Javascript Disabled Detected

You currently have javascript disabled. Several functions may not work. Please re-enable javascript to access full functionality.

Trojan:DOS/Alureon.A [Solved]

Started by jkabat , Nov 22 2012 08:37 AM

This topic is locked

#1
jkabat

Posted 22 November 2012 - 08:37 AM

Member

Member
98 posts

Microsoft Security Essentials scan turned up the following:

Trojan:DOS/Alureon.A

I was then notified that:

Additional Cleaning Required. Detected threats could not be cleaned. To complete the process download and runWindows Defender Offline.

Did that and Windows Defender Offline scan didn't detectanything.

Restart of computer after running windows defender offline resultedin same warnings and commands.

Also Google Chrome browser automatically redirects tosearchfunfood.com…and shortly thereafter the blue screen comes up. Yahoo browser seems to work fine.

Any help would be greatly appreciated.

#2
Essexboy

Posted 22 November 2012 - 09:17 AM

GeekU Moderator

Retired Staff
69,964 posts

Place marker for Jasmyne

#3
Jasmyne

Posted 22 November 2012 - 09:29 AM

Trusted Helper

Malware Removal
2,010 posts

Hi! My name is Jasmyne and Welcome to Geeks to Go!

I'm sorry you are having issues with your computer but I will do my best to resolve them as quickly as possible. I know having an infected computer is frustrating because I was once where you are now! It isn't always a quick & easy fix to remove malware but if you'll stick with me, I'll stick with you until your computer is clean. Throughout this process you may want to print instructions in case you loose internet access unless you have another way to access them aside from the infected computer. Please be patient with me as I am currently in training, and all of my responses to you have to be reviewed by my instructor before I post them. Just keep in mind that you get the advantage as you have 2 people examining your issue. Please make sure to carefully read any instruction that I give you. If you're not sure, or if something unexpected happens, do NOT continue! Stop and ask! Never be afraid to ask questions!

Download OTL to your Desktop
Secondary link

Double click on the icon to run it. Make sure all other windows are closed and to let it run uninterrupted.
Select All Users
Under the Custom Scan box paste this in

netsvcs
BASESERVICES
%SYSTEMDRIVE%\*.exe
/md5start
services.*
explorer.exe
winlogon.exe
Userinit.exe
svchost.exe
winsock.*
/md5stop
CREATERESTOREPOINT
Click the Run Scan button. Do not change any settings unless otherwise told to do so. The scan wont take long.
When the scan completes, it will open two notepad windows. OTL.Txt and Extras.Txt. These are saved in the same location as OTL.
Post both logs

#4
jkabat

Posted 22 November 2012 - 10:20 AM

Member

Topic Starter
Member
98 posts

Thank you for your help.

OTL TEXT

OTL logfile created on: 11/22/2012 10:35:28 AM - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Jessie\Downloads
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

3.60 Gb Total Physical Memory | 2.26 Gb Available Physical Memory | 62.86% Memory free
7.20 Gb Paging File | 5.61 Gb Available in Paging File | 77.87% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 282.38 Gb Total Space | 232.25 Gb Free Space | 82.25% Space Free | Partition Type: NTFS

Computer Name: JESSIE-PC | User Name: Jessie | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2012/11/22 10:34:33 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Jessie\Downloads\OTL.exe
PRC - [2012/09/29 19:54:26 | 000,676,936 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
PRC - [2012/09/29 19:54:26 | 000,399,432 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
PRC - [2012/08/23 11:19:53 | 000,307,856 | ---- | M] (Google Inc.) -- C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbarUser_32.exe
PRC - [2011/11/23 22:13:01 | 000,243,360 | ---- | M] (Adobe Systems, Inc.) -- C:\Windows\SysWOW64\Macromed\Flash\FlashUtil10u_ActiveX.exe
PRC - [2009/07/13 20:14:45 | 000,020,480 | ---- | M] () -- \\.\globalroot\systemroot\svchost.exe
PRC - [2009/07/13 20:14:45 | 000,020,480 | ---- | M] () -- \\.\globalroot\systemroot\svchost.exe

========== Modules (No Company Name) ==========

========== Services (SafeList) ==========

SRV:64bit: - [2012/09/12 20:21:48 | 000,368,896 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- c:\Program Files\Microsoft Security Client\NisSrv.exe -- (NisSrv)
SRV:64bit: - [2012/09/12 20:21:48 | 000,022,072 | ---- | M] (Microsoft Corporation) [Auto | Running] -- c:\Program Files\Microsoft Security Client\MsMpEng.exe -- (MsMpSvc)
SRV:64bit: - [2011/06/10 00:10:00 | 000,138,152 | ---- | M] (TOSHIBA Corporation) [On_Demand | Running] -- C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSmartSrv.exe -- (TOSHIBA HDD SSD Alert Service)
SRV:64bit: - [2011/06/08 00:54:56 | 000,204,288 | ---- | M] (AMD) [Auto | Running] -- C:\Windows\SysNative\atiesrxx.exe -- (AMD External Events Utility)
SRV:64bit: - [2011/05/17 17:34:18 | 000,574,896 | ---- | M] (TOSHIBA Corporation) [Auto | Running] -- C:\Program Files\TOSHIBA\Power Saver\TosCoSrv.exe -- (TosCoSrv)
SRV:64bit: - [2011/04/20 18:16:04 | 000,558,592 | ---- | M] (TOSHIBA Corporation) [Auto | Running] -- C:\Windows\SysNative\ThpSrv.exe -- (Thpsrv)
SRV:64bit: - [2010/10/20 17:41:00 | 000,138,656 | ---- | M] (TOSHIBA Corporation) [Auto | Running] -- C:\Windows\SysNative\TODDSrv.exe -- (TODDSrv)
SRV:64bit: - [2010/09/22 21:10:10 | 000,057,184 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Program Files\Windows Live\Mesh\wlcrasvc.exe -- (wlcrasvc)
SRV:64bit: - [2009/07/13 20:41:27 | 001,011,712 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV - [2012/09/29 19:54:26 | 000,676,936 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe -- (MBAMService)
SRV - [2012/09/29 19:54:26 | 000,399,432 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe -- (MBAMScheduler)
SRV - [2011/07/11 20:16:06 | 000,057,216 | ---- | M] (TOSHIBA Corporation) [On_Demand | Running] -- C:\Program Files (x86)\Toshiba\TOSHIBA Service Station\TMachInfo.exe -- (TMachInfo)
SRV - [2010/03/18 16:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2009/06/10 16:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)

========== Driver Services (SafeList) ==========

DRV:64bit: - [2012/09/29 19:54:26 | 000,025,928 | ---- | M] (Malwarebytes Corporation) [File_System | On_Demand | Running] -- C:\Windows\SysNative\drivers\mbam.sys -- (MBAMProtector)
DRV:64bit: - [2012/08/30 21:03:48 | 000,128,456 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\NisDrvWFP.sys -- (NisDrv)
DRV:64bit: - [2012/03/01 01:46:16 | 000,023,408 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
DRV:64bit: - [2011/07/28 17:33:50 | 000,313,448 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\rtsuvstor.sys -- (RSUSBVSTOR)
DRV:64bit: - [2011/06/08 01:42:26 | 009,360,896 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmdag.sys -- (amdkmdag)
DRV:64bit: - [2011/06/08 00:16:14 | 000,309,760 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmpag.sys -- (amdkmdap)
DRV:64bit: - [2011/05/17 01:55:28 | 000,533,096 | ---- | M] (Realtek ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Rt64win7.sys -- (RTL8167)
DRV:64bit: - [2011/04/13 12:21:56 | 001,143,912 | ---- | M] (Realtek Semiconductor Corporation ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\rtl8192ce.sys -- (RTL8192Ce)
DRV:64bit: - [2011/03/24 22:50:30 | 001,423,408 | ---- | M] (Synaptics Incorporated) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\SynTP.sys -- (SynTP)
DRV:64bit: - [2011/03/23 20:10:28 | 000,036,992 | ---- | M] (TOSHIBA Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\thpdrv.sys -- (Thpdrv)
DRV:64bit: - [2011/03/11 01:41:12 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2011/03/11 01:41:12 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2011/02/08 22:07:00 | 000,038,096 | ---- | M] (TOSHIBA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\PGEffect.sys -- (PGEffect)
DRV:64bit: - [2010/11/20 22:24:33 | 000,059,392 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV:64bit: - [2010/11/20 22:23:47 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2010/11/20 22:23:47 | 000,031,232 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbGD.sys -- (TsUsbGD)
DRV:64bit: - [2009/07/30 23:22:04 | 000,027,784 | ---- | M] (TOSHIBA Corporation.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\tdcmdpst.sys -- (tdcmdpst)
DRV:64bit: - [2009/07/14 18:31:18 | 000,026,840 | ---- | M] (TOSHIBA Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\TVALZ_O.SYS -- (TVALZ)
DRV:64bit: - [2009/07/13 20:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2009/07/13 20:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2009/07/13 20:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2009/07/07 12:51:42 | 000,009,216 | ---- | M] (TOSHIBA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\FwLnk.sys -- (FwLnk)
DRV:64bit: - [2009/06/29 19:16:20 | 000,014,784 | ---- | M] (TOSHIBA Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\Thpevm.sys -- (Thpevm)
DRV:64bit: - [2009/06/10 15:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2009/06/10 15:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2009/06/10 15:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:64bit: - [2009/06/10 15:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV - [2012/11/22 10:30:24 | 000,035,664 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- c:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{00202148-428F-499D-882E-6250ECE1E9DC}\MpKsl7ca22613.sys -- (MpKsl7ca22613)
DRV - [2009/07/13 20:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)

========== Standard Registry (SafeList) ==========

========== Internet Explorer ==========

IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {{67A2568C-7A0A-4EED-AECC-B5405DE63B64}}
IE:64bit: - HKLM\..\SearchScopes\{{67A2568C-7A0A-4EED-AECC-B5405DE63B64}}: "URL" = http://www.google.co...ng}&rlz=1I7TSNO
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\..\SearchScopes,DefaultScope = {{67A2568C-7A0A-4EED-AECC-B5405DE63B64}}
IE - HKLM\..\SearchScopes\{{67A2568C-7A0A-4EED-AECC-B5405DE63B64}}: "URL" = http://www.google.co...ng}&rlz=1I7TSNO

IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-21-3270784952-2024653608-2700192650-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://start.toshiba.com/?cid=C001B2Y
IE - HKU\S-1-5-21-3270784952-2024653608-2700192650-1001\SOFTWARE\Microsoft\Internet Explorer\Main,SearchDefaultBranded = 1
IE - HKU\S-1-5-21-3270784952-2024653608-2700192650-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.yahoo.com/
IE - HKU\S-1-5-21-3270784952-2024653608-2700192650-1001\..\SearchScopes,DefaultScope = {70642FB4-62CF-41F8-89A6-A9393D564588}
IE - HKU\S-1-5-21-3270784952-2024653608-2700192650-1001\..\SearchScopes\{{67A2568C-7A0A-4EED-AECC-B5405DE63B64}}: "URL" = http://www.google.co...ng}&rlz=1I7TSNO
IE - HKU\S-1-5-21-3270784952-2024653608-2700192650-1001\..\SearchScopes\{70642FB4-62CF-41F8-89A6-A9393D564588}: "URL" = http://www.google.co...1I7TSNO_enUS474
IE - HKU\S-1-5-21-3270784952-2024653608-2700192650-1001\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-3270784952-2024653608-2700192650-1001\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = <local>

========== FireFox ==========

FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\5.1.10411.0\npctrl.dll ( Microsoft Corporation)
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\windows\SysWOW64\Macromed\Flash\NPSWF32.dll ()
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.5.1: C:\windows\SysWOW64\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.5.1: C:\Program Files (x86)\Oracle\JavaFX 2.1 Runtime\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\5.1.10411.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~2\MICROS~3\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~2\MICROS~3\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3538.0513: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.)

========== Chrome ==========

CHR - homepage: http://searchfunmood...yE&cr=945882518
CHR - default_search_provider: Funmoods (Enabled)
CHR - default_search_provider: search_url = http://searchfunmood...yE&cr=945882518
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?client=chrome&hl={language}&q={searchTerms}
CHR - homepage: http://searchfunmood...yE&cr=945882518
CHR - plugin: Remoting Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\23.0.1271.64\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\23.0.1271.64\pdf.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\23.0.1271.64\gcswf32.dll
CHR - plugin: Shockwave Flash (Disabled) = C:\Users\Jessie\AppData\Local\Google\Chrome\User Data\PepperFlash\11.2.31.144\pepflashplayer.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\windows\SysWOW64\Macromed\Flash\NPSWF32.dll
CHR - plugin: Adobe Acrobat (Enabled) = C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll
CHR - plugin: Java Deployment Toolkit 6.0.250.6 (Enabled) = C:\Program Files (x86)\Java\jre6\bin\new_plugin\npdeployJava1.dll
CHR - plugin: Java™ Platform SE 6 U25 (Enabled) = C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll
CHR - plugin: Microsoft Office 2010 (Enabled) = C:\PROGRA~2\MICROS~3\Office14\NPAUTHZ.DLL
CHR - plugin: Microsoft Office 2010 (Enabled) = C:\PROGRA~2\MICROS~3\Office14\NPSPWRAP.DLL
CHR - plugin: Google Update (Enabled) = C:\Program Files (x86)\Google\Update\1.3.21.111\npGoogleUpdate3.dll
CHR - plugin: Windows Live\u0099 Photo Gallery (Enabled) = C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
CHR - plugin: Silverlight Plug-In (Enabled) = c:\Program Files (x86)\Microsoft Silverlight\5.1.10411.0\npctrl.dll
CHR - Extension: Google Search = C:\Users\Jessie\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_1\
CHR - Extension: Gmail = C:\Users\Jessie\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_1\

O1 HOSTS File: ([2009/06/10 16:00:26 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O2:64bit: - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
O2 - BHO: (Java™ Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Oracle\JavaFX 2.1 Runtime\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (Java™ Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Oracle\JavaFX 2.1 Runtime\bin\jp2ssv.dll (Oracle Corporation)
O3:64bit: - HKLM\..\Toolbar: (Google Toolbar) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
O3:64bit: - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3:64bit: - HKU\S-1-5-21-3270784952-2024653608-2700192650-1001\..\Toolbar\WebBrowser: (Google Toolbar) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
O4:64bit: - HKLM..\Run: [] File not found
O4:64bit: - HKLM..\Run: [HSON] C:\Program Files\TOSHIBA\TBS\HSON.exe (TOSHIBA Corporation)
O4:64bit: - HKLM..\Run: [MSC] c:\Program Files\Microsoft Security Client\msseces.exe (Microsoft Corporation)
O4:64bit: - HKLM..\Run: [RtHDVBg] C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe (Realtek Semiconductor)
O4:64bit: - HKLM..\Run: [RTHDVCPL] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor)
O4:64bit: - HKLM..\Run: [TCrdMain] C:\Program Files\TOSHIBA\FlashCards\TCrdMain.exe (TOSHIBA Corporation)
O4:64bit: - HKLM..\Run: [ThpSrv] C:\windows\SysNative\thpsrv.exe (TOSHIBA Corporation)
O4:64bit: - HKLM..\Run: [TosSENotify] C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosWaitSrv.exe (TOSHIBA Corporation)
O4:64bit: - HKLM..\Run: [TosVolRegulator] C:\Program Files\TOSHIBA\TosVolRegulator\TosVolRegulator.exe (TOSHIBA Corporation)
O4:64bit: - HKLM..\Run: [TPwrMain] C:\Program Files\TOSHIBA\Power Saver\TPwrMain.exe (TOSHIBA Corporation)
O4 - HKLM..\Run: [StartCCC] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.)
O4 - HKLM..\Run: [ToshibaServiceStation] C:\Program Files (x86)\TOSHIBA\TOSHIBA Service Station\ToshibaServiceStation.exe (TOSHIBA Corporation)
O4 - HKU\S-1-5-19..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-20..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O16 - DPF: {20BBA18F-5BC8-47B5-8FC9-5DFCA8E56A4B} https://mpi.dacom.ne...PI_20110503.cab (XacsPop Control)
O16 - DPF: {48ECCD73-123C-4C25-A64C-76E8E8A30CAF} https://mpi.dacom.ne...MPI/XPayMPI.cab (XPayMPIOCX Control)
O16 - DPF: {7C98E005-7DA3-4C02-8D9F-FAA9C4D1C343} http://service.ewha..../ictReportX.cab (ReportViewerForm Control)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Java Plug-in 10.5.1)
O16 - DPF: {AC2CE4A7-75CE-4B11-B245-CE697861C3C1} http://ems.shinhanli...ISAFEMailv4.cab (INISafeMailContainer Class)
O16 - DPF: {CAFEEFAC-0016-0000-0025-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_25)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 10.5.1)
O16 - DPF: {E78928A6-3D2A-4BF7-A100-F3FBAA351B49} https://www.vpay.co....TLD_VISTA64.cab (KvpIspCtlD Control)
O16 - DPF: {FFD77E35-1C34-4EAC-B5A7-414CC5D007DA} https://www.isaackor...sim/ilkactx.cab (AnsimPlugin Class)
O18:64bit: - Protocol\Handler\livecall - No CLSID value found
O18:64bit: - Protocol\Handler\ms-help - No CLSID value found
O18:64bit: - Protocol\Handler\msnim - No CLSID value found
O18:64bit: - Protocol\Handler\wlmailhtml - No CLSID value found
O18:64bit: - Protocol\Handler\wlpg - No CLSID value found
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\windows\SysWow64\userinit.exe (Microsoft Corporation)
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)

CREATERESTOREPOINT
Restore point Set: OTL Restore Point

========== Files/Folders - Created Within 30 Days ==========

[2012/11/22 09:45:34 | 000,020,480 | ---- | C] (Microsoft Corporation) -- C:\windows\svchost.exe
[2012/11/21 23:41:13 | 000,000,000 | ---D | C] -- C:\windows\Microsoft Antimalware
[2012/11/21 20:00:37 | 000,000,000 | ---D | C] -- C:\Users\Jessie\AppData\Roaming\Malwarebytes
[2012/11/21 20:00:33 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware
[2012/11/21 20:00:33 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2012/11/21 20:00:31 | 000,025,928 | ---- | C] (Malwarebytes Corporation) -- C:\windows\SysNative\drivers\mbam.sys
[2012/11/21 20:00:31 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware
[2012/11/21 20:00:14 | 000,000,000 | ---D | C] -- C:\Users\Jessie\AppData\Roaming\Optimizer Pro
[2012/11/21 20:00:10 | 000,000,000 | ---D | C] -- C:\ProgramData\TEMP
[2012/11/21 20:00:02 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Optimizer Pro
[2012/11/21 19:59:54 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Optimizer Pro
[2012/11/21 19:54:43 | 000,000,000 | ---D | C] -- C:\eb958037f26a16806998df99
[2012/11/19 15:54:45 | 000,000,000 | ---D | C] -- C:\windows\Minidump
[2012/11/17 11:15:01 | 000,000,000 | ---D | C] -- C:\windows\Sun
[2012/11/15 06:16:26 | 000,054,376 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\drivers\WdfLdr.sys
[2012/11/15 06:16:26 | 000,009,728 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\Wdfres.dll
[2012/11/15 06:06:24 | 000,000,000 | -HSD | C] -- C:\Config.Msi
[2012/11/15 06:03:11 | 000,096,768 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\mshtmled.dll
[2012/11/15 06:03:10 | 000,073,216 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\mshtmled.dll
[2012/11/15 06:03:07 | 000,176,640 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\ieui.dll
[2012/11/15 06:03:06 | 000,248,320 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\ieui.dll
[2012/11/15 06:03:05 | 000,173,056 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\ieUnatt.exe
[2012/11/15 06:03:05 | 000,142,848 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\ieUnatt.exe
[2012/11/15 06:03:04 | 000,237,056 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\url.dll
[2012/11/15 06:03:04 | 000,231,936 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\url.dll
[2012/11/15 06:03:00 | 001,494,528 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\inetcpl.cpl
[2012/11/15 06:03:00 | 001,427,968 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\inetcpl.cpl
[2012/11/15 06:02:59 | 002,312,704 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\jscript9.dll
[2012/11/15 06:02:58 | 000,729,088 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\msfeeds.dll
[2012/11/15 06:02:54 | 000,717,824 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\jscript.dll
[2012/11/15 06:02:53 | 000,816,640 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\jscript.dll
[2012/11/15 06:02:53 | 000,599,040 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\vbscript.dll
[2012/11/15 06:00:58 | 000,194,048 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\WUDFPlatform.dll
[2012/11/15 06:00:55 | 000,229,888 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\WUDFHost.exe
[2012/11/15 06:00:55 | 000,045,056 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\WUDFCoinstaller.dll
[2012/11/15 06:00:54 | 000,744,448 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\WUDFx.dll
[2012/11/14 06:25:18 | 000,226,816 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\dhcpcore6.dll
[2012/11/14 06:25:18 | 000,193,536 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\dhcpcore6.dll
[2012/11/14 06:25:17 | 000,055,296 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\dhcpcsvc6.dll
[2012/11/14 06:25:08 | 000,216,576 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\ncsi.dll
[2012/11/14 06:25:08 | 000,156,672 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\ncsi.dll
[2012/11/14 06:25:07 | 000,246,272 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\netcorehc.dll
[2012/11/14 06:25:07 | 000,175,104 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\netcorehc.dll
[2012/11/14 06:25:06 | 000,018,944 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\netevent.dll
[2012/11/14 06:25:06 | 000,018,944 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\netevent.dll
[2012/11/14 06:24:59 | 000,095,744 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\synceng.dll
[2012/11/14 06:24:59 | 000,078,336 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\synceng.dll
[2012/10/23 18:21:34 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\INITECH
[1 C:\windows\*.tmp files -> C:\windows\*.tmp -> ]
[1 C:\Users\Jessie\Desktop\*.tmp files -> C:\Users\Jessie\Desktop\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2012/11/22 10:38:10 | 000,024,608 | -H-- | M] () -- C:\windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2012/11/22 10:38:10 | 000,024,608 | -H-- | M] () -- C:\windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2012/11/22 10:35:20 | 000,726,316 | ---- | M] () -- C:\windows\SysNative\PerfStringBackup.INI
[2012/11/22 10:35:20 | 000,624,178 | ---- | M] () -- C:\windows\SysNative\perfh009.dat
[2012/11/22 10:35:20 | 000,106,522 | ---- | M] () -- C:\windows\SysNative\perfc009.dat
[2012/11/22 10:30:57 | 000,000,908 | ---- | M] () -- C:\windows\tasks\GoogleUpdateTaskMachineCore.job
[2012/11/22 10:30:13 | 000,067,584 | --S- | M] () -- C:\windows\bootstat.dat
[2012/11/22 10:30:08 | 361,675,882 | ---- | M] () -- C:\windows\MEMORY.DMP
[2012/11/22 10:30:06 | 2899,468,288 | -HS- | M] () -- C:\hiberfil.sys
[2012/11/22 09:29:13 | 000,000,912 | ---- | M] () -- C:\windows\tasks\GoogleUpdateTaskMachineUA.job
[2012/11/21 20:05:40 | 000,001,124 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware (2).lnk
[2012/11/21 20:00:34 | 000,001,124 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
[2012/11/21 20:00:01 | 000,001,077 | ---- | M] () -- C:\Users\Jessie\Desktop\Optimizer Pro.lnk
[2012/11/21 19:59:50 | 000,290,500 | ---- | M] () -- C:\Users\Jessie\AppData\Local\funmoods-speeddial_sf.crx
[2012/11/19 16:10:34 | 010,973,467 | ---- | M] () -- C:\Users\Jessie\Desktop\greencourt place.zip
[2012/11/15 06:56:51 | 000,342,664 | ---- | M] () -- C:\windows\SysNative\FNTCACHE.DAT
[1 C:\windows\*.tmp files -> C:\windows\*.tmp -> ]
[1 C:\Users\Jessie\Desktop\*.tmp files -> C:\Users\Jessie\Desktop\*.tmp -> ]

========== Files Created - No Company Name ==========

[2012/11/21 20:05:40 | 000,001,124 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware (2).lnk
[2012/11/21 20:00:34 | 000,001,124 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
[2012/11/21 20:00:20 | 000,290,500 | ---- | C] () -- C:\Users\Jessie\AppData\Local\funmoods-speeddial_sf.crx
[2012/11/21 20:00:01 | 000,001,077 | ---- | C] () -- C:\Users\Jessie\Desktop\Optimizer Pro.lnk
[2012/11/19 16:10:26 | 010,973,467 | ---- | C] () -- C:\Users\Jessie\Desktop\greencourt place.zip
[2012/11/19 15:54:39 | 361,675,882 | ---- | C] () -- C:\windows\MEMORY.DMP
[2012/11/15 06:16:34 | 000,000,003 | ---- | C] () -- C:\windows\SysNative\drivers\MsftWdf_Kernel_01011_Inbox_Critical.Wdf
[2012/11/15 06:00:54 | 000,000,003 | ---- | C] () -- C:\windows\SysNative\drivers\MsftWdf_User_01_11_00_Inbox_Critical.Wdf
[2012/09/24 18:44:46 | 002,480,232 | ---- | C] () -- C:\windows\SysWow64\ISPPopUpDlg.exe
[2012/08/04 11:27:55 | 000,000,478 | ---- | C] () -- C:\windows\SysWow64\ic32.ini
[2012/08/04 09:18:30 | 000,540,672 | ---- | C] () -- C:\windows\SysWow64\Tx32.dll
[2012/07/26 12:05:40 | 000,495,616 | ---- | C] () -- C:\windows\SysWow64\KvpUpCom.dll
[2012/04/07 15:30:19 | 000,743,534 | ---- | C] () -- C:\windows\SysWow64\PerfStringBackup.INI
[2012/01/19 03:42:09 | 000,451,072 | ---- | C] () -- C:\windows\SysWow64\ISSRemoveSP.exe
[2012/01/19 03:33:35 | 000,000,000 | ---- | C] () -- C:\windows\ativpsrm.bin
[2012/01/19 03:30:19 | 000,003,929 | ---- | C] () -- C:\windows\SysWow64\atipblag.dat
[2011/03/24 22:48:04 | 000,066,856 | ---- | C] () -- C:\windows\SysWow64\SynTPEnhPS.dll

========== ZeroAccess Check ==========

[2009/07/13 23:55:00 | 000,000,227 | RHS- | M] () -- C:\windows\assembly\Desktop.ini

[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64

[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64

[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\Windows\SysNative\shell32.dll -- [2012/06/09 00:43:10 | 014,172,672 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2012/06/08 23:41:00 | 012,873,728 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009/07/13 20:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2010/11/20 22:24:25 | 000,606,208 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2009/07/13 20:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]

========== Custom Scans ==========

========== Base Services ==========
SRV:64bit: - [2009/07/13 20:40:01 | 000,072,192 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\aelupsvc.dll -- (AeLookupSvc)
SRV:64bit: - [2010/11/20 22:24:08 | 000,070,656 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\appinfo.dll -- (Appinfo)
SRV:64bit: - [2009/07/13 20:38:55 | 000,079,360 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\alg.exe -- (ALG)
SRV:64bit: - [2010/11/20 22:23:51 | 000,849,920 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\qmgr.dll -- (BITS)
SRV:64bit: - [2010/11/20 22:24:00 | 000,705,024 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\BFE.DLL -- (BFE)
SRV:64bit: - [2011/11/17 01:33:55 | 000,031,232 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\lsass.exe -- (KeyIso)
SRV:64bit: - [2009/07/13 20:40:50 | 000,402,944 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\es.dll -- (EventSystem)
SRV - [2009/07/13 20:15:19 | 000,271,360 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysWOW64\es.dll -- (EventSystem)
SRV:64bit: - [2012/07/04 17:13:27 | 000,136,704 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\browser.dll -- (Browser)
SRV:64bit: - [2012/06/02 00:41:28 | 000,184,320 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\cryptsvc.dll -- (CryptSvc)
SRV - [2012/06/01 23:36:29 | 000,140,288 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysWOW64\cryptsvc.dll -- (CryptSvc)
SRV:64bit: - [2010/11/20 22:24:01 | 000,512,000 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\rpcss.dll -- (DcomLaunch)
SRV:64bit: - [2010/11/20 22:24:00 | 000,317,952 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\dhcpcore.dll -- (Dhcp)
SRV - [2010/11/20 22:24:09 | 000,254,464 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysWOW64\dhcpcore.dll -- (Dhcp)
SRV:64bit: - [2011/03/03 01:24:16 | 000,183,296 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\dnsrslvr.dll -- (Dnscache)
SRV:64bit: - [2009/07/13 20:40:35 | 000,111,104 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\eapsvc.dll -- (EapHost)
SRV:64bit: - [2009/07/13 20:41:00 | 000,038,912 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\hidserv.dll -- (hidserv)
SRV - [2009/07/13 20:15:24 | 000,049,152 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysWOW64\hidserv.dll -- (hidserv)
SRV:64bit: - [2009/07/13 20:41:10 | 000,359,424 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\SysNative\ipnathlp.dll -- (SharedAccess)
SRV:64bit: - [2010/11/20 22:23:48 | 000,501,248 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\IPSECSVC.DLL -- (PolicyAgent)
SRV:64bit: - [2012/09/12 20:21:48 | 000,022,072 | ---- | M] (Microsoft Corporation) [Auto | Running] -- c:\Program Files\Microsoft Security Client\MsMpEng.exe -- (MsMpSvc)
SRV:64bit: - [2012/09/12 20:21:48 | 000,368,896 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- c:\Program Files\Microsoft Security Client\NisSrv.exe -- (NisSrv)
SRV:64bit: - [2009/07/13 20:41:54 | 000,524,288 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\swprv.dll -- (swprv)
SRV:64bit: - [2009/07/13 20:41:26 | 000,067,584 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\mmcss.dll -- (MMCSS)
SRV:64bit: - [2009/07/13 20:41:52 | 000,360,448 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\netman.dll -- (Netman)
SRV:64bit: - [2009/07/13 20:41:52 | 000,459,776 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\netprofm.dll -- (netprofm)
SRV - [2009/07/13 20:16:03 | 000,360,448 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysWOW64\netprofm.dll -- (netprofm)
SRV:64bit: - [2012/10/03 12:44:21 | 000,303,104 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\nlasvc.dll -- (NlaSvc)
SRV:64bit: - [2009/07/13 20:41:53 | 000,025,600 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\nsisvc.dll -- (nsi)
SRV:64bit: - [2011/05/24 06:42:55 | 000,404,480 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\umpnpmgr.dll -- (PlugPlay)
SRV:64bit: - [2012/02/11 01:36:02 | 000,559,104 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\spoolsv.exe -- (Spooler)
SRV:64bit: - [2011/11/17 01:33:55 | 000,031,232 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\lsass.exe -- (ProtectedStorage)
No service found with a name of EMDMgmt
SRV:64bit: - [2009/07/13 20:41:53 | 000,099,328 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\rasauto.dll -- (RasAuto)
SRV:64bit: - [2010/11/20 22:24:17 | 000,344,064 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\rasmans.dll -- (RasMan)
SRV:64bit: - [2010/11/20 22:24:01 | 000,512,000 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\rpcss.dll -- (RpcSs)
SRV:64bit: - [2010/11/20 22:24:16 | 000,030,720 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\seclogon.dll -- (seclogon)
SRV:64bit: - [2011/11/17 01:33:55 | 000,031,232 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\lsass.exe -- (SamSs)
SRV:64bit: - [2009/07/13 20:41:58 | 000,097,280 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\wscsvc.dll -- (wscsvc)
SRV:64bit: - [2010/11/20 22:23:48 | 000,236,032 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\srvsvc.dll -- (LanmanServer)
SRV:64bit: - [2010/11/20 22:23:55 | 000,370,688 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\shsvcs.dll -- (ShellHWDetection)
SRV - [2010/11/20 22:24:03 | 000,328,192 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysWOW64\shsvcs.dll -- (ShellHWDetection)
No service found with a name of slsvc
SRV:64bit: - [2010/11/20 22:24:16 | 001,110,016 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\schedsvc.dll -- (Schedule)
SRV:64bit: - [2010/11/20 22:24:32 | 000,316,928 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\tapisrv.dll -- (TapiSrv)
SRV - [2010/11/20 22:24:00 | 000,242,176 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysWOW64\tapisrv.dll -- (TapiSrv)
SRV:64bit: - [2009/07/13 20:41:55 | 000,044,544 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\themeservice.dll -- (Themes)
SRV:64bit: - [2012/05/01 00:40:20 | 000,209,920 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\profsvc.dll -- (ProfSvc)
SRV:64bit: - [2010/11/20 22:23:55 | 001,600,512 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\VSSVC.exe -- (VSS)
SRV:64bit: - [2010/11/20 22:24:32 | 000,679,424 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\audiosrv.dll -- (AudioSrv)
SRV:64bit: - [2010/11/20 22:24:32 | 000,679,424 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\audiosrv.dll -- (AudioEndpointBuilder)
SRV:64bit: - [2010/11/20 22:25:06 | 000,170,496 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\sdrsvc.dll -- (SDRSVC)
SRV:64bit: - [2009/07/13 20:41:27 | 001,011,712 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV:64bit: - [2010/11/20 22:23:55 | 001,646,080 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\wevtsvc.dll -- (eventlog)
SRV:64bit: - [2010/11/20 22:24:28 | 000,828,416 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\MPSSVC.dll -- (MpsSvc)
SRV:64bit: - [2010/11/20 22:24:48 | 000,580,096 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\wiaservc.dll -- (stisvc)
SRV:64bit: - [2010/11/20 22:24:15 | 000,128,000 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\windows\SysNative\msiexec.exe -- (msiserver)
SRV - [2010/11/20 22:24:28 | 000,073,216 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\windows\SysWow64\msiexec.exe -- (msiserver)
SRV:64bit: - [2009/07/13 20:41:56 | 000,242,688 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\wbem\WMIsvc.dll -- (Winmgmt)
SRV:64bit: - [2012/06/02 17:19:43 | 002,428,952 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\wuaueng.dll -- (wuauserv)
SRV:64bit: - [2010/11/20 22:24:09 | 000,252,416 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\dot3svc.dll -- (dot3svc)
SRV:64bit: - [2009/07/13 20:41:56 | 000,886,784 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\wlansvc.dll -- (Wlansvc)
SRV:64bit: - [2010/11/20 22:24:32 | 000,118,784 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\wkssvc.dll -- (LanmanWorkstation)

< %SYSTEMDRIVE%\*.exe >

< MD5 for: EXPLORER.EXE >
[2011/02/26 00:19:21 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=0FB9C74046656D1579A64660AD67B746 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.21669_none_ba87e574ddfe652d\explorer.exe
[2011/02/25 01:19:30 | 002,871,808 | ---- | M] (Microsoft Corporation) MD5=332FEAB1435662FC6C672E25BEB37BE3 -- C:\Windows\explorer.exe
[2011/02/25 01:19:30 | 002,871,808 | ---- | M] (Microsoft Corporation) MD5=332FEAB1435662FC6C672E25BEB37BE3 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17567_none_afa79dc39081d0ba\explorer.exe
[2011/02/26 01:14:34 | 002,871,808 | ---- | M] (Microsoft Corporation) MD5=3B69712041F3D63605529BD66DC00C48 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.21669_none_b0333b22a99da332\explorer.exe
[2010/11/20 22:24:25 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=40D777B7A95E00593EB1568C68514493 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17514_none_ba2f56d3c4bcbafb\explorer.exe
[2011/02/25 00:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=8B88EBBB05A0E56B7DCC708498C02B3E -- C:\Windows\SysWOW64\explorer.exe
[2011/02/25 00:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=8B88EBBB05A0E56B7DCC708498C02B3E -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17567_none_b9fc4815c4e292b5\explorer.exe
[2010/11/20 22:24:11 | 002,872,320 | ---- | M] (Microsoft Corporation) MD5=AC4C51EB24AA95B77F705AB159189E24 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17514_none_afdaac81905bf900\explorer.exe

< MD5 for: SERVICES >
[2009/06/10 16:00:26 | 000,017,463 | ---- | M] () MD5=D9E1A01B480D961B7CF0509D597A92D6 -- C:\Windows\winsxs\amd64_microsoft-windows-w..nfrastructure-other_31bf3856ad364e35_6.1.7600.16385_none_6079f415110c0210\services

< MD5 for: SERVICES.ASFX >
[2010/11/16 00:02:36 | 000,000,264 | ---- | M] () MD5=0652D24D4E2799851A6DF1705E2BFFDA -- C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Locale\uk_UA\Services\Services.asfx
[2010/11/16 00:02:26 | 000,000,225 | ---- | M] () MD5=0A27F1D6595A69800A43CDE155B1E4A0 -- C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Locale\fi_FI\Services\Services.asfx
[2010/11/16 00:02:34 | 000,000,245 | ---- | M] () MD5=0B82FAB8FF5F988C5311DF1144A7D740 -- C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Locale\ru_RU\Services\Services.asfx
[2010/11/16 00:02:26 | 000,000,225 | ---- | M] () MD5=0E89BE53F56B22390CF61584B649CE01 -- C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Locale\da_DK\Services\Services.asfx
[2010/11/16 00:02:26 | 000,000,228 | ---- | M] () MD5=14DA84ECAF57B5ADA36B9093FF04CF32 -- C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Locale\ja_JP\Services\Services.asfx
[2010/11/16 00:02:24 | 000,000,230 | ---- | M] () MD5=2577B66F38E0DEA25F328DA4A0FED322 -- C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Locale\fr_FR\Services\Services.asfx
[2010/11/16 00:02:34 | 000,000,233 | ---- | M] () MD5=3382FAB54FC906B0E40269D903A8D690 -- C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Locale\pl_PL\Services\Services.asfx
[2010/11/16 00:02:34 | 000,000,231 | ---- | M] () MD5=5226417D3C8206000A8983BDC1243075 -- C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Locale\ro_RO\Services\Services.asfx
[2010/11/16 00:02:34 | 000,000,230 | ---- | M] () MD5=545E97C4F4CEA743A8D86B685EE2EDBB -- C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Locale\hr_HR\Services\Services.asfx
[2010/11/16 00:02:26 | 000,000,226 | ---- | M] () MD5=55EA57D90AE22BDF0132597EF0D7C9C7 -- C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Locale\sv_SE\Services\Services.asfx
[2010/11/16 00:02:36 | 000,000,232 | ---- | M] () MD5=611CB9CC21D2DDAD711690671F70EF39 -- C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Locale\ca_ES\Services\Services.asfx
[2010/11/16 00:02:34 | 000,000,233 | ---- | M] () MD5=846C265B751189E88B74F0155DB6B828 -- C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Locale\sl_SI\Services\Services.asfx
[2010/11/16 00:02:36 | 000,000,231 | ---- | M] () MD5=89BD37C4118540FD5AA8CDD0C24D6C0A -- C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Locale\sk_SK\Services\Services.asfx
[2010/11/16 00:02:26 | 000,000,231 | ---- | M] () MD5=8C95C0528EA7049A1DFC7A7342461D75 -- C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Locale\es_ES\Services\Services.asfx
[2010/11/16 00:02:30 | 000,000,225 | ---- | M] () MD5=9287C7268CC0F37F1DDE18CEBB128685 -- C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Locale\nb_NO\Services\Services.asfx
[2010/11/16 00:02:30 | 000,000,228 | ---- | M] () MD5=95326C46AC2654AFF5C8543DFE22CCB3 -- C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Locale\ko_KR\Services\Services.asfx
[2010/11/16 00:02:24 | 000,000,231 | ---- | M] () MD5=9F2731666F5771CC5C1E4EEDC8FB8607 -- C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Locale\de_DE\Services\Services.asfx
[2010/11/16 00:02:32 | 000,000,228 | ---- | M] () MD5=A7B7A4CC1A717292474115CD3A4AC121 -- C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Locale\zh_CN\Services\Services.asfx
[2010/11/16 00:02:34 | 000,000,232 | ---- | M] () MD5=B6E63D87C73CED2D6B433C542C5C3965 -- C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Locale\hu_HU\Services\Services.asfx
[2010/11/16 00:02:38 | 000,000,231 | ---- | M] () MD5=C85F2519DC6AECF93F67AA613A320136 -- C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Locale\eu_ES\Services\Services.asfx
[2010/11/16 00:02:26 | 000,000,231 | ---- | M] () MD5=CF94F061685A38BABE0BBD463191EDE7 -- C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Locale\it_IT\Services\Services.asfx
[2010/11/16 00:02:32 | 000,000,228 | ---- | M] () MD5=E09422BE0C7636A7B63A1527C4C1372D -- C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Locale\zh_TW\Services\Services.asfx
[2010/11/16 00:02:32 | 000,000,229 | ---- | M] () MD5=E57594DB9B9D78AB4B53D34CAFEB8497 -- C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Locale\cs_CZ\Services\Services.asfx
[2010/11/16 00:02:30 | 000,000,234 | ---- | M] () MD5=EBD8D036504F2935675F5F432F076DBA -- C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Locale\pt_BR\Services\Services.asfx
[2010/11/16 00:02:26 | 000,000,227 | ---- | M] () MD5=F36865AB3B9813962B7EDBE66FA1C28A -- C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Locale\nl_NL\Services\Services.asfx
[2010/11/16 00:02:34 | 000,000,229 | ---- | M] () MD5=F9824728970AC8199BABDC9CBA5E038C -- C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Locale\tr_TR\Services\Services.asfx

< MD5 for: SERVICES.CFG >
[2010/11/16 00:02:22 | 000,032,633 | ---- | M] () MD5=EA1C35DD541D60819D55482130BD585D -- C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Services\Services.cfg

< MD5 for: SERVICES.DAT >
[2012/06/03 18:41:19 | 000,010,240 | ---- | M] () MD5=F231D8A5F52EB516CAC8839D2773DAD9 -- C:\Users\Jessie\AppData\Roaming\Adobe\Acrobat\10.0\Security\services.dat

< MD5 for: SERVICES.EXE >
[2009/07/13 20:39:37 | 000,328,704 | ---- | M] (Microsoft Corporation) MD5=24ACB7E5BE595468E3B9AA488B9B4FCB -- C:\windows\SysNative\services.exe
[2009/07/13 20:39:37 | 000,328,704 | ---- | M] (Microsoft Corporation) MD5=24ACB7E5BE595468E3B9AA488B9B4FCB -- C:\Windows\winsxs\amd64_microsoft-windows-s..s-servicecontroller_31bf3856ad364e35_6.1.7600.16385_none_2b54b20ee6fa07b1\services.exe

< MD5 for: SERVICES.EXE.MUI >
[2010/11/21 02:06:16 | 000,017,408 | ---- | M] (Microsoft Corporation) MD5=6507BF0DC2D1F5F32493C288EAA59277 -- C:\windows\SysNative\en-US\services.exe.mui
[2010/11/21 02:06:16 | 000,017,408 | ---- | M] (Microsoft Corporation) MD5=6507BF0DC2D1F5F32493C288EAA59277 -- C:\Windows\winsxs\amd64_microsoft-windows-s..ontroller.resources_31bf3856ad364e35_6.1.7600.16385_en-us_c5f238be3fa63468\services.exe.mui

< MD5 for: SERVICES.LNK >
[2009/07/13 23:54:05 | 000,001,288 | ---- | M] () MD5=CA0D9F4743DFF86EBAF09D763139E958 -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\services.lnk
[2009/07/13 23:54:05 | 000,001,288 | ---- | M] () MD5=CA0D9F4743DFF86EBAF09D763139E958 -- C:\Users\All Users\Microsoft\Windows\Start Menu\Programs\Administrative Tools\services.lnk

< MD5 for: SERVICES.MOF >
[2009/06/10 15:44:06 | 000,002,866 | ---- | M] () MD5=26A11C895A7F0B6D32105EBE127D8500 -- C:\windows\SysNative\wbem\services.mof
[2009/06/10 15:44:06 | 000,002,866 | ---- | M] () MD5=26A11C895A7F0B6D32105EBE127D8500 -- C:\Windows\winsxs\amd64_microsoft-windows-s..s-servicecontroller_31bf3856ad364e35_6.1.7600.16385_none_2b54b20ee6fa07b1\services.mof

< MD5 for: SERVICES.MSC >
[2010/11/21 02:06:14 | 000,092,745 | ---- | M] () MD5=7A1D35F59468B8118AF5B8E21DF78AE2 -- C:\windows\SysNative\en-US\services.msc
[2009/06/10 15:38:36 | 000,092,745 | ---- | M] () MD5=7A1D35F59468B8118AF5B8E21DF78AE2 -- C:\windows\SysNative\services.msc
[2010/11/21 02:06:17 | 000,092,745 | ---- | M] () MD5=7A1D35F59468B8118AF5B8E21DF78AE2 -- C:\Windows\SysWOW64\en-US\services.msc
[2009/06/10 16:21:09 | 000,092,745 | ---- | M] () MD5=7A1D35F59468B8118AF5B8E21DF78AE2 -- C:\Windows\SysWOW64\services.msc
[2010/11/21 02:06:14 | 000,092,745 | ---- | M] () MD5=7A1D35F59468B8118AF5B8E21DF78AE2 -- C:\Windows\winsxs\amd64_microsoft-windows-s..cessnapin.resources_31bf3856ad364e35_6.1.7600.16385_en-us_003408aa160fce5b\services.msc
[2009/06/10 15:38:36 | 000,092,745 | ---- | M] () MD5=7A1D35F59468B8118AF5B8E21DF78AE2 -- C:\Windows\winsxs\amd64_microsoft-windows-servicessnapin_31bf3856ad364e35_6.1.7600.16385_none_2b58d44b5f6beb8a\services.msc
[2010/11/21 02:06:17 | 000,092,745 | ---- | M] () MD5=7A1D35F59468B8118AF5B8E21DF78AE2 -- C:\Windows\winsxs\x86_microsoft-windows-s..cessnapin.resources_31bf3856ad364e35_6.1.7600.16385_en-us_a4156d265db25d25\services.msc
[2009/06/10 16:21:09 | 000,092,745 | ---- | M] () MD5=7A1D35F59468B8118AF5B8E21DF78AE2 -- C:\Windows\winsxs\x86_microsoft-windows-servicessnapin_31bf3856ad364e35_6.1.7600.16385_none_cf3a38c7a70e7a54\services.msc

< MD5 for: SERVICES.PTXML >
[2009/07/13 15:16:17 | 000,001,061 | ---- | M] () MD5=640D7DD61B1CFA6C96F80F68F78CDFA7 -- C:\windows\SysNative\wdi\perftrack\Services.ptxml
[2009/07/13 15:16:17 | 000,001,061 | ---- | M] () MD5=640D7DD61B1CFA6C96F80F68F78CDFA7 -- C:\Windows\winsxs\amd64_microsoft-windows-s..s-servicecontroller_31bf3856ad364e35_6.1.7600.16385_none_2b54b20ee6fa07b1\Services.ptxml

< MD5 for: SVCHOST.EXE >
[2009/07/13 20:14:45 | 000,020,480 | ---- | M] (Microsoft Corporation) MD5=2CEFF13ACE25A40BD8D97654944297CD -- C:\Windows\svchost.exe
[2009/07/13 20:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) MD5=54A47F6B5E09A77E61649109C6A08866 -- C:\Windows\winsxs\x86_microsoft-windows-services-svchost_31bf3856ad364e35_6.1.7600.16385_none_b591afc466a15356\svchost.exe
[2011/03/01 03:10:51 | 000,027,648 | ---- | M] (Microsoft Corporation) MD5=635455A95EB8EC47AC72142E501465ED -- C:\Windows\winsxs\amd64_microsoft-windows-services-svchost_31bf3856ad364e35_6.1.7601.21671_none_14271b75353e4391\svchost.exe
[2011/03/01 03:07:49 | 000,027,648 | ---- | M] (Microsoft Corporation) MD5=6F68F63794097E54F36474ED4384B759 -- C:\windows\SysNative\svchost.exe
[2011/03/01 03:07:49 | 000,027,648 | ---- | M] (Microsoft Corporation) MD5=6F68F63794097E54F36474ED4384B759 -- C:\Windows\winsxs\amd64_microsoft-windows-services-svchost_31bf3856ad364e35_6.1.7601.17568_none_13af509c1c123937\svchost.exe
[2012/09/29 19:54:26 | 000,218,184 | ---- | M] () MD5=8846E87210AD131CF71E3E2E49F647B0 -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\Chameleon\svchost.exe
[2011/03/01 03:07:49 | 000,021,504 | ---- | M] (Microsoft Corporation) MD5=A91A288C91F9D9F1CFA4FAA9893C4D55 -- C:\Windows\winsxs\x86_microsoft-windows-services-svchost_31bf3856ad364e35_6.1.7601.21671_none_b8087ff17ce0d25b\svchost.exe
[2009/07/13 20:39:46 | 000,027,136 | ---- | M] (Microsoft Corporation) MD5=C78655BC80301D76ED4FEF1C1EA40A7D -- C:\Windows\winsxs\amd64_microsoft-windows-services-svchost_31bf3856ad364e35_6.1.7600.16385_none_11b04b481efec48c\svchost.exe
[2011/03/01 03:05:31 | 000,021,504 | ---- | M] (Microsoft Corporation) MD5=ECDB182F885292145826C58252B53000 -- C:\Windows\SysWOW64\svchost.exe
[2011/03/01 03:05:31 | 000,021,504 | ---- | M] (Microsoft Corporation) MD5=ECDB182F885292145826C58252B53000 -- C:\Windows\winsxs\x86_microsoft-windows-services-svchost_31bf3856ad364e35_6.1.7601.17568_none_b790b51863b4c801\svchost.exe

< MD5 for: USERINIT.EXE >
[2010/11/20 22:23:55 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 -- C:\Windows\SysWOW64\userinit.exe
[2010/11/20 22:23:55 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.1.7601.17514_none_de3024012ff21116\userinit.exe
[2010/11/20 22:24:28 | 000,030,720 | ---- | M] (Microsoft Corporation) MD5=BAFE84E637BF7388C96EF48D4D3FDD53 -- C:\windows\SysNative\userinit.exe
[2010/11/20 22:24:28 | 000,030,720 | ---- | M] (Microsoft Corporation) MD5=BAFE84E637BF7388C96EF48D4D3FDD53 -- C:\Windows\winsxs\amd64_microsoft-windows-userinit_31bf3856ad364e35_6.1.7601.17514_none_3a4ebf84e84f824c\userinit.exe

< MD5 for: WINLOGON.EXE >
[2010/11/20 22:24:29 | 000,390,656 | ---- | M] (Microsoft Corporation) MD5=1151B1BAA6F350B1DB6598E0FEA7C457 -- C:\windows\SysNative\winlogon.exe
[2010/11/20 22:24:29 | 000,390,656 | ---- | M] (Microsoft Corporation) MD5=1151B1BAA6F350B1DB6598E0FEA7C457 -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7601.17514_none_cde90685eb910636\winlogon.exe
[2012/09/29 19:54:26 | 000,218,184 | ---- | M] () MD5=8846E87210AD131CF71E3E2E49F647B0 -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\Chameleon\winlogon.exe

========== Files - Unicode (All) ==========
[2012/11/12 07:20:49 | 000,000,580 | ---- | M] ()(C:\Users\Jessie\Desktop\????.lnk) -- C:\Users\Jessie\Desktop\겨울캠프.lnk
[2012/10/15 20:11:59 | 000,000,000 | ---D | M](C:\Users\Jessie\Desktop\????11) -- C:\Users\Jessie\Desktop\여름캠프11
[2012/10/15 16:20:56 | 000,017,368 | ---- | M] ()(C:\Users\Jessie\Desktop\?????? ?? ? ??.docx) -- C:\Users\Jessie\Desktop\미국학생비자 서류 및 절차.docx
[2012/10/15 16:20:55 | 000,017,368 | ---- | C] ()(C:\Users\Jessie\Desktop\?????? ?? ? ??.docx) -- C:\Users\Jessie\Desktop\미국학생비자 서류 및 절차.docx
[2012/10/13 07:57:47 | 000,000,580 | ---- | C] ()(C:\Users\Jessie\Desktop\????.lnk) -- C:\Users\Jessie\Desktop\겨울캠프.lnk
[2012/10/13 07:56:27 | 000,065,536 | ---- | C] ()(C:\Users\Jessie\Desktop\2010? ???.xls) -- C:\Users\Jessie\Desktop\2010년 주소록.xls
[2012/10/13 07:56:09 | 000,000,000 | ---D | C](C:\Users\Jessie\Desktop\????11) -- C:\Users\Jessie\Desktop\여름캠프11
[2012/05/05 13:25:38 | 000,019,358 | ---- | M] ()(C:\Users\Jessie\Desktop\????5~.docx) -- C:\Users\Jessie\Desktop\미대순위5~.docx
[2012/05/05 13:25:38 | 000,019,358 | ---- | C] ()(C:\Users\Jessie\Desktop\????5~.docx) -- C:\Users\Jessie\Desktop\미대순위5~.docx
[2012/05/05 13:21:58 | 000,016,438 | ---- | M] ()(C:\Users\Jessie\Desktop\2011 ??????.docx) -- C:\Users\Jessie\Desktop\2011 미국대학평가.docx
[2012/05/05 13:21:57 | 000,016,438 | ---- | C] ()(C:\Users\Jessie\Desktop\2011 ??????.docx) -- C:\Users\Jessie\Desktop\2011 미국대학평가.docx
[2011/05/17 19:28:26 | 000,065,536 | ---- | M] ()(C:\Users\Jessie\Desktop\2010? ???.xls) -- C:\Users\Jessie\Desktop\2010년 주소록.xls

< End of report >

Extras.txt

OTL Extras logfile created on: 11/22/2012 10:35:28 AM - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Jessie\Downloads
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

3.60 Gb Total Physical Memory | 2.26 Gb Available Physical Memory | 62.86% Memory free
7.20 Gb Paging File | 5.61 Gb Available in Paging File | 77.87% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 282.38 Gb Total Space | 232.25 Gb Free Space | 82.25% Space Free | Partition Type: NTFS

Computer Name: JESSIE-PC | User Name: Jessie | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Extra Registry (SafeList) ==========

========== File Associations ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.html[@ = ChromeHTML] -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.)
.url[@ = InternetShortcut] -- C:\windows\SysNative\rundll32.exe (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\windows\SysWow64\control.exe (Microsoft Corporation)
.html [@ = ChromeHTML] -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.)

[HKEY_USERS\S-1-5-21-3270784952-2024653608-2700192650-1001\SOFTWARE\Classes\<extension>]
.html [@ = ChromeHTML] -- Reg Error: Key error. File not found

========== Shell Spawning ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- Reg Error: Key error.
htmlfile [print] -- rundll32.exe %windir%\system32\mshtml.dll,PrintHTML "%1"
http [open] -- "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" -- "%1" (Google Inc.)
https [open] -- "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" -- "%1" (Google Inc.)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- Reg Error: Key error.
htmlfile [print] -- rundll32.exe %windir%\system32\mshtml.dll,PrintHTML "%1"
http [open] -- "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" -- "%1" (Google Inc.)
https [open] -- "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" -- "%1" (Google Inc.)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

========== Security Center Settings ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = 28 4D B2 76 41 04 CA 01 [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]

========== Firewall Settings ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0

========== Authorized Applications List ==========

========== Vista Active Open Ports Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{0063F304-160B-4B3C-BC86-A0BB10D209DD}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{0E792481-B303-4EE5-985D-009A6A254D35}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{12100D0D-1E8A-47D5-BDC8-5D88F7517111}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{19132392-DAB9-4512-BCBA-4A04C248C002}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{20B73DE8-1A07-4A9D-B1ED-01D4AA4AC49E}" = lport=139 | protocol=6 | dir=in | app=system |
"{27C8D1AF-935E-409C-8780-2E561C79C80B}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe |
"{334F2864-C903-4191-9299-C920F19EBE23}" = rport=139 | protocol=6 | dir=out | app=system |
"{37C615EA-BB7D-482F-A3A7-F10CBC56C15B}" = lport=445 | protocol=6 | dir=in | app=system |
"{40A24B9D-A1BD-4B4D-9CF8-8B09CCB28A23}" = lport=2869 | protocol=6 | dir=in | name=windows live communications platform (upnp) |
"{40EAC79D-8352-4C33-B910-D42A1B391283}" = rport=137 | protocol=17 | dir=out | app=system |
"{41EFB8DE-E881-4B15-A29F-A44C28767BF1}" = lport=10243 | protocol=6 | dir=in | app=system |
"{4B20257E-8360-46C6-BFA6-04951282BFDF}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{63D0B1F3-8E34-447E-A4D0-A28530FED327}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{6576740E-468A-40DF-B493-A3EEBE2C24B0}" = rport=138 | protocol=17 | dir=out | app=system |
"{6DA04773-3543-4571-B956-FE4C30AA2FAB}" = lport=138 | protocol=17 | dir=in | app=system |
"{7DD739E7-FA9C-4B57-9068-4275553F7CBF}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{8BA36558-5070-4B51-91E3-86D1B770B13C}" = lport=2869 | protocol=6 | dir=in | app=system |
"{950954A5-9A7C-4F93-AF09-5839EA11A720}" = rport=10243 | protocol=6 | dir=out | app=system |
"{A7743077-69B3-4227-9AAC-7DDA4615FAA2}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{AD5B0B7A-ABFD-4612-ACFB-228EA6385EBE}" = lport=137 | protocol=17 | dir=in | app=system |
"{BFE4D9D1-168D-48CD-A5B7-ECA01D03CF9C}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{C1360C29-2A61-4EF7-A57F-59BF57936EA2}" = rport=445 | protocol=6 | dir=out | app=system |
"{C9AA4491-0575-4A76-9CE6-6295859B0871}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{F6C879AF-D06D-4C60-A2FE-4476963A93CC}" = lport=1900 | protocol=17 | dir=in | name=windows live communications platform (ssdp) |
"{FA48672E-FBFF-4CED-94F6-87E5A49397F7}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | [email protected],-28539 |

========== Vista Active Application Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{0C41C671-7134-4585-A6C7-7677AE2348A7}" = protocol=6 | dir=in | app=c:\program files (x86)\microsoft office\office14\onenote.exe |
"{0F34F28F-D8D3-454C-BAD5-1C0085A65476}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{146E3F76-758B-4293-8182-14F58EDCC5B8}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{2F1CCFA8-5345-4728-9555-3E0A5362645A}" = protocol=1 | dir=in | [email protected],-28543 |
"{2FE0DEEF-ECC9-4F0C-8F59-22989EE4D19E}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{3ABD29EC-3009-4F80-87BB-138F18D3B8E1}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{3CC8D2C3-5999-42A2-8DF2-14C51AE40132}" = dir=in | app=c:\program files (x86)\windows live\mesh\moe.exe |
"{3EA6EF3B-D2AE-4318-A676-A78A8508D0D4}" = protocol=6 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{3EC6B262-FCE1-499E-B383-DE89803515F0}" = dir=in | app=c:\program files (x86)\windows live\contacts\wlcomm.exe |
"{4443735F-9225-4A4B-966F-644354C7F364}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{557917F9-9AA6-43C1-A511-5767481E56C3}" = protocol=6 | dir=out | app=system |
"{58C5B1FC-5193-4D69-BA8A-C7C051217D91}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{5F34A292-4D2D-45D6-BB29-B33397D89CA4}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{87552499-368A-4CCB-B4DB-AA2A8F9E2167}" = dir=in | app=c:\program files (x86)\windows live\messenger\msnmsgr.exe |
"{877A2B15-9F26-4AA1-8BF0-95A6E21ECD7C}" = protocol=1 | dir=out | [email protected],-28544 |
"{AC310D6D-23BA-4EBD-A495-6B95A5C053FD}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{C6FEF307-8C27-43B9-B55D-E690BAA438AD}" = protocol=17 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{C84E1D99-AB0D-4991-90D3-995B9E964E8C}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{C9129340-2F88-4CC9-8040-05703F00699C}" = protocol=58 | dir=out | [email protected],-28546 |
"{C9FF4E8D-E902-4B52-82DD-E1739194F9D5}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{CF1BE035-48D3-4657-9B0B-041C0EEE3449}" = protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office14\onenote.exe |
"{D5BC4F4B-848D-4DDC-9A7D-0AAECFEA6CA4}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{DD12C31B-5A33-4827-9655-3CD53FF6ABA2}" = protocol=17 | dir=in | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{E30948A9-E5BE-4629-AE03-495EE5A8A969}" = protocol=58 | dir=in | [email protected],-28545 |

========== HKEY_LOCAL_MACHINE Uninstall List ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{066CFFF8-12BF-4390-A673-75F95EFF188E}" = TOSHIBA Value Added Package
"{180C8888-50F1-426B-A9DC-AB83A1989C65}" = Windows Live Language Selector
"{1ACC8FFB-9D84-4C05-A4DE-D28A9BC91698}" = Windows Live ID Sign-in Assistant
"{4ACA5AE7-E68C-5A48-F8E6-D67946267506}" = ATI Catalyst Install Manager
"{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148
"{5DA0E02F-970B-424B-BF41-513A5018E4C0}" = TOSHIBA Disc Creator
"{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161
"{6316805C-2485-2FF5-974C-750E3BE1DF65}" = AMD Media Foundation Decoders
"{656DEEDE-F6AC-47CA-A568-A1B4E34B5760}" = Windows Live Remote Service Resources
"{847B0532-55E3-4AAF-8D7B-E3A1A7CD17E5}" = Windows Live Remote Client Resources
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{90140000-002A-0000-1000-0000000FF1CE}" = Microsoft Office Office 64-bit Components 2010
"{90140000-002A-0409-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit MUI (English) 2010
"{90140000-0116-0409-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2010
"{94A90C69-71C1-470A-88F5-AA47ECC96B40}" = TOSHIBA HDD Protection
"{95120000-00B9-0409-1000-0000000FF1CE}" = Microsoft Application Error Reporting
"{A34D9B7F-8453-DA02-DC98-EEEE085411C6}" = ccc-utility64
"{BCA9334F-B6C9-4F65-9A73-AC5A329A4D04}" = PlayReady PC Runtime amd64
"{C78D3032-9DFD-41D0-9DE9-58EAE750CBA4}" = Microsoft Security Client
"{D4322448-B6AF-4316-B859-D8A0E84DCB38}" = TOSHIBA HDD/SSD Alert
"{DA54F80E-261C-41A2-A855-549A144F2F59}" = Windows Live MIME IFilter
"{DA5E371C-6333-3D8A-93A4-6FD5B20BCC6E}" = Microsoft Visual C++ 2010 x64 Redistributable - 10.0.30319
"{DF6D988A-EEA0-4277-AAB8-158E086E439B}" = Windows Live Remote Client
"{E02A6548-6FDE-40E2-8ED9-119D7D7E641F}" = Windows Live Remote Service
"{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}" = Microsoft .NET Framework 4 Client Profile
"{F67FA545-D8E5-4209-86B1-AEE045D1003F}" = TOSHIBA Face Recognition
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft Security Client" = Microsoft Security Essentials
"SynTPDeinstKey" = Synaptics Pointing Device Driver

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{0146E330-EEE7-B924-B347-B399460893ED}" = CCC Help Czech
"{066CFFF8-12BF-4390-A673-75F95EFF188E}" = TOSHIBA Value Added Package
"{09927C92-A652-057A-3A7B-153F23175C58}" = CCC Help Dutch
"{0AF17224-CF88-40B8-BB1A-D179369847B4}" = TOSHIBA Supervisor Password
"{0B0F231F-CE6A-483D-AA23-77B364F75917}" = Windows Live Installer
"{0D795777-9D60-4692-8386-F2B3F2B5E5BF}" = Label@Once 1.0
"{109CBCC5-7151-1CC6-DAD6-6F7DD3162A8A}" = Catalyst Control Center InstallProxy
"{1111706F-666A-4037-7777-211328764D10}" = JavaFX 2.1.1
"{18455581-E099-4BA8-BC6B-F34B2F06600C}" = Google Toolbar for Internet Explorer
"{196BB40D-1578-3D01-B289-BEFC77A11A1E}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.30319
"{19BA08F7-C728-469C-8A35-BFBD3633BE08}" = Windows Live Movie Maker
"{19E40731-8E1A-07FB-DA7D-8A54603F6408}" = CCC Help English
"{1B97813D-74A7-25EB-4837-792413507E82}" = CCC Help Danish
"{1CF94211-A7BB-8151-44B8-6618C5A162F8}" = CCC Help Portuguese
"{1D7FEEAC-6CEE-5B5F-A8B0-9BE7A6BCB7FB}" = CCC Help Chinese Traditional
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{1F6AB0E7-8CDD-4B93-8A23-AA9EB2FEFCE4}" = Junk Mail filter update
"{200FEC62-3C34-4D60-9CE8-EC372E01C08F}" = Windows Live SOXE Definitions
"{2318C2B1-4965-11d4-9B18-009027A5CD4F}" = Google Toolbar for Internet Explorer
"{247E03D2-485B-7A70-BF5C-AB9BDF6AFB44}" = CCC Help Polish
"{26A24AE4-039D-4CA4-87B4-2F83216025FF}" = Java™ 6 Update 25
"{26A24AE4-039D-4CA4-87B4-2F83217005FF}" = Java™ 7 Update 5
"{2902F983-B4C1-44BA-B85D-5C6D52E2C441}" = Windows Live Mesh ActiveX Control for Remote Connections
"{2A3FC24C-6EC0-4519-A52B-FDA4EA9B2D24}" = Windows Live Messenger
"{2EEFB3C4-4706-C2B5-DF69-CF914D87BCE4}" = CCC Help Swedish
"{3336F667-9049-4D46-98B6-4C743EEBC5B1}" = Windows Live Photo Gallery
"{337FDED7-D27B-E476-E888-3674E1C01C69}" = CCC Help Spanish
"{3384E1D9-3F18-4A98-8655-180FEF0DFC02}" = TOSHIBA User's Guide
"{34F4D9A4-42C2-4348-BEF4-E553C84549E7}" = Windows Live Photo Gallery
"{4485C9D0-A742-F1BB-C0B0-58FC61960D99}" = CCC Help Korean
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{579684A4-DDD5-4CA3-9EA8-7BE7D9593DB4}" = Windows Live UX Platform Language Pack
"{5AF550B4-BB67-4E7E-82F1-2C4300279050}" = TOSHIBARegistration
"{62BBB2F0-E220-4821-A564-730807D2C34D}" = Realtek USB 2.0 Reader Driver
"{666E35A7-A224-E3E9-48C2-C641837535D9}" = Catalyst Control Center Localization All
"{682B3E4F-696A-42DE-A41C-4C07EA1678B4}" = Windows Live SOXE
"{6F3C8901-EBD3-470D-87F8-AC210F6E5E02}" = TOSHIBA Web Camera Application
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{8064A378-46F4-4A4E-8AF5-153D0D4018DD}" = Catalyst Control Center - Branding
"{83601916-2E71-F1C7-EE5F-A1C985BC9217}" = CCC Help German
"{83C292B7-38A5-440B-A731-07070E81A64F}" = Windows Live PIMT Platform
"{8833FFB6-5B0C-4764-81AA-06DFEED9A476}" = Realtek Ethernet Controller Driver
"{8A34A135-D405-DD03-9B2E-0EB99238A312}" = CCC Help Finnish
"{8C6D6116-B724-4810-8F2D-D047E6B7D68E}" = Mesh Runtime
"{8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}" = MSVCRT
"{90140000-0015-0409-0000-0000000FF1CE}" = Microsoft Office Access MUI (English) 2010
"{90140000-0015-0409-0000-0000000FF1CE}_Office14.SingleImage_{6BD185A0-E67F-4F77-8BCD-E34EA6AE76DF}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0016-0409-0000-0000000FF1CE}" = Microsoft Office Excel MUI (English) 2010
"{90140000-0016-0409-0000-0000000FF1CE}_Office14.SingleImage_{6BD185A0-E67F-4F77-8BCD-E34EA6AE76DF}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0018-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (English) 2010
"{90140000-0018-0409-0000-0000000FF1CE}_Office14.SingleImage_{6BD185A0-E67F-4F77-8BCD-E34EA6AE76DF}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0019-0409-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (English) 2010
"{90140000-0019-0409-0000-0000000FF1CE}_Office14.SingleImage_{6BD185A0-E67F-4F77-8BCD-E34EA6AE76DF}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001A-0409-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (English) 2010
"{90140000-001A-0409-0000-0000000FF1CE}_Office14.SingleImage_{6BD185A0-E67F-4F77-8BCD-E34EA6AE76DF}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001B-0409-0000-0000000FF1CE}" = Microsoft Office Word MUI (English) 2010
"{90140000-001B-0409-0000-0000000FF1CE}_Office14.SingleImage_{6BD185A0-E67F-4F77-8BCD-E34EA6AE76DF}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2010
"{90140000-001F-0409-0000-0000000FF1CE}_Office14.SingleImage_{99ACCA38-6DD3-48A8-96AE-A283C9759279}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2010
"{90140000-001F-040C-0000-0000000FF1CE}_Office14.SingleImage_{46298F6A-1E7E-4D4A-B5F5-106A4F0E48C6}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001F-0C0A-0000-0000000FF1CE}" = Microsoft Office Proof (Spanish) 2010
"{90140000-001F-0C0A-0000-0000000FF1CE}_Office14.SingleImage_{DEA87BE2-FFCC-4F33-9946-FCBE55A1E998}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-002A-0000-1000-0000000FF1CE}_Office14.SingleImage_{967EF02C-5C7E-4718-8FCB-BDC050190CCF}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-002A-0409-1000-0000000FF1CE}_Office14.SingleImage_{D6C6B46A-6CE1-4561-84A0-EFD58B8AB979}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-002C-0409-0000-0000000FF1CE}" = Microsoft Office Proofing (English) 2010
"{90140000-002C-0409-0000-0000000FF1CE}_Office14.SingleImage_{7CA93DF4-8902-449E-A42E-4C5923CFBDE3}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-003D-0000-0000-0000000FF1CE}" = Microsoft Office Single Image 2010
"{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{047B0968-E622-4FAA-9B4B-121FA109EDDE}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-006E-0409-0000-0000000FF1CE}" = Microsoft Office Shared MUI (English) 2010
"{90140000-006E-0409-0000-0000000FF1CE}_Office14.SingleImage_{4560037C-E356-444A-A015-D21F487D809E}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-00A1-0409-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (English) 2010
"{90140000-00A1-0409-0000-0000000FF1CE}_Office14.SingleImage_{6BD185A0-E67F-4F77-8BCD-E34EA6AE76DF}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0115-0409-0000-0000000FF1CE}" = Microsoft Office Shared Setup Metadata MUI (English) 2010
"{90140000-0115-0409-0000-0000000FF1CE}_Office14.SingleImage_{4560037C-E356-444A-A015-D21F487D809E}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0116-0409-1000-0000000FF1CE}_Office14.SingleImage_{D6C6B46A-6CE1-4561-84A0-EFD58B8AB979}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0117-0409-0000-0000000FF1CE}" = Microsoft Office Access Setup Metadata MUI (English) 2010
"{90140000-0117-0409-0000-0000000FF1CE}_Office14.SingleImage_{6BD185A0-E67F-4F77-8BCD-E34EA6AE76DF}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{92EA4134-10D1-418A-91E1-5A0453131A38}" = Windows Live Movie Maker
"{9550EA6C-4CBE-C1F3-1E1C-5E87F2C645ED}" = CCC Help French
"{970472D0-F5F9-4158-A6E3-1AE49EFEF2D3}" = TOSHIBA Application Installer
"{97965331-BC5D-4D9F-B6DF-5C0A123E4AE0}" = TOSHIBA Hardware Setup
"{97F67013-3076-4261-DC10-808409655042}" = AMD VISION Engine Control Center
"{986BB897-C295-2FED-8DCA-4ADE3AFCEF84}" = CCC Help Russian
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{9D3D8C60-A55F-4fed-B2B9-173001290E16}" = Realtek WLAN Driver
"{9D56775A-93F3-44A3-8092-840E3826DE30}" = Windows Live Mail
"{A0C91188-C88F-4E86-93E6-CD7C9A266649}" = Windows Live Mesh
"{A4FF8F4E-D665-712B-07EE-F03ED360E9BE}" = CCC Help Italian
"{A726AE06-AAA3-43D1-87E3-70F510314F04}" = Windows Live Writer
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{A9BDCA6B-3653-467B-AC83-94367DA3BFE3}" = Windows Live Photo Common
"{AAAFC670-569B-4A2F-82B4-42945E0DE3EF}" = Windows Live Writer
"{AAF454FC-82CA-4F29-AB31-6A109485E76E}" = Windows Live Writer
"{AC6569FA-6919-442A-8552-073BE69E247A}" = TOSHIBA Service Station
"{AC76BA86-7AD7-FFFF-7B44-AA0000000001}" = Adobe Reader X MUI
"{ADB50F70-98FF-067F-DF39-47DD83E32D58}" = CCC Help Chinese Standard
"{AFF7E080-1974-45BF-9310-10DE1A1F5ED0}" = Adobe AIR
"{B65BBB06-1F8E-48F5-8A54-B024A9E15FDF}" = TOSHIBA Recovery Media Creator
"{B83FCE14-53D5-CBF8-87E9-59B8968ADB4C}" = CCC Help Norwegian
"{C2A276E3-154E-44DC-AAF1-FFDD7FD30E35}" = TOSHIBA Assist
"{C5A8DF48-580B-44D3-B2B2-E965A9368F28}" = LEGO® Harry Potter™: Years 1-4
"{C66824E4-CBB3-4851-BB3F-E8CFD6350923}" = Windows Live Mail
"{C78E3449-4F24-839B-5F7A-6911C67A5BE9}" = Catalyst Control Center Graphics Previews Common
"{CE95A79E-E4FC-4FFF-8A75-29F04B942FF2}" = Windows Live UX Platform
"{D0B44725-3666-492D-BEF6-587A14BD9BD9}" = MSVCRT_amd64
"{D436F577-1695-4D2F-8B44-AC76C99E0002}" = Windows Live Photo Common
"{D45240D3-B6B3-4FF9-B243-54ECE3E10066}" = Windows Live Communications Platform
"{D6E90970-BA9C-51AA-EFA2-9F80A7AE0956}" = CCC Help Thai
"{D826A52E-0AC9-5A55-61B8-0E088477A1B0}" = CCC Help Greek
"{DDC8BDEE-DCAC-404D-8257-3E8D4B782467}" = Windows Live Writer Resources
"{DECDCB7C-58CC-4865-91AF-627F9798FE48}" = Windows Live Mesh
"{E09C4DB7-630C-4F06-A631-8EA7239923AF}" = D3DX10
"{E5B21F11-6933-4E0B-A25C-7963E3C07D11}" = Windows Live Messenger
"{E69540AC-FFC3-5519-F925-5ACC8D20DED5}" = CCC Help Hungarian
"{E69992ED-A7F6-406C-9280-1C156417BC49}" = TOSHIBA Quality Application
"{E9D96BD5-7D33-7ED3-0A8E-229FA2524487}" = CCC Help Turkish
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F931F27F-A967-982A-9226-494787D5FBBB}" = CCC Help Japanese
"{FE044230-9CA5-43F7-9B58-5AC5A28A1F33}" = Windows Live Essentials
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"Aleks 3.17" = Aleks 3.17
"Google Chrome" = Google Chrome
"INISAFE Mail v4" = INISAFE Mail v4
"InstallShield_{066CFFF8-12BF-4390-A673-75F95EFF188E}" = TOSHIBA Value Added Package
"InstallShield_{6F3C8901-EBD3-470D-87F8-AC210F6E5E02}" = TOSHIBA Web Camera Application
"InstallShield_{F67FA545-D8E5-4209-86B1-AEE045D1003F}" = TOSHIBA Face Recognition
"Kidzui" = Kidzui
"Office14.SingleImage" = Microsoft Office Home and Student 2010
"TOEFL Official Guide" = TOEFL Official Guide 2.05.0036
"WinLiveSuite" = Windows Live Essentials

========== Last 20 Event Log Errors ==========

[ Application Events ]
Error - 9/7/2012 7:44:08 PM | Computer Name = Jessie-PC | Source = WinMgmt | ID = 10
Description =

Error - 9/7/2012 10:16:39 PM | Computer Name = Jessie-PC | Source = WinMgmt | ID = 10
Description =

Error - 9/8/2012 5:44:37 AM | Computer Name = Jessie-PC | Source = WinMgmt | ID = 10
Description =

Error - 9/8/2012 6:57:03 AM | Computer Name = Jessie-PC | Source = Customer Experience Improvement Program | ID = 1008
Description =

Error - 9/9/2012 7:33:56 AM | Computer Name = Jessie-PC | Source = Customer Experience Improvement Program | ID = 1008
Description =

Error - 9/9/2012 11:38:40 AM | Computer Name = Jessie-PC | Source = WinMgmt | ID = 10
Description =

Error - 9/9/2012 9:25:11 PM | Computer Name = Jessie-PC | Source = Customer Experience Improvement Program | ID = 1008
Description =

Error - 9/10/2012 6:13:45 AM | Computer Name = Jessie-PC | Source = WinMgmt | ID = 10
Description =

Error - 9/10/2012 3:12:33 PM | Computer Name = Jessie-PC | Source = Customer Experience Improvement Program | ID = 1008
Description =

Error - 9/11/2012 10:12:15 AM | Computer Name = Jessie-PC | Source = Customer Experience Improvement Program | ID = 1008
Description =

[ System Events ]
Error - 11/22/2012 10:36:16 AM | Computer Name = Jessie-PC | Source = Service Control Manager | ID = 7001
Description = The Network List Service service depends on the Network Location Awareness
service which failed to start because of the following error: %%1068

Error - 11/22/2012 10:36:16 AM | Computer Name = Jessie-PC | Source = Service Control Manager | ID = 7001
Description = The Network List Service service depends on the Network Location Awareness
service which failed to start because of the following error: %%1068

Error - 11/22/2012 10:36:16 AM | Computer Name = Jessie-PC | Source = Service Control Manager | ID = 7001
Description = The Network List Service service depends on the Network Location Awareness
service which failed to start because of the following error: %%1068

Error - 11/22/2012 10:36:16 AM | Computer Name = Jessie-PC | Source = Service Control Manager | ID = 7001
Description = The Network List Service service depends on the Network Location Awareness
service which failed to start because of the following error: %%1068

Error - 11/22/2012 10:36:16 AM | Computer Name = Jessie-PC | Source = Service Control Manager | ID = 7001
Description = The Network List Service service depends on the Network Location Awareness
service which failed to start because of the following error: %%1068

Error - 11/22/2012 10:52:34 AM | Computer Name = Jessie-PC | Source = DCOM | ID = 10010
Description =

Error - 11/22/2012 11:12:58 AM | Computer Name = Jessie-PC | Source = DCOM | ID = 10010
Description =

Error - 11/22/2012 11:30:18 AM | Computer Name = Jessie-PC | Source = EventLog | ID = 6008
Description = The previous system shutdown at 10:28:12 AM on ?11/?22/?2012 was unexpected.

Error - 11/22/2012 11:30:25 AM | Computer Name = JESSIE-PC | Source = BugCheck | ID = 1001
Description =

Error - 11/22/2012 11:31:11 AM | Computer Name = Jessie-PC | Source = WMPNetworkSvc | ID = 866300
Description =

< End of report >

#5
Jasmyne

Posted 22 November 2012 - 05:00 PM

Trusted Helper

Malware Removal
2,010 posts

Here's a few steps to start getting rid of this infection!

Step 1
Posted Image

OTL Fix

Warning: This fix is relevant for this system and no other. If you are not this user, do NOT follow these directions as they could damage the workings of your system.

Be advised that when the fix commences it will shut down all running processes and you may lose the desktop and icons, they will return on reboot

If you have Malwarebytes 1.6 or better installed please disable it for the duration of this run
To disable MBAM
Open the scanner and select the Protection tab
Remove the tick from "Start with Windows"
Reboot and start with number 1. below to run the OTL fix.
Posted Image

1. Please copy all of the text in the code box below. To do this, highlight everything
inside the code box, right click and click Copy.

:OTL
CHR - homepage: http://searchfunmoods.com/?f=1&a=aln&chnl=&cd=2XzuyEtN2Y1L1Qzu0EtD0C0AzyyE0CyByDzzzyyD0A0A0F0DtN0D0Tzu0CtAtByCtN1L2XzutBtFtBtFtDtFtAyEyE&cr=945882518 (http://searchfunmoods.com/?f=1&a=aln&chnl=&cd=2XzuyEtN2Y1L1Qzu0EtD0C0AzyyE0CyByDzzzyyD0A0A0F0DtN0D0Tzu0CtAtByCtN1L2XzutBtFtBtFtDtFtAyEyE&cr=945882518)
CHR - default_search_provider: Funmoods (Enabled)
CHR - default_search_provider: search_url = http://searchfunmoods.com/results.php?f=4&q={searchTerms}&a=aln&chnl=&cd=2XzuyEtN2Y1L1Qzu0EtD0C0AzyyE0CyByDzzzyyD0A0A0F0DtN0D0Tzu0CtAtByCtN1L2XzutBtFtBtFtDtFtAyEyE&cr=945882518 (http://searchfunmoods.com/results.php?f=4&q={searchTerms}&a=aln&chnl=&cd=2XzuyEtN2Y1L1Qzu0EtD0C0AzyyE0CyByDzzzyyD0A0A0F0DtN0D0Tzu0CtAtByCtN1L2XzutBtFtBtFtDtFtAyEyE&cr=945882518)
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?client=chrome&hl={language}&q={searchTerms}
CHR - homepage: http://searchfunmoods.com/?f=1&a=aln&chnl=&cd=2XzuyEtN2Y1L1Qzu0EtD0C0AzyyE0CyByDzzzyyD0A0A0F0DtN0D0Tzu0CtAtByCtN1L2XzutBtFtBtFtDtFtAyEyE&cr=945882518 (http://searchfunmoods.com/?f=1&a=aln&chnl=&cd=2XzuyEtN2Y1L1Qzu0EtD0C0AzyyE0CyByDzzzyyD0A0A0F0DtN0D0Tzu0CtAtByCtN1L2XzutBtFtBtFtDtFtAyEyE&cr=945882518)
O3:64bit: - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.

:COMMANDS
[emptytemp]
[CREATERESTOREPOINT]
[Reboot]

2. Please re-open Posted Image

on your desktop.
3. Place the mouse pointer inside the Posted Image

textbox, right click and click Paste. This will put the above script inside the textbox.
4. Click the Posted Image

button.
5. Let the program run unhindered.
6. OTL may ask to reboot the machine. Please do so if asked.
7. Click the Posted Image

button.
8. A report will open. Copy and Paste that report in your next reply.
9. If the machine reboots, the log will be located at C:\_OTL\MovedFiles\mmddyyyy_hhmmss.log, (where mmddyyyy_hhmmss is the date of the tool run).
10. Run OTL again and click the Posted Image

button. Post the log it produces in your next reply.

Step 2

Download RogueKiller and save it on your desktop.
If the program is blocked, do not hesitate to try several times. If it really does not work (it could happen), rename it to winlogon.com

NOTE: If using IE8 or better Smartscreen Filter will need to be disabled
Quit all programs
Start RogueKiller.exe.
Wait until Prescan has finished ...
Click on Scan

Wait for the end of the scan.
The report has been created on the desktop.
Click on the Delete button.

The report has been created on the desktop.

Next click on the ShortcutsFix

The report has been created on the desktop.

Please post: All RKreport.txt text files located on your desktop.

Step 3

Please download the latest version of TDSSKiller from here and save it to your Desktop.

Doubleclick on TDSSKiller.exe to run the application, then click on Change parameters.
Put a checkmark beside loaded modules.
A reboot will be needed to apply the changes. Do it.
TDSSKiller will launch automatically after the reboot. Also your computer may seem very slow and unusable. This is normal. Give it enough time to load your background programs.
Then click on Change parameters in TDSSKiller.
Check all boxes then click OK.
Click the Start Scan button.
The scan should take no longer than 2 minutes.
If a suspicious object is detected, the default action will be Skip, click on Continue.
If malicious objects are found, they will show in the Scan results - Select action for found objects and offer three options.
Ensure Cure (default) is selected, then click Continue > Reboot now to finish the cleaning process.

Note: If Cure is not available, please choose Skip instead, do not choose Delete unless instructed.
A report will be created in your root directory, (usually C:\ folder) in the form of "TDSSKiller.[Version]_[Date]_[Time]_log.txt". Please copy and paste the contents of that file here.

~~~~~~~~~~~~~~~~~~~~ Things Needed for Your Next Post ~~~~~~~~~~~~~~~~~~~~
1. RogueKiller Reports
2. OTL fix
3. New OTL log
4. TDSSKiller Log

#6
jkabat

Posted 22 November 2012 - 07:46 PM

Member

Topic Starter
Member
98 posts

Jasmyne,

Thank you for your help. I have done the requested tasks and the Microsoft Security icon remains green (instead of red).

The logs are below in the order I did them:

OTL logfile created on: 11/22/2012 7:49:34 PM - Run 2
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Jessie\Desktop
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

3.60 Gb Total Physical Memory | 2.16 Gb Available Physical Memory | 60.12% Memory free
7.20 Gb Paging File | 5.60 Gb Available in Paging File | 77.81% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 282.38 Gb Total Space | 235.49 Gb Free Space | 83.39% Space Free | Partition Type: NTFS

Computer Name: JESSIE-PC | User Name: Jessie | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan | Include 64bit Scans
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2012/11/22 10:34:33 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Jessie\Desktop\OTL.exe
PRC - [2012/09/29 19:54:26 | 000,399,432 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
PRC - [2009/07/13 20:14:45 | 000,020,480 | ---- | M] () -- \\.\globalroot\systemroot\svchost.exe
PRC - [2009/07/13 20:14:45 | 000,020,480 | ---- | M] () -- \\.\globalroot\systemroot\svchost.exe
PRC - [2009/07/13 20:14:45 | 000,020,480 | ---- | M] () -- \\.\globalroot\systemroot\svchost.exe
PRC - [2009/07/13 20:14:45 | 000,020,480 | ---- | M] () -- \\.\globalroot\systemroot\svchost.exe
PRC - [2009/07/13 20:14:45 | 000,020,480 | ---- | M] () -- \\.\globalroot\systemroot\svchost.exe
PRC - [2009/07/13 20:14:45 | 000,020,480 | ---- | M] () -- \\.\globalroot\systemroot\svchost.exe
PRC - [2009/07/13 20:14:45 | 000,020,480 | ---- | M] () -- \\.\globalroot\systemroot\svchost.exe
PRC - [2009/07/13 20:14:45 | 000,020,480 | ---- | M] () -- \\.\globalroot\systemroot\svchost.exe
PRC - [2009/07/13 20:14:45 | 000,020,480 | ---- | M] () -- \\.\globalroot\systemroot\svchost.exe
PRC - [2009/07/13 20:14:45 | 000,020,480 | ---- | M] () -- \\.\globalroot\systemroot\svchost.exe
PRC - [2009/07/13 20:14:45 | 000,020,480 | ---- | M] () -- \\.\globalroot\systemroot\svchost.exe
PRC - [2009/07/13 20:14:45 | 000,020,480 | ---- | M] () -- \\.\globalroot\systemroot\svchost.exe

========== Modules (No Company Name) ==========

========== Services (SafeList) ==========

SRV:64bit: - [2012/09/12 20:21:48 | 000,368,896 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- c:\Program Files\Microsoft Security Client\NisSrv.exe -- (NisSrv)
SRV:64bit: - [2012/09/12 20:21:48 | 000,022,072 | ---- | M] (Microsoft Corporation) [Auto | Running] -- c:\Program Files\Microsoft Security Client\MsMpEng.exe -- (MsMpSvc)
SRV:64bit: - [2011/06/10 00:10:00 | 000,138,152 | ---- | M] (TOSHIBA Corporation) [On_Demand | Running] -- C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSmartSrv.exe -- (TOSHIBA HDD SSD Alert Service)
SRV:64bit: - [2011/06/08 00:54:56 | 000,204,288 | ---- | M] (AMD) [Auto | Running] -- C:\Windows\SysNative\atiesrxx.exe -- (AMD External Events Utility)
SRV:64bit: - [2011/05/17 17:34:18 | 000,574,896 | ---- | M] (TOSHIBA Corporation) [Auto | Running] -- C:\Program Files\TOSHIBA\Power Saver\TosCoSrv.exe -- (TosCoSrv)
SRV:64bit: - [2011/04/20 18:16:04 | 000,558,592 | ---- | M] (TOSHIBA Corporation) [Auto | Running] -- C:\Windows\SysNative\ThpSrv.exe -- (Thpsrv)
SRV:64bit: - [2010/10/20 17:41:00 | 000,138,656 | ---- | M] (TOSHIBA Corporation) [Auto | Running] -- C:\Windows\SysNative\TODDSrv.exe -- (TODDSrv)
SRV:64bit: - [2010/09/22 21:10:10 | 000,057,184 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Program Files\Windows Live\Mesh\wlcrasvc.exe -- (wlcrasvc)
SRV:64bit: - [2009/07/13 20:41:27 | 001,011,712 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV - [2012/09/29 19:54:26 | 000,676,936 | ---- | M] (Malwarebytes Corporation) [Auto | Stopped] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe -- (MBAMService)
SRV - [2012/09/29 19:54:26 | 000,399,432 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe -- (MBAMScheduler)
SRV - [2011/07/11 20:16:06 | 000,057,216 | ---- | M] (TOSHIBA Corporation) [On_Demand | Running] -- C:\Program Files (x86)\Toshiba\TOSHIBA Service Station\TMachInfo.exe -- (TMachInfo)
SRV - [2010/03/18 16:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2009/06/10 16:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)

========== Driver Services (SafeList) ==========

DRV:64bit: - [2012/09/29 19:54:26 | 000,025,928 | ---- | M] (Malwarebytes Corporation) [File_System | On_Demand | Running] -- C:\Windows\SysNative\drivers\mbam.sys -- (MBAMProtector)
DRV:64bit: - [2012/08/30 21:03:48 | 000,128,456 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\NisDrvWFP.sys -- (NisDrv)
DRV:64bit: - [2012/03/01 01:46:16 | 000,023,408 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
DRV:64bit: - [2011/07/28 17:33:50 | 000,313,448 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\rtsuvstor.sys -- (RSUSBVSTOR)
DRV:64bit: - [2011/06/08 01:42:26 | 009,360,896 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmdag.sys -- (amdkmdag)
DRV:64bit: - [2011/06/08 00:16:14 | 000,309,760 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmpag.sys -- (amdkmdap)
DRV:64bit: - [2011/05/17 01:55:28 | 000,533,096 | ---- | M] (Realtek ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Rt64win7.sys -- (RTL8167)
DRV:64bit: - [2011/04/13 12:21:56 | 001,143,912 | ---- | M] (Realtek Semiconductor Corporation ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\rtl8192ce.sys -- (RTL8192Ce)
DRV:64bit: - [2011/03/24 22:50:30 | 001,423,408 | ---- | M] (Synaptics Incorporated) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\SynTP.sys -- (SynTP)
DRV:64bit: - [2011/03/23 20:10:28 | 000,036,992 | ---- | M] (TOSHIBA Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\thpdrv.sys -- (Thpdrv)
DRV:64bit: - [2011/03/11 01:41:12 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2011/03/11 01:41:12 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2011/02/08 22:07:00 | 000,038,096 | ---- | M] (TOSHIBA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\PGEffect.sys -- (PGEffect)
DRV:64bit: - [2010/11/20 22:24:33 | 000,059,392 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV:64bit: - [2010/11/20 22:23:47 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2010/11/20 22:23:47 | 000,031,232 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbGD.sys -- (TsUsbGD)
DRV:64bit: - [2009/07/30 23:22:04 | 000,027,784 | ---- | M] (TOSHIBA Corporation.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\tdcmdpst.sys -- (tdcmdpst)
DRV:64bit: - [2009/07/14 18:31:18 | 000,026,840 | ---- | M] (TOSHIBA Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\TVALZ_O.SYS -- (TVALZ)
DRV:64bit: - [2009/07/13 20:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2009/07/13 20:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2009/07/13 20:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2009/07/07 12:51:42 | 000,009,216 | ---- | M] (TOSHIBA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\FwLnk.sys -- (FwLnk)
DRV:64bit: - [2009/06/29 19:16:20 | 000,014,784 | ---- | M] (TOSHIBA Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\Thpevm.sys -- (Thpevm)
DRV:64bit: - [2009/06/10 15:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2009/06/10 15:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2009/06/10 15:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:64bit: - [2009/06/10 15:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV - [2012/11/22 19:45:44 | 000,035,664 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- c:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{00202148-428F-499D-882E-6250ECE1E9DC}\MpKslff556bcb.sys -- (MpKslff556bcb)
DRV - [2009/07/13 20:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)

========== Standard Registry (SafeList) ==========

========== Internet Explorer ==========

IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {{67A2568C-7A0A-4EED-AECC-B5405DE63B64}}
IE:64bit: - HKLM\..\SearchScopes\{{67A2568C-7A0A-4EED-AECC-B5405DE63B64}}: "URL" = http://www.google.co...ng}&rlz=1I7TSNO
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\..\SearchScopes,DefaultScope = {{67A2568C-7A0A-4EED-AECC-B5405DE63B64}}
IE - HKLM\..\SearchScopes\{{67A2568C-7A0A-4EED-AECC-B5405DE63B64}}: "URL" = http://www.google.co...ng}&rlz=1I7TSNO

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://start.toshiba.com/?cid=C001B2Y
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,SearchDefaultBranded = 1
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.yahoo.com/
IE - HKCU\..\SearchScopes,DefaultScope = {70642FB4-62CF-41F8-89A6-A9393D564588}
IE - HKCU\..\SearchScopes\{{67A2568C-7A0A-4EED-AECC-B5405DE63B64}}: "URL" = http://www.google.co...ng}&rlz=1I7TSNO
IE - HKCU\..\SearchScopes\{70642FB4-62CF-41F8-89A6-A9393D564588}: "URL" = http://www.google.co...1I7TSNO_enUS474
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = <local>

========== FireFox ==========

FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\5.1.10411.0\npctrl.dll ( Microsoft Corporation)
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\windows\SysWOW64\Macromed\Flash\NPSWF32.dll ()
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.5.1: C:\windows\SysWOW64\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.5.1: C:\Program Files (x86)\Oracle\JavaFX 2.1 Runtime\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\5.1.10411.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~2\MICROS~3\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~2\MICROS~3\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3538.0513: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.)

========== Chrome ==========

CHR - homepage: http://searchfunmood...yE&cr=945882518
CHR - default_search_provider: Funmoods (Enabled)
CHR - default_search_provider: search_url = http://searchfunmood...yE&cr=945882518
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?client=chrome&hl={language}&q={searchTerms}
CHR - homepage: http://searchfunmood...yE&cr=945882518
CHR - plugin: Remoting Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\23.0.1271.64\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\23.0.1271.64\pdf.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\23.0.1271.64\gcswf32.dll
CHR - plugin: Shockwave Flash (Disabled) = C:\Users\Jessie\AppData\Local\Google\Chrome\User Data\PepperFlash\11.2.31.144\pepflashplayer.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\windows\SysWOW64\Macromed\Flash\NPSWF32.dll
CHR - plugin: Adobe Acrobat (Enabled) = C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll
CHR - plugin: Java Deployment Toolkit 6.0.250.6 (Enabled) = C:\Program Files (x86)\Java\jre6\bin\new_plugin\npdeployJava1.dll
CHR - plugin: Java™ Platform SE 6 U25 (Enabled) = C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll
CHR - plugin: Microsoft Office 2010 (Enabled) = C:\PROGRA~2\MICROS~3\Office14\NPAUTHZ.DLL
CHR - plugin: Microsoft Office 2010 (Enabled) = C:\PROGRA~2\MICROS~3\Office14\NPSPWRAP.DLL
CHR - plugin: Google Update (Enabled) = C:\Program Files (x86)\Google\Update\1.3.21.111\npGoogleUpdate3.dll
CHR - plugin: Windows Live\u0099 Photo Gallery (Enabled) = C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
CHR - plugin: Silverlight Plug-In (Enabled) = c:\Program Files (x86)\Microsoft Silverlight\5.1.10411.0\npctrl.dll
CHR - Extension: Google Search = C:\Users\Jessie\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_1\
CHR - Extension: Gmail = C:\Users\Jessie\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_1\

O1 HOSTS File: ([2009/06/10 16:00:26 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O2:64bit: - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
O2 - BHO: (Java™ Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Oracle\JavaFX 2.1 Runtime\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (Java™ Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Oracle\JavaFX 2.1 Runtime\bin\jp2ssv.dll (Oracle Corporation)
O3:64bit: - HKLM\..\Toolbar: (Google Toolbar) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
O3:64bit: - HKCU\..\Toolbar\WebBrowser: (Google Toolbar) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
O4:64bit: - HKLM..\Run: [] File not found
O4:64bit: - HKLM..\Run: [HSON] C:\Program Files\TOSHIBA\TBS\HSON.exe (TOSHIBA Corporation)
O4:64bit: - HKLM..\Run: [MSC] c:\Program Files\Microsoft Security Client\msseces.exe (Microsoft Corporation)
O4:64bit: - HKLM..\Run: [RtHDVBg] C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe (Realtek Semiconductor)
O4:64bit: - HKLM..\Run: [RTHDVCPL] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor)
O4:64bit: - HKLM..\Run: [TCrdMain] C:\Program Files\TOSHIBA\FlashCards\TCrdMain.exe (TOSHIBA Corporation)
O4:64bit: - HKLM..\Run: [ThpSrv] C:\windows\SysNative\thpsrv.exe (TOSHIBA Corporation)
O4:64bit: - HKLM..\Run: [TosSENotify] C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosWaitSrv.exe (TOSHIBA Corporation)
O4:64bit: - HKLM..\Run: [TosVolRegulator] C:\Program Files\TOSHIBA\TosVolRegulator\TosVolRegulator.exe (TOSHIBA Corporation)
O4:64bit: - HKLM..\Run: [TPwrMain] C:\Program Files\TOSHIBA\Power Saver\TPwrMain.exe (TOSHIBA Corporation)
O4 - HKLM..\Run: [StartCCC] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.)
O4 - HKLM..\Run: [ToshibaServiceStation] C:\Program Files (x86)\TOSHIBA\TOSHIBA Service Station\ToshibaServiceStation.exe (TOSHIBA Corporation)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O16 - DPF: {20BBA18F-5BC8-47B5-8FC9-5DFCA8E56A4B} https://mpi.dacom.ne...PI_20110503.cab (XacsPop Control)
O16 - DPF: {48ECCD73-123C-4C25-A64C-76E8E8A30CAF} https://mpi.dacom.ne...MPI/XPayMPI.cab (XPayMPIOCX Control)
O16 - DPF: {7C98E005-7DA3-4C02-8D9F-FAA9C4D1C343} http://service.ewha..../ictReportX.cab (ReportViewerForm Control)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Java Plug-in 10.5.1)
O16 - DPF: {AC2CE4A7-75CE-4B11-B245-CE697861C3C1} http://ems.shinhanli...ISAFEMailv4.cab (INISafeMailContainer Class)
O16 - DPF: {CAFEEFAC-0016-0000-0025-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_25)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 10.5.1)
O16 - DPF: {E78928A6-3D2A-4BF7-A100-F3FBAA351B49} https://www.vpay.co....TLD_VISTA64.cab (KvpIspCtlD Control)
O16 - DPF: {FFD77E35-1C34-4EAC-B5A7-414CC5D007DA} https://www.isaackor...sim/ilkactx.cab (AnsimPlugin Class)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 75.75.76.76 75.75.75.75
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{E7ACCB42-994F-4EAC-8BC1-7BA8188F8953}: DhcpNameServer = 75.75.76.76 75.75.75.75
O18:64bit: - Protocol\Handler\livecall - No CLSID value found
O18:64bit: - Protocol\Handler\ms-help - No CLSID value found
O18:64bit: - Protocol\Handler\msnim - No CLSID value found
O18:64bit: - Protocol\Handler\wlmailhtml - No CLSID value found
O18:64bit: - Protocol\Handler\wlpg - No CLSID value found
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\windows\SysWow64\userinit.exe (Microsoft Corporation)
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)

========== Files/Folders - Created Within 30 Days ==========

[2012/11/22 19:26:49 | 000,000,000 | ---D | C] -- C:\_OTL
[2012/11/22 10:34:12 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\Jessie\Desktop\OTL.exe
[2012/11/21 23:41:13 | 000,000,000 | ---D | C] -- C:\windows\Microsoft Antimalware
[2012/11/21 20:00:37 | 000,000,000 | ---D | C] -- C:\Users\Jessie\AppData\Roaming\Malwarebytes
[2012/11/21 20:00:33 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware
[2012/11/21 20:00:33 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2012/11/21 20:00:31 | 000,025,928 | ---- | C] (Malwarebytes Corporation) -- C:\windows\SysNative\drivers\mbam.sys
[2012/11/21 20:00:31 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware
[2012/11/21 20:00:14 | 000,000,000 | ---D | C] -- C:\Users\Jessie\AppData\Roaming\Optimizer Pro
[2012/11/21 20:00:10 | 000,000,000 | ---D | C] -- C:\ProgramData\TEMP
[2012/11/21 20:00:02 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Optimizer Pro
[2012/11/21 19:59:54 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Optimizer Pro
[2012/11/21 19:54:43 | 000,000,000 | ---D | C] -- C:\eb958037f26a16806998df99
[2012/11/19 15:54:45 | 000,000,000 | ---D | C] -- C:\windows\Minidump
[2012/11/17 11:15:01 | 000,000,000 | ---D | C] -- C:\windows\Sun
[2012/11/15 06:06:24 | 000,000,000 | -HSD | C] -- C:\Config.Msi
[1 C:\Users\Jessie\Desktop\*.tmp files -> C:\Users\Jessie\Desktop\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2012/11/22 19:53:04 | 000,024,608 | -H-- | M] () -- C:\windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2012/11/22 19:53:04 | 000,024,608 | -H-- | M] () -- C:\windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2012/11/22 19:50:47 | 000,726,316 | ---- | M] () -- C:\windows\SysNative\PerfStringBackup.INI
[2012/11/22 19:50:47 | 000,624,178 | ---- | M] () -- C:\windows\SysNative\perfh009.dat
[2012/11/22 19:50:47 | 000,106,522 | ---- | M] () -- C:\windows\SysNative\perfc009.dat
[2012/11/22 19:46:01 | 000,000,908 | ---- | M] () -- C:\windows\tasks\GoogleUpdateTaskMachineCore.job
[2012/11/22 19:45:29 | 000,067,584 | --S- | M] () -- C:\windows\bootstat.dat
[2012/11/22 19:45:24 | 2899,468,288 | -HS- | M] () -- C:\hiberfil.sys
[2012/11/22 19:23:02 | 327,035,946 | ---- | M] () -- C:\windows\MEMORY.DMP
[2012/11/22 10:34:33 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Jessie\Desktop\OTL.exe
[2012/11/22 09:29:13 | 000,000,912 | ---- | M] () -- C:\windows\tasks\GoogleUpdateTaskMachineUA.job
[2012/11/21 20:05:40 | 000,001,124 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware (2).lnk
[2012/11/21 20:00:34 | 000,001,124 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
[2012/11/21 20:00:01 | 000,001,077 | ---- | M] () -- C:\Users\Jessie\Desktop\Optimizer Pro.lnk
[2012/11/21 19:59:50 | 000,290,500 | ---- | M] () -- C:\Users\Jessie\AppData\Local\funmoods-speeddial_sf.crx
[2012/11/19 16:10:34 | 010,973,467 | ---- | M] () -- C:\Users\Jessie\Desktop\greencourt place.zip
[2012/11/15 06:56:51 | 000,342,664 | ---- | M] () -- C:\windows\SysNative\FNTCACHE.DAT
[1 C:\Users\Jessie\Desktop\*.tmp files -> C:\Users\Jessie\Desktop\*.tmp -> ]

========== Files Created - No Company Name ==========

[2012/11/21 20:05:40 | 000,001,124 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware (2).lnk
[2012/11/21 20:00:34 | 000,001,124 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
[2012/11/21 20:00:20 | 000,290,500 | ---- | C] () -- C:\Users\Jessie\AppData\Local\funmoods-speeddial_sf.crx
[2012/11/21 20:00:01 | 000,001,077 | ---- | C] () -- C:\Users\Jessie\Desktop\Optimizer Pro.lnk
[2012/11/19 16:10:26 | 010,973,467 | ---- | C] () -- C:\Users\Jessie\Desktop\greencourt place.zip
[2012/11/19 15:54:39 | 327,035,946 | ---- | C] () -- C:\windows\MEMORY.DMP
[2012/11/15 06:16:34 | 000,000,003 | ---- | C] () -- C:\windows\SysNative\drivers\MsftWdf_Kernel_01011_Inbox_Critical.Wdf
[2012/11/15 06:00:54 | 000,000,003 | ---- | C] () -- C:\windows\SysNative\drivers\MsftWdf_User_01_11_00_Inbox_Critical.Wdf
[2012/09/24 18:44:46 | 002,480,232 | ---- | C] () -- C:\windows\SysWow64\ISPPopUpDlg.exe
[2012/08/04 11:27:55 | 000,000,478 | ---- | C] () -- C:\windows\SysWow64\ic32.ini
[2012/08/04 09:18:30 | 000,540,672 | ---- | C] () -- C:\windows\SysWow64\Tx32.dll
[2012/07/26 12:05:40 | 000,495,616 | ---- | C] () -- C:\windows\SysWow64\KvpUpCom.dll
[2012/04/07 15:30:19 | 000,743,534 | ---- | C] () -- C:\windows\SysWow64\PerfStringBackup.INI
[2012/01/19 03:42:09 | 000,451,072 | ---- | C] () -- C:\windows\SysWow64\ISSRemoveSP.exe
[2012/01/19 03:33:35 | 000,000,000 | ---- | C] () -- C:\windows\ativpsrm.bin
[2012/01/19 03:30:19 | 000,003,929 | ---- | C] () -- C:\windows\SysWow64\atipblag.dat
[2011/03/24 22:48:04 | 000,066,856 | ---- | C] () -- C:\windows\SysWow64\SynTPEnhPS.dll

========== ZeroAccess Check ==========

[2009/07/13 23:55:00 | 000,000,227 | RHS- | M] () -- C:\windows\assembly\Desktop.ini

[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64

[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64

[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\Windows\SysNative\shell32.dll -- [2012/06/09 00:43:10 | 014,172,672 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2012/06/08 23:41:00 | 012,873,728 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009/07/13 20:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2010/11/20 22:24:25 | 000,606,208 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2009/07/13 20:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]

========== LOP Check ==========

[2012/04/08 21:24:49 | 000,000,000 | ---D | M] -- C:\Users\Jessie\AppData\Roaming\KidZui
[2012/08/04 11:27:46 | 000,000,000 | ---D | M] -- C:\Users\Jessie\AppData\Roaming\M-HTOEFL
[2012/11/21 20:00:14 | 000,000,000 | ---D | M] -- C:\Users\Jessie\AppData\Roaming\Optimizer Pro
[2012/03/09 18:27:09 | 000,000,000 | ---D | M] -- C:\Users\Jessie\AppData\Roaming\WB Games
[2012/03/09 19:05:58 | 000,000,000 | ---D | M] -- C:\Users\Jessie\AppData\Roaming\WinBatch

========== Purity Check ==========

========== Files - Unicode (All) ==========
[2012/11/12 07:20:49 | 000,000,580 | ---- | M] ()(C:\Users\Jessie\Desktop\????.lnk) -- C:\Users\Jessie\Desktop\겨울캠프.lnk
[2012/10/15 20:11:59 | 000,000,000 | ---D | M](C:\Users\Jessie\Desktop\????11) -- C:\Users\Jessie\Desktop\여름캠프11
[2012/10/15 16:20:56 | 000,017,368 | ---- | M] ()(C:\Users\Jessie\Desktop\?????? ?? ? ??.docx) -- C:\Users\Jessie\Desktop\미국학생비자 서류 및 절차.docx
[2012/10/15 16:20:55 | 000,017,368 | ---- | C] ()(C:\Users\Jessie\Desktop\?????? ?? ? ??.docx) -- C:\Users\Jessie\Desktop\미국학생비자 서류 및 절차.docx
[2012/10/13 07:57:47 | 000,000,580 | ---- | C] ()(C:\Users\Jessie\Desktop\????.lnk) -- C:\Users\Jessie\Desktop\겨울캠프.lnk
[2012/10/13 07:56:27 | 000,065,536 | ---- | C] ()(C:\Users\Jessie\Desktop\2010? ???.xls) -- C:\Users\Jessie\Desktop\2010년 주소록.xls
[2012/10/13 07:56:09 | 000,000,000 | ---D | C](C:\Users\Jessie\Desktop\????11) -- C:\Users\Jessie\Desktop\여름캠프11
[2012/05/05 13:25:38 | 000,019,358 | ---- | M] ()(C:\Users\Jessie\Desktop\????5~.docx) -- C:\Users\Jessie\Desktop\미대순위5~.docx
[2012/05/05 13:25:38 | 000,019,358 | ---- | C] ()(C:\Users\Jessie\Desktop\????5~.docx) -- C:\Users\Jessie\Desktop\미대순위5~.docx
[2012/05/05 13:21:58 | 000,016,438 | ---- | M] ()(C:\Users\Jessie\Desktop\2011 ??????.docx) -- C:\Users\Jessie\Desktop\2011 미국대학평가.docx
[2012/05/05 13:21:57 | 000,016,438 | ---- | C] ()(C:\Users\Jessie\Desktop\2011 ??????.docx) -- C:\Users\Jessie\Desktop\2011 미국대학평가.docx
[2011/05/17 19:28:26 | 000,065,536 | ---- | M] ()(C:\Users\Jessie\Desktop\2010? ???.xls) -- C:\Users\Jessie\Desktop\2010년 주소록.xls

< End of report >

RogueKiller V8.3.1 [Nov 22 2012] by Tigzy
mail : tigzyRK<at>gmail<dot>com
Feedback : http://www.geekstogo...13-roguekiller/
Website : http://tigzy.geeksto...roguekiller.php
Blog : http://tigzyrk.blogspot.com/

Operating System: Windows 7 (6.1.7601 Service Pack 1) 64 bits version
Started in : Normal mode
User : Jessie [Admin rights]
Mode : Scan -- Date : 11/22/2012 20:11:49

¤¤¤ Bad processes : 1 ¤¤¤
[SVCHOST] svchost.exe -- \\.\globalroot\systemroot\svchost.exe -> KILLED [TermProc]

¤¤¤ Registry Entries : 2 ¤¤¤
[HJ DESK] HKLM\[...]\NewStartPanel : {59031a47-3f72-44a7-89c5-5595fe6b30ee} (1) -> FOUND
[HJ DESK] HKLM\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> FOUND

¤¤¤ Particular Files / Folders: ¤¤¤

¤¤¤ Driver : [NOT LOADED] ¤¤¤

¤¤¤ HOSTS File: ¤¤¤
--> C:\windows\system32\drivers\etc\hosts

¤¤¤ MBR Check: ¤¤¤

+++++ PhysicalDrive0: TOSHIBA MK3275GSX ATA Device +++++
--- User ---
[MBR] 738a2268d7090687076416015af2399d
[BSP] 61e7bdc336fdd36747720370ff24d8f5 : Windows Vista MBR Code
Partition table:
0 - [ACTIVE] ACER (0x27) [VISIBLE] Offset (sectors): 2048 | Size: 1500 Mo
1 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 3074048 | Size: 289160 Mo
2 - [XXXXXX] NTFS (0x17) [HIDDEN!] Offset (sectors): 595273728 | Size: 14584 Mo
User = LL1 ... OK!
User != LL2 ... KO!
--- LL2 ---
[MBR] 7e139f3ee7e025010023c6604c7f92cb
[BSP] 61e7bdc336fdd36747720370ff24d8f5 : Windows Vista MBR Code
Partition table:
1 - [ACTIVE] ACER (0x27) [VISIBLE] Offset (sectors): 2048 | Size: 1500 Mo
2 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 3074048 | Size: 289160 Mo
3 - [XXXXXX] NTFS (0x17) [HIDDEN!] Offset (sectors): 595273728 | Size: 14584 Mo

Finished : << RKreport[1]_S_11222012_02d2011.txt >>
RKreport[1]_S_11222012_02d2011.txt

RogueKiller V8.3.1 [Nov 22 2012] by Tigzy
mail : tigzyRK<at>gmail<dot>com
Feedback : http://www.geekstogo...13-roguekiller/
Website : http://tigzy.geeksto...roguekiller.php
Blog : http://tigzyrk.blogspot.com/

Operating System: Windows 7 (6.1.7601 Service Pack 1) 64 bits version
Started in : Normal mode
User : Jessie [Admin rights]
Mode : Remove -- Date : 11/22/2012 20:12:15

¤¤¤ Bad processes : 1 ¤¤¤
[SVCHOST] svchost.exe -- \\.\globalroot\systemroot\svchost.exe -> KILLED [TermProc]

¤¤¤ Registry Entries : 2 ¤¤¤
[HJ DESK] HKLM\[...]\NewStartPanel : {59031a47-3f72-44a7-89c5-5595fe6b30ee} (1) -> REPLACED (0)
[HJ DESK] HKLM\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> REPLACED (0)

¤¤¤ Particular Files / Folders: ¤¤¤

¤¤¤ Driver : [NOT LOADED] ¤¤¤

¤¤¤ HOSTS File: ¤¤¤
--> C:\windows\system32\drivers\etc\hosts

¤¤¤ MBR Check: ¤¤¤

+++++ PhysicalDrive0: TOSHIBA MK3275GSX ATA Device +++++
--- User ---
[MBR] 738a2268d7090687076416015af2399d
[BSP] 61e7bdc336fdd36747720370ff24d8f5 : Windows Vista MBR Code
Partition table:
0 - [ACTIVE] ACER (0x27) [VISIBLE] Offset (sectors): 2048 | Size: 1500 Mo
1 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 3074048 | Size: 289160 Mo
2 - [XXXXXX] NTFS (0x17) [HIDDEN!] Offset (sectors): 595273728 | Size: 14584 Mo
User = LL1 ... OK!
User != LL2 ... KO!
--- LL2 ---
[MBR] 7e139f3ee7e025010023c6604c7f92cb
[BSP] 61e7bdc336fdd36747720370ff24d8f5 : Windows Vista MBR Code
Partition table:
1 - [ACTIVE] ACER (0x27) [VISIBLE] Offset (sectors): 2048 | Size: 1500 Mo
2 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 3074048 | Size: 289160 Mo
3 - [XXXXXX] NTFS (0x17) [HIDDEN!] Offset (sectors): 595273728 | Size: 14584 Mo

Finished : << RKreport[2]_D_11222012_02d2012.txt >>
RKreport[1]_S_11222012_02d2011.txt ; RKreport[2]_D_11222012_02d2012.txt

RogueKiller V8.3.1 [Nov 22 2012] by Tigzy
mail : tigzyRK<at>gmail<dot>com
Feedback : http://www.geekstogo...13-roguekiller/
Website : http://tigzy.geeksto...roguekiller.php
Blog : http://tigzyrk.blogspot.com/

Operating System: Windows 7 (6.1.7601 Service Pack 1) 64 bits version
Started in : Normal mode
User : Jessie [Admin rights]
Mode : Shortcuts HJfix -- Date : 11/22/2012 20:12:53

¤¤¤ Bad processes : 1 ¤¤¤
[SVCHOST] svchost.exe -- \\.\globalroot\systemroot\svchost.exe -> KILLED [TermProc]

¤¤¤ Driver : [NOT LOADED] ¤¤¤

¤¤¤ File attributes restored: ¤¤¤
Desktop: Success 1 / Fail 0
Quick launch: Success 1 / Fail 0
Programs: Success 10 / Fail 0
Start menu: Success 1 / Fail 0
User folder: Success 70 / Fail 0
My documents: Success 0 / Fail 0
My favorites: Success 0 / Fail 0
My pictures: Success 0 / Fail 0
My music: Success 0 / Fail 0
My videos: Success 0 / Fail 0
Local drives: Success 56 / Fail 0
Backup: [NOT FOUND]

Drives:
[C:] \Device\HarddiskVolume2 -- 0x3 --> Restored
[D:] \Device\CdRom0 -- 0x5 --> Skipped

Finished : << RKreport[3]_SC_11222012_02d2012.txt >>
RKreport[1]_S_11222012_02d2011.txt ; RKreport[2]_D_11222012_02d2012.txt ; RKreport[3]_SC_11222012_02d2012.txt

20:19:11.0518 2544 TDSS rootkit removing tool 2.8.15.0 Oct 31 2012 21:47:35
20:19:13.0546 2544 ============================================================
20:19:13.0546 2544 Current date / time: 2012/11/22 20:19:13.0546
20:19:13.0546 2544 SystemInfo:
20:19:13.0546 2544
20:19:13.0546 2544 OS Version: 6.1.7601 ServicePack: 1.0
20:19:13.0546 2544 Product type: Workstation
20:19:13.0546 2544 ComputerName: JESSIE-PC
20:19:13.0546 2544 UserName: Jessie
20:19:13.0546 2544 Windows directory: C:\windows
20:19:13.0546 2544 System windows directory: C:\windows
20:19:13.0546 2544 Running under WOW64
20:19:13.0546 2544 Processor architecture: Intel x64
20:19:13.0546 2544 Number of processors: 2
20:19:13.0546 2544 Page size: 0x1000
20:19:13.0546 2544 Boot type: Normal boot
20:19:13.0546 2544 ============================================================
20:19:47.0603 2544 BG loaded
20:19:50.0582 2544 Drive \Device\Harddisk0\DR0 - Size: 0x4A85D56000 (298.09 Gb), SectorSize: 0x200, Cylinders: 0x9801, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
20:19:50.0613 2544 ============================================================
20:19:50.0613 2544 \Device\Harddisk0\DR0:
20:19:50.0645 2544 MBR partitions:
20:19:50.0645 2544 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x2EE800, BlocksNum 0x234C4000
20:19:50.0645 2544 ============================================================
20:19:50.0801 2544 C: <-> \Device\Harddisk0\DR0\Partition1
20:19:50.0801 2544 ============================================================
20:19:50.0801 2544 Initialize success
20:19:50.0801 2544 ============================================================
20:20:34.0064 4872 ============================================================
20:20:34.0064 4872 Scan started
20:20:34.0064 4872 Mode: Manual; SigCheck; TDLFS;
20:20:34.0064 4872 ============================================================
20:20:35.0296 4872 ================ Scan system memory ========================
20:20:35.0296 4872 System memory - ok
20:20:35.0296 4872 ================ Scan services =============================
20:20:35.0515 4872 [ A87D604AEA360176311474C87A63BB88 ] 1394ohci C:\windows\system32\drivers\1394ohci.sys
20:20:35.0702 4872 1394ohci - ok
20:20:35.0749 4872 [ D81D9E70B8A6DD14D42D7B4EFA65D5F2 ] ACPI C:\windows\system32\drivers\ACPI.sys
20:20:35.0796 4872 ACPI - ok
20:20:35.0811 4872 [ 99F8E788246D495CE3794D7E7821D2CA ] AcpiPmi C:\windows\system32\drivers\acpipmi.sys
20:20:35.0920 4872 AcpiPmi - ok
20:20:35.0952 4872 [ 2F6B34B83843F0C5118B63AC634F5BF4 ] adp94xx C:\windows\system32\drivers\adp94xx.sys
20:20:35.0998 4872 adp94xx - ok
20:20:36.0030 4872 [ 597F78224EE9224EA1A13D6350CED962 ] adpahci C:\windows\system32\drivers\adpahci.sys
20:20:36.0076 4872 adpahci - ok
20:20:36.0092 4872 [ E109549C90F62FB570B9540C4B148E54 ] adpu320 C:\windows\system32\drivers\adpu320.sys
20:20:36.0123 4872 adpu320 - ok
20:20:36.0170 4872 [ 4B78B431F225FD8624C5655CB1DE7B61 ] AeLookupSvc C:\windows\System32\aelupsvc.dll
20:20:36.0420 4872 AeLookupSvc - ok
20:20:36.0466 4872 [ 1C7857B62DE5994A75B054A9FD4C3825 ] AFD C:\windows\system32\drivers\afd.sys
20:20:36.0544 4872 AFD - ok
20:20:36.0607 4872 [ 608C14DBA7299D8CB6ED035A68A15799 ] agp440 C:\windows\system32\drivers\agp440.sys
20:20:36.0638 4872 agp440 - ok
20:20:36.0669 4872 [ 3290D6946B5E30E70414990574883DDB ] ALG C:\windows\System32\alg.exe
20:20:36.0747 4872 ALG - ok
20:20:36.0747 4872 [ 5812713A477A3AD7363C7438CA2EE038 ] aliide C:\windows\system32\drivers\aliide.sys
20:20:36.0778 4872 aliide - ok
20:20:36.0825 4872 [ 2F2E91FD092811353C3BC968BEC274D8 ] AMD External Events Utility C:\windows\system32\atiesrxx.exe
20:20:36.0950 4872 AMD External Events Utility - ok
20:20:36.0981 4872 [ 1FF8B4431C353CE385C875F194924C0C ] amdide C:\windows\system32\drivers\amdide.sys
20:20:37.0012 4872 amdide - ok
20:20:37.0028 4872 [ 7024F087CFF1833A806193EF9D22CDA9 ] AmdK8 C:\windows\system32\drivers\amdk8.sys
20:20:37.0075 4872 AmdK8 - ok
20:20:37.0340 4872 [ 194D76D2083318A2E7071A988E02ECF4 ] amdkmdag C:\windows\system32\DRIVERS\atikmdag.sys
20:20:37.0668 4872 amdkmdag - ok
20:20:37.0730 4872 [ 1EEFFCE9A3A65A56A28793EAA3F57026 ] amdkmdap C:\windows\system32\DRIVERS\atikmpag.sys
20:20:37.0792 4872 amdkmdap - ok
20:20:37.0824 4872 [ 1E56388B3FE0D031C44144EB8C4D6217 ] AmdPPM C:\windows\system32\DRIVERS\amdppm.sys
20:20:37.0870 4872 AmdPPM - ok
20:20:37.0902 4872 [ D4121AE6D0C0E7E13AA221AA57EF2D49 ] amdsata C:\windows\system32\drivers\amdsata.sys
20:20:37.0933 4872 amdsata - ok
20:20:37.0948 4872 [ F67F933E79241ED32FF46A4F29B5120B ] amdsbs C:\windows\system32\drivers\amdsbs.sys
20:20:37.0995 4872 amdsbs - ok
20:20:38.0011 4872 [ 540DAF1CEA6094886D72126FD7C33048 ] amdxata C:\windows\system32\drivers\amdxata.sys
20:20:38.0042 4872 amdxata - ok
20:20:38.0073 4872 [ 89A69C3F2F319B43379399547526D952 ] AppID C:\windows\system32\drivers\appid.sys
20:20:38.0338 4872 AppID - ok
20:20:38.0370 4872 [ 0BC381A15355A3982216F7172F545DE1 ] AppIDSvc C:\windows\System32\appidsvc.dll
20:20:38.0463 4872 AppIDSvc - ok
20:20:38.0494 4872 [ 3977D4A871CA0D4F2ED1E7DB46829731 ] Appinfo C:\windows\System32\appinfo.dll
20:20:38.0588 4872 Appinfo - ok
20:20:38.0619 4872 [ C484F8CEB1717C540242531DB7845C4E ] arc C:\windows\system32\drivers\arc.sys
20:20:38.0650 4872 arc - ok
20:20:38.0682 4872 [ 019AF6924AEFE7839F61C830227FE79C ] arcsas C:\windows\system32\drivers\arcsas.sys
20:20:38.0713 4872 arcsas - ok
20:20:38.0728 4872 [ 769765CE2CC62867468CEA93969B2242 ] AsyncMac C:\windows\system32\DRIVERS\asyncmac.sys
20:20:38.0853 4872 AsyncMac - ok
20:20:38.0869 4872 [ 02062C0B390B7729EDC9E69C680A6F3C ] atapi C:\windows\system32\drivers\atapi.sys
20:20:38.0900 4872 atapi - ok
20:20:38.0947 4872 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioEndpointBuilder C:\windows\System32\Audiosrv.dll
20:20:39.0056 4872 AudioEndpointBuilder - ok
20:20:39.0087 4872 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioSrv C:\windows\System32\Audiosrv.dll
20:20:39.0181 4872 AudioSrv - ok
20:20:39.0196 4872 [ A6BF31A71B409DFA8CAC83159E1E2AFF ] AxInstSV C:\windows\System32\AxInstSV.dll
20:20:39.0337 4872 AxInstSV - ok
20:20:39.0399 4872 [ 3E5B191307609F7514148C6832BB0842 ] b06bdrv C:\windows\system32\drivers\bxvbda.sys
20:20:39.0477 4872 b06bdrv - ok
20:20:39.0508 4872 [ B5ACE6968304A3900EEB1EBFD9622DF2 ] b57nd60a C:\windows\system32\DRIVERS\b57nd60a.sys
20:20:39.0571 4872 b57nd60a - ok
20:20:39.0602 4872 [ FDE360167101B4E45A96F939F388AEB0 ] BDESVC C:\windows\System32\bdesvc.dll
20:20:39.0664 4872 BDESVC - ok
20:20:39.0696 4872 [ 16A47CE2DECC9B099349A5F840654746 ] Beep C:\windows\system32\drivers\Beep.sys
20:20:39.0789 4872 Beep - ok
20:20:39.0836 4872 [ 82974D6A2FD19445CC5171FC378668A4 ] BFE C:\windows\System32\bfe.dll
20:20:39.0945 4872 BFE - ok
20:20:39.0992 4872 [ 1EA7969E3271CBC59E1730697DC74682 ] BITS C:\windows\System32\qmgr.dll
20:20:40.0101 4872 BITS - ok
20:20:40.0132 4872 [ 61583EE3C3A17003C4ACD0475646B4D3 ] blbdrive C:\windows\system32\DRIVERS\blbdrive.sys
20:20:40.0195 4872 blbdrive - ok
20:20:40.0226 4872 [ 6C02A83164F5CC0A262F4199F0871CF5 ] bowser C:\windows\system32\DRIVERS\bowser.sys
20:20:40.0273 4872 bowser - ok
20:20:40.0304 4872 [ F09EEE9EDC320B5E1501F749FDE686C8 ] BrFiltLo C:\windows\system32\drivers\BrFiltLo.sys
20:20:40.0382 4872 BrFiltLo - ok
20:20:40.0382 4872 [ B114D3098E9BDB8BEA8B053685831BE6 ] BrFiltUp C:\windows\system32\drivers\BrFiltUp.sys
20:20:40.0429 4872 BrFiltUp - ok
20:20:40.0460 4872 [ 05F5A0D14A2EE1D8255C2AA0E9E8E694 ] Browser C:\windows\System32\browser.dll
20:20:40.0538 4872 Browser - ok
20:20:40.0554 4872 [ 43BEA8D483BF1870F018E2D02E06A5BD ] Brserid C:\windows\System32\Drivers\Brserid.sys
20:20:40.0632 4872 Brserid - ok
20:20:40.0663 4872 [ A6ECA2151B08A09CACECA35C07F05B42 ] BrSerWdm C:\windows\System32\Drivers\BrSerWdm.sys
20:20:40.0725 4872 BrSerWdm - ok
20:20:40.0741 4872 [ B79968002C277E869CF38BD22CD61524 ] BrUsbMdm C:\windows\System32\Drivers\BrUsbMdm.sys
20:20:40.0788 4872 BrUsbMdm - ok
20:20:40.0788 4872 [ A87528880231C54E75EA7A44943B38BF ] BrUsbSer C:\windows\System32\Drivers\BrUsbSer.sys
20:20:40.0834 4872 BrUsbSer - ok
20:20:40.0850 4872 [ 9DA669F11D1F894AB4EB69BF546A42E8 ] BTHMODEM C:\windows\system32\drivers\bthmodem.sys
20:20:40.0944 4872 BTHMODEM - ok
20:20:40.0975 4872 [ 95F9C2976059462CBBF227F7AAB10DE9 ] bthserv C:\windows\system32\bthserv.dll
20:20:41.0084 4872 bthserv - ok
20:20:41.0100 4872 [ B8BD2BB284668C84865658C77574381A ] cdfs C:\windows\system32\DRIVERS\cdfs.sys
20:20:41.0209 4872 cdfs - ok
20:20:41.0240 4872 [ F036CE71586E93D94DAB220D7BDF4416 ] cdrom C:\windows\system32\DRIVERS\cdrom.sys
20:20:41.0271 4872 cdrom - ok
20:20:41.0302 4872 [ F17D1D393BBC69C5322FBFAFACA28C7F ] CertPropSvc C:\windows\System32\certprop.dll
20:20:41.0396 4872 CertPropSvc - ok
20:20:41.0412 4872 [ D7CD5C4E1B71FA62050515314CFB52CF ] circlass C:\windows\system32\drivers\circlass.sys
20:20:41.0458 4872 circlass - ok
20:20:41.0505 4872 [ FE1EC06F2253F691FE36217C592A0206 ] CLFS C:\windows\system32\CLFS.sys
20:20:41.0552 4872 CLFS - ok
20:20:41.0614 4872 [ D88040F816FDA31C3B466F0FA0918F29 ] clr_optimization_v2.0.50727_32 C:\windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
20:20:41.0661 4872 clr_optimization_v2.0.50727_32 - ok
20:20:41.0708 4872 [ D1CEEA2B47CB998321C579651CE3E4F8 ] clr_optimization_v2.0.50727_64 C:\windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
20:20:41.0755 4872 clr_optimization_v2.0.50727_64 - ok
20:20:41.0817 4872 [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
20:20:41.0895 4872 clr_optimization_v4.0.30319_32 - ok
20:20:41.0942 4872 [ C6F9AF94DCD58122A4D7E89DB6BED29D ] clr_optimization_v4.0.30319_64 C:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
20:20:41.0973 4872 clr_optimization_v4.0.30319_64 - ok
20:20:42.0004 4872 [ 0840155D0BDDF1190F84A663C284BD33 ] CmBatt C:\windows\system32\DRIVERS\CmBatt.sys
20:20:42.0036 4872 CmBatt - ok
20:20:42.0051 4872 [ E19D3F095812725D88F9001985B94EDD ] cmdide C:\windows\system32\drivers\cmdide.sys
20:20:42.0082 4872 cmdide - ok
20:20:42.0114 4872 [ 9AC4F97C2D3E93367E2148EA940CD2CD ] CNG C:\windows\system32\Drivers\cng.sys
20:20:42.0176 4872 CNG - ok
20:20:42.0207 4872 [ 102DE219C3F61415F964C88E9085AD14 ] Compbatt C:\windows\system32\drivers\compbatt.sys
20:20:42.0238 4872 Compbatt - ok
20:20:42.0254 4872 [ 03EDB043586CCEBA243D689BDDA370A8 ] CompositeBus C:\windows\system32\DRIVERS\CompositeBus.sys
20:20:42.0301 4872 CompositeBus - ok
20:20:42.0316 4872 COMSysApp - ok
20:20:42.0363 4872 [ 1C827878A998C18847245FE1F34EE597 ] crcdisk C:\windows\system32\drivers\crcdisk.sys
20:20:42.0379 4872 crcdisk - ok
20:20:42.0441 4872 [ 9C01375BE382E834CC26D1B7EAF2C4FE ] CryptSvc C:\windows\system32\cryptsvc.dll
20:20:42.0519 4872 CryptSvc - ok
20:20:42.0582 4872 [ 5C627D1B1138676C0A7AB2C2C190D123 ] DcomLaunch C:\windows\system32\rpcss.dll
20:20:42.0706 4872 DcomLaunch - ok
20:20:42.0738 4872 [ 3CEC7631A84943677AA8FA8EE5B6B43D ] defragsvc C:\windows\System32\defragsvc.dll
20:20:42.0878 4872 defragsvc - ok
20:20:42.0925 4872 [ 9BB2EF44EAA163B29C4A4587887A0FE4 ] DfsC C:\windows\system32\Drivers\dfsc.sys
20:20:43.0034 4872 DfsC - ok
20:20:43.0065 4872 [ 43D808F5D9E1A18E5EEB5EBC83969E4E ] Dhcp C:\windows\system32\dhcpcore.dll
20:20:43.0143 4872 Dhcp - ok
20:20:43.0174 4872 [ 13096B05847EC78F0977F2C0F79E9AB3 ] discache C:\windows\system32\drivers\discache.sys
20:20:43.0268 4872 discache - ok
20:20:43.0299 4872 [ 9819EEE8B5EA3784EC4AF3B137A5244C ] Disk C:\windows\system32\drivers\disk.sys
20:20:43.0330 4872 Disk - ok
20:20:43.0377 4872 [ 16835866AAA693C7D7FCEBA8FFF706E4 ] Dnscache C:\windows\System32\dnsrslvr.dll
20:20:43.0440 4872 Dnscache - ok
20:20:43.0471 4872 [ B1FB3DDCA0FDF408750D5843591AFBC6 ] dot3svc C:\windows\System32\dot3svc.dll
20:20:43.0580 4872 dot3svc - ok
20:20:43.0611 4872 [ B26F4F737E8F9DF4F31AF6CF31D05820 ] DPS C:\windows\system32\dps.dll
20:20:43.0705 4872 DPS - ok
20:20:43.0752 4872 [ 9B19F34400D24DF84C858A421C205754 ] drmkaud C:\windows\system32\drivers\drmkaud.sys
20:20:43.0798 4872 drmkaud - ok
20:20:43.0845 4872 [ 85DBF6EC7BDFA6187F4A1EC8F3145CD0 ] DXGKrnl C:\windows\System32\drivers\dxgkrnl.sys
20:20:43.0908 4872 DXGKrnl - ok
20:20:43.0939 4872 [ E2DDA8726DA9CB5B2C4000C9018A9633 ] EapHost C:\windows\System32\eapsvc.dll
20:20:44.0048 4872 EapHost - ok
20:20:44.0157 4872 [ DC5D737F51BE844D8C82C695EB17372F ] ebdrv C:\windows\system32\drivers\evbda.sys
20:20:44.0282 4872 ebdrv - ok
20:20:44.0313 4872 [ C118A82CD78818C29AB228366EBF81C3 ] EFS C:\windows\System32\lsass.exe
20:20:44.0376 4872 EFS - ok
20:20:44.0438 4872 [ C4002B6B41975F057D98C439030CEA07 ] ehRecvr C:\windows\ehome\ehRecvr.exe
20:20:44.0547 4872 ehRecvr - ok
20:20:44.0578 4872 [ 4705E8EF9934482C5BB488CE28AFC681 ] ehSched C:\windows\ehome\ehsched.exe
20:20:44.0625 4872 ehSched - ok
20:20:44.0672 4872 [ 0E5DA5369A0FCAEA12456DD852545184 ] elxstor C:\windows\system32\drivers\elxstor.sys
20:20:44.0719 4872 elxstor - ok
20:20:44.0750 4872 [ 34A3C54752046E79A126E15C51DB409B ] ErrDev C:\windows\system32\drivers\errdev.sys
20:20:44.0781 4872 ErrDev - ok
20:20:44.0844 4872 [ 4166F82BE4D24938977DD1746BE9B8A0 ] EventSystem C:\windows\system32\es.dll
20:20:44.0968 4872 EventSystem - ok
20:20:44.0984 4872 [ A510C654EC00C1E9BDD91EEB3A59823B ] exfat C:\windows\system32\drivers\exfat.sys
20:20:45.0078 4872 exfat - ok
20:20:45.0109 4872 [ 0ADC83218B66A6DB380C330836F3E36D ] fastfat C:\windows\system32\drivers\fastfat.sys
20:20:45.0202 4872 fastfat - ok
20:20:45.0249 4872 [ DBEFD454F8318A0EF691FDD2EAAB44EB ] Fax C:\windows\system32\fxssvc.exe
20:20:45.0327 4872 Fax - ok
20:20:45.0374 4872 [ D765D19CD8EF61F650C384F62FAC00AB ] fdc C:\windows\system32\drivers\fdc.sys
20:20:45.0405 4872 fdc - ok
20:20:45.0436 4872 [ 0438CAB2E03F4FB61455A7956026FE86 ] fdPHost C:\windows\system32\fdPHost.dll
20:20:45.0530 4872 fdPHost - ok
20:20:45.0546 4872 [ 802496CB59A30349F9A6DD22D6947644 ] FDResPub C:\windows\system32\fdrespub.dll
20:20:45.0655 4872 FDResPub - ok
20:20:45.0686 4872 [ 655661BE46B5F5F3FD454E2C3095B930 ] FileInfo C:\windows\system32\drivers\fileinfo.sys
20:20:45.0717 4872 FileInfo - ok
20:20:45.0748 4872 [ 5F671AB5BC87EEA04EC38A6CD5962A47 ] Filetrace C:\windows\system32\drivers\filetrace.sys
20:20:45.0858 4872 Filetrace - ok
20:20:45.0873 4872 [ C172A0F53008EAEB8EA33FE10E177AF5 ] flpydisk C:\windows\system32\drivers\flpydisk.sys
20:20:45.0904 4872 flpydisk - ok
20:20:45.0936 4872 [ DA6B67270FD9DB3697B20FCE94950741 ] FltMgr C:\windows\system32\drivers\fltmgr.sys
20:20:45.0982 4872 FltMgr - ok
20:20:46.0029 4872 [ 5C4CB4086FB83115B153E47ADD961A0C ] FontCache C:\windows\system32\FntCache.dll
20:20:46.0123 4872 FontCache - ok
20:20:46.0170 4872 [ A8B7F3818AB65695E3A0BB3279F6DCE6 ] FontCache3.0.0.0 C:\windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
20:20:46.0201 4872 FontCache3.0.0.0 - ok
20:20:46.0216 4872 [ D43703496149971890703B4B1B723EAC ] FsDepends C:\windows\system32\drivers\FsDepends.sys
20:20:46.0248 4872 FsDepends - ok
20:20:46.0279 4872 [ 6BD9295CC032DD3077C671FCCF579A7B ] Fs_Rec C:\windows\system32\drivers\Fs_Rec.sys
20:20:46.0310 4872 Fs_Rec - ok
20:20:46.0341 4872 [ 1F7B25B858FA27015169FE95E54108ED ] fvevol C:\windows\system32\DRIVERS\fvevol.sys
20:20:46.0388 4872 fvevol - ok
20:20:46.0419 4872 [ 60ACB128E64C35C2B4E4AAB1B0A5C293 ] FwLnk C:\windows\system32\DRIVERS\FwLnk.sys
20:20:46.0466 4872 FwLnk - ok
20:20:46.0497 4872 [ 8C778D335C9D272CFD3298AB02ABE3B6 ] gagp30kx C:\windows\system32\drivers\gagp30kx.sys
20:20:46.0544 4872 gagp30kx - ok
20:20:46.0591 4872 [ 277BBC7E1AA1EE957F573A10ECA7EF3A ] gpsvc C:\windows\System32\gpsvc.dll
20:20:46.0731 4872 gpsvc - ok
20:20:46.0825 4872 [ F02A533F517EB38333CB12A9E8963773 ] gupdate C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
20:20:46.0872 4872 gupdate - ok
20:20:46.0872 4872 [ F02A533F517EB38333CB12A9E8963773 ] gupdatem C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
20:20:46.0903 4872 gupdatem - ok
20:20:46.0965 4872 [ 5D4BC124FAAE6730AC002CDB67BF1A1C ] gusvc C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
20:20:46.0996 4872 gusvc - ok
20:20:47.0028 4872 [ F2523EF6460FC42405B12248338AB2F0 ] hcw85cir C:\windows\system32\drivers\hcw85cir.sys
20:20:47.0090 4872 hcw85cir - ok
20:20:47.0137 4872 [ 975761C778E33CD22498059B91E7373A ] HdAudAddService C:\windows\system32\drivers\HdAudio.sys
20:20:47.0199 4872 HdAudAddService - ok
20:20:47.0230 4872 [ 97BFED39B6B79EB12CDDBFEED51F56BB ] HDAudBus C:\windows\system32\DRIVERS\HDAudBus.sys
20:20:47.0277 4872 HDAudBus - ok
20:20:47.0308 4872 [ 78E86380454A7B10A5EB255DC44A355F ] HidBatt C:\windows\system32\drivers\HidBatt.sys
20:20:47.0355 4872 HidBatt - ok
20:20:47.0371 4872 [ 7FD2A313F7AFE5C4DAB14798C48DD104 ] HidBth C:\windows\system32\drivers\hidbth.sys
20:20:47.0433 4872 HidBth - ok
20:20:47.0449 4872 [ 0A77D29F311B88CFAE3B13F9C1A73825 ] HidIr C:\windows\system32\drivers\hidir.sys
20:20:47.0496 4872 HidIr - ok
20:20:47.0527 4872 [ BD9EB3958F213F96B97B1D897DEE006D ] hidserv C:\windows\system32\hidserv.dll
20:20:47.0636 4872 hidserv - ok
20:20:47.0667 4872 [ 9592090A7E2B61CD582B612B6DF70536 ] HidUsb C:\windows\system32\DRIVERS\hidusb.sys
20:20:47.0698 4872 HidUsb - ok
20:20:47.0745 4872 [ 387E72E739E15E3D37907A86D9FF98E2 ] hkmsvc C:\windows\system32\kmsvc.dll
20:20:47.0854 4872 hkmsvc - ok
20:20:47.0886 4872 [ EFDFB3DD38A4376F93E7985173813ABD ] HomeGroupListener C:\windows\system32\ListSvc.dll
20:20:47.0948 4872 HomeGroupListener - ok
20:20:47.0995 4872 [ 908ACB1F594274965A53926B10C81E89 ] HomeGroupProvider C:\windows\system32\provsvc.dll
20:20:48.0042 4872 HomeGroupProvider - ok
20:20:48.0088 4872 [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC ] HpSAMD C:\windows\system32\drivers\HpSAMD.sys
20:20:48.0120 4872 HpSAMD - ok
20:20:48.0166 4872 [ 0EA7DE1ACB728DD5A369FD742D6EEE28 ] HTTP C:\windows\system32\drivers\HTTP.sys
20:20:48.0291 4872 HTTP - ok
20:20:48.0307 4872 [ A5462BD6884960C9DC85ED49D34FF392 ] hwpolicy C:\windows\system32\drivers\hwpolicy.sys
20:20:48.0338 4872 hwpolicy - ok
20:20:48.0369 4872 [ FA55C73D4AFFA7EE23AC4BE53B4592D3 ] i8042prt C:\windows\system32\DRIVERS\i8042prt.sys
20:20:48.0400 4872 i8042prt - ok
20:20:48.0432 4872 [ AAAF44DB3BD0B9D1FB6969B23ECC8366 ] iaStorV C:\windows\system32\drivers\iaStorV.sys
20:20:48.0494 4872 iaStorV - ok
20:20:48.0572 4872 [ 5988FC40F8DB5B0739CD1E3A5D0D78BD ] idsvc C:\windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
20:20:48.0634 4872 idsvc - ok
20:20:48.0650 4872 [ 5C18831C61933628F5BB0EA2675B9D21 ] iirsp C:\windows\system32\drivers\iirsp.sys
20:20:48.0681 4872 iirsp - ok
20:20:48.0744 4872 [ FCD84C381E0140AF901E58D48882D26B ] IKEEXT C:\windows\System32\ikeext.dll
20:20:48.0868 4872 IKEEXT - ok
20:20:48.0962 4872 [ 0A30A899C6295F908729EDA7F95615A8 ] IntcAzAudAddService C:\windows\system32\drivers\RTKVHD64.sys
20:20:49.0102 4872 IntcAzAudAddService - ok
20:20:49.0134 4872 [ F00F20E70C6EC3AA366910083A0518AA ] intelide C:\windows\system32\drivers\intelide.sys
20:20:49.0165 4872 intelide - ok
20:20:49.0196 4872 [ ADA036632C664CAA754079041CF1F8C1 ] intelppm C:\windows\system32\drivers\intelppm.sys
20:20:49.0227 4872 intelppm - ok
20:20:49.0274 4872 [ 098A91C54546A3B878DAD6A7E90A455B ] IPBusEnum C:\windows\system32\ipbusenum.dll
20:20:49.0383 4872 IPBusEnum - ok
20:20:49.0414 4872 [ C9F0E1BD74365A8771590E9008D22AB6 ] IpFilterDriver C:\windows\system32\DRIVERS\ipfltdrv.sys
20:20:49.0492 4872 IpFilterDriver - ok
20:20:49.0539 4872 [ 08C2957BB30058E663720C5606885653 ] iphlpsvc C:\windows\System32\iphlpsvc.dll
20:20:49.0633 4872 iphlpsvc - ok
20:20:49.0664 4872 [ 0FC1AEA580957AA8817B8F305D18CA3A ] IPMIDRV C:\windows\system32\drivers\IPMIDrv.sys
20:20:49.0726 4872 IPMIDRV - ok
20:20:49.0742 4872 [ AF9B39A7E7B6CAA203B3862582E9F2D0 ] IPNAT C:\windows\system32\drivers\ipnat.sys
20:20:49.0851 4872 IPNAT - ok
20:20:49.0882 4872 [ 3ABF5E7213EB28966D55D58B515D5CE9 ] IRENUM C:\windows\system32\drivers\irenum.sys
20:20:49.0914 4872 IRENUM - ok
20:20:49.0929 4872 [ 2F7B28DC3E1183E5EB418DF55C204F38 ] isapnp C:\windows\system32\drivers\isapnp.sys
20:20:49.0960 4872 isapnp - ok
20:20:49.0992 4872 [ D931D7309DEB2317035B07C9F9E6B0BD ] iScsiPrt C:\windows\system32\drivers\msiscsi.sys
20:20:50.0023 4872 iScsiPrt - ok
20:20:50.0054 4872 [ BC02336F1CBA7DCC7D1213BB588A68A5 ] kbdclass C:\windows\system32\DRIVERS\kbdclass.sys
20:20:50.0085 4872 kbdclass - ok
20:20:50.0101 4872 [ 0705EFF5B42A9DB58548EEC3B26BB484 ] kbdhid C:\windows\system32\drivers\kbdhid.sys
20:20:50.0148 4872 kbdhid - ok
20:20:50.0179 4872 [ C118A82CD78818C29AB228366EBF81C3 ] KeyIso C:\windows\system32\lsass.exe
20:20:50.0210 4872 KeyIso - ok
20:20:50.0241 4872 [ 97A7070AEA4C058B6418519E869A63B4 ] KSecDD C:\windows\system32\Drivers\ksecdd.sys
20:20:50.0272 4872 KSecDD - ok
20:20:50.0304 4872 [ 26C43A7C2862447EC59DEDA188D1DA07 ] KSecPkg C:\windows\system32\Drivers\ksecpkg.sys
20:20:50.0335 4872 KSecPkg - ok
20:20:50.0366 4872 [ 6869281E78CB31A43E969F06B57347C4 ] ksthunk C:\windows\system32\drivers\ksthunk.sys
20:20:50.0460 4872 ksthunk - ok
20:20:50.0506 4872 [ 6AB66E16AA859232F64DEB66887A8C9C ] KtmRm C:\windows\system32\msdtckrm.dll
20:20:50.0662 4872 KtmRm - ok
20:20:50.0694 4872 [ D9F42719019740BAA6D1C6D536CBDAA6 ] LanmanServer C:\windows\system32\srvsvc.dll
20:20:50.0787 4872 LanmanServer - ok
20:20:50.0834 4872 [ 851A1382EED3E3A7476DB004F4EE3E1A ] LanmanWorkstation C:\windows\System32\wkssvc.dll
20:20:50.0928 4872 LanmanWorkstation - ok
20:20:50.0959 4872 [ 1538831CF8AD2979A04C423779465827 ] lltdio C:\windows\system32\DRIVERS\lltdio.sys
20:20:51.0068 4872 lltdio - ok
20:20:51.0131 4872 [ C1185803384AB3FEED115F79F109427F ] lltdsvc C:\windows\System32\lltdsvc.dll
20:20:51.0255 4872 lltdsvc - ok
20:20:51.0271 4872 [ F993A32249B66C9D622EA5592A8B76B8 ] lmhosts C:\windows\System32\lmhsvc.dll
20:20:51.0349 4872 lmhosts - ok
20:20:51.0411 4872 [ 1A93E54EB0ECE102495A51266DCDB6A6 ] LSI_FC C:\windows\system32\drivers\lsi_fc.sys
20:20:51.0443 4872 LSI_FC - ok
20:20:51.0443 4872 [ 1047184A9FDC8BDBFF857175875EE810 ] LSI_SAS C:\windows\system32\drivers\lsi_sas.sys
20:20:51.0489 4872 LSI_SAS - ok
20:20:51.0505 4872 [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93 ] LSI_SAS2 C:\windows\system32\drivers\lsi_sas2.sys
20:20:51.0536 4872 LSI_SAS2 - ok
20:20:51.0552 4872 [ 0504EACAFF0D3C8AED161C4B0D369D4A ] LSI_SCSI C:\windows\system32\drivers\lsi_scsi.sys
20:20:51.0583 4872 LSI_SCSI - ok
20:20:51.0614 4872 [ 43D0F98E1D56CCDDB0D5254CFF7B356E ] luafv C:\windows\system32\drivers\luafv.sys
20:20:51.0708 4872 luafv - ok
20:20:51.0755 4872 [ A8FE8F2783B2929B56F5370A89356CE9 ] MBAMProtector C:\windows\system32\drivers\mbam.sys
20:20:51.0786 4872 MBAMProtector - ok
20:20:51.0833 4872 [ 85B16A92B117A5A800032ECD904B86DB ] MBAMScheduler C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
20:20:51.0879 4872 MBAMScheduler - ok
20:20:51.0926 4872 [ 20E2469DB709FC675E655CEAA11BE312 ] MBAMService C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
20:20:51.0973 4872 MBAMService - ok
20:20:52.0020 4872 [ 0BE09CD858ABF9DF6ED259D57A1A1663 ] Mcx2Svc C:\windows\system32\Mcx2Svc.dll
20:20:52.0051 4872 Mcx2Svc - ok
20:20:52.0098 4872 [ A55805F747C6EDB6A9080D7C633BD0F4 ] megasas C:\windows\system32\drivers\megasas.sys
20:20:52.0145 4872 megasas - ok
20:20:52.0223 4872 [ BAF74CE0072480C3B6B7C13B2A94D6B3 ] MegaSR C:\windows\system32\drivers\MegaSR.sys
20:20:52.0285 4872 MegaSR - ok
20:20:52.0301 4872 [ E40E80D0304A73E8D269F7141D77250B ] MMCSS C:\windows\system32\mmcss.dll
20:20:52.0410 4872 MMCSS - ok
20:20:52.0457 4872 [ 800BA92F7010378B09F9ED9270F07137 ] Modem C:\windows\system32\drivers\modem.sys
20:20:52.0566 4872 Modem - ok
20:20:52.0597 4872 [ B03D591DC7DA45ECE20B3B467E6AADAA ] monitor C:\windows\system32\DRIVERS\monitor.sys
20:20:52.0644 4872 monitor - ok
20:20:52.0675 4872 [ 7D27EA49F3C1F687D357E77A470AEA99 ] mouclass C:\windows\system32\DRIVERS\mouclass.sys
20:20:52.0706 4872 mouclass - ok
20:20:52.0737 4872 [ D3BF052C40B0C4166D9FD86A4288C1E6 ] mouhid C:\windows\system32\DRIVERS\mouhid.sys
20:20:52.0815 4872 mouhid - ok
20:20:52.0862 4872 [ 32E7A3D591D671A6DF2DB515A5CBE0FA ] mountmgr C:\windows\system32\drivers\mountmgr.sys
20:20:52.0893 4872 mountmgr - ok
20:20:52.0940 4872 [ 05BF204EC0E82CC4A054DB189C8A3D84 ] MpFilter C:\windows\system32\DRIVERS\MpFilter.sys
20:20:53.0003 4872 MpFilter - ok
20:20:53.0018 4872 [ A44B420D30BD56E145D6A2BC8768EC58 ] mpio C:\windows\system32\drivers\mpio.sys
20:20:53.0049 4872 mpio - ok
20:20:53.0190 4872 [ 0EBB390B7AEEC45EC061D9870A34FD42 ] MpKsl752f6d9c c:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{27B1D385-2CEA-4839-848B-B4C409DAEB30}\MpKsl752f6d9c.sys
20:20:53.0221 4872 MpKsl752f6d9c - ok
20:20:53.0283 4872 [ 6C38C9E45AE0EA2FA5E551F2ED5E978F ] mpsdrv C:\windows\system32\drivers\mpsdrv.sys
20:20:53.0361 4872 mpsdrv - ok
20:20:53.0861 4872 [ 54FFC9C8898113ACE189D4AA7199D2C1 ] MpsSvc C:\windows\system32\mpssvc.dll
20:20:53.0985 4872 MpsSvc - ok
20:20:54.0017 4872 [ DC722758B8261E1ABAFD31A3C0A66380 ] MRxDAV C:\windows\system32\drivers\mrxdav.sys
20:20:54.0079 4872 MRxDAV - ok
20:20:54.0110 4872 [ A5D9106A73DC88564C825D317CAC68AC ] mrxsmb C:\windows\system32\DRIVERS\mrxsmb.sys
20:20:54.0157 4872 mrxsmb - ok
20:20:54.0219 4872 [ D711B3C1D5F42C0C2415687BE09FC163 ] mrxsmb10 C:\windows\system32\DRIVERS\mrxsmb10.sys
20:20:54.0266 4872 mrxsmb10 - ok
20:20:54.0297 4872 [ 9423E9D355C8D303E76B8CFBD8A5C30C ] mrxsmb20 C:\windows\system32\DRIVERS\mrxsmb20.sys
20:20:54.0344 4872 mrxsmb20 - ok
20:20:54.0375 4872 [ C25F0BAFA182CBCA2DD3C851C2E75796 ] msahci C:\windows\system32\drivers\msahci.sys
20:20:54.0391 4872 msahci - ok
20:20:54.0485 4872 [ DB801A638D011B9633829EB6F663C900 ] msdsm C:\windows\system32\drivers\msdsm.sys
20:20:54.0531 4872 msdsm - ok
20:20:54.0563 4872 [ DE0ECE52236CFA3ED2DBFC03F28253A8 ] MSDTC C:\windows\System32\msdtc.exe
20:20:54.0609 4872 MSDTC - ok
20:20:54.0656 4872 [ AA3FB40E17CE1388FA1BEDAB50EA8F96 ] Msfs C:\windows\system32\drivers\Msfs.sys
20:20:54.0750 4872 Msfs - ok
20:20:54.0781 4872 [ F9D215A46A8B9753F61767FA72A20326 ] mshidkmdf C:\windows\System32\drivers\mshidkmdf.sys
20:20:54.0890 4872 mshidkmdf - ok
20:20:54.0921 4872 [ D916874BBD4F8B07BFB7FA9B3CCAE29D ] msisadrv C:\windows\system32\drivers\msisadrv.sys
20:20:54.0999 4872 msisadrv - ok
20:20:55.0046 4872 [ 808E98FF49B155C522E6400953177B08 ] MSiSCSI C:\windows\system32\iscsiexe.dll
20:20:55.0155 4872 MSiSCSI - ok
20:20:55.0171 4872 msiserver - ok
20:20:55.0202 4872 [ 49CCF2C4FEA34FFAD8B1B59D49439366 ] MSKSSRV C:\windows\system32\drivers\MSKSSRV.sys
20:20:55.0311 4872 MSKSSRV - ok
20:20:55.0405 4872 [ CC8E4F72F21340A4D3A3D4DB50313EF5 ] MsMpSvc c:\Program Files\Microsoft Security Client\MsMpEng.exe
20:20:55.0452 4872 MsMpSvc - ok
20:20:55.0514 4872 [ BDD71ACE35A232104DDD349EE70E1AB3 ] MSPCLOCK C:\windows\system32\drivers\MSPCLOCK.sys
20:20:55.0655 4872 MSPCLOCK - ok
20:20:55.0686 4872 [ 4ED981241DB27C3383D72092B618A1D0 ] MSPQM C:\windows\system32\drivers\MSPQM.sys
20:20:55.0764 4872 MSPQM - ok
20:20:55.0826 4872 [ 759A9EEB0FA9ED79DA1FB7D4EF78866D ] MsRPC C:\windows\system32\drivers\MsRPC.sys
20:20:55.0857 4872 MsRPC - ok
20:20:55.0889 4872 [ 0EED230E37515A0EAEE3C2E1BC97B288 ] mssmbios C:\windows\system32\DRIVERS\mssmbios.sys
20:20:55.0920 4872 mssmbios - ok
20:20:55.0951 4872 [ 2E66F9ECB30B4221A318C92AC2250779 ] MSTEE C:\windows\system32\drivers\MSTEE.sys
20:20:56.0045 4872 MSTEE - ok
20:20:56.0076 4872 [ 7EA404308934E675BFFDE8EDF0757BCD ] MTConfig C:\windows\system32\drivers\MTConfig.sys
20:20:56.0107 4872 MTConfig - ok
20:20:56.0154 4872 [ F9A18612FD3526FE473C1BDA678D61C8 ] Mup C:\windows\system32\Drivers\mup.sys
20:20:56.0216 4872 Mup - ok
20:20:56.0247 4872 [ 582AC6D9873E31DFA28A4547270862DD ] napagent C:\windows\system32\qagentRT.dll
20:20:56.0372 4872 napagent - ok
20:20:56.0403 4872 [ 1EA3749C4114DB3E3161156FFFFA6B33 ] NativeWifiP C:\windows\system32\DRIVERS\nwifi.sys
20:20:56.0466 4872 NativeWifiP - ok
20:20:56.0528 4872 [ 760E38053BF56E501D562B70AD796B88 ] NDIS C:\windows\system32\drivers\ndis.sys
20:20:56.0591 4872 NDIS - ok
20:20:56.0637 4872 [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC ] NdisCap C:\windows\system32\DRIVERS\ndiscap.sys
20:20:56.0747 4872 NdisCap - ok
20:20:56.0762 4872 [ 30639C932D9FEF22B31268FE25A1B6E5 ] NdisTapi C:\windows\system32\DRIVERS\ndistapi.sys
20:20:56.0856 4872 NdisTapi - ok
20:20:56.0871 4872 [ 136185F9FB2CC61E573E676AA5402356 ] Ndisuio C:\windows\system32\DRIVERS\ndisuio.sys
20:20:56.0965 4872 Ndisuio - ok
20:20:56.0996 4872 [ 53F7305169863F0A2BDDC49E116C2E11 ] NdisWan C:\windows\system32\DRIVERS\ndiswan.sys
20:20:57.0090 4872 NdisWan - ok
20:20:57.0121 4872 [ 015C0D8E0E0421B4CFD48CFFE2825879 ] NDProxy C:\windows\system32\drivers\NDProxy.sys
20:20:57.0199 4872 NDProxy - ok
20:20:57.0230 4872 [ 86743D9F5D2B1048062B14B1D84501C4 ] NetBIOS C:\windows\system32\DRIVERS\netbios.sys
20:20:57.0324 4872 NetBIOS - ok
20:20:57.0355 4872 [ 09594D1089C523423B32A4229263F068 ] NetBT C:\windows\system32\DRIVERS\netbt.sys
20:20:57.0449 4872 NetBT - ok
20:20:57.0464 4872 [ C118A82CD78818C29AB228366EBF81C3 ] Netlogon C:\windows\system32\lsass.exe
20:20:57.0495 4872 Netlogon - ok
20:20:57.0542 4872 [ 847D3AE376C0817161A14A82C8922A9E ] Netman C:\windows\System32\netman.dll
20:20:57.0683 4872 Netman - ok
20:20:57.0714 4872 [ 5F28111C648F1E24F7DBC87CDEB091B8 ] netprofm C:\windows\System32\netprofm.dll
20:20:57.0823 4872 netprofm - ok
20:20:57.0854 4872 [ 3E5A36127E201DDF663176B66828FAFE ] NetTcpPortSharing C:\windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe
20:20:57.0901 4872 NetTcpPortSharing - ok
20:20:57.0932 4872 [ 77889813BE4D166CDAB78DDBA990DA92 ] nfrd960 C:\windows\system32\drivers\nfrd960.sys
20:20:57.0963 4872 nfrd960 - ok
20:20:57.0995 4872 [ 5FF89F20317309D28AC1EDEB0CD1BA72 ] NisDrv C:\windows\system32\DRIVERS\NisDrvWFP.sys
20:20:58.0041 4872 NisDrv - ok
20:20:58.0057 4872 [ 79E80B10FE8F6662E0C9162A68C43444 ] NisSrv c:\Program Files\Microsoft Security Client\NisSrv.exe
20:20:58.0119 4872 NisSrv - ok
20:20:58.0151 4872 [ 8AD77806D336673F270DB31645267293 ] NlaSvc C:\windows\System32\nlasvc.dll
20:20:58.0197 4872 NlaSvc - ok
20:20:58.0213 4872 [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7 ] Npfs C:\windows\system32\drivers\Npfs.sys
20:20:58.0322 4872 Npfs - ok
20:20:58.0369 4872 [ D54BFDF3E0C953F823B3D0BFE4732528 ] nsi C:\windows\system32\nsisvc.dll
20:20:58.0463 4872 nsi - ok
20:20:58.0494 4872 [ E7F5AE18AF4168178A642A9247C63001 ] nsiproxy C:\windows\system32\drivers\nsiproxy.sys
20:20:58.0587 4872 nsiproxy - ok
20:20:58.0665 4872 [ E453ACF4E7D44E5530B5D5F2B9CA8563 ] Ntfs C:\windows\system32\drivers\Ntfs.sys
20:20:58.0790 4872 Ntfs - ok
20:20:58.0806 4872 [ 9899284589F75FA8724FF3D16AED75C1 ] Null C:\windows\system32\drivers\Null.sys
20:20:58.0899 4872 Null - ok
20:20:58.0931 4872 [ 0A92CB65770442ED0DC44834632F66AD ] nvraid C:\windows\system32\drivers\nvraid.sys
20:20:58.0962 4872 nvraid - ok
20:20:58.0993 4872 [ DAB0E87525C10052BF65F06152F37E4A ] nvstor C:\windows\system32\drivers\nvstor.sys
20:20:59.0024 4872 nvstor - ok
20:20:59.0055 4872 [ 270D7CD42D6E3979F6DD0146650F0E05 ] nv_agp C:\windows\system32\drivers\nv_agp.sys
20:20:59.0087 4872 nv_agp - ok
20:20:59.0102 4872 [ 3589478E4B22CE21B41FA1BFC0B8B8A0 ] ohci1394 C:\windows\system32\drivers\ohci1394.sys
20:20:59.0133 4872 ohci1394 - ok
20:20:59.0180 4872 [ 9D10F99A6712E28F8ACD5641E3A7EA6B ] ose C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
20:20:59.0211 4872 ose - ok
20:20:59.0414 4872 [ 61BFFB5F57AD12F83AB64B7181829B34 ] osppsvc C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
20:20:59.0711 4872 osppsvc - ok
20:20:59.0773 4872 [ 3EAC4455472CC2C97107B5291E0DCAFE ] p2pimsvc C:\windows\system32\pnrpsvc.dll
20:20:59.0851 4872 p2pimsvc - ok
20:20:59.0898 4872 [ 927463ECB02179F88E4B9A17568C63C3 ] p2psvc C:\windows\system32\p2psvc.dll
20:20:59.0945 4872 p2psvc - ok
20:20:59.0991 4872 [ 0086431C29C35BE1DBC43F52CC273887 ] Parport C:\windows\system32\drivers\parport.sys
20:21:00.0023 4872 Parport - ok
20:21:00.0069 4872 [ E9766131EEADE40A27DC27D2D68FBA9C ] partmgr C:\windows\system32\drivers\partmgr.sys
20:21:00.0101 4872 partmgr - ok
20:21:00.0147 4872 [ 3AEAA8B561E63452C655DC0584922257 ] PcaSvc C:\windows\System32\pcasvc.dll
20:21:00.0225 4872 PcaSvc - ok
20:21:00.0257 4872 [ 94575C0571D1462A0F70BDE6BD6EE6B3 ] pci C:\windows\system32\drivers\pci.sys
20:21:00.0303 4872 pci - ok
20:21:00.0335 4872 [ B5B8B5EF2E5CB34DF8DCF8831E3534FA ] pciide C:\windows\system32\DRIVERS\pciide.sys
20:21:00.0366 4872 pciide - ok
20:21:00.0444 4872 [ B2E81D4E87CE48589F98CB8C05B01F2F ] pcmcia C:\windows\system32\drivers\pcmcia.sys
20:21:00.0522 4872 pcmcia - ok
20:21:00.0600 4872 [ D6B9C2E1A11A3A4B26A182FFEF18F603 ] pcw C:\windows\system32\drivers\pcw.sys
20:21:00.0631 4872 pcw - ok
20:21:00.0693 4872 [ 68769C3356B3BE5D1C732C97B9A80D6E ] PEAUTH C:\windows\system32\drivers\peauth.sys
20:21:00.0849 4872 PEAUTH - ok
20:21:00.0943 4872 [ E495E408C93141E8FC72DC0C6046DDFA ] PerfHost C:\windows\SysWow64\perfhost.exe
20:21:00.0990 4872 PerfHost - ok
20:21:01.0068 4872 [ 91111CEBBDE8015E822C46120ED9537C ] PGEffect C:\windows\system32\DRIVERS\pgeffect.sys
20:21:01.0099 4872 PGEffect - ok
20:21:01.0161 4872 [ C7CF6A6E137463219E1259E3F0F0DD6C ] pla C:\windows\system32\pla.dll
20:21:01.0317 4872 pla - ok
20:21:01.0364 4872 [ 25FBDEF06C4D92815B353F6E792C8129 ] PlugPlay C:\windows\system32\umpnpmgr.dll
20:21:01.0442 4872 PlugPlay - ok
20:21:01.0489 4872 [ 7195581CEC9BB7D12ABE54036ACC2E38 ] PNRPAutoReg C:\windows\system32\pnrpauto.dll
20:21:01.0551 4872 PNRPAutoReg - ok
20:21:01.0583 4872 [ 3EAC4455472CC2C97107B5291E0DCAFE ] PNRPsvc C:\windows\system32\pnrpsvc.dll
20:21:01.0629 4872 PNRPsvc - ok
20:21:01.0661 4872 [ 4F15D75ADF6156BF56ECED6D4A55C389 ] PolicyAgent C:\windows\System32\ipsecsvc.dll
20:21:01.0832 4872 PolicyAgent - ok
20:21:01.0863 4872 [ 6BA9D927DDED70BD1A9CADED45F8B184 ] Power C:\windows\system32\umpo.dll
20:21:01.0988 4872 Power - ok
20:21:02.0113 4872 [ F92A2C41117A11A00BE01CA01A7FCDE9 ] PptpMiniport C:\windows\system32\DRIVERS\raspptp.sys
20:21:02.0207 4872 PptpMiniport - ok
20:21:02.0238 4872 [ 0D922E23C041EFB1C3FAC2A6F943C9BF ] Processor C:\windows\system32\drivers\processr.sys
20:21:02.0300 4872 Processor - ok
20:21:02.0425 4872 [ 53E83F1F6CF9D62F32801CF66D8352A8 ] ProfSvc C:\windows\system32\profsvc.dll
20:21:02.0550 4872 ProfSvc - ok
20:21:02.0581 4872 [ C118A82CD78818C29AB228366EBF81C3 ] ProtectedStorage C:\windows\system32\lsass.exe
20:21:02.0628 4872 ProtectedStorage - ok
20:21:02.0690 4872 [ 0557CF5A2556BD58E26384169D72438D ] Psched C:\windows\system32\DRIVERS\pacer.sys
20:21:02.0815 4872 Psched - ok
20:21:03.0127 4872 [ A53A15A11EBFD21077463EE2C7AFEEF0 ] ql2300 C:\windows\system32\drivers\ql2300.sys
20:21:03.0252 4872 ql2300 - ok
20:21:03.0314 4872 [ 4F6D12B51DE1AAEFF7DC58C4D75423C8 ] ql40xx C:\windows\system32\drivers\ql40xx.sys
20:21:03.0361 4872 ql40xx - ok
20:21:03.0408 4872 [ 906191634E99AEA92C4816150BDA3732 ] QWAVE C:\windows\system32\qwave.dll
20:21:03.0501 4872 QWAVE - ok
20:21:03.0564 4872 [ 76707BB36430888D9CE9D705398ADB6C ] QWAVEdrv C:\windows\system32\drivers\qwavedrv.sys
20:21:03.0642 4872 QWAVEdrv - ok
20:21:03.0720 4872 [ 5A0DA8AD5762FA2D91678A8A01311704 ] RasAcd C:\windows\system32\DRIVERS\rasacd.sys
20:21:03.0860 4872 RasAcd - ok
20:21:03.0923 4872 [ 7ECFF9B22276B73F43A99A15A6094E90 ] RasAgileVpn C:\windows\system32\DRIVERS\AgileVpn.sys
20:21:04.0032 4872 RasAgileVpn - ok
20:21:04.0094 4872 [ 8F26510C5383B8DBE976DE1CD00FC8C7 ] RasAuto C:\windows\System32\rasauto.dll
20:21:04.0219 4872 RasAuto - ok
20:21:04.0250 4872 [ 471815800AE33E6F1C32FB1B97C490CA ] Rasl2tp C:\windows\system32\DRIVERS\rasl2tp.sys
20:21:04.0406 4872 Rasl2tp - ok
20:21:04.0453 4872 [ EE867A0870FC9E4972BA9EAAD35651E2 ] RasMan C:\windows\System32\rasmans.dll
20:21:04.0547 4872 RasMan - ok
20:21:04.0578 4872 [ 855C9B1CD4756C5E9A2AA58A15F58C25 ] RasPppoe C:\windows\system32\DRIVERS\raspppoe.sys
20:21:04.0734 4872 RasPppoe - ok
20:21:04.0765 4872 [ E8B1E447B008D07FF47D016C2B0EEECB ] RasSstp C:\windows\system32\DRIVERS\rassstp.sys
20:21:04.0937 4872 RasSstp - ok
20:21:05.0046 4872 [ 77F665941019A1594D887A74F301FA2F ] rdbss C:\windows\system32\DRIVERS\rdbss.sys
20:21:05.0202 4872 rdbss - ok
20:21:05.0264 4872 [ 302DA2A0539F2CF54D7C6CC30C1F2D8D ] rdpbus C:\windows\system32\drivers\rdpbus.sys
20:21:05.0373 4872 rdpbus - ok
20:21:05.0420 4872 [ CEA6CC257FC9B7715F1C2B4849286D24 ] RDPCDD C:\windows\system32\DRIVERS\RDPCDD.sys
20:21:05.0514 4872 RDPCDD - ok
20:21:05.0561 4872 [ BB5971A4F00659529A5C44831AF22365 ] RDPENCDD C:\windows\system32\drivers\rdpencdd.sys
20:21:05.0685 4872 RDPENCDD - ok
20:21:05.0763 4872 [ 216F3FA57533D98E1F74DED70113177A ] RDPREFMP C:\windows\system32\drivers\rdprefmp.sys
20:21:05.0873 4872 RDPREFMP - ok
20:21:05.0982 4872 [ E61608AA35E98999AF9AAEEEA6114B0A ] RDPWD C:\windows\system32\drivers\RDPWD.sys
20:21:06.0060 4872 RDPWD - ok
20:21:06.0138 4872 [ 34ED295FA0121C241BFEF24764FC4520 ] rdyboost C:\windows\system32\drivers\rdyboost.sys
20:21:06.0185 4872 rdyboost - ok
20:21:06.0263 4872 [ 254FB7A22D74E5511C73A3F6D802F192 ] RemoteAccess C:\windows\System32\mprdim.dll
20:21:06.0419 4872 RemoteAccess - ok
20:21:06.0497 4872 [ E4D94F24081440B5FC5AA556C7C62702 ] RemoteRegistry C:\windows\system32\regsvc.dll
20:21:06.0653 4872 RemoteRegistry - ok
20:21:06.0731 4872 [ E4DC58CF7B3EA515AE917FF0D402A7BB ] RpcEptMapper C:\windows\System32\RpcEpMap.dll
20:21:06.0855 4872 RpcEptMapper - ok
20:21:06.0902 4872 [ D5BA242D4CF8E384DB90E6A8ED850B8C ] RpcLocator C:\windows\system32\locator.exe
20:21:06.0949 4872 RpcLocator - ok
20:21:07.0027 4872 [ 5C627D1B1138676C0A7AB2C2C190D123 ] RpcSs C:\windows\system32\rpcss.dll
20:21:07.0121 4872 RpcSs - ok
20:21:07.0152 4872 [ DDC86E4F8E7456261E637E3552E804FF ] rspndr C:\windows\system32\DRIVERS\rspndr.sys
20:21:07.0261 4872 rspndr - ok
20:21:07.0370 4872 [ 36FCA0C67BCDC0DA047F5F36743B5CB9 ] RSUSBVSTOR C:\windows\system32\Drivers\RtsUVStor.sys
20:21:07.0401 4872 RSUSBVSTOR - ok
20:21:07.0542 4872 [ E50CFB92986DCAB49DE93788FD695813 ] RTL8167 C:\windows\system32\DRIVERS\Rt64win7.sys
20:21:07.0589 4872 RTL8167 - ok
20:21:07.0713 4872 [ 513338976B722822B555D739D78F9E9F ] RTL8192Ce C:\windows\system32\DRIVERS\rtl8192Ce.sys
20:21:07.0776 4872 RTL8192Ce - ok
20:21:07.0838 4872 [ C118A82CD78818C29AB228366EBF81C3 ] SamSs C:\windows\system32\lsass.exe
20:21:07.0916 4872 SamSs - ok
20:21:07.0963 4872 [ AC03AF3329579FFFB455AA2DAABBE22B ] sbp2port C:\windows\system32\drivers\sbp2port.sys
20:21:08.0041 4872 sbp2port - ok
20:21:08.0088 4872 [ 9B7395789E3791A3B6D000FE6F8B131E ] SCardSvr C:\windows\System32\SCardSvr.dll
20:21:08.0197 4872 SCardSvr - ok
20:21:08.0244 4872 [ 253F38D0D7074C02FF8DEB9836C97D2B ] scfilter C:\windows\system32\DRIVERS\scfilter.sys
20:21:08.0400 4872 scfilter - ok
20:21:08.0493 4872 [ 262F6592C3299C005FD6BEC90FC4463A ] Schedule C:\windows\system32\schedsvc.dll
20:21:08.0696 4872 Schedule - ok
20:21:08.0743 4872 [ F17D1D393BBC69C5322FBFAFACA28C7F ] SCPolicySvc C:\windows\System32\certprop.dll
20:21:08.0930 4872 SCPolicySvc - ok
20:21:08.0993 4872 [ 6EA4234DC55346E0709560FE7C2C1972 ] SDRSVC C:\windows\System32\SDRSVC.dll
20:21:09.0102 4872 SDRSVC - ok
20:21:09.0149 4872 [ 3EA8A16169C26AFBEB544E0E48421186 ] secdrv C:\windows\system32\drivers\secdrv.sys
20:21:09.0320 4872 secdrv - ok
20:21:09.0351 4872 [ BC617A4E1B4FA8DF523A061739A0BD87 ] seclogon C:\windows\system32\seclogon.dll
20:21:09.0523 4872 seclogon - ok
20:21:09.0554 4872 [ C32AB8FA018EF34C0F113BD501436D21 ] SENS C:\windows\System32\sens.dll
20:21:09.0695 4872 SENS - ok
20:21:09.0726 4872 [ 0336CFFAFAAB87A11541F1CF1594B2B2 ] SensrSvc C:\windows\system32\sensrsvc.dll
20:21:09.0804 4872 SensrSvc - ok
20:21:09.0866 4872 [ CB624C0035412AF0DEBEC78C41F5CA1B ] Serenum C:\windows\system32\drivers\serenum.sys
20:21:09.0929 4872 Serenum - ok
20:21:09.0960 4872 [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6 ] Serial C:\windows\system32\drivers\serial.sys
20:21:10.0022 4872 Serial - ok
20:21:10.0038 4872 [ 1C545A7D0691CC4A027396535691C3E3 ] sermouse C:\windows\system32\drivers\sermouse.sys
20:21:10.0100 4872 sermouse - ok
20:21:10.0163 4872 [ 0B6231BF38174A1628C4AC812CC75804 ] SessionEnv C:\windows\system32\sessenv.dll
20:21:10.0272 4872 SessionEnv - ok
20:21:10.0319 4872 [ A554811BCD09279536440C964AE35BBF ] sffdisk C:\windows\system32\drivers\sffdisk.sys
20:21:10.0350 4872 sffdisk - ok
20:21:10.0397 4872 [ FF414F0BAEFEBA59BC6C04B3DB0B87BF ] sffp_mmc C:\windows\system32\drivers\sffp_mmc.sys
20:21:10.0459 4872 sffp_mmc - ok
20:21:10.0490 4872 [ DD85B78243A19B59F0637DCF284DA63C ] sffp_sd C:\windows\system32\drivers\sffp_sd.sys
20:21:10.0537 4872 sffp_sd - ok
20:21:10.0553 4872 [ A9D601643A1647211A1EE2EC4E433FF4 ] sfloppy C:\windows\system32\drivers\sfloppy.sys
20:21:10.0584 4872 sfloppy - ok
20:21:10.0646 4872 [ B95F6501A2F8B2E78C697FEC401970CE ] SharedAccess C:\windows\System32\ipnathlp.dll
20:21:10.0755 4872 SharedAccess - ok
20:21:10.0802 4872 [ AAF932B4011D14052955D4B212A4DA8D ] ShellHWDetection C:\windows\System32\shsvcs.dll
20:21:10.0911 4872 ShellHWDetection - ok
20:21:10.0943 4872 [ 843CAF1E5FDE1FFD5FF768F23A51E2E1 ] SiSRaid2 C:\windows\system32\drivers\SiSRaid2.sys
20:21:10.0974 4872 SiSRaid2 - ok
20:21:11.0021 4872 [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4 ] SiSRaid4 C:\windows\system32\drivers\sisraid4.sys
20:21:11.0052 4872 SiSRaid4 - ok
20:21:11.0067 4872 [ 548260A7B8654E024DC30BF8A7C5BAA4 ] Smb C:\windows\system32\DRIVERS\smb.sys
20:21:11.0177 4872 Smb - ok
20:21:11.0223 4872 [ 6313F223E817CC09AA41811DAA7F541D ] SNMPTRAP C:\windows\System32\snmptrap.exe
20:21:11.0270 4872 SNMPTRAP - ok
20:21:11.0317 4872 [ B9E31E5CACDFE584F34F730A677803F9 ] spldr C:\windows\system32\drivers\spldr.sys
20:21:11.0348 4872 spldr - ok
20:21:11.0395 4872 [ 85DAA09A98C9286D4EA2BA8D0E644377 ] Spooler C:\windows\System32\spoolsv.exe
20:21:11.0457 4872 Spooler - ok
20:21:11.0629 4872 [ E17E0188BB90FAE42D83E98707EFA59C ] sppsvc C:\windows\system32\sppsvc.exe
20:21:11.0801 4872 sppsvc - ok
20:21:11.0847 4872 [ 93D7D61317F3D4BC4F4E9F8A96A7DE45 ] sppuinotify C:\windows\system32\sppuinotify.dll
20:21:11.0941 4872 sppuinotify - ok
20:21:11.0988 4872 [ 441FBA48BFF01FDB9D5969EBC1838F0B ] srv C:\windows\system32\DRIVERS\srv.sys
20:21:12.0035 4872 srv - ok
20:21:12.0066 4872 [ B4ADEBBF5E3677CCE9651E0F01F7CC28 ] srv2 C:\windows\system32\DRIVERS\srv2.sys
20:21:12.0113 4872 srv2 - ok
20:21:12.0159 4872 [ 27E461F0BE5BFF5FC737328F749538C3 ] srvnet C:\windows\system32\DRIVERS\srvnet.sys
20:21:12.0191 4872 srvnet - ok
20:21:12.0237 4872 [ 51B52FBD583CDE8AA9BA62B8B4298F33 ] SSDPSRV C:\windows\System32\ssdpsrv.dll
20:21:12.0409 4872 SSDPSRV - ok
20:21:12.0440 4872 [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB ] SstpSvc C:\windows\system32\sstpsvc.dll
20:21:12.0534 4872 SstpSvc - ok
20:21:12.0581 4872 [ F3817967ED533D08327DC73BC4D5542A ] stexstor C:\windows\system32\drivers\stexstor.sys
20:21:12.0612 4872 stexstor - ok
20:21:12.0674 4872 [ 8DD52E8E6128F4B2DA92CE27402871C1 ] stisvc C:\windows\System32\wiaservc.dll
20:21:12.0737 4872 stisvc - ok
20:21:12.0752 4872 [ D01EC09B6711A5F8E7E6564A4D0FBC90 ] swenum C:\windows\system32\DRIVERS\swenum.sys
20:21:12.0783 4872 swenum - ok
20:21:12.0846 4872 [ E08E46FDD841B7184194011CA1955A0B ] swprv C:\windows\System32\swprv.dll
20:21:12.0971 4872 swprv - ok
20:21:13.0049 4872 [ 06D602A637E171E151853F1D8ECD34F1 ] SynTP C:\windows\system32\DRIVERS\SynTP.sys
20:21:13.0127 4872 SynTP - ok
20:21:13.0220 4872 [ BF9CCC0BF39B418C8D0AE8B05CF95B7D ] SysMain C:\windows\system32\sysmain.dll
20:21:13.0314 4872 SysMain - ok
20:21:13.0361 4872 [ E3C61FD7B7C2557E1F1B0B4CEC713585 ] TabletInputService C:\windows\System32\TabSvc.dll
20:21:13.0423 4872 TabletInputService - ok
20:21:13.0485 4872 [ 40F0849F65D13EE87B9A9AE3C1DD6823 ] TapiSrv C:\windows\System32\tapisrv.dll
20:21:13.0595 4872 TapiSrv - ok
20:21:13.0626 4872 [ 1BE03AC720F4D302EA01D40F588162F6 ] TBS C:\windows\System32\tbssvc.dll
20:21:13.0735 4872 TBS - ok
20:21:13.0797 4872 [ 37608401DFDB388CAF66917F6B2D6FB0 ] Tcpip C:\windows\system32\drivers\tcpip.sys
20:21:13.0907 4872 Tcpip - ok
20:21:13.0969 4872 [ 37608401DFDB388CAF66917F6B2D6FB0 ] TCPIP6 C:\windows\system32\DRIVERS\tcpip.sys
20:21:14.0063 4872 TCPIP6 - ok
20:21:14.0109 4872 [ 1B16D0BD9841794A6E0CDE0CEF744ABC ] tcpipreg C:\windows\system32\drivers\tcpipreg.sys
20:21:14.0141 4872 tcpipreg - ok
20:21:14.0203 4872 [ FD542B661BD22FA69CA789AD0AC58C29 ] tdcmdpst C:\windows\system32\DRIVERS\tdcmdpst.sys
20:21:14.0234 4872 tdcmdpst - ok
20:21:14.0265 4872 [ 3371D21011695B16333A3934340C4E7C ] TDPIPE C:\windows\system32\drivers\tdpipe.sys
20:21:14.0328 4872 TDPIPE - ok
20:21:14.0375 4872 [ 51C5ECEB1CDEE2468A1748BE550CFBC8 ] TDTCP C:\windows\system32\drivers\tdtcp.sys
20:21:14.0406 4872 TDTCP - ok
20:21:14.0453 4872 [ DDAD5A7AB24D8B65F8D724F5C20FD806 ] tdx C:\windows\system32\DRIVERS\tdx.sys
20:21:14.0546 4872 tdx - ok
20:21:14.0577 4872 [ 561E7E1F06895D78DE991E01DD0FB6E5 ] TermDD C:\windows\system32\DRIVERS\termdd.sys
20:21:14.0609 4872 TermDD - ok
20:21:14.0671 4872 [ 2E648163254233755035B46DD7B89123 ] TermService C:\windows\System32\termsrv.dll
20:21:14.0796 4872 TermService - ok
20:21:14.0827 4872 [ F0344071948D1A1FA732231785A0664C ] Themes C:\windows\system32\themeservice.dll
20:21:14.0858 4872 Themes - ok
20:21:14.0936 4872 [ 7F35CA8296A52C7161088EB1D952E8ED ] Thpdrv C:\windows\system32\DRIVERS\thpdrv.sys
20:21:14.0952 4872 Thpdrv - ok
20:21:14.0983 4872 [ B4E609047434ED948AF7BDEF2FA66E38 ] Thpevm C:\windows\system32\DRIVERS\Thpevm.SYS
20:21:15.0014 4872 Thpevm - ok
20:21:15.0077 4872 [ 0B4734AE9EC70B843DF02E7B1C056377 ] Thpsrv C:\windows\system32\ThpSrv.exe
20:21:15.0123 4872 Thpsrv ( UnsignedFile.Multi.Generic ) - warning
20:21:15.0123 4872 Thpsrv - detected UnsignedFile.Multi.Generic (1)
20:21:15.0155 4872 [ E40E80D0304A73E8D269F7141D77250B ] THREADORDER C:\windows\system32\mmcss.dll
20:21:15.0248 4872 THREADORDER - ok
20:21:15.0326 4872 [ 71C321649B28638EE80A2EEB164C1DC8 ] TMachInfo C:\Program Files (x86)\TOSHIBA\TOSHIBA Service Station\TMachInfo.exe
20:21:15.0357 4872 TMachInfo - ok
20:21:15.0404 4872 [ 8E2C799D3476EAC32C3BA0DF7CE6AF19 ] TODDSrv C:\windows\system32\TODDSrv.exe
20:21:15.0435 4872 TODDSrv - ok
20:21:15.0532 4872 [ 1C73689B900428C7D054A41C4687F55C ] TosCoSrv C:\Program Files\TOSHIBA\Power Saver\TosCoSrv.exe
20:21:15.0573 4872 TosCoSrv - ok
20:21:15.0617 4872 [ 29D0886CF250FCEF1BF9E65AB8D2C0C8 ] TOSHIBA HDD SSD Alert Service C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSmartSrv.exe
20:21:15.0648 4872 TOSHIBA HDD SSD Alert Service - ok
20:21:15.0669 4872 [ 7E7AFD841694F6AC397E99D75CEAD49D ] TrkWks C:\windows\System32\trkwks.dll
20:21:15.0778 4872 TrkWks - ok
20:21:16.0121 4872 [ 773212B2AAA24C1E31F10246B15B276C ] TrustedInstaller C:\windows\servicing\TrustedInstaller.exe
20:21:16.0246 4872 TrustedInstaller - ok
20:21:16.0293 4872 [ CE18B2CDFC837C99E5FAE9CA6CBA5D30 ] tssecsrv C:\windows\system32\DRIVERS\tssecsrv.sys
20:21:16.0402 4872 tssecsrv - ok
20:21:16.0418 4872 [ D11C783E3EF9A3C52C0EBE83CC5000E9 ] TsUsbFlt C:\windows\system32\drivers\tsusbflt.sys
20:21:16.0465 4872 TsUsbFlt - ok
20:21:16.0496 4872 [ 9CC2CCAE8A84820EAECB886D477CBCB8 ] TsUsbGD C:\windows\system32\drivers\TsUsbGD.sys
20:21:16.0527 4872 TsUsbGD - ok
20:21:16.0574 4872 [ 3566A8DAAFA27AF944F5D705EAA64894 ] tunnel C:\windows\system32\DRIVERS\tunnel.sys
20:21:16.0699 4872 tunnel - ok
20:21:16.0745 4872 [ 550B567F9364D8F7684C3FB3EA665A72 ] TVALZ C:\windows\system32\DRIVERS\TVALZ_O.SYS
20:21:16.0761 4872 TVALZ - ok
20:21:16.0808 4872 [ B4DD609BD7E282BFC683CEC7EAAAAD67 ] uagp35 C:\windows\system32\drivers\uagp35.sys
20:21:16.0855 4872 uagp35 - ok
20:21:16.0886 4872 [ FF4232A1A64012BAA1FD97C7B67DF593 ] udfs C:\windows\system32\DRIVERS\udfs.sys
20:21:16.0979 4872 udfs - ok
20:21:17.0042 4872 [ 3CBDEC8D06B9968ABA702EBA076364A1 ] UI0Detect C:\windows\system32\UI0Detect.exe
20:21:17.0089 4872 UI0Detect - ok
20:21:17.0120 4872 [ 4BFE1BC28391222894CBF1E7D0E42320 ] uliagpkx C:\windows\system32\drivers\uliagpkx.sys
20:21:17.0151 4872 uliagpkx - ok
20:21:17.0182 4872 [ DC54A574663A895C8763AF0FA1FF7561 ] umbus C:\windows\system32\DRIVERS\umbus.sys
20:21:17.0229 4872 umbus - ok
20:21:17.0291 4872 [ B2E8E8CB557B156DA5493BBDDCC1474D ] UmPass C:\windows\system32\drivers\umpass.sys
20:21:17.0354 4872 UmPass - ok
20:21:17.0479 4872 [ D47EC6A8E81633DD18D2436B19BAF6DE ] upnphost C:\windows\System32\upnphost.dll
20:21:17.0619 4872 upnphost - ok
20:21:17.0650 4872 [ 6F1A3157A1C89435352CEB543CDB359C ] usbccgp C:\windows\system32\DRIVERS\usbccgp.sys
20:21:17.0697 4872 usbccgp - ok
20:21:17.0728 4872 [ AF0892A803FDDA7492F595368E3B68E7 ] usbcir C:\windows\system32\drivers\usbcir.sys
20:21:17.0775 4872 usbcir - ok
20:21:17.0837 4872 [ C025055FE7B87701EB042095DF1A2D7B ] usbehci C:\windows\system32\DRIVERS\usbehci.sys
20:21:17.0884 4872 usbehci - ok
20:21:17.0947 4872 [ 287C6C9410B111B68B52CA298F7B8C24 ] usbhub C:\windows\system32\DRIVERS\usbhub.sys
20:21:18.0040 4872 usbhub - ok
20:21:18.0071 4872 [ 9840FC418B4CBD632D3D0A667A725C31 ] usbohci C:\windows\system32\DRIVERS\usbohci.sys
20:21:18.0118 4872 usbohci - ok
20:21:18.0165 4872 [ 73188F58FB384E75C4063D29413CEE3D ] usbprint C:\windows\system32\DRIVERS\usbprint.sys
20:21:18.0243 4872 usbprint - ok
20:21:18.0290 4872 [ AAA2513C8AED8B54B189FD0C6B1634C0 ] usbscan C:\windows\system32\DRIVERS\usbscan.sys
20:21:18.0337 4872 usbscan - ok
20:21:18.0383 4872 [ FED648B01349A3C8395A5169DB5FB7D6 ] USBSTOR C:\windows\system32\DRIVERS\USBSTOR.SYS
20:21:18.0493 4872 USBSTOR - ok
20:21:18.0539 4872 [ 62069A34518BCF9C1FD9E74B3F6DB7CD ] usbuhci C:\windows\system32\drivers\usbuhci.sys
20:21:18.0633 4872 usbuhci - ok
20:21:18.0680 4872 [ 454800C2BC7F3927CE030141EE4F4C50 ] usbvideo C:\windows\system32\Drivers\usbvideo.sys
20:21:18.0727 4872 usbvideo - ok
20:21:18.0773 4872 [ EDBB23CBCF2CDF727D64FF9B51A6070E ] UxSms C:\windows\System32\uxsms.dll
20:21:18.0883 4872 UxSms - ok
20:21:18.0914 4872 [ C118A82CD78818C29AB228366EBF81C3 ] VaultSvc C:\windows\system32\lsass.exe
20:21:18.0945 4872 VaultSvc - ok
20:21:18.0992 4872 [ C5C876CCFC083FF3B128F933823E87BD ] vdrvroot C:\windows\system32\drivers\vdrvroot.sys
20:21:19.0039 4872 vdrvroot - ok
20:21:19.0085 4872 [ 8D6B481601D01A456E75C3210F1830BE ] vds C:\windows\System32\vds.exe
20:21:19.0226 4872 vds - ok
20:21:19.0257 4872 [ DA4DA3F5E02943C2DC8C6ED875DE68DD ] vga C:\windows\system32\DRIVERS\vgapnp.sys
20:21:19.0304 4872 vga - ok
20:21:19.0335 4872 [ 53E92A310193CB3C03BEA963DE7D9CFC ] VgaSave C:\windows\System32\drivers\vga.sys
20:21:19.0460 4872 VgaSave - ok
20:21:19.0491 4872 [ 2CE2DF28C83AEAF30084E1B1EB253CBB ] vhdmp C:\windows\system32\drivers\vhdmp.sys
20:21:19.0522 4872 vhdmp - ok
20:21:19.0569 4872 [ E5689D93FFE4E5D66C0178761240DD54 ] viaide C:\windows\system32\drivers\viaide.sys
20:21:19.0600 4872 viaide - ok
20:21:19.0631 4872 [ D2AAFD421940F640B407AEFAAEBD91B0 ] volmgr C:\windows\system32\drivers\volmgr.sys
20:21:19.0678 4872 volmgr - ok
20:21:19.0725 4872 [ A255814907C89BE58B79EF2F189B843B ] volmgrx C:\windows\system32\drivers\volmgrx.sys
20:21:19.0787 4872 volmgrx - ok
20:21:19.0850 4872 [ DF8126BD41180351A093A3AD2FC8903B ] volsnap C:\windows\system32\drivers\volsnap.sys
20:21:19.0912 4872 volsnap - ok
20:21:19.0943 4872 [ 5E2016EA6EBACA03C04FEAC5F330D997 ] vsmraid C:\windows\system32\drivers\vsmraid.sys
20:21:19.0990 4872 vsmraid - ok
20:21:20.0053 4872 [ B60BA0BC31B0CB414593E169F6F21CC2 ] VSS C:\windows\system32\vssvc.exe
20:21:20.0209 4872 VSS - ok
20:21:20.0255 4872 [ 36D4720B72B5C5D9CB2B9C29E9DF67A1 ] vwifibus C:\windows\system32\DRIVERS\vwifibus.sys
20:21:20.0302 4872 vwifibus - ok
20:21:20.0333 4872 [ 6A3D66263414FF0D6FA754C646612F3F ] vwififlt C:\windows\system32\DRIVERS\vwififlt.sys
20:21:20.0396 4872 vwififlt - ok
20:21:20.0411 4872 [ 6A638FC4BFDDC4D9B186C28C91BD1A01 ] vwifimp C:\windows\system32\DRIVERS\vwifimp.sys
20:21:20.0458 4872 vwifimp - ok
20:21:20.0489 4872 [ 1C9D80CC3849B3788048078C26486E1A ] W32Time C:\windows\system32\w32time.dll
20:21:20.0599 4872 W32Time - ok
20:21:20.0645 4872 [ 4E9440F4F152A7B944CB1663D3935A3E ] WacomPen C:\windows\system32\drivers\wacompen.sys
20:21:20.0708 4872 WacomPen - ok
20:21:20.0723 4872 [ 356AFD78A6ED4457169241AC3965230C ] WANARP C:\windows\system32\DRIVERS\wanarp.sys
20:21:20.0833 4872 WANARP - ok
20:21:20.0833 4872 [ 356AFD78A6ED4457169241AC3965230C ] Wanarpv6 C:\windows\system32\DRIVERS\wanarp.sys
20:21:20.0926 4872 Wanarpv6 - ok
20:21:21.0004 4872 [ 3CEC96DE223E49EAAE3651FCF8FAEA6C ] WatAdminSvc C:\windows\system32\Wat\WatAdminSvc.exe
20:21:21.0098 4872 WatAdminSvc - ok
20:21:21.0176 4872 [ 78F4E7F5C56CB9716238EB57DA4B6A75 ] wbengine C:\windows\system32\wbengine.exe
20:21:21.0285 4872 wbengine - ok
20:21:21.0332 4872 [ 3AA101E8EDAB2DB4131333F4325C76A3 ] WbioSrvc C:\windows\System32\wbiosrvc.dll
20:21:21.0379 4872 WbioSrvc - ok
20:21:21.0425 4872 [ 7368A2AFD46E5A4481D1DE9D14848EDD ] wcncsvc C:\windows\System32\wcncsvc.dll
20:21:21.0488 4872 wcncsvc - ok
20:21:21.0503 4872 [ 20F7441334B18CEE52027661DF4A6129 ] WcsPlugInService C:\windows\System32\WcsPlugInService.dll
20:21:21.0550 4872 WcsPlugInService - ok
20:21:21.0597 4872 [ 72889E16FF12BA0F235467D6091B17DC ] Wd C:\windows\system32\drivers\wd.sys
20:21:21.0628 4872 Wd - ok
20:21:21.0675 4872 [ 442783E2CB0DA19873B7A63833FF4CB4 ] Wdf01000 C:\windows\system32\drivers\Wdf01000.sys
20:21:21.0753 4872 Wdf01000 - ok
20:21:21.0784 4872 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiServiceHost C:\windows\system32\wdi.dll
20:21:21.0909 4872 WdiServiceHost - ok
20:21:21.0925 4872 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiSystemHost C:\windows\system32\wdi.dll
20:21:21.0971 4872 WdiSystemHost - ok
20:21:21.0987 4872 [ 3DB6D04E1C64272F8B14EB8BC4616280 ] WebClient C:\windows\System32\webclnt.dll
20:21:22.0065 4872 WebClient - ok
20:21:22.0081 4872 [ C749025A679C5103E575E3B48E092C43 ] Wecsvc C:\windows\system32\wecsvc.dll
20:21:22.0205 4872 Wecsvc - ok
20:21:22.0221 4872 [ 7E591867422DC788B9E5BD337A669A08 ] wercplsupport C:\windows\System32\wercplsupport.dll
20:21:22.0315 4872 wercplsupport - ok
20:21:22.0424 4872 [ 6D137963730144698CBD10F202E9F251 ] WerSvc C:\windows\System32\WerSvc.dll
20:21:22.0517 4872 WerSvc - ok
20:21:22.0549 4872 [ 611B23304BF067451A9FDEE01FBDD725 ] WfpLwf C:\windows\system32\DRIVERS\wfplwf.sys
20:21:22.0642 4872 WfpLwf - ok
20:21:22.0673 4872 [ 05ECAEC3E4529A7153B3136CEB49F0EC ] WIMMount C:\windows\system32\drivers\wimmount.sys
20:21:22.0720 4872 WIMMount - ok
20:21:22.0751 4872 WinDefend - ok
20:21:22.0767 4872 WinHttpAutoProxySvc - ok
20:21:22.0923 4872 [ 19B07E7E8915D701225DA41CB3877306 ] Winmgmt C:\windows\system32\wbem\WMIsvc.dll
20:21:23.0032 4872 Winmgmt - ok
20:21:23.0188 4872 [ BCB1310604AA415C4508708975B3931E ] WinRM C:\windows\system32\WsmSvc.dll
20:21:23.0329 4872 WinRM - ok
20:21:23.0578 4872 [ 4FADA86E62F18A1B2F42BA18AE24E6AA ] Wlansvc C:\windows\System32\wlansvc.dll
20:21:23.0656 4872 Wlansvc - ok
20:21:23.0703 4872 [ 06C8FA1CF39DE6A735B54D906BA791C6 ] wlcrasvc C:\Program Files\Windows Live\Mesh\wlcrasvc.exe
20:21:24.0046 4872 wlcrasvc - ok
20:21:24.0935 4872 [ 2BACD71123F42CEA603F4E205E1AE337 ] wlidsvc C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
20:21:25.0107 4872 wlidsvc - ok
20:21:25.0232 4872 [ F6FF8944478594D0E414D3F048F0D778 ] WmiAcpi C:\windows\system32\drivers\wmiacpi.sys
20:21:25.0279 4872 WmiAcpi - ok
20:21:25.0325 4872 [ 38B84C94C5A8AF291ADFEA478AE54F93 ] wmiApSrv C:\windows\system32\wbem\WmiApSrv.exe
20:21:25.0388 4872 wmiApSrv - ok
20:21:25.0419 4872 WMPNetworkSvc - ok
20:21:25.0466 4872 [ 96C6E7100D724C69FCF9E7BF590D1DCA ] WPCSvc C:\windows\System32\wpcsvc.dll
20:21:25.0513 4872 WPCSvc - ok
20:21:25.0559 4872 [ 93221146D4EBBF314C29B23CD6CC391D ] WPDBusEnum C:\windows\system32\wpdbusenum.dll
20:21:25.0606 4872 WPDBusEnum - ok
20:21:25.0637 4872 [ 6BCC1D7D2FD2453957C5479A32364E52 ] ws2ifsl C:\windows\system32\drivers\ws2ifsl.sys
20:21:25.0731 4872 ws2ifsl - ok
20:21:25.0747 4872 [ E8B1FE6669397D1772D8196DF0E57A9E ] wscsvc C:\windows\System32\wscsvc.dll
20:21:25.0825 4872 wscsvc - ok
20:21:25.0840 4872 WSearch - ok
20:21:25.0949 4872 [ D9EF901DCA379CFE914E9FA13B73B4C4 ] wuauserv C:\windows\system32\wuaueng.dll
20:21:26.0090 4872 wuauserv - ok
20:21:26.0152 4872 [ AB886378EEB55C6C75B4F2D14B6C869F ] WudfPf C:\windows\system32\drivers\WudfPf.sys
20:21:26.0215 4872 WudfPf - ok
20:21:26.0246 4872 [ DDA4CAF29D8C0A297F886BFE561E6659 ] WUDFRd C:\windows\system32\DRIVERS\WUDFRd.sys
20:21:26.0293 4872 WUDFRd - ok
20:21:26.0339 4872 [ B20F051B03A966392364C83F009F7D17 ] wudfsvc C:\windows\System32\WUDFSvc.dll
20:21:26.0386 4872 wudfsvc - ok
20:21:26.0417 4872 [ 9A3452B3C2A46C073166C5CF49FAD1AE ] WwanSvc C:\windows\System32\wwansvc.dll
20:21:26.0480 4872 WwanSvc - ok
20:21:26.0511 4872 ================ Scan global ===============================
20:21:26.0558 4872 [ BA0CD8C393E8C9F83354106093832C7B ] C:\windows\system32\basesrv.dll
20:21:26.0605 4872 [ F46BBAAC1C4980F4D0DD463F190A42D3 ] C:\windows\system32\winsrv.dll
20:21:26.0636 4872 [ F46BBAAC1C4980F4D0DD463F190A42D3 ] C:\windows\system32\winsrv.dll
20:21:26.0651 4872 [ D6160F9D869BA3AF0B787F971DB56368 ] C:\windows\system32\sxssrv.dll
20:21:26.0698 4872 [ 24ACB7E5BE595468E3B9AA488B9B4FCB ] C:\windows\system32\services.exe
20:21:26.0698 4872 [Global] - ok
20:21:26.0698 4872 ================ Scan MBR ==================================
20:21:26.0729 4872 [ 5B5E648D12FCADC244C1EC30318E1EB9 ] \Device\Harddisk0\DR0
20:21:26.0729 4872 Suspicious mbr (Forged): \Device\Harddisk0\DR0
20:21:26.0792 4872 \Device\Harddisk0\DR0 ( Rootkit.Boot.Pihar.c ) - infected
20:21:26.0792 4872 \Device\Harddisk0\DR0 - detected Rootkit.Boot.Pihar.c (0)
20:21:26.0854 4872 \Device\Harddisk0\DR0 ( TDSS File System ) - warning
20:21:26.0854 4872 \Device\Harddisk0\DR0 - detected TDSS File System (1)
20:21:26.0870 4872 ================ Scan VBR ==================================
20:21:26.0901 4872 [ 097449B306C9E02264A8382D8BBE3894 ] \Device\Harddisk0\DR0\Partition1
20:21:26.0901 4872 \Device\Harddisk0\DR0\Partition1 - ok
20:21:26.0901 4872 ================ Scan active images ========================
20:21:26.0917 4872 [ 3E588B60EC061686BA05D33574A344C6 ] C:\Windows\System32\drivers\crashdmp.sys
20:21:26.0917 4872 C:\Windows\System32\drivers\crashdmp.sys - ok
20:21:26.0932 4872 [ 839B5FE3D48E9F35B22C21A3D5103F6C ] C:\Windows\System32\drivers\Dumpata.sys
20:21:26.0932 4872 C:\Windows\System32\drivers\Dumpata.sys - ok
20:21:26.0948 4872 [ 814DB88F2641691575A455CF25354098 ] C:\Windows\System32\drivers\dumpfve.sys
20:21:26.0948 4872 C:\Windows\System32\drivers\dumpfve.sys - ok
20:21:26.0948 4872 [ C25F0BAFA182CBCA2DD3C851C2E75796 ] C:\Windows\System32\drivers\msahci.sys
20:21:26.0948 4872 C:\Windows\System32\drivers\msahci.sys - ok
20:21:26.0963 4872 [ F036CE71586E93D94DAB220D7BDF4416 ] C:\Windows\System32\drivers\cdrom.sys
20:21:26.0963 4872 C:\Windows\System32\drivers\cdrom.sys - ok
20:21:26.0995 4872 [ 9899284589F75FA8724FF3D16AED75C1 ] C:\Windows\System32\drivers\null.sys
20:21:26.0995 4872 C:\Windows\System32\drivers\null.sys - ok
20:21:26.0995 4872 [ 16A47CE2DECC9B099349A5F840654746 ] C:\Windows\System32\drivers\beep.sys
20:21:26.0995 4872 C:\Windows\System32\drivers\beep.sys - ok
20:21:27.0010 4872 [ 53E92A310193CB3C03BEA963DE7D9CFC ] C:\Windows\System32\drivers\vga.sys
20:21:27.0010 4872 C:\Windows\System32\drivers\vga.sys - ok
20:21:27.0026 4872 [ E7353D59C9842BC7299FAEB7E7E09340 ] C:\Windows\System32\drivers\videoprt.sys
20:21:27.0026 4872 C:\Windows\System32\drivers\videoprt.sys - ok
20:21:27.0041 4872 [ FC438D1430B28618E2D0C7C332A710AD ] C:\Windows\System32\drivers\watchdog.sys
20:21:27.0041 4872 C:\Windows\System32\drivers\watchdog.sys - ok
20:21:27.0057 4872 [ CEA6CC257FC9B7715F1C2B4849286D24 ] C:\Windows\System32\drivers\RDPCDD.sys
20:21:27.0057 4872 C:\Windows\System32\drivers\RDPCDD.sys - ok
20:21:27.0057 4872 [ BB5971A4F00659529A5C44831AF22365 ] C:\Windows\System32\drivers\RDPENCDD.sys
20:21:27.0057 4872 C:\Windows\System32\drivers\RDPENCDD.sys - ok
20:21:27.0073 4872 [ 216F3FA57533D98E1F74DED70113177A ] C:\Windows\System32\drivers\RDPREFMP.sys
20:21:27.0073 4872 C:\Windows\System32\drivers\RDPREFMP.sys - ok
20:21:27.0088 4872 [ AA3FB40E17CE1388FA1BEDAB50EA8F96 ] C:\Windows\System32\drivers\msfs.sys
20:21:27.0088 4872 C:\Windows\System32\drivers\msfs.sys - ok
20:21:27.0104 4872 [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7 ] C:\Windows\System32\drivers\npfs.sys
20:21:27.0104 4872 C:\Windows\System32\drivers\npfs.sys - ok
20:21:27.0119 4872 [ 6F020A220388ECA0AB6062DC27BD16B6 ] C:\Windows\System32\drivers\tdi.sys
20:21:27.0119 4872 C:\Windows\System32\drivers\tdi.sys - ok
20:21:27.0135 4872 [ DDAD5A7AB24D8B65F8D724F5C20FD806 ] C:\Windows\System32\drivers\tdx.sys
20:21:27.0135 4872 C:\Windows\System32\drivers\tdx.sys - ok
20:21:27.0151 4872 [ 1C7857B62DE5994A75B054A9FD4C3825 ] C:\Windows\System32\drivers\afd.sys
20:21:27.0151 4872 C:\Windows\System32\drivers\afd.sys - ok
20:21:27.0151 4872 [ 09594D1089C523423B32A4229263F068 ] C:\Windows\System32\drivers\netbt.sys
20:21:27.0151 4872 C:\Windows\System32\drivers\netbt.sys - ok
20:21:27.0166 4872 [ 611B23304BF067451A9FDEE01FBDD725 ] C:\Windows\System32\drivers\wfplwf.sys
20:21:27.0166 4872 C:\Windows\System32\drivers\wfplwf.sys - ok
20:21:27.0182 4872 [ 0557CF5A2556BD58E26384169D72438D ] C:\Windows\System32\drivers\pacer.sys
20:21:27.0182 4872 C:\Windows\System32\drivers\pacer.sys - ok
20:21:27.0197 4872 [ 6A3D66263414FF0D6FA754C646612F3F ] C:\Windows\System32\drivers\vwififlt.sys
20:21:27.0197 4872 C:\Windows\System32\drivers\vwififlt.sys - ok
20:21:27.0213 4872 [ 86743D9F5D2B1048062B14B1D84501C4 ] C:\Windows\System32\drivers\netbios.sys
20:21:27.0213 4872 C:\Windows\System32\drivers\netbios.sys - ok
20:21:27.0229 4872 [ 356AFD78A6ED4457169241AC3965230C ] C:\Windows\System32\drivers\wanarp.sys
20:21:27.0229 4872 C:\Windows\System32\drivers\wanarp.sys - ok
20:21:27.0244 4872 [ 561E7E1F06895D78DE991E01DD0FB6E5 ] C:\Windows\System32\drivers\termdd.sys
20:21:27.0244 4872 C:\Windows\System32\drivers\termdd.sys - ok
20:21:27.0260 4872 [ 77F665941019A1594D887A74F301FA2F ] C:\Windows\System32\drivers\rdbss.sys
20:21:27.0260 4872 C:\Windows\System32\drivers\rdbss.sys - ok
20:21:27.0260 4872 [ E7F5AE18AF4168178A642A9247C63001 ] C:\Windows\System32\drivers\nsiproxy.sys
20:21:27.0260 4872 C:\Windows\System32\drivers\nsiproxy.sys - ok
20:21:27.0275 4872 [ 13096B05847EC78F0977F2C0F79E9AB3 ] C:\Windows\System32\drivers\discache.sys
20:21:27.0275 4872 C:\Windows\System32\drivers\discache.sys - ok
20:21:27.0291 4872 [ 0EED230E37515A0EAEE3C2E1BC97B288 ] C:\Windows\System32\drivers\mssmbios.sys
20:21:27.0291 4872 C:\Windows\System32\drivers\mssmbios.sys - ok
20:21:27.0307 4872 [ 61583EE3C3A17003C4ACD0475646B4D3 ] C:\Windows\System32\drivers\blbdrive.sys
20:21:27.0307 4872 C:\Windows\System32\drivers\blbdrive.sys - ok
20:21:27.0322 4872 [ 9BB2EF44EAA163B29C4A4587887A0FE4 ] C:\Windows\System32\drivers\dfsc.sys
20:21:27.0322 4872 C:\Windows\System32\drivers\dfsc.sys - ok
20:21:27.0338 4872 [ 3566A8DAAFA27AF944F5D705EAA64894 ] C:\Windows\System32\drivers\tunnel.sys
20:21:27.0338 4872 C:\Windows\System32\drivers\tunnel.sys - ok
20:21:27.0353 4872 [ 1E56388B3FE0D031C44144EB8C4D6217 ] C:\Windows\System32\drivers\amdppm.sys
20:21:27.0353 4872 C:\Windows\System32\drivers\amdppm.sys - ok
20:21:27.0369 4872 [ 1EEFFCE9A3A65A56A28793EAA3F57026 ] C:\Windows\System32\drivers\atikmpag.sys
20:21:27.0369 4872 C:\Windows\System32\drivers\atikmpag.sys - ok
20:21:27.0385 4872 [ 1911A3356FA3F77CCC825CCBAC038C2A ] C:\Windows\System32\smss.exe
20:21:27.0385 4872 C:\Windows\System32\smss.exe - ok
20:21:27.0385 4872 [ CF95B85FF8D128385ABD411C8CA74DED ] C:\Windows\System32\ntdll.dll
20:21:27.0400 4872 C:\Windows\System32\ntdll.dll - ok
20:21:27.0400 4872 [ 3B536A8BEC3B4F23FFDFD78B11A2AB93 ] C:\Windows\System32\autochk.exe
20:21:27.0400 4872 C:\Windows\System32\autochk.exe - ok
20:21:27.0416 4872 [ 194D76D2083318A2E7071A988E02ECF4 ] C:\Windows\System32\drivers\atikmdag.sys
20:21:27.0416 4872 C:\Windows\System32\drivers\atikmdag.sys - ok
20:21:27.0431 4872 [ 85DBF6EC7BDFA6187F4A1EC8F3145CD0 ] C:\Windows\System32\drivers\dxgkrnl.sys
20:21:27.0431 4872 C:\Windows\System32\drivers\dxgkrnl.sys - ok
20:21:27.0447 4872 [ D0BF5B74A3B75F5B07DF04DA258A29B9 ] C:\Windows\System32\drivers\dxgmms1.sys
20:21:27.0447 4872 C:\Windows\System32\drivers\dxgmms1.sys - ok
20:21:27.0463 4872 [ FD542B661BD22FA69CA789AD0AC58C29 ] C:\Windows\System32\drivers\tdcmdpst.sys
20:21:27.0463 4872 C:\Windows\System32\drivers\tdcmdpst.sys - ok
20:21:27.0463 4872 [ AE259C75F9A0B057B6BF9E9695632B09 ] C:\Windows\System32\drivers\usbport.sys
20:21:27.0463 4872 C:\Windows\System32\drivers\usbport.sys - ok
20:21:27.0478 4872 [ 9840FC418B4CBD632D3D0A667A725C31 ] C:\Windows\System32\drivers\usbohci.sys
20:21:27.0478 4872 C:\Windows\System32\drivers\usbohci.sys - ok
20:21:27.0494 4872 [ D25968D163EC487A50C8C6A91D4134B4 ] C:\Windows\System32\iertutil.dll
20:21:27.0494 4872 C:\Windows\System32\iertutil.dll - ok
20:21:27.0509 4872 [ C025055FE7B87701EB042095DF1A2D7B ] C:\Windows\System32\drivers\usbehci.sys
20:21:27.0509 4872 C:\Windows\System32\drivers\usbehci.sys - ok
20:21:27.0525 4872 [ 97BFED39B6B79EB12CDDBFEED51F56BB ] C:\Windows\System32\drivers\hdaudbus.sys
20:21:27.0525 4872 C:\Windows\System32\drivers\hdaudbus.sys - ok
20:21:27.0541 4872 [ FA55C73D4AFFA7EE23AC4BE53B4592D3 ] C:\Windows\System32\drivers\i8042prt.sys
20:21:27.0541 4872 C:\Windows\System32\drivers\i8042prt.sys - ok
20:21:27.0556 4872 [ BC02336F1CBA7DCC7D1213BB588A68A5 ] C:\Windows\System32\drivers\kbdclass.sys
20:21:27.0556 4872 C:\Windows\System32\drivers\kbdclass.sys - ok
20:21:27.0572 4872 [ CCA2AB1752A61F29C3C941CD79D78CEA ] C:\Windows\System32\drivers\usbd.sys
20:21:27.0572 4872 C:\Windows\System32\drivers\usbd.sys - ok
20:21:27.0587 4872 [ 06D602A637E171E151853F1D8ECD34F1 ] C:\Windows\System32\drivers\SynTP.sys
20:21:27.0587 4872 C:\Windows\System32\drivers\SynTP.sys - ok
20:21:27.0587 4872 [ 7D27EA49F3C1F687D357E77A470AEA99 ] C:\Windows\System32\drivers\mouclass.sys
20:21:27.0587 4872 C:\Windows\System32\drivers\mouclass.sys - ok
20:21:27.0603 4872 [ 0840155D0BDDF1190F84A663C284BD33 ] C:\Windows\System32\drivers\CmBatt.sys
20:21:27.0603 4872 C:\Windows\System32\drivers\CmBatt.sys - ok
20:21:27.0619 4872 [ 513338976B722822B555D739D78F9E9F ] C:\Windows\System32\drivers\rtl8192ce.sys
20:21:27.0619 4872 C:\Windows\System32\drivers\rtl8192ce.sys - ok
20:21:27.0634 4872 [ 36D4720B72B5C5D9CB2B9C29E9DF67A1 ] C:\Windows\System32\drivers\vwifibus.sys
20:21:27.0634 4872 C:\Windows\System32\drivers\vwifibus.sys - ok
20:21:27.0650 4872 [ E50CFB92986DCAB49DE93788FD695813 ] C:\Windows\System32\drivers\Rt64win7.sys
20:21:27.0650 4872 C:\Windows\System32\drivers\Rt64win7.sys - ok
20:21:27.0665 4872 [ 03EDB043586CCEBA243D689BDDA370A8 ] C:\Windows\System32\drivers\CompositeBus.sys
20:21:27.0665 4872 C:\Windows\System32\drivers\CompositeBus.sys - ok
20:21:27.0681 4872 [ 60ACB128E64C35C2B4E4AAB1B0A5C293 ] C:\Windows\System32\drivers\FwLnk.sys
20:21:27.0681 4872 C:\Windows\System32\drivers\FwLnk.sys - ok
20:21:27.0681 4872 [ 7ECFF9B22276B73F43A99A15A6094E90 ] C:\Windows\System32\drivers\agilevpn.sys
20:21:27.0681 4872 C:\Windows\System32\drivers\agilevpn.sys - ok
20:21:27.0697 4872 [ 471815800AE33E6F1C32FB1B97C490CA ] C:\Windows\System32\drivers\rasl2tp.sys
20:21:27.0697 4872 C:\Windows\System32\drivers\rasl2tp.sys - ok
20:21:27.0712 4872 [ 30639C932D9FEF22B31268FE25A1B6E5 ] C:\Windows\System32\drivers\ndistapi.sys
20:21:27.0712 4872 C:\Windows\System32\drivers\ndistapi.sys - ok
20:21:27.0728 4872 [ 53F7305169863F0A2BDDC49E116C2E11 ] C:\Windows\System32\drivers\ndiswan.sys
20:21:27.0728 4872 C:\Windows\System32\drivers\ndiswan.sys - ok
20:21:27.0743 4872 [ 855C9B1CD4756C5E9A2AA58A15F58C25 ] C:\Windows\System32\drivers\raspppoe.sys
20:21:27.0743 4872 C:\Windows\System32\drivers\raspppoe.sys - ok
20:21:27.0759 4872 [ F92A2C41117A11A00BE01CA01A7FCDE9 ] C:\Windows\System32\drivers\raspptp.sys
20:21:27.0759 4872 C:\Windows\System32\drivers\raspptp.sys - ok
20:21:27.0775 4872 [ E8B1E447B008D07FF47D016C2B0EEECB ] C:\Windows\System32\drivers\rassstp.sys
20:21:27.0775 4872 C:\Windows\System32\drivers\rassstp.sys - ok
20:21:27.0790 4872 [ 24FBF5CC5C04150073C315A7C83521EE ] C:\Windows\System32\drivers\ks.sys
20:21:27.0790 4872 C:\Windows\System32\drivers\ks.sys - ok
20:21:27.0790 4872 [ D01EC09B6711A5F8E7E6564A4D0FBC90 ] C:\Windows\System32\drivers\swenum.sys
20:21:27.0790 4872 C:\Windows\System32\drivers\swenum.sys - ok
20:21:27.0806 4872 [ DC54A574663A895C8763AF0FA1FF7561 ] C:\Windows\System32\drivers\umbus.sys
20:21:27.0806 4872 C:\Windows\System32\drivers\umbus.sys - ok
20:21:27.0821 4872 [ 287C6C9410B111B68B52CA298F7B8C24 ] C:\Windows\System32\drivers\usbhub.sys
20:21:27.0821 4872 C:\Windows\System32\drivers\usbhub.sys - ok
20:21:27.0837 4872 [ 015C0D8E0E0421B4CFD48CFFE2825879 ] C:\Windows\System32\drivers\ndproxy.sys
20:21:27.0837 4872 C:\Windows\System32\drivers\ndproxy.sys - ok
20:21:27.0853 4872 [ 21D26064AEDB4988F785BB4A3A2C051E ] C:\Windows\System32\drivers\drmk.sys
20:21:27.0853 4872 C:\Windows\System32\drivers\drmk.sys - ok
20:21:27.0868 4872 [ 32E11315B5126921FFD9074840EF13D3 ] C:\Windows\System32\drivers\portcls.sys
20:21:27.0868 4872 C:\Windows\System32\drivers\portcls.sys - ok
20:21:27.0884 4872 [ 0A30A899C6295F908729EDA7F95615A8 ] C:\Windows\System32\drivers\RTKVHD64.sys
20:21:27.0884 4872 C:\Windows\System32\drivers\RTKVHD64.sys - ok
20:21:27.0899 4872 [ 6869281E78CB31A43E969F06B57347C4 ] C:\Windows\System32\drivers\ksthunk.sys
20:21:27.0899 4872 C:\Windows\System32\drivers\ksthunk.sys - ok
20:21:27.0915 4872 [ 6F1A3157A1C89435352CEB543CDB359C ] C:\Windows\System32\drivers\usbccgp.sys
20:21:27.0915 4872 C:\Windows\System32\drivers\usbccgp.sys - ok
20:21:27.0915 4872 [ 8B0E40E7E8BBF5ACF390465609D89FF1 ] C:\Windows\System32\drivers\hidclass.sys
20:21:27.0915 4872 C:\Windows\System32\drivers\hidclass.sys - ok
20:21:27.0931 4872 [ 49EE2E52E6CD03947DAD72F65367BE06 ] C:\Windows\System32\drivers\hidparse.sys
20:21:27.0931 4872 C:\Windows\System32\drivers\hidparse.sys - ok
20:21:27.0946 4872 [ 9592090A7E2B61CD582B612B6DF70536 ] C:\Windows\System32\drivers\hidusb.sys
20:21:27.0946 4872 C:\Windows\System32\drivers\hidusb.sys - ok
20:21:27.0962 4872 [ D3BF052C40B0C4166D9FD86A4288C1E6 ] C:\Windows\System32\drivers\mouhid.sys
20:21:27.0962 4872 C:\Windows\System32\drivers\mouhid.sys - ok
20:21:27.0977 4872 [ 36FCA0C67BCDC0DA047F5F36743B5CB9 ] C:\Windows\System32\drivers\rtsuvstor.sys
20:21:27.0977 4872 C:\Windows\System32\drivers\rtsuvstor.sys - ok
20:21:27.0993 4872 [ 454800C2BC7F3927CE030141EE4F4C50 ] C:\Windows\System32\drivers\usbvideo.sys
20:21:27.0993 4872 C:\Windows\System32\drivers\usbvideo.sys - ok
20:21:27.0993 4872 [ 91111CEBBDE8015E822C46120ED9537C ] C:\Windows\System32\drivers\PGEffect.sys
20:21:27.0993 4872 C:\Windows\System32\drivers\PGEffect.sys - ok
20:21:28.0009 4872 [ 83404DCBCE4925B6A5A77C5170F46D86 ] C:\Windows\System32\sechost.dll
20:21:28.0009 4872 C:\Windows\System32\sechost.dll - ok
20:21:28.0024 4872 [ 9835E63E09F824D22B689D2BB789BAB9 ] C:\Windows\System32\comdlg32.dll
20:21:28.0024 4872 C:\Windows\System32\comdlg32.dll - ok
20:21:28.0040 4872 [ 28C0B5024F5C5A438E78B188CFC81B7F ] C:\Windows\System32\normaliz.dll
20:21:28.0040 4872 C:\Windows\System32\normaliz.dll - ok
20:21:28.0055 4872 [ A19DB004D954BBC9C4EC125711E1D1C2 ] C:\Windows\System32\wininet.dll
20:21:28.0055 4872 C:\Windows\System32\wininet.dll - ok
20:21:28.0071 4872 [ 25983DE69B57142039AC8D95E71CD9C9 ] C:\Windows\System32\clbcatq.dll
20:21:28.0071 4872 C:\Windows\System32\clbcatq.dll - ok
20:21:28.0071 4872 [ C431EAF5CAA1C82CAC2534A2EAB348A3 ] C:\Windows\System32\msctf.dll
20:21:28.0071 4872 C:\Windows\System32\msctf.dll - ok
20:21:28.0087 4872 [ 6C60B5ACA7442EFB794082CDACFC001C ] C:\Windows\System32\ole32.dll
20:21:28.0087 4872 C:\Windows\System32\ole32.dll - ok
20:21:28.0102 4872 [ C06B32165E23A72A898B7A89679AD754 ] C:\Windows\System32\oleaut32.dll
20:21:28.0102 4872 C:\Windows\System32\oleaut32.dll - ok
20:21:28.0118 4872 [ 0611473C1AD9E2D991CD9482068417F7 ] C:\Windows\System32\rpcrt4.dll
20:21:28.0118 4872 C:\Windows\System32\rpcrt4.dll - ok
20:21:28.0133 4872 [ C6689007B3A749C49A5438DCF36E0CE4 ] C:\Windows\System32\shell32.dll
20:21:28.0133 4872 C:\Windows\System32\shell32.dll - ok
20:21:28.0149 4872 [ 6DF46D2BD74E3DA1B45F08F10D172732 ] C:\Windows\System32\advapi32.dll
20:21:28.0149 4872 C:\Windows\System32\advapi32.dll - ok
20:21:28.0165 4872 [ 1084AA52CCC324EA54C7121FA24C2221 ] C:\Windows\System32\gdi32.dll
20:21:28.0165 4872 C:\Windows\System32\gdi32.dll - ok
20:21:28.0165 4872 [ EAF32CB8C1F810E4715B4DFBE785C7FF ] C:\Windows\System32\shlwapi.dll
20:21:28.0165 4872 C:\Windows\System32\shlwapi.dll - ok
20:21:28.0180 4872 [ E519FD2CE6D57062400537C95C3B17FD ] C:\Windows\System32\urlmon.dll
20:21:28.0180 4872 C:\Windows\System32\urlmon.dll - ok
20:21:28.0196 4872 [ F7CE0C81C545364020ED8203CF0A633E ] C:\Windows\System32\difxapi.dll
20:21:28.0196 4872 C:\Windows\System32\difxapi.dll - ok
20:21:28.0211 4872 [ C391FC68282A000CDF953F8B6B55D2EF ] C:\Windows\System32\msvcrt.dll
20:21:28.0211 4872 C:\Windows\System32\msvcrt.dll - ok
20:21:28.0227 4872 [ A1BE6A720D02E37F72E9CD89AE9CB3CF ] C:\Windows\System32\imagehlp.dll
20:21:28.0227 4872 C:\Windows\System32\imagehlp.dll - ok
20:21:28.0227 4872 [ AA2C08CE85653B1A0D2E4AB407FA176C ] C:\Windows\System32\imm32.dll
20:21:28.0227 4872 C:\Windows\System32\imm32.dll - ok
20:21:28.0243 4872 [ 5D8E6C95156ED1F79A63D1EADE6F9ED5 ] C:\Windows\System32\setupapi.dll
20:21:28.0243 4872 C:\Windows\System32\setupapi.dll - ok
20:21:28.0258 4872 [ 044FE45FFD6AD40E3BBBE60B7F41BABE ] C:\Windows\System32\nsi.dll
20:21:28.0258 4872 C:\Windows\System32\nsi.dll - ok
20:21:28.0274 4872 [ 4BBFA57F594F7E8A8EDC8F377184C3F0 ] C:\Windows\System32\ws2_32.dll
20:21:28.0274 4872 C:\Windows\System32\ws2_32.dll - ok
20:21:28.0289 4872 [ EAF41CFBA5281834CBC383C710AC7965 ] C:\Windows\System32\kernel32.dll
20:21:28.0289 4872 C:\Windows\System32\kernel32.dll - ok
20:21:28.0305 4872 [ 2F8B1E3EE3545D3B5A8D56FA1AE07B65 ] C:\Windows\System32\usp10.dll
20:21:28.0305 4872 C:\Windows\System32\usp10.dll - ok
20:21:28.0321 4872 [ 4E4FFB09D895AA000DD56D1404F69A7E ] C:\Windows\System32\Wldap32.dll
20:21:28.0321 4872 C:\Windows\System32\Wldap32.dll - ok
20:21:28.0336 4872 [ FE70103391A64039A921DBFFF9C7AB1B ] C:\Windows\System32\user32.dll
20:21:28.0336 4872 C:\Windows\System32\user32.dll - ok
20:21:28.0336 4872 [ CF0997050DB2B359D7F4103092296A1B ] C:\Windows\System32\KernelBase.dll
20:21:28.0336 4872 C:\Windows\System32\KernelBase.dll - ok
20:21:28.0352 4872 [ D202223587518B13D72D68937B7E3F70 ] C:\Windows\System32\lpk.dll
20:21:28.0352 4872 C:\Windows\System32\lpk.dll - ok
20:21:28.0367 4872 [ D87E1E59C73C1F98D5DED5B3850C40F5 ] C:\Windows\System32\psapi.dll
20:21:28.0367 4872 C:\Windows\System32\psapi.dll - ok
20:21:28.0383 4872 [ AA06902362B1422D7A7DA7061E07C624 ] C:\Windows\System32\wintrust.dll
20:21:28.0383 4872 C:\Windows\System32\wintrust.dll - ok
20:21:28.0399 4872 [ 12EE6FE9268CEE6D90FDCCBF89236C65 ] C:\Windows\System32\crypt32.dll
20:21:28.0399 4872 C:\Windows\System32\crypt32.dll - ok
20:21:28.0414 4872 [ 14DFDEAF4E589ED3F1FF187A86B9408C ] C:\Windows\System32\comctl32.dll
20:21:28.0414 4872 C:\Windows\System32\comctl32.dll - ok
20:21:28.0430 4872 [ 06FEC9E8117103BB1141A560E98077DA ] C:\Windows\System32\devobj.dll
20:21:28.0430 4872 C:\Windows\System32\devobj.dll - ok
20:21:28.0445 4872 [ 2477A28081BDAEE622CF045ACF8EE124 ] C:\Windows\System32\cfgmgr32.dll
20:21:28.0445 4872 C:\Windows\System32\cfgmgr32.dll - ok
20:21:28.0445 4872 [ 884415BD4269C02EAF8E2613BF85500D ] C:\Windows\System32\msasn1.dll
20:21:28.0445 4872 C:\Windows\System32\msasn1.dll - ok
20:21:28.0461 4872 [ 9C278785347BCC991F8EA2999D90F58D ] C:\Windows\SysWOW64\normaliz.dll
20:21:28.0461 4872 C:\Windows\SysWOW64\normaliz.dll - ok
20:21:28.0477 4872 [ BF24D6F2ED97FE830BFD52B246F98E67 ] C:\Windows\System32\drivers\dxapi.sys
20:21:28.0477 4872 C:\Windows\System32\drivers\dxapi.sys - ok
20:21:28.0492 4872 [ 34B419EDEAC6F12B34908DE3758F98C9 ] C:\Windows\System32\win32k.sys
20:21:28.0492 4872 C:\Windows\System32\win32k.sys - ok
20:21:28.0508 4872 [ 96F587CA26A6AA894BD8CACE4540CFFC ] C:\Windows\System32\csrsrv.dll
20:21:28.0508 4872 C:\Windows\System32\csrsrv.dll - ok
20:21:28.0508 4872 [ 60C2862B4BF0FD9F582EF344C2B1EC72 ] C:\Windows\System32\csrss.exe
20:21:28.0508 4872 C:\Windows\System32\csrss.exe - ok
20:21:28.0523 4872 [ BA0CD8C393E8C9F83354106093832C7B ] C:\Windows\System32\basesrv.dll
20:21:28.0523 4872 C:\Windows\System32\basesrv.dll - ok
20:21:28.0539 4872 [ F46BBAAC1C4980F4D0DD463F190A42D3 ] C:\Windows\System32\winsrv.dll
20:21:28.0539 4872 C:\Windows\System32\winsrv.dll - ok
20:21:28.0555 4872 [ B03D591DC7DA45ECE20B3B467E6AADAA ] C:\Windows\System32\drivers\monitor.sys
20:21:28.0555 4872 C:\Windows\System32\drivers\monitor.sys - ok
20:21:28.0570 4872 [ F29FE765E1448EF371CFE05BFAC74ADB ] C:\Windows\System32\tsddd.dll
20:21:28.0570 4872 C:\Windows\System32\tsddd.dll - ok
20:21:28.0586 4872 [ D6160F9D869BA3AF0B787F971DB56368 ] C:\Windows\System32\sxssrv.dll
20:21:28.0586 4872 C:\Windows\System32\sxssrv.dll - ok
20:21:28.0601 4872 [ 94355C28C1970635A31B3FE52EB7CEBA ] C:\Windows\System32\wininit.exe
20:21:28.0601 4872 C:\Windows\System32\wininit.exe - ok
20:21:28.0617 4872 [ 943F527DF79E6B400104341AA7023C75 ] C:\Windows\System32\cdd.dll
20:21:28.0617 4872 C:\Windows\System32\cdd.dll - ok
20:21:28.0617 4872 [ 2C942733A5983DD4502219FF37C7EBC7 ] C:\Windows\System32\profapi.dll
20:21:28.0617 4872 C:\Windows\System32\profapi.dll - ok
20:21:28.0633 4872 [ C2A8CB1275ECB85D246A9ECC02A728E3 ] C:\Windows\System32\RpcRtRemote.dll
20:21:28.0633 4872 C:\Windows\System32\RpcRtRemote.dll - ok
20:21:28.0648 4872 [ 78523A26F5604C0568FE9D1CE86E36F4 ] C:\Windows\System32\KBDUS.DLL
20:21:28.0648 4872 C:\Windows\System32\KBDUS.DLL - ok
20:21:28.0664 4872 [ B26B1801356760841C3BC69F9F91537F ] C:\Windows\System32\WlS0WndH.dll
20:21:28.0664 4872 C:\Windows\System32\WlS0WndH.dll - ok
20:21:28.0679 4872 [ 9CEAD32E79A62150FE9F8557E58E008B ] C:\Windows\System32\sxs.dll
20:21:28.0679 4872 C:\Windows\System32\sxs.dll - ok
20:21:28.0695 4872 [ 784FA3DF338E2E8F5F0389D6FAC428AF ] C:\Windows\System32\cryptbase.dll
20:21:28.0695 4872 C:\Windows\System32\cryptbase.dll - ok
20:21:28.0711 4872 [ 90499F3163A9F815CF196A205EA3CD5D ] C:\Windows\System32\apphelp.dll
20:21:28.0711 4872 C:\Windows\System32\apphelp.dll - ok
20:21:28.0711 4872 [ C118A82CD78818C29AB228366EBF81C3 ] C:\Windows\System32\lsass.exe
20:21:28.0711 4872 C:\Windows\System32\lsass.exe - ok
20:21:28.0726 4872 [ 9662EE182644511439F1C53745DC1C88 ] C:\Windows\System32\lsm.exe
20:21:28.0726 4872 C:\Windows\System32\lsm.exe - ok
20:21:28.0742 4872 [ 24ACB7E5BE595468E3B9AA488B9B4FCB ] C:\Windows\System32\services.exe
20:21:28.0742 4872 C:\Windows\System32\services.exe - ok
20:21:28.0757 4872 [ 1151B1BAA6F350B1DB6598E0FEA7C457 ] C:\Windows\System32\winlogon.exe
20:21:28.0757 4872 C:\Windows\System32\winlogon.exe - ok
20:21:28.0773 4872 [ B66BC8B20B7F33975865B1DF99783FD8 ] C:\Windows\System32\sspicli.dll
20:21:28.0773 4872 C:\Windows\System32\sspicli.dll - ok
20:21:28.0789 4872 [ 3A0CE5FE781708CD6ABD55313607EC8B ] C:\Windows\System32\sspisrv.dll
20:21:28.0789 4872 C:\Windows\System32\sspisrv.dll - ok
20:21:28.0789 4872 [ 68083118797CAF30FB2EA3E71494D67E ] C:\Windows\System32\sysntfy.dll
20:21:28.0804 4872 C:\Windows\System32\sysntfy.dll - ok
20:21:28.0804 4872 [ 0D9764D58C5EFD672B7184854B152E5E ] C:\Windows\System32\winsta.dll
20:21:28.0804 4872 C:\Windows\System32\winsta.dll - ok
20:21:28.0820 4872 [ DEE7267C5D232A3B816866872CE199E6 ] C:\Windows\System32\wmsgapi.dll
20:21:28.0820 4872 C:\Windows\System32\wmsgapi.dll - ok
20:21:28.0835 4872 [ 66A6063D0BAAD3F7B2B9868859E0743B ] C:\Windows\System32\lsasrv.dll
20:21:28.0835 4872 C:\Windows\System32\lsasrv.dll - ok
20:21:28.0851 4872 [ BBCDF350817BA86416C0F06B6981BE8D ] C:\Windows\System32\scesrv.dll
20:21:28.0851 4872 C:\Windows\System32\scesrv.dll - ok
20:21:28.0867 4872 [ E914A50A151DFFE63D3935226DB5E2C1 ] C:\Windows\System32\scext.dll
20:21:28.0867 4872 C:\Windows\System32\scext.dll - ok
20:21:28.0882 4872 [ 0144D8D75A0B12938AEEE859E3310A46 ] C:\Windows\System32\secur32.dll
20:21:28.0882 4872 C:\Windows\System32\secur32.dll - ok
20:21:28.0898 4872 [ A744BA6E04C8AA4592818178DBF89521 ] C:\Windows\System32\samsrv.dll
20:21:28.0898 4872 C:\Windows\System32\samsrv.dll - ok
20:21:28.0898 4872 [ 3A9C9BAF610B0DD4967086040B3B62A9 ] C:\Windows\System32\srvcli.dll
20:21:28.0898 4872 C:\Windows\System32\srvcli.dll - ok
20:21:28.0913 4872 [ 3A061472B38233BAFF9CFEFF2E49C46B ] C:\Windows\System32\cryptdll.dll
20:21:28.0913 4872 C:\Windows\System32\cryptdll.dll - ok
20:21:28.0929 4872 [ 3C073B0C596A0AF84933E7406766B040 ] C:\Windows\System32\wevtapi.dll
20:21:28.0929 4872 C:\Windows\System32\wevtapi.dll - ok
20:21:28.0945 4872 [ 7FBEBD2229EA5FD48D41B199EC2D541C ] C:\Windows\System32\authz.dll
20:21:28.0945 4872 C:\Windows\System32\authz.dll - ok
20:21:28.0960 4872 [ 86FE1B1F8FD42CD0DB641AB1CDB13093 ] C:\Windows\System32\cngaudit.dll
20:21:28.0960 4872 C:\Windows\System32\cngaudit.dll - ok
20:21:28.0976 4872 [ 400645085A91BF3EB0271329B95AE0BE ] C:\Windows\System32\ncrypt.dll
20:21:28.0976 4872 C:\Windows\System32\ncrypt.dll - ok
20:21:28.0991 4872 [ B9A95365E52F421A20E1501935FADDA5 ] C:\Windows\System32\bcrypt.dll
20:21:28.0991 4872 C:\Windows\System32\bcrypt.dll - ok
20:21:29.0007 4872 [ 02B64609F865A39365FF88580DF11738 ] C:\Windows\System32\msprivs.dll
20:21:29.0007 4872 C:\Windows\System32\msprivs.dll - ok
20:21:29.0007 4872 [ C6505DE3561537BA1004D638C2F93F2F ] C:\Windows\System32\netjoin.dll
20:21:29.0007 4872 C:\Windows\System32\netjoin.dll - ok
20:21:29.0023 4872 [ 44E1A196DFCB53B01FE4B855C3B56A15 ] C:\Windows\System32\kerberos.dll
20:21:29.0023 4872 C:\Windows\System32\kerberos.dll - ok
20:21:29.0038 4872 [ 50532FCD7ECF02DD169CE5C485F02534 ] C:\Windows\System32\negoexts.dll
20:21:29.0038 4872 C:\Windows\System32\negoexts.dll - ok
20:21:29.0054 4872 [ D0C2FBB6D97416B0166478FC7AE2B212 ] C:\Windows\System32\cryptsp.dll
20:21:29.0054 4872 C:\Windows\System32\cryptsp.dll - ok
20:21:29.0069 4872 [ 94E026870A55AAEAFF7853C1754091E9 ] C:\Windows\System32\version.dll
20:21:29.0069 4872 C:\Windows\System32\version.dll - ok
20:21:29.0085 4872 [ 1D5185A4C7E6695431AE4B55C3D7D333 ] C:\Windows\System32\mswsock.dll
20:21:29.0085 4872 C:\Windows\System32\mswsock.dll - ok
20:21:29.0085 4872 [ EF12B8385AA2849999008A977918F96B ] C:\Windows\System32\msv1_0.dll
20:21:29.0085 4872 C:\Windows\System32\msv1_0.dll - ok
20:21:29.0101 4872 [ EC7CBFF96B05ECF3D366355B3C64ADCF ] C:\Windows\System32\wship6.dll
20:21:29.0101 4872 C:\Windows\System32\wship6.dll - ok
20:21:29.0116 4872 [ AA339DD8BB128EF66660DFBBB59043D3 ] C:\Windows\System32\netlogon.dll
20:21:29.0116 4872 C:\Windows\System32\netlogon.dll - ok
20:21:29.0132 4872 [ 492D07D79E7024CA310867B526D9636D ] C:\Windows\System32\dnsapi.dll
20:21:29.0132 4872 C:\Windows\System32\dnsapi.dll - ok
20:21:29.0147 4872 [ 8FFE297B8449386E7B6851458B6E474E ] C:\Windows\System32\logoncli.dll
20:21:29.0147 4872 C:\Windows\System32\logoncli.dll - ok
20:21:29.0163 4872 [ 1573C45E65DE32B1BC3572634F8F1E8E ] C:\Windows\System32\schannel.dll
20:21:29.0163 4872 C:\Windows\System32\schannel.dll - ok
20:21:29.0179 4872 [ 95FB6CA4374E343DDD653FCC43F9D26B ] C:\Windows\System32\wdigest.dll
20:21:29.0179 4872 C:\Windows\System32\wdigest.dll - ok
20:21:29.0179 4872 [ 5D8874A8C11DDDDE29E12DE0E2013493 ] C:\Windows\System32\rsaenh.dll
20:21:29.0179 4872 C:\Windows\System32\rsaenh.dll - ok
20:21:29.0194 4872 [ 8A25506B6948EFBD5A7F37E53CCD36D9 ] C:\Windows\System32\TSpkg.dll
20:21:29.0194 4872 C:\Windows\System32\TSpkg.dll - ok
20:21:29.0210 4872 [ E08088A97F95345E181C3DFCE2C615EF ] C:\Windows\System32\pku2u.dll
20:21:29.0210 4872 C:\Windows\System32\pku2u.dll - ok
20:21:29.0225 4872 [ 7DBA64AD70C2E2481C68D9E0F7CD7840 ] C:\Windows\System32\LIVESSP.DLL
20:21:29.0225 4872 C:\Windows\System32\LIVESSP.DLL - ok
20:21:29.0241 4872 [ D6C7780A364C6BBACFA796BAB9F1B374 ] C:\Windows\System32\bcryptprimitives.dll
20:21:29.0241 4872 C:\Windows\System32\bcryptprimitives.dll - ok
20:21:29.0257 4872 [ 90BDEFC5DF334E5100EAA781D798DE1A ] C:\Windows\System32\efslsaext.dll
20:21:29.0257 4872 C:\Windows\System32\efslsaext.dll - ok
20:21:29.0272 4872 [ 52D3D5E3586988D4D9E34ACAAC33105C ] C:\Windows\System32\credssp.dll
20:21:29.0272 4872 C:\Windows\System32\credssp.dll - ok
20:21:29.0272 4872 [ ED78427259134C63ED69804D2132B86C ] C:\Windows\System32\scecli.dll
20:21:29.0272 4872 C:\Windows\System32\scecli.dll - ok
20:21:29.0288 4872 [ 7CC7DF5B654DA579613F811D8C637E29 ] C:\Windows\System32\ubpm.dll
20:21:29.0288 4872 C:\Windows\System32\ubpm.dll - ok
20:21:29.0303 4872 [ 6F68F63794097E54F36474ED4384B759 ] C:\Windows\System32\svchost.exe
20:21:29.0303 4872 C:\Windows\System32\svchost.exe - ok
20:21:29.0319 4872 [ 25FBDEF06C4D92815B353F6E792C8129 ] C:\Windows\System32\umpnpmgr.dll
20:21:29.0319 4872 C:\Windows\System32\umpnpmgr.dll - ok
20:21:29.0335 4872 [ E6EB44ABAAF1F330119F854856C53EBE ] C:\Windows\System32\SPInf.dll
20:21:29.0335 4872 C:\Windows\System32\SPInf.dll - ok
20:21:29.0350 4872 [ CD1B5AD07E5F7FEF30E055DCC9E96180 ] C:\Windows\System32\devrtl.dll
20:21:29.0350 4872 C:\Windows\System32\devrtl.dll - ok
20:21:29.0366 4872 [ 7A17485DC7D8A7AC81321A42CD034519 ] C:\Windows\System32\userenv.dll
20:21:29.0366 4872 C:\Windows\System32\userenv.dll - ok
20:21:29.0366 4872 [ 9C9307C95671AC962F3D6EB3A4A89BAE ] C:\Windows\System32\gpapi.dll
20:21:29.0366 4872 C:\Windows\System32\gpapi.dll - ok
20:21:29.0381 4872 [ 6BA9D927DDED70BD1A9CADED45F8B184 ] C:\Windows\System32\umpo.dll
20:21:29.0381 4872 C:\Windows\System32\umpo.dll - ok
20:21:29.0397 4872 [ F6C011B46FAEEF33536B2E80F48B5CBE ] C:\Windows\System32\pcwum.dll
20:21:29.0397 4872 C:\Windows\System32\pcwum.dll - ok
20:21:29.0413 4872 [ 716175021BDA290504CE434273F666BC ] C:\Windows\System32\powrprof.dll
20:21:29.0413 4872 C:\Windows\System32\powrprof.dll - ok
20:21:29.0428 4872 [ 43D0F98E1D56CCDDB0D5254CFF7B356E ] C:\Windows\System32\drivers\luafv.sys
20:21:29.0428 4872 C:\Windows\System32\drivers\luafv.sys - ok
20:21:29.0444 4872 [ A8FE8F2783B2929B56F5370A89356CE9 ] C:\Windows\System32\drivers\mbam.sys
20:21:29.0444 4872 C:\Windows\System32\drivers\mbam.sys - ok
20:21:29.0459 4872 [ 5C627D1B1138676C0A7AB2C2C190D123 ] C:\Windows\System32\rpcss.dll
20:21:29.0459 4872 C:\Windows\System32\rpcss.dll - ok
20:21:29.0459 4872 [ E4DC58CF7B3EA515AE917FF0D402A7BB ] C:\Windows\System32\RpcEpMap.dll
20:21:29.0459 4872 C:\Windows\System32\RpcEpMap.dll - ok
20:21:29.0475 4872 [ 31559F3244C6BC00A52030CAA83B6B91 ] C:\Windows\System32\WSHTCPIP.DLL
20:21:29.0475 4872 C:\Windows\System32\WSHTCPIP.DLL - ok
20:21:29.0491 4872 [ 16E964ABF6D1E0F0CC7822FCA9BA754D ] C:\Windows\System32\wshqos.dll
20:21:29.0491 4872 C:\Windows\System32\wshqos.dll - ok
20:21:29.0506 4872 [ CC8E4F72F21340A4D3A3D4DB50313EF5 ] C:\Program Files\Microsoft Security Client\MsMpEng.exe
20:21:29.0506 4872 C:\Program Files\Microsoft Security Client\MsMpEng.exe - ok
20:21:29.0522 4872 [ 9AD9E06F8656F296D91FAE8EE5B95A27 ] C:\Windows\System32\FirewallAPI.dll
20:21:29.0522 4872 C:\Windows\System32\FirewallAPI.dll - ok
20:21:29.0537 4872 [ 715F03B4C7223349768013EA95D9E5B7 ] C:\Windows\System32\LogonUI.exe
20:21:29.0537 4872 C:\Windows\System32\LogonUI.exe - ok
20:21:29.0537 4872 [ 0BEE002C68E28CE6DA161DCF1376D7D7 ] C:\Windows\System32\authui.dll
20:21:29.0537 4872 C:\Windows\System32\authui.dll - ok
20:21:29.0553 4872 [ BCF8F2758AA5C451F8E366C66A98BBFE ] C:\Program Files\Microsoft Security Client\MpSvc.dll
20:21:29.0553 4872 C:\Program Files\Microsoft Security Client\MpSvc.dll - ok
20:21:29.0569 4872 [ 2F67DEE6452EBC9F4A6C97A1CCC232FE ] C:\Program Files\Microsoft Security Client\MpClient.dll
20:21:29.0569 4872 C:\Program Files\Microsoft Security Client\MpClient.dll - ok
20:21:29.0584 4872 [ BD3674BE7FC9D8D3732C83E8499576ED ] C:\Windows\System32\wtsapi32.dll
20:21:29.0584 4872 C:\Windows\System32\wtsapi32.dll - ok
20:21:29.0600 4872 [ B3BFBD758506ECB50C5804AAA76318F9 ] C:\Windows\System32\cryptui.dll
20:21:29.0600 4872 C:\Windows\System32\cryptui.dll - ok
20:21:29.0615 4872 [ 1F4492FE41767CDB8B89D17655847CDD ] C:\Windows\System32\ntmarta.dll
20:21:29.0615 4872 C:\Windows\System32\ntmarta.dll - ok
20:21:29.0631 4872 [ 7FA8FDC2C2A27817FD0F624E78D3B50C ] C:\Windows\winsxs\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac\comctl32.dll
20:21:29.0631 4872 C:\Windows\winsxs\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac\comctl32.dll - ok
20:21:29.0647 4872 [ 5B3EBFC3DA142324B388DDCC4465E1FF ] C:\Windows\System32\samlib.dll
20:21:29.0647 4872 C:\Windows\System32\samlib.dll - ok
20:21:29.0662 4872 [ 4E9C2DB10F7E6AE91BF761139D4B745B ] C:\Windows\System32\shacct.dll
20:21:29.0662 4872 C:\Windows\System32\shacct.dll - ok
20:21:29.0678 4872 [ F06BB4E336EA57511FDBAFAFCC47DE62 ] C:\Windows\System32\propsys.dll
20:21:29.0678 4872 C:\Windows\System32\propsys.dll - ok
20:21:29.0693 4872 [ D29E998E8277666982B4F0303BF4E7AF ] C:\Windows\System32\uxtheme.dll
20:21:29.0693 4872 C:\Windows\System32\uxtheme.dll - ok
20:21:29.0709 4872 [ 179E8401224D557ECFF3695F2016EA5B ] C:\Windows\winsxs\amd64_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.17825_none_2b253c8271ec7765\GdiPlus.dll
20:21:29.0709 4872 C:\Windows\winsxs\amd64_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.17825_none_2b253c8271ec7765\GdiPlus.dll - ok
20:21:29.0725 4872 [ 3CB6A7286422C72C34DAB54A5DFF1A34 ] C:\Windows\System32\dui70.dll
20:21:29.0725 4872 C:\Windows\System32\dui70.dll - ok
20:21:29.0740 4872 [ 5F10310A5A9273475AA04930DFE16742 ] C:\Program Files\Microsoft Security Client\EppManifest.dll
20:21:29.0740 4872 C:\Program Files\Microsoft Security Client\EppManifest.dll - ok
20:21:29.0756 4872 [ 2F2E91FD092811353C3BC968BEC274D8 ] C:\Windows\System32\atiesrxx.exe
20:21:29.0756 4872 C:\Windows\System32\atiesrxx.exe - ok
20:21:29.0756 4872 [ 8CCDE014A4CDF84564E03ACE064CA753 ] C:\Windows\System32\duser.dll
20:21:29.0756 4872 C:\Windows\System32\duser.dll - ok
20:21:29.0771 4872 [ D7F1EF374A90709B31591823B002F918 ] C:\Windows\System32\SndVolSSO.dll
20:21:29.0771 4872 C:\Windows\System32\SndVolSSO.dll - ok
20:21:29.0787 4872 [ BF62F3BC1BE0700804EC394BB77F02C4 ] C:\Program Files\Microsoft Security Client\MpRTP.dll
20:21:29.0787 4872 C:\Program Files\Microsoft Security Client\MpRTP.dll - ok
20:21:29.0803 4872 [ 896F15A6434D93EDB42519D5E18E6B50 ] C:\Windows\System32\hid.dll
20:21:29.0803 4872 C:\Windows\System32\hid.dll - ok
20:21:29.0818 4872 [ 227E2C382A1E02F8D4965E664D3BBE43 ] C:\Windows\System32\MMDevAPI.dll
20:21:29.0818 4872 C:\Windows\System32\MMDevAPI.dll - ok
20:21:29.0834 4872 [ F3D202F53A222D5F6944D459B73CF967 ] C:\Windows\System32\fltLib.dll
20:21:29.0834 4872 C:\Windows\System32\fltLib.dll - ok
20:21:29.0834 4872 [ FF7E814CBFEC3C27922C13BB94667416 ] C:\Program Files\Microsoft Security Client\MsMpLics.dll
20:21:29.0834 4872 C:\Program Files\Microsoft Security Client\MsMpLics.dll - ok
20:21:29.0849 4872 [ DA1B7075260F3872585BFCDD668C648B ] C:\Windows\System32\dwmapi.dll
20:21:29.0849 4872 C:\Windows\System32\dwmapi.dll - ok
20:21:29.0865 4872 [ 05BF204EC0E82CC4A054DB189C8A3D84 ] C:\Windows\System32\drivers\MpFilter.sys
20:21:29.0865 4872 C:\Windows\System32\drivers\MpFilter.sys - ok
20:21:29.0881 4872 [ 6F8B48F3D343E4B186AB6A9E302B7E16 ] C:\Windows\System32\xmllite.dll
20:21:29.0881 4872 C:\Windows\System32\xmllite.dll - ok
20:21:29.0896 4872 [ 12FD09889C8A6141C8D10F7AE48BBAC8 ] C:\Program Files\Microsoft Security Client\NisIpsPlugin.dll
20:21:29.0896 4872 C:\Program Files\Microsoft Security Client\NisIpsPlugin.dll - ok
20:21:29.0912 4872 [ 26B73A85855681500BCC25C7CD9FF5B1 ] C:\Windows\System32\WindowsCodecs.dll
20:21:29.0912 4872 C:\Windows\System32\WindowsCodecs.dll - ok
20:21:29.0927 4872 [ 6011714C8C5C55CBFFAD24D61E879FBD ] C:\Windows\System32\wevtsvc.dll
20:21:29.0927 4872 C:\Windows\System32\wevtsvc.dll - ok
20:21:29.0943 4872 [ D527EF4364D2D00443470940B177EAD4 ] C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{27B1D385-2CEA-4839-848B-B4C409DAEB30}\mpengine.dll
20:21:29.0943 4872 C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{27B1D385-2CEA-4839-848B-B4C409DAEB30}\mpengine.dll - ok
20:21:29.0959 4872 [ 588CD0C78A7FAAE4186B5EEA0AF3ED67 ] C:\Windows\System32\adtschema.dll
20:21:29.0959 4872 C:\Windows\System32\adtschema.dll - ok
20:21:29.0959 4872 [ 9F2BACD5E1776A4BB7CC0EC3C3A4F96D ] C:\Windows\System32\winbrand.dll
20:21:29.0959 4872 C:\Windows\System32\winbrand.dll - ok
20:21:29.0974 4872 [ C2762A57DF0EE85E63CE4893C5215313 ] C:\Windows\System32\VaultCredProvider.dll
20:21:29.0974 4872 C:\Windows\System32\VaultCredProvider.dll - ok
20:21:29.0990 4872 [ 4FADA86E62F18A1B2F42BA18AE24E6AA ] C:\Windows\System32\wlansvc.dll
20:21:29.0990 4872 C:\Windows\System32\wlansvc.dll - ok
20:21:30.0005 4872 [ CA2985996BB49924B677113DF95CFEA7 ] C:\Windows\System32\SmartcardCredentialProvider.dll
20:21:30.0005 4872 C:\Windows\System32\SmartcardCredentialProvider.dll - ok
20:21:30.0021 4872 [ BF352E73615F5461AA6884472435A544 ] C:\Windows\System32\BioCredProv.dll
20:21:30.0021 4872 C:\Windows\System32\BioCredProv.dll - ok
20:21:30.0037 4872 [ 50544D04AD845C43130B70212EC05CCD ] C:\Windows\System32\microsoft-windows-kernel-power-events.dll
20:21:30.0037 4872 C:\Windows\System32\microsoft-windows-kernel-power-events.dll - ok
20:21:30.0052 4872 [ F23FEF6D569FCE88671949894A8BECF1 ] C:\Windows\System32\audiosrv.dll
20:21:30.0052 4872 C:\Windows\System32\audiosrv.dll - ok
20:21:30.0068 4872 [ DA6B67270FD9DB3697B20FCE94950741 ] C:\Windows\System32\drivers\fltMgr.sys
20:21:30.0068 4872 C:\Windows\System32\drivers\fltMgr.sys - ok
20:21:30.0068 4872 [ 796B8123A7859AFD3A4AE10514DBAEB5 ] C:\Windows\System32\winbio.dll
20:21:30.0068 4872 C:\Windows\System32\winbio.dll - ok
20:21:30.0083 4872 [ CC0AB40F02D2C2A12209715A3C1B07B8 ] C:\Windows\System32\credui.dll
20:21:30.0083 4872 C:\Windows\System32\credui.dll - ok
20:21:30.0099 4872 [ 78A1E65207484B7F8D3217507745F47C ] C:\Windows\System32\avrt.dll
20:21:30.0099 4872 C:\Windows\System32\avrt.dll - ok
20:21:30.0115 4872 [ 5F28111C648F1E24F7DBC87CDEB091B8 ] C:\Windows\System32\netprofm.dll
20:21:30.0115 4872 C:\Windows\System32\netprofm.dll - ok
20:21:30.0130 4872 [ EEEA40F0EDB0A6E5359E539E15D0BC77 ] C:\Windows\System32\netapi32.dll
20:21:30.0130 4872 C:\Windows\System32\netapi32.dll - ok
20:21:30.0146 4872 [ 44B9C66177651F3F53C87B665D58D17A ] C:\Windows\System32\vaultcli.dll
20:21:30.0146 4872 C:\Windows\System32\vaultcli.dll - ok
20:21:30.0146 4872 [ 6CECA4C6A489C9B2E6073AFDAAE3F607 ] C:\Windows\System32\netutils.dll
20:21:30.0146 4872 C:\Windows\System32\netutils.dll - ok
20:21:30.0161 4872 [ 3C91392D448F6E5D525A85B7550D8BA9 ] C:\Windows\System32\wkscli.dll
20:21:30.0161 4872 C:\Windows\System32\wkscli.dll - ok
20:21:30.0177 4872 [ FC51229C7D4AFA0D6F186133728B95AB ] C:\Windows\System32\samcli.dll
20:21:30.0177 4872 C:\Windows\System32\samcli.dll - ok
20:21:30.0193 4872 [ 08D8C5E32648D6E7976F0458545EA600 ] C:\Program Files\TOSHIBA\SmartFaceV\SmartFaceVCP.dll
20:21:30.0193 4872 C:\Program Files\TOSHIBA\SmartFaceV\SmartFaceVCP.dll - ok
20:21:30.0208 4872 [ E40E80D0304A73E8D269F7141D77250B ] C:\Windows\System32\mmcss.dll
20:21:30.0208 4872 C:\Windows\System32\mmcss.dll - ok
20:21:30.0224 4872 [ A3DB3C17EE6CAE65D53602B4E80BCCBC ] C:\Windows\System32\PSHED.DLL
20:21:30.0224 4872 C:\Windows\System32\PSHED.DLL - ok
20:21:30.0239 4872 [ D037BEA6039248D4DE0C5F361F19970D ] C:\Program Files\TOSHIBA\SmartFaceV\SmartFaceVHelper.dll
20:21:30.0239 4872 C:\Program Files\TOSHIBA\SmartFaceV\SmartFaceVHelper.dll - ok
20:21:30.0255 4872 [ 54FFC9C8898113ACE189D4AA7199D2C1 ] C:\Windows\System32\MPSSVC.dll
20:21:30.0255 4872 C:\Windows\System32\MPSSVC.dll - ok
20:21:30.0255 4872 [ D5CCA1453B98A5801E6D5FF0FF89DC6C ] C:\Windows\System32\audiodg.exe
20:21:30.0255 4872 C:\Windows\System32\audiodg.exe - ok
20:21:30.0271 4872 [ 7AE92C896AF9ABFBDB18C1D055B6EBA7 ] C:\Windows\winsxs\amd64_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.4940_none_88df89932faf0bf6\msvcp80.dll
20:21:30.0271 4872 C:\Windows\winsxs\amd64_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.4940_none_88df89932faf0bf6\msvcp80.dll - ok
20:21:30.0286 4872 [ B0945E538CF906BBDDC5A11C8EE868CC ] C:\Windows\System32\microsoft-windows-kernel-processor-power-events.dll
20:21:30.0286 4872 C:\Windows\System32\microsoft-windows-kernel-processor-power-events.dll - ok
20:21:30.0302 4872 [ 06A754FE28A06F780A099703CFCAAA22 ] C:\Windows\winsxs\amd64_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.4940_none_88df89932faf0bf6\msvcr80.dll
20:21:30.0302 4872 C:\Windows\winsxs\amd64_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.4940_none_88df89932faf0bf6\msvcr80.dll - ok
20:21:30.0317 4872 [ 9AE75388EE2C110216B8319584E8AC34 ] C:\Program Files\TOSHIBA\SmartFaceV\SmartFaceVCtrl.dll
20:21:30.0317 4872 C:\Program Files\TOSHIBA\SmartFaceV\SmartFaceVCtrl.dll - ok
20:21:30.0333 4872 [ 277BBC7E1AA1EE957F573A10ECA7EF3A ] C:\Windows\System32\gpsvc.dll
20:21:30.0333 4872 C:\Windows\System32\gpsvc.dll - ok
20:21:30.0333 4872 [ EF2AE43BCD46ABB13FC3E5B2B1935C73 ] C:\Windows\System32\winmm.dll
20:21:30.0349 4872 C:\Windows\System32\winmm.dll - ok
20:21:30.0349 4872 [ 2A9238A326763122424E07EF320D5D3A ] C:\Program Files\TOSHIBA\SmartFaceV\FaceRec.dll
20:21:30.0349 4872 C:\Program Files\TOSHIBA\SmartFaceV\FaceRec.dll - ok
20:21:30.0364 4872 [ 46BB91A169B9B31FF44EB04C48EC1D41 ] C:\Windows\System32\nlaapi.dll
20:21:30.0364 4872 C:\Windows\System32\nlaapi.dll - ok
20:21:30.0380 4872 [ 53E83F1F6CF9D62F32801CF66D8352A8 ] C:\Windows\System32\profsvc.dll
20:21:30.0380 4872 C:\Windows\System32\profsvc.dll - ok
20:21:30.0395 4872 [ 58775492FFD419248B08325E583C527F ] C:\Windows\System32\atl.dll
20:21:30.0395 4872 C:\Windows\System32\atl.dll - ok
20:21:30.0411 4872 [ F0344071948D1A1FA732231785A0664C ] C:\Windows\System32\themeservice.dll
20:21:30.0411 4872 C:\Windows\System32\themeservice.dll - ok
20:21:30.0427 4872 [ A77BE7CB3222B4FB0AC6C71D1C2698D4 ] C:\Windows\System32\dsrole.dll
20:21:30.0427 4872 C:\Windows\System32\dsrole.dll - ok
20:21:30.0442 4872 [ BE097F5BB10F9079FCEB2DC4E7E20F02 ] C:\Windows\System32\slc.dll
20:21:30.0442 4872 C:\Windows\System32\slc.dll - ok
20:21:30.0442 4872 [ 91175B7E997CFAC64F271A15B4217BC7 ] C:\Program Files\TOSHIBA\SmartFaceV\FaceHI.dll
20:21:30.0442 4872 C:\Program Files\TOSHIBA\SmartFaceV\FaceHI.dll - ok
20:21:30.0458 4872 [ 4166F82BE4D24938977DD1746BE9B8A0 ] C:\Windows\System32\es.dll
20:21:30.0458 4872 C:\Windows\System32\es.dll - ok
20:21:30.0473 4872 [ 1A47D52E303B7543E4E6026595B95422 ] C:\Windows\System32\comres.dll
20:21:30.0473 4872 C:\Windows\System32\comres.dll - ok
20:21:30.0489 4872 [ C32AB8FA018EF34C0F113BD501436D21 ] C:\Windows\System32\Sens.dll
20:21:30.0489 4872 C:\Windows\System32\Sens.dll - ok
20:21:30.0505 4872 [ EDBB23CBCF2CDF727D64FF9B51A6070E ] C:\Windows\System32\uxsms.dll
20:21:30.0505 4872 C:\Windows\System32\uxsms.dll - ok
20:21:30.0520 4872 [ 1538831CF8AD2979A04C423779465827 ] C:\Windows\System32\drivers\lltdio.sys
20:21:30.0520 4872 C:\Windows\System32\drivers\lltdio.sys - ok
20:21:30.0536 4872 [ 1EA3749C4114DB3E3161156FFFFA6B33 ] C:\Windows\System32\drivers\nwifi.sys
20:21:30.0536 4872 C:\Windows\System32\drivers\nwifi.sys - ok
20:21:30.0551 4872 [ 136185F9FB2CC61E573E676AA5402356 ] C:\Windows\System32\drivers\ndisuio.sys
20:21:30.0551 4872 C:\Windows\System32\drivers\ndisuio.sys - ok
20:21:30.0567 4872 [ DDC86E4F8E7456261E637E3552E804FF ] C:\Windows\System32\drivers\rspndr.sys
20:21:30.0567 4872 C:\Windows\System32\drivers\rspndr.sys - ok
20:21:30.0567 4872 [ 2B81776DA02017A37FE26C662827470E ] C:\Windows\System32\IPHLPAPI.DLL
20:21:30.0567 4872 C:\Windows\System32\IPHLPAPI.DLL - ok
20:21:30.0583 4872 [ F993A32249B66C9D622EA5592A8B76B8 ] C:\Windows\System32\lmhsvc.dll
20:21:30.0583 4872 C:\Windows\System32\lmhsvc.dll - ok
20:21:30.0598 4872 [ D54BFDF3E0C953F823B3D0BFE4732528 ] C:\Windows\System32\nsisvc.dll
20:21:30.0598 4872 C:\Windows\System32\nsisvc.dll - ok
20:21:30.0614 4872 [ 43D808F5D9E1A18E5EEB5EBC83969E4E ] C:\Windows\System32\dhcpcore.dll
20:21:30.0614 4872 C:\Windows\System32\dhcpcore.dll - ok
20:21:30.0629 4872 [ B73A6E4B319AFFE64582AC5C1801BB3F ] C:\Windows\System32\nrpsrv.dll
20:21:30.0629 4872 C:\Windows\System32\nrpsrv.dll - ok
20:21:30.0629 4872 [ 4C9210E8F4E052F6A4EB87716DA0C24C ] C:\Windows\System32\winnsi.dll
20:21:30.0629 4872 C:\Windows\System32\winnsi.dll - ok
20:21:30.0645 4872 [ 3CC16A849E6092E43909F48EF0E60306 ] C:\Windows\System32\dhcpcore6.dll
20:21:30.0645 4872 C:\Windows\System32\dhcpcore6.dll - ok
20:21:30.0661 4872 [ 16835866AAA693C7D7FCEBA8FFF706E4 ] C:\Windows\System32\dnsrslvr.dll
20:21:30.0661 4872 C:\Windows\System32\dnsrslvr.dll - ok
20:21:30.0676 4872 [ E2DDA8726DA9CB5B2C4000C9018A9633 ] C:\Windows\System32\eapsvc.dll
20:21:30.0676 4872 C:\Windows\System32\eapsvc.dll - ok
20:21:30.0692 4872 [ F9EC845C5EECF20E9A67F9F805F2EF1F ] C:\Windows\System32\keyiso.dll
20:21:30.0692 4872 C:\Windows\System32\keyiso.dll - ok
20:21:30.0707 4872 [ 87356377F31DA5F20A833811CD59499C ] C:\Windows\System32\eapphost.dll
20:21:30.0707 4872 C:\Windows\System32\eapphost.dll - ok
20:21:30.0723 4872 [ 0040C486584A8E582C861CFB57AB5387 ] C:\Windows\System32\FWPUCLNT.DLL
20:21:30.0723 4872 C:\Windows\System32\FWPUCLNT.DLL - ok
20:21:30.0739 4872 [ 9FCA3A84338ADEF2AFF67CDA46EF8539 ] C:\Windows\System32\umb.dll
20:21:30.0739 4872 C:\Windows\System32\umb.dll - ok
20:21:30.0739 4872 [ A648C4A06DE367065B24056D067B4460 ] C:\Windows\System32\wlanmsm.dll
20:21:30.0739 4872 C:\Windows\System32\wlanmsm.dll - ok
20:21:30.0754 4872 [ 06A1386B6E3A0CBC368665C1840906F4 ] C:\Windows\System32\wlansec.dll
20:21:30.0754 4872 C:\Windows\System32\wlansec.dll - ok
20:21:30.0770 4872 [ 885D0942E0F28DB90919BE3129ECF279 ] C:\Windows\System32\dnsext.dll
20:21:30.0770 4872 C:\Windows\System32\dnsext.dll - ok
20:21:30.0785 4872 [ F568F7C08458D69E4FCD8675BBB107E4 ] C:\Windows\System32\dhcpcsvc.dll
20:21:30.0785 4872 C:\Windows\System32\dhcpcsvc.dll - ok
20:21:30.0801 4872 [ 73FCB7919DEE80EE556F2E498594EBAE ] C:\Windows\System32\onex.dll
20:21:30.0801 4872 C:\Windows\System32\onex.dll - ok
20:21:30.0817 4872 [ 65522E77A1360DBC8D199DA3BF5EFFE4 ] C:\Windows\System32\eappprxy.dll
20:21:30.0817 4872 C:\Windows\System32\eappprxy.dll - ok
20:21:30.0832 4872 [ 3C06D5A929B798D0B13F6481242A0FD2 ] C:\Windows\System32\dhcpcsvc6.dll
20:21:30.0832 4872 C:\Windows\System32\dhcpcsvc6.dll - ok
20:21:30.0848 4872 [ 0D753307D274F3688BD21C377B616700 ] C:\Windows\System32\eappcfg.dll
20:21:30.0848 4872 C:\Windows\System32\eappcfg.dll - ok
20:21:30.0848 4872 [ 97E43F324BE1503CB2FFB058534688DA ] C:\Windows\System32\l2gpstore.dll
20:21:30.0848 4872 C:\Windows\System32\l2gpstore.dll - ok
20:21:30.0863 4872 [ 7D5645EE0EA77D539828433D9B95F5EB ] C:\Windows\System32\WinSCard.dll
20:21:30.0863 4872 C:\Windows\System32\WinSCard.dll - ok
20:21:30.0879 4872 [ 7F1B4C6FF3B85F9ADF74055187B8A22C ] C:\Windows\System32\wlanutil.dll
20:21:30.0879 4872 C:\Windows\System32\wlanutil.dll - ok
20:21:30.0895 4872 [ 730BF204A595D5B6D7DC57A247CC741C ] C:\Windows\System32\wlgpclnt.dll
20:21:30.0895 4872 C:\Windows\System32\wlgpclnt.dll - ok
20:21:30.0910 4872 [ 4FFDE68C4B7C9993FA551E7E36DDB34D ] C:\Windows\System32\msxml6.dll
20:21:30.0910 4872 C:\Windows\System32\msxml6.dll - ok
20:21:30.0926 4872 [ AAF932B4011D14052955D4B212A4DA8D ] C:\Windows\System32\shsvcs.dll
20:21:30.0926 4872 C:\Windows\System32\shsvcs.dll - ok
20:21:30.0926 4872 [ 9C5BF3E0541B8A2F85DF1D642E495EE4 ] C:\Program Files\TOSHIBA\SmartFaceV\SmartFaceVLogOn.dll
20:21:30.0926 4872 C:\Program Files\TOSHIBA\SmartFaceV\SmartFaceVLogOn.dll - ok
20:21:30.0941 4872 [ 972C3301DB3DA91AE06A95F6B4160B1B ] C:\Windows\System32\certCredProvider.dll
20:21:30.0941 4872 C:\Windows\System32\certCredProvider.dll - ok
20:21:30.0957 4872 [ 032229246107C5C7211E6D1498B52D3D ] C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDCREDPROV.DLL
20:21:30.0957 4872 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDCREDPROV.DLL - ok
20:21:30.0973 4872 [ 87FA0C48C3B2E9FEE518818FE26B15B5 ] C:\Windows\System32\rasplap.dll
20:21:30.0973 4872 C:\Windows\System32\rasplap.dll - ok
20:21:30.0988 4872 [ 019CD868461B646E09BDF04474C19341 ] C:\Windows\System32\rasapi32.dll
20:21:30.0988 4872 C:\Windows\System32\rasapi32.dll - ok
20:21:31.0004 4872 [ B28DEEC597C8DEB70C744C7CF9210E3E ] C:\Windows\System32\rasman.dll
20:21:31.0004 4872 C:\Windows\System32\rasman.dll - ok
20:21:31.0019 4872 [ B53C4B69B695EDA1B7E41D35CA4244E2 ] C:\Windows\System32\rtutils.dll
20:21:31.0019 4872 C:\Windows\System32\rtutils.dll - ok
20:21:31.0035 4872 [ 1473768973453DE50DC738C2955FC4DD ] C:\Windows\System32\wdmaud.drv
20:21:31.0035 4872 C:\Windows\System32\wdmaud.drv - ok
20:21:31.0035 4872 [ 8560FFFC8EB3A806DCD4F82252CFC8C6 ] C:\Windows\System32\ksuser.dll
20:21:31.0035 4872 C:\Windows\System32\ksuser.dll - ok
20:21:31.0051 4872 [ 03706015DB44368375AEBE6339490E66 ] C:\Windows\System32\netcfgx.dll
20:21:31.0051 4872 C:\Windows\System32\netcfgx.dll - ok
20:21:31.0066 4872 [ CF636C92B762B26F0B39B38E92380A09 ] C:\Windows\System32\oleacc.dll
20:21:31.0066 4872 C:\Windows\System32\oleacc.dll - ok
20:21:31.0082 4872 [ 019BDD35DE269CB98B22DE8923C2AA3B ] C:\Windows\System32\UIAutomationCore.dll
20:21:31.0082 4872 C:\Windows\System32\UIAutomationCore.dll - ok
20:21:31.0097 4872 [ DC220AE6F64819099F7EBD6F137E32E7 ] C:\Windows\System32\AudioSes.dll
20:21:31.0097 4872 C:\Windows\System32\AudioSes.dll - ok
20:21:31.0113 4872 [ 6A638FC4BFDDC4D9B186C28C91BD1A01 ] C:\Windows\System32\drivers\vwifimp.sys
20:21:31.0113 4872 C:\Windows\System32\drivers\vwifimp.sys - ok
20:21:31.0129 4872 [ 262F6592C3299C005FD6BEC90FC4463A ] C:\Windows\System32\schedsvc.dll
20:21:31.0129 4872 C:\Windows\System32\schedsvc.dll - ok
20:21:31.0129 4872 [ BC414631876B2F28B8DAB08E849C12C5 ] C:\Windows\System32\ktmw32.dll
20:21:31.0129 4872 C:\Windows\System32\ktmw32.dll - ok
20:21:31.0144 4872 [ 9BC8610C32C96A2983A65DC21CAFA921 ] C:\Windows\System32\UXInit.dll
20:21:31.0144 4872 C:\Windows\System32\UXInit.dll - ok
20:21:31.0160 4872 [ 13EB517A22F8AE2E4A02718C163BA401 ] C:\Windows\System32\atieclxx.exe
20:21:31.0160 4872 C:\Windows\System32\atieclxx.exe - ok
20:21:31.0175 4872 [ 10AC5CE9F78DC281A1BBD9B8CC587B8A ] C:\Windows\System32\msacm32.dll
20:21:31.0175 4872 C:\Windows\System32\msacm32.dll - ok
20:21:31.0191 4872 [ 1B7C3A37362C7B2890168C5FC61C8D9B ] C:\Windows\System32\msacm32.drv
20:21:31.0191 4872 C:\Windows\System32\msacm32.drv - ok
20:21:31.0207 4872 [ CA2A0750ED830678997695FF61B04C30 ] C:\Windows\System32\midimap.dll
20:21:31.0207 4872 C:\Windows\System32\midimap.dll - ok
20:21:31.0207 4872 [ 6DC4A7242F565C9E9C9CCC7BB0FA75C7 ] C:\Windows\System32\taskcomp.dll
20:21:31.0207 4872 C:\Windows\System32\taskcomp.dll - ok
20:21:31.0222 4872 [ 5EDBB34736DD7AC1A73CF8792A835E10 ] C:\Windows\System32\AudioEng.dll
20:21:31.0222 4872 C:\Windows\System32\AudioEng.dll - ok
20:21:31.0238 4872 [ 3449B6738794D2234ED2C3FADA85D487 ] C:\Windows\System32\atiadlxx.dll
20:21:31.0238 4872 C:\Windows\System32\atiadlxx.dll - ok
20:21:31.0253 4872 [ C1395286B822E306B4FE1568A8A77813 ] C:\Windows\System32\AUDIOKSE.dll
20:21:31.0253 4872 C:\Windows\System32\AUDIOKSE.dll - ok
20:21:31.0269 4872 [ 945E54F23C72D37B8CD1987AF0DB63BF ] C:\Windows\System32\fveapi.dll
20:21:31.0269 4872 C:\Windows\System32\fveapi.dll - ok
20:21:31.0285 4872 [ 891ECFD08E2C538B7948CBC45106D697 ] C:\Windows\System32\fvecerts.dll
20:21:31.0285 4872 C:\Windows\System32\fvecerts.dll - ok
20:21:31.0300 4872 [ 694865362F0965779F92BCFE97712323 ] C:\Windows\System32\tbs.dll
20:21:31.0300 4872 C:\Windows\System32\tbs.dll - ok
20:21:31.0316 4872 [ 0EA7DE1ACB728DD5A369FD742D6EEE28 ] C:\Windows\System32\drivers\http.sys
20:21:31.0316 4872 C:\Windows\System32\drivers\http.sys - ok
20:21:31.0316 4872 [ 8269210DAF3B12BC8300631B28A2A442 ] C:\Windows\System32\wiarpc.dll
20:21:31.0316 4872 C:\Windows\System32\wiarpc.dll - ok
20:21:31.0331 4872 [ 85DAA09A98C9286D4EA2BA8D0E644377 ] C:\Windows\System32\spoolsv.exe
20:21:31.0331 4872 C:\Windows\System32\spoolsv.exe - ok
20:21:31.0347 4872 [ 5AA945234E9D4CCE4F715276B9AA712C ] C:\Windows\System32\imageres.dll
20:21:31.0347 4872 C:\Windows\System32\imageres.dll - ok
20:21:31.0363 4872 [ B6C244055D019CAC3FE8298DAD973D6D ] C:\Windows\System32\atimuixx.dll
20:21:31.0363 4872 C:\Windows\System32\atimuixx.dll - ok
20:21:31.0378 4872 [ 706B9A55E4B1EDD2F6C2D7A1CF37E197 ] C:\Windows\System32\RtkAPO64.dll
20:21:31.0378 4872 C:\Windows\System32\RtkAPO64.dll - ok
20:21:31.0394 4872 [ 82974D6A2FD19445CC5171FC378668A4 ] C:\Windows\System32\BFE.DLL
20:21:31.0394 4872 C:\Windows\System32\BFE.DLL - ok
20:21:31.0394 4872 [ ECAEC5FBBBEF8612AF0A866AFA5F7EF2 ] C:\Windows\System32\RTEEL64A.dll
20:21:31.0394 4872 C:\Windows\System32\RTEEL64A.dll - ok
20:21:31.0409 4872 [ A6286A6C7A1BBFCBA17AA54384A21D1C ] C:\Windows\System32\RTEED64A.dll
20:21:31.0409 4872 C:\Windows\System32\RTEED64A.dll - ok
20:21:31.0425 4872 [ 6C02A83164F5CC0A262F4199F0871CF5 ] C:\Windows\System32\drivers\bowser.sys
20:21:31.0425 4872 C:\Windows\System32\drivers\bowser.sys - ok
20:21:31.0441 4872 [ 6C38C9E45AE0EA2FA5E551F2ED5E978F ] C:\Windows\System32\drivers\mpsdrv.sys
20:21:31.0441 4872 C:\Windows\System32\drivers\mpsdrv.sys - ok
20:21:31.0456 4872 [ A5D9106A73DC88564C825D317CAC68AC ] C:\Windows\System32\drivers\mrxsmb.sys
20:21:31.0456 4872 C:\Windows\System32\drivers\mrxsmb.sys - ok
20:21:31.0472 4872 [ D711B3C1D5F42C0C2415687BE09FC163 ] C:\Windows\System32\drivers\mrxsmb10.sys
20:21:31.0472 4872 C:\Windows\System32\drivers\mrxsmb10.sys - ok
20:21:31.0487 4872 [ 9423E9D355C8D303E76B8CFBD8A5C30C ] C:\Windows\System32\drivers\mrxsmb20.sys
20:21:31.0487 4872 C:\Windows\System32\drivers\mrxsmb20.sys - ok
20:21:31.0503 4872 [ 851A1382EED3E3A7476DB004F4EE3E1A ] C:\Windows\System32\wkssvc.dll
20:21:31.0503 4872 C:\Windows\System32\wkssvc.dll - ok
20:21:31.0519 4872 [ C67F8A962B2534224D5908D16D2AD3CE ] C:\Windows\System32\wfapigp.dll
20:21:31.0519 4872 C:\Windows\System32\wfapigp.dll - ok
20:21:31.0519 4872 [ 9C01375BE382E834CC26D1B7EAF2C4FE ] C:\Windows\System32\cryptsvc.dll
20:21:31.0519 4872 C:\Windows\System32\cryptsvc.dll - ok
20:21:31.0534 4872 [ B26F4F737E8F9DF4F31AF6CF31D05820 ] C:\Windows\System32\dps.dll
20:21:31.0534 4872 C:\Windows\System32\dps.dll - ok
20:21:31.0550 4872 [ 8792BAB371B4B1589E015B6FD1ED3B15 ] C:\Windows\System32\cryptnet.dll
20:21:31.0550 4872 C:\Windows\System32\cryptnet.dll - ok
20:21:31.0565 4872 [ 0E2F58F6E698EDCB9E58FAD0CBCD0567 ] C:\Windows\System32\vssapi.dll
20:21:31.0565 4872 C:\Windows\System32\vssapi.dll - ok
20:21:31.0581 4872 [ 1834B31C749B86DAC233BBBA1C03BC48 ] C:\Windows\System32\mscms.dll
20:21:31.0581 4872 C:\Windows\System32\mscms.dll - ok
20:21:31.0597 4872 [ 802496CB59A30349F9A6DD22D6947644 ] C:\Windows\System32\FDResPub.dll
20:21:31.0597 4872 C:\Windows\System32\FDResPub.dll - ok
20:21:31.0612 4872 [ FCD84C381E0140AF901E58D48882D26B ] C:\Windows\System32\IKEEXT.DLL
20:21:31.0612 4872 C:\Windows\System32\IKEEXT.DLL - ok
20:21:31.0612 4872 [ F1B205F932F62F94506A5F332C895DAF ] C:\Windows\System32\WSDApi.dll
20:21:31.0612 4872 C:\Windows\System32\WSDApi.dll - ok
20:21:31.0628 4872 [ C55516D98DD5D8F0153C2A9B4227DA86 ] C:\Windows\System32\webservices.dll
20:21:31.0628 4872 C:\Windows\System32\webservices.dll - ok
20:21:31.0643 4872 [ 85B16A92B117A5A800032ECD904B86DB ] C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
20:21:31.0643 4872 C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe - ok
20:21:31.0659 4872 [ BAAFAF9CEAEC0B73C2A3550A01F6CECB ] C:\Windows\System32\taskschd.dll
20:21:31.0659 4872 C:\Windows\System32\taskschd.dll - ok
20:21:31.0675 4872 [ E73B0F1819602CB6EF176FB78D76A47B ] C:\Windows\SysWOW64\ntdll.dll
20:21:31.0675 4872 C:\Windows\SysWOW64\ntdll.dll - ok
20:21:31.0690 4872 [ B5055B51BAA0FD0A736A88653DA3C1C0 ] C:\Windows\System32\fundisc.dll
20:21:31.0690 4872 C:\Windows\System32\fundisc.dll - ok
20:21:31.0690 4872 [ 77B5035BC6EDF4D1B6265391AECEE4C0 ] C:\Windows\System32\vpnikeapi.dll
20:21:31.0706 4872 C:\Windows\System32\vpnikeapi.dll - ok
20:21:31.0706 4872 [ D29902687A6110FE637F87189C6A3FB5 ] C:\Windows\System32\wow64.dll
20:21:31.0706 4872 C:\Windows\System32\wow64.dll - ok
20:21:31.0721 4872 [ CFBE90EF20EE550F4A6B74CED16DAFCA ] C:\Windows\System32\wow64win.dll
20:21:31.0721 4872 C:\Windows\System32\wow64win.dll - ok
20:21:31.0737 4872 [ 3AEAA8B561E63452C655DC0584922257 ] C:\Windows\System32\pcasvc.dll
20:21:31.0737 4872 C:\Windows\System32\pcasvc.dll - ok
20:21:31.0753 4872 [ 287923557447D7E4BDD7E65B1F0F5428 ] C:\Windows\System32\vsstrace.dll
20:21:31.0753 4872 C:\Windows\System32\vsstrace.dll - ok
20:21:31.0768 4872 [ E9EEC159B08BFDD76FAD2C1C333223B3 ] C:\Windows\System32\wow64cpu.dll
20:21:31.0768 4872 C:\Windows\System32\wow64cpu.dll - ok
20:21:31.0784 4872 [ 9B98D47916EAD4F69EF51B56B0C2323C ] C:\Windows\SysWOW64\kernel32.dll
20:21:31.0784 4872 C:\Windows\SysWOW64\kernel32.dll - ok
20:21:31.0799 4872 [ 6313F223E817CC09AA41811DAA7F541D ] C:\Windows\System32\snmptrap.exe
20:21:31.0799 4872 C:\Windows\System32\snmptrap.exe - ok
20:21:31.0799 4872 [ 10EAB90C1AE8271B5FE5A8930987EE5C ] C:\Program Files\Windows Live\Mesh\WLRemoteServiceResource.dll
20:21:31.0815 4872 C:\Program Files\Windows Live\Mesh\WLRemoteServiceResource.dll - ok
20:21:31.0815 4872 [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB ] C:\Windows\System32\sstpsvc.dll
20:21:31.0815 4872 C:\Windows\System32\sstpsvc.dll - ok
20:21:31.0831 4872 [ 908ACB1F594274965A53926B10C81E89 ] C:\Windows\System32\provsvc.dll
20:21:31.0831 4872 C:\Windows\System32\provsvc.dll - ok
20:21:31.0846 4872 [ 58F4493BF748A3A89689997B7BD00E95 ] C:\Windows\System32\winhttp.dll
20:21:31.0846 4872 C:\Windows\System32\winhttp.dll - ok
20:21:31.0862 4872 [ 603EBD34E216C5654A2D774EAC98D278 ] C:\Windows\System32\webio.dll
20:21:31.0862 4872 C:\Windows\System32\webio.dll - ok
20:21:31.0877 4872 [ BCEA9AB347E53BC03B2E36BE0B8BA0EF ] C:\Windows\System32\httpapi.dll
20:21:31.0877 4872 C:\Windows\System32\httpapi.dll - ok
20:21:31.0893 4872 [ 53BB811ED12D2C867B354390FABF9612 ] C:\Windows\SysWOW64\KernelBase.dll
20:21:31.0893 4872 C:\Windows\SysWOW64\KernelBase.dll - ok
20:21:31.0909 4872 [ C0F7C25EEFB1C5FD554AAA801201A83C ] C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbam.dll
20:21:31.0909 4872 C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbam.dll - ok
20:21:31.0909 4872 [ 8CC3C111D653E96F3EA1590891491D71 ] C:\Windows\SysWOW64\shlwapi.dll
20:21:31.0924 4872 C:\Windows\SysWOW64\shlwapi.dll - ok
20:21:31.0924 4872 [ D6D3AD7BF1D6F6CE9547613ED5E170A2 ] C:\Windows\SysWOW64\gdi32.dll
20:21:31.0924 4872 C:\Windows\SysWOW64\gdi32.dll - ok
20:21:31.0940 4872 [ 5E0DB2D8B2750543CD2EBB9EA8E6CDD3 ] C:\Windows\SysWOW64\user32.dll
20:21:31.0940 4872 C:\Windows\SysWOW64\user32.dll - ok
20:21:31.0955 4872 [ 95E2376B3323F062EB562B8586D0F14A ] C:\Windows\SysWOW64\advapi32.dll
20:21:31.0955 4872 C:\Windows\SysWOW64\advapi32.dll - ok
20:21:31.0971 4872 [ 9DC80A8AAAAAC397BDAB3C67165A824E ] C:\Windows\SysWOW64\msvcrt.dll
20:21:31.0971 4872 C:\Windows\SysWOW64\msvcrt.dll - ok
20:21:31.0987 4872 [ C5AD8083CF94201F1F8084ECC696A8B7 ] C:\Windows\SysWOW64\rpcrt4.dll
20:21:31.0987 4872 C:\Windows\SysWOW64\rpcrt4.dll - ok
20:21:31.0987 4872 [ CFC97F07904067A1E5FAE195D534DA3A ] C:\Windows\SysWOW64\sechost.dll
20:21:31.0987 4872 C:\Windows\SysWOW64\sechost.dll - ok
20:21:32.0002 4872 [ EDA7AD21DF8945528F01F0A86D69E524 ] C:\Windows\SysWOW64\sspicli.dll
20:21:32.0002 4872 C:\Windows\SysWOW64\sspicli.dll - ok
20:21:32.0018 4872 [ F08F6FCD09F9BE94C37ACC1B344685FF ] C:\Windows\SysWOW64\cryptbase.dll
20:21:32.0018 4872 C:\Windows\SysWOW64\cryptbase.dll - ok
20:21:32.0033 4872 [ 384721EF4024890092625E20CADFAF85 ] C:\Windows\SysWOW64\lpk.dll
20:21:32.0033 4872 C:\Windows\SysWOW64\lpk.dll - ok
20:21:32.0049 4872 [ 804AAAFEBB3AD5F49334DD906BCB1DE5 ] C:\Windows\SysWOW64\usp10.dll
20:21:32.0049 4872 C:\Windows\SysWOW64\usp10.dll - ok
20:21:32.0065 4872 [ 29E9794708DF51DB5DC89FB2E903A0F6 ] C:\Windows\SysWOW64\shell32.dll
20:21:32.0065 4872 C:\Windows\SysWOW64\shell32.dll - ok
20:21:32.0080 4872 [ 0E7045E24F78351E021D3C01566DBBA3 ] C:\Program Files\Microsoft Security Client\MpAsDesc.dll
20:21:32.0080 4872 C:\Program Files\Microsoft Security Client\MpAsDesc.dll - ok
20:21:32.0096 4872 [ 5B8580B819BE32EEC18CE1FEC52A4BCE ] C:\Program Files\Microsoft Security Client\MpCmdRun.exe
20:21:32.0096 4872 C:\Program Files\Microsoft Security Client\MpCmdRun.exe - ok
20:21:32.0096 4872 [ 218A400108F280428FA22282D3268BBC ] C:\Windows\System32\wscapi.dll
20:21:32.0096 4872 C:\Windows\System32\wscapi.dll - ok
20:21:32.0111 4872 [ 402B44B31C7183FCF2C4E1083AF317FA ] C:\Windows\System32\conhost.exe
20:21:32.0111 4872 C:\Windows\System32\conhost.exe - ok
20:21:32.0127 4872 [ FA43D418BC945D27D0625B697B8442B5 ] C:\Windows\System32\cabinet.dll
20:21:32.0127 4872 C:\Windows\System32\cabinet.dll - ok
20:21:32.0143 4872 [ 92E0508D924512F63FFEEFE498CBD11F ] C:\Windows\System32\p2pcollab.dll
20:21:32.0143 4872 C:\Windows\System32\p2pcollab.dll - ok
20:21:32.0158 4872 [ 582AC6D9873E31DFA28A4547270862DD ] C:\Windows\System32\QAGENTRT.DLL
20:21:32.0158 4872 C:\Windows\System32\QAGENTRT.DLL - ok
20:21:32.0174 4872 [ 506A83A3BEEE9FCA09F0170DE9FC7D1B ] C:\Windows\System32\fveui.dll
20:21:32.0174 4872 C:\Windows\System32\fveui.dll - ok
20:21:32.0189 4872 [ CA9E3BD4752FA2C084F5CD35FD8D0025 ] C:\Program Files\Microsoft Security Client\MsseWat.dll
20:21:32.0189 4872 C:\Program Files\Microsoft Security Client\MsseWat.dll - ok
20:21:32.0189 4872 [ B6D6886149573278CBA6ABD44C4317F5 ] C:\Windows\System32\slwga.dll
20:21:32.0189 4872 C:\Windows\System32\slwga.dll - ok
20:21:32.0205 4872 [ DB76DB15EFC6E4D1153A6C5BC895948D ] C:\Windows\System32\sppc.dll
20:21:32.0205 4872 C:\Windows\System32\sppc.dll - ok
20:21:32.0221 4872 [ A8AD2773202A3913D1E1564BD5703183 ] C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamnet.dll
20:21:32.0221 4872 C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamnet.dll - ok
20:21:32.0236 4872 [ 702254574E7E52052DE39408457B7149 ] C:\Windows\SysWOW64\version.dll
20:21:32.0236 4872 C:\Windows\SysWOW64\version.dll - ok
20:21:32.0252 4872 [ 60D21799A4AF4EDCE65FB98830E4B0C8 ] C:\Windows\SysWOW64\crypt32.dll
20:21:32.0252 4872 C:\Windows\SysWOW64\crypt32.dll - ok
20:21:32.0267 4872 [ 938F39B50BAFE13D6F58C7790682C010 ] C:\Windows\SysWOW64\msasn1.dll
20:21:32.0267 4872 C:\Windows\SysWOW64\msasn1.dll - ok
20:21:32.0267 4872 [ A90DC9ABD65DB1A8902F361103029952 ] C:\Windows\SysWOW64\IPHLPAPI.DLL
20:21:32.0267 4872 C:\Windows\SysWOW64\IPHLPAPI.DLL - ok
20:21:32.0283 4872 [ 6377051C63D5552A311935C67E9FDFDC ] C:\Windows\SysWOW64\nsi.dll
20:21:32.0283 4872 C:\Windows\SysWOW64\nsi.dll - ok
20:21:32.0299 4872 [ CFF35B879D1618D42C86644C717BA947 ] C:\Windows\SysWOW64\winnsi.dll
20:21:32.0299 4872 C:\Windows\SysWOW64\winnsi.dll - ok
20:21:32.0314 4872 [ 7FF15A4F092CD4A96055BA69F903E3E9 ] C:\Windows\SysWOW64\ws2_32.dll
20:21:32.0314 4872 C:\Windows\SysWOW64\ws2_32.dll - ok
20:21:32.0330 4872 [ 6A6B2EE4565A178035BE2A4FF6F2C968 ] C:\Windows\SysWOW64\wtsapi32.dll
20:21:32.0330 4872 C:\Windows\SysWOW64\wtsapi32.dll - ok
20:21:32.0345 4872 [ D15618A0FF8DBC2C5BF3726BACC75A0B ] C:\Windows\SysWOW64\userenv.dll
20:21:32.0345 4872 C:\Windows\SysWOW64\userenv.dll - ok
20:21:32.0361 4872 [ A6F09E5669D9A19035F6D942CAA15882 ] C:\Windows\SysWOW64\imm32.dll
20:21:32.0361 4872 C:\Windows\SysWOW64\imm32.dll - ok
20:21:32.0377 4872 [ C733D233B623B7FFCE5031E4B756EE26 ] C:\Windows\SysWOW64\profapi.dll
20:21:32.0377 4872 C:\Windows\SysWOW64\profapi.dll - ok
20:21:32.0377 4872 [ C9618BC9B2B0FD7C1138D8774795A79B ] C:\Windows\SysWOW64\msctf.dll
20:21:32.0377 4872 C:\Windows\SysWOW64\msctf.dll - ok
20:21:32.0392 4872 [ F10E5311E5093FA3C00FF88C54C32FCA ] C:\Windows\SysWOW64\atl.dll
20:21:32.0392 4872 C:\Windows\SysWOW64\atl.dll - ok
20:21:32.0408 4872 [ 9CB0D2A9A77D91D9614355EE9FF00519 ] C:\Windows\SysWOW64\wininet.dll
20:21:32.0408 4872 C:\Windows\SysWOW64\wininet.dll - ok
20:21:32.0423 4872 [ 3178C47DB9F1615E5334029607BD3459 ] C:\Windows\SysWOW64\iertutil.dll
20:21:32.0423 4872 C:\Windows\SysWOW64\iertutil.dll - ok
20:21:32.0439 4872 [ FC4EE980C3BD87D35816EC55007E00B5 ] C:\Windows\SysWOW64\urlmon.dll
20:21:32.0439 4872 C:\Windows\SysWOW64\urlmon.dll - ok
20:21:32.0455 4872 [ 928CF7268086631F54C3D8E17238C6DD ] C:\Windows\SysWOW64\ole32.dll
20:21:32.0455 4872 C:\Windows\SysWOW64\ole32.dll - ok
20:21:32.0455 4872 [ 6C765E82B57F2E66CE9C54AC238471D9 ] C:\Windows\SysWOW64\oleaut32.dll
20:21:32.0455 4872 C:\Windows\SysWOW64\oleaut32.dll - ok
20:21:32.0470 4872 [ D5AEFAD57C08349A4393D987DF7C715D ] C:\Windows\SysWOW64\winmm.dll
20:21:32.0470 4872 C:\Windows\SysWOW64\winmm.dll - ok
20:21:32.0486 4872 [ 20E2469DB709FC675E655CEAA11BE312 ] C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
20:21:32.0486 4872 C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe - ok
20:21:32.0501 4872 [ 7321F18D1F820612ED0E9F2D4B578A7E ] C:\Windows\SysWOW64\cryptsp.dll
20:21:32.0501 4872 C:\Windows\SysWOW64\cryptsp.dll - ok
20:21:32.0517 4872 [ ED8EC63F7522DF4852147C84EC62C36A ] C:\Windows\SysWOW64\rsaenh.dll
20:21:32.0517 4872 C:\Windows\SysWOW64\rsaenh.dll - ok
20:21:32.0533 4872 [ 8EB9DF4D405524D5EF69AE9ECB0EDD16 ] C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamcore.dll
20:21:32.0564 4872 C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamcore.dll - ok
20:21:32.0564 4872 [ B9A8CBCFCD3EC9D2EA4740AF347BF108 ] C:\Windows\SysWOW64\mpr.dll
20:21:32.0564 4872 C:\Windows\SysWOW64\mpr.dll - ok
20:21:32.0579 4872 [ 17448AF0BBA9E7AB5EC955AF93F271BD ] C:\Windows\SysWOW64\wintrust.dll
20:21:32.0579 4872 C:\Windows\SysWOW64\wintrust.dll - ok
20:21:32.0595 4872 [ A543AC1F7138376D778D630A35FCBC4C ] C:\Windows\SysWOW64\psapi.dll
20:21:32.0595 4872 C:\Windows\SysWOW64\psapi.dll - ok
20:21:32.0611 4872 [ 8AD77806D336673F270DB31645267293 ] C:\Windows\System32\nlasvc.dll
20:21:32.0611 4872 C:\Windows\System32\nlasvc.dll - ok
20:21:32.0626 4872 [ D4FAC263861BAE06971C7F7D0A8EBF15 ] C:\Windows\System32\ncsi.dll
20:21:32.0626 4872 C:\Windows\System32\ncsi.dll - ok
20:21:32.0626 4872 [ 68769C3356B3BE5D1C732C97B9A80D6E ] C:\Windows\System32\drivers\PEAuth.sys
20:21:32.0626 4872 C:\Windows\System32\drivers\PEAuth.sys - ok
20:21:32.0642 4872 [ 1727B2A2F379A32B864C096FA794AADC ] C:\Windows\System32\aepic.dll
20:21:32.0642 4872 C:\Windows\System32\aepic.dll - ok
20:21:32.0657 4872 [ 2BBF3FDB70B8965DFA0258CBAB41ECCE ] C:\Windows\System32\ssdpapi.dll
20:21:32.0657 4872 C:\Windows\System32\ssdpapi.dll - ok
20:21:32.0673 4872 [ 3EA8A16169C26AFBEB544E0E48421186 ] C:\Windows\System32\drivers\secdrv.sys
20:21:32.0673 4872 C:\Windows\System32\drivers\secdrv.sys - ok
20:21:32.0689 4872 [ 27E461F0BE5BFF5FC737328F749538C3 ] C:\Windows\System32\drivers\srvnet.sys
20:21:32.0689 4872 C:\Windows\System32\drivers\srvnet.sys - ok
20:21:32.0704 4872 [ C6DCD1D11ED6827F05C00773C3E7053C ] C:\Windows\System32\sfc.dll
20:21:32.0704 4872 C:\Windows\System32\sfc.dll - ok
20:21:32.0720 4872 [ 895C9AB0A855547445C4181195230757 ] C:\Windows\System32\sfc_os.dll
20:21:32.0720 4872 C:\Windows\System32\sfc_os.dll - ok
20:21:32.0720 4872 [ 1B16D0BD9841794A6E0CDE0CEF744ABC ] C:\Windows\System32\drivers\tcpipreg.sys
20:21:32.0720 4872 C:\Windows\System32\drivers\tcpipreg.sys - ok
20:21:32.0735 4872 [ 8DD52E8E6128F4B2DA92CE27402871C1 ] C:\Windows\System32\wiaservc.dll
20:21:32.0735 4872 C:\Windows\System32\wiaservc.dll - ok
20:21:32.0751 4872 [ BF9CCC0BF39B418C8D0AE8B05CF95B7D ] C:\Windows\System32\sysmain.dll
20:21:32.0751 4872 C:\Windows\System32\sysmain.dll - ok
20:21:32.0767 4872 [ 0364256B4A2A93A8C8CDA6B3B5A0EFF5 ] C:\Windows\System32\wiatrace.dll
20:21:32.0767 4872 C:\Windows\System32\wiatrace.dll - ok
20:21:32.0782 4872 [ 0B4734AE9EC70B843DF02E7B1C056377 ] C:\Windows\System32\ThpSrv.exe
20:21:32.0782 4872 C:\Windows\System32\ThpSrv.exe - ok
20:21:32.0798 4872 [ 8E2C799D3476EAC32C3BA0DF7CE6AF19 ] C:\Windows\System32\TODDSrv.exe
20:21:32.0798 4872 C:\Windows\System32\TODDSrv.exe - ok
20:21:32.0813 4872 [ 1C73689B900428C7D054A41C4687F55C ] C:\Program Files\TOSHIBA\Power Saver\TosCoSrv.exe
20:21:32.0813 4872 C:\Program Files\TOSHIBA\Power Saver\TosCoSrv.exe - ok
20:21:32.0813 4872 [ 3EAE925DCD7D2704982BBCA4DC7EAE7E ] C:\Program Files\TOSHIBA\Power Saver\TPwrReg.dll
20:21:32.0813 4872 C:\Program Files\TOSHIBA\Power Saver\TPwrReg.dll - ok
20:21:32.0829 4872 [ D1103CFC8D7EA09ED22536EC301603F9 ] C:\Program Files\TOSHIBA\Power Saver\TPwrFunc.dll
20:21:32.0829 4872 C:\Program Files\TOSHIBA\Power Saver\TPwrFunc.dll - ok
20:21:32.0845 4872 [ DF5246F51E8557E20D40B3641CAE57B7 ] C:\Program Files\TOSHIBA\Power Saver\TtosFunc.dll
20:21:32.0845 4872 C:\Program Files\TOSHIBA\Power Saver\TtosFunc.dll - ok
20:21:32.0860 4872 [ 0015ACFBBDD164A8A730009908868CA7 ] C:\Windows\System32\winspool.drv
20:21:32.0860 4872 C:\Windows\System32\winspool.drv - ok
20:21:32.0876 4872 [ 7E7AFD841694F6AC397E99D75CEAD49D ] C:\Windows\System32\trkwks.dll
20:21:32.0876 4872 C:\Windows\System32\trkwks.dll - ok
20:21:32.0891 4872 [ 2BACD71123F42CEA603F4E205E1AE337 ] C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
20:21:32.0891 4872 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE - ok
20:21:32.0907 4872 [ 19B07E7E8915D701225DA41CB3877306 ] C:\Windows\System32\wbem\WMIsvc.dll
20:21:32.0907 4872 C:\Windows\System32\wbem\WMIsvc.dll - ok
20:21:32.0923 4872 [ 7DB5AA22A8A8E5C2D335F44853C1F6DE ] C:\Windows\System32\wbemcomn.dll
20:21:32.0923 4872 C:\Windows\System32\wbemcomn.dll - ok
20:21:32.0938 4872 [ 0C52762C606BCF6A377D5E4688191A6B ] C:\Windows\System32\wbem\WmiDcPrv.dll
20:21:32.0938 4872 C:\Windows\System32\wbem\WmiDcPrv.dll - ok
20:21:32.0954 4872 [ 0255C22D99602534F15CBB8D9B6F152F ] C:\Windows\System32\wbem\WinMgmtR.dll
20:21:32.0954 4872 C:\Windows\System32\wbem\WinMgmtR.dll - ok
20:21:32.0954 4872 [ A3F5E8EC1316C3E2562B82694A251C9E ] C:\Windows\System32\wbem\fastprox.dll
20:21:32.0954 4872 C:\Windows\System32\wbem\fastprox.dll - ok
20:21:32.0969 4872 [ 93812FDC01AA864195816CD814445F95 ] C:\Program Files\Common Files\Microsoft Shared\Windows Live\SQMAPI.DLL
20:21:32.0969 4872 C:\Program Files\Common Files\Microsoft Shared\Windows Live\SQMAPI.DLL - ok
20:21:32.0985 4872 [ EE26D130808D16C0E417BBBED0451B34 ] C:\Windows\System32\ntdsapi.dll
20:21:32.0985 4872 C:\Windows\System32\ntdsapi.dll - ok
20:21:33.0001 4872 [ B837D1528CE2E3CB79F09496BC08DDC6 ] C:\Windows\System32\SensApi.dll
20:21:33.0001 4872 C:\Windows\System32\SensApi.dll - ok
20:21:33.0016 4872 [ 666A60F6F5E719856FF6254E0966EFF7 ] C:\Windows\System32\wbem\wbemprox.dll
20:21:33.0016 4872 C:\Windows\System32\wbem\wbemprox.dll - ok
20:21:33.0032 4872 [ 210FCACAF902B2CD47CF9FD17D846146 ] C:\Windows\System32\aeevts.dll
20:21:33.0032 4872 C:\Windows\System32\aeevts.dll - ok
20:21:33.0032 4872 [ 9689A9C7F7C2A1A423CDA2C3B43FFF65 ] C:\Windows\System32\wer.dll
20:21:33.0032 4872 C:\Windows\System32\wer.dll - ok
20:21:33.0047 4872 [ B4ADEBBF5E3677CCE9651E0F01F7CC28 ] C:\Windows\System32\drivers\srv2.sys
20:21:33.0047 4872 C:\Windows\System32\drivers\srv2.sys - ok
20:21:33.0063 4872 [ 08C2957BB30058E663720C5606885653 ] C:\Windows\System32\iphlpsvc.dll
20:21:33.0063 4872 C:\Windows\System32\iphlpsvc.dll - ok
20:21:33.0079 4872 [ 441FBA48BFF01FDB9D5969EBC1838F0B ] C:\Windows\System32\drivers\srv.sys
20:21:33.0079 4872 C:\Windows\System32\drivers\srv.sys - ok
20:21:33.0094 4872 [ 27B9E163740A226B65E4B9E186117911 ] C:\Windows\System32\sqmapi.dll
20:21:33.0094 4872 C:\Windows\System32\sqmapi.dll - ok
20:21:33.0110 4872 [ 7B38D7916A7CD058C16A0A6CA5077901 ] C:\Windows\System32\wdscore.dll
20:21:33.0110 4872 C:\Windows\System32\wdscore.dll - ok
20:21:33.0125 4872 [ 5EB55F661DEBF156E126160BCD4D89F8 ] C:\Windows\System32\wbem\wbemcore.dll
20:21:33.0125 4872 C:\Windows\System32\wbem\wbemcore.dll - ok
20:21:33.0125 4872 [ 087D8668C71634A3A3761135ABF16EEE ] C:\Windows\System32\wbem\esscli.dll
20:21:33.0125 4872 C:\Windows\System32\wbem\esscli.dll - ok
20:21:33.0141 4872 [ 718B6F51AB7F6FE2988A36868F9AD3AB ] C:\Windows\System32\wbem\wbemsvc.dll
20:21:33.0141 4872 C:\Windows\System32\wbem\wbemsvc.dll - ok
20:21:33.0157 4872 [ D9F42719019740BAA6D1C6D536CBDAA6 ] C:\Windows\System32\srvsvc.dll
20:21:33.0157 4872 C:\Windows\System32\srvsvc.dll - ok
20:21:33.0172 4872 [ 05F5A0D14A2EE1D8255C2AA0E9E8E694 ] C:\Windows\System32\browser.dll
20:21:33.0172 4872 C:\Windows\System32\browser.dll - ok
20:21:33.0188 4872 [ 079FD1D59EAD19270C979AF174D881A3 ] C:\ProgramData\Microsoft\IdentityCRL\production\ppcrlconfig600.dll
20:21:33.0188 4872 C:\ProgramData\Microsoft\IdentityCRL\production\ppcrlconfig600.dll - ok
20:21:33.0203 4872 [ 0B2D65FDDE31069299AA6330F359FF9C ] C:\Windows\System32\msxml3.dll
20:21:33.0203 4872 C:\Windows\System32\msxml3.dll - ok
20:21:33.0219 4872 [ CFEFA40DDE34659BE5211966EAD86437 ] C:\Windows\System32\netmsg.dll
20:21:33.0219 4872 C:\Windows\System32\netmsg.dll - ok
20:21:33.0235 4872 [ 0143DB80DACFB7C2B5B7009ED9063353 ] C:\Windows\System32\wbem\wmiutils.dll
20:21:33.0235 4872 C:\Windows\System32\wbem\wmiutils.dll - ok
20:21:33.0235 4872 [ 3B367397320C26DBA890B260F80D1B1B ] C:\Windows\System32\hnetcfg.dll
20:21:33.0235 4872 C:\Windows\System32\hnetcfg.dll - ok
20:21:33.0250 4872 [ 0AB34456654C283DAA13B8D2BA21439B ] C:\Windows\System32\wbem\repdrvfs.dll
20:21:33.0250 4872 C:\Windows\System32\wbem\repdrvfs.dll - ok
20:21:33.0266 4872 [ 81749E073AC5857B044A686B406E5244 ] C:\Windows\System32\clusapi.dll
20:21:33.0266 4872 C:\Windows\System32\clusapi.dll - ok
20:21:33.0281 4872 [ FF80CAD87555E8E4D2CFD7B9058343F8 ] C:\Windows\System32\sscore.dll
20:21:33.0281 4872 C:\Windows\System32\sscore.dll - ok
20:21:33.0297 4872 [ 2A46FFE841EC43001D5A293A54DB34DE ] C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
20:21:33.0297 4872 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE - ok
20:21:33.0297 4872 [ 344FCC9850C3A8A3B4D3C65151AF8E4C ] C:\Windows\System32\resutils.dll
20:21:33.0297 4872 C:\Windows\System32\resutils.dll - ok
20:21:33.0313 4872 [ DDD0357A92FA843EFF8915ED17253D6C ] C:\Windows\System32\wbem\WmiPrvSD.dll
20:21:33.0313 4872 C:\Windows\System32\wbem\WmiPrvSD.dll - ok
20:21:33.0328 4872 [ D41FEBD098234F02485A4EA98D4730A4 ] C:\Windows\System32\ncobjapi.dll
20:21:33.0328 4872 C:\Windows\System32\ncobjapi.dll - ok
20:21:33.0344 4872 [ 6F40D6FB05E0C1E5402812B426971AF0 ] C:\Windows\System32\wbem\wbemess.dll
20:21:33.0344 4872 C:\Windows\System32\wbem\wbemess.dll - ok
20:21:33.0359 4872 [ AFB5B500AD69E24ED1BC15D1161641EF ] C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL
20:21:33.0359 4872 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL - ok
20:21:33.0375 4872 [ 88351B29B622B30962D2FEB6CA8D860B ] C:\Windows\System32\rasadhlp.dll
20:21:33.0375 4872 C:\Windows\System32\rasadhlp.dll - ok
20:21:33.0391 4872 [ 45CFBFA8EDC3DF4E2B7FB0D0260FE051 ] C:\Windows\System32\localspl.dll
20:21:33.0391 4872 C:\Windows\System32\localspl.dll - ok
20:21:33.0406 4872 [ 3285481F5C12305CA104A6C493CA5A0B ] C:\Windows\System32\spoolss.dll
20:21:33.0406 4872 C:\Windows\System32\spoolss.dll - ok
20:21:33.0422 4872 [ C5AC93CF3BA30D367FB49148A2B673B9 ] C:\Windows\System32\PrintIsolationProxy.dll
20:21:33.0422 4872 C:\Windows\System32\PrintIsolationProxy.dll - ok
20:21:33.0422 4872 [ 5F552F1DD619482E9F37A17914B0B5CD ] C:\Windows\System32\KMPJL64.DLL
20:21:33.0422 4872 C:\Windows\System32\KMPJL64.DLL - ok
20:21:33.0437 4872 [ 19E41CCCEE697CC9465396B370929792 ] C:\Windows\System32\FXSMON.dll
20:21:33.0453 4872 C:\Windows\System32\FXSMON.dll - ok
20:21:33.0453 4872 [ 32A3C8600AF124CBAAD845F13CFAE3CB ] C:\Windows\System32\tcpmon.dll
20:21:33.0453 4872 C:\Windows\System32\tcpmon.dll - ok
20:21:33.0469 4872 [ 93518C6EDE0B61BCBD02BDB02BD05FEE ] C:\Windows\System32\snmpapi.dll
20:21:33.0469 4872 C:\Windows\System32\snmpapi.dll - ok
20:21:33.0484 4872 [ FFF9D00CF16397C64317F213484F94BD ] C:\Windows\System32\wsnmp32.dll
20:21:33.0484 4872 C:\Windows\System32\wsnmp32.dll - ok
20:21:33.0500 4872 [ DF72A9936D0C3F517083119648814B09 ] C:\Windows\System32\usbmon.dll
20:21:33.0500 4872 C:\Windows\System32\usbmon.dll - ok
20:21:33.0515 4872 [ A1D7E3ADCDB07DDB6F423862DCB1A52B ] C:\Windows\System32\WSDMon.dll
20:21:33.0515 4872 C:\Windows\System32\WSDMon.dll - ok
20:21:33.0515 4872 [ 4581716B4BF76ACFD8E167EB0B26D82A ] C:\Windows\System32\fdPnp.dll
20:21:33.0515 4872 C:\Windows\System32\fdPnp.dll - ok
20:21:33.0531 4872 [ 1D626FE2E13C1CE49CA0136CFF214E93 ] C:\Windows\System32\spool\prtprocs\x64\winprint.dll
20:21:33.0531 4872 C:\Windows\System32\spool\prtprocs\x64\winprint.dll - ok
20:21:33.0547 4872 [ 548CB980D7876E207CC9F8B60C1587A3 ] C:\Windows\System32\win32spl.dll
20:21:33.0547 4872 C:\Windows\System32\win32spl.dll - ok
20:21:33.0562 4872 [ 507D5567A0A4EE86C4B0CE2CE1777025 ] C:\Windows\System32\inetpp.dll
20:21:33.0562 4872 C:\Windows\System32\inetpp.dll - ok
20:21:33.0578 4872 [ 1BF0CB861A48FEB1638228760750F3CB ] C:\Windows\System32\cscapi.dll
20:21:33.0578 4872 C:\Windows\System32\cscapi.dll - ok
20:21:33.0593 4872 [ 5FF89F20317309D28AC1EDEB0CD1BA72 ] C:\Windows\System32\drivers\NisDrvWFP.sys
20:21:33.0593 4872 C:\Windows\System32\drivers\NisDrvWFP.sys - ok
20:21:33.0609 4872 [ F7073C962C4FB7C415565DDE109DE49F ] C:\Windows\System32\npmproxy.dll
20:21:33.0609 4872 C:\Windows\System32\npmproxy.dll - ok
20:21:33.0625 4872 [ 79E80B10FE8F6662E0C9162A68C43444 ] C:\Program Files\Microsoft Security Client\NisSrv.exe
20:21:33.0625 4872 C:\Program Files\Microsoft Security Client\NisSrv.exe - ok
20:21:33.0625 4872 [ 132045285DCC8654C14F1CFB4A8DCDA1 ] C:\Program Files\Microsoft Security Client\NisLog.dll
20:21:33.0625 4872 C:\Program Files\Microsoft Security Client\NisLog.dll - ok
20:21:33.0640 4872 [ 79AFFC7FEEA9CD2FEFEA5EF3B631A02C ] C:\Windows\System32\ndiscapCfg.dll
20:21:33.0640 4872 C:\Windows\System32\ndiscapCfg.dll - ok
20:21:33.0656 4872 [ 3D6AF45673C4B31CDECD7F80AF09D443 ] C:\Windows\System32\rascfg.dll
20:21:33.0656 4872 C:\Windows\System32\rascfg.dll - ok
20:21:33.0671 4872 [ 2DF29664ED261F0FC448E58F338F0671 ] C:\Windows\System32\mprapi.dll
20:21:33.0671 4872 C:\Windows\System32\mprapi.dll - ok
20:21:33.0687 4872 [ 1CF21800E337F4039AAD4C94B4280EE4 ] C:\Windows\System32\mprmsg.dll
20:21:33.0687 4872 C:\Windows\System32\mprmsg.dll - ok
20:21:33.0703 4872 [ BD9EB3958F213F96B97B1D897DEE006D ] C:\Windows\System32\hidserv.dll
20:21:33.0703 4872 C:\Windows\System32\hidserv.dll - ok
20:21:33.0718 4872 [ BF1FC3F79B863C914687A737C2F3D681 ] C:\Windows\System32\wdi.dll
20:21:33.0718 4872 C:\Windows\System32\wdi.dll - ok
20:21:33.0734 4872 [ 0EBB390B7AEEC45EC061D9870A34FD42 ] C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{27B1D385-2CEA-4839-848B-B4C409DAEB30}\MpKsl752f6d9c.sys
20:21:33.0734 4872 C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{27B1D385-2CEA-4839-848B-B4C409DAEB30}\MpKsl752f6d9c.sys - ok
20:21:33.0734 4872 [ 55DE45B116711881C852D2841E4C84DD ] C:\Windows\System32\tcpipcfg.dll
20:21:33.0734 4872 C:\Windows\System32\tcpipcfg.dll - ok
20:21:33.0749 4872 [ 93221146D4EBBF314C29B23CD6CC391D ] C:\Windows\System32\wpdbusenum.dll
20:21:33.0749 4872 C:\Windows\System32\wpdbusenum.dll - ok
20:21:33.0765 4872 [ E64D9EC8018C55873B40FDEE9DBEF5B3 ] C:\Windows\System32\PortableDeviceApi.dll
20:21:33.0765 4872 C:\Windows\System32\PortableDeviceApi.dll - ok
20:21:33.0781 4872 [ AFA79C343F9D1555F7E5D5FA70BB2A14 ] C:\Windows\System32\PortableDeviceConnectApi.dll
20:21:33.0781 4872 C:\Windows\System32\PortableDeviceConnectApi.dll - ok
20:21:33.0796 4872 [ 4F15D75ADF6156BF56ECED6D4A55C389 ] C:\Windows\System32\IPSECSVC.DLL
20:21:33.0796 4872 C:\Windows\System32\IPSECSVC.DLL - ok
20:21:33.0812 4872 [ 9BC93C9ACFA34DB5A41B89357B31E4ED ] C:\Windows\System32\FwRemoteSvr.dll
20:21:33.0812 4872 C:\Windows\System32\FwRemoteSvr.dll - ok
20:21:33.0812 4872 [ F24F083224944042B1F3CF5B7A1BA1EE ] C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{3E01AC73-0CC1-4029-B7D5-9C1244535750}\gapaengine.dll
20:21:33.0812 4872 C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{3E01AC73-0CC1-4029-B7D5-9C1244535750}\gapaengine.dll - ok
20:21:33.0827 4872 [ 5527767F1ADD169320020321EEBA581E ] C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{3E01AC73-0CC1-4029-B7D5-9C1244535750}\nisfull.vdm
20:21:33.0827 4872 C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{3E01AC73-0CC1-4029-B7D5-9C1244535750}\nisfull.vdm - ok
20:21:33.0843 4872 [ 4449D23E8F197862F1B16F1E6C89C36C ] C:\Windows\System32\diagperf.dll
20:21:33.0843 4872 C:\Windows\System32\diagperf.dll - ok
20:21:33.0859 4872 [ BF4AC709BE5BF64F331F5D67773A0C82 ] C:\Windows\System32\perftrack.dll
20:21:33.0859 4872 C:\Windows\System32\perftrack.dll - ok
20:21:33.0874 4872 [ 9719E3D834F5C8C43F56A93DFA497023 ] C:\Windows\System32\pnpts.dll
20:21:33.0874 4872 C:\Windows\System32\pnpts.dll - ok
20:21:33.0890 4872 [ E1B22739C933BE33F53DB58C5393ADD3 ] C:\Windows\System32\Apphlpdm.dll
20:21:33.0890 4872 C:\Windows\System32\Apphlpdm.dll - ok
20:21:33.0905 4872 [ 58A0CDABEA255616827B1C22C9994466 ] C:\Windows\System32\NapiNSP.dll
20:21:33.0905 4872 C:\Windows\System32\NapiNSP.dll - ok
20:21:33.0921 4872 [ E811F8510B133E70CF6E509FB809824F ] C:\Windows\System32\wdiasqmmodule.dll
20:21:33.0921 4872 C:\Windows\System32\wdiasqmmodule.dll - ok
20:21:33.0937 4872 [ 613C8CE10A5FDE582BA5FA64C4D56AAA ] C:\Windows\System32\pnrpnsp.dll
20:21:33.0937 4872 C:\Windows\System32\pnrpnsp.dll - ok
20:21:33.0937 4872 [ 2E2072EB48238FCA8FBB7A9F5FABAC45 ] C:\Windows\System32\winrnr.dll
20:21:33.0937 4872 C:\Windows\System32\winrnr.dll - ok
20:21:33.0952 4872 [ 517110BD83835338C037269E603DB55D ] C:\Windows\System32\taskhost.exe
20:21:33.0952 4872 C:\Windows\System32\taskhost.exe - ok
20:21:33.0968 4872 [ E629F1A051C82795DDFFD3E8D4855811 ] C:\Windows\System32\dimsjob.dll
20:21:33.0968 4872 C:\Windows\System32\dimsjob.dll - ok
20:21:33.0983 4872 [ 35CB97CBC3EDC463418ED4997AAB29B6 ] C:\Windows\System32\pautoenr.dll
20:21:33.0983 4872 C:\Windows\System32\pautoenr.dll - ok
20:21:33.0999 4872 [ 94DFBB481BF51158B216E23C5C1C9D6E ] C:\Windows\System32\certcli.dll
20:21:33.0999 4872 C:\Windows\System32\certcli.dll - ok
20:21:34.0015 4872 [ FEB91B4DA0D540865260A33838654FA3 ] C:\Windows\System32\nci.dll
20:21:34.0015 4872 C:\Windows\System32\nci.dll - ok
20:21:34.0030 4872 [ AC0C9CEA1218DAB1994AF8B28E680BD9 ] C:\Windows\System32\wlaninst.dll
20:21:34.0030 4872 C:\Windows\System32\wlaninst.dll - ok
20:21:34.0030 4872 [ 5A406C9C8E0880D3EABADC5DFD1ACDAE ] C:\Windows\System32\wwaninst.dll
20:21:34.0046 4872 C:\Windows\System32\wwaninst.dll - ok
20:21:34.0046 4872 [ 263B26106606A010CF877472B535E4BB ] C:\Windows\System32\CertEnroll.dll
20:21:34.0046 4872 C:\Windows\System32\CertEnroll.dll - ok
20:21:34.0061 4872 [ 46863C4CC5B68EB09EA2D5EEF0F1193A ] C:\Windows\System32\radardt.dll
20:21:34.0061 4872 C:\Windows\System32\radardt.dll - ok
20:21:34.0077 4872 [ B2DFFEA8FB6B8DA0501F53C9F2112612 ] C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{27B1D385-2CEA-4839-848B-B4C409DAEB30}\offreg.dll
20:21:34.0077 4872 C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{27B1D385-2CEA-4839-848B-B4C409DAEB30}\offreg.dll - ok
20:21:34.0093 4872 [ ADF3E771F429940E762AC097F5A54EAF ] C:\Program Files\Windows Defender\MpClient.dll
20:21:34.0093 4872 C:\Program Files\Windows Defender\MpClient.dll - ok
20:21:34.0108 4872 [ A8EDB86FC2A4D6D1285E4C70384AC35A ] C:\Windows\System32\dllhost.exe
20:21:34.0108 4872 C:\Windows\System32\dllhost.exe - ok
20:21:34.0124 4872 [ 14DFDEAF4E589ED3F1FF187A86B9408C ] C:\Windows\winsxs\amd64_microsoft.windows.common-controls_6595b64144ccf1df_5.82.7601.17514_none_a4d6a923711520a9\comctl32.dll
20:21:34.0124 4872 C:\Windows\winsxs\amd64_microsoft.windows.common-controls_6595b64144ccf1df_5.82.7601.17514_none_a4d6a923711520a9\comctl32.dll - ok
20:21:34.0139 4872 [ A0A2C1D812C231C9BFE119FDC68E341B ] C:\Windows\System32\IDStore.dll
20:21:34.0139 4872 C:\Windows\System32\IDStore.dll - ok
20:21:34.0155 4872 [ 4F5A3681A762FBCCC5A02D2DB3A04A79 ] C:\Windows\System32\kbd101a.dll
20:21:34.0155 4872 C:\Windows\System32\kbd101a.dll - ok
20:21:34.0155 4872 [ D8DAD1E59B580BE2F5C079BCCE33EA96 ] C:\Windows\System32\KBDKOR.DLL
20:21:34.0155 4872 C:\Windows\System32\KBDKOR.DLL - ok
20:21:34.0171 4872 [ 06F85BA017A3D9B955AC7A00525ACF6B ] C:\Windows\System32\kbd103.dll
20:21:34.0171 4872 C:\Windows\System32\kbd103.dll - ok
20:21:34.0186 4872 [ FBD879D17B26D49DD7A48FF58062FAE6 ] C:\Windows\System32\tdh.dll
20:21:34.0186 4872 C:\Windows\System32\tdh.dll - ok
20:21:34.0202 4872 [ 65EA57712340C09B1B0C427B4848AE05 ] C:\Windows\System32\taskeng.exe
20:21:34.0202 4872 C:\Windows\System32\taskeng.exe - ok
20:21:34.0217 4872 [ 23566F9723771108D2E6CD768AC27407 ] C:\Windows\System32\AtBroker.exe
20:21:34.0217 4872 C:\Windows\System32\AtBroker.exe - ok
20:21:34.0233 4872 [ 6CEF7856A3EFAC59470F6208F0F585CE ] C:\Windows\System32\mpr.dll
20:21:34.0233 4872 C:\Windows\System32\mpr.dll - ok
20:21:34.0233 4872 [ 94EEAC26F57811BD1AEFC164412F7FCE ] C:\Windows\System32\PlaySndSrv.dll
20:21:34.0233 4872 C:\Windows\System32\PlaySndSrv.dll - ok
20:21:34.0249 4872 [ BAFE84E637BF7388C96EF48D4D3FDD53 ] C:\Windows\System32\userinit.exe
20:21:34.0249 4872 C:\Windows\System32\userinit.exe - ok
20:21:34.0264 4872 [ F11A57E91FDAECFB41A5CB21EB1EBC8E ] C:\Windows\System32\dssenh.dll
20:21:34.0264 4872 C:\Windows\System32\dssenh.dll - ok
20:21:34.0280 4872 [ 1F1CA9E99DD5BF918BE0BF30B5A42FDA ] C:\Windows\System32\MsCtfMonitor.dll
20:21:34.0280 4872 C:\Windows\System32\MsCtfMonitor.dll - ok
20:21:34.0295 4872 [ F09A9A1AD21FE618C4C8B0A0D830C886 ] C:\Windows\System32\msutb.dll
20:21:34.0295 4872 C:\Windows\System32\msutb.dll - ok
20:21:34.0311 4872 [ 9BB99503D6A4DD62569EDE9E5E2672A5 ] C:\Windows\System32\HotStartUserAgent.dll
20:21:34.0311 4872 C:\Windows\System32\HotStartUserAgent.dll - ok
20:21:34.0327 4872 [ F162D5F5E845B9DC352DD1BAD8CEF1BC ] C:\Windows\System32\dwm.exe
20:21:34.0327 4872 C:\Windows\System32\dwm.exe - ok
20:21:34.0342 4872 [ FCFCD1101C5DA23B4B95F93D02B2C169 ] C:\Windows\System32\dwmredir.dll
20:21:34.0342 4872 C:\Windows\System32\dwmredir.dll - ok
20:21:34.0342 4872 [ 10F815BE90A66AAFC6C713D1BD626064 ] C:\Windows\System32\pnidui.dll
20:21:34.0342 4872 C:\Windows\System32\pnidui.dll - ok
20:21:34.0358 4872 [ 4BA77A5EF71C14C764B0ED4701683E3E ] C:\Windows\System32\dwmcore.dll
20:21:34.0358 4872 C:\Windows\System32\dwmcore.dll - ok
20:21:34.0373 4872 [ 332FEAB1435662FC6C672E25BEB37BE3 ] C:\Windows\explorer.exe
20:21:34.0373 4872 C:\Windows\explorer.exe - ok
20:21:34.0389 4872 [ E1374D37477322D4956604711008C69D ] C:\Windows\System32\d3d10_1.dll
20:21:34.0389 4872 C:\Windows\System32\d3d10_1.dll - ok
20:21:34.0405 4872 [ 426BA4E737A7988FD1202AF2F2B2F4A6 ] C:\Windows\System32\d3d10_1core.dll
20:21:34.0405 4872 C:\Windows\System32\d3d10_1core.dll - ok
20:21:34.0420 4872 [ F404E59DB6A0F122AB26BF4F3E2FD0FA ] C:\Windows\System32\dxgi.dll
20:21:34.0420 4872 C:\Windows\System32\dxgi.dll - ok
20:21:34.0436 4872 [ 1EB82516F21F27EED1833B4F9FD9614E ] C:\Windows\System32\wmp.dll
20:21:34.0436 4872 C:\Windows\System32\wmp.dll - ok
20:21:34.0451 4872 [ EED05D42D91835064703E2318552ED25 ] C:\Windows\System32\ExplorerFrame.dll
20:21:34.0451 4872 C:\Windows\System32\ExplorerFrame.dll - ok
20:21:34.0467 4872 [ B4AC3953C16443158DCA772F187DF92C ] C:\Windows\System32\aticfx64.dll
20:21:34.0467 4872 C:\Windows\System32\aticfx64.dll - ok
20:21:34.0483 4872 [ 9E8CFD920F2D542FA9FE9FBD142C2B0A ] C:\Windows\System32\atidxx64.dll
20:21:34.0483 4872 C:\Windows\System32\atidxx64.dll - ok
20:21:34.0498 4872 [ 1D8FF340333F3D023668467574523FCF ] C:\Windows\System32\atiuxp64.dll
20:21:34.0498 4872 C:\Windows\System32\atiuxp64.dll - ok
20:21:34.0514 4872 [ 024352FEEC9042260BB4CFB4D79A206B ] C:\Windows\System32\EhStorShell.dll
20:21:34.0514 4872 C:\Windows\System32\EhStorShell.dll - ok
20:21:34.0529 4872 [ 037A719DAD50603202C978CD802623E4 ] C:\Windows\System32\ntshrui.dll
20:21:34.0529 4872 C:\Windows\System32\ntshrui.dll - ok
20:21:34.0545 4872 [ 49E5753D923F1AC63B22D3DCB0B47E00 ] C:\Windows\System32\uDWM.dll
20:21:34.0545 4872 C:\Windows\System32\uDWM.dll - ok
20:21:34.0561 4872 [ 1D63F4366288B8A7595397E27010FD44 ] C:\Windows\System32\IconCodecService.dll
20:21:34.0561 4872 C:\Windows\System32\IconCodecService.dll - ok
20:21:34.0576 4872 [ 3977D4A871CA0D4F2ED1E7DB46829731 ] C:\Windows\System32\appinfo.dll
20:21:34.0576 4872 C:\Windows\System32\appinfo.dll - ok
20:21:34.0592 4872 [ 198803E5E93E29967DFB0BCFD0186151 ] C:\Windows\System32\spfileq.dll
20:21:34.0592 4872 C:\Windows\System32\spfileq.dll - ok
20:21:34.0592 4872 [ 025E7DBDB98866ED3CB2D4DDA70B364D ] C:\Windows\System32\runonce.exe
20:21:34.0592 4872 C:\Windows\System32\runonce.exe - ok
20:21:34.0607 4872 [ D44741F65A1D71F65814A12CF6E2400A ] C:\Windows\SysWOW64\runonce.exe
20:21:34.0607 4872 C:\Windows\SysWOW64\runonce.exe - ok
20:21:34.0623 4872 [ 805A52C5AE26C28E88FDD9BCCFE6F312 ] C:\Windows\System32\TSChannel.dll
20:21:34.0623 4872 C:\Windows\System32\TSChannel.dll - ok
20:21:34.0639 4872 [ F02A533F517EB38333CB12A9E8963773 ] C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
20:21:34.0639 4872 C:\Program Files (x86)\Google\Update\GoogleUpdate.exe - ok
20:21:34.0654 4872 [ 9FF47CD8A3787C8FD3CDFE40441C722E ] C:\Program Files (x86)\Google\Update\1.3.21.123\goopdate.dll
20:21:34.0654 4872 C:\Program Files (x86)\Google\Update\1.3.21.123\goopdate.dll - ok
20:21:34.0670 4872 [ 2FCA0D2C59A855C54BAFA22AA329DF0F ] C:\Windows\SysWOW64\netapi32.dll
20:21:34.0670 4872 C:\Windows\SysWOW64\netapi32.dll - ok
20:21:34.0685 4872 [ 20B3934DB73EABA2B49B7177873CB81F ] C:\Windows\SysWOW64\netutils.dll
20:21:34.0685 4872 C:\Windows\SysWOW64\netutils.dll - ok
20:21:34.0701 4872 [ 5CCDCD40E732D54E0F7451AC66AC1C87 ] C:\Windows\SysWOW64\srvcli.dll
20:21:34.0701 4872 C:\Windows\SysWOW64\srvcli.dll - ok
20:21:34.0701 4872 [ E5A4A1326A02F8E7B59E6C3270CE7202 ] C:\Windows\SysWOW64\wkscli.dll
20:21:34.0717 4872 C:\Windows\SysWOW64\wkscli.dll - ok
20:21:34.0717 4872 [ 352B3DC62A0D259A82A052238425C872 ] C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2\comctl32.dll
20:21:34.0717 4872 C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2\comctl32.dll - ok
20:21:34.0732 4872 [ B2DB6ABA2E292235749B80A9C3DFA867 ] C:\Windows\SysWOW64\imagehlp.dll
20:21:34.0732 4872 C:\Windows\SysWOW64\imagehlp.dll - ok
20:21:34.0748 4872 [ A6C29DB53ECA94FA8591C5388D604B82 ] C:\Windows\SysWOW64\msi.dll
20:21:34.0748 4872 C:\Windows\SysWOW64\msi.dll - ok
20:21:34.0763 4872 [ 43964FA89CCF97BA6BE34D69455AC65F ] C:\Windows\SysWOW64\uxtheme.dll
20:21:34.0763 4872 C:\Windows\SysWOW64\uxtheme.dll - ok
20:21:34.0779 4872 [ FCE23E27F62989AD0BB88E256E847A41 ] C:\Windows\System32\CertPolEng.dll
20:21:34.0779 4872 C:\Windows\System32\CertPolEng.dll - ok
20:21:34.0795 4872 [ 465BEA35F7ED4A4A57686DEA7EA10F47 ] C:\Windows\SysWOW64\cscapi.dll
20:21:34.0795 4872 C:\Windows\SysWOW64\cscapi.dll - ok
20:21:34.0810 4872 [ 3FD15B4611D9BDA3F8013548C0ECAECA ] C:\Windows\SysWOW64\ntmarta.dll
20:21:34.0810 4872 C:\Windows\SysWOW64\ntmarta.dll - ok
20:21:34.0810 4872 [ 10FB16B50AFFDA6D44588F3C445DC273 ] C:\Windows\SysWOW64\setupapi.dll
20:21:34.0826 4872 C:\Windows\SysWOW64\setupapi.dll - ok
20:21:34.0826 4872 [ A8BB45F9ECAD993461E0FEF8E2A99152 ] C:\Windows\SysWOW64\Wldap32.dll
20:21:34.0826 4872 C:\Windows\SysWOW64\Wldap32.dll - ok
20:21:34.0841 4872 [ 53223B673A3FA2F9A4D1C31C8D3F6CD8 ] C:\Windows\SysWOW64\dbghelp.dll
20:21:34.0841 4872 C:\Windows\SysWOW64\dbghelp.dll - ok
20:21:34.0857 4872 [ F436E847FA799ECD75AD8C313673F450 ] C:\Windows\SysWOW64\cfgmgr32.dll
20:21:34.0857 4872 C:\Windows\SysWOW64\cfgmgr32.dll - ok
20:21:34.0873 4872 [ 2EEFF4502F5E13B1BED4A04CCAD64C08 ] C:\Windows\SysWOW64\devobj.dll
20:21:34.0873 4872 C:\Windows\SysWOW64\devobj.dll - ok
20:21:34.0888 4872 [ FF5688D309347F2720911D8796912834 ] C:\Windows\SysWOW64\clbcatq.dll
20:21:34.0888 4872 C:\Windows\SysWOW64\clbcatq.dll - ok
20:21:34.0888 4872 [ 12C45E3CB6D65F73209549E2D02ECA7A ] C:\Windows\SysWOW64\propsys.dll
20:21:34.0888 4872 C:\Windows\SysWOW64\propsys.dll - ok
20:21:34.0904 4872 [ 863F793D15B4026B1A5FDECA873D4D84 ] C:\Windows\SysWOW64\apphelp.dll
20:21:34.0904 4872 C:\Windows\SysWOW64\apphelp.dll - ok
20:21:34.0919 4872 [ AE5A69F44C1F97EDC83237FC0B29B6FB ] C:\Program Files (x86)\Google\Update\1.3.21.123\GoogleCrashHandler.exe
20:21:34.0919 4872 C:\Program Files (x86)\Google\Update\1.3.21.123\GoogleCrashHandler.exe - ok
20:21:34.0935 4872 [ F93674263F6B07C77956E966953242D9 ] C:\Windows\SysWOW64\secur32.dll
20:21:34.0935 4872 C:\Windows\SysWOW64\secur32.dll - ok
20:21:34.0951 4872 [ 41938F2C1642459CBBA691B5DBD6395A ] C:\Program Files (x86)\Google\Update\1.3.21.123\GoogleCrashHandler64.exe
20:21:34.0951 4872 C:\Program Files (x86)\Google\Update\1.3.21.123\GoogleCrashHandler64.exe - ok
20:21:34.0966 4872 [ C5A99A4C0DC9F0F5A95BA0C83D30A549 ] C:\Windows\SysWOW64\mstask.dll
20:21:34.0966 4872 C:\Windows\SysWOW64\mstask.dll - ok
20:21:34.0982 4872 [ AD7B9C14083B52BC532FBA5948342B98 ] C:\Windows\SysWOW64\cmd.exe
20:21:34.0982 4872 C:\Windows\SysWOW64\cmd.exe - ok
20:21:34.0997 4872 [ 22F020C76E339EB2B2187BA73A7E4173 ] C:\Windows\System32\PrintIsolationHost.exe
20:21:34.0997 4872 C:\Windows\System32\PrintIsolationHost.exe - ok
20:21:35.0013 4872 [ A7A8CA53D9C9FD90C07AB0EB38E5316B ] C:\Windows\System32\dbghelp.dll
20:21:35.0013 4872 C:\Windows\System32\dbghelp.dll - ok
20:21:35.0013 4872 [ 326C7F76A29897A892AA7726E91C1C67 ] C:\Windows\SysWOW64\winbrand.dll
20:21:35.0013 4872 C:\Windows\SysWOW64\winbrand.dll - ok
20:21:35.0029 4872 [ A6B73FCB9496DB101F3066CAF5A7DA4B ] C:\Windows\SysWOW64\ieframe.dll
20:21:35.0029 4872 C:\Windows\SysWOW64\ieframe.dll - ok
20:21:35.0044 4872 [ CB8328E579979EE3A639920625645563 ] C:\Windows\System32\spool\drivers\x64\3\KMUC53B3.DLL
20:21:35.0044 4872 C:\Windows\System32\spool\drivers\x64\3\KMUC53B3.DLL - ok
20:21:35.0060 4872 [ 8E01332CC4B68BC6B5B7EFFE374442AA ] C:\Windows\SysWOW64\oleacc.dll
20:21:35.0060 4872 C:\Windows\SysWOW64\oleacc.dll - ok
20:21:35.0075 4872 [ FDFEA82F1B276724A33B6BB91BB60A93 ] C:\Windows\System32\spool\drivers\x64\3\KMUU53B3.DLL
20:21:35.0075 4872 C:\Windows\System32\spool\drivers\x64\3\KMUU53B3.DLL - ok
20:21:35.0091 4872 [ BE247AE996A9FDE007A27B51413A6C79 ] C:\Windows\SysWOW64\shdocvw.dll
20:21:35.0091 4872 C:\Windows\SysWOW64\shdocvw.dll - ok
20:21:35.0107 4872 [ 4B78B431F225FD8624C5655CB1DE7B61 ] C:\Windows\System32\aelupsvc.dll
20:21:35.0107 4872 C:\Windows\System32\aelupsvc.dll - ok
20:21:35.0107 4872 [ EBC984F0CE40E0DAF0454D806EC2A7EC ] C:\Users\Jessie\AppData\Local\Temp\118429A0-B893-499F-AE90-8B9C157C1AAF.exe
20:21:35.0107 4872 C:\Users\Jessie\AppData\Local\Temp\118429A0-B893-499F-AE90-8B9C157C1AAF.exe - ok
20:21:35.0122 4872 [ 591FE0A6CEB19BF886CEB1331F591940 ] C:\Windows\SysWOW64\ncrypt.dll
20:21:35.0122 4872 C:\Windows\SysWOW64\ncrypt.dll - ok
20:21:35.0138 4872 [ CE71B9119A258EDD0A05B37D7B0F92E3 ] C:\Windows\SysWOW64\bcrypt.dll
20:21:35.0138 4872 C:\Windows\SysWOW64\bcrypt.dll - ok
20:21:35.0153 4872 [ E8449FE262D7406BCB2AC2A45C53EC5F ] C:\Windows\SysWOW64\bcryptprimitives.dll
20:21:35.0153 4872 C:\Windows\SysWOW64\bcryptprimitives.dll - ok
20:21:35.0169 4872 [ 1097F3035BAF46CED8B332B3564C5108 ] C:\Windows\SysWOW64\gpapi.dll
20:21:35.0169 4872 C:\Windows\SysWOW64\gpapi.dll - ok
20:21:35.0185 4872 [ CA79539D3D4C0BA66F0F051A5EE5E923 ] C:\Windows\SysWOW64\cryptnet.dll
20:21:35.0185 4872 C:\Windows\SysWOW64\cryptnet.dll - ok
20:21:35.0200 4872 [ 6F8E3B7B70E1BBA871212940C1FBDF60 ] C:\Windows\SysWOW64\SensApi.dll
20:21:35.0200 4872 C:\Windows\SysWOW64\SensApi.dll - ok
20:21:35.0200 4872 [ 39C5F32747B3414D1BB216FDB1DEFC58 ] C:\Windows\SysWOW64\dwmapi.dll
20:21:35.0200 4872 C:\Windows\SysWOW64\dwmapi.dll - ok
20:21:35.0216 4872 [ 1DB71A41DAEE6B3F8CD0DDA8209FA2D5 ] C:\Windows\SysWOW64\WindowsCodecs.dll
20:21:35.0216 4872 C:\Windows\SysWOW64\WindowsCodecs.dll - ok
20:21:35.0231 4872 [ 846D0E4DB261CFAF363902E41498E961 ] C:\Windows\SysWOW64\EhStorShell.dll
20:21:35.0231 4872 C:\Windows\SysWOW64\EhStorShell.dll - ok
20:21:35.0247 4872 [ 03F3B770DFBED6131653CEDA8CA780F0 ] C:\Windows\SysWOW64\ntshrui.dll
20:21:35.0247 4872 C:\Windows\SysWOW64\ntshrui.dll - ok
20:21:35.0263 4872 [ 8B74CEC6980D4816B0037AE9A27E538F ] C:\Windows\SysWOW64\slc.dll
20:21:35.0263 4872 C:\Windows\SysWOW64\slc.dll - ok
20:21:35.0278 4872 [ 827CB0D6C3F8057EA037FF271F8E9795 ] C:\Windows\SysWOW64\imageres.dll
20:21:35.0278 4872 C:\Windows\SysWOW64\imageres.dll - ok
20:21:35.0294 4872 [ 523CF74A52C9A1762DA8B83AEE734498 ] C:\Windows\SysWOW64\IconCodecService.dll
20:21:35.0294 4872 C:\Windows\SysWOW64\IconCodecService.dll - ok
20:21:35.0309 4872 [ 522B0466ED967A0762E9AF5B37D8F40A ] C:\Windows\System32\esent.dll
20:21:35.0309 4872 C:\Windows\System32\esent.dll - ok
20:21:35.0309 4872 [ 426701A2483D01948084AEB6C6664B09 ] C:\Program Files\Microsoft Security Client\MpCommu.dll
20:21:35.0309 4872 C:\Program Files\Microsoft Security Client\MpCommu.dll - ok
20:21:35.0325 4872 [ 40CAEEE0EAF1B8569F7C8DF6420F2CB9 ] C:\Windows\SysWOW64\sfc.dll
20:21:35.0325 4872 C:\Windows\SysWOW64\sfc.dll - ok
20:21:35.0341 4872 [ 84799328D87B3091A3BDD251E1AD31F9 ] C:\Windows\SysWOW64\sfc_os.dll
20:21:35.0341 4872 C:\Windows\SysWOW64\sfc_os.dll - ok
20:21:35.0356 4872 [ 162D247E995EAEBF3EF4289069E1111C ] C:\Windows\SysWOW64\devrtl.dll
20:21:35.0356 4872 C:\Windows\SysWOW64\devrtl.dll - ok
20:21:35.0372 4872 [ B519848DFA30AE2B306576B51321D102 ] C:\Windows\System32\ie4uinit.exe
20:21:35.0372 4872 C:\Windows\System32\ie4uinit.exe - ok
20:21:35.0387 4872 [ CA9F7888B524D8100B977C81F44C3234 ] C:\Windows\SysWOW64\winhttp.dll
20:21:35.0387 4872 C:\Windows\SysWOW64\winhttp.dll - ok
20:21:35.0403 4872 [ FB19FC5951A88F3C523E35C2C98D23C0 ] C:\Windows\SysWOW64\webio.dll
20:21:35.0403 4872 C:\Windows\SysWOW64\webio.dll - ok
20:21:35.0419 4872 [ 2C647ABE9A424E55B5F3DAE4629B4277 ] C:\Windows\System32\themeui.dll
20:21:35.0419 4872 C:\Windows\System32\themeui.dll - ok
20:21:35.0434 4872 [ FB10715E4099AF9FA389C71873245226 ] C:\Windows\System32\timedate.cpl
20:21:35.0434 4872 C:\Windows\System32\timedate.cpl - ok
20:21:35.0434 4872 [ 4E5FE39C1076D115EC8BFCFE14D75B80 ] C:\Windows\SysWOW64\credssp.dll
20:21:35.0434 4872 C:\Windows\SysWOW64\credssp.dll - ok
20:21:35.0450 4872 [ E6F0F82788E8BD0F7A616350EFA0761C ] C:\Windows\System32\actxprxy.dll
20:21:35.0450 4872 C:\Windows\System32\actxprxy.dll - ok
20:21:35.0465 4872 [ 8999B8631C7FD9F7F9EC3CAFD953BA24 ] C:\Windows\SysWOW64\mswsock.dll
20:21:35.0465 4872 C:\Windows\SysWOW64\mswsock.dll - ok
20:21:35.0481 4872 [ EE5C8E27C37B79CB54A2FCEEED2DC262 ] C:\Windows\SysWOW64\WSHTCPIP.DLL
20:21:35.0481 4872 C:\Windows\SysWOW64\WSHTCPIP.DLL - ok
20:21:35.0497 4872 [ 2CEFF13ACE25A40BD8D97654944297CD ] C:\Windows\svchost.exe
20:21:35.0497 4872 C:\Windows\svchost.exe - ok
20:21:35.0512 4872 [ 73E8667A19FEEDD856DF2695E9E511D4 ] C:\Windows\SysWOW64\wship6.dll
20:21:35.0512 4872 C:\Windows\SysWOW64\wship6.dll - ok
20:21:35.0528 4872 [ B40420876B9288E0A1C8CCA8A84E5DC9 ] C:\Windows\SysWOW64\dnsapi.dll
20:21:35.0528 4872 C:\Windows\SysWOW64\dnsapi.dll - ok
20:21:35.0543 4872 [ 0E85C11F8850D524B02181C6E02BA9AE ] C:\Windows\SysWOW64\dsound.dll
20:21:35.0543 4872 C:\Windows\SysWOW64\dsound.dll - ok
20:21:35.0559 4872 [ 12B79422A23814429CDA9E734C58F78F ] C:\Program Files (x86)\Common Files\microsoft shared\Windows Live\WLIDNSP.DLL
20:21:35.0559 4872 C:\Program Files (x86)\Common Files\microsoft shared\Windows Live\WLIDNSP.DLL - ok
20:21:35.0575 4872 [ C4F40F6CACD796A8E16671D0E9A2F319 ] C:\Windows\System32\shdocvw.dll
20:21:35.0575 4872 C:\Windows\System32\shdocvw.dll - ok
20:21:35.0590 4872 [ 08DFDBD2FD4EA951DC46B1C7661ED35A ] C:\Windows\SysWOW64\powrprof.dll
20:21:35.0590 4872 C:\Windows\SysWOW64\powrprof.dll - ok
20:21:35.0606 4872 [ A0A65D306A5490D2EB8E7DE66898ECFD ] C:\Windows\System32\linkinfo.dll
20:21:35.0606 4872 C:\Windows\System32\linkinfo.dll - ok
20:21:35.0621 4872 [ ED6EE83D61EBC683C2CD8E899EA6FEBE ] C:\Windows\SysWOW64\rasadhlp.dll
20:21:35.0621 4872 C:\Windows\SysWOW64\rasadhlp.dll - ok
20:21:35.0637 4872 [ 661CEEDE98A2E0E5CDD7DE239EB38353 ] C:\PROGRA~2\WIC4A1~1\MESSEN~1\msgslang.dll
20:21:35.0637 4872 C:\PROGRA~2\WIC4A1~1\MESSEN~1\msgslang.dll - ok
20:21:35.0653 4872 [ 03A03A453F1AAAE0C73AAAF895321C7A ] C:\Windows\SysWOW64\FWPUCLNT.DLL
20:21:35.0653 4872 C:\Windows\SysWOW64\FWPUCLNT.DLL - ok
20:21:35.0653 4872 [ 1EAC1A8CA6874BF5B15E2EFB9A9A7B86 ] C:\Windows\System32\msftedit.dll
20:21:35.0653 4872 C:\Windows\System32\msftedit.dll - ok
20:21:35.0668 4872 [ 7FCAB194F01E3403C300EB034E480B36 ] C:\Windows\System32\msls31.dll
20:21:35.0668 4872 C:\Windows\System32\msls31.dll - ok
20:21:35.0684 4872 [ 3504B34CD2DE00BA3CC1A195F1B739BD ] C:\Windows\System32\gameux.dll
20:21:35.0684 4872 C:\Windows\System32\gameux.dll - ok
20:21:35.0699 4872 [ 7DBA84667DC18877AEF693E3543DFAD7 ] C:\Program Files\Common Files\Microsoft Shared\ink\tiptsf.dll
20:21:35.0699 4872 C:\Program Files\Common Files\Microsoft Shared\ink\tiptsf.dll - ok
20:21:35.0715 4872 [ BCFF8CD24809941E28C73185FC58CA39 ] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
20:21:35.0715 4872 C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe - ok
20:21:35.0731 4872 [ 0BE126224273ACB0925C07B30A0E4209 ] C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
20:21:35.0731 4872 C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe - ok
20:21:35.0746 4872 [ 439669E153EF11FA16861EC33D4AFC81 ] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
20:21:35.0746 4872 C:\Program Files\Synaptics\SynTP\SynTPEnh.exe - ok
20:21:35.0762 4872 [ DC604BBAF9F613D150CC6060E0E47788 ] C:\Program Files\TOSHIBA\FlashCards\TCrdMain.exe
20:21:35.0762 4872 C:\Program Files\TOSHIBA\FlashCards\TCrdMain.exe - ok
20:21:35.0777 4872 [ C5BCAB2B9BD316DDFD53D4CB5E1C438D ] C:\Program Files\TOSHIBA\Power Saver\TPwrMain.exe
20:21:35.0777 4872 C:\Program Files\TOSHIBA\Power Saver\TPwrMain.exe - ok
20:21:35.0777 4872 [ DFD8F75F0E27D522AB8424AD71719C8B ] C:\Program Files\TOSHIBA\TBS\HSON.exe
20:21:35.0777 4872 C:\Program Files\TOSHIBA\TBS\HSON.exe - ok
20:21:35.0809 4872 [ 585FED4CDB8034B8B58AEB8008255817 ] C:\Windows\System32\opengl32.dll
20:21:35.0809 4872 C:\Windows\System32\opengl32.dll - ok
20:21:35.0809 4872 [ 9110FFAD124283F37D38771BB60556AF ] C:\Windows\System32\dsound.dll
20:21:35.0809 4872 C:\Windows\System32\dsound.dll - ok
20:21:35.0824 4872 [ 24F4B480F335A6C724AF352253C5D98B ] C:\Windows\System32\thumbcache.dll
20:21:35.0824 4872 C:\Windows\System32\thumbcache.dll - ok
20:21:35.0840 4872 [ D70D6B42933C1174FE961F0BCA3573A3 ] C:\Program Files\TOSHIBA\FlashCards\TCrdEvnt.dll
20:21:35.0840 4872 C:\Program Files\TOSHIBA\FlashCards\TCrdEvnt.dll - ok
20:21:35.0855 4872 [ 405F4D32D2185F1F1BD753D8EEAFFB3A ] C:\Windows\System32\networkexplorer.dll
20:21:35.0855 4872 C:\Windows\System32\networkexplorer.dll - ok
20:21:35.0871 4872 [ 76849AB697E63D85CC35DD2F8AEA1C6B ] C:\Program Files\TOSHIBA\FlashCards\TCrdMain.dll
20:21:35.0871 4872 C:\Program Files\TOSHIBA\FlashCards\TCrdMain.dll - ok
20:21:35.0887 4872 [ F2967C0A97C0EA67D79D7F557213950D ] C:\Windows\System32\glu32.dll
20:21:35.0887 4872 C:\Windows\System32\glu32.dll - ok
20:21:35.0902 4872 [ 565E25C82AAE17EA97884B43F05A720E ] C:\Windows\System32\SynCOM.dll
20:21:35.0902 4872 C:\Windows\System32\SynCOM.dll - ok
20:21:35.0902 4872 [ A6C09924C6730DE8DEED9890A12AA691 ] C:\Windows\System32\ddraw.dll
20:21:35.0902 4872 C:\Windows\System32\ddraw.dll - ok
20:21:35.0918 4872 [ 69754747274B76E7FAF287239333D7E6 ] C:\Windows\System32\msiltcfg.dll
20:21:35.0918 4872 C:\Windows\System32\msiltcfg.dll - ok
20:21:35.0933 4872 [ 0F042176F243D71C552E9D07D2FCB141 ] C:\Program Files\TOSHIBA\FlashCards\BlackPng.dll
20:21:35.0933 4872 C:\Program Files\TOSHIBA\FlashCards\BlackPng.dll - ok
20:21:35.0949 4872 [ 5EB6E9C8BE1ACC5830780E0F9A846255 ] C:\Windows\System32\msi.dll
20:21:35.0949 4872 C:\Windows\System32\msi.dll - ok
20:21:35.0965 4872 [ 4936B83586C1F81630AE9C8EED6E356A ] C:\Windows\System32\SynTPAPI.dll
20:21:35.0965 4872 C:\Windows\System32\SynTPAPI.dll - ok
20:21:35.0980 4872 [ 29C22748937F45C26590909E9F8E7137 ] C:\Windows\System32\dciman32.dll
20:21:35.0980 4872 C:\Windows\System32\dciman32.dll - ok
20:21:35.0996 4872 [ E424B3EF666B184CEE0B6871AAA8C9F6 ] C:\Windows\System32\msimg32.dll
20:21:35.0996 4872 C:\Windows\System32\msimg32.dll - ok
20:21:36.0011 4872 [ 263E9A047D17CD50BAA9D3C02910D18D ] C:\Windows\System32\oledlg.dll
20:21:36.0011 4872 C:\Windows\System32\oledlg.dll - ok
20:21:36.0027 4872 [ 6B8966ECB093271DE794286850432225 ] C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
20:21:36.0027 4872 C:\Program Files\Synaptics\SynTP\SynTPHelper.exe - ok
20:21:36.0043 4872 [ 4C2C4640BF23AAFCF90519E0F34436CE ] C:\Windows\System32\DeviceCenter.dll
20:21:36.0043 4872 C:\Windows\System32\DeviceCenter.dll - ok
20:21:36.0058 4872 [ F82483A80D49ACCA81193A294FB233CD ] C:\Program Files\TOSHIBA\TosVolRegulator\TosVolRegulator.exe
20:21:36.0058 4872 C:\Program Files\TOSHIBA\TosVolRegulator\TosVolRegulator.exe - ok
20:21:36.0058 4872 [ 9C96B167C21F6DCCF68E96853B0A8F93 ] C:\Program Files\TOSHIBA\FlashCards\FnPRTSC.dll
20:21:36.0058 4872 C:\Program Files\TOSHIBA\FlashCards\FnPRTSC.dll - ok
20:21:36.0074 4872 [ 426350B428CD70D037A3326EB9E5EDFD ] C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosWaitSrv.exe
20:21:36.0074 4872 C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosWaitSrv.exe - ok
20:21:36.0089 4872 [ 0B5511674394666E9D221F8681B2C2E6 ] C:\Windows\System32\consent.exe
20:21:36.0089 4872 C:\Windows\System32\consent.exe - ok
20:21:36.0105 4872 [ 5F639198C4137075DA50E61C23963C11 ] C:\Windows\System32\drprov.dll
20:21:36.0105 4872 C:\Windows\System32\drprov.dll - ok
20:21:36.0121 4872 [ 0DC6669BC2B552C0ECC905B6B761F508 ] C:\Program Files\Microsoft Security Client\msseces.exe
20:21:36.0121 4872 C:\Program Files\Microsoft Security Client\msseces.exe - ok
20:21:36.0136 4872 [ BC566D17914B07ABAAB3A5A385CC3300 ] C:\Windows\System32\ntlanman.dll
20:21:36.0136 4872 C:\Windows\System32\ntlanman.dll - ok
20:21:36.0152 4872 [ E126445756DFE53F9788911BBD7BFF16 ] C:\Program Files\TOSHIBA\FlashCards\FnSticky.dll
20:21:36.0152 4872 C:\Program Files\TOSHIBA\FlashCards\FnSticky.dll - ok
20:21:36.0167 4872 [ B3A33600DCDFB84D7FBE09ADEB1C9B8A ] C:\Windows\System32\davclnt.dll
20:21:36.0167 4872 C:\Windows\System32\davclnt.dll - ok
20:21:36.0167 4872 [ 1C937AA6A3E2E5F5F650686437AE2854 ] C:\Program Files\TOSHIBA\FlashCards\SmoothView.dll
20:21:36.0167 4872 C:\Program Files\TOSHIBA\FlashCards\SmoothView.dll - ok
20:21:36.0183 4872 [ 45B24A357C801CE62052FE0CDC8BD4D2 ] C:\Windows\System32\davhlpr.dll
20:21:36.0183 4872 C:\Windows\System32\davhlpr.dll - ok
20:21:36.0199 4872 [ 5D61BE7DB55B026A5D61A3EED09D0EAD ] C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
20:21:36.0199 4872 C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe - ok
20:21:36.0214 4872 [ D233C7FEAE3FAA25F93A9E6B46815ADC ] C:\Windows\winsxs\amd64_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.6161_none_08e61857a83bc251\msvcr90.dll
20:21:36.0214 4872 C:\Windows\winsxs\amd64_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.6161_none_08e61857a83bc251\msvcr90.dll - ok
20:21:36.0230 4872 [ C3761661C17C2248A9379A8FB89E3DE1 ] C:\Windows\System32\stobject.dll
20:21:36.0230 4872 C:\Windows\System32\stobject.dll - ok
20:21:36.0245 4872 [ 0805289E121F3E3C458C970B08314EB2 ] C:\Windows\System32\RtkCfg64.dll
20:21:36.0245 4872 C:\Windows\System32\RtkCfg64.dll - ok
20:21:36.0261 4872 [ F832EEEA97CDDA1AF577E721F652A0D1 ] C:\Windows\System32\batmeter.dll
20:21:36.0261 4872 C:\Windows\System32\batmeter.dll - ok
20:21:36.0277 4872 [ D66423EB59EA81B1D9C0DE0AAFE2EB25 ] C:\Program Files\TOSHIBA\TBS\TBSMain.dll
20:21:36.0277 4872 C:\Program Files\TOSHIBA\TBS\TBSMain.dll - ok
20:21:36.0277 4872 [ CACB1FB9B211A8BEF470A78FC573AEBA ] C:\Program Files\TOSHIBA\FlashCards\Hotkey\Brightness.dll
20:21:36.0277 4872 C:\Program Files\TOSHIBA\FlashCards\Hotkey\Brightness.dll - ok
20:21:36.0292 4872 [ BE56D0547E24644DEEB19397521B1EAA ] C:\Program Files (x86)\Google\GoogleToolbarNotifier\5.7.7529.1424\gtn.dll
20:21:36.0292 4872 C:\Program Files (x86)\Google\GoogleToolbarNotifier\5.7.7529.1424\gtn.dll - ok
20:21:36.0308 4872 [ 241AF87821FDA0F5792037B779F49BE0 ] C:\Windows\winsxs\amd64_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.6161_none_08e61857a83bc251\msvcp90.dll
20:21:36.0308 4872 C:\Windows\winsxs\amd64_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.6161_none_08e61857a83bc251\msvcp90.dll - ok
20:21:36.0323 4872 [ EFE8A50B9AE0205D399E94E89E244E65 ] C:\Program Files\TOSHIBA\Power Saver\TCooling.dll
20:21:36.0323 4872 C:\Program Files\TOSHIBA\Power Saver\TCooling.dll - ok
20:21:36.0339 4872 [ 43AA2EFD14590DE58A545BF3B28ED09F ] C:\Program Files\TOSHIBA\FlashCards\Hotkey\FnF8Dll.dll
20:21:36.0339 4872 C:\Program Files\TOSHIBA\FlashCards\Hotkey\FnF8Dll.dll - ok
20:21:36.0355 4872 [ 839F96DBAAFD3353E0B248A5E0BD2A51 ] C:\Windows\SysWOW64\rasapi32.dll
20:21:36.0355 4872 C:\Windows\SysWOW64\rasapi32.dll - ok
20:21:36.0370 4872 [ E542A10321E884C2C50290AC67E82DAE ] C:\Program Files\TOSHIBA\Power Saver\TOddPwr.dll
20:21:36.0370 4872 C:\Program Files\TOSHIBA\Power Saver\TOddPwr.dll - ok
20:21:36.0386 4872 [ 357BE883C5236BFC7341CB9E82308908 ] C:\Windows\System32\wlanapi.dll
20:21:36.0386 4872 C:\Windows\System32\wlanapi.dll - ok
20:21:36.0401 4872 [ 60FB378B6D1C80DC69DD80F8E05D4346 ] C:\Program Files\TOSHIBA\Power Saver\TPwrSrv.dll
20:21:36.0401 4872 C:\Program Files\TOSHIBA\Power Saver\TPwrSrv.dll - ok
20:21:36.0417 4872 [ 11615D80DC10ABB83D2A9002B70A4E36 ] C:\Program Files\TOSHIBA\FlashCards\TWarnMsg\TWarnMsg.dll
20:21:36.0417 4872 C:\Program Files\TOSHIBA\FlashCards\TWarnMsg\TWarnMsg.dll - ok
20:21:36.0433 4872 [ FFA7172354B9256DBB2CDD75F16F33FE ] C:\Windows\SysWOW64\rasman.dll
20:21:36.0433 4872 C:\Windows\SysWOW64\rasman.dll - ok
20:21:36.0433 4872 [ 0915C4DB6DBC3BB9E11B7ECBBE4B7159 ] C:\Windows\SysWOW64\rtutils.dll
20:21:36.0433 4872 C:\Windows\SysWOW64\rtutils.dll - ok
20:21:36.0448 4872 [ BC51263DEF5774BF213BFA05AE046705 ] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe
20:21:36.0448 4872 C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe - ok
20:21:36.0464 4872 [ B3F4982BD2542AB40AFA6D6E695E5E06 ] C:\Program Files\TOSHIBA\Power Saver\TPwrBrightness.dll
20:21:36.0464 4872 C:\Program Files\TOSHIBA\Power Saver\TPwrBrightness.dll - ok
20:21:36.0479 4872 [ 2D2A6EC8EAD30EC3ACE2FD6FB1B3E122 ] C:\Windows\System32\prnfldr.dll
20:21:36.0479 4872 C:\Windows\System32\prnfldr.dll - ok
20:21:36.0495 4872 [ 1AC9B56AC7E043AC2874D61CBCED5F49 ] C:\Program Files\TOSHIBA\FlashCards\Hotkey\Mute.dll
20:21:36.0495 4872 C:\Program Files\TOSHIBA\FlashCards\Hotkey\Mute.dll - ok
20:21:36.0511 4872 [ EF9F69074FF0A48DD30FEF5A33518D86 ] C:\Program Files (x86)\Google\GoogleToolbarNotifier\5.7.7529.1424\swg.dll
20:21:36.0511 4872 C:\Program Files (x86)\Google\GoogleToolbarNotifier\5.7.7529.1424\swg.dll - ok
20:21:36.0511 4872 [ 270A1342BD5AF95CA25A586B4C2F1522 ] C:\Program Files (x86)\Internet Explorer\iexplore.exe
20:21:36.0511 4872 C:\Program Files (x86)\Internet Explorer\iexplore.exe - ok
20:21:36.0526 4872 [ F164E175B6092D3BA0DC7056487717BC ] C:\Program Files\TOSHIBA\Power Saver\T1394Pwr.dll
20:21:36.0526 4872 C:\Program Files\TOSHIBA\Power Saver\T1394Pwr.dll - ok
20:21:36.0542 4872 [ DC5B5D3A1BF59A74ECA9C2EBB34574BE ] C:\Program Files\Microsoft Security Client\MsMpRes.dll
20:21:36.0542 4872 C:\Program Files\Microsoft Security Client\MsMpRes.dll - ok
20:21:36.0557 4872 [ 1705B6E6E1D883965F32C7D3B8E78CE6 ] C:\Program Files (x86)\Toshiba\TOSHIBA Service Station\ToshibaServiceStation.exe
20:21:36.0557 4872 C:\Program Files (x86)\Toshiba\TOSHIBA Service Station\ToshibaServiceStation.exe - ok
20:21:36.0573 4872 [ E436C2E89416F31699F2A3CA79DDC095 ] C:\Program Files\TOSHIBA\Power Saver\TKBLEDPwr.dll
20:21:36.0573 4872 C:\Program Files\TOSHIBA\Power Saver\TKBLEDPwr.dll - ok
20:21:36.0589 4872 [ DDEA7F06F8A00E706C4DB75D7C6F2612 ] C:\Program Files\TOSHIBA\HDD Protection\Thp3dv.exe
20:21:36.0589 4872 C:\Program Files\TOSHIBA\HDD Protection\Thp3dv.exe - ok
20:21:36.0604 4872 [ 995BEB69AE5C50D354894354F5A6CD5A ] C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
20:21:36.0604 4872 C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe - ok
20:21:36.0620 4872 [ 619A67C9F617B7E69315BB28ECD5E1DF ] C:\Windows\System32\wbem\WmiPrvSE.exe
20:21:36.0620 4872 C:\Windows\System32\wbem\WmiPrvSE.exe - ok
20:21:36.0635 4872 [ C4CA3DBBCEC3136D37DA20B50291E63A ] C:\Program Files\TOSHIBA\Power Saver\TSDPwr.dll
20:21:36.0635 4872 C:\Program Files\TOSHIBA\Power Saver\TSDPwr.dll - ok
20:21:36.0651 4872 [ 5997D769CDB108390DCFAEBF442BF816 ] C:\Windows\SysWOW64\RpcRtRemote.dll
20:21:36.0651 4872 C:\Windows\SysWOW64\RpcRtRemote.dll - ok
20:21:36.0667 4872 [ DF987E7AA36D53411B1087B246739326 ] C:\Program Files\TOSHIBA\Power Saver\TPCIePwr.dll
20:21:36.0667 4872 C:\Program Files\TOSHIBA\Power Saver\TPCIePwr.dll - ok
20:21:36.0667 4872 [ A08C010D859F8EB42BDD7E1D55B8CA27 ] C:\Windows\System32\mscoree.dll
20:21:36.0667 4872 C:\Windows\System32\mscoree.dll - ok
20:21:36.0682 4872 [ 2A436796758BF2555A26C770FE8A6FEE ] C:\Windows\System32\fdProxy.dll
20:21:36.0682 4872 C:\Windows\System32\fdProxy.dll - ok
20:21:36.0698 4872 [ 919001D2BB17DF06CA3F8AC16AD039F6 ] C:\Windows\SysWOW64\sxs.dll
20:21:36.0698 4872 C:\Windows\SysWOW64\sxs.dll - ok
20:21:36.0713 4872 [ 42A9CB6906D9A8BEDC83B57163E62924 ] C:\Windows\System32\DXP.dll
20:21:36.0713 4872 C:\Windows\System32\DXP.dll - ok
20:21:36.0729 4872 [ 76F123E491B26DAAD5DFBC20FC5996DB ] C:\Program Files\TOSHIBA\Power Saver\TScreen.dll
20:21:36.0729 4872 C:\Program Files\TOSHIBA\Power Saver\TScreen.dll - ok
20:21:36.0745 4872 [ AA794B099F776B37ACCDEAD00E0FBFC9 ] C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscoreei.dll
20:21:36.0745 4872 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscoreei.dll - ok
20:21:36.0745 4872 [ 494DF8940225873DE62C1A730B301F57 ] C:\Windows\SysWOW64\atiadlxy.dll
20:21:36.0745 4872 C:\Windows\SysWOW64\atiadlxy.dll - ok
20:21:36.0760 4872 [ 02CD5B2C3B017122CAC00BDB520CD7AC ] C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorwks.dll
20:21:36.0760 4872 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorwks.dll - ok
20:21:36.0776 4872 [ 2BC7C9FD0A9F2C9AFC373F3AD1EE3891 ] C:\Windows\System32\Syncreg.dll
20:21:36.0776 4872 C:\Windows\System32\Syncreg.dll - ok
20:21:36.0791 4872 [ 07AD88DF9EF73215458867EFC1BFFE9E ] C:\Windows\System32\wbem\wmiprov.dll
20:21:36.0791 4872 C:\Windows\System32\wbem\wmiprov.dll - ok
20:21:36.0807 4872 [ C836175870E00ACC546066632E15BD10 ] C:\Windows\ehome\ehSSO.dll
20:21:36.0807 4872 C:\Windows\ehome\ehSSO.dll - ok
20:21:36.0823 4872 [ C861851A0BBD9903E324487011AA3705 ] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
20:21:36.0823 4872 C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe - ok
20:21:36.0838 4872 [ 93812FDC01AA864195816CD814445F95 ] C:\Program Files\Microsoft Security Client\sqmapi.dll
20:21:36.0838 4872 C:\Program Files\Microsoft Security Client\sqmapi.dll - ok
20:21:36.0854 4872 [ A42F2C1EB3B66C54FB3C7B79D30C1A6D ] C:\Windows\System32\netshell.dll
20:21:36.0854 4872 C:\Windows\System32\netshell.dll - ok
20:21:36.0869 4872 [ 01AEA2F16FE0C522DDFD7FAFFC959C6A ] C:\Windows\assembly\NativeImages_v2.0.50727_64\mscorlib\74a5f0c2bc0d0e6e3c4ec4886b9be891\mscorlib.ni.dll
20:21:36.0869 4872 C:\Windows\assembly\NativeImages_v2.0.50727_64\mscorlib\74a5f0c2bc0d0e6e3c4ec4886b9be891\mscorlib.ni.dll - ok
20:21:36.0885 4872 [ 92DBF0A4C9239169010FC6E07859C82E ] C:\Windows\System32\ActionCenter.dll
20:21:36.0885 4872 C:\Windows\System32\ActionCenter.dll - ok
20:21:36.0885 4872 [ 3ABB7ADB9CCBCD24D6C55201A3842A94 ] C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorjit.dll
20:21:36.0885 4872 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorjit.dll - ok
20:21:36.0901 4872 [ C746F3BF98E92FB137B5BD2B8B5925BD ] C:\Windows\System32\FXSST.dll
20:21:36.0901 4872 C:\Windows\System32\FXSST.dll - ok
20:21:36.0916 4872 [ 650CAEA856943E29F25A25D31E004B18 ] C:\Windows\System32\FXSAPI.dll
20:21:36.0916 4872 C:\Windows\System32\FXSAPI.dll - ok
20:21:36.0932 4872 [ 8BE887F1743FBB39ED2C9CA2937742D6 ] C:\Windows\assembly\NativeImages_v2.0.50727_64\System\f3888a2c7b096d416ca0cfc5405219b4\System.ni.dll
20:21:36.0932 4872 C:\Windows\assembly\NativeImages_v2.0.50727_64\System\f3888a2c7b096d416ca0cfc5405219b4\System.ni.dll - ok
20:21:36.0947 4872 [ E7368F0A8D19445EAF5C5D0DBB8B8DAB ] C:\Windows\System32\AltTab.dll
20:21:36.0947 4872 C:\Windows\System32\AltTab.dll - ok
20:21:36.0963 4872 [ C8FDF0FA9E97E2FAAF3F814716AAA881 ] C:\Windows\System32\WPDShServiceObj.dll
20:21:36.0963 4872 C:\Windows\System32\WPDShServiceObj.dll - ok
20:21:36.0963 4872 [ C8E8B8239FCF17BEA10E751BE5854631 ] C:\Windows\System32\FXSRESM.dll
20:21:36.0963 4872 C:\Windows\System32\FXSRESM.dll - ok
20:21:36.0979 4872 [ 4F3CD1C59EA71401E155C432BCECE180 ] C:\Windows\System32\PortableDeviceTypes.dll
20:21:36.0979 4872 C:\Windows\System32\PortableDeviceTypes.dll - ok
20:21:36.0994 4872 [ B9F0A4020AA98B7A20287BF7FE99A1FD ] C:\Windows\System32\QUTIL.DLL
20:21:36.0994 4872 C:\Windows\System32\QUTIL.DLL - ok
20:21:37.0010 4872 [ 220159496484D34009DE71CA1A68E0D4 ] C:\Windows\System32\wbem\NCProv.dll
20:21:37.0010 4872 C:\Windows\System32\wbem\NCProv.dll - ok
20:21:37.0025 4872 [ 8569E35D00F45972E506502EEE622BA4 ] C:\Windows\System32\srchadmin.dll
20:21:37.0025 4872 C:\Windows\System32\srchadmin.dll - ok
20:21:37.0041 4872 [ F7A256EC899C72B4ECDD2C02CB592EFD ] C:\Windows\System32\bthprops.cpl
20:21:37.0041 4872 C:\Windows\System32\bthprops.cpl - ok
20:21:37.0057 4872 [ E0B340996A41C9A75DFA3B99BBA9C500 ] C:\Windows\System32\SearchIndexer.exe
20:21:37.0057 4872 C:\Windows\System32\SearchIndexer.exe - ok
20:21:37.0057 4872 [ DBEFD454F8318A0EF691FDD2EAAB44EB ] C:\Windows\System32\FXSSVC.exe
20:21:37.0072 4872 C:\Windows\System32\FXSSVC.exe - ok
20:21:37.0072 4872 [ 589DF683A6C81424A6CECE52ABF98A50 ] C:\Windows\System32\tquery.dll
20:21:37.0072 4872 C:\Windows\System32\tquery.dll - ok
20:21:37.0088 4872 [ 180A7380320AF73CCF7F7D8880CA2193 ] C:\Windows\System32\ieframe.dll
20:21:37.0088 4872 C:\Windows\System32\ieframe.dll - ok
20:21:37.0103 4872 [ 7568CC720ACE4D03B84AF97817E745EF ] C:\Windows\System32\mssrch.dll
20:21:37.0103 4872 C:\Windows\System32\mssrch.dll - ok
20:21:37.0119 4872 [ D79D19EC66106119DCD45D042C6B5170 ] C:\Windows\assembly\NativeImages_v2.0.50727_64\System.Drawing\88f8a6436dc95497fce0dae347646e53\System.Drawing.ni.dll
20:21:37.0119 4872 C:\Windows\assembly\NativeImages_v2.0.50727_64\System.Drawing\88f8a6436dc95497fce0dae347646e53\System.Drawing.ni.dll - ok
20:21:37.0135 4872 [ 3121A79D13A61562BE9CC902CD46B542 ] C:\Windows\System32\msidle.dll
20:21:37.0135 4872 C:\Windows\System32\msidle.dll - ok
20:21:37.0150 4872 [ ACE1BB07E0377E37A2C514CD2EC119B1 ] C:\Windows\System32\mssprxy.dll
20:21:37.0150 4872 C:\Windows\System32\mssprxy.dll - ok
20:21:37.0166 4872 [ 847D3AE376C0817161A14A82C8922A9E ] C:\Windows\System32\netman.dll
20:21:37.0166 4872 C:\Windows\System32\netman.dll - ok
20:21:37.0181 4872 [ C9FB9038B15036CA28CF0B4BE2BED9BD ] C:\Windows\System32\en-US\tquery.dll.mui
20:21:37.0181 4872 C:\Windows\System32\en-US\tquery.dll.mui - ok
20:21:37.0181 4872 [ D2155709E336C3BC15729EB87FEC6064 ] C:\Windows\System32\rasdlg.dll
20:21:37.0181 4872 C:\Windows\System32\rasdlg.dll - ok
20:21:37.0197 4872 [ EADFC95980BC24DF3C7EE5B2CD38F043 ] C:\Windows\assembly\NativeImages_v2.0.50727_64\System.Windows.Forms\d6af7216038720b1adeca71e81c14bd6\System.Windows.Forms.ni.dll
20:21:37.0197 4872 C:\Windows\assembly\NativeImages_v2.0.50727_64\System.Windows.Forms\d6af7216038720b1adeca71e81c14bd6\System.Windows.Forms.ni.dll - ok
20:21:37.0213 4872 [ F9AFD12BB4B1CFA5FCC0A5B37C604FD2 ] C:\Windows\System32\dot3api.dll
20:21:37.0213 4872 C:\Windows\System32\dot3api.dll - ok
20:21:37.0228 4872 [ F146E2BA475893DD77B2370DC1211FC6 ] C:\Windows\System32\drivers\21462505.sys
20:21:37.0228 4872 C:\Windows\System32\drivers\21462505.sys - ok
20:21:37.0244 4872 [ E4FCA0F99A41E460C84016DEFD31E6EF ] C:\Windows\System32\wlanhlp.dll
20:21:37.0244 4872 C:\Windows\System32\wlanhlp.dll - ok
20:21:37.0244 4872 [ 6699A112A3BDC9B52338512894EBA9D6 ] C:\Program Files\Windows Media Player\wmpnscfg.exe
20:21:37.0244 4872 C:\Program Files\Windows Media Player\wmpnscfg.exe - ok
20:21:37.0259 4872 [ 5DA219F57A9076FB6FBD3C9C3713A672 ] C:\Windows\System32\WWanAPI.dll
20:21:37.0259 4872 C:\Windows\System32\WWanAPI.dll - ok
20:21:37.0275 4872 [ 62C7AACC746C9723468A8F2169ED3E85 ] C:\Windows\System32\wwapi.dll
20:21:37.0275 4872 C:\Windows\System32\wwapi.dll - ok
20:21:37.0291 4872 [ 6B851E682A36453E1B1EE297FFB6E2AB ] C:\Windows\System32\QAGENT.DLL
20:21:37.0291 4872 C:\Windows\System32\QAGENT.DLL - ok
20:21:37.0306 4872 [ C7494C67A6BF6FE914808E42F8265FEF ] C:\Program Files\Windows Media Player\wmpnssci.dll
20:21:37.0306 4872 C:\Program Files\Windows Media Player\wmpnssci.dll - ok
20:21:37.0322 4872 [ D64D99EC088B54FFE8EE67A480386C20 ] C:\Windows\Microsoft.NET\Framework64\v2.0.50727\Culture.dll
20:21:37.0322 4872 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\Culture.dll - ok
20:21:37.0337 4872 [ A9F3BFC9345F49614D5859EC95B9E994 ] C:\Program Files\Windows Media Player\wmpnetwk.exe
20:21:37.0337 4872 C:\Program Files\Windows Media Player\wmpnetwk.exe - ok
20:21:37.0353 4872 [ 102CF6879887BBE846A00C459E6D4ABC ] C:\Windows\SysWOW64\riched20.dll
20:21:37.0353 4872 C:\Windows\SysWOW64\riched20.dll - ok
20:21:37.0369 4872 [ 5DCD11D0B1CB71E2B035B30670365C35 ] C:\Windows\assembly\NativeImages_v2.0.50727_64\System.Runtime.Remo#\6c3851b925e2a31ddefb3d36bb9163cb\System.Runtime.Remoting.ni.dll
20:21:37.0369 4872 C:\Windows\assembly\NativeImages_v2.0.50727_64\System.Runtime.Remo#\6c3851b925e2a31ddefb3d36bb9163cb\System.Runtime.Remoting.ni.dll - ok
20:21:37.0384 4872 [ E2A17BCC08D92F42E08AF6BA2F93ABA7 ] C:\Windows\SysWOW64\ExplorerFrame.dll
20:21:37.0384 4872 C:\Windows\SysWOW64\ExplorerFrame.dll - ok
20:21:37.0400 4872 [ CDAD3376DFF3D9AC7FDCBE2B94B0D3C8 ] C:\Windows\System32\shfolder.dll
20:21:37.0400 4872 C:\Windows\System32\shfolder.dll - ok
20:21:37.0400 4872 [ E36112A8A6C7F840169A7E92C12F4203 ] C:\Windows\System32\wsock32.dll
20:21:37.0400 4872 C:\Windows\System32\wsock32.dll - ok
20:21:37.0415 4872 [ 423982DD851406A52B6399DDB196C606 ] C:\Windows\System32\wmdrmdev.dll
20:21:37.0415 4872 C:\Windows\System32\wmdrmdev.dll - ok
20:21:37.0431 4872 [ 2C1055E2C6D42753241FB2A129136994 ] C:\Windows\System32\drmv2clt.dll
20:21:37.0431 4872 C:\Windows\System32\drmv2clt.dll - ok
20:21:37.0447 4872 [ 54B5DCD55B223BC5DF50B82E1E9E86B1 ] C:\Windows\System32\mfplat.dll
20:21:37.0447 4872 C:\Windows\System32\mfplat.dll - ok
20:21:37.0462 4872 [ D28C5A1411BB0B47E05E0D6AAF896690 ] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
20:21:37.0462 4872 C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe - ok
20:21:37.0478 4872 [ 6E1F8165C365D35C8E3C045AF0CDD481 ] C:\Windows\SysWOW64\duser.dll
20:21:37.0478 4872 C:\Windows\SysWOW64\duser.dll - ok
20:21:37.0493 4872 [ 97A891E2BF7FDA830BCFC6269DA3F5E9 ] C:\Windows\System32\blackbox.dll
20:21:37.0493 4872 C:\Windows\System32\blackbox.dll - ok
20:21:37.0493 4872 [ EE06B85BC69F18826302348A2AD089E0 ] C:\Windows\SysWOW64\dui70.dll
20:21:37.0493 4872 C:\Windows\SysWOW64\dui70.dll - ok
20:21:37.0509 4872 [ E19AD0D49BFF5938B3E374873AC174DE ] C:\Windows\System32\wmploc.DLL
20:21:37.0509 4872 C:\Windows\System32\wmploc.DLL - ok
20:21:37.0525 4872 [ 96DB78C9C50CEED9DA5050EFFEE272A2 ] C:\Windows\System32\upnp.dll
20:21:37.0525 4872 C:\Windows\System32\upnp.dll - ok
20:21:37.0540 4872 [ 51B52FBD583CDE8AA9BA62B8B4298F33 ] C:\Windows\System32\ssdpsrv.dll
20:21:37.0540 4872 C:\Windows\System32\ssdpsrv.dll - ok
20:21:37.0556 4872 [ 3819AD4329303EAC88480CA16A650735 ] C:\Windows\System32\UIAnimation.dll
20:21:37.0556 4872 C:\Windows\System32\UIAnimation.dll - ok
20:21:37.0571 4872 [ D7CEAEDD5F75D2C8A2E80887D7C114CE ] C:\Windows\System32\webcheck.dll
20:21:37.0571 4872 C:\Windows\System32\webcheck.dll - ok
20:21:37.0587 4872 [ 8494E126F0B10180F3293AF861CE1F7A ] C:\Windows\System32\mlang.dll
20:21:37.0587 4872 C:\Windows\System32\mlang.dll - ok
20:21:37.0587 4872 [ D9E21CBF9E6A87847AFFD39EA3FA28EE ] C:\Windows\System32\SearchProtocolHost.exe
20:21:37.0603 4872 C:\Windows\System32\SearchProtocolHost.exe - ok
20:21:37.0603 4872 [ 101797BA603D227946B4B5109867EB19 ] C:\Windows\System32\SyncCenter.dll
20:21:37.0603 4872 C:\Windows\System32\SyncCenter.dll - ok
20:21:37.0618 4872 [ E63EAF09FC29954D7F8EAB2DEF495062 ] C:\Windows\assembly\NativeImages_v2.0.50727_64\System.Web\193e9d54d5a1785730cc76195c3ed9c6\System.Web.ni.dll
20:21:37.0618 4872 C:\Windows\assembly\NativeImages_v2.0.50727_64\System.Web\193e9d54d5a1785730cc76195c3ed9c6\System.Web.ni.dll - ok
20:21:37.0634 4872 [ D2A5B2B09F2AF5ED13BF494508B09788 ] C:\Windows\System32\msshooks.dll
20:21:37.0634 4872 C:\Windows\System32\msshooks.dll - ok
20:21:37.0649 4872 [ 49A3AD5CE578CD77F445F3D244AEAB2D ] C:\Windows\System32\SearchFilterHost.exe
20:21:37.0649 4872 C:\Windows\System32\SearchFilterHost.exe - ok
20:21:37.0665 4872 [ 8130391F82D52D36C0441F714136957F ] C:\Windows\System32\imapi2.dll
20:21:37.0665 4872 C:\Windows\System32\imapi2.dll - ok
20:21:37.0681 4872 [ 48041BAEB60CE5F34F13CC2A1361E49C ] C:\Windows\System32\mssph.dll
20:21:37.0681 4872 C:\Windows\System32\mssph.dll - ok
20:21:37.0696 4872 [ 6A5C1A8AC0B572679361026D0E900420 ] C:\Windows\System32\hgcpl.dll
20:21:37.0696 4872 C:\Windows\System32\hgcpl.dll - ok
20:21:37.0696 4872 [ 8F4BB0CFECED925D440ABC2481278360 ] C:\Windows\System32\mapi32.dll
20:21:37.0696 4872 C:\Windows\System32\mapi32.dll - ok
20:21:37.0712 4872 [ 0438CAB2E03F4FB61455A7956026FE86 ] C:\Windows\System32\fdPHost.dll
20:21:37.0712 4872 C:\Windows\System32\fdPHost.dll - ok
20:21:37.0727 4872 [ 171D7DB433314A868507C4326E8209DC ] C:\Windows\System32\fdWSD.dll
20:21:37.0727 4872 C:\Windows\System32\fdWSD.dll - ok
20:21:37.0743 4872 [ A555EC9827745E760BBABB7C6D4CE37F ] C:\Program Files\Internet Explorer\ieproxy.dll
20:21:37.0743 4872 C:\Program Files\Internet Explorer\ieproxy.dll - ok
20:21:37.0759 4872 [ A2E5B2D20954210DCE1A75A1FC8CC36D ] C:\Windows\System32\fdSSDP.dll
20:21:37.0759 4872 C:\Windows\System32\fdSSDP.dll - ok
20:21:37.0759 4872 [ 355A138ABDFD43FBABCAE3A1B06AB93D ] C:\Windows\System32\wmpps.dll
20:21:37.0759 4872 C:\Windows\System32\wmpps.dll - ok
20:21:37.0774 4872 [ F149E8CAE538DBF7059B00326673F602 ] C:\Windows\System32\wmpmde.dll
20:21:37.0774 4872 C:\Windows\System32\wmpmde.dll - ok
20:21:37.0790 4872 [ EFDFB3DD38A4376F93E7985173813ABD ] C:\Windows\System32\ListSvc.dll
20:21:37.0790 4872 C:\Windows\System32\ListSvc.dll - ok
20:21:37.0805 4872 [ B6411CED931AFD059E48C52DBFBA95B4 ] C:\Windows\System32\P2P.dll
20:21:37.0805 4872 C:\Windows\System32\P2P.dll - ok
20:21:37.0821 4872 [ 4A82EA2807B16FF577AEAF8ADB8779FF ] C:\Windows\System32\IdListen.dll
20:21:37.0821 4872 C:\Windows\System32\IdListen.dll - ok
20:21:37.0837 4872 [ A0524499F4C63CADA7E1529FC77F5DC1 ] C:\Windows\System32\hgprint.dll
20:21:37.0837 4872 C:\Windows\System32\hgprint.dll - ok
20:21:37.0852 4872 [ 3EAC4455472CC2C97107B5291E0DCAFE ] C:\Windows\System32\pnrpsvc.dll
20:21:37.0852 4872 C:\Windows\System32\pnrpsvc.dll - ok
20:21:37.0868 4872 [ 021287C2050FD5DB4A8B084E2C38139C ] C:\Windows\System32\WinSATAPI.dll
20:21:37.0868 4872 C:\Windows\System32\WinSATAPI.dll - ok
20:21:37.0868 4872 [ 66C87DB880052104808507D6FA84D68E ] C:\Program Files\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
20:21:37.0883 4872 C:\Program Files\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL - ok
20:21:37.0883 4872 [ B0F69B9DE0AEBFD7E4CEADE6758DF627 ] C:\Windows\System32\SearchFolder.dll
20:21:37.0883 4872 C:\Windows\System32\SearchFolder.dll - ok
20:21:37.0899 4872 [ 28A7D7C7E2FDD1D55F12F750CD6331EC ] C:\Windows\System32\MSMPEG2ENC.DLL
20:21:37.0899 4872 C:\Windows\System32\MSMPEG2ENC.DLL - ok
20:21:37.0915 4872 [ 46767946E7B559D981C1DC04EC0AB36F ] C:\Windows\System32\devenum.dll
20:21:37.0915 4872 C:\Windows\System32\devenum.dll - ok
20:21:37.0930 4872 [ 558C42D165DB5799B4072DC0A9C27C0B ] C:\Windows\System32\msdmo.dll
20:21:37.0930 4872 C:\Windows\System32\msdmo.dll - ok
20:21:37.0946 4872 [ B2833CF2297A69854353660214BFA93C ] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MMLoadDrv.exe
20:21:37.0946 4872 C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MMLoadDrv.exe - ok
20:21:37.0961 4872 [ 927463ECB02179F88E4B9A17568C63C3 ] C:\Windows\System32\p2psvc.dll
20:21:37.0961 4872 C:\Windows\System32\p2psvc.dll - ok
20:21:37.0977 4872 [ D47EC6A8E81633DD18D2436B19BAF6DE ] C:\Windows\System32\upnphost.dll
20:21:37.0977 4872 C:\Windows\System32\upnphost.dll - ok
20:21:37.0993 4872 [ A4B3A9FFA483F8CB36E56C19448DDE36 ] C:\Windows\assembly\NativeImages_v2.0.50727_64\System.Xml\52e2da35b160dbd254683f72a0f1b937\System.Xml.ni.dll
20:21:37.0993 4872 C:\Windows\assembly\NativeImages_v2.0.50727_64\System.Xml\52e2da35b160dbd254683f72a0f1b937\System.Xml.ni.dll - ok
20:21:38.0008 4872 [ 3AEE02CEDAA3ACD14F9D7E038E44D6D1 ] C:\Windows\System32\P2PGraph.dll
20:21:38.0008 4872 C:\Windows\System32\P2PGraph.dll - ok
20:21:38.0008 4872 [ 67EC459E42D3081DD8FD34356F7CAFC1 ] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\msvcr100.dll
20:21:38.0008 4872 C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\msvcr100.dll - ok
20:21:38.0024 4872 [ 0AE0C4955E1DE29CCDC9DA1B816FE5EE ] C:\Windows\SysWOW64\quartz.dll
20:21:38.0024 4872 C:\Windows\SysWOW64\quartz.dll - ok
20:21:38.0039 4872 [ 6EF5F3F18413C367195F06E503AB86A6 ] C:\Windows\SysWOW64\d3d9.dll
20:21:38.0039 4872 C:\Windows\SysWOW64\d3d9.dll - ok
20:21:38.0055 4872 [ 77B1471A490B53B24EFE136F09F76550 ] C:\Windows\SysWOW64\d3d8thk.dll
20:21:38.0055 4872 C:\Windows\SysWOW64\d3d8thk.dll - ok
20:21:38.0071 4872 [ FF855B794961EC8785FD5CCB7B8285D3 ] C:\Windows\SysWOW64\aticfx32.dll
20:21:38.0071 4872 C:\Windows\SysWOW64\aticfx32.dll - ok
20:21:38.0086 4872 [ 8C338238C16777A802D6A9211EB2BA50 ] C:\Windows\SysWOW64\netprofm.dll
20:21:38.0086 4872 C:\Windows\SysWOW64\netprofm.dll - ok
20:21:38.0102 4872 [ 06D3E7B7A0637653B4BE150343C446DD ] C:\Windows\SysWOW64\atiu9pag.dll
20:21:38.0102 4872 C:\Windows\SysWOW64\atiu9pag.dll - ok
20:21:38.0117 4872 [ EC6E496F31542484F3A4E9DBB8BEE881 ] C:\Windows\SysWOW64\atiumdag.dll
20:21:38.0117 4872 C:\Windows\SysWOW64\atiumdag.dll - ok
20:21:38.0117 4872 [ 0BA65122FFA7E37564EE86422DBF7AE8 ] C:\Windows\SysWOW64\nlaapi.dll
20:21:38.0117 4872 C:\Windows\SysWOW64\nlaapi.dll - ok
20:21:38.0133 4872 [ 15E298B5EC5B89C5994A59863969D9FF ] C:\Windows\SysWOW64\npmproxy.dll
20:21:38.0133 4872 C:\Windows\SysWOW64\npmproxy.dll - ok
20:21:38.0149 4872 [ D4C846383EB421AB36C403C6543279C6 ] C:\Windows\SysWOW64\atiumdva.dll
20:21:38.0149 4872 C:\Windows\SysWOW64\atiumdva.dll - ok
20:21:38.0164 4872 [ 8D1BB1E5A033E8817EF94A9047630165 ] C:\Windows\SysWOW64\mshtml.dll
20:21:38.0164 4872 C:\Windows\SysWOW64\mshtml.dll - ok
20:21:38.0180 4872 [ 1F27643C4C626457FCE8F047AE1CD7E1 ] C:\Windows\SysWOW64\dxva2.dll
20:21:38.0180 4872 C:\Windows\SysWOW64\dxva2.dll - ok
20:21:38.0195 4872 [ 5D0E28A22860E487148B2820309C0063 ] C:\Windows\assembly\NativeImages_v2.0.50727_64\System.Configuration\ac14913a11af4bfae0b8eb913a46a161\System.Configuration.ni.dll
20:21:38.0195 4872 C:\Windows\assembly\NativeImages_v2.0.50727_64\System.Configuration\ac14913a11af4bfae0b8eb913a46a161\System.Configuration.ni.dll - ok
20:21:38.0211 4872 [ 7ADAAE8157F303854B9944529D4C50C9 ] C:\Windows\System32\atipdl64.dll
20:21:38.0211 4872 C:\Windows\System32\atipdl64.dll - ok
20:21:38.0227 4872 [ 71E68F2443A80BD4DA89181889C457EA ] C:\Windows\System32\udhisapi.dll
20:21:38.0227 4872 C:\Windows\System32\udhisapi.dll - ok
20:21:38.0242 4872 [ 9A85ABCE0FDD1AF8E79E731EB0B679F3 ] C:\Windows\SysWOW64\dhcpcsvc.dll
20:21:38.0242 4872 C:\Windows\SysWOW64\dhcpcsvc.dll - ok
20:21:38.0258 4872 [ 81F6C1AE23B1C493D9E996C3103915D7 ] C:\Windows\SysWOW64\dhcpcsvc6.dll
20:21:38.0258 4872 C:\Windows\SysWOW64\dhcpcsvc6.dll - ok
20:21:38.0258 4872 [ 76F39902E25F43FE9450AD3D6A14D0D8 ] C:\Windows\assembly\NativeImages_v2.0.50727_64\WindowsBase\60ab562d9fe10d1782ed705ef2beb95a\WindowsBase.ni.dll
20:21:38.0258 4872 C:\Windows\assembly\NativeImages_v2.0.50727_64\WindowsBase\60ab562d9fe10d1782ed705ef2beb95a\WindowsBase.ni.dll - ok
20:21:38.0273 4872 [ 2E7ADF9B0389CD94605717784D7E416A ] C:\Windows\System32\drttransport.dll
20:21:38.0273 4872 C:\Windows\System32\drttransport.dll - ok
20:21:38.0289 4872 [ C57BC99A4467B3E8F1CC2184A3F46729 ] C:\Windows\System32\drt.dll
20:21:38.0289 4872 C:\Windows\System32\drt.dll - ok
20:21:38.0305 4872 [ 8EE6BDE1D572677AA35707C52C585F75 ] C:\Windows\SysWOW64\mlang.dll
20:21:38.0305 4872 C:\Windows\SysWOW64\mlang.dll - ok
20:21:38.0320 4872 [ 72AB8C3F8AB7B550A896357C9E0896DA ] C:\Windows\assembly\NativeImages_v2.0.50727_64\PresentationCore\2abfa3ca7ad3cc6f199158e6663f3006\PresentationCore.ni.dll
20:21:38.0320 4872 C:\Windows\assembly\NativeImages_v2.0.50727_64\PresentationCore\2abfa3ca7ad3cc6f199158e6663f3006\PresentationCore.ni.dll - ok
20:21:38.0336 4872 [ 1D1EAA16D193C6A2D45981ED3914D22A ] C:\Windows\SysWOW64\msimtf.dll
20:21:38.0336 4872 C:\Windows\SysWOW64\msimtf.dll - ok
20:21:38.0336 4872 [ 1EA7969E3271CBC59E1730697DC74682 ] C:\Windows\System32\qmgr.dll
20:21:38.0336 4872 C:\Windows\System32\qmgr.dll - ok
20:21:38.0351 4872 [ 35AAE2E841AA1A949775168E119482C9 ] C:\Windows\SysWOW64\msls31.dll
20:21:38.0351 4872 C:\Windows\SysWOW64\msls31.dll - ok
20:21:38.0367 4872 [ 962C8A3AF8CA4ABF553E367368565335 ] C:\Windows\SysWOW64\jscript9.dll
20:21:38.0367 4872 C:\Windows\SysWOW64\jscript9.dll - ok
20:21:38.0383 4872 [ 29409ED7400CA5BCCC30C0EE5147A60D ] C:\Windows\System32\bitsperf.dll
20:21:38.0383 4872 C:\Windows\System32\bitsperf.dll - ok
20:21:38.0398 4872 [ D9431DCF90B0253773F51FDEFE7FD42F ] C:\Windows\System32\bitsigd.dll
20:21:38.0398 4872 C:\Windows\System32\bitsigd.dll - ok
20:21:38.0414 4872 [ C5A75EB48E2344ABDC162BDA79E16841 ] C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
20:21:38.0414 4872 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe - ok
20:21:38.0429 4872 [ 35CEDE6439FF0D8903223A0817FFE46C ] C:\Windows\SysWOW64\d2d1.dll
20:21:38.0429 4872 C:\Windows\SysWOW64\d2d1.dll - ok
20:21:38.0445 4872 [ A29D734F650F958424743BE3BAA052C8 ] C:\Windows\SysWOW64\DWrite.dll
20:21:38.0445 4872 C:\Windows\SysWOW64\DWrite.dll - ok
20:21:38.0445 4872 [ E5F7C30EDF0892667933BE879F067D67 ] C:\Windows\SysWOW64\msvcr100_clr0400.dll
20:21:38.0445 4872 C:\Windows\SysWOW64\msvcr100_clr0400.dll - ok
20:21:38.0461 4872 [ D83947A58613E9091B4C9CC0F1546A8D ] C:\Windows\SysWOW64\mscoree.dll
20:21:38.0461 4872 C:\Windows\SysWOW64\mscoree.dll - ok
20:21:38.0476 4872 [ 5C4CB4086FB83115B153E47ADD961A0C ] C:\Windows\System32\FntCache.dll
20:21:38.0476 4872 C:\Windows\System32\FntCache.dll - ok
20:21:38.0492 4872 [ C6F9AF94DCD58122A4D7E89DB6BED29D ] C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
20:21:38.0492 4872 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe - ok
20:21:38.0507 4872 [ CB21CD39637AC13F3455454B2F648257 ] C:\Windows\System32\msvcr100_clr0400.dll
20:21:38.0507 4872 C:\Windows\System32\msvcr100_clr0400.dll - ok
20:21:38.0523 4872 [ 012787CEB35505EB78DF82E0A0072888 ] C:\Windows\System32\browcli.dll
20:21:38.0523 4872 C:\Windows\System32\browcli.dll - ok
20:21:38.0539 4872 [ 0411B7958C524BB2E91EE1B3035FE321 ] C:\Windows\SysWOW64\dxgi.dll
20:21:38.0539 4872 C:\Windows\SysWOW64\dxgi.dll - ok
20:21:38.0554 4872 [ 2DE90400A63818FA38C4C5C9ADB166BF ] C:\Windows\SysWOW64\d3d10_1.dll
20:21:38.0554 4872 C:\Windows\SysWOW64\d3d10_1.dll - ok
20:21:38.0554 4872 [ 9C36A3CA80F9B204C670336D344F5DF8 ] C:\Windows\SysWOW64\d3d10_1core.dll
20:21:38.0554 4872 C:\Windows\SysWOW64\d3d10_1core.dll - ok
20:21:38.0570 4872 [ 78B7A3BDA25C90DAA50D36A56A8D1351 ] C:\Windows\SysWOW64\d3d10warp.dll
20:21:38.0570 4872 C:\Windows\SysWOW64\d3d10warp.dll - ok
20:21:38.0585 4872 [ 3C06536A9AA332E9E0CEBDE5A596822A ] C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDPROV.DLL
20:21:38.0585 4872 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDPROV.DLL - ok
20:21:38.0601 4872 [ E4024CCF225A936207294DE50925D4F6 ] C:\Program Files (x86)\Google\Update\1.3.21.123\goopdateres_en.dll
20:21:38.0601 4872 C:\Program Files (x86)\Google\Update\1.3.21.123\goopdateres_en.dll - ok
20:21:38.0617 4872 [ 0C15DB6FF927935F0ECA52FEEA40E6C2 ] C:\Program Files\Common Files\Microsoft Shared\Windows Live\wlidcli.dll
20:21:38.0617 4872 C:\Program Files\Common Files\Microsoft Shared\Windows Live\wlidcli.dll - ok
20:21:38.0632 4872 [ C733EBBDD79892B96C9980EBDC0CA704 ] C:\Windows\assembly\NativeImages_v2.0.50727_64\PresentationFramewo#\c217382951ed46e82a9a3e27bd6379e7\PresentationFramework.ni.dll
20:21:38.0632 4872 C:\Windows\assembly\NativeImages_v2.0.50727_64\PresentationFramewo#\c217382951ed46e82a9a3e27bd6379e7\PresentationFramework.ni.dll - ok
20:21:38.0648 4872 [ E17E0188BB90FAE42D83E98707EFA59C ] C:\Windows\System32\sppsvc.exe
20:21:38.0648 4872 C:\Windows\System32\sppsvc.exe - ok
20:21:38.0663 4872 [ FFF95479C7AB1550F0750A5D01744211 ] C:\Windows\System32\drivers\spsys.sys
20:21:38.0663 4872 C:\Windows\System32\drivers\spsys.sys - ok
20:21:38.0663 4872 [ E8B1FE6669397D1772D8196DF0E57A9E ] C:\Windows\System32\wscsvc.dll
20:21:38.0663 4872 C:\Windows\System32\wscsvc.dll - ok
20:21:38.0679 4872 [ D9EF901DCA379CFE914E9FA13B73B4C4 ] C:\Windows\System32\wuaueng.dll
20:21:38.0679 4872 C:\Windows\System32\wuaueng.dll - ok
20:21:38.0695 4872 [ C264145F107437CBD3B30303733AEE4F ] C:\Windows\assembly\GAC_64\PresentationCore\3.0.0.0__31bf3856ad364e35\PresentationCore.dll
20:21:38.0695 4872 C:\Windows\assembly\GAC_64\PresentationCore\3.0.0.0__31bf3856ad364e35\PresentationCore.dll - ok
20:21:38.0710 4872 [ 617F6EC0AC677C685479C1D0D1E76C6F ] C:\Windows\System32\mspatcha.dll
20:21:38.0710 4872 C:\Windows\System32\mspatcha.dll - ok
20:21:38.0726 4872 [ C8541AECCCA9260DE93C85F214110FA8 ] C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\wpfgfx_v0300.dll
20:21:38.0726 4872 C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\wpfgfx_v0300.dll - ok
20:21:38.0741 4872 [ C47F35CC6FA4F1BDBEF8F87AC1A46537 ] C:\Windows\System32\wuapi.dll
20:21:38.0741 4872 C:\Windows\System32\wuapi.dll - ok
20:21:38.0757 4872 [ E746ED90132C6B6313CE9179F56BD31D ] C:\Windows\System32\wups.dll
20:21:38.0757 4872 C:\Windows\System32\wups.dll - ok
20:21:38.0773 4872 [ F6F22291024906E43D135A4B1705FEAC ] C:\Windows\System32\sppwinob.dll
20:21:38.0773 4872 C:\Windows\System32\sppwinob.dll - ok
20:21:38.0788 4872 [ 7FE0D0C8F53735EA17C9AE93EFE7AD5A ] C:\Windows\System32\wups2.dll
20:21:38.0788 4872 C:\Windows\System32\wups2.dll - ok
20:21:38.0788 4872 [ 2B373B5F7E36B5ED5DA176D4400EF091 ] C:\Windows\System32\sppobjs.dll
20:21:38.0788 4872 C:\Windows\System32\sppobjs.dll - ok
20:21:38.0804 4872 [ B84E2D174DC84916A536572BB8F691A8 ] C:\Windows\System32\wscisvif.dll
20:21:38.0804 4872 C:\Windows\System32\wscisvif.dll - ok
20:21:38.0819 4872 [ 6C1E3C43B35268C17833244C8ED96430 ] C:\Windows\System32\wscproxystub.dll
20:21:38.0819 4872 C:\Windows\System32\wscproxystub.dll - ok
20:21:38.0819 4872 ============================================================
20:21:38.0819 4872 Scan finished
20:21:38.0819 4872 ============================================================
20:21:38.0851 4864 Detected object count: 3
20:21:38.0851 4864 Actual detected object count: 3
20:22:13.0639 4864 Thpsrv ( UnsignedFile.Multi.Generic ) - skipped by user
20:22:13.0639 4864 Thpsrv ( UnsignedFile.Multi.Generic ) - User select action: Skip
20:22:20.0144 4864 \Device\Harddisk0\DR0\# - copied to quarantine
20:22:20.0206 4864 \Device\Harddisk0\DR0 - copied to quarantine
20:22:20.0596 4864 \Device\Harddisk0\DR0\TDLFS\cmd.dll - copied to quarantine
20:22:20.0939 4864 \Device\Harddisk0\DR0\TDLFS\cmd64.dll - copied to quarantine
20:22:21.0158 4864 \Device\Harddisk0\DR0\TDLFS\drv32 - copied to quarantine
20:22:29.0972 4864 \Device\Harddisk0\DR0\TDLFS\drv64 - copied to quarantine
20:22:30.0034 4864 \Device\Harddisk0\DR0\TDLFS\servers.dat - copied to quarantine
20:22:30.0112 4864 \Device\Harddisk0\DR0\TDLFS\config.ini - copied to quarantine
20:22:30.0143 4864 \Device\Harddisk0\DR0\TDLFS\ldr16 - copied to quarantine
20:22:31.0173 4864 \Device\Harddisk0\DR0\TDLFS\ldr32 - copied to quarantine
20:22:31.0376 4864 \Device\Harddisk0\DR0\TDLFS\ldr64 - copied to quarantine
20:22:31.0423 4864 \Device\Harddisk0\DR0\TDLFS\s - copied to quarantine
20:22:31.0485 4864 \Device\Harddisk0\DR0\TDLFS\ldrm - copied to quarantine
20:22:31.0594 4864 \Device\Harddisk0\DR0\TDLFS\u - copied to quarantine
20:22:31.0922 4864 \Device\Harddisk0\DR0 ( Rootkit.Boot.Pihar.c ) - will be cured on reboot
20:22:31.0922 4864 \Device\Harddisk0\DR0 - ok
20:22:32.0717 4864 \Device\Harddisk0\DR0 ( Rootkit.Boot.Pihar.c ) - User select action: Cure
20:22:32.0733 4864 \Device\Harddisk0\DR0 ( TDSS File System ) - skipped by user
20:22:32.0733 4864 \Device\Harddisk0\DR0 ( TDSS File System ) - User select action: Skip
20:22:55.0202 2908 Deinitialize success

#7
Jasmyne

Posted 23 November 2012 - 08:06 AM

Trusted Helper

Malware Removal
2,010 posts

Thank you for your help. I have done the requested tasks and the Microsoft Security icon remains green (instead of red).

You're welcome!

We've gotten rid of the worst of it but let me know if for some reason it turns red again or you notice anything else.

There are a few more things we need to take care...

Step 1

Re-run TDSSKIller as before. When the scan results are show, it will offer you three options. For the file it reports "UnsignedFile.Multi.Generic" choose Skip. For the file that reports "TDSS File System" please choose Cure or Delete.

A report will be created in your root directory, (usually C:\ folder) in the form of "TDSSKiller.[Version]_[Date]_[Time]_log.txt". Please copy and paste its contents on your next reply.

Step 2 CLEAR THE BAD TOOLBARS

Download AdwCleaner from here to your desktop
Run AdwCleaner and select Delete

Posted Image

Once done it will ask to reboot, allow this
On reboot a log will be produced please attach that

Step 3
Let's try this OTL Fix again....

1. Please copy all of the text in the code box below. To do this, highlight everything
inside the code box, right click and click Copy.

:OTL
CHR - homepage: http://searchfunmoods.com/?f=1&a=aln&chnl=&cd=2XzuyEtN2Y1L1Qzu0EtD0C0AzyyE0CyByDzzzyyD0A0A0F0DtN0D0Tzu0CtAtByCtN1L2XzutBtFtBtFtDtFtAyEyE&cr=945882518 (http://searchfunmoods.com/?f=1&a=aln&chnl=&cd=2XzuyEtN2Y1L1Qzu0EtD0C0AzyyE0CyByDzzzyyD0A0A0F0DtN0D0Tzu0CtAtByCtN1L2XzutBtFtBtFtDtFtAyEyE&cr=945882518)
CHR - default_search_provider: Funmoods (Enabled)
CHR - default_search_provider: search_url = http://searchfunmoods.com/results.php?f=4&q={searchTerms}&a=aln&chnl=&cd=2XzuyEtN2Y1L1Qzu0EtD0C0AzyyE0CyByDzzzyyD0A0A0F0DtN0D0Tzu0CtAtByCtN1L2XzutBtFtBtFtDtFtAyEyE&cr=945882518 (http://searchfunmoods.com/results.php?f=4&q={searchTerms}&a=aln&chnl=&cd=2XzuyEtN2Y1L1Qzu0EtD0C0AzyyE0CyByDzzzyyD0A0A0F0DtN0D0Tzu0CtAtByCtN1L2XzutBtFtBtFtDtFtAyEyE&cr=945882518)
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?client=chrome&hl={language}&q={searchTerms}
CHR - homepage: http://searchfunmoods.com/?f=1&a=aln&chnl=&cd=2XzuyEtN2Y1L1Qzu0EtD0C0AzyyE0CyByDzzzyyD0A0A0F0DtN0D0Tzu0CtAtByCtN1L2XzutBtFtBtFtDtFtAyEyE&cr=945882518 (http://searchfunmoods.com/?f=1&a=aln&chnl=&cd=2XzuyEtN2Y1L1Qzu0EtD0C0AzyyE0CyByDzzzyyD0A0A0F0DtN0D0Tzu0CtAtByCtN1L2XzutBtFtBtFtDtFtAyEyE&cr=945882518)
O3:64bit: - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.

:COMMANDS
[emptytemp]
[CREATERESTOREPOINT]
[Reboot]

2. Please re-open on your desktop.
3. Place the mouse pointer inside the Posted Image

textbox, right click and click Paste. This will put the above script inside the textbox.
4. Click the Posted Image

button.
5. Let the program run unhindered.
6. OTL may ask to reboot the machine. Please do so if asked.
7. Click the Posted Image

button. Post the log it produces in your next reply.

~~~~~~~~~~~~~~~~~~~~ Things Needed for Your Next Post ~~~~~~~~~~~~~~~~~~~~
1. New TDSS Killer Log
2. AdwCleaner Log
3. OTL Fix Log
4. New OTL Scan

#8
jkabat

Posted 23 November 2012 - 12:18 PM

Member

Topic Starter
Member
98 posts

Again, thanks for your attention. I've done all that you asked and will paste logs below in order of execution.

12:40:07.0463 2324 TDSS rootkit removing tool 2.8.15.0 Oct 31 2012 21:47:35
12:40:09.0475 2324 ============================================================
12:40:09.0475 2324 Current date / time: 2012/11/23 12:40:09.0475
12:40:09.0475 2324 SystemInfo:
12:40:09.0475 2324
12:40:09.0475 2324 OS Version: 6.1.7601 ServicePack: 1.0
12:40:09.0475 2324 Product type: Workstation
12:40:09.0475 2324 ComputerName: JESSIE-PC
12:40:09.0491 2324 UserName: Jessie
12:40:09.0491 2324 Windows directory: C:\windows
12:40:09.0491 2324 System windows directory: C:\windows
12:40:09.0491 2324 Running under WOW64
12:40:09.0491 2324 Processor architecture: Intel x64
12:40:09.0491 2324 Number of processors: 2
12:40:09.0491 2324 Page size: 0x1000
12:40:09.0491 2324 Boot type: Normal boot
12:40:09.0491 2324 ============================================================
12:40:23.0421 2324 BG loaded
12:40:24.0435 2324 Drive \Device\Harddisk0\DR0 - Size: 0x4A85D56000 (298.09 Gb), SectorSize: 0x200, Cylinders: 0x9801, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
12:40:24.0466 2324 ============================================================
12:40:24.0466 2324 \Device\Harddisk0\DR0:
12:40:24.0482 2324 MBR partitions:
12:40:24.0482 2324 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x2EE800, BlocksNum 0x234C4000
12:40:24.0482 2324 ============================================================
12:40:24.0638 2324 C: <-> \Device\Harddisk0\DR0\Partition1
12:40:24.0638 2324 ============================================================
12:40:24.0638 2324 Initialize success
12:40:24.0638 2324 ============================================================
12:40:52.0875 2116 ============================================================
12:40:52.0875 2116 Scan started
12:40:52.0875 2116 Mode: Manual; SigCheck; TDLFS;
12:40:52.0875 2116 ============================================================
12:40:54.0012 2116 ================ Scan system memory ========================
12:40:54.0013 2116 System memory - ok
12:40:54.0014 2116 ================ Scan services =============================
12:40:54.0176 2116 [ A87D604AEA360176311474C87A63BB88 ] 1394ohci C:\windows\system32\drivers\1394ohci.sys
12:40:54.0717 2116 1394ohci - ok
12:40:54.0793 2116 [ D81D9E70B8A6DD14D42D7B4EFA65D5F2 ] ACPI C:\windows\system32\drivers\ACPI.sys
12:40:54.0841 2116 ACPI - ok
12:40:54.0865 2116 [ 99F8E788246D495CE3794D7E7821D2CA ] AcpiPmi C:\windows\system32\drivers\acpipmi.sys
12:40:55.0008 2116 AcpiPmi - ok
12:40:55.0054 2116 [ 2F6B34B83843F0C5118B63AC634F5BF4 ] adp94xx C:\windows\system32\drivers\adp94xx.sys
12:40:55.0101 2116 adp94xx - ok
12:40:55.0132 2116 [ 597F78224EE9224EA1A13D6350CED962 ] adpahci C:\windows\system32\drivers\adpahci.sys
12:40:55.0164 2116 adpahci - ok
12:40:55.0195 2116 [ E109549C90F62FB570B9540C4B148E54 ] adpu320 C:\windows\system32\drivers\adpu320.sys
12:40:55.0226 2116 adpu320 - ok
12:40:55.0273 2116 [ 4B78B431F225FD8624C5655CB1DE7B61 ] AeLookupSvc C:\windows\System32\aelupsvc.dll
12:40:55.0507 2116 AeLookupSvc - ok
12:40:55.0554 2116 [ 1C7857B62DE5994A75B054A9FD4C3825 ] AFD C:\windows\system32\drivers\afd.sys
12:40:55.0647 2116 AFD - ok
12:40:55.0678 2116 [ 608C14DBA7299D8CB6ED035A68A15799 ] agp440 C:\windows\system32\drivers\agp440.sys
12:40:55.0710 2116 agp440 - ok
12:40:55.0741 2116 [ 3290D6946B5E30E70414990574883DDB ] ALG C:\windows\System32\alg.exe
12:40:55.0834 2116 ALG - ok
12:40:55.0850 2116 [ 5812713A477A3AD7363C7438CA2EE038 ] aliide C:\windows\system32\drivers\aliide.sys
12:40:55.0881 2116 aliide - ok
12:40:55.0912 2116 [ 2F2E91FD092811353C3BC968BEC274D8 ] AMD External Events Utility C:\windows\system32\atiesrxx.exe
12:40:56.0084 2116 AMD External Events Utility - ok
12:40:56.0131 2116 [ 1FF8B4431C353CE385C875F194924C0C ] amdide C:\windows\system32\drivers\amdide.sys
12:40:56.0162 2116 amdide - ok
12:40:56.0178 2116 [ 7024F087CFF1833A806193EF9D22CDA9 ] AmdK8 C:\windows\system32\drivers\amdk8.sys
12:40:56.0224 2116 AmdK8 - ok
12:40:56.0521 2116 [ 194D76D2083318A2E7071A988E02ECF4 ] amdkmdag C:\windows\system32\DRIVERS\atikmdag.sys
12:40:56.0833 2116 amdkmdag - ok
12:40:56.0880 2116 [ 1EEFFCE9A3A65A56A28793EAA3F57026 ] amdkmdap C:\windows\system32\DRIVERS\atikmpag.sys
12:40:56.0926 2116 amdkmdap - ok
12:40:56.0958 2116 [ 1E56388B3FE0D031C44144EB8C4D6217 ] AmdPPM C:\windows\system32\DRIVERS\amdppm.sys
12:40:57.0004 2116 AmdPPM - ok
12:40:57.0004 2116 [ D4121AE6D0C0E7E13AA221AA57EF2D49 ] amdsata C:\windows\system32\drivers\amdsata.sys
12:40:57.0067 2116 amdsata - ok
12:40:57.0098 2116 [ F67F933E79241ED32FF46A4F29B5120B ] amdsbs C:\windows\system32\drivers\amdsbs.sys
12:40:57.0129 2116 amdsbs - ok
12:40:57.0145 2116 [ 540DAF1CEA6094886D72126FD7C33048 ] amdxata C:\windows\system32\drivers\amdxata.sys
12:40:57.0176 2116 amdxata - ok
12:40:57.0207 2116 [ 89A69C3F2F319B43379399547526D952 ] AppID C:\windows\system32\drivers\appid.sys
12:40:57.0441 2116 AppID - ok
12:40:57.0457 2116 [ 0BC381A15355A3982216F7172F545DE1 ] AppIDSvc C:\windows\System32\appidsvc.dll
12:40:57.0628 2116 AppIDSvc - ok
12:40:57.0660 2116 [ 3977D4A871CA0D4F2ED1E7DB46829731 ] Appinfo C:\windows\System32\appinfo.dll
12:40:57.0909 2116 Appinfo - ok
12:40:58.0003 2116 [ C484F8CEB1717C540242531DB7845C4E ] arc C:\windows\system32\drivers\arc.sys
12:40:58.0050 2116 arc - ok
12:40:58.0096 2116 [ 019AF6924AEFE7839F61C830227FE79C ] arcsas C:\windows\system32\drivers\arcsas.sys
12:40:58.0128 2116 arcsas - ok
12:40:58.0159 2116 [ 769765CE2CC62867468CEA93969B2242 ] AsyncMac C:\windows\system32\DRIVERS\asyncmac.sys
12:40:58.0252 2116 AsyncMac - ok
12:40:58.0284 2116 [ 02062C0B390B7729EDC9E69C680A6F3C ] atapi C:\windows\system32\drivers\atapi.sys
12:40:58.0299 2116 atapi - ok
12:40:58.0362 2116 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioEndpointBuilder C:\windows\System32\Audiosrv.dll
12:40:58.0471 2116 AudioEndpointBuilder - ok
12:40:58.0549 2116 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioSrv C:\windows\System32\Audiosrv.dll
12:40:58.0674 2116 AudioSrv - ok
12:40:58.0736 2116 [ A6BF31A71B409DFA8CAC83159E1E2AFF ] AxInstSV C:\windows\System32\AxInstSV.dll
12:40:58.0923 2116 AxInstSV - ok
12:40:58.0986 2116 [ 3E5B191307609F7514148C6832BB0842 ] b06bdrv C:\windows\system32\drivers\bxvbda.sys
12:40:59.0064 2116 b06bdrv - ok
12:40:59.0110 2116 [ B5ACE6968304A3900EEB1EBFD9622DF2 ] b57nd60a C:\windows\system32\DRIVERS\b57nd60a.sys
12:40:59.0173 2116 b57nd60a - ok
12:40:59.0220 2116 [ FDE360167101B4E45A96F939F388AEB0 ] BDESVC C:\windows\System32\bdesvc.dll
12:40:59.0329 2116 BDESVC - ok
12:40:59.0422 2116 [ 16A47CE2DECC9B099349A5F840654746 ] Beep C:\windows\system32\drivers\Beep.sys
12:40:59.0594 2116 Beep - ok
12:40:59.0672 2116 [ 82974D6A2FD19445CC5171FC378668A4 ] BFE C:\windows\System32\bfe.dll
12:40:59.0844 2116 BFE - ok
12:40:59.0953 2116 [ 1EA7969E3271CBC59E1730697DC74682 ] BITS C:\windows\System32\qmgr.dll
12:41:00.0156 2116 BITS - ok
12:41:00.0202 2116 [ 61583EE3C3A17003C4ACD0475646B4D3 ] blbdrive C:\windows\system32\DRIVERS\blbdrive.sys
12:41:00.0249 2116 blbdrive - ok
12:41:00.0296 2116 [ 6C02A83164F5CC0A262F4199F0871CF5 ] bowser C:\windows\system32\DRIVERS\bowser.sys
12:41:00.0358 2116 bowser - ok
12:41:00.0421 2116 [ F09EEE9EDC320B5E1501F749FDE686C8 ] BrFiltLo C:\windows\system32\drivers\BrFiltLo.sys
12:41:00.0530 2116 BrFiltLo - ok
12:41:00.0546 2116 [ B114D3098E9BDB8BEA8B053685831BE6 ] BrFiltUp C:\windows\system32\drivers\BrFiltUp.sys
12:41:00.0592 2116 BrFiltUp - ok
12:41:00.0670 2116 [ 05F5A0D14A2EE1D8255C2AA0E9E8E694 ] Browser C:\windows\System32\browser.dll
12:41:00.0795 2116 Browser - ok
12:41:00.0842 2116 [ 43BEA8D483BF1870F018E2D02E06A5BD ] Brserid C:\windows\System32\Drivers\Brserid.sys
12:41:01.0014 2116 Brserid - ok
12:41:01.0076 2116 [ A6ECA2151B08A09CACECA35C07F05B42 ] BrSerWdm C:\windows\System32\Drivers\BrSerWdm.sys
12:41:01.0185 2116 BrSerWdm - ok
12:41:01.0216 2116 [ B79968002C277E869CF38BD22CD61524 ] BrUsbMdm C:\windows\System32\Drivers\BrUsbMdm.sys
12:41:01.0279 2116 BrUsbMdm - ok
12:41:01.0326 2116 [ A87528880231C54E75EA7A44943B38BF ] BrUsbSer C:\windows\System32\Drivers\BrUsbSer.sys
12:41:01.0388 2116 BrUsbSer - ok
12:41:01.0419 2116 [ 9DA669F11D1F894AB4EB69BF546A42E8 ] BTHMODEM C:\windows\system32\drivers\bthmodem.sys
12:41:01.0466 2116 BTHMODEM - ok
12:41:01.0513 2116 [ 95F9C2976059462CBBF227F7AAB10DE9 ] bthserv C:\windows\system32\bthserv.dll
12:41:01.0638 2116 bthserv - ok
12:41:01.0669 2116 [ B8BD2BB284668C84865658C77574381A ] cdfs C:\windows\system32\DRIVERS\cdfs.sys
12:41:01.0762 2116 cdfs - ok
12:41:01.0809 2116 [ F036CE71586E93D94DAB220D7BDF4416 ] cdrom C:\windows\system32\DRIVERS\cdrom.sys
12:41:01.0856 2116 cdrom - ok
12:41:01.0903 2116 [ F17D1D393BBC69C5322FBFAFACA28C7F ] CertPropSvc C:\windows\System32\certprop.dll
12:41:02.0028 2116 CertPropSvc - ok
12:41:02.0043 2116 [ D7CD5C4E1B71FA62050515314CFB52CF ] circlass C:\windows\system32\drivers\circlass.sys
12:41:02.0090 2116 circlass - ok
12:41:02.0121 2116 [ FE1EC06F2253F691FE36217C592A0206 ] CLFS C:\windows\system32\CLFS.sys
12:41:02.0168 2116 CLFS - ok
12:41:02.0230 2116 [ D88040F816FDA31C3B466F0FA0918F29 ] clr_optimization_v2.0.50727_32 C:\windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
12:41:02.0262 2116 clr_optimization_v2.0.50727_32 - ok
12:41:02.0293 2116 [ D1CEEA2B47CB998321C579651CE3E4F8 ] clr_optimization_v2.0.50727_64 C:\windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
12:41:02.0324 2116 clr_optimization_v2.0.50727_64 - ok
12:41:02.0386 2116 [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
12:41:02.0480 2116 clr_optimization_v4.0.30319_32 - ok
12:41:02.0511 2116 [ C6F9AF94DCD58122A4D7E89DB6BED29D ] clr_optimization_v4.0.30319_64 C:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
12:41:02.0542 2116 clr_optimization_v4.0.30319_64 - ok
12:41:02.0589 2116 [ 0840155D0BDDF1190F84A663C284BD33 ] CmBatt C:\windows\system32\DRIVERS\CmBatt.sys
12:41:02.0636 2116 CmBatt - ok
12:41:02.0652 2116 [ E19D3F095812725D88F9001985B94EDD ] cmdide C:\windows\system32\drivers\cmdide.sys
12:41:02.0683 2116 cmdide - ok
12:41:02.0730 2116 [ 9AC4F97C2D3E93367E2148EA940CD2CD ] CNG C:\windows\system32\Drivers\cng.sys
12:41:02.0792 2116 CNG - ok
12:41:02.0823 2116 [ 102DE219C3F61415F964C88E9085AD14 ] Compbatt C:\windows\system32\drivers\compbatt.sys
12:41:02.0854 2116 Compbatt - ok
12:41:02.0870 2116 [ 03EDB043586CCEBA243D689BDDA370A8 ] CompositeBus C:\windows\system32\DRIVERS\CompositeBus.sys
12:41:02.0917 2116 CompositeBus - ok
12:41:02.0917 2116 COMSysApp - ok
12:41:02.0964 2116 [ 1C827878A998C18847245FE1F34EE597 ] crcdisk C:\windows\system32\drivers\crcdisk.sys
12:41:02.0995 2116 crcdisk - ok
12:41:03.0042 2116 [ 9C01375BE382E834CC26D1B7EAF2C4FE ] CryptSvc C:\windows\system32\cryptsvc.dll
12:41:03.0104 2116 CryptSvc - ok
12:41:03.0151 2116 [ 5C627D1B1138676C0A7AB2C2C190D123 ] DcomLaunch C:\windows\system32\rpcss.dll
12:41:03.0260 2116 DcomLaunch - ok
12:41:03.0307 2116 [ 3CEC7631A84943677AA8FA8EE5B6B43D ] defragsvc C:\windows\System32\defragsvc.dll
12:41:03.0416 2116 defragsvc - ok
12:41:03.0447 2116 [ 9BB2EF44EAA163B29C4A4587887A0FE4 ] DfsC C:\windows\system32\Drivers\dfsc.sys
12:41:03.0541 2116 DfsC - ok
12:41:03.0572 2116 [ 43D808F5D9E1A18E5EEB5EBC83969E4E ] Dhcp C:\windows\system32\dhcpcore.dll
12:41:03.0650 2116 Dhcp - ok
12:41:03.0666 2116 [ 13096B05847EC78F0977F2C0F79E9AB3 ] discache C:\windows\system32\drivers\discache.sys
12:41:03.0759 2116 discache - ok
12:41:03.0790 2116 [ 9819EEE8B5EA3784EC4AF3B137A5244C ] Disk C:\windows\system32\drivers\disk.sys
12:41:03.0822 2116 Disk - ok
12:41:03.0853 2116 [ 16835866AAA693C7D7FCEBA8FFF706E4 ] Dnscache C:\windows\System32\dnsrslvr.dll
12:41:03.0915 2116 Dnscache - ok
12:41:03.0946 2116 [ B1FB3DDCA0FDF408750D5843591AFBC6 ] dot3svc C:\windows\System32\dot3svc.dll
12:41:04.0040 2116 dot3svc - ok
12:41:04.0071 2116 [ B26F4F737E8F9DF4F31AF6CF31D05820 ] DPS C:\windows\system32\dps.dll
12:41:04.0180 2116 DPS - ok
12:41:04.0212 2116 [ 9B19F34400D24DF84C858A421C205754 ] drmkaud C:\windows\system32\drivers\drmkaud.sys
12:41:04.0258 2116 drmkaud - ok
12:41:04.0305 2116 [ 85DBF6EC7BDFA6187F4A1EC8F3145CD0 ] DXGKrnl C:\windows\System32\drivers\dxgkrnl.sys
12:41:04.0368 2116 DXGKrnl - ok
12:41:04.0399 2116 [ E2DDA8726DA9CB5B2C4000C9018A9633 ] EapHost C:\windows\System32\eapsvc.dll
12:41:04.0508 2116 EapHost - ok
12:41:04.0617 2116 [ DC5D737F51BE844D8C82C695EB17372F ] ebdrv C:\windows\system32\drivers\evbda.sys
12:41:04.0758 2116 ebdrv - ok
12:41:04.0789 2116 [ C118A82CD78818C29AB228366EBF81C3 ] EFS C:\windows\System32\lsass.exe
12:41:04.0867 2116 EFS - ok
12:41:04.0929 2116 [ C4002B6B41975F057D98C439030CEA07 ] ehRecvr C:\windows\ehome\ehRecvr.exe
12:41:05.0023 2116 ehRecvr - ok
12:41:05.0038 2116 [ 4705E8EF9934482C5BB488CE28AFC681 ] ehSched C:\windows\ehome\ehsched.exe
12:41:05.0070 2116 ehSched - ok
12:41:05.0116 2116 [ 0E5DA5369A0FCAEA12456DD852545184 ] elxstor C:\windows\system32\drivers\elxstor.sys
12:41:05.0163 2116 elxstor - ok
12:41:05.0179 2116 [ 34A3C54752046E79A126E15C51DB409B ] ErrDev C:\windows\system32\drivers\errdev.sys
12:41:05.0226 2116 ErrDev - ok
12:41:05.0288 2116 [ 4166F82BE4D24938977DD1746BE9B8A0 ] EventSystem C:\windows\system32\es.dll
12:41:05.0397 2116 EventSystem - ok
12:41:05.0428 2116 [ A510C654EC00C1E9BDD91EEB3A59823B ] exfat C:\windows\system32\drivers\exfat.sys
12:41:05.0506 2116 exfat - ok
12:41:05.0538 2116 [ 0ADC83218B66A6DB380C330836F3E36D ] fastfat C:\windows\system32\drivers\fastfat.sys
12:41:05.0631 2116 fastfat - ok
12:41:05.0678 2116 [ DBEFD454F8318A0EF691FDD2EAAB44EB ] Fax C:\windows\system32\fxssvc.exe
12:41:05.0772 2116 Fax - ok
12:41:05.0803 2116 [ D765D19CD8EF61F650C384F62FAC00AB ] fdc C:\windows\system32\drivers\fdc.sys
12:41:05.0865 2116 fdc - ok
12:41:05.0896 2116 [ 0438CAB2E03F4FB61455A7956026FE86 ] fdPHost C:\windows\system32\fdPHost.dll
12:41:05.0990 2116 fdPHost - ok
12:41:06.0006 2116 [ 802496CB59A30349F9A6DD22D6947644 ] FDResPub C:\windows\system32\fdrespub.dll
12:41:06.0115 2116 FDResPub - ok
12:41:06.0146 2116 [ 655661BE46B5F5F3FD454E2C3095B930 ] FileInfo C:\windows\system32\drivers\fileinfo.sys
12:41:06.0177 2116 FileInfo - ok
12:41:06.0193 2116 [ 5F671AB5BC87EEA04EC38A6CD5962A47 ] Filetrace C:\windows\system32\drivers\filetrace.sys
12:41:06.0318 2116 Filetrace - ok
12:41:06.0349 2116 [ C172A0F53008EAEB8EA33FE10E177AF5 ] flpydisk C:\windows\system32\drivers\flpydisk.sys
12:41:06.0380 2116 flpydisk - ok
12:41:06.0411 2116 [ DA6B67270FD9DB3697B20FCE94950741 ] FltMgr C:\windows\system32\drivers\fltmgr.sys
12:41:06.0442 2116 FltMgr - ok
12:41:06.0489 2116 [ 5C4CB4086FB83115B153E47ADD961A0C ] FontCache C:\windows\system32\FntCache.dll
12:41:06.0630 2116 FontCache - ok
12:41:06.0817 2116 [ A8B7F3818AB65695E3A0BB3279F6DCE6 ] FontCache3.0.0.0 C:\windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
12:41:06.0926 2116 FontCache3.0.0.0 - ok
12:41:06.0957 2116 [ D43703496149971890703B4B1B723EAC ] FsDepends C:\windows\system32\drivers\FsDepends.sys
12:41:07.0020 2116 FsDepends - ok
12:41:07.0113 2116 [ 6BD9295CC032DD3077C671FCCF579A7B ] Fs_Rec C:\windows\system32\drivers\Fs_Rec.sys
12:41:07.0191 2116 Fs_Rec - ok
12:41:07.0300 2116 [ 1F7B25B858FA27015169FE95E54108ED ] fvevol C:\windows\system32\DRIVERS\fvevol.sys
12:41:07.0378 2116 fvevol - ok
12:41:07.0456 2116 [ 60ACB128E64C35C2B4E4AAB1B0A5C293 ] FwLnk C:\windows\system32\DRIVERS\FwLnk.sys
12:41:07.0488 2116 FwLnk - ok
12:41:07.0519 2116 [ 8C778D335C9D272CFD3298AB02ABE3B6 ] gagp30kx C:\windows\system32\drivers\gagp30kx.sys
12:41:07.0550 2116 gagp30kx - ok
12:41:07.0597 2116 [ 277BBC7E1AA1EE957F573A10ECA7EF3A ] gpsvc C:\windows\System32\gpsvc.dll
12:41:07.0706 2116 gpsvc - ok
12:41:07.0800 2116 [ F02A533F517EB38333CB12A9E8963773 ] gupdate C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
12:41:07.0831 2116 gupdate - ok
12:41:07.0846 2116 [ F02A533F517EB38333CB12A9E8963773 ] gupdatem C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
12:41:07.0878 2116 gupdatem - ok
12:41:07.0909 2116 [ 5D4BC124FAAE6730AC002CDB67BF1A1C ] gusvc C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
12:41:07.0940 2116 gusvc - ok
12:41:07.0971 2116 [ F2523EF6460FC42405B12248338AB2F0 ] hcw85cir C:\windows\system32\drivers\hcw85cir.sys
12:41:08.0018 2116 hcw85cir - ok
12:41:08.0049 2116 [ 975761C778E33CD22498059B91E7373A ] HdAudAddService C:\windows\system32\drivers\HdAudio.sys
12:41:08.0112 2116 HdAudAddService - ok
12:41:08.0143 2116 [ 97BFED39B6B79EB12CDDBFEED51F56BB ] HDAudBus C:\windows\system32\DRIVERS\HDAudBus.sys
12:41:08.0190 2116 HDAudBus - ok
12:41:08.0221 2116 [ 78E86380454A7B10A5EB255DC44A355F ] HidBatt C:\windows\system32\drivers\HidBatt.sys
12:41:08.0268 2116 HidBatt - ok
12:41:08.0283 2116 [ 7FD2A313F7AFE5C4DAB14798C48DD104 ] HidBth C:\windows\system32\drivers\hidbth.sys
12:41:08.0330 2116 HidBth - ok
12:41:08.0346 2116 [ 0A77D29F311B88CFAE3B13F9C1A73825 ] HidIr C:\windows\system32\drivers\hidir.sys
12:41:08.0392 2116 HidIr - ok
12:41:08.0424 2116 [ BD9EB3958F213F96B97B1D897DEE006D ] hidserv C:\windows\system32\hidserv.dll
12:41:08.0533 2116 hidserv - ok
12:41:08.0548 2116 [ 9592090A7E2B61CD582B612B6DF70536 ] HidUsb C:\windows\system32\DRIVERS\hidusb.sys
12:41:08.0580 2116 HidUsb - ok
12:41:08.0611 2116 [ 387E72E739E15E3D37907A86D9FF98E2 ] hkmsvc C:\windows\system32\kmsvc.dll
12:41:08.0704 2116 hkmsvc - ok
12:41:08.0736 2116 [ EFDFB3DD38A4376F93E7985173813ABD ] HomeGroupListener C:\windows\system32\ListSvc.dll
12:41:08.0814 2116 HomeGroupListener - ok
12:41:08.0845 2116 [ 908ACB1F594274965A53926B10C81E89 ] HomeGroupProvider C:\windows\system32\provsvc.dll
12:41:08.0907 2116 HomeGroupProvider - ok
12:41:08.0954 2116 [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC ] HpSAMD C:\windows\system32\drivers\HpSAMD.sys
12:41:09.0001 2116 HpSAMD - ok
12:41:09.0048 2116 [ 0EA7DE1ACB728DD5A369FD742D6EEE28 ] HTTP C:\windows\system32\drivers\HTTP.sys
12:41:09.0157 2116 HTTP - ok
12:41:09.0188 2116 [ A5462BD6884960C9DC85ED49D34FF392 ] hwpolicy C:\windows\system32\drivers\hwpolicy.sys
12:41:09.0219 2116 hwpolicy - ok
12:41:09.0235 2116 [ FA55C73D4AFFA7EE23AC4BE53B4592D3 ] i8042prt C:\windows\system32\DRIVERS\i8042prt.sys
12:41:09.0266 2116 i8042prt - ok
12:41:09.0313 2116 [ AAAF44DB3BD0B9D1FB6969B23ECC8366 ] iaStorV C:\windows\system32\drivers\iaStorV.sys
12:41:09.0360 2116 iaStorV - ok
12:41:09.0422 2116 [ 5988FC40F8DB5B0739CD1E3A5D0D78BD ] idsvc C:\windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
12:41:09.0500 2116 idsvc - ok
12:41:09.0516 2116 [ 5C18831C61933628F5BB0EA2675B9D21 ] iirsp C:\windows\system32\drivers\iirsp.sys
12:41:09.0547 2116 iirsp - ok
12:41:09.0703 2116 [ FCD84C381E0140AF901E58D48882D26B ] IKEEXT C:\windows\System32\ikeext.dll
12:41:09.0828 2116 IKEEXT - ok
12:41:09.0937 2116 [ 0A30A899C6295F908729EDA7F95615A8 ] IntcAzAudAddService C:\windows\system32\drivers\RTKVHD64.sys
12:41:10.0077 2116 IntcAzAudAddService - ok
12:41:10.0186 2116 [ F00F20E70C6EC3AA366910083A0518AA ] intelide C:\windows\system32\drivers\intelide.sys
12:41:10.0233 2116 intelide - ok
12:41:10.0264 2116 [ ADA036632C664CAA754079041CF1F8C1 ] intelppm C:\windows\system32\drivers\intelppm.sys
12:41:10.0311 2116 intelppm - ok
12:41:10.0327 2116 [ 098A91C54546A3B878DAD6A7E90A455B ] IPBusEnum C:\windows\system32\ipbusenum.dll
12:41:10.0436 2116 IPBusEnum - ok
12:41:10.0467 2116 [ C9F0E1BD74365A8771590E9008D22AB6 ] IpFilterDriver C:\windows\system32\DRIVERS\ipfltdrv.sys
12:41:10.0545 2116 IpFilterDriver - ok
12:41:10.0592 2116 [ 08C2957BB30058E663720C5606885653 ] iphlpsvc C:\windows\System32\iphlpsvc.dll
12:41:10.0686 2116 iphlpsvc - ok
12:41:10.0717 2116 [ 0FC1AEA580957AA8817B8F305D18CA3A ] IPMIDRV C:\windows\system32\drivers\IPMIDrv.sys
12:41:10.0779 2116 IPMIDRV - ok
12:41:10.0795 2116 [ AF9B39A7E7B6CAA203B3862582E9F2D0 ] IPNAT C:\windows\system32\drivers\ipnat.sys
12:41:10.0888 2116 IPNAT - ok
12:41:10.0920 2116 [ 3ABF5E7213EB28966D55D58B515D5CE9 ] IRENUM C:\windows\system32\drivers\irenum.sys
12:41:10.0951 2116 IRENUM - ok
12:41:10.0966 2116 [ 2F7B28DC3E1183E5EB418DF55C204F38 ] isapnp C:\windows\system32\drivers\isapnp.sys
12:41:10.0998 2116 isapnp - ok
12:41:11.0013 2116 [ D931D7309DEB2317035B07C9F9E6B0BD ] iScsiPrt C:\windows\system32\drivers\msiscsi.sys
12:41:11.0060 2116 iScsiPrt - ok
12:41:11.0091 2116 [ BC02336F1CBA7DCC7D1213BB588A68A5 ] kbdclass C:\windows\system32\DRIVERS\kbdclass.sys
12:41:11.0107 2116 kbdclass - ok
12:41:11.0122 2116 [ 0705EFF5B42A9DB58548EEC3B26BB484 ] kbdhid C:\windows\system32\drivers\kbdhid.sys
12:41:11.0169 2116 kbdhid - ok
12:41:11.0200 2116 [ C118A82CD78818C29AB228366EBF81C3 ] KeyIso C:\windows\system32\lsass.exe
12:41:11.0232 2116 KeyIso - ok
12:41:11.0263 2116 [ 97A7070AEA4C058B6418519E869A63B4 ] KSecDD C:\windows\system32\Drivers\ksecdd.sys
12:41:11.0294 2116 KSecDD - ok
12:41:11.0325 2116 [ 26C43A7C2862447EC59DEDA188D1DA07 ] KSecPkg C:\windows\system32\Drivers\ksecpkg.sys
12:41:11.0356 2116 KSecPkg - ok
12:41:11.0388 2116 [ 6869281E78CB31A43E969F06B57347C4 ] ksthunk C:\windows\system32\drivers\ksthunk.sys
12:41:11.0481 2116 ksthunk - ok
12:41:11.0544 2116 [ 6AB66E16AA859232F64DEB66887A8C9C ] KtmRm C:\windows\system32\msdtckrm.dll
12:41:11.0653 2116 KtmRm - ok
12:41:11.0684 2116 [ D9F42719019740BAA6D1C6D536CBDAA6 ] LanmanServer C:\windows\system32\srvsvc.dll
12:41:11.0778 2116 LanmanServer - ok
12:41:11.0824 2116 [ 851A1382EED3E3A7476DB004F4EE3E1A ] LanmanWorkstation C:\windows\System32\wkssvc.dll
12:41:11.0949 2116 LanmanWorkstation - ok
12:41:11.0980 2116 [ 1538831CF8AD2979A04C423779465827 ] lltdio C:\windows\system32\DRIVERS\lltdio.sys
12:41:12.0074 2116 lltdio - ok
12:41:12.0121 2116 [ C1185803384AB3FEED115F79F109427F ] lltdsvc C:\windows\System32\lltdsvc.dll
12:41:12.0246 2116 lltdsvc - ok
12:41:12.0261 2116 [ F993A32249B66C9D622EA5592A8B76B8 ] lmhosts C:\windows\System32\lmhsvc.dll
12:41:12.0339 2116 lmhosts - ok
12:41:12.0386 2116 [ 1A93E54EB0ECE102495A51266DCDB6A6 ] LSI_FC C:\windows\system32\drivers\lsi_fc.sys
12:41:12.0417 2116 LSI_FC - ok
12:41:12.0433 2116 [ 1047184A9FDC8BDBFF857175875EE810 ] LSI_SAS C:\windows\system32\drivers\lsi_sas.sys
12:41:12.0464 2116 LSI_SAS - ok
12:41:12.0480 2116 [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93 ] LSI_SAS2 C:\windows\system32\drivers\lsi_sas2.sys
12:41:12.0511 2116 LSI_SAS2 - ok
12:41:12.0526 2116 [ 0504EACAFF0D3C8AED161C4B0D369D4A ] LSI_SCSI C:\windows\system32\drivers\lsi_scsi.sys
12:41:12.0558 2116 LSI_SCSI - ok
12:41:12.0589 2116 [ 43D0F98E1D56CCDDB0D5254CFF7B356E ] luafv C:\windows\system32\drivers\luafv.sys
12:41:12.0698 2116 luafv - ok
12:41:12.0729 2116 [ A8FE8F2783B2929B56F5370A89356CE9 ] MBAMProtector C:\windows\system32\drivers\mbam.sys
12:41:12.0760 2116 MBAMProtector - ok
12:41:12.0838 2116 [ 85B16A92B117A5A800032ECD904B86DB ] MBAMScheduler C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
12:41:12.0870 2116 MBAMScheduler - ok
12:41:12.0916 2116 [ 20E2469DB709FC675E655CEAA11BE312 ] MBAMService C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
12:41:12.0948 2116 MBAMService - ok
12:41:12.0994 2116 [ 0BE09CD858ABF9DF6ED259D57A1A1663 ] Mcx2Svc C:\windows\system32\Mcx2Svc.dll
12:41:13.0026 2116 Mcx2Svc - ok
12:41:13.0057 2116 [ A55805F747C6EDB6A9080D7C633BD0F4 ] megasas C:\windows\system32\drivers\megasas.sys
12:41:13.0088 2116 megasas - ok
12:41:13.0135 2116 [ BAF74CE0072480C3B6B7C13B2A94D6B3 ] MegaSR C:\windows\system32\drivers\MegaSR.sys
12:41:13.0166 2116 MegaSR - ok
12:41:13.0197 2116 [ E40E80D0304A73E8D269F7141D77250B ] MMCSS C:\windows\system32\mmcss.dll
12:41:13.0291 2116 MMCSS - ok
12:41:13.0306 2116 [ 800BA92F7010378B09F9ED9270F07137 ] Modem C:\windows\system32\drivers\modem.sys
12:41:13.0400 2116 Modem - ok
12:41:13.0416 2116 [ B03D591DC7DA45ECE20B3B467E6AADAA ] monitor C:\windows\system32\DRIVERS\monitor.sys
12:41:13.0478 2116 monitor - ok
12:41:13.0509 2116 [ 7D27EA49F3C1F687D357E77A470AEA99 ] mouclass C:\windows\system32\DRIVERS\mouclass.sys
12:41:13.0540 2116 mouclass - ok
12:41:13.0556 2116 [ D3BF052C40B0C4166D9FD86A4288C1E6 ] mouhid C:\windows\system32\DRIVERS\mouhid.sys
12:41:13.0603 2116 mouhid - ok
12:41:13.0634 2116 [ 32E7A3D591D671A6DF2DB515A5CBE0FA ] mountmgr C:\windows\system32\drivers\mountmgr.sys
12:41:13.0665 2116 mountmgr - ok
12:41:13.0712 2116 [ 05BF204EC0E82CC4A054DB189C8A3D84 ] MpFilter C:\windows\system32\DRIVERS\MpFilter.sys
12:41:13.0743 2116 MpFilter - ok
12:41:13.0774 2116 [ A44B420D30BD56E145D6A2BC8768EC58 ] mpio C:\windows\system32\drivers\mpio.sys
12:41:13.0806 2116 mpio - ok
12:41:13.0837 2116 [ 6C38C9E45AE0EA2FA5E551F2ED5E978F ] mpsdrv C:\windows\system32\drivers\mpsdrv.sys
12:41:13.0915 2116 mpsdrv - ok
12:41:13.0977 2116 [ 54FFC9C8898113ACE189D4AA7199D2C1 ] MpsSvc C:\windows\system32\mpssvc.dll
12:41:14.0086 2116 MpsSvc - ok
12:41:14.0118 2116 [ DC722758B8261E1ABAFD31A3C0A66380 ] MRxDAV C:\windows\system32\drivers\mrxdav.sys
12:41:14.0164 2116 MRxDAV - ok
12:41:14.0196 2116 [ A5D9106A73DC88564C825D317CAC68AC ] mrxsmb C:\windows\system32\DRIVERS\mrxsmb.sys
12:41:14.0258 2116 mrxsmb - ok
12:41:14.0289 2116 [ D711B3C1D5F42C0C2415687BE09FC163 ] mrxsmb10 C:\windows\system32\DRIVERS\mrxsmb10.sys
12:41:14.0336 2116 mrxsmb10 - ok
12:41:14.0367 2116 [ 9423E9D355C8D303E76B8CFBD8A5C30C ] mrxsmb20 C:\windows\system32\DRIVERS\mrxsmb20.sys
12:41:14.0398 2116 mrxsmb20 - ok
12:41:14.0414 2116 [ C25F0BAFA182CBCA2DD3C851C2E75796 ] msahci C:\windows\system32\drivers\msahci.sys
12:41:14.0445 2116 msahci - ok
12:41:14.0476 2116 [ DB801A638D011B9633829EB6F663C900 ] msdsm C:\windows\system32\drivers\msdsm.sys
12:41:14.0508 2116 msdsm - ok
12:41:14.0523 2116 [ DE0ECE52236CFA3ED2DBFC03F28253A8 ] MSDTC C:\windows\System32\msdtc.exe
12:41:14.0586 2116 MSDTC - ok
12:41:14.0617 2116 [ AA3FB40E17CE1388FA1BEDAB50EA8F96 ] Msfs C:\windows\system32\drivers\Msfs.sys
12:41:14.0710 2116 Msfs - ok
12:41:14.0726 2116 [ F9D215A46A8B9753F61767FA72A20326 ] mshidkmdf C:\windows\System32\drivers\mshidkmdf.sys
12:41:14.0835 2116 mshidkmdf - ok
12:41:14.0851 2116 [ D916874BBD4F8B07BFB7FA9B3CCAE29D ] msisadrv C:\windows\system32\drivers\msisadrv.sys
12:41:14.0882 2116 msisadrv - ok
12:41:14.0913 2116 [ 808E98FF49B155C522E6400953177B08 ] MSiSCSI C:\windows\system32\iscsiexe.dll
12:41:15.0022 2116 MSiSCSI - ok
12:41:15.0038 2116 msiserver - ok
12:41:15.0054 2116 [ 49CCF2C4FEA34FFAD8B1B59D49439366 ] MSKSSRV C:\windows\system32\drivers\MSKSSRV.sys
12:41:15.0147 2116 MSKSSRV - ok
12:41:15.0241 2116 [ CC8E4F72F21340A4D3A3D4DB50313EF5 ] MsMpSvc c:\Program Files\Microsoft Security Client\MsMpEng.exe
12:41:15.0288 2116 MsMpSvc - ok
12:41:15.0303 2116 [ BDD71ACE35A232104DDD349EE70E1AB3 ] MSPCLOCK C:\windows\system32\drivers\MSPCLOCK.sys
12:41:15.0412 2116 MSPCLOCK - ok
12:41:15.0412 2116 [ 4ED981241DB27C3383D72092B618A1D0 ] MSPQM C:\windows\system32\drivers\MSPQM.sys
12:41:15.0522 2116 MSPQM - ok
12:41:15.0553 2116 [ 759A9EEB0FA9ED79DA1FB7D4EF78866D ] MsRPC C:\windows\system32\drivers\MsRPC.sys
12:41:15.0600 2116 MsRPC - ok
12:41:15.0631 2116 [ 0EED230E37515A0EAEE3C2E1BC97B288 ] mssmbios C:\windows\system32\DRIVERS\mssmbios.sys
12:41:15.0662 2116 mssmbios - ok
12:41:15.0756 2116 [ 2E66F9ECB30B4221A318C92AC2250779 ] MSTEE C:\windows\system32\drivers\MSTEE.sys
12:41:15.0849 2116 MSTEE - ok
12:41:15.0865 2116 [ 7EA404308934E675BFFDE8EDF0757BCD ] MTConfig C:\windows\system32\drivers\MTConfig.sys
12:41:15.0896 2116 MTConfig - ok
12:41:15.0927 2116 [ F9A18612FD3526FE473C1BDA678D61C8 ] Mup C:\windows\system32\Drivers\mup.sys
12:41:15.0958 2116 Mup - ok
12:41:15.0990 2116 [ 582AC6D9873E31DFA28A4547270862DD ] napagent C:\windows\system32\qagentRT.dll
12:41:16.0099 2116 napagent - ok
12:41:16.0130 2116 [ 1EA3749C4114DB3E3161156FFFFA6B33 ] NativeWifiP C:\windows\system32\DRIVERS\nwifi.sys
12:41:16.0192 2116 NativeWifiP - ok
12:41:16.0255 2116 [ 760E38053BF56E501D562B70AD796B88 ] NDIS C:\windows\system32\drivers\ndis.sys
12:41:16.0333 2116 NDIS - ok
12:41:16.0364 2116 [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC ] NdisCap C:\windows\system32\DRIVERS\ndiscap.sys
12:41:16.0458 2116 NdisCap - ok
12:41:16.0473 2116 [ 30639C932D9FEF22B31268FE25A1B6E5 ] NdisTapi C:\windows\system32\DRIVERS\ndistapi.sys
12:41:16.0567 2116 NdisTapi - ok
12:41:16.0582 2116 [ 136185F9FB2CC61E573E676AA5402356 ] Ndisuio C:\windows\system32\DRIVERS\ndisuio.sys
12:41:16.0676 2116 Ndisuio - ok
12:41:16.0707 2116 [ 53F7305169863F0A2BDDC49E116C2E11 ] NdisWan C:\windows\system32\DRIVERS\ndiswan.sys
12:41:16.0801 2116 NdisWan - ok
12:41:16.0816 2116 [ 015C0D8E0E0421B4CFD48CFFE2825879 ] NDProxy C:\windows\system32\drivers\NDProxy.sys
12:41:16.0910 2116 NDProxy - ok
12:41:16.0941 2116 [ 86743D9F5D2B1048062B14B1D84501C4 ] NetBIOS C:\windows\system32\DRIVERS\netbios.sys
12:41:17.0035 2116 NetBIOS - ok
12:41:17.0050 2116 [ 09594D1089C523423B32A4229263F068 ] NetBT C:\windows\system32\DRIVERS\netbt.sys
12:41:17.0144 2116 NetBT - ok
12:41:17.0175 2116 [ C118A82CD78818C29AB228366EBF81C3 ] Netlogon C:\windows\system32\lsass.exe
12:41:17.0206 2116 Netlogon - ok
12:41:17.0238 2116 [ 847D3AE376C0817161A14A82C8922A9E ] Netman C:\windows\System32\netman.dll
12:41:17.0347 2116 Netman - ok
12:41:17.0378 2116 [ 5F28111C648F1E24F7DBC87CDEB091B8 ] netprofm C:\windows\System32\netprofm.dll
12:41:17.0487 2116 netprofm - ok
12:41:17.0534 2116 [ 3E5A36127E201DDF663176B66828FAFE ] NetTcpPortSharing C:\windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe
12:41:17.0565 2116 NetTcpPortSharing - ok
12:41:17.0612 2116 [ 77889813BE4D166CDAB78DDBA990DA92 ] nfrd960 C:\windows\system32\drivers\nfrd960.sys
12:41:17.0643 2116 nfrd960 - ok
12:41:17.0674 2116 [ 5FF89F20317309D28AC1EDEB0CD1BA72 ] NisDrv C:\windows\system32\DRIVERS\NisDrvWFP.sys
12:41:17.0706 2116 NisDrv - ok
12:41:17.0721 2116 [ 79E80B10FE8F6662E0C9162A68C43444 ] NisSrv c:\Program Files\Microsoft Security Client\NisSrv.exe
12:41:17.0768 2116 NisSrv - ok
12:41:17.0799 2116 [ 8AD77806D336673F270DB31645267293 ] NlaSvc C:\windows\System32\nlasvc.dll
12:41:17.0846 2116 NlaSvc - ok
12:41:17.0893 2116 [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7 ] Npfs C:\windows\system32\drivers\Npfs.sys
12:41:17.0971 2116 Npfs - ok
12:41:18.0002 2116 [ D54BFDF3E0C953F823B3D0BFE4732528 ] nsi C:\windows\system32\nsisvc.dll
12:41:18.0096 2116 nsi - ok
12:41:18.0111 2116 [ E7F5AE18AF4168178A642A9247C63001 ] nsiproxy C:\windows\system32\drivers\nsiproxy.sys
12:41:18.0220 2116 nsiproxy - ok
12:41:18.0298 2116 [ E453ACF4E7D44E5530B5D5F2B9CA8563 ] Ntfs C:\windows\system32\drivers\Ntfs.sys
12:41:18.0376 2116 Ntfs - ok
12:41:18.0423 2116 [ 9899284589F75FA8724FF3D16AED75C1 ] Null C:\windows\system32\drivers\Null.sys
12:41:18.0501 2116 Null - ok
12:41:18.0517 2116 [ 0A92CB65770442ED0DC44834632F66AD ] nvraid C:\windows\system32\drivers\nvraid.sys
12:41:18.0564 2116 nvraid - ok
12:41:18.0579 2116 [ DAB0E87525C10052BF65F06152F37E4A ] nvstor C:\windows\system32\drivers\nvstor.sys
12:41:18.0610 2116 nvstor - ok
12:41:18.0626 2116 [ 270D7CD42D6E3979F6DD0146650F0E05 ] nv_agp C:\windows\system32\drivers\nv_agp.sys
12:41:18.0657 2116 nv_agp - ok
12:41:18.0673 2116 [ 3589478E4B22CE21B41FA1BFC0B8B8A0 ] ohci1394 C:\windows\system32\drivers\ohci1394.sys
12:41:18.0704 2116 ohci1394 - ok
12:41:18.0766 2116 [ 9D10F99A6712E28F8ACD5641E3A7EA6B ] ose C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
12:41:18.0798 2116 ose - ok
12:41:19.0016 2116 [ 61BFFB5F57AD12F83AB64B7181829B34 ] osppsvc C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
12:41:19.0312 2116 osppsvc - ok
12:41:19.0390 2116 [ 3EAC4455472CC2C97107B5291E0DCAFE ] p2pimsvc C:\windows\system32\pnrpsvc.dll
12:41:19.0468 2116 p2pimsvc - ok
12:41:19.0500 2116 [ 927463ECB02179F88E4B9A17568C63C3 ] p2psvc C:\windows\system32\p2psvc.dll
12:41:19.0546 2116 p2psvc - ok
12:41:19.0593 2116 [ 0086431C29C35BE1DBC43F52CC273887 ] Parport C:\windows\system32\drivers\parport.sys
12:41:19.0640 2116 Parport - ok
12:41:19.0687 2116 [ E9766131EEADE40A27DC27D2D68FBA9C ] partmgr C:\windows\system32\drivers\partmgr.sys
12:41:19.0718 2116 partmgr - ok
12:41:19.0765 2116 [ 3AEAA8B561E63452C655DC0584922257 ] PcaSvc C:\windows\System32\pcasvc.dll
12:41:19.0843 2116 PcaSvc - ok
12:41:19.0874 2116 [ 94575C0571D1462A0F70BDE6BD6EE6B3 ] pci C:\windows\system32\drivers\pci.sys
12:41:19.0905 2116 pci - ok
12:41:19.0921 2116 [ B5B8B5EF2E5CB34DF8DCF8831E3534FA ] pciide C:\windows\system32\DRIVERS\pciide.sys
12:41:19.0952 2116 pciide - ok
12:41:19.0983 2116 [ B2E81D4E87CE48589F98CB8C05B01F2F ] pcmcia C:\windows\system32\drivers\pcmcia.sys
12:41:20.0030 2116 pcmcia - ok
12:41:20.0046 2116 [ D6B9C2E1A11A3A4B26A182FFEF18F603 ] pcw C:\windows\system32\drivers\pcw.sys
12:41:20.0077 2116 pcw - ok
12:41:20.0108 2116 [ 68769C3356B3BE5D1C732C97B9A80D6E ] PEAUTH C:\windows\system32\drivers\peauth.sys
12:41:20.0217 2116 PEAUTH - ok
12:41:20.0326 2116 [ E495E408C93141E8FC72DC0C6046DDFA ] PerfHost C:\windows\SysWow64\perfhost.exe
12:41:20.0373 2116 PerfHost - ok
12:41:20.0420 2116 [ 91111CEBBDE8015E822C46120ED9537C ] PGEffect C:\windows\system32\DRIVERS\pgeffect.sys
12:41:20.0451 2116 PGEffect - ok
12:41:20.0514 2116 [ C7CF6A6E137463219E1259E3F0F0DD6C ] pla C:\windows\system32\pla.dll
12:41:20.0654 2116 pla - ok
12:41:20.0701 2116 [ 25FBDEF06C4D92815B353F6E792C8129 ] PlugPlay C:\windows\system32\umpnpmgr.dll
12:41:20.0763 2116 PlugPlay - ok
12:41:20.0794 2116 [ 7195581CEC9BB7D12ABE54036ACC2E38 ] PNRPAutoReg C:\windows\system32\pnrpauto.dll
12:41:20.0841 2116 PNRPAutoReg - ok
12:41:20.0872 2116 [ 3EAC4455472CC2C97107B5291E0DCAFE ] PNRPsvc C:\windows\system32\pnrpsvc.dll
12:41:20.0919 2116 PNRPsvc - ok
12:41:20.0950 2116 [ 4F15D75ADF6156BF56ECED6D4A55C389 ] PolicyAgent C:\windows\System32\ipsecsvc.dll
12:41:21.0060 2116 PolicyAgent - ok
12:41:21.0091 2116 [ 6BA9D927DDED70BD1A9CADED45F8B184 ] Power C:\windows\system32\umpo.dll
12:41:21.0200 2116 Power - ok
12:41:21.0247 2116 [ F92A2C41117A11A00BE01CA01A7FCDE9 ] PptpMiniport C:\windows\system32\DRIVERS\raspptp.sys
12:41:21.0340 2116 PptpMiniport - ok
12:41:21.0372 2116 [ 0D922E23C041EFB1C3FAC2A6F943C9BF ] Processor C:\windows\system32\drivers\processr.sys
12:41:21.0418 2116 Processor - ok
12:41:21.0450 2116 [ 53E83F1F6CF9D62F32801CF66D8352A8 ] ProfSvc C:\windows\system32\profsvc.dll
12:41:21.0528 2116 ProfSvc - ok
12:41:21.0574 2116 [ C118A82CD78818C29AB228366EBF81C3 ] ProtectedStorage C:\windows\system32\lsass.exe
12:41:21.0606 2116 ProtectedStorage - ok
12:41:21.0621 2116 [ 0557CF5A2556BD58E26384169D72438D ] Psched C:\windows\system32\DRIVERS\pacer.sys
12:41:21.0715 2116 Psched - ok
12:41:21.0762 2116 [ A53A15A11EBFD21077463EE2C7AFEEF0 ] ql2300 C:\windows\system32\drivers\ql2300.sys
12:41:21.0855 2116 ql2300 - ok
12:41:21.0886 2116 [ 4F6D12B51DE1AAEFF7DC58C4D75423C8 ] ql40xx C:\windows\system32\drivers\ql40xx.sys
12:41:21.0918 2116 ql40xx - ok
12:41:21.0949 2116 [ 906191634E99AEA92C4816150BDA3732 ] QWAVE C:\windows\system32\qwave.dll
12:41:21.0996 2116 QWAVE - ok
12:41:22.0011 2116 [ 76707BB36430888D9CE9D705398ADB6C ] QWAVEdrv C:\windows\system32\drivers\qwavedrv.sys
12:41:22.0074 2116 QWAVEdrv - ok
12:41:22.0089 2116 [ 5A0DA8AD5762FA2D91678A8A01311704 ] RasAcd C:\windows\system32\DRIVERS\rasacd.sys
12:41:22.0183 2116 RasAcd - ok
12:41:22.0214 2116 [ 7ECFF9B22276B73F43A99A15A6094E90 ] RasAgileVpn C:\windows\system32\DRIVERS\AgileVpn.sys
12:41:22.0308 2116 RasAgileVpn - ok
12:41:22.0323 2116 [ 8F26510C5383B8DBE976DE1CD00FC8C7 ] RasAuto C:\windows\System32\rasauto.dll
12:41:22.0432 2116 RasAuto - ok
12:41:22.0448 2116 [ 471815800AE33E6F1C32FB1B97C490CA ] Rasl2tp C:\windows\system32\DRIVERS\rasl2tp.sys
12:41:22.0542 2116 Rasl2tp - ok
12:41:22.0588 2116 [ EE867A0870FC9E4972BA9EAAD35651E2 ] RasMan C:\windows\System32\rasmans.dll
12:41:22.0682 2116 RasMan - ok
12:41:22.0698 2116 [ 855C9B1CD4756C5E9A2AA58A15F58C25 ] RasPppoe C:\windows\system32\DRIVERS\raspppoe.sys
12:41:22.0807 2116 RasPppoe - ok
12:41:22.0822 2116 [ E8B1E447B008D07FF47D016C2B0EEECB ] RasSstp C:\windows\system32\DRIVERS\rassstp.sys
12:41:22.0932 2116 RasSstp - ok
12:41:22.0978 2116 [ 77F665941019A1594D887A74F301FA2F ] rdbss C:\windows\system32\DRIVERS\rdbss.sys
12:41:23.0103 2116 rdbss - ok
12:41:23.0119 2116 [ 302DA2A0539F2CF54D7C6CC30C1F2D8D ] rdpbus C:\windows\system32\drivers\rdpbus.sys
12:41:23.0181 2116 rdpbus - ok
12:41:23.0197 2116 [ CEA6CC257FC9B7715F1C2B4849286D24 ] RDPCDD C:\windows\system32\DRIVERS\RDPCDD.sys
12:41:23.0290 2116 RDPCDD - ok
12:41:23.0322 2116 [ BB5971A4F00659529A5C44831AF22365 ] RDPENCDD C:\windows\system32\drivers\rdpencdd.sys
12:41:23.0431 2116 RDPENCDD - ok
12:41:23.0446 2116 [ 216F3FA57533D98E1F74DED70113177A ] RDPREFMP C:\windows\system32\drivers\rdprefmp.sys
12:41:23.0524 2116 RDPREFMP - ok
12:41:23.0571 2116 [ E61608AA35E98999AF9AAEEEA6114B0A ] RDPWD C:\windows\system32\drivers\RDPWD.sys
12:41:23.0665 2116 RDPWD - ok
12:41:23.0696 2116 [ 34ED295FA0121C241BFEF24764FC4520 ] rdyboost C:\windows\system32\drivers\rdyboost.sys
12:41:23.0743 2116 rdyboost - ok
12:41:23.0774 2116 [ 254FB7A22D74E5511C73A3F6D802F192 ] RemoteAccess C:\windows\System32\mprdim.dll
12:41:23.0883 2116 RemoteAccess - ok
12:41:23.0930 2116 [ E4D94F24081440B5FC5AA556C7C62702 ] RemoteRegistry C:\windows\system32\regsvc.dll
12:41:24.0008 2116 RemoteRegistry - ok
12:41:24.0039 2116 [ E4DC58CF7B3EA515AE917FF0D402A7BB ] RpcEptMapper C:\windows\System32\RpcEpMap.dll
12:41:24.0148 2116 RpcEptMapper - ok
12:41:24.0180 2116 [ D5BA242D4CF8E384DB90E6A8ED850B8C ] RpcLocator C:\windows\system32\locator.exe
12:41:24.0211 2116 RpcLocator - ok
12:41:24.0320 2116 [ 5C627D1B1138676C0A7AB2C2C190D123 ] RpcSs C:\windows\system32\rpcss.dll
12:41:24.0429 2116 RpcSs - ok
12:41:24.0616 2116 [ DDC86E4F8E7456261E637E3552E804FF ] rspndr C:\windows\system32\DRIVERS\rspndr.sys
12:41:24.0741 2116 rspndr - ok
12:41:24.0788 2116 [ 36FCA0C67BCDC0DA047F5F36743B5CB9 ] RSUSBVSTOR C:\windows\system32\Drivers\RtsUVStor.sys
12:41:24.0819 2116 RSUSBVSTOR - ok
12:41:24.0850 2116 [ E50CFB92986DCAB49DE93788FD695813 ] RTL8167 C:\windows\system32\DRIVERS\Rt64win7.sys
12:41:24.0897 2116 RTL8167 - ok
12:41:25.0084 2116 [ 513338976B722822B555D739D78F9E9F ] RTL8192Ce C:\windows\system32\DRIVERS\rtl8192Ce.sys
12:41:25.0178 2116 RTL8192Ce - ok
12:41:25.0240 2116 [ C118A82CD78818C29AB228366EBF81C3 ] SamSs C:\windows\system32\lsass.exe
12:41:25.0287 2116 SamSs - ok
12:41:25.0334 2116 [ AC03AF3329579FFFB455AA2DAABBE22B ] sbp2port C:\windows\system32\drivers\sbp2port.sys
12:41:25.0365 2116 sbp2port - ok
12:41:25.0412 2116 [ 9B7395789E3791A3B6D000FE6F8B131E ] SCardSvr C:\windows\System32\SCardSvr.dll
12:41:25.0506 2116 SCardSvr - ok
12:41:25.0521 2116 [ 253F38D0D7074C02FF8DEB9836C97D2B ] scfilter C:\windows\system32\DRIVERS\scfilter.sys
12:41:25.0615 2116 scfilter - ok
12:41:25.0662 2116 [ 262F6592C3299C005FD6BEC90FC4463A ] Schedule C:\windows\system32\schedsvc.dll
12:41:25.0802 2116 Schedule - ok
12:41:25.0849 2116 [ F17D1D393BBC69C5322FBFAFACA28C7F ] SCPolicySvc C:\windows\System32\certprop.dll
12:41:25.0927 2116 SCPolicySvc - ok
12:41:25.0974 2116 [ 6EA4234DC55346E0709560FE7C2C1972 ] SDRSVC C:\windows\System32\SDRSVC.dll
12:41:26.0036 2116 SDRSVC - ok
12:41:26.0067 2116 [ 3EA8A16169C26AFBEB544E0E48421186 ] secdrv C:\windows\system32\drivers\secdrv.sys
12:41:26.0192 2116 secdrv - ok
12:41:26.0239 2116 [ BC617A4E1B4FA8DF523A061739A0BD87 ] seclogon C:\windows\system32\seclogon.dll
12:41:26.0348 2116 seclogon - ok
12:41:26.0410 2116 [ C32AB8FA018EF34C0F113BD501436D21 ] SENS C:\windows\System32\sens.dll
12:41:26.0520 2116 SENS - ok
12:41:26.0535 2116 [ 0336CFFAFAAB87A11541F1CF1594B2B2 ] SensrSvc C:\windows\system32\sensrsvc.dll
12:41:26.0629 2116 SensrSvc - ok
12:41:26.0660 2116 [ CB624C0035412AF0DEBEC78C41F5CA1B ] Serenum C:\windows\system32\drivers\serenum.sys
12:41:26.0785 2116 Serenum - ok
12:41:26.0816 2116 [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6 ] Serial C:\windows\system32\drivers\serial.sys
12:41:26.0863 2116 Serial - ok
12:41:26.0894 2116 [ 1C545A7D0691CC4A027396535691C3E3 ] sermouse C:\windows\system32\drivers\sermouse.sys
12:41:26.0941 2116 sermouse - ok
12:41:27.0003 2116 [ 0B6231BF38174A1628C4AC812CC75804 ] SessionEnv C:\windows\system32\sessenv.dll
12:41:27.0112 2116 SessionEnv - ok
12:41:27.0144 2116 [ A554811BCD09279536440C964AE35BBF ] sffdisk C:\windows\system32\drivers\sffdisk.sys
12:41:27.0190 2116 sffdisk - ok
12:41:27.0206 2116 [ FF414F0BAEFEBA59BC6C04B3DB0B87BF ] sffp_mmc C:\windows\system32\drivers\sffp_mmc.sys
12:41:27.0253 2116 sffp_mmc - ok
12:41:27.0268 2116 [ DD85B78243A19B59F0637DCF284DA63C ] sffp_sd C:\windows\system32\drivers\sffp_sd.sys
12:41:27.0315 2116 sffp_sd - ok
12:41:27.0331 2116 [ A9D601643A1647211A1EE2EC4E433FF4 ] sfloppy C:\windows\system32\drivers\sfloppy.sys
12:41:27.0362 2116 sfloppy - ok
12:41:27.0424 2116 [ B95F6501A2F8B2E78C697FEC401970CE ] SharedAccess C:\windows\System32\ipnathlp.dll
12:41:27.0518 2116 SharedAccess - ok
12:41:27.0565 2116 [ AAF932B4011D14052955D4B212A4DA8D ] ShellHWDetection C:\windows\System32\shsvcs.dll
12:41:27.0674 2116 ShellHWDetection - ok
12:41:27.0690 2116 [ 843CAF1E5FDE1FFD5FF768F23A51E2E1 ] SiSRaid2 C:\windows\system32\drivers\SiSRaid2.sys
12:41:27.0736 2116 SiSRaid2 - ok
12:41:27.0768 2116 [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4 ] SiSRaid4 C:\windows\system32\drivers\sisraid4.sys
12:41:27.0799 2116 SiSRaid4 - ok
12:41:27.0799 2116 [ 548260A7B8654E024DC30BF8A7C5BAA4 ] Smb C:\windows\system32\DRIVERS\smb.sys
12:41:27.0892 2116 Smb - ok
12:41:27.0970 2116 [ 6313F223E817CC09AA41811DAA7F541D ] SNMPTRAP C:\windows\System32\snmptrap.exe
12:41:28.0017 2116 SNMPTRAP - ok
12:41:28.0048 2116 [ B9E31E5CACDFE584F34F730A677803F9 ] spldr C:\windows\system32\drivers\spldr.sys
12:41:28.0080 2116 spldr - ok
12:41:28.0126 2116 [ 85DAA09A98C9286D4EA2BA8D0E644377 ] Spooler C:\windows\System32\spoolsv.exe
12:41:28.0173 2116 Spooler - ok
12:41:28.0282 2116 [ E17E0188BB90FAE42D83E98707EFA59C ] sppsvc C:\windows\system32\sppsvc.exe
12:41:28.0485 2116 sppsvc - ok
12:41:28.0532 2116 [ 93D7D61317F3D4BC4F4E9F8A96A7DE45 ] sppuinotify C:\windows\system32\sppuinotify.dll
12:41:28.0610 2116 sppuinotify - ok
12:41:28.0735 2116 [ 441FBA48BFF01FDB9D5969EBC1838F0B ] srv C:\windows\system32\DRIVERS\srv.sys
12:41:28.0828 2116 srv - ok
12:41:28.0860 2116 [ B4ADEBBF5E3677CCE9651E0F01F7CC28 ] srv2 C:\windows\system32\DRIVERS\srv2.sys
12:41:28.0906 2116 srv2 - ok
12:41:28.0922 2116 [ 27E461F0BE5BFF5FC737328F749538C3 ] srvnet C:\windows\system32\DRIVERS\srvnet.sys
12:41:28.0953 2116 srvnet - ok
12:41:29.0000 2116 [ 51B52FBD583CDE8AA9BA62B8B4298F33 ] SSDPSRV C:\windows\System32\ssdpsrv.dll
12:41:29.0109 2116 SSDPSRV - ok
12:41:29.0125 2116 [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB ] SstpSvc C:\windows\system32\sstpsvc.dll
12:41:29.0218 2116 SstpSvc - ok
12:41:29.0250 2116 [ F3817967ED533D08327DC73BC4D5542A ] stexstor C:\windows\system32\drivers\stexstor.sys
12:41:29.0281 2116 stexstor - ok
12:41:29.0343 2116 [ 8DD52E8E6128F4B2DA92CE27402871C1 ] stisvc C:\windows\System32\wiaservc.dll
12:41:29.0406 2116 stisvc - ok
12:41:29.0437 2116 [ D01EC09B6711A5F8E7E6564A4D0FBC90 ] swenum C:\windows\system32\DRIVERS\swenum.sys
12:41:29.0468 2116 swenum - ok
12:41:29.0515 2116 [ E08E46FDD841B7184194011CA1955A0B ] swprv C:\windows\System32\swprv.dll
12:41:29.0640 2116 swprv - ok
12:41:29.0764 2116 [ 06D602A637E171E151853F1D8ECD34F1 ] SynTP C:\windows\system32\DRIVERS\SynTP.sys
12:41:29.0842 2116 SynTP - ok
12:41:29.0936 2116 [ BF9CCC0BF39B418C8D0AE8B05CF95B7D ] SysMain C:\windows\system32\sysmain.dll
12:41:30.0045 2116 SysMain - ok
12:41:30.0092 2116 [ E3C61FD7B7C2557E1F1B0B4CEC713585 ] TabletInputService C:\windows\System32\TabSvc.dll
12:41:30.0170 2116 TabletInputService - ok
12:41:30.0201 2116 [ 40F0849F65D13EE87B9A9AE3C1DD6823 ] TapiSrv C:\windows\System32\tapisrv.dll
12:41:30.0326 2116 TapiSrv - ok
12:41:30.0357 2116 [ 1BE03AC720F4D302EA01D40F588162F6 ] TBS C:\windows\System32\tbssvc.dll
12:41:30.0466 2116 TBS - ok
12:41:30.0560 2116 [ 37608401DFDB388CAF66917F6B2D6FB0 ] Tcpip C:\windows\system32\drivers\tcpip.sys
12:41:30.0669 2116 Tcpip - ok
12:41:30.0732 2116 [ 37608401DFDB388CAF66917F6B2D6FB0 ] TCPIP6 C:\windows\system32\DRIVERS\tcpip.sys
12:41:30.0825 2116 TCPIP6 - ok
12:41:30.0872 2116 [ 1B16D0BD9841794A6E0CDE0CEF744ABC ] tcpipreg C:\windows\system32\drivers\tcpipreg.sys
12:41:30.0888 2116 tcpipreg - ok
12:41:30.0934 2116 [ FD542B661BD22FA69CA789AD0AC58C29 ] tdcmdpst C:\windows\system32\DRIVERS\tdcmdpst.sys
12:41:30.0950 2116 tdcmdpst - ok
12:41:30.0997 2116 [ 3371D21011695B16333A3934340C4E7C ] TDPIPE C:\windows\system32\drivers\tdpipe.sys
12:41:31.0075 2116 TDPIPE - ok
12:41:31.0122 2116 [ 51C5ECEB1CDEE2468A1748BE550CFBC8 ] TDTCP C:\windows\system32\drivers\tdtcp.sys
12:41:31.0184 2116 TDTCP - ok
12:41:31.0231 2116 [ DDAD5A7AB24D8B65F8D724F5C20FD806 ] tdx C:\windows\system32\DRIVERS\tdx.sys
12:41:31.0309 2116 tdx - ok
12:41:31.0543 2116 [ 561E7E1F06895D78DE991E01DD0FB6E5 ] TermDD C:\windows\system32\DRIVERS\termdd.sys
12:41:31.0590 2116 TermDD - ok
12:41:31.0636 2116 [ 2E648163254233755035B46DD7B89123 ] TermService C:\windows\System32\termsrv.dll
12:41:31.0777 2116 TermService - ok
12:41:31.0808 2116 [ F0344071948D1A1FA732231785A0664C ] Themes C:\windows\system32\themeservice.dll
12:41:31.0902 2116 Themes - ok
12:41:31.0948 2116 [ 7F35CA8296A52C7161088EB1D952E8ED ] Thpdrv C:\windows\system32\DRIVERS\thpdrv.sys
12:41:31.0980 2116 Thpdrv - ok
12:41:32.0042 2116 [ B4E609047434ED948AF7BDEF2FA66E38 ] Thpevm C:\windows\system32\DRIVERS\Thpevm.SYS
12:41:32.0089 2116 Thpevm - ok
12:41:32.0151 2116 [ 0B4734AE9EC70B843DF02E7B1C056377 ] Thpsrv C:\windows\system32\ThpSrv.exe
12:41:32.0198 2116 Thpsrv ( UnsignedFile.Multi.Generic ) - warning
12:41:32.0198 2116 Thpsrv - detected UnsignedFile.Multi.Generic (1)
12:41:32.0229 2116 [ E40E80D0304A73E8D269F7141D77250B ] THREADORDER C:\windows\system32\mmcss.dll
12:41:32.0307 2116 THREADORDER - ok
12:41:32.0401 2116 [ 71C321649B28638EE80A2EEB164C1DC8 ] TMachInfo C:\Program Files (x86)\TOSHIBA\TOSHIBA Service Station\TMachInfo.exe
12:41:32.0448 2116 TMachInfo - ok
12:41:32.0494 2116 [ 8E2C799D3476EAC32C3BA0DF7CE6AF19 ] TODDSrv C:\windows\system32\TODDSrv.exe
12:41:32.0526 2116 TODDSrv - ok
12:41:32.0604 2116 [ 1C73689B900428C7D054A41C4687F55C ] TosCoSrv C:\Program Files\TOSHIBA\Power Saver\TosCoSrv.exe
12:41:32.0650 2116 TosCoSrv - ok
12:41:32.0697 2116 [ 29D0886CF250FCEF1BF9E65AB8D2C0C8 ] TOSHIBA HDD SSD Alert Service C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSmartSrv.exe
12:41:32.0775 2116 TOSHIBA HDD SSD Alert Service - ok
12:41:32.0806 2116 [ 7E7AFD841694F6AC397E99D75CEAD49D ] TrkWks C:\windows\System32\trkwks.dll
12:41:32.0962 2116 TrkWks - ok
12:41:33.0009 2116 [ 773212B2AAA24C1E31F10246B15B276C ] TrustedInstaller C:\windows\servicing\TrustedInstaller.exe
12:41:33.0118 2116 TrustedInstaller - ok
12:41:33.0150 2116 [ CE18B2CDFC837C99E5FAE9CA6CBA5D30 ] tssecsrv C:\windows\system32\DRIVERS\tssecsrv.sys
12:41:33.0321 2116 tssecsrv - ok
12:41:33.0352 2116 [ D11C783E3EF9A3C52C0EBE83CC5000E9 ] TsUsbFlt C:\windows\system32\drivers\tsusbflt.sys
12:41:33.0415 2116 TsUsbFlt - ok
12:41:33.0446 2116 [ 9CC2CCAE8A84820EAECB886D477CBCB8 ] TsUsbGD C:\windows\system32\drivers\TsUsbGD.sys
12:41:33.0508 2116 TsUsbGD - ok
12:41:33.0540 2116 [ 3566A8DAAFA27AF944F5D705EAA64894 ] tunnel C:\windows\system32\DRIVERS\tunnel.sys
12:41:33.0664 2116 tunnel - ok
12:41:33.0727 2116 [ 550B567F9364D8F7684C3FB3EA665A72 ] TVALZ C:\windows\system32\DRIVERS\TVALZ_O.SYS
12:41:33.0742 2116 TVALZ - ok
12:41:33.0805 2116 [ B4DD609BD7E282BFC683CEC7EAAAAD67 ] uagp35 C:\windows\system32\drivers\uagp35.sys
12:41:33.0852 2116 uagp35 - ok
12:41:33.0883 2116 [ FF4232A1A64012BAA1FD97C7B67DF593 ] udfs C:\windows\system32\DRIVERS\udfs.sys
12:41:34.0023 2116 udfs - ok
12:41:34.0054 2116 [ 3CBDEC8D06B9968ABA702EBA076364A1 ] UI0Detect C:\windows\system32\UI0Detect.exe
12:41:34.0101 2116 UI0Detect - ok
12:41:34.0164 2116 [ 4BFE1BC28391222894CBF1E7D0E42320 ] uliagpkx C:\windows\system32\drivers\uliagpkx.sys
12:41:34.0210 2116 uliagpkx - ok
12:41:34.0242 2116 [ DC54A574663A895C8763AF0FA1FF7561 ] umbus C:\windows\system32\DRIVERS\umbus.sys
12:41:34.0304 2116 umbus - ok
12:41:34.0335 2116 [ B2E8E8CB557B156DA5493BBDDCC1474D ] UmPass C:\windows\system32\drivers\umpass.sys
12:41:34.0398 2116 UmPass - ok
12:41:34.0476 2116 [ D47EC6A8E81633DD18D2436B19BAF6DE ] upnphost C:\windows\System32\upnphost.dll
12:41:34.0585 2116 upnphost - ok
12:41:34.0632 2116 [ 6F1A3157A1C89435352CEB543CDB359C ] usbccgp C:\windows\system32\DRIVERS\usbccgp.sys
12:41:34.0678 2116 usbccgp - ok
12:41:34.0694 2116 [ AF0892A803FDDA7492F595368E3B68E7 ] usbcir C:\windows\system32\drivers\usbcir.sys
12:41:34.0741 2116 usbcir - ok
12:41:34.0772 2116 [ C025055FE7B87701EB042095DF1A2D7B ] usbehci C:\windows\system32\DRIVERS\usbehci.sys
12:41:34.0850 2116 usbehci - ok
12:41:34.0897 2116 [ 287C6C9410B111B68B52CA298F7B8C24 ] usbhub C:\windows\system32\DRIVERS\usbhub.sys
12:41:34.0975 2116 usbhub - ok
12:41:35.0006 2116 [ 9840FC418B4CBD632D3D0A667A725C31 ] usbohci C:\windows\system32\DRIVERS\usbohci.sys
12:41:35.0068 2116 usbohci - ok
12:41:35.0100 2116 [ 73188F58FB384E75C4063D29413CEE3D ] usbprint C:\windows\system32\DRIVERS\usbprint.sys
12:41:35.0178 2116 usbprint - ok
12:41:35.0209 2116 [ AAA2513C8AED8B54B189FD0C6B1634C0 ] usbscan C:\windows\system32\DRIVERS\usbscan.sys
12:41:35.0271 2116 usbscan - ok
12:41:35.0302 2116 [ FED648B01349A3C8395A5169DB5FB7D6 ] USBSTOR C:\windows\system32\DRIVERS\USBSTOR.SYS
12:41:35.0458 2116 USBSTOR - ok
12:41:35.0505 2116 [ 62069A34518BCF9C1FD9E74B3F6DB7CD ] usbuhci C:\windows\system32\drivers\usbuhci.sys
12:41:35.0583 2116 usbuhci - ok
12:41:35.0630 2116 [ 454800C2BC7F3927CE030141EE4F4C50 ] usbvideo C:\windows\system32\Drivers\usbvideo.sys
12:41:35.0677 2116 usbvideo - ok
12:41:35.0708 2116 [ EDBB23CBCF2CDF727D64FF9B51A6070E ] UxSms C:\windows\System32\uxsms.dll
12:41:35.0833 2116 UxSms - ok
12:41:35.0864 2116 [ C118A82CD78818C29AB228366EBF81C3 ] VaultSvc C:\windows\system32\lsass.exe
12:41:35.0895 2116 VaultSvc - ok
12:41:35.0942 2116 [ C5C876CCFC083FF3B128F933823E87BD ] vdrvroot C:\windows\system32\drivers\vdrvroot.sys
12:41:35.0989 2116 vdrvroot - ok
12:41:36.0036 2116 [ 8D6B481601D01A456E75C3210F1830BE ] vds C:\windows\System32\vds.exe
12:41:36.0176 2116 vds - ok
12:41:36.0254 2116 [ DA4DA3F5E02943C2DC8C6ED875DE68DD ] vga C:\windows\system32\DRIVERS\vgapnp.sys
12:41:36.0301 2116 vga - ok
12:41:36.0316 2116 [ 53E92A310193CB3C03BEA963DE7D9CFC ] VgaSave C:\windows\System32\drivers\vga.sys
12:41:36.0441 2116 VgaSave - ok
12:41:36.0457 2116 [ 2CE2DF28C83AEAF30084E1B1EB253CBB ] vhdmp C:\windows\system32\drivers\vhdmp.sys
12:41:36.0504 2116 vhdmp - ok
12:41:36.0550 2116 [ E5689D93FFE4E5D66C0178761240DD54 ] viaide C:\windows\system32\drivers\viaide.sys
12:41:36.0613 2116 viaide - ok
12:41:36.0644 2116 [ D2AAFD421940F640B407AEFAAEBD91B0 ] volmgr C:\windows\system32\drivers\volmgr.sys
12:41:36.0675 2116 volmgr - ok
12:41:36.0706 2116 [ A255814907C89BE58B79EF2F189B843B ] volmgrx C:\windows\system32\drivers\volmgrx.sys
12:41:36.0753 2116 volmgrx - ok
12:41:36.0800 2116 [ DF8126BD41180351A093A3AD2FC8903B ] volsnap C:\windows\system32\drivers\volsnap.sys
12:41:36.0831 2116 volsnap - ok
12:41:36.0862 2116 [ 5E2016EA6EBACA03C04FEAC5F330D997 ] vsmraid C:\windows\system32\drivers\vsmraid.sys
12:41:36.0894 2116 vsmraid - ok
12:41:36.0972 2116 [ B60BA0BC31B0CB414593E169F6F21CC2 ] VSS C:\windows\system32\vssvc.exe
12:41:37.0112 2116 VSS - ok
12:41:37.0143 2116 [ 36D4720B72B5C5D9CB2B9C29E9DF67A1 ] vwifibus C:\windows\system32\DRIVERS\vwifibus.sys
12:41:37.0190 2116 vwifibus - ok
12:41:37.0221 2116 [ 6A3D66263414FF0D6FA754C646612F3F ] vwififlt C:\windows\system32\DRIVERS\vwififlt.sys
12:41:37.0268 2116 vwififlt - ok
12:41:37.0284 2116 [ 6A638FC4BFDDC4D9B186C28C91BD1A01 ] vwifimp C:\windows\system32\DRIVERS\vwifimp.sys
12:41:37.0346 2116 vwifimp - ok
12:41:37.0393 2116 [ 1C9D80CC3849B3788048078C26486E1A ] W32Time C:\windows\system32\w32time.dll
12:41:37.0502 2116 W32Time - ok
12:41:37.0533 2116 [ 4E9440F4F152A7B944CB1663D3935A3E ] WacomPen C:\windows\system32\drivers\wacompen.sys
12:41:37.0642 2116 WacomPen - ok
12:41:37.0674 2116 [ 356AFD78A6ED4457169241AC3965230C ] WANARP C:\windows\system32\DRIVERS\wanarp.sys
12:41:37.0798 2116 WANARP - ok
12:41:37.0814 2116 [ 356AFD78A6ED4457169241AC3965230C ] Wanarpv6 C:\windows\system32\DRIVERS\wanarp.sys
12:41:37.0939 2116 Wanarpv6 - ok
12:41:38.0064 2116 [ 3CEC96DE223E49EAAE3651FCF8FAEA6C ] WatAdminSvc C:\windows\system32\Wat\WatAdminSvc.exe
12:41:38.0126 2116 WatAdminSvc - ok
12:41:38.0266 2116 [ 78F4E7F5C56CB9716238EB57DA4B6A75 ] wbengine C:\windows\system32\wbengine.exe
12:41:38.0391 2116 wbengine - ok
12:41:38.0422 2116 [ 3AA101E8EDAB2DB4131333F4325C76A3 ] WbioSrvc C:\windows\System32\wbiosrvc.dll
12:41:38.0485 2116 WbioSrvc - ok
12:41:38.0532 2116 [ 7368A2AFD46E5A4481D1DE9D14848EDD ] wcncsvc C:\windows\System32\wcncsvc.dll
12:41:38.0672 2116 wcncsvc - ok
12:41:38.0688 2116 [ 20F7441334B18CEE52027661DF4A6129 ] WcsPlugInService C:\windows\System32\WcsPlugInService.dll
12:41:38.0734 2116 WcsPlugInService - ok
12:41:38.0781 2116 [ 72889E16FF12BA0F235467D6091B17DC ] Wd C:\windows\system32\drivers\wd.sys
12:41:38.0812 2116 Wd - ok
12:41:38.0859 2116 [ 442783E2CB0DA19873B7A63833FF4CB4 ] Wdf01000 C:\windows\system32\drivers\Wdf01000.sys
12:41:38.0937 2116 Wdf01000 - ok
12:41:38.0953 2116 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiServiceHost C:\windows\system32\wdi.dll
12:41:39.0093 2116 WdiServiceHost - ok
12:41:39.0109 2116 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiSystemHost C:\windows\system32\wdi.dll
12:41:39.0187 2116 WdiSystemHost - ok
12:41:39.0202 2116 [ 3DB6D04E1C64272F8B14EB8BC4616280 ] WebClient C:\windows\System32\webclnt.dll
12:41:39.0312 2116 WebClient - ok
12:41:39.0327 2116 [ C749025A679C5103E575E3B48E092C43 ] Wecsvc C:\windows\system32\wecsvc.dll
12:41:39.0499 2116 Wecsvc - ok
12:41:39.0499 2116 [ 7E591867422DC788B9E5BD337A669A08 ] wercplsupport C:\windows\System32\wercplsupport.dll
12:41:39.0655 2116 wercplsupport - ok
12:41:39.0670 2116 [ 6D137963730144698CBD10F202E9F251 ] WerSvc C:\windows\System32\WerSvc.dll
12:41:39.0826 2116 WerSvc - ok
12:41:39.0858 2116 [ 611B23304BF067451A9FDEE01FBDD725 ] WfpLwf C:\windows\system32\DRIVERS\wfplwf.sys
12:41:40.0029 2116 WfpLwf - ok
12:41:40.0123 2116 [ 05ECAEC3E4529A7153B3136CEB49F0EC ] WIMMount C:\windows\system32\drivers\wimmount.sys
12:41:40.0154 2116 WIMMount - ok
12:41:40.0170 2116 WinDefend - ok
12:41:40.0185 2116 WinHttpAutoProxySvc - ok
12:41:40.0248 2116 [ 19B07E7E8915D701225DA41CB3877306 ] Winmgmt C:\windows\system32\wbem\WMIsvc.dll
12:41:40.0372 2116 Winmgmt - ok
12:41:40.0450 2116 [ BCB1310604AA415C4508708975B3931E ] WinRM C:\windows\system32\WsmSvc.dll
12:41:40.0653 2116 WinRM - ok
12:41:40.0778 2116 [ 4FADA86E62F18A1B2F42BA18AE24E6AA ] Wlansvc C:\windows\System32\wlansvc.dll
12:41:40.0934 2116 Wlansvc - ok
12:41:40.0981 2116 [ 06C8FA1CF39DE6A735B54D906BA791C6 ] wlcrasvc C:\Program Files\Windows Live\Mesh\wlcrasvc.exe
12:41:41.0012 2116 wlcrasvc - ok
12:41:41.0121 2116 [ 2BACD71123F42CEA603F4E205E1AE337 ] wlidsvc C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
12:41:41.0324 2116 wlidsvc - ok
12:41:41.0402 2116 [ F6FF8944478594D0E414D3F048F0D778 ] WmiAcpi C:\windows\system32\drivers\wmiacpi.sys
12:41:41.0464 2116 WmiAcpi - ok
12:41:41.0511 2116 [ 38B84C94C5A8AF291ADFEA478AE54F93 ] wmiApSrv C:\windows\system32\wbem\WmiApSrv.exe
12:41:41.0636 2116 wmiApSrv - ok
12:41:41.0667 2116 WMPNetworkSvc - ok
12:41:41.0714 2116 [ 96C6E7100D724C69FCF9E7BF590D1DCA ] WPCSvc C:\windows\System32\wpcsvc.dll
12:41:41.0776 2116 WPCSvc - ok
12:41:41.0808 2116 [ 93221146D4EBBF314C29B23CD6CC391D ] WPDBusEnum C:\windows\system32\wpdbusenum.dll
12:41:41.0839 2116 WPDBusEnum - ok
12:41:41.0886 2116 [ 6BCC1D7D2FD2453957C5479A32364E52 ] ws2ifsl C:\windows\system32\drivers\ws2ifsl.sys
12:41:41.0979 2116 ws2ifsl - ok
12:41:42.0026 2116 [ E8B1FE6669397D1772D8196DF0E57A9E ] wscsvc C:\windows\System32\wscsvc.dll
12:41:42.0120 2116 wscsvc - ok
12:41:42.0151 2116 WSearch - ok
12:41:42.0244 2116 [ D9EF901DCA379CFE914E9FA13B73B4C4 ] wuauserv C:\windows\system32\wuaueng.dll
12:41:42.0572 2116 wuauserv - ok
12:41:42.0650 2116 [ AB886378EEB55C6C75B4F2D14B6C869F ] WudfPf C:\windows\system32\drivers\WudfPf.sys
12:41:42.0775 2116 WudfPf - ok
12:41:42.0822 2116 [ DDA4CAF29D8C0A297F886BFE561E6659 ] WUDFRd C:\windows\system32\DRIVERS\WUDFRd.sys
12:41:42.0900 2116 WUDFRd - ok
12:41:42.0946 2116 [ B20F051B03A966392364C83F009F7D17 ] wudfsvc C:\windows\System32\WUDFSvc.dll
12:41:43.0165 2116 wudfsvc - ok
12:41:43.0212 2116 [ 9A3452B3C2A46C073166C5CF49FAD1AE ] WwanSvc C:\windows\System32\wwansvc.dll
12:41:43.0336 2116 WwanSvc - ok
12:41:43.0383 2116 ================ Scan global ===============================
12:41:43.0414 2116 [ BA0CD8C393E8C9F83354106093832C7B ] C:\windows\system32\basesrv.dll
12:41:43.0461 2116 [ F46BBAAC1C4980F4D0DD463F190A42D3 ] C:\windows\system32\winsrv.dll
12:41:43.0508 2116 [ F46BBAAC1C4980F4D0DD463F190A42D3 ] C:\windows\system32\winsrv.dll
12:41:43.0586 2116 [ D6160F9D869BA3AF0B787F971DB56368 ] C:\windows\system32\sxssrv.dll
12:41:43.0726 2116 [ 24ACB7E5BE595468E3B9AA488B9B4FCB ] C:\windows\system32\services.exe
12:41:43.0742 2116 [Global] - ok
12:41:43.0742 2116 ================ Scan MBR ==================================
12:41:43.0773 2116 [ 5B5E648D12FCADC244C1EC30318E1EB9 ] \Device\Harddisk0\DR0
12:41:44.0694 2116 \Device\Harddisk0\DR0 ( TDSS File System ) - warning
12:41:44.0694 2116 \Device\Harddisk0\DR0 - detected TDSS File System (1)
12:41:44.0694 2116 ================ Scan VBR ==================================
12:41:44.0725 2116 [ 097449B306C9E02264A8382D8BBE3894 ] \Device\Harddisk0\DR0\Partition1
12:41:44.0740 2116 \Device\Harddisk0\DR0\Partition1 - ok
12:41:44.0740 2116 ================ Scan active images ========================
12:41:44.0740 2116 [ 3E588B60EC061686BA05D33574A344C6 ] C:\Windows\System32\drivers\crashdmp.sys
12:41:44.0740 2116 C:\Windows\System32\drivers\crashdmp.sys - ok
12:41:44.0756 2116 [ 839B5FE3D48E9F35B22C21A3D5103F6C ] C:\Windows\System32\drivers\Dumpata.sys
12:41:44.0756 2116 C:\Windows\System32\drivers\Dumpata.sys - ok
12:41:44.0772 2116 [ C25F0BAFA182CBCA2DD3C851C2E75796 ] C:\Windows\System32\drivers\msahci.sys
12:41:44.0772 2116 C:\Windows\System32\drivers\msahci.sys - ok
12:41:44.0787 2116 [ 814DB88F2641691575A455CF25354098 ] C:\Windows\System32\drivers\dumpfve.sys
12:41:44.0787 2116 C:\Windows\System32\drivers\dumpfve.sys - ok
12:41:44.0803 2116 [ F036CE71586E93D94DAB220D7BDF4416 ] C:\Windows\System32\drivers\cdrom.sys
12:41:44.0803 2116 C:\Windows\System32\drivers\cdrom.sys - ok
12:41:44.0818 2116 [ 16A47CE2DECC9B099349A5F840654746 ] C:\Windows\System32\drivers\beep.sys
12:41:44.0818 2116 C:\Windows\System32\drivers\beep.sys - ok
12:41:44.0834 2116 [ 9899284589F75FA8724FF3D16AED75C1 ] C:\Windows\System32\drivers\null.sys
12:41:44.0834 2116 C:\Windows\System32\drivers\null.sys - ok
12:41:44.0850 2116 [ E7353D59C9842BC7299FAEB7E7E09340 ] C:\Windows\System32\drivers\videoprt.sys
12:41:44.0850 2116 C:\Windows\System32\drivers\videoprt.sys - ok
12:41:44.0865 2116 [ FC438D1430B28618E2D0C7C332A710AD ] C:\Windows\System32\drivers\watchdog.sys
12:41:44.0865 2116 C:\Windows\System32\drivers\watchdog.sys - ok
12:41:44.0881 2116 [ CEA6CC257FC9B7715F1C2B4849286D24 ] C:\Windows\System32\drivers\RDPCDD.sys
12:41:44.0881 2116 C:\Windows\System32\drivers\RDPCDD.sys - ok
12:41:44.0881 2116 [ 53E92A310193CB3C03BEA963DE7D9CFC ] C:\Windows\System32\drivers\vga.sys
12:41:44.0881 2116 C:\Windows\System32\drivers\vga.sys - ok
12:41:44.0896 2116 [ BB5971A4F00659529A5C44831AF22365 ] C:\Windows\System32\drivers\RDPENCDD.sys
12:41:44.0896 2116 C:\Windows\System32\drivers\RDPENCDD.sys - ok
12:41:44.0912 2116 [ 216F3FA57533D98E1F74DED70113177A ] C:\Windows\System32\drivers\RDPREFMP.sys
12:41:44.0912 2116 C:\Windows\System32\drivers\RDPREFMP.sys - ok
12:41:44.0928 2116 [ AA3FB40E17CE1388FA1BEDAB50EA8F96 ] C:\Windows\System32\drivers\msfs.sys
12:41:44.0928 2116 C:\Windows\System32\drivers\msfs.sys - ok
12:41:44.0943 2116 [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7 ] C:\Windows\System32\drivers\npfs.sys
12:41:44.0943 2116 C:\Windows\System32\drivers\npfs.sys - ok
12:41:44.0959 2116 [ 6F020A220388ECA0AB6062DC27BD16B6 ] C:\Windows\System32\drivers\tdi.sys
12:41:44.0959 2116 C:\Windows\System32\drivers\tdi.sys - ok
12:41:44.0974 2116 [ DDAD5A7AB24D8B65F8D724F5C20FD806 ] C:\Windows\System32\drivers\tdx.sys
12:41:44.0974 2116 C:\Windows\System32\drivers\tdx.sys - ok
12:41:44.0990 2116 [ 1C7857B62DE5994A75B054A9FD4C3825 ] C:\Windows\System32\drivers\afd.sys
12:41:44.0990 2116 C:\Windows\System32\drivers\afd.sys - ok
12:41:45.0006 2116 [ 09594D1089C523423B32A4229263F068 ] C:\Windows\System32\drivers\netbt.sys
12:41:45.0006 2116 C:\Windows\System32\drivers\netbt.sys - ok
12:41:45.0021 2116 [ 611B23304BF067451A9FDEE01FBDD725 ] C:\Windows\System32\drivers\wfplwf.sys
12:41:45.0021 2116 C:\Windows\System32\drivers\wfplwf.sys - ok
12:41:45.0037 2116 [ 0557CF5A2556BD58E26384169D72438D ] C:\Windows\System32\drivers\pacer.sys
12:41:45.0037 2116 C:\Windows\System32\drivers\pacer.sys - ok
12:41:45.0052 2116 [ 6A3D66263414FF0D6FA754C646612F3F ] C:\Windows\System32\drivers\vwififlt.sys
12:41:45.0052 2116 C:\Windows\System32\drivers\vwififlt.sys - ok
12:41:45.0068 2116 [ 86743D9F5D2B1048062B14B1D84501C4 ] C:\Windows\System32\drivers\netbios.sys
12:41:45.0068 2116 C:\Windows\System32\drivers\netbios.sys - ok
12:41:45.0084 2116 [ 561E7E1F06895D78DE991E01DD0FB6E5 ] C:\Windows\System32\drivers\termdd.sys
12:41:45.0084 2116 C:\Windows\System32\drivers\termdd.sys - ok
12:41:45.0099 2116 [ 356AFD78A6ED4457169241AC3965230C ] C:\Windows\System32\drivers\wanarp.sys
12:41:45.0099 2116 C:\Windows\System32\drivers\wanarp.sys - ok
12:41:45.0115 2116 [ 77F665941019A1594D887A74F301FA2F ] C:\Windows\System32\drivers\rdbss.sys
12:41:45.0115 2116 C:\Windows\System32\drivers\rdbss.sys - ok
12:41:45.0130 2116 [ 0EED230E37515A0EAEE3C2E1BC97B288 ] C:\Windows\System32\drivers\mssmbios.sys
12:41:45.0130 2116 C:\Windows\System32\drivers\mssmbios.sys - ok
12:41:45.0146 2116 [ E7F5AE18AF4168178A642A9247C63001 ] C:\Windows\System32\drivers\nsiproxy.sys
12:41:45.0146 2116 C:\Windows\System32\drivers\nsiproxy.sys - ok
12:41:45.0162 2116 [ 13096B05847EC78F0977F2C0F79E9AB3 ] C:\Windows\System32\drivers\discache.sys
12:41:45.0162 2116 C:\Windows\System32\drivers\discache.sys - ok
12:41:45.0177 2116 [ 61583EE3C3A17003C4ACD0475646B4D3 ] C:\Windows\System32\drivers\blbdrive.sys
12:41:45.0177 2116 C:\Windows\System32\drivers\blbdrive.sys - ok
12:41:45.0193 2116 [ 9BB2EF44EAA163B29C4A4587887A0FE4 ] C:\Windows\System32\drivers\dfsc.sys
12:41:45.0193 2116 C:\Windows\System32\drivers\dfsc.sys - ok
12:41:45.0208 2116 [ 3566A8DAAFA27AF944F5D705EAA64894 ] C:\Windows\System32\drivers\tunnel.sys
12:41:45.0208 2116 C:\Windows\System32\drivers\tunnel.sys - ok
12:41:45.0224 2116 [ 1E56388B3FE0D031C44144EB8C4D6217 ] C:\Windows\System32\drivers\amdppm.sys
12:41:45.0224 2116 C:\Windows\System32\drivers\amdppm.sys - ok
12:41:45.0240 2116 [ 1EEFFCE9A3A65A56A28793EAA3F57026 ] C:\Windows\System32\drivers\atikmpag.sys
12:41:45.0240 2116 C:\Windows\System32\drivers\atikmpag.sys - ok
12:41:45.0255 2116 [ CF95B85FF8D128385ABD411C8CA74DED ] C:\Windows\System32\ntdll.dll
12:41:45.0255 2116 C:\Windows\System32\ntdll.dll - ok
12:41:45.0255 2116 [ 1911A3356FA3F77CCC825CCBAC038C2A ] C:\Windows\System32\smss.exe
12:41:45.0255 2116 C:\Windows\System32\smss.exe - ok
12:41:45.0271 2116 [ 3B536A8BEC3B4F23FFDFD78B11A2AB93 ] C:\Windows\System32\autochk.exe
12:41:45.0271 2116 C:\Windows\System32\autochk.exe - ok
12:41:45.0286 2116 [ 194D76D2083318A2E7071A988E02ECF4 ] C:\Windows\System32\drivers\atikmdag.sys
12:41:45.0286 2116 C:\Windows\System32\drivers\atikmdag.sys - ok
12:41:45.0302 2116 [ 85DBF6EC7BDFA6187F4A1EC8F3145CD0 ] C:\Windows\System32\drivers\dxgkrnl.sys
12:41:45.0302 2116 C:\Windows\System32\drivers\dxgkrnl.sys - ok
12:41:45.0318 2116 [ D0BF5B74A3B75F5B07DF04DA258A29B9 ] C:\Windows\System32\drivers\dxgmms1.sys
12:41:45.0318 2116 C:\Windows\System32\drivers\dxgmms1.sys - ok
12:41:45.0333 2116 [ FD542B661BD22FA69CA789AD0AC58C29 ] C:\Windows\System32\drivers\tdcmdpst.sys
12:41:45.0333 2116 C:\Windows\System32\drivers\tdcmdpst.sys - ok
12:41:45.0349 2116 [ C025055FE7B87701EB042095DF1A2D7B ] C:\Windows\System32\drivers\usbehci.sys
12:41:45.0349 2116 C:\Windows\System32\drivers\usbehci.sys - ok
12:41:45.0364 2116 [ 9840FC418B4CBD632D3D0A667A725C31 ] C:\Windows\System32\drivers\usbohci.sys
12:41:45.0364 2116 C:\Windows\System32\drivers\usbohci.sys - ok
12:41:45.0380 2116 [ AE259C75F9A0B057B6BF9E9695632B09 ] C:\Windows\System32\drivers\usbport.sys
12:41:45.0380 2116 C:\Windows\System32\drivers\usbport.sys - ok
12:41:45.0396 2116 [ 97BFED39B6B79EB12CDDBFEED51F56BB ] C:\Windows\System32\drivers\hdaudbus.sys
12:41:45.0396 2116 C:\Windows\System32\drivers\hdaudbus.sys - ok
12:41:45.0411 2116 [ FA55C73D4AFFA7EE23AC4BE53B4592D3 ] C:\Windows\System32\drivers\i8042prt.sys
12:41:45.0411 2116 C:\Windows\System32\drivers\i8042prt.sys - ok
12:41:45.0427 2116 [ BC02336F1CBA7DCC7D1213BB588A68A5 ] C:\Windows\System32\drivers\kbdclass.sys
12:41:45.0427 2116 C:\Windows\System32\drivers\kbdclass.sys - ok
12:41:45.0442 2116 [ 06D602A637E171E151853F1D8ECD34F1 ] C:\Windows\System32\drivers\SynTP.sys
12:41:45.0442 2116 C:\Windows\System32\drivers\SynTP.sys - ok
12:41:45.0458 2116 [ CCA2AB1752A61F29C3C941CD79D78CEA ] C:\Windows\System32\drivers\usbd.sys
12:41:45.0458 2116 C:\Windows\System32\drivers\usbd.sys - ok
12:41:45.0474 2116 [ 7D27EA49F3C1F687D357E77A470AEA99 ] C:\Windows\System32\drivers\mouclass.sys
12:41:45.0474 2116 C:\Windows\System32\drivers\mouclass.sys - ok
12:41:45.0489 2116 [ AA2C08CE85653B1A0D2E4AB407FA176C ] C:\Windows\System32\imm32.dll
12:41:45.0489 2116 C:\Windows\System32\imm32.dll - ok
12:41:45.0505 2116 [ 0840155D0BDDF1190F84A663C284BD33 ] C:\Windows\System32\drivers\CmBatt.sys
12:41:45.0505 2116 C:\Windows\System32\drivers\CmBatt.sys - ok
12:41:45.0520 2116 [ EAF32CB8C1F810E4715B4DFBE785C7FF ] C:\Windows\System32\shlwapi.dll
12:41:45.0520 2116 C:\Windows\System32\shlwapi.dll - ok
12:41:45.0536 2116 [ C431EAF5CAA1C82CAC2534A2EAB348A3 ] C:\Windows\System32\msctf.dll
12:41:45.0536 2116 C:\Windows\System32\msctf.dll - ok
12:41:45.0552 2116 [ 513338976B722822B555D739D78F9E9F ] C:\Windows\System32\drivers\rtl8192ce.sys
12:41:45.0552 2116 C:\Windows\System32\drivers\rtl8192ce.sys - ok
12:41:45.0567 2116 [ 36D4720B72B5C5D9CB2B9C29E9DF67A1 ] C:\Windows\System32\drivers\vwifibus.sys
12:41:45.0567 2116 C:\Windows\System32\drivers\vwifibus.sys - ok
12:41:45.0583 2116 [ E50CFB92986DCAB49DE93788FD695813 ] C:\Windows\System32\drivers\Rt64win7.sys
12:41:45.0583 2116 C:\Windows\System32\drivers\Rt64win7.sys - ok
12:41:45.0583 2116 [ 03EDB043586CCEBA243D689BDDA370A8 ] C:\Windows\System32\drivers\CompositeBus.sys
12:41:45.0583 2116 C:\Windows\System32\drivers\CompositeBus.sys - ok
12:41:45.0598 2116 [ 60ACB128E64C35C2B4E4AAB1B0A5C293 ] C:\Windows\System32\drivers\FwLnk.sys
12:41:45.0598 2116 C:\Windows\System32\drivers\FwLnk.sys - ok
12:41:45.0614 2116 [ 7ECFF9B22276B73F43A99A15A6094E90 ] C:\Windows\System32\drivers\agilevpn.sys
12:41:45.0614 2116 C:\Windows\System32\drivers\agilevpn.sys - ok
12:41:45.0614 2116 [ 471815800AE33E6F1C32FB1B97C490CA ] C:\Windows\System32\drivers\rasl2tp.sys
12:41:45.0614 2116 C:\Windows\System32\drivers\rasl2tp.sys - ok
12:41:45.0630 2116 [ 30639C932D9FEF22B31268FE25A1B6E5 ] C:\Windows\System32\drivers\ndistapi.sys
12:41:45.0630 2116 C:\Windows\System32\drivers\ndistapi.sys - ok
12:41:45.0630 2116 [ 53F7305169863F0A2BDDC49E116C2E11 ] C:\Windows\System32\drivers\ndiswan.sys
12:41:45.0630 2116 C:\Windows\System32\drivers\ndiswan.sys - ok
12:41:45.0645 2116 [ 855C9B1CD4756C5E9A2AA58A15F58C25 ] C:\Windows\System32\drivers\raspppoe.sys
12:41:45.0645 2116 C:\Windows\System32\drivers\raspppoe.sys - ok
12:41:45.0645 2116 [ E519FD2CE6D57062400537C95C3B17FD ] C:\Windows\System32\urlmon.dll
12:41:45.0645 2116 C:\Windows\System32\urlmon.dll - ok
12:41:45.0692 2116 [ F92A2C41117A11A00BE01CA01A7FCDE9 ] C:\Windows\System32\drivers\raspptp.sys
12:41:45.0692 2116 C:\Windows\System32\drivers\raspptp.sys - ok
12:41:45.0708 2116 [ E8B1E447B008D07FF47D016C2B0EEECB ] C:\Windows\System32\drivers\rassstp.sys
12:41:45.0708 2116 C:\Windows\System32\drivers\rassstp.sys - ok
12:41:45.0723 2116 [ 24FBF5CC5C04150073C315A7C83521EE ] C:\Windows\System32\drivers\ks.sys
12:41:45.0723 2116 C:\Windows\System32\drivers\ks.sys - ok
12:41:45.0739 2116 [ D01EC09B6711A5F8E7E6564A4D0FBC90 ] C:\Windows\System32\drivers\swenum.sys
12:41:45.0739 2116 C:\Windows\System32\drivers\swenum.sys - ok
12:41:45.0754 2116 [ DC54A574663A895C8763AF0FA1FF7561 ] C:\Windows\System32\drivers\umbus.sys
12:41:45.0754 2116 C:\Windows\System32\drivers\umbus.sys - ok
12:41:45.0770 2116 [ 1084AA52CCC324EA54C7121FA24C2221 ] C:\Windows\System32\gdi32.dll
12:41:45.0770 2116 C:\Windows\System32\gdi32.dll - ok
12:41:45.0786 2116 [ 0611473C1AD9E2D991CD9482068417F7 ] C:\Windows\System32\rpcrt4.dll
12:41:45.0786 2116 C:\Windows\System32\rpcrt4.dll - ok
12:41:45.0786 2116 [ F7CE0C81C545364020ED8203CF0A633E ] C:\Windows\System32\difxapi.dll
12:41:45.0786 2116 C:\Windows\System32\difxapi.dll - ok
12:41:45.0801 2116 [ 28C0B5024F5C5A438E78B188CFC81B7F ] C:\Windows\System32\normaliz.dll
12:41:45.0801 2116 C:\Windows\System32\normaliz.dll - ok
12:41:45.0817 2116 [ 287C6C9410B111B68B52CA298F7B8C24 ] C:\Windows\System32\drivers\usbhub.sys
12:41:45.0817 2116 C:\Windows\System32\drivers\usbhub.sys - ok
12:41:45.0817 2116 [ C06B32165E23A72A898B7A89679AD754 ] C:\Windows\System32\oleaut32.dll
12:41:45.0817 2116 C:\Windows\System32\oleaut32.dll - ok
12:41:45.0832 2116 [ 015C0D8E0E0421B4CFD48CFFE2825879 ] C:\Windows\System32\drivers\ndproxy.sys
12:41:45.0832 2116 C:\Windows\System32\drivers\ndproxy.sys - ok
12:41:45.0848 2116 [ 6C60B5ACA7442EFB794082CDACFC001C ] C:\Windows\System32\ole32.dll
12:41:45.0848 2116 C:\Windows\System32\ole32.dll - ok
12:41:45.0864 2116 [ D87E1E59C73C1F98D5DED5B3850C40F5 ] C:\Windows\System32\psapi.dll
12:41:45.0864 2116 C:\Windows\System32\psapi.dll - ok
12:41:45.0879 2116 [ 21D26064AEDB4988F785BB4A3A2C051E ] C:\Windows\System32\drivers\drmk.sys
12:41:45.0879 2116 C:\Windows\System32\drivers\drmk.sys - ok
12:41:45.0895 2116 [ 32E11315B5126921FFD9074840EF13D3 ] C:\Windows\System32\drivers\portcls.sys
12:41:45.0895 2116 C:\Windows\System32\drivers\portcls.sys - ok
12:41:45.0910 2116 [ 0A30A899C6295F908729EDA7F95615A8 ] C:\Windows\System32\drivers\RTKVHD64.sys
12:41:45.0910 2116 C:\Windows\System32\drivers\RTKVHD64.sys - ok
12:41:45.0926 2116 [ 6869281E78CB31A43E969F06B57347C4 ] C:\Windows\System32\drivers\ksthunk.sys
12:41:45.0926 2116 C:\Windows\System32\drivers\ksthunk.sys - ok
12:41:45.0942 2116 [ 4E4FFB09D895AA000DD56D1404F69A7E ] C:\Windows\System32\Wldap32.dll
12:41:45.0942 2116 C:\Windows\System32\Wldap32.dll - ok
12:41:45.0957 2116 [ A19DB004D954BBC9C4EC125711E1D1C2 ] C:\Windows\System32\wininet.dll
12:41:45.0957 2116 C:\Windows\System32\wininet.dll - ok
12:41:45.0973 2116 [ A1BE6A720D02E37F72E9CD89AE9CB3CF ] C:\Windows\System32\imagehlp.dll
12:41:45.0973 2116 C:\Windows\System32\imagehlp.dll - ok
12:41:45.0988 2116 [ 83404DCBCE4925B6A5A77C5170F46D86 ] C:\Windows\System32\sechost.dll
12:41:45.0988 2116 C:\Windows\System32\sechost.dll - ok
12:41:46.0004 2116 [ 4BBFA57F594F7E8A8EDC8F377184C3F0 ] C:\Windows\System32\ws2_32.dll
12:41:46.0004 2116 C:\Windows\System32\ws2_32.dll - ok
12:41:46.0020 2116 [ EAF41CFBA5281834CBC383C710AC7965 ] C:\Windows\System32\kernel32.dll
12:41:46.0020 2116 C:\Windows\System32\kernel32.dll - ok
12:41:46.0035 2116 [ FE70103391A64039A921DBFFF9C7AB1B ] C:\Windows\System32\user32.dll
12:41:46.0035 2116 C:\Windows\System32\user32.dll - ok
12:41:46.0035 2116 [ 6DF46D2BD74E3DA1B45F08F10D172732 ] C:\Windows\System32\advapi32.dll
12:41:46.0035 2116 C:\Windows\System32\advapi32.dll - ok
12:41:46.0051 2116 [ 044FE45FFD6AD40E3BBBE60B7F41BABE ] C:\Windows\System32\nsi.dll
12:41:46.0051 2116 C:\Windows\System32\nsi.dll - ok
12:41:46.0066 2116 [ 25983DE69B57142039AC8D95E71CD9C9 ] C:\Windows\System32\clbcatq.dll
12:41:46.0066 2116 C:\Windows\System32\clbcatq.dll - ok
12:41:46.0066 2116 [ 5D8E6C95156ED1F79A63D1EADE6F9ED5 ] C:\Windows\System32\setupapi.dll
12:41:46.0066 2116 C:\Windows\System32\setupapi.dll - ok
12:41:46.0082 2116 [ 9835E63E09F824D22B689D2BB789BAB9 ] C:\Windows\System32\comdlg32.dll
12:41:46.0082 2116 C:\Windows\System32\comdlg32.dll - ok
12:41:46.0098 2116 [ D25968D163EC487A50C8C6A91D4134B4 ] C:\Windows\System32\iertutil.dll
12:41:46.0098 2116 C:\Windows\System32\iertutil.dll - ok
12:41:46.0113 2116 [ 2F8B1E3EE3545D3B5A8D56FA1AE07B65 ] C:\Windows\System32\usp10.dll
12:41:46.0113 2116 C:\Windows\System32\usp10.dll - ok
12:41:46.0129 2116 [ D202223587518B13D72D68937B7E3F70 ] C:\Windows\System32\lpk.dll
12:41:46.0129 2116 C:\Windows\System32\lpk.dll - ok
12:41:46.0144 2116 [ C391FC68282A000CDF953F8B6B55D2EF ] C:\Windows\System32\msvcrt.dll
12:41:46.0144 2116 C:\Windows\System32\msvcrt.dll - ok
12:41:46.0160 2116 [ C6689007B3A749C49A5438DCF36E0CE4 ] C:\Windows\System32\shell32.dll
12:41:46.0160 2116 C:\Windows\System32\shell32.dll - ok
12:41:46.0176 2116 [ 12EE6FE9268CEE6D90FDCCBF89236C65 ] C:\Windows\System32\crypt32.dll
12:41:46.0176 2116 C:\Windows\System32\crypt32.dll - ok
12:41:46.0191 2116 [ AA06902362B1422D7A7DA7061E07C624 ] C:\Windows\System32\wintrust.dll
12:41:46.0191 2116 C:\Windows\System32\wintrust.dll - ok
12:41:46.0207 2116 [ 14DFDEAF4E589ED3F1FF187A86B9408C ] C:\Windows\System32\comctl32.dll
12:41:46.0207 2116 C:\Windows\System32\comctl32.dll - ok
12:41:46.0222 2116 [ CF0997050DB2B359D7F4103092296A1B ] C:\Windows\System32\KernelBase.dll
12:41:46.0222 2116 C:\Windows\System32\KernelBase.dll - ok
12:41:46.0238 2116 [ 2477A28081BDAEE622CF045ACF8EE124 ] C:\Windows\System32\cfgmgr32.dll
12:41:46.0238 2116 C:\Windows\System32\cfgmgr32.dll - ok
12:41:46.0254 2116 [ 06FEC9E8117103BB1141A560E98077DA ] C:\Windows\System32\devobj.dll
12:41:46.0254 2116 C:\Windows\System32\devobj.dll - ok
12:41:46.0269 2116 [ 884415BD4269C02EAF8E2613BF85500D ] C:\Windows\System32\msasn1.dll
12:41:46.0269 2116 C:\Windows\System32\msasn1.dll - ok
12:41:46.0285 2116 [ 9C278785347BCC991F8EA2999D90F58D ] C:\Windows\SysWOW64\normaliz.dll
12:41:46.0285 2116 C:\Windows\SysWOW64\normaliz.dll - ok
12:41:46.0300 2116 [ 6F1A3157A1C89435352CEB543CDB359C ] C:\Windows\System32\drivers\usbccgp.sys
12:41:46.0300 2116 C:\Windows\System32\drivers\usbccgp.sys - ok
12:41:46.0316 2116 [ 8B0E40E7E8BBF5ACF390465609D89FF1 ] C:\Windows\System32\drivers\hidclass.sys
12:41:46.0316 2116 C:\Windows\System32\drivers\hidclass.sys - ok
12:41:46.0332 2116 [ 49EE2E52E6CD03947DAD72F65367BE06 ] C:\Windows\System32\drivers\hidparse.sys
12:41:46.0332 2116 C:\Windows\System32\drivers\hidparse.sys - ok
12:41:46.0347 2116 [ 9592090A7E2B61CD582B612B6DF70536 ] C:\Windows\System32\drivers\hidusb.sys
12:41:46.0347 2116 C:\Windows\System32\drivers\hidusb.sys - ok
12:41:46.0363 2116 [ D3BF052C40B0C4166D9FD86A4288C1E6 ] C:\Windows\System32\drivers\mouhid.sys
12:41:46.0363 2116 C:\Windows\System32\drivers\mouhid.sys - ok
12:41:46.0378 2116 [ 36FCA0C67BCDC0DA047F5F36743B5CB9 ] C:\Windows\System32\drivers\rtsuvstor.sys
12:41:46.0378 2116 C:\Windows\System32\drivers\rtsuvstor.sys - ok
12:41:46.0378 2116 [ BF24D6F2ED97FE830BFD52B246F98E67 ] C:\Windows\System32\drivers\dxapi.sys
12:41:46.0394 2116 C:\Windows\System32\drivers\dxapi.sys - ok
12:41:46.0394 2116 [ 34B419EDEAC6F12B34908DE3758F98C9 ] C:\Windows\System32\win32k.sys
12:41:46.0410 2116 C:\Windows\System32\win32k.sys - ok
12:41:46.0410 2116 [ 96F587CA26A6AA894BD8CACE4540CFFC ] C:\Windows\System32\csrsrv.dll
12:41:46.0410 2116 C:\Windows\System32\csrsrv.dll - ok
12:41:46.0425 2116 [ 60C2862B4BF0FD9F582EF344C2B1EC72 ] C:\Windows\System32\csrss.exe
12:41:46.0425 2116 C:\Windows\System32\csrss.exe - ok
12:41:46.0441 2116 [ BA0CD8C393E8C9F83354106093832C7B ] C:\Windows\System32\basesrv.dll
12:41:46.0441 2116 C:\Windows\System32\basesrv.dll - ok
12:41:46.0456 2116 [ F46BBAAC1C4980F4D0DD463F190A42D3 ] C:\Windows\System32\winsrv.dll
12:41:46.0456 2116 C:\Windows\System32\winsrv.dll - ok
12:41:46.0472 2116 [ 454800C2BC7F3927CE030141EE4F4C50 ] C:\Windows\System32\drivers\usbvideo.sys
12:41:46.0472 2116 C:\Windows\System32\drivers\usbvideo.sys - ok
12:41:46.0488 2116 [ 91111CEBBDE8015E822C46120ED9537C ] C:\Windows\System32\drivers\PGEffect.sys
12:41:46.0488 2116 C:\Windows\System32\drivers\PGEffect.sys - ok
12:41:46.0503 2116 [ B03D591DC7DA45ECE20B3B467E6AADAA ] C:\Windows\System32\drivers\monitor.sys
12:41:46.0503 2116 C:\Windows\System32\drivers\monitor.sys - ok
12:41:46.0519 2116 [ F29FE765E1448EF371CFE05BFAC74ADB ] C:\Windows\System32\tsddd.dll
12:41:46.0519 2116 C:\Windows\System32\tsddd.dll - ok
12:41:46.0534 2116 [ D6160F9D869BA3AF0B787F971DB56368 ] C:\Windows\System32\sxssrv.dll
12:41:46.0534 2116 C:\Windows\System32\sxssrv.dll - ok
12:41:46.0550 2116 [ 2C942733A5983DD4502219FF37C7EBC7 ] C:\Windows\System32\profapi.dll
12:41:46.0550 2116 C:\Windows\System32\profapi.dll - ok
12:41:46.0566 2116 [ 94355C28C1970635A31B3FE52EB7CEBA ] C:\Windows\System32\wininit.exe
12:41:46.0566 2116 C:\Windows\System32\wininit.exe - ok
12:41:46.0581 2116 [ C2A8CB1275ECB85D246A9ECC02A728E3 ] C:\Windows\System32\RpcRtRemote.dll
12:41:46.0581 2116 C:\Windows\System32\RpcRtRemote.dll - ok
12:41:46.0597 2116 [ 78523A26F5604C0568FE9D1CE86E36F4 ] C:\Windows\System32\KBDUS.DLL
12:41:46.0597 2116 C:\Windows\System32\KBDUS.DLL - ok
12:41:46.0628 2116 [ 943F527DF79E6B400104341AA7023C75 ] C:\Windows\System32\cdd.dll
12:41:46.0628 2116 C:\Windows\System32\cdd.dll - ok
12:41:46.0644 2116 [ B26B1801356760841C3BC69F9F91537F ] C:\Windows\System32\WlS0WndH.dll
12:41:46.0644 2116 C:\Windows\System32\WlS0WndH.dll - ok
12:41:46.0659 2116 [ 9CEAD32E79A62150FE9F8557E58E008B ] C:\Windows\System32\sxs.dll
12:41:46.0659 2116 C:\Windows\System32\sxs.dll - ok
12:41:46.0675 2116 [ 784FA3DF338E2E8F5F0389D6FAC428AF ] C:\Windows\System32\cryptbase.dll
12:41:46.0675 2116 C:\Windows\System32\cryptbase.dll - ok
12:41:46.0690 2116 [ 90499F3163A9F815CF196A205EA3CD5D ] C:\Windows\System32\apphelp.dll
12:41:46.0690 2116 C:\Windows\System32\apphelp.dll - ok
12:41:46.0706 2116 [ C118A82CD78818C29AB228366EBF81C3 ] C:\Windows\System32\lsass.exe
12:41:46.0706 2116 C:\Windows\System32\lsass.exe - ok
12:41:46.0722 2116 [ 9662EE182644511439F1C53745DC1C88 ] C:\Windows\System32\lsm.exe
12:41:46.0722 2116 C:\Windows\System32\lsm.exe - ok
12:41:46.0722 2116 [ 24ACB7E5BE595468E3B9AA488B9B4FCB ] C:\Windows\System32\services.exe
12:41:46.0722 2116 C:\Windows\System32\services.exe - ok
12:41:46.0737 2116 [ 66A6063D0BAAD3F7B2B9868859E0743B ] C:\Windows\System32\lsasrv.dll
12:41:46.0737 2116 C:\Windows\System32\lsasrv.dll - ok
12:41:46.0753 2116 [ 3A0CE5FE781708CD6ABD55313607EC8B ] C:\Windows\System32\sspisrv.dll
12:41:46.0753 2116 C:\Windows\System32\sspisrv.dll - ok
12:41:46.0768 2116 [ E914A50A151DFFE63D3935226DB5E2C1 ] C:\Windows\System32\scext.dll
12:41:46.0768 2116 C:\Windows\System32\scext.dll - ok
12:41:46.0784 2116 [ B66BC8B20B7F33975865B1DF99783FD8 ] C:\Windows\System32\sspicli.dll
12:41:46.0784 2116 C:\Windows\System32\sspicli.dll - ok
12:41:46.0800 2116 [ BBCDF350817BA86416C0F06B6981BE8D ] C:\Windows\System32\scesrv.dll
12:41:46.0800 2116 C:\Windows\System32\scesrv.dll - ok
12:41:46.0815 2116 [ 0144D8D75A0B12938AEEE859E3310A46 ] C:\Windows\System32\secur32.dll
12:41:46.0815 2116 C:\Windows\System32\secur32.dll - ok
12:41:46.0831 2116 [ 1151B1BAA6F350B1DB6598E0FEA7C457 ] C:\Windows\System32\winlogon.exe
12:41:46.0831 2116 C:\Windows\System32\winlogon.exe - ok
12:41:46.0846 2116 [ A744BA6E04C8AA4592818178DBF89521 ] C:\Windows\System32\samsrv.dll
12:41:46.0846 2116 C:\Windows\System32\samsrv.dll - ok
12:41:46.0862 2116 [ 68083118797CAF30FB2EA3E71494D67E ] C:\Windows\System32\sysntfy.dll
12:41:46.0862 2116 C:\Windows\System32\sysntfy.dll - ok
12:41:46.0878 2116 [ DEE7267C5D232A3B816866872CE199E6 ] C:\Windows\System32\wmsgapi.dll
12:41:46.0878 2116 C:\Windows\System32\wmsgapi.dll - ok
12:41:46.0893 2116 [ 3A9C9BAF610B0DD4967086040B3B62A9 ] C:\Windows\System32\srvcli.dll
12:41:46.0893 2116 C:\Windows\System32\srvcli.dll - ok
12:41:46.0909 2116 [ 0D9764D58C5EFD672B7184854B152E5E ] C:\Windows\System32\winsta.dll
12:41:46.0909 2116 C:\Windows\System32\winsta.dll - ok
12:41:46.0924 2116 [ 3A061472B38233BAFF9CFEFF2E49C46B ] C:\Windows\System32\cryptdll.dll
12:41:46.0924 2116 C:\Windows\System32\cryptdll.dll - ok
12:41:46.0940 2116 [ 3C073B0C596A0AF84933E7406766B040 ] C:\Windows\System32\wevtapi.dll
12:41:46.0940 2116 C:\Windows\System32\wevtapi.dll - ok
12:41:46.0956 2116 [ 7FBEBD2229EA5FD48D41B199EC2D541C ] C:\Windows\System32\authz.dll
12:41:46.0956 2116 C:\Windows\System32\authz.dll - ok
12:41:46.0971 2116 [ 86FE1B1F8FD42CD0DB641AB1CDB13093 ] C:\Windows\System32\cngaudit.dll
12:41:46.0971 2116 C:\Windows\System32\cngaudit.dll - ok
12:41:46.0987 2116 [ 400645085A91BF3EB0271329B95AE0BE ] C:\Windows\System32\ncrypt.dll
12:41:46.0987 2116 C:\Windows\System32\ncrypt.dll - ok
12:41:46.0987 2116 [ B9A95365E52F421A20E1501935FADDA5 ] C:\Windows\System32\bcrypt.dll
12:41:46.0987 2116 C:\Windows\System32\bcrypt.dll - ok
12:41:47.0002 2116 [ 02B64609F865A39365FF88580DF11738 ] C:\Windows\System32\msprivs.dll
12:41:47.0002 2116 C:\Windows\System32\msprivs.dll - ok
12:41:47.0018 2116 [ C6505DE3561537BA1004D638C2F93F2F ] C:\Windows\System32\netjoin.dll
12:41:47.0018 2116 C:\Windows\System32\netjoin.dll - ok
12:41:47.0034 2116 [ 50532FCD7ECF02DD169CE5C485F02534 ] C:\Windows\System32\negoexts.dll
12:41:47.0034 2116 C:\Windows\System32\negoexts.dll - ok
12:41:47.0049 2116 [ 44E1A196DFCB53B01FE4B855C3B56A15 ] C:\Windows\System32\kerberos.dll
12:41:47.0049 2116 C:\Windows\System32\kerberos.dll - ok
12:41:47.0065 2116 [ D0C2FBB6D97416B0166478FC7AE2B212 ] C:\Windows\System32\cryptsp.dll
12:41:47.0065 2116 C:\Windows\System32\cryptsp.dll - ok
12:41:47.0080 2116 [ 94E026870A55AAEAFF7853C1754091E9 ] C:\Windows\System32\version.dll
12:41:47.0080 2116 C:\Windows\System32\version.dll - ok
12:41:47.0096 2116 [ 1D5185A4C7E6695431AE4B55C3D7D333 ] C:\Windows\System32\mswsock.dll
12:41:47.0096 2116 C:\Windows\System32\mswsock.dll - ok
12:41:47.0112 2116 [ EF12B8385AA2849999008A977918F96B ] C:\Windows\System32\msv1_0.dll
12:41:47.0112 2116 C:\Windows\System32\msv1_0.dll - ok
12:41:47.0127 2116 [ EC7CBFF96B05ECF3D366355B3C64ADCF ] C:\Windows\System32\wship6.dll
12:41:47.0127 2116 C:\Windows\System32\wship6.dll - ok
12:41:47.0143 2116 [ AA339DD8BB128EF66660DFBBB59043D3 ] C:\Windows\System32\netlogon.dll
12:41:47.0143 2116 C:\Windows\System32\netlogon.dll - ok
12:41:47.0158 2116 [ 492D07D79E7024CA310867B526D9636D ] C:\Windows\System32\dnsapi.dll
12:41:47.0158 2116 C:\Windows\System32\dnsapi.dll - ok
12:41:47.0190 2116 [ 8FFE297B8449386E7B6851458B6E474E ] C:\Windows\System32\logoncli.dll
12:41:47.0190 2116 C:\Windows\System32\logoncli.dll - ok
12:41:47.0205 2116 [ 1573C45E65DE32B1BC3572634F8F1E8E ] C:\Windows\System32\schannel.dll
12:41:47.0205 2116 C:\Windows\System32\schannel.dll - ok
12:41:47.0236 2116 [ 95FB6CA4374E343DDD653FCC43F9D26B ] C:\Windows\System32\wdigest.dll
12:41:47.0236 2116 C:\Windows\System32\wdigest.dll - ok
12:41:47.0252 2116 [ 5D8874A8C11DDDDE29E12DE0E2013493 ] C:\Windows\System32\rsaenh.dll
12:41:47.0252 2116 C:\Windows\System32\rsaenh.dll - ok
12:41:47.0268 2116 [ E08088A97F95345E181C3DFCE2C615EF ] C:\Windows\System32\pku2u.dll
12:41:47.0268 2116 C:\Windows\System32\pku2u.dll - ok
12:41:47.0283 2116 [ 8A25506B6948EFBD5A7F37E53CCD36D9 ] C:\Windows\System32\TSpkg.dll
12:41:47.0283 2116 C:\Windows\System32\TSpkg.dll - ok
12:41:47.0283 2116 [ 7DBA64AD70C2E2481C68D9E0F7CD7840 ] C:\Windows\System32\LIVESSP.DLL
12:41:47.0283 2116 C:\Windows\System32\LIVESSP.DLL - ok
12:41:47.0299 2116 [ D6C7780A364C6BBACFA796BAB9F1B374 ] C:\Windows\System32\bcryptprimitives.dll
12:41:47.0299 2116 C:\Windows\System32\bcryptprimitives.dll - ok
12:41:47.0314 2116 [ 52D3D5E3586988D4D9E34ACAAC33105C ] C:\Windows\System32\credssp.dll
12:41:47.0314 2116 C:\Windows\System32\credssp.dll - ok
12:41:47.0330 2116 [ 90BDEFC5DF334E5100EAA781D798DE1A ] C:\Windows\System32\efslsaext.dll
12:41:47.0330 2116 C:\Windows\System32\efslsaext.dll - ok
12:41:47.0346 2116 [ ED78427259134C63ED69804D2132B86C ] C:\Windows\System32\scecli.dll
12:41:47.0346 2116 C:\Windows\System32\scecli.dll - ok
12:41:47.0346 2116 [ 7CC7DF5B654DA579613F811D8C637E29 ] C:\Windows\System32\ubpm.dll
12:41:47.0361 2116 C:\Windows\System32\ubpm.dll - ok
12:41:47.0361 2116 [ 6F68F63794097E54F36474ED4384B759 ] C:\Windows\System32\svchost.exe
12:41:47.0361 2116 C:\Windows\System32\svchost.exe - ok
12:41:47.0392 2116 [ 25FBDEF06C4D92815B353F6E792C8129 ] C:\Windows\System32\umpnpmgr.dll
12:41:47.0392 2116 C:\Windows\System32\umpnpmgr.dll - ok
12:41:47.0408 2116 [ E6EB44ABAAF1F330119F854856C53EBE ] C:\Windows\System32\SPInf.dll
12:41:47.0408 2116 C:\Windows\System32\SPInf.dll - ok
12:41:47.0424 2116 [ CD1B5AD07E5F7FEF30E055DCC9E96180 ] C:\Windows\System32\devrtl.dll
12:41:47.0424 2116 C:\Windows\System32\devrtl.dll - ok
12:41:47.0439 2116 [ 7A17485DC7D8A7AC81321A42CD034519 ] C:\Windows\System32\userenv.dll
12:41:47.0439 2116 C:\Windows\System32\userenv.dll - ok
12:41:47.0455 2116 [ 9C9307C95671AC962F3D6EB3A4A89BAE ] C:\Windows\System32\gpapi.dll
12:41:47.0455 2116 C:\Windows\System32\gpapi.dll - ok
12:41:47.0470 2116 [ 6BA9D927DDED70BD1A9CADED45F8B184 ] C:\Windows\System32\umpo.dll
12:41:47.0470 2116 C:\Windows\System32\umpo.dll - ok
12:41:47.0486 2116 [ F6C011B46FAEEF33536B2E80F48B5CBE ] C:\Windows\System32\pcwum.dll
12:41:47.0486 2116 C:\Windows\System32\pcwum.dll - ok
12:41:47.0502 2116 [ 716175021BDA290504CE434273F666BC ] C:\Windows\System32\powrprof.dll
12:41:47.0502 2116 C:\Windows\System32\powrprof.dll - ok
12:41:47.0517 2116 [ 43D0F98E1D56CCDDB0D5254CFF7B356E ] C:\Windows\System32\drivers\luafv.sys
12:41:47.0517 2116 C:\Windows\System32\drivers\luafv.sys - ok
12:41:47.0533 2116 [ A8FE8F2783B2929B56F5370A89356CE9 ] C:\Windows\System32\drivers\mbam.sys
12:41:47.0533 2116 C:\Windows\System32\drivers\mbam.sys - ok
12:41:47.0548 2116 [ 5C627D1B1138676C0A7AB2C2C190D123 ] C:\Windows\System32\rpcss.dll
12:41:47.0548 2116 C:\Windows\System32\rpcss.dll - ok
12:41:47.0564 2116 [ E4DC58CF7B3EA515AE917FF0D402A7BB ] C:\Windows\System32\RpcEpMap.dll
12:41:47.0564 2116 C:\Windows\System32\RpcEpMap.dll - ok
12:41:47.0564 2116 [ 31559F3244C6BC00A52030CAA83B6B91 ] C:\Windows\System32\WSHTCPIP.DLL
12:41:47.0564 2116 C:\Windows\System32\WSHTCPIP.DLL - ok
12:41:47.0595 2116 [ 16E964ABF6D1E0F0CC7822FCA9BA754D ] C:\Windows\System32\wshqos.dll
12:41:47.0595 2116 C:\Windows\System32\wshqos.dll - ok
12:41:47.0611 2116 [ CC8E4F72F21340A4D3A3D4DB50313EF5 ] C:\Program Files\Microsoft Security Client\MsMpEng.exe
12:41:47.0611 2116 C:\Program Files\Microsoft Security Client\MsMpEng.exe - ok
12:41:47.0626 2116 [ 9AD9E06F8656F296D91FAE8EE5B95A27 ] C:\Windows\System32\FirewallAPI.dll
12:41:47.0626 2116 C:\Windows\System32\FirewallAPI.dll - ok
12:41:47.0658 2116 [ BCF8F2758AA5C451F8E366C66A98BBFE ] C:\Program Files\Microsoft Security Client\MpSvc.dll
12:41:47.0658 2116 C:\Program Files\Microsoft Security Client\MpSvc.dll - ok
12:41:47.0658 2116 [ 715F03B4C7223349768013EA95D9E5B7 ] C:\Windows\System32\LogonUI.exe
12:41:47.0673 2116 C:\Windows\System32\LogonUI.exe - ok
12:41:47.0673 2116 [ 2F67DEE6452EBC9F4A6C97A1CCC232FE ] C:\Program Files\Microsoft Security Client\MpClient.dll
12:41:47.0673 2116 C:\Program Files\Microsoft Security Client\MpClient.dll - ok
12:41:47.0689 2116 [ BD3674BE7FC9D8D3732C83E8499576ED ] C:\Windows\System32\wtsapi32.dll
12:41:47.0689 2116 C:\Windows\System32\wtsapi32.dll - ok
12:41:47.0704 2116 [ 0BEE002C68E28CE6DA161DCF1376D7D7 ] C:\Windows\System32\authui.dll
12:41:47.0704 2116 C:\Windows\System32\authui.dll - ok
12:41:47.0720 2116 [ 1F4492FE41767CDB8B89D17655847CDD ] C:\Windows\System32\ntmarta.dll
12:41:47.0720 2116 C:\Windows\System32\ntmarta.dll - ok
12:41:47.0767 2116 [ B3BFBD758506ECB50C5804AAA76318F9 ] C:\Windows\System32\cryptui.dll
12:41:47.0767 2116 C:\Windows\System32\cryptui.dll - ok
12:41:47.0782 2116 [ 7FA8FDC2C2A27817FD0F624E78D3B50C ] C:\Windows\winsxs\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac\comctl32.dll
12:41:47.0782 2116 C:\Windows\winsxs\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac\comctl32.dll - ok
12:41:47.0782 2116 [ 5B3EBFC3DA142324B388DDCC4465E1FF ] C:\Windows\System32\samlib.dll
12:41:47.0782 2116 C:\Windows\System32\samlib.dll - ok
12:41:47.0798 2116 [ 4E9C2DB10F7E6AE91BF761139D4B745B ] C:\Windows\System32\shacct.dll
12:41:47.0798 2116 C:\Windows\System32\shacct.dll - ok
12:41:47.0814 2116 [ F06BB4E336EA57511FDBAFAFCC47DE62 ] C:\Windows\System32\propsys.dll
12:41:47.0814 2116 C:\Windows\System32\propsys.dll - ok
12:41:47.0829 2116 [ D29E998E8277666982B4F0303BF4E7AF ] C:\Windows\System32\uxtheme.dll
12:41:47.0829 2116 C:\Windows\System32\uxtheme.dll - ok
12:41:47.0907 2116 [ 179E8401224D557ECFF3695F2016EA5B ] C:\Windows\winsxs\amd64_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.17825_none_2b253c8271ec7765\GdiPlus.dll
12:41:47.0907 2116 C:\Windows\winsxs\amd64_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.17825_none_2b253c8271ec7765\GdiPlus.dll - ok
12:41:47.0923 2116 [ 3CB6A7286422C72C34DAB54A5DFF1A34 ] C:\Windows\System32\dui70.dll
12:41:47.0923 2116 C:\Windows\System32\dui70.dll - ok
12:41:47.0938 2116 [ 5F10310A5A9273475AA04930DFE16742 ] C:\Program Files\Microsoft Security Client\EppManifest.dll
12:41:47.0938 2116 C:\Program Files\Microsoft Security Client\EppManifest.dll - ok
12:41:47.0954 2116 [ 8CCDE014A4CDF84564E03ACE064CA753 ] C:\Windows\System32\duser.dll
12:41:47.0954 2116 C:\Windows\System32\duser.dll - ok
12:41:47.0954 2116 [ 2F2E91FD092811353C3BC968BEC274D8 ] C:\Windows\System32\atiesrxx.exe
12:41:47.0954 2116 C:\Windows\System32\atiesrxx.exe - ok
12:41:47.0970 2116 [ D7F1EF374A90709B31591823B002F918 ] C:\Windows\System32\SndVolSSO.dll
12:41:47.0970 2116 C:\Windows\System32\SndVolSSO.dll - ok
12:41:47.0985 2116 [ 896F15A6434D93EDB42519D5E18E6B50 ] C:\Windows\System32\hid.dll
12:41:47.0985 2116 C:\Windows\System32\hid.dll - ok
12:41:48.0001 2116 [ 227E2C382A1E02F8D4965E664D3BBE43 ] C:\Windows\System32\MMDevAPI.dll
12:41:48.0001 2116 C:\Windows\System32\MMDevAPI.dll - ok
12:41:48.0016 2116 [ DA1B7075260F3872585BFCDD668C648B ] C:\Windows\System32\dwmapi.dll
12:41:48.0016 2116 C:\Windows\System32\dwmapi.dll - ok
12:41:48.0032 2116 [ 6F8B48F3D343E4B186AB6A9E302B7E16 ] C:\Windows\System32\xmllite.dll
12:41:48.0032 2116 C:\Windows\System32\xmllite.dll - ok
12:41:48.0048 2116 [ BF62F3BC1BE0700804EC394BB77F02C4 ] C:\Program Files\Microsoft Security Client\MpRTP.dll
12:41:48.0048 2116 C:\Program Files\Microsoft Security Client\MpRTP.dll - ok
12:41:48.0063 2116 [ F3D202F53A222D5F6944D459B73CF967 ] C:\Windows\System32\fltLib.dll
12:41:48.0063 2116 C:\Windows\System32\fltLib.dll - ok
12:41:48.0079 2116 [ FF7E814CBFEC3C27922C13BB94667416 ] C:\Program Files\Microsoft Security Client\MsMpLics.dll
12:41:48.0079 2116 C:\Program Files\Microsoft Security Client\MsMpLics.dll - ok
12:41:48.0094 2116 [ 05BF204EC0E82CC4A054DB189C8A3D84 ] C:\Windows\System32\drivers\MpFilter.sys
12:41:48.0094 2116 C:\Windows\System32\drivers\MpFilter.sys - ok
12:41:48.0094 2116 [ 26B73A85855681500BCC25C7CD9FF5B1 ] C:\Windows\System32\WindowsCodecs.dll
12:41:48.0094 2116 C:\Windows\System32\WindowsCodecs.dll - ok
12:41:48.0110 2116 [ 12FD09889C8A6141C8D10F7AE48BBAC8 ] C:\Program Files\Microsoft Security Client\NisIpsPlugin.dll
12:41:48.0110 2116 C:\Program Files\Microsoft Security Client\NisIpsPlugin.dll - ok
12:41:48.0126 2116 [ 6011714C8C5C55CBFFAD24D61E879FBD ] C:\Windows\System32\wevtsvc.dll
12:41:48.0126 2116 C:\Windows\System32\wevtsvc.dll - ok
12:41:48.0141 2116 [ D527EF4364D2D00443470940B177EAD4 ] C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{27B1D385-2CEA-4839-848B-B4C409DAEB30}\mpengine.dll
12:41:48.0141 2116 C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{27B1D385-2CEA-4839-848B-B4C409DAEB30}\mpengine.dll - ok
12:41:48.0157 2116 [ 9F2BACD5E1776A4BB7CC0EC3C3A4F96D ] C:\Windows\System32\winbrand.dll
12:41:48.0157 2116 C:\Windows\System32\winbrand.dll - ok
12:41:48.0172 2116 [ C2762A57DF0EE85E63CE4893C5215313 ] C:\Windows\System32\VaultCredProvider.dll
12:41:48.0172 2116 C:\Windows\System32\VaultCredProvider.dll - ok
12:41:48.0188 2116 [ F23FEF6D569FCE88671949894A8BECF1 ] C:\Windows\System32\audiosrv.dll
12:41:48.0188 2116 C:\Windows\System32\audiosrv.dll - ok
12:41:48.0204 2116 [ 53E83F1F6CF9D62F32801CF66D8352A8 ] C:\Windows\System32\profsvc.dll
12:41:48.0204 2116 C:\Windows\System32\profsvc.dll - ok
12:41:48.0219 2116 [ CA2985996BB49924B677113DF95CFEA7 ] C:\Windows\System32\SmartcardCredentialProvider.dll
12:41:48.0219 2116 C:\Windows\System32\SmartcardCredentialProvider.dll - ok
12:41:48.0235 2116 [ 78A1E65207484B7F8D3217507745F47C ] C:\Windows\System32\avrt.dll
12:41:48.0235 2116 C:\Windows\System32\avrt.dll - ok
12:41:48.0250 2116 [ E40E80D0304A73E8D269F7141D77250B ] C:\Windows\System32\mmcss.dll
12:41:48.0250 2116 C:\Windows\System32\mmcss.dll - ok
12:41:48.0266 2116 [ BF352E73615F5461AA6884472435A544 ] C:\Windows\System32\BioCredProv.dll
12:41:48.0266 2116 C:\Windows\System32\BioCredProv.dll - ok
12:41:48.0282 2116 [ 588CD0C78A7FAAE4186B5EEA0AF3ED67 ] C:\Windows\System32\adtschema.dll
12:41:48.0282 2116 C:\Windows\System32\adtschema.dll - ok
12:41:48.0297 2116 [ CC0AB40F02D2C2A12209715A3C1B07B8 ] C:\Windows\System32\credui.dll
12:41:48.0297 2116 C:\Windows\System32\credui.dll - ok
12:41:48.0313 2116 [ 796B8123A7859AFD3A4AE10514DBAEB5 ] C:\Windows\System32\winbio.dll
12:41:48.0313 2116 C:\Windows\System32\winbio.dll - ok
12:41:48.0328 2116 [ EEEA40F0EDB0A6E5359E539E15D0BC77 ] C:\Windows\System32\netapi32.dll
12:41:48.0328 2116 C:\Windows\System32\netapi32.dll - ok
12:41:48.0344 2116 [ 44B9C66177651F3F53C87B665D58D17A ] C:\Windows\System32\vaultcli.dll
12:41:48.0344 2116 C:\Windows\System32\vaultcli.dll - ok
12:41:48.0360 2116 [ 6CECA4C6A489C9B2E6073AFDAAE3F607 ] C:\Windows\System32\netutils.dll
12:41:48.0360 2116 C:\Windows\System32\netutils.dll - ok
12:41:48.0375 2116 [ 3C91392D448F6E5D525A85B7550D8BA9 ] C:\Windows\System32\wkscli.dll
12:41:48.0375 2116 C:\Windows\System32\wkscli.dll - ok
12:41:48.0391 2116 [ 4FADA86E62F18A1B2F42BA18AE24E6AA ] C:\Windows\System32\wlansvc.dll
12:41:48.0391 2116 C:\Windows\System32\wlansvc.dll - ok
12:41:48.0391 2116 [ FC51229C7D4AFA0D6F186133728B95AB ] C:\Windows\System32\samcli.dll
12:41:48.0391 2116 C:\Windows\System32\samcli.dll - ok
12:41:48.0406 2116 [ 08D8C5E32648D6E7976F0458545EA600 ] C:\Program Files\TOSHIBA\SmartFaceV\SmartFaceVCP.dll
12:41:48.0406 2116 C:\Program Files\TOSHIBA\SmartFaceV\SmartFaceVCP.dll - ok
12:41:48.0438 2116 [ 50544D04AD845C43130B70212EC05CCD ] C:\Windows\System32\microsoft-windows-kernel-power-events.dll
12:41:48.0438 2116 C:\Windows\System32\microsoft-windows-kernel-power-events.dll - ok
12:41:48.0453 2116 [ D5CCA1453B98A5801E6D5FF0FF89DC6C ] C:\Windows\System32\audiodg.exe
12:41:48.0453 2116 C:\Windows\System32\audiodg.exe - ok
12:41:48.0453 2116 [ DA6B67270FD9DB3697B20FCE94950741 ] C:\Windows\System32\drivers\fltMgr.sys
12:41:48.0453 2116 C:\Windows\System32\drivers\fltMgr.sys - ok
12:41:48.0469 2116 [ D037BEA6039248D4DE0C5F361F19970D ] C:\Program Files\TOSHIBA\SmartFaceV\SmartFaceVHelper.dll
12:41:48.0469 2116 C:\Program Files\TOSHIBA\SmartFaceV\SmartFaceVHelper.dll - ok
12:41:48.0484 2116 [ 5F28111C648F1E24F7DBC87CDEB091B8 ] C:\Windows\System32\netprofm.dll
12:41:48.0484 2116 C:\Windows\System32\netprofm.dll - ok
12:41:48.0500 2116 [ A3DB3C17EE6CAE65D53602B4E80BCCBC ] C:\Windows\System32\PSHED.DLL
12:41:48.0500 2116 C:\Windows\System32\PSHED.DLL - ok
12:41:48.0516 2116 [ 7AE92C896AF9ABFBDB18C1D055B6EBA7 ] C:\Windows\winsxs\amd64_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.4940_none_88df89932faf0bf6\msvcp80.dll
12:41:48.0516 2116 C:\Windows\winsxs\amd64_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.4940_none_88df89932faf0bf6\msvcp80.dll - ok
12:41:48.0531 2116 [ 06A754FE28A06F780A099703CFCAAA22 ] C:\Windows\winsxs\amd64_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.4940_none_88df89932faf0bf6\msvcr80.dll
12:41:48.0531 2116 C:\Windows\winsxs\amd64_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.4940_none_88df89932faf0bf6\msvcr80.dll - ok
12:41:48.0547 2116 [ 9AE75388EE2C110216B8319584E8AC34 ] C:\Program Files\TOSHIBA\SmartFaceV\SmartFaceVCtrl.dll
12:41:48.0547 2116 C:\Program Files\TOSHIBA\SmartFaceV\SmartFaceVCtrl.dll - ok
12:41:48.0562 2116 [ 277BBC7E1AA1EE957F573A10ECA7EF3A ] C:\Windows\System32\gpsvc.dll
12:41:48.0562 2116 C:\Windows\System32\gpsvc.dll - ok
12:41:48.0578 2116 [ B0945E538CF906BBDDC5A11C8EE868CC ] C:\Windows\System32\microsoft-windows-kernel-processor-power-events.dll
12:41:48.0578 2116 C:\Windows\System32\microsoft-windows-kernel-processor-power-events.dll - ok
12:41:48.0594 2116 [ 54FFC9C8898113ACE189D4AA7199D2C1 ] C:\Windows\System32\MPSSVC.dll
12:41:48.0594 2116 C:\Windows\System32\MPSSVC.dll - ok
12:41:48.0609 2116 [ 46BB91A169B9B31FF44EB04C48EC1D41 ] C:\Windows\System32\nlaapi.dll
12:41:48.0609 2116 C:\Windows\System32\nlaapi.dll - ok
12:41:48.0625 2116 [ 58775492FFD419248B08325E583C527F ] C:\Windows\System32\atl.dll
12:41:48.0625 2116 C:\Windows\System32\atl.dll - ok
12:41:48.0640 2116 [ F0344071948D1A1FA732231785A0664C ] C:\Windows\System32\themeservice.dll
12:41:48.0640 2116 C:\Windows\System32\themeservice.dll - ok
12:41:48.0656 2116 [ EF2AE43BCD46ABB13FC3E5B2B1935C73 ] C:\Windows\System32\winmm.dll
12:41:48.0656 2116 C:\Windows\System32\winmm.dll - ok
12:41:48.0672 2116 [ 2A9238A326763122424E07EF320D5D3A ] C:\Program Files\TOSHIBA\SmartFaceV\FaceRec.dll
12:41:48.0672 2116 C:\Program Files\TOSHIBA\SmartFaceV\FaceRec.dll - ok
12:41:48.0687 2116 [ A77BE7CB3222B4FB0AC6C71D1C2698D4 ] C:\Windows\System32\dsrole.dll
12:41:48.0687 2116 C:\Windows\System32\dsrole.dll - ok
12:41:48.0703 2116 [ 91175B7E997CFAC64F271A15B4217BC7 ] C:\Program Files\TOSHIBA\SmartFaceV\FaceHI.dll
12:41:48.0703 2116 C:\Program Files\TOSHIBA\SmartFaceV\FaceHI.dll - ok
12:41:48.0703 2116 [ BE097F5BB10F9079FCEB2DC4E7E20F02 ] C:\Windows\System32\slc.dll
12:41:48.0718 2116 C:\Windows\System32\slc.dll - ok
12:41:48.0718 2116 [ 4166F82BE4D24938977DD1746BE9B8A0 ] C:\Windows\System32\es.dll
12:41:48.0718 2116 C:\Windows\System32\es.dll - ok
12:41:48.0734 2116 [ 1A47D52E303B7543E4E6026595B95422 ] C:\Windows\System32\comres.dll
12:41:48.0734 2116 C:\Windows\System32\comres.dll - ok
12:41:48.0750 2116 [ C32AB8FA018EF34C0F113BD501436D21 ] C:\Windows\System32\Sens.dll
12:41:48.0750 2116 C:\Windows\System32\Sens.dll - ok
12:41:48.0796 2116 [ EDBB23CBCF2CDF727D64FF9B51A6070E ] C:\Windows\System32\uxsms.dll
12:41:48.0796 2116 C:\Windows\System32\uxsms.dll - ok
12:41:48.0828 2116 [ 1538831CF8AD2979A04C423779465827 ] C:\Windows\System32\drivers\lltdio.sys
12:41:48.0828 2116 C:\Windows\System32\drivers\lltdio.sys - ok
12:41:48.0843 2116 [ 1EA3749C4114DB3E3161156FFFFA6B33 ] C:\Windows\System32\drivers\nwifi.sys
12:41:48.0859 2116 C:\Windows\System32\drivers\nwifi.sys - ok
12:41:48.0874 2116 [ 136185F9FB2CC61E573E676AA5402356 ] C:\Windows\System32\drivers\ndisuio.sys
12:41:48.0874 2116 C:\Windows\System32\drivers\ndisuio.sys - ok
12:41:48.0890 2116 [ DDC86E4F8E7456261E637E3552E804FF ] C:\Windows\System32\drivers\rspndr.sys
12:41:48.0890 2116 C:\Windows\System32\drivers\rspndr.sys - ok
12:41:48.0906 2116 [ F993A32249B66C9D622EA5592A8B76B8 ] C:\Windows\System32\lmhsvc.dll
12:41:48.0906 2116 C:\Windows\System32\lmhsvc.dll - ok
12:41:48.0921 2116 [ D54BFDF3E0C953F823B3D0BFE4732528 ] C:\Windows\System32\nsisvc.dll
12:41:48.0921 2116 C:\Windows\System32\nsisvc.dll - ok
12:41:48.0937 2116 [ 9C5BF3E0541B8A2F85DF1D642E495EE4 ] C:\Program Files\TOSHIBA\SmartFaceV\SmartFaceVLogOn.dll
12:41:48.0937 2116 C:\Program Files\TOSHIBA\SmartFaceV\SmartFaceVLogOn.dll - ok
12:41:48.0952 2116 [ 2B81776DA02017A37FE26C662827470E ] C:\Windows\System32\IPHLPAPI.DLL
12:41:48.0952 2116 C:\Windows\System32\IPHLPAPI.DLL - ok
12:41:48.0968 2116 [ 972C3301DB3DA91AE06A95F6B4160B1B ] C:\Windows\System32\certCredProvider.dll
12:41:48.0968 2116 C:\Windows\System32\certCredProvider.dll - ok
12:41:48.0968 2116 [ 4C9210E8F4E052F6A4EB87716DA0C24C ] C:\Windows\System32\winnsi.dll
12:41:48.0968 2116 C:\Windows\System32\winnsi.dll - ok
12:41:48.0984 2116 [ 43D808F5D9E1A18E5EEB5EBC83969E4E ] C:\Windows\System32\dhcpcore.dll
12:41:48.0984 2116 C:\Windows\System32\dhcpcore.dll - ok
12:41:48.0999 2116 [ B73A6E4B319AFFE64582AC5C1801BB3F ] C:\Windows\System32\nrpsrv.dll
12:41:48.0999 2116 C:\Windows\System32\nrpsrv.dll - ok
12:41:49.0015 2116 [ 032229246107C5C7211E6D1498B52D3D ] C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDCREDPROV.DLL
12:41:49.0015 2116 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDCREDPROV.DLL - ok
12:41:49.0030 2116 [ 16835866AAA693C7D7FCEBA8FFF706E4 ] C:\Windows\System32\dnsrslvr.dll
12:41:49.0030 2116 C:\Windows\System32\dnsrslvr.dll - ok
12:41:49.0046 2116 [ F9EC845C5EECF20E9A67F9F805F2EF1F ] C:\Windows\System32\keyiso.dll
12:41:49.0046 2116 C:\Windows\System32\keyiso.dll - ok
12:41:49.0062 2116 [ 3CC16A849E6092E43909F48EF0E60306 ] C:\Windows\System32\dhcpcore6.dll
12:41:49.0062 2116 C:\Windows\System32\dhcpcore6.dll - ok
12:41:49.0062 2116 [ E2DDA8726DA9CB5B2C4000C9018A9633 ] C:\Windows\System32\eapsvc.dll
12:41:49.0062 2116 C:\Windows\System32\eapsvc.dll - ok
12:41:49.0077 2116 [ 87356377F31DA5F20A833811CD59499C ] C:\Windows\System32\eapphost.dll
12:41:49.0077 2116 C:\Windows\System32\eapphost.dll - ok
12:41:49.0093 2116 [ 0040C486584A8E582C861CFB57AB5387 ] C:\Windows\System32\FWPUCLNT.DLL
12:41:49.0093 2116 C:\Windows\System32\FWPUCLNT.DLL - ok
12:41:49.0124 2116 [ 87FA0C48C3B2E9FEE518818FE26B15B5 ] C:\Windows\System32\rasplap.dll
12:41:49.0124 2116 C:\Windows\System32\rasplap.dll - ok
12:41:49.0155 2116 [ 9FCA3A84338ADEF2AFF67CDA46EF8539 ] C:\Windows\System32\umb.dll
12:41:49.0155 2116 C:\Windows\System32\umb.dll - ok
12:41:49.0186 2116 [ A648C4A06DE367065B24056D067B4460 ] C:\Windows\System32\wlanmsm.dll
12:41:49.0202 2116 C:\Windows\System32\wlanmsm.dll - ok
12:41:49.0233 2116 [ 885D0942E0F28DB90919BE3129ECF279 ] C:\Windows\System32\dnsext.dll
12:41:49.0233 2116 C:\Windows\System32\dnsext.dll - ok
12:41:49.0264 2116 [ 06A1386B6E3A0CBC368665C1840906F4 ] C:\Windows\System32\wlansec.dll
12:41:49.0264 2116 C:\Windows\System32\wlansec.dll - ok
12:41:49.0296 2116 [ F568F7C08458D69E4FCD8675BBB107E4 ] C:\Windows\System32\dhcpcsvc.dll
12:41:49.0296 2116 C:\Windows\System32\dhcpcsvc.dll - ok
12:41:49.0311 2116 [ 65522E77A1360DBC8D199DA3BF5EFFE4 ] C:\Windows\System32\eappprxy.dll
12:41:49.0311 2116 C:\Windows\System32\eappprxy.dll - ok
12:41:49.0327 2116 [ 73FCB7919DEE80EE556F2E498594EBAE ] C:\Windows\System32\onex.dll
12:41:49.0327 2116 C:\Windows\System32\onex.dll - ok
12:41:49.0358 2116 [ 019CD868461B646E09BDF04474C19341 ] C:\Windows\System32\rasapi32.dll
12:41:49.0358 2116 C:\Windows\System32\rasapi32.dll - ok
12:41:49.0358 2116 [ 3C06D5A929B798D0B13F6481242A0FD2 ] C:\Windows\System32\dhcpcsvc6.dll
12:41:49.0358 2116 C:\Windows\System32\dhcpcsvc6.dll - ok
12:41:49.0374 2116 [ 0D753307D274F3688BD21C377B616700 ] C:\Windows\System32\eappcfg.dll
12:41:49.0374 2116 C:\Windows\System32\eappcfg.dll - ok
12:41:49.0389 2116 [ B28DEEC597C8DEB70C744C7CF9210E3E ] C:\Windows\System32\rasman.dll
12:41:49.0389 2116 C:\Windows\System32\rasman.dll - ok
12:41:49.0405 2116 [ B53C4B69B695EDA1B7E41D35CA4244E2 ] C:\Windows\System32\rtutils.dll
12:41:49.0405 2116 C:\Windows\System32\rtutils.dll - ok
12:41:49.0452 2116 [ 97E43F324BE1503CB2FFB058534688DA ] C:\Windows\System32\l2gpstore.dll
12:41:49.0452 2116 C:\Windows\System32\l2gpstore.dll - ok
12:41:49.0467 2116 [ 1473768973453DE50DC738C2955FC4DD ] C:\Windows\System32\wdmaud.drv
12:41:49.0467 2116 C:\Windows\System32\wdmaud.drv - ok
12:41:49.0498 2116 [ 7D5645EE0EA77D539828433D9B95F5EB ] C:\Windows\System32\WinSCard.dll
12:41:49.0498 2116 C:\Windows\System32\WinSCard.dll - ok
12:41:49.0514 2116 [ 7F1B4C6FF3B85F9ADF74055187B8A22C ] C:\Windows\System32\wlanutil.dll
12:41:49.0514 2116 C:\Windows\System32\wlanutil.dll - ok
12:41:49.0530 2116 [ 730BF204A595D5B6D7DC57A247CC741C ] C:\Windows\System32\wlgpclnt.dll
12:41:49.0530 2116 C:\Windows\System32\wlgpclnt.dll - ok
12:41:49.0545 2116 [ 8560FFFC8EB3A806DCD4F82252CFC8C6 ] C:\Windows\System32\ksuser.dll
12:41:49.0545 2116 C:\Windows\System32\ksuser.dll - ok
12:41:49.0592 2116 [ 4FFDE68C4B7C9993FA551E7E36DDB34D ] C:\Windows\System32\msxml6.dll
12:41:49.0592 2116 C:\Windows\System32\msxml6.dll - ok
12:41:49.0608 2116 [ CF636C92B762B26F0B39B38E92380A09 ] C:\Windows\System32\oleacc.dll
12:41:49.0608 2116 C:\Windows\System32\oleacc.dll - ok
12:41:49.0623 2116 [ 9BC8610C32C96A2983A65DC21CAFA921 ] C:\Windows\System32\UXInit.dll
12:41:49.0623 2116 C:\Windows\System32\UXInit.dll - ok
12:41:49.0654 2116 [ 13EB517A22F8AE2E4A02718C163BA401 ] C:\Windows\System32\atieclxx.exe
12:41:49.0654 2116 C:\Windows\System32\atieclxx.exe - ok
12:41:49.0670 2116 [ 019BDD35DE269CB98B22DE8923C2AA3B ] C:\Windows\System32\UIAutomationCore.dll
12:41:49.0670 2116 C:\Windows\System32\UIAutomationCore.dll - ok
12:41:49.0686 2116 [ 3449B6738794D2234ED2C3FADA85D487 ] C:\Windows\System32\atiadlxx.dll
12:41:49.0686 2116 C:\Windows\System32\atiadlxx.dll - ok
12:41:49.0701 2116 [ DC220AE6F64819099F7EBD6F137E32E7 ] C:\Windows\System32\AudioSes.dll
12:41:49.0701 2116 C:\Windows\System32\AudioSes.dll - ok
12:41:49.0717 2116 [ 10AC5CE9F78DC281A1BBD9B8CC587B8A ] C:\Windows\System32\msacm32.dll
12:41:49.0717 2116 C:\Windows\System32\msacm32.dll - ok
12:41:49.0732 2116 [ 1B7C3A37362C7B2890168C5FC61C8D9B ] C:\Windows\System32\msacm32.drv
12:41:49.0732 2116 C:\Windows\System32\msacm32.drv - ok
12:41:49.0748 2116 [ CA2A0750ED830678997695FF61B04C30 ] C:\Windows\System32\midimap.dll
12:41:49.0748 2116 C:\Windows\System32\midimap.dll - ok
12:41:49.0764 2116 [ AAF932B4011D14052955D4B212A4DA8D ] C:\Windows\System32\shsvcs.dll
12:41:49.0764 2116 C:\Windows\System32\shsvcs.dll - ok
12:41:49.0779 2116 [ 262F6592C3299C005FD6BEC90FC4463A ] C:\Windows\System32\schedsvc.dll
12:41:49.0779 2116 C:\Windows\System32\schedsvc.dll - ok
12:41:49.0810 2116 [ B6C244055D019CAC3FE8298DAD973D6D ] C:\Windows\System32\atimuixx.dll
12:41:49.0810 2116 C:\Windows\System32\atimuixx.dll - ok
12:41:49.0810 2116 [ BC414631876B2F28B8DAB08E849C12C5 ] C:\Windows\System32\ktmw32.dll
12:41:49.0810 2116 C:\Windows\System32\ktmw32.dll - ok
12:41:49.0826 2116 [ 5EDBB34736DD7AC1A73CF8792A835E10 ] C:\Windows\System32\AudioEng.dll
12:41:49.0826 2116 C:\Windows\System32\AudioEng.dll - ok
12:41:49.0842 2116 [ 5AA945234E9D4CCE4F715276B9AA712C ] C:\Windows\System32\imageres.dll
12:41:49.0842 2116 C:\Windows\System32\imageres.dll - ok
12:41:49.0857 2116 [ C1395286B822E306B4FE1568A8A77813 ] C:\Windows\System32\AUDIOKSE.dll
12:41:49.0857 2116 C:\Windows\System32\AUDIOKSE.dll - ok
12:41:49.0873 2116 [ 945E54F23C72D37B8CD1987AF0DB63BF ] C:\Windows\System32\fveapi.dll
12:41:49.0873 2116 C:\Windows\System32\fveapi.dll - ok
12:41:49.0888 2116 [ 891ECFD08E2C538B7948CBC45106D697 ] C:\Windows\System32\fvecerts.dll
12:41:49.0888 2116 C:\Windows\System32\fvecerts.dll - ok
12:41:49.0904 2116 [ 694865362F0965779F92BCFE97712323 ] C:\Windows\System32\tbs.dll
12:41:49.0904 2116 C:\Windows\System32\tbs.dll - ok
12:41:49.0920 2116 [ 03706015DB44368375AEBE6339490E66 ] C:\Windows\System32\netcfgx.dll
12:41:49.0920 2116 C:\Windows\System32\netcfgx.dll - ok
12:41:49.0935 2116 [ 706B9A55E4B1EDD2F6C2D7A1CF37E197 ] C:\Windows\System32\RtkAPO64.dll
12:41:49.0935 2116 C:\Windows\System32\RtkAPO64.dll - ok
12:41:49.0951 2116 [ 6A638FC4BFDDC4D9B186C28C91BD1A01 ] C:\Windows\System32\drivers\vwifimp.sys
12:41:49.0951 2116 C:\Windows\System32\drivers\vwifimp.sys - ok
12:41:49.0966 2116 [ ECAEC5FBBBEF8612AF0A866AFA5F7EF2 ] C:\Windows\System32\RTEEL64A.dll
12:41:49.0966 2116 C:\Windows\System32\RTEEL64A.dll - ok
12:41:49.0982 2116 [ A6286A6C7A1BBFCBA17AA54384A21D1C ] C:\Windows\System32\RTEED64A.dll
12:41:49.0982 2116 C:\Windows\System32\RTEED64A.dll - ok
12:41:49.0998 2116 [ 6DC4A7242F565C9E9C9CCC7BB0FA75C7 ] C:\Windows\System32\taskcomp.dll
12:41:49.0998 2116 C:\Windows\System32\taskcomp.dll - ok
12:41:50.0029 2116 [ 8269210DAF3B12BC8300631B28A2A442 ] C:\Windows\System32\wiarpc.dll
12:41:50.0029 2116 C:\Windows\System32\wiarpc.dll - ok
12:41:50.0044 2116 [ 0EA7DE1ACB728DD5A369FD742D6EEE28 ] C:\Windows\System32\drivers\http.sys
12:41:50.0044 2116 C:\Windows\System32\drivers\http.sys - ok
12:41:50.0060 2116 [ 85DAA09A98C9286D4EA2BA8D0E644377 ] C:\Windows\System32\spoolsv.exe
12:41:50.0060 2116 C:\Windows\System32\spoolsv.exe - ok
12:41:50.0076 2116 [ 82974D6A2FD19445CC5171FC378668A4 ] C:\Windows\System32\BFE.DLL
12:41:50.0076 2116 C:\Windows\System32\BFE.DLL - ok
12:41:50.0091 2116 [ 0E7045E24F78351E021D3C01566DBBA3 ] C:\Program Files\Microsoft Security Client\MpAsDesc.dll
12:41:50.0091 2116 C:\Program Files\Microsoft Security Client\MpAsDesc.dll - ok
12:41:50.0091 2116 [ 5B8580B819BE32EEC18CE1FEC52A4BCE ] C:\Program Files\Microsoft Security Client\MpCmdRun.exe
12:41:50.0091 2116 C:\Program Files\Microsoft Security Client\MpCmdRun.exe - ok
12:41:50.0107 2116 [ 6C02A83164F5CC0A262F4199F0871CF5 ] C:\Windows\System32\drivers\bowser.sys
12:41:50.0107 2116 C:\Windows\System32\drivers\bowser.sys - ok
12:41:50.0122 2116 [ 6C38C9E45AE0EA2FA5E551F2ED5E978F ] C:\Windows\System32\drivers\mpsdrv.sys
12:41:50.0122 2116 C:\Windows\System32\drivers\mpsdrv.sys - ok
12:41:50.0138 2116 [ A5D9106A73DC88564C825D317CAC68AC ] C:\Windows\System32\drivers\mrxsmb.sys
12:41:50.0138 2116 C:\Windows\System32\drivers\mrxsmb.sys - ok
12:41:50.0154 2116 [ D711B3C1D5F42C0C2415687BE09FC163 ] C:\Windows\System32\drivers\mrxsmb10.sys
12:41:50.0154 2116 C:\Windows\System32\drivers\mrxsmb10.sys - ok
12:41:50.0169 2116 [ 218A400108F280428FA22282D3268BBC ] C:\Windows\System32\wscapi.dll
12:41:50.0169 2116 C:\Windows\System32\wscapi.dll - ok
12:41:50.0185 2116 [ 9423E9D355C8D303E76B8CFBD8A5C30C ] C:\Windows\System32\drivers\mrxsmb20.sys
12:41:50.0185 2116 C:\Windows\System32\drivers\mrxsmb20.sys - ok
12:41:50.0200 2116 [ 402B44B31C7183FCF2C4E1083AF317FA ] C:\Windows\System32\conhost.exe
12:41:50.0200 2116 C:\Windows\System32\conhost.exe - ok
12:41:50.0200 2116 [ 851A1382EED3E3A7476DB004F4EE3E1A ] C:\Windows\System32\wkssvc.dll
12:41:50.0200 2116 C:\Windows\System32\wkssvc.dll - ok
12:41:50.0216 2116 [ C67F8A962B2534224D5908D16D2AD3CE ] C:\Windows\System32\wfapigp.dll
12:41:50.0216 2116 C:\Windows\System32\wfapigp.dll - ok
12:41:50.0232 2116 [ 9C01375BE382E834CC26D1B7EAF2C4FE ] C:\Windows\System32\cryptsvc.dll
12:41:50.0232 2116 C:\Windows\System32\cryptsvc.dll - ok
12:41:50.0247 2116 [ B26F4F737E8F9DF4F31AF6CF31D05820 ] C:\Windows\System32\dps.dll
12:41:50.0247 2116 C:\Windows\System32\dps.dll - ok
12:41:50.0263 2116 [ 8792BAB371B4B1589E015B6FD1ED3B15 ] C:\Windows\System32\cryptnet.dll
12:41:50.0263 2116 C:\Windows\System32\cryptnet.dll - ok
12:41:50.0278 2116 [ BAAFAF9CEAEC0B73C2A3550A01F6CECB ] C:\Windows\System32\taskschd.dll
12:41:50.0278 2116 C:\Windows\System32\taskschd.dll - ok
12:41:50.0294 2116 [ 0E2F58F6E698EDCB9E58FAD0CBCD0567 ] C:\Windows\System32\vssapi.dll
12:41:50.0294 2116 C:\Windows\System32\vssapi.dll - ok
12:41:50.0310 2116 [ 287923557447D7E4BDD7E65B1F0F5428 ] C:\Windows\System32\vsstrace.dll
12:41:50.0310 2116 C:\Windows\System32\vsstrace.dll - ok
12:41:50.0325 2116 [ 1834B31C749B86DAC233BBBA1C03BC48 ] C:\Windows\System32\mscms.dll
12:41:50.0325 2116 C:\Windows\System32\mscms.dll - ok
12:41:50.0341 2116 [ FCD84C381E0140AF901E58D48882D26B ] C:\Windows\System32\IKEEXT.DLL
12:41:50.0341 2116 C:\Windows\System32\IKEEXT.DLL - ok
12:41:50.0356 2116 [ 3AEAA8B561E63452C655DC0584922257 ] C:\Windows\System32\pcasvc.dll
12:41:50.0356 2116 C:\Windows\System32\pcasvc.dll - ok
12:41:50.0372 2116 [ 802496CB59A30349F9A6DD22D6947644 ] C:\Windows\System32\FDResPub.dll
12:41:50.0372 2116 C:\Windows\System32\FDResPub.dll - ok
12:41:50.0388 2116 [ FA43D418BC945D27D0625B697B8442B5 ] C:\Windows\System32\cabinet.dll
12:41:50.0388 2116 C:\Windows\System32\cabinet.dll - ok
12:41:50.0403 2116 [ 85B16A92B117A5A800032ECD904B86DB ] C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
12:41:50.0403 2116 C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe - ok
12:41:50.0419 2116 [ 6313F223E817CC09AA41811DAA7F541D ] C:\Windows\System32\snmptrap.exe
12:41:50.0419 2116 C:\Windows\System32\snmptrap.exe - ok
12:41:50.0434 2116 [ E73B0F1819602CB6EF176FB78D76A47B ] C:\Windows\SysWOW64\ntdll.dll
12:41:50.0434 2116 C:\Windows\SysWOW64\ntdll.dll - ok
12:41:50.0450 2116 [ F1B205F932F62F94506A5F332C895DAF ] C:\Windows\System32\WSDApi.dll
12:41:50.0450 2116 C:\Windows\System32\WSDApi.dll - ok
12:41:50.0466 2116 [ D29902687A6110FE637F87189C6A3FB5 ] C:\Windows\System32\wow64.dll
12:41:50.0466 2116 C:\Windows\System32\wow64.dll - ok
12:41:50.0481 2116 [ CFBE90EF20EE550F4A6B74CED16DAFCA ] C:\Windows\System32\wow64win.dll
12:41:50.0481 2116 C:\Windows\System32\wow64win.dll - ok
12:41:50.0497 2116 [ C55516D98DD5D8F0153C2A9B4227DA86 ] C:\Windows\System32\webservices.dll
12:41:50.0497 2116 C:\Windows\System32\webservices.dll - ok
12:41:50.0512 2116 [ E9EEC159B08BFDD76FAD2C1C333223B3 ] C:\Windows\System32\wow64cpu.dll
12:41:50.0512 2116 C:\Windows\System32\wow64cpu.dll - ok
12:41:50.0528 2116 [ 9B98D47916EAD4F69EF51B56B0C2323C ] C:\Windows\SysWOW64\kernel32.dll
12:41:50.0528 2116 C:\Windows\SysWOW64\kernel32.dll - ok
12:41:50.0544 2116 [ 10EAB90C1AE8271B5FE5A8930987EE5C ] C:\Program Files\Windows Live\Mesh\WLRemoteServiceResource.dll
12:41:50.0544 2116 C:\Program Files\Windows Live\Mesh\WLRemoteServiceResource.dll - ok
12:41:50.0590 2116 [ 77B5035BC6EDF4D1B6265391AECEE4C0 ] C:\Windows\System32\vpnikeapi.dll
12:41:50.0590 2116 C:\Windows\System32\vpnikeapi.dll - ok
12:41:50.0622 2116 [ 92E0508D924512F63FFEEFE498CBD11F ] C:\Windows\System32\p2pcollab.dll
12:41:50.0622 2116 C:\Windows\System32\p2pcollab.dll - ok
12:41:50.0653 2116 [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB ] C:\Windows\System32\sstpsvc.dll
12:41:50.0653 2116 C:\Windows\System32\sstpsvc.dll - ok
12:41:50.0668 2116 [ B5055B51BAA0FD0A736A88653DA3C1C0 ] C:\Windows\System32\fundisc.dll
12:41:50.0668 2116 C:\Windows\System32\fundisc.dll - ok
12:41:50.0700 2116 [ 53BB811ED12D2C867B354390FABF9612 ] C:\Windows\SysWOW64\KernelBase.dll
12:41:50.0700 2116 C:\Windows\SysWOW64\KernelBase.dll - ok
12:41:50.0715 2116 [ C0F7C25EEFB1C5FD554AAA801201A83C ] C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbam.dll
12:41:50.0715 2116 C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbam.dll - ok
12:41:50.0731 2116 [ 908ACB1F594274965A53926B10C81E89 ] C:\Windows\System32\provsvc.dll
12:41:50.0731 2116 C:\Windows\System32\provsvc.dll - ok
12:41:50.0746 2116 [ 8CC3C111D653E96F3EA1590891491D71 ] C:\Windows\SysWOW64\shlwapi.dll
12:41:50.0746 2116 C:\Windows\SysWOW64\shlwapi.dll - ok
12:41:50.0762 2116 [ D6D3AD7BF1D6F6CE9547613ED5E170A2 ] C:\Windows\SysWOW64\gdi32.dll
12:41:50.0762 2116 C:\Windows\SysWOW64\gdi32.dll - ok
12:41:50.0793 2116 [ 5E0DB2D8B2750543CD2EBB9EA8E6CDD3 ] C:\Windows\SysWOW64\user32.dll
12:41:50.0793 2116 C:\Windows\SysWOW64\user32.dll - ok
12:41:50.0824 2116 [ 95E2376B3323F062EB562B8586D0F14A ] C:\Windows\SysWOW64\advapi32.dll
12:41:50.0824 2116 C:\Windows\SysWOW64\advapi32.dll - ok
12:41:50.0856 2116 [ 9DC80A8AAAAAC397BDAB3C67165A824E ] C:\Windows\SysWOW64\msvcrt.dll
12:41:50.0856 2116 C:\Windows\SysWOW64\msvcrt.dll - ok
12:41:50.0902 2116 [ CFC97F07904067A1E5FAE195D534DA3A ] C:\Windows\SysWOW64\sechost.dll
12:41:50.0902 2116 C:\Windows\SysWOW64\sechost.dll - ok
12:41:50.0918 2116 [ C5AD8083CF94201F1F8084ECC696A8B7 ] C:\Windows\SysWOW64\rpcrt4.dll
12:41:50.0918 2116 C:\Windows\SysWOW64\rpcrt4.dll - ok
12:41:50.0949 2116 [ EDA7AD21DF8945528F01F0A86D69E524 ] C:\Windows\SysWOW64\sspicli.dll
12:41:50.0949 2116 C:\Windows\SysWOW64\sspicli.dll - ok
12:41:50.0980 2116 [ F08F6FCD09F9BE94C37ACC1B344685FF ] C:\Windows\SysWOW64\cryptbase.dll
12:41:50.0980 2116 C:\Windows\SysWOW64\cryptbase.dll - ok
12:41:51.0012 2116 [ 384721EF4024890092625E20CADFAF85 ] C:\Windows\SysWOW64\lpk.dll
12:41:51.0012 2116 C:\Windows\SysWOW64\lpk.dll - ok
12:41:51.0027 2116 [ 58F4493BF748A3A89689997B7BD00E95 ] C:\Windows\System32\winhttp.dll
12:41:51.0027 2116 C:\Windows\System32\winhttp.dll - ok
12:41:51.0058 2116 [ 804AAAFEBB3AD5F49334DD906BCB1DE5 ] C:\Windows\SysWOW64\usp10.dll
12:41:51.0058 2116 C:\Windows\SysWOW64\usp10.dll - ok
12:41:51.0074 2116 [ 29E9794708DF51DB5DC89FB2E903A0F6 ] C:\Windows\SysWOW64\shell32.dll
12:41:51.0074 2116 C:\Windows\SysWOW64\shell32.dll - ok
12:41:51.0090 2116 [ 603EBD34E216C5654A2D774EAC98D278 ] C:\Windows\System32\webio.dll
12:41:51.0090 2116 C:\Windows\System32\webio.dll - ok
12:41:51.0105 2116 [ BCEA9AB347E53BC03B2E36BE0B8BA0EF ] C:\Windows\System32\httpapi.dll
12:41:51.0105 2116 C:\Windows\System32\httpapi.dll - ok
12:41:51.0121 2116 [ 8AD77806D336673F270DB31645267293 ] C:\Windows\System32\nlasvc.dll
12:41:51.0121 2116 C:\Windows\System32\nlasvc.dll - ok
12:41:51.0136 2116 [ 582AC6D9873E31DFA28A4547270862DD ] C:\Windows\System32\QAGENTRT.DLL
12:41:51.0136 2116 C:\Windows\System32\QAGENTRT.DLL - ok
12:41:51.0152 2116 [ 506A83A3BEEE9FCA09F0170DE9FC7D1B ] C:\Windows\System32\fveui.dll
12:41:51.0152 2116 C:\Windows\System32\fveui.dll - ok
12:41:51.0168 2116 [ CA9E3BD4752FA2C084F5CD35FD8D0025 ] C:\Program Files\Microsoft Security Client\MsseWat.dll
12:41:51.0168 2116 C:\Program Files\Microsoft Security Client\MsseWat.dll - ok
12:41:51.0183 2116 [ B6D6886149573278CBA6ABD44C4317F5 ] C:\Windows\System32\slwga.dll
12:41:51.0183 2116 C:\Windows\System32\slwga.dll - ok
12:41:51.0199 2116 [ DB76DB15EFC6E4D1153A6C5BC895948D ] C:\Windows\System32\sppc.dll
12:41:51.0199 2116 C:\Windows\System32\sppc.dll - ok
12:41:51.0214 2116 [ 58A0CDABEA255616827B1C22C9994466 ] C:\Windows\System32\NapiNSP.dll
12:41:51.0214 2116 C:\Windows\System32\NapiNSP.dll - ok
12:41:51.0230 2116 [ 613C8CE10A5FDE582BA5FA64C4D56AAA ] C:\Windows\System32\pnrpnsp.dll
12:41:51.0230 2116 C:\Windows\System32\pnrpnsp.dll - ok
12:41:51.0246 2116 [ 702254574E7E52052DE39408457B7149 ] C:\Windows\SysWOW64\version.dll
12:41:51.0261 2116 C:\Windows\SysWOW64\version.dll - ok
12:41:51.0261 2116 [ A8AD2773202A3913D1E1564BD5703183 ] C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamnet.dll
12:41:51.0261 2116 C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamnet.dll - ok
12:41:51.0277 2116 [ 60D21799A4AF4EDCE65FB98830E4B0C8 ] C:\Windows\SysWOW64\crypt32.dll
12:41:51.0277 2116 C:\Windows\SysWOW64\crypt32.dll - ok
12:41:51.0292 2116 [ A90DC9ABD65DB1A8902F361103029952 ] C:\Windows\SysWOW64\IPHLPAPI.DLL
12:41:51.0292 2116 C:\Windows\SysWOW64\IPHLPAPI.DLL - ok
12:41:51.0308 2116 [ 938F39B50BAFE13D6F58C7790682C010 ] C:\Windows\SysWOW64\msasn1.dll
12:41:51.0308 2116 C:\Windows\SysWOW64\msasn1.dll - ok
12:41:51.0324 2116 [ 6377051C63D5552A311935C67E9FDFDC ] C:\Windows\SysWOW64\nsi.dll
12:41:51.0324 2116 C:\Windows\SysWOW64\nsi.dll - ok
12:41:51.0339 2116 [ CFF35B879D1618D42C86644C717BA947 ] C:\Windows\SysWOW64\winnsi.dll
12:41:51.0339 2116 C:\Windows\SysWOW64\winnsi.dll - ok
12:41:51.0355 2116 [ 7FF15A4F092CD4A96055BA69F903E3E9 ] C:\Windows\SysWOW64\ws2_32.dll
12:41:51.0355 2116 C:\Windows\SysWOW64\ws2_32.dll - ok
12:41:51.0370 2116 [ 6A6B2EE4565A178035BE2A4FF6F2C968 ] C:\Windows\SysWOW64\wtsapi32.dll
12:41:51.0370 2116 C:\Windows\SysWOW64\wtsapi32.dll - ok
12:41:51.0386 2116 [ C733D233B623B7FFCE5031E4B756EE26 ] C:\Windows\SysWOW64\profapi.dll
12:41:51.0386 2116 C:\Windows\SysWOW64\profapi.dll - ok
12:41:51.0402 2116 [ D15618A0FF8DBC2C5BF3726BACC75A0B ] C:\Windows\SysWOW64\userenv.dll
12:41:51.0402 2116 C:\Windows\SysWOW64\userenv.dll - ok
12:41:51.0417 2116 [ A6F09E5669D9A19035F6D942CAA15882 ] C:\Windows\SysWOW64\imm32.dll
12:41:51.0417 2116 C:\Windows\SysWOW64\imm32.dll - ok
12:41:51.0433 2116 [ C9618BC9B2B0FD7C1138D8774795A79B ] C:\Windows\SysWOW64\msctf.dll
12:41:51.0433 2116 C:\Windows\SysWOW64\msctf.dll - ok
12:41:51.0448 2116 [ 20E2469DB709FC675E655CEAA11BE312 ] C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
12:41:51.0448 2116 C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe - ok
12:41:51.0464 2116 [ 928CF7268086631F54C3D8E17238C6DD ] C:\Windows\SysWOW64\ole32.dll
12:41:51.0464 2116 C:\Windows\SysWOW64\ole32.dll - ok
12:41:51.0480 2116 [ 8EB9DF4D405524D5EF69AE9ECB0EDD16 ] C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamcore.dll
12:41:51.0480 2116 C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamcore.dll - ok
12:41:51.0495 2116 [ B9A8CBCFCD3EC9D2EA4740AF347BF108 ] C:\Windows\SysWOW64\mpr.dll
12:41:51.0495 2116 C:\Windows\SysWOW64\mpr.dll - ok
12:41:51.0511 2116 [ 17448AF0BBA9E7AB5EC955AF93F271BD ] C:\Windows\SysWOW64\wintrust.dll
12:41:51.0511 2116 C:\Windows\SysWOW64\wintrust.dll - ok
12:41:51.0526 2116 [ A543AC1F7138376D778D630A35FCBC4C ] C:\Windows\SysWOW64\psapi.dll
12:41:51.0526 2116 C:\Windows\SysWOW64\psapi.dll - ok
12:41:51.0526 2116 [ 5FF89F20317309D28AC1EDEB0CD1BA72 ] C:\Windows\System32\drivers\NisDrvWFP.sys
12:41:51.0526 2116 C:\Windows\System32\drivers\NisDrvWFP.sys - ok
12:41:51.0542 2116 [ 1727B2A2F379A32B864C096FA794AADC ] C:\Windows\System32\aepic.dll
12:41:51.0542 2116 C:\Windows\System32\aepic.dll - ok
12:41:51.0558 2116 [ D4FAC263861BAE06971C7F7D0A8EBF15 ] C:\Windows\System32\ncsi.dll
12:41:51.0558 2116 C:\Windows\System32\ncsi.dll - ok
12:41:51.0573 2116 [ 68769C3356B3BE5D1C732C97B9A80D6E ] C:\Windows\System32\drivers\PEAuth.sys
12:41:51.0573 2116 C:\Windows\System32\drivers\PEAuth.sys - ok
12:41:51.0589 2116 [ C6DCD1D11ED6827F05C00773C3E7053C ] C:\Windows\System32\sfc.dll
12:41:51.0589 2116 C:\Windows\System32\sfc.dll - ok
12:41:51.0604 2116 [ 895C9AB0A855547445C4181195230757 ] C:\Windows\System32\sfc_os.dll
12:41:51.0604 2116 C:\Windows\System32\sfc_os.dll - ok
12:41:51.0620 2116 [ 3EA8A16169C26AFBEB544E0E48421186 ] C:\Windows\System32\drivers\secdrv.sys
12:41:51.0620 2116 C:\Windows\System32\drivers\secdrv.sys - ok
12:41:51.0636 2116 [ 2BBF3FDB70B8965DFA0258CBAB41ECCE ] C:\Windows\System32\ssdpapi.dll
12:41:51.0636 2116 C:\Windows\System32\ssdpapi.dll - ok
12:41:51.0651 2116 [ 27E461F0BE5BFF5FC737328F749538C3 ] C:\Windows\System32\drivers\srvnet.sys
12:41:51.0651 2116 C:\Windows\System32\drivers\srvnet.sys - ok
12:41:51.0667 2116 [ BF9CCC0BF39B418C8D0AE8B05CF95B7D ] C:\Windows\System32\sysmain.dll
12:41:51.0667 2116 C:\Windows\System32\sysmain.dll - ok
12:41:51.0682 2116 [ 8DD52E8E6128F4B2DA92CE27402871C1 ] C:\Windows\System32\wiaservc.dll
12:41:51.0682 2116 C:\Windows\System32\wiaservc.dll - ok
12:41:51.0698 2116 [ 1B16D0BD9841794A6E0CDE0CEF744ABC ] C:\Windows\System32\drivers\tcpipreg.sys
12:41:51.0698 2116 C:\Windows\System32\drivers\tcpipreg.sys - ok
12:41:51.0714 2116 [ 0364256B4A2A93A8C8CDA6B3B5A0EFF5 ] C:\Windows\System32\wiatrace.dll
12:41:51.0714 2116 C:\Windows\System32\wiatrace.dll - ok
12:41:51.0729 2116 [ 210FCACAF902B2CD47CF9FD17D846146 ] C:\Windows\System32\aeevts.dll
12:41:51.0729 2116 C:\Windows\System32\aeevts.dll - ok
12:41:51.0745 2116 [ B2DFFEA8FB6B8DA0501F53C9F2112612 ] C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{27B1D385-2CEA-4839-848B-B4C409DAEB30}\offreg.dll
12:41:51.0745 2116 C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{27B1D385-2CEA-4839-848B-B4C409DAEB30}\offreg.dll - ok
12:41:51.0760 2116 [ 7321F18D1F820612ED0E9F2D4B578A7E ] C:\Windows\SysWOW64\cryptsp.dll
12:41:51.0760 2116 C:\Windows\SysWOW64\cryptsp.dll - ok
12:41:51.0776 2116 [ ED8EC63F7522DF4852147C84EC62C36A ] C:\Windows\SysWOW64\rsaenh.dll
12:41:51.0776 2116 C:\Windows\SysWOW64\rsaenh.dll - ok
12:41:51.0792 2116 [ 0B4734AE9EC70B843DF02E7B1C056377 ] C:\Windows\System32\ThpSrv.exe
12:41:51.0792 2116 C:\Windows\System32\ThpSrv.exe - ok
12:41:51.0807 2116 [ 8E2C799D3476EAC32C3BA0DF7CE6AF19 ] C:\Windows\System32\TODDSrv.exe
12:41:51.0807 2116 C:\Windows\System32\TODDSrv.exe - ok
12:41:51.0823 2116 [ 1C73689B900428C7D054A41C4687F55C ] C:\Program Files\TOSHIBA\Power Saver\TosCoSrv.exe
12:41:51.0823 2116 C:\Program Files\TOSHIBA\Power Saver\TosCoSrv.exe - ok
12:41:51.0838 2116 [ 3EAE925DCD7D2704982BBCA4DC7EAE7E ] C:\Program Files\TOSHIBA\Power Saver\TPwrReg.dll
12:41:51.0838 2116 C:\Program Files\TOSHIBA\Power Saver\TPwrReg.dll - ok
12:41:51.0854 2116 [ D1103CFC8D7EA09ED22536EC301603F9 ] C:\Program Files\TOSHIBA\Power Saver\TPwrFunc.dll
12:41:51.0854 2116 C:\Program Files\TOSHIBA\Power Saver\TPwrFunc.dll - ok
12:41:51.0870 2116 [ DF5246F51E8557E20D40B3641CAE57B7 ] C:\Program Files\TOSHIBA\Power Saver\TtosFunc.dll
12:41:51.0870 2116 C:\Program Files\TOSHIBA\Power Saver\TtosFunc.dll - ok
12:41:51.0885 2116 [ 0015ACFBBDD164A8A730009908868CA7 ] C:\Windows\System32\winspool.drv
12:41:51.0885 2116 C:\Windows\System32\winspool.drv - ok
12:41:51.0885 2116 [ 7E7AFD841694F6AC397E99D75CEAD49D ] C:\Windows\System32\trkwks.dll
12:41:51.0885 2116 C:\Windows\System32\trkwks.dll - ok
12:41:51.0916 2116 [ 2BACD71123F42CEA603F4E205E1AE337 ] C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
12:41:51.0916 2116 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE - ok
12:41:51.0916 2116 [ 19B07E7E8915D701225DA41CB3877306 ] C:\Windows\System32\wbem\WMIsvc.dll
12:41:51.0916 2116 C:\Windows\System32\wbem\WMIsvc.dll - ok
12:41:51.0932 2116 [ 7DB5AA22A8A8E5C2D335F44853C1F6DE ] C:\Windows\System32\wbemcomn.dll
12:41:51.0932 2116 C:\Windows\System32\wbemcomn.dll - ok
12:41:51.0948 2116 [ 0C52762C606BCF6A377D5E4688191A6B ] C:\Windows\System32\wbem\WmiDcPrv.dll
12:41:51.0948 2116 C:\Windows\System32\wbem\WmiDcPrv.dll - ok
12:41:51.0963 2116 [ B837D1528CE2E3CB79F09496BC08DDC6 ] C:\Windows\System32\SensApi.dll
12:41:51.0963 2116 C:\Windows\System32\SensApi.dll - ok
12:41:51.0979 2116 [ 93812FDC01AA864195816CD814445F95 ] C:\Program Files\Common Files\Microsoft Shared\Windows Live\SQMAPI.DLL
12:41:51.0979 2116 C:\Program Files\Common Files\Microsoft Shared\Windows Live\SQMAPI.DLL - ok
12:41:51.0994 2116 [ A3F5E8EC1316C3E2562B82694A251C9E ] C:\Windows\System32\wbem\fastprox.dll
12:41:51.0994 2116 C:\Windows\System32\wbem\fastprox.dll - ok
12:41:52.0010 2116 [ 0255C22D99602534F15CBB8D9B6F152F ] C:\Windows\System32\wbem\WinMgmtR.dll
12:41:52.0010 2116 C:\Windows\System32\wbem\WinMgmtR.dll - ok
12:41:52.0041 2116 [ EE26D130808D16C0E417BBBED0451B34 ] C:\Windows\System32\ntdsapi.dll
12:41:52.0041 2116 C:\Windows\System32\ntdsapi.dll - ok
12:41:52.0057 2116 [ 9689A9C7F7C2A1A423CDA2C3B43FFF65 ] C:\Windows\System32\wer.dll
12:41:52.0057 2116 C:\Windows\System32\wer.dll - ok
12:41:52.0072 2116 [ 666A60F6F5E719856FF6254E0966EFF7 ] C:\Windows\System32\wbem\wbemprox.dll
12:41:52.0072 2116 C:\Windows\System32\wbem\wbemprox.dll - ok
12:41:52.0088 2116 [ B4ADEBBF5E3677CCE9651E0F01F7CC28 ] C:\Windows\System32\drivers\srv2.sys
12:41:52.0088 2116 C:\Windows\System32\drivers\srv2.sys - ok
12:41:52.0104 2116 [ 08C2957BB30058E663720C5606885653 ] C:\Windows\System32\iphlpsvc.dll
12:41:52.0104 2116 C:\Windows\System32\iphlpsvc.dll - ok
12:41:52.0119 2116 [ 441FBA48BFF01FDB9D5969EBC1838F0B ] C:\Windows\System32\drivers\srv.sys
12:41:52.0119 2116 C:\Windows\System32\drivers\srv.sys - ok
12:41:52.0135 2116 [ 079FD1D59EAD19270C979AF174D881A3 ] C:\ProgramData\Microsoft\IdentityCRL\production\ppcrlconfig600.dll
12:41:52.0135 2116 C:\ProgramData\Microsoft\IdentityCRL\production\ppcrlconfig600.dll - ok
12:41:52.0150 2116 [ 27B9E163740A226B65E4B9E186117911 ] C:\Windows\System32\sqmapi.dll
12:41:52.0150 2116 C:\Windows\System32\sqmapi.dll - ok
12:41:52.0166 2116 [ 0B2D65FDDE31069299AA6330F359FF9C ] C:\Windows\System32\msxml3.dll
12:41:52.0166 2116 C:\Windows\System32\msxml3.dll - ok
12:41:52.0182 2116 [ 7B38D7916A7CD058C16A0A6CA5077901 ] C:\Windows\System32\wdscore.dll
12:41:52.0182 2116 C:\Windows\System32\wdscore.dll - ok
12:41:52.0197 2116 [ 2A46FFE841EC43001D5A293A54DB34DE ] C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
12:41:52.0197 2116 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE - ok
12:41:52.0213 2116 [ 5EB55F661DEBF156E126160BCD4D89F8 ] C:\Windows\System32\wbem\wbemcore.dll
12:41:52.0213 2116 C:\Windows\System32\wbem\wbemcore.dll - ok
12:41:52.0228 2116 [ 087D8668C71634A3A3761135ABF16EEE ] C:\Windows\System32\wbem\esscli.dll
12:41:52.0228 2116 C:\Windows\System32\wbem\esscli.dll - ok
12:41:52.0244 2116 [ 718B6F51AB7F6FE2988A36868F9AD3AB ] C:\Windows\System32\wbem\wbemsvc.dll
12:41:52.0244 2116 C:\Windows\System32\wbem\wbemsvc.dll - ok
12:41:52.0260 2116 [ 05F5A0D14A2EE1D8255C2AA0E9E8E694 ] C:\Windows\System32\browser.dll
12:41:52.0260 2116 C:\Windows\System32\browser.dll - ok
12:41:52.0275 2116 [ D9F42719019740BAA6D1C6D536CBDAA6 ] C:\Windows\System32\srvsvc.dll
12:41:52.0275 2116 C:\Windows\System32\srvsvc.dll - ok
12:41:52.0291 2116 [ 3B367397320C26DBA890B260F80D1B1B ] C:\Windows\System32\hnetcfg.dll
12:41:52.0291 2116 C:\Windows\System32\hnetcfg.dll - ok
12:41:52.0306 2116 [ FEB91B4DA0D540865260A33838654FA3 ] C:\Windows\System32\nci.dll
12:41:52.0306 2116 C:\Windows\System32\nci.dll - ok
12:41:52.0322 2116 [ CFEFA40DDE34659BE5211966EAD86437 ] C:\Windows\System32\netmsg.dll
12:41:52.0322 2116 C:\Windows\System32\netmsg.dll - ok
12:41:52.0322 2116 [ 0143DB80DACFB7C2B5B7009ED9063353 ] C:\Windows\System32\wbem\wmiutils.dll
12:41:52.0322 2116 C:\Windows\System32\wbem\wmiutils.dll - ok
12:41:52.0338 2116 [ 0AB34456654C283DAA13B8D2BA21439B ] C:\Windows\System32\wbem\repdrvfs.dll
12:41:52.0338 2116 C:\Windows\System32\wbem\repdrvfs.dll - ok
12:41:52.0353 2116 [ 81749E073AC5857B044A686B406E5244 ] C:\Windows\System32\clusapi.dll
12:41:52.0353 2116 C:\Windows\System32\clusapi.dll - ok
12:41:52.0369 2116 [ FF80CAD87555E8E4D2CFD7B9058343F8 ] C:\Windows\System32\sscore.dll
12:41:52.0369 2116 C:\Windows\System32\sscore.dll - ok
12:41:52.0384 2116 [ 344FCC9850C3A8A3B4D3C65151AF8E4C ] C:\Windows\System32\resutils.dll
12:41:52.0384 2116 C:\Windows\System32\resutils.dll - ok
12:41:52.0400 2116 [ DDD0357A92FA843EFF8915ED17253D6C ] C:\Windows\System32\wbem\WmiPrvSD.dll
12:41:52.0400 2116 C:\Windows\System32\wbem\WmiPrvSD.dll - ok
12:41:52.0416 2116 [ D41FEBD098234F02485A4EA98D4730A4 ] C:\Windows\System32\ncobjapi.dll
12:41:52.0416 2116 C:\Windows\System32\ncobjapi.dll - ok
12:41:52.0431 2116 [ 6F40D6FB05E0C1E5402812B426971AF0 ] C:\Windows\System32\wbem\wbemess.dll
12:41:52.0431 2116 C:\Windows\System32\wbem\wbemess.dll - ok
12:41:52.0447 2116 [ AFB5B500AD69E24ED1BC15D1161641EF ] C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL
12:41:52.0447 2116 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL - ok
12:41:52.0462 2116 [ 88351B29B622B30962D2FEB6CA8D860B ] C:\Windows\System32\rasadhlp.dll
12:41:52.0462 2116 C:\Windows\System32\rasadhlp.dll - ok
12:41:52.0478 2116 [ 45CFBFA8EDC3DF4E2B7FB0D0260FE051 ] C:\Windows\System32\localspl.dll
12:41:52.0478 2116 C:\Windows\System32\localspl.dll - ok
12:41:52.0478 2116 [ 3285481F5C12305CA104A6C493CA5A0B ] C:\Windows\System32\spoolss.dll
12:41:52.0478 2116 C:\Windows\System32\spoolss.dll - ok
12:41:52.0494 2116 [ C5AC93CF3BA30D367FB49148A2B673B9 ] C:\Windows\System32\PrintIsolationProxy.dll
12:41:52.0494 2116 C:\Windows\System32\PrintIsolationProxy.dll - ok
12:41:52.0509 2116 [ 5F552F1DD619482E9F37A17914B0B5CD ] C:\Windows\System32\KMPJL64.DLL
12:41:52.0509 2116 C:\Windows\System32\KMPJL64.DLL - ok
12:41:52.0525 2116 [ 19E41CCCEE697CC9465396B370929792 ] C:\Windows\System32\FXSMON.dll
12:41:52.0525 2116 C:\Windows\System32\FXSMON.dll - ok
12:41:52.0540 2116 [ 32A3C8600AF124CBAAD845F13CFAE3CB ] C:\Windows\System32\tcpmon.dll
12:41:52.0540 2116 C:\Windows\System32\tcpmon.dll - ok
12:41:52.0556 2116 [ 93518C6EDE0B61BCBD02BDB02BD05FEE ] C:\Windows\System32\snmpapi.dll
12:41:52.0556 2116 C:\Windows\System32\snmpapi.dll - ok
12:41:52.0572 2116 [ FFF9D00CF16397C64317F213484F94BD ] C:\Windows\System32\wsnmp32.dll
12:41:52.0572 2116 C:\Windows\System32\wsnmp32.dll - ok
12:41:52.0587 2116 [ DF72A9936D0C3F517083119648814B09 ] C:\Windows\System32\usbmon.dll
12:41:52.0587 2116 C:\Windows\System32\usbmon.dll - ok
12:41:52.0603 2116 [ A1D7E3ADCDB07DDB6F423862DCB1A52B ] C:\Windows\System32\WSDMon.dll
12:41:52.0603 2116 C:\Windows\System32\WSDMon.dll - ok
12:41:52.0618 2116 [ 4581716B4BF76ACFD8E167EB0B26D82A ] C:\Windows\System32\fdPnp.dll
12:41:52.0618 2116 C:\Windows\System32\fdPnp.dll - ok
12:41:52.0634 2116 [ 1D626FE2E13C1CE49CA0136CFF214E93 ] C:\Windows\System32\spool\prtprocs\x64\winprint.dll
12:41:52.0634 2116 C:\Windows\System32\spool\prtprocs\x64\winprint.dll - ok
12:41:52.0650 2116 [ 548CB980D7876E207CC9F8B60C1587A3 ] C:\Windows\System32\win32spl.dll
12:41:52.0650 2116 C:\Windows\System32\win32spl.dll - ok
12:41:52.0665 2116 [ 507D5567A0A4EE86C4B0CE2CE1777025 ] C:\Windows\System32\inetpp.dll
12:41:52.0665 2116 C:\Windows\System32\inetpp.dll - ok
12:41:52.0681 2116 [ 1BF0CB861A48FEB1638228760750F3CB ] C:\Windows\System32\cscapi.dll
12:41:52.0681 2116 C:\Windows\System32\cscapi.dll - ok
12:41:52.0681 2116 [ BF1FC3F79B863C914687A737C2F3D681 ] C:\Windows\System32\wdi.dll
12:41:52.0681 2116 C:\Windows\System32\wdi.dll - ok
12:41:52.0696 2116 [ 79E80B10FE8F6662E0C9162A68C43444 ] C:\Program Files\Microsoft Security Client\NisSrv.exe
12:41:52.0696 2116 C:\Program Files\Microsoft Security Client\NisSrv.exe - ok
12:41:52.0712 2116 [ 132045285DCC8654C14F1CFB4A8DCDA1 ] C:\Program Files\Microsoft Security Client\NisLog.dll
12:41:52.0712 2116 C:\Program Files\Microsoft Security Client\NisLog.dll - ok
12:41:52.0728 2116 [ BF4AC709BE5BF64F331F5D67773A0C82 ] C:\Windows\System32\perftrack.dll
12:41:52.0728 2116 C:\Windows\System32\perftrack.dll - ok
12:41:52.0743 2116 [ F7073C962C4FB7C415565DDE109DE49F ] C:\Windows\System32\npmproxy.dll
12:41:52.0743 2116 C:\Windows\System32\npmproxy.dll - ok
12:41:52.0759 2116 [ BD9EB3958F213F96B97B1D897DEE006D ] C:\Windows\System32\hidserv.dll
12:41:52.0759 2116 C:\Windows\System32\hidserv.dll - ok
12:41:52.0774 2116 [ 517110BD83835338C037269E603DB55D ] C:\Windows\System32\taskhost.exe
12:41:52.0774 2116 C:\Windows\System32\taskhost.exe - ok
12:41:52.0790 2116 [ 4449D23E8F197862F1B16F1E6C89C36C ] C:\Windows\System32\diagperf.dll
12:41:52.0790 2116 C:\Windows\System32\diagperf.dll - ok
12:41:52.0806 2116 [ 4F15D75ADF6156BF56ECED6D4A55C389 ] C:\Windows\System32\IPSECSVC.DLL
12:41:52.0806 2116 C:\Windows\System32\IPSECSVC.DLL - ok
12:41:52.0821 2116 [ 93221146D4EBBF314C29B23CD6CC391D ] C:\Windows\System32\wpdbusenum.dll
12:41:52.0821 2116 C:\Windows\System32\wpdbusenum.dll - ok
12:41:52.0837 2116 [ 9BC93C9ACFA34DB5A41B89357B31E4ED ] C:\Windows\System32\FwRemoteSvr.dll
12:41:52.0837 2116 C:\Windows\System32\FwRemoteSvr.dll - ok
12:41:52.0837 2116 [ 9719E3D834F5C8C43F56A93DFA497023 ] C:\Windows\System32\pnpts.dll
12:41:52.0837 2116 C:\Windows\System32\pnpts.dll - ok
12:41:52.0852 2116 [ E811F8510B133E70CF6E509FB809824F ] C:\Windows\System32\wdiasqmmodule.dll
12:41:52.0852 2116 C:\Windows\System32\wdiasqmmodule.dll - ok
12:41:52.0868 2116 [ E1B22739C933BE33F53DB58C5393ADD3 ] C:\Windows\System32\Apphlpdm.dll
12:41:52.0868 2116 C:\Windows\System32\Apphlpdm.dll - ok
12:41:52.0884 2116 [ E629F1A051C82795DDFFD3E8D4855811 ] C:\Windows\System32\dimsjob.dll
12:41:52.0884 2116 C:\Windows\System32\dimsjob.dll - ok
12:41:52.0899 2116 [ F24F083224944042B1F3CF5B7A1BA1EE ] C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{3E01AC73-0CC1-4029-B7D5-9C1244535750}\gapaengine.dll
12:41:52.0899 2116 C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{3E01AC73-0CC1-4029-B7D5-9C1244535750}\gapaengine.dll - ok
12:41:52.0915 2116 [ 79AFFC7FEEA9CD2FEFEA5EF3B631A02C ] C:\Windows\System32\ndiscapCfg.dll
12:41:52.0915 2116 C:\Windows\System32\ndiscapCfg.dll - ok
12:41:52.0930 2116 [ 2DF29664ED261F0FC448E58F338F0671 ] C:\Windows\System32\mprapi.dll
12:41:52.0930 2116 C:\Windows\System32\mprapi.dll - ok
12:41:52.0946 2116 [ E64D9EC8018C55873B40FDEE9DBEF5B3 ] C:\Windows\System32\PortableDeviceApi.dll
12:41:52.0946 2116 C:\Windows\System32\PortableDeviceApi.dll - ok
12:41:52.0962 2116 [ 3D6AF45673C4B31CDECD7F80AF09D443 ] C:\Windows\System32\rascfg.dll
12:41:52.0962 2116 C:\Windows\System32\rascfg.dll - ok
12:41:52.0977 2116 [ 1CF21800E337F4039AAD4C94B4280EE4 ] C:\Windows\System32\mprmsg.dll
12:41:52.0977 2116 C:\Windows\System32\mprmsg.dll - ok
12:41:52.0993 2116 [ 5527767F1ADD169320020321EEBA581E ] C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{3E01AC73-0CC1-4029-B7D5-9C1244535750}\nisfull.vdm
12:41:52.0993 2116 C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{3E01AC73-0CC1-4029-B7D5-9C1244535750}\nisfull.vdm - ok
12:41:53.0008 2116 [ 55DE45B116711881C852D2841E4C84DD ] C:\Windows\System32\tcpipcfg.dll
12:41:53.0008 2116 C:\Windows\System32\tcpipcfg.dll - ok
12:41:53.0024 2116 [ 2E2072EB48238FCA8FBB7A9F5FABAC45 ] C:\Windows\System32\winrnr.dll
12:41:53.0024 2116 C:\Windows\System32\winrnr.dll - ok
12:41:53.0040 2116 [ AFA79C343F9D1555F7E5D5FA70BB2A14 ] C:\Windows\System32\PortableDeviceConnectApi.dll
12:41:53.0040 2116 C:\Windows\System32\PortableDeviceConnectApi.dll - ok
12:41:53.0055 2116 [ 35CB97CBC3EDC463418ED4997AAB29B6 ] C:\Windows\System32\pautoenr.dll
12:41:53.0055 2116 C:\Windows\System32\pautoenr.dll - ok
12:41:53.0071 2116 [ ADF3E771F429940E762AC097F5A54EAF ] C:\Program Files\Windows Defender\MpClient.dll
12:41:53.0071 2116 C:\Program Files\Windows Defender\MpClient.dll - ok
12:41:53.0086 2116 [ 94DFBB481BF51158B216E23C5C1C9D6E ] C:\Windows\System32\certcli.dll
12:41:53.0086 2116 C:\Windows\System32\certcli.dll - ok
12:41:53.0102 2116 [ 263B26106606A010CF877472B535E4BB ] C:\Windows\System32\CertEnroll.dll
12:41:53.0102 2116 C:\Windows\System32\CertEnroll.dll - ok
12:41:53.0118 2116 [ AC0C9CEA1218DAB1994AF8B28E680BD9 ] C:\Windows\System32\wlaninst.dll
12:41:53.0118 2116 C:\Windows\System32\wlaninst.dll - ok
12:41:53.0133 2116 [ 5A406C9C8E0880D3EABADC5DFD1ACDAE ] C:\Windows\System32\wwaninst.dll
12:41:53.0133 2116 C:\Windows\System32\wwaninst.dll - ok
12:41:53.0133 2116 [ FBD879D17B26D49DD7A48FF58062FAE6 ] C:\Windows\System32\tdh.dll
12:41:53.0133 2116 C:\Windows\System32\tdh.dll - ok
12:41:53.0149 2116 [ 10F815BE90A66AAFC6C713D1BD626064 ] C:\Windows\System32\pnidui.dll
12:41:53.0149 2116 C:\Windows\System32\pnidui.dll - ok
12:41:53.0164 2116 [ 1EB82516F21F27EED1833B4F9FD9614E ] C:\Windows\System32\wmp.dll
12:41:53.0164 2116 C:\Windows\System32\wmp.dll - ok
12:41:53.0180 2116 [ 46863C4CC5B68EB09EA2D5EEF0F1193A ] C:\Windows\System32\radardt.dll
12:41:53.0180 2116 C:\Windows\System32\radardt.dll - ok
12:41:53.0196 2116 [ A8EDB86FC2A4D6D1285E4C70384AC35A ] C:\Windows\System32\dllhost.exe
12:41:53.0196 2116 C:\Windows\System32\dllhost.exe - ok
12:41:53.0211 2116 [ 14DFDEAF4E589ED3F1FF187A86B9408C ] C:\Windows\winsxs\amd64_microsoft.windows.common-controls_6595b64144ccf1df_5.82.7601.17514_none_a4d6a923711520a9\comctl32.dll
12:41:53.0211 2116 C:\Windows\winsxs\amd64_microsoft.windows.common-controls_6595b64144ccf1df_5.82.7601.17514_none_a4d6a923711520a9\comctl32.dll - ok
12:41:53.0227 2116 [ A0A2C1D812C231C9BFE119FDC68E341B ] C:\Windows\System32\IDStore.dll
12:41:53.0227 2116 C:\Windows\System32\IDStore.dll - ok
12:41:53.0227 2116 [ 4F5A3681A762FBCCC5A02D2DB3A04A79 ] C:\Windows\System32\kbd101a.dll
12:41:53.0242 2116 C:\Windows\System32\kbd101a.dll - ok
12:41:53.0242 2116 [ 06F85BA017A3D9B955AC7A00525ACF6B ] C:\Windows\System32\kbd103.dll
12:41:53.0242 2116 C:\Windows\System32\kbd103.dll - ok
12:41:53.0258 2116 [ D8DAD1E59B580BE2F5C079BCCE33EA96 ] C:\Windows\System32\KBDKOR.DLL
12:41:53.0258 2116 C:\Windows\System32\KBDKOR.DLL - ok
12:41:53.0274 2116 [ 23566F9723771108D2E6CD768AC27407 ] C:\Windows\System32\AtBroker.exe
12:41:53.0274 2116 C:\Windows\System32\AtBroker.exe - ok
12:41:53.0305 2116 [ 6CEF7856A3EFAC59470F6208F0F585CE ] C:\Windows\System32\mpr.dll
12:41:53.0305 2116 C:\Windows\System32\mpr.dll - ok
12:41:53.0352 2116 [ 94EEAC26F57811BD1AEFC164412F7FCE ] C:\Windows\System32\PlaySndSrv.dll
12:41:53.0352 2116 C:\Windows\System32\PlaySndSrv.dll - ok
12:41:53.0383 2116 [ 1F1CA9E99DD5BF918BE0BF30B5A42FDA ] C:\Windows\System32\MsCtfMonitor.dll
12:41:53.0383 2116 C:\Windows\System32\MsCtfMonitor.dll - ok
12:41:53.0398 2116 [ F09A9A1AD21FE618C4C8B0A0D830C886 ] C:\Windows\System32\msutb.dll
12:41:53.0398 2116 C:\Windows\System32\msutb.dll - ok
12:41:53.0398 2116 [ BAFE84E637BF7388C96EF48D4D3FDD53 ] C:\Windows\System32\userinit.exe
12:41:53.0398 2116 C:\Windows\System32\userinit.exe - ok
12:41:53.0414 2116 [ 9BB99503D6A4DD62569EDE9E5E2672A5 ] C:\Windows\System32\HotStartUserAgent.dll
12:41:53.0414 2116 C:\Windows\System32\HotStartUserAgent.dll - ok
12:41:53.0430 2116 [ 65EA57712340C09B1B0C427B4848AE05 ] C:\Windows\System32\taskeng.exe
12:41:53.0430 2116 C:\Windows\System32\taskeng.exe - ok
12:41:53.0445 2116 [ F11A57E91FDAECFB41A5CB21EB1EBC8E ] C:\Windows\System32\dssenh.dll
12:41:53.0445 2116 C:\Windows\System32\dssenh.dll - ok
12:41:53.0461 2116 [ F162D5F5E845B9DC352DD1BAD8CEF1BC ] C:\Windows\System32\dwm.exe
12:41:53.0461 2116 C:\Windows\System32\dwm.exe - ok
12:41:53.0476 2116 [ FCFCD1101C5DA23B4B95F93D02B2C169 ] C:\Windows\System32\dwmredir.dll
12:41:53.0476 2116 C:\Windows\System32\dwmredir.dll - ok
12:41:53.0492 2116 [ 4BA77A5EF71C14C764B0ED4701683E3E ] C:\Windows\System32\dwmcore.dll
12:41:53.0492 2116 C:\Windows\System32\dwmcore.dll - ok
12:41:53.0508 2116 [ 332FEAB1435662FC6C672E25BEB37BE3 ] C:\Windows\explorer.exe
12:41:53.0508 2116 C:\Windows\explorer.exe - ok
12:41:53.0523 2116 [ E1374D37477322D4956604711008C69D ] C:\Windows\System32\d3d10_1.dll
12:41:53.0523 2116 C:\Windows\System32\d3d10_1.dll - ok
12:41:53.0539 2116 [ 426BA4E737A7988FD1202AF2F2B2F4A6 ] C:\Windows\System32\d3d10_1core.dll
12:41:53.0539 2116 C:\Windows\System32\d3d10_1core.dll - ok
12:41:53.0554 2116 [ F404E59DB6A0F122AB26BF4F3E2FD0FA ] C:\Windows\System32\dxgi.dll
12:41:53.0554 2116 C:\Windows\System32\dxgi.dll - ok
12:41:53.0570 2116 [ EED05D42D91835064703E2318552ED25 ] C:\Windows\System32\ExplorerFrame.dll
12:41:53.0570 2116 C:\Windows\System32\ExplorerFrame.dll - ok
12:41:53.0586 2116 [ B4AC3953C16443158DCA772F187DF92C ] C:\Windows\System32\aticfx64.dll
12:41:53.0586 2116 C:\Windows\System32\aticfx64.dll - ok
12:41:53.0601 2116 [ 1D8FF340333F3D023668467574523FCF ] C:\Windows\System32\atiuxp64.dll
12:41:53.0601 2116 C:\Windows\System32\atiuxp64.dll - ok
12:41:53.0617 2116 [ 9E8CFD920F2D542FA9FE9FBD142C2B0A ] C:\Windows\System32\atidxx64.dll
12:41:53.0617 2116 C:\Windows\System32\atidxx64.dll - ok
12:41:53.0617 2116 [ 024352FEEC9042260BB4CFB4D79A206B ] C:\Windows\System32\EhStorShell.dll
12:41:53.0617 2116 C:\Windows\System32\EhStorShell.dll - ok
12:41:53.0632 2116 [ 037A719DAD50603202C978CD802623E4 ] C:\Windows\System32\ntshrui.dll
12:41:53.0632 2116 C:\Windows\System32\ntshrui.dll - ok
12:41:53.0648 2116 [ 49E5753D923F1AC63B22D3DCB0B47E00 ] C:\Windows\System32\uDWM.dll
12:41:53.0648 2116 C:\Windows\System32\uDWM.dll - ok
12:41:53.0664 2116 [ 1D63F4366288B8A7595397E27010FD44 ] C:\Windows\System32\IconCodecService.dll
12:41:53.0664 2116 C:\Windows\System32\IconCodecService.dll - ok
12:41:53.0679 2116 [ 3977D4A871CA0D4F2ED1E7DB46829731 ] C:\Windows\System32\appinfo.dll
12:41:53.0679 2116 C:\Windows\System32\appinfo.dll - ok
12:41:53.0695 2116 [ 198803E5E93E29967DFB0BCFD0186151 ] C:\Windows\System32\spfileq.dll
12:41:53.0695 2116 C:\Windows\System32\spfileq.dll - ok
12:41:53.0710 2116 [ 805A52C5AE26C28E88FDD9BCCFE6F312 ] C:\Windows\System32\TSChannel.dll
12:41:53.0710 2116 C:\Windows\System32\TSChannel.dll - ok
12:41:53.0726 2116 [ F02A533F517EB38333CB12A9E8963773 ] C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
12:41:53.0726 2116 C:\Program Files (x86)\Google\Update\GoogleUpdate.exe - ok
12:41:53.0742 2116 [ 9FF47CD8A3787C8FD3CDFE40441C722E ] C:\Program Files (x86)\Google\Update\1.3.21.123\goopdate.dll
12:41:53.0742 2116 C:\Program Files (x86)\Google\Update\1.3.21.123\goopdate.dll - ok
12:41:53.0773 2116 [ 025E7DBDB98866ED3CB2D4DDA70B364D ] C:\Windows\System32\runonce.exe
12:41:53.0773 2116 C:\Windows\System32\runonce.exe - ok
12:41:53.0804 2116 [ 2FCA0D2C59A855C54BAFA22AA329DF0F ] C:\Windows\SysWOW64\netapi32.dll
12:41:53.0804 2116 C:\Windows\SysWOW64\netapi32.dll - ok
12:41:53.0820 2116 [ 20B3934DB73EABA2B49B7177873CB81F ] C:\Windows\SysWOW64\netutils.dll
12:41:53.0820 2116 C:\Windows\SysWOW64\netutils.dll - ok
12:41:53.0835 2116 [ 5CCDCD40E732D54E0F7451AC66AC1C87 ] C:\Windows\SysWOW64\srvcli.dll
12:41:53.0835 2116 C:\Windows\SysWOW64\srvcli.dll - ok
12:41:53.0851 2116 [ E5A4A1326A02F8E7B59E6C3270CE7202 ] C:\Windows\SysWOW64\wkscli.dll
12:41:53.0851 2116 C:\Windows\SysWOW64\wkscli.dll - ok
12:41:53.0866 2116 [ D44741F65A1D71F65814A12CF6E2400A ] C:\Windows\SysWOW64\runonce.exe
12:41:53.0866 2116 C:\Windows\SysWOW64\runonce.exe - ok
12:41:53.0882 2116 [ 352B3DC62A0D259A82A052238425C872 ] C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2\comctl32.dll
12:41:53.0882 2116 C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2\comctl32.dll - ok
12:41:53.0913 2116 [ 43964FA89CCF97BA6BE34D69455AC65F ] C:\Windows\SysWOW64\uxtheme.dll
12:41:53.0913 2116 C:\Windows\SysWOW64\uxtheme.dll - ok
12:41:53.0929 2116 [ B2DB6ABA2E292235749B80A9C3DFA867 ] C:\Windows\SysWOW64\imagehlp.dll
12:41:53.0929 2116 C:\Windows\SysWOW64\imagehlp.dll - ok
12:41:53.0944 2116 [ A6C29DB53ECA94FA8591C5388D604B82 ] C:\Windows\SysWOW64\msi.dll
12:41:53.0944 2116 C:\Windows\SysWOW64\msi.dll - ok
12:41:53.0960 2116 [ 6C765E82B57F2E66CE9C54AC238471D9 ] C:\Windows\SysWOW64\oleaut32.dll
12:41:53.0960 2116 C:\Windows\SysWOW64\oleaut32.dll - ok
12:41:53.0976 2116 [ 10FB16B50AFFDA6D44588F3C445DC273 ] C:\Windows\SysWOW64\setupapi.dll
12:41:53.0976 2116 C:\Windows\SysWOW64\setupapi.dll - ok
12:41:53.0991 2116 [ F436E847FA799ECD75AD8C313673F450 ] C:\Windows\SysWOW64\cfgmgr32.dll
12:41:53.0991 2116 C:\Windows\SysWOW64\cfgmgr32.dll - ok
12:41:54.0007 2116 [ 9CB0D2A9A77D91D9614355EE9FF00519 ] C:\Windows\SysWOW64\wininet.dll
12:41:54.0007 2116 C:\Windows\SysWOW64\wininet.dll - ok
12:41:54.0022 2116 [ 2EEFF4502F5E13B1BED4A04CCAD64C08 ] C:\Windows\SysWOW64\devobj.dll
12:41:54.0022 2116 C:\Windows\SysWOW64\devobj.dll - ok
12:41:54.0038 2116 [ FF5688D309347F2720911D8796912834 ] C:\Windows\SysWOW64\clbcatq.dll
12:41:54.0038 2116 C:\Windows\SysWOW64\clbcatq.dll - ok
12:41:54.0069 2116 [ 3178C47DB9F1615E5334029607BD3459 ] C:\Windows\SysWOW64\iertutil.dll
12:41:54.0069 2116 C:\Windows\SysWOW64\iertutil.dll - ok
12:41:54.0085 2116 [ FC4EE980C3BD87D35816EC55007E00B5 ] C:\Windows\SysWOW64\urlmon.dll
12:41:54.0085 2116 C:\Windows\SysWOW64\urlmon.dll - ok
12:41:54.0100 2116 [ 12C45E3CB6D65F73209549E2D02ECA7A ] C:\Windows\SysWOW64\propsys.dll
12:41:54.0100 2116 C:\Windows\SysWOW64\propsys.dll - ok
12:41:54.0116 2116 [ 3FD15B4611D9BDA3F8013548C0ECAECA ] C:\Windows\SysWOW64\ntmarta.dll
12:41:54.0116 2116 C:\Windows\SysWOW64\ntmarta.dll - ok
12:41:54.0116 2116 [ A8BB45F9ECAD993461E0FEF8E2A99152 ] C:\Windows\SysWOW64\Wldap32.dll
12:41:54.0116 2116 C:\Windows\SysWOW64\Wldap32.dll - ok
12:41:54.0132 2116 [ 465BEA35F7ED4A4A57686DEA7EA10F47 ] C:\Windows\SysWOW64\cscapi.dll
12:41:54.0132 2116 C:\Windows\SysWOW64\cscapi.dll - ok
12:41:54.0147 2116 [ 53223B673A3FA2F9A4D1C31C8D3F6CD8 ] C:\Windows\SysWOW64\dbghelp.dll
12:41:54.0147 2116 C:\Windows\SysWOW64\dbghelp.dll - ok
12:41:54.0163 2116 [ F93674263F6B07C77956E966953242D9 ] C:\Windows\SysWOW64\secur32.dll
12:41:54.0163 2116 C:\Windows\SysWOW64\secur32.dll - ok
12:41:54.0194 2116 [ 863F793D15B4026B1A5FDECA873D4D84 ] C:\Windows\SysWOW64\apphelp.dll
12:41:54.0194 2116 C:\Windows\SysWOW64\apphelp.dll - ok
12:41:54.0210 2116 [ AE5A69F44C1F97EDC83237FC0B29B6FB ] C:\Program Files (x86)\Google\Update\1.3.21.123\GoogleCrashHandler.exe
12:41:54.0210 2116 C:\Program Files (x86)\Google\Update\1.3.21.123\GoogleCrashHandler.exe - ok
12:41:54.0225 2116 [ AD7B9C14083B52BC532FBA5948342B98 ] C:\Windows\SysWOW64\cmd.exe
12:41:54.0225 2116 C:\Windows\SysWOW64\cmd.exe - ok
12:41:54.0241 2116 [ 41938F2C1642459CBBA691B5DBD6395A ] C:\Program Files (x86)\Google\Update\1.3.21.123\GoogleCrashHandler64.exe
12:41:54.0241 2116 C:\Program Files (x86)\Google\Update\1.3.21.123\GoogleCrashHandler64.exe - ok
12:41:54.0256 2116 [ C5A99A4C0DC9F0F5A95BA0C83D30A549 ] C:\Windows\SysWOW64\mstask.dll
12:41:54.0256 2116 C:\Windows\SysWOW64\mstask.dll - ok
12:41:54.0272 2116 [ 4B78B431F225FD8624C5655CB1DE7B61 ] C:\Windows\System32\aelupsvc.dll
12:41:54.0272 2116 C:\Windows\System32\aelupsvc.dll - ok
12:41:54.0288 2116 [ FCE23E27F62989AD0BB88E256E847A41 ] C:\Windows\System32\CertPolEng.dll
12:41:54.0288 2116 C:\Windows\System32\CertPolEng.dll - ok
12:41:54.0303 2116 [ 326C7F76A29897A892AA7726E91C1C67 ] C:\Windows\SysWOW64\winbrand.dll
12:41:54.0303 2116 C:\Windows\SysWOW64\winbrand.dll - ok
12:41:54.0303 2116 [ A6B73FCB9496DB101F3066CAF5A7DA4B ] C:\Windows\SysWOW64\ieframe.dll
12:41:54.0303 2116 C:\Windows\SysWOW64\ieframe.dll - ok
12:41:54.0319 2116 [ A7A8CA53D9C9FD90C07AB0EB38E5316B ] C:\Windows\System32\dbghelp.dll
12:41:54.0319 2116 C:\Windows\System32\dbghelp.dll - ok
12:41:54.0366 2116 [ 8E01332CC4B68BC6B5B7EFFE374442AA ] C:\Windows\SysWOW64\oleacc.dll
12:41:54.0366 2116 C:\Windows\SysWOW64\oleacc.dll - ok
12:41:54.0366 2116 [ BE247AE996A9FDE007A27B51413A6C79 ] C:\Windows\SysWOW64\shdocvw.dll
12:41:54.0366 2116 C:\Windows\SysWOW64\shdocvw.dll - ok
12:41:54.0381 2116 [ 22F020C76E339EB2B2187BA73A7E4173 ] C:\Windows\System32\PrintIsolationHost.exe
12:41:54.0381 2116 C:\Windows\System32\PrintIsolationHost.exe - ok
12:41:54.0397 2116 [ CB8328E579979EE3A639920625645563 ] C:\Windows\System32\spool\drivers\x64\3\KMUC53B3.DLL
12:41:54.0397 2116 C:\Windows\System32\spool\drivers\x64\3\KMUC53B3.DLL - ok
12:41:54.0412 2116 [ EBC984F0CE40E0DAF0454D806EC2A7EC ] C:\Users\Jessie\AppData\Local\Temp\D8BA8F78-33AA-4853-A486-38C123B53147.exe
12:41:54.0412 2116 C:\Users\Jessie\AppData\Local\Temp\D8BA8F78-33AA-4853-A486-38C123B53147.exe - ok
12:41:54.0428 2116 [ FDFEA82F1B276724A33B6BB91BB60A93 ] C:\Windows\System32\spool\drivers\x64\3\KMUU53B3.DLL
12:41:54.0428 2116 C:\Windows\System32\spool\drivers\x64\3\KMUU53B3.DLL - ok
12:41:54.0475 2116 [ 591FE0A6CEB19BF886CEB1331F591940 ] C:\Windows\SysWOW64\ncrypt.dll
12:41:54.0475 2116 C:\Windows\SysWOW64\ncrypt.dll - ok
12:41:54.0490 2116 [ CE71B9119A258EDD0A05B37D7B0F92E3 ] C:\Windows\SysWOW64\bcrypt.dll
12:41:54.0490 2116 C:\Windows\SysWOW64\bcrypt.dll - ok
12:41:54.0506 2116 [ E8449FE262D7406BCB2AC2A45C53EC5F ] C:\Windows\SysWOW64\bcryptprimitives.dll
12:41:54.0506 2116 C:\Windows\SysWOW64\bcryptprimitives.dll - ok
12:41:54.0522 2116 [ 1097F3035BAF46CED8B332B3564C5108 ] C:\Windows\SysWOW64\gpapi.dll
12:41:54.0522 2116 C:\Windows\SysWOW64\gpapi.dll - ok
12:41:54.0537 2116 [ CA79539D3D4C0BA66F0F051A5EE5E923 ] C:\Windows\SysWOW64\cryptnet.dll
12:41:54.0537 2116 C:\Windows\SysWOW64\cryptnet.dll - ok
12:41:54.0553 2116 [ 6F8E3B7B70E1BBA871212940C1FBDF60 ] C:\Windows\SysWOW64\SensApi.dll
12:41:54.0553 2116 C:\Windows\SysWOW64\SensApi.dll - ok
12:41:54.0568 2116 [ 39C5F32747B3414D1BB216FDB1DEFC58 ] C:\Windows\SysWOW64\dwmapi.dll
12:41:54.0568 2116 C:\Windows\SysWOW64\dwmapi.dll - ok
12:41:54.0568 2116 [ 1DB71A41DAEE6B3F8CD0DDA8209FA2D5 ] C:\Windows\SysWOW64\WindowsCodecs.dll
12:41:54.0584 2116 C:\Windows\SysWOW64\WindowsCodecs.dll - ok
12:41:54.0584 2116 [ 846D0E4DB261CFAF363902E41498E961 ] C:\Windows\SysWOW64\EhStorShell.dll
12:41:54.0584 2116 C:\Windows\SysWOW64\EhStorShell.dll - ok
12:41:54.0600 2116 [ 03F3B770DFBED6131653CEDA8CA780F0 ] C:\Windows\SysWOW64\ntshrui.dll
12:41:54.0600 2116 C:\Windows\SysWOW64\ntshrui.dll - ok
12:41:54.0615 2116 [ 8B74CEC6980D4816B0037AE9A27E538F ] C:\Windows\SysWOW64\slc.dll
12:41:54.0615 2116 C:\Windows\SysWOW64\slc.dll - ok
12:41:54.0631 2116 [ 827CB0D6C3F8057EA037FF271F8E9795 ] C:\Windows\SysWOW64\imageres.dll
12:41:54.0631 2116 C:\Windows\SysWOW64\imageres.dll - ok
12:41:54.0646 2116 [ 523CF74A52C9A1762DA8B83AEE734498 ] C:\Windows\SysWOW64\IconCodecService.dll
12:41:54.0646 2116 C:\Windows\SysWOW64\IconCodecService.dll - ok
12:41:54.0662 2116 [ 522B0466ED967A0762E9AF5B37D8F40A ] C:\Windows\System32\esent.dll
12:41:54.0662 2116 C:\Windows\System32\esent.dll - ok
12:41:54.0678 2116 [ 40CAEEE0EAF1B8569F7C8DF6420F2CB9 ] C:\Windows\SysWOW64\sfc.dll
12:41:54.0678 2116 C:\Windows\SysWOW64\sfc.dll - ok
12:41:54.0693 2116 [ 84799328D87B3091A3BDD251E1AD31F9 ] C:\Windows\SysWOW64\sfc_os.dll
12:41:54.0693 2116 C:\Windows\SysWOW64\sfc_os.dll - ok
12:41:54.0709 2116 [ 162D247E995EAEBF3EF4289069E1111C ] C:\Windows\SysWOW64\devrtl.dll
12:41:54.0709 2116 C:\Windows\SysWOW64\devrtl.dll - ok
12:41:54.0724 2116 [ B519848DFA30AE2B306576B51321D102 ] C:\Windows\System32\ie4uinit.exe
12:41:54.0724 2116 C:\Windows\System32\ie4uinit.exe - ok
12:41:54.0724 2116 [ CA9F7888B524D8100B977C81F44C3234 ] C:\Windows\SysWOW64\winhttp.dll
12:41:54.0724 2116 C:\Windows\SysWOW64\winhttp.dll - ok
12:41:54.0740 2116 [ FB19FC5951A88F3C523E35C2C98D23C0 ] C:\Windows\SysWOW64\webio.dll
12:41:54.0740 2116 C:\Windows\SysWOW64\webio.dll - ok
12:41:54.0756 2116 [ 2C647ABE9A424E55B5F3DAE4629B4277 ] C:\Windows\System32\themeui.dll
12:41:54.0756 2116 C:\Windows\System32\themeui.dll - ok
12:41:54.0771 2116 [ FB10715E4099AF9FA389C71873245226 ] C:\Windows\System32\timedate.cpl
12:41:54.0771 2116 C:\Windows\System32\timedate.cpl - ok
12:41:54.0787 2116 [ E6F0F82788E8BD0F7A616350EFA0761C ] C:\Windows\System32\actxprxy.dll
12:41:54.0787 2116 C:\Windows\System32\actxprxy.dll - ok
12:41:54.0802 2116 [ C4F40F6CACD796A8E16671D0E9A2F319 ] C:\Windows\System32\shdocvw.dll
12:41:54.0802 2116 C:\Windows\System32\shdocvw.dll - ok
12:41:54.0818 2116 [ A0A65D306A5490D2EB8E7DE66898ECFD ] C:\Windows\System32\linkinfo.dll
12:41:54.0818 2116 C:\Windows\System32\linkinfo.dll - ok
12:41:54.0834 2116 [ 661CEEDE98A2E0E5CDD7DE239EB38353 ] C:\PROGRA~2\WIC4A1~1\MESSEN~1\msgslang.dll
12:41:54.0834 2116 C:\PROGRA~2\WIC4A1~1\MESSEN~1\msgslang.dll - ok
12:41:54.0849 2116 [ 1EAC1A8CA6874BF5B15E2EFB9A9A7B86 ] C:\Windows\System32\msftedit.dll
12:41:54.0849 2116 C:\Windows\System32\msftedit.dll - ok
12:41:54.0865 2116 [ 3504B34CD2DE00BA3CC1A195F1B739BD ] C:\Windows\System32\gameux.dll
12:41:54.0865 2116 C:\Windows\System32\gameux.dll - ok
12:41:54.0880 2116 [ 7FCAB194F01E3403C300EB034E480B36 ] C:\Windows\System32\msls31.dll
12:41:54.0880 2116 C:\Windows\System32\msls31.dll - ok
12:41:54.0896 2116 [ 7DBA84667DC18877AEF693E3543DFAD7 ] C:\Program Files\Common Files\Microsoft Shared\ink\tiptsf.dll
12:41:54.0896 2116 C:\Program Files\Common Files\Microsoft Shared\ink\tiptsf.dll - ok
12:41:54.0896 2116 [ 4E5FE39C1076D115EC8BFCFE14D75B80 ] C:\Windows\SysWOW64\credssp.dll
12:41:54.0896 2116 C:\Windows\SysWOW64\credssp.dll - ok
12:41:54.0912 2116 [ 8999B8631C7FD9F7F9EC3CAFD953BA24 ] C:\Windows\SysWOW64\mswsock.dll
12:41:54.0912 2116 C:\Windows\SysWOW64\mswsock.dll - ok
12:41:54.0927 2116 [ EE5C8E27C37B79CB54A2FCEEED2DC262 ] C:\Windows\SysWOW64\WSHTCPIP.DLL
12:41:54.0927 2116 C:\Windows\SysWOW64\WSHTCPIP.DLL - ok
12:41:54.0943 2116 [ 73E8667A19FEEDD856DF2695E9E511D4 ] C:\Windows\SysWOW64\wship6.dll
12:41:54.0943 2116 C:\Windows\SysWOW64\wship6.dll - ok
12:41:54.0958 2116 [ B40420876B9288E0A1C8CCA8A84E5DC9 ] C:\Windows\SysWOW64\dnsapi.dll
12:41:54.0958 2116 C:\Windows\SysWOW64\dnsapi.dll - ok
12:41:54.0974 2116 [ BCFF8CD24809941E28C73185FC58CA39 ] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
12:41:54.0974 2116 C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe - ok
12:41:54.0990 2116 [ 12B79422A23814429CDA9E734C58F78F ] C:\Program Files (x86)\Common Files\microsoft shared\Windows Live\WLIDNSP.DLL
12:41:54.0990 2116 C:\Program Files (x86)\Common Files\microsoft shared\Windows Live\WLIDNSP.DLL - ok
12:41:55.0005 2116 [ 5EB6E9C8BE1ACC5830780E0F9A846255 ] C:\Windows\System32\msi.dll
12:41:55.0005 2116 C:\Windows\System32\msi.dll - ok
12:41:55.0052 2116 [ 69754747274B76E7FAF287239333D7E6 ] C:\Windows\System32\msiltcfg.dll
12:41:55.0052 2116 C:\Windows\System32\msiltcfg.dll - ok
12:41:55.0052 2116 [ ED6EE83D61EBC683C2CD8E899EA6FEBE ] C:\Windows\SysWOW64\rasadhlp.dll
12:41:55.0052 2116 C:\Windows\SysWOW64\rasadhlp.dll - ok
12:41:55.0068 2116 [ 0BE126224273ACB0925C07B30A0E4209 ] C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
12:41:55.0068 2116 C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe - ok
12:41:55.0099 2116 [ 439669E153EF11FA16861EC33D4AFC81 ] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
12:41:55.0099 2116 C:\Program Files\Synaptics\SynTP\SynTPEnh.exe - ok
12:41:55.0114 2116 [ 24F4B480F335A6C724AF352253C5D98B ] C:\Windows\System32\thumbcache.dll
12:41:55.0114 2116 C:\Windows\System32\thumbcache.dll - ok
12:41:55.0161 2116 [ 03A03A453F1AAAE0C73AAAF895321C7A ] C:\Windows\SysWOW64\FWPUCLNT.DLL
12:41:55.0161 2116 C:\Windows\SysWOW64\FWPUCLNT.DLL - ok
12:41:55.0177 2116 [ C5BCAB2B9BD316DDFD53D4CB5E1C438D ] C:\Program Files\TOSHIBA\Power Saver\TPwrMain.exe
12:41:55.0177 2116 C:\Program Files\TOSHIBA\Power Saver\TPwrMain.exe - ok
12:41:55.0208 2116 [ DC604BBAF9F613D150CC6060E0E47788 ] C:\Program Files\TOSHIBA\FlashCards\TCrdMain.exe
12:41:55.0208 2116 C:\Program Files\TOSHIBA\FlashCards\TCrdMain.exe - ok
12:41:55.0224 2116 [ 585FED4CDB8034B8B58AEB8008255817 ] C:\Windows\System32\opengl32.dll
12:41:55.0224 2116 C:\Windows\System32\opengl32.dll - ok
12:41:55.0239 2116 [ DFD8F75F0E27D522AB8424AD71719C8B ] C:\Program Files\TOSHIBA\TBS\HSON.exe
12:41:55.0239 2116 C:\Program Files\TOSHIBA\TBS\HSON.exe - ok
12:41:55.0270 2116 [ D70D6B42933C1174FE961F0BCA3573A3 ] C:\Program Files\TOSHIBA\FlashCards\TCrdEvnt.dll
12:41:55.0270 2116 C:\Program Files\TOSHIBA\FlashCards\TCrdEvnt.dll - ok
12:41:55.0286 2116 [ 405F4D32D2185F1F1BD753D8EEAFFB3A ] C:\Windows\System32\networkexplorer.dll
12:41:55.0286 2116 C:\Windows\System32\networkexplorer.dll - ok
12:41:55.0333 2116 [ 76849AB697E63D85CC35DD2F8AEA1C6B ] C:\Program Files\TOSHIBA\FlashCards\TCrdMain.dll
12:41:55.0333 2116 C:\Program Files\TOSHIBA\FlashCards\TCrdMain.dll - ok
12:41:55.0364 2116 [ A6C09924C6730DE8DEED9890A12AA691 ] C:\Windows\System32\ddraw.dll
12:41:55.0364 2116 C:\Windows\System32\ddraw.dll - ok
12:41:55.0380 2116 [ F2967C0A97C0EA67D79D7F557213950D ] C:\Windows\System32\glu32.dll
12:41:55.0380 2116 C:\Windows\System32\glu32.dll - ok
12:41:55.0411 2116 [ 29C22748937F45C26590909E9F8E7137 ] C:\Windows\System32\dciman32.dll
12:41:55.0411 2116 C:\Windows\System32\dciman32.dll - ok
12:41:55.0442 2116 [ E424B3EF666B184CEE0B6871AAA8C9F6 ] C:\Windows\System32\msimg32.dll
12:41:55.0442 2116 C:\Windows\System32\msimg32.dll - ok
12:41:55.0458 2116 [ 263E9A047D17CD50BAA9D3C02910D18D ] C:\Windows\System32\oledlg.dll
12:41:55.0458 2116 C:\Windows\System32\oledlg.dll - ok
12:41:55.0473 2116 [ 565E25C82AAE17EA97884B43F05A720E ] C:\Windows\System32\SynCOM.dll
12:41:55.0473 2116 C:\Windows\System32\SynCOM.dll - ok
12:41:55.0489 2116 [ 4936B83586C1F81630AE9C8EED6E356A ] C:\Windows\System32\SynTPAPI.dll
12:41:55.0489 2116 C:\Windows\System32\SynTPAPI.dll - ok
12:41:55.0504 2116 [ 4C2C4640BF23AAFCF90519E0F34436CE ] C:\Windows\System32\DeviceCenter.dll
12:41:55.0504 2116 C:\Windows\System32\DeviceCenter.dll - ok
12:41:55.0520 2116 [ 9110FFAD124283F37D38771BB60556AF ] C:\Windows\System32\dsound.dll
12:41:55.0520 2116 C:\Windows\System32\dsound.dll - ok
12:41:55.0520 2116 [ 6B8966ECB093271DE794286850432225 ] C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
12:41:55.0520 2116 C:\Program Files\Synaptics\SynTP\SynTPHelper.exe - ok
12:41:55.0536 2116 [ 0F042176F243D71C552E9D07D2FCB141 ] C:\Program Files\TOSHIBA\FlashCards\BlackPng.dll
12:41:55.0536 2116 C:\Program Files\TOSHIBA\FlashCards\BlackPng.dll - ok
12:41:55.0551 2116 [ F82483A80D49ACCA81193A294FB233CD ] C:\Program Files\TOSHIBA\TosVolRegulator\TosVolRegulator.exe
12:41:55.0551 2116 C:\Program Files\TOSHIBA\TosVolRegulator\TosVolRegulator.exe - ok
12:41:55.0567 2116 [ 5F639198C4137075DA50E61C23963C11 ] C:\Windows\System32\drprov.dll
12:41:55.0567 2116 C:\Windows\System32\drprov.dll - ok
12:41:55.0582 2116 [ BC566D17914B07ABAAB3A5A385CC3300 ] C:\Windows\System32\ntlanman.dll
12:41:55.0582 2116 C:\Windows\System32\ntlanman.dll - ok
12:41:55.0598 2116 [ 426350B428CD70D037A3326EB9E5EDFD ] C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosWaitSrv.exe
12:41:55.0598 2116 C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosWaitSrv.exe - ok
12:41:55.0614 2116 [ 0B5511674394666E9D221F8681B2C2E6 ] C:\Windows\System32\consent.exe
12:41:55.0614 2116 C:\Windows\System32\consent.exe - ok
12:41:55.0629 2116 [ B3A33600DCDFB84D7FBE09ADEB1C9B8A ] C:\Windows\System32\davclnt.dll
12:41:55.0629 2116 C:\Windows\System32\davclnt.dll - ok
12:41:55.0645 2116 [ 45B24A357C801CE62052FE0CDC8BD4D2 ] C:\Windows\System32\davhlpr.dll
12:41:55.0645 2116 C:\Windows\System32\davhlpr.dll - ok
12:41:55.0660 2116 [ 0DC6669BC2B552C0ECC905B6B761F508 ] C:\Program Files\Microsoft Security Client\msseces.exe
12:41:55.0660 2116 C:\Program Files\Microsoft Security Client\msseces.exe - ok
12:41:55.0692 2116 [ 9C96B167C21F6DCCF68E96853B0A8F93 ] C:\Program Files\TOSHIBA\FlashCards\FnPRTSC.dll
12:41:55.0692 2116 C:\Program Files\TOSHIBA\FlashCards\FnPRTSC.dll - ok
12:41:55.0707 2116 [ DD81D91FF3B0763C392422865C9AC12E ] C:\Windows\System32\rundll32.exe
12:41:55.0707 2116 C:\Windows\System32\rundll32.exe - ok
12:41:55.0723 2116 [ 5D61BE7DB55B026A5D61A3EED09D0EAD ] C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
12:41:55.0723 2116 C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe - ok
12:41:55.0738 2116 [ BE56D0547E24644DEEB19397521B1EAA ] C:\Program Files (x86)\Google\GoogleToolbarNotifier\5.7.7529.1424\gtn.dll
12:41:55.0738 2116 C:\Program Files (x86)\Google\GoogleToolbarNotifier\5.7.7529.1424\gtn.dll - ok
12:41:55.0754 2116 [ EFE8A50B9AE0205D399E94E89E244E65 ] C:\Program Files\TOSHIBA\Power Saver\TCooling.dll
12:41:55.0754 2116 C:\Program Files\TOSHIBA\Power Saver\TCooling.dll - ok
12:41:55.0785 2116 [ 839F96DBAAFD3353E0B248A5E0BD2A51 ] C:\Windows\SysWOW64\rasapi32.dll
12:41:55.0785 2116 C:\Windows\SysWOW64\rasapi32.dll - ok
12:41:55.0816 2116 [ FFA7172354B9256DBB2CDD75F16F33FE ] C:\Windows\SysWOW64\rasman.dll
12:41:55.0816 2116 C:\Windows\SysWOW64\rasman.dll - ok
12:41:55.0848 2116 [ E542A10321E884C2C50290AC67E82DAE ] C:\Program Files\TOSHIBA\Power Saver\TOddPwr.dll
12:41:55.0848 2116 C:\Program Files\TOSHIBA\Power Saver\TOddPwr.dll - ok
12:41:55.0879 2116 [ CACB1FB9B211A8BEF470A78FC573AEBA ] C:\Program Files\TOSHIBA\FlashCards\Hotkey\Brightness.dll
12:41:55.0879 2116 C:\Program Files\TOSHIBA\FlashCards\Hotkey\Brightness.dll - ok
12:41:55.0894 2116 [ 241AF87821FDA0F5792037B779F49BE0 ] C:\Windows\winsxs\amd64_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.6161_none_08e61857a83bc251\msvcp90.dll
12:41:55.0894 2116 C:\Windows\winsxs\amd64_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.6161_none_08e61857a83bc251\msvcp90.dll - ok
12:41:55.0926 2116 [ 60FB378B6D1C80DC69DD80F8E05D4346 ] C:\Program Files\TOSHIBA\Power Saver\TPwrSrv.dll
12:41:55.0926 2116 C:\Program Files\TOSHIBA\Power Saver\TPwrSrv.dll - ok
12:41:55.0957 2116 [ 0915C4DB6DBC3BB9E11B7ECBBE4B7159 ] C:\Windows\SysWOW64\rtutils.dll
12:41:55.0957 2116 C:\Windows\SysWOW64\rtutils.dll - ok
12:41:55.0988 2116 [ EF9F69074FF0A48DD30FEF5A33518D86 ] C:\Program Files (x86)\Google\GoogleToolbarNotifier\5.7.7529.1424\swg.dll
12:41:55.0988 2116 C:\Program Files (x86)\Google\GoogleToolbarNotifier\5.7.7529.1424\swg.dll - ok
12:41:56.0035 2116 [ D233C7FEAE3FAA25F93A9E6B46815ADC ] C:\Windows\winsxs\amd64_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.6161_none_08e61857a83bc251\msvcr90.dll
12:41:56.0035 2116 C:\Windows\winsxs\amd64_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.6161_none_08e61857a83bc251\msvcr90.dll - ok
12:41:56.0066 2116 [ E126445756DFE53F9788911BBD7BFF16 ] C:\Program Files\TOSHIBA\FlashCards\FnSticky.dll
12:41:56.0066 2116 C:\Program Files\TOSHIBA\FlashCards\FnSticky.dll - ok
12:41:56.0097 2116 [ 1C937AA6A3E2E5F5F650686437AE2854 ] C:\Program Files\TOSHIBA\FlashCards\SmoothView.dll
12:41:56.0097 2116 C:\Program Files\TOSHIBA\FlashCards\SmoothView.dll - ok
12:41:56.0128 2116 [ 270A1342BD5AF95CA25A586B4C2F1522 ] C:\Program Files (x86)\Internet Explorer\iexplore.exe
12:41:56.0128 2116 C:\Program Files (x86)\Internet Explorer\iexplore.exe - ok
12:41:56.0160 2116 [ D66423EB59EA81B1D9C0DE0AAFE2EB25 ] C:\Program Files\TOSHIBA\TBS\TBSMain.dll
12:41:56.0160 2116 C:\Program Files\TOSHIBA\TBS\TBSMain.dll - ok
12:41:56.0175 2116 [ DC5B5D3A1BF59A74ECA9C2EBB34574BE ] C:\Program Files\Microsoft Security Client\MsMpRes.dll
12:41:56.0175 2116 C:\Program Files\Microsoft Security Client\MsMpRes.dll - ok
12:41:56.0206 2116 [ 43AA2EFD14590DE58A545BF3B28ED09F ] C:\Program Files\TOSHIBA\FlashCards\Hotkey\FnF8Dll.dll
12:41:56.0206 2116 C:\Program Files\TOSHIBA\FlashCards\Hotkey\FnF8Dll.dll - ok
12:41:56.0238 2116 [ 357BE883C5236BFC7341CB9E82308908 ] C:\Windows\System32\wlanapi.dll
12:41:56.0238 2116 C:\Windows\System32\wlanapi.dll - ok
12:41:56.0284 2116 [ 11615D80DC10ABB83D2A9002B70A4E36 ] C:\Program Files\TOSHIBA\FlashCards\TWarnMsg\TWarnMsg.dll
12:41:56.0284 2116 C:\Program Files\TOSHIBA\FlashCards\TWarnMsg\TWarnMsg.dll - ok
12:41:56.0300 2116 [ BC51263DEF5774BF213BFA05AE046705 ] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe
12:41:56.0300 2116 C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe - ok
12:41:56.0331 2116 [ C3761661C17C2248A9379A8FB89E3DE1 ] C:\Windows\System32\stobject.dll
12:41:56.0331 2116 C:\Windows\System32\stobject.dll - ok
12:41:56.0362 2116 [ F832EEEA97CDDA1AF577E721F652A0D1 ] C:\Windows\System32\batmeter.dll
12:41:56.0362 2116 C:\Windows\System32\batmeter.dll - ok
12:41:56.0394 2116 [ DDEA7F06F8A00E706C4DB75D7C6F2612 ] C:\Program Files\TOSHIBA\HDD Protection\Thp3dv.exe
12:41:56.0394 2116 C:\Program Files\TOSHIBA\HDD Protection\Thp3dv.exe - ok
12:41:56.0425 2116 [ 1705B6E6E1D883965F32C7D3B8E78CE6 ] C:\Program Files (x86)\Toshiba\TOSHIBA Service Station\ToshibaServiceStation.exe
12:41:56.0425 2116 C:\Program Files (x86)\Toshiba\TOSHIBA Service Station\ToshibaServiceStation.exe - ok
12:41:56.0440 2116 [ 494DF8940225873DE62C1A730B301F57 ] C:\Windows\SysWOW64\atiadlxy.dll
12:41:56.0440 2116 C:\Windows\SysWOW64\atiadlxy.dll - ok
12:41:56.0472 2116 [ B3F4982BD2542AB40AFA6D6E695E5E06 ] C:\Program Files\TOSHIBA\Power Saver\TPwrBrightness.dll
12:41:56.0472 2116 C:\Program Files\TOSHIBA\Power Saver\TPwrBrightness.dll - ok
12:41:56.0518 2116 [ 93812FDC01AA864195816CD814445F95 ] C:\Program Files\Microsoft Security Client\sqmapi.dll
12:41:56.0518 2116 C:\Program Files\Microsoft Security Client\sqmapi.dll - ok
12:41:56.0550 2116 [ 1AC9B56AC7E043AC2874D61CBCED5F49 ] C:\Program Files\TOSHIBA\FlashCards\Hotkey\Mute.dll
12:41:56.0550 2116 C:\Program Files\TOSHIBA\FlashCards\Hotkey\Mute.dll - ok
12:41:56.0581 2116 [ A08C010D859F8EB42BDD7E1D55B8CA27 ] C:\Windows\System32\mscoree.dll
12:41:56.0581 2116 C:\Windows\System32\mscoree.dll - ok
12:41:56.0612 2116 [ 0805289E121F3E3C458C970B08314EB2 ] C:\Windows\System32\RtkCfg64.dll
12:41:56.0612 2116 C:\Windows\System32\RtkCfg64.dll - ok
12:41:56.0643 2116 [ 5997D769CDB108390DCFAEBF442BF816 ] C:\Windows\SysWOW64\RpcRtRemote.dll
12:41:56.0643 2116 C:\Windows\SysWOW64\RpcRtRemote.dll - ok
12:41:56.0674 2116 [ C861851A0BBD9903E324487011AA3705 ] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
12:41:56.0674 2116 C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe - ok
12:41:56.0690 2116 [ 995BEB69AE5C50D354894354F5A6CD5A ] C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
12:41:56.0690 2116 C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe - ok
12:41:56.0721 2116 [ F164E175B6092D3BA0DC7056487717BC ] C:\Program Files\TOSHIBA\Power Saver\T1394Pwr.dll
12:41:56.0721 2116 C:\Program Files\TOSHIBA\Power Saver\T1394Pwr.dll - ok
12:41:56.0737 2116 [ AA794B099F776B37ACCDEAD00E0FBFC9 ] C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscoreei.dll
12:41:56.0737 2116 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscoreei.dll - ok
12:41:56.0752 2116 [ 2D2A6EC8EAD30EC3ACE2FD6FB1B3E122 ] C:\Windows\System32\prnfldr.dll
12:41:56.0752 2116 C:\Windows\System32\prnfldr.dll - ok
12:41:56.0768 2116 [ E436C2E89416F31699F2A3CA79DDC095 ] C:\Program Files\TOSHIBA\Power Saver\TKBLEDPwr.dll
12:41:56.0768 2116 C:\Program Files\TOSHIBA\Power Saver\TKBLEDPwr.dll - ok
12:41:56.0768 2116 [ C4CA3DBBCEC3136D37DA20B50291E63A ] C:\Program Files\TOSHIBA\Power Saver\TSDPwr.dll
12:41:56.0768 2116 C:\Program Files\TOSHIBA\Power Saver\TSDPwr.dll - ok
12:41:56.0784 2116 [ 02CD5B2C3B017122CAC00BDB520CD7AC ] C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorwks.dll
12:41:56.0784 2116 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorwks.dll - ok
12:41:56.0799 2116 [ 619A67C9F617B7E69315BB28ECD5E1DF ] C:\Windows\System32\wbem\WmiPrvSE.exe
12:41:56.0799 2116 C:\Windows\System32\wbem\WmiPrvSE.exe - ok
12:41:56.0815 2116 [ 919001D2BB17DF06CA3F8AC16AD039F6 ] C:\Windows\SysWOW64\sxs.dll
12:41:56.0815 2116 C:\Windows\SysWOW64\sxs.dll - ok
12:41:56.0830 2116 [ DF987E7AA36D53411B1087B246739326 ] C:\Program Files\TOSHIBA\Power Saver\TPCIePwr.dll
12:41:56.0830 2116 C:\Program Files\TOSHIBA\Power Saver\TPCIePwr.dll - ok
12:41:56.0846 2116 [ 76F123E491B26DAAD5DFBC20FC5996DB ] C:\Program Files\TOSHIBA\Power Saver\TScreen.dll
12:41:56.0846 2116 C:\Program Files\TOSHIBA\Power Saver\TScreen.dll - ok
12:41:56.0862 2116 [ 2A436796758BF2555A26C770FE8A6FEE ] C:\Windows\System32\fdProxy.dll
12:41:56.0862 2116 C:\Windows\System32\fdProxy.dll - ok
12:41:56.0877 2116 [ 42A9CB6906D9A8BEDC83B57163E62924 ] C:\Windows\System32\DXP.dll
12:41:56.0877 2116 C:\Windows\System32\DXP.dll - ok
12:41:56.0877 2116 [ 2BC7C9FD0A9F2C9AFC373F3AD1EE3891 ] C:\Windows\System32\Syncreg.dll
12:41:56.0893 2116 C:\Windows\System32\Syncreg.dll - ok
12:41:56.0893 2116 [ C836175870E00ACC546066632E15BD10 ] C:\Windows\ehome\ehSSO.dll
12:41:56.0893 2116 C:\Windows\ehome\ehSSO.dll - ok
12:41:56.0908 2116 [ A42F2C1EB3B66C54FB3C7B79D30C1A6D ] C:\Windows\System32\netshell.dll
12:41:56.0908 2116 C:\Windows\System32\netshell.dll - ok
12:41:56.0924 2116 [ 01AEA2F16FE0C522DDFD7FAFFC959C6A ] C:\Windows\assembly\NativeImages_v2.0.50727_64\mscorlib\74a5f0c2bc0d0e6e3c4ec4886b9be891\mscorlib.ni.dll
12:41:56.0924 2116 C:\Windows\assembly\NativeImages_v2.0.50727_64\mscorlib\74a5f0c2bc0d0e6e3c4ec4886b9be891\mscorlib.ni.dll - ok
12:41:56.0940 2116 [ 07AD88DF9EF73215458867EFC1BFFE9E ] C:\Windows\System32\wbem\wmiprov.dll
12:41:56.0940 2116 C:\Windows\System32\wbem\wmiprov.dll - ok
12:41:56.0955 2116 [ 51138BEEA3E2C21EC44D0932C71762A8 ] C:\Windows\SysWOW64\rundll32.exe
12:41:56.0955 2116 C:\Windows\SysWOW64\rundll32.exe - ok
12:41:56.0955 2116 [ 368B2BEE3F88BFB883D2C74A258DE6F6 ] C:\Windows\AppPatch\AcLayers.dll
12:41:56.0955 2116 C:\Windows\AppPatch\AcLayers.dll - ok
12:41:56.0971 2116 [ 92DBF0A4C9239169010FC6E07859C82E ] C:\Windows\System32\ActionCenter.dll
12:41:56.0971 2116 C:\Windows\System32\ActionCenter.dll - ok
12:41:56.0986 2116 [ 9E4B0E7472B4CEBA9E17F440B8CB0AB8 ] C:\Windows\SysWOW64\winspool.drv
12:41:56.0986 2116 C:\Windows\SysWOW64\winspool.drv - ok
12:41:57.0002 2116 [ C8FDF0FA9E97E2FAAF3F814716AAA881 ] C:\Windows\System32\WPDShServiceObj.dll
12:41:57.0002 2116 C:\Windows\System32\WPDShServiceObj.dll - ok
12:41:57.0018 2116 [ 8FF048680DE6278299A1063508F0F7C4 ] C:\Windows\AppPatch\acwow64.dll
12:41:57.0018 2116 C:\Windows\AppPatch\acwow64.dll - ok
12:41:57.0033 2116 [ 4F3CD1C59EA71401E155C432BCECE180 ] C:\Windows\System32\PortableDeviceTypes.dll
12:41:57.0033 2116 C:\Windows\System32\PortableDeviceTypes.dll - ok
12:41:57.0049 2116 [ DD45C29A6082E333E038B5033247E74D ] C:\Users\Jessie\AppData\Local\VirtualStore\TOSHIBA\wswikaw.dll
12:41:57.0049 2116 C:\Users\Jessie\AppData\Local\VirtualStore\TOSHIBA\wswikaw.dll - ok
12:41:57.0064 2116 [ C746F3BF98E92FB137B5BD2B8B5925BD ] C:\Windows\System32\FXSST.dll
12:41:57.0064 2116 C:\Windows\System32\FXSST.dll - ok
12:41:57.0080 2116 [ 650CAEA856943E29F25A25D31E004B18 ] C:\Windows\System32\FXSAPI.dll
12:41:57.0080 2116 C:\Windows\System32\FXSAPI.dll - ok
12:41:57.0096 2116 [ C8E8B8239FCF17BEA10E751BE5854631 ] C:\Windows\System32\FXSRESM.dll
12:41:57.0096 2116 C:\Windows\System32\FXSRESM.dll - ok
12:41:57.0096 2116 [ 8569E35D00F45972E506502EEE622BA4 ] C:\Windows\System32\srchadmin.dll
12:41:57.0096 2116 C:\Windows\System32\srchadmin.dll - ok
12:41:57.0111 2116 [ E7368F0A8D19445EAF5C5D0DBB8B8DAB ] C:\Windows\System32\AltTab.dll
12:41:57.0111 2116 C:\Windows\System32\AltTab.dll - ok
12:41:57.0127 2116 [ B9F0A4020AA98B7A20287BF7FE99A1FD ] C:\Windows\System32\QUTIL.DLL
12:41:57.0127 2116 C:\Windows\System32\QUTIL.DLL - ok
12:41:57.0142 2116 [ F7A256EC899C72B4ECDD2C02CB592EFD ] C:\Windows\System32\bthprops.cpl
12:41:57.0142 2116 C:\Windows\System32\bthprops.cpl - ok
12:41:57.0158 2116 [ E0B340996A41C9A75DFA3B99BBA9C500 ] C:\Windows\System32\SearchIndexer.exe
12:41:57.0158 2116 C:\Windows\System32\SearchIndexer.exe - ok
12:41:57.0174 2116 [ DBEFD454F8318A0EF691FDD2EAAB44EB ] C:\Windows\System32\FXSSVC.exe
12:41:57.0174 2116 C:\Windows\System32\FXSSVC.exe - ok
12:41:57.0189 2116 [ 589DF683A6C81424A6CECE52ABF98A50 ] C:\Windows\System32\tquery.dll
12:41:57.0189 2116 C:\Windows\System32\tquery.dll - ok
12:41:57.0205 2116 [ 180A7380320AF73CCF7F7D8880CA2193 ] C:\Windows\System32\ieframe.dll
12:41:57.0205 2116 C:\Windows\System32\ieframe.dll - ok
12:41:57.0205 2116 [ 7568CC720ACE4D03B84AF97817E745EF ] C:\Windows\System32\mssrch.dll
12:41:57.0205 2116 C:\Windows\System32\mssrch.dll - ok
12:41:57.0220 2116 [ 3ABB7ADB9CCBCD24D6C55201A3842A94 ] C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorjit.dll
12:41:57.0220 2116 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorjit.dll - ok
12:41:57.0236 2116 [ 3121A79D13A61562BE9CC902CD46B542 ] C:\Windows\System32\msidle.dll
12:41:57.0236 2116 C:\Windows\System32\msidle.dll - ok
12:41:57.0252 2116 [ ACE1BB07E0377E37A2C514CD2EC119B1 ] C:\Windows\System32\mssprxy.dll
12:41:57.0252 2116 C:\Windows\System32\mssprxy.dll - ok
12:41:57.0267 2116 [ F146E2BA475893DD77B2370DC1211FC6 ] C:\Windows\System32\drivers\37240484.sys
12:41:57.0267 2116 C:\Windows\System32\drivers\37240484.sys - ok
12:41:57.0283 2116 [ C9FB9038B15036CA28CF0B4BE2BED9BD ] C:\Windows\System32\en-US\tquery.dll.mui
12:41:57.0283 2116 C:\Windows\System32\en-US\tquery.dll.mui - ok
12:41:57.0283 2116 [ 8BE887F1743FBB39ED2C9CA2937742D6 ] C:\Windows\assembly\NativeImages_v2.0.50727_64\System\f3888a2c7b096d416ca0cfc5405219b4\System.ni.dll
12:41:57.0283 2116 C:\Windows\assembly\NativeImages_v2.0.50727_64\System\f3888a2c7b096d416ca0cfc5405219b4\System.ni.dll - ok
12:41:57.0298 2116 [ D79D19EC66106119DCD45D042C6B5170 ] C:\Windows\assembly\NativeImages_v2.0.50727_64\System.Drawing\88f8a6436dc95497fce0dae347646e53\System.Drawing.ni.dll
12:41:57.0298 2116 C:\Windows\assembly\NativeImages_v2.0.50727_64\System.Drawing\88f8a6436dc95497fce0dae347646e53\System.Drawing.ni.dll - ok
12:41:57.0314 2116 [ 847D3AE376C0817161A14A82C8922A9E ] C:\Windows\System32\netman.dll
12:41:57.0314 2116 C:\Windows\System32\netman.dll - ok
12:41:57.0330 2116 [ D2155709E336C3BC15729EB87FEC6064 ] C:\Windows\System32\rasdlg.dll
12:41:57.0330 2116 C:\Windows\System32\rasdlg.dll - ok
12:41:57.0345 2116 [ EADFC95980BC24DF3C7EE5B2CD38F043 ] C:\Windows\assembly\NativeImages_v2.0.50727_64\System.Windows.Forms\d6af7216038720b1adeca71e81c14bd6\System.Windows.Forms.ni.dll
12:41:57.0345 2116 C:\Windows\assembly\NativeImages_v2.0.50727_64\System.Windows.Forms\d6af7216038720b1adeca71e81c14bd6\System.Windows.Forms.ni.dll - ok
12:41:57.0361 2116 [ F9AFD12BB4B1CFA5FCC0A5B37C604FD2 ] C:\Windows\System32\dot3api.dll
12:41:57.0361 2116 C:\Windows\System32\dot3api.dll - ok
12:41:57.0376 2116 [ E4FCA0F99A41E460C84016DEFD31E6EF ] C:\Windows\System32\wlanhlp.dll
12:41:57.0376 2116 C:\Windows\System32\wlanhlp.dll - ok
12:41:57.0392 2116 [ 6699A112A3BDC9B52338512894EBA9D6 ] C:\Program Files\Windows Media Player\wmpnscfg.exe
12:41:57.0392 2116 C:\Program Files\Windows Media Player\wmpnscfg.exe - ok
12:41:57.0408 2116 [ 5DA219F57A9076FB6FBD3C9C3713A672 ] C:\Windows\System32\WWanAPI.dll
12:41:57.0408 2116 C:\Windows\System32\WWanAPI.dll - ok
12:41:57.0408 2116 [ 62C7AACC746C9723468A8F2169ED3E85 ] C:\Windows\System32\wwapi.dll
12:41:57.0408 2116 C:\Windows\System32\wwapi.dll - ok
12:41:57.0423 2116 [ 6B851E682A36453E1B1EE297FFB6E2AB ] C:\Windows\System32\QAGENT.DLL
12:41:57.0423 2116 C:\Windows\System32\QAGENT.DLL - ok
12:41:57.0439 2116 [ C7494C67A6BF6FE914808E42F8265FEF ] C:\Program Files\Windows Media Player\wmpnssci.dll
12:41:57.0439 2116 C:\Program Files\Windows Media Player\wmpnssci.dll - ok
12:41:57.0454 2116 [ A9F3BFC9345F49614D5859EC95B9E994 ] C:\Program Files\Windows Media Player\wmpnetwk.exe
12:41:57.0454 2116 C:\Program Files\Windows Media Player\wmpnetwk.exe - ok
12:41:57.0470 2116 [ D64D99EC088B54FFE8EE67A480386C20 ] C:\Windows\Microsoft.NET\Framework64\v2.0.50727\Culture.dll
12:41:57.0470 2116 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\Culture.dll - ok
12:41:57.0486 2116 [ 102CF6879887BBE846A00C459E6D4ABC ] C:\Windows\SysWOW64\riched20.dll
12:41:57.0486 2116 C:\Windows\SysWOW64\riched20.dll - ok
12:41:57.0486 2116 [ E36112A8A6C7F840169A7E92C12F4203 ] C:\Windows\System32\wsock32.dll
12:41:57.0486 2116 C:\Windows\System32\wsock32.dll - ok
12:41:57.0501 2116 [ 423982DD851406A52B6399DDB196C606 ] C:\Windows\System32\wmdrmdev.dll
12:41:57.0501 2116 C:\Windows\System32\wmdrmdev.dll - ok
12:41:57.0517 2116 [ 2C1055E2C6D42753241FB2A129136994 ] C:\Windows\System32\drmv2clt.dll
12:41:57.0517 2116 C:\Windows\System32\drmv2clt.dll - ok
12:41:57.0532 2116 [ 54B5DCD55B223BC5DF50B82E1E9E86B1 ] C:\Windows\System32\mfplat.dll
12:41:57.0532 2116 C:\Windows\System32\mfplat.dll - ok
12:41:57.0548 2116 [ 5DCD11D0B1CB71E2B035B30670365C35 ] C:\Windows\assembly\NativeImages_v2.0.50727_64\System.Runtime.Remo#\6c3851b925e2a31ddefb3d36bb9163cb\System.Runtime.Remoting.ni.dll
12:41:57.0548 2116 C:\Windows\assembly\NativeImages_v2.0.50727_64\System.Runtime.Remo#\6c3851b925e2a31ddefb3d36bb9163cb\System.Runtime.Remoting.ni.dll - ok
12:41:57.0564 2116 [ E2A17BCC08D92F42E08AF6BA2F93ABA7 ] C:\Windows\SysWOW64\ExplorerFrame.dll
12:41:57.0564 2116 C:\Windows\SysWOW64\ExplorerFrame.dll - ok
12:41:57.0579 2116 [ 97A891E2BF7FDA830BCFC6269DA3F5E9 ] C:\Windows\System32\blackbox.dll
12:41:57.0579 2116 C:\Windows\System32\blackbox.dll - ok
12:41:57.0595 2116 [ 96DB78C9C50CEED9DA5050EFFEE272A2 ] C:\Windows\System32\upnp.dll
12:41:57.0595 2116 C:\Windows\System32\upnp.dll - ok
12:41:57.0610 2116 [ 6E1F8165C365D35C8E3C045AF0CDD481 ] C:\Windows\SysWOW64\duser.dll
12:41:57.0610 2116 C:\Windows\SysWOW64\duser.dll - ok
12:41:57.0610 2116 [ CDAD3376DFF3D9AC7FDCBE2B94B0D3C8 ] C:\Windows\System32\shfolder.dll
12:41:57.0610 2116 C:\Windows\System32\shfolder.dll - ok
12:41:57.0626 2116 [ EE06B85BC69F18826302348A2AD089E0 ] C:\Windows\SysWOW64\dui70.dll
12:41:57.0626 2116 C:\Windows\SysWOW64\dui70.dll - ok
12:41:57.0642 2116 [ 51B52FBD583CDE8AA9BA62B8B4298F33 ] C:\Windows\System32\ssdpsrv.dll
12:41:57.0642 2116 C:\Windows\System32\ssdpsrv.dll - ok
12:41:57.0657 2116 [ E19AD0D49BFF5938B3E374873AC174DE ] C:\Windows\System32\wmploc.DLL
12:41:57.0657 2116 C:\Windows\System32\wmploc.DLL - ok
12:41:57.0673 2116 [ 3819AD4329303EAC88480CA16A650735 ] C:\Windows\System32\UIAnimation.dll
12:41:57.0673 2116 C:\Windows\System32\UIAnimation.dll - ok
12:41:57.0688 2116 [ D28C5A1411BB0B47E05E0D6AAF896690 ] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
12:41:57.0688 2116 C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe - ok
12:41:57.0704 2116 [ D7CEAEDD5F75D2C8A2E80887D7C114CE ] C:\Windows\System32\webcheck.dll
12:41:57.0704 2116 C:\Windows\System32\webcheck.dll - ok
12:41:57.0720 2116 [ 8494E126F0B10180F3293AF861CE1F7A ] C:\Windows\System32\mlang.dll
12:41:57.0720 2116 C:\Windows\System32\mlang.dll - ok
12:41:57.0735 2116 [ 101797BA603D227946B4B5109867EB19 ] C:\Windows\System32\SyncCenter.dll
12:41:57.0735 2116 C:\Windows\System32\SyncCenter.dll - ok
12:41:57.0735 2116 [ E63EAF09FC29954D7F8EAB2DEF495062 ] C:\Windows\assembly\NativeImages_v2.0.50727_64\System.Web\193e9d54d5a1785730cc76195c3ed9c6\System.Web.ni.dll
12:41:57.0735 2116 C:\Windows\assembly\NativeImages_v2.0.50727_64\System.Web\193e9d54d5a1785730cc76195c3ed9c6\System.Web.ni.dll - ok
12:41:57.0751 2116 [ 8130391F82D52D36C0441F714136957F ] C:\Windows\System32\imapi2.dll
12:41:57.0751 2116 C:\Windows\System32\imapi2.dll - ok
12:41:57.0766 2116 [ A555EC9827745E760BBABB7C6D4CE37F ] C:\Program Files\Internet Explorer\ieproxy.dll
12:41:57.0766 2116 C:\Program Files\Internet Explorer\ieproxy.dll - ok
12:41:57.0782 2116 [ 6A5C1A8AC0B572679361026D0E900420 ] C:\Windows\System32\hgcpl.dll
12:41:57.0782 2116 C:\Windows\System32\hgcpl.dll - ok
12:41:57.0798 2116 [ 355A138ABDFD43FBABCAE3A1B06AB93D ] C:\Windows\System32\wmpps.dll
12:41:57.0798 2116 C:\Windows\System32\wmpps.dll - ok
12:41:57.0798 2116 [ 0438CAB2E03F4FB61455A7956026FE86 ] C:\Windows\System32\fdPHost.dll
12:41:57.0798 2116 C:\Windows\System32\fdPHost.dll - ok
12:41:57.0813 2116 [ 171D7DB433314A868507C4326E8209DC ] C:\Windows\System32\fdWSD.dll
12:41:57.0813 2116 C:\Windows\System32\fdWSD.dll - ok
12:41:57.0829 2116 [ F149E8CAE538DBF7059B00326673F602 ] C:\Windows\System32\wmpmde.dll
12:41:57.0829 2116 C:\Windows\System32\wmpmde.dll - ok
12:41:57.0844 2116 [ A2E5B2D20954210DCE1A75A1FC8CC36D ] C:\Windows\System32\fdSSDP.dll
12:41:57.0844 2116 C:\Windows\System32\fdSSDP.dll - ok
12:41:57.0860 2116 [ 021287C2050FD5DB4A8B084E2C38139C ] C:\Windows\System32\WinSATAPI.dll
12:41:57.0860 2116 C:\Windows\System32\WinSATAPI.dll - ok
12:41:57.0876 2116 [ EFDFB3DD38A4376F93E7985173813ABD ] C:\Windows\System32\ListSvc.dll
12:41:57.0876 2116 C:\Windows\System32\ListSvc.dll - ok
12:41:57.0891 2116 [ B6411CED931AFD059E48C52DBFBA95B4 ] C:\Windows\System32\P2P.dll
12:41:57.0891 2116 C:\Windows\System32\P2P.dll - ok
12:41:57.0907 2116 [ 66C87DB880052104808507D6FA84D68E ] C:\Program Files\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
12:41:57.0907 2116 C:\Program Files\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL - ok
12:41:57.0907 2116 [ 28A7D7C7E2FDD1D55F12F750CD6331EC ] C:\Windows\System32\MSMPEG2ENC.DLL
12:41:57.0922 2116 C:\Windows\System32\MSMPEG2ENC.DLL - ok
12:41:57.0922 2116 [ 4A82EA2807B16FF577AEAF8ADB8779FF ] C:\Windows\System32\IdListen.dll
12:41:57.0922 2116 C:\Windows\System32\IdListen.dll - ok
12:41:57.0938 2116 [ 3EAC4455472CC2C97107B5291E0DCAFE ] C:\Windows\System32\pnrpsvc.dll
12:41:57.0938 2116 C:\Windows\System32\pnrpsvc.dll - ok
12:41:57.0954 2116 [ A0524499F4C63CADA7E1529FC77F5DC1 ] C:\Windows\System32\hgprint.dll
12:41:57.0954 2116 C:\Windows\System32\hgprint.dll - ok
12:41:57.0969 2116 [ 46767946E7B559D981C1DC04EC0AB36F ] C:\Windows\System32\devenum.dll
12:41:57.0969 2116 C:\Windows\System32\devenum.dll - ok
12:41:57.0985 2116 [ B0F69B9DE0AEBFD7E4CEADE6758DF627 ] C:\Windows\System32\SearchFolder.dll
12:41:57.0985 2116 C:\Windows\System32\SearchFolder.dll - ok
12:41:58.0000 2116 [ 558C42D165DB5799B4072DC0A9C27C0B ] C:\Windows\System32\msdmo.dll
12:41:58.0000 2116 C:\Windows\System32\msdmo.dll - ok
12:41:58.0016 2116 [ B2833CF2297A69854353660214BFA93C ] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MMLoadDrv.exe
12:41:58.0016 2116 C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MMLoadDrv.exe - ok
12:41:58.0016 2116 [ A4B3A9FFA483F8CB36E56C19448DDE36 ] C:\Windows\assembly\NativeImages_v2.0.50727_64\System.Xml\52e2da35b160dbd254683f72a0f1b937\System.Xml.ni.dll
12:41:58.0016 2116 C:\Windows\assembly\NativeImages_v2.0.50727_64\System.Xml\52e2da35b160dbd254683f72a0f1b937\System.Xml.ni.dll - ok
12:41:58.0032 2116 [ 67EC459E42D3081DD8FD34356F7CAFC1 ] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\msvcr100.dll
12:41:58.0032 2116 C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\msvcr100.dll - ok
12:41:58.0047 2116 [ 927463ECB02179F88E4B9A17568C63C3 ] C:\Windows\System32\p2psvc.dll
12:41:58.0047 2116 C:\Windows\System32\p2psvc.dll - ok
12:41:58.0063 2116 [ D47EC6A8E81633DD18D2436B19BAF6DE ] C:\Windows\System32\upnphost.dll
12:41:58.0063 2116 C:\Windows\System32\upnphost.dll - ok
12:41:58.0078 2116 [ 0AE0C4955E1DE29CCDC9DA1B816FE5EE ] C:\Windows\SysWOW64\quartz.dll
12:41:58.0078 2116 C:\Windows\SysWOW64\quartz.dll - ok
12:41:58.0094 2116 [ 3AEE02CEDAA3ACD14F9D7E038E44D6D1 ] C:\Windows\System32\P2PGraph.dll
12:41:58.0094 2116 C:\Windows\System32\P2PGraph.dll - ok
12:41:58.0110 2116 [ D5AEFAD57C08349A4393D987DF7C715D ] C:\Windows\SysWOW64\winmm.dll
12:41:58.0110 2116 C:\Windows\SysWOW64\winmm.dll - ok
12:41:58.0110 2116 [ 6EF5F3F18413C367195F06E503AB86A6 ] C:\Windows\SysWOW64\d3d9.dll
12:41:58.0110 2116 C:\Windows\SysWOW64\d3d9.dll - ok
12:41:58.0125 2116 [ 77B1471A490B53B24EFE136F09F76550 ] C:\Windows\SysWOW64\d3d8thk.dll
12:41:58.0125 2116 C:\Windows\SysWOW64\d3d8thk.dll - ok
12:41:58.0141 2116 [ FF855B794961EC8785FD5CCB7B8285D3 ] C:\Windows\SysWOW64\aticfx32.dll
12:41:58.0141 2116 C:\Windows\SysWOW64\aticfx32.dll - ok
12:41:58.0156 2116 [ 06D3E7B7A0637653B4BE150343C446DD ] C:\Windows\SysWOW64\atiu9pag.dll
12:41:58.0156 2116 C:\Windows\SysWOW64\atiu9pag.dll - ok
12:41:58.0172 2116 [ EC6E496F31542484F3A4E9DBB8BEE881 ] C:\Windows\SysWOW64\atiumdag.dll
12:41:58.0172 2116 C:\Windows\SysWOW64\atiumdag.dll - ok
12:41:58.0188 2116 [ D4C846383EB421AB36C403C6543279C6 ] C:\Windows\SysWOW64\atiumdva.dll
12:41:58.0188 2116 C:\Windows\SysWOW64\atiumdva.dll - ok
12:41:58.0203 2116 [ 1F27643C4C626457FCE8F047AE1CD7E1 ] C:\Windows\SysWOW64\dxva2.dll
12:41:58.0203 2116 C:\Windows\SysWOW64\dxva2.dll - ok
12:41:58.0203 2116 [ 220159496484D34009DE71CA1A68E0D4 ] C:\Windows\System32\wbem\NCProv.dll
12:41:58.0203 2116 C:\Windows\System32\wbem\NCProv.dll - ok
12:41:58.0219 2116 [ 5D0E28A22860E487148B2820309C0063 ] C:\Windows\assembly\NativeImages_v2.0.50727_64\System.Configuration\ac14913a11af4bfae0b8eb913a46a161\System.Configuration.ni.dll
12:41:58.0219 2116 C:\Windows\assembly\NativeImages_v2.0.50727_64\System.Configuration\ac14913a11af4bfae0b8eb913a46a161\System.Configuration.ni.dll - ok
12:41:58.0234 2116 [ 71E68F2443A80BD4DA89181889C457EA ] C:\Windows\System32\udhisapi.dll
12:41:58.0234 2116 C:\Windows\System32\udhisapi.dll - ok
12:41:58.0250 2116 [ 7ADAAE8157F303854B9944529D4C50C9 ] C:\Windows\System32\atipdl64.dll
12:41:58.0250 2116 C:\Windows\System32\atipdl64.dll - ok
12:41:58.0266 2116 [ 76F39902E25F43FE9450AD3D6A14D0D8 ] C:\Windows\assembly\NativeImages_v2.0.50727_64\WindowsBase\60ab562d9fe10d1782ed705ef2beb95a\WindowsBase.ni.dll
12:41:58.0266 2116 C:\Windows\assembly\NativeImages_v2.0.50727_64\WindowsBase\60ab562d9fe10d1782ed705ef2beb95a\WindowsBase.ni.dll - ok
12:41:58.0281 2116 [ 2E7ADF9B0389CD94605717784D7E416A ] C:\Windows\System32\drttransport.dll
12:41:58.0281 2116 C:\Windows\System32\drttransport.dll - ok
12:41:58.0297 2116 [ C57BC99A4467B3E8F1CC2184A3F46729 ] C:\Windows\System32\drt.dll
12:41:58.0297 2116 C:\Windows\System32\drt.dll - ok
12:41:58.0297 2116 ============================================================
12:41:58.0297 2116 Scan finished
12:41:58.0297 2116 ============================================================
12:41:58.0328 1544 Detected object count: 2
12:41:58.0328 1544 Actual detected object count: 2
12:42:05.0691 1544 Thpsrv ( UnsignedFile.Multi.Generic ) - skipped by user
12:42:05.0691 1544 Thpsrv ( UnsignedFile.Multi.Generic ) - User select action: Skip
12:42:05.0691 1544 \Device\Harddisk0\DR0 ( TDSS File System ) - skipped by user
12:42:05.0691 1544 \Device\Harddisk0\DR0 ( TDSS File System ) - User select action: Skip
12:42:37.0859 2364 Deinitialize success

# AdwCleaner v2.008 - Logfile created 11/23/2012 at 12:45:14
# Updated 17/11/2012 by Xplode
# Operating system : Windows 7 Home Premium Service Pack 1 (64 bits)
# User : Jessie - JESSIE-PC
# Boot Mode : Normal
# Running from : C:\Users\Jessie\Desktop\adwcleaner.exe
# Option [Delete]

***** [Services] *****

***** [Files / Folders] *****

***** [Registry] *****

Key Deleted : HKLM\SOFTWARE\Software

***** [Internet Browsers] *****

-\\ Internet Explorer v9.0.8112.16421

[OK] Registry is clean.

-\\ Google Chrome v [Unable to get version]

File : C:\Users\Jessie\AppData\Local\Google\Chrome\User Data\Default\Preferences

Deleted [l.9] : homepage = "hxxp://searchfunmoods.com/?f=1&a=aln&chnl=&cd=2XzuyEtN2Y1L1Qzu0EtD0C0AzyyE0CyByDz[...]
Deleted [l.13] : urls_to_restore_on_startup = [ "hxxp://searchfunmoods.com/?f=1&a=aln&chnl=&cd=2XzuyEtN2Y1L[...]
Deleted [l.49] : icon_url = "hxxp://searchfunmoods.com/favicon.ico",
Deleted [l.52] : keyword = "funmoods.com",
Deleted [l.55] : search_url = "hxxp://searchfunmoods.com/results.php?f=4&q={searchTerms}&a=aln&chnl=&cd=2XzuyE[...]
Deleted [l.1449] : homepage = "hxxp://searchfunmoods.com/?f=1&a=aln&chnl=&cd=2XzuyEtN2Y1L1Qzu0EtD0C0AzyyE0CyByDzzzy[...]
Deleted [l.1979] : urls_to_restore_on_startup = [ "hxxp://searchfunmoods.com/?f=1&a=aln&chnl=&cd=2XzuyEtN2Y1L1Qz[...]

*************************

AdwCleaner[S1].txt - [1393 octets] - [23/11/2012 12:45:14]

########## EOF - C:\AdwCleaner[S1].txt - [1453 octets] ##########

All processes killed
========== OTL ==========
Use Chrome's Settings page to change the HomePage.
Use Chrome's Settings page to remove the default_search_provider items.
Use Chrome's Settings page to remove the default_search_provider items.
Use Chrome's Settings page to remove the default_search_provider items.
Use Chrome's Settings page to change the HomePage.
64bit-Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\Locked not found.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\Locked not found.
========== COMMANDS ==========

[EMPTYTEMP]

User: Administrator

User: All Users

User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->Flash cache emptied: 0 bytes

User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->Flash cache emptied: 0 bytes

User: Jessie
->Temp folder emptied: 1929536 bytes
->Temporary Internet Files folder emptied: 87346126 bytes
->Java cache emptied: 0 bytes
->Google Chrome cache emptied: 14945444 bytes
->Flash cache emptied: 1847 bytes

User: Public

%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32 (64bit) .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 102186 bytes
%systemroot%\sysnative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files folder emptied: 0 bytes
RecycleBin emptied: 0 bytes

Total Files Cleaned = 99.00 mb

Restore point Set: OTL Restore Point

OTL by OldTimer - Version 3.2.69.0 log created on 11232012_125018

Files\Folders moved on Reboot...
File\Folder C:\Users\Jessie\AppData\Local\Temp\OICE_AEFF0C31-54AA-4D1F-A815-098B95B2FE92.0\61FBF57D. not found!
File\Folder C:\Users\Jessie\AppData\Local\Temp\OICE_99BBDAA9-85EE-4C36-A80E-7AE905704273.0\6A338678. not found!
C:\Users\Jessie\AppData\Local\Temp\Low\REG95D8.tmp moved successfully.
C:\Users\Jessie\AppData\Local\Temp\FXSAPIDebugLogFile.txt moved successfully.
C:\Users\Jessie\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\MSIMGSIZ.DAT moved successfully.

PendingFileRenameOperations files...

Registry entries deleted on Reboot...
OTL logfile created on: 11/23/2012 12:56:41 PM - Run 3
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Jessie\Desktop
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

3.60 Gb Total Physical Memory | 2.62 Gb Available Physical Memory | 72.72% Memory free
7.20 Gb Paging File | 6.02 Gb Available in Paging File | 83.66% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 282.38 Gb Total Space | 235.36 Gb Free Space | 83.35% Space Free | Partition Type: NTFS

Computer Name: JESSIE-PC | User Name: Jessie | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan | Include 64bit Scans
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2012/11/22 10:34:33 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Jessie\Desktop\OTL.exe
PRC - [2012/09/29 19:54:26 | 000,399,432 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe

========== Modules (No Company Name) ==========

========== Services (SafeList) ==========

SRV:64bit: - [2012/09/12 20:21:48 | 000,368,896 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- c:\Program Files\Microsoft Security Client\NisSrv.exe -- (NisSrv)
SRV:64bit: - [2012/09/12 20:21:48 | 000,022,072 | ---- | M] (Microsoft Corporation) [Auto | Running] -- c:\Program Files\Microsoft Security Client\MsMpEng.exe -- (MsMpSvc)
SRV:64bit: - [2011/06/10 00:10:00 | 000,138,152 | ---- | M] (TOSHIBA Corporation) [On_Demand | Stopped] -- C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSmartSrv.exe -- (TOSHIBA HDD SSD Alert Service)
SRV:64bit: - [2011/06/08 00:54:56 | 000,204,288 | ---- | M] (AMD) [Auto | Running] -- C:\Windows\SysNative\atiesrxx.exe -- (AMD External Events Utility)
SRV:64bit: - [2011/05/17 17:34:18 | 000,574,896 | ---- | M] (TOSHIBA Corporation) [Auto | Running] -- C:\Program Files\TOSHIBA\Power Saver\TosCoSrv.exe -- (TosCoSrv)
SRV:64bit: - [2011/04/20 18:16:04 | 000,558,592 | ---- | M] (TOSHIBA Corporation) [Auto | Running] -- C:\Windows\SysNative\ThpSrv.exe -- (Thpsrv)
SRV:64bit: - [2010/10/20 17:41:00 | 000,138,656 | ---- | M] (TOSHIBA Corporation) [Auto | Running] -- C:\Windows\SysNative\TODDSrv.exe -- (TODDSrv)
SRV:64bit: - [2010/09/22 21:10:10 | 000,057,184 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Program Files\Windows Live\Mesh\wlcrasvc.exe -- (wlcrasvc)
SRV:64bit: - [2009/07/13 20:41:27 | 001,011,712 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV - [2012/09/29 19:54:26 | 000,676,936 | ---- | M] (Malwarebytes Corporation) [Auto | Stopped] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe -- (MBAMService)
SRV - [2012/09/29 19:54:26 | 000,399,432 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe -- (MBAMScheduler)
SRV - [2011/07/11 20:16:06 | 000,057,216 | ---- | M] (TOSHIBA Corporation) [On_Demand | Running] -- C:\Program Files (x86)\Toshiba\TOSHIBA Service Station\TMachInfo.exe -- (TMachInfo)
SRV - [2010/03/18 16:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2009/06/10 16:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)

========== Driver Services (SafeList) ==========

DRV:64bit: - [2012/09/29 19:54:26 | 000,025,928 | ---- | M] (Malwarebytes Corporation) [File_System | On_Demand | Running] -- C:\Windows\SysNative\drivers\mbam.sys -- (MBAMProtector)
DRV:64bit: - [2012/08/30 21:03:48 | 000,128,456 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\NisDrvWFP.sys -- (NisDrv)
DRV:64bit: - [2012/03/01 01:46:16 | 000,023,408 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
DRV:64bit: - [2011/07/28 17:33:50 | 000,313,448 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\rtsuvstor.sys -- (RSUSBVSTOR)
DRV:64bit: - [2011/06/08 01:42:26 | 009,360,896 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmdag.sys -- (amdkmdag)
DRV:64bit: - [2011/06/08 00:16:14 | 000,309,760 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmpag.sys -- (amdkmdap)
DRV:64bit: - [2011/05/17 01:55:28 | 000,533,096 | ---- | M] (Realtek ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Rt64win7.sys -- (RTL8167)
DRV:64bit: - [2011/04/13 12:21:56 | 001,143,912 | ---- | M] (Realtek Semiconductor Corporation ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\rtl8192ce.sys -- (RTL8192Ce)
DRV:64bit: - [2011/03/24 22:50:30 | 001,423,408 | ---- | M] (Synaptics Incorporated) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\SynTP.sys -- (SynTP)
DRV:64bit: - [2011/03/23 20:10:28 | 000,036,992 | ---- | M] (TOSHIBA Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\thpdrv.sys -- (Thpdrv)
DRV:64bit: - [2011/03/11 01:41:12 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2011/03/11 01:41:12 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2011/02/08 22:07:00 | 000,038,096 | ---- | M] (TOSHIBA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\PGEffect.sys -- (PGEffect)
DRV:64bit: - [2010/11/20 22:24:33 | 000,059,392 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV:64bit: - [2010/11/20 22:23:47 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2010/11/20 22:23:47 | 000,031,232 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbGD.sys -- (TsUsbGD)
DRV:64bit: - [2009/07/30 23:22:04 | 000,027,784 | ---- | M] (TOSHIBA Corporation.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\tdcmdpst.sys -- (tdcmdpst)
DRV:64bit: - [2009/07/14 18:31:18 | 000,026,840 | ---- | M] (TOSHIBA Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\TVALZ_O.SYS -- (TVALZ)
DRV:64bit: - [2009/07/13 20:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2009/07/13 20:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2009/07/13 20:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2009/07/07 12:51:42 | 000,009,216 | ---- | M] (TOSHIBA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\FwLnk.sys -- (FwLnk)
DRV:64bit: - [2009/06/29 19:16:20 | 000,014,784 | ---- | M] (TOSHIBA Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\Thpevm.sys -- (Thpevm)
DRV:64bit: - [2009/06/10 15:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2009/06/10 15:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2009/06/10 15:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:64bit: - [2009/06/10 15:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV - [2009/07/13 20:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)

========== Standard Registry (SafeList) ==========

========== Internet Explorer ==========

IE:64bit: - HKLM\..\SearchScopes,DefaultScope =
IE:64bit: - HKLM\..\SearchScopes\{{67A2568C-7A0A-4EED-AECC-B5405DE63B64}}: "URL" = http://www.google.co...ng}&rlz=1I7TSNO
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\..\SearchScopes,DefaultScope =
IE - HKLM\..\SearchScopes\{{67A2568C-7A0A-4EED-AECC-B5405DE63B64}}: "URL" = http://www.google.co...ng}&rlz=1I7TSNO

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://start.toshiba.com/?cid=C001B2Y
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,SearchDefaultBranded = 1
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.yahoo.com/
IE - HKCU\..\SearchScopes,DefaultScope = {70642FB4-62CF-41F8-89A6-A9393D564588}
IE - HKCU\..\SearchScopes\{{67A2568C-7A0A-4EED-AECC-B5405DE63B64}}: "URL" = http://www.google.co...ng}&rlz=1I7TSNO
IE - HKCU\..\SearchScopes\{70642FB4-62CF-41F8-89A6-A9393D564588}: "URL" = http://www.google.co...1I7TSNO_enUS474
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = <local>

========== FireFox ==========

FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\5.1.10411.0\npctrl.dll ( Microsoft Corporation)
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\windows\SysWOW64\Macromed\Flash\NPSWF32.dll ()
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.5.1: C:\windows\SysWOW64\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.5.1: C:\Program Files (x86)\Oracle\JavaFX 2.1 Runtime\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\5.1.10411.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~2\MICROS~3\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~2\MICROS~3\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3538.0513: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.)

========== Chrome ==========

CHR - homepage: http://www.google.com/
CHR - default_search_provider: Funmoods (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}{google:searchFieldtrialParameter}sourceid=chrome&ie={inputEncoding}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?client=chrome&hl={language}&q={searchTerms}
CHR - homepage: http://www.google.com/
CHR - plugin: Remoting Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\23.0.1271.64\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\23.0.1271.64\pdf.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\23.0.1271.64\gcswf32.dll
CHR - plugin: Shockwave Flash (Disabled) = C:\Users\Jessie\AppData\Local\Google\Chrome\User Data\PepperFlash\11.2.31.144\pepflashplayer.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\windows\SysWOW64\Macromed\Flash\NPSWF32.dll
CHR - plugin: Adobe Acrobat (Enabled) = C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll
CHR - plugin: Java Deployment Toolkit 6.0.250.6 (Enabled) = C:\Program Files (x86)\Java\jre6\bin\new_plugin\npdeployJava1.dll
CHR - plugin: Java™ Platform SE 6 U25 (Enabled) = C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll
CHR - plugin: Microsoft Office 2010 (Enabled) = C:\PROGRA~2\MICROS~3\Office14\NPAUTHZ.DLL
CHR - plugin: Microsoft Office 2010 (Enabled) = C:\PROGRA~2\MICROS~3\Office14\NPSPWRAP.DLL
CHR - plugin: Google Update (Enabled) = C:\Program Files (x86)\Google\Update\1.3.21.111\npGoogleUpdate3.dll
CHR - plugin: Windows Live\u0099 Photo Gallery (Enabled) = C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
CHR - plugin: Silverlight Plug-In (Enabled) = c:\Program Files (x86)\Microsoft Silverlight\5.1.10411.0\npctrl.dll
CHR - Extension: Google Search = C:\Users\Jessie\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_1\
CHR - Extension: Gmail = C:\Users\Jessie\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_1\

O1 HOSTS File: ([2009/06/10 16:00:26 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O2:64bit: - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
O2 - BHO: (Java™ Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Oracle\JavaFX 2.1 Runtime\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (Java™ Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Oracle\JavaFX 2.1 Runtime\bin\jp2ssv.dll (Oracle Corporation)
O3:64bit: - HKLM\..\Toolbar: (Google Toolbar) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
O3:64bit: - HKCU\..\Toolbar\WebBrowser: (Google Toolbar) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
O4:64bit: - HKLM..\Run: [] File not found
O4:64bit: - HKLM..\Run: [HSON] C:\Program Files\TOSHIBA\TBS\HSON.exe (TOSHIBA Corporation)
O4:64bit: - HKLM..\Run: [MSC] c:\Program Files\Microsoft Security Client\msseces.exe (Microsoft Corporation)
O4:64bit: - HKLM..\Run: [RtHDVBg] C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe (Realtek Semiconductor)
O4:64bit: - HKLM..\Run: [RTHDVCPL] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor)
O4:64bit: - HKLM..\Run: [TCrdMain] C:\Program Files\TOSHIBA\FlashCards\TCrdMain.exe (TOSHIBA Corporation)
O4:64bit: - HKLM..\Run: [ThpSrv] C:\windows\SysNative\thpsrv.exe (TOSHIBA Corporation)
O4:64bit: - HKLM..\Run: [TosSENotify] C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosWaitSrv.exe (TOSHIBA Corporation)
O4:64bit: - HKLM..\Run: [TosVolRegulator] C:\Program Files\TOSHIBA\TosVolRegulator\TosVolRegulator.exe (TOSHIBA Corporation)
O4:64bit: - HKLM..\Run: [TPwrMain] C:\Program Files\TOSHIBA\Power Saver\TPwrMain.exe (TOSHIBA Corporation)
O4 - HKLM..\Run: [StartCCC] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.)
O4 - HKLM..\Run: [ToshibaServiceStation] C:\Program Files (x86)\TOSHIBA\TOSHIBA Service Station\ToshibaServiceStation.exe (TOSHIBA Corporation)
O4 - HKCU..\Run: [TOSHIBA] C:\Users\Jessie\AppData\Local\VirtualStore\TOSHIBA\wswikaw.dll (Red Hat Software)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O16 - DPF: {20BBA18F-5BC8-47B5-8FC9-5DFCA8E56A4B} https://mpi.dacom.ne...PI_20110503.cab (XacsPop Control)
O16 - DPF: {48ECCD73-123C-4C25-A64C-76E8E8A30CAF} https://mpi.dacom.ne...MPI/XPayMPI.cab (XPayMPIOCX Control)
O16 - DPF: {7C98E005-7DA3-4C02-8D9F-FAA9C4D1C343} http://service.ewha..../ictReportX.cab (ReportViewerForm Control)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Java Plug-in 10.5.1)
O16 - DPF: {AC2CE4A7-75CE-4B11-B245-CE697861C3C1} http://ems.shinhanli...ISAFEMailv4.cab (INISafeMailContainer Class)
O16 - DPF: {CAFEEFAC-0016-0000-0025-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_25)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 10.5.1)
O16 - DPF: {E78928A6-3D2A-4BF7-A100-F3FBAA351B49} https://www.vpay.co....TLD_VISTA64.cab (KvpIspCtlD Control)
O16 - DPF: {FFD77E35-1C34-4EAC-B5A7-414CC5D007DA} https://www.isaackor...sim/ilkactx.cab (AnsimPlugin Class)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 75.75.76.76 75.75.75.75
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{E7ACCB42-994F-4EAC-8BC1-7BA8188F8953}: DhcpNameServer = 75.75.76.76 75.75.75.75
O18:64bit: - Protocol\Handler\livecall - No CLSID value found
O18:64bit: - Protocol\Handler\ms-help - No CLSID value found
O18:64bit: - Protocol\Handler\msnim - No CLSID value found
O18:64bit: - Protocol\Handler\wlmailhtml - No CLSID value found
O18:64bit: - Protocol\Handler\wlpg - No CLSID value found
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\windows\SysWow64\userinit.exe (Microsoft Corporation)
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)

========== Files/Folders - Created Within 30 Days ==========

[2012/11/22 20:22:13 | 000,000,000 | ---D | C] -- C:\TDSSKiller_Quarantine
[2012/11/22 20:16:08 | 002,213,976 | ---- | C] (Kaspersky Lab ZAO) -- C:\Users\Jessie\Desktop\tdsskiller.exe
[2012/11/22 20:10:47 | 000,000,000 | ---D | C] -- C:\Users\Jessie\Desktop\RK_Quarantine
[2012/11/22 19:26:49 | 000,000,000 | ---D | C] -- C:\_OTL
[2012/11/22 10:34:12 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\Jessie\Desktop\OTL.exe
[2012/11/21 23:41:13 | 000,000,000 | ---D | C] -- C:\windows\Microsoft Antimalware
[2012/11/21 20:00:37 | 000,000,000 | ---D | C] -- C:\Users\Jessie\AppData\Roaming\Malwarebytes
[2012/11/21 20:00:33 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware
[2012/11/21 20:00:33 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2012/11/21 20:00:31 | 000,025,928 | ---- | C] (Malwarebytes Corporation) -- C:\windows\SysNative\drivers\mbam.sys
[2012/11/21 20:00:31 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware
[2012/11/21 20:00:14 | 000,000,000 | ---D | C] -- C:\Users\Jessie\AppData\Roaming\Optimizer Pro
[2012/11/21 20:00:10 | 000,000,000 | ---D | C] -- C:\ProgramData\TEMP
[2012/11/21 20:00:02 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Optimizer Pro
[2012/11/21 19:59:54 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Optimizer Pro
[2012/11/21 19:54:43 | 000,000,000 | ---D | C] -- C:\eb958037f26a16806998df99
[2012/11/19 15:54:45 | 000,000,000 | ---D | C] -- C:\windows\Minidump
[2012/11/17 11:15:01 | 000,000,000 | ---D | C] -- C:\windows\Sun
[2012/11/15 06:06:24 | 000,000,000 | -HSD | C] -- C:\Config.Msi
[1 C:\Users\Jessie\Desktop\*.tmp files -> C:\Users\Jessie\Desktop\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2012/11/23 13:02:54 | 000,024,608 | -H-- | M] () -- C:\windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2012/11/23 13:02:54 | 000,024,608 | -H-- | M] () -- C:\windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2012/11/23 12:55:18 | 000,000,908 | ---- | M] () -- C:\windows\tasks\GoogleUpdateTaskMachineCore.job
[2012/11/23 12:55:00 | 000,067,584 | --S- | M] () -- C:\windows\bootstat.dat
[2012/11/23 12:54:50 | 2899,468,288 | -HS- | M] () -- C:\hiberfil.sys
[2012/11/23 12:44:29 | 000,543,531 | ---- | M] () -- C:\Users\Jessie\Desktop\adwcleaner.exe
[2012/11/23 12:23:00 | 000,000,912 | ---- | M] () -- C:\windows\tasks\GoogleUpdateTaskMachineUA.job
[2012/11/22 20:16:09 | 002,213,976 | ---- | M] (Kaspersky Lab ZAO) -- C:\Users\Jessie\Desktop\tdsskiller.exe
[2012/11/22 20:08:37 | 000,750,080 | ---- | M] () -- C:\Users\Jessie\Desktop\RogueKiller.exe
[2012/11/22 19:50:47 | 000,726,316 | ---- | M] () -- C:\windows\SysNative\PerfStringBackup.INI
[2012/11/22 19:50:47 | 000,624,178 | ---- | M] () -- C:\windows\SysNative\perfh009.dat
[2012/11/22 19:50:47 | 000,106,522 | ---- | M] () -- C:\windows\SysNative\perfc009.dat
[2012/11/22 19:23:02 | 327,035,946 | ---- | M] () -- C:\windows\MEMORY.DMP
[2012/11/22 10:34:33 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Jessie\Desktop\OTL.exe
[2012/11/21 20:05:40 | 000,001,124 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware (2).lnk
[2012/11/21 20:00:34 | 000,001,124 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
[2012/11/21 20:00:01 | 000,001,077 | ---- | M] () -- C:\Users\Jessie\Desktop\Optimizer Pro.lnk
[2012/11/21 19:59:50 | 000,290,500 | ---- | M] () -- C:\Users\Jessie\AppData\Local\funmoods-speeddial_sf.crx
[2012/11/19 16:10:34 | 010,973,467 | ---- | M] () -- C:\Users\Jessie\Desktop\greencourt place.zip
[2012/11/15 06:56:51 | 000,342,664 | ---- | M] () -- C:\windows\SysNative\FNTCACHE.DAT
[1 C:\Users\Jessie\Desktop\*.tmp files -> C:\Users\Jessie\Desktop\*.tmp -> ]

========== Files Created - No Company Name ==========

[2012/11/23 12:44:29 | 000,543,531 | ---- | C] () -- C:\Users\Jessie\Desktop\adwcleaner.exe
[2012/11/22 20:08:13 | 000,750,080 | ---- | C] () -- C:\Users\Jessie\Desktop\RogueKiller.exe
[2012/11/21 20:05:40 | 000,001,124 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware (2).lnk
[2012/11/21 20:00:34 | 000,001,124 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
[2012/11/21 20:00:20 | 000,290,500 | ---- | C] () -- C:\Users\Jessie\AppData\Local\funmoods-speeddial_sf.crx
[2012/11/21 20:00:01 | 000,001,077 | ---- | C] () -- C:\Users\Jessie\Desktop\Optimizer Pro.lnk
[2012/11/19 16:10:26 | 010,973,467 | ---- | C] () -- C:\Users\Jessie\Desktop\greencourt place.zip
[2012/11/19 15:54:39 | 327,035,946 | ---- | C] () -- C:\windows\MEMORY.DMP
[2012/11/15 06:16:34 | 000,000,003 | ---- | C] () -- C:\windows\SysNative\drivers\MsftWdf_Kernel_01011_Inbox_Critical.Wdf
[2012/11/15 06:00:54 | 000,000,003 | ---- | C] () -- C:\windows\SysNative\drivers\MsftWdf_User_01_11_00_Inbox_Critical.Wdf
[2012/09/24 18:44:46 | 002,480,232 | ---- | C] () -- C:\windows\SysWow64\ISPPopUpDlg.exe
[2012/08/04 11:27:55 | 000,000,478 | ---- | C] () -- C:\windows\SysWow64\ic32.ini
[2012/08/04 09:18:30 | 000,540,672 | ---- | C] () -- C:\windows\SysWow64\Tx32.dll
[2012/07/26 12:05:40 | 000,495,616 | ---- | C] () -- C:\windows\SysWow64\KvpUpCom.dll
[2012/04/07 15:30:19 | 000,743,534 | ---- | C] () -- C:\windows\SysWow64\PerfStringBackup.INI
[2012/01/19 03:42:09 | 000,451,072 | ---- | C] () -- C:\windows\SysWow64\ISSRemoveSP.exe
[2012/01/19 03:33:35 | 000,000,000 | ---- | C] () -- C:\windows\ativpsrm.bin
[2012/01/19 03:30:19 | 000,003,929 | ---- | C] () -- C:\windows\SysWow64\atipblag.dat
[2011/03/24 22:48:04 | 000,066,856 | ---- | C] () -- C:\windows\SysWow64\SynTPEnhPS.dll

========== ZeroAccess Check ==========

[2009/07/13 23:55:00 | 000,000,227 | RHS- | M] () -- C:\windows\assembly\Desktop.ini

[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64

[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64

[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\Windows\SysNative\shell32.dll -- [2012/06/09 00:43:10 | 014,172,672 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2012/06/08 23:41:00 | 012,873,728 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009/07/13 20:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2010/11/20 22:24:25 | 000,606,208 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2009/07/13 20:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]

========== LOP Check ==========

[2012/04/08 21:24:49 | 000,000,000 | ---D | M] -- C:\Users\Jessie\AppData\Roaming\KidZui
[2012/08/04 11:27:46 | 000,000,000 | ---D | M] -- C:\Users\Jessie\AppData\Roaming\M-HTOEFL
[2012/11/21 20:00:14 | 000,000,000 | ---D | M] -- C:\Users\Jessie\AppData\Roaming\Optimizer Pro
[2012/03/09 18:27:09 | 000,000,000 | ---D | M] -- C:\Users\Jessie\AppData\Roaming\WB Games
[2012/03/09 19:05:58 | 000,000,000 | ---D | M] -- C:\Users\Jessie\AppData\Roaming\WinBatch

========== Purity Check ==========

========== Files - Unicode (All) ==========
[2012/11/12 07:20:49 | 000,000,580 | ---- | M] ()(C:\Users\Jessie\Desktop\????.lnk) -- C:\Users\Jessie\Desktop\겨울캠프.lnk
[2012/10/15 20:11:59 | 000,000,000 | ---D | M](C:\Users\Jessie\Desktop\????11) -- C:\Users\Jessie\Desktop\여름캠프11
[2012/10/15 16:20:56 | 000,017,368 | ---- | M] ()(C:\Users\Jessie\Desktop\?????? ?? ? ??.docx) -- C:\Users\Jessie\Desktop\미국학생비자 서류 및 절차.docx
[2012/10/15 16:20:55 | 000,017,368 | ---- | C] ()(C:\Users\Jessie\Desktop\?????? ?? ? ??.docx) -- C:\Users\Jessie\Desktop\미국학생비자 서류 및 절차.docx
[2012/10/13 07:57:47 | 000,000,580 | ---- | C] ()(C:\Users\Jessie\Desktop\????.lnk) -- C:\Users\Jessie\Desktop\겨울캠프.lnk
[2012/10/13 07:56:27 | 000,065,536 | ---- | C] ()(C:\Users\Jessie\Desktop\2010? ???.xls) -- C:\Users\Jessie\Desktop\2010년 주소록.xls
[2012/10/13 07:56:09 | 000,000,000 | ---D | C](C:\Users\Jessie\Desktop\????11) -- C:\Users\Jessie\Desktop\여름캠프11
[2012/05/05 13:25:38 | 000,019,358 | ---- | M] ()(C:\Users\Jessie\Desktop\????5~.docx) -- C:\Users\Jessie\Desktop\미대순위5~.docx
[2012/05/05 13:25:38 | 000,019,358 | ---- | C] ()(C:\Users\Jessie\Desktop\????5~.docx) -- C:\Users\Jessie\Desktop\미대순위5~.docx
[2012/05/05 13:21:58 | 000,016,438 | ---- | M] ()(C:\Users\Jessie\Desktop\2011 ??????.docx) -- C:\Users\Jessie\Desktop\2011 미국대학평가.docx
[2012/05/05 13:21:57 | 000,016,438 | ---- | C] ()(C:\Users\Jessie\Desktop\2011 ??????.docx) -- C:\Users\Jessie\Desktop\2011 미국대학평가.docx
[2011/05/17 19:28:26 | 000,065,536 | ---- | M] ()(C:\Users\Jessie\Desktop\2010? ???.xls) -- C:\Users\Jessie\Desktop\2010년 주소록.xls

< End of report >

#9
Jasmyne

Posted 23 November 2012 - 12:45 PM

Trusted Helper

Malware Removal
2,010 posts

You're doing good, almost finished. We need to run TDSSKiller one more time and then a few scans to make sure everything is gone!

Step 1 Run TDSSKiller with the same parameters as before.
When this element appears select delete :

\Device\Harddisk0\DR0 ( TDSS File System )

Step 2 Open Malware Bytes

Check to see if there are any updates.
If an update is found, it will download and install the latest version.
Once the program has loaded, select "Perform Quick Scan", then click Scan.
The scan may take some time to finish,so please be patient.
When the scan is complete, click OK, then Show Results to view the results.
Make sure that everything is checked, and click Remove Selected.
When disinfection is completed, a log will open in Notepad and you may be prompted to Restart.(See Extra Note)
The log is automatically saved by MBAM and can be viewed by clicking the Logs tab in MBAM.
Copy&Paste the entire report in your next reply.

Extra Note:

If MBAM encounters a file that is difficult to remove,you will be presented with 1 of 2 prompts,click OK to either and let MBAM proceed with the disinfection process. If asked to restart the computer, please do so immediately.

Step 3 Run ESET online scan.

Note: You can use either Internet Explorer or Mozilla FireFox for this scan. You will however need to disable your current installed Anti-Virus, how to do so can be read here

You will need to to right-click on the either the IE or FF icon in the Start Menu or Quick Launch Bar on the Taskbar and select Run as Administrator from the context menu.
Please go here then click on:

Note: If using Mozilla Firefox you will need to download esetsmartinstaller_enu.exe when prompted then double click on it to install.
All of the below instructions are compatible with either Internet Explorer or Mozilla FireFox.
Select the option YES, I accept the Terms of Use then click on:
When prompted allow the Add-On/Active X to install.
Make sure that the option Scan archives is checked.
Make sure that the option Remove found threats is NOT checked.
Now click on Advanced Settings and select the following:
- Scan for potentially unwanted applications
- Scan for potentially unsafe applications
- Enable Anti-Stealth Technology
Now click on:
The virus signature database... will begin to download. Be patient this make take some time depending on the speed of your Internet Connection.
When completed the Online Scan will begin automatically. The scan may take several hours.
Do not touch either the Mouse or keyboard during the scan otherwise it may stall.
When completed select Uninstall application on close if you so wish, make sure you copy the logfile first!
Now click on:
Use notepad to open the logfile located at C:\Program Files (x86)/ESET/ESET Online Scanner\log.txt.
Copy and paste that log as a reply to this topic.

Note: Do not forget to re-enable your Anti-Virus application after running the above scan

~~~~~~~~~~~~~~~~~~~~ Things Needed for Your Next Post ~~~~~~~~~~~~~~~~~~~~
1. New TDSSKiller Log
2. Malware Bytes Scan Results
3. Eset Scan Results

#10
jkabat

Posted 23 November 2012 - 04:47 PM

Member

Topic Starter
Member
98 posts

Hi, again, thanks for your time and attention.

Ran TDSKiller but /Device/Harddisk0/DR0 (TDSS File System) element didn't appear...so I didn't select delete.
Malwarebytes ran without incident
ESET ran and found 12 items...didn't see any options to do anything with regard to those.

Logs attached:

15:16:05.0849 2876 TDSS rootkit removing tool 2.8.15.0 Oct 31 2012 21:47:35
15:16:07.0752 2876 ============================================================
15:16:07.0752 2876 Current date / time: 2012/11/23 15:16:07.0752
15:16:07.0752 2876 SystemInfo:
15:16:07.0752 2876
15:16:07.0752 2876 OS Version: 6.1.7601 ServicePack: 1.0
15:16:07.0752 2876 Product type: Workstation
15:16:07.0752 2876 ComputerName: JESSIE-PC
15:16:07.0752 2876 UserName: Jessie
15:16:07.0752 2876 Windows directory: C:\windows
15:16:07.0752 2876 System windows directory: C:\windows
15:16:07.0752 2876 Running under WOW64
15:16:07.0752 2876 Processor architecture: Intel x64
15:16:07.0752 2876 Number of processors: 2
15:16:07.0752 2876 Page size: 0x1000
15:16:07.0752 2876 Boot type: Normal boot
15:16:07.0752 2876 ============================================================
15:16:22.0977 2876 BG loaded
15:16:23.0976 2876 Drive \Device\Harddisk0\DR0 - Size: 0x4A85D56000 (298.09 Gb), SectorSize: 0x200, Cylinders: 0x9801, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
15:16:24.0022 2876 ============================================================
15:16:24.0022 2876 \Device\Harddisk0\DR0:
15:16:24.0054 2876 MBR partitions:
15:16:24.0054 2876 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x2EE800, BlocksNum 0x234C4000
15:16:24.0054 2876 ============================================================
15:16:24.0568 2876 C: <-> \Device\Harddisk0\DR0\Partition1
15:16:24.0709 2876 ============================================================
15:16:24.0709 2876 Initialize success
15:16:24.0709 2876 ============================================================
15:16:35.0644 2512 ============================================================
15:16:35.0644 2512 Scan started
15:16:35.0644 2512 Mode: Manual; SigCheck; TDLFS;
15:16:35.0644 2512 ============================================================
15:16:38.0140 2512 ================ Scan system memory ========================
15:16:38.0140 2512 System memory - ok
15:16:38.0156 2512 ================ Scan services =============================
15:16:38.0406 2512 [ A87D604AEA360176311474C87A63BB88 ] 1394ohci C:\windows\system32\drivers\1394ohci.sys
15:16:38.0608 2512 1394ohci - ok
15:16:38.0718 2512 [ D81D9E70B8A6DD14D42D7B4EFA65D5F2 ] ACPI C:\windows\system32\drivers\ACPI.sys
15:16:38.0811 2512 ACPI - ok
15:16:38.0842 2512 [ 99F8E788246D495CE3794D7E7821D2CA ] AcpiPmi C:\windows\system32\drivers\acpipmi.sys
15:16:39.0045 2512 AcpiPmi - ok
15:16:39.0092 2512 [ 2F6B34B83843F0C5118B63AC634F5BF4 ] adp94xx C:\windows\system32\drivers\adp94xx.sys
15:16:39.0154 2512 adp94xx - ok
15:16:39.0201 2512 [ 597F78224EE9224EA1A13D6350CED962 ] adpahci C:\windows\system32\drivers\adpahci.sys
15:16:39.0264 2512 adpahci - ok
15:16:39.0295 2512 [ E109549C90F62FB570B9540C4B148E54 ] adpu320 C:\windows\system32\drivers\adpu320.sys
15:16:39.0326 2512 adpu320 - ok
15:16:39.0404 2512 [ 4B78B431F225FD8624C5655CB1DE7B61 ] AeLookupSvc C:\windows\System32\aelupsvc.dll
15:16:39.0934 2512 AeLookupSvc - ok
15:16:39.0981 2512 [ 1C7857B62DE5994A75B054A9FD4C3825 ] AFD C:\windows\system32\drivers\afd.sys
15:16:40.0075 2512 AFD - ok
15:16:40.0137 2512 [ 608C14DBA7299D8CB6ED035A68A15799 ] agp440 C:\windows\system32\drivers\agp440.sys
15:16:40.0168 2512 agp440 - ok
15:16:40.0200 2512 [ 3290D6946B5E30E70414990574883DDB ] ALG C:\windows\System32\alg.exe
15:16:40.0278 2512 ALG - ok
15:16:40.0309 2512 [ 5812713A477A3AD7363C7438CA2EE038 ] aliide C:\windows\system32\drivers\aliide.sys
15:16:40.0340 2512 aliide - ok
15:16:40.0371 2512 [ 2F2E91FD092811353C3BC968BEC274D8 ] AMD External Events Utility C:\windows\system32\atiesrxx.exe
15:16:41.0526 2512 AMD External Events Utility - ok
15:16:41.0604 2512 [ 1FF8B4431C353CE385C875F194924C0C ] amdide C:\windows\system32\drivers\amdide.sys
15:16:41.0650 2512 amdide - ok
15:16:41.0697 2512 [ 7024F087CFF1833A806193EF9D22CDA9 ] AmdK8 C:\windows\system32\drivers\amdk8.sys
15:16:41.0822 2512 AmdK8 - ok
15:16:42.0976 2512 [ 194D76D2083318A2E7071A988E02ECF4 ] amdkmdag C:\windows\system32\DRIVERS\atikmdag.sys
15:16:43.0257 2512 amdkmdag - ok
15:16:43.0351 2512 [ 1EEFFCE9A3A65A56A28793EAA3F57026 ] amdkmdap C:\windows\system32\DRIVERS\atikmpag.sys
15:16:43.0413 2512 amdkmdap - ok
15:16:43.0460 2512 [ 1E56388B3FE0D031C44144EB8C4D6217 ] AmdPPM C:\windows\system32\DRIVERS\amdppm.sys
15:16:43.0507 2512 AmdPPM - ok
15:16:43.0616 2512 [ D4121AE6D0C0E7E13AA221AA57EF2D49 ] amdsata C:\windows\system32\drivers\amdsata.sys
15:16:43.0678 2512 amdsata - ok
15:16:43.0741 2512 [ F67F933E79241ED32FF46A4F29B5120B ] amdsbs C:\windows\system32\drivers\amdsbs.sys
15:16:43.0803 2512 amdsbs - ok
15:16:43.0819 2512 [ 540DAF1CEA6094886D72126FD7C33048 ] amdxata C:\windows\system32\drivers\amdxata.sys
15:16:43.0866 2512 amdxata - ok
15:16:43.0897 2512 [ 89A69C3F2F319B43379399547526D952 ] AppID C:\windows\system32\drivers\appid.sys
15:16:44.0443 2512 AppID - ok
15:16:44.0474 2512 [ 0BC381A15355A3982216F7172F545DE1 ] AppIDSvc C:\windows\System32\appidsvc.dll
15:16:44.0568 2512 AppIDSvc - ok
15:16:44.0599 2512 [ 3977D4A871CA0D4F2ED1E7DB46829731 ] Appinfo C:\windows\System32\appinfo.dll
15:16:44.0739 2512 Appinfo - ok
15:16:44.0755 2512 [ C484F8CEB1717C540242531DB7845C4E ] arc C:\windows\system32\drivers\arc.sys
15:16:44.0786 2512 arc - ok
15:16:44.0848 2512 [ 019AF6924AEFE7839F61C830227FE79C ] arcsas C:\windows\system32\drivers\arcsas.sys
15:16:44.0922 2512 arcsas - ok
15:16:44.0942 2512 [ 769765CE2CC62867468CEA93969B2242 ] AsyncMac C:\windows\system32\DRIVERS\asyncmac.sys
15:16:45.0150 2512 AsyncMac - ok
15:16:45.0175 2512 [ 02062C0B390B7729EDC9E69C680A6F3C ] atapi C:\windows\system32\drivers\atapi.sys
15:16:45.0207 2512 atapi - ok
15:16:45.0297 2512 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioEndpointBuilder C:\windows\System32\Audiosrv.dll
15:16:45.0402 2512 AudioEndpointBuilder - ok
15:16:45.0431 2512 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioSrv C:\windows\System32\Audiosrv.dll
15:16:45.0606 2512 AudioSrv - ok
15:16:45.0673 2512 [ A6BF31A71B409DFA8CAC83159E1E2AFF ] AxInstSV C:\windows\System32\AxInstSV.dll
15:16:46.0019 2512 AxInstSV - ok
15:16:46.0074 2512 [ 3E5B191307609F7514148C6832BB0842 ] b06bdrv C:\windows\system32\drivers\bxvbda.sys
15:16:46.0218 2512 b06bdrv - ok
15:16:46.0280 2512 [ B5ACE6968304A3900EEB1EBFD9622DF2 ] b57nd60a C:\windows\system32\DRIVERS\b57nd60a.sys
15:16:46.0353 2512 b57nd60a - ok
15:16:46.0395 2512 [ FDE360167101B4E45A96F939F388AEB0 ] BDESVC C:\windows\System32\bdesvc.dll
15:16:46.0462 2512 BDESVC - ok
15:16:46.0494 2512 [ 16A47CE2DECC9B099349A5F840654746 ] Beep C:\windows\system32\drivers\Beep.sys
15:16:46.0622 2512 Beep - ok
15:16:46.0731 2512 [ 82974D6A2FD19445CC5171FC378668A4 ] BFE C:\windows\System32\bfe.dll
15:16:46.0845 2512 BFE - ok
15:16:46.0969 2512 [ 1EA7969E3271CBC59E1730697DC74682 ] BITS C:\windows\System32\qmgr.dll
15:16:47.0116 2512 BITS - ok
15:16:47.0140 2512 [ 61583EE3C3A17003C4ACD0475646B4D3 ] blbdrive C:\windows\system32\DRIVERS\blbdrive.sys
15:16:47.0190 2512 blbdrive - ok
15:16:47.0233 2512 [ 6C02A83164F5CC0A262F4199F0871CF5 ] bowser C:\windows\system32\DRIVERS\bowser.sys
15:16:47.0293 2512 bowser - ok
15:16:47.0337 2512 [ F09EEE9EDC320B5E1501F749FDE686C8 ] BrFiltLo C:\windows\system32\drivers\BrFiltLo.sys
15:16:47.0406 2512 BrFiltLo - ok
15:16:47.0416 2512 [ B114D3098E9BDB8BEA8B053685831BE6 ] BrFiltUp C:\windows\system32\drivers\BrFiltUp.sys
15:16:47.0459 2512 BrFiltUp - ok
15:16:47.0507 2512 [ 05F5A0D14A2EE1D8255C2AA0E9E8E694 ] Browser C:\windows\System32\browser.dll
15:16:47.0566 2512 Browser - ok
15:16:47.0647 2512 [ 43BEA8D483BF1870F018E2D02E06A5BD ] Brserid C:\windows\System32\Drivers\Brserid.sys
15:16:47.0723 2512 Brserid - ok
15:16:47.0750 2512 [ A6ECA2151B08A09CACECA35C07F05B42 ] BrSerWdm C:\windows\System32\Drivers\BrSerWdm.sys
15:16:47.0810 2512 BrSerWdm - ok
15:16:47.0821 2512 [ B79968002C277E869CF38BD22CD61524 ] BrUsbMdm C:\windows\System32\Drivers\BrUsbMdm.sys
15:16:47.0869 2512 BrUsbMdm - ok
15:16:47.0897 2512 [ A87528880231C54E75EA7A44943B38BF ] BrUsbSer C:\windows\System32\Drivers\BrUsbSer.sys
15:16:47.0941 2512 BrUsbSer - ok
15:16:47.0960 2512 [ 9DA669F11D1F894AB4EB69BF546A42E8 ] BTHMODEM C:\windows\system32\drivers\bthmodem.sys
15:16:48.0013 2512 BTHMODEM - ok
15:16:48.0052 2512 [ 95F9C2976059462CBBF227F7AAB10DE9 ] bthserv C:\windows\system32\bthserv.dll
15:16:48.0158 2512 bthserv - ok
15:16:48.0184 2512 [ B8BD2BB284668C84865658C77574381A ] cdfs C:\windows\system32\DRIVERS\cdfs.sys
15:16:48.0294 2512 cdfs - ok
15:16:48.0344 2512 [ F036CE71586E93D94DAB220D7BDF4416 ] cdrom C:\windows\system32\DRIVERS\cdrom.sys
15:16:48.0390 2512 cdrom - ok
15:16:48.0432 2512 [ F17D1D393BBC69C5322FBFAFACA28C7F ] CertPropSvc C:\windows\System32\certprop.dll
15:16:48.0552 2512 CertPropSvc - ok
15:16:48.0602 2512 [ D7CD5C4E1B71FA62050515314CFB52CF ] circlass C:\windows\system32\drivers\circlass.sys
15:16:48.0670 2512 circlass - ok
15:16:48.0704 2512 [ FE1EC06F2253F691FE36217C592A0206 ] CLFS C:\windows\system32\CLFS.sys
15:16:48.0747 2512 CLFS - ok
15:16:48.0812 2512 [ D88040F816FDA31C3B466F0FA0918F29 ] clr_optimization_v2.0.50727_32 C:\windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
15:16:48.0844 2512 clr_optimization_v2.0.50727_32 - ok
15:16:48.0906 2512 [ D1CEEA2B47CB998321C579651CE3E4F8 ] clr_optimization_v2.0.50727_64 C:\windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
15:16:48.0936 2512 clr_optimization_v2.0.50727_64 - ok
15:16:48.0997 2512 [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
15:16:49.0062 2512 clr_optimization_v4.0.30319_32 - ok
15:16:49.0105 2512 [ C6F9AF94DCD58122A4D7E89DB6BED29D ] clr_optimization_v4.0.30319_64 C:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
15:16:49.0136 2512 clr_optimization_v4.0.30319_64 - ok
15:16:49.0156 2512 [ 0840155D0BDDF1190F84A663C284BD33 ] CmBatt C:\windows\system32\DRIVERS\CmBatt.sys
15:16:49.0195 2512 CmBatt - ok
15:16:49.0214 2512 [ E19D3F095812725D88F9001985B94EDD ] cmdide C:\windows\system32\drivers\cmdide.sys
15:16:49.0244 2512 cmdide - ok
15:16:49.0289 2512 [ 9AC4F97C2D3E93367E2148EA940CD2CD ] CNG C:\windows\system32\Drivers\cng.sys
15:16:49.0359 2512 CNG - ok
15:16:49.0386 2512 [ 102DE219C3F61415F964C88E9085AD14 ] Compbatt C:\windows\system32\drivers\compbatt.sys
15:16:49.0440 2512 Compbatt - ok
15:16:49.0465 2512 [ 03EDB043586CCEBA243D689BDDA370A8 ] CompositeBus C:\windows\system32\DRIVERS\CompositeBus.sys
15:16:49.0550 2512 CompositeBus - ok
15:16:49.0561 2512 COMSysApp - ok
15:16:49.0605 2512 [ 1C827878A998C18847245FE1F34EE597 ] crcdisk C:\windows\system32\drivers\crcdisk.sys
15:16:49.0642 2512 crcdisk - ok
15:16:49.0687 2512 [ 9C01375BE382E834CC26D1B7EAF2C4FE ] CryptSvc C:\windows\system32\cryptsvc.dll
15:16:49.0763 2512 CryptSvc - ok
15:16:49.0811 2512 [ 5C627D1B1138676C0A7AB2C2C190D123 ] DcomLaunch C:\windows\system32\rpcss.dll
15:16:49.0926 2512 DcomLaunch - ok
15:16:49.0971 2512 [ 3CEC7631A84943677AA8FA8EE5B6B43D ] defragsvc C:\windows\System32\defragsvc.dll
15:16:50.0086 2512 defragsvc - ok
15:16:50.0122 2512 [ 9BB2EF44EAA163B29C4A4587887A0FE4 ] DfsC C:\windows\system32\Drivers\dfsc.sys
15:16:50.0227 2512 DfsC - ok
15:16:50.0270 2512 [ 43D808F5D9E1A18E5EEB5EBC83969E4E ] Dhcp C:\windows\system32\dhcpcore.dll
15:16:50.0346 2512 Dhcp - ok
15:16:50.0373 2512 [ 13096B05847EC78F0977F2C0F79E9AB3 ] discache C:\windows\system32\drivers\discache.sys
15:16:50.0479 2512 discache - ok
15:16:50.0507 2512 [ 9819EEE8B5EA3784EC4AF3B137A5244C ] Disk C:\windows\system32\drivers\disk.sys
15:16:50.0536 2512 Disk - ok
15:16:50.0577 2512 [ 16835866AAA693C7D7FCEBA8FFF706E4 ] Dnscache C:\windows\System32\dnsrslvr.dll
15:16:50.0684 2512 Dnscache - ok
15:16:50.0708 2512 [ B1FB3DDCA0FDF408750D5843591AFBC6 ] dot3svc C:\windows\System32\dot3svc.dll
15:16:50.0831 2512 dot3svc - ok
15:16:50.0863 2512 [ B26F4F737E8F9DF4F31AF6CF31D05820 ] DPS C:\windows\system32\dps.dll
15:16:50.0975 2512 DPS - ok
15:16:51.0014 2512 [ 9B19F34400D24DF84C858A421C205754 ] drmkaud C:\windows\system32\drivers\drmkaud.sys
15:16:51.0064 2512 drmkaud - ok
15:16:51.0109 2512 [ 85DBF6EC7BDFA6187F4A1EC8F3145CD0 ] DXGKrnl C:\windows\System32\drivers\dxgkrnl.sys
15:16:51.0172 2512 DXGKrnl - ok
15:16:51.0205 2512 [ E2DDA8726DA9CB5B2C4000C9018A9633 ] EapHost C:\windows\System32\eapsvc.dll
15:16:51.0338 2512 EapHost - ok
15:16:51.0625 2512 [ DC5D737F51BE844D8C82C695EB17372F ] ebdrv C:\windows\system32\drivers\evbda.sys
15:16:51.0844 2512 ebdrv - ok
15:16:51.0877 2512 [ C118A82CD78818C29AB228366EBF81C3 ] EFS C:\windows\System32\lsass.exe
15:16:52.0012 2512 EFS - ok
15:16:52.0071 2512 [ C4002B6B41975F057D98C439030CEA07 ] ehRecvr C:\windows\ehome\ehRecvr.exe
15:16:52.0156 2512 ehRecvr - ok
15:16:52.0191 2512 [ 4705E8EF9934482C5BB488CE28AFC681 ] ehSched C:\windows\ehome\ehsched.exe
15:16:52.0229 2512 ehSched - ok
15:16:52.0280 2512 [ 0E5DA5369A0FCAEA12456DD852545184 ] elxstor C:\windows\system32\drivers\elxstor.sys
15:16:52.0331 2512 elxstor - ok
15:16:52.0357 2512 [ 34A3C54752046E79A126E15C51DB409B ] ErrDev C:\windows\system32\drivers\errdev.sys
15:16:52.0395 2512 ErrDev - ok
15:16:52.0460 2512 [ 4166F82BE4D24938977DD1746BE9B8A0 ] EventSystem C:\windows\system32\es.dll
15:16:52.0621 2512 EventSystem - ok
15:16:52.0653 2512 [ A510C654EC00C1E9BDD91EEB3A59823B ] exfat C:\windows\system32\drivers\exfat.sys
15:16:52.0750 2512 exfat - ok
15:16:52.0771 2512 [ 0ADC83218B66A6DB380C330836F3E36D ] fastfat C:\windows\system32\drivers\fastfat.sys
15:16:52.0885 2512 fastfat - ok
15:16:52.0982 2512 [ DBEFD454F8318A0EF691FDD2EAAB44EB ] Fax C:\windows\system32\fxssvc.exe
15:16:53.0082 2512 Fax - ok
15:16:53.0134 2512 [ D765D19CD8EF61F650C384F62FAC00AB ] fdc C:\windows\system32\drivers\fdc.sys
15:16:53.0211 2512 fdc - ok
15:16:53.0242 2512 [ 0438CAB2E03F4FB61455A7956026FE86 ] fdPHost C:\windows\system32\fdPHost.dll
15:16:53.0368 2512 fdPHost - ok
15:16:53.0397 2512 [ 802496CB59A30349F9A6DD22D6947644 ] FDResPub C:\windows\system32\fdrespub.dll
15:16:53.0566 2512 FDResPub - ok
15:16:53.0586 2512 [ 655661BE46B5F5F3FD454E2C3095B930 ] FileInfo C:\windows\system32\drivers\fileinfo.sys
15:16:53.0714 2512 FileInfo - ok
15:16:53.0759 2512 [ 5F671AB5BC87EEA04EC38A6CD5962A47 ] Filetrace C:\windows\system32\drivers\filetrace.sys
15:16:54.0010 2512 Filetrace - ok
15:16:54.0052 2512 [ C172A0F53008EAEB8EA33FE10E177AF5 ] flpydisk C:\windows\system32\drivers\flpydisk.sys
15:16:54.0191 2512 flpydisk - ok
15:16:54.0232 2512 [ DA6B67270FD9DB3697B20FCE94950741 ] FltMgr C:\windows\system32\drivers\fltmgr.sys
15:16:54.0295 2512 FltMgr - ok
15:16:54.0432 2512 [ 5C4CB4086FB83115B153E47ADD961A0C ] FontCache C:\windows\system32\FntCache.dll
15:16:54.0582 2512 FontCache - ok
15:16:54.0642 2512 [ A8B7F3818AB65695E3A0BB3279F6DCE6 ] FontCache3.0.0.0 C:\windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
15:16:54.0668 2512 FontCache3.0.0.0 - ok
15:16:54.0691 2512 [ D43703496149971890703B4B1B723EAC ] FsDepends C:\windows\system32\drivers\FsDepends.sys
15:16:54.0729 2512 FsDepends - ok
15:16:54.0759 2512 [ 6BD9295CC032DD3077C671FCCF579A7B ] Fs_Rec C:\windows\system32\drivers\Fs_Rec.sys
15:16:54.0789 2512 Fs_Rec - ok
15:16:54.0823 2512 [ 1F7B25B858FA27015169FE95E54108ED ] fvevol C:\windows\system32\DRIVERS\fvevol.sys
15:16:54.0870 2512 fvevol - ok
15:16:54.0904 2512 [ 60ACB128E64C35C2B4E4AAB1B0A5C293 ] FwLnk C:\windows\system32\DRIVERS\FwLnk.sys
15:16:55.0063 2512 FwLnk - ok
15:16:55.0083 2512 [ 8C778D335C9D272CFD3298AB02ABE3B6 ] gagp30kx C:\windows\system32\drivers\gagp30kx.sys
15:16:55.0113 2512 gagp30kx - ok
15:16:55.0169 2512 [ 277BBC7E1AA1EE957F573A10ECA7EF3A ] gpsvc C:\windows\System32\gpsvc.dll
15:16:55.0277 2512 gpsvc - ok
15:16:55.0367 2512 [ F02A533F517EB38333CB12A9E8963773 ] gupdate C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
15:16:55.0396 2512 gupdate - ok
15:16:55.0407 2512 [ F02A533F517EB38333CB12A9E8963773 ] gupdatem C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
15:16:55.0437 2512 gupdatem - ok
15:16:55.0481 2512 [ 5D4BC124FAAE6730AC002CDB67BF1A1C ] gusvc C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
15:16:55.0519 2512 gusvc - ok
15:16:55.0574 2512 [ F2523EF6460FC42405B12248338AB2F0 ] hcw85cir C:\windows\system32\drivers\hcw85cir.sys
15:16:55.0632 2512 hcw85cir - ok
15:16:55.0666 2512 [ 975761C778E33CD22498059B91E7373A ] HdAudAddService C:\windows\system32\drivers\HdAudio.sys
15:16:55.0727 2512 HdAudAddService - ok
15:16:55.0753 2512 [ 97BFED39B6B79EB12CDDBFEED51F56BB ] HDAudBus C:\windows\system32\DRIVERS\HDAudBus.sys
15:16:55.0814 2512 HDAudBus - ok
15:16:55.0832 2512 [ 78E86380454A7B10A5EB255DC44A355F ] HidBatt C:\windows\system32\drivers\HidBatt.sys
15:16:55.0895 2512 HidBatt - ok
15:16:55.0907 2512 [ 7FD2A313F7AFE5C4DAB14798C48DD104 ] HidBth C:\windows\system32\drivers\hidbth.sys
15:16:55.0967 2512 HidBth - ok
15:16:55.0990 2512 [ 0A77D29F311B88CFAE3B13F9C1A73825 ] HidIr C:\windows\system32\drivers\hidir.sys
15:16:56.0033 2512 HidIr - ok
15:16:56.0063 2512 [ BD9EB3958F213F96B97B1D897DEE006D ] hidserv C:\windows\system32\hidserv.dll
15:16:56.0161 2512 hidserv - ok
15:16:56.0182 2512 [ 9592090A7E2B61CD582B612B6DF70536 ] HidUsb C:\windows\system32\DRIVERS\hidusb.sys
15:16:56.0215 2512 HidUsb - ok
15:16:56.0244 2512 [ 387E72E739E15E3D37907A86D9FF98E2 ] hkmsvc C:\windows\system32\kmsvc.dll
15:16:56.0370 2512 hkmsvc - ok
15:16:56.0409 2512 [ EFDFB3DD38A4376F93E7985173813ABD ] HomeGroupListener C:\windows\system32\ListSvc.dll
15:16:56.0473 2512 HomeGroupListener - ok
15:16:56.0516 2512 [ 908ACB1F594274965A53926B10C81E89 ] HomeGroupProvider C:\windows\system32\provsvc.dll
15:16:56.0578 2512 HomeGroupProvider - ok
15:16:56.0639 2512 [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC ] HpSAMD C:\windows\system32\drivers\HpSAMD.sys
15:16:56.0669 2512 HpSAMD - ok
15:16:56.0708 2512 [ 0EA7DE1ACB728DD5A369FD742D6EEE28 ] HTTP C:\windows\system32\drivers\HTTP.sys
15:16:56.0834 2512 HTTP - ok
15:16:56.0861 2512 [ A5462BD6884960C9DC85ED49D34FF392 ] hwpolicy C:\windows\system32\drivers\hwpolicy.sys
15:16:56.0889 2512 hwpolicy - ok
15:16:56.0924 2512 [ FA55C73D4AFFA7EE23AC4BE53B4592D3 ] i8042prt C:\windows\system32\DRIVERS\i8042prt.sys
15:16:56.0960 2512 i8042prt - ok
15:16:56.0996 2512 [ AAAF44DB3BD0B9D1FB6969B23ECC8366 ] iaStorV C:\windows\system32\drivers\iaStorV.sys
15:16:57.0043 2512 iaStorV - ok
15:16:57.0123 2512 [ 5988FC40F8DB5B0739CD1E3A5D0D78BD ] idsvc C:\windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
15:16:57.0182 2512 idsvc - ok
15:16:57.0205 2512 [ 5C18831C61933628F5BB0EA2675B9D21 ] iirsp C:\windows\system32\drivers\iirsp.sys
15:16:57.0239 2512 iirsp - ok
15:16:57.0305 2512 [ FCD84C381E0140AF901E58D48882D26B ] IKEEXT C:\windows\System32\ikeext.dll
15:16:57.0427 2512 IKEEXT - ok
15:16:57.0539 2512 [ 0A30A899C6295F908729EDA7F95615A8 ] IntcAzAudAddService C:\windows\system32\drivers\RTKVHD64.sys
15:16:57.0682 2512 IntcAzAudAddService - ok
15:16:57.0794 2512 [ F00F20E70C6EC3AA366910083A0518AA ] intelide C:\windows\system32\drivers\intelide.sys
15:16:57.0825 2512 intelide - ok
15:16:57.0849 2512 [ ADA036632C664CAA754079041CF1F8C1 ] intelppm C:\windows\system32\drivers\intelppm.sys
15:16:57.0892 2512 intelppm - ok
15:16:57.0932 2512 [ 098A91C54546A3B878DAD6A7E90A455B ] IPBusEnum C:\windows\system32\ipbusenum.dll
15:16:58.0052 2512 IPBusEnum - ok
15:16:58.0077 2512 [ C9F0E1BD74365A8771590E9008D22AB6 ] IpFilterDriver C:\windows\system32\DRIVERS\ipfltdrv.sys
15:16:58.0167 2512 IpFilterDriver - ok
15:16:58.0220 2512 [ 08C2957BB30058E663720C5606885653 ] iphlpsvc C:\windows\System32\iphlpsvc.dll
15:16:58.0299 2512 iphlpsvc - ok
15:16:58.0333 2512 [ 0FC1AEA580957AA8817B8F305D18CA3A ] IPMIDRV C:\windows\system32\drivers\IPMIDrv.sys
15:16:58.0375 2512 IPMIDRV - ok
15:16:58.0387 2512 [ AF9B39A7E7B6CAA203B3862582E9F2D0 ] IPNAT C:\windows\system32\drivers\ipnat.sys
15:16:58.0495 2512 IPNAT - ok
15:16:58.0577 2512 [ 3ABF5E7213EB28966D55D58B515D5CE9 ] IRENUM C:\windows\system32\drivers\irenum.sys
15:16:58.0625 2512 IRENUM - ok
15:16:58.0636 2512 [ 2F7B28DC3E1183E5EB418DF55C204F38 ] isapnp C:\windows\system32\drivers\isapnp.sys
15:16:58.0668 2512 isapnp - ok
15:16:58.0694 2512 [ D931D7309DEB2317035B07C9F9E6B0BD ] iScsiPrt C:\windows\system32\drivers\msiscsi.sys
15:16:58.0733 2512 iScsiPrt - ok
15:16:58.0762 2512 [ BC02336F1CBA7DCC7D1213BB588A68A5 ] kbdclass C:\windows\system32\DRIVERS\kbdclass.sys
15:16:58.0791 2512 kbdclass - ok
15:16:58.0827 2512 [ 0705EFF5B42A9DB58548EEC3B26BB484 ] kbdhid C:\windows\system32\drivers\kbdhid.sys
15:16:58.0886 2512 kbdhid - ok
15:16:58.0922 2512 [ C118A82CD78818C29AB228366EBF81C3 ] KeyIso C:\windows\system32\lsass.exe
15:16:58.0954 2512 KeyIso - ok
15:16:58.0998 2512 [ 97A7070AEA4C058B6418519E869A63B4 ] KSecDD C:\windows\system32\Drivers\ksecdd.sys
15:16:59.0032 2512 KSecDD - ok
15:16:59.0056 2512 [ 26C43A7C2862447EC59DEDA188D1DA07 ] KSecPkg C:\windows\system32\Drivers\ksecpkg.sys
15:16:59.0092 2512 KSecPkg - ok
15:16:59.0119 2512 [ 6869281E78CB31A43E969F06B57347C4 ] ksthunk C:\windows\system32\drivers\ksthunk.sys
15:16:59.0225 2512 ksthunk - ok
15:16:59.0273 2512 [ 6AB66E16AA859232F64DEB66887A8C9C ] KtmRm C:\windows\system32\msdtckrm.dll
15:16:59.0390 2512 KtmRm - ok
15:16:59.0429 2512 [ D9F42719019740BAA6D1C6D536CBDAA6 ] LanmanServer C:\windows\system32\srvsvc.dll
15:16:59.0582 2512 LanmanServer - ok
15:16:59.0613 2512 [ 851A1382EED3E3A7476DB004F4EE3E1A ] LanmanWorkstation C:\windows\System32\wkssvc.dll
15:16:59.0707 2512 LanmanWorkstation - ok
15:16:59.0754 2512 [ 1538831CF8AD2979A04C423779465827 ] lltdio C:\windows\system32\DRIVERS\lltdio.sys
15:16:59.0847 2512 lltdio - ok
15:16:59.0910 2512 [ C1185803384AB3FEED115F79F109427F ] lltdsvc C:\windows\System32\lltdsvc.dll
15:17:00.0003 2512 lltdsvc - ok
15:17:00.0050 2512 [ F993A32249B66C9D622EA5592A8B76B8 ] lmhosts C:\windows\System32\lmhsvc.dll
15:17:00.0128 2512 lmhosts - ok
15:17:00.0175 2512 [ 1A93E54EB0ECE102495A51266DCDB6A6 ] LSI_FC C:\windows\system32\drivers\lsi_fc.sys
15:17:00.0206 2512 LSI_FC - ok
15:17:00.0206 2512 [ 1047184A9FDC8BDBFF857175875EE810 ] LSI_SAS C:\windows\system32\drivers\lsi_sas.sys
15:17:00.0237 2512 LSI_SAS - ok
15:17:00.0284 2512 [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93 ] LSI_SAS2 C:\windows\system32\drivers\lsi_sas2.sys
15:17:00.0300 2512 LSI_SAS2 - ok
15:17:00.0315 2512 [ 0504EACAFF0D3C8AED161C4B0D369D4A ] LSI_SCSI C:\windows\system32\drivers\lsi_scsi.sys
15:17:00.0346 2512 LSI_SCSI - ok
15:17:00.0378 2512 [ 43D0F98E1D56CCDDB0D5254CFF7B356E ] luafv C:\windows\system32\drivers\luafv.sys
15:17:00.0502 2512 luafv - ok
15:17:00.0534 2512 [ A8FE8F2783B2929B56F5370A89356CE9 ] MBAMProtector C:\windows\system32\drivers\mbam.sys
15:17:00.0565 2512 MBAMProtector - ok
15:17:00.0627 2512 [ 85B16A92B117A5A800032ECD904B86DB ] MBAMScheduler C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
15:17:00.0674 2512 MBAMScheduler - ok
15:17:00.0705 2512 [ 20E2469DB709FC675E655CEAA11BE312 ] MBAMService C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
15:17:00.0752 2512 MBAMService - ok
15:17:00.0799 2512 [ 0BE09CD858ABF9DF6ED259D57A1A1663 ] Mcx2Svc C:\windows\system32\Mcx2Svc.dll
15:17:00.0830 2512 Mcx2Svc - ok
15:17:00.0861 2512 [ A55805F747C6EDB6A9080D7C633BD0F4 ] megasas C:\windows\system32\drivers\megasas.sys
15:17:00.0908 2512 megasas - ok
15:17:00.0986 2512 [ BAF74CE0072480C3B6B7C13B2A94D6B3 ] MegaSR C:\windows\system32\drivers\MegaSR.sys
15:17:01.0017 2512 MegaSR - ok
15:17:01.0064 2512 [ E40E80D0304A73E8D269F7141D77250B ] MMCSS C:\windows\system32\mmcss.dll
15:17:01.0173 2512 MMCSS - ok
15:17:01.0204 2512 [ 800BA92F7010378B09F9ED9270F07137 ] Modem C:\windows\system32\drivers\modem.sys
15:17:01.0298 2512 Modem - ok
15:17:01.0314 2512 [ B03D591DC7DA45ECE20B3B467E6AADAA ] monitor C:\windows\system32\DRIVERS\monitor.sys
15:17:01.0376 2512 monitor - ok
15:17:01.0392 2512 [ 7D27EA49F3C1F687D357E77A470AEA99 ] mouclass C:\windows\system32\DRIVERS\mouclass.sys
15:17:01.0423 2512 mouclass - ok
15:17:01.0438 2512 [ D3BF052C40B0C4166D9FD86A4288C1E6 ] mouhid C:\windows\system32\DRIVERS\mouhid.sys
15:17:01.0485 2512 mouhid - ok
15:17:01.0532 2512 [ 32E7A3D591D671A6DF2DB515A5CBE0FA ] mountmgr C:\windows\system32\drivers\mountmgr.sys
15:17:01.0563 2512 mountmgr - ok
15:17:01.0594 2512 [ 05BF204EC0E82CC4A054DB189C8A3D84 ] MpFilter C:\windows\system32\DRIVERS\MpFilter.sys
15:17:01.0641 2512 MpFilter - ok
15:17:01.0657 2512 [ A44B420D30BD56E145D6A2BC8768EC58 ] mpio C:\windows\system32\drivers\mpio.sys
15:17:01.0688 2512 mpio - ok
15:17:01.0719 2512 [ 6C38C9E45AE0EA2FA5E551F2ED5E978F ] mpsdrv C:\windows\system32\drivers\mpsdrv.sys
15:17:01.0797 2512 mpsdrv - ok
15:17:01.0860 2512 [ 54FFC9C8898113ACE189D4AA7199D2C1 ] MpsSvc C:\windows\system32\mpssvc.dll
15:17:01.0969 2512 MpsSvc - ok
15:17:02.0000 2512 [ DC722758B8261E1ABAFD31A3C0A66380 ] MRxDAV C:\windows\system32\drivers\mrxdav.sys
15:17:02.0047 2512 MRxDAV - ok
15:17:02.0078 2512 [ A5D9106A73DC88564C825D317CAC68AC ] mrxsmb C:\windows\system32\DRIVERS\mrxsmb.sys
15:17:02.0125 2512 mrxsmb - ok
15:17:02.0172 2512 [ D711B3C1D5F42C0C2415687BE09FC163 ] mrxsmb10 C:\windows\system32\DRIVERS\mrxsmb10.sys
15:17:02.0203 2512 mrxsmb10 - ok
15:17:02.0218 2512 [ 9423E9D355C8D303E76B8CFBD8A5C30C ] mrxsmb20 C:\windows\system32\DRIVERS\mrxsmb20.sys
15:17:02.0250 2512 mrxsmb20 - ok
15:17:02.0281 2512 [ C25F0BAFA182CBCA2DD3C851C2E75796 ] msahci C:\windows\system32\drivers\msahci.sys
15:17:02.0296 2512 msahci - ok
15:17:02.0328 2512 [ DB801A638D011B9633829EB6F663C900 ] msdsm C:\windows\system32\drivers\msdsm.sys
15:17:02.0359 2512 msdsm - ok
15:17:02.0390 2512 [ DE0ECE52236CFA3ED2DBFC03F28253A8 ] MSDTC C:\windows\System32\msdtc.exe
15:17:02.0452 2512 MSDTC - ok
15:17:02.0484 2512 [ AA3FB40E17CE1388FA1BEDAB50EA8F96 ] Msfs C:\windows\system32\drivers\Msfs.sys
15:17:02.0624 2512 Msfs - ok
15:17:02.0655 2512 [ F9D215A46A8B9753F61767FA72A20326 ] mshidkmdf C:\windows\System32\drivers\mshidkmdf.sys
15:17:03.0092 2512 mshidkmdf - ok
15:17:03.0108 2512 [ D916874BBD4F8B07BFB7FA9B3CCAE29D ] msisadrv C:\windows\system32\drivers\msisadrv.sys
15:17:03.0123 2512 msisadrv - ok
15:17:03.0186 2512 [ 808E98FF49B155C522E6400953177B08 ] MSiSCSI C:\windows\system32\iscsiexe.dll
15:17:03.0373 2512 MSiSCSI - ok
15:17:03.0373 2512 msiserver - ok
15:17:03.0404 2512 [ 49CCF2C4FEA34FFAD8B1B59D49439366 ] MSKSSRV C:\windows\system32\drivers\MSKSSRV.sys
15:17:03.0529 2512 MSKSSRV - ok
15:17:03.0685 2512 [ CC8E4F72F21340A4D3A3D4DB50313EF5 ] MsMpSvc c:\Program Files\Microsoft Security Client\MsMpEng.exe
15:17:03.0732 2512 MsMpSvc - ok
15:17:03.0794 2512 [ BDD71ACE35A232104DDD349EE70E1AB3 ] MSPCLOCK C:\windows\system32\drivers\MSPCLOCK.sys
15:17:03.0950 2512 MSPCLOCK - ok
15:17:03.0966 2512 [ 4ED981241DB27C3383D72092B618A1D0 ] MSPQM C:\windows\system32\drivers\MSPQM.sys
15:17:04.0090 2512 MSPQM - ok
15:17:04.0153 2512 [ 759A9EEB0FA9ED79DA1FB7D4EF78866D ] MsRPC C:\windows\system32\drivers\MsRPC.sys
15:17:04.0215 2512 MsRPC - ok
15:17:04.0246 2512 [ 0EED230E37515A0EAEE3C2E1BC97B288 ] mssmbios C:\windows\system32\DRIVERS\mssmbios.sys
15:17:04.0278 2512 mssmbios - ok
15:17:04.0324 2512 [ 2E66F9ECB30B4221A318C92AC2250779 ] MSTEE C:\windows\system32\drivers\MSTEE.sys
15:17:04.0434 2512 MSTEE - ok
15:17:04.0465 2512 [ 7EA404308934E675BFFDE8EDF0757BCD ] MTConfig C:\windows\system32\drivers\MTConfig.sys
15:17:04.0496 2512 MTConfig - ok
15:17:04.0543 2512 [ F9A18612FD3526FE473C1BDA678D61C8 ] Mup C:\windows\system32\Drivers\mup.sys
15:17:04.0590 2512 Mup - ok
15:17:04.0683 2512 [ 582AC6D9873E31DFA28A4547270862DD ] napagent C:\windows\system32\qagentRT.dll
15:17:04.0824 2512 napagent - ok
15:17:04.0870 2512 [ 1EA3749C4114DB3E3161156FFFFA6B33 ] NativeWifiP C:\windows\system32\DRIVERS\nwifi.sys
15:17:04.0933 2512 NativeWifiP - ok
15:17:04.0995 2512 [ 760E38053BF56E501D562B70AD796B88 ] NDIS C:\windows\system32\drivers\ndis.sys
15:17:05.0058 2512 NDIS - ok
15:17:05.0089 2512 [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC ] NdisCap C:\windows\system32\DRIVERS\ndiscap.sys
15:17:05.0198 2512 NdisCap - ok
15:17:05.0229 2512 [ 30639C932D9FEF22B31268FE25A1B6E5 ] NdisTapi C:\windows\system32\DRIVERS\ndistapi.sys
15:17:05.0323 2512 NdisTapi - ok
15:17:05.0354 2512 [ 136185F9FB2CC61E573E676AA5402356 ] Ndisuio C:\windows\system32\DRIVERS\ndisuio.sys
15:17:05.0463 2512 Ndisuio - ok
15:17:05.0510 2512 [ 53F7305169863F0A2BDDC49E116C2E11 ] NdisWan C:\windows\system32\DRIVERS\ndiswan.sys
15:17:05.0619 2512 NdisWan - ok
15:17:05.0666 2512 [ 015C0D8E0E0421B4CFD48CFFE2825879 ] NDProxy C:\windows\system32\drivers\NDProxy.sys
15:17:05.0775 2512 NDProxy - ok
15:17:05.0869 2512 [ 86743D9F5D2B1048062B14B1D84501C4 ] NetBIOS C:\windows\system32\DRIVERS\netbios.sys
15:17:06.0025 2512 NetBIOS - ok
15:17:06.0103 2512 [ 09594D1089C523423B32A4229263F068 ] NetBT C:\windows\system32\DRIVERS\netbt.sys
15:17:06.0196 2512 NetBT - ok
15:17:06.0243 2512 [ C118A82CD78818C29AB228366EBF81C3 ] Netlogon C:\windows\system32\lsass.exe
15:17:06.0274 2512 Netlogon - ok
15:17:06.0446 2512 [ 847D3AE376C0817161A14A82C8922A9E ] Netman C:\windows\System32\netman.dll
15:17:06.0930 2512 Netman - ok
15:17:08.0209 2512 [ 5F28111C648F1E24F7DBC87CDEB091B8 ] netprofm C:\windows\System32\netprofm.dll
15:17:08.0334 2512 netprofm - ok
15:17:08.0396 2512 [ 3E5A36127E201DDF663176B66828FAFE ] NetTcpPortSharing C:\windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe
15:17:08.0474 2512 NetTcpPortSharing - ok
15:17:08.0552 2512 [ 77889813BE4D166CDAB78DDBA990DA92 ] nfrd960 C:\windows\system32\drivers\nfrd960.sys
15:17:08.0724 2512 nfrd960 - ok
15:17:08.0786 2512 [ 5FF89F20317309D28AC1EDEB0CD1BA72 ] NisDrv C:\windows\system32\DRIVERS\NisDrvWFP.sys
15:17:08.0848 2512 NisDrv - ok
15:17:08.0880 2512 [ 79E80B10FE8F6662E0C9162A68C43444 ] NisSrv c:\Program Files\Microsoft Security Client\NisSrv.exe
15:17:08.0942 2512 NisSrv - ok
15:17:08.0989 2512 [ 8AD77806D336673F270DB31645267293 ] NlaSvc C:\windows\System32\nlasvc.dll
15:17:09.0051 2512 NlaSvc - ok
15:17:09.0082 2512 [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7 ] Npfs C:\windows\system32\drivers\Npfs.sys
15:17:09.0238 2512 Npfs - ok
15:17:09.0254 2512 [ D54BFDF3E0C953F823B3D0BFE4732528 ] nsi C:\windows\system32\nsisvc.dll
15:17:09.0394 2512 nsi - ok
15:17:09.0410 2512 [ E7F5AE18AF4168178A642A9247C63001 ] nsiproxy C:\windows\system32\drivers\nsiproxy.sys
15:17:09.0519 2512 nsiproxy - ok
15:17:09.0784 2512 [ E453ACF4E7D44E5530B5D5F2B9CA8563 ] Ntfs C:\windows\system32\drivers\Ntfs.sys
15:17:09.0878 2512 Ntfs - ok
15:17:09.0925 2512 [ 9899284589F75FA8724FF3D16AED75C1 ] Null C:\windows\system32\drivers\Null.sys
15:17:10.0018 2512 Null - ok
15:17:10.0050 2512 [ 0A92CB65770442ED0DC44834632F66AD ] nvraid C:\windows\system32\drivers\nvraid.sys
15:17:10.0081 2512 nvraid - ok
15:17:10.0112 2512 [ DAB0E87525C10052BF65F06152F37E4A ] nvstor C:\windows\system32\drivers\nvstor.sys
15:17:10.0159 2512 nvstor - ok
15:17:10.0174 2512 [ 270D7CD42D6E3979F6DD0146650F0E05 ] nv_agp C:\windows\system32\drivers\nv_agp.sys
15:17:10.0221 2512 nv_agp - ok
15:17:10.0284 2512 [ 3589478E4B22CE21B41FA1BFC0B8B8A0 ] ohci1394 C:\windows\system32\drivers\ohci1394.sys
15:17:10.0315 2512 ohci1394 - ok
15:17:10.0377 2512 [ 9D10F99A6712E28F8ACD5641E3A7EA6B ] ose C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
15:17:10.0408 2512 ose - ok
15:17:10.0814 2512 [ 61BFFB5F57AD12F83AB64B7181829B34 ] osppsvc C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
15:17:11.0142 2512 osppsvc - ok
15:17:11.0204 2512 [ 3EAC4455472CC2C97107B5291E0DCAFE ] p2pimsvc C:\windows\system32\pnrpsvc.dll
15:17:11.0282 2512 p2pimsvc - ok
15:17:11.0329 2512 [ 927463ECB02179F88E4B9A17568C63C3 ] p2psvc C:\windows\system32\p2psvc.dll
15:17:11.0376 2512 p2psvc - ok
15:17:11.0407 2512 [ 0086431C29C35BE1DBC43F52CC273887 ] Parport C:\windows\system32\drivers\parport.sys
15:17:11.0438 2512 Parport - ok
15:17:11.0469 2512 [ E9766131EEADE40A27DC27D2D68FBA9C ] partmgr C:\windows\system32\drivers\partmgr.sys
15:17:11.0516 2512 partmgr - ok
15:17:11.0532 2512 [ 3AEAA8B561E63452C655DC0584922257 ] PcaSvc C:\windows\System32\pcasvc.dll
15:17:11.0594 2512 PcaSvc - ok
15:17:11.0625 2512 [ 94575C0571D1462A0F70BDE6BD6EE6B3 ] pci C:\windows\system32\drivers\pci.sys
15:17:11.0656 2512 pci - ok
15:17:11.0688 2512 [ B5B8B5EF2E5CB34DF8DCF8831E3534FA ] pciide C:\windows\system32\DRIVERS\pciide.sys
15:17:11.0719 2512 pciide - ok
15:17:11.0734 2512 [ B2E81D4E87CE48589F98CB8C05B01F2F ] pcmcia C:\windows\system32\drivers\pcmcia.sys
15:17:11.0766 2512 pcmcia - ok
15:17:11.0812 2512 [ D6B9C2E1A11A3A4B26A182FFEF18F603 ] pcw C:\windows\system32\drivers\pcw.sys
15:17:11.0844 2512 pcw - ok
15:17:11.0875 2512 [ 68769C3356B3BE5D1C732C97B9A80D6E ] PEAUTH C:\windows\system32\drivers\peauth.sys
15:17:11.0984 2512 PEAUTH - ok
15:17:12.0140 2512 [ E495E408C93141E8FC72DC0C6046DDFA ] PerfHost C:\windows\SysWow64\perfhost.exe
15:17:12.0187 2512 PerfHost - ok
15:17:12.0234 2512 [ 91111CEBBDE8015E822C46120ED9537C ] PGEffect C:\windows\system32\DRIVERS\pgeffect.sys
15:17:12.0265 2512 PGEffect - ok
15:17:12.0343 2512 [ C7CF6A6E137463219E1259E3F0F0DD6C ] pla C:\windows\system32\pla.dll
15:17:12.0468 2512 pla - ok
15:17:12.0530 2512 [ 25FBDEF06C4D92815B353F6E792C8129 ] PlugPlay C:\windows\system32\umpnpmgr.dll
15:17:12.0592 2512 PlugPlay - ok
15:17:12.0639 2512 [ 7195581CEC9BB7D12ABE54036ACC2E38 ] PNRPAutoReg C:\windows\system32\pnrpauto.dll
15:17:12.0702 2512 PNRPAutoReg - ok
15:17:12.0748 2512 [ 3EAC4455472CC2C97107B5291E0DCAFE ] PNRPsvc C:\windows\system32\pnrpsvc.dll
15:17:12.0780 2512 PNRPsvc - ok
15:17:12.0904 2512 [ 4F15D75ADF6156BF56ECED6D4A55C389 ] PolicyAgent C:\windows\System32\ipsecsvc.dll
15:17:13.0029 2512 PolicyAgent - ok
15:17:13.0060 2512 [ 6BA9D927DDED70BD1A9CADED45F8B184 ] Power C:\windows\system32\umpo.dll
15:17:13.0154 2512 Power - ok
15:17:13.0185 2512 [ F92A2C41117A11A00BE01CA01A7FCDE9 ] PptpMiniport C:\windows\system32\DRIVERS\raspptp.sys
15:17:13.0294 2512 PptpMiniport - ok
15:17:13.0310 2512 [ 0D922E23C041EFB1C3FAC2A6F943C9BF ] Processor C:\windows\system32\drivers\processr.sys
15:17:13.0357 2512 Processor - ok
15:17:13.0388 2512 [ 53E83F1F6CF9D62F32801CF66D8352A8 ] ProfSvc C:\windows\system32\profsvc.dll
15:17:13.0450 2512 ProfSvc - ok
15:17:13.0466 2512 [ C118A82CD78818C29AB228366EBF81C3 ] ProtectedStorage C:\windows\system32\lsass.exe
15:17:13.0497 2512 ProtectedStorage - ok
15:17:13.0528 2512 [ 0557CF5A2556BD58E26384169D72438D ] Psched C:\windows\system32\DRIVERS\pacer.sys
15:17:13.0622 2512 Psched - ok
15:17:13.0684 2512 [ A53A15A11EBFD21077463EE2C7AFEEF0 ] ql2300 C:\windows\system32\drivers\ql2300.sys
15:17:13.0762 2512 ql2300 - ok
15:17:13.0809 2512 [ 4F6D12B51DE1AAEFF7DC58C4D75423C8 ] ql40xx C:\windows\system32\drivers\ql40xx.sys
15:17:13.0840 2512 ql40xx - ok
15:17:13.0872 2512 [ 906191634E99AEA92C4816150BDA3732 ] QWAVE C:\windows\system32\qwave.dll
15:17:13.0918 2512 QWAVE - ok
15:17:13.0934 2512 [ 76707BB36430888D9CE9D705398ADB6C ] QWAVEdrv C:\windows\system32\drivers\qwavedrv.sys
15:17:13.0996 2512 QWAVEdrv - ok
15:17:14.0012 2512 [ 5A0DA8AD5762FA2D91678A8A01311704 ] RasAcd C:\windows\system32\DRIVERS\rasacd.sys
15:17:14.0106 2512 RasAcd - ok
15:17:14.0137 2512 [ 7ECFF9B22276B73F43A99A15A6094E90 ] RasAgileVpn C:\windows\system32\DRIVERS\AgileVpn.sys
15:17:14.0215 2512 RasAgileVpn - ok
15:17:14.0230 2512 [ 8F26510C5383B8DBE976DE1CD00FC8C7 ] RasAuto C:\windows\System32\rasauto.dll
15:17:14.0340 2512 RasAuto - ok
15:17:14.0355 2512 [ 471815800AE33E6F1C32FB1B97C490CA ] Rasl2tp C:\windows\system32\DRIVERS\rasl2tp.sys
15:17:14.0449 2512 Rasl2tp - ok
15:17:14.0496 2512 [ EE867A0870FC9E4972BA9EAAD35651E2 ] RasMan C:\windows\System32\rasmans.dll
15:17:14.0589 2512 RasMan - ok
15:17:14.0620 2512 [ 855C9B1CD4756C5E9A2AA58A15F58C25 ] RasPppoe C:\windows\system32\DRIVERS\raspppoe.sys
15:17:14.0714 2512 RasPppoe - ok
15:17:14.0745 2512 [ E8B1E447B008D07FF47D016C2B0EEECB ] RasSstp C:\windows\system32\DRIVERS\rassstp.sys
15:17:14.0839 2512 RasSstp - ok
15:17:14.0886 2512 [ 77F665941019A1594D887A74F301FA2F ] rdbss C:\windows\system32\DRIVERS\rdbss.sys
15:17:14.0979 2512 rdbss - ok
15:17:14.0995 2512 [ 302DA2A0539F2CF54D7C6CC30C1F2D8D ] rdpbus C:\windows\system32\drivers\rdpbus.sys
15:17:15.0057 2512 rdpbus - ok
15:17:15.0088 2512 [ CEA6CC257FC9B7715F1C2B4849286D24 ] RDPCDD C:\windows\system32\DRIVERS\RDPCDD.sys
15:17:15.0182 2512 RDPCDD - ok
15:17:15.0213 2512 [ BB5971A4F00659529A5C44831AF22365 ] RDPENCDD C:\windows\system32\drivers\rdpencdd.sys
15:17:15.0307 2512 RDPENCDD - ok
15:17:15.0322 2512 [ 216F3FA57533D98E1F74DED70113177A ] RDPREFMP C:\windows\system32\drivers\rdprefmp.sys
15:17:15.0400 2512 RDPREFMP - ok
15:17:15.0447 2512 [ E61608AA35E98999AF9AAEEEA6114B0A ] RDPWD C:\windows\system32\drivers\RDPWD.sys
15:17:15.0494 2512 RDPWD - ok
15:17:15.0541 2512 [ 34ED295FA0121C241BFEF24764FC4520 ] rdyboost C:\windows\system32\drivers\rdyboost.sys
15:17:15.0572 2512 rdyboost - ok
15:17:15.0619 2512 [ 254FB7A22D74E5511C73A3F6D802F192 ] RemoteAccess C:\windows\System32\mprdim.dll
15:17:15.0712 2512 RemoteAccess - ok
15:17:15.0744 2512 [ E4D94F24081440B5FC5AA556C7C62702 ] RemoteRegistry C:\windows\system32\regsvc.dll
15:17:15.0837 2512 RemoteRegistry - ok
15:17:15.0853 2512 [ E4DC58CF7B3EA515AE917FF0D402A7BB ] RpcEptMapper C:\windows\System32\RpcEpMap.dll
15:17:15.0962 2512 RpcEptMapper - ok
15:17:15.0993 2512 [ D5BA242D4CF8E384DB90E6A8ED850B8C ] RpcLocator C:\windows\system32\locator.exe
15:17:16.0024 2512 RpcLocator - ok
15:17:16.0071 2512 [ 5C627D1B1138676C0A7AB2C2C190D123 ] RpcSs C:\windows\system32\rpcss.dll
15:17:16.0165 2512 RpcSs - ok
15:17:16.0196 2512 [ DDC86E4F8E7456261E637E3552E804FF ] rspndr C:\windows\system32\DRIVERS\rspndr.sys
15:17:16.0290 2512 rspndr - ok
15:17:16.0336 2512 [ 36FCA0C67BCDC0DA047F5F36743B5CB9 ] RSUSBVSTOR C:\windows\system32\Drivers\RtsUVStor.sys
15:17:16.0368 2512 RSUSBVSTOR - ok
15:17:16.0414 2512 [ E50CFB92986DCAB49DE93788FD695813 ] RTL8167 C:\windows\system32\DRIVERS\Rt64win7.sys
15:17:16.0446 2512 RTL8167 - ok
15:17:16.0524 2512 [ 513338976B722822B555D739D78F9E9F ] RTL8192Ce C:\windows\system32\DRIVERS\rtl8192Ce.sys
15:17:16.0570 2512 RTL8192Ce - ok
15:17:16.0617 2512 [ C118A82CD78818C29AB228366EBF81C3 ] SamSs C:\windows\system32\lsass.exe
15:17:16.0648 2512 SamSs - ok
15:17:16.0680 2512 [ AC03AF3329579FFFB455AA2DAABBE22B ] sbp2port C:\windows\system32\drivers\sbp2port.sys
15:17:16.0711 2512 sbp2port - ok
15:17:16.0742 2512 [ 9B7395789E3791A3B6D000FE6F8B131E ] SCardSvr C:\windows\System32\SCardSvr.dll
15:17:16.0836 2512 SCardSvr - ok
15:17:16.0851 2512 [ 253F38D0D7074C02FF8DEB9836C97D2B ] scfilter C:\windows\system32\DRIVERS\scfilter.sys
15:17:16.0945 2512 scfilter - ok
15:17:16.0992 2512 [ 262F6592C3299C005FD6BEC90FC4463A ] Schedule C:\windows\system32\schedsvc.dll
15:17:17.0116 2512 Schedule - ok
15:17:17.0148 2512 [ F17D1D393BBC69C5322FBFAFACA28C7F ] SCPolicySvc C:\windows\System32\certprop.dll
15:17:17.0226 2512 SCPolicySvc - ok
15:17:17.0257 2512 [ 6EA4234DC55346E0709560FE7C2C1972 ] SDRSVC C:\windows\System32\SDRSVC.dll
15:17:17.0335 2512 SDRSVC - ok
15:17:17.0366 2512 [ 3EA8A16169C26AFBEB544E0E48421186 ] secdrv C:\windows\system32\drivers\secdrv.sys
15:17:17.0460 2512 secdrv - ok
15:17:17.0491 2512 [ BC617A4E1B4FA8DF523A061739A0BD87 ] seclogon C:\windows\system32\seclogon.dll
15:17:17.0569 2512 seclogon - ok
15:17:17.0600 2512 [ C32AB8FA018EF34C0F113BD501436D21 ] SENS C:\windows\System32\sens.dll
15:17:17.0694 2512 SENS - ok
15:17:17.0725 2512 [ 0336CFFAFAAB87A11541F1CF1594B2B2 ] SensrSvc C:\windows\system32\sensrsvc.dll
15:17:17.0787 2512 SensrSvc - ok
15:17:17.0818 2512 [ CB624C0035412AF0DEBEC78C41F5CA1B ] Serenum C:\windows\system32\drivers\serenum.sys
15:17:17.0850 2512 Serenum - ok
15:17:17.0865 2512 [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6 ] Serial C:\windows\system32\drivers\serial.sys
15:17:17.0896 2512 Serial - ok
15:17:17.0912 2512 [ 1C545A7D0691CC4A027396535691C3E3 ] sermouse C:\windows\system32\drivers\sermouse.sys
15:17:17.0943 2512 sermouse - ok
15:17:18.0006 2512 [ 0B6231BF38174A1628C4AC812CC75804 ] SessionEnv C:\windows\system32\sessenv.dll
15:17:18.0099 2512 SessionEnv - ok
15:17:18.0115 2512 [ A554811BCD09279536440C964AE35BBF ] sffdisk C:\windows\system32\drivers\sffdisk.sys
15:17:18.0146 2512 sffdisk - ok
15:17:18.0162 2512 [ FF414F0BAEFEBA59BC6C04B3DB0B87BF ] sffp_mmc C:\windows\system32\drivers\sffp_mmc.sys
15:17:18.0208 2512 sffp_mmc - ok
15:17:18.0224 2512 [ DD85B78243A19B59F0637DCF284DA63C ] sffp_sd C:\windows\system32\drivers\sffp_sd.sys
15:17:18.0255 2512 sffp_sd - ok
15:17:18.0302 2512 [ A9D601643A1647211A1EE2EC4E433FF4 ] sfloppy C:\windows\system32\drivers\sfloppy.sys
15:17:18.0333 2512 sfloppy - ok
15:17:18.0380 2512 [ B95F6501A2F8B2E78C697FEC401970CE ] SharedAccess C:\windows\System32\ipnathlp.dll
15:17:18.0474 2512 SharedAccess - ok
15:17:18.0520 2512 [ AAF932B4011D14052955D4B212A4DA8D ] ShellHWDetection C:\windows\System32\shsvcs.dll
15:17:18.0614 2512 ShellHWDetection - ok
15:17:18.0630 2512 [ 843CAF1E5FDE1FFD5FF768F23A51E2E1 ] SiSRaid2 C:\windows\system32\drivers\SiSRaid2.sys
15:17:18.0661 2512 SiSRaid2 - ok
15:17:18.0676 2512 [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4 ] SiSRaid4 C:\windows\system32\drivers\sisraid4.sys
15:17:18.0708 2512 SiSRaid4 - ok
15:17:18.0708 2512 [ 548260A7B8654E024DC30BF8A7C5BAA4 ] Smb C:\windows\system32\DRIVERS\smb.sys
15:17:18.0817 2512 Smb - ok
15:17:18.0848 2512 [ 6313F223E817CC09AA41811DAA7F541D ] SNMPTRAP C:\windows\System32\snmptrap.exe
15:17:18.0895 2512 SNMPTRAP - ok
15:17:18.0942 2512 [ B9E31E5CACDFE584F34F730A677803F9 ] spldr C:\windows\system32\drivers\spldr.sys
15:17:18.0957 2512 spldr - ok
15:17:19.0004 2512 [ 85DAA09A98C9286D4EA2BA8D0E644377 ] Spooler C:\windows\System32\spoolsv.exe
15:17:19.0051 2512 Spooler - ok
15:17:19.0160 2512 [ E17E0188BB90FAE42D83E98707EFA59C ] sppsvc C:\windows\system32\sppsvc.exe
15:17:19.0347 2512 sppsvc - ok
15:17:19.0394 2512 [ 93D7D61317F3D4BC4F4E9F8A96A7DE45 ] sppuinotify C:\windows\system32\sppuinotify.dll
15:17:19.0488 2512 sppuinotify - ok
15:17:19.0534 2512 [ 441FBA48BFF01FDB9D5969EBC1838F0B ] srv C:\windows\system32\DRIVERS\srv.sys
15:17:19.0581 2512 srv - ok
15:17:19.0597 2512 [ B4ADEBBF5E3677CCE9651E0F01F7CC28 ] srv2 C:\windows\system32\DRIVERS\srv2.sys
15:17:19.0644 2512 srv2 - ok
15:17:19.0675 2512 [ 27E461F0BE5BFF5FC737328F749538C3 ] srvnet C:\windows\system32\DRIVERS\srvnet.sys
15:17:19.0706 2512 srvnet - ok
15:17:19.0737 2512 [ 51B52FBD583CDE8AA9BA62B8B4298F33 ] SSDPSRV C:\windows\System32\ssdpsrv.dll
15:17:19.0862 2512 SSDPSRV - ok
15:17:19.0878 2512 [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB ] SstpSvc C:\windows\system32\sstpsvc.dll
15:17:19.0956 2512 SstpSvc - ok
15:17:20.0002 2512 [ F3817967ED533D08327DC73BC4D5542A ] stexstor C:\windows\system32\drivers\stexstor.sys
15:17:20.0034 2512 stexstor - ok
15:17:20.0080 2512 [ 8DD52E8E6128F4B2DA92CE27402871C1 ] stisvc C:\windows\System32\wiaservc.dll
15:17:20.0143 2512 stisvc - ok
15:17:20.0158 2512 [ D01EC09B6711A5F8E7E6564A4D0FBC90 ] swenum C:\windows\system32\DRIVERS\swenum.sys
15:17:20.0174 2512 swenum - ok
15:17:20.0221 2512 [ E08E46FDD841B7184194011CA1955A0B ] swprv C:\windows\System32\swprv.dll
15:17:20.0330 2512 swprv - ok
15:17:20.0408 2512 [ 06D602A637E171E151853F1D8ECD34F1 ] SynTP C:\windows\system32\DRIVERS\SynTP.sys
15:17:20.0470 2512 SynTP - ok
15:17:20.0548 2512 [ BF9CCC0BF39B418C8D0AE8B05CF95B7D ] SysMain C:\windows\system32\sysmain.dll
15:17:20.0642 2512 SysMain - ok
15:17:20.0673 2512 [ E3C61FD7B7C2557E1F1B0B4CEC713585 ] TabletInputService C:\windows\System32\TabSvc.dll
15:17:20.0720 2512 TabletInputService - ok
15:17:20.0767 2512 [ 40F0849F65D13EE87B9A9AE3C1DD6823 ] TapiSrv C:\windows\System32\tapisrv.dll
15:17:20.0892 2512 TapiSrv - ok
15:17:20.0907 2512 [ 1BE03AC720F4D302EA01D40F588162F6 ] TBS C:\windows\System32\tbssvc.dll
15:17:21.0001 2512 TBS - ok
15:17:21.0094 2512 [ 37608401DFDB388CAF66917F6B2D6FB0 ] Tcpip C:\windows\system32\drivers\tcpip.sys
15:17:21.0188 2512 Tcpip - ok
15:17:21.0235 2512 [ 37608401DFDB388CAF66917F6B2D6FB0 ] TCPIP6 C:\windows\system32\DRIVERS\tcpip.sys
15:17:21.0313 2512 TCPIP6 - ok
15:17:21.0344 2512 [ 1B16D0BD9841794A6E0CDE0CEF744ABC ] tcpipreg C:\windows\system32\drivers\tcpipreg.sys
15:17:21.0375 2512 tcpipreg - ok
15:17:21.0406 2512 [ FD542B661BD22FA69CA789AD0AC58C29 ] tdcmdpst C:\windows\system32\DRIVERS\tdcmdpst.sys
15:17:21.0438 2512 tdcmdpst - ok
15:17:21.0469 2512 [ 3371D21011695B16333A3934340C4E7C ] TDPIPE C:\windows\system32\drivers\tdpipe.sys
15:17:21.0516 2512 TDPIPE - ok
15:17:21.0547 2512 [ 51C5ECEB1CDEE2468A1748BE550CFBC8 ] TDTCP C:\windows\system32\drivers\tdtcp.sys
15:17:21.0594 2512 TDTCP - ok
15:17:21.0625 2512 [ DDAD5A7AB24D8B65F8D724F5C20FD806 ] tdx C:\windows\system32\DRIVERS\tdx.sys
15:17:21.0718 2512 tdx - ok
15:17:21.0734 2512 [ 561E7E1F06895D78DE991E01DD0FB6E5 ] TermDD C:\windows\system32\DRIVERS\termdd.sys
15:17:21.0765 2512 TermDD - ok
15:17:21.0812 2512 [ 2E648163254233755035B46DD7B89123 ] TermService C:\windows\System32\termsrv.dll
15:17:21.0921 2512 TermService - ok
15:17:21.0937 2512 [ F0344071948D1A1FA732231785A0664C ] Themes C:\windows\system32\themeservice.dll
15:17:21.0984 2512 Themes - ok
15:17:22.0015 2512 [ 7F35CA8296A52C7161088EB1D952E8ED ] Thpdrv C:\windows\system32\DRIVERS\thpdrv.sys
15:17:22.0046 2512 Thpdrv - ok
15:17:22.0062 2512 [ B4E609047434ED948AF7BDEF2FA66E38 ] Thpevm C:\windows\system32\DRIVERS\Thpevm.SYS
15:17:22.0093 2512 Thpevm - ok
15:17:22.0140 2512 [ 0B4734AE9EC70B843DF02E7B1C056377 ] Thpsrv C:\windows\system32\ThpSrv.exe
15:17:22.0186 2512 Thpsrv ( UnsignedFile.Multi.Generic ) - warning
15:17:22.0186 2512 Thpsrv - detected UnsignedFile.Multi.Generic (1)
15:17:22.0218 2512 [ E40E80D0304A73E8D269F7141D77250B ] THREADORDER C:\windows\system32\mmcss.dll
15:17:22.0296 2512 THREADORDER - ok
15:17:22.0374 2512 [ 71C321649B28638EE80A2EEB164C1DC8 ] TMachInfo C:\Program Files (x86)\TOSHIBA\TOSHIBA Service Station\TMachInfo.exe
15:17:22.0405 2512 TMachInfo - ok
15:17:22.0436 2512 [ 8E2C799D3476EAC32C3BA0DF7CE6AF19 ] TODDSrv C:\windows\system32\TODDSrv.exe
15:17:22.0467 2512 TODDSrv - ok
15:17:22.0545 2512 [ 1C73689B900428C7D054A41C4687F55C ] TosCoSrv C:\Program Files\TOSHIBA\Power Saver\TosCoSrv.exe
15:17:22.0592 2512 TosCoSrv - ok
15:17:22.0623 2512 [ 29D0886CF250FCEF1BF9E65AB8D2C0C8 ] TOSHIBA HDD SSD Alert Service C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSmartSrv.exe
15:17:22.0639 2512 TOSHIBA HDD SSD Alert Service - ok
15:17:22.0670 2512 [ 7E7AFD841694F6AC397E99D75CEAD49D ] TrkWks C:\windows\System32\trkwks.dll
15:17:22.0779 2512 TrkWks - ok
15:17:22.0826 2512 [ 773212B2AAA24C1E31F10246B15B276C ] TrustedInstaller C:\windows\servicing\TrustedInstaller.exe
15:17:22.0920 2512 TrustedInstaller - ok
15:17:22.0935 2512 [ CE18B2CDFC837C99E5FAE9CA6CBA5D30 ] tssecsrv C:\windows\system32\DRIVERS\tssecsrv.sys
15:17:23.0029 2512 tssecsrv - ok
15:17:23.0060 2512 [ D11C783E3EF9A3C52C0EBE83CC5000E9 ] TsUsbFlt C:\windows\system32\drivers\tsusbflt.sys
15:17:23.0091 2512 TsUsbFlt - ok
15:17:23.0122 2512 [ 9CC2CCAE8A84820EAECB886D477CBCB8 ] TsUsbGD C:\windows\system32\drivers\TsUsbGD.sys
15:17:23.0154 2512 TsUsbGD - ok
15:17:23.0185 2512 [ 3566A8DAAFA27AF944F5D705EAA64894 ] tunnel C:\windows\system32\DRIVERS\tunnel.sys
15:17:23.0278 2512 tunnel - ok
15:17:23.0325 2512 [ 550B567F9364D8F7684C3FB3EA665A72 ] TVALZ C:\windows\system32\DRIVERS\TVALZ_O.SYS
15:17:23.0341 2512 TVALZ - ok
15:17:23.0372 2512 [ B4DD609BD7E282BFC683CEC7EAAAAD67 ] uagp35 C:\windows\system32\drivers\uagp35.sys
15:17:23.0403 2512 uagp35 - ok
15:17:23.0434 2512 [ FF4232A1A64012BAA1FD97C7B67DF593 ] udfs C:\windows\system32\DRIVERS\udfs.sys
15:17:23.0528 2512 udfs - ok
15:17:23.0590 2512 [ 3CBDEC8D06B9968ABA702EBA076364A1 ] UI0Detect C:\windows\system32\UI0Detect.exe
15:17:23.0622 2512 UI0Detect - ok
15:17:23.0653 2512 [ 4BFE1BC28391222894CBF1E7D0E42320 ] uliagpkx C:\windows\system32\drivers\uliagpkx.sys
15:17:23.0684 2512 uliagpkx - ok
15:17:23.0700 2512 [ DC54A574663A895C8763AF0FA1FF7561 ] umbus C:\windows\system32\DRIVERS\umbus.sys
15:17:23.0746 2512 umbus - ok
15:17:23.0762 2512 [ B2E8E8CB557B156DA5493BBDDCC1474D ] UmPass C:\windows\system32\drivers\umpass.sys
15:17:23.0793 2512 UmPass - ok
15:17:23.0824 2512 [ D47EC6A8E81633DD18D2436B19BAF6DE ] upnphost C:\windows\System32\upnphost.dll
15:17:23.0934 2512 upnphost - ok
15:17:23.0965 2512 [ 6F1A3157A1C89435352CEB543CDB359C ] usbccgp C:\windows\system32\DRIVERS\usbccgp.sys
15:17:23.0996 2512 usbccgp - ok
15:17:24.0027 2512 [ AF0892A803FDDA7492F595368E3B68E7 ] usbcir C:\windows\system32\drivers\usbcir.sys
15:17:24.0058 2512 usbcir - ok
15:17:24.0090 2512 [ C025055FE7B87701EB042095DF1A2D7B ] usbehci C:\windows\system32\DRIVERS\usbehci.sys
15:17:24.0136 2512 usbehci - ok
15:17:24.0168 2512 [ 287C6C9410B111B68B52CA298F7B8C24 ] usbhub C:\windows\system32\DRIVERS\usbhub.sys
15:17:24.0214 2512 usbhub - ok
15:17:24.0246 2512 [ 9840FC418B4CBD632D3D0A667A725C31 ] usbohci C:\windows\system32\DRIVERS\usbohci.sys
15:17:24.0292 2512 usbohci - ok
15:17:24.0308 2512 [ 73188F58FB384E75C4063D29413CEE3D ] usbprint C:\windows\system32\DRIVERS\usbprint.sys
15:17:24.0386 2512 usbprint - ok
15:17:24.0433 2512 [ AAA2513C8AED8B54B189FD0C6B1634C0 ] usbscan C:\windows\system32\DRIVERS\usbscan.sys
15:17:24.0480 2512 usbscan - ok
15:17:24.0495 2512 [ FED648B01349A3C8395A5169DB5FB7D6 ] USBSTOR C:\windows\system32\DRIVERS\USBSTOR.SYS
15:17:24.0573 2512 USBSTOR - ok
15:17:24.0604 2512 [ 62069A34518BCF9C1FD9E74B3F6DB7CD ] usbuhci C:\windows\system32\drivers\usbuhci.sys
15:17:24.0636 2512 usbuhci - ok
15:17:24.0667 2512 [ 454800C2BC7F3927CE030141EE4F4C50 ] usbvideo C:\windows\system32\Drivers\usbvideo.sys
15:17:24.0714 2512 usbvideo - ok
15:17:24.0745 2512 [ EDBB23CBCF2CDF727D64FF9B51A6070E ] UxSms C:\windows\System32\uxsms.dll
15:17:24.0838 2512 UxSms - ok
15:17:24.0870 2512 [ C118A82CD78818C29AB228366EBF81C3 ] VaultSvc C:\windows\system32\lsass.exe
15:17:24.0885 2512 VaultSvc - ok
15:17:24.0916 2512 [ C5C876CCFC083FF3B128F933823E87BD ] vdrvroot C:\windows\system32\drivers\vdrvroot.sys
15:17:24.0948 2512 vdrvroot - ok
15:17:24.0979 2512 [ 8D6B481601D01A456E75C3210F1830BE ] vds C:\windows\System32\vds.exe
15:17:25.0088 2512 vds - ok
15:17:25.0104 2512 [ DA4DA3F5E02943C2DC8C6ED875DE68DD ] vga C:\windows\system32\DRIVERS\vgapnp.sys
15:17:25.0150 2512 vga - ok
15:17:25.0166 2512 [ 53E92A310193CB3C03BEA963DE7D9CFC ] VgaSave C:\windows\System32\drivers\vga.sys
15:17:25.0260 2512 VgaSave - ok
15:17:25.0291 2512 [ 2CE2DF28C83AEAF30084E1B1EB253CBB ] vhdmp C:\windows\system32\drivers\vhdmp.sys
15:17:25.0322 2512 vhdmp - ok
15:17:25.0353 2512 [ E5689D93FFE4E5D66C0178761240DD54 ] viaide C:\windows\system32\drivers\viaide.sys
15:17:25.0384 2512 viaide - ok
15:17:25.0416 2512 [ D2AAFD421940F640B407AEFAAEBD91B0 ] volmgr C:\windows\system32\drivers\volmgr.sys
15:17:25.0431 2512 volmgr - ok
15:17:25.0462 2512 [ A255814907C89BE58B79EF2F189B843B ] volmgrx C:\windows\system32\drivers\volmgrx.sys
15:17:25.0509 2512 volmgrx - ok
15:17:25.0540 2512 [ DF8126BD41180351A093A3AD2FC8903B ] volsnap C:\windows\system32\drivers\volsnap.sys
15:17:25.0572 2512 volsnap - ok
15:17:25.0603 2512 [ 5E2016EA6EBACA03C04FEAC5F330D997 ] vsmraid C:\windows\system32\drivers\vsmraid.sys
15:17:25.0634 2512 vsmraid - ok
15:17:25.0696 2512 [ B60BA0BC31B0CB414593E169F6F21CC2 ] VSS C:\windows\system32\vssvc.exe
15:17:25.0837 2512 VSS - ok
15:17:25.0868 2512 [ 36D4720B72B5C5D9CB2B9C29E9DF67A1 ] vwifibus C:\windows\system32\DRIVERS\vwifibus.sys
15:17:25.0915 2512 vwifibus - ok
15:17:25.0946 2512 [ 6A3D66263414FF0D6FA754C646612F3F ] vwififlt C:\windows\system32\DRIVERS\vwififlt.sys
15:17:25.0993 2512 vwififlt - ok
15:17:26.0024 2512 [ 6A638FC4BFDDC4D9B186C28C91BD1A01 ] vwifimp C:\windows\system32\DRIVERS\vwifimp.sys
15:17:26.0071 2512 vwifimp - ok
15:17:26.0102 2512 [ 1C9D80CC3849B3788048078C26486E1A ] W32Time C:\windows\system32\w32time.dll
15:17:26.0196 2512 W32Time - ok
15:17:26.0242 2512 [ 4E9440F4F152A7B944CB1663D3935A3E ] WacomPen C:\windows\system32\drivers\wacompen.sys
15:17:26.0305 2512 WacomPen - ok
15:17:26.0320 2512 [ 356AFD78A6ED4457169241AC3965230C ] WANARP C:\windows\system32\DRIVERS\wanarp.sys
15:17:26.0414 2512 WANARP - ok
15:17:26.0430 2512 [ 356AFD78A6ED4457169241AC3965230C ] Wanarpv6 C:\windows\system32\DRIVERS\wanarp.sys
15:17:26.0508 2512 Wanarpv6 - ok
15:17:26.0586 2512 [ 3CEC96DE223E49EAAE3651FCF8FAEA6C ] WatAdminSvc C:\windows\system32\Wat\WatAdminSvc.exe
15:17:26.0648 2512 WatAdminSvc - ok
15:17:26.0726 2512 [ 78F4E7F5C56CB9716238EB57DA4B6A75 ] wbengine C:\windows\system32\wbengine.exe
15:17:26.0820 2512 wbengine - ok
15:17:26.0851 2512 [ 3AA101E8EDAB2DB4131333F4325C76A3 ] WbioSrvc C:\windows\System32\wbiosrvc.dll
15:17:26.0913 2512 WbioSrvc - ok
15:17:26.0944 2512 [ 7368A2AFD46E5A4481D1DE9D14848EDD ] wcncsvc C:\windows\System32\wcncsvc.dll
15:17:27.0022 2512 wcncsvc - ok
15:17:27.0038 2512 [ 20F7441334B18CEE52027661DF4A6129 ] WcsPlugInService C:\windows\System32\WcsPlugInService.dll
15:17:27.0085 2512 WcsPlugInService - ok
15:17:27.0132 2512 [ 72889E16FF12BA0F235467D6091B17DC ] Wd C:\windows\system32\drivers\wd.sys
15:17:27.0147 2512 Wd - ok
15:17:27.0210 2512 [ 442783E2CB0DA19873B7A63833FF4CB4 ] Wdf01000 C:\windows\system32\drivers\Wdf01000.sys
15:17:27.0256 2512 Wdf01000 - ok
15:17:27.0303 2512 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiServiceHost C:\windows\system32\wdi.dll
15:17:27.0412 2512 WdiServiceHost - ok
15:17:27.0412 2512 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiSystemHost C:\windows\system32\wdi.dll
15:17:27.0459 2512 WdiSystemHost - ok
15:17:27.0490 2512 [ 3DB6D04E1C64272F8B14EB8BC4616280 ] WebClient C:\windows\System32\webclnt.dll
15:17:27.0553 2512 WebClient - ok
15:17:27.0584 2512 [ C749025A679C5103E575E3B48E092C43 ] Wecsvc C:\windows\system32\wecsvc.dll
15:17:27.0693 2512 Wecsvc - ok
15:17:27.0724 2512 [ 7E591867422DC788B9E5BD337A669A08 ] wercplsupport C:\windows\System32\wercplsupport.dll
15:17:27.0802 2512 wercplsupport - ok
15:17:27.0834 2512 [ 6D137963730144698CBD10F202E9F251 ] WerSvc C:\windows\System32\WerSvc.dll
15:17:27.0912 2512 WerSvc - ok
15:17:27.0943 2512 [ 611B23304BF067451A9FDEE01FBDD725 ] WfpLwf C:\windows\system32\DRIVERS\wfplwf.sys
15:17:28.0021 2512 WfpLwf - ok
15:17:28.0052 2512 [ 05ECAEC3E4529A7153B3136CEB49F0EC ] WIMMount C:\windows\system32\drivers\wimmount.sys
15:17:28.0068 2512 WIMMount - ok
15:17:28.0099 2512 WinDefend - ok
15:17:28.0114 2512 WinHttpAutoProxySvc - ok
15:17:28.0177 2512 [ 19B07E7E8915D701225DA41CB3877306 ] Winmgmt C:\windows\system32\wbem\WMIsvc.dll
15:17:28.0270 2512 Winmgmt - ok
15:17:28.0348 2512 [ BCB1310604AA415C4508708975B3931E ] WinRM C:\windows\system32\WsmSvc.dll
15:17:28.0489 2512 WinRM - ok
15:17:28.0567 2512 [ 4FADA86E62F18A1B2F42BA18AE24E6AA ] Wlansvc C:\windows\System32\wlansvc.dll
15:17:28.0645 2512 Wlansvc - ok
15:17:28.0707 2512 [ 06C8FA1CF39DE6A735B54D906BA791C6 ] wlcrasvc C:\Program Files\Windows Live\Mesh\wlcrasvc.exe
15:17:28.0738 2512 wlcrasvc - ok
15:17:28.0832 2512 [ 2BACD71123F42CEA603F4E205E1AE337 ] wlidsvc C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
15:17:28.0926 2512 wlidsvc - ok
15:17:28.0957 2512 [ F6FF8944478594D0E414D3F048F0D778 ] WmiAcpi C:\windows\system32\drivers\wmiacpi.sys
15:17:29.0004 2512 WmiAcpi - ok
15:17:29.0050 2512 [ 38B84C94C5A8AF291ADFEA478AE54F93 ] wmiApSrv C:\windows\system32\wbem\WmiApSrv.exe
15:17:29.0128 2512 wmiApSrv - ok
15:17:29.0160 2512 WMPNetworkSvc - ok
15:17:29.0175 2512 [ 96C6E7100D724C69FCF9E7BF590D1DCA ] WPCSvc C:\windows\System32\wpcsvc.dll
15:17:29.0222 2512 WPCSvc - ok
15:17:29.0253 2512 [ 93221146D4EBBF314C29B23CD6CC391D ] WPDBusEnum C:\windows\system32\wpdbusenum.dll
15:17:29.0284 2512 WPDBusEnum - ok
15:17:29.0300 2512 [ 6BCC1D7D2FD2453957C5479A32364E52 ] ws2ifsl C:\windows\system32\drivers\ws2ifsl.sys
15:17:29.0394 2512 ws2ifsl - ok
15:17:29.0409 2512 [ E8B1FE6669397D1772D8196DF0E57A9E ] wscsvc C:\windows\System32\wscsvc.dll
15:17:29.0472 2512 wscsvc - ok
15:17:29.0487 2512 WSearch - ok
15:17:29.0612 2512 [ D9EF901DCA379CFE914E9FA13B73B4C4 ] wuauserv C:\windows\system32\wuaueng.dll
15:17:29.0721 2512 wuauserv - ok
15:17:29.0752 2512 [ AB886378EEB55C6C75B4F2D14B6C869F ] WudfPf C:\windows\system32\drivers\WudfPf.sys
15:17:29.0815 2512 WudfPf - ok
15:17:29.0846 2512 [ DDA4CAF29D8C0A297F886BFE561E6659 ] WUDFRd C:\windows\system32\DRIVERS\WUDFRd.sys
15:17:29.0893 2512 WUDFRd - ok
15:17:29.0940 2512 [ B20F051B03A966392364C83F009F7D17 ] wudfsvc C:\windows\System32\WUDFSvc.dll
15:17:29.0986 2512 wudfsvc - ok
15:17:30.0033 2512 [ 9A3452B3C2A46C073166C5CF49FAD1AE ] WwanSvc C:\windows\System32\wwansvc.dll
15:17:30.0096 2512 WwanSvc - ok
15:17:30.0111 2512 ================ Scan global ===============================
15:17:30.0158 2512 [ BA0CD8C393E8C9F83354106093832C7B ] C:\windows\system32\basesrv.dll
15:17:30.0205 2512 [ F46BBAAC1C4980F4D0DD463F190A42D3 ] C:\windows\system32\winsrv.dll
15:17:30.0220 2512 [ F46BBAAC1C4980F4D0DD463F190A42D3 ] C:\windows\system32\winsrv.dll
15:17:30.0236 2512 [ D6160F9D869BA3AF0B787F971DB56368 ] C:\windows\system32\sxssrv.dll
15:17:30.0283 2512 [ 24ACB7E5BE595468E3B9AA488B9B4FCB ] C:\windows\system32\services.exe
15:17:30.0283 2512 [Global] - ok
15:17:30.0283 2512 ================ Scan MBR ==================================
15:17:30.0298 2512 [ 5B5E648D12FCADC244C1EC30318E1EB9 ] \Device\Harddisk0\DR0
15:17:30.0735 2512 \Device\Harddisk0\DR0 ( TDSS File System ) - warning
15:17:30.0735 2512 \Device\Harddisk0\DR0 - detected TDSS File System (1)
15:17:30.0751 2512 ================ Scan VBR ==================================
15:17:30.0782 2512 [ 097449B306C9E02264A8382D8BBE3894 ] \Device\Harddisk0\DR0\Partition1
15:17:30.0782 2512 \Device\Harddisk0\DR0\Partition1 - ok
15:17:30.0782 2512 ================ Scan active images ========================
15:17:30.0798 2512 [ 3E588B60EC061686BA05D33574A344C6 ] C:\Windows\System32\drivers\crashdmp.sys
15:17:30.0798 2512 C:\Windows\System32\drivers\crashdmp.sys - ok
15:17:30.0813 2512 [ 839B5FE3D48E9F35B22C21A3D5103F6C ] C:\Windows\System32\drivers\Dumpata.sys
15:17:30.0813 2512 C:\Windows\System32\drivers\Dumpata.sys - ok
15:17:30.0829 2512 [ C25F0BAFA182CBCA2DD3C851C2E75796 ] C:\Windows\System32\drivers\msahci.sys
15:17:30.0829 2512 C:\Windows\System32\drivers\msahci.sys - ok
15:17:30.0829 2512 [ 814DB88F2641691575A455CF25354098 ] C:\Windows\System32\drivers\dumpfve.sys
15:17:30.0829 2512 C:\Windows\System32\drivers\dumpfve.sys - ok
15:17:30.0844 2512 [ F036CE71586E93D94DAB220D7BDF4416 ] C:\Windows\System32\drivers\cdrom.sys
15:17:30.0844 2512 C:\Windows\System32\drivers\cdrom.sys - ok
15:17:30.0860 2512 [ 9899284589F75FA8724FF3D16AED75C1 ] C:\Windows\System32\drivers\null.sys
15:17:30.0860 2512 C:\Windows\System32\drivers\null.sys - ok
15:17:30.0876 2512 [ 16A47CE2DECC9B099349A5F840654746 ] C:\Windows\System32\drivers\beep.sys
15:17:30.0876 2512 C:\Windows\System32\drivers\beep.sys - ok
15:17:30.0891 2512 [ 53E92A310193CB3C03BEA963DE7D9CFC ] C:\Windows\System32\drivers\vga.sys
15:17:30.0891 2512 C:\Windows\System32\drivers\vga.sys - ok
15:17:30.0907 2512 [ E7353D59C9842BC7299FAEB7E7E09340 ] C:\Windows\System32\drivers\videoprt.sys
15:17:30.0907 2512 C:\Windows\System32\drivers\videoprt.sys - ok
15:17:30.0907 2512 [ FC438D1430B28618E2D0C7C332A710AD ] C:\Windows\System32\drivers\watchdog.sys
15:17:30.0907 2512 C:\Windows\System32\drivers\watchdog.sys - ok
15:17:30.0922 2512 [ CEA6CC257FC9B7715F1C2B4849286D24 ] C:\Windows\System32\drivers\RDPCDD.sys
15:17:30.0922 2512 C:\Windows\System32\drivers\RDPCDD.sys - ok
15:17:30.0938 2512 [ BB5971A4F00659529A5C44831AF22365 ] C:\Windows\System32\drivers\RDPENCDD.sys
15:17:30.0938 2512 C:\Windows\System32\drivers\RDPENCDD.sys - ok
15:17:30.0954 2512 [ 216F3FA57533D98E1F74DED70113177A ] C:\Windows\System32\drivers\RDPREFMP.sys
15:17:30.0954 2512 C:\Windows\System32\drivers\RDPREFMP.sys - ok
15:17:30.0969 2512 [ AA3FB40E17CE1388FA1BEDAB50EA8F96 ] C:\Windows\System32\drivers\msfs.sys
15:17:30.0969 2512 C:\Windows\System32\drivers\msfs.sys - ok
15:17:30.0969 2512 [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7 ] C:\Windows\System32\drivers\npfs.sys
15:17:30.0969 2512 C:\Windows\System32\drivers\npfs.sys - ok
15:17:30.0985 2512 [ 6F020A220388ECA0AB6062DC27BD16B6 ] C:\Windows\System32\drivers\tdi.sys
15:17:30.0985 2512 C:\Windows\System32\drivers\tdi.sys - ok
15:17:31.0000 2512 [ DDAD5A7AB24D8B65F8D724F5C20FD806 ] C:\Windows\System32\drivers\tdx.sys
15:17:31.0000 2512 C:\Windows\System32\drivers\tdx.sys - ok
15:17:31.0016 2512 [ 1C7857B62DE5994A75B054A9FD4C3825 ] C:\Windows\System32\drivers\afd.sys
15:17:31.0016 2512 C:\Windows\System32\drivers\afd.sys - ok
15:17:31.0032 2512 [ 09594D1089C523423B32A4229263F068 ] C:\Windows\System32\drivers\netbt.sys
15:17:31.0032 2512 C:\Windows\System32\drivers\netbt.sys - ok
15:17:31.0047 2512 [ 0557CF5A2556BD58E26384169D72438D ] C:\Windows\System32\drivers\pacer.sys
15:17:31.0047 2512 C:\Windows\System32\drivers\pacer.sys - ok
15:17:31.0047 2512 [ 611B23304BF067451A9FDEE01FBDD725 ] C:\Windows\System32\drivers\wfplwf.sys
15:17:31.0047 2512 C:\Windows\System32\drivers\wfplwf.sys - ok
15:17:31.0063 2512 [ 6A3D66263414FF0D6FA754C646612F3F ] C:\Windows\System32\drivers\vwififlt.sys
15:17:31.0063 2512 C:\Windows\System32\drivers\vwififlt.sys - ok
15:17:31.0078 2512 [ 86743D9F5D2B1048062B14B1D84501C4 ] C:\Windows\System32\drivers\netbios.sys
15:17:31.0078 2512 C:\Windows\System32\drivers\netbios.sys - ok
15:17:31.0094 2512 [ 356AFD78A6ED4457169241AC3965230C ] C:\Windows\System32\drivers\wanarp.sys
15:17:31.0094 2512 C:\Windows\System32\drivers\wanarp.sys - ok
15:17:31.0110 2512 [ 561E7E1F06895D78DE991E01DD0FB6E5 ] C:\Windows\System32\drivers\termdd.sys
15:17:31.0110 2512 C:\Windows\System32\drivers\termdd.sys - ok
15:17:31.0125 2512 [ 77F665941019A1594D887A74F301FA2F ] C:\Windows\System32\drivers\rdbss.sys
15:17:31.0125 2512 C:\Windows\System32\drivers\rdbss.sys - ok
15:17:31.0141 2512 [ 0EED230E37515A0EAEE3C2E1BC97B288 ] C:\Windows\System32\drivers\mssmbios.sys
15:17:31.0141 2512 C:\Windows\System32\drivers\mssmbios.sys - ok
15:17:31.0141 2512 [ E7F5AE18AF4168178A642A9247C63001 ] C:\Windows\System32\drivers\nsiproxy.sys
15:17:31.0141 2512 C:\Windows\System32\drivers\nsiproxy.sys - ok
15:17:31.0156 2512 [ 9BB2EF44EAA163B29C4A4587887A0FE4 ] C:\Windows\System32\drivers\dfsc.sys
15:17:31.0156 2512 C:\Windows\System32\drivers\dfsc.sys - ok
15:17:31.0172 2512 [ 13096B05847EC78F0977F2C0F79E9AB3 ] C:\Windows\System32\drivers\discache.sys
15:17:31.0172 2512 C:\Windows\System32\drivers\discache.sys - ok
15:17:31.0188 2512 [ 61583EE3C3A17003C4ACD0475646B4D3 ] C:\Windows\System32\drivers\blbdrive.sys
15:17:31.0188 2512 C:\Windows\System32\drivers\blbdrive.sys - ok
15:17:31.0203 2512 [ 3566A8DAAFA27AF944F5D705EAA64894 ] C:\Windows\System32\drivers\tunnel.sys
15:17:31.0203 2512 C:\Windows\System32\drivers\tunnel.sys - ok
15:17:31.0219 2512 [ 1E56388B3FE0D031C44144EB8C4D6217 ] C:\Windows\System32\drivers\amdppm.sys
15:17:31.0219 2512 C:\Windows\System32\drivers\amdppm.sys - ok
15:17:31.0219 2512 [ 1EEFFCE9A3A65A56A28793EAA3F57026 ] C:\Windows\System32\drivers\atikmpag.sys
15:17:31.0219 2512 C:\Windows\System32\drivers\atikmpag.sys - ok
15:17:31.0234 2512 [ CF95B85FF8D128385ABD411C8CA74DED ] C:\Windows\System32\ntdll.dll
15:17:31.0234 2512 C:\Windows\System32\ntdll.dll - ok
15:17:31.0250 2512 [ 1911A3356FA3F77CCC825CCBAC038C2A ] C:\Windows\System32\smss.exe
15:17:31.0250 2512 C:\Windows\System32\smss.exe - ok
15:17:31.0266 2512 [ 3B536A8BEC3B4F23FFDFD78B11A2AB93 ] C:\Windows\System32\autochk.exe
15:17:31.0266 2512 C:\Windows\System32\autochk.exe - ok
15:17:31.0281 2512 [ 194D76D2083318A2E7071A988E02ECF4 ] C:\Windows\System32\drivers\atikmdag.sys
15:17:31.0281 2512 C:\Windows\System32\drivers\atikmdag.sys - ok
15:17:31.0297 2512 [ 85DBF6EC7BDFA6187F4A1EC8F3145CD0 ] C:\Windows\System32\drivers\dxgkrnl.sys
15:17:31.0297 2512 C:\Windows\System32\drivers\dxgkrnl.sys - ok
15:17:31.0312 2512 [ D0BF5B74A3B75F5B07DF04DA258A29B9 ] C:\Windows\System32\drivers\dxgmms1.sys
15:17:31.0312 2512 C:\Windows\System32\drivers\dxgmms1.sys - ok
15:17:31.0328 2512 [ FD542B661BD22FA69CA789AD0AC58C29 ] C:\Windows\System32\drivers\tdcmdpst.sys
15:17:31.0328 2512 C:\Windows\System32\drivers\tdcmdpst.sys - ok
15:17:31.0328 2512 [ 9840FC418B4CBD632D3D0A667A725C31 ] C:\Windows\System32\drivers\usbohci.sys
15:17:31.0328 2512 C:\Windows\System32\drivers\usbohci.sys - ok
15:17:31.0344 2512 [ AE259C75F9A0B057B6BF9E9695632B09 ] C:\Windows\System32\drivers\usbport.sys
15:17:31.0344 2512 C:\Windows\System32\drivers\usbport.sys - ok
15:17:31.0359 2512 [ C025055FE7B87701EB042095DF1A2D7B ] C:\Windows\System32\drivers\usbehci.sys
15:17:31.0359 2512 C:\Windows\System32\drivers\usbehci.sys - ok
15:17:31.0375 2512 [ 97BFED39B6B79EB12CDDBFEED51F56BB ] C:\Windows\System32\drivers\hdaudbus.sys
15:17:31.0375 2512 C:\Windows\System32\drivers\hdaudbus.sys - ok
15:17:31.0390 2512 [ FA55C73D4AFFA7EE23AC4BE53B4592D3 ] C:\Windows\System32\drivers\i8042prt.sys
15:17:31.0390 2512 C:\Windows\System32\drivers\i8042prt.sys - ok
15:17:31.0406 2512 [ BC02336F1CBA7DCC7D1213BB588A68A5 ] C:\Windows\System32\drivers\kbdclass.sys
15:17:31.0406 2512 C:\Windows\System32\drivers\kbdclass.sys - ok
15:17:31.0422 2512 [ 06D602A637E171E151853F1D8ECD34F1 ] C:\Windows\System32\drivers\SynTP.sys
15:17:31.0422 2512 C:\Windows\System32\drivers\SynTP.sys - ok
15:17:31.0422 2512 [ CCA2AB1752A61F29C3C941CD79D78CEA ] C:\Windows\System32\drivers\usbd.sys
15:17:31.0422 2512 C:\Windows\System32\drivers\usbd.sys - ok
15:17:31.0437 2512 [ 9835E63E09F824D22B689D2BB789BAB9 ] C:\Windows\System32\comdlg32.dll
15:17:31.0437 2512 C:\Windows\System32\comdlg32.dll - ok
15:17:31.0453 2512 [ EAF41CFBA5281834CBC383C710AC7965 ] C:\Windows\System32\kernel32.dll
15:17:31.0453 2512 C:\Windows\System32\kernel32.dll - ok
15:17:31.0468 2512 [ 0611473C1AD9E2D991CD9482068417F7 ] C:\Windows\System32\rpcrt4.dll
15:17:31.0468 2512 C:\Windows\System32\rpcrt4.dll - ok
15:17:31.0484 2512 [ C391FC68282A000CDF953F8B6B55D2EF ] C:\Windows\System32\msvcrt.dll
15:17:31.0484 2512 C:\Windows\System32\msvcrt.dll - ok
15:17:31.0484 2512 [ D87E1E59C73C1F98D5DED5B3850C40F5 ] C:\Windows\System32\psapi.dll
15:17:31.0484 2512 C:\Windows\System32\psapi.dll - ok
15:17:31.0500 2512 [ C6689007B3A749C49A5438DCF36E0CE4 ] C:\Windows\System32\shell32.dll
15:17:31.0500 2512 C:\Windows\System32\shell32.dll - ok
15:17:31.0515 2512 [ 0840155D0BDDF1190F84A663C284BD33 ] C:\Windows\System32\drivers\CmBatt.sys
15:17:31.0515 2512 C:\Windows\System32\drivers\CmBatt.sys - ok
15:17:31.0531 2512 [ 7D27EA49F3C1F687D357E77A470AEA99 ] C:\Windows\System32\drivers\mouclass.sys
15:17:31.0531 2512 C:\Windows\System32\drivers\mouclass.sys - ok
15:17:31.0546 2512 [ 513338976B722822B555D739D78F9E9F ] C:\Windows\System32\drivers\rtl8192ce.sys
15:17:31.0546 2512 C:\Windows\System32\drivers\rtl8192ce.sys - ok
15:17:31.0562 2512 [ 36D4720B72B5C5D9CB2B9C29E9DF67A1 ] C:\Windows\System32\drivers\vwifibus.sys
15:17:31.0562 2512 C:\Windows\System32\drivers\vwifibus.sys - ok
15:17:31.0562 2512 [ E50CFB92986DCAB49DE93788FD695813 ] C:\Windows\System32\drivers\Rt64win7.sys
15:17:31.0562 2512 C:\Windows\System32\drivers\Rt64win7.sys - ok
15:17:31.0578 2512 [ 03EDB043586CCEBA243D689BDDA370A8 ] C:\Windows\System32\drivers\CompositeBus.sys
15:17:31.0578 2512 C:\Windows\System32\drivers\CompositeBus.sys - ok
15:17:31.0593 2512 [ 60ACB128E64C35C2B4E4AAB1B0A5C293 ] C:\Windows\System32\drivers\FwLnk.sys
15:17:31.0593 2512 C:\Windows\System32\drivers\FwLnk.sys - ok
15:17:31.0609 2512 [ 7ECFF9B22276B73F43A99A15A6094E90 ] C:\Windows\System32\drivers\agilevpn.sys
15:17:31.0609 2512 C:\Windows\System32\drivers\agilevpn.sys - ok
15:17:31.0624 2512 [ 471815800AE33E6F1C32FB1B97C490CA ] C:\Windows\System32\drivers\rasl2tp.sys
15:17:31.0624 2512 C:\Windows\System32\drivers\rasl2tp.sys - ok
15:17:31.0640 2512 [ 30639C932D9FEF22B31268FE25A1B6E5 ] C:\Windows\System32\drivers\ndistapi.sys
15:17:31.0640 2512 C:\Windows\System32\drivers\ndistapi.sys - ok
15:17:31.0656 2512 [ 53F7305169863F0A2BDDC49E116C2E11 ] C:\Windows\System32\drivers\ndiswan.sys
15:17:31.0656 2512 C:\Windows\System32\drivers\ndiswan.sys - ok
15:17:31.0671 2512 [ 855C9B1CD4756C5E9A2AA58A15F58C25 ] C:\Windows\System32\drivers\raspppoe.sys
15:17:31.0671 2512 C:\Windows\System32\drivers\raspppoe.sys - ok
15:17:31.0671 2512 [ F92A2C41117A11A00BE01CA01A7FCDE9 ] C:\Windows\System32\drivers\raspptp.sys
15:17:31.0671 2512 C:\Windows\System32\drivers\raspptp.sys - ok
15:17:31.0687 2512 [ E8B1E447B008D07FF47D016C2B0EEECB ] C:\Windows\System32\drivers\rassstp.sys
15:17:31.0687 2512 C:\Windows\System32\drivers\rassstp.sys - ok
15:17:31.0702 2512 [ 24FBF5CC5C04150073C315A7C83521EE ] C:\Windows\System32\drivers\ks.sys
15:17:31.0702 2512 C:\Windows\System32\drivers\ks.sys - ok
15:17:31.0718 2512 [ D01EC09B6711A5F8E7E6564A4D0FBC90 ] C:\Windows\System32\drivers\swenum.sys
15:17:31.0718 2512 C:\Windows\System32\drivers\swenum.sys - ok
15:17:31.0734 2512 [ DC54A574663A895C8763AF0FA1FF7561 ] C:\Windows\System32\drivers\umbus.sys
15:17:31.0734 2512 C:\Windows\System32\drivers\umbus.sys - ok
15:17:31.0749 2512 [ 287C6C9410B111B68B52CA298F7B8C24 ] C:\Windows\System32\drivers\usbhub.sys
15:17:31.0749 2512 C:\Windows\System32\drivers\usbhub.sys - ok
15:17:31.0749 2512 [ 015C0D8E0E0421B4CFD48CFFE2825879 ] C:\Windows\System32\drivers\ndproxy.sys
15:17:31.0749 2512 C:\Windows\System32\drivers\ndproxy.sys - ok
15:17:31.0765 2512 [ 21D26064AEDB4988F785BB4A3A2C051E ] C:\Windows\System32\drivers\drmk.sys
15:17:31.0765 2512 C:\Windows\System32\drivers\drmk.sys - ok
15:17:31.0780 2512 [ 32E11315B5126921FFD9074840EF13D3 ] C:\Windows\System32\drivers\portcls.sys
15:17:31.0780 2512 C:\Windows\System32\drivers\portcls.sys - ok
15:17:31.0796 2512 [ 0A30A899C6295F908729EDA7F95615A8 ] C:\Windows\System32\drivers\RTKVHD64.sys
15:17:31.0796 2512 C:\Windows\System32\drivers\RTKVHD64.sys - ok
15:17:31.0812 2512 [ A19DB004D954BBC9C4EC125711E1D1C2 ] C:\Windows\System32\wininet.dll
15:17:31.0812 2512 C:\Windows\System32\wininet.dll - ok
15:17:31.0827 2512 [ 83404DCBCE4925B6A5A77C5170F46D86 ] C:\Windows\System32\sechost.dll
15:17:31.0827 2512 C:\Windows\System32\sechost.dll - ok
15:17:31.0843 2512 [ 6C60B5ACA7442EFB794082CDACFC001C ] C:\Windows\System32\ole32.dll
15:17:31.0843 2512 C:\Windows\System32\ole32.dll - ok
15:17:31.0843 2512 [ D202223587518B13D72D68937B7E3F70 ] C:\Windows\System32\lpk.dll
15:17:31.0843 2512 C:\Windows\System32\lpk.dll - ok
15:17:31.0858 2512 [ 4BBFA57F594F7E8A8EDC8F377184C3F0 ] C:\Windows\System32\ws2_32.dll
15:17:31.0858 2512 C:\Windows\System32\ws2_32.dll - ok
15:17:31.0874 2512 [ 25983DE69B57142039AC8D95E71CD9C9 ] C:\Windows\System32\clbcatq.dll
15:17:31.0874 2512 C:\Windows\System32\clbcatq.dll - ok
15:17:31.0890 2512 [ 1084AA52CCC324EA54C7121FA24C2221 ] C:\Windows\System32\gdi32.dll
15:17:31.0890 2512 C:\Windows\System32\gdi32.dll - ok
15:17:31.0905 2512 [ 28C0B5024F5C5A438E78B188CFC81B7F ] C:\Windows\System32\normaliz.dll
15:17:31.0905 2512 C:\Windows\System32\normaliz.dll - ok
15:17:31.0921 2512 [ FE70103391A64039A921DBFFF9C7AB1B ] C:\Windows\System32\user32.dll
15:17:31.0921 2512 C:\Windows\System32\user32.dll - ok
15:17:31.0921 2512 [ E519FD2CE6D57062400537C95C3B17FD ] C:\Windows\System32\urlmon.dll
15:17:31.0921 2512 C:\Windows\System32\urlmon.dll - ok
15:17:31.0936 2512 [ AA2C08CE85653B1A0D2E4AB407FA176C ] C:\Windows\System32\imm32.dll
15:17:31.0936 2512 C:\Windows\System32\imm32.dll - ok
15:17:31.0952 2512 [ C431EAF5CAA1C82CAC2534A2EAB348A3 ] C:\Windows\System32\msctf.dll
15:17:31.0952 2512 C:\Windows\System32\msctf.dll - ok
15:17:31.0968 2512 [ A1BE6A720D02E37F72E9CD89AE9CB3CF ] C:\Windows\System32\imagehlp.dll
15:17:31.0968 2512 C:\Windows\System32\imagehlp.dll - ok
15:17:31.0983 2512 [ 4E4FFB09D895AA000DD56D1404F69A7E ] C:\Windows\System32\Wldap32.dll
15:17:31.0983 2512 C:\Windows\System32\Wldap32.dll - ok
15:17:31.0999 2512 [ F7CE0C81C545364020ED8203CF0A633E ] C:\Windows\System32\difxapi.dll
15:17:31.0999 2512 C:\Windows\System32\difxapi.dll - ok
15:17:31.0999 2512 [ 044FE45FFD6AD40E3BBBE60B7F41BABE ] C:\Windows\System32\nsi.dll
15:17:31.0999 2512 C:\Windows\System32\nsi.dll - ok
15:17:32.0014 2512 [ D25968D163EC487A50C8C6A91D4134B4 ] C:\Windows\System32\iertutil.dll
15:17:32.0014 2512 C:\Windows\System32\iertutil.dll - ok
15:17:32.0030 2512 [ 2F8B1E3EE3545D3B5A8D56FA1AE07B65 ] C:\Windows\System32\usp10.dll
15:17:32.0030 2512 C:\Windows\System32\usp10.dll - ok
15:17:32.0030 2512 [ EAF32CB8C1F810E4715B4DFBE785C7FF ] C:\Windows\System32\shlwapi.dll
15:17:32.0030 2512 C:\Windows\System32\shlwapi.dll - ok
15:17:32.0046 2512 [ 6DF46D2BD74E3DA1B45F08F10D172732 ] C:\Windows\System32\advapi32.dll
15:17:32.0046 2512 C:\Windows\System32\advapi32.dll - ok
15:17:32.0061 2512 [ C06B32165E23A72A898B7A89679AD754 ] C:\Windows\System32\oleaut32.dll
15:17:32.0061 2512 C:\Windows\System32\oleaut32.dll - ok
15:17:32.0077 2512 [ 5D8E6C95156ED1F79A63D1EADE6F9ED5 ] C:\Windows\System32\setupapi.dll
15:17:32.0077 2512 C:\Windows\System32\setupapi.dll - ok
15:17:32.0092 2512 [ 12EE6FE9268CEE6D90FDCCBF89236C65 ] C:\Windows\System32\crypt32.dll
15:17:32.0092 2512 C:\Windows\System32\crypt32.dll - ok
15:17:32.0108 2512 [ 14DFDEAF4E589ED3F1FF187A86B9408C ] C:\Windows\System32\comctl32.dll
15:17:32.0108 2512 C:\Windows\System32\comctl32.dll - ok
15:17:32.0108 2512 [ AA06902362B1422D7A7DA7061E07C624 ] C:\Windows\System32\wintrust.dll
15:17:32.0124 2512 C:\Windows\System32\wintrust.dll - ok
15:17:32.0124 2512 [ 2477A28081BDAEE622CF045ACF8EE124 ] C:\Windows\System32\cfgmgr32.dll
15:17:32.0124 2512 C:\Windows\System32\cfgmgr32.dll - ok
15:17:32.0139 2512 [ CF0997050DB2B359D7F4103092296A1B ] C:\Windows\System32\KernelBase.dll
15:17:32.0139 2512 C:\Windows\System32\KernelBase.dll - ok
15:17:32.0155 2512 [ 06FEC9E8117103BB1141A560E98077DA ] C:\Windows\System32\devobj.dll
15:17:32.0155 2512 C:\Windows\System32\devobj.dll - ok
15:17:32.0170 2512 [ 884415BD4269C02EAF8E2613BF85500D ] C:\Windows\System32\msasn1.dll
15:17:32.0170 2512 C:\Windows\System32\msasn1.dll - ok
15:17:32.0186 2512 [ 9C278785347BCC991F8EA2999D90F58D ] C:\Windows\SysWOW64\normaliz.dll
15:17:32.0186 2512 C:\Windows\SysWOW64\normaliz.dll - ok
15:17:32.0202 2512 [ 6869281E78CB31A43E969F06B57347C4 ] C:\Windows\System32\drivers\ksthunk.sys
15:17:32.0202 2512 C:\Windows\System32\drivers\ksthunk.sys - ok
15:17:32.0202 2512 [ 36FCA0C67BCDC0DA047F5F36743B5CB9 ] C:\Windows\System32\drivers\rtsuvstor.sys
15:17:32.0202 2512 C:\Windows\System32\drivers\rtsuvstor.sys - ok
15:17:32.0217 2512 [ BF24D6F2ED97FE830BFD52B246F98E67 ] C:\Windows\System32\drivers\dxapi.sys
15:17:32.0217 2512 C:\Windows\System32\drivers\dxapi.sys - ok
15:17:32.0233 2512 [ 34B419EDEAC6F12B34908DE3758F98C9 ] C:\Windows\System32\win32k.sys
15:17:32.0233 2512 C:\Windows\System32\win32k.sys - ok
15:17:32.0248 2512 [ 60C2862B4BF0FD9F582EF344C2B1EC72 ] C:\Windows\System32\csrss.exe
15:17:32.0248 2512 C:\Windows\System32\csrss.exe - ok
15:17:32.0264 2512 [ 96F587CA26A6AA894BD8CACE4540CFFC ] C:\Windows\System32\csrsrv.dll
15:17:32.0264 2512 C:\Windows\System32\csrsrv.dll - ok
15:17:32.0280 2512 [ BA0CD8C393E8C9F83354106093832C7B ] C:\Windows\System32\basesrv.dll
15:17:32.0280 2512 C:\Windows\System32\basesrv.dll - ok
15:17:32.0280 2512 [ F46BBAAC1C4980F4D0DD463F190A42D3 ] C:\Windows\System32\winsrv.dll
15:17:32.0280 2512 C:\Windows\System32\winsrv.dll - ok
15:17:32.0295 2512 [ 6F1A3157A1C89435352CEB543CDB359C ] C:\Windows\System32\drivers\usbccgp.sys
15:17:32.0295 2512 C:\Windows\System32\drivers\usbccgp.sys - ok
15:17:32.0311 2512 [ 8B0E40E7E8BBF5ACF390465609D89FF1 ] C:\Windows\System32\drivers\hidclass.sys
15:17:32.0311 2512 C:\Windows\System32\drivers\hidclass.sys - ok
15:17:32.0326 2512 [ 49EE2E52E6CD03947DAD72F65367BE06 ] C:\Windows\System32\drivers\hidparse.sys
15:17:32.0326 2512 C:\Windows\System32\drivers\hidparse.sys - ok
15:17:32.0326 2512 [ 9592090A7E2B61CD582B612B6DF70536 ] C:\Windows\System32\drivers\hidusb.sys
15:17:32.0326 2512 C:\Windows\System32\drivers\hidusb.sys - ok
15:17:32.0342 2512 [ D3BF052C40B0C4166D9FD86A4288C1E6 ] C:\Windows\System32\drivers\mouhid.sys
15:17:32.0342 2512 C:\Windows\System32\drivers\mouhid.sys - ok
15:17:32.0358 2512 [ B03D591DC7DA45ECE20B3B467E6AADAA ] C:\Windows\System32\drivers\monitor.sys
15:17:32.0358 2512 C:\Windows\System32\drivers\monitor.sys - ok
15:17:32.0373 2512 [ 454800C2BC7F3927CE030141EE4F4C50 ] C:\Windows\System32\drivers\usbvideo.sys
15:17:32.0373 2512 C:\Windows\System32\drivers\usbvideo.sys - ok
15:17:32.0389 2512 [ 91111CEBBDE8015E822C46120ED9537C ] C:\Windows\System32\drivers\PGEffect.sys
15:17:32.0389 2512 C:\Windows\System32\drivers\PGEffect.sys - ok
15:17:32.0404 2512 [ F29FE765E1448EF371CFE05BFAC74ADB ] C:\Windows\System32\tsddd.dll
15:17:32.0404 2512 C:\Windows\System32\tsddd.dll - ok
15:17:32.0404 2512 [ D6160F9D869BA3AF0B787F971DB56368 ] C:\Windows\System32\sxssrv.dll
15:17:32.0404 2512 C:\Windows\System32\sxssrv.dll - ok
15:17:32.0420 2512 [ 94355C28C1970635A31B3FE52EB7CEBA ] C:\Windows\System32\wininit.exe
15:17:32.0420 2512 C:\Windows\System32\wininit.exe - ok
15:17:32.0436 2512 [ 2C942733A5983DD4502219FF37C7EBC7 ] C:\Windows\System32\profapi.dll
15:17:32.0436 2512 C:\Windows\System32\profapi.dll - ok
15:17:32.0451 2512 [ 78523A26F5604C0568FE9D1CE86E36F4 ] C:\Windows\System32\KBDUS.DLL
15:17:32.0451 2512 C:\Windows\System32\KBDUS.DLL - ok
15:17:32.0467 2512 [ C2A8CB1275ECB85D246A9ECC02A728E3 ] C:\Windows\System32\RpcRtRemote.dll
15:17:32.0467 2512 C:\Windows\System32\RpcRtRemote.dll - ok
15:17:32.0482 2512 [ 943F527DF79E6B400104341AA7023C75 ] C:\Windows\System32\cdd.dll
15:17:32.0482 2512 C:\Windows\System32\cdd.dll - ok
15:17:32.0482 2512 [ B26B1801356760841C3BC69F9F91537F ] C:\Windows\System32\WlS0WndH.dll
15:17:32.0498 2512 C:\Windows\System32\WlS0WndH.dll - ok
15:17:32.0498 2512 [ 9CEAD32E79A62150FE9F8557E58E008B ] C:\Windows\System32\sxs.dll
15:17:32.0498 2512 C:\Windows\System32\sxs.dll - ok
15:17:32.0514 2512 [ 784FA3DF338E2E8F5F0389D6FAC428AF ] C:\Windows\System32\cryptbase.dll
15:17:32.0514 2512 C:\Windows\System32\cryptbase.dll - ok
15:17:32.0529 2512 [ 90499F3163A9F815CF196A205EA3CD5D ] C:\Windows\System32\apphelp.dll
15:17:32.0529 2512 C:\Windows\System32\apphelp.dll - ok
15:17:32.0545 2512 [ 24ACB7E5BE595468E3B9AA488B9B4FCB ] C:\Windows\System32\services.exe
15:17:32.0545 2512 C:\Windows\System32\services.exe - ok
15:17:32.0545 2512 [ 66A6063D0BAAD3F7B2B9868859E0743B ] C:\Windows\System32\lsasrv.dll
15:17:32.0545 2512 C:\Windows\System32\lsasrv.dll - ok
15:17:32.0560 2512 [ C118A82CD78818C29AB228366EBF81C3 ] C:\Windows\System32\lsass.exe
15:17:32.0560 2512 C:\Windows\System32\lsass.exe - ok
15:17:32.0576 2512 [ 9662EE182644511439F1C53745DC1C88 ] C:\Windows\System32\lsm.exe
15:17:32.0576 2512 C:\Windows\System32\lsm.exe - ok
15:17:32.0592 2512 [ 3A0CE5FE781708CD6ABD55313607EC8B ] C:\Windows\System32\sspisrv.dll
15:17:32.0592 2512 C:\Windows\System32\sspisrv.dll - ok
15:17:32.0607 2512 [ E914A50A151DFFE63D3935226DB5E2C1 ] C:\Windows\System32\scext.dll
15:17:32.0607 2512 C:\Windows\System32\scext.dll - ok
15:17:32.0607 2512 [ B66BC8B20B7F33975865B1DF99783FD8 ] C:\Windows\System32\sspicli.dll
15:17:32.0607 2512 C:\Windows\System32\sspicli.dll - ok
15:17:32.0623 2512 [ BBCDF350817BA86416C0F06B6981BE8D ] C:\Windows\System32\scesrv.dll
15:17:32.0623 2512 C:\Windows\System32\scesrv.dll - ok
15:17:32.0638 2512 [ 0144D8D75A0B12938AEEE859E3310A46 ] C:\Windows\System32\secur32.dll
15:17:32.0638 2512 C:\Windows\System32\secur32.dll - ok
15:17:32.0654 2512 [ 1151B1BAA6F350B1DB6598E0FEA7C457 ] C:\Windows\System32\winlogon.exe
15:17:32.0654 2512 C:\Windows\System32\winlogon.exe - ok
15:17:32.0670 2512 [ A744BA6E04C8AA4592818178DBF89521 ] C:\Windows\System32\samsrv.dll
15:17:32.0670 2512 C:\Windows\System32\samsrv.dll - ok
15:17:32.0685 2512 [ 68083118797CAF30FB2EA3E71494D67E ] C:\Windows\System32\sysntfy.dll
15:17:32.0685 2512 C:\Windows\System32\sysntfy.dll - ok
15:17:32.0685 2512 [ DEE7267C5D232A3B816866872CE199E6 ] C:\Windows\System32\wmsgapi.dll
15:17:32.0685 2512 C:\Windows\System32\wmsgapi.dll - ok
15:17:32.0701 2512 [ 3A9C9BAF610B0DD4967086040B3B62A9 ] C:\Windows\System32\srvcli.dll
15:17:32.0701 2512 C:\Windows\System32\srvcli.dll - ok
15:17:32.0716 2512 [ 0D9764D58C5EFD672B7184854B152E5E ] C:\Windows\System32\winsta.dll
15:17:32.0716 2512 C:\Windows\System32\winsta.dll - ok
15:17:32.0732 2512 [ 3A061472B38233BAFF9CFEFF2E49C46B ] C:\Windows\System32\cryptdll.dll
15:17:32.0732 2512 C:\Windows\System32\cryptdll.dll - ok
15:17:32.0748 2512 [ 3C073B0C596A0AF84933E7406766B040 ] C:\Windows\System32\wevtapi.dll
15:17:32.0748 2512 C:\Windows\System32\wevtapi.dll - ok
15:17:32.0763 2512 [ 7FBEBD2229EA5FD48D41B199EC2D541C ] C:\Windows\System32\authz.dll
15:17:32.0763 2512 C:\Windows\System32\authz.dll - ok
15:17:32.0763 2512 [ 86FE1B1F8FD42CD0DB641AB1CDB13093 ] C:\Windows\System32\cngaudit.dll
15:17:32.0763 2512 C:\Windows\System32\cngaudit.dll - ok
15:17:32.0779 2512 [ 400645085A91BF3EB0271329B95AE0BE ] C:\Windows\System32\ncrypt.dll
15:17:32.0779 2512 C:\Windows\System32\ncrypt.dll - ok
15:17:32.0794 2512 [ B9A95365E52F421A20E1501935FADDA5 ] C:\Windows\System32\bcrypt.dll
15:17:32.0794 2512 C:\Windows\System32\bcrypt.dll - ok
15:17:32.0810 2512 [ 02B64609F865A39365FF88580DF11738 ] C:\Windows\System32\msprivs.dll
15:17:32.0810 2512 C:\Windows\System32\msprivs.dll - ok
15:17:32.0826 2512 [ C6505DE3561537BA1004D638C2F93F2F ] C:\Windows\System32\netjoin.dll
15:17:32.0826 2512 C:\Windows\System32\netjoin.dll - ok
15:17:32.0826 2512 [ 50532FCD7ECF02DD169CE5C485F02534 ] C:\Windows\System32\negoexts.dll
15:17:32.0826 2512 C:\Windows\System32\negoexts.dll - ok
15:17:32.0841 2512 [ 44E1A196DFCB53B01FE4B855C3B56A15 ] C:\Windows\System32\kerberos.dll
15:17:32.0841 2512 C:\Windows\System32\kerberos.dll - ok
15:17:32.0857 2512 [ D0C2FBB6D97416B0166478FC7AE2B212 ] C:\Windows\System32\cryptsp.dll
15:17:32.0857 2512 C:\Windows\System32\cryptsp.dll - ok
15:17:32.0872 2512 [ 94E026870A55AAEAFF7853C1754091E9 ] C:\Windows\System32\version.dll
15:17:32.0872 2512 C:\Windows\System32\version.dll - ok
15:17:32.0888 2512 [ 1D5185A4C7E6695431AE4B55C3D7D333 ] C:\Windows\System32\mswsock.dll
15:17:32.0888 2512 C:\Windows\System32\mswsock.dll - ok
15:17:32.0904 2512 [ EF12B8385AA2849999008A977918F96B ] C:\Windows\System32\msv1_0.dll
15:17:32.0904 2512 C:\Windows\System32\msv1_0.dll - ok
15:17:32.0919 2512 [ EC7CBFF96B05ECF3D366355B3C64ADCF ] C:\Windows\System32\wship6.dll
15:17:32.0919 2512 C:\Windows\System32\wship6.dll - ok
15:17:32.0919 2512 [ AA339DD8BB128EF66660DFBBB59043D3 ] C:\Windows\System32\netlogon.dll
15:17:32.0919 2512 C:\Windows\System32\netlogon.dll - ok
15:17:32.0935 2512 [ 492D07D79E7024CA310867B526D9636D ] C:\Windows\System32\dnsapi.dll
15:17:32.0935 2512 C:\Windows\System32\dnsapi.dll - ok
15:17:32.0950 2512 [ 8FFE297B8449386E7B6851458B6E474E ] C:\Windows\System32\logoncli.dll
15:17:32.0950 2512 C:\Windows\System32\logoncli.dll - ok
15:17:32.0966 2512 [ 1573C45E65DE32B1BC3572634F8F1E8E ] C:\Windows\System32\schannel.dll
15:17:32.0966 2512 C:\Windows\System32\schannel.dll - ok
15:17:32.0982 2512 [ 95FB6CA4374E343DDD653FCC43F9D26B ] C:\Windows\System32\wdigest.dll
15:17:32.0982 2512 C:\Windows\System32\wdigest.dll - ok
15:17:32.0997 2512 [ 5D8874A8C11DDDDE29E12DE0E2013493 ] C:\Windows\System32\rsaenh.dll
15:17:32.0997 2512 C:\Windows\System32\rsaenh.dll - ok
15:17:33.0013 2512 [ 8A25506B6948EFBD5A7F37E53CCD36D9 ] C:\Windows\System32\TSpkg.dll
15:17:33.0013 2512 C:\Windows\System32\TSpkg.dll - ok
15:17:33.0028 2512 [ E08088A97F95345E181C3DFCE2C615EF ] C:\Windows\System32\pku2u.dll
15:17:33.0028 2512 C:\Windows\System32\pku2u.dll - ok
15:17:33.0028 2512 [ 7DBA64AD70C2E2481C68D9E0F7CD7840 ] C:\Windows\System32\LIVESSP.DLL
15:17:33.0028 2512 C:\Windows\System32\LIVESSP.DLL - ok
15:17:33.0044 2512 [ D6C7780A364C6BBACFA796BAB9F1B374 ] C:\Windows\System32\bcryptprimitives.dll
15:17:33.0044 2512 C:\Windows\System32\bcryptprimitives.dll - ok
15:17:33.0060 2512 [ 52D3D5E3586988D4D9E34ACAAC33105C ] C:\Windows\System32\credssp.dll
15:17:33.0060 2512 C:\Windows\System32\credssp.dll - ok
15:17:33.0075 2512 [ 90BDEFC5DF334E5100EAA781D798DE1A ] C:\Windows\System32\efslsaext.dll
15:17:33.0075 2512 C:\Windows\System32\efslsaext.dll - ok
15:17:33.0091 2512 [ ED78427259134C63ED69804D2132B86C ] C:\Windows\System32\scecli.dll
15:17:33.0091 2512 C:\Windows\System32\scecli.dll - ok
15:17:33.0091 2512 [ 7CC7DF5B654DA579613F811D8C637E29 ] C:\Windows\System32\ubpm.dll
15:17:33.0091 2512 C:\Windows\System32\ubpm.dll - ok
15:17:33.0106 2512 [ 6F68F63794097E54F36474ED4384B759 ] C:\Windows\System32\svchost.exe
15:17:33.0106 2512 C:\Windows\System32\svchost.exe - ok
15:17:33.0122 2512 [ E6EB44ABAAF1F330119F854856C53EBE ] C:\Windows\System32\SPInf.dll
15:17:33.0122 2512 C:\Windows\System32\SPInf.dll - ok
15:17:33.0138 2512 [ 25FBDEF06C4D92815B353F6E792C8129 ] C:\Windows\System32\umpnpmgr.dll
15:17:33.0138 2512 C:\Windows\System32\umpnpmgr.dll - ok
15:17:33.0153 2512 [ CD1B5AD07E5F7FEF30E055DCC9E96180 ] C:\Windows\System32\devrtl.dll
15:17:33.0153 2512 C:\Windows\System32\devrtl.dll - ok
15:17:33.0169 2512 [ 7A17485DC7D8A7AC81321A42CD034519 ] C:\Windows\System32\userenv.dll
15:17:33.0169 2512 C:\Windows\System32\userenv.dll - ok
15:17:33.0184 2512 [ 9C9307C95671AC962F3D6EB3A4A89BAE ] C:\Windows\System32\gpapi.dll
15:17:33.0184 2512 C:\Windows\System32\gpapi.dll - ok
15:17:33.0200 2512 [ 6BA9D927DDED70BD1A9CADED45F8B184 ] C:\Windows\System32\umpo.dll
15:17:33.0200 2512 C:\Windows\System32\umpo.dll - ok
15:17:33.0216 2512 [ F6C011B46FAEEF33536B2E80F48B5CBE ] C:\Windows\System32\pcwum.dll
15:17:33.0216 2512 C:\Windows\System32\pcwum.dll - ok
15:17:33.0216 2512 [ 716175021BDA290504CE434273F666BC ] C:\Windows\System32\powrprof.dll
15:17:33.0216 2512 C:\Windows\System32\powrprof.dll - ok
15:17:33.0231 2512 [ 43D0F98E1D56CCDDB0D5254CFF7B356E ] C:\Windows\System32\drivers\luafv.sys
15:17:33.0231 2512 C:\Windows\System32\drivers\luafv.sys - ok
15:17:33.0247 2512 [ A8FE8F2783B2929B56F5370A89356CE9 ] C:\Windows\System32\drivers\mbam.sys
15:17:33.0247 2512 C:\Windows\System32\drivers\mbam.sys - ok
15:17:33.0262 2512 [ 5C627D1B1138676C0A7AB2C2C190D123 ] C:\Windows\System32\rpcss.dll
15:17:33.0262 2512 C:\Windows\System32\rpcss.dll - ok
15:17:33.0278 2512 [ E4DC58CF7B3EA515AE917FF0D402A7BB ] C:\Windows\System32\RpcEpMap.dll
15:17:33.0278 2512 C:\Windows\System32\RpcEpMap.dll - ok
15:17:33.0294 2512 [ 16E964ABF6D1E0F0CC7822FCA9BA754D ] C:\Windows\System32\wshqos.dll
15:17:33.0294 2512 C:\Windows\System32\wshqos.dll - ok
15:17:33.0294 2512 [ 31559F3244C6BC00A52030CAA83B6B91 ] C:\Windows\System32\WSHTCPIP.DLL
15:17:33.0294 2512 C:\Windows\System32\WSHTCPIP.DLL - ok
15:17:33.0309 2512 [ BCF8F2758AA5C451F8E366C66A98BBFE ] C:\Program Files\Microsoft Security Client\MpSvc.dll
15:17:33.0309 2512 C:\Program Files\Microsoft Security Client\MpSvc.dll - ok
15:17:33.0325 2512 [ CC8E4F72F21340A4D3A3D4DB50313EF5 ] C:\Program Files\Microsoft Security Client\MsMpEng.exe
15:17:33.0325 2512 C:\Program Files\Microsoft Security Client\MsMpEng.exe - ok
15:17:33.0340 2512 [ 9AD9E06F8656F296D91FAE8EE5B95A27 ] C:\Windows\System32\FirewallAPI.dll
15:17:33.0340 2512 C:\Windows\System32\FirewallAPI.dll - ok
15:17:33.0356 2512 [ 715F03B4C7223349768013EA95D9E5B7 ] C:\Windows\System32\LogonUI.exe
15:17:33.0356 2512 C:\Windows\System32\LogonUI.exe - ok
15:17:33.0372 2512 [ BD3674BE7FC9D8D3732C83E8499576ED ] C:\Windows\System32\wtsapi32.dll
15:17:33.0372 2512 C:\Windows\System32\wtsapi32.dll - ok
15:17:33.0387 2512 [ 2F67DEE6452EBC9F4A6C97A1CCC232FE ] C:\Program Files\Microsoft Security Client\MpClient.dll
15:17:33.0387 2512 C:\Program Files\Microsoft Security Client\MpClient.dll - ok
15:17:33.0387 2512 [ 0BEE002C68E28CE6DA161DCF1376D7D7 ] C:\Windows\System32\authui.dll
15:17:33.0387 2512 C:\Windows\System32\authui.dll - ok
15:17:33.0403 2512 [ 1F4492FE41767CDB8B89D17655847CDD ] C:\Windows\System32\ntmarta.dll
15:17:33.0403 2512 C:\Windows\System32\ntmarta.dll - ok
15:17:33.0418 2512 [ B3BFBD758506ECB50C5804AAA76318F9 ] C:\Windows\System32\cryptui.dll
15:17:33.0418 2512 C:\Windows\System32\cryptui.dll - ok
15:17:33.0434 2512 [ 7FA8FDC2C2A27817FD0F624E78D3B50C ] C:\Windows\winsxs\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac\comctl32.dll
15:17:33.0434 2512 C:\Windows\winsxs\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac\comctl32.dll - ok
15:17:33.0450 2512 [ 5B3EBFC3DA142324B388DDCC4465E1FF ] C:\Windows\System32\samlib.dll
15:17:33.0450 2512 C:\Windows\System32\samlib.dll - ok
15:17:33.0465 2512 [ 4E9C2DB10F7E6AE91BF761139D4B745B ] C:\Windows\System32\shacct.dll
15:17:33.0465 2512 C:\Windows\System32\shacct.dll - ok
15:17:33.0465 2512 [ F06BB4E336EA57511FDBAFAFCC47DE62 ] C:\Windows\System32\propsys.dll
15:17:33.0465 2512 C:\Windows\System32\propsys.dll - ok
15:17:33.0481 2512 [ D29E998E8277666982B4F0303BF4E7AF ] C:\Windows\System32\uxtheme.dll
15:17:33.0481 2512 C:\Windows\System32\uxtheme.dll - ok
15:17:33.0496 2512 [ 179E8401224D557ECFF3695F2016EA5B ] C:\Windows\winsxs\amd64_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.17825_none_2b253c8271ec7765\GdiPlus.dll
15:17:33.0496 2512 C:\Windows\winsxs\amd64_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.17825_none_2b253c8271ec7765\GdiPlus.dll - ok
15:17:33.0512 2512 [ 5F10310A5A9273475AA04930DFE16742 ] C:\Program Files\Microsoft Security Client\EppManifest.dll
15:17:33.0512 2512 C:\Program Files\Microsoft Security Client\EppManifest.dll - ok
15:17:33.0528 2512 [ 2F2E91FD092811353C3BC968BEC274D8 ] C:\Windows\System32\atiesrxx.exe
15:17:33.0528 2512 C:\Windows\System32\atiesrxx.exe - ok
15:17:33.0543 2512 [ 3CB6A7286422C72C34DAB54A5DFF1A34 ] C:\Windows\System32\dui70.dll
15:17:33.0543 2512 C:\Windows\System32\dui70.dll - ok
15:17:33.0559 2512 [ 8CCDE014A4CDF84564E03ACE064CA753 ] C:\Windows\System32\duser.dll
15:17:33.0559 2512 C:\Windows\System32\duser.dll - ok
15:17:33.0574 2512 [ D7F1EF374A90709B31591823B002F918 ] C:\Windows\System32\SndVolSSO.dll
15:17:33.0574 2512 C:\Windows\System32\SndVolSSO.dll - ok
15:17:33.0574 2512 [ BF62F3BC1BE0700804EC394BB77F02C4 ] C:\Program Files\Microsoft Security Client\MpRTP.dll
15:17:33.0590 2512 C:\Program Files\Microsoft Security Client\MpRTP.dll - ok
15:17:33.0590 2512 [ 896F15A6434D93EDB42519D5E18E6B50 ] C:\Windows\System32\hid.dll
15:17:33.0590 2512 C:\Windows\System32\hid.dll - ok
15:17:33.0606 2512 [ 227E2C382A1E02F8D4965E664D3BBE43 ] C:\Windows\System32\MMDevAPI.dll
15:17:33.0606 2512 C:\Windows\System32\MMDevAPI.dll - ok
15:17:33.0621 2512 [ DA1B7075260F3872585BFCDD668C648B ] C:\Windows\System32\dwmapi.dll
15:17:33.0621 2512 C:\Windows\System32\dwmapi.dll - ok
15:17:33.0637 2512 [ F3D202F53A222D5F6944D459B73CF967 ] C:\Windows\System32\fltLib.dll
15:17:33.0637 2512 C:\Windows\System32\fltLib.dll - ok
15:17:33.0637 2512 [ 6F8B48F3D343E4B186AB6A9E302B7E16 ] C:\Windows\System32\xmllite.dll
15:17:33.0637 2512 C:\Windows\System32\xmllite.dll - ok
15:17:33.0652 2512 [ FF7E814CBFEC3C27922C13BB94667416 ] C:\Program Files\Microsoft Security Client\MsMpLics.dll
15:17:33.0652 2512 C:\Program Files\Microsoft Security Client\MsMpLics.dll - ok
15:17:33.0668 2512 [ 05BF204EC0E82CC4A054DB189C8A3D84 ] C:\Windows\System32\drivers\MpFilter.sys
15:17:33.0668 2512 C:\Windows\System32\drivers\MpFilter.sys - ok
15:17:33.0684 2512 [ 12FD09889C8A6141C8D10F7AE48BBAC8 ] C:\Program Files\Microsoft Security Client\NisIpsPlugin.dll
15:17:33.0684 2512 C:\Program Files\Microsoft Security Client\NisIpsPlugin.dll - ok
15:17:33.0699 2512 [ 6011714C8C5C55CBFFAD24D61E879FBD ] C:\Windows\System32\wevtsvc.dll
15:17:33.0699 2512 C:\Windows\System32\wevtsvc.dll - ok
15:17:33.0715 2512 [ D527EF4364D2D00443470940B177EAD4 ] C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{27B1D385-2CEA-4839-848B-B4C409DAEB30}\mpengine.dll
15:17:33.0715 2512 C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{27B1D385-2CEA-4839-848B-B4C409DAEB30}\mpengine.dll - ok
15:17:33.0730 2512 [ 26B73A85855681500BCC25C7CD9FF5B1 ] C:\Windows\System32\WindowsCodecs.dll
15:17:33.0730 2512 C:\Windows\System32\WindowsCodecs.dll - ok
15:17:33.0746 2512 [ 588CD0C78A7FAAE4186B5EEA0AF3ED67 ] C:\Windows\System32\adtschema.dll
15:17:33.0746 2512 C:\Windows\System32\adtschema.dll - ok
15:17:33.0746 2512 [ F23FEF6D569FCE88671949894A8BECF1 ] C:\Windows\System32\audiosrv.dll
15:17:33.0746 2512 C:\Windows\System32\audiosrv.dll - ok
15:17:33.0762 2512 [ E40E80D0304A73E8D269F7141D77250B ] C:\Windows\System32\mmcss.dll
15:17:33.0762 2512 C:\Windows\System32\mmcss.dll - ok
15:17:33.0777 2512 [ 78A1E65207484B7F8D3217507745F47C ] C:\Windows\System32\avrt.dll
15:17:33.0777 2512 C:\Windows\System32\avrt.dll - ok
15:17:33.0793 2512 [ 9F2BACD5E1776A4BB7CC0EC3C3A4F96D ] C:\Windows\System32\winbrand.dll
15:17:33.0793 2512 C:\Windows\System32\winbrand.dll - ok
15:17:33.0808 2512 [ 53E83F1F6CF9D62F32801CF66D8352A8 ] C:\Windows\System32\profsvc.dll
15:17:33.0808 2512 C:\Windows\System32\profsvc.dll - ok
15:17:33.0824 2512 [ C2762A57DF0EE85E63CE4893C5215313 ] C:\Windows\System32\VaultCredProvider.dll
15:17:33.0824 2512 C:\Windows\System32\VaultCredProvider.dll - ok
15:17:33.0840 2512 [ CA2985996BB49924B677113DF95CFEA7 ] C:\Windows\System32\SmartcardCredentialProvider.dll
15:17:33.0840 2512 C:\Windows\System32\SmartcardCredentialProvider.dll - ok
15:17:33.0840 2512 [ BF352E73615F5461AA6884472435A544 ] C:\Windows\System32\BioCredProv.dll
15:17:33.0840 2512 C:\Windows\System32\BioCredProv.dll - ok
15:17:33.0855 2512 [ 4FADA86E62F18A1B2F42BA18AE24E6AA ] C:\Windows\System32\wlansvc.dll
15:17:33.0855 2512 C:\Windows\System32\wlansvc.dll - ok
15:17:33.0871 2512 [ CC0AB40F02D2C2A12209715A3C1B07B8 ] C:\Windows\System32\credui.dll
15:17:33.0871 2512 C:\Windows\System32\credui.dll - ok
15:17:33.0886 2512 [ 796B8123A7859AFD3A4AE10514DBAEB5 ] C:\Windows\System32\winbio.dll
15:17:33.0886 2512 C:\Windows\System32\winbio.dll - ok
15:17:33.0886 2512 [ 50544D04AD845C43130B70212EC05CCD ] C:\Windows\System32\microsoft-windows-kernel-power-events.dll
15:17:33.0886 2512 C:\Windows\System32\microsoft-windows-kernel-power-events.dll - ok
15:17:33.0902 2512 [ D5CCA1453B98A5801E6D5FF0FF89DC6C ] C:\Windows\System32\audiodg.exe
15:17:33.0902 2512 C:\Windows\System32\audiodg.exe - ok
15:17:33.0918 2512 [ DA6B67270FD9DB3697B20FCE94950741 ] C:\Windows\System32\drivers\fltMgr.sys
15:17:33.0918 2512 C:\Windows\System32\drivers\fltMgr.sys - ok
15:17:33.0933 2512 [ EEEA40F0EDB0A6E5359E539E15D0BC77 ] C:\Windows\System32\netapi32.dll
15:17:33.0933 2512 C:\Windows\System32\netapi32.dll - ok
15:17:33.0949 2512 [ A3DB3C17EE6CAE65D53602B4E80BCCBC ] C:\Windows\System32\PSHED.DLL
15:17:33.0949 2512 C:\Windows\System32\PSHED.DLL - ok
15:17:33.0964 2512 [ 44B9C66177651F3F53C87B665D58D17A ] C:\Windows\System32\vaultcli.dll
15:17:33.0964 2512 C:\Windows\System32\vaultcli.dll - ok
15:17:33.0980 2512 [ 6CECA4C6A489C9B2E6073AFDAAE3F607 ] C:\Windows\System32\netutils.dll
15:17:33.0980 2512 C:\Windows\System32\netutils.dll - ok
15:17:33.0996 2512 [ 3C91392D448F6E5D525A85B7550D8BA9 ] C:\Windows\System32\wkscli.dll
15:17:33.0996 2512 C:\Windows\System32\wkscli.dll - ok
15:17:34.0011 2512 [ 277BBC7E1AA1EE957F573A10ECA7EF3A ] C:\Windows\System32\gpsvc.dll
15:17:34.0011 2512 C:\Windows\System32\gpsvc.dll - ok
15:17:34.0011 2512 [ 5F28111C648F1E24F7DBC87CDEB091B8 ] C:\Windows\System32\netprofm.dll
15:17:34.0011 2512 C:\Windows\System32\netprofm.dll - ok
15:17:34.0027 2512 [ FC51229C7D4AFA0D6F186133728B95AB ] C:\Windows\System32\samcli.dll
15:17:34.0027 2512 C:\Windows\System32\samcli.dll - ok
15:17:34.0042 2512 [ 08D8C5E32648D6E7976F0458545EA600 ] C:\Program Files\TOSHIBA\SmartFaceV\SmartFaceVCP.dll
15:17:34.0042 2512 C:\Program Files\TOSHIBA\SmartFaceV\SmartFaceVCP.dll - ok
15:17:34.0058 2512 [ D037BEA6039248D4DE0C5F361F19970D ] C:\Program Files\TOSHIBA\SmartFaceV\SmartFaceVHelper.dll
15:17:34.0058 2512 C:\Program Files\TOSHIBA\SmartFaceV\SmartFaceVHelper.dll - ok
15:17:34.0074 2512 [ 54FFC9C8898113ACE189D4AA7199D2C1 ] C:\Windows\System32\MPSSVC.dll
15:17:34.0074 2512 C:\Windows\System32\MPSSVC.dll - ok
15:17:34.0089 2512 [ 46BB91A169B9B31FF44EB04C48EC1D41 ] C:\Windows\System32\nlaapi.dll
15:17:34.0089 2512 C:\Windows\System32\nlaapi.dll - ok
15:17:34.0105 2512 [ 58775492FFD419248B08325E583C527F ] C:\Windows\System32\atl.dll
15:17:34.0105 2512 C:\Windows\System32\atl.dll - ok
15:17:34.0120 2512 [ 7AE92C896AF9ABFBDB18C1D055B6EBA7 ] C:\Windows\winsxs\amd64_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.4940_none_88df89932faf0bf6\msvcp80.dll
15:17:34.0120 2512 C:\Windows\winsxs\amd64_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.4940_none_88df89932faf0bf6\msvcp80.dll - ok
15:17:34.0136 2512 [ B0945E538CF906BBDDC5A11C8EE868CC ] C:\Windows\System32\microsoft-windows-kernel-processor-power-events.dll
15:17:34.0136 2512 C:\Windows\System32\microsoft-windows-kernel-processor-power-events.dll - ok
15:17:34.0152 2512 [ F0344071948D1A1FA732231785A0664C ] C:\Windows\System32\themeservice.dll
15:17:34.0152 2512 C:\Windows\System32\themeservice.dll - ok
15:17:34.0167 2512 [ A77BE7CB3222B4FB0AC6C71D1C2698D4 ] C:\Windows\System32\dsrole.dll
15:17:34.0167 2512 C:\Windows\System32\dsrole.dll - ok
15:17:34.0167 2512 [ BE097F5BB10F9079FCEB2DC4E7E20F02 ] C:\Windows\System32\slc.dll
15:17:34.0167 2512 C:\Windows\System32\slc.dll - ok
15:17:34.0183 2512 [ 4166F82BE4D24938977DD1746BE9B8A0 ] C:\Windows\System32\es.dll
15:17:34.0183 2512 C:\Windows\System32\es.dll - ok
15:17:34.0198 2512 [ 06A754FE28A06F780A099703CFCAAA22 ] C:\Windows\winsxs\amd64_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.4940_none_88df89932faf0bf6\msvcr80.dll
15:17:34.0198 2512 C:\Windows\winsxs\amd64_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.4940_none_88df89932faf0bf6\msvcr80.dll - ok
15:17:34.0214 2512 [ 1A47D52E303B7543E4E6026595B95422 ] C:\Windows\System32\comres.dll
15:17:34.0214 2512 C:\Windows\System32\comres.dll - ok
15:17:34.0230 2512 [ C32AB8FA018EF34C0F113BD501436D21 ] C:\Windows\System32\Sens.dll
15:17:34.0230 2512 C:\Windows\System32\Sens.dll - ok
15:17:34.0245 2512 [ 1538831CF8AD2979A04C423779465827 ] C:\Windows\System32\drivers\lltdio.sys
15:17:34.0245 2512 C:\Windows\System32\drivers\lltdio.sys - ok
15:17:34.0261 2512 [ EDBB23CBCF2CDF727D64FF9B51A6070E ] C:\Windows\System32\uxsms.dll
15:17:34.0261 2512 C:\Windows\System32\uxsms.dll - ok
15:17:34.0261 2512 [ 1EA3749C4114DB3E3161156FFFFA6B33 ] C:\Windows\System32\drivers\nwifi.sys
15:17:34.0261 2512 C:\Windows\System32\drivers\nwifi.sys - ok
15:17:34.0276 2512 [ 9AE75388EE2C110216B8319584E8AC34 ] C:\Program Files\TOSHIBA\SmartFaceV\SmartFaceVCtrl.dll
15:17:34.0276 2512 C:\Program Files\TOSHIBA\SmartFaceV\SmartFaceVCtrl.dll - ok
15:17:34.0292 2512 [ 136185F9FB2CC61E573E676AA5402356 ] C:\Windows\System32\drivers\ndisuio.sys
15:17:34.0292 2512 C:\Windows\System32\drivers\ndisuio.sys - ok
15:17:34.0308 2512 [ DDC86E4F8E7456261E637E3552E804FF ] C:\Windows\System32\drivers\rspndr.sys
15:17:34.0308 2512 C:\Windows\System32\drivers\rspndr.sys - ok
15:17:34.0323 2512 [ 2B81776DA02017A37FE26C662827470E ] C:\Windows\System32\IPHLPAPI.DLL
15:17:34.0323 2512 C:\Windows\System32\IPHLPAPI.DLL - ok
15:17:34.0339 2512 [ F993A32249B66C9D622EA5592A8B76B8 ] C:\Windows\System32\lmhsvc.dll
15:17:34.0339 2512 C:\Windows\System32\lmhsvc.dll - ok
15:17:34.0354 2512 [ D54BFDF3E0C953F823B3D0BFE4732528 ] C:\Windows\System32\nsisvc.dll
15:17:34.0354 2512 C:\Windows\System32\nsisvc.dll - ok
15:17:34.0370 2512 [ 4C9210E8F4E052F6A4EB87716DA0C24C ] C:\Windows\System32\winnsi.dll
15:17:34.0370 2512 C:\Windows\System32\winnsi.dll - ok
15:17:34.0386 2512 [ 43D808F5D9E1A18E5EEB5EBC83969E4E ] C:\Windows\System32\dhcpcore.dll
15:17:34.0386 2512 C:\Windows\System32\dhcpcore.dll - ok
15:17:34.0401 2512 [ B73A6E4B319AFFE64582AC5C1801BB3F ] C:\Windows\System32\nrpsrv.dll
15:17:34.0401 2512 C:\Windows\System32\nrpsrv.dll - ok
15:17:34.0401 2512 [ EF2AE43BCD46ABB13FC3E5B2B1935C73 ] C:\Windows\System32\winmm.dll
15:17:34.0401 2512 C:\Windows\System32\winmm.dll - ok
15:17:34.0417 2512 [ 2A9238A326763122424E07EF320D5D3A ] C:\Program Files\TOSHIBA\SmartFaceV\FaceRec.dll
15:17:34.0417 2512 C:\Program Files\TOSHIBA\SmartFaceV\FaceRec.dll - ok
15:17:34.0432 2512 [ 3CC16A849E6092E43909F48EF0E60306 ] C:\Windows\System32\dhcpcore6.dll
15:17:34.0432 2512 C:\Windows\System32\dhcpcore6.dll - ok
15:17:34.0448 2512 [ 16835866AAA693C7D7FCEBA8FFF706E4 ] C:\Windows\System32\dnsrslvr.dll
15:17:34.0448 2512 C:\Windows\System32\dnsrslvr.dll - ok
15:17:34.0464 2512 [ E2DDA8726DA9CB5B2C4000C9018A9633 ] C:\Windows\System32\eapsvc.dll
15:17:34.0464 2512 C:\Windows\System32\eapsvc.dll - ok
15:17:34.0479 2512 [ F9EC845C5EECF20E9A67F9F805F2EF1F ] C:\Windows\System32\keyiso.dll
15:17:34.0479 2512 C:\Windows\System32\keyiso.dll - ok
15:17:34.0495 2512 [ 87356377F31DA5F20A833811CD59499C ] C:\Windows\System32\eapphost.dll
15:17:34.0495 2512 C:\Windows\System32\eapphost.dll - ok
15:17:34.0510 2512 [ 0040C486584A8E582C861CFB57AB5387 ] C:\Windows\System32\FWPUCLNT.DLL
15:17:34.0510 2512 C:\Windows\System32\FWPUCLNT.DLL - ok
15:17:34.0526 2512 [ 9FCA3A84338ADEF2AFF67CDA46EF8539 ] C:\Windows\System32\umb.dll
15:17:34.0526 2512 C:\Windows\System32\umb.dll - ok
15:17:34.0542 2512 [ 885D0942E0F28DB90919BE3129ECF279 ] C:\Windows\System32\dnsext.dll
15:17:34.0542 2512 C:\Windows\System32\dnsext.dll - ok
15:17:34.0557 2512 [ A648C4A06DE367065B24056D067B4460 ] C:\Windows\System32\wlanmsm.dll
15:17:34.0557 2512 C:\Windows\System32\wlanmsm.dll - ok
15:17:34.0573 2512 [ F568F7C08458D69E4FCD8675BBB107E4 ] C:\Windows\System32\dhcpcsvc.dll
15:17:34.0573 2512 C:\Windows\System32\dhcpcsvc.dll - ok
15:17:34.0588 2512 [ 3C06D5A929B798D0B13F6481242A0FD2 ] C:\Windows\System32\dhcpcsvc6.dll
15:17:34.0588 2512 C:\Windows\System32\dhcpcsvc6.dll - ok
15:17:34.0604 2512 [ 06A1386B6E3A0CBC368665C1840906F4 ] C:\Windows\System32\wlansec.dll
15:17:34.0604 2512 C:\Windows\System32\wlansec.dll - ok
15:17:34.0620 2512 [ 91175B7E997CFAC64F271A15B4217BC7 ] C:\Program Files\TOSHIBA\SmartFaceV\FaceHI.dll
15:17:34.0620 2512 C:\Program Files\TOSHIBA\SmartFaceV\FaceHI.dll - ok
15:17:34.0635 2512 [ 65522E77A1360DBC8D199DA3BF5EFFE4 ] C:\Windows\System32\eappprxy.dll
15:17:34.0635 2512 C:\Windows\System32\eappprxy.dll - ok
15:17:34.0651 2512 [ 73FCB7919DEE80EE556F2E498594EBAE ] C:\Windows\System32\onex.dll
15:17:34.0651 2512 C:\Windows\System32\onex.dll - ok
15:17:34.0651 2512 [ 0D753307D274F3688BD21C377B616700 ] C:\Windows\System32\eappcfg.dll
15:17:34.0651 2512 C:\Windows\System32\eappcfg.dll - ok
15:17:34.0666 2512 [ 97E43F324BE1503CB2FFB058534688DA ] C:\Windows\System32\l2gpstore.dll
15:17:34.0666 2512 C:\Windows\System32\l2gpstore.dll - ok
15:17:34.0682 2512 [ 7F1B4C6FF3B85F9ADF74055187B8A22C ] C:\Windows\System32\wlanutil.dll
15:17:34.0682 2512 C:\Windows\System32\wlanutil.dll - ok
15:17:34.0698 2512 [ 730BF204A595D5B6D7DC57A247CC741C ] C:\Windows\System32\wlgpclnt.dll
15:17:34.0698 2512 C:\Windows\System32\wlgpclnt.dll - ok
15:17:34.0713 2512 [ 7D5645EE0EA77D539828433D9B95F5EB ] C:\Windows\System32\WinSCard.dll
15:17:34.0713 2512 C:\Windows\System32\WinSCard.dll - ok
15:17:34.0729 2512 [ 4FFDE68C4B7C9993FA551E7E36DDB34D ] C:\Windows\System32\msxml6.dll
15:17:34.0729 2512 C:\Windows\System32\msxml6.dll - ok
15:17:34.0729 2512 [ AAF932B4011D14052955D4B212A4DA8D ] C:\Windows\System32\shsvcs.dll
15:17:34.0729 2512 C:\Windows\System32\shsvcs.dll - ok
15:17:34.0744 2512 [ 262F6592C3299C005FD6BEC90FC4463A ] C:\Windows\System32\schedsvc.dll
15:17:34.0744 2512 C:\Windows\System32\schedsvc.dll - ok
15:17:34.0760 2512 [ 9C5BF3E0541B8A2F85DF1D642E495EE4 ] C:\Program Files\TOSHIBA\SmartFaceV\SmartFaceVLogOn.dll
15:17:34.0760 2512 C:\Program Files\TOSHIBA\SmartFaceV\SmartFaceVLogOn.dll - ok
15:17:34.0776 2512 [ BC414631876B2F28B8DAB08E849C12C5 ] C:\Windows\System32\ktmw32.dll
15:17:34.0776 2512 C:\Windows\System32\ktmw32.dll - ok
15:17:34.0791 2512 [ 972C3301DB3DA91AE06A95F6B4160B1B ] C:\Windows\System32\certCredProvider.dll
15:17:34.0791 2512 C:\Windows\System32\certCredProvider.dll - ok
15:17:34.0807 2512 [ 032229246107C5C7211E6D1498B52D3D ] C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDCREDPROV.DLL
15:17:34.0807 2512 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDCREDPROV.DLL - ok
15:17:34.0822 2512 [ 87FA0C48C3B2E9FEE518818FE26B15B5 ] C:\Windows\System32\rasplap.dll
15:17:34.0822 2512 C:\Windows\System32\rasplap.dll - ok
15:17:34.0838 2512 [ 019CD868461B646E09BDF04474C19341 ] C:\Windows\System32\rasapi32.dll
15:17:34.0838 2512 C:\Windows\System32\rasapi32.dll - ok
15:17:34.0854 2512 [ B28DEEC597C8DEB70C744C7CF9210E3E ] C:\Windows\System32\rasman.dll
15:17:34.0854 2512 C:\Windows\System32\rasman.dll - ok
15:17:34.0869 2512 [ 945E54F23C72D37B8CD1987AF0DB63BF ] C:\Windows\System32\fveapi.dll
15:17:34.0869 2512 C:\Windows\System32\fveapi.dll - ok
15:17:34.0885 2512 [ B53C4B69B695EDA1B7E41D35CA4244E2 ] C:\Windows\System32\rtutils.dll
15:17:34.0885 2512 C:\Windows\System32\rtutils.dll - ok
15:17:34.0885 2512 [ 1473768973453DE50DC738C2955FC4DD ] C:\Windows\System32\wdmaud.drv
15:17:34.0885 2512 C:\Windows\System32\wdmaud.drv - ok
15:17:34.0900 2512 [ 8560FFFC8EB3A806DCD4F82252CFC8C6 ] C:\Windows\System32\ksuser.dll
15:17:34.0900 2512 C:\Windows\System32\ksuser.dll - ok
15:17:34.0916 2512 [ CF636C92B762B26F0B39B38E92380A09 ] C:\Windows\System32\oleacc.dll
15:17:34.0916 2512 C:\Windows\System32\oleacc.dll - ok
15:17:34.0932 2512 [ 019BDD35DE269CB98B22DE8923C2AA3B ] C:\Windows\System32\UIAutomationCore.dll
15:17:34.0932 2512 C:\Windows\System32\UIAutomationCore.dll - ok
15:17:34.0963 2512 [ DC220AE6F64819099F7EBD6F137E32E7 ] C:\Windows\System32\AudioSes.dll
15:17:34.0963 2512 C:\Windows\System32\AudioSes.dll - ok
15:17:34.0978 2512 [ 1B7C3A37362C7B2890168C5FC61C8D9B ] C:\Windows\System32\msacm32.drv
15:17:34.0978 2512 C:\Windows\System32\msacm32.drv - ok
15:17:34.0994 2512 [ 10AC5CE9F78DC281A1BBD9B8CC587B8A ] C:\Windows\System32\msacm32.dll
15:17:34.0994 2512 C:\Windows\System32\msacm32.dll - ok
15:17:34.0994 2512 [ CA2A0750ED830678997695FF61B04C30 ] C:\Windows\System32\midimap.dll
15:17:34.0994 2512 C:\Windows\System32\midimap.dll - ok
15:17:35.0010 2512 [ 5EDBB34736DD7AC1A73CF8792A835E10 ] C:\Windows\System32\AudioEng.dll
15:17:35.0010 2512 C:\Windows\System32\AudioEng.dll - ok
15:17:35.0025 2512 [ 03706015DB44368375AEBE6339490E66 ] C:\Windows\System32\netcfgx.dll
15:17:35.0025 2512 C:\Windows\System32\netcfgx.dll - ok
15:17:35.0041 2512 [ C1395286B822E306B4FE1568A8A77813 ] C:\Windows\System32\AUDIOKSE.dll
15:17:35.0041 2512 C:\Windows\System32\AUDIOKSE.dll - ok
15:17:35.0056 2512 [ 6A638FC4BFDDC4D9B186C28C91BD1A01 ] C:\Windows\System32\drivers\vwifimp.sys
15:17:35.0056 2512 C:\Windows\System32\drivers\vwifimp.sys - ok
15:17:35.0072 2512 [ 891ECFD08E2C538B7948CBC45106D697 ] C:\Windows\System32\fvecerts.dll
15:17:35.0072 2512 C:\Windows\System32\fvecerts.dll - ok
15:17:35.0088 2512 [ 694865362F0965779F92BCFE97712323 ] C:\Windows\System32\tbs.dll
15:17:35.0088 2512 C:\Windows\System32\tbs.dll - ok
15:17:35.0103 2512 [ 706B9A55E4B1EDD2F6C2D7A1CF37E197 ] C:\Windows\System32\RtkAPO64.dll
15:17:35.0103 2512 C:\Windows\System32\RtkAPO64.dll - ok
15:17:35.0119 2512 [ 9BC8610C32C96A2983A65DC21CAFA921 ] C:\Windows\System32\UXInit.dll
15:17:35.0119 2512 C:\Windows\System32\UXInit.dll - ok
15:17:35.0119 2512 [ 13EB517A22F8AE2E4A02718C163BA401 ] C:\Windows\System32\atieclxx.exe
15:17:35.0119 2512 C:\Windows\System32\atieclxx.exe - ok
15:17:35.0134 2512 [ 3449B6738794D2234ED2C3FADA85D487 ] C:\Windows\System32\atiadlxx.dll
15:17:35.0134 2512 C:\Windows\System32\atiadlxx.dll - ok
15:17:35.0150 2512 [ ECAEC5FBBBEF8612AF0A866AFA5F7EF2 ] C:\Windows\System32\RTEEL64A.dll
15:17:35.0150 2512 C:\Windows\System32\RTEEL64A.dll - ok
15:17:35.0166 2512 [ A6286A6C7A1BBFCBA17AA54384A21D1C ] C:\Windows\System32\RTEED64A.dll
15:17:35.0166 2512 C:\Windows\System32\RTEED64A.dll - ok
15:17:35.0181 2512 [ 6DC4A7242F565C9E9C9CCC7BB0FA75C7 ] C:\Windows\System32\taskcomp.dll
15:17:35.0181 2512 C:\Windows\System32\taskcomp.dll - ok
15:17:35.0197 2512 [ B6C244055D019CAC3FE8298DAD973D6D ] C:\Windows\System32\atimuixx.dll
15:17:35.0197 2512 C:\Windows\System32\atimuixx.dll - ok
15:17:35.0197 2512 [ 8269210DAF3B12BC8300631B28A2A442 ] C:\Windows\System32\wiarpc.dll
15:17:35.0197 2512 C:\Windows\System32\wiarpc.dll - ok
15:17:35.0212 2512 [ 0EA7DE1ACB728DD5A369FD742D6EEE28 ] C:\Windows\System32\drivers\http.sys
15:17:35.0212 2512 C:\Windows\System32\drivers\http.sys - ok
15:17:35.0228 2512 [ 85DAA09A98C9286D4EA2BA8D0E644377 ] C:\Windows\System32\spoolsv.exe
15:17:35.0228 2512 C:\Windows\System32\spoolsv.exe - ok
15:17:35.0244 2512 [ 5AA945234E9D4CCE4F715276B9AA712C ] C:\Windows\System32\imageres.dll
15:17:35.0244 2512 C:\Windows\System32\imageres.dll - ok
15:17:35.0259 2512 [ 82974D6A2FD19445CC5171FC378668A4 ] C:\Windows\System32\BFE.DLL
15:17:35.0259 2512 C:\Windows\System32\BFE.DLL - ok
15:17:35.0275 2512 [ 6C02A83164F5CC0A262F4199F0871CF5 ] C:\Windows\System32\drivers\bowser.sys
15:17:35.0275 2512 C:\Windows\System32\drivers\bowser.sys - ok
15:17:35.0275 2512 [ 6C38C9E45AE0EA2FA5E551F2ED5E978F ] C:\Windows\System32\drivers\mpsdrv.sys
15:17:35.0275 2512 C:\Windows\System32\drivers\mpsdrv.sys - ok
15:17:35.0290 2512 [ A5D9106A73DC88564C825D317CAC68AC ] C:\Windows\System32\drivers\mrxsmb.sys
15:17:35.0290 2512 C:\Windows\System32\drivers\mrxsmb.sys - ok
15:17:35.0306 2512 [ D711B3C1D5F42C0C2415687BE09FC163 ] C:\Windows\System32\drivers\mrxsmb10.sys
15:17:35.0306 2512 C:\Windows\System32\drivers\mrxsmb10.sys - ok
15:17:35.0322 2512 [ 9423E9D355C8D303E76B8CFBD8A5C30C ] C:\Windows\System32\drivers\mrxsmb20.sys
15:17:35.0322 2512 C:\Windows\System32\drivers\mrxsmb20.sys - ok
15:17:35.0337 2512 [ 851A1382EED3E3A7476DB004F4EE3E1A ] C:\Windows\System32\wkssvc.dll
15:17:35.0337 2512 C:\Windows\System32\wkssvc.dll - ok
15:17:35.0353 2512 [ 0E7045E24F78351E021D3C01566DBBA3 ] C:\Program Files\Microsoft Security Client\MpAsDesc.dll
15:17:35.0353 2512 C:\Program Files\Microsoft Security Client\MpAsDesc.dll - ok
15:17:35.0368 2512 [ 5B8580B819BE32EEC18CE1FEC52A4BCE ] C:\Program Files\Microsoft Security Client\MpCmdRun.exe
15:17:35.0368 2512 C:\Program Files\Microsoft Security Client\MpCmdRun.exe - ok
15:17:35.0368 2512 [ C67F8A962B2534224D5908D16D2AD3CE ] C:\Windows\System32\wfapigp.dll
15:17:35.0368 2512 C:\Windows\System32\wfapigp.dll - ok
15:17:35.0384 2512 [ 9C01375BE382E834CC26D1B7EAF2C4FE ] C:\Windows\System32\cryptsvc.dll
15:17:35.0384 2512 C:\Windows\System32\cryptsvc.dll - ok
15:17:35.0400 2512 [ B26F4F737E8F9DF4F31AF6CF31D05820 ] C:\Windows\System32\dps.dll
15:17:35.0400 2512 C:\Windows\System32\dps.dll - ok
15:17:35.0415 2512 [ 8792BAB371B4B1589E015B6FD1ED3B15 ] C:\Windows\System32\cryptnet.dll
15:17:35.0415 2512 C:\Windows\System32\cryptnet.dll - ok
15:17:35.0431 2512 [ 802496CB59A30349F9A6DD22D6947644 ] C:\Windows\System32\FDResPub.dll
15:17:35.0431 2512 C:\Windows\System32\FDResPub.dll - ok
15:17:35.0446 2512 [ FCD84C381E0140AF901E58D48882D26B ] C:\Windows\System32\IKEEXT.DLL
15:17:35.0446 2512 C:\Windows\System32\IKEEXT.DLL - ok
15:17:35.0446 2512 [ F1B205F932F62F94506A5F332C895DAF ] C:\Windows\System32\WSDApi.dll
15:17:35.0446 2512 C:\Windows\System32\WSDApi.dll - ok
15:17:35.0462 2512 [ 402B44B31C7183FCF2C4E1083AF317FA ] C:\Windows\System32\conhost.exe
15:17:35.0462 2512 C:\Windows\System32\conhost.exe - ok
15:17:35.0478 2512 [ 85B16A92B117A5A800032ECD904B86DB ] C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
15:17:35.0478 2512 C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe - ok
15:17:35.0493 2512 [ 0E2F58F6E698EDCB9E58FAD0CBCD0567 ] C:\Windows\System32\vssapi.dll
15:17:35.0493 2512 C:\Windows\System32\vssapi.dll - ok
15:17:35.0493 2512 [ 218A400108F280428FA22282D3268BBC ] C:\Windows\System32\wscapi.dll
15:17:35.0493 2512 C:\Windows\System32\wscapi.dll - ok
15:17:35.0509 2512 [ 1834B31C749B86DAC233BBBA1C03BC48 ] C:\Windows\System32\mscms.dll
15:17:35.0509 2512 C:\Windows\System32\mscms.dll - ok
15:17:35.0524 2512 [ C55516D98DD5D8F0153C2A9B4227DA86 ] C:\Windows\System32\webservices.dll
15:17:35.0524 2512 C:\Windows\System32\webservices.dll - ok
15:17:35.0540 2512 [ E73B0F1819602CB6EF176FB78D76A47B ] C:\Windows\SysWOW64\ntdll.dll
15:17:35.0540 2512 C:\Windows\SysWOW64\ntdll.dll - ok
15:17:35.0556 2512 [ FA43D418BC945D27D0625B697B8442B5 ] C:\Windows\System32\cabinet.dll
15:17:35.0556 2512 C:\Windows\System32\cabinet.dll - ok
15:17:35.0571 2512 [ BAAFAF9CEAEC0B73C2A3550A01F6CECB ] C:\Windows\System32\taskschd.dll
15:17:35.0571 2512 C:\Windows\System32\taskschd.dll - ok
15:17:35.0571 2512 [ 77B5035BC6EDF4D1B6265391AECEE4C0 ] C:\Windows\System32\vpnikeapi.dll
15:17:35.0571 2512 C:\Windows\System32\vpnikeapi.dll - ok
15:17:35.0587 2512 [ B5055B51BAA0FD0A736A88653DA3C1C0 ] C:\Windows\System32\fundisc.dll
15:17:35.0587 2512 C:\Windows\System32\fundisc.dll - ok
15:17:35.0602 2512 [ D29902687A6110FE637F87189C6A3FB5 ] C:\Windows\System32\wow64.dll
15:17:35.0602 2512 C:\Windows\System32\wow64.dll - ok
15:17:35.0618 2512 [ CFBE90EF20EE550F4A6B74CED16DAFCA ] C:\Windows\System32\wow64win.dll
15:17:35.0618 2512 C:\Windows\System32\wow64win.dll - ok
15:17:35.0634 2512 [ E9EEC159B08BFDD76FAD2C1C333223B3 ] C:\Windows\System32\wow64cpu.dll
15:17:35.0634 2512 C:\Windows\System32\wow64cpu.dll - ok
15:17:35.0649 2512 [ 9B98D47916EAD4F69EF51B56B0C2323C ] C:\Windows\SysWOW64\kernel32.dll
15:17:35.0649 2512 C:\Windows\SysWOW64\kernel32.dll - ok
15:17:35.0665 2512 [ 92E0508D924512F63FFEEFE498CBD11F ] C:\Windows\System32\p2pcollab.dll
15:17:35.0665 2512 C:\Windows\System32\p2pcollab.dll - ok
15:17:35.0680 2512 [ 287923557447D7E4BDD7E65B1F0F5428 ] C:\Windows\System32\vsstrace.dll
15:17:35.0680 2512 C:\Windows\System32\vsstrace.dll - ok
15:17:35.0696 2512 [ 3AEAA8B561E63452C655DC0584922257 ] C:\Windows\System32\pcasvc.dll
15:17:35.0696 2512 C:\Windows\System32\pcasvc.dll - ok
15:17:35.0696 2512 [ 53BB811ED12D2C867B354390FABF9612 ] C:\Windows\SysWOW64\KernelBase.dll
15:17:35.0712 2512 C:\Windows\SysWOW64\KernelBase.dll - ok
15:17:35.0712 2512 [ C0F7C25EEFB1C5FD554AAA801201A83C ] C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbam.dll
15:17:35.0712 2512 C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbam.dll - ok
15:17:35.0727 2512 [ 6313F223E817CC09AA41811DAA7F541D ] C:\Windows\System32\snmptrap.exe
15:17:35.0727 2512 C:\Windows\System32\snmptrap.exe - ok
15:17:35.0743 2512 [ 8CC3C111D653E96F3EA1590891491D71 ] C:\Windows\SysWOW64\shlwapi.dll
15:17:35.0743 2512 C:\Windows\SysWOW64\shlwapi.dll - ok
15:17:35.0758 2512 [ D6D3AD7BF1D6F6CE9547613ED5E170A2 ] C:\Windows\SysWOW64\gdi32.dll
15:17:35.0758 2512 C:\Windows\SysWOW64\gdi32.dll - ok
15:17:35.0758 2512 [ 5E0DB2D8B2750543CD2EBB9EA8E6CDD3 ] C:\Windows\SysWOW64\user32.dll
15:17:35.0758 2512 C:\Windows\SysWOW64\user32.dll - ok
15:17:35.0774 2512 [ 95E2376B3323F062EB562B8586D0F14A ] C:\Windows\SysWOW64\advapi32.dll
15:17:35.0774 2512 C:\Windows\SysWOW64\advapi32.dll - ok
15:17:35.0790 2512 [ 10EAB90C1AE8271B5FE5A8930987EE5C ] C:\Program Files\Windows Live\Mesh\WLRemoteServiceResource.dll
15:17:35.0790 2512 C:\Program Files\Windows Live\Mesh\WLRemoteServiceResource.dll - ok
15:17:35.0805 2512 [ 9DC80A8AAAAAC397BDAB3C67165A824E ] C:\Windows\SysWOW64\msvcrt.dll
15:17:35.0805 2512 C:\Windows\SysWOW64\msvcrt.dll - ok
15:17:35.0821 2512 [ C5AD8083CF94201F1F8084ECC696A8B7 ] C:\Windows\SysWOW64\rpcrt4.dll
15:17:35.0821 2512 C:\Windows\SysWOW64\rpcrt4.dll - ok
15:17:35.0836 2512 [ CFC97F07904067A1E5FAE195D534DA3A ] C:\Windows\SysWOW64\sechost.dll
15:17:35.0836 2512 C:\Windows\SysWOW64\sechost.dll - ok
15:17:35.0852 2512 [ EDA7AD21DF8945528F01F0A86D69E524 ] C:\Windows\SysWOW64\sspicli.dll
15:17:35.0852 2512 C:\Windows\SysWOW64\sspicli.dll - ok
15:17:35.0852 2512 [ F08F6FCD09F9BE94C37ACC1B344685FF ] C:\Windows\SysWOW64\cryptbase.dll
15:17:35.0852 2512 C:\Windows\SysWOW64\cryptbase.dll - ok
15:17:35.0868 2512 [ 384721EF4024890092625E20CADFAF85 ] C:\Windows\SysWOW64\lpk.dll
15:17:35.0868 2512 C:\Windows\SysWOW64\lpk.dll - ok
15:17:35.0883 2512 [ 804AAAFEBB3AD5F49334DD906BCB1DE5 ] C:\Windows\SysWOW64\usp10.dll
15:17:35.0883 2512 C:\Windows\SysWOW64\usp10.dll - ok
15:17:35.0899 2512 [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB ] C:\Windows\System32\sstpsvc.dll
15:17:35.0899 2512 C:\Windows\System32\sstpsvc.dll - ok
15:17:35.0914 2512 [ 29E9794708DF51DB5DC89FB2E903A0F6 ] C:\Windows\SysWOW64\shell32.dll
15:17:35.0914 2512 C:\Windows\SysWOW64\shell32.dll - ok
15:17:35.0930 2512 [ 908ACB1F594274965A53926B10C81E89 ] C:\Windows\System32\provsvc.dll
15:17:35.0930 2512 C:\Windows\System32\provsvc.dll - ok
15:17:35.0946 2512 [ 58F4493BF748A3A89689997B7BD00E95 ] C:\Windows\System32\winhttp.dll
15:17:35.0946 2512 C:\Windows\System32\winhttp.dll - ok
15:17:35.0961 2512 [ 603EBD34E216C5654A2D774EAC98D278 ] C:\Windows\System32\webio.dll
15:17:35.0961 2512 C:\Windows\System32\webio.dll - ok
15:17:35.0961 2512 [ BCEA9AB347E53BC03B2E36BE0B8BA0EF ] C:\Windows\System32\httpapi.dll
15:17:35.0977 2512 C:\Windows\System32\httpapi.dll - ok
15:17:35.0977 2512 [ 8AD77806D336673F270DB31645267293 ] C:\Windows\System32\nlasvc.dll
15:17:35.0977 2512 C:\Windows\System32\nlasvc.dll - ok
15:17:35.0992 2512 [ 58A0CDABEA255616827B1C22C9994466 ] C:\Windows\System32\NapiNSP.dll
15:17:35.0992 2512 C:\Windows\System32\NapiNSP.dll - ok
15:17:36.0008 2512 [ 613C8CE10A5FDE582BA5FA64C4D56AAA ] C:\Windows\System32\pnrpnsp.dll
15:17:36.0008 2512 C:\Windows\System32\pnrpnsp.dll - ok
15:17:36.0024 2512 [ 702254574E7E52052DE39408457B7149 ] C:\Windows\SysWOW64\version.dll
15:17:36.0024 2512 C:\Windows\SysWOW64\version.dll - ok
15:17:36.0024 2512 [ A8AD2773202A3913D1E1564BD5703183 ] C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamnet.dll
15:17:36.0024 2512 C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamnet.dll - ok
15:17:36.0039 2512 [ 60D21799A4AF4EDCE65FB98830E4B0C8 ] C:\Windows\SysWOW64\crypt32.dll
15:17:36.0039 2512 C:\Windows\SysWOW64\crypt32.dll - ok
15:17:36.0055 2512 [ 938F39B50BAFE13D6F58C7790682C010 ] C:\Windows\SysWOW64\msasn1.dll
15:17:36.0055 2512 C:\Windows\SysWOW64\msasn1.dll - ok
15:17:36.0070 2512 [ A90DC9ABD65DB1A8902F361103029952 ] C:\Windows\SysWOW64\IPHLPAPI.DLL
15:17:36.0070 2512 C:\Windows\SysWOW64\IPHLPAPI.DLL - ok
15:17:36.0086 2512 [ 6377051C63D5552A311935C67E9FDFDC ] C:\Windows\SysWOW64\nsi.dll
15:17:36.0086 2512 C:\Windows\SysWOW64\nsi.dll - ok
15:17:36.0102 2512 [ CFF35B879D1618D42C86644C717BA947 ] C:\Windows\SysWOW64\winnsi.dll
15:17:36.0102 2512 C:\Windows\SysWOW64\winnsi.dll - ok
15:17:36.0117 2512 [ 7FF15A4F092CD4A96055BA69F903E3E9 ] C:\Windows\SysWOW64\ws2_32.dll
15:17:36.0117 2512 C:\Windows\SysWOW64\ws2_32.dll - ok
15:17:36.0133 2512 [ D15618A0FF8DBC2C5BF3726BACC75A0B ] C:\Windows\SysWOW64\userenv.dll
15:17:36.0133 2512 C:\Windows\SysWOW64\userenv.dll - ok
15:17:36.0148 2512 [ 6A6B2EE4565A178035BE2A4FF6F2C968 ] C:\Windows\SysWOW64\wtsapi32.dll
15:17:36.0148 2512 C:\Windows\SysWOW64\wtsapi32.dll - ok
15:17:36.0164 2512 [ A6F09E5669D9A19035F6D942CAA15882 ] C:\Windows\SysWOW64\imm32.dll
15:17:36.0164 2512 C:\Windows\SysWOW64\imm32.dll - ok
15:17:36.0180 2512 [ C733D233B623B7FFCE5031E4B756EE26 ] C:\Windows\SysWOW64\profapi.dll
15:17:36.0180 2512 C:\Windows\SysWOW64\profapi.dll - ok
15:17:36.0180 2512 [ C9618BC9B2B0FD7C1138D8774795A79B ] C:\Windows\SysWOW64\msctf.dll
15:17:36.0180 2512 C:\Windows\SysWOW64\msctf.dll - ok
15:17:36.0195 2512 [ 20E2469DB709FC675E655CEAA11BE312 ] C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
15:17:36.0195 2512 C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe - ok
15:17:36.0211 2512 [ 928CF7268086631F54C3D8E17238C6DD ] C:\Windows\SysWOW64\ole32.dll
15:17:36.0211 2512 C:\Windows\SysWOW64\ole32.dll - ok
15:17:36.0226 2512 [ 8EB9DF4D405524D5EF69AE9ECB0EDD16 ] C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamcore.dll
15:17:36.0226 2512 C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamcore.dll - ok
15:17:36.0242 2512 [ B9A8CBCFCD3EC9D2EA4740AF347BF108 ] C:\Windows\SysWOW64\mpr.dll
15:17:36.0242 2512 C:\Windows\SysWOW64\mpr.dll - ok
15:17:36.0258 2512 [ 17448AF0BBA9E7AB5EC955AF93F271BD ] C:\Windows\SysWOW64\wintrust.dll
15:17:36.0258 2512 C:\Windows\SysWOW64\wintrust.dll - ok
15:17:36.0258 2512 [ A543AC1F7138376D778D630A35FCBC4C ] C:\Windows\SysWOW64\psapi.dll
15:17:36.0258 2512 C:\Windows\SysWOW64\psapi.dll - ok
15:17:36.0273 2512 [ 5FF89F20317309D28AC1EDEB0CD1BA72 ] C:\Windows\System32\drivers\NisDrvWFP.sys
15:17:36.0273 2512 C:\Windows\System32\drivers\NisDrvWFP.sys - ok
15:17:36.0289 2512 [ 1727B2A2F379A32B864C096FA794AADC ] C:\Windows\System32\aepic.dll
15:17:36.0289 2512 C:\Windows\System32\aepic.dll - ok
15:17:36.0304 2512 [ D4FAC263861BAE06971C7F7D0A8EBF15 ] C:\Windows\System32\ncsi.dll
15:17:36.0304 2512 C:\Windows\System32\ncsi.dll - ok
15:17:36.0320 2512 [ 68769C3356B3BE5D1C732C97B9A80D6E ] C:\Windows\System32\drivers\PEAuth.sys
15:17:36.0320 2512 C:\Windows\System32\drivers\PEAuth.sys - ok
15:17:36.0336 2512 [ 2BBF3FDB70B8965DFA0258CBAB41ECCE ] C:\Windows\System32\ssdpapi.dll
15:17:36.0336 2512 C:\Windows\System32\ssdpapi.dll - ok
15:17:36.0351 2512 [ 3EA8A16169C26AFBEB544E0E48421186 ] C:\Windows\System32\drivers\secdrv.sys
15:17:36.0351 2512 C:\Windows\System32\drivers\secdrv.sys - ok
15:17:36.0367 2512 [ C6DCD1D11ED6827F05C00773C3E7053C ] C:\Windows\System32\sfc.dll
15:17:36.0367 2512 C:\Windows\System32\sfc.dll - ok
15:17:36.0382 2512 [ 895C9AB0A855547445C4181195230757 ] C:\Windows\System32\sfc_os.dll
15:17:36.0382 2512 C:\Windows\System32\sfc_os.dll - ok
15:17:36.0382 2512 [ 27E461F0BE5BFF5FC737328F749538C3 ] C:\Windows\System32\drivers\srvnet.sys
15:17:36.0382 2512 C:\Windows\System32\drivers\srvnet.sys - ok
15:17:36.0398 2512 [ 210FCACAF902B2CD47CF9FD17D846146 ] C:\Windows\System32\aeevts.dll
15:17:36.0398 2512 C:\Windows\System32\aeevts.dll - ok
15:17:36.0414 2512 [ 1B16D0BD9841794A6E0CDE0CEF744ABC ] C:\Windows\System32\drivers\tcpipreg.sys
15:17:36.0414 2512 C:\Windows\System32\drivers\tcpipreg.sys - ok
15:17:36.0429 2512 [ 8DD52E8E6128F4B2DA92CE27402871C1 ] C:\Windows\System32\wiaservc.dll
15:17:36.0429 2512 C:\Windows\System32\wiaservc.dll - ok
15:17:36.0445 2512 [ BF9CCC0BF39B418C8D0AE8B05CF95B7D ] C:\Windows\System32\sysmain.dll
15:17:36.0445 2512 C:\Windows\System32\sysmain.dll - ok
15:17:36.0460 2512 [ 0364256B4A2A93A8C8CDA6B3B5A0EFF5 ] C:\Windows\System32\wiatrace.dll
15:17:36.0460 2512 C:\Windows\System32\wiatrace.dll - ok
15:17:36.0476 2512 [ 582AC6D9873E31DFA28A4547270862DD ] C:\Windows\System32\QAGENTRT.DLL
15:17:36.0476 2512 C:\Windows\System32\QAGENTRT.DLL - ok
15:17:36.0492 2512 [ 506A83A3BEEE9FCA09F0170DE9FC7D1B ] C:\Windows\System32\fveui.dll
15:17:36.0492 2512 C:\Windows\System32\fveui.dll - ok
15:17:36.0492 2512 [ CA9E3BD4752FA2C084F5CD35FD8D0025 ] C:\Program Files\Microsoft Security Client\MsseWat.dll
15:17:36.0492 2512 C:\Program Files\Microsoft Security Client\MsseWat.dll - ok
15:17:36.0523 2512 [ B6D6886149573278CBA6ABD44C4317F5 ] C:\Windows\System32\slwga.dll
15:17:36.0523 2512 C:\Windows\System32\slwga.dll - ok
15:17:36.0523 2512 [ DB76DB15EFC6E4D1153A6C5BC895948D ] C:\Windows\System32\sppc.dll
15:17:36.0523 2512 C:\Windows\System32\sppc.dll - ok
15:17:36.0538 2512 [ B2DFFEA8FB6B8DA0501F53C9F2112612 ] C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{27B1D385-2CEA-4839-848B-B4C409DAEB30}\offreg.dll
15:17:36.0538 2512 C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{27B1D385-2CEA-4839-848B-B4C409DAEB30}\offreg.dll - ok
15:17:36.0554 2512 [ 7321F18D1F820612ED0E9F2D4B578A7E ] C:\Windows\SysWOW64\cryptsp.dll
15:17:36.0554 2512 C:\Windows\SysWOW64\cryptsp.dll - ok
15:17:36.0570 2512 [ ED8EC63F7522DF4852147C84EC62C36A ] C:\Windows\SysWOW64\rsaenh.dll
15:17:36.0570 2512 C:\Windows\SysWOW64\rsaenh.dll - ok
15:17:36.0585 2512 [ 0B4734AE9EC70B843DF02E7B1C056377 ] C:\Windows\System32\ThpSrv.exe
15:17:36.0585 2512 C:\Windows\System32\ThpSrv.exe - ok
15:17:36.0585 2512 [ 8E2C799D3476EAC32C3BA0DF7CE6AF19 ] C:\Windows\System32\TODDSrv.exe
15:17:36.0585 2512 C:\Windows\System32\TODDSrv.exe - ok
15:17:36.0601 2512 [ 1C73689B900428C7D054A41C4687F55C ] C:\Program Files\TOSHIBA\Power Saver\TosCoSrv.exe
15:17:36.0601 2512 C:\Program Files\TOSHIBA\Power Saver\TosCoSrv.exe - ok
15:17:36.0616 2512 [ 3EAE925DCD7D2704982BBCA4DC7EAE7E ] C:\Program Files\TOSHIBA\Power Saver\TPwrReg.dll
15:17:36.0616 2512 C:\Program Files\TOSHIBA\Power Saver\TPwrReg.dll - ok
15:17:36.0632 2512 [ D1103CFC8D7EA09ED22536EC301603F9 ] C:\Program Files\TOSHIBA\Power Saver\TPwrFunc.dll
15:17:36.0632 2512 C:\Program Files\TOSHIBA\Power Saver\TPwrFunc.dll - ok
15:17:36.0648 2512 [ DF5246F51E8557E20D40B3641CAE57B7 ] C:\Program Files\TOSHIBA\Power Saver\TtosFunc.dll
15:17:36.0648 2512 C:\Program Files\TOSHIBA\Power Saver\TtosFunc.dll - ok
15:17:36.0663 2512 [ 0015ACFBBDD164A8A730009908868CA7 ] C:\Windows\System32\winspool.drv
15:17:36.0663 2512 C:\Windows\System32\winspool.drv - ok
15:17:36.0679 2512 [ 7E7AFD841694F6AC397E99D75CEAD49D ] C:\Windows\System32\trkwks.dll
15:17:36.0679 2512 C:\Windows\System32\trkwks.dll - ok
15:17:36.0679 2512 [ 2BACD71123F42CEA603F4E205E1AE337 ] C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
15:17:36.0679 2512 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE - ok
15:17:36.0694 2512 [ 19B07E7E8915D701225DA41CB3877306 ] C:\Windows\System32\wbem\WMIsvc.dll
15:17:36.0694 2512 C:\Windows\System32\wbem\WMIsvc.dll - ok
15:17:36.0710 2512 [ 7DB5AA22A8A8E5C2D335F44853C1F6DE ] C:\Windows\System32\wbemcomn.dll
15:17:36.0710 2512 C:\Windows\System32\wbemcomn.dll - ok
15:17:36.0726 2512 [ 0255C22D99602534F15CBB8D9B6F152F ] C:\Windows\System32\wbem\WinMgmtR.dll
15:17:36.0726 2512 C:\Windows\System32\wbem\WinMgmtR.dll - ok
15:17:36.0741 2512 [ 0C52762C606BCF6A377D5E4688191A6B ] C:\Windows\System32\wbem\WmiDcPrv.dll
15:17:36.0741 2512 C:\Windows\System32\wbem\WmiDcPrv.dll - ok
15:17:36.0757 2512 [ A3F5E8EC1316C3E2562B82694A251C9E ] C:\Windows\System32\wbem\fastprox.dll
15:17:36.0757 2512 C:\Windows\System32\wbem\fastprox.dll - ok
15:17:36.0772 2512 [ 93812FDC01AA864195816CD814445F95 ] C:\Program Files\Common Files\Microsoft Shared\Windows Live\SQMAPI.DLL
15:17:36.0772 2512 C:\Program Files\Common Files\Microsoft Shared\Windows Live\SQMAPI.DLL - ok
15:17:36.0788 2512 [ B837D1528CE2E3CB79F09496BC08DDC6 ] C:\Windows\System32\SensApi.dll
15:17:36.0788 2512 C:\Windows\System32\SensApi.dll - ok
15:17:36.0804 2512 [ 9689A9C7F7C2A1A423CDA2C3B43FFF65 ] C:\Windows\System32\wer.dll
15:17:36.0804 2512 C:\Windows\System32\wer.dll - ok
15:17:36.0819 2512 [ EE26D130808D16C0E417BBBED0451B34 ] C:\Windows\System32\ntdsapi.dll
15:17:36.0819 2512 C:\Windows\System32\ntdsapi.dll - ok
15:17:36.0835 2512 [ 666A60F6F5E719856FF6254E0966EFF7 ] C:\Windows\System32\wbem\wbemprox.dll
15:17:36.0835 2512 C:\Windows\System32\wbem\wbemprox.dll - ok
15:17:36.0835 2512 [ B4ADEBBF5E3677CCE9651E0F01F7CC28 ] C:\Windows\System32\drivers\srv2.sys
15:17:36.0835 2512 C:\Windows\System32\drivers\srv2.sys - ok
15:17:36.0850 2512 [ 08C2957BB30058E663720C5606885653 ] C:\Windows\System32\iphlpsvc.dll
15:17:36.0850 2512 C:\Windows\System32\iphlpsvc.dll - ok
15:17:36.0866 2512 [ 441FBA48BFF01FDB9D5969EBC1838F0B ] C:\Windows\System32\drivers\srv.sys
15:17:36.0866 2512 C:\Windows\System32\drivers\srv.sys - ok
15:17:36.0882 2512 [ 27B9E163740A226B65E4B9E186117911 ] C:\Windows\System32\sqmapi.dll
15:17:36.0882 2512 C:\Windows\System32\sqmapi.dll - ok
15:17:36.0897 2512 [ 079FD1D59EAD19270C979AF174D881A3 ] C:\ProgramData\Microsoft\IdentityCRL\production\ppcrlconfig600.dll
15:17:36.0897 2512 C:\ProgramData\Microsoft\IdentityCRL\production\ppcrlconfig600.dll - ok
15:17:36.0913 2512 [ 0B2D65FDDE31069299AA6330F359FF9C ] C:\Windows\System32\msxml3.dll
15:17:36.0913 2512 C:\Windows\System32\msxml3.dll - ok
15:17:36.0913 2512 [ 7B38D7916A7CD058C16A0A6CA5077901 ] C:\Windows\System32\wdscore.dll
15:17:36.0913 2512 C:\Windows\System32\wdscore.dll - ok
15:17:36.0928 2512 [ D9F42719019740BAA6D1C6D536CBDAA6 ] C:\Windows\System32\srvsvc.dll
15:17:36.0928 2512 C:\Windows\System32\srvsvc.dll - ok
15:17:36.0944 2512 [ 05F5A0D14A2EE1D8255C2AA0E9E8E694 ] C:\Windows\System32\browser.dll
15:17:36.0944 2512 C:\Windows\System32\browser.dll - ok
15:17:36.0960 2512 [ CFEFA40DDE34659BE5211966EAD86437 ] C:\Windows\System32\netmsg.dll
15:17:36.0960 2512 C:\Windows\System32\netmsg.dll - ok
15:17:36.0975 2512 [ 81749E073AC5857B044A686B406E5244 ] C:\Windows\System32\clusapi.dll
15:17:36.0975 2512 C:\Windows\System32\clusapi.dll - ok
15:17:36.0991 2512 [ FF80CAD87555E8E4D2CFD7B9058343F8 ] C:\Windows\System32\sscore.dll
15:17:36.0991 2512 C:\Windows\System32\sscore.dll - ok
15:17:36.0991 2512 [ 2A46FFE841EC43001D5A293A54DB34DE ] C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
15:17:36.0991 2512 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE - ok
15:17:37.0006 2512 [ 344FCC9850C3A8A3B4D3C65151AF8E4C ] C:\Windows\System32\resutils.dll
15:17:37.0006 2512 C:\Windows\System32\resutils.dll - ok
15:17:37.0022 2512 [ 3B367397320C26DBA890B260F80D1B1B ] C:\Windows\System32\hnetcfg.dll
15:17:37.0022 2512 C:\Windows\System32\hnetcfg.dll - ok
15:17:37.0038 2512 [ 5EB55F661DEBF156E126160BCD4D89F8 ] C:\Windows\System32\wbem\wbemcore.dll
15:17:37.0038 2512 C:\Windows\System32\wbem\wbemcore.dll - ok
15:17:37.0053 2512 [ 087D8668C71634A3A3761135ABF16EEE ] C:\Windows\System32\wbem\esscli.dll
15:17:37.0053 2512 C:\Windows\System32\wbem\esscli.dll - ok
15:17:37.0069 2512 [ 718B6F51AB7F6FE2988A36868F9AD3AB ] C:\Windows\System32\wbem\wbemsvc.dll
15:17:37.0069 2512 C:\Windows\System32\wbem\wbemsvc.dll - ok
15:17:37.0084 2512 [ 0143DB80DACFB7C2B5B7009ED9063353 ] C:\Windows\System32\wbem\wmiutils.dll
15:17:37.0084 2512 C:\Windows\System32\wbem\wmiutils.dll - ok
15:17:37.0100 2512 [ 0AB34456654C283DAA13B8D2BA21439B ] C:\Windows\System32\wbem\repdrvfs.dll
15:17:37.0100 2512 C:\Windows\System32\wbem\repdrvfs.dll - ok
15:17:37.0100 2512 [ AFB5B500AD69E24ED1BC15D1161641EF ] C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL
15:17:37.0100 2512 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL - ok
15:17:37.0116 2512 [ DDD0357A92FA843EFF8915ED17253D6C ] C:\Windows\System32\wbem\WmiPrvSD.dll
15:17:37.0116 2512 C:\Windows\System32\wbem\WmiPrvSD.dll - ok
15:17:37.0131 2512 [ 88351B29B622B30962D2FEB6CA8D860B ] C:\Windows\System32\rasadhlp.dll
15:17:37.0131 2512 C:\Windows\System32\rasadhlp.dll - ok
15:17:37.0147 2512 [ 45CFBFA8EDC3DF4E2B7FB0D0260FE051 ] C:\Windows\System32\localspl.dll
15:17:37.0147 2512 C:\Windows\System32\localspl.dll - ok
15:17:37.0162 2512 [ 3285481F5C12305CA104A6C493CA5A0B ] C:\Windows\System32\spoolss.dll
15:17:37.0162 2512 C:\Windows\System32\spoolss.dll - ok
15:17:37.0178 2512 [ C5AC93CF3BA30D367FB49148A2B673B9 ] C:\Windows\System32\PrintIsolationProxy.dll
15:17:37.0178 2512 C:\Windows\System32\PrintIsolationProxy.dll - ok
15:17:37.0194 2512 [ 5F552F1DD619482E9F37A17914B0B5CD ] C:\Windows\System32\KMPJL64.DLL
15:17:37.0194 2512 C:\Windows\System32\KMPJL64.DLL - ok
15:17:37.0209 2512 [ D41FEBD098234F02485A4EA98D4730A4 ] C:\Windows\System32\ncobjapi.dll
15:17:37.0209 2512 C:\Windows\System32\ncobjapi.dll - ok
15:17:37.0225 2512 [ 19E41CCCEE697CC9465396B370929792 ] C:\Windows\System32\FXSMON.dll
15:17:37.0225 2512 C:\Windows\System32\FXSMON.dll - ok
15:17:37.0240 2512 [ 32A3C8600AF124CBAAD845F13CFAE3CB ] C:\Windows\System32\tcpmon.dll
15:17:37.0240 2512 C:\Windows\System32\tcpmon.dll - ok
15:17:37.0256 2512 [ 6F40D6FB05E0C1E5402812B426971AF0 ] C:\Windows\System32\wbem\wbemess.dll
15:17:37.0256 2512 C:\Windows\System32\wbem\wbemess.dll - ok
15:17:37.0256 2512 [ 93518C6EDE0B61BCBD02BDB02BD05FEE ] C:\Windows\System32\snmpapi.dll
15:17:37.0256 2512 C:\Windows\System32\snmpapi.dll - ok
15:17:37.0272 2512 [ FFF9D00CF16397C64317F213484F94BD ] C:\Windows\System32\wsnmp32.dll
15:17:37.0272 2512 C:\Windows\System32\wsnmp32.dll - ok
15:17:37.0287 2512 [ DF72A9936D0C3F517083119648814B09 ] C:\Windows\System32\usbmon.dll
15:17:37.0287 2512 C:\Windows\System32\usbmon.dll - ok
15:17:37.0303 2512 [ A1D7E3ADCDB07DDB6F423862DCB1A52B ] C:\Windows\System32\WSDMon.dll
15:17:37.0303 2512 C:\Windows\System32\WSDMon.dll - ok
15:17:37.0318 2512 [ 4581716B4BF76ACFD8E167EB0B26D82A ] C:\Windows\System32\fdPnp.dll
15:17:37.0318 2512 C:\Windows\System32\fdPnp.dll - ok
15:17:37.0318 2512 [ 1D626FE2E13C1CE49CA0136CFF214E93 ] C:\Windows\System32\spool\prtprocs\x64\winprint.dll
15:17:37.0318 2512 C:\Windows\System32\spool\prtprocs\x64\winprint.dll - ok
15:17:37.0334 2512 [ 548CB980D7876E207CC9F8B60C1587A3 ] C:\Windows\System32\win32spl.dll
15:17:37.0334 2512 C:\Windows\System32\win32spl.dll - ok
15:17:37.0350 2512 [ 507D5567A0A4EE86C4B0CE2CE1777025 ] C:\Windows\System32\inetpp.dll
15:17:37.0350 2512 C:\Windows\System32\inetpp.dll - ok
15:17:37.0365 2512 [ 1BF0CB861A48FEB1638228760750F3CB ] C:\Windows\System32\cscapi.dll
15:17:37.0365 2512 C:\Windows\System32\cscapi.dll - ok
15:17:37.0381 2512 [ 79E80B10FE8F6662E0C9162A68C43444 ] C:\Program Files\Microsoft Security Client\NisSrv.exe
15:17:37.0381 2512 C:\Program Files\Microsoft Security Client\NisSrv.exe - ok
15:17:37.0396 2512 [ BF1FC3F79B863C914687A737C2F3D681 ] C:\Windows\System32\wdi.dll
15:17:37.0396 2512 C:\Windows\System32\wdi.dll - ok
15:17:37.0412 2512 [ 132045285DCC8654C14F1CFB4A8DCDA1 ] C:\Program Files\Microsoft Security Client\NisLog.dll
15:17:37.0412 2512 C:\Program Files\Microsoft Security Client\NisLog.dll - ok
15:17:37.0428 2512 [ F7073C962C4FB7C415565DDE109DE49F ] C:\Windows\System32\npmproxy.dll
15:17:37.0428 2512 C:\Windows\System32\npmproxy.dll - ok
15:17:37.0443 2512 [ 93221146D4EBBF314C29B23CD6CC391D ] C:\Windows\System32\wpdbusenum.dll
15:17:37.0443 2512 C:\Windows\System32\wpdbusenum.dll - ok
15:17:37.0443 2512 [ BD9EB3958F213F96B97B1D897DEE006D ] C:\Windows\System32\hidserv.dll
15:17:37.0443 2512 C:\Windows\System32\hidserv.dll - ok
15:17:37.0459 2512 [ E64D9EC8018C55873B40FDEE9DBEF5B3 ] C:\Windows\System32\PortableDeviceApi.dll
15:17:37.0459 2512 C:\Windows\System32\PortableDeviceApi.dll - ok
15:17:37.0474 2512 [ 517110BD83835338C037269E603DB55D ] C:\Windows\System32\taskhost.exe
15:17:37.0474 2512 C:\Windows\System32\taskhost.exe - ok
15:17:37.0490 2512 [ 4449D23E8F197862F1B16F1E6C89C36C ] C:\Windows\System32\diagperf.dll
15:17:37.0490 2512 C:\Windows\System32\diagperf.dll - ok
15:17:37.0506 2512 [ 4F15D75ADF6156BF56ECED6D4A55C389 ] C:\Windows\System32\IPSECSVC.DLL
15:17:37.0506 2512 C:\Windows\System32\IPSECSVC.DLL - ok
15:17:37.0521 2512 [ 9BC93C9ACFA34DB5A41B89357B31E4ED ] C:\Windows\System32\FwRemoteSvr.dll
15:17:37.0521 2512 C:\Windows\System32\FwRemoteSvr.dll - ok
15:17:37.0537 2512 [ 9719E3D834F5C8C43F56A93DFA497023 ] C:\Windows\System32\pnpts.dll
15:17:37.0537 2512 C:\Windows\System32\pnpts.dll - ok
15:17:37.0552 2512 [ E811F8510B133E70CF6E509FB809824F ] C:\Windows\System32\wdiasqmmodule.dll
15:17:37.0552 2512 C:\Windows\System32\wdiasqmmodule.dll - ok
15:17:37.0568 2512 [ E1B22739C933BE33F53DB58C5393ADD3 ] C:\Windows\System32\Apphlpdm.dll
15:17:37.0568 2512 C:\Windows\System32\Apphlpdm.dll - ok
15:17:37.0584 2512 [ BF4AC709BE5BF64F331F5D67773A0C82 ] C:\Windows\System32\perftrack.dll
15:17:37.0584 2512 C:\Windows\System32\perftrack.dll - ok
15:17:37.0584 2512 [ 2DF29664ED261F0FC448E58F338F0671 ] C:\Windows\System32\mprapi.dll
15:17:37.0584 2512 C:\Windows\System32\mprapi.dll - ok
15:17:37.0599 2512 [ 79AFFC7FEEA9CD2FEFEA5EF3B631A02C ] C:\Windows\System32\ndiscapCfg.dll
15:17:37.0599 2512 C:\Windows\System32\ndiscapCfg.dll - ok
15:17:37.0615 2512 [ 3D6AF45673C4B31CDECD7F80AF09D443 ] C:\Windows\System32\rascfg.dll
15:17:37.0615 2512 C:\Windows\System32\rascfg.dll - ok
15:17:37.0615 2512 [ 1CF21800E337F4039AAD4C94B4280EE4 ] C:\Windows\System32\mprmsg.dll
15:17:37.0630 2512 C:\Windows\System32\mprmsg.dll - ok
15:17:37.0630 2512 [ E629F1A051C82795DDFFD3E8D4855811 ] C:\Windows\System32\dimsjob.dll
15:17:37.0630 2512 C:\Windows\System32\dimsjob.dll - ok
15:17:37.0646 2512 [ 55DE45B116711881C852D2841E4C84DD ] C:\Windows\System32\tcpipcfg.dll
15:17:37.0646 2512 C:\Windows\System32\tcpipcfg.dll - ok
15:17:37.0662 2512 [ AFA79C343F9D1555F7E5D5FA70BB2A14 ] C:\Windows\System32\PortableDeviceConnectApi.dll
15:17:37.0662 2512 C:\Windows\System32\PortableDeviceConnectApi.dll - ok
15:17:37.0677 2512 [ F24F083224944042B1F3CF5B7A1BA1EE ] C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{3E01AC73-0CC1-4029-B7D5-9C1244535750}\gapaengine.dll
15:17:37.0677 2512 C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{3E01AC73-0CC1-4029-B7D5-9C1244535750}\gapaengine.dll - ok
15:17:37.0693 2512 [ 5527767F1ADD169320020321EEBA581E ] C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{3E01AC73-0CC1-4029-B7D5-9C1244535750}\nisfull.vdm
15:17:37.0693 2512 C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{3E01AC73-0CC1-4029-B7D5-9C1244535750}\nisfull.vdm - ok
15:17:37.0708 2512 [ 2E2072EB48238FCA8FBB7A9F5FABAC45 ] C:\Windows\System32\winrnr.dll
15:17:37.0708 2512 C:\Windows\System32\winrnr.dll - ok
15:17:37.0724 2512 [ 35CB97CBC3EDC463418ED4997AAB29B6 ] C:\Windows\System32\pautoenr.dll
15:17:37.0724 2512 C:\Windows\System32\pautoenr.dll - ok
15:17:37.0740 2512 [ 94DFBB481BF51158B216E23C5C1C9D6E ] C:\Windows\System32\certcli.dll
15:17:37.0740 2512 C:\Windows\System32\certcli.dll - ok
15:17:37.0740 2512 [ 263B26106606A010CF877472B535E4BB ] C:\Windows\System32\CertEnroll.dll
15:17:37.0740 2512 C:\Windows\System32\CertEnroll.dll - ok
15:17:37.0755 2512 [ ADF3E771F429940E762AC097F5A54EAF ] C:\Program Files\Windows Defender\MpClient.dll
15:17:37.0755 2512 C:\Program Files\Windows Defender\MpClient.dll - ok
15:17:37.0771 2512 [ FBD879D17B26D49DD7A48FF58062FAE6 ] C:\Windows\System32\tdh.dll
15:17:37.0771 2512 C:\Windows\System32\tdh.dll - ok
15:17:37.0786 2512 [ 10F815BE90A66AAFC6C713D1BD626064 ] C:\Windows\System32\pnidui.dll
15:17:37.0786 2512 C:\Windows\System32\pnidui.dll - ok
15:17:37.0802 2512 [ 1EB82516F21F27EED1833B4F9FD9614E ] C:\Windows\System32\wmp.dll
15:17:37.0802 2512 C:\Windows\System32\wmp.dll - ok
15:17:37.0818 2512 [ FEB91B4DA0D540865260A33838654FA3 ] C:\Windows\System32\nci.dll
15:17:37.0818 2512 C:\Windows\System32\nci.dll - ok
15:17:37.0818 2512 [ AC0C9CEA1218DAB1994AF8B28E680BD9 ] C:\Windows\System32\wlaninst.dll
15:17:37.0818 2512 C:\Windows\System32\wlaninst.dll - ok
15:17:37.0833 2512 [ 5A406C9C8E0880D3EABADC5DFD1ACDAE ] C:\Windows\System32\wwaninst.dll
15:17:37.0833 2512 C:\Windows\System32\wwaninst.dll - ok
15:17:37.0849 2512 [ 198803E5E93E29967DFB0BCFD0186151 ] C:\Windows\System32\spfileq.dll
15:17:37.0849 2512 C:\Windows\System32\spfileq.dll - ok
15:17:37.0864 2512 [ A8EDB86FC2A4D6D1285E4C70384AC35A ] C:\Windows\System32\dllhost.exe
15:17:37.0864 2512 C:\Windows\System32\dllhost.exe - ok
15:17:37.0880 2512 [ 14DFDEAF4E589ED3F1FF187A86B9408C ] C:\Windows\winsxs\amd64_microsoft.windows.common-controls_6595b64144ccf1df_5.82.7601.17514_none_a4d6a923711520a9\comctl32.dll
15:17:37.0880 2512 C:\Windows\winsxs\amd64_microsoft.windows.common-controls_6595b64144ccf1df_5.82.7601.17514_none_a4d6a923711520a9\comctl32.dll - ok
15:17:37.0896 2512 [ A0A2C1D812C231C9BFE119FDC68E341B ] C:\Windows\System32\IDStore.dll
15:17:37.0896 2512 C:\Windows\System32\IDStore.dll - ok
15:17:37.0896 2512 [ D8DAD1E59B580BE2F5C079BCCE33EA96 ] C:\Windows\System32\KBDKOR.DLL
15:17:37.0896 2512 C:\Windows\System32\KBDKOR.DLL - ok
15:17:37.0911 2512 [ 4F5A3681A762FBCCC5A02D2DB3A04A79 ] C:\Windows\System32\kbd101a.dll
15:17:37.0911 2512 C:\Windows\System32\kbd101a.dll - ok
15:17:37.0927 2512 [ 06F85BA017A3D9B955AC7A00525ACF6B ] C:\Windows\System32\kbd103.dll
15:17:37.0927 2512 C:\Windows\System32\kbd103.dll - ok
15:17:37.0942 2512 [ 65EA57712340C09B1B0C427B4848AE05 ] C:\Windows\System32\taskeng.exe
15:17:37.0942 2512 C:\Windows\System32\taskeng.exe - ok
15:17:37.0958 2512 [ F11A57E91FDAECFB41A5CB21EB1EBC8E ] C:\Windows\System32\dssenh.dll
15:17:37.0958 2512 C:\Windows\System32\dssenh.dll - ok
15:17:37.0958 2512 [ 46863C4CC5B68EB09EA2D5EEF0F1193A ] C:\Windows\System32\radardt.dll
15:17:37.0958 2512 C:\Windows\System32\radardt.dll - ok
15:17:37.0974 2512 [ 94EEAC26F57811BD1AEFC164412F7FCE ] C:\Windows\System32\PlaySndSrv.dll
15:17:37.0974 2512 C:\Windows\System32\PlaySndSrv.dll - ok
15:17:37.0989 2512 [ 23566F9723771108D2E6CD768AC27407 ] C:\Windows\System32\AtBroker.exe
15:17:37.0989 2512 C:\Windows\System32\AtBroker.exe - ok
15:17:38.0005 2512 [ 9BB99503D6A4DD62569EDE9E5E2672A5 ] C:\Windows\System32\HotStartUserAgent.dll
15:17:38.0005 2512 C:\Windows\System32\HotStartUserAgent.dll - ok
15:17:38.0020 2512 [ 6CEF7856A3EFAC59470F6208F0F585CE ] C:\Windows\System32\mpr.dll
15:17:38.0020 2512 C:\Windows\System32\mpr.dll - ok
15:17:38.0020 2512 [ 1F1CA9E99DD5BF918BE0BF30B5A42FDA ] C:\Windows\System32\MsCtfMonitor.dll
15:17:38.0020 2512 C:\Windows\System32\MsCtfMonitor.dll - ok
15:17:38.0036 2512 [ F09A9A1AD21FE618C4C8B0A0D830C886 ] C:\Windows\System32\msutb.dll
15:17:38.0036 2512 C:\Windows\System32\msutb.dll - ok
15:17:38.0052 2512 [ BAFE84E637BF7388C96EF48D4D3FDD53 ] C:\Windows\System32\userinit.exe
15:17:38.0052 2512 C:\Windows\System32\userinit.exe - ok
15:17:38.0067 2512 [ F162D5F5E845B9DC352DD1BAD8CEF1BC ] C:\Windows\System32\dwm.exe
15:17:38.0067 2512 C:\Windows\System32\dwm.exe - ok
15:17:38.0083 2512 [ FCFCD1101C5DA23B4B95F93D02B2C169 ] C:\Windows\System32\dwmredir.dll
15:17:38.0083 2512 C:\Windows\System32\dwmredir.dll - ok
15:17:38.0083 2512 [ 4BA77A5EF71C14C764B0ED4701683E3E ] C:\Windows\System32\dwmcore.dll
15:17:38.0083 2512 C:\Windows\System32\dwmcore.dll - ok
15:17:38.0098 2512 [ 805A52C5AE26C28E88FDD9BCCFE6F312 ] C:\Windows\System32\TSChannel.dll
15:17:38.0098 2512 C:\Windows\System32\TSChannel.dll - ok
15:17:38.0114 2512 [ F02A533F517EB38333CB12A9E8963773 ] C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
15:17:38.0114 2512 C:\Program Files (x86)\Google\Update\GoogleUpdate.exe - ok
15:17:38.0130 2512 [ 9FF47CD8A3787C8FD3CDFE40441C722E ] C:\Program Files (x86)\Google\Update\1.3.21.123\goopdate.dll
15:17:38.0130 2512 C:\Program Files (x86)\Google\Update\1.3.21.123\goopdate.dll - ok
15:17:38.0145 2512 [ 2FCA0D2C59A855C54BAFA22AA329DF0F ] C:\Windows\SysWOW64\netapi32.dll
15:17:38.0145 2512 C:\Windows\SysWOW64\netapi32.dll - ok
15:17:38.0145 2512 [ 20B3934DB73EABA2B49B7177873CB81F ] C:\Windows\SysWOW64\netutils.dll
15:17:38.0145 2512 C:\Windows\SysWOW64\netutils.dll - ok
15:17:38.0161 2512 [ 332FEAB1435662FC6C672E25BEB37BE3 ] C:\Windows\explorer.exe
15:17:38.0161 2512 C:\Windows\explorer.exe - ok
15:17:38.0176 2512 [ E1374D37477322D4956604711008C69D ] C:\Windows\System32\d3d10_1.dll
15:17:38.0176 2512 C:\Windows\System32\d3d10_1.dll - ok
15:17:38.0192 2512 [ 426BA4E737A7988FD1202AF2F2B2F4A6 ] C:\Windows\System32\d3d10_1core.dll
15:17:38.0192 2512 C:\Windows\System32\d3d10_1core.dll - ok
15:17:38.0208 2512 [ 5CCDCD40E732D54E0F7451AC66AC1C87 ] C:\Windows\SysWOW64\srvcli.dll
15:17:38.0208 2512 C:\Windows\SysWOW64\srvcli.dll - ok
15:17:38.0223 2512 [ E5A4A1326A02F8E7B59E6C3270CE7202 ] C:\Windows\SysWOW64\wkscli.dll
15:17:38.0223 2512 C:\Windows\SysWOW64\wkscli.dll - ok
15:17:38.0239 2512 [ 352B3DC62A0D259A82A052238425C872 ] C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2\comctl32.dll
15:17:38.0239 2512 C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2\comctl32.dll - ok
15:17:38.0239 2512 [ F404E59DB6A0F122AB26BF4F3E2FD0FA ] C:\Windows\System32\dxgi.dll
15:17:38.0239 2512 C:\Windows\System32\dxgi.dll - ok
15:17:38.0254 2512 [ B2DB6ABA2E292235749B80A9C3DFA867 ] C:\Windows\SysWOW64\imagehlp.dll
15:17:38.0254 2512 C:\Windows\SysWOW64\imagehlp.dll - ok
15:17:38.0270 2512 [ B4AC3953C16443158DCA772F187DF92C ] C:\Windows\System32\aticfx64.dll
15:17:38.0270 2512 C:\Windows\System32\aticfx64.dll - ok
15:17:38.0286 2512 [ A6C29DB53ECA94FA8591C5388D604B82 ] C:\Windows\SysWOW64\msi.dll
15:17:38.0286 2512 C:\Windows\SysWOW64\msi.dll - ok
15:17:38.0301 2512 [ 1D8FF340333F3D023668467574523FCF ] C:\Windows\System32\atiuxp64.dll
15:17:38.0301 2512 C:\Windows\System32\atiuxp64.dll - ok
15:17:38.0317 2512 [ 9E8CFD920F2D542FA9FE9FBD142C2B0A ] C:\Windows\System32\atidxx64.dll
15:17:38.0317 2512 C:\Windows\System32\atidxx64.dll - ok
15:17:38.0332 2512 [ EED05D42D91835064703E2318552ED25 ] C:\Windows\System32\ExplorerFrame.dll
15:17:38.0332 2512 C:\Windows\System32\ExplorerFrame.dll - ok
15:17:38.0348 2512 [ 9CB0D2A9A77D91D9614355EE9FF00519 ] C:\Windows\SysWOW64\wininet.dll
15:17:38.0348 2512 C:\Windows\SysWOW64\wininet.dll - ok
15:17:38.0348 2512 [ 3178C47DB9F1615E5334029607BD3459 ] C:\Windows\SysWOW64\iertutil.dll
15:17:38.0348 2512 C:\Windows\SysWOW64\iertutil.dll - ok
15:17:38.0364 2512 [ 49E5753D923F1AC63B22D3DCB0B47E00 ] C:\Windows\System32\uDWM.dll
15:17:38.0364 2512 C:\Windows\System32\uDWM.dll - ok
15:17:38.0379 2512 [ 024352FEEC9042260BB4CFB4D79A206B ] C:\Windows\System32\EhStorShell.dll
15:17:38.0379 2512 C:\Windows\System32\EhStorShell.dll - ok
15:17:38.0395 2512 [ 037A719DAD50603202C978CD802623E4 ] C:\Windows\System32\ntshrui.dll
15:17:38.0395 2512 C:\Windows\System32\ntshrui.dll - ok
15:17:38.0395 2512 [ 1D63F4366288B8A7595397E27010FD44 ] C:\Windows\System32\IconCodecService.dll
15:17:38.0395 2512 C:\Windows\System32\IconCodecService.dll - ok
15:17:38.0410 2512 [ 3977D4A871CA0D4F2ED1E7DB46829731 ] C:\Windows\System32\appinfo.dll
15:17:38.0410 2512 C:\Windows\System32\appinfo.dll - ok
15:17:38.0426 2512 [ FC4EE980C3BD87D35816EC55007E00B5 ] C:\Windows\SysWOW64\urlmon.dll
15:17:38.0426 2512 C:\Windows\SysWOW64\urlmon.dll - ok
15:17:38.0442 2512 [ 6C765E82B57F2E66CE9C54AC238471D9 ] C:\Windows\SysWOW64\oleaut32.dll
15:17:38.0442 2512 C:\Windows\SysWOW64\oleaut32.dll - ok
15:17:38.0457 2512 [ 522B0466ED967A0762E9AF5B37D8F40A ] C:\Windows\System32\esent.dll
15:17:38.0457 2512 C:\Windows\System32\esent.dll - ok
15:17:38.0473 2512 [ 465BEA35F7ED4A4A57686DEA7EA10F47 ] C:\Windows\SysWOW64\cscapi.dll
15:17:38.0473 2512 C:\Windows\SysWOW64\cscapi.dll - ok
15:17:38.0473 2512 [ 3FD15B4611D9BDA3F8013548C0ECAECA ] C:\Windows\SysWOW64\ntmarta.dll
15:17:38.0473 2512 C:\Windows\SysWOW64\ntmarta.dll - ok
15:17:38.0488 2512 [ A8BB45F9ECAD993461E0FEF8E2A99152 ] C:\Windows\SysWOW64\Wldap32.dll
15:17:38.0488 2512 C:\Windows\SysWOW64\Wldap32.dll - ok
15:17:38.0504 2512 [ 53223B673A3FA2F9A4D1C31C8D3F6CD8 ] C:\Windows\SysWOW64\dbghelp.dll
15:17:38.0504 2512 C:\Windows\SysWOW64\dbghelp.dll - ok
15:17:38.0520 2512 [ 863F793D15B4026B1A5FDECA873D4D84 ] C:\Windows\SysWOW64\apphelp.dll
15:17:38.0520 2512 C:\Windows\SysWOW64\apphelp.dll - ok
15:17:38.0535 2512 [ AE5A69F44C1F97EDC83237FC0B29B6FB ] C:\Program Files (x86)\Google\Update\1.3.21.123\GoogleCrashHandler.exe
15:17:38.0535 2512 C:\Program Files (x86)\Google\Update\1.3.21.123\GoogleCrashHandler.exe - ok
15:17:38.0551 2512 [ 41938F2C1642459CBBA691B5DBD6395A ] C:\Program Files (x86)\Google\Update\1.3.21.123\GoogleCrashHandler64.exe
15:17:38.0551 2512 C:\Program Files (x86)\Google\Update\1.3.21.123\GoogleCrashHandler64.exe - ok
15:17:38.0566 2512 [ FF5688D309347F2720911D8796912834 ] C:\Windows\SysWOW64\clbcatq.dll
15:17:38.0566 2512 C:\Windows\SysWOW64\clbcatq.dll - ok
15:17:38.0566 2512 [ C5A99A4C0DC9F0F5A95BA0C83D30A549 ] C:\Windows\SysWOW64\mstask.dll
15:17:38.0582 2512 C:\Windows\SysWOW64\mstask.dll - ok
15:17:38.0582 2512 [ A7A8CA53D9C9FD90C07AB0EB38E5316B ] C:\Windows\System32\dbghelp.dll
15:17:38.0582 2512 C:\Windows\System32\dbghelp.dll - ok
15:17:38.0598 2512 [ 025E7DBDB98866ED3CB2D4DDA70B364D ] C:\Windows\System32\runonce.exe
15:17:38.0598 2512 C:\Windows\System32\runonce.exe - ok
15:17:38.0613 2512 [ D44741F65A1D71F65814A12CF6E2400A ] C:\Windows\SysWOW64\runonce.exe
15:17:38.0613 2512 C:\Windows\SysWOW64\runonce.exe - ok
15:17:38.0629 2512 [ 43964FA89CCF97BA6BE34D69455AC65F ] C:\Windows\SysWOW64\uxtheme.dll
15:17:38.0629 2512 C:\Windows\SysWOW64\uxtheme.dll - ok
15:17:38.0644 2512 [ 10FB16B50AFFDA6D44588F3C445DC273 ] C:\Windows\SysWOW64\setupapi.dll
15:17:38.0644 2512 C:\Windows\SysWOW64\setupapi.dll - ok
15:17:38.0644 2512 [ F436E847FA799ECD75AD8C313673F450 ] C:\Windows\SysWOW64\cfgmgr32.dll
15:17:38.0644 2512 C:\Windows\SysWOW64\cfgmgr32.dll - ok
15:17:38.0660 2512 [ 2EEFF4502F5E13B1BED4A04CCAD64C08 ] C:\Windows\SysWOW64\devobj.dll
15:17:38.0660 2512 C:\Windows\SysWOW64\devobj.dll - ok
15:17:38.0676 2512 [ 12C45E3CB6D65F73209549E2D02ECA7A ] C:\Windows\SysWOW64\propsys.dll
15:17:38.0676 2512 C:\Windows\SysWOW64\propsys.dll - ok
15:17:38.0691 2512 [ F93674263F6B07C77956E966953242D9 ] C:\Windows\SysWOW64\secur32.dll
15:17:38.0691 2512 C:\Windows\SysWOW64\secur32.dll - ok
15:17:38.0691 2512 [ AD7B9C14083B52BC532FBA5948342B98 ] C:\Windows\SysWOW64\cmd.exe
15:17:38.0691 2512 C:\Windows\SysWOW64\cmd.exe - ok
15:17:38.0707 2512 [ 326C7F76A29897A892AA7726E91C1C67 ] C:\Windows\SysWOW64\winbrand.dll
15:17:38.0707 2512 C:\Windows\SysWOW64\winbrand.dll - ok
15:17:38.0722 2512 [ A6B73FCB9496DB101F3066CAF5A7DA4B ] C:\Windows\SysWOW64\ieframe.dll
15:17:38.0722 2512 C:\Windows\SysWOW64\ieframe.dll - ok
15:17:38.0738 2512 [ FCE23E27F62989AD0BB88E256E847A41 ] C:\Windows\System32\CertPolEng.dll
15:17:38.0738 2512 C:\Windows\System32\CertPolEng.dll - ok
15:17:38.0754 2512 [ 8E01332CC4B68BC6B5B7EFFE374442AA ] C:\Windows\SysWOW64\oleacc.dll
15:17:38.0754 2512 C:\Windows\SysWOW64\oleacc.dll - ok
15:17:38.0769 2512 [ BE247AE996A9FDE007A27B51413A6C79 ] C:\Windows\SysWOW64\shdocvw.dll
15:17:38.0769 2512 C:\Windows\SysWOW64\shdocvw.dll - ok
15:17:38.0769 2512 [ 4B78B431F225FD8624C5655CB1DE7B61 ] C:\Windows\System32\aelupsvc.dll
15:17:38.0769 2512 C:\Windows\System32\aelupsvc.dll - ok
15:17:38.0785 2512 [ 22F020C76E339EB2B2187BA73A7E4173 ] C:\Windows\System32\PrintIsolationHost.exe
15:17:38.0785 2512 C:\Windows\System32\PrintIsolationHost.exe - ok
15:17:38.0800 2512 [ CB8328E579979EE3A639920625645563 ] C:\Windows\System32\spool\drivers\x64\3\KMUC53B3.DLL
15:17:38.0800 2512 C:\Windows\System32\spool\drivers\x64\3\KMUC53B3.DLL - ok
15:17:38.0816 2512 [ FDFEA82F1B276724A33B6BB91BB60A93 ] C:\Windows\System32\spool\drivers\x64\3\KMUU53B3.DLL
15:17:38.0816 2512 C:\Windows\System32\spool\drivers\x64\3\KMUU53B3.DLL - ok
15:17:38.0832 2512 [ EBC984F0CE40E0DAF0454D806EC2A7EC ] C:\Users\Jessie\AppData\Local\Temp\3C854BC1-B77E-401A-81F9-5256BD38B6DE.exe
15:17:38.0832 2512 C:\Users\Jessie\AppData\Local\Temp\3C854BC1-B77E-401A-81F9-5256BD38B6DE.exe - ok
15:17:38.0847 2512 [ 591FE0A6CEB19BF886CEB1331F591940 ] C:\Windows\SysWOW64\ncrypt.dll
15:17:38.0847 2512 C:\Windows\SysWOW64\ncrypt.dll - ok
15:17:38.0863 2512 [ CE71B9119A258EDD0A05B37D7B0F92E3 ] C:\Windows\SysWOW64\bcrypt.dll
15:17:38.0863 2512 C:\Windows\SysWOW64\bcrypt.dll - ok
15:17:38.0863 2512 [ E8449FE262D7406BCB2AC2A45C53EC5F ] C:\Windows\SysWOW64\bcryptprimitives.dll
15:17:38.0863 2512 C:\Windows\SysWOW64\bcryptprimitives.dll - ok
15:17:38.0878 2512 [ 1097F3035BAF46CED8B332B3564C5108 ] C:\Windows\SysWOW64\gpapi.dll
15:17:38.0878 2512 C:\Windows\SysWOW64\gpapi.dll - ok
15:17:38.0894 2512 [ CA79539D3D4C0BA66F0F051A5EE5E923 ] C:\Windows\SysWOW64\cryptnet.dll
15:17:38.0894 2512 C:\Windows\SysWOW64\cryptnet.dll - ok
15:17:38.0910 2512 [ 6F8E3B7B70E1BBA871212940C1FBDF60 ] C:\Windows\SysWOW64\SensApi.dll
15:17:38.0910 2512 C:\Windows\SysWOW64\SensApi.dll - ok
15:17:38.0910 2512 [ 39C5F32747B3414D1BB216FDB1DEFC58 ] C:\Windows\SysWOW64\dwmapi.dll
15:17:38.0910 2512 C:\Windows\SysWOW64\dwmapi.dll - ok
15:17:38.0925 2512 [ 1DB71A41DAEE6B3F8CD0DDA8209FA2D5 ] C:\Windows\SysWOW64\WindowsCodecs.dll
15:17:38.0925 2512 C:\Windows\SysWOW64\WindowsCodecs.dll - ok
15:17:38.0941 2512 [ 846D0E4DB261CFAF363902E41498E961 ] C:\Windows\SysWOW64\EhStorShell.dll
15:17:38.0941 2512 C:\Windows\SysWOW64\EhStorShell.dll - ok
15:17:38.0956 2512 [ 03F3B770DFBED6131653CEDA8CA780F0 ] C:\Windows\SysWOW64\ntshrui.dll
15:17:38.0956 2512 C:\Windows\SysWOW64\ntshrui.dll - ok
15:17:38.0972 2512 [ 827CB0D6C3F8057EA037FF271F8E9795 ] C:\Windows\SysWOW64\imageres.dll
15:17:38.0972 2512 C:\Windows\SysWOW64\imageres.dll - ok
15:17:38.0972 2512 [ 8B74CEC6980D4816B0037AE9A27E538F ] C:\Windows\SysWOW64\slc.dll
15:17:38.0972 2512 C:\Windows\SysWOW64\slc.dll - ok
15:17:38.0988 2512 [ 523CF74A52C9A1762DA8B83AEE734498 ] C:\Windows\SysWOW64\IconCodecService.dll
15:17:38.0988 2512 C:\Windows\SysWOW64\IconCodecService.dll - ok
15:17:39.0003 2512 [ 40CAEEE0EAF1B8569F7C8DF6420F2CB9 ] C:\Windows\SysWOW64\sfc.dll
15:17:39.0003 2512 C:\Windows\SysWOW64\sfc.dll - ok
15:17:39.0019 2512 [ 84799328D87B3091A3BDD251E1AD31F9 ] C:\Windows\SysWOW64\sfc_os.dll
15:17:39.0019 2512 C:\Windows\SysWOW64\sfc_os.dll - ok
15:17:39.0034 2512 [ 162D247E995EAEBF3EF4289069E1111C ] C:\Windows\SysWOW64\devrtl.dll
15:17:39.0034 2512 C:\Windows\SysWOW64\devrtl.dll - ok
15:17:39.0050 2512 [ CA9F7888B524D8100B977C81F44C3234 ] C:\Windows\SysWOW64\winhttp.dll
15:17:39.0050 2512 C:\Windows\SysWOW64\winhttp.dll - ok
15:17:39.0050 2512 [ B519848DFA30AE2B306576B51321D102 ] C:\Windows\System32\ie4uinit.exe
15:17:39.0050 2512 C:\Windows\System32\ie4uinit.exe - ok
15:17:39.0066 2512 [ FB19FC5951A88F3C523E35C2C98D23C0 ] C:\Windows\SysWOW64\webio.dll
15:17:39.0066 2512 C:\Windows\SysWOW64\webio.dll - ok
15:17:39.0081 2512 [ 2C647ABE9A424E55B5F3DAE4629B4277 ] C:\Windows\System32\themeui.dll
15:17:39.0081 2512 C:\Windows\System32\themeui.dll - ok
15:17:39.0097 2512 [ FB10715E4099AF9FA389C71873245226 ] C:\Windows\System32\timedate.cpl
15:17:39.0097 2512 C:\Windows\System32\timedate.cpl - ok
15:17:39.0112 2512 [ E6F0F82788E8BD0F7A616350EFA0761C ] C:\Windows\System32\actxprxy.dll
15:17:39.0112 2512 C:\Windows\System32\actxprxy.dll - ok
15:17:39.0128 2512 [ 4E5FE39C1076D115EC8BFCFE14D75B80 ] C:\Windows\SysWOW64\credssp.dll
15:17:39.0128 2512 C:\Windows\SysWOW64\credssp.dll - ok
15:17:39.0128 2512 [ 8999B8631C7FD9F7F9EC3CAFD953BA24 ] C:\Windows\SysWOW64\mswsock.dll
15:17:39.0128 2512 C:\Windows\SysWOW64\mswsock.dll - ok
15:17:39.0144 2512 [ EE5C8E27C37B79CB54A2FCEEED2DC262 ] C:\Windows\SysWOW64\WSHTCPIP.DLL
15:17:39.0144 2512 C:\Windows\SysWOW64\WSHTCPIP.DLL - ok
15:17:39.0159 2512 [ C4F40F6CACD796A8E16671D0E9A2F319 ] C:\Windows\System32\shdocvw.dll
15:17:39.0159 2512 C:\Windows\System32\shdocvw.dll - ok
15:17:39.0175 2512 [ 73E8667A19FEEDD856DF2695E9E511D4 ] C:\Windows\SysWOW64\wship6.dll
15:17:39.0175 2512 C:\Windows\SysWOW64\wship6.dll - ok
15:17:39.0190 2512 [ B40420876B9288E0A1C8CCA8A84E5DC9 ] C:\Windows\SysWOW64\dnsapi.dll
15:17:39.0190 2512 C:\Windows\SysWOW64\dnsapi.dll - ok
15:17:39.0190 2512 [ A0A65D306A5490D2EB8E7DE66898ECFD ] C:\Windows\System32\linkinfo.dll
15:17:39.0190 2512 C:\Windows\System32\linkinfo.dll - ok
15:17:39.0206 2512 [ 12B79422A23814429CDA9E734C58F78F ] C:\Program Files (x86)\Common Files\microsoft shared\Windows Live\WLIDNSP.DLL
15:17:39.0206 2512 C:\Program Files (x86)\Common Files\microsoft shared\Windows Live\WLIDNSP.DLL - ok
15:17:39.0222 2512 [ ED6EE83D61EBC683C2CD8E899EA6FEBE ] C:\Windows\SysWOW64\rasadhlp.dll
15:17:39.0222 2512 C:\Windows\SysWOW64\rasadhlp.dll - ok
15:17:39.0237 2512 [ 661CEEDE98A2E0E5CDD7DE239EB38353 ] C:\PROGRA~2\WIC4A1~1\MESSEN~1\msgslang.dll
15:17:39.0237 2512 C:\PROGRA~2\WIC4A1~1\MESSEN~1\msgslang.dll - ok
15:17:39.0253 2512 [ 1EAC1A8CA6874BF5B15E2EFB9A9A7B86 ] C:\Windows\System32\msftedit.dll
15:17:39.0253 2512 C:\Windows\System32\msftedit.dll - ok
15:17:39.0268 2512 [ 03A03A453F1AAAE0C73AAAF895321C7A ] C:\Windows\SysWOW64\FWPUCLNT.DLL
15:17:39.0268 2512 C:\Windows\SysWOW64\FWPUCLNT.DLL - ok
15:17:39.0284 2512 [ 7FCAB194F01E3403C300EB034E480B36 ] C:\Windows\System32\msls31.dll
15:17:39.0284 2512 C:\Windows\System32\msls31.dll - ok
15:17:39.0300 2512 [ 3504B34CD2DE00BA3CC1A195F1B739BD ] C:\Windows\System32\gameux.dll
15:17:39.0300 2512 C:\Windows\System32\gameux.dll - ok
15:17:39.0315 2512 [ 7DBA84667DC18877AEF693E3543DFAD7 ] C:\Program Files\Common Files\Microsoft Shared\ink\tiptsf.dll
15:17:39.0315 2512 C:\Program Files\Common Files\Microsoft Shared\ink\tiptsf.dll - ok
15:17:39.0315 2512 [ BCFF8CD24809941E28C73185FC58CA39 ] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
15:17:39.0315 2512 C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe - ok
15:17:39.0331 2512 [ 0BE126224273ACB0925C07B30A0E4209 ] C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
15:17:39.0331 2512 C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe - ok
15:17:39.0346 2512 [ 439669E153EF11FA16861EC33D4AFC81 ] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
15:17:39.0346 2512 C:\Program Files\Synaptics\SynTP\SynTPEnh.exe - ok
15:17:39.0362 2512 [ C5BCAB2B9BD316DDFD53D4CB5E1C438D ] C:\Program Files\TOSHIBA\Power Saver\TPwrMain.exe
15:17:39.0362 2512 C:\Program Files\TOSHIBA\Power Saver\TPwrMain.exe - ok
15:17:39.0378 2512 [ 69754747274B76E7FAF287239333D7E6 ] C:\Windows\System32\msiltcfg.dll
15:17:39.0378 2512 C:\Windows\System32\msiltcfg.dll - ok
15:17:39.0393 2512 [ 5EB6E9C8BE1ACC5830780E0F9A846255 ] C:\Windows\System32\msi.dll
15:17:39.0393 2512 C:\Windows\System32\msi.dll - ok
15:17:39.0409 2512 [ DC604BBAF9F613D150CC6060E0E47788 ] C:\Program Files\TOSHIBA\FlashCards\TCrdMain.exe
15:17:39.0409 2512 C:\Program Files\TOSHIBA\FlashCards\TCrdMain.exe - ok
15:17:39.0424 2512 [ D70D6B42933C1174FE961F0BCA3573A3 ] C:\Program Files\TOSHIBA\FlashCards\TCrdEvnt.dll
15:17:39.0424 2512 C:\Program Files\TOSHIBA\FlashCards\TCrdEvnt.dll - ok
15:17:39.0424 2512 [ 585FED4CDB8034B8B58AEB8008255817 ] C:\Windows\System32\opengl32.dll
15:17:39.0424 2512 C:\Windows\System32\opengl32.dll - ok
15:17:39.0440 2512 [ 76849AB697E63D85CC35DD2F8AEA1C6B ] C:\Program Files\TOSHIBA\FlashCards\TCrdMain.dll
15:17:39.0440 2512 C:\Program Files\TOSHIBA\FlashCards\TCrdMain.dll - ok
15:17:39.0456 2512 [ DFD8F75F0E27D522AB8424AD71719C8B ] C:\Program Files\TOSHIBA\TBS\HSON.exe
15:17:39.0456 2512 C:\Program Files\TOSHIBA\TBS\HSON.exe - ok
15:17:39.0471 2512 [ 4C2C4640BF23AAFCF90519E0F34436CE ] C:\Windows\System32\DeviceCenter.dll
15:17:39.0471 2512 C:\Windows\System32\DeviceCenter.dll - ok
15:17:39.0471 2512 [ F2967C0A97C0EA67D79D7F557213950D ] C:\Windows\System32\glu32.dll
15:17:39.0471 2512 C:\Windows\System32\glu32.dll - ok
15:17:39.0487 2512 [ A6C09924C6730DE8DEED9890A12AA691 ] C:\Windows\System32\ddraw.dll
15:17:39.0487 2512 C:\Windows\System32\ddraw.dll - ok
15:17:39.0502 2512 [ F82483A80D49ACCA81193A294FB233CD ] C:\Program Files\TOSHIBA\TosVolRegulator\TosVolRegulator.exe
15:17:39.0502 2512 C:\Program Files\TOSHIBA\TosVolRegulator\TosVolRegulator.exe - ok
15:17:39.0518 2512 [ 0F042176F243D71C552E9D07D2FCB141 ] C:\Program Files\TOSHIBA\FlashCards\BlackPng.dll
15:17:39.0518 2512 C:\Program Files\TOSHIBA\FlashCards\BlackPng.dll - ok
15:17:39.0534 2512 [ 29C22748937F45C26590909E9F8E7137 ] C:\Windows\System32\dciman32.dll
15:17:39.0534 2512 C:\Windows\System32\dciman32.dll - ok
15:17:39.0549 2512 [ 426350B428CD70D037A3326EB9E5EDFD ] C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosWaitSrv.exe
15:17:39.0549 2512 C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosWaitSrv.exe - ok
15:17:39.0565 2512 [ 24F4B480F335A6C724AF352253C5D98B ] C:\Windows\System32\thumbcache.dll
15:17:39.0565 2512 C:\Windows\System32\thumbcache.dll - ok
15:17:39.0580 2512 [ E424B3EF666B184CEE0B6871AAA8C9F6 ] C:\Windows\System32\msimg32.dll
15:17:39.0580 2512 C:\Windows\System32\msimg32.dll - ok
15:17:39.0580 2512 [ 565E25C82AAE17EA97884B43F05A720E ] C:\Windows\System32\SynCOM.dll
15:17:39.0580 2512 C:\Windows\System32\SynCOM.dll - ok
15:17:39.0596 2512 [ 0DC6669BC2B552C0ECC905B6B761F508 ] C:\Program Files\Microsoft Security Client\msseces.exe
15:17:39.0596 2512 C:\Program Files\Microsoft Security Client\msseces.exe - ok
15:17:39.0612 2512 [ EFE8A50B9AE0205D399E94E89E244E65 ] C:\Program Files\TOSHIBA\Power Saver\TCooling.dll
15:17:39.0612 2512 C:\Program Files\TOSHIBA\Power Saver\TCooling.dll - ok
15:17:39.0643 2512 [ 263E9A047D17CD50BAA9D3C02910D18D ] C:\Windows\System32\oledlg.dll
15:17:39.0643 2512 C:\Windows\System32\oledlg.dll - ok
15:17:39.0643 2512 [ 405F4D32D2185F1F1BD753D8EEAFFB3A ] C:\Windows\System32\networkexplorer.dll
15:17:39.0643 2512 C:\Windows\System32\networkexplorer.dll - ok
15:17:39.0658 2512 [ 5D61BE7DB55B026A5D61A3EED09D0EAD ] C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
15:17:39.0658 2512 C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe - ok
15:17:39.0674 2512 [ 4936B83586C1F81630AE9C8EED6E356A ] C:\Windows\System32\SynTPAPI.dll
15:17:39.0674 2512 C:\Windows\System32\SynTPAPI.dll - ok
15:17:39.0690 2512 [ BE56D0547E24644DEEB19397521B1EAA ] C:\Program Files (x86)\Google\GoogleToolbarNotifier\5.7.7529.1424\gtn.dll
15:17:39.0690 2512 C:\Program Files (x86)\Google\GoogleToolbarNotifier\5.7.7529.1424\gtn.dll - ok
15:17:39.0705 2512 [ 6B8966ECB093271DE794286850432225 ] C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
15:17:39.0705 2512 C:\Program Files\Synaptics\SynTP\SynTPHelper.exe - ok
15:17:39.0705 2512 [ E542A10321E884C2C50290AC67E82DAE ] C:\Program Files\TOSHIBA\Power Saver\TOddPwr.dll
15:17:39.0705 2512 C:\Program Files\TOSHIBA\Power Saver\TOddPwr.dll - ok
15:17:39.0721 2512 [ 839F96DBAAFD3353E0B248A5E0BD2A51 ] C:\Windows\SysWOW64\rasapi32.dll
15:17:39.0721 2512 C:\Windows\SysWOW64\rasapi32.dll - ok
15:17:39.0736 2512 [ 0B5511674394666E9D221F8681B2C2E6 ] C:\Windows\System32\consent.exe
15:17:39.0736 2512 C:\Windows\System32\consent.exe - ok
15:17:39.0752 2512 [ DD81D91FF3B0763C392422865C9AC12E ] C:\Windows\System32\rundll32.exe
15:17:39.0752 2512 C:\Windows\System32\rundll32.exe - ok
15:17:39.0768 2512 [ 5F639198C4137075DA50E61C23963C11 ] C:\Windows\System32\drprov.dll
15:17:39.0768 2512 C:\Windows\System32\drprov.dll - ok
15:17:39.0783 2512 [ 60FB378B6D1C80DC69DD80F8E05D4346 ] C:\Program Files\TOSHIBA\Power Saver\TPwrSrv.dll
15:17:39.0783 2512 C:\Program Files\TOSHIBA\Power Saver\TPwrSrv.dll - ok
15:17:39.0799 2512 [ 0805289E121F3E3C458C970B08314EB2 ] C:\Windows\System32\RtkCfg64.dll
15:17:39.0799 2512 C:\Windows\System32\RtkCfg64.dll - ok
15:17:39.0814 2512 [ BC566D17914B07ABAAB3A5A385CC3300 ] C:\Windows\System32\ntlanman.dll
15:17:39.0814 2512 C:\Windows\System32\ntlanman.dll - ok
15:17:39.0830 2512 [ FFA7172354B9256DBB2CDD75F16F33FE ] C:\Windows\SysWOW64\rasman.dll
15:17:39.0830 2512 C:\Windows\SysWOW64\rasman.dll - ok
15:17:39.0846 2512 [ B3A33600DCDFB84D7FBE09ADEB1C9B8A ] C:\Windows\System32\davclnt.dll
15:17:39.0846 2512 C:\Windows\System32\davclnt.dll - ok
15:17:39.0846 2512 [ 9110FFAD124283F37D38771BB60556AF ] C:\Windows\System32\dsound.dll
15:17:39.0846 2512 C:\Windows\System32\dsound.dll - ok
15:17:39.0861 2512 [ DC5B5D3A1BF59A74ECA9C2EBB34574BE ] C:\Program Files\Microsoft Security Client\MsMpRes.dll
15:17:39.0861 2512 C:\Program Files\Microsoft Security Client\MsMpRes.dll - ok
15:17:39.0877 2512 [ 45B24A357C801CE62052FE0CDC8BD4D2 ] C:\Windows\System32\davhlpr.dll
15:17:39.0877 2512 C:\Windows\System32\davhlpr.dll - ok
15:17:39.0892 2512 [ B3F4982BD2542AB40AFA6D6E695E5E06 ] C:\Program Files\TOSHIBA\Power Saver\TPwrBrightness.dll
15:17:39.0892 2512 C:\Program Files\TOSHIBA\Power Saver\TPwrBrightness.dll - ok
15:17:39.0908 2512 [ 0915C4DB6DBC3BB9E11B7ECBBE4B7159 ] C:\Windows\SysWOW64\rtutils.dll
15:17:39.0908 2512 C:\Windows\SysWOW64\rtutils.dll - ok
15:17:39.0924 2512 [ BC51263DEF5774BF213BFA05AE046705 ] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe
15:17:39.0924 2512 C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe - ok
15:17:39.0939 2512 [ EF9F69074FF0A48DD30FEF5A33518D86 ] C:\Program Files (x86)\Google\GoogleToolbarNotifier\5.7.7529.1424\swg.dll
15:17:39.0939 2512 C:\Program Files (x86)\Google\GoogleToolbarNotifier\5.7.7529.1424\swg.dll - ok
15:17:39.0955 2512 [ 9C96B167C21F6DCCF68E96853B0A8F93 ] C:\Program Files\TOSHIBA\FlashCards\FnPRTSC.dll
15:17:39.0955 2512 C:\Program Files\TOSHIBA\FlashCards\FnPRTSC.dll - ok
15:17:39.0970 2512 [ C3761661C17C2248A9379A8FB89E3DE1 ] C:\Windows\System32\stobject.dll
15:17:39.0970 2512 C:\Windows\System32\stobject.dll - ok
15:17:39.0970 2512 [ F832EEEA97CDDA1AF577E721F652A0D1 ] C:\Windows\System32\batmeter.dll
15:17:39.0970 2512 C:\Windows\System32\batmeter.dll - ok
15:17:39.0986 2512 [ 494DF8940225873DE62C1A730B301F57 ] C:\Windows\SysWOW64\atiadlxy.dll
15:17:39.0986 2512 C:\Windows\SysWOW64\atiadlxy.dll - ok
15:17:40.0002 2512 [ DDEA7F06F8A00E706C4DB75D7C6F2612 ] C:\Program Files\TOSHIBA\HDD Protection\Thp3dv.exe
15:17:40.0002 2512 C:\Program Files\TOSHIBA\HDD Protection\Thp3dv.exe - ok
15:17:40.0017 2512 [ F164E175B6092D3BA0DC7056487717BC ] C:\Program Files\TOSHIBA\Power Saver\T1394Pwr.dll
15:17:40.0017 2512 C:\Program Files\TOSHIBA\Power Saver\T1394Pwr.dll - ok
15:17:40.0033 2512 [ 270A1342BD5AF95CA25A586B4C2F1522 ] C:\Program Files (x86)\Internet Explorer\iexplore.exe
15:17:40.0033 2512 C:\Program Files (x86)\Internet Explorer\iexplore.exe - ok
15:17:40.0048 2512 [ 1705B6E6E1D883965F32C7D3B8E78CE6 ] C:\Program Files (x86)\Toshiba\TOSHIBA Service Station\ToshibaServiceStation.exe
15:17:40.0048 2512 C:\Program Files (x86)\Toshiba\TOSHIBA Service Station\ToshibaServiceStation.exe - ok
15:17:40.0064 2512 [ E436C2E89416F31699F2A3CA79DDC095 ] C:\Program Files\TOSHIBA\Power Saver\TKBLEDPwr.dll
15:17:40.0064 2512 C:\Program Files\TOSHIBA\Power Saver\TKBLEDPwr.dll - ok
15:17:40.0080 2512 [ C4CA3DBBCEC3136D37DA20B50291E63A ] C:\Program Files\TOSHIBA\Power Saver\TSDPwr.dll
15:17:40.0080 2512 C:\Program Files\TOSHIBA\Power Saver\TSDPwr.dll - ok
15:17:40.0095 2512 [ A08C010D859F8EB42BDD7E1D55B8CA27 ] C:\Windows\System32\mscoree.dll
15:17:40.0095 2512 C:\Windows\System32\mscoree.dll - ok
15:17:40.0095 2512 [ E126445756DFE53F9788911BBD7BFF16 ] C:\Program Files\TOSHIBA\FlashCards\FnSticky.dll
15:17:40.0095 2512 C:\Program Files\TOSHIBA\FlashCards\FnSticky.dll - ok
15:17:40.0111 2512 [ 995BEB69AE5C50D354894354F5A6CD5A ] C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
15:17:40.0111 2512 C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe - ok
15:17:40.0126 2512 [ 5997D769CDB108390DCFAEBF442BF816 ] C:\Windows\SysWOW64\RpcRtRemote.dll
15:17:40.0126 2512 C:\Windows\SysWOW64\RpcRtRemote.dll - ok
15:17:40.0142 2512 [ C861851A0BBD9903E324487011AA3705 ] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
15:17:40.0142 2512 C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe - ok
15:17:40.0158 2512 [ 1C937AA6A3E2E5F5F650686437AE2854 ] C:\Program Files\TOSHIBA\FlashCards\SmoothView.dll
15:17:40.0158 2512 C:\Program Files\TOSHIBA\FlashCards\SmoothView.dll - ok
15:17:40.0173 2512 [ DF987E7AA36D53411B1087B246739326 ] C:\Program Files\TOSHIBA\Power Saver\TPCIePwr.dll
15:17:40.0173 2512 C:\Program Files\TOSHIBA\Power Saver\TPCIePwr.dll - ok
15:17:40.0189 2512 [ 919001D2BB17DF06CA3F8AC16AD039F6 ] C:\Windows\SysWOW64\sxs.dll
15:17:40.0189 2512 C:\Windows\SysWOW64\sxs.dll - ok
15:17:40.0204 2512 [ AA794B099F776B37ACCDEAD00E0FBFC9 ] C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscoreei.dll
15:17:40.0204 2512 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscoreei.dll - ok
15:17:40.0220 2512 [ D233C7FEAE3FAA25F93A9E6B46815ADC ] C:\Windows\winsxs\amd64_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.6161_none_08e61857a83bc251\msvcr90.dll
15:17:40.0220 2512 C:\Windows\winsxs\amd64_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.6161_none_08e61857a83bc251\msvcr90.dll - ok
15:17:40.0236 2512 [ 76F123E491B26DAAD5DFBC20FC5996DB ] C:\Program Files\TOSHIBA\Power Saver\TScreen.dll
15:17:40.0236 2512 C:\Program Files\TOSHIBA\Power Saver\TScreen.dll - ok
15:17:40.0236 2512 [ D66423EB59EA81B1D9C0DE0AAFE2EB25 ] C:\Program Files\TOSHIBA\TBS\TBSMain.dll
15:17:40.0236 2512 C:\Program Files\TOSHIBA\TBS\TBSMain.dll - ok
15:17:40.0251 2512 [ 02CD5B2C3B017122CAC00BDB520CD7AC ] C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorwks.dll
15:17:40.0251 2512 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorwks.dll - ok
15:17:40.0267 2512 [ 11615D80DC10ABB83D2A9002B70A4E36 ] C:\Program Files\TOSHIBA\FlashCards\TWarnMsg\TWarnMsg.dll
15:17:40.0267 2512 C:\Program Files\TOSHIBA\FlashCards\TWarnMsg\TWarnMsg.dll - ok
15:17:40.0282 2512 [ CACB1FB9B211A8BEF470A78FC573AEBA ] C:\Program Files\TOSHIBA\FlashCards\Hotkey\Brightness.dll
15:17:40.0282 2512 C:\Program Files\TOSHIBA\FlashCards\Hotkey\Brightness.dll - ok
15:17:40.0298 2512 [ 241AF87821FDA0F5792037B779F49BE0 ] C:\Windows\winsxs\amd64_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.6161_none_08e61857a83bc251\msvcp90.dll
15:17:40.0298 2512 C:\Windows\winsxs\amd64_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.6161_none_08e61857a83bc251\msvcp90.dll - ok
15:17:40.0314 2512 [ 43AA2EFD14590DE58A545BF3B28ED09F ] C:\Program Files\TOSHIBA\FlashCards\Hotkey\FnF8Dll.dll
15:17:40.0314 2512 C:\Program Files\TOSHIBA\FlashCards\Hotkey\FnF8Dll.dll - ok
15:17:40.0329 2512 [ 2D2A6EC8EAD30EC3ACE2FD6FB1B3E122 ] C:\Windows\System32\prnfldr.dll
15:17:40.0329 2512 C:\Windows\System32\prnfldr.dll - ok
15:17:40.0345 2512 [ 357BE883C5236BFC7341CB9E82308908 ] C:\Windows\System32\wlanapi.dll
15:17:40.0345 2512 C:\Windows\System32\wlanapi.dll - ok
15:17:40.0360 2512 [ 01AEA2F16FE0C522DDFD7FAFFC959C6A ] C:\Windows\assembly\NativeImages_v2.0.50727_64\mscorlib\74a5f0c2bc0d0e6e3c4ec4886b9be891\mscorlib.ni.dll
15:17:40.0360 2512 C:\Windows\assembly\NativeImages_v2.0.50727_64\mscorlib\74a5f0c2bc0d0e6e3c4ec4886b9be891\mscorlib.ni.dll - ok
15:17:40.0376 2512 [ 51138BEEA3E2C21EC44D0932C71762A8 ] C:\Windows\SysWOW64\rundll32.exe
15:17:40.0376 2512 C:\Windows\SysWOW64\rundll32.exe - ok
15:17:40.0392 2512 [ 368B2BEE3F88BFB883D2C74A258DE6F6 ] C:\Windows\AppPatch\AcLayers.dll
15:17:40.0392 2512 C:\Windows\AppPatch\AcLayers.dll - ok
15:17:40.0392 2512 [ 93812FDC01AA864195816CD814445F95 ] C:\Program Files\Microsoft Security Client\sqmapi.dll
15:17:40.0392 2512 C:\Program Files\Microsoft Security Client\sqmapi.dll - ok
15:17:40.0407 2512 [ 1AC9B56AC7E043AC2874D61CBCED5F49 ] C:\Program Files\TOSHIBA\FlashCards\Hotkey\Mute.dll
15:17:40.0407 2512 C:\Program Files\TOSHIBA\FlashCards\Hotkey\Mute.dll - ok
15:17:40.0423 2512 [ 2A436796758BF2555A26C770FE8A6FEE ] C:\Windows\System32\fdProxy.dll
15:17:40.0423 2512 C:\Windows\System32\fdProxy.dll - ok
15:17:40.0438 2512 [ 42A9CB6906D9A8BEDC83B57163E62924 ] C:\Windows\System32\DXP.dll
15:17:40.0438 2512 C:\Windows\System32\DXP.dll - ok
15:17:40.0454 2512 [ 9E4B0E7472B4CEBA9E17F440B8CB0AB8 ] C:\Windows\SysWOW64\winspool.drv
15:17:40.0454 2512 C:\Windows\SysWOW64\winspool.drv - ok
15:17:40.0470 2512 [ 2BC7C9FD0A9F2C9AFC373F3AD1EE3891 ] C:\Windows\System32\Syncreg.dll
15:17:40.0470 2512 C:\Windows\System32\Syncreg.dll - ok
15:17:40.0485 2512 [ 619A67C9F617B7E69315BB28ECD5E1DF ] C:\Windows\System32\wbem\WmiPrvSE.exe
15:17:40.0485 2512 C:\Windows\System32\wbem\WmiPrvSE.exe - ok
15:17:40.0485 2512 [ C836175870E00ACC546066632E15BD10 ] C:\Windows\ehome\ehSSO.dll
15:17:40.0485 2512 C:\Windows\ehome\ehSSO.dll - ok
15:17:40.0501 2512 [ 8FF048680DE6278299A1063508F0F7C4 ] C:\Windows\AppPatch\acwow64.dll
15:17:40.0501 2512 C:\Windows\AppPatch\acwow64.dll - ok
15:17:40.0516 2512 [ DD45C29A6082E333E038B5033247E74D ] C:\Users\Jessie\AppData\Local\VirtualStore\TOSHIBA\wswikaw.dll
15:17:40.0516 2512 C:\Users\Jessie\AppData\Local\VirtualStore\TOSHIBA\wswikaw.dll - ok
15:17:40.0532 2512 [ A42F2C1EB3B66C54FB3C7B79D30C1A6D ] C:\Windows\System32\netshell.dll
15:17:40.0532 2512 C:\Windows\System32\netshell.dll - ok
15:17:40.0548 2512 [ 07AD88DF9EF73215458867EFC1BFFE9E ] C:\Windows\System32\wbem\wmiprov.dll
15:17:40.0548 2512 C:\Windows\System32\wbem\wmiprov.dll - ok
15:17:40.0563 2512 [ E7368F0A8D19445EAF5C5D0DBB8B8DAB ] C:\Windows\System32\AltTab.dll
15:17:40.0563 2512 C:\Windows\System32\AltTab.dll - ok
15:17:40.0579 2512 [ 92DBF0A4C9239169010FC6E07859C82E ] C:\Windows\System32\ActionCenter.dll
15:17:40.0579 2512 C:\Windows\System32\ActionCenter.dll - ok
15:17:40.0594 2512 [ C8FDF0FA9E97E2FAAF3F814716AAA881 ] C:\Windows\System32\WPDShServiceObj.dll
15:17:40.0594 2512 C:\Windows\System32\WPDShServiceObj.dll - ok
15:17:40.0610 2512 [ 4F3CD1C59EA71401E155C432BCECE180 ] C:\Windows\System32\PortableDeviceTypes.dll
15:17:40.0610 2512 C:\Windows\System32\PortableDeviceTypes.dll - ok
15:17:40.0610 2512 [ B9F0A4020AA98B7A20287BF7FE99A1FD ] C:\Windows\System32\QUTIL.DLL
15:17:40.0610 2512 C:\Windows\System32\QUTIL.DLL - ok
15:17:40.0626 2512 [ C746F3BF98E92FB137B5BD2B8B5925BD ] C:\Windows\System32\FXSST.dll
15:17:40.0626 2512 C:\Windows\System32\FXSST.dll - ok
15:17:40.0641 2512 [ F146E2BA475893DD77B2370DC1211FC6 ] C:\Windows\System32\drivers\27771144.sys
15:17:40.0641 2512 C:\Windows\System32\drivers\27771144.sys - ok
15:17:40.0657 2512 [ 650CAEA856943E29F25A25D31E004B18 ] C:\Windows\System32\FXSAPI.dll
15:17:40.0657 2512 C:\Windows\System32\FXSAPI.dll - ok
15:17:40.0672 2512 [ C8E8B8239FCF17BEA10E751BE5854631 ] C:\Windows\System32\FXSRESM.dll
15:17:40.0672 2512 C:\Windows\System32\FXSRESM.dll - ok
15:17:40.0688 2512 [ 8569E35D00F45972E506502EEE622BA4 ] C:\Windows\System32\srchadmin.dll
15:17:40.0688 2512 C:\Windows\System32\srchadmin.dll - ok
15:17:40.0704 2512 [ 3ABB7ADB9CCBCD24D6C55201A3842A94 ] C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorjit.dll
15:17:40.0704 2512 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorjit.dll - ok
15:17:40.0719 2512 [ F7A256EC899C72B4ECDD2C02CB592EFD ] C:\Windows\System32\bthprops.cpl
15:17:40.0719 2512 C:\Windows\System32\bthprops.cpl - ok
15:17:40.0735 2512 [ E0B340996A41C9A75DFA3B99BBA9C500 ] C:\Windows\System32\SearchIndexer.exe
15:17:40.0735 2512 C:\Windows\System32\SearchIndexer.exe - ok
15:17:40.0735 2512 [ DBEFD454F8318A0EF691FDD2EAAB44EB ] C:\Windows\System32\FXSSVC.exe
15:17:40.0735 2512 C:\Windows\System32\FXSSVC.exe - ok
15:17:40.0750 2512 [ 589DF683A6C81424A6CECE52ABF98A50 ] C:\Windows\System32\tquery.dll
15:17:40.0750 2512 C:\Windows\System32\tquery.dll - ok
15:17:40.0766 2512 [ 426701A2483D01948084AEB6C6664B09 ] C:\Program Files\Microsoft Security Client\MpCommu.dll
15:17:40.0766 2512 C:\Program Files\Microsoft Security Client\MpCommu.dll - ok
15:17:40.0782 2512 [ 180A7380320AF73CCF7F7D8880CA2193 ] C:\Windows\System32\ieframe.dll
15:17:40.0782 2512 C:\Windows\System32\ieframe.dll - ok
15:17:40.0797 2512 [ 8BE887F1743FBB39ED2C9CA2937742D6 ] C:\Windows\assembly\NativeImages_v2.0.50727_64\System\f3888a2c7b096d416ca0cfc5405219b4\System.ni.dll
15:17:40.0797 2512 C:\Windows\assembly\NativeImages_v2.0.50727_64\System\f3888a2c7b096d416ca0cfc5405219b4\System.ni.dll - ok
15:17:40.0797 2512 [ 7568CC720ACE4D03B84AF97817E745EF ] C:\Windows\System32\mssrch.dll
15:17:40.0797 2512 C:\Windows\System32\mssrch.dll - ok
15:17:40.0813 2512 [ 220159496484D34009DE71CA1A68E0D4 ] C:\Windows\System32\wbem\NCProv.dll
15:17:40.0813 2512 C:\Windows\System32\wbem\NCProv.dll - ok
15:17:40.0828 2512 [ 3121A79D13A61562BE9CC902CD46B542 ] C:\Windows\System32\msidle.dll
15:17:40.0828 2512 C:\Windows\System32\msidle.dll - ok
15:17:40.0844 2512 [ ACE1BB07E0377E37A2C514CD2EC119B1 ] C:\Windows\System32\mssprxy.dll
15:17:40.0844 2512 C:\Windows\System32\mssprxy.dll - ok
15:17:40.0860 2512 [ C9FB9038B15036CA28CF0B4BE2BED9BD ] C:\Windows\System32\en-US\tquery.dll.mui
15:17:40.0860 2512 C:\Windows\System32\en-US\tquery.dll.mui - ok
15:17:40.0875 2512 [ D79D19EC66106119DCD45D042C6B5170 ] C:\Windows\assembly\NativeImages_v2.0.50727_64\System.Drawing\88f8a6436dc95497fce0dae347646e53\System.Drawing.ni.dll
15:17:40.0875 2512 C:\Windows\assembly\NativeImages_v2.0.50727_64\System.Drawing\88f8a6436dc95497fce0dae347646e53\System.Drawing.ni.dll - ok
15:17:40.0891 2512 [ 847D3AE376C0817161A14A82C8922A9E ] C:\Windows\System32\netman.dll
15:17:40.0891 2512 C:\Windows\System32\netman.dll - ok
15:17:40.0906 2512 [ 102CF6879887BBE846A00C459E6D4ABC ] C:\Windows\SysWOW64\riched20.dll
15:17:40.0906 2512 C:\Windows\SysWOW64\riched20.dll - ok
15:17:40.0922 2512 [ D2155709E336C3BC15729EB87FEC6064 ] C:\Windows\System32\rasdlg.dll
15:17:40.0922 2512 C:\Windows\System32\rasdlg.dll - ok
15:17:40.0922 2512 [ EADFC95980BC24DF3C7EE5B2CD38F043 ] C:\Windows\assembly\NativeImages_v2.0.50727_64\System.Windows.Forms\d6af7216038720b1adeca71e81c14bd6\System.Windows.Forms.ni.dll
15:17:40.0922 2512 C:\Windows\assembly\NativeImages_v2.0.50727_64\System.Windows.Forms\d6af7216038720b1adeca71e81c14bd6\System.Windows.Forms.ni.dll - ok
15:17:40.0938 2512 [ E2A17BCC08D92F42E08AF6BA2F93ABA7 ] C:\Windows\SysWOW64\ExplorerFrame.dll
15:17:40.0938 2512 C:\Windows\SysWOW64\ExplorerFrame.dll - ok
15:17:40.0953 2512 [ 6E1F8165C365D35C8E3C045AF0CDD481 ] C:\Windows\SysWOW64\duser.dll
15:17:40.0953 2512 C:\Windows\SysWOW64\duser.dll - ok
15:17:40.0969 2512 [ F9AFD12BB4B1CFA5FCC0A5B37C604FD2 ] C:\Windows\System32\dot3api.dll
15:17:40.0969 2512 C:\Windows\System32\dot3api.dll - ok
15:17:40.0984 2512 [ EE06B85BC69F18826302348A2AD089E0 ] C:\Windows\SysWOW64\dui70.dll
15:17:40.0984 2512 C:\Windows\SysWOW64\dui70.dll - ok
15:17:41.0000 2512 [ E4FCA0F99A41E460C84016DEFD31E6EF ] C:\Windows\System32\wlanhlp.dll
15:17:41.0000 2512 C:\Windows\System32\wlanhlp.dll - ok
15:17:41.0016 2512 [ 3819AD4329303EAC88480CA16A650735 ] C:\Windows\System32\UIAnimation.dll
15:17:41.0016 2512 C:\Windows\System32\UIAnimation.dll - ok
15:17:41.0016 2512 [ 6699A112A3BDC9B52338512894EBA9D6 ] C:\Program Files\Windows Media Player\wmpnscfg.exe
15:17:41.0031 2512 C:\Program Files\Windows Media Player\wmpnscfg.exe - ok
15:17:41.0047 2512 [ 5DA219F57A9076FB6FBD3C9C3713A672 ] C:\Windows\System32\WWanAPI.dll
15:17:41.0047 2512 C:\Windows\System32\WWanAPI.dll - ok
15:17:41.0062 2512 [ C7494C67A6BF6FE914808E42F8265FEF ] C:\Program Files\Windows Media Player\wmpnssci.dll
15:17:41.0062 2512 C:\Program Files\Windows Media Player\wmpnssci.dll - ok
15:17:41.0078 2512 [ 62C7AACC746C9723468A8F2169ED3E85 ] C:\Windows\System32\wwapi.dll
15:17:41.0078 2512 C:\Windows\System32\wwapi.dll - ok
15:17:41.0078 2512 [ 6B851E682A36453E1B1EE297FFB6E2AB ] C:\Windows\System32\QAGENT.DLL
15:17:41.0078 2512 C:\Windows\System32\QAGENT.DLL - ok
15:17:41.0094 2512 [ A9F3BFC9345F49614D5859EC95B9E994 ] C:\Program Files\Windows Media Player\wmpnetwk.exe
15:17:41.0094 2512 C:\Program Files\Windows Media Player\wmpnetwk.exe - ok
15:17:41.0109 2512 [ D7CEAEDD5F75D2C8A2E80887D7C114CE ] C:\Windows\System32\webcheck.dll
15:17:41.0109 2512 C:\Windows\System32\webcheck.dll - ok
15:17:41.0125 2512 [ 8494E126F0B10180F3293AF861CE1F7A ] C:\Windows\System32\mlang.dll
15:17:41.0125 2512 C:\Windows\System32\mlang.dll - ok
15:17:41.0140 2512 [ 101797BA603D227946B4B5109867EB19 ] C:\Windows\System32\SyncCenter.dll
15:17:41.0140 2512 C:\Windows\System32\SyncCenter.dll - ok
15:17:41.0156 2512 [ E36112A8A6C7F840169A7E92C12F4203 ] C:\Windows\System32\wsock32.dll
15:17:41.0156 2512 C:\Windows\System32\wsock32.dll - ok
15:17:41.0156 2512 [ 423982DD851406A52B6399DDB196C606 ] C:\Windows\System32\wmdrmdev.dll
15:17:41.0156 2512 C:\Windows\System32\wmdrmdev.dll - ok
15:17:41.0172 2512 [ 2C1055E2C6D42753241FB2A129136994 ] C:\Windows\System32\drmv2clt.dll
15:17:41.0172 2512 C:\Windows\System32\drmv2clt.dll - ok
15:17:41.0187 2512 [ 54B5DCD55B223BC5DF50B82E1E9E86B1 ] C:\Windows\System32\mfplat.dll
15:17:41.0187 2512 C:\Windows\System32\mfplat.dll - ok
15:17:41.0203 2512 [ 97A891E2BF7FDA830BCFC6269DA3F5E9 ] C:\Windows\System32\blackbox.dll
15:17:41.0203 2512 C:\Windows\System32\blackbox.dll - ok
15:17:41.0218 2512 [ 8130391F82D52D36C0441F714136957F ] C:\Windows\System32\imapi2.dll
15:17:41.0218 2512 C:\Windows\System32\imapi2.dll - ok
15:17:41.0234 2512 [ 6A5C1A8AC0B572679361026D0E900420 ] C:\Windows\System32\hgcpl.dll
15:17:41.0234 2512 C:\Windows\System32\hgcpl.dll - ok
15:17:41.0250 2512 [ 0438CAB2E03F4FB61455A7956026FE86 ] C:\Windows\System32\fdPHost.dll
15:17:41.0250 2512 C:\Windows\System32\fdPHost.dll - ok
15:17:41.0265 2512 [ 96DB78C9C50CEED9DA5050EFFEE272A2 ] C:\Windows\System32\upnp.dll
15:17:41.0265 2512 C:\Windows\System32\upnp.dll - ok
15:17:41.0265 2512 [ 171D7DB433314A868507C4326E8209DC ] C:\Windows\System32\fdWSD.dll
15:17:41.0281 2512 C:\Windows\System32\fdWSD.dll - ok
15:17:41.0281 2512 [ A2E5B2D20954210DCE1A75A1FC8CC36D ] C:\Windows\System32\fdSSDP.dll
15:17:41.0281 2512 C:\Windows\System32\fdSSDP.dll - ok
15:17:41.0296 2512 [ 51B52FBD583CDE8AA9BA62B8B4298F33 ] C:\Windows\System32\ssdpsrv.dll
15:17:41.0296 2512 C:\Windows\System32\ssdpsrv.dll - ok
15:17:41.0312 2512 [ E19AD0D49BFF5938B3E374873AC174DE ] C:\Windows\System32\wmploc.DLL
15:17:41.0312 2512 C:\Windows\System32\wmploc.DLL - ok
15:17:41.0328 2512 [ D64D99EC088B54FFE8EE67A480386C20 ] C:\Windows\Microsoft.NET\Framework64\v2.0.50727\Culture.dll
15:17:41.0328 2512 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\Culture.dll - ok
15:17:41.0328 2512 [ EFDFB3DD38A4376F93E7985173813ABD ] C:\Windows\System32\ListSvc.dll
15:17:41.0328 2512 C:\Windows\System32\ListSvc.dll - ok
15:17:41.0343 2512 [ B6411CED931AFD059E48C52DBFBA95B4 ] C:\Windows\System32\P2P.dll
15:17:41.0343 2512 C:\Windows\System32\P2P.dll - ok
15:17:41.0359 2512 [ 4A82EA2807B16FF577AEAF8ADB8779FF ] C:\Windows\System32\IdListen.dll
15:17:41.0359 2512 C:\Windows\System32\IdListen.dll - ok
15:17:41.0374 2512 [ A555EC9827745E760BBABB7C6D4CE37F ] C:\Program Files\Internet Explorer\ieproxy.dll
15:17:41.0374 2512 C:\Program Files\Internet Explorer\ieproxy.dll - ok
15:17:41.0390 2512 [ 3EAC4455472CC2C97107B5291E0DCAFE ] C:\Windows\System32\pnrpsvc.dll
15:17:41.0390 2512 C:\Windows\System32\pnrpsvc.dll - ok
15:17:41.0406 2512 [ 355A138ABDFD43FBABCAE3A1B06AB93D ] C:\Windows\System32\wmpps.dll
15:17:41.0406 2512 C:\Windows\System32\wmpps.dll - ok
15:17:41.0421 2512 [ A0524499F4C63CADA7E1529FC77F5DC1 ] C:\Windows\System32\hgprint.dll
15:17:41.0421 2512 C:\Windows\System32\hgprint.dll - ok
15:17:41.0437 2512 [ F149E8CAE538DBF7059B00326673F602 ] C:\Windows\System32\wmpmde.dll
15:17:41.0437 2512 C:\Windows\System32\wmpmde.dll - ok
15:17:41.0452 2512 [ B0F69B9DE0AEBFD7E4CEADE6758DF627 ] C:\Windows\System32\SearchFolder.dll
15:17:41.0452 2512 C:\Windows\System32\SearchFolder.dll - ok
15:17:41.0452 2512 [ 5DCD11D0B1CB71E2B035B30670365C35 ] C:\Windows\assembly\NativeImages_v2.0.50727_64\System.Runtime.Remo#\6c3851b925e2a31ddefb3d36bb9163cb\System.Runtime.Remoting.ni.dll
15:17:41.0452 2512 C:\Windows\assembly\NativeImages_v2.0.50727_64\System.Runtime.Remo#\6c3851b925e2a31ddefb3d36bb9163cb\System.Runtime.Remoting.ni.dll - ok
15:17:41.0468 2512 [ 021287C2050FD5DB4A8B084E2C38139C ] C:\Windows\System32\WinSATAPI.dll
15:17:41.0468 2512 C:\Windows\System32\WinSATAPI.dll - ok
15:17:41.0484 2512 [ CDAD3376DFF3D9AC7FDCBE2B94B0D3C8 ] C:\Windows\System32\shfolder.dll
15:17:41.0484 2512 C:\Windows\System32\shfolder.dll - ok
15:17:41.0499 2512 [ 927463ECB02179F88E4B9A17568C63C3 ] C:\Windows\System32\p2psvc.dll
15:17:41.0499 2512 C:\Windows\System32\p2psvc.dll - ok
15:17:41.0515 2512 [ 66C87DB880052104808507D6FA84D68E ] C:\Program Files\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
15:17:41.0515 2512 C:\Program Files\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL - ok
15:17:41.0530 2512 [ 28A7D7C7E2FDD1D55F12F750CD6331EC ] C:\Windows\System32\MSMPEG2ENC.DLL
15:17:41.0530 2512 C:\Windows\System32\MSMPEG2ENC.DLL - ok
15:17:41.0546 2512 [ 3AEE02CEDAA3ACD14F9D7E038E44D6D1 ] C:\Windows\System32\P2PGraph.dll
15:17:41.0546 2512 C:\Windows\System32\P2PGraph.dll - ok
15:17:41.0562 2512 [ D28C5A1411BB0B47E05E0D6AAF896690 ] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
15:17:41.0562 2512 C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe - ok
15:17:41.0577 2512 [ 46767946E7B559D981C1DC04EC0AB36F ] C:\Windows\System32\devenum.dll
15:17:41.0577 2512 C:\Windows\System32\devenum.dll - ok
15:17:41.0593 2512 [ 558C42D165DB5799B4072DC0A9C27C0B ] C:\Windows\System32\msdmo.dll
15:17:41.0593 2512 C:\Windows\System32\msdmo.dll - ok
15:17:41.0593 2512 [ D47EC6A8E81633DD18D2436B19BAF6DE ] C:\Windows\System32\upnphost.dll
15:17:41.0593 2512 C:\Windows\System32\upnphost.dll - ok
15:17:41.0608 2512 ============================================================
15:17:41.0608 2512 Scan finished
15:17:41.0608 2512 ============================================================
15:17:41.0640 2976 Detected object count: 2
15:17:41.0640 2976 Actual detected object count: 2
15:17:50.0329 2976 Thpsrv ( UnsignedFile.Multi.Generic ) - skipped by user
15:17:50.0329 2976 Thpsrv ( UnsignedFile.Multi.Generic ) - User select action: Skip
15:17:50.0345 2976 \Device\Harddisk0\DR0 ( TDSS File System ) - skipped by user
15:17:50.0345 2976 \Device\Harddisk0\DR0 ( TDSS File System ) - User select action: Skip
15:17:56.0507 3020 Deinitialize success

Malwarebytes Anti-Malware (Trial) 1.65.1.1000
www.malwarebytes.org

Database version: v2012.11.21.09

Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 9.0.8112.16421
Jessie :: JESSIE-PC [administrator]

Protection: Disabled

11/23/2012 3:20:45 PM
mbam-log-2012-11-23 (15-20-45).txt

Scan type: Quick scan
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 212953
Time elapsed: 5 minute(s), 49 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 0
(No malicious items detected)

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 0
(No malicious items detected)

Files Detected: 1
C:\Windows\svchost.exe (Trojan.Agent) -> Quarantined and deleted successfully.

(end)
C:\Program Files (x86)\Optimizer Pro\OptimizerPro.exe a variant of Win32/SpeedingUpMyPC application
C:\ProgramData\Microsoft\Windows\DRM\AE6F.tmp Win64/Olmarik.AO trojan
C:\ProgramData\Microsoft\Windows\DRM\AE8F.tmp Win64/Olmarik.AO trojan
C:\TDSSKiller_Quarantine\22.11.2012_20.19.13\mbr0000\tdlfs0000\tsk0001.dta a variant of Win64/Olmarik.AM trojan
C:\TDSSKiller_Quarantine\22.11.2012_20.19.13\mbr0000\tdlfs0000\tsk0002.dta a variant of Win32/Rootkit.Kryptik.QM trojan
C:\Users\All Users\Microsoft\Windows\DRM\AE6F.tmp Win64/Olmarik.AO trojan
C:\Users\All Users\Microsoft\Windows\DRM\AE8F.tmp Win64/Olmarik.AO trojan
C:\Users\Jessie\AppData\Local\Google\Chrome\User Data\Default\Default\aadddgdgggdcdidddgdedcgddegedgdg\background.html Win32/BHO.OEI trojan
C:\Users\Jessie\AppData\Local\VirtualStore\TOSHIBA\wswikaw.dll a variant of Win32/Kryptik.APHW trojan
C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\3E1ZEF52\st[1].js HTML/Iframe.B.Gen virus
C:\Windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\3E1ZEF52\st[1].js HTML/Iframe.B.Gen virus
Operating memory a variant of Win32/Kryptik.APHW trojan

#11
Jasmyne

Posted 24 November 2012 - 08:49 AM

Trusted Helper

Malware Removal
2,010 posts

Hi, again, thanks for your time and attention.

You're welcome. A few more things...

Step 1

The TDSS file system is still showing as skipped on the TDSSKiller Scan, antivirus programs tend not to like it being left over so we need to get rid of it.

Run TDSSKiller one more time and when the scan lists the Threats Detected there should be a listing similiar to the one in the screen shot below. In the drop menu beside it change it from "Skip" to "Delete". If there's not let me know.

[attachment=61671:TDSSKiller TDSS File system.jpg]

Step 2 Now let's get rid of the little stuff ESET found.

Re-open OTL

1. Please copy all of the text in the code box below. To do this, highlight everything
inside the code box, right click and click Copy.

:Files
C:\ProgramData\Microsoft\Windows\DRM\AE6F.tmp
C:\ProgramData\Microsoft\Windows\DRM\AE8F.tmp
C:\Users\All Users\Microsoft\Windows\DRM\AE6F.tmp
C:\Users\All Users\Microsoft\Windows\DRM\AE8F.tmp
C:\Users\Jessie\AppData\Local\Google\Chrome\User Data\Default\Default\aadddgdgggdcdidddgdedcgddegedgdg\background.html
C:\Users\Jessie\AppData\Local\VirtualStore\TOSHIBA\wswikaw.dll
C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\3E1ZEF52\st[1].js
C:\Windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\3E1ZEF52\st[1].js

:Commands
[emptytemp]
[CREATERESTOREPOINT]
[Reboot]

2. Please re-open Posted Image

on your desktop.
3. Place the mouse pointer inside the Posted Image

textbox, right click and click Paste. This will put the above script inside the textbox.
4. Click the Posted Image

button.
5. Let the program run unhindered.
6. OTL may ask to reboot the machine. Please do so if asked.
7. Click the Posted Image

button. Post the log it produces in your next reply.

~~~~~~~~~~~~~~~~~~~~ Things Needed for Your Next Post ~~~~~~~~~~~~~~~~~~~~
1. TDSSKiller Log
2. OTL Fix
3. New OTL Log

#12
jkabat

Posted 24 November 2012 - 10:45 AM

Member

Topic Starter
Member
98 posts

Hi,

This time TDSKiller found two objects. One was the one you mentioned. I changed the drop down menu to delete. The other was unknown. I didn't change that but kept it at 'skip'.

Logs attached:

11:15:55.0470 2284 TDSS rootkit removing tool 2.8.15.0 Oct 31 2012 21:47:35
11:15:57.0467 2284 ============================================================
11:15:57.0467 2284 Current date / time: 2012/11/24 11:15:57.0467
11:15:57.0467 2284 SystemInfo:
11:15:57.0467 2284
11:15:57.0467 2284 OS Version: 6.1.7601 ServicePack: 1.0
11:15:57.0467 2284 Product type: Workstation
11:15:57.0467 2284 ComputerName: JESSIE-PC
11:15:57.0483 2284 UserName: Jessie
11:15:57.0483 2284 Windows directory: C:\windows
11:15:57.0483 2284 System windows directory: C:\windows
11:15:57.0483 2284 Running under WOW64
11:15:57.0483 2284 Processor architecture: Intel x64
11:15:57.0483 2284 Number of processors: 2
11:15:57.0483 2284 Page size: 0x1000
11:15:57.0483 2284 Boot type: Normal boot
11:15:57.0483 2284 ============================================================
11:16:01.0763 2284 BG loaded
11:16:03.0807 2284 Drive \Device\Harddisk0\DR0 - Size: 0x4A85D56000 (298.09 Gb), SectorSize: 0x200, Cylinders: 0x9801, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
11:16:03.0807 2284 ============================================================
11:16:03.0807 2284 \Device\Harddisk0\DR0:
11:16:03.0822 2284 MBR partitions:
11:16:03.0822 2284 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x2EE800, BlocksNum 0x234C4000
11:16:03.0822 2284 ============================================================
11:16:04.0134 2284 C: <-> \Device\Harddisk0\DR0\Partition1
11:16:04.0134 2284 ============================================================
11:16:04.0134 2284 Initialize success
11:16:04.0134 2284 ============================================================
11:16:18.0159 4040 ============================================================
11:16:18.0159 4040 Scan started
11:16:18.0159 4040 Mode: Manual; SigCheck; TDLFS;
11:16:18.0159 4040 ============================================================
11:16:21.0466 4040 ================ Scan system memory ========================
11:16:21.0466 4040 System memory - ok
11:16:21.0466 4040 ================ Scan services =============================
11:16:22.0340 4040 [ A87D604AEA360176311474C87A63BB88 ] 1394ohci C:\windows\system32\drivers\1394ohci.sys
11:16:22.0886 4040 1394ohci - ok
11:16:22.0979 4040 [ D81D9E70B8A6DD14D42D7B4EFA65D5F2 ] ACPI C:\windows\system32\drivers\ACPI.sys
11:16:23.0057 4040 ACPI - ok
11:16:23.0088 4040 [ 99F8E788246D495CE3794D7E7821D2CA ] AcpiPmi C:\windows\system32\drivers\acpipmi.sys
11:16:23.0400 4040 AcpiPmi - ok
11:16:23.0494 4040 [ 2F6B34B83843F0C5118B63AC634F5BF4 ] adp94xx C:\windows\system32\drivers\adp94xx.sys
11:16:23.0572 4040 adp94xx - ok
11:16:23.0697 4040 [ 597F78224EE9224EA1A13D6350CED962 ] adpahci C:\windows\system32\drivers\adpahci.sys
11:16:23.0759 4040 adpahci - ok
11:16:23.0884 4040 [ E109549C90F62FB570B9540C4B148E54 ] adpu320 C:\windows\system32\drivers\adpu320.sys
11:16:23.0946 4040 adpu320 - ok
11:16:24.0009 4040 [ 4B78B431F225FD8624C5655CB1DE7B61 ] AeLookupSvc C:\windows\System32\aelupsvc.dll
11:16:25.0023 4040 AeLookupSvc - ok
11:16:25.0148 4040 [ 1C7857B62DE5994A75B054A9FD4C3825 ] AFD C:\windows\system32\drivers\afd.sys
11:16:25.0272 4040 AFD - ok
11:16:25.0350 4040 [ 608C14DBA7299D8CB6ED035A68A15799 ] agp440 C:\windows\system32\drivers\agp440.sys
11:16:25.0413 4040 agp440 - ok
11:16:25.0475 4040 [ 3290D6946B5E30E70414990574883DDB ] ALG C:\windows\System32\alg.exe
11:16:25.0740 4040 ALG - ok
11:16:25.0787 4040 [ 5812713A477A3AD7363C7438CA2EE038 ] aliide C:\windows\system32\drivers\aliide.sys
11:16:25.0850 4040 aliide - ok
11:16:25.0896 4040 [ 2F2E91FD092811353C3BC968BEC274D8 ] AMD External Events Utility C:\windows\system32\atiesrxx.exe
11:16:26.0177 4040 AMD External Events Utility - ok
11:16:26.0224 4040 [ 1FF8B4431C353CE385C875F194924C0C ] amdide C:\windows\system32\drivers\amdide.sys
11:16:26.0286 4040 amdide - ok
11:16:26.0318 4040 [ 7024F087CFF1833A806193EF9D22CDA9 ] AmdK8 C:\windows\system32\drivers\amdk8.sys
11:16:26.0380 4040 AmdK8 - ok
11:16:26.0957 4040 [ 194D76D2083318A2E7071A988E02ECF4 ] amdkmdag C:\windows\system32\DRIVERS\atikmdag.sys
11:16:27.0316 4040 amdkmdag - ok
11:16:27.0347 4040 [ 1EEFFCE9A3A65A56A28793EAA3F57026 ] amdkmdap C:\windows\system32\DRIVERS\atikmpag.sys
11:16:27.0488 4040 amdkmdap - ok
11:16:27.0566 4040 [ 1E56388B3FE0D031C44144EB8C4D6217 ] AmdPPM C:\windows\system32\DRIVERS\amdppm.sys
11:16:28.0221 4040 AmdPPM - ok
11:16:28.0283 4040 [ D4121AE6D0C0E7E13AA221AA57EF2D49 ] amdsata C:\windows\system32\drivers\amdsata.sys
11:16:28.0377 4040 amdsata - ok
11:16:28.0486 4040 [ F67F933E79241ED32FF46A4F29B5120B ] amdsbs C:\windows\system32\drivers\amdsbs.sys
11:16:28.0548 4040 amdsbs - ok
11:16:28.0626 4040 [ 540DAF1CEA6094886D72126FD7C33048 ] amdxata C:\windows\system32\drivers\amdxata.sys
11:16:28.0704 4040 amdxata - ok
11:16:28.0767 4040 [ 89A69C3F2F319B43379399547526D952 ] AppID C:\windows\system32\drivers\appid.sys
11:16:30.0233 4040 AppID - ok
11:16:30.0311 4040 [ 0BC381A15355A3982216F7172F545DE1 ] AppIDSvc C:\windows\System32\appidsvc.dll
11:16:30.0514 4040 AppIDSvc - ok
11:16:30.0545 4040 [ 3977D4A871CA0D4F2ED1E7DB46829731 ] Appinfo C:\windows\System32\appinfo.dll
11:16:30.0888 4040 Appinfo - ok
11:16:30.0920 4040 [ C484F8CEB1717C540242531DB7845C4E ] arc C:\windows\system32\drivers\arc.sys
11:16:30.0966 4040 arc - ok
11:16:31.0013 4040 [ 019AF6924AEFE7839F61C830227FE79C ] arcsas C:\windows\system32\drivers\arcsas.sys
11:16:31.0044 4040 arcsas - ok
11:16:31.0076 4040 [ 769765CE2CC62867468CEA93969B2242 ] AsyncMac C:\windows\system32\DRIVERS\asyncmac.sys
11:16:31.0185 4040 AsyncMac - ok
11:16:31.0247 4040 [ 02062C0B390B7729EDC9E69C680A6F3C ] atapi C:\windows\system32\drivers\atapi.sys
11:16:31.0278 4040 atapi - ok
11:16:31.0419 4040 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioEndpointBuilder C:\windows\System32\Audiosrv.dll
11:16:31.0512 4040 AudioEndpointBuilder - ok
11:16:31.0579 4040 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioSrv C:\windows\System32\Audiosrv.dll
11:16:31.0691 4040 AudioSrv - ok
11:16:31.0724 4040 [ A6BF31A71B409DFA8CAC83159E1E2AFF ] AxInstSV C:\windows\System32\AxInstSV.dll
11:16:32.0006 4040 AxInstSV - ok
11:16:32.0050 4040 [ 3E5B191307609F7514148C6832BB0842 ] b06bdrv C:\windows\system32\drivers\bxvbda.sys
11:16:32.0117 4040 b06bdrv - ok
11:16:32.0144 4040 [ B5ACE6968304A3900EEB1EBFD9622DF2 ] b57nd60a C:\windows\system32\DRIVERS\b57nd60a.sys
11:16:32.0245 4040 b57nd60a - ok
11:16:32.0303 4040 [ FDE360167101B4E45A96F939F388AEB0 ] BDESVC C:\windows\System32\bdesvc.dll
11:16:32.0435 4040 BDESVC - ok
11:16:32.0479 4040 [ 16A47CE2DECC9B099349A5F840654746 ] Beep C:\windows\system32\drivers\Beep.sys
11:16:32.0647 4040 Beep - ok
11:16:32.0728 4040 [ 82974D6A2FD19445CC5171FC378668A4 ] BFE C:\windows\System32\bfe.dll
11:16:32.0843 4040 BFE - ok
11:16:33.0003 4040 [ 1EA7969E3271CBC59E1730697DC74682 ] BITS C:\windows\System32\qmgr.dll
11:16:33.0132 4040 BITS - ok
11:16:33.0171 4040 [ 61583EE3C3A17003C4ACD0475646B4D3 ] blbdrive C:\windows\system32\DRIVERS\blbdrive.sys
11:16:33.0222 4040 blbdrive - ok
11:16:33.0263 4040 [ 6C02A83164F5CC0A262F4199F0871CF5 ] bowser C:\windows\system32\DRIVERS\bowser.sys
11:16:33.0357 4040 bowser - ok
11:16:33.0388 4040 [ F09EEE9EDC320B5E1501F749FDE686C8 ] BrFiltLo C:\windows\system32\drivers\BrFiltLo.sys
11:16:33.0481 4040 BrFiltLo - ok
11:16:33.0501 4040 [ B114D3098E9BDB8BEA8B053685831BE6 ] BrFiltUp C:\windows\system32\drivers\BrFiltUp.sys
11:16:33.0573 4040 BrFiltUp - ok
11:16:33.0635 4040 [ 05F5A0D14A2EE1D8255C2AA0E9E8E694 ] Browser C:\windows\System32\browser.dll
11:16:33.0699 4040 Browser - ok
11:16:33.0745 4040 [ 43BEA8D483BF1870F018E2D02E06A5BD ] Brserid C:\windows\System32\Drivers\Brserid.sys
11:16:33.0842 4040 Brserid - ok
11:16:33.0859 4040 [ A6ECA2151B08A09CACECA35C07F05B42 ] BrSerWdm C:\windows\System32\Drivers\BrSerWdm.sys
11:16:33.0919 4040 BrSerWdm - ok
11:16:33.0943 4040 [ B79968002C277E869CF38BD22CD61524 ] BrUsbMdm C:\windows\System32\Drivers\BrUsbMdm.sys
11:16:34.0012 4040 BrUsbMdm - ok
11:16:34.0050 4040 [ A87528880231C54E75EA7A44943B38BF ] BrUsbSer C:\windows\System32\Drivers\BrUsbSer.sys
11:16:34.0103 4040 BrUsbSer - ok
11:16:34.0124 4040 [ 9DA669F11D1F894AB4EB69BF546A42E8 ] BTHMODEM C:\windows\system32\drivers\bthmodem.sys
11:16:34.0177 4040 BTHMODEM - ok
11:16:34.0215 4040 [ 95F9C2976059462CBBF227F7AAB10DE9 ] bthserv C:\windows\system32\bthserv.dll
11:16:34.0321 4040 bthserv - ok
11:16:34.0348 4040 [ B8BD2BB284668C84865658C77574381A ] cdfs C:\windows\system32\DRIVERS\cdfs.sys
11:16:34.0477 4040 cdfs - ok
11:16:34.0529 4040 [ F036CE71586E93D94DAB220D7BDF4416 ] cdrom C:\windows\system32\DRIVERS\cdrom.sys
11:16:34.0612 4040 cdrom - ok
11:16:34.0680 4040 [ F17D1D393BBC69C5322FBFAFACA28C7F ] CertPropSvc C:\windows\System32\certprop.dll
11:16:34.0822 4040 CertPropSvc - ok
11:16:34.0842 4040 [ D7CD5C4E1B71FA62050515314CFB52CF ] circlass C:\windows\system32\drivers\circlass.sys
11:16:34.0922 4040 circlass - ok
11:16:35.0000 4040 [ FE1EC06F2253F691FE36217C592A0206 ] CLFS C:\windows\system32\CLFS.sys
11:16:35.0044 4040 CLFS - ok
11:16:35.0254 4040 [ D88040F816FDA31C3B466F0FA0918F29 ] clr_optimization_v2.0.50727_32 C:\windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
11:16:35.0388 4040 clr_optimization_v2.0.50727_32 - ok
11:16:35.0459 4040 [ D1CEEA2B47CB998321C579651CE3E4F8 ] clr_optimization_v2.0.50727_64 C:\windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
11:16:35.0511 4040 clr_optimization_v2.0.50727_64 - ok
11:16:35.0595 4040 [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
11:16:35.0659 4040 clr_optimization_v4.0.30319_32 - ok
11:16:35.0747 4040 [ C6F9AF94DCD58122A4D7E89DB6BED29D ] clr_optimization_v4.0.30319_64 C:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
11:16:35.0789 4040 clr_optimization_v4.0.30319_64 - ok
11:16:35.0821 4040 [ 0840155D0BDDF1190F84A663C284BD33 ] CmBatt C:\windows\system32\DRIVERS\CmBatt.sys
11:16:35.0861 4040 CmBatt - ok
11:16:35.0879 4040 [ E19D3F095812725D88F9001985B94EDD ] cmdide C:\windows\system32\drivers\cmdide.sys
11:16:35.0910 4040 cmdide - ok
11:16:35.0953 4040 [ 9AC4F97C2D3E93367E2148EA940CD2CD ] CNG C:\windows\system32\Drivers\cng.sys
11:16:36.0046 4040 CNG - ok
11:16:36.0072 4040 [ 102DE219C3F61415F964C88E9085AD14 ] Compbatt C:\windows\system32\drivers\compbatt.sys
11:16:36.0119 4040 Compbatt - ok
11:16:36.0141 4040 [ 03EDB043586CCEBA243D689BDDA370A8 ] CompositeBus C:\windows\system32\DRIVERS\CompositeBus.sys
11:16:36.0200 4040 CompositeBus - ok
11:16:36.0211 4040 COMSysApp - ok
11:16:36.0287 4040 [ 1C827878A998C18847245FE1F34EE597 ] crcdisk C:\windows\system32\drivers\crcdisk.sys
11:16:36.0328 4040 crcdisk - ok
11:16:36.0407 4040 [ 9C01375BE382E834CC26D1B7EAF2C4FE ] CryptSvc C:\windows\system32\cryptsvc.dll
11:16:36.0528 4040 CryptSvc - ok
11:16:36.0653 4040 [ 5C627D1B1138676C0A7AB2C2C190D123 ] DcomLaunch C:\windows\system32\rpcss.dll
11:16:36.0788 4040 DcomLaunch - ok
11:16:36.0868 4040 [ 3CEC7631A84943677AA8FA8EE5B6B43D ] defragsvc C:\windows\System32\defragsvc.dll
11:16:37.0015 4040 defragsvc - ok
11:16:37.0053 4040 [ 9BB2EF44EAA163B29C4A4587887A0FE4 ] DfsC C:\windows\system32\Drivers\dfsc.sys
11:16:37.0163 4040 DfsC - ok
11:16:37.0211 4040 [ 43D808F5D9E1A18E5EEB5EBC83969E4E ] Dhcp C:\windows\system32\dhcpcore.dll
11:16:37.0311 4040 Dhcp - ok
11:16:37.0371 4040 [ 13096B05847EC78F0977F2C0F79E9AB3 ] discache C:\windows\system32\drivers\discache.sys
11:16:37.0485 4040 discache - ok
11:16:37.0527 4040 [ 9819EEE8B5EA3784EC4AF3B137A5244C ] Disk C:\windows\system32\drivers\disk.sys
11:16:37.0560 4040 Disk - ok
11:16:37.0631 4040 [ 16835866AAA693C7D7FCEBA8FFF706E4 ] Dnscache C:\windows\System32\dnsrslvr.dll
11:16:37.0742 4040 Dnscache - ok
11:16:37.0784 4040 [ B1FB3DDCA0FDF408750D5843591AFBC6 ] dot3svc C:\windows\System32\dot3svc.dll
11:16:37.0911 4040 dot3svc - ok
11:16:37.0961 4040 [ B26F4F737E8F9DF4F31AF6CF31D05820 ] DPS C:\windows\system32\dps.dll
11:16:38.0088 4040 DPS - ok
11:16:38.0204 4040 [ 9B19F34400D24DF84C858A421C205754 ] drmkaud C:\windows\system32\drivers\drmkaud.sys
11:16:38.0273 4040 drmkaud - ok
11:16:38.0330 4040 [ 85DBF6EC7BDFA6187F4A1EC8F3145CD0 ] DXGKrnl C:\windows\System32\drivers\dxgkrnl.sys
11:16:38.0398 4040 DXGKrnl - ok
11:16:38.0458 4040 [ E2DDA8726DA9CB5B2C4000C9018A9633 ] EapHost C:\windows\System32\eapsvc.dll
11:16:38.0587 4040 EapHost - ok
11:16:38.0957 4040 [ DC5D737F51BE844D8C82C695EB17372F ] ebdrv C:\windows\system32\drivers\evbda.sys
11:16:39.0154 4040 ebdrv - ok
11:16:39.0186 4040 [ C118A82CD78818C29AB228366EBF81C3 ] EFS C:\windows\System32\lsass.exe
11:16:39.0355 4040 EFS - ok
11:16:39.0414 4040 [ C4002B6B41975F057D98C439030CEA07 ] ehRecvr C:\windows\ehome\ehRecvr.exe
11:16:39.0654 4040 ehRecvr - ok
11:16:39.0700 4040 [ 4705E8EF9934482C5BB488CE28AFC681 ] ehSched C:\windows\ehome\ehsched.exe
11:16:39.0755 4040 ehSched - ok
11:16:39.0822 4040 [ 0E5DA5369A0FCAEA12456DD852545184 ] elxstor C:\windows\system32\drivers\elxstor.sys
11:16:39.0920 4040 elxstor - ok
11:16:40.0020 4040 [ 34A3C54752046E79A126E15C51DB409B ] ErrDev C:\windows\system32\drivers\errdev.sys
11:16:40.0099 4040 ErrDev - ok
11:16:40.0202 4040 [ 4166F82BE4D24938977DD1746BE9B8A0 ] EventSystem C:\windows\system32\es.dll
11:16:40.0391 4040 EventSystem - ok
11:16:40.0430 4040 [ A510C654EC00C1E9BDD91EEB3A59823B ] exfat C:\windows\system32\drivers\exfat.sys
11:16:40.0537 4040 exfat - ok
11:16:40.0581 4040 [ 0ADC83218B66A6DB380C330836F3E36D ] fastfat C:\windows\system32\drivers\fastfat.sys
11:16:40.0693 4040 fastfat - ok
11:16:40.0771 4040 [ DBEFD454F8318A0EF691FDD2EAAB44EB ] Fax C:\windows\system32\fxssvc.exe
11:16:40.0856 4040 Fax - ok
11:16:40.0904 4040 [ D765D19CD8EF61F650C384F62FAC00AB ] fdc C:\windows\system32\drivers\fdc.sys
11:16:40.0978 4040 fdc - ok
11:16:41.0029 4040 [ 0438CAB2E03F4FB61455A7956026FE86 ] fdPHost C:\windows\system32\fdPHost.dll
11:16:41.0118 4040 fdPHost - ok
11:16:41.0140 4040 [ 802496CB59A30349F9A6DD22D6947644 ] FDResPub C:\windows\system32\fdrespub.dll
11:16:41.0350 4040 FDResPub - ok
11:16:41.0374 4040 [ 655661BE46B5F5F3FD454E2C3095B930 ] FileInfo C:\windows\system32\drivers\fileinfo.sys
11:16:41.0432 4040 FileInfo - ok
11:16:41.0457 4040 [ 5F671AB5BC87EEA04EC38A6CD5962A47 ] Filetrace C:\windows\system32\drivers\filetrace.sys
11:16:41.0585 4040 Filetrace - ok
11:16:41.0617 4040 [ C172A0F53008EAEB8EA33FE10E177AF5 ] flpydisk C:\windows\system32\drivers\flpydisk.sys
11:16:41.0657 4040 flpydisk - ok
11:16:41.0709 4040 [ DA6B67270FD9DB3697B20FCE94950741 ] FltMgr C:\windows\system32\drivers\fltmgr.sys
11:16:41.0754 4040 FltMgr - ok
11:16:41.0815 4040 [ 5C4CB4086FB83115B153E47ADD961A0C ] FontCache C:\windows\system32\FntCache.dll
11:16:41.0908 4040 FontCache - ok
11:16:41.0974 4040 [ A8B7F3818AB65695E3A0BB3279F6DCE6 ] FontCache3.0.0.0 C:\windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
11:16:42.0028 4040 FontCache3.0.0.0 - ok
11:16:42.0055 4040 [ D43703496149971890703B4B1B723EAC ] FsDepends C:\windows\system32\drivers\FsDepends.sys
11:16:42.0089 4040 FsDepends - ok
11:16:42.0113 4040 [ 6BD9295CC032DD3077C671FCCF579A7B ] Fs_Rec C:\windows\system32\drivers\Fs_Rec.sys
11:16:42.0152 4040 Fs_Rec - ok
11:16:42.0186 4040 [ 1F7B25B858FA27015169FE95E54108ED ] fvevol C:\windows\system32\DRIVERS\fvevol.sys
11:16:42.0247 4040 fvevol - ok
11:16:42.0291 4040 [ 60ACB128E64C35C2B4E4AAB1B0A5C293 ] FwLnk C:\windows\system32\DRIVERS\FwLnk.sys
11:16:42.0328 4040 FwLnk - ok
11:16:42.0370 4040 [ 8C778D335C9D272CFD3298AB02ABE3B6 ] gagp30kx C:\windows\system32\drivers\gagp30kx.sys
11:16:42.0432 4040 gagp30kx - ok
11:16:42.0500 4040 [ 277BBC7E1AA1EE957F573A10ECA7EF3A ] gpsvc C:\windows\System32\gpsvc.dll
11:16:42.0609 4040 gpsvc - ok
11:16:42.0732 4040 [ F02A533F517EB38333CB12A9E8963773 ] gupdate C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
11:16:42.0762 4040 gupdate - ok
11:16:42.0781 4040 [ F02A533F517EB38333CB12A9E8963773 ] gupdatem C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
11:16:42.0808 4040 gupdatem - ok
11:16:42.0853 4040 [ 5D4BC124FAAE6730AC002CDB67BF1A1C ] gusvc C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
11:16:42.0896 4040 gusvc - ok
11:16:42.0950 4040 [ F2523EF6460FC42405B12248338AB2F0 ] hcw85cir C:\windows\system32\drivers\hcw85cir.sys
11:16:43.0182 4040 hcw85cir - ok
11:16:43.0230 4040 [ 975761C778E33CD22498059B91E7373A ] HdAudAddService C:\windows\system32\drivers\HdAudio.sys
11:16:43.0334 4040 HdAudAddService - ok
11:16:43.0384 4040 [ 97BFED39B6B79EB12CDDBFEED51F56BB ] HDAudBus C:\windows\system32\DRIVERS\HDAudBus.sys
11:16:43.0473 4040 HDAudBus - ok
11:16:43.0517 4040 [ 78E86380454A7B10A5EB255DC44A355F ] HidBatt C:\windows\system32\drivers\HidBatt.sys
11:16:43.0849 4040 HidBatt - ok
11:16:43.0866 4040 [ 7FD2A313F7AFE5C4DAB14798C48DD104 ] HidBth C:\windows\system32\drivers\hidbth.sys
11:16:43.0954 4040 HidBth - ok
11:16:43.0988 4040 [ 0A77D29F311B88CFAE3B13F9C1A73825 ] HidIr C:\windows\system32\drivers\hidir.sys
11:16:44.0054 4040 HidIr - ok
11:16:44.0100 4040 [ BD9EB3958F213F96B97B1D897DEE006D ] hidserv C:\windows\system32\hidserv.dll
11:16:44.0232 4040 hidserv - ok
11:16:44.0269 4040 [ 9592090A7E2B61CD582B612B6DF70536 ] HidUsb C:\windows\system32\DRIVERS\hidusb.sys
11:16:44.0303 4040 HidUsb - ok
11:16:44.0342 4040 [ 387E72E739E15E3D37907A86D9FF98E2 ] hkmsvc C:\windows\system32\kmsvc.dll
11:16:44.0464 4040 hkmsvc - ok
11:16:44.0530 4040 [ EFDFB3DD38A4376F93E7985173813ABD ] HomeGroupListener C:\windows\system32\ListSvc.dll
11:16:44.0649 4040 HomeGroupListener - ok
11:16:44.0702 4040 [ 908ACB1F594274965A53926B10C81E89 ] HomeGroupProvider C:\windows\system32\provsvc.dll
11:16:44.0770 4040 HomeGroupProvider - ok
11:16:44.0848 4040 [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC ] HpSAMD C:\windows\system32\drivers\HpSAMD.sys
11:16:44.0882 4040 HpSAMD - ok
11:16:44.0940 4040 [ 0EA7DE1ACB728DD5A369FD742D6EEE28 ] HTTP C:\windows\system32\drivers\HTTP.sys
11:16:45.0074 4040 HTTP - ok
11:16:45.0103 4040 [ A5462BD6884960C9DC85ED49D34FF392 ] hwpolicy C:\windows\system32\drivers\hwpolicy.sys
11:16:45.0131 4040 hwpolicy - ok
11:16:45.0155 4040 [ FA55C73D4AFFA7EE23AC4BE53B4592D3 ] i8042prt C:\windows\system32\DRIVERS\i8042prt.sys
11:16:45.0189 4040 i8042prt - ok
11:16:45.0249 4040 [ AAAF44DB3BD0B9D1FB6969B23ECC8366 ] iaStorV C:\windows\system32\drivers\iaStorV.sys
11:16:45.0298 4040 iaStorV - ok
11:16:45.0420 4040 [ 5988FC40F8DB5B0739CD1E3A5D0D78BD ] idsvc C:\windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
11:16:45.0485 4040 idsvc - ok
11:16:45.0514 4040 [ 5C18831C61933628F5BB0EA2675B9D21 ] iirsp C:\windows\system32\drivers\iirsp.sys
11:16:45.0545 4040 iirsp - ok
11:16:45.0603 4040 [ FCD84C381E0140AF901E58D48882D26B ] IKEEXT C:\windows\System32\ikeext.dll
11:16:45.0734 4040 IKEEXT - ok
11:16:45.0976 4040 [ 0A30A899C6295F908729EDA7F95615A8 ] IntcAzAudAddService C:\windows\system32\drivers\RTKVHD64.sys
11:16:46.0170 4040 IntcAzAudAddService - ok
11:16:46.0236 4040 [ F00F20E70C6EC3AA366910083A0518AA ] intelide C:\windows\system32\drivers\intelide.sys
11:16:46.0260 4040 intelide - ok
11:16:46.0291 4040 [ ADA036632C664CAA754079041CF1F8C1 ] intelppm C:\windows\system32\drivers\intelppm.sys
11:16:46.0338 4040 intelppm - ok
11:16:46.0385 4040 [ 098A91C54546A3B878DAD6A7E90A455B ] IPBusEnum C:\windows\system32\ipbusenum.dll
11:16:46.0525 4040 IPBusEnum - ok
11:16:46.0541 4040 [ C9F0E1BD74365A8771590E9008D22AB6 ] IpFilterDriver C:\windows\system32\DRIVERS\ipfltdrv.sys
11:16:46.0634 4040 IpFilterDriver - ok
11:16:46.0743 4040 [ 08C2957BB30058E663720C5606885653 ] iphlpsvc C:\windows\System32\iphlpsvc.dll
11:16:46.0806 4040 iphlpsvc - ok
11:16:46.0853 4040 [ 0FC1AEA580957AA8817B8F305D18CA3A ] IPMIDRV C:\windows\system32\drivers\IPMIDrv.sys
11:16:46.0899 4040 IPMIDRV - ok
11:16:46.0915 4040 [ AF9B39A7E7B6CAA203B3862582E9F2D0 ] IPNAT C:\windows\system32\drivers\ipnat.sys
11:16:47.0009 4040 IPNAT - ok
11:16:47.0040 4040 [ 3ABF5E7213EB28966D55D58B515D5CE9 ] IRENUM C:\windows\system32\drivers\irenum.sys
11:16:47.0118 4040 IRENUM - ok
11:16:47.0118 4040 [ 2F7B28DC3E1183E5EB418DF55C204F38 ] isapnp C:\windows\system32\drivers\isapnp.sys
11:16:47.0165 4040 isapnp - ok
11:16:47.0211 4040 [ D931D7309DEB2317035B07C9F9E6B0BD ] iScsiPrt C:\windows\system32\drivers\msiscsi.sys
11:16:47.0258 4040 iScsiPrt - ok
11:16:47.0274 4040 [ BC02336F1CBA7DCC7D1213BB588A68A5 ] kbdclass C:\windows\system32\DRIVERS\kbdclass.sys
11:16:47.0305 4040 kbdclass - ok
11:16:47.0336 4040 [ 0705EFF5B42A9DB58548EEC3B26BB484 ] kbdhid C:\windows\system32\drivers\kbdhid.sys
11:16:47.0414 4040 kbdhid - ok
11:16:47.0430 4040 [ C118A82CD78818C29AB228366EBF81C3 ] KeyIso C:\windows\system32\lsass.exe
11:16:47.0461 4040 KeyIso - ok
11:16:47.0508 4040 [ 97A7070AEA4C058B6418519E869A63B4 ] KSecDD C:\windows\system32\Drivers\ksecdd.sys
11:16:47.0539 4040 KSecDD - ok
11:16:47.0570 4040 [ 26C43A7C2862447EC59DEDA188D1DA07 ] KSecPkg C:\windows\system32\Drivers\ksecpkg.sys
11:16:47.0617 4040 KSecPkg - ok
11:16:47.0648 4040 [ 6869281E78CB31A43E969F06B57347C4 ] ksthunk C:\windows\system32\drivers\ksthunk.sys
11:16:47.0757 4040 ksthunk - ok
11:16:47.0835 4040 [ 6AB66E16AA859232F64DEB66887A8C9C ] KtmRm C:\windows\system32\msdtckrm.dll
11:16:47.0945 4040 KtmRm - ok
11:16:47.0991 4040 [ D9F42719019740BAA6D1C6D536CBDAA6 ] LanmanServer C:\windows\system32\srvsvc.dll
11:16:48.0101 4040 LanmanServer - ok
11:16:48.0147 4040 [ 851A1382EED3E3A7476DB004F4EE3E1A ] LanmanWorkstation C:\windows\System32\wkssvc.dll
11:16:48.0241 4040 LanmanWorkstation - ok
11:16:48.0272 4040 [ 1538831CF8AD2979A04C423779465827 ] lltdio C:\windows\system32\DRIVERS\lltdio.sys
11:16:48.0381 4040 lltdio - ok
11:16:48.0444 4040 [ C1185803384AB3FEED115F79F109427F ] lltdsvc C:\windows\System32\lltdsvc.dll
11:16:48.0553 4040 lltdsvc - ok
11:16:48.0569 4040 [ F993A32249B66C9D622EA5592A8B76B8 ] lmhosts C:\windows\System32\lmhsvc.dll
11:16:48.0678 4040 lmhosts - ok
11:16:48.0709 4040 [ 1A93E54EB0ECE102495A51266DCDB6A6 ] LSI_FC C:\windows\system32\drivers\lsi_fc.sys
11:16:48.0756 4040 LSI_FC - ok
11:16:48.0787 4040 [ 1047184A9FDC8BDBFF857175875EE810 ] LSI_SAS C:\windows\system32\drivers\lsi_sas.sys
11:16:48.0818 4040 LSI_SAS - ok
11:16:48.0834 4040 [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93 ] LSI_SAS2 C:\windows\system32\drivers\lsi_sas2.sys
11:16:48.0865 4040 LSI_SAS2 - ok
11:16:48.0881 4040 [ 0504EACAFF0D3C8AED161C4B0D369D4A ] LSI_SCSI C:\windows\system32\drivers\lsi_scsi.sys
11:16:48.0927 4040 LSI_SCSI - ok
11:16:48.0959 4040 [ 43D0F98E1D56CCDDB0D5254CFF7B356E ] luafv C:\windows\system32\drivers\luafv.sys
11:16:49.0177 4040 luafv - ok
11:16:49.0224 4040 [ A8FE8F2783B2929B56F5370A89356CE9 ] MBAMProtector C:\windows\system32\drivers\mbam.sys
11:16:49.0333 4040 MBAMProtector - ok
11:16:49.0442 4040 [ 85B16A92B117A5A800032ECD904B86DB ] MBAMScheduler C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
11:16:49.0473 4040 MBAMScheduler - ok
11:16:49.0536 4040 [ 20E2469DB709FC675E655CEAA11BE312 ] MBAMService C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
11:16:49.0583 4040 MBAMService - ok
11:16:49.0614 4040 [ 0BE09CD858ABF9DF6ED259D57A1A1663 ] Mcx2Svc C:\windows\system32\Mcx2Svc.dll
11:16:49.0661 4040 Mcx2Svc - ok
11:16:49.0692 4040 [ A55805F747C6EDB6A9080D7C633BD0F4 ] megasas C:\windows\system32\drivers\megasas.sys
11:16:49.0754 4040 megasas - ok
11:16:49.0785 4040 [ BAF74CE0072480C3B6B7C13B2A94D6B3 ] MegaSR C:\windows\system32\drivers\MegaSR.sys
11:16:49.0817 4040 MegaSR - ok
11:16:49.0863 4040 [ E40E80D0304A73E8D269F7141D77250B ] MMCSS C:\windows\system32\mmcss.dll
11:16:49.0957 4040 MMCSS - ok
11:16:50.0004 4040 [ 800BA92F7010378B09F9ED9270F07137 ] Modem C:\windows\system32\drivers\modem.sys
11:16:50.0113 4040 Modem - ok
11:16:50.0144 4040 [ B03D591DC7DA45ECE20B3B467E6AADAA ] monitor C:\windows\system32\DRIVERS\monitor.sys
11:16:50.0191 4040 monitor - ok
11:16:50.0253 4040 [ 7D27EA49F3C1F687D357E77A470AEA99 ] mouclass C:\windows\system32\DRIVERS\mouclass.sys
11:16:50.0285 4040 mouclass - ok
11:16:50.0316 4040 [ D3BF052C40B0C4166D9FD86A4288C1E6 ] mouhid C:\windows\system32\DRIVERS\mouhid.sys
11:16:50.0394 4040 mouhid - ok
11:16:50.0441 4040 [ 32E7A3D591D671A6DF2DB515A5CBE0FA ] mountmgr C:\windows\system32\drivers\mountmgr.sys
11:16:50.0503 4040 mountmgr - ok
11:16:50.0550 4040 [ 05BF204EC0E82CC4A054DB189C8A3D84 ] MpFilter C:\windows\system32\DRIVERS\MpFilter.sys
11:16:50.0597 4040 MpFilter - ok
11:16:50.0628 4040 [ A44B420D30BD56E145D6A2BC8768EC58 ] mpio C:\windows\system32\drivers\mpio.sys
11:16:50.0675 4040 mpio - ok
11:16:50.0737 4040 [ 6C38C9E45AE0EA2FA5E551F2ED5E978F ] mpsdrv C:\windows\system32\drivers\mpsdrv.sys
11:16:50.0831 4040 mpsdrv - ok
11:16:50.0940 4040 [ 54FFC9C8898113ACE189D4AA7199D2C1 ] MpsSvc C:\windows\system32\mpssvc.dll
11:16:51.0065 4040 MpsSvc - ok
11:16:51.0096 4040 [ DC722758B8261E1ABAFD31A3C0A66380 ] MRxDAV C:\windows\system32\drivers\mrxdav.sys
11:16:51.0174 4040 MRxDAV - ok
11:16:51.0221 4040 [ A5D9106A73DC88564C825D317CAC68AC ] mrxsmb C:\windows\system32\DRIVERS\mrxsmb.sys
11:16:51.0283 4040 mrxsmb - ok
11:16:51.0345 4040 [ D711B3C1D5F42C0C2415687BE09FC163 ] mrxsmb10 C:\windows\system32\DRIVERS\mrxsmb10.sys
11:16:51.0377 4040 mrxsmb10 - ok
11:16:51.0408 4040 [ 9423E9D355C8D303E76B8CFBD8A5C30C ] mrxsmb20 C:\windows\system32\DRIVERS\mrxsmb20.sys
11:16:51.0439 4040 mrxsmb20 - ok
11:16:51.0470 4040 [ C25F0BAFA182CBCA2DD3C851C2E75796 ] msahci C:\windows\system32\drivers\msahci.sys
11:16:51.0501 4040 msahci - ok
11:16:51.0564 4040 [ DB801A638D011B9633829EB6F663C900 ] msdsm C:\windows\system32\drivers\msdsm.sys
11:16:51.0626 4040 msdsm - ok
11:16:51.0673 4040 [ DE0ECE52236CFA3ED2DBFC03F28253A8 ] MSDTC C:\windows\System32\msdtc.exe
11:16:51.0720 4040 MSDTC - ok
11:16:51.0767 4040 [ AA3FB40E17CE1388FA1BEDAB50EA8F96 ] Msfs C:\windows\system32\drivers\Msfs.sys
11:16:51.0845 4040 Msfs - ok
11:16:51.0891 4040 [ F9D215A46A8B9753F61767FA72A20326 ] mshidkmdf C:\windows\System32\drivers\mshidkmdf.sys
11:16:52.0047 4040 mshidkmdf - ok
11:16:52.0094 4040 [ D916874BBD4F8B07BFB7FA9B3CCAE29D ] msisadrv C:\windows\system32\drivers\msisadrv.sys
11:16:52.0125 4040 msisadrv - ok
11:16:52.0188 4040 [ 808E98FF49B155C522E6400953177B08 ] MSiSCSI C:\windows\system32\iscsiexe.dll
11:16:52.0313 4040 MSiSCSI - ok
11:16:52.0328 4040 msiserver - ok
11:16:52.0359 4040 [ 49CCF2C4FEA34FFAD8B1B59D49439366 ] MSKSSRV C:\windows\system32\drivers\MSKSSRV.sys
11:16:52.0500 4040 MSKSSRV - ok
11:16:52.0609 4040 [ CC8E4F72F21340A4D3A3D4DB50313EF5 ] MsMpSvc c:\Program Files\Microsoft Security Client\MsMpEng.exe
11:16:52.0640 4040 MsMpSvc - ok
11:16:52.0671 4040 [ BDD71ACE35A232104DDD349EE70E1AB3 ] MSPCLOCK C:\windows\system32\drivers\MSPCLOCK.sys
11:16:52.0781 4040 MSPCLOCK - ok
11:16:52.0796 4040 [ 4ED981241DB27C3383D72092B618A1D0 ] MSPQM C:\windows\system32\drivers\MSPQM.sys
11:16:52.0905 4040 MSPQM - ok
11:16:52.0983 4040 [ 759A9EEB0FA9ED79DA1FB7D4EF78866D ] MsRPC C:\windows\system32\drivers\MsRPC.sys
11:16:53.0046 4040 MsRPC - ok
11:16:53.0093 4040 [ 0EED230E37515A0EAEE3C2E1BC97B288 ] mssmbios C:\windows\system32\DRIVERS\mssmbios.sys
11:16:53.0139 4040 mssmbios - ok
11:16:53.0155 4040 [ 2E66F9ECB30B4221A318C92AC2250779 ] MSTEE C:\windows\system32\drivers\MSTEE.sys
11:16:53.0311 4040 MSTEE - ok
11:16:53.0342 4040 [ 7EA404308934E675BFFDE8EDF0757BCD ] MTConfig C:\windows\system32\drivers\MTConfig.sys
11:16:53.0373 4040 MTConfig - ok
11:16:53.0405 4040 [ F9A18612FD3526FE473C1BDA678D61C8 ] Mup C:\windows\system32\Drivers\mup.sys
11:16:53.0451 4040 Mup - ok
11:16:53.0514 4040 [ 582AC6D9873E31DFA28A4547270862DD ] napagent C:\windows\system32\qagentRT.dll
11:16:53.0685 4040 napagent - ok
11:16:53.0717 4040 [ 1EA3749C4114DB3E3161156FFFFA6B33 ] NativeWifiP C:\windows\system32\DRIVERS\nwifi.sys
11:16:53.0795 4040 NativeWifiP - ok
11:16:53.0904 4040 [ 760E38053BF56E501D562B70AD796B88 ] NDIS C:\windows\system32\drivers\ndis.sys
11:16:54.0013 4040 NDIS - ok
11:16:54.0060 4040 [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC ] NdisCap C:\windows\system32\DRIVERS\ndiscap.sys
11:16:54.0169 4040 NdisCap - ok
11:16:54.0200 4040 [ 30639C932D9FEF22B31268FE25A1B6E5 ] NdisTapi C:\windows\system32\DRIVERS\ndistapi.sys
11:16:54.0294 4040 NdisTapi - ok
11:16:54.0309 4040 [ 136185F9FB2CC61E573E676AA5402356 ] Ndisuio C:\windows\system32\DRIVERS\ndisuio.sys
11:16:54.0419 4040 Ndisuio - ok
11:16:54.0497 4040 [ 53F7305169863F0A2BDDC49E116C2E11 ] NdisWan C:\windows\system32\DRIVERS\ndiswan.sys
11:16:54.0606 4040 NdisWan - ok
11:16:54.0621 4040 [ 015C0D8E0E0421B4CFD48CFFE2825879 ] NDProxy C:\windows\system32\drivers\NDProxy.sys
11:16:54.0699 4040 NDProxy - ok
11:16:54.0746 4040 [ 86743D9F5D2B1048062B14B1D84501C4 ] NetBIOS C:\windows\system32\DRIVERS\netbios.sys
11:16:54.0855 4040 NetBIOS - ok
11:16:54.0887 4040 [ 09594D1089C523423B32A4229263F068 ] NetBT C:\windows\system32\DRIVERS\netbt.sys
11:16:54.0965 4040 NetBT - ok
11:16:54.0996 4040 [ C118A82CD78818C29AB228366EBF81C3 ] Netlogon C:\windows\system32\lsass.exe
11:16:55.0043 4040 Netlogon - ok
11:16:55.0105 4040 [ 847D3AE376C0817161A14A82C8922A9E ] Netman C:\windows\System32\netman.dll
11:16:55.0245 4040 Netman - ok
11:16:55.0323 4040 [ 5F28111C648F1E24F7DBC87CDEB091B8 ] netprofm C:\windows\System32\netprofm.dll
11:16:55.0433 4040 netprofm - ok
11:16:55.0479 4040 [ 3E5A36127E201DDF663176B66828FAFE ] NetTcpPortSharing C:\windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe
11:16:55.0542 4040 NetTcpPortSharing - ok
11:16:55.0589 4040 [ 77889813BE4D166CDAB78DDBA990DA92 ] nfrd960 C:\windows\system32\drivers\nfrd960.sys
11:16:55.0620 4040 nfrd960 - ok
11:16:55.0651 4040 [ 5FF89F20317309D28AC1EDEB0CD1BA72 ] NisDrv C:\windows\system32\DRIVERS\NisDrvWFP.sys
11:16:55.0682 4040 NisDrv - ok
11:16:55.0745 4040 [ 79E80B10FE8F6662E0C9162A68C43444 ] NisSrv c:\Program Files\Microsoft Security Client\NisSrv.exe
11:16:55.0807 4040 NisSrv - ok
11:16:55.0869 4040 [ 8AD77806D336673F270DB31645267293 ] NlaSvc C:\windows\System32\nlasvc.dll
11:16:55.0916 4040 NlaSvc - ok
11:16:55.0947 4040 [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7 ] Npfs C:\windows\system32\drivers\Npfs.sys
11:16:56.0041 4040 Npfs - ok
11:16:56.0072 4040 [ D54BFDF3E0C953F823B3D0BFE4732528 ] nsi C:\windows\system32\nsisvc.dll
11:16:56.0181 4040 nsi - ok
11:16:56.0213 4040 [ E7F5AE18AF4168178A642A9247C63001 ] nsiproxy C:\windows\system32\drivers\nsiproxy.sys
11:16:56.0322 4040 nsiproxy - ok
11:16:56.0540 4040 [ E453ACF4E7D44E5530B5D5F2B9CA8563 ] Ntfs C:\windows\system32\drivers\Ntfs.sys
11:16:56.0681 4040 Ntfs - ok
11:16:56.0727 4040 [ 9899284589F75FA8724FF3D16AED75C1 ] Null C:\windows\system32\drivers\Null.sys
11:16:56.0821 4040 Null - ok
11:16:56.0899 4040 [ 0A92CB65770442ED0DC44834632F66AD ] nvraid C:\windows\system32\drivers\nvraid.sys
11:16:56.0961 4040 nvraid - ok
11:16:57.0008 4040 [ DAB0E87525C10052BF65F06152F37E4A ] nvstor C:\windows\system32\drivers\nvstor.sys
11:16:57.0039 4040 nvstor - ok
11:16:57.0071 4040 [ 270D7CD42D6E3979F6DD0146650F0E05 ] nv_agp C:\windows\system32\drivers\nv_agp.sys
11:16:57.0102 4040 nv_agp - ok
11:16:57.0117 4040 [ 3589478E4B22CE21B41FA1BFC0B8B8A0 ] ohci1394 C:\windows\system32\drivers\ohci1394.sys
11:16:57.0149 4040 ohci1394 - ok
11:16:57.0195 4040 [ 9D10F99A6712E28F8ACD5641E3A7EA6B ] ose C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
11:16:57.0227 4040 ose - ok
11:16:57.0492 4040 [ 61BFFB5F57AD12F83AB64B7181829B34 ] osppsvc C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
11:16:57.0788 4040 osppsvc - ok
11:16:57.0835 4040 [ 3EAC4455472CC2C97107B5291E0DCAFE ] p2pimsvc C:\windows\system32\pnrpsvc.dll
11:16:57.0929 4040 p2pimsvc - ok
11:16:57.0975 4040 [ 927463ECB02179F88E4B9A17568C63C3 ] p2psvc C:\windows\system32\p2psvc.dll
11:16:58.0022 4040 p2psvc - ok
11:16:58.0053 4040 [ 0086431C29C35BE1DBC43F52CC273887 ] Parport C:\windows\system32\drivers\parport.sys
11:16:58.0100 4040 Parport - ok
11:16:58.0131 4040 [ E9766131EEADE40A27DC27D2D68FBA9C ] partmgr C:\windows\system32\drivers\partmgr.sys
11:16:58.0163 4040 partmgr - ok
11:16:58.0194 4040 [ 3AEAA8B561E63452C655DC0584922257 ] PcaSvc C:\windows\System32\pcasvc.dll
11:16:58.0272 4040 PcaSvc - ok
11:16:58.0287 4040 [ 94575C0571D1462A0F70BDE6BD6EE6B3 ] pci C:\windows\system32\drivers\pci.sys
11:16:58.0334 4040 pci - ok
11:16:58.0365 4040 [ B5B8B5EF2E5CB34DF8DCF8831E3534FA ] pciide C:\windows\system32\DRIVERS\pciide.sys
11:16:58.0397 4040 pciide - ok
11:16:58.0428 4040 [ B2E81D4E87CE48589F98CB8C05B01F2F ] pcmcia C:\windows\system32\drivers\pcmcia.sys
11:16:58.0475 4040 pcmcia - ok
11:16:58.0506 4040 [ D6B9C2E1A11A3A4B26A182FFEF18F603 ] pcw C:\windows\system32\drivers\pcw.sys
11:16:58.0537 4040 pcw - ok
11:16:58.0584 4040 [ 68769C3356B3BE5D1C732C97B9A80D6E ] PEAUTH C:\windows\system32\drivers\peauth.sys
11:16:58.0709 4040 PEAUTH - ok
11:16:58.0802 4040 [ E495E408C93141E8FC72DC0C6046DDFA ] PerfHost C:\windows\SysWow64\perfhost.exe
11:16:58.0849 4040 PerfHost - ok
11:16:58.0911 4040 [ 91111CEBBDE8015E822C46120ED9537C ] PGEffect C:\windows\system32\DRIVERS\pgeffect.sys
11:16:58.0927 4040 PGEffect - ok
11:16:58.0989 4040 [ C7CF6A6E137463219E1259E3F0F0DD6C ] pla C:\windows\system32\pla.dll
11:16:59.0130 4040 pla - ok
11:16:59.0177 4040 [ 25FBDEF06C4D92815B353F6E792C8129 ] PlugPlay C:\windows\system32\umpnpmgr.dll
11:16:59.0255 4040 PlugPlay - ok
11:16:59.0270 4040 [ 7195581CEC9BB7D12ABE54036ACC2E38 ] PNRPAutoReg C:\windows\system32\pnrpauto.dll
11:16:59.0317 4040 PNRPAutoReg - ok
11:16:59.0348 4040 [ 3EAC4455472CC2C97107B5291E0DCAFE ] PNRPsvc C:\windows\system32\pnrpsvc.dll
11:16:59.0395 4040 PNRPsvc - ok
11:16:59.0442 4040 [ 4F15D75ADF6156BF56ECED6D4A55C389 ] PolicyAgent C:\windows\System32\ipsecsvc.dll
11:16:59.0551 4040 PolicyAgent - ok
11:16:59.0598 4040 [ 6BA9D927DDED70BD1A9CADED45F8B184 ] Power C:\windows\system32\umpo.dll
11:16:59.0691 4040 Power - ok
11:16:59.0738 4040 [ F92A2C41117A11A00BE01CA01A7FCDE9 ] PptpMiniport C:\windows\system32\DRIVERS\raspptp.sys
11:16:59.0847 4040 PptpMiniport - ok
11:16:59.0863 4040 [ 0D922E23C041EFB1C3FAC2A6F943C9BF ] Processor C:\windows\system32\drivers\processr.sys
11:16:59.0910 4040 Processor - ok
11:16:59.0941 4040 [ 53E83F1F6CF9D62F32801CF66D8352A8 ] ProfSvc C:\windows\system32\profsvc.dll
11:17:00.0003 4040 ProfSvc - ok
11:17:00.0019 4040 [ C118A82CD78818C29AB228366EBF81C3 ] ProtectedStorage C:\windows\system32\lsass.exe
11:17:00.0050 4040 ProtectedStorage - ok
11:17:00.0081 4040 [ 0557CF5A2556BD58E26384169D72438D ] Psched C:\windows\system32\DRIVERS\pacer.sys
11:17:00.0175 4040 Psched - ok
11:17:00.0237 4040 [ A53A15A11EBFD21077463EE2C7AFEEF0 ] ql2300 C:\windows\system32\drivers\ql2300.sys
11:17:00.0315 4040 ql2300 - ok
11:17:00.0347 4040 [ 4F6D12B51DE1AAEFF7DC58C4D75423C8 ] ql40xx C:\windows\system32\drivers\ql40xx.sys
11:17:00.0378 4040 ql40xx - ok
11:17:00.0409 4040 [ 906191634E99AEA92C4816150BDA3732 ] QWAVE C:\windows\system32\qwave.dll
11:17:00.0456 4040 QWAVE - ok
11:17:00.0487 4040 [ 76707BB36430888D9CE9D705398ADB6C ] QWAVEdrv C:\windows\system32\drivers\qwavedrv.sys
11:17:00.0549 4040 QWAVEdrv - ok
11:17:00.0565 4040 [ 5A0DA8AD5762FA2D91678A8A01311704 ] RasAcd C:\windows\system32\DRIVERS\rasacd.sys
11:17:00.0659 4040 RasAcd - ok
11:17:00.0690 4040 [ 7ECFF9B22276B73F43A99A15A6094E90 ] RasAgileVpn C:\windows\system32\DRIVERS\AgileVpn.sys
11:17:00.0768 4040 RasAgileVpn - ok
11:17:00.0783 4040 [ 8F26510C5383B8DBE976DE1CD00FC8C7 ] RasAuto C:\windows\System32\rasauto.dll
11:17:00.0893 4040 RasAuto - ok
11:17:00.0908 4040 [ 471815800AE33E6F1C32FB1B97C490CA ] Rasl2tp C:\windows\system32\DRIVERS\rasl2tp.sys
11:17:01.0002 4040 Rasl2tp - ok
11:17:01.0049 4040 [ EE867A0870FC9E4972BA9EAAD35651E2 ] RasMan C:\windows\System32\rasmans.dll
11:17:01.0142 4040 RasMan - ok
11:17:01.0173 4040 [ 855C9B1CD4756C5E9A2AA58A15F58C25 ] RasPppoe C:\windows\system32\DRIVERS\raspppoe.sys
11:17:01.0267 4040 RasPppoe - ok
11:17:01.0298 4040 [ E8B1E447B008D07FF47D016C2B0EEECB ] RasSstp C:\windows\system32\DRIVERS\rassstp.sys
11:17:01.0407 4040 RasSstp - ok
11:17:01.0439 4040 [ 77F665941019A1594D887A74F301FA2F ] rdbss C:\windows\system32\DRIVERS\rdbss.sys
11:17:01.0548 4040 rdbss - ok
11:17:01.0563 4040 [ 302DA2A0539F2CF54D7C6CC30C1F2D8D ] rdpbus C:\windows\system32\drivers\rdpbus.sys
11:17:01.0626 4040 rdpbus - ok
11:17:01.0641 4040 [ CEA6CC257FC9B7715F1C2B4849286D24 ] RDPCDD C:\windows\system32\DRIVERS\RDPCDD.sys
11:17:01.0735 4040 RDPCDD - ok
11:17:01.0766 4040 [ BB5971A4F00659529A5C44831AF22365 ] RDPENCDD C:\windows\system32\drivers\rdpencdd.sys
11:17:01.0860 4040 RDPENCDD - ok
11:17:01.0875 4040 [ 216F3FA57533D98E1F74DED70113177A ] RDPREFMP C:\windows\system32\drivers\rdprefmp.sys
11:17:01.0969 4040 RDPREFMP - ok
11:17:02.0000 4040 [ E61608AA35E98999AF9AAEEEA6114B0A ] RDPWD C:\windows\system32\drivers\RDPWD.sys
11:17:02.0047 4040 RDPWD - ok
11:17:02.0094 4040 [ 34ED295FA0121C241BFEF24764FC4520 ] rdyboost C:\windows\system32\drivers\rdyboost.sys
11:17:02.0125 4040 rdyboost - ok
11:17:02.0172 4040 [ 254FB7A22D74E5511C73A3F6D802F192 ] RemoteAccess C:\windows\System32\mprdim.dll
11:17:02.0265 4040 RemoteAccess - ok
11:17:02.0297 4040 [ E4D94F24081440B5FC5AA556C7C62702 ] RemoteRegistry C:\windows\system32\regsvc.dll
11:17:02.0390 4040 RemoteRegistry - ok
11:17:02.0406 4040 [ E4DC58CF7B3EA515AE917FF0D402A7BB ] RpcEptMapper C:\windows\System32\RpcEpMap.dll
11:17:02.0515 4040 RpcEptMapper - ok
11:17:02.0577 4040 [ D5BA242D4CF8E384DB90E6A8ED850B8C ] RpcLocator C:\windows\system32\locator.exe
11:17:02.0609 4040 RpcLocator - ok
11:17:02.0655 4040 [ 5C627D1B1138676C0A7AB2C2C190D123 ] RpcSs C:\windows\system32\rpcss.dll
11:17:02.0749 4040 RpcSs - ok
11:17:02.0780 4040 [ DDC86E4F8E7456261E637E3552E804FF ] rspndr C:\windows\system32\DRIVERS\rspndr.sys
11:17:02.0874 4040 rspndr - ok
11:17:02.0921 4040 [ 36FCA0C67BCDC0DA047F5F36743B5CB9 ] RSUSBVSTOR C:\windows\system32\Drivers\RtsUVStor.sys
11:17:02.0999 4040 RSUSBVSTOR - ok
11:17:03.0061 4040 [ E50CFB92986DCAB49DE93788FD695813 ] RTL8167 C:\windows\system32\DRIVERS\Rt64win7.sys
11:17:03.0092 4040 RTL8167 - ok
11:17:03.0170 4040 [ 513338976B722822B555D739D78F9E9F ] RTL8192Ce C:\windows\system32\DRIVERS\rtl8192Ce.sys
11:17:03.0217 4040 RTL8192Ce - ok
11:17:03.0248 4040 [ C118A82CD78818C29AB228366EBF81C3 ] SamSs C:\windows\system32\lsass.exe
11:17:03.0279 4040 SamSs - ok
11:17:03.0311 4040 [ AC03AF3329579FFFB455AA2DAABBE22B ] sbp2port C:\windows\system32\drivers\sbp2port.sys
11:17:03.0342 4040 sbp2port - ok
11:17:03.0373 4040 [ 9B7395789E3791A3B6D000FE6F8B131E ] SCardSvr C:\windows\System32\SCardSvr.dll
11:17:03.0467 4040 SCardSvr - ok
11:17:03.0482 4040 [ 253F38D0D7074C02FF8DEB9836C97D2B ] scfilter C:\windows\system32\DRIVERS\scfilter.sys
11:17:03.0576 4040 scfilter - ok
11:17:03.0857 4040 [ 262F6592C3299C005FD6BEC90FC4463A ] Schedule C:\windows\system32\schedsvc.dll
11:17:04.0013 4040 Schedule - ok
11:17:04.0091 4040 [ F17D1D393BBC69C5322FBFAFACA28C7F ] SCPolicySvc C:\windows\System32\certprop.dll
11:17:04.0200 4040 SCPolicySvc - ok
11:17:04.0325 4040 [ 6EA4234DC55346E0709560FE7C2C1972 ] SDRSVC C:\windows\System32\SDRSVC.dll
11:17:04.0418 4040 SDRSVC - ok
11:17:04.0465 4040 [ 3EA8A16169C26AFBEB544E0E48421186 ] secdrv C:\windows\system32\drivers\secdrv.sys
11:17:04.0559 4040 secdrv - ok
11:17:04.0590 4040 [ BC617A4E1B4FA8DF523A061739A0BD87 ] seclogon C:\windows\system32\seclogon.dll
11:17:04.0683 4040 seclogon - ok
11:17:04.0699 4040 [ C32AB8FA018EF34C0F113BD501436D21 ] SENS C:\windows\System32\sens.dll
11:17:04.0793 4040 SENS - ok
11:17:04.0824 4040 [ 0336CFFAFAAB87A11541F1CF1594B2B2 ] SensrSvc C:\windows\system32\sensrsvc.dll
11:17:04.0886 4040 SensrSvc - ok
11:17:04.0917 4040 [ CB624C0035412AF0DEBEC78C41F5CA1B ] Serenum C:\windows\system32\drivers\serenum.sys
11:17:04.0964 4040 Serenum - ok
11:17:04.0980 4040 [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6 ] Serial C:\windows\system32\drivers\serial.sys
11:17:05.0027 4040 Serial - ok
11:17:05.0027 4040 [ 1C545A7D0691CC4A027396535691C3E3 ] sermouse C:\windows\system32\drivers\sermouse.sys
11:17:05.0073 4040 sermouse - ok
11:17:05.0136 4040 [ 0B6231BF38174A1628C4AC812CC75804 ] SessionEnv C:\windows\system32\sessenv.dll
11:17:05.0245 4040 SessionEnv - ok
11:17:05.0245 4040 [ A554811BCD09279536440C964AE35BBF ] sffdisk C:\windows\system32\drivers\sffdisk.sys
11:17:05.0292 4040 sffdisk - ok
11:17:05.0323 4040 [ FF414F0BAEFEBA59BC6C04B3DB0B87BF ] sffp_mmc C:\windows\system32\drivers\sffp_mmc.sys
11:17:05.0417 4040 sffp_mmc - ok
11:17:05.0432 4040 [ DD85B78243A19B59F0637DCF284DA63C ] sffp_sd C:\windows\system32\drivers\sffp_sd.sys
11:17:05.0479 4040 sffp_sd - ok
11:17:05.0495 4040 [ A9D601643A1647211A1EE2EC4E433FF4 ] sfloppy C:\windows\system32\drivers\sfloppy.sys
11:17:05.0526 4040 sfloppy - ok
11:17:05.0573 4040 [ B95F6501A2F8B2E78C697FEC401970CE ] SharedAccess C:\windows\System32\ipnathlp.dll
11:17:05.0666 4040 SharedAccess - ok
11:17:05.0713 4040 [ AAF932B4011D14052955D4B212A4DA8D ] ShellHWDetection C:\windows\System32\shsvcs.dll
11:17:05.0822 4040 ShellHWDetection - ok
11:17:05.0838 4040 [ 843CAF1E5FDE1FFD5FF768F23A51E2E1 ] SiSRaid2 C:\windows\system32\drivers\SiSRaid2.sys
11:17:05.0869 4040 SiSRaid2 - ok
11:17:05.0900 4040 [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4 ] SiSRaid4 C:\windows\system32\drivers\sisraid4.sys
11:17:05.0931 4040 SiSRaid4 - ok
11:17:05.0931 4040 [ 548260A7B8654E024DC30BF8A7C5BAA4 ] Smb C:\windows\system32\DRIVERS\smb.sys
11:17:06.0041 4040 Smb - ok
11:17:06.0087 4040 [ 6313F223E817CC09AA41811DAA7F541D ] SNMPTRAP C:\windows\System32\snmptrap.exe
11:17:06.0134 4040 SNMPTRAP - ok
11:17:06.0165 4040 [ B9E31E5CACDFE584F34F730A677803F9 ] spldr C:\windows\system32\drivers\spldr.sys
11:17:06.0197 4040 spldr - ok
11:17:06.0228 4040 [ 85DAA09A98C9286D4EA2BA8D0E644377 ] Spooler C:\windows\System32\spoolsv.exe
11:17:06.0290 4040 Spooler - ok
11:17:06.0399 4040 [ E17E0188BB90FAE42D83E98707EFA59C ] sppsvc C:\windows\system32\sppsvc.exe
11:17:06.0587 4040 sppsvc - ok
11:17:06.0633 4040 [ 93D7D61317F3D4BC4F4E9F8A96A7DE45 ] sppuinotify C:\windows\system32\sppuinotify.dll
11:17:06.0711 4040 sppuinotify - ok
11:17:06.0758 4040 [ 441FBA48BFF01FDB9D5969EBC1838F0B ] srv C:\windows\system32\DRIVERS\srv.sys
11:17:06.0836 4040 srv - ok
11:17:06.0852 4040 [ B4ADEBBF5E3677CCE9651E0F01F7CC28 ] srv2 C:\windows\system32\DRIVERS\srv2.sys
11:17:06.0899 4040 srv2 - ok
11:17:06.0930 4040 [ 27E461F0BE5BFF5FC737328F749538C3 ] srvnet C:\windows\system32\DRIVERS\srvnet.sys
11:17:06.0961 4040 srvnet - ok
11:17:07.0023 4040 [ 51B52FBD583CDE8AA9BA62B8B4298F33 ] SSDPSRV C:\windows\System32\ssdpsrv.dll
11:17:07.0117 4040 SSDPSRV - ok
11:17:07.0133 4040 [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB ] SstpSvc C:\windows\system32\sstpsvc.dll
11:17:07.0226 4040 SstpSvc - ok
11:17:07.0273 4040 [ F3817967ED533D08327DC73BC4D5542A ] stexstor C:\windows\system32\drivers\stexstor.sys
11:17:07.0304 4040 stexstor - ok
11:17:07.0367 4040 [ 8DD52E8E6128F4B2DA92CE27402871C1 ] stisvc C:\windows\System32\wiaservc.dll
11:17:07.0429 4040 stisvc - ok
11:17:07.0445 4040 [ D01EC09B6711A5F8E7E6564A4D0FBC90 ] swenum C:\windows\system32\DRIVERS\swenum.sys
11:17:07.0460 4040 swenum - ok
11:17:07.0507 4040 [ E08E46FDD841B7184194011CA1955A0B ] swprv C:\windows\System32\swprv.dll
11:17:07.0616 4040 swprv - ok
11:17:07.0741 4040 [ 06D602A637E171E151853F1D8ECD34F1 ] SynTP C:\windows\system32\DRIVERS\SynTP.sys
11:17:07.0803 4040 SynTP - ok
11:17:07.0897 4040 [ BF9CCC0BF39B418C8D0AE8B05CF95B7D ] SysMain C:\windows\system32\sysmain.dll
11:17:07.0991 4040 SysMain - ok
11:17:08.0022 4040 [ E3C61FD7B7C2557E1F1B0B4CEC713585 ] TabletInputService C:\windows\System32\TabSvc.dll
11:17:08.0084 4040 TabletInputService - ok
11:17:08.0115 4040 [ 40F0849F65D13EE87B9A9AE3C1DD6823 ] TapiSrv C:\windows\System32\tapisrv.dll
11:17:08.0225 4040 TapiSrv - ok
11:17:08.0256 4040 [ 1BE03AC720F4D302EA01D40F588162F6 ] TBS C:\windows\System32\tbssvc.dll
11:17:08.0334 4040 TBS - ok
11:17:08.0412 4040 [ 37608401DFDB388CAF66917F6B2D6FB0 ] Tcpip C:\windows\system32\drivers\tcpip.sys
11:17:08.0521 4040 Tcpip - ok
11:17:08.0568 4040 [ 37608401DFDB388CAF66917F6B2D6FB0 ] TCPIP6 C:\windows\system32\DRIVERS\tcpip.sys
11:17:08.0661 4040 TCPIP6 - ok
11:17:08.0693 4040 [ 1B16D0BD9841794A6E0CDE0CEF744ABC ] tcpipreg C:\windows\system32\drivers\tcpipreg.sys
11:17:08.0724 4040 tcpipreg - ok
11:17:08.0755 4040 [ FD542B661BD22FA69CA789AD0AC58C29 ] tdcmdpst C:\windows\system32\DRIVERS\tdcmdpst.sys
11:17:08.0771 4040 tdcmdpst - ok
11:17:08.0802 4040 [ 3371D21011695B16333A3934340C4E7C ] TDPIPE C:\windows\system32\drivers\tdpipe.sys
11:17:08.0864 4040 TDPIPE - ok
11:17:08.0895 4040 [ 51C5ECEB1CDEE2468A1748BE550CFBC8 ] TDTCP C:\windows\system32\drivers\tdtcp.sys
11:17:08.0942 4040 TDTCP - ok
11:17:08.0973 4040 [ DDAD5A7AB24D8B65F8D724F5C20FD806 ] tdx C:\windows\system32\DRIVERS\tdx.sys
11:17:09.0051 4040 tdx - ok
11:17:09.0067 4040 [ 561E7E1F06895D78DE991E01DD0FB6E5 ] TermDD C:\windows\system32\DRIVERS\termdd.sys
11:17:09.0098 4040 TermDD - ok
11:17:09.0161 4040 [ 2E648163254233755035B46DD7B89123 ] TermService C:\windows\System32\termsrv.dll
11:17:09.0270 4040 TermService - ok
11:17:09.0285 4040 [ F0344071948D1A1FA732231785A0664C ] Themes C:\windows\system32\themeservice.dll
11:17:09.0332 4040 Themes - ok
11:17:09.0363 4040 [ 7F35CA8296A52C7161088EB1D952E8ED ] Thpdrv C:\windows\system32\DRIVERS\thpdrv.sys
11:17:09.0379 4040 Thpdrv - ok
11:17:09.0410 4040 [ B4E609047434ED948AF7BDEF2FA66E38 ] Thpevm C:\windows\system32\DRIVERS\Thpevm.SYS
11:17:09.0426 4040 Thpevm - ok
11:17:09.0473 4040 [ 0B4734AE9EC70B843DF02E7B1C056377 ] Thpsrv C:\windows\system32\ThpSrv.exe
11:17:09.0519 4040 Thpsrv ( UnsignedFile.Multi.Generic ) - warning
11:17:09.0519 4040 Thpsrv - detected UnsignedFile.Multi.Generic (1)
11:17:09.0551 4040 [ E40E80D0304A73E8D269F7141D77250B ] THREADORDER C:\windows\system32\mmcss.dll
11:17:09.0629 4040 THREADORDER - ok
11:17:09.0691 4040 [ 71C321649B28638EE80A2EEB164C1DC8 ] TMachInfo C:\Program Files (x86)\TOSHIBA\TOSHIBA Service Station\TMachInfo.exe
11:17:09.0722 4040 TMachInfo - ok
11:17:09.0753 4040 [ 8E2C799D3476EAC32C3BA0DF7CE6AF19 ] TODDSrv C:\windows\system32\TODDSrv.exe
11:17:09.0785 4040 TODDSrv - ok
11:17:09.0863 4040 [ 1C73689B900428C7D054A41C4687F55C ] TosCoSrv C:\Program Files\TOSHIBA\Power Saver\TosCoSrv.exe
11:17:09.0909 4040 TosCoSrv - ok
11:17:09.0941 4040 [ 29D0886CF250FCEF1BF9E65AB8D2C0C8 ] TOSHIBA HDD SSD Alert Service C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSmartSrv.exe
11:17:09.0972 4040 TOSHIBA HDD SSD Alert Service - ok
11:17:10.0003 4040 [ 7E7AFD841694F6AC397E99D75CEAD49D ] TrkWks C:\windows\System32\trkwks.dll
11:17:10.0112 4040 TrkWks - ok
11:17:10.0143 4040 [ 773212B2AAA24C1E31F10246B15B276C ] TrustedInstaller C:\windows\servicing\TrustedInstaller.exe
11:17:10.0237 4040 TrustedInstaller - ok
11:17:10.0268 4040 [ CE18B2CDFC837C99E5FAE9CA6CBA5D30 ] tssecsrv C:\windows\system32\DRIVERS\tssecsrv.sys
11:17:10.0362 4040 tssecsrv - ok
11:17:10.0377 4040 [ D11C783E3EF9A3C52C0EBE83CC5000E9 ] TsUsbFlt C:\windows\system32\drivers\tsusbflt.sys
11:17:10.0409 4040 TsUsbFlt - ok
11:17:10.0440 4040 [ 9CC2CCAE8A84820EAECB886D477CBCB8 ] TsUsbGD C:\windows\system32\drivers\TsUsbGD.sys
11:17:10.0487 4040 TsUsbGD - ok
11:17:10.0502 4040 [ 3566A8DAAFA27AF944F5D705EAA64894 ] tunnel C:\windows\system32\DRIVERS\tunnel.sys
11:17:10.0627 4040 tunnel - ok
11:17:10.0658 4040 [ 550B567F9364D8F7684C3FB3EA665A72 ] TVALZ C:\windows\system32\DRIVERS\TVALZ_O.SYS
11:17:10.0674 4040 TVALZ - ok
11:17:10.0705 4040 [ B4DD609BD7E282BFC683CEC7EAAAAD67 ] uagp35 C:\windows\system32\drivers\uagp35.sys
11:17:10.0736 4040 uagp35 - ok
11:17:10.0767 4040 [ FF4232A1A64012BAA1FD97C7B67DF593 ] udfs C:\windows\system32\DRIVERS\udfs.sys
11:17:10.0861 4040 udfs - ok
11:17:10.0908 4040 [ 3CBDEC8D06B9968ABA702EBA076364A1 ] UI0Detect C:\windows\system32\UI0Detect.exe
11:17:10.0939 4040 UI0Detect - ok
11:17:10.0970 4040 [ 4BFE1BC28391222894CBF1E7D0E42320 ] uliagpkx C:\windows\system32\drivers\uliagpkx.sys
11:17:11.0001 4040 uliagpkx - ok
11:17:11.0017 4040 [ DC54A574663A895C8763AF0FA1FF7561 ] umbus C:\windows\system32\DRIVERS\umbus.sys
11:17:11.0064 4040 umbus - ok
11:17:11.0079 4040 [ B2E8E8CB557B156DA5493BBDDCC1474D ] UmPass C:\windows\system32\drivers\umpass.sys
11:17:11.0111 4040 UmPass - ok
11:17:11.0142 4040 [ D47EC6A8E81633DD18D2436B19BAF6DE ] upnphost C:\windows\System32\upnphost.dll
11:17:11.0267 4040 upnphost - ok
11:17:11.0298 4040 [ 6F1A3157A1C89435352CEB543CDB359C ] usbccgp C:\windows\system32\DRIVERS\usbccgp.sys
11:17:11.0329 4040 usbccgp - ok
11:17:11.0360 4040 [ AF0892A803FDDA7492F595368E3B68E7 ] usbcir C:\windows\system32\drivers\usbcir.sys
11:17:11.0391 4040 usbcir - ok
11:17:11.0407 4040 [ C025055FE7B87701EB042095DF1A2D7B ] usbehci C:\windows\system32\DRIVERS\usbehci.sys
11:17:11.0454 4040 usbehci - ok
11:17:11.0485 4040 [ 287C6C9410B111B68B52CA298F7B8C24 ] usbhub C:\windows\system32\DRIVERS\usbhub.sys
11:17:11.0547 4040 usbhub - ok
11:17:11.0579 4040 [ 9840FC418B4CBD632D3D0A667A725C31 ] usbohci C:\windows\system32\DRIVERS\usbohci.sys
11:17:11.0625 4040 usbohci - ok
11:17:11.0641 4040 [ 73188F58FB384E75C4063D29413CEE3D ] usbprint C:\windows\system32\DRIVERS\usbprint.sys
11:17:11.0688 4040 usbprint - ok
11:17:11.0719 4040 [ AAA2513C8AED8B54B189FD0C6B1634C0 ] usbscan C:\windows\system32\DRIVERS\usbscan.sys
11:17:11.0750 4040 usbscan - ok
11:17:11.0781 4040 [ FED648B01349A3C8395A5169DB5FB7D6 ] USBSTOR C:\windows\system32\DRIVERS\USBSTOR.SYS
11:17:11.0859 4040 USBSTOR - ok
11:17:11.0891 4040 [ 62069A34518BCF9C1FD9E74B3F6DB7CD ] usbuhci C:\windows\system32\drivers\usbuhci.sys
11:17:11.0922 4040 usbuhci - ok
11:17:11.0953 4040 [ 454800C2BC7F3927CE030141EE4F4C50 ] usbvideo C:\windows\system32\Drivers\usbvideo.sys
11:17:12.0000 4040 usbvideo - ok
11:17:12.0031 4040 [ EDBB23CBCF2CDF727D64FF9B51A6070E ] UxSms C:\windows\System32\uxsms.dll
11:17:12.0125 4040 UxSms - ok
11:17:12.0156 4040 [ C118A82CD78818C29AB228366EBF81C3 ] VaultSvc C:\windows\system32\lsass.exe
11:17:12.0171 4040 VaultSvc - ok
11:17:12.0203 4040 [ C5C876CCFC083FF3B128F933823E87BD ] vdrvroot C:\windows\system32\drivers\vdrvroot.sys
11:17:12.0234 4040 vdrvroot - ok
11:17:12.0265 4040 [ 8D6B481601D01A456E75C3210F1830BE ] vds C:\windows\System32\vds.exe
11:17:12.0374 4040 vds - ok
11:17:12.0390 4040 [ DA4DA3F5E02943C2DC8C6ED875DE68DD ] vga C:\windows\system32\DRIVERS\vgapnp.sys
11:17:12.0437 4040 vga - ok
11:17:12.0452 4040 [ 53E92A310193CB3C03BEA963DE7D9CFC ] VgaSave C:\windows\System32\drivers\vga.sys
11:17:12.0561 4040 VgaSave - ok
11:17:12.0577 4040 [ 2CE2DF28C83AEAF30084E1B1EB253CBB ] vhdmp C:\windows\system32\drivers\vhdmp.sys
11:17:12.0608 4040 vhdmp - ok
11:17:12.0639 4040 [ E5689D93FFE4E5D66C0178761240DD54 ] viaide C:\windows\system32\drivers\viaide.sys
11:17:12.0671 4040 viaide - ok
11:17:12.0686 4040 [ D2AAFD421940F640B407AEFAAEBD91B0 ] volmgr C:\windows\system32\drivers\volmgr.sys
11:17:12.0717 4040 volmgr - ok
11:17:12.0749 4040 [ A255814907C89BE58B79EF2F189B843B ] volmgrx C:\windows\system32\drivers\volmgrx.sys
11:17:12.0780 4040 volmgrx - ok
11:17:12.0811 4040 [ DF8126BD41180351A093A3AD2FC8903B ] volsnap C:\windows\system32\drivers\volsnap.sys
11:17:12.0858 4040 volsnap - ok
11:17:12.0873 4040 [ 5E2016EA6EBACA03C04FEAC5F330D997 ] vsmraid C:\windows\system32\drivers\vsmraid.sys
11:17:12.0905 4040 vsmraid - ok
11:17:12.0983 4040 [ B60BA0BC31B0CB414593E169F6F21CC2 ] VSS C:\windows\system32\vssvc.exe
11:17:13.0123 4040 VSS - ok
11:17:13.0154 4040 [ 36D4720B72B5C5D9CB2B9C29E9DF67A1 ] vwifibus C:\windows\system32\DRIVERS\vwifibus.sys
11:17:13.0201 4040 vwifibus - ok
11:17:13.0232 4040 [ 6A3D66263414FF0D6FA754C646612F3F ] vwififlt C:\windows\system32\DRIVERS\vwififlt.sys
11:17:13.0279 4040 vwififlt - ok
11:17:13.0295 4040 [ 6A638FC4BFDDC4D9B186C28C91BD1A01 ] vwifimp C:\windows\system32\DRIVERS\vwifimp.sys
11:17:13.0341 4040 vwifimp - ok
11:17:13.0373 4040 [ 1C9D80CC3849B3788048078C26486E1A ] W32Time C:\windows\system32\w32time.dll
11:17:13.0466 4040 W32Time - ok
11:17:13.0513 4040 [ 4E9440F4F152A7B944CB1663D3935A3E ] WacomPen C:\windows\system32\drivers\wacompen.sys
11:17:13.0560 4040 WacomPen - ok
11:17:13.0591 4040 [ 356AFD78A6ED4457169241AC3965230C ] WANARP C:\windows\system32\DRIVERS\wanarp.sys
11:17:13.0685 4040 WANARP - ok
11:17:13.0700 4040 [ 356AFD78A6ED4457169241AC3965230C ] Wanarpv6 C:\windows\system32\DRIVERS\wanarp.sys
11:17:13.0778 4040 Wanarpv6 - ok
11:17:13.0856 4040 [ 3CEC96DE223E49EAAE3651FCF8FAEA6C ] WatAdminSvc C:\windows\system32\Wat\WatAdminSvc.exe
11:17:13.0934 4040 WatAdminSvc - ok
11:17:13.0997 4040 [ 78F4E7F5C56CB9716238EB57DA4B6A75 ] wbengine C:\windows\system32\wbengine.exe
11:17:14.0090 4040 wbengine - ok
11:17:14.0121 4040 [ 3AA101E8EDAB2DB4131333F4325C76A3 ] WbioSrvc C:\windows\System32\wbiosrvc.dll
11:17:14.0168 4040 WbioSrvc - ok
11:17:14.0215 4040 [ 7368A2AFD46E5A4481D1DE9D14848EDD ] wcncsvc C:\windows\System32\wcncsvc.dll
11:17:14.0277 4040 wcncsvc - ok
11:17:14.0309 4040 [ 20F7441334B18CEE52027661DF4A6129 ] WcsPlugInService C:\windows\System32\WcsPlugInService.dll
11:17:14.0355 4040 WcsPlugInService - ok
11:17:14.0387 4040 [ 72889E16FF12BA0F235467D6091B17DC ] Wd C:\windows\system32\drivers\wd.sys
11:17:14.0433 4040 Wd - ok
11:17:14.0496 4040 [ 442783E2CB0DA19873B7A63833FF4CB4 ] Wdf01000 C:\windows\system32\drivers\Wdf01000.sys
11:17:14.0558 4040 Wdf01000 - ok
11:17:14.0589 4040 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiServiceHost C:\windows\system32\wdi.dll
11:17:14.0777 4040 WdiServiceHost - ok
11:17:14.0792 4040 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiSystemHost C:\windows\system32\wdi.dll
11:17:14.0839 4040 WdiSystemHost - ok
11:17:14.0870 4040 [ 3DB6D04E1C64272F8B14EB8BC4616280 ] WebClient C:\windows\System32\webclnt.dll
11:17:14.0933 4040 WebClient - ok
11:17:14.0964 4040 [ C749025A679C5103E575E3B48E092C43 ] Wecsvc C:\windows\system32\wecsvc.dll
11:17:15.0073 4040 Wecsvc - ok
11:17:15.0089 4040 [ 7E591867422DC788B9E5BD337A669A08 ] wercplsupport C:\windows\System32\wercplsupport.dll
11:17:15.0182 4040 wercplsupport - ok
11:17:15.0213 4040 [ 6D137963730144698CBD10F202E9F251 ] WerSvc C:\windows\System32\WerSvc.dll
11:17:15.0307 4040 WerSvc - ok
11:17:15.0323 4040 [ 611B23304BF067451A9FDEE01FBDD725 ] WfpLwf C:\windows\system32\DRIVERS\wfplwf.sys
11:17:15.0401 4040 WfpLwf - ok
11:17:15.0432 4040 [ 05ECAEC3E4529A7153B3136CEB49F0EC ] WIMMount C:\windows\system32\drivers\wimmount.sys
11:17:15.0463 4040 WIMMount - ok
11:17:15.0479 4040 WinDefend - ok
11:17:15.0494 4040 WinHttpAutoProxySvc - ok
11:17:15.0557 4040 [ 19B07E7E8915D701225DA41CB3877306 ] Winmgmt C:\windows\system32\wbem\WMIsvc.dll
11:17:15.0666 4040 Winmgmt - ok
11:17:15.0759 4040 [ BCB1310604AA415C4508708975B3931E ] WinRM C:\windows\system32\WsmSvc.dll
11:17:15.0900 4040 WinRM - ok
11:17:15.0978 4040 [ 4FADA86E62F18A1B2F42BA18AE24E6AA ] Wlansvc C:\windows\System32\wlansvc.dll
11:17:16.0040 4040 Wlansvc - ok
11:17:16.0087 4040 [ 06C8FA1CF39DE6A735B54D906BA791C6 ] wlcrasvc C:\Program Files\Windows Live\Mesh\wlcrasvc.exe
11:17:16.0134 4040 wlcrasvc - ok
11:17:16.0227 4040 [ 2BACD71123F42CEA603F4E205E1AE337 ] wlidsvc C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
11:17:16.0337 4040 wlidsvc - ok
11:17:16.0383 4040 [ F6FF8944478594D0E414D3F048F0D778 ] WmiAcpi C:\windows\system32\drivers\wmiacpi.sys
11:17:16.0430 4040 WmiAcpi - ok
11:17:16.0477 4040 [ 38B84C94C5A8AF291ADFEA478AE54F93 ] wmiApSrv C:\windows\system32\wbem\WmiApSrv.exe
11:17:16.0555 4040 wmiApSrv - ok
11:17:16.0586 4040 WMPNetworkSvc - ok
11:17:16.0617 4040 [ 96C6E7100D724C69FCF9E7BF590D1DCA ] WPCSvc C:\windows\System32\wpcsvc.dll
11:17:16.0664 4040 WPCSvc - ok
11:17:16.0695 4040 [ 93221146D4EBBF314C29B23CD6CC391D ] WPDBusEnum C:\windows\system32\wpdbusenum.dll
11:17:16.0727 4040 WPDBusEnum - ok
11:17:16.0758 4040 [ 6BCC1D7D2FD2453957C5479A32364E52 ] ws2ifsl C:\windows\system32\drivers\ws2ifsl.sys
11:17:16.0851 4040 ws2ifsl - ok
11:17:16.0867 4040 [ E8B1FE6669397D1772D8196DF0E57A9E ] wscsvc C:\windows\System32\wscsvc.dll
11:17:16.0945 4040 wscsvc - ok
11:17:16.0976 4040 WSearch - ok
11:17:17.0085 4040 [ D9EF901DCA379CFE914E9FA13B73B4C4 ] wuauserv C:\windows\system32\wuaueng.dll
11:17:17.0210 4040 wuauserv - ok
11:17:17.0257 4040 [ AB886378EEB55C6C75B4F2D14B6C869F ] WudfPf C:\windows\system32\drivers\WudfPf.sys
11:17:17.0319 4040 WudfPf - ok
11:17:17.0351 4040 [ DDA4CAF29D8C0A297F886BFE561E6659 ] WUDFRd C:\windows\system32\DRIVERS\WUDFRd.sys
11:17:17.0397 4040 WUDFRd - ok
11:17:17.0444 4040 [ B20F051B03A966392364C83F009F7D17 ] wudfsvc C:\windows\System32\WUDFSvc.dll
11:17:17.0491 4040 wudfsvc - ok
11:17:17.0538 4040 [ 9A3452B3C2A46C073166C5CF49FAD1AE ] WwanSvc C:\windows\System32\wwansvc.dll
11:17:17.0585 4040 WwanSvc - ok
11:17:17.0616 4040 ================ Scan global ===============================
11:17:17.0663 4040 [ BA0CD8C393E8C9F83354106093832C7B ] C:\windows\system32\basesrv.dll
11:17:17.0709 4040 [ F46BBAAC1C4980F4D0DD463F190A42D3 ] C:\windows\system32\winsrv.dll
11:17:17.0725 4040 [ F46BBAAC1C4980F4D0DD463F190A42D3 ] C:\windows\system32\winsrv.dll
11:17:17.0756 4040 [ D6160F9D869BA3AF0B787F971DB56368 ] C:\windows\system32\sxssrv.dll
11:17:17.0803 4040 [ 24ACB7E5BE595468E3B9AA488B9B4FCB ] C:\windows\system32\services.exe
11:17:17.0803 4040 [Global] - ok
11:17:17.0819 4040 ================ Scan MBR ==================================
11:17:17.0834 4040 [ 5B5E648D12FCADC244C1EC30318E1EB9 ] \Device\Harddisk0\DR0
11:17:18.0973 4040 \Device\Harddisk0\DR0 ( TDSS File System ) - warning
11:17:18.0973 4040 \Device\Harddisk0\DR0 - detected TDSS File System (1)
11:17:18.0973 4040 ================ Scan VBR ==================================
11:17:19.0051 4040 [ 097449B306C9E02264A8382D8BBE3894 ] \Device\Harddisk0\DR0\Partition1
11:17:19.0051 4040 \Device\Harddisk0\DR0\Partition1 - ok
11:17:19.0051 4040 ================ Scan active images ========================
11:17:19.0067 4040 [ 3E588B60EC061686BA05D33574A344C6 ] C:\Windows\System32\drivers\crashdmp.sys
11:17:19.0067 4040 C:\Windows\System32\drivers\crashdmp.sys - ok
11:17:19.0082 4040 [ 839B5FE3D48E9F35B22C21A3D5103F6C ] C:\Windows\System32\drivers\Dumpata.sys
11:17:19.0082 4040 C:\Windows\System32\drivers\Dumpata.sys - ok
11:17:19.0098 4040 [ 814DB88F2641691575A455CF25354098 ] C:\Windows\System32\drivers\dumpfve.sys
11:17:19.0113 4040 C:\Windows\System32\drivers\dumpfve.sys - ok
11:17:19.0113 4040 [ C25F0BAFA182CBCA2DD3C851C2E75796 ] C:\Windows\System32\drivers\msahci.sys
11:17:19.0113 4040 C:\Windows\System32\drivers\msahci.sys - ok
11:17:19.0129 4040 [ F036CE71586E93D94DAB220D7BDF4416 ] C:\Windows\System32\drivers\cdrom.sys
11:17:19.0129 4040 C:\Windows\System32\drivers\cdrom.sys - ok
11:17:19.0145 4040 [ 16A47CE2DECC9B099349A5F840654746 ] C:\Windows\System32\drivers\beep.sys
11:17:19.0145 4040 C:\Windows\System32\drivers\beep.sys - ok
11:17:19.0160 4040 [ 9899284589F75FA8724FF3D16AED75C1 ] C:\Windows\System32\drivers\null.sys
11:17:19.0160 4040 C:\Windows\System32\drivers\null.sys - ok
11:17:19.0176 4040 [ FC438D1430B28618E2D0C7C332A710AD ] C:\Windows\System32\drivers\watchdog.sys
11:17:19.0176 4040 C:\Windows\System32\drivers\watchdog.sys - ok
11:17:19.0191 4040 [ CEA6CC257FC9B7715F1C2B4849286D24 ] C:\Windows\System32\drivers\RDPCDD.sys
11:17:19.0191 4040 C:\Windows\System32\drivers\RDPCDD.sys - ok
11:17:19.0207 4040 [ 53E92A310193CB3C03BEA963DE7D9CFC ] C:\Windows\System32\drivers\vga.sys
11:17:19.0207 4040 C:\Windows\System32\drivers\vga.sys - ok
11:17:19.0223 4040 [ E7353D59C9842BC7299FAEB7E7E09340 ] C:\Windows\System32\drivers\videoprt.sys
11:17:19.0223 4040 C:\Windows\System32\drivers\videoprt.sys - ok
11:17:19.0238 4040 [ BB5971A4F00659529A5C44831AF22365 ] C:\Windows\System32\drivers\RDPENCDD.sys
11:17:19.0238 4040 C:\Windows\System32\drivers\RDPENCDD.sys - ok
11:17:19.0254 4040 [ 216F3FA57533D98E1F74DED70113177A ] C:\Windows\System32\drivers\RDPREFMP.sys
11:17:19.0254 4040 C:\Windows\System32\drivers\RDPREFMP.sys - ok
11:17:19.0269 4040 [ AA3FB40E17CE1388FA1BEDAB50EA8F96 ] C:\Windows\System32\drivers\msfs.sys
11:17:19.0269 4040 C:\Windows\System32\drivers\msfs.sys - ok
11:17:19.0285 4040 [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7 ] C:\Windows\System32\drivers\npfs.sys
11:17:19.0285 4040 C:\Windows\System32\drivers\npfs.sys - ok
11:17:19.0285 4040 [ 6F020A220388ECA0AB6062DC27BD16B6 ] C:\Windows\System32\drivers\tdi.sys
11:17:19.0285 4040 C:\Windows\System32\drivers\tdi.sys - ok
11:17:19.0301 4040 [ DDAD5A7AB24D8B65F8D724F5C20FD806 ] C:\Windows\System32\drivers\tdx.sys
11:17:19.0301 4040 C:\Windows\System32\drivers\tdx.sys - ok
11:17:19.0316 4040 [ 1C7857B62DE5994A75B054A9FD4C3825 ] C:\Windows\System32\drivers\afd.sys
11:17:19.0316 4040 C:\Windows\System32\drivers\afd.sys - ok
11:17:19.0332 4040 [ 09594D1089C523423B32A4229263F068 ] C:\Windows\System32\drivers\netbt.sys
11:17:19.0332 4040 C:\Windows\System32\drivers\netbt.sys - ok
11:17:19.0347 4040 [ 611B23304BF067451A9FDEE01FBDD725 ] C:\Windows\System32\drivers\wfplwf.sys
11:17:19.0347 4040 C:\Windows\System32\drivers\wfplwf.sys - ok
11:17:19.0363 4040 [ 0557CF5A2556BD58E26384169D72438D ] C:\Windows\System32\drivers\pacer.sys
11:17:19.0363 4040 C:\Windows\System32\drivers\pacer.sys - ok
11:17:19.0379 4040 [ 86743D9F5D2B1048062B14B1D84501C4 ] C:\Windows\System32\drivers\netbios.sys
11:17:19.0379 4040 C:\Windows\System32\drivers\netbios.sys - ok
11:17:19.0394 4040 [ 6A3D66263414FF0D6FA754C646612F3F ] C:\Windows\System32\drivers\vwififlt.sys
11:17:19.0394 4040 C:\Windows\System32\drivers\vwififlt.sys - ok
11:17:19.0410 4040 [ 356AFD78A6ED4457169241AC3965230C ] C:\Windows\System32\drivers\wanarp.sys
11:17:19.0410 4040 C:\Windows\System32\drivers\wanarp.sys - ok
11:17:19.0425 4040 [ 561E7E1F06895D78DE991E01DD0FB6E5 ] C:\Windows\System32\drivers\termdd.sys
11:17:19.0425 4040 C:\Windows\System32\drivers\termdd.sys - ok
11:17:19.0441 4040 [ E7F5AE18AF4168178A642A9247C63001 ] C:\Windows\System32\drivers\nsiproxy.sys
11:17:19.0441 4040 C:\Windows\System32\drivers\nsiproxy.sys - ok
11:17:19.0441 4040 [ 77F665941019A1594D887A74F301FA2F ] C:\Windows\System32\drivers\rdbss.sys
11:17:19.0441 4040 C:\Windows\System32\drivers\rdbss.sys - ok
11:17:19.0457 4040 [ 13096B05847EC78F0977F2C0F79E9AB3 ] C:\Windows\System32\drivers\discache.sys
11:17:19.0457 4040 C:\Windows\System32\drivers\discache.sys - ok
11:17:19.0472 4040 [ 0EED230E37515A0EAEE3C2E1BC97B288 ] C:\Windows\System32\drivers\mssmbios.sys
11:17:19.0472 4040 C:\Windows\System32\drivers\mssmbios.sys - ok
11:17:19.0488 4040 [ 61583EE3C3A17003C4ACD0475646B4D3 ] C:\Windows\System32\drivers\blbdrive.sys
11:17:19.0488 4040 C:\Windows\System32\drivers\blbdrive.sys - ok
11:17:19.0503 4040 [ 9BB2EF44EAA163B29C4A4587887A0FE4 ] C:\Windows\System32\drivers\dfsc.sys
11:17:19.0503 4040 C:\Windows\System32\drivers\dfsc.sys - ok
11:17:19.0519 4040 [ 3566A8DAAFA27AF944F5D705EAA64894 ] C:\Windows\System32\drivers\tunnel.sys
11:17:19.0519 4040 C:\Windows\System32\drivers\tunnel.sys - ok
11:17:19.0535 4040 [ 1E56388B3FE0D031C44144EB8C4D6217 ] C:\Windows\System32\drivers\amdppm.sys
11:17:19.0535 4040 C:\Windows\System32\drivers\amdppm.sys - ok
11:17:19.0535 4040 [ 1EEFFCE9A3A65A56A28793EAA3F57026 ] C:\Windows\System32\drivers\atikmpag.sys
11:17:19.0535 4040 C:\Windows\System32\drivers\atikmpag.sys - ok
11:17:19.0550 4040 [ CF95B85FF8D128385ABD411C8CA74DED ] C:\Windows\System32\ntdll.dll
11:17:19.0550 4040 C:\Windows\System32\ntdll.dll - ok
11:17:19.0566 4040 [ 1911A3356FA3F77CCC825CCBAC038C2A ] C:\Windows\System32\smss.exe
11:17:19.0566 4040 C:\Windows\System32\smss.exe - ok
11:17:19.0581 4040 [ 3B536A8BEC3B4F23FFDFD78B11A2AB93 ] C:\Windows\System32\autochk.exe
11:17:19.0581 4040 C:\Windows\System32\autochk.exe - ok
11:17:19.0597 4040 [ 194D76D2083318A2E7071A988E02ECF4 ] C:\Windows\System32\drivers\atikmdag.sys
11:17:19.0597 4040 C:\Windows\System32\drivers\atikmdag.sys - ok
11:17:19.0613 4040 [ 85DBF6EC7BDFA6187F4A1EC8F3145CD0 ] C:\Windows\System32\drivers\dxgkrnl.sys
11:17:19.0613 4040 C:\Windows\System32\drivers\dxgkrnl.sys - ok
11:17:19.0628 4040 [ D0BF5B74A3B75F5B07DF04DA258A29B9 ] C:\Windows\System32\drivers\dxgmms1.sys
11:17:19.0628 4040 C:\Windows\System32\drivers\dxgmms1.sys - ok
11:17:19.0644 4040 [ FD542B661BD22FA69CA789AD0AC58C29 ] C:\Windows\System32\drivers\tdcmdpst.sys
11:17:19.0644 4040 C:\Windows\System32\drivers\tdcmdpst.sys - ok
11:17:19.0644 4040 [ D87E1E59C73C1F98D5DED5B3850C40F5 ] C:\Windows\System32\psapi.dll
11:17:19.0644 4040 C:\Windows\System32\psapi.dll - ok
11:17:19.0659 4040 [ AE259C75F9A0B057B6BF9E9695632B09 ] C:\Windows\System32\drivers\usbport.sys
11:17:19.0659 4040 C:\Windows\System32\drivers\usbport.sys - ok
11:17:19.0675 4040 [ C025055FE7B87701EB042095DF1A2D7B ] C:\Windows\System32\drivers\usbehci.sys
11:17:19.0675 4040 C:\Windows\System32\drivers\usbehci.sys - ok
11:17:19.0691 4040 [ 9840FC418B4CBD632D3D0A667A725C31 ] C:\Windows\System32\drivers\usbohci.sys
11:17:19.0691 4040 C:\Windows\System32\drivers\usbohci.sys - ok
11:17:19.0706 4040 [ 97BFED39B6B79EB12CDDBFEED51F56BB ] C:\Windows\System32\drivers\hdaudbus.sys
11:17:19.0706 4040 C:\Windows\System32\drivers\hdaudbus.sys - ok
11:17:19.0722 4040 [ FA55C73D4AFFA7EE23AC4BE53B4592D3 ] C:\Windows\System32\drivers\i8042prt.sys
11:17:19.0722 4040 C:\Windows\System32\drivers\i8042prt.sys - ok
11:17:19.0737 4040 [ BC02336F1CBA7DCC7D1213BB588A68A5 ] C:\Windows\System32\drivers\kbdclass.sys
11:17:19.0737 4040 C:\Windows\System32\drivers\kbdclass.sys - ok
11:17:19.0737 4040 [ 06D602A637E171E151853F1D8ECD34F1 ] C:\Windows\System32\drivers\SynTP.sys
11:17:19.0737 4040 C:\Windows\System32\drivers\SynTP.sys - ok
11:17:19.0753 4040 [ CCA2AB1752A61F29C3C941CD79D78CEA ] C:\Windows\System32\drivers\usbd.sys
11:17:19.0753 4040 C:\Windows\System32\drivers\usbd.sys - ok
11:17:19.0769 4040 [ 7D27EA49F3C1F687D357E77A470AEA99 ] C:\Windows\System32\drivers\mouclass.sys
11:17:19.0769 4040 C:\Windows\System32\drivers\mouclass.sys - ok
11:17:19.0784 4040 [ 0840155D0BDDF1190F84A663C284BD33 ] C:\Windows\System32\drivers\CmBatt.sys
11:17:19.0784 4040 C:\Windows\System32\drivers\CmBatt.sys - ok
11:17:19.0800 4040 [ 513338976B722822B555D739D78F9E9F ] C:\Windows\System32\drivers\rtl8192ce.sys
11:17:19.0800 4040 C:\Windows\System32\drivers\rtl8192ce.sys - ok
11:17:19.0815 4040 [ 36D4720B72B5C5D9CB2B9C29E9DF67A1 ] C:\Windows\System32\drivers\vwifibus.sys
11:17:19.0815 4040 C:\Windows\System32\drivers\vwifibus.sys - ok
11:17:19.0831 4040 [ E50CFB92986DCAB49DE93788FD695813 ] C:\Windows\System32\drivers\Rt64win7.sys
11:17:19.0831 4040 C:\Windows\System32\drivers\Rt64win7.sys - ok
11:17:19.0847 4040 [ 03EDB043586CCEBA243D689BDDA370A8 ] C:\Windows\System32\drivers\CompositeBus.sys
11:17:19.0847 4040 C:\Windows\System32\drivers\CompositeBus.sys - ok
11:17:19.0862 4040 [ 60ACB128E64C35C2B4E4AAB1B0A5C293 ] C:\Windows\System32\drivers\FwLnk.sys
11:17:19.0862 4040 C:\Windows\System32\drivers\FwLnk.sys - ok
11:17:19.0878 4040 [ 7ECFF9B22276B73F43A99A15A6094E90 ] C:\Windows\System32\drivers\agilevpn.sys
11:17:19.0878 4040 C:\Windows\System32\drivers\agilevpn.sys - ok
11:17:19.0893 4040 [ 471815800AE33E6F1C32FB1B97C490CA ] C:\Windows\System32\drivers\rasl2tp.sys
11:17:19.0893 4040 C:\Windows\System32\drivers\rasl2tp.sys - ok
11:17:19.0893 4040 [ 30639C932D9FEF22B31268FE25A1B6E5 ] C:\Windows\System32\drivers\ndistapi.sys
11:17:19.0893 4040 C:\Windows\System32\drivers\ndistapi.sys - ok
11:17:19.0909 4040 [ 53F7305169863F0A2BDDC49E116C2E11 ] C:\Windows\System32\drivers\ndiswan.sys
11:17:19.0909 4040 C:\Windows\System32\drivers\ndiswan.sys - ok
11:17:19.0925 4040 [ 855C9B1CD4756C5E9A2AA58A15F58C25 ] C:\Windows\System32\drivers\raspppoe.sys
11:17:19.0925 4040 C:\Windows\System32\drivers\raspppoe.sys - ok
11:17:19.0940 4040 [ F92A2C41117A11A00BE01CA01A7FCDE9 ] C:\Windows\System32\drivers\raspptp.sys
11:17:19.0940 4040 C:\Windows\System32\drivers\raspptp.sys - ok
11:17:19.0956 4040 [ E8B1E447B008D07FF47D016C2B0EEECB ] C:\Windows\System32\drivers\rassstp.sys
11:17:19.0956 4040 C:\Windows\System32\drivers\rassstp.sys - ok
11:17:19.0971 4040 [ EAF32CB8C1F810E4715B4DFBE785C7FF ] C:\Windows\System32\shlwapi.dll
11:17:19.0971 4040 C:\Windows\System32\shlwapi.dll - ok
11:17:19.0987 4040 [ 24FBF5CC5C04150073C315A7C83521EE ] C:\Windows\System32\drivers\ks.sys
11:17:19.0987 4040 C:\Windows\System32\drivers\ks.sys - ok
11:17:20.0003 4040 [ A19DB004D954BBC9C4EC125711E1D1C2 ] C:\Windows\System32\wininet.dll
11:17:20.0003 4040 C:\Windows\System32\wininet.dll - ok
11:17:20.0003 4040 [ D01EC09B6711A5F8E7E6564A4D0FBC90 ] C:\Windows\System32\drivers\swenum.sys
11:17:20.0003 4040 C:\Windows\System32\drivers\swenum.sys - ok
11:17:20.0018 4040 [ DC54A574663A895C8763AF0FA1FF7561 ] C:\Windows\System32\drivers\umbus.sys
11:17:20.0018 4040 C:\Windows\System32\drivers\umbus.sys - ok
11:17:20.0034 4040 [ 1084AA52CCC324EA54C7121FA24C2221 ] C:\Windows\System32\gdi32.dll
11:17:20.0034 4040 C:\Windows\System32\gdi32.dll - ok
11:17:20.0049 4040 [ 287C6C9410B111B68B52CA298F7B8C24 ] C:\Windows\System32\drivers\usbhub.sys
11:17:20.0049 4040 C:\Windows\System32\drivers\usbhub.sys - ok
11:17:20.0065 4040 [ EAF41CFBA5281834CBC383C710AC7965 ] C:\Windows\System32\kernel32.dll
11:17:20.0065 4040 C:\Windows\System32\kernel32.dll - ok
11:17:20.0081 4040 [ E519FD2CE6D57062400537C95C3B17FD ] C:\Windows\System32\urlmon.dll
11:17:20.0081 4040 C:\Windows\System32\urlmon.dll - ok
11:17:20.0081 4040 [ 28C0B5024F5C5A438E78B188CFC81B7F ] C:\Windows\System32\normaliz.dll
11:17:20.0096 4040 C:\Windows\System32\normaliz.dll - ok
11:17:20.0096 4040 [ 4E4FFB09D895AA000DD56D1404F69A7E ] C:\Windows\System32\Wldap32.dll
11:17:20.0096 4040 C:\Windows\System32\Wldap32.dll - ok
11:17:20.0112 4040 [ 044FE45FFD6AD40E3BBBE60B7F41BABE ] C:\Windows\System32\nsi.dll
11:17:20.0112 4040 C:\Windows\System32\nsi.dll - ok
11:17:20.0127 4040 [ 015C0D8E0E0421B4CFD48CFFE2825879 ] C:\Windows\System32\drivers\ndproxy.sys
11:17:20.0127 4040 C:\Windows\System32\drivers\ndproxy.sys - ok
11:17:20.0143 4040 [ C391FC68282A000CDF953F8B6B55D2EF ] C:\Windows\System32\msvcrt.dll
11:17:20.0143 4040 C:\Windows\System32\msvcrt.dll - ok
11:17:20.0159 4040 [ 83404DCBCE4925B6A5A77C5170F46D86 ] C:\Windows\System32\sechost.dll
11:17:20.0159 4040 C:\Windows\System32\sechost.dll - ok
11:17:20.0174 4040 [ D25968D163EC487A50C8C6A91D4134B4 ] C:\Windows\System32\iertutil.dll
11:17:20.0174 4040 C:\Windows\System32\iertutil.dll - ok
11:17:20.0190 4040 [ 21D26064AEDB4988F785BB4A3A2C051E ] C:\Windows\System32\drivers\drmk.sys
11:17:20.0190 4040 C:\Windows\System32\drivers\drmk.sys - ok
11:17:20.0205 4040 [ 32E11315B5126921FFD9074840EF13D3 ] C:\Windows\System32\drivers\portcls.sys
11:17:20.0205 4040 C:\Windows\System32\drivers\portcls.sys - ok
11:17:20.0221 4040 [ 0A30A899C6295F908729EDA7F95615A8 ] C:\Windows\System32\drivers\RTKVHD64.sys
11:17:20.0221 4040 C:\Windows\System32\drivers\RTKVHD64.sys - ok
11:17:20.0237 4040 [ 6869281E78CB31A43E969F06B57347C4 ] C:\Windows\System32\drivers\ksthunk.sys
11:17:20.0237 4040 C:\Windows\System32\drivers\ksthunk.sys - ok
11:17:20.0252 4040 [ 0611473C1AD9E2D991CD9482068417F7 ] C:\Windows\System32\rpcrt4.dll
11:17:20.0252 4040 C:\Windows\System32\rpcrt4.dll - ok
11:17:20.0252 4040 [ AA2C08CE85653B1A0D2E4AB407FA176C ] C:\Windows\System32\imm32.dll
11:17:20.0268 4040 C:\Windows\System32\imm32.dll - ok
11:17:20.0283 4040 [ C6689007B3A749C49A5438DCF36E0CE4 ] C:\Windows\System32\shell32.dll
11:17:20.0283 4040 C:\Windows\System32\shell32.dll - ok
11:17:20.0283 4040 [ C431EAF5CAA1C82CAC2534A2EAB348A3 ] C:\Windows\System32\msctf.dll
11:17:20.0283 4040 C:\Windows\System32\msctf.dll - ok
11:17:20.0299 4040 [ 9835E63E09F824D22B689D2BB789BAB9 ] C:\Windows\System32\comdlg32.dll
11:17:20.0299 4040 C:\Windows\System32\comdlg32.dll - ok
11:17:20.0330 4040 [ A1BE6A720D02E37F72E9CD89AE9CB3CF ] C:\Windows\System32\imagehlp.dll
11:17:20.0330 4040 C:\Windows\System32\imagehlp.dll - ok
11:17:20.0346 4040 [ 5D8E6C95156ED1F79A63D1EADE6F9ED5 ] C:\Windows\System32\setupapi.dll
11:17:20.0346 4040 C:\Windows\System32\setupapi.dll - ok
11:17:20.0361 4040 [ 4BBFA57F594F7E8A8EDC8F377184C3F0 ] C:\Windows\System32\ws2_32.dll
11:17:20.0361 4040 C:\Windows\System32\ws2_32.dll - ok
11:17:20.0377 4040 [ 6DF46D2BD74E3DA1B45F08F10D172732 ] C:\Windows\System32\advapi32.dll
11:17:20.0377 4040 C:\Windows\System32\advapi32.dll - ok
11:17:20.0393 4040 [ 2F8B1E3EE3545D3B5A8D56FA1AE07B65 ] C:\Windows\System32\usp10.dll
11:17:20.0393 4040 C:\Windows\System32\usp10.dll - ok
11:17:20.0408 4040 [ 25983DE69B57142039AC8D95E71CD9C9 ] C:\Windows\System32\clbcatq.dll
11:17:20.0408 4040 C:\Windows\System32\clbcatq.dll - ok
11:17:20.0424 4040 [ FE70103391A64039A921DBFFF9C7AB1B ] C:\Windows\System32\user32.dll
11:17:20.0424 4040 C:\Windows\System32\user32.dll - ok
11:17:20.0439 4040 [ 6C60B5ACA7442EFB794082CDACFC001C ] C:\Windows\System32\ole32.dll
11:17:20.0439 4040 C:\Windows\System32\ole32.dll - ok
11:17:20.0455 4040 [ 36FCA0C67BCDC0DA047F5F36743B5CB9 ] C:\Windows\System32\drivers\rtsuvstor.sys
11:17:20.0455 4040 C:\Windows\System32\drivers\rtsuvstor.sys - ok
11:17:20.0471 4040 [ F7CE0C81C545364020ED8203CF0A633E ] C:\Windows\System32\difxapi.dll
11:17:20.0471 4040 C:\Windows\System32\difxapi.dll - ok
11:17:20.0471 4040 [ C06B32165E23A72A898B7A89679AD754 ] C:\Windows\System32\oleaut32.dll
11:17:20.0471 4040 C:\Windows\System32\oleaut32.dll - ok
11:17:20.0486 4040 [ 12EE6FE9268CEE6D90FDCCBF89236C65 ] C:\Windows\System32\crypt32.dll
11:17:20.0486 4040 C:\Windows\System32\crypt32.dll - ok
11:17:20.0502 4040 [ 06FEC9E8117103BB1141A560E98077DA ] C:\Windows\System32\devobj.dll
11:17:20.0502 4040 C:\Windows\System32\devobj.dll - ok
11:17:20.0517 4040 [ D202223587518B13D72D68937B7E3F70 ] C:\Windows\System32\lpk.dll
11:17:20.0517 4040 C:\Windows\System32\lpk.dll - ok
11:17:20.0533 4040 [ CF0997050DB2B359D7F4103092296A1B ] C:\Windows\System32\KernelBase.dll
11:17:20.0533 4040 C:\Windows\System32\KernelBase.dll - ok
11:17:20.0549 4040 [ 14DFDEAF4E589ED3F1FF187A86B9408C ] C:\Windows\System32\comctl32.dll
11:17:20.0549 4040 C:\Windows\System32\comctl32.dll - ok
11:17:20.0564 4040 [ AA06902362B1422D7A7DA7061E07C624 ] C:\Windows\System32\wintrust.dll
11:17:20.0564 4040 C:\Windows\System32\wintrust.dll - ok
11:17:20.0580 4040 [ 2477A28081BDAEE622CF045ACF8EE124 ] C:\Windows\System32\cfgmgr32.dll
11:17:20.0580 4040 C:\Windows\System32\cfgmgr32.dll - ok
11:17:20.0595 4040 [ 6F1A3157A1C89435352CEB543CDB359C ] C:\Windows\System32\drivers\usbccgp.sys
11:17:20.0595 4040 C:\Windows\System32\drivers\usbccgp.sys - ok
11:17:20.0595 4040 [ 884415BD4269C02EAF8E2613BF85500D ] C:\Windows\System32\msasn1.dll
11:17:20.0595 4040 C:\Windows\System32\msasn1.dll - ok
11:17:20.0611 4040 [ 9C278785347BCC991F8EA2999D90F58D ] C:\Windows\SysWOW64\normaliz.dll
11:17:20.0611 4040 C:\Windows\SysWOW64\normaliz.dll - ok
11:17:20.0627 4040 [ 8B0E40E7E8BBF5ACF390465609D89FF1 ] C:\Windows\System32\drivers\hidclass.sys
11:17:20.0627 4040 C:\Windows\System32\drivers\hidclass.sys - ok
11:17:20.0642 4040 [ 49EE2E52E6CD03947DAD72F65367BE06 ] C:\Windows\System32\drivers\hidparse.sys
11:17:20.0642 4040 C:\Windows\System32\drivers\hidparse.sys - ok
11:17:20.0658 4040 [ 9592090A7E2B61CD582B612B6DF70536 ] C:\Windows\System32\drivers\hidusb.sys
11:17:20.0658 4040 C:\Windows\System32\drivers\hidusb.sys - ok
11:17:20.0673 4040 [ 91111CEBBDE8015E822C46120ED9537C ] C:\Windows\System32\drivers\PGEffect.sys
11:17:20.0673 4040 C:\Windows\System32\drivers\PGEffect.sys - ok
11:17:20.0689 4040 [ 454800C2BC7F3927CE030141EE4F4C50 ] C:\Windows\System32\drivers\usbvideo.sys
11:17:20.0689 4040 C:\Windows\System32\drivers\usbvideo.sys - ok
11:17:20.0689 4040 [ BF24D6F2ED97FE830BFD52B246F98E67 ] C:\Windows\System32\drivers\dxapi.sys
11:17:20.0689 4040 C:\Windows\System32\drivers\dxapi.sys - ok
11:17:20.0705 4040 [ 34B419EDEAC6F12B34908DE3758F98C9 ] C:\Windows\System32\win32k.sys
11:17:20.0720 4040 C:\Windows\System32\win32k.sys - ok
11:17:20.0720 4040 [ D3BF052C40B0C4166D9FD86A4288C1E6 ] C:\Windows\System32\drivers\mouhid.sys
11:17:20.0720 4040 C:\Windows\System32\drivers\mouhid.sys - ok
11:17:20.0736 4040 [ 60C2862B4BF0FD9F582EF344C2B1EC72 ] C:\Windows\System32\csrss.exe
11:17:20.0736 4040 C:\Windows\System32\csrss.exe - ok
11:17:20.0751 4040 [ 96F587CA26A6AA894BD8CACE4540CFFC ] C:\Windows\System32\csrsrv.dll
11:17:20.0751 4040 C:\Windows\System32\csrsrv.dll - ok
11:17:20.0767 4040 [ BA0CD8C393E8C9F83354106093832C7B ] C:\Windows\System32\basesrv.dll
11:17:20.0767 4040 C:\Windows\System32\basesrv.dll - ok
11:17:20.0783 4040 [ F46BBAAC1C4980F4D0DD463F190A42D3 ] C:\Windows\System32\winsrv.dll
11:17:20.0783 4040 C:\Windows\System32\winsrv.dll - ok
11:17:20.0798 4040 [ B03D591DC7DA45ECE20B3B467E6AADAA ] C:\Windows\System32\drivers\monitor.sys
11:17:20.0798 4040 C:\Windows\System32\drivers\monitor.sys - ok
11:17:20.0798 4040 [ F29FE765E1448EF371CFE05BFAC74ADB ] C:\Windows\System32\tsddd.dll
11:17:20.0798 4040 C:\Windows\System32\tsddd.dll - ok
11:17:20.0829 4040 [ D6160F9D869BA3AF0B787F971DB56368 ] C:\Windows\System32\sxssrv.dll
11:17:20.0829 4040 C:\Windows\System32\sxssrv.dll - ok
11:17:20.0845 4040 [ 94355C28C1970635A31B3FE52EB7CEBA ] C:\Windows\System32\wininit.exe
11:17:20.0845 4040 C:\Windows\System32\wininit.exe - ok
11:17:20.0861 4040 [ 943F527DF79E6B400104341AA7023C75 ] C:\Windows\System32\cdd.dll
11:17:20.0861 4040 C:\Windows\System32\cdd.dll - ok
11:17:20.0876 4040 [ 2C942733A5983DD4502219FF37C7EBC7 ] C:\Windows\System32\profapi.dll
11:17:20.0876 4040 C:\Windows\System32\profapi.dll - ok
11:17:20.0892 4040 [ C2A8CB1275ECB85D246A9ECC02A728E3 ] C:\Windows\System32\RpcRtRemote.dll
11:17:20.0892 4040 C:\Windows\System32\RpcRtRemote.dll - ok
11:17:20.0907 4040 [ 78523A26F5604C0568FE9D1CE86E36F4 ] C:\Windows\System32\KBDUS.DLL
11:17:20.0907 4040 C:\Windows\System32\KBDUS.DLL - ok
11:17:20.0923 4040 [ B26B1801356760841C3BC69F9F91537F ] C:\Windows\System32\WlS0WndH.dll
11:17:20.0923 4040 C:\Windows\System32\WlS0WndH.dll - ok
11:17:20.0939 4040 [ 9CEAD32E79A62150FE9F8557E58E008B ] C:\Windows\System32\sxs.dll
11:17:20.0939 4040 C:\Windows\System32\sxs.dll - ok
11:17:20.0954 4040 [ 784FA3DF338E2E8F5F0389D6FAC428AF ] C:\Windows\System32\cryptbase.dll
11:17:20.0954 4040 C:\Windows\System32\cryptbase.dll - ok
11:17:20.0970 4040 [ 90499F3163A9F815CF196A205EA3CD5D ] C:\Windows\System32\apphelp.dll
11:17:20.0970 4040 C:\Windows\System32\apphelp.dll - ok
11:17:20.0985 4040 [ C118A82CD78818C29AB228366EBF81C3 ] C:\Windows\System32\lsass.exe
11:17:20.0985 4040 C:\Windows\System32\lsass.exe - ok
11:17:20.0985 4040 [ 24ACB7E5BE595468E3B9AA488B9B4FCB ] C:\Windows\System32\services.exe
11:17:20.0985 4040 C:\Windows\System32\services.exe - ok
11:17:21.0001 4040 [ 66A6063D0BAAD3F7B2B9868859E0743B ] C:\Windows\System32\lsasrv.dll
11:17:21.0001 4040 C:\Windows\System32\lsasrv.dll - ok
11:17:21.0017 4040 [ 9662EE182644511439F1C53745DC1C88 ] C:\Windows\System32\lsm.exe
11:17:21.0017 4040 C:\Windows\System32\lsm.exe - ok
11:17:21.0032 4040 [ 3A0CE5FE781708CD6ABD55313607EC8B ] C:\Windows\System32\sspisrv.dll
11:17:21.0032 4040 C:\Windows\System32\sspisrv.dll - ok
11:17:21.0048 4040 [ E914A50A151DFFE63D3935226DB5E2C1 ] C:\Windows\System32\scext.dll
11:17:21.0048 4040 C:\Windows\System32\scext.dll - ok
11:17:21.0063 4040 [ B66BC8B20B7F33975865B1DF99783FD8 ] C:\Windows\System32\sspicli.dll
11:17:21.0063 4040 C:\Windows\System32\sspicli.dll - ok
11:17:21.0063 4040 [ 0144D8D75A0B12938AEEE859E3310A46 ] C:\Windows\System32\secur32.dll
11:17:21.0063 4040 C:\Windows\System32\secur32.dll - ok
11:17:21.0079 4040 [ A744BA6E04C8AA4592818178DBF89521 ] C:\Windows\System32\samsrv.dll
11:17:21.0079 4040 C:\Windows\System32\samsrv.dll - ok
11:17:21.0095 4040 [ BBCDF350817BA86416C0F06B6981BE8D ] C:\Windows\System32\scesrv.dll
11:17:21.0095 4040 C:\Windows\System32\scesrv.dll - ok
11:17:21.0126 4040 [ 1151B1BAA6F350B1DB6598E0FEA7C457 ] C:\Windows\System32\winlogon.exe
11:17:21.0126 4040 C:\Windows\System32\winlogon.exe - ok
11:17:21.0141 4040 [ 68083118797CAF30FB2EA3E71494D67E ] C:\Windows\System32\sysntfy.dll
11:17:21.0141 4040 C:\Windows\System32\sysntfy.dll - ok
11:17:21.0157 4040 [ DEE7267C5D232A3B816866872CE199E6 ] C:\Windows\System32\wmsgapi.dll
11:17:21.0157 4040 C:\Windows\System32\wmsgapi.dll - ok
11:17:21.0173 4040 [ 3A9C9BAF610B0DD4967086040B3B62A9 ] C:\Windows\System32\srvcli.dll
11:17:21.0173 4040 C:\Windows\System32\srvcli.dll - ok
11:17:21.0188 4040 [ 0D9764D58C5EFD672B7184854B152E5E ] C:\Windows\System32\winsta.dll
11:17:21.0188 4040 C:\Windows\System32\winsta.dll - ok
11:17:21.0188 4040 [ 3A061472B38233BAFF9CFEFF2E49C46B ] C:\Windows\System32\cryptdll.dll
11:17:21.0188 4040 C:\Windows\System32\cryptdll.dll - ok
11:17:21.0204 4040 [ 3C073B0C596A0AF84933E7406766B040 ] C:\Windows\System32\wevtapi.dll
11:17:21.0204 4040 C:\Windows\System32\wevtapi.dll - ok
11:17:21.0219 4040 [ 86FE1B1F8FD42CD0DB641AB1CDB13093 ] C:\Windows\System32\cngaudit.dll
11:17:21.0219 4040 C:\Windows\System32\cngaudit.dll - ok
11:17:21.0235 4040 [ 7FBEBD2229EA5FD48D41B199EC2D541C ] C:\Windows\System32\authz.dll
11:17:21.0235 4040 C:\Windows\System32\authz.dll - ok
11:17:21.0251 4040 [ 400645085A91BF3EB0271329B95AE0BE ] C:\Windows\System32\ncrypt.dll
11:17:21.0251 4040 C:\Windows\System32\ncrypt.dll - ok
11:17:21.0282 4040 [ B9A95365E52F421A20E1501935FADDA5 ] C:\Windows\System32\bcrypt.dll
11:17:21.0282 4040 C:\Windows\System32\bcrypt.dll - ok
11:17:21.0297 4040 [ 02B64609F865A39365FF88580DF11738 ] C:\Windows\System32\msprivs.dll
11:17:21.0297 4040 C:\Windows\System32\msprivs.dll - ok
11:17:21.0313 4040 [ C6505DE3561537BA1004D638C2F93F2F ] C:\Windows\System32\netjoin.dll
11:17:21.0313 4040 C:\Windows\System32\netjoin.dll - ok
11:17:21.0329 4040 [ 44E1A196DFCB53B01FE4B855C3B56A15 ] C:\Windows\System32\kerberos.dll
11:17:21.0329 4040 C:\Windows\System32\kerberos.dll - ok
11:17:21.0344 4040 [ 50532FCD7ECF02DD169CE5C485F02534 ] C:\Windows\System32\negoexts.dll
11:17:21.0344 4040 C:\Windows\System32\negoexts.dll - ok
11:17:21.0360 4040 [ D0C2FBB6D97416B0166478FC7AE2B212 ] C:\Windows\System32\cryptsp.dll
11:17:21.0360 4040 C:\Windows\System32\cryptsp.dll - ok
11:17:21.0375 4040 [ 1D5185A4C7E6695431AE4B55C3D7D333 ] C:\Windows\System32\mswsock.dll
11:17:21.0375 4040 C:\Windows\System32\mswsock.dll - ok
11:17:21.0391 4040 [ 94E026870A55AAEAFF7853C1754091E9 ] C:\Windows\System32\version.dll
11:17:21.0391 4040 C:\Windows\System32\version.dll - ok
11:17:21.0407 4040 [ EF12B8385AA2849999008A977918F96B ] C:\Windows\System32\msv1_0.dll
11:17:21.0407 4040 C:\Windows\System32\msv1_0.dll - ok
11:17:21.0422 4040 [ EC7CBFF96B05ECF3D366355B3C64ADCF ] C:\Windows\System32\wship6.dll
11:17:21.0422 4040 C:\Windows\System32\wship6.dll - ok
11:17:21.0438 4040 [ AA339DD8BB128EF66660DFBBB59043D3 ] C:\Windows\System32\netlogon.dll
11:17:21.0438 4040 C:\Windows\System32\netlogon.dll - ok
11:17:21.0453 4040 [ 492D07D79E7024CA310867B526D9636D ] C:\Windows\System32\dnsapi.dll
11:17:21.0453 4040 C:\Windows\System32\dnsapi.dll - ok
11:17:21.0453 4040 [ 8FFE297B8449386E7B6851458B6E474E ] C:\Windows\System32\logoncli.dll
11:17:21.0453 4040 C:\Windows\System32\logoncli.dll - ok
11:17:21.0469 4040 [ 1573C45E65DE32B1BC3572634F8F1E8E ] C:\Windows\System32\schannel.dll
11:17:21.0469 4040 C:\Windows\System32\schannel.dll - ok
11:17:21.0485 4040 [ 95FB6CA4374E343DDD653FCC43F9D26B ] C:\Windows\System32\wdigest.dll
11:17:21.0485 4040 C:\Windows\System32\wdigest.dll - ok
11:17:21.0500 4040 [ 5D8874A8C11DDDDE29E12DE0E2013493 ] C:\Windows\System32\rsaenh.dll
11:17:21.0500 4040 C:\Windows\System32\rsaenh.dll - ok
11:17:21.0516 4040 [ 8A25506B6948EFBD5A7F37E53CCD36D9 ] C:\Windows\System32\TSpkg.dll
11:17:21.0516 4040 C:\Windows\System32\TSpkg.dll - ok
11:17:21.0531 4040 [ E08088A97F95345E181C3DFCE2C615EF ] C:\Windows\System32\pku2u.dll
11:17:21.0531 4040 C:\Windows\System32\pku2u.dll - ok
11:17:21.0547 4040 [ 7DBA64AD70C2E2481C68D9E0F7CD7840 ] C:\Windows\System32\LIVESSP.DLL
11:17:21.0547 4040 C:\Windows\System32\LIVESSP.DLL - ok
11:17:21.0563 4040 [ D6C7780A364C6BBACFA796BAB9F1B374 ] C:\Windows\System32\bcryptprimitives.dll
11:17:21.0563 4040 C:\Windows\System32\bcryptprimitives.dll - ok
11:17:21.0563 4040 [ 90BDEFC5DF334E5100EAA781D798DE1A ] C:\Windows\System32\efslsaext.dll
11:17:21.0563 4040 C:\Windows\System32\efslsaext.dll - ok
11:17:21.0578 4040 [ 52D3D5E3586988D4D9E34ACAAC33105C ] C:\Windows\System32\credssp.dll
11:17:21.0578 4040 C:\Windows\System32\credssp.dll - ok
11:17:21.0594 4040 [ ED78427259134C63ED69804D2132B86C ] C:\Windows\System32\scecli.dll
11:17:21.0594 4040 C:\Windows\System32\scecli.dll - ok
11:17:21.0609 4040 [ 7CC7DF5B654DA579613F811D8C637E29 ] C:\Windows\System32\ubpm.dll
11:17:21.0609 4040 C:\Windows\System32\ubpm.dll - ok
11:17:21.0625 4040 [ 6F68F63794097E54F36474ED4384B759 ] C:\Windows\System32\svchost.exe
11:17:21.0625 4040 C:\Windows\System32\svchost.exe - ok
11:17:21.0625 4040 [ 25FBDEF06C4D92815B353F6E792C8129 ] C:\Windows\System32\umpnpmgr.dll
11:17:21.0625 4040 C:\Windows\System32\umpnpmgr.dll - ok
11:17:21.0641 4040 [ CD1B5AD07E5F7FEF30E055DCC9E96180 ] C:\Windows\System32\devrtl.dll
11:17:21.0641 4040 C:\Windows\System32\devrtl.dll - ok
11:17:21.0656 4040 [ E6EB44ABAAF1F330119F854856C53EBE ] C:\Windows\System32\SPInf.dll
11:17:21.0656 4040 C:\Windows\System32\SPInf.dll - ok
11:17:21.0672 4040 [ 7A17485DC7D8A7AC81321A42CD034519 ] C:\Windows\System32\userenv.dll
11:17:21.0672 4040 C:\Windows\System32\userenv.dll - ok
11:17:21.0687 4040 [ 9C9307C95671AC962F3D6EB3A4A89BAE ] C:\Windows\System32\gpapi.dll
11:17:21.0687 4040 C:\Windows\System32\gpapi.dll - ok
11:17:21.0703 4040 [ 6BA9D927DDED70BD1A9CADED45F8B184 ] C:\Windows\System32\umpo.dll
11:17:21.0703 4040 C:\Windows\System32\umpo.dll - ok
11:17:21.0703 4040 [ F6C011B46FAEEF33536B2E80F48B5CBE ] C:\Windows\System32\pcwum.dll
11:17:21.0703 4040 C:\Windows\System32\pcwum.dll - ok
11:17:21.0719 4040 [ 716175021BDA290504CE434273F666BC ] C:\Windows\System32\powrprof.dll
11:17:21.0719 4040 C:\Windows\System32\powrprof.dll - ok
11:17:21.0734 4040 [ 43D0F98E1D56CCDDB0D5254CFF7B356E ] C:\Windows\System32\drivers\luafv.sys
11:17:21.0734 4040 C:\Windows\System32\drivers\luafv.sys - ok
11:17:21.0750 4040 [ A8FE8F2783B2929B56F5370A89356CE9 ] C:\Windows\System32\drivers\mbam.sys
11:17:21.0750 4040 C:\Windows\System32\drivers\mbam.sys - ok
11:17:21.0765 4040 [ 5C627D1B1138676C0A7AB2C2C190D123 ] C:\Windows\System32\rpcss.dll
11:17:21.0765 4040 C:\Windows\System32\rpcss.dll - ok
11:17:21.0781 4040 [ E4DC58CF7B3EA515AE917FF0D402A7BB ] C:\Windows\System32\RpcEpMap.dll
11:17:21.0781 4040 C:\Windows\System32\RpcEpMap.dll - ok
11:17:21.0797 4040 [ 16E964ABF6D1E0F0CC7822FCA9BA754D ] C:\Windows\System32\wshqos.dll
11:17:21.0797 4040 C:\Windows\System32\wshqos.dll - ok
11:17:21.0812 4040 [ 31559F3244C6BC00A52030CAA83B6B91 ] C:\Windows\System32\WSHTCPIP.DLL
11:17:21.0812 4040 C:\Windows\System32\WSHTCPIP.DLL - ok
11:17:21.0812 4040 [ CC8E4F72F21340A4D3A3D4DB50313EF5 ] C:\Program Files\Microsoft Security Client\MsMpEng.exe
11:17:21.0812 4040 C:\Program Files\Microsoft Security Client\MsMpEng.exe - ok
11:17:21.0828 4040 [ BCF8F2758AA5C451F8E366C66A98BBFE ] C:\Program Files\Microsoft Security Client\MpSvc.dll
11:17:21.0828 4040 C:\Program Files\Microsoft Security Client\MpSvc.dll - ok
11:17:21.0843 4040 [ 9AD9E06F8656F296D91FAE8EE5B95A27 ] C:\Windows\System32\FirewallAPI.dll
11:17:21.0843 4040 C:\Windows\System32\FirewallAPI.dll - ok
11:17:21.0859 4040 [ 715F03B4C7223349768013EA95D9E5B7 ] C:\Windows\System32\LogonUI.exe
11:17:21.0859 4040 C:\Windows\System32\LogonUI.exe - ok
11:17:21.0875 4040 [ 2F67DEE6452EBC9F4A6C97A1CCC232FE ] C:\Program Files\Microsoft Security Client\MpClient.dll
11:17:21.0875 4040 C:\Program Files\Microsoft Security Client\MpClient.dll - ok
11:17:21.0890 4040 [ BD3674BE7FC9D8D3732C83E8499576ED ] C:\Windows\System32\wtsapi32.dll
11:17:21.0890 4040 C:\Windows\System32\wtsapi32.dll - ok
11:17:21.0906 4040 [ 0BEE002C68E28CE6DA161DCF1376D7D7 ] C:\Windows\System32\authui.dll
11:17:21.0906 4040 C:\Windows\System32\authui.dll - ok
11:17:21.0921 4040 [ B3BFBD758506ECB50C5804AAA76318F9 ] C:\Windows\System32\cryptui.dll
11:17:21.0921 4040 C:\Windows\System32\cryptui.dll - ok
11:17:21.0937 4040 [ 1F4492FE41767CDB8B89D17655847CDD ] C:\Windows\System32\ntmarta.dll
11:17:21.0937 4040 C:\Windows\System32\ntmarta.dll - ok
11:17:21.0953 4040 [ 7FA8FDC2C2A27817FD0F624E78D3B50C ] C:\Windows\winsxs\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac\comctl32.dll
11:17:21.0953 4040 C:\Windows\winsxs\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac\comctl32.dll - ok
11:17:21.0968 4040 [ 4E9C2DB10F7E6AE91BF761139D4B745B ] C:\Windows\System32\shacct.dll
11:17:21.0968 4040 C:\Windows\System32\shacct.dll - ok
11:17:21.0968 4040 [ 5B3EBFC3DA142324B388DDCC4465E1FF ] C:\Windows\System32\samlib.dll
11:17:21.0968 4040 C:\Windows\System32\samlib.dll - ok
11:17:21.0999 4040 [ F06BB4E336EA57511FDBAFAFCC47DE62 ] C:\Windows\System32\propsys.dll
11:17:21.0999 4040 C:\Windows\System32\propsys.dll - ok
11:17:21.0999 4040 [ D29E998E8277666982B4F0303BF4E7AF ] C:\Windows\System32\uxtheme.dll
11:17:21.0999 4040 C:\Windows\System32\uxtheme.dll - ok
11:17:22.0015 4040 [ 179E8401224D557ECFF3695F2016EA5B ] C:\Windows\winsxs\amd64_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.17825_none_2b253c8271ec7765\GdiPlus.dll
11:17:22.0015 4040 C:\Windows\winsxs\amd64_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.17825_none_2b253c8271ec7765\GdiPlus.dll - ok
11:17:22.0031 4040 [ 3CB6A7286422C72C34DAB54A5DFF1A34 ] C:\Windows\System32\dui70.dll
11:17:22.0031 4040 C:\Windows\System32\dui70.dll - ok
11:17:22.0046 4040 [ 8CCDE014A4CDF84564E03ACE064CA753 ] C:\Windows\System32\duser.dll
11:17:22.0046 4040 C:\Windows\System32\duser.dll - ok
11:17:22.0062 4040 [ D7F1EF374A90709B31591823B002F918 ] C:\Windows\System32\SndVolSSO.dll
11:17:22.0062 4040 C:\Windows\System32\SndVolSSO.dll - ok
11:17:22.0093 4040 [ 896F15A6434D93EDB42519D5E18E6B50 ] C:\Windows\System32\hid.dll
11:17:22.0093 4040 C:\Windows\System32\hid.dll - ok
11:17:22.0093 4040 [ 5F10310A5A9273475AA04930DFE16742 ] C:\Program Files\Microsoft Security Client\EppManifest.dll
11:17:22.0093 4040 C:\Program Files\Microsoft Security Client\EppManifest.dll - ok
11:17:22.0109 4040 [ 2F2E91FD092811353C3BC968BEC274D8 ] C:\Windows\System32\atiesrxx.exe
11:17:22.0109 4040 C:\Windows\System32\atiesrxx.exe - ok
11:17:22.0124 4040 [ 227E2C382A1E02F8D4965E664D3BBE43 ] C:\Windows\System32\MMDevAPI.dll
11:17:22.0124 4040 C:\Windows\System32\MMDevAPI.dll - ok
11:17:22.0140 4040 [ DA1B7075260F3872585BFCDD668C648B ] C:\Windows\System32\dwmapi.dll
11:17:22.0140 4040 C:\Windows\System32\dwmapi.dll - ok
11:17:22.0155 4040 [ 6F8B48F3D343E4B186AB6A9E302B7E16 ] C:\Windows\System32\xmllite.dll
11:17:22.0155 4040 C:\Windows\System32\xmllite.dll - ok
11:17:22.0171 4040 [ BF62F3BC1BE0700804EC394BB77F02C4 ] C:\Program Files\Microsoft Security Client\MpRTP.dll
11:17:22.0171 4040 C:\Program Files\Microsoft Security Client\MpRTP.dll - ok
11:17:22.0187 4040 [ 26B73A85855681500BCC25C7CD9FF5B1 ] C:\Windows\System32\WindowsCodecs.dll
11:17:22.0187 4040 C:\Windows\System32\WindowsCodecs.dll - ok
11:17:22.0202 4040 [ F3D202F53A222D5F6944D459B73CF967 ] C:\Windows\System32\fltLib.dll
11:17:22.0202 4040 C:\Windows\System32\fltLib.dll - ok
11:17:22.0218 4040 [ FF7E814CBFEC3C27922C13BB94667416 ] C:\Program Files\Microsoft Security Client\MsMpLics.dll
11:17:22.0218 4040 C:\Program Files\Microsoft Security Client\MsMpLics.dll - ok
11:17:22.0233 4040 [ 05BF204EC0E82CC4A054DB189C8A3D84 ] C:\Windows\System32\drivers\MpFilter.sys
11:17:22.0233 4040 C:\Windows\System32\drivers\MpFilter.sys - ok
11:17:22.0233 4040 [ 6011714C8C5C55CBFFAD24D61E879FBD ] C:\Windows\System32\wevtsvc.dll
11:17:22.0233 4040 C:\Windows\System32\wevtsvc.dll - ok
11:17:22.0265 4040 [ 12FD09889C8A6141C8D10F7AE48BBAC8 ] C:\Program Files\Microsoft Security Client\NisIpsPlugin.dll
11:17:22.0265 4040 C:\Program Files\Microsoft Security Client\NisIpsPlugin.dll - ok
11:17:22.0280 4040 [ D527EF4364D2D00443470940B177EAD4 ] C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{CECC474C-1D3E-48FD-82F4-D5E8B47747BF}\mpengine.dll
11:17:22.0280 4040 C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{CECC474C-1D3E-48FD-82F4-D5E8B47747BF}\mpengine.dll - ok
11:17:22.0296 4040 [ 4FADA86E62F18A1B2F42BA18AE24E6AA ] C:\Windows\System32\wlansvc.dll
11:17:22.0296 4040 C:\Windows\System32\wlansvc.dll - ok
11:17:22.0311 4040 [ F23FEF6D569FCE88671949894A8BECF1 ] C:\Windows\System32\audiosrv.dll
11:17:22.0311 4040 C:\Windows\System32\audiosrv.dll - ok
11:17:22.0327 4040 [ 78A1E65207484B7F8D3217507745F47C ] C:\Windows\System32\avrt.dll
11:17:22.0327 4040 C:\Windows\System32\avrt.dll - ok
11:17:22.0343 4040 [ E40E80D0304A73E8D269F7141D77250B ] C:\Windows\System32\mmcss.dll
11:17:22.0343 4040 C:\Windows\System32\mmcss.dll - ok
11:17:22.0358 4040 [ 9F2BACD5E1776A4BB7CC0EC3C3A4F96D ] C:\Windows\System32\winbrand.dll
11:17:22.0358 4040 C:\Windows\System32\winbrand.dll - ok
11:17:22.0374 4040 [ 588CD0C78A7FAAE4186B5EEA0AF3ED67 ] C:\Windows\System32\adtschema.dll
11:17:22.0374 4040 C:\Windows\System32\adtschema.dll - ok
11:17:22.0389 4040 [ C2762A57DF0EE85E63CE4893C5215313 ] C:\Windows\System32\VaultCredProvider.dll
11:17:22.0389 4040 C:\Windows\System32\VaultCredProvider.dll - ok
11:17:22.0389 4040 [ CA2985996BB49924B677113DF95CFEA7 ] C:\Windows\System32\SmartcardCredentialProvider.dll
11:17:22.0389 4040 C:\Windows\System32\SmartcardCredentialProvider.dll - ok
11:17:22.0405 4040 [ BF352E73615F5461AA6884472435A544 ] C:\Windows\System32\BioCredProv.dll
11:17:22.0405 4040 C:\Windows\System32\BioCredProv.dll - ok
11:17:22.0421 4040 [ CC0AB40F02D2C2A12209715A3C1B07B8 ] C:\Windows\System32\credui.dll
11:17:22.0421 4040 C:\Windows\System32\credui.dll - ok
11:17:22.0436 4040 [ 5F28111C648F1E24F7DBC87CDEB091B8 ] C:\Windows\System32\netprofm.dll
11:17:22.0436 4040 C:\Windows\System32\netprofm.dll - ok
11:17:22.0452 4040 [ 796B8123A7859AFD3A4AE10514DBAEB5 ] C:\Windows\System32\winbio.dll
11:17:22.0452 4040 C:\Windows\System32\winbio.dll - ok
11:17:22.0467 4040 [ EEEA40F0EDB0A6E5359E539E15D0BC77 ] C:\Windows\System32\netapi32.dll
11:17:22.0467 4040 C:\Windows\System32\netapi32.dll - ok
11:17:22.0483 4040 [ 44B9C66177651F3F53C87B665D58D17A ] C:\Windows\System32\vaultcli.dll
11:17:22.0483 4040 C:\Windows\System32\vaultcli.dll - ok
11:17:22.0499 4040 [ 6CECA4C6A489C9B2E6073AFDAAE3F607 ] C:\Windows\System32\netutils.dll
11:17:22.0499 4040 C:\Windows\System32\netutils.dll - ok
11:17:22.0514 4040 [ 3C91392D448F6E5D525A85B7550D8BA9 ] C:\Windows\System32\wkscli.dll
11:17:22.0514 4040 C:\Windows\System32\wkscli.dll - ok
11:17:22.0530 4040 [ FC51229C7D4AFA0D6F186133728B95AB ] C:\Windows\System32\samcli.dll
11:17:22.0530 4040 C:\Windows\System32\samcli.dll - ok
11:17:22.0530 4040 [ D5CCA1453B98A5801E6D5FF0FF89DC6C ] C:\Windows\System32\audiodg.exe
11:17:22.0545 4040 C:\Windows\System32\audiodg.exe - ok
11:17:22.0545 4040 [ 08D8C5E32648D6E7976F0458545EA600 ] C:\Program Files\TOSHIBA\SmartFaceV\SmartFaceVCP.dll
11:17:22.0545 4040 C:\Program Files\TOSHIBA\SmartFaceV\SmartFaceVCP.dll - ok
11:17:22.0561 4040 [ D037BEA6039248D4DE0C5F361F19970D ] C:\Program Files\TOSHIBA\SmartFaceV\SmartFaceVHelper.dll
11:17:22.0561 4040 C:\Program Files\TOSHIBA\SmartFaceV\SmartFaceVHelper.dll - ok
11:17:22.0577 4040 [ 7AE92C896AF9ABFBDB18C1D055B6EBA7 ] C:\Windows\winsxs\amd64_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.4940_none_88df89932faf0bf6\msvcp80.dll
11:17:22.0577 4040 C:\Windows\winsxs\amd64_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.4940_none_88df89932faf0bf6\msvcp80.dll - ok
11:17:22.0592 4040 [ 277BBC7E1AA1EE957F573A10ECA7EF3A ] C:\Windows\System32\gpsvc.dll
11:17:22.0592 4040 C:\Windows\System32\gpsvc.dll - ok
11:17:22.0608 4040 [ 06A754FE28A06F780A099703CFCAAA22 ] C:\Windows\winsxs\amd64_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.4940_none_88df89932faf0bf6\msvcr80.dll
11:17:22.0608 4040 C:\Windows\winsxs\amd64_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.4940_none_88df89932faf0bf6\msvcr80.dll - ok
11:17:22.0623 4040 [ 9AE75388EE2C110216B8319584E8AC34 ] C:\Program Files\TOSHIBA\SmartFaceV\SmartFaceVCtrl.dll
11:17:22.0623 4040 C:\Program Files\TOSHIBA\SmartFaceV\SmartFaceVCtrl.dll - ok
11:17:22.0639 4040 [ 46BB91A169B9B31FF44EB04C48EC1D41 ] C:\Windows\System32\nlaapi.dll
11:17:22.0639 4040 C:\Windows\System32\nlaapi.dll - ok
11:17:22.0655 4040 [ 53E83F1F6CF9D62F32801CF66D8352A8 ] C:\Windows\System32\profsvc.dll
11:17:22.0655 4040 C:\Windows\System32\profsvc.dll - ok
11:17:22.0655 4040 [ 58775492FFD419248B08325E583C527F ] C:\Windows\System32\atl.dll
11:17:22.0655 4040 C:\Windows\System32\atl.dll - ok
11:17:22.0670 4040 [ F0344071948D1A1FA732231785A0664C ] C:\Windows\System32\themeservice.dll
11:17:22.0670 4040 C:\Windows\System32\themeservice.dll - ok
11:17:22.0686 4040 [ A77BE7CB3222B4FB0AC6C71D1C2698D4 ] C:\Windows\System32\dsrole.dll
11:17:22.0686 4040 C:\Windows\System32\dsrole.dll - ok
11:17:22.0701 4040 [ BE097F5BB10F9079FCEB2DC4E7E20F02 ] C:\Windows\System32\slc.dll
11:17:22.0701 4040 C:\Windows\System32\slc.dll - ok
11:17:22.0717 4040 [ 4166F82BE4D24938977DD1746BE9B8A0 ] C:\Windows\System32\es.dll
11:17:22.0717 4040 C:\Windows\System32\es.dll - ok
11:17:22.0733 4040 [ EF2AE43BCD46ABB13FC3E5B2B1935C73 ] C:\Windows\System32\winmm.dll
11:17:22.0733 4040 C:\Windows\System32\winmm.dll - ok
11:17:22.0748 4040 [ 1A47D52E303B7543E4E6026595B95422 ] C:\Windows\System32\comres.dll
11:17:22.0748 4040 C:\Windows\System32\comres.dll - ok
11:17:22.0764 4040 [ C32AB8FA018EF34C0F113BD501436D21 ] C:\Windows\System32\Sens.dll
11:17:22.0764 4040 C:\Windows\System32\Sens.dll - ok
11:17:22.0764 4040 [ 1538831CF8AD2979A04C423779465827 ] C:\Windows\System32\drivers\lltdio.sys
11:17:22.0779 4040 C:\Windows\System32\drivers\lltdio.sys - ok
11:17:22.0779 4040 [ EDBB23CBCF2CDF727D64FF9B51A6070E ] C:\Windows\System32\uxsms.dll
11:17:22.0779 4040 C:\Windows\System32\uxsms.dll - ok
11:17:22.0795 4040 [ 2A9238A326763122424E07EF320D5D3A ] C:\Program Files\TOSHIBA\SmartFaceV\FaceRec.dll
11:17:22.0795 4040 C:\Program Files\TOSHIBA\SmartFaceV\FaceRec.dll - ok
11:17:22.0811 4040 [ 1EA3749C4114DB3E3161156FFFFA6B33 ] C:\Windows\System32\drivers\nwifi.sys
11:17:22.0811 4040 C:\Windows\System32\drivers\nwifi.sys - ok
11:17:22.0826 4040 [ 136185F9FB2CC61E573E676AA5402356 ] C:\Windows\System32\drivers\ndisuio.sys
11:17:22.0826 4040 C:\Windows\System32\drivers\ndisuio.sys - ok
11:17:22.0842 4040 [ DDC86E4F8E7456261E637E3552E804FF ] C:\Windows\System32\drivers\rspndr.sys
11:17:22.0842 4040 C:\Windows\System32\drivers\rspndr.sys - ok
11:17:22.0857 4040 [ 91175B7E997CFAC64F271A15B4217BC7 ] C:\Program Files\TOSHIBA\SmartFaceV\FaceHI.dll
11:17:22.0857 4040 C:\Program Files\TOSHIBA\SmartFaceV\FaceHI.dll - ok
11:17:22.0873 4040 [ F993A32249B66C9D622EA5592A8B76B8 ] C:\Windows\System32\lmhsvc.dll
11:17:22.0873 4040 C:\Windows\System32\lmhsvc.dll - ok
11:17:22.0889 4040 [ D54BFDF3E0C953F823B3D0BFE4732528 ] C:\Windows\System32\nsisvc.dll
11:17:22.0889 4040 C:\Windows\System32\nsisvc.dll - ok
11:17:22.0904 4040 [ 2B81776DA02017A37FE26C662827470E ] C:\Windows\System32\IPHLPAPI.DLL
11:17:22.0904 4040 C:\Windows\System32\IPHLPAPI.DLL - ok
11:17:22.0904 4040 [ 43D808F5D9E1A18E5EEB5EBC83969E4E ] C:\Windows\System32\dhcpcore.dll
11:17:22.0904 4040 C:\Windows\System32\dhcpcore.dll - ok
11:17:22.0920 4040 [ B73A6E4B319AFFE64582AC5C1801BB3F ] C:\Windows\System32\nrpsrv.dll
11:17:22.0920 4040 C:\Windows\System32\nrpsrv.dll - ok
11:17:22.0935 4040 [ 4C9210E8F4E052F6A4EB87716DA0C24C ] C:\Windows\System32\winnsi.dll
11:17:22.0935 4040 C:\Windows\System32\winnsi.dll - ok
11:17:22.0951 4040 [ 16835866AAA693C7D7FCEBA8FFF706E4 ] C:\Windows\System32\dnsrslvr.dll
11:17:22.0951 4040 C:\Windows\System32\dnsrslvr.dll - ok
11:17:22.0967 4040 [ F9EC845C5EECF20E9A67F9F805F2EF1F ] C:\Windows\System32\keyiso.dll
11:17:22.0967 4040 C:\Windows\System32\keyiso.dll - ok
11:17:22.0982 4040 [ 3CC16A849E6092E43909F48EF0E60306 ] C:\Windows\System32\dhcpcore6.dll
11:17:22.0982 4040 C:\Windows\System32\dhcpcore6.dll - ok
11:17:22.0982 4040 [ 87356377F31DA5F20A833811CD59499C ] C:\Windows\System32\eapphost.dll
11:17:22.0982 4040 C:\Windows\System32\eapphost.dll - ok
11:17:22.0998 4040 [ E2DDA8726DA9CB5B2C4000C9018A9633 ] C:\Windows\System32\eapsvc.dll
11:17:22.0998 4040 C:\Windows\System32\eapsvc.dll - ok
11:17:23.0013 4040 [ 0040C486584A8E582C861CFB57AB5387 ] C:\Windows\System32\FWPUCLNT.DLL
11:17:23.0013 4040 C:\Windows\System32\FWPUCLNT.DLL - ok
11:17:23.0029 4040 [ 9FCA3A84338ADEF2AFF67CDA46EF8539 ] C:\Windows\System32\umb.dll
11:17:23.0029 4040 C:\Windows\System32\umb.dll - ok
11:17:23.0045 4040 [ A648C4A06DE367065B24056D067B4460 ] C:\Windows\System32\wlanmsm.dll
11:17:23.0045 4040 C:\Windows\System32\wlanmsm.dll - ok
11:17:23.0060 4040 [ 885D0942E0F28DB90919BE3129ECF279 ] C:\Windows\System32\dnsext.dll
11:17:23.0060 4040 C:\Windows\System32\dnsext.dll - ok
11:17:23.0076 4040 [ 06A1386B6E3A0CBC368665C1840906F4 ] C:\Windows\System32\wlansec.dll
11:17:23.0076 4040 C:\Windows\System32\wlansec.dll - ok
11:17:23.0091 4040 [ F568F7C08458D69E4FCD8675BBB107E4 ] C:\Windows\System32\dhcpcsvc.dll
11:17:23.0091 4040 C:\Windows\System32\dhcpcsvc.dll - ok
11:17:23.0107 4040 [ 3C06D5A929B798D0B13F6481242A0FD2 ] C:\Windows\System32\dhcpcsvc6.dll
11:17:23.0107 4040 C:\Windows\System32\dhcpcsvc6.dll - ok
11:17:23.0123 4040 [ 73FCB7919DEE80EE556F2E498594EBAE ] C:\Windows\System32\onex.dll
11:17:23.0123 4040 C:\Windows\System32\onex.dll - ok
11:17:23.0123 4040 [ 0D753307D274F3688BD21C377B616700 ] C:\Windows\System32\eappcfg.dll
11:17:23.0123 4040 C:\Windows\System32\eappcfg.dll - ok
11:17:23.0138 4040 [ 65522E77A1360DBC8D199DA3BF5EFFE4 ] C:\Windows\System32\eappprxy.dll
11:17:23.0138 4040 C:\Windows\System32\eappprxy.dll - ok
11:17:23.0154 4040 [ 730BF204A595D5B6D7DC57A247CC741C ] C:\Windows\System32\wlgpclnt.dll
11:17:23.0169 4040 C:\Windows\System32\wlgpclnt.dll - ok
11:17:23.0169 4040 [ 97E43F324BE1503CB2FFB058534688DA ] C:\Windows\System32\l2gpstore.dll
11:17:23.0169 4040 C:\Windows\System32\l2gpstore.dll - ok
11:17:23.0185 4040 [ 7D5645EE0EA77D539828433D9B95F5EB ] C:\Windows\System32\WinSCard.dll
11:17:23.0185 4040 C:\Windows\System32\WinSCard.dll - ok
11:17:23.0201 4040 [ 7F1B4C6FF3B85F9ADF74055187B8A22C ] C:\Windows\System32\wlanutil.dll
11:17:23.0201 4040 C:\Windows\System32\wlanutil.dll - ok
11:17:23.0216 4040 [ 4FFDE68C4B7C9993FA551E7E36DDB34D ] C:\Windows\System32\msxml6.dll
11:17:23.0216 4040 C:\Windows\System32\msxml6.dll - ok
11:17:23.0232 4040 [ AAF932B4011D14052955D4B212A4DA8D ] C:\Windows\System32\shsvcs.dll
11:17:23.0232 4040 C:\Windows\System32\shsvcs.dll - ok
11:17:23.0247 4040 [ 262F6592C3299C005FD6BEC90FC4463A ] C:\Windows\System32\schedsvc.dll
11:17:23.0247 4040 C:\Windows\System32\schedsvc.dll - ok
11:17:23.0263 4040 [ BC414631876B2F28B8DAB08E849C12C5 ] C:\Windows\System32\ktmw32.dll
11:17:23.0263 4040 C:\Windows\System32\ktmw32.dll - ok
11:17:23.0279 4040 [ 9C5BF3E0541B8A2F85DF1D642E495EE4 ] C:\Program Files\TOSHIBA\SmartFaceV\SmartFaceVLogOn.dll
11:17:23.0279 4040 C:\Program Files\TOSHIBA\SmartFaceV\SmartFaceVLogOn.dll - ok
11:17:23.0294 4040 [ 972C3301DB3DA91AE06A95F6B4160B1B ] C:\Windows\System32\certCredProvider.dll
11:17:23.0294 4040 C:\Windows\System32\certCredProvider.dll - ok
11:17:23.0310 4040 [ 032229246107C5C7211E6D1498B52D3D ] C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDCREDPROV.DLL
11:17:23.0310 4040 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDCREDPROV.DLL - ok
11:17:23.0325 4040 [ 87FA0C48C3B2E9FEE518818FE26B15B5 ] C:\Windows\System32\rasplap.dll
11:17:23.0325 4040 C:\Windows\System32\rasplap.dll - ok
11:17:23.0341 4040 [ 945E54F23C72D37B8CD1987AF0DB63BF ] C:\Windows\System32\fveapi.dll
11:17:23.0341 4040 C:\Windows\System32\fveapi.dll - ok
11:17:23.0357 4040 [ 019CD868461B646E09BDF04474C19341 ] C:\Windows\System32\rasapi32.dll
11:17:23.0357 4040 C:\Windows\System32\rasapi32.dll - ok
11:17:23.0372 4040 [ 891ECFD08E2C538B7948CBC45106D697 ] C:\Windows\System32\fvecerts.dll
11:17:23.0372 4040 C:\Windows\System32\fvecerts.dll - ok
11:17:23.0388 4040 [ 694865362F0965779F92BCFE97712323 ] C:\Windows\System32\tbs.dll
11:17:23.0388 4040 C:\Windows\System32\tbs.dll - ok
11:17:23.0403 4040 [ B28DEEC597C8DEB70C744C7CF9210E3E ] C:\Windows\System32\rasman.dll
11:17:23.0403 4040 C:\Windows\System32\rasman.dll - ok
11:17:23.0419 4040 [ B53C4B69B695EDA1B7E41D35CA4244E2 ] C:\Windows\System32\rtutils.dll
11:17:23.0419 4040 C:\Windows\System32\rtutils.dll - ok
11:17:23.0435 4040 [ 1473768973453DE50DC738C2955FC4DD ] C:\Windows\System32\wdmaud.drv
11:17:23.0435 4040 C:\Windows\System32\wdmaud.drv - ok
11:17:23.0450 4040 [ 8560FFFC8EB3A806DCD4F82252CFC8C6 ] C:\Windows\System32\ksuser.dll
11:17:23.0450 4040 C:\Windows\System32\ksuser.dll - ok
11:17:23.0450 4040 [ CF636C92B762B26F0B39B38E92380A09 ] C:\Windows\System32\oleacc.dll
11:17:23.0450 4040 C:\Windows\System32\oleacc.dll - ok
11:17:23.0466 4040 [ 019BDD35DE269CB98B22DE8923C2AA3B ] C:\Windows\System32\UIAutomationCore.dll
11:17:23.0466 4040 C:\Windows\System32\UIAutomationCore.dll - ok
11:17:23.0481 4040 [ 03706015DB44368375AEBE6339490E66 ] C:\Windows\System32\netcfgx.dll
11:17:23.0481 4040 C:\Windows\System32\netcfgx.dll - ok
11:17:23.0497 4040 [ DC220AE6F64819099F7EBD6F137E32E7 ] C:\Windows\System32\AudioSes.dll
11:17:23.0497 4040 C:\Windows\System32\AudioSes.dll - ok
11:17:23.0513 4040 [ 10AC5CE9F78DC281A1BBD9B8CC587B8A ] C:\Windows\System32\msacm32.dll
11:17:23.0513 4040 C:\Windows\System32\msacm32.dll - ok
11:17:23.0513 4040 [ 1B7C3A37362C7B2890168C5FC61C8D9B ] C:\Windows\System32\msacm32.drv
11:17:23.0513 4040 C:\Windows\System32\msacm32.drv - ok
11:17:23.0528 4040 [ CA2A0750ED830678997695FF61B04C30 ] C:\Windows\System32\midimap.dll
11:17:23.0528 4040 C:\Windows\System32\midimap.dll - ok
11:17:23.0544 4040 [ 5EDBB34736DD7AC1A73CF8792A835E10 ] C:\Windows\System32\AudioEng.dll
11:17:23.0544 4040 C:\Windows\System32\AudioEng.dll - ok
11:17:23.0559 4040 [ C1395286B822E306B4FE1568A8A77813 ] C:\Windows\System32\AUDIOKSE.dll
11:17:23.0559 4040 C:\Windows\System32\AUDIOKSE.dll - ok
11:17:23.0575 4040 [ 706B9A55E4B1EDD2F6C2D7A1CF37E197 ] C:\Windows\System32\RtkAPO64.dll
11:17:23.0575 4040 C:\Windows\System32\RtkAPO64.dll - ok
11:17:23.0591 4040 [ 6A638FC4BFDDC4D9B186C28C91BD1A01 ] C:\Windows\System32\drivers\vwifimp.sys
11:17:23.0591 4040 C:\Windows\System32\drivers\vwifimp.sys - ok
11:17:23.0606 4040 [ ECAEC5FBBBEF8612AF0A866AFA5F7EF2 ] C:\Windows\System32\RTEEL64A.dll
11:17:23.0606 4040 C:\Windows\System32\RTEEL64A.dll - ok
11:17:23.0622 4040 [ A6286A6C7A1BBFCBA17AA54384A21D1C ] C:\Windows\System32\RTEED64A.dll
11:17:23.0622 4040 C:\Windows\System32\RTEED64A.dll - ok
11:17:23.0637 4040 [ 6DC4A7242F565C9E9C9CCC7BB0FA75C7 ] C:\Windows\System32\taskcomp.dll
11:17:23.0637 4040 C:\Windows\System32\taskcomp.dll - ok
11:17:23.0653 4040 [ 9BC8610C32C96A2983A65DC21CAFA921 ] C:\Windows\System32\UXInit.dll
11:17:23.0653 4040 C:\Windows\System32\UXInit.dll - ok
11:17:23.0669 4040 [ 4449D23E8F197862F1B16F1E6C89C36C ] C:\Windows\System32\diagperf.dll
11:17:23.0669 4040 C:\Windows\System32\diagperf.dll - ok
11:17:23.0669 4040 [ 13EB517A22F8AE2E4A02718C163BA401 ] C:\Windows\System32\atieclxx.exe
11:17:23.0669 4040 C:\Windows\System32\atieclxx.exe - ok
11:17:23.0684 4040 [ 0EA7DE1ACB728DD5A369FD742D6EEE28 ] C:\Windows\System32\drivers\http.sys
11:17:23.0684 4040 C:\Windows\System32\drivers\http.sys - ok
11:17:23.0700 4040 [ 85DAA09A98C9286D4EA2BA8D0E644377 ] C:\Windows\System32\spoolsv.exe
11:17:23.0700 4040 C:\Windows\System32\spoolsv.exe - ok
11:17:23.0715 4040 [ 3449B6738794D2234ED2C3FADA85D487 ] C:\Windows\System32\atiadlxx.dll
11:17:23.0715 4040 C:\Windows\System32\atiadlxx.dll - ok
11:17:23.0731 4040 [ 8269210DAF3B12BC8300631B28A2A442 ] C:\Windows\System32\wiarpc.dll
11:17:23.0731 4040 C:\Windows\System32\wiarpc.dll - ok
11:17:23.0747 4040 [ 5AA945234E9D4CCE4F715276B9AA712C ] C:\Windows\System32\imageres.dll
11:17:23.0747 4040 C:\Windows\System32\imageres.dll - ok
11:17:23.0762 4040 [ B6C244055D019CAC3FE8298DAD973D6D ] C:\Windows\System32\atimuixx.dll
11:17:23.0762 4040 C:\Windows\System32\atimuixx.dll - ok
11:17:23.0778 4040 [ 82974D6A2FD19445CC5171FC378668A4 ] C:\Windows\System32\BFE.DLL
11:17:23.0778 4040 C:\Windows\System32\BFE.DLL - ok
11:17:23.0793 4040 [ 6C02A83164F5CC0A262F4199F0871CF5 ] C:\Windows\System32\drivers\bowser.sys
11:17:23.0793 4040 C:\Windows\System32\drivers\bowser.sys - ok
11:17:23.0809 4040 [ 6C38C9E45AE0EA2FA5E551F2ED5E978F ] C:\Windows\System32\drivers\mpsdrv.sys
11:17:23.0809 4040 C:\Windows\System32\drivers\mpsdrv.sys - ok
11:17:23.0825 4040 [ A5D9106A73DC88564C825D317CAC68AC ] C:\Windows\System32\drivers\mrxsmb.sys
11:17:23.0825 4040 C:\Windows\System32\drivers\mrxsmb.sys - ok
11:17:23.0825 4040 [ D711B3C1D5F42C0C2415687BE09FC163 ] C:\Windows\System32\drivers\mrxsmb10.sys
11:17:23.0825 4040 C:\Windows\System32\drivers\mrxsmb10.sys - ok
11:17:23.0840 4040 [ 9423E9D355C8D303E76B8CFBD8A5C30C ] C:\Windows\System32\drivers\mrxsmb20.sys
11:17:23.0840 4040 C:\Windows\System32\drivers\mrxsmb20.sys - ok
11:17:23.0856 4040 [ 54FFC9C8898113ACE189D4AA7199D2C1 ] C:\Windows\System32\MPSSVC.dll
11:17:23.0856 4040 C:\Windows\System32\MPSSVC.dll - ok
11:17:23.0871 4040 [ 851A1382EED3E3A7476DB004F4EE3E1A ] C:\Windows\System32\wkssvc.dll
11:17:23.0871 4040 C:\Windows\System32\wkssvc.dll - ok
11:17:23.0887 4040 [ 0E7045E24F78351E021D3C01566DBBA3 ] C:\Program Files\Microsoft Security Client\MpAsDesc.dll
11:17:23.0887 4040 C:\Program Files\Microsoft Security Client\MpAsDesc.dll - ok
11:17:23.0903 4040 [ 5B8580B819BE32EEC18CE1FEC52A4BCE ] C:\Program Files\Microsoft Security Client\MpCmdRun.exe
11:17:23.0903 4040 C:\Program Files\Microsoft Security Client\MpCmdRun.exe - ok
11:17:23.0918 4040 [ 9C01375BE382E834CC26D1B7EAF2C4FE ] C:\Windows\System32\cryptsvc.dll
11:17:23.0918 4040 C:\Windows\System32\cryptsvc.dll - ok
11:17:23.0934 4040 [ B26F4F737E8F9DF4F31AF6CF31D05820 ] C:\Windows\System32\dps.dll
11:17:23.0934 4040 C:\Windows\System32\dps.dll - ok
11:17:23.0949 4040 [ 8792BAB371B4B1589E015B6FD1ED3B15 ] C:\Windows\System32\cryptnet.dll
11:17:23.0949 4040 C:\Windows\System32\cryptnet.dll - ok
11:17:23.0965 4040 [ 0E2F58F6E698EDCB9E58FAD0CBCD0567 ] C:\Windows\System32\vssapi.dll
11:17:23.0965 4040 C:\Windows\System32\vssapi.dll - ok
11:17:23.0981 4040 [ 802496CB59A30349F9A6DD22D6947644 ] C:\Windows\System32\FDResPub.dll
11:17:23.0981 4040 C:\Windows\System32\FDResPub.dll - ok
11:17:23.0981 4040 [ FCD84C381E0140AF901E58D48882D26B ] C:\Windows\System32\IKEEXT.DLL
11:17:23.0981 4040 C:\Windows\System32\IKEEXT.DLL - ok
11:17:23.0996 4040 [ F1B205F932F62F94506A5F332C895DAF ] C:\Windows\System32\WSDApi.dll
11:17:23.0996 4040 C:\Windows\System32\WSDApi.dll - ok
11:17:24.0012 4040 [ 402B44B31C7183FCF2C4E1083AF317FA ] C:\Windows\System32\conhost.exe
11:17:24.0012 4040 C:\Windows\System32\conhost.exe - ok
11:17:24.0027 4040 [ BAAFAF9CEAEC0B73C2A3550A01F6CECB ] C:\Windows\System32\taskschd.dll
11:17:24.0027 4040 C:\Windows\System32\taskschd.dll - ok
11:17:24.0043 4040 [ 85B16A92B117A5A800032ECD904B86DB ] C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
11:17:24.0043 4040 C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe - ok
11:17:24.0059 4040 [ C55516D98DD5D8F0153C2A9B4227DA86 ] C:\Windows\System32\webservices.dll
11:17:24.0059 4040 C:\Windows\System32\webservices.dll - ok
11:17:24.0074 4040 [ 218A400108F280428FA22282D3268BBC ] C:\Windows\System32\wscapi.dll
11:17:24.0074 4040 C:\Windows\System32\wscapi.dll - ok
11:17:24.0090 4040 [ E73B0F1819602CB6EF176FB78D76A47B ] C:\Windows\SysWOW64\ntdll.dll
11:17:24.0090 4040 C:\Windows\SysWOW64\ntdll.dll - ok
11:17:24.0105 4040 [ B5055B51BAA0FD0A736A88653DA3C1C0 ] C:\Windows\System32\fundisc.dll
11:17:24.0105 4040 C:\Windows\System32\fundisc.dll - ok
11:17:24.0121 4040 [ FA43D418BC945D27D0625B697B8442B5 ] C:\Windows\System32\cabinet.dll
11:17:24.0121 4040 C:\Windows\System32\cabinet.dll - ok
11:17:24.0137 4040 [ D29902687A6110FE637F87189C6A3FB5 ] C:\Windows\System32\wow64.dll
11:17:24.0137 4040 C:\Windows\System32\wow64.dll - ok
11:17:24.0137 4040 [ CFBE90EF20EE550F4A6B74CED16DAFCA ] C:\Windows\System32\wow64win.dll
11:17:24.0137 4040 C:\Windows\System32\wow64win.dll - ok
11:17:24.0152 4040 [ E9EEC159B08BFDD76FAD2C1C333223B3 ] C:\Windows\System32\wow64cpu.dll
11:17:24.0152 4040 C:\Windows\System32\wow64cpu.dll - ok
11:17:24.0168 4040 [ 9B98D47916EAD4F69EF51B56B0C2323C ] C:\Windows\SysWOW64\kernel32.dll
11:17:24.0168 4040 C:\Windows\SysWOW64\kernel32.dll - ok
11:17:24.0183 4040 [ 92E0508D924512F63FFEEFE498CBD11F ] C:\Windows\System32\p2pcollab.dll
11:17:24.0183 4040 C:\Windows\System32\p2pcollab.dll - ok
11:17:24.0199 4040 [ 287923557447D7E4BDD7E65B1F0F5428 ] C:\Windows\System32\vsstrace.dll
11:17:24.0199 4040 C:\Windows\System32\vsstrace.dll - ok
11:17:24.0215 4040 [ 53BB811ED12D2C867B354390FABF9612 ] C:\Windows\SysWOW64\KernelBase.dll
11:17:24.0215 4040 C:\Windows\SysWOW64\KernelBase.dll - ok
11:17:24.0230 4040 [ C0F7C25EEFB1C5FD554AAA801201A83C ] C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbam.dll
11:17:24.0230 4040 C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbam.dll - ok
11:17:24.0246 4040 [ D6D3AD7BF1D6F6CE9547613ED5E170A2 ] C:\Windows\SysWOW64\gdi32.dll
11:17:24.0246 4040 C:\Windows\SysWOW64\gdi32.dll - ok
11:17:24.0246 4040 [ 8CC3C111D653E96F3EA1590891491D71 ] C:\Windows\SysWOW64\shlwapi.dll
11:17:24.0246 4040 C:\Windows\SysWOW64\shlwapi.dll - ok
11:17:24.0261 4040 [ 5E0DB2D8B2750543CD2EBB9EA8E6CDD3 ] C:\Windows\SysWOW64\user32.dll
11:17:24.0261 4040 C:\Windows\SysWOW64\user32.dll - ok
11:17:24.0277 4040 [ 95E2376B3323F062EB562B8586D0F14A ] C:\Windows\SysWOW64\advapi32.dll
11:17:24.0277 4040 C:\Windows\SysWOW64\advapi32.dll - ok
11:17:24.0293 4040 [ 9DC80A8AAAAAC397BDAB3C67165A824E ] C:\Windows\SysWOW64\msvcrt.dll
11:17:24.0293 4040 C:\Windows\SysWOW64\msvcrt.dll - ok
11:17:24.0308 4040 [ C5AD8083CF94201F1F8084ECC696A8B7 ] C:\Windows\SysWOW64\rpcrt4.dll
11:17:24.0308 4040 C:\Windows\SysWOW64\rpcrt4.dll - ok
11:17:24.0324 4040 [ CFC97F07904067A1E5FAE195D534DA3A ] C:\Windows\SysWOW64\sechost.dll
11:17:24.0324 4040 C:\Windows\SysWOW64\sechost.dll - ok
11:17:24.0339 4040 [ EDA7AD21DF8945528F01F0A86D69E524 ] C:\Windows\SysWOW64\sspicli.dll
11:17:24.0339 4040 C:\Windows\SysWOW64\sspicli.dll - ok
11:17:24.0339 4040 [ F08F6FCD09F9BE94C37ACC1B344685FF ] C:\Windows\SysWOW64\cryptbase.dll
11:17:24.0339 4040 C:\Windows\SysWOW64\cryptbase.dll - ok
11:17:24.0355 4040 [ 384721EF4024890092625E20CADFAF85 ] C:\Windows\SysWOW64\lpk.dll
11:17:24.0355 4040 C:\Windows\SysWOW64\lpk.dll - ok
11:17:24.0371 4040 [ 804AAAFEBB3AD5F49334DD906BCB1DE5 ] C:\Windows\SysWOW64\usp10.dll
11:17:24.0371 4040 C:\Windows\SysWOW64\usp10.dll - ok
11:17:24.0386 4040 [ 29E9794708DF51DB5DC89FB2E903A0F6 ] C:\Windows\SysWOW64\shell32.dll
11:17:24.0386 4040 C:\Windows\SysWOW64\shell32.dll - ok
11:17:24.0402 4040 [ 702254574E7E52052DE39408457B7149 ] C:\Windows\SysWOW64\version.dll
11:17:24.0402 4040 C:\Windows\SysWOW64\version.dll - ok
11:17:24.0417 4040 [ A8AD2773202A3913D1E1564BD5703183 ] C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamnet.dll
11:17:24.0417 4040 C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamnet.dll - ok
11:17:24.0433 4040 [ 60D21799A4AF4EDCE65FB98830E4B0C8 ] C:\Windows\SysWOW64\crypt32.dll
11:17:24.0433 4040 C:\Windows\SysWOW64\crypt32.dll - ok
11:17:24.0449 4040 [ A90DC9ABD65DB1A8902F361103029952 ] C:\Windows\SysWOW64\IPHLPAPI.DLL
11:17:24.0449 4040 C:\Windows\SysWOW64\IPHLPAPI.DLL - ok
11:17:24.0464 4040 [ 938F39B50BAFE13D6F58C7790682C010 ] C:\Windows\SysWOW64\msasn1.dll
11:17:24.0480 4040 C:\Windows\SysWOW64\msasn1.dll - ok
11:17:24.0480 4040 [ 6377051C63D5552A311935C67E9FDFDC ] C:\Windows\SysWOW64\nsi.dll
11:17:24.0480 4040 C:\Windows\SysWOW64\nsi.dll - ok
11:17:24.0495 4040 [ CFF35B879D1618D42C86644C717BA947 ] C:\Windows\SysWOW64\winnsi.dll
11:17:24.0495 4040 C:\Windows\SysWOW64\winnsi.dll - ok
11:17:24.0511 4040 [ 7FF15A4F092CD4A96055BA69F903E3E9 ] C:\Windows\SysWOW64\ws2_32.dll
11:17:24.0511 4040 C:\Windows\SysWOW64\ws2_32.dll - ok
11:17:24.0511 4040 [ 6A6B2EE4565A178035BE2A4FF6F2C968 ] C:\Windows\SysWOW64\wtsapi32.dll
11:17:24.0511 4040 C:\Windows\SysWOW64\wtsapi32.dll - ok
11:17:24.0527 4040 [ C733D233B623B7FFCE5031E4B756EE26 ] C:\Windows\SysWOW64\profapi.dll
11:17:24.0527 4040 C:\Windows\SysWOW64\profapi.dll - ok
11:17:24.0542 4040 [ D15618A0FF8DBC2C5BF3726BACC75A0B ] C:\Windows\SysWOW64\userenv.dll
11:17:24.0542 4040 C:\Windows\SysWOW64\userenv.dll - ok
11:17:24.0589 4040 [ A6F09E5669D9A19035F6D942CAA15882 ] C:\Windows\SysWOW64\imm32.dll
11:17:24.0589 4040 C:\Windows\SysWOW64\imm32.dll - ok
11:17:24.0605 4040 [ C9618BC9B2B0FD7C1138D8774795A79B ] C:\Windows\SysWOW64\msctf.dll
11:17:24.0605 4040 C:\Windows\SysWOW64\msctf.dll - ok
11:17:24.0620 4040 [ 20E2469DB709FC675E655CEAA11BE312 ] C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
11:17:24.0620 4040 C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe - ok
11:17:24.0636 4040 [ 928CF7268086631F54C3D8E17238C6DD ] C:\Windows\SysWOW64\ole32.dll
11:17:24.0636 4040 C:\Windows\SysWOW64\ole32.dll - ok
11:17:24.0651 4040 [ 7321F18D1F820612ED0E9F2D4B578A7E ] C:\Windows\SysWOW64\cryptsp.dll
11:17:24.0651 4040 C:\Windows\SysWOW64\cryptsp.dll - ok
11:17:24.0667 4040 [ 8EB9DF4D405524D5EF69AE9ECB0EDD16 ] C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamcore.dll
11:17:24.0667 4040 C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamcore.dll - ok
11:17:24.0683 4040 [ ED8EC63F7522DF4852147C84EC62C36A ] C:\Windows\SysWOW64\rsaenh.dll
11:17:24.0683 4040 C:\Windows\SysWOW64\rsaenh.dll - ok
11:17:24.0698 4040 [ B9A8CBCFCD3EC9D2EA4740AF347BF108 ] C:\Windows\SysWOW64\mpr.dll
11:17:24.0698 4040 C:\Windows\SysWOW64\mpr.dll - ok
11:17:24.0714 4040 [ 17448AF0BBA9E7AB5EC955AF93F271BD ] C:\Windows\SysWOW64\wintrust.dll
11:17:24.0714 4040 C:\Windows\SysWOW64\wintrust.dll - ok
11:17:24.0714 4040 [ A543AC1F7138376D778D630A35FCBC4C ] C:\Windows\SysWOW64\psapi.dll
11:17:24.0714 4040 C:\Windows\SysWOW64\psapi.dll - ok
11:17:24.0792 4040 [ 5FF89F20317309D28AC1EDEB0CD1BA72 ] C:\Windows\System32\drivers\NisDrvWFP.sys
11:17:24.0792 4040 C:\Windows\System32\drivers\NisDrvWFP.sys - ok
11:17:24.0792 4040 [ 3AEAA8B561E63452C655DC0584922257 ] C:\Windows\System32\pcasvc.dll
11:17:24.0792 4040 C:\Windows\System32\pcasvc.dll - ok
11:17:24.0807 4040 [ 68769C3356B3BE5D1C732C97B9A80D6E ] C:\Windows\System32\drivers\PEAuth.sys
11:17:24.0807 4040 C:\Windows\System32\drivers\PEAuth.sys - ok
11:17:24.0823 4040 [ 3EA8A16169C26AFBEB544E0E48421186 ] C:\Windows\System32\drivers\secdrv.sys
11:17:24.0823 4040 C:\Windows\System32\drivers\secdrv.sys - ok
11:17:24.0839 4040 [ 1727B2A2F379A32B864C096FA794AADC ] C:\Windows\System32\aepic.dll
11:17:24.0839 4040 C:\Windows\System32\aepic.dll - ok
11:17:24.0854 4040 [ 27E461F0BE5BFF5FC737328F749538C3 ] C:\Windows\System32\drivers\srvnet.sys
11:17:24.0854 4040 C:\Windows\System32\drivers\srvnet.sys - ok
11:17:24.0870 4040 [ C6DCD1D11ED6827F05C00773C3E7053C ] C:\Windows\System32\sfc.dll
11:17:24.0870 4040 C:\Windows\System32\sfc.dll - ok
11:17:24.0885 4040 [ 895C9AB0A855547445C4181195230757 ] C:\Windows\System32\sfc_os.dll
11:17:24.0885 4040 C:\Windows\System32\sfc_os.dll - ok
11:17:24.0885 4040 [ 8DD52E8E6128F4B2DA92CE27402871C1 ] C:\Windows\System32\wiaservc.dll
11:17:24.0885 4040 C:\Windows\System32\wiaservc.dll - ok
11:17:24.0901 4040 [ 1B16D0BD9841794A6E0CDE0CEF744ABC ] C:\Windows\System32\drivers\tcpipreg.sys
11:17:24.0901 4040 C:\Windows\System32\drivers\tcpipreg.sys - ok
11:17:24.0917 4040 [ BF9CCC0BF39B418C8D0AE8B05CF95B7D ] C:\Windows\System32\sysmain.dll
11:17:24.0917 4040 C:\Windows\System32\sysmain.dll - ok
11:17:24.0932 4040 [ 77B5035BC6EDF4D1B6265391AECEE4C0 ] C:\Windows\System32\vpnikeapi.dll
11:17:24.0932 4040 C:\Windows\System32\vpnikeapi.dll - ok
11:17:24.0948 4040 [ 0364256B4A2A93A8C8CDA6B3B5A0EFF5 ] C:\Windows\System32\wiatrace.dll
11:17:24.0948 4040 C:\Windows\System32\wiatrace.dll - ok
11:17:24.0979 4040 [ C67F8A962B2534224D5908D16D2AD3CE ] C:\Windows\System32\wfapigp.dll
11:17:24.0979 4040 C:\Windows\System32\wfapigp.dll - ok
11:17:24.0995 4040 [ 1834B31C749B86DAC233BBBA1C03BC48 ] C:\Windows\System32\mscms.dll
11:17:24.0995 4040 C:\Windows\System32\mscms.dll - ok
11:17:25.0010 4040 [ 6313F223E817CC09AA41811DAA7F541D ] C:\Windows\System32\snmptrap.exe
11:17:25.0010 4040 C:\Windows\System32\snmptrap.exe - ok
11:17:25.0026 4040 [ 8AD77806D336673F270DB31645267293 ] C:\Windows\System32\nlasvc.dll
11:17:25.0026 4040 C:\Windows\System32\nlasvc.dll - ok
11:17:25.0026 4040 [ 0B4734AE9EC70B843DF02E7B1C056377 ] C:\Windows\System32\ThpSrv.exe
11:17:25.0026 4040 C:\Windows\System32\ThpSrv.exe - ok
11:17:25.0041 4040 [ D4FAC263861BAE06971C7F7D0A8EBF15 ] C:\Windows\System32\ncsi.dll
11:17:25.0041 4040 C:\Windows\System32\ncsi.dll - ok
11:17:25.0057 4040 [ 58F4493BF748A3A89689997B7BD00E95 ] C:\Windows\System32\winhttp.dll
11:17:25.0057 4040 C:\Windows\System32\winhttp.dll - ok
11:17:25.0073 4040 [ 10EAB90C1AE8271B5FE5A8930987EE5C ] C:\Program Files\Windows Live\Mesh\WLRemoteServiceResource.dll
11:17:25.0073 4040 C:\Program Files\Windows Live\Mesh\WLRemoteServiceResource.dll - ok
11:17:25.0088 4040 [ 603EBD34E216C5654A2D774EAC98D278 ] C:\Windows\System32\webio.dll
11:17:25.0088 4040 C:\Windows\System32\webio.dll - ok
11:17:25.0104 4040 [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB ] C:\Windows\System32\sstpsvc.dll
11:17:25.0104 4040 C:\Windows\System32\sstpsvc.dll - ok
11:17:25.0104 4040 [ 908ACB1F594274965A53926B10C81E89 ] C:\Windows\System32\provsvc.dll
11:17:25.0119 4040 C:\Windows\System32\provsvc.dll - ok
11:17:25.0119 4040 [ 2BBF3FDB70B8965DFA0258CBAB41ECCE ] C:\Windows\System32\ssdpapi.dll
11:17:25.0119 4040 C:\Windows\System32\ssdpapi.dll - ok
11:17:25.0135 4040 [ BCEA9AB347E53BC03B2E36BE0B8BA0EF ] C:\Windows\System32\httpapi.dll
11:17:25.0135 4040 C:\Windows\System32\httpapi.dll - ok
11:17:25.0151 4040 [ 8E2C799D3476EAC32C3BA0DF7CE6AF19 ] C:\Windows\System32\TODDSrv.exe
11:17:25.0151 4040 C:\Windows\System32\TODDSrv.exe - ok
11:17:25.0166 4040 [ 1C73689B900428C7D054A41C4687F55C ] C:\Program Files\TOSHIBA\Power Saver\TosCoSrv.exe
11:17:25.0166 4040 C:\Program Files\TOSHIBA\Power Saver\TosCoSrv.exe - ok
11:17:25.0182 4040 [ 3EAE925DCD7D2704982BBCA4DC7EAE7E ] C:\Program Files\TOSHIBA\Power Saver\TPwrReg.dll
11:17:25.0182 4040 C:\Program Files\TOSHIBA\Power Saver\TPwrReg.dll - ok
11:17:25.0197 4040 [ D1103CFC8D7EA09ED22536EC301603F9 ] C:\Program Files\TOSHIBA\Power Saver\TPwrFunc.dll
11:17:25.0197 4040 C:\Program Files\TOSHIBA\Power Saver\TPwrFunc.dll - ok
11:17:25.0213 4040 [ DF5246F51E8557E20D40B3641CAE57B7 ] C:\Program Files\TOSHIBA\Power Saver\TtosFunc.dll
11:17:25.0213 4040 C:\Program Files\TOSHIBA\Power Saver\TtosFunc.dll - ok
11:17:25.0229 4040 [ 58A0CDABEA255616827B1C22C9994466 ] C:\Windows\System32\NapiNSP.dll
11:17:25.0229 4040 C:\Windows\System32\NapiNSP.dll - ok
11:17:25.0229 4040 [ 613C8CE10A5FDE582BA5FA64C4D56AAA ] C:\Windows\System32\pnrpnsp.dll
11:17:25.0229 4040 C:\Windows\System32\pnrpnsp.dll - ok
11:17:25.0260 4040 [ 0015ACFBBDD164A8A730009908868CA7 ] C:\Windows\System32\winspool.drv
11:17:25.0260 4040 C:\Windows\System32\winspool.drv - ok
11:17:25.0275 4040 [ 2BACD71123F42CEA603F4E205E1AE337 ] C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
11:17:25.0275 4040 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE - ok
11:17:25.0291 4040 [ 7E7AFD841694F6AC397E99D75CEAD49D ] C:\Windows\System32\trkwks.dll
11:17:25.0291 4040 C:\Windows\System32\trkwks.dll - ok
11:17:25.0291 4040 [ B837D1528CE2E3CB79F09496BC08DDC6 ] C:\Windows\System32\SensApi.dll
11:17:25.0291 4040 C:\Windows\System32\SensApi.dll - ok
11:17:25.0307 4040 [ 93812FDC01AA864195816CD814445F95 ] C:\Program Files\Common Files\Microsoft Shared\Windows Live\SQMAPI.DLL
11:17:25.0307 4040 C:\Program Files\Common Files\Microsoft Shared\Windows Live\SQMAPI.DLL - ok
11:17:25.0322 4040 [ 9689A9C7F7C2A1A423CDA2C3B43FFF65 ] C:\Windows\System32\wer.dll
11:17:25.0322 4040 C:\Windows\System32\wer.dll - ok
11:17:25.0338 4040 [ 19B07E7E8915D701225DA41CB3877306 ] C:\Windows\System32\wbem\WMIsvc.dll
11:17:25.0338 4040 C:\Windows\System32\wbem\WMIsvc.dll - ok
11:17:25.0353 4040 [ B4ADEBBF5E3677CCE9651E0F01F7CC28 ] C:\Windows\System32\drivers\srv2.sys
11:17:25.0353 4040 C:\Windows\System32\drivers\srv2.sys - ok
11:17:25.0369 4040 [ 7DB5AA22A8A8E5C2D335F44853C1F6DE ] C:\Windows\System32\wbemcomn.dll
11:17:25.0369 4040 C:\Windows\System32\wbemcomn.dll - ok
11:17:25.0385 4040 [ 08C2957BB30058E663720C5606885653 ] C:\Windows\System32\iphlpsvc.dll
11:17:25.0385 4040 C:\Windows\System32\iphlpsvc.dll - ok
11:17:25.0400 4040 [ 0C52762C606BCF6A377D5E4688191A6B ] C:\Windows\System32\wbem\WmiDcPrv.dll
11:17:25.0400 4040 C:\Windows\System32\wbem\WmiDcPrv.dll - ok
11:17:25.0416 4040 [ 441FBA48BFF01FDB9D5969EBC1838F0B ] C:\Windows\System32\drivers\srv.sys
11:17:25.0416 4040 C:\Windows\System32\drivers\srv.sys - ok
11:17:25.0416 4040 [ 27B9E163740A226B65E4B9E186117911 ] C:\Windows\System32\sqmapi.dll
11:17:25.0416 4040 C:\Windows\System32\sqmapi.dll - ok
11:17:25.0431 4040 [ 7B38D7916A7CD058C16A0A6CA5077901 ] C:\Windows\System32\wdscore.dll
11:17:25.0431 4040 C:\Windows\System32\wdscore.dll - ok
11:17:25.0447 4040 [ 0255C22D99602534F15CBB8D9B6F152F ] C:\Windows\System32\wbem\WinMgmtR.dll
11:17:25.0447 4040 C:\Windows\System32\wbem\WinMgmtR.dll - ok
11:17:25.0463 4040 [ 05F5A0D14A2EE1D8255C2AA0E9E8E694 ] C:\Windows\System32\browser.dll
11:17:25.0463 4040 C:\Windows\System32\browser.dll - ok
11:17:25.0478 4040 [ D9F42719019740BAA6D1C6D536CBDAA6 ] C:\Windows\System32\srvsvc.dll
11:17:25.0478 4040 C:\Windows\System32\srvsvc.dll - ok
11:17:25.0494 4040 [ CFEFA40DDE34659BE5211966EAD86437 ] C:\Windows\System32\netmsg.dll
11:17:25.0494 4040 C:\Windows\System32\netmsg.dll - ok
11:17:25.0509 4040 [ 81749E073AC5857B044A686B406E5244 ] C:\Windows\System32\clusapi.dll
11:17:25.0509 4040 C:\Windows\System32\clusapi.dll - ok
11:17:25.0525 4040 [ FF80CAD87555E8E4D2CFD7B9058343F8 ] C:\Windows\System32\sscore.dll
11:17:25.0525 4040 C:\Windows\System32\sscore.dll - ok
11:17:25.0541 4040 [ A3F5E8EC1316C3E2562B82694A251C9E ] C:\Windows\System32\wbem\fastprox.dll
11:17:25.0541 4040 C:\Windows\System32\wbem\fastprox.dll - ok
11:17:25.0541 4040 [ 344FCC9850C3A8A3B4D3C65151AF8E4C ] C:\Windows\System32\resutils.dll
11:17:25.0541 4040 C:\Windows\System32\resutils.dll - ok
11:17:25.0572 4040 [ EE26D130808D16C0E417BBBED0451B34 ] C:\Windows\System32\ntdsapi.dll
11:17:25.0572 4040 C:\Windows\System32\ntdsapi.dll - ok
11:17:25.0587 4040 [ 582AC6D9873E31DFA28A4547270862DD ] C:\Windows\System32\QAGENTRT.DLL
11:17:25.0587 4040 C:\Windows\System32\QAGENTRT.DLL - ok
11:17:25.0587 4040 [ 3B367397320C26DBA890B260F80D1B1B ] C:\Windows\System32\hnetcfg.dll
11:17:25.0587 4040 C:\Windows\System32\hnetcfg.dll - ok
11:17:25.0603 4040 [ 666A60F6F5E719856FF6254E0966EFF7 ] C:\Windows\System32\wbem\wbemprox.dll
11:17:25.0603 4040 C:\Windows\System32\wbem\wbemprox.dll - ok
11:17:25.0619 4040 [ 506A83A3BEEE9FCA09F0170DE9FC7D1B ] C:\Windows\System32\fveui.dll
11:17:25.0619 4040 C:\Windows\System32\fveui.dll - ok
11:17:25.0634 4040 [ 5EB55F661DEBF156E126160BCD4D89F8 ] C:\Windows\System32\wbem\wbemcore.dll
11:17:25.0634 4040 C:\Windows\System32\wbem\wbemcore.dll - ok
11:17:25.0650 4040 [ CA9E3BD4752FA2C084F5CD35FD8D0025 ] C:\Program Files\Microsoft Security Client\MsseWat.dll
11:17:25.0650 4040 C:\Program Files\Microsoft Security Client\MsseWat.dll - ok
11:17:25.0650 4040 [ B6D6886149573278CBA6ABD44C4317F5 ] C:\Windows\System32\slwga.dll
11:17:25.0650 4040 C:\Windows\System32\slwga.dll - ok
11:17:25.0665 4040 [ DB76DB15EFC6E4D1153A6C5BC895948D ] C:\Windows\System32\sppc.dll
11:17:25.0665 4040 C:\Windows\System32\sppc.dll - ok
11:17:25.0681 4040 [ 087D8668C71634A3A3761135ABF16EEE ] C:\Windows\System32\wbem\esscli.dll
11:17:25.0681 4040 C:\Windows\System32\wbem\esscli.dll - ok
11:17:25.0697 4040 [ 718B6F51AB7F6FE2988A36868F9AD3AB ] C:\Windows\System32\wbem\wbemsvc.dll
11:17:25.0697 4040 C:\Windows\System32\wbem\wbemsvc.dll - ok
11:17:25.0728 4040 [ 0143DB80DACFB7C2B5B7009ED9063353 ] C:\Windows\System32\wbem\wmiutils.dll
11:17:25.0728 4040 C:\Windows\System32\wbem\wmiutils.dll - ok
11:17:25.0743 4040 [ 0AB34456654C283DAA13B8D2BA21439B ] C:\Windows\System32\wbem\repdrvfs.dll
11:17:25.0743 4040 C:\Windows\System32\wbem\repdrvfs.dll - ok
11:17:25.0759 4040 [ 50544D04AD845C43130B70212EC05CCD ] C:\Windows\System32\microsoft-windows-kernel-power-events.dll
11:17:25.0759 4040 C:\Windows\System32\microsoft-windows-kernel-power-events.dll - ok
11:17:25.0775 4040 [ DA6B67270FD9DB3697B20FCE94950741 ] C:\Windows\System32\drivers\fltMgr.sys
11:17:25.0775 4040 C:\Windows\System32\drivers\fltMgr.sys - ok
11:17:25.0790 4040 [ A3DB3C17EE6CAE65D53602B4E80BCCBC ] C:\Windows\System32\PSHED.DLL
11:17:25.0790 4040 C:\Windows\System32\PSHED.DLL - ok
11:17:25.0806 4040 [ AFB5B500AD69E24ED1BC15D1161641EF ] C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL
11:17:25.0806 4040 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL - ok
11:17:25.0821 4040 [ 88351B29B622B30962D2FEB6CA8D860B ] C:\Windows\System32\rasadhlp.dll
11:17:25.0821 4040 C:\Windows\System32\rasadhlp.dll - ok
11:17:25.0884 4040 [ 45CFBFA8EDC3DF4E2B7FB0D0260FE051 ] C:\Windows\System32\localspl.dll
11:17:25.0884 4040 C:\Windows\System32\localspl.dll - ok
11:17:25.0899 4040 [ B0945E538CF906BBDDC5A11C8EE868CC ] C:\Windows\System32\microsoft-windows-kernel-processor-power-events.dll
11:17:25.0899 4040 C:\Windows\System32\microsoft-windows-kernel-processor-power-events.dll - ok
11:17:25.0915 4040 [ 3285481F5C12305CA104A6C493CA5A0B ] C:\Windows\System32\spoolss.dll
11:17:25.0915 4040 C:\Windows\System32\spoolss.dll - ok
11:17:25.0915 4040 [ C5AC93CF3BA30D367FB49148A2B673B9 ] C:\Windows\System32\PrintIsolationProxy.dll
11:17:25.0915 4040 C:\Windows\System32\PrintIsolationProxy.dll - ok
11:17:25.0931 4040 [ DDD0357A92FA843EFF8915ED17253D6C ] C:\Windows\System32\wbem\WmiPrvSD.dll
11:17:25.0931 4040 C:\Windows\System32\wbem\WmiPrvSD.dll - ok
11:17:25.0946 4040 [ D41FEBD098234F02485A4EA98D4730A4 ] C:\Windows\System32\ncobjapi.dll
11:17:25.0946 4040 C:\Windows\System32\ncobjapi.dll - ok
11:17:25.0962 4040 [ 6F40D6FB05E0C1E5402812B426971AF0 ] C:\Windows\System32\wbem\wbemess.dll
11:17:25.0962 4040 C:\Windows\System32\wbem\wbemess.dll - ok
11:17:25.0977 4040 [ 079FD1D59EAD19270C979AF174D881A3 ] C:\ProgramData\Microsoft\IdentityCRL\production\ppcrlconfig600.dll
11:17:25.0977 4040 C:\ProgramData\Microsoft\IdentityCRL\production\ppcrlconfig600.dll - ok
11:17:25.0993 4040 [ 210FCACAF902B2CD47CF9FD17D846146 ] C:\Windows\System32\aeevts.dll
11:17:25.0993 4040 C:\Windows\System32\aeevts.dll - ok
11:17:26.0040 4040 [ 0B2D65FDDE31069299AA6330F359FF9C ] C:\Windows\System32\msxml3.dll
11:17:26.0040 4040 C:\Windows\System32\msxml3.dll - ok
11:17:26.0055 4040 [ B2DFFEA8FB6B8DA0501F53C9F2112612 ] C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{CECC474C-1D3E-48FD-82F4-D5E8B47747BF}\offreg.dll
11:17:26.0055 4040 C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{CECC474C-1D3E-48FD-82F4-D5E8B47747BF}\offreg.dll - ok
11:17:26.0071 4040 [ 19E41CCCEE697CC9465396B370929792 ] C:\Windows\System32\FXSMON.dll
11:17:26.0071 4040 C:\Windows\System32\FXSMON.dll - ok
11:17:26.0071 4040 [ 5F552F1DD619482E9F37A17914B0B5CD ] C:\Windows\System32\KMPJL64.DLL
11:17:26.0071 4040 C:\Windows\System32\KMPJL64.DLL - ok
11:17:26.0087 4040 [ 32A3C8600AF124CBAAD845F13CFAE3CB ] C:\Windows\System32\tcpmon.dll
11:17:26.0087 4040 C:\Windows\System32\tcpmon.dll - ok
11:17:26.0102 4040 [ 2A46FFE841EC43001D5A293A54DB34DE ] C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
11:17:26.0102 4040 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE - ok
11:17:26.0118 4040 [ 93518C6EDE0B61BCBD02BDB02BD05FEE ] C:\Windows\System32\snmpapi.dll
11:17:26.0118 4040 C:\Windows\System32\snmpapi.dll - ok
11:17:26.0133 4040 [ FFF9D00CF16397C64317F213484F94BD ] C:\Windows\System32\wsnmp32.dll
11:17:26.0133 4040 C:\Windows\System32\wsnmp32.dll - ok
11:17:26.0165 4040 [ DF72A9936D0C3F517083119648814B09 ] C:\Windows\System32\usbmon.dll
11:17:26.0165 4040 C:\Windows\System32\usbmon.dll - ok
11:17:26.0180 4040 [ A1D7E3ADCDB07DDB6F423862DCB1A52B ] C:\Windows\System32\WSDMon.dll
11:17:26.0180 4040 C:\Windows\System32\WSDMon.dll - ok
11:17:26.0211 4040 [ 4581716B4BF76ACFD8E167EB0B26D82A ] C:\Windows\System32\fdPnp.dll
11:17:26.0211 4040 C:\Windows\System32\fdPnp.dll - ok
11:17:26.0227 4040 [ 1D626FE2E13C1CE49CA0136CFF214E93 ] C:\Windows\System32\spool\prtprocs\x64\winprint.dll
11:17:26.0227 4040 C:\Windows\System32\spool\prtprocs\x64\winprint.dll - ok
11:17:26.0227 4040 [ A8EDB86FC2A4D6D1285E4C70384AC35A ] C:\Windows\System32\dllhost.exe
11:17:26.0227 4040 C:\Windows\System32\dllhost.exe - ok
11:17:26.0243 4040 [ 548CB980D7876E207CC9F8B60C1587A3 ] C:\Windows\System32\win32spl.dll
11:17:26.0243 4040 C:\Windows\System32\win32spl.dll - ok
11:17:26.0258 4040 [ 507D5567A0A4EE86C4B0CE2CE1777025 ] C:\Windows\System32\inetpp.dll
11:17:26.0258 4040 C:\Windows\System32\inetpp.dll - ok
11:17:26.0274 4040 [ 1BF0CB861A48FEB1638228760750F3CB ] C:\Windows\System32\cscapi.dll
11:17:26.0274 4040 C:\Windows\System32\cscapi.dll - ok
11:17:26.0289 4040 [ 14DFDEAF4E589ED3F1FF187A86B9408C ] C:\Windows\winsxs\amd64_microsoft.windows.common-controls_6595b64144ccf1df_5.82.7601.17514_none_a4d6a923711520a9\comctl32.dll
11:17:26.0289 4040 C:\Windows\winsxs\amd64_microsoft.windows.common-controls_6595b64144ccf1df_5.82.7601.17514_none_a4d6a923711520a9\comctl32.dll - ok
11:17:26.0305 4040 [ 79E80B10FE8F6662E0C9162A68C43444 ] C:\Program Files\Microsoft Security Client\NisSrv.exe
11:17:26.0305 4040 C:\Program Files\Microsoft Security Client\NisSrv.exe - ok
11:17:26.0321 4040 [ BF1FC3F79B863C914687A737C2F3D681 ] C:\Windows\System32\wdi.dll
11:17:26.0321 4040 C:\Windows\System32\wdi.dll - ok
11:17:26.0336 4040 [ 2DF29664ED261F0FC448E58F338F0671 ] C:\Windows\System32\mprapi.dll
11:17:26.0336 4040 C:\Windows\System32\mprapi.dll - ok
11:17:26.0336 4040 [ 79AFFC7FEEA9CD2FEFEA5EF3B631A02C ] C:\Windows\System32\ndiscapCfg.dll
11:17:26.0336 4040 C:\Windows\System32\ndiscapCfg.dll - ok
11:17:26.0352 4040 [ 3D6AF45673C4B31CDECD7F80AF09D443 ] C:\Windows\System32\rascfg.dll
11:17:26.0352 4040 C:\Windows\System32\rascfg.dll - ok
11:17:26.0367 4040 [ 1CF21800E337F4039AAD4C94B4280EE4 ] C:\Windows\System32\mprmsg.dll
11:17:26.0367 4040 C:\Windows\System32\mprmsg.dll - ok
11:17:26.0399 4040 [ F7073C962C4FB7C415565DDE109DE49F ] C:\Windows\System32\npmproxy.dll
11:17:26.0399 4040 C:\Windows\System32\npmproxy.dll - ok
11:17:26.0399 4040 [ 132045285DCC8654C14F1CFB4A8DCDA1 ] C:\Program Files\Microsoft Security Client\NisLog.dll
11:17:26.0399 4040 C:\Program Files\Microsoft Security Client\NisLog.dll - ok
11:17:26.0414 4040 [ 2E2072EB48238FCA8FBB7A9F5FABAC45 ] C:\Windows\System32\winrnr.dll
11:17:26.0414 4040 C:\Windows\System32\winrnr.dll - ok
11:17:26.0430 4040 [ 55DE45B116711881C852D2841E4C84DD ] C:\Windows\System32\tcpipcfg.dll
11:17:26.0430 4040 C:\Windows\System32\tcpipcfg.dll - ok
11:17:26.0445 4040 [ A0A2C1D812C231C9BFE119FDC68E341B ] C:\Windows\System32\IDStore.dll
11:17:26.0445 4040 C:\Windows\System32\IDStore.dll - ok
11:17:26.0461 4040 [ BD9EB3958F213F96B97B1D897DEE006D ] C:\Windows\System32\hidserv.dll
11:17:26.0461 4040 C:\Windows\System32\hidserv.dll - ok
11:17:26.0477 4040 [ 517110BD83835338C037269E603DB55D ] C:\Windows\System32\taskhost.exe
11:17:26.0477 4040 C:\Windows\System32\taskhost.exe - ok
11:17:26.0492 4040 [ 93221146D4EBBF314C29B23CD6CC391D ] C:\Windows\System32\wpdbusenum.dll
11:17:26.0492 4040 C:\Windows\System32\wpdbusenum.dll - ok
11:17:26.0508 4040 [ 4F15D75ADF6156BF56ECED6D4A55C389 ] C:\Windows\System32\IPSECSVC.DLL
11:17:26.0508 4040 C:\Windows\System32\IPSECSVC.DLL - ok
11:17:26.0523 4040 [ E64D9EC8018C55873B40FDEE9DBEF5B3 ] C:\Windows\System32\PortableDeviceApi.dll
11:17:26.0523 4040 C:\Windows\System32\PortableDeviceApi.dll - ok
11:17:26.0523 4040 [ D8DAD1E59B580BE2F5C079BCCE33EA96 ] C:\Windows\System32\KBDKOR.DLL
11:17:26.0539 4040 C:\Windows\System32\KBDKOR.DLL - ok
11:17:26.0539 4040 [ 4F5A3681A762FBCCC5A02D2DB3A04A79 ] C:\Windows\System32\kbd101a.dll
11:17:26.0539 4040 C:\Windows\System32\kbd101a.dll - ok
11:17:26.0555 4040 [ 06F85BA017A3D9B955AC7A00525ACF6B ] C:\Windows\System32\kbd103.dll
11:17:26.0555 4040 C:\Windows\System32\kbd103.dll - ok
11:17:26.0570 4040 [ 9BC93C9ACFA34DB5A41B89357B31E4ED ] C:\Windows\System32\FwRemoteSvr.dll
11:17:26.0570 4040 C:\Windows\System32\FwRemoteSvr.dll - ok
11:17:26.0586 4040 [ BF4AC709BE5BF64F331F5D67773A0C82 ] C:\Windows\System32\perftrack.dll
11:17:26.0586 4040 C:\Windows\System32\perftrack.dll - ok
11:17:26.0601 4040 [ E1B22739C933BE33F53DB58C5393ADD3 ] C:\Windows\System32\Apphlpdm.dll
11:17:26.0601 4040 C:\Windows\System32\Apphlpdm.dll - ok
11:17:26.0617 4040 [ 9719E3D834F5C8C43F56A93DFA497023 ] C:\Windows\System32\pnpts.dll
11:17:26.0617 4040 C:\Windows\System32\pnpts.dll - ok
11:17:26.0633 4040 [ 65EA57712340C09B1B0C427B4848AE05 ] C:\Windows\System32\taskeng.exe
11:17:26.0633 4040 C:\Windows\System32\taskeng.exe - ok
11:17:26.0648 4040 [ E811F8510B133E70CF6E509FB809824F ] C:\Windows\System32\wdiasqmmodule.dll
11:17:26.0648 4040 C:\Windows\System32\wdiasqmmodule.dll - ok
11:17:26.0664 4040 [ F24F083224944042B1F3CF5B7A1BA1EE ] C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{3E01AC73-0CC1-4029-B7D5-9C1244535750}\gapaengine.dll
11:17:26.0664 4040 C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{3E01AC73-0CC1-4029-B7D5-9C1244535750}\gapaengine.dll - ok
11:17:26.0695 4040 [ 94EEAC26F57811BD1AEFC164412F7FCE ] C:\Windows\System32\PlaySndSrv.dll
11:17:26.0695 4040 C:\Windows\System32\PlaySndSrv.dll - ok
11:17:26.0711 4040 [ 5527767F1ADD169320020321EEBA581E ] C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{3E01AC73-0CC1-4029-B7D5-9C1244535750}\nisfull.vdm
11:17:26.0711 4040 C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{3E01AC73-0CC1-4029-B7D5-9C1244535750}\nisfull.vdm - ok
11:17:26.0726 4040 [ 23566F9723771108D2E6CD768AC27407 ] C:\Windows\System32\AtBroker.exe
11:17:26.0726 4040 C:\Windows\System32\AtBroker.exe - ok
11:17:26.0742 4040 [ 1F1CA9E99DD5BF918BE0BF30B5A42FDA ] C:\Windows\System32\MsCtfMonitor.dll
11:17:26.0742 4040 C:\Windows\System32\MsCtfMonitor.dll - ok
11:17:26.0757 4040 [ F09A9A1AD21FE618C4C8B0A0D830C886 ] C:\Windows\System32\msutb.dll
11:17:26.0757 4040 C:\Windows\System32\msutb.dll - ok
11:17:26.0773 4040 [ AFA79C343F9D1555F7E5D5FA70BB2A14 ] C:\Windows\System32\PortableDeviceConnectApi.dll
11:17:26.0773 4040 C:\Windows\System32\PortableDeviceConnectApi.dll - ok
11:17:26.0773 4040 [ 6CEF7856A3EFAC59470F6208F0F585CE ] C:\Windows\System32\mpr.dll
11:17:26.0773 4040 C:\Windows\System32\mpr.dll - ok
11:17:26.0789 4040 [ 9BB99503D6A4DD62569EDE9E5E2672A5 ] C:\Windows\System32\HotStartUserAgent.dll
11:17:26.0789 4040 C:\Windows\System32\HotStartUserAgent.dll - ok
11:17:26.0804 4040 [ E629F1A051C82795DDFFD3E8D4855811 ] C:\Windows\System32\dimsjob.dll
11:17:26.0804 4040 C:\Windows\System32\dimsjob.dll - ok
11:17:26.0820 4040 [ BAFE84E637BF7388C96EF48D4D3FDD53 ] C:\Windows\System32\userinit.exe
11:17:26.0820 4040 C:\Windows\System32\userinit.exe - ok
11:17:26.0835 4040 [ F162D5F5E845B9DC352DD1BAD8CEF1BC ] C:\Windows\System32\dwm.exe
11:17:26.0835 4040 C:\Windows\System32\dwm.exe - ok
11:17:26.0851 4040 [ F11A57E91FDAECFB41A5CB21EB1EBC8E ] C:\Windows\System32\dssenh.dll
11:17:26.0851 4040 C:\Windows\System32\dssenh.dll - ok
11:17:26.0867 4040 [ FCFCD1101C5DA23B4B95F93D02B2C169 ] C:\Windows\System32\dwmredir.dll
11:17:26.0867 4040 C:\Windows\System32\dwmredir.dll - ok
11:17:26.0882 4040 [ 4BA77A5EF71C14C764B0ED4701683E3E ] C:\Windows\System32\dwmcore.dll
11:17:26.0882 4040 C:\Windows\System32\dwmcore.dll - ok
11:17:26.0882 4040 [ 332FEAB1435662FC6C672E25BEB37BE3 ] C:\Windows\explorer.exe
11:17:26.0882 4040 C:\Windows\explorer.exe - ok
11:17:26.0898 4040 [ E1374D37477322D4956604711008C69D ] C:\Windows\System32\d3d10_1.dll
11:17:26.0898 4040 C:\Windows\System32\d3d10_1.dll - ok
11:17:26.0913 4040 [ EED05D42D91835064703E2318552ED25 ] C:\Windows\System32\ExplorerFrame.dll
11:17:26.0913 4040 C:\Windows\System32\ExplorerFrame.dll - ok
11:17:26.0929 4040 [ 426BA4E737A7988FD1202AF2F2B2F4A6 ] C:\Windows\System32\d3d10_1core.dll
11:17:26.0929 4040 C:\Windows\System32\d3d10_1core.dll - ok
11:17:26.0945 4040 [ F404E59DB6A0F122AB26BF4F3E2FD0FA ] C:\Windows\System32\dxgi.dll
11:17:26.0945 4040 C:\Windows\System32\dxgi.dll - ok
11:17:26.0960 4040 [ 35CB97CBC3EDC463418ED4997AAB29B6 ] C:\Windows\System32\pautoenr.dll
11:17:26.0960 4040 C:\Windows\System32\pautoenr.dll - ok
11:17:26.0960 4040 [ ADF3E771F429940E762AC097F5A54EAF ] C:\Program Files\Windows Defender\MpClient.dll
11:17:26.0960 4040 C:\Program Files\Windows Defender\MpClient.dll - ok
11:17:26.0976 4040 [ FEB91B4DA0D540865260A33838654FA3 ] C:\Windows\System32\nci.dll
11:17:26.0976 4040 C:\Windows\System32\nci.dll - ok
11:17:26.0991 4040 [ AC0C9CEA1218DAB1994AF8B28E680BD9 ] C:\Windows\System32\wlaninst.dll
11:17:26.0991 4040 C:\Windows\System32\wlaninst.dll - ok
11:17:27.0007 4040 [ 5A406C9C8E0880D3EABADC5DFD1ACDAE ] C:\Windows\System32\wwaninst.dll
11:17:27.0007 4040 C:\Windows\System32\wwaninst.dll - ok
11:17:27.0023 4040 [ 94DFBB481BF51158B216E23C5C1C9D6E ] C:\Windows\System32\certcli.dll
11:17:27.0023 4040 C:\Windows\System32\certcli.dll - ok
11:17:27.0038 4040 [ 263B26106606A010CF877472B535E4BB ] C:\Windows\System32\CertEnroll.dll
11:17:27.0038 4040 C:\Windows\System32\CertEnroll.dll - ok
11:17:27.0054 4040 [ B4AC3953C16443158DCA772F187DF92C ] C:\Windows\System32\aticfx64.dll
11:17:27.0054 4040 C:\Windows\System32\aticfx64.dll - ok
11:17:27.0069 4040 [ DD81D91FF3B0763C392422865C9AC12E ] C:\Windows\System32\rundll32.exe
11:17:27.0069 4040 C:\Windows\System32\rundll32.exe - ok
11:17:27.0085 4040 [ 1D8FF340333F3D023668467574523FCF ] C:\Windows\System32\atiuxp64.dll
11:17:27.0085 4040 C:\Windows\System32\atiuxp64.dll - ok
11:17:27.0085 4040 [ 024352FEEC9042260BB4CFB4D79A206B ] C:\Windows\System32\EhStorShell.dll
11:17:27.0085 4040 C:\Windows\System32\EhStorShell.dll - ok
11:17:27.0101 4040 [ 9E8CFD920F2D542FA9FE9FBD142C2B0A ] C:\Windows\System32\atidxx64.dll
11:17:27.0101 4040 C:\Windows\System32\atidxx64.dll - ok
11:17:27.0116 4040 [ 037A719DAD50603202C978CD802623E4 ] C:\Windows\System32\ntshrui.dll
11:17:27.0116 4040 C:\Windows\System32\ntshrui.dll - ok
11:17:27.0132 4040 [ 805A52C5AE26C28E88FDD9BCCFE6F312 ] C:\Windows\System32\TSChannel.dll
11:17:27.0132 4040 C:\Windows\System32\TSChannel.dll - ok
11:17:27.0147 4040 [ E6F0F82788E8BD0F7A616350EFA0761C ] C:\Windows\System32\actxprxy.dll
11:17:27.0147 4040 C:\Windows\System32\actxprxy.dll - ok
11:17:27.0163 4040 [ 1D63F4366288B8A7595397E27010FD44 ] C:\Windows\System32\IconCodecService.dll
11:17:27.0163 4040 C:\Windows\System32\IconCodecService.dll - ok
11:17:27.0210 4040 [ 3977D4A871CA0D4F2ED1E7DB46829731 ] C:\Windows\System32\appinfo.dll
11:17:27.0210 4040 C:\Windows\System32\appinfo.dll - ok
11:17:27.0225 4040 [ 49E5753D923F1AC63B22D3DCB0B47E00 ] C:\Windows\System32\uDWM.dll
11:17:27.0225 4040 C:\Windows\System32\uDWM.dll - ok
11:17:27.0241 4040 [ 025E7DBDB98866ED3CB2D4DDA70B364D ] C:\Windows\System32\runonce.exe
11:17:27.0241 4040 C:\Windows\System32\runonce.exe - ok
11:17:27.0257 4040 [ F02A533F517EB38333CB12A9E8963773 ] C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
11:17:27.0257 4040 C:\Program Files (x86)\Google\Update\GoogleUpdate.exe - ok
11:17:27.0272 4040 [ D44741F65A1D71F65814A12CF6E2400A ] C:\Windows\SysWOW64\runonce.exe
11:17:27.0272 4040 C:\Windows\SysWOW64\runonce.exe - ok
11:17:27.0288 4040 [ 9FF47CD8A3787C8FD3CDFE40441C722E ] C:\Program Files (x86)\Google\Update\1.3.21.123\goopdate.dll
11:17:27.0288 4040 C:\Program Files (x86)\Google\Update\1.3.21.123\goopdate.dll - ok
11:17:27.0303 4040 [ 352B3DC62A0D259A82A052238425C872 ] C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2\comctl32.dll
11:17:27.0303 4040 C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2\comctl32.dll - ok
11:17:27.0319 4040 [ 2FCA0D2C59A855C54BAFA22AA329DF0F ] C:\Windows\SysWOW64\netapi32.dll
11:17:27.0319 4040 C:\Windows\SysWOW64\netapi32.dll - ok
11:17:27.0319 4040 [ 20B3934DB73EABA2B49B7177873CB81F ] C:\Windows\SysWOW64\netutils.dll
11:17:27.0319 4040 C:\Windows\SysWOW64\netutils.dll - ok
11:17:27.0335 4040 [ 5CCDCD40E732D54E0F7451AC66AC1C87 ] C:\Windows\SysWOW64\srvcli.dll
11:17:27.0335 4040 C:\Windows\SysWOW64\srvcli.dll - ok
11:17:27.0350 4040 [ E5A4A1326A02F8E7B59E6C3270CE7202 ] C:\Windows\SysWOW64\wkscli.dll
11:17:27.0350 4040 C:\Windows\SysWOW64\wkscli.dll - ok
11:17:27.0366 4040 [ B2DB6ABA2E292235749B80A9C3DFA867 ] C:\Windows\SysWOW64\imagehlp.dll
11:17:27.0366 4040 C:\Windows\SysWOW64\imagehlp.dll - ok
11:17:27.0381 4040 [ 43964FA89CCF97BA6BE34D69455AC65F ] C:\Windows\SysWOW64\uxtheme.dll
11:17:27.0381 4040 C:\Windows\SysWOW64\uxtheme.dll - ok
11:17:27.0397 4040 [ A6C29DB53ECA94FA8591C5388D604B82 ] C:\Windows\SysWOW64\msi.dll
11:17:27.0397 4040 C:\Windows\SysWOW64\msi.dll - ok
11:17:27.0397 4040 [ 6C765E82B57F2E66CE9C54AC238471D9 ] C:\Windows\SysWOW64\oleaut32.dll
11:17:27.0397 4040 C:\Windows\SysWOW64\oleaut32.dll - ok
11:17:27.0413 4040 [ 10FB16B50AFFDA6D44588F3C445DC273 ] C:\Windows\SysWOW64\setupapi.dll
11:17:27.0413 4040 C:\Windows\SysWOW64\setupapi.dll - ok
11:17:27.0428 4040 [ 9CB0D2A9A77D91D9614355EE9FF00519 ] C:\Windows\SysWOW64\wininet.dll
11:17:27.0428 4040 C:\Windows\SysWOW64\wininet.dll - ok
11:17:27.0444 4040 [ F436E847FA799ECD75AD8C313673F450 ] C:\Windows\SysWOW64\cfgmgr32.dll
11:17:27.0444 4040 C:\Windows\SysWOW64\cfgmgr32.dll - ok
11:17:27.0459 4040 [ 2EEFF4502F5E13B1BED4A04CCAD64C08 ] C:\Windows\SysWOW64\devobj.dll
11:17:27.0459 4040 C:\Windows\SysWOW64\devobj.dll - ok
11:17:27.0475 4040 [ 3178C47DB9F1615E5334029607BD3459 ] C:\Windows\SysWOW64\iertutil.dll
11:17:27.0475 4040 C:\Windows\SysWOW64\iertutil.dll - ok
11:17:27.0491 4040 [ FF5688D309347F2720911D8796912834 ] C:\Windows\SysWOW64\clbcatq.dll
11:17:27.0491 4040 C:\Windows\SysWOW64\clbcatq.dll - ok
11:17:27.0491 4040 [ 12C45E3CB6D65F73209549E2D02ECA7A ] C:\Windows\SysWOW64\propsys.dll
11:17:27.0491 4040 C:\Windows\SysWOW64\propsys.dll - ok
11:17:27.0506 4040 [ FC4EE980C3BD87D35816EC55007E00B5 ] C:\Windows\SysWOW64\urlmon.dll
11:17:27.0506 4040 C:\Windows\SysWOW64\urlmon.dll - ok
11:17:27.0522 4040 [ 3FD15B4611D9BDA3F8013548C0ECAECA ] C:\Windows\SysWOW64\ntmarta.dll
11:17:27.0522 4040 C:\Windows\SysWOW64\ntmarta.dll - ok
11:17:27.0537 4040 [ 465BEA35F7ED4A4A57686DEA7EA10F47 ] C:\Windows\SysWOW64\cscapi.dll
11:17:27.0537 4040 C:\Windows\SysWOW64\cscapi.dll - ok
11:17:27.0569 4040 [ A8BB45F9ECAD993461E0FEF8E2A99152 ] C:\Windows\SysWOW64\Wldap32.dll
11:17:27.0569 4040 C:\Windows\SysWOW64\Wldap32.dll - ok
11:17:27.0584 4040 [ 53223B673A3FA2F9A4D1C31C8D3F6CD8 ] C:\Windows\SysWOW64\dbghelp.dll
11:17:27.0584 4040 C:\Windows\SysWOW64\dbghelp.dll - ok
11:17:27.0600 4040 [ F93674263F6B07C77956E966953242D9 ] C:\Windows\SysWOW64\secur32.dll
11:17:27.0600 4040 C:\Windows\SysWOW64\secur32.dll - ok
11:17:27.0615 4040 [ 863F793D15B4026B1A5FDECA873D4D84 ] C:\Windows\SysWOW64\apphelp.dll
11:17:27.0615 4040 C:\Windows\SysWOW64\apphelp.dll - ok
11:17:27.0631 4040 [ AD7B9C14083B52BC532FBA5948342B98 ] C:\Windows\SysWOW64\cmd.exe
11:17:27.0631 4040 C:\Windows\SysWOW64\cmd.exe - ok
11:17:27.0647 4040 [ AE5A69F44C1F97EDC83237FC0B29B6FB ] C:\Program Files (x86)\Google\Update\1.3.21.123\GoogleCrashHandler.exe
11:17:27.0647 4040 C:\Program Files (x86)\Google\Update\1.3.21.123\GoogleCrashHandler.exe - ok
11:17:27.0662 4040 [ 41938F2C1642459CBBA691B5DBD6395A ] C:\Program Files (x86)\Google\Update\1.3.21.123\GoogleCrashHandler64.exe
11:17:27.0662 4040 C:\Program Files (x86)\Google\Update\1.3.21.123\GoogleCrashHandler64.exe - ok
11:17:27.0678 4040 [ C5A99A4C0DC9F0F5A95BA0C83D30A549 ] C:\Windows\SysWOW64\mstask.dll
11:17:27.0678 4040 C:\Windows\SysWOW64\mstask.dll - ok
11:17:27.0693 4040 [ 326C7F76A29897A892AA7726E91C1C67 ] C:\Windows\SysWOW64\winbrand.dll
11:17:27.0693 4040 C:\Windows\SysWOW64\winbrand.dll - ok
11:17:27.0709 4040 [ A6B73FCB9496DB101F3066CAF5A7DA4B ] C:\Windows\SysWOW64\ieframe.dll
11:17:27.0709 4040 C:\Windows\SysWOW64\ieframe.dll - ok
11:17:27.0725 4040 [ 4B78B431F225FD8624C5655CB1DE7B61 ] C:\Windows\System32\aelupsvc.dll
11:17:27.0725 4040 C:\Windows\System32\aelupsvc.dll - ok
11:17:27.0725 4040 [ A7A8CA53D9C9FD90C07AB0EB38E5316B ] C:\Windows\System32\dbghelp.dll
11:17:27.0725 4040 C:\Windows\System32\dbghelp.dll - ok
11:17:27.0740 4040 [ 8E01332CC4B68BC6B5B7EFFE374442AA ] C:\Windows\SysWOW64\oleacc.dll
11:17:27.0740 4040 C:\Windows\SysWOW64\oleacc.dll - ok
11:17:27.0756 4040 [ BE247AE996A9FDE007A27B51413A6C79 ] C:\Windows\SysWOW64\shdocvw.dll
11:17:27.0756 4040 C:\Windows\SysWOW64\shdocvw.dll - ok
11:17:27.0771 4040 [ 198803E5E93E29967DFB0BCFD0186151 ] C:\Windows\System32\spfileq.dll
11:17:27.0771 4040 C:\Windows\System32\spfileq.dll - ok
11:17:27.0787 4040 [ 847D3AE376C0817161A14A82C8922A9E ] C:\Windows\System32\netman.dll
11:17:27.0787 4040 C:\Windows\System32\netman.dll - ok
11:17:27.0803 4040 [ 46863C4CC5B68EB09EA2D5EEF0F1193A ] C:\Windows\System32\radardt.dll
11:17:27.0803 4040 C:\Windows\System32\radardt.dll - ok
11:17:27.0818 4040 [ A42F2C1EB3B66C54FB3C7B79D30C1A6D ] C:\Windows\System32\netshell.dll
11:17:27.0818 4040 C:\Windows\System32\netshell.dll - ok
11:17:27.0834 4040 [ EBC984F0CE40E0DAF0454D806EC2A7EC ] C:\Users\Jessie\AppData\Local\Temp\F6EDAC27-C964-4CBF-B3DF-66DA533C0286.exe
11:17:27.0834 4040 C:\Users\Jessie\AppData\Local\Temp\F6EDAC27-C964-4CBF-B3DF-66DA533C0286.exe - ok
11:17:27.0849 4040 [ D2155709E336C3BC15729EB87FEC6064 ] C:\Windows\System32\rasdlg.dll
11:17:27.0849 4040 C:\Windows\System32\rasdlg.dll - ok
11:17:27.0849 4040 [ 591FE0A6CEB19BF886CEB1331F591940 ] C:\Windows\SysWOW64\ncrypt.dll
11:17:27.0849 4040 C:\Windows\SysWOW64\ncrypt.dll - ok
11:17:27.0865 4040 [ CE71B9119A258EDD0A05B37D7B0F92E3 ] C:\Windows\SysWOW64\bcrypt.dll
11:17:27.0865 4040 C:\Windows\SysWOW64\bcrypt.dll - ok
11:17:27.0881 4040 [ E8449FE262D7406BCB2AC2A45C53EC5F ] C:\Windows\SysWOW64\bcryptprimitives.dll
11:17:27.0881 4040 C:\Windows\SysWOW64\bcryptprimitives.dll - ok
11:17:27.0896 4040 [ 1097F3035BAF46CED8B332B3564C5108 ] C:\Windows\SysWOW64\gpapi.dll
11:17:27.0896 4040 C:\Windows\SysWOW64\gpapi.dll - ok
11:17:27.0912 4040 [ CA79539D3D4C0BA66F0F051A5EE5E923 ] C:\Windows\SysWOW64\cryptnet.dll
11:17:27.0912 4040 C:\Windows\SysWOW64\cryptnet.dll - ok
11:17:27.0927 4040 [ 6F8E3B7B70E1BBA871212940C1FBDF60 ] C:\Windows\SysWOW64\SensApi.dll
11:17:27.0927 4040 C:\Windows\SysWOW64\SensApi.dll - ok
11:17:27.0943 4040 [ FBD879D17B26D49DD7A48FF58062FAE6 ] C:\Windows\System32\tdh.dll
11:17:27.0943 4040 C:\Windows\System32\tdh.dll - ok
11:17:27.0959 4040 [ 39C5F32747B3414D1BB216FDB1DEFC58 ] C:\Windows\SysWOW64\dwmapi.dll
11:17:27.0959 4040 C:\Windows\SysWOW64\dwmapi.dll - ok
11:17:27.0959 4040 [ 1DB71A41DAEE6B3F8CD0DDA8209FA2D5 ] C:\Windows\SysWOW64\WindowsCodecs.dll
11:17:27.0959 4040 C:\Windows\SysWOW64\WindowsCodecs.dll - ok
11:17:27.0974 4040 [ 846D0E4DB261CFAF363902E41498E961 ] C:\Windows\SysWOW64\EhStorShell.dll
11:17:27.0974 4040 C:\Windows\SysWOW64\EhStorShell.dll - ok
11:17:27.0990 4040 [ 03F3B770DFBED6131653CEDA8CA780F0 ] C:\Windows\SysWOW64\ntshrui.dll
11:17:27.0990 4040 C:\Windows\SysWOW64\ntshrui.dll - ok
11:17:28.0005 4040 [ 10F815BE90A66AAFC6C713D1BD626064 ] C:\Windows\System32\pnidui.dll
11:17:28.0005 4040 C:\Windows\System32\pnidui.dll - ok
11:17:28.0021 4040 [ 8B74CEC6980D4816B0037AE9A27E538F ] C:\Windows\SysWOW64\slc.dll
11:17:28.0021 4040 C:\Windows\SysWOW64\slc.dll - ok
11:17:28.0037 4040 [ 827CB0D6C3F8057EA037FF271F8E9795 ] C:\Windows\SysWOW64\imageres.dll
11:17:28.0037 4040 C:\Windows\SysWOW64\imageres.dll - ok
11:17:28.0037 4040 [ 1EB82516F21F27EED1833B4F9FD9614E ] C:\Windows\System32\wmp.dll
11:17:28.0037 4040 C:\Windows\System32\wmp.dll - ok
11:17:28.0052 4040 [ 523CF74A52C9A1762DA8B83AEE734498 ] C:\Windows\SysWOW64\IconCodecService.dll
11:17:28.0052 4040 C:\Windows\SysWOW64\IconCodecService.dll - ok
11:17:28.0068 4040 [ 522B0466ED967A0762E9AF5B37D8F40A ] C:\Windows\System32\esent.dll
11:17:28.0068 4040 C:\Windows\System32\esent.dll - ok
11:17:28.0083 4040 [ 40CAEEE0EAF1B8569F7C8DF6420F2CB9 ] C:\Windows\SysWOW64\sfc.dll
11:17:28.0083 4040 C:\Windows\SysWOW64\sfc.dll - ok
11:17:28.0099 4040 [ 84799328D87B3091A3BDD251E1AD31F9 ] C:\Windows\SysWOW64\sfc_os.dll
11:17:28.0099 4040 C:\Windows\SysWOW64\sfc_os.dll - ok
11:17:28.0115 4040 [ 162D247E995EAEBF3EF4289069E1111C ] C:\Windows\SysWOW64\devrtl.dll
11:17:28.0115 4040 C:\Windows\SysWOW64\devrtl.dll - ok
11:17:28.0130 4040 [ B519848DFA30AE2B306576B51321D102 ] C:\Windows\System32\ie4uinit.exe
11:17:28.0130 4040 C:\Windows\System32\ie4uinit.exe - ok
11:17:28.0146 4040 [ CA9F7888B524D8100B977C81F44C3234 ] C:\Windows\SysWOW64\winhttp.dll
11:17:28.0146 4040 C:\Windows\SysWOW64\winhttp.dll - ok
11:17:28.0161 4040 [ FB19FC5951A88F3C523E35C2C98D23C0 ] C:\Windows\SysWOW64\webio.dll
11:17:28.0161 4040 C:\Windows\SysWOW64\webio.dll - ok
11:17:28.0161 4040 [ 2C647ABE9A424E55B5F3DAE4629B4277 ] C:\Windows\System32\themeui.dll
11:17:28.0161 4040 C:\Windows\System32\themeui.dll - ok
11:17:28.0177 4040 [ FB10715E4099AF9FA389C71873245226 ] C:\Windows\System32\timedate.cpl
11:17:28.0177 4040 C:\Windows\System32\timedate.cpl - ok
11:17:28.0193 4040 [ C4F40F6CACD796A8E16671D0E9A2F319 ] C:\Windows\System32\shdocvw.dll
11:17:28.0193 4040 C:\Windows\System32\shdocvw.dll - ok
11:17:28.0208 4040 [ A0A65D306A5490D2EB8E7DE66898ECFD ] C:\Windows\System32\linkinfo.dll
11:17:28.0208 4040 C:\Windows\System32\linkinfo.dll - ok
11:17:28.0224 4040 [ 661CEEDE98A2E0E5CDD7DE239EB38353 ] C:\PROGRA~2\WIC4A1~1\MESSEN~1\msgslang.dll
11:17:28.0224 4040 C:\PROGRA~2\WIC4A1~1\MESSEN~1\msgslang.dll - ok
11:17:28.0239 4040 [ 1EAC1A8CA6874BF5B15E2EFB9A9A7B86 ] C:\Windows\System32\msftedit.dll
11:17:28.0239 4040 C:\Windows\System32\msftedit.dll - ok
11:17:28.0255 4040 [ 7FCAB194F01E3403C300EB034E480B36 ] C:\Windows\System32\msls31.dll
11:17:28.0255 4040 C:\Windows\System32\msls31.dll - ok
11:17:28.0271 4040 [ 4E5FE39C1076D115EC8BFCFE14D75B80 ] C:\Windows\SysWOW64\credssp.dll
11:17:28.0271 4040 C:\Windows\SysWOW64\credssp.dll - ok
11:17:28.0286 4040 [ 3504B34CD2DE00BA3CC1A195F1B739BD ] C:\Windows\System32\gameux.dll
11:17:28.0286 4040 C:\Windows\System32\gameux.dll - ok
11:17:28.0286 4040 [ 8999B8631C7FD9F7F9EC3CAFD953BA24 ] C:\Windows\SysWOW64\mswsock.dll
11:17:28.0286 4040 C:\Windows\SysWOW64\mswsock.dll - ok
11:17:28.0302 4040 [ EE5C8E27C37B79CB54A2FCEEED2DC262 ] C:\Windows\SysWOW64\WSHTCPIP.DLL
11:17:28.0302 4040 C:\Windows\SysWOW64\WSHTCPIP.DLL - ok
11:17:28.0317 4040 [ 73E8667A19FEEDD856DF2695E9E511D4 ] C:\Windows\SysWOW64\wship6.dll
11:17:28.0317 4040 C:\Windows\SysWOW64\wship6.dll - ok
11:17:28.0333 4040 [ B40420876B9288E0A1C8CCA8A84E5DC9 ] C:\Windows\SysWOW64\dnsapi.dll
11:17:28.0333 4040 C:\Windows\SysWOW64\dnsapi.dll - ok
11:17:28.0349 4040 [ 7DBA84667DC18877AEF693E3543DFAD7 ] C:\Program Files\Common Files\Microsoft Shared\ink\tiptsf.dll
11:17:28.0349 4040 C:\Program Files\Common Files\Microsoft Shared\ink\tiptsf.dll - ok
11:17:28.0364 4040 [ 12B79422A23814429CDA9E734C58F78F ] C:\Program Files (x86)\Common Files\microsoft shared\Windows Live\WLIDNSP.DLL
11:17:28.0364 4040 C:\Program Files (x86)\Common Files\microsoft shared\Windows Live\WLIDNSP.DLL - ok
11:17:28.0380 4040 [ 5EB6E9C8BE1ACC5830780E0F9A846255 ] C:\Windows\System32\msi.dll
11:17:28.0380 4040 C:\Windows\System32\msi.dll - ok
11:17:28.0380 4040 [ 69754747274B76E7FAF287239333D7E6 ] C:\Windows\System32\msiltcfg.dll
11:17:28.0380 4040 C:\Windows\System32\msiltcfg.dll - ok
11:17:28.0395 4040 [ ED6EE83D61EBC683C2CD8E899EA6FEBE ] C:\Windows\SysWOW64\rasadhlp.dll
11:17:28.0395 4040 C:\Windows\SysWOW64\rasadhlp.dll - ok
11:17:28.0411 4040 [ BCFF8CD24809941E28C73185FC58CA39 ] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
11:17:28.0411 4040 C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe - ok
11:17:28.0427 4040 [ 0BE126224273ACB0925C07B30A0E4209 ] C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
11:17:28.0427 4040 C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe - ok
11:17:28.0442 4040 [ 439669E153EF11FA16861EC33D4AFC81 ] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
11:17:28.0442 4040 C:\Program Files\Synaptics\SynTP\SynTPEnh.exe - ok
11:17:28.0458 4040 [ C5BCAB2B9BD316DDFD53D4CB5E1C438D ] C:\Program Files\TOSHIBA\Power Saver\TPwrMain.exe
11:17:28.0458 4040 C:\Program Files\TOSHIBA\Power Saver\TPwrMain.exe - ok
11:17:28.0473 4040 [ 24F4B480F335A6C724AF352253C5D98B ] C:\Windows\System32\thumbcache.dll
11:17:28.0473 4040 C:\Windows\System32\thumbcache.dll - ok
11:17:28.0489 4040 [ 405F4D32D2185F1F1BD753D8EEAFFB3A ] C:\Windows\System32\networkexplorer.dll
11:17:28.0489 4040 C:\Windows\System32\networkexplorer.dll - ok
11:17:28.0505 4040 [ 03A03A453F1AAAE0C73AAAF895321C7A ] C:\Windows\SysWOW64\FWPUCLNT.DLL
11:17:28.0505 4040 C:\Windows\SysWOW64\FWPUCLNT.DLL - ok
11:17:28.0520 4040 [ 585FED4CDB8034B8B58AEB8008255817 ] C:\Windows\System32\opengl32.dll
11:17:28.0520 4040 C:\Windows\System32\opengl32.dll - ok
11:17:28.0536 4040 [ DC604BBAF9F613D150CC6060E0E47788 ] C:\Program Files\TOSHIBA\FlashCards\TCrdMain.exe
11:17:28.0536 4040 C:\Program Files\TOSHIBA\FlashCards\TCrdMain.exe - ok
11:17:28.0551 4040 [ F2967C0A97C0EA67D79D7F557213950D ] C:\Windows\System32\glu32.dll
11:17:28.0551 4040 C:\Windows\System32\glu32.dll - ok
11:17:28.0551 4040 [ DFD8F75F0E27D522AB8424AD71719C8B ] C:\Program Files\TOSHIBA\TBS\HSON.exe
11:17:28.0551 4040 C:\Program Files\TOSHIBA\TBS\HSON.exe - ok
11:17:28.0567 4040 [ A6C09924C6730DE8DEED9890A12AA691 ] C:\Windows\System32\ddraw.dll
11:17:28.0567 4040 C:\Windows\System32\ddraw.dll - ok
11:17:28.0583 4040 [ D70D6B42933C1174FE961F0BCA3573A3 ] C:\Program Files\TOSHIBA\FlashCards\TCrdEvnt.dll
11:17:28.0583 4040 C:\Program Files\TOSHIBA\FlashCards\TCrdEvnt.dll - ok
11:17:28.0598 4040 [ 4C2C4640BF23AAFCF90519E0F34436CE ] C:\Windows\System32\DeviceCenter.dll
11:17:28.0598 4040 C:\Windows\System32\DeviceCenter.dll - ok
11:17:28.0614 4040 [ 29C22748937F45C26590909E9F8E7137 ] C:\Windows\System32\dciman32.dll
11:17:28.0614 4040 C:\Windows\System32\dciman32.dll - ok
11:17:28.0629 4040 [ E424B3EF666B184CEE0B6871AAA8C9F6 ] C:\Windows\System32\msimg32.dll
11:17:28.0629 4040 C:\Windows\System32\msimg32.dll - ok
11:17:28.0645 4040 [ 76849AB697E63D85CC35DD2F8AEA1C6B ] C:\Program Files\TOSHIBA\FlashCards\TCrdMain.dll
11:17:28.0645 4040 C:\Program Files\TOSHIBA\FlashCards\TCrdMain.dll - ok
11:17:28.0661 4040 [ 263E9A047D17CD50BAA9D3C02910D18D ] C:\Windows\System32\oledlg.dll
11:17:28.0661 4040 C:\Windows\System32\oledlg.dll - ok
11:17:28.0676 4040 [ 565E25C82AAE17EA97884B43F05A720E ] C:\Windows\System32\SynCOM.dll
11:17:28.0676 4040 C:\Windows\System32\SynCOM.dll - ok
11:17:28.0692 4040 [ 5F639198C4137075DA50E61C23963C11 ] C:\Windows\System32\drprov.dll
11:17:28.0692 4040 C:\Windows\System32\drprov.dll - ok
11:17:28.0692 4040 [ BC566D17914B07ABAAB3A5A385CC3300 ] C:\Windows\System32\ntlanman.dll
11:17:28.0692 4040 C:\Windows\System32\ntlanman.dll - ok
11:17:28.0707 4040 [ F82483A80D49ACCA81193A294FB233CD ] C:\Program Files\TOSHIBA\TosVolRegulator\TosVolRegulator.exe
11:17:28.0707 4040 C:\Program Files\TOSHIBA\TosVolRegulator\TosVolRegulator.exe - ok
11:17:28.0723 4040 [ B3A33600DCDFB84D7FBE09ADEB1C9B8A ] C:\Windows\System32\davclnt.dll
11:17:28.0723 4040 C:\Windows\System32\davclnt.dll - ok
11:17:28.0739 4040 [ 4936B83586C1F81630AE9C8EED6E356A ] C:\Windows\System32\SynTPAPI.dll
11:17:28.0739 4040 C:\Windows\System32\SynTPAPI.dll - ok
11:17:28.0754 4040 [ 45B24A357C801CE62052FE0CDC8BD4D2 ] C:\Windows\System32\davhlpr.dll
11:17:28.0754 4040 C:\Windows\System32\davhlpr.dll - ok
11:17:28.0770 4040 [ 6B8966ECB093271DE794286850432225 ] C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
11:17:28.0770 4040 C:\Program Files\Synaptics\SynTP\SynTPHelper.exe - ok
11:17:28.0785 4040 [ 0F042176F243D71C552E9D07D2FCB141 ] C:\Program Files\TOSHIBA\FlashCards\BlackPng.dll
11:17:28.0785 4040 C:\Program Files\TOSHIBA\FlashCards\BlackPng.dll - ok
11:17:28.0801 4040 [ 426350B428CD70D037A3326EB9E5EDFD ] C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosWaitSrv.exe
11:17:28.0801 4040 C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosWaitSrv.exe - ok
11:17:28.0817 4040 [ 9110FFAD124283F37D38771BB60556AF ] C:\Windows\System32\dsound.dll
11:17:28.0817 4040 C:\Windows\System32\dsound.dll - ok
11:17:28.0817 4040 [ 0DC6669BC2B552C0ECC905B6B761F508 ] C:\Program Files\Microsoft Security Client\msseces.exe
11:17:28.0817 4040 C:\Program Files\Microsoft Security Client\msseces.exe - ok
11:17:28.0832 4040 [ 5D61BE7DB55B026A5D61A3EED09D0EAD ] C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
11:17:28.0832 4040 C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe - ok
11:17:28.0848 4040 [ BE56D0547E24644DEEB19397521B1EAA ] C:\Program Files (x86)\Google\GoogleToolbarNotifier\5.7.7529.1424\gtn.dll
11:17:28.0848 4040 C:\Program Files (x86)\Google\GoogleToolbarNotifier\5.7.7529.1424\gtn.dll - ok
11:17:28.0863 4040 [ EFE8A50B9AE0205D399E94E89E244E65 ] C:\Program Files\TOSHIBA\Power Saver\TCooling.dll
11:17:28.0863 4040 C:\Program Files\TOSHIBA\Power Saver\TCooling.dll - ok
11:17:28.0879 4040 [ 0B5511674394666E9D221F8681B2C2E6 ] C:\Windows\System32\consent.exe
11:17:28.0879 4040 C:\Windows\System32\consent.exe - ok
11:17:28.0895 4040 [ 839F96DBAAFD3353E0B248A5E0BD2A51 ] C:\Windows\SysWOW64\rasapi32.dll
11:17:28.0895 4040 C:\Windows\SysWOW64\rasapi32.dll - ok
11:17:28.0910 4040 [ 9C96B167C21F6DCCF68E96853B0A8F93 ] C:\Program Files\TOSHIBA\FlashCards\FnPRTSC.dll
11:17:28.0910 4040 C:\Program Files\TOSHIBA\FlashCards\FnPRTSC.dll - ok
11:17:28.0926 4040 [ FFA7172354B9256DBB2CDD75F16F33FE ] C:\Windows\SysWOW64\rasman.dll
11:17:28.0926 4040 C:\Windows\SysWOW64\rasman.dll - ok
11:17:28.0941 4040 [ E542A10321E884C2C50290AC67E82DAE ] C:\Program Files\TOSHIBA\Power Saver\TOddPwr.dll
11:17:28.0941 4040 C:\Program Files\TOSHIBA\Power Saver\TOddPwr.dll - ok
11:17:28.0957 4040 [ CACB1FB9B211A8BEF470A78FC573AEBA ] C:\Program Files\TOSHIBA\FlashCards\Hotkey\Brightness.dll
11:17:28.0957 4040 C:\Program Files\TOSHIBA\FlashCards\Hotkey\Brightness.dll - ok
11:17:28.0973 4040 [ 60FB378B6D1C80DC69DD80F8E05D4346 ] C:\Program Files\TOSHIBA\Power Saver\TPwrSrv.dll
11:17:28.0973 4040 C:\Program Files\TOSHIBA\Power Saver\TPwrSrv.dll - ok
11:17:28.0988 4040 [ 241AF87821FDA0F5792037B779F49BE0 ] C:\Windows\winsxs\amd64_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.6161_none_08e61857a83bc251\msvcp90.dll
11:17:28.0988 4040 C:\Windows\winsxs\amd64_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.6161_none_08e61857a83bc251\msvcp90.dll - ok
11:17:29.0004 4040 [ D233C7FEAE3FAA25F93A9E6B46815ADC ] C:\Windows\winsxs\amd64_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.6161_none_08e61857a83bc251\msvcr90.dll
11:17:29.0004 4040 C:\Windows\winsxs\amd64_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.6161_none_08e61857a83bc251\msvcr90.dll - ok
11:17:29.0004 4040 [ 0805289E121F3E3C458C970B08314EB2 ] C:\Windows\System32\RtkCfg64.dll
11:17:29.0004 4040 C:\Windows\System32\RtkCfg64.dll - ok
11:17:29.0019 4040 [ B3F4982BD2542AB40AFA6D6E695E5E06 ] C:\Program Files\TOSHIBA\Power Saver\TPwrBrightness.dll
11:17:29.0019 4040 C:\Program Files\TOSHIBA\Power Saver\TPwrBrightness.dll - ok
11:17:29.0035 4040 [ E126445756DFE53F9788911BBD7BFF16 ] C:\Program Files\TOSHIBA\FlashCards\FnSticky.dll
11:17:29.0035 4040 C:\Program Files\TOSHIBA\FlashCards\FnSticky.dll - ok
11:17:29.0051 4040 [ F164E175B6092D3BA0DC7056487717BC ] C:\Program Files\TOSHIBA\Power Saver\T1394Pwr.dll
11:17:29.0051 4040 C:\Program Files\TOSHIBA\Power Saver\T1394Pwr.dll - ok
11:17:29.0066 4040 [ 1C937AA6A3E2E5F5F650686437AE2854 ] C:\Program Files\TOSHIBA\FlashCards\SmoothView.dll
11:17:29.0066 4040 C:\Program Files\TOSHIBA\FlashCards\SmoothView.dll - ok
11:17:29.0082 4040 [ E436C2E89416F31699F2A3CA79DDC095 ] C:\Program Files\TOSHIBA\Power Saver\TKBLEDPwr.dll
11:17:29.0082 4040 C:\Program Files\TOSHIBA\Power Saver\TKBLEDPwr.dll - ok
11:17:29.0097 4040 [ D66423EB59EA81B1D9C0DE0AAFE2EB25 ] C:\Program Files\TOSHIBA\TBS\TBSMain.dll
11:17:29.0097 4040 C:\Program Files\TOSHIBA\TBS\TBSMain.dll - ok
11:17:29.0097 4040 [ C4CA3DBBCEC3136D37DA20B50291E63A ] C:\Program Files\TOSHIBA\Power Saver\TSDPwr.dll
11:17:29.0097 4040 C:\Program Files\TOSHIBA\Power Saver\TSDPwr.dll - ok
11:17:29.0113 4040 [ 0915C4DB6DBC3BB9E11B7ECBBE4B7159 ] C:\Windows\SysWOW64\rtutils.dll
11:17:29.0113 4040 C:\Windows\SysWOW64\rtutils.dll - ok
11:17:29.0129 4040 [ EF9F69074FF0A48DD30FEF5A33518D86 ] C:\Program Files (x86)\Google\GoogleToolbarNotifier\5.7.7529.1424\swg.dll
11:17:29.0129 4040 C:\Program Files (x86)\Google\GoogleToolbarNotifier\5.7.7529.1424\swg.dll - ok
11:17:29.0144 4040 [ DF987E7AA36D53411B1087B246739326 ] C:\Program Files\TOSHIBA\Power Saver\TPCIePwr.dll
11:17:29.0144 4040 C:\Program Files\TOSHIBA\Power Saver\TPCIePwr.dll - ok
11:17:29.0160 4040 [ 43AA2EFD14590DE58A545BF3B28ED09F ] C:\Program Files\TOSHIBA\FlashCards\Hotkey\FnF8Dll.dll
11:17:29.0160 4040 C:\Program Files\TOSHIBA\FlashCards\Hotkey\FnF8Dll.dll - ok
11:17:29.0175 4040 [ 76F123E491B26DAAD5DFBC20FC5996DB ] C:\Program Files\TOSHIBA\Power Saver\TScreen.dll
11:17:29.0175 4040 C:\Program Files\TOSHIBA\Power Saver\TScreen.dll - ok
11:17:29.0191 4040 [ BC51263DEF5774BF213BFA05AE046705 ] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe
11:17:29.0191 4040 C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe - ok
11:17:29.0207 4040 [ 357BE883C5236BFC7341CB9E82308908 ] C:\Windows\System32\wlanapi.dll
11:17:29.0207 4040 C:\Windows\System32\wlanapi.dll - ok
11:17:29.0222 4040 [ 270A1342BD5AF95CA25A586B4C2F1522 ] C:\Program Files (x86)\Internet Explorer\iexplore.exe
11:17:29.0222 4040 C:\Program Files (x86)\Internet Explorer\iexplore.exe - ok
11:17:29.0238 4040 [ C3761661C17C2248A9379A8FB89E3DE1 ] C:\Windows\System32\stobject.dll
11:17:29.0238 4040 C:\Windows\System32\stobject.dll - ok
11:17:29.0238 4040 [ 1705B6E6E1D883965F32C7D3B8E78CE6 ] C:\Program Files (x86)\Toshiba\TOSHIBA Service Station\ToshibaServiceStation.exe
11:17:29.0238 4040 C:\Program Files (x86)\Toshiba\TOSHIBA Service Station\ToshibaServiceStation.exe - ok
11:17:29.0253 4040 [ F832EEEA97CDDA1AF577E721F652A0D1 ] C:\Windows\System32\batmeter.dll
11:17:29.0253 4040 C:\Windows\System32\batmeter.dll - ok
11:17:29.0269 4040 [ 494DF8940225873DE62C1A730B301F57 ] C:\Windows\SysWOW64\atiadlxy.dll
11:17:29.0269 4040 C:\Windows\SysWOW64\atiadlxy.dll - ok
11:17:29.0285 4040 [ 995BEB69AE5C50D354894354F5A6CD5A ] C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
11:17:29.0285 4040 C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe - ok
11:17:29.0300 4040 [ 11615D80DC10ABB83D2A9002B70A4E36 ] C:\Program Files\TOSHIBA\FlashCards\TWarnMsg\TWarnMsg.dll
11:17:29.0300 4040 C:\Program Files\TOSHIBA\FlashCards\TWarnMsg\TWarnMsg.dll - ok
11:17:29.0316 4040 [ 5997D769CDB108390DCFAEBF442BF816 ] C:\Windows\SysWOW64\RpcRtRemote.dll
11:17:29.0316 4040 C:\Windows\SysWOW64\RpcRtRemote.dll - ok
11:17:29.0331 4040 [ DDEA7F06F8A00E706C4DB75D7C6F2612 ] C:\Program Files\TOSHIBA\HDD Protection\Thp3dv.exe
11:17:29.0331 4040 C:\Program Files\TOSHIBA\HDD Protection\Thp3dv.exe - ok
11:17:29.0347 4040 [ A08C010D859F8EB42BDD7E1D55B8CA27 ] C:\Windows\System32\mscoree.dll
11:17:29.0347 4040 C:\Windows\System32\mscoree.dll - ok
11:17:29.0363 4040 [ F146E2BA475893DD77B2370DC1211FC6 ] C:\Windows\System32\drivers\29993970.sys
11:17:29.0363 4040 C:\Windows\System32\drivers\29993970.sys - ok
11:17:29.0378 4040 [ DC5B5D3A1BF59A74ECA9C2EBB34574BE ] C:\Program Files\Microsoft Security Client\MsMpRes.dll
11:17:29.0378 4040 C:\Program Files\Microsoft Security Client\MsMpRes.dll - ok
11:17:29.0378 4040 [ 1AC9B56AC7E043AC2874D61CBCED5F49 ] C:\Program Files\TOSHIBA\FlashCards\Hotkey\Mute.dll
11:17:29.0378 4040 C:\Program Files\TOSHIBA\FlashCards\Hotkey\Mute.dll - ok
11:17:29.0394 4040 [ AA794B099F776B37ACCDEAD00E0FBFC9 ] C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscoreei.dll
11:17:29.0394 4040 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscoreei.dll - ok
11:17:29.0409 4040 [ 02CD5B2C3B017122CAC00BDB520CD7AC ] C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorwks.dll
11:17:29.0409 4040 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorwks.dll - ok
11:17:29.0425 4040 [ 93812FDC01AA864195816CD814445F95 ] C:\Program Files\Microsoft Security Client\sqmapi.dll
11:17:29.0425 4040 C:\Program Files\Microsoft Security Client\sqmapi.dll - ok
11:17:29.0441 4040 [ 919001D2BB17DF06CA3F8AC16AD039F6 ] C:\Windows\SysWOW64\sxs.dll
11:17:29.0441 4040 C:\Windows\SysWOW64\sxs.dll - ok
11:17:29.0456 4040 [ C861851A0BBD9903E324487011AA3705 ] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
11:17:29.0456 4040 C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe - ok
11:17:29.0472 4040 [ 619A67C9F617B7E69315BB28ECD5E1DF ] C:\Windows\System32\wbem\WmiPrvSE.exe
11:17:29.0472 4040 C:\Windows\System32\wbem\WmiPrvSE.exe - ok
11:17:29.0487 4040 [ 01AEA2F16FE0C522DDFD7FAFFC959C6A ] C:\Windows\assembly\NativeImages_v2.0.50727_64\mscorlib\74a5f0c2bc0d0e6e3c4ec4886b9be891\mscorlib.ni.dll
11:17:29.0487 4040 C:\Windows\assembly\NativeImages_v2.0.50727_64\mscorlib\74a5f0c2bc0d0e6e3c4ec4886b9be891\mscorlib.ni.dll - ok
11:17:29.0503 4040 [ 2D2A6EC8EAD30EC3ACE2FD6FB1B3E122 ] C:\Windows\System32\prnfldr.dll
11:17:29.0503 4040 C:\Windows\System32\prnfldr.dll - ok
11:17:29.0519 4040 [ 3ABB7ADB9CCBCD24D6C55201A3842A94 ] C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorjit.dll
11:17:29.0519 4040 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorjit.dll - ok
11:17:29.0534 4040 [ 2A436796758BF2555A26C770FE8A6FEE ] C:\Windows\System32\fdProxy.dll
11:17:29.0534 4040 C:\Windows\System32\fdProxy.dll - ok
11:17:29.0550 4040 [ 8BE887F1743FBB39ED2C9CA2937742D6 ] C:\Windows\assembly\NativeImages_v2.0.50727_64\System\f3888a2c7b096d416ca0cfc5405219b4\System.ni.dll
11:17:29.0550 4040 C:\Windows\assembly\NativeImages_v2.0.50727_64\System\f3888a2c7b096d416ca0cfc5405219b4\System.ni.dll - ok
11:17:29.0565 4040 [ 51138BEEA3E2C21EC44D0932C71762A8 ] C:\Windows\SysWOW64\rundll32.exe
11:17:29.0565 4040 C:\Windows\SysWOW64\rundll32.exe - ok
11:17:29.0581 4040 [ 42A9CB6906D9A8BEDC83B57163E62924 ] C:\Windows\System32\DXP.dll
11:17:29.0581 4040 C:\Windows\System32\DXP.dll - ok
11:17:29.0581 4040 [ 07AD88DF9EF73215458867EFC1BFFE9E ] C:\Windows\System32\wbem\wmiprov.dll
11:17:29.0581 4040 C:\Windows\System32\wbem\wmiprov.dll - ok
11:17:29.0597 4040 [ 368B2BEE3F88BFB883D2C74A258DE6F6 ] C:\Windows\AppPatch\AcLayers.dll
11:17:29.0597 4040 C:\Windows\AppPatch\AcLayers.dll - ok
11:17:29.0612 4040 [ 2BC7C9FD0A9F2C9AFC373F3AD1EE3891 ] C:\Windows\System32\Syncreg.dll
11:17:29.0612 4040 C:\Windows\System32\Syncreg.dll - ok
11:17:29.0628 4040 [ C836175870E00ACC546066632E15BD10 ] C:\Windows\ehome\ehSSO.dll
11:17:29.0628 4040 C:\Windows\ehome\ehSSO.dll - ok
11:17:29.0643 4040 [ 9E4B0E7472B4CEBA9E17F440B8CB0AB8 ] C:\Windows\SysWOW64\winspool.drv
11:17:29.0643 4040 C:\Windows\SysWOW64\winspool.drv - ok
11:17:29.0643 4040 [ C8FDF0FA9E97E2FAAF3F814716AAA881 ] C:\Windows\System32\WPDShServiceObj.dll
11:17:29.0643 4040 C:\Windows\System32\WPDShServiceObj.dll - ok
11:17:29.0659 4040 [ 8FF048680DE6278299A1063508F0F7C4 ] C:\Windows\AppPatch\acwow64.dll
11:17:29.0659 4040 C:\Windows\AppPatch\acwow64.dll - ok
11:17:29.0675 4040 [ 4F3CD1C59EA71401E155C432BCECE180 ] C:\Windows\System32\PortableDeviceTypes.dll
11:17:29.0675 4040 C:\Windows\System32\PortableDeviceTypes.dll - ok
11:17:29.0690 4040 [ DD45C29A6082E333E038B5033247E74D ] C:\Users\Jessie\AppData\Local\VirtualStore\TOSHIBA\wswikaw.dll
11:17:29.0690 4040 C:\Users\Jessie\AppData\Local\VirtualStore\TOSHIBA\wswikaw.dll - ok
11:17:29.0706 4040 [ E7368F0A8D19445EAF5C5D0DBB8B8DAB ] C:\Windows\System32\AltTab.dll
11:17:29.0706 4040 C:\Windows\System32\AltTab.dll - ok
11:17:29.0721 4040 [ B9F0A4020AA98B7A20287BF7FE99A1FD ] C:\Windows\System32\QUTIL.DLL
11:17:29.0721 4040 C:\Windows\System32\QUTIL.DLL - ok
11:17:29.0737 4040 [ 8569E35D00F45972E506502EEE622BA4 ] C:\Windows\System32\srchadmin.dll
11:17:29.0737 4040 C:\Windows\System32\srchadmin.dll - ok
11:17:29.0753 4040 [ 92DBF0A4C9239169010FC6E07859C82E ] C:\Windows\System32\ActionCenter.dll
11:17:29.0753 4040 C:\Windows\System32\ActionCenter.dll - ok
11:17:29.0753 4040 [ E0B340996A41C9A75DFA3B99BBA9C500 ] C:\Windows\System32\SearchIndexer.exe
11:17:29.0753 4040 C:\Windows\System32\SearchIndexer.exe - ok
11:17:29.0768 4040 [ F9AFD12BB4B1CFA5FCC0A5B37C604FD2 ] C:\Windows\System32\dot3api.dll
11:17:29.0768 4040 C:\Windows\System32\dot3api.dll - ok
11:17:29.0784 4040 [ C746F3BF98E92FB137B5BD2B8B5925BD ] C:\Windows\System32\FXSST.dll
11:17:29.0784 4040 C:\Windows\System32\FXSST.dll - ok
11:17:29.0799 4040 [ E4FCA0F99A41E460C84016DEFD31E6EF ] C:\Windows\System32\wlanhlp.dll
11:17:29.0799 4040 C:\Windows\System32\wlanhlp.dll - ok
11:17:29.0815 4040 [ 650CAEA856943E29F25A25D31E004B18 ] C:\Windows\System32\FXSAPI.dll
11:17:29.0815 4040 C:\Windows\System32\FXSAPI.dll - ok
11:17:29.0831 4040 [ 589DF683A6C81424A6CECE52ABF98A50 ] C:\Windows\System32\tquery.dll
11:17:29.0831 4040 C:\Windows\System32\tquery.dll - ok
11:17:29.0846 4040 [ C8E8B8239FCF17BEA10E751BE5854631 ] C:\Windows\System32\FXSRESM.dll
11:17:29.0846 4040 C:\Windows\System32\FXSRESM.dll - ok
11:17:29.0862 4040 [ DBEFD454F8318A0EF691FDD2EAAB44EB ] C:\Windows\System32\FXSSVC.exe
11:17:29.0862 4040 C:\Windows\System32\FXSSVC.exe - ok
11:17:29.0862 4040 [ 6699A112A3BDC9B52338512894EBA9D6 ] C:\Program Files\Windows Media Player\wmpnscfg.exe
11:17:29.0862 4040 C:\Program Files\Windows Media Player\wmpnscfg.exe - ok
11:17:29.0877 4040 [ 102CF6879887BBE846A00C459E6D4ABC ] C:\Windows\SysWOW64\riched20.dll
11:17:29.0877 4040 C:\Windows\SysWOW64\riched20.dll - ok
11:17:29.0893 4040 [ 7568CC720ACE4D03B84AF97817E745EF ] C:\Windows\System32\mssrch.dll
11:17:29.0893 4040 C:\Windows\System32\mssrch.dll - ok
11:17:29.0909 4040 [ D79D19EC66106119DCD45D042C6B5170 ] C:\Windows\assembly\NativeImages_v2.0.50727_64\System.Drawing\88f8a6436dc95497fce0dae347646e53\System.Drawing.ni.dll
11:17:29.0909 4040 C:\Windows\assembly\NativeImages_v2.0.50727_64\System.Drawing\88f8a6436dc95497fce0dae347646e53\System.Drawing.ni.dll - ok
11:17:29.0924 4040 [ C7494C67A6BF6FE914808E42F8265FEF ] C:\Program Files\Windows Media Player\wmpnssci.dll
11:17:29.0924 4040 C:\Program Files\Windows Media Player\wmpnssci.dll - ok
11:17:29.0940 4040 [ E2A17BCC08D92F42E08AF6BA2F93ABA7 ] C:\Windows\SysWOW64\ExplorerFrame.dll
11:17:29.0940 4040 C:\Windows\SysWOW64\ExplorerFrame.dll - ok
11:17:29.0955 4040 [ 5DA219F57A9076FB6FBD3C9C3713A672 ] C:\Windows\System32\WWanAPI.dll
11:17:29.0955 4040 C:\Windows\System32\WWanAPI.dll - ok
11:17:29.0971 4040 [ 62C7AACC746C9723468A8F2169ED3E85 ] C:\Windows\System32\wwapi.dll
11:17:29.0971 4040 C:\Windows\System32\wwapi.dll - ok
11:17:29.0987 4040 [ 6B851E682A36453E1B1EE297FFB6E2AB ] C:\Windows\System32\QAGENT.DLL
11:17:29.0987 4040 C:\Windows\System32\QAGENT.DLL - ok
11:17:29.0987 4040 [ 3121A79D13A61562BE9CC902CD46B542 ] C:\Windows\System32\msidle.dll
11:17:29.0987 4040 C:\Windows\System32\msidle.dll - ok
11:17:30.0002 4040 [ ACE1BB07E0377E37A2C514CD2EC119B1 ] C:\Windows\System32\mssprxy.dll
11:17:30.0002 4040 C:\Windows\System32\mssprxy.dll - ok
11:17:30.0018 4040 [ A9F3BFC9345F49614D5859EC95B9E994 ] C:\Program Files\Windows Media Player\wmpnetwk.exe
11:17:30.0018 4040 C:\Program Files\Windows Media Player\wmpnetwk.exe - ok
11:17:30.0033 4040 [ F7A256EC899C72B4ECDD2C02CB592EFD ] C:\Windows\System32\bthprops.cpl
11:17:30.0033 4040 C:\Windows\System32\bthprops.cpl - ok
11:17:30.0049 4040 [ 6E1F8165C365D35C8E3C045AF0CDD481 ] C:\Windows\SysWOW64\duser.dll
11:17:30.0049 4040 C:\Windows\SysWOW64\duser.dll - ok
11:17:30.0065 4040 [ EE06B85BC69F18826302348A2AD089E0 ] C:\Windows\SysWOW64\dui70.dll
11:17:30.0065 4040 C:\Windows\SysWOW64\dui70.dll - ok
11:17:30.0080 4040 [ C9FB9038B15036CA28CF0B4BE2BED9BD ] C:\Windows\System32\en-US\tquery.dll.mui
11:17:30.0080 4040 C:\Windows\System32\en-US\tquery.dll.mui - ok
11:17:30.0096 4040 [ 180A7380320AF73CCF7F7D8880CA2193 ] C:\Windows\System32\ieframe.dll
11:17:30.0096 4040 C:\Windows\System32\ieframe.dll - ok
11:17:30.0111 4040 [ EADFC95980BC24DF3C7EE5B2CD38F043 ] C:\Windows\assembly\NativeImages_v2.0.50727_64\System.Windows.Forms\d6af7216038720b1adeca71e81c14bd6\System.Windows.Forms.ni.dll
11:17:30.0111 4040 C:\Windows\assembly\NativeImages_v2.0.50727_64\System.Windows.Forms\d6af7216038720b1adeca71e81c14bd6\System.Windows.Forms.ni.dll - ok
11:17:30.0111 4040 [ E36112A8A6C7F840169A7E92C12F4203 ] C:\Windows\System32\wsock32.dll
11:17:30.0111 4040 C:\Windows\System32\wsock32.dll - ok
11:17:30.0127 4040 [ 423982DD851406A52B6399DDB196C606 ] C:\Windows\System32\wmdrmdev.dll
11:17:30.0127 4040 C:\Windows\System32\wmdrmdev.dll - ok
11:17:30.0143 4040 [ 2C1055E2C6D42753241FB2A129136994 ] C:\Windows\System32\drmv2clt.dll
11:17:30.0143 4040 C:\Windows\System32\drmv2clt.dll - ok
11:17:30.0158 4040 [ 54B5DCD55B223BC5DF50B82E1E9E86B1 ] C:\Windows\System32\mfplat.dll
11:17:30.0158 4040 C:\Windows\System32\mfplat.dll - ok
11:17:30.0174 4040 [ 97A891E2BF7FDA830BCFC6269DA3F5E9 ] C:\Windows\System32\blackbox.dll
11:17:30.0174 4040 C:\Windows\System32\blackbox.dll - ok
11:17:30.0174 4040 [ 96DB78C9C50CEED9DA5050EFFEE272A2 ] C:\Windows\System32\upnp.dll
11:17:30.0174 4040 C:\Windows\System32\upnp.dll - ok
11:17:30.0189 4040 [ 51B52FBD583CDE8AA9BA62B8B4298F33 ] C:\Windows\System32\ssdpsrv.dll
11:17:30.0189 4040 C:\Windows\System32\ssdpsrv.dll - ok
11:17:30.0205 4040 [ E19AD0D49BFF5938B3E374873AC174DE ] C:\Windows\System32\wmploc.DLL
11:17:30.0205 4040 C:\Windows\System32\wmploc.DLL - ok
11:17:30.0221 4040 [ D9E21CBF9E6A87847AFFD39EA3FA28EE ] C:\Windows\System32\SearchProtocolHost.exe
11:17:30.0221 4040 C:\Windows\System32\SearchProtocolHost.exe - ok
11:17:30.0236 4040 [ 3819AD4329303EAC88480CA16A650735 ] C:\Windows\System32\UIAnimation.dll
11:17:30.0236 4040 C:\Windows\System32\UIAnimation.dll - ok
11:17:30.0252 4040 [ D2A5B2B09F2AF5ED13BF494508B09788 ] C:\Windows\System32\msshooks.dll
11:17:30.0252 4040 C:\Windows\System32\msshooks.dll - ok
11:17:30.0267 4040 [ 49A3AD5CE578CD77F445F3D244AEAB2D ] C:\Windows\System32\SearchFilterHost.exe
11:17:30.0267 4040 C:\Windows\System32\SearchFilterHost.exe - ok
11:17:30.0283 4040 [ D7CEAEDD5F75D2C8A2E80887D7C114CE ] C:\Windows\System32\webcheck.dll
11:17:30.0283 4040 C:\Windows\System32\webcheck.dll - ok
11:17:30.0299 4040 [ 8494E126F0B10180F3293AF861CE1F7A ] C:\Windows\System32\mlang.dll
11:17:30.0299 4040 C:\Windows\System32\mlang.dll - ok
11:17:30.0299 4040 [ 101797BA603D227946B4B5109867EB19 ] C:\Windows\System32\SyncCenter.dll
11:17:30.0299 4040 C:\Windows\System32\SyncCenter.dll - ok
11:17:30.0314 4040 [ 48041BAEB60CE5F34F13CC2A1361E49C ] C:\Windows\System32\mssph.dll
11:17:30.0314 4040 C:\Windows\System32\mssph.dll - ok
11:17:30.0330 4040 [ D64D99EC088B54FFE8EE67A480386C20 ] C:\Windows\Microsoft.NET\Framework64\v2.0.50727\Culture.dll
11:17:30.0330 4040 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\Culture.dll - ok
11:17:30.0345 4040 [ 8F4BB0CFECED925D440ABC2481278360 ] C:\Windows\System32\mapi32.dll
11:17:30.0345 4040 C:\Windows\System32\mapi32.dll - ok
11:17:30.0361 4040 [ 8130391F82D52D36C0441F714136957F ] C:\Windows\System32\imapi2.dll
11:17:30.0361 4040 C:\Windows\System32\imapi2.dll - ok
11:17:30.0377 4040 [ A555EC9827745E760BBABB7C6D4CE37F ] C:\Program Files\Internet Explorer\ieproxy.dll
11:17:30.0377 4040 C:\Program Files\Internet Explorer\ieproxy.dll - ok
11:17:30.0392 4040 [ 5DCD11D0B1CB71E2B035B30670365C35 ] C:\Windows\assembly\NativeImages_v2.0.50727_64\System.Runtime.Remo#\6c3851b925e2a31ddefb3d36bb9163cb\System.Runtime.Remoting.ni.dll
11:17:30.0392 4040 C:\Windows\assembly\NativeImages_v2.0.50727_64\System.Runtime.Remo#\6c3851b925e2a31ddefb3d36bb9163cb\System.Runtime.Remoting.ni.dll - ok
11:17:30.0408 4040 [ 6A5C1A8AC0B572679361026D0E900420 ] C:\Windows\System32\hgcpl.dll
11:17:30.0408 4040 C:\Windows\System32\hgcpl.dll - ok
11:17:30.0423 4040 [ 355A138ABDFD43FBABCAE3A1B06AB93D ] C:\Windows\System32\wmpps.dll
11:17:30.0423 4040 C:\Windows\System32\wmpps.dll - ok
11:17:30.0423 4040 [ 0438CAB2E03F4FB61455A7956026FE86 ] C:\Windows\System32\fdPHost.dll
11:17:30.0423 4040 C:\Windows\System32\fdPHost.dll - ok
11:17:30.0439 4040 [ 171D7DB433314A868507C4326E8209DC ] C:\Windows\System32\fdWSD.dll
11:17:30.0439 4040 C:\Windows\System32\fdWSD.dll - ok
11:17:30.0455 4040 [ F149E8CAE538DBF7059B00326673F602 ] C:\Windows\System32\wmpmde.dll
11:17:30.0455 4040 C:\Windows\System32\wmpmde.dll - ok
11:17:30.0470 4040 [ CDAD3376DFF3D9AC7FDCBE2B94B0D3C8 ] C:\Windows\System32\shfolder.dll
11:17:30.0470 4040 C:\Windows\System32\shfolder.dll - ok
11:17:30.0486 4040 [ A2E5B2D20954210DCE1A75A1FC8CC36D ] C:\Windows\System32\fdSSDP.dll
11:17:30.0486 4040 C:\Windows\System32\fdSSDP.dll - ok
11:17:30.0501 4040 [ 021287C2050FD5DB4A8B084E2C38139C ] C:\Windows\System32\WinSATAPI.dll
11:17:30.0501 4040 C:\Windows\System32\WinSATAPI.dll - ok
11:17:30.0517 4040 [ EFDFB3DD38A4376F93E7985173813ABD ] C:\Windows\System32\ListSvc.dll
11:17:30.0517 4040 C:\Windows\System32\ListSvc.dll - ok
11:17:30.0533 4040 [ B6411CED931AFD059E48C52DBFBA95B4 ] C:\Windows\System32\P2P.dll
11:17:30.0533 4040 C:\Windows\System32\P2P.dll - ok
11:17:30.0548 4040 [ D28C5A1411BB0B47E05E0D6AAF896690 ] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
11:17:30.0548 4040 C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe - ok
11:17:30.0564 4040 [ 66C87DB880052104808507D6FA84D68E ] C:\Program Files\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
11:17:30.0564 4040 C:\Program Files\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL - ok
11:17:30.0564 4040 [ 28A7D7C7E2FDD1D55F12F750CD6331EC ] C:\Windows\System32\MSMPEG2ENC.DLL
11:17:30.0564 4040 C:\Windows\System32\MSMPEG2ENC.DLL - ok
11:17:30.0579 4040 [ 4A82EA2807B16FF577AEAF8ADB8779FF ] C:\Windows\System32\IdListen.dll
11:17:30.0579 4040 C:\Windows\System32\IdListen.dll - ok
11:17:30.0595 4040 ============================================================
11:17:30.0595 4040 Scan finished
11:17:30.0595 4040 ============================================================
11:17:30.0626 4032 Detected object count: 2
11:17:30.0626 4032 Actual detected object count: 2
11:18:19.0485 4032 Thpsrv ( UnsignedFile.Multi.Generic ) - skipped by user
11:18:19.0485 4032 Thpsrv ( UnsignedFile.Multi.Generic ) - User select action: Skip
11:18:19.0563 4032 \Device\Harddisk0\DR0\TDLFS\cmd.dll - copied to quarantine
11:18:19.0782 4032 \Device\Harddisk0\DR0\TDLFS\cmd64.dll - copied to quarantine
11:18:20.0047 4032 \Device\Harddisk0\DR0\TDLFS\drv32 - copied to quarantine
11:18:28.0315 4032 \Device\Harddisk0\DR0\TDLFS\drv64 - copied to quarantine
11:18:28.0440 4032 \Device\Harddisk0\DR0\TDLFS\servers.dat - copied to quarantine
11:18:28.0455 4032 \Device\Harddisk0\DR0\TDLFS\config.ini - copied to quarantine
11:18:28.0455 4032 \Device\Harddisk0\DR0\TDLFS\ldr16 - copied to quarantine
11:18:29.0079 4032 \Device\Harddisk0\DR0\TDLFS\ldr32 - copied to quarantine
11:18:29.0189 4032 \Device\Harddisk0\DR0\TDLFS\ldr64 - copied to quarantine
11:18:29.0220 4032 \Device\Harddisk0\DR0\TDLFS\s - copied to quarantine
11:18:29.0235 4032 \Device\Harddisk0\DR0\TDLFS\ldrm - copied to quarantine
11:18:29.0251 4032 \Device\Harddisk0\DR0\TDLFS\u - copied to quarantine
11:18:29.0298 4032 \Device\Harddisk0\DR0\TDLFS - deleted
11:18:29.0298 4032 \Device\Harddisk0\DR0 ( TDSS File System ) - User select action: Delete
11:18:39.0610 2904 Deinitialize success
All processes killed
========== FILES ==========
C:\ProgramData\Microsoft\Windows\DRM\AE6F.tmp moved successfully.
C:\ProgramData\Microsoft\Windows\DRM\AE8F.tmp moved successfully.
File\Folder C:\Users\All Users\Microsoft\Windows\DRM\AE6F.tmp not found.
File\Folder C:\Users\All Users\Microsoft\Windows\DRM\AE8F.tmp not found.
C:\Users\Jessie\AppData\Local\Google\Chrome\User Data\Default\Default\aadddgdgggdcdidddgdedcgddegedgdg\background.html moved successfully.
C:\Users\Jessie\AppData\Local\VirtualStore\TOSHIBA\wswikaw.dll moved successfully.
C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\3E1ZEF52\st[1].js moved successfully.
File\Folder C:\Windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\3E1ZEF52\st[1].js not found.
========== COMMANDS ==========

[EMPTYTEMP]

User: Administrator

User: All Users

User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->Flash cache emptied: 0 bytes

User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->Flash cache emptied: 0 bytes

User: Jessie
->Temp folder emptied: 2323590 bytes
->Temporary Internet Files folder emptied: 121484171 bytes
->Java cache emptied: 0 bytes
->Google Chrome cache emptied: 11159762 bytes
->Flash cache emptied: 1807 bytes

User: Public

%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32 (64bit) .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 23102 bytes
%systemroot%\sysnative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files folder emptied: 0 bytes
RecycleBin emptied: 0 bytes

Total Files Cleaned = 129.00 mb

Restore point Set: OTL Restore Point

OTL by OldTimer - Version 3.2.69.0 log created on 11242012_112028

Files\Folders moved on Reboot...
File\Folder C:\Users\Jessie\AppData\Local\Temp\OICE_AEFF0C31-54AA-4D1F-A815-098B95B2FE92.0\61FBF57D. not found!
File\Folder C:\Users\Jessie\AppData\Local\Temp\OICE_99BBDAA9-85EE-4C36-A80E-7AE905704273.0\6A338678. not found!
C:\Users\Jessie\AppData\Local\Temp\Low\REGE742.tmp moved successfully.
C:\Users\Jessie\AppData\Local\Temp\FXSAPIDebugLogFile.txt moved successfully.
C:\Users\Jessie\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\HGTL0L3V\si[1].htm moved successfully.
C:\Users\Jessie\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\HGTL0L3V\si[2].htm moved successfully.
C:\Users\Jessie\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\MSIMGSIZ.DAT moved successfully.

PendingFileRenameOperations files...

Registry entries deleted on Reboot...

OTL logfile created on: 11/24/2012 11:25:28 AM - Run 4
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Jessie\Desktop
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

3.60 Gb Total Physical Memory | 2.64 Gb Available Physical Memory | 73.33% Memory free
7.20 Gb Paging File | 6.07 Gb Available in Paging File | 84.32% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 282.38 Gb Total Space | 236.51 Gb Free Space | 83.76% Space Free | Partition Type: NTFS

Computer Name: JESSIE-PC | User Name: Jessie | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan | Include 64bit Scans
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2012/11/22 10:34:33 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Jessie\Desktop\OTL.exe
PRC - [2012/09/29 19:54:26 | 000,399,432 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe

========== Modules (No Company Name) ==========

========== Services (SafeList) ==========

SRV:64bit: - [2012/09/12 20:21:48 | 000,368,896 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- c:\Program Files\Microsoft Security Client\NisSrv.exe -- (NisSrv)
SRV:64bit: - [2012/09/12 20:21:48 | 000,022,072 | ---- | M] (Microsoft Corporation) [Auto | Running] -- c:\Program Files\Microsoft Security Client\MsMpEng.exe -- (MsMpSvc)
SRV:64bit: - [2011/06/10 00:10:00 | 000,138,152 | ---- | M] (TOSHIBA Corporation) [On_Demand | Stopped] -- C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSmartSrv.exe -- (TOSHIBA HDD SSD Alert Service)
SRV:64bit: - [2011/06/08 00:54:56 | 000,204,288 | ---- | M] (AMD) [Auto | Running] -- C:\Windows\SysNative\atiesrxx.exe -- (AMD External Events Utility)
SRV:64bit: - [2011/05/17 17:34:18 | 000,574,896 | ---- | M] (TOSHIBA Corporation) [Auto | Running] -- C:\Program Files\TOSHIBA\Power Saver\TosCoSrv.exe -- (TosCoSrv)
SRV:64bit: - [2011/04/20 18:16:04 | 000,558,592 | ---- | M] (TOSHIBA Corporation) [Auto | Running] -- C:\Windows\SysNative\ThpSrv.exe -- (Thpsrv)
SRV:64bit: - [2010/10/20 17:41:00 | 000,138,656 | ---- | M] (TOSHIBA Corporation) [Auto | Running] -- C:\Windows\SysNative\TODDSrv.exe -- (TODDSrv)
SRV:64bit: - [2010/09/22 21:10:10 | 000,057,184 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Program Files\Windows Live\Mesh\wlcrasvc.exe -- (wlcrasvc)
SRV:64bit: - [2009/07/13 20:41:27 | 001,011,712 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV - [2012/09/29 19:54:26 | 000,676,936 | ---- | M] (Malwarebytes Corporation) [Auto | Stopped] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe -- (MBAMService)
SRV - [2012/09/29 19:54:26 | 000,399,432 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe -- (MBAMScheduler)
SRV - [2011/07/11 20:16:06 | 000,057,216 | ---- | M] (TOSHIBA Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\Toshiba\TOSHIBA Service Station\TMachInfo.exe -- (TMachInfo)
SRV - [2010/03/18 16:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2009/06/10 16:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)

========== Driver Services (SafeList) ==========

DRV:64bit: - [2012/09/29 19:54:26 | 000,025,928 | ---- | M] (Malwarebytes Corporation) [File_System | On_Demand | Running] -- C:\Windows\SysNative\drivers\mbam.sys -- (MBAMProtector)
DRV:64bit: - [2012/08/30 21:03:48 | 000,128,456 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\NisDrvWFP.sys -- (NisDrv)
DRV:64bit: - [2012/03/01 01:46:16 | 000,023,408 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
DRV:64bit: - [2011/07/28 17:33:50 | 000,313,448 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\rtsuvstor.sys -- (RSUSBVSTOR)
DRV:64bit: - [2011/06/08 01:42:26 | 009,360,896 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmdag.sys -- (amdkmdag)
DRV:64bit: - [2011/06/08 00:16:14 | 000,309,760 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmpag.sys -- (amdkmdap)
DRV:64bit: - [2011/05/17 01:55:28 | 000,533,096 | ---- | M] (Realtek ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Rt64win7.sys -- (RTL8167)
DRV:64bit: - [2011/04/13 12:21:56 | 001,143,912 | ---- | M] (Realtek Semiconductor Corporation ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\rtl8192ce.sys -- (RTL8192Ce)
DRV:64bit: - [2011/03/24 22:50:30 | 001,423,408 | ---- | M] (Synaptics Incorporated) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\SynTP.sys -- (SynTP)
DRV:64bit: - [2011/03/23 20:10:28 | 000,036,992 | ---- | M] (TOSHIBA Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\thpdrv.sys -- (Thpdrv)
DRV:64bit: - [2011/03/11 01:41:12 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2011/03/11 01:41:12 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2011/02/08 22:07:00 | 000,038,096 | ---- | M] (TOSHIBA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\PGEffect.sys -- (PGEffect)
DRV:64bit: - [2010/11/20 22:24:33 | 000,059,392 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV:64bit: - [2010/11/20 22:23:47 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2010/11/20 22:23:47 | 000,031,232 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbGD.sys -- (TsUsbGD)
DRV:64bit: - [2009/07/30 23:22:04 | 000,027,784 | ---- | M] (TOSHIBA Corporation.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\tdcmdpst.sys -- (tdcmdpst)
DRV:64bit: - [2009/07/14 18:31:18 | 000,026,840 | ---- | M] (TOSHIBA Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\TVALZ_O.SYS -- (TVALZ)
DRV:64bit: - [2009/07/13 20:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2009/07/13 20:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2009/07/13 20:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2009/07/07 12:51:42 | 000,009,216 | ---- | M] (TOSHIBA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\FwLnk.sys -- (FwLnk)
DRV:64bit: - [2009/06/29 19:16:20 | 000,014,784 | ---- | M] (TOSHIBA Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\Thpevm.sys -- (Thpevm)
DRV:64bit: - [2009/06/10 15:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2009/06/10 15:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2009/06/10 15:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:64bit: - [2009/06/10 15:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV - [2009/07/13 20:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)

========== Standard Registry (SafeList) ==========

========== Internet Explorer ==========

IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {{67A2568C-7A0A-4EED-AECC-B5405DE63B64}}
IE:64bit: - HKLM\..\SearchScopes\{{67A2568C-7A0A-4EED-AECC-B5405DE63B64}}: "URL" = http://www.google.co...ng}&rlz=1I7TSNO
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\..\SearchScopes,DefaultScope = {{67A2568C-7A0A-4EED-AECC-B5405DE63B64}}
IE - HKLM\..\SearchScopes\{{67A2568C-7A0A-4EED-AECC-B5405DE63B64}}: "URL" = http://www.google.co...ng}&rlz=1I7TSNO

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://start.toshiba.com/?cid=C001B2Y
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,SearchDefaultBranded = 1
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.yahoo.com/
IE - HKCU\..\SearchScopes,DefaultScope = {70642FB4-62CF-41F8-89A6-A9393D564588}
IE - HKCU\..\SearchScopes\{{67A2568C-7A0A-4EED-AECC-B5405DE63B64}}: "URL" = http://www.google.co...ng}&rlz=1I7TSNO
IE - HKCU\..\SearchScopes\{70642FB4-62CF-41F8-89A6-A9393D564588}: "URL" = http://www.google.co...1I7TSNO_enUS474
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = <local>

========== FireFox ==========

FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\5.1.10411.0\npctrl.dll ( Microsoft Corporation)
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\windows\SysWOW64\Macromed\Flash\NPSWF32.dll ()
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.5.1: C:\windows\SysWOW64\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.5.1: C:\Program Files (x86)\Oracle\JavaFX 2.1 Runtime\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\5.1.10411.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~2\MICROS~3\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~2\MICROS~3\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3538.0513: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.)

========== Chrome ==========

CHR - default_search_provider: Funmoods (Enabled)
CHR - default_search_provider: search_url = http://searchfunmood...yE&cr=945882518
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?client=chrome&hl={language}&q={searchTerms}
CHR - plugin: Shockwave Flash (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\23.0.1271.64\PepperFlash\pepflashplayer.dll
CHR - plugin: Chrome Remote Desktop Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\23.0.1271.64\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\23.0.1271.64\pdf.dll
CHR - plugin: Adobe Acrobat (Enabled) = C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll
CHR - plugin: Microsoft Office 2010 (Enabled) = C:\PROGRA~2\MICROS~3\Office14\NPAUTHZ.DLL
CHR - plugin: Microsoft Office 2010 (Enabled) = C:\PROGRA~2\MICROS~3\Office14\NPSPWRAP.DLL
CHR - plugin: Google Update (Enabled) = C:\Program Files (x86)\Google\Update\1.3.21.123\npGoogleUpdate3.dll
CHR - plugin: Java™ Platform SE 7 U5 (Enabled) = C:\Program Files (x86)\Oracle\JavaFX 2.1 Runtime\bin\plugin2\npjp2.dll
CHR - plugin: Windows Live\u0099 Photo Gallery (Enabled) = C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\windows\SysWOW64\Macromed\Flash\NPSWF32.dll
CHR - plugin: Java Deployment Toolkit 7.0.50.255 (Enabled) = C:\windows\SysWOW64\npDeployJava1.dll
CHR - plugin: Silverlight Plug-In (Enabled) = c:\Program Files (x86)\Microsoft Silverlight\5.1.10411.0\npctrl.dll

O1 HOSTS File: ([2009/06/10 16:00:26 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O2:64bit: - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
O2 - BHO: (Java™ Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Oracle\JavaFX 2.1 Runtime\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (Java™ Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Oracle\JavaFX 2.1 Runtime\bin\jp2ssv.dll (Oracle Corporation)
O3:64bit: - HKLM\..\Toolbar: (Google Toolbar) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
O3:64bit: - HKCU\..\Toolbar\WebBrowser: (Google Toolbar) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
O4:64bit: - HKLM..\Run: [] File not found
O4:64bit: - HKLM..\Run: [HSON] C:\Program Files\TOSHIBA\TBS\HSON.exe (TOSHIBA Corporation)
O4:64bit: - HKLM..\Run: [MSC] c:\Program Files\Microsoft Security Client\msseces.exe (Microsoft Corporation)
O4:64bit: - HKLM..\Run: [RtHDVBg] C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe (Realtek Semiconductor)
O4:64bit: - HKLM..\Run: [RTHDVCPL] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor)
O4:64bit: - HKLM..\Run: [TCrdMain] C:\Program Files\TOSHIBA\FlashCards\TCrdMain.exe (TOSHIBA Corporation)
O4:64bit: - HKLM..\Run: [ThpSrv] C:\windows\SysNative\thpsrv.exe (TOSHIBA Corporation)
O4:64bit: - HKLM..\Run: [TosSENotify] C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosWaitSrv.exe (TOSHIBA Corporation)
O4:64bit: - HKLM..\Run: [TosVolRegulator] C:\Program Files\TOSHIBA\TosVolRegulator\TosVolRegulator.exe (TOSHIBA Corporation)
O4:64bit: - HKLM..\Run: [TPwrMain] C:\Program Files\TOSHIBA\Power Saver\TPwrMain.exe (TOSHIBA Corporation)
O4 - HKLM..\Run: [StartCCC] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.)
O4 - HKLM..\Run: [ToshibaServiceStation] C:\Program Files (x86)\TOSHIBA\TOSHIBA Service Station\ToshibaServiceStation.exe (TOSHIBA Corporation)
O4 - HKCU..\Run: [TOSHIBA] rundll32.exe "C:\Users\Jessie\AppData\Local\VirtualStore\TOSHIBA\wswikaw.dll",DllRegisterServerW File not found
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O16 - DPF: {20BBA18F-5BC8-47B5-8FC9-5DFCA8E56A4B} https://mpi.dacom.ne...PI_20110503.cab (XacsPop Control)
O16 - DPF: {48ECCD73-123C-4C25-A64C-76E8E8A30CAF} https://mpi.dacom.ne...MPI/XPayMPI.cab (XPayMPIOCX Control)
O16 - DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} http://download.eset...lineScanner.cab (Reg Error: Key error.)
O16 - DPF: {7C98E005-7DA3-4C02-8D9F-FAA9C4D1C343} http://service.ewha..../ictReportX.cab (ReportViewerForm Control)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Java Plug-in 10.5.1)
O16 - DPF: {AC2CE4A7-75CE-4B11-B245-CE697861C3C1} http://ems.shinhanli...ISAFEMailv4.cab (INISafeMailContainer Class)
O16 - DPF: {CAFEEFAC-0016-0000-0025-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_25)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 10.5.1)
O16 - DPF: {E78928A6-3D2A-4BF7-A100-F3FBAA351B49} https://www.vpay.co....TLD_VISTA64.cab (KvpIspCtlD Control)
O16 - DPF: {FFD77E35-1C34-4EAC-B5A7-414CC5D007DA} https://www.isaackor...sim/ilkactx.cab (AnsimPlugin Class)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 75.75.76.76 75.75.75.75
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{E7ACCB42-994F-4EAC-8BC1-7BA8188F8953}: DhcpNameServer = 75.75.76.76 75.75.75.75
O18:64bit: - Protocol\Handler\livecall - No CLSID value found
O18:64bit: - Protocol\Handler\ms-help - No CLSID value found
O18:64bit: - Protocol\Handler\msnim - No CLSID value found
O18:64bit: - Protocol\Handler\wlmailhtml - No CLSID value found
O18:64bit: - Protocol\Handler\wlpg - No CLSID value found
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\windows\SysWow64\userinit.exe (Microsoft Corporation)
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)

========== Files/Folders - Created Within 30 Days ==========

[2012/11/23 15:16:07 | 000,208,216 | ---- | C] (Kaspersky Lab, GERT) -- C:\windows\SysNative\drivers\27771144.sys
[2012/11/22 20:22:13 | 000,000,000 | ---D | C] -- C:\TDSSKiller_Quarantine
[2012/11/22 20:16:08 | 002,213,976 | ---- | C] (Kaspersky Lab ZAO) -- C:\Users\Jessie\Desktop\tdsskiller.exe
[2012/11/22 20:10:47 | 000,000,000 | ---D | C] -- C:\Users\Jessie\Desktop\RK_Quarantine
[2012/11/22 19:26:49 | 000,000,000 | ---D | C] -- C:\_OTL
[2012/11/22 10:34:12 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\Jessie\Desktop\OTL.exe
[2012/11/21 23:41:13 | 000,000,000 | ---D | C] -- C:\windows\Microsoft Antimalware
[2012/11/21 20:00:37 | 000,000,000 | ---D | C] -- C:\Users\Jessie\AppData\Roaming\Malwarebytes
[2012/11/21 20:00:33 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware
[2012/11/21 20:00:33 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2012/11/21 20:00:31 | 000,025,928 | ---- | C] (Malwarebytes Corporation) -- C:\windows\SysNative\drivers\mbam.sys
[2012/11/21 20:00:31 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware
[2012/11/21 20:00:14 | 000,000,000 | ---D | C] -- C:\Users\Jessie\AppData\Roaming\Optimizer Pro
[2012/11/21 20:00:10 | 000,000,000 | ---D | C] -- C:\ProgramData\TEMP
[2012/11/21 20:00:02 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Optimizer Pro
[2012/11/21 19:59:54 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Optimizer Pro
[2012/11/21 19:54:43 | 000,000,000 | ---D | C] -- C:\eb958037f26a16806998df99
[2012/11/19 15:54:45 | 000,000,000 | ---D | C] -- C:\windows\Minidump
[2012/11/17 11:15:01 | 000,000,000 | ---D | C] -- C:\windows\Sun
[2012/11/15 06:06:24 | 000,000,000 | -HSD | C] -- C:\Config.Msi
[1 C:\Users\Jessie\Desktop\*.tmp files -> C:\Users\Jessie\Desktop\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2012/11/24 11:31:17 | 000,024,608 | -H-- | M] () -- C:\windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2012/11/24 11:31:17 | 000,024,608 | -H-- | M] () -- C:\windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2012/11/24 11:24:03 | 000,000,908 | ---- | M] () -- C:\windows\tasks\GoogleUpdateTaskMachineCore.job
[2012/11/24 11:23:47 | 000,000,912 | ---- | M] () -- C:\windows\tasks\GoogleUpdateTaskMachineUA.job
[2012/11/24 11:23:40 | 000,067,584 | --S- | M] () -- C:\windows\bootstat.dat
[2012/11/24 11:23:33 | 2899,468,288 | -HS- | M] () -- C:\hiberfil.sys
[2012/11/23 15:16:08 | 000,208,216 | ---- | M] (Kaspersky Lab, GERT) -- C:\windows\SysNative\drivers\27771144.sys
[2012/11/23 12:44:29 | 000,543,531 | ---- | M] () -- C:\Users\Jessie\Desktop\adwcleaner.exe
[2012/11/22 20:16:09 | 002,213,976 | ---- | M] (Kaspersky Lab ZAO) -- C:\Users\Jessie\Desktop\tdsskiller.exe
[2012/11/22 20:08:37 | 000,750,080 | ---- | M] () -- C:\Users\Jessie\Desktop\RogueKiller.exe
[2012/11/22 19:50:47 | 000,726,316 | ---- | M] () -- C:\windows\SysNative\PerfStringBackup.INI
[2012/11/22 19:50:47 | 000,624,178 | ---- | M] () -- C:\windows\SysNative\perfh009.dat
[2012/11/22 19:50:47 | 000,106,522 | ---- | M] () -- C:\windows\SysNative\perfc009.dat
[2012/11/22 19:23:02 | 327,035,946 | ---- | M] () -- C:\windows\MEMORY.DMP
[2012/11/22 10:34:33 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Jessie\Desktop\OTL.exe
[2012/11/21 20:05:40 | 000,001,124 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware (2).lnk
[2012/11/21 20:00:34 | 000,001,124 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
[2012/11/21 20:00:01 | 000,001,077 | ---- | M] () -- C:\Users\Jessie\Desktop\Optimizer Pro.lnk
[2012/11/21 19:59:50 | 000,290,500 | ---- | M] () -- C:\Users\Jessie\AppData\Local\funmoods-speeddial_sf.crx
[2012/11/19 16:10:34 | 010,973,467 | ---- | M] () -- C:\Users\Jessie\Desktop\greencourt place.zip
[2012/11/15 06:56:51 | 000,342,664 | ---- | M] () -- C:\windows\SysNative\FNTCACHE.DAT
[1 C:\Users\Jessie\Desktop\*.tmp files -> C:\Users\Jessie\Desktop\*.tmp -> ]

========== Files Created - No Company Name ==========

[2012/11/23 12:44:29 | 000,543,531 | ---- | C] () -- C:\Users\Jessie\Desktop\adwcleaner.exe
[2012/11/22 20:08:13 | 000,750,080 | ---- | C] () -- C:\Users\Jessie\Desktop\RogueKiller.exe
[2012/11/21 20:05:40 | 000,001,124 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware (2).lnk
[2012/11/21 20:00:34 | 000,001,124 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
[2012/11/21 20:00:20 | 000,290,500 | ---- | C] () -- C:\Users\Jessie\AppData\Local\funmoods-speeddial_sf.crx
[2012/11/21 20:00:01 | 000,001,077 | ---- | C] () -- C:\Users\Jessie\Desktop\Optimizer Pro.lnk
[2012/11/19 16:10:26 | 010,973,467 | ---- | C] () -- C:\Users\Jessie\Desktop\greencourt place.zip
[2012/11/19 15:54:39 | 327,035,946 | ---- | C] () -- C:\windows\MEMORY.DMP
[2012/11/15 06:16:34 | 000,000,003 | ---- | C] () -- C:\windows\SysNative\drivers\MsftWdf_Kernel_01011_Inbox_Critical.Wdf
[2012/11/15 06:00:54 | 000,000,003 | ---- | C] () -- C:\windows\SysNative\drivers\MsftWdf_User_01_11_00_Inbox_Critical.Wdf
[2012/09/24 18:44:46 | 002,480,232 | ---- | C] () -- C:\windows\SysWow64\ISPPopUpDlg.exe
[2012/08/04 11:27:55 | 000,000,478 | ---- | C] () -- C:\windows\SysWow64\ic32.ini
[2012/08/04 09:18:30 | 000,540,672 | ---- | C] () -- C:\windows\SysWow64\Tx32.dll
[2012/07/26 12:05:40 | 000,495,616 | ---- | C] () -- C:\windows\SysWow64\KvpUpCom.dll
[2012/04/07 15:30:19 | 000,743,534 | ---- | C] () -- C:\windows\SysWow64\PerfStringBackup.INI
[2012/01/19 03:42:09 | 000,451,072 | ---- | C] () -- C:\windows\SysWow64\ISSRemoveSP.exe
[2012/01/19 03:33:35 | 000,000,000 | ---- | C] () -- C:\windows\ativpsrm.bin
[2012/01/19 03:30:19 | 000,003,929 | ---- | C] () -- C:\windows\SysWow64\atipblag.dat
[2011/03/24 22:48:04 | 000,066,856 | ---- | C] () -- C:\windows\SysWow64\SynTPEnhPS.dll

========== ZeroAccess Check ==========

[2009/07/13 23:55:00 | 000,000,227 | RHS- | M] () -- C:\windows\assembly\Desktop.ini

[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64

[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64

[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\Windows\SysNative\shell32.dll -- [2012/06/09 00:43:10 | 014,172,672 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2012/06/08 23:41:00 | 012,873,728 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009/07/13 20:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2010/11/20 22:24:25 | 000,606,208 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2009/07/13 20:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]

========== LOP Check ==========

[2012/04/08 21:24:49 | 000,000,000 | ---D | M] -- C:\Users\Jessie\AppData\Roaming\KidZui
[2012/08/04 11:27:46 | 000,000,000 | ---D | M] -- C:\Users\Jessie\AppData\Roaming\M-HTOEFL
[2012/11/21 20:00:14 | 000,000,000 | ---D | M] -- C:\Users\Jessie\AppData\Roaming\Optimizer Pro
[2012/03/09 18:27:09 | 000,000,000 | ---D | M] -- C:\Users\Jessie\AppData\Roaming\WB Games
[2012/03/09 19:05:58 | 000,000,000 | ---D | M] -- C:\Users\Jessie\AppData\Roaming\WinBatch

========== Purity Check ==========

========== Files - Unicode (All) ==========
[2012/11/12 07:20:49 | 000,000,580 | ---- | M] ()(C:\Users\Jessie\Desktop\????.lnk) -- C:\Users\Jessie\Desktop\겨울캠프.lnk
[2012/10/15 20:11:59 | 000,000,000 | ---D | M](C:\Users\Jessie\Desktop\????11) -- C:\Users\Jessie\Desktop\여름캠프11
[2012/10/15 16:20:56 | 000,017,368 | ---- | M] ()(C:\Users\Jessie\Desktop\?????? ?? ? ??.docx) -- C:\Users\Jessie\Desktop\미국학생비자 서류 및 절차.docx
[2012/10/15 16:20:55 | 000,017,368 | ---- | C] ()(C:\Users\Jessie\Desktop\?????? ?? ? ??.docx) -- C:\Users\Jessie\Desktop\미국학생비자 서류 및 절차.docx
[2012/10/13 07:57:47 | 000,000,580 | ---- | C] ()(C:\Users\Jessie\Desktop\????.lnk) -- C:\Users\Jessie\Desktop\겨울캠프.lnk
[2012/10/13 07:56:27 | 000,065,536 | ---- | C] ()(C:\Users\Jessie\Desktop\2010? ???.xls) -- C:\Users\Jessie\Desktop\2010년 주소록.xls
[2012/10/13 07:56:09 | 000,000,000 | ---D | C](C:\Users\Jessie\Desktop\????11) -- C:\Users\Jessie\Desktop\여름캠프11
[2012/05/05 13:25:38 | 000,019,358 | ---- | M] ()(C:\Users\Jessie\Desktop\????5~.docx) -- C:\Users\Jessie\Desktop\미대순위5~.docx
[2012/05/05 13:25:38 | 000,019,358 | ---- | C] ()(C:\Users\Jessie\Desktop\????5~.docx) -- C:\Users\Jessie\Desktop\미대순위5~.docx
[2012/05/05 13:21:58 | 000,016,438 | ---- | M] ()(C:\Users\Jessie\Desktop\2011 ??????.docx) -- C:\Users\Jessie\Desktop\2011 미국대학평가.docx
[2012/05/05 13:21:57 | 000,016,438 | ---- | C] ()(C:\Users\Jessie\Desktop\2011 ??????.docx) -- C:\Users\Jessie\Desktop\2011 미국대학평가.docx
[2011/05/17 19:28:26 | 000,065,536 | ---- | M] ()(C:\Users\Jessie\Desktop\2010? ???.xls) -- C:\Users\Jessie\Desktop\2010년 주소록.xls

< End of report >

#13
Jasmyne

Posted 24 November 2012 - 01:19 PM

Trusted Helper

Malware Removal
2,010 posts

Quick question...Do you have sync turned on for Google Chrome?

#14
jkabat

Posted 24 November 2012 - 02:23 PM

Member

Topic Starter
Member
98 posts

I'm not sure what that means nor how to check...

#15
Jasmyne

Posted 24 November 2012 - 03:09 PM

Trusted Helper

Malware Removal
2,010 posts

With Chrome you can log in with your email address to sync your preferences to multiple browsers. If you open Chrome and look on the right hand side of the address bar there will be a button with three lines. If you click it you could either see "Sign in to Chrome" or "Signed in as [your email address]" If you're signed in then your Chrome is synced with your email account.