0F585CE ] C:\Windows\System32\mpr.dll

11:36:44.0952 4812 C:\Windows\System32\mpr.dll - ok

11:36:44.0952 4812 [ 45CFBFA8EDC3DF4E2B7FB0D0260FE051 ] C:\Windows\System32\localspl.dll

11:36:44.0952 4812 C:\Windows\System32\localspl.dll - ok

11:36:44.0968 4812 [ BAFE84E637BF7388C96EF48D4D3FDD53 ] C:\Windows\System32\userinit.exe

11:36:44.0968 4812 C:\Windows\System32\userinit.exe - ok

11:36:44.0968 4812 [ F162D5F5E845B9DC352DD1BAD8CEF1BC ] C:\Windows\System32\dwm.exe

11:36:44.0968 4812 C:\Windows\System32\dwm.exe - ok

11:36:44.0968 4812 [ 1F1CA9E99DD5BF918BE0BF30B5A42FDA ] C:\Windows\System32\MsCtfMonitor.dll

11:36:44.0968 4812 C:\Windows\System32\MsCtfMonitor.dll - ok

11:36:44.0983 4812 [ 3285481F5C12305CA104A6C493CA5A0B ] C:\Windows\System32\spoolss.dll

11:36:44.0983 4812 C:\Windows\System32\spoolss.dll - ok

11:36:44.0983 4812 [ FCFCD1101C5DA23B4B95F93D02B2C169 ] C:\Windows\System32\dwmredir.dll

11:36:44.0983 4812 C:\Windows\System32\dwmredir.dll - ok

11:36:44.0983 4812 [ 4BA77A5EF71C14C764B0ED4701683E3E ] C:\Windows\System32\dwmcore.dll

11:36:44.0983 4812 C:\Windows\System32\dwmcore.dll - ok

11:36:44.0999 4812 [ 9AE80F6A66B30E3ED8CDF858CF28B11B ] C:\Windows\System32\d3d10_1.dll

11:36:44.0999 4812 C:\Windows\System32\d3d10_1.dll - ok

11:36:44.0999 4812 [ 63F72417CA38D8FC8F53709649B589E3 ] C:\Windows\System32\d3d10_1core.dll

11:36:44.0999 4812 C:\Windows\System32\d3d10_1core.dll - ok

11:36:44.0999 4812 [ 8DFB5752FCE145A6B295093C0A8BE131 ] C:\Windows\System32\dxgi.dll

11:36:44.0999 4812 C:\Windows\System32\dxgi.dll - ok

11:36:44.0999 4812 [ 448B02AD260EC3E1E892FCE6DFDDEEBD ] C:\Windows\System32\d3d11.dll

11:36:44.0999 4812 C:\Windows\System32\d3d11.dll - ok

11:36:45.0014 4812 [ 332FEAB1435662FC6C672E25BEB37BE3 ] C:\Windows\explorer.exe

11:36:45.0014 4812 C:\Windows\explorer.exe - ok

11:36:45.0014 4812 [ 6D006CAD0E10637BABDB81CC61A2ECE5 ] C:\Windows\System32\igd10umd64.dll

11:36:45.0014 4812 C:\Windows\System32\igd10umd64.dll - ok

11:36:45.0014 4812 [ EED05D42D91835064703E2318552ED25 ] C:\Windows\System32\ExplorerFrame.dll

11:36:45.0014 4812 C:\Windows\System32\ExplorerFrame.dll - ok

11:36:45.0030 4812 [ 465133E1EEFACE2FCB15155ABC96C457 ] C:\Program Files\AVAST Software\Avast\ashShA64.dll

11:36:45.0030 4812 C:\Program Files\AVAST Software\Avast\ashShA64.dll - ok

11:36:45.0030 4812 [ 5EB6E9C8BE1ACC5830780E0F9A846255 ] C:\Windows\System32\msi.dll

11:36:45.0030 4812 C:\Windows\System32\msi.dll - ok

11:36:45.0030 4812 [ 862586AD4B1355F7DCDE111EE0AAF350 ] C:\Windows\System32\d3dx10_40.dll

11:36:45.0030 4812 C:\Windows\System32\d3dx10_40.dll - ok

11:36:45.0046 4812 [ 49E5753D923F1AC63B22D3DCB0B47E00 ] C:\Windows\System32\uDWM.dll

11:36:45.0046 4812 C:\Windows\System32\uDWM.dll - ok

11:36:45.0046 4812 [ 024352FEEC9042260BB4CFB4D79A206B ] C:\Windows\System32\EhStorShell.dll

11:36:45.0046 4812 C:\Windows\System32\EhStorShell.dll - ok

11:36:45.0046 4812 [ 037A719DAD50603202C978CD802623E4 ] C:\Windows\System32\ntshrui.dll

11:36:45.0046 4812 C:\Windows\System32\ntshrui.dll - ok

11:36:45.0061 4812 [ 1BF0CB861A48FEB1638228760750F3CB ] C:\Windows\System32\cscapi.dll

11:36:45.0061 4812 C:\Windows\System32\cscapi.dll - ok

11:36:45.0061 4812 [ 1D63F4366288B8A7595397E27010FD44 ] C:\Windows\System32\IconCodecService.dll

11:36:45.0061 4812 C:\Windows\System32\IconCodecService.dll - ok

11:36:45.0061 4812 [ 025E7DBDB98866ED3CB2D4DDA70B364D ] C:\Windows\System32\runonce.exe

11:36:45.0061 4812 C:\Windows\System32\runonce.exe - ok

11:36:45.0077 4812 [ F93674263F6B07C77956E966953242D9 ] C:\Windows\SysWOW64\secur32.dll

11:36:45.0077 4812 C:\Windows\SysWOW64\secur32.dll - ok

11:36:45.0077 4812 [ D44741F65A1D71F65814A12CF6E2400A ] C:\Windows\SysWOW64\runonce.exe

11:36:45.0077 4812 C:\Windows\SysWOW64\runonce.exe - ok

11:36:45.0077 4812 [ 232C0B9155F6A2C3736A9488F0C456DA ] C:\Program Files (x86)\Adobe\Elements 9 Organizer\platform.DLL

11:36:45.0077 4812 C:\Program Files (x86)\Adobe\Elements 9 Organizer\platform.DLL - ok

11:36:45.0092 4812 [ F09A9A1AD21FE618C4C8B0A0D830C886 ] C:\Windows\System32\msutb.dll

11:36:45.0092 4812 C:\Windows\System32\msutb.dll - ok

11:36:45.0092 4812 [ 0015ACFBBDD164A8A730009908868CA7 ] C:\Windows\System32\winspool.drv

11:36:45.0092 4812 C:\Windows\System32\winspool.drv - ok

11:36:45.0092 4812 [ 65EA57712340C09B1B0C427B4848AE05 ] C:\Windows\System32\taskeng.exe

11:36:45.0092 4812 C:\Windows\System32\taskeng.exe - ok

11:36:45.0108 4812 [ 805A52C5AE26C28E88FDD9BCCFE6F312 ] C:\Windows\System32\TSChannel.dll

11:36:45.0108 4812 C:\Windows\System32\TSChannel.dll - ok

11:36:45.0108 4812 [ C733D233B623B7FFCE5031E4B756EE26 ] C:\Windows\SysWOW64\profapi.dll

11:36:45.0108 4812 C:\Windows\SysWOW64\profapi.dll - ok

11:36:45.0108 4812 [ 3FD15B4611D9BDA3F8013548C0ECAECA ] C:\Windows\SysWOW64\ntmarta.dll

11:36:45.0108 4812 C:\Windows\SysWOW64\ntmarta.dll - ok

11:36:45.0124 4812 [ A8BB45F9ECAD993461E0FEF8E2A99152 ] C:\Windows\SysWOW64\Wldap32.dll

11:36:45.0124 4812 C:\Windows\SysWOW64\Wldap32.dll - ok

11:36:45.0124 4812 [ 3927397AC60D943DAF8808AFFED582B7 ] C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe

11:36:45.0124 4812 C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe - ok

11:36:45.0124 4812 [ 17448AF0BBA9E7AB5EC955AF93F271BD ] C:\Windows\SysWOW64\wintrust.dll

11:36:45.0124 4812 C:\Windows\SysWOW64\wintrust.dll - ok

11:36:45.0139 4812 [ 78779EE07231C658B483B1F38B5088DF ] C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE

11:36:45.0139 4812 C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE - ok

11:36:45.0139 4812 [ 6F8E3B7B70E1BBA871212940C1FBDF60 ] C:\Windows\SysWOW64\SensApi.dll

11:36:45.0139 4812 C:\Windows\SysWOW64\SensApi.dll - ok

11:36:45.0139 4812 [ FF5688D309347F2720911D8796912834 ] C:\Windows\SysWOW64\clbcatq.dll

11:36:45.0139 4812 C:\Windows\SysWOW64\clbcatq.dll - ok

11:36:45.0155 4812 [ EAADD6E47ED2A7003ACE1793B98CF63F ] C:\Windows\SysWOW64\msxml6.dll

11:36:45.0155 4812 C:\Windows\SysWOW64\msxml6.dll - ok

11:36:45.0155 4812 [ 8792BAB371B4B1589E015B6FD1ED3B15 ] C:\Windows\System32\cryptnet.dll

11:36:45.0155 4812 C:\Windows\System32\cryptnet.dll - ok

11:36:45.0155 4812 [ 9C01375BE382E834CC26D1B7EAF2C4FE ] C:\Windows\System32\cryptsvc.dll

11:36:45.0155 4812 C:\Windows\System32\cryptsvc.dll - ok

11:36:45.0170 4812 [ 0E2F58F6E698EDCB9E58FAD0CBCD0567 ] C:\Windows\System32\vssapi.dll

11:36:45.0170 4812 C:\Windows\System32\vssapi.dll - ok

11:36:45.0170 4812 [ ED8EC63F7522DF4852147C84EC62C36A ] C:\Windows\SysWOW64\rsaenh.dll

11:36:45.0170 4812 C:\Windows\SysWOW64\rsaenh.dll - ok

11:36:45.0170 4812 [ 4AB2A58816CC6BE771F1D8C768B804C5 ] C:\Program Files (x86)\Launch Manager\dsiwmis.exe

11:36:45.0170 4812 C:\Program Files (x86)\Launch Manager\dsiwmis.exe - ok

11:36:45.0186 4812 [ B26F4F737E8F9DF4F31AF6CF31D05820 ] C:\Windows\System32\dps.dll

11:36:45.0186 4812 C:\Windows\System32\dps.dll - ok

11:36:45.0186 4812 [ BAAFAF9CEAEC0B73C2A3550A01F6CECB ] C:\Windows\System32\taskschd.dll

11:36:45.0186 4812 C:\Windows\System32\taskschd.dll - ok

11:36:45.0186 4812 [ 6A6B2EE4565A178035BE2A4FF6F2C968 ] C:\Windows\SysWOW64\wtsapi32.dll

11:36:45.0186 4812 C:\Windows\SysWOW64\wtsapi32.dll - ok

11:36:45.0202 4812 [ 10FB16B50AFFDA6D44588F3C445DC273 ] C:\Windows\SysWOW64\setupapi.dll

11:36:45.0202 4812 C:\Windows\SysWOW64\setupapi.dll - ok

11:36:45.0202 4812 [ D15618A0FF8DBC2C5BF3726BACC75A0B ] C:\Windows\SysWOW64\userenv.dll

11:36:45.0202 4812 C:\Windows\SysWOW64\userenv.dll - ok

11:36:45.0217 4812 [ 287923557447D7E4BDD7E65B1F0F5428 ] C:\Windows\System32\vsstrace.dll

11:36:45.0217 4812 C:\Windows\System32\vsstrace.dll - ok

11:36:45.0217 4812 [ 2EEFF4502F5E13B1BED4A04CCAD64C08 ] C:\Windows\SysWOW64\devobj.dll

11:36:45.0217 4812 C:\Windows\SysWOW64\devobj.dll - ok

11:36:45.0217 4812 [ D5AEFAD57C08349A4393D987DF7C715D ] C:\Windows\SysWOW64\winmm.dll

11:36:45.0217 4812 C:\Windows\SysWOW64\winmm.dll - ok

11:36:45.0217 4812 [ 418E881201583A3039D81F43E39E6C78 ] C:\Windows\SysWOW64\winsta.dll

11:36:45.0217 4812 C:\Windows\SysWOW64\winsta.dll - ok

11:36:45.0233 4812 [ 0203706E97B7286EDDBC62B1D16025C3 ] C:\Program Files (x86)\Launch Manager\LMworker.exe

11:36:45.0233 4812 C:\Program Files (x86)\Launch Manager\LMworker.exe - ok

11:36:45.0233 4812 [ 19E41CCCEE697CC9465396B370929792 ] C:\Windows\System32\FXSMON.dll

11:36:45.0233 4812 C:\Windows\System32\FXSMON.dll - ok

11:36:45.0233 4812 [ C5AC93CF3BA30D367FB49148A2B673B9 ] C:\Windows\System32\PrintIsolationProxy.dll

11:36:45.0233 4812 C:\Windows\System32\PrintIsolationProxy.dll - ok

11:36:45.0248 4812 [ 32A3C8600AF124CBAAD845F13CFAE3CB ] C:\Windows\System32\tcpmon.dll

11:36:45.0248 4812 C:\Windows\System32\tcpmon.dll - ok

11:36:45.0248 4812 [ 43964FA89CCF97BA6BE34D69455AC65F ] C:\Windows\SysWOW64\uxtheme.dll

11:36:45.0248 4812 C:\Windows\SysWOW64\uxtheme.dll - ok

11:36:45.0248 4812 [ 93518C6EDE0B61BCBD02BDB02BD05FEE ] C:\Windows\System32\snmpapi.dll

11:36:45.0248 4812 C:\Windows\System32\snmpapi.dll - ok

11:36:45.0264 4812 [ FFF9D00CF16397C64317F213484F94BD ] C:\Windows\System32\wsnmp32.dll

11:36:45.0264 4812 C:\Windows\System32\wsnmp32.dll - ok

11:36:45.0264 4812 [ DF72A9936D0C3F517083119648814B09 ] C:\Windows\System32\usbmon.dll

11:36:45.0264 4812 C:\Windows\System32\usbmon.dll - ok

11:36:45.0264 4812 [ A1D7E3ADCDB07DDB6F423862DCB1A52B ] C:\Windows\System32\WSDMon.dll

11:36:45.0264 4812 C:\Windows\System32\WSDMon.dll - ok

11:36:45.0280 4812 [ F1B205F932F62F94506A5F332C895DAF ] C:\Windows\System32\WSDApi.dll

11:36:45.0280 4812 C:\Windows\System32\WSDApi.dll - ok

11:36:45.0280 4812 [ C55516D98DD5D8F0153C2A9B4227DA86 ] C:\Windows\System32\webservices.dll

11:36:45.0280 4812 C:\Windows\System32\webservices.dll - ok

11:36:45.0280 4812 [ B5055B51BAA0FD0A736A88653DA3C1C0 ] C:\Windows\System32\fundisc.dll

11:36:45.0280 4812 C:\Windows\System32\fundisc.dll - ok

11:36:45.0280 4812 [ 4581716B4BF76ACFD8E167EB0B26D82A ] C:\Windows\System32\fdPnp.dll

11:36:45.0280 4812 C:\Windows\System32\fdPnp.dll - ok

11:36:45.0295 4812 [ 1D626FE2E13C1CE49CA0136CFF214E93 ] C:\Windows\System32\spool\prtprocs\x64\winprint.dll

11:36:45.0295 4812 C:\Windows\System32\spool\prtprocs\x64\winprint.dll - ok

11:36:45.0295 4812 [ 0353B239C28B0E9EBC7FA3D1F6181661 ] C:\Windows\System32\win32spl.dll

11:36:45.0295 4812 C:\Windows\System32\win32spl.dll - ok

11:36:45.0295 4812 [ 507D5567A0A4EE86C4B0CE2CE1777025 ] C:\Windows\System32\inetpp.dll

11:36:45.0295 4812 C:\Windows\System32\inetpp.dll - ok

11:36:45.0311 4812 [ 48425C93B6F36529707206E4FA680CF3 ] C:\Program Files\Acer\Acer ePower Management\ePowerSvc.exe

11:36:45.0311 4812 C:\Program Files\Acer\Acer ePower Management\ePowerSvc.exe - ok

11:36:45.0311 4812 [ A7A8CA53D9C9FD90C07AB0EB38E5316B ] C:\Windows\System32\dbghelp.dll

11:36:45.0311 4812 C:\Windows\System32\dbghelp.dll - ok

11:36:45.0311 4812 [ F29AA7284FBDD313AF9F423D49F9AC89 ] C:\Program Files\Acer\Acer ePower Management\PowerSettingControl.dll

11:36:45.0311 4812 C:\Program Files\Acer\Acer ePower Management\PowerSettingControl.dll - ok

11:36:45.0326 4812 [ CF636C92B762B26F0B39B38E92380A09 ] C:\Windows\System32\oleacc.dll

11:36:45.0326 4812 C:\Windows\System32\oleacc.dll - ok

11:36:45.0326 4812 [ 802496CB59A30349F9A6DD22D6947644 ] C:\Windows\System32\FDResPub.dll

11:36:45.0326 4812 C:\Windows\System32\FDResPub.dll - ok

11:36:45.0326 4812 [ C9B2D1D3F86FD3673EF847DEF73B6F9E ] C:\Program Files (x86)\Acer\Registration\GREGsvc.exe

11:36:45.0326 4812 C:\Program Files (x86)\Acer\Registration\GREGsvc.exe - ok

11:36:45.0342 4812 [ 1EBE9524683C7C4EED8B8BC93FB6FBCC ] C:\Windows\SysWOW64\fltLib.dll

11:36:45.0342 4812 C:\Windows\SysWOW64\fltLib.dll - ok

11:36:45.0342 4812 [ 2FCA0D2C59A855C54BAFA22AA329DF0F ] C:\Windows\SysWOW64\netapi32.dll

11:36:45.0342 4812 C:\Windows\SysWOW64\netapi32.dll - ok

11:36:45.0342 4812 [ 20B3934DB73EABA2B49B7177873CB81F ] C:\Windows\SysWOW64\netutils.dll

11:36:45.0342 4812 C:\Windows\SysWOW64\netutils.dll - ok

11:36:45.0358 4812 [ 5CCDCD40E732D54E0F7451AC66AC1C87 ] C:\Windows\SysWOW64\srvcli.dll

11:36:45.0358 4812 C:\Windows\SysWOW64\srvcli.dll - ok

11:36:45.0358 4812 [ E5A4A1326A02F8E7B59E6C3270CE7202 ] C:\Windows\SysWOW64\wkscli.dll

11:36:45.0358 4812 C:\Windows\SysWOW64\wkscli.dll - ok

11:36:45.0358 4812 [ 93B73DED2BC688F140C6AE2FBAD45789 ] C:\Program Files\Acer\Acer Updater\UpdaterService.exe

11:36:45.0358 4812 C:\Program Files\Acer\Acer Updater\UpdaterService.exe - ok

11:36:45.0358 4812 [ 9E4B0E7472B4CEBA9E17F440B8CB0AB8 ] C:\Windows\SysWOW64\winspool.drv

11:36:45.0358 4812 C:\Windows\SysWOW64\winspool.drv - ok

11:36:45.0373 4812 [ 65085456FD9A74D7F1A999520C299ECB ] C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe

11:36:45.0373 4812 C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe - ok

11:36:45.0373 4812 [ EF39CCCC9AD927A25334AE0B41A8A343 ] C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbam.dll

11:36:45.0373 4812 C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbam.dll - ok

11:36:45.0373 4812 [ 9275F02BEA644F43A459E316A932658F ] C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamnet.dll

11:36:45.0373 4812 C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamnet.dll - ok

11:36:45.0389 4812 [ E0D7732F2D2E24B2DB3F67B6750295B8 ] C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe

11:36:45.0389 4812 C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe - ok

11:36:45.0389 4812 [ 80D8679BF84A9383BFF33E07D5D9FC35 ] C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamcore.dll

11:36:45.0389 4812 C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamcore.dll - ok

11:36:45.0389 4812 [ B9A8CBCFCD3EC9D2EA4740AF347BF108 ] C:\Windows\SysWOW64\mpr.dll

11:36:45.0389 4812 C:\Windows\SysWOW64\mpr.dll - ok

11:36:45.0404 4812 [ D4FAC263861BAE06971C7F7D0A8EBF15 ] C:\Windows\System32\ncsi.dll

11:36:45.0404 4812 C:\Windows\System32\ncsi.dll - ok

11:36:45.0404 4812 [ 8AD77806D336673F270DB31645267293 ] C:\Windows\System32\nlasvc.dll

11:36:45.0404 4812 C:\Windows\System32\nlasvc.dll - ok

11:36:45.0404 4812 [ 1873214666F6F0A883742DF91FBC48C9 ] C:\Program Files (x86)\NTI\Acer Backup Manager\IScheduleSvc.exe

11:36:45.0404 4812 C:\Program Files (x86)\NTI\Acer Backup Manager\IScheduleSvc.exe - ok

11:36:45.0420 4812 [ 58F4493BF748A3A89689997B7BD00E95 ] C:\Windows\System32\winhttp.dll

11:36:45.0420 4812 C:\Windows\System32\winhttp.dll - ok

11:36:45.0420 4812 [ 8E01332CC4B68BC6B5B7EFFE374442AA ] C:\Windows\SysWOW64\oleacc.dll

11:36:45.0420 4812 C:\Windows\SysWOW64\oleacc.dll - ok

11:36:45.0420 4812 [ 7DD3B82EABFCF8CB82E39E2E9547C0A1 ] C:\Program Files (x86)\NTI\Acer Backup Manager\Pehook.dll

11:36:45.0420 4812 C:\Program Files (x86)\NTI\Acer Backup Manager\Pehook.dll - ok

11:36:45.0436 4812 [ 68769C3356B3BE5D1C732C97B9A80D6E ] C:\Windows\System32\drivers\PEAuth.sys

11:36:45.0436 4812 C:\Windows\System32\drivers\PEAuth.sys - ok

11:36:45.0436 4812 [ 3AEAA8B561E63452C655DC0584922257 ] C:\Windows\System32\pcasvc.dll

11:36:45.0436 4812 C:\Windows\System32\pcasvc.dll - ok

11:36:45.0436 4812 [ 603EBD34E216C5654A2D774EAC98D278 ] C:\Windows\System32\webio.dll

11:36:45.0436 4812 C:\Windows\System32\webio.dll - ok

11:36:45.0451 4812 [ B2DB6ABA2E292235749B80A9C3DFA867 ] C:\Windows\SysWOW64\imagehlp.dll

11:36:45.0451 4812 C:\Windows\SysWOW64\imagehlp.dll - ok

11:36:45.0451 4812 [ 5C304121590B578916B1B658707CD38A ] C:\Program Files (x86)\NTI\Acer Backup Manager\ISchedule.dll

11:36:45.0451 4812 C:\Program Files (x86)\NTI\Acer Backup Manager\ISchedule.dll - ok

11:36:45.0467 4812 [ 1727B2A2F379A32B864C096FA794AADC ] C:\Windows\System32\aepic.dll

11:36:45.0467 4812 C:\Windows\System32\aepic.dll - ok

11:36:45.0467 4812 [ C6DCD1D11ED6827F05C00773C3E7053C ] C:\Windows\System32\sfc.dll

11:36:45.0467 4812 C:\Windows\System32\sfc.dll - ok

11:36:45.0467 4812 [ 895C9AB0A855547445C4181195230757 ] C:\Windows\System32\sfc_os.dll

11:36:45.0467 4812 C:\Windows\System32\sfc_os.dll - ok

11:36:45.0482 4812 [ 205E1B699FD3F2F9B036EEA2EC30C620 ] C:\Windows\SysWOW64\PnkBstrA.exe

11:36:45.0482 4812 C:\Windows\SysWOW64\PnkBstrA.exe - ok

11:36:45.0482 4812 [ 2BBF3FDB70B8965DFA0258CBAB41ECCE ] C:\Windows\System32\ssdpapi.dll

11:36:45.0482 4812 C:\Windows\System32\ssdpapi.dll - ok

11:36:45.0482 4812 [ 898617D27DD24D3E426F08D462521C9C ] C:\Program Files (x86)\NTI\Acer Backup Manager\SyncDll.dll

11:36:45.0482 4812 C:\Program Files (x86)\NTI\Acer Backup Manager\SyncDll.dll - ok

11:36:45.0482 4812 [ 3EA8A16169C26AFBEB544E0E48421186 ] C:\Windows\System32\drivers\secdrv.sys

11:36:45.0482 4812 C:\Windows\System32\drivers\secdrv.sys - ok

11:36:45.0498 4812 [ BDAC1AA64495D0F7E1FF810EBBF1F018 ] C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_5.82.7601.17514_none_ec83dffa859149af\comctl32.dll

11:36:45.0498 4812 C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_5.82.7601.17514_none_ec83dffa859149af\comctl32.dll - ok

11:36:45.0498 4812 [ C6CC9297BD53E5229653303E556AA539 ] C:\Windows\System32\drivers\Sftfslh.sys

11:36:45.0498 4812 C:\Windows\System32\drivers\Sftfslh.sys - ok

11:36:45.0514 4812 [ C3CDDD18F43D44AB713CF8C4916F7696 ] C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe

11:36:45.0514 4812 C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe - ok

11:36:45.0514 4812 [ 390AA7BC52CEE43F6790CDEA1E776703 ] C:\Windows\System32\drivers\Sftplaylh.sys

11:36:45.0514 4812 C:\Windows\System32\drivers\Sftplaylh.sys - ok

11:36:45.0514 4812 [ 47DAACCB81F4FA958F4DE5855827DF22 ] C:\Program Files (x86)\NTI\Acer Backup Manager\sqlite3.dll

11:36:45.0514 4812 C:\Program Files (x86)\NTI\Acer Backup Manager\sqlite3.dll - ok

11:36:45.0529 4812 [ 0C1B2E3A897397738D9F81CD3D152AF0 ] C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe

11:36:45.0529 4812 C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe - ok

11:36:45.0529 4812 [ 37B499357915EA3E7F958EA2FF826D4B ] C:\Program Files (x86)\NTI\Acer Backup Manager\agent_stub.dll

11:36:45.0529 4812 C:\Program Files (x86)\NTI\Acer Backup Manager\agent_stub.dll - ok

11:36:45.0529 4812 [ E06E026FD9F20E8865E6A500E4726C45 ] C:\Program Files (x86)\NTI\Acer Backup Manager\ACE.dll

11:36:45.0529 4812 C:\Program Files (x86)\NTI\Acer Backup Manager\ACE.dll - ok

11:36:45.0545 4812 [ 39C5F32747B3414D1BB216FDB1DEFC58 ] C:\Windows\SysWOW64\dwmapi.dll

11:36:45.0545 4812 C:\Windows\SysWOW64\dwmapi.dll - ok

11:36:45.0545 4812 [ 8B4DBEEF5D88009AF0CFF29DE6729951 ] C:\Program Files (x86)\NTI\Acer Backup Manager\OutlookDispatch.dll

11:36:45.0545 4812 C:\Program Files (x86)\NTI\Acer Backup Manager\OutlookDispatch.dll - ok

11:36:45.0545 4812 [ CAC95D2C86A75D78EF6E0E9382392E95 ] C:\Program Files\AVAST Software\Avast\AhResBhv.dll

11:36:45.0560 4812 C:\Program Files\AVAST Software\Avast\AhResBhv.dll - ok

11:36:45.0560 4812 [ B96C4A4B84EA2CAA5E728B0373EE559E ] C:\Program Files\AVAST Software\Avast\AhResJs.dll

11:36:45.0560 4812 C:\Program Files\AVAST Software\Avast\AhResJs.dll - ok

11:36:45.0560 4812 [ C429C1E26B9F38CB7A5F4DF13A4BBC57 ] C:\Program Files\AVAST Software\Avast\AhResMai.dll

11:36:45.0560 4812 C:\Program Files\AVAST Software\Avast\AhResMai.dll - ok

11:36:45.0576 4812 [ F50D3E9B6E2B457F2BFED8F5EB4ED59A ] C:\Program Files (x86)\Launch Manager\NTKCUtl.dll

11:36:45.0576 4812 C:\Program Files (x86)\Launch Manager\NTKCUtl.dll - ok

11:36:45.0576 4812 [ 9BB99503D6A4DD62569EDE9E5E2672A5 ] C:\Windows\System32\HotStartUserAgent.dll

11:36:45.0576 4812 C:\Windows\System32\HotStartUserAgent.dll - ok

11:36:45.0576 4812 [ 94EEAC26F57811BD1AEFC164412F7FCE ] C:\Windows\System32\PlaySndSrv.dll

11:36:45.0576 4812 C:\Windows\System32\PlaySndSrv.dll - ok

11:36:45.0592 4812 [ 210FCACAF902B2CD47CF9FD17D846146 ] C:\Windows\System32\aeevts.dll

11:36:45.0592 4812 C:\Windows\System32\aeevts.dll - ok

11:36:45.0592 4812 [ 424E19980318AE562FFE3948649AFD65 ] C:\Program Files (x86)\Launch Manager\LMutilps32.exe

11:36:45.0592 4812 C:\Program Files (x86)\Launch Manager\LMutilps32.exe - ok

11:36:45.0592 4812 [ 68ECCA523ED760AAFC03C5D587569859 ] C:\Windows\SysWOW64\samcli.dll

11:36:45.0592 4812 C:\Windows\SysWOW64\samcli.dll - ok

11:36:45.0607 4812 [ 352CC5F802D8EDE1FAAE6D3E50664958 ] C:\Program Files (x86)\Launch Manager\LmSmbKel.dll

11:36:45.0607 4812 C:\Program Files (x86)\Launch Manager\LmSmbKel.dll - ok

11:36:45.0607 4812 [ CA6ADE4F7761BB15B3325356DC3B82BB ] C:\Windows\winsxs\x86_microsoft.vc90.mfc_1fc8b3b9a1e18e3b_9.0.30729.6161_none_4bf7e3e2bf9ada4c\mfc90u.dll

11:36:45.0607 4812 C:\Windows\winsxs\x86_microsoft.vc90.mfc_1fc8b3b9a1e18e3b_9.0.30729.6161_none_4bf7e3e2bf9ada4c\mfc90u.dll - ok

11:36:45.0607 4812 [ 78F62B741B80433065EEC2DFDC273A55 ] C:\Program Files (x86)\NTI\Acer Backup Manager\BookmarkDLL.dll

11:36:45.0607 4812 C:\Program Files (x86)\NTI\Acer Backup Manager\BookmarkDLL.dll - ok

11:36:45.0623 4812 [ 18AB2E5A40064ED5F7791AC5946A90F3 ] C:\Windows\SysWOW64\msimg32.dll

11:36:45.0623 4812 C:\Windows\SysWOW64\msimg32.dll - ok

11:36:45.0623 4812 [ 4514F3F5D641F7F3BC7C655B07DC67B0 ] C:\Program Files (x86)\NTI\Acer Backup Manager\WinSetDLL.dll

11:36:45.0623 4812 C:\Program Files (x86)\NTI\Acer Backup Manager\WinSetDLL.dll - ok

11:36:45.0623 4812 [ 66F1BF58843E814AA0ACF586CFD8E94B ] C:\Program Files (x86)\NTI\Acer Backup Manager\MailConverter32.dll

11:36:45.0623 4812 C:\Program Files (x86)\NTI\Acer Backup Manager\MailConverter32.dll - ok

11:36:45.0623 4812 [ 8BC9DB92C4B2F3BE89185BEAB2AFC1F6 ] C:\Windows\SysWOW64\mapi32.dll

11:36:45.0623 4812 C:\Windows\SysWOW64\mapi32.dll - ok

11:36:45.0638 4812 [ 021B54CF2CCA4AD82735E7CFBDC26DF8 ] C:\Program Files (x86)\NTI\Acer Backup Manager\VssAgent.dll

11:36:45.0638 4812 C:\Program Files (x86)\NTI\Acer Backup Manager\VssAgent.dll - ok

11:36:45.0638 4812 [ 13337A3FB17F2242487FD45488ED0485 ] C:\Windows\SysWOW64\vssapi.dll

11:36:45.0638 4812 C:\Windows\SysWOW64\vssapi.dll - ok

11:36:45.0638 4812 [ F10E5311E5093FA3C00FF88C54C32FCA ] C:\Windows\SysWOW64\atl.dll

11:36:45.0638 4812 C:\Windows\SysWOW64\atl.dll - ok

11:36:45.0654 4812 [ B940289C83121046BD6A60ACC6028593 ] C:\Windows\SysWOW64\vsstrace.dll

11:36:45.0654 4812 C:\Windows\SysWOW64\vsstrace.dll - ok

11:36:45.0654 4812 [ FBFCA1A574D47EE575448B719CBBF2E4 ] C:\Windows\winsxs\x86_microsoft.vc90.mfcloc_1fc8b3b9a1e18e3b_9.0.30729.6161_none_49768ef57548175e\MFC90ENU.DLL

11:36:45.0654 4812 C:\Windows\winsxs\x86_microsoft.vc90.mfcloc_1fc8b3b9a1e18e3b_9.0.30729.6161_none_49768ef57548175e\MFC90ENU.DLL - ok

11:36:45.0654 4812 [ 2765C3512F3E320930018ECEC41785E5 ] C:\Program Files\AVAST Software\Avast\AhResMes.dll

11:36:45.0654 4812 C:\Program Files\AVAST Software\Avast\AhResMes.dll - ok

11:36:45.0670 4812 [ CCE5ECDA068BBFFA12F2140C2C42FF51 ] C:\Program Files\AVAST Software\Avast\AhResNS.dll

11:36:45.0670 4812 C:\Program Files\AVAST Software\Avast\AhResNS.dll - ok

11:36:45.0670 4812 [ DF927212DA391CDD500CC9B3557154DE ] C:\Program Files\AVAST Software\Avast\AhResP2P.dll

11:36:45.0670 4812 C:\Program Files\AVAST Software\Avast\AhResP2P.dll - ok

11:36:45.0670 4812 [ 7C15061CD0372487903B07B9BB03AFAD ] C:\Program Files (x86)\Skype\Updater\Updater.exe

11:36:45.0670 4812 C:\Program Files (x86)\Skype\Updater\Updater.exe - ok

11:36:45.0685 4812 [ 1B16D0BD9841794A6E0CDE0CEF744ABC ] C:\Windows\System32\drivers\tcpipreg.sys

11:36:45.0685 4812 C:\Windows\System32\drivers\tcpipreg.sys - ok

11:36:45.0685 4812 [ BF9CCC0BF39B418C8D0AE8B05CF95B7D ] C:\Windows\System32\sysmain.dll

11:36:45.0685 4812 C:\Windows\System32\sysmain.dll - ok

11:36:45.0685 4812 [ 8DD52E8E6128F4B2DA92CE27402871C1 ] C:\Windows\System32\wiaservc.dll

11:36:45.0685 4812 C:\Windows\System32\wiaservc.dll - ok

11:36:45.0701 4812 [ 0364256B4A2A93A8C8CDA6B3B5A0EFF5 ] C:\Windows\System32\wiatrace.dll

11:36:45.0701 4812 C:\Windows\System32\wiatrace.dll - ok

11:36:45.0701 4812 [ 13693B6354DD6E72DC5131DA7D764B90 ] C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe

11:36:45.0701 4812 C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe - ok

11:36:45.0701 4812 [ 7E7AFD841694F6AC397E99D75CEAD49D ] C:\Windows\System32\trkwks.dll

11:36:45.0701 4812 C:\Windows\System32\trkwks.dll - ok

11:36:45.0716 4812 [ 19B07E7E8915D701225DA41CB3877306 ] C:\Windows\System32\wbem\WMIsvc.dll

11:36:45.0716 4812 C:\Windows\System32\wbem\WMIsvc.dll - ok

11:36:45.0716 4812 [ 7DB5AA22A8A8E5C2D335F44853C1F6DE ] C:\Windows\System32\wbemcomn.dll

11:36:45.0716 4812 C:\Windows\System32\wbemcomn.dll - ok

11:36:45.0716 4812 [ 6177E1A8F215576A56D437B48A00848B ] C:\Program Files (x86)\Microsoft Application Virtualization Client\sftsync.dll

11:36:45.0716 4812 C:\Program Files (x86)\Microsoft Application Virtualization Client\sftsync.dll - ok

11:36:45.0732 4812 [ 295E1F2BC1AFDAFD98FF426BCE524BA9 ] C:\Program Files (x86)\Microsoft Application Virtualization Client\sftuser.dll

11:36:45.0732 4812 C:\Program Files (x86)\Microsoft Application Virtualization Client\sftuser.dll - ok

11:36:45.0732 4812 [ A733CC986EB51F8FBF598B981DC19FBA ] C:\Program Files (x86)\Microsoft Application Virtualization Client\sftcore.dll

11:36:45.0732 4812 C:\Program Files (x86)\Microsoft Application Virtualization Client\sftcore.dll - ok

11:36:45.0732 4812 [ A3F5E8EC1316C3E2562B82694A251C9E ] C:\Windows\System32\wbem\fastprox.dll

11:36:45.0732 4812 C:\Windows\System32\wbem\fastprox.dll - ok

11:36:45.0748 4812 [ 0255C22D99602534F15CBB8D9B6F152F ] C:\Windows\System32\wbem\WinMgmtR.dll

11:36:45.0748 4812 C:\Windows\System32\wbem\WinMgmtR.dll - ok

11:36:45.0748 4812 [ 0C52762C606BCF6A377D5E4688191A6B ] C:\Windows\System32\wbem\WmiDcPrv.dll

11:36:45.0748 4812 C:\Windows\System32\wbem\WmiDcPrv.dll - ok

11:36:45.0748 4812 [ EE26D130808D16C0E417BBBED0451B34 ] C:\Windows\System32\ntdsapi.dll

11:36:45.0748 4812 C:\Windows\System32\ntdsapi.dll - ok

11:36:45.0763 4812 [ 666A60F6F5E719856FF6254E0966EFF7 ] C:\Windows\System32\wbem\wbemprox.dll

11:36:45.0763 4812 C:\Windows\System32\wbem\wbemprox.dll - ok

11:36:45.0763 4812 [ 5EB55F661DEBF156E126160BCD4D89F8 ] C:\Windows\System32\wbem\wbemcore.dll

11:36:45.0763 4812 C:\Windows\System32\wbem\wbemcore.dll - ok

11:36:45.0763 4812 [ 087D8668C71634A3A3761135ABF16EEE ] C:\Windows\System32\wbem\esscli.dll

11:36:45.0763 4812 C:\Windows\System32\wbem\esscli.dll - ok

11:36:45.0779 4812 [ 352B3DC62A0D259A82A052238425C872 ] C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2\comctl32.dll

11:36:45.0779 4812 C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2\comctl32.dll - ok

11:36:45.0779 4812 [ 718B6F51AB7F6FE2988A36868F9AD3AB ] C:\Windows\System32\wbem\wbemsvc.dll

11:36:45.0779 4812 C:\Windows\System32\wbem\wbemsvc.dll - ok

11:36:45.0779 4812 [ 0143DB80DACFB7C2B5B7009ED9063353 ] C:\Windows\System32\wbem\wmiutils.dll

11:36:45.0779 4812 C:\Windows\System32\wbem\wmiutils.dll - ok

11:36:45.0794 4812 [ 47427F7F6AB31CD8813737A08082BED6 ] C:\Program Files\AVAST Software\Avast\AhResStd.dll

11:36:45.0794 4812 C:\Program Files\AVAST Software\Avast\AhResStd.dll - ok

11:36:45.0794 4812 [ 92CEF77A86B33BCBD80CB1E6849FBFE1 ] C:\Program Files\AVAST Software\Avast\AhResWS.dll

11:36:45.0794 4812 C:\Program Files\AVAST Software\Avast\AhResWS.dll - ok

11:36:45.0794 4812 [ 9A85ABCE0FDD1AF8E79E731EB0B679F3 ] C:\Windows\SysWOW64\dhcpcsvc.dll

11:36:45.0794 4812 C:\Windows\SysWOW64\dhcpcsvc.dll - ok

11:36:45.0810 4812 [ 81F6C1AE23B1C493D9E996C3103915D7 ] C:\Windows\SysWOW64\dhcpcsvc6.dll

11:36:45.0810 4812 C:\Windows\SysWOW64\dhcpcsvc6.dll - ok

11:36:45.0810 4812 [ B010CF886420EE29C2C276646721D255 ] C:\Windows\SysWOW64\wlanapi.dll

11:36:45.0810 4812 C:\Windows\SysWOW64\wlanapi.dll - ok

11:36:45.0810 4812 [ 1D6A771D1D702AE07919DB52C889A249 ] C:\Windows\SysWOW64\wlanutil.dll

11:36:45.0810 4812 C:\Windows\SysWOW64\wlanutil.dll - ok

11:36:45.0810 4812 [ 506708142BC63DABA64F2D3AD1DCD5BF ] C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

11:36:45.0810 4812 C:\Program Files (x86)\Google\Update\GoogleUpdate.exe - ok

11:36:45.0826 4812 [ 0AB34456654C283DAA13B8D2BA21439B ] C:\Windows\System32\wbem\repdrvfs.dll

11:36:45.0826 4812 C:\Windows\System32\wbem\repdrvfs.dll - ok

11:36:45.0826 4812 [ EAB975DB4C2805927FE5BD047D05C9AA ] C:\Windows\SysWOW64\netshell.dll

11:36:45.0826 4812 C:\Windows\SysWOW64\netshell.dll - ok

11:36:45.0826 4812 [ 0BA65122FFA7E37564EE86422DBF7AE8 ] C:\Windows\SysWOW64\nlaapi.dll

11:36:45.0826 4812 C:\Windows\SysWOW64\nlaapi.dll - ok

11:36:45.0841 4812 [ 32BFCF1CA719F2A3A31C721BD5F90303 ] C:\Program Files (x86)\Microsoft Application Virtualization Client\sftpsr.dll

11:36:45.0841 4812 C:\Program Files (x86)\Microsoft Application Virtualization Client\sftpsr.dll - ok

11:36:45.0841 4812 [ 40EE4E67311F4019CCA2120D88C60576 ] C:\Program Files (x86)\Microsoft Application Virtualization Client\sftfsi_wow64.dll

11:36:45.0841 4812 C:\Program Files (x86)\Microsoft Application Virtualization Client\sftfsi_wow64.dll - ok

11:36:45.0841 4812 [ 09AB81CEE443569D9A3CC151DDF70444 ] C:\Program Files (x86)\Microsoft Application Virtualization Client\sftcomp.dll

11:36:45.0841 4812 C:\Program Files (x86)\Microsoft Application Virtualization Client\sftcomp.dll - ok

11:36:45.0857 4812 [ 8EA53101FF2B15BDFF934B62A8FB326D ] C:\Windows\SysWOW64\logoncli.dll

11:36:45.0857 4812 C:\Windows\SysWOW64\logoncli.dll - ok

11:36:45.0857 4812 [ A6C29DB53ECA94FA8591C5388D604B82 ] C:\Windows\SysWOW64\msi.dll

11:36:45.0857 4812 C:\Windows\SysWOW64\msi.dll - ok

11:36:45.0857 4812 [ 617E29A0B0A2807466560D4C4E338D3E ] C:\Windows\System32\drivers\Sftredirlh.sys

11:36:45.0857 4812 C:\Windows\System32\drivers\Sftredirlh.sys - ok

11:36:45.0872 4812 [ 3D3CBD1847F980FB03343A63671E7886 ] C:\Windows\SysWOW64\schannel.dll

11:36:45.0872 4812 C:\Windows\SysWOW64\schannel.dll - ok

11:36:45.0872 4812 [ F11A57E91FDAECFB41A5CB21EB1EBC8E ] C:\Windows\System32\dssenh.dll

11:36:45.0872 4812 C:\Windows\System32\dssenh.dll - ok

11:36:45.0872 4812 [ 2E5672EEA419A4DC9DACD714632E1DC3 ] C:\Program Files (x86)\Google\Update\1.3.21.135\goopdate.dll

11:36:45.0872 4812 C:\Program Files (x86)\Google\Update\1.3.21.135\goopdate.dll - ok

11:36:45.0888 4812 [ 465BEA35F7ED4A4A57686DEA7EA10F47 ] C:\Windows\SysWOW64\cscapi.dll

11:36:45.0888 4812 C:\Windows\SysWOW64\cscapi.dll - ok

11:36:45.0888 4812 [ 53223B673A3FA2F9A4D1C31C8D3F6CD8 ] C:\Windows\SysWOW64\dbghelp.dll

11:36:45.0888 4812 C:\Windows\SysWOW64\dbghelp.dll - ok

11:36:45.0888 4812 [ EB5EBE7CC58C1E66AFAC1064FBD7DB21 ] C:\Program Files (x86)\Acer\clear.fi\MVP\clear.fiAgent.exe

11:36:45.0888 4812 C:\Program Files (x86)\Acer\clear.fi\MVP\clear.fiAgent.exe - ok

11:36:45.0888 4812 [ 12C45E3CB6D65F73209549E2D02ECA7A ] C:\Windows\SysWOW64\propsys.dll

11:36:45.0888 4812 C:\Windows\SysWOW64\propsys.dll - ok

11:36:45.0904 4812 [ E2C48CD0132D4D1DC7D0DF9A6BEF686A ] C:\Windows\winsxs\x86_microsoft.vc80.mfc_1fc8b3b9a1e18e3b_8.0.50727.6195_none_cbf5e994470a1a8f\mfc80u.dll

11:36:45.0904 4812 C:\Windows\winsxs\x86_microsoft.vc80.mfc_1fc8b3b9a1e18e3b_8.0.50727.6195_none_cbf5e994470a1a8f\mfc80u.dll - ok

11:36:45.0904 4812 [ AD7B9C14083B52BC532FBA5948342B98 ] C:\Windows\SysWOW64\cmd.exe

11:36:45.0904 4812 C:\Windows\SysWOW64\cmd.exe - ok

11:36:45.0904 4812 [ C9564CF4976E7E96B4052737AA2492B4 ] C:\Windows\winsxs\x86_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.6195_none_d09154e044272b9a\msvcr80.dll

11:36:45.0904 4812 C:\Windows\winsxs\x86_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.6195_none_d09154e044272b9a\msvcr80.dll - ok

11:36:45.0919 4812 [ 28A09777D2D952122567A8A82F1A2C7B ] C:\Windows\winsxs\x86_microsoft.vc80.mfcloc_1fc8b3b9a1e18e3b_8.0.50727.6195_none_03ce2c72205943d3\mfc80ENU.dll

11:36:45.0919 4812 C:\Windows\winsxs\x86_microsoft.vc80.mfcloc_1fc8b3b9a1e18e3b_8.0.50727.6195_none_03ce2c72205943d3\mfc80ENU.dll - ok

11:36:45.0919 4812 [ 326C7F76A29897A892AA7726E91C1C67 ] C:\Windows\SysWOW64\winbrand.dll

11:36:45.0919 4812 C:\Windows\SysWOW64\winbrand.dll - ok

11:36:45.0919 4812 [ DFE118C95C6571B87D1923DAB3FA0A77 ] C:\Windows\SysWOW64\ieframe.dll

11:36:45.0919 4812 C:\Windows\SysWOW64\ieframe.dll - ok

11:36:45.0935 4812 [ BE247AE996A9FDE007A27B51413A6C79 ] C:\Windows\SysWOW64\shdocvw.dll

11:36:45.0935 4812 C:\Windows\SysWOW64\shdocvw.dll - ok

11:36:45.0935 4812 [ CE71B9119A258EDD0A05B37D7B0F92E3 ] C:\Windows\SysWOW64\bcrypt.dll

11:36:45.0935 4812 C:\Windows\SysWOW64\bcrypt.dll - ok

11:36:45.0935 4812 [ BF6D6ED5FADCEEE885BD0144ECF1BA27 ] C:\Windows\SysWOW64\ncrypt.dll

11:36:45.0935 4812 C:\Windows\SysWOW64\ncrypt.dll - ok

11:36:45.0950 4812 [ AAC3C0194EEBA939E18590411130CF43 ] C:\Program Files\AVAST Software\Avast\defs\13050600\ArPot.dll

11:36:45.0950 4812 C:\Program Files\AVAST Software\Avast\defs\13050600\ArPot.dll - ok

11:36:45.0950 4812 [ 43983B7C77E9B9026A537CEA4A0BFAE7 ] C:\Program Files\AVAST Software\Avast\ashMaiSv.dll

11:36:45.0950 4812 C:\Program Files\AVAST Software\Avast\ashMaiSv.dll - ok

11:36:45.0950 4812 [ 44BD658E0E4D21C42023AD9EBEFFDB90 ] C:\Program Files\AVAST Software\Avast\ssleay32.dll

11:36:45.0950 4812 C:\Program Files\AVAST Software\Avast\ssleay32.dll - ok

11:36:45.0966 4812 [ D1D5DAB39DCB4BE0359943738D87409B ] C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe

11:36:45.0966 4812 C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe - ok

11:36:45.0966 4812 [ 27858FC69699525E36F8810498C304CA ] C:\Program Files\AVAST Software\Avast\snxhk.dll

11:36:45.0966 4812 C:\Program Files\AVAST Software\Avast\snxhk.dll - ok

11:36:45.0966 4812 [ D6692338B985D4A0CA52B828314D897D ] C:\Windows\SysWOW64\drprov.dll

11:36:45.0966 4812 C:\Windows\SysWOW64\drprov.dll - ok

11:36:45.0966 4812 [ D7B7159BC8374E87D8C45A30377A3440 ] C:\Windows\SysWOW64\ntlanman.dll

11:36:45.0966 4812 C:\Windows\SysWOW64\ntlanman.dll - ok

11:36:45.0982 4812 [ 284B59D7B56FC76C80E622AB856B1FAB ] C:\Windows\SysWOW64\davclnt.dll

11:36:45.0982 4812 C:\Windows\SysWOW64\davclnt.dll - ok

11:36:45.0982 4812 [ 179BECE8D1A4C488DDB7191FF9BE3FB0 ] C:\Windows\SysWOW64\davhlpr.dll

11:36:45.0982 4812 C:\Windows\SysWOW64\davhlpr.dll - ok

11:36:45.0982 4812 [ 72794D112CBAFF3BC0C29BF7350D4741 ] C:\Program Files (x86)\Common Files\microsoft shared\Virtualization Handler\CVHSVC.EXE

11:36:45.0982 4812 C:\Program Files (x86)\Common Files\microsoft shared\Virtualization Handler\CVHSVC.EXE - ok

11:36:45.0997 4812 [ C797D1677BA81306AFBB9FA8A9A8F483 ] C:\Program Files (x86)\Common Files\microsoft shared\Virtualization Handler\CVHSHARED.DLL

11:36:45.0997 4812 C:\Program Files (x86)\Common Files\microsoft shared\Virtualization Handler\CVHSHARED.DLL - ok

11:36:45.0997 4812 [ 0AF30ECA4206132935F3F657B5C7E290 ] C:\Program Files (x86)\Acer\clear.fi\MVP\clear.fi.exe

11:36:45.0997 4812 C:\Program Files (x86)\Acer\clear.fi\MVP\clear.fi.exe - ok

11:36:45.0997 4812 [ B5B06B8CBF0BFDA9B124492A85073AFC ] C:\Program Files (x86)\Acer\clear.fi\MVP\Kernel\Common\CLRCEngine3.dll

11:36:46.0013 4812 C:\Program Files (x86)\Acer\clear.fi\MVP\Kernel\Common\CLRCEngine3.dll - ok

11:36:46.0013 4812 [ 2F0C9E130774CE34EB7F16A2C74BEABE ] C:\Program Files (x86)\Acer\clear.fi\MVP\Kernel\DMR\DMREngine.exe

11:36:46.0013 4812 C:\Program Files (x86)\Acer\clear.fi\MVP\Kernel\DMR\DMREngine.exe - ok

11:36:46.0013 4812 [ 1F5AFD468EB5E09E9ED75A087529EAB5 ] C:\Windows\winsxs\x86_microsoft.vc80.mfc_1fc8b3b9a1e18e3b_8.0.50727.6195_none_cbf5e994470a1a8f\mfc80.dll

11:36:46.0013 4812 C:\Windows\winsxs\x86_microsoft.vc80.mfc_1fc8b3b9a1e18e3b_8.0.50727.6195_none_cbf5e994470a1a8f\mfc80.dll - ok

11:36:46.0028 4812 [ E8449FE262D7406BCB2AC2A45C53EC5F ] C:\Windows\SysWOW64\bcryptprimitives.dll

11:36:46.0028 4812 C:\Windows\SysWOW64\bcryptprimitives.dll - ok

11:36:46.0028 4812 [ 8ED6DA45BAB5CFC809229F26D4D4A2CE ] C:\Program Files\AVAST Software\Avast\libeay32.dll

11:36:46.0028 4812 C:\Program Files\AVAST Software\Avast\libeay32.dll - ok

11:36:46.0028 4812 [ 08BF8C83B5F3DD9D0707E7B9CD7F66F1 ] C:\Program Files (x86)\Acer\clear.fi\MVP\Kernel\DMR\CLNetMediaDMA.dll

11:36:46.0028 4812 C:\Program Files (x86)\Acer\clear.fi\MVP\Kernel\DMR\CLNetMediaDMA.dll - ok

11:36:46.0044 4812 [ 46A6BA9274D075A2C30025C4E96D875A ] C:\Windows\SysWOW64\msvcp60.dll

11:36:46.0044 4812 C:\Windows\SysWOW64\msvcp60.dll - ok

11:36:46.0044 4812 [ 681929C57401E17844C1D2E8D88A3EF2 ] C:\Program Files (x86)\Acer\clear.fi Client\ExtractDeviceIcon.exe

11:36:46.0044 4812 C:\Program Files (x86)\Acer\clear.fi Client\ExtractDeviceIcon.exe - ok

11:36:46.0044 4812 [ 96699C339746C19108DABF5B2B17FC49 ] C:\Program Files\AVAST Software\Avast\snxhk64.dll

11:36:46.0044 4812 C:\Program Files\AVAST Software\Avast\snxhk64.dll - ok

11:36:46.0060 4812 [ A08C010D859F8EB42BDD7E1D55B8CA27 ] C:\Windows\System32\mscoree.dll

11:36:46.0060 4812 C:\Windows\System32\mscoree.dll - ok

11:36:46.0060 4812 [ B40420876B9288E0A1C8CCA8A84E5DC9 ] C:\Windows\SysWOW64\dnsapi.dll

11:36:46.0060 4812 C:\Windows\SysWOW64\dnsapi.dll - ok

11:36:46.0060 4812 [ 12B79422A23814429CDA9E734C58F78F ] C:\Program Files (x86)\Common Files\microsoft shared\Windows Live\WLIDNSP.DLL

11:36:46.0060 4812 C:\Program Files (x86)\Common Files\microsoft shared\Windows Live\WLIDNSP.DLL - ok

11:36:46.0075 4812 [ 0B7E85364CB878E2AD531DB7B601A9E5 ] C:\Windows\SysWOW64\NapiNSP.dll

11:36:46.0075 4812 C:\Windows\SysWOW64\NapiNSP.dll - ok

11:36:46.0075 4812 [ 5CF640EDDB1E40A5AB1BB743BCDEC610 ] C:\Windows\SysWOW64\pnrpnsp.dll

11:36:46.0075 4812 C:\Windows\SysWOW64\pnrpnsp.dll - ok

11:36:46.0075 4812 [ 5DF5D8CFD9B9573FA3B2C89D9061A240 ] C:\Windows\SysWOW64\winrnr.dll

11:36:46.0075 4812 C:\Windows\SysWOW64\winrnr.dll - ok

11:36:46.0091 4812 [ 73F759AB981CF1BC760EE5F81AB608AF ] C:\Program Files (x86)\Acer\clear.fi\MVP\Kernel\DMR\CLNetShow.dll

11:36:46.0091 4812 C:\Program Files (x86)\Acer\clear.fi\MVP\Kernel\DMR\CLNetShow.dll - ok

11:36:46.0091 4812 [ 198552AEFECA69D646867EC8D792DE95 ] C:\Windows\SysWOW64\ddraw.dll

11:36:46.0091 4812 C:\Windows\SysWOW64\ddraw.dll - ok

11:36:46.0091 4812 [ 55E5B32AE8D1F51A63C82919656FD275 ] C:\Windows\SysWOW64\dciman32.dll

11:36:46.0091 4812 C:\Windows\SysWOW64\dciman32.dll - ok

11:36:46.0091 4812 [ 6EF5F3F18413C367195F06E503AB86A6 ] C:\Windows\SysWOW64\d3d9.dll

11:36:46.0091 4812 C:\Windows\SysWOW64\d3d9.dll - ok

11:36:46.0106 4812 [ 77B1471A490B53B24EFE136F09F76550 ] C:\Windows\SysWOW64\d3d8thk.dll

11:36:46.0106 4812 C:\Windows\SysWOW64\d3d8thk.dll - ok

11:36:46.0106 4812 [ 08DFDBD2FD4EA951DC46B1C7661ED35A ] C:\Windows\SysWOW64\powrprof.dll

11:36:46.0106 4812 C:\Windows\SysWOW64\powrprof.dll - ok

11:36:46.0106 4812 [ B676429E44F2F8ACC3BAE7C89F46B212 ] C:\Program Files (x86)\Google\Update\1.3.21.135\GoogleCrashHandler64.exe

11:36:46.0106 4812 C:\Program Files (x86)\Google\Update\1.3.21.135\GoogleCrashHandler64.exe - ok

11:36:46.0122 4812 [ C5A99A4C0DC9F0F5A95BA0C83D30A549 ] C:\Windows\SysWOW64\mstask.dll

11:36:46.0122 4812 C:\Windows\SysWOW64\mstask.dll - ok

11:36:46.0122 4812 [ 178A34E5554DCE485E1262DDF027960C ] C:\Users\Heavy Metal Miku\AppData\Local\Temp\85EC8E08-E7AC-4DC1-B0A5-5E51E5B3F32A.exe

11:36:46.0122 4812 C:\Users\Heavy Metal Miku\AppData\Local\Temp\85EC8E08-E7AC-4DC1-B0A5-5E51E5B3F32A.exe - ok

11:36:46.0122 4812 [ DDD0357A92FA843EFF8915ED17253D6C ] C:\Windows\System32\wbem\WmiPrvSD.dll

11:36:46.0122 4812 C:\Windows\System32\wbem\WmiPrvSD.dll - ok

11:36:46.0138 4812 [ 108C2CFA5527458C096A699929ECBD80 ] C:\Windows\SysWOW64\credui.dll

11:36:46.0138 4812 C:\Windows\SysWOW64\credui.dll - ok

11:36:46.0138 4812 [ 7717F84F483002815490033BF069DABD ] C:\Windows\winsxs\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.17825_none_72d273598668a06b\GdiPlus.dll

11:36:46.0138 4812 C:\Windows\winsxs\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.17825_none_72d273598668a06b\GdiPlus.dll - ok

11:36:46.0138 4812 [ 565A30B70BE8A9B171839003F2D69683 ] C:\Windows\SysWOW64\hlink.dll

11:36:46.0138 4812 C:\Windows\SysWOW64\hlink.dll - ok

11:36:46.0153 4812 [ BECDDA0990DEBD72A30096533521AD73 ] C:\Program Files (x86)\Google\Update\1.3.21.135\GoogleCrashHandler.exe

11:36:46.0153 4812 C:\Program Files (x86)\Google\Update\1.3.21.135\GoogleCrashHandler.exe - ok

11:36:46.0153 4812 [ 9CAC9FC922033852385AAB75F1E26D52 ] C:\Program Files (x86)\Acer\clear.fi\MVP\Kernel\DMR\CLHttpDownload.dll

11:36:46.0153 4812 C:\Program Files (x86)\Acer\clear.fi\MVP\Kernel\DMR\CLHttpDownload.dll - ok

11:36:46.0153 4812 [ 703FFD301AB900B047337C5D40FD6F96 ] C:\Windows\SysWOW64\olepro32.dll

11:36:46.0153 4812 C:\Windows\SysWOW64\olepro32.dll - ok

11:36:46.0153 4812 [ 539C49CEBB3C50957AC8A09D95ECD880 ] C:\Windows\SysWOW64\shfolder.dll

11:36:46.0153 4812 C:\Windows\SysWOW64\shfolder.dll - ok

11:36:46.0169 4812 [ 8FF0D395C366ECF8A10C56353591BCC2 ] C:\Program Files (x86)\Acer\clear.fi\MVP\Kernel\DMR\DeviceStage.exe

11:36:46.0169 4812 C:\Program Files (x86)\Acer\clear.fi\MVP\Kernel\DMR\DeviceStage.exe - ok

11:36:46.0169 4812 [ 3BCECD87AB4E6743BFB45B352AD1A529 ] C:\Windows\SysWOW64\WindowsCodecs.dll

11:36:46.0169 4812 C:\Windows\SysWOW64\WindowsCodecs.dll - ok

11:36:46.0184 4812 [ 74AF1FFCAFD60DA88A386AE161F56438 ] C:\Program Files (x86)\Common Files\microsoft shared\Virtualization Handler\en-us\CVHIntl.dll

11:36:46.0184 4812 C:\Program Files (x86)\Common Files\microsoft shared\Virtualization Handler\en-us\CVHIntl.dll - ok

11:36:46.0184 4812 [ B08E3476F0874DBAD672D0AC4FB2580B ] C:\Program Files (x86)\Microsoft Application Virtualization Client\sftintf.dll

11:36:46.0184 4812 C:\Program Files (x86)\Microsoft Application Virtualization Client\sftintf.dll - ok

11:36:46.0184 4812 [ 1128637CAD49A8E3C8B5FA5D0A061525 ] C:\Windows\SysWOW64\cryptdll.dll

11:36:46.0184 4812 C:\Windows\SysWOW64\cryptdll.dll - ok

11:36:46.0200 4812 [ 4C1E16B9A53102C8D6FBA587CBCB95DE ] C:\Windows\SysWOW64\msv1_0.dll

11:36:46.0200 4812 C:\Windows\SysWOW64\msv1_0.dll - ok

11:36:46.0200 4812 [ 21D3A18769EC2C4E56756D04E989A221 ] C:\Windows\SysWOW64\msxml3.dll

11:36:46.0200 4812 C:\Windows\SysWOW64\msxml3.dll - ok

11:36:46.0200 4812 [ 03A03A453F1AAAE0C73AAAF895321C7A ] C:\Windows\SysWOW64\FWPUCLNT.DLL

11:36:46.0200 4812 C:\Windows\SysWOW64\FWPUCLNT.DLL - ok

11:36:46.0200 4812 [ 1097F3035BAF46CED8B332B3564C5108 ] C:\Windows\SysWOW64\gpapi.dll

11:36:46.0200 4812 C:\Windows\SysWOW64\gpapi.dll - ok

11:36:46.0216 4812 [ CA79539D3D4C0BA66F0F051A5EE5E923 ] C:\Windows\SysWOW64\cryptnet.dll

11:36:46.0216 4812 C:\Windows\SysWOW64\cryptnet.dll - ok

11:36:46.0216 4812 [ AA794B099F776B37ACCDEAD00E0FBFC9 ] C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscoreei.dll

11:36:46.0216 4812 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscoreei.dll - ok

11:36:46.0216 4812 [ A4CC7227A452C4909F9499D91B184364 ] C:\Windows\SysWOW64\ncobjapi.dll

11:36:46.0216 4812 C:\Windows\SysWOW64\ncobjapi.dll - ok

11:36:46.0231 4812 [ D41FEBD098234F02485A4EA98D4730A4 ] C:\Windows\System32\ncobjapi.dll

11:36:46.0231 4812 C:\Windows\System32\ncobjapi.dll - ok

11:36:46.0231 4812 [ 6F40D6FB05E0C1E5402812B426971AF0 ] C:\Windows\System32\wbem\wbemess.dll

11:36:46.0231 4812 C:\Windows\System32\wbem\wbemess.dll - ok

11:36:46.0231 4812 [ 2CEFF13ACE25A40BD8D97654944297CD ] C:\Windows\svchost.exe

11:36:46.0231 4812 C:\Windows\svchost.exe - ok

11:36:46.0247 4812 [ 5610B0425518D185331CB8E968D060E6 ] C:\Windows\SysWOW64\wbem\wmiutils.dll

11:36:46.0247 4812 C:\Windows\SysWOW64\wbem\wmiutils.dll - ok

11:36:46.0247 4812 [ 3AA429543931CF75D2FA9A4BEFD1E7F8 ] C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbampt.exe

11:36:46.0247 4812 C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbampt.exe - ok

11:36:46.0247 4812 [ B6D90C99A72044AEF85A2B7D78FEBEF4 ] C:\Program Files\AVAST Software\Avast\defs\13050600\exts.dll

11:36:46.0247 4812 C:\Program Files\AVAST Software\Avast\defs\13050600\exts.dll - ok

11:36:46.0262 4812 [ 847D3AE376C0817161A14A82C8922A9E ] C:\Windows\System32\netman.dll

11:36:46.0262 4812 C:\Windows\System32\netman.dll - ok

11:36:46.0262 4812 [ 46EF9DC96265FD0B423DB72E7C38C2A5 ] C:\Windows\SysWOW64\wdi.dll

11:36:46.0262 4812 C:\Windows\SysWOW64\wdi.dll - ok

11:36:46.0262 4812 [ 835EC12A0ACD88FF3BB03DEC19329191 ] C:\Program Files\AVAST Software\Avast\ashWebSv.dll

11:36:46.0262 4812 C:\Program Files\AVAST Software\Avast\ashWebSv.dll - ok

11:36:46.0278 4812 [ BF1FC3F79B863C914687A737C2F3D681 ] C:\Windows\System32\wdi.dll

11:36:46.0278 4812 C:\Windows\System32\wdi.dll - ok

11:36:46.0278 4812 [ 93221146D4EBBF314C29B23CD6CC391D ] C:\Windows\System32\wpdbusenum.dll

11:36:46.0278 4812 C:\Windows\System32\wpdbusenum.dll - ok

11:36:46.0278 4812 [ 4449D23E8F197862F1B16F1E6C89C36C ] C:\Windows\System32\diagperf.dll

11:36:46.0278 4812 C:\Windows\System32\diagperf.dll - ok

11:36:46.0278 4812 [ 846D0E4DB261CFAF363902E41498E961 ] C:\Windows\SysWOW64\EhStorShell.dll

11:36:46.0278 4812 C:\Windows\SysWOW64\EhStorShell.dll - ok

11:36:46.0294 4812 [ E811F8510B133E70CF6E509FB809824F ] C:\Windows\System32\wdiasqmmodule.dll

11:36:46.0294 4812 C:\Windows\System32\wdiasqmmodule.dll - ok

11:36:46.0294 4812 [ 58A0CDABEA255616827B1C22C9994466 ] C:\Windows\System32\NapiNSP.dll

11:36:46.0294 4812 C:\Windows\System32\NapiNSP.dll - ok

11:36:46.0294 4812 [ 9719E3D834F5C8C43F56A93DFA497023 ] C:\Windows\System32\pnpts.dll

11:36:46.0294 4812 C:\Windows\System32\pnpts.dll - ok

11:36:46.0309 4812 [ C5C867CD7EFAC60D5021223E374DEEC5 ] C:\Windows\SysWOW64\dimsjob.dll

11:36:46.0309 4812 C:\Windows\SysWOW64\dimsjob.dll - ok

11:36:46.0309 4812 [ 7FFD52D73352806969D424EF327D10A7 ] C:\Windows\SysWOW64\radardt.dll

11:36:46.0309 4812 C:\Windows\SysWOW64\radardt.dll - ok

11:36:46.0309 4812 [ E629F1A051C82795DDFFD3E8D4855811 ] C:\Windows\System32\dimsjob.dll

11:36:46.0309 4812 C:\Windows\System32\dimsjob.dll - ok

11:36:46.0325 4812 [ 46863C4CC5B68EB09EA2D5EEF0F1193A ] C:\Windows\System32\radardt.dll

11:36:46.0325 4812 C:\Windows\System32\radardt.dll - ok

11:36:46.0325 4812 [ 544EFF88AC6C85DF5A4D6F18DFE08CFC ] C:\Windows\SysWOW64\taskschd.dll

11:36:46.0325 4812 C:\Windows\SysWOW64\taskschd.dll - ok

11:36:46.0325 4812 [ 7DF186D86CF8C571A12AAB788C777F84 ] C:\Windows\SysWOW64\wscproxystub.dll

11:36:46.0325 4812 C:\Windows\SysWOW64\wscproxystub.dll - ok

11:36:46.0325 4812 [ 613C8CE10A5FDE582BA5FA64C4D56AAA ] C:\Windows\System32\pnrpnsp.dll

11:36:46.0325 4812 C:\Windows\System32\pnrpnsp.dll - ok

11:36:46.0340 4812 [ BF4AC709BE5BF64F331F5D67773A0C82 ] C:\Windows\System32\perftrack.dll

11:36:46.0340 4812 C:\Windows\System32\perftrack.dll - ok

11:36:46.0340 4812 [ ED6EE83D61EBC683C2CD8E899EA6FEBE ] C:\Windows\SysWOW64\rasadhlp.dll

11:36:46.0340 4812 C:\Windows\SysWOW64\rasadhlp.dll - ok

11:36:46.0340 4812 [ 8C338238C16777A802D6A9211EB2BA50 ] C:\Windows\SysWOW64\netprofm.dll

11:36:46.0340 4812 C:\Windows\SysWOW64\netprofm.dll - ok

11:36:46.0356 4812 [ 4F6E72B34ED3DC53DCC5E8708E60B61F ] C:\Windows\SysWOW64\security.dll

11:36:46.0356 4812 C:\Windows\SysWOW64\security.dll - ok

11:36:46.0356 4812 [ 590D5C506044FE02FF7643E32FF9BDAC ] C:\Windows\SysWOW64\wer.dll

11:36:46.0356 4812 C:\Windows\SysWOW64\wer.dll - ok

11:36:46.0356 4812 [ 0527485EFC678169D052D25E02FD8880 ] C:\Program Files\AVAST Software\Avast\aswPatchMgt.dll

11:36:46.0356 4812 C:\Program Files\AVAST Software\Avast\aswPatchMgt.dll - ok

11:36:46.0372 4812 [ 40CAEEE0EAF1B8569F7C8DF6420F2CB9 ] C:\Windows\SysWOW64\sfc.dll

11:36:46.0372 4812 C:\Windows\SysWOW64\sfc.dll - ok

11:36:46.0372 4812 [ 2FFBCD4394E60013EAF45427EC4E6A1E ] C:\Program Files\AVAST Software\Avast\defs\13050600\aswAR.dll

11:36:46.0372 4812 C:\Program Files\AVAST Software\Avast\defs\13050600\aswAR.dll - ok

11:36:46.0372 4812 [ 84799328D87B3091A3BDD251E1AD31F9 ] C:\Windows\SysWOW64\sfc_os.dll

11:36:46.0372 4812 C:\Windows\SysWOW64\sfc_os.dll - ok

11:36:46.0387 4812 [ 2E2072EB48238FCA8FBB7A9F5FABAC45 ] C:\Windows\System32\winrnr.dll

11:36:46.0387 4812 C:\Windows\System32\winrnr.dll - ok

11:36:46.0387 4812 [ 15E298B5EC5B89C5994A59863969D9FF ] C:\Windows\SysWOW64\npmproxy.dll

11:36:46.0387 4812 C:\Windows\SysWOW64\npmproxy.dll - ok

11:36:46.0387 4812 [ F7073C962C4FB7C415565DDE109DE49F ] C:\Windows\System32\npmproxy.dll

11:36:46.0387 4812 C:\Windows\System32\npmproxy.dll - ok

11:36:46.0387 4812 [ 02CD5B2C3B017122CAC00BDB520CD7AC ] C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorwks.dll

11:36:46.0387 4812 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorwks.dll - ok

11:36:46.0403 4812 [ 06A754FE28A06F780A099703CFCAAA22 ] C:\Windows\winsxs\amd64_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.4940_none_88df89932faf0bf6\msvcr80.dll

11:36:46.0403 4812 C:\Windows\winsxs\amd64_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.4940_none_88df89932faf0bf6\msvcr80.dll - ok

11:36:46.0403 4812 [ F1E7FDAA31D4B49361F2F2BDF38BC3A0 ] C:\Windows\assembly\NativeImages_v2.0.50727_64\mscorlib\4c8e27730d1ef243f56c76b06bcc10c6\mscorlib.ni.dll

11:36:46.0403 4812 C:\Windows\assembly\NativeImages_v2.0.50727_64\mscorlib\4c8e27730d1ef243f56c76b06bcc10c6\mscorlib.ni.dll - ok

11:36:46.0403 4812 [ 4B78B431F225FD8624C5655CB1DE7B61 ] C:\Windows\System32\aelupsvc.dll

11:36:46.0403 4812 C:\Windows\System32\aelupsvc.dll - ok

11:36:46.0418 4812 [ 9EC1D983086E5FA14FFB3518B7E3B596 ] C:\Program Files\AVAST Software\Avast\defs\13050600\aswRawFS.dll

11:36:46.0418 4812 C:\Program Files\AVAST Software\Avast\defs\13050600\aswRawFS.dll - ok

11:36:46.0418 4812 [ E872F6B6693EF5319BA38D4352023868 ] C:\Program Files\AVAST Software\Avast\ashWsFtr.dll

11:36:46.0418 4812 C:\Program Files\AVAST Software\Avast\ashWsFtr.dll - ok

11:36:46.0418 4812 [ 112EEF699F3E5EFBE13EDDB50AEDE249 ] C:\Program Files\AVAST Software\Avast\defs\13050600\swhealthex.dll

11:36:46.0418 4812 C:\Program Files\AVAST Software\Avast\defs\13050600\swhealthex.dll - ok

11:36:46.0434 4812 [ C30A3E5DEEEBA22E782AC54C5AF5F352 ] C:\Windows\SysWOW64\samlib.dll

11:36:46.0434 4812 C:\Windows\SysWOW64\samlib.dll - ok

11:36:46.0434 4812 [ 6F5386A655598F71BAAB2D6B63A69D6A ] C:\Program Files (x86)\Mozilla Firefox\firefox.exe

11:36:46.0434 4812 C:\Program Files (x86)\Mozilla Firefox\firefox.exe - ok

11:36:46.0434 4812 [ 60EDF8622CAD337A3629E9E6561EAC73 ] C:\Program Files (x86)\VideoLAN\VLC\vlc.exe

11:36:46.0434 4812 C:\Program Files (x86)\VideoLAN\VLC\vlc.exe - ok

11:36:46.0450 4812 [ 4E9592BB2C100E571F82640E59E9ECD5 ] C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

11:36:46.0450 4812 C:\Program Files (x86)\Google\Chrome\Application\chrome.exe - ok

11:36:46.0450 4812 [ 32732CEDE2A1106B736EF3D84054EE04 ] C:\Program Files (x86)\Internet Explorer\iexplore.exe

11:36:46.0450 4812 C:\Program Files (x86)\Internet Explorer\iexplore.exe - ok

11:36:46.0450 4812 [ 1B1431D9520C7578AD5633ED2A70625F ] C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorjit.dll

11:36:46.0450 4812 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorjit.dll - ok

11:36:46.0465 4812 [ B96F045D571747F8700CB43E8C458FF0 ] C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AcroRd32.exe

11:36:46.0465 4812 C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AcroRd32.exe - ok

11:36:46.0465 4812 [ 87F3BC6C29A532AFC707C3426381842C ] C:\Program Files (x86)\Common Files\Adobe AIR\Versions\1.0\Adobe AIR.dll

11:36:46.0465 4812 C:\Program Files (x86)\Common Files\Adobe AIR\Versions\1.0\Adobe AIR.dll - ok

11:36:46.0465 4812 [ BD3165A325F222F642F743B6CF2937ED ] C:\Program Files (x86)\WinRAR\WinRAR.exe

11:36:46.0465 4812 C:\Program Files (x86)\WinRAR\WinRAR.exe - ok

11:36:46.0481 4812 [ 04F4D7D7B97C616C33DC3EFFD48875E0 ] C:\Program Files (x86)\Java\jre7\bin\java.exe

11:36:46.0481 4812 C:\Program Files (x86)\Java\jre7\bin\java.exe - ok

11:36:46.0481 4812 [ 03F3B770DFBED6131653CEDA8CA780F0 ] C:\Windows\SysWOW64\ntshrui.dll

11:36:46.0481 4812 C:\Windows\SysWOW64\ntshrui.dll - ok

Link to post
Share on other sites

21C0735B21DCC8BC4FEF02F379EF ] C:\Windows\SysWOW64\Apphlpdm.dll

11:36:46.0481 4812 C:\Windows\SysWOW64\Apphlpdm.dll - ok

11:36:46.0496 4812 [ 18BA04479F5EB04FBD9C9A1572E4617E ] C:\Program Files (x86)\Java\jre7\bin\keytool.exe

11:36:46.0496 4812 C:\Program Files (x86)\Java\jre7\bin\keytool.exe - ok

11:36:46.0496 4812 [ 23E58DE783E988C62C07CC32A0332C2C ] C:\Program Files\AVAST Software\Avast\Setup\avast.setup

11:36:46.0496 4812 C:\Program Files\AVAST Software\Avast\Setup\avast.setup - ok

11:36:46.0496 4812 [ B1A94D0465AB523E02F7A4FCF879169D ] C:\Program Files (x86)\Java\jre7\bin\jli.dll

11:36:46.0496 4812 C:\Program Files (x86)\Java\jre7\bin\jli.dll - ok

11:36:46.0512 4812 [ 67EC459E42D3081DD8FD34356F7CAFC1 ] C:\Program Files (x86)\Java\jre7\bin\msvcr100.dll

11:36:46.0512 4812 C:\Program Files (x86)\Java\jre7\bin\msvcr100.dll - ok

11:36:46.0512 4812 [ E1B22739C933BE33F53DB58C5393ADD3 ] C:\Windows\System32\Apphlpdm.dll

11:36:46.0512 4812 C:\Windows\System32\Apphlpdm.dll - ok

11:36:46.0512 4812 [ E98278865E8DABA21CFE5FE4BE34210A ] C:\Windows\SysWOW64\PortableDeviceApi.dll

11:36:46.0512 4812 C:\Windows\SysWOW64\PortableDeviceApi.dll - ok

11:36:46.0528 4812 [ 99934BAB4B8BFD3B52F3A13A1DA18890 ] C:\Windows\assembly\NativeImages_v2.0.50727_64\System\5b203f3d0f44503fccf96b4a673c0e6e\System.ni.dll

11:36:46.0528 4812 C:\Windows\assembly\NativeImages_v2.0.50727_64\System\5b203f3d0f44503fccf96b4a673c0e6e\System.ni.dll - ok

11:36:46.0528 4812 [ 2F040CF0613A6D64DCBBA9EE81F5A5AE ] C:\Windows\SysWOW64\dsrole.dll

11:36:46.0528 4812 C:\Windows\SysWOW64\dsrole.dll - ok

11:36:46.0528 4812 [ 8B74CEC6980D4816B0037AE9A27E538F ] C:\Windows\SysWOW64\slc.dll

11:36:46.0528 4812 C:\Windows\SysWOW64\slc.dll - ok

11:36:46.0543 4812 [ 827CB0D6C3F8057EA037FF271F8E9795 ] C:\Windows\SysWOW64\imageres.dll

11:36:46.0543 4812 C:\Windows\SysWOW64\imageres.dll - ok

11:36:46.0543 4812 [ 36F37BD6B67F9BEA441A126C2DA35262 ] C:\Windows\assembly\NativeImages_v2.0.50727_64\System.Drawing\02d0f1247d4a3a368d2a77e8a548c24a\System.Drawing.ni.dll

11:36:46.0543 4812 C:\Windows\assembly\NativeImages_v2.0.50727_64\System.Drawing\02d0f1247d4a3a368d2a77e8a548c24a\System.Drawing.ni.dll - ok

11:36:46.0543 4812 [ 8839C69D4E9468A1E5BDF4B9F4BCC5FE ] C:\Program Files (x86)\Java\jre7\bin\client\jvm.dll

11:36:46.0543 4812 C:\Program Files (x86)\Java\jre7\bin\client\jvm.dll - ok

11:36:46.0559 4812 [ 76F27FAB5BA22E336E5D42626702E744 ] C:\Program Files (x86)\Java\jre7\bin\verify.dll

11:36:46.0559 4812 C:\Program Files (x86)\Java\jre7\bin\verify.dll - ok

11:36:46.0559 4812 [ 2F03490092C032392FB6FF635222B9B2 ] C:\Windows\SysWOW64\apisetschema.dll

11:36:46.0559 4812 C:\Windows\SysWOW64\apisetschema.dll - ok

11:36:46.0559 4812 [ E64D9EC8018C55873B40FDEE9DBEF5B3 ] C:\Windows\System32\PortableDeviceApi.dll

11:36:46.0559 4812 C:\Windows\System32\PortableDeviceApi.dll - ok

11:36:46.0574 4812 [ A42F2C1EB3B66C54FB3C7B79D30C1A6D ] C:\Windows\System32\netshell.dll

11:36:46.0574 4812 C:\Windows\System32\netshell.dll - ok

11:36:46.0574 4812 [ C693E642ACFBDD76433AF6BE3C3EEE6F ] C:\Windows\SysWOW64\PortableDeviceConnectApi.dll

11:36:46.0574 4812 C:\Windows\SysWOW64\PortableDeviceConnectApi.dll - ok

11:36:46.0574 4812 [ 8A53582955841F6FFC62D7FD2E913773 ] C:\Program Files (x86)\Java\jre7\bin\java.dll

11:36:46.0574 4812 C:\Program Files (x86)\Java\jre7\bin\java.dll - ok

11:36:46.0590 4812 [ AFA79C343F9D1555F7E5D5FA70BB2A14 ] C:\Windows\System32\PortableDeviceConnectApi.dll

11:36:46.0590 4812 C:\Windows\System32\PortableDeviceConnectApi.dll - ok

11:36:46.0590 4812 [ 04B88428A872390D235BE52D38A9D4EF ] C:\Windows\SysWOW64\dot3api.dll

11:36:46.0590 4812 C:\Windows\SysWOW64\dot3api.dll - ok

11:36:46.0590 4812 [ F9AFD12BB4B1CFA5FCC0A5B37C604FD2 ] C:\Windows\System32\dot3api.dll

11:36:46.0590 4812 C:\Windows\System32\dot3api.dll - ok

11:36:46.0606 4812 [ 95A841BE3CF27181D7E9033DD66BC5CF ] C:\Program Files (x86)\Java\jre7\bin\zip.dll

11:36:46.0606 4812 C:\Program Files (x86)\Java\jre7\bin\zip.dll - ok

11:36:46.0606 4812 [ 8063046AA70B97CA9985672B8848FB2E ] C:\Windows\SysWOW64\wlanhlp.dll

11:36:46.0606 4812 C:\Windows\SysWOW64\wlanhlp.dll - ok

11:36:46.0606 4812 [ E4FCA0F99A41E460C84016DEFD31E6EF ] C:\Windows\System32\wlanhlp.dll

11:36:46.0606 4812 C:\Windows\System32\wlanhlp.dll - ok

11:36:46.0606 4812 [ 6383C60EC0133B14F5705F96369421B2 ] C:\Windows\SysWOW64\hnetcfg.dll

11:36:46.0606 4812 C:\Windows\SysWOW64\hnetcfg.dll - ok

11:36:46.0621 4812 [ 3B367397320C26DBA890B260F80D1B1B ] C:\Windows\System32\hnetcfg.dll

11:36:46.0621 4812 C:\Windows\System32\hnetcfg.dll - ok

11:36:46.0621 4812 [ C5B0324DB461559ADD070E632A6919FA ] C:\Windows\SysWOW64\wbem\wbemprox.dll

11:36:46.0621 4812 C:\Windows\SysWOW64\wbem\wbemprox.dll - ok

11:36:46.0621 4812 [ 704314FD398C81D5F342CAA5DF7B7F21 ] C:\Windows\SysWOW64\wbemcomn.dll

11:36:46.0621 4812 C:\Windows\SysWOW64\wbemcomn.dll - ok

11:36:46.0637 4812 [ 776AE0564F8B1C282E331FD95A1BDC5F ] C:\Windows\SysWOW64\wbem\wbemsvc.dll

11:36:46.0637 4812 C:\Windows\SysWOW64\wbem\wbemsvc.dll - ok

11:36:46.0637 4812 [ CFC7D8289D2B5F3CF8D16E2DB7F93D4A ] C:\Windows\SysWOW64\wbem\fastprox.dll

11:36:46.0637 4812 C:\Windows\SysWOW64\wbem\fastprox.dll - ok

11:36:46.0637 4812 [ E3E811471DE781900FF21C1FD84E941E ] C:\Windows\SysWOW64\ntdsapi.dll

11:36:46.0637 4812 C:\Windows\SysWOW64\ntdsapi.dll - ok

11:36:46.0652 4812 [ 27D002C0D63FB0FD41A623C190F0B6FD ] C:\Windows\assembly\NativeImages_v2.0.50727_64\System.Windows.Forms\6f188156db329da9eb9f7dfbd490fe04\System.Windows.Forms.ni.dll

11:36:46.0652 4812 C:\Windows\assembly\NativeImages_v2.0.50727_64\System.Windows.Forms\6f188156db329da9eb9f7dfbd490fe04\System.Windows.Forms.ni.dll - ok

11:36:46.0652 4812 [ 4BDBBE5E4208022DD794F7EEEB0F7366 ] C:\Windows\SysWOW64\SPInf.dll

11:36:46.0652 4812 C:\Windows\SysWOW64\SPInf.dll - ok

11:36:46.0652 4812 [ 30B2B89BB7D7BB4BEB0162D8633B9DF9 ] C:\Program Files (x86)\Java\jre7\bin\sunec.dll

11:36:46.0652 4812 C:\Program Files (x86)\Java\jre7\bin\sunec.dll - ok

11:36:46.0668 4812 [ 22385EE33688B10B61DA1D8CA9549E4B ] C:\Users\Heavy Metal Miku\AppData\Local\Temp\clear.fiClient\cabarc.exe

11:36:46.0668 4812 C:\Users\Heavy Metal Miku\AppData\Local\Temp\clear.fiClient\cabarc.exe - ok

11:36:46.0668 4812 [ 1683548B3FDD5AD0B940F19CA6700BB8 ] C:\Program Files (x86)\Java\jre7\bin\sunmscapi.dll

11:36:46.0668 4812 C:\Program Files (x86)\Java\jre7\bin\sunmscapi.dll - ok

11:36:46.0668 4812 [ D1DE1EAFDE97BE41CF6585027FF3E732 ] C:\Windows\SysWOW64\comdlg32.dll

11:36:46.0668 4812 C:\Windows\SysWOW64\comdlg32.dll - ok

11:36:46.0684 4812 [ 936F728E04ACCF3F38801CFFCF1E3F40 ] C:\Windows\SysWOW64\oledlg.dll

11:36:46.0684 4812 C:\Windows\SysWOW64\oledlg.dll - ok

11:36:46.0684 4812 [ B5B2896034D8ADEBD79E0C281B52508F ] C:\Windows\AppPatch\AcGenral.dll

11:36:46.0684 4812 C:\Windows\AppPatch\AcGenral.dll - ok

11:36:46.0684 4812 [ 85683DF1F917E4D7F6BE1A04986BF1C8 ] C:\Windows\SysWOW64\msacm32.dll

11:36:46.0684 4812 C:\Windows\SysWOW64\msacm32.dll - ok

11:36:46.0684 4812 [ 90FB1802D488FFA9029854A77D4F3F27 ] C:\Windows\SysWOW64\oleaccrc.dll

11:36:46.0684 4812 C:\Windows\SysWOW64\oleaccrc.dll - ok

11:36:46.0699 4812 [ B39B8CC163C41B12FE83E777199F3378 ] C:\Windows\SysWOW64\tzres.dll

11:36:46.0699 4812 C:\Windows\SysWOW64\tzres.dll - ok

11:36:46.0699 4812 [ 94DBAAB1343316055DCC2526D818F6E6 ] C:\Windows\assembly\NativeImages_v2.0.50727_64\System.Xml\93cead2a03814bde61473510f8910727\System.Xml.ni.dll

11:36:46.0699 4812 C:\Windows\assembly\NativeImages_v2.0.50727_64\System.Xml\93cead2a03814bde61473510f8910727\System.Xml.ni.dll - ok

11:36:46.0699 4812 [ 530D7A0984B619F656E90D5A02CDF00D ] C:\Program Files\AVAST Software\Avast\1041\Base.dll

11:36:46.0715 4812 C:\Program Files\AVAST Software\Avast\1041\Base.dll - ok

11:36:46.0715 4812 [ 134D210D648F7D8B8E95CF4C72B4C595 ] C:\Program Files\AVAST Software\Avast\aswAraSr.exe

11:36:46.0715 4812 C:\Program Files\AVAST Software\Avast\aswAraSr.exe - ok

11:36:46.0715 4812 [ 7496F7E2FF929DE8F64435290402694B ] C:\Program Files\AVAST Software\Avast\aswAra.dll

11:36:46.0715 4812 C:\Program Files\AVAST Software\Avast\aswAra.dll - ok

11:36:46.0715 4812 [ FC05310B5586802B93A004F68AD0107A ] C:\Program Files\AVAST Software\Avast\screenhooks32.dll

11:36:46.0715 4812 C:\Program Files\AVAST Software\Avast\screenhooks32.dll - ok

11:36:46.0730 4812 [ 0ED27C5642D4787D41CABCCE92B5B92A ] C:\Program Files\AVAST Software\Avast\aswRegSvr.exe

11:36:46.0730 4812 C:\Program Files\AVAST Software\Avast\aswRegSvr.exe - ok

11:36:46.0730 4812 [ 58212DC7B4F1258EC18AFC3C0488B3EE ] C:\Program Files\AVAST Software\Avast\ashShell.dll

11:36:46.0730 4812 C:\Program Files\AVAST Software\Avast\ashShell.dll - ok

11:36:46.0730 4812 [ 7132802C1BFF8A332F038875D6A397D9 ] C:\Program Files\AVAST Software\Avast\ashQuick.exe

11:36:46.0730 4812 C:\Program Files\AVAST Software\Avast\ashQuick.exe - ok

11:36:46.0746 4812 [ 7C925D13827B0C75677D83D2D46259BC ] C:\Program Files\AVAST Software\Avast\ashUpd.exe

11:36:46.0746 4812 C:\Program Files\AVAST Software\Avast\ashUpd.exe - ok

11:36:46.0746 4812 [ 9BA0D0025EAD5F550360910EABDC56E5 ] C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe

11:36:46.0746 4812 C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe - ok

11:36:46.0762 4812 [ 1895FDF8E3A75C48A24DAEDECC985635 ] C:\Program Files\AVAST Software\Avast\Setup\INF\aswBoot.exe

11:36:46.0762 4812 C:\Program Files\AVAST Software\Avast\Setup\INF\aswBoot.exe - ok

11:36:46.0762 4812 [ 1B4D815E14B4A6CF423B00E7E9445A5C ] C:\Windows\avastSS.scr

11:36:46.0762 4812 C:\Windows\avastSS.scr - ok

11:36:46.0762 4812 [ 6C604262100E7B2F4658ED8DD83BF6F6 ] C:\Program Files\AVAST Software\Avast\avastSS.dll

11:36:46.0762 4812 C:\Program Files\AVAST Software\Avast\avastSS.dll - ok

11:36:46.0762 4812 [ 05686CB62731716599F0C4F47C9C6EE6 ] C:\Program Files\AVAST Software\Avast\sched.exe

11:36:46.0762 4812 C:\Program Files\AVAST Software\Avast\sched.exe - ok

11:36:46.0777 4812 [ 523CF74A52C9A1762DA8B83AEE734498 ] C:\Windows\SysWOW64\IconCodecService.dll

11:36:46.0777 4812 C:\Windows\SysWOW64\IconCodecService.dll - ok

11:36:46.0777 4812 [ 760E2015DE7EC25B54EE11D7915A2553 ] C:\Program Files\AVAST Software\Avast\aswData.dll

11:36:46.0777 4812 C:\Program Files\AVAST Software\Avast\aswData.dll - ok

11:36:46.0777 4812 [ 7CDF72D5213A3EC23DE8E2EF5CCB5D07 ] C:\Program Files\AVAST Software\Avast\aswUtil.dll

11:36:46.0777 4812 C:\Program Files\AVAST Software\Avast\aswUtil.dll - ok

11:36:46.0793 4812 [ 52E85644090EC04A94ED301090B461A3 ] C:\Program Files\AVAST Software\Avast\aswW8ntf.dll

11:36:46.0793 4812 C:\Program Files\AVAST Software\Avast\aswW8ntf.dll - ok

11:36:46.0793 4812 [ 1010E520B76453C6AD2D170D67A14CF3 ] C:\Program Files\AVAST Software\Avast\AvastUI.exe

11:36:46.0793 4812 C:\Program Files\AVAST Software\Avast\AvastUI.exe - ok

11:36:46.0793 4812 [ 6A70854398A8F7C2AB4CF67DF4EEE44E ] C:\Program Files\AVAST Software\Avast\AvSSHook.dll

11:36:46.0793 4812 C:\Program Files\AVAST Software\Avast\AvSSHook.dll - ok

11:36:46.0808 4812 [ AD9D2C89DC7013B4F375246825D862BA ] C:\Program Files\AVAST Software\Avast\CommonRes.dll

11:36:46.0808 4812 C:\Program Files\AVAST Software\Avast\CommonRes.dll - ok

11:36:46.0808 4812 [ D33BE7B03969AFB8A0EA555CF19D08DF ] C:\Program Files\AVAST Software\Avast\VisthAux.exe

11:36:46.0808 4812 C:\Program Files\AVAST Software\Avast\VisthAux.exe - ok

11:36:46.0808 4812 [ 68F61A965E05D760C27589651B193F2D ] C:\Program Files\AVAST Software\Avast\aswChLic.exe

11:36:46.0808 4812 C:\Program Files\AVAST Software\Avast\aswChLic.exe - ok

11:36:46.0824 4812 [ 1D52874272E2031D5D5FFB943B170EAF ] C:\Program Files\AVAST Software\Avast\aswRvrt.dll

11:36:46.0824 4812 C:\Program Files\AVAST Software\Avast\aswRvrt.dll - ok

11:36:46.0824 4812 [ 8BB9315A336FF4F4409C5AD6454C7FEA ] C:\Program Files\AVAST Software\Avast\aswVmm.dll

11:36:46.0824 4812 C:\Program Files\AVAST Software\Avast\aswVmm.dll - ok

11:36:46.0824 4812 [ 0B0CB3B0FEEA5385F36320A68E01EC23 ] C:\Program Files\AVAST Software\Avast\aswRunDll.exe

11:36:46.0824 4812 C:\Program Files\AVAST Software\Avast\aswRunDll.exe - ok

11:36:46.0840 4812 [ A1256565943EB598C4A7AADB4ABCA786 ] C:\Program Files\AVAST Software\Avast\aswLSRun.dll

11:36:46.0840 4812 C:\Program Files\AVAST Software\Avast\aswLSRun.dll - ok

11:36:46.0840 4812 [ FE823B5C178E35C0C862F2A952BA88EE ] C:\Program Files\AVAST Software\Avast\1041\Boot.dll

11:36:46.0840 4812 C:\Program Files\AVAST Software\Avast\1041\Boot.dll - ok

11:36:46.0840 4812 [ 4600048E0E02E9DE329A6B3903C0EF54 ] C:\Program Files\AVAST Software\Avast\1041\uiLangRes.dll

11:36:46.0840 4812 C:\Program Files\AVAST Software\Avast\1041\uiLangRes.dll - ok

11:36:46.0855 4812 [ A9176D311C8712157E821177BA024776 ] C:\Program Files\AVAST Software\Avast\AvastGUIProxy.dll

11:36:46.0855 4812 C:\Program Files\AVAST Software\Avast\AvastGUIProxy.dll - ok

11:36:46.0855 4812 [ A0E2D52E811F51D0294CB531B423CCB5 ] C:\Program Files\AVAST Software\Avast\AvastGUIProxy64.dll

11:36:46.0855 4812 C:\Program Files\AVAST Software\Avast\AvastGUIProxy64.dll - ok

11:36:46.0855 4812 [ 17D26428968B3E0E38C11D41C8DE130A ] C:\Program Files\AVAST Software\Avast\aswMonVD.dll

11:36:46.0855 4812 C:\Program Files\AVAST Software\Avast\aswMonVD.dll - ok

11:36:46.0871 4812 [ B74340BD4B31BF575561027EA93CCB94 ] C:\Program Files\AVAST Software\Avast\Setup\INF\Aavmker4.sys

11:36:46.0871 4812 C:\Program Files\AVAST Software\Avast\Setup\INF\Aavmker4.sys - ok

11:36:46.0871 4812 [ D6CB9A991861A8F19C3762EF4FDECB50 ] C:\Program Files\AVAST Software\Avast\Setup\INF\aswMon.sys

11:36:46.0871 4812 C:\Program Files\AVAST Software\Avast\Setup\INF\aswMon.sys - ok

11:36:46.0886 4812 [ 5A3042DDFEDBF133265056714640C5DF ] C:\Program Files\AVAST Software\Avast\Setup\INF\aswMon2.sys

11:36:46.0886 4812 C:\Program Files\AVAST Software\Avast\Setup\INF\aswMon2.sys - ok

11:36:46.0886 4812 [ 5A46BB2BEB3FC1385D56EFD8B57FB537 ] C:\Program Files\AVAST Software\Avast\Setup\INF\aswMonFlt.sys

11:36:46.0886 4812 C:\Program Files\AVAST Software\Avast\Setup\INF\aswMonFlt.sys - ok

11:36:46.0886 4812 [ 2B427BAF48952868ECE8DE6A0AC2E85B ] C:\Program Files\AVAST Software\Avast\Setup\INF\aswSP.sys

11:36:46.0886 4812 C:\Program Files\AVAST Software\Avast\Setup\INF\aswSP.sys - ok

11:36:46.0902 4812 [ BE1F39FD61852D31B1E99B2DA23A3693 ] C:\Program Files\AVAST Software\Avast\Setup\INF\aswFsBlk.sys

11:36:46.0902 4812 C:\Program Files\AVAST Software\Avast\Setup\INF\aswFsBlk.sys - ok

11:36:46.0902 4812 [ 020CD9DFC85F753C84629D07EB9A16BA ] C:\Program Files\AVAST Software\Avast\Setup\INF\aswSnx.sys

11:36:46.0902 4812 C:\Program Files\AVAST Software\Avast\Setup\INF\aswSnx.sys - ok

11:36:46.0902 4812 [ 688713FF4DE824A5090BAD2E2BE3816E ] C:\Program Files\AVAST Software\Avast\Setup\INF\aswKbd.sys

11:36:46.0902 4812 C:\Program Files\AVAST Software\Avast\Setup\INF\aswKbd.sys - ok

11:36:46.0918 4812 [ 162D247E995EAEBF3EF4289069E1111C ] C:\Windows\SysWOW64\devrtl.dll

11:36:46.0918 4812 C:\Windows\SysWOW64\devrtl.dll - ok

11:36:46.0918 4812 [ E81608EF25709525A236F3A3E03855EB ] C:\Program Files\AVAST Software\Avast\Setup\INF\aswVmm.sys

11:36:46.0918 4812 C:\Program Files\AVAST Software\Avast\Setup\INF\aswVmm.sys - ok

11:36:46.0933 4812 [ C4FE2A34CC7CBDF93446768CA7AC8180 ] C:\Program Files\AVAST Software\Avast\Setup\INF\aswRvrt.sys

11:36:46.0933 4812 C:\Program Files\AVAST Software\Avast\Setup\INF\aswRvrt.sys - ok

11:36:46.0933 4812 [ 99D10F18F7D2C35A82DA99F01A2E1622 ] C:\Program Files\AVAST Software\Avast\aswRegSvr64.exe

11:36:46.0933 4812 C:\Program Files\AVAST Software\Avast\aswRegSvr64.exe - ok

11:36:46.0933 4812 [ 21DD338011E6861D38CC46F9B3A0E2C8 ] C:\Program Files\AVAST Software\Avast\Setup\INF\x64\aswBoot.exe

11:36:46.0933 4812 C:\Program Files\AVAST Software\Avast\Setup\INF\x64\aswBoot.exe - ok

11:36:46.0949 4812 [ 4CB3F8181AF2844974A4D98737CC5D26 ] C:\Program Files\AVAST Software\Avast\AavmRpch64.dll

11:36:46.0949 4812 C:\Program Files\AVAST Software\Avast\AavmRpch64.dll - ok

11:36:46.0949 4812 [ D138519D63EBDA79B90FF2872783D91F ] C:\Program Files\AVAST Software\Avast\Setup\INF\x64\netcfg_x64.exe

11:36:46.0949 4812 C:\Program Files\AVAST Software\Avast\Setup\INF\x64\netcfg_x64.exe - ok

11:36:46.0949 4812 [ 264FE5A8140A7420FF00FBA09F1BA4F4 ] C:\Program Files\AVAST Software\Avast\Setup\INF\x64\Aavmker4.sys

11:36:46.0949 4812 C:\Program Files\AVAST Software\Avast\Setup\INF\x64\Aavmker4.sys - ok

11:36:46.0964 4812 [ B519848DFA30AE2B306576B51321D102 ] C:\Windows\System32\ie4uinit.exe

11:36:46.0964 4812 C:\Windows\System32\ie4uinit.exe - ok

11:36:46.0964 4812 [ B7922A57C8C3D8AF9B9FB40DA4648B58 ] C:\Program Files\AVAST Software\Avast\Setup\INF\x64\aswMon2.sys

11:36:46.0964 4812 C:\Program Files\AVAST Software\Avast\Setup\INF\x64\aswMon2.sys - ok

11:36:46.0964 4812 [ C3E98C42EDF7EF237A4BAB91FEAC7426 ] C:\Windows\System32\iedkcs32.dll

11:36:46.0964 4812 C:\Windows\System32\iedkcs32.dll - ok

11:36:46.0980 4812 [ 90980D5291F8E725700272E4B64EDA10 ] C:\Program Files\AVAST Software\Avast\Setup\INF\x64\aswMonFlt.sys

11:36:46.0980 4812 C:\Program Files\AVAST Software\Avast\Setup\INF\x64\aswMonFlt.sys - ok

11:36:46.0980 4812 [ D8FEC7F7BFE1BAD685DC8D1EF384693D ] C:\Program Files\AVAST Software\Avast\Setup\INF\x64\aswSP.sys

11:36:46.0980 4812 C:\Program Files\AVAST Software\Avast\Setup\INF\x64\aswSP.sys - ok

11:36:46.0980 4812 [ F3F5F2FDE0DEABA4F2CE336E9454FAE2 ] C:\Program Files\AVAST Software\Avast\Setup\INF\x64\aswFsBlk.sys

11:36:46.0980 4812 C:\Program Files\AVAST Software\Avast\Setup\INF\x64\aswFsBlk.sys - ok

11:36:46.0996 4812 [ 2CFA4569350B7F84F815E9EC34E85766 ] C:\Windows\SysWOW64\SndVolSSO.dll

11:36:46.0996 4812 C:\Windows\SysWOW64\SndVolSSO.dll - ok

11:36:46.0996 4812 [ 63DF770DF74ACB370EF5A16727069AAF ] C:\Windows\SysWOW64\hid.dll

11:36:46.0996 4812 C:\Windows\SysWOW64\hid.dll - ok

11:36:46.0996 4812 [ 243974EC02F7AE49E4179C54624143AB ] C:\Windows\SysWOW64\MMDevAPI.dll

11:36:46.0996 4812 C:\Windows\SysWOW64\MMDevAPI.dll - ok

11:36:47.0011 4812 [ 9237BE2AB3C7D611F1F8FB7018691BAC ] C:\Program Files\AVAST Software\Avast\Setup\INF\x64\aswSnx.sys

11:36:47.0011 4812 C:\Program Files\AVAST Software\Avast\Setup\INF\x64\aswSnx.sys - ok

11:36:47.0011 4812 [ 7E9917D5309A90E7576653BFE39F80D8 ] C:\Windows\SysWOW64\timedate.cpl

11:36:47.0011 4812 C:\Windows\SysWOW64\timedate.cpl - ok

11:36:47.0011 4812 [ FB10715E4099AF9FA389C71873245226 ] C:\Windows\System32\timedate.cpl

11:36:47.0011 4812 C:\Windows\System32\timedate.cpl - ok

11:36:47.0027 4812 [ 7BA96B748762759E5AC844DE672A49AD ] C:\Program Files\AVAST Software\Avast\Setup\INF\x64\aswKbd.sys

11:36:47.0027 4812 C:\Program Files\AVAST Software\Avast\Setup\INF\x64\aswKbd.sys - ok

11:36:47.0027 4812 [ D2958325C1AE1AE37A83334C6229E3BC ] C:\Windows\SysWOW64\actxprxy.dll

11:36:47.0027 4812 C:\Windows\SysWOW64\actxprxy.dll - ok

11:36:47.0027 4812 [ E6F0F82788E8BD0F7A616350EFA0761C ] C:\Windows\System32\actxprxy.dll

11:36:47.0027 4812 C:\Windows\System32\actxprxy.dll - ok

11:36:47.0042 4812 [ 3C7D772F6059C142991D00FE3AB61D40 ] C:\Program Files\AVAST Software\Avast\Setup\INF\x64\aswVmm.sys

11:36:47.0042 4812 C:\Program Files\AVAST Software\Avast\Setup\INF\x64\aswVmm.sys - ok

11:36:47.0042 4812 [ A06E330475C1957C50C13B483D41F2BD ] C:\Program Files\AVAST Software\Avast\Setup\INF\x64\aswRvrt.sys

11:36:47.0042 4812 C:\Program Files\AVAST Software\Avast\Setup\INF\x64\aswRvrt.sys - ok

11:36:47.0058 4812 [ 68C199CA1ED9F2D1044A16159A997377 ] C:\Program Files\AVAST Software\Avast\AhAScr.dll

11:36:47.0058 4812 C:\Program Files\AVAST Software\Avast\AhAScr.dll - ok

11:36:47.0058 4812 [ 71413A520AD3D04F0FAB512E38DDA529 ] C:\Program Files\AVAST Software\Avast\aswJsFlt.dll

11:36:47.0058 4812 C:\Program Files\AVAST Software\Avast\aswJsFlt.dll - ok

11:36:47.0058 4812 [ FFE9271CAF7F27A6C44721192328CFE9 ] C:\Program Files\AVAST Software\Avast\aswJsFlt64.dll

11:36:47.0058 4812 C:\Program Files\AVAST Software\Avast\aswJsFlt64.dll - ok

11:36:47.0074 4812 [ C4F40F6CACD796A8E16671D0E9A2F319 ] C:\Windows\System32\shdocvw.dll

11:36:47.0074 4812 C:\Windows\System32\shdocvw.dll - ok

11:36:47.0074 4812 [ 7CCA5A4E6624BCADFAF3930343CF4BF3 ] C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll

11:36:47.0074 4812 C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll - ok

11:36:47.0074 4812 [ 5987EA8A82C53359BCD2C29D6588583E ] C:\Windows\SysWOW64\linkinfo.dll

11:36:47.0074 4812 C:\Windows\SysWOW64\linkinfo.dll - ok

11:36:47.0089 4812 [ A0A65D306A5490D2EB8E7DE66898ECFD ] C:\Windows\System32\linkinfo.dll

11:36:47.0089 4812 C:\Windows\System32\linkinfo.dll - ok

11:36:47.0089 4812 [ 6581B52E133CC6D00661C58968C7E212 ] C:\Windows\SysWOW64\SearchFolder.dll

11:36:47.0089 4812 C:\Windows\SysWOW64\SearchFolder.dll - ok

11:36:47.0089 4812 [ B0F69B9DE0AEBFD7E4CEADE6758DF627 ] C:\Windows\System32\SearchFolder.dll

11:36:47.0089 4812 C:\Windows\System32\SearchFolder.dll - ok

11:36:47.0089 4812 [ 56CEED370508F69A1BA04939BD1BADDA ] C:\Windows\SysWOW64\msutb.dll

11:36:47.0105 4812 C:\Windows\SysWOW64\msutb.dll - ok

11:36:47.0105 4812 [ F14A9B1778376D0B1788E402AC1F831A ] C:\Windows\SysWOW64\shacct.dll

11:36:47.0105 4812 C:\Windows\SysWOW64\shacct.dll - ok

11:36:47.0105 4812 [ 64E211E0FDFCE4D186DF58BB7D0503BC ] C:\Windows\SysWOW64\gameux.dll

11:36:47.0105 4812 C:\Windows\SysWOW64\gameux.dll - ok

11:36:47.0105 4812 [ 2BCBA6052374959A30BD7948444DBB79 ] C:\Windows\System32\gameux.dll

11:36:47.0105 4812 C:\Windows\System32\gameux.dll - ok

11:36:47.0120 4812 [ EDF2A5E96BEC469DA3F64E9BDD386111 ] C:\Windows\SysWOW64\xmllite.dll

11:36:47.0120 4812 C:\Windows\SysWOW64\xmllite.dll - ok

11:36:47.0120 4812 [ F1278B3514EA6FA9BC39B20D26139AAC ] C:\Windows\SysWOW64\msiltcfg.dll

11:36:47.0120 4812 C:\Windows\SysWOW64\msiltcfg.dll - ok

11:36:47.0120 4812 [ 69754747274B76E7FAF287239333D7E6 ] C:\Windows\System32\msiltcfg.dll

11:36:47.0120 4812 C:\Windows\System32\msiltcfg.dll - ok

11:36:47.0136 4812 [ 3A16EA01FCFAAB40882DB5BFEE632322 ] C:\Windows\SysWOW64\msftedit.dll

11:36:47.0136 4812 C:\Windows\SysWOW64\msftedit.dll - ok

11:36:47.0136 4812 [ 1EAC1A8CA6874BF5B15E2EFB9A9A7B86 ] C:\Windows\System32\msftedit.dll

11:36:47.0136 4812 C:\Windows\System32\msftedit.dll - ok

11:36:47.0136 4812 [ 35AAE2E841AA1A949775168E119482C9 ] C:\Windows\SysWOW64\msls31.dll

11:36:47.0136 4812 C:\Windows\SysWOW64\msls31.dll - ok

11:36:47.0152 4812 [ 7FCAB194F01E3403C300EB034E480B36 ] C:\Windows\System32\msls31.dll

11:36:47.0152 4812 C:\Windows\System32\msls31.dll - ok

11:36:47.0152 4812 [ 7DBA84667DC18877AEF693E3543DFAD7 ] C:\Program Files\Common Files\Microsoft Shared\ink\tiptsf.dll

11:36:47.0152 4812 C:\Program Files\Common Files\Microsoft Shared\ink\tiptsf.dll - ok

11:36:47.0152 4812 [ CDD35C1CE1EBFE80C055691CDC8DF443 ] C:\Windows\SysWOW64\authui.dll

11:36:47.0152 4812 C:\Windows\SysWOW64\authui.dll - ok

11:36:47.0167 4812 [ 28CA821606669BB9215CE010767720FA ] C:\Windows\SysWOW64\cryptui.dll

11:36:47.0167 4812 C:\Windows\SysWOW64\cryptui.dll - ok

11:36:47.0167 4812 [ B4C246614645A02B4B31FBBAB3933994 ] C:\Windows\System32\igfxtray.exe

11:36:47.0167 4812 C:\Windows\System32\igfxtray.exe - ok

11:36:47.0167 4812 [ 652B60C9C4D5391FF0970B9086702E8F ] C:\Windows\System32\ieframe.dll

11:36:47.0167 4812 C:\Windows\System32\ieframe.dll - ok

11:36:47.0183 4812 [ F146E2BA475893DD77B2370DC1211FC6 ] C:\Windows\System32\drivers\49389785.sys

11:36:47.0183 4812 C:\Windows\System32\drivers\49389785.sys - ok

11:36:47.0183 4812 [ CD67A4A62C98DEFA693A4D79EB8282BC ] C:\Windows\SysWOW64\en-US\kernel32.dll.mui

11:36:47.0183 4812 C:\Windows\SysWOW64\en-US\kernel32.dll.mui - ok

11:36:47.0198 4812 [ 302052B0DECC6B5C9B9674B8130688C8 ] C:\Windows\System32\hkcmd.exe

11:36:47.0198 4812 C:\Windows\System32\hkcmd.exe - ok

11:36:47.0198 4812 [ DEC9EFC0232630A023F239F30E893364 ] C:\Windows\System32\hccutils.dll

11:36:47.0198 4812 C:\Windows\System32\hccutils.dll - ok

11:36:47.0198 4812 [ 20EAAD688308955DF09DCA40E24FB7EC ] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe

11:36:47.0198 4812 C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe - ok

11:36:47.0214 4812 [ 102CF6879887BBE846A00C459E6D4ABC ] C:\Windows\SysWOW64\riched20.dll

11:36:47.0214 4812 C:\Windows\SysWOW64\riched20.dll - ok

11:36:47.0214 4812 [ 8EF9E7CABAD4E1CB881F8BA8124EB226 ] C:\Windows\System32\igfxsrvc.exe

11:36:47.0214 4812 C:\Windows\System32\igfxsrvc.exe - ok

11:36:47.0230 4812 [ E2A17BCC08D92F42E08AF6BA2F93ABA7 ] C:\Windows\SysWOW64\ExplorerFrame.dll

11:36:47.0230 4812 C:\Windows\SysWOW64\ExplorerFrame.dll - ok

11:36:47.0230 4812 [ D205C24A9D069049FE2DF2A1B38726A7 ] C:\Windows\SysWOW64\wdmaud.drv

11:36:47.0230 4812 C:\Windows\SysWOW64\wdmaud.drv - ok

11:36:47.0230 4812 [ 139D3AB6AA920C34C50CBFFB9EB7D222 ] C:\Windows\SysWOW64\avrt.dll

11:36:47.0230 4812 C:\Windows\SysWOW64\avrt.dll - ok

11:36:47.0245 4812 [ 6E1F8165C365D35C8E3C045AF0CDD481 ] C:\Windows\SysWOW64\duser.dll

11:36:47.0245 4812 C:\Windows\SysWOW64\duser.dll - ok

11:36:47.0245 4812 [ 5E20992CC504102E5460C3D7C73806A9 ] C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe

11:36:47.0245 4812 C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe - ok

11:36:47.0245 4812 [ EE06B85BC69F18826302348A2AD089E0 ] C:\Windows\SysWOW64\dui70.dll

11:36:47.0245 4812 C:\Windows\SysWOW64\dui70.dll - ok

11:36:47.0261 4812 [ C940F2F5C60B3727C5F18840735B229C ] C:\Windows\SysWOW64\AudioSes.dll

11:36:47.0261 4812 C:\Windows\SysWOW64\AudioSes.dll - ok

11:36:47.0261 4812 [ 86B5FF963BE36DC3C9CC39EEA887EAFE ] C:\Windows\System32\igfxsrvc.dll

11:36:47.0261 4812 C:\Windows\System32\igfxsrvc.dll - ok

11:36:47.0261 4812 [ 8971731D7F7BB9851203FA3DB0E43279 ] C:\Windows\System32\igfxrjpn.lrc

11:36:47.0261 4812 C:\Windows\System32\igfxrjpn.lrc - ok

11:36:47.0276 4812 [ 95B1ED366B6A84850AA0AF8E9E958DB8 ] C:\Windows\System32\igfxress.dll

11:36:47.0276 4812 C:\Windows\System32\igfxress.dll - ok

11:36:47.0276 4812 [ 5C3F9DBA818CD93379D1A0F215270374 ] C:\Windows\SysWOW64\esent.dll

11:36:47.0276 4812 C:\Windows\SysWOW64\esent.dll - ok

11:36:47.0276 4812 [ 220159496484D34009DE71CA1A68E0D4 ] C:\Windows\System32\wbem\NCProv.dll

11:36:47.0276 4812 C:\Windows\System32\wbem\NCProv.dll - ok

11:36:47.0292 4812 [ 54A47F6B5E09A77E61649109C6A08866 ] C:\Windows\SysWOW64\svchost.exe

11:36:47.0292 4812 C:\Windows\SysWOW64\svchost.exe - ok

11:36:47.0292 4812 [ 899DD0F1C1D4FBD65E15C5A9C177F886 ] C:\Windows\SysWOW64\en-US\AudioSes.dll.mui

11:36:47.0292 4812 C:\Windows\SysWOW64\en-US\AudioSes.dll.mui - ok

11:36:47.0292 4812 [ 4C2C4640BF23AAFCF90519E0F34436CE ] C:\Windows\System32\DeviceCenter.dll

11:36:47.0292 4812 C:\Windows\System32\DeviceCenter.dll - ok

11:36:47.0308 4812 [ 6D137963730144698CBD10F202E9F251 ] C:\Windows\System32\wersvc.dll

11:36:47.0308 4812 C:\Windows\System32\wersvc.dll - ok

11:36:47.0308 4812 [ 522B0466ED967A0762E9AF5B37D8F40A ] C:\Windows\System32\esent.dll

11:36:47.0308 4812 C:\Windows\System32\esent.dll - ok

11:36:47.0308 4812 [ 8B285BDAB7735FDFB18E6F7122923B77 ] C:\Windows\SysWOW64\UIAnimation.dll

11:36:47.0308 4812 C:\Windows\SysWOW64\UIAnimation.dll - ok

11:36:47.0323 4812 [ 07393A09C46083588E751B63B03C8301 ] C:\Windows\SysWOW64\msacm32.drv

11:36:47.0323 4812 C:\Windows\SysWOW64\msacm32.drv - ok

11:36:47.0323 4812 [ 04CB7C8FDC6D9640DD82A527208F72C4 ] C:\Windows\System32\UIAnimation.dll

11:36:47.0323 4812 C:\Windows\System32\UIAnimation.dll - ok

11:36:47.0323 4812 [ D03DDC67CACF37DAEF70E7FF41DE089C ] C:\Windows\System32\igfxpers.exe

11:36:47.0323 4812 C:\Windows\System32\igfxpers.exe - ok

11:36:47.0339 4812 [ 912649A1B3F9E6ACB3899FBDABA2ED5F ] C:\Windows\SysWOW64\stobject.dll

11:36:47.0339 4812 C:\Windows\SysWOW64\stobject.dll - ok

11:36:47.0339 4812 [ C3761661C17C2248A9379A8FB89E3DE1 ] C:\Windows\System32\stobject.dll

11:36:47.0339 4812 C:\Windows\System32\stobject.dll - ok

11:36:47.0339 4812 [ 67C1B58706B47EEBA4E117AC197289E6 ] C:\Windows\SysWOW64\batmeter.dll

11:36:47.0339 4812 C:\Windows\SysWOW64\batmeter.dll - ok

11:36:47.0339 4812 [ 0E85C11F8850D524B02181C6E02BA9AE ] C:\Windows\SysWOW64\dsound.dll

11:36:47.0339 4812 C:\Windows\SysWOW64\dsound.dll - ok

11:36:47.0354 4812 [ F832EEEA97CDDA1AF577E721F652A0D1 ] C:\Windows\System32\batmeter.dll

11:36:47.0354 4812 C:\Windows\System32\batmeter.dll - ok

11:36:47.0354 4812 [ 5A12C364AD1D4FCC0AD0E56DBBC34462 ] C:\Windows\SysWOW64\midimap.dll

11:36:47.0354 4812 C:\Windows\SysWOW64\midimap.dll - ok

11:36:47.0354 4812 [ ACD88DB968EC69740EEC6DF61B778493 ] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe

11:36:47.0354 4812 C:\Program Files\Synaptics\SynTP\SynTPEnh.exe - ok

11:36:47.0370 4812 [ F6916EFC29D9953D5D0DF06882AE8E16 ] C:\Windows\SysWOW64\es.dll

11:36:47.0370 4812 C:\Windows\SysWOW64\es.dll - ok

11:36:47.0370 4812 [ D1BBE227367ED791D5FCF08E132D2956 ] C:\Windows\SysWOW64\opengl32.dll

11:36:47.0370 4812 C:\Windows\SysWOW64\opengl32.dll - ok

11:36:47.0370 4812 [ 3222C43F2B8BCA7F4BFE4434C3A8EA89 ] C:\Program Files (x86)\Sony\Content Manager Assistant\CMA.exe

11:36:47.0370 4812 C:\Program Files (x86)\Sony\Content Manager Assistant\CMA.exe - ok

11:36:47.0386 4812 [ C8333F1F77A1B2E25F2202E892CAF634 ] C:\Windows\SysWOW64\prnfldr.dll

11:36:47.0386 4812 C:\Windows\SysWOW64\prnfldr.dll - ok

11:36:47.0386 4812 [ 1E7E20AEB43FF4F93F291F2241C22B04 ] C:\Windows\System32\igfxdev.dll

11:36:47.0386 4812 C:\Windows\System32\igfxdev.dll - ok

11:36:47.0386 4812 [ 2D2A6EC8EAD30EC3ACE2FD6FB1B3E122 ] C:\Windows\System32\prnfldr.dll

11:36:47.0386 4812 C:\Windows\System32\prnfldr.dll - ok

11:36:47.0386 4812 [ DE3897365B04C4DA1CF8FF725577C082 ] C:\Windows\SysWOW64\glu32.dll

11:36:47.0386 4812 C:\Windows\SysWOW64\glu32.dll - ok

11:36:47.0401 4812 [ 96C0E38905CFD788313BE8E11DAE3F2F ] C:\Windows\SysWOW64\cryptsvc.dll

11:36:47.0401 4812 C:\Windows\SysWOW64\cryptsvc.dll - ok

11:36:47.0401 4812 [ 642725C62F565DCC3697885EE72BCB32 ] C:\Windows\SysWOW64\en-US\glu32.dll.mui

11:36:47.0401 4812 C:\Windows\SysWOW64\en-US\glu32.dll.mui - ok

11:36:47.0401 4812 [ F0474296AC4E0E6BDE733C1B8513E41A ] C:\Program Files\Acer\Acer ePower Management\ePowerTray.exe

11:36:47.0401 4812 C:\Program Files\Acer\Acer ePower Management\ePowerTray.exe - ok

11:36:47.0417 4812 [ 42A9CB6906D9A8BEDC83B57163E62924 ] C:\Windows\System32\DXP.dll

11:36:47.0417 4812 C:\Windows\System32\DXP.dll - ok

11:36:47.0417 4812 [ 9315293B5F47E1BDEBCAFF53F279C1BF ] C:\Windows\SysWOW64\en-US\prnfldr.dll.mui

11:36:47.0417 4812 C:\Windows\SysWOW64\en-US\prnfldr.dll.mui - ok

11:36:47.0417 4812 [ 1E7F7800F2EE1F15D866D7AAFF7B1EE5 ] C:\Windows\SysWOW64\en-US\oledlg.dll.mui

11:36:47.0417 4812 C:\Windows\SysWOW64\en-US\oledlg.dll.mui - ok

11:36:47.0432 4812 [ C13B42E5692C98A2660135E4BEB26A1A ] C:\Users\Heavy Metal Miku\AppData\Roaming\SanDisk\Sansa Updater\SansaDispatch.exe

11:36:47.0432 4812 C:\Users\Heavy Metal Miku\AppData\Roaming\SanDisk\Sansa Updater\SansaDispatch.exe - ok

11:36:47.0432 4812 [ 856CFFCD835528136367BB1A8FE1DB87 ] C:\Windows\SysWOW64\Syncreg.dll

11:36:47.0432 4812 C:\Windows\SysWOW64\Syncreg.dll - ok

11:36:47.0432 4812 [ 08F41D439573071E0D9559A87B3B4A63 ] C:\Program Files\Acer\Acer ePower Management\BrightnessControl.dll

11:36:47.0432 4812 C:\Program Files\Acer\Acer ePower Management\BrightnessControl.dll - ok

11:36:47.0448 4812 [ 2BC7C9FD0A9F2C9AFC373F3AD1EE3891 ] C:\Windows\System32\Syncreg.dll

11:36:47.0448 4812 C:\Windows\System32\Syncreg.dll - ok

11:36:47.0448 4812 [ 9110FFAD124283F37D38771BB60556AF ] C:\Windows\System32\dsound.dll

11:36:47.0448 4812 C:\Windows\System32\dsound.dll - ok

11:36:47.0448 4812 [ 4180FFF15CA42F5C36085BBB3B6742B0 ] C:\Windows\SysWOW64\SynCOM.dll

11:36:47.0448 4812 C:\Windows\SysWOW64\SynCOM.dll - ok

11:36:47.0464 4812 [ 672D7C5080ACB003343006405DA2E621 ] C:\Windows\SysWOW64\thumbcache.dll

11:36:47.0464 4812 C:\Windows\SysWOW64\thumbcache.dll - ok

11:36:47.0464 4812 [ C652C08AF20258449EC350FD5568AAB0 ] C:\Windows\System32\en-US\dxp.dll.mui

11:36:47.0464 4812 C:\Windows\System32\en-US\dxp.dll.mui - ok

11:36:47.0464 4812 [ 0805289E121F3E3C458C970B08314EB2 ] C:\Windows\System32\RtkCfg64.dll

11:36:47.0464 4812 C:\Windows\System32\RtkCfg64.dll - ok

11:36:47.0479 4812 [ 24F4B480F335A6C724AF352253C5D98B ] C:\Windows\System32\thumbcache.dll

11:36:47.0479 4812 C:\Windows\System32\thumbcache.dll - ok

11:36:47.0479 4812 [ 1F27643C4C626457FCE8F047AE1CD7E1 ] C:\Windows\SysWOW64\dxva2.dll

11:36:47.0479 4812 C:\Windows\SysWOW64\dxva2.dll - ok

11:36:47.0479 4812 [ 79DE9216B4800813CC3EFA8048F7B038 ] C:\Windows\SysWOW64\mmres.dll

11:36:47.0479 4812 C:\Windows\SysWOW64\mmres.dll - ok

11:36:47.0479 4812 [ 585FED4CDB8034B8B58AEB8008255817 ] C:\Windows\System32\opengl32.dll

11:36:47.0479 4812 C:\Windows\System32\opengl32.dll - ok

11:36:47.0495 4812 [ 732FCC47D7F3C83AB464D8953825CBAC ] C:\Windows\System32\SynTPAPI.dll

11:36:47.0495 4812 C:\Windows\System32\SynTPAPI.dll - ok

11:36:47.0495 4812 [ C836175870E00ACC546066632E15BD10 ] C:\Windows\ehome\ehSSO.dll

11:36:47.0495 4812 C:\Windows\ehome\ehSSO.dll - ok

11:36:47.0495 4812 [ C73AD671B6516DBBA2721E1A1395C116 ] C:\Program Files\Acer\Acer ePower Management\CommonControl.dll

11:36:47.0495 4812 C:\Program Files\Acer\Acer ePower Management\CommonControl.dll - ok

11:36:47.0510 4812 [ 105CFE016CCB20175BEACEC146F175AB ] C:\Windows\System32\IccLibDll_x64.dll

11:36:47.0510 4812 C:\Windows\System32\IccLibDll_x64.dll - ok

11:36:47.0510 4812 [ BBA9D5A730D5E304117AD26923EBD8AA ] C:\Windows\SysWOW64\AudioEng.dll

11:36:47.0510 4812 C:\Windows\SysWOW64\AudioEng.dll - ok

11:36:47.0510 4812 [ F2967C0A97C0EA67D79D7F557213950D ] C:\Windows\System32\glu32.dll

11:36:47.0510 4812 C:\Windows\System32\glu32.dll - ok

11:36:47.0510 4812 [ D4F264FE23F8953D840904418220C15E ] C:\Windows\SysWOW64\dxgi.dll

11:36:47.0510 4812 C:\Windows\SysWOW64\dxgi.dll - ok

11:36:47.0526 4812 [ 5BBC10542EB70D60E3E659B8440399C2 ] C:\Program Files\Synaptics\SynTP\SynZMetr.exe

11:36:47.0526 4812 C:\Program Files\Synaptics\SynTP\SynZMetr.exe - ok

11:36:47.0526 4812 [ C746F3BF98E92FB137B5BD2B8B5925BD ] C:\Windows\System32\FXSST.dll

11:36:47.0526 4812 C:\Windows\System32\FXSST.dll - ok

11:36:47.0526 4812 [ 2BE75D317951D3B0119638D247EE3D5C ] C:\Program Files\Synaptics\SynTP\SynMood.exe

11:36:47.0526 4812 C:\Program Files\Synaptics\SynTP\SynMood.exe - ok

11:36:47.0542 4812 [ A6C09924C6730DE8DEED9890A12AA691 ] C:\Windows\System32\ddraw.dll

11:36:47.0542 4812 C:\Windows\System32\ddraw.dll - ok

11:36:47.0542 4812 [ 942E57152F1CD0533644AB30EF1A4728 ] C:\Windows\SysWOW64\FXSAPI.dll

11:36:47.0542 4812 C:\Windows\SysWOW64\FXSAPI.dll - ok

11:36:47.0542 4812 [ 650CAEA856943E29F25A25D31E004B18 ] C:\Windows\System32\FXSAPI.dll

11:36:47.0542 4812 C:\Windows\System32\FXSAPI.dll - ok

11:36:47.0557 4812 [ 8B211FFCCC2C08DDC0FD023E70A13DD8 ] C:\Windows\System32\R4EEA64A.dll

11:36:47.0557 4812 C:\Windows\System32\R4EEA64A.dll - ok

11:36:47.0557 4812 [ C4096CA42199428B3D63DC206C197F0E ] C:\Windows\SysWOW64\FXSRESM.dll

11:36:47.0557 4812 C:\Windows\SysWOW64\FXSRESM.dll - ok

11:36:47.0557 4812 [ 29C22748937F45C26590909E9F8E7137 ] C:\Windows\System32\dciman32.dll

11:36:47.0557 4812 C:\Windows\System32\dciman32.dll - ok

11:36:47.0573 4812 [ B2B3DAE040F6B5AE1DF52B0CD7631A18 ] C:\Windows\SysWOW64\AltTab.dll

11:36:47.0573 4812 C:\Windows\SysWOW64\AltTab.dll - ok

11:36:47.0573 4812 [ E424B3EF666B184CEE0B6871AAA8C9F6 ] C:\Windows\System32\msimg32.dll

11:36:47.0573 4812 C:\Windows\System32\msimg32.dll - ok

11:36:47.0573 4812 [ C8E8B8239FCF17BEA10E751BE5854631 ] C:\Windows\System32\FXSRESM.dll

11:36:47.0573 4812 C:\Windows\System32\FXSRESM.dll - ok

11:36:47.0573 4812 [ C18CC13B289A6025E6BF657A3C9D0746 ] C:\Program Files\Synaptics\SynTP\SynTPHelper.exe

11:36:47.0573 4812 C:\Program Files\Synaptics\SynTP\SynTPHelper.exe - ok

11:36:47.0588 4812 [ 263E9A047D17CD50BAA9D3C02910D18D ] C:\Windows\System32\oledlg.dll

11:36:47.0588 4812 C:\Windows\System32\oledlg.dll - ok

11:36:47.0588 4812 [ 3D57FFBAD3ED16B63DE3879BAB0FB56F ] C:\Windows\SysWOW64\networkexplorer.dll

11:36:47.0588 4812 C:\Windows\SysWOW64\networkexplorer.dll - ok

11:36:47.0588 4812 [ DE066239FEAB3DB5EF14429EBA175D62 ] C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll

11:36:47.0588 4812 C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll - ok

11:36:47.0604 4812 [ 405F4D32D2185F1F1BD753D8EEAFFB3A ] C:\Windows\System32\networkexplorer.dll

11:36:47.0604 4812 C:\Windows\System32\networkexplorer.dll - ok

11:36:47.0604 4812 [ ADB45A977BD9E45790CA496DB84BA148 ] C:\Windows\SysWOW64\PortableDeviceTypes.dll

11:36:47.0604 4812 C:\Windows\SysWOW64\PortableDeviceTypes.dll - ok

11:36:47.0604 4812 [ F840FDC9B97D4A4B898A32AE2F6791AB ] C:\Program Files\AVAST Software\Avast\AvastBCL-Sfx.exe

11:36:47.0604 4812 C:\Program Files\AVAST Software\Avast\AvastBCL-Sfx.exe - ok

11:36:47.0620 4812 [ 3D6F22551D422F97AACB0BB927E4C846 ] C:\Windows\SysWOW64\pnidui.dll

11:36:47.0620 4812 C:\Windows\SysWOW64\pnidui.dll - ok

11:36:47.0620 4812 [ 3701E4B5918D3AF0054C3F4E58340C45 ] C:\Program Files\AVAST Software\Avast\asulaunch.exe

11:36:47.0620 4812 C:\Program Files\AVAST Software\Avast\asulaunch.exe - ok

11:36:47.0620 4812 [ BD626EF05967D14C772B8096292731A3 ] C:\Windows\SysWOW64\QUTIL.DLL

11:36:47.0620 4812 C:\Windows\SysWOW64\QUTIL.DLL - ok

11:36:47.0635 4812 [ A21E91366EDC8ABD10142C533546C54F ] C:\Windows\System32\GfxUI.exe

11:36:47.0635 4812 C:\Windows\System32\GfxUI.exe - ok

11:36:47.0635 4812 [ 3439ACA52CE19DFEEB26E2316983AB4B ] C:\Windows\System32\SynCOM.dll

11:36:47.0635 4812 C:\Windows\System32\SynCOM.dll - ok

11:36:47.0635 4812 [ E429410581E60535B555DDA729424885 ] C:\Program Files (x86)\DuckLink\DuckCapture\DuckCapture.exe

11:36:47.0635 4812 C:\Program Files (x86)\DuckLink\DuckCapture\DuckCapture.exe - ok

11:36:47.0651 4812 [ 735263DA17BF5BAF9CCD483843BF9D5A ] C:\Windows\SysWOW64\WPDShServiceObj.dll

11:36:47.0651 4812 C:\Windows\SysWOW64\WPDShServiceObj.dll - ok

11:36:47.0651 4812 [ C8FDF0FA9E97E2FAAF3F814716AAA881 ] C:\Windows\System32\WPDShServiceObj.dll

11:36:47.0651 4812 C:\Windows\System32\WPDShServiceObj.dll - ok

11:36:47.0651 4812 [ 674B0C0F6A448EB185CAAB9C51D44032 ] C:\Windows\SysWOW64\srchadmin.dll

11:36:47.0651 4812 C:\Windows\SysWOW64\srchadmin.dll - ok

11:36:47.0666 4812 [ 7B7ADA3DC8CDB3C820DF7C9B208DB0D5 ] C:\Program Files\AVAST Software\Avast\Setup\INF\v5\aswnet.sys

11:36:47.0666 4812 C:\Program Files\AVAST Software\Avast\Setup\INF\v5\aswnet.sys - ok

11:36:47.0666 4812 [ E7368F0A8D19445EAF5C5D0DBB8B8DAB ] C:\Windows\System32\AltTab.dll

11:36:47.0666 4812 C:\Windows\System32\AltTab.dll - ok

11:36:47.0666 4812 [ 4F3CD1C59EA71401E155C432BCECE180 ] C:\Windows\System32\PortableDeviceTypes.dll

11:36:47.0666 4812 C:\Windows\System32\PortableDeviceTypes.dll - ok

11:36:47.0666 4812 [ E3D5E244807AD655787FCD25477CC1BC ] C:\Windows\SysWOW64\bthprops.cpl

11:36:47.0666 4812 C:\Windows\SysWOW64\bthprops.cpl - ok

11:36:47.0682 4812 [ 140D9F911182357626165EA0BEB98C4F ] C:\Windows\SysWOW64\ncsi.dll

11:36:47.0682 4812 C:\Windows\SysWOW64\ncsi.dll - ok

11:36:47.0682 4812 [ 10F815BE90A66AAFC6C713D1BD626064 ] C:\Windows\System32\pnidui.dll

11:36:47.0682 4812 C:\Windows\System32\pnidui.dll - ok

11:36:47.0682 4812 [ B2742EA6ED844D747E2348A504E491CB ] C:\Windows\System32\dxva2.dll

11:36:47.0682 4812 C:\Windows\System32\dxva2.dll - ok

11:36:47.0698 4812 [ A25D6C5DD53F2F85F6E3FC7EC93ECFCF ] C:\Program Files (x86)\DuckLink\DuckCapture\QtSolutions_SingleApplication-head.dll

11:36:47.0698 4812 C:\Program Files (x86)\DuckLink\DuckCapture\QtSolutions_SingleApplication-head.dll - ok

11:36:47.0698 4812 [ 3DC9AD47BAA02C954E965063737B477B ] C:\Program Files (x86)\DuckLink\DuckCapture\QtGui4.dll

11:36:47.0698 4812 C:\Program Files (x86)\DuckLink\DuckCapture\QtGui4.dll - ok

11:36:47.0698 4812 [ B9F0A4020AA98B7A20287BF7FE99A1FD ] C:\Windows\System32\QUTIL.DLL

11:36:47.0698 4812 C:\Windows\System32\QUTIL.DLL - ok

11:36:47.0713 4812 [ 5EA9A0950F322BFA382AF277801C0307 ] C:\Windows\System32\wbem\wmipcima.dll

11:36:47.0713 4812 C:\Windows\System32\wbem\wmipcima.dll - ok

11:36:47.0713 4812 [ 82C089EA2A3EEFADF3588EA71E8BDADA ] C:\Windows\SysWOW64\wevtapi.dll

11:36:47.0713 4812 C:\Windows\SysWOW64\wevtapi.dll - ok

11:36:47.0713 4812 [ 465DBF63A5049E4DB4BC5C12FFE781CB ] C:\Windows\SysWOW64\tquery.dll

11:36:47.0713 4812 C:\Windows\SysWOW64\tquery.dll - ok

11:36:47.0729 4812 [ BB7481A1306823D1B6592263F1AB8DD7 ] C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\updaterstartuputility.exe

11:36:47.0729 4812 C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\updaterstartuputility.exe - ok

11:36:47.0729 4812 [ DBEFD454F8318A0EF691FDD2EAAB44EB ] C:\Windows\System32\FXSSVC.exe

11:36:47.0729 4812 C:\Windows\System32\FXSSVC.exe - ok

11:36:47.0729 4812 [ 72910F1DEB838E6E08A9017BFB7D4F0B ] C:\Windows\SysWOW64\browcli.dll

11:36:47.0729 4812 C:\Windows\SysWOW64\browcli.dll - ok

11:36:47.0744 4812 [ 8569E35D00F45972E506502EEE622BA4 ] C:\Windows\System32\srchadmin.dll

11:36:47.0744 4812 C:\Windows\System32\srchadmin.dll - ok

11:36:47.0744 4812 [ A42E7748BE906434C5FD17161D168C20 ] C:\Windows\SysWOW64\schedcli.dll

11:36:47.0744 4812 C:\Windows\SysWOW64\schedcli.dll - ok

11:36:47.0744 4812 [ 1CBF15FDB0310345A68972EB5C5B948F ] C:\Windows\SysWOW64\mssprxy.dll

11:36:47.0744 4812 C:\Windows\SysWOW64\mssprxy.dll - ok

11:36:47.0760 4812 [ F7A256EC899C72B4ECDD2C02CB592EFD ] C:\Windows\System32\bthprops.cpl

11:36:47.0760 4812 C:\Windows\System32\bthprops.cpl - ok

11:36:47.0760 4812 [ 4FB491AC8D46AAF22BA8BC5C73DABEF7 ] C:\Windows\SysWOW64\wbem\WmiPrvSE.exe

11:36:47.0760 4812 C:\Windows\SysWOW64\wbem\WmiPrvSE.exe - ok

11:36:47.0760 4812 [ 619A67C9F617B7E69315BB28ECD5E1DF ] C:\Windows\System32\wbem\WmiPrvSE.exe

11:36:47.0760 4812 C:\Windows\System32\wbem\WmiPrvSE.exe - ok

11:36:47.0776 4812 [ 81B31773039DD1FEDACE4FCA1E5A45ED ] C:\Program Files (x86)\Common Files\microsoft shared\Virtualization Handler\ProtocolHandlerPS.dll

11:36:47.0776 4812 C:\Program Files (x86)\Common Files\microsoft shared\Virtualization Handler\ProtocolHandlerPS.dll - ok

11:36:47.0776 4812 [ 44C88CDCD9BDA038DF41333C60624824 ] C:\Program Files (x86)\DuckLink\DuckCapture\QtCore4.dll

11:36:47.0776 4812 C:\Program Files (x86)\DuckLink\DuckCapture\QtCore4.dll - ok

11:36:47.0776 4812 [ 9C67F6BBDA3881CFD02095160CF91576 ] C:\Windows\SysWOW64\ksuser.dll

11:36:47.0776 4812 C:\Windows\SysWOW64\ksuser.dll - ok

11:36:47.0791 4812 [ DF868412F45988D2A262A85CB8ED9043 ] C:\Program Files (x86)\Common Files\microsoft shared\Virtualization Handler\OWSSuppPS.dll

11:36:47.0791 4812 C:\Program Files (x86)\Common Files\microsoft shared\Virtualization Handler\OWSSuppPS.dll - ok

11:36:47.0791 4812 [ 236F286E103FD44BD85FDD93097FD5DD ] C:\Windows\SysWOW64\SearchIndexer.exe

11:36:47.0791 4812 C:\Windows\SysWOW64\SearchIndexer.exe - ok

11:36:47.0791 4812 [ D39DA70FEA6BD713682F70635587DA9E ] C:\Windows\SysWOW64\rasdlg.dll

11:36:47.0791 4812 C:\Windows\SysWOW64\rasdlg.dll - ok

11:36:47.0791 4812 [ E0B340996A41C9A75DFA3B99BBA9C500 ] C:\Windows\System32\SearchIndexer.exe

11:36:47.0791 4812 C:\Windows\System32\SearchIndexer.exe - ok

11:36:47.0807 4812 [ 6607C2182C6A53ED983813AFE2F85768 ] C:\Windows\System32\wbem\cimwin32.dll

11:36:47.0807 4812 C:\Windows\System32\wbem\cimwin32.dll - ok

11:36:47.0807 4812 [ D2155709E336C3BC15729EB87FEC6064 ] C:\Windows\System32\rasdlg.dll

11:36:47.0807 4812 C:\Windows\System32\rasdlg.dll - ok

11:36:47.0807 4812 [ 8B968045D75783A09592C3105F2865DA ] C:\Users\Heavy Metal Miku\Desktop\dds.scr

11:36:47.0807 4812 C:\Users\Heavy Metal Miku\Desktop\dds.scr - ok

11:36:47.0822 4812 [ 0241CB16136B9A4939CA0395768AE286 ] C:\Windows\SysWOW64\mssrch.dll

11:36:47.0822 4812 C:\Windows\SysWOW64\mssrch.dll - ok

11:36:47.0822 4812 [ D4191EFAB91E00FC09257AA5EBAF503B ] C:\Windows\SysWOW64\mprapi.dll

11:36:47.0822 4812 C:\Windows\SysWOW64\mprapi.dll - ok

11:36:47.0822 4812 [ D0481FB85BEEDD30A0884BE327880F80 ] C:\Windows\SysWOW64\framedynos.dll

11:36:47.0822 4812 C:\Windows\SysWOW64\framedynos.dll - ok

11:36:47.0838 4812 [ 2DF29664ED261F0FC448E58F338F0671 ] C:\Windows\System32\mprapi.dll

11:36:47.0838 4812 C:\Windows\System32\mprapi.dll - ok

11:36:47.0838 4812 [ E94037020D973D8CE196ADAA264BB19E ] C:\Program Files (x86)\DAEMON Tools Lite\DTCommonRes.dll

11:36:47.0838 4812 C:\Program Files (x86)\DAEMON Tools Lite\DTCommonRes.dll - ok

11:36:47.0838 4812 [ 839F96DBAAFD3353E0B248A5E0BD2A51 ] C:\Windows\SysWOW64\rasapi32.dll

11:36:47.0838 4812 C:\Windows\SysWOW64\rasapi32.dll - ok

11:36:47.0854 4812 [ FFA7172354B9256DBB2CDD75F16F33FE ] C:\Windows\SysWOW64\rasman.dll

11:36:47.0854 4812 C:\Windows\SysWOW64\rasman.dll - ok

11:36:47.0854 4812 [ CDD9EF69189F21AB3F73789DE741D35D ] C:\Program Files (x86)\DuckLink\DuckCapture\QtNetwork4.dll

11:36:47.0854 4812 C:\Program Files (x86)\DuckLink\DuckCapture\QtNetwork4.dll - ok

11:36:47.0854 4812 [ 0915C4DB6DBC3BB9E11B7ECBBE4B7159 ] C:\Windows\SysWOW64\rtutils.dll

11:36:47.0854 4812 C:\Windows\SysWOW64\rtutils.dll - ok

11:36:47.0869 4812 [ 7619D9ABB017DEBB29D0793A9C2B64A8 ] C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe

11:36:47.0869 4812 C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe - ok

11:36:47.0869 4812 [ 86AE7188850AB20FABD2DAF562EAF731 ] C:\Program Files (x86)\DuckLink\DuckCapture\DuckCore.dll

11:36:47.0869 4812 C:\Program Files (x86)\DuckLink\DuckCapture\DuckCore.dll - ok

11:36:47.0869 4812 [ 71C4F42DC8DB668E826DA79462EA741E ] C:\Windows\SysWOW64\KBDUS.DLL

11:36:47.0869 4812 C:\Windows\SysWOW64\KBDUS.DLL - ok

11:36:47.0885 4812 [ 1484B9EBF567346582DE571B0E164AE0 ] C:\Windows\System32\framedynos.dll

11:36:47.0885 4812 C:\Windows\System32\framedynos.dll - ok

11:36:47.0885 4812 [ 81600E2E27ED61427AAD865B9BCDDB9D ] C:\Windows\SysWOW64\msidle.dll

11:36:47.0885 4812 C:\Windows\SysWOW64\msidle.dll - ok

11:36:47.0885 4812 [ 6FDF222B791EA2E12F54C320EADF28C4 ] C:\Program Files (x86)\Google\Chrome\Application\26.0.1410.64\pdf.dll

11:36:47.0885 4812 C:\Program Files (x86)\Google\Chrome\Application\26.0.1410.64\pdf.dll - ok

11:36:47.0900 4812 [ 0D360F06B168A6F37ACA9D9F958245DA ] C:\Program Files (x86)\NTI\Acer Backup Manager\BackupManagerTray.exe

11:36:47.0900 4812 C:\Program Files (x86)\NTI\Acer Backup Manager\BackupManagerTray.exe - ok

11:36:47.0900 4812 [ 6699A112A3BDC9B52338512894EBA9D6 ] C:\Program Files\Windows Media Player\wmpnscfg.exe

11:36:47.0900 4812 C:\Program Files\Windows Media Player\wmpnscfg.exe - ok

11:36:47.0900 4812 [ 48B5EA6C0CA4B0A788444224A40ED21F ] C:\Program Files (x86)\DuckLink\DuckCapture\QtSolutions_PropertyBrowser-head.dll

11:36:47.0900 4812 C:\Program Files (x86)\DuckLink\DuckCapture\QtSolutions_PropertyBrowser-head.dll - ok

11:36:47.0916 4812 [ AAE606B26B42AE596B2D9FBBD35A3A19 ] C:\Program Files (x86)\DAEMON Tools Lite\Engine.dll

11:36:47.0916 4812 C:\Program Files (x86)\DAEMON Tools Lite\Engine.dll - ok

11:36:47.0916 4812 [ 367EACCF8FE6FEF31FE79FCF68D4CDCE ] C:\Windows\System32\igfxext.exe

11:36:47.0916 4812 C:\Windows\System32\igfxext.exe - ok

11:36:47.0916 4812 [ BC83108B18756547013ED443B8CDB31B ] C:\Program Files (x86)\DuckLink\DuckCapture\msvcp100.dll

11:36:47.0916 4812 C:\Program Files (x86)\DuckLink\DuckCapture\msvcp100.dll - ok

11:36:47.0932 4812 [ E9117F0FB2403B8188E7863662F23946 ] C:\Program Files (x86)\DuckLink\DuckCapture\QtScript4.dll

11:36:47.0932 4812 C:\Program Files (x86)\DuckLink\DuckCapture\QtScript4.dll - ok

11:36:47.0932 4812 [ 0E37FBFA79D349D672456923EC5FBBE3 ] C:\Program Files (x86)\DuckLink\DuckCapture\msvcr100.dll

11:36:47.0932 4812 C:\Program Files (x86)\DuckLink\DuckCapture\msvcr100.dll - ok

11:36:47.0932 4812 [ C02AA67276FEE0C15CC4D6D616BDE95E ] C:\Windows\SysWOW64\WWanAPI.dll

11:36:47.0932 4812 C:\Windows\SysWOW64\WWanAPI.dll - ok

11:36:47.0947 4812 [ E6CC0FA3C1040C791EB3F4BA6C789411 ] C:\Dolby PCEE4\pcee4.exe

11:36:47.0947 4812 C:\Dolby PCEE4\pcee4.exe - ok

11:36:47.0947 4812 [ 5DA219F57A9076FB6FBD3C9C3713A672 ] C:\Windows\System32\WWanAPI.dll

11:36:47.0947 4812 C:\Windows\System32\WWanAPI.dll - ok

11:36:47.0947 4812 [ 589DF683A6C81424A6CECE52ABF98A50 ] C:\Windows\System32\tquery.dll

11:36:47.0947 4812 C:\Windows\System32\tquery.dll - ok

11:36:47.0963 4812 [ C7494C67A6BF6FE914808E42F8265FEF ] C:\Program Files\Windows Media Player\wmpnssci.dll

11:36:47.0963 4812 C:\Program Files\Windows Media Player\wmpnssci.dll - ok

11:36:47.0963 4812 [ 396C81DF1B349F60C893C6862A6DBAA9 ] C:\Windows\System32\igfxexps.dll

11:36:47.0963 4812 C:\Windows\System32\igfxexps.dll - ok

11:36:47.0963 4812 [ F2ED6D00921CA138289E5E0CCB9ABF87 ] C:\Windows\SysWOW64\wwapi.dll

11:36:47.0963 4812 C:\Windows\SysWOW64\wwapi.dll - ok

11:36:47.0978 4812 [ 62C7AACC746C9723468A8F2169ED3E85 ] C:\Windows\System32\wwapi.dll

11:36:47.0978 4812 C:\Windows\System32\wwapi.dll - ok

11:36:47.0978 4812 [ 3CB07566302BCEEB898DE270A0BEC175 ] C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe

11:36:47.0978 4812 C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe - ok

11:36:47.0978 4812 [ 02530B0B7E048DD5AC8D52DAEACAEB2B ] C:\Windows\SysWOW64\QAGENT.DLL

11:36:47.0978 4812 C:\Windows\SysWOW64\QAGENT.DLL - ok

11:36:47.0994 4812 [ FB063A7D64A5F67DE13EFAEA55E60FEB ] C:\Program Files (x86)\Google\Chrome\Application\26.0.1410.64\chrome.dll

11:36:47.0994 4812 C:\Program Files (x86)\Google\Chrome\Application\26.0.1410.64\chrome.dll - ok

11:36:47.0994 4812 [ 8D6276455E3F94AF22D06A4BE3A49429 ] C:\Program Files (x86)\Sony\Content Manager Assistant\CMAWatcher.exe

11:36:47.0994 4812 C:\Program Files (x86)\Sony\Content Manager Assistant\CMAWatcher.exe - ok

11:36:47.0994 4812 [ 6B851E682A36453E1B1EE297FFB6E2AB ] C:\Windows\System32\QAGENT.DLL

11:36:47.0994 4812 C:\Windows\System32\QAGENT.DLL - ok

11:36:48.0010 4812 [ 521202AA6F2B74FCCC6BC7E162109D71 ] C:\Windows\System32\wbem\unsecapp.exe

11:36:48.0010 4812 C:\Windows\System32\wbem\unsecapp.exe - ok

11:36:48.0010 4812 [ 2ADC102A6D92BFB1F092A1A165E24181 ] C:\Program Files (x86)\Launch Manager\LManager.exe

11:36:48.0010 4812 C:\Program Files (x86)\Launch Manager\LManager.exe - ok

11:36:48.0010 4812 [ EE373B29746ACF31267AAE3AD69A5885 ] C:\Program Files (x86)\DuckLink\DuckCapture\QtScriptTools4.dll

11:36:48.0010 4812 C:\Program Files (x86)\DuckLink\DuckCapture\QtScriptTools4.dll - ok

11:36:48.0025 4812 [ 311DC5224497C93AE966BAC37ACE0690 ] C:\Program Files (x86)\Google\Chrome\Application\26.0.1410.64\icudt.dll

11:36:48.0025 4812 C:\Program Files (x86)\Google\Chrome\Application\26.0.1410.64\icudt.dll - ok

11:36:48.0025 4812 [ BF0A9D0AA8706C5E694A63354DC7FDB2 ] C:\Program Files (x86)\NTI\Acer Backup Manager\LUInterface.dll

11:36:48.0025 4812 C:\Program Files (x86)\NTI\Acer Backup Manager\LUInterface.dll - ok

11:36:48.0025 4812 [ 7568CC720ACE4D03B84AF97817E745EF ] C:\Windows\System32\mssrch.dll

11:36:48.0025 4812 C:\Windows\System32\mssrch.dll - ok

11:36:48.0041 4812 [ 24400819CDAF1D018030BEEDD7B87046 ] C:\Program Files (x86)\DuckLink\DuckCapture\QxtGui.dll

11:36:48.0041 4812 C:\Program Files (x86)\DuckLink\DuckCapture\QxtGui.dll - ok

11:36:48.0041 4812 [ E0BBBB56A661B872A163CE3132F6FBA1 ] C:\Program Files (x86)\NTI\Acer Backup Manager\MUI\0409\Lang.dll

11:36:48.0041 4812 C:\Program Files (x86)\NTI\Acer Backup Manager\MUI\0409\Lang.dll - ok

11:36:48.0056 4812 [ CDC7236484FC0E35C66578ECE8139672 ] C:\Program Files (x86)\DuckLink\DuckCapture\QxtCore.dll

11:36:48.0056 4812 C:\Program Files (x86)\DuckLink\DuckCapture\QxtCore.dll - ok

11:36:48.0056 4812 [ D83947A58613E9091B4C9CC0F1546A8D ] C:\Windows\SysWOW64\mscoree.dll

11:36:48.0056 4812 C:\Windows\SysWOW64\mscoree.dll - ok

11:36:48.0056 4812 [ 4EA2353A8DE4F486F1DF9EBD1FCDD5AD ] C:\Program Files (x86)\Acer\clear.fi\Movie\clear.fiMovieService.exe

11:36:48.0056 4812 C:\Program Files (x86)\Acer\clear.fi\Movie\clear.fiMovieService.exe - ok

11:36:48.0072 4812 [ A9F3BFC9345F49614D5859EC95B9E994 ] C:\Program Files\Windows Media Player\wmpnetwk.exe

11:36:48.0072 4812 C:\Program Files\Windows Media Player\wmpnetwk.exe - ok

11:36:48.0072 4812 [ 3121A79D13A61562BE9CC902CD46B542 ] C:\Windows\System32\msidle.dll

11:36:48.0072 4812 C:\Windows\System32\msidle.dll - ok

11:36:48.0072 4812 [ 3C00870E9DC573EE2256243D84AEBB38 ] C:\Program Files (x86)\DuckLink\DuckCapture\plugins\imageformats\qgif4.dll

11:36:48.0072 4812 C:\Program Files (x86)\DuckLink\DuckCapture\plugins\imageformats\qgif4.dll - ok

11:36:48.0088 4812 [ ACE1BB07E0377E37A2C514CD2EC119B1 ] C:\Windows\System32\mssprxy.dll

11:36:48.0088 4812 C:\Windows\System32\mssprxy.dll - ok

11:36:48.0088 4812 [ A85A8813FE042C1D9B1FC70B7C0EE1C8 ] C:\Program Files (x86)\DuckLink\DuckCapture\plugins\imageformats\qico4.dll

11:36:48.0088 4812 C:\Program Files (x86)\DuckLink\DuckCapture\plugins\imageformats\qico4.dll - ok

11:36:48.0088 4812 [ 0A94DE4AA9864D312E60D747FD249ABE ] C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsec.dll

11:36:48.0088 4812 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsec.dll - ok

11:36:48.0103 4812 [ A2949E68F77A9A69646C9C6EAF5CDA89 ] C:\Program Files (x86)\DuckLink\DuckCapture\plugins\imageformats\qjpeg4.dll

11:36:48.0103 4812 C:\Program Files (x86)\DuckLink\DuckCapture\plugins\imageformats\qjpeg4.dll - ok

11:36:48.0103 4812 [ D35187E38B0BD6E116C2CE582CAC4273 ] C:\Program Files (x86)\EgisTec MyWinLockerSuite\x86\SuiteTray.exe

11:36:48.0103 4812 C:\Program Files (x86)\EgisTec MyWinLockerSuite\x86\SuiteTray.exe - ok

11:36:48.0119 4812 [ 43C9CF6825CEA58F1815B7C3DBBB385C ] C:\Windows\SysWOW64\Wpc.dll

11:36:48.0119 4812 C:\Windows\SysWOW64\Wpc.dll - ok

11:36:48.0119 4812 [ 8651ABE581848284D5370B8EEE6E6445 ] C:\Windows\assembly\NativeImages_v2.0.50727_64\PresentationFramewo#\c6a07bfaa9adcbdcf92f2f6412b5adee\PresentationFramework.ni.dll

11:36:48.0119 4812 C:\Windows\assembly\NativeImages_v2.0.50727_64\PresentationFramewo#\c6a07bfaa9adcbdcf92f2f6412b5adee\PresentationFramework.ni.dll - ok

11:36:48.0119 4812 [ E36112A8A6C7F840169A7E92C12F4203 ] C:\Windows\System32\wsock32.dll

11:36:48.0119 4812 C:\Windows\System32\wsock32.dll - ok

11:36:48.0134 4812 [ B63E24E9271E99FD4540E3CA22A937DA ] C:\Windows\SysWOW64\en-US\tquery.dll.mui

11:36:48.0134 4812 C:\Windows\SysWOW64\en-US\tquery.dll.mui - ok

11:36:48.0134 4812 [ 5BF8E37FA1E25227480F9CD2ACA21FB6 ] C:\Program Files (x86)\Google\Chrome\Application\26.0.1410.64\d3dcompiler_46.dll

11:36:48.0134 4812 C:\Program Files (x86)\Google\Chrome\Application\26.0.1410.64\d3dcompiler_46.dll - ok

11:36:48.0134 4812 [ C9FB9038B15036CA28CF0B4BE2BED9BD ] C:\Windows\System32\en-US\tquery.dll.mui

11:36:48.0134 4812 C:\Windows\System32\en-US\tquery.dll.mui - ok

11:36:48.0150 4812 [ A07F12FA297F3F074D496B333C259AFA ] C:\Program Files (x86)\Launch Manager\COMFNUTL.DLL

11:36:48.0150 4812 C:\Program Files (x86)\Launch Manager\COMFNUTL.DLL - ok

11:36:48.0150 4812 [ 35AC4B63CBB9FB6B4472913E9948B517 ] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe

11:36:48.0150 4812 C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe - ok

11:36:48.0150 4812 [ 1957D49A9613FAAD1C73B508CCE02AA5 ] C:\Windows\SysWOW64\wmp.dll

11:36:48.0150 4812 C:\Windows\SysWOW64\wmp.dll - ok

11:36:48.0166 4812 [ F35A584E947A5B401FEB0FE01DB4A0D7 ] C:\Program Files (x86)\Acer\clear.fi\Movie\MFC71.dll

11:36:48.0166 4812 C:\Program Files (x86)\Acer\clear.fi\Movie\MFC71.dll - ok

11:36:48.0166 4812 [ 8877094AC20DD2C1B03B478256BC9D1B ] C:\Program Files (x86)\DuckLink\DuckCapture\DuckUpdate.exe

11:36:48.0166 4812 C:\Program Files (x86)\DuckLink\DuckCapture\DuckUpdate.exe - ok

11:36:48.0166 4812 [ 5CF15474FFDB5005E54958DF6EDD97AB ] C:\Windows\SysWOW64\wmdrmdev.dll

11:36:48.0166 4812 C:\Windows\SysWOW64\wmdrmdev.dll - ok

11:36:48.0181 4812 [ 81ADBC4E31A721AEF23251A952049BA2 ] C:\Program Files (x86)\Adobe\Reader 10.0\Reader\reader_sl.exe

11:36:48.0181 4812 C:\Program Files (x86)\Adobe\Reader 10.0\Reader\reader_sl.exe - ok

11:36:48.0181 4812 [ 916A2C4EB028604783FD5EA169236C1D ] C:\Program Files (x86)\QuickTime\QTTask.exe

11:36:48.0181 4812 C:\Program Files (x86)\QuickTime\QTTask.exe - ok

11:36:48.0181 4812 [ 86F1895AE8C5E8B17D99ECE768A70732 ] C:\Program Files (x86)\Acer\clear.fi\Movie\msvcr71.dll

11:36:48.0181 4812 C:\Program Files (x86)\Acer\clear.fi\Movie\msvcr71.dll - ok

11:36:48.0197 4812 [ 632A6D75FEEABC846EE9AEC33345EF34 ] C:\Program Files (x86)\Launch Manager\CDROMUTL.DLL

11:36:48.0197 4812 C:\Program Files (x86)\Launch Manager\CDROMUTL.DLL - ok

11:36:48.0197 4812 [ 561FA2ABB31DFA8FAB762145F81667C2 ] C:\Program Files (x86)\Acer\clear.fi\Movie\msvcp71.dll

11:36:48.0197 4812 C:\Program Files (x86)\Acer\clear.fi\Movie\msvcp71.dll - ok

11:36:48.0197 4812 [ 423982DD851406A52B6399DDB196C606 ] C:\Windows\System32\wmdrmdev.dll

11:36:48.0197 4812 C:\Windows\System32\wmdrmdev.dll - ok

11:36:48.0212 4812 [ 1EB82516F21F27EED1833B4F9FD9614E ] C:\Windows\System32\wmp.dll

11:36:48.0212 4812 C:\Windows\System32\wmp.dll - ok

11:36:48.0212 4812 [ 12916E0642E92561C98B18A2A2D01B14 ] C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe

11:36:48.0212 4812 C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe - ok

11:36:48.0212 4812 [ 5366AC5299ECD86011E6F757AB472D6B ] C:\Program Files (x86)\DuckLink\DuckCapture\QtXml4.dll

11:36:48.0212 4812 C:\Program Files (x86)\DuckLink\DuckCapture\QtXml4.dll - ok

11:36:48.0228 4812 [ 69259DD752862F5665413AFCFB4C0B0E ] C:\Program Files (x86)\Launch Manager\MIXERUTL.DLL

11:36:48.0228 4812 C:\Program Files (x86)\Launch Manager\MIXERUTL.DLL - ok

11:36:48.0228 4812 [ CE7803953FE7314061B3F9188D310EB2 ] C:\Windows\SysWOW64\en-US\KernelBase.dll.mui

11:36:48.0228 4812 C:\Windows\SysWOW64\en-US\KernelBase.dll.mui - ok

11:36:48.0228 4812 [ 850BD2D2D9CB5894935C3B6333CAD6FD ] C:\Windows\System32\riched20.dll

11:36:48.0228 4812 C:\Windows\System32\riched20.dll - ok

11:36:48.0244 4812 [ 47D052D9EE1FD3BA2A55D13F61E3EF24 ] C:\Windows\SysWOW64\drmv2clt.dll

11:36:48.0244 4812 C:\Windows\SysWOW64\drmv2clt.dll - ok

11:36:48.0244 4812 [ 1C794C31957D79FF217417788EDDAAE6 ] C:\Windows\SysWOW64\igdumdx32.dll

11:36:48.0244 4812 C:\Windows\SysWOW64\igdumdx32.dll - ok

11:36:48.0244 4812 [ 0B3595A4FF0B36D68E5FC67FD7D70FDC ] C:\Windows\winsxs\x86_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.6195_none_d09154e044272b9a\msvcp80.dll

11:36:48.0244 4812 C:\Windows\winsxs\x86_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.6195_none_d09154e044272b9a\msvcp80.dll - ok

11:36:48.0259 4812 [ 2C1055E2C6D42753241FB2A129136994 ] C:\Windows\System32\drmv2clt.dll

11:36:48.0259 4812 C:\Windows\System32\drmv2clt.dll - ok

11:36:48.0259 4812 [ A53F59BC46766CE79E407AB6F451100D ] C:\Program Files (x86)\Launch Manager\WND2FILE.DLL

11:36:48.0259 4812 C:\Program Files (x86)\Launch Manager\WND2FILE.DLL - ok

11:36:48.0259 4812 [ 8C22C6088057A00EAE7D963600F26EEB ] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\AppleVersions.dll

11:36:48.0259 4812 C:\Program Files (x86)\Common Files\Apple\Apple Application Support\AppleVersions.dll - ok

11:36:48.0275 4812 [ 2DEDC3AFE3C49B5DAE717D0A9BEBF298 ] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\YSCrashDump.dll

11:36:48.0275 4812 C:\Program Files (x86)\Common Files\Apple\Apple Application Support\YSCrashDump.dll - ok

11:36:48.0275 4812 [ C9D237B353F85EEDC5850BA91C890FB6 ] C:\Program Files\AVAST Software\Avast\1033\uiLangRes.dll

11:36:48.0275 4812 C:\Program Files\AVAST Software\Avast\1033\uiLangRes.dll - ok

11:36:48.0275 4812 [ 67B539D844F804EBAC7A1E3828FDE709 ] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\CoreFoundation.dll

11:36:48.0275 4812 C:\Program Files (x86)\Common Files\Apple\Apple Application Support\CoreFoundation.dll - ok

11:36:48.0290 4812 [ 62169BDD927A67C360A35F4526429B01 ] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\pthreadVC2.dll

11:36:48.0290 4812 C:\Program Files (x86)\Common Files\Apple\Apple Application Support\pthreadVC2.dll - ok

11:36:48.0290 4812 [ 32D78DCABFB942275E01363D5232C77D ] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\objc.dll

11:36:48.0290 4812 C:\Program Files (x86)\Common Files\Apple\Apple Application Support\objc.dll - ok

11:36:48.0306 4812 [ B837D1528CE2E3CB79F09496BC08DDC6 ] C:\Windows\System32\SensApi.dll

11:36:48.0306 4812 C:\Windows\System32\SensApi.dll - ok

11:36:48.0306 4812 [ 71FC112959B07D686E71541BD9D4F237 ] C:\Program Files (x86)\Launch Manager\PowerUtl.dll

11:36:48.0306 4812 C:\Program Files (x86)\Launch Manager\PowerUtl.dll - ok

11:36:48.0306 4812 [ 3BDE52411DF2FE4252C9289F51CB0F7E ] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libdispatch.dll

11:36:48.0306 4812 C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libdispatch.dll - ok

11:36:48.0322 4812 [ 8216632631FC5F7EFA1D0D9F34921522 ] C:\Windows\SysWOW64\igdumd32.dll

11:36:48.0322 4812 C:\Windows\SysWOW64\igdumd32.dll - ok

11:36:48.0322 4812 [ 0FBC74AA20FE0AE6884279F893169C60 ] C:\Windows\SysWOW64\wmploc.DLL

11:36:48.0322 4812 C:\Windows\SysWOW64\wmploc.DLL - ok

11:36:48.0322 4812 [ 9ABB7CDAC0914579C86990048771B1B4 ] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libicuin.dll

11:36:48.0322 4812 C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libicuin.dll - ok

11:36:48.0337 4812 [ DD565DB0B1E3BDE45A7363137EEC4ABB ] C:\Windows\assembly\NativeImages_v2.0.50727_64\WindowsBase\bdb1edb6d1f474a6c58d77ad9782de60\WindowsBase.ni.dll

11:36:48.0337 4812 C:\Windows\assembly\NativeImages_v2.0.50727_64\WindowsBase\bdb1edb6d1f474a6c58d77ad9782de60\WindowsBase.ni.dll - ok

11:36:48.0337 4812 [ D47913F993A0E3A0C9F1E88FD02E98C6 ] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libicuuc.dll

11:36:48.0337 4812 C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libicuuc.dll - ok

11:36:48.0337 4812 [ 20D30D8717E9DFF90224B5AB37410D9D ] C:\Program Files (x86)\Launch Manager\OSDUTL2.DLL

11:36:48.0337 4812 C:\Program Files (x86)\Launch Manager\OSDUTL2.DLL - ok

11:36:48.0353 4812 [ E19AD0D49BFF5938B3E374873AC174DE ] C:\Windows\System32\wmploc.DLL

11:36:48.0353 4812 C:\Windows\System32\wmploc.DLL - ok

11:36:48.0353 4812 [ 40B82688907A7DBA4DB3B5ADDE3EAB3B ] C:\Windows\SysWOW64\mfplat.dll

11:36:48.0353 4812 C:\Windows\SysWOW64\mfplat.dll - ok

11:36:48.0353 4812 [ 43A0A24CD12B110DC93462D6B035C961 ] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\icudt46.dll

11:36:48.0353 4812 C:\Program Files (x86)\Common Files\Apple\Apple Application Support\icudt46.dll - ok

11:36:48.0368 4812 [ BA02F01BE7ED88E8974C798ACB3075F5 ] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\ASL.dll

11:36:48.0368 4812 C:\Program Files (x86)\Common Files\Apple\Apple Application Support\ASL.dll - ok

11:36:48.0368 4812 [ 07AD88DF9EF73215458867EFC1BFFE9E ] C:\Windows\System32\wbem\wmiprov.dll

11:36:48.0368 4812 C:\Windows\System32\wbem\wmiprov.dll - ok

11:36:48.0384 4812 [ FD5A0A28AAEA0421039242A9D592212B ] C:\Program Files (x86)\Launch Manager\SZUPFUTL.DLL

11:36:48.0384 4812 C:\Program Files (x86)\Launch Manager\SZUPFUTL.DLL - ok

11:36:48.0384 4812 [ 54B5DCD55B223BC5DF50B82E1E9E86B1 ] C:\Windows\System32\mfplat.dll

11:36:48.0384 4812 C:\Windows\System32\mfplat.dll - ok

11:36:48.0384 4812 [ BBA662DC6FCCCCDF8EC2C4B8AE60FD3E ] C:\Program Files (x86)\Launch Manager\RadioWndUtl.dll

11:36:48.0384 4812 C:\Program Files (x86)\Launch Manager\RadioWndUtl.dll - ok

11:36:48.0400 4812 [ 211A2E13715834F67F2CC8B559689751 ] C:\Windows\assembly\NativeImages_v2.0.50727_64\PresentationCore\9009e8d122b1f2e427c226b26416d0d9\PresentationCore.ni.dll

11:36:48.0400 4812 C:\Windows\assembly\NativeImages_v2.0.50727_64\PresentationCore\9009e8d122b1f2e427c226b26416d0d9\PresentationCore.ni.dll - ok

11:36:48.0400 4812 [ 8A6B867FC26B9850D446D2D86E5DB071 ] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon_main.dll

11:36:48.0400 4812 C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon_main.dll - ok

11:36:48.0400 4812 [ 4DE1EBB2314E2F10AC9EC83138193F8B ] C:\Program Files (x86)\DAEMON Tools Lite\imgengine.dll

11:36:48.0400 4812 C:\Program Files (x86)\DAEMON Tools Lite\imgengine.dll - ok

11:36:48.0415 4812 [ 57E8C7791AB2596AFB8EE1273C2DF1F8 ] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\CFNetwork.dll

11:36:48.0415 4812 C:\Program Files (x86)\Common Files\Apple\Apple Application Support\CFNetwork.dll - ok

11:36:48.0415 4812 [ 8A1CBAE63FC06EDAEDCCE1B23E9C9267 ] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\SQLite3.dll

11:36:48.0415 4812 C:\Program Files (x86)\Common Files\Apple\Apple Application Support\SQLite3.dll - ok

11:36:48.0415 4812 [ 58B61578D5704E9FC8B8A9861A85069D ] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll

11:36:48.0415 4812 C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll - ok

11:36:48.0431 4812 [ C3C8D359D1FCB72941F75F8A302BFBDE ] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll

11:36:48.0431 4812 C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll - ok

11:36:48.0431 4812 [ C264145F107437CBD3B30303733AEE4F ] C:\Windows\assembly\GAC_64\PresentationCore\3.0.0.0__31bf3856ad364e35\PresentationCore.dll

11:36:48.0431 4812 C:\Windows\assembly\GAC_64\PresentationCore\3.0.0.0__31bf3856ad364e35\PresentationCore.dll - ok

11:36:48.0446 4812 [ 99AF7D470D7290DD31C1FABC569509CD ] C:\Program Files\GIMP 2\bin\gimp-2.8.exe

11:36:48.0446 4812 C:\Program Files\GIMP 2\bin\gimp-2.8.exe - ok

11:36:48.0446 4812 [ EA2B00551F3E7B3D5F7FB730A55F8246 ] C:\Windows\SysWOW64\blackbox.dll

11:36:48.0446 4812 C:\Windows\SysWOW64\blackbox.dll - ok

11:36:48.0446 4812 [ 97A891E2BF7FDA830BCFC6269DA3F5E9 ] C:\Windows\System32\blackbox.dll

11:36:48.0446 4812 C:\Windows\System32\blackbox.dll - ok

11:36:48.0462 4812 [ 6A5D3AE77CA9145104ADC747777FF811 ] C:\Program Files (x86)\Launch Manager\MMDx64Fx.exe

11:36:48.0462 4812 C:\Program Files (x86)\Launch Manager\MMDx64Fx.exe - ok

11:36:48.0462 4812 [ 00B0ACE97EAA8A8F1CC1867E49B1FE74 ] C:\Windows\Installer\{4E76FF7E-AEBA-4C87-B788-CD47E5425B9D}\SkypeIcon.exe

11:36:48.0462 4812 C:\Windows\Installer\{4E76FF7E-AEBA-4C87-B788-CD47E5425B9D}\SkypeIcon.exe - ok

11:36:48.0462 4812 [ 107E580D33857A1A70ADB0D03AEAB675 ] C:\Users\Heavy Metal Miku\Desktop\PSO2_SETUP.exe

11:36:48.0462 4812 C:\Users\Heavy Metal Miku\Desktop\PSO2_SETUP.exe - ok

11:36:48.0478 4812 [ 38D845C642A072902E21D5F769E992A3 ] C:\Program Files (x86)\Launch Manager\aipflib.dll

11:36:48.0478 4812 C:\Program Files (x86)\Launch Manager\aipflib.dll - ok

11:36:48.0478 4812 [ 954EA9B34F155C844B11F4047A8F6F89 ] C:\Windows\SysWOW64\upnp.dll

11:36:48.0478 4812 C:\Windows\SysWOW64\upnp.dll - ok

11:36:48.0493 4812 [ 96DB78C9C50CEED9DA5050EFFEE272A2 ] C:\Windows\System32\upnp.dll

11:36:48.0493 4812 C:\Windows\System32\upnp.dll - ok

11:36:48.0493 4812 [ 28E2231BD34A39C854BDF3923AB2FF86 ] C:\Windows\SysWOW64\ssdpapi.dll

11:36:48.0493 4812 C:\Windows\SysWOW64\ssdpapi.dll - ok

11:36:48.0493 4812 [ B18B6ACD4793205929E41C3AE00B689A ] C:\Windows\SysWOW64\en-US\tzres.dll.mui

11:36:48.0493 4812 C:\Windows\SysWOW64\en-US\tzres.dll.mui - ok

11:36:48.0509 4812 [ A50E0D4F65C0116EE297E4BB898F8DF9 ] C:\Program Files (x86)\Launch Manager\MMDUtl.dll

11:36:48.0509 4812 C:\Program Files (x86)\Launch Manager\MMDUtl.dll - ok

11:36:48.0509 4812 [ 51B52FBD583CDE8AA9BA62B8B4298F33 ] C:\Windows\System32\ssdpsrv.dll

11:36:48.0509 4812 C:\Windows\System32\ssdpsrv.dll - ok

11:36:48.0509 4812 ============================================================

11:36:48.0509 4812 Scan finished

11:36:48.0509 4812 ============================================================

11:36:48.0524 0932 Detected object count: 2

11:36:48.0524 0932 Actual detected object count: 2

11:38:38.0723 0932 \Device\Harddisk0\DR0\# - copied to quarantine

11:38:38.0770 0932 \Device\Harddisk0\DR0 - copied to quarantine

11:38:38.0910 0932 \Device\Harddisk0\DR0\TDLFS\cmd64.dll - copied to quarantine

11:38:39.0004 0932 \Device\Harddisk0\DR0\TDLFS\sub.dll - copied to quarantine

11:38:52.0233 0932 \Device\Harddisk0\DR0\TDLFS\subx.dll - copied to quarantine

11:38:58.0700 0932 \Device\Harddisk0\DR0\TDLFS\drv32 - copied to quarantine

11:38:58.0830 0932 \Device\Harddisk0\DR0\TDLFS\drv64 - copied to quarantine

11:38:58.0995 0932 \Device\Harddisk0\DR0\TDLFS\servers.dat - copied to quarantine

11:38:58.0999 0932 \Device\Harddisk0\DR0\TDLFS\config.ini - copied to quarantine

11:38:59.0007 0932 \Device\Harddisk0\DR0\TDLFS\ldr16 - copied to quarantine

11:38:59.0012 0932 \Device\Harddisk0\DR0\TDLFS\ldr32 - copied to quarantine

11:38:59.0138 0932 \Device\Harddisk0\DR0\TDLFS\ldr64 - copied to quarantine

11:38:59.0251 0932 \Device\Harddisk0\DR0\TDLFS\s - copied to quarantine

11:38:59.0255 0932 \Device\Harddisk0\DR0\TDLFS\ldrm - copied to quarantine

11:38:59.0259 0932 \Device\Harddisk0\DR0\TDLFS\u - copied to quarantine

11:38:59.0345 0932 \Device\Harddisk0\DR0 ( Rootkit.Boot.Pihar.c ) - will be cured on reboot

11:38:59.0361 0932 \Device\Harddisk0\DR0 - ok

11:38:59.0593 0932 \Device\Harddisk0\DR0 ( Rootkit.Boot.Pihar.c ) - User select action: Cure

11:38:59.0593 0932 \Device\Harddisk0\DR0 ( TDSS File System ) - skipped by user

11:38:59.0593 0932 \Device\Harddisk0\DR0 ( TDSS File System ) - User select action: Skip

Link to post
Share on other sites

Step 1

Please re-run TDSSKiller and use Delete option for this entry:

11:38:59.0593 0932 \Device\Harddisk0\DR0 ( TDSS File System ) - skipped by user

11:38:59.0593 0932 \Device\Harddisk0\DR0 ( TDSS File System ) - User select action: Skip

Step 2

Note: Please do not run this tool without special supervision and instructions of someone authorized to do so. Otherwise, you could end up with serious problems. For more details, read this article: ComboFix usage, Questions, Help? - Look here

Please visit this webpage for download links, and instructions for running the tool:

http://www.bleepingc...to-use-combofix

* Ensure you have disabled all anti virus and anti malware programs so they do not interfere with the running of ComboFix.

Please post the C:\ComboFix.txt in your next reply for further review.

Note: If you encounter a message "illegal operation attempted on registry key that has been marked for deletion" and no programs will run - please just reboot and that will resolve that error.

Link to post
Share on other sites

Guest
This topic is now closed to further replies.
  • Recently Browsing   0 members

    • No registered users viewing this page.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.