Tumbleweed88

MBAM causing BSOD

97 posts in this topic

Here is the 2nd part but it will not let me post all of whats left so I will post the log into 3 parts.........

14:29:29.0802 3912 [ 4ABCE74D012971305249E45E095E9EA6 ] C:\Windows\System32\msv1_0.dll

14:29:29.0802 3912 C:\Windows\System32\msv1_0.dll - ok

14:29:29.0818 3912 [ 8617350C9B590B63E620881092751BCB ] C:\Windows\System32\mswsock.dll

14:29:29.0818 3912 C:\Windows\System32\mswsock.dll - ok

14:29:29.0834 3912 [ 95DAECF0FB120A7B5DA679CC54E37DDE ] C:\Windows\System32\netlogon.dll

14:29:29.0834 3912 C:\Windows\System32\netlogon.dll - ok

14:29:29.0849 3912 [ 6629B5F0E98151F4AFDD87567EA32BA3 ] C:\Windows\System32\fdPHost.dll

14:29:29.0849 3912 C:\Windows\System32\fdPHost.dll - ok

14:29:29.0849 3912 [ 89ED56DCE8E47AF40892778A5BD31FD2 ] C:\Windows\System32\FDResPub.dll

14:29:29.0849 3912 C:\Windows\System32\FDResPub.dll - ok

14:29:29.0865 3912 [ 8CE364388C8ECA59B14B539179276D44 ] C:\Windows\System32\FntCache.dll

14:29:29.0865 3912 C:\Windows\System32\FntCache.dll - ok

14:29:29.0880 3912 [ 72910BC4A218C49EA8E43D1FAEC403A5 ] C:\Windows\System32\winbrand.dll

14:29:29.0880 3912 C:\Windows\System32\winbrand.dll - ok

14:29:29.0880 3912 [ 50E3E76B0901BB4FC029BB88BFA5CE79 ] C:\Windows\System32\schannel.dll

14:29:29.0880 3912 C:\Windows\System32\schannel.dll - ok

14:29:29.0896 3912 [ 93620229F3CC3B67A3528BF39F064C30 ] C:\Windows\System32\wdigest.dll

14:29:29.0896 3912 C:\Windows\System32\wdigest.dll - ok

14:29:29.0912 3912 [ 302964DCAC79D618CC7B72C778DA9FD2 ] C:\Windows\System32\PresentationHost.exe

14:29:29.0912 3912 C:\Windows\System32\PresentationHost.exe - ok

14:29:29.0927 3912 [ E14170AEA125119B98FA2BDE3FF4F462 ] C:\Windows\System32\rsaenh.dll

14:29:29.0927 3912 C:\Windows\System32\rsaenh.dll - ok

14:29:29.0927 3912 [ F8873D15018F411588BEC02C1725BADA ] C:\Windows\System32\TSpkg.dll

14:29:29.0927 3912 C:\Windows\System32\TSpkg.dll - ok

14:29:29.0943 3912 [ 0F420E81062757EA8363CBACD4D40D6D ] C:\Windows\System32\gpapi.dll

14:29:29.0943 3912 C:\Windows\System32\gpapi.dll - ok

14:29:29.0958 3912 [ 84067081F3318162797385E11A8F0582 ] C:\Windows\System32\hidserv.dll

14:29:29.0958 3912 C:\Windows\System32\hidserv.dll - ok

14:29:29.0958 3912 [ D8AD255B37DA92434C26E4876DB7D418 ] C:\Windows\System32\KMSVC.DLL

14:29:29.0958 3912 C:\Windows\System32\KMSVC.DLL - ok

14:29:29.0974 3912 [ 05586F5438AB0DA4F5149159E0E5FD4B ] C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\ServiceModelInstallRC.dll

14:29:29.0974 3912 C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\ServiceModelInstallRC.dll - ok

14:29:29.0990 3912 [ 9908D8A397B76CD8D31D0D383C5773C9 ] C:\Windows\System32\IKEEXT.DLL

14:29:29.0990 3912 C:\Windows\System32\IKEEXT.DLL - ok

14:29:29.0990 3912 [ 9AC218C6E6105477484C6FDBE7D409A4 ] C:\Windows\System32\IPBusEnum.dll

14:29:29.0990 3912 C:\Windows\System32\IPBusEnum.dll - ok

14:29:30.0005 3912 [ 1998BD97F950680BB55F55A7244679C2 ] C:\Windows\System32\iphlpsvc.dll

14:29:30.0005 3912 C:\Windows\System32\iphlpsvc.dll - ok

14:29:30.0021 3912 [ 74C2F29CC612B2B34231BEBD824D2FB2 ] C:\Windows\System32\keyiso.dll

14:29:30.0021 3912 C:\Windows\System32\keyiso.dll - ok

14:29:30.0036 3912 [ 3464DAE0E801F5A81A23C571D86F30B2 ] C:\Windows\System32\rascfg.dll

14:29:30.0036 3912 C:\Windows\System32\rascfg.dll - ok

14:29:30.0036 3912 [ 1BF5EEBFD518DD7298434D8C862F825D ] C:\Windows\System32\srvsvc.dll

14:29:30.0036 3912 C:\Windows\System32\srvsvc.dll - ok

14:29:30.0052 3912 [ FA0593D936C9B95FB6FAA32AD1595D49 ] C:\Windows\System32\lltdres.dll

14:29:30.0052 3912 C:\Windows\System32\lltdres.dll - ok

14:29:30.0068 3912 [ 35D40113E4A5B961B6CE5C5857702518 ] C:\Windows\System32\lmhsvc.dll

14:29:30.0068 3912 C:\Windows\System32\lmhsvc.dll - ok

14:29:30.0068 3912 [ 1076FFCFFAAE8385FD62DFCB25AC4708 ] C:\Windows\System32\mmcss.dll

14:29:30.0068 3912 C:\Windows\System32\mmcss.dll - ok

14:29:30.0083 3912 [ 1DB69705B695B987082C8BAEC0C6B34F ] C:\Windows\System32\wkssvc.dll

14:29:30.0083 3912 C:\Windows\System32\wkssvc.dll - ok

14:29:30.0099 3912 [ 95F1EB99B81CFD6F581C85F0A0AA9B2B ] C:\Windows\System32\FirewallAPI.dll

14:29:30.0099 3912 C:\Windows\System32\FirewallAPI.dll - ok

14:29:30.0099 3912 [ EA822412BBBA9B7D2B1A3748AD50EFB8 ] C:\Windows\System32\iscsidsc.dll

14:29:30.0099 3912 C:\Windows\System32\iscsidsc.dll - ok

14:29:30.0114 3912 [ ED21401F1E2F6BC2F54C462BB66D0D6B ] C:\Windows\System32\msimsg.dll

14:29:30.0114 3912 C:\Windows\System32\msimsg.dll - ok

14:29:30.0130 3912 [ E4EAF0C5C1B41B5C83386CF212CA9584 ] C:\Windows\System32\QAGENTRT.DLL

14:29:30.0130 3912 C:\Windows\System32\QAGENTRT.DLL - ok

14:29:30.0146 3912 [ C8052711DAECC48B982434C5116CA401 ] C:\Windows\System32\netman.dll

14:29:30.0146 3912 C:\Windows\System32\netman.dll - ok

14:29:30.0146 3912 [ ED640F4CE585058119B824CC76591D9C ] C:\Windows\System32\netprof.dll

14:29:30.0146 3912 C:\Windows\System32\netprof.dll - ok

14:29:30.0161 3912 [ 8BB86F0C7EEA2BDED6FE095D0B4CA9BD ] C:\Windows\System32\nsisvc.dll

14:29:30.0161 3912 C:\Windows\System32\nsisvc.dll - ok

14:29:30.0177 3912 [ 0C8E8E61AD1EB0B250B846712C917506 ] C:\Windows\System32\p2psvc.dll

14:29:30.0177 3912 C:\Windows\System32\p2psvc.dll - ok

14:29:30.0177 3912 [ C6276AD11F4BB49B58AA1ED88537F14A ] C:\Windows\System32\pcasvc.dll

14:29:30.0177 3912 C:\Windows\System32\pcasvc.dll - ok

14:29:30.0192 3912 [ B1689DF169143F57053F795390C99DB3 ] C:\Windows\System32\pla.dll

14:29:30.0192 3912 C:\Windows\System32\pla.dll - ok

14:29:30.0208 3912 [ C5E7F8A996EC0A82D508FD9064A5569E ] C:\Windows\System32\umpnpmgr.dll

14:29:30.0208 3912 C:\Windows\System32\umpnpmgr.dll - ok

14:29:30.0208 3912 [ 64B28D672B5B6A01E87B0C3096B1E047 ] C:\Windows\System32\polstore.dll

14:29:30.0208 3912 C:\Windows\System32\polstore.dll - ok

14:29:30.0224 3912 [ 0508FAA222D28835310B7BFCA7A77346 ] C:\Windows\System32\profsvc.dll

14:29:30.0224 3912 C:\Windows\System32\profsvc.dll - ok

14:29:30.0239 3912 [ 08F9134A2215B7ED985409A4DF60AC60 ] C:\Windows\System32\psbase.dll

14:29:30.0239 3912 C:\Windows\System32\psbase.dll - ok

14:29:30.0239 3912 [ E9ECAE663F47E6CB43962D18AB18890F ] C:\Windows\System32\qwave.dll

14:29:30.0239 3912 C:\Windows\System32\qwave.dll - ok

14:29:30.0255 3912 [ 9F5E0E1926014D17486901C88ECA2DB7 ] C:\Windows\System32\drivers\qwavedrv.sys

14:29:30.0255 3912 C:\Windows\System32\drivers\qwavedrv.sys - ok

14:29:30.0270 3912 [ F6A452EB4CEADBB51C9E0EE6B3ECEF0F ] C:\Windows\System32\rasauto.dll

14:29:30.0270 3912 C:\Windows\System32\rasauto.dll - ok

14:29:30.0286 3912 [ 75D47445D70CA6F9F894B032FBC64FCF ] C:\Windows\System32\rasmans.dll

14:29:30.0286 3912 C:\Windows\System32\rasmans.dll - ok

14:29:30.0286 3912 [ BCDD6B4804D06B1F7EBF29E53A57ECE9 ] C:\Windows\System32\mprdim.dll

14:29:30.0286 3912 C:\Windows\System32\mprdim.dll - ok

14:29:30.0302 3912 [ 9E6894EA18DAFF37B63E1005F83AE4AB ] C:\Windows\System32\regsvc.dll

14:29:30.0302 3912 C:\Windows\System32\regsvc.dll - ok

14:29:30.0317 3912 [ 6F1A32E7B7B30F004D9A20AFADB14944 ] C:\Windows\System32\sstpsvc.dll

14:29:30.0317 3912 C:\Windows\System32\sstpsvc.dll - ok

14:29:30.0317 3912 [ 5123F83CBC4349D065534EEB6BBDC42B ] C:\Windows\System32\Locator.exe

14:29:30.0317 3912 C:\Windows\System32\Locator.exe - ok

14:29:30.0333 3912 [ 77B7A11A0C3D78D3386398FBBEA1B632 ] C:\Windows\System32\SCardSvr.dll

14:29:30.0333 3912 C:\Windows\System32\SCardSvr.dll - ok

14:29:30.0348 3912 [ 1A58069DB21D05EB2AB58EE5753EBE8D ] C:\Windows\System32\schedsvc.dll

14:29:30.0348 3912 C:\Windows\System32\schedsvc.dll - ok

14:29:30.0348 3912 [ 716313D9F6B0529D03F726D5AAF6F191 ] C:\Windows\System32\sdrsvc.dll

14:29:30.0348 3912 C:\Windows\System32\sdrsvc.dll - ok

14:29:30.0364 3912 [ FD5199D4D8A521005E4B5EE7FE00FA9B ] C:\Windows\System32\seclogon.dll

14:29:30.0364 3912 C:\Windows\System32\seclogon.dll - ok

14:29:30.0380 3912 [ A9BBAB5759771E523F55563D6CBE140F ] C:\Windows\System32\Sens.dll

14:29:30.0380 3912 C:\Windows\System32\Sens.dll - ok

14:29:30.0380 3912 [ E1499BD0FF76B1B2FBBF1AF339D91165 ] C:\Windows\System32\ipnathlp.dll

14:29:30.0380 3912 C:\Windows\System32\ipnathlp.dll - ok

14:29:30.0395 3912 [ D2193326F729B163125610DBF3E17D57 ] C:\Windows\System32\SessEnv.dll

14:29:30.0395 3912 C:\Windows\System32\SessEnv.dll - ok

14:29:30.0411 3912 [ C7230FBEE14437716701C15BE02C27B8 ] C:\Windows\System32\shsvcs.dll

14:29:30.0411 3912 C:\Windows\System32\shsvcs.dll - ok

14:29:30.0411 3912 [ 862BB4CBC05D80C5B45BE430E5EF872F ] C:\Windows\System32\SLsvc.exe

14:29:30.0411 3912 C:\Windows\System32\SLsvc.exe - ok

14:29:30.0426 3912 [ 6EDC422215CD78AA8A9CDE6B30ABBD35 ] C:\Windows\System32\SLUINotify.dll

14:29:30.0426 3912 C:\Windows\System32\SLUINotify.dll - ok

14:29:30.0442 3912 [ E4060CFE50F87C72316CB0FDB20E4913 ] C:\Windows\System32\tcpipcfg.dll

14:29:30.0442 3912 C:\Windows\System32\tcpipcfg.dll - ok

14:29:30.0442 3912 [ 2A146A055B4401C16EE62D18B8E2A032 ] C:\Windows\System32\snmptrap.exe

14:29:30.0442 3912 C:\Windows\System32\snmptrap.exe - ok

14:29:30.0458 3912 [ 8554097E5136C3BF9F69FE578A1B35F4 ] C:\Windows\System32\spoolsv.exe

14:29:30.0458 3912 C:\Windows\System32\spoolsv.exe - ok

14:29:30.0473 3912 [ 03D50B37234967433A5EA5BA72BC0B62 ] C:\Windows\System32\ssdpsrv.dll

14:29:30.0473 3912 C:\Windows\System32\ssdpsrv.dll - ok

14:29:30.0489 3912 [ 5DE7D67E49B88F5F07F3E53C4B92A352 ] C:\Windows\System32\wiaservc.dll

14:29:30.0489 3912 C:\Windows\System32\wiaservc.dll - ok

14:29:30.0489 3912 [ F21FD248040681CCA1FB6C9A03AAA93D ] C:\Windows\System32\swprv.dll

14:29:30.0489 3912 C:\Windows\System32\swprv.dll - ok

14:29:30.0504 3912 [ 9A51B04E9886AA4EE90093586B0BA88D ] C:\Windows\System32\sysmain.dll

14:29:30.0504 3912 C:\Windows\System32\sysmain.dll - ok

14:29:30.0520 3912 [ 2DCA225EAE15F42C0933E998EE0231C3 ] C:\Windows\System32\TabSvc.dll

14:29:30.0520 3912 C:\Windows\System32\TabSvc.dll - ok

14:29:30.0520 3912 [ D7673E4B38CE21EE54C59EEEB65E2483 ] C:\Windows\System32\tapisrv.dll

14:29:30.0520 3912 C:\Windows\System32\tapisrv.dll - ok

14:29:30.0536 3912 [ CB05822CD9CC6C688168E113C603DBE7 ] C:\Windows\System32\tbssvc.dll

14:29:30.0536 3912 C:\Windows\System32\tbssvc.dll - ok

14:29:30.0551 3912 [ BB95DA09BEF6E7A131BFF3BA5032090D ] C:\Windows\System32\termsrv.dll

14:29:30.0551 3912 C:\Windows\System32\termsrv.dll - ok

14:29:30.0551 3912 [ EC74E77D0EB004BD3A809B5F8FB8C2CE ] C:\Windows\System32\trkwks.dll

14:29:30.0551 3912 C:\Windows\System32\trkwks.dll - ok

14:29:30.0567 3912 [ 97D9D6A04E3AD9B6C626B9931DB78DBA ] C:\Windows\servicing\TrustedInstaller.exe

14:29:30.0567 3912 C:\Windows\servicing\TrustedInstaller.exe - ok

14:29:30.0582 3912 [ ECEF404F62863755951E09C802C94AD5 ] C:\Windows\System32\UI0Detect.exe

14:29:30.0582 3912 C:\Windows\System32\UI0Detect.exe - ok

14:29:30.0598 3912 [ 68308183F4AE0BE7BF8ECD07CB297999 ] C:\Windows\System32\upnphost.dll

14:29:30.0598 3912 C:\Windows\System32\upnphost.dll - ok

14:29:30.0598 3912 [ 01DD1004181FD46ECDC3628228EB269D ] C:\Windows\System32\dwm.exe

14:29:30.0598 3912 C:\Windows\System32\dwm.exe - ok

14:29:30.0614 3912 [ CD88D1B7776DC17A119049742EC07EB4 ] C:\Windows\System32\vds.exe

14:29:30.0614 3912 C:\Windows\System32\vds.exe - ok

14:29:30.0629 3912 [ DB3D19F850C6EB32BDCB9BC0836ACDDB ] C:\Windows\System32\VSSVC.exe

14:29:30.0629 3912 C:\Windows\System32\VSSVC.exe - ok

14:29:30.0629 3912 [ 96EA68B9EB310A69C25EBB0282B2B9DE ] C:\Windows\System32\w32time.dll

14:29:30.0629 3912 C:\Windows\System32\w32time.dll - ok

14:29:30.0645 3912 [ A3CD60FD826381B49F03832590E069AF ] C:\Windows\System32\wcncsvc.dll

14:29:30.0645 3912 C:\Windows\System32\wcncsvc.dll - ok

14:29:30.0660 3912 [ 11BCB7AFCDD7AADACB5746F544D3A9C7 ] C:\Windows\System32\WcsPlugInService.dll

14:29:30.0660 3912 C:\Windows\System32\WcsPlugInService.dll - ok

14:29:30.0660 3912 [ ABFC76B48BB6C96E3338D8943C5D93B5 ] C:\Windows\System32\wdi.dll

14:29:30.0660 3912 C:\Windows\System32\wdi.dll - ok

14:29:30.0676 3912 [ 04C37D8107320312FBAE09926103D5E2 ] C:\Windows\System32\WebClnt.dll

14:29:30.0676 3912 C:\Windows\System32\WebClnt.dll - ok

14:29:30.0692 3912 [ AE3736E7E8892241C23E4EBBB7453B60 ] C:\Windows\System32\wecsvc.dll

14:29:30.0692 3912 C:\Windows\System32\wecsvc.dll - ok

14:29:30.0707 3912 [ 670FF720071ED741206D69BD995EA453 ] C:\Windows\System32\wercplsupport.dll

14:29:30.0707 3912 C:\Windows\System32\wercplsupport.dll - ok

14:29:30.0707 3912 [ 32B88481D3B326DA6DEB07B1D03481E7 ] C:\Windows\System32\wersvc.dll

14:29:30.0707 3912 C:\Windows\System32\wersvc.dll - ok

14:29:30.0723 3912 [ DBD02E3E6F061EBBBF9B99A9D7CBA30B ] C:\Windows\System32\winhttp.dll

14:29:30.0723 3912 C:\Windows\System32\winhttp.dll - ok

14:29:30.0738 3912 [ 6B2A1D0E80110E3D04E6863C6E62FD8A ] C:\Windows\System32\wbem\WMIsvc.dll

14:29:30.0738 3912 C:\Windows\System32\wbem\WMIsvc.dll - ok

14:29:30.0738 3912 [ 7CFE68BDC065E55AA5E8421607037511 ] C:\Windows\System32\WsmSvc.dll

14:29:30.0738 3912 C:\Windows\System32\WsmSvc.dll - ok

14:29:30.0754 3912 [ C008405E4FEEB069E30DA1D823910234 ] C:\Windows\System32\wlansvc.dll

14:29:30.0754 3912 C:\Windows\System32\wlansvc.dll - ok

14:29:30.0770 3912 [ 3978704576A121A9204F8CC49A301A9B ] C:\Program Files\Windows Media Player\wmpnetwk.exe

14:29:30.0770 3912 C:\Program Files\Windows Media Player\wmpnetwk.exe - ok

14:29:30.0770 3912 [ 43BE3875207DCB62A85C8C49970B66CC ] C:\Windows\System32\wbem\WmiApSrv.exe

14:29:30.0770 3912 C:\Windows\System32\wbem\WmiApSrv.exe - ok

14:29:30.0785 3912 [ CFC5A04558F5070CEE3E3A7809F3FF52 ] C:\Windows\System32\wpcsvc.dll

14:29:30.0785 3912 C:\Windows\System32\wpcsvc.dll - ok

14:29:30.0801 3912 [ DCF3E3EDF5109EE8BC02FE6E1F045795 ] C:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe

14:29:30.0801 3912 C:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe - ok

14:29:30.0816 3912 [ 801FBDB89D472B3C467EB112A0FC9246 ] C:\Windows\System32\wpdbusenum.dll

14:29:30.0816 3912 C:\Windows\System32\wpdbusenum.dll - ok

14:29:30.0816 3912 [ 1CA6C40261DDC0425987980D0CD2AAAB ] C:\Windows\System32\wscsvc.dll

14:29:30.0816 3912 C:\Windows\System32\wscsvc.dll - ok

14:29:30.0832 3912 [ AED0DFF80C6B3914769407E78D7AB21A ] C:\Windows\System32\SearchIndexer.exe

14:29:30.0832 3912 C:\Windows\System32\SearchIndexer.exe - ok

14:29:30.0848 3912 [ FC3EC24FCE372C89423E015A2AC1A31E ] C:\Windows\System32\wuaueng.dll

14:29:30.0848 3912 C:\Windows\System32\wuaueng.dll - ok

14:29:30.0848 3912 [ 575A4190D989F64732119E4114045A4F ] C:\Windows\System32\WUDFSvc.dll

14:29:30.0848 3912 C:\Windows\System32\WUDFSvc.dll - ok

14:29:30.0863 3912 [ 8FC182167381E9915651267044105EE1 ] C:\Windows\System32\scecli.dll

14:29:30.0863 3912 C:\Windows\System32\scecli.dll - ok

14:29:30.0879 3912 [ CD08EEC61C591AF59A39F4363C567D30 ] C:\Windows\System32\ntmarta.dll

14:29:30.0879 3912 C:\Windows\System32\ntmarta.dll - ok

14:29:30.0879 3912 [ 3794B461C45882E06856F282EEF025AF ] C:\Windows\System32\svchost.exe

14:29:30.0879 3912 C:\Windows\System32\svchost.exe - ok

14:29:30.0894 3912 [ 9A7F4B2EDACD11444D048AA19CBB26AF ] C:\Windows\System32\powrprof.dll

14:29:30.0894 3912 C:\Windows\System32\powrprof.dll - ok

14:29:30.0910 3912 [ 8F5C7426567798E62A3B3614965D62CC ] C:\Windows\System32\drivers\luafv.sys

14:29:30.0910 3912 C:\Windows\System32\drivers\luafv.sys - ok

14:29:30.0926 3912 [ 6693141560B1615D8DCCF0D8EB00087E ] C:\Windows\System32\drivers\aswMonFlt.sys

14:29:30.0926 3912 C:\Windows\System32\drivers\aswMonFlt.sys - ok

14:29:30.0926 3912 [ 0AE43C6C411254049279C2EE55630F95 ] C:\Windows\System32\drivers\aswFsBlk.sys

14:29:30.0926 3912 C:\Windows\System32\drivers\aswFsBlk.sys - ok

14:29:30.0941 3912 [ 3B5B4D53FEC14F7476CA29A20CC31AC9 ] C:\Windows\System32\rpcss.dll

14:29:30.0941 3912 C:\Windows\System32\rpcss.dll - ok

14:29:30.0957 3912 [ 69827805A221C21450BA22F4326A2EE3 ] C:\Windows\System32\version.dll

14:29:30.0957 3912 C:\Windows\System32\version.dll - ok

14:29:30.0957 3912 [ 62D577288B48998FC6667BF22DC5B690 ] C:\Windows\System32\LogonUI.exe

14:29:30.0957 3912 C:\Windows\System32\LogonUI.exe - ok

14:29:30.0972 3912 [ 58C2521D87C494831A625202C80354AD ] C:\Windows\System32\authui.dll

14:29:30.0972 3912 C:\Windows\System32\authui.dll - ok

14:29:30.0988 3912 [ BE3C082837866C4C291ADAF163C10EA6 ] C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18305_none_5cb72f2a088b0ed3\comctl32.dll

14:29:30.0988 3912 C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18305_none_5cb72f2a088b0ed3\comctl32.dll - ok

14:29:30.0988 3912 [ 56B5914070B2C243DFB3D186070DA89D ] C:\Windows\System32\MMDevAPI.dll

14:29:30.0988 3912 C:\Windows\System32\MMDevAPI.dll - ok

14:29:31.0004 3912 [ F42483814FC39170B3982A184EC5AAA2 ] C:\Windows\System32\wtsapi32.dll

14:29:31.0004 3912 C:\Windows\System32\wtsapi32.dll - ok

14:29:31.0019 3912 [ 2EC53B5A351C4D443896DBAD117F7E82 ] C:\Windows\System32\msimg32.dll

14:29:31.0019 3912 C:\Windows\System32\msimg32.dll - ok

14:29:31.0035 3912 [ 999D69DEB576C2C424294DF025891CC6 ] C:\Windows\System32\uxtheme.dll

14:29:31.0035 3912 C:\Windows\System32\uxtheme.dll - ok

14:29:31.0035 3912 [ 76EAEF4DDEBBC7C38853F586C0E91DCE ] C:\Windows\winsxs\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6002.18581_none_9e591052ca1013d0\GdiPlus.dll

14:29:31.0035 3912 C:\Windows\winsxs\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6002.18581_none_9e591052ca1013d0\GdiPlus.dll - ok

14:29:31.0050 3912 [ B2E569EF26DAC9D6994A2AFF4F601B7A ] C:\Windows\System32\wintrust.dll

14:29:31.0050 3912 C:\Windows\System32\wintrust.dll - ok

14:29:31.0066 3912 [ C9244BCAC83B259B920BBEE18A97BFE1 ] C:\Windows\System32\avrt.dll

14:29:31.0066 3912 C:\Windows\System32\avrt.dll - ok

14:29:31.0066 3912 [ A99871BA522CB2539AE275AC18CACC8F ] C:\Windows\System32\cabinet.dll

14:29:31.0066 3912 C:\Windows\System32\cabinet.dll - ok

14:29:31.0082 3912 [ 75EB73E64F5B4655D9797D20F26DE320 ] C:\Windows\System32\duser.dll

14:29:31.0082 3912 C:\Windows\System32\duser.dll - ok

14:29:31.0097 3912 [ 1908CC7673F72601AFFDCA022689CEDF ] C:\Windows\System32\xmllite.dll

14:29:31.0097 3912 C:\Windows\System32\xmllite.dll - ok

14:29:31.0113 3912 [ B25DBBA6C63A61FF4AFDB5ADAB4E70CB ] C:\Windows\System32\SmartcardCredentialProvider.dll

14:29:31.0113 3912 C:\Windows\System32\SmartcardCredentialProvider.dll - ok

14:29:31.0113 3912 [ 9DC3723519F52B6BC63EACD4BD411313 ] C:\Windows\System32\rasplap.dll

14:29:31.0113 3912 C:\Windows\System32\rasplap.dll - ok

14:29:31.0128 3912 [ 97FEF831AB90BEE128C9AF390E243F80 ] C:\Windows\System32\drivers\drmkaud.sys

14:29:31.0128 3912 C:\Windows\System32\drivers\drmkaud.sys - ok

14:29:31.0144 3912 [ 3CB863B78642405371CB3A71C07E2382 ] C:\Windows\System32\rasapi32.dll

14:29:31.0144 3912 C:\Windows\System32\rasapi32.dll - ok

14:29:31.0144 3912 [ 3A1DDA77F331D107BA40DB06E4D666E9 ] C:\Windows\System32\rasman.dll

14:29:31.0144 3912 C:\Windows\System32\rasman.dll - ok

14:29:31.0160 3912 [ 70F08ECE7A30A639D3F0C8C433685C7D ] C:\Windows\System32\tapi32.dll

14:29:31.0160 3912 C:\Windows\System32\tapi32.dll - ok

14:29:31.0175 3912 [ DC15AB7168C0309D8F04FD95B6240422 ] C:\Windows\System32\oleacc.dll

14:29:31.0175 3912 C:\Windows\System32\oleacc.dll - ok

14:29:31.0175 3912 [ 3D418A22A56471295AEB1CEB9027C3DA ] C:\Windows\System32\rtutils.dll

14:29:31.0175 3912 C:\Windows\System32\rtutils.dll - ok

14:29:31.0191 3912 [ 14FF750EFE13B0C21E5A06507C3A97B1 ] C:\Windows\System32\winmm.dll

14:29:31.0191 3912 C:\Windows\System32\winmm.dll - ok

14:29:31.0206 3912 [ 627920CFF5DFCF8CF54CF2D592D61307 ] C:\Windows\System32\WinSCard.dll

14:29:31.0206 3912 C:\Windows\System32\WinSCard.dll - ok

14:29:31.0222 3912 [ 3437B9E218A2E4586BEF4F7A3BD00777 ] C:\Windows\System32\audiodg.exe

14:29:31.0222 3912 C:\Windows\System32\audiodg.exe - ok

14:29:31.0222 3912 [ 12A1DF1B84FB45A00D47B2CDE2CEEBBA ] C:\Windows\System32\shgina.dll

14:29:31.0222 3912 C:\Windows\System32\shgina.dll - ok

14:29:31.0238 3912 [ 70932D6C3D59B416CBD2BE5A3B3D4BE6 ] C:\Windows\System32\shacct.dll

14:29:31.0238 3912 C:\Windows\System32\shacct.dll - ok

14:29:31.0253 3912 [ 7DACD94118E2D8B6D72F47ADEB0367BF ] C:\Windows\System32\propsys.dll

14:29:31.0253 3912 C:\Windows\System32\propsys.dll - ok

14:29:31.0253 3912 [ 399BB52AD0668472717498E97CF28341 ] C:\Windows\System32\WUDFPlatform.dll

14:29:31.0253 3912 C:\Windows\System32\WUDFPlatform.dll - ok

14:29:31.0269 3912 [ EC43D9CC95C3BB5FEFDBCF22D375E1F5 ] C:\Windows\System32\adtschema.dll

14:29:31.0269 3912 C:\Windows\System32\adtschema.dll - ok

14:29:31.0284 3912 [ CD5D0AEEE35DFD4E986A5AA1500A6E66 ] C:\Windows\System32\gpsvc.dll

14:29:31.0284 3912 C:\Windows\System32\gpsvc.dll - ok

14:29:31.0300 3912 [ D1A84F7D4CAFCFE2A32149FF418056E5 ] C:\Windows\System32\nlaapi.dll

14:29:31.0300 3912 C:\Windows\System32\nlaapi.dll - ok

14:29:31.0300 3912 [ 409F36C8BD06FCE184631EB4142B009A ] C:\Windows\System32\atl.dll

14:29:31.0300 3912 C:\Windows\System32\atl.dll - ok

14:29:31.0316 3912 [ 67058C46504BC12D821F38CF99B7B28F ] C:\Windows\System32\es.dll

14:29:31.0316 3912 C:\Windows\System32\es.dll - ok

14:29:31.0331 3912 [ 01334F9EA68E6877C4EF05D3EA8ABB05 ] C:\Windows\System32\drivers\fltMgr.sys

14:29:31.0331 3912 C:\Windows\System32\drivers\fltMgr.sys - ok

14:29:31.0331 3912 [ 22F73612087430A94DBE912AB58E0C79 ] C:\Windows\System32\ci.dll

14:29:31.0331 3912 C:\Windows\System32\ci.dll - ok

14:29:31.0347 3912 [ 70C6489D56008D75DEDF73226FA63C11 ] C:\Windows\System32\dimsjob.dll

14:29:31.0347 3912 C:\Windows\System32\dimsjob.dll - ok

14:29:31.0362 3912 [ 1509E705F3AC1D474C92454A5C2DD81F ] C:\Windows\System32\uxsms.dll

14:29:31.0362 3912 C:\Windows\System32\uxsms.dll - ok

14:29:31.0362 3912 [ 6836D001FC733F205ACB80A7986CB6C9 ] C:\Windows\System32\WindowsCodecs.dll

14:29:31.0362 3912 C:\Windows\System32\WindowsCodecs.dll - ok

14:29:31.0378 3912 [ 57418956DDAE128D1023C508E7D07071 ] C:\Windows\System32\PSHED.DLL

14:29:31.0378 3912 C:\Windows\System32\PSHED.DLL - ok

14:29:31.0394 3912 [ 8269CC01940A202BBB9FDF26705DBD67 ] C:\Windows\System32\hid.dll

14:29:31.0394 3912 C:\Windows\System32\hid.dll - ok

14:29:31.0394 3912 [ A7F8BAD9590ADDC425B4003E94780DFA ] C:\Windows\System32\drivers\spsys.sys

14:29:31.0394 3912 C:\Windows\System32\drivers\spsys.sys - ok

14:29:31.0409 3912 [ D1C5883087A0C3F1344D9D55A44901F6 ] C:\Windows\System32\drivers\lltdio.sys

14:29:31.0409 3912 C:\Windows\System32\drivers\lltdio.sys - ok

14:29:31.0425 3912 [ 85C44FDFF9CF7E72A40DCB7EC06A4416 ] C:\Windows\System32\drivers\nwifi.sys

14:29:31.0425 3912 C:\Windows\System32\drivers\nwifi.sys - ok

14:29:31.0440 3912 [ D6973AA34C4D5D76C0430B181C3CD389 ] C:\Windows\System32\drivers\ndisuio.sys

14:29:31.0440 3912 C:\Windows\System32\drivers\ndisuio.sys - ok

14:29:31.0440 3912 [ 9C508F4074A39E8B4B31D27198146FAD ] C:\Windows\System32\drivers\rspndr.sys

14:29:31.0440 3912 C:\Windows\System32\drivers\rspndr.sys - ok

14:29:31.0456 3912 [ 57D762F6F5974AF0DA2BE88A3349BAAA ] C:\Windows\System32\dnsrslvr.dll

14:29:31.0456 3912 C:\Windows\System32\dnsrslvr.dll - ok

14:29:31.0472 3912 [ 3AB4023CBD406AC33AB8CDFF6C8079A0 ] C:\Windows\System32\eapphost.dll

14:29:31.0472 3912 C:\Windows\System32\eapphost.dll - ok

14:29:31.0472 3912 [ 3B0489DE8CC3058B48471660C60A7B75 ] C:\Windows\System32\rastls.dll

14:29:31.0472 3912 C:\Windows\System32\rastls.dll - ok

14:29:31.0487 3912 [ BE01E566D1F569AAB32D0335613E1EEA ] C:\Windows\System32\dllhost.exe

14:29:31.0487 3912 C:\Windows\System32\dllhost.exe - ok

14:29:31.0503 3912 [ 82A79D5BE740D0AE9C91AA6DE4B3AC5A ] C:\Windows\System32\raschap.dll

14:29:31.0503 3912 C:\Windows\System32\raschap.dll - ok

14:29:31.0503 3912 [ 1DACD1530C6E58AEAE9F6DE7DA851935 ] C:\Windows\System32\shimeng.dll

14:29:31.0503 3912 C:\Windows\System32\shimeng.dll - ok

14:29:31.0518 3912 [ E45051C374F845EDF3DB02A35BA13193 ] C:\Windows\System32\umb.dll

14:29:31.0518 3912 C:\Windows\System32\umb.dll - ok

14:29:31.0534 3912 [ 3727F8B85E24BBDD325BFF75F029DDE3 ] C:\Windows\System32\wlanmsm.dll

14:29:31.0534 3912 C:\Windows\System32\wlanmsm.dll - ok

14:29:31.0550 3912 [ 4662AF853DFAD5648CE3814E7D9EF3D6 ] C:\Windows\System32\wlansec.dll

14:29:31.0550 3912 C:\Windows\System32\wlansec.dll - ok

14:29:31.0550 3912 [ B64AC7967D6B9FB2D6152AC768A1CB88 ] C:\Windows\System32\onex.dll

14:29:31.0550 3912 C:\Windows\System32\onex.dll - ok

14:29:31.0565 3912 [ 35ACD5EA63D75E97DD0E9A1629E582B2 ] C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_5.82.6002.18305_none_88f3a38569c2c436\comctl32.dll

14:29:31.0565 3912 C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_5.82.6002.18305_none_88f3a38569c2c436\comctl32.dll - ok

14:29:31.0581 3912 [ 9D9FFC923FADBB575E0452EA0BBB15BD ] C:\Windows\System32\eappprxy.dll

14:29:31.0581 3912 C:\Windows\System32\eappprxy.dll - ok

14:29:31.0581 3912 [ 5D0FE613570CABE3992F7DBCD68E61D1 ] C:\Windows\System32\eappcfg.dll

14:29:31.0581 3912 C:\Windows\System32\eappcfg.dll - ok

14:29:31.0596 3912 [ 4DF066ECEE5A7B20BF8B39EF4D646600 ] C:\Windows\System32\wdmaud.drv

14:29:31.0596 3912 C:\Windows\System32\wdmaud.drv - ok

14:29:31.0612 3912 [ 919CC2A0476D5A6A4C935D4B88E29912 ] C:\Windows\System32\ksuser.dll

14:29:31.0612 3912 C:\Windows\System32\ksuser.dll - ok

14:29:31.0612 3912 [ 3CD1B69551236977918E60F9543C89A2 ] C:\Windows\System32\AtBroker.exe

14:29:31.0612 3912 C:\Windows\System32\AtBroker.exe - ok

14:29:31.0628 3912 [ 7258434974EA735725FD2D4A65C5E821 ] C:\Windows\System32\AudioSes.dll

14:29:31.0628 3912 C:\Windows\System32\AudioSes.dll - ok

14:29:31.0643 3912 [ DB7F4AB85298F3FE522C5512B8B0F56D ] C:\Windows\System32\AudioEng.dll

14:29:31.0643 3912 C:\Windows\System32\AudioEng.dll - ok

14:29:31.0643 3912 [ 91D995A67D9447592A1BF21CBC15C628 ] C:\Windows\System32\wlgpclnt.dll

14:29:31.0643 3912 C:\Windows\System32\wlgpclnt.dll - ok

14:29:31.0659 3912 [ 19FFAD68A02AF1BF0BC336EE26CD6767 ] C:\Windows\System32\l2gpstore.dll

14:29:31.0659 3912 C:\Windows\System32\l2gpstore.dll - ok

14:29:31.0674 3912 [ EB2170D0DDF3B2A92506AE16BC524B0B ] C:\Windows\System32\wlanutil.dll

14:29:31.0674 3912 C:\Windows\System32\wlanutil.dll - ok

14:29:31.0674 3912 [ 0E135526E9785D085BCD9AEDE6FBCBF9 ] C:\Windows\System32\userinit.exe

14:29:31.0690 3912 C:\Windows\System32\userinit.exe - ok

14:29:31.0690 3912 [ BDBB449425991154135E5ED1559927E6 ] C:\Windows\System32\msacm32.dll

14:29:31.0690 3912 C:\Windows\System32\msacm32.dll - ok

14:29:31.0706 3912 [ 166F004D73EA2CF4AC61800CA469458D ] C:\Windows\System32\msacm32.drv

14:29:31.0706 3912 C:\Windows\System32\msacm32.drv - ok

14:29:31.0721 3912 [ 83199EF88D691E730B80666E29F90D58 ] C:\Windows\System32\midimap.dll

14:29:31.0721 3912 C:\Windows\System32\midimap.dll - ok

14:29:31.0721 3912 [ 024528E25BBE8768536861EA09BE1672 ] C:\Windows\System32\msxml6.dll

14:29:31.0721 3912 C:\Windows\System32\msxml6.dll - ok

14:29:31.0737 3912 [ 296937202E4D930AAE98085B99D744D8 ] C:\Windows\System32\AUDIOKSE.dll

14:29:31.0737 3912 C:\Windows\System32\AUDIOKSE.dll - ok

14:29:31.0752 3912 [ 9B96F6952186336CC6E3D4E08BE2E0AF ] C:\Windows\System32\dwmapi.dll

14:29:31.0752 3912 C:\Windows\System32\dwmapi.dll - ok

14:29:31.0752 3912 [ 6BC5FCEF351E4CB5A269C1E84B5A06DA ] C:\Windows\System32\netcfgx.dll

14:29:31.0752 3912 C:\Windows\System32\netcfgx.dll - ok

14:29:31.0768 3912 [ CFD7A46928597BF4FA8C1A268D1F6A08 ] C:\Windows\System32\RtkAPO.dll

14:29:31.0768 3912 C:\Windows\System32\RtkAPO.dll - ok

14:29:31.0784 3912 [ D07D4C3038F3578FFCE1C0237F2A1253 ] C:\Windows\explorer.exe

14:29:31.0784 3912 C:\Windows\explorer.exe - ok

14:29:31.0784 3912 [ 4041D31508A2A084DFB42C595854090F ] C:\Program Files\AVAST Software\Avast\AvastSvc.exe

14:29:31.0784 3912 C:\Program Files\AVAST Software\Avast\AvastSvc.exe - ok

14:29:31.0799 3912 [ 153C55E9F84BF079A276C0D350806DC5 ] C:\Program Files\AVAST Software\Avast\aswCmnBS.dll

14:29:31.0799 3912 C:\Program Files\AVAST Software\Avast\aswCmnBS.dll - ok

14:29:31.0815 3912 [ D07F23592281202D8F0BED99DFAF3DB2 ] C:\Program Files\AVAST Software\Avast\aswCmnOS.dll

14:29:31.0815 3912 C:\Program Files\AVAST Software\Avast\aswCmnOS.dll - ok

14:29:31.0830 3912 [ C1101C9F70C136106C80C7DE073A7801 ] C:\Program Files\AVAST Software\Avast\aswCmnIS.dll

14:29:31.0830 3912 C:\Program Files\AVAST Software\Avast\aswCmnIS.dll - ok

14:29:31.0830 3912 [ 7538050656FE5D63CB4B80349DD1CFE3 ] C:\Windows\winsxs\x86_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.4148_none_5090ab56bcba71c2\msvcr90.dll

14:29:31.0830 3912 C:\Windows\winsxs\x86_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.4148_none_5090ab56bcba71c2\msvcr90.dll - ok

14:29:31.0846 3912 [ D80C6539C00CB4F5D59066865479C308 ] C:\Windows\System32\dwmredir.dll

14:29:31.0846 3912 C:\Windows\System32\dwmredir.dll - ok

14:29:31.0862 3912 [ B2EEE3DEE31F50E082E9C720A6D7757D ] C:\Windows\winsxs\x86_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.4148_none_5090ab56bcba71c2\msvcp90.dll

14:29:31.0862 3912 C:\Windows\winsxs\x86_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.4148_none_5090ab56bcba71c2\msvcp90.dll - ok

14:29:31.0877 3912 [ C99403A5B641520DAED0021DDA06F272 ] C:\Windows\System32\milcore.dll

14:29:31.0877 3912 C:\Windows\System32\milcore.dll - ok

14:29:31.0877 3912 [ 0727200F10320A6BA7E59433094FBBA7 ] C:\Windows\System32\WMALFXGFXDSP.dll

14:29:31.0877 3912 C:\Windows\System32\WMALFXGFXDSP.dll - ok

14:29:31.0893 3912 [ 167AC31450C0C53A01FA1491E94D7678 ] C:\Windows\System32\shdocvw.dll

14:29:31.0893 3912 C:\Windows\System32\shdocvw.dll - ok

14:29:31.0908 3912 [ 23F655904EDBE354CACEC16148073D1C ] C:\Program Files\AVAST Software\Avast\ashBase.dll

14:29:31.0908 3912 C:\Program Files\AVAST Software\Avast\ashBase.dll - ok

14:29:31.0908 3912 [ E582816A4855914DEFFC212E12B3B744 ] C:\Windows\System32\wsock32.dll

14:29:31.0908 3912 C:\Windows\System32\wsock32.dll - ok

14:29:31.0924 3912 [ C0C17AB13EFE021D09E278E127560944 ] C:\Program Files\AVAST Software\Avast\aswEngLdr.dll

14:29:31.0924 3912 C:\Program Files\AVAST Software\Avast\aswEngLdr.dll - ok

14:29:31.0940 3912 [ BF142D4F8C61ED3629A9CDD7BA867900 ] C:\Windows\System32\mfplat.dll

14:29:31.0940 3912 C:\Windows\System32\mfplat.dll - ok

14:29:31.0955 3912 [ 8AAEEE8E59A70F37579993D118A34EE0 ] C:\Windows\System32\d3d9.dll

14:29:31.0955 3912 C:\Windows\System32\d3d9.dll - ok

14:29:31.0955 3912 [ CD6DA5770CAE9D5E6E86722E17B442E0 ] C:\Windows\System32\d3d8thk.dll

14:29:31.0955 3912 C:\Windows\System32\d3d8thk.dll - ok

14:29:31.0971 3912 [ 4504819D18FAC09B6108D8728467E5B2 ] C:\Windows\System32\browseui.dll

14:29:31.0971 3912 C:\Windows\System32\browseui.dll - ok

14:29:31.0986 3912 [ 784485B6BF7F0156D3CF64E8A91D1CE6 ] C:\Windows\System32\igdumd32.dll

14:29:31.0986 3912 C:\Windows\System32\igdumd32.dll - ok

14:29:31.0986 3912 [ 7A623F6B4C51F6F2BC1A31D5787FC0A7 ] C:\Windows\System32\uDWM.dll

14:29:31.0986 3912 C:\Windows\System32\uDWM.dll - ok

14:29:32.0002 3912 [ 4934241CD20AC87D78121352E3BA8318 ] C:\Windows\System32\dbghelp.dll

14:29:32.0002 3912 C:\Windows\System32\dbghelp.dll - ok

14:29:32.0018 3912 [ 53F02D0B63C0581CC75B59FEB8727868 ] C:\Program Files\AVAST Software\Avast\1033\Base.dll

14:29:32.0018 3912 C:\Program Files\AVAST Software\Avast\1033\Base.dll - ok

14:29:32.0018 3912 [ D922592AB65C5D9B88B30B4510A3464E ] C:\Windows\System32\cscapi.dll

14:29:32.0018 3912 C:\Windows\System32\cscapi.dll - ok

14:29:32.0033 3912 [ 1B34989DDFD77861D3BFC7BDB0AE45EA ] C:\Program Files\AVAST Software\Avast\ashServ.dll

14:29:32.0033 3912 C:\Program Files\AVAST Software\Avast\ashServ.dll - ok

14:29:32.0049 3912 [ 0B8C72A9BE02F1F1C6D2876B78F270AD ] C:\Program Files\AVAST Software\Avast\aswAux.dll

14:29:32.0049 3912 C:\Program Files\AVAST Software\Avast\aswAux.dll - ok

14:29:32.0064 3912 [ 309391D362FA6036F92919CDA11957F7 ] C:\Program Files\AVAST Software\Avast\ashTask.dll

14:29:32.0064 3912 C:\Program Files\AVAST Software\Avast\ashTask.dll - ok

14:29:32.0064 3912 [ 9765A954BC96D5444A55AACBAC91A7C4 ] C:\Program Files\AVAST Software\Avast\ashTaskEx.dll

14:29:32.0064 3912 C:\Program Files\AVAST Software\Avast\ashTaskEx.dll - ok

14:29:32.0080 3912 [ 0BF206E2EAC174E9B607FB90930C2477 ] C:\Program Files\AVAST Software\Avast\aswLog.dll

14:29:32.0080 3912 C:\Program Files\AVAST Software\Avast\aswLog.dll - ok

14:29:32.0096 3912 [ A218DC737865366494DF73601A7B4626 ] C:\Program Files\AVAST Software\Avast\aswSqLt.dll

14:29:32.0096 3912 C:\Program Files\AVAST Software\Avast\aswSqLt.dll - ok

14:29:32.0096 3912 [ A21F1D4883777C8F2B918B9A33988F52 ] C:\Program Files\AVAST Software\Avast\aswProperty.dll

14:29:32.0096 3912 C:\Program Files\AVAST Software\Avast\aswProperty.dll - ok

14:29:32.0111 3912 [ C7CEC19606F6C6BCEF7DBD5056F93724 ] C:\Program Files\AVAST Software\Avast\Aavm4h.dll

14:29:32.0111 3912 C:\Program Files\AVAST Software\Avast\Aavm4h.dll - ok

14:29:32.0127 3912 [ B678403BB3864B7288676764D9F3BD05 ] C:\Program Files\AVAST Software\Avast\AavmRpch.dll

14:29:32.0127 3912 C:\Program Files\AVAST Software\Avast\AavmRpch.dll - ok

14:29:32.0142 3912 [ 172C234F9C72A9BB2C939851ACAD734B ] C:\Program Files\AVAST Software\Avast\aswIdle.dll

14:29:32.0142 3912 C:\Program Files\AVAST Software\Avast\aswIdle.dll - ok

14:29:32.0142 3912 [ AA8B84990D8605565C31DACA9903067E ] C:\Program Files\AVAST Software\Avast\aswDld.dll

14:29:32.0142 3912 C:\Program Files\AVAST Software\Avast\aswDld.dll - ok

14:29:32.0158 3912 [ 7D634BB1B2BC4249E0E00EF39DDD5AAB ] C:\Program Files\AVAST Software\Avast\aswStrm.dll

14:29:32.0158 3912 C:\Program Files\AVAST Software\Avast\aswStrm.dll - ok

14:29:32.0174 3912 [ CA0B849566776A17F35F0339BE17DFD9 ] C:\Windows\System32\ktmw32.dll

14:29:32.0174 3912 C:\Windows\System32\ktmw32.dll - ok

14:29:32.0174 3912 [ 751C5383F3995F6D6B3FA24EF89C9446 ] C:\Program Files\AVAST Software\Avast\ashShell.dll

14:29:32.0174 3912 C:\Program Files\AVAST Software\Avast\ashShell.dll - ok

14:29:32.0189 3912 [ D0A95E567224B4C347CBDD6541E5D928 ] C:\Windows\System32\wscisvif.dll

14:29:32.0189 3912 C:\Windows\System32\wscisvif.dll - ok

14:29:32.0205 3912 [ A0F4852A5DB9754BEC06F84B400AE743 ] C:\Windows\System32\wscapi.dll

14:29:32.0205 3912 C:\Windows\System32\wscapi.dll - ok

14:29:32.0205 3912 [ 401DFFDBBBD3F07C747ED1AE2BB88106 ] C:\Windows\System32\msi.dll

14:29:32.0205 3912 C:\Windows\System32\msi.dll - ok

14:29:32.0220 3912 [ 2A6A2C09ECC2CB495628E45F1379ECE8 ] C:\Windows\System32\taskcomp.dll

14:29:32.0220 3912 C:\Windows\System32\taskcomp.dll - ok

14:29:32.0236 3912 [ 0EEECA26C8D4BDE2A4664DB058A81937 ] C:\Windows\System32\drivers\http.sys

14:29:32.0236 3912 C:\Windows\System32\drivers\http.sys - ok

14:29:32.0252 3912 [ 73FE2E5FA55088A241AA2732F5D387D6 ] C:\Windows\System32\wiarpc.dll

14:29:32.0252 3912 C:\Windows\System32\wiarpc.dll - ok

14:29:32.0252 3912 [ 4AEEDE58A81D3FF2571F5CE5A95F3AAF ] C:\Program Files\AVAST Software\Avast\defs\12110800\aswEngin.dll

14:29:32.0252 3912 C:\Program Files\AVAST Software\Avast\defs\12110800\aswEngin.dll - ok

14:29:32.0267 3912 [ E79FDA8D320147FDC347C504B3487F87 ] C:\Windows\System32\spoolss.dll

14:29:32.0267 3912 C:\Windows\System32\spoolss.dll - ok

14:29:32.0283 3912 [ 7605C0E1D01A08F3ECD743F38B834A44 ] C:\Windows\System32\drivers\srvnet.sys

14:29:32.0283 3912 C:\Windows\System32\drivers\srvnet.sys - ok

14:29:32.0283 3912 [ 14E4470BF8ACA69A85D741BA99F75F96 ] C:\Windows\System32\EhStorShell.dll

14:29:32.0283 3912 C:\Windows\System32\EhStorShell.dll - ok

14:29:32.0298 3912 [ B0D12F4344EB2AE96E487D2DF6F74413 ] C:\Windows\System32\FWPUCLNT.DLL

14:29:32.0298 3912 C:\Windows\System32\FWPUCLNT.DLL - ok

14:29:32.0314 3912 [ 111C47816F39A91EAAA18DA0A54E8E63 ] C:\Windows\System32\imageres.dll

14:29:32.0314 3912 C:\Windows\System32\imageres.dll - ok

14:29:32.0314 3912 [ A94AF354E4EA9C835DCF3E60EC75911C ] C:\Program Files\AVAST Software\Avast\defs\12110800\aswCmnOS.dll

14:29:32.0314 3912 C:\Program Files\AVAST Software\Avast\defs\12110800\aswCmnOS.dll - ok

14:29:32.0330 3912 [ F8AC522C1DAEED05BDA7C0E4E394BCD7 ] C:\Program Files\AVAST Software\Avast\defs\12110800\aswCmnIS.dll

14:29:32.0330 3912 C:\Program Files\AVAST Software\Avast\defs\12110800\aswCmnIS.dll - ok

14:29:32.0345 3912 [ 3D50C4B10352367D5CB20ED1F50F8DA2 ] C:\Windows\System32\taskeng.exe

14:29:32.0345 3912 C:\Windows\System32\taskeng.exe - ok

14:29:32.0361 3912 [ C0BAA16A618EBCFB86ED0FDED886506D ] C:\Program Files\AVAST Software\Avast\defs\12110800\aswCmnBS.dll

14:29:32.0361 3912 C:\Program Files\AVAST Software\Avast\defs\12110800\aswCmnBS.dll - ok

14:29:32.0361 3912 [ 9041584401F262A43D6F55534BFC2E26 ] C:\Program Files\AVAST Software\Avast\defs\12110800\aswScan.dll

14:29:32.0361 3912 C:\Program Files\AVAST Software\Avast\defs\12110800\aswScan.dll - ok

14:29:32.0376 3912 [ B18B7E8D7898C6814EA5C6E765C4DECC ] C:\Program Files\AVAST Software\Avast\defs\12110800\aswRep.dll

14:29:32.0376 3912 C:\Program Files\AVAST Software\Avast\defs\12110800\aswRep.dll - ok

14:29:32.0392 3912 [ 08578F3CA5365F896D90CE2BF97FD000 ] C:\Windows\System32\IconCodecService.dll

14:29:32.0392 3912 C:\Windows\System32\IconCodecService.dll - ok

14:29:32.0392 3912 [ 630BD4B02AD2B51EA281BF3B35746FD8 ] C:\Program Files\AVAST Software\Avast\defs\12110800\aswFiDb.dll

14:29:32.0392 3912 C:\Program Files\AVAST Software\Avast\defs\12110800\aswFiDb.dll - ok

14:29:32.0408 3912 [ 35F376253F687BDE63976CCB3F2108CA ] C:\Windows\System32\drivers\bowser.sys

14:29:32.0408 3912 C:\Windows\System32\drivers\bowser.sys - ok

14:29:32.0423 3912 [ 22241FEBA9B2DEFA669C8CB0A8DD7D2E ] C:\Windows\System32\drivers\mpsdrv.sys

14:29:32.0423 3912 C:\Windows\System32\drivers\mpsdrv.sys - ok

14:29:32.0439 3912 [ 82CEA0395524AACFEB58BA1448E8325C ] C:\Windows\System32\drivers\mrxdav.sys

14:29:32.0439 3912 C:\Windows\System32\drivers\mrxdav.sys - ok

14:29:32.0439 3912 [ 1E94971C4B446AB2290DEB71D01CF0C2 ] C:\Windows\System32\drivers\mrxsmb.sys

14:29:32.0439 3912 C:\Windows\System32\drivers\mrxsmb.sys - ok

14:29:32.0454 3912 [ 4FCCB34D793B116423209C0F8B7A3B03 ] C:\Windows\System32\drivers\mrxsmb10.sys

14:29:32.0454 3912 C:\Windows\System32\drivers\mrxsmb10.sys - ok

14:29:32.0470 3912 [ C3CB1B40AD4A0124D617A1199B0B9D7C ] C:\Windows\System32\drivers\mrxsmb20.sys

14:29:32.0470 3912 C:\Windows\System32\drivers\mrxsmb20.sys - ok

14:29:32.0470 3912 [ FF33AFF99564B1AA534F58868CBE41EF ] C:\Windows\System32\drivers\srv2.sys

14:29:32.0470 3912 C:\Windows\System32\drivers\srv2.sys - ok

14:29:32.0486 3912 [ 5DE62C6E9108F14F6794060A9BDECAEC ] C:\Windows\System32\MPSSVC.dll

14:29:32.0486 3912 C:\Windows\System32\MPSSVC.dll - ok

14:29:32.0501 3912 [ C3AE3711DE53226A1F530C880F93E459 ] C:\Program Files\AVAST Software\Avast\defs\12110800\algo.dll

14:29:32.0501 3912 C:\Program Files\AVAST Software\Avast\defs\12110800\algo.dll - ok

14:29:32.0517 3912 [ 41987F9FC0E61ADF54F581E15029AD91 ] C:\Windows\System32\drivers\srv.sys

14:29:32.0517 3912 C:\Windows\System32\drivers\srv.sys - ok

14:29:32.0517 3912 [ A324D72A06C110152E7607745F39BFA1 ] C:\Windows\System32\netmsg.dll

14:29:32.0517 3912 C:\Windows\System32\netmsg.dll - ok

14:29:32.0532 3912 [ D333058925CE305E39DE8D5AD2B52A46 ] C:\Windows\System32\clusapi.dll

14:29:32.0532 3912 C:\Windows\System32\clusapi.dll - ok

14:29:32.0548 3912 [ 452341E471D2D961229DFE0842957272 ] C:\Windows\System32\sscore.dll

14:29:32.0548 3912 C:\Windows\System32\sscore.dll - ok

14:29:32.0548 3912 [ 6468C3FF6D0C7874FA8C619AF3E23B22 ] C:\Windows\System32\activeds.dll

14:29:32.0548 3912 C:\Windows\System32\activeds.dll - ok

14:29:32.0564 3912 [ E9B9C1B98C8D6D48407E1C1203EAC659 ] C:\Windows\System32\adsldpc.dll

14:29:32.0564 3912 C:\Windows\System32\adsldpc.dll - ok

14:29:32.0579 3912 [ 93E317D7AD783D8EAEE2E3500BFE889D ] C:\Windows\System32\credui.dll

14:29:32.0579 3912 C:\Windows\System32\credui.dll - ok

14:29:32.0595 3912 [ B9F3FF52B84FD9E3CAFB29B8EE385E5B ] C:\Windows\System32\resutils.dll

14:29:32.0595 3912 C:\Windows\System32\resutils.dll - ok

14:29:32.0595 3912 [ 0745D6EAD386710110817FBEC03F5161 ] C:\Windows\System32\wfapigp.dll

14:29:32.0595 3912 C:\Windows\System32\wfapigp.dll - ok

14:29:32.0610 3912 [ 5F1DEC3824E566457F53F24F493FEF08 ] C:\Windows\System32\mscms.dll

14:29:32.0610 3912 C:\Windows\System32\mscms.dll - ok

14:29:32.0626 3912 [ 2DA45E274FCDFAC2F59EF5F555556335 ] C:\Program Files\AVAST Software\Avast\Setup\setiface.dll

14:29:32.0626 3912 C:\Program Files\AVAST Software\Avast\Setup\setiface.dll - ok

14:29:32.0626 3912 [ B11FDCA4410D6252964EF97F9A47DE74 ] C:\Windows\System32\TSChannel.dll

14:29:32.0626 3912 C:\Windows\System32\TSChannel.dll - ok

14:29:32.0642 3912 [ F02A533F517EB38333CB12A9E8963773 ] C:\Program Files\Google\Update\GoogleUpdate.exe

14:29:32.0642 3912 C:\Program Files\Google\Update\GoogleUpdate.exe - ok

14:29:32.0657 3912 [ 9FF47CD8A3787C8FD3CDFE40441C722E ] C:\Program Files\Google\Update\1.3.21.123\goopdate.dll

14:29:32.0657 3912 C:\Program Files\Google\Update\1.3.21.123\goopdate.dll - ok

14:29:32.0673 3912 [ 782C8019C89920A77B1907AD3B4C8FF9 ] C:\Windows\System32\HotStartUserAgent.dll

14:29:32.0673 3912 C:\Windows\System32\HotStartUserAgent.dll - ok

14:29:32.0673 3912 [ 57125869A7B9638A5D11DD685AA65EB4 ] C:\Windows\System32\PlaySndSrv.dll

14:29:32.0673 3912 C:\Windows\System32\PlaySndSrv.dll - ok

14:29:32.0688 3912 [ 293C5CCD99D332ECC94637FEDA38D1F2 ] C:\Windows\System32\TMM.dll

14:29:32.0688 3912 C:\Windows\System32\TMM.dll - ok

14:29:32.0704 3912 [ 43E1054C713C48D252A1826C5E14AACA ] C:\Windows\System32\MsCtfMonitor.dll

14:29:32.0704 3912 C:\Windows\System32\MsCtfMonitor.dll - ok

14:29:32.0704 3912 [ C6DA42ADA0C5FC8CB05744229D632B47 ] C:\Windows\System32\msutb.dll

14:29:32.0704 3912 C:\Windows\System32\msutb.dll - ok

14:29:32.0720 3912 [ 412C0E1B515AB44F45037CD495D6A1BE ] C:\Windows\System32\igfxTMM.dll

14:29:32.0720 3912 C:\Windows\System32\igfxTMM.dll - ok

14:29:32.0735 3912 [ A9542FF2E9A82CF100E5729EC79068F0 ] C:\Windows\System32\fltLib.dll

14:29:32.0735 3912 C:\Windows\System32\fltLib.dll - ok

14:29:32.0735 3912 [ 5FA711C78FCEB7BA5F34C31ADE5707AE ] C:\Program Files\AVAST Software\Avast\AhResBhv.dll

14:29:32.0735 3912 C:\Program Files\AVAST Software\Avast\AhResBhv.dll - ok

14:29:32.0751 3912 [ 710D1E35C7904F5B39FE46348DCF1141 ] C:\Program Files\AVAST Software\Avast\AhResJs.dll

14:29:32.0751 3912 C:\Program Files\AVAST Software\Avast\AhResJs.dll - ok

14:29:32.0766 3912 [ 9AD0825D4E06E4059D4B60656CDEB2B5 ] C:\Program Files\AVAST Software\Avast\AhResMai.dll

14:29:32.0766 3912 C:\Program Files\AVAST Software\Avast\AhResMai.dll - ok

14:29:32.0782 3912 [ 5C1D7208E37719966FDC447D135EEADD ] C:\Program Files\AVAST Software\Avast\AhResMes.dll

14:29:32.0782 3912 C:\Program Files\AVAST Software\Avast\AhResMes.dll - ok

14:29:32.0782 3912 [ 51A5228A3A5888C916F3DF20075A0873 ] C:\Program Files\AVAST Software\Avast\AhResNS.dll

14:29:32.0782 3912 C:\Program Files\AVAST Software\Avast\AhResNS.dll - ok

14:29:32.0798 3912 [ 0FD1252CB6091D4B2C4DA60BCAED8E7A ] C:\Program Files\AVAST Software\Avast\AhResP2P.dll

14:29:32.0798 3912 C:\Program Files\AVAST Software\Avast\AhResP2P.dll - ok

14:29:32.0813 3912 [ BB3972C96FC1FECEECA79E81433E6BE1 ] C:\Program Files\AVAST Software\Avast\AhResStd.dll

14:29:32.0813 3912 C:\Program Files\AVAST Software\Avast\AhResStd.dll - ok

14:29:32.0813 3912 [ 0E6BC5D5EBE89CA95D29963DE785277A ] C:\Program Files\AVAST Software\Avast\AhResWS.dll

14:29:32.0813 3912 C:\Program Files\AVAST Software\Avast\AhResWS.dll - ok

14:29:32.0829 3912 [ 72A7C1EC4D3BF38CB115395AD721AE3C ] C:\Program Files\AVAST Software\Avast\defs\12110800\ArPot.dll

14:29:32.0829 3912 C:\Program Files\AVAST Software\Avast\defs\12110800\ArPot.dll - ok

14:29:32.0844 3912 [ BDE89AB6F15F0093A2A7861D1FC413ED ] C:\Windows\System32\QAGENT.DLL

14:29:32.0844 3912 C:\Windows\System32\QAGENT.DLL - ok

14:29:32.0860 3912 [ CFB3EEDF620E7F32464A3091BA76D5E8 ] C:\Program Files\AVAST Software\Avast\defs\12110800\exts.dll

14:29:32.0860 3912 C:\Program Files\AVAST Software\Avast\defs\12110800\exts.dll - ok

14:29:32.0876 3912 [ 769D027B977CED05658C85E698D3C5B1 ] C:\Windows\System32\QUTIL.DLL

14:29:32.0876 3912 C:\Windows\System32\QUTIL.DLL - ok

14:29:32.0876 3912 [ D03A96E15F4CD81467D686B2C7C14A15 ] C:\Program Files\AVAST Software\Avast\ashMaiSv.dll

14:29:32.0876 3912 C:\Program Files\AVAST Software\Avast\ashMaiSv.dll - ok

14:29:32.0891 3912 [ 949099E7F5D1B29751D3408B945CCBA6 ] C:\Program Files\AVAST Software\Avast\ashWebSv.dll

14:29:32.0891 3912 C:\Program Files\AVAST Software\Avast\ashWebSv.dll - ok

14:29:32.0907 3912 [ C411C80F90D6732380352B98B37BBD53 ] C:\Windows\System32\winrnr.dll

14:29:32.0907 3912 C:\Windows\System32\winrnr.dll - ok

14:29:32.0907 3912 [ A7D525E5C0D91C8C1D84C6BCD25AD77D ] C:\Windows\System32\rasadhlp.dll

14:29:32.0907 3912 C:\Windows\System32\rasadhlp.dll - ok

14:29:32.0922 3912 [ 0A990AFB9F2726323D61C8ECB8B70B17 ] C:\Windows\System32\security.dll

14:29:32.0922 3912 C:\Windows\System32\security.dll - ok

14:29:32.0938 3912 [ 02DC44E875D05ADEFF52E06612A6A15F ] C:\Program Files\AVAST Software\Avast\ashWsFtr.dll

14:29:32.0938 3912 C:\Program Files\AVAST Software\Avast\ashWsFtr.dll - ok

14:29:32.0938 3912 [ AE5A69F44C1F97EDC83237FC0B29B6FB ] C:\Program Files\Google\Update\1.3.21.123\GoogleCrashHandler.exe

14:29:32.0938 3912 C:\Program Files\Google\Update\1.3.21.123\GoogleCrashHandler.exe - ok

14:29:32.0954 3912 [ 87F664BF0B8728382D03B2126127DC98 ] C:\Program Files\AVAST Software\Avast\defs\12110800\aswAR.dll

14:29:32.0954 3912 C:\Program Files\AVAST Software\Avast\defs\12110800\aswAR.dll - ok

14:29:32.0969 3912 [ 73FD66B14D3C4252F7A524B8836A4359 ] C:\Windows\System32\mstask.dll

14:29:32.0969 3912 C:\Windows\System32\mstask.dll - ok

14:29:32.0985 3912 [ 0D0FA4434A9434641AB0A6332AC5560A ] C:\Program Files\AVAST Software\Avast\defs\12110800\aswRawFS.dll

14:29:32.0985 3912 C:\Program Files\AVAST Software\Avast\defs\12110800\aswRawFS.dll - ok

14:29:32.0985 3912 [ 03CF68DDE2311640AB2723B3AAFE16D9 ] C:\Program Files\AVAST Software\Avast\Setup\avast.setup

14:29:32.0985 3912 C:\Program Files\AVAST Software\Avast\Setup\avast.setup - ok

14:29:33.0000 3912 [ 80BD4B26E2CBC0D65445D0463DFF6FC2 ] C:\Windows\System32\oledlg.dll

14:29:33.0000 3912 C:\Windows\System32\oledlg.dll - ok

14:29:33.0016 3912 [ 5EC8FB83F31AA2D6F421F02C3F4F4475 ] C:\Windows\System32\winspool.drv

14:29:33.0016 3912 C:\Windows\System32\winspool.drv - ok

14:29:33.0016 3912 [ FD647CA82ACF232DBE5F20345647B948 ] C:\Windows\AppPatch\AcGenral.dll

14:29:33.0016 3912 C:\Windows\AppPatch\AcGenral.dll - ok

14:29:33.0032 3912 [ F4E1AA5D59C849A4AB47E895DC76B9C8 ] C:\Windows\System32\sfc.dll

14:29:33.0032 3912 C:\Windows\System32\sfc.dll - ok

14:29:33.0047 3912 [ 12BCF4DAD8E5A1B3D5FA7AB4A79DA105 ] C:\Windows\System32\sfc_os.dll

14:29:33.0047 3912 C:\Windows\System32\sfc_os.dll - ok

14:29:33.0047 3912 [ EC760B0B76A4353DE49D66520EB2141F ] C:\Windows\System32\SensApi.dll

14:29:33.0047 3912 C:\Windows\System32\SensApi.dll - ok

14:29:33.0063 3912 [ 254AC97C9AF4DDF3F5F57855198527B7 ] C:\Windows\System32\wermgr.exe

14:29:33.0063 3912 C:\Windows\System32\wermgr.exe - ok

14:29:33.0078 3912 [ 8BE000F9A0B0FF7194AAEFB02C9BDE99 ] C:\Windows\System32\wer.dll

14:29:33.0078 3912 C:\Windows\System32\wer.dll - ok

14:29:33.0094 3912 [ 01E81C84AD1D0ACC61CF3CFD06632210 ] C:\Program Files\SUPERAntiSpyware\SASCore.exe

14:29:33.0094 3912 C:\Program Files\SUPERAntiSpyware\SASCore.exe - ok

14:29:33.0094 3912 [ 39E435C90C9C4F780FA0ED05CA3C3A1B ] C:\Windows\System32\agrsmsvc.exe

14:29:33.0094 3912 C:\Windows\System32\agrsmsvc.exe - ok

14:29:33.0110 3912 [ BF899F57858B8C6F162D9EEB2370641C ] C:\Windows\System32\wercon.exe

14:29:33.0110 3912 C:\Windows\System32\wercon.exe - ok

14:29:33.0125 3912 [ 3845B6555DE995F6C0C07AE2ABCC0532 ] C:\Acer\ALaunch\ALaunchSvc.exe

14:29:33.0125 3912 C:\Acer\ALaunch\ALaunchSvc.exe - ok

14:29:33.0141 3912 [ 128DD9AF8640DBCC711940903C8B554F ] C:\Windows\System32\mscoree.dll

14:29:33.0141 3912 C:\Windows\System32\mscoree.dll - ok

14:29:33.0141 3912 [ C9564CF4976E7E96B4052737AA2492B4 ] C:\Windows\winsxs\x86_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.6195_none_d09154e044272b9a\msvcr80.dll

14:29:33.0141 3912 C:\Windows\winsxs\x86_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.6195_none_d09154e044272b9a\msvcr80.dll - ok

14:29:33.0156 3912 [ 1D109ED0D660654EA7FF1574558031C4 ] C:\Windows\winsxs\x86_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.6195_none_d09154e044272b9a\msvcm80.dll

14:29:33.0156 3912 C:\Windows\winsxs\x86_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.6195_none_d09154e044272b9a\msvcm80.dll - ok

14:29:33.0172 3912 [ D6804F089CBB6749E95124E7C4D80900 ] C:\Windows\AppPatch\AcLayers.dll

14:29:33.0172 3912 C:\Windows\AppPatch\AcLayers.dll - ok

14:29:33.0188 3912 [ F5DF6846F30E9F54EA60CCAEB3FB2055 ] C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscoreei.dll

14:29:33.0188 3912 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscoreei.dll - ok

14:29:33.0188 3912 [ C42AE64F5DB6BC5E947B7E3E1B1E633E ] C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorwks.dll

14:29:33.0188 3912 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorwks.dll - ok

14:29:33.0203 3912 [ 015A9D857726C083144CA352A273378A ] C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\af9c9e9d7e0523cd444f8b551baa9cbf\mscorlib.ni.dll

14:29:33.0203 3912 C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\af9c9e9d7e0523cd444f8b551baa9cbf\mscorlib.ni.dll - ok

14:29:33.0219 3912 [ 3787A4BC97CE6C630F4B581425223D96 ] C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorjit.dll

14:29:33.0219 3912 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorjit.dll - ok

14:29:33.0219 3912 [ 1E03BABB4D6CA5C27BD2C822F7F95788 ] C:\Windows\assembly\NativeImages_v2.0.50727_32\System\28d633338fc8d29f8af31935ef7d001b\System.ni.dll

14:29:33.0219 3912 C:\Windows\assembly\NativeImages_v2.0.50727_32\System\28d633338fc8d29f8af31935ef7d001b\System.ni.dll - ok

14:29:33.0234 3912 [ 708A3BBDBFF717F678B64854B7BAF9D3 ] C:\Windows\assembly\NativeImages_v2.0.50727_32\System.ServiceProce#\8bbcd31ecc8edc7d1f9cdd83ef2bb2d3\System.ServiceProcess.ni.dll

14:29:33.0234 3912 C:\Windows\assembly\NativeImages_v2.0.50727_32\System.ServiceProce#\8bbcd31ecc8edc7d1f9cdd83ef2bb2d3\System.ServiceProcess.ni.dll - ok

14:29:33.0250 3912 [ 2A85D608A484DFE7EAC7B9CAE089BF73 ] C:\Program Files\Acer\Acer Arcade\Kernel\TV\CLCapSvc.exe

14:29:33.0250 3912 C:\Program Files\Acer\Acer Arcade\Kernel\TV\CLCapSvc.exe - ok

14:29:33.0266 3912 [ 5CAD3395A4720BF735836D125297229A ] C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Remo#\846b9cf2756fdd15f704c9bab9c70b6f\System.Runtime.Remoting.ni.dll

14:29:33.0266 3912 C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Remo#\846b9cf2756fdd15f704c9bab9c70b6f\System.Runtime.Remoting.ni.dll - ok

14:29:33.0266 3912 [ 48F25FC1B2796CDA2AEEFFE560666055 ] C:\Program Files\Acer\Acer Arcade\Kernel\CLML_NTService\CLMLServer.exe

14:29:33.0266 3912 C:\Program Files\Acer\Acer Arcade\Kernel\CLML_NTService\CLMLServer.exe - ok

14:29:33.0281 3912 [ 4E39A623E762CB08AD0308F2A1858086 ] C:\Acer\ALaunch\alaunchinterface.dll

14:29:33.0281 3912 C:\Acer\ALaunch\alaunchinterface.dll - ok

14:29:33.0297 3912 [ 9F75DFCAFFACCD99F9854FAB0AA1BC7F ] C:\Program Files\Acer\Acer Arcade\Kernel\TV\CLCapEngine.dll

14:29:33.0297 3912 C:\Program Files\Acer\Acer Arcade\Kernel\TV\CLCapEngine.dll - ok

14:29:33.0312 3912 [ 2310A32BB0164552A311BFA02102A3D6 ] C:\Windows\System32\msvcp60.dll

14:29:33.0312 3912 C:\Windows\System32\msvcp60.dll - ok

14:29:33.0312 3912 [ 17FC3EDA0162F513E858B8C8FA7FA6E0 ] C:\Windows\System32\vssapi.dll

14:29:33.0312 3912 C:\Windows\System32\vssapi.dll - ok

14:29:33.0328 3912 [ DC3AE9F1554DCD97F90983DDBDACD83D ] C:\Windows\System32\vsstrace.dll

14:29:33.0328 3912 C:\Windows\System32\vsstrace.dll - ok

14:29:33.0344 3912 [ 790222D6CCFC576F0D07D418E6115D85 ] C:\Program Files\Windows Calendar\WinCal.exe

14:29:33.0344 3912 C:\Program Files\Windows Calendar\WinCal.exe - ok

14:29:33.0344 3912 [ EF24642D5FB52A1EEF56DE9E47CBB993 ] C:\Windows\System32\mfc42.dll

14:29:33.0344 3912 C:\Windows\System32\mfc42.dll - ok

14:29:33.0359 3912 [ 862363973DCBCC31DD161EF41A69153C ] C:\Windows\System32\odbc32.dll

14:29:33.0359 3912 C:\Windows\System32\odbc32.dll - ok

14:29:33.0375 3912 [ 09469B8EDD2755143FDA06867AAD7E73 ] C:\Windows\System32\cryptnet.dll

14:29:33.0375 3912 C:\Windows\System32\cryptnet.dll - ok

14:29:33.0375 3912 [ 50ABE7CDA2DAE898216121D14092C182 ] C:\Windows\System32\WMVCORE.DLL

14:29:33.0375 3912 C:\Windows\System32\WMVCORE.DLL - ok

14:29:33.0390 3912 [ 0DAAF8032546D1B4543D7B101B53FD6C ] C:\Windows\System32\odbcint.dll

14:29:33.0390 3912 C:\Windows\System32\odbcint.dll - ok

14:29:33.0406 3912 [ 36CCD8A79539C4ACE3BABE09C2CFBA16 ] C:\Windows\System32\WMASF.DLL

14:29:33.0406 3912 C:\Windows\System32\WMASF.DLL - ok

14:29:33.0422 3912 [ D86F329C63BDE78751B2F7EF352EB222 ] C:\Program Files\Acer\Acer Arcade\Kernel\TV\PCMRRec4.dll

14:29:33.0422 3912 C:\Program Files\Acer\Acer Arcade\Kernel\TV\PCMRRec4.dll - ok

14:29:33.0437 3912 [ F54907AA07F60AFF81E1E09E97AF98B0 ] C:\Acer\Empowering Technology\eDataSecurity\eDSService.exe

14:29:33.0437 3912 C:\Acer\Empowering Technology\eDataSecurity\eDSService.exe - ok

14:29:33.0437 3912 [ 3606CE1AC3D6A9A9CB7DB35D7F5C54EC ] C:\Windows\System32\shfolder.dll

14:29:33.0437 3912 C:\Windows\System32\shfolder.dll - ok

14:29:33.0453 3912 [ 6950BBCEB21F9C3CB3B52E90960109C3 ] C:\Windows\System32\devenum.dll

14:29:33.0453 3912 C:\Windows\System32\devenum.dll - ok

14:29:33.0468 3912 [ 52E129522C1775DBB8CC252E7A0655C7 ] C:\Windows\System32\taskschd.dll

14:29:33.0468 3912 C:\Windows\System32\taskschd.dll - ok

14:29:33.0468 3912 [ 928C90E02E05244D2290C1551DF732C8 ] C:\Windows\System32\avicap32.dll

14:29:33.0468 3912 C:\Windows\System32\avicap32.dll - ok

14:29:33.0484 3912 [ B8AEFF80ABD57E6ABC6A46EAC7F4515F ] C:\Windows\System32\msdmo.dll

14:29:33.0484 3912 C:\Windows\System32\msdmo.dll - ok

14:29:33.0500 3912 [ 36B091CB0B6FDBE01DF37425014B2BB2 ] C:\Windows\System32\PSDUtil.dll

14:29:33.0500 3912 C:\Windows\System32\PSDUtil.dll - ok

14:29:33.0500 3912 [ EACACA0F2FF4CC54A909E3C5721FCDE8 ] C:\Windows\System32\msvfw32.dll

14:29:33.0500 3912 C:\Windows\System32\msvfw32.dll - ok

14:29:33.0515 3912 [ DF53B8BD2C2D86E8CFEB4BB488B5EA37 ] C:\Windows\System32\CryptoAPI.dll

14:29:33.0515 3912 C:\Windows\System32\CryptoAPI.dll - ok

14:29:33.0531 3912 [ 2FB1494C450FB7B0C350492ACC24607D ] C:\Windows\System32\sysenv.dll

14:29:33.0531 3912 C:\Windows\System32\sysenv.dll - ok

14:29:33.0531 3912 [ FB5383BFD4DEC6792AAEF76C9343ECFF ] C:\Acer\Empowering Technology\eLock\Service\eLockServ.exe

14:29:33.0531 3912 C:\Acer\Empowering Technology\eLock\Service\eLockServ.exe - ok

14:29:33.0546 3912 [ 741FF64FC61769C18B949E86FD96CD82 ] C:\Acer\Empowering Technology\eLock\Service\eLock.Serv.Main.dll

14:29:33.0546 3912 C:\Acer\Empowering Technology\eLock\Service\eLock.Serv.Main.dll - ok

14:29:33.0562 3912 [ 503A72D3B29427A80C610C92163830E7 ] C:\Acer\Empowering Technology\eLock\Service\eLock.Serv.Interface.dll

14:29:33.0562 3912 C:\Acer\Empowering Technology\eLock\Service\eLock.Serv.Interface.dll - ok

14:29:33.0578 3912 [ 9C37157E995C4F14112B437FBC445B88 ] C:\Acer\Empowering Technology\eLock\Service\eLock.Serv.Library.dll

14:29:33.0578 3912 C:\Acer\Empowering Technology\eLock\Service\eLock.Serv.Library.dll - ok

14:29:33.0593 3912 [ E7D0F91E44D9D3B2116FA549BDCDB756 ] C:\Windows\System32\wdscore.dll

14:29:33.0593 3912 C:\Windows\System32\wdscore.dll - ok

14:29:33.0609 3912 [ 9316C26F089CF2CEA2BD1496AC9F38A4 ] C:\Acer\Empowering Technology\eNet\eNet Service.exe

14:29:33.0609 3912 C:\Acer\Empowering Technology\eNet\eNet Service.exe - ok

14:29:33.0609 3912 [ 7ADD03E75BEB9E6DD102C3081D29840A ] C:\Windows\System32\drivers\cdfs.sys

14:29:33.0609 3912 C:\Windows\System32\drivers\cdfs.sys - ok

14:29:33.0624 3912 [ 0B3595A4FF0B36D68E5FC67FD7D70FDC ] C:\Windows\winsxs\x86_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.6195_none_d09154e044272b9a\msvcp80.dll

14:29:33.0624 3912 C:\Windows\winsxs\x86_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.6195_none_d09154e044272b9a\msvcp80.dll - ok

14:29:33.0640 3912 [ 6ABD253226770EAE1292B4C945ED4B4B ] C:\Windows\System32\msxml3.dll

14:29:33.0640 3912 C:\Windows\System32\msxml3.dll - ok

14:29:33.0640 3912 [ 9D64201C9E5AC8D1F088762BA00FF3AB ] C:\Acer\Empowering Technology\eRecovery\int15.sys

14:29:33.0640 3912 C:\Acer\Empowering Technology\eRecovery\int15.sys - ok

14:29:33.0656 3912 [ 84E951281677788DB8FD9D0A669A8E0F ] C:\Acer\Empowering Technology\eNet\eNetServiceInterface.dll

14:29:33.0656 3912 C:\Acer\Empowering Technology\eNet\eNetServiceInterface.dll - ok

14:29:33.0671 3912 [ AD48183027CAFCEBC322CB9CAC60F9B8 ] C:\Windows\System32\WSDApi.dll

14:29:33.0671 3912 C:\Windows\System32\WSDApi.dll - ok

14:29:33.0687 3912 [ 1A09CB187440993FA5E24DE1EEB7B916 ] C:\Windows\System32\cfgmgr32.dll

14:29:33.0687 3912 C:\Windows\System32\cfgmgr32.dll - ok

14:29:33.0687 3912 [ 4EDA94333BDB75B1BC0A7610BED34F00 ] C:\Windows\System32\fundisc.dll

14:29:33.0687 3912 C:\Windows\System32\fundisc.dll - ok

14:29:33.0702 3912 [ D9011D2091C6B037A5075C27A470188C ] C:\Windows\System32\httpapi.dll

14:29:33.0702 3912 C:\Windows\System32\httpapi.dll - ok

14:29:33.0718 3912 [ 21F3375B9EBC457AE0053755D21FA547 ] C:\Windows\System32\tzres.dll

14:29:33.0718 3912 C:\Windows\System32\tzres.dll - ok

14:29:33.0718 3912 [ 793FF718477345CD5D232C50BED1E452 ] C:\Program Files\Common Files\LightScribe\LSSrvc.exe

14:29:33.0718 3912 C:\Program Files\Common Files\LightScribe\LSSrvc.exe - ok

14:29:33.0734 3912 [ D7EB32B51B7472FBEE86BFA47B3C4BC5 ] C:\Program Files\Common Files\LightScribe\LSSProxy.dll

14:29:33.0734 3912 C:\Program Files\Common Files\LightScribe\LSSProxy.dll - ok

14:29:33.0749 3912 [ 0EE266A90D43E82A07CF33755D6DE1CC ] C:\Program Files\Common Files\LightScribe\LSLog.dll

14:29:33.0749 3912 C:\Program Files\Common Files\LightScribe\LSLog.dll - ok

14:29:33.0765 3912 [ E6CB119EF2E148EAA1A247343550756E ] C:\Program Files\Common Files\Motive\McciCMService.exe

14:29:33.0765 3912 C:\Program Files\Common Files\Motive\McciCMService.exe - ok

14:29:33.0765 3912 [ 0CEA2D0D3FA284B85ED5B68365114F76 ] C:\Windows\System32\drivers\mdmxsdk.sys

14:29:33.0765 3912 C:\Windows\System32\drivers\mdmxsdk.sys - ok

14:29:33.0780 3912 [ 842684E0DF20A59E293DA1C6F0DFE261 ] C:\Acer\Mobility Center\MobilityService.exe

14:29:33.0780 3912 C:\Acer\Mobility Center\MobilityService.exe - ok

14:29:33.0796 3912 [ F4D9ED6BD74AD7CC0BEC83C43A1CB76B ] C:\Windows\System32\ncsi.dll

14:29:33.0796 3912 C:\Windows\System32\ncsi.dll - ok

14:29:33.0796 3912 [ 6349F6ED9C623B44B52EA3C63C831A92 ] C:\Windows\System32\drivers\PEAuth.sys

14:29:33.0796 3912 C:\Windows\System32\drivers\PEAuth.sys - ok

14:29:33.0812 3912 [ 8B1168B99469417B1DAF34ED733BE4CA ] C:\Acer\Mobility Center\CompileMOF.exe

14:29:33.0812 3912 C:\Acer\Mobility Center\CompileMOF.exe - ok

14:29:33.0827 3912 [ 30A8C2FBE6A8585A4A7151EDF1F61F79 ] C:\Acer\Mobility Center\MobilityInterface.dll

14:29:33.0827 3912 C:\Acer\Mobility Center\MobilityInterface.dll - ok

14:29:33.0843 3912 [ 01BCD91CC2B0EFDA4890F547010750BD ] C:\Windows\System32\ssdpapi.dll

14:29:33.0843 3912 C:\Windows\System32\ssdpapi.dll - ok

14:29:33.0843 3912 [ 90A3935D05B494A5A39D37E71F09A677 ] C:\Windows\System32\drivers\secdrv.sys

14:29:33.0843 3912 C:\Windows\System32\drivers\secdrv.sys - ok

14:29:33.0858 3912 [ D0494460421A03CD5225CCA0059AA146 ] C:\Windows\System32\IPSECSVC.DLL

14:29:33.0858 3912 C:\Windows\System32\IPSECSVC.DLL - ok

14:29:33.0874 3912 [ 608C345A255D82A6289C2D468EB41FD7 ] C:\Windows\System32\drivers\tcpipreg.sys

14:29:33.0874 3912 C:\Windows\System32\drivers\tcpipreg.sys - ok

14:29:33.0890 3912 [ DF6196C462DB303990460379850CD19D ] C:\Acer\Mobility Center\msvcr80d.dll

14:29:33.0890 3912 C:\Acer\Mobility Center\msvcr80d.dll - ok

14:29:33.0890 3912 [ E91A1B50D762A66A3C37449CFA5E4420 ] C:\Acer\Mobility Center\msvcm80d.dll

14:29:33.0890 3912 C:\Acer\Mobility Center\msvcm80d.dll - ok

14:29:33.0905 3912 [ 74B8C2EA72D43727142D12397D5A49F9 ] C:\Windows\System32\wbemcomn.dll

14:29:33.0905 3912 C:\Windows\System32\wbemcomn.dll - ok

14:29:33.0921 3912 [ 1F18B9EA1BBFF033413414C3BEA13AD6 ] C:\Windows\System32\wbem\WinMgmtR.dll

14:29:33.0921 3912 C:\Windows\System32\wbem\WinMgmtR.dll - ok

14:29:33.0936 3912 [ 2205A220A264E8C8B86492BF3D112907 ] C:\Windows\System32\PortableDeviceApi.dll

14:29:33.0936 3912 C:\Windows\System32\PortableDeviceApi.dll - ok

14:29:33.0936 3912 [ DEB9D08750423069647C3A066CEC7A1B ] C:\Windows\System32\tquery.dll

14:29:33.0936 3912 C:\Windows\System32\tquery.dll - ok

14:29:33.0952 3912 [ B53BD9E63867CD9FD853F666CA172713 ] C:\Windows\System32\PortableDeviceConnectApi.dll

14:29:33.0952 3912 C:\Windows\System32\PortableDeviceConnectApi.dll - ok

14:29:33.0968 3912 [ 0C84B6AFFA7486422235584110D7176F ] C:\Windows\System32\icaapi.dll

14:29:33.0968 3912 C:\Windows\System32\icaapi.dll - ok

14:29:33.0968 3912 [ 428FF21418ADCD6FAD6189CD9520A67B ] C:\Windows\System32\wiatrace.dll

14:29:33.0968 3912 C:\Windows\System32\wiatrace.dll - ok

14:29:33.0983 3912 [ 13B5F255E90624A5BA0441D39CFB6BE2 ] C:\Windows\System32\drivers\WUDFPf.sys

14:29:33.0983 3912 C:\Windows\System32\drivers\WUDFPf.sys - ok

14:29:33.0999 3912 [ AC13CB789D93412106B0FB6C7EB2BCB6 ] C:\Windows\System32\drivers\WUDFRd.sys

14:29:33.0999 3912 C:\Windows\System32\drivers\WUDFRd.sys - ok

14:29:33.0999 3912 [ 42608AE9AF2641EE473A1797C25CFFC2 ] C:\Windows\System32\FwRemoteSvr.dll

14:29:33.0999 3912 C:\Windows\System32\FwRemoteSvr.dll - ok

14:29:34.0014 3912 [ 09C7859269563C240AB2AAAB574483DD ] C:\Windows\System32\WUDFHost.exe

14:29:34.0014 3912 C:\Windows\System32\WUDFHost.exe - ok

Share this post


Link to post
Share on other sites

14:29:34.0030 3912 [ 4DBA143F06BAD1DF935CB9603140CF2A ] C:\Windows\System32\wsdchngr.dll

14:29:34.0030 3912 C:\Windows\System32\wsdchngr.dll - ok

14:29:34.0046 3912 [ 218B73EA8341EA9FDF018D43052E790A ] C:\Windows\System32\mssrch.dll

14:29:34.0046 3912 C:\Windows\System32\mssrch.dll - ok

14:29:34.0046 3912 [ AAB5FEAABF4CB6F76D794203831C8D94 ] C:\Windows\System32\msidle.dll

14:29:34.0046 3912 C:\Windows\System32\msidle.dll - ok

14:29:34.0061 3912 [ 4B72B5B342ADA4DE8DEEA39CCE465B58 ] C:\Windows\System32\WUDFx.dll

14:29:34.0061 3912 C:\Windows\System32\WUDFx.dll - ok

14:29:34.0077 3912 [ 2E579520E114A9CA309F13BF40AD8292 ] C:\Windows\System32\drivers\XAudio.sys

14:29:34.0077 3912 C:\Windows\System32\drivers\XAudio.sys - ok

14:29:34.0077 3912 [ 119A487B94FCB54D5154EBFBFA124755 ] C:\Windows\System32\drivers\UMDF\WpdFs.dll

14:29:34.0077 3912 C:\Windows\System32\drivers\UMDF\WpdFs.dll - ok

14:29:34.0092 3912 [ B458B58F7BB97C48D01AC3CF5805AAAC ] C:\Windows\System32\Query.dll

14:29:34.0092 3912 C:\Windows\System32\Query.dll - ok

14:29:34.0108 3912 [ F82FC2C30A19442B95AE554215837C46 ] C:\Windows\System32\drivers\XAudio.exe

14:29:34.0108 3912 C:\Windows\System32\drivers\XAudio.exe - ok

14:29:34.0108 3912 [ B2B117BD8D1EA80536CDD91797EF4A0A ] C:\Windows\System32\PortableDeviceClassExtension.dll

14:29:34.0108 3912 C:\Windows\System32\PortableDeviceClassExtension.dll - ok

14:29:34.0124 3912 [ 883D02AB5D350BC45E0F60E8CFA97FDC ] C:\Windows\System32\PortableDeviceTypes.dll

14:29:34.0124 3912 C:\Windows\System32\PortableDeviceTypes.dll - ok

14:29:34.0139 3912 [ DD0042F0C3B606A6A8B92D49AFB18AD6 ] C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe

14:29:34.0139 3912 C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe - ok

14:29:34.0139 3912 [ B8A21907FE2F1A113F3487D9AB60BEF9 ] C:\Windows\System32\en-US\tquery.dll.mui

14:29:34.0139 3912 C:\Windows\System32\en-US\tquery.dll.mui - ok

14:29:34.0155 3912 [ 22DC784B32BEE306A99F50D6DC2460BC ] C:\Windows\System32\esent.dll

14:29:34.0155 3912 C:\Windows\System32\esent.dll - ok

14:29:34.0170 3912 [ F85134BF76CB335A39F8D7BC4173D4FB ] C:\Windows\System32\msscb.dll

14:29:34.0170 3912 C:\Windows\System32\msscb.dll - ok

14:29:34.0170 3912 [ 746724540BD4B618B89F8A614A02F50D ] C:\Program Files\Acer\Acer Arcade\Kernel\TV\CLSched.exe

14:29:34.0186 3912 C:\Program Files\Acer\Acer Arcade\Kernel\TV\CLSched.exe - ok

14:29:34.0202 3912 [ 28B3D45B0CB49F24157E92D90BF343C1 ] C:\Program Files\Acer\Acer Arcade\Kernel\TV\CLCapSvcps.dll

14:29:34.0202 3912 C:\Program Files\Acer\Acer Arcade\Kernel\TV\CLCapSvcps.dll - ok

14:29:34.0202 3912 [ 3D184410EF5EE017E186AC96181B3FF8 ] C:\Acer\Empowering Technology\eRecovery\eRecoveryService.exe

14:29:34.0202 3912 C:\Acer\Empowering Technology\eRecovery\eRecoveryService.exe - ok

14:29:34.0217 3912 [ 6B46E837EC3FF448A0665DC86C5208DC ] C:\Acer\Empowering Technology\eRecovery\ServiceInterface.dll

14:29:34.0217 3912 C:\Acer\Empowering Technology\eRecovery\ServiceInterface.dll - ok

14:29:34.0233 3912 [ 237C6256B2E4D3015E4F42F4A6539784 ] C:\Program Files\Acer\Acer Arcade\Kernel\TV\CLSchMgr.dll

14:29:34.0233 3912 C:\Program Files\Acer\Acer Arcade\Kernel\TV\CLSchMgr.dll - ok

14:29:34.0233 3912 [ DADAD303DC0871591997A05CAAB891AE ] C:\Acer\Empowering Technology\eRecovery\IERYETF.dll

14:29:34.0233 3912 C:\Acer\Empowering Technology\eRecovery\IERYETF.dll - ok

14:29:34.0248 3912 [ DCA768724878D1177034691517EF9B91 ] C:\Acer\Empowering Technology\eSettings\Service\capuserv.exe

14:29:34.0248 3912 C:\Acer\Empowering Technology\eSettings\Service\capuserv.exe - ok

14:29:34.0264 3912 [ 5F3BD963F02108C36592B5728FA725C5 ] C:\Acer\Empowering Technology\eSettings\Service\log4net.dll

14:29:34.0264 3912 C:\Acer\Empowering Technology\eSettings\Service\log4net.dll - ok

14:29:34.0280 3912 [ B8876BBA284DFEC2311D7694483AB8AE ] C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\bd76aaaa03ddc15d1840207b5a480644\System.Configuration.ni.dll

14:29:34.0280 3912 C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\bd76aaaa03ddc15d1840207b5a480644\System.Configuration.ni.dll - ok

14:29:34.0280 3912 [ 99495E46CBF87F1C1FF3E57C069D0A8D ] C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml\d2630342a066a7cb9056d9eb6157687a\System.Xml.ni.dll

14:29:34.0280 3912 C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml\d2630342a066a7cb9056d9eb6157687a\System.Xml.ni.dll - ok

14:29:34.0295 3912 [ 2EF3BBE22E5A5ACD1428EE387A0D0172 ] C:\Windows\System32\netprofm.dll

14:29:34.0295 3912 C:\Windows\System32\netprofm.dll - ok

14:29:34.0311 3912 [ 2CEC6C4F56DA7EE2A3AA0FBEFEA8F6CC ] C:\Acer\Empowering Technology\eSettings\Service\esettings.model.computer.dll

14:29:34.0311 3912 C:\Acer\Empowering Technology\eSettings\Service\esettings.model.computer.dll - ok

14:29:34.0326 3912 [ EE80AC462A171DBF06EEB2058B5D3BC6 ] C:\Acer\Empowering Technology\ePower\ePowerSvc.exe

14:29:34.0326 3912 C:\Acer\Empowering Technology\ePower\ePowerSvc.exe - ok

14:29:34.0326 3912 [ C5333E9A6992EB4BD5D2592EFC0DCC03 ] C:\Acer\Empowering Technology\eSettings\Service\esettings.model.computerinterfaces.dll

14:29:34.0326 3912 C:\Acer\Empowering Technology\eSettings\Service\esettings.model.computerinterfaces.dll - ok

14:29:34.0342 3912 [ BF7E4D6F60A6D9E866432855C6F8C262 ] C:\Windows\System32\sqmapi.dll

14:29:34.0342 3912 C:\Windows\System32\sqmapi.dll - ok

14:29:34.0358 3912 [ DFCAB29E8FD38F95650CC1E203E8D318 ] C:\Windows\System32\npmproxy.dll

14:29:34.0358 3912 C:\Windows\System32\npmproxy.dll - ok

14:29:34.0358 3912 [ CAE6861B19A2A7E5D42FEFC4DFDF5CCF ] C:\Acer\Empowering Technology\ePower\msvcm80.dll

14:29:34.0358 3912 C:\Acer\Empowering Technology\ePower\msvcm80.dll - ok

14:29:34.0373 3912 [ 1D6B95871DC006190964B04E5657E35F ] C:\Windows\System32\rastapi.dll

14:29:34.0373 3912 C:\Windows\System32\rastapi.dll - ok

14:29:34.0389 3912 [ 5A6BFE723CF0E6E39021CDC01CA57EED ] C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Management\f3d4d5fe5ab848fbfcf91a49960dc8ae\System.Management.ni.dll

14:29:34.0389 3912 C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Management\f3d4d5fe5ab848fbfcf91a49960dc8ae\System.Management.ni.dll - ok

14:29:34.0404 3912 [ 442E9FBBEEBD916519D8381BC2F71EA9 ] C:\Acer\Empowering Technology\ePower\WMIInterface.dll

14:29:34.0404 3912 C:\Acer\Empowering Technology\ePower\WMIInterface.dll - ok

14:29:34.0404 3912 [ 35A936C7C029A5B705D3FFD40518D660 ] C:\Windows\Microsoft.NET\Framework\v2.0.50727\WMINet_Utils.dll

14:29:34.0404 3912 C:\Windows\Microsoft.NET\Framework\v2.0.50727\WMINet_Utils.dll - ok

14:29:34.0420 3912 [ A952D0DED445F26AEFCF593A935AB300 ] C:\Windows\System32\hnetcfg.dll

14:29:34.0420 3912 C:\Windows\System32\hnetcfg.dll - ok

14:29:34.0436 3912 [ 9FCDF2C23E3B7B0C6C9DD2E1D080058F ] C:\Acer\Empowering Technology\ePower\CompileMOF.exe

14:29:34.0436 3912 C:\Acer\Empowering Technology\ePower\CompileMOF.exe - ok

14:29:34.0436 3912 [ 30F0DC266B46118E9FBCF5B2A30EB1DB ] C:\Windows\System32\wbem\wbemprox.dll

14:29:34.0436 3912 C:\Windows\System32\wbem\wbemprox.dll - ok

14:29:34.0451 3912 [ B96B60EC821F86D445C9739A0F3DED59 ] C:\Windows\System32\unimdm.tsp

14:29:34.0451 3912 C:\Windows\System32\unimdm.tsp - ok

14:29:34.0467 3912 [ FC1EEE57EB9CD57279D70BA2A9131C38 ] C:\Windows\System32\wbem\wbemcore.dll

14:29:34.0467 3912 C:\Windows\System32\wbem\wbemcore.dll - ok

14:29:34.0482 3912 [ 2C3B09E586BDA2CC49A292BE7BADC589 ] C:\Windows\System32\wbem\wmiutils.dll

14:29:34.0482 3912 C:\Windows\System32\wbem\wmiutils.dll - ok

14:29:34.0482 3912 [ DFBAADF1B624DC71E88D34D86B3595BE ] C:\Windows\System32\uniplat.dll

14:29:34.0482 3912 C:\Windows\System32\uniplat.dll - ok

14:29:34.0498 3912 [ C10E13721B0AAEBEB5EBA914F1D18181 ] C:\Windows\System32\wbem\esscli.dll

14:29:34.0498 3912 C:\Windows\System32\wbem\esscli.dll - ok

14:29:34.0514 3912 [ 0B71899E60D1265229BF3D080EAB573D ] C:\Windows\System32\unimdmat.dll

14:29:34.0514 3912 C:\Windows\System32\unimdmat.dll - ok

14:29:34.0514 3912 [ BC5A34B6A14C93BF04E3F4E8EA57090A ] C:\Windows\System32\wbem\fastprox.dll

14:29:34.0514 3912 C:\Windows\System32\wbem\fastprox.dll - ok

14:29:34.0529 3912 [ 2E837F3D406224DF131C34BC8F71621E ] C:\Windows\System32\modemui.dll

14:29:34.0529 3912 C:\Windows\System32\modemui.dll - ok

14:29:34.0545 3912 [ 6B01DAD4CB6B2BB507A268DD0DFEF04F ] C:\Windows\System32\igfxdev.dll

14:29:34.0545 3912 C:\Windows\System32\igfxdev.dll - ok

14:29:34.0560 3912 [ DB0F37DBA4C245C61E5936DDBDE62438 ] C:\Windows\System32\wbem\wbemsvc.dll

14:29:34.0560 3912 C:\Windows\System32\wbem\wbemsvc.dll - ok

14:29:34.0560 3912 [ 953193A9DEA40348C1086D171F6440AE ] C:\Windows\System32\kmddsp.tsp

14:29:34.0560 3912 C:\Windows\System32\kmddsp.tsp - ok

14:29:34.0576 3912 [ 834933F16EA839AC5AC7CBF88638DF27 ] C:\Windows\System32\wbem\repdrvfs.dll

14:29:34.0576 3912 C:\Windows\System32\wbem\repdrvfs.dll - ok

14:29:34.0592 3912 [ 2F6776ACEFE41EE889C464EA407918F2 ] C:\Windows\System32\ndptsp.tsp

14:29:34.0592 3912 C:\Windows\System32\ndptsp.tsp - ok

14:29:34.0592 3912 [ B4B59AC042EE3733A862F26CBC0B17FC ] C:\Windows\System32\hidphone.tsp

14:29:34.0592 3912 C:\Windows\System32\hidphone.tsp - ok

14:29:34.0607 3912 [ 8B645890A93F1FBBC7DA3E07CC72D762 ] C:\Windows\System32\rasppp.dll

14:29:34.0607 3912 C:\Windows\System32\rasppp.dll - ok

14:29:34.0623 3912 [ 56E315ACFB08A177B4D01E42B9044DB5 ] C:\Windows\System32\mprapi.dll

14:29:34.0623 3912 C:\Windows\System32\mprapi.dll - ok

14:29:34.0623 3912 [ 88225070DD2F7B0B2ED51E7935078641 ] C:\Windows\System32\rasqec.dll

14:29:34.0623 3912 C:\Windows\System32\rasqec.dll - ok

14:29:34.0638 3912 [ C2C6C014B96581EC8BF0C8604DE1743E ] C:\Windows\System32\wbem\WmiPrvSD.dll

14:29:34.0638 3912 C:\Windows\System32\wbem\WmiPrvSD.dll - ok

14:29:34.0654 3912 [ A609A192E98934A8D352704C99AB8577 ] C:\Windows\System32\wbem\wbemess.dll

14:29:34.0654 3912 C:\Windows\System32\wbem\wbemess.dll - ok

14:29:34.0670 3912 [ 248A1F31ABB58DDDDC01490EF0BDC777 ] C:\Windows\System32\cryptui.dll

14:29:34.0670 3912 C:\Windows\System32\cryptui.dll - ok

14:29:34.0670 3912 [ E98E402067978DB38282158F9E8609CA ] C:\Windows\System32\netshell.dll

14:29:34.0670 3912 C:\Windows\System32\netshell.dll - ok

14:29:34.0685 3912 [ 9495FCC01D7AB7B60E5B8BA7AEFE9E3D ] C:\Windows\System32\wbem\WmiPrvSE.exe

14:29:34.0685 3912 C:\Windows\System32\wbem\WmiPrvSE.exe - ok

14:29:34.0701 3912 [ F723422A11CD6FA13036746272200993 ] C:\Windows\System32\wbem\cimwin32.dll

14:29:34.0701 3912 C:\Windows\System32\wbem\cimwin32.dll - ok

14:29:34.0701 3912 [ 67BB7141F7F5F37411F796943B3418B6 ] C:\Windows\System32\framedynos.dll

14:29:34.0701 3912 C:\Windows\System32\framedynos.dll - ok

14:29:34.0716 3912 [ DF024533734BD9899C61CF76ED571E6B ] C:\Acer\Empowering Technology\eRecovery\MBRwrWin.exe

14:29:34.0716 3912 C:\Acer\Empowering Technology\eRecovery\MBRwrWin.exe - ok

14:29:34.0732 3912 [ 10DE220BDFE330073762F89974DB8403 ] C:\Windows\System32\wbem\wmiprov.dll

14:29:34.0732 3912 C:\Windows\System32\wbem\wmiprov.dll - ok

14:29:34.0748 3912 [ 87CDFFCBD09C1CA03A068343D5D93250 ] C:\Windows\System32\wmi.dll

14:29:34.0748 3912 C:\Windows\System32\wmi.dll - ok

14:29:34.0748 3912 [ 8274C87726D4561EE8750D883764ACC1 ] C:\Windows\System32\wbem\unsecapp.exe

14:29:34.0748 3912 C:\Windows\System32\wbem\unsecapp.exe - ok

14:29:34.0763 3912 [ C8AE490A93C3CC2E537B6E06247785A1 ] C:\Windows\System32\wbem\NCProv.dll

14:29:34.0763 3912 C:\Windows\System32\wbem\NCProv.dll - ok

14:29:34.0779 3912 [ E3F535656B5ABF249702EB64F3CF9AF0 ] C:\Windows\System32\wbem\wbemcons.dll

14:29:34.0779 3912 C:\Windows\System32\wbem\wbemcons.dll - ok

14:29:34.0779 3912 [ 1DFC366D2154EF2B381A7F2CB165C7F4 ] C:\Windows\System32\diagperf.dll

14:29:34.0794 3912 C:\Windows\System32\diagperf.dll - ok

14:29:34.0794 3912 [ FEA6D21F78922D641A0C9346D885133B ] C:\Windows\System32\mssprxy.dll

14:29:34.0794 3912 C:\Windows\System32\mssprxy.dll - ok

14:29:34.0810 3912 [ F0062778F50838145AC46B384FFB4FA3 ] C:\Windows\System32\pcadm.dll

14:29:34.0810 3912 C:\Windows\System32\pcadm.dll - ok

14:29:34.0826 3912 [ 21322832C99E8DE85BD047689A2A69DB ] C:\Windows\System32\pnpts.dll

14:29:34.0826 3912 C:\Windows\System32\pnpts.dll - ok

14:29:34.0826 3912 [ 9A6A653ADF28D9D69670B48F535E6B90 ] C:\Windows\System32\runonce.exe

14:29:34.0826 3912 C:\Windows\System32\runonce.exe - ok

14:29:34.0841 3912 [ 74F26FC01B180D4A99A168ED69C30A53 ] C:\Windows\System32\cmd.exe

14:29:34.0841 3912 C:\Windows\System32\cmd.exe - ok

14:29:34.0857 3912 [ 0BA3F31E2B4D8D99DF8DD19E81155374 ] C:\Windows\System32\ieframe.dll

14:29:34.0857 3912 C:\Windows\System32\ieframe.dll - ok

14:29:34.0857 3912 [ EBC984F0CE40E0DAF0454D806EC2A7EC ] C:\Users\Kenneth\AppData\Local\temp\F22F7FCF-647E-49EC-B05D-AC5D90E2B3EA.exe

14:29:34.0857 3912 C:\Users\Kenneth\AppData\Local\temp\F22F7FCF-647E-49EC-B05D-AC5D90E2B3EA.exe - ok

14:29:34.0872 3912 [ 98638A4CA187245C469DA0DEC4F04A45 ] C:\Windows\System32\pautoenr.dll

14:29:34.0872 3912 C:\Windows\System32\pautoenr.dll - ok

14:29:34.0888 3912 [ AC48FD62E22C4425879FCA5A63F50497 ] C:\Windows\System32\certcli.dll

14:29:34.0888 3912 C:\Windows\System32\certcli.dll - ok

14:29:34.0904 3912 [ 0053319C4438CDE659AA75C19BBD22F1 ] C:\Windows\System32\CertEnroll.dll

14:29:34.0904 3912 C:\Windows\System32\CertEnroll.dll - ok

14:29:34.0919 3912 [ 9441A231C0AA0712F7CF3B10D9CFCF76 ] C:\Windows\System32\wmploc.DLL

14:29:34.0919 3912 C:\Windows\System32\wmploc.DLL - ok

14:29:34.0919 3912 [ C0B8B96D018849FD8CCF15FED84E8782 ] C:\Windows\System32\ie4uinit.exe

14:29:34.0919 3912 C:\Windows\System32\ie4uinit.exe - ok

14:29:34.0935 3912 [ F0FEFB0B5D25A75D478A4317139D937E ] C:\Windows\System32\iedkcs32.dll

14:29:34.0935 3912 C:\Windows\System32\iedkcs32.dll - ok

14:29:34.0950 3912 [ 4CF66D8014ECB3BF517E38C5B90AAC74 ] C:\Windows\System32\themeui.dll

14:29:34.0950 3912 C:\Windows\System32\themeui.dll - ok

14:29:34.0950 3912 [ 4B19A9A4191353007E9819A832B81186 ] C:\Windows\System32\timedate.cpl

14:29:34.0950 3912 C:\Windows\System32\timedate.cpl - ok

14:29:34.0966 3912 [ 8D78BA30DB4AE040A52EDEE725782715 ] C:\Windows\System32\actxprxy.dll

14:29:34.0966 3912 C:\Windows\System32\actxprxy.dll - ok

14:29:34.0982 3912 [ 57CF7F07E92195E84AB41B2F96FF627F ] C:\Windows\System32\unregmp2.exe

14:29:34.0982 3912 C:\Windows\System32\unregmp2.exe - ok

14:29:34.0997 3912 [ FF41E1AC301F51E16F61AD7C0F45467C ] C:\Windows\System32\msshsq.dll

14:29:34.0997 3912 C:\Windows\System32\msshsq.dll - ok

14:29:34.0997 3912 [ 2A8681AEA24003040CA7D677BE9F1702 ] C:\Windows\System32\drivers\05004278.sys

14:29:35.0013 3912 C:\Windows\System32\drivers\05004278.sys - ok

14:29:35.0013 3912 [ 1CE4A2790EB4A96F4ED1E4264866AFE6 ] C:\Windows\System32\NaturalLanguage6.dll

14:29:35.0013 3912 C:\Windows\System32\NaturalLanguage6.dll - ok

14:29:35.0028 3912 [ AA111488C03C58A2BF66509ABB4FDE60 ] C:\Windows\System32\NlsData0009.dll

14:29:35.0028 3912 C:\Windows\System32\NlsData0009.dll - ok

14:29:35.0044 3912 [ 8629B71343F61E1140243581C63BC0C7 ] C:\Windows\System32\NlsLexicons0009.dll

14:29:35.0044 3912 C:\Windows\System32\NlsLexicons0009.dll - ok

14:29:35.0044 3912 [ 0CFCDE5D9D074D96B78D1F1CBF1AAB1D ] C:\Windows\System32\riched20.dll

14:29:35.0044 3912 C:\Windows\System32\riched20.dll - ok

14:29:35.0060 3912 [ A5CBDC87E694154F90DBA134733E7E8B ] C:\Windows\System32\brcpl.dll

14:29:35.0060 3912 C:\Windows\System32\brcpl.dll - ok

14:29:35.0075 3912 [ 24F90AEFEBE601D427CB4511E74CDCB6 ] C:\Windows\System32\linkinfo.dll

14:29:35.0075 3912 C:\Windows\System32\linkinfo.dll - ok

14:29:35.0075 3912 [ DE7F813217EC88C0A6D4D8F2F39D7949 ] C:\Windows\System32\msiltcfg.dll

14:29:35.0075 3912 C:\Windows\System32\msiltcfg.dll - ok

14:29:35.0091 3912 [ 04044BF8E6989BE45FA718C24407CA28 ] C:\Windows\System32\networkexplorer.dll

14:29:35.0091 3912 C:\Windows\System32\networkexplorer.dll - ok

14:29:35.0106 3912 [ 4C96E5B53EAF63BCBEA6FA79C9A0AE59 ] C:\Windows\System32\VAN.dll

14:29:35.0106 3912 C:\Windows\System32\VAN.dll - ok

14:29:35.0106 3912 [ D8510C2D48496B6C336E816FD67AA0F7 ] C:\Program Files\Google\Chrome\Application\chrome.exe

14:29:35.0106 3912 C:\Program Files\Google\Chrome\Application\chrome.exe - ok

14:29:35.0122 3912 [ 5016B8FC59AD616F03813FBE63295081 ] C:\Windows\System32\thumbcache.dll

14:29:35.0122 3912 C:\Windows\System32\thumbcache.dll - ok

14:29:35.0138 3912 [ E090EE780714E376062198C6625D5B51 ] C:\Acer\Empowering Technology\eDataSecurity\eDSLoader.exe

14:29:35.0138 3912 C:\Acer\Empowering Technology\eDataSecurity\eDSLoader.exe - ok

14:29:35.0153 3912 [ BADC359C9A0D9C217B7E8DA17BF3F5BB ] C:\Windows\System32\ntshrui.dll

14:29:35.0153 3912 C:\Windows\System32\ntshrui.dll - ok

14:29:35.0153 3912 [ F9F9E7F0D4EBAC06334C9BF76C9E11B4 ] C:\Windows\System32\sud.dll

14:29:35.0153 3912 C:\Windows\System32\sud.dll - ok

14:29:35.0169 3912 [ 5F2E074D17B878461115B1005C817218 ] C:\Program Files\Google\Chrome\Application\23.0.1271.64\Installer\setup.exe

14:29:35.0169 3912 C:\Program Files\Google\Chrome\Application\23.0.1271.64\Installer\setup.exe - ok

14:29:35.0184 3912 [ 482CBA6D1C944A314AC9715F6754DF79 ] C:\Users\Kenneth\Desktop\mbam-clean-1.60.2.0003.exe

14:29:35.0184 3912 C:\Users\Kenneth\Desktop\mbam-clean-1.60.2.0003.exe - ok

14:29:35.0184 3912 [ B150D1BCB625600479EEBA51811E33CB ] C:\Program Files\Apoint2K\Apoint.exe

14:29:35.0184 3912 C:\Program Files\Apoint2K\Apoint.exe - ok

14:29:35.0200 3912 [ 61216539E55DDF2F78E421E7EF140650 ] C:\Windows\System32\ExplorerFrame.dll

14:29:35.0200 3912 C:\Windows\System32\ExplorerFrame.dll - ok

14:29:35.0216 3912 [ 62DB790A860CDFC4278D2F03CC5675D8 ] C:\Program Files\Windows Defender\MsMpRes.dll

14:29:35.0216 3912 C:\Program Files\Windows Defender\MsMpRes.dll - ok

14:29:35.0231 3912 [ A659F31AC25418738351E5BDF4C85780 ] C:\Windows\RtHDVCpl.exe

14:29:35.0231 3912 C:\Windows\RtHDVCpl.exe - ok

14:29:35.0231 3912 [ 69FD110DB660FA0B9B48332B2CF8169A ] C:\Program Files\Windows Mail\MSOERES.dll

14:29:35.0231 3912 C:\Program Files\Windows Mail\MSOERES.dll - ok

14:29:35.0247 3912 [ 57D9FE1192DAD3F26C1947ACF16D7990 ] C:\Program Files\Windows Collaboration\WinCollabRes.dll

14:29:35.0247 3912 C:\Program Files\Windows Collaboration\WinCollabRes.dll - ok

14:29:35.0262 3912 [ D373E15EB5E2E463EF01CF7BD8D7A1DF ] C:\Windows\SkyTel.exe

14:29:35.0262 3912 C:\Windows\SkyTel.exe - ok

14:29:35.0278 3912 [ 7E6EA9CB72B5DE84A5D700BED877E5F9 ] C:\Program Files\Windows Mail\WinMail.exe

14:29:35.0278 3912 C:\Program Files\Windows Mail\WinMail.exe - ok

14:29:35.0278 3912 [ 5BE5DF4E88A0E0BCD835D7AB25900FFC ] C:\Program Files\Windows Photo Gallery\PhotoLibraryResources.dll

14:29:35.0278 3912 C:\Program Files\Windows Photo Gallery\PhotoLibraryResources.dll - ok

14:29:35.0294 3912 [ 285C594C4913FA9DC7BB6BA3AD6F101A ] C:\Windows\System32\wucltux.dll

14:29:35.0294 3912 C:\Windows\System32\wucltux.dll - ok

14:29:35.0309 3912 [ B9876A758B370FF98E21B95A855BFE9B ] C:\Windows\System32\ADMIN_CLASS_LIB.dll

14:29:35.0309 3912 C:\Windows\System32\ADMIN_CLASS_LIB.dll - ok

14:29:35.0325 3912 [ 7FB028FC63500DBF387E96E44273389A ] C:\Program Files\Movie Maker\MOVIEMK.dll

14:29:35.0325 3912 C:\Program Files\Movie Maker\MOVIEMK.dll - ok

14:29:35.0325 3912 [ B5950DF243837D8217F4E597919B224A ] C:\Windows\System32\stobject.dll

14:29:35.0325 3912 C:\Windows\System32\stobject.dll - ok

14:29:35.0340 3912 [ EC69B16644C613F41A57169F8D068F1D ] C:\Windows\System32\batmeter.dll

14:29:35.0340 3912 C:\Windows\System32\batmeter.dll - ok

14:29:35.0356 3912 [ 84B8827562B005C118CADBA0F25DB2C6 ] C:\Windows\System32\dsound.dll

14:29:35.0356 3912 C:\Windows\System32\dsound.dll - ok

14:29:35.0356 3912 [ 782FEF655DBF8653C9F2722BEBF7A8A6 ] C:\Program Files\AVAST Software\Avast\AvastUI.exe

14:29:35.0356 3912 C:\Program Files\AVAST Software\Avast\AvastUI.exe - ok

14:29:35.0372 3912 [ 027E5E14C9CFF810377701BDEAD8210F ] C:\Windows\System32\control.exe

14:29:35.0372 3912 C:\Windows\System32\control.exe - ok

14:29:35.0387 3912 [ D1AE45D7186FC463F345CF101EBB81E3 ] C:\Program Files\Microsoft Office\PowerPoint Viewer\PPTVIEW.EXE

14:29:35.0387 3912 C:\Program Files\Microsoft Office\PowerPoint Viewer\PPTVIEW.EXE - ok

14:29:35.0387 3912 [ 69A6F66E921AE6A6814F021F7E9FA1D0 ] C:\Windows\System32\keyManager.dll

14:29:35.0387 3912 C:\Windows\System32\keyManager.dll - ok

14:29:35.0403 3912 [ 30F02D9C55053367E26A11482F51E255 ] C:\Windows\System32\SndVolSSO.dll

14:29:35.0403 3912 C:\Windows\System32\SndVolSSO.dll - ok

14:29:35.0418 3912 [ 26DE50A7F668F541B8130A0E26EFF3D8 ] C:\Program Files\Microsoft Works\MSWorks.exe

14:29:35.0418 3912 C:\Program Files\Microsoft Works\MSWorks.exe - ok

14:29:35.0418 3912 [ C37571F7C79C3972D641804F1DF7C0F5 ] C:\Program Files\Microsoft Works\wksdb.exe

14:29:35.0418 3912 C:\Program Files\Microsoft Works\wksdb.exe - ok

14:29:35.0434 3912 [ E2C48CD0132D4D1DC7D0DF9A6BEF686A ] C:\Windows\winsxs\x86_microsoft.vc80.mfc_1fc8b3b9a1e18e3b_8.0.50727.6195_none_cbf5e994470a1a8f\mfc80u.dll

14:29:35.0434 3912 C:\Windows\winsxs\x86_microsoft.vc80.mfc_1fc8b3b9a1e18e3b_8.0.50727.6195_none_cbf5e994470a1a8f\mfc80u.dll - ok

14:29:35.0450 3912 [ 2E876305D23E69D75FC66A4090FDF68A ] C:\Program Files\Apoint2K\ApResUS.dll

14:29:35.0450 3912 C:\Program Files\Apoint2K\ApResUS.dll - ok

14:29:35.0465 3912 [ 75AD59B9B12EB194486BE8D97B062994 ] C:\Windows\System32\pnidui.dll

14:29:35.0465 3912 C:\Windows\System32\pnidui.dll - ok

14:29:35.0465 3912 [ 130575400B3A28E69F314DA0ADEA1732 ] C:\Windows\System32\Vxdif.dll

14:29:35.0465 3912 C:\Windows\System32\Vxdif.dll - ok

14:29:35.0481 3912 [ B5EF1DA337DB9859709A387638AC5E07 ] C:\Windows\System32\SearchProtocolHost.exe

14:29:35.0481 3912 C:\Windows\System32\SearchProtocolHost.exe - ok

14:29:35.0496 3912 [ 2DD6AF8E97F59C9D39329BBC2A81F13F ] C:\Windows\System32\rasdlg.dll

14:29:35.0496 3912 C:\Windows\System32\rasdlg.dll - ok

14:29:35.0496 3912 [ FF265743D5FA487D5721B4E94D17842A ] C:\Windows\System32\ShowErrMsg.dll

14:29:35.0496 3912 C:\Windows\System32\ShowErrMsg.dll - ok

14:29:35.0512 3912 [ 0DB949D42FC8B02CEE4FD2A32F9B0910 ] C:\Program Files\AVAST Software\Avast\aswUtil.dll

14:29:35.0512 3912 C:\Program Files\AVAST Software\Avast\aswUtil.dll - ok

14:29:35.0528 3912 [ 06164026C38AA5366E4D127E2E36FDE8 ] C:\Program Files\Windows Mail\wab.exe

14:29:35.0528 3912 C:\Program Files\Windows Mail\wab.exe - ok

14:29:35.0543 3912 [ 52BC119E49F88F2A5D1466230B1275C7 ] C:\Program Files\Windows Collaboration\WinCollab.exe

14:29:35.0543 3912 C:\Program Files\Windows Collaboration\WinCollab.exe - ok

14:29:35.0543 3912 [ C4AB08459CD7B59B410ACFC04D90E87B ] C:\Program Files\Movie Maker\MOVIEMK.exe

14:29:35.0543 3912 C:\Program Files\Movie Maker\MOVIEMK.exe - ok

14:29:35.0559 3912 [ 17C0E094BEE5BC03CF491972F71AA6EF ] C:\Windows\System32\wlanapi.dll

14:29:35.0559 3912 C:\Windows\System32\wlanapi.dll - ok

14:29:35.0574 3912 [ C03AC1FBCD625F93D2C245D97E06F270 ] C:\Program Files\Windows Photo Gallery\WindowsPhotoGallery.exe

14:29:35.0574 3912 C:\Program Files\Windows Photo Gallery\WindowsPhotoGallery.exe - ok

14:29:35.0590 3912 [ 4A839160ED1963F9A1526DDA2D1233B2 ] C:\Windows\System32\AltTab.dll

14:29:35.0590 3912 C:\Windows\System32\AltTab.dll - ok

14:29:35.0590 3912 [ 6B5C53E0932C510606D700B7A896EF73 ] C:\Windows\System32\WPDShServiceObj.dll

14:29:35.0590 3912 C:\Windows\System32\WPDShServiceObj.dll - ok

14:29:35.0606 3912 [ 069385484EA57B663D688894C88975C5 ] C:\Windows\System32\wuapp.exe

14:29:35.0606 3912 C:\Windows\System32\wuapp.exe - ok

14:29:35.0621 3912 [ 582BE479E7E286BB3B31C5A4C3DC3987 ] C:\Windows\System32\msshooks.dll

14:29:35.0621 3912 C:\Windows\System32\msshooks.dll - ok

14:29:35.0621 3912 [ 1FF99E01F5E536E814D390F37F2E0889 ] C:\Program Files\Apoint2K\Apoint.dll

14:29:35.0621 3912 C:\Program Files\Apoint2K\Apoint.dll - ok

14:29:35.0637 3912 [ 771AF583BC58373A84496CCD52C36E33 ] C:\Windows\System32\mssvp.dll

14:29:35.0637 3912 C:\Windows\System32\mssvp.dll - ok

14:29:35.0652 3912 [ 98C77FD99F3DB37B2C03F32B8F837B65 ] C:\Windows\System32\mapi32.dll

14:29:35.0652 3912 C:\Windows\System32\mapi32.dll - ok

14:29:35.0652 3912 [ 351319EF11C263C95FB721AC76F436D6 ] C:\Windows\System32\mssph.dll

14:29:35.0652 3912 C:\Windows\System32\mssph.dll - ok

14:29:35.0668 3912 [ 744F08CF9ACFFB1C715191D04DEEE907 ] C:\Windows\System32\srchadmin.dll

14:29:35.0668 3912 C:\Windows\System32\srchadmin.dll - ok

14:29:35.0684 3912 [ 7B952E19FE5FCB2F2A8737544564631D ] C:\PROGRA~1\MICROS~2\Office12\ONFILTER.DLL

14:29:35.0684 3912 C:\PROGRA~1\MICROS~2\Office12\ONFILTER.DLL - ok

14:29:35.0699 3912 [ 58A18482F445D1C8DD51A1BC29251F61 ] C:\Windows\System32\msfeeds.dll

14:29:35.0699 3912 C:\Windows\System32\msfeeds.dll - ok

14:29:35.0699 3912 [ C9EE7FF225EAC1CB9C78C413667CDB80 ] C:\Windows\System32\SearchFilterHost.exe

14:29:35.0699 3912 C:\Windows\System32\SearchFilterHost.exe - ok

14:29:35.0715 3912 [ 5193DE33F3284C447E0D31DAFBF92570 ] C:\Windows\System32\webcheck.dll

14:29:35.0715 3912 C:\Windows\System32\webcheck.dll - ok

14:29:35.0730 3912 [ 3EB6D30D82F0E300FCFBAD0498F654FD ] C:\Windows\System32\mlang.dll

14:29:35.0730 3912 C:\Windows\System32\mlang.dll - ok

14:29:35.0730 3912 [ 4ACEA0C4BB15ACE55E3AE5EC4E88DD55 ] C:\Windows\System32\SyncCenter.dll

14:29:35.0730 3912 C:\Windows\System32\SyncCenter.dll - ok

14:29:35.0746 3912 [ 9B0726A03B790E5B82BED44D24009BEF ] C:\Windows\System32\imapi2.dll

14:29:35.0746 3912 C:\Windows\System32\imapi2.dll - ok

14:29:35.0762 3912 [ 28A09777D2D952122567A8A82F1A2C7B ] C:\Windows\winsxs\x86_microsoft.vc80.mfcloc_1fc8b3b9a1e18e3b_8.0.50727.6195_none_03ce2c72205943d3\mfc80ENU.dll

14:29:35.0762 3912 C:\Windows\winsxs\x86_microsoft.vc80.mfcloc_1fc8b3b9a1e18e3b_8.0.50727.6195_none_03ce2c72205943d3\mfc80ENU.dll - ok

14:29:35.0762 3912 [ 4895E1BDA720F634ABDA31BBEC90DEAE ] C:\Program Files\Apoint2K\EzAuto.dll

14:29:35.0762 3912 C:\Program Files\Apoint2K\EzAuto.dll - ok

14:29:35.0793 3912 [ C0ABD66F31C0B84CD944802E6D3D02C2 ] C:\Windows\System32\bthprops.cpl

14:29:35.0793 3912 C:\Windows\System32\bthprops.cpl - ok

14:29:35.0793 3912 [ 81ADB60C39DECB86676D1C6F9578E68B ] C:\Windows\System32\MSNChatHook.dll

14:29:35.0793 3912 C:\Windows\System32\MSNChatHook.dll - ok

14:29:35.0808 3912 [ 9F97089FA244B38321464F0AA40E186F ] C:\Windows\System32\BatchCrypto.dll

14:29:35.0808 3912 C:\Windows\System32\BatchCrypto.dll - ok

14:29:35.0824 3912 [ 9B89B3BB79EA1ACF041F40A7B6FC5827 ] C:\Windows\System32\mobsync.exe

14:29:35.0824 3912 C:\Windows\System32\mobsync.exe - ok

14:29:35.0824 3912 [ 63396CBB1365769D520E0FD89C2419F2 ] C:\Windows\System32\localspl.dll

14:29:35.0824 3912 C:\Windows\System32\localspl.dll - ok

14:29:35.0840 3912 [ 6A437E8991C407728B615F4D63AF36F7 ] C:\Windows\System32\CNMLMAA.DLL

14:29:35.0840 3912 C:\Windows\System32\CNMLMAA.DLL - ok

14:29:35.0855 3912 [ 16EE199006A653EE8937632459CB66BE ] C:\Windows\System32\HPZLLLHN.DLL

14:29:35.0855 3912 C:\Windows\System32\HPZLLLHN.DLL - ok

14:29:35.0871 3912 [ 7599E425947A595448DA778B610923BC ] C:\Program Files\Windows Media Player\wmpsyncmgr.dll

14:29:35.0871 3912 C:\Program Files\Windows Media Player\wmpsyncmgr.dll - ok

14:29:35.0871 3912 [ C1DA8C732CB89BF25FE10D2DD4D2A419 ] C:\Windows\System32\lmdimon8.dll

14:29:35.0871 3912 C:\Windows\System32\lmdimon8.dll - ok

14:29:35.0886 3912 [ B9B3F6D8B8F1E0029C58B304632A729B ] C:\Windows\System32\msonpmon.dll

14:29:35.0886 3912 C:\Windows\System32\msonpmon.dll - ok

14:29:35.0902 3912 [ BB0EB921877A1A7EF15AE2D97A71CBA9 ] C:\Windows\System32\tcpmon.dll

14:29:35.0902 3912 C:\Windows\System32\tcpmon.dll - ok

14:29:35.0918 3912 [ AF24A9DF84637BF9858EC6FB88EBA7B2 ] C:\Windows\System32\snmpapi.dll

14:29:35.0918 3912 C:\Windows\System32\snmpapi.dll - ok

14:29:35.0918 3912 [ 1EDE113859276E4B0F19B80F39E2CC95 ] C:\Windows\System32\wsnmp32.dll

14:29:35.0918 3912 C:\Windows\System32\wsnmp32.dll - ok

14:29:35.0933 3912 [ 015E99A7634B93E8BB0380C70F3D2CC3 ] C:\Windows\System32\wmp.dll

14:29:35.0933 3912 C:\Windows\System32\wmp.dll - ok

14:29:35.0949 3912 [ B4F5DE3DAD8E6B97272F45DB97674878 ] C:\Windows\System32\mgmtapi.dll

14:29:35.0949 3912 C:\Windows\System32\mgmtapi.dll - ok

14:29:35.0949 3912 [ 5091452DC719281CF1DD69367E13B494 ] C:\Windows\System32\tcpmib.dll

14:29:35.0949 3912 C:\Windows\System32\tcpmib.dll - ok

14:29:35.0964 3912 [ 0BF0BB276F17B6AD61A8694D2551EC28 ] C:\Windows\System32\usbmon.dll

14:29:35.0964 3912 C:\Windows\System32\usbmon.dll - ok

14:29:35.0980 3912 [ 0EB1CC5EBFCAAB7DBAEE881E2887F7F9 ] C:\Windows\System32\WSDMon.dll

14:29:35.0980 3912 C:\Windows\System32\WSDMon.dll - ok

14:29:35.0980 3912 [ 672DCEE749BF8A259448991B0297187D ] C:\Windows\System32\spool\prtprocs\w32x86\CNMPDAA.DLL

14:29:35.0980 3912 C:\Windows\System32\spool\prtprocs\w32x86\CNMPDAA.DLL - ok

14:29:35.0996 3912 [ 801DECF3A583C270E5C398FCD082E3DD ] C:\Windows\System32\spool\prtprocs\w32x86\HPZPPLHN.DLL

14:29:35.0996 3912 C:\Windows\System32\spool\prtprocs\w32x86\HPZPPLHN.DLL - ok

14:29:36.0011 3912 [ 08F89ADEDBBF1568C9BC717B9DC37E3B ] C:\Windows\System32\spool\prtprocs\w32x86\lmdippr8.dll

14:29:36.0011 3912 C:\Windows\System32\spool\prtprocs\w32x86\lmdippr8.dll - ok

14:29:36.0027 3912 [ F348280907B38FDBDB3CEF55D456E149 ] C:\Windows\System32\spool\prtprocs\w32x86\msonpppr.dll

14:29:36.0027 3912 C:\Windows\System32\spool\prtprocs\w32x86\msonpppr.dll - ok

14:29:36.0027 3912 [ 2D821AFA5A1A9CA7F9F997A1AAD09E72 ] C:\Program Files\Windows Media Player\wmplayer.exe

14:29:36.0027 3912 C:\Program Files\Windows Media Player\wmplayer.exe - ok

14:29:36.0042 3912 [ C90B296C43EDD9DD1751AD3B590ACDE6 ] C:\Windows\System32\win32spl.dll

14:29:36.0042 3912 C:\Windows\System32\win32spl.dll - ok

14:29:36.0058 3912 [ 4BF053944E973C073339BE841C9ECF28 ] C:\Windows\System32\netrap.dll

14:29:36.0058 3912 C:\Windows\System32\netrap.dll - ok

14:29:36.0074 3912 [ E340845C8E96D107C36420065D7A5733 ] C:\Windows\System32\printcom.dll

14:29:36.0074 3912 C:\Windows\System32\printcom.dll - ok

14:29:36.0074 3912 [ 2E8E30F3B318A9FDA5A2485723F4C2B3 ] C:\Windows\System32\inetpp.dll

14:29:36.0074 3912 C:\Windows\System32\inetpp.dll - ok

14:29:36.0089 3912 [ E34C4AAF1533648BC4B671C0F4D86F03 ] C:\Windows\System32\jscript.dll

14:29:36.0089 3912 C:\Windows\System32\jscript.dll - ok

14:29:36.0105 3912 [ A1379ABB64209A093421B07F4C1804BE ] C:\Program Files\AVAST Software\Avast\aswJsFlt.dll

14:29:36.0105 3912 C:\Program Files\AVAST Software\Avast\aswJsFlt.dll - ok

14:29:36.0105 3912 [ 7C0FC379D4B066C2D2189792DED0E4AA ] C:\Windows\System32\xmlfilter.dll

14:29:36.0105 3912 C:\Windows\System32\xmlfilter.dll - ok

14:29:36.0120 3912 [ 0CADE166293FC566B4B9D477A3A9D650 ] C:\Program Files\Windows Media Player\mpvis.DLL

14:29:36.0120 3912 C:\Program Files\Windows Media Player\mpvis.DLL - ok

14:29:36.0136 3912 [ 617F9A5813E69F6E9ED94B811EC75396 ] C:\Windows\System32\wmpps.dll

14:29:36.0136 3912 C:\Windows\System32\wmpps.dll - ok

14:29:36.0152 3912 [ 915D3430FE926376DD942AE45A9A1665 ] C:\Windows\System32\mswmdm.dll

14:29:36.0152 3912 C:\Windows\System32\mswmdm.dll - ok

14:29:36.0152 3912 [ 83ADC95272B048DFD1563E0EA0F269FB ] C:\Windows\System32\cewmdm.dll

14:29:36.0152 3912 C:\Windows\System32\cewmdm.dll - ok

14:29:36.0167 3912 [ 49456BFE373D90B895795C5A1A13A7C8 ] C:\Windows\System32\WPDSp.dll

14:29:36.0167 3912 C:\Windows\System32\WPDSp.dll - ok

14:29:36.0183 3912 [ 5EB87BA0B93CA7E894FC8002E3CE4C2A ] C:\Program Files\Windows Portable Devices\sqmapi.dll

14:29:36.0183 3912 C:\Program Files\Windows Portable Devices\sqmapi.dll - ok

14:29:36.0183 3912 [ 9F1FAC04A274ADF9F65F9E1B851BDB1E ] C:\Windows\System32\wmdmps.dll

14:29:36.0183 3912 C:\Windows\System32\wmdmps.dll - ok

14:29:36.0198 3912 [ 501F9CDADC4BF4069BC90B3C2BB298AE ] C:\Windows\System32\msscp.dll

14:29:36.0198 3912 C:\Windows\System32\msscp.dll - ok

14:29:36.0214 3912 [ 1264F787E46DC572FA274CA09B446E01 ] C:\PROGRA~1\COMMON~1\MICROS~1\OFFICE12\MSOXMLMF.DLL

14:29:36.0214 3912 C:\PROGRA~1\COMMON~1\MICROS~1\OFFICE12\MSOXMLMF.DLL - ok

14:29:36.0214 3912 [ 3192ED5E2FFDF5B630541B9643AE1AA3 ] C:\Windows\System32\upnp.dll

14:29:36.0214 3912 C:\Windows\System32\upnp.dll - ok

14:29:36.0230 3912 [ E46A4765F8E6D631C9C9CB0B083602F5 ] C:\Program Files\Windows Media Player\wmpnssci.dll

14:29:36.0230 3912 C:\Program Files\Windows Media Player\wmpnssci.dll - ok

14:29:36.0245 3912 [ 5EF87457AB8A58694EBE35E55D093D04 ] C:\Users\Kenneth\AppData\Local\temp\RtkBtMnt.exe

14:29:36.0245 3912 C:\Users\Kenneth\AppData\Local\temp\RtkBtMnt.exe - ok

14:29:36.0261 3912 [ 423069307FB726E51E2A66F1C3F738FE ] C:\Windows\winsxs\x86_microsoft.vc90.mfc_1fc8b3b9a1e18e3b_9.0.30729.4148_none_4bf5400abf9d60b7\mfc90u.dll

14:29:36.0261 3912 C:\Windows\winsxs\x86_microsoft.vc90.mfc_1fc8b3b9a1e18e3b_9.0.30729.4148_none_4bf5400abf9d60b7\mfc90u.dll - ok

14:29:36.0261 3912 [ 898ABECCD5F0B9A8E8F1318DDB234685 ] C:\Windows\System32\dot3api.dll

14:29:36.0261 3912 C:\Windows\System32\dot3api.dll - ok

14:29:36.0276 3912 [ 8D544AC1B7AA7FB9DFF0C3E7DA6AD295 ] C:\Windows\System32\wlanhlp.dll

14:29:36.0276 3912 C:\Windows\System32\wlanhlp.dll - ok

14:29:36.0292 3912 [ 2A632A95433E9719F37AE06BA00543AC ] C:\Windows\winsxs\x86_microsoft.vc90.mfcloc_1fc8b3b9a1e18e3b_9.0.30729.4148_none_4973eb1d754a9dc9\MFC90ENU.DLL

14:29:36.0292 3912 C:\Windows\winsxs\x86_microsoft.vc90.mfcloc_1fc8b3b9a1e18e3b_9.0.30729.4148_none_4973eb1d754a9dc9\MFC90ENU.DLL - ok

14:29:36.0292 3912 [ 90111518C52523789635E09D80C53584 ] C:\Program Files\AVAST Software\Avast\aswAra.dll

14:29:36.0292 3912 C:\Program Files\AVAST Software\Avast\aswAra.dll - ok

14:29:36.0308 3912 [ A43709D69B819285970DE820D3CE0DF4 ] C:\Program Files\AVAST Software\Avast\aswData.dll

14:29:36.0308 3912 C:\Program Files\AVAST Software\Avast\aswData.dll - ok

14:29:36.0323 3912 [ E4483E1AD553B637FFF75270DB6CEAB3 ] C:\Program Files\AVAST Software\Avast\1033\uiLangRes.dll

14:29:36.0323 3912 C:\Program Files\AVAST Software\Avast\1033\uiLangRes.dll - ok

14:29:36.0339 3912 [ 45BD0A6F667C24CFA4205D72E66E0DD8 ] C:\Program Files\AVAST Software\Avast\CommonRes.dll

14:29:36.0339 3912 C:\Program Files\AVAST Software\Avast\CommonRes.dll - ok

14:29:36.0354 3912 [ 8B1E277F554228A84126402BBBDC32F4 ] C:\Windows\System32\Macromed\Flash\Flash32_11_4_402_287.ocx

14:29:36.0354 3912 C:\Windows\System32\Macromed\Flash\Flash32_11_4_402_287.ocx - ok

14:29:36.0354 3912 [ 2E70B299CF9732C1A66F2403BBF3539B ] C:\Windows\winsxs\x86_microsoft.vc90.mfc_1fc8b3b9a1e18e3b_9.0.30729.4148_none_4bf5400abf9d60b7\mfcm90u.dll

14:29:36.0354 3912 C:\Windows\winsxs\x86_microsoft.vc90.mfc_1fc8b3b9a1e18e3b_9.0.30729.4148_none_4bf5400abf9d60b7\mfcm90u.dll - ok

14:29:36.0370 3912 [ D9683065CF89411E0AC17349E251A5B9 ] C:\Program Files\AVAST Software\Avast\defs\12110800\uiext.dll

14:29:36.0370 3912 C:\Program Files\AVAST Software\Avast\defs\12110800\uiext.dll - ok

14:29:36.0386 3912 [ C5A75EB48E2344ABDC162BDA79E16841 ] C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe

14:29:36.0386 3912 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe - ok

14:29:36.0401 3912 [ E5F7C30EDF0892667933BE879F067D67 ] C:\Windows\System32\msvcr100_clr0400.dll

14:29:36.0401 3912 C:\Windows\System32\msvcr100_clr0400.dll - ok

14:29:36.0401 3912 [ E4024CCF225A936207294DE50925D4F6 ] C:\Program Files\Google\Update\1.3.21.123\goopdateres_en.dll

14:29:36.0401 3912 C:\Program Files\Google\Update\1.3.21.123\goopdateres_en.dll - ok

14:29:36.0417 3912 [ 8078F8F8F7A79E2E6B494523A828C585 ] C:\Windows\System32\msdtckrm.dll

14:29:36.0417 3912 C:\Windows\System32\msdtckrm.dll - ok

14:29:36.0432 3912 [ 5CAAE5333EF36DB4A8D294418AB37E80 ] C:\Windows\System32\p2pcollab.dll

14:29:36.0432 3912 C:\Windows\System32\p2pcollab.dll - ok

14:29:36.0432 3912 [ 1A617835452EEE5060976C9B9F5FE635 ] C:\Windows\System32\wuapi.dll

14:29:36.0432 3912 C:\Windows\System32\wuapi.dll - ok

14:29:36.0448 3912 [ FE3702015BE4D214808A2FBC07B8E5FF ] C:\Windows\System32\wscproxystub.dll

14:29:36.0448 3912 C:\Windows\System32\wscproxystub.dll - ok

14:29:36.0464 3912 [ 3458EDA96E30FBD0477A2800D3FB1909 ] C:\Windows\System32\wups.dll

14:29:36.0464 3912 C:\Windows\System32\wups.dll - ok

14:29:36.0464 3912 [ 5E41139EC6EFBCAFFD96D46925E544AB ] C:\Windows\System32\mspatcha.dll

14:29:36.0464 3912 C:\Windows\System32\mspatcha.dll - ok

14:29:36.0479 3912 [ BDC0C99E472176C8C2C853A68ADC5073 ] C:\Windows\System32\wups2.dll

14:29:36.0479 3912 C:\Windows\System32\wups2.dll - ok

14:29:36.0495 3912 [ 3A2EEE8444A8E5C1A454C57B2198F5FC ] C:\Windows\System32\ntlanman.dll

14:29:36.0495 3912 C:\Windows\System32\ntlanman.dll - ok

14:29:36.0510 3912 [ 582EFE56FC0858E58A6CEBA2A64B02C7 ] C:\Windows\System32\drprov.dll

14:29:36.0510 3912 C:\Windows\System32\drprov.dll - ok

14:29:36.0510 3912 [ CFBD2E1FE18B50748A76703A2DC6D4E3 ] C:\Windows\System32\davclnt.dll

14:29:36.0510 3912 C:\Windows\System32\davclnt.dll - ok

14:29:36.0526 3912 [ 44C00A385CA9DBC1D5CF3781F8C26AEA ] C:\Windows\System32\Macromed\Flash\FlashPlayerUpdateService.exe

14:29:36.0526 3912 C:\Windows\System32\Macromed\Flash\FlashPlayerUpdateService.exe - ok

14:29:36.0542 3912 [ C8DBFEF835FF54467425C8F3ABCF7046 ] C:\Windows\System32\dssenh.dll

14:29:36.0542 3912 C:\Windows\System32\dssenh.dll - ok

14:29:36.0542 3912 [ 2898035F522BA2989BBA8B9CFB020FD2 ] C:\Program Files\AVAST Software\Avast\defs\12110800\aspColl.dll

14:29:36.0542 3912 C:\Program Files\AVAST Software\Avast\defs\12110800\aspColl.dll - ok

14:29:36.0557 3912 [ 5FA382106B145A920E2A4F7087AF1B90 ] C:\Windows\System32\wbem\wmipcima.dll

14:29:36.0557 3912 C:\Windows\System32\wbem\wmipcima.dll - ok

14:29:36.0557 3912 ============================================================

14:29:36.0557 3912 Scan finished

14:29:36.0557 3912 ============================================================

14:29:36.0588 3168 Detected object count: 14

14:29:36.0588 3168 Actual detected object count: 14

14:32:40.0044 3168 ALaunchService ( UnsignedFile.Multi.Generic ) - skipped by user

14:32:40.0060 3168 ALaunchService ( UnsignedFile.Multi.Generic ) - User select action: Skip

14:32:40.0060 3168 CLCapSvc ( UnsignedFile.Multi.Generic ) - skipped by user

14:32:40.0060 3168 CLCapSvc ( UnsignedFile.Multi.Generic ) - User select action: Skip

14:32:40.0060 3168 CLSched ( UnsignedFile.Multi.Generic ) - skipped by user

14:32:40.0060 3168 CLSched ( UnsignedFile.Multi.Generic ) - User select action: Skip

14:32:40.0060 3168 CyberLink Media Library Service ( UnsignedFile.Multi.Generic ) - skipped by user

14:32:40.0060 3168 CyberLink Media Library Service ( UnsignedFile.Multi.Generic ) - User select action: Skip

14:32:40.0060 3168 eLockService ( UnsignedFile.Multi.Generic ) - skipped by user

14:32:40.0060 3168 eLockService ( UnsignedFile.Multi.Generic ) - User select action: Skip

14:32:40.0060 3168 eNet Service ( UnsignedFile.Multi.Generic ) - skipped by user

14:32:40.0060 3168 eNet Service ( UnsignedFile.Multi.Generic ) - User select action: Skip

14:32:40.0060 3168 eRecoveryService ( UnsignedFile.Multi.Generic ) - skipped by user

14:32:40.0060 3168 eRecoveryService ( UnsignedFile.Multi.Generic ) - User select action: Skip

14:32:40.0060 3168 eSettingsService ( UnsignedFile.Multi.Generic ) - skipped by user

14:32:40.0060 3168 eSettingsService ( UnsignedFile.Multi.Generic ) - User select action: Skip

14:32:40.0060 3168 LightScribeService ( UnsignedFile.Multi.Generic ) - skipped by user

14:32:40.0060 3168 LightScribeService ( UnsignedFile.Multi.Generic ) - User select action: Skip

14:32:40.0060 3168 McciCMService ( UnsignedFile.Multi.Generic ) - skipped by user

14:32:40.0060 3168 McciCMService ( UnsignedFile.Multi.Generic ) - User select action: Skip

14:32:40.0060 3168 MREMP50 ( UnsignedFile.Multi.Generic ) - skipped by user

14:32:40.0060 3168 MREMP50 ( UnsignedFile.Multi.Generic ) - User select action: Skip

14:32:40.0076 3168 MRESP50 ( UnsignedFile.Multi.Generic ) - skipped by user

14:32:40.0076 3168 MRESP50 ( UnsignedFile.Multi.Generic ) - User select action: Skip

14:32:40.0076 3168 NTIDrvr ( UnsignedFile.Multi.Generic ) - skipped by user

14:32:40.0076 3168 NTIDrvr ( UnsignedFile.Multi.Generic ) - User select action: Skip

14:32:40.0076 3168 WMIService ( UnsignedFile.Multi.Generic ) - skipped by user

14:32:40.0076 3168 WMIService ( UnsignedFile.Multi.Generic ) - User select action: Skip

14:32:48.0624 3568 Deinitialize successHere is the 3rd part of TDDSkiller log.................

Share this post


Link to post
Share on other sites

Here is the DDS log.................

DDS (Ver_2012-11-05.02) - NTFS_x86

Internet Explorer: 9.0.8112.16450

Run by Kenneth at 14:33:43 on 2012-11-08

Microsoft® Windows Vista™ Home Basic 6.0.6002.2.1252.1.1033.18.1013.300 [GMT -6:00]

.

AV: avast! Antivirus *Enabled/Updated* {2B2D1395-420B-D5C9-657E-930FE358FC3C}

SP: avast! Antivirus *Enabled/Updated* {904CF271-6431-DA47-5FCE-A87D98DFB681}

SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

.

============== Running Processes ================

.

C:\Windows\system32\wininit.exe

C:\Windows\system32\lsm.exe

C:\Windows\system32\SLsvc.exe

C:\Windows\system32\Dwm.exe

C:\Windows\Explorer.EXE

C:\Program Files\AVAST Software\Avast\AvastSvc.exe

C:\Windows\System32\spoolsv.exe

C:\Windows\system32\taskeng.exe

C:\Windows\system32\taskeng.exe

C:\Program Files\SUPERAntiSpyware\SASCORE.EXE

C:\Windows\system32\agrsmsvc.exe

C:\Acer\ALaunch\ALaunchSvc.exe

C:\Program Files\Acer\Acer Arcade\Kernel\TV\CLCapSvc.exe

C:\Program Files\Acer\Acer Arcade\Kernel\CLML_NTService\CLMLServer.exe

C:\Acer\Empowering Technology\eDataSecurity\eDSService.exe

C:\Acer\Empowering Technology\eLock\Service\eLockServ.exe

C:\Acer\Empowering Technology\eNet\eNet Service.exe

C:\Program Files\Common Files\LightScribe\LSSrvc.exe

C:\Program Files\Common Files\Motive\McciCMService.exe

C:\Acer\Mobility Center\MobilityService.exe

C:\Windows\system32\SearchIndexer.exe

C:\Windows\system32\WUDFHost.exe

C:\Windows\system32\DRIVERS\xaudio.exe

C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe

C:\Program Files\Acer\Acer Arcade\Kernel\TV\CLSched.exe

C:\Acer\Empowering Technology\eRecovery\eRecoveryService.exe

C:\Acer\Empowering Technology\eSettings\Service\capuserv.exe

C:\Acer\Empowering Technology\ePower\ePowerSvc.exe

C:\Windows\system32\wbem\wmiprvse.exe

C:\Windows\system32\wbem\wmiprvse.exe

C:\Windows\system32\wbem\unsecapp.exe

C:\Windows\RtHDVCpl.exe

C:\Acer\Empowering Technology\eDataSecurity\eDSLoader.exe

C:\Program Files\AVAST Software\Avast\AvastUI.exe

C:\Windows\system32\wbem\unsecapp.exe

C:\Windows\System32\mobsync.exe

C:\Users\Kenneth\AppData\Local\Temp\RtkBtMnt.exe

C:\Windows\system32\svchost.exe -k DcomLaunch

C:\Windows\system32\svchost.exe -k rpcss

C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted

C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted

C:\Windows\system32\svchost.exe -k netsvcs

C:\Windows\system32\svchost.exe -k GPSvcGroup

C:\Windows\system32\svchost.exe -k LocalService

C:\Windows\system32\svchost.exe -k NetworkService

C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork

C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted

C:\Windows\system32\svchost.exe -k imgsvc

C:\Windows\System32\svchost.exe -k WerSvcGroup

C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation

.

============== Pseudo HJT Report ===============

.

uStart Page = hxxp://mail.google.com/

uSearchMigratedDefaultURL = hxxp://search.yahoo.com/search?p={searchTerms}&ei=utf-8&fr=b1ie7

mStart Page = hxxp://en.us.acer.yahoo.com

uSearchURL,(Default) = hxxp://us.rd.yahoo.com/customize/ycomp/defaults/su/*http://www.yahoo.com

BHO: &Yahoo! Toolbar Helper: {02478D38-C3F9-4efb-9B51-7695ECA05670} - c:\program files\yahoo!\companion\installs\cpn1\yt.dll

BHO: ShowBarObj Class: {83A2F9B1-01A2-4AA5-87D1-45B6B8505E96} - c:\windows\system32\ActiveToolBand.dll

BHO: avast! WebRep: {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - c:\program files\avast software\avast\aswWebRepIE.dll

BHO: Java Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - c:\program files\java\jre6\bin\jp2ssv.dll

BHO: SingleInstance Class: {FDAD4DA1-61A2-4FD8-9C17-86F7AC245081} - c:\program files\yahoo!\companion\installs\cpn0\YTSingleInstance.dll

TB: Acer eDataSecurity Management: {5CBE3B7C-1E47-477e-A7DD-396DB0476E29} - c:\windows\system32\eDStoolbar.dll

TB: avast! WebRep: {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - c:\program files\avast software\avast\aswWebRepIE.dll

TB: Yahoo! Toolbar: {EF99BD32-C1FB-11D2-892F-0090271D4F88} - c:\program files\yahoo!\companion\installs\cpn1\yt.dll

mRun: [RtHDVCpl] RtHDVCpl.exe

mRun: [eDataSecurity Loader] c:\acer\empowering technology\edatasecurity\eDSloader.exe

mRun: [Apoint] c:\program files\apoint2k\Apoint.exe

mRun: [skytel] Skytel.exe

mRun: [avast] "c:\program files\avast software\avast\avastUI.exe" /nogui

uPolicies-Explorer: NoDrives = dword:0

mPolicies-Explorer: BindDirectlyToPropertySetStorage = dword:0

mPolicies-Explorer: NoDrives = dword:0

mPolicies-System: EnableUIADesktopToggle = dword:0

IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - c:\program files\microsoft office\office12\ONBttnIE.dll

IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503}

.

INFO: HKCU has more than 50 listed domains.

If you wish to scan all of them, select the 'Force scan all domains' option.

.

DPF: {4B54A9DE-EF1C-4EBE-A328-7C28EA3B433A} - hxxp://quickscan.bitdefender.com/qsax/qsax.cab

DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} - hxxp://download.eset.com/special/eos/OnlineScanner.cab

DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_17-windows-i586.cab

DPF: {CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_17-windows-i586.cab

DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_17-windows-i586.cab

DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab

TCP: NameServer = 192.168.1.1

TCP: Interfaces\{8E28C7F8-15AB-45F2-8A8F-BB7E65AC0FEB} : DHCPNameServer = 192.168.1.1

TCP: Interfaces\{FBC7A79D-EB01-474E-8F43-C9A92D8CA7D1} : DHCPNameServer = 172.16.0.1

Notify: igfxcui - igfxdev.dll

LSA: Security Packages = kerberos msv1_0 schannel wdigest tspkg

.

============= SERVICES / DRIVERS ===============

.

R1 aswSnx;aswSnx;c:\windows\system32\drivers\aswSnx.sys [2011-11-19 612184]

R1 aswSP;aswSP;c:\windows\system32\drivers\aswSP.sys [2009-9-21 337880]

R1 SASDIFSV;SASDIFSV;c:\program files\superantispyware\sasdifsv.sys [2011-7-22 12880]

R1 SASKUTIL;SASKUTIL;c:\program files\superantispyware\SASKUTIL.SYS [2011-7-12 67664]

R2 !SASCORE;SAS Core Service;c:\program files\superantispyware\SASCore.exe [2012-7-11 116608]

R2 ALaunchService;ALaunch Service;c:\acer\alaunch\ALaunchSvc.exe [2007-7-31 50688]

R2 aswFsBlk;aswFsBlk;c:\windows\system32\drivers\aswFsBlk.sys [2009-9-21 20696]

R2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys [2009-9-21 57688]

R2 avast! Antivirus;avast! Antivirus;c:\program files\avast software\avast\AvastSvc.exe [2011-11-19 44768]

R2 FontCache;Windows Font Cache Service;c:\windows\system32\svchost.exe -k LocalServiceAndNoImpersonation [2009-8-3 21504]

R3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0;c:\windows\system32\drivers\b57nd60x.sys [2007-7-31 179712]

S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\microsoft.net\framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]

S3 MBAMSwissArmy;MBAMSwissArmy;c:\windows\system32\drivers\mbamswissarmy.sys [2012-11-7 40776]

S3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0;c:\windows\microsoft.net\framework\v4.0.30319\wpf\WPFFontCache_v0400.exe [2010-3-18 753504]

.

=============== Created Last 30 ================

.

2012-11-08 05:53:08 40776 -c--a-w- c:\windows\system32\drivers\mbamswissarmy.sys

2012-11-08 05:53:08 -------- dc----w- c:\users\kenneth\appdata\roaming\Malwarebytes

2012-11-08 05:52:56 -------- dc----w- c:\programdata\Malwarebytes

2012-11-08 05:52:33 22856 -c--a-w- c:\windows\system32\drivers\mbam.sys

2012-11-08 05:52:33 -------- dc----w- c:\program files\Malwarebytes' Anti-Malware

2012-11-08 00:14:27 -------- dc----w- C:\FRST

2012-11-07 01:29:59 -------- dcsh--w- C:\$RECYCLE.BIN

2012-11-07 01:29:50 -------- dc----w- c:\users\kenneth\appdata\local\temp

2012-11-06 22:24:19 6918632 ----a-w- c:\programdata\microsoft\windows defender\definition updates\{78620410-7ef8-49e9-8980-da79f291e3d1}\mpengine.dll

2012-11-06 22:18:46 6918632 ------w- c:\programdata\microsoft\windows defender\definition updates\updates\mpengine.dll

2012-11-06 21:55:34 98816 -c--a-w- c:\windows\sed.exe

2012-11-06 21:55:34 256000 -c--a-w- c:\windows\PEV.exe

2012-11-06 21:55:34 208896 -c--a-w- c:\windows\MBR.exe

2012-11-06 18:14:16 388096 -c--a-r- c:\users\kenneth\appdata\roaming\microsoft\installer\{45a66726-69bc-466b-a7a4-12fcba4883d7}\HiJackThis.exe

2012-11-06 18:14:13 -------- dc----w- c:\program files\Trend Micro

2012-11-04 01:49:37 -------- dc----w- c:\programdata\Spybot - Search & Destroy

2012-11-04 01:49:37 -------- dc----w- c:\program files\Spybot - Search & Destroy

2012-11-03 06:56:07 -------- dc----w- c:\program files\Eusing Free Registry Defrag

2012-11-03 06:50:21 -------- dc----w- c:\program files\Eusing Free Registry Cleaner

2012-11-03 00:56:16 -------- dc----w- c:\users\kenneth\appdata\roaming\SUPERAntiSpyware.com

2012-11-03 00:55:50 -------- dc----w- c:\programdata\SUPERAntiSpyware.com

2012-11-03 00:55:50 -------- dc----w- c:\program files\SUPERAntiSpyware

2012-10-31 19:22:11 -------- dc----w- c:\programdata\D852ADD2F4338B3B0000D851D58690AD

2012-10-10 20:50:08 985088 -c--a-w- c:\windows\system32\crypt32.dll

2012-10-10 20:50:06 98304 -c--a-w- c:\windows\system32\cryptnet.dll

2012-10-10 20:50:06 133120 -c--a-w- c:\windows\system32\cryptsvc.dll

2012-10-10 20:49:41 172544 -c--a-w- c:\windows\system32\wintrust.dll

2012-10-10 20:49:33 2048 -c--a-w- c:\windows\system32\tzres.dll

2012-10-10 20:49:16 3602816 -c--a-w- c:\windows\system32\ntkrnlpa.exe

2012-10-10 20:49:15 3550080 -c--a-w- c:\windows\system32\ntoskrnl.exe

.

==================== Find3M ====================

.

2012-10-09 21:35:34 73656 -c--a-w- c:\windows\system32\FlashPlayerCPLApp.cpl

2012-10-09 21:35:34 696760 -c--a-w- c:\windows\system32\FlashPlayerApp.exe

2012-08-24 06:59:17 1800704 -c--a-w- c:\windows\system32\jscript9.dll

2012-08-24 06:51:27 1129472 -c--a-w- c:\windows\system32\wininet.dll

2012-08-24 06:51:02 1427968 -c--a-w- c:\windows\system32\inetcpl.cpl

2012-08-24 06:47:26 142848 -c--a-w- c:\windows\system32\ieUnatt.exe

2012-08-24 06:47:12 420864 -c--a-w- c:\windows\system32\vbscript.dll

2012-08-24 06:43:58 2382848 -c--a-w- c:\windows\system32\mshtml.tlb

.

============= FINISH: 14:34:48.89 ===============

Share this post


Link to post
Share on other sites

Here is the attach log...........

.

UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.

IF REQUESTED, ZIP IT UP & ATTACH IT

.

DDS (Ver_2012-11-05.02)

.

Microsoft® Windows Vista™ Home Basic

Boot Device: \Device\HarddiskVolume2

Install Date: 1/21/2008 2:49:45 PM

System Uptime: 11/8/2012 2:24:14 PM (0 hours ago)

.

Motherboard: Acer | | Acadia

Processor: Intel® Celeron® CPU 540 @ 1.86GHz | uPGA-478 | 1862/133mhz

.

==== Disk Partitions =========================

.

C: is FIXED (NTFS) - 33 GiB total, 11.574 GiB free.

D: is FIXED (NTFS) - 32 GiB total, 32.127 GiB free.

E: is CDROM ()

F: is Removable

.

==== Disabled Device Manager Items =============

.

==== System Restore Points ===================

.

RP556: 11/6/2012 3:55:49 PM - ComboFix created restore point

RP557: 11/6/2012 4:18:09 PM - Windows Update

RP558: 11/7/2012 7:07:17 PM - Scheduled Checkpoint

RP559: 11/7/2012 10:35:15 PM - OTL Restore Point - 11/7/2012 10:35:14 PM

.

==== Installed Programs ======================

.

Acer Arcade

Acer Assist

Acer eDataSecurity Management

Acer eLock Management

Acer Empowering Technology

Acer eNet Management

Acer ePower Management

Acer ePresentation Management

Acer eSettings Management

Acer Mobility Center Plug-In

Acer Registration

Acer ScreenSaver

Acer Tour

Activation Assistant for the 2007 Microsoft Office suites

Adobe Flash Player 11 ActiveX

Adobe Reader 8.1.3

Agere Systems HDA Modem

ALPS Touch Pad Driver

AusLogics Disk Defrag

avast! Free Antivirus

Bejeweled 2 Deluxe

Canon MP280 series MP Drivers

CCleaner (remove only)

Eusing Free Registry Cleaner

Google Chrome

Google Update Helper

HiJackThis

Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)

Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484)

Intel® Graphics Media Accelerator Driver

Java 6 Update 17

LightScribe 1.4.142.1

Malwarebytes Anti-Malware version 1.65.1.1000

Microsoft .NET Framework 3.5 SP1

Microsoft .NET Framework 4 Client Profile

Microsoft Office Excel MUI (English) 2007

Microsoft Office Home and Student 2007

Microsoft Office Live Meeting 2007

Microsoft Office OneNote MUI (English) 2007

Microsoft Office PowerPoint MUI (English) 2007

Microsoft Office Proof (English) 2007

Microsoft Office Proof (French) 2007

Microsoft Office Proof (Spanish) 2007

Microsoft Office Proofing (English) 2007

Microsoft Office Shared MUI (English) 2007

Microsoft Office Shared Setup Metadata MUI (English) 2007

Microsoft Office Word MUI (English) 2007

Microsoft Visual C++ 2005 Redistributable

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148

Microsoft Works

MSXML 4.0 SP2 (KB954430)

MSXML 4.0 SP2 (KB973688)

PowerProducer 3.72

Realtek High Definition Audio Driver

Security Update for Microsoft .NET Framework 3.5 SP1 (KB2604111)

Security Update for Microsoft .NET Framework 3.5 SP1 (KB2657424)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2478663)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2518870)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2539636)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2572078)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2604121)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2633870)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2656351)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368v2)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2656405)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2686827)

Spybot - Search & Destroy

SpywareBlaster 4.3

SUPERAntiSpyware

TimeLineRemove 0.9

Update for Microsoft .NET Framework 3.5 SP1 (KB963707)

Update for Microsoft .NET Framework 4 Client Profile (KB2468871)

Update for Microsoft .NET Framework 4 Client Profile (KB2533523)

Update for Microsoft .NET Framework 4 Client Profile (KB2600217)

Update for Office 2007 (KB934528)

Update for Office System 2007 Setup (KB929722)

VLC media player 1.1.0

Yahoo! BrowserPlus 2.9.8

Yahoo! Messenger

Yahoo! Software Update

Yahoo! Toolbar

.

==== Event Viewer Messages From Past Week ========

.

11/8/2012 12:07:18 AM, Error: EventLog [6008] - The previous system shutdown at 11:56:47 PM on 11/7/2012 was unexpected.

11/7/2012 10:12:44 PM, Error: EventLog [6008] - The previous system shutdown at 10:08:28 PM on 11/7/2012 was unexpected.

11/6/2012 9:36:36 PM, Error: Service Control Manager [7001] - The Network List Service service depends on the Network Location Awareness service which failed to start because of the following error: The dependency service or group failed to start.

11/6/2012 9:36:30 PM, Error: Service Control Manager [7026] - The following boot-start or system-start driver(s) failed to load: AFD aswRdr aswSnx aswSP aswTdi DfsC NetBIOS netbt nsiproxy PSched RasAcd rdbss SASDIFSV SASKUTIL Smb spldr tdx Wanarpv6 ws2ifsl

11/6/2012 9:36:30 PM, Error: Service Control Manager [7001] - The Workstation service depends on the Network Store Interface Service service which failed to start because of the following error: The dependency service or group failed to start.

11/6/2012 9:36:30 PM, Error: Service Control Manager [7001] - The WebDav Client Redirector Driver service depends on the Redirected Buffering Sub Sysytem service which failed to start because of the following error: A device attached to the system is not functioning.

11/6/2012 9:36:30 PM, Error: Service Control Manager [7001] - The WebClient service depends on the WebDav Client Redirector Driver service which failed to start because of the following error: The dependency service or group failed to start.

11/6/2012 9:36:30 PM, Error: Service Control Manager [7001] - The TCP/IP NetBIOS Helper service depends on the AFD service which failed to start because of the following error: A device attached to the system is not functioning.

11/6/2012 9:36:30 PM, Error: Service Control Manager [7001] - The SMB MiniRedirector Wrapper and Engine service depends on the Redirected Buffering Sub Sysytem service which failed to start because of the following error: A device attached to the system is not functioning.

11/6/2012 9:36:30 PM, Error: Service Control Manager [7001] - The SMB 2.0 MiniRedirector service depends on the SMB MiniRedirector Wrapper and Engine service which failed to start because of the following error: The dependency service or group failed to start.

11/6/2012 9:36:30 PM, Error: Service Control Manager [7001] - The SMB 1.x MiniRedirector service depends on the SMB MiniRedirector Wrapper and Engine service which failed to start because of the following error: The dependency service or group failed to start.

11/6/2012 9:36:30 PM, Error: Service Control Manager [7001] - The Network Store Interface Service service depends on the NSI proxy service service which failed to start because of the following error: A device attached to the system is not functioning.

11/6/2012 9:36:30 PM, Error: Service Control Manager [7001] - The Network Location Awareness service depends on the Network Store Interface Service service which failed to start because of the following error: The dependency service or group failed to start.

11/6/2012 9:36:30 PM, Error: Service Control Manager [7001] - The Network Connections service depends on the Network Store Interface Service service which failed to start because of the following error: The dependency service or group failed to start.

11/6/2012 9:36:30 PM, Error: Service Control Manager [7001] - The IP Helper service depends on the Network Store Interface Service service which failed to start because of the following error: The dependency service or group failed to start.

11/6/2012 9:36:30 PM, Error: Service Control Manager [7001] - The DNS Client service depends on the NetIO Legacy TDI Support Driver service which failed to start because of the following error: A device attached to the system is not functioning.

11/6/2012 9:36:30 PM, Error: Service Control Manager [7001] - The DHCP Client service depends on the AFD service which failed to start because of the following error: A device attached to the system is not functioning.

11/6/2012 9:36:30 PM, Error: Service Control Manager [7001] - The Computer Browser service depends on the Server service which failed to start because of the following error: The dependency service or group failed to start.

11/6/2012 9:36:28 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service WSearch with arguments "" in order to run the server: {9E175B6D-F52A-11D8-B9A5-505054503030}

11/6/2012 9:36:28 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service WSearch with arguments "" in order to run the server: {7D096C5F-AC08-4F1F-BEB7-5C22C517CE39}

11/6/2012 9:35:52 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service EventSystem with arguments "" in order to run the server: {1BE1F766-5536-11D1-B726-00C04FB926AF}

11/6/2012 9:35:52 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1068" attempting to start the service netprofm with arguments "" in order to run the server: {A47979D2-C419-11D9-A5B4-001185AD2B89}

11/6/2012 9:35:52 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1068" attempting to start the service netman with arguments "" in order to run the server: {BA126AD1-2166-11D1-B1D0-00805FC1270E}

11/6/2012 9:35:44 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service ShellHWDetection with arguments "" in order to run the server: {DD522ACC-F821-461A-A407-50B198B896DC}

11/6/2012 8:15:28 PM, Error: EventLog [6008] - The previous system shutdown at 8:12:43 PM on 11/6/2012 was unexpected.

11/6/2012 7:26:30 PM, Error: Service Control Manager [7030] - The PEVSystemStart service is marked as an interactive service. However, the system is configured to not allow interactive services. This service may not function properly.

11/6/2012 7:16:05 PM, Error: Service Control Manager [7034] - The MobilityService service terminated unexpectedly. It has done this 1 time(s).

11/6/2012 7:13:59 PM, Error: Service Control Manager [7034] - The XAudioService service terminated unexpectedly. It has done this 1 time(s).

11/6/2012 3:15:28 PM, Error: Service Control Manager [7023] - The Computer Browser service terminated with the following error: The specified service does not exist as an installed service.

11/6/2012 3:15:28 PM, Error: Service Control Manager [7003] - The IPsec Policy Agent service depends the following service: BFE. This service might not be installed.

11/6/2012 3:15:28 PM, Error: Service Control Manager [7003] - The IKE and AuthIP IPsec Keying Modules service depends the following service: BFE. This service might not be installed.

11/6/2012 2:19:54 PM, Error: volsnap [36] - The shadow copies of volume C: were aborted because the shadow copy storage could not grow due to a user imposed limit.

11/6/2012 12:49:49 PM, Error: EventLog [6008] - The previous system shutdown at 12:40:22 PM on 11/6/2012 was unexpected.

11/6/2012 11:53:49 AM, Error: EventLog [6008] - The previous system shutdown at 11:39:38 PM on 11/5/2012 was unexpected.

11/6/2012 11:15:40 PM, Error: Service Control Manager [7031] - The Windows Search service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 30000 milliseconds: Restart the service.

11/6/2012 11:15:40 PM, Error: Service Control Manager [7024] - The Windows Search service terminated with service-specific error 2147749155 (0x80040D23).

11/6/2012 11:15:40 PM, Error: Service Control Manager [7009] - A timeout was reached (30000 milliseconds) while waiting for the Windows Search service to connect.

11/6/2012 11:15:40 PM, Error: Service Control Manager [7000] - The Windows Search service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion.

11/6/2012 11:15:40 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1053" attempting to start the service WSearch with arguments "" in order to run the server: {7D096C5F-AC08-4F1F-BEB7-5C22C517CE39}

11/5/2012 11:27:44 PM, Error: EventLog [6008] - The previous system shutdown at 10:20:24 PM on 11/5/2012 was unexpected.

11/4/2012 9:26:31 PM, Error: EventLog [6008] - The previous system shutdown at 11:24:37 PM on 11/3/2012 was unexpected.

11/3/2012 8:35:06 PM, Error: Service Control Manager [7009] - A timeout was reached (30000 milliseconds) while waiting for the ALaunch Service service to connect.

11/3/2012 7:43:59 PM, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the SysMain service.

11/3/2012 7:43:29 PM, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the TrkWks service.

11/3/2012 7:38:00 PM, Error: EventLog [6008] - The previous system shutdown at 7:36:37 PM on 11/3/2012 was unexpected.

11/3/2012 2:48:21 PM, Error: Service Control Manager [7026] - The following boot-start or system-start driver(s) failed to load: AFD aswRdr aswSnx aswSP aswTdi DfsC NetBIOS netbt nsiproxy PSched RasAcd rdbss SASDIFSV SASKUTIL Smb spldr tdx Wanarpv6

11/3/2012 2:48:21 PM, Error: Service Control Manager [7001] - The TCP/IP NetBIOS Helper service depends on the Ancilliary Function Driver for Winsock service which failed to start because of the following error: A device attached to the system is not functioning.

11/3/2012 2:48:21 PM, Error: Service Control Manager [7001] - The DHCP Client service depends on the Ancilliary Function Driver for Winsock service which failed to start because of the following error: A device attached to the system is not functioning.

11/3/2012 2:47:20 PM, Error: EventLog [6008] - The previous system shutdown at 2:44:37 PM on 11/3/2012 was unexpected.

11/3/2012 2:24:01 PM, Error: EventLog [6008] - The previous system shutdown at 2:22:14 PM on 11/3/2012 was unexpected.

11/3/2012 12:25:39 AM, Error: Service Control Manager [7026] - The following boot-start or system-start driver(s) failed to load: aswSnx aswSP aswTdi SASDIFSV SASKUTIL spldr Wanarpv6

11/2/2012 6:41:01 PM, Error: Microsoft-Windows-Dhcp-Client [1002] - The IP address lease 172.16.0.2 for the Network Card with network address 001F3A0A5D4E has been denied by the DHCP server 192.168.1.1 (The DHCP Server sent a DHCPNACK message).

11/2/2012 6:37:46 PM, Error: Service Control Manager [7026] - The following boot-start or system-start driver(s) failed to load: aswSnx aswSP aswTdi spldr Wanarpv6

11/2/2012 4:23:00 PM, Error: EventLog [6008] - The previous system shutdown at 4:15:03 PM on 11/2/2012 was unexpected.

11/2/2012 4:12:48 PM, Error: EventLog [6008] - The previous system shutdown at 8:49:17 PM on 10/31/2012 was unexpected.

11/2/2012 11:05:41 PM, Error: EventLog [6008] - The previous system shutdown at 11:02:56 PM on 11/2/2012 was unexpected.

.

==== End Of File ===========================

Share this post


Link to post
Share on other sites

Hi,

Are you able to boot to Safe Mode and run Malwarebytes? Give it a try and see what happens.

Share this post


Link to post
Share on other sites

We already ran MBAM in safe mode sucessfully and I posted the log, back on page one.

Share this post


Link to post
Share on other sites

Hi,

Please download aswMBR to your desktop.

  • Double click the aswMBR icon to run it.
  • Click the Scan button to start scan.
  • If you are asked to update the Avast Virus database please allow it to do so.
  • When it finishes, press the save log button, save the logfile to your desktop and attach its contents in your next reply.

aswmbrscan.jpg

Click the image to enlarge it

----------

Share this post


Link to post
Share on other sites

aswMBR version 0.9.9.1707 Copyright© 2011 AVAST Software

Run date: 2012-11-09 09:28:13

-----------------------------

09:28:13.778 OS Version: Windows 6.0.6002 Service Pack 2

09:28:13.793 Number of processors: 1 586 0x1601

09:28:13.793 ComputerName: HOME-PC UserName: Kenneth

09:28:38.613 Initialize success

09:28:40.126 AVAST engine defs: 12110801

09:29:07.301 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP2T0L0-4

09:29:07.301 Disk 0 Vendor: TOSHIBA_MK8046GSX LB313J Size: 76319MB BusType: 3

09:29:07.317 Disk 0 MBR read successfully

09:29:07.333 Disk 0 MBR scan

09:29:07.348 Disk 0 unknown MBR code

09:29:07.364 Disk 0 Partition 1 00 27 Hidden NTFS WinRE NTFS 9993 MB offset 63

09:29:07.442 Disk 0 Partition 2 80 (A) 06 FAT16 NTFS 33294 MB offset 20467712

09:29:07.473 Disk 0 Partition 3 00 07 HPFS/NTFS NTFS 33030 MB offset 88653824

09:29:07.504 Disk 0 scanning sectors +156299264

09:29:07.582 Disk 0 scanning C:\Windows\system32\drivers

09:29:23.260 Service scanning

09:29:55.677 Modules scanning

09:30:06.566 Disk 0 trace - called modules:

09:30:07.112 ntoskrnl.exe CLASSPNP.SYS disk.sys acpi.sys hal.dll ataport.SYS PCIIDEX.SYS msahci.sys

09:30:07.127 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0x8435dac8]

09:30:07.127 3 CLASSPNP.SYS[861c38b3] -> nt!IofCallDriver -> [0x83bfeaa0]

09:30:07.143 5 acpi.sys[85a4d6bc] -> nt!IofCallDriver -> \Device\Ide\IdeDeviceP2T0L0-4[0x83bc3030]

09:30:07.502 AVAST engine scan C:\Windows

09:30:10.747 AVAST engine scan C:\Windows\system32

09:32:51.255 AVAST engine scan C:\Windows\system32\drivers

09:33:05.030 AVAST engine scan C:\Users\Kenneth

09:34:09.380 AVAST engine scan C:\ProgramData

09:34:30.315 Scan finished successfully

09:36:07.903 Disk 0 MBR has been saved successfully to "F:\MBR.dat"

09:36:07.919 The log file has been saved successfully to "F:\aswMBR.txt"

Share this post


Link to post
Share on other sites

Any more ideas or do I need to delete everything and put a fresh installation on the laptop?

Share this post


Link to post
Share on other sites

Sorry....I was traveling back home and am just getting back on.

Download MBRFix Utility from here. You'll have to scroll down a bit to locate the MBRFix product. Click the Download button in the lower right corner of that description box and save the MBRFix.zip to your desktop. Extract all files.

Once extracted, there will be three files in the folder. Copy just the MBRFix application to the same USB drive that has FRST.exe on it.

Open notepad and copy the contents of the quote box below, and save it on the flashdrive as fixlist.txt

SaveMbr: Drive=0

Same as you did earlier, restart the machine tapping F8. Select Repair your computer

Follow the prompt to enter language, keyboard input method, and then the prompt to enter a password. If the machine does not have a password, simply click Enter.

In the next menu, use the arrow keys on the keyboard to highlight Command Prompt and press Enter.

  • In the command window type E:\frst.exe and press Enter.
    Note: The last time you ran FRST.exe, the flash drive had been assigned the driver letter of E:\. If the above command does not work, type in Notepad and press enter. Locate the drive letter of the flash drive and replace letter E with the drive letter of your flash drive.
  • The tool will start to run.
  • Click the Fix button just once and wait.
  • When it has completed, there should be a file on the flashdrive named MBRDUMP.txt. Although it may look a text file, it is a hex file so you must attach this report on your reply instead of posting its contents.

Share this post


Link to post
Share on other sites

Let me submit this and get a look at it...I will return as quickly as I can. :)

Share this post


Link to post
Share on other sites

Malwarebytes Anti-Rootkit

Please download Malwarebytes Anti-Rootkit and save it to your desktop.

  • Be sure to print out and follow the instructions provided on that same page.
  • Caution: This is a beta version so please be sure to read the disclaimer and back up all your data before using.
  • Scan your system for malware
  • If malware is found, please go to the MBAR folder and then copy/paste the contents of the MBAR-log-***.txt file to your next reply.

If no malware is found please let me know.

----------

Share this post


Link to post
Share on other sites

Please download SystemLook from one of the links below and save it to your Desktop.

Download Mirror #1

Download Mirror #2

**If you are using a 64bit system please use either of the following links for your download instead:

Link 1

Link 2

  • Right-click and Run as Administrator SystemLook.exe to run it.
  • Copy the content within the following codebox into the main textfield:

    :filefind
    ataport*


  • Click the Look button to start the scan.
  • When finished, a notepad window will open with the results of the scan. Please post this log in your next reply.

Note: The log can also be found on your Desktop entitled SystemLook.txt

Share this post


Link to post
Share on other sites

SystemLook 30.07.11 by jpshortstuff

Log created at 10:39 on 12/11/2012 by Kenneth

Administrator - Elevation successful

========== filefind ==========

Searching for "ataport*"

C:\Windows\System32\drivers\ataport.sys --a--c- 109032 bytes [23:39 18/02/2010] [06:32 11/04/2009] 64B0052340B8EC28FA8A56B708AE71CC

C:\Windows\System32\DriverStore\FileRepository\mshdc.inf_7de13c21\ataport.sys --a---- 109624 bytes [18:32 23/07/2009] [18:32 23/07/2009] A928BBCA9235AC328953B34CA0C1F5A0

C:\Windows\System32\DriverStore\FileRepository\mshdc.inf_b12d8e84\ataport.sys --a---- 109032 bytes [23:39 18/02/2010] [06:32 11/04/2009] 64B0052340B8EC28FA8A56B708AE71CC

C:\Windows\System32\DriverStore\FileRepository\mshdc.inf_c6c2e699\ataport.sys --a---- 107112 bytes [10:25 02/11/2006] [09:50 02/11/2006] BF1DC83332EDFDCFACB1BE080E119655

C:\Windows\System32\DriverStore\FileRepository\mshdc.inf_cc18792d\ataport.sys --a---- 110136 bytes [23:08 03/08/2009] [07:43 19/01/2008] D1C03AE69C29E239FC8000C5C0DEA709

C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.0.6000.16632_none_db337a442479c42c\ataport.sys --a---- 109624 bytes [18:32 23/07/2009] [18:32 23/07/2009] A928BBCA9235AC328953B34CA0C1F5A0

C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.0.6000.20757_none_dbac78a93da31a8b\ataport.sys --a---- 110136 bytes [18:32 23/07/2009] [18:32 23/07/2009] 5BD29D71B0C25CA021FC55F0710884D7

C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.0.6001.18000_none_dd38281a2189ce9c\ataport.sys --a--c- 110136 bytes [23:08 03/08/2009] [07:43 19/01/2008] D1C03AE69C29E239FC8000C5C0DEA709

C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.0.6002.18005_none_df23a1261eab99e8\ataport.sys --a--c- 109032 bytes [23:39 18/02/2010] [06:32 11/04/2009] 64B0052340B8EC28FA8A56B708AE71CC

-= EOF =-

Share this post


Link to post
Share on other sites

  • Please open Notepad (Start -> Run -> type notepad in the Open field -> OK) and copy and paste the text present inside the code box below:

    ClearJavaCache::

    FCopy::
    C:\Windows\System32\DriverStore\FileRepository\mshdc.inf_b12d8e84\ataport.sys | C:\Windows\System32\drivers\ataport.sys


  • Save this as CFScript.txt and change the "Save as type" to "All Files" and place it on your desktop.
    CFScriptB-4.gif
  • Very Important! Temporarily disable your anti-virus, script blocking and any anti-malware real-time protection before following the steps below. They can interfere with ComboFix or remove some of its embedded files which may cause "unpredictable results".
  • Referring to the screenshot above, drag CFScript.txt into ComboFix.exe.
  • ComboFix may request an update; please allow it.
  • ComboFix will now run a scan on your system. It may reboot your system when it finishes. This is normal.
  • When finished, it shall produce a log for you. Copy and paste the contents of the log in your next reply.

CAUTION: Do not mouse-click ComboFix's window while it is running. That may cause it to stall.

----------

Share this post


Link to post
Share on other sites

ComboFix 12-11-12.03 - Kenneth 11/12/2012 11:40:17.3.1 - x86

Microsoft® Windows Vista™ Home Basic 6.0.6002.2.1252.1.1033.18.1013.340 [GMT -6:00]

Running from: c:\users\Kenneth\Desktop\ComboFix.exe

Command switches used :: c:\users\Kenneth\Desktop\CFScript.txt

AV: avast! Antivirus *Disabled/Updated* {2B2D1395-420B-D5C9-657E-930FE358FC3C}

SP: avast! Antivirus *Disabled/Updated* {904CF271-6431-DA47-5FCE-A87D98DFB681}

SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

.

.

((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))

.

.

.

--------------- FCopy ---------------

.

c:\windows\System32\DriverStore\FileRepository\mshdc.inf_b12d8e84\ataport.sys --> c:\windows\System32\drivers\ataport.sys

.

((((((((((((((((((((((((( Files Created from 2012-10-12 to 2012-11-12 )))))))))))))))))))))))))))))))

.

.

2012-11-12 17:49 . 2012-11-12 17:49 -------- dc----w- c:\users\Kenneth\AppData\Local\temp

2012-11-12 17:49 . 2012-11-12 17:49 -------- dc----w- c:\users\Default\AppData\Local\temp

2012-11-09 22:42 . 2012-10-17 07:32 6918632 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{86FE1D82-EB00-423E-BD2A-47D6774485D0}\mpengine.dll

2012-11-08 05:53 . 2012-11-08 05:53 -------- dc----w- c:\users\Kenneth\AppData\Roaming\Malwarebytes

2012-11-08 05:52 . 2012-11-08 05:52 -------- dc----w- c:\programdata\Malwarebytes

2012-11-08 05:52 . 2012-11-08 05:52 -------- dc----w- c:\program files\Malwarebytes' Anti-Malware

2012-11-08 05:52 . 2012-09-30 01:54 22856 -c--a-w- c:\windows\system32\drivers\mbam.sys

2012-11-08 00:14 . 2012-11-08 00:14 -------- dc----w- C:\FRST

2012-11-06 18:14 . 2012-11-06 18:14 388096 -c--a-r- c:\users\Kenneth\AppData\Roaming\Microsoft\Installer\{45A66726-69BC-466B-A7A4-12FCBA4883D7}\HiJackThis.exe

2012-11-06 18:14 . 2012-11-06 18:14 -------- dc----w- c:\program files\Trend Micro

2012-11-04 01:49 . 2012-11-04 03:38 -------- dc----w- c:\programdata\Spybot - Search & Destroy

2012-11-04 01:49 . 2012-11-04 01:52 -------- dc----w- c:\program files\Spybot - Search & Destroy

2012-11-03 06:56 . 2012-11-04 00:31 -------- dc----w- c:\program files\Eusing Free Registry Defrag

2012-11-03 06:50 . 2012-11-03 06:55 -------- dc----w- c:\program files\Eusing Free Registry Cleaner

2012-11-03 00:56 . 2012-11-03 00:56 -------- dc----w- c:\users\Kenneth\AppData\Roaming\SUPERAntiSpyware.com

2012-11-03 00:55 . 2012-11-03 00:56 -------- dc----w- c:\program files\SUPERAntiSpyware

2012-11-03 00:55 . 2012-11-03 00:55 -------- dc----w- c:\programdata\SUPERAntiSpyware.com

2012-10-31 19:22 . 2012-11-03 03:16 -------- dc----w- c:\programdata\D852ADD2F4338B3B0000D851D58690AD

.

.

.

(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))

.

2012-10-09 21:35 . 2012-06-11 21:41 696760 -c--a-w- c:\windows\system32\FlashPlayerApp.exe

2012-10-09 21:35 . 2011-09-09 17:56 73656 -c--a-w- c:\windows\system32\FlashPlayerCPLApp.cpl

2012-09-13 13:28 . 2012-10-10 20:49 2048 -c--a-w- c:\windows\system32\tzres.dll

2012-08-29 11:27 . 2012-10-10 20:49 3602816 -c--a-w- c:\windows\system32\ntkrnlpa.exe

2012-08-29 11:27 . 2012-10-10 20:49 3550080 -c--a-w- c:\windows\system32\ntoskrnl.exe

2012-08-24 15:53 . 2012-10-10 20:49 172544 -c--a-w- c:\windows\system32\wintrust.dll

2012-08-24 06:59 . 2012-09-23 08:02 1800704 -c--a-w- c:\windows\system32\jscript9.dll

2012-08-24 06:51 . 2012-09-23 08:02 1129472 -c--a-w- c:\windows\system32\wininet.dll

2012-08-24 06:51 . 2012-09-23 08:02 1427968 -c--a-w- c:\windows\system32\inetcpl.cpl

2012-08-24 06:47 . 2012-09-23 08:02 142848 -c--a-w- c:\windows\system32\ieUnatt.exe

2012-08-24 06:47 . 2012-09-23 08:02 420864 -c--a-w- c:\windows\system32\vbscript.dll

2012-08-24 06:43 . 2012-09-23 08:02 2382848 -c--a-w- c:\windows\system32\mshtml.tlb

.

.

((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))

.

.

*Note* empty entries & legit default entries are not shown

REGEDIT4

.

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]

@="{472083B0-C522-11CF-8763-00608CC02F24}"

[HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]

2012-03-06 23:15 123536 -c--a-w- c:\program files\AVAST Software\Avast\ashShell.dll

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"RtHDVCpl"="RtHDVCpl.exe" [2007-07-06 4669440]

"eDataSecurity Loader"="c:\acer\Empowering Technology\eDataSecurity\eDSloader.exe" [2007-04-25 457216]

"Apoint"="c:\program files\Apoint2K\Apoint.exe" [2007-06-06 159744]

"Skytel"="Skytel.exe" [2007-06-15 1826816]

"avast"="c:\program files\AVAST Software\Avast\avastUI.exe" [2012-03-06 4241512]

.

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]

"EnableUIADesktopToggle"= 0 (0x0)

.

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\!SASCORE]

@=""

.

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]

@="Driver"

.

[HKLM\~\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Empowering Technology Launcher.lnk]

backup=c:\windows\pss\Empowering Technology Launcher.lnk.CommonStartup

backupExtension=.CommonStartup

.

[HKLM\~\startupfolder\C:^Users^Kenneth^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^OneNote 2007 Screen Clipper and Launcher.lnk]

backup=c:\windows\pss\OneNote 2007 Screen Clipper and Launcher.lnk.Startup

backupExtension=.Startup

.

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Acer Assist Launcher]

2007-02-02 18:05 1261568 -c--a-w- c:\program files\Acer Assist\launcher.exe

.

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Acer Product Registration]

2007-02-02 19:24 3383296 -c--a-w- c:\program files\Acer Registration\ACE1.exe

.

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Acer Tour Reminder]

2007-05-22 22:49 151552 -c--a-w- c:\acer\AcerTour\Reminder.exe

.

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher]

2008-10-15 06:04 39792 -c--a-w- c:\program files\Adobe\Reader 8.0\Reader\reader_sl.exe

.

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HotKeysCmds]

2008-02-12 01:13 166424 ----a-w- c:\windows\System32\hkcmd.exe

.

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\IgfxTray]

2008-02-12 01:13 141848 -c--a-w- c:\windows\System32\igfxtray.exe

.

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LManager]

2007-07-16 05:51 768520 -c--a-w- c:\progra~1\LAUNCH~1\LManager.exe

.

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Messenger (Yahoo!)]

2012-05-25 09:25 6595928 -c--a-w- c:\progra~1\Yahoo!\MESSEN~1\YahooMessenger.exe

.

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PCMService]

2007-06-22 01:25 155648 -c--a-w- c:\program files\Acer\Acer Arcade\PCMService.exe

.

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Persistence]

2008-02-12 01:13 133656 ----a-w- c:\windows\System32\igfxpers.exe

.

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]

2009-10-11 10:17 149280 -c--a-w- c:\program files\Java\jre6\bin\jusched.exe

.

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Windows Defender]

2008-01-19 07:38 1008184 -c--a-w- c:\program files\Windows Defender\MSASCui.exe

.

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WMPNSCFG]

2008-01-19 07:33 202240 -c--a-w- c:\program files\Windows Media Player\wmpnscfg.exe

.

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring]

"DisableMonitoring"=dword:00000001

.

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecAntiVirus]

"DisableMonitoring"=dword:00000001

.

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecFirewall]

"DisableMonitoring"=dword:00000001

.

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Svc]

"AntiVirusOverride"=dword:00000001

.

S2 !SASCORE;SAS Core Service;c:\program files\SUPERAntiSpyware\SASCORE.EXE [x]

.

.

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]

LocalServiceNoNetwork REG_MULTI_SZ PLA DPS BFE mpssvc

LocalServiceAndNoImpersonation REG_MULTI_SZ FontCache

.

Contents of the 'Scheduled Tasks' folder

.

2012-11-12 c:\windows\Tasks\Adobe Flash Player Updater.job

- c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2012-06-11 21:35]

.

2012-11-12 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job

- c:\program files\Google\Update\GoogleUpdate.exe [2012-06-08 21:51]

.

2012-11-12 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job

- c:\program files\Google\Update\GoogleUpdate.exe [2012-06-08 21:51]

.

.

------- Supplementary Scan -------

.

uStart Page = hxxp://mail.google.com/

uSearchMigratedDefaultURL = hxxp://search.yahoo.com/search?p={searchTerms}&ei=utf-8&fr=b1ie7

mStart Page = hxxp://en.us.acer.yahoo.com

uSearchURL,(Default) = hxxp://us.rd.yahoo.com/customize/ycomp/defaults/su/*http://www.yahoo.com

TCP: DhcpNameServer = 192.168.1.1

.

- - - - ORPHANS REMOVED - - - -

.

SafeBoot-36917629.sys

.

.

.

**************************************************************************

.

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net

Rootkit scan 2012-11-12 11:49

Windows 6.0.6002 Service Pack 2 NTFS

.

scanning hidden processes ...

.

scanning hidden autostart entries ...

.

scanning hidden files ...

.

scan completed successfully

hidden files: 0

.

**************************************************************************

.

--------------------- LOCKED REGISTRY KEYS ---------------------

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]

@Denied: (A 2) (Everyone)

@="FlashBroker"

"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil32_11_4_402_287_ActiveX.exe,-101"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]

"Enabled"=dword:00000001

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]

@="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil32_11_4_402_287_ActiveX.exe"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]

@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]

@Denied: (A 2) (Everyone)

@="IFlashBroker5"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]

@="{00020424-0000-0000-C000-000000000046}"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]

@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"

"Version"="1.0"

.

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]

@Denied: (A) (Users)

@Denied: (A) (Everyone)

@Allowed: (B 1 2 3 4 5) (S-1-5-20)

"BlindDial"=dword:00000000

"MSCurrentCountry"=dword:000000b5

.

--------------------- DLLs Loaded Under Running Processes ---------------------

.

- - - - - - - > 'Explorer.exe'(3020)

c:\windows\system32\MsnChatHook.dll

c:\windows\system32\ShowErrMsg.dll

c:\windows\system32\sysenv.dll

c:\windows\system32\BatchCrypto.dll

c:\windows\system32\CryptoAPI.dll

c:\windows\system32\keyManager.dll

.

Completion time: 2012-11-12 11:53:23

ComboFix-quarantined-files.txt 2012-11-12 17:53

ComboFix2.txt 2012-11-06 22:16

.

Pre-Run: 10,332,848,128 bytes free

Post-Run: 10,046,468,096 bytes free

.

- - End Of File - - 00F9936B3A520E9B9B6B281FD3EC211C

Share this post


Link to post
Share on other sites

How is your system running?

Share this post


Link to post
Share on other sites

I went to run MBAM, updated it and it ran about 3 minutes and then gave me a blue screen that didn't have and words on it. I rebooted, and tried again but now MBAM wouldn't update. I tried to run it but it only ran about 2 min.

Share this post


Link to post
Share on other sites

Download Windows Repair (all in one) from this site

Install and then run the program.

On the Start Repairs tab, select Advanced Mode and click Start

Capture1.gif

Check only the following items...

Reset Registry Permissions

Reset File Permissions

Register System Files

Repair WMI

Remove Policies Set By Infections

The screen shot below is an example of what you might see. Be sure to check Restart System When Finished.

windowsservicetool.jpg

----------

Let me know if that fixes up your problem with your BSOD.

Share this post


Link to post
Share on other sites

Ran the program, rebooted, tried to update MBAM and it gave an error. I tried to run a scan and it ran for a little over 2 minutes before I got the BSOD.

When I try to update MBAM, I get an error that says....... An error has occured. Please report this issure to our support team(include the content of all error message(s) and codes in your submission)

Program_error_updating(0,0, Host not found)

Share this post


Link to post
Share on other sites

Sorry, I reset my router and MBAM updated fine. But MBAM still blue screens after running less than 3 minutes

Share this post


Link to post
Share on other sites
Guest
This topic is now closed to further replies.

  • Recently Browsing   0 members

    No registered users viewing this page.