Jump to content

Welcome to Geeks to Go - Register now for FREE

Geeks To Go is a helpful hub, where thousands of volunteer geeks quickly serve friendly answers and support. Check out the forums and get free advice from the experts. Register now to gain access to all of our features, it's FREE and only takes one minute. Once registered and logged in, you will be able to create topics, post replies to existing threads, give reputation to your fellow members, get your own private messenger, post status updates, manage your profile and so much more.

Create Account How it Works
Photo

Suddenly, huge computer lag. [Solved]


  • This topic is locked This topic is locked

#1
evolnomis

evolnomis

    Member

  • Member
  • PipPip
  • 51 posts
I own a Toshiba Laptop L755 running on Windows 7.

The computer runs fine normally but twice this year it gets hit with major lag. The last time this happened, i just formatted my computer and reinstalled windows and everything ran fine...this time, i was hoping to avoid all that hassle

Symptoms:
- lag when typing...about 1 to 2 seconds lag before i see the characters on the monitor
- video lag with VLC player when i watch a movie. not constantly but at certain scenes, especially when i scroll through the movie or when it first starts
- mouse click lag. happens when i push a button on Mozilla Firefox or Microsoft Excel or windows explorer...every program
- after restarting the pc after hibernation, a black screen pops up saying something about network cable connection error and to tell me to insert a bootable disk...so i turn it off and unplug the power and turn on again and it goes back to normal with the windows resume icon
- at the moment, the computer is running fine again. But i think this is only temporary...

Solutions I have tried:
- CCleane
- Defraggler
- Avast Antivirus scan. No errors or viruses found
- Spybot Search and Destroy. No Spyware found
- System reboot. The same lag still continues...

thanks!!!


OTL logfile created on: 12/29/2012 3:24:21 PM - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\SimonLaptop\Desktop
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

3.95 Gb Total Physical Memory | 2.54 Gb Available Physical Memory | 64.27% Memory free
7.90 Gb Paging File | 5.89 Gb Available in Paging File | 74.53% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 60.00 Gb Total Space | 25.04 Gb Free Space | 41.73% Space Free | Partition Type: NTFS
Drive D: | 222.90 Gb Total Space | 90.79 Gb Free Space | 40.73% Space Free | Partition Type: NTFS
Drive F: | 7.16 Gb Total Space | 0.00 Gb Free Space | 0.00% Space Free | Partition Type: UDF

Computer Name: SIMONLAPTOP-PC | User Name: SimonLaptop | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan | Include 64bit Scans
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2012/12/29 15:23:45 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\SimonLaptop\Desktop\OTL.exe
PRC - [2012/12/22 12:01:00 | 028,538,560 | ---- | M] (Dropbox, Inc.) -- C:\Users\SimonLaptop\AppData\Roaming\Dropbox\bin\Dropbox.exe
PRC - [2012/12/13 23:26:26 | 001,807,800 | ---- | M] (Adobe Systems, Inc.) -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_5_502_135.exe
PRC - [2012/12/08 03:38:18 | 000,916,960 | ---- | M] (Mozilla Corporation) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe
PRC - [2012/11/13 14:08:12 | 003,487,240 | ---- | M] (Safer-Networking Ltd.) -- C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe
PRC - [2012/11/13 14:08:08 | 003,825,176 | ---- | M] (Safer-Networking Ltd.) -- C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe
PRC - [2012/11/13 14:07:24 | 000,168,384 | ---- | M] (Safer-Networking Ltd.) -- C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe
PRC - [2012/11/13 14:07:20 | 001,369,624 | ---- | M] (Safer-Networking Ltd.) -- C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe
PRC - [2012/11/13 14:07:16 | 001,103,392 | ---- | M] (Safer-Networking Ltd.) -- C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe
PRC - [2012/10/20 18:43:43 | 000,250,145 | ---- | M] (INCA Internet Co., Ltd.) -- C:\Windows\SysWOW64\npstartersvc.exe
PRC - [2012/10/20 18:43:43 | 000,213,279 | ---- | M] (INCA Internet Co., Ltd.) -- C:\Windows\SysWOW64\npnj5Agent.exe
PRC - [2012/09/23 20:43:34 | 000,065,192 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
PRC - [2012/07/04 01:21:30 | 004,273,976 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AvastUI.exe
PRC - [2012/07/04 01:21:29 | 000,044,808 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe
PRC - [2011/12/10 13:23:08 | 000,976,384 | ---- | M] (Quick And Easy Software) -- C:\Users\SimonLaptop\Desktop\USB_Disk_Eject.exe
PRC - [2011/07/01 03:29:06 | 000,074,752 | ---- | M] (Nullsoft, Inc.) -- C:\Program Files (x86)\Winamp\winampa.exe
PRC - [2011/05/03 18:18:01 | 000,487,424 | ---- | M] (Gadwin Systems, Inc) -- C:\Program Files (x86)\Gadwin Systems\PrintScreen\PrintScreen.exe
PRC - [2010/12/21 10:30:38 | 002,656,280 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe
PRC - [2010/12/21 10:30:36 | 000,325,656 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
PRC - [2009/02/23 19:43:12 | 000,576,000 | ---- | M] (MagicISO, Inc.) -- C:\Program Files (x86)\MagicDisc\MagicDisc.exe


========== Modules (No Company Name) ==========

MOD - [2012/12/13 23:26:25 | 014,586,296 | ---- | M] () -- C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_5_502_135.dll
MOD - [2012/12/08 03:38:17 | 002,397,152 | ---- | M] () -- C:\Program Files (x86)\Mozilla Firefox\mozjs.dll
MOD - [2012/11/13 14:06:32 | 000,158,624 | ---- | M] () -- C:\Program Files (x86)\Spybot - Search & Destroy 2\snlFileFormats150.bpl
MOD - [2012/11/13 14:06:30 | 000,108,960 | ---- | M] () -- C:\Program Files (x86)\Spybot - Search & Destroy 2\snlThirdParty150.bpl
MOD - [2012/11/13 14:06:28 | 000,554,400 | ---- | M] () -- C:\Program Files (x86)\Spybot - Search & Destroy 2\VirtualTreesDXE150.bpl
MOD - [2012/11/13 14:06:28 | 000,528,288 | ---- | M] () -- C:\Program Files (x86)\Spybot - Search & Destroy 2\JSDialogPack150.bpl
MOD - [2012/11/13 14:06:28 | 000,416,160 | ---- | M] () -- C:\Program Files (x86)\Spybot - Search & Destroy 2\DEC150.bpl
MOD - [2012/07/18 05:07:18 | 000,970,240 | ---- | M] () -- C:\Users\SimonLaptop\AppData\Roaming\Mozilla\Firefox\Profiles\26sioaha.default\extensions\[email protected]\platform\WINNT_x86-msvc\components\lpxpcom.dll


========== Services (SafeList) ==========

SRV:64bit: - [2012/07/04 01:21:29 | 000,044,808 | ---- | M] (AVAST Software) [Auto | Running] -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe -- (avast! Antivirus)
SRV:64bit: - [2011/03/03 07:36:16 | 000,266,680 | ---- | M] (TOSHIBA Corporation) [Auto | Running] -- C:\Program Files\Toshiba\TECO\TecoService.exe -- (TOSHIBA eco Utility Service)
SRV:64bit: - [2010/12/21 10:30:30 | 000,822,704 | ---- | M] (TOSHIBA Corporation) [On_Demand | Running] -- C:\Program Files\Toshiba\TPHM\TPCHSrv.exe -- (TPCHSrv)
SRV:64bit: - [2010/12/10 09:45:26 | 000,489,384 | ---- | M] (TOSHIBA Corporation) [Auto | Running] -- C:\Program Files\Toshiba\Power Saver\TosCoSrv.exe -- (TosCoSrv)
SRV:64bit: - [2010/12/09 07:42:54 | 000,137,632 | ---- | M] (TOSHIBA Corporation) [On_Demand | Running] -- C:\Program Files\Toshiba\TOSHIBA HDD SSD Alert\TosSmartSrv.exe -- (TOSHIBA HDD SSD Alert Service)
SRV:64bit: - [2010/10/21 06:41:00 | 000,138,656 | ---- | M] (TOSHIBA Corporation) [Auto | Running] -- C:\Windows\SysNative\TODDSrv.exe -- (TODDSrv)
SRV:64bit: - [2010/09/23 10:10:10 | 000,057,184 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Program Files\Windows Live\Mesh\wlcrasvc.exe -- (wlcrasvc)
SRV:64bit: - [2009/07/14 10:41:27 | 001,011,712 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV - [2012/12/13 23:26:26 | 000,250,808 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2012/12/08 03:38:17 | 000,115,168 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2012/10/20 18:43:43 | 000,250,145 | ---- | M] (INCA Internet Co., Ltd.) [Auto | Running] -- C:\Windows\SysWOW64\npstartersvc.exe -- (nPStarterSVC)
SRV - [2012/09/23 20:43:34 | 000,065,192 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2012/07/13 13:28:36 | 000,160,944 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Program Files (x86)\Skype\Updater\Updater.exe -- (SkypeUpdate)
SRV - [2010/12/21 10:30:38 | 002,656,280 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe -- (UNS)
SRV - [2010/12/21 10:30:36 | 000,325,656 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe -- (LMS)
SRV - [2010/11/30 06:58:30 | 000,054,136 | ---- | M] (TOSHIBA Corporation) [On_Demand | Running] -- C:\Program Files (x86)\TOSHIBA\TOSHIBA Service Station\TMachInfo.exe -- (TMachInfo)
SRV - [2010/03/18 13:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2010/02/19 13:37:14 | 000,517,096 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe -- (SwitchBoard)
SRV - [2009/06/11 06:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)


========== Driver Services (SafeList) ==========

DRV:64bit: - [2012/12/20 22:35:10 | 000,141,848 | ---- | M] (Kings Information & Network) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\kcrtx64.sys -- (kcrtx64)
DRV:64bit: - [2012/07/04 01:21:52 | 000,958,400 | ---- | M] (AVAST Software) [File_System | System | Running] -- C:\windows\SysNative\drivers\aswSnx.sys -- (aswSnx)
DRV:64bit: - [2012/07/04 01:21:52 | 000,355,856 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\windows\SysNative\drivers\aswSP.sys -- (aswSP)
DRV:64bit: - [2012/07/04 01:21:52 | 000,071,064 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\aswMonFlt.sys -- (aswMonFlt)
DRV:64bit: - [2012/07/04 01:21:52 | 000,059,728 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\windows\SysNative\drivers\aswTdi.sys -- (aswTdi)
DRV:64bit: - [2012/07/04 01:21:52 | 000,054,072 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\aswRdr2.sys -- (aswRdr)
DRV:64bit: - [2012/07/04 01:21:51 | 000,025,232 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\windows\SysNative\drivers\aswFsBlk.sys -- (aswFsBlk)
DRV:64bit: - [2012/03/01 15:46:16 | 000,023,408 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
DRV:64bit: - [2011/08/25 13:39:38 | 000,088,384 | ---- | M] (INCA Internet Co.,Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\NPIdsVt64.sys -- (NPIDS)
DRV:64bit: - [2011/04/05 12:10:14 | 012,262,624 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\igdkmd64.sys -- (igfx)
DRV:64bit: - [2011/03/11 15:41:12 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2011/03/11 15:41:12 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2011/02/09 11:07:00 | 000,038,096 | ---- | M] (TOSHIBA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\PGEffect.sys -- (PGEffect)
DRV:64bit: - [2011/02/04 11:59:06 | 001,413,680 | ---- | M] (Synaptics Incorporated) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\SynTP.sys -- (SynTP)
DRV:64bit: - [2011/01/28 04:34:12 | 001,577,088 | ---- | M] (Conexant Systems Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\CHDRT64.sys -- (CnxtHdAudService)
DRV:64bit: - [2011/01/13 09:51:44 | 000,439,320 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\iaStor.sys -- (iaStor)
DRV:64bit: - [2011/01/05 17:08:58 | 001,109,096 | ---- | M] (Realtek Semiconductor Corporation ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\rtl8192ce.sys -- (RTL8192Ce)
DRV:64bit: - [2010/12/02 08:12:06 | 000,250,984 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\RtsUStor.sys -- (RSUSBSTOR)
DRV:64bit: - [2010/12/01 06:40:04 | 000,307,304 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\rtsuvstor.sys -- (RSUSBVSTOR)
DRV:64bit: - [2010/11/21 12:24:33 | 000,059,392 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV:64bit: - [2010/11/21 12:23:47 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2010/11/21 12:23:47 | 000,031,232 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbGD.sys -- (TsUsbGD)
DRV:64bit: - [2010/11/09 04:44:40 | 000,076,912 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\L1C62x64.sys -- (L1C)
DRV:64bit: - [2010/10/20 08:34:26 | 000,056,344 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\HECIx64.sys -- (MEIx64)
DRV:64bit: - [2010/10/15 17:28:16 | 000,317,440 | ---- | M] (Intel® Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\IntcDAud.sys -- (IntcDAud)
DRV:64bit: - [2009/07/31 12:22:04 | 000,027,784 | ---- | M] (TOSHIBA Corporation.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\tdcmdpst.sys -- (tdcmdpst)
DRV:64bit: - [2009/07/15 07:31:18 | 000,026,840 | ---- | M] (TOSHIBA Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\TVALZ_O.SYS -- (TVALZ)
DRV:64bit: - [2009/07/14 10:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2009/07/14 10:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2009/07/14 10:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2009/06/25 07:36:48 | 000,482,384 | ---- | M] (TOSHIBA Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\tos_sps64.sys -- (tos_sps64)
DRV:64bit: - [2009/06/20 11:15:22 | 000,014,472 | ---- | M] (TOSHIBA Corporation) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\TVALZFL.sys -- (TVALZFL)
DRV:64bit: - [2009/06/16 05:58:50 | 000,012,800 | ---- | M] (TOSHIBA) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\QIOMem.sys -- (QIOMem)
DRV:64bit: - [2009/06/11 06:01:11 | 001,485,312 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\VSTDPV6.SYS -- (SrvHsfV92)
DRV:64bit: - [2009/06/11 06:01:11 | 000,740,864 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\VSTCNXT6.SYS -- (SrvHsfWinac)
DRV:64bit: - [2009/06/11 06:01:11 | 000,292,864 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\VSTAZL6.SYS -- (SrvHsfHDA)
DRV:64bit: - [2009/06/11 05:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2009/06/11 05:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2009/06/11 05:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:64bit: - [2009/06/11 05:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV:64bit: - [2009/02/24 18:35:44 | 000,255,552 | ---- | M] (MagicISO, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\mcdbus.sys -- (mcdbus)
DRV - [2011/08/25 13:39:38 | 000,088,384 | ---- | M] (INCA Internet Co.,Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysWOW64\NPIdsVt64.sys -- (NPIDS)
DRV - [2009/07/14 10:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)
DRV - [2009/02/24 18:35:44 | 000,255,552 | ---- | M] (MagicISO, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysWOW64\drivers\mcdbus.sys -- (mcdbus)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {{67A2568C-7A0A-4EED-AECC-B5405DE63B64}}
IE:64bit: - HKLM\..\SearchScopes\{{67A2568C-7A0A-4EED-AECC-B5405DE63B64}}: "URL" = http://www.google.co...ng}&rlz=1I7TSNJ
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\..\URLSearchHook: {b6ac5e3c-5ceb-4e72-b451-f0e1ba983c14} - C:\Program Files (x86)\BitTorrentControl_v12\prxtbBitT.dll (Conduit Ltd.)
IE - HKLM\..\SearchScopes,DefaultScope = {{67A2568C-7A0A-4EED-AECC-B5405DE63B64}}
IE - HKLM\..\SearchScopes\{{67A2568C-7A0A-4EED-AECC-B5405DE63B64}}: "URL" = http://www.google.co...ng}&rlz=1I7TSNJ
IE - HKLM\..\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}: "URL" = http://search.condui...&ctid=CT3225826

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://start.toshiba.com/g/
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,SearchDefaultBranded = 1
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = about:blank
IE - HKCU\..\URLSearchHook: {b6ac5e3c-5ceb-4e72-b451-f0e1ba983c14} - C:\Program Files (x86)\BitTorrentControl_v12\prxtbBitT.dll (Conduit Ltd.)
IE - HKCU\..\SearchScopes,DefaultScope = {F5182288-BABF-4D17-A1E9-EE993B84C2A7}
IE - HKCU\..\SearchScopes\{{67A2568C-7A0A-4EED-AECC-B5405DE63B64}}: "URL" = http://www.google.co...ng}&rlz=1I7TSNJ
IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...Box&FORM=IE8SRC
IE - HKCU\..\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}: "URL" = http://search.condui...&ctid=CT3225826
IE - HKCU\..\SearchScopes\{F5182288-BABF-4D17-A1E9-EE993B84C2A7}: "URL" = http://www.google.co...1I7TSNJ_enKR505
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = <local>

========== FireFox ==========

FF - prefs.js..browser.startup.homepage: "cnn.com"
FF - prefs.js..extensions.enabledAddons: feedly%40devhd:10.2
FF - prefs.js..extensions.enabledAddons: gmailnoads%40mywebber.com:3.9.1
FF - prefs.js..extensions.enabledAddons: support%40lastpass.com:2.0.0
FF - prefs.js..extensions.enabledAddons: %7Ba0d7ccb3-214d-498b-b4aa-0e8fda9a7bf7%7D:20120926
FF - prefs.js..extensions.enabledAddons: %7Bc36177c0-224a-11da-8cd6-0800200c9a91%7D:3.9.81
FF - prefs.js..extensions.enabledAddons: foxmarks%40kei.com:4.1.3
FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:17.0.1
FF - user.js - File not found

FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\windows\system32\Macromed\Flash\NPSWF64_11_5_502_135.dll File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@bestbuy.com/npBestBuyPcAppDetector,version=1.0: C:\ProgramData\Best Buy pc app\npBestBuyPcAppDetector.dll (Best Buy)
FF:64bit: - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.7.2: C:\windows\system32\npDeployJava1.dll (Oracle Corporation)
FF:64bit: - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.7.2: C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files\Microsoft Silverlight\5.1.10411.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\windows\SysWOW64\Macromed\Flash\NPSWF32_11_5_502_135.dll ()
FF - HKLM\Software\MozillaPlugins\@bestbuy.com/npBestBuyPcAppDetector,version=1.0: C:\ProgramData\Best Buy pc app\npBestBuyPcAppDetector.dll (Best Buy)
FF - HKLM\Software\MozillaPlugins\@foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/pdf: C:\PROGRAM FILES (X86)\FOXIT SOFTWARE\FOXIT READER\plugins\npFoxitReaderPlugin.dll (Foxit Corporation)
FF - HKLM\Software\MozillaPlugins\@interezen.co.kr/npi3gmanager: C:\Program Files (x86)\Interezen\Plugins\NPI3GManager.dll (Interezen © Interezen.)
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.9.2: C:\windows\SysWOW64\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.9.2: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files (x86)\Microsoft Silverlight\5.1.10411.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3508.1109: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@softforum.com/npKeyPro: C:\windows\system32\npKeyPro.dll (Softsecurity Co., Ltd.)
FF - HKLM\Software\MozillaPlugins\@softforum.com/npxwebplugins: C:\Program Files (x86)\SoftForum\XecureWeb\ActiveX\npxwebplugin.dll (SoftForum Co., Ltd.)
FF - HKLM\Software\MozillaPlugins\@softforum.com/npxwebplugins_file: C:\Program Files (x86)\SoftForum\XecureWeb\ActiveX\npxwebplugin_file.dll (SoftForum Co., Ltd.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.0.4: C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF - HKLM\Software\MozillaPlugins\@www.ubikey.co.kr/application/npvinetransfer-plugin: C:\Program Files (x86)\INFovine\npVineTransfer.dll (INFOVINE)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\@softforum.com/npxwebplugins: C:\Program Files (x86)\SoftForum\XecureWeb\ActiveX\npxwebplugin.dll (SoftForum Co., Ltd.)
FF - HKCU\Software\MozillaPlugins\@softforum.com/npxwebplugins_file: C:\Program Files (x86)\SoftForum\XecureWeb\ActiveX\npxwebplugin_file.dll (SoftForum Co., Ltd.)
FF - HKCU\Software\MozillaPlugins\@www.ubikey.co.kr/application/npvinetransfer-plugin: C:\Program Files (x86)\INFovine\npVineTransfer.dll (INFOVINE)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\[email protected]: C:\Program Files\AVAST Software\Avast\WebRep\FF [2012/10/21 21:45:18 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 17.0.1\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2012/12/08 03:38:18 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 17.0.1\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2012/12/08 03:38:11 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 17.0.1\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2012/12/08 03:38:18 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 17.0.1\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2012/12/08 03:38:11 | 000,000,000 | ---D | M]

[2012/10/14 20:55:55 | 000,000,000 | ---D | M] (No name found) -- C:\Users\SimonLaptop\AppData\Roaming\Mozilla\Extensions
[2012/10/14 20:01:53 | 000,000,000 | ---D | M] (No name found) -- C:\Users\SimonLaptop\AppData\Roaming\Mozilla\Firefox\extensions
[2012/10/14 20:01:54 | 000,000,000 | ---D | M] (BitTorrentControl_v12) -- C:\Users\SimonLaptop\AppData\Roaming\Mozilla\Firefox\extensions\{b6ac5e3c-5ceb-4e72-b451-f0e1ba983c14}
[2012/11/24 00:27:52 | 000,000,000 | ---D | M] (No name found) -- C:\Users\SimonLaptop\AppData\Roaming\Mozilla\Firefox\Profiles\26sioaha.default\extensions
[2012/10/14 21:17:40 | 000,000,000 | ---D | M] (WOT) -- C:\Users\SimonLaptop\AppData\Roaming\Mozilla\Firefox\Profiles\26sioaha.default\extensions\{a0d7ccb3-214d-498b-b4aa-0e8fda9a7bf7}
[2012/10/14 20:58:03 | 000,000,000 | ---D | M] ("Xmarks") -- C:\Users\SimonLaptop\AppData\Roaming\Mozilla\Firefox\Profiles\26sioaha.default\extensions\[email protected]
[2012/10/14 21:06:25 | 000,000,000 | ---D | M] (LastPass) -- C:\Users\SimonLaptop\AppData\Roaming\Mozilla\Firefox\Profiles\26sioaha.default\extensions\[email protected]
[2012/11/24 00:27:52 | 000,637,327 | ---- | M] () (No name found) -- C:\Users\SimonLaptop\AppData\Roaming\Mozilla\Firefox\Profiles\26sioaha.default\extensions\[email protected]
[2012/10/14 23:12:41 | 000,021,861 | ---- | M] () (No name found) -- C:\Users\SimonLaptop\AppData\Roaming\Mozilla\Firefox\Profiles\26sioaha.default\extensions\[email protected]
[2012/10/14 21:17:40 | 000,177,357 | ---- | M] () (No name found) -- C:\Users\SimonLaptop\AppData\Roaming\Mozilla\Firefox\Profiles\26sioaha.default\extensions\{c36177c0-224a-11da-8cd6-0800200c9a91}.xpi
[2012/11/23 23:24:25 | 000,804,627 | ---- | M] () (No name found) -- C:\Users\SimonLaptop\AppData\Roaming\Mozilla\Firefox\Profiles\26sioaha.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi
[2012/12/08 03:38:08 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\extensions
[2012/12/08 03:38:18 | 000,262,112 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\mozilla firefox\components\browsercomps.dll
[2011/07/01 03:30:14 | 000,012,800 | ---- | M] (Nullsoft, Inc.) -- C:\Program Files (x86)\mozilla firefox\plugins\npwachk.dll
[2012/10/11 10:05:38 | 000,002,465 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\bing.xml
[2012/10/11 10:05:38 | 000,002,058 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\twitter.xml

========== Chrome ==========

CHR - homepage: http://cnn.com/
CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}sourceid=chrome&ie={inputEncoding}&q={searchTerms}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?client=chrome&hl={language}&q={searchTerms}
CHR - homepage: http://cnn.com/
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\PROGRAM FILES (X86)\GOOGLE\CHROME\APPLICATION\23.0.1271.64\pdf.dll
CHR - plugin: Google Gears 0.5.33.0 (Enabled) = C:\PROGRAM FILES (X86)\GOOGLE\CHROME\APPLICATION\23.0.1271.64\gears.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\PROGRAM FILES (X86)\GOOGLE\CHROME\APPLICATION\23.0.1271.64\gcswf32.dll
CHR - plugin: Adobe Acrobat (Enabled) = C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll
CHR - plugin: Java Deployment Toolkit 6.0.200.2 (Enabled) = C:\Program Files (x86)\Java\jre6\bin\new_plugin\npdeployJava1.dll
CHR - plugin: Java™ Platform SE 6 U20 (Enabled) = C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll
CHR - plugin: Google Update (Enabled) = C:\Program Files (x86)\Google\Update\1.2.183.39\npGoogleOneClick8.dll
CHR - plugin: Windows Live\u0099 Photo Gallery (Enabled) = C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
CHR - plugin: Best Buy pc app Detector (Enabled) = C:\ProgramData\Best Buy pc app\npBestBuyPcAppDetector.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\windows\SysWOW64\Macromed\Flash\NPSWF32.dll
CHR - plugin: Silverlight Plug-In (Enabled) = c:\Program Files (x86)\Microsoft Silverlight\4.0.50401.0\npctrl.dll
CHR - plugin: Default Plug-in (Enabled) = default_plugin
CHR - Extension: Xmarks Bookmark Sync = C:\Users\SimonLaptop\AppData\Local\Google\Chrome\User Data\Default\Extensions\ajpgkpeckebdhofmmjfgcjjiiejpodla\1.0.22_0\
CHR - Extension: Xmarks Bookmark Sync = C:\Users\SimonLaptop\AppData\Local\Google\Chrome\User Data\Default\Extensions\ajpgkpeckebdhofmmjfgcjjiiejpodla\1.0.22_0\.bak
CHR - Extension: BitTorrentControl_v12 = C:\Users\SimonLaptop\AppData\Local\Google\Chrome\User Data\Default\Extensions\dknkjnkhedbanphkkpbpcgoblmkbfhlf\2.3.15.10_0\
CHR - Extension: avast! WebRep = C:\Users\SimonLaptop\AppData\Local\Google\Chrome\User Data\Default\Extensions\icmlaeflemplmjndnaapfdbbnpncnbda\7.0.1456_0\

O1 HOSTS File: ([2009/06/11 06:00:26 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O2:64bit: - BHO: (avast! WebRep) - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
O2:64bit: - BHO: (Java™ Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2:64bit: - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
O2:64bit: - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.7.7725.1624\swg64.dll (Google Inc.)
O2:64bit: - BHO: (Java™ Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O2 - BHO: (Spybot-S&D IE Protection) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files (x86)\Spybot - Search & Destroy 2\SDHelper.dll (Safer-Networking Ltd.)
O2 - BHO: (Java™ Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files (x86)\Google\GoogleToolbarNotifier\5.7.7725.1624\swg.dll (Google Inc.)
O2 - BHO: (BitTorrentControl_v12 Toolbar) - {b6ac5e3c-5ceb-4e72-b451-f0e1ba983c14} - C:\Program Files (x86)\BitTorrentControl_v12\prxtbBitT.dll (Conduit Ltd.)
O2 - BHO: (Java™ Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O2 - BHO: (TOSHIBA Media Controller Plug-in) - {F3C88694-EFFA-4d78-B409-54B7B2535B14} - C:\Program Files (x86)\TOSHIBA\TOSHIBA Media Controller Plug-in\TOSHIBAMediaControllerIE.dll (<TOSHIBA>)
O3:64bit: - HKLM\..\Toolbar: (Google Toolbar) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
O3:64bit: - HKLM\..\Toolbar: (avast! WebRep) - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
O3:64bit: - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3 - HKLM\..\Toolbar: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O3 - HKLM\..\Toolbar: (BitTorrentControl_v12 Toolbar) - {b6ac5e3c-5ceb-4e72-b451-f0e1ba983c14} - C:\Program Files (x86)\BitTorrentControl_v12\prxtbBitT.dll (Conduit Ltd.)
O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3:64bit: - HKCU\..\Toolbar\WebBrowser: (Google Toolbar) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
O3 - HKCU\..\Toolbar\WebBrowser: (BitTorrentControl_v12 Toolbar) - {B6AC5E3C-5CEB-4E72-B451-F0E1BA983C14} - C:\Program Files (x86)\BitTorrentControl_v12\prxtbBitT.dll (Conduit Ltd.)
O4:64bit: - HKLM..\Run: [] File not found
O4:64bit: - HKLM..\Run: [AdobeAAMUpdater-1.0] C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe (Adobe Systems Incorporated)
O4:64bit: - HKLM..\Run: [HotKeysCmds] C:\Windows\SysNative\hkcmd.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [HSON] C:\Program Files\Toshiba\TBS\HSON.exe (TOSHIBA Corporation)
O4:64bit: - HKLM..\Run: [IgfxTray] C:\Windows\SysNative\igfxtray.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [Persistence] C:\Windows\SysNative\igfxpers.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [SmartAudio] C:\Program Files\CONEXANT\SAII\SAIICpl.exe (Conexant systems, Inc.)
O4:64bit: - HKLM..\Run: [TCrdMain] C:\Program Files\Toshiba\FlashCards\TCrdMain.exe (TOSHIBA Corporation)
O4:64bit: - HKLM..\Run: [Teco] C:\Program Files\TOSHIBA\TECO\Teco.exe (TOSHIBA Corporation)
O4:64bit: - HKLM..\Run: [TosNC] C:\Program Files\Toshiba\BulletinBoard\TosNcCore.exe (TOSHIBA Corporation)
O4:64bit: - HKLM..\Run: [TosReelTimeMonitor] C:\Program Files\Toshiba\ReelTime\TosReelTimeMonitor.exe (TOSHIBA Corporation)
O4:64bit: - HKLM..\Run: [TosSENotify] C:\Program Files\Toshiba\TOSHIBA HDD SSD Alert\TosWaitSrv.exe (TOSHIBA Corporation)
O4:64bit: - HKLM..\Run: [TosVolRegulator] C:\Program Files\Toshiba\TosVolRegulator\TosVolRegulator.exe (TOSHIBA Corporation)
O4:64bit: - HKLM..\Run: [TosWaitSrv] C:\Program Files\Toshiba\TPHM\TosWaitSrv.exe (TOSHIBA Corporation)
O4:64bit: - HKLM..\Run: [TPwrMain] C:\Program Files\Toshiba\Power Saver\TPwrMain.exe (TOSHIBA Corporation)
O4 - HKLM..\Run: [AdobeCS6ServiceManager] C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [avast] C:\Program Files\AVAST Software\Avast\avastUI.exe (AVAST Software)
O4 - HKLM..\Run: [SDTray] C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe (Safer-Networking Ltd.)
O4 - HKLM..\Run: [SwitchBoard] C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [ToshibaServiceStation] C:\Program Files (x86)\TOSHIBA\TOSHIBA Service Station\ToshibaServiceStation.exe (TOSHIBA Corporation)
O4 - HKLM..\Run: [TSleepSrv] C:\Program Files (x86)\TOSHIBA\TOSHIBA Sleep Utility\TSleepSrv.exe (TOSHIBA)
O4 - HKLM..\Run: [WinampAgent] C:\Program Files (x86)\Winamp\winampa.exe (Nullsoft, Inc.)
O4 - HKCU..\Run: [AdobeBridge] File not found
O4 - HKCU..\Run: [Gadwin PrintScreen] C:\Program Files (x86)\Gadwin Systems\PrintScreen\PrintScreen.exe (Gadwin Systems, Inc)
O4 - HKCU..\Run: [Spybot-S&D Cleaning] C:\Program Files (x86)\Spybot - Search & Destroy 2\SDCleaner.exe (Safer-Networking Ltd.)
O4 - Startup: C:\Users\SimonLaptop\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk = C:\Users\SimonLaptop\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
O4 - Startup: C:\Users\SimonLaptop\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\MagicDisc.lnk = C:\Program Files (x86)\MagicDisc\MagicDisc.exe (MagicISO, Inc.)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O9 - Extra Button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - Reg Error: Value error. File not found
O9 - Extra 'Tools' menuitem : S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - Reg Error: Value error. File not found
O9 - Extra 'Tools' menuitem : Spybot - Search && Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files (x86)\Spybot - Search & Destroy 2\SDHelper.dll (Safer-Networking Ltd.)
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O16:64bit: - DPF: {6CE20149-ABE3-462E-A1B4-5B549971AA38} Reg Error: Key error. (Reg Error: Key error.)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Reg Error: Value error.)
O16 - DPF: {967386A1-409E-431A-A93A-FB5FEFF86A58} http://bank.keb.co.k...rt/veraport.cab (AXMObjectCtl Class)
O16 - DPF: {C1143E84-B2B1-473B-9F20-E62DD754FCAF} http://bank.keb.co.k...ineTransfer.cab (VineTransfer Control)
O16 - DPF: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_20)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 10.9.2)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 168.126.63.1 168.126.63.2 192.168.10.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{803D5E97-5BE2-4140-9366-B185AC59256F}: DhcpNameServer = 168.126.63.1 168.126.63.2 192.168.10.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{E8A82C0E-2A4F-4A03-B23C-59747157BF1C}: DhcpNameServer = 168.126.63.1 168.126.63.2 192.168.10.1
O18:64bit: - Protocol\Handler\livecall - No CLSID value found
O18:64bit: - Protocol\Handler\ms-help - No CLSID value found
O18:64bit: - Protocol\Handler\msnim - No CLSID value found
O18:64bit: - Protocol\Handler\skype4com - No CLSID value found
O18:64bit: - Protocol\Handler\wlmailhtml - No CLSID value found
O18:64bit: - Protocol\Handler\wlpg - No CLSID value found
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\windows\SysWow64\userinit.exe (Microsoft Corporation)
O20:64bit: - Winlogon\Notify\igfxcui: DllName - (igfxdev.dll) - C:\windows\SysNative\igfxdev.dll (Intel Corporation)
O20 - Winlogon\Notify\SDWinLogon: DllName - (SDWinLogon.dll) - File not found
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O34 - HKLM BootExecute: (dfboottime \??\C:\windows\System32\dfboottime.cfg)
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)

========== Files/Folders - Created Within 30 Days ==========

[2012/12/29 15:23:35 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\SimonLaptop\Desktop\OTL.exe
[2012/12/26 20:48:42 | 000,000,000 | ---D | C] -- C:\ProgramData\Spybot - Search & Destroy
[2012/12/26 20:48:29 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot - Search & Destroy 2
[2012/12/26 20:48:17 | 000,017,272 | ---- | C] (Safer Networking Limited) -- C:\windows\SysNative\sdnclean64.exe
[2012/12/26 20:48:01 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Spybot - Search & Destroy 2
[2012/12/26 20:47:38 | 000,000,000 | ---D | C] -- C:\Users\SimonLaptop\AppData\Local\Programs
[2012/12/24 20:48:35 | 000,000,000 | ---D | C] -- C:\Users\SimonLaptop\AppData\Local\ElevatedDiagnostics
[2012/12/20 22:36:16 | 000,056,328 | ---- | C] ((주)인포바인) -- C:\windows\SysWow64\VineTransfer.ocx
[2012/12/20 22:36:16 | 000,048,136 | ---- | C] ((주)인포바인) -- C:\windows\SysWow64\UbiKeyUninstall.exe
[2012/12/20 22:36:16 | 000,039,936 | ---- | C] ((주)인포바인) -- C:\windows\SysWow64\UbiKeyWin32.dll
[2012/12/20 22:36:16 | 000,039,928 | ---- | C] ((주)인포바인) -- C:\windows\SysWow64\UbiKey.dll
[2012/12/20 22:36:16 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\INFovine
[2012/12/20 22:35:05 | 000,137,128 | R--- | C] (SoftSecurity Co., Ltd.) -- C:\windows\SysNative\CKAgent.exe
[2012/12/20 22:35:03 | 000,138,320 | R--- | C] (SoftSecurity Co., Ltd.) -- C:\windows\SysWow64\CKAgent.exe
[2012/12/17 00:32:20 | 000,000,000 | ---D | C] -- C:\Users\SimonLaptop\Desktop\Weinstein Book
[2012/12/08 03:38:07 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Mozilla Firefox
[1 C:\windows\*.tmp files -> C:\windows\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2012/12/29 15:26:00 | 000,000,830 | ---- | M] () -- C:\windows\tasks\Adobe Flash Player Updater.job
[2012/12/29 15:23:45 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\SimonLaptop\Desktop\OTL.exe
[2012/12/29 15:18:49 | 000,000,912 | ---- | M] () -- C:\windows\tasks\GoogleUpdateTaskMachineUA.job
[2012/12/29 15:18:40 | 000,067,584 | --S- | M] () -- C:\windows\bootstat.dat
[2012/12/29 00:59:59 | 000,000,908 | ---- | M] () -- C:\windows\tasks\GoogleUpdateTaskMachineCore.job
[2012/12/29 00:48:27 | 000,778,834 | ---- | M] () -- C:\windows\SysNative\PerfStringBackup.INI
[2012/12/29 00:48:27 | 000,660,318 | ---- | M] () -- C:\windows\SysNative\perfh009.dat
[2012/12/29 00:48:27 | 000,121,214 | ---- | M] () -- C:\windows\SysNative\perfc009.dat
[2012/12/27 20:49:57 | 000,050,890 | ---- | M] () -- C:\Users\SimonLaptop\Desktop\hijackthis instructions.png
[2012/12/27 20:37:19 | 000,024,400 | -H-- | M] () -- C:\windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2012/12/27 20:37:19 | 000,024,400 | -H-- | M] () -- C:\windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2012/12/27 20:29:21 | 3180,220,416 | -HS- | M] () -- C:\hiberfil.sys
[2012/12/26 20:48:30 | 000,002,188 | ---- | M] () -- C:\Users\Public\Desktop\Spybot-S&D Start Center.lnk
[2012/12/25 01:34:45 | 000,001,073 | ---- | M] () -- C:\Users\SimonLaptop\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk
[2012/12/25 01:34:35 | 000,001,053 | ---- | M] () -- C:\Users\SimonLaptop\Desktop\Dropbox.lnk
[2012/12/24 00:32:31 | 000,100,352 | ---- | M] () -- C:\windows\SysNative\dfboottime.exe
[2012/12/24 00:32:31 | 000,000,929 | ---- | M] () -- C:\windows\SysNative\dfboottime.cfg
[2012/12/22 04:05:45 | 005,594,824 | ---- | M] () -- C:\windows\SysNative\FNTCACHE.DAT
[2012/12/20 22:35:10 | 000,141,848 | ---- | M] (Kings Information & Network) -- C:\windows\SysNative\kcrtx64.sys
[2012/12/20 22:35:10 | 000,019,016 | ---- | M] (Soft Security Corporation) -- C:\windows\SysNative\JRSUKD25.SYS
[2012/12/20 22:35:06 | 000,137,128 | R--- | M] (SoftSecurity Co., Ltd.) -- C:\windows\SysNative\CKAgent.exe
[2012/12/20 22:35:03 | 000,138,320 | R--- | M] (SoftSecurity Co., Ltd.) -- C:\windows\SysWow64\CKAgent.exe
[2012/12/19 11:58:21 | 000,851,287 | ---- | M] () -- C:\Users\SimonLaptop\Desktop\SPX Data.csv
[2012/12/16 23:44:24 | 001,114,628 | ---- | M] () -- C:\Users\SimonLaptop\Desktop\best red bean bun food 3.png
[2012/12/16 23:44:11 | 000,922,991 | ---- | M] () -- C:\Users\SimonLaptop\Desktop\best red bean bun food 2.png
[2012/12/16 23:43:49 | 001,083,737 | ---- | M] () -- C:\Users\SimonLaptop\Desktop\best red bean bun food 1.png
[2012/12/09 12:40:36 | 000,005,120 | ---- | M] () -- C:\Users\SimonLaptop\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2012/12/07 21:34:28 | 000,044,277 | ---- | M] () -- C:\Users\SimonLaptop\Desktop\Sheraton Hotel.png
[2012/12/04 22:44:30 | 000,000,870 | ---- | M] () -- C:\Users\SimonLaptop\Desktop\market analysis - Shortcut.lnk
[1 C:\windows\*.tmp files -> C:\windows\*.tmp -> ]

========== Files Created - No Company Name ==========

[2012/12/27 20:49:57 | 000,050,890 | ---- | C] () -- C:\Users\SimonLaptop\Desktop\hijackthis instructions.png
[2012/12/26 20:48:30 | 000,002,200 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot-S&D Start Center.lnk
[2012/12/26 20:48:30 | 000,002,188 | ---- | C] () -- C:\Users\Public\Desktop\Spybot-S&D Start Center.lnk
[2012/12/24 00:32:31 | 000,000,929 | ---- | C] () -- C:\windows\SysNative\dfboottime.cfg
[2012/12/24 00:32:30 | 000,100,352 | ---- | C] () -- C:\windows\SysNative\dfboottime.exe
[2012/12/19 11:58:20 | 000,851,287 | ---- | C] () -- C:\Users\SimonLaptop\Desktop\SPX Data.csv
[2012/12/16 23:44:24 | 001,114,628 | ---- | C] () -- C:\Users\SimonLaptop\Desktop\best red bean bun food 3.png
[2012/12/16 23:44:11 | 000,922,991 | ---- | C] () -- C:\Users\SimonLaptop\Desktop\best red bean bun food 2.png
[2012/12/16 23:43:49 | 001,083,737 | ---- | C] () -- C:\Users\SimonLaptop\Desktop\best red bean bun food 1.png
[2012/12/07 21:34:28 | 000,044,277 | ---- | C] () -- C:\Users\SimonLaptop\Desktop\Sheraton Hotel.png
[2012/12/04 22:44:30 | 000,000,870 | ---- | C] () -- C:\Users\SimonLaptop\Desktop\market analysis - Shortcut.lnk
[2012/11/19 01:29:31 | 000,005,120 | ---- | C] () -- C:\Users\SimonLaptop\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2012/11/07 22:46:29 | 000,001,456 | ---- | C] () -- C:\Users\SimonLaptop\AppData\Local\Adobe Save for Web 13.0 Prefs
[2012/10/20 18:43:47 | 000,072,272 | ---- | C] () -- C:\windows\SysWow64\cosa.dll
[2012/10/20 18:43:47 | 000,015,512 | ---- | C] () -- C:\windows\SysWow64\IRTrace.dll
[2012/10/16 17:19:19 | 000,773,050 | ---- | C] () -- C:\windows\SysWow64\PerfStringBackup.INI
[2012/10/14 18:46:15 | 000,451,072 | ---- | C] () -- C:\windows\SysWow64\ISSRemoveSP.exe
[2011/04/05 12:07:00 | 000,145,804 | ---- | C] () -- C:\windows\SysWow64\igcompkrng600.bin
[2011/04/05 12:06:58 | 000,963,116 | ---- | C] () -- C:\windows\SysWow64\igkrng600.bin
[2011/04/05 12:06:58 | 000,216,876 | ---- | C] () -- C:\windows\SysWow64\igfcg600m.bin
[2011/02/04 11:56:58 | 000,066,856 | ---- | C] () -- C:\windows\SysWow64\SynTPEnhPS.dll

========== ZeroAccess Check ==========

[2009/07/14 13:55:00 | 000,000,227 | RHS- | M] () -- C:\windows\assembly\Desktop.ini

[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64

[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64

[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\Windows\SysNative\shell32.dll -- [2012/06/09 14:43:10 | 014,172,672 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2012/06/09 13:41:00 | 012,873,728 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009/07/14 10:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2010/11/21 12:24:25 | 000,606,208 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2009/07/14 10:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]

========== LOP Check ==========

[2012/12/27 22:45:43 | 000,000,000 | ---D | M] -- C:\Users\SimonLaptop\AppData\Roaming\BitTorrent
[2012/10/14 20:45:14 | 000,000,000 | ---D | M] -- C:\Users\SimonLaptop\AppData\Roaming\Book Place
[2012/11/22 00:10:27 | 000,000,000 | ---D | M] -- C:\Users\SimonLaptop\AppData\Roaming\calibre
[2012/12/27 20:30:43 | 000,000,000 | ---D | M] -- C:\Users\SimonLaptop\AppData\Roaming\Dropbox
[2012/11/20 22:14:06 | 000,000,000 | ---D | M] -- C:\Users\SimonLaptop\AppData\Roaming\Foxit Software
[2012/10/16 23:25:54 | 000,000,000 | ---D | M] -- C:\Users\SimonLaptop\AppData\Roaming\SoftGrid Client
[2012/11/10 22:52:20 | 000,000,000 | ---D | M] -- C:\Users\SimonLaptop\AppData\Roaming\StageManager.BD092818F67280F4B42B04877600987F0111B594.1
[2012/10/20 15:01:56 | 000,000,000 | ---D | M] -- C:\Users\SimonLaptop\AppData\Roaming\systweak
[2012/10/14 19:36:22 | 000,000,000 | ---D | M] -- C:\Users\SimonLaptop\AppData\Roaming\Toshiba
[2012/10/16 17:20:41 | 000,000,000 | ---D | M] -- C:\Users\SimonLaptop\AppData\Roaming\TP
[2012/10/14 03:17:52 | 000,000,000 | ---D | M] -- C:\Users\SimonLaptop\AppData\Roaming\WinBatch

========== Purity Check ==========



< End of report >
  • 0

Advertisements


#2
gringo_pr

gringo_pr

    Trusted Helper

  • Malware Removal
  • 7,268 posts
Greetings and Welcome to The Forums!!

My name is Gringo and I'll be glad to help you with your malware problems.

I have put together somethings for you to keep in mind while I am helping you to make things go easier and faster for both of us

  • Please do not run any tools unless instructed to do so.
    • We ask you to run different tools in a specific order to ensure the malware is completely removed from your machine, and running any additional tools may detect false positives, interfere with our tools, or cause unforeseen damage or system instability.
  • Please do not attach logs or use code boxes, just copy and paste the text.
    • Due to the high volume of logs we receive it helps to receive everything in the same format, and code boxes make the logs very difficult to read. Also, attachments require us to download and open the reports when it is easier to just read the reports in your post.
  • Please read every post completely before doing anything.
    • Pay special attention to the NOTE: lines, these entries identify an individual issue or important step in the cleanup process.
  • Please provide feedback about your experience as we go.
    • A short statement describing how the computer is working helps us understand where to go next, for example: I am still getting redirected, the computer is running normally, etc. Please do not describe the computer as "the same", this requires the extra step of looking back at your previous post.
NOTE: At the top of your post, click on the Watch Topic Button, select Immediate Notification, and click on Proceed. This will send you an e-mail as soon as I reply to your topic, allowing us to resolve the issue faster.

NOTE: Backup any files that cannot be replaced. Removing malware can be unpredictable and this step can save a lot of heartaches if things don't go as planed. You can put them on a CD/DVD, external drive or a pen drive, anywhere except on the computer.

NOTE: It is good practice to copy and paste the instructions into notepad and print them in case it is necessary for you to go offline during the cleanup process. To open notepad, navigate to Start Menu > All Programs > Accessories > Notepad. Please remember to copy the entire post so you do not miss any instructions.




These are the programs I would like you to run next, if you have any problems with these just skip it and run the next one.

-Security Check-

  • Download Security Check by screen317 from here.
  • Save it to your Desktop.
  • Double click SecurityCheck.exe and follow the onscreen instructions inside of the black box.
  • A Notepad document should open automatically called checkup.txt; please post the contents of that document.

-AdwCleaner-

  • Please download AdwCleaner by Xplode onto your desktop.
  • Close all open programs and internet browsers.
  • Double click on AdwCleaner.exe to run the tool.
  • Click on Delete.
  • Confirm each time with Ok.
  • Your computer will be rebooted automatically. A text file will open after the restart.
  • Please post the content of that logfile with your next answer.
  • You can find the logfile at C:\AdwCleaner[S1].txt as well.

--RogueKiller--

  • Download & SAVE to your Desktop RogueKiller or from here
  • Quit all programs that you may have started.
  • Please disconnect any USB or external drives from the computer before you run this scan!
  • For Vista or Windows 7, right-click and select "Run as Administrator to start"
  • For Windows XP, double-click to start.
  • Wait until Prescan has finished ...
  • Then Click on "Scan" button
  • Wait until the Status box shows "Scan Finished"
  • click on "delete"
  • Wait until the Status box shows "Deleting Finished"
  • Click on "Report" and copy/paste the content of the Notepad into your next reply.
  • The log should be found in RKreport[1].txt on your Desktop
  • Exit/Close RogueKiller+

Gringo
  • 0

#3
evolnomis

evolnomis

    Member

  • Topic Starter
  • Member
  • PipPip
  • 51 posts
Thanks a lot for your quick reply

The PC is exactly the same as yesterday with a lag in video, scrolling, etc. No new changes to announce other than I have not seen the black screen telling me about a network error since my 1st posting.

here are the results of Security Check.exe

Results of screen317's Security Check version 0.99.56
Windows 7 Service Pack 1 x64 (UAC is enabled)
Internet Explorer 9
``````````````Antivirus/Firewall Check:``````````````
Windows Firewall Enabled!
avast! Antivirus
Antivirus up to date!
`````````Anti-malware/Other Utilities Check:`````````
Spybot - Search & Destroy
Java™ 6 Update 20
Java 7 Update 9
Adobe Flash Player 11.5.502.135
Adobe Reader XI
Mozilla Firefox (17.0.1)
Google Chrome 22.0.1229.94
Google Chrome 23.0.1271.64
Google Chrome 23.0.1271.91
Google Chrome 23.0.1271.95
Google Chrome 23.0.1271.97
````````Process Check: objlist.exe by Laurent````````
Spybot Teatimer.exe is disabled!
AVAST Software Avast AvastSvc.exe
AVAST Software Avast AvastUI.exe
`````````````````System Health check`````````````````
Total Fragmentation on Drive C: 1%
````````````````````End of Log``````````````````````
  • 0

#4
evolnomis

evolnomis

    Member

  • Topic Starter
  • Member
  • PipPip
  • 51 posts
# AdwCleaner v2.104 - Logfile created 12/30/2012 at 13:49:05
# Updated 29/12/2012 by Xplode
# Operating system : Windows 7 Home Premium Service Pack 1 (64 bits)
# User : SimonLaptop - SIMONLAPTOP-PC
# Boot Mode : Normal
# Running from : C:\Users\SimonLaptop\Desktop\adwcleaner.exe
# Option [Delete]


***** [Services] *****


***** [Files / Folders] *****

Folder Deleted : C:\Program Files (x86)\BitTorrentControl_v12
Folder Deleted : C:\Program Files (x86)\Conduit
Folder Deleted : C:\ProgramData\InstallMate
Folder Deleted : C:\ProgramData\Premium
Folder Deleted : C:\Users\SimonLaptop\AppData\Local\Conduit
Folder Deleted : C:\Users\SimonLaptop\AppData\Local\Google\Chrome\User Data\Default\Extensions\dknkjnkhedbanphkkpbpcgoblmkbfhlf
Folder Deleted : C:\Users\SimonLaptop\AppData\LocalLow\BitTorrentControl_v12
Folder Deleted : C:\Users\SimonLaptop\AppData\LocalLow\Conduit

***** [Registry] *****

Key Deleted : HKCU\Software\AppDataLow\Software\BitTorrentControl_v12
Key Deleted : HKCU\Software\AppDataLow\Software\Conduit
Key Deleted : HKCU\Software\AppDataLow\Software\SmartBar
Key Deleted : HKCU\Software\AppDataLow\Toolbar
Key Deleted : HKCU\Software\Conduit
Key Deleted : HKCU\Software\Google\Chrome\Extensions\dknkjnkhedbanphkkpbpcgoblmkbfhlf
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{B6AC5E3C-5CEB-4E72-B451-F0E1BA983C14}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{B6AC5E3C-5CEB-4E72-B451-F0E1BA983C14}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{E20AC1DB-792A-41CC-BC36-70C2EFE618C2}
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{AFDBDDAA-5D3F-42EE-B79C-185A7020515B}
Key Deleted : HKLM\Software\BitTorrentControl_v12
Key Deleted : HKLM\SOFTWARE\Classes\Toolbar.CT3225826
Key Deleted : HKLM\Software\Conduit
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{E20AC1DB-792A-41CC-BC36-70C2EFE618C2}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{3C471948-F874-49F5-B338-4F214A2EE0B1}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{B6AC5E3C-5CEB-4E72-B451-F0E1BA983C14}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{E20AC1DB-792A-41CC-BC36-70C2EFE618C2}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\dknkjnkhedbanphkkpbpcgoblmkbfhlf
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{2D0592F8-9FD1-4F92-B68C-8039DFA18784}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{F8D9EB4B-2667-4FB5-87C2-D91B7D76B85B}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{AFDBDDAA-5D3F-42EE-B79C-185A7020515B}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B6AC5E3C-5CEB-4E72-B451-F0E1BA983C14}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\BitTorrentControl_v12 Toolbar
Key Deleted : HKLM\SOFTWARE\Software
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{B6AC5E3C-5CEB-4E72-B451-F0E1BA983C14}]
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks [{B6AC5E3C-5CEB-4E72-B451-F0E1BA983C14}]
Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks [{B6AC5E3C-5CEB-4E72-B451-F0E1BA983C14}]
Value Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar [{B6AC5E3C-5CEB-4E72-B451-F0E1BA983C14}]

***** [Internet Browsers] *****

-\\ Internet Explorer v9.0.8112.16457

[OK] Registry is clean.

-\\ Mozilla Firefox v17.0.1 (en-US)

File : C:\Users\SimonLaptop\AppData\Roaming\Mozilla\Firefox\Profiles\26sioaha.default\prefs.js

[OK] File is clean.

-\\ Google Chrome v23.0.1271.97

File : C:\Users\SimonLaptop\AppData\Local\Google\Chrome\User Data\Default\Preferences

[OK] File is clean.

*************************

AdwCleaner[S1].txt - [3975 octets] - [30/12/2012 13:49:05]

########## EOF - C:\AdwCleaner[S1].txt - [4035 octets] ##########




RogueKiller V8.4.1 [Dec 28 2012] by Tigzy
mail : tigzyRK<at>gmail<dot>com
Feedback : http://www.geekstogo...13-roguekiller/
Website : http://tigzy.geeksto...roguekiller.php
Blog : http://tigzyrk.blogspot.com/

Operating System : Windows 7 (6.1.7601 Service Pack 1) 64 bits version
Started in : Normal mode
User : SimonLaptop [Admin rights]
Mode : Scan -- Date : 12/30/2012 13:55:46

¤¤¤ Bad processes : 0 ¤¤¤

¤¤¤ Registry Entries : 4 ¤¤¤
[STARTUP][SUSP PATH] Best Buy pc app.lnk @Default : C:\ProgramData\Best Buy pc app\ClickOnceSetup.exe -> FOUND
[STARTUP][SUSP PATH] Best Buy pc app.lnk @Default User : C:\ProgramData\Best Buy pc app\ClickOnceSetup.exe -> FOUND
[HJ DESK] HKLM\[...]\NewStartPanel : {59031a47-3f72-44a7-89c5-5595fe6b30ee} (1) -> FOUND
[HJ DESK] HKLM\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> FOUND

¤¤¤ Particular Files / Folders: ¤¤¤

¤¤¤ Driver : [NOT LOADED] ¤¤¤

¤¤¤ HOSTS File: ¤¤¤
--> C:\windows\system32\drivers\etc\hosts



¤¤¤ MBR Check: ¤¤¤

+++++ PhysicalDrive0: TOSHIBA MK3265GSXN +++++
--- User ---
[MBR] 99fc9e8ad3813ec2677460b63623d813
[BSP] 86babe1879705a98443b60e20c6be176 : Windows Vista MBR Code
Partition table:
0 - [ACTIVE] ACER (0x27) [VISIBLE] Offset (sectors): 2048 | Size: 1500 Mo
1 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 3074048 | Size: 61440 Mo
2 - [XXXXXX] EXTEN-LBA (0x0f) [VISIBLE] Offset (sectors): 128903168 | Size: 228246 Mo
3 - [XXXXXX] NTFS (0x17) [HIDDEN!] Offset (sectors): 596350976 | Size: 14058 Mo
User = LL1 ... OK!
User = LL2 ... OK!

Finished : << RKreport[1]_S_12302012_02d1355.txt >>
RKreport[1]_S_12302012_02d1355.txt
  • 0

#5
gringo_pr

gringo_pr

    Trusted Helper

  • Malware Removal
  • 7,268 posts
Hello

I Would like you to do the following.

Please print out or make a copy in notepad of any instructions given, as sometimes it is necessary to go offline and you will lose access to them.

Run Combofix:

You may be asked to install or update the Recovery Console (Win XP Only) if this happens please allow it to do so (you will need to be connected to the internet for this)

Before you run Combofix I will need you to turn off any security software you have running, If you do not know how to do this you can find out >here< or >here<

Combofix may need to reboot your computer more than once to do its job this is normal.

You can download Combofix from one of these links. I want you to save it to the desktop and run it from there.
Link 1
Link 2
Link 3
1. Close any open browsers or any other programs that are open.
2. Close/disable all anti virus and anti malware programs so they do not interfere with the running of ComboFix.

Double click on combofix.exe & follow the prompts.
When finished, it will produce a report for you.

Note 1: Do not mouseclick combofix's window while it's running. That may cause it to stall

Note 2: If you receive an error "Illegal operation attempted on a registry key that has been marked for deletion." Please restart the computer

"information and logs"

  • In your next post I need the following
  • Log from Combofix
  • let me know of any problems you may have had
  • How is the computer doing now?

Gringo
  • 0

#6
evolnomis

evolnomis

    Member

  • Topic Starter
  • Member
  • PipPip
  • 51 posts
Thanks Gringo!

I ran combofix and the log is below. It ran without any problems
Unfortunately, the symptoms are the same. As I am typing this, I need to pause every now and then to deal with the lag. And scrolling also has lag. As with before, the lag doesn't happen all the time but happens every now and then when i type, press buttons, watch videos, or scroll.


ComboFix 12-12-30.01 - SimonLaptop 12/31/2012 0:13.1.2 - x64
Microsoft Windows 7 Home Premium 6.1.7601.1.1252.1.1033.18.4044.2914 [GMT 9:00]
Running from: c:\users\SimonLaptop\Desktop\ComboFix.exe
AV: avast! Antivirus *Disabled/Updated* {2B2D1395-420B-D5C9-657E-930FE358FC3C}
SP: avast! Antivirus *Disabled/Updated* {904CF271-6431-DA47-5FCE-A87D98DFB681}
SP: Spybot - Search and Destroy *Disabled/Outdated* {9BC38DF1-3CCA-732D-A930-C1CA5F20A4B0}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\windows\SysWow64\CKAgent.dat
.
.
((((((((((((((((((((((((( Files Created from 2012-11-28 to 2012-12-30 )))))))))))))))))))))))))))))))
.
.
2012-12-30 15:20 . 2012-12-30 15:20 -------- d-----w- c:\users\Default\AppData\Local\temp
2012-12-28 15:47 . 2012-12-28 15:47 76232 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{74EDF32F-0327-4B2A-A5CA-F07F901E22D0}\offreg.dll
2012-12-28 08:22 . 2012-11-08 17:24 9125352 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{74EDF32F-0327-4B2A-A5CA-F07F901E22D0}\mpengine.dll
2012-12-26 11:48 . 2012-12-30 15:03 -------- d-----w- c:\programdata\Spybot - Search & Destroy
2012-12-26 11:47 . 2012-12-26 11:47 -------- d-----w- c:\users\SimonLaptop\AppData\Local\Programs
2012-12-24 11:48 . 2012-12-24 11:48 -------- d-----w- c:\users\SimonLaptop\AppData\Local\ElevatedDiagnostics
2012-12-23 15:32 . 2012-12-23 15:32 100352 ----a-w- c:\windows\system32\dfboottime.exe
2012-12-21 18:41 . 2012-12-16 17:11 46080 ----a-w- c:\windows\system32\atmlib.dll
2012-12-21 18:41 . 2012-12-16 14:13 34304 ----a-w- c:\windows\SysWow64\atmlib.dll
2012-12-21 18:41 . 2012-12-16 14:45 367616 ----a-w- c:\windows\system32\atmfd.dll
2012-12-21 18:41 . 2012-12-16 14:13 295424 ----a-w- c:\windows\SysWow64\atmfd.dll
2012-12-20 13:36 . 2012-12-20 13:36 -------- d-----w- c:\program files (x86)\INFovine
2012-12-20 13:36 . 2012-09-12 06:26 39936 ----a-w- c:\windows\SysWow64\UbiKeyWin32.dll
2012-12-20 13:36 . 2012-09-12 06:22 48136 ----a-w- c:\windows\SysWow64\UbiKeyUninstall.exe
2012-12-20 13:36 . 2012-09-12 06:22 39928 ----a-w- c:\windows\SysWow64\UbiKey.dll
2012-12-20 13:36 . 2012-09-12 06:22 56328 ----a-w- c:\windows\SysWow64\VineTransfer.ocx
2012-12-20 13:35 . 2012-12-20 13:35 137128 ----a-r- c:\windows\system32\CKAgent.exe
2012-12-20 13:35 . 2012-12-20 13:35 138320 ----a-r- c:\windows\SysWow64\CKAgent.exe
2012-12-12 11:15 . 2012-11-09 05:45 2048 ----a-w- c:\windows\system32\tzres.dll
2012-12-12 11:13 . 2012-11-02 05:59 478208 ----a-w- c:\windows\system32\dpnet.dll
2012-12-12 11:13 . 2012-11-02 05:11 376832 ----a-w- c:\windows\SysWow64\dpnet.dll
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2012-12-20 13:35 . 2012-10-20 09:43 19016 ----a-w- c:\windows\system32\JRSUKD25.SYS
2012-12-20 13:35 . 2012-10-20 09:43 141848 ----a-w- c:\windows\system32\kcrtx64.sys
2012-12-13 14:26 . 2012-10-14 14:22 73656 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2012-12-13 14:26 . 2012-10-14 14:22 697272 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe
2012-10-27 14:51 . 2012-10-27 14:51 3015104 ----a-w- c:\windows\SysWow64\npenkIEInstall5.dll
2012-10-26 12:40 . 2012-10-26 12:40 95208 ----a-w- c:\windows\SysWow64\WindowsAccessBridge-32.dll
2012-10-26 12:40 . 2012-10-26 12:40 821736 ----a-w- c:\windows\SysWow64\npDeployJava1.dll
2012-10-26 12:40 . 2011-03-24 02:26 746984 ----a-w- c:\windows\SysWow64\deployJava1.dll
2012-10-20 09:43 . 2012-10-20 09:43 72272 ----a-w- c:\windows\SysWow64\cosa.dll
2012-10-20 09:43 . 2012-10-20 09:43 58600 ----a-w- c:\windows\SysWow64\I3Gescp.dll
2012-10-20 09:43 . 2012-10-20 09:43 575640 ----a-w- c:\windows\SysWow64\I3GManager.exe
2012-10-20 09:43 . 2012-10-20 09:43 477312 ----a-w- c:\windows\SysWow64\I3GManager.dll
2012-10-20 09:43 . 2012-10-20 09:43 211072 ----a-w- c:\windows\SysWow64\I3GEX.exe
2012-10-20 09:43 . 2012-10-20 09:43 15512 ----a-w- c:\windows\SysWow64\IRTrace.dll
2012-10-20 09:43 . 2012-10-20 09:43 596064 ----a-w- c:\windows\SysWow64\WebPriLoader.dll
2012-10-20 09:43 . 2012-10-20 09:43 971042 ----a-w- c:\windows\SysWow64\npstarterctrl.dll
2012-10-20 09:43 . 2012-10-20 09:43 448032 ----a-w- c:\windows\SysWow64\npstarter.ocx
2012-10-20 09:43 . 2012-10-20 09:43 250145 ----a-w- c:\windows\SysWow64\npstartersvc.exe
2012-10-20 09:43 . 2012-10-20 09:43 221472 ----a-w- c:\windows\SysWow64\npcopycheck.exe
2012-10-20 09:43 . 2012-10-20 09:43 213279 ----a-w- c:\windows\SysWow64\npnj5Agent.exe
2012-10-20 09:43 . 2012-10-20 09:43 189984 ----a-w- c:\windows\SysWow64\npnj5Launcher.exe
2012-10-20 09:43 . 2012-10-20 09:43 475216 ----a-w- c:\windows\SysWow64\CKSetup64.exe
2012-10-20 09:43 . 2012-10-20 09:43 137128 ----a-r- c:\windows\system32\CKAgent.dat
2012-10-20 09:43 . 2012-10-20 09:43 80976 ----a-w- c:\windows\SysWow64\CKKeyProCert.dll
2012-10-20 09:43 . 2012-10-20 09:43 516888 ----a-w- c:\windows\SysWow64\XecureCK.dll
2012-10-20 09:43 . 2012-10-20 09:43 516888 ----a-w- c:\windows\SysWow64\TouchEnKey.dll
2012-10-20 09:43 . 2012-10-20 09:43 434428 ----a-w- c:\windows\SysWow64\CKCSP.dll
2012-10-20 09:43 . 2012-10-20 09:43 261200 ----a-w- c:\windows\SysWow64\npKeyPro.dll
2012-10-20 09:43 . 2012-10-20 09:43 199760 ----a-w- c:\windows\SysWow64\CKApp.dll
2012-10-20 09:43 . 2012-10-20 09:43 191072 ----a-w- c:\windows\SysWow64\kcrypto.dll
2012-10-20 09:43 . 2012-10-20 09:43 134224 ----a-w- c:\windows\SysWow64\JRSoftcp.dll
2012-10-20 09:43 . 2012-10-20 09:43 1260624 ----a-w- c:\windows\SysWow64\CKSetup32.exe
2012-10-16 08:38 . 2012-11-28 08:07 135168 ----a-w- c:\windows\apppatch\AppPatch64\AcXtrnal.dll
2012-10-16 08:38 . 2012-11-28 08:07 350208 ----a-w- c:\windows\apppatch\AppPatch64\AcLayers.dll
2012-10-16 08:02 . 2012-10-16 08:02 91648 ----a-w- c:\windows\system32\SetIEInstalledDate.exe
2012-10-16 08:02 . 2012-10-16 08:02 89088 ----a-w- c:\windows\system32\RegisterIEPKEYs.exe
2012-10-16 08:02 . 2012-10-16 08:02 89088 ----a-w- c:\windows\system32\ie4uinit.exe
2012-10-16 08:02 . 2012-10-16 08:02 86528 ----a-w- c:\windows\SysWow64\iesysprep.dll
2012-10-16 08:02 . 2012-10-16 08:02 85504 ----a-w- c:\windows\system32\iesetup.dll
2012-10-16 08:02 . 2012-10-16 08:02 82432 ----a-w- c:\windows\system32\icardie.dll
2012-10-16 08:02 . 2012-10-16 08:02 76800 ----a-w- c:\windows\SysWow64\SetIEInstalledDate.exe
2012-10-16 08:02 . 2012-10-16 08:02 76800 ----a-w- c:\windows\system32\tdc.ocx
2012-10-16 08:02 . 2012-10-16 08:02 74752 ----a-w- c:\windows\SysWow64\RegisterIEPKEYs.exe
2012-10-16 08:02 . 2012-10-16 08:02 74752 ----a-w- c:\windows\SysWow64\iesetup.dll
2012-10-16 08:02 . 2012-10-16 08:02 65024 ----a-w- c:\windows\system32\pngfilt.dll
2012-10-16 08:02 . 2012-10-16 08:02 63488 ----a-w- c:\windows\SysWow64\tdc.ocx
2012-10-16 08:02 . 2012-10-16 08:02 55296 ----a-w- c:\windows\system32\msfeedsbs.dll
2012-10-16 08:02 . 2012-10-16 08:02 534528 ----a-w- c:\windows\system32\ieapfltr.dll
2012-10-16 08:02 . 2012-10-16 08:02 49664 ----a-w- c:\windows\system32\imgutil.dll
2012-10-16 08:02 . 2012-10-16 08:02 48640 ----a-w- c:\windows\SysWow64\mshtmler.dll
2012-10-16 08:02 . 2012-10-16 08:02 48640 ----a-w- c:\windows\system32\mshtmler.dll
2012-10-16 08:02 . 2012-10-16 08:02 452608 ----a-w- c:\windows\system32\dxtmsft.dll
2012-10-16 08:02 . 2012-10-16 08:02 448512 ----a-w- c:\windows\system32\html.iec
2012-10-16 08:02 . 2012-10-16 08:02 403248 ----a-w- c:\windows\system32\iedkcs32.dll
2012-10-16 08:02 . 2012-10-16 08:02 39936 ----a-w- c:\windows\system32\iernonce.dll
2012-10-16 08:02 . 2012-10-16 08:02 3695416 ----a-w- c:\windows\system32\ieapfltr.dat
2012-10-16 08:02 . 2012-10-16 08:02 367104 ----a-w- c:\windows\SysWow64\html.iec
2012-10-16 08:02 . 2012-10-16 08:02 35840 ----a-w- c:\windows\SysWow64\imgutil.dll
2012-10-16 08:02 . 2012-10-16 08:02 30720 ----a-w- c:\windows\system32\licmgr10.dll
2012-10-16 08:02 . 2012-10-16 08:02 282112 ----a-w- c:\windows\system32\dxtrans.dll
2012-10-16 08:02 . 2012-10-16 08:02 267776 ----a-w- c:\windows\system32\ieaksie.dll
2012-10-16 08:02 . 2012-10-16 08:02 249344 ----a-w- c:\windows\system32\webcheck.dll
2012-10-16 08:02 . 2012-10-16 08:02 23552 ----a-w- c:\windows\SysWow64\licmgr10.dll
2012-10-16 08:02 . 2012-10-16 08:02 222208 ----a-w- c:\windows\system32\msls31.dll
2012-10-16 08:02 . 2012-10-16 08:02 197120 ----a-w- c:\windows\system32\msrating.dll
2012-10-16 08:02 . 2012-10-16 08:02 165888 ----a-w- c:\windows\system32\iexpress.exe
2012-10-16 08:02 . 2012-10-16 08:02 163840 ----a-w- c:\windows\system32\ieakui.dll
2012-10-16 08:02 . 2012-10-16 08:02 161792 ----a-w- c:\windows\SysWow64\msls31.dll
2012-10-16 08:02 . 2012-10-16 08:02 160256 ----a-w- c:\windows\system32\wextract.exe
2012-10-16 08:02 . 2012-10-16 08:02 160256 ----a-w- c:\windows\system32\ieakeng.dll
2012-10-16 08:02 . 2012-10-16 08:02 152064 ----a-w- c:\windows\SysWow64\wextract.exe
2012-10-16 08:02 . 2012-10-16 08:02 150528 ----a-w- c:\windows\SysWow64\iexpress.exe
2012-10-16 08:02 . 2012-10-16 08:02 149504 ----a-w- c:\windows\system32\occache.dll
2012-10-16 08:02 . 2012-10-16 08:02 145920 ----a-w- c:\windows\system32\iepeers.dll
2012-10-16 08:02 . 2012-10-16 08:02 135168 ----a-w- c:\windows\system32\IEAdvpack.dll
2012-10-16 08:02 . 2012-10-16 08:02 12288 ----a-w- c:\windows\system32\mshta.exe
2012-10-16 08:02 . 2012-10-16 08:02 11776 ----a-w- c:\windows\SysWow64\mshta.exe
2012-10-16 08:02 . 2012-10-16 08:02 114176 ----a-w- c:\windows\system32\admparse.dll
2012-10-16 08:02 . 2012-10-16 08:02 111616 ----a-w- c:\windows\system32\iesysprep.dll
2012-10-16 08:02 . 2012-10-16 08:02 110592 ----a-w- c:\windows\SysWow64\IEAdvpack.dll
2012-10-16 08:02 . 2012-10-16 08:02 10752 ----a-w- c:\windows\system32\msfeedssync.exe
2012-10-16 08:02 . 2012-10-16 08:02 103936 ----a-w- c:\windows\system32\inseng.dll
2012-10-16 08:02 . 2012-10-16 08:02 101888 ----a-w- c:\windows\SysWow64\admparse.dll
2012-10-16 07:39 . 2012-11-28 08:07 561664 ----a-w- c:\windows\apppatch\AcLayers.dll
2012-10-14 12:27 . 2012-10-14 12:27 916456 ----a-w- c:\windows\system32\deployJava1.dll
2012-10-14 12:27 . 2012-10-14 12:27 289768 ----a-w- c:\windows\system32\javaws.exe
2012-10-14 12:27 . 2012-10-14 12:27 1034216 ----a-w- c:\windows\system32\npDeployJava1.dll
2012-10-14 12:27 . 2012-10-14 12:27 189416 ----a-w- c:\windows\system32\javaw.exe
2012-10-14 12:27 . 2012-10-14 12:27 188904 ----a-w- c:\windows\system32\java.exe
2012-10-14 12:27 . 2012-10-14 12:27 108008 ----a-w- c:\windows\system32\WindowsAccessBridge-64.dll
2012-10-13 18:17 . 2010-06-24 18:33 19720 ----a-w- c:\programdata\Microsoft\IdentityCRL\production\ppcrlconfig600.dll
2012-10-09 18:17 . 2012-11-15 16:48 55296 ----a-w- c:\windows\system32\dhcpcsvc6.dll
2012-10-09 18:17 . 2012-11-15 16:48 226816 ----a-w- c:\windows\system32\dhcpcore6.dll
2012-10-09 17:40 . 2012-11-15 16:48 193536 ----a-w- c:\windows\SysWow64\dhcpcore6.dll
2012-10-09 17:40 . 2012-11-15 16:48 44032 ----a-w- c:\windows\SysWow64\dhcpcsvc6.dll
2012-10-04 16:40 . 2012-12-12 11:15 44032 ----a-w- c:\windows\apppatch\acwow64.dll
2012-10-03 17:56 . 2012-11-15 16:48 1914248 ----a-w- c:\windows\system32\drivers\tcpip.sys
2012-10-03 17:44 . 2012-11-15 16:48 303104 ----a-w- c:\windows\system32\nlasvc.dll
2012-10-03 17:44 . 2012-11-15 16:48 70656 ----a-w- c:\windows\system32\nlaapi.dll
2012-10-03 17:44 . 2012-11-15 16:48 246272 ----a-w- c:\windows\system32\netcorehc.dll
.
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Gadwin PrintScreen"="c:\program files (x86)\Gadwin Systems\PrintScreen\PrintScreen.exe" [2011-05-03 487424]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"ToshibaServiceStation"="c:\program files (x86)\TOSHIBA\TOSHIBA Service Station\ToshibaServiceStation.exe" [2010-11-29 1294712]
"WinampAgent"="c:\program files (x86)\Winamp\winampa.exe" [2011-06-30 74752]
"avast"="c:\program files\AVAST Software\Avast\avastUI.exe" [2012-07-03 4273976]
"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2012-09-23 926896]
"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2012-07-03 252848]
"AdobeCS6ServiceManager"="c:\program files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe" [2012-03-09 1073312]
"SwitchBoard"="c:\program files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe" [2010-02-19 517096]
.
c:\users\SimonLaptop\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
Dropbox.lnk - c:\users\SimonLaptop\AppData\Roaming\Dropbox\bin\Dropbox.exe [2012-12-22 28538560]
MagicDisc.lnk - c:\program files (x86)\MagicDisc\MagicDisc.exe [2012-10-22 576000]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager]
BootExecute REG_MULTI_SZ dfboottime \??\c:\windows\System32\dfboottime.cfg\0autocheck autochk *\0\0sdnclean64.exe
.
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
R2 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe [2012-07-13 160944]
R3 JRSKD24;JRSKD24;c:\windows\system32\JRSKD24.SYS [x]
R3 kcrtx64;kcrtx64;c:\windows\system32\kcrtx64.sys [2012-12-20 141848]
R3 NPIDS;NPIDS;c:\windows\system32\NpIdsVt64.sys [2011-08-25 88384]
R3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader;c:\windows\system32\Drivers\RtsUStor.sys [2010-12-01 250984]
R3 RSUSBVSTOR;RTSUVSTOR.Sys Realtek USB Card Reader;c:\windows\system32\Drivers\RTSUVSTOR.sys [2010-11-30 307304]
R3 SrvHsfHDA;SrvHsfHDA;c:\windows\system32\DRIVERS\VSTAZL6.SYS [2009-06-10 292864]
R3 SrvHsfV92;SrvHsfV92;c:\windows\system32\DRIVERS\VSTDPV6.SYS [2009-06-10 1485312]
R3 SrvHsfWinac;SrvHsfWinac;c:\windows\system32\DRIVERS\VSTCNXT6.SYS [2009-06-10 740864]
R3 SwitchBoard;SwitchBoard;c:\program files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-02-19 517096]
R3 TMachInfo;TMachInfo;c:\program files (x86)\TOSHIBA\TOSHIBA Service Station\TMachInfo.exe [2010-11-29 54136]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [2010-11-21 59392]
R3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD.sys [2010-11-21 31232]
R3 WatAdminSvc;Windows Activation Technologies Service;c:\windows\system32\Wat\WatAdminSvc.exe [2012-10-16 1255736]
R4 wlcrasvc;Windows Live Mesh remote connections service;c:\program files\Windows Live\Mesh\wlcrasvc.exe [2010-09-23 57184]
S0 tos_sps64;TOSHIBA tos_sps64 Service;c:\windows\system32\DRIVERS\tos_sps64.sys [2009-06-24 482384]
S1 aswSnx;aswSnx; [x]
S1 aswSP;aswSP; [x]
S2 aswFsBlk;aswFsBlk; [x]
S2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys [2012-07-03 71064]
S2 nPStarterSVC;nProtect Starter;c:\windows\system32\nPStarterSVC.exe [x]
S2 TOSHIBA eco Utility Service;TOSHIBA eco Utility Service;c:\program files\TOSHIBA\TECO\TecoService.exe [2011-03-02 266680]
S2 TVALZFL;TOSHIBA ACPI-Based Value Added Logical and General Purpose Device Filter Driver;c:\windows\system32\DRIVERS\TVALZFL.sys [2009-06-20 14472]
S2 UNS;Intel® Management and Security Application User Notification Service;c:\program files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe [2010-12-21 2656280]
S3 IntcDAud;Intel® Display Audio;c:\windows\system32\DRIVERS\IntcDAud.sys [2010-10-15 317440]
S3 L1C;NDIS Miniport Driver for Atheros AR813x/AR815x PCI-E Ethernet Controller;c:\windows\system32\DRIVERS\L1C62x64.sys [2010-11-08 76912]
S3 PGEffect;Pangu effect driver;c:\windows\system32\DRIVERS\pgeffect.sys [2011-02-09 38096]
S3 QIOMem;Generic IO & Memory Access;c:\windows\system32\DRIVERS\QIOMem.sys [2009-06-15 12800]
S3 RTL8192Ce;Realtek Wireless LAN 802.11n PCI-E NIC Driver;c:\windows\system32\DRIVERS\rtl8192Ce.sys [2011-01-05 1109096]
S3 TOSHIBA HDD SSD Alert Service;TOSHIBA HDD SSD Alert Service;c:\program files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSmartSrv.exe [2010-12-08 137632]
S3 TPCHSrv;TPCH Service;c:\program files\TOSHIBA\TPHM\TPCHSrv.exe [2010-12-21 822704]
.
.
--- Other Services/Drivers In Memory ---
.
*NewlyCreated* - WS2IFSL
.
Contents of the 'Scheduled Tasks' folder
.
2012-12-30 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-10-14 14:26]
.
2012-12-30 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2012-10-14 10:03]
.
2012-12-30 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2012-10-14 10:03]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]
@="{472083B0-C522-11CF-8763-00608CC02F24}"
[HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]
2012-07-03 16:21 133400 ----a-w- c:\program files\AVAST Software\Avast\ashShA64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt1]
@="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]
2012-11-13 23:32 162552 ----a-w- c:\users\SimonLaptop\AppData\Roaming\Dropbox\bin\DropboxExt64.17.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt2]
@="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]
2012-11-13 23:32 162552 ----a-w- c:\users\SimonLaptop\AppData\Roaming\Dropbox\bin\DropboxExt64.17.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt3]
@="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]
2012-11-13 23:32 162552 ----a-w- c:\users\SimonLaptop\AppData\Roaming\Dropbox\bin\DropboxExt64.17.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt4]
@="{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}]
2012-11-13 23:32 162552 ----a-w- c:\users\SimonLaptop\AppData\Roaming\Dropbox\bin\DropboxExt64.17.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveBlacklistedOverlay]
@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42}"
[HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42}]
2012-11-08 07:58 755224 ----a-w- c:\program files (x86)\Google\Drive\googledrivesync64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveSharedOverlay]
@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D43}"
[HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D43}]
2012-11-08 07:58 755224 ----a-w- c:\program files (x86)\Google\Drive\googledrivesync64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveSyncedOverlay]
@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40}"
[HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40}]
2012-11-08 07:58 755224 ----a-w- c:\program files (x86)\Google\Drive\googledrivesync64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveSyncingOverlay]
@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41}"
[HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41}]
2012-11-08 07:58 755224 ----a-w- c:\program files (x86)\Google\Drive\googledrivesync64.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2011-04-08 167256]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2011-04-08 391000]
"Persistence"="c:\windows\system32\igfxpers.exe" [2011-04-08 418136]
"SmartAudio"="c:\program files\CONEXANT\SAII\SAIICpl.exe" [2010-12-14 316032]
"TosVolRegulator"="c:\program files\TOSHIBA\TosVolRegulator\TosVolRegulator.exe" [2009-11-11 24376]
"TosSENotify"="c:\program files\TOSHIBA\TOSHIBA HDD SSD Alert\TosWaitSrv.exe" [2010-12-08 710040]
"AdobeAAMUpdater-1.0"="c:\program files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe" [2012-04-03 446392]
.
------- Supplementary Scan -------
.
uLocal Page = c:\windows\system32\blank.htm
uStart Page = about:blank
mLocal Page = c:\windows\SysWOW64\blank.htm
uInternet Settings,ProxyOverride = <local>
IE: E&xport to Microsoft Excel - c:\progra~2\MICROS~3\Office12\EXCEL.EXE/3000
TCP: DhcpNameServer = 168.126.63.1 168.126.63.2 192.168.10.1
DPF: {967386A1-409E-431A-A93A-FB5FEFF86A58} - hxxp://bank.keb.co.kr/veraport/veraport.cab
DPF: {C1143E84-B2B1-473B-9F20-E62DD754FCAF} - hxxp://bank.keb.co.kr/activex/ubikey/VineTransfer.cab
FF - ProfilePath - c:\users\SimonLaptop\AppData\Roaming\Mozilla\Firefox\Profiles\26sioaha.default\
FF - prefs.js: browser.startup.homepage - cnn.com
FF - ExtSQL: 2012-11-24 00:27; [email protected]; c:\users\SimonLaptop\AppData\Roaming\Mozilla\Firefox\Profiles\26sioaha.default\extensions\[email protected]
.
- - - - ORPHANS REMOVED - - - -
.
Toolbar-Locked - (no file)
ShellIconOverlayIdentifiers-{FB314ED9-A251-47B7-93E1-CDD82E34AF8B} - c:\users\SimonLaptop\AppData\Roaming\Dropbox\bin\DropboxExt.14.dll
ShellIconOverlayIdentifiers-{FB314EDA-A251-47B7-93E1-CDD82E34AF8B} - c:\users\SimonLaptop\AppData\Roaming\Dropbox\bin\DropboxExt.14.dll
ShellIconOverlayIdentifiers-{FB314EDB-A251-47B7-93E1-CDD82E34AF8B} - c:\users\SimonLaptop\AppData\Roaming\Dropbox\bin\DropboxExt.14.dll
Wow6432Node-HKCU-Run-AdobeBridge - (no file)
Wow6432Node-HKLM-Run-TSleepSrv - %ProgramFiles(x86)%\TOSHIBA\TOSHIBA Sleep Utility\TSleepSrv.exe
Toolbar-Locked - (no file)
HKLM-Run-TPwrMain - c:\program files (x86)\TOSHIBA\Power Saver\TPwrMain.EXE
HKLM-Run-HSON - c:\program files (x86)\TOSHIBA\TBS\HSON.exe
HKLM-Run-TCrdMain - c:\program files (x86)\TOSHIBA\FlashCards\TCrdMain.exe
HKLM-Run-SynTPEnh - c:\program files (x86)\Synaptics\SynTP\SynTPEnh.exe
HKLM-Run-Teco - c:\program files (x86)\TOSHIBA\TECO\Teco.exe
HKLM-Run-TosWaitSrv - c:\program files (x86)\TOSHIBA\TPHM\TosWaitSrv.exe
HKLM-Run-TosNC - c:\program files (x86)\Toshiba\BulletinBoard\TosNcCore.exe
HKLM-Run-TosReelTimeMonitor - c:\program files (x86)\TOSHIBA\ReelTime\TosReelTimeMonitor.exe
AddRemove-INFovine - c:\windows\system32\UbiKeyUninstall.exe
AddRemove-npn5 - c:\windows\system32\npn5uninst.exe
AddRemove-VeraPort - c:\windows\system32\VeraPortUninstall.exe
AddRemove-XecureCK - c:\windows\system32\CKSetup32.exe
.
.
.
--------------------- LOCKED REGISTRY KEYS ---------------------
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\windows\\system32\\Macromed\\Flash\\FlashUtil64_11_5_502_135_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\windows\\system32\\Macromed\\Flash\\FlashUtil64_11_5_502_135_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_5_502_135_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_5_502_135_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_5_502_135.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.11"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_5_502_135.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_5_502_135.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_5_502_135.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VideoLAN.VLCPlugin.*1*]
@="?????????????????? v1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VideoLAN.VLCPlugin.*1*\CLSID]
@="{E23FE9C6-778E-49D4-B537-38FCDE4887D8}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VideoLAN.VLCPlugin.*2*]
@="?????????????????? v2"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VideoLAN.VLCPlugin.*2*\CLSID]
@="{9BE31822-FDAD-461B-AD51-BE1D1C159921}"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Completion time: 2012-12-31 00:22:12
ComboFix-quarantined-files.txt 2012-12-30 15:22
.
Pre-Run: 25,201,348,608 bytes free
Post-Run: 25,066,033,152 bytes free
.
- - End Of File - - 6D5D823841E0E9A8E1271A51FC5B0A4C
  • 0

#7
gringo_pr

gringo_pr

    Trusted Helper

  • Malware Removal
  • 7,268 posts
Greetings

I want you to run these next,

Please download the latest version of TDSSKiller from here and save it to your Desktop.
  • Doubleclick on TDSSKiller.exe to run the application, then click on Change parameters.
  • Put a checkmark beside loaded modules.
  • A reboot will be needed to apply the changes. Do it.
  • TDSSKiller will launch automatically after the reboot. Also your computer may seem very slow and unusable. This is normal. Give it enough time to load your background programs.
  • Then click on Change parameters in TDSSKiller.
  • Check all boxes then click OK.
  • Click the Start Scan button.
  • The scan should take no longer than 2 minutes.
  • If a suspicious object is detected, the default action will be Skip, click on Continue.
  • If malicious objects are found, they will show in the Scan results
  • Ensure Cure (default) is selected, then click Continue > Reboot now to finish the cleaning process.
    Note: If Cure is not available, please choose Skip instead, do not choose Delete unless instructed.
  • A report will be created in your root directory, (usually C:\ folder) in the form of "TDSSKiller.[Version]_[Date]_[Time]_log.txt". Please copy and paste the contents of that file here.



Please download aswMBR to your desktop.
  • Double click the aswMBR.exe icon to run it
  • it will ask to download extra definitions - ALLOW IT
  • Click the Scan button to start the scan
  • On completion of the scan, click the save log button, save it to your desktop and post it in your next reply.

If you have any problems running either one come back and let me know

please reply with the reports from TDSSKiller and aswMBR

Gringo
  • 0

#8
evolnomis

evolnomis

    Member

  • Topic Starter
  • Member
  • PipPip
  • 51 posts
No problems running the programs...the pc seems to be running with less frequent lags esp when typing and with video but I definitely still have a lag in my system esp when i am switching between programs or clicking or dragging something with the mouse. Thanks!

19:18:55.0697 3740 TDSS rootkit removing tool 2.8.15.0 Oct 31 2012 21:47:35
19:18:56.0618 3740 ============================================================
19:18:56.0618 3740 Current date / time: 2013/01/01 19:18:56.0618
19:18:56.0618 3740 SystemInfo:
19:18:56.0618 3740
19:18:56.0618 3740 OS Version: 6.1.7601 ServicePack: 1.0
19:18:56.0618 3740 Product type: Workstation
19:18:56.0618 3740 ComputerName: SIMONLAPTOP-PC
19:18:56.0618 3740 UserName: SimonLaptop
19:18:56.0618 3740 Windows directory: C:\windows
19:18:56.0618 3740 System windows directory: C:\windows
19:18:56.0618 3740 Running under WOW64
19:18:56.0618 3740 Processor architecture: Intel x64
19:18:56.0618 3740 Number of processors: 2
19:18:56.0618 3740 Page size: 0x1000
19:18:56.0618 3740 Boot type: Normal boot
19:18:56.0618 3740 ============================================================
19:18:58.0037 3740 BG loaded
19:18:58.0755 3740 Drive \Device\Harddisk0\DR0 - Size: 0x4A85D56000 (298.09 Gb), SectorSize: 0x200, Cylinders: 0x9801, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
19:18:58.0755 3740 Drive \Device\Harddisk1\DR1 - Size: 0xF1000000 (3.77 Gb), SectorSize: 0x200, Cylinders: 0x1EB, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'W'
19:18:58.0755 3740 ============================================================
19:18:58.0755 3740 \Device\Harddisk0\DR0:
19:18:58.0755 3740 MBR partitions:
19:18:58.0755 3740 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x2EE800, BlocksNum 0x7800000
19:18:58.0880 3740 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x7AEF000, BlocksNum 0x1BDCA800
19:18:58.0880 3740 \Device\Harddisk1\DR1:
19:18:58.0880 3740 MBR partitions:
19:18:58.0880 3740 ============================================================
19:18:58.0989 3740 C: <-> \Device\Harddisk0\DR0\Partition1
19:18:59.0332 3740 D: <-> \Device\Harddisk0\DR0\Partition2
19:18:59.0332 3740 ============================================================
19:18:59.0332 3740 Initialize success
19:18:59.0332 3740 ============================================================
19:20:13.0110 4772 ============================================================
19:20:13.0110 4772 Scan started
19:20:13.0110 4772 Mode: Manual;
19:20:13.0110 4772 ============================================================
19:20:14.0093 4772 ================ Scan system memory ========================
19:20:14.0093 4772 System memory - ok
19:20:14.0093 4772 ================ Scan services =============================
19:20:14.0452 4772 [ A87D604AEA360176311474C87A63BB88 ] 1394ohci C:\windows\system32\drivers\1394ohci.sys
19:20:14.0452 4772 1394ohci - ok
19:20:14.0499 4772 [ D81D9E70B8A6DD14D42D7B4EFA65D5F2 ] ACPI C:\windows\system32\drivers\ACPI.sys
19:20:14.0499 4772 ACPI - ok
19:20:14.0561 4772 [ 99F8E788246D495CE3794D7E7821D2CA ] AcpiPmi C:\windows\system32\drivers\acpipmi.sys
19:20:14.0561 4772 AcpiPmi - ok
19:20:14.0717 4772 [ B1EA9681502EE57F87DB71D726288A5B ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
19:20:14.0717 4772 AdobeARMservice - ok
19:20:14.0842 4772 [ 95CE557D16A75606CCC2D7F3B0B0BCCB ] AdobeFlashPlayerUpdateSvc C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
19:20:14.0842 4772 AdobeFlashPlayerUpdateSvc - ok
19:20:14.0935 4772 [ 2F6B34B83843F0C5118B63AC634F5BF4 ] adp94xx C:\windows\system32\drivers\adp94xx.sys
19:20:14.0951 4772 adp94xx - ok
19:20:15.0060 4772 [ 597F78224EE9224EA1A13D6350CED962 ] adpahci C:\windows\system32\drivers\adpahci.sys
19:20:15.0060 4772 adpahci - ok
19:20:15.0123 4772 [ E109549C90F62FB570B9540C4B148E54 ] adpu320 C:\windows\system32\drivers\adpu320.sys
19:20:15.0138 4772 adpu320 - ok
19:20:15.0185 4772 [ 4B78B431F225FD8624C5655CB1DE7B61 ] AeLookupSvc C:\windows\System32\aelupsvc.dll
19:20:15.0185 4772 AeLookupSvc - ok
19:20:15.0247 4772 [ 1C7857B62DE5994A75B054A9FD4C3825 ] AFD C:\windows\system32\drivers\afd.sys
19:20:15.0247 4772 AFD - ok
19:20:15.0357 4772 [ 608C14DBA7299D8CB6ED035A68A15799 ] agp440 C:\windows\system32\drivers\agp440.sys
19:20:15.0372 4772 agp440 - ok
19:20:15.0450 4772 [ 3290D6946B5E30E70414990574883DDB ] ALG C:\windows\System32\alg.exe
19:20:15.0450 4772 ALG - ok
19:20:15.0497 4772 [ 5812713A477A3AD7363C7438CA2EE038 ] aliide C:\windows\system32\drivers\aliide.sys
19:20:15.0497 4772 aliide - ok
19:20:15.0544 4772 [ 1FF8B4431C353CE385C875F194924C0C ] amdide C:\windows\system32\drivers\amdide.sys
19:20:15.0544 4772 amdide - ok
19:20:15.0575 4772 [ 7024F087CFF1833A806193EF9D22CDA9 ] AmdK8 C:\windows\system32\drivers\amdk8.sys
19:20:15.0575 4772 AmdK8 - ok
19:20:15.0606 4772 [ 1E56388B3FE0D031C44144EB8C4D6217 ] AmdPPM C:\windows\system32\drivers\amdppm.sys
19:20:15.0622 4772 AmdPPM - ok
19:20:15.0653 4772 [ D4121AE6D0C0E7E13AA221AA57EF2D49 ] amdsata C:\windows\system32\drivers\amdsata.sys
19:20:15.0653 4772 amdsata - ok
19:20:15.0684 4772 [ F67F933E79241ED32FF46A4F29B5120B ] amdsbs C:\windows\system32\drivers\amdsbs.sys
19:20:15.0684 4772 amdsbs - ok
19:20:15.0731 4772 [ 540DAF1CEA6094886D72126FD7C33048 ] amdxata C:\windows\system32\drivers\amdxata.sys
19:20:15.0731 4772 amdxata - ok
19:20:15.0793 4772 [ 89A69C3F2F319B43379399547526D952 ] AppID C:\windows\system32\drivers\appid.sys
19:20:15.0793 4772 AppID - ok
19:20:15.0840 4772 [ 0BC381A15355A3982216F7172F545DE1 ] AppIDSvc C:\windows\System32\appidsvc.dll
19:20:15.0840 4772 AppIDSvc - ok
19:20:15.0918 4772 [ 3977D4A871CA0D4F2ED1E7DB46829731 ] Appinfo C:\windows\System32\appinfo.dll
19:20:15.0918 4772 Appinfo - ok
19:20:15.0981 4772 [ C484F8CEB1717C540242531DB7845C4E ] arc C:\windows\system32\drivers\arc.sys
19:20:15.0981 4772 arc - ok
19:20:15.0996 4772 [ 019AF6924AEFE7839F61C830227FE79C ] arcsas C:\windows\system32\drivers\arcsas.sys
19:20:16.0012 4772 arcsas - ok
19:20:16.0449 4772 [ 9217D874131AE6FF8F642F124F00A555 ] aspnet_state C:\windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
19:20:17.0353 4772 aspnet_state - ok
19:20:17.0385 4772 [ DF59B8E8DF0BD2E0E303778A3806A17D ] aswFsBlk C:\windows\system32\drivers\aswFsBlk.sys
19:20:17.0385 4772 aswFsBlk - ok
19:20:17.0431 4772 [ F8E6AB4F876FEFF69250F2E0C29EF004 ] aswMonFlt C:\windows\system32\drivers\aswMonFlt.sys
19:20:17.0431 4772 aswMonFlt - ok
19:20:17.0463 4772 [ AA92BC4BCBA40CA3AA3FFD1BE24F0C09 ] aswRdr C:\windows\System32\Drivers\aswrdr2.sys
19:20:17.0463 4772 aswRdr - ok
19:20:17.0509 4772 [ F06E230E1E8CA9437A6474B7B551CD37 ] aswSnx C:\windows\system32\drivers\aswSnx.sys
19:20:17.0525 4772 aswSnx - ok
19:20:17.0556 4772 [ 3610CA74A69E380424F0452DEC5C1317 ] aswSP C:\windows\system32\drivers\aswSP.sys
19:20:17.0556 4772 aswSP - ok
19:20:17.0587 4772 [ 87DE3E31CB0091D22351349869324065 ] aswTdi C:\windows\system32\drivers\aswTdi.sys
19:20:17.0587 4772 aswTdi - ok
19:20:17.0634 4772 [ 769765CE2CC62867468CEA93969B2242 ] AsyncMac C:\windows\system32\DRIVERS\asyncmac.sys
19:20:17.0634 4772 AsyncMac - ok
19:20:17.0712 4772 [ 02062C0B390B7729EDC9E69C680A6F3C ] atapi C:\windows\system32\drivers\atapi.sys
19:20:17.0712 4772 atapi - ok
19:20:17.0806 4772 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioEndpointBuilder C:\windows\System32\Audiosrv.dll
19:20:17.0821 4772 AudioEndpointBuilder - ok
19:20:17.0899 4772 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioSrv C:\windows\System32\Audiosrv.dll
19:20:17.0899 4772 AudioSrv - ok
19:20:18.0227 4772 [ 2F7C0F3E39C45E0127FB78B2F18A41F3 ] avast! Antivirus C:\Program Files\AVAST Software\Avast\AvastSvc.exe
19:20:18.0227 4772 avast! Antivirus - ok
19:20:18.0289 4772 [ A6BF31A71B409DFA8CAC83159E1E2AFF ] AxInstSV C:\windows\System32\AxInstSV.dll
19:20:18.0305 4772 AxInstSV - ok
19:20:18.0367 4772 [ 3E5B191307609F7514148C6832BB0842 ] b06bdrv C:\windows\system32\drivers\bxvbda.sys
19:20:18.0383 4772 b06bdrv - ok
19:20:18.0445 4772 [ B5ACE6968304A3900EEB1EBFD9622DF2 ] b57nd60a C:\windows\system32\DRIVERS\b57nd60a.sys
19:20:18.0461 4772 b57nd60a - ok
19:20:18.0508 4772 [ FDE360167101B4E45A96F939F388AEB0 ] BDESVC C:\windows\System32\bdesvc.dll
19:20:18.0508 4772 BDESVC - ok
19:20:18.0523 4772 [ 16A47CE2DECC9B099349A5F840654746 ] Beep C:\windows\system32\drivers\Beep.sys
19:20:18.0539 4772 Beep - ok
19:20:18.0601 4772 [ 82974D6A2FD19445CC5171FC378668A4 ] BFE C:\windows\System32\bfe.dll
19:20:18.0617 4772 BFE - ok
19:20:18.0711 4772 [ 1EA7969E3271CBC59E1730697DC74682 ] BITS C:\windows\system32\qmgr.dll
19:20:18.0726 4772 BITS - ok
19:20:18.0773 4772 [ 61583EE3C3A17003C4ACD0475646B4D3 ] blbdrive C:\windows\system32\DRIVERS\blbdrive.sys
19:20:18.0773 4772 blbdrive - ok
19:20:18.0820 4772 [ 6C02A83164F5CC0A262F4199F0871CF5 ] bowser C:\windows\system32\DRIVERS\bowser.sys
19:20:18.0820 4772 bowser - ok
19:20:18.0882 4772 [ F09EEE9EDC320B5E1501F749FDE686C8 ] BrFiltLo C:\windows\system32\drivers\BrFiltLo.sys
19:20:18.0882 4772 BrFiltLo - ok
19:20:18.0882 4772 [ B114D3098E9BDB8BEA8B053685831BE6 ] BrFiltUp C:\windows\system32\drivers\BrFiltUp.sys
19:20:18.0898 4772 BrFiltUp - ok
19:20:18.0929 4772 [ 5C2F352A4E961D72518261257AAE204B ] BridgeMP C:\windows\system32\DRIVERS\bridge.sys
19:20:18.0929 4772 BridgeMP - ok
19:20:18.0991 4772 [ 05F5A0D14A2EE1D8255C2AA0E9E8E694 ] Browser C:\windows\System32\browser.dll
19:20:18.0991 4772 Browser - ok
19:20:18.0991 4772 [ 43BEA8D483BF1870F018E2D02E06A5BD ] Brserid C:\windows\System32\Drivers\Brserid.sys
19:20:19.0007 4772 Brserid - ok
19:20:19.0023 4772 [ A6ECA2151B08A09CACECA35C07F05B42 ] BrSerWdm C:\windows\System32\Drivers\BrSerWdm.sys
19:20:19.0023 4772 BrSerWdm - ok
19:20:19.0023 4772 [ B79968002C277E869CF38BD22CD61524 ] BrUsbMdm C:\windows\System32\Drivers\BrUsbMdm.sys
19:20:19.0038 4772 BrUsbMdm - ok
19:20:19.0038 4772 [ A87528880231C54E75EA7A44943B38BF ] BrUsbSer C:\windows\System32\Drivers\BrUsbSer.sys
19:20:19.0038 4772 BrUsbSer - ok
19:20:19.0054 4772 [ 9DA669F11D1F894AB4EB69BF546A42E8 ] BTHMODEM C:\windows\system32\drivers\bthmodem.sys
19:20:19.0054 4772 BTHMODEM - ok
19:20:19.0116 4772 [ 95F9C2976059462CBBF227F7AAB10DE9 ] bthserv C:\windows\system32\bthserv.dll
19:20:19.0116 4772 bthserv - ok
19:20:19.0147 4772 catchme - ok
19:20:19.0179 4772 [ B8BD2BB284668C84865658C77574381A ] cdfs C:\windows\system32\DRIVERS\cdfs.sys
19:20:19.0179 4772 cdfs - ok
19:20:19.0225 4772 [ F036CE71586E93D94DAB220D7BDF4416 ] cdrom C:\windows\system32\DRIVERS\cdrom.sys
19:20:19.0241 4772 cdrom - ok
19:20:19.0288 4772 [ F17D1D393BBC69C5322FBFAFACA28C7F ] CertPropSvc C:\windows\System32\certprop.dll
19:20:19.0288 4772 CertPropSvc - ok
19:20:19.0335 4772 [ D7CD5C4E1B71FA62050515314CFB52CF ] circlass C:\windows\system32\drivers\circlass.sys
19:20:19.0335 4772 circlass - ok
19:20:19.0366 4772 [ FE1EC06F2253F691FE36217C592A0206 ] CLFS C:\windows\system32\CLFS.sys
19:20:19.0366 4772 CLFS - ok
19:20:19.0444 4772 [ D88040F816FDA31C3B466F0FA0918F29 ] clr_optimization_v2.0.50727_32 C:\windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
19:20:19.0444 4772 clr_optimization_v2.0.50727_32 - ok
19:20:19.0491 4772 [ D1CEEA2B47CB998321C579651CE3E4F8 ] clr_optimization_v2.0.50727_64 C:\windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
19:20:19.0491 4772 clr_optimization_v2.0.50727_64 - ok
19:20:19.0631 4772 [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
19:20:19.0709 4772 clr_optimization_v4.0.30319_32 - ok
19:20:19.0771 4772 [ C6F9AF94DCD58122A4D7E89DB6BED29D ] clr_optimization_v4.0.30319_64 C:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
19:20:19.0834 4772 clr_optimization_v4.0.30319_64 - ok
19:20:19.0896 4772 [ 0840155D0BDDF1190F84A663C284BD33 ] CmBatt C:\windows\system32\DRIVERS\CmBatt.sys
19:20:19.0896 4772 CmBatt - ok
19:20:19.0943 4772 [ E19D3F095812725D88F9001985B94EDD ] cmdide C:\windows\system32\drivers\cmdide.sys
19:20:19.0943 4772 cmdide - ok
19:20:20.0005 4772 [ 9AC4F97C2D3E93367E2148EA940CD2CD ] CNG C:\windows\system32\Drivers\cng.sys
19:20:20.0021 4772 CNG - ok
19:20:20.0208 4772 [ 66847C979893A11CFCC2280E772D7EA1 ] CnxtHdAudService C:\windows\system32\drivers\CHDRT64.sys
19:20:20.0224 4772 CnxtHdAudService - ok
19:20:20.0286 4772 [ 102DE219C3F61415F964C88E9085AD14 ] Compbatt C:\windows\system32\drivers\compbatt.sys
19:20:20.0286 4772 Compbatt - ok
19:20:20.0302 4772 [ 03EDB043586CCEBA243D689BDDA370A8 ] CompositeBus C:\windows\system32\DRIVERS\CompositeBus.sys
19:20:20.0302 4772 CompositeBus - ok
19:20:20.0317 4772 COMSysApp - ok
19:20:20.0333 4772 [ 1C827878A998C18847245FE1F34EE597 ] crcdisk C:\windows\system32\drivers\crcdisk.sys
19:20:20.0349 4772 crcdisk - ok
19:20:20.0395 4772 [ 9C01375BE382E834CC26D1B7EAF2C4FE ] CryptSvc C:\windows\system32\cryptsvc.dll
19:20:20.0411 4772 CryptSvc - ok
19:20:20.0458 4772 [ 5C627D1B1138676C0A7AB2C2C190D123 ] DcomLaunch C:\windows\system32\rpcss.dll
19:20:20.0473 4772 DcomLaunch - ok
19:20:20.0505 4772 [ 3CEC7631A84943677AA8FA8EE5B6B43D ] defragsvc C:\windows\System32\defragsvc.dll
19:20:20.0520 4772 defragsvc - ok
19:20:20.0567 4772 [ 9BB2EF44EAA163B29C4A4587887A0FE4 ] DfsC C:\windows\system32\Drivers\dfsc.sys
19:20:20.0567 4772 DfsC - ok
19:20:20.0661 4772 [ 43D808F5D9E1A18E5EEB5EBC83969E4E ] Dhcp C:\windows\system32\dhcpcore.dll
19:20:20.0661 4772 Dhcp - ok
19:20:20.0692 4772 [ 13096B05847EC78F0977F2C0F79E9AB3 ] discache C:\windows\system32\drivers\discache.sys
19:20:20.0692 4772 discache - ok
19:20:20.0723 4772 [ 9819EEE8B5EA3784EC4AF3B137A5244C ] Disk C:\windows\system32\drivers\disk.sys
19:20:20.0723 4772 Disk - ok
19:20:20.0754 4772 [ 16835866AAA693C7D7FCEBA8FFF706E4 ] Dnscache C:\windows\System32\dnsrslvr.dll
19:20:20.0754 4772 Dnscache - ok
19:20:20.0785 4772 [ B1FB3DDCA0FDF408750D5843591AFBC6 ] dot3svc C:\windows\System32\dot3svc.dll
19:20:20.0785 4772 dot3svc - ok
19:20:20.0785 4772 [ B26F4F737E8F9DF4F31AF6CF31D05820 ] DPS C:\windows\system32\dps.dll
19:20:20.0801 4772 DPS - ok
19:20:20.0817 4772 [ 9B19F34400D24DF84C858A421C205754 ] drmkaud C:\windows\system32\drivers\drmkaud.sys
19:20:20.0817 4772 drmkaud - ok
19:20:20.0895 4772 [ F5BEE30450E18E6B83A5012C100616FD ] DXGKrnl C:\windows\System32\drivers\dxgkrnl.sys
19:20:20.0895 4772 DXGKrnl - ok
19:20:20.0957 4772 [ E2DDA8726DA9CB5B2C4000C9018A9633 ] EapHost C:\windows\System32\eapsvc.dll
19:20:20.0973 4772 EapHost - ok
19:20:21.0097 4772 [ DC5D737F51BE844D8C82C695EB17372F ] ebdrv C:\windows\system32\drivers\evbda.sys
19:20:21.0144 4772 ebdrv - ok
19:20:21.0207 4772 [ C118A82CD78818C29AB228366EBF81C3 ] EFS C:\windows\System32\lsass.exe
19:20:21.0207 4772 EFS - ok
19:20:21.0269 4772 [ C4002B6B41975F057D98C439030CEA07 ] ehRecvr C:\windows\ehome\ehRecvr.exe
19:20:21.0285 4772 ehRecvr - ok
19:20:21.0285 4772 [ 4705E8EF9934482C5BB488CE28AFC681 ] ehSched C:\windows\ehome\ehsched.exe
19:20:21.0285 4772 ehSched - ok
19:20:21.0363 4772 [ 0E5DA5369A0FCAEA12456DD852545184 ] elxstor C:\windows\system32\drivers\elxstor.sys
19:20:21.0378 4772 elxstor - ok
19:20:21.0378 4772 [ 34A3C54752046E79A126E15C51DB409B ] ErrDev C:\windows\system32\drivers\errdev.sys
19:20:21.0378 4772 ErrDev - ok
19:20:21.0425 4772 [ 4166F82BE4D24938977DD1746BE9B8A0 ] EventSystem C:\windows\system32\es.dll
19:20:21.0441 4772 EventSystem - ok
19:20:21.0472 4772 [ A510C654EC00C1E9BDD91EEB3A59823B ] exfat C:\windows\system32\drivers\exfat.sys
19:20:21.0472 4772 exfat - ok
19:20:21.0487 4772 [ 0ADC83218B66A6DB380C330836F3E36D ] fastfat C:\windows\system32\drivers\fastfat.sys
19:20:21.0503 4772 fastfat - ok
19:20:21.0581 4772 [ DBEFD454F8318A0EF691FDD2EAAB44EB ] Fax C:\windows\system32\fxssvc.exe
19:20:21.0597 4772 Fax - ok
19:20:21.0628 4772 [ D765D19CD8EF61F650C384F62FAC00AB ] fdc C:\windows\system32\drivers\fdc.sys
19:20:21.0628 4772 fdc - ok
19:20:21.0659 4772 [ 0438CAB2E03F4FB61455A7956026FE86 ] fdPHost C:\windows\system32\fdPHost.dll
19:20:21.0675 4772 fdPHost - ok
19:20:21.0690 4772 [ 802496CB59A30349F9A6DD22D6947644 ] FDResPub C:\windows\system32\fdrespub.dll
19:20:21.0690 4772 FDResPub - ok
19:20:21.0721 4772 [ 655661BE46B5F5F3FD454E2C3095B930 ] FileInfo C:\windows\system32\drivers\fileinfo.sys
19:20:21.0721 4772 FileInfo - ok
19:20:21.0753 4772 [ 5F671AB5BC87EEA04EC38A6CD5962A47 ] Filetrace C:\windows\system32\drivers\filetrace.sys
19:20:21.0753 4772 Filetrace - ok
19:20:21.0784 4772 [ C172A0F53008EAEB8EA33FE10E177AF5 ] flpydisk C:\windows\system32\drivers\flpydisk.sys
19:20:21.0784 4772 flpydisk - ok
19:20:21.0846 4772 [ DA6B67270FD9DB3697B20FCE94950741 ] FltMgr C:\windows\system32\drivers\fltmgr.sys
19:20:21.0846 4772 FltMgr - ok
19:20:21.0924 4772 [ 5C4CB4086FB83115B153E47ADD961A0C ] FontCache C:\windows\system32\FntCache.dll
19:20:21.0940 4772 FontCache - ok
19:20:21.0987 4772 [ A8B7F3818AB65695E3A0BB3279F6DCE6 ] FontCache3.0.0.0 C:\windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
19:20:21.0987 4772 FontCache3.0.0.0 - ok
19:20:22.0002 4772 [ D43703496149971890703B4B1B723EAC ] FsDepends C:\windows\system32\drivers\FsDepends.sys
19:20:22.0002 4772 FsDepends - ok
19:20:22.0033 4772 [ 6BD9295CC032DD3077C671FCCF579A7B ] Fs_Rec C:\windows\system32\drivers\Fs_Rec.sys
19:20:22.0033 4772 Fs_Rec - ok
19:20:22.0080 4772 [ 1F7B25B858FA27015169FE95E54108ED ] fvevol C:\windows\system32\DRIVERS\fvevol.sys
19:20:22.0080 4772 fvevol - ok
19:20:22.0096 4772 [ 8C778D335C9D272CFD3298AB02ABE3B6 ] gagp30kx C:\windows\system32\drivers\gagp30kx.sys
19:20:22.0096 4772 gagp30kx - ok
19:20:22.0143 4772 [ 277BBC7E1AA1EE957F573A10ECA7EF3A ] gpsvc C:\windows\System32\gpsvc.dll
19:20:22.0143 4772 gpsvc - ok
19:20:22.0283 4772 [ F02A533F517EB38333CB12A9E8963773 ] gupdate C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
19:20:22.0299 4772 gupdate - ok
19:20:22.0345 4772 [ F02A533F517EB38333CB12A9E8963773 ] gupdatem C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
19:20:22.0345 4772 gupdatem - ok
19:20:22.0392 4772 [ 5D4BC124FAAE6730AC002CDB67BF1A1C ] gusvc C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
19:20:22.0392 4772 gusvc - ok
19:20:22.0423 4772 [ F2523EF6460FC42405B12248338AB2F0 ] hcw85cir C:\windows\system32\drivers\hcw85cir.sys
19:20:22.0423 4772 hcw85cir - ok
19:20:22.0486 4772 [ 975761C778E33CD22498059B91E7373A ] HdAudAddService C:\windows\system32\drivers\HdAudio.sys
19:20:22.0486 4772 HdAudAddService - ok
19:20:22.0533 4772 [ 97BFED39B6B79EB12CDDBFEED51F56BB ] HDAudBus C:\windows\system32\DRIVERS\HDAudBus.sys
19:20:22.0533 4772 HDAudBus - ok
19:20:22.0579 4772 [ 78E86380454A7B10A5EB255DC44A355F ] HidBatt C:\windows\system32\drivers\HidBatt.sys
19:20:22.0579 4772 HidBatt - ok
19:20:22.0595 4772 [ 7FD2A313F7AFE5C4DAB14798C48DD104 ] HidBth C:\windows\system32\drivers\hidbth.sys
19:20:22.0595 4772 HidBth - ok
19:20:22.0626 4772 [ 0A77D29F311B88CFAE3B13F9C1A73825 ] HidIr C:\windows\system32\drivers\hidir.sys
19:20:22.0626 4772 HidIr - ok
19:20:22.0657 4772 [ BD9EB3958F213F96B97B1D897DEE006D ] hidserv C:\windows\System32\hidserv.dll
19:20:22.0657 4772 hidserv - ok
19:20:22.0735 4772 [ 9592090A7E2B61CD582B612B6DF70536 ] HidUsb C:\windows\system32\DRIVERS\hidusb.sys
19:20:22.0735 4772 HidUsb - ok
19:20:22.0767 4772 [ 387E72E739E15E3D37907A86D9FF98E2 ] hkmsvc C:\windows\system32\kmsvc.dll
19:20:22.0767 4772 hkmsvc - ok
19:20:22.0813 4772 [ EFDFB3DD38A4376F93E7985173813ABD ] HomeGroupListener C:\windows\system32\ListSvc.dll
19:20:22.0813 4772 HomeGroupListener - ok
19:20:22.0829 4772 [ 908ACB1F594274965A53926B10C81E89 ] HomeGroupProvider C:\windows\system32\provsvc.dll
19:20:22.0845 4772 HomeGroupProvider - ok
19:20:22.0876 4772 [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC ] HpSAMD C:\windows\system32\drivers\HpSAMD.sys
19:20:22.0876 4772 HpSAMD - ok
19:20:22.0954 4772 [ 0EA7DE1ACB728DD5A369FD742D6EEE28 ] HTTP C:\windows\system32\drivers\HTTP.sys
19:20:22.0954 4772 HTTP - ok
19:20:22.0969 4772 [ A5462BD6884960C9DC85ED49D34FF392 ] hwpolicy C:\windows\system32\drivers\hwpolicy.sys
19:20:22.0969 4772 hwpolicy - ok
19:20:22.0985 4772 [ FA55C73D4AFFA7EE23AC4BE53B4592D3 ] i8042prt C:\windows\system32\DRIVERS\i8042prt.sys
19:20:22.0985 4772 i8042prt - ok
19:20:23.0079 4772 [ D469B77687E12FE43E344806740B624D ] iaStor C:\windows\system32\DRIVERS\iaStor.sys
19:20:23.0094 4772 iaStor - ok
19:20:23.0157 4772 [ AAAF44DB3BD0B9D1FB6969B23ECC8366 ] iaStorV C:\windows\system32\drivers\iaStorV.sys
19:20:23.0157 4772 iaStorV - ok
19:20:23.0281 4772 [ DAF66902F08796F9C694901660E5A64A ] IDriverT C:\Program Files (x86)\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe
19:20:23.0297 4772 IDriverT - ok
19:20:23.0500 4772 [ 5988FC40F8DB5B0739CD1E3A5D0D78BD ] idsvc C:\windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
19:20:23.0718 4772 idsvc - ok
19:20:24.0576 4772 [ 370C2A8629B30F910F740387795DDC6F ] igfx C:\windows\system32\DRIVERS\igdkmd64.sys
19:20:24.0670 4772 igfx - ok
19:20:24.0701 4772 [ 5C18831C61933628F5BB0EA2675B9D21 ] iirsp C:\windows\system32\drivers\iirsp.sys
19:20:24.0701 4772 iirsp - ok
19:20:24.0748 4772 [ FCD84C381E0140AF901E58D48882D26B ] IKEEXT C:\windows\System32\ikeext.dll
19:20:24.0763 4772 IKEEXT - ok
19:20:24.0826 4772 [ FC727061C0F47C8059E88E05D5C8E381 ] IntcDAud C:\windows\system32\DRIVERS\IntcDAud.sys
19:20:24.0826 4772 IntcDAud - ok
19:20:24.0841 4772 [ F00F20E70C6EC3AA366910083A0518AA ] intelide C:\windows\system32\drivers\intelide.sys
19:20:24.0841 4772 intelide - ok
19:20:24.0888 4772 [ ADA036632C664CAA754079041CF1F8C1 ] intelppm C:\windows\system32\DRIVERS\intelppm.sys
19:20:24.0888 4772 intelppm - ok
19:20:24.0919 4772 [ 098A91C54546A3B878DAD6A7E90A455B ] IPBusEnum C:\windows\system32\ipbusenum.dll
19:20:24.0919 4772 IPBusEnum - ok
19:20:24.0966 4772 [ C9F0E1BD74365A8771590E9008D22AB6 ] IpFilterDriver C:\windows\system32\DRIVERS\ipfltdrv.sys
19:20:24.0966 4772 IpFilterDriver - ok
19:20:25.0013 4772 [ 08C2957BB30058E663720C5606885653 ] iphlpsvc C:\windows\System32\iphlpsvc.dll
19:20:25.0013 4772 iphlpsvc - ok
19:20:25.0060 4772 [ 0FC1AEA580957AA8817B8F305D18CA3A ] IPMIDRV C:\windows\system32\drivers\IPMIDrv.sys
19:20:25.0060 4772 IPMIDRV - ok
19:20:25.0091 4772 [ AF9B39A7E7B6CAA203B3862582E9F2D0 ] IPNAT C:\windows\system32\drivers\ipnat.sys
19:20:25.0091 4772 IPNAT - ok
19:20:25.0138 4772 [ 3ABF5E7213EB28966D55D58B515D5CE9 ] IRENUM C:\windows\system32\drivers\irenum.sys
19:20:25.0138 4772 IRENUM - ok
19:20:25.0138 4772 [ 2F7B28DC3E1183E5EB418DF55C204F38 ] isapnp C:\windows\system32\drivers\isapnp.sys
19:20:25.0138 4772 isapnp - ok
19:20:25.0185 4772 [ D931D7309DEB2317035B07C9F9E6B0BD ] iScsiPrt C:\windows\system32\drivers\msiscsi.sys
19:20:25.0185 4772 iScsiPrt - ok
19:20:25.0200 4772 JRSKD24 - ok
19:20:25.0247 4772 [ BC02336F1CBA7DCC7D1213BB588A68A5 ] kbdclass C:\windows\system32\DRIVERS\kbdclass.sys
19:20:25.0247 4772 kbdclass - ok
19:20:25.0294 4772 [ 0705EFF5B42A9DB58548EEC3B26BB484 ] kbdhid C:\windows\system32\drivers\kbdhid.sys
19:20:25.0294 4772 kbdhid - ok
19:20:25.0434 4772 [ B2023B8C0ACA7A4FF75A69E877DFB2D4 ] kcrtx64 C:\windows\system32\kcrtx64.sys
19:20:25.0465 4772 kcrtx64 - ok
19:20:25.0481 4772 [ C118A82CD78818C29AB228366EBF81C3 ] KeyIso C:\windows\system32\lsass.exe
19:20:25.0481 4772 KeyIso - ok
19:20:25.0512 4772 [ 97A7070AEA4C058B6418519E869A63B4 ] KSecDD C:\windows\system32\Drivers\ksecdd.sys
19:20:25.0512 4772 KSecDD - ok
19:20:25.0528 4772 [ 26C43A7C2862447EC59DEDA188D1DA07 ] KSecPkg C:\windows\system32\Drivers\ksecpkg.sys
19:20:25.0528 4772 KSecPkg - ok
19:20:25.0590 4772 [ 6869281E78CB31A43E969F06B57347C4 ] ksthunk C:\windows\system32\drivers\ksthunk.sys
19:20:25.0590 4772 ksthunk - ok
19:20:25.0653 4772 [ 6AB66E16AA859232F64DEB66887A8C9C ] KtmRm C:\windows\system32\msdtckrm.dll
19:20:25.0653 4772 KtmRm - ok
19:20:25.0731 4772 [ EBED8B3FF4A823C1A6EEBEED7B29353F ] L1C C:\windows\system32\DRIVERS\L1C62x64.sys
19:20:25.0731 4772 L1C - ok
19:20:25.0762 4772 [ D9F42719019740BAA6D1C6D536CBDAA6 ] LanmanServer C:\windows\System32\srvsvc.dll
19:20:25.0777 4772 LanmanServer - ok
19:20:25.0824 4772 [ 851A1382EED3E3A7476DB004F4EE3E1A ] LanmanWorkstation C:\windows\System32\wkssvc.dll
19:20:25.0840 4772 LanmanWorkstation - ok
19:20:25.0902 4772 [ 1538831CF8AD2979A04C423779465827 ] lltdio C:\windows\system32\DRIVERS\lltdio.sys
19:20:25.0918 4772 lltdio - ok
19:20:25.0980 4772 [ C1185803384AB3FEED115F79F109427F ] lltdsvc C:\windows\System32\lltdsvc.dll
19:20:25.0980 4772 lltdsvc - ok
19:20:26.0011 4772 [ F993A32249B66C9D622EA5592A8B76B8 ] lmhosts C:\windows\System32\lmhsvc.dll
19:20:26.0011 4772 lmhosts - ok
19:20:26.0121 4772 [ 2ED1786B7542CDA261029F6B526EDF44 ] LMS C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
19:20:26.0121 4772 LMS - ok
19:20:26.0245 4772 [ 1A93E54EB0ECE102495A51266DCDB6A6 ] LSI_FC C:\windows\system32\drivers\lsi_fc.sys
19:20:26.0245 4772 LSI_FC - ok
19:20:26.0277 4772 [ 1047184A9FDC8BDBFF857175875EE810 ] LSI_SAS C:\windows\system32\drivers\lsi_sas.sys
19:20:26.0277 4772 LSI_SAS - ok
19:20:26.0308 4772 [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93 ] LSI_SAS2 C:\windows\system32\drivers\lsi_sas2.sys
19:20:26.0308 4772 LSI_SAS2 - ok
19:20:26.0308 4772 [ 0504EACAFF0D3C8AED161C4B0D369D4A ] LSI_SCSI C:\windows\system32\drivers\lsi_scsi.sys
19:20:26.0308 4772 LSI_SCSI - ok
19:20:26.0339 4772 [ 43D0F98E1D56CCDDB0D5254CFF7B356E ] luafv C:\windows\system32\drivers\luafv.sys
19:20:26.0339 4772 luafv - ok
19:20:26.0401 4772 [ 79D51E7F5926E8CE1B3EBECEBAE28CFF ] mcdbus C:\windows\system32\DRIVERS\mcdbus.sys
19:20:26.0401 4772 mcdbus - ok
19:20:26.0433 4772 [ 0BE09CD858ABF9DF6ED259D57A1A1663 ] Mcx2Svc C:\windows\system32\Mcx2Svc.dll
19:20:26.0448 4772 Mcx2Svc - ok
19:20:26.0479 4772 [ A55805F747C6EDB6A9080D7C633BD0F4 ] megasas C:\windows\system32\drivers\megasas.sys
19:20:26.0479 4772 megasas - ok
19:20:26.0604 4772 [ BAF74CE0072480C3B6B7C13B2A94D6B3 ] MegaSR C:\windows\system32\drivers\MegaSR.sys
19:20:26.0604 4772 MegaSR - ok
19:20:26.0698 4772 [ A6518DCC42F7A6E999BB3BEA8FD87567 ] MEIx64 C:\windows\system32\DRIVERS\HECIx64.sys
19:20:26.0698 4772 MEIx64 - ok
19:20:26.0713 4772 [ E40E80D0304A73E8D269F7141D77250B ] MMCSS C:\windows\system32\mmcss.dll
19:20:26.0729 4772 MMCSS - ok
19:20:26.0760 4772 [ 800BA92F7010378B09F9ED9270F07137 ] Modem C:\windows\system32\drivers\modem.sys
19:20:26.0760 4772 Modem - ok
19:20:26.0791 4772 [ B03D591DC7DA45ECE20B3B467E6AADAA ] monitor C:\windows\system32\DRIVERS\monitor.sys
19:20:26.0807 4772 monitor - ok
19:20:26.0869 4772 [ 7D27EA49F3C1F687D357E77A470AEA99 ] mouclass C:\windows\system32\DRIVERS\mouclass.sys
19:20:26.0869 4772 mouclass - ok
19:20:26.0916 4772 [ D3BF052C40B0C4166D9FD86A4288C1E6 ] mouhid C:\windows\system32\DRIVERS\mouhid.sys
19:20:26.0916 4772 mouhid - ok
19:20:26.0963 4772 [ 32E7A3D591D671A6DF2DB515A5CBE0FA ] mountmgr C:\windows\system32\drivers\mountmgr.sys
19:20:26.0963 4772 mountmgr - ok
19:20:27.0088 4772 [ 8C7336950F1E69CDFD811CBBD9CF00A2 ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
19:20:27.0088 4772 MozillaMaintenance - ok
19:20:27.0119 4772 [ A44B420D30BD56E145D6A2BC8768EC58 ] mpio C:\windows\system32\drivers\mpio.sys
19:20:27.0119 4772 mpio - ok
19:20:27.0213 4772 [ 6C38C9E45AE0EA2FA5E551F2ED5E978F ] mpsdrv C:\windows\system32\drivers\mpsdrv.sys
19:20:27.0213 4772 mpsdrv - ok
19:20:27.0244 4772 [ 54FFC9C8898113ACE189D4AA7199D2C1 ] MpsSvc C:\windows\system32\mpssvc.dll
19:20:27.0259 4772 MpsSvc - ok
19:20:27.0337 4772 [ DC722758B8261E1ABAFD31A3C0A66380 ] MRxDAV C:\windows\system32\drivers\mrxdav.sys
19:20:27.0337 4772 MRxDAV - ok
19:20:27.0384 4772 [ A5D9106A73DC88564C825D317CAC68AC ] mrxsmb C:\windows\system32\DRIVERS\mrxsmb.sys
19:20:27.0384 4772 mrxsmb - ok
19:20:27.0415 4772 [ D711B3C1D5F42C0C2415687BE09FC163 ] mrxsmb10 C:\windows\system32\DRIVERS\mrxsmb10.sys
19:20:27.0415 4772 mrxsmb10 - ok
19:20:27.0462 4772 [ 9423E9D355C8D303E76B8CFBD8A5C30C ] mrxsmb20 C:\windows\system32\DRIVERS\mrxsmb20.sys
19:20:27.0462 4772 mrxsmb20 - ok
19:20:27.0493 4772 [ C25F0BAFA182CBCA2DD3C851C2E75796 ] msahci C:\windows\system32\DRIVERS\msahci.sys
19:20:27.0493 4772 msahci - ok
19:20:27.0525 4772 [ DB801A638D011B9633829EB6F663C900 ] msdsm C:\windows\system32\drivers\msdsm.sys
19:20:27.0525 4772 msdsm - ok
19:20:27.0556 4772 [ DE0ECE52236CFA3ED2DBFC03F28253A8 ] MSDTC C:\windows\System32\msdtc.exe
19:20:27.0556 4772 MSDTC - ok
19:20:27.0587 4772 [ AA3FB40E17CE1388FA1BEDAB50EA8F96 ] Msfs C:\windows\system32\drivers\Msfs.sys
19:20:27.0587 4772 Msfs - ok
19:20:27.0618 4772 [ F9D215A46A8B9753F61767FA72A20326 ] mshidkmdf C:\windows\System32\drivers\mshidkmdf.sys
19:20:27.0618 4772 mshidkmdf - ok
19:20:27.0618 4772 [ D916874BBD4F8B07BFB7FA9B3CCAE29D ] msisadrv C:\windows\system32\drivers\msisadrv.sys
19:20:27.0618 4772 msisadrv - ok
19:20:27.0665 4772 [ 808E98FF49B155C522E6400953177B08 ] MSiSCSI C:\windows\system32\iscsiexe.dll
19:20:27.0665 4772 MSiSCSI - ok
19:20:27.0681 4772 msiserver - ok
19:20:27.0696 4772 [ 49CCF2C4FEA34FFAD8B1B59D49439366 ] MSKSSRV C:\windows\system32\drivers\MSKSSRV.sys
19:20:27.0712 4772 MSKSSRV - ok
19:20:27.0743 4772 [ BDD71ACE35A232104DDD349EE70E1AB3 ] MSPCLOCK C:\windows\system32\drivers\MSPCLOCK.sys
19:20:27.0759 4772 MSPCLOCK - ok
19:20:27.0759 4772 [ 4ED981241DB27C3383D72092B618A1D0 ] MSPQM C:\windows\system32\drivers\MSPQM.sys
19:20:27.0759 4772 MSPQM - ok
19:20:27.0790 4772 [ 759A9EEB0FA9ED79DA1FB7D4EF78866D ] MsRPC C:\windows\system32\drivers\MsRPC.sys
19:20:27.0790 4772 MsRPC - ok
19:20:27.0821 4772 [ 0EED230E37515A0EAEE3C2E1BC97B288 ] mssmbios C:\windows\system32\DRIVERS\mssmbios.sys
19:20:27.0821 4772 mssmbios - ok
19:20:27.0852 4772 [ 2E66F9ECB30B4221A318C92AC2250779 ] MSTEE C:\windows\system32\drivers\MSTEE.sys
19:20:27.0852 4772 MSTEE - ok
19:20:27.0852 4772 [ 7EA404308934E675BFFDE8EDF0757BCD ] MTConfig C:\windows\system32\drivers\MTConfig.sys
19:20:27.0852 4772 MTConfig - ok
19:20:27.0868 4772 [ F9A18612FD3526FE473C1BDA678D61C8 ] Mup C:\windows\system32\Drivers\mup.sys
19:20:27.0868 4772 Mup - ok
19:20:27.0899 4772 [ 582AC6D9873E31DFA28A4547270862DD ] napagent C:\windows\system32\qagentRT.dll
19:20:27.0915 4772 napagent - ok
19:20:27.0993 4772 [ 1EA3749C4114DB3E3161156FFFFA6B33 ] NativeWifiP C:\windows\system32\DRIVERS\nwifi.sys
19:20:27.0993 4772 NativeWifiP - ok
19:20:28.0071 4772 [ 760E38053BF56E501D562B70AD796B88 ] NDIS C:\windows\system32\drivers\ndis.sys
19:20:28.0071 4772 NDIS - ok
19:20:28.0133 4772 [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC ] NdisCap C:\windows\system32\DRIVERS\ndiscap.sys
19:20:28.0133 4772 NdisCap - ok
19:20:28.0164 4772 [ 30639C932D9FEF22B31268FE25A1B6E5 ] NdisTapi C:\windows\system32\DRIVERS\ndistapi.sys
19:20:28.0164 4772 NdisTapi - ok
19:20:28.0164 4772 [ 136185F9FB2CC61E573E676AA5402356 ] Ndisuio C:\windows\system32\DRIVERS\ndisuio.sys
19:20:28.0180 4772 Ndisuio - ok
19:20:28.0195 4772 [ 53F7305169863F0A2BDDC49E116C2E11 ] NdisWan C:\windows\system32\DRIVERS\ndiswan.sys
19:20:28.0195 4772 NdisWan - ok
19:20:28.0195 4772 [ 015C0D8E0E0421B4CFD48CFFE2825879 ] NDProxy C:\windows\system32\drivers\NDProxy.sys
19:20:28.0195 4772 NDProxy - ok
19:20:28.0211 4772 [ 86743D9F5D2B1048062B14B1D84501C4 ] NetBIOS C:\windows\system32\DRIVERS\netbios.sys
19:20:28.0211 4772 NetBIOS - ok
19:20:28.0227 4772 [ 09594D1089C523423B32A4229263F068 ] NetBT C:\windows\system32\DRIVERS\netbt.sys
19:20:28.0227 4772 NetBT - ok
19:20:28.0242 4772 [ C118A82CD78818C29AB228366EBF81C3 ] Netlogon C:\windows\system32\lsass.exe
19:20:28.0242 4772 Netlogon - ok
19:20:28.0273 4772 [ 847D3AE376C0817161A14A82C8922A9E ] Netman C:\windows\System32\netman.dll
19:20:28.0289 4772 Netman - ok
19:20:28.0320 4772 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetMsmqActivator C:\windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
19:20:28.0351 4772 NetMsmqActivator - ok
19:20:28.0383 4772 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetPipeActivator C:\windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
19:20:28.0383 4772 NetPipeActivator - ok
19:20:28.0461 4772 [ 5F28111C648F1E24F7DBC87CDEB091B8 ] netprofm C:\windows\System32\netprofm.dll
19:20:28.0476 4772 netprofm - ok
19:20:28.0507 4772 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetTcpActivator C:\windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
19:20:28.0507 4772 NetTcpActivator - ok
19:20:28.0507 4772 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetTcpPortSharing C:\windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
19:20:28.0523 4772 NetTcpPortSharing - ok
19:20:28.0554 4772 [ 77889813BE4D166CDAB78DDBA990DA92 ] nfrd960 C:\windows\system32\drivers\nfrd960.sys
19:20:28.0554 4772 nfrd960 - ok
19:20:28.0601 4772 [ 8AD77806D336673F270DB31645267293 ] NlaSvc C:\windows\System32\nlasvc.dll
19:20:28.0617 4772 NlaSvc - ok
19:20:28.0632 4772 [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7 ] Npfs C:\windows\system32\drivers\Npfs.sys
19:20:28.0632 4772 Npfs - ok
19:20:28.0648 4772 [ 076AC07BADC4B619B6335751A52AC4DF ] NPIDS C:\windows\system32\NpIdsVt64.sys
19:20:28.0648 4772 NPIDS - ok
19:20:28.0663 4772 nPStarterSVC - ok
19:20:28.0695 4772 [ D54BFDF3E0C953F823B3D0BFE4732528 ] nsi C:\windows\system32\nsisvc.dll
19:20:28.0710 4772 nsi - ok
19:20:28.0726 4772 [ E7F5AE18AF4168178A642A9247C63001 ] nsiproxy C:\windows\system32\drivers\nsiproxy.sys
19:20:28.0726 4772 nsiproxy - ok
19:20:28.0819 4772 [ E453ACF4E7D44E5530B5D5F2B9CA8563 ] Ntfs C:\windows\system32\drivers\Ntfs.sys
19:20:28.0851 4772 Ntfs - ok
19:20:28.0882 4772 [ 9899284589F75FA8724FF3D16AED75C1 ] Null C:\windows\system32\drivers\Null.sys
19:20:28.0882 4772 Null - ok
19:20:28.0897 4772 [ 0A92CB65770442ED0DC44834632F66AD ] nvraid C:\windows\system32\drivers\nvraid.sys
19:20:28.0897 4772 nvraid - ok
19:20:28.0929 4772 [ DAB0E87525C10052BF65F06152F37E4A ] nvstor C:\windows\system32\drivers\nvstor.sys
19:20:28.0929 4772 nvstor - ok
19:20:28.0960 4772 [ 270D7CD42D6E3979F6DD0146650F0E05 ] nv_agp C:\windows\system32\drivers\nv_agp.sys
19:20:28.0960 4772 nv_agp - ok
19:20:29.0069 4772 [ 84DE1DD996B48B05ACE31AD015FA108A ] odserv C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
19:20:29.0085 4772 odserv - ok
19:20:29.0116 4772 [ 3589478E4B22CE21B41FA1BFC0B8B8A0 ] ohci1394 C:\windows\system32\drivers\ohci1394.sys
19:20:29.0116 4772 ohci1394 - ok
19:20:29.0163 4772 [ 9D10F99A6712E28F8ACD5641E3A7EA6B ] ose C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
19:20:29.0163 4772 ose - ok
19:20:29.0209 4772 [ 3EAC4455472CC2C97107B5291E0DCAFE ] p2pimsvc C:\windows\system32\pnrpsvc.dll
19:20:29.0225 4772 p2pimsvc - ok
19:20:29.0272 4772 [ 927463ECB02179F88E4B9A17568C63C3 ] p2psvc C:\windows\system32\p2psvc.dll
19:20:29.0287 4772 p2psvc - ok
19:20:29.0381 4772 [ 0086431C29C35BE1DBC43F52CC273887 ] Parport C:\windows\system32\drivers\parport.sys
19:20:29.0381 4772 Parport - ok
19:20:29.0412 4772 [ E9766131EEADE40A27DC27D2D68FBA9C ] partmgr C:\windows\system32\drivers\partmgr.sys
19:20:29.0412 4772 partmgr - ok
19:20:29.0506 4772 [ 3AEAA8B561E63452C655DC0584922257 ] PcaSvc C:\windows\System32\pcasvc.dll
19:20:29.0521 4772 PcaSvc - ok
19:20:29.0646 4772 [ 94575C0571D1462A0F70BDE6BD6EE6B3 ] pci C:\windows\system32\drivers\pci.sys
19:20:29.0646 4772 pci - ok
19:20:29.0677 4772 [ B5B8B5EF2E5CB34DF8DCF8831E3534FA ] pciide C:\windows\system32\DRIVERS\pciide.sys
19:20:29.0677 4772 pciide - ok
19:20:29.0724 4772 [ B2E81D4E87CE48589F98CB8C05B01F2F ] pcmcia C:\windows\system32\drivers\pcmcia.sys
19:20:29.0724 4772 pcmcia - ok
19:20:29.0740 4772 [ D6B9C2E1A11A3A4B26A182FFEF18F603 ] pcw C:\windows\system32\drivers\pcw.sys
19:20:29.0740 4772 pcw - ok
19:20:29.0740 4772 [ 68769C3356B3BE5D1C732C97B9A80D6E ] PEAUTH C:\windows\system32\drivers\peauth.sys
19:20:29.0755 4772 PEAUTH - ok
19:20:29.0833 4772 [ E495E408C93141E8FC72DC0C6046DDFA ] PerfHost C:\windows\SysWow64\perfhost.exe
19:20:29.0833 4772 PerfHost - ok
19:20:29.0880 4772 [ 91111CEBBDE8015E822C46120ED9537C ] PGEffect C:\windows\system32\DRIVERS\pgeffect.sys
19:20:29.0880 4772 PGEffect - ok
19:20:29.0958 4772 [ C7CF6A6E137463219E1259E3F0F0DD6C ] pla C:\windows\system32\pla.dll
19:20:29.0974 4772 pla - ok
19:20:30.0021 4772 [ 25FBDEF06C4D92815B353F6E792C8129 ] PlugPlay C:\windows\system32\umpnpmgr.dll
19:20:30.0036 4772 PlugPlay - ok
19:20:30.0067 4772 [ 7195581CEC9BB7D12ABE54036ACC2E38 ] PNRPAutoReg C:\windows\system32\pnrpauto.dll
19:20:30.0067 4772 PNRPAutoReg - ok
19:20:30.0083 4772 [ 3EAC4455472CC2C97107B5291E0DCAFE ] PNRPsvc C:\windows\system32\pnrpsvc.dll
19:20:30.0083 4772 PNRPsvc - ok
19:20:30.0130 4772 [ 4F15D75ADF6156BF56ECED6D4A55C389 ] PolicyAgent C:\windows\System32\ipsecsvc.dll
19:20:30.0130 4772 PolicyAgent - ok
19:20:30.0177 4772 [ 6BA9D927DDED70BD1A9CADED45F8B184 ] Power C:\windows\system32\umpo.dll
19:20:30.0177 4772 Power - ok
19:20:30.0223 4772 [ F92A2C41117A11A00BE01CA01A7FCDE9 ] PptpMiniport C:\windows\system32\DRIVERS\raspptp.sys
19:20:30.0223 4772 PptpMiniport - ok
19:20:30.0239 4772 [ 0D922E23C041EFB1C3FAC2A6F943C9BF ] Processor C:\windows\system32\drivers\processr.sys
19:20:30.0239 4772 Processor - ok
19:20:30.0286 4772 [ 53E83F1F6CF9D62F32801CF66D8352A8 ] ProfSvc C:\windows\system32\profsvc.dll
19:20:30.0286 4772 ProfSvc - ok
19:20:30.0301 4772 [ C118A82CD78818C29AB228366EBF81C3 ] ProtectedStorage C:\windows\system32\lsass.exe
19:20:30.0301 4772 ProtectedStorage - ok
19:20:30.0333 4772 [ 0557CF5A2556BD58E26384169D72438D ] Psched C:\windows\system32\DRIVERS\pacer.sys
19:20:30.0333 4772 Psched - ok
19:20:30.0395 4772 [ C8FCB4899F8B70CC34E0D9876A80963C ] QIOMem C:\windows\system32\DRIVERS\QIOMem.sys
19:20:30.0395 4772 QIOMem - ok
19:20:30.0426 4772 [ A53A15A11EBFD21077463EE2C7AFEEF0 ] ql2300 C:\windows\system32\drivers\ql2300.sys
19:20:30.0457 4772 ql2300 - ok
19:20:30.0457 4772 [ 4F6D12B51DE1AAEFF7DC58C4D75423C8 ] ql40xx C:\windows\system32\drivers\ql40xx.sys
19:20:30.0473 4772 ql40xx - ok
19:20:30.0489 4772 [ 906191634E99AEA92C4816150BDA3732 ] QWAVE C:\windows\system32\qwave.dll
19:20:30.0504 4772 QWAVE - ok
19:20:30.0504 4772 [ 76707BB36430888D9CE9D705398ADB6C ] QWAVEdrv C:\windows\system32\drivers\qwavedrv.sys
19:20:30.0520 4772 QWAVEdrv - ok
19:20:30.0535 4772 [ 5A0DA8AD5762FA2D91678A8A01311704 ] RasAcd C:\windows\system32\DRIVERS\rasacd.sys
19:20:30.0535 4772 RasAcd - ok
19:20:30.0598 4772 [ 7ECFF9B22276B73F43A99A15A6094E90 ] RasAgileVpn C:\windows\system32\DRIVERS\AgileVpn.sys
19:20:30.0598 4772 RasAgileVpn - ok
19:20:30.0629 4772 [ 8F26510C5383B8DBE976DE1CD00FC8C7 ] RasAuto C:\windows\System32\rasauto.dll
19:20:30.0629 4772 RasAuto - ok
19:20:30.0660 4772 [ 471815800AE33E6F1C32FB1B97C490CA ] Rasl2tp C:\windows\system32\DRIVERS\rasl2tp.sys
19:20:30.0660 4772 Rasl2tp - ok
19:20:30.0676 4772 [ EE867A0870FC9E4972BA9EAAD35651E2 ] RasMan C:\windows\System32\rasmans.dll
19:20:30.0691 4772 RasMan - ok
19:20:30.0691 4772 [ 855C9B1CD4756C5E9A2AA58A15F58C25 ] RasPppoe C:\windows\system32\DRIVERS\raspppoe.sys
19:20:30.0691 4772 RasPppoe - ok
19:20:30.0691 4772 [ E8B1E447B008D07FF47D016C2B0EEECB ] RasSstp C:\windows\system32\DRIVERS\rassstp.sys
19:20:30.0691 4772 RasSstp - ok
19:20:30.0723 4772 [ 77F665941019A1594D887A74F301FA2F ] rdbss C:\windows\system32\DRIVERS\rdbss.sys
19:20:30.0723 4772 rdbss - ok
19:20:30.0738 4772 [ 302DA2A0539F2CF54D7C6CC30C1F2D8D ] rdpbus C:\windows\system32\drivers\rdpbus.sys
19:20:30.0738 4772 rdpbus - ok
19:20:30.0769 4772 [ CEA6CC257FC9B7715F1C2B4849286D24 ] RDPCDD C:\windows\system32\DRIVERS\RDPCDD.sys
19:20:30.0769 4772 RDPCDD - ok
19:20:30.0769 4772 [ BB5971A4F00659529A5C44831AF22365 ] RDPENCDD C:\windows\system32\drivers\rdpencdd.sys
19:20:30.0769 4772 RDPENCDD - ok
19:20:30.0801 4772 [ 216F3FA57533D98E1F74DED70113177A ] RDPREFMP C:\windows\system32\drivers\rdprefmp.sys
19:20:30.0801 4772 RDPREFMP - ok
19:20:30.0816 4772 [ E61608AA35E98999AF9AAEEEA6114B0A ] RDPWD C:\windows\system32\drivers\RDPWD.sys
19:20:30.0816 4772 RDPWD - ok
19:20:30.0879 4772 [ 34ED295FA0121C241BFEF24764FC4520 ] rdyboost C:\windows\system32\drivers\rdyboost.sys
19:20:30.0879 4772 rdyboost - ok
19:20:30.0910 4772 [ 254FB7A22D74E5511C73A3F6D802F192 ] RemoteAccess C:\windows\System32\mprdim.dll
19:20:30.0910 4772 RemoteAccess - ok
19:20:30.0941 4772 [ E4D94F24081440B5FC5AA556C7C62702 ] RemoteRegistry C:\windows\system32\regsvc.dll
19:20:30.0941 4772 RemoteRegistry - ok
19:20:30.0972 4772 [ E4DC58CF7B3EA515AE917FF0D402A7BB ] RpcEptMapper C:\windows\System32\RpcEpMap.dll
19:20:30.0972 4772 RpcEptMapper - ok
19:20:31.0003 4772 [ D5BA242D4CF8E384DB90E6A8ED850B8C ] RpcLocator C:\windows\system32\locator.exe
19:20:31.0003 4772 RpcLocator - ok
19:20:31.0035 4772 [ 5C627D1B1138676C0A7AB2C2C190D123 ] RpcSs C:\windows\System32\rpcss.dll
19:20:31.0050 4772 RpcSs - ok
19:20:31.0097 4772 [ DDC86E4F8E7456261E637E3552E804FF ] rspndr C:\windows\system32\DRIVERS\rspndr.sys
19:20:31.0097 4772 rspndr - ok
19:20:31.0144 4772 [ 135A64530D7699AD48F29D73A658DD11 ] RSUSBSTOR C:\windows\system32\Drivers\RtsUStor.sys
19:20:31.0144 4772 RSUSBSTOR - ok
19:20:31.0175 4772 [ E54A5586A28D0630A79A68BBAB84BFCF ] RSUSBVSTOR C:\windows\system32\Drivers\RTSUVSTOR.sys
19:20:31.0175 4772 RSUSBVSTOR - ok
19:20:31.0284 4772 [ 64FDF4FE366CA42DA2B7D9D424B6E39B ] RTL8192Ce C:\windows\system32\DRIVERS\rtl8192Ce.sys
19:20:31.0300 4772 RTL8192Ce - ok
19:20:31.0315 4772 [ C118A82CD78818C29AB228366EBF81C3 ] SamSs C:\windows\system32\lsass.exe
19:20:31.0315 4772 SamSs - ok
19:20:31.0378 4772 [ AC03AF3329579FFFB455AA2DAABBE22B ] sbp2port C:\windows\system32\drivers\sbp2port.sys
19:20:31.0378 4772 sbp2port - ok
19:20:31.0409 4772 [ 9B7395789E3791A3B6D000FE6F8B131E ] SCardSvr C:\windows\System32\SCardSvr.dll
19:20:31.0440 4772 SCardSvr - ok
19:20:31.0456 4772 [ 253F38D0D7074C02FF8DEB9836C97D2B ] scfilter C:\windows\system32\DRIVERS\scfilter.sys
19:20:31.0456 4772 scfilter - ok
19:20:31.0487 4772 [ 262F6592C3299C005FD6BEC90FC4463A ] Schedule C:\windows\system32\schedsvc.dll
19:20:31.0503 4772 Schedule - ok
19:20:31.0518 4772 [ F17D1D393BBC69C5322FBFAFACA28C7F ] SCPolicySvc C:\windows\System32\certprop.dll
19:20:31.0534 4772 SCPolicySvc - ok
19:20:31.0549 4772 [ 6EA4234DC55346E0709560FE7C2C1972 ] SDRSVC C:\windows\System32\SDRSVC.dll
19:20:31.0549 4772 SDRSVC - ok
19:20:31.0596 4772 [ 3EA8A16169C26AFBEB544E0E48421186 ] secdrv C:\windows\system32\drivers\secdrv.sys
19:20:31.0596 4772 secdrv - ok
19:20:31.0627 4772 [ BC617A4E1B4FA8DF523A061739A0BD87 ] seclogon C:\windows\system32\seclogon.dll
19:20:31.0627 4772 seclogon - ok
19:20:31.0643 4772 [ C32AB8FA018EF34C0F113BD501436D21 ] SENS C:\windows\system32\sens.dll
19:20:31.0659 4772 SENS - ok
19:20:31.0659 4772 [ 0336CFFAFAAB87A11541F1CF1594B2B2 ] SensrSvc C:\windows\system32\sensrsvc.dll
19:20:31.0674 4772 SensrSvc - ok
19:20:31.0721 4772 [ CB624C0035412AF0DEBEC78C41F5CA1B ] Serenum C:\windows\system32\drivers\serenum.sys
19:20:31.0721 4772 Serenum - ok
19:20:31.0737 4772 [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6 ] Serial C:\windows\system32\drivers\serial.sys
19:20:31.0737 4772 Serial - ok
19:20:31.0752 4772 [ 1C545A7D0691CC4A027396535691C3E3 ] sermouse C:\windows\system32\drivers\sermouse.sys
19:20:31.0768 4772 sermouse - ok
19:20:31.0799 4772 [ 0B6231BF38174A1628C4AC812CC75804 ] SessionEnv C:\windows\system32\sessenv.dll
19:20:31.0799 4772 SessionEnv - ok
19:20:31.0815 4772 [ A554811BCD09279536440C964AE35BBF ] sffdisk C:\windows\system32\drivers\sffdisk.sys
19:20:31.0815 4772 sffdisk - ok
19:20:31.0846 4772 [ FF414F0BAEFEBA59BC6C04B3DB0B87BF ] sffp_mmc C:\windows\system32\drivers\sffp_mmc.sys
19:20:31.0846 4772 sffp_mmc - ok
19:20:31.0861 4772 [ DD85B78243A19B59F0637DCF284DA63C ] sffp_sd C:\windows\system32\drivers\sffp_sd.sys
19:20:31.0861 4772 sffp_sd - ok
19:20:31.0877 4772 [ A9D601643A1647211A1EE2EC4E433FF4 ] sfloppy C:\windows\system32\drivers\sfloppy.sys
19:20:31.0893 4772 sfloppy - ok
19:20:31.0924 4772 [ B95F6501A2F8B2E78C697FEC401970CE ] SharedAccess C:\windows\System32\ipnathlp.dll
19:20:31.0924 4772 SharedAccess - ok
19:20:31.0955 4772 [ AAF932B4011D14052955D4B212A4DA8D ] ShellHWDetection C:\windows\System32\shsvcs.dll
19:20:31.0971 4772 ShellHWDetection - ok
19:20:31.0986 4772 [ 843CAF1E5FDE1FFD5FF768F23A51E2E1 ] SiSRaid2 C:\windows\system32\drivers\SiSRaid2.sys
19:20:31.0986 4772 SiSRaid2 - ok
19:20:32.0017 4772 [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4 ] SiSRaid4 C:\windows\system32\drivers\sisraid4.sys
19:20:32.0033 4772 SiSRaid4 - ok
19:20:32.0049 4772 [ F07AF60B152221472FBDB2FECEC4896D ] SkypeUpdate C:\Program Files (x86)\Skype\Updater\Updater.exe
19:20:32.0049 4772 SkypeUpdate - ok
19:20:32.0080 4772 [ 548260A7B8654E024DC30BF8A7C5BAA4 ] Smb C:\windows\system32\DRIVERS\smb.sys
19:20:32.0080 4772 Smb - ok
19:20:32.0142 4772 [ 6313F223E817CC09AA41811DAA7F541D ] SNMPTRAP C:\windows\System32\snmptrap.exe
19:20:32.0142 4772 SNMPTRAP - ok
19:20:32.0158 4772 [ B9E31E5CACDFE584F34F730A677803F9 ] spldr C:\windows\system32\drivers\spldr.sys
19:20:32.0173 4772 spldr - ok
19:20:32.0205 4772 [ 85DAA09A98C9286D4EA2BA8D0E644377 ] Spooler C:\windows\System32\spoolsv.exe
19:20:32.0220 4772 Spooler - ok
19:20:32.0329 4772 [ E17E0188BB90FAE42D83E98707EFA59C ] sppsvc C:\windows\system32\sppsvc.exe
19:20:32.0361 4772 sppsvc - ok
19:20:32.0376 4772 [ 93D7D61317F3D4BC4F4E9F8A96A7DE45 ] sppuinotify C:\windows\system32\sppuinotify.dll
19:20:32.0392 4772 sppuinotify - ok
19:20:32.0423 4772 [ 441FBA48BFF01FDB9D5969EBC1838F0B ] srv C:\windows\system32\DRIVERS\srv.sys
19:20:32.0439 4772 srv - ok
19:20:32.0454 4772 [ B4ADEBBF5E3677CCE9651E0F01F7CC28 ] srv2 C:\windows\system32\DRIVERS\srv2.sys
19:20:32.0454 4772 srv2 - ok
19:20:32.0501 4772 [ 0C4540311E11664B245A263E1154CEF8 ] SrvHsfHDA C:\windows\system32\DRIVERS\VSTAZL6.SYS
19:20:32.0517 4772 SrvHsfHDA - ok
19:20:32.0548 4772 [ 02071D207A9858FBE3A48CBFD59C4A04 ] SrvHsfV92 C:\windows\system32\DRIVERS\VSTDPV6.SYS
19:20:32.0595 4772 SrvHsfV92 - ok
19:20:32.0641 4772 [ 18E40C245DBFAF36FD0134A7EF2DF396 ] SrvHsfWinac C:\windows\system32\DRIVERS\VSTCNXT6.SYS
19:20:32.0641 4772 SrvHsfWinac - ok
19:20:32.0673 4772 [ 27E461F0BE5BFF5FC737328F749538C3 ] srvnet C:\windows\system32\DRIVERS\srvnet.sys
19:20:32.0673 4772 srvnet - ok
19:20:32.0704 4772 [ 51B52FBD583CDE8AA9BA62B8B4298F33 ] SSDPSRV C:\windows\System32\ssdpsrv.dll
19:20:32.0704 4772 SSDPSRV - ok
19:20:32.0704 4772 [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB ] SstpSvc C:\windows\system32\sstpsvc.dll
19:20:32.0719 4772 SstpSvc - ok
19:20:32.0735 4772 [ F3817967ED533D08327DC73BC4D5542A ] stexstor C:\windows\system32\drivers\stexstor.sys
19:20:32.0735 4772 stexstor - ok
19:20:32.0797 4772 [ 8DD52E8E6128F4B2DA92CE27402871C1 ] stisvc C:\windows\System32\wiaservc.dll
19:20:32.0829 4772 stisvc - ok
19:20:32.0860 4772 [ D01EC09B6711A5F8E7E6564A4D0FBC90 ] swenum C:\windows\system32\DRIVERS\swenum.sys
19:20:32.0860 4772 swenum - ok
19:20:32.0938 4772 [ F577910A133A592234EBAAD3F3AFA258 ] SwitchBoard C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
19:20:32.0953 4772 SwitchBoard - ok
19:20:33.0000 4772 [ E08E46FDD841B7184194011CA1955A0B ] swprv C:\windows\System32\swprv.dll
19:20:33.0000 4772 swprv - ok
19:20:33.0109 4772 [ F5B46DF59FEAA48A442AED7EEB754D4B ] SynTP C:\windows\system32\DRIVERS\SynTP.sys
19:20:33.0125 4772 SynTP - ok
19:20:33.0203 4772 [ BF9CCC0BF39B418C8D0AE8B05CF95B7D ] SysMain C:\windows\system32\sysmain.dll
19:20:33.0219 4772 SysMain - ok
19:20:33.0250 4772 [ E3C61FD7B7C2557E1F1B0B4CEC713585 ] TabletInputService C:\windows\System32\TabSvc.dll
19:20:33.0250 4772 TabletInputService - ok
19:20:33.0265 4772 [ 40F0849F65D13EE87B9A9AE3C1DD6823 ] TapiSrv C:\windows\System32\tapisrv.dll
19:20:33.0265 4772 TapiSrv - ok
19:20:33.0265 4772 [ 1BE03AC720F4D302EA01D40F588162F6 ] TBS C:\windows\System32\tbssvc.dll
19:20:33.0265 4772 TBS - ok
19:20:33.0359 4772 [ 37608401DFDB388CAF66917F6B2D6FB0 ] Tcpip C:\windows\system32\drivers\tcpip.sys
19:20:33.0390 4772 Tcpip - ok
19:20:33.0453 4772 [ 37608401DFDB388CAF66917F6B2D6FB0 ] TCPIP6 C:\windows\system32\DRIVERS\tcpip.sys
19:20:33.0468 4772 TCPIP6 - ok
19:20:33.0499 4772 [ 1B16D0BD9841794A6E0CDE0CEF744ABC ] tcpipreg C:\windows\system32\drivers\tcpipreg.sys
19:20:33.0499 4772 tcpipreg - ok
19:20:33.0531 4772 [ FD542B661BD22FA69CA789AD0AC58C29 ] tdcmdpst C:\windows\system32\DRIVERS\tdcmdpst.sys
19:20:33.0531 4772 tdcmdpst - ok
19:20:33.0562 4772 [ 3371D21011695B16333A3934340C4E7C ] TDPIPE C:\windows\system32\drivers\tdpipe.sys
19:20:33.0562 4772 TDPIPE - ok
19:20:33.0593 4772 [ 51C5ECEB1CDEE2468A1748BE550CFBC8 ] TDTCP C:\windows\system32\drivers\tdtcp.sys
19:20:33.0593 4772 TDTCP - ok
19:20:33.0609 4772 [ DDAD5A7AB24D8B65F8D724F5C20FD806 ] tdx C:\windows\system32\DRIVERS\tdx.sys
19:20:33.0609 4772 tdx - ok
19:20:33.0640 4772 [ 561E7E1F06895D78DE991E01DD0FB6E5 ] TermDD C:\windows\system32\DRIVERS\termdd.sys
19:20:33.0640 4772 TermDD - ok
19:20:33.0687 4772 [ 2E648163254233755035B46DD7B89123 ] TermService C:\windows\System32\termsrv.dll
19:20:33.0702 4772 TermService - ok
19:20:33.0718 4772 [ F0344071948D1A1FA732231785A0664C ] Themes C:\windows\system32\themeservice.dll
19:20:33.0718 4772 Themes - ok
19:20:33.0733 4772 [ E40E80D0304A73E8D269F7141D77250B ] THREADORDER C:\windows\system32\mmcss.dll
19:20:33.0733 4772 THREADORDER - ok
19:20:33.0811 4772 [ 83E91963C4452BE6899503CF9EBFD3ED ] TMachInfo C:\Program Files (x86)\TOSHIBA\TOSHIBA Service Station\TMachInfo.exe
19:20:33.0811 4772 TMachInfo - ok
19:20:33.0843 4772 [ 8E2C799D3476EAC32C3BA0DF7CE6AF19 ] TODDSrv C:\Windows\system32\TODDSrv.exe
19:20:33.0858 4772 TODDSrv - ok
19:20:33.0952 4772 [ CDC97FA5C42B07FB0D4600E17C32F582 ] TosCoSrv C:\Program Files\Toshiba\Power Saver\TosCoSrv.exe
19:20:33.0967 4772 TosCoSrv - ok
19:20:34.0014 4772 [ D0F868A67CB4D817A3F7ABEF8C42F49C ] TOSHIBA eco Utility Service C:\Program Files\TOSHIBA\TECO\TecoService.exe
19:20:34.0014 4772 TOSHIBA eco Utility Service - ok
19:20:34.0045 4772 [ EDB4B432DB13EA3D1EB2356310D33263 ] TOSHIBA HDD SSD Alert Service C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSmartSrv.exe
19:20:34.0061 4772 TOSHIBA HDD SSD Alert Service - ok
19:20:34.0108 4772 [ 09FF7B0B1B5C3D225495CB6F5A9B39F8 ] tos_sps64 C:\windows\system32\DRIVERS\tos_sps64.sys
19:20:34.0108 4772 tos_sps64 - ok
19:20:34.0155 4772 [ D65C6B0C070534336B72005391B6168A ] TPCHSrv C:\Program Files\TOSHIBA\TPHM\TPCHSrv.exe
19:20:34.0186 4772 TPCHSrv - ok
19:20:34.0217 4772 [ 7E7AFD841694F6AC397E99D75CEAD49D ] TrkWks C:\windows\System32\trkwks.dll
19:20:34.0217 4772 TrkWks - ok
19:20:34.0264 4772 [ 773212B2AAA24C1E31F10246B15B276C ] TrustedInstaller C:\windows\servicing\TrustedInstaller.exe
19:20:34.0264 4772 TrustedInstaller - ok
19:20:34.0279 4772 [ CE18B2CDFC837C99E5FAE9CA6CBA5D30 ] tssecsrv C:\windows\system32\DRIVERS\tssecsrv.sys
19:20:34.0295 4772 tssecsrv - ok
19:20:34.0326 4772 [ D11C783E3EF9A3C52C0EBE83CC5000E9 ] TsUsbFlt C:\windows\system32\drivers\tsusbflt.sys
19:20:34.0326 4772 TsUsbFlt - ok
19:20:34.0357 4772 [ 9CC2CCAE8A84820EAECB886D477CBCB8 ] TsUsbGD C:\windows\system32\drivers\TsUsbGD.sys
19:20:34.0357 4772 TsUsbGD - ok
19:20:34.0404 4772 [ 3566A8DAAFA27AF944F5D705EAA64894 ] tunnel C:\windows\system32\DRIVERS\tunnel.sys
19:20:34.0404 4772 tunnel - ok
19:20:34.0451 4772 [ 550B567F9364D8F7684C3FB3EA665A72 ] TVALZ C:\windows\system32\DRIVERS\TVALZ_O.SYS
19:20:34.0467 4772 TVALZ - ok
19:20:34.0498 4772 [ 9C7191F4B2E49BFF47A6C1144B5923FA ] TVALZFL C:\windows\system32\DRIVERS\TVALZFL.sys
19:20:34.0498 4772 TVALZFL - ok
19:20:34.0513 4772 [ B4DD609BD7E282BFC683CEC7EAAAAD67 ] uagp35 C:\windows\system32\drivers\uagp35.sys
19:20:34.0513 4772 uagp35 - ok
19:20:34.0545 4772 [ FF4232A1A64012BAA1FD97C7B67DF593 ] udfs C:\windows\system32\DRIVERS\udfs.sys
19:20:34.0560 4772 udfs - ok
19:20:34.0591 4772 [ 3CBDEC8D06B9968ABA702EBA076364A1 ] UI0Detect C:\windows\system32\UI0Detect.exe
19:20:34.0591 4772 UI0Detect - ok
19:20:34.0623 4772 [ 4BFE1BC28391222894CBF1E7D0E42320 ] uliagpkx C:\windows\system32\drivers\uliagpkx.sys
19:20:34.0623 4772 uliagpkx - ok
19:20:34.0638 4772 [ DC54A574663A895C8763AF0FA1FF7561 ] umbus C:\windows\system32\DRIVERS\umbus.sys
19:20:34.0654 4772 umbus - ok
19:20:34.0685 4772 [ B2E8E8CB557B156DA5493BBDDCC1474D ] UmPass C:\windows\system32\drivers\umpass.sys
19:20:34.0685 4772 UmPass - ok
19:20:34.0841 4772 [ 7E5E1603D0FF2D240AE70295C5C3FEFC ] UNS C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe
19:20:34.0857 4772 UNS - ok
19:20:34.0888 4772 [ D47EC6A8E81633DD18D2436B19BAF6DE ] upnphost C:\windows\System32\upnphost.dll
19:20:34.0903 4772 upnphost - ok
19:20:34.0919 4772 [ 6F1A3157A1C89435352CEB543CDB359C ] usbccgp C:\windows\system32\DRIVERS\usbccgp.sys
19:20:34.0919 4772 usbccgp - ok
19:20:34.0966 4772 [ AF0892A803FDDA7492F595368E3B68E7 ] usbcir C:\windows\system32\drivers\usbcir.sys
19:20:35.0044 4772 usbcir - ok
19:20:35.0075 4772 [ C025055FE7B87701EB042095DF1A2D7B ] usbehci C:\windows\system32\drivers\usbehci.sys
19:20:35.0075 4772 usbehci - ok
19:20:35.0137 4772 [ 287C6C9410B111B68B52CA298F7B8C24 ] usbhub C:\windows\system32\DRIVERS\usbhub.sys
19:20:35.0153 4772 usbhub - ok
19:20:35.0200 4772 [ 9840FC418B4CBD632D3D0A667A725C31 ] usbohci C:\windows\system32\drivers\usbohci.sys
19:20:35.0200 4772 usbohci - ok
19:20:35.0215 4772 [ 73188F58FB384E75C4063D29413CEE3D ] usbprint C:\windows\system32\drivers\usbprint.sys
19:20:35.0231 4772 usbprint - ok
19:20:35.0247 4772 [ FED648B01349A3C8395A5169DB5FB7D6 ] USBSTOR C:\windows\system32\DRIVERS\USBSTOR.SYS
19:20:35.0247 4772 USBSTOR - ok
19:20:35.0278 4772 [ 62069A34518BCF9C1FD9E74B3F6DB7CD ] usbuhci C:\windows\system32\drivers\usbuhci.sys
19:20:35.0278 4772 usbuhci - ok
19:20:35.0309 4772 [ 454800C2BC7F3927CE030141EE4F4C50 ] usbvideo C:\windows\system32\Drivers\usbvideo.sys
19:20:35.0309 4772 usbvideo - ok
19:20:35.0340 4772 [ EDBB23CBCF2CDF727D64FF9B51A6070E ] UxSms C:\windows\System32\uxsms.dll
19:20:35.0356 4772 UxSms - ok
19:20:35.0371 4772 [ C118A82CD78818C29AB228366EBF81C3 ] VaultSvc C:\windows\system32\lsass.exe
19:20:35.0387 4772 VaultSvc - ok
19:20:35.0418 4772 [ C5C876CCFC083FF3B128F933823E87BD ] vdrvroot C:\windows\system32\drivers\vdrvroot.sys
19:20:35.0434 4772 vdrvroot - ok
19:20:35.0465 4772 [ 8D6B481601D01A456E75C3210F1830BE ] vds C:\windows\System32\vds.exe
19:20:35.0465 4772 vds - ok
19:20:35.0512 4772 [ DA4DA3F5E02943C2DC8C6ED875DE68DD ] vga C:\windows\system32\DRIVERS\vgapnp.sys
19:20:35.0512 4772 vga - ok
19:20:35.0527 4772 [ 53E92A310193CB3C03BEA963DE7D9CFC ] VgaSave C:\windows\System32\drivers\vga.sys
19:20:35.0527 4772 VgaSave - ok
19:20:35.0543 4772 [ 2CE2DF28C83AEAF30084E1B1EB253CBB ] vhdmp C:\windows\system32\drivers\vhdmp.sys
19:20:35.0559 4772 vhdmp - ok
19:20:35.0559 4772 [ E5689D93FFE4E5D66C0178761240DD54 ] viaide C:\windows\system32\drivers\viaide.sys
19:20:35.0559 4772 viaide - ok
19:20:35.0574 4772 [ D2AAFD421940F640B407AEFAAEBD91B0 ] volmgr C:\windows\system32\drivers\volmgr.sys
19:20:35.0574 4772 volmgr - ok
19:20:35.0590 4772 [ A255814907C89BE58B79EF2F189B843B ] volmgrx C:\windows\system32\drivers\volmgrx.sys
19:20:35.0590 4772 volmgrx - ok
19:20:35.0605 4772 [ 0D08D2F3B3FF84E433346669B5E0F639 ] volsnap C:\windows\system32\drivers\volsnap.sys
19:20:35.0621 4772 volsnap - ok
19:20:35.0637 4772 [ 5E2016EA6EBACA03C04FEAC5F330D997 ] vsmraid C:\windows\system32\drivers\vsmraid.sys
19:20:35.0637 4772 vsmraid - ok
19:20:35.0699 4772 [ B60BA0BC31B0CB414593E169F6F21CC2 ] VSS C:\windows\system32\vssvc.exe
19:20:35.0715 4772 VSS - ok
19:20:35.0746 4772 [ 36D4720B72B5C5D9CB2B9C29E9DF67A1 ] vwifibus C:\windows\system32\DRIVERS\vwifibus.sys
19:20:35.0746 4772 vwifibus - ok
19:20:35.0761 4772 [ 6A3D66263414FF0D6FA754C646612F3F ] vwififlt C:\windows\system32\DRIVERS\vwififlt.sys
19:20:35.0761 4772 vwififlt - ok
19:20:35.0793 4772 [ 1C9D80CC3849B3788048078C26486E1A ] W32Time C:\windows\system32\w32time.dll
19:20:35.0793 4772 W32Time - ok
19:20:35.0824 4772 [ 4E9440F4F152A7B944CB1663D3935A3E ] WacomPen C:\windows\system32\drivers\wacompen.sys
19:20:35.0824 4772 WacomPen - ok
19:20:35.0855 4772 [ 356AFD78A6ED4457169241AC3965230C ] WANARP C:\windows\system32\DRIVERS\wanarp.sys
19:20:35.0871 4772 WANARP - ok
19:20:35.0871 4772 [ 356AFD78A6ED4457169241AC3965230C ] Wanarpv6 C:\windows\system32\DRIVERS\wanarp.sys
19:20:35.0871 4772 Wanarpv6 - ok
19:20:35.0949 4772 [ 3CEC96DE223E49EAAE3651FCF8FAEA6C ] WatAdminSvc C:\windows\system32\Wat\WatAdminSvc.exe
19:20:35.0964 4772 WatAdminSvc - ok
19:20:36.0011 4772 [ 78F4E7F5C56CB9716238EB57DA4B6A75 ] wbengine C:\windows\system32\wbengine.exe
19:20:36.0042 4772 wbengine - ok
19:20:36.0042 4772 [ 3AA101E8EDAB2DB4131333F4325C76A3 ] WbioSrvc C:\windows\System32\wbiosrvc.dll
19:20:36.0058 4772 WbioSrvc - ok
19:20:36.0058 4772 [ 7368A2AFD46E5A4481D1DE9D14848EDD ] wcncsvc C:\windows\System32\wcncsvc.dll
19:20:36.0073 4772 wcncsvc - ok
19:20:36.0073 4772 [ 20F7441334B18CEE52027661DF4A6129 ] WcsPlugInService C:\windows\System32\WcsPlugInService.dll
19:20:36.0089 4772 WcsPlugInService - ok
19:20:36.0105 4772 [ 72889E16FF12BA0F235467D6091B17DC ] Wd C:\windows\system32\drivers\wd.sys
19:20:36.0105 4772 Wd - ok
19:20:36.0151 4772 [ 442783E2CB0DA19873B7A63833FF4CB4 ] Wdf01000 C:\windows\system32\drivers\Wdf01000.sys
19:20:36.0167 4772 Wdf01000 - ok
19:20:36.0198 4772 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiServiceHost C:\windows\system32\wdi.dll
19:20:36.0198 4772 WdiServiceHost - ok
19:20:36.0198 4772 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiSystemHost C:\windows\system32\wdi.dll
19:20:36.0214 4772 WdiSystemHost - ok
19:20:36.0214 4772 [ 3DB6D04E1C64272F8B14EB8BC4616280 ] WebClient C:\windows\System32\webclnt.dll
19:20:36.0229 4772 WebClient - ok
19:20:36.0229 4772 [ C749025A679C5103E575E3B48E092C43 ] Wecsvc C:\windows\system32\wecsvc.dll
19:20:36.0245 4772 Wecsvc - ok
19:20:36.0261 4772 [ 7E591867422DC788B9E5BD337A669A08 ] wercplsupport C:\windows\System32\wercplsupport.dll
19:20:36.0276 4772 wercplsupport - ok
19:20:36.0276 4772 [ 6D137963730144698CBD10F202E9F251 ] WerSvc C:\windows\System32\WerSvc.dll
19:20:36.0292 4772 WerSvc - ok
19:20:36.0323 4772 [ 611B23304BF067451A9FDEE01FBDD725 ] WfpLwf C:\windows\system32\DRIVERS\wfplwf.sys
19:20:36.0323 4772 WfpLwf - ok
19:20:36.0339 4772 [ 05ECAEC3E4529A7153B3136CEB49F0EC ] WIMMount C:\windows\system32\drivers\wimmount.sys
19:20:36.0339 4772 WIMMount - ok
19:20:36.0354 4772 WinDefend - ok
19:20:36.0385 4772 WinHttpAutoProxySvc - ok
19:20:36.0448 4772 [ 19B07E7E8915D701225DA41CB3877306 ] Winmgmt C:\windows\system32\wbem\WMIsvc.dll
19:20:36.0448 4772 Winmgmt - ok
19:20:36.0526 4772 [ BCB1310604AA415C4508708975B3931E ] WinRM C:\windows\system32\WsmSvc.dll
19:20:36.0573 4772 WinRM - ok
19:20:36.0635 4772 [ 4FADA86E62F18A1B2F42BA18AE24E6AA ] Wlansvc C:\windows\System32\wlansvc.dll
19:20:36.0635 4772 Wlansvc - ok
19:20:36.0697 4772 [ 06C8FA1CF39DE6A735B54D906BA791C6 ] wlcrasvc C:\Program Files\Windows Live\Mesh\wlcrasvc.exe
19:20:36.0697 4772 wlcrasvc - ok
19:20:36.0838 4772 [ 7E47C328FC4768CB8BEAFBCFAFA70362 ] wlidsvc C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
19:20:36.0853 4772 wlidsvc - ok
19:20:36.0885 4772 [ F6FF8944478594D0E414D3F048F0D778 ] WmiAcpi C:\windows\system32\DRIVERS\wmiacpi.sys
19:20:36.0885 4772 WmiAcpi - ok
19:20:36.0931 4772 [ 38B84C94C5A8AF291ADFEA478AE54F93 ] wmiApSrv C:\windows\system32\wbem\WmiApSrv.exe
19:20:36.0931 4772 wmiApSrv - ok
19:20:36.0978 4772 WMPNetworkSvc - ok
19:20:36.0994 4772 [ 96C6E7100D724C69FCF9E7BF590D1DCA ] WPCSvc C:\windows\System32\wpcsvc.dll
19:20:37.0009 4772 WPCSvc - ok
19:20:37.0056 4772 [ 93221146D4EBBF314C29B23CD6CC391D ] WPDBusEnum C:\windows\system32\wpdbusenum.dll
19:20:37.0056 4772 WPDBusEnum - ok
19:20:37.0087 4772 [ 6BCC1D7D2FD2453957C5479A32364E52 ] ws2ifsl C:\windows\system32\drivers\ws2ifsl.sys
19:20:37.0087 4772 ws2ifsl - ok
19:20:37.0103 4772 [ E8B1FE6669397D1772D8196DF0E57A9E ] wscsvc C:\windows\system32\wscsvc.dll
19:20:37.0103 4772 wscsvc - ok
19:20:37.0119 4772 WSearch - ok
19:20:37.0197 4772 [ D9EF901DCA379CFE914E9FA13B73B4C4 ] wuauserv C:\windows\system32\wuaueng.dll
19:20:37.0212 4772 wuauserv - ok
19:20:37.0243 4772 [ AB886378EEB55C6C75B4F2D14B6C869F ] WudfPf C:\windows\system32\drivers\WudfPf.sys
19:20:37.0243 4772 WudfPf - ok
19:20:37.0275 4772 [ DDA4CAF29D8C0A297F886BFE561E6659 ] WUDFRd C:\windows\system32\DRIVERS\WUDFRd.sys
19:20:37.0275 4772 WUDFRd - ok
19:20:37.0290 4772 [ B20F051B03A966392364C83F009F7D17 ] wudfsvc C:\windows\System32\WUDFSvc.dll
19:20:37.0306 4772 wudfsvc - ok
19:20:37.0321 4772 [ 9A3452B3C2A46C073166C5CF49FAD1AE ] WwanSvc C:\windows\System32\wwansvc.dll
19:20:37.0337 4772 WwanSvc - ok
19:20:37.0353 4772 ================ Scan global ===============================
19:20:37.0384 4772 [ BA0CD8C393E8C9F83354106093832C7B ] C:\windows\system32\basesrv.dll
19:20:37.0399 4772 [ 72CC564BBC70DE268784BCE91EB8A28F ] C:\windows\system32\winsrv.dll
19:20:37.0415 4772 [ 72CC564BBC70DE268784BCE91EB8A28F ] C:\windows\system32\winsrv.dll
19:20:37.0446 4772 [ D6160F9D869BA3AF0B787F971DB56368 ] C:\windows\system32\sxssrv.dll
19:20:37.0477 4772 [ 24ACB7E5BE595468E3B9AA488B9B4FCB ] C:\windows\system32\services.exe
19:20:37.0493 4772 [Global] - ok
19:20:37.0493 4772 ================ Scan MBR ==================================
19:20:37.0493 4772 [ 5B5E648D12FCADC244C1EC30318E1EB9 ] \Device\Harddisk0\DR0
19:20:37.0696 4772 \Device\Harddisk0\DR0 - ok
19:20:37.0711 4772 [ 02B16308CB06354BA294F07FA8368311 ] \Device\Harddisk1\DR1
19:20:37.0743 4772 \Device\Harddisk1\DR1 - ok
19:20:37.0743 4772 ================ Scan VBR ==================================
19:20:37.0743 4772 [ 1A55ECBE2EF78B496B3FC2E68F957F9B ] \Device\Harddisk0\DR0\Partition1
19:20:37.0758 4772 \Device\Harddisk0\DR0\Partition1 - ok
19:20:37.0774 4772 [ 67BA839F8DB66D0E0A86FB8903223584 ] \Device\Harddisk0\DR0\Partition2
19:20:37.0774 4772 \Device\Harddisk0\DR0\Partition2 - ok
19:20:37.0774 4772 ================ Scan active images ========================
19:20:37.0774 4772 [ 3E588B60EC061686BA05D33574A344C6 ] C:\Windows\System32\drivers\crashdmp.sys
19:20:37.0774 4772 C:\Windows\System32\drivers\crashdmp.sys - ok
19:20:37.0789 4772 [ F036CE71586E93D94DAB220D7BDF4416 ] C:\Windows\System32\drivers\cdrom.sys
19:20:37.0789 4772 C:\Windows\System32\drivers\cdrom.sys - ok
19:20:37.0789 4772 [ F06E230E1E8CA9437A6474B7B551CD37 ] C:\Windows\System32\drivers\aswSnx.sys
19:20:37.0789 4772 C:\Windows\System32\drivers\aswSnx.sys - ok
19:20:37.0789 4772 [ 16A47CE2DECC9B099349A5F840654746 ] C:\Windows\System32\drivers\beep.sys
19:20:37.0789 4772 C:\Windows\System32\drivers\beep.sys - ok
19:20:37.0805 4772 [ 9899284589F75FA8724FF3D16AED75C1 ] C:\Windows\System32\drivers\null.sys
19:20:37.0805 4772 C:\Windows\System32\drivers\null.sys - ok
19:20:37.0805 4772 [ CEA6CC257FC9B7715F1C2B4849286D24 ] C:\Windows\System32\drivers\RDPCDD.sys
19:20:37.0805 4772 C:\Windows\System32\drivers\RDPCDD.sys - ok
19:20:37.0805 4772 [ BB5971A4F00659529A5C44831AF22365 ] C:\Windows\System32\drivers\RDPENCDD.sys
19:20:37.0805 4772 C:\Windows\System32\drivers\RDPENCDD.sys - ok
19:20:37.0821 4772 [ 53E92A310193CB3C03BEA963DE7D9CFC ] C:\Windows\System32\drivers\vga.sys
19:20:37.0821 4772 C:\Windows\System32\drivers\vga.sys - ok
19:20:37.0821 4772 [ E7353D59C9842BC7299FAEB7E7E09340 ] C:\Windows\System32\drivers\videoprt.sys
19:20:37.0821 4772 C:\Windows\System32\drivers\videoprt.sys - ok
19:20:37.0821 4772 [ FC438D1430B28618E2D0C7C332A710AD ] C:\Windows\System32\drivers\watchdog.sys
19:20:37.0821 4772 C:\Windows\System32\drivers\watchdog.sys - ok
19:20:37.0836 4772 [ 87DE3E31CB0091D22351349869324065 ] C:\Windows\System32\drivers\aswTdi.sys
19:20:37.0836 4772 C:\Windows\System32\drivers\aswTdi.sys - ok
19:20:37.0836 4772 [ AA3FB40E17CE1388FA1BEDAB50EA8F96 ] C:\Windows\System32\drivers\msfs.sys
19:20:37.0836 4772 C:\Windows\System32\drivers\msfs.sys - ok
19:20:37.0836 4772 [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7 ] C:\Windows\System32\drivers\npfs.sys
19:20:37.0836 4772 C:\Windows\System32\drivers\npfs.sys - ok
19:20:37.0852 4772 [ 216F3FA57533D98E1F74DED70113177A ] C:\Windows\System32\drivers\RDPREFMP.sys
19:20:37.0852 4772 C:\Windows\System32\drivers\RDPREFMP.sys - ok
19:20:37.0852 4772 [ 6F020A220388ECA0AB6062DC27BD16B6 ] C:\Windows\System32\drivers\tdi.sys
19:20:37.0852 4772 C:\Windows\System32\drivers\tdi.sys - ok
19:20:37.0852 4772 [ DDAD5A7AB24D8B65F8D724F5C20FD806 ] C:\Windows\System32\drivers\tdx.sys
19:20:37.0852 4772 C:\Windows\System32\drivers\tdx.sys - ok
19:20:37.0867 4772 [ 1C7857B62DE5994A75B054A9FD4C3825 ] C:\Windows\System32\drivers\afd.sys
19:20:37.0867 4772 C:\Windows\System32\drivers\afd.sys - ok
19:20:37.0867 4772 [ AA92BC4BCBA40CA3AA3FFD1BE24F0C09 ] C:\Windows\System32\drivers\aswRdr2.sys
19:20:37.0867 4772 C:\Windows\System32\drivers\aswRdr2.sys - ok
19:20:37.0867 4772 [ 09594D1089C523423B32A4229263F068 ] C:\Windows\System32\drivers\netbt.sys
19:20:37.0867 4772 C:\Windows\System32\drivers\netbt.sys - ok
19:20:37.0867 4772 [ 0557CF5A2556BD58E26384169D72438D ] C:\Windows\System32\drivers\pacer.sys
19:20:37.0867 4772 C:\Windows\System32\drivers\pacer.sys - ok
19:20:37.0883 4772 [ 6A3D66263414FF0D6FA754C646612F3F ] C:\Windows\System32\drivers\vwififlt.sys
19:20:37.0883 4772 C:\Windows\System32\drivers\vwififlt.sys - ok
19:20:37.0883 4772 [ 611B23304BF067451A9FDEE01FBDD725 ] C:\Windows\System32\drivers\wfplwf.sys
19:20:37.0883 4772 C:\Windows\System32\drivers\wfplwf.sys - ok
19:20:37.0883 4772 [ 6BCC1D7D2FD2453957C5479A32364E52 ] C:\Windows\System32\drivers\ws2ifsl.sys
19:20:37.0883 4772 C:\Windows\System32\drivers\ws2ifsl.sys - ok
19:20:37.0899 4772 [ 86743D9F5D2B1048062B14B1D84501C4 ] C:\Windows\System32\drivers\netbios.sys
19:20:37.0899 4772 C:\Windows\System32\drivers\netbios.sys - ok
19:20:37.0899 4772 [ E7F5AE18AF4168178A642A9247C63001 ] C:\Windows\System32\drivers\nsiproxy.sys
19:20:37.0899 4772 C:\Windows\System32\drivers\nsiproxy.sys - ok
19:20:37.0899 4772 [ 77F665941019A1594D887A74F301FA2F ] C:\Windows\System32\drivers\rdbss.sys
19:20:37.0899 4772 C:\Windows\System32\drivers\rdbss.sys - ok
19:20:37.0914 4772 [ 561E7E1F06895D78DE991E01DD0FB6E5 ] C:\Windows\System32\drivers\termdd.sys
19:20:37.0914 4772 C:\Windows\System32\drivers\termdd.sys - ok
19:20:37.0914 4772 [ 356AFD78A6ED4457169241AC3965230C ] C:\Windows\System32\drivers\wanarp.sys
19:20:37.0914 4772 C:\Windows\System32\drivers\wanarp.sys - ok
19:20:37.0914 4772 [ 3610CA74A69E380424F0452DEC5C1317 ] C:\Windows\System32\drivers\aswSP.sys
19:20:37.0914 4772 C:\Windows\System32\drivers\aswSP.sys - ok
19:20:37.0930 4772 [ 61583EE3C3A17003C4ACD0475646B4D3 ] C:\Windows\System32\drivers\blbdrive.sys
19:20:37.0930 4772 C:\Windows\System32\drivers\blbdrive.sys - ok
19:20:37.0930 4772 [ 9BB2EF44EAA163B29C4A4587887A0FE4 ] C:\Windows\System32\drivers\dfsc.sys
19:20:37.0930 4772 C:\Windows\System32\drivers\dfsc.sys - ok
19:20:37.0930 4772 [ 13096B05847EC78F0977F2C0F79E9AB3 ] C:\Windows\System32\drivers\discache.sys
19:20:37.0930 4772 C:\Windows\System32\drivers\discache.sys - ok
19:20:37.0945 4772 [ 0EED230E37515A0EAEE3C2E1BC97B288 ] C:\Windows\System32\drivers\mssmbios.sys
19:20:37.0945 4772 C:\Windows\System32\drivers\mssmbios.sys - ok
19:20:37.0945 4772 [ 3566A8DAAFA27AF944F5D705EAA64894 ] C:\Windows\System32\drivers\tunnel.sys
19:20:37.0945 4772 C:\Windows\System32\drivers\tunnel.sys - ok
19:20:37.0945 4772 [ CF95B85FF8D128385ABD411C8CA74DED ] C:\Windows\System32\ntdll.dll
19:20:37.0945 4772 C:\Windows\System32\ntdll.dll - ok
19:20:37.0961 4772 [ 1911A3356FA3F77CCC825CCBAC038C2A ] C:\Windows\System32\smss.exe
19:20:37.0961 4772 C:\Windows\System32\smss.exe - ok
19:20:37.0961 4772 [ 370C2A8629B30F910F740387795DDC6F ] C:\Windows\System32\drivers\igdkmd64.sys
19:20:37.0961 4772 C:\Windows\System32\drivers\igdkmd64.sys - ok
19:20:37.0961 4772 [ F5BEE30450E18E6B83A5012C100616FD ] C:\Windows\System32\drivers\dxgkrnl.sys
19:20:37.0961 4772 C:\Windows\System32\drivers\dxgkrnl.sys - ok
19:20:37.0961 4772 [ 9CD68BDDF322535C02ADC8331013D13D ] C:\Windows\System32\drivers\dxgmms1.sys
19:20:37.0961 4772 C:\Windows\System32\drivers\dxgmms1.sys - ok
19:20:37.0977 4772 [ A6518DCC42F7A6E999BB3BEA8FD87567 ] C:\Windows\System32\drivers\HECIx64.sys
19:20:37.0977 4772 C:\Windows\System32\drivers\HECIx64.sys - ok
19:20:37.0977 4772 [ 97BFED39B6B79EB12CDDBFEED51F56BB ] C:\Windows\System32\drivers\hdaudbus.sys
19:20:37.0977 4772 C:\Windows\System32\drivers\hdaudbus.sys - ok
19:20:37.0977 4772 [ C025055FE7B87701EB042095DF1A2D7B ] C:\Windows\System32\drivers\usbehci.sys
19:20:37.0977 4772 C:\Windows\System32\drivers\usbehci.sys - ok
19:20:37.0977 4772 [ AE259C75F9A0B057B6BF9E9695632B09 ] C:\Windows\System32\drivers\usbport.sys
19:20:37.0977 4772 C:\Windows\System32\drivers\usbport.sys - ok
19:20:37.0992 4772 [ EBED8B3FF4A823C1A6EEBEED7B29353F ] C:\Windows\System32\drivers\L1C62x64.sys
19:20:37.0992 4772 C:\Windows\System32\drivers\L1C62x64.sys - ok
19:20:37.0992 4772 [ 64FDF4FE366CA42DA2B7D9D424B6E39B ] C:\Windows\System32\drivers\rtl8192ce.sys
19:20:37.0992 4772 C:\Windows\System32\drivers\rtl8192ce.sys - ok
19:20:37.0992 4772 [ 36D4720B72B5C5D9CB2B9C29E9DF67A1 ] C:\Windows\System32\drivers\vwifibus.sys
19:20:37.0992 4772 C:\Windows\System32\drivers\vwifibus.sys - ok
19:20:38.0008 4772 [ FA55C73D4AFFA7EE23AC4BE53B4592D3 ] C:\Windows\System32\drivers\i8042prt.sys
19:20:38.0008 4772 C:\Windows\System32\drivers\i8042prt.sys - ok
19:20:38.0008 4772 [ BC02336F1CBA7DCC7D1213BB588A68A5 ] C:\Windows\System32\drivers\kbdclass.sys
19:20:38.0008 4772 C:\Windows\System32\drivers\kbdclass.sys - ok
19:20:38.0008 4772 [ CCA2AB1752A61F29C3C941CD79D78CEA ] C:\Windows\System32\drivers\usbd.sys
19:20:38.0008 4772 C:\Windows\System32\drivers\usbd.sys - ok
19:20:38.0008 4772 [ 7D27EA49F3C1F687D357E77A470AEA99 ] C:\Windows\System32\drivers\mouclass.sys
19:20:38.0008 4772 C:\Windows\System32\drivers\mouclass.sys - ok
19:20:38.0023 4772 [ F5B46DF59FEAA48A442AED7EEB754D4B ] C:\Windows\System32\drivers\SynTP.sys
19:20:38.0023 4772 C:\Windows\System32\drivers\SynTP.sys - ok
19:20:38.0023 4772 [ 0840155D0BDDF1190F84A663C284BD33 ] C:\Windows\System32\drivers\CmBatt.sys
19:20:38.0023 4772 C:\Windows\System32\drivers\CmBatt.sys - ok
19:20:38.0023 4772 [ 03EDB043586CCEBA243D689BDDA370A8 ] C:\Windows\System32\drivers\CompositeBus.sys
19:20:38.0023 4772 C:\Windows\System32\drivers\CompositeBus.sys - ok
19:20:38.0039 4772 [ ADA036632C664CAA754079041CF1F8C1 ] C:\Windows\System32\drivers\intelppm.sys
19:20:38.0039 4772 C:\Windows\System32\drivers\intelppm.sys - ok
19:20:38.0039 4772 [ C8FCB4899F8B70CC34E0D9876A80963C ] C:\Windows\System32\drivers\QIOMem.sys
19:20:38.0039 4772 C:\Windows\System32\drivers\QIOMem.sys - ok
19:20:38.0039 4772 [ FD542B661BD22FA69CA789AD0AC58C29 ] C:\Windows\System32\drivers\tdcmdpst.sys
19:20:38.0039 4772 C:\Windows\System32\drivers\tdcmdpst.sys - ok
19:20:38.0039 4772 [ 9C7191F4B2E49BFF47A6C1144B5923FA ] C:\Windows\System32\drivers\TVALZFL.sys
19:20:38.0039 4772 C:\Windows\System32\drivers\TVALZFL.sys - ok
19:20:38.0055 4772 [ F6FF8944478594D0E414D3F048F0D778 ] C:\Windows\System32\drivers\wmiacpi.sys
19:20:38.0055 4772 C:\Windows\System32\drivers\wmiacpi.sys - ok
19:20:38.0055 4772 [ 7ECFF9B22276B73F43A99A15A6094E90 ] C:\Windows\System32\drivers\agilevpn.sys
19:20:38.0055 4772 C:\Windows\System32\drivers\agilevpn.sys - ok
19:20:38.0055 4772 [ 30639C932D9FEF22B31268FE25A1B6E5 ] C:\Windows\System32\drivers\ndistapi.sys
19:20:38.0055 4772 C:\Windows\System32\drivers\ndistapi.sys - ok
19:20:38.0070 4772 [ 53F7305169863F0A2BDDC49E116C2E11 ] C:\Windows\System32\drivers\ndiswan.sys
19:20:38.0070 4772 C:\Windows\System32\drivers\ndiswan.sys - ok
19:20:38.0070 4772 [ 471815800AE33E6F1C32FB1B97C490CA ] C:\Windows\System32\drivers\rasl2tp.sys
19:20:38.0070 4772 C:\Windows\System32\drivers\rasl2tp.sys - ok
19:20:38.0070 4772 [ 855C9B1CD4756C5E9A2AA58A15F58C25 ] C:\Windows\System32\drivers\raspppoe.sys
19:20:38.0070 4772 C:\Windows\System32\drivers\raspppoe.sys - ok
19:20:38.0086 4772 [ F92A2C41117A11A00BE01CA01A7FCDE9 ] C:\Windows\System32\drivers\raspptp.sys
19:20:38.0086 4772 C:\Windows\System32\drivers\raspptp.sys - ok
19:20:38.0086 4772 [ E8B1E447B008D07FF47D016C2B0EEECB ] C:\Windows\System32\drivers\rassstp.sys
19:20:38.0086 4772 C:\Windows\System32\drivers\rassstp.sys - ok
19:20:38.0086 4772 [ 24FBF5CC5C04150073C315A7C83521EE ] C:\Windows\System32\drivers\ks.sys
19:20:38.0086 4772 C:\Windows\System32\drivers\ks.sys - ok
19:20:38.0101 4772 [ 79D51E7F5926E8CE1B3EBECEBAE28CFF ] C:\Windows\System32\drivers\mcdbus.sys
19:20:38.0101 4772 C:\Windows\System32\drivers\mcdbus.sys - ok
19:20:38.0101 4772 [ 1B1E264203D4EF9D3DA1987AD70355AB ] C:\Windows\System32\drivers\scsiport.sys
19:20:38.0101 4772 C:\Windows\System32\drivers\scsiport.sys - ok
19:20:38.0101 4772 [ D01EC09B6711A5F8E7E6564A4D0FBC90 ] C:\Windows\System32\drivers\swenum.sys
19:20:38.0101 4772 C:\Windows\System32\drivers\swenum.sys - ok
19:20:38.0117 4772 [ DC54A574663A895C8763AF0FA1FF7561 ] C:\Windows\System32\drivers\umbus.sys
19:20:38.0117 4772 C:\Windows\System32\drivers\umbus.sys - ok
19:20:38.0117 4772 [ 287C6C9410B111B68B52CA298F7B8C24 ] C:\Windows\System32\drivers\usbhub.sys
19:20:38.0117 4772 C:\Windows\System32\drivers\usbhub.sys - ok
19:20:38.0117 4772 [ 015C0D8E0E0421B4CFD48CFFE2825879 ] C:\Windows\System32\drivers\ndproxy.sys
19:20:38.0117 4772 C:\Windows\System32\drivers\ndproxy.sys - ok
19:20:38.0117 4772 [ 21D26064AEDB4988F785BB4A3A2C051E ] C:\Windows\System32\drivers\drmk.sys
19:20:38.0117 4772 C:\Windows\System32\drivers\drmk.sys - ok
19:20:38.0133 4772 [ 66847C979893A11CFCC2280E772D7EA1 ] C:\Windows\System32\drivers\CHDRT64.sys
19:20:38.0133 4772 C:\Windows\System32\drivers\CHDRT64.sys - ok
19:20:38.0133 4772 [ 6869281E78CB31A43E969F06B57347C4 ] C:\Windows\System32\drivers\ksthunk.sys
19:20:38.0133 4772 C:\Windows\System32\drivers\ksthunk.sys - ok
19:20:38.0133 4772 [ 32E11315B5126921FFD9074840EF13D3 ] C:\Windows\System32\drivers\portcls.sys
19:20:38.0133 4772 C:\Windows\System32\drivers\portcls.sys - ok
19:20:38.0148 4772 [ FC727061C0F47C8059E88E05D5C8E381 ] C:\Windows\System32\drivers\IntcDAud.sys
19:20:38.0148 4772 C:\Windows\System32\drivers\IntcDAud.sys - ok
19:20:38.0148 4772 [ A835419027729F34FE05299D859110F1 ] C:\Windows\System32\dfboottime.exe
19:20:38.0148 4772 C:\Windows\System32\dfboottime.exe - ok
19:20:38.0148 4772 [ 3B536A8BEC3B4F23FFDFD78B11A2AB93 ] C:\Windows\System32\autochk.exe
19:20:38.0148 4772 C:\Windows\System32\autochk.exe - ok
19:20:38.0164 4772 [ 6F1A3157A1C89435352CEB543CDB359C ] C:\Windows\System32\drivers\usbccgp.sys
19:20:38.0164 4772 C:\Windows\System32\drivers\usbccgp.sys - ok
19:20:38.0164 4772 [ 49EE2E52E6CD03947DAD72F65367BE06 ] C:\Windows\System32\drivers\hidparse.sys
19:20:38.0164 4772 C:\Windows\System32\drivers\hidparse.sys - ok
19:20:38.0164 4772 [ 8B0E40E7E8BBF5ACF390465609D89FF1 ] C:\Windows\System32\drivers\hidclass.sys
19:20:38.0164 4772 C:\Windows\System32\drivers\hidclass.sys - ok
19:20:38.0179 4772 [ 9592090A7E2B61CD582B612B6DF70536 ] C:\Windows\System32\drivers\hidusb.sys
19:20:38.0179 4772 C:\Windows\System32\drivers\hidusb.sys - ok
19:20:38.0179 4772 [ D3BF052C40B0C4166D9FD86A4288C1E6 ] C:\Windows\System32\drivers\mouhid.sys
19:20:38.0179 4772 C:\Windows\System32\drivers\mouhid.sys - ok
19:20:38.0179 4772 [ 2F8B1E3EE3545D3B5A8D56FA1AE07B65 ] C:\Windows\System32\usp10.dll
19:20:38.0179 4772 C:\Windows\System32\usp10.dll - ok
19:20:38.0195 4772 [ C06B32165E23A72A898B7A89679AD754 ] C:\Windows\System32\oleaut32.dll
19:20:38.0195 4772 C:\Windows\System32\oleaut32.dll - ok
19:20:38.0195 4772 [ A0F52880DDD164F968BE903C1FECD27E ] C:\Windows\System32\iertutil.dll
19:20:38.0195 4772 C:\Windows\System32\iertutil.dll - ok
19:20:38.0195 4772 [ D202223587518B13D72D68937B7E3F70 ] C:\Windows\System32\lpk.dll
19:20:38.0195 4772 C:\Windows\System32\lpk.dll - ok
19:20:38.0195 4772 [ C431EAF5CAA1C82CAC2534A2EAB348A3 ] C:\Windows\System32\msctf.dll
19:20:38.0195 4772 C:\Windows\System32\msctf.dll - ok
19:20:38.0211 4772 [ A1BE6A720D02E37F72E9CD89AE9CB3CF ] C:\Windows\System32\imagehlp.dll
19:20:38.0211 4772 C:\Windows\System32\imagehlp.dll - ok
19:20:38.0211 4772 [ 0611473C1AD9E2D991CD9482068417F7 ] C:\Windows\System32\rpcrt4.dll
19:20:38.0211 4772 C:\Windows\System32\rpcrt4.dll - ok
19:20:38.0211 4772 [ 5D8E6C95156ED1F79A63D1EADE6F9ED5 ] C:\Windows\System32\setupapi.dll
19:20:38.0211 4772 C:\Windows\System32\setupapi.dll - ok
19:20:38.0226 4772 [ 1DC3504CA4C57900F1557E9A3F01D272 ] C:\Windows\System32\kernel32.dll
19:20:38.0226 4772 C:\Windows\System32\kernel32.dll - ok
19:20:38.0226 4772 [ D87E1E59C73C1F98D5DED5B3850C40F5 ] C:\Windows\System32\psapi.dll
19:20:38.0226 4772 C:\Windows\System32\psapi.dll - ok
19:20:38.0226 4772 [ 1DBA462CF92D890D8F8E6472E7E8B4B4 ] C:\Windows\System32\urlmon.dll
19:20:38.0226 4772 C:\Windows\System32\urlmon.dll - ok
19:20:38.0226 4772 [ 1084AA52CCC324EA54C7121FA24C2221 ] C:\Windows\System32\gdi32.dll
19:20:38.0226 4772 C:\Windows\System32\gdi32.dll - ok
19:20:38.0242 4772 [ F7CE0C81C545364020ED8203CF0A633E ] C:\Windows\System32\difxapi.dll
19:20:38.0242 4772 C:\Windows\System32\difxapi.dll - ok
19:20:38.0242 4772 [ 83404DCBCE4925B6A5A77C5170F46D86 ] C:\Windows\System32\sechost.dll
19:20:38.0242 4772 C:\Windows\System32\sechost.dll - ok
19:20:38.0242 4772 [ 28C0B5024F5C5A438E78B188CFC81B7F ] C:\Windows\System32\normaliz.dll
19:20:38.0242 4772 C:\Windows\System32\normaliz.dll - ok
19:20:38.0242 4772 [ 6C60B5ACA7442EFB794082CDACFC001C ] C:\Windows\System32\ole32.dll
19:20:38.0242 4772 C:\Windows\System32\ole32.dll - ok
19:20:38.0257 4772 [ C391FC68282A000CDF953F8B6B55D2EF ] C:\Windows\System32\msvcrt.dll
19:20:38.0257 4772 C:\Windows\System32\msvcrt.dll - ok
19:20:38.0257 4772 [ FE70103391A64039A921DBFFF9C7AB1B ] C:\Windows\System32\user32.dll
19:20:38.0257 4772 C:\Windows\System32\user32.dll - ok
19:20:38.0257 4772 [ 6DF46D2BD74E3DA1B45F08F10D172732 ] C:\Windows\System32\advapi32.dll
19:20:38.0257 4772 C:\Windows\System32\advapi32.dll - ok
19:20:38.0257 4772 [ 4E4FFB09D895AA000DD56D1404F69A7E ] C:\Windows\System32\Wldap32.dll
19:20:38.0257 4772 C:\Windows\System32\Wldap32.dll - ok
19:20:38.0273 4772 [ 25983DE69B57142039AC8D95E71CD9C9 ] C:\Windows\System32\clbcatq.dll
19:20:38.0273 4772 C:\Windows\System32\clbcatq.dll - ok
19:20:38.0273 4772 [ 4BBFA57F594F7E8A8EDC8F377184C3F0 ] C:\Windows\System32\ws2_32.dll
19:20:38.0273 4772 C:\Windows\System32\ws2_32.dll - ok
19:20:38.0289 4772 [ AA2C08CE85653B1A0D2E4AB407FA176C ] C:\Windows\System32\imm32.dll
19:20:38.0289 4772 C:\Windows\System32\imm32.dll - ok
19:20:38.0289 4772 [ EAF32CB8C1F810E4715B4DFBE785C7FF ] C:\Windows\System32\shlwapi.dll
19:20:38.0289 4772 C:\Windows\System32\shlwapi.dll - ok
19:20:38.0289 4772 [ 9835E63E09F824D22B689D2BB789BAB9 ] C:\Windows\System32\comdlg32.dll
19:20:38.0289 4772 C:\Windows\System32\comdlg32.dll - ok
19:20:38.0289 4772 [ 044FE45FFD6AD40E3BBBE60B7F41BABE ] C:\Windows\System32\nsi.dll
19:20:38.0289 4772 C:\Windows\System32\nsi.dll - ok
19:20:38.0304 4772 [ 5121DB613E10A46A3C5085B479026AA7 ] C:\Windows\System32\wininet.dll
19:20:38.0304 4772 C:\Windows\System32\wininet.dll - ok
19:20:38.0304 4772 [ 2477A28081BDAEE622CF045ACF8EE124 ] C:\Windows\System32\cfgmgr32.dll
19:20:38.0304 4772 C:\Windows\System32\cfgmgr32.dll - ok
19:20:38.0304 4772 [ AA06902362B1422D7A7DA7061E07C624 ] C:\Windows\System32\wintrust.dll
19:20:38.0304 4772 C:\Windows\System32\wintrust.dll - ok
19:20:38.0304 4772 [ 12EE6FE9268CEE6D90FDCCBF89236C65 ] C:\Windows\System32\crypt32.dll
19:20:38.0304 4772 C:\Windows\System32\crypt32.dll - ok
19:20:38.0320 4772 [ 6F2E324703E6D22B9934C33DA48F1F01 ] C:\Windows\System32\KernelBase.dll
19:20:38.0320 4772 C:\Windows\System32\KernelBase.dll - ok
19:20:38.0320 4772 [ 14DFDEAF4E589ED3F1FF187A86B9408C ] C:\Windows\System32\comctl32.dll
19:20:38.0320 4772 C:\Windows\System32\comctl32.dll - ok
19:20:38.0320 4772 [ 06FEC9E8117103BB1141A560E98077DA ] C:\Windows\System32\devobj.dll
19:20:38.0320 4772 C:\Windows\System32\devobj.dll - ok
19:20:38.0335 4772 [ 884415BD4269C02EAF8E2613BF85500D ] C:\Windows\System32\msasn1.dll
19:20:38.0335 4772 C:\Windows\System32\msasn1.dll - ok
19:20:38.0335 4772 [ 9C278785347BCC991F8EA2999D90F58D ] C:\Windows\SysWOW64\normaliz.dll
19:20:38.0335 4772 C:\Windows\SysWOW64\normaliz.dll - ok
19:20:38.0335 4772 [ BF24D6F2ED97FE830BFD52B246F98E67 ] C:\Windows\System32\drivers\dxapi.sys
19:20:38.0335 4772 C:\Windows\System32\drivers\dxapi.sys - ok
19:20:38.0335 4772 [ C58923115CDE6071C3BF2FF063546E9F ] C:\Windows\System32\win32k.sys
19:20:38.0335 4772 C:\Windows\System32\win32k.sys - ok
19:20:38.0351 4772 [ 96F587CA26A6AA894BD8CACE4540CFFC ] C:\Windows\System32\csrsrv.dll
19:20:38.0351 4772 C:\Windows\System32\csrsrv.dll - ok
19:20:38.0351 4772 [ 60C2862B4BF0FD9F582EF344C2B1EC72 ] C:\Windows\System32\csrss.exe
19:20:38.0351 4772 C:\Windows\System32\csrss.exe - ok
19:20:38.0351 4772 [ BA0CD8C393E8C9F83354106093832C7B ] C:\Windows\System32\basesrv.dll
19:20:38.0351 4772 C:\Windows\System32\basesrv.dll - ok
19:20:38.0367 4772 [ 72CC564BBC70DE268784BCE91EB8A28F ] C:\Windows\System32\winsrv.dll
19:20:38.0367 4772 C:\Windows\System32\winsrv.dll - ok
19:20:38.0367 4772 [ FED648B01349A3C8395A5169DB5FB7D6 ] C:\Windows\System32\drivers\USBSTOR.SYS
19:20:38.0367 4772 C:\Windows\System32\drivers\USBSTOR.SYS - ok
19:20:38.0367 4772 [ FF4232A1A64012BAA1FD97C7B67DF593 ] C:\Windows\System32\drivers\udfs.sys
19:20:38.0367 4772 C:\Windows\System32\drivers\udfs.sys - ok
19:20:38.0367 4772 [ 454800C2BC7F3927CE030141EE4F4C50 ] C:\Windows\System32\drivers\usbvideo.sys
19:20:38.0367 4772 C:\Windows\System32\drivers\usbvideo.sys - ok
19:20:38.0382 4772 [ 91111CEBBDE8015E822C46120ED9537C ] C:\Windows\System32\drivers\PGEffect.sys
19:20:38.0382 4772 C:\Windows\System32\drivers\PGEffect.sys - ok
19:20:38.0382 4772 [ B03D591DC7DA45ECE20B3B467E6AADAA ] C:\Windows\System32\drivers\monitor.sys
19:20:38.0382 4772 C:\Windows\System32\drivers\monitor.sys - ok
19:20:38.0382 4772 [ D6160F9D869BA3AF0B787F971DB56368 ] C:\Windows\System32\sxssrv.dll
19:20:38.0382 4772 C:\Windows\System32\sxssrv.dll - ok
19:20:38.0398 4772 [ F29FE765E1448EF371CFE05BFAC74ADB ] C:\Windows\System32\tsddd.dll
19:20:38.0398 4772 C:\Windows\System32\tsddd.dll - ok
19:20:38.0398 4772 [ 94355C28C1970635A31B3FE52EB7CEBA ] C:\Windows\System32\wininit.exe
19:20:38.0398 4772 C:\Windows\System32\wininit.exe - ok
19:20:38.0398 4772 [ 05569A79BF4693670B709144382D02D4 ] C:\Windows\System32\cdd.dll
19:20:38.0398 4772 C:\Windows\System32\cdd.dll - ok
19:20:38.0398 4772 [ 2C942733A5983DD4502219FF37C7EBC7 ] C:\Windows\System32\profapi.dll
19:20:38.0398 4772 C:\Windows\System32\profapi.dll - ok
19:20:38.0413 4772 [ 78523A26F5604C0568FE9D1CE86E36F4 ] C:\Windows\System32\KBDUS.DLL
19:20:38.0413 4772 C:\Windows\System32\KBDUS.DLL - ok
19:20:38.0413 4772 [ C2A8CB1275ECB85D246A9ECC02A728E3 ] C:\Windows\System32\RpcRtRemote.dll
19:20:38.0413 4772 C:\Windows\System32\RpcRtRemote.dll - ok
19:20:38.0413 4772 [ 9CEAD32E79A62150FE9F8557E58E008B ] C:\Windows\System32\sxs.dll
19:20:38.0413 4772 C:\Windows\System32\sxs.dll - ok
19:20:38.0429 4772 [ B26B1801356760841C3BC69F9F91537F ] C:\Windows\System32\WlS0WndH.dll
19:20:38.0429 4772 C:\Windows\System32\WlS0WndH.dll - ok
19:20:38.0429 4772 [ 784FA3DF338E2E8F5F0389D6FAC428AF ] C:\Windows\System32\cryptbase.dll
19:20:38.0429 4772 C:\Windows\System32\cryptbase.dll - ok
19:20:38.0445 4772 [ 90499F3163A9F815CF196A205EA3CD5D ] C:\Windows\System32\apphelp.dll
19:20:38.0445 4772 C:\Windows\System32\apphelp.dll - ok
19:20:38.0445 4772 [ 66A6063D0BAAD3F7B2B9868859E0743B ] C:\Windows\System32\lsasrv.dll
19:20:38.0445 4772 C:\Windows\System32\lsasrv.dll - ok
19:20:38.0445 4772 [ C118A82CD78818C29AB228366EBF81C3 ] C:\Windows\System32\lsass.exe
19:20:38.0445 4772 C:\Windows\System32\lsass.exe - ok
19:20:38.0445 4772 [ 9662EE182644511439F1C53745DC1C88 ] C:\Windows\System32\lsm.exe
19:20:38.0445 4772 C:\Windows\System32\lsm.exe - ok
19:20:38.0460 4772 [ 24ACB7E5BE595468E3B9AA488B9B4FCB ] C:\Windows\System32\services.exe
19:20:38.0460 4772 C:\Windows\System32\services.exe - ok
19:20:38.0460 4772 [ 3A0CE5FE781708CD6ABD55313607EC8B ] C:\Windows\System32\sspisrv.dll
19:20:38.0460 4772 C:\Windows\System32\sspisrv.dll - ok
19:20:38.0460 4772 [ B66BC8B20B7F33975865B1DF99783FD8 ] C:\Windows\System32\sspicli.dll
19:20:38.0460 4772 C:\Windows\System32\sspicli.dll - ok
19:20:38.0476 4772 [ 68083118797CAF30FB2EA3E71494D67E ] C:\Windows\System32\sysntfy.dll
19:20:38.0476 4772 C:\Windows\System32\sysntfy.dll - ok
19:20:38.0476 4772 [ DEE7267C5D232A3B816866872CE199E6 ] C:\Windows\System32\wmsgapi.dll
19:20:38.0476 4772 C:\Windows\System32\wmsgapi.dll - ok
19:20:38.0476 4772 [ A744BA6E04C8AA4592818178DBF89521 ] C:\Windows\System32\samsrv.dll
19:20:38.0476 4772 C:\Windows\System32\samsrv.dll - ok
19:20:38.0476 4772 [ BBCDF350817BA86416C0F06B6981BE8D ] C:\Windows\System32\scesrv.dll
19:20:38.0476 4772 C:\Windows\System32\scesrv.dll - ok
19:20:38.0491 4772 [ E914A50A151DFFE63D3935226DB5E2C1 ] C:\Windows\System32\scext.dll
19:20:38.0491 4772 C:\Windows\System32\scext.dll - ok
19:20:38.0491 4772 [ 0144D8D75A0B12938AEEE859E3310A46 ] C:\Windows\System32\secur32.dll
19:20:38.0491 4772 C:\Windows\System32\secur32.dll - ok
19:20:38.0491 4772 [ 1151B1BAA6F350B1DB6598E0FEA7C457 ] C:\Windows\System32\winlogon.exe
19:20:38.0491 4772 C:\Windows\System32\winlogon.exe - ok
19:20:38.0491 4772 [ 3A061472B38233BAFF9CFEFF2E49C46B ] C:\Windows\System32\cryptdll.dll
19:20:38.0491 4772 C:\Windows\System32\cryptdll.dll - ok
19:20:38.0507 4772 [ 3A9C9BAF610B0DD4967086040B3B62A9 ] C:\Windows\System32\srvcli.dll
19:20:38.0507 4772 C:\Windows\System32\srvcli.dll - ok
19:20:38.0507 4772 [ 3C073B0C596A0AF84933E7406766B040 ] C:\Windows\System32\wevtapi.dll
19:20:38.0507 4772 C:\Windows\System32\wevtapi.dll - ok
19:20:38.0507 4772 [ 0D9764D58C5EFD672B7184854B152E5E ] C:\Windows\System32\winsta.dll
19:20:38.0507 4772 C:\Windows\System32\winsta.dll - ok
19:20:38.0507 4772 [ 86FE1B1F8FD42CD0DB641AB1CDB13093 ] C:\Windows\System32\cngaudit.dll
19:20:38.0507 4772 C:\Windows\System32\cngaudit.dll - ok
19:20:38.0523 4772 [ 7FBEBD2229EA5FD48D41B199EC2D541C ] C:\Windows\System32\authz.dll
19:20:38.0523 4772 C:\Windows\System32\authz.dll - ok
19:20:38.0523 4772 [ 400645085A91BF3EB0271329B95AE0BE ] C:\Windows\System32\ncrypt.dll
19:20:38.0523 4772 C:\Windows\System32\ncrypt.dll - ok
19:20:38.0523 4772 [ B9A95365E52F421A20E1501935FADDA5 ] C:\Windows\System32\bcrypt.dll
19:20:38.0523 4772 C:\Windows\System32\bcrypt.dll - ok
19:20:38.0523 4772 [ 02B64609F865A39365FF88580DF11738 ] C:\Windows\System32\msprivs.dll
19:20:38.0523 4772 C:\Windows\System32\msprivs.dll - ok
19:20:38.0538 4772 [ C6505DE3561537BA1004D638C2F93F2F ] C:\Windows\System32\netjoin.dll
19:20:38.0538 4772 C:\Windows\System32\netjoin.dll - ok
19:20:38.0538 4772 [ 50532FCD7ECF02DD169CE5C485F02534 ] C:\Windows\System32\negoexts.dll
19:20:38.0538 4772 C:\Windows\System32\negoexts.dll - ok
19:20:38.0538 4772 [ 44E1A196DFCB53B01FE4B855C3B56A15 ] C:\Windows\System32\kerberos.dll
19:20:38.0554 4772 C:\Windows\System32\kerberos.dll - ok
19:20:38.0554 4772 [ CB2ABB2DA1E9C977302A78D86D4AE3B0 ] C:\Windows\System32\atmfd.dll
19:20:38.0554 4772 C:\Windows\System32\atmfd.dll - ok
19:20:38.0554 4772 [ D0C2FBB6D97416B0166478FC7AE2B212 ] C:\Windows\System32\cryptsp.dll
19:20:38.0554 4772 C:\Windows\System32\cryptsp.dll - ok
19:20:38.0569 4772 [ 1D5185A4C7E6695431AE4B55C3D7D333 ] C:\Windows\System32\mswsock.dll
19:20:38.0569 4772 C:\Windows\System32\mswsock.dll - ok
19:20:38.0569 4772 [ EF12B8385AA2849999008A977918F96B ] C:\Windows\System32\msv1_0.dll
19:20:38.0569 4772 C:\Windows\System32\msv1_0.dll - ok
19:20:38.0569 4772 [ EC7CBFF96B05ECF3D366355B3C64ADCF ] C:\Windows\System32\wship6.dll
19:20:38.0569 4772 C:\Windows\System32\wship6.dll - ok
19:20:38.0585 4772 [ AA339DD8BB128EF66660DFBBB59043D3 ] C:\Windows\System32\netlogon.dll
19:20:38.0585 4772 C:\Windows\System32\netlogon.dll - ok
19:20:38.0585 4772 [ 492D07D79E7024CA310867B526D9636D ] C:\Windows\System32\dnsapi.dll
19:20:38.0585 4772 C:\Windows\System32\dnsapi.dll - ok
19:20:38.0585 4772 [ 8FFE297B8449386E7B6851458B6E474E ] C:\Windows\System32\logoncli.dll
19:20:38.0585 4772 C:\Windows\System32\logoncli.dll - ok
19:20:38.0585 4772 [ 1573C45E65DE32B1BC3572634F8F1E8E ] C:\Windows\System32\schannel.dll
19:20:38.0585 4772 C:\Windows\System32\schannel.dll - ok
19:20:38.0601 4772 [ 95FB6CA4374E343DDD653FCC43F9D26B ] C:\Windows\System32\wdigest.dll
19:20:38.0601 4772 C:\Windows\System32\wdigest.dll - ok
19:20:38.0601 4772 [ 5D8874A8C11DDDDE29E12DE0E2013493 ] C:\Windows\System32\rsaenh.dll
19:20:38.0601 4772 C:\Windows\System32\rsaenh.dll - ok
19:20:38.0601 4772 [ 8A25506B6948EFBD5A7F37E53CCD36D9 ] C:\Windows\System32\TSpkg.dll
19:20:38.0601 4772 C:\Windows\System32\TSpkg.dll - ok
19:20:38.0601 4772 [ E08088A97F95345E181C3DFCE2C615EF ] C:\Windows\System32\pku2u.dll
19:20:38.0601 4772 C:\Windows\System32\pku2u.dll - ok
19:20:38.0616 4772 [ 55C892560C1B42BC57FB61AEFCED2F22 ] C:\Windows\System32\LIVESSP.DLL
19:20:38.0616 4772 C:\Windows\System32\LIVESSP.DLL - ok
19:20:38.0616 4772 [ D6C7780A364C6BBACFA796BAB9F1B374 ] C:\Windows\System32\bcryptprimitives.dll
19:20:38.0616 4772 C:\Windows\System32\bcryptprimitives.dll - ok
19:20:38.0616 4772 [ 52D3D5E3586988D4D9E34ACAAC33105C ] C:\Windows\System32\credssp.dll
19:20:38.0616 4772 C:\Windows\System32\credssp.dll - ok
19:20:38.0616 4772 [ 90BDEFC5DF334E5100EAA781D798DE1A ] C:\Windows\System32\efslsaext.dll
19:20:38.0616 4772 C:\Windows\System32\efslsaext.dll - ok
19:20:38.0632 4772 [ ED78427259134C63ED69804D2132B86C ] C:\Windows\System32\scecli.dll
19:20:38.0632 4772 C:\Windows\System32\scecli.dll - ok
19:20:38.0632 4772 [ 7CC7DF5B654DA579613F811D8C637E29 ] C:\Windows\System32\ubpm.dll
19:20:38.0632 4772 C:\Windows\System32\ubpm.dll - ok
19:20:38.0632 4772 [ C78655BC80301D76ED4FEF1C1EA40A7D ] C:\Windows\System32\svchost.exe
19:20:38.0632 4772 C:\Windows\System32\svchost.exe - ok
19:20:38.0647 4772 [ 25FBDEF06C4D92815B353F6E792C8129 ] C:\Windows\System32\umpnpmgr.dll
19:20:38.0647 4772 C:\Windows\System32\umpnpmgr.dll - ok
19:20:38.0647 4772 [ CD1B5AD07E5F7FEF30E055DCC9E96180 ] C:\Windows\System32\devrtl.dll
19:20:38.0647 4772 C:\Windows\System32\devrtl.dll - ok
19:20:38.0647 4772 [ 9C9307C95671AC962F3D6EB3A4A89BAE ] C:\Windows\System32\gpapi.dll
19:20:38.0647 4772 C:\Windows\System32\gpapi.dll - ok
19:20:38.0647 4772 [ E6EB44ABAAF1F330119F854856C53EBE ] C:\Windows\System32\SPInf.dll
19:20:38.0647 4772 C:\Windows\System32\SPInf.dll - ok
19:20:38.0663 4772 [ 7A17485DC7D8A7AC81321A42CD034519 ] C:\Windows\System32\userenv.dll
19:20:38.0663 4772 C:\Windows\System32\userenv.dll - ok
19:20:38.0663 4772 [ 6BA9D927DDED70BD1A9CADED45F8B184 ] C:\Windows\System32\umpo.dll
19:20:38.0663 4772 C:\Windows\System32\umpo.dll - ok
19:20:38.0663 4772 [ F6C011B46FAEEF33536B2E80F48B5CBE ] C:\Windows\System32\pcwum.dll
19:20:38.0663 4772 C:\Windows\System32\pcwum.dll - ok
19:20:38.0679 4772 [ 716175021BDA290504CE434273F666BC ] C:\Windows\System32\powrprof.dll
19:20:38.0679 4772 C:\Windows\System32\powrprof.dll - ok
19:20:38.0679 4772 [ 43D0F98E1D56CCDDB0D5254CFF7B356E ] C:\Windows\System32\drivers\luafv.sys
19:20:38.0679 4772 C:\Windows\System32\drivers\luafv.sys - ok
19:20:38.0679 4772 [ DF59B8E8DF0BD2E0E303778A3806A17D ] C:\Windows\System32\drivers\aswFsBlk.sys
19:20:38.0679 4772 C:\Windows\System32\drivers\aswFsBlk.sys - ok
19:20:38.0679 4772 [ F8E6AB4F876FEFF69250F2E0C29EF004 ] C:\Windows\System32\drivers\aswMonFlt.sys
19:20:38.0694 4772 C:\Windows\System32\drivers\aswMonFlt.sys - ok
19:20:38.0694 4772 [ 5C627D1B1138676C0A7AB2C2C190D123 ] C:\Windows\System32\rpcss.dll
19:20:38.0694 4772 C:\Windows\System32\rpcss.dll - ok
19:20:38.0694 4772 [ E4DC58CF7B3EA515AE917FF0D402A7BB ] C:\Windows\System32\RpcEpMap.dll
19:20:38.0694 4772 C:\Windows\System32\RpcEpMap.dll - ok
19:20:38.0694 4772 [ 31559F3244C6BC00A52030CAA83B6B91 ] C:\Windows\System32\WSHTCPIP.DLL
19:20:38.0694 4772 C:\Windows\System32\WSHTCPIP.DLL - ok
19:20:38.0710 4772 [ 16E964ABF6D1E0F0CC7822FCA9BA754D ] C:\Windows\System32\wshqos.dll
19:20:38.0710 4772 C:\Windows\System32\wshqos.dll - ok
19:20:38.0710 4772 [ 9AD9E06F8656F296D91FAE8EE5B95A27 ] C:\Windows\System32\FirewallAPI.dll
19:20:38.0710 4772 C:\Windows\System32\FirewallAPI.dll - ok
19:20:38.0710 4772 [ 0BEE002C68E28CE6DA161DCF1376D7D7 ] C:\Windows\System32\authui.dll
19:20:38.0710 4772 C:\Windows\System32\authui.dll - ok
19:20:38.0710 4772 [ 715F03B4C7223349768013EA95D9E5B7 ] C:\Windows\System32\LogonUI.exe
19:20:38.0710 4772 C:\Windows\System32\LogonUI.exe - ok
19:20:38.0725 4772 [ 94E026870A55AAEAFF7853C1754091E9 ] C:\Windows\System32\version.dll
19:20:38.0725 4772 C:\Windows\System32\version.dll - ok
19:20:38.0725 4772 [ B3BFBD758506ECB50C5804AAA76318F9 ] C:\Windows\System32\cryptui.dll
19:20:38.0725 4772 C:\Windows\System32\cryptui.dll - ok
19:20:38.0725 4772 [ 6011714C8C5C55CBFFAD24D61E879FBD ] C:\Windows\System32\wevtsvc.dll
19:20:38.0725 4772 C:\Windows\System32\wevtsvc.dll - ok
19:20:38.0725 4772 [ 7FA8FDC2C2A27817FD0F624E78D3B50C ] C:\Windows\winsxs\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac\comctl32.dll
19:20:38.0725 4772 C:\Windows\winsxs\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac\comctl32.dll - ok
19:20:38.0741 4772 [ 5B3EBFC3DA142324B388DDCC4465E1FF ] C:\Windows\System32\samlib.dll
19:20:38.0741 4772 C:\Windows\System32\samlib.dll - ok
19:20:38.0741 4772 [ 4E9C2DB10F7E6AE91BF761139D4B745B ] C:\Windows\System32\shacct.dll
19:20:38.0741 4772 C:\Windows\System32\shacct.dll - ok
19:20:38.0741 4772 [ 588CD0C78A7FAAE4186B5EEA0AF3ED67 ] C:\Windows\System32\adtschema.dll
19:20:38.0741 4772 C:\Windows\System32\adtschema.dll - ok
19:20:38.0757 4772 [ F06BB4E336EA57511FDBAFAFCC47DE62 ] C:\Windows\System32\propsys.dll
19:20:38.0757 4772 C:\Windows\System32\propsys.dll - ok
19:20:38.0757 4772 [ F23FEF6D569FCE88671949894A8BECF1 ] C:\Windows\System32\audiosrv.dll
19:20:38.0757 4772 C:\Windows\System32\audiosrv.dll - ok
19:20:38.0757 4772 [ 78A1E65207484B7F8D3217507745F47C ] C:\Windows\System32\avrt.dll
19:20:38.0757 4772 C:\Windows\System32\avrt.dll - ok
19:20:38.0757 4772 [ E40E80D0304A73E8D269F7141D77250B ] C:\Windows\System32\mmcss.dll
19:20:38.0757 4772 C:\Windows\System32\mmcss.dll - ok
19:20:38.0772 4772 [ DA6B67270FD9DB3697B20FCE94950741 ] C:\Windows\System32\drivers\fltMgr.sys
19:20:38.0772 4772 C:\Windows\System32\drivers\fltMgr.sys - ok
19:20:38.0772 4772 [ 227E2C382A1E02F8D4965E664D3BBE43 ] C:\Windows\System32\MMDevAPI.dll
19:20:38.0772 4772 C:\Windows\System32\MMDevAPI.dll - ok
19:20:38.0772 4772 [ 5F28111C648F1E24F7DBC87CDEB091B8 ] C:\Windows\System32\netprofm.dll
19:20:38.0772 4772 C:\Windows\System32\netprofm.dll - ok
19:20:38.0772 4772 [ A3DB3C17EE6CAE65D53602B4E80BCCBC ] C:\Windows\System32\PSHED.DLL
19:20:38.0772 4772 C:\Windows\System32\PSHED.DLL - ok
19:20:38.0788 4772 [ D29E998E8277666982B4F0303BF4E7AF ] C:\Windows\System32\uxtheme.dll
19:20:38.0788 4772 C:\Windows\System32\uxtheme.dll - ok
19:20:38.0788 4772 [ 53E83F1F6CF9D62F32801CF66D8352A8 ] C:\Windows\System32\profsvc.dll
19:20:38.0788 4772 C:\Windows\System32\profsvc.dll - ok
19:20:38.0788 4772 [ B0945E538CF906BBDDC5A11C8EE868CC ] C:\Windows\System32\microsoft-windows-kernel-processor-power-events.dll
19:20:38.0788 4772 C:\Windows\System32\microsoft-windows-kernel-processor-power-events.dll - ok
19:20:38.0788 4772 [ 179E8401224D557ECFF3695F2016EA5B ] C:\Windows\winsxs\amd64_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.17825_none_2b253c8271ec7765\GdiPlus.dll
19:20:38.0788 4772 C:\Windows\winsxs\amd64_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.17825_none_2b253c8271ec7765\GdiPlus.dll - ok
19:20:38.0803 4772 [ 54FFC9C8898113ACE189D4AA7199D2C1 ] C:\Windows\System32\MPSSVC.dll
19:20:38.0803 4772 C:\Windows\System32\MPSSVC.dll - ok
19:20:38.0803 4772 [ D5CCA1453B98A5801E6D5FF0FF89DC6C ] C:\Windows\System32\audiodg.exe
19:20:38.0803 4772 C:\Windows\System32\audiodg.exe - ok
19:20:38.0803 4772 [ 1F4492FE41767CDB8B89D17655847CDD ] C:\Windows\System32\ntmarta.dll
19:20:38.0803 4772 C:\Windows\System32\ntmarta.dll - ok
19:20:38.0803 4772 [ 3CB6A7286422C72C34DAB54A5DFF1A34 ] C:\Windows\System32\dui70.dll
19:20:38.0803 4772 C:\Windows\System32\dui70.dll - ok
19:20:38.0819 4772 [ 277BBC7E1AA1EE957F573A10ECA7EF3A ] C:\Windows\System32\gpsvc.dll
19:20:38.0819 4772 C:\Windows\System32\gpsvc.dll - ok
19:20:38.0819 4772 [ 58775492FFD419248B08325E583C527F ] C:\Windows\System32\atl.dll
19:20:38.0819 4772 C:\Windows\System32\atl.dll - ok
19:20:38.0819 4772 [ 8CCDE014A4CDF84564E03ACE064CA753 ] C:\Windows\System32\duser.dll
19:20:38.0819 4772 C:\Windows\System32\duser.dll - ok
19:20:38.0819 4772 [ 46BB91A169B9B31FF44EB04C48EC1D41 ] C:\Windows\System32\nlaapi.dll
19:20:38.0819 4772 C:\Windows\System32\nlaapi.dll - ok
19:20:38.0835 4772 [ F0344071948D1A1FA732231785A0664C ] C:\Windows\System32\themeservice.dll
19:20:38.0835 4772 C:\Windows\System32\themeservice.dll - ok
19:20:38.0835 4772 [ 4166F82BE4D24938977DD1746BE9B8A0 ] C:\Windows\System32\es.dll
19:20:38.0835 4772 C:\Windows\System32\es.dll - ok
19:20:38.0835 4772 [ D7F1EF374A90709B31591823B002F918 ] C:\Windows\System32\SndVolSSO.dll
19:20:38.0835 4772 C:\Windows\System32\SndVolSSO.dll - ok
19:20:38.0835 4772 [ A77BE7CB3222B4FB0AC6C71D1C2698D4 ] C:\Windows\System32\dsrole.dll
19:20:38.0835 4772 C:\Windows\System32\dsrole.dll - ok
19:20:38.0850 4772 [ BE097F5BB10F9079FCEB2DC4E7E20F02 ] C:\Windows\System32\slc.dll
19:20:38.0850 4772 C:\Windows\System32\slc.dll - ok
19:20:38.0850 4772 [ DA1B7075260F3872585BFCDD668C648B ] C:\Windows\System32\dwmapi.dll
19:20:38.0850 4772 C:\Windows\System32\dwmapi.dll - ok
19:20:38.0850 4772 [ 896F15A6434D93EDB42519D5E18E6B50 ] C:\Windows\System32\hid.dll
19:20:38.0850 4772 C:\Windows\System32\hid.dll - ok
19:20:38.0850 4772 [ 6F8B48F3D343E4B186AB6A9E302B7E16 ] C:\Windows\System32\xmllite.dll
19:20:38.0850 4772 C:\Windows\System32\xmllite.dll - ok
19:20:38.0866 4772 [ 1A47D52E303B7543E4E6026595B95422 ] C:\Windows\System32\comres.dll
19:20:38.0866 4772 C:\Windows\System32\comres.dll - ok
19:20:38.0866 4772 [ C32AB8FA018EF34C0F113BD501436D21 ] C:\Windows\System32\Sens.dll
19:20:38.0866 4772 C:\Windows\System32\Sens.dll - ok
19:20:38.0866 4772 [ EDBB23CBCF2CDF727D64FF9B51A6070E ] C:\Windows\System32\uxsms.dll
19:20:38.0866 4772 C:\Windows\System32\uxsms.dll - ok
19:20:38.0866 4772 [ 1538831CF8AD2979A04C423779465827 ] C:\Windows\System32\drivers\lltdio.sys
19:20:38.0866 4772 C:\Windows\System32\drivers\lltdio.sys - ok
19:20:38.0881 4772 [ 1EA3749C4114DB3E3161156FFFFA6B33 ] C:\Windows\System32\drivers\nwifi.sys
19:20:38.0881 4772 C:\Windows\System32\drivers\nwifi.sys - ok
19:20:38.0881 4772 [ 26B73A85855681500BCC25C7CD9FF5B1 ] C:\Windows\System32\WindowsCodecs.dll
19:20:38.0881 4772 C:\Windows\System32\WindowsCodecs.dll - ok
19:20:38.0881 4772 [ BD3674BE7FC9D8D3732C83E8499576ED ] C:\Windows\System32\wtsapi32.dll
19:20:38.0881 4772 C:\Windows\System32\wtsapi32.dll - ok
19:20:38.0881 4772 [ 136185F9FB2CC61E573E676AA5402356 ] C:\Windows\System32\drivers\ndisuio.sys
19:20:38.0881 4772 C:\Windows\System32\drivers\ndisuio.sys - ok
19:20:38.0897 4772 [ DDC86E4F8E7456261E637E3552E804FF ] C:\Windows\System32\drivers\rspndr.sys
19:20:38.0897 4772 C:\Windows\System32\drivers\rspndr.sys - ok
19:20:38.0897 4772 [ 2B81776DA02017A37FE26C662827470E ] C:\Windows\System32\IPHLPAPI.DLL
19:20:38.0897 4772 C:\Windows\System32\IPHLPAPI.DLL - ok
19:20:38.0897 4772 [ F993A32249B66C9D622EA5592A8B76B8 ] C:\Windows\System32\lmhsvc.dll
19:20:38.0897 4772 C:\Windows\System32\lmhsvc.dll - ok
19:20:38.0897 4772 [ D54BFDF3E0C953F823B3D0BFE4732528 ] C:\Windows\System32\nsisvc.dll
19:20:38.0897 4772 C:\Windows\System32\nsisvc.dll - ok
19:20:38.0913 4772 [ 43D808F5D9E1A18E5EEB5EBC83969E4E ] C:\Windows\System32\dhcpcore.dll
19:20:38.0913 4772 C:\Windows\System32\dhcpcore.dll - ok
19:20:38.0913 4772 [ B73A6E4B319AFFE64582AC5C1801BB3F ] C:\Windows\System32\nrpsrv.dll
19:20:38.0913 4772 C:\Windows\System32\nrpsrv.dll - ok
19:20:38.0913 4772 [ 4C9210E8F4E052F6A4EB87716DA0C24C ] C:\Windows\System32\winnsi.dll
19:20:38.0913 4772 C:\Windows\System32\winnsi.dll - ok
19:20:38.0913 4772 [ 3CC16A849E6092E43909F48EF0E60306 ] C:\Windows\System32\dhcpcore6.dll
19:20:38.0913 4772 C:\Windows\System32\dhcpcore6.dll - ok
19:20:38.0928 4772 [ 16835866AAA693C7D7FCEBA8FFF706E4 ] C:\Windows\System32\dnsrslvr.dll
19:20:38.0928 4772 C:\Windows\System32\dnsrslvr.dll - ok
19:20:38.0928 4772 [ F9EC845C5EECF20E9A67F9F805F2EF1F ] C:\Windows\System32\keyiso.dll
19:20:38.0928 4772 C:\Windows\System32\keyiso.dll - ok
19:20:38.0928 4772 [ 87356377F31DA5F20A833811CD59499C ] C:\Windows\System32\eapphost.dll
19:20:38.0928 4772 C:\Windows\System32\eapphost.dll - ok
19:20:38.0928 4772 [ E2DDA8726DA9CB5B2C4000C9018A9633 ] C:\Windows\System32\eapsvc.dll
19:20:38.0928 4772 C:\Windows\System32\eapsvc.dll - ok
19:20:38.0944 4772 [ 0040C486584A8E582C861CFB57AB5387 ] C:\Windows\System32\FWPUCLNT.DLL
19:20:38.0944 4772 C:\Windows\System32\FWPUCLNT.DLL - ok
19:20:38.0944 4772 [ 885D0942E0F28DB90919BE3129ECF279 ] C:\Windows\System32\dnsext.dll
19:20:38.0944 4772 C:\Windows\System32\dnsext.dll - ok
19:20:38.0944 4772 [ 9FCA3A84338ADEF2AFF67CDA46EF8539 ] C:\Windows\System32\umb.dll
19:20:38.0944 4772 C:\Windows\System32\umb.dll - ok
19:20:38.0944 4772 [ F568F7C08458D69E4FCD8675BBB107E4 ] C:\Windows\System32\dhcpcsvc.dll
19:20:38.0944 4772 C:\Windows\System32\dhcpcsvc.dll - ok
19:20:38.0959 4772 [ 3C06D5A929B798D0B13F6481242A0FD2 ] C:\Windows\System32\dhcpcsvc6.dll
19:20:38.0959 4772 C:\Windows\System32\dhcpcsvc6.dll - ok
19:20:38.0959 4772 [ C2762A57DF0EE85E63CE4893C5215313 ] C:\Windows\System32\VaultCredProvider.dll
19:20:38.0959 4772 C:\Windows\System32\VaultCredProvider.dll - ok
19:20:38.0959 4772 [ 9F2BACD5E1776A4BB7CC0EC3C3A4F96D ] C:\Windows\System32\winbrand.dll
19:20:38.0959 4772 C:\Windows\System32\winbrand.dll - ok
19:20:38.0959 4772 [ 4FADA86E62F18A1B2F42BA18AE24E6AA ] C:\Windows\System32\wlansvc.dll
19:20:38.0959 4772 C:\Windows\System32\wlansvc.dll - ok
19:20:38.0975 4772 [ CA2985996BB49924B677113DF95CFEA7 ] C:\Windows\System32\SmartcardCredentialProvider.dll
19:20:38.0975 4772 C:\Windows\System32\SmartcardCredentialProvider.dll - ok
19:20:38.0975 4772 [ BF352E73615F5461AA6884472435A544 ] C:\Windows\System32\BioCredProv.dll
19:20:38.0975 4772 C:\Windows\System32\BioCredProv.dll - ok
19:20:38.0975 4772 [ 796B8123A7859AFD3A4AE10514DBAEB5 ] C:\Windows\System32\winbio.dll
19:20:38.0975 4772 C:\Windows\System32\winbio.dll - ok
19:20:38.0975 4772 [ CC0AB40F02D2C2A12209715A3C1B07B8 ] C:\Windows\System32\credui.dll
19:20:38.0975 4772 C:\Windows\System32\credui.dll - ok
19:20:38.0991 4772 [ EEEA40F0EDB0A6E5359E539E15D0BC77 ] C:\Windows\System32\netapi32.dll
19:20:38.0991 4772 C:\Windows\System32\netapi32.dll - ok
19:20:38.0991 4772 [ 44B9C66177651F3F53C87B665D58D17A ] C:\Windows\System32\vaultcli.dll
19:20:38.0991 4772 C:\Windows\System32\vaultcli.dll - ok
19:20:38.0991 4772 [ 6CECA4C6A489C9B2E6073AFDAAE3F607 ] C:\Windows\System32\netutils.dll
19:20:38.0991 4772 C:\Windows\System32\netutils.dll - ok
19:20:38.0991 4772 [ 3C91392D448F6E5D525A85B7550D8BA9 ] C:\Windows\System32\wkscli.dll
19:20:38.0991 4772 C:\Windows\System32\wkscli.dll - ok
19:20:39.0006 4772 [ FC51229C7D4AFA0D6F186133728B95AB ] C:\Windows\System32\samcli.dll
19:20:39.0006 4772 C:\Windows\System32\samcli.dll - ok
19:20:39.0006 4772 [ F79C9E3947B904FA3200A2204F9C52BB ] C:\Windows\System32\tosWirelessLANIndicatorCP.dll
19:20:39.0006 4772 C:\Windows\System32\tosWirelessLANIndicatorCP.dll - ok
19:20:39.0006 4772 [ C6689007B3A749C49A5438DCF36E0CE4 ] C:\Windows\System32\shell32.dll
19:20:39.0006 4772 C:\Windows\System32\shell32.dll - ok
19:20:39.0006 4772 [ DF3CA8D16BDED6A54977B30E66864D33 ] C:\Windows\System32\msvcr100.dll
19:20:39.0006 4772 C:\Windows\System32\msvcr100.dll - ok
19:20:39.0022 4772 [ A648C4A06DE367065B24056D067B4460 ] C:\Windows\System32\wlanmsm.dll
19:20:39.0022 4772 C:\Windows\System32\wlanmsm.dll - ok
19:20:39.0022 4772 [ 06A1386B6E3A0CBC368665C1840906F4 ] C:\Windows\System32\wlansec.dll
19:20:39.0022 4772 C:\Windows\System32\wlansec.dll - ok
19:20:39.0022 4772 [ 73FCB7919DEE80EE556F2E498594EBAE ] C:\Windows\System32\onex.dll
19:20:39.0022 4772 C:\Windows\System32\onex.dll - ok
19:20:39.0037 4772 [ 0D753307D274F3688BD21C377B616700 ] C:\Windows\System32\eappcfg.dll
19:20:39.0037 4772 C:\Windows\System32\eappcfg.dll - ok
19:20:39.0037 4772 [ 65522E77A1360DBC8D199DA3BF5EFFE4 ] C:\Windows\System32\eappprxy.dll
19:20:39.0037 4772 C:\Windows\System32\eappprxy.dll - ok
19:20:39.0037 4772 [ 97E43F324BE1503CB2FFB058534688DA ] C:\Windows\System32\l2gpstore.dll
19:20:39.0037 4772 C:\Windows\System32\l2gpstore.dll - ok
19:20:39.0037 4772 [ 730BF204A595D5B6D7DC57A247CC741C ] C:\Windows\System32\wlgpclnt.dll
19:20:39.0037 4772 C:\Windows\System32\wlgpclnt.dll - ok
19:20:39.0053 4772 [ 698EB872F1B16C2E874281BCEE55F396 ] C:\Program Files\Toshiba\SmartFaceV\SmartFaceVCP.dll
19:20:39.0053 4772 C:\Program Files\Toshiba\SmartFaceV\SmartFaceVCP.dll - ok
19:20:39.0053 4772 [ 7D5645EE0EA77D539828433D9B95F5EB ] C:\Windows\System32\WinSCard.dll
19:20:39.0053 4772 C:\Windows\System32\WinSCard.dll - ok
19:20:39.0053 4772 [ 7F1B4C6FF3B85F9ADF74055187B8A22C ] C:\Windows\System32\wlanutil.dll
19:20:39.0053 4772 C:\Windows\System32\wlanutil.dll - ok
19:20:39.0053 4772 [ 4FFDE68C4B7C9993FA551E7E36DDB34D ] C:\Windows\System32\msxml6.dll
19:20:39.0053 4772 C:\Windows\System32\msxml6.dll - ok
19:20:39.0069 4772 [ AAFE92235773EDED003A84CD0FFA8326 ] C:\Program Files\Toshiba\SmartFaceV\SmartFaceVHelper.dll
19:20:39.0069 4772 C:\Program Files\Toshiba\SmartFaceV\SmartFaceVHelper.dll - ok
19:20:39.0069 4772 [ A8704A10FFDE468F4AB18EBF82A9A86F ] C:\Windows\winsxs\amd64_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.6195_none_88e41e092fab0294\msvcp80.dll
19:20:39.0069 4772 C:\Windows\winsxs\amd64_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.6195_none_88e41e092fab0294\msvcp80.dll - ok
19:20:39.0069 4772 [ EC6BA7C92FA5B2AA4AFDF4DF22AEDAB7 ] C:\Windows\winsxs\amd64_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.6195_none_88e41e092fab0294\msvcr80.dll
19:20:39.0069 4772 C:\Windows\winsxs\amd64_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.6195_none_88e41e092fab0294\msvcr80.dll - ok
19:20:39.0069 4772 [ 9AE75388EE2C110216B8319584E8AC34 ] C:\Program Files\Toshiba\SmartFaceV\SmartFaceVCtrl.dll
19:20:39.0069 4772 C:\Program Files\Toshiba\SmartFaceV\SmartFaceVCtrl.dll - ok
19:20:39.0084 4772 [ 2F7C0F3E39C45E0127FB78B2F18A41F3 ] C:\Program Files\AVAST Software\Avast\AvastSvc.exe
19:20:39.0084 4772 C:\Program Files\AVAST Software\Avast\AvastSvc.exe - ok
19:20:39.0084 4772 [ EF2AE43BCD46ABB13FC3E5B2B1935C73 ] C:\Windows\System32\winmm.dll
19:20:39.0084 4772 C:\Windows\System32\winmm.dll - ok
19:20:39.0084 4772 [ 2A9238A326763122424E07EF320D5D3A ] C:\Program Files\Toshiba\SmartFaceV\FaceRec.dll
19:20:39.0084 4772 C:\Program Files\Toshiba\SmartFaceV\FaceRec.dll - ok
19:20:39.0084 4772 [ 03706015DB44368375AEBE6339490E66 ] C:\Windows\System32\netcfgx.dll
19:20:39.0084 4772 C:\Windows\System32\netcfgx.dll - ok
19:20:39.0100 4772 [ E73B0F1819602CB6EF176FB78D76A47B ] C:\Windows\SysWOW64\ntdll.dll
19:20:39.0100 4772 C:\Windows\SysWOW64\ntdll.dll - ok
19:20:39.0100 4772 [ 15B30F15BD13640B337A0FC37BD48CDE ] C:\Windows\System32\wow64.dll
19:20:39.0100 4772 C:\Windows\System32\wow64.dll - ok
19:20:39.0100 4772 [ 2970785A72054740E1A5DCEB32485486 ] C:\Windows\System32\wow64win.dll
19:20:39.0100 4772 C:\Windows\System32\wow64win.dll - ok
19:20:39.0100 4772 [ 91175B7E997CFAC64F271A15B4217BC7 ] C:\Program Files\Toshiba\SmartFaceV\FaceHI.dll
19:20:39.0100 4772 C:\Program Files\Toshiba\SmartFaceV\FaceHI.dll - ok
19:20:39.0115 4772 [ 98168B9B0656A01A321FF1BECB2C03E1 ] C:\Windows\System32\wow64cpu.dll
19:20:39.0115 4772 C:\Windows\System32\wow64cpu.dll - ok
19:20:39.0115 4772 [ D4F3176082566CEFA633B4945802D4C4 ] C:\Windows\SysWOW64\kernel32.dll
19:20:39.0115 4772 C:\Windows\SysWOW64\kernel32.dll - ok
19:20:39.0115 4772 [ 0978C2B33BDD0A7E6C563AA337DC8BA0 ] C:\Windows\SysWOW64\KernelBase.dll
19:20:39.0115 4772 C:\Windows\SysWOW64\KernelBase.dll - ok
19:20:39.0115 4772 [ 7FF15A4F092CD4A96055BA69F903E3E9 ] C:\Windows\SysWOW64\ws2_32.dll
19:20:39.0115 4772 C:\Windows\SysWOW64\ws2_32.dll - ok
19:20:39.0131 4772 [ 9DC80A8AAAAAC397BDAB3C67165A824E ] C:\Windows\SysWOW64\msvcrt.dll
19:20:39.0131 4772 C:\Windows\SysWOW64\msvcrt.dll - ok
19:20:39.0131 4772 [ C5AD8083CF94201F1F8084ECC696A8B7 ] C:\Windows\SysWOW64\rpcrt4.dll
19:20:39.0131 4772 C:\Windows\SysWOW64\rpcrt4.dll - ok
19:20:39.0131 4772 [ F08F6FCD09F9BE94C37ACC1B344685FF ] C:\Windows\SysWOW64\cryptbase.dll
19:20:39.0131 4772 C:\Windows\SysWOW64\cryptbase.dll - ok
19:20:39.0131 4772 [ CFC97F07904067A1E5FAE195D534DA3A ] C:\Windows\SysWOW64\sechost.dll
19:20:39.0131 4772 C:\Windows\SysWOW64\sechost.dll - ok
19:20:39.0147 4772 [ EDA7AD21DF8945528F01F0A86D69E524 ] C:\Windows\SysWOW64\sspicli.dll
19:20:39.0147 4772 C:\Windows\SysWOW64\sspicli.dll - ok
19:20:39.0147 4772 [ 2A57197F60CA9E0A0D9DFE88D55626E0 ] C:\Program Files\AVAST Software\Avast\aswCmnBS.dll
19:20:39.0147 4772 C:\Program Files\AVAST Software\Avast\aswCmnBS.dll - ok
19:20:39.0147 4772 [ 622D0B2C57EBC93CF9BD027B1DA22172 ] C:\Program Files\AVAST Software\Avast\aswCmnIS.dll
19:20:39.0147 4772 C:\Program Files\AVAST Software\Avast\aswCmnIS.dll - ok
19:20:39.0147 4772 [ ABCD006DFCBC7CF6E0E72051AAFFCAB0 ] C:\Program Files\AVAST Software\Avast\aswCmnOS.dll
19:20:39.0147 4772 C:\Program Files\AVAST Software\Avast\aswCmnOS.dll - ok
19:20:39.0162 4772 [ 6377051C63D5552A311935C67E9FDFDC ] C:\Windows\SysWOW64\nsi.dll
19:20:39.0162 4772 C:\Windows\SysWOW64\nsi.dll - ok
19:20:39.0162 4772 [ B3892E6DA8E2C8CE4B0A9D3EB9A185E5 ] C:\Windows\winsxs\x86_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.4940_none_50916076bcb9a742\msvcr90.dll
19:20:39.0162 4772 C:\Windows\winsxs\x86_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.4940_none_50916076bcb9a742\msvcr90.dll - ok
19:20:39.0162 4772 [ 5E0DB2D8B2750543CD2EBB9EA8E6CDD3 ] C:\Windows\SysWOW64\user32.dll
19:20:39.0162 4772 C:\Windows\SysWOW64\user32.dll - ok
19:20:39.0162 4772 [ D6D3AD7BF1D6F6CE9547613ED5E170A2 ] C:\Windows\SysWOW64\gdi32.dll
19:20:39.0162 4772 C:\Windows\SysWOW64\gdi32.dll - ok
19:20:39.0178 4772 [ 384721EF4024890092625E20CADFAF85 ] C:\Windows\SysWOW64\lpk.dll
19:20:39.0178 4772 C:\Windows\SysWOW64\lpk.dll - ok
19:20:39.0178 4772 [ 804AAAFEBB3AD5F49334DD906BCB1DE5 ] C:\Windows\SysWOW64\usp10.dll
19:20:39.0178 4772 C:\Windows\SysWOW64\usp10.dll - ok
19:20:39.0178 4772 [ 95E2376B3323F062EB562B8586D0F14A ] C:\Windows\SysWOW64\advapi32.dll
19:20:39.0178 4772 C:\Windows\SysWOW64\advapi32.dll - ok
19:20:39.0193 4772 [ DB001FAEA818AE2E14A74E0ADC530FC0 ] C:\Windows\winsxs\x86_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.4940_none_50916076bcb9a742\msvcp90.dll
19:20:39.0193 4772 C:\Windows\winsxs\x86_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.4940_none_50916076bcb9a742\msvcp90.dll - ok
19:20:39.0193 4772 [ E8FFC14D8CF54A7D5A3E4C6EAD38E963 ] C:\Program Files\AVAST Software\Avast\ashBase.dll
19:20:39.0193 4772 C:\Program Files\AVAST Software\Avast\ashBase.dll - ok
19:20:39.0193 4772 [ 63AFFE4C27760BEAFA966CB28BEB0BD1 ] C:\Program Files\AVAST Software\Avast\aswEngLdr.dll
19:20:39.0193 4772 C:\Program Files\AVAST Software\Avast\aswEngLdr.dll - ok
19:20:39.0193 4772 [ 15BE2309C00B0EBBE0D420BD42C3E0F1 ] C:\Program Files\Toshiba\SmartFaceV\SmartFaceVLogOn.dll
19:20:39.0193 4772 C:\Program Files\Toshiba\SmartFaceV\SmartFaceVLogOn.dll - ok
19:20:39.0209 4772 [ A6F09E5669D9A19035F6D942CAA15882 ] C:\Windows\SysWOW64\imm32.dll
19:20:39.0209 4772 C:\Windows\SysWOW64\imm32.dll - ok
19:20:39.0209 4772 [ A543AC1F7138376D778D630A35FCBC4C ] C:\Windows\SysWOW64\psapi.dll
19:20:39.0209 4772 C:\Windows\SysWOW64\psapi.dll - ok
19:20:39.0209 4772 [ 702254574E7E52052DE39408457B7149 ] C:\Windows\SysWOW64\version.dll
19:20:39.0209 4772 C:\Windows\SysWOW64\version.dll - ok
19:20:39.0209 4772 [ DF13A51A5C591887D2EC6AE64CEED0FA ] C:\Windows\SysWOW64\wsock32.dll
19:20:39.0209 4772 C:\Windows\SysWOW64\wsock32.dll - ok
19:20:39.0225 4772 [ C9618BC9B2B0FD7C1138D8774795A79B ] C:\Windows\SysWOW64\msctf.dll
19:20:39.0225 4772 C:\Windows\SysWOW64\msctf.dll - ok
19:20:39.0225 4772 [ 972C3301DB3DA91AE06A95F6B4160B1B ] C:\Windows\System32\certCredProvider.dll
19:20:39.0225 4772 C:\Windows\System32\certCredProvider.dll - ok
19:20:39.0225 4772 [ 9BC8610C32C96A2983A65DC21CAFA921 ] C:\Windows\System32\UXInit.dll
19:20:39.0225 4772 C:\Windows\System32\UXInit.dll - ok
19:20:39.0225 4772 [ 7097425051CE67B450EBF2B1390AE492 ] C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDCREDPROV.DLL
19:20:39.0225 4772 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDCREDPROV.DLL - ok
19:20:39.0240 4772 [ 87FA0C48C3B2E9FEE518818FE26B15B5 ] C:\Windows\System32\rasplap.dll
19:20:39.0240 4772 C:\Windows\System32\rasplap.dll - ok
19:20:39.0240 4772 [ 53223B673A3FA2F9A4D1C31C8D3F6CD8 ] C:\Windows\SysWOW64\dbghelp.dll
19:20:39.0240 4772 C:\Windows\SysWOW64\dbghelp.dll - ok
19:20:39.0240 4772 [ 019CD868461B646E09BDF04474C19341 ] C:\Windows\System32\rasapi32.dll
19:20:39.0240 4772 C:\Windows\System32\rasapi32.dll - ok
19:20:39.0240 4772 [ B28DEEC597C8DEB70C744C7CF9210E3E ] C:\Windows\System32\rasman.dll
19:20:39.0240 4772 C:\Windows\System32\rasman.dll - ok
19:20:39.0256 4772 [ E7470049933725C2ACF035DD3EBB3DC6 ] C:\Program Files\AVAST Software\Avast\1033\Base.dll
19:20:39.0256 4772 C:\Program Files\AVAST Software\Avast\1033\Base.dll - ok
19:20:39.0256 4772 [ B53C4B69B695EDA1B7E41D35CA4244E2 ] C:\Windows\System32\rtutils.dll
19:20:39.0256 4772 C:\Windows\System32\rtutils.dll - ok
19:20:39.0256 4772 [ 2FCA0D2C59A855C54BAFA22AA329DF0F ] C:\Windows\SysWOW64\netapi32.dll
19:20:39.0256 4772 C:\Windows\SysWOW64\netapi32.dll - ok
19:20:39.0256 4772 [ 20B3934DB73EABA2B49B7177873CB81F ] C:\Windows\SysWOW64\netutils.dll
19:20:39.0256 4772 C:\Windows\SysWOW64\netutils.dll - ok
19:20:39.0271 4772 [ 5CCDCD40E732D54E0F7451AC66AC1C87 ] C:\Windows\SysWOW64\srvcli.dll
19:20:39.0271 4772 C:\Windows\SysWOW64\srvcli.dll - ok
19:20:39.0271 4772 [ E5A4A1326A02F8E7B59E6C3270CE7202 ] C:\Windows\SysWOW64\wkscli.dll
19:20:39.0271 4772 C:\Windows\SysWOW64\wkscli.dll - ok
19:20:39.0271 4772 [ 465BEA35F7ED4A4A57686DEA7EA10F47 ] C:\Windows\SysWOW64\cscapi.dll
19:20:39.0271 4772 C:\Windows\SysWOW64\cscapi.dll - ok
19:20:39.0271 4772 [ 56392A10FB72F0856E02E989E4A9D405 ] C:\Program Files\AVAST Software\Avast\ashServ.dll
19:20:39.0271 4772 C:\Program Files\AVAST Software\Avast\ashServ.dll - ok
19:20:39.0287 4772 [ AAF932B4011D14052955D4B212A4DA8D ] C:\Windows\System32\shsvcs.dll
19:20:39.0287 4772 C:\Windows\System32\shsvcs.dll - ok
19:20:39.0287 4772 [ A955AAD5BABAB27CAE88CBEC07401F51 ] C:\Program Files\AVAST Software\Avast\ashTask.dll
19:20:39.0287 4772 C:\Program Files\AVAST Software\Avast\ashTask.dll - ok
19:20:39.0287 4772 [ E293C073DFD8A224ED4C0EEECB282C42 ] C:\Program Files\AVAST Software\Avast\ashTaskEx.dll
19:20:39.0287 4772 C:\Program Files\AVAST Software\Avast\ashTaskEx.dll - ok
19:20:39.0287 4772 [ 93B2F0C0E82680202F9417962F04383A ] C:\Program Files\AVAST Software\Avast\aswAux.dll
19:20:39.0287 4772 C:\Program Files\AVAST Software\Avast\aswAux.dll - ok
19:20:39.0303 4772 [ 09FF9B9F7316A21B6269FED8CCD51320 ] C:\Program Files\AVAST Software\Avast\aswLog.dll
19:20:39.0303 4772 C:\Program Files\AVAST Software\Avast\aswLog.dll - ok
19:20:39.0303 4772 [ 0F69DFFC9975A322B3F681EC2EA86FEF ] C:\Program Files\AVAST Software\Avast\aswProperty.dll
19:20:39.0303 4772 C:\Program Files\AVAST Software\Avast\aswProperty.dll - ok
19:20:39.0303 4772 [ DC21576533E5BA5FB6D7B51ED88C93F9 ] C:\Program Files\AVAST Software\Avast\aswSqLt.dll
19:20:39.0303 4772 C:\Program Files\AVAST Software\Avast\aswSqLt.dll - ok
19:20:39.0303 4772 [ 928CF7268086631F54C3D8E17238C6DD ] C:\Windows\SysWOW64\ole32.dll
19:20:39.0303 4772 C:\Windows\SysWOW64\ole32.dll - ok
19:20:39.0318 4772 [ C0727AA6B63C80149B79EA53099D0772 ] C:\Program Files\AVAST Software\Avast\Aavm4h.dll
19:20:39.0318 4772 C:\Program Files\AVAST Software\Avast\Aavm4h.dll - ok
19:20:39.0318 4772 [ DC52DB637B27E2004237B4FAC7CAEF69 ] C:\Program Files (x86)\TOSHIBA\Wireless LAN Indicator\tosIndicator.exe
19:20:39.0318 4772 C:\Program Files (x86)\TOSHIBA\Wireless LAN Indicator\tosIndicator.exe - ok
19:20:39.0318 4772 [ 01EB8125481C4FA2C400350534FEA31F ] C:\Program Files\AVAST Software\Avast\AavmRpch.dll
19:20:39.0318 4772 C:\Program Files\AVAST Software\Avast\AavmRpch.dll - ok
19:20:39.0318 4772 [ 0F766485C7093831D9302BABD16A623B ] C:\Program Files\AVAST Software\Avast\aswDld.dll
19:20:39.0318 4772 C:\Program Files\AVAST Software\Avast\aswDld.dll - ok
19:20:39.0334 4772 [ 720A8712006CF6C37172BD57B26BA556 ] C:\Program Files\AVAST Software\Avast\aswIdle.dll
19:20:39.0334 4772 C:\Program Files\AVAST Software\Avast\aswIdle.dll - ok
19:20:39.0334 4772 [ 265C2D93FCF0B5EF0B9461BBAEF11F6F ] C:\Program Files\AVAST Software\Avast\aswStrm.dll
19:20:39.0334 4772 C:\Program Files\AVAST Software\Avast\aswStrm.dll - ok
19:20:39.0334 4772 [ 8CC3C111D653E96F3EA1590891491D71 ] C:\Windows\SysWOW64\shlwapi.dll
19:20:39.0334 4772 C:\Windows\SysWOW64\shlwapi.dll - ok
19:20:39.0349 4772 [ 5AA945234E9D4CCE4F715276B9AA712C ] C:\Windows\System32\imageres.dll
19:20:39.0349 4772 C:\Windows\System32\imageres.dll - ok
19:20:39.0349 4772 [ F436E847FA799ECD75AD8C313673F450 ] C:\Windows\SysWOW64\cfgmgr32.dll
19:20:39.0349 4772 C:\Windows\SysWOW64\cfgmgr32.dll - ok
19:20:39.0349 4772 [ 6A6B2EE4565A178035BE2A4FF6F2C968 ] C:\Windows\SysWOW64\wtsapi32.dll
19:20:39.0349 4772 C:\Windows\SysWOW64\wtsapi32.dll - ok
19:20:39.0349 4772 [ 262F6592C3299C005FD6BEC90FC4463A ] C:\Windows\System32\schedsvc.dll
19:20:39.0349 4772 C:\Windows\System32\schedsvc.dll - ok
19:20:39.0365 4772 [ 0ADC83218B66A6DB380C330836F3E36D ] C:\Windows\System32\drivers\fastfat.sys
19:20:39.0365 4772 C:\Windows\System32\drivers\fastfat.sys - ok
19:20:39.0365 4772 [ BC414631876B2F28B8DAB08E849C12C5 ] C:\Windows\System32\ktmw32.dll
19:20:39.0365 4772 C:\Windows\System32\ktmw32.dll - ok
19:20:39.0365 4772 [ 5997D769CDB108390DCFAEBF442BF816 ] C:\Windows\SysWOW64\RpcRtRemote.dll
19:20:39.0365 4772 C:\Windows\SysWOW64\RpcRtRemote.dll - ok
19:20:39.0365 4772 [ D83947A58613E9091B4C9CC0F1546A8D ] C:\Windows\SysWOW64\mscoree.dll
19:20:39.0365 4772 C:\Windows\SysWOW64\mscoree.dll - ok
19:20:39.0381 4772 [ 6C765E82B57F2E66CE9C54AC238471D9 ] C:\Windows\SysWOW64\oleaut32.dll
19:20:39.0381 4772 C:\Windows\SysWOW64\oleaut32.dll - ok
19:20:39.0381 4772 [ 8258362DDB18B644A82D8B5061AD9426 ] C:\Windows\SysWOW64\wscisvif.dll
19:20:39.0381 4772 C:\Windows\SysWOW64\wscisvif.dll - ok
19:20:39.0381 4772 [ A8CDF3768604FF95B54669E20053D569 ] C:\Windows\SysWOW64\wscapi.dll
19:20:39.0381 4772 C:\Windows\SysWOW64\wscapi.dll - ok
19:20:39.0381 4772 [ F5DF6846F30E9F54EA60CCAEB3FB2055 ] C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscoreei.dll
19:20:39.0381 4772 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscoreei.dll - ok
19:20:39.0396 4772 [ 8B92BED5B8D4A8480E7AA631F35A6F35 ] C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorwks.dll
19:20:39.0396 4772 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorwks.dll - ok
19:20:39.0396 4772 [ 6DC4A7242F565C9E9C9CCC7BB0FA75C7 ] C:\Windows\System32\taskcomp.dll
19:20:39.0396 4772 C:\Windows\System32\taskcomp.dll - ok
19:20:39.0396 4772 [ 9184FA2B677CBF2F8E26098980E47304 ] C:\Program Files\AVAST Software\Avast\defs\13010100\aswEngin.dll
19:20:39.0396 4772 C:\Program Files\AVAST Software\Avast\defs\13010100\aswEngin.dll - ok
19:20:39.0396 4772 [ 0EA7DE1ACB728DD5A369FD742D6EEE28 ] C:\Windows\System32\drivers\http.sys
19:20:39.0396 4772 C:\Windows\System32\drivers\http.sys - ok
19:20:39.0412 4772 [ 85DAA09A98C9286D4EA2BA8D0E644377 ] C:\Windows\System32\spoolsv.exe
19:20:39.0412 4772 C:\Windows\System32\spoolsv.exe - ok
19:20:39.0412 4772 [ 82974D6A2FD19445CC5171FC378668A4 ] C:\Windows\System32\BFE.DLL
19:20:39.0412 4772 C:\Windows\System32\BFE.DLL - ok
19:20:39.0412 4772 [ A94AF354E4EA9C835DCF3E60EC75911C ] C:\Program Files\AVAST Software\Avast\defs\13010100\aswCmnOS.dll
19:20:39.0412 4772 C:\Program Files\AVAST Software\Avast\defs\13010100\aswCmnOS.dll - ok
19:20:39.0412 4772 [ F8AC522C1DAEED05BDA7C0E4E394BCD7 ] C:\Program Files\AVAST Software\Avast\defs\13010100\aswCmnIS.dll
19:20:39.0412 4772 C:\Program Files\AVAST Software\Avast\defs\13010100\aswCmnIS.dll - ok
19:20:39.0427 4772 [ 6C02A83164F5CC0A262F4199F0871CF5 ] C:\Windows\System32\drivers\bowser.sys
19:20:39.0427 4772 C:\Windows\System32\drivers\bowser.sys - ok
19:20:39.0427 4772 [ 6C38C9E45AE0EA2FA5E551F2ED5E978F ] C:\Windows\System32\drivers\mpsdrv.sys
19:20:39.0427 4772 C:\Windows\System32\drivers\mpsdrv.sys - ok
19:20:39.0427 4772 [ A5D9106A73DC88564C825D317CAC68AC ] C:\Windows\System32\drivers\mrxsmb.sys
19:20:39.0427 4772 C:\Windows\System32\drivers\mrxsmb.sys - ok
19:20:39.0427 4772 [ 1E7EAFF858538C516D7358C360605E3A ] C:\Program Files\AVAST Software\Avast\defs\13010100\aswCmnBS.dll
19:20:39.0427 4772 C:\Program Files\AVAST Software\Avast\defs\13010100\aswCmnBS.dll - ok
19:20:39.0443 4772 [ D711B3C1D5F42C0C2415687BE09FC163 ] C:\Windows\System32\drivers\mrxsmb10.sys
19:20:39.0443 4772 C:\Windows\System32\drivers\mrxsmb10.sys - ok
19:20:39.0443 4772 [ 9423E9D355C8D303E76B8CFBD8A5C30C ] C:\Windows\System32\drivers\mrxsmb20.sys
19:20:39.0443 4772 C:\Windows\System32\drivers\mrxsmb20.sys - ok
19:20:39.0443 4772 [ 2E929D6CF669AEF225552EEA9BE7E150 ] C:\Program Files\AVAST Software\Avast\defs\13010100\aswScan.dll
19:20:39.0443 4772 C:\Program Files\AVAST Software\Avast\defs\13010100\aswScan.dll - ok
19:20:39.0443 4772 [ 851A1382EED3E3A7476DB004F4EE3E1A ] C:\Windows\System32\wkssvc.dll
19:20:39.0443 4772 C:\Windows\System32\wkssvc.dll - ok
19:20:39.0459 4772 [ C9564CF4976E7E96B4052737AA2492B4 ] C:\Windows\winsxs\x86_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.6195_none_d09154e044272b9a\msvcr80.dll
19:20:39.0459 4772 C:\Windows\winsxs\x86_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.6195_none_d09154e044272b9a\msvcr80.dll - ok
19:20:39.0459 4772 [ B1EA9681502EE57F87DB71D726288A5B ] C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
19:20:39.0459 4772 C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe - ok
19:20:39.0459 4772 [ 1752EE915B9003E1FD1FFB4DE63E538B ] C:\Program Files\AVAST Software\Avast\defs\13010100\aswRep.dll
19:20:39.0459 4772 C:\Program Files\AVAST Software\Avast\defs\13010100\aswRep.dll - ok
19:20:39.0474 4772 [ C67F8A962B2534224D5908D16D2AD3CE ] C:\Windows\System32\wfapigp.dll
19:20:39.0474 4772 C:\Windows\System32\wfapigp.dll - ok
19:20:39.0474 4772 [ CE7828A0EA430338BBCFFC6914462BAA ] C:\Program Files\AVAST Software\Avast\defs\13010100\aswFiDb.dll
19:20:39.0474 4772 C:\Program Files\AVAST Software\Avast\defs\13010100\aswFiDb.dll - ok
19:20:39.0474 4772 [ 29E9794708DF51DB5DC89FB2E903A0F6 ] C:\Windows\SysWOW64\shell32.dll
19:20:39.0474 4772 C:\Windows\SysWOW64\shell32.dll - ok
19:20:39.0474 4772 [ 1834B31C749B86DAC233BBBA1C03BC48 ] C:\Windows\System32\mscms.dll
19:20:39.0474 4772 C:\Windows\System32\mscms.dll - ok
19:20:39.0490 4772 [ 945E54F23C72D37B8CD1987AF0DB63BF ] C:\Windows\System32\fveapi.dll
19:20:39.0490 4772 C:\Windows\System32\fveapi.dll - ok
19:20:39.0490 4772 [ 891ECFD08E2C538B7948CBC45106D697 ] C:\Windows\System32\fvecerts.dll
19:20:39.0490 4772 C:\Windows\System32\fvecerts.dll - ok
19:20:39.0490 4772 [ 3AEAA8B561E63452C655DC0584922257 ] C:\Windows\System32\pcasvc.dll
19:20:39.0490 4772 C:\Windows\System32\pcasvc.dll - ok
19:20:39.0490 4772 [ 694865362F0965779F92BCFE97712323 ] C:\Windows\System32\tbs.dll
19:20:39.0490 4772 C:\Windows\System32\tbs.dll - ok
19:20:39.0505 4772 [ 6313F223E817CC09AA41811DAA7F541D ] C:\Windows\System32\snmptrap.exe
19:20:39.0505 4772 C:\Windows\System32\snmptrap.exe - ok
19:20:39.0505 4772 [ ACA9FE773DE11A40D116155794976192 ] C:\Program Files\AVAST Software\Avast\defs\13010100\algo.dll
19:20:39.0505 4772 C:\Program Files\AVAST Software\Avast\defs\13010100\algo.dll - ok
19:20:39.0505 4772 [ 10EAB90C1AE8271B5FE5A8930987EE5C ] C:\Program Files\Windows Live\Mesh\WLRemoteServiceResource.dll
19:20:39.0505 4772 C:\Program Files\Windows Live\Mesh\WLRemoteServiceResource.dll - ok
19:20:39.0521 4772 [ 7C00C608FE4C8EDE9E30940837B9AC8B ] C:\Windows\Microsoft.NET\Framework64\v4.0.30319\ServiceModelEvents.dll
19:20:39.0521 4772 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\ServiceModelEvents.dll - ok
19:20:39.0521 4772 [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB ] C:\Windows\System32\sstpsvc.dll
19:20:39.0521 4772 C:\Windows\System32\sstpsvc.dll - ok
19:20:39.0521 4772 [ 908ACB1F594274965A53926B10C81E89 ] C:\Windows\System32\provsvc.dll
19:20:39.0521 4772 C:\Windows\System32\provsvc.dll - ok
19:20:39.0521 4772 [ 8269210DAF3B12BC8300631B28A2A442 ] C:\Windows\System32\wiarpc.dll
19:20:39.0521 4772 C:\Windows\System32\wiarpc.dll - ok
19:20:39.0537 4772 [ FECA97242B3B404D79DA2E607207D9FC ] C:\Program Files\AVAST Software\Avast\Setup\setiface.dll
19:20:39.0537 4772 C:\Program Files\AVAST Software\Avast\Setup\setiface.dll - ok
19:20:39.0537 4772 [ 60D21799A4AF4EDCE65FB98830E4B0C8 ] C:\Windows\SysWOW64\crypt32.dll
19:20:39.0537 4772 C:\Windows\SysWOW64\crypt32.dll - ok
19:20:39.0537 4772 [ C733D233B623B7FFCE5031E4B756EE26 ] C:\Windows\SysWOW64\profapi.dll
19:20:39.0537 4772 C:\Windows\SysWOW64\profapi.dll - ok
19:20:39.0537 4772 [ 31D59387099070963EAD4CE14C5B5F04 ] C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\187d7c66735c533de851c76384f86912\mscorlib.ni.dll
19:20:39.0537 4772 C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\187d7c66735c533de851c76384f86912\mscorlib.ni.dll - ok
19:20:39.0552 4772 [ 938F39B50BAFE13D6F58C7790682C010 ] C:\Windows\SysWOW64\msasn1.dll
19:20:39.0552 4772 C:\Windows\SysWOW64\msasn1.dll - ok
19:20:39.0552 4772 [ 17448AF0BBA9E7AB5EC955AF93F271BD ] C:\Windows\SysWOW64\wintrust.dll
19:20:39.0552 4772 C:\Windows\SysWOW64\wintrust.dll - ok
19:20:39.0552 4772 [ 8792BAB371B4B1589E015B6FD1ED3B15 ] C:\Windows\System32\cryptnet.dll
19:20:39.0552 4772 C:\Windows\System32\cryptnet.dll - ok
19:20:39.0552 4772 [ 9C01375BE382E834CC26D1B7EAF2C4FE ] C:\Windows\System32\cryptsvc.dll
19:20:39.0552 4772 C:\Windows\System32\cryptsvc.dll - ok
19:20:39.0568 4772 [ B26F4F737E8F9DF4F31AF6CF31D05820 ] C:\Windows\System32\dps.dll
19:20:39.0568 4772 C:\Windows\System32\dps.dll - ok
19:20:39.0568 4772 [ 802496CB59A30349F9A6DD22D6947644 ] C:\Windows\System32\FDResPub.dll
19:20:39.0568 4772 C:\Windows\System32\FDResPub.dll - ok
19:20:39.0568 4772 [ FCD84C381E0140AF901E58D48882D26B ] C:\Windows\System32\IKEEXT.DLL
19:20:39.0568 4772 C:\Windows\System32\IKEEXT.DLL - ok
19:20:39.0568 4772 [ 847D3AE376C0817161A14A82C8922A9E ] C:\Windows\System32\netman.dll
19:20:39.0568 4772 C:\Windows\System32\netman.dll - ok
19:20:39.0583 4772 [ 0E2F58F6E698EDCB9E58FAD0CBCD0567 ] C:\Windows\System32\vssapi.dll
19:20:39.0583 4772 C:\Windows\System32\vssapi.dll - ok
19:20:39.0583 4772 [ F1B205F932F62F94506A5F332C895DAF ] C:\Windows\System32\WSDApi.dll
19:20:39.0583 4772 C:\Windows\System32\WSDApi.dll - ok
19:20:39.0583 4772 [ BAAFAF9CEAEC0B73C2A3550A01F6CECB ] C:\Windows\System32\taskschd.dll
19:20:39.0583 4772 C:\Windows\System32\taskschd.dll - ok
19:20:39.0583 4772 [ C55516D98DD5D8F0153C2A9B4227DA86 ] C:\Windows\System32\webservices.dll
19:20:39.0583 4772 C:\Windows\System32\webservices.dll - ok
19:20:39.0599 4772 [ 77B5035BC6EDF4D1B6265391AECEE4C0 ] C:\Windows\System32\vpnikeapi.dll
19:20:39.0599 4772 C:\Windows\System32\vpnikeapi.dll - ok
19:20:39.0599 4772 [ B5055B51BAA0FD0A736A88653DA3C1C0 ] C:\Windows\System32\fundisc.dll
19:20:39.0599 4772 C:\Windows\System32\fundisc.dll - ok
19:20:39.0599 4772 [ 8AD77806D336673F270DB31645267293 ] C:\Windows\System32\nlasvc.dll
19:20:39.0599 4772 C:\Windows\System32\nlasvc.dll - ok
19:20:39.0599 4772 [ 287923557447D7E4BDD7E65B1F0F5428 ] C:\Windows\System32\vsstrace.dll
19:20:39.0599 4772 C:\Windows\System32\vsstrace.dll - ok
19:20:39.0615 4772 [ 6689ABEAD3F6E364E9D50FBE8E459E16 ] C:\Windows\SysWOW64\npstartersvc.exe
19:20:39.0615 4772 C:\Windows\SysWOW64\npstartersvc.exe - ok
19:20:39.0615 4772 [ D4FAC263861BAE06971C7F7D0A8EBF15 ] C:\Windows\System32\ncsi.dll
19:20:39.0615 4772 C:\Windows\System32\ncsi.dll - ok
19:20:39.0615 4772 [ 58F4493BF748A3A89689997B7BD00E95 ] C:\Windows\System32\winhttp.dll
19:20:39.0615 4772 C:\Windows\System32\winhttp.dll - ok
19:20:39.0615 4772 [ 603EBD34E216C5654A2D774EAC98D278 ] C:\Windows\System32\webio.dll
19:20:39.0615 4772 C:\Windows\System32\webio.dll - ok
19:20:39.0630 4772 [ 9E4B0E7472B4CEBA9E17F440B8CB0AB8 ] C:\Windows\SysWOW64\winspool.drv
19:20:39.0630 4772 C:\Windows\SysWOW64\winspool.drv - ok
19:20:39.0630 4772 [ D1DE1EAFDE97BE41CF6585027FF3E732 ] C:\Windows\SysWOW64\comdlg32.dll
19:20:39.0630 4772 C:\Windows\SysWOW64\comdlg32.dll - ok
19:20:39.0630 4772 [ BCEA9AB347E53BC03B2E36BE0B8BA0EF ] C:\Windows\System32\httpapi.dll
19:20:39.0630 4772 C:\Windows\System32\httpapi.dll - ok
19:20:39.0630 4772 [ 2BBF3FDB70B8965DFA0258CBAB41ECCE ] C:\Windows\System32\ssdpapi.dll
19:20:39.0630 4772 C:\Windows\System32\ssdpapi.dll - ok
19:20:39.0646 4772 [ 43964FA89CCF97BA6BE34D69455AC65F ] C:\Windows\SysWOW64\uxtheme.dll
19:20:39.0646 4772 C:\Windows\SysWOW64\uxtheme.dll - ok
19:20:39.0646 4772 [ 6D6596E046CA6A61DE250AD3A281A1AF ] C:\Windows\assembly\NativeImages_v2.0.50727_32\System\9dd758ac0bf7358ac6e4720610fcc63c\System.ni.dll
19:20:39.0646 4772 C:\Windows\assembly\NativeImages_v2.0.50727_32\System\9dd758ac0bf7358ac6e4720610fcc63c\System.ni.dll - ok
19:20:39.0646 4772 [ BDAC1AA64495D0F7E1FF810EBBF1F018 ] C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_5.82.7601.17514_none_ec83dffa859149af\comctl32.dll
19:20:39.0646 4772 C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_5.82.7601.17514_none_ec83dffa859149af\comctl32.dll - ok
19:20:39.0661 4772 [ 1727B2A2F379A32B864C096FA794AADC ] C:\Windows\System32\aepic.dll
19:20:39.0661 4772 C:\Windows\System32\aepic.dll - ok
19:20:39.0661 4772 [ 68769C3356B3BE5D1C732C97B9A80D6E ] C:\Windows\System32\drivers\PEAuth.sys
19:20:39.0661 4772 C:\Windows\System32\drivers\PEAuth.sys - ok
19:20:39.0661 4772 [ 418E881201583A3039D81F43E39E6C78 ] C:\Windows\SysWOW64\winsta.dll
19:20:39.0661 4772 C:\Windows\SysWOW64\winsta.dll - ok
19:20:39.0661 4772 [ F07AF60B152221472FBDB2FECEC4896D ] C:\Program Files (x86)\Skype\Updater\Updater.exe
19:20:39.0661 4772 C:\Program Files (x86)\Skype\Updater\Updater.exe - ok
19:20:39.0677 4772 [ 3EA8A16169C26AFBEB544E0E48421186 ] C:\Windows\System32\drivers\secdrv.sys
19:20:39.0677 4772 C:\Windows\System32\drivers\secdrv.sys - ok
19:20:39.0677 4772 [ BC617A4E1B4FA8DF523A061739A0BD87 ] C:\Windows\System32\seclogon.dll
19:20:39.0677 4772 C:\Windows\System32\seclogon.dll - ok
19:20:39.0677 4772 [ C6DCD1D11ED6827F05C00773C3E7053C ] C:\Windows\System32\sfc.dll
19:20:39.0677 4772 C:\Windows\System32\sfc.dll - ok
19:20:39.0677 4772 [ 895C9AB0A855547445C4181195230757 ] C:\Windows\System32\sfc_os.dll
19:20:39.0677 4772 C:\Windows\System32\sfc_os.dll - ok
19:20:39.0677 4772 [ D15618A0FF8DBC2C5BF3726BACC75A0B ] C:\Windows\SysWOW64\userenv.dll
19:20:39.0677 4772 C:\Windows\SysWOW64\userenv.dll - ok
19:20:39.0693 4772 [ 27E461F0BE5BFF5FC737328F749538C3 ] C:\Windows\System32\drivers\srvnet.sys
19:20:39.0693 4772 C:\Windows\System32\drivers\srvnet.sys - ok
19:20:39.0693 4772 [ FF5688D309347F2720911D8796912834 ] C:\Windows\SysWOW64\clbcatq.dll
19:20:39.0693 4772 C:\Windows\SysWOW64\clbcatq.dll - ok
19:20:39.0693 4772 [ 1B16D0BD9841794A6E0CDE0CEF744ABC ] C:\Windows\System32\drivers\tcpipreg.sys
19:20:39.0693 4772 C:\Windows\System32\drivers\tcpipreg.sys - ok
19:20:39.0708 4772 [ BF9CCC0BF39B418C8D0AE8B05CF95B7D ] C:\Windows\System32\sysmain.dll
19:20:39.0708 4772 C:\Windows\System32\sysmain.dll - ok
19:20:39.0708 4772 [ 8DD52E8E6128F4B2DA92CE27402871C1 ] C:\Windows\System32\wiaservc.dll
19:20:39.0708 4772 C:\Windows\System32\wiaservc.dll - ok
19:20:39.0708 4772 [ 40F0849F65D13EE87B9A9AE3C1DD6823 ] C:\Windows\System32\tapisrv.dll
19:20:39.0708 4772 C:\Windows\System32\tapisrv.dll - ok
19:20:39.0708 4772 [ 0364256B4A2A93A8C8CDA6B3B5A0EFF5 ] C:\Windows\System32\wiatrace.dll
19:20:39.0708 4772 C:\Windows\System32\wiatrace.dll - ok
19:20:39.0708 4772 [ 7321F18D1F820612ED0E9F2D4B578A7E ] C:\Windows\SysWOW64\cryptsp.dll
19:20:39.0708 4772 C:\Windows\SysWOW64\cryptsp.dll - ok
19:20:39.0724 4772 [ 8E2C799D3476EAC32C3BA0DF7CE6AF19 ] C:\Windows\System32\TODDSrv.exe
19:20:39.0724 4772 C:\Windows\System32\TODDSrv.exe - ok
19:20:39.0724 4772 [ ED8EC63F7522DF4852147C84EC62C36A ] C:\Windows\SysWOW64\rsaenh.dll
19:20:39.0724 4772 C:\Windows\SysWOW64\rsaenh.dll - ok
19:20:39.0724 4772 [ CDC97FA5C42B07FB0D4600E17C32F582 ] C:\Program Files\Toshiba\Power Saver\TosCoSrv.exe
19:20:39.0724 4772 C:\Program Files\Toshiba\Power Saver\TosCoSrv.exe - ok
19:20:39.0739 4772 [ 1E0892351AD2A85D3448978FFFD2CF25 ] C:\Program Files\Toshiba\Power Saver\TPwrFunc.dll
19:20:39.0739 4772 C:\Program Files\Toshiba\Power Saver\TPwrFunc.dll - ok
19:20:39.0739 4772 [ 20FC7C01204EC5AC975F5F793599A17D ] C:\Program Files\Toshiba\Power Saver\TPwrReg.dll
19:20:39.0739 4772 C:\Program Files\Toshiba\Power Saver\TPwrReg.dll - ok
19:20:39.0739 4772 [ 7E7AFD841694F6AC397E99D75CEAD49D ] C:\Windows\System32\trkwks.dll
19:20:39.0739 4772 C:\Windows\System32\trkwks.dll - ok
19:20:39.0739 4772 [ 19B07E7E8915D701225DA41CB3877306 ] C:\Windows\System32\wbem\WMIsvc.dll
19:20:39.0739 4772 C:\Windows\System32\wbem\WMIsvc.dll - ok
19:20:39.0755 4772 [ 7E47C328FC4768CB8BEAFBCFAFA70362 ] C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
19:20:39.0755 4772 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE - ok
19:20:39.0755 4772 [ 7DB5AA22A8A8E5C2D335F44853C1F6DE ] C:\Windows\System32\wbemcomn.dll
19:20:39.0755 4772 C:\Windows\System32\wbemcomn.dll - ok
19:20:39.0755 4772 [ 0255C22D99602534F15CBB8D9B6F152F ] C:\Windows\System32\wbem\WinMgmtR.dll
19:20:39.0755 4772 C:\Windows\System32\wbem\WinMgmtR.dll - ok
19:20:39.0755 4772 [ 0C52762C606BCF6A377D5E4688191A6B ] C:\Windows\System32\wbem\WmiDcPrv.dll
19:20:39.0755 4772 C:\Windows\System32\wbem\WmiDcPrv.dll - ok
19:20:39.0771 4772 [ A3F5E8EC1316C3E2562B82694A251C9E ] C:\Windows\System32\wbem\fastprox.dll
19:20:39.0771 4772 C:\Windows\System32\wbem\fastprox.dll - ok
19:20:39.0771 4772 [ 93812FDC01AA864195816CD814445F95 ] C:\Program Files\Common Files\Microsoft Shared\Windows Live\SQMAPI.DLL
19:20:39.0771 4772 C:\Program Files\Common Files\Microsoft Shared\Windows Live\SQMAPI.DLL - ok
19:20:39.0771 4772 [ B837D1528CE2E3CB79F09496BC08DDC6 ] C:\Windows\System32\SensApi.dll
19:20:39.0771 4772 C:\Windows\System32\SensApi.dll - ok
19:20:39.0771 4772 [ CF318F60A84F15AF352439465A8D05F4 ] C:\Program Files\Windows Defender\MpSvc.dll
19:20:39.0771 4772 C:\Program Files\Windows Defender\MpSvc.dll - ok
19:20:39.0786 4772 [ 27E91334640AC40EC8522985B51087ED ] C:\Windows\SysWOW64\npnj5Agent.exe
19:20:39.0786 4772 C:\Windows\SysWOW64\npnj5Agent.exe - ok
19:20:39.0786 4772 [ 9689A9C7F7C2A1A423CDA2C3B43FFF65 ] C:\Windows\System32\wer.dll
19:20:39.0786 4772 C:\Windows\System32\wer.dll - ok
19:20:39.0786 4772 [ 08C2957BB30058E663720C5606885653 ] C:\Windows\System32\iphlpsvc.dll
19:20:39.0786 4772 C:\Windows\System32\iphlpsvc.dll - ok
19:20:39.0786 4772 [ EE26D130808D16C0E417BBBED0451B34 ] C:\Windows\System32\ntdsapi.dll
19:20:39.0786 4772 C:\Windows\System32\ntdsapi.dll - ok
19:20:39.0802 4772 [ E2102B5AC1303C2E045B926B9C745F6F ] C:\ProgramData\Microsoft\IdentityCRL\production\ppcrlconfig600.dll
19:20:39.0802 4772 C:\ProgramData\Microsoft\IdentityCRL\production\ppcrlconfig600.dll - ok
19:20:39.0802 4772 [ 666A60F6F5E719856FF6254E0966EFF7 ] C:\Windows\System32\wbem\wbemprox.dll
19:20:39.0802 4772 C:\Windows\System32\wbem\wbemprox.dll - ok
19:20:39.0802 4772 [ 27B9E163740A226B65E4B9E186117911 ] C:\Windows\System32\sqmapi.dll
19:20:39.0802 4772 C:\Windows\System32\sqmapi.dll - ok
19:20:39.0802 4772 [ ADF3E771F429940E762AC097F5A54EAF ] C:\Program Files\Windows Defender\MpClient.dll
19:20:39.0802 4772 C:\Program Files\Windows Defender\MpClient.dll - ok
19:20:39.0817 4772 [ 7B38D7916A7CD058C16A0A6CA5077901 ] C:\Windows\System32\wdscore.dll
19:20:39.0817 4772 C:\Windows\System32\wdscore.dll - ok
19:20:39.0817 4772 [ 863F793D15B4026B1A5FDECA873D4D84 ] C:\Windows\SysWOW64\apphelp.dll
19:20:39.0817 4772 C:\Windows\SysWOW64\apphelp.dll - ok
19:20:39.0817 4772 [ EE867A0870FC9E4972BA9EAAD35651E2 ] C:\Windows\System32\rasmans.dll
19:20:39.0817 4772 C:\Windows\System32\rasmans.dll - ok
19:20:39.0817 4772 [ A90DC9ABD65DB1A8902F361103029952 ] C:\Windows\SysWOW64\IPHLPAPI.DLL
19:20:39.0817 4772 C:\Windows\SysWOW64\IPHLPAPI.DLL - ok
19:20:39.0833 4772 [ CFF35B879D1618D42C86644C717BA947 ] C:\Windows\SysWOW64\winnsi.dll
19:20:39.0833 4772 C:\Windows\SysWOW64\winnsi.dll - ok
19:20:39.0833 4772 [ 39C5F32747B3414D1BB216FDB1DEFC58 ] C:\Windows\SysWOW64\dwmapi.dll
19:20:39.0833 4772 C:\Windows\SysWOW64\dwmapi.dll - ok
19:20:39.0833 4772 [ CE573182F48ECC50A857023FA36D3C75 ] C:\Windows\SysWOW64\npstarterctrl.dll
19:20:39.0833 4772 C:\Windows\SysWOW64\npstarterctrl.dll - ok
19:20:39.0833 4772 [ 44C96B48112EB24AE7764EBF1C527000 ] C:\Windows\System32\rastapi.dll
19:20:39.0833 4772 C:\Windows\System32\rastapi.dll - ok
19:20:39.0849 4772 [ FAFAE01E889DC9C05A6CA2138CFC220B ] C:\Windows\System32\tapi32.dll
19:20:39.0849 4772 C:\Windows\System32\tapi32.dll - ok
19:20:39.0849 4772 [ 3B367397320C26DBA890B260F80D1B1B ] C:\Windows\System32\hnetcfg.dll
19:20:39.0849 4772 C:\Windows\System32\hnetcfg.dll - ok
19:20:39.0849 4772 [ FEB91B4DA0D540865260A33838654FA3 ] C:\Windows\System32\nci.dll
19:20:39.0849 4772 C:\Windows\System32\nci.dll - ok
19:20:39.0849 4772 [ 5EB55F661DEBF156E126160BCD4D89F8 ] C:\Windows\System32\wbem\wbemcore.dll
19:20:39.0849 4772 C:\Windows\System32\wbem\wbemcore.dll - ok
19:20:39.0864 4772 [ 7FA3A810F383588D46220967DE8B64FF ] C:\Windows\SysWOW64\wininet.dll
19:20:39.0864 4772 C:\Windows\SysWOW64\wininet.dll - ok
19:20:39.0864 4772 [ D2A0FFA75AB181B19B5EB93BB29C7686 ] C:\Windows\System32\unimdm.tsp
19:20:39.0864 4772 C:\Windows\System32\unimdm.tsp - ok
19:20:39.0864 4772 [ 210FCACAF902B2CD47CF9FD17D846146 ] C:\Windows\System32\aeevts.dll
19:20:39.0864 4772 C:\Windows\System32\aeevts.dll - ok
19:20:39.0880 4772 [ 087D8668C71634A3A3761135ABF16EEE ] C:\Windows\System32\wbem\esscli.dll
19:20:39.0880 4772 C:\Windows\System32\wbem\esscli.dll - ok
19:20:39.0880 4772 [ 718B6F51AB7F6FE2988A36868F9AD3AB ] C:\Windows\System32\wbem\wbemsvc.dll
19:20:39.0880 4772 C:\Windows\System32\wbem\wbemsvc.dll - ok
19:20:39.0880 4772 [ 28AD5E311996A34025CFB07E131058DD ] C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL
19:20:39.0880 4772 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL - ok
19:20:39.0880 4772 [ FE05D03B73000CFF476E1D29109F3A84 ] C:\Program Files\Windows Defender\MpEvMsg.dll
19:20:39.0880 4772 C:\Program Files\Windows Defender\MpEvMsg.dll - ok
19:20:39.0895 4772 [ 0143DB80DACFB7C2B5B7009ED9063353 ] C:\Windows\System32\wbem\wmiutils.dll
19:20:39.0895 4772 C:\Windows\System32\wbem\wmiutils.dll - ok
19:20:39.0895 4772 [ 0AB34456654C283DAA13B8D2BA21439B ] C:\Windows\System32\wbem\repdrvfs.dll
19:20:39.0895 4772 C:\Windows\System32\wbem\repdrvfs.dll - ok
19:20:39.0895 4772 [ 94B7DF336815B47236724019FAB24B7C ] C:\Windows\System32\uniplat.dll
19:20:39.0895 4772 C:\Windows\System32\uniplat.dll - ok
19:20:39.0895 4772 [ 780E80E5502015EDAEC91DC0A0C96A79 ] C:\Windows\SysWOW64\iertutil.dll
19:20:39.0895 4772 C:\Windows\SysWOW64\iertutil.dll - ok
19:20:39.0911 4772 [ 41326DD08ACC0CDC5F8177AF96C066E8 ] C:\Windows\System32\kmddsp.tsp
19:20:39.0911 4772 C:\Windows\System32\kmddsp.tsp - ok
19:20:39.0911 4772 [ 1D6BC2769DA66C1145F4DA5A65F52E61 ] C:\Windows\System32\ndptsp.tsp
19:20:39.0911 4772 C:\Windows\System32\ndptsp.tsp - ok
19:20:39.0911 4772 [ 7C1BAE7D23D4874FEE256A2B9C00E019 ] C:\Windows\System32\hidphone.tsp
19:20:39.0911 4772 C:\Windows\System32\hidphone.tsp - ok
19:20:39.0911 4772 [ 4266A3230981DD4434C55957F6DD497D ] C:\Windows\SysWOW64\urlmon.dll
19:20:39.0911 4772 C:\Windows\SysWOW64\urlmon.dll - ok
19:20:39.0927 4772 [ A717A35120DBAB5AB707AB40662AF9DD ] C:\Windows\System32\rasppp.dll
19:20:39.0927 4772 C:\Windows\System32\rasppp.dll - ok
19:20:39.0927 4772 [ 352B3DC62A0D259A82A052238425C872 ] C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2\comctl32.dll
19:20:39.0927 4772 C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2\comctl32.dll - ok
19:20:39.0927 4772 [ 0FE5CD5F9C9248F42D1EF56E495B182E ] C:\Windows\System32\vpnike.dll
19:20:39.0927 4772 C:\Windows\System32\vpnike.dll - ok
19:20:39.0927 4772 [ 6A84E68B538B8B04608BF2F0D426CE6F ] C:\Windows\System32\raschap.dll
19:20:39.0927 4772 C:\Windows\System32\raschap.dll - ok
19:20:39.0942 4772 [ A8EDB86FC2A4D6D1285E4C70384AC35A ] C:\Windows\System32\dllhost.exe
19:20:39.0942 4772 C:\Windows\System32\dllhost.exe - ok
19:20:39.0942 4772 [ 12C45E3CB6D65F73209549E2D02ECA7A ] C:\Windows\SysWOW64\propsys.dll
19:20:39.0942 4772 C:\Windows\SysWOW64\propsys.dll - ok
19:20:39.0942 4772 [ 14DFDEAF4E589ED3F1FF187A86B9408C ] C:\Windows\winsxs\amd64_microsoft.windows.common-controls_6595b64144ccf1df_5.82.7601.17514_none_a4d6a923711520a9\comctl32.dll
19:20:39.0942 4772 C:\Windows\winsxs\amd64_microsoft.windows.common-controls_6595b64144ccf1df_5.82.7601.17514_none_a4d6a923711520a9\comctl32.dll - ok
19:20:39.0942 4772 [ A0A2C1D812C231C9BFE119FDC68E341B ] C:\Windows\System32\IDStore.dll
19:20:39.0942 4772 C:\Windows\System32\IDStore.dll - ok
19:20:39.0958 4772 [ 001D7099C3DB8E53A955FF4D66E25AA2 ] C:\Windows\System32\kbd101.dll
19:20:39.0958 4772 C:\Windows\System32\kbd101.dll - ok
19:20:39.0958 4772 [ A1D990022654CFE37E2561E540F0253B ] C:\Windows\System32\kbd106.dll
19:20:39.0958 4772 C:\Windows\System32\kbd106.dll - ok
19:20:39.0958 4772 [ 6D707786D7163383C64F07263BB9478E ] C:\Windows\System32\KBDJPN.DLL
19:20:39.0958 4772 C:\Windows\System32\KBDJPN.DLL - ok
19:20:39.0958 4772 [ D8DAD1E59B580BE2F5C079BCCE33EA96 ] C:\Windows\System32\KBDKOR.DLL
19:20:39.0958 4772 C:\Windows\System32\KBDKOR.DLL - ok
19:20:39.0973 4772 [ 117865AD39587EB4DA218AAF2E559B8C ] C:\Windows\System32\kbdnec.dll
19:20:39.0973 4772 C:\Windows\System32\kbdnec.dll - ok
19:20:39.0973 4772 [ 517110BD83835338C037269E603DB55D ] C:\Windows\System32\taskhost.exe
19:20:39.0973 4772 C:\Windows\System32\taskhost.exe - ok
19:20:39.0973 4772 [ 4F5A3681A762FBCCC5A02D2DB3A04A79 ] C:\Windows\System32\kbd101a.dll
19:20:39.0973 4772 C:\Windows\System32\kbd101a.dll - ok
19:20:39.0973 4772 [ 06F85BA017A3D9B955AC7A00525ACF6B ] C:\Windows\System32\kbd103.dll
19:20:39.0973 4772 C:\Windows\System32\kbd103.dll - ok
19:20:39.0989 4772 [ 6CEF7856A3EFAC59470F6208F0F585CE ] C:\Windows\System32\mpr.dll
19:20:39.0989 4772 C:\Windows\System32\mpr.dll - ok
19:20:39.0989 4772 [ 94EEAC26F57811BD1AEFC164412F7FCE ] C:\Windows\System32\PlaySndSrv.dll
19:20:39.0989 4772 C:\Windows\System32\PlaySndSrv.dll - ok
19:20:39.0989 4772 [ 65EA57712340C09B1B0C427B4848AE05 ] C:\Windows\System32\taskeng.exe
19:20:39.0989 4772 C:\Windows\System32\taskeng.exe - ok
19:20:39.0989 4772 [ 88351B29B622B30962D2FEB6CA8D860B ] C:\Windows\System32\rasadhlp.dll
19:20:39.0989 4772 C:\Windows\System32\rasadhlp.dll - ok
19:20:40.0005 4772 [ BAFE84E637BF7388C96EF48D4D3FDD53 ] C:\Windows\System32\userinit.exe
19:20:40.0005 4772 C:\Windows\System32\userinit.exe - ok
19:20:40.0005 4772 [ F162D5F5E845B9DC352DD1BAD8CEF1BC ] C:\Windows\System32\dwm.exe
19:20:40.0005 4772 C:\Windows\System32\dwm.exe - ok
19:20:40.0005 4772 [ 45CFBFA8EDC3DF4E2B7FB0D0260FE051 ] C:\Windows\System32\localspl.dll
19:20:40.0005 4772 C:\Windows\System32\localspl.dll - ok
19:20:40.0005 4772 [ 3285481F5C12305CA104A6C493CA5A0B ] C:\Windows\System32\spoolss.dll
19:20:40.0020 4772 C:\Windows\System32\spoolss.dll - ok
19:20:40.0020 4772 [ 0015ACFBBDD164A8A730009908868CA7 ] C:\Windows\System32\winspool.drv
19:20:40.0020 4772 C:\Windows\System32\winspool.drv - ok
19:20:40.0020 4772 [ 545DFE2319DF936E96204EAE1D5B0761 ] C:\Windows\SysWOW64\npeutilex.dll
19:20:40.0020 4772 C:\Windows\SysWOW64\npeutilex.dll - ok
19:20:40.0020 4772 [ 936F728E04ACCF3F38801CFFCF1E3F40 ] C:\Windows\SysWOW64\oledlg.dll
19:20:40.0020 4772 C:\Windows\SysWOW64\oledlg.dll - ok
19:20:40.0036 4772 [ 432BE6CF7311062633459EEF6B242FB5 ] C:\Windows\SysWOW64\regsvr32.exe
19:20:40.0036 4772 C:\Windows\SysWOW64\regsvr32.exe - ok
19:20:40.0036 4772 [ 9BB99503D6A4DD62569EDE9E5E2672A5 ] C:\Windows\System32\HotStartUserAgent.dll
19:20:40.0036 4772 C:\Windows\System32\HotStartUserAgent.dll - ok
19:20:40.0036 4772 [ 1F1CA9E99DD5BF918BE0BF30B5A42FDA ] C:\Windows\System32\MsCtfMonitor.dll
19:20:40.0036 4772 C:\Windows\System32\MsCtfMonitor.dll - ok
19:20:40.0036 4772 [ F09A9A1AD21FE618C4C8B0A0D830C886 ] C:\Windows\System32\msutb.dll
19:20:40.0036 4772 C:\Windows\System32\msutb.dll - ok
19:20:40.0051 4772 [ 4BA77A5EF71C14C764B0ED4701683E3E ] C:\Windows\System32\dwmcore.dll
19:20:40.0051 4772 C:\Windows\System32\dwmcore.dll - ok
19:20:40.0051 4772 [ FCFCD1101C5DA23B4B95F93D02B2C169 ] C:\Windows\System32\dwmredir.dll
19:20:40.0051 4772 C:\Windows\System32\dwmredir.dll - ok
19:20:40.0051 4772 [ 9C17DCD6DDFEB1A012544FAF4F2789F6 ] C:\Windows\AppPatch\AcGenral.dll
19:20:40.0051 4772 C:\Windows\AppPatch\AcGenral.dll - ok
19:20:40.0051 4772 [ F02A533F517EB38333CB12A9E8963773 ] C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
19:20:40.0051 4772 C:\Program Files (x86)\Google\Update\GoogleUpdate.exe - ok
19:20:40.0067 4772 [ 805A52C5AE26C28E88FDD9BCCFE6F312 ] C:\Windows\System32\TSChannel.dll
19:20:40.0067 4772 C:\Windows\System32\TSChannel.dll - ok
19:20:40.0067 4772 [ 9FF47CD8A3787C8FD3CDFE40441C722E ] C:\Program Files (x86)\Google\Update\1.3.21.123\goopdate.dll
19:20:40.0067 4772 C:\Program Files (x86)\Google\Update\1.3.21.123\goopdate.dll - ok
19:20:40.0067 4772 [ E1374D37477322D4956604711008C69D ] C:\Windows\System32\d3d10_1.dll
19:20:40.0067 4772 C:\Windows\System32\d3d10_1.dll - ok
19:20:40.0067 4772 [ 426BA4E737A7988FD1202AF2F2B2F4A6 ] C:\Windows\System32\d3d10_1core.dll
19:20:40.0067 4772 C:\Windows\System32\d3d10_1core.dll - ok
19:20:40.0083 4772 [ B2DB6ABA2E292235749B80A9C3DFA867 ] C:\Windows\SysWOW64\imagehlp.dll
19:20:40.0083 4772 C:\Windows\SysWOW64\imagehlp.dll - ok
19:20:40.0083 4772 [ F404E59DB6A0F122AB26BF4F3E2FD0FA ] C:\Windows\System32\dxgi.dll
19:20:40.0083 4772 C:\Windows\System32\dxgi.dll - ok
19:20:40.0083 4772 [ A6C29DB53ECA94FA8591C5388D604B82 ] C:\Windows\SysWOW64\msi.dll
19:20:40.0083 4772 C:\Windows\SysWOW64\msi.dll - ok
19:20:40.0083 4772 [ 332FEAB1435662FC6C672E25BEB37BE3 ] C:\Windows\explorer.exe
19:20:40.0083 4772 C:\Windows\explorer.exe - ok
19:20:40.0098 4772 [ F5138EEC090C296CF6FB6C6C19BE1D9E ] C:\Windows\System32\igd10umd64.dll
19:20:40.0098 4772 C:\Windows\System32\igd10umd64.dll - ok
19:20:40.0098 4772 [ 3FD15B4611D9BDA3F8013548C0ECAECA ] C:\Windows\SysWOW64\ntmarta.dll
19:20:40.0098 4772 C:\Windows\SysWOW64\ntmarta.dll - ok
19:20:40.0098 4772 [ A8BB45F9ECAD993461E0FEF8E2A99152 ] C:\Windows\SysWOW64\Wldap32.dll
19:20:40.0098 4772 C:\Windows\SysWOW64\Wldap32.dll - ok
19:20:40.0098 4772 [ AE5A69F44C1F97EDC83237FC0B29B6FB ] C:\Program Files (x86)\Google\Update\1.3.21.123\GoogleCrashHandler.exe
19:20:40.0098 4772 C:\Program Files (x86)\Google\Update\1.3.21.123\GoogleCrashHandler.exe - ok
19:20:40.0114 4772 [ 41938F2C1642459CBBA691B5DBD6395A ] C:\Program Files (x86)\Google\Update\1.3.21.123\GoogleCrashHandler64.exe
19:20:40.0114 4772 C:\Program Files (x86)\Google\Update\1.3.21.123\GoogleCrashHandler64.exe - ok
19:20:40.0114 4772 [ EED05D42D91835064703E2318552ED25 ] C:\Windows\System32\ExplorerFrame.dll
19:20:40.0114 4772 C:\Windows\System32\ExplorerFrame.dll - ok
19:20:40.0114 4772 [ 1BF0CB861A48FEB1638228760750F3CB ] C:\Windows\System32\cscapi.dll
19:20:40.0114 4772 C:\Windows\System32\cscapi.dll - ok
19:20:40.0129 4772 [ A7A8CA53D9C9FD90C07AB0EB38E5316B ] C:\Windows\System32\dbghelp.dll
19:20:40.0129 4772 C:\Windows\System32\dbghelp.dll - ok
19:20:40.0129 4772 [ 69240653FB5099533354DD36C451C332 ] C:\Program Files\AVAST Software\Avast\ashShA64.dll
19:20:40.0129 4772 C:\Program Files\AVAST Software\Avast\ashShA64.dll - ok
19:20:40.0129 4772 [ 5EB6E9C8BE1ACC5830780E0F9A846255 ] C:\Windows\System32\msi.dll
19:20:40.0129 4772 C:\Windows\System32\msi.dll - ok
19:20:40.0145 4772 [ F93674263F6B07C77956E966953242D9 ] C:\Windows\SysWOW64\secur32.dll
19:20:40.0145 4772 C:\Windows\SysWOW64\secur32.dll - ok
19:20:40.0145 4772 [ 5877A3341AA7DF58789294CEBA38AE2B ] C:\Users\SimonLaptop\AppData\Roaming\Dropbox\bin\DropboxExt64.17.dll
19:20:40.0145 4772 C:\Users\SimonLaptop\AppData\Roaming\Dropbox\bin\DropboxExt64.17.dll - ok
19:20:40.0145 4772 [ 79AFFC7FEEA9CD2FEFEA5EF3B631A02C ] C:\Windows\System32\ndiscapCfg.dll
19:20:40.0145 4772 C:\Windows\System32\ndiscapCfg.dll - ok
19:20:40.0145 4772 [ 3D6AF45673C4B31CDECD7F80AF09D443 ] C:\Windows\System32\rascfg.dll
19:20:40.0145 4772 C:\Windows\System32\rascfg.dll - ok
19:20:40.0161 4772 [ BE165318E0052A91F7EA36F515B5F2B1 ] C:\Windows\winsxs\amd64_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.4940_none_08e4299fa83d7e3c\msvcp90.dll
19:20:40.0161 4772 C:\Windows\winsxs\amd64_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.4940_none_08e4299fa83d7e3c\msvcp90.dll - ok
19:20:40.0161 4772 [ 2DF29664ED261F0FC448E58F338F0671 ] C:\Windows\System32\mprapi.dll
19:20:40.0161 4772 C:\Windows\System32\mprapi.dll - ok
19:20:40.0161 4772 [ 1CF21800E337F4039AAD4C94B4280EE4 ] C:\Windows\System32\mprmsg.dll
19:20:40.0161 4772 C:\Windows\System32\mprmsg.dll - ok
19:20:40.0161 4772 [ 0D7BE936A44E6B70F822D272A5CEBC22 ] C:\Windows\winsxs\amd64_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.4940_none_08e4299fa83d7e3c\msvcr90.dll
19:20:40.0161 4772 C:\Windows\winsxs\amd64_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.4940_none_08e4299fa83d7e3c\msvcr90.dll - ok
19:20:40.0176 4772 [ 49E5753D923F1AC63B22D3DCB0B47E00 ] C:\Windows\System32\uDWM.dll
19:20:40.0176 4772 C:\Windows\System32\uDWM.dll - ok
19:20:40.0176 4772 [ 024352FEEC9042260BB4CFB4D79A206B ] C:\Windows\System32\EhStorShell.dll
19:20:40.0176 4772 C:\Windows\System32\EhStorShell.dll - ok
19:20:40.0176 4772 [ 7979639731124E5BF730061E29B96F7F ] C:\Program Files (x86)\Google\Drive\googledrivesync64.dll
19:20:40.0176 4772 C:\Program Files (x86)\Google\Drive\googledrivesync64.dll - ok
19:20:40.0176 4772 [ 037A719DAD50603202C978CD802623E4 ] C:\Windows\System32\ntshrui.dll
19:20:40.0176 4772 C:\Windows\System32\ntshrui.dll - ok
19:20:40.0192 4772 [ 522B0466ED967A0762E9AF5B37D8F40A ] C:\Windows\System32\esent.dll
19:20:40.0192 4772 C:\Windows\System32\esent.dll - ok
19:20:40.0192 4772 [ E0338F28FDCF31025073F9D208E1F782 ] C:\Windows\assembly\NativeImages_v2.0.50727_32\tosIndicator\0e0da7ee8bb15e20f3c21d60c41787e7\tosIndicator.ni.exe
19:20:40.0192 4772 C:\Windows\assembly\NativeImages_v2.0.50727_32\tosIndicator\0e0da7ee8bb15e20f3c21d60c41787e7\tosIndicator.ni.exe - ok
19:20:40.0192 4772 [ 858716CED10DBBF0BC5748F71ED2F59D ] C:\Windows\assembly\NativeImages_v2.0.50727_32\WindowsBase\b311b783e1efaa9527f4c2c9680c44d1\WindowsBase.ni.dll
19:20:40.0192 4772 C:\Windows\assembly\NativeImages_v2.0.50727_32\WindowsBase\b311b783e1efaa9527f4c2c9680c44d1\WindowsBase.ni.dll - ok
19:20:40.0207 4772 [ D5AEFAD57C08349A4393D987DF7C715D ] C:\Windows\SysWOW64\winmm.dll
19:20:40.0207 4772 C:\Windows\SysWOW64\winmm.dll - ok
19:20:40.0207 4772 [ 85683DF1F917E4D7F6BE1A04986BF1C8 ] C:\Windows\SysWOW64\msacm32.dll
19:20:40.0207 4772 C:\Windows\SysWOW64\msacm32.dll - ok
19:20:40.0207 4772 [ 68ECCA523ED760AAFC03C5D587569859 ] C:\Windows\SysWOW64\samcli.dll
19:20:40.0207 4772 C:\Windows\SysWOW64\samcli.dll - ok
19:20:40.0207 4772 [ 40CAEEE0EAF1B8569F7C8DF6420F2CB9 ] C:\Windows\SysWOW64\sfc.dll
19:20:40.0207 4772 C:\Windows\SysWOW64\sfc.dll - ok
19:20:40.0207 4772 [ 84799328D87B3091A3BDD251E1AD31F9 ] C:\Windows\SysWOW64\sfc_os.dll
19:20:40.0207 4772 C:\Windows\SysWOW64\sfc_os.dll - ok
19:20:40.0223 4772 [ 10FB16B50AFFDA6D44588F3C445DC273 ] C:\Windows\SysWOW64\setupapi.dll
19:20:40.0223 4772 C:\Windows\SysWOW64\setupapi.dll - ok
19:20:40.0223 4772 [ 9170C065FC76758E5D317B8FBA884F0C ] C:\Windows\assembly\NativeImages_v2.0.50727_32\PresentationCore\53d6d827964619285771ed72332d3659\PresentationCore.ni.dll
19:20:40.0223 4772 C:\Windows\assembly\NativeImages_v2.0.50727_32\PresentationCore\53d6d827964619285771ed72332d3659\PresentationCore.ni.dll - ok
19:20:40.0223 4772 [ 2EEFF4502F5E13B1BED4A04CCAD64C08 ] C:\Windows\SysWOW64\devobj.dll
19:20:40.0223 4772 C:\Windows\SysWOW64\devobj.dll - ok
19:20:40.0223 4772 [ B9A8CBCFCD3EC9D2EA4740AF347BF108 ] C:\Windows\SysWOW64\mpr.dll
19:20:40.0223 4772 C:\Windows\SysWOW64\mpr.dll - ok
19:20:40.0239 4772 [ 09DEF3ABB6A196749299359AC5578DD8 ] C:\Windows\SysWOW64\msxml4.dll
19:20:40.0239 4772 C:\Windows\SysWOW64\msxml4.dll - ok
19:20:40.0239 4772 [ 4FE6AA4422BEC5DC3995051C670FFB26 ] C:\Windows\SysWOW64\advpack.dll
19:20:40.0239 4772 C:\Windows\SysWOW64\advpack.dll - ok
19:20:40.0239 4772 [ 162D247E995EAEBF3EF4289069E1111C ] C:\Windows\SysWOW64\devrtl.dll
19:20:40.0239 4772 C:\Windows\SysWOW64\devrtl.dll - ok
19:20:40.0239 4772 [ 4BDBBE5E4208022DD794F7EEEB0F7366 ] C:\Windows\SysWOW64\SPInf.dll
19:20:40.0239 4772 C:\Windows\SysWOW64\SPInf.dll - ok
19:20:40.0254 4772 [ 4B9E4CE667DF26ADA061AA81E9AA841D ] C:\Windows\SysWOW64\spfileq.dll
19:20:40.0254 4772 C:\Windows\SysWOW64\spfileq.dll - ok
19:20:40.0254 4772 [ 9E5868DB59C6D8E949F724DBBC639A31 ] C:\Windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\1ec80905a71750be50dfc7981ad5ae28\PresentationFramework.ni.dll
19:20:40.0254 4772 C:\Windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\1ec80905a71750be50dfc7981ad5ae28\PresentationFramework.ni.dll - ok
19:20:40.0254 4772 [ AEDDFD540E3E6BECDB14C30D1F12B78A ] C:\Windows\assembly\GAC_32\PresentationCore\3.0.0.0__31bf3856ad364e35\PresentationCore.dll
19:20:40.0254 4772 C:\Windows\assembly\GAC_32\PresentationCore\3.0.0.0__31bf3856ad364e35\PresentationCore.dll - ok
19:20:40.0270 4772 [ DDFBFD8959F32AC0CF3947F36BAC3081 ] C:\Windows\Microsoft.NET\Framework\v3.0\WPF\wpfgfx_v0300.dll
19:20:40.0270 4772 C:\Windows\Microsoft.NET\Framework\v3.0\WPF\wpfgfx_v0300.dll - ok
19:20:40.0270 4772 [ 3B4B75EE7DB46F7D4E904829B8E14C52 ] C:\Program Files\AVAST Software\Avast\AhResBhv.dll
19:20:40.0270 4772 C:\Program Files\AVAST Software\Avast\AhResBhv.dll - ok
19:20:40.0270 4772 [ 1EBE9524683C7C4EED8B8BC93FB6FBCC ] C:\Windows\SysWOW64\fltLib.dll
19:20:40.0270 4772 C:\Windows\SysWOW64\fltLib.dll - ok
19:20:40.0270 4772 [ A0617B5753E31126AD29C03154F4F329 ] C:\Windows\Microsoft.NET\Framework\v2.0.50727\Culture.dll
19:20:40.0270 4772 C:\Windows\Microsoft.NET\Framework\v2.0.50727\Culture.dll - ok
19:20:40.0285 4772 [ 6EF5F3F18413C367195F06E503AB86A6 ] C:\Windows\SysWOW64\d3d9.dll
19:20:40.0285 4772 C:\Windows\SysWOW64\d3d9.dll - ok
19:20:40.0285 4772 [ B010CF886420EE29C2C276646721D255 ] C:\Windows\SysWOW64\wlanapi.dll
19:20:40.0285 4772 C:\Windows\SysWOW64\wlanapi.dll - ok
19:20:40.0285 4772 [ 1D6A771D1D702AE07919DB52C889A249 ] C:\Windows\SysWOW64\wlanutil.dll
19:20:40.0285 4772 C:\Windows\SysWOW64\wlanutil.dll - ok
19:20:40.0285 4772 [ 0B2D65FDDE31069299AA6330F359FF9C ] C:\Windows\System32\msxml3.dll
19:20:40.0285 4772 C:\Windows\System32\msxml3.dll - ok
19:20:40.0301 4772 [ 77B1471A490B53B24EFE136F09F76550 ] C:\Windows\SysWOW64\d3d8thk.dll
19:20:40.0301 4772 C:\Windows\SysWOW64\d3d8thk.dll - ok
19:20:40.0301 4772 [ 2B7DB3E2C6DC1BC4D3682838BDB1304C ] C:\Windows\SysWOW64\igdumdx32.dll
19:20:40.0301 4772 C:\Windows\SysWOW64\igdumdx32.dll - ok
19:20:40.0301 4772 [ 933421733C2C4BE8CB161D18E9652E69 ] C:\Windows\SysWOW64\igdumd32.dll
19:20:40.0301 4772 C:\Windows\SysWOW64\igdumd32.dll - ok
19:20:40.0301 4772 [ 08DFDBD2FD4EA951DC46B1C7661ED35A ] C:\Windows\SysWOW64\powrprof.dll
19:20:40.0301 4772 C:\Windows\SysWOW64\powrprof.dll - ok
19:20:40.0317 4772 [ A96DF7F02B248C65DF3947D8B0D588EB ] C:\Windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\7c4de95aa433eb8d81a81caf805947a8\PresentationFramework.Aero.ni.dll
19:20:40.0317 4772 C:\Windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\7c4de95aa433eb8d81a81caf805947a8\PresentationFramework.Aero.ni.dll - ok
19:20:40.0317 4772 [ 55DE45B116711881C852D2841E4C84DD ] C:\Windows\System32\tcpipcfg.dll
19:20:40.0317 4772 C:\Windows\System32\tcpipcfg.dll - ok
19:20:40.0317 4772 [ 45FB05F743E626D9E239E52602CEA041 ] C:\Windows\SysWOW64\msctfui.dll
19:20:40.0317 4772 C:\Windows\SysWOW64\msctfui.dll - ok
19:20:40.0317 4772 [ F3B650D3566E96E765AEA2AB05D4830C ] C:\Program Files (x86)\TOSHIBA\Wireless LAN Indicator\tosmui.dll
19:20:40.0317 4772 C:\Program Files (x86)\TOSHIBA\Wireless LAN Indicator\tosmui.dll - ok
19:20:40.0332 4772 [ 18AB2E5A40064ED5F7791AC5946A90F3 ] C:\Windows\SysWOW64\msimg32.dll
19:20:40.0332 4772 C:\Windows\SysWOW64\msimg32.dll - ok
19:20:40.0332 4772 [ 7717F84F483002815490033BF069DABD ] C:\Windows\winsxs\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.17825_none_72d273598668a06b\GdiPlus.dll
19:20:40.0332 4772 C:\Windows\winsxs\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.17825_none_72d273598668a06b\GdiPlus.dll - ok
19:20:40.0332 4772 [ 9A85ABCE0FDD1AF8E79E731EB0B679F3 ] C:\Windows\SysWOW64\dhcpcsvc.dll
19:20:40.0332 4772 C:\Windows\SysWOW64\dhcpcsvc.dll - ok
19:20:40.0348 4772 [ B40420876B9288E0A1C8CCA8A84E5DC9 ] C:\Windows\SysWOW64\dnsapi.dll
19:20:40.0348 4772 C:\Windows\SysWOW64\dnsapi.dll - ok
19:20:40.0348 4772 [ C5A99A4C0DC9F0F5A95BA0C83D30A549 ] C:\Windows\SysWOW64\mstask.dll
19:20:40.0348 4772 C:\Windows\SysWOW64\mstask.dll - ok
19:20:40.0348 4772 [ 81F6C1AE23B1C493D9E996C3103915D7 ] C:\Windows\SysWOW64\dhcpcsvc6.dll
19:20:40.0348 4772 C:\Windows\SysWOW64\dhcpcsvc6.dll - ok
19:20:40.0363 4772 [ DDD0357A92FA843EFF8915ED17253D6C ] C:\Windows\System32\wbem\WmiPrvSD.dll
19:20:40.0363 4772 C:\Windows\System32\wbem\WmiPrvSD.dll - ok
19:20:40.0363 4772 [ D41FEBD098234F02485A4EA98D4730A4 ] C:\Windows\System32\ncobjapi.dll
19:20:40.0363 4772 C:\Windows\System32\ncobjapi.dll - ok
19:20:40.0363 4772 [ 6F40D6FB05E0C1E5402812B426971AF0 ] C:\Windows\System32\wbem\wbemess.dll
19:20:40.0363 4772 C:\Windows\System32\wbem\wbemess.dll - ok
19:20:40.0363 4772 [ 70A176BF2ED362862944C371838262F8 ] C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
19:20:40.0363 4772 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE - ok
19:20:40.0379 4772 [ F11A57E91FDAECFB41A5CB21EB1EBC8E ] C:\Windows\System32\dssenh.dll
19:20:40.0379 4772 C:\Windows\System32\dssenh.dll - ok
19:20:40.0379 4772 [ EC1FCC102C9CB0032D66ABA79CD3995E ] C:\Program Files\AVAST Software\Avast\AhResJs.dll
19:20:40.0379 4772 C:\Program Files\AVAST Software\Avast\AhResJs.dll - ok
19:20:40.0379 4772 [ 7BBAE90115326F8727E36C2F541E1DFD ] C:\Program Files\AVAST Software\Avast\AhResMai.dll
19:20:40.0379 4772 C:\Program Files\AVAST Software\Avast\AhResMai.dll - ok
19:20:40.0379 4772 [ 70982F1D8399093970A2B7A89CAA940C ] C:\Program Files\AVAST Software\Avast\AhResMes.dll
19:20:40.0379 4772 C:\Program Files\AVAST Software\Avast\AhResMes.dll - ok
19:20:40.0395 4772 [ 037567DF8E84474C797BAFD4F764C409 ] C:\Program Files\AVAST Software\Avast\AhResNS.dll
19:20:40.0395 4772 C:\Program Files\AVAST Software\Avast\AhResNS.dll - ok
19:20:40.0395 4772 [ 6E6AA4B25A349C3F6E049A78741AD616 ] C:\Program Files\AVAST Software\Avast\AhResP2P.dll
19:20:40.0395 4772 C:\Program Files\AVAST Software\Avast\AhResP2P.dll - ok
19:20:40.0395 4772 [ C5670008D13FAACFD944BD59B9FE890B ] C:\Program Files\AVAST Software\Avast\AhResStd.dll
19:20:40.0395 4772 C:\Program Files\AVAST Software\Avast\AhResStd.dll - ok
19:20:40.0395 4772 [ E12C21591485C190C2265703F827B885 ] C:\Program Files\AVAST Software\Avast\AhResWS.dll
19:20:40.0395 4772 C:\Program Files\AVAST Software\Avast\AhResWS.dll - ok
19:20:40.0410 4772 [ 72A7C1EC4D3BF38CB115395AD721AE3C ] C:\Program Files\AVAST Software\Avast\defs\13010100\ArPot.dll
19:20:40.0410 4772 C:\Program Files\AVAST Software\Avast\defs\13010100\ArPot.dll - ok
19:20:40.0410 4772 [ 332B86EC298458A39EDF9D74AA65CB84 ] C:\Program Files\AVAST Software\Avast\ashMaiSv.dll
19:20:40.0410 4772 C:\Program Files\AVAST Software\Avast\ashMaiSv.dll - ok
19:20:40.0410 4772 [ CFB3EEDF620E7F32464A3091BA76D5E8 ] C:\Program Files\AVAST Software\Avast\defs\13010100\exts.dll
19:20:40.0410 4772 C:\Program Files\AVAST Software\Avast\defs\13010100\exts.dll - ok
19:20:40.0426 4772 [ 728B41052D89D9C029167C5367CBF692 ] C:\Program Files\AVAST Software\Avast\ashWebSv.dll
19:20:40.0426 4772 C:\Program Files\AVAST Software\Avast\ashWebSv.dll - ok
19:20:40.0426 4772 [ 0BA65122FFA7E37564EE86422DBF7AE8 ] C:\Windows\SysWOW64\nlaapi.dll
19:20:40.0426 4772 C:\Windows\SysWOW64\nlaapi.dll - ok
19:20:40.0426 4772 [ 0B7E85364CB878E2AD531DB7B601A9E5 ] C:\Windows\SysWOW64\NapiNSP.dll
19:20:40.0426 4772 C:\Windows\SysWOW64\NapiNSP.dll - ok
19:20:40.0426 4772 [ 8999B8631C7FD9F7F9EC3CAFD953BA24 ] C:\Windows\SysWOW64\mswsock.dll
19:20:40.0426 4772 C:\Windows\SysWOW64\mswsock.dll - ok
19:20:40.0441 4772 [ 5CF640EDDB1E40A5AB1BB743BCDEC610 ] C:\Windows\SysWOW64\pnrpnsp.dll
19:20:40.0441 4772 C:\Windows\SysWOW64\pnrpnsp.dll - ok
19:20:40.0441 4772 [ 9D4A1690AF93F233E15380398BEC7431 ] C:\Program Files (x86)\Common Files\microsoft shared\Windows Live\WLIDNSP.DLL
19:20:40.0441 4772 C:\Program Files (x86)\Common Files\microsoft shared\Windows Live\WLIDNSP.DLL - ok
19:20:40.0441 4772 [ 5DF5D8CFD9B9573FA3B2C89D9061A240 ] C:\Windows\SysWOW64\winrnr.dll
19:20:40.0441 4772 C:\Windows\SysWOW64\winrnr.dll - ok
19:20:40.0441 4772 [ 03A03A453F1AAAE0C73AAAF895321C7A ] C:\Windows\SysWOW64\FWPUCLNT.DLL
19:20:40.0441 4772 C:\Windows\SysWOW64\FWPUCLNT.DLL - ok
19:20:40.0457 4772 [ ED6EE83D61EBC683C2CD8E899EA6FEBE ] C:\Windows\SysWOW64\rasadhlp.dll
19:20:40.0457 4772 C:\Windows\SysWOW64\rasadhlp.dll - ok
19:20:40.0457 4772 [ CD57F3CE481BD93FC47A30DA3DAC5837 ] C:\Program Files\AVAST Software\Avast\ashWsFtr.dll
19:20:40.0457 4772 C:\Program Files\AVAST Software\Avast\ashWsFtr.dll - ok
19:20:40.0457 4772 [ 4F6E72B34ED3DC53DCC5E8708E60B61F ] C:\Windows\SysWOW64\security.dll
19:20:40.0457 4772 C:\Windows\SysWOW64\security.dll - ok
19:20:40.0457 4772 [ EE5C8E27C37B79CB54A2FCEEED2DC262 ] C:\Windows\SysWOW64\WSHTCPIP.DLL
19:20:40.0457 4772 C:\Windows\SysWOW64\WSHTCPIP.DLL - ok
19:20:40.0473 4772 [ CA9F7888B524D8100B977C81F44C3234 ] C:\Windows\SysWOW64\winhttp.dll
19:20:40.0473 4772 C:\Windows\SysWOW64\winhttp.dll - ok
19:20:40.0473 4772 [ 26BA928D3FBA2A12589A8A9B1A47FB08 ] C:\Program Files\AVAST Software\Avast\defs\13010100\aswAR.dll
19:20:40.0473 4772 C:\Program Files\AVAST Software\Avast\defs\13010100\aswAR.dll - ok
19:20:40.0473 4772 [ FB19FC5951A88F3C523E35C2C98D23C0 ] C:\Windows\SysWOW64\webio.dll
19:20:40.0473 4772 C:\Windows\SysWOW64\webio.dll - ok
19:20:40.0473 4772 [ 4E5FE39C1076D115EC8BFCFE14D75B80 ] C:\Windows\SysWOW64\credssp.dll
19:20:40.0473 4772 C:\Windows\SysWOW64\credssp.dll - ok
19:20:40.0488 4772 [ 0D0FA4434A9434641AB0A6332AC5560A ] C:\Program Files\AVAST Software\Avast\defs\13010100\aswRawFS.dll
19:20:40.0488 4772 C:\Program Files\AVAST Software\Avast\defs\13010100\aswRawFS.dll - ok
19:20:40.0488 4772 [ 73E8667A19FEEDD856DF2695E9E511D4 ] C:\Windows\SysWOW64\wship6.dll
19:20:40.0488 4772 C:\Windows\SysWOW64\wship6.dll - ok
19:20:40.0488 4772 [ 839F96DBAAFD3353E0B248A5E0BD2A51 ] C:\Windows\SysWOW64\rasapi32.dll
19:20:40.0488 4772 C:\Windows\SysWOW64\rasapi32.dll - ok
19:20:40.0488 4772 [ FFA7172354B9256DBB2CDD75F16F33FE ] C:\Windows\SysWOW64\rasman.dll
19:20:40.0488 4772 C:\Windows\SysWOW64\rasman.dll - ok
19:20:40.0504 4772 [ 0915C4DB6DBC3BB9E11B7ECBBE4B7159 ] C:\Windows\SysWOW64\rtutils.dll
19:20:40.0504 4772 C:\Windows\SysWOW64\rtutils.dll - ok
19:20:40.0504 4772 [ 6F8E3B7B70E1BBA871212940C1FBDF60 ] C:\Windows\SysWOW64\SensApi.dll
19:20:40.0504 4772 C:\Windows\SysWOW64\SensApi.dll - ok
19:20:40.0504 4772 [ 19E41CCCEE697CC9465396B370929792 ] C:\Windows\System32\FXSMON.dll
19:20:40.0504 4772 C:\Windows\System32\FXSMON.dll - ok
19:20:40.0504 4772 [ C5AC93CF3BA30D367FB49148A2B673B9 ] C:\Windows\System32\PrintIsolationProxy.dll
19:20:40.0504 4772 C:\Windows\System32\PrintIsolationProxy.dll - ok
19:20:40.0519 4772 [ 32A3C8600AF124CBAAD845F13CFAE3CB ] C:\Windows\System32\tcpmon.dll
19:20:40.0519 4772 C:\Windows\System32\tcpmon.dll - ok
19:20:40.0519 4772 [ 8C338238C16777A802D6A9211EB2BA50 ] C:\Windows\SysWOW64\netprofm.dll
19:20:40.0519 4772 C:\Windows\SysWOW64\netprofm.dll - ok
19:20:40.0519 4772 [ 8E01332CC4B68BC6B5B7EFFE374442AA ] C:\Windows\SysWOW64\oleacc.dll
19:20:40.0519 4772 C:\Windows\SysWOW64\oleacc.dll - ok
19:20:40.0519 4772 [ 93518C6EDE0B61BCBD02BDB02BD05FEE ] C:\Windows\System32\snmpapi.dll
19:20:40.0519 4772 C:\Windows\System32\snmpapi.dll - ok
19:20:40.0535 4772 [ EAB975DB4C2805927FE5BD047D05C9AA ] C:\Windows\SysWOW64\netshell.dll
19:20:40.0535 4772 C:\Windows\SysWOW64\netshell.dll - ok
19:20:40.0535 4772 [ 370349F79315D4DB86CD992CACEFEE61 ] C:\Windows\SysWOW64\VAN.dll
19:20:40.0535 4772 C:\Windows\SysWOW64\VAN.dll - ok
19:20:40.0535 4772 [ 1DB71A41DAEE6B3F8CD0DDA8209FA2D5 ] C:\Windows\SysWOW64\WindowsCodecs.dll
19:20:40.0535 4772 C:\Windows\SysWOW64\WindowsCodecs.dll - ok
19:20:40.0535 4772 [ 1D63F4366288B8A7595397E27010FD44 ] C:\Windows\System32\IconCodecService.dll
19:20:40.0535 4772 C:\Windows\System32\IconCodecService.dll - ok
19:20:40.0551 4772 [ FFF9D00CF16397C64317F213484F94BD ] C:\Windows\System32\wsnmp32.dll
19:20:40.0551 4772 C:\Windows\System32\wsnmp32.dll - ok
19:20:40.0551 4772 [ DF72A9936D0C3F517083119648814B09 ] C:\Windows\System32\usbmon.dll
19:20:40.0551 4772 C:\Windows\System32\usbmon.dll - ok
19:20:40.0551 4772 [ A1D7E3ADCDB07DDB6F423862DCB1A52B ] C:\Windows\System32\WSDMon.dll
19:20:40.0551 4772 C:\Windows\System32\WSDMon.dll - ok
19:20:40.0566 4772 [ 4581716B4BF76ACFD8E167EB0B26D82A ] C:\Windows\System32\fdPnp.dll
19:20:40.0566 4772 C:\Windows\System32\fdPnp.dll - ok
19:20:40.0566 4772 [ D5ADA72C30295A6655793324212278CB ] C:\Program Files\AVAST Software\Avast\Setup\avast.setup
19:20:40.0566 4772 C:\Program Files\AVAST Software\Avast\Setup\avast.setup - ok
19:20:40.0566 4772 [ 4FDFA3F219692D17011BF1B428857C1E ] C:\Program Files\Windows Defender\MpRTP.dll
19:20:40.0566 4772 C:\Program Files\Windows Defender\MpRTP.dll - ok
19:20:40.0582 4772 [ FBD879D17B26D49DD7A48FF58062FAE6 ] C:\Windows\System32\tdh.dll
19:20:40.0582 4772 C:\Windows\System32\tdh.dll - ok
19:20:40.0582 4772 [ D527EF4364D2D00443470940B177EAD4 ] C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{74EDF32F-0327-4B2A-A5CA-F07F901E22D0}\mpengine.dll
19:20:40.0582 4772 C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{74EDF32F-0327-4B2A-A5CA-F07F901E22D0}\mpengine.dll - ok
19:20:40.0582 4772 [ B144A2223EF11ED42310124A7839258E ] C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{74EDF32F-0327-4B2A-A5CA-F07F901E22D0}\mpasbase.vdm
19:20:40.0582 4772 C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{74EDF32F-0327-4B2A-A5CA-F07F901E22D0}\mpasbase.vdm - ok
19:20:40.0597 4772 [ 1D626FE2E13C1CE49CA0136CFF214E93 ] C:\Windows\System32\spool\prtprocs\x64\winprint.dll
19:20:40.0597 4772 C:\Windows\System32\spool\prtprocs\x64\winprint.dll - ok
19:20:40.0597 4772 [ 548CB980D7876E207CC9F8B60C1587A3 ] C:\Windows\System32\win32spl.dll
19:20:40.0597 4772 C:\Windows\System32\win32spl.dll - ok
19:20:40.0597 4772 [ 507D5567A0A4EE86C4B0CE2CE1777025 ] C:\Windows\System32\inetpp.dll
19:20:40.0597 4772 C:\Windows\System32\inetpp.dll - ok
19:20:40.0597 4772 [ 9092F57AFC5328F9F98F0936CB4AD391 ] C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{74EDF32F-0327-4B2A-A5CA-F07F901E22D0}\mpasdlta.vdm
19:20:40.0597 4772 C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{74EDF32F-0327-4B2A-A5CA-F07F901E22D0}\mpasdlta.vdm - ok
19:20:40.0613 4772 [ 93BB66044FA76734E882C6F3E8EE1900 ] C:\Program Files\Windows Defender\MsMpLics.dll
19:20:40.0613 4772 C:\Program Files\Windows Defender\MsMpLics.dll - ok
19:20:40.0613 4772 [ 218A400108F280428FA22282D3268BBC ] C:\Windows\System32\wscapi.dll
19:20:40.0613 4772 C:\Windows\System32\wscapi.dll - ok
19:20:40.0613 4772 [ B84E2D174DC84916A536572BB8F691A8 ] C:\Windows\System32\wscisvif.dll
19:20:40.0613 4772 C:\Windows\System32\wscisvif.dll - ok
19:20:40.0613 4772 [ 6C1E3C43B35268C17833244C8ED96430 ] C:\Windows\System32\wscproxystub.dll
19:20:40.0613 4772 C:\Windows\System32\wscproxystub.dll - ok
19:20:40.0629 4772 [ B4ADEBBF5E3677CCE9651E0F01F7CC28 ] C:\Windows\System32\drivers\srv2.sys
19:20:40.0629 4772 C:\Windows\System32\drivers\srv2.sys - ok
19:20:40.0629 4772 [ 6DEE66CB872677E0DF2A0EB23DC1C100 ] C:\Program Files\AVAST Software\Avast\snxhk64.dll
19:20:40.0629 4772 C:\Program Files\AVAST Software\Avast\snxhk64.dll - ok
19:20:40.0629 4772 [ D0F868A67CB4D817A3F7ABEF8C42F49C ] C:\Program Files\Toshiba\TECO\TecoService.exe
19:20:40.0629 4772 C:\Program Files\Toshiba\TECO\TecoService.exe - ok
19:20:40.0629 4772 [ FF19C0002F7CA2FC0EA87EA9892B5C7E ] C:\Program Files\Toshiba\TECO\TecoHci.dll
19:20:40.0629 4772 C:\Program Files\Toshiba\TECO\TecoHci.dll - ok
19:20:40.0644 4772 [ 514AE6C699D6223E3FE73C7902BB40FE ] C:\Program Files\Toshiba\TECO\TecoPower.dll
19:20:40.0644 4772 C:\Program Files\Toshiba\TECO\TecoPower.dll - ok
19:20:40.0644 4772 [ 441FBA48BFF01FDB9D5969EBC1838F0B ] C:\Windows\System32\drivers\srv.sys
19:20:40.0644 4772 C:\Windows\System32\drivers\srv.sys - ok
19:20:40.0644 4772 [ B95F6501A2F8B2E78C697FEC401970CE ] C:\Windows\System32\ipnathlp.dll
19:20:40.0644 4772 C:\Windows\System32\ipnathlp.dll - ok
19:20:40.0644 4772 [ A42F2C1EB3B66C54FB3C7B79D30C1A6D ] C:\Windows\System32\netshell.dll
19:20:40.0644 4772 C:\Windows\System32\netshell.dll - ok
19:20:40.0660 4772 [ D9F42719019740BAA6D1C6D536CBDAA6 ] C:\Windows\System32\srvsvc.dll
19:20:40.0660 4772 C:\Windows\System32\srvsvc.dll - ok
19:20:40.0660 4772 [ 05F5A0D14A2EE1D8255C2AA0E9E8E694 ] C:\Windows\System32\browser.dll
19:20:40.0660 4772 C:\Windows\System32\browser.dll - ok
19:20:40.0660 4772 [ CFEFA40DDE34659BE5211966EAD86437 ] C:\Windows\System32\netmsg.dll
19:20:40.0660 4772 C:\Windows\System32\netmsg.dll - ok
19:20:40.0660 4772 [ 81749E073AC5857B044A686B406E5244 ] C:\Windows\System32\clusapi.dll
19:20:40.0660 4772 C:\Windows\System32\clusapi.dll - ok
19:20:40.0675 4772 [ FF80CAD87555E8E4D2CFD7B9058343F8 ] C:\Windows\System32\sscore.dll
19:20:40.0675 4772 C:\Windows\System32\sscore.dll - ok
19:20:40.0675 4772 [ 344FCC9850C3A8A3B4D3C65151AF8E4C ] C:\Windows\System32\resutils.dll
19:20:40.0675 4772 C:\Windows\System32\resutils.dll - ok
19:20:40.0675 4772 [ A8B7F3818AB65695E3A0BB3279F6DCE6 ] C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
19:20:40.0675 4772 C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe - ok
19:20:40.0675 4772 [ A08C010D859F8EB42BDD7E1D55B8CA27 ] C:\Windows\System32\mscoree.dll
19:20:40.0675 4772 C:\Windows\System32\mscoree.dll - ok
19:20:40.0691 4772 [ AA794B099F776B37ACCDEAD00E0FBFC9 ] C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscoreei.dll
19:20:40.0691 4772 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscoreei.dll - ok
19:20:40.0691 4772 [ 619A67C9F617B7E69315BB28ECD5E1DF ] C:\Windows\System32\wbem\WmiPrvSE.exe
19:20:40.0691 4772 C:\Windows\System32\wbem\WmiPrvSE.exe - ok
19:20:40.0691 4772 [ 07AD88DF9EF73215458867EFC1BFFE9E ] C:\Windows\System32\wbem\wmiprov.dll
19:20:40.0691 4772 C:\Windows\System32\wbem\wmiprov.dll - ok
19:20:40.0707 4772 [ 02CD5B2C3B017122CAC00BDB520CD7AC ] C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorwks.dll
19:20:40.0707 4772 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorwks.dll - ok
19:20:40.0707 4772 [ 01AEA2F16FE0C522DDFD7FAFFC959C6A ] C:\Windows\assembly\NativeImages_v2.0.50727_64\mscorlib\74a5f0c2bc0d0e6e3c4ec4886b9be891\mscorlib.ni.dll
19:20:40.0707 4772 C:\Windows\assembly\NativeImages_v2.0.50727_64\mscorlib\74a5f0c2bc0d0e6e3c4ec4886b9be891\mscorlib.ni.dll - ok
19:20:40.0707 4772 [ 8BE887F1743FBB39ED2C9CA2937742D6 ] C:\Windows\assembly\NativeImages_v2.0.50727_64\System\f3888a2c7b096d416ca0cfc5405219b4\System.ni.dll
19:20:40.0707 4772 C:\Windows\assembly\NativeImages_v2.0.50727_64\System\f3888a2c7b096d416ca0cfc5405219b4\System.ni.dll - ok
19:20:40.0707 4772 [ 020C2F610BE801B9B50AF1BFF4A5B24B ] C:\Windows\assembly\NativeImages_v2.0.50727_64\System.ServiceProce#\c9866f6c2cae33d2c38ab32da622a167\System.ServiceProcess.ni.dll
19:20:40.0707 4772 C:\Windows\assembly\NativeImages_v2.0.50727_64\System.ServiceProce#\c9866f6c2cae33d2c38ab32da622a167\System.ServiceProcess.ni.dll - ok
19:20:40.0722 4772 [ 3ABB7ADB9CCBCD24D6C55201A3842A94 ] C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorjit.dll
19:20:40.0722 4772 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorjit.dll - ok
19:20:40.0722 4772 [ 76F39902E25F43FE9450AD3D6A14D0D8 ] C:\Windows\assembly\NativeImages_v2.0.50727_64\WindowsBase\60ab562d9fe10d1782ed705ef2beb95a\WindowsBase.ni.dll
19:20:40.0722 4772 C:\Windows\assembly\NativeImages_v2.0.50727_64\WindowsBase\60ab562d9fe10d1782ed705ef2beb95a\WindowsBase.ni.dll - ok
19:20:40.0722 4772 [ 72AB8C3F8AB7B550A896357C9E0896DA ] C:\Windows\assembly\NativeImages_v2.0.50727_64\PresentationCore\2abfa3ca7ad3cc6f199158e6663f3006\PresentationCore.ni.dll
19:20:40.0722 4772 C:\Windows\assembly\NativeImages_v2.0.50727_64\PresentationCore\2abfa3ca7ad3cc6f199158e6663f3006\PresentationCore.ni.dll - ok
19:20:40.0738 4772 [ C264145F107437CBD3B30303733AEE4F ] C:\Windows\assembly\GAC_64\PresentationCore\3.0.0.0__31bf3856ad364e35\PresentationCore.dll
19:20:40.0738 4772 C:\Windows\assembly\GAC_64\PresentationCore\3.0.0.0__31bf3856ad364e35\PresentationCore.dll - ok
19:20:40.0738 4772 [ C8541AECCCA9260DE93C85F214110FA8 ] C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\wpfgfx_v0300.dll
19:20:40.0738 4772 C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\wpfgfx_v0300.dll - ok
19:20:40.0738 4772 [ 3977D4A871CA0D4F2ED1E7DB46829731 ] C:\Windows\System32\appinfo.dll
19:20:40.0738 4772 C:\Windows\System32\appinfo.dll - ok
19:20:40.0738 4772 [ BF1FC3F79B863C914687A737C2F3D681 ] C:\Windows\System32\wdi.dll
19:20:40.0738 4772 C:\Windows\System32\wdi.dll - ok
19:20:40.0753 4772 [ BD9EB3958F213F96B97B1D897DEE006D ] C:\Windows\System32\hidserv.dll
19:20:40.0753 4772 C:\Windows\System32\hidserv.dll - ok
19:20:40.0753 4772 [ 4F15D75ADF6156BF56ECED6D4A55C389 ] C:\Windows\System32\IPSECSVC.DLL
19:20:40.0753 4772 C:\Windows\System32\IPSECSVC.DLL - ok
19:20:40.0753 4772 [ CDAD3376DFF3D9AC7FDCBE2B94B0D3C8 ] C:\Windows\System32\shfolder.dll
19:20:40.0753 4772 C:\Windows\System32\shfolder.dll - ok
19:20:40.0769 4772 [ 93221146D4EBBF314C29B23CD6CC391D ] C:\Windows\System32\wpdbusenum.dll
19:20:40.0769 4772 C:\Windows\System32\wpdbusenum.dll - ok
19:20:40.0769 4772 [ 4449D23E8F197862F1B16F1E6C89C36C ] C:\Windows\System32\diagperf.dll
19:20:40.0769 4772 C:\Windows\System32\diagperf.dll - ok
19:20:40.0769 4772 [ E64D9EC8018C55873B40FDEE9DBEF5B3 ] C:\Windows\System32\PortableDeviceApi.dll
19:20:40.0769 4772 C:\Windows\System32\PortableDeviceApi.dll - ok
19:20:40.0769 4772 [ F7073C962C4FB7C415565DDE109DE49F ] C:\Windows\System32\npmproxy.dll
19:20:40.0769 4772 C:\Windows\System32\npmproxy.dll - ok
19:20:40.0785 4772 [ 15E298B5EC5B89C5994A59863969D9FF ] C:\Windows\SysWOW64\npmproxy.dll
19:20:40.0785 4772 C:\Windows\SysWOW64\npmproxy.dll - ok
19:20:40.0785 4772 [ 58A0CDABEA255616827B1C22C9994466 ] C:\Windows\System32\NapiNSP.dll
19:20:40.0785 4772 C:\Windows\System32\NapiNSP.dll - ok
19:20:40.0785 4772 [ 613C8CE10A5FDE582BA5FA64C4D56AAA ] C:\Windows\System32\pnrpnsp.dll
19:20:40.0785 4772 C:\Windows\System32\pnrpnsp.dll - ok
19:20:40.0800 4772 [ AFA79C343F9D1555F7E5D5FA70BB2A14 ] C:\Windows\System32\PortableDeviceConnectApi.dll
19:20:40.0800 4772 C:\Windows\System32\PortableDeviceConnectApi.dll - ok
19:20:40.0800 4772 [ 2E2072EB48238FCA8FBB7A9F5FABAC45 ] C:\Windows\System32\winrnr.dll
19:20:40.0800 4772 C:\Windows\System32\winrnr.dll - ok
19:20:40.0816 4772 [ 9BC93C9ACFA34DB5A41B89357B31E4ED ] C:\Windows\System32\FwRemoteSvr.dll
19:20:40.0816 4772 C:\Windows\System32\FwRemoteSvr.dll - ok
19:20:40.0816 4772 [ DDA4CAF29D8C0A297F886BFE561E6659 ] C:\Windows\System32\drivers\WUDFRd.sys
19:20:40.0816 4772 C:\Windows\System32\drivers\WUDFRd.sys - ok
19:20:40.0816 4772 [ BF4AC709BE5BF64F331F5D67773A0C82 ] C:\Windows\System32\perftrack.dll
19:20:40.0816 4772 C:\Windows\System32\perftrack.dll - ok
19:20:40.0831 4772 [ 9719E3D834F5C8C43F56A93DFA497023 ] C:\Windows\System32\pnpts.dll
19:20:40.0831 4772 C:\Windows\System32\pnpts.dll - ok
19:20:40.0831 4772 [ E811F8510B133E70CF6E509FB809824F ] C:\Windows\System32\wdiasqmmodule.dll
19:20:40.0831 4772 C:\Windows\System32\wdiasqmmodule.dll - ok
19:20:40.0831 4772 [ E1B22739C933BE33F53DB58C5393ADD3 ] C:\Windows\System32\Apphlpdm.dll
19:20:40.0831 4772 C:\Windows\System32\Apphlpdm.dll - ok
19:20:40.0847 4772 [ 46863C4CC5B68EB09EA2D5EEF0F1193A ] C:\Windows\System32\radardt.dll
19:20:40.0847 4772 C:\Windows\System32\radardt.dll - ok
19:20:40.0847 4772 [ 025E7DBDB98866ED3CB2D4DDA70B364D ] C:\Windows\System32\runonce.exe
19:20:40.0847 4772 C:\Windows\System32\runonce.exe - ok
19:20:40.0847 4772 [ AB886378EEB55C6C75B4F2D14B6C869F ] C:\Windows\System32\drivers\WUDFPf.sys
19:20:40.0847 4772 C:\Windows\System32\drivers\WUDFPf.sys - ok
19:20:40.0863 4772 [ B20F051B03A966392364C83F009F7D17 ] C:\Windows\System32\WUDFSvc.dll
19:20:40.0863 4772 C:\Windows\System32\WUDFSvc.dll - ok
19:20:40.0863 4772 [ B1DF2D87DC8BF6072699AC8301B37796 ] C:\Windows\System32\WUDFPlatform.dll
19:20:40.0863 4772 C:\Windows\System32\WUDFPlatform.dll - ok
19:20:40.0863 4772 [ 8ABFE00F213F2571498F1B8FD7939A98 ] C:\Windows\System32\WUDFHost.exe
19:20:40.0863 4772 C:\Windows\System32\WUDFHost.exe - ok
19:20:40.0878 4772 [ 4B78B431F225FD8624C5655CB1DE7B61 ] C:\Windows\System32\aelupsvc.dll
19:20:40.0878 4772 C:\Windows\System32\aelupsvc.dll - ok
19:20:40.0878 4772 [ E629F1A051C82795DDFFD3E8D4855811 ] C:\Windows\System32\dimsjob.dll
19:20:40.0878 4772 C:\Windows\System32\dimsjob.dll - ok
19:20:40.0878 4772 [ 35CB97CBC3EDC463418ED4997AAB29B6 ] C:\Windows\System32\pautoenr.dll
19:20:40.0878 4772 C:\Windows\System32\pautoenr.dll - ok
19:20:40.0878 4772 [ 94DFBB481BF51158B216E23C5C1C9D6E ] C:\Windows\System32\certcli.dll
19:20:40.0878 4772 C:\Windows\System32\certcli.dll - ok
19:20:40.0894 4772 [ 263B26106606A010CF877472B535E4BB ] C:\Windows\System32\CertEnroll.dll
19:20:40.0894 4772 C:\Windows\System32\CertEnroll.dll - ok
19:20:40.0894 4772 [ 7EBDAACD7E1FB60FD00AAD16C13858F2 ] C:\Windows\SysWOW64\NPDownx.exe
19:20:40.0894 4772 C:\Windows\SysWOW64\NPDownx.exe - ok
19:20:40.0894 4772 [ 25AE683DCB4AE7E6F1B193A0CB9DB35F ] C:\Windows\System32\WUDFx.dll
19:20:40.0894 4772 C:\Windows\System32\WUDFx.dll - ok
19:20:40.0894 4772 [ 91D6F0AB79AA36FFB932157865206F35 ] C:\Windows\System32\drivers\UMDF\WpdFs.dll
19:20:40.0894 4772 C:\Windows\System32\drivers\UMDF\WpdFs.dll - ok
19:20:40.0909 4772 [ 9864D52F15AD32094A636C6B5281D9E7 ] C:\Windows\System32\WMVCORE.DLL
19:20:40.0909 4772 C:\Windows\System32\WMVCORE.DLL - ok
19:20:40.0909 4772 [ AACC48FE239F0DF126DA2F28930A5B83 ] C:\Windows\System32\WMASF.DLL
19:20:40.0909 4772 C:\Windows\System32\WMASF.DLL - ok
19:20:40.0909 4772 [ 389CA818132C1D7DCF0C791E8D9035DE ] C:\Windows\System32\PortableDeviceClassExtension.dll
19:20:40.0909 4772 C:\Windows\System32\PortableDeviceClassExtension.dll - ok
19:20:40.0925 4772 [ 4F3CD1C59EA71401E155C432BCECE180 ] C:\Windows\System32\PortableDeviceTypes.dll
19:20:40.0925 4772 C:\Windows\System32\PortableDeviceTypes.dll - ok
19:20:40.0925 4772 [ C9F43235625C43C35BF560C5E671544D ] C:\Program Files\AVAST Software\Avast\snxhk.dll
19:20:40.0925 4772 C:\Program Files\AVAST Software\Avast\snxhk.dll - ok
19:20:40.0925 4772 [ 8BDC8ECF5EC879F5F8686B86510BADA0 ] C:\Program Files (x86)\TOSHIBA\Wireless LAN Indicator\tosKillIndicator.exe
19:20:40.0925 4772 C:\Program Files (x86)\TOSHIBA\Wireless LAN Indicator\tosKillIndicator.exe - ok
19:20:40.0925 4772 [ 3377950B4FAA20C9A939331B5D67D8E1 ] C:\Windows\assembly\NativeImages_v2.0.50727_32\tosKillIndicator\ad4f94024093588345c39f8fa589ccca\tosKillIndicator.ni.exe
19:20:40.0925 4772 C:\Windows\assembly\NativeImages_v2.0.50727_32\tosKillIndicator\ad4f94024093588345c39f8fa589ccca\tosKillIndicator.ni.exe - ok
19:20:40.0941 4772 [ D44741F65A1D71F65814A12CF6E2400A ] C:\Windows\SysWOW64\runonce.exe
19:20:40.0941 4772 C:\Windows\SysWOW64\runonce.exe - ok
19:20:40.0941 4772 [ BA674E08FD014AA1289BF2AEEA4962A6 ] C:\Windows\SysWOW64\msxml4a.dll
19:20:40.0941 4772 C:\Windows\SysWOW64\msxml4a.dll - ok
19:20:40.0941 4772 [ CF34EEC288A4C53E71602D5E0D65EF89 ] C:\Windows\SysWOW64\msxml4r.dll
19:20:40.0941 4772 C:\Windows\SysWOW64\msxml4r.dll - ok
19:20:40.0956 4772 [ 1D030BF7C36F7998D3783AF54EB0CF92 ] C:\Windows\SysWOW64\WINHTTP5.DLL
19:20:40.0956 4772 C:\Windows\SysWOW64\WINHTTP5.DLL - ok
19:20:40.0956 4772 [ FA43D418BC945D27D0625B697B8442B5 ] C:\Windows\System32\cabinet.dll
19:20:40.0956 4772 C:\Windows\System32\cabinet.dll - ok
19:20:40.0956 4772 [ 92E0508D924512F63FFEEFE498CBD11F ] C:\Windows\System32\p2pcollab.dll
19:20:40.0956 4772 C:\Windows\System32\p2pcollab.dll - ok
19:20:40.0972 4772 [ AD7B9C14083B52BC532FBA5948342B98 ] C:\Windows\SysWOW64\cmd.exe
19:20:40.0972 4772 C:\Windows\SysWOW64\cmd.exe - ok
19:20:40.0972 4772 [ 582AC6D9873E31DFA28A4547270862DD ] C:\Windows\System32\QAGENTRT.DLL
19:20:40.0972 4772 C:\Windows\System32\QAGENTRT.DLL - ok
19:20:40.0972 4772 [ 506A83A3BEEE9FCA09F0170DE9FC7D1B ] C:\Windows\System32\fveui.dll
19:20:40.0972 4772 C:\Windows\System32\fveui.dll - ok
19:20:40.0972 4772 [ 3326166011C9BC13D6A8EFD856E9921C ] C:\Windows\System32\conhost.exe
19:20:40.0972 4772 C:\Windows\System32\conhost.exe - ok
19:20:40.0987 4772 [ 326C7F76A29897A892AA7726E91C1C67 ] C:\Windows\SysWOW64\winbrand.dll
19:20:40.0987 4772 C:\Windows\SysWOW64\winbrand.dll - ok
19:20:40.0987 4772 [ 5466DCAEF5A648E04D1B6580F2C901B5 ] C:\Windows\SysWOW64\ieframe.dll
19:20:40.0987 4772 C:\Windows\SysWOW64\ieframe.dll - ok
19:20:40.0987 4772 [ BE247AE996A9FDE007A27B51413A6C79 ] C:\Windows\SysWOW64\shdocvw.dll
19:20:40.0987 4772 C:\Windows\SysWOW64\shdocvw.dll - ok
19:20:40.0987 4772 [ EBC984F0CE40E0DAF0454D806EC2A7EC ] C:\Users\SimonLaptop\AppData\Local\Temp\A42226F3-D680-43B9-816C-2A917123AB3F.exe
19:20:40.0987 4772 C:\Users\SimonLaptop\AppData\Local\Temp\A42226F3-D680-43B9-816C-2A917123AB3F.exe - ok
19:20:41.0003 4772 [ 591FE0A6CEB19BF886CEB1331F591940 ] C:\Windows\SysWOW64\ncrypt.dll
19:20:41.0003 4772 C:\Windows\SysWOW64\ncrypt.dll - ok
19:20:41.0003 4772 [ CE71B9119A258EDD0A05B37D7B0F92E3 ] C:\Windows\SysWOW64\bcrypt.dll
19:20:41.0003 4772 C:\Windows\SysWOW64\bcrypt.dll - ok
19:20:41.0003 4772 [ E8449FE262D7406BCB2AC2A45C53EC5F ] C:\Windows\SysWOW64\bcryptprimitives.dll
19:20:41.0003 4772 C:\Windows\SysWOW64\bcryptprimitives.dll - ok
19:20:41.0003 4772 [ 1097F3035BAF46CED8B332B3564C5108 ] C:\Windows\SysWOW64\gpapi.dll
19:20:41.0003 4772 C:\Windows\SysWOW64\gpapi.dll - ok
19:20:41.0019 4772 [ CA79539D3D4C0BA66F0F051A5EE5E923 ] C:\Windows\SysWOW64\cryptnet.dll
19:20:41.0019 4772 C:\Windows\SysWOW64\cryptnet.dll - ok
19:20:41.0019 4772 [ 846D0E4DB261CFAF363902E41498E961 ] C:\Windows\SysWOW64\EhStorShell.dll
19:20:41.0019 4772 C:\Windows\SysWOW64\EhStorShell.dll - ok
19:20:41.0019 4772 [ 03F3B770DFBED6131653CEDA8CA780F0 ] C:\Windows\SysWOW64\ntshrui.dll
19:20:41.0019 4772 C:\Windows\SysWOW64\ntshrui.dll - ok
19:20:41.0034 4772 [ 8B74CEC6980D4816B0037AE9A27E538F ] C:\Windows\SysWOW64\slc.dll
19:20:41.0034 4772 C:\Windows\SysWOW64\slc.dll - ok
19:20:41.0034 4772 [ 827CB0D6C3F8057EA037FF271F8E9795 ] C:\Windows\SysWOW64\imageres.dll
19:20:41.0034 4772 C:\Windows\SysWOW64\imageres.dll - ok
19:20:41.0034 4772 [ B519848DFA30AE2B306576B51321D102 ] C:\Windows\System32\ie4uinit.exe
19:20:41.0034 4772 C:\Windows\System32\ie4uinit.exe - ok
19:20:41.0050 4772 [ FB10715E4099AF9FA389C71873245226 ] C:\Windows\System32\timedate.cpl
19:20:41.0050 4772 C:\Windows\System32\timedate.cpl - ok
19:20:41.0050 4772 [ E6F0F82788E8BD0F7A616350EFA0761C ] C:\Windows\System32\actxprxy.dll
19:20:41.0050 4772 C:\Windows\System32\actxprxy.dll - ok
19:20:41.0050 4772 [ C4F40F6CACD796A8E16671D0E9A2F319 ] C:\Windows\System32\shdocvw.dll
19:20:41.0050 4772 C:\Windows\System32\shdocvw.dll - ok
19:20:41.0065 4772 [ A0A65D306A5490D2EB8E7DE66898ECFD ] C:\Windows\System32\linkinfo.dll
19:20:41.0065 4772 C:\Windows\System32\linkinfo.dll - ok
19:20:41.0065 4772 [ FA752544EE1EE59E8AD938CBB43CAC93 ] C:\PROGRA~2\WIC4A1~1\MESSEN~1\msgslang.dll
19:20:41.0065 4772 C:\PROGRA~2\WIC4A1~1\MESSEN~1\msgslang.dll - ok
19:20:41.0081 4772 [ 1EAC1A8CA6874BF5B15E2EFB9A9A7B86 ] C:\Windows\System32\msftedit.dll
19:20:41.0081 4772 C:\Windows\System32\msftedit.dll - ok
19:20:41.0081 4772 [ 7FCAB194F01E3403C300EB034E480B36 ] C:\Windows\System32\msls31.dll
19:20:41.0081 4772 C:\Windows\System32\msls31.dll - ok
19:20:41.0081 4772 [ 7DBA84667DC18877AEF693E3543DFAD7 ] C:\Program Files\Common Files\Microsoft Shared\ink\tiptsf.dll
19:20:41.0081 4772 C:\Program Files\Common Files\Microsoft Shared\ink\tiptsf.dll - ok
19:20:41.0081 4772 [ 3504B34CD2DE00BA3CC1A195F1B739BD ] C:\Windows\System32\gameux.dll
19:20:41.0081 4772 C:\Windows\System32\gameux.dll - ok
19:20:41.0097 4772 [ 64E498DF53A9481C0F65923B8E1AF8FF ] C:\Windows\System32\igfxtray.exe
19:20:41.0097 4772 C:\Windows\System32\igfxtray.exe - ok
19:20:41.0097 4772 [ D2AF25E2921BACC9B87E1AB7054F22D2 ] C:\Windows\System32\hkcmd.exe
19:20:41.0097 4772 C:\Windows\System32\hkcmd.exe - ok
19:20:41.0097 4772 [ 4C2C4640BF23AAFCF90519E0F34436CE ] C:\Windows\System32\DeviceCenter.dll
19:20:41.0097 4772 C:\Windows\System32\DeviceCenter.dll - ok
19:20:41.0097 4772 [ E58E1B907C67DE1FD65BE37EB3C5E79D ] C:\Windows\System32\igfxpers.exe
19:20:41.0097 4772 C:\Windows\System32\igfxpers.exe - ok
19:20:41.0112 4772 [ 92D65E5A207C81F15DC546C0365A1753 ] C:\Windows\System32\hccutils.dll
19:20:41.0112 4772 C:\Windows\System32\hccutils.dll - ok
19:20:41.0112 4772 [ 24F4B480F335A6C724AF352253C5D98B ] C:\Windows\System32\thumbcache.dll
19:20:41.0112 4772 C:\Windows\System32\thumbcache.dll - ok
19:20:41.0112 4772 [ F20C4731C0B5B50FEDE5CAAEF77D15E2 ] C:\Windows\System32\igfxsrvc.exe
19:20:41.0112 4772 C:\Windows\System32\igfxsrvc.exe - ok
19:20:41.0112 4772 [ 3A25973E0B5C1C6ED5A64EF0F85386B2 ] C:\Program Files\Toshiba\Power Saver\TPwrMain.exe
19:20:41.0112 4772 C:\Program Files\Toshiba\Power Saver\TPwrMain.exe - ok
19:20:41.0128 4772 [ C90DF97E0434BDB9BA1B53DAA0613E88 ] C:\Windows\System32\igfxsrvc.dll
19:20:41.0128 4772 C:\Windows\System32\igfxsrvc.dll - ok
19:20:41.0128 4772 [ 381AAB4EEDDB57D77D2619874649B709 ] C:\Windows\System32\igfxdev.dll
19:20:41.0128 4772 C:\Windows\System32\igfxdev.dll - ok
19:20:41.0128 4772 [ 405F4D32D2185F1F1BD753D8EEAFFB3A ] C:\Windows\System32\networkexplorer.dll
19:20:41.0128 4772 C:\Windows\System32\networkexplorer.dll - ok
19:20:41.0128 4772 [ 105CFE016CCB20175BEACEC146F175AB ] C:\Windows\System32\IccLibDll_x64.dll
19:20:41.0128 4772 C:\Windows\System32\IccLibDll_x64.dll - ok
19:20:41.0143 4772 [ E1A4E83428A43374BE5CE1130AE502E2 ] C:\Windows\System32\igfxrenu.lrc
19:20:41.0143 4772 C:\Windows\System32\igfxrenu.lrc - ok
19:20:41.0143 4772 [ F146E2BA475893DD77B2370DC1211FC6 ] C:\Windows\System32\drivers\03348401.sys
19:20:41.0143 4772 C:\Windows\System32\drivers\03348401.sys - ok
19:20:41.0143 4772 [ 7E14F1832783225866AAD6477F8FA573 ] C:\Windows\System32\igfxress.dll
19:20:41.0143 4772 C:\Windows\System32\igfxress.dll - ok
19:20:41.0143 4772 [ 0E7DF65078420B6E69A06A7B329EBEFE ] C:\Program Files\Toshiba\Power Saver\TtosFunc.dll
19:20:41.0143 4772 C:\Program Files\Toshiba\Power Saver\TtosFunc.dll - ok
19:20:41.0159 4772 [ 69754747274B76E7FAF287239333D7E6 ] C:\Windows\System32\msiltcfg.dll
19:20:41.0159 4772 C:\Windows\System32\msiltcfg.dll - ok
19:20:41.0159 4772 [ 1473768973453DE50DC738C2955FC4DD ] C:\Windows\System32\wdmaud.drv
19:20:41.0159 4772 C:\Windows\System32\wdmaud.drv - ok
19:20:41.0159 4772 [ DFD8F75F0E27D522AB8424AD71719C8B ] C:\Program Files\Toshiba\TBS\HSON.exe
19:20:41.0159 4772 C:\Program Files\Toshiba\TBS\HSON.exe - ok
19:20:41.0159 4772 [ 10A01C0BCF66F91820B7CF8309D7C051 ] C:\Program Files\Toshiba\Power Saver\TCooling.dll
19:20:41.0159 4772 C:\Program Files\Toshiba\Power Saver\TCooling.dll - ok
19:20:41.0175 4772 [ 8560FFFC8EB3A806DCD4F82252CFC8C6 ] C:\Windows\System32\ksuser.dll
19:20:41.0175 4772 C:\Windows\System32\ksuser.dll - ok
19:20:41.0175 4772 [ D732760C00A1B5BCFA4705E10F1F3F59 ] C:\PROGRA~1\COMMON~1\MICROS~1\OFFICE12\msoshext.dll
19:20:41.0175 4772 C:\PROGRA~1\COMMON~1\MICROS~1\OFFICE12\msoshext.dll - ok
19:20:41.0175 4772 [ CD2B5743E36067630B547DF6C34BD9B1 ] C:\Program Files\Toshiba\Power Saver\TOddPwr.dll
19:20:41.0175 4772 C:\Program Files\Toshiba\Power Saver\TOddPwr.dll - ok
19:20:41.0175 4772 [ C78679298F9BC17A4E5B54F7E2060491 ] C:\Program Files\Toshiba\Power Saver\TPwrSrv.dll
19:20:41.0175 4772 C:\Program Files\Toshiba\Power Saver\TPwrSrv.dll - ok
19:20:41.0190 4772 [ 2AEA0A806F7C1848AAAC1473241B0394 ] C:\Program Files\Common Files\Microsoft Shared\OFFICE11\msxml5.dll
19:20:41.0190 4772 C:\Program Files\Common Files\Microsoft Shared\OFFICE11\msxml5.dll - ok
19:20:41.0190 4772 [ 102CF6879887BBE846A00C459E6D4ABC ] C:\Windows\SysWOW64\riched20.dll
19:20:41.0190 4772 C:\Windows\SysWOW64\riched20.dll - ok
19:20:41.0190 4772 [ 46E7056A91A5C9AF2F66DBF5828E6289 ] C:\Program Files\Toshiba\Power Saver\TPwrBrightness.dll
19:20:41.0190 4772 C:\Program Files\Toshiba\Power Saver\TPwrBrightness.dll - ok
19:20:41.0206 4772 [ E2A17BCC08D92F42E08AF6BA2F93ABA7 ] C:\Windows\SysWOW64\ExplorerFrame.dll
19:20:41.0206 4772 C:\Windows\SysWOW64\ExplorerFrame.dll - ok
19:20:41.0206 4772 [ B531C33C3D7454EA50BA043AAAEED7E0 ] C:\Program Files\Toshiba\Power Saver\T1394Pwr.dll
19:20:41.0206 4772 C:\Program Files\Toshiba\Power Saver\T1394Pwr.dll - ok
19:20:41.0206 4772 [ 6E1F8165C365D35C8E3C045AF0CDD481 ] C:\Windows\SysWOW64\duser.dll
19:20:41.0206 4772 C:\Windows\SysWOW64\duser.dll - ok
19:20:41.0206 4772 [ EE06B85BC69F18826302348A2AD089E0 ] C:\Windows\SysWOW64\dui70.dll
19:20:41.0206 4772 C:\Windows\SysWOW64\dui70.dll - ok
19:20:41.0221 4772 [ 4DB8BE65B7567A28833D2F10BC7FD667 ] C:\Program Files\Toshiba\Power Saver\TKBLEDPwr.dll
19:20:41.0221 4772 C:\Program Files\Toshiba\Power Saver\TKBLEDPwr.dll - ok
19:20:41.0221 4772 [ 084A1FF737383AAC721204861A5A9011 ] C:\Program Files\Toshiba\FlashCards\TCrdMain.exe
19:20:41.0221 4772 C:\Program Files\Toshiba\FlashCards\TCrdMain.exe - ok
19:20:41.0221 4772 [ 891C25B7BE7DF5394207BE2DB07EE208 ] C:\Program Files\Toshiba\Power Saver\TSDPwr.dll
19:20:41.0221 4772 C:\Program Files\Toshiba\Power Saver\TSDPwr.dll - ok
19:20:41.0221 4772 [ DC220AE6F64819099F7EBD6F137E32E7 ] C:\Windows\System32\AudioSes.dll
19:20:41.0221 4772 C:\Windows\System32\AudioSes.dll - ok
19:20:41.0237 4772 [ 1B7C3A37362C7B2890168C5FC61C8D9B ] C:\Windows\System32\msacm32.drv
19:20:41.0237 4772 C:\Windows\System32\msacm32.drv - ok
19:20:41.0237 4772 [ D70D6B42933C1174FE961F0BCA3573A3 ] C:\Program Files\Toshiba\FlashCards\TCrdEvnt.dll
19:20:41.0237 4772 C:\Program Files\Toshiba\FlashCards\TCrdEvnt.dll - ok
19:20:41.0237 4772 [ C5F58174DE74878197722B5A8AA8B45B ] C:\Program Files\Toshiba\Power Saver\TPCIePwr.dll
19:20:41.0237 4772 C:\Program Files\Toshiba\Power Saver\TPCIePwr.dll - ok
19:20:41.0253 4772 [ 76849AB697E63D85CC35DD2F8AEA1C6B ] C:\Program Files\Toshiba\FlashCards\TCrdMain.dll
19:20:41.0253 4772 C:\Program Files\Toshiba\FlashCards\TCrdMain.dll - ok
19:20:41.0253 4772 [ 10AC5CE9F78DC281A1BBD9B8CC587B8A ] C:\Windows\System32\msacm32.dll
19:20:41.0253 4772 C:\Windows\System32\msacm32.dll - ok
19:20:41.0253 4772 [ 3819AD4329303EAC88480CA16A650735 ] C:\Windows\System32\UIAnimation.dll
19:20:41.0253 4772 C:\Windows\System32\UIAnimation.dll - ok
19:20:41.0268 4772 [ CA2A0750ED830678997695FF61B04C30 ] C:\Windows\System32\midimap.dll
19:20:41.0268 4772 C:\Windows\System32\midimap.dll - ok
19:20:41.0268 4772 [ 5EDBB34736DD7AC1A73CF8792A835E10 ] C:\Windows\System32\AudioEng.dll
19:20:41.0268 4772 C:\Windows\System32\AudioEng.dll - ok
19:20:41.0268 4772 [ C1395286B822E306B4FE1568A8A77813 ] C:\Windows\System32\AUDIOKSE.dll
19:20:41.0268 4772 C:\Windows\System32\AUDIOKSE.dll - ok
19:20:41.0284 4772 [ 4F12EAD0B4C8BDAED5A11CC11F394B0A ] C:\Program Files\CONEXANT\SAII\SAIICpl.exe
19:20:41.0284 4772 C:\Program Files\CONEXANT\SAII\SAIICpl.exe - ok
19:20:41.0284 4772 [ AA0B1A7B4750F655936F2F82B5E84428 ] C:\Windows\System32\CX64AP40.dll
19:20:41.0284 4772 C:\Windows\System32\CX64AP40.dll - ok
19:20:41.0284 4772 [ 6F3C559B82F2912354BE5B098744CC8C ] C:\Windows\System32\WMALFXGFXDSP.dll
19:20:41.0284 4772 C:\Windows\System32\WMALFXGFXDSP.dll - ok
19:20:41.0299 4772 [ 54B5DCD55B223BC5DF50B82E1E9E86B1 ] C:\Windows\System32\mfplat.dll
19:20:41.0299 4772 C:\Windows\System32\mfplat.dll - ok
19:20:41.0299 4772 [ 0F042176F243D71C552E9D07D2FCB141 ] C:\Program Files\Toshiba\FlashCards\BlackPng.dll
19:20:41.0299 4772 C:\Program Files\Toshiba\FlashCards\BlackPng.dll - ok
19:20:41.0315 4772 [ CB3CF9915ED7888FDBAF3694775DCCC7 ] C:\Windows\System32\EEL64A.dll
19:20:41.0315 4772 C:\Windows\System32\EEL64A.dll - ok
19:20:41.0315 4772 [ 483849E481652C22BAFC8052414B3099 ] C:\Windows\System32\EED64A.dll
19:20:41.0315 4772 C:\Windows\System32\EED64A.dll - ok
19:20:41.0315 4772 [ 9C96B167C21F6DCCF68E96853B0A8F93 ] C:\Program Files\Toshiba\FlashCards\FnPRTSC.dll
19:20:41.0315 4772 C:\Program Files\Toshiba\FlashCards\FnPRTSC.dll - ok
19:20:41.0315 4772 [ 3F84D23C338592CE690E5B186A6BC2C9 ] C:\Program Files\Toshiba\FlashCards\FnSticky.dll
19:20:41.0315 4772 C:\Program Files\Toshiba\FlashCards\FnSticky.dll - ok
19:20:41.0331 4772 [ BBD528E137DEF442AED3017606466EDE ] C:\Program Files\Toshiba\Power Saver\TFunctab.dll
19:20:41.0331 4772 C:\Program Files\Toshiba\Power Saver\TFunctab.dll - ok
19:20:41.0331 4772 [ A61BA3762126CC714E78207847F36BF2 ] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
19:20:41.0331 4772 C:\Program Files\Synaptics\SynTP\SynTPEnh.exe - ok
19:20:41.0331 4772 [ 1C937AA6A3E2E5F5F650686437AE2854 ] C:\Program Files\Toshiba\FlashCards\SmoothView.dll
19:20:41.0331 4772 C:\Program Files\Toshiba\FlashCards\SmoothView.dll - ok
19:20:41.0346 4772 [ 11615D80DC10ABB83D2A9002B70A4E36 ] C:\Program Files\Toshiba\FlashCards\TWarnMsg\TWarnMsg.dll
19:20:41.0346 4772 C:\Program Files\Toshiba\FlashCards\TWarnMsg\TWarnMsg.dll - ok
19:20:41.0346 4772 [ C3761661C17C2248A9379A8FB89E3DE1 ] C:\Windows\System32\stobject.dll
19:20:41.0346 4772 C:\Windows\System32\stobject.dll - ok
19:20:41.0346 4772 [ 1AC9B56AC7E043AC2874D61CBCED5F49 ] C:\Program Files\Toshiba\FlashCards\Hotkey\Mute.dll
19:20:41.0346 4772 C:\Program Files\Toshiba\FlashCards\Hotkey\Mute.dll - ok
19:20:41.0346 4772 [ F832EEEA97CDDA1AF577E721F652A0D1 ] C:\Windows\System32\batmeter.dll
19:20:41.0346 4772 C:\Windows\System32\batmeter.dll - ok
19:20:41.0362 4772 [ 91E9762DE0BFF5F38466A1B23D2A69D3 ] C:\Windows\System32\SynCOM.dll
19:20:41.0362 4772 C:\Windows\System32\SynCOM.dll - ok
19:20:41.0362 4772 [ 1DCD0B1345720349220CE79316A56751 ] C:\Program Files\Toshiba\FlashCards\Hotkey\FnZ.dll
19:20:41.0362 4772 C:\Program Files\Toshiba\FlashCards\Hotkey\FnZ.dll - ok
19:20:41.0362 4772 [ 85D5125275E44CA04D5514947A9FF874 ] C:\Program Files\Toshiba\TBS\TBSMain.dll
19:20:41.0362 4772 C:\Program Files\Toshiba\TBS\TBSMain.dll - ok
19:20:41.0362 4772 [ E9041DF716F40D9D3FF5D7C3D3967D11 ] C:\Windows\System32\SynTPAPI.dll
19:20:41.0362 4772 C:\Windows\System32\SynTPAPI.dll - ok
19:20:41.0377 4772 [ 2D2A6EC8EAD30EC3ACE2FD6FB1B3E122 ] C:\Windows\System32\prnfldr.dll
19:20:41.0377 4772 C:\Windows\System32\prnfldr.dll - ok
19:20:41.0377 4772 [ 34A3FC0FA69A3C22EC7E1C5327345584 ] C:\Program Files\Toshiba\TECO\Teco.exe
19:20:41.0377 4772 C:\Program Files\Toshiba\TECO\Teco.exe - ok
19:20:41.0377 4772 [ 42A9CB6906D9A8BEDC83B57163E62924 ] C:\Windows\System32\DXP.dll
19:20:41.0377 4772 C:\Windows\System32\DXP.dll - ok
19:20:41.0377 4772 [ 2BC7C9FD0A9F2C9AFC373F3AD1EE3891 ] C:\Windows\System32\Syncreg.dll
19:20:41.0377 4772 C:\Windows\System32\Syncreg.dll - ok
19:20:41.0393 4772 [ 06DEF9378C701E638B707B33B1E8151C ] C:\Program Files\Toshiba\FlashCards\Hotkey\TCrdKBB.exe
19:20:41.0393 4772 C:\Program Files\Toshiba\FlashCards\Hotkey\TCrdKBB.exe - ok
19:20:41.0393 4772 [ C836175870E00ACC546066632E15BD10 ] C:\Windows\ehome\ehSSO.dll
19:20:41.0393 4772 C:\Windows\ehome\ehSSO.dll - ok
19:20:41.0393 4772 [ 099B3847531EAF7BA63B5BB504CE8461 ] C:\Program Files\Toshiba\TECO\MUIHelp.dll
19:20:41.0393 4772 C:\Program Files\Toshiba\TECO\MUIHelp.dll - ok
19:20:41.0393 4772 [ B1D779583629876C0C64DECC51F205A8 ] C:\Program Files\Toshiba\TPHM\TosWaitSrv.exe
19:20:41.0393 4772 C:\Program Files\Toshiba\TPHM\TosWaitSrv.exe - ok
19:20:41.0409 4772 [ E7368F0A8D19445EAF5C5D0DBB8B8DAB ] C:\Windows\System32\AltTab.dll
19:20:41.0409 4772 C:\Windows\System32\AltTab.dll - ok
19:20:41.0409 4772 [ C8FDF0FA9E97E2FAAF3F814716AAA881 ] C:\Windows\System32\WPDShServiceObj.dll
19:20:41.0409 4772 C:\Windows\System32\WPDShServiceObj.dll - ok
19:20:41.0409 4772 [ E0B340996A41C9A75DFA3B99BBA9C500 ] C:\Windows\System32\SearchIndexer.exe
19:20:41.0409 4772 C:\Windows\System32\SearchIndexer.exe - ok
19:20:41.0409 4772 [ 10F815BE90A66AAFC6C713D1BD626064 ] C:\Windows\System32\pnidui.dll
19:20:41.0409 4772 C:\Windows\System32\pnidui.dll - ok
19:20:41.0424 4772 [ F82483A80D49ACCA81193A294FB233CD ] C:\Program Files\Toshiba\TosVolRegulator\TosVolRegulator.exe
19:20:41.0424 4772 C:\Program Files\Toshiba\TosVolRegulator\TosVolRegulator.exe - ok
19:20:41.0424 4772 [ 589DF683A6C81424A6CECE52ABF98A50 ] C:\Windows\System32\tquery.dll
19:20:41.0424 4772 C:\Windows\System32\tquery.dll - ok
19:20:41.0424 4772 [ E2B41D6676B915FBC39517BD3C969CB9 ] C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
19:20:41.0424 4772 C:\Program Files\Synaptics\SynTP\SynTPHelper.exe - ok
19:20:41.0424 4772 [ B9F0A4020AA98B7A20287BF7FE99A1FD ] C:\Windows\System32\QUTIL.DLL
19:20:41.0424 4772 C:\Windows\System32\QUTIL.DLL - ok
19:20:41.0440 4772 [ 8569E35D00F45972E506502EEE622BA4 ] C:\Windows\System32\srchadmin.dll
19:20:41.0440 4772 C:\Windows\System32\srchadmin.dll - ok
19:20:41.0440 4772 [ 92DBF0A4C9239169010FC6E07859C82E ] C:\Windows\System32\ActionCenter.dll
19:20:41.0440 4772 C:\Windows\System32\ActionCenter.dll - ok
19:20:41.0440 4772 [ 88B0BCC23660D466879099F26CCB8CA5 ] C:\Program Files\Toshiba\FlashCards\Hotkey\FnF1.dll
19:20:41.0440 4772 C:\Program Files\Toshiba\FlashCards\Hotkey\FnF1.dll - ok
19:20:41.0440 4772 [ F7A256EC899C72B4ECDD2C02CB592EFD ] C:\Windows\System32\bthprops.cpl
19:20:41.0440 4772 C:\Windows\System32\bthprops.cpl - ok
19:20:41.0455 4772 [ 3E155B3194E74F93485E65CCE740AE5E ] C:\Program Files\Toshiba\Power Saver\TFunc2.dll
19:20:41.0455 4772 C:\Program Files\Toshiba\Power Saver\TFunc2.dll - ok
19:20:41.0455 4772 [ 0B5511674394666E9D221F8681B2C2E6 ] C:\Windows\System32\consent.exe
19:20:41.0455 4772 C:\Windows\System32\consent.exe - ok
19:20:41.0455 4772 [ 7568CC720ACE4D03B84AF97817E745EF ] C:\Windows\System32\mssrch.dll
19:20:41.0455 4772 C:\Windows\System32\mssrch.dll - ok
19:20:41.0471 4772 [ C71E7ABB1A34E56CE73AE117C8DD566F ] C:\Windows\System32\ieframe.dll
19:20:41.0471 4772 C:\Windows\System32\ieframe.dll - ok
19:20:41.0471 4772 [ E6BC081DDE7391AD0A044C0796A86D08 ] C:\Program Files\Toshiba\FlashCards\Hotkey\FnF3.dll
19:20:41.0471 4772 C:\Program Files\Toshiba\FlashCards\Hotkey\FnF3.dll - ok
19:20:41.0471 4772 [ EDE3D67AE2951D330AA6A4EB7FEF7739 ] C:\Program Files\Toshiba\FlashCards\Hotkey\FnF4.dll
19:20:41.0471 4772 C:\Program Files\Toshiba\FlashCards\Hotkey\FnF4.dll - ok
19:20:41.0487 4772 [ 6692D5BCC14A6FA25C6F4FABFEB9DCAB ] C:\Program Files\Toshiba\FlashCards\Hotkey\FnF5.dll
19:20:41.0487 4772 C:\Program Files\Toshiba\FlashCards\Hotkey\FnF5.dll - ok
19:20:41.0487 4772 [ 578AD386192D03662C38D5E155144C59 ] C:\Program Files\Toshiba\TOSHIBA HDD SSD Alert\TosWaitSrv.exe
19:20:41.0487 4772 C:\Program Files\Toshiba\TOSHIBA HDD SSD Alert\TosWaitSrv.exe - ok
19:20:41.0502 4772 [ 3121A79D13A61562BE9CC902CD46B542 ] C:\Windows\System32\msidle.dll
19:20:41.0502 4772 C:\Windows\System32\msidle.dll - ok
19:20:41.0502 4772 [ E424B3EF666B184CEE0B6871AAA8C9F6 ] C:\Windows\System32\msimg32.dll
19:20:41.0502 4772 C:\Windows\System32\msimg32.dll - ok
19:20:41.0502 4772 [ ACE1BB07E0377E37A2C514CD2EC119B1 ] C:\Windows\System32\mssprxy.dll
19:20:41.0502 4772 C:\Windows\System32\mssprxy.dll - ok
19:20:41.0518 4772 [ 2A50F11A365A2BF58871F79727B2C91B ] C:\Windows\System32\igfxext.exe
19:20:41.0518 4772 C:\Windows\System32\igfxext.exe - ok
19:20:41.0518 4772 [ C9FB9038B15036CA28CF0B4BE2BED9BD ] C:\Windows\System32\en-US\tquery.dll.mui
19:20:41.0518 4772 C:\Windows\System32\en-US\tquery.dll.mui - ok
19:20:41.0518 4772 [ 26D9B632130EDDB2B16DDCDFDD0723D5 ] C:\Windows\System32\igfxexps.dll
19:20:41.0518 4772 C:\Windows\System32\igfxexps.dll - ok
19:20:41.0533 4772 [ CACB1FB9B211A8BEF470A78FC573AEBA ] C:\Program Files\Toshiba\FlashCards\Hotkey\Brightness.dll
19:20:41.0533 4772 C:\Program Files\Toshiba\FlashCards\Hotkey\Brightness.dll - ok
19:20:41.0533 4772 [ BD83E040B391C81CA88A7A36CDEC257E ] C:\Program Files\Toshiba\FlashCards\Hotkey\FnF8Dll.dll
19:20:41.0533 4772 C:\Program Files\Toshiba\FlashCards\Hotkey\FnF8Dll.dll - ok
19:20:41.0533 4772 [ 357BE883C5236BFC7341CB9E82308908 ] C:\Windows\System32\wlanapi.dll
19:20:41.0533 4772 C:\Windows\System32\wlanapi.dll - ok
19:20:41.0549 4772 [ E625ABBE3ED37D3160151DFD33AE6B91 ] C:\Program Files\Toshiba\FlashCards\Hotkey\TouchPad.dll
19:20:41.0549 4772 C:\Program Files\Toshiba\FlashCards\Hotkey\TouchPad.dll - ok
19:20:41.0549 4772 [ 66935625C1758EFEFFAF8CF0E020A6F9 ] C:\Program Files\Toshiba\FlashCards\Hotkey\FnF10.dll
19:20:41.0549 4772 C:\Program Files\Toshiba\FlashCards\Hotkey\FnF10.dll - ok
19:20:41.0549 4772 [ 4C671C688884F18152441DC16AA629F6 ] C:\Program Files\Toshiba\FlashCards\Hotkey\FnF11.dll
19:20:41.0549 4772 C:\Program Files\Toshiba\FlashCards\Hotkey\FnF11.dll - ok
19:20:41.0565 4772 [ 13BC9BF69A7A03ED92BFDF36E9B4C508 ] C:\Program Files\Toshiba\FlashCards\Hotkey\FnSpace.dll
19:20:41.0565 4772 C:\Program Files\Toshiba\FlashCards\Hotkey\FnSpace.dll - ok
19:20:41.0565 4772 [ CF636C92B762B26F0B39B38E92380A09 ] C:\Windows\System32\oleacc.dll
19:20:41.0565 4772 C:\Windows\System32\oleacc.dll - ok
19:20:41.0565 4772 [ D2155709E336C3BC15729EB87FEC6064 ] C:\Windows\System32\rasdlg.dll
19:20:41.0565 4772 C:\Windows\System32\rasdlg.dll - ok
19:20:41.0580 4772 [ F9AFD12BB4B1CFA5FCC0A5B37C604FD2 ] C:\Windows\System32\dot3api.dll
19:20:41.0580 4772 C:\Windows\System32\dot3api.dll - ok
19:20:41.0580 4772 [ E4FCA0F99A41E460C84016DEFD31E6EF ] C:\Windows\System32\wlanhlp.dll
19:20:41.0580 4772 C:\Windows\System32\wlanhlp.dll - ok
19:20:41.0580 4772 [ 6699A112A3BDC9B52338512894EBA9D6 ] C:\Program Files\Windows Media Player\wmpnscfg.exe
19:20:41.0580 4772 C:\Program Files\Windows Media Player\wmpnscfg.exe - ok
19:20:41.0580 4772 [ D4C27F1DA94250FBDBFA67E98ADE918E ] C:\Program Files\Toshiba\BulletinBoard\TosNcCore.exe
19:20:41.0580 4772 C:\Program Files\Toshiba\BulletinBoard\TosNcCore.exe - ok
19:20:41.0596 4772 [ 5DA219F57A9076FB6FBD3C9C3713A672 ] C:\Windows\System32\WWanAPI.dll
19:20:41.0596 4772 C:\Windows\System32\WWanAPI.dll - ok
19:20:41.0596 4772 [ 62C7AACC746C9723468A8F2169ED3E85 ] C:\Windows\System32\wwapi.dll
19:20:41.0596 4772 C:\Windows\System32\wwapi.dll - ok
19:20:41.0596 4772 [ C746F3BF98E92FB137B5BD2B8B5925BD ] C:\Windows\System32\FXSST.dll
19:20:41.0596 4772 C:\Windows\System32\FXSST.dll - ok
19:20:41.0596 4772 [ 650CAEA856943E29F25A25D31E004B18 ] C:\Windows\System32\FXSAPI.dll
19:20:41.0596 4772 C:\Windows\System32\FXSAPI.dll - ok
19:20:41.0611 4772 [ C7494C67A6BF6FE914808E42F8265FEF ] C:\Program Files\Windows Media Player\wmpnssci.dll
19:20:41.0611 4772 C:\Program Files\Windows Media Player\wmpnssci.dll - ok
19:20:41.0611 4772 [ C8E8B8239FCF17BEA10E751BE5854631 ] C:\Windows\System32\FXSRESM.dll
19:20:41.0611 4772 C:\Windows\System32\FXSRESM.dll - ok
19:20:41.0611 4772 [ A9F3BFC9345F49614D5859EC95B9E994 ] C:\Program Files\Windows Media Player\wmpnetwk.exe
19:20:41.0611 4772 C:\Program Files\Windows Media Player\wmpnetwk.exe - ok
19:20:41.0627 4772 [ D9E21CBF9E6A87847AFFD39EA3FA28EE ] C:\Windows\System32\SearchProtocolHost.exe
19:20:41.0627 4772 C:\Windows\System32\SearchProtocolHost.exe - ok
19:20:41.0627 4772 [ D7CEAEDD5F75D2C8A2E80887D7C114CE ] C:\Windows\System32\webcheck.dll
19:20:41.0627 4772 C:\Windows\System32\webcheck.dll - ok
19:20:41.0627 4772 [ DBEFD454F8318A0EF691FDD2EAAB44EB ] C:\Windows\System32\FXSSVC.exe
19:20:41.0627 4772 C:\Windows\System32\FXSSVC.exe - ok
19:20:41.0627 4772 [ D2A5B2B09F2AF5ED13BF494508B09788 ] C:\Windows\System32\msshooks.dll
19:20:41.0627 4772 C:\Windows\System32\msshooks.dll - ok
19:20:41.0643 4772 [ 49A3AD5CE578CD77F445F3D244AEAB2D ] C:\Windows\System32\SearchFilterHost.exe
19:20:41.0643 4772 C:\Windows\System32\SearchFilterHost.exe - ok
19:20:41.0643 4772 [ ECDFE872F158AE111D9692A1CEBEF960 ] C:\Program Files\Toshiba\ReelTime\TosReelTimeMonitor.exe
19:20:41.0643 4772 C:\Program Files\Toshiba\ReelTime\TosReelTimeMonitor.exe - ok
19:20:41.0643 4772 [ 8494E126F0B10180F3293AF861CE1F7A ] C:\Windows\System32\mlang.dll
19:20:41.0643 4772 C:\Windows\System32\mlang.dll - ok
19:20:41.0643 4772 [ 1EACBDA651416F8EB879C86496524043 ] C:\Program Files\Toshiba\BulletinBoard\TosNcUi.dll
19:20:41.0643 4772 C:\Program Files\Toshiba\BulletinBoard\TosNcUi.dll - ok
19:20:41.0658 4772 [ 263E9A047D17CD50BAA9D3C02910D18D ] C:\Windows\System32\oledlg.dll
19:20:41.0658 4772 C:\Windows\System32\oledlg.dll - ok
19:20:41.0658 4772 [ 48041BAEB60CE5F34F13CC2A1361E49C ] C:\Windows\System32\mssph.dll
19:20:41.0658 4772 C:\Windows\System32\mssph.dll - ok
19:20:41.0658 4772 [ 6B851E682A36453E1B1EE297FFB6E2AB ] C:\Windows\System32\QAGENT.DLL
19:20:41.0658 4772 C:\Windows\System32\QAGENT.DLL - ok
19:20:41.0658 4772 [ 8F4BB0CFECED925D440ABC2481278360 ] C:\Windows\System32\mapi32.dll
19:20:41.0658 4772 C:\Windows\System32\mapi32.dll - ok
19:20:41.0674 4772 [ E36112A8A6C7F840169A7E92C12F4203 ] C:\Windows\System32\wsock32.dll
19:20:41.0674 4772 C:\Windows\System32\wsock32.dll - ok
19:20:41.0674 4772 [ 101797BA603D227946B4B5109867EB19 ] C:\Windows\System32\SyncCenter.dll
19:20:41.0674 4772 C:\Windows\System32\SyncCenter.dll - ok
19:20:41.0674 4772 [ 423982DD851406A52B6399DDB196C606 ] C:\Windows\System32\wmdrmdev.dll
19:20:41.0674 4772 C:\Windows\System32\wmdrmdev.dll - ok
19:20:41.0674 4772 [ 2C1055E2C6D42753241FB2A129136994 ] C:\Windows\System32\drmv2clt.dll
19:20:41.0674 4772 C:\Windows\System32\drmv2clt.dll - ok
19:20:41.0689 4772 [ 1315C5C5C54CE2AA37A155F97027DB59 ] C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\updaterstartuputility.exe
19:20:41.0689 4772 C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\updaterstartuputility.exe - ok
19:20:41.0689 4772 [ 1EB82516F21F27EED1833B4F9FD9614E ] C:\Windows\System32\wmp.dll
19:20:41.0689 4772 C:\Windows\System32\wmp.dll - ok
19:20:41.0689 4772 [ 97A891E2BF7FDA830BCFC6269DA3F5E9 ] C:\Windows\System32\blackbox.dll
19:20:41.0689 4772 C:\Windows\System32\blackbox.dll - ok
19:20:41.0705 4772 [ 544EFF88AC6C85DF5A4D6F18DFE08CFC ] C:\Windows\SysWOW64\taskschd.dll
19:20:41.0705 4772 C:\Windows\SysWOW64\taskschd.dll - ok
19:20:41.0705 4772 [ 755DB0FABD639DE8D9FA6D446BA90D36 ] C:\Program Files (x86)\Gadwin Systems\PrintScreen\PrintScreen.exe
19:20:41.0705 4772 C:\Program Files (x86)\Gadwin Systems\PrintScreen\PrintScreen.exe - ok
19:20:41.0705 4772 [ 96DB78C9C50CEED9DA5050EFFEE272A2 ] C:\Windows\System32\upnp.dll
19:20:41.0705 4772 C:\Windows\System32\upnp.dll - ok
19:20:41.0721 4772 [ 51B52FBD583CDE8AA9BA62B8B4298F33 ] C:\Windows\System32\ssdpsrv.dll
19:20:41.0721 4772 C:\Windows\System32\ssdpsrv.dll - ok
19:20:41.0721 4772 [ 8130391F82D52D36C0441F714136957F ] C:\Windows\System32\imapi2.dll
19:20:41.0721 4772 C:\Windows\System32\imapi2.dll - ok
19:20:41.0721 4772 [ 127AA81343A7C6F665C22CB1293B0A90 ] C:\Windows\splwow64.exe
19:20:41.0721 4772 C:\Windows\splwow64.exe - ok
19:20:41.0736 4772 [ B810B8C3EA2658054C931B5713D7C206 ] C:\Program Files (x86)\TOSHIBA\TOSHIBA Service Station\ToshibaServiceStation.exe
19:20:41.0736 4772 C:\Program Files (x86)\TOSHIBA\TOSHIBA Service Station\ToshibaServiceStation.exe - ok
19:20:41.0736 4772 [ 6A5C1A8AC0B572679361026D0E900420 ] C:\Windows\System32\hgcpl.dll
19:20:41.0736 4772 C:\Windows\System32\hgcpl.dll - ok
19:20:41.0736 4772 [ 0438CAB2E03F4FB61455A7956026FE86 ] C:\Windows\System32\fdPHost.dll
19:20:41.0736 4772 C:\Windows\System32\fdPHost.dll - ok
19:20:41.0752 4772 [ 171D7DB433314A868507C4326E8209DC ] C:\Windows\System32\fdWSD.dll
19:20:41.0752 4772 C:\Windows\System32\fdWSD.dll - ok
19:20:41.0752 4772 [ A2E5B2D20954210DCE1A75A1FC8CC36D ] C:\Windows\System32\fdSSDP.dll
19:20:41.0752 4772 C:\Windows\System32\fdSSDP.dll - ok
19:20:41.0752 4772 [ D79D19EC66106119DCD45D042C6B5170 ] C:\Windows\assembly\NativeImages_v2.0.50727_64\System.Drawing\88f8a6436dc95497fce0dae347646e53\System.Drawing.ni.dll
19:20:41.0752 4772 C:\Windows\assembly\NativeImages_v2.0.50727_64\System.Drawing\88f8a6436dc95497fce0dae347646e53\System.Drawing.ni.dll - ok
19:20:41.0767 4772 [ 2A436796758BF2555A26C770FE8A6FEE ] C:\Windows\System32\fdProxy.dll
19:20:41.0767 4772 C:\Windows\System32\fdProxy.dll - ok
19:20:41.0767 4772 [ 6E1AA977B40622B0F595817DC6DDC525 ] C:\Program Files (x86)\Winamp\winampa.exe
19:20:41.0767 4772 C:\Program Files (x86)\Winamp\winampa.exe - ok
19:20:41.0783 4772 [ 20C4535969F2006F6082CDF146CD95C4 ] C:\Program Files\AVAST Software\Avast\AvastUI.exe
19:20:41.0783 4772 C:\Program Files\AVAST Software\Avast\AvastUI.exe - ok
19:20:41.0783 4772 [ 8D2981596016DF4DE87D0DBAD0204CCB ] C:\Program Files\AVAST Software\Avast\aswUtil.dll
19:20:41.0783 4772 C:\Program Files\AVAST Software\Avast\aswUtil.dll - ok
19:20:41.0783 4772 [ EFDFB3DD38A4376F93E7985173813ABD ] C:\Windows\System32\ListSvc.dll
19:20:41.0783 4772 C:\Windows\System32\ListSvc.dll - ok
19:20:41.0783 4772 [ B6411CED931AFD059E48C52DBFBA95B4 ] C:\Windows\System32\P2P.dll
19:20:41.0783 4772 C:\Windows\System32\P2P.dll - ok
19:20:41.0799 4772 [ 1897BD995EFE2AA93C87B7BAD50F0791 ] C:\Windows\System32\spool\drivers\x64\3\mxdwdrv.dll
19:20:41.0799 4772 C:\Windows\System32\spool\drivers\x64\3\mxdwdrv.dll - ok
19:20:41.0799 4772 [ 423069307FB726E51E2A66F1C3F738FE ] C:\Windows\winsxs\x86_microsoft.vc90.mfc_1fc8b3b9a1e18e3b_9.0.30729.4148_none_4bf5400abf9d60b7\mfc90u.dll
19:20:41.0799 4772 C:\Windows\winsxs\x86_microsoft.vc90.mfc_1fc8b3b9a1e18e3b_9.0.30729.4148_none_4bf5400abf9d60b7\mfc90u.dll - ok
19:20:41.0814 4772 [ 4A82EA2807B16FF577AEAF8ADB8779FF ] C:\Windows\System32\IdListen.dll
19:20:41.0814 4772 C:\Windows\System32\IdListen.dll - ok
19:20:41.0814 4772 [ 3EAC4455472CC2C97107B5291E0DCAFE ] C:\Windows\System32\pnrpsvc.dll
19:20:41.0814 4772 C:\Windows\System32\pnrpsvc.dll - ok
19:20:41.0814 4772 [ A0524499F4C63CADA7E1529FC77F5DC1 ] C:\Windows\System32\hgprint.dll
19:20:41.0814 4772 C:\Windows\System32\hgprint.dll - ok
19:20:41.0814 4772 [ FE821F6FA60E9DF9FDEE69A23488BBAB ] C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
19:20:41.0814 4772 C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe - ok
19:20:41.0830 4772 [ 927463ECB02179F88E4B9A17568C63C3 ] C:\Windows\System32\p2psvc.dll
19:20:41.0830 4772 C:\Windows\System32\p2psvc.dll - ok
19:20:41.0830 4772 [ 5AC3CB53406CB9AABB25D46B3385528F ] C:\Windows\System32\spool\drivers\x64\3\unidrvui.dll
19:20:41.0830 4772 C:\Windows\System32\spool\drivers\x64\3\unidrvui.dll - ok
19:20:41.0830 4772 [ 3AEE02CEDAA3ACD14F9D7E038E44D6D1 ] C:\Windows\System32\P2PGraph.dll
19:20:41.0830 4772 C:\Windows\System32\P2PGraph.dll - ok
19:20:41.0830 4772 [ C1D0691BE5DDB0C230D8370BD96BBE8B ] C:\Program Files\Internet Explorer\ieproxy.dll
19:20:41.0830 4772 C:\Program Files\Internet Explorer\ieproxy.dll - ok
19:20:41.0845 4772 [ 02DAB5998E18C2EA4D1BD57AB57C3B94 ] C:\Windows\System32\spool\drivers\x64\3\mxdwdui.dll
19:20:41.0845 4772 C:\Windows\System32\spool\drivers\x64\3\mxdwdui.dll - ok
19:20:41.0845 4772 [ 0333ED5E203B6DBE909AC06EA52757D0 ] C:\Windows\System32\fontsub.dll
19:20:41.0845 4772 C:\Windows\System32\fontsub.dll - ok
19:20:41.0845 4772 [ 5E721B7BDE0FFFEB34E37A437D0B1092 ] C:\Users\SimonLaptop\AppData\Roaming\Dropbox\bin\Dropbox.exe
19:20:41.0845 4772 C:\Users\SimonLaptop\AppData\Roaming\Dropbox\bin\Dropbox.exe - ok
19:20:41.0845 4772 [ 2A632A95433E9719F37AE06BA00543AC ] C:\Windows\winsxs\x86_microsoft.vc90.mfcloc_1fc8b3b9a1e18e3b_9.0.30729.4148_none_4973eb1d754a9dc9\MFC90ENU.DLL
19:20:41.0845 4772 C:\Windows\winsxs\x86_microsoft.vc90.mfcloc_1fc8b3b9a1e18e3b_9.0.30729.4148_none_4973eb1d754a9dc9\MFC90ENU.DLL - ok
19:20:41.0861 4772 [ 7F90431C12B5EDB881DBB1E081506694 ] C:\Program Files\AVAST Software\Avast\aswAra.dll
19:20:41.0861 4772 C:\Program Files\AVAST Software\Avast\aswAra.dll - ok
19:20:41.0861 4772 [ ED5A7805411E8598805DE5A064E17603 ] C:\Program Files\AVAST Software\Avast\aswData.dll
19:20:41.0861 4772 C:\Program Files\AVAST Software\Avast\aswData.dll - ok
19:20:41.0861 4772 [ 48C63DE81747BD7758DF1AF04E98DE8F ] C:\Program Files\AVAST Software\Avast\1033\uiLangRes.dll
19:20:41.0861 4772 C:\Program Files\AVAST Software\Avast\1033\uiLangRes.dll - ok
19:20:41.0877 4772 [ 29896000CFA457ED8FA1E37238AFFB2C ] C:\Program Files\AVAST Software\Avast\CommonRes.dll
19:20:41.0877 4772 C:\Program Files\AVAST Software\Avast\CommonRes.dll - ok
19:20:41.0877 4772 [ 12916E0642E92561C98B18A2A2D01B14 ] C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
19:20:41.0877 4772 C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe - ok
19:20:41.0877 4772 [ 8FE651ACBA3344E645CFEB6286FFF6B8 ] C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe
19:20:41.0877 4772 C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe - ok
19:20:41.0877 4772 [ E19AD0D49BFF5938B3E374873AC174DE ] C:\Windows\System32\wmploc.DLL
19:20:41.0877 4772 C:\Windows\System32\wmploc.DLL - ok
19:20:41.0892 4772 [ E3E811471DE781900FF21C1FD84E941E ] C:\Windows\SysWOW64\ntdsapi.dll
19:20:41.0892 4772 C:\Windows\SysWOW64\ntdsapi.dll - ok
19:20:41.0892 4772 [ FF2B106909EED48C536DA04742C0324A ] C:\Windows\System32\Query.dll
19:20:41.0892 4772 C:\Windows\System32\Query.dll - ok
19:20:41.0892 4772 [ 8EA53101FF2B15BDFF934B62A8FB326D ] C:\Windows\SysWOW64\logoncli.dll
19:20:41.0892 4772 C:\Windows\SysWOW64\logoncli.dll - ok
19:20:41.0892 4772 [ 25DEF2EF843275862FFBF55487CEFDDD ] C:\Windows\SysWOW64\Macromed\Flash\Flash32_11_5_502_135.ocx
19:20:41.0892 4772 C:\Windows\SysWOW64\Macromed\Flash\Flash32_11_5_502_135.ocx - ok
19:20:41.0908 4772 [ 58B8702C20DE211D1FCB248D2FDD71D1 ] C:\Program Files (x86)\Adobe\Reader 11.0\Reader\reader_sl.exe
19:20:41.0908 4772 C:\Program Files (x86)\Adobe\Reader 11.0\Reader\reader_sl.exe - ok
19:20:41.0908 4772 [ 2635B1A6B11105AACE0440CEC6830189 ] C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\VulcanControl.dll
19:20:41.0908 4772 C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\VulcanControl.dll - ok
19:20:41.0908 4772 [ E3C817F7FE44CC870ECDBCBC3EA36132 ] C:\Windows\SysWOW64\msvcp100.dll
19:20:41.0908 4772 C:\Windows\SysWOW64\msvcp100.dll - ok
19:20:41.0923 4772 [ EADFC95980BC24DF3C7EE5B2CD38F043 ] C:\Windows\assembly\NativeImages_v2.0.50727_64\System.Windows.Forms\d6af7216038720b1adeca71e81c14bd6\System.Windows.Forms.ni.dll
19:20:41.0923 4772 C:\Windows\assembly\NativeImages_v2.0.50727_64\System.Windows.Forms\d6af7216038720b1adeca71e81c14bd6\System.Windows.Forms.ni.dll - ok
19:20:41.0923 4772 [ BF38660A9125935658CFA3E53FDC7D65 ] C:\Windows\SysWOW64\msvcr100.dll
19:20:41.0923 4772 C:\Windows\SysWOW64\msvcr100.dll - ok
19:20:41.0923 4772 [ F577910A133A592234EBAAD3F3AFA258 ] C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
19:20:41.0923 4772 C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe - ok
19:20:41.0923 4772 [ 9D143DE584AF0B120766B74AA41D1F28 ] C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\libcurl.dll
19:20:41.0923 4772 C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\libcurl.dll - ok
19:20:41.0939 4772 [ A16852B04C0A5654B0B8DFD5E1A25718 ] C:\Program Files (x86)\MagicDisc\MagicDisc.exe
19:20:41.0939 4772 C:\Program Files (x86)\MagicDisc\MagicDisc.exe - ok
19:20:41.0939 4772 [ D64D99EC088B54FFE8EE67A480386C20 ] C:\Windows\Microsoft.NET\Framework64\v2.0.50727\Culture.dll
19:20:41.0939 4772 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\Culture.dll - ok
19:20:41.0939 4772 [ 3E0AB1C6506F149CC5ABA66433D35E62 ] C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\libeay32.dll
19:20:41.0939 4772 C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\libeay32.dll - ok
19:20:41.0955 4772 [ 83502D796852329CDFC906FEE2B5EDE4 ] C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\ssleay32.dll
19:20:41.0955 4772 C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\ssleay32.dll - ok
19:20:41.0955 4772 [ D90DAD5EEA33A178BAC56FFF2847D4C2 ] C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\zlib1.dll
19:20:41.0955 4772 C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\zlib1.dll - ok
19:20:41.0970 4772 [ 4823DFE702BAE876CB31F58573D7EB55 ] C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\IMSLib.dll
19:20:41.0970 4772 C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\IMSLib.dll - ok
19:20:41.0970 4772 [ 1CDEA9188899E76D4FFD54C9D512CCDB ] C:\Windows\SysWOW64\msxml3.dll
19:20:41.0970 4772 C:\Windows\SysWOW64\msxml3.dll - ok
19:20:41.0970 4772 [ FC3001B4B9DF50B61F3CCA615759EFE7 ] C:\Windows\System32\PhotoMetadataHandler.dll
19:20:41.0970 4772 C:\Windows\System32\PhotoMetadataHandler.dll - ok
19:20:41.0970 4772 [ 355A138ABDFD43FBABCAE3A1B06AB93D ] C:\Windows\System32\wmpps.dll
19:20:41.0970 4772 C:\Windows\System32\wmpps.dll - ok
19:20:41.0986 4772 [ F149E8CAE538DBF7059B00326673F602 ] C:\Windows\System32\wmpmde.dll
19:20:41.0986 4772 C:\Windows\System32\wmpmde.dll - ok
19:20:41.0986 4772 [ 021287C2050FD5DB4A8B084E2C38139C ] C:\Windows\System32\WinSATAPI.dll
19:20:41.0986 4772 C:\Windows\System32\WinSATAPI.dll - ok
19:20:41.0986 4772 [ C99C6E70B3625D0E5600B361007B6CA1 ] C:\Program Files\Common Files\Microsoft Shared\OFFICE12\MSOXMLMF.DLL
19:20:41.0986 4772 C:\Program Files\Common Files\Microsoft Shared\OFFICE12\MSOXMLMF.DLL - ok
19:20:42.0001 4772 [ 0E85C11F8850D524B02181C6E02BA9AE ] C:\Windows\SysWOW64\dsound.dll
19:20:42.0001 4772 C:\Windows\SysWOW64\dsound.dll - ok
19:20:42.0001 4772 [ 28A7D7C7E2FDD1D55F12F750CD6331EC ] C:\Windows\System32\MSMPEG2ENC.DLL
19:20:42.0001 4772 C:\Windows\System32\MSMPEG2ENC.DLL - ok
19:20:42.0017 4772 [ 7F8678C59F188528D60104E697C2361E ] C:\Windows\SysWOW64\mscms.dll
19:20:42.0017 4772 C:\Windows\SysWOW64\mscms.dll - ok
19:20:42.0017 4772 [ 919001D2BB17DF06CA3F8AC16AD039F6 ] C:\Windows\SysWOW64\sxs.dll
19:20:42.0017 4772 C:\Windows\SysWOW64\sxs.dll - ok
19:20:42.0017 4772 [ 46767946E7B559D981C1DC04EC0AB36F ] C:\Windows\System32\devenum.dll
19:20:42.0017 4772 C:\Windows\System32\devenum.dll - ok
19:20:42.0033 4772 [ 558C42D165DB5799B4072DC0A9C27C0B ] C:\Windows\System32\msdmo.dll
19:20:42.0033 4772 C:\Windows\System32\msdmo.dll - ok
19:20:42.0033 4772 [ 83D0C449C534CC014799BEC0A060726C ] C:\Program Files\AVAST Software\Avast\defs\13010100\uiext.dll
19:20:42.0033 4772 C:\Program Files\AVAST Software\Avast\defs\13010100\uiext.dll - ok
19:20:42.0033 4772 [ D47EC6A8E81633DD18D2436B19BAF6DE ] C:\Windows\System32\upnphost.dll
19:20:42.0033 4772 C:\Windows\System32\upnphost.dll - ok
19:20:42.0048 4772 [ 3F50200237961034FACE602373838980 ] C:\Windows\SysWOW64\FirewallAPI.dll
19:20:42.0048 4772 C:\Windows\SysWOW64\FirewallAPI.dll - ok
19:20:42.0048 4772 [ 71E68F2443A80BD4DA89181889C457EA ] C:\Windows\System32\udhisapi.dll
19:20:42.0048 4772 C:\Windows\System32\udhisapi.dll - ok
19:20:42.0064 4772 [ 5F639198C4137075DA50E61C23963C11 ] C:\Windows\System32\drprov.dll
19:20:42.0064 4772 C:\Windows\System32\drprov.dll - ok
19:20:42.0064 4772 [ BC566D17914B07ABAAB3A5A385CC3300 ] C:\Windows\System32\ntlanman.dll
19:20:42.0064 4772 C:\Windows\System32\ntlanman.dll - ok
19:20:42.0064 4772 [ B3A33600DCDFB84D7FBE09ADEB1C9B8A ] C:\Windows\System32\davclnt.dll
19:20:42.0064 4772 C:\Windows\System32\davclnt.dll - ok
19:20:42.0064 4772 [ 45B24A357C801CE62052FE0CDC8BD4D2 ] C:\Windows\System32\davhlpr.dll
19:20:42.0064 4772 C:\Windows\System32\davhlpr.dll - ok
19:20:42.0064 4772 [ D1F4EF194A129726FBF30E2F514824AA ] C:\Users\SimonLaptop\AppData\Roaming\Dropbox\bin\DropboxExt.17.dll
19:20:42.0064 4772 C:\Users\SimonLaptop\AppData\Roaming\Dropbox\bin\DropboxExt.17.dll - ok
19:20:42.0079 4772 [ 59BCE9F07985F8A4204F4D6554CFF708 ] C:\Windows\System32\regsvr32.exe
19:20:42.0079 4772 C:\Windows\System32\regsvr32.exe - ok
19:20:42.0079 4772 [ DB16A7C0A453F7E220A5F29E42572FD8 ] C:\Windows\AppPatch\AppPatch64\AcGenral.dll
19:20:42.0079 4772 C:\Windows\AppPatch\AppPatch64\AcGenral.dll - ok
19:20:42.0079 4772 [ 220159496484D34009DE71CA1A68E0D4 ] C:\Windows\System32\wbem\NCProv.dll
19:20:42.0079 4772 C:\Windows\System32\wbem\NCProv.dll - ok
19:20:42.0095 4772 [ 2E7ADF9B0389CD94605717784D7E416A ] C:\Windows\System32\drttransport.dll
19:20:42.0095 4772 C:\Windows\System32\drttransport.dll - ok
19:20:42.0095 4772 [ C57BC99A4467B3E8F1CC2184A3F46729 ] C:\Windows\System32\drt.dll
19:20:42.0095 4772 C:\Windows\System32\drt.dll - ok
19:20:42.0095 4772 [ 3206A288014B1207F4E86336385CB41D ] C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDPROV.DLL
19:20:42.0095 4772 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDPROV.DLL - ok
19:20:42.0095 4772 [ 81953836F678A7353A797E3F7DE69B55 ] C:\Program Files\Common Files\Microsoft Shared\Windows Live\wlidcli.dll
19:20:42.0095 4772 C:\Program Files\Common Files\Microsoft Shared\Windows Live\wlidcli.dll - ok
19:20:42.0111 4772 [ 5A7E85100ACB28FBA8A81181A06C52D7 ] C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe
19:20:42.0111 4772 C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe - ok
19:20:42.0111 4772 ============================================================
19:20:42.0111 4772 Scan finished
19:20:42.0111 4772 ============================================================
19:20:42.0111 1752 Detected object count: 0
19:20:42.0111 1752 Actual detected object count: 0
21:33:30.0677 3696 Deinitialize success


aswMBR version 0.9.9.1707 Copyright© 2011 AVAST Software
Run date: 2013-01-01 19:22:59
-----------------------------
19:22:59.130 OS Version: Windows x64 6.1.7601 Service Pack 1
19:22:59.130 Number of processors: 2 586 0x2A07
19:22:59.130 ComputerName: SIMONLAPTOP-PC UserName: SimonLaptop
19:23:02.672 Initialize success
19:23:02.796 AVAST engine defs: 13010100
19:23:27.101 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IAAStorageDevice-1
19:23:27.117 Disk 0 Vendor: TOSHIBA_ GH10 Size: 305245MB BusType: 3
19:23:27.117 Disk 1 \Device\Harddisk1\DR1 -> \Device\0000007f
19:23:27.117 Disk 1 Vendor: Size: 305245MB BusType: 0
19:23:27.164 Disk 0 MBR read successfully
19:23:27.164 Disk 0 MBR scan
19:23:27.164 Disk 0 Windows VISTA default MBR code
19:23:27.195 Disk 0 Partition 1 80 (A) 27 Hidden NTFS WinRE NTFS 1500 MB offset 2048
19:23:27.257 Disk 0 Partition 2 00 07 HPFS/NTFS NTFS 61440 MB offset 3074048
19:23:27.257 Disk 0 Partition - 00 0F Extended LBA 228246 MB offset 128903168
19:23:27.304 Disk 0 Partition 3 00 17 Hidd HPFS/NTFS NTFS 14058 MB offset 596350976
19:23:27.367 Disk 0 Partition 4 00 07 HPFS/NTFS NTFS 228245 MB offset 128905216
19:23:27.398 Disk 0 scanning C:\windows\system32\drivers
19:23:48.536 Service scanning
19:24:33.448 Modules scanning
19:24:33.448 Disk 0 trace - called modules:
19:24:33.511 ntoskrnl.exe CLASSPNP.SYS disk.sys iaStor.sys hal.dll
19:24:33.511 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0xfffffa8004b0f3c0]
19:24:33.526 3 CLASSPNP.SYS[fffff8800168b43f] -> nt!IofCallDriver -> \Device\Ide\IAAStorageDevice-1[0xfffffa8004996050]
19:24:37.083 AVAST engine scan C:\windows
19:24:41.435 AVAST engine scan C:\windows\system32
19:27:25.687 AVAST engine scan C:\windows\system32\drivers
19:27:40.772 AVAST engine scan C:\Users\SimonLaptop
19:29:46.961 AVAST engine scan C:\ProgramData
19:30:44.666 Scan finished successfully
19:31:11.201 Disk 0 MBR has been saved successfully to "C:\Users\SimonLaptop\Desktop\MBR.dat"
19:31:11.201 The log file has been saved successfully to "C:\Users\SimonLaptop\Desktop\aswMBR.txt"
  • 0

#9
gringo_pr

gringo_pr

    Trusted Helper

  • Malware Removal
  • 7,268 posts
Greetings

At this time I would like you to run this script for me and it is a good time to check out the computer to see if there is anything else that needs to be addressed.

:Run CFScript:

Open Notepad and copy/paste the text in the box into the window:

ClearJavaCache::

Save it to your desktop as CFScript.txt

Refering to the picture above, drag CFScript.txt into ComboFix.exe
Posted Image
This will let ComboFix run again.
Restart if you have to.
Save the produced logfile to your desktop.

Note: Do not mouseclick combofix's window whilst it's running. That may cause it to stall

Note 2: If you recieve an error "Illegal operation attempted on a registery key that has been marked for deletion." Please restart the computer

"information and logs"

  • In your next post I need the following

  • report from Combofix
  • let me know of any problems you may have had
  • How is the computer doing now after running the script?

Gringo

  • 0

#10
gringo_pr

gringo_pr

    Trusted Helper

  • Malware Removal
  • 7,268 posts
Greetings


I have not heard from you in a couple of days so I am coming by to check on you to see if you are having problems or you just need some more time.

Also to remind you that it is very important that we finish the process completely so as to not get reinfected. I will let you know when we are complete and I will ask to remove our tools




Gringo
  • 0

Advertisements


#11
evolnomis

evolnomis

    Member

  • Topic Starter
  • Member
  • PipPip
  • 51 posts
Thanks a lot for the concern Gringo. I'm sorry for the non-reply. I just need a little more time. I got a bit busy the past couple days. I will do it tonight and post my results soon after.

take care and thanks again for all the effort.

Simon
  • 0

#12
gringo_pr

gringo_pr

    Trusted Helper

  • Malware Removal
  • 7,268 posts
No problem and I will see you later :thumbsup:
  • 0

#13
evolnomis

evolnomis

    Member

  • Topic Starter
  • Member
  • PipPip
  • 51 posts
I just ran the script. No problems running it and i never was asked to restart. But right after the log was made, i felt a lot of lag in the first 5 minutes. It was totally consistent and more lag than I've had in the past few days. But as soon as i started to type this reply, the lag went away. Maybe it will be better if i restart my computer first.

here is my log:

ComboFix 12-12-30.01 - SimonLaptop 01/04/2013 21:45:25.2.2 - x64
Microsoft Windows 7 Home Premium 6.1.7601.1.1252.1.1033.18.4044.2731 [GMT 9:00]
Running from: c:\users\SimonLaptop\Desktop\ComboFix.exe
Command switches used :: c:\users\SimonLaptop\Desktop\CFScript.txt
AV: avast! Antivirus *Disabled/Updated* {2B2D1395-420B-D5C9-657E-930FE358FC3C}
SP: avast! Antivirus *Disabled/Updated* {904CF271-6431-DA47-5FCE-A87D98DFB681}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\windows\SysWow64\CKAgent.dat
.
.
((((((((((((((((((((((((( Files Created from 2012-12-04 to 2013-01-04 )))))))))))))))))))))))))))))))
.
.
2013-01-04 12:54 . 2013-01-04 12:54 -------- d-----w- c:\users\Default\AppData\Local\temp
2013-01-04 12:54 . 2013-01-04 12:54 -------- d-----w- c:\users\Administrator\AppData\Local\temp
2013-01-04 11:19 . 2012-11-08 17:24 9125352 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{BDDB489D-F61D-4349-A0DA-F515EA27042A}\mpengine.dll
2013-01-02 14:15 . 2013-01-02 14:15 137128 ----a-r- c:\windows\system32\CKAgent.exe
2013-01-02 14:15 . 2013-01-02 14:15 138320 ----a-r- c:\windows\SysWow64\CKAgent.exe
2012-12-26 11:48 . 2012-12-30 15:03 -------- d-----w- c:\programdata\Spybot - Search & Destroy
2012-12-26 11:47 . 2012-12-26 11:47 -------- d-----w- c:\users\SimonLaptop\AppData\Local\Programs
2012-12-24 11:48 . 2012-12-24 11:48 -------- d-----w- c:\users\SimonLaptop\AppData\Local\ElevatedDiagnostics
2012-12-23 15:32 . 2012-12-23 15:32 100352 ----a-w- c:\windows\system32\dfboottime.exe
2012-12-21 18:41 . 2012-12-16 17:11 46080 ----a-w- c:\windows\system32\atmlib.dll
2012-12-21 18:41 . 2012-12-16 14:13 34304 ----a-w- c:\windows\SysWow64\atmlib.dll
2012-12-21 18:41 . 2012-12-16 14:45 367616 ----a-w- c:\windows\system32\atmfd.dll
2012-12-21 18:41 . 2012-12-16 14:13 295424 ----a-w- c:\windows\SysWow64\atmfd.dll
2012-12-20 13:36 . 2012-12-20 13:36 -------- d-----w- c:\program files (x86)\INFovine
2012-12-20 13:36 . 2012-09-12 06:26 39936 ----a-w- c:\windows\SysWow64\UbiKeyWin32.dll
2012-12-20 13:36 . 2012-09-12 06:22 48136 ----a-w- c:\windows\SysWow64\UbiKeyUninstall.exe
2012-12-20 13:36 . 2012-09-12 06:22 39928 ----a-w- c:\windows\SysWow64\UbiKey.dll
2012-12-20 13:36 . 2012-09-12 06:22 56328 ----a-w- c:\windows\SysWow64\VineTransfer.ocx
2012-12-12 11:15 . 2012-11-09 05:45 2048 ----a-w- c:\windows\system32\tzres.dll
2012-12-12 11:13 . 2012-11-02 05:59 478208 ----a-w- c:\windows\system32\dpnet.dll
2012-12-12 11:13 . 2012-11-02 05:11 376832 ----a-w- c:\windows\SysWow64\dpnet.dll
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2013-01-02 14:15 . 2012-10-20 09:43 19016 ----a-w- c:\windows\system32\JRSUKD25.SYS
2013-01-02 14:15 . 2012-10-20 09:43 141848 ----a-w- c:\windows\system32\kcrtx64.sys
2012-12-13 14:26 . 2012-10-14 14:22 73656 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2012-12-13 14:26 . 2012-10-14 14:22 697272 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe
2012-10-27 14:51 . 2012-10-27 14:51 3015104 ----a-w- c:\windows\SysWow64\npenkIEInstall5.dll
2012-10-26 12:40 . 2012-10-26 12:40 95208 ----a-w- c:\windows\SysWow64\WindowsAccessBridge-32.dll
2012-10-26 12:40 . 2012-10-26 12:40 821736 ----a-w- c:\windows\SysWow64\npDeployJava1.dll
2012-10-26 12:40 . 2011-03-24 02:26 746984 ----a-w- c:\windows\SysWow64\deployJava1.dll
2012-10-20 09:43 . 2012-10-20 09:43 72272 ----a-w- c:\windows\SysWow64\cosa.dll
2012-10-20 09:43 . 2012-10-20 09:43 58600 ----a-w- c:\windows\SysWow64\I3Gescp.dll
2012-10-20 09:43 . 2012-10-20 09:43 575640 ----a-w- c:\windows\SysWow64\I3GManager.exe
2012-10-20 09:43 . 2012-10-20 09:43 477312 ----a-w- c:\windows\SysWow64\I3GManager.dll
2012-10-20 09:43 . 2012-10-20 09:43 211072 ----a-w- c:\windows\SysWow64\I3GEX.exe
2012-10-20 09:43 . 2012-10-20 09:43 15512 ----a-w- c:\windows\SysWow64\IRTrace.dll
2012-10-20 09:43 . 2012-10-20 09:43 596064 ----a-w- c:\windows\SysWow64\WebPriLoader.dll
2012-10-20 09:43 . 2012-10-20 09:43 971042 ----a-w- c:\windows\SysWow64\npstarterctrl.dll
2012-10-20 09:43 . 2012-10-20 09:43 448032 ----a-w- c:\windows\SysWow64\npstarter.ocx
2012-10-20 09:43 . 2012-10-20 09:43 250145 ----a-w- c:\windows\SysWow64\npstartersvc.exe
2012-10-20 09:43 . 2012-10-20 09:43 221472 ----a-w- c:\windows\SysWow64\npcopycheck.exe
2012-10-20 09:43 . 2012-10-20 09:43 213279 ----a-w- c:\windows\SysWow64\npnj5Agent.exe
2012-10-20 09:43 . 2012-10-20 09:43 189984 ----a-w- c:\windows\SysWow64\npnj5Launcher.exe
2012-10-20 09:43 . 2012-10-20 09:43 475216 ----a-w- c:\windows\SysWow64\CKSetup64.exe
2012-10-20 09:43 . 2012-10-20 09:43 137128 ----a-r- c:\windows\system32\CKAgent.dat
2012-10-20 09:43 . 2012-10-20 09:43 80976 ----a-w- c:\windows\SysWow64\CKKeyProCert.dll
2012-10-20 09:43 . 2012-10-20 09:43 516888 ----a-w- c:\windows\SysWow64\XecureCK.dll
2012-10-20 09:43 . 2012-10-20 09:43 516888 ----a-w- c:\windows\SysWow64\TouchEnKey.dll
2012-10-20 09:43 . 2012-10-20 09:43 434428 ----a-w- c:\windows\SysWow64\CKCSP.dll
2012-10-20 09:43 . 2012-10-20 09:43 261200 ----a-w- c:\windows\SysWow64\npKeyPro.dll
2012-10-20 09:43 . 2012-10-20 09:43 199760 ----a-w- c:\windows\SysWow64\CKApp.dll
2012-10-20 09:43 . 2012-10-20 09:43 191072 ----a-w- c:\windows\SysWow64\kcrypto.dll
2012-10-20 09:43 . 2012-10-20 09:43 134224 ----a-w- c:\windows\SysWow64\JRSoftcp.dll
2012-10-20 09:43 . 2012-10-20 09:43 1260624 ----a-w- c:\windows\SysWow64\CKSetup32.exe
2012-10-16 08:38 . 2012-11-28 08:07 135168 ----a-w- c:\windows\apppatch\AppPatch64\AcXtrnal.dll
2012-10-16 08:38 . 2012-11-28 08:07 350208 ----a-w- c:\windows\apppatch\AppPatch64\AcLayers.dll
2012-10-16 08:02 . 2012-10-16 08:02 91648 ----a-w- c:\windows\system32\SetIEInstalledDate.exe
2012-10-16 08:02 . 2012-10-16 08:02 89088 ----a-w- c:\windows\system32\RegisterIEPKEYs.exe
2012-10-16 08:02 . 2012-10-16 08:02 89088 ----a-w- c:\windows\system32\ie4uinit.exe
2012-10-16 08:02 . 2012-10-16 08:02 86528 ----a-w- c:\windows\SysWow64\iesysprep.dll
2012-10-16 08:02 . 2012-10-16 08:02 85504 ----a-w- c:\windows\system32\iesetup.dll
2012-10-16 08:02 . 2012-10-16 08:02 82432 ----a-w- c:\windows\system32\icardie.dll
2012-10-16 08:02 . 2012-10-16 08:02 76800 ----a-w- c:\windows\SysWow64\SetIEInstalledDate.exe
2012-10-16 08:02 . 2012-10-16 08:02 76800 ----a-w- c:\windows\system32\tdc.ocx
2012-10-16 08:02 . 2012-10-16 08:02 74752 ----a-w- c:\windows\SysWow64\RegisterIEPKEYs.exe
2012-10-16 08:02 . 2012-10-16 08:02 74752 ----a-w- c:\windows\SysWow64\iesetup.dll
2012-10-16 08:02 . 2012-10-16 08:02 65024 ----a-w- c:\windows\system32\pngfilt.dll
2012-10-16 08:02 . 2012-10-16 08:02 63488 ----a-w- c:\windows\SysWow64\tdc.ocx
2012-10-16 08:02 . 2012-10-16 08:02 55296 ----a-w- c:\windows\system32\msfeedsbs.dll
2012-10-16 08:02 . 2012-10-16 08:02 534528 ----a-w- c:\windows\system32\ieapfltr.dll
2012-10-16 08:02 . 2012-10-16 08:02 49664 ----a-w- c:\windows\system32\imgutil.dll
2012-10-16 08:02 . 2012-10-16 08:02 48640 ----a-w- c:\windows\SysWow64\mshtmler.dll
2012-10-16 08:02 . 2012-10-16 08:02 48640 ----a-w- c:\windows\system32\mshtmler.dll
2012-10-16 08:02 . 2012-10-16 08:02 452608 ----a-w- c:\windows\system32\dxtmsft.dll
2012-10-16 08:02 . 2012-10-16 08:02 448512 ----a-w- c:\windows\system32\html.iec
2012-10-16 08:02 . 2012-10-16 08:02 403248 ----a-w- c:\windows\system32\iedkcs32.dll
2012-10-16 08:02 . 2012-10-16 08:02 39936 ----a-w- c:\windows\system32\iernonce.dll
2012-10-16 08:02 . 2012-10-16 08:02 3695416 ----a-w- c:\windows\system32\ieapfltr.dat
2012-10-16 08:02 . 2012-10-16 08:02 367104 ----a-w- c:\windows\SysWow64\html.iec
2012-10-16 08:02 . 2012-10-16 08:02 35840 ----a-w- c:\windows\SysWow64\imgutil.dll
2012-10-16 08:02 . 2012-10-16 08:02 30720 ----a-w- c:\windows\system32\licmgr10.dll
2012-10-16 08:02 . 2012-10-16 08:02 282112 ----a-w- c:\windows\system32\dxtrans.dll
2012-10-16 08:02 . 2012-10-16 08:02 267776 ----a-w- c:\windows\system32\ieaksie.dll
2012-10-16 08:02 . 2012-10-16 08:02 249344 ----a-w- c:\windows\system32\webcheck.dll
2012-10-16 08:02 . 2012-10-16 08:02 23552 ----a-w- c:\windows\SysWow64\licmgr10.dll
2012-10-16 08:02 . 2012-10-16 08:02 222208 ----a-w- c:\windows\system32\msls31.dll
2012-10-16 08:02 . 2012-10-16 08:02 197120 ----a-w- c:\windows\system32\msrating.dll
2012-10-16 08:02 . 2012-10-16 08:02 165888 ----a-w- c:\windows\system32\iexpress.exe
2012-10-16 08:02 . 2012-10-16 08:02 163840 ----a-w- c:\windows\system32\ieakui.dll
2012-10-16 08:02 . 2012-10-16 08:02 161792 ----a-w- c:\windows\SysWow64\msls31.dll
2012-10-16 08:02 . 2012-10-16 08:02 160256 ----a-w- c:\windows\system32\wextract.exe
2012-10-16 08:02 . 2012-10-16 08:02 160256 ----a-w- c:\windows\system32\ieakeng.dll
2012-10-16 08:02 . 2012-10-16 08:02 152064 ----a-w- c:\windows\SysWow64\wextract.exe
2012-10-16 08:02 . 2012-10-16 08:02 150528 ----a-w- c:\windows\SysWow64\iexpress.exe
2012-10-16 08:02 . 2012-10-16 08:02 149504 ----a-w- c:\windows\system32\occache.dll
2012-10-16 08:02 . 2012-10-16 08:02 145920 ----a-w- c:\windows\system32\iepeers.dll
2012-10-16 08:02 . 2012-10-16 08:02 135168 ----a-w- c:\windows\system32\IEAdvpack.dll
2012-10-16 08:02 . 2012-10-16 08:02 12288 ----a-w- c:\windows\system32\mshta.exe
2012-10-16 08:02 . 2012-10-16 08:02 11776 ----a-w- c:\windows\SysWow64\mshta.exe
2012-10-16 08:02 . 2012-10-16 08:02 114176 ----a-w- c:\windows\system32\admparse.dll
2012-10-16 08:02 . 2012-10-16 08:02 111616 ----a-w- c:\windows\system32\iesysprep.dll
2012-10-16 08:02 . 2012-10-16 08:02 110592 ----a-w- c:\windows\SysWow64\IEAdvpack.dll
2012-10-16 08:02 . 2012-10-16 08:02 10752 ----a-w- c:\windows\system32\msfeedssync.exe
2012-10-16 08:02 . 2012-10-16 08:02 103936 ----a-w- c:\windows\system32\inseng.dll
2012-10-16 08:02 . 2012-10-16 08:02 101888 ----a-w- c:\windows\SysWow64\admparse.dll
2012-10-16 07:39 . 2012-11-28 08:07 561664 ----a-w- c:\windows\apppatch\AcLayers.dll
2012-10-14 12:27 . 2012-10-14 12:27 916456 ----a-w- c:\windows\system32\deployJava1.dll
2012-10-14 12:27 . 2012-10-14 12:27 289768 ----a-w- c:\windows\system32\javaws.exe
2012-10-14 12:27 . 2012-10-14 12:27 1034216 ----a-w- c:\windows\system32\npDeployJava1.dll
2012-10-14 12:27 . 2012-10-14 12:27 189416 ----a-w- c:\windows\system32\javaw.exe
2012-10-14 12:27 . 2012-10-14 12:27 188904 ----a-w- c:\windows\system32\java.exe
2012-10-14 12:27 . 2012-10-14 12:27 108008 ----a-w- c:\windows\system32\WindowsAccessBridge-64.dll
2012-10-13 18:17 . 2010-06-24 18:33 19720 ----a-w- c:\programdata\Microsoft\IdentityCRL\production\ppcrlconfig600.dll
2012-10-09 18:17 . 2012-11-15 16:48 55296 ----a-w- c:\windows\system32\dhcpcsvc6.dll
2012-10-09 18:17 . 2012-11-15 16:48 226816 ----a-w- c:\windows\system32\dhcpcore6.dll
2012-10-09 17:40 . 2012-11-15 16:48 193536 ----a-w- c:\windows\SysWow64\dhcpcore6.dll
2012-10-09 17:40 . 2012-11-15 16:48 44032 ----a-w- c:\windows\SysWow64\dhcpcsvc6.dll
.
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Gadwin PrintScreen"="c:\program files (x86)\Gadwin Systems\PrintScreen\PrintScreen.exe" [2011-05-03 487424]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"ToshibaServiceStation"="c:\program files (x86)\TOSHIBA\TOSHIBA Service Station\ToshibaServiceStation.exe" [2010-11-29 1294712]
"WinampAgent"="c:\program files (x86)\Winamp\winampa.exe" [2011-06-30 74752]
"avast"="c:\program files\AVAST Software\Avast\avastUI.exe" [2012-07-03 4273976]
"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2012-09-23 926896]
"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2012-07-03 252848]
"AdobeCS6ServiceManager"="c:\program files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe" [2012-03-09 1073312]
"SwitchBoard"="c:\program files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe" [2010-02-19 517096]
.
c:\users\SimonLaptop\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
Dropbox.lnk - c:\users\SimonLaptop\AppData\Roaming\Dropbox\bin\Dropbox.exe [2012-12-22 28538560]
MagicDisc.lnk - c:\program files (x86)\MagicDisc\MagicDisc.exe [2012-10-22 576000]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager]
BootExecute REG_MULTI_SZ dfboottime \??\c:\windows\System32\dfboottime.cfg\0autocheck autochk *\0\0sdnclean64.exe
.
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
R2 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe [2012-07-13 160944]
R3 NPIDS;NPIDS;c:\windows\system32\NpIdsVt64.sys [2011-08-25 88384]
R3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader;c:\windows\system32\Drivers\RtsUStor.sys [2010-12-01 250984]
R3 RSUSBVSTOR;RTSUVSTOR.Sys Realtek USB Card Reader;c:\windows\system32\Drivers\RTSUVSTOR.sys [2010-11-30 307304]
R3 SrvHsfHDA;SrvHsfHDA;c:\windows\system32\DRIVERS\VSTAZL6.SYS [2009-06-10 292864]
R3 SrvHsfV92;SrvHsfV92;c:\windows\system32\DRIVERS\VSTDPV6.SYS [2009-06-10 1485312]
R3 SrvHsfWinac;SrvHsfWinac;c:\windows\system32\DRIVERS\VSTCNXT6.SYS [2009-06-10 740864]
R3 SwitchBoard;SwitchBoard;c:\program files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-02-19 517096]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [2010-11-21 59392]
R3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD.sys [2010-11-21 31232]
R3 WatAdminSvc;Windows Activation Technologies Service;c:\windows\system32\Wat\WatAdminSvc.exe [2012-10-16 1255736]
R4 wlcrasvc;Windows Live Mesh remote connections service;c:\program files\Windows Live\Mesh\wlcrasvc.exe [2010-09-23 57184]
S0 tos_sps64;TOSHIBA tos_sps64 Service;c:\windows\system32\DRIVERS\tos_sps64.sys [2009-06-24 482384]
S1 aswSnx;aswSnx; [x]
S1 aswSP;aswSP; [x]
S2 aswFsBlk;aswFsBlk; [x]
S2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys [2012-07-03 71064]
S2 nPStarterSVC;nProtect Starter;c:\windows\system32\nPStarterSVC.exe [x]
S2 TOSHIBA eco Utility Service;TOSHIBA eco Utility Service;c:\program files\TOSHIBA\TECO\TecoService.exe [2011-03-02 266680]
S2 TVALZFL;TOSHIBA ACPI-Based Value Added Logical and General Purpose Device Filter Driver;c:\windows\system32\DRIVERS\TVALZFL.sys [2009-06-20 14472]
S2 UNS;Intel® Management and Security Application User Notification Service;c:\program files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe [2010-12-21 2656280]
S3 IntcDAud;Intel® Display Audio;c:\windows\system32\DRIVERS\IntcDAud.sys [2010-10-15 317440]
S3 JRSKD24;JRSKD24;c:\windows\system32\JRSKD24.SYS [x]
S3 kcrtx64;kcrtx64;c:\windows\system32\kcrtx64.sys [2013-01-02 141848]
S3 L1C;NDIS Miniport Driver for Atheros AR813x/AR815x PCI-E Ethernet Controller;c:\windows\system32\DRIVERS\L1C62x64.sys [2010-11-08 76912]
S3 PGEffect;Pangu effect driver;c:\windows\system32\DRIVERS\pgeffect.sys [2011-02-09 38096]
S3 QIOMem;Generic IO & Memory Access;c:\windows\system32\DRIVERS\QIOMem.sys [2009-06-15 12800]
S3 RTL8192Ce;Realtek Wireless LAN 802.11n PCI-E NIC Driver;c:\windows\system32\DRIVERS\rtl8192Ce.sys [2011-01-05 1109096]
S3 TMachInfo;TMachInfo;c:\program files (x86)\TOSHIBA\TOSHIBA Service Station\TMachInfo.exe [2010-11-29 54136]
S3 TOSHIBA HDD SSD Alert Service;TOSHIBA HDD SSD Alert Service;c:\program files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSmartSrv.exe [2010-12-08 137632]
S3 TPCHSrv;TPCH Service;c:\program files\TOSHIBA\TPHM\TPCHSrv.exe [2010-12-21 822704]
.
.
--- Other Services/Drivers In Memory ---
.
*NewlyCreated* - 06143977
*NewlyCreated* - 91488160
*NewlyCreated* - ASWMBR
*Deregistered* - 06143977
*Deregistered* - 91488160
*Deregistered* - aswMBR
.
Contents of the 'Scheduled Tasks' folder
.
2013-01-04 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-10-14 14:26]
.
2013-01-04 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2012-10-14 10:03]
.
2013-01-04 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2012-10-14 10:03]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]
@="{472083B0-C522-11CF-8763-00608CC02F24}"
[HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]
2012-07-03 16:21 133400 ----a-w- c:\program files\AVAST Software\Avast\ashShA64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt1]
@="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]
2012-11-13 23:32 162552 ----a-w- c:\users\SimonLaptop\AppData\Roaming\Dropbox\bin\DropboxExt64.17.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt2]
@="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]
2012-11-13 23:32 162552 ----a-w- c:\users\SimonLaptop\AppData\Roaming\Dropbox\bin\DropboxExt64.17.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt3]
@="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]
2012-11-13 23:32 162552 ----a-w- c:\users\SimonLaptop\AppData\Roaming\Dropbox\bin\DropboxExt64.17.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt4]
@="{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}]
2012-11-13 23:32 162552 ----a-w- c:\users\SimonLaptop\AppData\Roaming\Dropbox\bin\DropboxExt64.17.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveBlacklistedOverlay]
@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42}"
[HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42}]
2012-11-08 07:58 755224 ----a-w- c:\program files (x86)\Google\Drive\googledrivesync64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveSharedOverlay]
@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D43}"
[HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D43}]
2012-11-08 07:58 755224 ----a-w- c:\program files (x86)\Google\Drive\googledrivesync64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveSyncedOverlay]
@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40}"
[HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40}]
2012-11-08 07:58 755224 ----a-w- c:\program files (x86)\Google\Drive\googledrivesync64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveSyncingOverlay]
@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41}"
[HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41}]
2012-11-08 07:58 755224 ----a-w- c:\program files (x86)\Google\Drive\googledrivesync64.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2011-04-08 167256]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2011-04-08 391000]
"Persistence"="c:\windows\system32\igfxpers.exe" [2011-04-08 418136]
"TPwrMain"="c:\program files (x86)\TOSHIBA\Power Saver\TPwrMain.EXE" [BU]
"HSON"="c:\program files (x86)\TOSHIBA\TBS\HSON.exe" [BU]
"TCrdMain"="c:\program files (x86)\TOSHIBA\FlashCards\TCrdMain.exe" [BU]
"SmartAudio"="c:\program files\CONEXANT\SAII\SAIICpl.exe" [2010-12-14 316032]
"SynTPEnh"="c:\program files (x86)\Synaptics\SynTP\SynTPEnh.exe" [BU]
"Teco"="c:\program files (x86)\TOSHIBA\TECO\Teco.exe" [BU]
"TosWaitSrv"="c:\program files (x86)\TOSHIBA\TPHM\TosWaitSrv.exe" [BU]
"TosVolRegulator"="c:\program files\TOSHIBA\TosVolRegulator\TosVolRegulator.exe" [2009-11-11 24376]
"TosSENotify"="c:\program files\TOSHIBA\TOSHIBA HDD SSD Alert\TosWaitSrv.exe" [2010-12-08 710040]
"TosNC"="c:\program files (x86)\Toshiba\BulletinBoard\TosNcCore.exe" [BU]
"TosReelTimeMonitor"="c:\program files (x86)\TOSHIBA\ReelTime\TosReelTimeMonitor.exe" [BU]
"AdobeAAMUpdater-1.0"="c:\program files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe" [2012-04-03 446392]
.
------- Supplementary Scan -------
.
uLocal Page = c:\windows\system32\blank.htm
uStart Page = about:blank
mLocal Page = c:\windows\SysWOW64\blank.htm
uInternet Settings,ProxyOverride = <local>
IE: E&xport to Microsoft Excel - c:\progra~2\MICROS~3\Office12\EXCEL.EXE/3000
TCP: DhcpNameServer = 168.126.63.1 168.126.63.2 192.168.10.1
DPF: {967386A1-409E-431A-A93A-FB5FEFF86A58} - hxxp://bank.keb.co.kr/veraport/veraport.cab
DPF: {C1143E84-B2B1-473B-9F20-E62DD754FCAF} - hxxp://bank.keb.co.kr/activex/ubikey/VineTransfer.cab
FF - ProfilePath - c:\users\SimonLaptop\AppData\Roaming\Mozilla\Firefox\Profiles\26sioaha.default\
FF - prefs.js: browser.startup.homepage - cnn.com
FF - ExtSQL: 2012-11-24 00:27; [email protected]; c:\users\SimonLaptop\AppData\Roaming\Mozilla\Firefox\Profiles\26sioaha.default\extensions\[email protected]
.
- - - - ORPHANS REMOVED - - - -
.
Toolbar-Locked - (no file)
SafeBoot-91488160.sys
AddRemove-INFovine - c:\windows\system32\UbiKeyUninstall.exe
AddRemove-npn5 - c:\windows\system32\npn5uninst.exe
AddRemove-VeraPort - c:\windows\system32\VeraPortUninstall.exe
AddRemove-XecureCK - c:\windows\system32\CKSetup32.exe
.
.
.
--------------------- LOCKED REGISTRY KEYS ---------------------
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\windows\\system32\\Macromed\\Flash\\FlashUtil64_11_5_502_135_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\windows\\system32\\Macromed\\Flash\\FlashUtil64_11_5_502_135_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_5_502_135_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_5_502_135_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_5_502_135.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.11"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_5_502_135.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_5_502_135.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_5_502_135.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VideoLAN.VLCPlugin.*1*]
@="?????????????????? v1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VideoLAN.VLCPlugin.*1*\CLSID]
@="{E23FE9C6-778E-49D4-B537-38FCDE4887D8}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VideoLAN.VLCPlugin.*2*]
@="?????????????????? v2"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VideoLAN.VLCPlugin.*2*\CLSID]
@="{9BE31822-FDAD-461B-AD51-BE1D1C159921}"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Completion time: 2013-01-04 21:58:49
ComboFix-quarantined-files.txt 2013-01-04 12:58
ComboFix2.txt 2012-12-30 15:22
.
Pre-Run: 25,706,762,240 bytes free
Post-Run: 25,380,999,168 bytes free
.
- - End Of File - - D9232FA62FD9BA29CFDED4EA5607D889
  • 0

#14
evolnomis

evolnomis

    Member

  • Topic Starter
  • Member
  • PipPip
  • 51 posts
i restarted the computer and still quite a bit of lag. so basically, the symptoms have been worse since running the script.
  • 0

#15
gringo_pr

gringo_pr

    Trusted Helper

  • Malware Removal
  • 7,268 posts
Hello

I would like to see a report that combofix makes.

extra combofix report

  • push the "windows key" + "R" (between the "Ctrl" button and "Alt" Button)
  • please copy and past the following into the box
C:\Qoobox\Add-Remove Programs.txt
  • click ok

copy and paste the report into this topic for me to review

Gringo
  • 0






Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP