Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

I feel like something bad is messing up my PC


  • This topic is locked This topic is locked
21 replies to this topic

#1 babas87

babas87

  • Members
  • 71 posts
  • OFFLINE
  •  
  • Local time:07:58 AM

Posted 25 January 2013 - 06:41 PM

Hello, I've been there before and the people that helped me did a great job. So I am returning because my laptop is really really slow even though the power settings are on "High Performance". Sometimes the screen flashes and the color of the windows become let bright like it has been washed out. Maybe I am worrying for nothing but can someone help me? Thank you. It will be very appreciated.




DDS (Ver_2012-11-20.01) - NTFS_x86
Internet Explorer: 9.0.8112.16457
Run by HP at 19:26:45 on 2013-01-25
Microsoft Windows 7 Ultimate 6.1.7601.1.1252.1.1033.18.1910.882 [GMT -4:00]
.
AV: avast! Antivirus *Enabled/Updated* {2B2D1395-420B-D5C9-657E-930FE358FC3C}
SP: avast! Antivirus *Enabled/Updated* {904CF271-6431-DA47-5FCE-A87D98DFB681}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
SP: COMODO Defense+ *Enabled/Updated* {FEEA52D5-051E-08DD-07EF-2F009097607D}
FW: COMODO Firewall *Enabled* {7DB03214-694B-060B-1600-BD4715C36DBB}
.
============== Running Processes ================
.
C:\Windows\system32\wininit.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\atiesrxx.exe
C:\Windows\system32\Hpservice.exe
C:\Windows\system32\atieclxx.exe
C:\Program Files\AVAST Software\Avast\AvastSvc.exe
C:\Windows\System32\spoolsv.exe
C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
C:\Windows\system32\PrintCtrl.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
C:\Windows\system32\Dwm.exe
C:\Windows\system32\taskhost.exe
C:\Windows\Explorer.EXE
C:\Program Files\AVAST Software\Avast\AvastUI.exe
C:\Windows\System32\igfxpers.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\Common Files\Research In Motion\USB Drivers\RIMBBLaunchAgent.exe
C:\Windows\System32\PrintDisp.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\PROGRAM FILES\SYNAPTICS\SYNTP\SYNTPHELPER.EXE
C:\Windows\system32\SearchIndexer.exe
C:\Program Files\Funshion Online\Funshion\Funshion.exe
C:\Program Files\Funshion Online\Funshion\FunshionService.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Windows\system32\taskeng.exe
C:\Windows\system32\conhost.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k GPSvcGroup
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Windows\System32\svchost.exe -k secsvcs
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxp://msn.fr/
uURLSearchHooks: {db61f672-0d05-4997-bec6-96eaab7c4106} - <orphaned>
BHO: {02478D38-C3F9-4efb-9B51-7695ECA05670} - <orphaned>
BHO: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelperShim.dll
BHO: avast! WebRep: {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - c:\program files\avast software\avast\aswWebRepIE.dll
BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - c:\program files\common files\microsoft shared\windows live\WindowsLiveLogin.dll
BHO: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - c:\program files\microsoft office\office14\URLREDIR.DLL
TB: avast! WebRep: {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - c:\program files\avast software\avast\aswWebRepIE.dll
uRun: [Sidebar] c:\program files\windows sidebar\sidebar.exe /autoRun
mRun: [avast] "c:\program files\avast software\avast\avastUI.exe" /nogui
mRun: [IgfxTray] c:\windows\system32\igfxtray.exe
mRun: [HotKeysCmds] c:\windows\system32\hkcmd.exe
mRun: [Persistence] c:\windows\system32\igfxpers.exe
mRun: [SynTPEnh] c:\program files\synaptics\syntp\SynTPEnh.exe
mRun: [Adobe ARM] "c:\program files\common files\adobe\arm\1.0\AdobeARM.exe"
mRun: [RIMBBLaunchAgent.exe] c:\program files\common files\research in motion\usb drivers\RIMBBLaunchAgent.exe
mRun: [COMODO Internet Security] "c:\program files\comodo\comodo internet security\cfp.exe" -h
mRun: [PrintDisp] c:\windows\system32\PrintDisp.exe
mPolicies-System: ConsentPromptBehaviorUser = dword:3
mPolicies-System: EnableUIADesktopToggle = dword:0
IE: E&xport to Microsoft Excel - c:\progra~1\micros~3\office14\EXCEL.EXE/3000
IE: Se&nd to OneNote - c:\progra~1\micros~3\office14\ONBttnIE.dll/105
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - c:\program files\microsoft office\office14\ONBttnIE.dll
IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - c:\program files\microsoft office\office14\ONBttnIELinkedNotes.dll
DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} - hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
TCP: NameServer = 192.168.0.1
TCP: Interfaces\{4DC51642-4E4B-4191-8623-19140A8E50DF} : NameServer = 8.26.56.26,156.154.70.22
TCP: Interfaces\{56ECE4F2-B06C-4112-AA3C-C7AD8C59DB1A} : NameServer = 8.26.56.26,156.154.70.22
TCP: Interfaces\{56ECE4F2-B06C-4112-AA3C-C7AD8C59DB1A} : DHCPNameServer = 192.168.0.1
TCP: Interfaces\{56ECE4F2-B06C-4112-AA3C-C7AD8C59DB1A}\57D636D6D26796379647565727 : DHCPNameServer = 139.103.8.130 139.103.8.133
TCP: Interfaces\{56ECE4F2-B06C-4112-AA3C-C7AD8C59DB1A}\C696E6B6379737 : NameServer = 8.26.56.26,156.154.70.22
TCP: Interfaces\{56ECE4F2-B06C-4112-AA3C-C7AD8C59DB1A}\C696E6B6379737 : DHCPNameServer = 192.168.0.1
Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - c:\program files\common files\microsoft shared\office14\MSOXMLMF.DLL
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - c:\program files\common files\skype\Skype4COM.dll
Notify: igfxcui - igfxdev.dll
AppInit_DLLs= c:\windows\system32\guard32.dll
SSODL: WebCheck - <orphaned>
mASetup: {8A69D345-D564-463c-AFF1-A69D9E530F96} - "c:\program files\google\chrome\application\24.0.1312.56\installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level --multi-install --chrome
.
============= SERVICES / DRIVERS ===============
.
R1 aswSnx;aswSnx;c:\windows\system32\drivers\aswSnx.sys [2012-10-12 738504]
R1 aswSP;aswSP;c:\windows\system32\drivers\aswSP.sys [2012-10-12 361032]
R1 cmdGuard;COMODO Internet Security Sandbox Driver;c:\windows\system32\drivers\cmdGuard.sys [2012-11-7 494416]
R1 cmdHlp;COMODO Internet Security Helper Driver;c:\windows\system32\drivers\cmdhlp.sys [2012-11-7 36072]
R2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe [2010-9-9 176128]
R2 aswFsBlk;aswFsBlk;c:\windows\system32\drivers\aswFsBlk.sys [2012-10-12 21256]
R2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys [2012-10-12 58680]
R2 avast! Antivirus;avast! Antivirus;c:\program files\avast software\avast\AvastSvc.exe [2012-11-1 44808]
R2 hpsrv;HP Service;c:\windows\system32\hpservice.exe [2011-5-13 26168]
R2 Printer Control;Printer Control;c:\windows\system32\PrintCtrl.exe [2013-1-20 65536]
R3 intelkmd;intelkmd;c:\windows\system32\drivers\igdpmd32.sys [2010-7-19 9018368]
R3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\drivers\Rt86win7.sys [2011-6-10 394856]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\microsoft.net\framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
S2 MBAMScheduler;MBAMScheduler;c:\program files\malwarebytes' anti-malware\mbamscheduler.exe [2013-1-10 398184]
S2 MBAMService;MBAMService;c:\program files\malwarebytes' anti-malware\mbamservice.exe [2013-1-10 682344]
S2 SkypeUpdate;Skype Updater;c:\program files\skype\updater\Updater.exe [2013-1-8 161536]
S3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0;c:\windows\system32\drivers\b57nd60x.sys [2009-7-13 229888]
S3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [2013-1-10 21104]
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys [2012-11-28 14848]
S3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\TsUsbFlt.sys [2012-11-28 49664]
S3 WatAdminSvc;Windows Activation Technologies Service;c:\windows\system32\wat\WatAdminSvc.exe [2012-10-12 1343400]
.
=============== Created Last 30 ================
.
2013-01-25 11:26:44 6991832 ----a-w- c:\programdata\microsoft\windows defender\definition updates\{5285a79d-6150-4c2c-b80b-a2e9239637ce}\mpengine.dll
2013-01-24 20:42:41 -------- d-----r- c:\program files\Skype
2013-01-24 01:57:01 -------- d-----w- c:\program files\BBSAK
2013-01-24 01:55:25 413696 ----a-r- c:\users\hp\appdata\roaming\microsoft\installer\{f3ee237a-7f47-4639-962f-7208536a7837}\BlackBerry.exe
2013-01-20 17:32:09 -------- d-----w- c:\users\hp\appdata\local\Iceni
2013-01-20 17:31:38 901120 ----a-w- c:\windows\system32\SaveTo.dll
2013-01-20 17:31:06 27648 ----a-w- c:\windows\system32\spool\prtprocs\w32x86\ActPrint.dll
2013-01-20 17:29:56 -------- d-----w- c:\users\hp\appdata\local\Aspell
2013-01-19 18:10:15 -------- d-----w- c:\programdata\BlueStacksSetup
2013-01-10 22:58:36 21104 ----a-w- c:\windows\system32\drivers\mbam.sys
2013-01-10 22:58:36 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2013-01-10 22:58:26 -------- d-----w- c:\users\hp\appdata\local\Programs
2013-01-10 21:57:25 -------- d-----w- c:\program files\Microsoft Analysis Services
2013-01-10 21:56:54 -------- d-----w- c:\users\hp\appdata\local\Microsoft Help
2013-01-10 15:19:04 -------- d-----w- c:\users\hp\appdata\local\MicrosoftStore
2013-01-09 05:19:57 626688 ----a-w- c:\windows\system32\usp10.dll
2013-01-09 05:18:01 49152 ----a-w- c:\windows\system32\taskhost.exe
.
==================== Find3M ====================
.
2013-01-20 17:31:37 1218627 ----a-w- c:\windows\unins000.exe
2012-12-16 14:13:28 295424 ----a-w- c:\windows\system32\atmfd.dll
2012-12-16 14:13:20 34304 ----a-w- c:\windows\system32\atmlib.dll
2012-12-07 12:26:17 308736 ----a-w- c:\windows\system32\Wpc.dll
2012-12-07 12:20:43 2576384 ----a-w- c:\windows\system32\gameux.dll
2012-11-30 04:53:34 169984 ----a-w- c:\windows\system32\winsrv.dll
2012-11-30 04:47:45 293376 ----a-w- c:\windows\system32\KernelBase.dll
2012-11-30 02:55:25 271360 ----a-w- c:\windows\system32\conhost.exe
2012-11-30 02:38:59 6144 ---ha-w- c:\windows\system32\api-ms-win-security-base-l1-1-0.dll
2012-11-30 02:38:59 4608 ---ha-w- c:\windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2012-11-30 02:38:59 3584 ---ha-w- c:\windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2012-11-30 02:38:59 3072 ---ha-w- c:\windows\system32\api-ms-win-core-util-l1-1-0.dll
2012-11-26 14:26:00 507904 ----a-r- c:\windows\system32\btwapi.dll
2012-11-24 23:09:44 348160 ----a-w- c:\windows\system32\msvcr71.dll
2012-11-24 23:09:44 1700352 ----a-w- c:\windows\system32\gdiplus.dll
2012-11-24 23:09:44 1060864 ----a-w- c:\windows\system32\mfc71.dll
2012-11-23 02:56:23 2345984 ----a-w- c:\windows\system32\win32k.sys
2012-11-20 04:51:09 220160 ----a-w- c:\windows\system32\ncrypt.dll
2012-11-14 02:09:22 1800704 ----a-w- c:\windows\system32\jscript9.dll
2012-11-14 01:58:15 1427968 ----a-w- c:\windows\system32\inetcpl.cpl
2012-11-14 01:57:37 1129472 ----a-w- c:\windows\system32\wininet.dll
2012-11-14 01:49:25 142848 ----a-w- c:\windows\system32\ieUnatt.exe
2012-11-14 01:48:27 420864 ----a-w- c:\windows\system32\vbscript.dll
2012-11-14 01:44:42 2382848 ----a-w- c:\windows\system32\mshtml.tlb
2012-11-09 04:43:04 492032 ----a-w- c:\windows\system32\win32spl.dll
2012-11-09 04:42:49 2048 ----a-w- c:\windows\system32\tzres.dll
2012-11-08 03:37:56 494416 ----a-w- c:\windows\system32\drivers\cmdGuard.sys
2012-11-08 03:37:56 36072 ----a-w- c:\windows\system32\drivers\cmdhlp.sys
2012-11-08 03:37:54 19632 ----a-w- c:\windows\system32\drivers\cmderd.sys
2012-11-08 03:37:36 34024 ----a-w- c:\windows\system32\cmdcsr.dll
2012-11-08 03:37:36 301264 ----a-w- c:\windows\system32\guard32.dll
2012-11-02 05:11:31 376832 ----a-w- c:\windows\system32\dpnet.dll
2012-11-01 04:47:54 1389568 ----a-w- c:\windows\system32\msxml6.dll
2012-10-30 22:51:58 738504 ----a-w- c:\windows\system32\drivers\aswSnx.sys
2012-10-30 22:51:57 58680 ----a-w- c:\windows\system32\drivers\aswMonFlt.sys
2012-10-30 22:51:07 41224 ----a-w- c:\windows\avastSS.scr
.
============= FINISH: 19:28:04.94 ===============

Attached Files



BC AdBot (Login to Remove)

 


#2 HelpBot

HelpBot

    Bleepin' Binary Bot


  • Bots
  • 12,740 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:08:58 AM

Posted 30 January 2013 - 06:45 PM

Hello and welcome to Bleeping Computer!

I am HelpBot: an automated program designed to help the Bleeping Computer Staff better assist you! This message contains very important information, so please read through all of it before doing anything.

We apologize for the delay in responding to your request for help. Here at Bleeping Computer we get overwhelmed at times, and we are trying our best to keep up. Please note that your topic was not intentionally overlooked. Our mission is to help everyone in need, but sometimes it takes just a little longer to get to every request for help. No one is ignored here.

To help Bleeping Computer better assist you please perform the following steps:

***************************************************

Posted Image In order to continue receiving help at BleepingComputer.com, YOU MUST tell me if you still need help or if your issue has already been resolved on your own or through another resource! To tell me this, please click on the following link and follow the instructions there.

CLICK THIS LINK >>> http://www.bleepingcomputer.com/logreply/483030 <<< CLICK THIS LINK



If you no longer need help, then all you needed to do was the previous instructions of telling me so. You can skip the rest of this post. If you do need help please continue with Step 2 below.

***************************************************

Posted Image If you still need help, I would like you to post a Reply to this topic (click the "Add Reply" button in the lower right hand of this page). In that reply, please include the following information:

  • If you have not done so already, include a clear description of the problems you're having, along with any steps you may have performed so far.
  • A new DDS log. For your convenience, you will find the instructions for generating these logs repeated at the bottom of this post.
    • Please do this even if you have previously posted logs for us.
    • If you were unable to produce the logs originally please try once more.
    • If you are unable to create a log please provide detailed information about your installed Windows Operating System including the Version, Edition and if it is a 32bit or a 64bit system.
    • If you are unsure about any of these characteristics just post what you can and we will guide you.
  • Please tell us if you have your original Windows CD/DVD available.
  • Upon completing the above steps and posting a reply, another staff member will review your topic and do their best to resolve your issues.

Thank you for your patience, and again sorry for the delay.

***************************************************

We need to see some information about what is happening in your machine. Please perform the following scan again:

  • Download DDS by sUBs from one of the following links if you no longer have it available. Save it to your desktop.
  • Double click on the DDS icon, allow it to run.
  • A small box will open, with an explanation about the tool. No input is needed, the scan is running.
  • Notepad will open with the results.
  • Follow the instructions that pop up for posting the results.
  • Close the program window, and delete the program from your desktop.
Please note: You may have to disable any script protection running if the scan fails to run. After downloading the tool, disconnect from the internet and disable all antivirus protection. Run the scan, enable your A/V and reconnect to the internet.

Information on A/V control HERE

As I am just a silly little program running on the BleepingComputer.com servers, please do not send me private messages as I do not know how to read and reply to them! Thanks!

#3 babas87

babas87
  • Topic Starter

  • Members
  • 71 posts
  • OFFLINE
  •  
  • Local time:07:58 AM

Posted 31 January 2013 - 11:39 AM

Thanks for helping me. Here's my new DSS logs.


DDS (Ver_2012-11-20.01) - NTFS_x86
Internet Explorer: 9.0.8112.16457
Run by HP at 12:35:19 on 2013-01-31
Microsoft Windows 7 Ultimate 6.1.7601.1.1252.1.1033.18.1910.718 [GMT -4:00]
.
AV: avast! Antivirus *Enabled/Updated* {2B2D1395-420B-D5C9-657E-930FE358FC3C}
SP: avast! Antivirus *Enabled/Updated* {904CF271-6431-DA47-5FCE-A87D98DFB681}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
SP: COMODO Defense+ *Enabled/Updated* {FEEA52D5-051E-08DD-07EF-2F009097607D}
FW: COMODO Firewall *Enabled* {7DB03214-694B-060B-1600-BD4715C36DBB}
.
============== Running Processes ================
.
C:\Windows\system32\wininit.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\atiesrxx.exe
C:\Windows\system32\Hpservice.exe
C:\Windows\system32\atieclxx.exe
C:\Program Files\AVAST Software\Avast\AvastSvc.exe
C:\Windows\System32\spoolsv.exe
C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
C:\Windows\system32\PrintCtrl.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\system32\taskhost.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files\AVAST Software\Avast\AvastUI.exe
C:\Windows\System32\igfxpers.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\Common Files\Research In Motion\USB Drivers\RIMBBLaunchAgent.exe
C:\Windows\System32\PrintDisp.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\PROGRAM FILES\SYNAPTICS\SYNTP\SYNTPHELPER.EXE
C:\Windows\system32\SearchIndexer.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Windows\system32\SearchProtocolHost.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Windows\system32\conhost.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k GPSvcGroup
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Windows\System32\svchost.exe -k secsvcs
C:\Windows\System32\svchost.exe -k WerSvcGroup
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxp://msn.fr/
uURLSearchHooks: {db61f672-0d05-4997-bec6-96eaab7c4106} - <orphaned>
BHO: {02478D38-C3F9-4efb-9B51-7695ECA05670} - <orphaned>
BHO: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelperShim.dll
BHO: avast! WebRep: {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - c:\program files\avast software\avast\aswWebRepIE.dll
BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - c:\program files\common files\microsoft shared\windows live\WindowsLiveLogin.dll
BHO: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - c:\program files\microsoft office\office14\URLREDIR.DLL
TB: avast! WebRep: {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - c:\program files\avast software\avast\aswWebRepIE.dll
uRun: [Sidebar] c:\program files\windows sidebar\sidebar.exe /autoRun
mRun: [avast] "c:\program files\avast software\avast\avastUI.exe" /nogui
mRun: [IgfxTray] c:\windows\system32\igfxtray.exe
mRun: [HotKeysCmds] c:\windows\system32\hkcmd.exe
mRun: [Persistence] c:\windows\system32\igfxpers.exe
mRun: [SynTPEnh] c:\program files\synaptics\syntp\SynTPEnh.exe
mRun: [Adobe ARM] "c:\program files\common files\adobe\arm\1.0\AdobeARM.exe"
mRun: [RIMBBLaunchAgent.exe] c:\program files\common files\research in motion\usb drivers\RIMBBLaunchAgent.exe
mRun: [COMODO Internet Security] "c:\program files\comodo\comodo internet security\cfp.exe" -h
mRun: [PrintDisp] c:\windows\system32\PrintDisp.exe
mPolicies-System: ConsentPromptBehaviorUser = dword:3
mPolicies-System: EnableUIADesktopToggle = dword:0
IE: E&xport to Microsoft Excel - c:\progra~1\micros~3\office14\EXCEL.EXE/3000
IE: Se&nd to OneNote - c:\progra~1\micros~3\office14\ONBttnIE.dll/105
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - c:\program files\microsoft office\office14\ONBttnIE.dll
IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - c:\program files\microsoft office\office14\ONBttnIELinkedNotes.dll
DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} - hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
TCP: NameServer = 192.168.0.1
TCP: Interfaces\{4DC51642-4E4B-4191-8623-19140A8E50DF} : NameServer = 8.26.56.26,156.154.70.22
TCP: Interfaces\{56ECE4F2-B06C-4112-AA3C-C7AD8C59DB1A} : NameServer = 8.26.56.26,156.154.70.22
TCP: Interfaces\{56ECE4F2-B06C-4112-AA3C-C7AD8C59DB1A} : DHCPNameServer = 192.168.0.1
TCP: Interfaces\{56ECE4F2-B06C-4112-AA3C-C7AD8C59DB1A}\57D636D6D26796379647565727 : DHCPNameServer = 139.103.8.130 139.103.8.133
TCP: Interfaces\{56ECE4F2-B06C-4112-AA3C-C7AD8C59DB1A}\C696E6B6379737 : NameServer = 8.26.56.26,156.154.70.22
TCP: Interfaces\{56ECE4F2-B06C-4112-AA3C-C7AD8C59DB1A}\C696E6B6379737 : DHCPNameServer = 192.168.0.1
Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - c:\program files\common files\microsoft shared\office14\MSOXMLMF.DLL
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - c:\program files\common files\skype\Skype4COM.dll
Notify: igfxcui - igfxdev.dll
AppInit_DLLs= c:\windows\system32\guard32.dll
SSODL: WebCheck - <orphaned>
mASetup: {8A69D345-D564-463c-AFF1-A69D9E530F96} - "c:\program files\google\chrome\application\24.0.1312.56\installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level --multi-install --chrome
.
============= SERVICES / DRIVERS ===============
.
R1 aswSnx;aswSnx;c:\windows\system32\drivers\aswSnx.sys [2012-10-12 738504]
R1 aswSP;aswSP;c:\windows\system32\drivers\aswSP.sys [2012-10-12 361032]
R1 cmdGuard;COMODO Internet Security Sandbox Driver;c:\windows\system32\drivers\cmdGuard.sys [2012-11-7 494416]
R1 cmdHlp;COMODO Internet Security Helper Driver;c:\windows\system32\drivers\cmdhlp.sys [2012-11-7 36072]
R2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe [2010-9-9 176128]
R2 aswFsBlk;aswFsBlk;c:\windows\system32\drivers\aswFsBlk.sys [2012-10-12 21256]
R2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys [2012-10-12 58680]
R2 avast! Antivirus;avast! Antivirus;c:\program files\avast software\avast\AvastSvc.exe [2012-11-1 44808]
R2 hpsrv;HP Service;c:\windows\system32\hpservice.exe [2011-5-13 26168]
R2 Printer Control;Printer Control;c:\windows\system32\PrintCtrl.exe [2013-1-20 65536]
R3 intelkmd;intelkmd;c:\windows\system32\drivers\igdpmd32.sys [2010-7-19 9018368]
R3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\drivers\Rt86win7.sys [2011-6-10 394856]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\microsoft.net\framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
S2 MBAMScheduler;MBAMScheduler;c:\program files\malwarebytes' anti-malware\mbamscheduler.exe [2013-1-10 398184]
S2 MBAMService;MBAMService;c:\program files\malwarebytes' anti-malware\mbamservice.exe [2013-1-10 682344]
S2 SkypeUpdate;Skype Updater;c:\program files\skype\updater\Updater.exe [2013-1-8 161536]
S3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0;c:\windows\system32\drivers\b57nd60x.sys [2009-7-13 229888]
S3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [2013-1-10 21104]
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys [2012-11-28 14848]
S3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\TsUsbFlt.sys [2012-11-28 49664]
S3 WatAdminSvc;Windows Activation Technologies Service;c:\windows\system32\wat\WatAdminSvc.exe [2012-10-12 1343400]
.
=============== Created Last 30 ================
.
2013-01-29 14:52:39 6991832 ----a-w- c:\programdata\microsoft\windows defender\definition updates\{6bb838a5-9fbf-40aa-b862-b17add022da1}\mpengine.dll
2013-01-24 20:42:41 -------- d-----r- c:\program files\Skype
2013-01-24 01:57:01 -------- d-----w- c:\program files\BBSAK
2013-01-24 01:55:25 413696 ----a-r- c:\users\hp\appdata\roaming\microsoft\installer\{f3ee237a-7f47-4639-962f-7208536a7837}\BlackBerry.exe
2013-01-20 17:32:09 -------- d-----w- c:\users\hp\appdata\local\Iceni
2013-01-20 17:31:38 901120 ----a-w- c:\windows\system32\SaveTo.dll
2013-01-20 17:31:06 27648 ----a-w- c:\windows\system32\spool\prtprocs\w32x86\ActPrint.dll
2013-01-20 17:29:56 -------- d-----w- c:\users\hp\appdata\local\Aspell
2013-01-19 18:10:15 -------- d-----w- c:\programdata\BlueStacksSetup
2013-01-10 22:58:36 21104 ----a-w- c:\windows\system32\drivers\mbam.sys
2013-01-10 22:58:36 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2013-01-10 22:58:26 -------- d-----w- c:\users\hp\appdata\local\Programs
2013-01-10 21:57:25 -------- d-----w- c:\program files\Microsoft Analysis Services
2013-01-10 21:56:54 -------- d-----w- c:\users\hp\appdata\local\Microsoft Help
2013-01-10 15:19:04 -------- d-----w- c:\users\hp\appdata\local\MicrosoftStore
2013-01-09 05:19:57 626688 ----a-w- c:\windows\system32\usp10.dll
2013-01-09 05:18:01 49152 ----a-w- c:\windows\system32\taskhost.exe
.
==================== Find3M ====================
.
2013-01-20 17:31:37 1218627 ----a-w- c:\windows\unins000.exe
2012-12-16 14:13:28 295424 ----a-w- c:\windows\system32\atmfd.dll
2012-12-16 14:13:20 34304 ----a-w- c:\windows\system32\atmlib.dll
2012-12-07 12:26:17 308736 ----a-w- c:\windows\system32\Wpc.dll
2012-12-07 12:20:43 2576384 ----a-w- c:\windows\system32\gameux.dll
2012-11-30 04:53:34 169984 ----a-w- c:\windows\system32\winsrv.dll
2012-11-30 04:47:45 293376 ----a-w- c:\windows\system32\KernelBase.dll
2012-11-30 02:55:25 271360 ----a-w- c:\windows\system32\conhost.exe
2012-11-30 02:38:59 6144 ---ha-w- c:\windows\system32\api-ms-win-security-base-l1-1-0.dll
2012-11-30 02:38:59 4608 ---ha-w- c:\windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2012-11-30 02:38:59 3584 ---ha-w- c:\windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2012-11-30 02:38:59 3072 ---ha-w- c:\windows\system32\api-ms-win-core-util-l1-1-0.dll
2012-11-26 14:26:00 507904 ----a-r- c:\windows\system32\btwapi.dll
2012-11-24 23:09:44 348160 ----a-w- c:\windows\system32\msvcr71.dll
2012-11-24 23:09:44 1700352 ----a-w- c:\windows\system32\gdiplus.dll
2012-11-24 23:09:44 1060864 ----a-w- c:\windows\system32\mfc71.dll
2012-11-23 02:56:23 2345984 ----a-w- c:\windows\system32\win32k.sys
2012-11-20 04:51:09 220160 ----a-w- c:\windows\system32\ncrypt.dll
2012-11-14 02:09:22 1800704 ----a-w- c:\windows\system32\jscript9.dll
2012-11-14 01:58:15 1427968 ----a-w- c:\windows\system32\inetcpl.cpl
2012-11-14 01:57:37 1129472 ----a-w- c:\windows\system32\wininet.dll
2012-11-14 01:49:25 142848 ----a-w- c:\windows\system32\ieUnatt.exe
2012-11-14 01:48:27 420864 ----a-w- c:\windows\system32\vbscript.dll
2012-11-14 01:44:42 2382848 ----a-w- c:\windows\system32\mshtml.tlb
2012-11-09 04:43:04 492032 ----a-w- c:\windows\system32\win32spl.dll
2012-11-09 04:42:49 2048 ----a-w- c:\windows\system32\tzres.dll
2012-11-08 03:37:56 494416 ----a-w- c:\windows\system32\drivers\cmdGuard.sys
2012-11-08 03:37:56 36072 ----a-w- c:\windows\system32\drivers\cmdhlp.sys
2012-11-08 03:37:54 19632 ----a-w- c:\windows\system32\drivers\cmderd.sys
2012-11-08 03:37:36 34024 ----a-w- c:\windows\system32\cmdcsr.dll
2012-11-08 03:37:36 301264 ----a-w- c:\windows\system32\guard32.dll
.
============= FINISH: 12:36:19.73 ===============

Attached Files



#4 The Dark Knight

The Dark Knight

    The Magician


  • Security Colleague
  • 661 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Krypton
  • Local time:11:58 PM

Posted 01 February 2013 - 02:03 AM

Hello and welcome to BleepingComputer. I am The Dark Knight and will be assisting you. Please ask questions if anything is unclear. :welcome:

My apologies for the wait.

Please follow these instructions to run ComboFix.exe. Please visit this webpage for download links and instructions for running this tool:

http://www.bleepingcomputer.com/combofix/how-to-use-combofix

* Ensure you have disabled all anti virus and anti malware programs so they do not interfere with the running of ComboFix (CF).

Please go here to see a list of programs that need to be disabled.

**Note: Do not mouseclick ComboFix's window while it's running. That may cause it to stall.**

**Note 2: If you get a message saying "Illegal operation attempted on a registry key that has been marked for deletion", please restart your computer.**

Please include the C:\ComboFix.txt in your next reply for further review.

If you make yourself more than just a man, if you devote yourself to an ideal...you become something else entirely. A legend, Mr. Wayne, a legend!


If I have helped you please consider donating to the Neuroscience Research Institute.


Posted Image
Posted Image


#5 babas87

babas87
  • Topic Starter

  • Members
  • 71 posts
  • OFFLINE
  •  
  • Local time:07:58 AM

Posted 01 February 2013 - 05:56 PM

Hello, here's the Combofix log. I'll be waiting for further instructions.


ComboFix 13-02-01.04 - HP 02/01/2013 18:39:16.1.4 - x86
Microsoft Windows 7 Ultimate 6.1.7601.1.1252.1.1033.18.1910.1108 [GMT -4:00]
Running from: c:\users\HP\Desktop\ComboFix.exe
AV: avast! Antivirus *Disabled/Updated* {2B2D1395-420B-D5C9-657E-930FE358FC3C}
FW: COMODO Firewall *Enabled* {7DB03214-694B-060B-1600-BD4715C36DBB}
SP: avast! Antivirus *Disabled/Updated* {904CF271-6431-DA47-5FCE-A87D98DFB681}
SP: COMODO Defense+ *Disabled/Updated* {FEEA52D5-051E-08DD-07EF-2F009097607D}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
* Created a new restore point
.
.
((((((((((((((((((((((((( Files Created from 2013-01-01 to 2013-02-01 )))))))))))))))))))))))))))))))
.
.
2013-02-01 22:46 . 2013-02-01 22:46 -------- d-----w- c:\users\Default\AppData\Local\temp
2013-02-01 20:25 . 2013-02-01 20:25 60872 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{4BE828DF-3D6B-49F9-BB87-5DAC48452302}\offreg.dll
2013-02-01 14:30 . 2013-01-08 04:57 6991832 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{4BE828DF-3D6B-49F9-BB87-5DAC48452302}\mpengine.dll
2013-01-24 20:42 . 2013-01-24 20:42 -------- d-----w- c:\program files\Common Files\Skype
2013-01-24 20:42 . 2013-01-24 20:42 -------- d-----r- c:\program files\Skype
2013-01-24 01:57 . 2013-01-24 01:57 -------- d-----w- c:\program files\BBSAK
2013-01-24 01:55 . 2013-01-24 01:55 413696 ----a-r- c:\users\HP\AppData\Roaming\Microsoft\Installer\{F3EE237A-7F47-4639-962F-7208536A7837}\BlackBerry.exe
2013-01-20 17:32 . 2013-01-20 17:32 -------- d-----w- c:\users\HP\AppData\Local\Iceni
2013-01-20 17:31 . 2010-12-03 09:41 901120 ----a-w- c:\windows\system32\SaveTo.dll
2013-01-20 17:31 . 2010-10-12 14:32 27648 ----a-w- c:\windows\system32\Spool\prtprocs\w32x86\ActPrint.dll
2013-01-20 17:29 . 2013-01-20 17:29 -------- d-----w- c:\users\HP\AppData\Local\Aspell
2013-01-19 18:10 . 2013-01-19 18:13 -------- d-----w- c:\programdata\BlueStacksSetup
2013-01-10 22:58 . 2013-01-10 22:58 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2013-01-10 22:58 . 2012-12-14 20:49 21104 ----a-w- c:\windows\system32\drivers\mbam.sys
2013-01-10 22:58 . 2013-01-10 22:58 -------- d-----w- c:\users\HP\AppData\Local\Programs
2013-01-10 22:44 . 2013-01-10 22:44 -------- d-----w- c:\users\Default\AppData\Local\Microsoft Help
2013-01-10 21:57 . 2013-01-10 21:57 -------- d-----w- c:\program files\Microsoft Analysis Services
2013-01-10 21:56 . 2013-01-10 21:56 -------- d-----w- c:\users\HP\AppData\Local\Microsoft Help
2013-01-10 21:55 . 2013-01-10 22:48 -------- d-----w- c:\programdata\Microsoft Help
2013-01-10 21:55 . 2013-01-10 21:55 -------- d-----r- C:\MSOCache
2013-01-10 15:19 . 2013-01-10 15:19 -------- d-----w- c:\users\HP\AppData\Local\MicrosoftStore
2013-01-09 05:19 . 2012-11-22 04:45 626688 ----a-w- c:\windows\system32\usp10.dll
2013-01-09 05:18 . 2012-11-23 02:48 49152 ----a-w- c:\windows\system32\taskhost.exe
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2013-01-23 20:45 . 2012-12-09 23:35 737072 ----a-w- c:\programdata\Microsoft\eHome\Packages\SportsV2\SportsTemplateCore\Microsoft.MediaCenter.Sports.UI.dll
2013-01-23 20:44 . 2012-12-09 23:34 2876528 ----a-w- c:\programdata\Microsoft\eHome\Packages\MCEClientUX\UpdateableMarkup\markup.dll
2013-01-23 20:44 . 2012-12-09 23:33 42776 ----a-w- c:\programdata\Microsoft\eHome\Packages\MCEClientUX\dSM\StartResources.dll
2013-01-17 05:28 . 2012-10-12 23:05 232336 ------w- c:\windows\system32\MpSigStub.exe
2013-01-06 14:57 . 2012-12-15 19:43 737072 ----a-w- c:\programdata\Microsoft\eHome\Packages\SportsV2\SportsTemplateCore-2\Microsoft.MediaCenter.Sports.UI.dll
2013-01-06 14:47 . 2012-12-15 19:43 2876528 ----a-w- c:\programdata\Microsoft\eHome\Packages\MCEClientUX\UpdateableMarkup-2\markup.dll
2013-01-06 14:47 . 2012-12-15 19:43 42776 ----a-w- c:\programdata\Microsoft\eHome\Packages\MCEClientUX\dSM-2\StartResources.dll
2013-01-06 14:46 . 2012-12-15 19:43 539984 ----a-w- c:\programdata\Microsoft\eHome\Packages\MCESpotlight\MCESpotlight-2\SpotlightResources.dll
2012-12-21 21:00 . 2012-12-09 23:33 539984 ----a-w- c:\programdata\Microsoft\eHome\Packages\MCESpotlight\MCESpotlight\SpotlightResources.dll
2012-12-16 14:13 . 2012-12-22 01:52 295424 ----a-w- c:\windows\system32\atmfd.dll
2012-12-16 14:13 . 2012-12-22 01:52 34304 ----a-w- c:\windows\system32\atmlib.dll
2012-11-26 14:26 . 2012-11-26 14:26 507904 ----a-r- c:\windows\system32\btwapi.dll
2012-11-24 23:09 . 2012-11-24 23:09 348160 ----a-w- c:\windows\system32\msvcr71.dll
2012-11-24 23:09 . 2012-11-24 23:09 1700352 ----a-w- c:\windows\system32\gdiplus.dll
2012-11-24 23:09 . 2012-11-24 23:09 1060864 ----a-w- c:\windows\system32\mfc71.dll
2012-11-14 02:09 . 2012-12-11 23:24 1800704 ----a-w- c:\windows\system32\jscript9.dll
2012-11-14 01:58 . 2012-12-11 23:24 1427968 ----a-w- c:\windows\system32\inetcpl.cpl
2012-11-14 01:57 . 2012-12-11 23:24 1129472 ----a-w- c:\windows\system32\wininet.dll
2012-11-14 01:49 . 2012-12-11 23:24 142848 ----a-w- c:\windows\system32\ieUnatt.exe
2012-11-14 01:48 . 2012-12-11 23:24 420864 ----a-w- c:\windows\system32\vbscript.dll
2012-11-14 01:44 . 2012-12-11 23:24 2382848 ----a-w- c:\windows\system32\mshtml.tlb
2012-11-09 04:42 . 2012-12-11 23:14 2048 ----a-w- c:\windows\system32\tzres.dll
2012-11-08 03:37 . 2012-11-08 03:37 82952 ----a-w- c:\windows\system32\drivers\inspect.sys
2012-11-08 03:37 . 2012-11-08 03:37 494416 ----a-w- c:\windows\system32\drivers\cmdGuard.sys
2012-11-08 03:37 . 2012-11-08 03:37 36072 ----a-w- c:\windows\system32\drivers\cmdhlp.sys
2012-11-08 03:37 . 2012-11-08 03:37 19632 ----a-w- c:\windows\system32\drivers\cmderd.sys
2012-11-08 03:37 . 2012-11-08 03:37 34024 ----a-w- c:\windows\system32\cmdcsr.dll
2012-11-08 03:37 . 2012-11-08 03:37 301264 ----a-w- c:\windows\system32\guard32.dll
.
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]
@="{472083B0-C522-11CF-8763-00608CC02F24}"
[HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]
2012-10-30 22:50 121528 ----a-w- c:\program files\AVAST Software\Avast\ashShell.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2010-11-20 1174016]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"avast"="c:\program files\AVAST Software\Avast\avastUI.exe" [2012-10-30 4297136]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2010-07-20 136216]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2010-07-20 171032]
"Persistence"="c:\windows\system32\igfxpers.exe" [2010-07-20 170520]
"SynTPEnh"="c:\program files\Synaptics\SynTP\SynTPEnh.exe" [2011-10-14 2299176]
"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2012-12-03 946352]
"RIMBBLaunchAgent.exe"="c:\program files\Common Files\Research In Motion\USB Drivers\RIMBBLaunchAgent.exe" [2011-11-02 90448]
"COMODO Internet Security"="c:\program files\COMODO\COMODO Internet Security\cfp.exe" [2012-11-08 6756048]
"PrintDisp"="c:\windows\system32\PrintDisp.exe" [2011-02-19 826368]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows]
"AppInit_DLLs"=c:\windows\System32\guard32.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"aux1"=wdmaud.drv
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\hitmanpro36]
@=""
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\hitmanpro36.sys]
@=""
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\hitmanpro37]
@=""
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\hitmanpro37.sys]
@=""
.
R2 MBAMScheduler;MBAMScheduler;c:\program files\Malwarebytes' Anti-Malware\mbamscheduler.exe [x]
R2 MBAMService;MBAMService;c:\program files\Malwarebytes' Anti-Malware\mbamservice.exe [x]
R2 SkypeUpdate;Skype Updater;c:\program files\Skype\Updater\Updater.exe [x]
R3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [x]
R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys [x]
R3 Synth3dVsc;Synth3dVsc;c:\windows\system32\drivers\synth3dvsc.sys [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [x]
R3 tsusbhub;tsusbhub;c:\windows\system32\drivers\tsusbhub.sys [x]
R3 VGPU;VGPU;c:\windows\system32\drivers\rdvgkmd.sys [x]
R3 WatAdminSvc;Windows Activation Technologies Service;c:\windows\system32\Wat\WatAdminSvc.exe [x]
S1 aswSnx;aswSnx; [x]
S1 aswSP;aswSP; [x]
S1 cmdGuard;COMODO Internet Security Sandbox Driver;c:\windows\system32\DRIVERS\cmdguard.sys [x]
S1 cmdHlp;COMODO Internet Security Helper Driver;c:\windows\system32\DRIVERS\cmdhlp.sys [x]
S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe [x]
S2 aswFsBlk;aswFsBlk; [x]
S2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys [x]
S2 hpsrv;HP Service;c:\windows\system32\Hpservice.exe [x]
S2 Printer Control;Printer Control;c:\windows\system32\PrintCtrl.exe [x]
S3 intelkmd;intelkmd;c:\windows\system32\DRIVERS\igdpmd32.sys [x]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt86win7.sys [x]
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
GPSvcGroup REG_MULTI_SZ GPSvc
.
[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]
2013-01-31 20:32 1607120 ----a-w- c:\program files\Google\Chrome\Application\24.0.1312.57\Installer\chrmstp.exe
.
Contents of the 'Scheduled Tasks' folder
.
2013-02-01 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2012-10-13 00:19]
.
2013-02-01 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2012-10-13 00:19]
.
.
------- Supplementary Scan -------
.
uStart Page = hxxp://msn.fr/
IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~3\Office14\EXCEL.EXE/3000
IE: Se&nd to OneNote - c:\progra~1\MICROS~3\Office14\ONBttnIE.dll/105
TCP: DhcpNameServer = 192.168.0.1
TCP: Interfaces\{4DC51642-4E4B-4191-8623-19140A8E50DF}: NameServer = 8.26.56.26,156.154.70.22
TCP: Interfaces\{56ECE4F2-B06C-4112-AA3C-C7AD8C59DB1A}: NameServer = 8.26.56.26,156.154.70.22
TCP: Interfaces\{56ECE4F2-B06C-4112-AA3C-C7AD8C59DB1A}\C696E6B6379737: NameServer = 8.26.56.26,156.154.70.22
.
- - - - ORPHANS REMOVED - - - -
.
URLSearchHooks-{db61f672-0d05-4997-bec6-96eaab7c4106} - (no file)
WebBrowser-{DB61F672-0D05-4997-BEC6-96EAAB7C4106} - (no file)
SafeBoot-13960643.sys
SafeBoot-51292027.sys
.
.
.
--------------------- LOCKED REGISTRY KEYS ---------------------
.
[HKEY_USERS\S-1-5-21-789847438-1463946419-865136397-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.eml\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="WindowsLiveMail.Email.1"
.
[HKEY_USERS\S-1-5-21-789847438-1463946419-865136397-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.vcf\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="WindowsLiveMail.VCard.1"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
--------------------- DLLs Loaded Under Running Processes ---------------------
.
- - - - - - - > 'winlogon.exe'(664)
c:\windows\system32\guard32.dll
.
- - - - - - - > 'lsass.exe'(692)
c:\windows\system32\guard32.dll
.
- - - - - - - > 'Explorer.exe'(1384)
c:\windows\system32\guard32.dll
.
Completion time: 2013-02-01 18:50:18
ComboFix-quarantined-files.txt 2013-02-01 22:50
.
Pre-Run: 458,623,078,400 bytes free
Post-Run: 458,980,093,952 bytes free
.
- - End Of File - - A99709D8E6D93EAA2CEEF806B6122400

#6 The Dark Knight

The Dark Knight

    The Magician


  • Security Colleague
  • 661 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Krypton
  • Local time:11:58 PM

Posted 01 February 2013 - 06:28 PM

Hey babas87,

Thank you for the logs so far.

Please download AdwCleaner by Xplode onto your Desktop.

  • Double click on AdwCleaner.exe to run the tool.
  • Click on Search.
  • A logfile will automatically open after the scan has finished.
  • Please post the content of that logfile in your reply.
  • You can find the logfile at C:\AdwCleaner[R1].txt as well.

=====

Also, please download to your Desktop:
  • TDSSKiller.zip from here and extract it (right click on it => "Extract here").

>>> TDSSKiller: Double-click on TDSSKiller.exe to run the application.
  • Click Change parameters.
  • Make sure you check the box Loaded modules.
  • A window will popup and say Reboot is required. Please click Reboot now.
  • Then click Change parameters again. Check the box Detect TDLFS file system.
  • Click on the Start Scan button.
  • If an infected file is detected, the default action will be Cure. Instead, choose SKIP, then click on Continue. Posted Image
  • If a suspicious file is detected, the default action will be Skip, click on Continue. Posted Image
  • If you are asked to reboot the computer to complete the process, click on the Reboot Now button.
  • Once the tool has finished, please click Report. Please copy and paste the contents of that log in your reply.
    Note: A report will be automatically saved at the root of the System drive ((usually C:\) in the form of "TDSSKiller.[Version]_[Date]_[Time]_log.txt" (for example, C:\TDSSKiller.2.2.0_20.12.2009_15.31.43_log.txt).

=====

In your reply please provide the contents of both logs and let me know how your computer is currently running.

If you make yourself more than just a man, if you devote yourself to an ideal...you become something else entirely. A legend, Mr. Wayne, a legend!


If I have helped you please consider donating to the Neuroscience Research Institute.


Posted Image
Posted Image


#7 babas87

babas87
  • Topic Starter

  • Members
  • 71 posts
  • OFFLINE
  •  
  • Local time:07:58 AM

Posted 02 February 2013 - 01:23 PM

They told me the post was too long so I had to divide it in two. I hope it's ok.


# AdwCleaner v2.109 - Logfile created 02/01/2013 at 22:14:05
# Updated 26/01/2013 by Xplode
# Operating system : Windows 7 Ultimate Service Pack 1 (32 bits)
# User : HP - HP-PC
# Boot Mode : Normal
# Running from : C:\Users\HP\Desktop\adwcleaner.exe
# Option [Search]


***** [Services] *****


***** [Files / Folders] *****

Folder Found : C:\Program Files\Conduit
Folder Found : C:\Users\HP\AppData\Local\Conduit
Folder Found : C:\Users\HP\AppData\LocalLow\Conduit
Folder Found : C:\Users\HP\AppData\LocalLow\PriceGong

***** [Registry] *****

Key Found : HKCU\Software\AppDataLow\Software\Conduit
Key Found : HKCU\Software\AppDataLow\Software\ConduitSearchScopes
Key Found : HKCU\Software\AppDataLow\Software\PriceGong
Key Found : HKCU\Software\AppDataLow\Software\SmartBar
Key Found : HKCU\Software\Conduit
Key Found : HKLM\SOFTWARE\Classes\CLSID\{3C471948-F874-49F5-B338-4F214A2EE0B1}
Key Found : HKLM\SOFTWARE\Classes\Toolbar.CT3225824
Key Found : HKLM\Software\Conduit
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
Key Found : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\0FF2AEFF45EEA0A48A4B33C1973B6094

***** [Internet Browsers] *****

-\\ Internet Explorer v9.0.8112.16457

[OK] Registry is clean.

-\\ Google Chrome v24.0.1312.57

File : C:\Users\HP\AppData\Local\Google\Chrome\User Data\Default\Preferences

Found [l.8] : homepage = "hxxp://search.conduit.com/?ctid=CT3225824&SearchSource=48",
Found [l.39] : icon_url = "hxxp://search.conduit.com/fav.ico",
Found [l.42] : keyword = "search.conduit.com",
Found [l.45] : search_url = "hxxp://search.conduit.com/Results.aspx?q={searchTerms}&SearchSource=49&ctid=CT3225824",
Found [l.1709] : homepage = "hxxp://search.conduit.com/?ctid=CT3225824&SearchSource=48",

*************************

AdwCleaner[R1].txt - [2041 octets] - [01/02/2013 22:14:05]

########## EOF - C:\AdwCleaner[R1].txt - [2101 octets] ##########


22:18:06.0389 3608 TDSS rootkit removing tool 2.8.15.0 Oct 31 2012 21:47:35

22:18:06.0405 3608 ============================================================

22:18:06.0405 3608 Current date / time: 2013/02/01 22:18:06.0405

22:18:06.0405 3608 SystemInfo:

22:18:06.0405 3608

22:18:06.0405 3608 OSVersion: 6.1.7601 ServicePack: 1.0

22:18:06.0405 3608 Product type: Workstation

22:18:06.0405 3608 ComputerName: HP-PC

22:18:06.0405 3608 UserName: HP

22:18:06.0405 3608 Windows directory: C:\Windows

22:18:06.0405 3608 System windows directory: C:\Windows

22:18:06.0405 3608 Processor architecture: Intel x86

22:18:06.0405 3608 Number of processors: 4

22:18:06.0405 3608 Page size: 0x1000

22:18:06.0405 3608 Boot type: Normal boot

22:18:06.0405 3608 ============================================================

22:18:08.0615 3608 BGloaded

22:18:09.0245 3608 Drive \Device\Harddisk0\DR0 - Size: 0x7470C06000 (465.76 Gb),SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder:0xFF, Type 'K0', Flags 0x00000050

22:18:09.0265 3608 ============================================================

22:18:09.0265 3608 \Device\Harddisk0\DR0:

22:18:09.0355 3608 MBR partitions:

22:18:09.0355 3608 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x800,BlocksNum 0x32000

22:18:09.0355 3608 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x32800,BlocksNum 0x3A353000

22:18:09.0355 3608 ============================================================

22:18:09.0395 3608 C:<-> \Device\Harddisk0\DR0\Partition2

22:18:09.0395 3608 ============================================================

22:18:09.0395 3608 Initialize success

22:18:09.0395 3608 ============================================================

22:18:42.0066 1592 ============================================================

22:18:42.0066 1592 Scan started

22:18:42.0066 1592 Mode: Manual; SigCheck; TDLFS;

22:18:42.0066 1592 ============================================================

22:18:43.0033 1592 ================ Scan system memory ========================

22:18:43.0033 1592 System memory - ok

22:18:43.0033 1592 ================ Scan services =============================

22:18:43.0189 1592 [1B133875B8AA8AC48969BD3458AFE9F5 ] 1394ohci C:\Windows\system32\drivers\1394ohci.sys

22:18:43.0345 1592 1394ohci - ok

22:18:43.0377 1592 [CC1F1D3D70DC13C2C281488D347D4415 ] Accelerometer C:\Windows\system32\DRIVERS\Accelerometer.sys

22:18:43.0392 1592 Accelerometer - ok

22:18:43.0423 1592 [CEA80C80BED809AA0DA6FEBC04733349 ] ACPI C:\Windows\system32\drivers\ACPI.sys

22:18:43.0439 1592 ACPI - ok

22:18:43.0486 1592 [1EFBC664ABFF416D1D07DB115DCB264F ] AcpiPmi C:\Windows\system32\drivers\acpipmi.sys

22:18:43.0533 1592 AcpiPmi - ok

22:18:43.0611 1592 [3927397AC60D943DAF8808AFFED582B7 ] AdobeARMservice C:\Program Files\CommonFiles\Adobe\ARM\1.0\armsvc.exe

22:18:43.0626 1592 AdobeARMservice - ok

22:18:43.0673 1592 [21E785EBD7DC90A06391141AAC7892FB ] adp94xx C:\Windows\system32\DRIVERS\adp94xx.sys

22:18:43.0689 1592 adp94xx - ok

22:18:43.0735 1592 [0C676BC278D5B59FF5ABD57BBE9123F2 ] adpahci C:\Windows\system32\DRIVERS\adpahci.sys

22:18:43.0751 1592 adpahci - ok

22:18:43.0767 1592 [7C7B5EE4B7B822EC85321FE23A27DB33 ] adpu320 C:\Windows\system32\DRIVERS\adpu320.sys

22:18:43.0782 1592 adpu320 - ok

22:18:43.0829 1592 [8B5EEFEEC1E6D1A72A06C526628AD161 ] AeLookupSvc C:\Windows\System32\aelupsvc.dll

22:18:43.0891 1592 AeLookupSvc - ok

22:18:43.0907 1592 [9EBBBA55060F786F0FCAA3893BFA2806 ] AFD C:\Windows\system32\drivers\afd.sys

22:18:43.0954 1592 AFD - ok

22:18:43.0969 1592 [507812C3054C21CEF746B6EE3D04DD6E ] agp440 C:\Windows\system32\drivers\agp440.sys

22:18:43.0985 1592 agp440 - ok

22:18:44.0016 1592 [8B30250D573A8F6B4BD23195160D8707 ] aic78xx C:\Windows\system32\DRIVERS\djsvs.sys

22:18:44.0032 1592 aic78xx - ok

22:18:44.0047 1592 [18A54E132947CD98FEA9ACCC57F98F13 ] ALG C:\Windows\System32\alg.exe

22:18:44.0110 1592 ALG - ok

22:18:44.0141 1592 [0D40BCF52EA90FC7DF2AEAB6503DEA44 ] aliide C:\Windows\system32\drivers\aliide.sys

22:18:44.0157 1592 aliide - ok

22:18:44.0188 1592 [14C7D74AC4F90F881659532F4CE74F83 ] AMD External Events UtilityC:\Windows\system32\atiesrxx.exe

22:18:44.0219 1592 AMD External Events Utility - ok

22:18:44.0250 1592 [3C6600A0696E90A463771C7422E23AB5 ] amdagp C:\Windows\system32\drivers\amdagp.sys

22:18:44.0266 1592 amdagp - ok

22:18:44.0266 1592 [CD5914170297126B6266860198D1D4F0 ] amdide C:\Windows\system32\drivers\amdide.sys

22:18:44.0281 1592 amdide - ok

22:18:44.0313 1592 [00DDA200D71BAC534BF56A9DB5DFD666 ] AmdK8 C:\Windows\system32\DRIVERS\amdk8.sys

22:18:44.0344 1592 AmdK8 - ok

22:18:44.0500 1592 [280578AA4F589BFDA3A76375A47A26B5 ] amdkmdag C:\Windows\system32\DRIVERS\atikmdag.sys

22:18:44.0593 1592 amdkmdag - ok

22:18:44.0656 1592 [BA43EE7D325877677BAD4D0B3CCDE02A ] amdkmdap C:\Windows\system32\DRIVERS\atikmpag.sys

22:18:44.0687 1592 amdkmdap - ok

22:18:44.0718 1592 [3CBF30F5370FDA40DD3E87DF38EA53B6 ] AmdPPM C:\Windows\system32\DRIVERS\amdppm.sys

22:18:44.0781 1592 AmdPPM - ok

22:18:44.0812 1592 [D320BF87125326F996D4904FE24300FC ] amdsata C:\Windows\system32\drivers\amdsata.sys

22:18:44.0827 1592 amdsata - ok

22:18:44.0890 1592 [EA43AF0C423FF267355F74E7A53BDABA ] amdsbs C:\Windows\system32\DRIVERS\amdsbs.sys

22:18:44.0905 1592 amdsbs - ok

22:18:44.0921 1592 [46387FB17B086D16DEA267D5BE23A2F2 ] amdxata C:\Windows\system32\drivers\amdxata.sys

22:18:44.0937 1592 amdxata - ok

22:18:44.0968 1592 [AEA177F783E20150ACE5383EE368DA19 ] AppID C:\Windows\system32\drivers\appid.sys

22:18:45.0077 1592 AppID - ok

22:18:45.0108 1592 [62A9C86CB6085E20DB4823E4E97826F5 ] AppIDSvc C:\Windows\System32\appidsvc.dll

22:18:45.0155 1592 AppIDSvc - ok

22:18:45.0186 1592 [FB1959012294D6AD43E5304DF65E3C26 ] Appinfo C:\Windows\System32\appinfo.dll

22:18:45.0249 1592 Appinfo - ok

22:18:45.0280 1592 [A45D184DF6A8803DA13A0B329517A64A ] AppMgmt C:\Windows\System32\appmgmts.dll

22:18:45.0311 1592 AppMgmt - ok

22:18:45.0342 1592 [2932004F49677BD84DBC72EDB754FFB3 ] arc C:\Windows\system32\DRIVERS\arc.sys

22:18:45.0358 1592 arc - ok

22:18:45.0373 1592 [5D6F36C46FD283AE1B57BD2E9FEB0BC7 ] arcsas C:\Windows\system32\DRIVERS\arcsas.sys

22:18:45.0389 1592 arcsas - ok

22:18:45.0467 1592 [776ACEFA0CA9DF0FAA51A5FB2F435705 ] aspnet_state C:\Windows\Microsoft.NET\Framework\v4.0.30319\aspnet_state.exe

22:18:45.0498 1592 aspnet_state - ok

22:18:45.0529 1592 [DE6ED95AEF259979B2830450072A627B ] aswFsBlk C:\Windows\system32\drivers\aswFsBlk.sys

22:18:45.0561 1592 aswFsBlk - ok

22:18:45.0592 1592 [62F9DCEC95F91B8E0203E85D344A7E65 ] aswMonFlt C:\Windows\system32\drivers\aswMonFlt.sys

22:18:45.0592 1592 aswMonFlt - ok

22:18:45.0607 1592 [81F638A2DD94ABBF0B43880AB38D8DBD ] aswRdr C:\Windows\System32\Drivers\aswrdr2.sys

22:18:45.0623 1592 aswRdr - ok

22:18:45.0670 1592 [B32E9AD44A1DBB3E8095E80F8DF32B03 ] aswSnx C:\Windows\system32\drivers\aswSnx.sys

22:18:45.0701 1592 aswSnx - ok

22:18:45.0717 1592 [67B558895695545FB0568B7541F3BCA7 ] aswSP C:\Windows\system32\drivers\aswSP.sys

22:18:45.0732 1592 aswSP - ok

22:18:45.0748 1592 [E3E73B2B73A4DFADFDDF557192C4B08A ] aswTdi C:\Windows\system32\drivers\aswTdi.sys

22:18:45.0763 1592 aswTdi - ok

22:18:45.0779 1592 [ADD2ADE1C2B285AB8378D2DAAF991481 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys

22:18:45.0888 1592 AsyncMac - ok

22:18:45.0904 1592 [338C86357871C167A96AB976519BF59E ] atapi C:\Windows\system32\drivers\atapi.sys

22:18:45.0919 1592 atapi - ok

22:18:45.0966 1592 [CFE432E8EEACBCEA3DBF53EA76978A65 ] athr C:\Windows\system32\DRIVERS\athr.sys

22:18:46.0044 1592 athr - ok

22:18:46.0091 1592 [CE3B4E731638D2EF62FCB419BE0D39F0 ] AudioEndpointBuilderC:\Windows\System32\Audiosrv.dll

22:18:46.0138 1592 AudioEndpointBuilder - ok

22:18:46.0153 1592 [CE3B4E731638D2EF62FCB419BE0D39F0 ] Audiosrv C:\Windows\System32\Audiosrv.dll

22:18:46.0185 1592 Audiosrv - ok

22:18:46.0231 1592 [8FA553E9AE69808D99C164733A0F9590 ] avast! Antivirus C:\Program Files\AVASTSoftware\Avast\AvastSvc.exe

22:18:46.0247 1592 avast! Antivirus - ok

22:18:46.0278 1592 [6E30D02AAC9CAC84F421622E3A2F6178 ] AxInstSV C:\Windows\System32\AxInstSV.dll

22:18:46.0341 1592 AxInstSV - ok

22:18:46.0372 1592 [1A231ABEC60FD316EC54C66715543CEC ] b06bdrv C:\Windows\system32\DRIVERS\bxvbdx.sys

22:18:46.0419 1592 b06bdrv - ok

22:18:46.0450 1592 [BD8869EB9CDE6BBE4508D869929869EE ] b57nd60x C:\Windows\system32\DRIVERS\b57nd60x.sys

22:18:46.0481 1592 b57nd60x - ok

22:18:46.0543 1592 [EE1E9C3BB8228AE423DD38DB69128E71 ] BDESVC C:\Windows\System32\bdesvc.dll

22:18:46.0590 1592 BDESVC - ok

22:18:46.0606 1592 [505506526A9D467307B3C393DEDAF858 ] Beep C:\Windows\system32\drivers\Beep.sys

22:18:46.0653 1592 Beep - ok

22:18:46.0699 1592 [1E2BAC209D184BB851E1A187D8A29136 ] BFE C:\Windows\System32\bfe.dll

22:18:46.0746 1592 BFE - ok

22:18:46.0762 1592 [E585445D5021971FAE10393F0F1C3961 ] BITS C:\Windows\system32\qmgr.dll

22:18:46.0824 1592 BITS - ok

22:18:46.0824 1592 [2287078ED48FCFC477B05B20CF38F36F ] blbdrive C:\Windows\system32\DRIVERS\blbdrive.sys

22:18:46.0855 1592 blbdrive - ok

22:18:46.0871 1592 [8F2DA3028D5FCBD1A060A3DE64CD6506 ] bowser C:\Windows\system32\DRIVERS\bowser.sys

22:18:46.0902 1592 bowser - ok

22:18:46.0933 1592 [9F9ACC7F7CCDE8A15C282D3F88B43309 ] BrFiltLo C:\Windows\system32\DRIVERS\BrFiltLo.sys

22:18:46.0980 1592 BrFiltLo - ok

22:18:46.0980 1592 [56801AD62213A41F6497F96DEE83755A ] BrFiltUp C:\Windows\system32\DRIVERS\BrFiltUp.sys

22:18:47.0027 1592 BrFiltUp - ok

22:18:47.0027 1592 [77361D72A04F18809D0EFB6CCEB74D4B ] BridgeMP C:\Windows\system32\DRIVERS\bridge.sys

22:18:47.0074 1592 BridgeMP - ok

22:18:47.0090 1592 [3DAA727B5B0A45039B0E1C9A211B8400 ] Browser C:\Windows\System32\browser.dll

22:18:47.0121 1592 Browser - ok

22:18:47.0152 1592 [845B8CE732E67F3B4133164868C666EA ] Brserid C:\Windows\System32\Drivers\Brserid.sys

22:18:47.0199 1592 Brserid - ok

22:18:47.0214 1592 [203F0B1E73ADADBBB7B7B1FABD901F6B ] BrSerWdm C:\Windows\System32\Drivers\BrSerWdm.sys

22:18:47.0246 1592 BrSerWdm - ok

22:18:47.0261 1592 [BD456606156BA17E60A04E18016AE54B ] BrUsbMdm C:\Windows\System32\Drivers\BrUsbMdm.sys

22:18:47.0292 1592 BrUsbMdm - ok

22:18:47.0308 1592 [AF72ED54503F717A43268B3CC5FAEC2E ] BrUsbSer C:\Windows\System32\Drivers\BrUsbSer.sys

22:18:47.0339 1592 BrUsbSer - ok

22:18:47.0370 1592 [ED3DF7C56CE0084EB2034432FC56565A ] BTHMODEM C:\Windows\system32\DRIVERS\bthmodem.sys

22:18:47.0402 1592 BTHMODEM - ok

22:18:47.0433 1592 [1DF19C96EEF6C29D1C3E1A8678E07190 ] bthserv C:\Windows\system32\bthserv.dll

22:18:47.0480 1592 bthserv - ok

22:18:47.0573 1592 catchme - ok

22:18:47.0589 1592 [77EA11B065E0A8AB902D78145CA51E10 ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys

22:18:47.0636 1592 cdfs - ok

22:18:47.0714 1592 [BE167ED0FDB9C1FA1133953C18D5A6C9 ] cdrom C:\Windows\system32\drivers\cdrom.sys

22:18:47.0745 1592 cdrom - ok

22:18:47.0760 1592 [319C6B309773D063541D01DF8AC6F55F ] CertPropSvc C:\Windows\System32\certprop.dll

22:18:47.0807 1592 CertPropSvc - ok

22:18:47.0823 1592 [3FE3FE94A34DF6FB06E6418D0F6A0060 ] circlass C:\Windows\system32\DRIVERS\circlass.sys

22:18:47.0838 1592 circlass - ok

22:18:47.0870 1592 [635181E0E9BBF16871BF5380D71DB02D ] CLFS C:\Windows\system32\CLFS.sys

22:18:47.0885 1592 CLFS - ok

22:18:47.0932 1592 [D88040F816FDA31C3B466F0FA0918F29 ] clr_optimization_v2.0.50727_32C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe

22:18:47.0948 1592 clr_optimization_v2.0.50727_32 - ok

22:18:47.0963 1592 [C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe

22:18:48.0026 1592 clr_optimization_v4.0.30319_32 - ok

22:18:48.0041 1592 [DEA805815E587DAD1DD2C502220B5616 ] CmBatt C:\Windows\system32\DRIVERS\CmBatt.sys

22:18:48.0072 1592 CmBatt - ok

22:18:48.0182 1592 [2A2D72271844C52F004901A60312B96A ] cmdAgent C:\Program Files\COMODO\COMODO InternetSecurity\cmdagent.exe

22:18:48.0228 1592 cmdAgent - ok

22:18:48.0244 1592 [A1865742BBCF4C5F38FEE1258F8048FD ] cmdGuard C:\Windows\system32\DRIVERS\cmdguard.sys

22:18:48.0275 1592 cmdGuard - ok

22:18:48.0291 1592 [221D000474F01B1606FFC3FF362D9333 ] cmdHlp C:\Windows\system32\DRIVERS\cmdhlp.sys

22:18:48.0306 1592 cmdHlp - ok

22:18:48.0322 1592 [C537B1DB64D495B9B4717B4D6D9EDBF2 ] cmdide C:\Windows\system32\drivers\cmdide.sys

22:18:48.0338 1592 cmdide - ok

22:18:48.0353 1592 [42F158036BD4C2FF3122BF142E60E6FD ] CNG C:\Windows\system32\Drivers\cng.sys

22:18:48.0384 1592 CNG - ok

22:18:48.0416 1592 [A6023D3823C37043986713F118A89BEE ] Compbatt C:\Windows\system32\DRIVERS\compbatt.sys

22:18:48.0431 1592 Compbatt - ok

22:18:48.0462 1592 [CBE8C58A8579CFE5FCCF809E6F114E89 ] CompositeBus C:\Windows\system32\drivers\CompositeBus.sys

22:18:48.0509 1592 CompositeBus - ok

22:18:48.0525 1592 COMSysApp - ok

22:18:48.0540 1592 [2C4EBCFC84A9B44F209DFF6C6E6C61D1 ] crcdisk C:\Windows\system32\DRIVERS\crcdisk.sys

22:18:48.0540 1592 crcdisk - ok

22:18:48.0587 1592 [96C0E38905CFD788313BE8E11DAE3F2F ] CryptSvc C:\Windows\system32\cryptsvc.dll

22:18:48.0618 1592 CryptSvc - ok

22:18:48.0650 1592 [3C2177A897B4CA2788C6FB0C3FD81D4B ] CSC C:\Windows\system32\drivers\csc.sys

22:18:48.0681 1592 CSC - ok

22:18:48.0712 1592 [15F93B37F6801943360D9EB42485D5D3 ] CscService C:\Windows\System32\cscsvc.dll

22:18:48.0728 1592 CscService - ok

22:18:48.0759 1592 [7660F01D3B38ACA1747E397D21D790AF ] DcomLaunch C:\Windows\system32\rpcss.dll

22:18:48.0806 1592 DcomLaunch - ok

22:18:48.0852 1592 [8D6E10A2D9A5EED59562D9B82CF804E1 ] defragsvc C:\Windows\System32\defragsvc.dll

22:18:48.0899 1592 defragsvc - ok

22:18:48.0946 1592 [F024449C97EC1E464AAFFDA18593DB88 ] DfsC C:\Windows\system32\Drivers\dfsc.sys

22:18:48.0993 1592 DfsC - ok

22:18:49.0040 1592 [E9E01EB683C132F7FA27CD607B8A2B63 ] Dhcp C:\Windows\system32\dhcpcore.dll

22:18:49.0102 1592 Dhcp - ok

22:18:49.0118 1592 [1A050B0274BFB3890703D490F330C0DA ] discache C:\Windows\system32\drivers\discache.sys

22:18:49.0164 1592 discache - ok

22:18:49.0196 1592 [565003F326F99802E68CA78F2A68E9FF ] Disk C:\Windows\system32\DRIVERS\disk.sys

22:18:49.0211 1592 Disk - ok

22:18:49.0227 1592 [33EF4861F19A0736B11314AAD9AE28D0 ] Dnscache C:\Windows\System32\dnsrslvr.dll

22:18:49.0274 1592 Dnscache - ok

22:18:49.0305 1592 [366BA8FB4B7BB7435E3B9EACB3843F67 ] dot3svc C:\Windows\System32\dot3svc.dll

22:18:49.0367 1592 dot3svc - ok

22:18:49.0398 1592 [8EC04CA86F1D68DA9E11952EB85973D6 ] DPS C:\Windows\system32\dps.dll

22:18:49.0430 1592 DPS - ok

22:18:49.0461 1592 [B918E7C5F9BF77202F89E1A9539F2EB4 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys

22:18:49.0508 1592 drmkaud - ok

22:18:49.0539 1592 [23F5D28378A160352BA8F817BD8C71CB ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys

22:18:49.0570 1592 DXGKrnl - ok

22:18:49.0601 1592 [8600142FA91C1B96367D3300AD0F3F3A ] EapHost C:\Windows\System32\eapsvc.dll

22:18:49.0648 1592 EapHost- ok

22:18:49.0742 1592 [024E1B5CAC09731E4D868E64DBFB4AB0 ] ebdrv C:\Windows\system32\DRIVERS\evbdx.sys

22:18:49.0835 1592 ebdrv - ok

22:18:49.0866 1592 [81951F51E318AECC2D68559E47485CC4 ] EFS C:\Windows\System32\lsass.exe

22:18:49.0898 1592 EFS - ok

22:18:49.0944 1592 [A8C362018EFC87BEB013EE28F29C0863 ] ehRecvr C:\Windows\ehome\ehRecvr.exe

22:18:50.0007 1592 ehRecvr - ok

22:18:50.0022 1592 [D389BFF34F80CAEDE417BF9D1507996A ] ehSched C:\Windows\ehome\ehsched.exe

22:18:50.0069 1592 ehSched - ok

22:18:50.0116 1592 [0ED67910C8C326796FAA00B2BF6D9D3C ] elxstor C:\Windows\system32\DRIVERS\elxstor.sys

22:18:50.0132 1592 elxstor - ok

22:18:50.0163 1592 [8FC3208352DD3912C94367A206AB3F11 ] ErrDev C:\Windows\system32\drivers\errdev.sys

22:18:50.0194 1592 ErrDev - ok

22:18:50.0241 1592 [F6916EFC29D9953D5D0DF06882AE8E16 ] EventSystem C:\Windows\system32\es.dll

22:18:50.0303 1592 EventSystem - ok

22:18:50.0334 1592 [2DC9108D74081149CC8B651D3A26207F ] exfat C:\Windows\system32\drivers\exfat.sys

22:18:50.0381 1592 exfat - ok

22:18:50.0381 1592 [7E0AB74553476622FB6AE36F73D97D35 ] fastfat C:\Windows\system32\drivers\fastfat.sys

22:18:50.0444 1592 fastfat - ok

22:18:50.0475 1592 [967EA5B213E9984CBE270205DF37755B ] Fax C:\Windows\system32\fxssvc.exe

22:18:50.0506 1592 Fax - ok

22:18:50.0537 1592 [E817A017F82DF2A1F8CFDBDA29388B29 ] fdc C:\Windows\system32\DRIVERS\fdc.sys

22:18:50.0553 1592 fdc - ok

22:18:50.0584 1592 [F3222C893BD2F5821A0179E5C71E88FB ] fdPHost C:\Windows\system32\fdPHost.dll

22:18:50.0615 1592 fdPHost - ok

22:18:50.0631 1592 [7DBE8CBFE79EFBDEB98C9FB08D3A9A5B ] FDResPub C:\Windows\system32\fdrespub.dll

22:18:50.0678 1592 FDResPub - ok

22:18:50.0693 1592 [6CF00369C97F3CF563BE99BE983D13D8 ] FileInfo C:\Windows\system32\drivers\fileinfo.sys

22:18:50.0709 1592 FileInfo - ok

22:18:50.0724 1592 [42C51DC94C91DA21CB9196EB64C45DB9 ] Filetrace C:\Windows\system32\drivers\filetrace.sys

22:18:50.0756 1592 Filetrace - ok

22:18:50.0771 1592 [87907AA70CB3C56600F1C2FB8841579B ] flpydisk C:\Windows\system32\DRIVERS\flpydisk.sys

22:18:50.0802 1592 flpydisk - ok

22:18:50.0818 1592 [7520EC808E0C35E0EE6F841294316653 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys

22:18:50.0834 1592 FltMgr - ok

22:18:50.0896 1592 [B3A5EC6B6B6673DB7E87C2BCDBDDC074 ] FontCache C:\Windows\system32\FntCache.dll

22:18:50.0958 1592 FontCache - ok

22:18:51.0036 1592 [E56F39F6B7FDA0AC77A79B0FD3DE1A2F ] FontCache3.0.0.0C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe

22:18:51.0052 1592 FontCache3.0.0.0 - ok

22:18:51.0083 1592 [1A16B57943853E598CFF37FE2B8CBF1D ] FsDepends C:\Windows\system32\drivers\FsDepends.sys

22:18:51.0099 1592 FsDepends - ok

22:18:51.0146 1592 [7DAE5EBCC80E45D3253F4923DC424D05 ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys

22:18:51.0161 1592 Fs_Rec - ok

22:18:51.0177 1592 [8A73E79089B282100B9393B644CB853B ] fvevol C:\Windows\system32\DRIVERS\fvevol.sys

22:18:51.0208 1592 fvevol - ok

22:18:51.0255 1592 [65EE0C7A58B65E74AE05637418153938 ] gagp30kx C:\Windows\system32\DRIVERS\gagp30kx.sys

22:18:51.0270 1592 gagp30kx - ok

22:18:51.0333 1592 [E897EAF5ED6BA41E081060C9B447A673 ] gpsvc C:\Windows\System32\gpsvc.dll

22:18:51.0380 1592 gpsvc - ok

22:18:51.0458 1592 [506708142BC63DABA64F2D3AD1DCD5BF ] gupdate C:\ProgramFiles\Google\Update\GoogleUpdate.exe

22:18:51.0473 1592 gupdate - ok

22:18:51.0473 1592 [506708142BC63DABA64F2D3AD1DCD5BF ] gupdatem C:\ProgramFiles\Google\Update\GoogleUpdate.exe

22:18:51.0489 1592 gupdatem - ok

22:18:51.0536 1592 [C44E3C2BAB6837DB337DDEE7544736DB ] hcw85cir C:\Windows\system32\drivers\hcw85cir.sys

22:18:51.0582 1592 hcw85cir - ok

22:18:51.0614 1592 [A5EF29D5315111C80A5C1ABAD14C8972 ] HdAudAddServiceC:\Windows\system32\drivers\HdAudio.sys

22:18:51.0645 1592 HdAudAddService - ok

22:18:51.0676 1592 [9036377B8A6C15DC2EEC53E489D159B5 ] HDAudBus C:\Windows\system32\drivers\HDAudBus.sys

22:18:51.0707 1592 HDAudBus - ok

22:18:51.0723 1592 [A88485DC6A7136C10D9A6C7E38FDFE3C ] HECI C:\Windows\system32\DRIVERS\HECI.sys

22:18:51.0770 1592 HECI - ok

22:18:51.0785 1592 [1D58A7F3E11A9731D0EAAAA8405ACC36 ] HidBatt C:\Windows\system32\DRIVERS\HidBatt.sys

22:18:51.0816 1592 HidBatt - ok

22:18:51.0816 1592 [89448F40E6DF260C206A193A4683BA78 ] HidBth C:\Windows\system32\DRIVERS\hidbth.sys

22:18:51.0863 1592 HidBth - ok

22:18:51.0879 1592 [CF50B4CF4A4F229B9F3C08351F99CA5E ] HidIr C:\Windows\system32\DRIVERS\hidir.sys

22:18:51.0910 1592 HidIr - ok

22:18:51.0941 1592 [2BC6F6A1992B3A77F5F41432CA6B3B6B ] hidserv C:\Windows\System32\hidserv.dll

22:18:51.0988 1592 hidserv - ok

22:18:52.0050 1592 [10C19F8290891AF023EAEC0832E1EB4D ] HidUsb C:\Windows\system32\drivers\hidusb.sys

22:18:52.0082 1592 HidUsb - ok

22:18:52.0097 1592 [196B4E3F4CCCC24AF836CE58FACBB699 ] hkmsvc C:\Windows\system32\kmsvc.dll

22:18:52.0144 1592 hkmsvc - ok

22:18:52.0160 1592 [6658F4404DE03D75FE3BA09F7ABA6A30 ] HomeGroupListener C:\Windows\system32\ListSvc.dll

22:18:52.0222 1592 HomeGroupListener - ok

22:18:52.0253 1592 [DBC02D918FFF1CAD628ACBE0C0EAA8E8 ] HomeGroupProviderC:\Windows\system32\provsvc.dll

22:18:52.0300 1592 HomeGroupProvider - ok

22:18:52.0316 1592 [4EF10B866C62ABBEAF7511CDD05A19BE ] hpdskflt C:\Windows\system32\DRIVERS\hpdskflt.sys

22:18:52.0331 1592 hpdskflt - ok

22:18:52.0362 1592 [295FDC419039090EB8B49FFDBB374549 ] HpSAMD C:\Windows\system32\drivers\HpSAMD.sys

22:18:52.0378 1592 HpSAMD - ok

22:18:52.0394 1592 [C0BEB56ED79B59B7B33D0AA6C38A0BA6 ] hpsrv C:\Windows\system32\Hpservice.exe

22:18:52.0394 1592 hpsrv - ok

22:18:52.0425 1592 [871917B07A141BFF43D76D8844D48106 ] HTTP C:\Windows\system32\drivers\HTTP.sys

22:18:52.0472 1592 HTTP - ok

22:18:52.0503 1592 [0C4E035C7F105F1299258C90886C64C5 ] hwpolicy C:\Windows\system32\drivers\hwpolicy.sys

22:18:52.0518 1592 hwpolicy - ok

22:18:52.0565 1592 [F151F0BDC47F4A28B1B20A0818EA36D6 ] i8042prt C:\Windows\system32\drivers\i8042prt.sys

22:18:52.0596 1592 i8042prt - ok

22:18:52.0628 1592 [5CD5F9A5444E6CDCB0AC89BD62D8B76E ] iaStorV C:\Windows\system32\drivers\iaStorV.sys

22:18:52.0643 1592 iaStorV - ok

22:18:52.0721 1592 [C521D7EB6497BB1AF6AFA89E322FB43C ] idsvc C:\Windows\Microsoft.NET\Framework\v3.0\Windows CommunicationFoundation\infocard.exe

22:18:52.0752 1592 idsvc - ok

22:18:52.0768 1592 [4173FF5708F3236CF25195FECD742915 ] iirsp C:\Windows\system32\DRIVERS\iirsp.sys

22:18:52.0784 1592 iirsp - ok

22:18:52.0815 1592 [F95622F161474511B8D80D6B093AA610 ] IKEEXT C:\Windows\System32\ikeext.dll

22:18:52.0862 1592 IKEEXT - ok

22:18:52.0908 1592 [3B6BE2DA5993B1E38613976FAF4AC83E ] inspect C:\Windows\system32\DRIVERS\inspect.sys

22:18:52.0924 1592 inspect - ok

22:18:52.0940 1592 [A0F12F2C9BA6C72F3987CE780E77C130 ] intelide C:\Windows\system32\drivers\intelide.sys

22:18:52.0955 1592 intelide - ok

22:18:53.0111 1592 [C5589781F75DE0BFB26E221649C80D00 ] intelkmd C:\Windows\system32\DRIVERS\igdpmd32.sys

22:18:53.0252 1592 intelkmd - ok

22:18:53.0298 1592 [3B514D27BFC4ACCB4037BC6685F766E0 ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys

22:18:53.0330 1592 intelppm - ok

22:18:53.0361 1592 [ACB364B9075A45C0736E5C47BE5CAE19 ] IPBusEnum C:\Windows\system32\ipbusenum.dll

22:18:53.0423 1592 IPBusEnum - ok

22:18:53.0423 1592 [709D1761D3B19A932FF0238EA6D50200 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys

22:18:53.0470 1592 IpFilterDriver - ok

22:18:53.0517 1592 [58F67245D041FBE7AF88F4EAF79DF0FA ] iphlpsvc C:\Windows\System32\iphlpsvc.dll

22:18:53.0548 1592 iphlpsvc - ok

22:18:53.0579 1592 [4BD7134618C1D2A27466A099062547BF ] IPMIDRV C:\Windows\system32\drivers\IPMIDrv.sys

22:18:53.0610 1592 IPMIDRV - ok

22:18:53.0626 1592 [A5FA468D67ABCDAA36264E463A7BB0CD ] IPNAT C:\Windows\system32\drivers\ipnat.sys

22:18:53.0673 1592 IPNAT - ok

22:18:53.0704 1592 [42996CFF20A3084A56017B7902307E9F ] IRENUM C:\Windows\system32\drivers\irenum.sys

22:18:53.0720 1592 IRENUM - ok

22:18:53.0735 1592 [1F32BB6B38F62F7DF1A7AB7292638A35 ] isapnp C:\Windows\system32\drivers\isapnp.sys

22:18:53.0751 1592 isapnp - ok

22:18:53.0766 1592 [CB7A9ABB12B8415BCE5D74994C7BA3AE ] iScsiPrt C:\Windows\system32\drivers\msiscsi.sys

22:18:53.0782 1592 iScsiPrt - ok

22:18:53.0798 1592 [ADEF52CA1AEAE82B50DF86B56413107E ] kbdclass C:\Windows\system32\drivers\kbdclass.sys

22:18:53.0813 1592 kbdclass - ok

22:18:53.0844 1592 [9E3CED91863E6EE98C24794D05E27A71 ] kbdhid C:\Windows\system32\drivers\kbdhid.sys

22:18:53.0860 1592 kbdhid - ok

22:18:53.0876 1592 [81951F51E318AECC2D68559E47485CC4 ] KeyIso C:\Windows\system32\lsass.exe

22:18:53.0891 1592 KeyIso - ok

22:18:53.0922 1592 [B7895B4182C0D16F6EFADEB8081E8D36 ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys

22:18:53.0938 1592 KSecDD - ok

22:18:53.0969 1592 [5FE1ABF1AF591A3458C9CF24ED9A4D35 ] KSecPkg C:\Windows\system32\Drivers\ksecpkg.sys

22:18:53.0985 1592 KSecPkg - ok

22:18:54.0016 1592 [89A7B9CC98D0D80C6F31B91C0A310FCD ] KtmRm C:\Windows\system32\msdtckrm.dll

22:18:54.0063 1592 KtmRm - ok

22:18:54.0094 1592 [D64AF876D53ECA3668BB97B51B4E70AB ] LanmanServer C:\Windows\System32\srvsvc.dll

22:18:54.0156 1592 LanmanServer - ok

22:18:54.0172 1592 [58405E4F68BA8E4057C6E914F326ABA2 ] LanmanWorkstation C:\Windows\System32\wkssvc.dll

22:18:54.0219 1592 LanmanWorkstation - ok

22:18:54.0250 1592 [F7611EC07349979DA9B0AE1F18CCC7A6 ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys

22:18:54.0297 1592 lltdio - ok

22:18:54.0312 1592 [5700673E13A2117FA3B9020C852C01E2 ] lltdsvc C:\Windows\System32\lltdsvc.dll

22:18:54.0359 1592 lltdsvc - ok

22:18:54.0375 1592 [55CA01BA19D0006C8F2639B6C045E08B ] lmhosts C:\Windows\System32\lmhsvc.dll

22:18:54.0422 1592 lmhosts - ok

22:18:54.0453 1592 [EB119A53CCF2ACC000AC71B065B78FEF ] LSI_FC C:\Windows\system32\DRIVERS\lsi_fc.sys

22:18:54.0468 1592 LSI_FC - ok

22:18:54.0484 1592 [8ADE1C877256A22E49B75D1CC9161F9C ] LSI_SAS C:\Windows\system32\DRIVERS\lsi_sas.sys

22:18:54.0500 1592 LSI_SAS - ok

22:18:54.0515 1592 [DC9DC3D3DAA0E276FD2EC262E38B11E9 ] LSI_SAS2 C:\Windows\system32\DRIVERS\lsi_sas2.sys

22:18:54.0531 1592 LSI_SAS2 - ok

22:18:54.0531 1592 [0A036C7D7CAB643A7F07135AC47E0524 ] LSI_SCSI C:\Windows\system32\DRIVERS\lsi_scsi.sys

22:18:54.0546 1592 LSI_SCSI - ok

22:18:54.0578 1592 [6703E366CC18D3B6E534F5CF7DF39CEE ] luafv C:\Windows\system32\drivers\luafv.sys

22:18:54.0609 1592 luafv - ok

22:18:54.0640 1592 [629CABB0421668C9D3D402A3C3D77E14 ] MBAMProtector C:\Windows\system32\drivers\mbam.sys

22:18:54.0640 1592 MBAMProtector - ok

22:18:54.0687 1592 [1ACAA67676E9E7BDA5E0C41B6E0DECAF ] MBAMScheduler C:\Program Files\Malwarebytes'Anti-Malware\mbamscheduler.exe

22:18:54.0702 1592 MBAMScheduler - ok

22:18:54.0718 1592 [916B8954AC3E06DC9E898AFFB41F3FB6 ] MBAMService C:\Program Files\Malwarebytes'Anti-Malware\mbamservice.exe

22:18:54.0734 1592 MBAMService - ok

22:18:54.0765 1592 [BFB9EE8EE977EFE85D1A3105ABEF6DD1 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll

22:18:54.0780 1592 Mcx2Svc - ok

22:18:54.0796 1592 [0FFF5B045293002AB38EB1FD1FC2FB74 ] megasas C:\Windows\system32\DRIVERS\megasas.sys

22:18:54.0812 1592 megasas - ok

22:18:54.0843 1592 [DCBAB2920C75F390CAF1D29F675D03D6 ] MegaSR C:\Windows\system32\DRIVERS\MegaSR.sys

22:18:54.0858 1592 MegaSR - ok

22:18:54.0905 1592 [146B6F43A673379A3C670E86D89BE5EA ] MMCSS C:\Windows\system32\mmcss.dll

22:18:54.0952 1592 MMCSS - ok

22:18:54.0968 1592 [F001861E5700EE84E2D4E52C712F4964 ] Modem C:\Windows\system32\drivers\modem.sys

22:18:54.0999 1592 Modem - ok

22:18:55.0030 1592 [79D10964DE86B292320E9DFE02282A23 ] monitor C:\Windows\system32\DRIVERS\monitor.sys

22:18:55.0046 1592 monitor - ok

22:18:55.0061 1592 [FB18CC1D4C2E716B6B903B0AC0CC0609 ] mouclass C:\Windows\system32\drivers\mouclass.sys

22:18:55.0077 1592 mouclass - ok

22:18:55.0092 1592 [2C388D2CD01C9042596CF3C8F3C7B24D ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys

22:18:55.0124 1592 mouhid - ok

22:18:55.0139 1592 [FC8771F45ECCCFD89684E38842539B9B ] mountmgr C:\Windows\system32\drivers\mountmgr.sys

22:18:55.0155 1592 mountmgr - ok

22:18:55.0186 1592 [2D699FB6E89CE0D8DA14ECC03B3EDFE0 ] mpio C:\Windows\system32\drivers\mpio.sys

22:18:55.0202 1592 mpio - ok

22:18:55.0217 1592 [AD2723A7B53DD1AACAE6AD8C0BFBF4D0 ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys

22:18:55.0248 1592 mpsdrv - ok

22:18:55.0280 1592 [9835584E999D25004E1EE8E5F3E3B881 ] MpsSvc C:\Windows\system32\mpssvc.dll

22:18:55.0326 1592 MpsSvc - ok

22:18:55.0358 1592 [CEB46AB7C01C9F825F8CC6BABC18166A ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys

22:18:55.0389 1592 MRxDAV - ok

22:18:55.0404 1592 [5D16C921E3671636C0EBA3BBAAC5FD25 ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys

22:18:55.0451 1592 mrxsmb - ok

22:18:55.0467 1592 [6D17A4791ACA19328C685D256349FEFC ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys

22:18:55.0482 1592 mrxsmb10 - ok

22:18:55.0514 1592 [B81F204D146000BE76651A50670A5E9E ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys

22:18:55.0529 1592 mrxsmb20 - ok

22:18:55.0560 1592 [012C5F4E9349E711E11E0F19A8589F0A ] msahci C:\Windows\system32\drivers\msahci.sys

22:18:55.0576 1592 msahci - ok

22:18:55.0592 1592 [55055F8AD8BE27A64C831322A780A228 ] msdsm C:\Windows\system32\drivers\msdsm.sys

22:18:55.0607 1592 msdsm - ok

22:18:55.0623 1592 [E1BCE74A3BD9902B72599C0192A07E27 ] MSDTC C:\Windows\System32\msdtc.exe

22:18:55.0638 1592 MSDTC - ok

22:18:55.0670 1592 [DAEFB28E3AF5A76ABCC2C3078C07327F ] Msfs C:\Windows\system32\drivers\Msfs.sys

22:18:55.0701 1592 Msfs - ok

22:18:55.0716 1592 [3E1E5767043C5AF9367F0056295E9F84 ] mshidkmdf C:\Windows\System32\drivers\mshidkmdf.sys

22:18:55.0779 1592 mshidkmdf - ok

22:18:55.0794 1592 [0A4E5757AE09FA9622E3158CC1AEF114 ] msisadrv C:\Windows\system32\drivers\msisadrv.sys

22:18:55.0810 1592 msisadrv - ok

22:18:55.0841 1592 [90F7D9E6B6F27E1A707D4A297F077828 ] MSiSCSI C:\Windows\system32\iscsiexe.dll

22:18:55.0872 1592 MSiSCSI - ok

22:18:55.0872 1592 msiserver - ok

22:18:55.0888 1592 [8C0860D6366AAFFB6C5BB9DF9448E631 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys

22:18:55.0935 1592 MSKSSRV - ok

22:18:55.0966 1592 [3EA8B949F963562CEDBB549EAC0C11CE ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys

22:18:56.0013 1592 MSPCLOCK - ok

22:18:56.0013 1592 [F456E973590D663B1073E9C463B40932 ] MSPQM C:\Windows\system32\drivers\MSPQM.sys

22:18:56.0060 1592 MSPQM - ok

22:18:56.0075 1592 [0E008FC4819D238C51D7C93E7B41E560 ] MsRPC C:\Windows\system32\drivers\MsRPC.sys

22:18:56.0106 1592 MsRPC - ok

22:18:56.0122 1592 [FC6B9FF600CC585EA38B12589BD4E246 ] mssmbios C:\Windows\system32\drivers\mssmbios.sys

22:18:56.0138 1592 mssmbios - ok

22:18:56.0153 1592 [B42C6B921F61A6E55159B8BE6CD54A36 ] MSTEE C:\Windows\system32\drivers\MSTEE.sys

22:18:56.0184 1592 MSTEE - ok

22:18:56.0200 1592 [33599130F44E1F34631CEA241DE8AC84 ] MTConfig C:\Windows\system32\DRIVERS\MTConfig.sys

22:18:56.0231 1592 MTConfig - ok

22:18:56.0247 1592 [159FAD02F64E6381758C990F753BCC80 ] Mup C:\Windows\system32\Drivers\mup.sys

22:18:56.0262 1592 Mup - ok

22:18:56.0294 1592 [61D57A5D7C6D9AFE10E77DAE6E1B445E ] napagent C:\Windows\system32\qagentRT.dll

22:18:56.0340 1592 napagent - ok

22:18:56.0387 1592 [26384429FCD85D83746F63E798AB1480 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys

22:18:56.0418 1592 NativeWifiP - ok

22:18:56.0481 1592 [8C9C922D71F1CD4DEF73F186416B7896 ] NDIS C:\Windows\system32\drivers\ndis.sys

22:18:56.0496 1592 NDIS - ok

22:18:56.0528 1592 [0E1787AA6C9191D3D319E8BAFE86F80C ] NdisCap C:\Windows\system32\DRIVERS\ndiscap.sys

22:18:56.0574 1592 NdisCap - ok

22:18:56.0590 1592 [ E4A8AEC125A2E43A9E32AFEEA7C9C888] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys

22:18:56.0637 1592 NdisTapi - ok

22:18:56.0652 1592 [D8A65DAFB3EB41CBB622745676FCD072 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys

22:18:56.0684 1592 Ndisuio - ok

22:18:56.0699 1592 [38FBE267E7E6983311179230FACB1017 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys

22:18:56.0730 1592 NdisWan - ok

22:18:56.0746 1592 [A4BDC541E69674FBFF1A8FF00BE913F2 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys

22:18:56.0777 1592 NDProxy - ok

22:18:56.0808 1592 [80B275B1CE3B0E79909DB7B39AF74D51 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys

22:18:56.0840 1592 NetBIOS - ok

22:18:56.0871 1592 [280122DDCF04B378EDD1AD54D71C1E54 ] NetBT C:\Windows\system32\DRIVERS\netbt.sys

22:18:56.0902 1592 NetBT - ok

22:18:56.0918 1592 [81951F51E318AECC2D68559E47485CC4 ] Netlogon C:\Windows\system32\lsass.exe

22:18:56.0949 1592 Netlogon - ok

22:18:56.0980 1592 [7CCCFCA7510684768DA22092D1FA4DB2 ] Netman C:\Windows\System32\netman.dll

22:18:57.0011 1592 Netman - ok

22:18:57.0042 1592 [D22CD77D4F0D63D1169BB35911BFF12D ] NetMsmqActivatorC:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe

22:18:57.0058 1592 NetMsmqActivator - ok

22:18:57.0058 1592 [D22CD77D4F0D63D1169BB35911BFF12D ] NetPipeActivatorC:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe

22:18:57.0074 1592 NetPipeActivator - ok

22:18:57.0089 1592 [8C338238C16777A802D6A9211EB2BA50 ] netprofm C:\Windows\System32\netprofm.dll

22:18:57.0120 1592 netprofm - ok

22:18:57.0120 1592 [D22CD77D4F0D63D1169BB35911BFF12D ] NetTcpActivatorC:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe

22:18:57.0136 1592 NetTcpActivator - ok

22:18:57.0136 1592 [D22CD77D4F0D63D1169BB35911BFF12D ] NetTcpPortSharingC:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe

22:18:57.0152 1592 NetTcpPortSharing - ok

22:18:57.0198 1592 [1D85C4B390B0EE09C7A46B91EFB2C097 ] nfrd960 C:\Windows\system32\DRIVERS\nfrd960.sys

22:18:57.0214 1592 nfrd960 - ok

22:18:57.0230 1592 [374071043F9E4231EE43BE2BB48DD36D ] NlaSvc C:\Windows\System32\nlasvc.dll

22:18:57.0276 1592 NlaSvc - ok

22:18:57.0276 1592 [1DB262A9F8C087E8153D89BEF3D2235F ] Npfs C:\Windows\system32\drivers\Npfs.sys

22:18:57.0339 1592 Npfs - ok

22:18:57.0339 1592 [BA387E955E890C8A88306D9B8D06BF17 ] nsi C:\Windows\system32\nsisvc.dll

22:18:57.0386 1592 nsi - ok

22:18:57.0401 1592 [E9A0A4D07E53D8FEA2BB8387A3293C58 ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys

22:18:57.0448 1592 nsiproxy - ok

22:18:57.0479 1592 [0D87503986BB3DFED58E343FE39DDE13 ] Ntfs C:\Windows\system32\drivers\Ntfs.sys

22:18:57.0526 1592 Ntfs - ok

22:18:57.0542 1592 [F9756A98D69098DCA8945D62858A812C ] Null C:\Windows\system32\drivers\Null.sys

22:18:57.0573 1592 Null - ok

22:18:57.0604 1592 [B3E25EE28883877076E0E1FF877D02E0 ] nvraid C:\Windows\system32\drivers\nvraid.sys

22:18:57.0620 1592 nvraid - ok

22:18:57.0651 1592 [4380E59A170D88C4F1022EFF6719A8A4 ] nvstor C:\Windows\system32\drivers\nvstor.sys

22:18:57.0666 1592 nvstor - ok

22:18:57.0682 1592 [5A0983915F02BAE73267CC2A041F717D ] nv_agp C:\Windows\system32\drivers\nv_agp.sys

22:18:57.0698 1592 nv_agp - ok

22:18:57.0698 1592 [08A70A1F2CDDE9BB49B885CB817A66EB ] ohci1394 C:\Windows\system32\drivers\ohci1394.sys

22:18:57.0729 1592 ohci1394 - ok

22:18:57.0807 1592 [9D10F99A6712E28F8ACD5641E3A7EA6B ] ose C:\Program Files\CommonFiles\Microsoft Shared\Source Engine\OSE.EXE

22:18:57.0822 1592 ose - ok

22:18:57.0978 1592 [358A9CCA612C68EB2F07DDAD4CE1D8D7 ] osppsvc C:\Program Files\CommonFiles\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE

22:18:58.0150 1592 osppsvc - ok

22:18:58.0181 1592 [82A8521DDC60710C3D3D3E7325209BEC ] p2pimsvc C:\Windows\system32\pnrpsvc.dll

22:18:58.0212 1592 p2pimsvc - ok

22:18:58.0228 1592 [59C3DDD501E39E006DAC31BF55150D91 ] p2psvc C:\Windows\system32\p2psvc.dll

22:18:58.0259 1592 p2psvc - ok

22:18:58.0275 1592 [2EA877ED5DD9713C5AC74E8EA7348D14 ] Parport C:\Windows\system32\DRIVERS\parport.sys

22:18:58.0290 1592 Parport - ok

22:18:58.0306 1592 [3F34A1B4C5F6475F320C275E63AFCE9B ] partmgr C:\Windows\system32\drivers\partmgr.sys

22:18:58.0322 1592 partmgr - ok

22:18:58.0337 1592 [EB0A59F29C19B86479D36B35983DAADC ] Parvdm C:\Windows\system32\DRIVERS\parvdm.sys

22:18:58.0400 1592 Parvdm - ok

22:18:58.0431 1592 [358AB7956D3160000726574083DFC8A6 ] PcaSvc C:\Windows\System32\pcasvc.dll

22:18:58.0462 1592 PcaSvc - ok

22:18:58.0493 1592 [673E55C3498EB970088E812EA820AA8F ] pci C:\Windows\system32\drivers\pci.sys

22:18:58.0509 1592 pci - ok

22:18:58.0524 1592 [AFE86F419014DB4E5593F69FFE26CE0A ] pciide C:\Windows\system32\drivers\pciide.sys

22:18:58.0540 1592 pciide - ok

22:18:58.0556 1592 [F396431B31693E71E8A80687EF523506 ] pcmcia C:\Windows\system32\DRIVERS\pcmcia.sys

22:18:58.0587 1592 pcmcia - ok

22:18:58.0602 1592 [250F6B43D2B613172035C6747AEEB19F ] pcw C:\Windows\system32\drivers\pcw.sys

22:18:58.0618 1592 pcw - ok

22:18:58.0634 1592 [9E0104BA49F4E6973749A02BF41344ED ] PEAUTH C:\Windows\system32\drivers\peauth.sys

22:18:58.0665 1592 PEAUTH - ok

22:18:58.0712 1592 [AF4D64D2A57B9772CF3801950B8058A6 ] PeerDistSvc C:\Windows\system32\peerdistsvc.dll

22:18:58.0790 1592 PeerDistSvc - ok

22:18:58.0836 1592 [414BBA67A3DED1D28437EB66AEB8A720 ] pla C:\Windows\system32\pla.dll

22:18:58.0930 1592 pla - ok

22:18:58.0961 1592 [EC7BC28D207DA09E79B3E9FAF8B232CA ] PlugPlay C:\Windows\system32\umpnpmgr.dll

22:18:59.0024 1592 PlugPlay - ok

22:18:59.0039 1592 [63FF8572611249931EB16BB8EED6AFC8 ] PNRPAutoReg C:\Windows\system32\pnrpauto.dll

22:18:59.0070 1592 PNRPAutoReg - ok

22:18:59.0086 1592 [82A8521DDC60710C3D3D3E7325209BEC ] PNRPsvc C:\Windows\system32\pnrpsvc.dll

22:18:59.0117 1592 PNRPsvc - ok

22:18:59.0133 1592 [53946B69BA0836BD95B03759530C81EC ] PolicyAgent C:\Windows\System32\ipsecsvc.dll

22:18:59.0180 1592 PolicyAgent - ok

22:18:59.0211 1592 [F87D30E72E03D579A5199CCB3831D6EA ] Power C:\Windows\system32\umpo.dll

22:18:59.0258 1592 Power - ok

22:18:59.0289 1592 [631E3E205AD6D86F2AED6A4A8E69F2DB ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys

22:18:59.0336 1592 PptpMiniport- ok

22:18:59.0367 1592 [81DBFB92EC47CAC5A7DBAC688886C212 ] Printer ControlC:\Windows\system32\PrintCtrl.exe

22:18:59.0398 1592 Printer Control ( UnsignedFile.Multi.Generic ) - warning

22:18:59.0398 1592 Printer Control - detected UnsignedFile.Multi.Generic (1)

22:18:59.0414 1592 [85B1E3A0C7585BC4AAE6899EC6FCF011 ] Processor C:\Windows\system32\DRIVERS\processr.sys

22:18:59.0445 1592 Processor - ok

22:18:59.0460 1592 [CADEFAC453040E370A1BDFF3973BE00D ] ProfSvc C:\Windows\system32\profsvc.dll

22:18:59.0507 1592 ProfSvc - ok

22:18:59.0507 1592 [81951F51E318AECC2D68559E47485CC4 ] ProtectedStorageC:\Windows\system32\lsass.exe

22:18:59.0538 1592 ProtectedStorage - ok

22:18:59.0585 1592 [6270CCAE2A86DE6D146529FE55B3246A ] Psched C:\Windows\system32\DRIVERS\pacer.sys

22:18:59.0616 1592 Psched - ok

22:18:59.0648 1592 [AB95ECF1F6659A60DDC166D8315B0751 ] ql2300 C:\Windows\system32\DRIVERS\ql2300.sys

22:18:59.0710 1592 ql2300 - ok

22:18:59.0741 1592 [B4DD51DD25182244B86737DC51AF2270 ] ql40xx C:\Windows\system32\DRIVERS\ql40xx.sys

22:18:59.0757 1592 ql40xx - ok

22:18:59.0788 1592 [31AC809E7707EB580B2BDB760390765A ] QWAVE C:\Windows\system32\qwave.dll

22:18:59.0819 1592 QWAVE - ok

22:18:59.0819 1592 [584078CA1B95CA72DF2A27C336F9719D ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys

22:18:59.0835 1592 QWAVEdrv - ok

22:18:59.0850 1592 [30A81B53C766D0133BB86D234E5556AB ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys

22:18:59.0897 1592 RasAcd - ok

22:18:59.0944 1592 [57EC4AEF73660166074D8F7F31C0D4FD ] RasAgileVpn C:\Windows\system32\DRIVERS\AgileVpn.sys

22:18:59.0991 1592 RasAgileVpn - ok

22:19:00.0006 1592 [A60F1839849C0C00739787FD5EC03F13 ] RasAuto C:\Windows\System32\rasauto.dll

22:19:00.0038 1592 RasAuto - ok

22:19:00.0069 1592 [D9F91EAFEC2815365CBE6D167E4E332A ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys

22:19:00.0116 1592 Rasl2tp - ok

22:19:00.0147 1592 [CB9E04DC05EACF5B9A36CA276D475006 ] RasMan C:\Windows\System32\rasmans.dll

22:19:00.0194 1592 RasMan - ok

22:19:00.0225 1592 [0FE8B15916307A6AC12BFB6A63E45507 ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys

22:19:00.0256 1592 RasPppoe - ok

22:19:00.0287 1592 [44101F495A83EA6401D886E7FD70096B ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys

22:19:00.0318 1592 RasSstp - ok

22:19:00.0334 1592 [D528BC58A489409BA40334EBF96A311B ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys

22:19:00.0365 1592 rdbss - ok

22:19:00.0381 1592 [0D8F05481CB76E70E1DA06EE9F0DA9DF ] rdpbus C:\Windows\system32\DRIVERS\rdpbus.sys

22:19:00.0396 1592 rdpbus - ok

22:19:00.0412 1592 [23DAE03F29D253AE74C44F99E515F9A1 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys

22:19:00.0459 1592 RDPCDD - ok

22:19:00.0474 1592 [B973FCFC50DC1434E1970A146F7E3885 ] RDPDR C:\Windows\system32\drivers\rdpdr.sys

22:19:00.0521 1592 RDPDR - ok

22:19:00.0537 1592 [5A53CA1598DD4156D44196D200C94B8A ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys

22:19:00.0584 1592 RDPENCDD - ok

22:19:00.0584 1592 [44B0A53CD4F27D50ED461DAE0C0B4E1F ] RDPREFMP C:\Windows\system32\drivers\rdprefmp.sys

22:19:00.0630 1592 RDPREFMP - ok

22:19:00.0662 1592 [65375DF758CA1872AB7EBBBA457FD5E6 ] RdpVideoMiniportC:\Windows\system32\drivers\rdpvideominiport.sys

22:19:00.0677 1592 RdpVideoMiniport - ok

22:19:00.0708 1592 [F031683E6D1FEA157ABB2FF260B51E61 ] RDPWD C:\Windows\system32\drivers\RDPWD.sys

22:19:00.0755 1592 RDPWD - ok

22:19:00.0771 1592 [518395321DC96FE2C9F0E96AC743B656 ] rdyboost C:\Windows\system32\drivers\rdyboost.sys

22:19:00.0786 1592 rdyboost - ok

22:19:00.0833 1592 [7B5E1419717FAC363A31CC302895217A ] RemoteAccess C:\Windows\System32\mprdim.dll

22:19:00.0880 1592 RemoteAccess - ok

22:19:00.0911 1592 [CB9A8683F4EF2BF99E123D79950D7935 ] RemoteRegistry C:\Windows\system32\regsvc.dll

22:19:00.0942 1592 RemoteRegistry - ok

22:19:00.0974 1592 RimUsb - ok

22:19:01.0005 1592 [3A5633AD615E2B15291BD0B1B97CCD8A ] RimVSerPort C:\Windows\system32\DRIVERS\RimSerial.sys

22:19:01.0036 1592 RimVSerPort - ok

22:19:01.0067 1592 [564297827D213F52C7A3A2FF749568CA ] ROOTMODEM C:\Windows\system32\Drivers\RootMdm.sys

22:19:01.0114 1592 ROOTMODEM - ok

22:19:01.0176 1592 [78D072F35BC45D9E4E1B61895C152234 ] RpcEptMapper C:\Windows\System32\RpcEpMap.dll

22:19:01.0223 1592 RpcEptMapper - ok

22:19:01.0239 1592 [94D36C0E44677DD26981D2BFEEF2A29D ] RpcLocator C:\Windows\system32\locator.exe

22:19:01.0270 1592 RpcLocator - ok

22:19:01.0286 1592 [7660F01D3B38ACA1747E397D21D790AF ] RpcSs C:\Windows\system32\rpcss.dll

22:19:01.0332 1592 RpcSs - ok

22:19:01.0332 1592 [032B0D36AD92B582D869879F5AF5B928 ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys

22:19:01.0395 1592 rspndr - ok

22:19:01.0426 1592 [5283B9A27FF230F2FF70D92451FF409A ] RTL8167 C:\Windows\system32\DRIVERS\Rt86win7.sys

22:19:01.0457 1592 RTL8167 - ok

22:19:01.0488 1592 [7FA7F2E249A5DCBB7970630E15E1F482 ] s3cap C:\Windows\system32\drivers\vms3cap.sys

22:19:01.0520 1592 s3cap - ok

22:19:01.0535 1592 [81951F51E318AECC2D68559E47485CC4 ] SamSs C:\Windows\system32\lsass.exe

22:19:01.0551 1592 SamSs - ok

22:19:01.0566 1592 [05D860DA1040F111503AC416CCEF2BCA ] sbp2port C:\Windows\system32\drivers\sbp2port.sys

22:19:01.0582 1592 sbp2port - ok

22:19:01.0613 1592 [8FC518FFE9519C2631D37515A68009C4 ] SCardSvr C:\Windows\System32\SCardSvr.dll

22:19:01.0676 1592 SCardSvr - ok

22:19:01.0691 1592 [0693B5EC673E34DC147E195779A4DCF6 ] scfilter C:\Windows\system32\DRIVERS\scfilter.sys

22:19:01.0738 1592 scfilter - ok

22:19:01.0769 1592 [A04BB13F8A72F8B6E8B4071723E4E336 ] Schedule C:\Windows\system32\schedsvc.dll

22:19:01.0832 1592 Schedule - ok

22:19:01.0847 1592 [319C6B309773D063541D01DF8AC6F55F ] SCPolicySvc C:\Windows\System32\certprop.dll

22:19:01.0878 1592 SCPolicySvc - ok

22:19:01.0925 1592 [08236C4BCE5EDD0A0318A438AF28E0F7 ] SDRSVC C:\Windows\System32\SDRSVC.dll

22:19:01.0972 1592 SDRSVC - ok

22:19:02.0003 1592 [90A3935D05B494A5A39D37E71F09A677 ] secdrv C:\Windows\system32\drivers\secdrv.sys

22:19:02.0050 1592 secdrv - ok

22:19:02.0097 1592 [A59B3A4442C52060CC7A85293AA3546F ] seclogon C:\Windows\system32\seclogon.dll

22:19:02.0144 1592 seclogon - ok

22:19:02.0175 1592 [DCB7FCDCC97F87360F75D77425B81737 ] SENS C:\Windows\system32\sens.dll

22:19:02.0222 1592 SENS - ok

22:19:02.0253 1592 [50087FE1EE447009C9CC2997B90DE53F ] SensrSvc C:\Windows\system32\sensrsvc.dll

22:19:02.0284 1592 SensrSvc - ok

22:19:02.0300 1592 [9AD8B8B515E3DF6ACD4212EF465DE2D1 ] Serenum C:\Windows\system32\DRIVERS\serenum.sys

22:19:02.0315 1592 Serenum - ok

22:19:02.0331 1592 [5FB7FCEA0490D821F26F39CC5EA3D1E2 ] Serial C:\Windows\system32\DRIVERS\serial.sys

22:19:02.0346 1592 Serial - ok

22:19:02.0393 1592 [79BFFB520327FF916A582DFEA17AA813 ] sermouse C:\Windows\system32\DRIVERS\sermouse.sys

22:19:02.0424 1592 sermouse - ok

22:19:02.0456 1592 [4AE380F39A0032EAB7DD953030B26D28 ] SessionEnv C:\Windows\system32\sessenv.dll

22:19:02.0502 1592 SessionEnv - ok

22:19:02.0518 1592 [9F976E1EB233DF46FCE808D9DEA3EB9C ] sffdisk C:\Windows\system32\drivers\sffdisk.sys

22:19:02.0549 1592 sffdisk - ok

22:19:02.0565 1592 [932A68EE27833CFD57C1639D375F2731 ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys

22:19:02.0596 1592 sffp_mmc - ok

22:19:02.0612 1592 [6D4CCAEDC018F1CF52866BBBAA235982 ] sffp_sd C:\Windows\system32\drivers\sffp_sd.sys

22:19:02.0627 1592 sffp_sd - ok

22:19:02.0658 1592 [DB96666CC8312EBC45032F30B007A547 ] sfloppy C:\Windows\system32\DRIVERS\sfloppy.sys

22:19:02.0690 1592 sfloppy - ok

22:19:02.0721 1592 [D1A079A0DE2EA524513B6930C24527A2 ] SharedAccess C:\Windows\System32\ipnathlp.dll

22:19:02.0768 1592 SharedAccess - ok

22:19:02.0783 1592 [414DA952A35BF5D50192E28263B40577 ] ShellHWDetectionC:\Windows\System32\shsvcs.dll

22:19:02.0830 1592 ShellHWDetection - ok

22:19:02.0861 1592 [2565CAC0DC9FE0371BDCE60832582B2E ] sisagp C:\Windows\system32\drivers\sisagp.sys

22:19:02.0877 1592 sisagp - ok

22:19:02.0908 1592 [A9F0486851BECB6DDA1D89D381E71055 ] SiSRaid2 C:\Windows\system32\DRIVERS\SiSRaid2.sys

22:19:02.0924 1592 SiSRaid2 - ok

22:19:02.0955 1592 [3727097B55738E2F554972C3BE5BC1AA ] SiSRaid4 C:\Windows\system32\DRIVERS\sisraid4.sys

22:19:02.0970 1592 SiSRaid4 - ok

22:19:03.0048 1592 [0F575481EAD4CDD41AA82ED38BC8F6B3 ] SkypeUpdate C:\Program Files\Skype\Updater\Updater.exe

22:19:03.0064 1592 SkypeUpdate - ok

22:19:03.0080 1592 [3E21C083B8A01CB70BA1F09303010FCE ] Smb C:\Windows\system32\DRIVERS\smb.sys

22:19:03.0126 1592 Smb - ok

22:19:03.0158 1592 [6A984831644ECA1A33FFEAE4126F4F37 ] SNMPTRAP C:\Windows\System32\snmptrap.exe

22:19:03.0173 1592 SNMPTRAP - ok

22:19:03.0189 1592 [95CF1AE7527FB70F7816563CBC09D942 ] spldr C:\Windows\system32\drivers\spldr.sys

22:19:03.0204 1592 spldr - ok

22:19:03.0220 1592 [9AEA093B8F9C37CF45538382CABA2475 ] Spooler C:\Windows\System32\spoolsv.exe

22:19:03.0267 1592 Spooler - ok

22:19:03.0345 1592 [CF87A1DE791347E75B98885214CED2B8 ] sppsvc C:\Windows\system32\sppsvc.exe

22:19:03.0470 1592 sppsvc - ok

22:19:03.0501 1592 [B0180B20B065D89232A78A40FE56EAA6 ] sppuinotify C:\Windows\system32\sppuinotify.dll

22:19:03.0548 1592 sppuinotify - ok

22:19:03.0563 1592 [E4C2764065D66EA1D2D3EBC28FE99C46 ] srv C:\Windows\system32\DRIVERS\srv.sys

22:19:03.0610 1592 srv - ok

22:19:03.0626 1592 [03F0545BD8D4C77FA0AE1CEEDFCC71AB ] srv2 C:\Windows\system32\DRIVERS\srv2.sys

22:19:03.0641 1592 srv2 - ok

22:19:03.0672 1592 [BE6BD660CAA6F291AE06A718A4FA8ABC ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys

22:19:03.0704 1592 srvnet - ok

22:19:03.0735 1592 [D887C9FD02AC9FA880F6E5027A43E118 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll

22:19:03.0766 1592 SSDPSRV - ok

22:19:03.0766 1592 [D318F23BE45D5E3A107469EB64815B50 ] SstpSvc C:\Windows\system32\sstpsvc.dll

22:19:03.0813 1592 SstpSvc - ok

22:19:03.0875 1592 [DB32D325C192B801DF274BFD12A7E72B ] stexstor C:\Windows\system32\DRIVERS\stexstor.sys

22:19:03.0891 1592 stexstor - ok

22:19:03.0953 1592 [E1FB3706030FB4578A0D72C2FC3689E4 ] StiSvc C:\Windows\System32\wiaservc.dll

22:19:04.0016 1592 StiSvc- ok

22:19:04.0078 1592 [472AF0311073DCECEAA8FA18BA2BDF89 ] storflt C:\Windows\system32\drivers\vmstorfl.sys

22:19:04.0094 1592 storflt - ok

22:19:04.0140 1592 [DCAFFD62259E0BDB433DD67B5BB37619 ] storvsc C:\Windows\system32\drivers\storvsc.sys

22:19:04.0156 1592 storvsc - ok

22:19:04.0218 1592 [E58C78A848ADD9610A4DB6D214AF5224 ] swenum C:\Windows\system32\drivers\swenum.sys

22:19:04.0234 1592 swenum - ok

22:19:04.0374 1592 [A28BD92DF340E57B024BA433165D34D7 ] swprv C:\Windows\System32\swprv.dll

22:19:04.0452 1592 swprv - ok

22:19:04.0562 1592 Synth3dVsc - ok

22:19:04.0842 1592 [6DD49E1A5FA0F01824652F1A0A8866FB ] SynTP C:\Windows\system32\DRIVERS\SynTP.sys

22:19:04.0858 1592 SynTP - ok

22:19:05.0139 1592 [36650D618CA34C9D357DFD3D89B2C56F ] SysMain C:\Windows\system32\sysmain.dll

22:19:05.0170 1592 SysMain - ok

22:19:05.0264 1592 [763FECDC3D30C815FE72DD57936C6CD1 ] TabletInputServiceC:\Windows\System32\TabSvc.dll

22:19:05.0310 1592 TabletInputService - ok

22:19:05.0404 1592 [613BF4820361543956909043A265C6AC ] TapiSrv C:\Windows\System32\tapisrv.dll

22:19:05.0435 1592 TapiSrv - ok

22:19:05.0482 1592 [B799D9FDB26111737F58288D8DC172D9 ] TBS C:\Windows\System32\tbssvc.dll

22:19:05.0544 1592 TBS - ok

22:19:05.0700 1592 [E23A56F843E2AEBBB209D0ACCA73C640 ] Tcpip C:\Windows\system32\drivers\tcpip.sys

22:19:05.0747 1592 Tcpip - ok

22:19:05.0778 1592 [E23A56F843E2AEBBB209D0ACCA73C640 ] TCPIP6 C:\Windows\system32\DRIVERS\tcpip.sys

22:19:05.0810 1592 TCPIP6 - ok

22:19:05.0841 1592 [3EEBD3BD93DA46A26E89893C7AB2FF3B ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys

22:19:05.0856 1592 tcpipreg - ok

22:19:05.0888 1592 [1CB91B2BD8F6DD367DFC2EF26FD751B2 ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys

22:19:05.0919 1592 TDPIPE - ok

22:19:05.0934 1592 [2C2C5AFE7EE4F620D69C23C0617651A8 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys

22:19:05.0966 1592 TDTCP - ok

22:19:05.0981 1592 [B459575348C20E8121D6039DA063C704 ] tdx C:\Windows\system32\DRIVERS\tdx.sys

22:19:06.0028 1592 tdx - ok

22:19:06.0044 1592 [04DBF4B01EA4BF25A9A3E84AFFAC9B20 ] TermDD C:\Windows\system32\drivers\termdd.sys

22:19:06.0059 1592 TermDD - ok

22:19:06.0075 1592 [382C804C92811BE57829D8E550A900E2 ] TermService C:\Windows\System32\termsrv.dll

22:19:06.0137 1592 TermService - ok

22:19:06.0153 1592 [42FB6AFD6B79D9FE07381609172E7CA4 ] Themes C:\Windows\system32\themeservice.dll

22:19:06.0200 1592 Themes - ok

22:19:06.0200 1592 [146B6F43A673379A3C670E86D89BE5EA ] THREADORDER C:\Windows\system32\mmcss.dll

22:19:06.0246 1592 THREADORDER - ok

22:19:06.0262 1592 [4792C0378DB99A9BC2AE2DE6CFFF0C3A ] TrkWks C:\Windows\System32\trkwks.dll

22:19:06.0324 1592 TrkWks - ok

22:19:06.0371 1592 [2C49B175AEE1D4364B91B531417FE583 ] TrustedInstallerC:\Windows\servicing\TrustedInstaller.exe

22:19:06.0418 1592 TrustedInstaller - ok

22:19:06.0434 1592 [254BB140EEE3C59D6114C1A86B636877 ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys

22:19:06.0480 1592 tssecsrv - ok

22:19:06.0512 1592 [9CE253214ACAA5A7D323327D2055EFAA ] TsUsbFlt C:\Windows\system32\drivers\tsusbflt.sys

22:19:06.0558 1592 TsUsbFlt - ok

22:19:06.0558 1592 tsusbhub - ok

22:19:06.0590 1592 [B2FA25D9B17A68BB93D58B0556E8C90D ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys

22:19:06.0636 1592 tunnel - ok

22:19:06.0652 1592 [750FBCB269F4D7DD2E420C56B795DB6D ] uagp35 C:\Windows\system32\DRIVERS\uagp35.sys

22:19:06.0668 1592 uagp35 - ok

22:19:06.0699 1592 [EE43346C7E4B5E63E54F927BABBB32FF ] udfs C:\Windows\system32\DRIVERS\udfs.sys

22:19:06.0746 1592 udfs - ok

22:19:06.0777 1592 [8344FD4FCE927880AA1AA7681D4927E5 ] UI0Detect C:\Windows\system32\UI0Detect.exe

22:19:06.0808 1592 UI0Detect - ok

22:19:06.0824 1592 [44E8048ACE47BEFBFDC2E9BE4CBC8880 ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys

22:19:06.0839 1592 uliagpkx - ok

22:19:06.0917 1592 [D295BED4B898F0FD999FCFA9B32B071B ] umbus C:\Windows\system32\DRIVERS\umbus.sys

22:19:06.0933 1592 umbus - ok

22:19:06.0964 1592 [7550AD0C6998BA1CB4843E920EE0FEAC ] UmPass C:\Windows\system32\DRIVERS\umpass.sys

22:19:06.0980 1592 UmPass - ok

22:19:07.0011 1592 [409994A8EACEEE4E328749C0353527A0 ] UmRdpService C:\Windows\System32\umrdp.dll

22:19:07.0042 1592 UmRdpService - ok

22:19:07.0058 1592 [833FBB672460EFCE8011D262175FAD33 ] upnphost C:\Windows\System32\upnphost.dll

22:19:07.0104 1592 upnphost - ok

22:19:07.0136 1592 [BD9C55D7023C5DE374507ACC7A14E2AC ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys

22:19:07.0151 1592 usbccgp - ok

22:19:07.0182 1592 [04EC7CEC62EC3B6D9354EEE93327FC82 ] usbcir C:\Windows\system32\drivers\usbcir.sys

22:19:07.0198 1592 usbcir - ok

22:19:07.0214 1592 [F92DE757E4B7CE9C07C5E65423F3AE3B ] usbehci C:\Windows\system32\DRIVERS\usbehci.sys

22:19:07.0229 1592 usbehci - ok

22:19:07.0245 1592 [8DC94AEC6A7E644A06135AE7506DC2E9 ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys

22:19:07.0276 1592 usbhub - ok

22:19:07.0276 1592 [E185D44FAC515A18D9DEDDC23C2CDF44 ] usbohci C:\Windows\system32\drivers\usbohci.sys

22:19:07.0307 1592 usbohci - ok

22:19:07.0323 1592 [797D862FE0875E75C7CC4C1AD7B30252 ] usbprint C:\Windows\system32\DRIVERS\usbprint.sys

22:19:07.0354 1592 usbprint - ok

22:19:07.0370 1592 [F991AB9CC6B908DB552166768176896A ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS

22:19:07.0416 1592 USBSTOR - ok

22:19:07.0432 1592 [68DF884CF41CDADA664BEB01DAF67E3D ] usbuhci C:\Windows\system32\drivers\usbuhci.sys

22:19:07.0448 1592 usbuhci - ok

22:19:07.0494 1592 [45F4E7BF43DB40A6C6B4D92C76CBC3F2 ] usbvideo C:\Windows\System32\Drivers\usbvideo.sys

22:19:07.0510 1592 usbvideo - ok

22:19:07.0541 1592 [081E6E1C91AEC36758902A9F727CD23C ] UxSms C:\Windows\System32\uxsms.dll

22:19:07.0572 1592 UxSms - ok

22:19:07.0588 1592 [81951F51E318AECC2D68559E47485CC4 ] VaultSvc C:\Windows\system32\lsass.exe

22:19:07.0619 1592 VaultSvc - ok

22:19:07.0650 1592 [A059C4C3EDB09E07D21A8E5C0AABD3CB ] vdrvroot C:\Windows\system32\drivers\vdrvroot.sys

22:19:07.0666 1592 vdrvroot - ok

22:19:07.0713 1592 [C3CD30495687C2A2F66A65CA6FD89BE9 ] vds C:\Windows\System32\vds.exe

22:19:07.0760 1592 vds - ok

22:19:07.0791 1592 [17C408214EA61696CEC9C66E388B14F3 ] vga C:\Windows\system32\DRIVERS\vgapnp.sys

22:19:07.0822 1592 vga - ok

22:19:07.0822 1592 [8E38096AD5C8570A6F1570A61E251561 ] VgaSave C:\Windows\System32\drivers\vga.sys

22:19:07.0869 1592 VgaSave - ok

22:19:07.0884 1592 VGPU - ok

22:19:07.0900 1592 [5461686CCA2FDA57B024547733AB42E3 ] vhdmp C:\Windows\system32\drivers\vhdmp.sys

22:19:07.0916 1592 vhdmp - ok

22:19:07.0947 1592 [C829317A37B4BEA8F39735D4B076E923 ] viaagp C:\Windows\system32\drivers\viaagp.sys

22:19:07.0962 1592 viaagp - ok

22:19:07.0978 1592 [E02F079A6AA107F06B16549C6E5C7B74 ] ViaC7 C:\Windows\system32\DRIVERS\viac7.sys

22:19:08.0009 1592 ViaC7 - ok

22:19:08.0025 1592 [E43574F6A56A0EE11809B48C09E4FD3C ] viaide C:\Windows\system32\drivers\viaide.sys

22:19:08.0040 1592 viaide - ok

22:19:08.0056 1592 [C2F2911156FDC7817C52829C86DA494E ] vmbus C:\Windows\system32\drivers\vmbus.sys

22:19:08.0072 1592 vmbus - ok

22:19:08.0087 1592 [D4D77455211E204F370D08F4963063CE ] VMBusHID C:\Windows\system32\drivers\VMBusHID.sys

22:19:08.0118 1592 VMBusHID - ok

22:19:08.0134 1592 [4C63E00F2F4B5F86AB48A58CD990F212 ] volmgr C:\Windows\system32\drivers\volmgr.sys

22:19:08.0150 1592 volmgr- ok

22:19:08.0165 1592 [B5BB72067DDDDBBFB04B2F89FF8C3C87 ] volmgrx C:\Windows\system32\drivers\volmgrx.sys

22:19:08.0196 1592 volmgrx - ok

22:19:08.0212 1592 [F497F67932C6FA693D7DE2780631CFE7 ] volsnap C:\Windows\system32\drivers\volsnap.sys

22:19:08.0228 1592 volsnap - ok

22:19:08.0259 1592 [9DFA0CC2F8855A04816729651175B631 ] vsmraid C:\Windows\system32\DRIVERS\vsmraid.sys

22:19:08.0274 1592 vsmraid - ok

22:19:08.0321 1592 [209A3B1901B83AEB8527ED211CCE9E4C ] VSS C:\Windows\system32\vssvc.exe

22:19:08.0399 1592 VSS - ok

22:19:08.0399 1592 [90567B1E658001E79D7C8BBD3DDE5AA6 ] vwifibus C:\Windows\system32\DRIVERS\vwifibus.sys

22:19:08.0430 1592 vwifibus - ok

22:19:08.0446 1592 [7090D3436EEB4E7DA3373090A23448F7 ] vwififlt C:\Windows\system32\DRIVERS\vwififlt.sys

22:19:08.0477 1592 vwififlt - ok

22:19:08.0508 1592 [55187FD710E27D5095D10A472C8BAF1C ] W32Time C:\Windows\system32\w32time.dll

22:19:08.0555 1592 W32Time - ok

22:19:08.0586 1592 [DE3721E89C653AA281428C8A69745D90 ] WacomPen C:\Windows\system32\DRIVERS\wacompen.sys

22:19:08.0602 1592 WacomPen - ok

22:19:08.0633 1592 [3C3C78515F5AB448B022BDF5B8FFDD2E ] WANARP C:\Windows\system32\DRIVERS\wanarp.sys

22:19:08.0664 1592 WANARP - ok

22:19:08.0664 1592 [3C3C78515F5AB448B022BDF5B8FFDD2E ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys

22:19:08.0711 1592 Wanarpv6 - ok

22:19:08.0758 1592 [353A04C273EC58475D8633E75CCD5604 ] WatAdminSvc C:\Windows\system32\Wat\WatAdminSvc.exe

22:19:08.0820 1592 WatAdminSvc - ok

22:19:08.0883 1592 [691E3285E53DCA558E1A84667F13E15A ] wbengine C:\Windows\system32\wbengine.exe

22:19:08.0961 1592 wbengine - ok

22:19:08.0992 1592 [9614B5D29DC76AC3C29F6D2D3AA70E67 ] WbioSrvc C:\Windows\System32\wbiosrvc.dll

22:19:09.0023 1592 WbioSrvc - ok

22:19:09.0054 1592 [34EEE0DFAADB4F691D6D5308A51315DC ] wcncsvc C:\Windows\System32\wcncsvc.dll

22:19:09.0086 1592 wcncsvc - ok

22:19:09.0101 1592 [5D930B6357A6D2AF4D7653BDABBF352F ] WcsPlugInServiceC:\Windows\System32\WcsPlugInService.dll

22:19:09.0148 1592 WcsPlugInService - ok

22:19:09.0164 1592 [1112A9BADACB47B7C0BB0392E3158DFF ] Wd C:\Windows\system32\DRIVERS\wd.sys

22:19:09.0179 1592 Wd- ok

22:19:09.0210 1592 [A840213F1ACDCC175B4D1D5AAEAC0D7A ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys

22:19:09.0226 1592 Wdf01000 - ok

22:19:09.0242 1592 [46EF9DC96265FD0B423DB72E7C38C2A5 ] WdiServiceHost C:\Windows\system32\wdi.dll

22:19:09.0288 1592 WdiServiceHost - ok

22:19:09.0288 1592 [46EF9DC96265FD0B423DB72E7C38C2A5 ] WdiSystemHost C:\Windows\system32\wdi.dll

22:19:09.0320 1592 WdiSystemHost - ok

22:19:09.0335 1592 [A9D880F97530D5B8FEE278923349929D ] WebClient C:\Windows\System32\webclnt.dll

22:19:09.0382 1592 WebClient - ok

22:19:09.0398 1592 [F56A25B240391620B6E31ACF656F2018 ] Wecsvc C:\Windows\system32\wecsvc.dll

22:19:09.0429 1592 Wecsvc - ok

22:19:09.0429 1592 [AC804569BB2364FB6017370258A4091B ] wercplsupport C:\Windows\System32\wercplsupport.dll

22:19:09.0476 1592 wercplsupport - ok

22:19:09.0507 1592 [08E420D873E4FD85241EE2421B02C4A4 ] WerSvc C:\Windows\System32\WerSvc.dll

22:19:09.0554 1592 WerSvc - ok

22:19:09.0569 1592 [8B9A943F3B53861F2BFAF6C186168F79 ] WfpLwf C:\Windows\system32\DRIVERS\wfplwf.sys

22:19:09.0616 1592 WfpLwf - ok

22:19:09.0616 1592 [5CF95B35E59E2A38023836FFF31BE64C ] WIMMount C:\Windows\system32\drivers\wimmount.sys

22:19:09.0632 1592 WIMMount - ok

22:19:09.0725 1592 [3FAE8F94296001C32EAB62CD7D82E0FD ] WinDefend C:\Program Files\WindowsDefender\mpsvc.dll

22:19:09.0756 1592 WinDefend - ok

22:19:09.0756 1592 WinHttpAutoProxySvc - ok

22:19:09.0803 1592 [320B13F43726EB73B2D7AE8869AFAACE ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll

22:19:09.0834 1592 Winmgmt - ok

22:19:09.0881 1592 [895AD0D039FAAE12D4C25E028051344C ] WinRM C:\Windows\system32\WsmSvc.dll

22:19:09.0975 1592 WinRM - ok

22:19:10.0006 1592 [16935C98FF639D185086A3529B1F2067 ] Wlansvc C:\Windows\System32\wlansvc.dll

22:19:10.0053 1592 Wlansvc - ok

22:19:10.0146 1592 [5E7C103F8475C4289847D15E129C20F7 ] wlidsvc C:\Program Files\CommonFiles\Microsoft Shared\Windows Live\WLIDSVC.EXE

22:19:10.0193 1592 wlidsvc - ok

22:19:10.0224 1592 [0217679B8FCA58714C3BF2726D2CA84E ] WmiAcpi C:\Windows\system32\drivers\wmiacpi.sys

22:19:10.0240 1592 WmiAcpi - ok

22:19:10.0271 1592 [ A1BCA34F741D285E8A7CD3F3E734BBBD] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe

22:19:10.0302 1592 wmiApSrv - ok

22:19:10.0365 1592 [3B40D3A61AA8C21B88AE57C58AB3122E ] WMPNetworkSvc C:\Program Files\Windows MediaPlayer\wmpnetwk.exe

22:19:10.0427 1592 WMPNetworkSvc - ok

22:19:10.0443 1592 [A2F0EC770A92F2B3F9DE6D518E11409C ] WPCSvc C:\Windows\System32\wpcsvc.dll

22:19:10.0474 1592 WPCSvc - ok

22:19:10.0490 1592 [AA53356D60AF47EACC85BC617A4F3F66 ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll

22:19:10.0536 1592 WPDBusEnum - ok

22:19:10.0552 1592 [6DB3276587B853BF886B69528FDB048C ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys

22:19:10.0599 1592 ws2ifsl - ok

22:19:10.0599 1592 [6F5D49EFE0E7164E03AE773A3FE25340 ] wscsvc C:\Windows\system32\wscsvc.dll

22:19:10.0630 1592 wscsvc - ok

22:19:10.0630 1592 WSearch - ok

22:19:10.0692 1592 [FC3EC24FCE372C89423E015A2AC1A31E ] wuauserv C:\Windows\system32\wuaueng.dll

22:19:10.0770 1592 wuauserv - ok

22:19:10.0786 1592 [06E6F32C8D0A3F66D956F57B43A2E070 ] WudfPf C:\Windows\system32\drivers\WudfPf.sys

22:19:10.0817 1592 WudfPf - ok

22:19:10.0848 1592 [867C301E8B790040AE9CF6486E8041DF ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys

22:19:10.0880 1592 WUDFRd - ok

22:19:10.0911 1592 [FE47B7BC8EA320C2D9B5E5BF6E303765 ] wudfsvc C:\Windows\System32\WUDFSvc.dll

22:19:10.0926 1592 wudfsvc - ok

22:19:10.0958 1592 [FF2D745B560F7C71B31F30F4D49F73D2 ] WwanSvc C:\Windows\System32\wwansvc.dll

22:19:10.0989 1592 WwanSvc - ok

22:19:11.0051 1592 [DD0042F0C3B606A6A8B92D49AFB18AD6 ] YahooAUService C:\ProgramFiles\Yahoo!\SoftwareUpdate\YahooAUService.exe

22:19:11.0082 1592 YahooAUService- ok

22:19:11.0098 1592 ================ Scan global ===============================

22:19:11.0129 1592 [DAB748AE0439955ED2FA22357533DDDB ] C:\Windows\system32\basesrv.dll

22:19:11.0160 1592 [D70FE45855CAD4C0C6B1C1426ABDEBA9 ] C:\Windows\system32\winsrv.dll

22:19:11.0160 1592 [D70FE45855CAD4C0C6B1C1426ABDEBA9 ] C:\Windows\system32\winsrv.dll

22:19:11.0192 1592 [364455805E64882844EE9ACB72522830 ] C:\Windows\system32\sxssrv.dll

22:19:11.0223 1592 [5F1B6A9C35D3D5CA72D6D6FDEF9747D6 ] C:\Windows\system32\services.exe

22:19:11.0238 1592 [Global] - ok

22:19:11.0238 1592 ================ Scan MBR ==================================

22:19:11.0238 1592 [A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0

22:19:11.0597 1592 \Device\Harddisk0\DR0 - ok

22:19:11.0613 1592 ================ Scan VBR ==================================

22:19:11.0613 1592 [A71427E01C1E7572B3104CDAD0EE05B3 ] \Device\Harddisk0\DR0\Partition1

22:19:11.0613 1592 \Device\Harddisk0\DR0\Partition1 - ok

22:19:11.0644 1592 [1353DB0A8CED4DA2688FD4052B1F3E2C ] \Device\Harddisk0\DR0\Partition2

22:19:11.0644 1592 \Device\Harddisk0\DR0\Partition2 - ok

22:19:11.0644 1592 ================ Scan active images ========================

22:19:11.0644 1592 [B7EFEF22FF426EC4158A177CB3B558D3 ] C:\Windows\System32\drivers\crashdmp.sys

22:19:11.0644 1592 C:\Windows\System32\drivers\crashdmp.sys - ok

22:19:11.0644 1592 [5428227D4730EBDFC842E9FB593F8C8A ] C:\Windows\System32\drivers\Dumpata.sys

22:19:11.0644 1592 C:\Windows\System32\drivers\Dumpata.sys- ok

22:19:11.0660 1592 [012C5F4E9349E711E11E0F19A8589F0A ] C:\Windows\System32\drivers\msahci.sys

22:19:11.0660 1592 C:\Windows\System32\drivers\msahci.sys - ok

22:19:11.0660 1592 [62A63EF2F3053B461CB327E4D69AAA74 ] C:\Windows\System32\drivers\dumpfve.sys

22:19:11.0660 1592 C:\Windows\System32\drivers\dumpfve.sys - ok

22:19:11.0660 1592 [BE167ED0FDB9C1FA1133953C18D5A6C9 ] C:\Windows\System32\drivers\cdrom.sys

22:19:11.0660 1592 C:\Windows\System32\drivers\cdrom.sys - ok

22:19:11.0660 1592 [B32E9AD44A1DBB3E8095E80F8DF32B03 ] C:\Windows\System32\drivers\aswSnx.sys

22:19:11.0660 1592 C:\Windows\System32\drivers\aswSnx.sys - ok

22:19:11.0675 1592 [505506526A9D467307B3C393DEDAF858 ] C:\Windows\System32\drivers\beep.sys

22:19:11.0675 1592 C:\Windows\System32\drivers\beep.sys - ok

22:19:11.0675 1592 [A1865742BBCF4C5F38FEE1258F8048FD ] C:\Windows\System32\drivers\cmdGuard.sys

22:19:11.0675 1592 C:\Windows\System32\drivers\cmdGuard.sys - ok

22:19:11.0675 1592 [F9756A98D69098DCA8945D62858A812C ] C:\Windows\System32\drivers\null.sys

22:19:11.0675 1592 C:\Windows\System32\drivers\null.sys - ok

22:19:11.0675 1592 [23DAE03F29D253AE74C44F99E515F9A1 ] C:\Windows\System32\drivers\RDPCDD.sys

22:19:11.0675 1592 C:\Windows\System32\drivers\RDPCDD.sys - ok

22:19:11.0691 1592 [8E38096AD5C8570A6F1570A61E251561 ] C:\Windows\System32\drivers\vga.sys

22:19:11.0691 1592 C:\Windows\System32\drivers\vga.sys - ok

22:19:11.0691 1592 [15C126D1B55814B9E5CAB10A9C1F4C67 ] C:\Windows\System32\drivers\videoprt.sys

22:19:11.0691 1592 C:\Windows\System32\drivers\videoprt.sys - ok

22:19:11.0691 1592 [CB45A417C8EF7BA6BAC67EDCDDED8700 ] C:\Windows\System32\drivers\watchdog.sys

22:19:11.0691 1592 C:\Windows\System32\drivers\watchdog.sys - ok

22:19:11.0706 1592 [5A53CA1598DD4156D44196D200C94B8A ] C:\Windows\System32\drivers\RDPENCDD.sys

22:19:11.0706 1592 C:\Windows\System32\drivers\RDPENCDD.sys - ok

22:19:11.0706 1592 [44B0A53CD4F27D50ED461DAE0C0B4E1F ] C:\Windows\System32\drivers\RDPREFMP.sys

22:19:11.0706 1592 C:\Windows\System32\drivers\RDPREFMP.sys - ok

22:19:11.0706 1592 [DAEFB28E3AF5A76ABCC2C3078C07327F ] C:\Windows\System32\drivers\msfs.sys

22:19:11.0706 1592 C:\Windows\System32\drivers\msfs.sys - ok

22:19:11.0706 1592 [1DB262A9F8C087E8153D89BEF3D2235F ] C:\Windows\System32\drivers\npfs.sys

22:19:11.0706 1592 C:\Windows\System32\drivers\npfs.sys - ok

22:19:11.0722 1592 [2F885864D5BC8A16C86BEE595969A48A ] C:\Windows\System32\drivers\tdi.sys

22:19:11.0722 1592 C:\Windows\System32\drivers\tdi.sys - ok

22:19:11.0722 1592 [B459575348C20E8121D6039DA063C704 ] C:\Windows\System32\drivers\tdx.sys

22:19:11.0722 1592 C:\Windows\System32\drivers\tdx.sys - ok

22:19:11.0722 1592 [9EBBBA55060F786F0FCAA3893BFA2806 ] C:\Windows\System32\drivers\afd.sys

22:19:11.0722 1592 C:\Windows\System32\drivers\afd.sys - ok

22:19:11.0722 1592 [E3E73B2B73A4DFADFDDF557192C4B08A ] C:\Windows\System32\drivers\aswTdi.sys

22:19:11.0722 1592 C:\Windows\System32\drivers\aswTdi.sys - ok

22:19:11.0738 1592 [221D000474F01B1606FFC3FF362D9333 ] C:\Windows\System32\drivers\cmdhlp.sys

22:19:11.0738 1592 C:\Windows\System32\drivers\cmdhlp.sys - ok

22:19:11.0738 1592 [81F638A2DD94ABBF0B43880AB38D8DBD ] C:\Windows\System32\drivers\aswRdr2.sys

22:19:11.0738 1592 C:\Windows\System32\drivers\aswRdr2.sys - ok

22:19:11.0738 1592 [280122DDCF04B378EDD1AD54D71C1E54 ] C:\Windows\System32\drivers\netbt.sys

22:19:11.0738 1592 C:\Windows\System32\drivers\netbt.sys - ok

22:19:11.0738 1592 [6270CCAE2A86DE6D146529FE55B3246A ] C:\Windows\System32\drivers\pacer.sys

22:19:11.0738 1592 C:\Windows\System32\drivers\pacer.sys - ok

22:19:11.0753 1592 [7090D3436EEB4E7DA3373090A23448F7 ] C:\Windows\System32\drivers\vwififlt.sys

22:19:11.0753 1592 C:\Windows\System32\drivers\vwififlt.sys - ok

22:19:11.0753 1592 [8B9A943F3B53861F2BFAF6C186168F79 ] C:\Windows\System32\drivers\wfplwf.sys

22:19:11.0753 1592 C:\Windows\System32\drivers\wfplwf.sys - ok

22:19:11.0753 1592 [6DB3276587B853BF886B69528FDB048C ] C:\Windows\System32\drivers\ws2ifsl.sys

22:19:11.0753 1592 C:\Windows\System32\drivers\ws2ifsl.sys - ok

22:19:11.0753 1592 [3B6BE2DA5993B1E38613976FAF4AC83E ] C:\Windows\System32\drivers\inspect.sys

22:19:11.0753 1592 C:\Windows\System32\drivers\inspect.sys - ok

22:19:11.0769 1592 [80B275B1CE3B0E79909DB7B39AF74D51 ] C:\Windows\System32\drivers\netbios.sys

22:19:11.0769 1592 C:\Windows\System32\drivers\netbios.sys - ok

22:19:11.0769 1592 [E9A0A4D07E53D8FEA2BB8387A3293C58 ] C:\Windows\System32\drivers\nsiproxy.sys

22:19:11.0769 1592 C:\Windows\System32\drivers\nsiproxy.sys - ok

22:19:11.0769 1592 [D528BC58A489409BA40334EBF96A311B ] C:\Windows\System32\drivers\rdbss.sys

22:19:11.0769 1592 C:\Windows\System32\drivers\rdbss.sys - ok

22:19:11.0769 1592 [04DBF4B01EA4BF25A9A3E84AFFAC9B20 ] C:\Windows\System32\drivers\termdd.sys

22:19:11.0769 1592 C:\Windows\System32\drivers\termdd.sys - ok

22:19:11.0784 1592 [3C3C78515F5AB448B022BDF5B8FFDD2E ] C:\Windows\System32\drivers\wanarp.sys

22:19:11.0784 1592 C:\Windows\System32\drivers\wanarp.sys - ok

22:19:11.0784 1592 [2287078ED48FCFC477B05B20CF38F36F ] C:\Windows\System32\drivers\blbdrive.sys

22:19:11.0784 1592 C:\Windows\System32\drivers\blbdrive.sys - ok

22:19:11.0784 1592 [3C2177A897B4CA2788C6FB0C3FD81D4B ] C:\Windows\System32\drivers\csc.sys

22:19:11.0784 1592 C:\Windows\System32\drivers\csc.sys - ok

22:19:11.0784 1592 [F024449C97EC1E464AAFFDA18593DB88 ] C:\Windows\System32\drivers\dfsc.sys

22:19:11.0784 1592 C:\Windows\System32\drivers\dfsc.sys - ok

22:19:11.0800 1592 [1A050B0274BFB3890703D490F330C0DA ] C:\Windows\System32\drivers\discache.sys

22:19:11.0800 1592 C:\Windows\System32\drivers\discache.sys - ok

22:19:11.0800 1592 [FC6B9FF600CC585EA38B12589BD4E246 ] C:\Windows\System32\drivers\mssmbios.sys

22:19:11.0800 1592 C:\Windows\System32\drivers\mssmbios.sys - ok

22:19:11.0800 1592 [67B558895695545FB0568B7541F3BCA7 ] C:\Windows\System32\drivers\aswSP.sys

22:19:11.0800 1592 C:\Windows\System32\drivers\aswSP.sys - ok

22:19:11.0800 1592 [B2FA25D9B17A68BB93D58B0556E8C90D ] C:\Windows\System32\drivers\tunnel.sys

22:19:11.0800 1592 C:\Windows\System32\drivers\tunnel.sys - ok

22:19:11.0816 1592 [BA43EE7D325877677BAD4D0B3CCDE02A ] C:\Windows\System32\drivers\atikmpag.sys

22:19:11.0816 1592 C:\Windows\System32\drivers\atikmpag.sys - ok

22:19:11.0816 1592 [C30A91ADE8C9CB91E4281EC83C4500C6 ] C:\Windows\System32\ntdll.dll

22:19:11.0816 1592 C:\Windows\System32\ntdll.dll - ok

22:19:11.0816 1592 [16742790895960690237A5143CEDEC8B ] C:\Windows\System32\smss.exe

22:19:11.0816 1592 C:\Windows\System32\smss.exe - ok

22:19:11.0816 1592 [F88A52EB62019D6A62FDD9E08034DBD8 ] C:\Windows\System32\autochk.exe

22:19:11.0816 1592 C:\Windows\System32\autochk.exe - ok

22:19:11.0831 1592 [280578AA4F589BFDA3A76375A47A26B5 ] C:\Windows\System32\drivers\atikmdag.sys

22:19:11.0831 1592 C:\Windows\System32\drivers\atikmdag.sys - ok

22:19:11.0831 1592 [C5589781F75DE0BFB26E221649C80D00 ] C:\Windows\System32\drivers\igdpmd32.sys

22:19:11.0831 1592 C:\Windows\System32\drivers\igdpmd32.sys - ok

22:19:11.0831 1592 [23F5D28378A160352BA8F817BD8C71CB ] C:\Windows\System32\drivers\dxgkrnl.sys

22:19:11.0831 1592 C:\Windows\System32\drivers\dxgkrnl.sys - ok

22:19:11.0847 1592 [D458D1C7F1D49869000668E3C3BB0D4D ] C:\Windows\System32\drivers\dxgmms1.sys

22:19:11.0847 1592 C:\Windows\System32\drivers\dxgmms1.sys - ok

22:19:11.0847 1592 [9036377B8A6C15DC2EEC53E489D159B5 ] C:\Windows\System32\drivers\hdaudbus.sys

22:19:11.0847 1592 C:\Windows\System32\drivers\hdaudbus.sys - ok

22:19:11.0847 1592 [A88485DC6A7136C10D9A6C7E38FDFE3C ] C:\Windows\System32\drivers\HECI.sys

22:19:11.0847 1592 C:\Windows\System32\drivers\HECI.sys - ok

22:19:11.0847 1592 [F92DE757E4B7CE9C07C5E65423F3AE3B ] C:\Windows\System32\drivers\usbehci.sys

22:19:11.0847 1592 C:\Windows\System32\drivers\usbehci.sys - ok

22:19:11.0862 1592 [3AA940AA9AC3055FE32FF2D3D20CCD28 ] C:\Windows\System32\drivers\usbport.sys

22:19:11.0862 1592 C:\Windows\System32\drivers\usbport.sys - ok

22:19:11.0862 1592 [5283B9A27FF230F2FF70D92451FF409A ] C:\Windows\System32\drivers\Rt86win7.sys

22:19:11.0862 1592 C:\Windows\System32\drivers\Rt86win7.sys - ok

22:19:11.0862 1592 [CFE432E8EEACBCEA3DBF53EA76978A65 ] C:\Windows\System32\drivers\athr.sys

22:19:11.0862 1592 C:\Windows\System32\drivers\athr.sys - ok

22:19:11.0862 1592 [90567B1E658001E79D7C8BBD3DDE5AA6 ] C:\Windows\System32\drivers\vwifibus.sys

22:19:11.0862 1592 C:\Windows\System32\drivers\vwifibus.sys - ok

22:19:11.0878 1592 [9DC80A8AAAAAC397BDAB3C67165A824E ] C:\Windows\System32\msvcrt.dll

22:19:11.0878 1592 C:\Windows\System32\msvcrt.dll - ok

22:19:11.0878 1592 [F151F0BDC47F4A28B1B20A0818EA36D6 ] C:\Windows\System32\drivers\i8042prt.sys

22:19:11.0878 1592 C:\Windows\System32\drivers\i8042prt.sys - ok

22:19:11.0878 1592 [ADEF52CA1AEAE82B50DF86B56413107E ] C:\Windows\System32\drivers\kbdclass.sys

22:19:11.0878 1592 C:\Windows\System32\drivers\kbdclass.sys - ok

22:19:11.0878 1592 [6DD49E1A5FA0F01824652F1A0A8866FB ] C:\Windows\System32\drivers\SynTP.sys

22:19:11.0878 1592 C:\Windows\System32\drivers\SynTP.sys - ok

22:19:11.0894 1592 [5787196F32D043572EC6565C0EF1B8E0 ] C:\Windows\System32\drivers\usbd.sys

22:19:11.0894 1592 C:\Windows\System32\drivers\usbd.sys - ok

22:19:11.0894 1592 [F1DD3ACAEE5E6B4BBC69BC6DF75CEF66 ] C:\Windows\System32\user32.dll

22:19:11.0894 1592 C:\Windows\System32\user32.dll - ok

22:19:11.0894 1592 [95E2376B3323F062EB562B8586D0F14A ] C:\Windows\System32\advapi32.dll

22:19:11.0894 1592 C:\Windows\System32\advapi32.dll - ok

22:19:11.0894 1592 [CC1F1D3D70DC13C2C281488D347D4415 ] C:\Windows\System32\drivers\Accelerometer.sys

22:19:11.0894 1592 C:\Windows\System32\drivers\Accelerometer.sys - ok

22:19:11.0909 1592 [DEA805815E587DAD1DD2C502220B5616 ] C:\Windows\System32\drivers\CmBatt.sys

22:19:11.0909 1592 C:\Windows\System32\drivers\CmBatt.sys - ok

22:19:11.0909 1592 [FB18CC1D4C2E716B6B903B0AC0CC0609 ] C:\Windows\System32\drivers\mouclass.sys

22:19:11.0909 1592 C:\Windows\System32\drivers\mouclass.sys - ok

22:19:11.0909 1592 [8CC3C111D653E96F3EA1590891491D71 ] C:\Windows\System32\shlwapi.dll

22:19:11.0909 1592 C:\Windows\System32\shlwapi.dll - ok

22:19:11.0909 1592 [CBE8C58A8579CFE5FCCF809E6F114E89 ] C:\Windows\System32\drivers\CompositeBus.sys

22:19:11.0909 1592 C:\Windows\System32\drivers\CompositeBus.sys - ok

22:19:11.0925 1592 [3B514D27BFC4ACCB4037BC6685F766E0 ] C:\Windows\System32\drivers\intelppm.sys

22:19:11.0925 1592 C:\Windows\System32\drivers\intelppm.sys - ok

22:19:11.0925 1592 [564297827D213F52C7A3A2FF749568CA ] C:\Windows\System32\drivers\rootmdm.sys

22:19:11.0925 1592 C:\Windows\System32\drivers\rootmdm.sys - ok

22:19:11.0925 1592 [0217679B8FCA58714C3BF2726D2CA84E ] C:\Windows\System32\drivers\wmiacpi.sys

22:19:11.0925 1592 C:\Windows\System32\drivers\wmiacpi.sys - ok

22:19:11.0925 1592 [57EC4AEF73660166074D8F7F31C0D4FD ] C:\Windows\System32\drivers\agilevpn.sys

22:19:11.0925 1592 C:\Windows\System32\drivers\agilevpn.sys - ok

22:19:11.0940 1592 [F001861E5700EE84E2D4E52C712F4964 ] C:\Windows\System32\drivers\modem.sys

22:19:11.0940 1592 C:\Windows\System32\drivers\modem.sys - ok

22:19:11.0940 1592 [E4A8AEC125A2E43A9E32AFEEA7C9C888 ] C:\Windows\System32\drivers\ndistapi.sys

22:19:11.0940 1592 C:\Windows\System32\drivers\ndistapi.sys - ok

22:19:11.0940 1592 [38FBE267E7E6983311179230FACB1017 ] C:\Windows\System32\drivers\ndiswan.sys

22:19:11.0940 1592 C:\Windows\System32\drivers\ndiswan.sys - ok

22:19:11.0940 1592 [D9F91EAFEC2815365CBE6D167E4E332A ] C:\Windows\System32\drivers\rasl2tp.sys

22:19:11.0940 1592 C:\Windows\System32\drivers\rasl2tp.sys - ok

22:19:11.0956 1592 [B2DB6ABA2E292235749B80A9C3DFA867 ] C:\Windows\System32\imagehlp.dll

22:19:11.0956 1592 C:\Windows\System32\imagehlp.dll - ok

22:19:11.0956 1592 [CFC97F07904067A1E5FAE195D534DA3A ] C:\Windows\System32\sechost.dll

22:19:11.0956 1592 C:\Windows\System32\sechost.dll - ok

22:19:11.0956 1592 [10FB16B50AFFDA6D44588F3C445DC273 ] C:\Windows\System32\setupapi.dll

22:19:11.0956 1592 C:\Windows\System32\setupapi.dll - ok

22:19:11.0956 1592 [0FE8B15916307A6AC12BFB6A63E45507 ] C:\Windows\System32\drivers\raspppoe.sys

22:19:11.0956 1592 C:\Windows\System32\drivers\raspppoe.sys - ok

22:19:11.0972 1592 [631E3E205AD6D86F2AED6A4A8E69F2DB ] C:\Windows\System32\drivers\raspptp.sys

22:19:11.0972 1592 C:\Windows\System32\drivers\raspptp.sys - ok

22:19:11.0972 1592 [44101F495A83EA6401D886E7FD70096B ] C:\Windows\System32\drivers\rassstp.sys

22:19:11.0972 1592 C:\Windows\System32\drivers\rassstp.sys - ok

22:19:11.0972 1592 [3A5633AD615E2B15291BD0B1B97CCD8A ] C:\Windows\System32\drivers\RimSerial.sys

22:19:11.0972 1592 C:\Windows\System32\drivers\RimSerial.sys - ok

22:19:11.0987 1592 [5DCEF0C32BE0F33277326586FA503689 ] C:\Windows\System32\drivers\ks.sys

22:19:11.0987 1592 C:\Windows\System32\drivers\ks.sys - ok

22:19:11.0987 1592 [0D8F05481CB76E70E1DA06EE9F0DA9DF ] C:\Windows\System32\drivers\rdpbus.sys

22:19:11.0987 1592 C:\Windows\System32\drivers\rdpbus.sys - ok

22:19:11.0987 1592 [E58C78A848ADD9610A4DB6D214AF5224 ] C:\Windows\System32\drivers\swenum.sys

22:19:11.0987 1592 C:\Windows\System32\drivers\swenum.sys - ok

22:19:11.0987 1592 [D295BED4B898F0FD999FCFA9B32B071B ] C:\Windows\System32\drivers\umbus.sys

22:19:11.0987 1592 C:\Windows\System32\drivers\umbus.sys - ok

22:19:12.0003 1592 [FF5688D309347F2720911D8796912834 ] C:\Windows\System32\clbcatq.dll

22:19:12.0003 1592 C:\Windows\System32\clbcatq.dll - ok

22:19:12.0003 1592 [4A8E2F20809CC161107FAA94F6CF2685 ] C:\Windows\System32\imm32.dll

22:19:12.0003 1592 C:\Windows\System32\imm32.dll - ok

22:19:12.0003 1592 [A8BB45F9ECAD993461E0FEF8E2A99152 ] C:\Windows\System32\Wldap32.dll

22:19:12.0003 1592 C:\Windows\System32\Wldap32.dll - ok

22:19:12.0003 1592 [070C5B9D3006602A07757179D9B56F5D ] C:\Windows\System32\difxapi.dll

22:19:12.0003 1592 C:\Windows\System32\difxapi.dll - ok

22:19:12.0018 1592 [D1DE1EAFDE97BE41CF6585027FF3E732 ] C:\Windows\System32\comdlg32.dll

22:19:12.0018 1592 C:\Windows\System32\comdlg32.dll - ok

22:19:12.0018 1592 [7FA3A810F383588D46220967DE8B64FF ] C:\Windows\System32\wininet.dll

22:19:12.0018 1592 C:\Windows\System32\wininet.dll - ok

22:19:12.0018 1592 [780E80E5502015EDAEC91DC0A0C96A79 ] C:\Windows\System32\iertutil.dll

22:19:12.0018 1592 C:\Windows\System32\iertutil.dll - ok

22:19:12.0018 1592 [C9618BC9B2B0FD7C1138D8774795A79B ] C:\Windows\System32\msctf.dll

22:19:12.0018 1592 C:\Windows\System32\msctf.dll - ok

22:19:12.0034 1592 [9C278785347BCC991F8EA2999D90F58D ] C:\Windows\System32\normaliz.dll

22:19:12.0034 1592 C:\Windows\System32\normaliz.dll - ok

22:19:12.0034 1592 [E87F5393F7D8CE2FACC4DFF703531392 ] C:\Windows\System32\gdi32.dll

22:19:12.0034 1592 C:\Windows\System32\gdi32.dll - ok

22:19:12.0034 1592 [AE09B85158C66E2C154C5C9B3C0027B3 ] C:\Windows\System32\kernel32.dll

22:19:12.0034 1592 C:\Windows\System32\kernel32.dll - ok

22:19:12.0050 1592 [A543AC1F7138376D778D630A35FCBC4C ] C:\Windows\System32\psapi.dll

22:19:12.0050 1592 C:\Windows\System32\psapi.dll - ok

22:19:12.0050 1592 [B7230010D97787AF3D25E4C82F2B06B9 ] C:\Windows\System32\usp10.dll

22:19:12.0050 1592 C:\Windows\System32\usp10.dll - ok

22:19:12.0050 1592 [8DC94AEC6A7E644A06135AE7506DC2E9 ] C:\Windows\System32\drivers\usbhub.sys

22:19:12.0050 1592 C:\Windows\System32\drivers\usbhub.sys - ok

22:19:12.0050 1592 [29E9794708DF51DB5DC89FB2E903A0F6 ] C:\Windows\System32\shell32.dll

22:19:12.0050 1592 C:\Windows\System32\shell32.dll - ok

22:19:12.0065 1592 [6C765E82B57F2E66CE9C54AC238471D9 ] C:\Windows\System32\oleaut32.dll

22:19:12.0065 1592 C:\Windows\System32\oleaut32.dll - ok

22:19:12.0065 1592 [928CF7268086631F54C3D8E17238C6DD ] C:\Windows\System32\ole32.dll

22:19:12.0065 1592 C:\Windows\System32\ole32.dll - ok

22:19:12.0065 1592 [7FF15A4F092CD4A96055BA69F903E3E9 ] C:\Windows\System32\ws2_32.dll

22:19:12.0065 1592 C:\Windows\System32\ws2_32.dll - ok

22:19:12.0065 1592 [6400774E903729ADD0A62A24A334EE56 ] C:\Windows\System32\rpcrt4.dll

22:19:12.0065 1592 C:\Windows\System32\rpcrt4.dll - ok

22:19:12.0081 1592 [4266A3230981DD4434C55957F6DD497D ] C:\Windows\System32\urlmon.dll

22:19:12.0081 1592 C:\Windows\System32\urlmon.dll - ok

22:19:12.0081 1592 [4F154D2C9C6DF951FD6E5AABBAE6B5EE ] C:\Windows\System32\lpk.dll

22:19:12.0081 1592 C:\Windows\System32\lpk.dll - ok

22:19:12.0081 1592 [6377051C63D5552A311935C67E9FDFDC ] C:\Windows\System32\nsi.dll

22:19:12.0081 1592 C:\Windows\System32\nsi.dll - ok

22:19:12.0081 1592 [17448AF0BBA9E7AB5EC955AF93F271BD ] C:\Windows\System32\wintrust.dll

22:19:12.0081 1592 C:\Windows\System32\wintrust.dll - ok

22:19:12.0096 1592 [AD88D390C9417C959E08F8BF6F2B8154 ] C:\Windows\System32\KernelBase.dll

22:19:12.0096 1592 C:\Windows\System32\KernelBase.dll - ok



#8 babas87

babas87
  • Topic Starter

  • Members
  • 71 posts
  • OFFLINE
  •  
  • Local time:07:58 AM

Posted 02 February 2013 - 01:54 PM

Part 2 of TDSSKiller log:
22:19:12.0096 1592 [3FFAEA12666E565FF51BF2FCA674F543 ] C:\Windows\System32\cfgmgr32.dll

22:19:12.0096 1592 C:\Windows\System32\cfgmgr32.dll - ok

22:19:12.0096 1592 [BDAC1AA64495D0F7E1FF810EBBF1F018 ] C:\Windows\System32\comctl32.dll

22:19:12.0096 1592 C:\Windows\System32\comctl32.dll - ok

22:19:12.0096 1592 [CC4ED8BEA78B0DCA6F217E014C3291A7 ] C:\Windows\System32\devobj.dll

22:19:12.0096 1592 C:\Windows\System32\devobj.dll - ok

22:19:12.0112 1592 [A4BDC541E69674FBFF1A8FF00BE913F2 ] C:\Windows\System32\drivers\ndproxy.sys

22:19:12.0112 1592 C:\Windows\System32\drivers\ndproxy.sys - ok

22:19:12.0112 1592 [60D21799A4AF4EDCE65FB98830E4B0C8 ] C:\Windows\System32\crypt32.dll

22:19:12.0112 1592 C:\Windows\System32\crypt32.dll - ok

22:19:12.0112 1592 [938F39B50BAFE13D6F58C7790682C010 ] C:\Windows\System32\msasn1.dll

22:19:12.0112 1592 C:\Windows\System32\msasn1.dll - ok

22:19:12.0112 1592 [27F9288AF019E6DACA281EDE51FF5928 ] C:\Windows\System32\drivers\drmk.sys

22:19:12.0112 1592 C:\Windows\System32\drivers\drmk.sys - ok

22:19:12.0128 1592 [A5EF29D5315111C80A5C1ABAD14C8972 ] C:\Windows\System32\drivers\HdAudio.sys

22:19:12.0128 1592 C:\Windows\System32\drivers\HdAudio.sys - ok

22:19:12.0128 1592 [D72708C9F49500C13D7D067E169B7715 ] C:\Windows\System32\drivers\portcls.sys

22:19:12.0128 1592 C:\Windows\System32\drivers\portcls.sys - ok

22:19:12.0128 1592 [5FCD3320AAE71506B43F9E12E4E72172 ] C:\Windows\System32\drivers\dxapi.sys

22:19:12.0128 1592 C:\Windows\System32\drivers\dxapi.sys - ok

22:19:12.0128 1592 [C7ECD7583B56569DC3DE77FE05641565 ] C:\Windows\System32\win32k.sys

22:19:12.0128 1592 C:\Windows\System32\win32k.sys - ok

22:19:12.0143 1592 [6C062EA09313872D2235027EF7A4554E ] C:\Windows\System32\csrsrv.dll

22:19:12.0143 1592 C:\Windows\System32\csrsrv.dll - ok

22:19:12.0143 1592 [342271F6142E7C70805B8A81E1BA5F5C ] C:\Windows\System32\csrss.exe

22:19:12.0143 1592 C:\Windows\System32\csrss.exe - ok

22:19:12.0143 1592 [DAB748AE0439955ED2FA22357533DDDB ] C:\Windows\System32\basesrv.dll

22:19:12.0143 1592 C:\Windows\System32\basesrv.dll - ok

22:19:12.0143 1592 [D74BB1A9F083234653D5D5801F1963FC ] C:\Windows\System32\cmdcsr.dll

22:19:12.0143 1592 C:\Windows\System32\cmdcsr.dll - ok

22:19:12.0159 1592 [D70FE45855CAD4C0C6B1C1426ABDEBA9 ] C:\Windows\System32\winsrv.dll

22:19:12.0159 1592 C:\Windows\System32\winsrv.dll - ok

22:19:12.0159 1592 [BD9C55D7023C5DE374507ACC7A14E2AC ] C:\Windows\System32\drivers\usbccgp.sys

22:19:12.0159 1592 C:\Windows\System32\drivers\usbccgp.sys - ok

22:19:12.0159 1592 [45F4E7BF43DB40A6C6B4D92C76CBC3F2 ] C:\Windows\System32\drivers\usbvideo.sys

22:19:12.0159 1592 C:\Windows\System32\drivers\usbvideo.sys - ok

22:19:12.0159 1592 [79D10964DE86B292320E9DFE02282A23 ] C:\Windows\System32\drivers\monitor.sys

22:19:12.0159 1592 C:\Windows\System32\drivers\monitor.sys - ok

22:19:12.0174 1592 [364455805E64882844EE9ACB72522830 ] C:\Windows\System32\sxssrv.dll

22:19:12.0174 1592 C:\Windows\System32\sxssrv.dll - ok

22:19:12.0174 1592 [7C76B61A5E1EF5D1FA554CF134100F18 ] C:\Windows\System32\tsddd.dll

22:19:12.0174 1592 C:\Windows\System32\tsddd.dll - ok

22:19:12.0174 1592 [401107CE7913B526FD87CC53F23A102F ] C:\Windows\System32\guard32.dll

22:19:12.0174 1592 C:\Windows\System32\guard32.dll - ok

22:19:12.0174 1592 [C733D233B623B7FFCE5031E4B756EE26 ] C:\Windows\System32\profapi.dll

22:19:12.0174 1592 C:\Windows\System32\profapi.dll - ok

22:19:12.0190 1592 [B5C5DCAD3899512020D135600129D665 ] C:\Windows\System32\wininit.exe

22:19:12.0190 1592 C:\Windows\System32\wininit.exe - ok

22:19:12.0190 1592 [CAEF9CD6C10B1017E2C298D849CD31DB ] C:\Windows\System32\cdd.dll

22:19:12.0190 1592 C:\Windows\System32\cdd.dll - ok

22:19:12.0190 1592 [1EBE9524683C7C4EED8B8BC93FB6FBCC ] C:\Windows\System32\fltLib.dll

22:19:12.0190 1592 C:\Windows\System32\fltLib.dll - ok

22:19:12.0190 1592 [357B990A4249D7F7485B230C0CC8825A ] C:\Windows\System32\KBDUS.DLL

22:19:12.0190 1592 C:\Windows\System32\KBDUS.DLL - ok

22:19:12.0206 1592 [5997D769CDB108390DCFAEBF442BF816 ] C:\Windows\System32\RpcRtRemote.dll

22:19:12.0206 1592 C:\Windows\System32\RpcRtRemote.dll - ok

22:19:12.0206 1592 [702254574E7E52052DE39408457B7149 ] C:\Windows\System32\version.dll

22:19:12.0206 1592 C:\Windows\System32\version.dll - ok

22:19:12.0206 1592 [919001D2BB17DF06CA3F8AC16AD039F6 ] C:\Windows\System32\sxs.dll

22:19:12.0206 1592 C:\Windows\System32\sxs.dll - ok

22:19:12.0206 1592 [633C2C060CF857099F6C4F8D75C952B1 ] C:\Windows\System32\WlS0WndH.dll

22:19:12.0206 1592 C:\Windows\System32\WlS0WndH.dll - ok

22:19:12.0221 1592 [F08F6FCD09F9BE94C37ACC1B344685FF ] C:\Windows\System32\cryptbase.dll

22:19:12.0221 1592 C:\Windows\System32\cryptbase.dll - ok

22:19:12.0221 1592 [6D13E1406F50C66E2A95D97F22C47560 ] C:\Windows\System32\winlogon.exe

22:19:12.0221 1592 C:\Windows\System32\winlogon.exe - ok

22:19:12.0221 1592 [863F793D15B4026B1A5FDECA873D4D84 ] C:\Windows\System32\apphelp.dll

22:19:12.0221 1592 C:\Windows\System32\apphelp.dll - ok

22:19:12.0221 1592 [81951F51E318AECC2D68559E47485CC4 ] C:\Windows\System32\lsass.exe

22:19:12.0221 1592 C:\Windows\System32\lsass.exe - ok

22:19:12.0237 1592 [5F1B6A9C35D3D5CA72D6D6FDEF9747D6 ] C:\Windows\System32\services.exe

22:19:12.0237 1592 C:\Windows\System32\services.exe - ok

22:19:12.0237 1592 [4A054C853031616D161A84BECF281F47 ] C:\Windows\System32\sspicli.dll

22:19:12.0237 1592 C:\Windows\System32\sspicli.dll - ok

22:19:12.0237 1592 [418E881201583A3039D81F43E39E6C78 ] C:\Windows\System32\winsta.dll

22:19:12.0237 1592 C:\Windows\System32\winsta.dll - ok

22:19:12.0237 1592 [53223B673A3FA2F9A4D1C31C8D3F6CD8 ] C:\Windows\System32\dbghelp.dll

22:19:12.0237 1592 C:\Windows\System32\dbghelp.dll - ok

22:19:12.0252 1592 [444430C44727B5F22B4DC17284798EBD ] C:\Windows\System32\lsasrv.dll

22:19:12.0252 1592 C:\Windows\System32\lsasrv.dll - ok

22:19:12.0252 1592 [8AEA9A37C1A3565A204D37C5E72AB791 ] C:\Windows\System32\lsm.exe

22:19:12.0252 1592 C:\Windows\System32\lsm.exe - ok

22:19:12.0252 1592 [E361AE3010EA4B3123DAB5BDAE21798F ] C:\Windows\System32\sspisrv.dll

22:19:12.0252 1592 C:\Windows\System32\sspisrv.dll - ok

22:19:12.0252 1592 [BA51FFE170C5B3AE8EC4F5BD2581A29E ] C:\Windows\System32\sysntfy.dll

22:19:12.0252 1592 C:\Windows\System32\sysntfy.dll - ok

22:19:12.0268 1592 [D412B1B72C5AB020218E9A047D90CA05 ] C:\Windows\System32\wmsgapi.dll

22:19:12.0268 1592 C:\Windows\System32\wmsgapi.dll - ok

22:19:12.0268 1592 [245F4691314F42D4D1BC06442F0B2086 ] C:\Windows\System32\samsrv.dll

22:19:12.0268 1592 C:\Windows\System32\samsrv.dll - ok

22:19:12.0268 1592 [3369D021265E369D57317D61FA86DD79 ] C:\Windows\System32\scext.dll

22:19:12.0268 1592 C:\Windows\System32\scext.dll - ok

22:19:12.0268 1592 [250AA41DE690561AF1282D598914564C ] C:\Windows\System32\scesrv.dll

22:19:12.0268 1592 C:\Windows\System32\scesrv.dll - ok

22:19:12.0284 1592 [69678722290C78D5D7198C60B5A4E3E8 ] C:\Windows\System32\secur32.dll

22:19:12.0284 1592 C:\Windows\System32\secur32.dll - ok

22:19:12.0284 1592 [5CCDCD40E732D54E0F7451AC66AC1C87 ] C:\Windows\System32\srvcli.dll

22:19:12.0284 1592 C:\Windows\System32\srvcli.dll - ok

22:19:12.0284 1592 [1128637CAD49A8E3C8B5FA5D0A061525 ] C:\Windows\System32\cryptdll.dll

22:19:12.0284 1592 C:\Windows\System32\cryptdll.dll - ok

22:19:12.0284 1592 [82C089EA2A3EEFADF3588EA71E8BDADA ] C:\Windows\System32\wevtapi.dll

22:19:12.0284 1592 C:\Windows\System32\wevtapi.dll - ok

22:19:12.0299 1592 [FB4EB9352B7D698E6B3C2AA2ED724DAD ] C:\Windows\System32\authz.dll

22:19:12.0299 1592 C:\Windows\System32\authz.dll - ok

22:19:12.0299 1592 [50BA656134F78AF64E4DD3C8B6FEFD7E ] C:\Windows\System32\cngaudit.dll

22:19:12.0299 1592 C:\Windows\System32\cngaudit.dll - ok

22:19:12.0299 1592 [FC7650224790CAE75A5E9231961FDEC5 ] C:\Windows\System32\bcrypt.dll

22:19:12.0299 1592 C:\Windows\System32\bcrypt.dll - ok

22:19:12.0299 1592 [C90878913DF3DC504790282043DB5F4C ] C:\Windows\System32\msprivs.dll

22:19:12.0315 1592 C:\Windows\System32\msprivs.dll - ok

22:19:12.0315 1592 [BF6D6ED5FADCEEE885BD0144ECF1BA27 ] C:\Windows\System32\ncrypt.dll

22:19:12.0315 1592 C:\Windows\System32\ncrypt.dll - ok

22:19:12.0315 1592 [E343CABBD8D600ABAF3F11625D33B3D0 ] C:\Windows\System32\netjoin.dll

22:19:12.0315 1592 C:\Windows\System32\netjoin.dll - ok

22:19:12.0315 1592 [BDA0B954A30498B5A7EDC6204CBA07ED ] C:\Windows\System32\kerberos.dll

22:19:12.0315 1592 C:\Windows\System32\kerberos.dll - ok

22:19:12.0330 1592 [6DCFAEC6D1334AA6CDF8961DB4633CBF ] C:\Windows\System32\negoexts.dll

22:19:12.0330 1592 C:\Windows\System32\negoexts.dll - ok

22:19:12.0330 1592 [7321F18D1F820612ED0E9F2D4B578A7E ] C:\Windows\System32\cryptsp.dll

22:19:12.0330 1592 C:\Windows\System32\cryptsp.dll - ok

22:19:12.0330 1592 [8999B8631C7FD9F7F9EC3CAFD953BA24 ] C:\Windows\System32\mswsock.dll

22:19:12.0330 1592 C:\Windows\System32\mswsock.dll - ok

22:19:12.0330 1592 [73E8667A19FEEDD856DF2695E9E511D4 ] C:\Windows\System32\wship6.dll

22:19:12.0330 1592 C:\Windows\System32\wship6.dll - ok

22:19:12.0346 1592 [4C1E16B9A53102C8D6FBA587CBCB95DE ] C:\Windows\System32\msv1_0.dll

22:19:12.0346 1592 C:\Windows\System32\msv1_0.dll - ok

22:19:12.0346 1592 [C1809B9907ADEDAF16F50C894100883B ] C:\Windows\System32\netlogon.dll

22:19:12.0346 1592 C:\Windows\System32\netlogon.dll - ok

22:19:12.0346 1592 [B40420876B9288E0A1C8CCA8A84E5DC9 ] C:\Windows\System32\dnsapi.dll

22:19:12.0346 1592 C:\Windows\System32\dnsapi.dll - ok

22:19:12.0346 1592 [8EA53101FF2B15BDFF934B62A8FB326D ] C:\Windows\System32\logoncli.dll

22:19:12.0346 1592 C:\Windows\System32\logoncli.dll - ok

22:19:12.0362 1592 [AF78F66116814FDD6677CEBD73035CDD ] C:\Windows\System32\schannel.dll

22:19:12.0362 1592 C:\Windows\System32\schannel.dll - ok

22:19:12.0362 1592 [0450CF487ECD8A67B56F59F9A96D024D ] C:\Windows\System32\wdigest.dll

22:19:12.0362 1592 C:\Windows\System32\wdigest.dll - ok

22:19:12.0362 1592 [37CC990D4E2CDFAE12AC47F6B620FC13 ] C:\Windows\System32\pku2u.dll

22:19:12.0362 1592 C:\Windows\System32\pku2u.dll - ok

22:19:12.0362 1592 [ED8EC63F7522DF4852147C84EC62C36A ] C:\Windows\System32\rsaenh.dll

22:19:12.0362 1592 C:\Windows\System32\rsaenh.dll - ok

22:19:12.0377 1592 [D29E45078CF4020CE0AAC82EC652D1EA ] C:\Windows\System32\TSpkg.dll

22:19:12.0377 1592 C:\Windows\System32\TSpkg.dll - ok

22:19:12.0377 1592 [E8449FE262D7406BCB2AC2A45C53EC5F ] C:\Windows\System32\bcryptprimitives.dll

22:19:12.0377 1592 C:\Windows\System32\bcryptprimitives.dll - ok

22:19:12.0377 1592 [45DAF17CA094EB0A3E7A3955B31F03B6 ] C:\Windows\System32\LIVESSP.DLL

22:19:12.0377 1592 C:\Windows\System32\LIVESSP.DLL - ok

22:19:12.0377 1592 [91F434FF6606ED9BDC6A05D651B69553 ] C:\Windows\System32\efslsaext.dll

22:19:12.0377 1592 C:\Windows\System32\efslsaext.dll - ok

22:19:12.0393 1592 [4E5FE39C1076D115EC8BFCFE14D75B80 ] C:\Windows\System32\credssp.dll

22:19:12.0393 1592 C:\Windows\System32\credssp.dll - ok

22:19:12.0393 1592 [8124944EC89D6A1815E4E53F5B96AAF4 ] C:\Windows\System32\scecli.dll

22:19:12.0393 1592 C:\Windows\System32\scecli.dll - ok

22:19:12.0393 1592 [7222995615BF93B628DCEA4BD6CCACF7 ] C:\Windows\System32\ubpm.dll

22:19:12.0393 1592 C:\Windows\System32\ubpm.dll - ok

22:19:12.0393 1592 [54A47F6B5E09A77E61649109C6A08866 ] C:\Windows\System32\svchost.exe

22:19:12.0393 1592 C:\Windows\System32\svchost.exe - ok

22:19:12.0408 1592 [EC7BC28D207DA09E79B3E9FAF8B232CA ] C:\Windows\System32\umpnpmgr.dll

22:19:12.0408 1592 C:\Windows\System32\umpnpmgr.dll - ok

22:19:12.0408 1592 [FD07F21E0A19C27ED4E1EEC2B07452B3 ] C:\Windows\System32\devrtl.dll

22:19:12.0408 1592 C:\Windows\System32\devrtl.dll - ok

22:19:12.0408 1592 [1097F3035BAF46CED8B332B3564C5108 ] C:\Windows\System32\gpapi.dll

22:19:12.0408 1592 C:\Windows\System32\gpapi.dll - ok

22:19:12.0408 1592 [4BDBBE5E4208022DD794F7EEEB0F7366 ] C:\Windows\System32\SPInf.dll

22:19:12.0408 1592 C:\Windows\System32\SPInf.dll - ok

22:19:12.0424 1592 [D15618A0FF8DBC2C5BF3726BACC75A0B ] C:\Windows\System32\userenv.dll

22:19:12.0424 1592 C:\Windows\System32\userenv.dll - ok

22:19:12.0424 1592 [5893EBDCE371174AC89ECD7731DD6D77 ] C:\Windows\System32\pcwum.dll

22:19:12.0424 1592 C:\Windows\System32\pcwum.dll - ok

22:19:12.0424 1592 [F87D30E72E03D579A5199CCB3831D6EA ] C:\Windows\System32\umpo.dll

22:19:12.0424 1592 C:\Windows\System32\umpo.dll - ok

22:19:12.0424 1592 [08DFDBD2FD4EA951DC46B1C7661ED35A ] C:\Windows\System32\powrprof.dll

22:19:12.0424 1592 C:\Windows\System32\powrprof.dll - ok

22:19:12.0440 1592 [6703E366CC18D3B6E534F5CF7DF39CEE ] C:\Windows\System32\drivers\luafv.sys

22:19:12.0440 1592 C:\Windows\System32\drivers\luafv.sys - ok

22:19:12.0440 1592 [DE6ED95AEF259979B2830450072A627B ] C:\Windows\System32\drivers\aswFsBlk.sys

22:19:12.0440 1592 C:\Windows\System32\drivers\aswFsBlk.sys - ok

22:19:12.0440 1592 [62F9DCEC95F91B8E0203E85D344A7E65 ] C:\Windows\System32\drivers\aswMonFlt.sys

22:19:12.0440 1592 C:\Windows\System32\drivers\aswMonFlt.sys - ok

22:19:12.0440 1592 [629CABB0421668C9D3D402A3C3D77E14 ] C:\Windows\System32\drivers\mbam.sys

22:19:12.0440 1592 C:\Windows\System32\drivers\mbam.sys - ok

22:19:12.0455 1592 [7660F01D3B38ACA1747E397D21D790AF ] C:\Windows\System32\rpcss.dll

22:19:12.0455 1592 C:\Windows\System32\rpcss.dll - ok

22:19:12.0455 1592 [78D072F35BC45D9E4E1B61895C152234 ] C:\Windows\System32\RpcEpMap.dll

22:19:12.0455 1592 C:\Windows\System32\RpcEpMap.dll - ok

22:19:12.0455 1592 [EE5C8E27C37B79CB54A2FCEEED2DC262 ] C:\Windows\System32\WSHTCPIP.DLL

22:19:12.0455 1592 C:\Windows\System32\WSHTCPIP.DLL - ok

22:19:12.0455 1592 [81F08948A0F1475894C99D4D19A158A8 ] C:\Windows\System32\wshqos.dll

22:19:12.0455 1592 C:\Windows\System32\wshqos.dll - ok

22:19:12.0471 1592 [2A2D72271844C52F004901A60312B96A ] C:\Program Files\Comodo\COMODO InternetSecurity\cmdagent.exe

22:19:12.0471 1592 C:\Program Files\Comodo\COMODO Internet Security\cmdagent.exe - ok

22:19:12.0471 1592 [3F50200237961034FACE602373838980 ] C:\Windows\System32\FirewallAPI.dll

22:19:12.0471 1592 C:\Windows\System32\FirewallAPI.dll - ok

22:19:12.0471 1592 [3EF0D8AB08385AAB5802E773511A2E6A ] C:\Windows\System32\LogonUI.exe

22:19:12.0471 1592 C:\Windows\System32\LogonUI.exe - ok

22:19:12.0486 1592 [6A6B2EE4565A178035BE2A4FF6F2C968 ] C:\Windows\System32\wtsapi32.dll

22:19:12.0486 1592 C:\Windows\System32\wtsapi32.dll - ok

22:19:12.0486 1592 [A6C29DB53ECA94FA8591C5388D604B82 ] C:\Windows\System32\msi.dll

22:19:12.0486 1592 C:\Windows\System32\msi.dll - ok

22:19:12.0486 1592 [CDD35C1CE1EBFE80C055691CDC8DF443 ] C:\Windows\System32\authui.dll

22:19:12.0486 1592 C:\Windows\System32\authui.dll - ok

22:19:12.0486 1592 [D5AEFAD57C08349A4393D987DF7C715D ] C:\Windows\System32\winmm.dll

22:19:12.0486 1592 C:\Windows\System32\winmm.dll - ok

22:19:12.0502 1592 [B9A8CBCFCD3EC9D2EA4740AF347BF108 ] C:\Windows\System32\mpr.dll

22:19:12.0502 1592 C:\Windows\System32\mpr.dll - ok

22:19:12.0502 1592 [2FCA0D2C59A855C54BAFA22AA329DF0F ] C:\Windows\System32\netapi32.dll

22:19:12.0502 1592 C:\Windows\System32\netapi32.dll - ok

22:19:12.0502 1592 [20B3934DB73EABA2B49B7177873CB81F ] C:\Windows\System32\netutils.dll

22:19:12.0502 1592 C:\Windows\System32\netutils.dll - ok

22:19:12.0502 1592 [8E01332CC4B68BC6B5B7EFFE374442AA ] C:\Windows\System32\oleacc.dll

22:19:12.0502 1592 C:\Windows\System32\oleacc.dll - ok

22:19:12.0518 1592 [9E4B0E7472B4CEBA9E17F440B8CB0AB8 ] C:\Windows\System32\winspool.drv

22:19:12.0518 1592 C:\Windows\System32\winspool.drv - ok

22:19:12.0518 1592 [E5A4A1326A02F8E7B59E6C3270CE7202 ] C:\Windows\System32\wkscli.dll

22:19:12.0518 1592 C:\Windows\System32\wkscli.dll- ok

22:19:12.0518 1592 [BDAC1AA64495D0F7E1FF810EBBF1F018 ]C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_5.82.7601.17514_none_ec83dffa859149af\comctl32.dll

22:19:12.0518 1592 C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_5.82.7601.17514_none_ec83dffa859149af\comctl32.dll- ok

22:19:12.0518 1592 [28CA821606669BB9215CE010767720FA ] C:\Windows\System32\cryptui.dll

22:19:12.0518 1592 C:\Windows\System32\cryptui.dll - ok

22:19:12.0533 1592 [839F96DBAAFD3353E0B248A5E0BD2A51 ] C:\Windows\System32\rasapi32.dll

22:19:12.0533 1592 C:\Windows\System32\rasapi32.dll - ok

22:19:12.0533 1592 [FFA7172354B9256DBB2CDD75F16F33FE ] C:\Windows\System32\rasman.dll

22:19:12.0533 1592 C:\Windows\System32\rasman.dll- ok

22:19:12.0533 1592 [CEFD70DB114C9D25EA101CC7B0E97A7F ] C:\Program Files\Comodo\COMODO InternetSecurity\framework.dll

22:19:12.0533 1592 C:\Program Files\Comodo\COMODO Internet Security\framework.dll - ok

22:19:12.0533 1592 [352B3DC62A0D259A82A052238425C872 ]C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2\comctl32.dll

22:19:12.0533 1592 C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2\comctl32.dll- ok

22:19:12.0549 1592 [6304ADA4AB25B9F549017F9C356FEE1D ] C:\Program Files\Comodo\COMODO InternetSecurity\scanners\rkdscan.dll

22:19:12.0549 1592 C:\Program Files\Comodo\COMODO Internet Security\scanners\rkdscan.dll -ok

22:19:12.0549 1592 [F14A9B1778376D0B1788E402AC1F831A ] C:\Windows\System32\shacct.dll

22:19:12.0549 1592 C:\Windows\System32\shacct.dll - ok

22:19:12.0549 1592 [164EA9CDBA6B4CDD7731A23E7FD933FA ] C:\Windows\System32\wbemcomn2.dll

22:19:12.0549 1592 C:\Windows\System32\wbemcomn2.dll - ok

22:19:12.0549 1592 [D639B766AEBC5CCDA75447D4BCFB952E ] C:\Windows\System32\wbem\wbemprox.dll

22:19:12.0549 1592 C:\Windows\System32\wbem\wbemprox.dll - ok

22:19:12.0564 1592 [96C0E38905CFD788313BE8E11DAE3F2F ] C:\Windows\System32\cryptsvc.dll

22:19:12.0564 1592 C:\Windows\System32\cryptsvc.dll - ok

22:19:12.0564 1592 [C30A3E5DEEEBA22E782AC54C5AF5F352 ] C:\Windows\System32\samlib.dll

22:19:12.0564 1592 C:\Windows\System32\samlib.dll - ok

22:19:12.0564 1592 [14C7D74AC4F90F881659532F4CE74F83 ] C:\Windows\System32\atiesrxx.exe

22:19:12.0564 1592 C:\Windows\System32\atiesrxx.exe - ok

22:19:12.0564 1592 [CA79539D3D4C0BA66F0F051A5EE5E923 ] C:\Windows\System32\cryptnet.dll

22:19:12.0564 1592 C:\Windows\System32\cryptnet.dll - ok

22:19:12.0580 1592 [12C45E3CB6D65F73209549E2D02ECA7A ] C:\Windows\System32\propsys.dll

22:19:12.0580 1592 C:\Windows\System32\propsys.dll - ok

22:19:12.0580 1592 [63BFDF555DA2075A77D677829C3CCCD0 ] C:\Windows\System32\uxtheme.dll

22:19:12.0580 1592 C:\Windows\System32\uxtheme.dll - ok

22:19:12.0580 1592 [7717F84F483002815490033BF069DABD ]C:\Windows\winsxs\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.17825_none_72d273598668a06b\GdiPlus.dll

22:19:12.0580 1592 C:\Windows\winsxs\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.17825_none_72d273598668a06b\GdiPlus.dll- ok

22:19:12.0580 1592 [EE06B85BC69F18826302348A2AD089E0 ] C:\Windows\System32\dui70.dll

22:19:12.0580 1592 C:\Windows\System32\dui70.dll - ok

22:19:12.0596 1592 [241E015DD809CFB23242F890B1FC575B ] C:\Windows\System32\wevtsvc.dll

22:19:12.0596 1592 C:\Windows\System32\wevtsvc.dll - ok

22:19:12.0596 1592 [6E1F8165C365D35C8E3C045AF0CDD481 ] C:\Windows\System32\duser.dll

22:19:12.0596 1592 C:\Windows\System32\duser.dll - ok

22:19:12.0596 1592 [2CFA4569350B7F84F815E9EC34E85766 ] C:\Windows\System32\SndVolSSO.dll

22:19:12.0596 1592 C:\Windows\System32\SndVolSSO.dll - ok

22:19:12.0596 1592 [39C5F32747B3414D1BB216FDB1DEFC58 ] C:\Windows\System32\dwmapi.dll

22:19:12.0596 1592 C:\Windows\System32\dwmapi.dll - ok

22:19:12.0611 1592 [63DF770DF74ACB370EF5A16727069AAF ] C:\Windows\System32\hid.dll

22:19:12.0611 1592 C:\Windows\System32\hid.dll - ok

22:19:12.0611 1592 [243974EC02F7AE49E4179C54624143AB ] C:\Windows\System32\MMDevAPI.dll

22:19:12.0611 1592 C:\Windows\System32\MMDevAPI.dll - ok

22:19:12.0611 1592 [EDF2A5E96BEC469DA3F64E9BDD386111 ] C:\Windows\System32\xmllite.dll

22:19:12.0611 1592 C:\Windows\System32\xmllite.dll - ok

22:19:12.0611 1592 [1DB71A41DAEE6B3F8CD0DDA8209FA2D5 ] C:\Windows\System32\WindowsCodecs.dll

22:19:12.0611 1592 C:\Windows\System32\WindowsCodecs.dll - ok

22:19:12.0627 1592 [CE3B4E731638D2EF62FCB419BE0D39F0 ] C:\Windows\System32\audiosrv.dll

22:19:12.0627 1592 C:\Windows\System32\audiosrv.dll - ok

22:19:12.0627 1592 [CADEFAC453040E370A1BDFF3973BE00D ] C:\Windows\System32\profsvc.dll

22:19:12.0627 1592 C:\Windows\System32\profsvc.dll - ok

22:19:12.0627 1592 [AC8C80DC4F1A6E60C9A762C1799F0B39 ] C:\Windows\System32\adtschema.dll

22:19:12.0627 1592 C:\Windows\System32\adtschema.dll - ok

22:19:12.0627 1592 [139D3AB6AA920C34C50CBFFB9EB7D222 ] C:\Windows\System32\avrt.dll

22:19:12.0627 1592 C:\Windows\System32\avrt.dll - ok

22:19:12.0642 1592 [146B6F43A673379A3C670E86D89BE5EA ] C:\Windows\System32\mmcss.dll

22:19:12.0642 1592 C:\Windows\System32\mmcss.dll - ok

22:19:12.0642 1592 [8B0B4C5927A333A05513791758350DC4 ]C:\Windows\System32\microsoft-windows-kernel-power-events.dll

22:19:12.0642 1592 C:\Windows\System32\microsoft-windows-kernel-power-events.dll - ok

22:19:12.0642 1592 [65BF13016A3C22775F3E17591AE5268A ] C:\Windows\System32\VaultCredProvider.dll

22:19:12.0642 1592 C:\Windows\System32\VaultCredProvider.dll - ok

22:19:12.0642 1592 [326C7F76A29897A892AA7726E91C1C67 ] C:\Windows\System32\winbrand.dll

22:19:12.0642 1592 C:\Windows\System32\winbrand.dll - ok

22:19:12.0658 1592 [6946A3582FDA11A9A42B95626298541D ] C:\Windows\System32\wbem\WinMgmtR.dll

22:19:12.0658 1592 C:\Windows\System32\wbem\WinMgmtR.dll - ok

22:19:12.0658 1592 [16935C98FF639D185086A3529B1F2067 ] C:\Windows\System32\wlansvc.dll

22:19:12.0658 1592 C:\Windows\System32\wlansvc.dll - ok

22:19:12.0658 1592 [7520EC808E0C35E0EE6F841294316653 ] C:\Windows\System32\drivers\fltMgr.sys

22:19:12.0658 1592 C:\Windows\System32\drivers\fltMgr.sys - ok

22:19:12.0658 1592 [05BF975CA428E04B462FB90841B37C95 ] C:\Windows\System32\SmartcardCredentialProvider.dll

22:19:12.0658 1592 C:\Windows\System32\SmartcardCredentialProvider.dll - ok

22:19:12.0674 1592 [D93A937A2A9D2CBC06B3A615A197011F ] C:\Windows\System32\PSHED.DLL

22:19:12.0674 1592 C:\Windows\System32\PSHED.DLL - ok

22:19:12.0674 1592 [F68194F74350D4A2ADE98961E33F884C ] C:\Windows\System32\audiodg.exe

22:19:12.0674 1592 C:\Windows\System32\audiodg.exe - ok

22:19:12.0674 1592 [E59F08ED9D2A128CE436BBFC232247F6 ] C:\Windows\System32\BioCredProv.dll

22:19:12.0674 1592 C:\Windows\System32\BioCredProv.dll - ok

22:19:12.0674 1592 [108C2CFA5527458C096A699929ECBD80 ] C:\Windows\System32\credui.dll

22:19:12.0674 1592 C:\Windows\System32\credui.dll - ok

22:19:12.0689 1592 [1F5497D7D3D79C7BF0AB0C8B4C5BFE6E ]C:\Windows\System32\microsoft-windows-kernel-processor-power-events.dll

22:19:12.0689 1592 C:\Windows\System32\microsoft-windows-kernel-processor-power-events.dll- ok

22:19:12.0689 1592 [3FAD263CE1E2A6FFF40D00043B2275E3 ] C:\Windows\System32\winbio.dll

22:19:12.0689 1592 C:\Windows\System32\winbio.dll - ok

22:19:12.0689 1592 [3FD15B4611D9BDA3F8013548C0ECAECA ] C:\Windows\System32\ntmarta.dll

22:19:12.0689 1592 C:\Windows\System32\ntmarta.dll - ok

22:19:12.0705 1592 [36B8D5903CEEF0AA42A1EE002BD27FF1 ] C:\Windows\System32\vaultcli.dll

22:19:12.0705 1592 C:\Windows\System32\vaultcli.dll - ok

22:19:12.0705 1592 [F598DCBF5B7171362A2418E27D73276B ] C:\Program Files\Common Files\microsoftshared\Windows Live\WLIDCREDPROV.DLL

22:19:12.0705 1592 C:\ProgramFiles\Common Files\microsoft shared\Windows Live\WLIDCREDPROV.DLL - ok

22:19:12.0705 1592 [6D8CACF3B1B54943EFCF420C2D667B37 ] C:\Windows\System32\certCredProvider.dll

22:19:12.0705 1592 C:\Windows\System32\certCredProvider.dll - ok

22:19:12.0705 1592 [15F93B37F6801943360D9EB42485D5D3 ] C:\Windows\System32\cscsvc.dll

22:19:12.0705 1592 C:\Windows\System32\cscsvc.dll - ok

22:19:12.0720 1592 [68ECCA523ED760AAFC03C5D587569859 ] C:\Windows\System32\samcli.dll

22:19:12.0720 1592 C:\Windows\System32\samcli.dll - ok

22:19:12.0720 1592 [F10E5311E5093FA3C00FF88C54C32FCA ] C:\Windows\System32\atl.dll

22:19:12.0720 1592 C:\Windows\System32\atl.dll - ok

22:19:12.0720 1592 [E897EAF5ED6BA41E081060C9B447A673 ] C:\Windows\System32\gpsvc.dll

22:19:12.0720 1592 C:\Windows\System32\gpsvc.dll - ok

22:19:12.0720 1592 [772F44012DBE49DE894976AE2259A659 ] C:\Windows\System32\PeerDist.dll

22:19:12.0720 1592 C:\Windows\System32\PeerDist.dll - ok

22:19:12.0736 1592 [FFE4BEC5C187C426A17AE76A773063A6 ] C:\Windows\System32\rasplap.dll

22:19:12.0736 1592 C:\Windows\System32\rasplap.dll - ok

22:19:12.0736 1592 [42FB6AFD6B79D9FE07381609172E7CA4 ] C:\Windows\System32\themeservice.dll

22:19:12.0736 1592 C:\Windows\System32\themeservice.dll - ok

22:19:12.0736 1592 [544EFF88AC6C85DF5A4D6F18DFE08CFC ] C:\Windows\System32\taskschd.dll

22:19:12.0736 1592 C:\Windows\System32\taskschd.dll - ok

22:19:12.0736 1592 [2F040CF0613A6D64DCBBA9EE81F5A5AE ] C:\Windows\System32\dsrole.dll

22:19:12.0736 1592 C:\Windows\System32\dsrole.dll- ok

22:19:12.0752 1592 [F6916EFC29D9953D5D0DF06882AE8E16 ] C:\Windows\System32\es.dll

22:19:12.0752 1592 C:\Windows\System32\es.dll - ok

22:19:12.0752 1592 [50E0DD0A5B8D8BC353578F2F73926697 ] C:\Windows\System32\nlaapi.dll

22:19:12.0752 1592 C:\Windows\System32\nlaapi.dll - ok

22:19:12.0752 1592 [8B74CEC6980D4816B0037AE9A27E538F ] C:\Windows\System32\slc.dll

22:19:12.0752 1592 C:\Windows\System32\slc.dll - ok

22:19:12.0752 1592 [0915C4DB6DBC3BB9E11B7ECBBE4B7159 ] C:\Windows\System32\rtutils.dll

22:19:12.0752 1592 C:\Windows\System32\rtutils.dll - ok

22:19:12.0767 1592 [D205C24A9D069049FE2DF2A1B38726A7 ] C:\Windows\System32\wdmaud.drv

22:19:12.0767 1592 C:\Windows\System32\wdmaud.drv - ok

22:19:12.0767 1592 [808D8A8B2A3074002852BC856D419576 ] C:\Windows\System32\comres.dll

22:19:12.0767 1592 C:\Windows\System32\comres.dll - ok

22:19:12.0767 1592 [9C67F6BBDA3881CFD02095160CF91576 ] C:\Windows\System32\ksuser.dll

22:19:12.0767 1592 C:\Windows\System32\ksuser.dll - ok

22:19:12.0767 1592 [C5A99A4C0DC9F0F5A95BA0C83D30A549 ] C:\Windows\System32\mstask.dll

22:19:12.0767 1592 C:\Windows\System32\mstask.dll - ok

22:19:12.0783 1592 [DCB7FCDCC97F87360F75D77425B81737 ] C:\Windows\System32\Sens.dll

22:19:12.0783 1592 C:\Windows\System32\Sens.dll - ok

22:19:12.0783 1592 [A12829E9974F57E9B5DBFEA7C93190F6 ] C:\Windows\System32\UXInit.dll

22:19:12.0783 1592 C:\Windows\System32\UXInit.dll - ok

22:19:12.0783 1592 [B442DA60D953B2D5444CF13727CB6AF7 ] C:\Windows\System32\atieclxx.exe

22:19:12.0783 1592 C:\Windows\System32\atieclxx.exe - ok

22:19:12.0783 1592 [C0BEB56ED79B59B7B33D0AA6C38A0BA6 ] C:\Windows\System32\hpservice.exe

22:19:12.0783 1592 C:\Windows\System32\hpservice.exe - ok

22:19:12.0798 1592 [24CAEDCD73B5B0E22226283B7B2468C7 ] C:\Windows\System32\mfc42u.dll

22:19:12.0798 1592 C:\Windows\System32\mfc42u.dll - ok

22:19:12.0798 1592 [CBD1CF216E3E96F4A3BA10C4FBC26644 ] C:\Windows\System32\atiadlxx.dll

22:19:12.0798 1592 C:\Windows\System32\atiadlxx.dll - ok

22:19:12.0798 1592 [C940F2F5C60B3727C5F18840735B229C ] C:\Windows\System32\AudioSes.dll

22:19:12.0798 1592 C:\Windows\System32\AudioSes.dll - ok

22:19:12.0798 1592 [FD049C25A168D3DE310D9207B7B6367B ] C:\Windows\System32\UIAutomationCore.dll

22:19:12.0798 1592 C:\Windows\System32\UIAutomationCore.dll - ok

22:19:12.0814 1592 [7D34AF98A706230CC2DEDFE0CABF87AB ] C:\Windows\System32\odbc32.dll

22:19:12.0814 1592 C:\Windows\System32\odbc32.dll - ok

22:19:12.0814 1592 [3506073028F82A26771F703B18072FD9 ] C:\Windows\System32\accelerometerdll.DLL

22:19:12.0814 1592 C:\Windows\System32\accelerometerdll.DLL - ok

22:19:12.0814 1592 [5A12C364AD1D4FCC0AD0E56DBBC34462 ] C:\Windows\System32\midimap.dll

22:19:12.0814 1592 C:\Windows\System32\midimap.dll - ok

22:19:12.0814 1592 [85683DF1F917E4D7F6BE1A04986BF1C8 ] C:\Windows\System32\msacm32.dll

22:19:12.0814 1592 C:\Windows\System32\msacm32.dll - ok

22:19:12.0830 1592 [07393A09C46083588E751B63B03C8301 ] C:\Windows\System32\msacm32.drv

22:19:12.0830 1592 C:\Windows\System32\msacm32.drv - ok

22:19:12.0830 1592 [ABA457BFC7EC0B5E130B2F1E0F549DFF ] C:\Windows\System32\odbcint.dll

22:19:12.0830 1592 C:\Windows\System32\odbcint.dll - ok

22:19:12.0830 1592 [BBA9D5A730D5E304117AD26923EBD8AA ] C:\Windows\System32\AudioEng.dll

22:19:12.0830 1592 C:\Windows\System32\AudioEng.dll - ok

22:19:12.0830 1592 [F7611EC07349979DA9B0AE1F18CCC7A6 ] C:\Windows\System32\drivers\lltdio.sys

22:19:12.0830 1592 C:\Windows\System32\drivers\lltdio.sys - ok

22:19:12.0845 1592 [081E6E1C91AEC36758902A9F727CD23C ] C:\Windows\System32\uxsms.dll

22:19:12.0845 1592 C:\Windows\System32\uxsms.dll - ok

22:19:12.0845 1592 [96F0F8F4DEE598C8D12AD9633E0CFE2A ] C:\Windows\System32\AUDIOKSE.dll

22:19:12.0845 1592 C:\Windows\System32\AUDIOKSE.dll - ok

22:19:12.0845 1592 [26384429FCD85D83746F63E798AB1480 ] C:\Windows\System32\drivers\nwifi.sys

22:19:12.0845 1592 C:\Windows\System32\drivers\nwifi.sys - ok

22:19:12.0845 1592 [B49543C72E753381C0DC0C6392E3750E ] C:\Windows\System32\atimuixx.dll

22:19:12.0845 1592 C:\Windows\System32\atimuixx.dll - ok

22:19:12.0861 1592 [D8A65DAFB3EB41CBB622745676FCD072 ] C:\Windows\System32\drivers\ndisuio.sys

22:19:12.0861 1592 C:\Windows\System32\drivers\ndisuio.sys - ok

22:19:12.0861 1592 [032B0D36AD92B582D869879F5AF5B928 ] C:\Windows\System32\drivers\rspndr.sys

22:19:12.0861 1592 C:\Windows\System32\drivers\rspndr.sys - ok

22:19:12.0861 1592 [55CA01BA19D0006C8F2639B6C045E08B ] C:\Windows\System32\lmhsvc.dll

22:19:12.0861 1592 C:\Windows\System32\lmhsvc.dll - ok

22:19:12.0861 1592 [BA387E955E890C8A88306D9B8D06BF17 ] C:\Windows\System32\nsisvc.dll

22:19:12.0861 1592 C:\Windows\System32\nsisvc.dll - ok

22:19:12.0876 1592 [E9E01EB683C132F7FA27CD607B8A2B63 ] C:\Windows\System32\dhcpcore.dll

22:19:12.0876 1592 C:\Windows\System32\dhcpcore.dll - ok

22:19:12.0876 1592 [33EF4861F19A0736B11314AAD9AE28D0 ] C:\Windows\System32\dnsrslvr.dll

22:19:12.0876 1592 C:\Windows\System32\dnsrslvr.dll - ok

22:19:12.0876 1592 [A90DC9ABD65DB1A8902F361103029952 ] C:\Windows\System32\IPHLPAPI.DLL

22:19:12.0876 1592 C:\Windows\System32\IPHLPAPI.DLL - ok

22:19:12.0876 1592 [D2A937964199F647B1C3BC435712E5D9 ] C:\Windows\System32\nrpsrv.dll

22:19:12.0876 1592 C:\Windows\System32\nrpsrv.dll - ok

22:19:12.0892 1592 [CFF35B879D1618D42C86644C717BA947 ] C:\Windows\System32\winnsi.dll

22:19:12.0892 1592 C:\Windows\System32\winnsi.dll - ok

22:19:12.0892 1592 [4E30ED3E551E867ADD1C8D58F5EDD9DF ] C:\Windows\System32\WMALFXGFXDSP.dll

22:19:12.0892 1592 C:\Windows\System32\WMALFXGFXDSP.dll - ok

22:19:12.0892 1592 [03A03A453F1AAAE0C73AAAF895321C7A ] C:\Windows\System32\FWPUCLNT.DLL

22:19:12.0892 1592 C:\Windows\System32\FWPUCLNT.DLL - ok

22:19:12.0892 1592 [AF75DBA674E55221B7A055B0A4345F16 ] C:\Windows\System32\keyiso.dll

22:19:12.0892 1592 C:\Windows\System32\keyiso.dll - ok

22:19:12.0908 1592 [40B82688907A7DBA4DB3B5ADDE3EAB3B ] C:\Windows\System32\mfplat.dll

22:19:12.0908 1592 C:\Windows\System32\mfplat.dll- ok

22:19:12.0908 1592 [EF71BA5DF59034962B0C62314A71351A ] C:\Windows\System32\dhcpcore6.dll

22:19:12.0908 1592 C:\Windows\System32\dhcpcore6.dll - ok

22:19:12.0908 1592 [100103C6535C66265267F5EEA5F5846E ] C:\Windows\System32\dnsext.dll

22:19:12.0908 1592 C:\Windows\System32\dnsext.dll - ok

22:19:12.0908 1592 [9A892B3439884C62B04718F0303A49E9 ] C:\Windows\System32\eapphost.dll

22:19:12.0908 1592 C:\Windows\System32\eapphost.dll- ok

22:19:12.0923 1592 [8600142FA91C1B96367D3300AD0F3F3A ] C:\Windows\System32\eapsvc.dll

22:19:12.0923 1592 C:\Windows\System32\eapsvc.dll - ok

22:19:12.0923 1592 [9A85ABCE0FDD1AF8E79E731EB0B679F3 ] C:\Windows\System32\dhcpcsvc.dll

22:19:12.0923 1592 C:\Windows\System32\dhcpcsvc.dll - ok

22:19:12.0923 1592 [81F6C1AE23B1C493D9E996C3103915D7 ] C:\Windows\System32\dhcpcsvc6.dll

22:19:12.0923 1592 C:\Windows\System32\dhcpcsvc6.dll - ok

22:19:12.0923 1592 [D33E95C0A2754061233B58DC41F8094C ] C:\Windows\System32\umb.dll

22:19:12.0923 1592 C:\Windows\System32\umb.dll - ok

22:19:12.0939 1592 [3C9035085141162416A0DD34DBF3F3C1 ] C:\Windows\System32\wlanmsm.dll

22:19:12.0939 1592 C:\Windows\System32\wlanmsm.dll - ok

22:19:12.0939 1592 [20C06A50DFC097E134BC6FA8444CA9BC ] C:\Windows\System32\wlansec.dll

22:19:12.0939 1592 C:\Windows\System32\wlansec.dll - ok

22:19:12.0939 1592 [F748F53FE09D21D8ECBB6421E6792024 ] C:\Windows\System32\onex.dll

22:19:12.0939 1592 C:\Windows\System32\onex.dll - ok

22:19:12.0939 1592 [5A5FEDDF02588B8F9FE4A95E5E7EAE97 ] C:\Windows\System32\eappcfg.dll

22:19:12.0939 1592 C:\Windows\System32\eappcfg.dll - ok

22:19:12.0954 1592 [666E57B6B51824D1D235F80A3DD70A13 ] C:\Windows\System32\eappprxy.dll

22:19:12.0954 1592 C:\Windows\System32\eappprxy.dll - ok

22:19:12.0954 1592 [827CB0D6C3F8057EA037FF271F8E9795 ] C:\Windows\System32\imageres.dll

22:19:12.0954 1592 C:\Windows\System32\imageres.dll - ok

22:19:12.0954 1592 [C1585EAA67C37A05BF6F93726FAFC069 ] C:\Windows\System32\l2gpstore.dll

22:19:12.0954 1592 C:\Windows\System32\l2gpstore.dll - ok

22:19:12.0954 1592 [1D6A771D1D702AE07919DB52C889A249 ] C:\Windows\System32\wlanutil.dll

22:19:12.0954 1592 C:\Windows\System32\wlanutil.dll - ok

22:19:12.0970 1592 [749F9795F01C35EEBE100A87D82B9681 ] C:\Windows\System32\wlgpclnt.dll

22:19:12.0970 1592 C:\Windows\System32\wlgpclnt.dll - ok

22:19:12.0970 1592 [13337A3FB17F2242487FD45488ED0485 ] C:\Windows\System32\vssapi.dll

22:19:12.0970 1592 C:\Windows\System32\vssapi.dll- ok

22:19:12.0970 1592 [9419ABF3163B6F0E3AD3DD2B381C879F ] C:\Windows\System32\WinSCard.dll

22:19:12.0970 1592 C:\Windows\System32\WinSCard.dll - ok

22:19:12.0970 1592 [EAADD6E47ED2A7003ACE1793B98CF63F ] C:\Windows\System32\msxml6.dll

22:19:12.0970 1592 C:\Windows\System32\msxml6.dll - ok

22:19:12.0986 1592 [B940289C83121046BD6A60ACC6028593 ] C:\Windows\System32\vsstrace.dll

22:19:12.0986 1592 C:\Windows\System32\vsstrace.dll - ok

22:19:12.0986 1592 [8FA553E9AE69808D99C164733A0F9590 ] C:\Program Files\AVASTSoftware\Avast\AvastSvc.exe

22:19:12.0986 1592 C:\Program Files\AVAST Software\Avast\AvastSvc.exe - ok

22:19:12.0986 1592 [EB398DED91CFF2F425610EAA2CCF2A23 ] C:\Program Files\AVASTSoftware\Avast\aswCmnBS.dll

22:19:12.0986 1592 C:\Program Files\AVAST Software\Avast\aswCmnBS.dll - ok

22:19:12.0986 1592 [BABE99A18A382A5E2F99B48E0BC3E0D4 ] C:\Program Files\AVASTSoftware\Avast\aswCmnIS.dll

22:19:12.0986 1592 C:\Program Files\AVAST Software\Avast\aswCmnIS.dll - ok

22:19:13.0001 1592 [178B51198B7B46CD3C5E744474459A63 ] C:\Program Files\AVASTSoftware\Avast\aswCmnOS.dll

22:19:13.0001 1592 C:\Program Files\AVAST Software\Avast\aswCmnOS.dll - ok

22:19:13.0001 1592 [CDBE9690CF2B8409FACAD94FAC9479C9 ] C:\Windows\winsxs\x86_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.6161_none_50934f2ebcb7eb57\msvcr90.dll

22:19:13.0001 1592 C:\Windows\winsxs\x86_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.6161_none_50934f2ebcb7eb57\msvcr90.dll- ok

22:19:13.0001 1592 [1FF7E4F548C7C372C804938F0D5B36AE ] C:\Windows\System32\netcfgx.dll

22:19:13.0001 1592 C:\Windows\System32\netcfgx.dll - ok

22:19:13.0001 1592 [4C39358EBDD2FFCD9132A30E1EC31E16 ]C:\Windows\winsxs\x86_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.6161_none_50934f2ebcb7eb57\msvcp90.dll

22:19:13.0001 1592 C:\Windows\winsxs\x86_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.6161_none_50934f2ebcb7eb57\msvcp90.dll- ok

22:19:13.0017 1592 [55AFA63F5F2A6CED0C09E2AFE57ECA8D ] C:\Program Files\AVAST Software\Avast\ashBase.dll

22:19:13.0017 1592 C:\Program Files\AVAST Software\Avast\ashBase.dll - ok

22:19:13.0017 1592 [C515CAEC6B3C6970007954C0250A124C ] C:\Program Files\AVASTSoftware\Avast\aswEngLdr.dll

22:19:13.0017 1592 C:\Program Files\AVAST Software\Avast\aswEngLdr.dll - ok

22:19:13.0017 1592 [DF13A51A5C591887D2EC6AE64CEED0FA ] C:\Windows\System32\wsock32.dll

22:19:13.0017 1592 C:\Windows\System32\wsock32.dll - ok

22:19:13.0032 1592 [B316906B4A04DD39985350D29DE31068 ] C:\Program Files\AVASTSoftware\Avast\1033\Base.dll

22:19:13.0032 1592 C:\Program Files\AVAST Software\Avast\1033\Base.dll - ok

22:19:13.0032 1592 [977C54291BFA6FEE7FF865630E51757B ] C:\Program Files\AVASTSoftware\Avast\ashServ.dll

22:19:13.0032 1592 C:\Program Files\AVAST Software\Avast\ashServ.dll - ok

22:19:13.0032 1592 [465BEA35F7ED4A4A57686DEA7EA10F47 ] C:\Windows\System32\cscapi.dll

22:19:13.0032 1592 C:\Windows\System32\cscapi.dll - ok

22:19:13.0032 1592 [414DA952A35BF5D50192E28263B40577 ] C:\Windows\System32\shsvcs.dll

22:19:13.0032 1592 C:\Windows\System32\shsvcs.dll - ok

22:19:13.0048 1592 [16CE3ED063923253905341C9AF850FE7 ] C:\Program Files\AVASTSoftware\Avast\ashTask.dll

22:19:13.0048 1592 C:\Program Files\AVAST Software\Avast\ashTask.dll - ok

22:19:13.0048 1592 [045EE3DC56B12B404DC07848D8597C66 ] C:\Program Files\AVASTSoftware\Avast\aswAux.dll

22:19:13.0048 1592 C:\Program Files\AVAST Software\Avast\aswAux.dll - ok

22:19:13.0048 1592 [4FF19AC422B7709D786DE58B385C9647 ] C:\Program Files\AVASTSoftware\Avast\ashTaskEx.dll

22:19:13.0048 1592 C:\Program Files\AVAST Software\Avast\ashTaskEx.dll - ok

22:19:13.0048 1592 [FCA9CC8611654B790DD6242BF862B7F5 ] C:\Program Files\AVASTSoftware\Avast\aswLog.dll

22:19:13.0048 1592 C:\Program Files\AVAST Software\Avast\aswLog.dll - ok

22:19:13.0064 1592 [F186897E0A3B9D0784041221D0265069 ] C:\Program Files\AVASTSoftware\Avast\aswSqLt.dll

22:19:13.0064 1592 C:\Program Files\AVAST Software\Avast\aswSqLt.dll - ok

22:19:13.0064 1592 [6F367A9B88CFDD46F42C1D11E5CB7964 ] C:\Program Files\AVASTSoftware\Avast\Aavm4h.dll

22:19:13.0064 1592 C:\Program Files\AVAST Software\Avast\Aavm4h.dll - ok

22:19:13.0064 1592 [12B9869E74F9E698F550F04F8989C591 ] C:\Program Files\AVASTSoftware\Avast\aswProperty.dll

22:19:13.0064 1592 C:\Program Files\AVAST Software\Avast\aswProperty.dll - ok

22:19:13.0064 1592 [C2434DEA392826C1687D9BD7FA4845BC ] C:\Program Files\AVASTSoftware\Avast\AavmRpch.dll

22:19:13.0064 1592 C:\Program Files\AVAST Software\Avast\AavmRpch.dll - ok

22:19:13.0079 1592 [902F670F58193A2BC30AA342B11B2C7B ] C:\Program Files\AVASTSoftware\Avast\aswIdle.dll

22:19:13.0079 1592 C:\Program Files\AVAST Software\Avast\aswIdle.dll - ok

22:19:13.0079 1592 [264B5D8F4C70A26749FF2CEDDE06BA30 ] C:\Program Files\AVASTSoftware\Avast\aswDld.dll

22:19:13.0079 1592 C:\Program Files\AVAST Software\Avast\aswDld.dll - ok

22:19:13.0079 1592 [273FD83FC8C4E12F8C55381674F92A44 ] C:\Program Files\AVASTSoftware\Avast\aswStrm.dll

22:19:13.0079 1592 C:\Program Files\AVAST Software\Avast\aswStrm.dll - ok

22:19:13.0079 1592 [A04BB13F8A72F8B6E8B4071723E4E336 ] C:\Windows\System32\schedsvc.dll

22:19:13.0079 1592 C:\Windows\System32\schedsvc.dll - ok

22:19:13.0095 1592 [38B13C0DF479DBA23ECFA815159BA86E ] C:\Windows\System32\ktmw32.dll

22:19:13.0095 1592 C:\Windows\System32\ktmw32.dll - ok

22:19:13.0095 1592 [E6D90DC604F407B3B5E0FD285E46B2A0 ] C:\Windows\System32\fveapi.dll

22:19:13.0095 1592 C:\Windows\System32\fveapi.dll - ok

22:19:13.0095 1592 [C87F28A34B3840F4B40011D170B1A159 ] C:\Windows\System32\fvecerts.dll

22:19:13.0095 1592 C:\Windows\System32\fvecerts.dll - ok

22:19:13.0110 1592 [EAFC149CD3BD78C443E31BB157841197 ] C:\Windows\System32\tbs.dll

22:19:13.0110 1592 C:\Windows\System32\tbs.dll - ok

22:19:13.0110 1592 [A8CDF3768604FF95B54669E20053D569 ] C:\Windows\System32\wscapi.dll

22:19:13.0110 1592 C:\Windows\System32\wscapi.dll - ok

22:19:13.0110 1592 [8258362DDB18B644A82D8B5061AD9426 ] C:\Windows\System32\wscisvif.dll

22:19:13.0110 1592 C:\Windows\System32\wscisvif.dll - ok

22:19:13.0110 1592 [E2D56AE1D40E3725084054CD8E9CFBB1 ] C:\Windows\System32\wiarpc.dll

22:19:13.0110 1592 C:\Windows\System32\wiarpc.dll - ok

22:19:13.0126 1592 [1C3E8371377E988B683797A132EFFE1B ] C:\Windows\System32\taskcomp.dll

22:19:13.0126 1592 C:\Windows\System32\taskcomp.dll - ok

22:19:13.0126 1592 [871917B07A141BFF43D76D8844D48106 ] C:\Windows\System32\drivers\http.sys

22:19:13.0126 1592 C:\Windows\System32\drivers\http.sys - ok

22:19:13.0126 1592 [9AEA093B8F9C37CF45538382CABA2475 ] C:\Windows\System32\spoolsv.exe

22:19:13.0126 1592 C:\Windows\System32\spoolsv.exe - ok

22:19:13.0126 1592 [1E487F83D37F7DF5570F8BB2474A3391 ] C:\Program Files\AVASTSoftware\Avast\defs\13020101\aswEngin.dll

22:19:13.0126 1592 C:\Program Files\AVAST Software\Avast\defs\13020101\aswEngin.dll - ok

22:19:13.0142 1592 [E895E417F04339B583A90A1959054BEA ] C:\Program Files\AVASTSoftware\Avast\defs\13020101\aswCmnOS.dll

22:19:13.0142 1592 C:\Program Files\AVAST Software\Avast\defs\13020101\aswCmnOS.dll - ok

22:19:13.0142 1592 [3AE814769FD59498E9AF30A1B86417DF ] C:\Program Files\AVAST Software\Avast\defs\13020101\aswCmnIS.dll

22:19:13.0142 1592 C:\Program Files\AVAST Software\Avast\defs\13020101\aswCmnIS.dll - ok

22:19:13.0142 1592 [1E2BAC209D184BB851E1A187D8A29136 ] C:\Windows\System32\BFE.DLL

22:19:13.0142 1592 C:\Windows\System32\BFE.DLL - ok

22:19:13.0142 1592 [A51E50551720871A2409398ECB156A44 ] C:\Program Files\AVASTSoftware\Avast\defs\13020101\aswCmnBS.dll

22:19:13.0142 1592 C:\Program Files\AVAST Software\Avast\defs\13020101\aswCmnBS.dll - ok

22:19:13.0157 1592 [10DFDA4DF80A0D273B142E2FD4AA2994 ] C:\Program Files\AVASTSoftware\Avast\defs\13020101\aswScan.dll

22:19:13.0157 1592 C:\Program Files\AVAST Software\Avast\defs\13020101\aswScan.dll - ok

22:19:13.0157 1592 [9113108930BBA90DED86DC3B6CACE5D7 ] C:\Program Files\AVASTSoftware\Avast\defs\13020101\aswRep.dll

22:19:13.0157 1592 C:\Program Files\AVAST Software\Avast\defs\13020101\aswRep.dll - ok

22:19:13.0157 1592 [C1F048B33A1BD8F5B05AF76469252F55 ] C:\Program Files\AVAST Software\Avast\defs\13020101\aswFiDb.dll

22:19:13.0157 1592 C:\Program Files\AVAST Software\Avast\defs\13020101\aswFiDb.dll - ok

22:19:13.0173 1592 [8F2DA3028D5FCBD1A060A3DE64CD6506 ] C:\Windows\System32\drivers\bowser.sys

22:19:13.0173 1592 C:\Windows\System32\drivers\bowser.sys - ok

22:19:13.0173 1592 [AD2723A7B53DD1AACAE6AD8C0BFBF4D0 ] C:\Windows\System32\drivers\mpsdrv.sys

22:19:13.0173 1592 C:\Windows\System32\drivers\mpsdrv.sys - ok

22:19:13.0173 1592 [5D16C921E3671636C0EBA3BBAAC5FD25 ] C:\Windows\System32\drivers\mrxsmb.sys

22:19:13.0173 1592 C:\Windows\System32\drivers\mrxsmb.sys - ok

22:19:13.0173 1592 [9835584E999D25004E1EE8E5F3E3B881 ] C:\Windows\System32\MPSSVC.dll

22:19:13.0173 1592 C:\Windows\System32\MPSSVC.dll - ok

22:19:13.0188 1592 [6D17A4791ACA19328C685D256349FEFC ] C:\Windows\System32\drivers\mrxsmb10.sys

22:19:13.0188 1592 C:\Windows\System32\drivers\mrxsmb10.sys - ok

22:19:13.0188 1592 [B81F204D146000BE76651A50670A5E9E ] C:\Windows\System32\drivers\mrxsmb20.sys

22:19:13.0188 1592 C:\Windows\System32\drivers\mrxsmb20.sys - ok

22:19:13.0188 1592 [6FFC4F8D16846370F74E174D76357DC1 ] C:\Program Files\AVASTSoftware\Avast\defs\13020101\algo.dll

22:19:13.0188 1592 C:\Program Files\AVAST Software\Avast\defs\13020101\algo.dll - ok

22:19:13.0188 1592 [58405E4F68BA8E4057C6E914F326ABA2 ] C:\Windows\System32\wkssvc.dll

22:19:13.0188 1592 C:\Windows\System32\wkssvc.dll - ok

22:19:13.0204 1592 [2EA877ED5DD9713C5AC74E8EA7348D14 ] C:\Windows\System32\drivers\parport.sys

22:19:13.0204 1592 C:\Windows\System32\drivers\parport.sys - ok

22:19:13.0204 1592 [3927397AC60D943DAF8808AFFED582B7 ] C:\Program Files\CommonFiles\Adobe\ARM\1.0\armsvc.exe

22:19:13.0204 1592 C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe - ok

22:19:13.0204 1592 [019C372B1A9DA73A22D0D35A4D40F5C9 ] C:\Windows\System32\wfapigp.dll

22:19:13.0204 1592 C:\Windows\System32\wfapigp.dll - ok

22:19:13.0204 1592 [1ACAA67676E9E7BDA5E0C41B6E0DECAF ] C:\Program Files\Malwarebytes'Anti-Malware\mbamscheduler.exe

22:19:13.0204 1592 C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe - ok

22:19:13.0220 1592 [8EC04CA86F1D68DA9E11952EB85973D6 ] C:\Windows\System32\dps.dll

22:19:13.0220 1592 C:\Windows\System32\dps.dll - ok

22:19:13.0220 1592 [ 3F6D9269E7B3A754B1C2F8533DC7F318] C:\Windows\System32\efscore.dll

22:19:13.0220 1592 C:\Windows\System32\efscore.dll - ok

22:19:13.0220 1592 [00A99DA54C14969A899ED316D16E9A9E ] C:\Windows\System32\efssvc.dll

22:19:13.0220 1592 C:\Windows\System32\efssvc.dll - ok

22:19:13.0220 1592 [F95622F161474511B8D80D6B093AA610 ] C:\Windows\System32\IKEEXT.DLL

22:19:13.0220 1592 C:\Windows\System32\IKEEXT.DLL - ok

22:19:13.0235 1592 [8624E0E2418413614EE1FECDB7B76B88 ] C:\Program Files\Malwarebytes' Anti-Malware\mbam.dll

22:19:13.0235 1592 C:\Program Files\Malwarebytes' Anti-Malware\mbam.dll - ok

22:19:13.0235 1592 [D4467A285C91752018F67CDBA8680BAB ] C:\Program Files\Malwarebytes'Anti-Malware\mbamnet.dll

22:19:13.0235 1592 C:\Program Files\Malwarebytes' Anti-Malware\mbamnet.dll - ok

22:19:13.0235 1592 [7F8678C59F188528D60104E697C2361E ] C:\Windows\System32\mscms.dll

22:19:13.0235 1592 C:\Windows\System32\mscms.dll - ok

22:19:13.0235 1592 [358AB7956D3160000726574083DFC8A6 ] C:\Windows\System32\pcasvc.dll

22:19:13.0235 1592 C:\Windows\System32\pcasvc.dll - ok

22:19:13.0251 1592 [359C3AC547AA1D24EED35BE3AB3759DC ] C:\Windows\System32\efsutil.dll

22:19:13.0251 1592 C:\Windows\System32\efsutil.dll - ok

22:19:13.0251 1592 [6A984831644ECA1A33FFEAE4126F4F37 ] C:\Windows\System32\snmptrap.exe

22:19:13.0251 1592 C:\Windows\System32\snmptrap.exe - ok

22:19:13.0251 1592 [916B8954AC3E06DC9E898AFFB41F3FB6 ] C:\Program Files\Malwarebytes'Anti-Malware\mbamservice.exe

22:19:13.0251 1592 C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe - ok

22:19:13.0251 1592 [4BE1DCAD76BE96D1EC887A41E570C404 ] C:\Program Files\Malwarebytes'Anti-Malware\mbamcore.dll

22:19:13.0251 1592 C:\Program Files\Malwarebytes' Anti-Malware\mbamcore.dll - ok

22:19:13.0266 1592 [A86F5616EACB7155998011CEFFFB52F6 ]C:\Windows\System32\RdpGroupPolicyExtension.dll

22:19:13.0266 1592 C:\Windows\System32\RdpGroupPolicyExtension.dll - ok

22:19:13.0266 1592 [E223D2851906B84F52E1B75EA16198F9 ] C:\Windows\Microsoft.NET\Framework\v4.0.30319\ServiceModelEvents.dll

22:19:13.0266 1592 C:\Windows\Microsoft.NET\Framework\v4.0.30319\ServiceModelEvents.dll -ok

22:19:13.0266 1592 [7CCCFCA7510684768DA22092D1FA4DB2 ] C:\Windows\System32\netman.dll

22:19:13.0266 1592 C:\Windows\System32\netman.dll - ok

22:19:13.0266 1592 [374071043F9E4231EE43BE2BB48DD36D ] C:\Windows\System32\nlasvc.dll

22:19:13.0266 1592 C:\Windows\System32\nlasvc.dll - ok

22:19:13.0282 1592 [9E0104BA49F4E6973749A02BF41344ED ] C:\Windows\System32\drivers\PEAuth.sys

22:19:13.0282 1592 C:\Windows\System32\drivers\PEAuth.sys - ok

22:19:13.0282 1592 [140D9F911182357626165EA0BEB98C4F ] C:\Windows\System32\ncsi.dll

22:19:13.0282 1592 C:\Windows\System32\ncsi.dll - ok

22:19:13.0282 1592 [81DBFB92EC47CAC5A7DBAC688886C212 ] C:\Windows\System32\PrintCtrl.exe

22:19:13.0282 1592 C:\Windows\System32\PrintCtrl.exe - ok

22:19:13.0282 1592 [CA9F7888B524D8100B977C81F44C3234 ] C:\Windows\System32\winhttp.dll

22:19:13.0282 1592 C:\Windows\System32\winhttp.dll - ok

22:19:13.0298 1592 [A2F17346CC5C502D4E29EF986BD17D34 ] C:\Windows\System32\PeerDistSh.dll

22:19:13.0298 1592 C:\Windows\System32\PeerDistSh.dll - ok

22:19:13.0298 1592 [5845B1C54380FB980F68024B3A8B1E66 ] C:\Windows\System32\vpnikeapi.dll

22:19:13.0298 1592 C:\Windows\System32\vpnikeapi.dll - ok

22:19:13.0298 1592 [90A3935D05B494A5A39D37E71F09A677 ] C:\Windows\System32\drivers\secdrv.sys

22:19:13.0298 1592 C:\Windows\System32\drivers\secdrv.sys - ok

22:19:13.0298 1592 [0F575481EAD4CDD41AA82ED38BC8F6B3 ] C:\Program Files\Skype\Updater\Updater.exe

22:19:13.0298 1592 C:\Program Files\Skype\Updater\Updater.exe - ok

22:19:13.0313 1592 [A59B3A4442C52060CC7A85293AA3546F ] C:\Windows\System32\seclogon.dll

22:19:13.0313 1592 C:\Windows\System32\seclogon.dll - ok

22:19:13.0313 1592 [FB19FC5951A88F3C523E35C2C98D23C0 ] C:\Windows\System32\webio.dll

22:19:13.0313 1592 C:\Windows\System32\webio.dll - ok

22:19:13.0313 1592 [28E2231BD34A39C854BDF3923AB2FF86 ] C:\Windows\System32\ssdpapi.dll

22:19:13.0313 1592 C:\Windows\System32\ssdpapi.dll - ok

22:19:13.0313 1592 [BE6BD660CAA6F291AE06A718A4FA8ABC ] C:\Windows\System32\drivers\srvnet.sys

22:19:13.0313 1592 C:\Windows\System32\drivers\srvnet.sys - ok

22:19:13.0329 1592 [36650D618CA34C9D357DFD3D89B2C56F ] C:\Windows\System32\sysmain.dll

22:19:13.0329 1592 C:\Windows\System32\sysmain.dll - ok

22:19:13.0329 1592 [3EEBD3BD93DA46A26E89893C7AB2FF3B ] C:\Windows\System32\drivers\tcpipreg.sys

22:19:13.0329 1592 C:\Windows\System32\drivers\tcpipreg.sys - ok

22:19:13.0329 1592 [D318F23BE45D5E3A107469EB64815B50 ] C:\Windows\System32\sstpsvc.dll

22:19:13.0329 1592 C:\Windows\System32\sstpsvc.dll - ok

22:19:13.0329 1592 [613BF4820361543956909043A265C6AC ] C:\Windows\System32\tapisrv.dll

22:19:13.0329 1592 C:\Windows\System32\tapisrv.dll - ok

22:19:13.0344 1592 [8CD1DEE212E52B9C22E66DBA44991D32 ] C:\Windows\System32\httpapi.dll

22:19:13.0344 1592 C:\Windows\System32\httpapi.dll - ok

22:19:13.0344 1592 [4792C0378DB99A9BC2AE2DE6CFFF0C3A ] C:\Windows\System32\trkwks.dll

22:19:13.0344 1592 C:\Windows\System32\trkwks.dll - ok

22:19:13.0344 1592 [5E7C103F8475C4289847D15E129C20F7 ] C:\Program Files\Common Files\microsoftshared\Windows Live\WLIDSVC.EXE

22:19:13.0344 1592 C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVC.EXE- ok

22:19:13.0360 1592 [320B13F43726EB73B2D7AE8869AFAACE ] C:\Windows\System32\wbem\WMIsvc.dll

22:19:13.0360 1592 C:\Windows\System32\wbem\WMIsvc.dll - ok

22:19:13.0360 1592 [D475BBD6FEF8DB2DDE0DA7CCFD2C9042 ] C:\Program Files\Common Files\microsoftshared\Windows Live\SQMAPI.DLL

22:19:13.0360 1592 C:\Program Files\Common Files\microsoft shared\Windows Live\SQMAPI.DLL -ok

22:19:13.0360 1592 [6F8E3B7B70E1BBA871212940C1FBDF60 ] C:\Windows\System32\SensApi.dll

22:19:13.0360 1592 C:\Windows\System32\SensApi.dll - ok

22:19:13.0360 1592 [3FAE8F94296001C32EAB62CD7D82E0FD ] C:\Program Files\Windows Defender\MpSvc.dll

22:19:13.0360 1592 C:\Program Files\Windows Defender\MpSvc.dll - ok

22:19:13.0376 1592 [5A74597CC9007A25458F5F388A539B9D ] C:\Windows\System32\wbem\fastprox.dll

22:19:13.0376 1592 C:\Windows\System32\wbem\fastprox.dll - ok

22:19:13.0376 1592 [37B0CD67F64BE705AC1A7BB935E29DC5 ] C:\Windows\System32\wbem\WmiDcPrv.dll

22:19:13.0376 1592 C:\Windows\System32\wbem\WmiDcPrv.dll - ok

22:19:13.0376 1592 [D025E95247353BA8ADB53CFF3A4E5BBB ] C:\Program Files\AVASTSoftware\Avast\Setup\setiface.dll

22:19:13.0376 1592 C:\Program Files\AVAST Software\Avast\Setup\setiface.dll - ok

22:19:13.0376 1592 [40CAEEE0EAF1B8569F7C8DF6420F2CB9 ] C:\Windows\System32\sfc.dll

22:19:13.0376 1592 C:\Windows\System32\sfc.dll - ok

22:19:13.0376 1592 [84799328D87B3091A3BDD251E1AD31F9 ] C:\Windows\System32\sfc_os.dll

22:19:13.0376 1592 C:\Windows\System32\sfc_os.dll - ok

22:19:13.0391 1592 [590D5C506044FE02FF7643E32FF9BDAC ] C:\Windows\System32\wer.dll

22:19:13.0391 1592 C:\Windows\System32\wer.dll - ok

22:19:13.0391 1592 [4BE74D89321CEC08713334DD19A40E99 ] C:\Windows\System32\wbem\wbemcore.dll

22:19:13.0391 1592 C:\Windows\System32\wbem\wbemcore.dll - ok

22:19:13.0391 1592 [DBC02D918FFF1CAD628ACBE0C0EAA8E8 ] C:\Windows\System32\provsvc.dll

22:19:13.0391 1592 C:\Windows\System32\provsvc.dll - ok

22:19:13.0407 1592 [20308CF0675AD7CE5AAA6712DB823216 ] C:\Program Files\WindowsDefender\MpClient.dll

22:19:13.0407 1592 C:\Program Files\Windows Defender\MpClient.dll - ok

22:19:13.0407 1592 [A1D75BC780A95E3A57083309A42FF403 ] C:\Windows\System32\wbem\esscli.dll

22:19:13.0407 1592 C:\Windows\System32\wbem\esscli.dll - ok

22:19:13.0407 1592 [E3E811471DE781900FF21C1FD84E941E ] C:\Windows\System32\ntdsapi.dll

22:19:13.0407 1592 C:\Windows\System32\ntdsapi.dll - ok

22:19:13.0407 1592 [DD0042F0C3B606A6A8B92D49AFB18AD6 ] C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe

22:19:13.0407 1592 C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe - ok

22:19:13.0422 1592 [18F421D42906BDFFB4AA430834D368BE ] C:\Windows\System32\wbem\wbemsvc.dll

22:19:13.0422 1592 C:\Windows\System32\wbem\wbemsvc.dll - ok

22:19:13.0422 1592 [3E2EA277D6F5A437AE2D042EC76AB267 ] C:\Windows\System32\wbem\wmiutils.dll

22:19:13.0422 1592 C:\Windows\System32\wbem\wmiutils.dll - ok

22:19:13.0422 1592 [9C17DCD6DDFEB1A012544FAF4F2789F6 ] C:\Windows\AppPatch\AcGenral.dll

22:19:13.0422 1592 C:\Windows\AppPatch\AcGenral.dll - ok

22:19:13.0422 1592 [1CDEA9188899E76D4FFD54C9D512CCDB ] C:\Windows\System32\msxml3.dll

22:19:13.0422 1592 C:\Windows\System32\msxml3.dll - ok

22:19:13.0438 1592 [E88E5B0624CA15620F83EBF6476F2556 ] C:\Windows\System32\wbem\repdrvfs.dll

22:19:13.0438 1592 C:\Windows\System32\wbem\repdrvfs.dll - ok

22:19:13.0438 1592 [DAF0C7D1F4E9B057C8151D0B92A6BDA5 ] C:\Program Files\Common Files\microsoft shared\WindowsLive\WLIDSVCM.EXE

22:19:13.0438 1592 C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVCM.EXE- ok

22:19:13.0438 1592 [9FC7F8FAAE24EF80B7C86A184D6F8D9E ] C:\Windows\System32\wbem\WmiPrvSD.dll

22:19:13.0438 1592 C:\Windows\System32\wbem\WmiPrvSD.dll - ok

22:19:13.0438 1592 [03F0545BD8D4C77FA0AE1CEEDFCC71AB ] C:\Windows\System32\drivers\srv2.sys

22:19:13.0438 1592 C:\Windows\System32\drivers\srv2.sys - ok

22:19:13.0454 1592 [58F67245D041FBE7AF88F4EAF79DF0FA ] C:\Windows\System32\iphlpsvc.dll

22:19:13.0454 1592 C:\Windows\System32\iphlpsvc.dll - ok

22:19:13.0454 1592 [4D05A30591323B8F55D29A3B8283A867 ] C:\Windows\System32\ncobjapi.dll

22:19:13.0454 1592 C:\Windows\System32\ncobjapi.dll - ok

22:19:13.0454 1592 [E4C2764065D66EA1D2D3EBC28FE99C46 ] C:\Windows\System32\drivers\srv.sys

22:19:13.0454 1592 C:\Windows\System32\drivers\srv.sys - ok

22:19:13.0454 1592 [CE292C4C10B8DB6070F262EA2733F0DC ] C:\Windows\System32\sqmapi.dll

22:19:13.0454 1592 C:\Windows\System32\sqmapi.dll - ok

22:19:13.0469 1592 [A399514D3B28C9A3453A486BBAAFF1C7 ] C:\Windows\System32\wdscore.dll

22:19:13.0469 1592 C:\Windows\System32\wdscore.dll - ok

22:19:13.0469 1592 [5826854E4E420E29F59C2865F0FA562F ] C:\Program Files\Windows Defender\MpEvMsg.dll

22:19:13.0469 1592 C:\Program Files\Windows Defender\MpEvMsg.dll - ok

22:19:13.0469 1592 [CB9E04DC05EACF5B9A36CA276D475006 ] C:\Windows\System32\rasmans.dll

22:19:13.0469 1592 C:\Windows\System32\rasmans.dll - ok

22:19:13.0469 1592 [B2E1E4A16EDD02396F451F915FA3CBFA ] C:\Windows\System32\rastapi.dll

22:19:13.0469 1592 C:\Windows\System32\rastapi.dll - ok

22:19:13.0485 1592 [BA32509D9B340162327B341013DE6522 ] C:\Windows\System32\tapi32.dll

22:19:13.0485 1592 C:\Windows\System32\tapi32.dll - ok

22:19:13.0485 1592 [D64AF876D53ECA3668BB97B51B4E70AB ] C:\Windows\System32\srvsvc.dll

22:19:13.0485 1592 C:\Windows\System32\srvsvc.dll - ok

22:19:13.0485 1592 [3DAA727B5B0A45039B0E1C9A211B8400 ] C:\Windows\System32\browser.dll

22:19:13.0485 1592 C:\Windows\System32\browser.dll - ok

22:19:13.0485 1592 [2ECE1CAA08A27304197E5886A2211625 ] C:\Windows\System32\wbem\wbemess.dll

22:19:13.0485 1592 C:\Windows\System32\wbem\wbemess.dll - ok

22:19:13.0500 1592 [E4B72E71EC37A59FE574A998A0C0EB9B ] C:\Windows\System32\netmsg.dll

22:19:13.0500 1592 C:\Windows\System32\netmsg.dll - ok

22:19:13.0500 1592 [6383C60EC0133B14F5705F96369421B2 ] C:\Windows\System32\hnetcfg.dll

22:19:13.0500 1592 C:\Windows\System32\hnetcfg.dll - ok

22:19:13.0500 1592 [45D9F6CD2469CDB6A640DD4BD2B01471 ] C:\Windows\System32\nci.dll

22:19:13.0500 1592 C:\Windows\System32\nci.dll - ok

22:19:13.0500 1592 [8C338238C16777A802D6A9211EB2BA50 ] C:\Windows\System32\netprofm.dll

22:19:13.0500 1592 C:\Windows\System32\netprofm.dll - ok

22:19:13.0516 1592 [89E783711AF91AF09E1EF30EF3107446 ] C:\Windows\System32\sscore.dll

22:19:13.0516 1592 C:\Windows\System32\sscore.dll - ok

22:19:13.0516 1592 [AE9898D5600A232CD8AE3298692162E5 ] C:\Windows\System32\clusapi.dll

22:19:13.0516 1592 C:\Windows\System32\clusapi.dll - ok

22:19:13.0516 1592 [377F0C1DDBFA6A43CB7E7568BC0ECED0 ] C:\Windows\System32\unimdm.tsp

22:19:13.0516 1592 C:\Windows\System32\unimdm.tsp - ok

22:19:13.0516 1592 [2AF094C822BD6094F14A8E85FB51D52A ] C:\Windows\System32\resutils.dll

22:19:13.0516 1592 C:\Windows\System32\resutils.dll - ok

22:19:13.0532 1592 [1951C6F1E53079F6B29ECFF77EAF9403 ] C:\Windows\System32\wbem\WmiPrvSE.exe

22:19:13.0532 1592 C:\Windows\System32\wbem\WmiPrvSE.exe - ok

22:19:13.0532 1592 [F7FE730CE31B54145DEE1F1482BCCDD7 ] C:\Windows\System32\ndiscapCfg.dll

22:19:13.0532 1592 C:\Windows\System32\ndiscapCfg.dll - ok

22:19:13.0532 1592 [D4191EFAB91E00FC09257AA5EBAF503B ] C:\Windows\System32\mprapi.dll

22:19:13.0532 1592 C:\Windows\System32\mprapi.dll - ok

22:19:13.0532 1592 [761A3A4038C1FD4F5795427907C28484 ] C:\Windows\System32\rascfg.dll

22:19:13.0532 1592 C:\Windows\System32\rascfg.dll - ok

22:19:13.0547 1592 [E675DE8CF57D8814218733B3DAE896D7 ] C:\Windows\System32\uniplat.dll

22:19:13.0547 1592 C:\Windows\System32\uniplat.dll - ok

22:19:13.0547 1592 [9A7B54D57594233EEB17892BAD309970 ] C:\Windows\System32\mprmsg.dll

22:19:13.0547 1592 C:\Windows\System32\mprmsg.dll - ok

22:19:13.0547 1592 [CAFC0B884E5590B5E80D84F592388B3D ] C:\Windows\System32\tcpipcfg.dll

22:19:13.0547 1592 C:\Windows\System32\tcpipcfg.dll - ok

22:19:13.0547 1592 [53CA6BF58658815FCB472205291DD953 ] C:\Windows\System32\unimdmat.dll

22:19:13.0547 1592 C:\Windows\System32\unimdmat.dll - ok

22:19:13.0563 1592 [4355CF8BD07B0E48C111FC3D2F36D313 ] C:\Program Files\Common Files\microsoftshared\Windows Live\WLIDNSP.DLL

22:19:13.0563 1592 C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDNSP.DLL- ok

22:19:13.0563 1592 [CB67C2B94302DC94BC15ED6553A5C1C7 ] C:\Windows\System32\wbem\cimwin32.dll

22:19:13.0563 1592 C:\Windows\System32\wbem\cimwin32.dll - ok

22:19:13.0563 1592 [4EAF682E27490A3D45C0EBB6537EE6A8 ] C:\Windows\System32\modemui.dll

22:19:13.0563 1592 C:\Windows\System32\modemui.dll - ok

22:19:13.0563 1592 [C5F137E1031773C70155EEC7AE67C8AF ] C:\Windows\System32\framedynos.dll

22:19:13.0563 1592 C:\Windows\System32\framedynos.dll - ok

22:19:13.0578 1592 [ED6EE83D61EBC683C2CD8E899EA6FEBE ] C:\Windows\System32\rasadhlp.dll

22:19:13.0578 1592 C:\Windows\System32\rasadhlp.dll - ok

22:19:13.0578 1592 [EC1DE9D1B243F9F55C5ECEF5BE6D44AF ] C:\Program Files\Comodo\COMODO InternetSecurity\platform.dll

22:19:13.0578 1592 C:\Program Files\Comodo\COMODO Internet Security\platform.dll - ok

22:19:13.0578 1592 [93AA270F261712762F50D1008B720BE2 ] C:\Program Files\Comodo\COMODO InternetSecurity\scanners\common.cav

22:19:13.0578 1592 C:\Program Files\Comodo\COMODO Internet Security\scanners\common.cav -ok

22:19:13.0578 1592 [F3FB146CDBDD26FCD0CF7941C547BEE4 ] C:\Windows\System32\kmddsp.tsp

22:19:13.0594 1592 C:\Windows\System32\kmddsp.tsp - ok

22:19:13.0594 1592 [B321B17EC88DE967221D911698545FCE ] C:\Program Files\Comodo\COMODO InternetSecurity\signmgr.dll

22:19:13.0594 1592 C:\Program Files\Comodo\COMODO Internet Security\signmgr.dll - ok

22:19:13.0594 1592 [AA11A26692E0DB2996CAEFE9EC61F61F ] C:\Windows\System32\ndptsp.tsp

22:19:13.0594 1592 C:\Windows\System32\ndptsp.tsp - ok

22:19:13.0594 1592 [AF40A76DDB6FB7376096A050421F5440 ] C:\Program Files\Comodo\COMODO InternetSecurity\scanners\fileid.cav

22:19:13.0594 1592 C:\Program Files\Comodo\COMODO Internet Security\scanners\fileid.cav -ok

22:19:13.0610 1592 [79137A2414DCE313516D0CCA0A44786E ] C:\Program Files\Comodo\COMODO InternetSecurity\scanners\pkann.dll

22:19:13.0610 1592 C:\Program Files\Comodo\COMODO Internet Security\scanners\pkann.dll - ok

22:19:13.0610 1592 [78DE417B7921DACA072059E6BF410FC7 ] C:\Windows\System32\wshnetbs.dll

22:19:13.0610 1592 C:\Windows\System32\wshnetbs.dll - ok

22:19:13.0610 1592 [E2F6CC0D191361EE94FEA3957653F531 ] C:\Windows\System32\hidphone.tsp

22:19:13.0610 1592 C:\Windows\System32\hidphone.tsp - ok

22:19:13.0610 1592 [B5ED2B62F0606893B6A397FD01867782 ] C:\Program Files\Comodo\COMODO InternetSecurity\scanners\mach32.dll

22:19:13.0610 1592 C:\Program Files\Comodo\COMODO Internet Security\scanners\mach32.dll -ok

22:19:13.0625 1592 [D743C51EF8E128AD21DF34214F18E3C2 ] C:\Program Files\Comodo\COMODO InternetSecurity\scanners\white.cav

22:19:13.0625 1592 C:\Program Files\Comodo\COMODO Internet Security\scanners\white.cav - ok

22:19:13.0625 1592 [67F9B5C7E215B48F9256757E9CC09A7B ] C:\Windows\System32\rasppp.dll

22:19:13.0625 1592 C:\Windows\System32\rasppp.dll - ok

22:19:13.0625 1592 [80B562B5B59ED850C328DD75F964F3D8 ] C:\Windows\System32\vpnike.dll

22:19:13.0625 1592 C:\Windows\System32\vpnike.dll - ok

22:19:13.0625 1592 [5C3F9DBA818CD93379D1A0F215270374 ] C:\Windows\System32\esent.dll

22:19:13.0625 1592 C:\Windows\System32\esent.dll - ok

22:19:13.0641 1592 [207CF171B1C6B8AE50C1FBF87363EEBC ] C:\Windows\System32\raschap.dll

22:19:13.0641 1592 C:\Windows\System32\raschap.dll - ok

22:19:13.0641 1592 [D1A079A0DE2EA524513B6930C24527A2 ] C:\Windows\System32\ipnathlp.dll

22:19:13.0641 1592 C:\Windows\System32\ipnathlp.dll - ok

22:19:13.0641 1592 [EAB975DB4C2805927FE5BD047D05C9AA ] C:\Windows\System32\netshell.dll

22:19:13.0641 1592 C:\Windows\System32\netshell.dll - ok

22:19:13.0641 1592 [46EF9DC96265FD0B423DB72E7C38C2A5 ] C:\Windows\System32\wdi.dll

22:19:13.0641 1592 C:\Windows\System32\wdi.dll - ok

22:19:13.0656 1592 [15E298B5EC5B89C5994A59863969D9FF ] C:\Windows\System32\npmproxy.dll

22:19:13.0656 1592 C:\Windows\System32\npmproxy.dll - ok

22:19:13.0656 1592 [E98278865E8DABA21CFE5FE4BE34210A ] C:\Windows\System32\PortableDeviceApi.dll

22:19:13.0656 1592 C:\Windows\System32\PortableDeviceApi.dll - ok

22:19:13.0656 1592 [AA53356D60AF47EACC85BC617A4F3F66 ] C:\Windows\System32\wpdbusenum.dll

22:19:13.0656 1592 C:\Windows\System32\wpdbusenum.dll - ok

22:19:13.0656 1592 [53946B69BA0836BD95B03759530C81EC ] C:\Windows\System32\IPSECSVC.DLL

22:19:13.0656 1592 C:\Windows\System32\IPSECSVC.DLL - ok

22:19:13.0672 1592 [DB603D3FD090C66F9709EF6493C26BA3 ] C:\Windows\System32\FwRemoteSvr.dll

22:19:13.0672 1592 C:\Windows\System32\FwRemoteSvr.dll - ok

22:19:13.0672 1592 [ECF036299AA554B5E0455262857B39D0 ] C:\Windows\System32\diagperf.dll

22:19:13.0672 1592 C:\Windows\System32\diagperf.dll - ok

22:19:13.0672 1592 [7E82616BEE76BF5EAA5B30F681414E21 ] C:\Windows\System32\perftrack.dll

22:19:13.0672 1592 C:\Windows\System32\perftrack.dll - ok

22:19:13.0672 1592 [C693E642ACFBDD76433AF6BE3C3EEE6F ]C:\Windows\System32\PortableDeviceConnectApi.dll

22:19:13.0672 1592 C:\Windows\System32\PortableDeviceConnectApi.dll - ok

22:19:13.0688 1592 [8B794AE6D5C7D42092804BC39A2EB8F6 ] C:\Windows\System32\aepic.dll

22:19:13.0688 1592 C:\Windows\System32\aepic.dll - ok

22:19:13.0688 1592 [D99621C0735B21DCC8BC4FEF02F379EF ] C:\Windows\System32\Apphlpdm.dll

22:19:13.0688 1592 C:\Windows\System32\Apphlpdm.dll - ok

22:19:13.0688 1592 [F8E882C10AF4C29E378D1E28D4817CB1 ] C:\Windows\System32\pnpts.dll

22:19:13.0688 1592 C:\Windows\System32\pnpts.dll - ok

22:19:13.0688 1592 [F0016853FA3F38F55FD868FF74C0359B ] C:\Windows\System32\wdiasqmmodule.dll

22:19:13.0688 1592 C:\Windows\System32\wdiasqmmodule.dll - ok

22:19:13.0703 1592 [A63DC5C2EA944E6657203E0C8EDEAF61 ] C:\Windows\System32\dllhost.exe

22:19:13.0703 1592 C:\Windows\System32\dllhost.exe - ok

22:19:13.0703 1592 [9C09AF87AC7351985AB5FFBA3FC52575 ] C:\Program Files\AVASTSoftware\Avast\AhResBhv.dll

22:19:13.0703 1592 C:\Program Files\AVAST Software\Avast\AhResBhv.dll - ok

22:19:13.0703 1592 [E844C96552989FA1ECA95778583A904C ] C:\Program Files\AVASTSoftware\Avast\AhResJs.dll

22:19:13.0703 1592 C:\Program Files\AVAST Software\Avast\AhResJs.dll - ok

22:19:13.0703 1592 [17F5861A03516864A5F4CC04C7324278 ] C:\Program Files\AVASTSoftware\Avast\AhResMai.dll

22:19:13.0703 1592 C:\Program Files\AVAST Software\Avast\AhResMai.dll - ok

22:19:13.0719 1592 [8BEC10C53E927CD5E442FE332804F1AC ] C:\Program Files\AVASTSoftware\Avast\AhResMes.dll

22:19:13.0719 1592 C:\Program Files\AVAST Software\Avast\AhResMes.dll - ok

22:19:13.0719 1592 [9B2F20ECF609EDF54FEC43E792028261 ] C:\Program Files\AVASTSoftware\Avast\AhResNS.dll

22:19:13.0719 1592 C:\Program Files\AVAST Software\Avast\AhResNS.dll - ok

22:19:13.0719 1592 [857661F2E5A677CFB6D3B2CF6E428227 ] C:\Program Files\AVASTSoftware\Avast\AhResP2P.dll

22:19:13.0719 1592 C:\Program Files\AVAST Software\Avast\AhResP2P.dll - ok

22:19:13.0734 1592 [2466ED58B8EFB3320BCA73ACF8179D24 ] C:\Program Files\AVASTSoftware\Avast\AhResStd.dll

22:19:13.0734 1592 C:\Program Files\AVAST Software\Avast\AhResStd.dll - ok

22:19:13.0734 1592 [0B31464B7B2D616BD5F7036673588EC1 ] C:\Windows\System32\IDStore.dll

22:19:13.0734 1592 C:\Windows\System32\IDStore.dll - ok
22:19:13.0734 1592 [5D9550E02D981B92B133E5F8F7BDF8D2 ] C:\Program Files\AVASTSoftware\Avast\AhResWS.dll

22:19:13.0734 1592 C:\Program Files\AVAST Software\Avast\AhResWS.dll - ok

22:19:13.0734 1592 [72E953215CADE1A726C04AAFDF6B463D ] C:\Windows\System32\taskhost.exe

22:19:13.0734 1592 C:\Windows\System32\taskhost.exe - ok

22:19:13.0750 1592 [7853D2AB445C10F97610B2B05FA4CF0A ] C:\Program Files\Malwarebytes'Anti-Malware\mbamgui.exe

22:19:13.0750 1592 C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe - ok

22:19:13.0750 1592 [61AC3EFDFACFDD3F0F11DD4FD4044223 ] C:\Windows\System32\userinit.exe

22:19:13.0750 1592 C:\Windows\System32\userinit.exe - ok

22:19:13.0750 1592 [7319102526BD11B45FD66335CF90CA12 ] C:\Windows\System32\HotStartUserAgent.dll

22:19:13.0750 1592 C:\Windows\System32\HotStartUserAgent.dll - ok

22:19:13.0750 1592 [505BF4D1CADEB8D4F8BCD08D944DE25D ] C:\Windows\System32\dwm.exe

22:19:13.0750 1592 C:\Windows\System32\dwm.exe - ok

22:19:13.0766 1592 [754AFC50022C95DA7C86B7020DB78136 ] C:\Windows\System32\dwmredir.dll

22:19:13.0766 1592 C:\Windows\System32\dwmredir.dll - ok

22:19:13.0766 1592 [0B7E85364CB878E2AD531DB7B601A9E5 ] C:\Windows\System32\NapiNSP.dll

22:19:13.0766 1592 C:\Windows\System32\NapiNSP.dll - ok

22:19:13.0766 1592 [5CF640EDDB1E40A5AB1BB743BCDEC610 ] C:\Windows\System32\pnrpnsp.dll

22:19:13.0766 1592 C:\Windows\System32\pnrpnsp.dll - ok

22:19:13.0766 1592 [497E59D9F01C6F247E72222A61835119 ] C:\Windows\System32\dwmcore.dll

22:19:13.0766 1592 C:\Windows\System32\dwmcore.dll - ok

22:19:13.0781 1592 [5DF5D8CFD9B9573FA3B2C89D9061A240 ] C:\Windows\System32\winrnr.dll

22:19:13.0781 1592 C:\Windows\System32\winrnr.dll - ok

22:19:13.0781 1592 [F58516E2DC0D963EF70D6BFC21FD82C4 ] C:\Windows\System32\PlaySndSrv.dll

22:19:13.0781 1592 C:\Windows\System32\PlaySndSrv.dll - ok

22:19:13.0781 1592 [7FFD52D73352806969D424EF327D10A7 ] C:\Windows\System32\radardt.dll

22:19:13.0781 1592 C:\Windows\System32\radardt.dll - ok

22:19:13.0781 1592 [2DE90400A63818FA38C4C5C9ADB166BF ] C:\Windows\System32\d3d10_1.dll

22:19:13.0781 1592 C:\Windows\System32\d3d10_1.dll - ok

22:19:13.0797 1592 [9C36A3CA80F9B204C670336D344F5DF8 ] C:\Windows\System32\d3d10_1core.dll

22:19:13.0797 1592 C:\Windows\System32\d3d10_1core.dll - ok

22:19:13.0797 1592 [0411B7958C524BB2E91EE1B3035FE321 ] C:\Windows\System32\dxgi.dll

22:19:13.0797 1592 C:\Windows\System32\dxgi.dll - ok

22:19:13.0797 1592 [B43687C534A49700BF4B3C9898763752 ] C:\Windows\System32\MsCtfMonitor.dll

22:19:13.0797 1592 C:\Windows\System32\MsCtfMonitor.dll - ok

22:19:13.0797 1592 [56CEED370508F69A1BA04939BD1BADDA ] C:\Windows\System32\msutb.dll

22:19:13.0797 1592 C:\Windows\System32\msutb.dll - ok

22:19:13.0812 1592 [8B88EBBB05A0E56B7DCC708498C02B3E ] C:\Windows\explorer.exe

22:19:13.0812 1592 C:\Windows\explorer.exe - ok

22:19:13.0812 1592 [68A6FB30CE9E102EA237A378667559C1 ] C:\Windows\System32\atidxx32.dll

22:19:13.0812 1592 C:\Windows\System32\atidxx32.dll - ok

22:19:13.0812 1592 [9F58BD53212E2AFF451724286D728DB2 ] C:\Windows\System32\atiuxpag.dll

22:19:13.0812 1592 C:\Windows\System32\atiuxpag.dll - ok

22:19:13.0812 1592 [E2A17BCC08D92F42E08AF6BA2F93ABA7 ] C:\Windows\System32\ExplorerFrame.dll

22:19:13.0812 1592 C:\Windows\System32\ExplorerFrame.dll - ok

22:19:13.0828 1592 [2100560AF3F7F2948F2676E44DFB4ECF ] C:\Windows\System32\uDWM.dll

22:19:13.0828 1592 C:\Windows\System32\uDWM.dll - ok

22:19:13.0828 1592 [4D153BDE01AA3FD33414199052051549 ] C:\Program Files\AVASTSoftware\Avast\ashShell.dll

22:19:13.0828 1592 C:\Program Files\AVAST Software\Avast\ashShell.dll - ok

22:19:13.0828 1592 [846D0E4DB261CFAF363902E41498E961 ] C:\Windows\System32\EhStorShell.dll

22:19:13.0828 1592 C:\Windows\System32\EhStorShell.dll - ok

22:19:13.0828 1592 [57A51217581614DE07F30E34D6BB4993 ] C:\Windows\System32\cscdll.dll

22:19:13.0828 1592 C:\Windows\System32\cscdll.dll - ok

22:19:13.0844 1592 [3EC541C196DE18ED9A0D0AC82A694D4C ] C:\Windows\System32\cscui.dll

22:19:13.0844 1592 C:\Windows\System32\cscui.dll - ok

22:19:13.0844 1592 [03F3B770DFBED6131653CEDA8CA780F0 ] C:\Windows\System32\ntshrui.dll

22:19:13.0844 1592 C:\Windows\System32\ntshrui.dll - ok

22:19:13.0844 1592 [523CF74A52C9A1762DA8B83AEE734498 ] C:\Windows\System32\IconCodecService.dll

22:19:13.0844 1592 C:\Windows\System32\IconCodecService.dll - ok

22:19:13.0844 1592 [FB1959012294D6AD43E5304DF65E3C26 ] C:\Windows\System32\appinfo.dll

22:19:13.0844 1592 C:\Windows\System32\appinfo.dll - ok

22:19:13.0859 1592 [1683774D357D5CFFCDC871493E19F58F ] C:\Program Files\AVASTSoftware\Avast\defs\13020101\aswAR.dll

22:19:13.0859 1592 C:\Program Files\AVAST Software\Avast\defs\13020101\aswAR.dll - ok

22:19:13.0859 1592 [BFBFAFFC60EBB5754F37868CAA876BF1 ] C:\Program Files\AVASTSoftware\Avast\defs\13020101\aswRawFS.dll

22:19:13.0859 1592 C:\Program Files\AVAST Software\Avast\defs\13020101\aswRawFS.dll - ok

22:19:13.0859 1592 [D44741F65A1D71F65814A12CF6E2400A ] C:\Windows\System32\runonce.exe

22:19:13.0859 1592 C:\Windows\System32\runonce.exe - ok

22:19:13.0859 1592 [9E6AF823733C70E207D9FB6731A63B3D ] C:\Windows\System32\wlaninst.dll

22:19:13.0859 1592 C:\Windows\System32\wlaninst.dll - ok

22:19:13.0875 1592 [AD7B9C14083B52BC532FBA5948342B98 ] C:\Windows\System32\cmd.exe

22:19:13.0875 1592 C:\Windows\System32\cmd.exe - ok

22:19:13.0875 1592 [5B6EF0861BB5AC0EC347548E85C24A1D ] C:\Windows\System32\wwaninst.dll

22:19:13.0875 1592 C:\Windows\System32\wwaninst.dll - ok

22:19:13.0875 1592 [3FA214B377B8711D859F950FDFEFF739 ] C:\Windows\System32\conhost.exe

22:19:13.0875 1592 C:\Windows\System32\conhost.exe - ok

22:19:13.0875 1592 [4B9E4CE667DF26ADA061AA81E9AA841D ] C:\Windows\System32\spfileq.dll

22:19:13.0875 1592 C:\Windows\System32\spfileq.dll - ok

22:19:13.0890 1592 [5466DCAEF5A648E04D1B6580F2C901B5 ] C:\Windows\System32\ieframe.dll

22:19:13.0890 1592 C:\Windows\System32\ieframe.dll - ok

22:19:13.0890 1592 [BE247AE996A9FDE007A27B51413A6C79 ] C:\Windows\System32\shdocvw.dll

22:19:13.0890 1592 C:\Windows\System32\shdocvw.dll - ok

22:19:13.0890 1592 [EBC984F0CE40E0DAF0454D806EC2A7EC ]C:\Users\HP\AppData\Local\Temp\BC446AFD-895F-41B5-AD77-9FD306EFF4E6.exe

22:19:13.0890 1592 C:\Users\HP\AppData\Local\Temp\BC446AFD-895F-41B5-AD77-9FD306EFF4E6.exe- ok

22:19:13.0890 1592 [089B5F924E96BA9C40E4E4522BF43770 ] C:\Program Files\Windows Defender\MpRTP.dll

22:19:13.0890 1592 C:\Program Files\Windows Defender\MpRTP.dll - ok

22:19:13.0906 1592 [8D47D01378347889A662D54037A988CC ] C:\Windows\System32\tdh.dll

22:19:13.0906 1592 C:\Windows\System32\tdh.dll - ok

22:19:13.0906 1592 [5F4B4BD17FA4C8D03A4D1B5D9FF96641 ] C:\ProgramData\Microsoft\WindowsDefender\Definition Updates\{4BE828DF-3D6B-49F9-BB87-5DAC48452302}\mpengine.dll

22:19:13.0906 1592 C:\ProgramData\Microsoft\Windows Defender\DefinitionUpdates\{4BE828DF-3D6B-49F9-BB87-5DAC48452302}\mpengine.dll - ok

22:19:13.0906 1592 [4C1A82E9362DF1282355FBA3037DF0C4 ] C:\ProgramData\Microsoft\WindowsDefender\Definition Updates\{4BE828DF-3D6B-49F9-BB87-5DAC48452302}\mpasbase.vdm

22:19:13.0906 1592 C:\ProgramData\Microsoft\Windows Defender\DefinitionUpdates\{4BE828DF-3D6B-49F9-BB87-5DAC48452302}\mpasbase.vdm - ok

22:19:13.0906 1592 [6B5AC4588C730D75DECB3CC8AD23AA24 ] C:\ProgramData\Microsoft\WindowsDefender\Definition Updates\{4BE828DF-3D6B-49F9-BB87-5DAC48452302}\mpasdlta.vdm

22:19:13.0906 1592 C:\ProgramData\Microsoft\Windows Defender\DefinitionUpdates\{4BE828DF-3D6B-49F9-BB87-5DAC48452302}\mpasdlta.vdm - ok

22:19:13.0922 1592 [3CA5D661E6C5DDE5574D02F324C32E53 ] C:\Program Files\WindowsDefender\MsMpLics.dll

22:19:13.0922 1592 C:\Program Files\Windows Defender\MsMpLics.dll - ok

22:19:13.0922 1592 [7DF186D86CF8C571A12AAB788C777F84 ] C:\Windows\System32\wscproxystub.dll

22:19:13.0922 1592 C:\Windows\System32\wscproxystub.dll - ok

22:19:13.0922 1592 [4F2659160AFCCA990305816946F69407 ] C:\Windows\System32\taskeng.exe

22:19:13.0922 1592 C:\Windows\System32\taskeng.exe - ok

22:19:13.0937 1592 [74AF6AA2E8B3180AADAE5FE8813CB1CD ] C:\Windows\System32\localspl.dll

22:19:13.0937 1592 C:\Windows\System32\localspl.dll- ok

22:19:13.0937 1592 [629181C26A78EB66B0B4E774E5AC2882 ] C:\Windows\System32\spoolss.dll

22:19:13.0937 1592 C:\Windows\System32\spoolss.dll - ok

22:19:13.0937 1592 [126F8331BD023178C7F0EF2F5EDE16B3 ] C:\Windows\System32\FXSMON.dll

22:19:13.0937 1592 C:\Windows\System32\FXSMON.dll - ok

22:19:13.0937 1592 [03CF941D031F30272D3063E5A4D686F5 ] C:\Windows\System32\PrintIsolationProxy.dll

22:19:13.0937 1592 C:\Windows\System32\PrintIsolationProxy.dll - ok

22:19:13.0953 1592 [B390C1D825C7687493BEDE237C6C2F25 ] C:\Windows\System32\tcpmon.dll

22:19:13.0953 1592 C:\Windows\System32\tcpmon.dll - ok

22:19:13.0953 1592 [1220595CABA75AB91A6B3FA3B89483CC ] C:\Windows\System32\snmpapi.dll

22:19:13.0953 1592 C:\Windows\System32\snmpapi.dll - ok

22:19:13.0953 1592 [6357E2B68753A1F5CF4A68A25C4FD14A ] C:\Windows\System32\wsnmp32.dll

22:19:13.0953 1592 C:\Windows\System32\wsnmp32.dll - ok

22:19:13.0953 1592 [923CDD30092DB73EC4A0EBCDDD16C686 ] C:\Windows\System32\usbmon.dll

22:19:13.0953 1592 C:\Windows\System32\usbmon.dll - ok

22:19:13.0968 1592 [A8EB761DE499242BECF153B2B34F020E ] C:\Windows\System32\WSDMon.dll

22:19:13.0968 1592 C:\Windows\System32\WSDMon.dll - ok

22:19:13.0968 1592 [73F6C5223F7E9B5780DD4A6C30FCF569 ] C:\Windows\System32\WSDApi.dll

22:19:13.0968 1592 C:\Windows\System32\WSDApi.dll - ok

22:19:13.0968 1592 [DB846EECA70EE9D2E2FF31147C57B0F4 ] C:\Windows\System32\webservices.dll

22:19:13.0968 1592 C:\Windows\System32\webservices.dll - ok

22:19:13.0968 1592 [99B9343280AF6A4C0F27CF2E28E94BBF ] C:\Windows\System32\dssenh.dll

22:19:13.0968 1592 C:\Windows\System32\dssenh.dll - ok

22:19:13.0984 1592 [89D90579E5FB1469CB0464F6512E42B7 ] C:\Windows\System32\fundisc.dll

22:19:13.0984 1592 C:\Windows\System32\fundisc.dll - ok

22:19:13.0984 1592 [F34CFADA6C48DAA41B996D24C7D8D3CA ] C:\Windows\System32\fdPnp.dll

22:19:13.0984 1592 C:\Windows\System32\fdPnp.dll - ok

22:19:13.0984 1592 [8BF7934B6DD2461E3E7BF21FD16FEFFD ] C:\Windows\System32\spool\prtprocs\w32x86\ActPrint.dll

22:19:13.0984 1592 C:\Windows\System32\spool\prtprocs\w32x86\ActPrint.dll - ok

22:19:13.0984 1592 [CD72C6406BA561BED6D42CB145E55307 ]C:\Windows\System32\spool\prtprocs\w32x86\winprint.dll

22:19:13.0984 1592 C:\Windows\System32\spool\prtprocs\w32x86\winprint.dll - ok

22:19:14.0000 1592 [D27DDE7E0444C7F1819F958469EB7D93 ] C:\Windows\System32\inetpp.dll

22:19:14.0000 1592 C:\Windows\System32\inetpp.dll - ok

22:19:14.0000 1592 [52CCA2E9FFD0653CACED1E808AADE4B6 ] C:\Windows\System32\win32spl.dll

22:19:14.0000 1592 C:\Windows\System32\win32spl.dll - ok

22:19:14.0000 1592 [659E04E74135927CA6D7BC5E75C84417 ] C:\Windows\System32\TSChannel.dll

22:19:14.0000 1592 C:\Windows\System32\TSChannel.dll - ok

22:19:14.0000 1592 [506708142BC63DABA64F2D3AD1DCD5BF ] C:\ProgramFiles\Google\Update\GoogleUpdate.exe

22:19:14.0000 1592 C:\Program Files\Google\Update\GoogleUpdate.exe - ok

22:19:14.0015 1592 [9FF47CD8A3787C8FD3CDFE40441C722E ] C:\ProgramFiles\Google\Update\1.3.21.123\goopdate.dll

22:19:14.0015 1592 C:\Program Files\Google\Update\1.3.21.123\goopdate.dll - ok

22:19:14.0015 1592 [AE5A69F44C1F97EDC83237FC0B29B6FB ] C:\ProgramFiles\Google\Update\1.3.21.123\GoogleCrashHandler.exe

22:19:14.0015 1592 C:\Program Files\Google\Update\1.3.21.123\GoogleCrashHandler.exe - ok

22:19:14.0015 1592 [C0B8B96D018849FD8CCF15FED84E8782 ] C:\Windows\System32\ie4uinit.exe

22:19:14.0015 1592 C:\Windows\System32\ie4uinit.exe - ok

22:19:14.0015 1592 [F0FEFB0B5D25A75D478A4317139D937E ] C:\Windows\System32\iedkcs32.dll

22:19:14.0015 1592 C:\Windows\System32\iedkcs32.dll - ok

22:19:14.0031 1592 [7E9917D5309A90E7576653BFE39F80D8 ] C:\Windows\System32\timedate.cpl

22:19:14.0031 1592 C:\Windows\System32\timedate.cpl - ok

22:19:14.0031 1592 [D2958325C1AE1AE37A83334C6229E3BC ] C:\Windows\System32\actxprxy.dll

22:19:14.0031 1592 C:\Windows\System32\actxprxy.dll - ok

22:19:14.0031 1592 [5987EA8A82C53359BCD2C29D6588583E ] C:\Windows\System32\linkinfo.dll

22:19:14.0031 1592 C:\Windows\System32\linkinfo.dll - ok

22:19:14.0031 1592 [459F120CEFB7E41FBFE3668C0234B0A5 ] C:\PROGRA~1\WIC4A1~1\MESSEN~1\msgslang.dll

22:19:14.0031 1592 C:\PROGRA~1\WIC4A1~1\MESSEN~1\msgslang.dll - ok

22:19:14.0046 1592 [64E211E0FDFCE4D186DF58BB7D0503BC ] C:\Windows\System32\gameux.dll

22:19:14.0046 1592 C:\Windows\System32\gameux.dll - ok

22:19:14.0046 1592 [3A16EA01FCFAAB40882DB5BFEE632322 ] C:\Windows\System32\msftedit.dll

22:19:14.0046 1592 C:\Windows\System32\msftedit.dll - ok

22:19:14.0046 1592 [7896EFFDEE215C172BE724A64931EF1C ] C:\Program Files\Common Files\microsoftshared\ink\tiptsf.dll

22:19:14.0046 1592 C:\Program Files\Common Files\microsoft shared\ink\tiptsf.dll - ok

22:19:14.0046 1592 [35AAE2E841AA1A949775168E119482C9 ] C:\Windows\System32\msls31.dll

22:19:14.0046 1592 C:\Windows\System32\msls31.dll - ok

22:19:14.0062 1592 [F1278B3514EA6FA9BC39B20D26139AAC ] C:\Windows\System32\msiltcfg.dll

22:19:14.0062 1592 C:\Windows\System32\msiltcfg.dll - ok

22:19:14.0062 1592 [083649EF692A066880C9326020915AFE ] C:\Program Files\AVASTSoftware\Avast\AvastUI.exe

22:19:14.0062 1592 C:\Program Files\AVAST Software\Avast\AvastUI.exe - ok

22:19:14.0062 1592 [175383778EB24D98C84E624021E3AA0B ] C:\Windows\System32\aeevts.dll

22:19:14.0062 1592 C:\Windows\System32\aeevts.dll - ok

22:19:14.0062 1592 [179EED57FED3C7422A559633641032BA ] C:\Program Files\AVASTSoftware\Avast\aswUtil.dll

22:19:14.0062 1592 C:\Program Files\AVAST Software\Avast\aswUtil.dll - ok

22:19:14.0078 1592 [8B00D2EEFF0847E14B848C1AA034B044 ] C:\Windows\System32\igfxtray.exe

22:19:14.0078 1592 C:\Windows\System32\igfxtray.exe - ok

22:19:14.0078 1592 [02A42D3550FADA69A79B876C771EF705 ] C:\Windows\System32\hccutils.dll

22:19:14.0078 1592 C:\Windows\System32\hccutils.dll - ok

22:19:14.0078 1592 [672D7C5080ACB003343006405DA2E621 ] C:\Windows\System32\thumbcache.dll

22:19:14.0078 1592 C:\Windows\System32\thumbcache.dll - ok

22:19:14.0093 1592 [C271E1A2E3AC413239A11E35AFADA44E ] C:\Windows\System32\hkcmd.exe

22:19:14.0093 1592 C:\Windows\System32\hkcmd.exe - ok

22:19:14.0093 1592 [ED2F52A2A05103ED706B678AA28232BC ] C:\Windows\System32\igfxpers.exe

22:19:14.0093 1592 C:\Windows\System32\igfxpers.exe - ok

22:19:14.0093 1592 [3D57FFBAD3ED16B63DE3879BAB0FB56F ] C:\Windows\System32\networkexplorer.dll

22:19:14.0093 1592 C:\Windows\System32\networkexplorer.dll - ok

22:19:14.0093 1592 [CA6ADE4F7761BB15B3325356DC3B82BB ]C:\Windows\winsxs\x86_microsoft.vc90.mfc_1fc8b3b9a1e18e3b_9.0.30729.6161_none_4bf7e3e2bf9ada4c\mfc90u.dll

22:19:14.0093 1592 C:\Windows\winsxs\x86_microsoft.vc90.mfc_1fc8b3b9a1e18e3b_9.0.30729.6161_none_4bf7e3e2bf9ada4c\mfc90u.dll- ok

22:19:14.0109 1592 [94444693EA13A72F6820DFF844A1122E ] C:\ProgramFiles\Synaptics\SynTP\SynTPEnh.exe

22:19:14.0109 1592 C:\Program Files\Synaptics\SynTP\SynTPEnh.exe - ok

22:19:14.0109 1592 [2A39F32E0067CBF221611FE1FA8C6D8F ] C:\Windows\System32\DeviceCenter.dll

22:19:14.0109 1592 C:\Windows\System32\DeviceCenter.dll - ok

22:19:14.0109 1592 [03FF6130F4385221ABFC392B67815EC4 ] C:\Windows\System32\SynCOM.dll

22:19:14.0109 1592 C:\Windows\System32\SynCOM.dll - ok

22:19:14.0109 1592 [7E5166B8098A378B9DD91B35CE75AADC ] C:\Windows\System32\SynTPAPI.dll

22:19:14.0109 1592 C:\Windows\System32\SynTPAPI.dll - ok

22:19:14.0124 1592 [1DC1CF8627E7551392F2FFA5382AC45D ] C:\Windows\System32\igfxsrvc.exe

22:19:14.0124 1592 C:\Windows\System32\igfxsrvc.exe - ok

22:19:14.0124 1592 [56671C5DD3E8163CE82C4936E0F59470 ] C:\Windows\System32\igfxsrvc.dll

22:19:14.0124 1592 C:\Windows\System32\igfxsrvc.dll - ok

22:19:14.0124 1592 [048194939D139538AFC3B720C5944873 ] C:\Windows\System32\igfxdev.dll

22:19:14.0124 1592 C:\Windows\System32\igfxdev.dll - ok

22:19:14.0124 1592 [51138BEEA3E2C21EC44D0932C71762A8 ] C:\Windows\System32\rundll32.exe

22:19:14.0124 1592 C:\Windows\System32\rundll32.exe - ok

22:19:14.0140 1592 [913D8A7F1B99D543453DA67CE62A085A ] C:\Windows\System32\igfxrenu.lrc

22:19:14.0140 1592 C:\Windows\System32\igfxrenu.lrc - ok

22:19:14.0140 1592 [3E802CE450D0E7A234978E9A2EA4772A ] C:\ProgramFiles\Synaptics\SynTP\SynTPHelper.exe

22:19:14.0140 1592 C:\Program Files\Synaptics\SynTP\SynTPHelper.exe - ok

22:19:14.0140 1592 [96C70BD48D49B87475F4572DEDC62EB9 ] C:\Windows\AppPatch\AcLayers.dll

22:19:14.0140 1592 C:\Windows\AppPatch\AcLayers.dll - ok

22:19:14.0140 1592 [3357A0F3AC3EDD0B9DCAD26E07464AA2 ] C:\Windows\System32\igfxress.dll

22:19:14.0140 1592 C:\Windows\System32\igfxress.dll - ok

22:19:14.0156 1592 [804D1B3F83682288619DF795543BF382 ] C:\Windows\System32\consent.exe

22:19:14.0156 1592 C:\Windows\System32\consent.exe - ok

22:19:14.0156 1592 [3CB07566302BCEEB898DE270A0BEC175 ] C:\Program Files\CommonFiles\Adobe\ARM\1.0\AdobeARM.exe

22:19:14.0156 1592 C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe - ok

22:19:14.0156 1592 [2DDEA2C345DA5BC589EFD398F220DB0E ] C:\Windows\System32\SyncCenter.dll

22:19:14.0156 1592 C:\Windows\System32\SyncCenter.dll - ok

22:19:14.0156 1592 [18AB2E5A40064ED5F7791AC5946A90F3 ] C:\Windows\System32\msimg32.dll

22:19:14.0156 1592 C:\Windows\System32\msimg32.dll - ok

22:19:14.0171 1592 [5AA4DF6CD3C96086955064BEC1CD0C9B ] C:\Program Files\Adobe\Reader10.0\Reader\AcroRd32.exe

22:19:14.0171 1592 C:\Program Files\Adobe\Reader 10.0\Reader\AcroRd32.exe - ok

22:19:14.0171 1592 [FBFCA1A574D47EE575448B719CBBF2E4 ]C:\Windows\winsxs\x86_microsoft.vc90.mfcloc_1fc8b3b9a1e18e3b_9.0.30729.6161_none_49768ef57548175e\MFC90ENU.DLL

22:19:14.0171 1592 C:\Windows\winsxs\x86_microsoft.vc90.mfcloc_1fc8b3b9a1e18e3b_9.0.30729.6161_none_49768ef57548175e\MFC90ENU.DLL- ok

22:19:14.0171 1592 [81ADBC4E31A721AEF23251A952049BA2 ] C:\Program Files\Adobe\Reader10.0\Reader\reader_sl.exe

22:19:14.0171 1592 C:\Program Files\Adobe\Reader 10.0\Reader\reader_sl.exe - ok

22:19:14.0171 1592 [CDB517386A26AE420CB24BDB3CD88779 ] C:\Program Files\Common Files\Research InMotion\USB Drivers\RIMBBLaunchAgent.exe

22:19:14.0171 1592 C:\Program Files\Common Files\Research In Motion\USBDrivers\RIMBBLaunchAgent.exe - ok

22:19:14.0187 1592 [30A0B072E647757CEDDA9E306D410410 ] C:\Program Files\Comodo\COMODO InternetSecurity\cfp.exe

22:19:14.0187 1592 C:\Program Files\Comodo\COMODO Internet Security\cfp.exe - ok

22:19:14.0187 1592 [13790C4FB6311ECE6D6763A7EC2313FB ] C:\Program Files\AVASTSoftware\Avast\aswAra.dll

22:19:14.0187 1592 C:\Program Files\AVAST Software\Avast\aswAra.dll - ok

22:19:14.0187 1592 [E5AE6E63005A79FA54859EFB75003A51 ] C:\Windows\System32\PrintDisp.exe

22:19:14.0187 1592 C:\Windows\System32\PrintDisp.exe - ok

22:19:14.0202 1592 [A3C190D644E88DE5872FC7FEC7377E35 ] C:\Windows\winsxs\x86_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.4940_none_d08cc06a442b34fc\msvcp80.dll

22:19:14.0202 1592 C:\Windows\winsxs\x86_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.4940_none_d08cc06a442b34fc\msvcp80.dll- ok

22:19:14.0202 1592 [DCCA4B04AF87E52EF9EAA2190E06CBAC ] C:\Program Files\Windows Sidebar\sidebar.exe

22:19:14.0202 1592 C:\Program Files\Windows Sidebar\sidebar.exe - ok

22:19:14.0202 1592 [1C7F1C3EA5894995E6C563E9AE9F029F ] C:\Windows\System32\l3codeca.acm

22:19:14.0202 1592 C:\Windows\System32\l3codeca.acm - ok

22:19:14.0202 1592 [5FF5E12F28725D14CAA3B408848ADFFC ]C:\Windows\winsxs\x86_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.4940_none_d08cc06a442b34fc\msvcr80.dll

22:19:14.0202 1592 C:\Windows\winsxs\x86_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.4940_none_d08cc06a442b34fc\msvcr80.dll- ok

22:19:14.0218 1592 [2A8681AEA24003040CA7D677BE9F1702 ] C:\Windows\System32\drivers\15530851.sys

22:19:14.0218 1592 C:\Windows\System32\drivers\15530851.sys - ok

22:19:14.0218 1592 [F0E7DEC6F7A3610949BDED0CA8CCB3EA ] C:\Program Files\AVASTSoftware\Avast\aswData.dll

22:19:14.0218 1592 C:\Program Files\AVAST Software\Avast\aswData.dll - ok

22:19:14.0218 1592 [AB6E3DF509C6BD59062F685A40395C23 ] C:\Program Files\AVASTSoftware\Avast\1033\uiLangRes.dll

22:19:14.0218 1592 C:\Program Files\AVAST Software\Avast\1033\uiLangRes.dll - ok

22:19:14.0218 1592 [AB04C6CE5DF23819B914F822E9AA0EDF ] C:\Program Files\AVASTSoftware\Avast\CommonRes.dll

22:19:14.0218 1592 C:\Program Files\AVAST Software\Avast\CommonRes.dll - ok

22:19:14.0234 1592 [07F649CD36F266BBE33B814FA678AA43 ] C:\Windows\System32\mshtml.dll

22:19:14.0234 1592 C:\Windows\System32\mshtml.dll - ok

22:19:14.0234 1592 [102CF6879887BBE846A00C459E6D4ABC ] C:\Windows\System32\riched20.dll

22:19:14.0234 1592 C:\Windows\System32\riched20.dll - ok

22:19:14.0234 1592 [0DCA6A11D09D4C2CBE6B898B897EA915 ] C:\Windows\System32\UIAnimation.dll

22:19:14.0234 1592 C:\Windows\System32\UIAnimation.dll - ok

22:19:14.0234 1592 [936F728E04ACCF3F38801CFFCF1E3F40 ] C:\Windows\System32\oledlg.dll

22:19:14.0234 1592 C:\Windows\System32\oledlg.dll - ok

22:19:14.0249 1592 [3481E6E8EE407D5E8AFB5E1B03A5D346 ] C:\Program Files\Comodo\COMODO InternetSecurity\cmdhtml.dll

22:19:14.0249 1592 C:\Program Files\Comodo\COMODO Internet Security\cmdhtml.dll - ok

22:19:14.0249 1592 [D8AA0D58DCB8355740C211321DE6DC3E ] C:\Program Files\Comodo\COMODO InternetSecurity\themes\black.theme

22:19:14.0249 1592 C:\Program Files\Comodo\COMODO Internet Security\themes\black.theme - ok

22:19:14.0249 1592 [190134696CF50E4DADD05D63F6E169B1 ] C:\Program Files\Comodo\COMODO InternetSecurity\themes\blue.theme

22:19:14.0249 1592 C:\Program Files\Comodo\COMODO Internet Security\themes\blue.theme - ok

22:19:14.0265 1592 [1D1EAA16D193C6A2D45981ED3914D22A ] C:\Windows\System32\msimtf.dll

22:19:14.0265 1592 C:\Windows\System32\msimtf.dll - ok

22:19:14.0265 1592 [6CE3126DC66249916DD6C990A31946F7 ] C:\Program Files\Comodo\COMODO InternetSecurity\themes\default.theme

22:19:14.0265 1592 C:\Program Files\Comodo\COMODO Internet Security\themes\default.theme -ok

22:19:14.0265 1592 [52BBCAB0E51370839ACA9CB81A6E2CA8 ] C:\Program Files\Comodo\COMODO InternetSecurity\themes\metal.theme

22:19:14.0265 1592 C:\Program Files\Comodo\COMODO Internet Security\themes\metal.theme - ok

22:19:14.0265 1592 [A3FA99A16F10D44EDB7A8C340FA2EE1B ] C:\Windows\System32\jscript9.dll

22:19:14.0265 1592 C:\Windows\System32\jscript9.dll - ok

22:19:14.0280 1592 [8B1E277F554228A84126402BBBDC32F4 ]C:\Windows\System32\Macromed\Flash\Flash32_11_4_402_287.ocx

22:19:14.0280 1592 C:\Windows\System32\Macromed\Flash\Flash32_11_4_402_287.ocx - ok

22:19:14.0280 1592 [35CEDE6439FF0D8903223A0817FFE46C ] C:\Windows\System32\d2d1.dll

22:19:14.0280 1592 C:\Windows\System32\d2d1.dll - ok

22:19:14.0280 1592 [A29D734F650F958424743BE3BAA052C8 ] C:\Windows\System32\DWrite.dll

22:19:14.0280 1592 C:\Windows\System32\DWrite.dll - ok

22:19:14.0280 1592 [B3A5EC6B6B6673DB7E87C2BCDBDDC074 ] C:\Windows\System32\FntCache.dll

22:19:14.0280 1592 C:\Windows\System32\FntCache.dll - ok

22:19:14.0296 1592 [0E85C11F8850D524B02181C6E02BA9AE ] C:\Windows\System32\dsound.dll

22:19:14.0296 1592 C:\Windows\System32\dsound.dll - ok

22:19:14.0296 1592 [78B7A3BDA25C90DAA50D36A56A8D1351 ] C:\Windows\System32\d3d10warp.dll

22:19:14.0296 1592 C:\Windows\System32\d3d10warp.dll - ok

22:19:14.0296 1592 [35A75C922D5827944CBD0F013186F0EF ] C:\Program Files\AVASTSoftware\Avast\defs\13020101\uiext.dll

22:19:14.0296 1592 C:\Program Files\AVAST Software\Avast\defs\13020101\uiext.dll - ok

22:19:14.0296 1592 [D512C583FA13AEF60B3DE766C3E9B53D ] C:\Windows\System32\atiu9pag.dll

22:19:14.0296 1592 C:\Windows\System32\atiu9pag.dll - ok

22:19:14.0312 1592 [27FC75229EEE367D4C0E643C108A90FA ] C:\Windows\System32\LocationApi.dll

22:19:14.0312 1592 C:\Windows\System32\LocationApi.dll - ok

22:19:14.0312 1592 [D6626C93BF7F557839C028D32247F910 ] C:\Windows\System32\SensorsApi.dll

22:19:14.0312 1592 C:\Windows\System32\SensorsApi.dll - ok

22:19:14.0312 1592 [B39B8CC163C41B12FE83E777199F3378 ] C:\Windows\System32\tzres.dll

22:19:14.0312 1592 C:\Windows\System32\tzres.dll - ok

22:19:14.0312 1592 [ADB45A977BD9E45790CA496DB84BA148 ] C:\Windows\System32\PortableDeviceTypes.dll

22:19:14.0327 1592 C:\Windows\System32\PortableDeviceTypes.dll - ok

22:19:14.0327 1592 [2572E1F0254E2267E97DE1B15D099EC4 ] C:\Windows\System32\d3d10.dll

22:19:14.0327 1592 C:\Windows\System32\d3d10.dll - ok

22:19:14.0327 1592 [547F78746F20901C770E8653B242217C ] C:\Windows\System32\d3d10core.dll

22:19:14.0327 1592 C:\Windows\System32\d3d10core.dll - ok

22:19:14.0327 1592 [4071D132E66ACDA3776F1FEAD19E6E01 ] C:\Windows\System32\vbscript.dll

22:19:14.0327 1592 C:\Windows\System32\vbscript.dll - ok

22:19:14.0343 1592 [55E5B32AE8D1F51A63C82919656FD275 ] C:\Windows\System32\dciman32.dll

22:19:14.0343 1592 C:\Windows\System32\dciman32.dll - ok

22:19:14.0343 1592 [198552AEFECA69D646867EC8D792DE95 ] C:\Windows\System32\ddraw.dll

22:19:14.0343 1592 C:\Windows\System32\ddraw.dll - ok

22:19:14.0343 1592 [2737F32EC02C979BBCADE06E7CF035E3 ] C:\Windows\System32\atiumdag.dll

22:19:14.0343 1592 C:\Windows\System32\atiumdag.dll - ok

22:19:14.0343 1592 [8EE6BDE1D572677AA35707C52C585F75 ] C:\Windows\System32\mlang.dll

22:19:14.0343 1592 C:\Windows\System32\mlang.dll - ok

22:19:14.0358 1592 [8DA4A933A7EE23ED56BAF0DAE0157971 ] C:\Windows\System32\atiumdva.dll

22:19:14.0358 1592 C:\Windows\System32\atiumdva.dll - ok

22:19:14.0358 1592 [E1C1197D2202843F1CBAFB449851C7F5 ] C:\Program Files\Windows Sidebar\wlsrvc.dll

22:19:14.0358 1592 C:\Program Files\Windows Sidebar\wlsrvc.dll - ok

22:19:14.0358 1592 [523214677C1D31D7991632C6D11E6B42 ] C:\Windows\System32\d3dim700.dll

22:19:14.0358 1592 C:\Windows\System32\d3dim700.dll - ok

22:19:14.0358 1592 [81E7E920312D372CF57A817049AC7C76 ] C:\Program Files\Common Files\microsoftshared\OFFICE14\MSOXMLMF.DLL

22:19:14.0358 1592 C:\Program Files\Common Files\microsoft shared\OFFICE14\MSOXMLMF.DLL -ok

22:19:14.0374 1592 [67C1B58706B47EEBA4E117AC197289E6 ] C:\Windows\System32\batmeter.dll

22:19:14.0374 1592 C:\Windows\System32\batmeter.dll - ok

22:19:14.0374 1592 [912649A1B3F9E6ACB3899FBDABA2ED5F ] C:\Windows\System32\stobject.dll

22:19:14.0374 1592 C:\Windows\System32\stobject.dll - ok

22:19:14.0374 1592 [C8333F1F77A1B2E25F2202E892CAF634 ] C:\Windows\System32\prnfldr.dll

22:19:14.0374 1592 C:\Windows\System32\prnfldr.dll - ok

22:19:14.0374 1592 [ADDB05C93272A62606599B24730BD645 ] C:\Windows\System32\DXP.dll

22:19:14.0374 1592 C:\Windows\System32\DXP.dll - ok

22:19:14.0390 1592 [856CFFCD835528136367BB1A8FE1DB87 ] C:\Windows\System32\Syncreg.dll

22:19:14.0390 1592 C:\Windows\System32\Syncreg.dll - ok

22:19:14.0390 1592 [F8F03D206F7D5811D630349A23E9B9B9 ] C:\Windows\ehome\ehSSO.dll

22:19:14.0390 1592 C:\Windows\ehome\ehSSO.dll - ok

22:19:14.0390 1592 [B2B3DAE040F6B5AE1DF52B0CD7631A18 ] C:\Windows\System32\AltTab.dll

22:19:14.0390 1592 C:\Windows\System32\AltTab.dll - ok

22:19:14.0390 1592 [735263DA17BF5BAF9CCD483843BF9D5A ] C:\Windows\System32\WPDShServiceObj.dll

22:19:14.0390 1592 C:\Windows\System32\WPDShServiceObj.dll - ok

22:19:14.0405 1592 [236F286E103FD44BD85FDD93097FD5DD ] C:\Windows\System32\SearchIndexer.exe

22:19:14.0405 1592 C:\Windows\System32\SearchIndexer.exe - ok

22:19:14.0405 1592 [465DBF63A5049E4DB4BC5C12FFE781CB ] C:\Windows\System32\tquery.dll

22:19:14.0405 1592 C:\Windows\System32\tquery.dll - ok

22:19:14.0405 1592 [0241CB16136B9A4939CA0395768AE286 ] C:\Windows\System32\mssrch.dll

22:19:14.0405 1592 C:\Windows\System32\mssrch.dll - ok

22:19:14.0405 1592 [3D6F22551D422F97AACB0BB927E4C846 ] C:\Windows\System32\pnidui.dll

22:19:14.0405 1592 C:\Windows\System32\pnidui.dll - ok

22:19:14.0421 1592 [81600E2E27ED61427AAD865B9BCDDB9D ] C:\Windows\System32\msidle.dll

22:19:14.0421 1592 C:\Windows\System32\msidle.dll - ok

22:19:14.0421 1592 [1CBF15FDB0310345A68972EB5C5B948F ] C:\Windows\System32\mssprxy.dll

22:19:14.0421 1592 C:\Windows\System32\mssprxy.dll - ok

22:19:14.0421 1592 [BD626EF05967D14C772B8096292731A3 ] C:\Windows\System32\QUTIL.DLL

22:19:14.0421 1592 C:\Windows\System32\QUTIL.DLL - ok

22:19:14.0421 1592 [CF4274CEEA9F7791FB7FC40A066BC2C7 ] C:\Windows\System32\cscobj.dll

22:19:14.0421 1592 C:\Windows\System32\cscobj.dll - ok

22:19:14.0436 1592 [D39DA70FEA6BD713682F70635587DA9E ] C:\Windows\System32\rasdlg.dll

22:19:14.0436 1592 C:\Windows\System32\rasdlg.dll - ok

22:19:14.0436 1592 [B63E24E9271E99FD4540E3CA22A937DA ] C:\Windows\System32\en-US\tquery.dll.mui

22:19:14.0436 1592 C:\Windows\System32\en-US\tquery.dll.mui - ok

22:19:14.0436 1592 [04B88428A872390D235BE52D38A9D4EF ] C:\Windows\System32\dot3api.dll

22:19:14.0436 1592 C:\Windows\System32\dot3api.dll - ok

22:19:14.0436 1592 [674B0C0F6A448EB185CAAB9C51D44032 ] C:\Windows\System32\srchadmin.dll

22:19:14.0436 1592 C:\Windows\System32\srchadmin.dll - ok

22:19:14.0452 1592 [B010CF886420EE29C2C276646721D255 ] C:\Windows\System32\wlanapi.dll

22:19:14.0452 1592 C:\Windows\System32\wlanapi.dll - ok

22:19:14.0452 1592 [8063046AA70B97CA9985672B8848FB2E ] C:\Windows\System32\wlanhlp.dll

22:19:14.0452 1592 C:\Windows\System32\wlanhlp.dll - ok

22:19:14.0452 1592 [C02AA67276FEE0C15CC4D6D616BDE95E ] C:\Windows\System32\WWanAPI.dll

22:19:14.0452 1592 C:\Windows\System32\WWanAPI.dll - ok

22:19:14.0452 1592 [F2ED6D00921CA138289E5E0CCB9ABF87 ] C:\Windows\System32\wwapi.dll

22:19:14.0452 1592 C:\Windows\System32\wwapi.dll - ok

22:19:14.0468 1592 [02530B0B7E048DD5AC8D52DAEACAEB2B ] C:\Windows\System32\QAGENT.DLL

22:19:14.0468 1592 C:\Windows\System32\QAGENT.DLL - ok

22:19:14.0468 1592 [E3D5E244807AD655787FCD25477CC1BC ] C:\Windows\System32\bthprops.cpl

22:19:14.0468 1592 C:\Windows\System32\bthprops.cpl - ok

22:19:14.0468 1592 [9A39A2A5F443A756C568C6ED5748AFE4 ] C:\Windows\System32\ActionCenter.dll

22:19:14.0468 1592 C:\Windows\System32\ActionCenter.dll - ok

22:19:14.0468 1592 [E1AC89F6C5252057E6062843E36A6701 ] C:\Windows\System32\SearchProtocolHost.exe

22:19:14.0468 1592 C:\Windows\System32\SearchProtocolHost.exe - ok

22:19:14.0483 1592 [5193DE33F3284C447E0D31DAFBF92570 ] C:\Windows\System32\webcheck.dll

22:19:14.0483 1592 C:\Windows\System32\webcheck.dll - ok

22:19:14.0483 1592 [A5D237B8673025B052C0E6FDB6A883E8 ] C:\Windows\System32\msshooks.dll

22:19:14.0483 1592 C:\Windows\System32\msshooks.dll - ok

22:19:14.0483 1592 [2D11BC8B460957E62E4420373A0D8BDA ] C:\Windows\System32\imapi2.dll

22:19:14.0483 1592 C:\Windows\System32\imapi2.dll - ok

22:19:14.0483 1592 [A6CD6B3F71E13E2E45B727FB8A47EA87 ] C:\Windows\System32\SearchFilterHost.exe

22:19:14.0483 1592 C:\Windows\System32\SearchFilterHost.exe - ok

22:19:14.0499 1592 [D83947A58613E9091B4C9CC0F1546A8D ] C:\Windows\System32\mscoree.dll

22:19:14.0499 1592 C:\Windows\System32\mscoree.dll - ok

22:19:14.0499 1592 [F5DF6846F30E9F54EA60CCAEB3FB2055 ]C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscoreei.dll

22:19:14.0499 1592 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscoreei.dll - ok

22:19:14.0499 1592 [C7952D0A4C43A965A1741916BB134751 ] C:\Windows\System32\hgcpl.dll

22:19:14.0499 1592 C:\Windows\System32\hgcpl.dll - ok

22:19:14.0499 1592 [ DB67C7C62038BDE813CB6486581A7611] C:\Windows\System32\mssph.dll

22:19:14.0499 1592 C:\Windows\System32\mssph.dll - ok

22:19:14.0514 1592 [8BC9DB92C4B2F3BE89185BEAB2AFC1F6 ] C:\Windows\System32\mapi32.dll

22:19:14.0514 1592 C:\Windows\System32\mapi32.dll - ok

22:19:14.0514 1592 [8B57A1AD493653BB57F281FE75DD175B ] C:\Windows\System32\NaturalLanguage6.dll

22:19:14.0514 1592 C:\Windows\System32\NaturalLanguage6.dll - ok

22:19:14.0514 1592 [2992932C1AB1D29A1A4A9E8CB8530CBF ] C:\Windows\System32\NlsData0009.dll

22:19:14.0514 1592 C:\Windows\System32\NlsData0009.dll - ok

22:19:14.0514 1592 [C8CB301BF896C7C556BBE963FADF5BB6 ] C:\Windows\System32\NlsLexicons0009.dll

22:19:14.0514 1592 C:\Windows\System32\NlsLexicons0009.dll - ok

22:19:14.0530 1592 [C2D6A4475B87651D5909E364439FDA52 ] C:\Windows\System32\FXSST.dll

22:19:14.0530 1592 C:\Windows\System32\FXSST.dll - ok
22:19:14.0530 1592 [942E57152F1CD0533644AB30EF1A4728 ] C:\Windows\System32\FXSAPI.dll

22:19:14.0530 1592 C:\Windows\System32\FXSAPI.dll - ok

22:19:14.0530 1592 [C4096CA42199428B3D63DC206C197F0E ] C:\Windows\System32\FXSRESM.dll

22:19:14.0530 1592 C:\Windows\System32\FXSRESM.dll - ok

22:19:14.0530 1592 [967EA5B213E9984CBE270205DF37755B ] C:\Windows\System32\FXSSVC.exe

22:19:14.0530 1592 C:\Windows\System32\FXSSVC.exe - ok

22:19:14.0530 1592 ============================================================

22:19:14.0530 1592 Scan finished

22:19:14.0530 1592 ============================================================

22:19:14.0546 3608 Detected object count: 1

22:19:14.0546 3608 Actual detected object count: 1

22:20:00.0238 3608 Printer Control ( UnsignedFile.Multi.Generic ) - skipped by user

22:20:00.0238 3608 Printer Control ( UnsignedFile.Multi.Generic ) - User select action:Skip

22:20:08.0802 3560 Deinitialize success







#9 The Dark Knight

The Dark Knight

    The Magician


  • Security Colleague
  • 661 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Krypton
  • Local time:11:58 PM

Posted 02 February 2013 - 05:19 PM

Good morning babas87. :)

That's fine.

Please do the following to re-run AdwCleaner:
  • Please close all open programs and internet browsers.
  • Double click on adwcleaner.exe to run the tool.
  • Click on Delete.
  • Confirm each time with OK.
  • Your computer will be rebooted automatically. A text file will open after the restart.
  • Please post the content of that logfile in your reply.
  • You can find the logfile at C:\AdwCleaner[S1].txt.
    Note: If you get a message that you must reboot the computer before starting deletion, please do. At reboot, only AdwCleaner will run and you can only click on the Delete button.
    When the deletion is done, AdwCleaner will reboot the computer again and open the logfile.

=====

Also, please download aswMBR by gmer to your Desktop.

  • Please visit this site for instructions on how to run the tool.
  • Once familiar with this tool, double click aswMBR.exe to run it.
  • Click the Scan button to start the scan.
  • Once the scan has completed, please save the aswMBR.txt log to the Desktop and post it in your next reply.

=====

In your reply please provide the following:
  • AdwCleaner[S1].txt.
  • aswMBR.txt.
How is the computer running?

If you make yourself more than just a man, if you devote yourself to an ideal...you become something else entirely. A legend, Mr. Wayne, a legend!


If I have helped you please consider donating to the Neuroscience Research Institute.


Posted Image
Posted Image


#10 babas87

babas87
  • Topic Starter

  • Members
  • 71 posts
  • OFFLINE
  •  
  • Local time:07:58 AM

Posted 04 February 2013 - 01:55 PM

Hello, sorry for the dalays. Here are the logs:


aswMBR version 0.9.9.1707 Copyright© 2011 AVAST Software
Run date: 2013-02-03 23:45:51
-----------------------------
23:45:51.592 OS Version: Windows 6.1.7601 Service Pack 1
23:45:51.592 Number of processors: 4 586 0x2502
23:45:51.607 ComputerName: HP-PC UserName: HP
23:46:06.271 Initialize success
23:46:06.349 AVAST engine defs: 13020301
23:46:26.863 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP0T0L0-0
23:46:26.863 Disk 0 Vendor: WDC_WD5000BPVT-22A1YT0 01.01A01 Size: 476940MB BusType: 11
23:46:26.879 Disk 0 MBR read successfully
23:46:26.894 Disk 0 MBR scan
23:46:26.894 Disk 0 Windows 7 default MBR code
23:46:26.894 Disk 0 Partition 1 80 (A) 07 HPFS/NTFS NTFS 100 MB offset 2048
23:46:26.910 Disk 0 Partition 2 00 07 HPFS/NTFS NTFS 476838 MB offset 206848
23:46:26.926 Disk 0 scanning sectors +976771072
23:46:26.972 Disk 0 scanning C:\Windows\system32\drivers
23:46:36.691 Service scanning
23:47:03.383 Modules scanning
23:47:15.114 Disk 0 trace - called modules:
23:47:15.130 ntkrnlpa.exe CLASSPNP.SYS disk.sys hpdskflt.sys halmacpi.dll ACPI.sys ataport.SYS PCIIDEX.SYS msahci.sys
23:47:15.644 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0x85a4e980]
23:47:15.644 3 CLASSPNP.SYS[88e0959e] -> nt!IofCallDriver -> [0x85a4e020]
23:47:15.644 5 hpdskflt.sys[88c09f92] -> nt!IofCallDriver -> [0x858d88c8]
23:47:15.660 7 ACPI.sys[886b03d4] -> nt!IofCallDriver -> \Device\Ide\IdeDeviceP0T0L0-0[0x84b8f908]
23:47:18.000 AVAST engine scan C:\
00:31:37.601 Scan finished successfully
00:32:15.739 Disk 0 MBR has been saved successfully to "C:\Users\HP\Desktop\MBR.dat"
00:32:15.739 The log file has been saved successfully to "C:\Users\HP\Desktop\aswMBR.txt"




# AdwCleaner v2.109 - Logfile created 02/03/2013 at 23:41:14
# Updated 26/01/2013 by Xplode
# Operating system : Windows 7 Ultimate Service Pack 1 (32 bits)
# User : HP - HP-PC
# Boot Mode : Normal
# Running from : C:\Users\HP\Desktop\adwcleaner.exe
# Option [Delete]


***** [Services] *****


***** [Files / Folders] *****

Folder Deleted : C:\Program Files\Conduit
Folder Deleted : C:\Users\HP\AppData\Local\Conduit
Folder Deleted : C:\Users\HP\AppData\LocalLow\Conduit
Folder Deleted : C:\Users\HP\AppData\LocalLow\PriceGong

***** [Registry] *****

Key Deleted : HKCU\Software\AppDataLow\Software\Conduit
Key Deleted : HKCU\Software\AppDataLow\Software\ConduitSearchScopes
Key Deleted : HKCU\Software\AppDataLow\Software\PriceGong
Key Deleted : HKCU\Software\AppDataLow\Software\SmartBar
Key Deleted : HKCU\Software\Conduit
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{3C471948-F874-49F5-B338-4F214A2EE0B1}
Key Deleted : HKLM\SOFTWARE\Classes\Toolbar.CT3225824
Key Deleted : HKLM\Software\Conduit
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\0FF2AEFF45EEA0A48A4B33C1973B6094

***** [Internet Browsers] *****

-\\ Internet Explorer v9.0.8112.16457

[OK] Registry is clean.

-\\ Google Chrome v24.0.1312.57

File : C:\Users\HP\AppData\Local\Google\Chrome\User Data\Default\Preferences

Deleted [l.8] : homepage = "hxxp://search.conduit.com/?ctid=CT3225824&SearchSource=48",
Deleted [l.39] : icon_url = "hxxp://search.conduit.com/fav.ico",
Deleted [l.42] : keyword = "search.conduit.com",
Deleted [l.45] : search_url = "hxxp://search.conduit.com/Results.aspx?q={searchTerms}&SearchSource=49&ctid=CT3[...]
Deleted [l.1709] : homepage = "hxxp://search.conduit.com/?ctid=CT3225824&SearchSource=48",

*************************

AdwCleaner[R1].txt - [2170 octets] - [01/02/2013 22:14:05]
AdwCleaner[S1].txt - [2249 octets] - [03/02/2013 23:41:14]

########## EOF - C:\AdwCleaner[S1].txt - [2309 octets] ##########

#11 The Dark Knight

The Dark Knight

    The Magician


  • Security Colleague
  • 661 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Krypton
  • Local time:11:58 PM

Posted 04 February 2013 - 11:32 PM

Hello babas87,

How is your computer running?

If you make yourself more than just a man, if you devote yourself to an ideal...you become something else entirely. A legend, Mr. Wayne, a legend!


If I have helped you please consider donating to the Neuroscience Research Institute.


Posted Image
Posted Image


#12 babas87

babas87
  • Topic Starter

  • Members
  • 71 posts
  • OFFLINE
  •  
  • Local time:07:58 AM

Posted 05 February 2013 - 04:32 PM

Not that good. Laptop freezes occasionally and its slow also. When connecting headphones on my laptop jack I hear some weird sounds which make me believe that there is a program installed on my laptop: like some kind of spyware that is recording everything I do and make my laptop performance low. Did you find something in the logs I sent you? Can you do a thorough check again? Thanks

#13 The Dark Knight

The Dark Knight

    The Magician


  • Security Colleague
  • 661 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Krypton
  • Local time:11:58 PM

Posted 06 February 2013 - 12:48 AM

Good afternoon babas87,

Please download Malwarebytes Anti-Rootkit here.

  • Unzip the contents to a folder on the Desktop.
  • Open the folder where the contents were unzipped and run mbar.exe ( right-click and select Run as administrator for Vista and Windows 7).
  • Follow the instructions in the wizard to update and allow the program to scan your computer for threats.
  • Click on the Cleanup button to remove any threats and reboot if prompted to do so.
  • Wait while the system shuts down and the cleanup process is performed.
  • Please post the two logs produced.

Please note: This tool is still in BETA mode, so please ensure you have backed up any important files.

If you make yourself more than just a man, if you devote yourself to an ideal...you become something else entirely. A legend, Mr. Wayne, a legend!


If I have helped you please consider donating to the Neuroscience Research Institute.


Posted Image
Posted Image


#14 babas87

babas87
  • Topic Starter

  • Members
  • 71 posts
  • OFFLINE
  •  
  • Local time:07:58 AM

Posted 08 February 2013 - 08:02 PM

Hello, sorry for the late reply, I was busy and the website was down when I wanted to reply; I see it was for an update. I scan with the Malwarebyte anti-rootkit and upon opening showed me this message:

 

 

Registry value "AppInit_Dlls"has been found, which may be caused by rootkit activity.
 
Note: Press "No" button if you're not sure. If the tool crashes or terminates unexpectedly during a system scan, restart the tool and press "Yes" should this message appear again.
 
Do you want to remove this value and restart the tool?
 
I press "No" and continued with the updating and scanning. But all the files that the tool found (which is 446 infected files) are all part of my Funshion program. So I did not delete anything. I wanted you to look the logs but I can't find them. Where are they located? or must I delete the files in order for the logs to be created? Thanks


#15 The Dark Knight

The Dark Knight

    The Magician


  • Security Colleague
  • 661 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Krypton
  • Local time:11:58 PM

Posted 08 February 2013 - 08:49 PM

Hello babas87,

 

The logs should be on the Desktop, or where ever you have MBAR.


If you make yourself more than just a man, if you devote yourself to an ideal...you become something else entirely. A legend, Mr. Wayne, a legend!


If I have helped you please consider donating to the Neuroscience Research Institute.


Posted Image
Posted Image





0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users