Jump to content

Welcome to Geeks to Go - Register now for FREE

Geeks To Go is a helpful hub, where thousands of volunteer geeks quickly serve friendly answers and support. Check out the forums and get free advice from the experts. Register now to gain access to all of our features, it's FREE and only takes one minute. Once registered and logged in, you will be able to create topics, post replies to existing threads, give reputation to your fellow members, get your own private messenger, post status updates, manage your profile and so much more.

Create Account How it Works
Photo

Trojan.Agent infection [Solved]


  • This topic is locked This topic is locked

#1
jkabat

jkabat

    Member

  • Member
  • PipPip
  • 98 posts
Windows Security Essentials indicates an infection and suggests running Defender offline. Defender offline says all is good.

Malwarebytes detects two items, both labeled trojan.agent. Upon removal I am told to restart. Upon restarting the items are still there.

I'm pasting the malwarebytes log and an OTL log. I appreciate any help.

Additional information possibly related. When running google chrome, sometimes when typing directly into the url box the computer goes to blue screen and shuts off. That is the only action that causes that.

Malwarebytes Anti-Malware 1.70.0.1100
www.malwarebytes.org

Database version: v2013.03.09.07

Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 9.0.8112.16421
Jessie :: JESSIE-PC [administrator]

3/14/2013 8:50:02 AM
mbam-log-2013-03-14 (08-50-02).txt

Scan type: Quick scan
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 226021
Time elapsed: 6 minute(s), 47 second(s)

Memory Processes Detected: 1
C:\Windows\svchost.exe (Trojan.Agent) -> 3536 -> Delete on reboot.

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 0
(No malicious items detected)

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 0
(No malicious items detected)

Files Detected: 1
C:\Windows\svchost.exe (Trojan.Agent) -> Delete on reboot.

(end)


OTL logfile created on: 3/14/2013 9:06:23 AM - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Jessie\Downloads
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

3.60 Gb Total Physical Memory | 1.71 Gb Available Physical Memory | 47.60% Memory free
7.20 Gb Paging File | 5.22 Gb Available in Paging File | 72.49% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 282.38 Gb Total Space | 230.87 Gb Free Space | 81.76% Space Free | Partition Type: NTFS

Computer Name: JESSIE-PC | User Name: Jessie | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2013/03/14 09:06:15 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Jessie\Downloads\OTL.exe
PRC - [2013/03/12 16:17:34 | 000,706,776 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_11_6_602_180_ActiveX.exe
PRC - [2013/01/10 16:39:42 | 000,308,368 | ---- | M] (Google Inc.) -- C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbarUser_32.exe
PRC - [2012/12/14 17:49:28 | 000,398,184 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
PRC - [2009/07/13 21:14:45 | 000,020,480 | ---- | M] () -- \\.\globalroot\systemroot\svchost.exe
PRC - [2009/07/13 21:14:45 | 000,020,480 | ---- | M] () -- \\.\globalroot\systemroot\svchost.exe
PRC - [2009/07/13 21:14:45 | 000,020,480 | ---- | M] () -- \\.\globalroot\systemroot\svchost.exe
PRC - [2009/07/13 21:14:45 | 000,020,480 | ---- | M] () -- \\.\globalroot\systemroot\svchost.exe
PRC - [2009/07/13 21:14:45 | 000,020,480 | ---- | M] () -- \\.\globalroot\systemroot\svchost.exe
PRC - [2009/07/13 21:14:45 | 000,020,480 | ---- | M] () -- \\.\globalroot\systemroot\svchost.exe
PRC - [2009/07/13 21:14:45 | 000,020,480 | ---- | M] () -- \\.\globalroot\systemroot\svchost.exe
PRC - [2009/07/13 21:14:45 | 000,020,480 | ---- | M] () -- \\.\globalroot\systemroot\svchost.exe
PRC - [2009/07/13 21:14:45 | 000,020,480 | ---- | M] () -- \\.\globalroot\systemroot\svchost.exe
PRC - [2009/07/13 21:14:45 | 000,020,480 | ---- | M] () -- \\.\globalroot\systemroot\svchost.exe
PRC - [2009/07/13 21:14:45 | 000,020,480 | ---- | M] () -- \\.\globalroot\systemroot\svchost.exe
PRC - [2009/07/13 21:14:45 | 000,020,480 | ---- | M] () -- \\.\globalroot\systemroot\svchost.exe


========== Modules (No Company Name) ==========


========== Services (SafeList) ==========

SRV:64bit: - [2013/01/27 12:34:32 | 000,379,360 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- c:\Program Files\Microsoft Security Client\NisSrv.exe -- (NisSrv)
SRV:64bit: - [2013/01/27 12:34:32 | 000,022,056 | ---- | M] (Microsoft Corporation) [Auto | Running] -- c:\Program Files\Microsoft Security Client\MsMpEng.exe -- (MsMpSvc)
SRV:64bit: - [2011/06/10 01:10:00 | 000,138,152 | ---- | M] (TOSHIBA Corporation) [On_Demand | Running] -- C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSmartSrv.exe -- (TOSHIBA HDD SSD Alert Service)
SRV:64bit: - [2011/06/08 01:54:56 | 000,204,288 | ---- | M] (AMD) [Auto | Running] -- C:\Windows\SysNative\atiesrxx.exe -- (AMD External Events Utility)
SRV:64bit: - [2011/05/17 18:34:18 | 000,574,896 | ---- | M] (TOSHIBA Corporation) [Auto | Running] -- C:\Program Files\TOSHIBA\Power Saver\TosCoSrv.exe -- (TosCoSrv)
SRV:64bit: - [2011/04/20 19:16:04 | 000,558,592 | ---- | M] (TOSHIBA Corporation) [Auto | Running] -- C:\Windows\SysNative\ThpSrv.exe -- (Thpsrv)
SRV:64bit: - [2010/10/20 18:41:00 | 000,138,656 | ---- | M] (TOSHIBA Corporation) [Auto | Running] -- C:\Windows\SysNative\TODDSrv.exe -- (TODDSrv)
SRV:64bit: - [2010/09/22 22:10:10 | 000,057,184 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Program Files\Windows Live\Mesh\wlcrasvc.exe -- (wlcrasvc)
SRV:64bit: - [2009/07/13 21:41:27 | 001,011,712 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV - [2013/03/12 17:03:21 | 000,253,656 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2012/12/14 17:49:28 | 000,682,344 | ---- | M] (Malwarebytes Corporation) [Auto | Stopped] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe -- (MBAMService)
SRV - [2012/12/14 17:49:28 | 000,398,184 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe -- (MBAMScheduler)
SRV - [2011/07/11 21:16:06 | 000,057,216 | ---- | M] (TOSHIBA Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\Toshiba\TOSHIBA Service Station\TMachInfo.exe -- (TMachInfo)
SRV - [2010/03/18 17:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2009/06/10 17:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)


========== Driver Services (SafeList) ==========

DRV:64bit: - [2013/01/20 16:59:04 | 000,130,008 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\NisDrvWFP.sys -- (NisDrv)
DRV:64bit: - [2012/12/14 17:49:28 | 000,024,176 | ---- | M] (Malwarebytes Corporation) [File_System | On_Demand | Running] -- C:\Windows\SysNative\drivers\mbam.sys -- (MBAMProtector)
DRV:64bit: - [2012/03/01 02:46:16 | 000,023,408 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
DRV:64bit: - [2011/07/28 18:33:50 | 000,313,448 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\rtsuvstor.sys -- (RSUSBVSTOR)
DRV:64bit: - [2011/06/08 02:42:26 | 009,360,896 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmdag.sys -- (amdkmdag)
DRV:64bit: - [2011/06/08 01:16:14 | 000,309,760 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmpag.sys -- (amdkmdap)
DRV:64bit: - [2011/05/17 02:55:28 | 000,533,096 | ---- | M] (Realtek ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Rt64win7.sys -- (RTL8167)
DRV:64bit: - [2011/04/13 13:21:56 | 001,143,912 | ---- | M] (Realtek Semiconductor Corporation ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\rtl8192ce.sys -- (RTL8192Ce)
DRV:64bit: - [2011/03/24 23:50:30 | 001,423,408 | ---- | M] (Synaptics Incorporated) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\SynTP.sys -- (SynTP)
DRV:64bit: - [2011/03/23 21:10:28 | 000,036,992 | ---- | M] (TOSHIBA Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\thpdrv.sys -- (Thpdrv)
DRV:64bit: - [2011/03/11 02:41:12 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2011/03/11 02:41:12 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2011/02/08 23:07:00 | 000,038,096 | ---- | M] (TOSHIBA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\PGEffect.sys -- (PGEffect)
DRV:64bit: - [2010/11/20 23:24:33 | 000,059,392 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV:64bit: - [2010/11/20 23:23:47 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2010/11/20 23:23:47 | 000,031,232 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbGD.sys -- (TsUsbGD)
DRV:64bit: - [2009/07/31 00:22:04 | 000,027,784 | ---- | M] (TOSHIBA Corporation.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\tdcmdpst.sys -- (tdcmdpst)
DRV:64bit: - [2009/07/14 19:31:18 | 000,026,840 | ---- | M] (TOSHIBA Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\TVALZ_O.SYS -- (TVALZ)
DRV:64bit: - [2009/07/13 21:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2009/07/13 21:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2009/07/13 21:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2009/07/07 13:51:42 | 000,009,216 | ---- | M] (TOSHIBA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\FwLnk.sys -- (FwLnk)
DRV:64bit: - [2009/06/29 20:16:20 | 000,014,784 | ---- | M] (TOSHIBA Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\Thpevm.sys -- (Thpevm)
DRV:64bit: - [2009/06/10 16:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2009/06/10 16:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2009/06/10 16:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:64bit: - [2009/06/10 16:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV - [2013/03/14 08:59:24 | 000,035,664 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- c:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{B1AD65C3-89D0-4093-9CC1-B3FC82BB674A}\MpKsld63d20a9.sys -- (MpKsld63d20a9)
DRV - [2009/07/13 21:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {{67A2568C-7A0A-4EED-AECC-B5405DE63B64}}
IE:64bit: - HKLM\..\SearchScopes\{{67A2568C-7A0A-4EED-AECC-B5405DE63B64}}: "URL" = http://www.google.co...ng}&rlz=1I7TSNO
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\..\SearchScopes,DefaultScope = {{67A2568C-7A0A-4EED-AECC-B5405DE63B64}}
IE - HKLM\..\SearchScopes\{{67A2568C-7A0A-4EED-AECC-B5405DE63B64}}: "URL" = http://www.google.co...ng}&rlz=1I7TSNO

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,SearchDefaultBranded = 1
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page =
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://www.msn.com/?ocid=iehp
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = en-US
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 24 E8 F7 08 C8 1D CE 01 [binary data]
IE - HKCU\..\SearchScopes,DefaultScope = {70642FB4-62CF-41F8-89A6-A9393D564588}
IE - HKCU\..\SearchScopes\{{67A2568C-7A0A-4EED-AECC-B5405DE63B64}}: "URL" = http://www.google.co...ng}&rlz=1I7TSNO
IE - HKCU\..\SearchScopes\{70642FB4-62CF-41F8-89A6-A9393D564588}: "URL" = http://www.google.co...1I7TSNO_enUS474
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = <local>


========== FireFox ==========

FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\windows\system32\Macromed\Flash\NPSWF64_11_6_602_180.dll File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\5.1.10411.0\npctrl.dll ( Microsoft Corporation)
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\windows\SysWOW64\Macromed\Flash\NPSWF32_11_6_602_180.dll ()
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.9.2: C:\windows\SysWOW64\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.9.2: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\5.1.10411.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~2\MICROS~3\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~2\MICROS~3\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3538.0513: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.21.135\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.21.135\npGoogleUpdate3.dll (Google Inc.)


[2012/11/25 12:42:00 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\extensions

========== Chrome ==========

CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}{google:assistedQueryStats}{google:searchFieldtrialParameter}{google:searchClient}{google:sourceId}{google:instantExtendedEnabledParameter}ie={inputEncoding}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client=chrome&q={searchTerms}&{google:cursorPosition}sugkey={google:suggestAPIKeyParameter}
CHR - homepage:
CHR - plugin: Shockwave Flash (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\25.0.1364.172\PepperFlash\pepflashplayer.dll
CHR - plugin: Chrome Remote Desktop Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\25.0.1364.172\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\25.0.1364.172\pdf.dll
CHR - plugin: Adobe Acrobat (Enabled) = C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll
CHR - plugin: Microsoft Office 2010 (Enabled) = C:\PROGRA~2\MICROS~3\Office14\NPAUTHZ.DLL
CHR - plugin: Microsoft Office 2010 (Enabled) = C:\PROGRA~2\MICROS~3\Office14\NPSPWRAP.DLL
CHR - plugin: Google Update (Enabled) = C:\Program Files (x86)\Google\Update\1.3.21.123\npGoogleUpdate3.dll
CHR - plugin: Java™ Platform SE 7 U5 (Enabled) = C:\Program Files (x86)\Oracle\JavaFX 2.1 Runtime\bin\plugin2\npjp2.dll
CHR - plugin: Windows Live\u0099 Photo Gallery (Enabled) = C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\windows\SysWOW64\Macromed\Flash\NPSWF32_11_5_502_135.dll
CHR - plugin: Java Deployment Toolkit 7.0.50.255 (Enabled) = C:\windows\SysWOW64\npDeployJava1.dll
CHR - plugin: Silverlight Plug-In (Enabled) = c:\Program Files (x86)\Microsoft Silverlight\5.1.10411.0\npctrl.dll
CHR - Extension: Google Drive = C:\Users\Jessie\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_0\
CHR - Extension: YouTube = C:\Users\Jessie\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\
CHR - Extension: Google Search = C:\Users\Jessie\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_0\
CHR - Extension: Gmail = C:\Users\Jessie\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\

O1 HOSTS File: ([2009/06/10 17:00:26 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O2:64bit: - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
O2 - BHO: (Java™ Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (Java™ Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O3:64bit: - HKLM\..\Toolbar: (Google Toolbar) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
O3:64bit: - HKCU\..\Toolbar\WebBrowser: (Google Toolbar) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
O4:64bit: - HKLM..\Run: [HSON] C:\Program Files\TOSHIBA\TBS\HSON.exe (TOSHIBA Corporation)
O4:64bit: - HKLM..\Run: [MSC] c:\Program Files\Microsoft Security Client\msseces.exe (Microsoft Corporation)
O4:64bit: - HKLM..\Run: [RtHDVBg] C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe (Realtek Semiconductor)
O4:64bit: - HKLM..\Run: [RTHDVCPL] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor)
O4:64bit: - HKLM..\Run: [TCrdMain] C:\Program Files\TOSHIBA\FlashCards\TCrdMain.exe (TOSHIBA Corporation)
O4:64bit: - HKLM..\Run: [ThpSrv] C:\windows\SysNative\thpsrv.exe (TOSHIBA Corporation)
O4:64bit: - HKLM..\Run: [TosSENotify] C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosWaitSrv.exe (TOSHIBA Corporation)
O4:64bit: - HKLM..\Run: [TosVolRegulator] C:\Program Files\TOSHIBA\TosVolRegulator\TosVolRegulator.exe (TOSHIBA Corporation)
O4:64bit: - HKLM..\Run: [TPwrMain] C:\Program Files\TOSHIBA\Power Saver\TPwrMain.exe (TOSHIBA Corporation)
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O13 - gopher Prefix: missing
O16 - DPF: {20BBA18F-5BC8-47B5-8FC9-5DFCA8E56A4B} https://mpi.dacom.ne...PI_20110503.cab (XacsPop Control)
O16 - DPF: {48ECCD73-123C-4C25-A64C-76E8E8A30CAF} https://mpi.dacom.ne...MPI/XPayMPI.cab (XPayMPIOCX Control)
O16 - DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} http://download.eset...lineScanner.cab (Reg Error: Key error.)
O16 - DPF: {7C98E005-7DA3-4C02-8D9F-FAA9C4D1C343} http://service.ewha..../ictReportX.cab (ReportViewerForm Control)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Reg Error: Value error.)
O16 - DPF: {AC2CE4A7-75CE-4B11-B245-CE697861C3C1} http://ems.shinhanli...ISAFEMailv4.cab (INISafeMailContainer Class)
O16 - DPF: {CAFEEFAC-0017-0000-0005-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.7.0_05)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 10.9.2)
O16 - DPF: {E78928A6-3D2A-4BF7-A100-F3FBAA351B49} https://www.vpay.co....TLD_VISTA64.cab (KvpIspCtlD Control)
O16 - DPF: {FFD77E35-1C34-4EAC-B5A7-414CC5D007DA} https://www.isaackor...sim/ilkactx.cab (AnsimPlugin Class)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 75.75.76.76 75.75.75.75
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{E7ACCB42-994F-4EAC-8BC1-7BA8188F8953}: DhcpNameServer = 75.75.76.76 75.75.75.75
O20:64bit: - HKLM Winlogon: Shell - (Explorer.exe) - C:\windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\windows\system32\userinit.exe) - C:\Windows\SysWOW64\userinit.exe (Microsoft Corporation)
O32 - HKLM CDRom: AutoRun - 1
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)

========== Files/Folders - Created Within 30 Days ==========

[2013/03/14 09:00:18 | 000,020,480 | ---- | C] (Microsoft Corporation) -- C:\windows\svchost.exe
[2013/03/13 08:49:04 | 000,000,000 | ---D | C] -- C:\bab0277241d68e0d82426f
[2013/03/08 10:06:58 | 000,000,000 | R--D | C] -- C:\Users\Jessie\Documents\Scanned Documents
[2013/03/08 10:06:55 | 000,000,000 | ---D | C] -- C:\Users\Jessie\Documents\Fax
[2013/02/27 22:43:39 | 002,284,544 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\msmpeg2vdec.dll
[2013/02/27 22:43:38 | 002,776,576 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\msmpeg2vdec.dll
[2013/02/27 22:43:38 | 000,221,184 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\UIAnimation.dll
[2013/02/27 22:43:38 | 000,187,392 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\UIAnimation.dll
[2013/02/27 22:43:18 | 000,417,792 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\WMPhoto.dll
[2013/02/27 22:43:17 | 000,465,920 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\WMPhoto.dll
[2013/02/27 22:43:05 | 000,194,560 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\d3d10_1.dll
[2013/02/27 22:43:05 | 000,010,752 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysWow64\api-ms-win-downlevel-advapi32-l1-1-0.dll
[2013/02/27 22:43:05 | 000,010,752 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysNative\api-ms-win-downlevel-advapi32-l1-1-0.dll
[2013/02/27 22:43:05 | 000,009,728 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysWow64\api-ms-win-downlevel-shlwapi-l1-1-0.dll
[2013/02/27 22:43:05 | 000,009,728 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysNative\api-ms-win-downlevel-shlwapi-l1-1-0.dll
[2013/02/27 22:43:05 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysWow64\api-ms-win-downlevel-advapi32-l2-1-0.dll
[2013/02/27 22:43:05 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysNative\api-ms-win-downlevel-advapi32-l2-1-0.dll
[2013/02/27 22:43:05 | 000,002,560 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysWow64\api-ms-win-downlevel-normaliz-l1-1-0.dll
[2013/02/27 22:43:05 | 000,002,560 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysNative\api-ms-win-downlevel-normaliz-l1-1-0.dll
[2013/02/27 22:43:03 | 002,565,120 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\d3d10warp.dll
[2013/02/27 22:43:02 | 000,522,752 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\XpsGdiConverter.dll
[2013/02/27 22:43:01 | 000,364,544 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\XpsGdiConverter.dll
[2013/02/27 22:43:01 | 000,005,632 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysWow64\api-ms-win-downlevel-shlwapi-l2-1-0.dll
[2013/02/27 22:43:01 | 000,005,632 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysNative\api-ms-win-downlevel-shlwapi-l2-1-0.dll
[2013/02/27 22:43:01 | 000,005,632 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysWow64\api-ms-win-downlevel-ole32-l1-1-0.dll
[2013/02/27 22:43:01 | 000,005,632 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysNative\api-ms-win-downlevel-ole32-l1-1-0.dll
[2013/02/27 22:43:01 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysWow64\api-ms-win-downlevel-user32-l1-1-0.dll
[2013/02/27 22:43:01 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysNative\api-ms-win-downlevel-user32-l1-1-0.dll
[2013/02/27 22:43:01 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysWow64\api-ms-win-downlevel-version-l1-1-0.dll
[2013/02/27 22:43:01 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysNative\api-ms-win-downlevel-version-l1-1-0.dll
[2013/02/27 22:43:01 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysWow64\api-ms-win-downlevel-shell32-l1-1-0.dll
[2013/02/27 22:43:01 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysNative\api-ms-win-downlevel-shell32-l1-1-0.dll
[2013/02/27 22:43:00 | 000,648,192 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\d3d10level9.dll
[2013/02/27 22:43:00 | 000,363,008 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\dxgi.dll
[2013/02/27 22:43:00 | 000,296,960 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\d3d10core.dll
[2013/02/27 22:42:59 | 001,887,232 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\d3d11.dll
[2013/02/27 22:42:59 | 001,504,768 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\d3d11.dll
[2013/02/27 22:42:59 | 000,333,312 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\d3d10_1core.dll
[2013/02/27 22:42:58 | 001,238,528 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\d3d10.dll
[2013/02/27 22:42:57 | 001,158,144 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\XpsPrint.dll
[2013/02/27 22:42:56 | 001,682,432 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\XpsPrint.dll
[2013/02/27 22:42:55 | 001,643,520 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\DWrite.dll
[2013/02/27 22:42:55 | 000,245,248 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\WindowsCodecsExt.dll
[2013/02/27 22:42:54 | 001,424,384 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\WindowsCodecs.dll
[2013/02/27 22:42:53 | 003,928,064 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\d2d1.dll
[2013/02/27 09:39:52 | 000,000,000 | -HSD | C] -- C:\Config.Msi
[2013/02/27 09:39:31 | 000,000,000 | ---D | C] -- C:\windows\Temp82CDD929-2E6E-2530-5D64-35AA60D79BF9-Signatures
[2013/02/27 09:38:29 | 000,000,000 | ---D | C] -- C:\92727f19c0eaaa9427c34e
[2013/02/24 10:40:31 | 000,000,000 | ---D | C] -- C:\Users\Jessie\AppData\Local\Programs
[2013/02/21 21:33:05 | 000,000,000 | ---D | C] -- C:\Users\Jessie\AppData\Local\{AA2B3A6A-E6D8-4CE9-9790-0C179DA1757B}
[2013/02/21 21:33:04 | 000,000,000 | ---D | C] -- C:\Users\Jessie\AppData\Local\{C3B0E248-0F2D-4480-83D1-11CCADB95DD2}
[2013/02/14 10:39:36 | 000,096,768 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\mshtmled.dll
[2013/02/14 10:39:36 | 000,073,216 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\mshtmled.dll
[2013/02/14 10:39:33 | 000,248,320 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\ieui.dll
[2013/02/14 10:39:33 | 000,176,640 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\ieui.dll
[2013/02/14 10:39:32 | 000,173,056 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\ieUnatt.exe
[2013/02/14 10:39:32 | 000,142,848 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\ieUnatt.exe
[2013/02/14 10:39:31 | 000,237,056 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\url.dll
[2013/02/14 10:39:31 | 000,231,936 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\url.dll
[2013/02/14 10:39:29 | 001,494,528 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\inetcpl.cpl
[2013/02/14 10:39:29 | 001,427,968 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\inetcpl.cpl
[2013/02/14 10:39:28 | 002,312,704 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\jscript9.dll
[2013/02/14 10:39:28 | 000,729,088 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\msfeeds.dll
[2013/02/14 10:39:24 | 000,816,640 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\jscript.dll
[2013/02/14 10:39:24 | 000,717,824 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\jscript.dll
[2013/02/14 10:39:24 | 000,599,040 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\vbscript.dll
[2013/02/13 09:29:45 | 005,553,512 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\ntoskrnl.exe
[2013/02/13 09:29:44 | 003,967,848 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\ntkrnlpa.exe
[2013/02/13 09:29:43 | 003,913,064 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\ntoskrnl.exe
[2013/02/13 09:29:23 | 000,215,040 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\winsrv.dll
[2013/02/13 09:29:23 | 000,014,336 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\ntvdm64.dll
[2013/02/13 09:29:22 | 000,025,600 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\setup16.exe
[2013/02/13 09:29:22 | 000,007,680 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\instnm.exe
[2013/02/13 09:29:22 | 000,005,120 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\wow32.dll
[2013/02/13 09:29:20 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\user.exe
[2013/02/13 09:29:17 | 000,288,088 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\drivers\FWPKCLNT.SYS
[1 C:\Users\Jessie\Desktop\*.tmp files -> C:\Users\Jessie\Desktop\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2013/03/14 09:07:41 | 000,726,444 | ---- | M] () -- C:\windows\SysNative\PerfStringBackup.INI
[2013/03/14 09:07:41 | 000,624,412 | ---- | M] () -- C:\windows\SysNative\perfh009.dat
[2013/03/14 09:07:41 | 000,106,756 | ---- | M] () -- C:\windows\SysNative\perfc009.dat
[2013/03/14 09:07:09 | 000,024,608 | -H-- | M] () -- C:\windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2013/03/14 09:07:09 | 000,024,608 | -H-- | M] () -- C:\windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2013/03/14 09:00:32 | 000,000,908 | ---- | M] () -- C:\windows\tasks\GoogleUpdateTaskMachineCore.job
[2013/03/14 09:00:00 | 000,000,912 | ---- | M] () -- C:\windows\tasks\GoogleUpdateTaskMachineUA.job
[2013/03/14 08:59:11 | 000,067,584 | --S- | M] () -- C:\windows\bootstat.dat
[2013/03/14 08:59:02 | 2899,468,288 | -HS- | M] () -- C:\hiberfil.sys
[2013/03/14 08:50:03 | 000,000,830 | ---- | M] () -- C:\windows\tasks\Adobe Flash Player Updater.job
[2013/03/14 08:02:45 | 383,609,578 | ---- | M] () -- C:\windows\MEMORY.DMP
[2013/03/12 17:03:20 | 000,693,976 | ---- | M] (Adobe Systems Incorporated) -- C:\windows\SysWow64\FlashPlayerApp.exe
[2013/03/12 17:03:19 | 000,073,432 | ---- | M] (Adobe Systems Incorporated) -- C:\windows\SysWow64\FlashPlayerCPLApp.cpl
[2013/03/09 09:00:11 | 000,073,952 | ---- | M] () -- C:\Users\Jessie\Documents\cc_20130309_075859.reg
[2013/03/09 08:52:35 | 000,000,833 | ---- | M] () -- C:\Users\Public\Desktop\CCleaner.lnk
[2013/03/08 07:43:35 | 001,268,843 | ---- | M] () -- C:\Users\Jessie\Desktop\noname.eml
[2013/02/27 10:58:24 | 000,001,945 | ---- | M] () -- C:\windows\epplauncher.mif
[2013/02/24 10:41:17 | 000,001,124 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
[2013/02/22 13:29:14 | 000,450,802 | ---- | M] () -- C:\Users\Jessie\Desktop\Counter offer signed by Seller. 2.21.13.pdf
[2013/02/15 11:04:54 | 000,342,664 | ---- | M] () -- C:\windows\SysNative\FNTCACHE.DAT
[1 C:\Users\Jessie\Desktop\*.tmp files -> C:\Users\Jessie\Desktop\*.tmp -> ]

========== Files Created - No Company Name ==========

[2013/03/09 11:26:12 | 383,609,578 | ---- | C] () -- C:\windows\MEMORY.DMP
[2013/03/09 08:59:03 | 000,073,952 | ---- | C] () -- C:\Users\Jessie\Documents\cc_20130309_075859.reg
[2013/03/09 08:52:35 | 000,000,833 | ---- | C] () -- C:\Users\Public\Desktop\CCleaner.lnk
[2013/03/08 07:43:26 | 001,268,843 | ---- | C] () -- C:\Users\Jessie\Desktop\noname.eml
[2013/02/24 10:41:17 | 000,001,124 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
[2013/02/22 13:29:13 | 000,450,802 | ---- | C] () -- C:\Users\Jessie\Desktop\Counter offer signed by Seller. 2.21.13.pdf
[2012/09/24 19:44:46 | 002,480,232 | ---- | C] () -- C:\windows\SysWow64\ISPPopUpDlg.exe
[2012/08/04 12:27:55 | 000,000,478 | ---- | C] () -- C:\windows\SysWow64\ic32.ini
[2012/08/04 10:18:30 | 000,540,672 | ---- | C] () -- C:\windows\SysWow64\Tx32.dll
[2012/07/26 13:05:40 | 000,495,616 | ---- | C] () -- C:\windows\SysWow64\KvpUpCom.dll
[2012/04/07 16:30:19 | 000,743,534 | ---- | C] () -- C:\windows\SysWow64\PerfStringBackup.INI
[2012/01/19 04:42:09 | 000,451,072 | ---- | C] () -- C:\windows\SysWow64\ISSRemoveSP.exe
[2012/01/19 04:33:35 | 000,000,000 | ---- | C] () -- C:\windows\ativpsrm.bin
[2012/01/19 04:30:19 | 000,003,929 | ---- | C] () -- C:\windows\SysWow64\atipblag.dat
[2011/03/24 23:48:04 | 000,066,856 | ---- | C] () -- C:\windows\SysWow64\SynTPEnhPS.dll

========== ZeroAccess Check ==========

[2009/07/14 00:55:00 | 000,000,227 | RHS- | M] () -- C:\windows\assembly\Desktop.ini

[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64

[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64

[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\Windows\SysNative\shell32.dll -- [2012/06/09 01:43:10 | 014,172,672 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2012/06/09 00:41:00 | 012,873,728 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009/07/13 21:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2010/11/20 23:24:25 | 000,606,208 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2009/07/13 21:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]

========== Files - Unicode (All) ==========
[2013/02/28 15:36:47 | 000,000,580 | ---- | M] ()(C:\Users\Jessie\Desktop\????.lnk) -- C:\Users\Jessie\Desktop\겨울캠프.lnk
[2013/02/18 12:06:44 | 000,010,858 | ---- | M] ()(C:\Users\Jessie\Desktop\???? 12.1.2?.xlsx) -- C:\Users\Jessie\Desktop\용수선영 12.1.2월.xlsx
[2013/02/18 11:51:48 | 000,010,858 | ---- | C] ()(C:\Users\Jessie\Desktop\???? 12.1.2?.xlsx) -- C:\Users\Jessie\Desktop\용수선영 12.1.2월.xlsx
[2012/10/15 21:11:59 | 000,000,000 | ---D | M](C:\Users\Jessie\Desktop\????11) -- C:\Users\Jessie\Desktop\여름캠프11
[2012/10/15 17:20:56 | 000,017,368 | ---- | M] ()(C:\Users\Jessie\Desktop\?????? ?? ? ??.docx) -- C:\Users\Jessie\Desktop\미국학생비자 서류 및 절차.docx
[2012/10/15 17:20:55 | 000,017,368 | ---- | C] ()(C:\Users\Jessie\Desktop\?????? ?? ? ??.docx) -- C:\Users\Jessie\Desktop\미국학생비자 서류 및 절차.docx
[2012/10/13 08:57:47 | 000,000,580 | ---- | C] ()(C:\Users\Jessie\Desktop\????.lnk) -- C:\Users\Jessie\Desktop\겨울캠프.lnk
[2012/10/13 08:56:27 | 000,065,536 | ---- | C] ()(C:\Users\Jessie\Desktop\2010? ???.xls) -- C:\Users\Jessie\Desktop\2010년 주소록.xls
[2012/10/13 08:56:09 | 000,000,000 | ---D | C](C:\Users\Jessie\Desktop\????11) -- C:\Users\Jessie\Desktop\여름캠프11
[2012/05/05 14:25:38 | 000,019,358 | ---- | M] ()(C:\Users\Jessie\Desktop\????5~.docx) -- C:\Users\Jessie\Desktop\미대순위5~.docx
[2012/05/05 14:25:38 | 000,019,358 | ---- | C] ()(C:\Users\Jessie\Desktop\????5~.docx) -- C:\Users\Jessie\Desktop\미대순위5~.docx
[2012/05/05 14:21:58 | 000,016,438 | ---- | M] ()(C:\Users\Jessie\Desktop\2011 ??????.docx) -- C:\Users\Jessie\Desktop\2011 미국대학평가.docx
[2012/05/05 14:21:57 | 000,016,438 | ---- | C] ()(C:\Users\Jessie\Desktop\2011 ??????.docx) -- C:\Users\Jessie\Desktop\2011 미국대학평가.docx
[2011/05/17 20:28:26 | 000,065,536 | ---- | M] ()(C:\Users\Jessie\Desktop\2010? ???.xls) -- C:\Users\Jessie\Desktop\2010년 주소록.xls

========== Alternate Data Streams ==========

@Alternate Data Stream - 697 bytes -> C:\Users\Jessie\Desktop\noname.eml:OECustomProperty

< End of report >



  • 0

Advertisements


#2
jkabat

jkabat

    Member

  • Topic Starter
  • Member
  • PipPip
  • 98 posts
Here is the OTL extra file from the same scan:

OTL Extras logfile created on: 3/14/2013 9:06:23 AM - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Jessie\Downloads
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

3.60 Gb Total Physical Memory | 1.71 Gb Available Physical Memory | 47.60% Memory free
7.20 Gb Paging File | 5.22 Gb Available in Paging File | 72.49% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 282.38 Gb Total Space | 230.87 Gb Free Space | 81.76% Space Free | Partition Type: NTFS

Computer Name: JESSIE-PC | User Name: Jessie | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Extra Registry (SafeList) ==========


========== File Associations ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.url[@ = InternetShortcut] -- C:\windows\SysNative\rundll32.exe (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\windows\SysWow64\control.exe (Microsoft Corporation)

[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = ChromeHTML] -- Reg Error: Key error. File not found

========== Shell Spawning ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

========== Security Center Settings ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
"FirewallDisableNotify" = 0
"AntiVirusDisableNotify" = 0
"UpdatesDisableNotify" = 0

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = 28 4D B2 76 41 04 CA 01 [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]

========== System Restore Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0

========== Firewall Settings ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall]

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile]

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile]

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile]

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0

========== Authorized Applications List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]


========== Vista Active Open Ports Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{0063F304-160B-4B3C-BC86-A0BB10D209DD}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{0E792481-B303-4EE5-985D-009A6A254D35}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{12100D0D-1E8A-47D5-BDC8-5D88F7517111}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{19132392-DAB9-4512-BCBA-4A04C248C002}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{20B73DE8-1A07-4A9D-B1ED-01D4AA4AC49E}" = lport=139 | protocol=6 | dir=in | app=system |
"{27C8D1AF-935E-409C-8780-2E561C79C80B}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe |
"{334F2864-C903-4191-9299-C920F19EBE23}" = rport=139 | protocol=6 | dir=out | app=system |
"{37C615EA-BB7D-482F-A3A7-F10CBC56C15B}" = lport=445 | protocol=6 | dir=in | app=system |
"{40A24B9D-A1BD-4B4D-9CF8-8B09CCB28A23}" = lport=2869 | protocol=6 | dir=in | name=windows live communications platform (upnp) |
"{40EAC79D-8352-4C33-B910-D42A1B391283}" = rport=137 | protocol=17 | dir=out | app=system |
"{41EFB8DE-E881-4B15-A29F-A44C28767BF1}" = lport=10243 | protocol=6 | dir=in | app=system |
"{4B20257E-8360-46C6-BFA6-04951282BFDF}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{63D0B1F3-8E34-447E-A4D0-A28530FED327}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{6576740E-468A-40DF-B493-A3EEBE2C24B0}" = rport=138 | protocol=17 | dir=out | app=system |
"{6DA04773-3543-4571-B956-FE4C30AA2FAB}" = lport=138 | protocol=17 | dir=in | app=system |
"{7DD739E7-FA9C-4B57-9068-4275553F7CBF}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{8BA36558-5070-4B51-91E3-86D1B770B13C}" = lport=2869 | protocol=6 | dir=in | app=system |
"{950954A5-9A7C-4F93-AF09-5839EA11A720}" = rport=10243 | protocol=6 | dir=out | app=system |
"{A7743077-69B3-4227-9AAC-7DDA4615FAA2}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{AD5B0B7A-ABFD-4612-ACFB-228EA6385EBE}" = lport=137 | protocol=17 | dir=in | app=system |
"{BFE4D9D1-168D-48CD-A5B7-ECA01D03CF9C}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{C1360C29-2A61-4EF7-A57F-59BF57936EA2}" = rport=445 | protocol=6 | dir=out | app=system |
"{C9AA4491-0575-4A76-9CE6-6295859B0871}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{F6C879AF-D06D-4C60-A2FE-4476963A93CC}" = lport=1900 | protocol=17 | dir=in | name=windows live communications platform (ssdp) |
"{FA48672E-FBFF-4CED-94F6-87E5A49397F7}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | [email protected],-28539 |

========== Vista Active Application Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{0C41C671-7134-4585-A6C7-7677AE2348A7}" = protocol=6 | dir=in | app=c:\program files (x86)\microsoft office\office14\onenote.exe |
"{0F34F28F-D8D3-454C-BAD5-1C0085A65476}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{146E3F76-758B-4293-8182-14F58EDCC5B8}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{2F1CCFA8-5345-4728-9555-3E0A5362645A}" = protocol=1 | dir=in | [email protected],-28543 |
"{2FE0DEEF-ECC9-4F0C-8F59-22989EE4D19E}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{3ABD29EC-3009-4F80-87BB-138F18D3B8E1}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{3CC8D2C3-5999-42A2-8DF2-14C51AE40132}" = dir=in | app=c:\program files (x86)\windows live\mesh\moe.exe |
"{3EA6EF3B-D2AE-4318-A676-A78A8508D0D4}" = protocol=6 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{3EC6B262-FCE1-499E-B383-DE89803515F0}" = dir=in | app=c:\program files (x86)\windows live\contacts\wlcomm.exe |
"{4443735F-9225-4A4B-966F-644354C7F364}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{557917F9-9AA6-43C1-A511-5767481E56C3}" = protocol=6 | dir=out | app=system |
"{58C5B1FC-5193-4D69-BA8A-C7C051217D91}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{5F34A292-4D2D-45D6-BB29-B33397D89CA4}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{87552499-368A-4CCB-B4DB-AA2A8F9E2167}" = dir=in | app=c:\program files (x86)\windows live\messenger\msnmsgr.exe |
"{877A2B15-9F26-4AA1-8BF0-95A6E21ECD7C}" = protocol=1 | dir=out | [email protected],-28544 |
"{AC310D6D-23BA-4EBD-A495-6B95A5C053FD}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{C6FEF307-8C27-43B9-B55D-E690BAA438AD}" = protocol=17 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{C84E1D99-AB0D-4991-90D3-995B9E964E8C}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{C9129340-2F88-4CC9-8040-05703F00699C}" = protocol=58 | dir=out | [email protected],-28546 |
"{C9FF4E8D-E902-4B52-82DD-E1739194F9D5}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{CF1BE035-48D3-4657-9B0B-041C0EEE3449}" = protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office14\onenote.exe |
"{D5BC4F4B-848D-4DDC-9A7D-0AAECFEA6CA4}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{DD12C31B-5A33-4827-9655-3CD53FF6ABA2}" = protocol=17 | dir=in | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{E30948A9-E5BE-4629-AE03-495EE5A8A969}" = protocol=58 | dir=in | [email protected],-28545 |

========== HKEY_LOCAL_MACHINE Uninstall List ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{066CFFF8-12BF-4390-A673-75F95EFF188E}" = TOSHIBA Value Added Package
"{180C8888-50F1-426B-A9DC-AB83A1989C65}" = Windows Live Language Selector
"{1ACC8FFB-9D84-4C05-A4DE-D28A9BC91698}" = Windows Live ID Sign-in Assistant
"{4ACA5AE7-E68C-5A48-F8E6-D67946267506}" = ATI Catalyst Install Manager
"{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148
"{5DA0E02F-970B-424B-BF41-513A5018E4C0}" = TOSHIBA Disc Creator
"{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161
"{6316805C-2485-2FF5-974C-750E3BE1DF65}" = AMD Media Foundation Decoders
"{656DEEDE-F6AC-47CA-A568-A1B4E34B5760}" = Windows Live Remote Service Resources
"{847B0532-55E3-4AAF-8D7B-E3A1A7CD17E5}" = Windows Live Remote Client Resources
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{90140000-002A-0000-1000-0000000FF1CE}" = Microsoft Office Office 64-bit Components 2010
"{90140000-002A-0409-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit MUI (English) 2010
"{90140000-0116-0409-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2010
"{94A90C69-71C1-470A-88F5-AA47ECC96B40}" = TOSHIBA HDD Protection
"{95120000-00B9-0409-1000-0000000FF1CE}" = Microsoft Application Error Reporting
"{A34D9B7F-8453-DA02-DC98-EEEE085411C6}" = ccc-utility64
"{BCA9334F-B6C9-4F65-9A73-AC5A329A4D04}" = PlayReady PC Runtime amd64
"{D4322448-B6AF-4316-B859-D8A0E84DCB38}" = TOSHIBA HDD/SSD Alert
"{D954C6C2-544B-4091-A47F-11E77162883E}" = Microsoft Security Client
"{DA54F80E-261C-41A2-A855-549A144F2F59}" = Windows Live MIME IFilter
"{DA5E371C-6333-3D8A-93A4-6FD5B20BCC6E}" = Microsoft Visual C++ 2010 x64 Redistributable - 10.0.30319
"{DF6D988A-EEA0-4277-AAB8-158E086E439B}" = Windows Live Remote Client
"{E02A6548-6FDE-40E2-8ED9-119D7D7E641F}" = Windows Live Remote Service
"{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}" = Microsoft .NET Framework 4 Client Profile
"{F67FA545-D8E5-4209-86B1-AEE045D1003F}" = TOSHIBA Face Recognition
"CCleaner" = CCleaner
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft Security Client" = Microsoft Security Essentials
"SynTPDeinstKey" = Synaptics Pointing Device Driver

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{0146E330-EEE7-B924-B347-B399460893ED}" = CCC Help Czech
"{066CFFF8-12BF-4390-A673-75F95EFF188E}" = TOSHIBA Value Added Package
"{09927C92-A652-057A-3A7B-153F23175C58}" = CCC Help Dutch
"{0AF17224-CF88-40B8-BB1A-D179369847B4}" = TOSHIBA Supervisor Password
"{0B0F231F-CE6A-483D-AA23-77B364F75917}" = Windows Live Installer
"{0D795777-9D60-4692-8386-F2B3F2B5E5BF}" = [email protected] 1.0
"{109CBCC5-7151-1CC6-DAD6-6F7DD3162A8A}" = Catalyst Control Center InstallProxy
"{18455581-E099-4BA8-BC6B-F34B2F06600C}" = Google Toolbar for Internet Explorer
"{196BB40D-1578-3D01-B289-BEFC77A11A1E}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.30319
"{19BA08F7-C728-469C-8A35-BFBD3633BE08}" = Windows Live Movie Maker
"{19E40731-8E1A-07FB-DA7D-8A54603F6408}" = CCC Help English
"{1B97813D-74A7-25EB-4837-792413507E82}" = CCC Help Danish
"{1CF94211-A7BB-8151-44B8-6618C5A162F8}" = CCC Help Portuguese
"{1D7FEEAC-6CEE-5B5F-A8B0-9BE7A6BCB7FB}" = CCC Help Chinese Traditional
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{1F6AB0E7-8CDD-4B93-8A23-AA9EB2FEFCE4}" = Junk Mail filter update
"{200FEC62-3C34-4D60-9CE8-EC372E01C08F}" = Windows Live SOXE Definitions
"{23170F69-40C1-2701-0921-000001000000}" = 7-Zip 9.21
"{2318C2B1-4965-11d4-9B18-009027A5CD4F}" = Google Toolbar for Internet Explorer
"{247E03D2-485B-7A70-BF5C-AB9BDF6AFB44}" = CCC Help Polish
"{26A24AE4-039D-4CA4-87B4-2F83217009FF}" = Java 7 Update 9
"{2902F983-B4C1-44BA-B85D-5C6D52E2C441}" = Windows Live Mesh ActiveX Control for Remote Connections
"{2A3FC24C-6EC0-4519-A52B-FDA4EA9B2D24}" = Windows Live Messenger
"{2EEFB3C4-4706-C2B5-DF69-CF914D87BCE4}" = CCC Help Swedish
"{3336F667-9049-4D46-98B6-4C743EEBC5B1}" = Windows Live Photo Gallery
"{337FDED7-D27B-E476-E888-3674E1C01C69}" = CCC Help Spanish
"{3384E1D9-3F18-4A98-8655-180FEF0DFC02}" = TOSHIBA User's Guide
"{34F4D9A4-42C2-4348-BEF4-E553C84549E7}" = Windows Live Photo Gallery
"{4485C9D0-A742-F1BB-C0B0-58FC61960D99}" = CCC Help Korean
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{579684A4-DDD5-4CA3-9EA8-7BE7D9593DB4}" = Windows Live UX Platform Language Pack
"{5AF550B4-BB67-4E7E-82F1-2C4300279050}" = TOSHIBARegistration
"{62BBB2F0-E220-4821-A564-730807D2C34D}" = Realtek USB 2.0 Reader Driver
"{666E35A7-A224-E3E9-48C2-C641837535D9}" = Catalyst Control Center Localization All
"{682B3E4F-696A-42DE-A41C-4C07EA1678B4}" = Windows Live SOXE
"{6F3C8901-EBD3-470D-87F8-AC210F6E5E02}" = TOSHIBA Web Camera Application
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{8064A378-46F4-4A4E-8AF5-153D0D4018DD}" = Catalyst Control Center - Branding
"{83601916-2E71-F1C7-EE5F-A1C985BC9217}" = CCC Help German
"{83C292B7-38A5-440B-A731-07070E81A64F}" = Windows Live PIMT Platform
"{8833FFB6-5B0C-4764-81AA-06DFEED9A476}" = Realtek Ethernet Controller Driver
"{8A34A135-D405-DD03-9B2E-0EB99238A312}" = CCC Help Finnish
"{8C6D6116-B724-4810-8F2D-D047E6B7D68E}" = Mesh Runtime
"{8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}" = MSVCRT
"{90140000-0015-0409-0000-0000000FF1CE}" = Microsoft Office Access MUI (English) 2010
"{90140000-0015-0409-0000-0000000FF1CE}_Office14.SingleImage_{6BD185A0-E67F-4F77-8BCD-E34EA6AE76DF}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0016-0409-0000-0000000FF1CE}" = Microsoft Office Excel MUI (English) 2010
"{90140000-0016-0409-0000-0000000FF1CE}_Office14.SingleImage_{6BD185A0-E67F-4F77-8BCD-E34EA6AE76DF}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0018-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (English) 2010
"{90140000-0018-0409-0000-0000000FF1CE}_Office14.SingleImage_{6BD185A0-E67F-4F77-8BCD-E34EA6AE76DF}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0019-0409-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (English) 2010
"{90140000-0019-0409-0000-0000000FF1CE}_Office14.SingleImage_{6BD185A0-E67F-4F77-8BCD-E34EA6AE76DF}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001A-0409-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (English) 2010
"{90140000-001A-0409-0000-0000000FF1CE}_Office14.SingleImage_{6BD185A0-E67F-4F77-8BCD-E34EA6AE76DF}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001B-0409-0000-0000000FF1CE}" = Microsoft Office Word MUI (English) 2010
"{90140000-001B-0409-0000-0000000FF1CE}_Office14.SingleImage_{6BD185A0-E67F-4F77-8BCD-E34EA6AE76DF}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2010
"{90140000-001F-0409-0000-0000000FF1CE}_Office14.SingleImage_{99ACCA38-6DD3-48A8-96AE-A283C9759279}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2010
"{90140000-001F-040C-0000-0000000FF1CE}_Office14.SingleImage_{46298F6A-1E7E-4D4A-B5F5-106A4F0E48C6}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001F-0C0A-0000-0000000FF1CE}" = Microsoft Office Proof (Spanish) 2010
"{90140000-001F-0C0A-0000-0000000FF1CE}_Office14.SingleImage_{DEA87BE2-FFCC-4F33-9946-FCBE55A1E998}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-002A-0000-1000-0000000FF1CE}_Office14.SingleImage_{967EF02C-5C7E-4718-8FCB-BDC050190CCF}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-002A-0409-1000-0000000FF1CE}_Office14.SingleImage_{D6C6B46A-6CE1-4561-84A0-EFD58B8AB979}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-002C-0409-0000-0000000FF1CE}" = Microsoft Office Proofing (English) 2010
"{90140000-002C-0409-0000-0000000FF1CE}_Office14.SingleImage_{7CA93DF4-8902-449E-A42E-4C5923CFBDE3}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-003D-0000-0000-0000000FF1CE}" = Microsoft Office Single Image 2010
"{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{047B0968-E622-4FAA-9B4B-121FA109EDDE}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-006E-0409-0000-0000000FF1CE}" = Microsoft Office Shared MUI (English) 2010
"{90140000-006E-0409-0000-0000000FF1CE}_Office14.SingleImage_{4560037C-E356-444A-A015-D21F487D809E}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-00A1-0409-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (English) 2010
"{90140000-00A1-0409-0000-0000000FF1CE}_Office14.SingleImage_{6BD185A0-E67F-4F77-8BCD-E34EA6AE76DF}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0115-0409-0000-0000000FF1CE}" = Microsoft Office Shared Setup Metadata MUI (English) 2010
"{90140000-0115-0409-0000-0000000FF1CE}_Office14.SingleImage_{4560037C-E356-444A-A015-D21F487D809E}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0116-0409-1000-0000000FF1CE}_Office14.SingleImage_{D6C6B46A-6CE1-4561-84A0-EFD58B8AB979}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0117-0409-0000-0000000FF1CE}" = Microsoft Office Access Setup Metadata MUI (English) 2010
"{90140000-0117-0409-0000-0000000FF1CE}_Office14.SingleImage_{6BD185A0-E67F-4F77-8BCD-E34EA6AE76DF}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{92EA4134-10D1-418A-91E1-5A0453131A38}" = Windows Live Movie Maker
"{9550EA6C-4CBE-C1F3-1E1C-5E87F2C645ED}" = CCC Help French
"{970472D0-F5F9-4158-A6E3-1AE49EFEF2D3}" = TOSHIBA Application Installer
"{97965331-BC5D-4D9F-B6DF-5C0A123E4AE0}" = TOSHIBA Hardware Setup
"{97F67013-3076-4261-DC10-808409655042}" = AMD VISION Engine Control Center
"{986BB897-C295-2FED-8DCA-4ADE3AFCEF84}" = CCC Help Russian
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{9D3D8C60-A55F-4fed-B2B9-173001290E16}" = Realtek WLAN Driver
"{9D56775A-93F3-44A3-8092-840E3826DE30}" = Windows Live Mail
"{A0C91188-C88F-4E86-93E6-CD7C9A266649}" = Windows Live Mesh
"{A4FF8F4E-D665-712B-07EE-F03ED360E9BE}" = CCC Help Italian
"{A726AE06-AAA3-43D1-87E3-70F510314F04}" = Windows Live Writer
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{A9BDCA6B-3653-467B-AC83-94367DA3BFE3}" = Windows Live Photo Common
"{AAAFC670-569B-4A2F-82B4-42945E0DE3EF}" = Windows Live Writer
"{AAF454FC-82CA-4F29-AB31-6A109485E76E}" = Windows Live Writer
"{AC6569FA-6919-442A-8552-073BE69E247A}" = TOSHIBA Service Station
"{AC76BA86-7AD7-FFFF-7B44-AA0000000001}" = Adobe Reader X MUI
"{ADB50F70-98FF-067F-DF39-47DD83E32D58}" = CCC Help Chinese Standard
"{AFF7E080-1974-45BF-9310-10DE1A1F5ED0}" = Adobe AIR
"{B65BBB06-1F8E-48F5-8A54-B024A9E15FDF}" = TOSHIBA Recovery Media Creator
"{B83FCE14-53D5-CBF8-87E9-59B8968ADB4C}" = CCC Help Norwegian
"{C2A276E3-154E-44DC-AAF1-FFDD7FD30E35}" = TOSHIBA Assist
"{C5A8DF48-580B-44D3-B2B2-E965A9368F28}" = LEGO® Harry Potter™: Years 1-4
"{C66824E4-CBB3-4851-BB3F-E8CFD6350923}" = Windows Live Mail
"{C78E3449-4F24-839B-5F7A-6911C67A5BE9}" = Catalyst Control Center Graphics Previews Common
"{CE95A79E-E4FC-4FFF-8A75-29F04B942FF2}" = Windows Live UX Platform
"{D0B44725-3666-492D-BEF6-587A14BD9BD9}" = MSVCRT_amd64
"{D436F577-1695-4D2F-8B44-AC76C99E0002}" = Windows Live Photo Common
"{D45240D3-B6B3-4FF9-B243-54ECE3E10066}" = Windows Live Communications Platform
"{D6E90970-BA9C-51AA-EFA2-9F80A7AE0956}" = CCC Help Thai
"{D826A52E-0AC9-5A55-61B8-0E088477A1B0}" = CCC Help Greek
"{DDC8BDEE-DCAC-404D-8257-3E8D4B782467}" = Windows Live Writer Resources
"{DECDCB7C-58CC-4865-91AF-627F9798FE48}" = Windows Live Mesh
"{E09C4DB7-630C-4F06-A631-8EA7239923AF}" = D3DX10
"{E5B21F11-6933-4E0B-A25C-7963E3C07D11}" = Windows Live Messenger
"{E69540AC-FFC3-5519-F925-5ACC8D20DED5}" = CCC Help Hungarian
"{E69992ED-A7F6-406C-9280-1C156417BC49}" = TOSHIBA Quality Application
"{E9D96BD5-7D33-7ED3-0A8E-229FA2524487}" = CCC Help Turkish
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F931F27F-A967-982A-9226-494787D5FBBB}" = CCC Help Japanese
"{FE044230-9CA5-43F7-9B58-5AC5A28A1F33}" = Windows Live Essentials
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
"Aleks 3.17" = Aleks 3.17
"Google Chrome" = Google Chrome
"INISAFE Mail v4" = INISAFE Mail v4
"InstallShield_{066CFFF8-12BF-4390-A673-75F95EFF188E}" = TOSHIBA Value Added Package
"InstallShield_{6F3C8901-EBD3-470D-87F8-AC210F6E5E02}" = TOSHIBA Web Camera Application
"InstallShield_{F67FA545-D8E5-4209-86B1-AEE045D1003F}" = TOSHIBA Face Recognition
"Kidzui" = Kidzui
"Malwarebytes' Anti-Malware_is1" = Malwarebytes Anti-Malware version 1.70.0.1100
"Office14.SingleImage" = Microsoft Office Home and Student 2010
"Revo Uninstaller" = Revo Uninstaller 1.94
"TOEFL Official Guide" = TOEFL Official Guide 2.05.0036
"WinLiveSuite" = Windows Live Essentials

========== Last 20 Event Log Errors ==========

[ Application Events ]
Error - 11/16/2012 8:07:21 PM | Computer Name = Jessie-PC | Source = Application Error | ID = 1000
Description = Faulting application name: svchost.exe, version: 6.1.7600.16385, time
stamp: 0x4a5bc3c5 Faulting module name: Flash10u.ocx, version: 10.3.181.34, time
stamp: 0x4e011a1d Exception code: 0xc0000005 Fault offset: 0x001a01a4 Faulting process
id: 0x804 Faulting application start time: 0x01cdc4550bd96b15 Faulting application
path: \\.\globalroot\systemroot\svchost.exe Faulting module path: C:\Windows\SysWOW64\Macromed\Flash\Flash10u.ocx
Report
Id: c1a6898d-304a-11e2-a701-00266c02aa68

Error - 11/16/2012 8:23:13 PM | Computer Name = Jessie-PC | Source = Application Error | ID = 1000
Description = Faulting application name: svchost.exe, version: 6.1.7600.16385, time
stamp: 0x4a5bc3c5 Faulting module name: Flash10u.ocx, version: 10.3.181.34, time
stamp: 0x4e011a1d Exception code: 0xc0000005 Fault offset: 0x00192a07 Faulting process
id: 0x1d88 Faulting application start time: 0x01cdc457c2673afb Faulting application
path: \\.\globalroot\systemroot\svchost.exe Faulting module path: C:\Windows\SysWOW64\Macromed\Flash\Flash10u.ocx
Report
Id: f8bad803-304c-11e2-a701-00266c02aa68

Error - 11/16/2012 9:42:52 PM | Computer Name = Jessie-PC | Source = Application Error | ID = 1000
Description = Faulting application name: svchost.exe, version: 6.1.7600.16385, time
stamp: 0x4a5bc3c5 Faulting module name: unknown, version: 0.0.0.0, time stamp: 0x00000000
Exception
code: 0xc0000005 Fault offset: 0x89708e85 Faulting process id: 0x1d6c Faulting application
start time: 0x01cdc45a1f440f12 Faulting application path: \\.\globalroot\systemroot\svchost.exe
Faulting
module path: unknown Report Id: 192e4732-3058-11e2-a701-00266c02aa68

Error - 11/16/2012 10:03:01 PM | Computer Name = Jessie-PC | Source = Application Error | ID = 1000
Description = Faulting application name: svchost.exe, version: 6.1.7600.16385, time
stamp: 0x4a5bc3c5 Faulting module name: Flash10u.ocx, version: 10.3.181.34, time
stamp: 0x4e011a1d Exception code: 0xc0000005 Fault offset: 0x001a01a4 Faulting process
id: 0x1b0c Faulting application start time: 0x01cdc4653a364687 Faulting application
path: \\.\globalroot\systemroot\svchost.exe Faulting module path: C:\Windows\SysWOW64\Macromed\Flash\Flash10u.ocx
Report
Id: ea103d95-305a-11e2-a701-00266c02aa68

Error - 11/16/2012 10:09:01 PM | Computer Name = Jessie-PC | Source = Customer Experience Improvement Program | ID = 1008
Description =

Error - 11/16/2012 10:58:58 PM | Computer Name = Jessie-PC | Source = Application Error | ID = 1000
Description = Faulting application name: svchost.exe, version: 6.1.7600.16385, time
stamp: 0x4a5bc3c5 Faulting module name: msvcrt.dll, version: 7.0.7601.17744, time
stamp: 0x4eeaf722 Exception code: 0xc0000005 Fault offset: 0x00009b60 Faulting process
id: 0x17b8 Faulting application start time: 0x01cdc467bf851ad0 Faulting application
path: \\.\globalroot\systemroot\svchost.exe Faulting module path: C:\windows\syswow64\msvcrt.dll
Report
Id: baa6bcdf-3062-11e2-a701-00266c02aa68

Error - 11/17/2012 9:36:54 AM | Computer Name = Jessie-PC | Source = WinMgmt | ID = 10
Description =

Error - 11/17/2012 12:06:52 PM | Computer Name = Jessie-PC | Source = Application Error | ID = 1000
Description = Faulting application name: svchost.exe, version: 6.1.7600.16385, time
stamp: 0x4a5bc3c5 Faulting module name: Flash10u.ocx, version: 10.3.181.34, time
stamp: 0x4e011a1d Exception code: 0xc0000005 Fault offset: 0x00192a07 Faulting process
id: 0x11cc Faulting application start time: 0x01cdc4c8876d381f Faulting application
path: \\.\globalroot\systemroot\svchost.exe Faulting module path: C:\Windows\SysWOW64\Macromed\Flash\Flash10u.ocx
Report
Id: cc820605-30d0-11e2-a776-00266c02aa68

Error - 11/17/2012 6:12:30 PM | Computer Name = Jessie-PC | Source = Customer Experience Improvement Program | ID = 1008
Description =

Error - 11/17/2012 6:51:37 PM | Computer Name = Jessie-PC | Source = Application Error | ID = 1000
Description = Faulting application name: svchost.exe, version: 6.1.7600.16385, time
stamp: 0x4a5bc3c5 Faulting module name: unknown, version: 0.0.0.0, time stamp: 0x00000000
Exception
code: 0xc0000005 Fault offset: 0x916fe5f8 Faulting process id: 0x1ee8 Faulting application
start time: 0x01cdc4ddf488259c Faulting application path: \\.\globalroot\systemroot\svchost.exe
Faulting
module path: unknown Report Id: 573e2f56-3109-11e2-a776-00266c02aa68

[ System Events ]
Error - 3/14/2013 8:03:16 AM | Computer Name = Jessie-PC | Source = DCOM | ID = 10005
Description =

Error - 3/14/2013 8:03:16 AM | Computer Name = Jessie-PC | Source = Service Control Manager | ID = 7001
Description = The Network List Service service depends on the Network Location Awareness
service which failed to start because of the following error: %%1068

Error - 3/14/2013 8:03:16 AM | Computer Name = Jessie-PC | Source = Service Control Manager | ID = 7001
Description = The Network List Service service depends on the Network Location Awareness
service which failed to start because of the following error: %%1068

Error - 3/14/2013 8:03:16 AM | Computer Name = Jessie-PC | Source = Service Control Manager | ID = 7001
Description = The Network List Service service depends on the Network Location Awareness
service which failed to start because of the following error: %%1068

Error - 3/14/2013 8:03:16 AM | Computer Name = Jessie-PC | Source = Service Control Manager | ID = 7001
Description = The Network List Service service depends on the Network Location Awareness
service which failed to start because of the following error: %%1068

Error - 3/14/2013 8:03:16 AM | Computer Name = Jessie-PC | Source = Service Control Manager | ID = 7001
Description = The Network List Service service depends on the Network Location Awareness
service which failed to start because of the following error: %%1068

Error - 3/14/2013 8:03:16 AM | Computer Name = Jessie-PC | Source = Service Control Manager | ID = 7001
Description = The Network List Service service depends on the Network Location Awareness
service which failed to start because of the following error: %%1068

Error - 3/14/2013 8:20:29 AM | Computer Name = Jessie-PC | Source = DCOM | ID = 10010
Description =

Error - 3/14/2013 8:47:14 AM | Computer Name = Jessie-PC | Source = DCOM | ID = 10010
Description =

Error - 3/14/2013 8:58:09 AM | Computer Name = Jessie-PC | Source = DCOM | ID = 10010
Description =


< End of report >





  • 0

#3
maliprog

maliprog

    Trusted Helper

  • Malware Removal
  • 6,172 posts
Hello jkabat and welcome to my office here at G2G! :)

My nick is maliprog and I'll be your technical support on this issue. Before we start please read my notes carefully:

NOTES:
  • Malware removal is NOT instantaneous, most infections require several courses of action to completely eradicate.
  • Absence of symptoms does not always mean the computer is clean
  • Kindly follow my instructions in the order posted. Order is crucial in cleaning process.
  • Please DO NOT run any scans or fix on your own without my direction.
  • Please read all of my response through at least once before attempting to follow the procedures described.
  • If there's anything you don't understand or isn't totally clear, please come back to me for clarification.
  • Please do not attach any log files to your replies unless I specifically ask you. Instead please copy and paste it to include the log in your reply.
  • You must reply within 3 days or your topic will be closed

Step 1

Download the latest version of TDSSKiller from here and save it to your Desktop.

  • Doubleclick on TDSSKiller.exe to run the application, then click on Change parameters.
  • Check the boxes beside:

    • Loaded modules

  • A reboot will be needed to apply the changes. Do it.
  • TDSSKiller will launch automatically after the reboot. Also your computer may seem very slow and unusable. This is normal. Give it enough time to load your background programs.
  • Then click on Change parameters in TDSSKiller.
  • Make sure to check:

    • Services and drivers
    • Boot sectors
    • Loaded modules
    • Verify Driver Digital Signature
    • Detect TDLFS file system

  • then click OK.
  • Click the Start Scan button to start the scan.
  • If a suspicious object is detected, the default action will be Skip
  • If malicious objects are found, they will show in the Scan results and offer three (3) options.
  • Ensure Cure is selected for malicious objects

    Posted Image
  • Click Continue then Reboot now to finish the cleaning process.
  • Note: If Cure is not available, please choose Skip instead, do not choose Delete unless instructed.
A report will be created in your root directory, (usually C:\\ folder) in the form of \"TDSSKiller.[Version]_[Date]_[Time]_log.txt\". Please copy and paste its contents on your next reply.

Step 2

Download and Install Combofix

Download ComboFix from one of the following locations:

Link 1
Link 2

VERY IMPORTANT !!! Save ComboFix.exe to your Desktop *

IMPORTANT - Disable your AntiVirus and AntiSpyware applications, usually via a right click on the System Tray icon. They may otherwise interfere with our tools. If you have difficulty properly disabling your protective programs, refer to this link here

  • Double click on ComboFix.exe & follow the prompts.
  • Accept the disclaimer and allow to update if it asks

    Posted Image

    Posted Image
  • When finished, it shall produce a log for you.
  • Please include the C:\ComboFix.txt in your next reply.

Notes:
1. Do not mouse-click Combofix's window while it is running. That may cause it to stall.
2. Do not "re-run" Combofix. If you have a problem, reply back for further instructions.
3. If after the reboot you get errors about programmes being marked for deletion just reboot your system once, that will cure it.


Please make sure you include the combo fix log in your next reply

Step 3

Please don't forget to include these items in your reply:

  • TDSSKiller log
  • Combofix log
It would be helpful if you could post each log in separate post using "Add Reply" button
  • 0

#4
jkabat

jkabat

    Member

  • Topic Starter
  • Member
  • PipPip
  • 98 posts
Maliprog,

Thank you for your help. I followed your instructions and will attach the TDSKiller logs.

When I ran combofix I ran into a problem. About 4 minutes into the process, around step 4 or 5, the blue screen of death came up and the computer shut down. All I could see was that it was dumping. Didn't have time to catch any numbers or codes.

Windows security essential continues to identify malicious objects.

IE seems to work fine. Haven't tried chrome.



Two KDSkiller logs to follow in individual posts.


  • 0

#5
jkabat

jkabat

    Member

  • Topic Starter
  • Member
  • PipPip
  • 98 posts
20:29:47.0289 1600 TDSS rootkit removing tool 2.8.16.0 Feb 11 2013 18:50:42
20:29:47.0617 1600 ============================================================
20:29:47.0617 1600 Current date / time: 2013/03/14 20:29:47.0617
20:29:47.0617 1600 SystemInfo:
20:29:47.0617 1600
20:29:47.0617 1600 OS Version: 6.1.7601 ServicePack: 1.0
20:29:47.0617 1600 Product type: Workstation
20:29:47.0617 1600 ComputerName: JESSIE-PC
20:29:47.0617 1600 UserName: Jessie
20:29:47.0617 1600 Windows directory: C:\windows
20:29:47.0617 1600 System windows directory: C:\windows
20:29:47.0617 1600 Running under WOW64
20:29:47.0617 1600 Processor architecture: Intel x64
20:29:47.0617 1600 Number of processors: 2
20:29:47.0617 1600 Page size: 0x1000
20:29:47.0617 1600 Boot type: Normal boot
20:29:47.0617 1600 ============================================================
20:29:50.0222 1600 Drive \Device\Harddisk0\DR0 - Size: 0x4A85D56000 (298.09 Gb), SectorSize: 0x200, Cylinders: 0x9801, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
20:29:50.0237 1600 ============================================================
20:29:50.0237 1600 \Device\Harddisk0\DR0:
20:29:50.0253 1600 MBR partitions:
20:29:50.0253 1600 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x2EE800, BlocksNum 0x234C4000
20:29:50.0253 1600 ============================================================
20:29:50.0347 1600 C: <-> \Device\Harddisk0\DR0\Partition1
20:29:50.0347 1600 ============================================================
20:29:50.0347 1600 Initialize success
20:29:50.0347 1600 ============================================================
20:30:06.0337 3020 Deinitialize success
  • 0

#6
jkabat

jkabat

    Member

  • Topic Starter
  • Member
  • PipPip
  • 98 posts
20:32:35.0365 2300 TDSS rootkit removing tool 2.8.16.0 Feb 11 2013 18:50:42
20:32:37.0378 2300 ============================================================
20:32:37.0378 2300 Current date / time: 2013/03/14 20:32:37.0378
20:32:37.0378 2300 SystemInfo:
20:32:37.0378 2300
20:32:37.0378 2300 OS Version: 6.1.7601 ServicePack: 1.0
20:32:37.0378 2300 Product type: Workstation
20:32:37.0378 2300 ComputerName: JESSIE-PC
20:32:37.0596 2300 UserName: Jessie
20:32:37.0612 2300 Windows directory: C:\windows
20:32:37.0612 2300 System windows directory: C:\windows
20:32:37.0612 2300 Running under WOW64
20:32:37.0612 2300 Processor architecture: Intel x64
20:32:37.0612 2300 Number of processors: 2
20:32:37.0612 2300 Page size: 0x1000
20:32:37.0612 2300 Boot type: Normal boot
20:32:37.0612 2300 ============================================================
20:33:08.0396 2300 BG loaded
20:33:09.0332 2300 Drive \Device\Harddisk0\DR0 - Size: 0x4A85D56000 (298.09 Gb), SectorSize: 0x200, Cylinders: 0x9801, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
20:33:09.0347 2300 ============================================================
20:33:09.0347 2300 \Device\Harddisk0\DR0:
20:33:09.0347 2300 MBR partitions:
20:33:09.0347 2300 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x2EE800, BlocksNum 0x234C4000
20:33:09.0347 2300 ============================================================
20:33:09.0441 2300 C: <-> \Device\Harddisk0\DR0\Partition1
20:33:09.0441 2300 ============================================================
20:33:09.0441 2300 Initialize success
20:33:09.0441 2300 ============================================================
20:33:40.0532 4568 ============================================================
20:33:40.0532 4568 Scan started
20:33:40.0532 4568 Mode: Manual; SigCheck; TDLFS;
20:33:40.0532 4568 ============================================================
20:33:43.0184 4568 ================ Scan system memory ========================
20:33:43.0184 4568 System memory - ok
20:33:43.0199 4568 ================ Scan services =============================
20:33:43.0402 4568 [ A87D604AEA360176311474C87A63BB88 ] 1394ohci C:\windows\system32\drivers\1394ohci.sys
20:33:43.0652 4568 1394ohci - ok
20:33:43.0777 4568 [ D81D9E70B8A6DD14D42D7B4EFA65D5F2 ] ACPI C:\windows\system32\drivers\ACPI.sys
20:33:43.0839 4568 ACPI - ok
20:33:43.0886 4568 [ 99F8E788246D495CE3794D7E7821D2CA ] AcpiPmi C:\windows\system32\drivers\acpipmi.sys
20:33:44.0057 4568 AcpiPmi - ok
20:33:44.0260 4568 [ EA856F4A46320389D1899B2CAA7BF40F ] AdobeFlashPlayerUpdateSvc C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
20:33:44.0338 4568 AdobeFlashPlayerUpdateSvc - ok
20:33:44.0416 4568 [ 2F6B34B83843F0C5118B63AC634F5BF4 ] adp94xx C:\windows\system32\drivers\adp94xx.sys
20:33:44.0479 4568 adp94xx - ok
20:33:44.0525 4568 [ 597F78224EE9224EA1A13D6350CED962 ] adpahci C:\windows\system32\drivers\adpahci.sys
20:33:44.0572 4568 adpahci - ok
20:33:44.0603 4568 [ E109549C90F62FB570B9540C4B148E54 ] adpu320 C:\windows\system32\drivers\adpu320.sys
20:33:44.0650 4568 adpu320 - ok
20:33:44.0697 4568 [ 4B78B431F225FD8624C5655CB1DE7B61 ] AeLookupSvc C:\windows\System32\aelupsvc.dll
20:33:45.0165 4568 AeLookupSvc - ok
20:33:45.0227 4568 [ 1C7857B62DE5994A75B054A9FD4C3825 ] AFD C:\windows\system32\drivers\afd.sys
20:33:45.0305 4568 AFD - ok
20:33:45.0352 4568 [ 608C14DBA7299D8CB6ED035A68A15799 ] agp440 C:\windows\system32\drivers\agp440.sys
20:33:45.0383 4568 agp440 - ok
20:33:45.0446 4568 [ 3290D6946B5E30E70414990574883DDB ] ALG C:\windows\System32\alg.exe
20:33:45.0711 4568 ALG - ok
20:33:45.0758 4568 [ 5812713A477A3AD7363C7438CA2EE038 ] aliide C:\windows\system32\drivers\aliide.sys
20:33:45.0789 4568 aliide - ok
20:33:45.0867 4568 [ 2F2E91FD092811353C3BC968BEC274D8 ] AMD External Events Utility C:\windows\system32\atiesrxx.exe
20:33:46.0023 4568 AMD External Events Utility - ok
20:33:46.0085 4568 [ 1FF8B4431C353CE385C875F194924C0C ] amdide C:\windows\system32\drivers\amdide.sys
20:33:46.0132 4568 amdide - ok
20:33:46.0163 4568 [ 7024F087CFF1833A806193EF9D22CDA9 ] AmdK8 C:\windows\system32\drivers\amdk8.sys
20:33:46.0226 4568 AmdK8 - ok
20:33:46.0522 4568 [ 194D76D2083318A2E7071A988E02ECF4 ] amdkmdag C:\windows\system32\DRIVERS\atikmdag.sys
20:33:46.0850 4568 amdkmdag - ok
20:33:46.0975 4568 [ 1EEFFCE9A3A65A56A28793EAA3F57026 ] amdkmdap C:\windows\system32\DRIVERS\atikmpag.sys
20:33:47.0037 4568 amdkmdap - ok
20:33:47.0068 4568 [ 1E56388B3FE0D031C44144EB8C4D6217 ] AmdPPM C:\windows\system32\DRIVERS\amdppm.sys
20:33:47.0115 4568 AmdPPM - ok
20:33:47.0146 4568 [ D4121AE6D0C0E7E13AA221AA57EF2D49 ] amdsata C:\windows\system32\drivers\amdsata.sys
20:33:47.0193 4568 amdsata - ok
20:33:47.0255 4568 [ F67F933E79241ED32FF46A4F29B5120B ] amdsbs C:\windows\system32\drivers\amdsbs.sys
20:33:47.0287 4568 amdsbs - ok
20:33:47.0318 4568 [ 540DAF1CEA6094886D72126FD7C33048 ] amdxata C:\windows\system32\drivers\amdxata.sys
20:33:47.0349 4568 amdxata - ok
20:33:47.0396 4568 [ 89A69C3F2F319B43379399547526D952 ] AppID C:\windows\system32\drivers\appid.sys
20:33:47.0568 4568 AppID - ok
20:33:47.0614 4568 [ 0BC381A15355A3982216F7172F545DE1 ] AppIDSvc C:\windows\System32\appidsvc.dll
20:33:47.0724 4568 AppIDSvc - ok
20:33:47.0755 4568 [ 3977D4A871CA0D4F2ED1E7DB46829731 ] Appinfo C:\windows\System32\appinfo.dll
20:33:47.0880 4568 Appinfo - ok
20:33:47.0926 4568 [ C484F8CEB1717C540242531DB7845C4E ] arc C:\windows\system32\drivers\arc.sys
20:33:47.0973 4568 arc - ok
20:33:48.0036 4568 [ 019AF6924AEFE7839F61C830227FE79C ] arcsas C:\windows\system32\drivers\arcsas.sys
20:33:48.0067 4568 arcsas - ok
20:33:48.0098 4568 [ 769765CE2CC62867468CEA93969B2242 ] AsyncMac C:\windows\system32\DRIVERS\asyncmac.sys
20:33:48.0223 4568 AsyncMac - ok
20:33:48.0270 4568 [ 02062C0B390B7729EDC9E69C680A6F3C ] atapi C:\windows\system32\drivers\atapi.sys
20:33:48.0301 4568 atapi - ok
20:33:48.0363 4568 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioEndpointBuilder C:\windows\System32\Audiosrv.dll
20:33:48.0472 4568 AudioEndpointBuilder - ok
20:33:48.0566 4568 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioSrv C:\windows\System32\Audiosrv.dll
20:33:48.0660 4568 AudioSrv - ok
20:33:48.0706 4568 [ A6BF31A71B409DFA8CAC83159E1E2AFF ] AxInstSV C:\windows\System32\AxInstSV.dll
20:33:48.0831 4568 AxInstSV - ok
20:33:48.0878 4568 [ 3E5B191307609F7514148C6832BB0842 ] b06bdrv C:\windows\system32\drivers\bxvbda.sys
20:33:48.0925 4568 b06bdrv - ok
20:33:48.0956 4568 [ B5ACE6968304A3900EEB1EBFD9622DF2 ] b57nd60a C:\windows\system32\DRIVERS\b57nd60a.sys
20:33:49.0003 4568 b57nd60a - ok
20:33:49.0096 4568 [ FDE360167101B4E45A96F939F388AEB0 ] BDESVC C:\windows\System32\bdesvc.dll
20:33:49.0174 4568 BDESVC - ok
20:33:49.0206 4568 [ 16A47CE2DECC9B099349A5F840654746 ] Beep C:\windows\system32\drivers\Beep.sys
20:33:49.0315 4568 Beep - ok
20:33:49.0377 4568 [ 82974D6A2FD19445CC5171FC378668A4 ] BFE C:\windows\System32\bfe.dll
20:33:49.0486 4568 BFE - ok
20:33:49.0596 4568 [ 1EA7969E3271CBC59E1730697DC74682 ] BITS C:\windows\System32\qmgr.dll
20:33:49.0876 4568 BITS - ok
20:33:49.0908 4568 [ 61583EE3C3A17003C4ACD0475646B4D3 ] blbdrive C:\windows\system32\DRIVERS\blbdrive.sys
20:33:49.0939 4568 blbdrive - ok
20:33:49.0986 4568 [ 6C02A83164F5CC0A262F4199F0871CF5 ] bowser C:\windows\system32\DRIVERS\bowser.sys
20:33:50.0048 4568 bowser - ok
20:33:50.0079 4568 [ F09EEE9EDC320B5E1501F749FDE686C8 ] BrFiltLo C:\windows\system32\drivers\BrFiltLo.sys
20:33:50.0142 4568 BrFiltLo - ok
20:33:50.0173 4568 [ B114D3098E9BDB8BEA8B053685831BE6 ] BrFiltUp C:\windows\system32\drivers\BrFiltUp.sys
20:33:50.0220 4568 BrFiltUp - ok
20:33:50.0235 4568 [ 5C2F352A4E961D72518261257AAE204B ] BridgeMP C:\windows\system32\DRIVERS\bridge.sys
20:33:50.0391 4568 BridgeMP - ok
20:33:50.0438 4568 [ 05F5A0D14A2EE1D8255C2AA0E9E8E694 ] Browser C:\windows\System32\browser.dll
20:33:50.0500 4568 Browser - ok
20:33:50.0578 4568 [ 43BEA8D483BF1870F018E2D02E06A5BD ] Brserid C:\windows\System32\Drivers\Brserid.sys
20:33:50.0656 4568 Brserid - ok
20:33:50.0734 4568 [ A6ECA2151B08A09CACECA35C07F05B42 ] BrSerWdm C:\windows\System32\Drivers\BrSerWdm.sys
20:33:50.0797 4568 BrSerWdm - ok
20:33:50.0828 4568 [ B79968002C277E869CF38BD22CD61524 ] BrUsbMdm C:\windows\System32\Drivers\BrUsbMdm.sys
20:33:50.0890 4568 BrUsbMdm - ok
20:33:50.0953 4568 [ A87528880231C54E75EA7A44943B38BF ] BrUsbSer C:\windows\System32\Drivers\BrUsbSer.sys
20:33:51.0031 4568 BrUsbSer - ok
20:33:51.0062 4568 [ 9DA669F11D1F894AB4EB69BF546A42E8 ] BTHMODEM C:\windows\system32\drivers\bthmodem.sys
20:33:51.0124 4568 BTHMODEM - ok
20:33:51.0234 4568 [ 95F9C2976059462CBBF227F7AAB10DE9 ] bthserv C:\windows\system32\bthserv.dll
20:33:51.0374 4568 bthserv - ok
20:33:51.0405 4568 [ B8BD2BB284668C84865658C77574381A ] cdfs C:\windows\system32\DRIVERS\cdfs.sys
20:33:51.0530 4568 cdfs - ok
20:33:52.0107 4568 [ F036CE71586E93D94DAB220D7BDF4416 ] cdrom C:\windows\system32\DRIVERS\cdrom.sys
20:33:52.0185 4568 cdrom - ok
20:33:52.0279 4568 [ F17D1D393BBC69C5322FBFAFACA28C7F ] CertPropSvc C:\windows\System32\certprop.dll
20:33:52.0466 4568 CertPropSvc - ok
20:33:52.0513 4568 [ D7CD5C4E1B71FA62050515314CFB52CF ] circlass C:\windows\system32\drivers\circlass.sys
20:33:52.0606 4568 circlass - ok
20:33:52.0747 4568 [ FE1EC06F2253F691FE36217C592A0206 ] CLFS C:\windows\system32\CLFS.sys
20:33:52.0825 4568 CLFS - ok
20:33:53.0106 4568 [ D88040F816FDA31C3B466F0FA0918F29 ] clr_optimization_v2.0.50727_32 C:\windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
20:33:53.0137 4568 clr_optimization_v2.0.50727_32 - ok
20:33:53.0184 4568 [ D1CEEA2B47CB998321C579651CE3E4F8 ] clr_optimization_v2.0.50727_64 C:\windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
20:33:53.0230 4568 clr_optimization_v2.0.50727_64 - ok
20:33:53.0308 4568 [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
20:33:53.0355 4568 clr_optimization_v4.0.30319_32 - ok
20:33:53.0433 4568 [ C6F9AF94DCD58122A4D7E89DB6BED29D ] clr_optimization_v4.0.30319_64 C:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
20:33:53.0464 4568 clr_optimization_v4.0.30319_64 - ok
20:33:53.0496 4568 [ 0840155D0BDDF1190F84A663C284BD33 ] CmBatt C:\windows\system32\DRIVERS\CmBatt.sys
20:33:53.0558 4568 CmBatt - ok
20:33:53.0589 4568 [ E19D3F095812725D88F9001985B94EDD ] cmdide C:\windows\system32\drivers\cmdide.sys
20:33:53.0620 4568 cmdide - ok
20:33:53.0698 4568 [ 9AC4F97C2D3E93367E2148EA940CD2CD ] CNG C:\windows\system32\Drivers\cng.sys
20:33:53.0792 4568 CNG - ok
20:33:53.0854 4568 [ 102DE219C3F61415F964C88E9085AD14 ] Compbatt C:\windows\system32\drivers\compbatt.sys
20:33:53.0886 4568 Compbatt - ok
20:33:53.0932 4568 [ 03EDB043586CCEBA243D689BDDA370A8 ] CompositeBus C:\windows\system32\DRIVERS\CompositeBus.sys
20:33:54.0120 4568 CompositeBus - ok
20:33:54.0135 4568 COMSysApp - ok
20:33:54.0244 4568 [ 1C827878A998C18847245FE1F34EE597 ] crcdisk C:\windows\system32\drivers\crcdisk.sys
20:33:54.0291 4568 crcdisk - ok
20:33:54.0416 4568 [ 9C01375BE382E834CC26D1B7EAF2C4FE ] CryptSvc C:\windows\system32\cryptsvc.dll
20:33:54.0525 4568 CryptSvc - ok
20:33:54.0650 4568 [ 5C627D1B1138676C0A7AB2C2C190D123 ] DcomLaunch C:\windows\system32\rpcss.dll
20:33:54.0775 4568 DcomLaunch - ok
20:33:54.0822 4568 [ 3CEC7631A84943677AA8FA8EE5B6B43D ] defragsvc C:\windows\System32\defragsvc.dll
20:33:54.0946 4568 defragsvc - ok
20:33:55.0009 4568 [ 9BB2EF44EAA163B29C4A4587887A0FE4 ] DfsC C:\windows\system32\Drivers\dfsc.sys
20:33:55.0243 4568 DfsC - ok
20:33:55.0399 4568 [ 43D808F5D9E1A18E5EEB5EBC83969E4E ] Dhcp C:\windows\system32\dhcpcore.dll
20:33:55.0508 4568 Dhcp - ok
20:33:55.0555 4568 [ 13096B05847EC78F0977F2C0F79E9AB3 ] discache C:\windows\system32\drivers\discache.sys
20:33:55.0695 4568 discache - ok
20:33:55.0742 4568 [ 9819EEE8B5EA3784EC4AF3B137A5244C ] Disk C:\windows\system32\drivers\disk.sys
20:33:55.0789 4568 Disk - ok
20:33:55.0867 4568 [ 16835866AAA693C7D7FCEBA8FFF706E4 ] Dnscache C:\windows\System32\dnsrslvr.dll
20:33:56.0085 4568 Dnscache - ok
20:33:56.0210 4568 [ B1FB3DDCA0FDF408750D5843591AFBC6 ] dot3svc C:\windows\System32\dot3svc.dll
20:33:56.0335 4568 dot3svc - ok
20:33:56.0413 4568 [ B26F4F737E8F9DF4F31AF6CF31D05820 ] DPS C:\windows\system32\dps.dll
20:33:56.0553 4568 DPS - ok
20:33:56.0600 4568 [ 9B19F34400D24DF84C858A421C205754 ] drmkaud C:\windows\system32\drivers\drmkaud.sys
20:33:56.0662 4568 drmkaud - ok
20:33:56.0709 4568 [ 85DBF6EC7BDFA6187F4A1EC8F3145CD0 ] DXGKrnl C:\windows\System32\drivers\dxgkrnl.sys
20:33:56.0803 4568 DXGKrnl - ok
20:33:56.0850 4568 [ E2DDA8726DA9CB5B2C4000C9018A9633 ] EapHost C:\windows\System32\eapsvc.dll
20:33:57.0115 4568 EapHost - ok
20:33:57.0302 4568 [ DC5D737F51BE844D8C82C695EB17372F ] ebdrv C:\windows\system32\drivers\evbda.sys
20:33:57.0692 4568 ebdrv - ok
20:33:57.0754 4568 [ C118A82CD78818C29AB228366EBF81C3 ] EFS C:\windows\System32\lsass.exe
20:33:57.0848 4568 EFS - ok
20:33:58.0020 4568 [ C4002B6B41975F057D98C439030CEA07 ] ehRecvr C:\windows\ehome\ehRecvr.exe
20:33:58.0191 4568 ehRecvr - ok
20:33:58.0300 4568 [ 4705E8EF9934482C5BB488CE28AFC681 ] ehSched C:\windows\ehome\ehsched.exe
20:33:58.0347 4568 ehSched - ok
20:33:58.0410 4568 [ 0E5DA5369A0FCAEA12456DD852545184 ] elxstor C:\windows\system32\drivers\elxstor.sys
20:33:58.0456 4568 elxstor - ok
20:33:58.0488 4568 [ 34A3C54752046E79A126E15C51DB409B ] ErrDev C:\windows\system32\drivers\errdev.sys
20:33:58.0581 4568 ErrDev - ok
20:33:58.0675 4568 [ 4166F82BE4D24938977DD1746BE9B8A0 ] EventSystem C:\windows\system32\es.dll
20:33:58.0800 4568 EventSystem - ok
20:33:58.0831 4568 [ A510C654EC00C1E9BDD91EEB3A59823B ] exfat C:\windows\system32\drivers\exfat.sys
20:33:58.0971 4568 exfat - ok
20:33:59.0018 4568 [ 0ADC83218B66A6DB380C330836F3E36D ] fastfat C:\windows\system32\drivers\fastfat.sys
20:33:59.0205 4568 fastfat - ok
20:33:59.0299 4568 [ DBEFD454F8318A0EF691FDD2EAAB44EB ] Fax C:\windows\system32\fxssvc.exe
20:33:59.0408 4568 Fax - ok
20:33:59.0470 4568 [ D765D19CD8EF61F650C384F62FAC00AB ] fdc C:\windows\system32\drivers\fdc.sys
20:33:59.0517 4568 fdc - ok
20:33:59.0564 4568 [ 0438CAB2E03F4FB61455A7956026FE86 ] fdPHost C:\windows\system32\fdPHost.dll
20:33:59.0704 4568 fdPHost - ok
20:33:59.0751 4568 [ 802496CB59A30349F9A6DD22D6947644 ] FDResPub C:\windows\system32\fdrespub.dll
20:33:59.0876 4568 FDResPub - ok
20:33:59.0923 4568 [ 655661BE46B5F5F3FD454E2C3095B930 ] FileInfo C:\windows\system32\drivers\fileinfo.sys
20:33:59.0970 4568 FileInfo - ok
20:34:00.0001 4568 [ 5F671AB5BC87EEA04EC38A6CD5962A47 ] Filetrace C:\windows\system32\drivers\filetrace.sys
20:34:00.0126 4568 Filetrace - ok
20:34:00.0157 4568 [ C172A0F53008EAEB8EA33FE10E177AF5 ] flpydisk C:\windows\system32\drivers\flpydisk.sys
20:34:00.0204 4568 flpydisk - ok
20:34:00.0297 4568 [ DA6B67270FD9DB3697B20FCE94950741 ] FltMgr C:\windows\system32\drivers\fltmgr.sys
20:34:00.0328 4568 FltMgr - ok
20:34:00.0391 4568 [ C4C183E6551084039EC862DA1C945E3D ] FontCache C:\windows\system32\FntCache.dll
20:34:00.0516 4568 FontCache - ok
20:34:00.0594 4568 [ A8B7F3818AB65695E3A0BB3279F6DCE6 ] FontCache3.0.0.0 C:\windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
20:34:00.0640 4568 FontCache3.0.0.0 - ok
20:34:00.0687 4568 [ D43703496149971890703B4B1B723EAC ] FsDepends C:\windows\system32\drivers\FsDepends.sys
20:34:00.0750 4568 FsDepends - ok
20:34:00.0765 4568 [ 6BD9295CC032DD3077C671FCCF579A7B ] Fs_Rec C:\windows\system32\drivers\Fs_Rec.sys
20:34:00.0796 4568 Fs_Rec - ok
20:34:00.0859 4568 [ 1F7B25B858FA27015169FE95E54108ED ] fvevol C:\windows\system32\DRIVERS\fvevol.sys
20:34:00.0921 4568 fvevol - ok
20:34:00.0968 4568 [ 60ACB128E64C35C2B4E4AAB1B0A5C293 ] FwLnk C:\windows\system32\DRIVERS\FwLnk.sys
20:34:01.0015 4568 FwLnk - ok
20:34:01.0093 4568 [ 8C778D335C9D272CFD3298AB02ABE3B6 ] gagp30kx C:\windows\system32\drivers\gagp30kx.sys
20:34:01.0140 4568 gagp30kx - ok
20:34:01.0264 4568 [ 277BBC7E1AA1EE957F573A10ECA7EF3A ] gpsvc C:\windows\System32\gpsvc.dll
20:34:01.0436 4568 gpsvc - ok
20:34:01.0514 4568 [ F02A533F517EB38333CB12A9E8963773 ] gupdate C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
20:34:01.0670 4568 gupdate - ok
20:34:01.0686 4568 [ F02A533F517EB38333CB12A9E8963773 ] gupdatem C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
20:34:01.0717 4568 gupdatem - ok
20:34:01.0779 4568 [ 5D4BC124FAAE6730AC002CDB67BF1A1C ] gusvc C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
20:34:01.0857 4568 gusvc - ok
20:34:01.0904 4568 [ F2523EF6460FC42405B12248338AB2F0 ] hcw85cir C:\windows\system32\drivers\hcw85cir.sys
20:34:02.0013 4568 hcw85cir - ok
20:34:02.0091 4568 [ 975761C778E33CD22498059B91E7373A ] HdAudAddService C:\windows\system32\drivers\HdAudio.sys
20:34:02.0154 4568 HdAudAddService - ok
20:34:02.0200 4568 [ 97BFED39B6B79EB12CDDBFEED51F56BB ] HDAudBus C:\windows\system32\DRIVERS\HDAudBus.sys
20:34:02.0372 4568 HDAudBus - ok
20:34:02.0419 4568 [ 78E86380454A7B10A5EB255DC44A355F ] HidBatt C:\windows\system32\drivers\HidBatt.sys
20:34:02.0497 4568 HidBatt - ok
20:34:02.0528 4568 [ 7FD2A313F7AFE5C4DAB14798C48DD104 ] HidBth C:\windows\system32\drivers\hidbth.sys
20:34:02.0606 4568 HidBth - ok
20:34:02.0653 4568 [ 0A77D29F311B88CFAE3B13F9C1A73825 ] HidIr C:\windows\system32\drivers\hidir.sys
20:34:02.0700 4568 HidIr - ok
20:34:02.0746 4568 [ BD9EB3958F213F96B97B1D897DEE006D ] hidserv C:\windows\System32\hidserv.dll
20:34:02.0856 4568 hidserv - ok
20:34:02.0918 4568 [ 9592090A7E2B61CD582B612B6DF70536 ] HidUsb C:\windows\system32\DRIVERS\hidusb.sys
20:34:02.0949 4568 HidUsb - ok
20:34:02.0996 4568 [ 387E72E739E15E3D37907A86D9FF98E2 ] hkmsvc C:\windows\system32\kmsvc.dll
20:34:03.0136 4568 hkmsvc - ok
20:34:03.0199 4568 [ EFDFB3DD38A4376F93E7985173813ABD ] HomeGroupListener C:\windows\system32\ListSvc.dll
20:34:03.0308 4568 HomeGroupListener - ok
20:34:03.0355 4568 [ 908ACB1F594274965A53926B10C81E89 ] HomeGroupProvider C:\windows\system32\provsvc.dll
20:34:03.0495 4568 HomeGroupProvider - ok
20:34:03.0573 4568 [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC ] HpSAMD C:\windows\system32\drivers\HpSAMD.sys
20:34:03.0620 4568 HpSAMD - ok
20:34:03.0682 4568 [ 0EA7DE1ACB728DD5A369FD742D6EEE28 ] HTTP C:\windows\system32\drivers\HTTP.sys
20:34:03.0854 4568 HTTP - ok
20:34:03.0932 4568 [ A5462BD6884960C9DC85ED49D34FF392 ] hwpolicy C:\windows\system32\drivers\hwpolicy.sys
20:34:03.0963 4568 hwpolicy - ok
20:34:03.0994 4568 [ FA55C73D4AFFA7EE23AC4BE53B4592D3 ] i8042prt C:\windows\system32\DRIVERS\i8042prt.sys
20:34:04.0026 4568 i8042prt - ok
20:34:04.0088 4568 [ AAAF44DB3BD0B9D1FB6969B23ECC8366 ] iaStorV C:\windows\system32\drivers\iaStorV.sys
20:34:04.0135 4568 iaStorV - ok
20:34:04.0306 4568 [ 5988FC40F8DB5B0739CD1E3A5D0D78BD ] idsvc C:\windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
20:34:04.0353 4568 idsvc - ok
20:34:04.0416 4568 [ 5C18831C61933628F5BB0EA2675B9D21 ] iirsp C:\windows\system32\drivers\iirsp.sys
20:34:04.0462 4568 iirsp - ok
20:34:04.0525 4568 [ FCD84C381E0140AF901E58D48882D26B ] IKEEXT C:\windows\System32\ikeext.dll
20:34:04.0696 4568 IKEEXT - ok
20:34:04.0821 4568 [ 0A30A899C6295F908729EDA7F95615A8 ] IntcAzAudAddService C:\windows\system32\drivers\RTKVHD64.sys
20:34:05.0024 4568 IntcAzAudAddService - ok
20:34:05.0071 4568 [ F00F20E70C6EC3AA366910083A0518AA ] intelide C:\windows\system32\drivers\intelide.sys
20:34:05.0133 4568 intelide - ok
20:34:05.0180 4568 [ ADA036632C664CAA754079041CF1F8C1 ] intelppm C:\windows\system32\drivers\intelppm.sys
20:34:05.0258 4568 intelppm - ok
20:34:05.0289 4568 [ 098A91C54546A3B878DAD6A7E90A455B ] IPBusEnum C:\windows\system32\ipbusenum.dll
20:34:05.0414 4568 IPBusEnum - ok
20:34:05.0445 4568 [ C9F0E1BD74365A8771590E9008D22AB6 ] IpFilterDriver C:\windows\system32\DRIVERS\ipfltdrv.sys
20:34:05.0586 4568 IpFilterDriver - ok
20:34:05.0742 4568 [ 08C2957BB30058E663720C5606885653 ] iphlpsvc C:\windows\System32\iphlpsvc.dll
20:34:05.0851 4568 iphlpsvc - ok
20:34:05.0960 4568 [ 0FC1AEA580957AA8817B8F305D18CA3A ] IPMIDRV C:\windows\system32\drivers\IPMIDrv.sys
20:34:06.0038 4568 IPMIDRV - ok
20:34:06.0085 4568 [ AF9B39A7E7B6CAA203B3862582E9F2D0 ] IPNAT C:\windows\system32\drivers\ipnat.sys
20:34:06.0210 4568 IPNAT - ok
20:34:06.0241 4568 [ 3ABF5E7213EB28966D55D58B515D5CE9 ] IRENUM C:\windows\system32\drivers\irenum.sys
20:34:06.0319 4568 IRENUM - ok
20:34:06.0366 4568 [ 2F7B28DC3E1183E5EB418DF55C204F38 ] isapnp C:\windows\system32\drivers\isapnp.sys
20:34:06.0397 4568 isapnp - ok
20:34:06.0490 4568 [ D931D7309DEB2317035B07C9F9E6B0BD ] iScsiPrt C:\windows\system32\drivers\msiscsi.sys
20:34:06.0553 4568 iScsiPrt - ok
20:34:06.0615 4568 [ BC02336F1CBA7DCC7D1213BB588A68A5 ] kbdclass C:\windows\system32\DRIVERS\kbdclass.sys
20:34:06.0678 4568 kbdclass - ok
20:34:06.0709 4568 [ 0705EFF5B42A9DB58548EEC3B26BB484 ] kbdhid C:\windows\system32\drivers\kbdhid.sys
20:34:06.0771 4568 kbdhid - ok
20:34:06.0818 4568 [ C118A82CD78818C29AB228366EBF81C3 ] KeyIso C:\windows\system32\lsass.exe
20:34:06.0849 4568 KeyIso - ok
20:34:06.0896 4568 [ 97A7070AEA4C058B6418519E869A63B4 ] KSecDD C:\windows\system32\Drivers\ksecdd.sys
20:34:06.0927 4568 KSecDD - ok
20:34:06.0958 4568 [ 26C43A7C2862447EC59DEDA188D1DA07 ] KSecPkg C:\windows\system32\Drivers\ksecpkg.sys
20:34:06.0990 4568 KSecPkg - ok
20:34:07.0052 4568 [ 6869281E78CB31A43E969F06B57347C4 ] ksthunk C:\windows\system32\drivers\ksthunk.sys
20:34:07.0161 4568 ksthunk - ok
20:34:07.0286 4568 [ 6AB66E16AA859232F64DEB66887A8C9C ] KtmRm C:\windows\system32\msdtckrm.dll
20:34:07.0442 4568 KtmRm - ok
20:34:07.0489 4568 [ D9F42719019740BAA6D1C6D536CBDAA6 ] LanmanServer C:\windows\System32\srvsvc.dll
20:34:07.0660 4568 LanmanServer - ok
20:34:07.0723 4568 [ 851A1382EED3E3A7476DB004F4EE3E1A ] LanmanWorkstation C:\windows\System32\wkssvc.dll
20:34:07.0848 4568 LanmanWorkstation - ok
20:34:07.0926 4568 [ 1538831CF8AD2979A04C423779465827 ] lltdio C:\windows\system32\DRIVERS\lltdio.sys
20:34:08.0050 4568 lltdio - ok
20:34:08.0097 4568 [ C1185803384AB3FEED115F79F109427F ] lltdsvc C:\windows\System32\lltdsvc.dll
20:34:08.0238 4568 lltdsvc - ok
20:34:08.0284 4568 [ F993A32249B66C9D622EA5592A8B76B8 ] lmhosts C:\windows\System32\lmhsvc.dll
20:34:08.0378 4568 lmhosts - ok
20:34:08.0456 4568 [ 1A93E54EB0ECE102495A51266DCDB6A6 ] LSI_FC C:\windows\system32\drivers\lsi_fc.sys
20:34:08.0503 4568 LSI_FC - ok
20:34:08.0534 4568 [ 1047184A9FDC8BDBFF857175875EE810 ] LSI_SAS C:\windows\system32\drivers\lsi_sas.sys
20:34:08.0581 4568 LSI_SAS - ok
20:34:08.0612 4568 [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93 ] LSI_SAS2 C:\windows\system32\drivers\lsi_sas2.sys
20:34:08.0690 4568 LSI_SAS2 - ok
20:34:08.0721 4568 [ 0504EACAFF0D3C8AED161C4B0D369D4A ] LSI_SCSI C:\windows\system32\drivers\lsi_scsi.sys
20:34:08.0752 4568 LSI_SCSI - ok
20:34:08.0799 4568 [ 43D0F98E1D56CCDDB0D5254CFF7B356E ] luafv C:\windows\system32\drivers\luafv.sys
20:34:08.0908 4568 luafv - ok
20:34:08.0971 4568 [ 92EB844D90615CB266F84C3202B8786E ] MBAMProtector C:\windows\system32\drivers\mbam.sys
20:34:09.0018 4568 MBAMProtector - ok
20:34:09.0080 4568 [ 1ACAA67676E9E7BDA5E0C41B6E0DECAF ] MBAMScheduler C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
20:34:09.0111 4568 MBAMScheduler - ok
20:34:09.0189 4568 [ 916B8954AC3E06DC9E898AFFB41F3FB6 ] MBAMService C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
20:34:09.0236 4568 MBAMService - ok
20:34:09.0298 4568 [ 0BE09CD858ABF9DF6ED259D57A1A1663 ] Mcx2Svc C:\windows\system32\Mcx2Svc.dll
20:34:09.0408 4568 Mcx2Svc - ok
20:34:09.0439 4568 [ A55805F747C6EDB6A9080D7C633BD0F4 ] megasas C:\windows\system32\drivers\megasas.sys
20:34:09.0470 4568 megasas - ok
20:34:09.0548 4568 [ BAF74CE0072480C3B6B7C13B2A94D6B3 ] MegaSR C:\windows\system32\drivers\MegaSR.sys
20:34:09.0579 4568 MegaSR - ok
20:34:09.0626 4568 [ E40E80D0304A73E8D269F7141D77250B ] MMCSS C:\windows\system32\mmcss.dll
20:34:09.0844 4568 MMCSS - ok
20:34:09.0907 4568 [ 800BA92F7010378B09F9ED9270F07137 ] Modem C:\windows\system32\drivers\modem.sys
20:34:10.0016 4568 Modem - ok
20:34:10.0047 4568 [ B03D591DC7DA45ECE20B3B467E6AADAA ] monitor C:\windows\system32\DRIVERS\monitor.sys
20:34:10.0094 4568 monitor - ok
20:34:10.0141 4568 [ 7D27EA49F3C1F687D357E77A470AEA99 ] mouclass C:\windows\system32\DRIVERS\mouclass.sys
20:34:10.0172 4568 mouclass - ok
20:34:10.0219 4568 [ D3BF052C40B0C4166D9FD86A4288C1E6 ] mouhid C:\windows\system32\DRIVERS\mouhid.sys
20:34:10.0281 4568 mouhid - ok
20:34:10.0328 4568 [ 32E7A3D591D671A6DF2DB515A5CBE0FA ] mountmgr C:\windows\system32\drivers\mountmgr.sys
20:34:10.0390 4568 mountmgr - ok
20:34:10.0468 4568 [ F8A10560B35C66F9DE212F03DAD5BFA7 ] MpFilter C:\windows\system32\DRIVERS\MpFilter.sys
20:34:10.0562 4568 MpFilter - ok
20:34:10.0609 4568 [ A44B420D30BD56E145D6A2BC8768EC58 ] mpio C:\windows\system32\drivers\mpio.sys
20:34:10.0687 4568 mpio - ok
20:34:10.0890 4568 [ 0EBB390B7AEEC45EC061D9870A34FD42 ] MpKslb5551029 c:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{B1AD65C3-89D0-4093-9CC1-B3FC82BB674A}\MpKslb5551029.sys
20:34:10.0921 4568 MpKslb5551029 - ok
20:34:10.0968 4568 [ 6C38C9E45AE0EA2FA5E551F2ED5E978F ] mpsdrv C:\windows\system32\drivers\mpsdrv.sys
20:34:11.0092 4568 mpsdrv - ok
20:34:11.0170 4568 [ 54FFC9C8898113ACE189D4AA7199D2C1 ] MpsSvc C:\windows\system32\mpssvc.dll
20:34:11.0311 4568 MpsSvc - ok
20:34:11.0358 4568 [ DC722758B8261E1ABAFD31A3C0A66380 ] MRxDAV C:\windows\system32\drivers\mrxdav.sys
20:34:11.0436 4568 MRxDAV - ok
20:34:11.0482 4568 [ A5D9106A73DC88564C825D317CAC68AC ] mrxsmb C:\windows\system32\DRIVERS\mrxsmb.sys
20:34:11.0560 4568 mrxsmb - ok
20:34:11.0623 4568 [ D711B3C1D5F42C0C2415687BE09FC163 ] mrxsmb10 C:\windows\system32\DRIVERS\mrxsmb10.sys
20:34:11.0685 4568 mrxsmb10 - ok
20:34:11.0732 4568 [ 9423E9D355C8D303E76B8CFBD8A5C30C ] mrxsmb20 C:\windows\system32\DRIVERS\mrxsmb20.sys
20:34:11.0810 4568 mrxsmb20 - ok
20:34:11.0857 4568 [ C25F0BAFA182CBCA2DD3C851C2E75796 ] msahci C:\windows\system32\drivers\msahci.sys
20:34:11.0888 4568 msahci - ok
20:34:11.0919 4568 [ DB801A638D011B9633829EB6F663C900 ] msdsm C:\windows\system32\drivers\msdsm.sys
20:34:11.0950 4568 msdsm - ok
20:34:11.0997 4568 [ DE0ECE52236CFA3ED2DBFC03F28253A8 ] MSDTC C:\windows\System32\msdtc.exe
20:34:12.0044 4568 MSDTC - ok
20:34:12.0106 4568 [ AA3FB40E17CE1388FA1BEDAB50EA8F96 ] Msfs C:\windows\system32\drivers\Msfs.sys
20:34:12.0200 4568 Msfs - ok
20:34:12.0231 4568 [ F9D215A46A8B9753F61767FA72A20326 ] mshidkmdf C:\windows\System32\drivers\mshidkmdf.sys
20:34:12.0325 4568 mshidkmdf - ok
20:34:12.0356 4568 [ D916874BBD4F8B07BFB7FA9B3CCAE29D ] msisadrv C:\windows\system32\drivers\msisadrv.sys
20:34:12.0387 4568 msisadrv - ok
20:34:12.0434 4568 [ 808E98FF49B155C522E6400953177B08 ] MSiSCSI C:\windows\system32\iscsiexe.dll
20:34:12.0559 4568 MSiSCSI - ok
20:34:12.0574 4568 msiserver - ok
20:34:12.0606 4568 [ 49CCF2C4FEA34FFAD8B1B59D49439366 ] MSKSSRV C:\windows\system32\drivers\MSKSSRV.sys
20:34:12.0762 4568 MSKSSRV - ok
20:34:12.0855 4568 [ E07DEC52FF801841BA9B6878A60304FB ] MsMpSvc c:\Program Files\Microsoft Security Client\MsMpEng.exe
20:34:12.0871 4568 MsMpSvc - ok
20:34:12.0933 4568 [ BDD71ACE35A232104DDD349EE70E1AB3 ] MSPCLOCK C:\windows\system32\drivers\MSPCLOCK.sys
20:34:13.0074 4568 MSPCLOCK - ok
20:34:13.0105 4568 [ 4ED981241DB27C3383D72092B618A1D0 ] MSPQM C:\windows\system32\drivers\MSPQM.sys
20:34:13.0261 4568 MSPQM - ok
20:34:13.0308 4568 [ 759A9EEB0FA9ED79DA1FB7D4EF78866D ] MsRPC C:\windows\system32\drivers\MsRPC.sys
20:34:13.0370 4568 MsRPC - ok
20:34:13.0417 4568 [ 0EED230E37515A0EAEE3C2E1BC97B288 ] mssmbios C:\windows\system32\DRIVERS\mssmbios.sys
20:34:13.0479 4568 mssmbios - ok
20:34:13.0510 4568 [ 2E66F9ECB30B4221A318C92AC2250779 ] MSTEE C:\windows\system32\drivers\MSTEE.sys
20:34:13.0822 4568 MSTEE - ok
20:34:13.0854 4568 [ 7EA404308934E675BFFDE8EDF0757BCD ] MTConfig C:\windows\system32\drivers\MTConfig.sys
20:34:13.0900 4568 MTConfig - ok
20:34:13.0978 4568 [ F9A18612FD3526FE473C1BDA678D61C8 ] Mup C:\windows\system32\Drivers\mup.sys
20:34:14.0010 4568 Mup - ok
20:34:14.0072 4568 [ 582AC6D9873E31DFA28A4547270862DD ] napagent C:\windows\system32\qagentRT.dll
20:34:14.0197 4568 napagent - ok
20:34:14.0322 4568 [ 1EA3749C4114DB3E3161156FFFFA6B33 ] NativeWifiP C:\windows\system32\DRIVERS\nwifi.sys
20:34:14.0384 4568 NativeWifiP - ok
20:34:14.0462 4568 [ 760E38053BF56E501D562B70AD796B88 ] NDIS C:\windows\system32\drivers\ndis.sys
20:34:14.0540 4568 NDIS - ok
20:34:14.0587 4568 [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC ] NdisCap C:\windows\system32\DRIVERS\ndiscap.sys
20:34:14.0696 4568 NdisCap - ok
20:34:14.0727 4568 [ 30639C932D9FEF22B31268FE25A1B6E5 ] NdisTapi C:\windows\system32\DRIVERS\ndistapi.sys
20:34:14.0836 4568 NdisTapi - ok
20:34:14.0868 4568 [ 136185F9FB2CC61E573E676AA5402356 ] Ndisuio C:\windows\system32\DRIVERS\ndisuio.sys
20:34:15.0039 4568 Ndisuio - ok
20:34:15.0102 4568 [ 53F7305169863F0A2BDDC49E116C2E11 ] NdisWan C:\windows\system32\DRIVERS\ndiswan.sys
20:34:15.0195 4568 NdisWan - ok
20:34:15.0226 4568 [ 015C0D8E0E0421B4CFD48CFFE2825879 ] NDProxy C:\windows\system32\drivers\NDProxy.sys
20:34:15.0336 4568 NDProxy - ok
20:34:15.0367 4568 [ 86743D9F5D2B1048062B14B1D84501C4 ] NetBIOS C:\windows\system32\DRIVERS\netbios.sys
20:34:15.0507 4568 NetBIOS - ok
20:34:15.0570 4568 [ 09594D1089C523423B32A4229263F068 ] NetBT C:\windows\system32\DRIVERS\netbt.sys
20:34:15.0679 4568 NetBT - ok
20:34:15.0710 4568 [ C118A82CD78818C29AB228366EBF81C3 ] Netlogon C:\windows\system32\lsass.exe
20:34:15.0757 4568 Netlogon - ok
20:34:15.0804 4568 [ 847D3AE376C0817161A14A82C8922A9E ] Netman C:\windows\System32\netman.dll
20:34:15.0928 4568 Netman - ok
20:34:15.0991 4568 [ 5F28111C648F1E24F7DBC87CDEB091B8 ] netprofm C:\windows\System32\netprofm.dll
20:34:16.0116 4568 netprofm - ok
20:34:16.0162 4568 [ 3E5A36127E201DDF663176B66828FAFE ] NetTcpPortSharing C:\windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe
20:34:16.0209 4568 NetTcpPortSharing - ok
20:34:16.0272 4568 [ 77889813BE4D166CDAB78DDBA990DA92 ] nfrd960 C:\windows\system32\drivers\nfrd960.sys
20:34:16.0303 4568 nfrd960 - ok
20:34:16.0381 4568 [ 162100E0BC8377710F9D170631921C03 ] NisDrv C:\windows\system32\DRIVERS\NisDrvWFP.sys
20:34:16.0428 4568 NisDrv - ok
20:34:16.0459 4568 [ C6E15F2F95F9C0A6098D43510B604E52 ] NisSrv c:\Program Files\Microsoft Security Client\NisSrv.exe
20:34:16.0506 4568 NisSrv - ok
20:34:16.0552 4568 [ 8AD77806D336673F270DB31645267293 ] NlaSvc C:\windows\System32\nlasvc.dll
20:34:16.0599 4568 NlaSvc - ok
20:34:16.0662 4568 [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7 ] Npfs C:\windows\system32\drivers\Npfs.sys
20:34:16.0771 4568 Npfs - ok
20:34:16.0849 4568 [ D54BFDF3E0C953F823B3D0BFE4732528 ] nsi C:\windows\system32\nsisvc.dll
20:34:16.0958 4568 nsi - ok
20:34:17.0005 4568 [ E7F5AE18AF4168178A642A9247C63001 ] nsiproxy C:\windows\system32\drivers\nsiproxy.sys
20:34:17.0130 4568 nsiproxy - ok
20:34:17.0348 4568 [ E453ACF4E7D44E5530B5D5F2B9CA8563 ] Ntfs C:\windows\system32\drivers\Ntfs.sys
20:34:17.0473 4568 Ntfs - ok
20:34:17.0520 4568 [ 9899284589F75FA8724FF3D16AED75C1 ] Null C:\windows\system32\drivers\Null.sys
20:34:17.0644 4568 Null - ok
20:34:17.0722 4568 [ 0A92CB65770442ED0DC44834632F66AD ] nvraid C:\windows\system32\drivers\nvraid.sys
20:34:17.0754 4568 nvraid - ok
20:34:17.0832 4568 [ DAB0E87525C10052BF65F06152F37E4A ] nvstor C:\windows\system32\drivers\nvstor.sys
20:34:17.0894 4568 nvstor - ok
20:34:17.0925 4568 [ 270D7CD42D6E3979F6DD0146650F0E05 ] nv_agp C:\windows\system32\drivers\nv_agp.sys
20:34:17.0956 4568 nv_agp - ok
20:34:18.0003 4568 [ 3589478E4B22CE21B41FA1BFC0B8B8A0 ] ohci1394 C:\windows\system32\drivers\ohci1394.sys
20:34:18.0034 4568 ohci1394 - ok
20:34:18.0097 4568 [ 9D10F99A6712E28F8ACD5641E3A7EA6B ] ose C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
20:34:18.0128 4568 ose - ok
20:34:18.0378 4568 [ 61BFFB5F57AD12F83AB64B7181829B34 ] osppsvc C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
20:34:18.0690 4568 osppsvc - ok
20:34:18.0768 4568 [ 3EAC4455472CC2C97107B5291E0DCAFE ] p2pimsvc C:\windows\system32\pnrpsvc.dll
20:34:18.0861 4568 p2pimsvc - ok
20:34:18.0955 4568 [ 927463ECB02179F88E4B9A17568C63C3 ] p2psvc C:\windows\system32\p2psvc.dll
20:34:19.0002 4568 p2psvc - ok
20:34:19.0048 4568 [ 0086431C29C35BE1DBC43F52CC273887 ] Parport C:\windows\system32\drivers\parport.sys
20:34:19.0080 4568 Parport - ok
20:34:19.0126 4568 [ E9766131EEADE40A27DC27D2D68FBA9C ] partmgr C:\windows\system32\drivers\partmgr.sys
20:34:19.0173 4568 partmgr - ok
20:34:19.0236 4568 [ 3AEAA8B561E63452C655DC0584922257 ] PcaSvc C:\windows\System32\pcasvc.dll
20:34:19.0314 4568 PcaSvc - ok
20:34:19.0376 4568 [ 94575C0571D1462A0F70BDE6BD6EE6B3 ] pci C:\windows\system32\drivers\pci.sys
20:34:19.0407 4568 pci - ok
20:34:19.0438 4568 [ B5B8B5EF2E5CB34DF8DCF8831E3534FA ] pciide C:\windows\system32\DRIVERS\pciide.sys
20:34:19.0485 4568 pciide - ok
20:34:19.0516 4568 [ B2E81D4E87CE48589F98CB8C05B01F2F ] pcmcia C:\windows\system32\drivers\pcmcia.sys
20:34:19.0594 4568 pcmcia - ok
20:34:19.0657 4568 [ D6B9C2E1A11A3A4B26A182FFEF18F603 ] pcw C:\windows\system32\drivers\pcw.sys
20:34:19.0688 4568 pcw - ok
20:34:19.0750 4568 [ 68769C3356B3BE5D1C732C97B9A80D6E ] PEAUTH C:\windows\system32\drivers\peauth.sys
20:34:19.0891 4568 PEAUTH - ok
20:34:20.0016 4568 [ E495E408C93141E8FC72DC0C6046DDFA ] PerfHost C:\windows\SysWow64\perfhost.exe
20:34:20.0062 4568 PerfHost - ok
20:34:20.0140 4568 [ 91111CEBBDE8015E822C46120ED9537C ] PGEffect C:\windows\system32\DRIVERS\pgeffect.sys
20:34:20.0172 4568 PGEffect - ok
20:34:20.0250 4568 [ C7CF6A6E137463219E1259E3F0F0DD6C ] pla C:\windows\system32\pla.dll
20:34:20.0406 4568 pla - ok
20:34:20.0530 4568 [ 25FBDEF06C4D92815B353F6E792C8129 ] PlugPlay C:\windows\system32\umpnpmgr.dll
20:34:20.0593 4568 PlugPlay - ok
20:34:20.0655 4568 [ 7195581CEC9BB7D12ABE54036ACC2E38 ] PNRPAutoReg C:\windows\system32\pnrpauto.dll
20:34:20.0702 4568 PNRPAutoReg - ok
20:34:20.0780 4568 [ 3EAC4455472CC2C97107B5291E0DCAFE ] PNRPsvc C:\windows\system32\pnrpsvc.dll
20:34:20.0811 4568 PNRPsvc - ok
20:34:20.0889 4568 [ 4F15D75ADF6156BF56ECED6D4A55C389 ] PolicyAgent C:\windows\System32\ipsecsvc.dll
20:34:21.0154 4568 PolicyAgent - ok
20:34:21.0201 4568 [ 6BA9D927DDED70BD1A9CADED45F8B184 ] Power C:\windows\system32\umpo.dll
20:34:21.0310 4568 Power - ok
20:34:21.0373 4568 [ F92A2C41117A11A00BE01CA01A7FCDE9 ] PptpMiniport C:\windows\system32\DRIVERS\raspptp.sys
20:34:21.0482 4568 PptpMiniport - ok
20:34:21.0529 4568 [ 0D922E23C041EFB1C3FAC2A6F943C9BF ] Processor C:\windows\system32\drivers\processr.sys
20:34:21.0638 4568 Processor - ok
20:34:21.0700 4568 [ 53E83F1F6CF9D62F32801CF66D8352A8 ] ProfSvc C:\windows\system32\profsvc.dll
20:34:21.0794 4568 ProfSvc - ok
20:34:21.0856 4568 [ C118A82CD78818C29AB228366EBF81C3 ] ProtectedStorage C:\windows\system32\lsass.exe
20:34:21.0888 4568 ProtectedStorage - ok
20:34:21.0919 4568 [ 0557CF5A2556BD58E26384169D72438D ] Psched C:\windows\system32\DRIVERS\pacer.sys
20:34:22.0028 4568 Psched - ok
20:34:22.0122 4568 [ A53A15A11EBFD21077463EE2C7AFEEF0 ] ql2300 C:\windows\system32\drivers\ql2300.sys
20:34:22.0215 4568 ql2300 - ok
20:34:22.0278 4568 [ 4F6D12B51DE1AAEFF7DC58C4D75423C8 ] ql40xx C:\windows\system32\drivers\ql40xx.sys
20:34:22.0309 4568 ql40xx - ok
20:34:22.0356 4568 [ 906191634E99AEA92C4816150BDA3732 ] QWAVE C:\windows\system32\qwave.dll
20:34:22.0418 4568 QWAVE - ok
20:34:22.0449 4568 [ 76707BB36430888D9CE9D705398ADB6C ] QWAVEdrv C:\windows\system32\drivers\qwavedrv.sys
20:34:22.0512 4568 QWAVEdrv - ok
20:34:22.0558 4568 [ 5A0DA8AD5762FA2D91678A8A01311704 ] RasAcd C:\windows\system32\DRIVERS\rasacd.sys
20:34:22.0668 4568 RasAcd - ok
20:34:22.0714 4568 [ 7ECFF9B22276B73F43A99A15A6094E90 ] RasAgileVpn C:\windows\system32\DRIVERS\AgileVpn.sys
20:34:22.0824 4568 RasAgileVpn - ok
20:34:22.0870 4568 [ 8F26510C5383B8DBE976DE1CD00FC8C7 ] RasAuto C:\windows\System32\rasauto.dll
20:34:23.0011 4568 RasAuto - ok
20:34:23.0073 4568 [ 471815800AE33E6F1C32FB1B97C490CA ] Rasl2tp C:\windows\system32\DRIVERS\rasl2tp.sys
20:34:23.0198 4568 Rasl2tp - ok
20:34:23.0323 4568 [ EE867A0870FC9E4972BA9EAAD35651E2 ] RasMan C:\windows\System32\rasmans.dll
20:34:23.0416 4568 RasMan - ok
20:34:23.0448 4568 [ 855C9B1CD4756C5E9A2AA58A15F58C25 ] RasPppoe C:\windows\system32\DRIVERS\raspppoe.sys
20:34:23.0572 4568 RasPppoe - ok
20:34:23.0619 4568 [ E8B1E447B008D07FF47D016C2B0EEECB ] RasSstp C:\windows\system32\DRIVERS\rassstp.sys
20:34:23.0744 4568 RasSstp - ok
20:34:23.0806 4568 [ 77F665941019A1594D887A74F301FA2F ] rdbss C:\windows\system32\DRIVERS\rdbss.sys
20:34:23.0931 4568 rdbss - ok
20:34:23.0962 4568 [ 302DA2A0539F2CF54D7C6CC30C1F2D8D ] rdpbus C:\windows\system32\drivers\rdpbus.sys
20:34:24.0025 4568 rdpbus - ok
20:34:24.0056 4568 [ CEA6CC257FC9B7715F1C2B4849286D24 ] RDPCDD C:\windows\system32\DRIVERS\RDPCDD.sys
20:34:24.0165 4568 RDPCDD - ok
20:34:24.0196 4568 [ BB5971A4F00659529A5C44831AF22365 ] RDPENCDD C:\windows\system32\drivers\rdpencdd.sys
20:34:24.0352 4568 RDPENCDD - ok
20:34:24.0415 4568 [ 216F3FA57533D98E1F74DED70113177A ] RDPREFMP C:\windows\system32\drivers\rdprefmp.sys
20:34:24.0571 4568 RDPREFMP - ok
20:34:24.0618 4568 [ E61608AA35E98999AF9AAEEEA6114B0A ] RDPWD C:\windows\system32\drivers\RDPWD.sys
20:34:24.0680 4568 RDPWD - ok
20:34:24.0742 4568 [ 34ED295FA0121C241BFEF24764FC4520 ] rdyboost C:\windows\system32\drivers\rdyboost.sys
20:34:24.0789 4568 rdyboost - ok
20:34:24.0836 4568 [ 254FB7A22D74E5511C73A3F6D802F192 ] RemoteAccess C:\windows\System32\mprdim.dll
20:34:24.0976 4568 RemoteAccess - ok
20:34:25.0039 4568 [ E4D94F24081440B5FC5AA556C7C62702 ] RemoteRegistry C:\windows\system32\regsvc.dll
20:34:25.0148 4568 RemoteRegistry - ok
20:34:25.0210 4568 [ E4DC58CF7B3EA515AE917FF0D402A7BB ] RpcEptMapper C:\windows\System32\RpcEpMap.dll
20:34:25.0320 4568 RpcEptMapper - ok
20:34:25.0366 4568 [ D5BA242D4CF8E384DB90E6A8ED850B8C ] RpcLocator C:\windows\system32\locator.exe
20:34:25.0429 4568 RpcLocator - ok
20:34:25.0476 4568 [ 5C627D1B1138676C0A7AB2C2C190D123 ] RpcSs C:\windows\System32\rpcss.dll
20:34:25.0585 4568 RpcSs - ok
20:34:25.0632 4568 [ DDC86E4F8E7456261E637E3552E804FF ] rspndr C:\windows\system32\DRIVERS\rspndr.sys
20:34:25.0834 4568 rspndr - ok
20:34:25.0897 4568 [ 36FCA0C67BCDC0DA047F5F36743B5CB9 ] RSUSBVSTOR C:\windows\system32\Drivers\RtsUVStor.sys
20:34:25.0944 4568 RSUSBVSTOR - ok
20:34:26.0037 4568 [ E50CFB92986DCAB49DE93788FD695813 ] RTL8167 C:\windows\system32\DRIVERS\Rt64win7.sys
20:34:26.0100 4568 RTL8167 - ok
20:34:26.0178 4568 [ 513338976B722822B555D739D78F9E9F ] RTL8192Ce C:\windows\system32\DRIVERS\rtl8192Ce.sys
20:34:26.0271 4568 RTL8192Ce - ok
20:34:26.0302 4568 [ C118A82CD78818C29AB228366EBF81C3 ] SamSs C:\windows\system32\lsass.exe
20:34:26.0443 4568 SamSs - ok
20:34:26.0490 4568 [ AC03AF3329579FFFB455AA2DAABBE22B ] sbp2port C:\windows\system32\drivers\sbp2port.sys
20:34:26.0614 4568 sbp2port - ok
20:34:26.0661 4568 [ 9B7395789E3791A3B6D000FE6F8B131E ] SCardSvr C:\windows\System32\SCardSvr.dll
20:34:26.0786 4568 SCardSvr - ok
20:34:26.0833 4568 [ 253F38D0D7074C02FF8DEB9836C97D2B ] scfilter C:\windows\system32\DRIVERS\scfilter.sys
20:34:26.0958 4568 scfilter - ok
20:34:27.0098 4568 [ 262F6592C3299C005FD6BEC90FC4463A ] Schedule C:\windows\system32\schedsvc.dll
20:34:27.0238 4568 Schedule - ok
20:34:27.0285 4568 [ F17D1D393BBC69C5322FBFAFACA28C7F ] SCPolicySvc C:\windows\System32\certprop.dll
20:34:27.0379 4568 SCPolicySvc - ok
20:34:27.0426 4568 [ 6EA4234DC55346E0709560FE7C2C1972 ] SDRSVC C:\windows\System32\SDRSVC.dll
20:34:27.0472 4568 SDRSVC - ok
20:34:27.0535 4568 [ 3EA8A16169C26AFBEB544E0E48421186 ] secdrv C:\windows\system32\drivers\secdrv.sys
20:34:27.0644 4568 secdrv - ok
20:34:27.0675 4568 [ BC617A4E1B4FA8DF523A061739A0BD87 ] seclogon C:\windows\system32\seclogon.dll
20:34:27.0769 4568 seclogon - ok
20:34:27.0847 4568 [ C32AB8FA018EF34C0F113BD501436D21 ] SENS C:\windows\system32\sens.dll
20:34:27.0972 4568 SENS - ok
20:34:28.0003 4568 [ 0336CFFAFAAB87A11541F1CF1594B2B2 ] SensrSvc C:\windows\system32\sensrsvc.dll
20:34:28.0096 4568 SensrSvc - ok
20:34:28.0237 4568 [ CB624C0035412AF0DEBEC78C41F5CA1B ] Serenum C:\windows\system32\drivers\serenum.sys
20:34:28.0330 4568 Serenum - ok
20:34:28.0346 4568 [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6 ] Serial C:\windows\system32\drivers\serial.sys
20:34:28.0424 4568 Serial - ok
20:34:28.0471 4568 [ 1C545A7D0691CC4A027396535691C3E3 ] sermouse C:\windows\system32\drivers\sermouse.sys
20:34:28.0549 4568 sermouse - ok
20:34:28.0627 4568 [ 0B6231BF38174A1628C4AC812CC75804 ] SessionEnv C:\windows\system32\sessenv.dll
20:34:28.0752 4568 SessionEnv - ok
20:34:28.0783 4568 [ A554811BCD09279536440C964AE35BBF ] sffdisk C:\windows\system32\drivers\sffdisk.sys
20:34:28.0876 4568 sffdisk - ok
20:34:28.0939 4568 [ FF414F0BAEFEBA59BC6C04B3DB0B87BF ] sffp_mmc C:\windows\system32\drivers\sffp_mmc.sys
20:34:29.0001 4568 sffp_mmc - ok
20:34:29.0032 4568 [ DD85B78243A19B59F0637DCF284DA63C ] sffp_sd C:\windows\system32\drivers\sffp_sd.sys
20:34:29.0157 4568 sffp_sd - ok
20:34:29.0204 4568 [ A9D601643A1647211A1EE2EC4E433FF4 ] sfloppy C:\windows\system32\drivers\sfloppy.sys
20:34:29.0251 4568 sfloppy - ok
20:34:29.0360 4568 [ B95F6501A2F8B2E78C697FEC401970CE ] SharedAccess C:\windows\System32\ipnathlp.dll
20:34:29.0454 4568 SharedAccess - ok
20:34:29.0547 4568 [ AAF932B4011D14052955D4B212A4DA8D ] ShellHWDetection C:\windows\System32\shsvcs.dll
20:34:29.0656 4568 ShellHWDetection - ok
20:34:29.0703 4568 [ 843CAF1E5FDE1FFD5FF768F23A51E2E1 ] SiSRaid2 C:\windows\system32\drivers\SiSRaid2.sys
20:34:29.0719 4568 SiSRaid2 - ok
20:34:29.0766 4568 [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4 ] SiSRaid4 C:\windows\system32\drivers\sisraid4.sys
20:34:29.0812 4568 SiSRaid4 - ok
20:34:29.0844 4568 [ 548260A7B8654E024DC30BF8A7C5BAA4 ] Smb C:\windows\system32\DRIVERS\smb.sys
20:34:29.0984 4568 Smb - ok
20:34:30.0062 4568 [ 6313F223E817CC09AA41811DAA7F541D ] SNMPTRAP C:\windows\System32\snmptrap.exe
20:34:30.0109 4568 SNMPTRAP - ok
20:34:30.0140 4568 [ B9E31E5CACDFE584F34F730A677803F9 ] spldr C:\windows\system32\drivers\spldr.sys
20:34:30.0171 4568 spldr - ok
20:34:30.0280 4568 [ 85DAA09A98C9286D4EA2BA8D0E644377 ] Spooler C:\windows\System32\spoolsv.exe
20:34:30.0343 4568 Spooler - ok
20:34:30.0468 4568 [ E17E0188BB90FAE42D83E98707EFA59C ] sppsvc C:\windows\system32\sppsvc.exe
20:34:30.0655 4568 sppsvc - ok
20:34:30.0702 4568 [ 93D7D61317F3D4BC4F4E9F8A96A7DE45 ] sppuinotify C:\windows\system32\sppuinotify.dll
20:34:30.0811 4568 sppuinotify - ok
20:34:30.0904 4568 [ 441FBA48BFF01FDB9D5969EBC1838F0B ] srv C:\windows\system32\DRIVERS\srv.sys
20:34:31.0014 4568 srv - ok
20:34:31.0092 4568 [ B4ADEBBF5E3677CCE9651E0F01F7CC28 ] srv2 C:\windows\system32\DRIVERS\srv2.sys
20:34:31.0170 4568 srv2 - ok
20:34:31.0216 4568 [ 27E461F0BE5BFF5FC737328F749538C3 ] srvnet C:\windows\system32\DRIVERS\srvnet.sys
20:34:31.0248 4568 srvnet - ok
20:34:31.0341 4568 [ 51B52FBD583CDE8AA9BA62B8B4298F33 ] SSDPSRV C:\windows\System32\ssdpsrv.dll
20:34:31.0450 4568 SSDPSRV - ok
20:34:31.0482 4568 [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB ] SstpSvc C:\windows\system32\sstpsvc.dll
20:34:31.0622 4568 SstpSvc - ok
20:34:31.0684 4568 [ F3817967ED533D08327DC73BC4D5542A ] stexstor C:\windows\system32\drivers\stexstor.sys
20:34:31.0731 4568 stexstor - ok
20:34:31.0809 4568 [ 8DD52E8E6128F4B2DA92CE27402871C1 ] stisvc C:\windows\System32\wiaservc.dll
20:34:31.0856 4568 stisvc - ok
20:34:31.0903 4568 [ D01EC09B6711A5F8E7E6564A4D0FBC90 ] swenum C:\windows\system32\DRIVERS\swenum.sys
20:34:31.0934 4568 swenum - ok
20:34:32.0028 4568 [ E08E46FDD841B7184194011CA1955A0B ] swprv C:\windows\System32\swprv.dll
20:34:32.0262 4568 swprv - ok
20:34:32.0340 4568 [ 06D602A637E171E151853F1D8ECD34F1 ] SynTP C:\windows\system32\DRIVERS\SynTP.sys
20:34:32.0527 4568 SynTP - ok
20:34:32.0636 4568 [ BF9CCC0BF39B418C8D0AE8B05CF95B7D ] SysMain C:\windows\system32\sysmain.dll
20:34:32.0870 4568 SysMain - ok
20:34:32.0917 4568 [ E3C61FD7B7C2557E1F1B0B4CEC713585 ] TabletInputService C:\windows\System32\TabSvc.dll
20:34:32.0995 4568 TabletInputService - ok
20:34:33.0042 4568 [ 40F0849F65D13EE87B9A9AE3C1DD6823 ] TapiSrv C:\windows\System32\tapisrv.dll
20:34:33.0229 4568 TapiSrv - ok
20:34:33.0244 4568 [ 1BE03AC720F4D302EA01D40F588162F6 ] TBS C:\windows\System32\tbssvc.dll
20:34:33.0338 4568 TBS - ok
20:34:33.0432 4568 [ B62A953F2BF3922C8764A29C34A22899 ] Tcpip C:\windows\system32\drivers\tcpip.sys
20:34:33.0556 4568 Tcpip - ok
20:34:33.0666 4568 [ B62A953F2BF3922C8764A29C34A22899 ] TCPIP6 C:\windows\system32\DRIVERS\tcpip.sys
20:34:33.0759 4568 TCPIP6 - ok
20:34:33.0837 4568 [ 1B16D0BD9841794A6E0CDE0CEF744ABC ] tcpipreg C:\windows\system32\drivers\tcpipreg.sys
20:34:33.0868 4568 tcpipreg - ok
20:34:33.0931 4568 [ FD542B661BD22FA69CA789AD0AC58C29 ] tdcmdpst C:\windows\system32\DRIVERS\tdcmdpst.sys
20:34:33.0962 4568 tdcmdpst - ok
20:34:34.0024 4568 [ 3371D21011695B16333A3934340C4E7C ] TDPIPE C:\windows\system32\drivers\tdpipe.sys
20:34:34.0087 4568 TDPIPE - ok
20:34:34.0149 4568 [ 51C5ECEB1CDEE2468A1748BE550CFBC8 ] TDTCP C:\windows\system32\drivers\tdtcp.sys
20:34:34.0196 4568 TDTCP - ok
20:34:34.0227 4568 [ DDAD5A7AB24D8B65F8D724F5C20FD806 ] tdx C:\windows\system32\DRIVERS\tdx.sys
20:34:34.0336 4568 tdx - ok
20:34:34.0383 4568 [ 561E7E1F06895D78DE991E01DD0FB6E5 ] TermDD C:\windows\system32\DRIVERS\termdd.sys
20:34:34.0492 4568 TermDD - ok
20:34:34.0539 4568 [ 2E648163254233755035B46DD7B89123 ] TermService C:\windows\System32\termsrv.dll
20:34:34.0695 4568 TermService - ok
20:34:34.0758 4568 [ F0344071948D1A1FA732231785A0664C ] Themes C:\windows\system32\themeservice.dll
20:34:34.0898 4568 Themes - ok
20:34:34.0945 4568 [ 7F35CA8296A52C7161088EB1D952E8ED ] Thpdrv C:\windows\system32\DRIVERS\thpdrv.sys
20:34:35.0023 4568 Thpdrv - ok
20:34:35.0054 4568 [ B4E609047434ED948AF7BDEF2FA66E38 ] Thpevm C:\windows\system32\DRIVERS\Thpevm.SYS
20:34:35.0148 4568 Thpevm - ok
20:34:35.0304 4568 [ 0B4734AE9EC70B843DF02E7B1C056377 ] Thpsrv C:\windows\system32\ThpSrv.exe
20:34:35.0350 4568 Thpsrv ( UnsignedFile.Multi.Generic ) - warning
20:34:35.0350 4568 Thpsrv - detected UnsignedFile.Multi.Generic (1)
20:34:35.0366 4568 [ E40E80D0304A73E8D269F7141D77250B ] THREADORDER C:\windows\system32\mmcss.dll
20:34:35.0460 4568 THREADORDER - ok
20:34:35.0584 4568 [ 71C321649B28638EE80A2EEB164C1DC8 ] TMachInfo C:\Program Files (x86)\TOSHIBA\TOSHIBA Service Station\TMachInfo.exe
20:34:35.0631 4568 TMachInfo - ok
20:34:35.0678 4568 [ 8E2C799D3476EAC32C3BA0DF7CE6AF19 ] TODDSrv C:\windows\system32\TODDSrv.exe
20:34:35.0709 4568 TODDSrv - ok
20:34:35.0834 4568 [ 1C73689B900428C7D054A41C4687F55C ] TosCoSrv C:\Program Files\TOSHIBA\Power Saver\TosCoSrv.exe
20:34:35.0881 4568 TosCoSrv - ok
20:34:35.0928 4568 [ 29D0886CF250FCEF1BF9E65AB8D2C0C8 ] TOSHIBA HDD SSD Alert Service C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSmartSrv.exe
20:34:35.0959 4568 TOSHIBA HDD SSD Alert Service - ok
20:34:36.0021 4568 [ 7E7AFD841694F6AC397E99D75CEAD49D ] TrkWks C:\windows\System32\trkwks.dll
20:34:36.0130 4568 TrkWks - ok
20:34:36.0208 4568 [ 773212B2AAA24C1E31F10246B15B276C ] TrustedInstaller C:\windows\servicing\TrustedInstaller.exe
20:34:36.0318 4568 TrustedInstaller - ok
20:34:36.0364 4568 [ CE18B2CDFC837C99E5FAE9CA6CBA5D30 ] tssecsrv C:\windows\system32\DRIVERS\tssecsrv.sys
20:34:36.0474 4568 tssecsrv - ok
20:34:36.0505 4568 [ D11C783E3EF9A3C52C0EBE83CC5000E9 ] TsUsbFlt C:\windows\system32\drivers\tsusbflt.sys
20:34:36.0583 4568 TsUsbFlt - ok
20:34:36.0630 4568 [ 9CC2CCAE8A84820EAECB886D477CBCB8 ] TsUsbGD C:\windows\system32\drivers\TsUsbGD.sys
20:34:36.0754 4568 TsUsbGD - ok
20:34:36.0801 4568 [ 3566A8DAAFA27AF944F5D705EAA64894 ] tunnel C:\windows\system32\DRIVERS\tunnel.sys
20:34:36.0895 4568 tunnel - ok
20:34:36.0942 4568 [ 550B567F9364D8F7684C3FB3EA665A72 ] TVALZ C:\windows\system32\DRIVERS\TVALZ_O.SYS
20:34:36.0957 4568 TVALZ - ok
20:34:37.0004 4568 [ B4DD609BD7E282BFC683CEC7EAAAAD67 ] uagp35 C:\windows\system32\drivers\uagp35.sys
20:34:37.0035 4568 uagp35 - ok
20:34:37.0082 4568 [ FF4232A1A64012BAA1FD97C7B67DF593 ] udfs C:\windows\system32\DRIVERS\udfs.sys
20:34:37.0191 4568 udfs - ok
20:34:37.0254 4568 [ 3CBDEC8D06B9968ABA702EBA076364A1 ] UI0Detect C:\windows\system32\UI0Detect.exe
20:34:37.0285 4568 UI0Detect - ok
20:34:37.0347 4568 [ 4BFE1BC28391222894CBF1E7D0E42320 ] uliagpkx C:\windows\system32\drivers\uliagpkx.sys
20:34:37.0363 4568 uliagpkx - ok
20:34:37.0394 4568 [ DC54A574663A895C8763AF0FA1FF7561 ] umbus C:\windows\system32\DRIVERS\umbus.sys
20:34:37.0441 4568 umbus - ok
20:34:37.0488 4568 [ B2E8E8CB557B156DA5493BBDDCC1474D ] UmPass C:\windows\system32\drivers\umpass.sys
20:34:37.0550 4568 UmPass - ok
20:34:37.0690 4568 [ D47EC6A8E81633DD18D2436B19BAF6DE ] upnphost C:\windows\System32\upnphost.dll
20:34:37.0831 4568 upnphost - ok
20:34:37.0909 4568 [ 6F1A3157A1C89435352CEB543CDB359C ] usbccgp C:\windows\system32\DRIVERS\usbccgp.sys
20:34:37.0987 4568 usbccgp - ok
20:34:38.0034 4568 [ AF0892A803FDDA7492F595368E3B68E7 ] usbcir C:\windows\system32\drivers\usbcir.sys
20:34:38.0080 4568 usbcir - ok
20:34:38.0127 4568 [ C025055FE7B87701EB042095DF1A2D7B ] usbehci C:\windows\system32\DRIVERS\usbehci.sys
20:34:38.0174 4568 usbehci - ok
20:34:38.0221 4568 [ 287C6C9410B111B68B52CA298F7B8C24 ] usbhub C:\windows\system32\DRIVERS\usbhub.sys
20:34:38.0299 4568 usbhub - ok
20:34:38.0361 4568 [ 9840FC418B4CBD632D3D0A667A725C31 ] usbohci C:\windows\system32\DRIVERS\usbohci.sys
20:34:38.0408 4568 usbohci - ok
20:34:38.0439 4568 [ 73188F58FB384E75C4063D29413CEE3D ] usbprint C:\windows\system32\DRIVERS\usbprint.sys
20:34:38.0502 4568 usbprint - ok
20:34:38.0548 4568 [ AAA2513C8AED8B54B189FD0C6B1634C0 ] usbscan C:\windows\system32\DRIVERS\usbscan.sys
20:34:38.0611 4568 usbscan - ok
20:34:38.0642 4568 [ FED648B01349A3C8395A5169DB5FB7D6 ] USBSTOR C:\windows\system32\DRIVERS\USBSTOR.SYS
20:34:38.0798 4568 USBSTOR - ok
20:34:38.0845 4568 [ 62069A34518BCF9C1FD9E74B3F6DB7CD ] usbuhci C:\windows\system32\drivers\usbuhci.sys
20:34:38.0892 4568 usbuhci - ok
20:34:38.0938 4568 [ 454800C2BC7F3927CE030141EE4F4C50 ] usbvideo C:\windows\system32\Drivers\usbvideo.sys
20:34:38.0970 4568 usbvideo - ok
20:34:39.0016 4568 [ EDBB23CBCF2CDF727D64FF9B51A6070E ] UxSms C:\windows\System32\uxsms.dll
20:34:39.0110 4568 UxSms - ok
20:34:39.0157 4568 [ C118A82CD78818C29AB228366EBF81C3 ] VaultSvc C:\windows\system32\lsass.exe
20:34:39.0219 4568 VaultSvc - ok
20:34:39.0282 4568 [ C5C876CCFC083FF3B128F933823E87BD ] vdrvroot C:\windows\system32\drivers\vdrvroot.sys
20:34:39.0391 4568 vdrvroot - ok
20:34:39.0438 4568 [ 8D6B481601D01A456E75C3210F1830BE ] vds C:\windows\System32\vds.exe
20:34:39.0578 4568 vds - ok
20:34:39.0625 4568 [ DA4DA3F5E02943C2DC8C6ED875DE68DD ] vga C:\windows\system32\DRIVERS\vgapnp.sys
20:34:39.0672 4568 vga - ok
20:34:39.0734 4568 [ 53E92A310193CB3C03BEA963DE7D9CFC ] VgaSave C:\windows\System32\drivers\vga.sys
20:34:39.0859 4568 VgaSave - ok
20:34:39.0874 4568 [ 2CE2DF28C83AEAF30084E1B1EB253CBB ] vhdmp C:\windows\system32\drivers\vhdmp.sys
20:34:39.0999 4568 vhdmp - ok
20:34:40.0030 4568 [ E5689D93FFE4E5D66C0178761240DD54 ] viaide C:\windows\system32\drivers\viaide.sys
20:34:40.0077 4568 viaide - ok
20:34:40.0108 4568 [ D2AAFD421940F640B407AEFAAEBD91B0 ] volmgr C:\windows\system32\drivers\volmgr.sys
20:34:40.0171 4568 volmgr - ok
20:34:40.0249 4568 [ A255814907C89BE58B79EF2F189B843B ] volmgrx C:\windows\system32\drivers\volmgrx.sys
20:34:40.0342 4568 volmgrx - ok
20:34:40.0389 4568 [ DF8126BD41180351A093A3AD2FC8903B ] volsnap C:\windows\system32\drivers\volsnap.sys
20:34:40.0452 4568 volsnap - ok
20:34:40.0498 4568 [ 5E2016EA6EBACA03C04FEAC5F330D997 ] vsmraid C:\windows\system32\drivers\vsmraid.sys
20:34:40.0545 4568 vsmraid - ok
20:34:40.0701 4568 [ B60BA0BC31B0CB414593E169F6F21CC2 ] VSS C:\windows\system32\vssvc.exe
20:34:40.0857 4568 VSS - ok
20:34:40.0935 4568 [ 36D4720B72B5C5D9CB2B9C29E9DF67A1 ] vwifibus C:\windows\system32\DRIVERS\vwifibus.sys
20:34:40.0998 4568 vwifibus - ok
20:34:41.0029 4568 [ 6A3D66263414FF0D6FA754C646612F3F ] vwififlt C:\windows\system32\DRIVERS\vwififlt.sys
20:34:41.0138 4568 vwififlt - ok
20:34:41.0185 4568 [ 6A638FC4BFDDC4D9B186C28C91BD1A01 ] vwifimp C:\windows\system32\DRIVERS\vwifimp.sys
20:34:41.0232 4568 vwifimp - ok
20:34:41.0372 4568 [ 1C9D80CC3849B3788048078C26486E1A ] W32Time C:\windows\system32\w32time.dll
20:34:41.0544 4568 W32Time - ok
20:34:41.0622 4568 [ 4E9440F4F152A7B944CB1663D3935A3E ] WacomPen C:\windows\system32\drivers\wacompen.sys
20:34:41.0715 4568 WacomPen - ok
20:34:41.0762 4568 [ 356AFD78A6ED4457169241AC3965230C ] WANARP C:\windows\system32\DRIVERS\wanarp.sys
20:34:41.0887 4568 WANARP - ok
20:34:41.0918 4568 [ 356AFD78A6ED4457169241AC3965230C ] Wanarpv6 C:\windows\system32\DRIVERS\wanarp.sys
20:34:41.0996 4568 Wanarpv6 - ok
20:34:42.0105 4568 [ 3CEC96DE223E49EAAE3651FCF8FAEA6C ] WatAdminSvc C:\windows\system32\Wat\WatAdminSvc.exe
20:34:42.0183 4568 WatAdminSvc - ok
20:34:42.0277 4568 [ 78F4E7F5C56CB9716238EB57DA4B6A75 ] wbengine C:\windows\system32\wbengine.exe
20:34:42.0386 4568 wbengine - ok
20:34:42.0433 4568 [ 3AA101E8EDAB2DB4131333F4325C76A3 ] WbioSrvc C:\windows\System32\wbiosrvc.dll
20:34:42.0542 4568 WbioSrvc - ok
20:34:42.0573 4568 [ 7368A2AFD46E5A4481D1DE9D14848EDD ] wcncsvc C:\windows\System32\wcncsvc.dll
20:34:42.0760 4568 wcncsvc - ok
20:34:42.0838 4568 [ 20F7441334B18CEE52027661DF4A6129 ] WcsPlugInService C:\windows\System32\WcsPlugInService.dll
20:34:42.0885 4568 WcsPlugInService - ok
20:34:42.0948 4568 [ 72889E16FF12BA0F235467D6091B17DC ] Wd C:\windows\system32\drivers\wd.sys
20:34:42.0979 4568 Wd - ok
20:34:43.0057 4568 [ 442783E2CB0DA19873B7A63833FF4CB4 ] Wdf01000 C:\windows\system32\drivers\Wdf01000.sys
20:34:43.0135 4568 Wdf01000 - ok
20:34:43.0197 4568 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiServiceHost C:\windows\system32\wdi.dll
20:34:43.0338 4568 WdiServiceHost - ok
20:34:43.0384 4568 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiSystemHost C:\windows\system32\wdi.dll
20:34:43.0447 4568 WdiSystemHost - ok
20:34:43.0494 4568 [ 3DB6D04E1C64272F8B14EB8BC4616280 ] WebClient C:\windows\System32\webclnt.dll
20:34:43.0618 4568 WebClient - ok
20:34:43.0665 4568 [ C749025A679C5103E575E3B48E092C43 ] Wecsvc C:\windows\system32\wecsvc.dll
20:34:43.0915 4568 Wecsvc - ok
20:34:43.0993 4568 [ 7E591867422DC788B9E5BD337A669A08 ] wercplsupport C:\windows\System32\wercplsupport.dll
20:34:44.0118 4568 wercplsupport - ok
20:34:44.0180 4568 [ 6D137963730144698CBD10F202E9F251 ] WerSvc C:\windows\System32\WerSvc.dll
20:34:44.0336 4568 WerSvc - ok
20:34:44.0383 4568 [ 611B23304BF067451A9FDEE01FBDD725 ] WfpLwf C:\windows\system32\DRIVERS\wfplwf.sys
20:34:44.0492 4568 WfpLwf - ok
20:34:44.0523 4568 [ 05ECAEC3E4529A7153B3136CEB49F0EC ] WIMMount C:\windows\system32\drivers\wimmount.sys
20:34:44.0586 4568 WIMMount - ok
20:34:44.0617 4568 WinDefend - ok
20:34:44.0648 4568 WinHttpAutoProxySvc - ok
20:34:44.0742 4568 [ 19B07E7E8915D701225DA41CB3877306 ] Winmgmt C:\windows\system32\wbem\WMIsvc.dll
20:34:44.0866 4568 Winmgmt - ok
20:34:45.0180 4568 [ BCB1310604AA415C4508708975B3931E ] WinRM C:\windows\system32\WsmSvc.dll
20:34:45.0410 4568 WinRM - ok
20:34:45.0624 4568 [ 4FADA86E62F18A1B2F42BA18AE24E6AA ] Wlansvc C:\windows\System32\wlansvc.dll
20:34:45.0704 4568 Wlansvc - ok
20:34:45.0776 4568 [ 06C8FA1CF39DE6A735B54D906BA791C6 ] wlcrasvc C:\Program Files\Windows Live\Mesh\wlcrasvc.exe
20:34:45.0806 4568 wlcrasvc - ok
20:34:45.0948 4568 [ 2BACD71123F42CEA603F4E205E1AE337 ] wlidsvc C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
20:34:46.0090 4568 wlidsvc - ok
20:34:46.0148 4568 [ F6FF8944478594D0E414D3F048F0D778 ] WmiAcpi C:\windows\system32\drivers\wmiacpi.sys
20:34:46.0204 4568 WmiAcpi - ok
20:34:46.0300 4568 [ 38B84C94C5A8AF291ADFEA478AE54F93 ] wmiApSrv C:\windows\system32\wbem\WmiApSrv.exe
20:34:46.0350 4568 wmiApSrv - ok
20:34:46.0412 4568 WMPNetworkSvc - ok
20:34:46.0469 4568 [ 96C6E7100D724C69FCF9E7BF590D1DCA ] WPCSvc C:\windows\System32\wpcsvc.dll
20:34:46.0524 4568 WPCSvc - ok
20:34:46.0563 4568 [ 93221146D4EBBF314C29B23CD6CC391D ] WPDBusEnum C:\windows\system32\wpdbusenum.dll
20:34:46.0607 4568 WPDBusEnum - ok
20:34:46.0642 4568 [ 6BCC1D7D2FD2453957C5479A32364E52 ] ws2ifsl C:\windows\system32\drivers\ws2ifsl.sys
20:34:46.0736 4568 ws2ifsl - ok
20:34:46.0786 4568 [ E8B1FE6669397D1772D8196DF0E57A9E ] wscsvc C:\windows\system32\wscsvc.dll
20:34:46.0856 4568 wscsvc - ok
20:34:46.0886 4568 WSearch - ok
20:34:47.0249 4568 [ D9EF901DCA379CFE914E9FA13B73B4C4 ] wuauserv C:\windows\system32\wuaueng.dll
20:34:47.0381 4568 wuauserv - ok
20:34:47.0444 4568 [ AB886378EEB55C6C75B4F2D14B6C869F ] WudfPf C:\windows\system32\drivers\WudfPf.sys
20:34:47.0564 4568 WudfPf - ok
20:34:47.0639 4568 [ DDA4CAF29D8C0A297F886BFE561E6659 ] WUDFRd C:\windows\system32\DRIVERS\WUDFRd.sys
20:34:47.0696 4568 WUDFRd - ok
20:34:47.0758 4568 [ B20F051B03A966392364C83F009F7D17 ] wudfsvc C:\windows\System32\WUDFSvc.dll
20:34:47.0828 4568 wudfsvc - ok
20:34:47.0880 4568 [ 9A3452B3C2A46C073166C5CF49FAD1AE ] WwanSvc C:\windows\System32\wwansvc.dll
20:34:47.0936 4568 WwanSvc - ok
20:34:47.0994 4568 ================ Scan global ===============================
20:34:48.0062 4568 [ BA0CD8C393E8C9F83354106093832C7B ] C:\windows\system32\basesrv.dll
20:34:48.0122 4568 [ 0C27239FEA4DB8A2AAC9E502186B7264 ] C:\windows\system32\winsrv.dll
20:34:48.0142 4568 [ 0C27239FEA4DB8A2AAC9E502186B7264 ] C:\windows\system32\winsrv.dll
20:34:48.0204 4568 [ D6160F9D869BA3AF0B787F971DB56368 ] C:\windows\system32\sxssrv.dll
20:34:48.0270 4568 [ 24ACB7E5BE595468E3B9AA488B9B4FCB ] C:\windows\system32\services.exe
20:34:48.0276 4568 [Global] - ok
20:34:48.0286 4568 ================ Scan MBR ==================================
20:34:48.0306 4568 [ 5B5E648D12FCADC244C1EC30318E1EB9 ] \Device\Harddisk0\DR0
20:34:48.0306 4568 Suspicious mbr (Forged): \Device\Harddisk0\DR0
20:34:48.0368 4568 \Device\Harddisk0\DR0 ( Rootkit.Boot.Pihar.c ) - infected
20:34:48.0368 4568 \Device\Harddisk0\DR0 - detected Rootkit.Boot.Pihar.c (0)
20:34:48.0438 4568 \Device\Harddisk0\DR0 ( TDSS File System ) - warning
20:34:48.0438 4568 \Device\Harddisk0\DR0 - detected TDSS File System (1)
20:34:48.0448 4568 ================ Scan VBR ==================================
20:34:48.0468 4568 [ 097449B306C9E02264A8382D8BBE3894 ] \Device\Harddisk0\DR0\Partition1
20:34:48.0478 4568 \Device\Harddisk0\DR0\Partition1 - ok
20:34:48.0488 4568 ================ Scan active images ========================
20:34:48.0498 4568 [ 3E588B60EC061686BA05D33574A344C6 ] C:\Windows\System32\drivers\crashdmp.sys
20:34:48.0498 4568 C:\Windows\System32\drivers\crashdmp.sys - ok
20:34:48.0508 4568 [ 839B5FE3D48E9F35B22C21A3D5103F6C ] C:\Windows\System32\drivers\Dumpata.sys
20:34:48.0508 4568 C:\Windows\System32\drivers\Dumpata.sys - ok
20:34:48.0538 4568 [ 814DB88F2641691575A455CF25354098 ] C:\Windows\System32\drivers\dumpfve.sys
20:34:48.0538 4568 C:\Windows\System32\drivers\dumpfve.sys - ok
20:34:48.0569 4568 [ C25F0BAFA182CBCA2DD3C851C2E75796 ] C:\Windows\System32\drivers\msahci.sys
20:34:48.0569 4568 C:\Windows\System32\drivers\msahci.sys - ok
20:34:48.0591 4568 [ F036CE71586E93D94DAB220D7BDF4416 ] C:\Windows\System32\drivers\cdrom.sys
20:34:48.0591 4568 C:\Windows\System32\drivers\cdrom.sys - ok
20:34:48.0610 4568 [ 16A47CE2DECC9B099349A5F840654746 ] C:\Windows\System32\drivers\beep.sys
20:34:48.0610 4568 C:\Windows\System32\drivers\beep.sys - ok
20:34:48.0630 4568 [ 9899284589F75FA8724FF3D16AED75C1 ] C:\Windows\System32\drivers\null.sys
20:34:48.0631 4568 C:\Windows\System32\drivers\null.sys - ok
20:34:48.0651 4568 [ E7353D59C9842BC7299FAEB7E7E09340 ] C:\Windows\System32\drivers\videoprt.sys
20:34:48.0652 4568 C:\Windows\System32\drivers\videoprt.sys - ok
20:34:48.0672 4568 [ FC438D1430B28618E2D0C7C332A710AD ] C:\Windows\System32\drivers\watchdog.sys
20:34:48.0672 4568 C:\Windows\System32\drivers\watchdog.sys - ok
20:34:48.0692 4568 [ CEA6CC257FC9B7715F1C2B4849286D24 ] C:\Windows\System32\drivers\RDPCDD.sys
20:34:48.0692 4568 C:\Windows\System32\drivers\RDPCDD.sys - ok
20:34:48.0712 4568 [ 53E92A310193CB3C03BEA963DE7D9CFC ] C:\Windows\System32\drivers\vga.sys
20:34:48.0712 4568 C:\Windows\System32\drivers\vga.sys - ok
20:34:48.0730 4568 [ BB5971A4F00659529A5C44831AF22365 ] C:\Windows\System32\drivers\RDPENCDD.sys
20:34:48.0730 4568 C:\Windows\System32\drivers\RDPENCDD.sys - ok
20:34:48.0750 4568 [ 216F3FA57533D98E1F74DED70113177A ] C:\Windows\System32\drivers\RDPREFMP.sys
20:34:48.0750 4568 C:\Windows\System32\drivers\RDPREFMP.sys - ok
20:34:48.0771 4568 [ AA3FB40E17CE1388FA1BEDAB50EA8F96 ] C:\Windows\System32\drivers\msfs.sys
20:34:48.0771 4568 C:\Windows\System32\drivers\msfs.sys - ok
20:34:48.0796 4568 [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7 ] C:\Windows\System32\drivers\npfs.sys
20:34:48.0796 4568 C:\Windows\System32\drivers\npfs.sys - ok
20:34:48.0824 4568 [ 6F020A220388ECA0AB6062DC27BD16B6 ] C:\Windows\System32\drivers\tdi.sys
20:34:48.0824 4568 C:\Windows\System32\drivers\tdi.sys - ok
20:34:48.0844 4568 [ DDAD5A7AB24D8B65F8D724F5C20FD806 ] C:\Windows\System32\drivers\tdx.sys
20:34:48.0844 4568 C:\Windows\System32\drivers\tdx.sys - ok
20:34:48.0864 4568 [ 1C7857B62DE5994A75B054A9FD4C3825 ] C:\Windows\System32\drivers\afd.sys
20:34:48.0864 4568 C:\Windows\System32\drivers\afd.sys - ok
20:34:48.0885 4568 [ 09594D1089C523423B32A4229263F068 ] C:\Windows\System32\drivers\netbt.sys
20:34:48.0885 4568 C:\Windows\System32\drivers\netbt.sys - ok
20:34:48.0906 4568 [ 611B23304BF067451A9FDEE01FBDD725 ] C:\Windows\System32\drivers\wfplwf.sys
20:34:48.0906 4568 C:\Windows\System32\drivers\wfplwf.sys - ok
20:34:48.0926 4568 [ 6BCC1D7D2FD2453957C5479A32364E52 ] C:\Windows\System32\drivers\ws2ifsl.sys
20:34:48.0926 4568 C:\Windows\System32\drivers\ws2ifsl.sys - ok
20:34:48.0947 4568 [ 0557CF5A2556BD58E26384169D72438D ] C:\Windows\System32\drivers\pacer.sys
20:34:48.0947 4568 C:\Windows\System32\drivers\pacer.sys - ok
20:34:48.0966 4568 [ 86743D9F5D2B1048062B14B1D84501C4 ] C:\Windows\System32\drivers\netbios.sys
20:34:48.0966 4568 C:\Windows\System32\drivers\netbios.sys - ok
20:34:48.0985 4568 [ 6A3D66263414FF0D6FA754C646612F3F ] C:\Windows\System32\drivers\vwififlt.sys
20:34:48.0986 4568 C:\Windows\System32\drivers\vwififlt.sys - ok
20:34:49.0005 4568 [ 356AFD78A6ED4457169241AC3965230C ] C:\Windows\System32\drivers\wanarp.sys
20:34:49.0006 4568 C:\Windows\System32\drivers\wanarp.sys - ok
20:34:49.0026 4568 [ 561E7E1F06895D78DE991E01DD0FB6E5 ] C:\Windows\System32\drivers\termdd.sys
20:34:49.0026 4568 C:\Windows\System32\drivers\termdd.sys - ok
20:34:49.0046 4568 [ E7F5AE18AF4168178A642A9247C63001 ] C:\Windows\System32\drivers\nsiproxy.sys
20:34:49.0046 4568 C:\Windows\System32\drivers\nsiproxy.sys - ok
20:34:49.0067 4568 [ 77F665941019A1594D887A74F301FA2F ] C:\Windows\System32\drivers\rdbss.sys
20:34:49.0067 4568 C:\Windows\System32\drivers\rdbss.sys - ok
20:34:49.0093 4568 [ 13096B05847EC78F0977F2C0F79E9AB3 ] C:\Windows\System32\drivers\discache.sys
20:34:49.0093 4568 C:\Windows\System32\drivers\discache.sys - ok
20:34:49.0114 4568 [ 0EED230E37515A0EAEE3C2E1BC97B288 ] C:\Windows\System32\drivers\mssmbios.sys
20:34:49.0114 4568 C:\Windows\System32\drivers\mssmbios.sys - ok
20:34:49.0133 4568 [ 61583EE3C3A17003C4ACD0475646B4D3 ] C:\Windows\System32\drivers\blbdrive.sys
20:34:49.0133 4568 C:\Windows\System32\drivers\blbdrive.sys - ok
20:34:49.0153 4568 [ 9BB2EF44EAA163B29C4A4587887A0FE4 ] C:\Windows\System32\drivers\dfsc.sys
20:34:49.0153 4568 C:\Windows\System32\drivers\dfsc.sys - ok
20:34:49.0172 4568 [ 3566A8DAAFA27AF944F5D705EAA64894 ] C:\Windows\System32\drivers\tunnel.sys
20:34:49.0173 4568 C:\Windows\System32\drivers\tunnel.sys - ok
20:34:49.0193 4568 [ 1E56388B3FE0D031C44144EB8C4D6217 ] C:\Windows\System32\drivers\amdppm.sys
20:34:49.0193 4568 C:\Windows\System32\drivers\amdppm.sys - ok
20:34:49.0213 4568 [ 1EEFFCE9A3A65A56A28793EAA3F57026 ] C:\Windows\System32\drivers\atikmpag.sys
20:34:49.0214 4568 C:\Windows\System32\drivers\atikmpag.sys - ok
20:34:49.0233 4568 [ 1911A3356FA3F77CCC825CCBAC038C2A ] C:\Windows\System32\smss.exe
20:34:49.0233 4568 C:\Windows\System32\smss.exe - ok
20:34:49.0252 4568 [ CF95B85FF8D128385ABD411C8CA74DED ] C:\Windows\System32\ntdll.dll
20:34:49.0252 4568 C:\Windows\System32\ntdll.dll - ok
20:34:49.0273 4568 [ 3B536A8BEC3B4F23FFDFD78B11A2AB93 ] C:\Windows\System32\autochk.exe
20:34:49.0273 4568 C:\Windows\System32\autochk.exe - ok
20:34:49.0290 4568 [ 194D76D2083318A2E7071A988E02ECF4 ] C:\Windows\System32\drivers\atikmdag.sys
20:34:49.0290 4568 C:\Windows\System32\drivers\atikmdag.sys - ok
20:34:49.0317 4568 [ 85DBF6EC7BDFA6187F4A1EC8F3145CD0 ] C:\Windows\System32\drivers\dxgkrnl.sys
20:34:49.0317 4568 C:\Windows\System32\drivers\dxgkrnl.sys - ok
20:34:49.0333 4568 [ D0BF5B74A3B75F5B07DF04DA258A29B9 ] C:\Windows\System32\drivers\dxgmms1.sys
20:34:49.0334 4568 C:\Windows\System32\drivers\dxgmms1.sys - ok
20:34:49.0350 4568 [ FD542B661BD22FA69CA789AD0AC58C29 ] C:\Windows\System32\drivers\tdcmdpst.sys
20:34:49.0351 4568 C:\Windows\System32\drivers\tdcmdpst.sys - ok
20:34:49.0371 4568 [ FE70103391A64039A921DBFFF9C7AB1B ] C:\Windows\System32\user32.dll
20:34:49.0371 4568 C:\Windows\System32\user32.dll - ok
20:34:49.0388 4568 [ AE259C75F9A0B057B6BF9E9695632B09 ] C:\Windows\System32\drivers\usbport.sys
20:34:49.0388 4568 C:\Windows\System32\drivers\usbport.sys - ok
20:34:49.0405 4568 [ C025055FE7B87701EB042095DF1A2D7B ] C:\Windows\System32\drivers\usbehci.sys
20:34:49.0406 4568 C:\Windows\System32\drivers\usbehci.sys - ok
20:34:49.0422 4568 [ 9840FC418B4CBD632D3D0A667A725C31 ] C:\Windows\System32\drivers\usbohci.sys
20:34:49.0423 4568 C:\Windows\System32\drivers\usbohci.sys - ok
20:34:49.0439 4568 [ 97BFED39B6B79EB12CDDBFEED51F56BB ] C:\Windows\System32\drivers\hdaudbus.sys
20:34:49.0439 4568 C:\Windows\System32\drivers\hdaudbus.sys - ok
20:34:49.0457 4568 [ FA55C73D4AFFA7EE23AC4BE53B4592D3 ] C:\Windows\System32\drivers\i8042prt.sys
20:34:49.0457 4568 C:\Windows\System32\drivers\i8042prt.sys - ok
20:34:49.0474 4568 [ BC02336F1CBA7DCC7D1213BB588A68A5 ] C:\Windows\System32\drivers\kbdclass.sys
20:34:49.0475 4568 C:\Windows\System32\drivers\kbdclass.sys - ok
20:34:49.0492 4568 [ CCA2AB1752A61F29C3C941CD79D78CEA ] C:\Windows\System32\drivers\usbd.sys
20:34:49.0492 4568 C:\Windows\System32\drivers\usbd.sys - ok
20:34:49.0509 4568 [ 06D602A637E171E151853F1D8ECD34F1 ] C:\Windows\System32\drivers\SynTP.sys
20:34:49.0509 4568 C:\Windows\System32\drivers\SynTP.sys - ok
20:34:49.0529 4568 [ 25983DE69B57142039AC8D95E71CD9C9 ] C:\Windows\System32\clbcatq.dll
20:34:49.0530 4568 C:\Windows\System32\clbcatq.dll - ok
20:34:49.0546 4568 [ F7CE0C81C545364020ED8203CF0A633E ] C:\Windows\System32\difxapi.dll
20:34:49.0547 4568 C:\Windows\System32\difxapi.dll - ok
20:34:49.0572 4568 [ C391FC68282A000CDF953F8B6B55D2EF ] C:\Windows\System32\msvcrt.dll
20:34:49.0572 4568 C:\Windows\System32\msvcrt.dll - ok
20:34:49.0591 4568 [ 9835E63E09F824D22B689D2BB789BAB9 ] C:\Windows\System32\comdlg32.dll
20:34:49.0591 4568 C:\Windows\System32\comdlg32.dll - ok
20:34:49.0608 4568 [ FF1AAEDD4A1A0FC3C5ED66B4EE0B254A ] C:\Windows\System32\urlmon.dll
20:34:49.0608 4568 C:\Windows\System32\urlmon.dll - ok
20:34:49.0625 4568 [ 28C0B5024F5C5A438E78B188CFC81B7F ] C:\Windows\System32\normaliz.dll
20:34:49.0626 4568 C:\Windows\System32\normaliz.dll - ok
20:34:49.0643 4568 [ C6689007B3A749C49A5438DCF36E0CE4 ] C:\Windows\System32\shell32.dll
20:34:49.0643 4568 C:\Windows\System32\shell32.dll - ok
20:34:49.0659 4568 [ 7D27EA49F3C1F687D357E77A470AEA99 ] C:\Windows\System32\drivers\mouclass.sys
20:34:49.0660 4568 C:\Windows\System32\drivers\mouclass.sys - ok
20:34:49.0677 4568 [ 0840155D0BDDF1190F84A663C284BD33 ] C:\Windows\System32\drivers\CmBatt.sys
20:34:49.0677 4568 C:\Windows\System32\drivers\CmBatt.sys - ok
20:34:49.0695 4568 [ 513338976B722822B555D739D78F9E9F ] C:\Windows\System32\drivers\rtl8192ce.sys
20:34:49.0695 4568 C:\Windows\System32\drivers\rtl8192ce.sys - ok
20:34:49.0713 4568 [ 36D4720B72B5C5D9CB2B9C29E9DF67A1 ] C:\Windows\System32\drivers\vwifibus.sys
20:34:49.0713 4568 C:\Windows\System32\drivers\vwifibus.sys - ok
20:34:49.0729 4568 [ E50CFB92986DCAB49DE93788FD695813 ] C:\Windows\System32\drivers\Rt64win7.sys
20:34:49.0730 4568 C:\Windows\System32\drivers\Rt64win7.sys - ok
20:34:49.0747 4568 [ 03EDB043586CCEBA243D689BDDA370A8 ] C:\Windows\System32\drivers\CompositeBus.sys
20:34:49.0747 4568 C:\Windows\System32\drivers\CompositeBus.sys - ok
20:34:49.0764 4568 [ 60ACB128E64C35C2B4E4AAB1B0A5C293 ] C:\Windows\System32\drivers\FwLnk.sys
20:34:49.0765 4568 C:\Windows\System32\drivers\FwLnk.sys - ok
20:34:49.0782 4568 [ 7ECFF9B22276B73F43A99A15A6094E90 ] C:\Windows\System32\drivers\agilevpn.sys
20:34:49.0782 4568 C:\Windows\System32\drivers\agilevpn.sys - ok
20:34:49.0800 4568 [ 30639C932D9FEF22B31268FE25A1B6E5 ] C:\Windows\System32\drivers\ndistapi.sys
20:34:49.0800 4568 C:\Windows\System32\drivers\ndistapi.sys - ok
20:34:49.0826 4568 [ 471815800AE33E6F1C32FB1B97C490CA ] C:\Windows\System32\drivers\rasl2tp.sys
20:34:49.0826 4568 C:\Windows\System32\drivers\rasl2tp.sys - ok
20:34:49.0844 4568 [ 53F7305169863F0A2BDDC49E116C2E11 ] C:\Windows\System32\drivers\ndiswan.sys
20:34:49.0844 4568 C:\Windows\System32\drivers\ndiswan.sys - ok
20:34:49.0861 4568 [ 855C9B1CD4756C5E9A2AA58A15F58C25 ] C:\Windows\System32\drivers\raspppoe.sys
20:34:49.0861 4568 C:\Windows\System32\drivers\raspppoe.sys - ok
20:34:49.0878 4568 [ F92A2C41117A11A00BE01CA01A7FCDE9 ] C:\Windows\System32\drivers\raspptp.sys
20:34:49.0878 4568 C:\Windows\System32\drivers\raspptp.sys - ok
20:34:49.0896 4568 [ E8B1E447B008D07FF47D016C2B0EEECB ] C:\Windows\System32\drivers\rassstp.sys
20:34:49.0896 4568 C:\Windows\System32\drivers\rassstp.sys - ok
20:34:49.0913 4568 [ 24FBF5CC5C04150073C315A7C83521EE ] C:\Windows\System32\drivers\ks.sys
20:34:49.0914 4568 C:\Windows\System32\drivers\ks.sys - ok
20:34:49.0930 4568 [ D01EC09B6711A5F8E7E6564A4D0FBC90 ] C:\Windows\System32\drivers\swenum.sys
20:34:49.0931 4568 C:\Windows\System32\drivers\swenum.sys - ok
20:34:49.0948 4568 [ DC54A574663A895C8763AF0FA1FF7561 ] C:\Windows\System32\drivers\umbus.sys
20:34:49.0948 4568 C:\Windows\System32\drivers\umbus.sys - ok
20:34:49.0965 4568 [ 287C6C9410B111B68B52CA298F7B8C24 ] C:\Windows\System32\drivers\usbhub.sys
20:34:49.0965 4568 C:\Windows\System32\drivers\usbhub.sys - ok
20:34:49.0983 4568 [ 015C0D8E0E0421B4CFD48CFFE2825879 ] C:\Windows\System32\drivers\ndproxy.sys
20:34:49.0983 4568 C:\Windows\System32\drivers\ndproxy.sys - ok
20:34:50.0001 4568 [ 21D26064AEDB4988F785BB4A3A2C051E ] C:\Windows\System32\drivers\drmk.sys
20:34:50.0002 4568 C:\Windows\System32\drivers\drmk.sys - ok
20:34:50.0019 4568 [ 32E11315B5126921FFD9074840EF13D3 ] C:\Windows\System32\drivers\portcls.sys
20:34:50.0019 4568 C:\Windows\System32\drivers\portcls.sys - ok
20:34:50.0037 4568 [ 0A30A899C6295F908729EDA7F95615A8 ] C:\Windows\System32\drivers\RTKVHD64.sys
20:34:50.0037 4568 C:\Windows\System32\drivers\RTKVHD64.sys - ok
20:34:50.0055 4568 [ 6869281E78CB31A43E969F06B57347C4 ] C:\Windows\System32\drivers\ksthunk.sys
20:34:50.0055 4568 C:\Windows\System32\drivers\ksthunk.sys - ok
20:34:50.0084 4568 [ 6F1A3157A1C89435352CEB543CDB359C ] C:\Windows\System32\drivers\usbccgp.sys
20:34:50.0084 4568 C:\Windows\System32\drivers\usbccgp.sys - ok
20:34:50.0102 4568 [ 49EE2E52E6CD03947DAD72F65367BE06 ] C:\Windows\System32\drivers\hidparse.sys
20:34:50.0102 4568 C:\Windows\System32\drivers\hidparse.sys - ok
20:34:50.0119 4568 [ 8B0E40E7E8BBF5ACF390465609D89FF1 ] C:\Windows\System32\drivers\hidclass.sys
20:34:50.0119 4568 C:\Windows\System32\drivers\hidclass.sys - ok
20:34:50.0137 4568 [ 9592090A7E2B61CD582B612B6DF70536 ] C:\Windows\System32\drivers\hidusb.sys
20:34:50.0138 4568 C:\Windows\System32\drivers\hidusb.sys - ok
20:34:50.0155 4568 [ D3BF052C40B0C4166D9FD86A4288C1E6 ] C:\Windows\System32\drivers\mouhid.sys
20:34:50.0156 4568 C:\Windows\System32\drivers\mouhid.sys - ok
20:34:50.0173 4568 [ 454800C2BC7F3927CE030141EE4F4C50 ] C:\Windows\System32\drivers\usbvideo.sys
20:34:50.0173 4568 C:\Windows\System32\drivers\usbvideo.sys - ok
20:34:50.0190 4568 [ 91111CEBBDE8015E822C46120ED9537C ] C:\Windows\System32\drivers\PGEffect.sys
20:34:50.0190 4568 C:\Windows\System32\drivers\PGEffect.sys - ok
20:34:50.0208 4568 [ 36FCA0C67BCDC0DA047F5F36743B5CB9 ] C:\Windows\System32\drivers\rtsuvstor.sys
20:34:50.0209 4568 C:\Windows\System32\drivers\rtsuvstor.sys - ok
20:34:50.0226 4568 [ 65C113214F7B05820F6D8A65B1485196 ] C:\Windows\System32\kernel32.dll
20:34:50.0226 4568 C:\Windows\System32\kernel32.dll - ok
20:34:50.0244 4568 [ D202223587518B13D72D68937B7E3F70 ] C:\Windows\System32\lpk.dll
20:34:50.0244 4568 C:\Windows\System32\lpk.dll - ok
20:34:50.0261 4568 [ C431EAF5CAA1C82CAC2534A2EAB348A3 ] C:\Windows\System32\msctf.dll
20:34:50.0261 4568 C:\Windows\System32\msctf.dll - ok
20:34:50.0278 4568 [ D87E1E59C73C1F98D5DED5B3850C40F5 ] C:\Windows\System32\psapi.dll
20:34:50.0278 4568 C:\Windows\System32\psapi.dll - ok
20:34:50.0296 4568 [ A1BE6A720D02E37F72E9CD89AE9CB3CF ] C:\Windows\System32\imagehlp.dll
20:34:50.0297 4568 C:\Windows\System32\imagehlp.dll - ok
20:34:50.0325 4568 [ AA2C08CE85653B1A0D2E4AB407FA176C ] C:\Windows\System32\imm32.dll
20:34:50.0325 4568 C:\Windows\System32\imm32.dll - ok
20:34:50.0342 4568 [ 6C60B5ACA7442EFB794082CDACFC001C ] C:\Windows\System32\ole32.dll
20:34:50.0342 4568 C:\Windows\System32\ole32.dll - ok
20:34:50.0359 4568 [ DBF99FD9CAF75CA66D042BD8D050FF71 ] C:\Windows\System32\usp10.dll
20:34:50.0359 4568 C:\Windows\System32\usp10.dll - ok
20:34:50.0377 4568 [ 0611473C1AD9E2D991CD9482068417F7 ] C:\Windows\System32\rpcrt4.dll
20:34:50.0377 4568 C:\Windows\System32\rpcrt4.dll - ok
20:34:50.0394 4568 [ 83404DCBCE4925B6A5A77C5170F46D86 ] C:\Windows\System32\sechost.dll
20:34:50.0394 4568 C:\Windows\System32\sechost.dll - ok
20:34:50.0404 4568 [ 6DF46D2BD74E3DA1B45F08F10D172732 ] C:\Windows\System32\advapi32.dll
20:34:50.0405 4568 C:\Windows\System32\advapi32.dll - ok
20:34:50.0427 4568 [ C06B32165E23A72A898B7A89679AD754 ] C:\Windows\System32\oleaut32.dll
20:34:50.0427 4568 C:\Windows\System32\oleaut32.dll - ok
20:34:50.0444 4568 [ 4BBFA57F594F7E8A8EDC8F377184C3F0 ] C:\Windows\System32\ws2_32.dll
20:34:50.0444 4568 C:\Windows\System32\ws2_32.dll - ok
20:34:50.0460 4568 [ 1084AA52CCC324EA54C7121FA24C2221 ] C:\Windows\System32\gdi32.dll
20:34:50.0460 4568 C:\Windows\System32\gdi32.dll - ok
20:34:50.0478 4568 [ 4E4FFB09D895AA000DD56D1404F69A7E ] C:\Windows\System32\Wldap32.dll
20:34:50.0478 4568 C:\Windows\System32\Wldap32.dll - ok
20:34:50.0496 4568 [ EAF32CB8C1F810E4715B4DFBE785C7FF ] C:\Windows\System32\shlwapi.dll
20:34:50.0496 4568 C:\Windows\System32\shlwapi.dll - ok
20:34:50.0514 4568 [ 5D8E6C95156ED1F79A63D1EADE6F9ED5 ] C:\Windows\System32\setupapi.dll
20:34:50.0514 4568 C:\Windows\System32\setupapi.dll - ok
20:34:50.0531 4568 [ A54A16DAE7497CDCB8C5A021C0F6FEB8 ] C:\Windows\System32\iertutil.dll
20:34:50.0531 4568 C:\Windows\System32\iertutil.dll - ok
20:34:50.0548 4568 [ FA274190682AA41A46B285208ED46A74 ] C:\Windows\System32\wininet.dll
20:34:50.0548 4568 C:\Windows\System32\wininet.dll - ok
20:34:50.0576 4568 [ 1F56F209585F350A5666E3CC7931FD67 ] C:\Windows\System32\KernelBase.dll
20:34:50.0577 4568 C:\Windows\System32\KernelBase.dll - ok
20:34:50.0594 4568 [ 044FE45FFD6AD40E3BBBE60B7F41BABE ] C:\Windows\System32\nsi.dll
20:34:50.0594 4568 C:\Windows\System32\nsi.dll - ok
20:34:50.0611 4568 [ 12EE6FE9268CEE6D90FDCCBF89236C65 ] C:\Windows\System32\crypt32.dll
20:34:50.0611 4568 C:\Windows\System32\crypt32.dll - ok
20:34:50.0629 4568 [ AA06902362B1422D7A7DA7061E07C624 ] C:\Windows\System32\wintrust.dll
20:34:50.0629 4568 C:\Windows\System32\wintrust.dll - ok
20:34:50.0647 4568 [ 2477A28081BDAEE622CF045ACF8EE124 ] C:\Windows\System32\cfgmgr32.dll
20:34:50.0647 4568 C:\Windows\System32\cfgmgr32.dll - ok
20:34:50.0664 4568 [ 14DFDEAF4E589ED3F1FF187A86B9408C ] C:\Windows\System32\comctl32.dll
20:34:50.0665 4568 C:\Windows\System32\comctl32.dll - ok
20:34:50.0681 4568 [ 06FEC9E8117103BB1141A560E98077DA ] C:\Windows\System32\devobj.dll
20:34:50.0682 4568 C:\Windows\System32\devobj.dll - ok
20:34:50.0698 4568 [ 884415BD4269C02EAF8E2613BF85500D ] C:\Windows\System32\msasn1.dll
20:34:50.0698 4568 C:\Windows\System32\msasn1.dll - ok
20:34:50.0716 4568 [ 9C278785347BCC991F8EA2999D90F58D ] C:\Windows\SysWOW64\normaliz.dll
20:34:50.0717 4568 C:\Windows\SysWOW64\normaliz.dll - ok
20:34:50.0733 4568 [ BF24D6F2ED97FE830BFD52B246F98E67 ] C:\Windows\System32\drivers\dxapi.sys
20:34:50.0733 4568 C:\Windows\System32\drivers\dxapi.sys - ok
20:34:50.0750 4568 [ 59E21156113E438D1D91AF4FC0C3B19F ] C:\Windows\System32\win32k.sys
20:34:50.0750 4568 C:\Windows\System32\win32k.sys - ok
20:34:50.0768 4568 [ 96F587CA26A6AA894BD8CACE4540CFFC ] C:\Windows\System32\csrsrv.dll
20:34:50.0768 4568 C:\Windows\System32\csrsrv.dll - ok
20:34:50.0788 4568 [ 60C2862B4BF0FD9F582EF344C2B1EC72 ] C:\Windows\System32\csrss.exe
20:34:50.0788 4568 C:\Windows\System32\csrss.exe - ok
20:34:50.0805 4568 [ BA0CD8C393E8C9F83354106093832C7B ] C:\Windows\System32\basesrv.dll
20:34:50.0805 4568 C:\Windows\System32\basesrv.dll - ok
20:34:50.0829 4568 [ 0C27239FEA4DB8A2AAC9E502186B7264 ] C:\Windows\System32\winsrv.dll
20:34:50.0829 4568 C:\Windows\System32\winsrv.dll - ok
20:34:50.0846 4568 [ B03D591DC7DA45ECE20B3B467E6AADAA ] C:\Windows\System32\drivers\monitor.sys
20:34:50.0847 4568 C:\Windows\System32\drivers\monitor.sys - ok
20:34:50.0864 4568 [ F29FE765E1448EF371CFE05BFAC74ADB ] C:\Windows\System32\tsddd.dll
20:34:50.0864 4568 C:\Windows\System32\tsddd.dll - ok
20:34:50.0880 4568 [ D6160F9D869BA3AF0B787F971DB56368 ] C:\Windows\System32\sxssrv.dll
20:34:50.0881 4568 C:\Windows\System32\sxssrv.dll - ok
20:34:50.0897 4568 [ 94355C28C1970635A31B3FE52EB7CEBA ] C:\Windows\System32\wininit.exe
20:34:50.0898 4568 C:\Windows\System32\wininit.exe - ok
20:34:50.0914 4568 [ 2C942733A5983DD4502219FF37C7EBC7 ] C:\Windows\System32\profapi.dll
20:34:50.0915 4568 C:\Windows\System32\profapi.dll - ok
20:34:50.0932 4568 [ C2A8CB1275ECB85D246A9ECC02A728E3 ] C:\Windows\System32\RpcRtRemote.dll
20:34:50.0932 4568 C:\Windows\System32\RpcRtRemote.dll - ok
20:34:50.0949 4568 [ 78523A26F5604C0568FE9D1CE86E36F4 ] C:\Windows\System32\KBDUS.DLL
20:34:50.0949 4568 C:\Windows\System32\KBDUS.DLL - ok
20:34:50.0966 4568 [ B26B1801356760841C3BC69F9F91537F ] C:\Windows\System32\WlS0WndH.dll
20:34:50.0966 4568 C:\Windows\System32\WlS0WndH.dll - ok
20:34:50.0983 4568 [ 90499F3163A9F815CF196A205EA3CD5D ] C:\Windows\System32\apphelp.dll
20:34:50.0983 4568 C:\Windows\System32\apphelp.dll - ok
20:34:51.0000 4568 [ 943F527DF79E6B400104341AA7023C75 ] C:\Windows\System32\cdd.dll
20:34:51.0000 4568 C:\Windows\System32\cdd.dll - ok
20:34:51.0019 4568 [ 24ACB7E5BE595468E3B9AA488B9B4FCB ] C:\Windows\System32\services.exe
20:34:51.0019 4568 C:\Windows\System32\services.exe - ok
20:34:51.0036 4568 [ 9CEAD32E79A62150FE9F8557E58E008B ] C:\Windows\System32\sxs.dll
20:34:51.0036 4568 C:\Windows\System32\sxs.dll - ok
20:34:51.0053 4568 [ 784FA3DF338E2E8F5F0389D6FAC428AF ] C:\Windows\System32\cryptbase.dll
20:34:51.0053 4568 C:\Windows\System32\cryptbase.dll - ok
20:34:51.0070 4568 [ C118A82CD78818C29AB228366EBF81C3 ] C:\Windows\System32\lsass.exe
20:34:51.0070 4568 C:\Windows\System32\lsass.exe - ok
20:34:51.0094 4568 [ 9662EE182644511439F1C53745DC1C88 ] C:\Windows\System32\lsm.exe
20:34:51.0095 4568 C:\Windows\System32\lsm.exe - ok
20:34:51.0111 4568 [ 3A0CE5FE781708CD6ABD55313607EC8B ] C:\Windows\System32\sspisrv.dll
20:34:51.0112 4568 C:\Windows\System32\sspisrv.dll - ok
20:34:51.0128 4568 [ B66BC8B20B7F33975865B1DF99783FD8 ] C:\Windows\System32\sspicli.dll
20:34:51.0128 4568 C:\Windows\System32\sspicli.dll - ok
20:34:51.0145 4568 [ 1151B1BAA6F350B1DB6598E0FEA7C457 ] C:\Windows\System32\winlogon.exe
20:34:51.0146 4568 C:\Windows\System32\winlogon.exe - ok
20:34:51.0163 4568 [ 66A6063D0BAAD3F7B2B9868859E0743B ] C:\Windows\System32\lsasrv.dll
20:34:51.0163 4568 C:\Windows\System32\lsasrv.dll - ok
20:34:51.0179 4568 [ 68083118797CAF30FB2EA3E71494D67E ] C:\Windows\System32\sysntfy.dll
20:34:51.0180 4568 C:\Windows\System32\sysntfy.dll - ok
20:34:51.0197 4568 [ DEE7267C5D232A3B816866872CE199E6 ] C:\Windows\System32\wmsgapi.dll
20:34:51.0197 4568 C:\Windows\System32\wmsgapi.dll - ok
20:34:51.0214 4568 [ A744BA6E04C8AA4592818178DBF89521 ] C:\Windows\System32\samsrv.dll
20:34:51.0214 4568 C:\Windows\System32\samsrv.dll - ok
20:34:51.0231 4568 [ E914A50A151DFFE63D3935226DB5E2C1 ] C:\Windows\System32\scext.dll
20:34:51.0231 4568 C:\Windows\System32\scext.dll - ok
20:34:51.0248 4568 [ 0144D8D75A0B12938AEEE859E3310A46 ] C:\Windows\System32\secur32.dll
20:34:51.0248 4568 C:\Windows\System32\secur32.dll - ok
20:34:51.0268 4568 [ BBCDF350817BA86416C0F06B6981BE8D ] C:\Windows\System32\scesrv.dll
20:34:51.0268 4568 C:\Windows\System32\scesrv.dll - ok
20:34:51.0285 4568 [ 3A9C9BAF610B0DD4967086040B3B62A9 ] C:\Windows\System32\srvcli.dll
20:34:51.0285 4568 C:\Windows\System32\srvcli.dll - ok
20:34:51.0301 4568 [ 0D9764D58C5EFD672B7184854B152E5E ] C:\Windows\System32\winsta.dll
20:34:51.0302 4568 C:\Windows\System32\winsta.dll - ok
20:34:51.0318 4568 [ 3A061472B38233BAFF9CFEFF2E49C46B ] C:\Windows\System32\cryptdll.dll
20:34:51.0318 4568 C:\Windows\System32\cryptdll.dll - ok
20:34:51.0343 4568 [ 3C073B0C596A0AF84933E7406766B040 ] C:\Windows\System32\wevtapi.dll
20:34:51.0343 4568 C:\Windows\System32\wevtapi.dll - ok
20:34:51.0360 4568 [ 7FBEBD2229EA5FD48D41B199EC2D541C ] C:\Windows\System32\authz.dll
20:34:51.0360 4568 C:\Windows\System32\authz.dll - ok
20:34:51.0377 4568 [ 86FE1B1F8FD42CD0DB641AB1CDB13093 ] C:\Windows\System32\cngaudit.dll
20:34:51.0377 4568 C:\Windows\System32\cngaudit.dll - ok
20:34:51.0395 4568 [ 5F3307352216618221A17CFEF273EEE2 ] C:\Windows\System32\ncrypt.dll
20:34:51.0395 4568 C:\Windows\System32\ncrypt.dll - ok
20:34:51.0412 4568 [ B9A95365E52F421A20E1501935FADDA5 ] C:\Windows\System32\bcrypt.dll
20:34:51.0412 4568 C:\Windows\System32\bcrypt.dll - ok
20:34:51.0429 4568 [ 02B64609F865A39365FF88580DF11738 ] C:\Windows\System32\msprivs.dll
20:34:51.0429 4568 C:\Windows\System32\msprivs.dll - ok
20:34:51.0446 4568 [ C6505DE3561537BA1004D638C2F93F2F ] C:\Windows\System32\netjoin.dll
20:34:51.0447 4568 C:\Windows\System32\netjoin.dll - ok
20:34:51.0464 4568 [ 50532FCD7ECF02DD169CE5C485F02534 ] C:\Windows\System32\negoexts.dll
20:34:51.0464 4568 C:\Windows\System32\negoexts.dll - ok
20:34:51.0481 4568 [ 44E1A196DFCB53B01FE4B855C3B56A15 ] C:\Windows\System32\kerberos.dll
20:34:51.0482 4568 C:\Windows\System32\kerberos.dll - ok
20:34:51.0501 4568 [ D0C2FBB6D97416B0166478FC7AE2B212 ] C:\Windows\System32\cryptsp.dll
20:34:51.0501 4568 C:\Windows\System32\cryptsp.dll - ok
20:34:51.0518 4568 [ 1D5185A4C7E6695431AE4B55C3D7D333 ] C:\Windows\System32\mswsock.dll
20:34:51.0518 4568 C:\Windows\System32\mswsock.dll - ok
20:34:51.0539 4568 [ 94E026870A55AAEAFF7853C1754091E9 ] C:\Windows\System32\version.dll
20:34:51.0539 4568 C:\Windows\System32\version.dll - ok
20:34:51.0556 4568 [ EF12B8385AA2849999008A977918F96B ] C:\Windows\System32\msv1_0.dll
20:34:51.0556 4568 C:\Windows\System32\msv1_0.dll - ok
20:34:51.0573 4568 [ EC7CBFF96B05ECF3D366355B3C64ADCF ] C:\Windows\System32\wship6.dll
20:34:51.0573 4568 C:\Windows\System32\wship6.dll - ok
20:34:51.0598 4568 [ AA339DD8BB128EF66660DFBBB59043D3 ] C:\Windows\System32\netlogon.dll
20:34:51.0598 4568 C:\Windows\System32\netlogon.dll - ok
20:34:51.0615 4568 [ 492D07D79E7024CA310867B526D9636D ] C:\Windows\System32\dnsapi.dll
20:34:51.0615 4568 C:\Windows\System32\dnsapi.dll - ok
20:34:51.0633 4568 [ 8FFE297B8449386E7B6851458B6E474E ] C:\Windows\System32\logoncli.dll
20:34:51.0633 4568 C:\Windows\System32\logoncli.dll - ok
20:34:51.0650 4568 [ 1573C45E65DE32B1BC3572634F8F1E8E ] C:\Windows\System32\schannel.dll
20:34:51.0650 4568 C:\Windows\System32\schannel.dll - ok
20:34:51.0668 4568 [ 95FB6CA4374E343DDD653FCC43F9D26B ] C:\Windows\System32\wdigest.dll
20:34:51.0668 4568 C:\Windows\System32\wdigest.dll - ok
20:34:51.0685 4568 [ 5D8874A8C11DDDDE29E12DE0E2013493 ] C:\Windows\System32\rsaenh.dll
20:34:51.0685 4568 C:\Windows\System32\rsaenh.dll - ok
20:34:51.0702 4568 [ E08088A97F95345E181C3DFCE2C615EF ] C:\Windows\System32\pku2u.dll
20:34:51.0703 4568 C:\Windows\System32\pku2u.dll - ok
20:34:51.0719 4568 [ 8A25506B6948EFBD5A7F37E53CCD36D9 ] C:\Windows\System32\TSpkg.dll
20:34:51.0719 4568 C:\Windows\System32\TSpkg.dll - ok
20:34:51.0738 4568 [ 7DBA64AD70C2E2481C68D9E0F7CD7840 ] C:\Windows\System32\LIVESSP.DLL
20:34:51.0739 4568 C:\Windows\System32\LIVESSP.DLL - ok
20:34:51.0756 4568 [ D6C7780A364C6BBACFA796BAB9F1B374 ] C:\Windows\System32\bcryptprimitives.dll
20:34:51.0757 4568 C:\Windows\System32\bcryptprimitives.dll - ok
20:34:51.0775 4568 [ 90BDEFC5DF334E5100EAA781D798DE1A ] C:\Windows\System32\efslsaext.dll
20:34:51.0775 4568 C:\Windows\System32\efslsaext.dll - ok
20:34:51.0793 4568 [ 52D3D5E3586988D4D9E34ACAAC33105C ] C:\Windows\System32\credssp.dll
20:34:51.0793 4568 C:\Windows\System32\credssp.dll - ok
20:34:51.0810 4568 [ ED78427259134C63ED69804D2132B86C ] C:\Windows\System32\scecli.dll
20:34:51.0811 4568 C:\Windows\System32\scecli.dll - ok
20:34:51.0828 4568 [ 7CC7DF5B654DA579613F811D8C637E29 ] C:\Windows\System32\ubpm.dll
20:34:51.0828 4568 C:\Windows\System32\ubpm.dll - ok
20:34:51.0855 4568 [ 6F68F63794097E54F36474ED4384B759 ] C:\Windows\System32\svchost.exe
20:34:51.0855 4568 C:\Windows\System32\svchost.exe - ok
20:34:51.0873 4568 [ 25FBDEF06C4D92815B353F6E792C8129 ] C:\Windows\System32\umpnpmgr.dll
20:34:51.0873 4568 C:\Windows\System32\umpnpmgr.dll - ok
20:34:51.0889 4568 [ E6EB44ABAAF1F330119F854856C53EBE ] C:\Windows\System32\SPInf.dll
20:34:51.0890 4568 C:\Windows\System32\SPInf.dll - ok
20:34:51.0907 4568 [ CD1B5AD07E5F7FEF30E055DCC9E96180 ] C:\Windows\System32\devrtl.dll
20:34:51.0907 4568 C:\Windows\System32\devrtl.dll - ok
20:34:51.0919 4568 [ 7A17485DC7D8A7AC81321A42CD034519 ] C:\Windows\System32\userenv.dll
20:34:51.0919 4568 C:\Windows\System32\userenv.dll - ok
20:34:51.0941 4568 [ 9C9307C95671AC962F3D6EB3A4A89BAE ] C:\Windows\System32\gpapi.dll
20:34:51.0941 4568 C:\Windows\System32\gpapi.dll - ok
20:34:51.0958 4568 [ 6BA9D927DDED70BD1A9CADED45F8B184 ] C:\Windows\System32\umpo.dll
20:34:51.0958 4568 C:\Windows\System32\umpo.dll - ok
20:34:51.0978 4568 [ F6C011B46FAEEF33536B2E80F48B5CBE ] C:\Windows\System32\pcwum.dll
20:34:51.0978 4568 C:\Windows\System32\pcwum.dll - ok
20:34:51.0996 4568 [ 716175021BDA290504CE434273F666BC ] C:\Windows\System32\powrprof.dll
20:34:51.0996 4568 C:\Windows\System32\powrprof.dll - ok
20:34:52.0014 4568 [ 43D0F98E1D56CCDDB0D5254CFF7B356E ] C:\Windows\System32\drivers\luafv.sys
20:34:52.0014 4568 C:\Windows\System32\drivers\luafv.sys - ok
20:34:52.0031 4568 [ 92EB844D90615CB266F84C3202B8786E ] C:\Windows\System32\drivers\mbam.sys
20:34:52.0032 4568 C:\Windows\System32\drivers\mbam.sys - ok
20:34:52.0049 4568 [ 5C627D1B1138676C0A7AB2C2C190D123 ] C:\Windows\System32\rpcss.dll
20:34:52.0049 4568 C:\Windows\System32\rpcss.dll - ok
20:34:52.0066 4568 [ E4DC58CF7B3EA515AE917FF0D402A7BB ] C:\Windows\System32\RpcEpMap.dll
20:34:52.0067 4568 C:\Windows\System32\RpcEpMap.dll - ok
20:34:52.0084 4568 [ 31559F3244C6BC00A52030CAA83B6B91 ] C:\Windows\System32\WSHTCPIP.DLL
20:34:52.0085 4568 C:\Windows\System32\WSHTCPIP.DLL - ok
20:34:52.0108 4568 [ 16E964ABF6D1E0F0CC7822FCA9BA754D ] C:\Windows\System32\wshqos.dll
20:34:52.0108 4568 C:\Windows\System32\wshqos.dll - ok
20:34:52.0126 4568 [ E07DEC52FF801841BA9B6878A60304FB ] C:\Program Files\Microsoft Security Client\MsMpEng.exe
20:34:52.0126 4568 C:\Program Files\Microsoft Security Client\MsMpEng.exe - ok
20:34:52.0144 4568 [ 9AD9E06F8656F296D91FAE8EE5B95A27 ] C:\Windows\System32\FirewallAPI.dll
20:34:52.0144 4568 C:\Windows\System32\FirewallAPI.dll - ok
20:34:52.0161 4568 [ 715F03B4C7223349768013EA95D9E5B7 ] C:\Windows\System32\LogonUI.exe
20:34:52.0161 4568 C:\Windows\System32\LogonUI.exe - ok
20:34:52.0178 4568 [ 0BEE002C68E28CE6DA161DCF1376D7D7 ] C:\Windows\System32\authui.dll
20:34:52.0178 4568 C:\Windows\System32\authui.dll - ok
20:34:52.0199 4568 [ B3BFBD758506ECB50C5804AAA76318F9 ] C:\Windows\System32\cryptui.dll
20:34:52.0199 4568 C:\Windows\System32\cryptui.dll - ok
20:34:52.0217 4568 [ 7FA8FDC2C2A27817FD0F624E78D3B50C ] C:\Windows\winsxs\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac\comctl32.dll
20:34:52.0217 4568 C:\Windows\winsxs\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac\comctl32.dll - ok
20:34:52.0235 4568 [ 5B3EBFC3DA142324B388DDCC4465E1FF ] C:\Windows\System32\samlib.dll
20:34:52.0235 4568 C:\Windows\System32\samlib.dll - ok
20:34:52.0253 4568 [ 4E9C2DB10F7E6AE91BF761139D4B745B ] C:\Windows\System32\shacct.dll
20:34:52.0253 4568 C:\Windows\System32\shacct.dll - ok
20:34:52.0270 4568 [ F06BB4E336EA57511FDBAFAFCC47DE62 ] C:\Windows\System32\propsys.dll
20:34:52.0270 4568 C:\Windows\System32\propsys.dll - ok
20:34:52.0288 4568 [ D29E998E8277666982B4F0303BF4E7AF ] C:\Windows\System32\uxtheme.dll
20:34:52.0288 4568 C:\Windows\System32\uxtheme.dll - ok
20:34:52.0306 4568 [ 179E8401224D557ECFF3695F2016EA5B ] C:\Windows\winsxs\amd64_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.17825_none_2b253c8271ec7765\GdiPlus.dll
20:34:52.0306 4568 C:\Windows\winsxs\amd64_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.17825_none_2b253c8271ec7765\GdiPlus.dll - ok
20:34:52.0323 4568 [ 3CB6A7286422C72C34DAB54A5DFF1A34 ] C:\Windows\System32\dui70.dll
20:34:52.0323 4568 C:\Windows\System32\dui70.dll - ok
20:34:52.0340 4568 [ 8CCDE014A4CDF84564E03ACE064CA753 ] C:\Windows\System32\duser.dll
20:34:52.0340 4568 C:\Windows\System32\duser.dll - ok
20:34:52.0365 4568 [ D7F1EF374A90709B31591823B002F918 ] C:\Windows\System32\SndVolSSO.dll
20:34:52.0366 4568 C:\Windows\System32\SndVolSSO.dll - ok
20:34:52.0383 4568 [ 896F15A6434D93EDB42519D5E18E6B50 ] C:\Windows\System32\hid.dll
20:34:52.0383 4568 C:\Windows\System32\hid.dll - ok
20:34:52.0400 4568 [ 227E2C382A1E02F8D4965E664D3BBE43 ] C:\Windows\System32\MMDevAPI.dll
20:34:52.0400 4568 C:\Windows\System32\MMDevAPI.dll - ok
20:34:52.0417 4568 [ DA1B7075260F3872585BFCDD668C648B ] C:\Windows\System32\dwmapi.dll
20:34:52.0417 4568 C:\Windows\System32\dwmapi.dll - ok
20:34:52.0435 4568 [ 6F8B48F3D343E4B186AB6A9E302B7E16 ] C:\Windows\System32\xmllite.dll
20:34:52.0435 4568 C:\Windows\System32\xmllite.dll - ok
20:34:52.0455 4568 [ BDDF242A49E7B7DC5CCEC291BCE53ACB ] C:\Windows\System32\WindowsCodecs.dll
20:34:52.0455 4568 C:\Windows\System32\WindowsCodecs.dll - ok
20:34:52.0472 4568 [ 9F2BACD5E1776A4BB7CC0EC3C3A4F96D ] C:\Windows\System32\winbrand.dll
20:34:52.0473 4568 C:\Windows\System32\winbrand.dll - ok
20:34:52.0489 4568 [ BD3674BE7FC9D8D3732C83E8499576ED ] C:\Windows\System32\wtsapi32.dll
20:34:52.0489 4568 C:\Windows\System32\wtsapi32.dll - ok
20:34:52.0506 4568 [ C2762A57DF0EE85E63CE4893C5215313 ] C:\Windows\System32\VaultCredProvider.dll
20:34:52.0506 4568 C:\Windows\System32\VaultCredProvider.dll - ok
20:34:52.0523 4568 [ CA2985996BB49924B677113DF95CFEA7 ] C:\Windows\System32\SmartcardCredentialProvider.dll
20:34:52.0524 4568 C:\Windows\System32\SmartcardCredentialProvider.dll - ok
20:34:52.0541 4568 [ BF352E73615F5461AA6884472435A544 ] C:\Windows\System32\BioCredProv.dll
20:34:52.0541 4568 C:\Windows\System32\BioCredProv.dll - ok
20:34:52.0558 4568 [ 796B8123A7859AFD3A4AE10514DBAEB5 ] C:\Windows\System32\winbio.dll
20:34:52.0558 4568 C:\Windows\System32\winbio.dll - ok
20:34:52.0575 4568 [ CC0AB40F02D2C2A12209715A3C1B07B8 ] C:\Windows\System32\credui.dll
20:34:52.0575 4568 C:\Windows\System32\credui.dll - ok
20:34:52.0593 4568 [ EEEA40F0EDB0A6E5359E539E15D0BC77 ] C:\Windows\System32\netapi32.dll
20:34:52.0593 4568 C:\Windows\System32\netapi32.dll - ok
20:34:52.0617 4568 [ 44B9C66177651F3F53C87B665D58D17A ] C:\Windows\System32\vaultcli.dll
20:34:52.0617 4568 C:\Windows\System32\vaultcli.dll - ok
20:34:52.0634 4568 [ 6CECA4C6A489C9B2E6073AFDAAE3F607 ] C:\Windows\System32\netutils.dll
20:34:52.0634 4568 C:\Windows\System32\netutils.dll - ok
20:34:52.0651 4568 [ 3C91392D448F6E5D525A85B7550D8BA9 ] C:\Windows\System32\wkscli.dll
20:34:52.0651 4568 C:\Windows\System32\wkscli.dll - ok
20:34:52.0668 4568 [ FC51229C7D4AFA0D6F186133728B95AB ] C:\Windows\System32\samcli.dll
20:34:52.0668 4568 C:\Windows\System32\samcli.dll - ok
20:34:52.0688 4568 [ 08D8C5E32648D6E7976F0458545EA600 ] C:\Program Files\TOSHIBA\SmartFaceV\SmartFaceVCP.dll
20:34:52.0688 4568 C:\Program Files\TOSHIBA\SmartFaceV\SmartFaceVCP.dll - ok
20:34:52.0706 4568 [ D037BEA6039248D4DE0C5F361F19970D ] C:\Program Files\TOSHIBA\SmartFaceV\SmartFaceVHelper.dll
20:34:52.0706 4568 C:\Program Files\TOSHIBA\SmartFaceV\SmartFaceVHelper.dll - ok
20:34:52.0718 4568 [ 7AE92C896AF9ABFBDB18C1D055B6EBA7 ] C:\Windows\winsxs\amd64_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.4940_none_88df89932faf0bf6\msvcp80.dll
20:34:52.0718 4568 C:\Windows\winsxs\amd64_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.4940_none_88df89932faf0bf6\msvcp80.dll - ok
20:34:52.0733 4568 [ 06A754FE28A06F780A099703CFCAAA22 ] C:\Windows\winsxs\amd64_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.4940_none_88df89932faf0bf6\msvcr80.dll
20:34:52.0733 4568 C:\Windows\winsxs\amd64_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.4940_none_88df89932faf0bf6\msvcr80.dll - ok
20:34:52.0749 4568 [ 9AE75388EE2C110216B8319584E8AC34 ] C:\Program Files\TOSHIBA\SmartFaceV\SmartFaceVCtrl.dll
20:34:52.0749 4568 C:\Program Files\TOSHIBA\SmartFaceV\SmartFaceVCtrl.dll - ok
20:34:52.0764 4568 [ EF2AE43BCD46ABB13FC3E5B2B1935C73 ] C:\Windows\System32\winmm.dll
20:34:52.0764 4568 C:\Windows\System32\winmm.dll - ok
20:34:52.0778 4568 [ 2A9238A326763122424E07EF320D5D3A ] C:\Program Files\TOSHIBA\SmartFaceV\FaceRec.dll
20:34:52.0779 4568 C:\Program Files\TOSHIBA\SmartFaceV\FaceRec.dll - ok
20:34:52.0794 4568 [ 91175B7E997CFAC64F271A15B4217BC7 ] C:\Program Files\TOSHIBA\SmartFaceV\FaceHI.dll
20:34:52.0794 4568 C:\Program Files\TOSHIBA\SmartFaceV\FaceHI.dll - ok
20:34:52.0809 4568 [ A905E156A7D52B55892C3255670FE97B ] C:\Program Files\Microsoft Security Client\MsMpRes.dll
20:34:52.0809 4568 C:\Program Files\Microsoft Security Client\MsMpRes.dll - ok
20:34:52.0824 4568 [ 9C5BF3E0541B8A2F85DF1D642E495EE4 ] C:\Program Files\TOSHIBA\SmartFaceV\SmartFaceVLogOn.dll
20:34:52.0825 4568 C:\Program Files\TOSHIBA\SmartFaceV\SmartFaceVLogOn.dll - ok
20:34:52.0877 4568 [ 972C3301DB3DA91AE06A95F6B4160B1B ] C:\Windows\System32\certCredProvider.dll
20:34:52.0877 4568 C:\Windows\System32\certCredProvider.dll - ok
20:34:52.0887 4568 [ 032229246107C5C7211E6D1498B52D3D ] C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDCREDPROV.DLL
20:34:52.0887 4568 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDCREDPROV.DLL - ok
20:34:52.0899 4568 [ 87FA0C48C3B2E9FEE518818FE26B15B5 ] C:\Windows\System32\rasplap.dll
20:34:52.0900 4568 C:\Windows\System32\rasplap.dll - ok
20:34:52.0916 4568 [ 019CD868461B646E09BDF04474C19341 ] C:\Windows\System32\rasapi32.dll
20:34:52.0916 4568 C:\Windows\System32\rasapi32.dll - ok
20:34:52.0930 4568 [ B28DEEC597C8DEB70C744C7CF9210E3E ] C:\Windows\System32\rasman.dll
20:34:52.0931 4568 C:\Windows\System32\rasman.dll - ok
20:34:52.0945 4568 [ B53C4B69B695EDA1B7E41D35CA4244E2 ] C:\Windows\System32\rtutils.dll
20:34:52.0945 4568 C:\Windows\System32\rtutils.dll - ok
20:34:52.0960 4568 [ CF636C92B762B26F0B39B38E92380A09 ] C:\Windows\System32\oleacc.dll
20:34:52.0960 4568 C:\Windows\System32\oleacc.dll - ok
20:34:52.0975 4568 [ 019BDD35DE269CB98B22DE8923C2AA3B ] C:\Windows\System32\UIAutomationCore.dll
20:34:52.0976 4568 C:\Windows\System32\UIAutomationCore.dll - ok
20:34:53.0003 4568 [ 905601FFF40D8DA9FA82CBE77D1F5EB1 ] C:\Program Files\Microsoft Security Client\MpSvc.dll
20:34:53.0003 4568 C:\Program Files\Microsoft Security Client\MpSvc.dll - ok
20:34:53.0019 4568 [ 2D4230F2F1D204A523998DF93F9DF066 ] C:\Program Files\Microsoft Security Client\MpClient.dll
20:34:53.0019 4568 C:\Program Files\Microsoft Security Client\MpClient.dll - ok
20:34:53.0034 4568 [ 1F4492FE41767CDB8B89D17655847CDD ] C:\Windows\System32\ntmarta.dll
20:34:53.0035 4568 C:\Windows\System32\ntmarta.dll - ok
20:34:53.0050 4568 [ 9121C2E2507AD0BCBF9A7438051BEF34 ] C:\Program Files\Microsoft Security Client\EppManifest.dll
20:34:53.0051 4568 C:\Program Files\Microsoft Security Client\EppManifest.dll - ok
20:34:53.0067 4568 [ 2F2E91FD092811353C3BC968BEC274D8 ] C:\Windows\System32\atiesrxx.exe
20:34:53.0068 4568 C:\Windows\System32\atiesrxx.exe - ok
20:34:53.0083 4568 [ 2F034150ECCBC498C53B61F98C5378AC ] C:\Program Files\Microsoft Security Client\MpRTP.dll
20:34:53.0083 4568 C:\Program Files\Microsoft Security Client\MpRTP.dll - ok
20:34:53.0098 4568 [ C4C1947985144721A809965A19D616BC ] C:\Program Files\Microsoft Security Client\MsMpLics.dll
20:34:53.0098 4568 C:\Program Files\Microsoft Security Client\MsMpLics.dll - ok
20:34:53.0116 4568 [ F3D202F53A222D5F6944D459B73CF967 ] C:\Windows\System32\fltLib.dll
20:34:53.0116 4568 C:\Windows\System32\fltLib.dll - ok
20:34:53.0134 4568 [ F8A10560B35C66F9DE212F03DAD5BFA7 ] C:\Windows\System32\drivers\MpFilter.sys
20:34:53.0134 4568 C:\Windows\System32\drivers\MpFilter.sys - ok
20:34:53.0152 4568 [ 967BC3664DDC26959BD43A7B1681FF86 ] C:\Program Files\Microsoft Security Client\NisIpsPlugin.dll
20:34:53.0152 4568 C:\Program Files\Microsoft Security Client\NisIpsPlugin.dll - ok
20:34:53.0175 4568 [ 76A11F575782DBAE74F05B8796EF7F9D ] C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{B1AD65C3-89D0-4093-9CC1-B3FC82BB674A}\mpengine.dll
20:34:53.0176 4568 C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{B1AD65C3-89D0-4093-9CC1-B3FC82BB674A}\mpengine.dll - ok
20:34:53.0191 4568 [ 6011714C8C5C55CBFFAD24D61E879FBD ] C:\Windows\System32\wevtsvc.dll
20:34:53.0191 4568 C:\Windows\System32\wevtsvc.dll - ok
20:34:53.0206 4568 [ 5F28111C648F1E24F7DBC87CDEB091B8 ] C:\Windows\System32\netprofm.dll
20:34:53.0206 4568 C:\Windows\System32\netprofm.dll - ok
20:34:53.0221 4568 [ 588CD0C78A7FAAE4186B5EEA0AF3ED67 ] C:\Windows\System32\adtschema.dll
20:34:53.0221 4568 C:\Windows\System32\adtschema.dll - ok
20:34:53.0237 4568 [ F23FEF6D569FCE88671949894A8BECF1 ] C:\Windows\System32\audiosrv.dll
20:34:53.0237 4568 C:\Windows\System32\audiosrv.dll - ok
20:34:53.0260 4568 [ 78A1E65207484B7F8D3217507745F47C ] C:\Windows\System32\avrt.dll
20:34:53.0260 4568 C:\Windows\System32\avrt.dll - ok
20:34:53.0283 4568 [ 4FADA86E62F18A1B2F42BA18AE24E6AA ] C:\Windows\System32\wlansvc.dll
20:34:53.0284 4568 C:\Windows\System32\wlansvc.dll - ok
20:34:53.0301 4568 [ 50544D04AD845C43130B70212EC05CCD ] C:\Windows\System32\microsoft-windows-kernel-power-events.dll
20:34:53.0301 4568 C:\Windows\System32\microsoft-windows-kernel-power-events.dll - ok
20:34:53.0316 4568 [ DA6B67270FD9DB3697B20FCE94950741 ] C:\Windows\System32\drivers\fltMgr.sys
20:34:53.0316 4568 C:\Windows\System32\drivers\fltMgr.sys - ok
20:34:53.0331 4568 [ C4C183E6551084039EC862DA1C945E3D ] C:\Windows\System32\FntCache.dll
20:34:53.0332 4568 C:\Windows\System32\FntCache.dll - ok
20:34:53.0346 4568 [ 53E83F1F6CF9D62F32801CF66D8352A8 ] C:\Windows\System32\profsvc.dll
20:34:53.0346 4568 C:\Windows\System32\profsvc.dll - ok
20:34:53.0362 4568 [ A3DB3C17EE6CAE65D53602B4E80BCCBC ] C:\Windows\System32\PSHED.DLL
20:34:53.0362 4568 C:\Windows\System32\PSHED.DLL - ok
20:34:53.0394 4568 [ 54FFC9C8898113ACE189D4AA7199D2C1 ] C:\Windows\System32\MPSSVC.dll
20:34:53.0394 4568 C:\Windows\System32\MPSSVC.dll - ok
20:34:53.0411 4568 [ E40E80D0304A73E8D269F7141D77250B ] C:\Windows\System32\mmcss.dll
20:34:53.0411 4568 C:\Windows\System32\mmcss.dll - ok
20:34:53.0428 4568 [ 436EB2742ED35C1ED9DDCB83C9BCF68A ] C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{B1AD65C3-89D0-4093-9CC1-B3FC82BB674A}\mpasbase.vdm
20:34:53.0428 4568 C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{B1AD65C3-89D0-4093-9CC1-B3FC82BB674A}\mpasbase.vdm - ok
20:34:53.0445 4568 [ D5CCA1453B98A5801E6D5FF0FF89DC6C ] C:\Windows\System32\audiodg.exe
20:34:53.0445 4568 C:\Windows\System32\audiodg.exe - ok
20:34:53.0464 4568 [ B0945E538CF906BBDDC5A11C8EE868CC ] C:\Windows\System32\microsoft-windows-kernel-processor-power-events.dll
20:34:53.0464 4568 C:\Windows\System32\microsoft-windows-kernel-processor-power-events.dll - ok
20:34:53.0479 4568 [ 277BBC7E1AA1EE957F573A10ECA7EF3A ] C:\Windows\System32\gpsvc.dll
20:34:53.0479 4568 C:\Windows\System32\gpsvc.dll - ok
20:34:53.0494 4568 [ 1473768973453DE50DC738C2955FC4DD ] C:\Windows\System32\wdmaud.drv
20:34:53.0494 4568 C:\Windows\System32\wdmaud.drv - ok
20:34:53.0544 4568 [ 8560FFFC8EB3A806DCD4F82252CFC8C6 ] C:\Windows\System32\ksuser.dll
20:34:53.0544 4568 C:\Windows\System32\ksuser.dll - ok
20:34:53.0559 4568 [ DC220AE6F64819099F7EBD6F137E32E7 ] C:\Windows\System32\AudioSes.dll
20:34:53.0559 4568 C:\Windows\System32\AudioSes.dll - ok
20:34:53.0573 4568 [ 10AC5CE9F78DC281A1BBD9B8CC587B8A ] C:\Windows\System32\msacm32.dll
20:34:53.0574 4568 C:\Windows\System32\msacm32.dll - ok
20:34:53.0588 4568 [ 1B7C3A37362C7B2890168C5FC61C8D9B ] C:\Windows\System32\msacm32.drv
20:34:53.0589 4568 C:\Windows\System32\msacm32.drv - ok
20:34:53.0604 4568 [ 46BB91A169B9B31FF44EB04C48EC1D41 ] C:\Windows\System32\nlaapi.dll
20:34:53.0604 4568 C:\Windows\System32\nlaapi.dll - ok
20:34:53.0620 4568 [ 58775492FFD419248B08325E583C527F ] C:\Windows\System32\atl.dll
20:34:53.0620 4568 C:\Windows\System32\atl.dll - ok
20:34:53.0633 4568 [ CA2A0750ED830678997695FF61B04C30 ] C:\Windows\System32\midimap.dll
20:34:53.0633 4568 C:\Windows\System32\midimap.dll - ok
20:34:53.0663 4568 [ F0344071948D1A1FA732231785A0664C ] C:\Windows\System32\themeservice.dll
20:34:53.0663 4568 C:\Windows\System32\themeservice.dll - ok
20:34:53.0673 4568 [ A77BE7CB3222B4FB0AC6C71D1C2698D4 ] C:\Windows\System32\dsrole.dll
20:34:53.0673 4568 C:\Windows\System32\dsrole.dll - ok
20:34:53.0690 4568 [ 4166F82BE4D24938977DD1746BE9B8A0 ] C:\Windows\System32\es.dll
20:34:53.0690 4568 C:\Windows\System32\es.dll - ok
20:34:53.0706 4568 [ BE097F5BB10F9079FCEB2DC4E7E20F02 ] C:\Windows\System32\slc.dll
20:34:53.0706 4568 C:\Windows\System32\slc.dll - ok
20:34:53.0721 4568 [ 5EDBB34736DD7AC1A73CF8792A835E10 ] C:\Windows\System32\AudioEng.dll
20:34:53.0721 4568 C:\Windows\System32\AudioEng.dll - ok
20:34:53.0737 4568 [ C32AB8FA018EF34C0F113BD501436D21 ] C:\Windows\System32\Sens.dll
20:34:53.0738 4568 C:\Windows\System32\Sens.dll - ok
20:34:53.0754 4568 [ 1A47D52E303B7543E4E6026595B95422 ] C:\Windows\System32\comres.dll
20:34:53.0754 4568 C:\Windows\System32\comres.dll - ok
20:34:53.0771 4568 [ 9BC8610C32C96A2983A65DC21CAFA921 ] C:\Windows\System32\UXInit.dll
20:34:53.0771 4568 C:\Windows\System32\UXInit.dll - ok
20:34:53.0791 4568 [ 13EB517A22F8AE2E4A02718C163BA401 ] C:\Windows\System32\atieclxx.exe
20:34:53.0791 4568 C:\Windows\System32\atieclxx.exe - ok
20:34:53.0807 4568 [ EDBB23CBCF2CDF727D64FF9B51A6070E ] C:\Windows\System32\uxsms.dll
20:34:53.0808 4568 C:\Windows\System32\uxsms.dll - ok
20:34:53.0824 4568 [ C1395286B822E306B4FE1568A8A77813 ] C:\Windows\System32\AUDIOKSE.dll
20:34:53.0824 4568 C:\Windows\System32\AUDIOKSE.dll - ok
20:34:53.0839 4568 [ 1538831CF8AD2979A04C423779465827 ] C:\Windows\System32\drivers\lltdio.sys
20:34:53.0839 4568 C:\Windows\System32\drivers\lltdio.sys - ok
20:34:53.0852 4568 [ 1EA3749C4114DB3E3161156FFFFA6B33 ] C:\Windows\System32\drivers\nwifi.sys
20:34:53.0852 4568 C:\Windows\System32\drivers\nwifi.sys - ok
20:34:53.0868 4568 [ 136185F9FB2CC61E573E676AA5402356 ] C:\Windows\System32\drivers\ndisuio.sys
20:34:53.0868 4568 C:\Windows\System32\drivers\ndisuio.sys - ok
20:34:53.0884 4568 [ DDC86E4F8E7456261E637E3552E804FF ] C:\Windows\System32\drivers\rspndr.sys
20:34:53.0884 4568 C:\Windows\System32\drivers\rspndr.sys - ok
20:34:53.0917 4568 [ 3449B6738794D2234ED2C3FADA85D487 ] C:\Windows\System32\atiadlxx.dll
20:34:53.0917 4568 C:\Windows\System32\atiadlxx.dll - ok
20:34:53.0927 4568 [ F993A32249B66C9D622EA5592A8B76B8 ] C:\Windows\System32\lmhsvc.dll
20:34:53.0927 4568 C:\Windows\System32\lmhsvc.dll - ok
20:34:53.0941 4568 [ 706B9A55E4B1EDD2F6C2D7A1CF37E197 ] C:\Windows\System32\RtkAPO64.dll
20:34:53.0941 4568 C:\Windows\System32\RtkAPO64.dll - ok
20:34:53.0957 4568 [ 2B81776DA02017A37FE26C662827470E ] C:\Windows\System32\IPHLPAPI.DLL
20:34:53.0958 4568 C:\Windows\System32\IPHLPAPI.DLL - ok
20:34:53.0973 4568 [ D54BFDF3E0C953F823B3D0BFE4732528 ] C:\Windows\System32\nsisvc.dll
20:34:53.0974 4568 C:\Windows\System32\nsisvc.dll - ok
20:34:53.0988 4568 [ B73A6E4B319AFFE64582AC5C1801BB3F ] C:\Windows\System32\nrpsrv.dll
20:34:53.0989 4568 C:\Windows\System32\nrpsrv.dll - ok
20:34:54.0004 4568 [ 4C9210E8F4E052F6A4EB87716DA0C24C ] C:\Windows\System32\winnsi.dll
20:34:54.0004 4568 C:\Windows\System32\winnsi.dll - ok
20:34:54.0019 4568 [ 43D808F5D9E1A18E5EEB5EBC83969E4E ] C:\Windows\System32\dhcpcore.dll
20:34:54.0019 4568 C:\Windows\System32\dhcpcore.dll - ok
20:34:54.0038 4568 [ 3CC16A849E6092E43909F48EF0E60306 ] C:\Windows\System32\dhcpcore6.dll
20:34:54.0038 4568 C:\Windows\System32\dhcpcore6.dll - ok
20:34:54.0054 4568 [ B6C244055D019CAC3FE8298DAD973D6D ] C:\Windows\System32\atimuixx.dll
20:34:54.0054 4568 C:\Windows\System32\atimuixx.dll - ok
20:34:54.0066 4568 [ 16835866AAA693C7D7FCEBA8FFF706E4 ] C:\Windows\System32\dnsrslvr.dll
20:34:54.0067 4568 C:\Windows\System32\dnsrslvr.dll - ok
20:34:54.0082 4568 [ 5AA945234E9D4CCE4F715276B9AA712C ] C:\Windows\System32\imageres.dll
20:34:54.0083 4568 C:\Windows\System32\imageres.dll - ok
20:34:54.0098 4568 [ F9EC845C5EECF20E9A67F9F805F2EF1F ] C:\Windows\System32\keyiso.dll
20:34:54.0098 4568 C:\Windows\System32\keyiso.dll - ok
20:34:54.0113 4568 [ 87356377F31DA5F20A833811CD59499C ] C:\Windows\System32\eapphost.dll
20:34:54.0114 4568 C:\Windows\System32\eapphost.dll - ok
20:34:54.0128 4568 [ E2DDA8726DA9CB5B2C4000C9018A9633 ] C:\Windows\System32\eapsvc.dll
20:34:54.0128 4568 C:\Windows\System32\eapsvc.dll - ok
20:34:54.0160 4568 [ 0040C486584A8E582C861CFB57AB5387 ] C:\Windows\System32\FWPUCLNT.DLL
20:34:54.0160 4568 C:\Windows\System32\FWPUCLNT.DLL - ok
20:34:54.0175 4568 [ 9FCA3A84338ADEF2AFF67CDA46EF8539 ] C:\Windows\System32\umb.dll
20:34:54.0175 4568 C:\Windows\System32\umb.dll - ok
20:34:54.0185 4568 [ A648C4A06DE367065B24056D067B4460 ] C:\Windows\System32\wlanmsm.dll
20:34:54.0186 4568 C:\Windows\System32\wlanmsm.dll - ok
20:34:54.0203 4568 [ 06A1386B6E3A0CBC368665C1840906F4 ] C:\Windows\System32\wlansec.dll
20:34:54.0203 4568 C:\Windows\System32\wlansec.dll - ok
20:34:54.0219 4568 [ 885D0942E0F28DB90919BE3129ECF279 ] C:\Windows\System32\dnsext.dll
20:34:54.0219 4568 C:\Windows\System32\dnsext.dll - ok
20:34:54.0235 4568 [ 73FCB7919DEE80EE556F2E498594EBAE ] C:\Windows\System32\onex.dll
20:34:54.0235 4568 C:\Windows\System32\onex.dll - ok
20:34:54.0251 4568 [ F568F7C08458D69E4FCD8675BBB107E4 ] C:\Windows\System32\dhcpcsvc.dll
20:34:54.0251 4568 C:\Windows\System32\dhcpcsvc.dll - ok
20:34:54.0267 4568 [ 65522E77A1360DBC8D199DA3BF5EFFE4 ] C:\Windows\System32\eappprxy.dll
20:34:54.0267 4568 C:\Windows\System32\eappprxy.dll - ok
20:34:54.0316 4568 [ 3C06D5A929B798D0B13F6481242A0FD2 ] C:\Windows\System32\dhcpcsvc6.dll
20:34:54.0316 4568 C:\Windows\System32\dhcpcsvc6.dll - ok
20:34:54.0332 4568 [ 0D753307D274F3688BD21C377B616700 ] C:\Windows\System32\eappcfg.dll
20:34:54.0333 4568 C:\Windows\System32\eappcfg.dll - ok
20:34:54.0349 4568 [ 97E43F324BE1503CB2FFB058534688DA ] C:\Windows\System32\l2gpstore.dll
20:34:54.0349 4568 C:\Windows\System32\l2gpstore.dll - ok
20:34:54.0367 4568 [ 730BF204A595D5B6D7DC57A247CC741C ] C:\Windows\System32\wlgpclnt.dll
20:34:54.0367 4568 C:\Windows\System32\wlgpclnt.dll - ok
20:34:54.0384 4568 [ 7D5645EE0EA77D539828433D9B95F5EB ] C:\Windows\System32\WinSCard.dll
20:34:54.0384 4568 C:\Windows\System32\WinSCard.dll - ok
20:34:54.0400 4568 [ 7F1B4C6FF3B85F9ADF74055187B8A22C ] C:\Windows\System32\wlanutil.dll
20:34:54.0400 4568 C:\Windows\System32\wlanutil.dll - ok
20:34:54.0415 4568 [ 99B91C5D2FCEF218CAD3600ECB62A799 ] C:\Windows\System32\msxml6.dll
20:34:54.0415 4568 C:\Windows\System32\msxml6.dll - ok
20:34:54.0463 4568 [ ECAEC5FBBBEF8612AF0A866AFA5F7EF2 ] C:\Windows\System32\RTEEL64A.dll
20:34:54.0463 4568 C:\Windows\System32\RTEEL64A.dll - ok
20:34:54.0472 4568 [ A6286A6C7A1BBFCBA17AA54384A21D1C ] C:\Windows\System32\RTEED64A.dll
20:34:54.0473 4568 C:\Windows\System32\RTEED64A.dll - ok
20:34:54.0489 4568 [ AAF932B4011D14052955D4B212A4DA8D ] C:\Windows\System32\shsvcs.dll
20:34:54.0489 4568 C:\Windows\System32\shsvcs.dll - ok
20:34:54.0505 4568 [ 262F6592C3299C005FD6BEC90FC4463A ] C:\Windows\System32\schedsvc.dll
20:34:54.0505 4568 C:\Windows\System32\schedsvc.dll - ok
20:34:54.0522 4568 [ BC414631876B2F28B8DAB08E849C12C5 ] C:\Windows\System32\ktmw32.dll
20:34:54.0522 4568 C:\Windows\System32\ktmw32.dll - ok
20:34:54.0538 4568 [ 945E54F23C72D37B8CD1987AF0DB63BF ] C:\Windows\System32\fveapi.dll
20:34:54.0538 4568 C:\Windows\System32\fveapi.dll - ok
20:34:54.0549 4568 [ 891ECFD08E2C538B7948CBC45106D697 ] C:\Windows\System32\fvecerts.dll
20:34:54.0549 4568 C:\Windows\System32\fvecerts.dll - ok
20:34:54.0564 4568 [ 694865362F0965779F92BCFE97712323 ] C:\Windows\System32\tbs.dll
20:34:54.0565 4568 C:\Windows\System32\tbs.dll - ok
20:34:54.0601 4568 [ 6DC4A7242F565C9E9C9CCC7BB0FA75C7 ] C:\Windows\System32\taskcomp.dll
20:34:54.0601 4568 C:\Windows\System32\taskcomp.dll - ok
20:34:54.0617 4568 [ 82A27E52A96757803CCE2BB7793095EA ] C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{B1AD65C3-89D0-4093-9CC1-B3FC82BB674A}\mpasdlta.vdm
20:34:54.0617 4568 C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{B1AD65C3-89D0-4093-9CC1-B3FC82BB674A}\mpasdlta.vdm - ok
20:34:54.0633 4568 [ 8269210DAF3B12BC8300631B28A2A442 ] C:\Windows\System32\wiarpc.dll
20:34:54.0633 4568 C:\Windows\System32\wiarpc.dll - ok
20:34:54.0648 4568 [ 03706015DB44368375AEBE6339490E66 ] C:\Windows\System32\netcfgx.dll
20:34:54.0648 4568 C:\Windows\System32\netcfgx.dll - ok
20:34:54.0664 4568 [ 6A638FC4BFDDC4D9B186C28C91BD1A01 ] C:\Windows\System32\drivers\vwifimp.sys
20:34:54.0664 4568 C:\Windows\System32\drivers\vwifimp.sys - ok
20:34:54.0679 4568 [ 425800DD197C336EF1D6A3AC6428DEB3 ] C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{B1AD65C3-89D0-4093-9CC1-B3FC82BB674A}\mpavbase.vdm
20:34:54.0680 4568 C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{B1AD65C3-89D0-4093-9CC1-B3FC82BB674A}\mpavbase.vdm - ok
20:34:54.0695 4568 [ 0EA7DE1ACB728DD5A369FD742D6EEE28 ] C:\Windows\System32\drivers\http.sys
20:34:54.0695 4568 C:\Windows\System32\drivers\http.sys - ok
20:34:54.0721 4568 [ 85DAA09A98C9286D4EA2BA8D0E644377 ] C:\Windows\System32\spoolsv.exe
20:34:54.0721 4568 C:\Windows\System32\spoolsv.exe - ok
20:34:54.0739 4568 [ 82974D6A2FD19445CC5171FC378668A4 ] C:\Windows\System32\BFE.DLL
20:34:54.0739 4568 C:\Windows\System32\BFE.DLL - ok
20:34:54.0751 4568 [ 6C02A83164F5CC0A262F4199F0871CF5 ] C:\Windows\System32\drivers\bowser.sys
20:34:54.0751 4568 C:\Windows\System32\drivers\bowser.sys - ok
20:34:54.0767 4568 [ 6C38C9E45AE0EA2FA5E551F2ED5E978F ] C:\Windows\System32\drivers\mpsdrv.sys
20:34:54.0767 4568 C:\Windows\System32\drivers\mpsdrv.sys - ok
20:34:54.0792 4568 [ A5D9106A73DC88564C825D317CAC68AC ] C:\Windows\System32\drivers\mrxsmb.sys
20:34:54.0792 4568 C:\Windows\System32\drivers\mrxsmb.sys - ok
20:34:54.0810 4568 [ D711B3C1D5F42C0C2415687BE09FC163 ] C:\Windows\System32\drivers\mrxsmb10.sys
20:34:54.0810 4568 C:\Windows\System32\drivers\mrxsmb10.sys - ok
20:34:54.0831 4568 [ 9423E9D355C8D303E76B8CFBD8A5C30C ] C:\Windows\System32\drivers\mrxsmb20.sys
20:34:54.0831 4568 C:\Windows\System32\drivers\mrxsmb20.sys - ok
20:34:54.0848 4568 [ 851A1382EED3E3A7476DB004F4EE3E1A ] C:\Windows\System32\wkssvc.dll
20:34:54.0848 4568 C:\Windows\System32\wkssvc.dll - ok
20:34:54.0867 4568 [ 9C01375BE382E834CC26D1B7EAF2C4FE ] C:\Windows\System32\cryptsvc.dll
20:34:54.0867 4568 C:\Windows\System32\cryptsvc.dll - ok
20:34:54.0886 4568 [ B26F4F737E8F9DF4F31AF6CF31D05820 ] C:\Windows\System32\dps.dll
20:34:54.0886 4568 C:\Windows\System32\dps.dll - ok
20:34:54.0905 4568 [ 8792BAB371B4B1589E015B6FD1ED3B15 ] C:\Windows\System32\cryptnet.dll
20:34:54.0905 4568 C:\Windows\System32\cryptnet.dll - ok
20:34:54.0924 4568 [ 0E2F58F6E698EDCB9E58FAD0CBCD0567 ] C:\Windows\System32\vssapi.dll
20:34:54.0925 4568 C:\Windows\System32\vssapi.dll - ok
20:34:54.0942 4568 [ BAAFAF9CEAEC0B73C2A3550A01F6CECB ] C:\Windows\System32\taskschd.dll
20:34:54.0942 4568 C:\Windows\System32\taskschd.dll - ok
20:34:54.0959 4568 [ FCD84C381E0140AF901E58D48882D26B ] C:\Windows\System32\IKEEXT.DLL
20:34:54.0959 4568 C:\Windows\System32\IKEEXT.DLL - ok
20:34:54.0976 4568 [ 802496CB59A30349F9A6DD22D6947644 ] C:\Windows\System32\FDResPub.dll
20:34:54.0976 4568 C:\Windows\System32\FDResPub.dll - ok
20:34:54.0995 4568 [ F1B205F932F62F94506A5F332C895DAF ] C:\Windows\System32\WSDApi.dll
20:34:54.0995 4568 C:\Windows\System32\WSDApi.dll - ok
20:34:55.0018 4568 [ C55516D98DD5D8F0153C2A9B4227DA86 ] C:\Windows\System32\webservices.dll
20:34:55.0018 4568 C:\Windows\System32\webservices.dll - ok
20:34:55.0032 4568 [ 1ACAA67676E9E7BDA5E0C41B6E0DECAF ] C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
20:34:55.0033 4568 C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe - ok
20:34:55.0056 4568 [ E73B0F1819602CB6EF176FB78D76A47B ] C:\Windows\SysWOW64\ntdll.dll
20:34:55.0056 4568 C:\Windows\SysWOW64\ntdll.dll - ok
20:34:55.0072 4568 [ C67F8A962B2534224D5908D16D2AD3CE ] C:\Windows\System32\wfapigp.dll
20:34:55.0072 4568 C:\Windows\System32\wfapigp.dll - ok
20:34:55.0087 4568 [ 1834B31C749B86DAC233BBBA1C03BC48 ] C:\Windows\System32\mscms.dll
20:34:55.0087 4568 C:\Windows\System32\mscms.dll - ok
20:34:55.0103 4568 [ B5055B51BAA0FD0A736A88653DA3C1C0 ] C:\Windows\System32\fundisc.dll
20:34:55.0103 4568 C:\Windows\System32\fundisc.dll - ok
20:34:55.0119 4568 [ 77B5035BC6EDF4D1B6265391AECEE4C0 ] C:\Windows\System32\vpnikeapi.dll
20:34:55.0119 4568 C:\Windows\System32\vpnikeapi.dll - ok
20:34:55.0140 4568 [ 259EB5F7D95A29842B476C5B3EB6E186 ] C:\Windows\System32\wow64.dll
20:34:55.0140 4568 C:\Windows\System32\wow64.dll - ok
20:34:55.0157 4568 [ 5674E21E82CFBEA36DDAD5DB285D6DBC ] C:\Windows\System32\wow64win.dll
20:34:55.0157 4568 C:\Windows\System32\wow64win.dll - ok
20:34:55.0174 4568 [ 287923557447D7E4BDD7E65B1F0F5428 ] C:\Windows\System32\vsstrace.dll
20:34:55.0175 4568 C:\Windows\System32\vsstrace.dll - ok
20:34:55.0190 4568 [ 3EE3AA76D8AB6D5644C4C8F34471CEB3 ] C:\Windows\System32\wow64cpu.dll
20:34:55.0190 4568 C:\Windows\System32\wow64cpu.dll - ok
20:34:55.0206 4568 [ AC0B6F41882FC6ED186962D770EBF1D2 ] C:\Windows\SysWOW64\kernel32.dll
20:34:55.0206 4568 C:\Windows\SysWOW64\kernel32.dll - ok
20:34:55.0221 4568 [ 3AEAA8B561E63452C655DC0584922257 ] C:\Windows\System32\pcasvc.dll
20:34:55.0222 4568 C:\Windows\System32\pcasvc.dll - ok
20:34:55.0230 4568 [ 6313F223E817CC09AA41811DAA7F541D ] C:\Windows\System32\snmptrap.exe
20:34:55.0230 4568 C:\Windows\System32\snmptrap.exe - ok
20:34:55.0256 4568 [ 10EAB90C1AE8271B5FE5A8930987EE5C ] C:\Program Files\Windows Live\Mesh\WLRemoteServiceResource.dll
20:34:55.0256 4568 C:\Program Files\Windows Live\Mesh\WLRemoteServiceResource.dll - ok
20:34:55.0271 4568 [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB ] C:\Windows\System32\sstpsvc.dll
20:34:55.0271 4568 C:\Windows\System32\sstpsvc.dll - ok
20:34:55.0294 4568 [ 908ACB1F594274965A53926B10C81E89 ] C:\Windows\System32\provsvc.dll
20:34:55.0294 4568 C:\Windows\System32\provsvc.dll - ok
20:34:55.0310 4568 [ 58F4493BF748A3A89689997B7BD00E95 ] C:\Windows\System32\winhttp.dll
20:34:55.0311 4568 C:\Windows\System32\winhttp.dll - ok
20:34:55.0328 4568 [ 603EBD34E216C5654A2D774EAC98D278 ] C:\Windows\System32\webio.dll
20:34:55.0328 4568 C:\Windows\System32\webio.dll - ok
20:34:55.0343 4568 [ BCEA9AB347E53BC03B2E36BE0B8BA0EF ] C:\Windows\System32\httpapi.dll
20:34:55.0343 4568 C:\Windows\System32\httpapi.dll - ok
20:34:55.0363 4568 [ E954A79D6A754A5475582CACED1565E6 ] C:\Windows\SysWOW64\KernelBase.dll
20:34:55.0363 4568 C:\Windows\SysWOW64\KernelBase.dll - ok
20:34:55.0388 4568 [ 8624E0E2418413614EE1FECDB7B76B88 ] C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbam.dll
20:34:55.0388 4568 C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbam.dll - ok
20:34:55.0439 4568 [ 8CC3C111D653E96F3EA1590891491D71 ] C:\Windows\SysWOW64\shlwapi.dll
20:34:55.0439 4568 C:\Windows\SysWOW64\shlwapi.dll - ok
20:34:55.0456 4568 [ D6D3AD7BF1D6F6CE9547613ED5E170A2 ] C:\Windows\SysWOW64\gdi32.dll
20:34:55.0456 4568 C:\Windows\SysWOW64\gdi32.dll - ok
20:34:55.0471 4568 [ 5E0DB2D8B2750543CD2EBB9EA8E6CDD3 ] C:\Windows\SysWOW64\user32.dll
20:34:55.0471 4568 C:\Windows\SysWOW64\user32.dll - ok
20:34:55.0488 4568 [ 95E2376B3323F062EB562B8586D0F14A ] C:\Windows\SysWOW64\advapi32.dll
20:34:55.0488 4568 C:\Windows\SysWOW64\advapi32.dll - ok
20:34:55.0503 4568 [ 9DC80A8AAAAAC397BDAB3C67165A824E ] C:\Windows\SysWOW64\msvcrt.dll
20:34:55.0503 4568 C:\Windows\SysWOW64\msvcrt.dll - ok
20:34:55.0519 4568 [ CFC97F07904067A1E5FAE195D534DA3A ] C:\Windows\SysWOW64\sechost.dll
20:34:55.0519 4568 C:\Windows\SysWOW64\sechost.dll - ok
20:34:55.0536 4568 [ C5AD8083CF94201F1F8084ECC696A8B7 ] C:\Windows\SysWOW64\rpcrt4.dll
20:34:55.0536 4568 C:\Windows\SysWOW64\rpcrt4.dll - ok
20:34:55.0608 4568 [ F08F6FCD09F9BE94C37ACC1B344685FF ] C:\Windows\SysWOW64\cryptbase.dll
20:34:55.0608 4568 C:\Windows\SysWOW64\cryptbase.dll - ok
20:34:55.0624 4568 [ 384721EF4024890092625E20CADFAF85 ] C:\Windows\SysWOW64\lpk.dll
20:34:55.0625 4568 C:\Windows\SysWOW64\lpk.dll - ok
20:34:55.0640 4568 [ EDA7AD21DF8945528F01F0A86D69E524 ] C:\Windows\SysWOW64\sspicli.dll
20:34:55.0640 4568 C:\Windows\SysWOW64\sspicli.dll - ok
20:34:55.0657 4568 [ B7230010D97787AF3D25E4C82F2B06B9 ] C:\Windows\SysWOW64\usp10.dll
20:34:55.0657 4568 C:\Windows\SysWOW64\usp10.dll - ok
20:34:55.0673 4568 [ 29E9794708DF51DB5DC89FB2E903A0F6 ] C:\Windows\SysWOW64\shell32.dll
20:34:55.0674 4568 C:\Windows\SysWOW64\shell32.dll - ok
20:34:55.0689 4568 [ 702254574E7E52052DE39408457B7149 ] C:\Windows\SysWOW64\version.dll
20:34:55.0689 4568 C:\Windows\SysWOW64\version.dll - ok
20:34:55.0705 4568 [ D4467A285C91752018F67CDBA8680BAB ] C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamnet.dll
20:34:55.0705 4568 C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamnet.dll - ok
20:34:55.0737 4568 [ 60D21799A4AF4EDCE65FB98830E4B0C8 ] C:\Windows\SysWOW64\crypt32.dll
20:34:55.0737 4568 C:\Windows\SysWOW64\crypt32.dll - ok
20:34:55.0748 4568 [ A90DC9ABD65DB1A8902F361103029952 ] C:\Windows\SysWOW64\IPHLPAPI.DLL
20:34:55.0748 4568 C:\Windows\SysWOW64\IPHLPAPI.DLL - ok
20:34:55.0782 4568 [ 938F39B50BAFE13D6F58C7790682C010 ] C:\Windows\SysWOW64\msasn1.dll
20:34:55.0783 4568 C:\Windows\SysWOW64\msasn1.dll - ok
20:34:55.0801 4568 [ 6377051C63D5552A311935C67E9FDFDC ] C:\Windows\SysWOW64\nsi.dll
20:34:55.0801 4568 C:\Windows\SysWOW64\nsi.dll - ok
20:34:55.0816 4568 [ CFF35B879D1618D42C86644C717BA947 ] C:\Windows\SysWOW64\winnsi.dll
20:34:55.0817 4568 C:\Windows\SysWOW64\winnsi.dll - ok
20:34:55.0829 4568 [ 7FF15A4F092CD4A96055BA69F903E3E9 ] C:\Windows\SysWOW64\ws2_32.dll
20:34:55.0829 4568 C:\Windows\SysWOW64\ws2_32.dll - ok
20:34:55.0835 4568 [ D15618A0FF8DBC2C5BF3726BACC75A0B ] C:\Windows\SysWOW64\userenv.dll
20:34:55.0835 4568 C:\Windows\SysWOW64\userenv.dll - ok
20:34:55.0855 4568 [ 6A6B2EE4565A178035BE2A4FF6F2C968 ] C:\Windows\SysWOW64\wtsapi32.dll
20:34:55.0855 4568 C:\Windows\SysWOW64\wtsapi32.dll - ok
20:34:55.0865 4568 [ C733D233B623B7FFCE5031E4B756EE26 ] C:\Windows\SysWOW64\profapi.dll
20:34:55.0865 4568 C:\Windows\SysWOW64\profapi.dll - ok
20:34:55.0885 4568 [ A6F09E5669D9A19035F6D942CAA15882 ] C:\Windows\SysWOW64\imm32.dll
20:34:55.0885 4568 C:\Windows\SysWOW64\imm32.dll - ok
20:34:55.0905 4568 [ C9618BC9B2B0FD7C1138D8774795A79B ] C:\Windows\SysWOW64\msctf.dll
20:34:55.0905 4568 C:\Windows\SysWOW64\msctf.dll - ok
20:34:55.0925 4568 [ F10E5311E5093FA3C00FF88C54C32FCA ] C:\Windows\SysWOW64\atl.dll
20:34:55.0925 4568 C:\Windows\SysWOW64\atl.dll - ok
20:34:55.0946 4568 [ 03728C624D05C2F157BBD46F6B7F6EA0 ] C:\Windows\SysWOW64\wininet.dll
20:34:55.0946 4568 C:\Windows\SysWOW64\wininet.dll - ok
20:34:55.0964 4568 [ 73BDB1C0801D44BEA5F6749FD340CC0F ] C:\Windows\SysWOW64\iertutil.dll
20:34:55.0965 4568 C:\Windows\SysWOW64\iertutil.dll - ok
20:34:55.0990 4568 [ 180D098704551DE37C6299AA888D6821 ] C:\Windows\SysWOW64\urlmon.dll
20:34:55.0990 4568 C:\Windows\SysWOW64\urlmon.dll - ok
20:34:56.0000 4568 [ 928CF7268086631F54C3D8E17238C6DD ] C:\Windows\SysWOW64\ole32.dll
20:34:56.0000 4568 C:\Windows\SysWOW64\ole32.dll - ok
20:34:56.0021 4568 [ 6C765E82B57F2E66CE9C54AC238471D9 ] C:\Windows\SysWOW64\oleaut32.dll
20:34:56.0021 4568 C:\Windows\SysWOW64\oleaut32.dll - ok
20:34:56.0037 4568 [ D5AEFAD57C08349A4393D987DF7C715D ] C:\Windows\SysWOW64\winmm.dll
20:34:56.0037 4568 C:\Windows\SysWOW64\winmm.dll - ok
20:34:56.0049 4568 [ 7321F18D1F820612ED0E9F2D4B578A7E ] C:\Windows\SysWOW64\cryptsp.dll
20:34:56.0049 4568 C:\Windows\SysWOW64\cryptsp.dll - ok
20:34:56.0064 4568 [ 916B8954AC3E06DC9E898AFFB41F3FB6 ] C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
20:34:56.0065 4568 C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe - ok
20:34:56.0082 4568 [ ED8EC63F7522DF4852147C84EC62C36A ] C:\Windows\SysWOW64\rsaenh.dll
20:34:56.0082 4568 C:\Windows\SysWOW64\rsaenh.dll - ok
20:34:56.0098 4568 [ 4BE1DCAD76BE96D1EC887A41E570C404 ] C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamcore.dll
20:34:56.0098 4568 C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamcore.dll - ok
20:34:56.0118 4568 [ CA74F949EF96D1B829DB7B1B894AAF0C ] C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{B1AD65C3-89D0-4093-9CC1-B3FC82BB674A}\mpavdlta.vdm
20:34:56.0118 4568 C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{B1AD65C3-89D0-4093-9CC1-B3FC82BB674A}\mpavdlta.vdm - ok
20:34:56.0140 4568 [ B9A8CBCFCD3EC9D2EA4740AF347BF108 ] C:\Windows\SysWOW64\mpr.dll
20:34:56.0141 4568 C:\Windows\SysWOW64\mpr.dll - ok
20:34:56.0162 4568 [ 17448AF0BBA9E7AB5EC955AF93F271BD ] C:\Windows\SysWOW64\wintrust.dll
20:34:56.0165 4568 C:\Windows\SysWOW64\wintrust.dll - ok
20:34:56.0183 4568 [ A543AC1F7138376D778D630A35FCBC4C ] C:\Windows\SysWOW64\psapi.dll
20:34:56.0183 4568 C:\Windows\SysWOW64\psapi.dll - ok
20:34:56.0200 4568 [ 847D3AE376C0817161A14A82C8922A9E ] C:\Windows\System32\netman.dll
20:34:56.0200 4568 C:\Windows\System32\netman.dll - ok
20:34:56.0218 4568 [ 8AD77806D336673F270DB31645267293 ] C:\Windows\System32\nlasvc.dll
20:34:56.0219 4568 C:\Windows\System32\nlasvc.dll - ok
20:34:56.0230 4568 [ 1727B2A2F379A32B864C096FA794AADC ] C:\Windows\System32\aepic.dll
20:34:56.0231 4568 C:\Windows\System32\aepic.dll - ok
20:34:56.0249 4568 [ D4FAC263861BAE06971C7F7D0A8EBF15 ] C:\Windows\System32\ncsi.dll
20:34:56.0249 4568 C:\Windows\System32\ncsi.dll - ok
20:34:56.0264 4568 [ 2BBF3FDB70B8965DFA0258CBAB41ECCE ] C:\Windows\System32\ssdpapi.dll
20:34:56.0264 4568 C:\Windows\System32\ssdpapi.dll - ok
20:34:56.0288 4568 [ 68769C3356B3BE5D1C732C97B9A80D6E ] C:\Windows\System32\drivers\PEAuth.sys
20:34:56.0289 4568 C:\Windows\System32\drivers\PEAuth.sys - ok
20:34:56.0309 4568 [ C6DCD1D11ED6827F05C00773C3E7053C ] C:\Windows\System32\sfc.dll
20:34:56.0309 4568 C:\Windows\System32\sfc.dll - ok
20:34:56.0321 4568 [ 895C9AB0A855547445C4181195230757 ] C:\Windows\System32\sfc_os.dll
20:34:56.0321 4568 C:\Windows\System32\sfc_os.dll - ok
20:34:56.0337 4568 [ 3EA8A16169C26AFBEB544E0E48421186 ] C:\Windows\System32\drivers\secdrv.sys
20:34:56.0338 4568 C:\Windows\System32\drivers\secdrv.sys - ok
20:34:56.0359 4568 [ 27E461F0BE5BFF5FC737328F749538C3 ] C:\Windows\System32\drivers\srvnet.sys
20:34:56.0359 4568 C:\Windows\System32\drivers\srvnet.sys - ok
20:34:56.0372 4568 [ BC617A4E1B4FA8DF523A061739A0BD87 ] C:\Windows\System32\seclogon.dll
20:34:56.0373 4568 C:\Windows\System32\seclogon.dll - ok
20:34:56.0388 4568 [ BF9CCC0BF39B418C8D0AE8B05CF95B7D ] C:\Windows\System32\sysmain.dll
20:34:56.0389 4568 C:\Windows\System32\sysmain.dll - ok
20:34:56.0405 4568 [ 40F0849F65D13EE87B9A9AE3C1DD6823 ] C:\Windows\System32\tapisrv.dll
20:34:56.0406 4568 C:\Windows\System32\tapisrv.dll - ok
20:34:56.0422 4568 [ 8DD52E8E6128F4B2DA92CE27402871C1 ] C:\Windows\System32\wiaservc.dll
20:34:56.0423 4568 C:\Windows\System32\wiaservc.dll - ok
20:34:56.0440 4568 [ 1B16D0BD9841794A6E0CDE0CEF744ABC ] C:\Windows\System32\drivers\tcpipreg.sys
20:34:56.0440 4568 C:\Windows\System32\drivers\tcpipreg.sys - ok
20:34:56.0457 4568 [ 0B4734AE9EC70B843DF02E7B1C056377 ] C:\Windows\System32\ThpSrv.exe
20:34:56.0457 4568 C:\Windows\System32\ThpSrv.exe - ok
20:34:56.0473 4568 [ 0364256B4A2A93A8C8CDA6B3B5A0EFF5 ] C:\Windows\System32\wiatrace.dll
20:34:56.0473 4568 C:\Windows\System32\wiatrace.dll - ok
20:34:56.0517 4568 [ 8E2C799D3476EAC32C3BA0DF7CE6AF19 ] C:\Windows\System32\TODDSrv.exe
20:34:56.0517 4568 C:\Windows\System32\TODDSrv.exe - ok
20:34:56.0535 4568 [ 1C73689B900428C7D054A41C4687F55C ] C:\Program Files\TOSHIBA\Power Saver\TosCoSrv.exe
20:34:56.0535 4568 C:\Program Files\TOSHIBA\Power Saver\TosCoSrv.exe - ok
20:34:56.0553 4568 [ 3EAE925DCD7D2704982BBCA4DC7EAE7E ] C:\Program Files\TOSHIBA\Power Saver\TPwrReg.dll
20:34:56.0553 4568 C:\Program Files\TOSHIBA\Power Saver\TPwrReg.dll - ok
20:34:56.0571 4568 [ D1103CFC8D7EA09ED22536EC301603F9 ] C:\Program Files\TOSHIBA\Power Saver\TPwrFunc.dll
20:34:56.0571 4568 C:\Program Files\TOSHIBA\Power Saver\TPwrFunc.dll - ok
20:34:56.0589 4568 [ 210FCACAF902B2CD47CF9FD17D846146 ] C:\Windows\System32\aeevts.dll
20:34:56.0589 4568 C:\Windows\System32\aeevts.dll - ok
20:34:56.0606 4568 [ DF5246F51E8557E20D40B3641CAE57B7 ] C:\Program Files\TOSHIBA\Power Saver\TtosFunc.dll
20:34:56.0606 4568 C:\Program Files\TOSHIBA\Power Saver\TtosFunc.dll - ok
20:34:56.0622 4568 [ 0015ACFBBDD164A8A730009908868CA7 ] C:\Windows\System32\winspool.drv
20:34:56.0623 4568 C:\Windows\System32\winspool.drv - ok
20:34:56.0647 4568 [ 7E7AFD841694F6AC397E99D75CEAD49D ] C:\Windows\System32\trkwks.dll
20:34:56.0647 4568 C:\Windows\System32\trkwks.dll - ok
20:34:56.0663 4568 [ 19B07E7E8915D701225DA41CB3877306 ] C:\Windows\System32\wbem\WMIsvc.dll
20:34:56.0663 4568 C:\Windows\System32\wbem\WMIsvc.dll - ok
20:34:56.0678 4568 [ 2BACD71123F42CEA603F4E205E1AE337 ] C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
20:34:56.0678 4568 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE - ok
20:34:56.0695 4568 [ 7DB5AA22A8A8E5C2D335F44853C1F6DE ] C:\Windows\System32\wbemcomn.dll
20:34:56.0695 4568 C:\Windows\System32\wbemcomn.dll - ok
20:34:56.0710 4568 [ 0C52762C606BCF6A377D5E4688191A6B ] C:\Windows\System32\wbem\WmiDcPrv.dll
20:34:56.0710 4568 C:\Windows\System32\wbem\WmiDcPrv.dll - ok
20:34:56.0762 4568 [ A3F5E8EC1316C3E2562B82694A251C9E ] C:\Windows\System32\wbem\fastprox.dll
20:34:56.0762 4568 C:\Windows\System32\wbem\fastprox.dll - ok
20:34:56.0775 4568 [ 93812FDC01AA864195816CD814445F95 ] C:\Program Files\Common Files\Microsoft Shared\Windows Live\SQMAPI.DLL
20:34:56.0776 4568 C:\Program Files\Common Files\Microsoft Shared\Windows Live\SQMAPI.DLL - ok
20:34:56.0811 4568 [ B837D1528CE2E3CB79F09496BC08DDC6 ] C:\Windows\System32\SensApi.dll
20:34:56.0811 4568 C:\Windows\System32\SensApi.dll - ok
20:34:56.0834 4568 [ EE26D130808D16C0E417BBBED0451B34 ] C:\Windows\System32\ntdsapi.dll
20:34:56.0834 4568 C:\Windows\System32\ntdsapi.dll - ok
20:34:56.0854 4568 [ 0255C22D99602534F15CBB8D9B6F152F ] C:\Windows\System32\wbem\WinMgmtR.dll
20:34:56.0854 4568 C:\Windows\System32\wbem\WinMgmtR.dll - ok
20:34:56.0873 4568 [ 9689A9C7F7C2A1A423CDA2C3B43FFF65 ] C:\Windows\System32\wer.dll
20:34:56.0873 4568 C:\Windows\System32\wer.dll - ok
20:34:56.0890 4568 [ 666A60F6F5E719856FF6254E0966EFF7 ] C:\Windows\System32\wbem\wbemprox.dll
20:34:56.0890 4568 C:\Windows\System32\wbem\wbemprox.dll - ok
20:34:56.0910 4568 [ 08C2957BB30058E663720C5606885653 ] C:\Windows\System32\iphlpsvc.dll
20:34:56.0910 4568 C:\Windows\System32\iphlpsvc.dll - ok
20:34:56.0922 4568 [ 27B9E163740A226B65E4B9E186117911 ] C:\Windows\System32\sqmapi.dll
20:34:56.0922 4568 C:\Windows\System32\sqmapi.dll - ok
20:34:56.0950 4568 [ 7B38D7916A7CD058C16A0A6CA5077901 ] C:\Windows\System32\wdscore.dll
20:34:56.0950 4568 C:\Windows\System32\wdscore.dll - ok
20:34:56.0965 4568 [ B4ADEBBF5E3677CCE9651E0F01F7CC28 ] C:\Windows\System32\drivers\srv2.sys
20:34:56.0966 4568 C:\Windows\System32\drivers\srv2.sys - ok
20:34:56.0980 4568 [ EE867A0870FC9E4972BA9EAAD35651E2 ] C:\Windows\System32\rasmans.dll
20:34:56.0980 4568 C:\Windows\System32\rasmans.dll - ok
20:34:56.0995 4568 [ 441FBA48BFF01FDB9D5969EBC1838F0B ] C:\Windows\System32\drivers\srv.sys
20:34:56.0996 4568 C:\Windows\System32\drivers\srv.sys - ok
20:34:57.0018 4568 [ D9F42719019740BAA6D1C6D536CBDAA6 ] C:\Windows\System32\srvsvc.dll
20:34:57.0018 4568 C:\Windows\System32\srvsvc.dll - ok
20:34:57.0038 4568 [ 05F5A0D14A2EE1D8255C2AA0E9E8E694 ] C:\Windows\System32\browser.dll
20:34:57.0038 4568 C:\Windows\System32\browser.dll - ok
20:34:57.0090 4568 [ CFEFA40DDE34659BE5211966EAD86437 ] C:\Windows\System32\netmsg.dll
20:34:57.0090 4568 C:\Windows\System32\netmsg.dll - ok
20:34:57.0101 4568 [ 5EB55F661DEBF156E126160BCD4D89F8 ] C:\Windows\System32\wbem\wbemcore.dll
20:34:57.0102 4568 C:\Windows\System32\wbem\wbemcore.dll - ok
20:34:57.0117 4568 [ 087D8668C71634A3A3761135ABF16EEE ] C:\Windows\System32\wbem\esscli.dll
20:34:57.0117 4568 C:\Windows\System32\wbem\esscli.dll - ok
20:34:57.0133 4568 [ 718B6F51AB7F6FE2988A36868F9AD3AB ] C:\Windows\System32\wbem\wbemsvc.dll
20:34:57.0133 4568 C:\Windows\System32\wbem\wbemsvc.dll - ok
20:34:57.0148 4568 [ 44C96B48112EB24AE7764EBF1C527000 ] C:\Windows\System32\rastapi.dll
20:34:57.0148 4568 C:\Windows\System32\rastapi.dll - ok
20:34:57.0163 4568 [ FAFAE01E889DC9C05A6CA2138CFC220B ] C:\Windows\System32\tapi32.dll
20:34:57.0163 4568 C:\Windows\System32\tapi32.dll - ok
20:34:57.0178 4568 [ 079FD1D59EAD19270C979AF174D881A3 ] C:\ProgramData\Microsoft\IdentityCRL\production\ppcrlconfig600.dll
20:34:57.0178 4568 C:\ProgramData\Microsoft\IdentityCRL\production\ppcrlconfig600.dll - ok
20:34:57.0193 4568 [ 371948BC5911ABA06168FAC91ED25F06 ] C:\Windows\System32\msxml3.dll
20:34:57.0194 4568 C:\Windows\System32\msxml3.dll - ok
20:34:57.0240 4568 [ 0143DB80DACFB7C2B5B7009ED9063353 ] C:\Windows\System32\wbem\wmiutils.dll
20:34:57.0240 4568 C:\Windows\System32\wbem\wmiutils.dll - ok
20:34:57.0255 4568 [ 0AB34456654C283DAA13B8D2BA21439B ] C:\Windows\System32\wbem\repdrvfs.dll
20:34:57.0255 4568 C:\Windows\System32\wbem\repdrvfs.dll - ok
20:34:57.0270 4568 [ FF80CAD87555E8E4D2CFD7B9058343F8 ] C:\Windows\System32\sscore.dll
20:34:57.0270 4568 C:\Windows\System32\sscore.dll - ok
20:34:57.0279 4568 [ 81749E073AC5857B044A686B406E5244 ] C:\Windows\System32\clusapi.dll
20:34:57.0280 4568 C:\Windows\System32\clusapi.dll - ok
20:34:57.0297 4568 [ 344FCC9850C3A8A3B4D3C65151AF8E4C ] C:\Windows\System32\resutils.dll
20:34:57.0297 4568 C:\Windows\System32\resutils.dll - ok
20:34:57.0310 4568 [ 2A46FFE841EC43001D5A293A54DB34DE ] C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
20:34:57.0310 4568 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE - ok
20:34:57.0332 4568 [ D2A0FFA75AB181B19B5EB93BB29C7686 ] C:\Windows\System32\unimdm.tsp
20:34:57.0332 4568 C:\Windows\System32\unimdm.tsp - ok
20:34:57.0343 4568 [ 3B367397320C26DBA890B260F80D1B1B ] C:\Windows\System32\hnetcfg.dll
20:34:57.0343 4568 C:\Windows\System32\hnetcfg.dll - ok
20:34:57.0370 4568 [ DDD0357A92FA843EFF8915ED17253D6C ] C:\Windows\System32\wbem\WmiPrvSD.dll
20:34:57.0370 4568 C:\Windows\System32\wbem\WmiPrvSD.dll - ok
20:34:57.0393 4568 [ 94B7DF336815B47236724019FAB24B7C ] C:\Windows\System32\uniplat.dll
20:34:57.0393 4568 C:\Windows\System32\uniplat.dll - ok
20:34:57.0411 4568 [ D41FEBD098234F02485A4EA98D4730A4 ] C:\Windows\System32\ncobjapi.dll
20:34:57.0411 4568 C:\Windows\System32\ncobjapi.dll - ok
20:34:57.0429 4568 [ 7C1BAE7D23D4874FEE256A2B9C00E019 ] C:\Windows\System32\hidphone.tsp
20:34:57.0429 4568 C:\Windows\System32\hidphone.tsp - ok
20:34:57.0441 4568 [ 41326DD08ACC0CDC5F8177AF96C066E8 ] C:\Windows\System32\kmddsp.tsp
20:34:57.0441 4568 C:\Windows\System32\kmddsp.tsp - ok
20:34:57.0466 4568 [ 1D6BC2769DA66C1145F4DA5A65F52E61 ] C:\Windows\System32\ndptsp.tsp
20:34:57.0466 4568 C:\Windows\System32\ndptsp.tsp - ok
20:34:57.0491 4568 [ 6F40D6FB05E0C1E5402812B426971AF0 ] C:\Windows\System32\wbem\wbemess.dll
20:34:57.0491 4568 C:\Windows\System32\wbem\wbemess.dll - ok
20:34:57.0507 4568 [ AFB5B500AD69E24ED1BC15D1161641EF ] C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL
20:34:57.0507 4568 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL - ok
20:34:57.0523 4568 [ 88351B29B622B30962D2FEB6CA8D860B ] C:\Windows\System32\rasadhlp.dll
20:34:57.0523 4568 C:\Windows\System32\rasadhlp.dll - ok
20:34:57.0533 4568 [ A717A35120DBAB5AB707AB40662AF9DD ] C:\Windows\System32\rasppp.dll
20:34:57.0533 4568 C:\Windows\System32\rasppp.dll - ok
20:34:57.0549 4568 [ 45CFBFA8EDC3DF4E2B7FB0D0260FE051 ] C:\Windows\System32\localspl.dll
20:34:57.0549 4568 C:\Windows\System32\localspl.dll - ok
20:34:57.0564 4568 [ 0FE5CD5F9C9248F42D1EF56E495B182E ] C:\Windows\System32\vpnike.dll
20:34:57.0564 4568 C:\Windows\System32\vpnike.dll - ok
20:34:57.0579 4568 [ 6A84E68B538B8B04608BF2F0D426CE6F ] C:\Windows\System32\raschap.dll
20:34:57.0579 4568 C:\Windows\System32\raschap.dll - ok
20:34:57.0594 4568 [ 3285481F5C12305CA104A6C493CA5A0B ] C:\Windows\System32\spoolss.dll
20:34:57.0594 4568 C:\Windows\System32\spoolss.dll - ok
20:34:57.0611 4568 [ E3BF12C68F844E689D1A9D7E6B54742A ] C:\Program Files\Microsoft Security Client\MpAsDesc.dll
20:34:57.0611 4568 C:\Program Files\Microsoft Security Client\MpAsDesc.dll - ok
20:34:57.0626 4568 [ C5AC93CF3BA30D367FB49148A2B673B9 ] C:\Windows\System32\PrintIsolationProxy.dll
20:34:57.0627 4568 C:\Windows\System32\PrintIsolationProxy.dll - ok
20:34:57.0642 4568 [ 0BEB0C931BC24F610EE87179F31A8A42 ] C:\Program Files\Microsoft Security Client\MpCmdRun.exe
20:34:57.0643 4568 C:\Program Files\Microsoft Security Client\MpCmdRun.exe - ok
20:34:57.0657 4568 [ B95F6501A2F8B2E78C697FEC401970CE ] C:\Windows\System32\ipnathlp.dll
20:34:57.0657 4568 C:\Windows\System32\ipnathlp.dll - ok
20:34:57.0672 4568 [ 2DF29664ED261F0FC448E58F338F0671 ] C:\Windows\System32\mprapi.dll
20:34:57.0672 4568 C:\Windows\System32\mprapi.dll - ok
20:34:57.0688 4568 [ A42F2C1EB3B66C54FB3C7B79D30C1A6D ] C:\Windows\System32\netshell.dll
20:34:57.0688 4568 C:\Windows\System32\netshell.dll - ok
20:34:57.0703 4568 [ 218A400108F280428FA22282D3268BBC ] C:\Windows\System32\wscapi.dll
20:34:57.0703 4568 C:\Windows\System32\wscapi.dll - ok
20:34:57.0727 4568 [ 1BCDB508143B517F21BBDAC10F5777BF ] C:\Windows\System32\conhost.exe
20:34:57.0728 4568 C:\Windows\System32\conhost.exe - ok
20:34:57.0743 4568 [ FA43D418BC945D27D0625B697B8442B5 ] C:\Windows\System32\cabinet.dll
20:34:57.0743 4568 C:\Windows\System32\cabinet.dll - ok
20:34:57.0781 4568 [ 5F552F1DD619482E9F37A17914B0B5CD ] C:\Windows\System32\KMPJL64.DLL
20:34:57.0781 4568 C:\Windows\System32\KMPJL64.DLL - ok
20:34:57.0798 4568 [ 19E41CCCEE697CC9465396B370929792 ] C:\Windows\System32\FXSMON.dll
20:34:57.0799 4568 C:\Windows\System32\FXSMON.dll - ok
20:34:57.0815 4568 [ 32A3C8600AF124CBAAD845F13CFAE3CB ] C:\Windows\System32\tcpmon.dll
20:34:57.0816 4568 C:\Windows\System32\tcpmon.dll - ok
20:34:57.0833 4568 [ 92E0508D924512F63FFEEFE498CBD11F ] C:\Windows\System32\p2pcollab.dll
20:34:57.0833 4568 C:\Windows\System32\p2pcollab.dll - ok
20:34:57.0853 4568 [ 93518C6EDE0B61BCBD02BDB02BD05FEE ] C:\Windows\System32\snmpapi.dll
20:34:57.0854 4568 C:\Windows\System32\snmpapi.dll - ok
20:34:57.0868 4568 [ FFF9D00CF16397C64317F213484F94BD ] C:\Windows\System32\wsnmp32.dll
20:34:57.0868 4568 C:\Windows\System32\wsnmp32.dll - ok
20:34:57.0884 4568 [ 582AC6D9873E31DFA28A4547270862DD ] C:\Windows\System32\QAGENTRT.DLL
20:34:57.0884 4568 C:\Windows\System32\QAGENTRT.DLL - ok
20:34:57.0899 4568 [ DF72A9936D0C3F517083119648814B09 ] C:\Windows\System32\usbmon.dll
20:34:57.0899 4568 C:\Windows\System32\usbmon.dll - ok
20:34:57.0914 4568 [ A1D7E3ADCDB07DDB6F423862DCB1A52B ] C:\Windows\System32\WSDMon.dll
20:34:57.0915 4568 C:\Windows\System32\WSDMon.dll - ok
20:34:57.0929 4568 [ 4581716B4BF76ACFD8E167EB0B26D82A ] C:\Windows\System32\fdPnp.dll
20:34:57.0930 4568 C:\Windows\System32\fdPnp.dll - ok
20:34:57.0945 4568 [ 1D626FE2E13C1CE49CA0136CFF214E93 ] C:\Windows\System32\spool\prtprocs\x64\winprint.dll
20:34:57.0945 4568 C:\Windows\System32\spool\prtprocs\x64\winprint.dll - ok
20:34:57.0967 4568 [ 0353B239C28B0E9EBC7FA3D1F6181661 ] C:\Windows\System32\win32spl.dll
20:34:57.0967 4568 C:\Windows\System32\win32spl.dll - ok
20:34:57.0984 4568 [ 506A83A3BEEE9FCA09F0170DE9FC7D1B ] C:\Windows\System32\fveui.dll
20:34:57.0984 4568 C:\Windows\System32\fveui.dll - ok
20:34:57.0998 4568 [ 507D5567A0A4EE86C4B0CE2CE1777025 ] C:\Windows\System32\inetpp.dll
20:34:57.0999 4568 C:\Windows\System32\inetpp.dll - ok
20:34:58.0015 4568 [ A8EDB86FC2A4D6D1285E4C70384AC35A ] C:\Windows\System32\dllhost.exe
20:34:58.0016 4568 C:\Windows\System32\dllhost.exe - ok
20:34:58.0027 4568 [ 14DFDEAF4E589ED3F1FF187A86B9408C ] C:\Windows\winsxs\amd64_microsoft.windows.common-controls_6595b64144ccf1df_5.82.7601.17514_none_a4d6a923711520a9\comctl32.dll
20:34:58.0027 4568 C:\Windows\winsxs\amd64_microsoft.windows.common-controls_6595b64144ccf1df_5.82.7601.17514_none_a4d6a923711520a9\comctl32.dll - ok
20:34:58.0037 4568 [ 577D0DC85524A16FE29D7956B22974C4 ] C:\Program Files\Microsoft Security Client\MsseWat.dll
20:34:58.0037 4568 C:\Program Files\Microsoft Security Client\MsseWat.dll - ok
20:34:58.0052 4568 [ A0A2C1D812C231C9BFE119FDC68E341B ] C:\Windows\System32\IDStore.dll
20:34:58.0053 4568 C:\Windows\System32\IDStore.dll - ok
20:34:58.0068 4568 [ B6D6886149573278CBA6ABD44C4317F5 ] C:\Windows\System32\slwga.dll
20:34:58.0068 4568 C:\Windows\System32\slwga.dll - ok
20:34:58.0091 4568 [ DB76DB15EFC6E4D1153A6C5BC895948D ] C:\Windows\System32\sppc.dll
20:34:58.0091 4568 C:\Windows\System32\sppc.dll - ok
20:34:58.0108 4568 [ 1BF0CB861A48FEB1638228760750F3CB ] C:\Windows\System32\cscapi.dll
20:34:58.0108 4568 C:\Windows\System32\cscapi.dll - ok
20:34:58.0123 4568 [ BF1FC3F79B863C914687A737C2F3D681 ] C:\Windows\System32\wdi.dll
20:34:58.0124 4568 C:\Windows\System32\wdi.dll - ok
20:34:58.0140 4568 [ 639774C9ACD063F028F6084ABF5593AD ] C:\Windows\System32\taskhost.exe
20:34:58.0140 4568 C:\Windows\System32\taskhost.exe - ok
20:34:58.0156 4568 [ 162100E0BC8377710F9D170631921C03 ] C:\Windows\System32\drivers\NisDrvWFP.sys
20:34:58.0156 4568 C:\Windows\System32\drivers\NisDrvWFP.sys - ok
20:34:58.0172 4568 [ D8DAD1E59B580BE2F5C079BCCE33EA96 ] C:\Windows\System32\KBDKOR.DLL
20:34:58.0172 4568 C:\Windows\System32\KBDKOR.DLL - ok
20:34:58.0188 4568 [ 4F5A3681A762FBCCC5A02D2DB3A04A79 ] C:\Windows\System32\kbd101a.dll
20:34:58.0188 4568 C:\Windows\System32\kbd101a.dll - ok
20:34:58.0206 4568 [ 06F85BA017A3D9B955AC7A00525ACF6B ] C:\Windows\System32\kbd103.dll
20:34:58.0206 4568 C:\Windows\System32\kbd103.dll - ok
20:34:58.0218 4568 [ C6E15F2F95F9C0A6098D43510B604E52 ] C:\Program Files\Microsoft Security Client\NisSrv.exe
20:34:58.0218 4568 C:\Program Files\Microsoft Security Client\NisSrv.exe - ok
20:34:58.0235 4568 [ F7073C962C4FB7C415565DDE109DE49F ] C:\Windows\System32\npmproxy.dll
20:34:58.0235 4568 C:\Windows\System32\npmproxy.dll - ok
20:34:58.0250 4568 [ 65EA57712340C09B1B0C427B4848AE05 ] C:\Windows\System32\taskeng.exe
20:34:58.0250 4568 C:\Windows\System32\taskeng.exe - ok
20:34:58.0266 4568 [ 23566F9723771108D2E6CD768AC27407 ] C:\Windows\System32\AtBroker.exe
20:34:58.0266 4568 C:\Windows\System32\AtBroker.exe - ok
20:34:58.0283 4568 [ 6BF27D309C6077F1E8A7747B49F7B17F ] C:\Program Files\Microsoft Security Client\NisLog.dll
20:34:58.0284 4568 C:\Program Files\Microsoft Security Client\NisLog.dll - ok
20:34:58.0294 4568 [ 79AFFC7FEEA9CD2FEFEA5EF3B631A02C ] C:\Windows\System32\ndiscapCfg.dll
20:34:58.0294 4568 C:\Windows\System32\ndiscapCfg.dll - ok
20:34:58.0309 4568 [ 1CF21800E337F4039AAD4C94B4280EE4 ] C:\Windows\System32\mprmsg.dll
20:34:58.0309 4568 C:\Windows\System32\mprmsg.dll - ok
20:34:58.0342 4568 [ 3D6AF45673C4B31CDECD7F80AF09D443 ] C:\Windows\System32\rascfg.dll
20:34:58.0342 4568 C:\Windows\System32\rascfg.dll - ok
20:34:58.0369 4568 [ 6CEF7856A3EFAC59470F6208F0F585CE ] C:\Windows\System32\mpr.dll
20:34:58.0369 4568 C:\Windows\System32\mpr.dll - ok
20:34:58.0410 4568 [ 58A0CDABEA255616827B1C22C9994466 ] C:\Windows\System32\NapiNSP.dll
20:34:58.0410 4568 C:\Windows\System32\NapiNSP.dll - ok
20:34:58.0433 4568 [ 55DE45B116711881C852D2841E4C84DD ] C:\Windows\System32\tcpipcfg.dll
20:34:58.0433 4568 C:\Windows\System32\tcpipcfg.dll - ok
20:34:58.0451 4568 [ 9BB99503D6A4DD62569EDE9E5E2672A5 ] C:\Windows\System32\HotStartUserAgent.dll
20:34:58.0451 4568 C:\Windows\System32\HotStartUserAgent.dll - ok
20:34:58.0469 4568 [ 94EEAC26F57811BD1AEFC164412F7FCE ] C:\Windows\System32\PlaySndSrv.dll
20:34:58.0470 4568 C:\Windows\System32\PlaySndSrv.dll - ok
20:34:58.0480 4568 [ 613C8CE10A5FDE582BA5FA64C4D56AAA ] C:\Windows\System32\pnrpnsp.dll
20:34:58.0480 4568 C:\Windows\System32\pnrpnsp.dll - ok
20:34:58.0508 4568 [ BAFE84E637BF7388C96EF48D4D3FDD53 ] C:\Windows\System32\userinit.exe
20:34:58.0508 4568 C:\Windows\System32\userinit.exe - ok
20:34:58.0561 4568 [ 1F1CA9E99DD5BF918BE0BF30B5A42FDA ] C:\Windows\System32\MsCtfMonitor.dll
20:34:58.0561 4568 C:\Windows\System32\MsCtfMonitor.dll - ok
20:34:58.0586 4568 [ F09A9A1AD21FE618C4C8B0A0D830C886 ] C:\Windows\System32\msutb.dll
20:34:58.0586 4568 C:\Windows\System32\msutb.dll - ok
20:34:58.0601 4568 [ 0EBB390B7AEEC45EC061D9870A34FD42 ] C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{B1AD65C3-89D0-4093-9CC1-B3FC82BB674A}\MpKslb5551029.sys
20:34:58.0601 4568 C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{B1AD65C3-89D0-4093-9CC1-B3FC82BB674A}\MpKslb5551029.sys - ok
20:34:58.0622 4568 [ F162D5F5E845B9DC352DD1BAD8CEF1BC ] C:\Windows\System32\dwm.exe
20:34:58.0622 4568 C:\Windows\System32\dwm.exe - ok
20:34:58.0638 4568 [ F11A57E91FDAECFB41A5CB21EB1EBC8E ] C:\Windows\System32\dssenh.dll
20:34:58.0638 4568 C:\Windows\System32\dssenh.dll - ok
20:34:58.0656 4568 [ 4B78B431F225FD8624C5655CB1DE7B61 ] C:\Windows\System32\aelupsvc.dll
20:34:58.0656 4568 C:\Windows\System32\aelupsvc.dll - ok
20:34:58.0672 4568 [ BD9EB3958F213F96B97B1D897DEE006D ] C:\Windows\System32\hidserv.dll
20:34:58.0672 4568 C:\Windows\System32\hidserv.dll - ok
20:34:58.0689 4568 [ 4449D23E8F197862F1B16F1E6C89C36C ] C:\Windows\System32\diagperf.dll
20:34:58.0689 4568 C:\Windows\System32\diagperf.dll - ok
20:34:58.0705 4568 [ FCFCD1101C5DA23B4B95F93D02B2C169 ] C:\Windows\System32\dwmredir.dll
20:34:58.0705 4568 C:\Windows\System32\dwmredir.dll - ok
20:34:58.0730 4568 [ 93221146D4EBBF314C29B23CD6CC391D ] C:\Windows\System32\wpdbusenum.dll
20:34:58.0731 4568 C:\Windows\System32\wpdbusenum.dll - ok
20:34:58.0745 4568 [ 332FEAB1435662FC6C672E25BEB37BE3 ] C:\Windows\explorer.exe
20:34:58.0746 4568 C:\Windows\explorer.exe - ok
20:34:58.0762 4568 [ BF4AC709BE5BF64F331F5D67773A0C82 ] C:\Windows\System32\perftrack.dll
20:34:58.0762 4568 C:\Windows\System32\perftrack.dll - ok
20:34:58.0781 4568 [ 4BA77A5EF71C14C764B0ED4701683E3E ] C:\Windows\System32\dwmcore.dll
20:34:58.0781 4568 C:\Windows\System32\dwmcore.dll - ok
20:34:58.0796 4568 [ 9719E3D834F5C8C43F56A93DFA497023 ] C:\Windows\System32\pnpts.dll
20:34:58.0796 4568 C:\Windows\System32\pnpts.dll - ok
20:34:58.0813 4568 [ E64D9EC8018C55873B40FDEE9DBEF5B3 ] C:\Windows\System32\PortableDeviceApi.dll
20:34:58.0813 4568 C:\Windows\System32\PortableDeviceApi.dll - ok
20:34:58.0822 4568 [ E811F8510B133E70CF6E509FB809824F ] C:\Windows\System32\wdiasqmmodule.dll
20:34:58.0823 4568 C:\Windows\System32\wdiasqmmodule.dll - ok
20:34:58.0838 4568 [ E1B22739C933BE33F53DB58C5393ADD3 ] C:\Windows\System32\Apphlpdm.dll
20:34:58.0838 4568 C:\Windows\System32\Apphlpdm.dll - ok
20:34:58.0854 4568 [ AFA79C343F9D1555F7E5D5FA70BB2A14 ] C:\Windows\System32\PortableDeviceConnectApi.dll
20:34:58.0854 4568 C:\Windows\System32\PortableDeviceConnectApi.dll - ok
20:34:58.0869 4568 [ EED05D42D91835064703E2318552ED25 ] C:\Windows\System32\ExplorerFrame.dll
20:34:58.0869 4568 C:\Windows\System32\ExplorerFrame.dll - ok
20:34:58.0884 4568 [ 4F15D75ADF6156BF56ECED6D4A55C389 ] C:\Windows\System32\IPSECSVC.DLL
20:34:58.0884 4568 C:\Windows\System32\IPSECSVC.DLL - ok
20:34:58.0908 4568 [ 9AE80F6A66B30E3ED8CDF858CF28B11B ] C:\Windows\System32\d3d10_1.dll
20:34:58.0908 4568 C:\Windows\System32\d3d10_1.dll - ok
20:34:58.0923 4568 [ 9BC93C9ACFA34DB5A41B89357B31E4ED ] C:\Windows\System32\FwRemoteSvr.dll
20:34:58.0923 4568 C:\Windows\System32\FwRemoteSvr.dll - ok
20:34:58.0938 4568 [ 63F72417CA38D8FC8F53709649B589E3 ] C:\Windows\System32\d3d10_1core.dll
20:34:58.0939 4568 C:\Windows\System32\d3d10_1core.dll - ok
20:34:58.0954 4568 [ 8DFB5752FCE145A6B295093C0A8BE131 ] C:\Windows\System32\dxgi.dll
20:34:58.0954 4568 C:\Windows\System32\dxgi.dll - ok
20:34:58.0966 4568 [ 448B02AD260EC3E1E892FCE6DFDDEEBD ] C:\Windows\System32\d3d11.dll
20:34:58.0966 4568 C:\Windows\System32\d3d11.dll - ok
20:34:58.0980 4568 [ 024352FEEC9042260BB4CFB4D79A206B ] C:\Windows\System32\EhStorShell.dll
20:34:58.0981 4568 C:\Windows\System32\EhStorShell.dll - ok
20:34:58.0996 4568 [ 805A52C5AE26C28E88FDD9BCCFE6F312 ] C:\Windows\System32\TSChannel.dll
20:34:58.0996 4568 C:\Windows\System32\TSChannel.dll - ok
20:34:59.0013 4568 [ 037A719DAD50603202C978CD802623E4 ] C:\Windows\System32\ntshrui.dll
20:34:59.0013 4568 C:\Windows\System32\ntshrui.dll - ok
20:34:59.0031 4568 [ F02A533F517EB38333CB12A9E8963773 ] C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
20:34:59.0031 4568 C:\Program Files (x86)\Google\Update\GoogleUpdate.exe - ok
20:34:59.0047 4568 [ 1D63F4366288B8A7595397E27010FD44 ] C:\Windows\System32\IconCodecService.dll
20:34:59.0047 4568 C:\Windows\System32\IconCodecService.dll - ok
20:34:59.0064 4568 [ B4AC3953C16443158DCA772F187DF92C ] C:\Windows\System32\aticfx64.dll
20:34:59.0065 4568 C:\Windows\System32\aticfx64.dll - ok
20:34:59.0074 4568 [ 9E8CFD920F2D542FA9FE9FBD142C2B0A ] C:\Windows\System32\atidxx64.dll
20:34:59.0075 4568 C:\Windows\System32\atidxx64.dll - ok
20:34:59.0090 4568 [ 1D8FF340333F3D023668467574523FCF ] C:\Windows\System32\atiuxp64.dll
20:34:59.0090 4568 C:\Windows\System32\atiuxp64.dll - ok
20:34:59.0106 4568 [ 3977D4A871CA0D4F2ED1E7DB46829731 ] C:\Windows\System32\appinfo.dll
20:34:59.0106 4568 C:\Windows\System32\appinfo.dll - ok
20:34:59.0126 4568 [ 20C7F2ADAE249D6708941BC8CDD9735F ] C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{6671647A-D593-488C-A849-D3C86E0F9E6F}\gapaengine.dll
20:34:59.0126 4568 C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{6671647A-D593-488C-A849-D3C86E0F9E6F}\gapaengine.dll - ok
20:34:59.0157 4568 [ 7B31FB7DA69A72C03637BD8A2B2111CE ] C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{6671647A-D593-488C-A849-D3C86E0F9E6F}\nisfull.vdm
20:34:59.0158 4568 C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{6671647A-D593-488C-A849-D3C86E0F9E6F}\nisfull.vdm - ok
20:34:59.0176 4568 [ 46863C4CC5B68EB09EA2D5EEF0F1193A ] C:\Windows\System32\radardt.dll
20:34:59.0176 4568 C:\Windows\System32\radardt.dll - ok
20:34:59.0197 4568 [ 49E5753D923F1AC63B22D3DCB0B47E00 ] C:\Windows\System32\uDWM.dll
20:34:59.0197 4568 C:\Windows\System32\uDWM.dll - ok
20:34:59.0214 4568 [ 2E2072EB48238FCA8FBB7A9F5FABAC45 ] C:\Windows\System32\winrnr.dll
20:34:59.0215 4568 C:\Windows\System32\winrnr.dll - ok
20:34:59.0232 4568 [ FEB91B4DA0D540865260A33838654FA3 ] C:\Windows\System32\nci.dll
20:34:59.0232 4568 C:\Windows\System32\nci.dll - ok
20:34:59.0249 4568 [ AC0C9CEA1218DAB1994AF8B28E680BD9 ] C:\Windows\System32\wlaninst.dll
20:34:59.0249 4568 C:\Windows\System32\wlaninst.dll - ok
20:34:59.0267 4568 [ 5A406C9C8E0880D3EABADC5DFD1ACDAE ] C:\Windows\System32\wwaninst.dll
20:34:59.0268 4568 C:\Windows\System32\wwaninst.dll - ok
20:34:59.0285 4568 [ 025E7DBDB98866ED3CB2D4DDA70B364D ] C:\Windows\System32\runonce.exe
20:34:59.0285 4568 C:\Windows\System32\runonce.exe - ok
20:34:59.0303 4568 [ DD81D91FF3B0763C392422865C9AC12E ] C:\Windows\System32\rundll32.exe
20:34:59.0303 4568 C:\Windows\System32\rundll32.exe - ok
20:34:59.0321 4568 [ E629F1A051C82795DDFFD3E8D4855811 ] C:\Windows\System32\dimsjob.dll
20:34:59.0321 4568 C:\Windows\System32\dimsjob.dll - ok
20:34:59.0346 4568 [ E6F0F82788E8BD0F7A616350EFA0761C ] C:\Windows\System32\actxprxy.dll
20:34:59.0347 4568 C:\Windows\System32\actxprxy.dll - ok
20:34:59.0364 4568 [ 2E5672EEA419A4DC9DACD714632E1DC3 ] C:\Program Files (x86)\Google\Update\1.3.21.135\goopdate.dll
20:34:59.0365 4568 C:\Program Files (x86)\Google\Update\1.3.21.135\goopdate.dll - ok
20:34:59.0383 4568 [ 2FCA0D2C59A855C54BAFA22AA329DF0F ] C:\Windows\SysWOW64\netapi32.dll
20:34:59.0383 4568 C:\Windows\SysWOW64\netapi32.dll - ok
20:34:59.0400 4568 [ 20B3934DB73EABA2B49B7177873CB81F ] C:\Windows\SysWOW64\netutils.dll
20:34:59.0400 4568 C:\Windows\SysWOW64\netutils.dll - ok
20:34:59.0415 4568 [ 5CCDCD40E732D54E0F7451AC66AC1C87 ] C:\Windows\SysWOW64\srvcli.dll
20:34:59.0415 4568 C:\Windows\SysWOW64\srvcli.dll - ok
20:34:59.0432 4568 [ E5A4A1326A02F8E7B59E6C3270CE7202 ] C:\Windows\SysWOW64\wkscli.dll
20:34:59.0432 4568 C:\Windows\SysWOW64\wkscli.dll - ok
20:34:59.0459 4568 [ 352B3DC62A0D259A82A052238425C872 ] C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2\comctl32.dll
20:34:59.0459 4568 C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2\comctl32.dll - ok
20:34:59.0477 4568 [ D44741F65A1D71F65814A12CF6E2400A ] C:\Windows\SysWOW64\runonce.exe
20:34:59.0477 4568 C:\Windows\SysWOW64\runonce.exe - ok
20:34:59.0495 4568 [ B2DB6ABA2E292235749B80A9C3DFA867 ] C:\Windows\SysWOW64\imagehlp.dll
20:34:59.0495 4568 C:\Windows\SysWOW64\imagehlp.dll - ok
20:34:59.0513 4568 [ A6C29DB53ECA94FA8591C5388D604B82 ] C:\Windows\SysWOW64\msi.dll
20:34:59.0513 4568 C:\Windows\SysWOW64\msi.dll - ok
20:34:59.0532 4568 [ 465BEA35F7ED4A4A57686DEA7EA10F47 ] C:\Windows\SysWOW64\cscapi.dll
20:34:59.0533 4568 C:\Windows\SysWOW64\cscapi.dll - ok
20:34:59.0544 4568 [ 3FD15B4611D9BDA3F8013548C0ECAECA ] C:\Windows\SysWOW64\ntmarta.dll
20:34:59.0544 4568 C:\Windows\SysWOW64\ntmarta.dll - ok
20:34:59.0560 4568 [ 35CB97CBC3EDC463418ED4997AAB29B6 ] C:\Windows\System32\pautoenr.dll
20:34:59.0560 4568 C:\Windows\System32\pautoenr.dll - ok
20:34:59.0580 4568 [ 43964FA89CCF97BA6BE34D69455AC65F ] C:\Windows\SysWOW64\uxtheme.dll
20:34:59.0581 4568 C:\Windows\SysWOW64\uxtheme.dll - ok
20:34:59.0598 4568 [ A8BB45F9ECAD993461E0FEF8E2A99152 ] C:\Windows\SysWOW64\Wldap32.dll
20:34:59.0598 4568 C:\Windows\SysWOW64\Wldap32.dll - ok
20:34:59.0613 4568 [ FBD879D17B26D49DD7A48FF58062FAE6 ] C:\Windows\System32\tdh.dll
20:34:59.0613 4568 C:\Windows\System32\tdh.dll - ok
20:34:59.0628 4568 [ 94DFBB481BF51158B216E23C5C1C9D6E ] C:\Windows\System32\certcli.dll
20:34:59.0628 4568 C:\Windows\System32\certcli.dll - ok
20:34:59.0643 4568 [ 53223B673A3FA2F9A4D1C31C8D3F6CD8 ] C:\Windows\SysWOW64\dbghelp.dll
20:34:59.0644 4568 C:\Windows\SysWOW64\dbghelp.dll - ok
20:34:59.0659 4568 [ 10FB16B50AFFDA6D44588F3C445DC273 ] C:\Windows\SysWOW64\setupapi.dll
20:34:59.0659 4568 C:\Windows\SysWOW64\setupapi.dll - ok
20:34:59.0693 4568 [ 863F793D15B4026B1A5FDECA873D4D84 ] C:\Windows\SysWOW64\apphelp.dll
20:34:59.0694 4568 C:\Windows\SysWOW64\apphelp.dll - ok
20:34:59.0709 4568 [ BECDDA0990DEBD72A30096533521AD73 ] C:\Program Files (x86)\Google\Update\1.3.21.135\GoogleCrashHandler.exe
20:34:59.0709 4568 C:\Program Files (x86)\Google\Update\1.3.21.135\GoogleCrashHandler.exe - ok
20:34:59.0726 4568 [ 263B26106606A010CF877472B535E4BB ] C:\Windows\System32\CertEnroll.dll
20:34:59.0726 4568 C:\Windows\System32\CertEnroll.dll - ok
20:34:59.0743 4568 [ B676429E44F2F8ACC3BAE7C89F46B212 ] C:\Program Files (x86)\Google\Update\1.3.21.135\GoogleCrashHandler64.exe
20:34:59.0744 4568 C:\Program Files (x86)\Google\Update\1.3.21.135\GoogleCrashHandler64.exe - ok
20:34:59.0759 4568 [ FF5688D309347F2720911D8796912834 ] C:\Windows\SysWOW64\clbcatq.dll
20:34:59.0759 4568 C:\Windows\SysWOW64\clbcatq.dll - ok
20:34:59.0773 4568 [ C5A99A4C0DC9F0F5A95BA0C83D30A549 ] C:\Windows\SysWOW64\mstask.dll
20:34:59.0774 4568 C:\Windows\SysWOW64\mstask.dll - ok
20:34:59.0788 4568 [ F436E847FA799ECD75AD8C313673F450 ] C:\Windows\SysWOW64\cfgmgr32.dll
20:34:59.0788 4568 C:\Windows\SysWOW64\cfgmgr32.dll - ok
20:34:59.0814 4568 [ 2EEFF4502F5E13B1BED4A04CCAD64C08 ] C:\Windows\SysWOW64\devobj.dll
20:34:59.0814 4568 C:\Windows\SysWOW64\devobj.dll - ok
20:34:59.0829 4568 [ 12C45E3CB6D65F73209549E2D02ECA7A ] C:\Windows\SysWOW64\propsys.dll
20:34:59.0829 4568 C:\Windows\SysWOW64\propsys.dll - ok
20:34:59.0845 4568 [ B2DFFEA8FB6B8DA0501F53C9F2112612 ] C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{B1AD65C3-89D0-4093-9CC1-B3FC82BB674A}\offreg.dll
20:34:59.0845 4568 C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{B1AD65C3-89D0-4093-9CC1-B3FC82BB674A}\offreg.dll - ok
20:34:59.0855 4568 [ F93674263F6B07C77956E966953242D9 ] C:\Windows\SysWOW64\secur32.dll
20:34:59.0855 4568 C:\Windows\SysWOW64\secur32.dll - ok
20:34:59.0870 4568 [ ADF3E771F429940E762AC097F5A54EAF ] C:\Program Files\Windows Defender\MpClient.dll
20:34:59.0870 4568 C:\Program Files\Windows Defender\MpClient.dll - ok
20:34:59.0885 4568 [ A7A8CA53D9C9FD90C07AB0EB38E5316B ] C:\Windows\System32\dbghelp.dll
20:34:59.0885 4568 C:\Windows\System32\dbghelp.dll - ok
20:34:59.0902 4568 [ AD7B9C14083B52BC532FBA5948342B98 ] C:\Windows\SysWOW64\cmd.exe
20:34:59.0902 4568 C:\Windows\SysWOW64\cmd.exe - ok
20:34:59.0913 4568 [ 10F815BE90A66AAFC6C713D1BD626064 ] C:\Windows\System32\pnidui.dll
20:34:59.0914 4568 C:\Windows\System32\pnidui.dll - ok
20:34:59.0938 4568 [ 1EB82516F21F27EED1833B4F9FD9614E ] C:\Windows\System32\wmp.dll
20:34:59.0938 4568 C:\Windows\System32\wmp.dll - ok
20:34:59.0954 4568 [ D2155709E336C3BC15729EB87FEC6064 ] C:\Windows\System32\rasdlg.dll
20:34:59.0954 4568 C:\Windows\System32\rasdlg.dll - ok
20:34:59.0969 4568 [ 198803E5E93E29967DFB0BCFD0186151 ] C:\Windows\System32\spfileq.dll
20:34:59.0969 4568 C:\Windows\System32\spfileq.dll - ok
20:34:59.0984 4568 [ 326C7F76A29897A892AA7726E91C1C67 ] C:\Windows\SysWOW64\winbrand.dll
20:34:59.0984 4568 C:\Windows\SysWOW64\winbrand.dll - ok
20:35:00.0000 4568 [ D3EAB9BCB2B92EFCA615781C215644C0 ] C:\Windows\SysWOW64\ieframe.dll
20:35:00.0000 4568 C:\Windows\SysWOW64\ieframe.dll - ok
20:35:00.0015 4568 [ 8E01332CC4B68BC6B5B7EFFE374442AA ] C:\Windows\SysWOW64\oleacc.dll
20:35:00.0016 4568 C:\Windows\SysWOW64\oleacc.dll - ok
20:35:00.0030 4568 [ BE247AE996A9FDE007A27B51413A6C79 ] C:\Windows\SysWOW64\shdocvw.dll
20:35:00.0030 4568 C:\Windows\SysWOW64\shdocvw.dll - ok
20:35:00.0073 4568 [ 178A34E5554DCE485E1262DDF027960C ] C:\Users\Jessie\AppData\Local\Temp\46B31E1A-953D-44B9-9C1B-CE51A9CDB21D.exe
20:35:00.0073 4568 C:\Users\Jessie\AppData\Local\Temp\46B31E1A-953D-44B9-9C1B-CE51A9CDB21D.exe - ok
20:35:00.0088 4568 [ BF6D6ED5FADCEEE885BD0144ECF1BA27 ] C:\Windows\SysWOW64\ncrypt.dll
20:35:00.0088 4568 C:\Windows\SysWOW64\ncrypt.dll - ok
20:35:00.0103 4568 [ CE71B9119A258EDD0A05B37D7B0F92E3 ] C:\Windows\SysWOW64\bcrypt.dll
20:35:00.0103 4568 C:\Windows\SysWOW64\bcrypt.dll - ok
20:35:00.0112 4568 [ E8449FE262D7406BCB2AC2A45C53EC5F ] C:\Windows\SysWOW64\bcryptprimitives.dll
20:35:00.0113 4568 C:\Windows\SysWOW64\bcryptprimitives.dll - ok
20:35:00.0125 4568 [ 1097F3035BAF46CED8B332B3564C5108 ] C:\Windows\SysWOW64\gpapi.dll
20:35:00.0125 4568 C:\Windows\SysWOW64\gpapi.dll - ok
20:35:00.0141 4568 [ CA79539D3D4C0BA66F0F051A5EE5E923 ] C:\Windows\SysWOW64\cryptnet.dll
20:35:00.0141 4568 C:\Windows\SysWOW64\cryptnet.dll - ok
20:35:00.0160 4568 [ 6F8E3B7B70E1BBA871212940C1FBDF60 ] C:\Windows\SysWOW64\SensApi.dll
20:35:00.0160 4568 C:\Windows\SysWOW64\SensApi.dll - ok
20:35:00.0180 4568 [ 39C5F32747B3414D1BB216FDB1DEFC58 ] C:\Windows\SysWOW64\dwmapi.dll
20:35:00.0181 4568 C:\Windows\SysWOW64\dwmapi.dll - ok
20:35:00.0220 4568 [ 3BCECD87AB4E6743BFB45B352AD1A529 ] C:\Windows\SysWOW64\WindowsCodecs.dll
20:35:00.0221 4568 C:\Windows\SysWOW64\WindowsCodecs.dll - ok
20:35:00.0239 4568 [ 846D0E4DB261CFAF363902E41498E961 ] C:\Windows\SysWOW64\EhStorShell.dll
20:35:00.0239 4568 C:\Windows\SysWOW64\EhStorShell.dll - ok
20:35:00.0259 4568 [ 03F3B770DFBED6131653CEDA8CA780F0 ] C:\Windows\SysWOW64\ntshrui.dll
20:35:00.0261 4568 C:\Windows\SysWOW64\ntshrui.dll - ok
20:35:00.0279 4568 [ 8B74CEC6980D4816B0037AE9A27E538F ] C:\Windows\SysWOW64\slc.dll
20:35:00.0279 4568 C:\Windows\SysWOW64\slc.dll - ok
20:35:00.0300 4568 [ 827CB0D6C3F8057EA037FF271F8E9795 ] C:\Windows\SysWOW64\imageres.dll
20:35:00.0300 4568 C:\Windows\SysWOW64\imageres.dll - ok
20:35:00.0311 4568 [ 523CF74A52C9A1762DA8B83AEE734498 ] C:\Windows\SysWOW64\IconCodecService.dll
20:35:00.0311 4568 C:\Windows\SysWOW64\IconCodecService.dll - ok
20:35:00.0341 4568 [ 522B0466ED967A0762E9AF5B37D8F40A ] C:\Windows\System32\esent.dll
20:35:00.0341 4568 C:\Windows\System32\esent.dll - ok
20:35:00.0358 4568 [ E03082BF43266EAC72E2CD3BC1283F24 ] C:\Program Files\Microsoft Security Client\MpCommu.dll
20:35:00.0358 4568 C:\Program Files\Microsoft Security Client\MpCommu.dll - ok
20:35:00.0368 4568 [ 2CEFF13ACE25A40BD8D97654944297CD ] C:\Windows\svchost.exe
20:35:00.0368 4568 C:\Windows\svchost.exe - ok
20:35:00.0383 4568 [ 0E85C11F8850D524B02181C6E02BA9AE ] C:\Windows\SysWOW64\dsound.dll
20:35:00.0384 4568 C:\Windows\SysWOW64\dsound.dll - ok
20:35:00.0400 4568 [ 08DFDBD2FD4EA951DC46B1C7661ED35A ] C:\Windows\SysWOW64\powrprof.dll
20:35:00.0400 4568 C:\Windows\SysWOW64\powrprof.dll - ok
20:35:00.0420 4568 [ 40CAEEE0EAF1B8569F7C8DF6420F2CB9 ] C:\Windows\SysWOW64\sfc.dll
20:35:00.0421 4568 C:\Windows\SysWOW64\sfc.dll - ok
20:35:00.0431 4568 [ 84799328D87B3091A3BDD251E1AD31F9 ] C:\Windows\SysWOW64\sfc_os.dll
20:35:00.0432 4568 C:\Windows\SysWOW64\sfc_os.dll - ok
20:35:00.0459 4568 [ 162D247E995EAEBF3EF4289069E1111C ] C:\Windows\SysWOW64\devrtl.dll
20:35:00.0460 4568 C:\Windows\SysWOW64\devrtl.dll - ok
20:35:00.0477 4568 [ B519848DFA30AE2B306576B51321D102 ] C:\Windows\System32\ie4uinit.exe
20:35:00.0477 4568 C:\Windows\System32\ie4uinit.exe - ok
20:35:00.0492 4568 [ 2C647ABE9A424E55B5F3DAE4629B4277 ] C:\Windows\System32\themeui.dll
20:35:00.0492 4568 C:\Windows\System32\themeui.dll - ok
20:35:00.0508 4568 [ CA9F7888B524D8100B977C81F44C3234 ] C:\Windows\SysWOW64\winhttp.dll
20:35:00.0508 4568 C:\Windows\SysWOW64\winhttp.dll - ok
20:35:00.0524 4568 [ FB19FC5951A88F3C523E35C2C98D23C0 ] C:\Windows\SysWOW64\webio.dll
20:35:00.0524 4568 C:\Windows\SysWOW64\webio.dll - ok
20:35:00.0538 4568 [ FB10715E4099AF9FA389C71873245226 ] C:\Windows\System32\timedate.cpl
20:35:00.0538 4568 C:\Windows\System32\timedate.cpl - ok
20:35:00.0554 4568 [ C4F40F6CACD796A8E16671D0E9A2F319 ] C:\Windows\System32\shdocvw.dll
20:35:00.0554 4568 C:\Windows\System32\shdocvw.dll - ok
20:35:00.0596 4568 [ A0A65D306A5490D2EB8E7DE66898ECFD ] C:\Windows\System32\linkinfo.dll
20:35:00.0596 4568 C:\Windows\System32\linkinfo.dll - ok
20:35:00.0613 4568 [ 4E5FE39C1076D115EC8BFCFE14D75B80 ] C:\Windows\SysWOW64\credssp.dll
20:35:00.0613 4568 C:\Windows\SysWOW64\credssp.dll - ok
20:35:00.0626 4568 [ 8999B8631C7FD9F7F9EC3CAFD953BA24 ] C:\Windows\SysWOW64\mswsock.dll
20:35:00.0626 4568 C:\Windows\SysWOW64\mswsock.dll - ok
20:35:00.0644 4568 [ 661CEEDE98A2E0E5CDD7DE239EB38353 ] C:\PROGRA~2\WIC4A1~1\MESSEN~1\msgslang.dll
20:35:00.0645 4568 C:\PROGRA~2\WIC4A1~1\MESSEN~1\msgslang.dll - ok
20:35:00.0660 4568 [ EE5C8E27C37B79CB54A2FCEEED2DC262 ] C:\Windows\SysWOW64\WSHTCPIP.DLL
20:35:00.0660 4568 C:\Windows\SysWOW64\WSHTCPIP.DLL - ok
20:35:00.0676 4568 [ 1EAC1A8CA6874BF5B15E2EFB9A9A7B86 ] C:\Windows\System32\msftedit.dll
20:35:00.0676 4568 C:\Windows\System32\msftedit.dll - ok
20:35:00.0690 4568 [ 73E8667A19FEEDD856DF2695E9E511D4 ] C:\Windows\SysWOW64\wship6.dll
20:35:00.0690 4568 C:\Windows\SysWOW64\wship6.dll - ok
20:35:00.0705 4568 [ 7FCAB194F01E3403C300EB034E480B36 ] C:\Windows\System32\msls31.dll
20:35:00.0706 4568 C:\Windows\System32\msls31.dll - ok
20:35:00.0736 4568 [ 2BCBA6052374959A30BD7948444DBB79 ] C:\Windows\System32\gameux.dll
20:35:00.0736 4568 C:\Windows\System32\gameux.dll - ok
20:35:00.0754 4568 [ B40420876B9288E0A1C8CCA8A84E5DC9 ] C:\Windows\SysWOW64\dnsapi.dll
20:35:00.0754 4568 C:\Windows\SysWOW64\dnsapi.dll - ok
20:35:00.0771 4568 [ 12B79422A23814429CDA9E734C58F78F ] C:\Program Files (x86)\Common Files\microsoft shared\Windows Live\WLIDNSP.DLL
20:35:00.0771 4568 C:\Program Files (x86)\Common Files\microsoft shared\Windows Live\WLIDNSP.DLL - ok
20:35:00.0789 4568 [ 7DBA84667DC18877AEF693E3543DFAD7 ] C:\Program Files\Common Files\Microsoft Shared\ink\tiptsf.dll
20:35:00.0789 4568 C:\Program Files\Common Files\Microsoft Shared\ink\tiptsf.dll - ok
20:35:00.0805 4568 [ 4C2C4640BF23AAFCF90519E0F34436CE ] C:\Windows\System32\DeviceCenter.dll
20:35:00.0805 4568 C:\Windows\System32\DeviceCenter.dll - ok
20:35:00.0822 4568 [ ED6EE83D61EBC683C2CD8E899EA6FEBE ] C:\Windows\SysWOW64\rasadhlp.dll
20:35:00.0822 4568 C:\Windows\SysWOW64\rasadhlp.dll - ok
20:35:00.0837 4568 [ BCFF8CD24809941E28C73185FC58CA39 ] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
20:35:00.0837 4568 C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe - ok
20:35:00.0896 4568 [ 03A03A453F1AAAE0C73AAAF895321C7A ] C:\Windows\SysWOW64\FWPUCLNT.DLL
20:35:00.0896 4568 C:\Windows\SysWOW64\FWPUCLNT.DLL - ok
20:35:00.0910 4568 [ 0BE126224273ACB0925C07B30A0E4209 ] C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
20:35:00.0911 4568 C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe - ok
20:35:00.0928 4568 [ 405F4D32D2185F1F1BD753D8EEAFFB3A ] C:\Windows\System32\networkexplorer.dll
20:35:00.0928 4568 C:\Windows\System32\networkexplorer.dll - ok
20:35:00.0943 4568 [ 5F639198C4137075DA50E61C23963C11 ] C:\Windows\System32\drprov.dll
20:35:00.0943 4568 C:\Windows\System32\drprov.dll - ok
20:35:00.0959 4568 [ 439669E153EF11FA16861EC33D4AFC81 ] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
20:35:00.0959 4568 C:\Program Files\Synaptics\SynTP\SynTPEnh.exe - ok
20:35:00.0975 4568 [ BC566D17914B07ABAAB3A5A385CC3300 ] C:\Windows\System32\ntlanman.dll
20:35:00.0976 4568 C:\Windows\System32\ntlanman.dll - ok
20:35:00.0990 4568 [ B3A33600DCDFB84D7FBE09ADEB1C9B8A ] C:\Windows\System32\davclnt.dll
20:35:00.0991 4568 C:\Windows\System32\davclnt.dll - ok
20:35:01.0020 4568 [ 45B24A357C801CE62052FE0CDC8BD4D2 ] C:\Windows\System32\davhlpr.dll
20:35:01.0020 4568 C:\Windows\System32\davhlpr.dll - ok
20:35:01.0036 4568 [ 24F4B480F335A6C724AF352253C5D98B ] C:\Windows\System32\thumbcache.dll
20:35:01.0036 4568 C:\Windows\System32\thumbcache.dll - ok
20:35:01.0056 4568 [ 585FED4CDB8034B8B58AEB8008255817 ] C:\Windows\System32\opengl32.dll
20:35:01.0057 4568 C:\Windows\System32\opengl32.dll - ok
20:35:01.0072 4568 [ C5BCAB2B9BD316DDFD53D4CB5E1C438D ] C:\Program Files\TOSHIBA\Power Saver\TPwrMain.exe
20:35:01.0073 4568 C:\Program Files\TOSHIBA\Power Saver\TPwrMain.exe - ok
20:35:01.0088 4568 [ 69754747274B76E7FAF287239333D7E6 ] C:\Windows\System32\msiltcfg.dll
20:35:01.0088 4568 C:\Windows\System32\msiltcfg.dll - ok
20:35:01.0100 4568 [ 5EB6E9C8BE1ACC5830780E0F9A846255 ] C:\Windows\System32\msi.dll
20:35:01.0101 4568 C:\Windows\System32\msi.dll - ok
20:35:01.0115 4568 [ F2967C0A97C0EA67D79D7F557213950D ] C:\Windows\System32\glu32.dll
20:35:01.0116 4568 C:\Windows\System32\glu32.dll - ok
20:35:01.0130 4568 [ A6C09924C6730DE8DEED9890A12AA691 ] C:\Windows\System32\ddraw.dll
20:35:01.0130 4568 C:\Windows\System32\ddraw.dll - ok
20:35:01.0161 4568 [ 29C22748937F45C26590909E9F8E7137 ] C:\Windows\System32\dciman32.dll
20:35:01.0161 4568 C:\Windows\System32\dciman32.dll - ok
20:35:01.0184 4568 [ E424B3EF666B184CEE0B6871AAA8C9F6 ] C:\Windows\System32\msimg32.dll
20:35:01.0184 4568 C:\Windows\System32\msimg32.dll - ok
20:35:01.0201 4568 [ 263E9A047D17CD50BAA9D3C02910D18D ] C:\Windows\System32\oledlg.dll
20:35:01.0201 4568 C:\Windows\System32\oledlg.dll - ok
20:35:01.0218 4568 [ 9110FFAD124283F37D38771BB60556AF ] C:\Windows\System32\dsound.dll
20:35:01.0219 4568 C:\Windows\System32\dsound.dll - ok
20:35:01.0236 4568 [ EFE8A50B9AE0205D399E94E89E244E65 ] C:\Program Files\TOSHIBA\Power Saver\TCooling.dll
20:35:01.0236 4568 C:\Program Files\TOSHIBA\Power Saver\TCooling.dll - ok
20:35:01.0254 4568 [ 0805289E121F3E3C458C970B08314EB2 ] C:\Windows\System32\RtkCfg64.dll
20:35:01.0254 4568 C:\Windows\System32\RtkCfg64.dll - ok
20:35:01.0271 4568 [ C3761661C17C2248A9379A8FB89E3DE1 ] C:\Windows\System32\stobject.dll
20:35:01.0271 4568 C:\Windows\System32\stobject.dll - ok
20:35:01.0287 4568 [ E542A10321E884C2C50290AC67E82DAE ] C:\Program Files\TOSHIBA\Power Saver\TOddPwr.dll
20:35:01.0287 4568 C:\Program Files\TOSHIBA\Power Saver\TOddPwr.dll - ok
20:35:01.0304 4568 [ DC604BBAF9F613D150CC6060E0E47788 ] C:\Program Files\TOSHIBA\FlashCards\TCrdMain.exe
20:35:01.0304 4568 C:\Program Files\TOSHIBA\FlashCards\TCrdMain.exe - ok
20:35:01.0321 4568 [ F832EEEA97CDDA1AF577E721F652A0D1 ] C:\Windows\System32\batmeter.dll
20:35:01.0321 4568 C:\Windows\System32\batmeter.dll - ok
20:35:01.0337 4568 [ 60FB378B6D1C80DC69DD80F8E05D4346 ] C:\Program Files\TOSHIBA\Power Saver\TPwrSrv.dll
20:35:01.0337 4568 C:\Program Files\TOSHIBA\Power Saver\TPwrSrv.dll - ok
20:35:01.0352 4568 [ 565E25C82AAE17EA97884B43F05A720E ] C:\Windows\System32\SynCOM.dll
20:35:01.0352 4568 C:\Windows\System32\SynCOM.dll - ok
20:35:01.0368 4568 [ B3F4982BD2542AB40AFA6D6E695E5E06 ] C:\Program Files\TOSHIBA\Power Saver\TPwrBrightness.dll
20:35:01.0368 4568 C:\Program Files\TOSHIBA\Power Saver\TPwrBrightness.dll - ok
20:35:01.0390 4568 [ 4936B83586C1F81630AE9C8EED6E356A ] C:\Windows\System32\SynTPAPI.dll
20:35:01.0390 4568 C:\Windows\System32\SynTPAPI.dll - ok
20:35:01.0406 4568 [ DFD8F75F0E27D522AB8424AD71719C8B ] C:\Program Files\TOSHIBA\TBS\HSON.exe
20:35:01.0406 4568 C:\Program Files\TOSHIBA\TBS\HSON.exe - ok
20:35:01.0418 4568 [ F164E175B6092D3BA0DC7056487717BC ] C:\Program Files\TOSHIBA\Power Saver\T1394Pwr.dll
20:35:01.0418 4568 C:\Program Files\TOSHIBA\Power Saver\T1394Pwr.dll - ok
20:35:01.0434 4568 [ 6B8966ECB093271DE794286850432225 ] C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
20:35:01.0434 4568 C:\Program Files\Synaptics\SynTP\SynTPHelper.exe - ok
20:35:01.0450 4568 [ F82483A80D49ACCA81193A294FB233CD ] C:\Program Files\TOSHIBA\TosVolRegulator\TosVolRegulator.exe
20:35:01.0450 4568 C:\Program Files\TOSHIBA\TosVolRegulator\TosVolRegulator.exe - ok
20:35:01.0466 4568 [ D70D6B42933C1174FE961F0BCA3573A3 ] C:\Program Files\TOSHIBA\FlashCards\TCrdEvnt.dll
20:35:01.0466 4568 C:\Program Files\TOSHIBA\FlashCards\TCrdEvnt.dll - ok
20:35:01.0483 4568 [ E436C2E89416F31699F2A3CA79DDC095 ] C:\Program Files\TOSHIBA\Power Saver\TKBLEDPwr.dll
20:35:01.0483 4568 C:\Program Files\TOSHIBA\Power Saver\TKBLEDPwr.dll - ok
20:35:01.0513 4568 [ 426350B428CD70D037A3326EB9E5EDFD ] C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosWaitSrv.exe
20:35:01.0514 4568 C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosWaitSrv.exe - ok
20:35:01.0530 4568 [ 76849AB697E63D85CC35DD2F8AEA1C6B ] C:\Program Files\TOSHIBA\FlashCards\TCrdMain.dll
20:35:01.0531 4568 C:\Program Files\TOSHIBA\FlashCards\TCrdMain.dll - ok
20:35:01.0547 4568 [ C4CA3DBBCEC3136D37DA20B50291E63A ] C:\Program Files\TOSHIBA\Power Saver\TSDPwr.dll
20:35:01.0548 4568 C:\Program Files\TOSHIBA\Power Saver\TSDPwr.dll - ok
20:35:01.0563 4568 [ 3911917B93DD9023DAA8258147AA7BCF ] C:\Program Files\Microsoft Security Client\msseces.exe
20:35:01.0563 4568 C:\Program Files\Microsoft Security Client\msseces.exe - ok
20:35:01.0576 4568 [ 5D61BE7DB55B026A5D61A3EED09D0EAD ] C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
20:35:01.0576 4568 C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe - ok
20:35:01.0594 4568 [ DF987E7AA36D53411B1087B246739326 ] C:\Program Files\TOSHIBA\Power Saver\TPCIePwr.dll
20:35:01.0594 4568 C:\Program Files\TOSHIBA\Power Saver\TPCIePwr.dll - ok
20:35:01.0609 4568 [ 220159496484D34009DE71CA1A68E0D4 ] C:\Windows\System32\wbem\NCProv.dll
20:35:01.0609 4568 C:\Windows\System32\wbem\NCProv.dll - ok
20:35:01.0624 4568 [ 0B5511674394666E9D221F8681B2C2E6 ] C:\Windows\System32\consent.exe
20:35:01.0624 4568 C:\Windows\System32\consent.exe - ok
20:35:01.0652 4568 [ 76F123E491B26DAAD5DFBC20FC5996DB ] C:\Program Files\TOSHIBA\Power Saver\TScreen.dll
20:35:01.0653 4568 C:\Program Files\TOSHIBA\Power Saver\TScreen.dll - ok
20:35:01.0661 4568 [ 0F042176F243D71C552E9D07D2FCB141 ] C:\Program Files\TOSHIBA\FlashCards\BlackPng.dll
20:35:01.0661 4568 C:\Program Files\TOSHIBA\FlashCards\BlackPng.dll - ok
20:35:01.0678 4568 [ 2D2A6EC8EAD30EC3ACE2FD6FB1B3E122 ] C:\Windows\System32\prnfldr.dll
20:35:01.0678 4568 C:\Windows\System32\prnfldr.dll - ok
20:35:01.0693 4568 [ 42A9CB6906D9A8BEDC83B57163E62924 ] C:\Windows\System32\DXP.dll
20:35:01.0694 4568 C:\Windows\System32\DXP.dll - ok
20:35:01.0708 4568 [ 2BC7C9FD0A9F2C9AFC373F3AD1EE3891 ] C:\Windows\System32\Syncreg.dll
20:35:01.0708 4568 C:\Windows\System32\Syncreg.dll - ok
20:35:01.0723 4568 [ DDEA7F06F8A00E706C4DB75D7C6F2612 ] C:\Program Files\TOSHIBA\HDD Protection\Thp3dv.exe
20:35:01.0724 4568 C:\Program Files\TOSHIBA\HDD Protection\Thp3dv.exe - ok
20:35:01.0739 4568 [ 76E7410B3A308F6960D3CE06DC7874AD ] C:\Program Files (x86)\Google\GoogleToolbarNotifier\5.7.8313.1002\gtn.dll
20:35:01.0739 4568 C:\Program Files (x86)\Google\GoogleToolbarNotifier\5.7.8313.1002\gtn.dll - ok
20:35:01.0766 4568 [ C836175870E00ACC546066632E15BD10 ] C:\Windows\ehome\ehSSO.dll
20:35:01.0766 4568 C:\Windows\ehome\ehSSO.dll - ok
20:35:01.0782 4568 [ 839F96DBAAFD3353E0B248A5E0BD2A51 ] C:\Windows\SysWOW64\rasapi32.dll
20:35:01.0782 4568 C:\Windows\SysWOW64\rasapi32.dll - ok
20:35:01.0795 4568 [ C8FDF0FA9E97E2FAAF3F814716AAA881 ] C:\Windows\System32\WPDShServiceObj.dll
20:35:01.0795 4568 C:\Windows\System32\WPDShServiceObj.dll - ok
20:35:01.0811 4568 [ 4F3CD1C59EA71401E155C432BCECE180 ] C:\Windows\System32\PortableDeviceTypes.dll
20:35:01.0811 4568 C:\Windows\System32\PortableDeviceTypes.dll - ok
20:35:01.0826 4568 [ 6D137963730144698CBD10F202E9F251 ] C:\Windows\System32\wersvc.dll
20:35:01.0826 4568 C:\Windows\System32\wersvc.dll - ok
20:35:01.0843 4568 [ 9C96B167C21F6DCCF68E96853B0A8F93 ] C:\Program Files\TOSHIBA\FlashCards\FnPRTSC.dll
20:35:01.0843 4568 C:\Program Files\TOSHIBA\FlashCards\FnPRTSC.dll - ok
20:35:01.0858 4568 [ FFA7172354B9256DBB2CDD75F16F33FE ] C:\Windows\SysWOW64\rasman.dll
20:35:01.0858 4568 C:\Windows\SysWOW64\rasman.dll - ok
20:35:01.0885 4568 [ 8569E35D00F45972E506502EEE622BA4 ] C:\Windows\System32\srchadmin.dll
20:35:01.0886 4568 C:\Windows\System32\srchadmin.dll - ok
20:35:01.0901 4568 [ E126445756DFE53F9788911BBD7BFF16 ] C:\Program Files\TOSHIBA\FlashCards\FnSticky.dll
20:35:01.0901 4568 C:\Program Files\TOSHIBA\FlashCards\FnSticky.dll - ok
20:35:01.0918 4568 [ 0915C4DB6DBC3BB9E11B7ECBBE4B7159 ] C:\Windows\SysWOW64\rtutils.dll
20:35:01.0918 4568 C:\Windows\SysWOW64\rtutils.dll - ok
20:35:01.0928 4568 [ 93812FDC01AA864195816CD814445F95 ] C:\Program Files\Microsoft Security Client\sqmapi.dll
20:35:01.0928 4568 C:\Program Files\Microsoft Security Client\sqmapi.dll - ok
20:35:01.0945 4568 [ CACB1FB9B211A8BEF470A78FC573AEBA ] C:\Program Files\TOSHIBA\FlashCards\Hotkey\Brightness.dll
20:35:01.0945 4568 C:\Program Files\TOSHIBA\FlashCards\Hotkey\Brightness.dll - ok
20:35:01.0961 4568 [ 917A728A12F25FCF4636858FAC9979FA ] C:\Program Files (x86)\Google\GoogleToolbarNotifier\5.7.8313.1002\swg.dll
20:35:01.0961 4568 C:\Program Files (x86)\Google\GoogleToolbarNotifier\5.7.8313.1002\swg.dll - ok
20:35:01.0977 4568 [ 92DBF0A4C9239169010FC6E07859C82E ] C:\Windows\System32\ActionCenter.dll
20:35:01.0977 4568 C:\Windows\System32\ActionCenter.dll - ok
20:35:01.0993 4568 [ 241AF87821FDA0F5792037B779F49BE0 ] C:\Windows\winsxs\amd64_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.6161_none_08e61857a83bc251\msvcp90.dll
20:35:01.0993 4568 C:\Windows\winsxs\amd64_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.6161_none_08e61857a83bc251\msvcp90.dll - ok
20:35:02.0039 4568 [ C746F3BF98E92FB137B5BD2B8B5925BD ] C:\Windows\System32\FXSST.dll
20:35:02.0040 4568 C:\Windows\System32\FXSST.dll - ok
20:35:02.0057 4568 [ E0B340996A41C9A75DFA3B99BBA9C500 ] C:\Windows\System32\SearchIndexer.exe
20:35:02.0057 4568 C:\Windows\System32\SearchIndexer.exe - ok
20:35:02.0073 4568 [ DDE5A0DFAF7C6370FB36402D7A746ED3 ] C:\Program Files (x86)\Internet Explorer\iexplore.exe
20:35:02.0074 4568 C:\Program Files (x86)\Internet Explorer\iexplore.exe - ok
20:35:02.0089 4568 [ D233C7FEAE3FAA25F93A9E6B46815ADC ] C:\Windows\winsxs\amd64_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.6161_none_08e61857a83bc251\msvcr90.dll
20:35:02.0090 4568 C:\Windows\winsxs\amd64_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.6161_none_08e61857a83bc251\msvcr90.dll - ok
20:35:02.0105 4568 [ 650CAEA856943E29F25A25D31E004B18 ] C:\Windows\System32\FXSAPI.dll
20:35:02.0105 4568 C:\Windows\System32\FXSAPI.dll - ok
20:35:02.0120 4568 [ 5997D769CDB108390DCFAEBF442BF816 ] C:\Windows\SysWOW64\RpcRtRemote.dll
20:35:02.0120 4568 C:\Windows\SysWOW64\RpcRtRemote.dll - ok
20:35:02.0135 4568 [ 919001D2BB17DF06CA3F8AC16AD039F6 ] C:\Windows\SysWOW64\sxs.dll
20:35:02.0135 4568 C:\Windows\SysWOW64\sxs.dll - ok
20:35:02.0156 4568 [ 1C937AA6A3E2E5F5F650686437AE2854 ] C:\Program Files\TOSHIBA\FlashCards\SmoothView.dll
20:35:02.0156 4568 C:\Program Files\TOSHIBA\FlashCards\SmoothView.dll - ok
20:35:02.0176 4568 [ 43AA2EFD14590DE58A545BF3B28ED09F ] C:\Program Files\TOSHIBA\FlashCards\Hotkey\FnF8Dll.dll
20:35:02.0177 4568 C:\Program Files\TOSHIBA\FlashCards\Hotkey\FnF8Dll.dll - ok
20:35:02.0187 4568 [ C8E8B8239FCF17BEA10E751BE5854631 ] C:\Windows\System32\FXSRESM.dll
20:35:02.0187 4568 C:\Windows\System32\FXSRESM.dll - ok
20:35:02.0204 4568 [ 357BE883C5236BFC7341CB9E82308908 ] C:\Windows\System32\wlanapi.dll
20:35:02.0204 4568 C:\Windows\System32\wlanapi.dll - ok
20:35:02.0220 4568 [ D66423EB59EA81B1D9C0DE0AAFE2EB25 ] C:\Program Files\TOSHIBA\TBS\TBSMain.dll
20:35:02.0220 4568 C:\Program Files\TOSHIBA\TBS\TBSMain.dll - ok
20:35:02.0238 4568 [ 11615D80DC10ABB83D2A9002B70A4E36 ] C:\Program Files\TOSHIBA\FlashCards\TWarnMsg\TWarnMsg.dll
20:35:02.0238 4568 C:\Program Files\TOSHIBA\FlashCards\TWarnMsg\TWarnMsg.dll - ok
20:35:02.0256 4568 [ 7C74C407EEFE30A423B49E2D10850281 ] C:\Program Files\Common Files\Microsoft Shared\OFFICE14\msoshext.dll
20:35:02.0256 4568 C:\Program Files\Common Files\Microsoft Shared\OFFICE14\msoshext.dll - ok
20:35:02.0293 4568 [ 1AC9B56AC7E043AC2874D61CBCED5F49 ] C:\Program Files\TOSHIBA\FlashCards\Hotkey\Mute.dll
20:35:02.0294 4568 C:\Program Files\TOSHIBA\FlashCards\Hotkey\Mute.dll - ok
20:35:02.0307 4568 [ 589DF683A6C81424A6CECE52ABF98A50 ] C:\Windows\System32\tquery.dll
20:35:02.0307 4568 C:\Windows\System32\tquery.dll - ok
20:35:02.0325 4568 [ 619A67C9F617B7E69315BB28ECD5E1DF ] C:\Windows\System32\wbem\WmiPrvSE.exe
20:35:02.0326 4568 C:\Windows\System32\wbem\WmiPrvSE.exe - ok
20:35:02.0341 4568 [ DBEFD454F8318A0EF691FDD2EAAB44EB ] C:\Windows\System32\FXSSVC.exe
20:35:02.0341 4568 C:\Windows\System32\FXSSVC.exe - ok
20:35:02.0356 4568 [ E7368F0A8D19445EAF5C5D0DBB8B8DAB ] C:\Windows\System32\AltTab.dll
20:35:02.0356 4568 C:\Windows\System32\AltTab.dll - ok
20:35:02.0370 4568 [ B9F0A4020AA98B7A20287BF7FE99A1FD ] C:\Windows\System32\QUTIL.DLL
20:35:02.0371 4568 C:\Windows\System32\QUTIL.DLL - ok
20:35:02.0385 4568 [ 07AD88DF9EF73215458867EFC1BFFE9E ] C:\Windows\System32\wbem\wmiprov.dll
20:35:02.0385 4568 C:\Windows\System32\wbem\wmiprov.dll - ok
20:35:02.0401 4568 [ F7A256EC899C72B4ECDD2C02CB592EFD ] C:\Windows\System32\bthprops.cpl
20:35:02.0401 4568 C:\Windows\System32\bthprops.cpl - ok
20:35:02.0429 4568 [ 7568CC720ACE4D03B84AF97817E745EF ] C:\Windows\System32\mssrch.dll
20:35:02.0429 4568 C:\Windows\System32\mssrch.dll - ok
20:35:02.0441 4568 [ E829C45F0D77852C43BE99C4B1BD215D ] C:\Windows\System32\ieframe.dll
20:35:02.0441 4568 C:\Windows\System32\ieframe.dll - ok
20:35:02.0455 4568 [ 3121A79D13A61562BE9CC902CD46B542 ] C:\Windows\System32\msidle.dll
20:35:02.0455 4568 C:\Windows\System32\msidle.dll - ok
20:35:02.0469 4568 [ ACE1BB07E0377E37A2C514CD2EC119B1 ] C:\Windows\System32\mssprxy.dll
20:35:02.0469 4568 C:\Windows\System32\mssprxy.dll - ok
20:35:02.0486 4568 [ C9FB9038B15036CA28CF0B4BE2BED9BD ] C:\Windows\System32\en-US\tquery.dll.mui
20:35:02.0486 4568 C:\Windows\System32\en-US\tquery.dll.mui - ok
20:35:02.0497 4568 [ F146E2BA475893DD77B2370DC1211FC6 ] C:\Windows\System32\drivers\70697027.sys
20:35:02.0497 4568 C:\Windows\System32\drivers\70697027.sys - ok
20:35:02.0511 4568 [ F9AFD12BB4B1CFA5FCC0A5B37C604FD2 ] C:\Windows\System32\dot3api.dll
20:35:02.0512 4568 C:\Windows\System32\dot3api.dll - ok
20:35:02.0529 4568 [ E4FCA0F99A41E460C84016DEFD31E6EF ] C:\Windows\System32\wlanhlp.dll
20:35:02.0529 4568 C:\Windows\System32\wlanhlp.dll - ok
20:35:02.0546 4568 [ 6699A112A3BDC9B52338512894EBA9D6 ] C:\Program Files\Windows Media Player\wmpnscfg.exe
20:35:02.0546 4568 C:\Program Files\Windows Media Player\wmpnscfg.exe - ok
20:35:02.0562 4568 [ 5DA219F57A9076FB6FBD3C9C3713A672 ] C:\Windows\System32\WWanAPI.dll
20:35:02.0562 4568 C:\Windows\System32\WWanAPI.dll - ok
20:35:02.0576 4568 [ 62C7AACC746C9723468A8F2169ED3E85 ] C:\Windows\System32\wwapi.dll
20:35:02.0576 4568 C:\Windows\System32\wwapi.dll - ok
20:35:02.0591 4568 [ 6B851E682A36453E1B1EE297FFB6E2AB ] C:\Windows\System32\QAGENT.DLL
20:35:02.0592 4568 C:\Windows\System32\QAGENT.DLL - ok
20:35:02.0607 4568 [ C7494C67A6BF6FE914808E42F8265FEF ] C:\Program Files\Windows Media Player\wmpnssci.dll
20:35:02.0607 4568 C:\Program Files\Windows Media Player\wmpnssci.dll - ok
20:35:02.0623 4568 [ D7CEAEDD5F75D2C8A2E80887D7C114CE ] C:\Windows\System32\webcheck.dll
20:35:02.0623 4568 C:\Windows\System32\webcheck.dll - ok
20:35:02.0646 4568 [ 8494E126F0B10180F3293AF861CE1F7A ] C:\Windows\System32\mlang.dll
20:35:02.0646 4568 C:\Windows\System32\mlang.dll - ok
20:35:02.0660 4568 [ 101797BA603D227946B4B5109867EB19 ] C:\Windows\System32\SyncCenter.dll
20:35:02.0660 4568 C:\Windows\System32\SyncCenter.dll - ok
20:35:02.0679 4568 [ A9F3BFC9345F49614D5859EC95B9E994 ] C:\Program Files\Windows Media Player\wmpnetwk.exe
20:35:02.0679 4568 C:\Program Files\Windows Media Player\wmpnetwk.exe - ok
20:35:02.0688 4568 [ 8130391F82D52D36C0441F714136957F ] C:\Windows\System32\imapi2.dll
20:35:02.0688 4568 C:\Windows\System32\imapi2.dll - ok
20:35:02.0705 4568 [ E36112A8A6C7F840169A7E92C12F4203 ] C:\Windows\System32\wsock32.dll
20:35:02.0705 4568 C:\Windows\System32\wsock32.dll - ok
20:35:02.0716 4568 [ 102CF6879887BBE846A00C459E6D4ABC ] C:\Windows\SysWOW64\riched20.dll
20:35:02.0716 4568 C:\Windows\SysWOW64\riched20.dll - ok
20:35:02.0730 4568 [ E2A17BCC08D92F42E08AF6BA2F93ABA7 ] C:\Windows\SysWOW64\ExplorerFrame.dll
20:35:02.0730 4568 C:\Windows\SysWOW64\ExplorerFrame.dll - ok
20:35:02.0745 4568 [ 6A5C1A8AC0B572679361026D0E900420 ] C:\Windows\System32\hgcpl.dll
20:35:02.0745 4568 C:\Windows\System32\hgcpl.dll - ok
20:35:02.0762 4568 [ 423982DD851406A52B6399DDB196C606 ] C:\Windows\System32\wmdrmdev.dll
20:35:02.0762 4568 C:\Windows\System32\wmdrmdev.dll - ok
20:35:02.0777 4568 [ 2C1055E2C6D42753241FB2A129136994 ] C:\Windows\System32\drmv2clt.dll
20:35:02.0777 4568 C:\Windows\System32\drmv2clt.dll - ok
20:35:02.0791 4568 [ 54B5DCD55B223BC5DF50B82E1E9E86B1 ] C:\Windows\System32\mfplat.dll
20:35:02.0791 4568 C:\Windows\System32\mfplat.dll - ok
20:35:02.0817 4568 [ 6E1F8165C365D35C8E3C045AF0CDD481 ] C:\Windows\SysWOW64\duser.dll
20:35:02.0817 4568 C:\Windows\SysWOW64\duser.dll - ok
20:35:02.0839 4568 [ 0438CAB2E03F4FB61455A7956026FE86 ] C:\Windows\System32\fdPHost.dll
20:35:02.0839 4568 C:\Windows\System32\fdPHost.dll - ok
20:35:02.0854 4568 [ EE06B85BC69F18826302348A2AD089E0 ] C:\Windows\SysWOW64\dui70.dll
20:35:02.0854 4568 C:\Windows\SysWOW64\dui70.dll - ok
20:35:02.0868 4568 [ 171D7DB433314A868507C4326E8209DC ] C:\Windows\System32\fdWSD.dll
20:35:02.0868 4568 C:\Windows\System32\fdWSD.dll - ok
20:35:02.0928 4568 [ A2E5B2D20954210DCE1A75A1FC8CC36D ] C:\Windows\System32\fdSSDP.dll
20:35:02.0929 4568 C:\Windows\System32\fdSSDP.dll - ok
20:35:02.0940 4568 [ 97A891E2BF7FDA830BCFC6269DA3F5E9 ] C:\Windows\System32\blackbox.dll
20:35:02.0940 4568 C:\Windows\System32\blackbox.dll - ok
20:35:02.0950 4568 [ 04CB7C8FDC6D9640DD82A527208F72C4 ] C:\Windows\System32\UIAnimation.dll
20:35:02.0950 4568 C:\Windows\System32\UIAnimation.dll - ok
20:35:02.0964 4568 [ E19AD0D49BFF5938B3E374873AC174DE ] C:\Windows\System32\wmploc.DLL
20:35:02.0964 4568 C:\Windows\System32\wmploc.DLL - ok
20:35:02.0979 4568 [ 96DB78C9C50CEED9DA5050EFFEE272A2 ] C:\Windows\System32\upnp.dll
20:35:02.0979 4568 C:\Windows\System32\upnp.dll - ok
20:35:02.0993 4568 [ 2A436796758BF2555A26C770FE8A6FEE ] C:\Windows\System32\fdProxy.dll
20:35:02.0994 4568 C:\Windows\System32\fdProxy.dll - ok
20:35:03.0008 4568 [ 51B52FBD583CDE8AA9BA62B8B4298F33 ] C:\Windows\System32\ssdpsrv.dll
20:35:03.0008 4568 C:\Windows\System32\ssdpsrv.dll - ok
20:35:03.0023 4568 [ EFDFB3DD38A4376F93E7985173813ABD ] C:\Windows\System32\ListSvc.dll
20:35:03.0023 4568 C:\Windows\System32\ListSvc.dll - ok
20:35:03.0078 4568 [ B6411CED931AFD059E48C52DBFBA95B4 ] C:\Windows\System32\P2P.dll
20:35:03.0078 4568 C:\Windows\System32\P2P.dll - ok
20:35:03.0093 4568 [ 4A82EA2807B16FF577AEAF8ADB8779FF ] C:\Windows\System32\IdListen.dll
20:35:03.0093 4568 C:\Windows\System32\IdListen.dll - ok
20:35:03.0109 4568 [ A0524499F4C63CADA7E1529FC77F5DC1 ] C:\Windows\System32\hgprint.dll
20:35:03.0109 4568 C:\Windows\System32\hgprint.dll - ok
20:35:03.0124 4568 [ F7220A36464885AC591C21544B47D443 ] C:\Program Files\Internet Explorer\ieproxy.dll
20:35:03.0124 4568 C:\Program Files\Internet Explorer\ieproxy.dll - ok
20:35:03.0139 4568 [ 3EAC4455472CC2C97107B5291E0DCAFE ] C:\Windows\System32\pnrpsvc.dll
20:35:03.0139 4568 C:\Windows\System32\pnrpsvc.dll - ok
20:35:03.0154 4568 [ 355A138ABDFD43FBABCAE3A1B06AB93D ] C:\Windows\System32\wmpps.dll
20:35:03.0154 4568 C:\Windows\System32\wmpps.dll - ok
20:35:03.0168 4568 [ F149E8CAE538DBF7059B00326673F602 ] C:\Windows\System32\wmpmde.dll
20:35:03.0168 4568 C:\Windows\System32\wmpmde.dll - ok
20:35:03.0226 4568 [ 021287C2050FD5DB4A8B084E2C38139C ] C:\Windows\System32\WinSATAPI.dll
20:35:03.0226 4568 C:\Windows\System32\WinSATAPI.dll - ok
20:35:03.0238 4568 [ 66C87DB880052104808507D6FA84D68E ] C:\Program Files\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
20:35:03.0239 4568 C:\Program Files\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL - ok
20:35:03.0254 4568 [ 28A7D7C7E2FDD1D55F12F750CD6331EC ] C:\Windows\System32\MSMPEG2ENC.DLL
20:35:03.0255 4568 C:\Windows\System32\MSMPEG2ENC.DLL - ok
20:35:03.0269 4568 [ 46767946E7B559D981C1DC04EC0AB36F ] C:\Windows\System32\devenum.dll
20:35:03.0269 4568 C:\Windows\System32\devenum.dll - ok
20:35:03.0285 4568 [ 558C42D165DB5799B4072DC0A9C27C0B ] C:\Windows\System32\msdmo.dll
20:35:03.0285 4568 C:\Windows\System32\msdmo.dll - ok
20:35:03.0299 4568 [ 927463ECB02179F88E4B9A17568C63C3 ] C:\Windows\System32\p2psvc.dll
20:35:03.0300 4568 C:\Windows\System32\p2psvc.dll - ok
20:35:03.0317 4568 [ 3AEE02CEDAA3ACD14F9D7E038E44D6D1 ] C:\Windows\System32\P2PGraph.dll
20:35:03.0318 4568 C:\Windows\System32\P2PGraph.dll - ok
20:35:03.0335 4568 [ D47EC6A8E81633DD18D2436B19BAF6DE ] C:\Windows\System32\upnphost.dll
20:35:03.0335 4568 C:\Windows\System32\upnphost.dll - ok
20:35:03.0421 4568 [ 8C338238C16777A802D6A9211EB2BA50 ] C:\Windows\SysWOW64\netprofm.dll
20:35:03.0421 4568 C:\Windows\SysWOW64\netprofm.dll - ok
20:35:03.0434 4568 [ 0BA65122FFA7E37564EE86422DBF7AE8 ] C:\Windows\SysWOW64\nlaapi.dll
20:35:03.0434 4568 C:\Windows\SysWOW64\nlaapi.dll - ok
20:35:03.0448 4568 [ 15E298B5EC5B89C5994A59863969D9FF ] C:\Windows\SysWOW64\npmproxy.dll
20:35:03.0449 4568 C:\Windows\SysWOW64\npmproxy.dll - ok
20:35:03.0464 4568 [ 9A85ABCE0FDD1AF8E79E731EB0B679F3 ] C:\Windows\SysWOW64\dhcpcsvc.dll
20:35:03.0464 4568 C:\Windows\SysWOW64\dhcpcsvc.dll - ok
20:35:03.0479 4568 [ 81F6C1AE23B1C493D9E996C3103915D7 ] C:\Windows\SysWOW64\dhcpcsvc6.dll
20:35:03.0479 4568 C:\Windows\SysWOW64\dhcpcsvc6.dll - ok
20:35:03.0502 4568 [ 263963D93A3CA8F685EFA5966F1E6581 ] C:\Windows\SysWOW64\mshtml.dll
20:35:03.0502 4568 C:\Windows\SysWOW64\mshtml.dll - ok
20:35:03.0517 4568 [ 71E68F2443A80BD4DA89181889C457EA ] C:\Windows\System32\udhisapi.dll
20:35:03.0517 4568 C:\Windows\System32\udhisapi.dll - ok
20:35:03.0540 4568 [ 8EE6BDE1D572677AA35707C52C585F75 ] C:\Windows\SysWOW64\mlang.dll
20:35:03.0540 4568 C:\Windows\SysWOW64\mlang.dll - ok
20:35:03.0556 4568 [ 1D1EAA16D193C6A2D45981ED3914D22A ] C:\Windows\SysWOW64\msimtf.dll
20:35:03.0556 4568 C:\Windows\SysWOW64\msimtf.dll - ok
20:35:03.0574 4568 [ 35AAE2E841AA1A949775168E119482C9 ] C:\Windows\SysWOW64\msls31.dll
20:35:03.0574 4568 C:\Windows\SysWOW64\msls31.dll - ok
20:35:03.0589 4568 [ 69F42E40A0C4344939437D86A8893DA6 ] C:\Windows\SysWOW64\jscript9.dll
20:35:03.0590 4568 C:\Windows\SysWOW64\jscript9.dll - ok
20:35:03.0607 4568 [ 9FF8F684BACF326082E5562F7C104A79 ] C:\Windows\SysWOW64\d2d1.dll
20:35:03.0607 4568 C:\Windows\SysWOW64\d2d1.dll - ok
20:35:03.0621 4568 [ 4277F5164DE9B7C665BB928B9145BEE0 ] C:\Windows\SysWOW64\DWrite.dll
20:35:03.0621 4568 C:\Windows\SysWOW64\DWrite.dll - ok
20:35:03.0636 4568 [ D4F264FE23F8953D840904418220C15E ] C:\Windows\SysWOW64\dxgi.dll
20:35:03.0637 4568 C:\Windows\SysWOW64\dxgi.dll - ok
20:35:03.0651 4568 [ 3C1936A12C62254F914A01BBC6A8DC69 ] C:\Windows\SysWOW64\d3d10_1.dll
20:35:03.0652 4568 C:\Windows\SysWOW64\d3d10_1.dll - ok
20:35:03.0687 4568 [ D4212AB475A3B25EC4DF574536C3EDC5 ] C:\Windows\SysWOW64\d3d10_1core.dll
20:35:03.0687 4568 C:\Windows\SysWOW64\d3d10_1core.dll - ok
20:35:03.0702 4568 [ 7ACDFB4CC67F4993DF0E0731576309B2 ] C:\Windows\SysWOW64\d3d11.dll
20:35:03.0702 4568 C:\Windows\SysWOW64\d3d11.dll - ok
20:35:03.0720 4568 [ B3170CCC779B682C3341873EA60CF084 ] C:\Windows\SysWOW64\d3d10warp.dll
20:35:03.0720 4568 C:\Windows\SysWOW64\d3d10warp.dll - ok
20:35:03.0731 4568 [ FF855B794961EC8785FD5CCB7B8285D3 ] C:\Windows\SysWOW64\aticfx32.dll
20:35:03.0731 4568 C:\Windows\SysWOW64\aticfx32.dll - ok
20:35:03.0748 4568 [ 38A0BE38EB53510AB425E33EA0847AD6 ] C:\Windows\SysWOW64\Macromed\Flash\Flash32_11_6_602_180.ocx
20:35:03.0750 4568 C:\Windows\SysWOW64\Macromed\Flash\Flash32_11_6_602_180.ocx - ok
20:35:03.0760 4568 [ D1DE1EAFDE97BE41CF6585027FF3E732 ] C:\Windows\SysWOW64\comdlg32.dll
20:35:03.0761 4568 C:\Windows\SysWOW64\comdlg32.dll - ok
20:35:03.0777 4568 [ 18AB2E5A40064ED5F7791AC5946A90F3 ] C:\Windows\SysWOW64\msimg32.dll
20:35:03.0777 4568 C:\Windows\SysWOW64\msimg32.dll - ok
20:35:03.0820 4568 [ BDAC1AA64495D0F7E1FF810EBBF1F018 ] C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_5.82.7601.17514_none_ec83dffa859149af\comctl32.dll
20:35:03.0820 4568 C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_5.82.7601.17514_none_ec83dffa859149af\comctl32.dll - ok
20:35:03.0837 4568 [ 7F8678C59F188528D60104E697C2361E ] C:\Windows\SysWOW64\mscms.dll
20:35:03.0837 4568 C:\Windows\SysWOW64\mscms.dll - ok
20:35:03.0853 4568 [ 21D3A18769EC2C4E56756D04E989A221 ] C:\Windows\SysWOW64\msxml3.dll
20:35:03.0853 4568 C:\Windows\SysWOW64\msxml3.dll - ok
20:35:03.0871 4568 [ 773212B2AAA24C1E31F10246B15B276C ] C:\Windows\servicing\TrustedInstaller.exe
20:35:03.0871 4568 C:\Windows\servicing\TrustedInstaller.exe - ok
20:35:03.0888 4568 [ 2E7ADF9B0389CD94605717784D7E416A ] C:\Windows\System32\drttransport.dll
20:35:03.0889 4568 C:\Windows\System32\drttransport.dll - ok
20:35:03.0908 4568 [ C57BC99A4467B3E8F1CC2184A3F46729 ] C:\Windows\System32\drt.dll
20:35:03.0908 4568 C:\Windows\System32\drt.dll - ok
20:35:03.0928 4568 [ 1957D49A9613FAAD1C73B508CCE02AA5 ] C:\Windows\SysWOW64\wmp.dll
20:35:03.0928 4568 C:\Windows\SysWOW64\wmp.dll - ok
20:35:03.0978 4568 [ 7717F84F483002815490033BF069DABD ] C:\Windows\winsxs\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.17825_none_72d273598668a06b\GdiPlus.dll
20:35:03.0979 4568 C:\Windows\winsxs\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.17825_none_72d273598668a06b\GdiPlus.dll - ok
20:35:03.0992 4568 [ 0FBC74AA20FE0AE6884279F893169C60 ] C:\Windows\SysWOW64\wmploc.DLL
20:35:03.0992 4568 C:\Windows\SysWOW64\wmploc.DLL - ok
20:35:04.0008 4568 [ 43C9CF6825CEA58F1815B7C3DBBB385C ] C:\Windows\SysWOW64\Wpc.dll
20:35:04.0008 4568 C:\Windows\SysWOW64\Wpc.dll - ok
20:35:04.0017 4568 [ 82C089EA2A3EEFADF3588EA71E8BDADA ] C:\Windows\SysWOW64\wevtapi.dll
20:35:04.0018 4568 C:\Windows\SysWOW64\wevtapi.dll - ok
20:35:04.0033 4568 [ 68ECCA523ED760AAFC03C5D587569859 ] C:\Windows\SysWOW64\samcli.dll
20:35:04.0034 4568 C:\Windows\SysWOW64\samcli.dll - ok
20:35:04.0048 4568 [ C30A3E5DEEEBA22E782AC54C5AF5F352 ] C:\Windows\SysWOW64\samlib.dll
20:35:04.0048 4568 C:\Windows\SysWOW64\samlib.dll - ok
20:35:04.0064 4568 [ 3C06536A9AA332E9E0CEBDE5A596822A ] C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDPROV.DLL
20:35:04.0065 4568 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDPROV.DLL - ok
20:35:04.0082 4568 [ 0C15DB6FF927935F0ECA52FEEA40E6C2 ] C:\Program Files\Common Files\Microsoft Shared\Windows Live\wlidcli.dll
20:35:04.0082 4568 C:\Program Files\Common Files\Microsoft Shared\Windows Live\wlidcli.dll - ok
20:35:04.0131 4568 [ 3D3CBD1847F980FB03343A63671E7886 ] C:\Windows\SysWOW64\schannel.dll
20:35:04.0132 4568 C:\Windows\SysWOW64\schannel.dll - ok
20:35:04.0140 4568 ============================================================
20:35:04.0140 4568 Scan finished
20:35:04.0140 4568 ============================================================
20:35:04.0177 4560 Detected object count: 3
20:35:04.0178 4560 Actual detected object count: 3
20:36:02.0189 4560 Thpsrv ( UnsignedFile.Multi.Generic ) - skipped by user
20:36:02.0189 4560 Thpsrv ( UnsignedFile.Multi.Generic ) - User select action: Skip
20:36:03.0873 4560 \Device\Harddisk0\DR0\# - copied to quarantine
20:36:03.0889 4560 \Device\Harddisk0\DR0 - copied to quarantine
20:36:03.0998 4560 \Device\Harddisk0\DR0\TDLFS\cmd.dll - copied to quarantine
20:36:04.0139 4560 \Device\Harddisk0\DR0\TDLFS\cmd64.dll - copied to quarantine
20:36:04.0279 4560 \Device\Harddisk0\DR0\TDLFS\drv32 - copied to quarantine
20:36:04.0419 4560 \Device\Harddisk0\DR0\TDLFS\drv64 - copied to quarantine
20:36:04.0497 4560 \Device\Harddisk0\DR0\TDLFS\servers.dat - copied to quarantine
20:36:04.0544 4560 \Device\Harddisk0\DR0\TDLFS\config.ini - copied to quarantine
20:36:04.0591 4560 \Device\Harddisk0\DR0\TDLFS\ldr16 - copied to quarantine
20:36:05.0262 4560 \Device\Harddisk0\DR0\TDLFS\ldr32 - copied to quarantine
20:36:05.0340 4560 \Device\Harddisk0\DR0\TDLFS\ldr64 - copied to quarantine
20:36:05.0402 4560 \Device\Harddisk0\DR0\TDLFS\s - copied to quarantine
20:36:05.0433 4560 \Device\Harddisk0\DR0\TDLFS\ldrm - copied to quarantine
20:36:05.0449 4560 \Device\Harddisk0\DR0\TDLFS\u - copied to quarantine
20:36:05.0574 4560 \Device\Harddisk0\DR0 ( Rootkit.Boot.Pihar.c ) - will be cured on reboot
20:36:05.0574 4560 \Device\Harddisk0\DR0 - ok
20:36:06.0619 4560 \Device\Harddisk0\DR0 ( Rootkit.Boot.Pihar.c ) - User select action: Cure
20:36:06.0619 4560 \Device\Harddisk0\DR0 ( TDSS File System ) - skipped by user
20:36:06.0619 4560 \Device\Harddisk0\DR0 ( TDSS File System ) - User select action: Skip
  • 0

#7
jkabat

jkabat

    Member

  • Topic Starter
  • Member
  • PipPip
  • 98 posts
20:32:35.0365 2300 TDSS rootkit removing tool 2.8.16.0 Feb 11 2013 18:50:42
20:32:37.0378 2300 ============================================================
20:32:37.0378 2300 Current date / time: 2013/03/14 20:32:37.0378
20:32:37.0378 2300 SystemInfo:
20:32:37.0378 2300
20:32:37.0378 2300 OS Version: 6.1.7601 ServicePack: 1.0
20:32:37.0378 2300 Product type: Workstation
20:32:37.0378 2300 ComputerName: JESSIE-PC
20:32:37.0596 2300 UserName: Jessie
20:32:37.0612 2300 Windows directory: C:\windows
20:32:37.0612 2300 System windows directory: C:\windows
20:32:37.0612 2300 Running under WOW64
20:32:37.0612 2300 Processor architecture: Intel x64
20:32:37.0612 2300 Number of processors: 2
20:32:37.0612 2300 Page size: 0x1000
20:32:37.0612 2300 Boot type: Normal boot
20:32:37.0612 2300 ============================================================
20:33:08.0396 2300 BG loaded
20:33:09.0332 2300 Drive \Device\Harddisk0\DR0 - Size: 0x4A85D56000 (298.09 Gb), SectorSize: 0x200, Cylinders: 0x9801, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
20:33:09.0347 2300 ============================================================
20:33:09.0347 2300 \Device\Harddisk0\DR0:
20:33:09.0347 2300 MBR partitions:
20:33:09.0347 2300 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x2EE800, BlocksNum 0x234C4000
20:33:09.0347 2300 ============================================================
20:33:09.0441 2300 C: <-> \Device\Harddisk0\DR0\Partition1
20:33:09.0441 2300 ============================================================
20:33:09.0441 2300 Initialize success
20:33:09.0441 2300 ============================================================
20:33:40.0532 4568 ============================================================
20:33:40.0532 4568 Scan started
20:33:40.0532 4568 Mode: Manual; SigCheck; TDLFS;
20:33:40.0532 4568 ============================================================
20:33:43.0184 4568 ================ Scan system memory ========================
20:33:43.0184 4568 System memory - ok
20:33:43.0199 4568 ================ Scan services =============================
20:33:43.0402 4568 [ A87D604AEA360176311474C87A63BB88 ] 1394ohci C:\windows\system32\drivers\1394ohci.sys
20:33:43.0652 4568 1394ohci - ok
20:33:43.0777 4568 [ D81D9E70B8A6DD14D42D7B4EFA65D5F2 ] ACPI C:\windows\system32\drivers\ACPI.sys
20:33:43.0839 4568 ACPI - ok
20:33:43.0886 4568 [ 99F8E788246D495CE3794D7E7821D2CA ] AcpiPmi C:\windows\system32\drivers\acpipmi.sys
20:33:44.0057 4568 AcpiPmi - ok
20:33:44.0260 4568 [ EA856F4A46320389D1899B2CAA7BF40F ] AdobeFlashPlayerUpdateSvc C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
20:33:44.0338 4568 AdobeFlashPlayerUpdateSvc - ok
20:33:44.0416 4568 [ 2F6B34B83843F0C5118B63AC634F5BF4 ] adp94xx C:\windows\system32\drivers\adp94xx.sys
20:33:44.0479 4568 adp94xx - ok
20:33:44.0525 4568 [ 597F78224EE9224EA1A13D6350CED962 ] adpahci C:\windows\system32\drivers\adpahci.sys
20:33:44.0572 4568 adpahci - ok
20:33:44.0603 4568 [ E109549C90F62FB570B9540C4B148E54 ] adpu320 C:\windows\system32\drivers\adpu320.sys
20:33:44.0650 4568 adpu320 - ok
20:33:44.0697 4568 [ 4B78B431F225FD8624C5655CB1DE7B61 ] AeLookupSvc C:\windows\System32\aelupsvc.dll
20:33:45.0165 4568 AeLookupSvc - ok
20:33:45.0227 4568 [ 1C7857B62DE5994A75B054A9FD4C3825 ] AFD C:\windows\system32\drivers\afd.sys
20:33:45.0305 4568 AFD - ok
20:33:45.0352 4568 [ 608C14DBA7299D8CB6ED035A68A15799 ] agp440 C:\windows\system32\drivers\agp440.sys
20:33:45.0383 4568 agp440 - ok
20:33:45.0446 4568 [ 3290D6946B5E30E70414990574883DDB ] ALG C:\windows\System32\alg.exe
20:33:45.0711 4568 ALG - ok
20:33:45.0758 4568 [ 5812713A477A3AD7363C7438CA2EE038 ] aliide C:\windows\system32\drivers\aliide.sys
20:33:45.0789 4568 aliide - ok
20:33:45.0867 4568 [ 2F2E91FD092811353C3BC968BEC274D8 ] AMD External Events Utility C:\windows\system32\atiesrxx.exe
20:33:46.0023 4568 AMD External Events Utility - ok
20:33:46.0085 4568 [ 1FF8B4431C353CE385C875F194924C0C ] amdide C:\windows\system32\drivers\amdide.sys
20:33:46.0132 4568 amdide - ok
20:33:46.0163 4568 [ 7024F087CFF1833A806193EF9D22CDA9 ] AmdK8 C:\windows\system32\drivers\amdk8.sys
20:33:46.0226 4568 AmdK8 - ok
20:33:46.0522 4568 [ 194D76D2083318A2E7071A988E02ECF4 ] amdkmdag C:\windows\system32\DRIVERS\atikmdag.sys
20:33:46.0850 4568 amdkmdag - ok
20:33:46.0975 4568 [ 1EEFFCE9A3A65A56A28793EAA3F57026 ] amdkmdap C:\windows\system32\DRIVERS\atikmpag.sys
20:33:47.0037 4568 amdkmdap - ok
20:33:47.0068 4568 [ 1E56388B3FE0D031C44144EB8C4D6217 ] AmdPPM C:\windows\system32\DRIVERS\amdppm.sys
20:33:47.0115 4568 AmdPPM - ok
20:33:47.0146 4568 [ D4121AE6D0C0E7E13AA221AA57EF2D49 ] amdsata C:\windows\system32\drivers\amdsata.sys
20:33:47.0193 4568 amdsata - ok
20:33:47.0255 4568 [ F67F933E79241ED32FF46A4F29B5120B ] amdsbs C:\windows\system32\drivers\amdsbs.sys
20:33:47.0287 4568 amdsbs - ok
20:33:47.0318 4568 [ 540DAF1CEA6094886D72126FD7C33048 ] amdxata C:\windows\system32\drivers\amdxata.sys
20:33:47.0349 4568 amdxata - ok
20:33:47.0396 4568 [ 89A69C3F2F319B43379399547526D952 ] AppID C:\windows\system32\drivers\appid.sys
20:33:47.0568 4568 AppID - ok
20:33:47.0614 4568 [ 0BC381A15355A3982216F7172F545DE1 ] AppIDSvc C:\windows\System32\appidsvc.dll
20:33:47.0724 4568 AppIDSvc - ok
20:33:47.0755 4568 [ 3977D4A871CA0D4F2ED1E7DB46829731 ] Appinfo C:\windows\System32\appinfo.dll
20:33:47.0880 4568 Appinfo - ok
20:33:47.0926 4568 [ C484F8CEB1717C540242531DB7845C4E ] arc C:\windows\system32\drivers\arc.sys
20:33:47.0973 4568 arc - ok
20:33:48.0036 4568 [ 019AF6924AEFE7839F61C830227FE79C ] arcsas C:\windows\system32\drivers\arcsas.sys
20:33:48.0067 4568 arcsas - ok
20:33:48.0098 4568 [ 769765CE2CC62867468CEA93969B2242 ] AsyncMac C:\windows\system32\DRIVERS\asyncmac.sys
20:33:48.0223 4568 AsyncMac - ok
20:33:48.0270 4568 [ 02062C0B390B7729EDC9E69C680A6F3C ] atapi C:\windows\system32\drivers\atapi.sys
20:33:48.0301 4568 atapi - ok
20:33:48.0363 4568 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioEndpointBuilder C:\windows\System32\Audiosrv.dll
20:33:48.0472 4568 AudioEndpointBuilder - ok
20:33:48.0566 4568 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioSrv C:\windows\System32\Audiosrv.dll
20:33:48.0660 4568 AudioSrv - ok
20:33:48.0706 4568 [ A6BF31A71B409DFA8CAC83159E1E2AFF ] AxInstSV C:\windows\System32\AxInstSV.dll
20:33:48.0831 4568 AxInstSV - ok
20:33:48.0878 4568 [ 3E5B191307609F7514148C6832BB0842 ] b06bdrv C:\windows\system32\drivers\bxvbda.sys
20:33:48.0925 4568 b06bdrv - ok
20:33:48.0956 4568 [ B5ACE6968304A3900EEB1EBFD9622DF2 ] b57nd60a C:\windows\system32\DRIVERS\b57nd60a.sys
20:33:49.0003 4568 b57nd60a - ok
20:33:49.0096 4568 [ FDE360167101B4E45A96F939F388AEB0 ] BDESVC C:\windows\System32\bdesvc.dll
20:33:49.0174 4568 BDESVC - ok
20:33:49.0206 4568 [ 16A47CE2DECC9B099349A5F840654746 ] Beep C:\windows\system32\drivers\Beep.sys
20:33:49.0315 4568 Beep - ok
20:33:49.0377 4568 [ 82974D6A2FD19445CC5171FC378668A4 ] BFE C:\windows\System32\bfe.dll
20:33:49.0486 4568 BFE - ok
20:33:49.0596 4568 [ 1EA7969E3271CBC59E1730697DC74682 ] BITS C:\windows\System32\qmgr.dll
20:33:49.0876 4568 BITS - ok
20:33:49.0908 4568 [ 61583EE3C3A17003C4ACD0475646B4D3 ] blbdrive C:\windows\system32\DRIVERS\blbdrive.sys
20:33:49.0939 4568 blbdrive - ok
20:33:49.0986 4568 [ 6C02A83164F5CC0A262F4199F0871CF5 ] bowser C:\windows\system32\DRIVERS\bowser.sys
20:33:50.0048 4568 bowser - ok
20:33:50.0079 4568 [ F09EEE9EDC320B5E1501F749FDE686C8 ] BrFiltLo C:\windows\system32\drivers\BrFiltLo.sys
20:33:50.0142 4568 BrFiltLo - ok
20:33:50.0173 4568 [ B114D3098E9BDB8BEA8B053685831BE6 ] BrFiltUp C:\windows\system32\drivers\BrFiltUp.sys
20:33:50.0220 4568 BrFiltUp - ok
20:33:50.0235 4568 [ 5C2F352A4E961D72518261257AAE204B ] BridgeMP C:\windows\system32\DRIVERS\bridge.sys
20:33:50.0391 4568 BridgeMP - ok
20:33:50.0438 4568 [ 05F5A0D14A2EE1D8255C2AA0E9E8E694 ] Browser C:\windows\System32\browser.dll
20:33:50.0500 4568 Browser - ok
20:33:50.0578 4568 [ 43BEA8D483BF1870F018E2D02E06A5BD ] Brserid C:\windows\System32\Drivers\Brserid.sys
20:33:50.0656 4568 Brserid - ok
20:33:50.0734 4568 [ A6ECA2151B08A09CACECA35C07F05B42 ] BrSerWdm C:\windows\System32\Drivers\BrSerWdm.sys
20:33:50.0797 4568 BrSerWdm - ok
20:33:50.0828 4568 [ B79968002C277E869CF38BD22CD61524 ] BrUsbMdm C:\windows\System32\Drivers\BrUsbMdm.sys
20:33:50.0890 4568 BrUsbMdm - ok
20:33:50.0953 4568 [ A87528880231C54E75EA7A44943B38BF ] BrUsbSer C:\windows\System32\Drivers\BrUsbSer.sys
20:33:51.0031 4568 BrUsbSer - ok
20:33:51.0062 4568 [ 9DA669F11D1F894AB4EB69BF546A42E8 ] BTHMODEM C:\windows\system32\drivers\bthmodem.sys
20:33:51.0124 4568 BTHMODEM - ok
20:33:51.0234 4568 [ 95F9C2976059462CBBF227F7AAB10DE9 ] bthserv C:\windows\system32\bthserv.dll
20:33:51.0374 4568 bthserv - ok
20:33:51.0405 4568 [ B8BD2BB284668C84865658C77574381A ] cdfs C:\windows\system32\DRIVERS\cdfs.sys
20:33:51.0530 4568 cdfs - ok
20:33:52.0107 4568 [ F036CE71586E93D94DAB220D7BDF4416 ] cdrom C:\windows\system32\DRIVERS\cdrom.sys
20:33:52.0185 4568 cdrom - ok
20:33:52.0279 4568 [ F17D1D393BBC69C5322FBFAFACA28C7F ] CertPropSvc C:\windows\System32\certprop.dll
20:33:52.0466 4568 CertPropSvc - ok
20:33:52.0513 4568 [ D7CD5C4E1B71FA62050515314CFB52CF ] circlass C:\windows\system32\drivers\circlass.sys
20:33:52.0606 4568 circlass - ok
20:33:52.0747 4568 [ FE1EC06F2253F691FE36217C592A0206 ] CLFS C:\windows\system32\CLFS.sys
20:33:52.0825 4568 CLFS - ok
20:33:53.0106 4568 [ D88040F816FDA31C3B466F0FA0918F29 ] clr_optimization_v2.0.50727_32 C:\windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
20:33:53.0137 4568 clr_optimization_v2.0.50727_32 - ok
20:33:53.0184 4568 [ D1CEEA2B47CB998321C579651CE3E4F8 ] clr_optimization_v2.0.50727_64 C:\windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
20:33:53.0230 4568 clr_optimization_v2.0.50727_64 - ok
20:33:53.0308 4568 [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
20:33:53.0355 4568 clr_optimization_v4.0.30319_32 - ok
20:33:53.0433 4568 [ C6F9AF94DCD58122A4D7E89DB6BED29D ] clr_optimization_v4.0.30319_64 C:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
20:33:53.0464 4568 clr_optimization_v4.0.30319_64 - ok
20:33:53.0496 4568 [ 0840155D0BDDF1190F84A663C284BD33 ] CmBatt C:\windows\system32\DRIVERS\CmBatt.sys
20:33:53.0558 4568 CmBatt - ok
20:33:53.0589 4568 [ E19D3F095812725D88F9001985B94EDD ] cmdide C:\windows\system32\drivers\cmdide.sys
20:33:53.0620 4568 cmdide - ok
20:33:53.0698 4568 [ 9AC4F97C2D3E93367E2148EA940CD2CD ] CNG C:\windows\system32\Drivers\cng.sys
20:33:53.0792 4568 CNG - ok
20:33:53.0854 4568 [ 102DE219C3F61415F964C88E9085AD14 ] Compbatt C:\windows\system32\drivers\compbatt.sys
20:33:53.0886 4568 Compbatt - ok
20:33:53.0932 4568 [ 03EDB043586CCEBA243D689BDDA370A8 ] CompositeBus C:\windows\system32\DRIVERS\CompositeBus.sys
20:33:54.0120 4568 CompositeBus - ok
20:33:54.0135 4568 COMSysApp - ok
20:33:54.0244 4568 [ 1C827878A998C18847245FE1F34EE597 ] crcdisk C:\windows\system32\drivers\crcdisk.sys
20:33:54.0291 4568 crcdisk - ok
20:33:54.0416 4568 [ 9C01375BE382E834CC26D1B7EAF2C4FE ] CryptSvc C:\windows\system32\cryptsvc.dll
20:33:54.0525 4568 CryptSvc - ok
20:33:54.0650 4568 [ 5C627D1B1138676C0A7AB2C2C190D123 ] DcomLaunch C:\windows\system32\rpcss.dll
20:33:54.0775 4568 DcomLaunch - ok
20:33:54.0822 4568 [ 3CEC7631A84943677AA8FA8EE5B6B43D ] defragsvc C:\windows\System32\defragsvc.dll
20:33:54.0946 4568 defragsvc - ok
20:33:55.0009 4568 [ 9BB2EF44EAA163B29C4A4587887A0FE4 ] DfsC C:\windows\system32\Drivers\dfsc.sys
20:33:55.0243 4568 DfsC - ok
20:33:55.0399 4568 [ 43D808F5D9E1A18E5EEB5EBC83969E4E ] Dhcp C:\windows\system32\dhcpcore.dll
20:33:55.0508 4568 Dhcp - ok
20:33:55.0555 4568 [ 13096B05847EC78F0977F2C0F79E9AB3 ] discache C:\windows\system32\drivers\discache.sys
20:33:55.0695 4568 discache - ok
20:33:55.0742 4568 [ 9819EEE8B5EA3784EC4AF3B137A5244C ] Disk C:\windows\system32\drivers\disk.sys
20:33:55.0789 4568 Disk - ok
20:33:55.0867 4568 [ 16835866AAA693C7D7FCEBA8FFF706E4 ] Dnscache C:\windows\System32\dnsrslvr.dll
20:33:56.0085 4568 Dnscache - ok
20:33:56.0210 4568 [ B1FB3DDCA0FDF408750D5843591AFBC6 ] dot3svc C:\windows\System32\dot3svc.dll
20:33:56.0335 4568 dot3svc - ok
20:33:56.0413 4568 [ B26F4F737E8F9DF4F31AF6CF31D05820 ] DPS C:\windows\system32\dps.dll
20:33:56.0553 4568 DPS - ok
20:33:56.0600 4568 [ 9B19F34400D24DF84C858A421C205754 ] drmkaud C:\windows\system32\drivers\drmkaud.sys
20:33:56.0662 4568 drmkaud - ok
20:33:56.0709 4568 [ 85DBF6EC7BDFA6187F4A1EC8F3145CD0 ] DXGKrnl C:\windows\System32\drivers\dxgkrnl.sys
20:33:56.0803 4568 DXGKrnl - ok
20:33:56.0850 4568 [ E2DDA8726DA9CB5B2C4000C9018A9633 ] EapHost C:\windows\System32\eapsvc.dll
20:33:57.0115 4568 EapHost - ok
20:33:57.0302 4568 [ DC5D737F51BE844D8C82C695EB17372F ] ebdrv C:\windows\system32\drivers\evbda.sys
20:33:57.0692 4568 ebdrv - ok
20:33:57.0754 4568 [ C118A82CD78818C29AB228366EBF81C3 ] EFS C:\windows\System32\lsass.exe
20:33:57.0848 4568 EFS - ok
20:33:58.0020 4568 [ C4002B6B41975F057D98C439030CEA07 ] ehRecvr C:\windows\ehome\ehRecvr.exe
20:33:58.0191 4568 ehRecvr - ok
20:33:58.0300 4568 [ 4705E8EF9934482C5BB488CE28AFC681 ] ehSched C:\windows\ehome\ehsched.exe
20:33:58.0347 4568 ehSched - ok
20:33:58.0410 4568 [ 0E5DA5369A0FCAEA12456DD852545184 ] elxstor C:\windows\system32\drivers\elxstor.sys
20:33:58.0456 4568 elxstor - ok
20:33:58.0488 4568 [ 34A3C54752046E79A126E15C51DB409B ] ErrDev C:\windows\system32\drivers\errdev.sys
20:33:58.0581 4568 ErrDev - ok
20:33:58.0675 4568 [ 4166F82BE4D24938977DD1746BE9B8A0 ] EventSystem C:\windows\system32\es.dll
20:33:58.0800 4568 EventSystem - ok
20:33:58.0831 4568 [ A510C654EC00C1E9BDD91EEB3A59823B ] exfat C:\windows\system32\drivers\exfat.sys
20:33:58.0971 4568 exfat - ok
20:33:59.0018 4568 [ 0ADC83218B66A6DB380C330836F3E36D ] fastfat C:\windows\system32\drivers\fastfat.sys
20:33:59.0205 4568 fastfat - ok
20:33:59.0299 4568 [ DBEFD454F8318A0EF691FDD2EAAB44EB ] Fax C:\windows\system32\fxssvc.exe
20:33:59.0408 4568 Fax - ok
20:33:59.0470 4568 [ D765D19CD8EF61F650C384F62FAC00AB ] fdc C:\windows\system32\drivers\fdc.sys
20:33:59.0517 4568 fdc - ok
20:33:59.0564 4568 [ 0438CAB2E03F4FB61455A7956026FE86 ] fdPHost C:\windows\system32\fdPHost.dll
20:33:59.0704 4568 fdPHost - ok
20:33:59.0751 4568 [ 802496CB59A30349F9A6DD22D6947644 ] FDResPub C:\windows\system32\fdrespub.dll
20:33:59.0876 4568 FDResPub - ok
20:33:59.0923 4568 [ 655661BE46B5F5F3FD454E2C3095B930 ] FileInfo C:\windows\system32\drivers\fileinfo.sys
20:33:59.0970 4568 FileInfo - ok
20:34:00.0001 4568 [ 5F671AB5BC87EEA04EC38A6CD5962A47 ] Filetrace C:\windows\system32\drivers\filetrace.sys
20:34:00.0126 4568 Filetrace - ok
20:34:00.0157 4568 [ C172A0F53008EAEB8EA33FE10E177AF5 ] flpydisk C:\windows\system32\drivers\flpydisk.sys
20:34:00.0204 4568 flpydisk - ok
20:34:00.0297 4568 [ DA6B67270FD9DB3697B20FCE94950741 ] FltMgr C:\windows\system32\drivers\fltmgr.sys
20:34:00.0328 4568 FltMgr - ok
20:34:00.0391 4568 [ C4C183E6551084039EC862DA1C945E3D ] FontCache C:\windows\system32\FntCache.dll
20:34:00.0516 4568 FontCache - ok
20:34:00.0594 4568 [ A8B7F3818AB65695E3A0BB3279F6DCE6 ] FontCache3.0.0.0 C:\windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
20:34:00.0640 4568 FontCache3.0.0.0 - ok
20:34:00.0687 4568 [ D43703496149971890703B4B1B723EAC ] FsDepends C:\windows\system32\drivers\FsDepends.sys
20:34:00.0750 4568 FsDepends - ok
20:34:00.0765 4568 [ 6BD9295CC032DD3077C671FCCF579A7B ] Fs_Rec C:\windows\system32\drivers\Fs_Rec.sys
20:34:00.0796 4568 Fs_Rec - ok
20:34:00.0859 4568 [ 1F7B25B858FA27015169FE95E54108ED ] fvevol C:\windows\system32\DRIVERS\fvevol.sys
20:34:00.0921 4568 fvevol - ok
20:34:00.0968 4568 [ 60ACB128E64C35C2B4E4AAB1B0A5C293 ] FwLnk C:\windows\system32\DRIVERS\FwLnk.sys
20:34:01.0015 4568 FwLnk - ok
20:34:01.0093 4568 [ 8C778D335C9D272CFD3298AB02ABE3B6 ] gagp30kx C:\windows\system32\drivers\gagp30kx.sys
20:34:01.0140 4568 gagp30kx - ok
20:34:01.0264 4568 [ 277BBC7E1AA1EE957F573A10ECA7EF3A ] gpsvc C:\windows\System32\gpsvc.dll
20:34:01.0436 4568 gpsvc - ok
20:34:01.0514 4568 [ F02A533F517EB38333CB12A9E8963773 ] gupdate C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
20:34:01.0670 4568 gupdate - ok
20:34:01.0686 4568 [ F02A533F517EB38333CB12A9E8963773 ] gupdatem C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
20:34:01.0717 4568 gupdatem - ok
20:34:01.0779 4568 [ 5D4BC124FAAE6730AC002CDB67BF1A1C ] gusvc C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
20:34:01.0857 4568 gusvc - ok
20:34:01.0904 4568 [ F2523EF6460FC42405B12248338AB2F0 ] hcw85cir C:\windows\system32\drivers\hcw85cir.sys
20:34:02.0013 4568 hcw85cir - ok
20:34:02.0091 4568 [ 975761C778E33CD22498059B91E7373A ] HdAudAddService C:\windows\system32\drivers\HdAudio.sys
20:34:02.0154 4568 HdAudAddService - ok
20:34:02.0200 4568 [ 97BFED39B6B79EB12CDDBFEED51F56BB ] HDAudBus C:\windows\system32\DRIVERS\HDAudBus.sys
20:34:02.0372 4568 HDAudBus - ok
20:34:02.0419 4568 [ 78E86380454A7B10A5EB255DC44A355F ] HidBatt C:\windows\system32\drivers\HidBatt.sys
20:34:02.0497 4568 HidBatt - ok
20:34:02.0528 4568 [ 7FD2A313F7AFE5C4DAB14798C48DD104 ] HidBth C:\windows\system32\drivers\hidbth.sys
20:34:02.0606 4568 HidBth - ok
20:34:02.0653 4568 [ 0A77D29F311B88CFAE3B13F9C1A73825 ] HidIr C:\windows\system32\drivers\hidir.sys
20:34:02.0700 4568 HidIr - ok
20:34:02.0746 4568 [ BD9EB3958F213F96B97B1D897DEE006D ] hidserv C:\windows\System32\hidserv.dll
20:34:02.0856 4568 hidserv - ok
20:34:02.0918 4568 [ 9592090A7E2B61CD582B612B6DF70536 ] HidUsb C:\windows\system32\DRIVERS\hidusb.sys
20:34:02.0949 4568 HidUsb - ok
20:34:02.0996 4568 [ 387E72E739E15E3D37907A86D9FF98E2 ] hkmsvc C:\windows\system32\kmsvc.dll
20:34:03.0136 4568 hkmsvc - ok
20:34:03.0199 4568 [ EFDFB3DD38A4376F93E7985173813ABD ] HomeGroupListener C:\windows\system32\ListSvc.dll
20:34:03.0308 4568 HomeGroupListener - ok
20:34:03.0355 4568 [ 908ACB1F594274965A53926B10C81E89 ] HomeGroupProvider C:\windows\system32\provsvc.dll
20:34:03.0495 4568 HomeGroupProvider - ok
20:34:03.0573 4568 [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC ] HpSAMD C:\windows\system32\drivers\HpSAMD.sys
20:34:03.0620 4568 HpSAMD - ok
20:34:03.0682 4568 [ 0EA7DE1ACB728DD5A369FD742D6EEE28 ] HTTP C:\windows\system32\drivers\HTTP.sys
20:34:03.0854 4568 HTTP - ok
20:34:03.0932 4568 [ A5462BD6884960C9DC85ED49D34FF392 ] hwpolicy C:\windows\system32\drivers\hwpolicy.sys
20:34:03.0963 4568 hwpolicy - ok
20:34:03.0994 4568 [ FA55C73D4AFFA7EE23AC4BE53B4592D3 ] i8042prt C:\windows\system32\DRIVERS\i8042prt.sys
20:34:04.0026 4568 i8042prt - ok
20:34:04.0088 4568 [ AAAF44DB3BD0B9D1FB6969B23ECC8366 ] iaStorV C:\windows\system32\drivers\iaStorV.sys
20:34:04.0135 4568 iaStorV - ok
20:34:04.0306 4568 [ 5988FC40F8DB5B0739CD1E3A5D0D78BD ] idsvc C:\windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
20:34:04.0353 4568 idsvc - ok
20:34:04.0416 4568 [ 5C18831C61933628F5BB0EA2675B9D21 ] iirsp C:\windows\system32\drivers\iirsp.sys
20:34:04.0462 4568 iirsp - ok
20:34:04.0525 4568 [ FCD84C381E0140AF901E58D48882D26B ] IKEEXT C:\windows\System32\ikeext.dll
20:34:04.0696 4568 IKEEXT - ok
20:34:04.0821 4568 [ 0A30A899C6295F908729EDA7F95615A8 ] IntcAzAudAddService C:\windows\system32\drivers\RTKVHD64.sys
20:34:05.0024 4568 IntcAzAudAddService - ok
20:34:05.0071 4568 [ F00F20E70C6EC3AA366910083A0518AA ] intelide C:\windows\system32\drivers\intelide.sys
20:34:05.0133 4568 intelide - ok
20:34:05.0180 4568 [ ADA036632C664CAA754079041CF1F8C1 ] intelppm C:\windows\system32\drivers\intelppm.sys
20:34:05.0258 4568 intelppm - ok
20:34:05.0289 4568 [ 098A91C54546A3B878DAD6A7E90A455B ] IPBusEnum C:\windows\system32\ipbusenum.dll
20:34:05.0414 4568 IPBusEnum - ok
20:34:05.0445 4568 [ C9F0E1BD74365A8771590E9008D22AB6 ] IpFilterDriver C:\windows\system32\DRIVERS\ipfltdrv.sys
20:34:05.0586 4568 IpFilterDriver - ok
20:34:05.0742 4568 [ 08C2957BB30058E663720C5606885653 ] iphlpsvc C:\windows\System32\iphlpsvc.dll
20:34:05.0851 4568 iphlpsvc - ok
20:34:05.0960 4568 [ 0FC1AEA580957AA8817B8F305D18CA3A ] IPMIDRV C:\windows\system32\drivers\IPMIDrv.sys
20:34:06.0038 4568 IPMIDRV - ok
20:34:06.0085 4568 [ AF9B39A7E7B6CAA203B3862582E9F2D0 ] IPNAT C:\windows\system32\drivers\ipnat.sys
20:34:06.0210 4568 IPNAT - ok
20:34:06.0241 4568 [ 3ABF5E7213EB28966D55D58B515D5CE9 ] IRENUM C:\windows\system32\drivers\irenum.sys
20:34:06.0319 4568 IRENUM - ok
20:34:06.0366 4568 [ 2F7B28DC3E1183E5EB418DF55C204F38 ] isapnp C:\windows\system32\drivers\isapnp.sys
20:34:06.0397 4568 isapnp - ok
20:34:06.0490 4568 [ D931D7309DEB2317035B07C9F9E6B0BD ] iScsiPrt C:\windows\system32\drivers\msiscsi.sys
20:34:06.0553 4568 iScsiPrt - ok
20:34:06.0615 4568 [ BC02336F1CBA7DCC7D1213BB588A68A5 ] kbdclass C:\windows\system32\DRIVERS\kbdclass.sys
20:34:06.0678 4568 kbdclass - ok
20:34:06.0709 4568 [ 0705EFF5B42A9DB58548EEC3B26BB484 ] kbdhid C:\windows\system32\drivers\kbdhid.sys
20:34:06.0771 4568 kbdhid - ok
20:34:06.0818 4568 [ C118A82CD78818C29AB228366EBF81C3 ] KeyIso C:\windows\system32\lsass.exe
20:34:06.0849 4568 KeyIso - ok
20:34:06.0896 4568 [ 97A7070AEA4C058B6418519E869A63B4 ] KSecDD C:\windows\system32\Drivers\ksecdd.sys
20:34:06.0927 4568 KSecDD - ok
20:34:06.0958 4568 [ 26C43A7C2862447EC59DEDA188D1DA07 ] KSecPkg C:\windows\system32\Drivers\ksecpkg.sys
20:34:06.0990 4568 KSecPkg - ok
20:34:07.0052 4568 [ 6869281E78CB31A43E969F06B57347C4 ] ksthunk C:\windows\system32\drivers\ksthunk.sys
20:34:07.0161 4568 ksthunk - ok
20:34:07.0286 4568 [ 6AB66E16AA859232F64DEB66887A8C9C ] KtmRm C:\windows\system32\msdtckrm.dll
20:34:07.0442 4568 KtmRm - ok
20:34:07.0489 4568 [ D9F42719019740BAA6D1C6D536CBDAA6 ] LanmanServer C:\windows\System32\srvsvc.dll
20:34:07.0660 4568 LanmanServer - ok
20:34:07.0723 4568 [ 851A1382EED3E3A7476DB004F4EE3E1A ] LanmanWorkstation C:\windows\System32\wkssvc.dll
20:34:07.0848 4568 LanmanWorkstation - ok
20:34:07.0926 4568 [ 1538831CF8AD2979A04C423779465827 ] lltdio C:\windows\system32\DRIVERS\lltdio.sys
20:34:08.0050 4568 lltdio - ok
20:34:08.0097 4568 [ C1185803384AB3FEED115F79F109427F ] lltdsvc C:\windows\System32\lltdsvc.dll
20:34:08.0238 4568 lltdsvc - ok
20:34:08.0284 4568 [ F993A32249B66C9D622EA5592A8B76B8 ] lmhosts C:\windows\System32\lmhsvc.dll
20:34:08.0378 4568 lmhosts - ok
20:34:08.0456 4568 [ 1A93E54EB0ECE102495A51266DCDB6A6 ] LSI_FC C:\windows\system32\drivers\lsi_fc.sys
20:34:08.0503 4568 LSI_FC - ok
20:34:08.0534 4568 [ 1047184A9FDC8BDBFF857175875EE810 ] LSI_SAS C:\windows\system32\drivers\lsi_sas.sys
20:34:08.0581 4568 LSI_SAS - ok
20:34:08.0612 4568 [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93 ] LSI_SAS2 C:\windows\system32\drivers\lsi_sas2.sys
20:34:08.0690 4568 LSI_SAS2 - ok
20:34:08.0721 4568 [ 0504EACAFF0D3C8AED161C4B0D369D4A ] LSI_SCSI C:\windows\system32\drivers\lsi_scsi.sys
20:34:08.0752 4568 LSI_SCSI - ok
20:34:08.0799 4568 [ 43D0F98E1D56CCDDB0D5254CFF7B356E ] luafv C:\windows\system32\drivers\luafv.sys
20:34:08.0908 4568 luafv - ok
20:34:08.0971 4568 [ 92EB844D90615CB266F84C3202B8786E ] MBAMProtector C:\windows\system32\drivers\mbam.sys
20:34:09.0018 4568 MBAMProtector - ok
20:34:09.0080 4568 [ 1ACAA67676E9E7BDA5E0C41B6E0DECAF ] MBAMScheduler C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
20:34:09.0111 4568 MBAMScheduler - ok
20:34:09.0189 4568 [ 916B8954AC3E06DC9E898AFFB41F3FB6 ] MBAMService C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
20:34:09.0236 4568 MBAMService - ok
20:34:09.0298 4568 [ 0BE09CD858ABF9DF6ED259D57A1A1663 ] Mcx2Svc C:\windows\system32\Mcx2Svc.dll
20:34:09.0408 4568 Mcx2Svc - ok
20:34:09.0439 4568 [ A55805F747C6EDB6A9080D7C633BD0F4 ] megasas C:\windows\system32\drivers\megasas.sys
20:34:09.0470 4568 megasas - ok
20:34:09.0548 4568 [ BAF74CE0072480C3B6B7C13B2A94D6B3 ] MegaSR C:\windows\system32\drivers\MegaSR.sys
20:34:09.0579 4568 MegaSR - ok
20:34:09.0626 4568 [ E40E80D0304A73E8D269F7141D77250B ] MMCSS C:\windows\system32\mmcss.dll
20:34:09.0844 4568 MMCSS - ok
20:34:09.0907 4568 [ 800BA92F7010378B09F9ED9270F07137 ] Modem C:\windows\system32\drivers\modem.sys
20:34:10.0016 4568 Modem - ok
20:34:10.0047 4568 [ B03D591DC7DA45ECE20B3B467E6AADAA ] monitor C:\windows\system32\DRIVERS\monitor.sys
20:34:10.0094 4568 monitor - ok
20:34:10.0141 4568 [ 7D27EA49F3C1F687D357E77A470AEA99 ] mouclass C:\windows\system32\DRIVERS\mouclass.sys
20:34:10.0172 4568 mouclass - ok
20:34:10.0219 4568 [ D3BF052C40B0C4166D9FD86A4288C1E6 ] mouhid C:\windows\system32\DRIVERS\mouhid.sys
20:34:10.0281 4568 mouhid - ok
20:34:10.0328 4568 [ 32E7A3D591D671A6DF2DB515A5CBE0FA ] mountmgr C:\windows\system32\drivers\mountmgr.sys
20:34:10.0390 4568 mountmgr - ok
20:34:10.0468 4568 [ F8A10560B35C66F9DE212F03DAD5BFA7 ] MpFilter C:\windows\system32\DRIVERS\MpFilter.sys
20:34:10.0562 4568 MpFilter - ok
20:34:10.0609 4568 [ A44B420D30BD56E145D6A2BC8768EC58 ] mpio C:\windows\system32\drivers\mpio.sys
20:34:10.0687 4568 mpio - ok
20:34:10.0890 4568 [ 0EBB390B7AEEC45EC061D9870A34FD42 ] MpKslb5551029 c:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{B1AD65C3-89D0-4093-9CC1-B3FC82BB674A}\MpKslb5551029.sys
20:34:10.0921 4568 MpKslb5551029 - ok
20:34:10.0968 4568 [ 6C38C9E45AE0EA2FA5E551F2ED5E978F ] mpsdrv C:\windows\system32\drivers\mpsdrv.sys
20:34:11.0092 4568 mpsdrv - ok
20:34:11.0170 4568 [ 54FFC9C8898113ACE189D4AA7199D2C1 ] MpsSvc C:\windows\system32\mpssvc.dll
20:34:11.0311 4568 MpsSvc - ok
20:34:11.0358 4568 [ DC722758B8261E1ABAFD31A3C0A66380 ] MRxDAV C:\windows\system32\drivers\mrxdav.sys
20:34:11.0436 4568 MRxDAV - ok
20:34:11.0482 4568 [ A5D9106A73DC88564C825D317CAC68AC ] mrxsmb C:\windows\system32\DRIVERS\mrxsmb.sys
20:34:11.0560 4568 mrxsmb - ok
20:34:11.0623 4568 [ D711B3C1D5F42C0C2415687BE09FC163 ] mrxsmb10 C:\windows\system32\DRIVERS\mrxsmb10.sys
20:34:11.0685 4568 mrxsmb10 - ok
20:34:11.0732 4568 [ 9423E9D355C8D303E76B8CFBD8A5C30C ] mrxsmb20 C:\windows\system32\DRIVERS\mrxsmb20.sys
20:34:11.0810 4568 mrxsmb20 - ok
20:34:11.0857 4568 [ C25F0BAFA182CBCA2DD3C851C2E75796 ] msahci C:\windows\system32\drivers\msahci.sys
20:34:11.0888 4568 msahci - ok
20:34:11.0919 4568 [ DB801A638D011B9633829EB6F663C900 ] msdsm C:\windows\system32\drivers\msdsm.sys
20:34:11.0950 4568 msdsm - ok
20:34:11.0997 4568 [ DE0ECE52236CFA3ED2DBFC03F28253A8 ] MSDTC C:\windows\System32\msdtc.exe
20:34:12.0044 4568 MSDTC - ok
20:34:12.0106 4568 [ AA3FB40E17CE1388FA1BEDAB50EA8F96 ] Msfs C:\windows\system32\drivers\Msfs.sys
20:34:12.0200 4568 Msfs - ok
20:34:12.0231 4568 [ F9D215A46A8B9753F61767FA72A20326 ] mshidkmdf C:\windows\System32\drivers\mshidkmdf.sys
20:34:12.0325 4568 mshidkmdf - ok
20:34:12.0356 4568 [ D916874BBD4F8B07BFB7FA9B3CCAE29D ] msisadrv C:\windows\system32\drivers\msisadrv.sys
20:34:12.0387 4568 msisadrv - ok
20:34:12.0434 4568 [ 808E98FF49B155C522E6400953177B08 ] MSiSCSI C:\windows\system32\iscsiexe.dll
20:34:12.0559 4568 MSiSCSI - ok
20:34:12.0574 4568 msiserver - ok
20:34:12.0606 4568 [ 49CCF2C4FEA34FFAD8B1B59D49439366 ] MSKSSRV C:\windows\system32\drivers\MSKSSRV.sys
20:34:12.0762 4568 MSKSSRV - ok
20:34:12.0855 4568 [ E07DEC52FF801841BA9B6878A60304FB ] MsMpSvc c:\Program Files\Microsoft Security Client\MsMpEng.exe
20:34:12.0871 4568 MsMpSvc - ok
20:34:12.0933 4568 [ BDD71ACE35A232104DDD349EE70E1AB3 ] MSPCLOCK C:\windows\system32\drivers\MSPCLOCK.sys
20:34:13.0074 4568 MSPCLOCK - ok
20:34:13.0105 4568 [ 4ED981241DB27C3383D72092B618A1D0 ] MSPQM C:\windows\system32\drivers\MSPQM.sys
20:34:13.0261 4568 MSPQM - ok
20:34:13.0308 4568 [ 759A9EEB0FA9ED79DA1FB7D4EF78866D ] MsRPC C:\windows\system32\drivers\MsRPC.sys
20:34:13.0370 4568 MsRPC - ok
20:34:13.0417 4568 [ 0EED230E37515A0EAEE3C2E1BC97B288 ] mssmbios C:\windows\system32\DRIVERS\mssmbios.sys
20:34:13.0479 4568 mssmbios - ok
20:34:13.0510 4568 [ 2E66F9ECB30B4221A318C92AC2250779 ] MSTEE C:\windows\system32\drivers\MSTEE.sys
20:34:13.0822 4568 MSTEE - ok
20:34:13.0854 4568 [ 7EA404308934E675BFFDE8EDF0757BCD ] MTConfig C:\windows\system32\drivers\MTConfig.sys
20:34:13.0900 4568 MTConfig - ok
20:34:13.0978 4568 [ F9A18612FD3526FE473C1BDA678D61C8 ] Mup C:\windows\system32\Drivers\mup.sys
20:34:14.0010 4568 Mup - ok
20:34:14.0072 4568 [ 582AC6D9873E31DFA28A4547270862DD ] napagent C:\windows\system32\qagentRT.dll
20:34:14.0197 4568 napagent - ok
20:34:14.0322 4568 [ 1EA3749C4114DB3E3161156FFFFA6B33 ] NativeWifiP C:\windows\system32\DRIVERS\nwifi.sys
20:34:14.0384 4568 NativeWifiP - ok
20:34:14.0462 4568 [ 760E38053BF56E501D562B70AD796B88 ] NDIS C:\windows\system32\drivers\ndis.sys
20:34:14.0540 4568 NDIS - ok
20:34:14.0587 4568 [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC ] NdisCap C:\windows\system32\DRIVERS\ndiscap.sys
20:34:14.0696 4568 NdisCap - ok
20:34:14.0727 4568 [ 30639C932D9FEF22B31268FE25A1B6E5 ] NdisTapi C:\windows\system32\DRIVERS\ndistapi.sys
20:34:14.0836 4568 NdisTapi - ok
20:34:14.0868 4568 [ 136185F9FB2CC61E573E676AA5402356 ] Ndisuio C:\windows\system32\DRIVERS\ndisuio.sys
20:34:15.0039 4568 Ndisuio - ok
20:34:15.0102 4568 [ 53F7305169863F0A2BDDC49E116C2E11 ] NdisWan C:\windows\system32\DRIVERS\ndiswan.sys
20:34:15.0195 4568 NdisWan - ok
20:34:15.0226 4568 [ 015C0D8E0E0421B4CFD48CFFE2825879 ] NDProxy C:\windows\system32\drivers\NDProxy.sys
20:34:15.0336 4568 NDProxy - ok
20:34:15.0367 4568 [ 86743D9F5D2B1048062B14B1D84501C4 ] NetBIOS C:\windows\system32\DRIVERS\netbios.sys
20:34:15.0507 4568 NetBIOS - ok
20:34:15.0570 4568 [ 09594D1089C523423B32A4229263F068 ] NetBT C:\windows\system32\DRIVERS\netbt.sys
20:34:15.0679 4568 NetBT - ok
20:34:15.0710 4568 [ C118A82CD78818C29AB228366EBF81C3 ] Netlogon C:\windows\system32\lsass.exe
20:34:15.0757 4568 Netlogon - ok
20:34:15.0804 4568 [ 847D3AE376C0817161A14A82C8922A9E ] Netman C:\windows\System32\netman.dll
20:34:15.0928 4568 Netman - ok
20:34:15.0991 4568 [ 5F28111C648F1E24F7DBC87CDEB091B8 ] netprofm C:\windows\System32\netprofm.dll
20:34:16.0116 4568 netprofm - ok
20:34:16.0162 4568 [ 3E5A36127E201DDF663176B66828FAFE ] NetTcpPortSharing C:\windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe
20:34:16.0209 4568 NetTcpPortSharing - ok
20:34:16.0272 4568 [ 77889813BE4D166CDAB78DDBA990DA92 ] nfrd960 C:\windows\system32\drivers\nfrd960.sys
20:34:16.0303 4568 nfrd960 - ok
20:34:16.0381 4568 [ 162100E0BC8377710F9D170631921C03 ] NisDrv C:\windows\system32\DRIVERS\NisDrvWFP.sys
20:34:16.0428 4568 NisDrv - ok
20:34:16.0459 4568 [ C6E15F2F95F9C0A6098D43510B604E52 ] NisSrv c:\Program Files\Microsoft Security Client\NisSrv.exe
20:34:16.0506 4568 NisSrv - ok
20:34:16.0552 4568 [ 8AD77806D336673F270DB31645267293 ] NlaSvc C:\windows\System32\nlasvc.dll
20:34:16.0599 4568 NlaSvc - ok
20:34:16.0662 4568 [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7 ] Npfs C:\windows\system32\drivers\Npfs.sys
20:34:16.0771 4568 Npfs - ok
20:34:16.0849 4568 [ D54BFDF3E0C953F823B3D0BFE4732528 ] nsi C:\windows\system32\nsisvc.dll
20:34:16.0958 4568 nsi - ok
20:34:17.0005 4568 [ E7F5AE18AF4168178A642A9247C63001 ] nsiproxy C:\windows\system32\drivers\nsiproxy.sys
20:34:17.0130 4568 nsiproxy - ok
20:34:17.0348 4568 [ E453ACF4E7D44E5530B5D5F2B9CA8563 ] Ntfs C:\windows\system32\drivers\Ntfs.sys
20:34:17.0473 4568 Ntfs - ok
20:34:17.0520 4568 [ 9899284589F75FA8724FF3D16AED75C1 ] Null C:\windows\system32\drivers\Null.sys
20:34:17.0644 4568 Null - ok
20:34:17.0722 4568 [ 0A92CB65770442ED0DC44834632F66AD ] nvraid C:\windows\system32\drivers\nvraid.sys
20:34:17.0754 4568 nvraid - ok
20:34:17.0832 4568 [ DAB0E87525C10052BF65F06152F37E4A ] nvstor C:\windows\system32\drivers\nvstor.sys
20:34:17.0894 4568 nvstor - ok
20:34:17.0925 4568 [ 270D7CD42D6E3979F6DD0146650F0E05 ] nv_agp C:\windows\system32\drivers\nv_agp.sys
20:34:17.0956 4568 nv_agp - ok
20:34:18.0003 4568 [ 3589478E4B22CE21B41FA1BFC0B8B8A0 ] ohci1394 C:\windows\system32\drivers\ohci1394.sys
20:34:18.0034 4568 ohci1394 - ok
20:34:18.0097 4568 [ 9D10F99A6712E28F8ACD5641E3A7EA6B ] ose C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
20:34:18.0128 4568 ose - ok
20:34:18.0378 4568 [ 61BFFB5F57AD12F83AB64B7181829B34 ] osppsvc C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
20:34:18.0690 4568 osppsvc - ok
20:34:18.0768 4568 [ 3EAC4455472CC2C97107B5291E0DCAFE ] p2pimsvc C:\windows\system32\pnrpsvc.dll
20:34:18.0861 4568 p2pimsvc - ok
20:34:18.0955 4568 [ 927463ECB02179F88E4B9A17568C63C3 ] p2psvc C:\windows\system32\p2psvc.dll
20:34:19.0002 4568 p2psvc - ok
20:34:19.0048 4568 [ 0086431C29C35BE1DBC43F52CC273887 ] Parport C:\windows\system32\drivers\parport.sys
20:34:19.0080 4568 Parport - ok
20:34:19.0126 4568 [ E9766131EEADE40A27DC27D2D68FBA9C ] partmgr C:\windows\system32\drivers\partmgr.sys
20:34:19.0173 4568 partmgr - ok
20:34:19.0236 4568 [ 3AEAA8B561E63452C655DC0584922257 ] PcaSvc C:\windows\System32\pcasvc.dll
20:34:19.0314 4568 PcaSvc - ok
20:34:19.0376 4568 [ 94575C0571D1462A0F70BDE6BD6EE6B3 ] pci C:\windows\system32\drivers\pci.sys
20:34:19.0407 4568 pci - ok
20:34:19.0438 4568 [ B5B8B5EF2E5CB34DF8DCF8831E3534FA ] pciide C:\windows\system32\DRIVERS\pciide.sys
20:34:19.0485 4568 pciide - ok
20:34:19.0516 4568 [ B2E81D4E87CE48589F98CB8C05B01F2F ] pcmcia C:\windows\system32\drivers\pcmcia.sys
20:34:19.0594 4568 pcmcia - ok
20:34:19.0657 4568 [ D6B9C2E1A11A3A4B26A182FFEF18F603 ] pcw C:\windows\system32\drivers\pcw.sys
20:34:19.0688 4568 pcw - ok
20:34:19.0750 4568 [ 68769C3356B3BE5D1C732C97B9A80D6E ] PEAUTH C:\windows\system32\drivers\peauth.sys
20:34:19.0891 4568 PEAUTH - ok
20:34:20.0016 4568 [ E495E408C93141E8FC72DC0C6046DDFA ] PerfHost C:\windows\SysWow64\perfhost.exe
20:34:20.0062 4568 PerfHost - ok
20:34:20.0140 4568 [ 91111CEBBDE8015E822C46120ED9537C ] PGEffect C:\windows\system32\DRIVERS\pgeffect.sys
20:34:20.0172 4568 PGEffect - ok
20:34:20.0250 4568 [ C7CF6A6E137463219E1259E3F0F0DD6C ] pla C:\windows\system32\pla.dll
20:34:20.0406 4568 pla - ok
20:34:20.0530 4568 [ 25FBDEF06C4D92815B353F6E792C8129 ] PlugPlay C:\windows\system32\umpnpmgr.dll
20:34:20.0593 4568 PlugPlay - ok
20:34:20.0655 4568 [ 7195581CEC9BB7D12ABE54036ACC2E38 ] PNRPAutoReg C:\windows\system32\pnrpauto.dll
20:34:20.0702 4568 PNRPAutoReg - ok
20:34:20.0780 4568 [ 3EAC4455472CC2C97107B5291E0DCAFE ] PNRPsvc C:\windows\system32\pnrpsvc.dll
20:34:20.0811 4568 PNRPsvc - ok
20:34:20.0889 4568 [ 4F15D75ADF6156BF56ECED6D4A55C389 ] PolicyAgent C:\windows\System32\ipsecsvc.dll
20:34:21.0154 4568 PolicyAgent - ok
20:34:21.0201 4568 [ 6BA9D927DDED70BD1A9CADED45F8B184 ] Power C:\windows\system32\umpo.dll
20:34:21.0310 4568 Power - ok
20:34:21.0373 4568 [ F92A2C41117A11A00BE01CA01A7FCDE9 ] PptpMiniport C:\windows\system32\DRIVERS\raspptp.sys
20:34:21.0482 4568 PptpMiniport - ok
20:34:21.0529 4568 [ 0D922E23C041EFB1C3FAC2A6F943C9BF ] Processor C:\windows\system32\drivers\processr.sys
20:34:21.0638 4568 Processor - ok
20:34:21.0700 4568 [ 53E83F1F6CF9D62F32801CF66D8352A8 ] ProfSvc C:\windows\system32\profsvc.dll
20:34:21.0794 4568 ProfSvc - ok
20:34:21.0856 4568 [ C118A82CD78818C29AB228366EBF81C3 ] ProtectedStorage C:\windows\system32\lsass.exe
20:34:21.0888 4568 ProtectedStorage - ok
20:34:21.0919 4568 [ 0557CF5A2556BD58E26384169D72438D ] Psched C:\windows\system32\DRIVERS\pacer.sys
20:34:22.0028 4568 Psched - ok
20:34:22.0122 4568 [ A53A15A11EBFD21077463EE2C7AFEEF0 ] ql2300 C:\windows\system32\drivers\ql2300.sys
20:34:22.0215 4568 ql2300 - ok
20:34:22.0278 4568 [ 4F6D12B51DE1AAEFF7DC58C4D75423C8 ] ql40xx C:\windows\system32\drivers\ql40xx.sys
20:34:22.0309 4568 ql40xx - ok
20:34:22.0356 4568 [ 906191634E99AEA92C4816150BDA3732 ] QWAVE C:\windows\system32\qwave.dll
20:34:22.0418 4568 QWAVE - ok
20:34:22.0449 4568 [ 76707BB36430888D9CE9D705398ADB6C ] QWAVEdrv C:\windows\system32\drivers\qwavedrv.sys
20:34:22.0512 4568 QWAVEdrv - ok
20:34:22.0558 4568 [ 5A0DA8AD5762FA2D91678A8A01311704 ] RasAcd C:\windows\system32\DRIVERS\rasacd.sys
20:34:22.0668 4568 RasAcd - ok
20:34:22.0714 4568 [ 7ECFF9B22276B73F43A99A15A6094E90 ] RasAgileVpn C:\windows\system32\DRIVERS\AgileVpn.sys
20:34:22.0824 4568 RasAgileVpn - ok
20:34:22.0870 4568 [ 8F26510C5383B8DBE976DE1CD00FC8C7 ] RasAuto C:\windows\System32\rasauto.dll
20:34:23.0011 4568 RasAuto - ok
20:34:23.0073 4568 [ 471815800AE33E6F1C32FB1B97C490CA ] Rasl2tp C:\windows\system32\DRIVERS\rasl2tp.sys
20:34:23.0198 4568 Rasl2tp - ok
20:34:23.0323 4568 [ EE867A0870FC9E4972BA9EAAD35651E2 ] RasMan C:\windows\System32\rasmans.dll
20:34:23.0416 4568 RasMan - ok
20:34:23.0448 4568 [ 855C9B1CD4756C5E9A2AA58A15F58C25 ] RasPppoe C:\windows\system32\DRIVERS\raspppoe.sys
20:34:23.0572 4568 RasPppoe - ok
20:34:23.0619 4568 [ E8B1E447B008D07FF47D016C2B0EEECB ] RasSstp C:\windows\system32\DRIVERS\rassstp.sys
20:34:23.0744 4568 RasSstp - ok
20:34:23.0806 4568 [ 77F665941019A1594D887A74F301FA2F ] rdbss C:\windows\system32\DRIVERS\rdbss.sys
20:34:23.0931 4568 rdbss - ok
20:34:23.0962 4568 [ 302DA2A0539F2CF54D7C6CC30C1F2D8D ] rdpbus C:\windows\system32\drivers\rdpbus.sys
20:34:24.0025 4568 rdpbus - ok
20:34:24.0056 4568 [ CEA6CC257FC9B7715F1C2B4849286D24 ] RDPCDD C:\windows\system32\DRIVERS\RDPCDD.sys
20:34:24.0165 4568 RDPCDD - ok
20:34:24.0196 4568 [ BB5971A4F00659529A5C44831AF22365 ] RDPENCDD C:\windows\system32\drivers\rdpencdd.sys
20:34:24.0352 4568 RDPENCDD - ok
20:34:24.0415 4568 [ 216F3FA57533D98E1F74DED70113177A ] RDPREFMP C:\windows\system32\drivers\rdprefmp.sys
20:34:24.0571 4568 RDPREFMP - ok
20:34:24.0618 4568 [ E61608AA35E98999AF9AAEEEA6114B0A ] RDPWD C:\windows\system32\drivers\RDPWD.sys
20:34:24.0680 4568 RDPWD - ok
20:34:24.0742 4568 [ 34ED295FA0121C241BFEF24764FC4520 ] rdyboost C:\windows\system32\drivers\rdyboost.sys
20:34:24.0789 4568 rdyboost - ok
20:34:24.0836 4568 [ 254FB7A22D74E5511C73A3F6D802F192 ] RemoteAccess C:\windows\System32\mprdim.dll
20:34:24.0976 4568 RemoteAccess - ok
20:34:25.0039 4568 [ E4D94F24081440B5FC5AA556C7C62702 ] RemoteRegistry C:\windows\system32\regsvc.dll
20:34:25.0148 4568 RemoteRegistry - ok
20:34:25.0210 4568 [ E4DC58CF7B3EA515AE917FF0D402A7BB ] RpcEptMapper C:\windows\System32\RpcEpMap.dll
20:34:25.0320 4568 RpcEptMapper - ok
20:34:25.0366 4568 [ D5BA242D4CF8E384DB90E6A8ED850B8C ] RpcLocator C:\windows\system32\locator.exe
20:34:25.0429 4568 RpcLocator - ok
20:34:25.0476 4568 [ 5C627D1B1138676C0A7AB2C2C190D123 ] RpcSs C:\windows\System32\rpcss.dll
20:34:25.0585 4568 RpcSs - ok
20:34:25.0632 4568 [ DDC86E4F8E7456261E637E3552E804FF ] rspndr C:\windows\system32\DRIVERS\rspndr.sys
20:34:25.0834 4568 rspndr - ok
20:34:25.0897 4568 [ 36FCA0C67BCDC0DA047F5F36743B5CB9 ] RSUSBVSTOR C:\windows\system32\Drivers\RtsUVStor.sys
20:34:25.0944 4568 RSUSBVSTOR - ok
20:34:26.0037 4568 [ E50CFB92986DCAB49DE93788FD695813 ] RTL8167 C:\windows\system32\DRIVERS\Rt64win7.sys
20:34:26.0100 4568 RTL8167 - ok
20:34:26.0178 4568 [ 513338976B722822B555D739D78F9E9F ] RTL8192Ce C:\windows\system32\DRIVERS\rtl8192Ce.sys
20:34:26.0271 4568 RTL8192Ce - ok
20:34:26.0302 4568 [ C118A82CD78818C29AB228366EBF81C3 ] SamSs C:\windows\system32\lsass.exe
20:34:26.0443 4568 SamSs - ok
20:34:26.0490 4568 [ AC03AF3329579FFFB455AA2DAABBE22B ] sbp2port C:\windows\system32\drivers\sbp2port.sys
20:34:26.0614 4568 sbp2port - ok
20:34:26.0661 4568 [ 9B7395789E3791A3B6D000FE6F8B131E ] SCardSvr C:\windows\System32\SCardSvr.dll
20:34:26.0786 4568 SCardSvr - ok
20:34:26.0833 4568 [ 253F38D0D7074C02FF8DEB9836C97D2B ] scfilter C:\windows\system32\DRIVERS\scfilter.sys
20:34:26.0958 4568 scfilter - ok
20:34:27.0098 4568 [ 262F6592C3299C005FD6BEC90FC4463A ] Schedule C:\windows\system32\schedsvc.dll
20:34:27.0238 4568 Schedule - ok
20:34:27.0285 4568 [ F17D1D393BBC69C5322FBFAFACA28C7F ] SCPolicySvc C:\windows\System32\certprop.dll
20:34:27.0379 4568 SCPolicySvc - ok
20:34:27.0426 4568 [ 6EA4234DC55346E0709560FE7C2C1972 ] SDRSVC C:\windows\System32\SDRSVC.dll
20:34:27.0472 4568 SDRSVC - ok
20:34:27.0535 4568 [ 3EA8A16169C26AFBEB544E0E48421186 ] secdrv C:\windows\system32\drivers\secdrv.sys
20:34:27.0644 4568 secdrv - ok
20:34:27.0675 4568 [ BC617A4E1B4FA8DF523A061739A0BD87 ] seclogon C:\windows\system32\seclogon.dll
20:34:27.0769 4568 seclogon - ok
20:34:27.0847 4568 [ C32AB8FA018EF34C0F113BD501436D21 ] SENS C:\windows\system32\sens.dll
20:34:27.0972 4568 SENS - ok
20:34:28.0003 4568 [ 0336CFFAFAAB87A11541F1CF1594B2B2 ] SensrSvc C:\windows\system32\sensrsvc.dll
20:34:28.0096 4568 SensrSvc - ok
20:34:28.0237 4568 [ CB624C0035412AF0DEBEC78C41F5CA1B ] Serenum C:\windows\system32\drivers\serenum.sys
20:34:28.0330 4568 Serenum - ok
20:34:28.0346 4568 [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6 ] Serial C:\windows\system32\drivers\serial.sys
20:34:28.0424 4568 Serial - ok
20:34:28.0471 4568 [ 1C545A7D0691CC4A027396535691C3E3 ] sermouse C:\windows\system32\drivers\sermouse.sys
20:34:28.0549 4568 sermouse - ok
20:34:28.0627 4568 [ 0B6231BF38174A1628C4AC812CC75804 ] SessionEnv C:\windows\system32\sessenv.dll
20:34:28.0752 4568 SessionEnv - ok
20:34:28.0783 4568 [ A554811BCD09279536440C964AE35BBF ] sffdisk C:\windows\system32\drivers\sffdisk.sys
20:34:28.0876 4568 sffdisk - ok
20:34:28.0939 4568 [ FF414F0BAEFEBA59BC6C04B3DB0B87BF ] sffp_mmc C:\windows\system32\drivers\sffp_mmc.sys
20:34:29.0001 4568 sffp_mmc - ok
20:34:29.0032 4568 [ DD85B78243A19B59F0637DCF284DA63C ] sffp_sd C:\windows\system32\drivers\sffp_sd.sys
20:34:29.0157 4568 sffp_sd - ok
20:34:29.0204 4568 [ A9D601643A1647211A1EE2EC4E433FF4 ] sfloppy C:\windows\system32\drivers\sfloppy.sys
20:34:29.0251 4568 sfloppy - ok
20:34:29.0360 4568 [ B95F6501A2F8B2E78C697FEC401970CE ] SharedAccess C:\windows\System32\ipnathlp.dll
20:34:29.0454 4568 SharedAccess - ok
20:34:29.0547 4568 [ AAF932B4011D14052955D4B212A4DA8D ] ShellHWDetection C:\windows\System32\shsvcs.dll
20:34:29.0656 4568 ShellHWDetection - ok
20:34:29.0703 4568 [ 843CAF1E5FDE1FFD5FF768F23A51E2E1 ] SiSRaid2 C:\windows\system32\drivers\SiSRaid2.sys
20:34:29.0719 4568 SiSRaid2 - ok
20:34:29.0766 4568 [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4 ] SiSRaid4 C:\windows\system32\drivers\sisraid4.sys
20:34:29.0812 4568 SiSRaid4 - ok
20:34:29.0844 4568 [ 548260A7B8654E024DC30BF8A7C5BAA4 ] Smb C:\windows\system32\DRIVERS\smb.sys
20:34:29.0984 4568 Smb - ok
20:34:30.0062 4568 [ 6313F223E817CC09AA41811DAA7F541D ] SNMPTRAP C:\windows\System32\snmptrap.exe
20:34:30.0109 4568 SNMPTRAP - ok
20:34:30.0140 4568 [ B9E31E5CACDFE584F34F730A677803F9 ] spldr C:\windows\system32\drivers\spldr.sys
20:34:30.0171 4568 spldr - ok
20:34:30.0280 4568 [ 85DAA09A98C9286D4EA2BA8D0E644377 ] Spooler C:\windows\System32\spoolsv.exe
20:34:30.0343 4568 Spooler - ok
20:34:30.0468 4568 [ E17E0188BB90FAE42D83E98707EFA59C ] sppsvc C:\windows\system32\sppsvc.exe
20:34:30.0655 4568 sppsvc - ok
20:34:30.0702 4568 [ 93D7D61317F3D4BC4F4E9F8A96A7DE45 ] sppuinotify C:\windows\system32\sppuinotify.dll
20:34:30.0811 4568 sppuinotify - ok
20:34:30.0904 4568 [ 441FBA48BFF01FDB9D5969EBC1838F0B ] srv C:\windows\system32\DRIVERS\srv.sys
20:34:31.0014 4568 srv - ok
20:34:31.0092 4568 [ B4ADEBBF5E3677CCE9651E0F01F7CC28 ] srv2 C:\windows\system32\DRIVERS\srv2.sys
20:34:31.0170 4568 srv2 - ok
20:34:31.0216 4568 [ 27E461F0BE5BFF5FC737328F749538C3 ] srvnet C:\windows\system32\DRIVERS\srvnet.sys
20:34:31.0248 4568 srvnet - ok
20:34:31.0341 4568 [ 51B52FBD583CDE8AA9BA62B8B4298F33 ] SSDPSRV C:\windows\System32\ssdpsrv.dll
20:34:31.0450 4568 SSDPSRV - ok
20:34:31.0482 4568 [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB ] SstpSvc C:\windows\system32\sstpsvc.dll
20:34:31.0622 4568 SstpSvc - ok
20:34:31.0684 4568 [ F3817967ED533D08327DC73BC4D5542A ] stexstor C:\windows\system32\drivers\stexstor.sys
20:34:31.0731 4568 stexstor - ok
20:34:31.0809 4568 [ 8DD52E8E6128F4B2DA92CE27402871C1 ] stisvc C:\windows\System32\wiaservc.dll
20:34:31.0856 4568 stisvc - ok
20:34:31.0903 4568 [ D01EC09B6711A5F8E7E6564A4D0FBC90 ] swenum C:\windows\system32\DRIVERS\swenum.sys
20:34:31.0934 4568 swenum - ok
20:34:32.0028 4568 [ E08E46FDD841B7184194011CA1955A0B ] swprv C:\windows\System32\swprv.dll
20:34:32.0262 4568 swprv - ok
20:34:32.0340 4568 [ 06D602A637E171E151853F1D8ECD34F1 ] SynTP C:\windows\system32\DRIVERS\SynTP.sys
20:34:32.0527 4568 SynTP - ok
20:34:32.0636 4568 [ BF9CCC0BF39B418C8D0AE8B05CF95B7D ] SysMain C:\windows\system32\sysmain.dll
20:34:32.0870 4568 SysMain - ok
20:34:32.0917 4568 [ E3C61FD7B7C2557E1F1B0B4CEC713585 ] TabletInputService C:\windows\System32\TabSvc.dll
20:34:32.0995 4568 TabletInputService - ok
20:34:33.0042 4568 [ 40F0849F65D13EE87B9A9AE3C1DD6823 ] TapiSrv C:\windows\System32\tapisrv.dll
20:34:33.0229 4568 TapiSrv - ok
20:34:33.0244 4568 [ 1BE03AC720F4D302EA01D40F588162F6 ] TBS C:\windows\System32\tbssvc.dll
20:34:33.0338 4568 TBS - ok
20:34:33.0432 4568 [ B62A953F2BF3922C8764A29C34A22899 ] Tcpip C:\windows\system32\drivers\tcpip.sys
20:34:33.0556 4568 Tcpip - ok
20:34:33.0666 4568 [ B62A953F2BF3922C8764A29C34A22899 ] TCPIP6 C:\windows\system32\DRIVERS\tcpip.sys
20:34:33.0759 4568 TCPIP6 - ok
20:34:33.0837 4568 [ 1B16D0BD9841794A6E0CDE0CEF744ABC ] tcpipreg C:\windows\system32\drivers\tcpipreg.sys
20:34:33.0868 4568 tcpipreg - ok
20:34:33.0931 4568 [ FD542B661BD22FA69CA789AD0AC58C29 ] tdcmdpst C:\windows\system32\DRIVERS\tdcmdpst.sys
20:34:33.0962 4568 tdcmdpst - ok
20:34:34.0024 4568 [ 3371D21011695B16333A3934340C4E7C ] TDPIPE C:\windows\system32\drivers\tdpipe.sys
20:34:34.0087 4568 TDPIPE - ok
20:34:34.0149 4568 [ 51C5ECEB1CDEE2468A1748BE550CFBC8 ] TDTCP C:\windows\system32\drivers\tdtcp.sys
20:34:34.0196 4568 TDTCP - ok
20:34:34.0227 4568 [ DDAD5A7AB24D8B65F8D724F5C20FD806 ] tdx C:\windows\system32\DRIVERS\tdx.sys
20:34:34.0336 4568 tdx - ok
20:34:34.0383 4568 [ 561E7E1F06895D78DE991E01DD0FB6E5 ] TermDD C:\windows\system32\DRIVERS\termdd.sys
20:34:34.0492 4568 TermDD - ok
20:34:34.0539 4568 [ 2E648163254233755035B46DD7B89123 ] TermService C:\windows\System32\termsrv.dll
20:34:34.0695 4568 TermService - ok
20:34:34.0758 4568 [ F0344071948D1A1FA732231785A0664C ] Themes C:\windows\system32\themeservice.dll
20:34:34.0898 4568 Themes - ok
20:34:34.0945 4568 [ 7F35CA8296A52C7161088EB1D952E8ED ] Thpdrv C:\windows\system32\DRIVERS\thpdrv.sys
20:34:35.0023 4568 Thpdrv - ok
20:34:35.0054 4568 [ B4E609047434ED948AF7BDEF2FA66E38 ] Thpevm C:\windows\system32\DRIVERS\Thpevm.SYS
20:34:35.0148 4568 Thpevm - ok
20:34:35.0304 4568 [ 0B4734AE9EC70B843DF02E7B1C056377 ] Thpsrv C:\windows\system32\ThpSrv.exe
20:34:35.0350 4568 Thpsrv ( UnsignedFile.Multi.Generic ) - warning
20:34:35.0350 4568 Thpsrv - detected UnsignedFile.Multi.Generic (1)
20:34:35.0366 4568 [ E40E80D0304A73E8D269F7141D77250B ] THREADORDER C:\windows\system32\mmcss.dll
20:34:35.0460 4568 THREADORDER - ok
20:34:35.0584 4568 [ 71C321649B28638EE80A2EEB164C1DC8 ] TMachInfo C:\Program Files (x86)\TOSHIBA\TOSHIBA Service Station\TMachInfo.exe
20:34:35.0631 4568 TMachInfo - ok
20:34:35.0678 4568 [ 8E2C799D3476EAC32C3BA0DF7CE6AF19 ] TODDSrv C:\windows\system32\TODDSrv.exe
20:34:35.0709 4568 TODDSrv - ok
20:34:35.0834 4568 [ 1C73689B900428C7D054A41C4687F55C ] TosCoSrv C:\Program Files\TOSHIBA\Power Saver\TosCoSrv.exe
20:34:35.0881 4568 TosCoSrv - ok
20:34:35.0928 4568 [ 29D0886CF250FCEF1BF9E65AB8D2C0C8 ] TOSHIBA HDD SSD Alert Service C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSmartSrv.exe
20:34:35.0959 4568 TOSHIBA HDD SSD Alert Service - ok
20:34:36.0021 4568 [ 7E7AFD841694F6AC397E99D75CEAD49D ] TrkWks C:\windows\System32\trkwks.dll
20:34:36.0130 4568 TrkWks - ok
20:34:36.0208 4568 [ 773212B2AAA24C1E31F10246B15B276C ] TrustedInstaller C:\windows\servicing\TrustedInstaller.exe
20:34:36.0318 4568 TrustedInstaller - ok
20:34:36.0364 4568 [ CE18B2CDFC837C99E5FAE9CA6CBA5D30 ] tssecsrv C:\windows\system32\DRIVERS\tssecsrv.sys
20:34:36.0474 4568 tssecsrv - ok
20:34:36.0505 4568 [ D11C783E3EF9A3C52C0EBE83CC5000E9 ] TsUsbFlt C:\windows\system32\drivers\tsusbflt.sys
20:34:36.0583 4568 TsUsbFlt - ok
20:34:36.0630 4568 [ 9CC2CCAE8A84820EAECB886D477CBCB8 ] TsUsbGD C:\windows\system32\drivers\TsUsbGD.sys
20:34:36.0754 4568 TsUsbGD - ok
20:34:36.0801 4568 [ 3566A8DAAFA27AF944F5D705EAA64894 ] tunnel C:\windows\system32\DRIVERS\tunnel.sys
20:34:36.0895 4568 tunnel - ok
20:34:36.0942 4568 [ 550B567F9364D8F7684C3FB3EA665A72 ] TVALZ C:\windows\system32\DRIVERS\TVALZ_O.SYS
20:34:36.0957 4568 TVALZ - ok
20:34:37.0004 4568 [ B4DD609BD7E282BFC683CEC7EAAAAD67 ] uagp35 C:\windows\system32\drivers\uagp35.sys
20:34:37.0035 4568 uagp35 - ok
20:34:37.0082 4568 [ FF4232A1A64012BAA1FD97C7B67DF593 ] udfs C:\windows\system32\DRIVERS\udfs.sys
20:34:37.0191 4568 udfs - ok
20:34:37.0254 4568 [ 3CBDEC8D06B9968ABA702EBA076364A1 ] UI0Detect C:\windows\system32\UI0Detect.exe
20:34:37.0285 4568 UI0Detect - ok
20:34:37.0347 4568 [ 4BFE1BC28391222894CBF1E7D0E42320 ] uliagpkx C:\windows\system32\drivers\uliagpkx.sys
20:34:37.0363 4568 uliagpkx - ok
20:34:37.0394 4568 [ DC54A574663A895C8763AF0FA1FF7561 ] umbus C:\windows\system32\DRIVERS\umbus.sys
20:34:37.0441 4568 umbus - ok
20:34:37.0488 4568 [ B2E8E8CB557B156DA5493BBDDCC1474D ] UmPass C:\windows\system32\drivers\umpass.sys
20:34:37.0550 4568 UmPass - ok
20:34:37.0690 4568 [ D47EC6A8E81633DD18D2436B19BAF6DE ] upnphost C:\windows\System32\upnphost.dll
20:34:37.0831 4568 upnphost - ok
20:34:37.0909 4568 [ 6F1A3157A1C89435352CEB543CDB359C ] usbccgp C:\windows\system32\DRIVERS\usbccgp.sys
20:34:37.0987 4568 usbccgp - ok
20:34:38.0034 4568 [ AF0892A803FDDA7492F595368E3B68E7 ] usbcir C:\windows\system32\drivers\usbcir.sys
20:34:38.0080 4568 usbcir - ok
20:34:38.0127 4568 [ C025055FE7B87701EB042095DF1A2D7B ] usbehci C:\windows\system32\DRIVERS\usbehci.sys
20:34:38.0174 4568 usbehci - ok
20:34:38.0221 4568 [ 287C6C9410B111B68B52CA298F7B8C24 ] usbhub C:\windows\system32\DRIVERS\usbhub.sys
20:34:38.0299 4568 usbhub - ok
20:34:38.0361 4568 [ 9840FC418B4CBD632D3D0A667A725C31 ] usbohci C:\windows\system32\DRIVERS\usbohci.sys
20:34:38.0408 4568 usbohci - ok
20:34:38.0439 4568 [ 73188F58FB384E75C4063D29413CEE3D ] usbprint C:\windows\system32\DRIVERS\usbprint.sys
20:34:38.0502 4568 usbprint - ok
20:34:38.0548 4568 [ AAA2513C8AED8B54B189FD0C6B1634C0 ] usbscan C:\windows\system32\DRIVERS\usbscan.sys
20:34:38.0611 4568 usbscan - ok
20:34:38.0642 4568 [ FED648B01349A3C8395A5169DB5FB7D6 ] USBSTOR C:\windows\system32\DRIVERS\USBSTOR.SYS
20:34:38.0798 4568 USBSTOR - ok
20:34:38.0845 4568 [ 62069A34518BCF9C1FD9E74B3F6DB7CD ] usbuhci C:\windows\system32\drivers\usbuhci.sys
20:34:38.0892 4568 usbuhci - ok
20:34:38.0938 4568 [ 454800C2BC7F3927CE030141EE4F4C50 ] usbvideo C:\windows\system32\Drivers\usbvideo.sys
20:34:38.0970 4568 usbvideo - ok
20:34:39.0016 4568 [ EDBB23CBCF2CDF727D64FF9B51A6070E ] UxSms C:\windows\System32\uxsms.dll
20:34:39.0110 4568 UxSms - ok
20:34:39.0157 4568 [ C118A82CD78818C29AB228366EBF81C3 ] VaultSvc C:\windows\system32\lsass.exe
20:34:39.0219 4568 VaultSvc - ok
20:34:39.0282 4568 [ C5C876CCFC083FF3B128F933823E87BD ] vdrvroot C:\windows\system32\drivers\vdrvroot.sys
20:34:39.0391 4568 vdrvroot - ok
20:34:39.0438 4568 [ 8D6B481601D01A456E75C3210F1830BE ] vds C:\windows\System32\vds.exe
20:34:39.0578 4568 vds - ok
20:34:39.0625 4568 [ DA4DA3F5E02943C2DC8C6ED875DE68DD ] vga C:\windows\system32\DRIVERS\vgapnp.sys
20:34:39.0672 4568 vga - ok
20:34:39.0734 4568 [ 53E92A310193CB3C03BEA963DE7D9CFC ] VgaSave C:\windows\System32\drivers\vga.sys
20:34:39.0859 4568 VgaSave - ok
20:34:39.0874 4568 [ 2CE2DF28C83AEAF30084E1B1EB253CBB ] vhdmp C:\windows\system32\drivers\vhdmp.sys
20:34:39.0999 4568 vhdmp - ok
20:34:40.0030 4568 [ E5689D93FFE4E5D66C0178761240DD54 ] viaide C:\windows\system32\drivers\viaide.sys
20:34:40.0077 4568 viaide - ok
20:34:40.0108 4568 [ D2AAFD421940F640B407AEFAAEBD91B0 ] volmgr C:\windows\system32\drivers\volmgr.sys
20:34:40.0171 4568 volmgr - ok
20:34:40.0249 4568 [ A255814907C89BE58B79EF2F189B843B ] volmgrx C:\windows\system32\drivers\volmgrx.sys
20:34:40.0342 4568 volmgrx - ok
20:34:40.0389 4568 [ DF8126BD41180351A093A3AD2FC8903B ] volsnap C:\windows\system32\drivers\volsnap.sys
20:34:40.0452 4568 volsnap - ok
20:34:40.0498 4568 [ 5E2016EA6EBACA03C04FEAC5F330D997 ] vsmraid C:\windows\system32\drivers\vsmraid.sys
20:34:40.0545 4568 vsmraid - ok
20:34:40.0701 4568 [ B60BA0BC31B0CB414593E169F6F21CC2 ] VSS C:\windows\system32\vssvc.exe
20:34:40.0857 4568 VSS - ok
20:34:40.0935 4568 [ 36D4720B72B5C5D9CB2B9C29E9DF67A1 ] vwifibus C:\windows\system32\DRIVERS\vwifibus.sys
20:34:40.0998 4568 vwifibus - ok
20:34:41.0029 4568 [ 6A3D66263414FF0D6FA754C646612F3F ] vwififlt C:\windows\system32\DRIVERS\vwififlt.sys
20:34:41.0138 4568 vwififlt - ok
20:34:41.0185 4568 [ 6A638FC4BFDDC4D9B186C28C91BD1A01 ] vwifimp C:\windows\system32\DRIVERS\vwifimp.sys
20:34:41.0232 4568 vwifimp - ok
20:34:41.0372 4568 [ 1C9D80CC3849B3788048078C26486E1A ] W32Time C:\windows\system32\w32time.dll
20:34:41.0544 4568 W32Time - ok
20:34:41.0622 4568 [ 4E9440F4F152A7B944CB1663D3935A3E ] WacomPen C:\windows\system32\drivers\wacompen.sys
20:34:41.0715 4568 WacomPen - ok
20:34:41.0762 4568 [ 356AFD78A6ED4457169241AC3965230C ] WANARP C:\windows\system32\DRIVERS\wanarp.sys
20:34:41.0887 4568 WANARP - ok
20:34:41.0918 4568 [ 356AFD78A6ED4457169241AC3965230C ] Wanarpv6 C:\windows\system32\DRIVERS\wanarp.sys
20:34:41.0996 4568 Wanarpv6 - ok
20:34:42.0105 4568 [ 3CEC96DE223E49EAAE3651FCF8FAEA6C ] WatAdminSvc C:\windows\system32\Wat\WatAdminSvc.exe
20:34:42.0183 4568 WatAdminSvc - ok
20:34:42.0277 4568 [ 78F4E7F5C56CB9716238EB57DA4B6A75 ] wbengine C:\windows\system32\wbengine.exe
20:34:42.0386 4568 wbengine - ok
20:34:42.0433 4568 [ 3AA101E8EDAB2DB4131333F4325C76A3 ] WbioSrvc C:\windows\System32\wbiosrvc.dll
20:34:42.0542 4568 WbioSrvc - ok
20:34:42.0573 4568 [ 7368A2AFD46E5A4481D1DE9D14848EDD ] wcncsvc C:\windows\System32\wcncsvc.dll
20:34:42.0760 4568 wcncsvc - ok
20:34:42.0838 4568 [ 20F7441334B18CEE52027661DF4A6129 ] WcsPlugInService C:\windows\System32\WcsPlugInService.dll
20:34:42.0885 4568 WcsPlugInService - ok
20:34:42.0948 4568 [ 72889E16FF12BA0F235467D6091B17DC ] Wd C:\windows\system32\drivers\wd.sys
20:34:42.0979 4568 Wd - ok
20:34:43.0057 4568 [ 442783E2CB0DA19873B7A63833FF4CB4 ] Wdf01000 C:\windows\system32\drivers\Wdf01000.sys
20:34:43.0135 4568 Wdf01000 - ok
20:34:43.0197 4568 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiServiceHost C:\windows\system32\wdi.dll
20:34:43.0338 4568 WdiServiceHost - ok
20:34:43.0384 4568 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiSystemHost C:\windows\system32\wdi.dll
20:34:43.0447 4568 WdiSystemHost - ok
20:34:43.0494 4568 [ 3DB6D04E1C64272F8B14EB8BC4616280 ] WebClient C:\windows\System32\webclnt.dll
20:34:43.0618 4568 WebClient - ok
20:34:43.0665 4568 [ C749025A679C5103E575E3B48E092C43 ] Wecsvc C:\windows\system32\wecsvc.dll
20:34:43.0915 4568 Wecsvc - ok
20:34:43.0993 4568 [ 7E591867422DC788B9E5BD337A669A08 ] wercplsupport C:\windows\System32\wercplsupport.dll
20:34:44.0118 4568 wercplsupport - ok
20:34:44.0180 4568 [ 6D137963730144698CBD10F202E9F251 ] WerSvc C:\windows\System32\WerSvc.dll
20:34:44.0336 4568 WerSvc - ok
20:34:44.0383 4568 [ 611B23304BF067451A9FDEE01FBDD725 ] WfpLwf C:\windows\system32\DRIVERS\wfplwf.sys
20:34:44.0492 4568 WfpLwf - ok
20:34:44.0523 4568 [ 05ECAEC3E4529A7153B3136CEB49F0EC ] WIMMount C:\windows\system32\drivers\wimmount.sys
20:34:44.0586 4568 WIMMount - ok
20:34:44.0617 4568 WinDefend - ok
20:34:44.0648 4568 WinHttpAutoProxySvc - ok
20:34:44.0742 4568 [ 19B07E7E8915D701225DA41CB3877306 ] Winmgmt C:\windows\system32\wbem\WMIsvc.dll
20:34:44.0866 4568 Winmgmt - ok
20:34:45.0180 4568 [ BCB1310604AA415C4508708975B3931E ] WinRM C:\windows\system32\WsmSvc.dll
20:34:45.0410 4568 WinRM - ok
20:34:45.0624 4568 [ 4FADA86E62F18A1B2F42BA18AE24E6AA ] Wlansvc C:\windows\System32\wlansvc.dll
20:34:45.0704 4568 Wlansvc - ok
20:34:45.0776 4568 [ 06C8FA1CF39DE6A735B54D906BA791C6 ] wlcrasvc C:\Program Files\Windows Live\Mesh\wlcrasvc.exe
20:34:45.0806 4568 wlcrasvc - ok
20:34:45.0948 4568 [ 2BACD71123F42CEA603F4E205E1AE337 ] wlidsvc C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
20:34:46.0090 4568 wlidsvc - ok
20:34:46.0148 4568 [ F6FF8944478594D0E414D3F048F0D778 ] WmiAcpi C:\windows\system32\drivers\wmiacpi.sys
20:34:46.0204 4568 WmiAcpi - ok
20:34:46.0300 4568 [ 38B84C94C5A8AF291ADFEA478AE54F93 ] wmiApSrv C:\windows\system32\wbem\WmiApSrv.exe
20:34:46.0350 4568 wmiApSrv - ok
20:34:46.0412 4568 WMPNetworkSvc - ok
20:34:46.0469 4568 [ 96C6E7100D724C69FCF9E7BF590D1DCA ] WPCSvc C:\windows\System32\wpcsvc.dll
20:34:46.0524 4568 WPCSvc - ok
20:34:46.0563 4568 [ 93221146D4EBBF314C29B23CD6CC391D ] WPDBusEnum C:\windows\system32\wpdbusenum.dll
20:34:46.0607 4568 WPDBusEnum - ok
20:34:46.0642 4568 [ 6BCC1D7D2FD2453957C5479A32364E52 ] ws2ifsl C:\windows\system32\drivers\ws2ifsl.sys
20:34:46.0736 4568 ws2ifsl - ok
20:34:46.0786 4568 [ E8B1FE6669397D1772D8196DF0E57A9E ] wscsvc C:\windows\system32\wscsvc.dll
20:34:46.0856 4568 wscsvc - ok
20:34:46.0886 4568 WSearch - ok
20:34:47.0249 4568 [ D9EF901DCA379CFE914E9FA13B73B4C4 ] wuauserv C:\windows\system32\wuaueng.dll
20:34:47.0381 4568 wuauserv - ok
20:34:47.0444 4568 [ AB886378EEB55C6C75B4F2D14B6C869F ] WudfPf C:\windows\system32\drivers\WudfPf.sys
20:34:47.0564 4568 WudfPf - ok
20:34:47.0639 4568 [ DDA4CAF29D8C0A297F886BFE561E6659 ] WUDFRd C:\windows\system32\DRIVERS\WUDFRd.sys
20:34:47.0696 4568 WUDFRd - ok
20:34:47.0758 4568 [ B20F051B03A966392364C83F009F7D17 ] wudfsvc C:\windows\System32\WUDFSvc.dll
20:34:47.0828 4568 wudfsvc - ok
20:34:47.0880 4568 [ 9A3452B3C2A46C073166C5CF49FAD1AE ] WwanSvc C:\windows\System32\wwansvc.dll
20:34:47.0936 4568 WwanSvc - ok
20:34:47.0994 4568 ================ Scan global ===============================
20:34:48.0062 4568 [ BA0CD8C393E8C9F83354106093832C7B ] C:\windows\system32\basesrv.dll
20:34:48.0122 4568 [ 0C27239FEA4DB8A2AAC9E502186B7264 ] C:\windows\system32\winsrv.dll
20:34:48.0142 4568 [ 0C27239FEA4DB8A2AAC9E502186B7264 ] C:\windows\system32\winsrv.dll
20:34:48.0204 4568 [ D6160F9D869BA3AF0B787F971DB56368 ] C:\windows\system32\sxssrv.dll
20:34:48.0270 4568 [ 24ACB7E5BE595468E3B9AA488B9B4FCB ] C:\windows\system32\services.exe
20:34:48.0276 4568 [Global] - ok
20:34:48.0286 4568 ================ Scan MBR ==================================
20:34:48.0306 4568 [ 5B5E648D12FCADC244C1EC30318E1EB9 ] \Device\Harddisk0\DR0
20:34:48.0306 4568 Suspicious mbr (Forged): \Device\Harddisk0\DR0
20:34:48.0368 4568 \Device\Harddisk0\DR0 ( Rootkit.Boot.Pihar.c ) - infected
20:34:48.0368 4568 \Device\Harddisk0\DR0 - detected Rootkit.Boot.Pihar.c (0)
20:34:48.0438 4568 \Device\Harddisk0\DR0 ( TDSS File System ) - warning
20:34:48.0438 4568 \Device\Harddisk0\DR0 - detected TDSS File System (1)
20:34:48.0448 4568 ================ Scan VBR ==================================
20:34:48.0468 4568 [ 097449B306C9E02264A8382D8BBE3894 ] \Device\Harddisk0\DR0\Partition1
20:34:48.0478 4568 \Device\Harddisk0\DR0\Partition1 - ok
20:34:48.0488 4568 ================ Scan active images ========================
20:34:48.0498 4568 [ 3E588B60EC061686BA05D33574A344C6 ] C:\Windows\System32\drivers\crashdmp.sys
20:34:48.0498 4568 C:\Windows\System32\drivers\crashdmp.sys - ok
20:34:48.0508 4568 [ 839B5FE3D48E9F35B22C21A3D5103F6C ] C:\Windows\System32\drivers\Dumpata.sys
20:34:48.0508 4568 C:\Windows\System32\drivers\Dumpata.sys - ok
20:34:48.0538 4568 [ 814DB88F2641691575A455CF25354098 ] C:\Windows\System32\drivers\dumpfve.sys
20:34:48.0538 4568 C:\Windows\System32\drivers\dumpfve.sys - ok
20:34:48.0569 4568 [ C25F0BAFA182CBCA2DD3C851C2E75796 ] C:\Windows\System32\drivers\msahci.sys
20:34:48.0569 4568 C:\Windows\System32\drivers\msahci.sys - ok
20:34:48.0591 4568 [ F036CE71586E93D94DAB220D7BDF4416 ] C:\Windows\System32\drivers\cdrom.sys
20:34:48.0591 4568 C:\Windows\System32\drivers\cdrom.sys - ok
20:34:48.0610 4568 [ 16A47CE2DECC9B099349A5F840654746 ] C:\Windows\System32\drivers\beep.sys
20:34:48.0610 4568 C:\Windows\System32\drivers\beep.sys - ok
20:34:48.0630 4568 [ 9899284589F75FA8724FF3D16AED75C1 ] C:\Windows\System32\drivers\null.sys
20:34:48.0631 4568 C:\Windows\System32\drivers\null.sys - ok
20:34:48.0651 4568 [ E7353D59C9842BC7299FAEB7E7E09340 ] C:\Windows\System32\drivers\videoprt.sys
20:34:48.0652 4568 C:\Windows\System32\drivers\videoprt.sys - ok
20:34:48.0672 4568 [ FC438D1430B28618E2D0C7C332A710AD ] C:\Windows\System32\drivers\watchdog.sys
20:34:48.0672 4568 C:\Windows\System32\drivers\watchdog.sys - ok
20:34:48.0692 4568 [ CEA6CC257FC9B7715F1C2B4849286D24 ] C:\Windows\System32\drivers\RDPCDD.sys
20:34:48.0692 4568 C:\Windows\System32\drivers\RDPCDD.sys - ok
20:34:48.0712 4568 [ 53E92A310193CB3C03BEA963DE7D9CFC ] C:\Windows\System32\drivers\vga.sys
20:34:48.0712 4568 C:\Windows\System32\drivers\vga.sys - ok
20:34:48.0730 4568 [ BB5971A4F00659529A5C44831AF22365 ] C:\Windows\System32\drivers\RDPENCDD.sys
20:34:48.0730 4568 C:\Windows\System32\drivers\RDPENCDD.sys - ok
20:34:48.0750 4568 [ 216F3FA57533D98E1F74DED70113177A ] C:\Windows\System32\drivers\RDPREFMP.sys
20:34:48.0750 4568 C:\Windows\System32\drivers\RDPREFMP.sys - ok
20:34:48.0771 4568 [ AA3FB40E17CE1388FA1BEDAB50EA8F96 ] C:\Windows\System32\drivers\msfs.sys
20:34:48.0771 4568 C:\Windows\System32\drivers\msfs.sys - ok
20:34:48.0796 4568 [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7 ] C:\Windows\System32\drivers\npfs.sys
20:34:48.0796 4568 C:\Windows\System32\drivers\npfs.sys - ok
20:34:48.0824 4568 [ 6F020A220388ECA0AB6062DC27BD16B6 ] C:\Windows\System32\drivers\tdi.sys
20:34:48.0824 4568 C:\Windows\System32\drivers\tdi.sys - ok
20:34:48.0844 4568 [ DDAD5A7AB24D8B65F8D724F5C20FD806 ] C:\Windows\System32\drivers\tdx.sys
20:34:48.0844 4568 C:\Windows\System32\drivers\tdx.sys - ok
20:34:48.0864 4568 [ 1C7857B62DE5994A75B054A9FD4C3825 ] C:\Windows\System32\drivers\afd.sys
20:34:48.0864 4568 C:\Windows\System32\drivers\afd.sys - ok
20:34:48.0885 4568 [ 09594D1089C523423B32A4229263F068 ] C:\Windows\System32\drivers\netbt.sys
20:34:48.0885 4568 C:\Windows\System32\drivers\netbt.sys - ok
20:34:48.0906 4568 [ 611B23304BF067451A9FDEE01FBDD725 ] C:\Windows\System32\drivers\wfplwf.sys
20:34:48.0906 4568 C:\Windows\System32\drivers\wfplwf.sys - ok
20:34:48.0926 4568 [ 6BCC1D7D2FD2453957C5479A32364E52 ] C:\Windows\System32\drivers\ws2ifsl.sys
20:34:48.0926 4568 C:\Windows\System32\drivers\ws2ifsl.sys - ok
20:34:48.0947 4568 [ 0557CF5A2556BD58E26384169D72438D ] C:\Windows\System32\drivers\pacer.sys
20:34:48.0947 4568 C:\Windows\System32\drivers\pacer.sys - ok
20:34:48.0966 4568 [ 86743D9F5D2B1048062B14B1D84501C4 ] C:\Windows\System32\drivers\netbios.sys
20:34:48.0966 4568 C:\Windows\System32\drivers\netbios.sys - ok
20:34:48.0985 4568 [ 6A3D66263414FF0D6FA754C646612F3F ] C:\Windows\System32\drivers\vwififlt.sys
20:34:48.0986 4568 C:\Windows\System32\drivers\vwififlt.sys - ok
20:34:49.0005 4568 [ 356AFD78A6ED4457169241AC3965230C ] C:\Windows\System32\drivers\wanarp.sys
20:34:49.0006 4568 C:\Windows\System32\drivers\wanarp.sys - ok
20:34:49.0026 4568 [ 561E7E1F06895D78DE991E01DD0FB6E5 ] C:\Windows\System32\drivers\termdd.sys
20:34:49.0026 4568 C:\Windows\System32\drivers\termdd.sys - ok
20:34:49.0046 4568 [ E7F5AE18AF4168178A642A9247C63001 ] C:\Windows\System32\drivers\nsiproxy.sys
20:34:49.0046 4568 C:\Windows\System32\drivers\nsiproxy.sys - ok
20:34:49.0067 4568 [ 77F665941019A1594D887A74F301FA2F ] C:\Windows\System32\drivers\rdbss.sys
20:34:49.0067 4568 C:\Windows\System32\drivers\rdbss.sys - ok
20:34:49.0093 4568 [ 13096B05847EC78F0977F2C0F79E9AB3 ] C:\Windows\System32\drivers\discache.sys
20:34:49.0093 4568 C:\Windows\System32\drivers\discache.sys - ok
20:34:49.0114 4568 [ 0EED230E37515A0EAEE3C2E1BC97B288 ] C:\Windows\System32\drivers\mssmbios.sys
20:34:49.0114 4568 C:\Windows\System32\drivers\mssmbios.sys - ok
20:34:49.0133 4568 [ 61583EE3C3A17003C4ACD0475646B4D3 ] C:\Windows\System32\drivers\blbdrive.sys
20:34:49.0133 4568 C:\Windows\System32\drivers\blbdrive.sys - ok
20:34:49.0153 4568 [ 9BB2EF44EAA163B29C4A4587887A0FE4 ] C:\Windows\System32\drivers\dfsc.sys
20:34:49.0153 4568 C:\Windows\System32\drivers\dfsc.sys - ok
20:34:49.0172 4568 [ 3566A8DAAFA27AF944F5D705EAA64894 ] C:\Windows\System32\drivers\tunnel.sys
20:34:49.0173 4568 C:\Windows\System32\drivers\tunnel.sys - ok
20:34:49.0193 4568 [ 1E56388B3FE0D031C44144EB8C4D6217 ] C:\Windows\System32\drivers\amdppm.sys
20:34:49.0193 4568 C:\Windows\System32\drivers\amdppm.sys - ok
20:34:49.0213 4568 [ 1EEFFCE9A3A65A56A28793EAA3F57026 ] C:\Windows\System32\drivers\atikmpag.sys
20:34:49.0214 4568 C:\Windows\System32\drivers\atikmpag.sys - ok
20:34:49.0233 4568 [ 1911A3356FA3F77CCC825CCBAC038C2A ] C:\Windows\System32\smss.exe
20:34:49.0233 4568 C:\Windows\System32\smss.exe - ok
20:34:49.0252 4568 [ CF95B85FF8D128385ABD411C8CA74DED ] C:\Windows\System32\ntdll.dll
20:34:49.0252 4568 C:\Windows\System32\ntdll.dll - ok
20:34:49.0273 4568 [ 3B536A8BEC3B4F23FFDFD78B11A2AB93 ] C:\Windows\System32\autochk.exe
20:34:49.0273 4568 C:\Windows\System32\autochk.exe - ok
20:34:49.0290 4568 [ 194D76D2083318A2E7071A988E02ECF4 ] C:\Windows\System32\drivers\atikmdag.sys
20:34:49.0290 4568 C:\Windows\System32\drivers\atikmdag.sys - ok
20:34:49.0317 4568 [ 85DBF6EC7BDFA6187F4A1EC8F3145CD0 ] C:\Windows\System32\drivers\dxgkrnl.sys
20:34:49.0317 4568 C:\Windows\System32\drivers\dxgkrnl.sys - ok
20:34:49.0333 4568 [ D0BF5B74A3B75F5B07DF04DA258A29B9 ] C:\Windows\System32\drivers\dxgmms1.sys
20:34:49.0334 4568 C:\Windows\System32\drivers\dxgmms1.sys - ok
20:34:49.0350 4568 [ FD542B661BD22FA69CA789AD0AC58C29 ] C:\Windows\System32\drivers\tdcmdpst.sys
20:34:49.0351 4568 C:\Windows\System32\drivers\tdcmdpst.sys - ok
20:34:49.0371 4568 [ FE70103391A64039A921DBFFF9C7AB1B ] C:\Windows\System32\user32.dll
20:34:49.0371 4568 C:\Windows\System32\user32.dll - ok
20:34:49.0388 4568 [ AE259C75F9A0B057B6BF9E9695632B09 ] C:\Windows\System32\drivers\usbport.sys
20:34:49.0388 4568 C:\Windows\System32\drivers\usbport.sys - ok
20:34:49.0405 4568 [ C025055FE7B87701EB042095DF1A2D7B ] C:\Windows\System32\drivers\usbehci.sys
20:34:49.0406 4568 C:\Windows\System32\drivers\usbehci.sys - ok
20:34:49.0422 4568 [ 9840FC418B4CBD632D3D0A667A725C31 ] C:\Windows\System32\drivers\usbohci.sys
20:34:49.0423 4568 C:\Windows\System32\drivers\usbohci.sys - ok
20:34:49.0439 4568 [ 97BFED39B6B79EB12CDDBFEED51F56BB ] C:\Windows\System32\drivers\hdaudbus.sys
20:34:49.0439 4568 C:\Windows\System32\drivers\hdaudbus.sys - ok
20:34:49.0457 4568 [ FA55C73D4AFFA7EE23AC4BE53B4592D3 ] C:\Windows\System32\drivers\i8042prt.sys
20:34:49.0457 4568 C:\Windows\System32\drivers\i8042prt.sys - ok
20:34:49.0474 4568 [ BC02336F1CBA7DCC7D1213BB588A68A5 ] C:\Windows\System32\drivers\kbdclass.sys
20:34:49.0475 4568 C:\Windows\System32\drivers\kbdclass.sys - ok
20:34:49.0492 4568 [ CCA2AB1752A61F29C3C941CD79D78CEA ] C:\Windows\System32\drivers\usbd.sys
20:34:49.0492 4568 C:\Windows\System32\drivers\usbd.sys - ok
20:34:49.0509 4568 [ 06D602A637E171E151853F1D8ECD34F1 ] C:\Windows\System32\drivers\SynTP.sys
20:34:49.0509 4568 C:\Windows\System32\drivers\SynTP.sys - ok
20:34:49.0529 4568 [ 25983DE69B57142039AC8D95E71CD9C9 ] C:\Windows\System32\clbcatq.dll
20:34:49.0530 4568 C:\Windows\System32\clbcatq.dll - ok
20:34:49.0546 4568 [ F7CE0C81C545364020ED8203CF0A633E ] C:\Windows\System32\difxapi.dll
20:34:49.0547 4568 C:\Windows\System32\difxapi.dll - ok
20:34:49.0572 4568 [ C391FC68282A000CDF953F8B6B55D2EF ] C:\Windows\System32\msvcrt.dll
20:34:49.0572 4568 C:\Windows\System32\msvcrt.dll - ok
20:34:49.0591 4568 [ 9835E63E09F824D22B689D2BB789BAB9 ] C:\Windows\System32\comdlg32.dll
20:34:49.0591 4568 C:\Windows\System32\comdlg32.dll - ok
20:34:49.0608 4568 [ FF1AAEDD4A1A0FC3C5ED66B4EE0B254A ] C:\Windows\System32\urlmon.dll
20:34:49.0608 4568 C:\Windows\System32\urlmon.dll - ok
20:34:49.0625 4568 [ 28C0B5024F5C5A438E78B188CFC81B7F ] C:\Windows\System32\normaliz.dll
20:34:49.0626 4568 C:\Windows\System32\normaliz.dll - ok
20:34:49.0643 4568 [ C6689007B3A749C49A5438DCF36E0CE4 ] C:\Windows\System32\shell32.dll
20:34:49.0643 4568 C:\Windows\System32\shell32.dll - ok
20:34:49.0659 4568 [ 7D27EA49F3C1F687D357E77A470AEA99 ] C:\Windows\System32\drivers\mouclass.sys
20:34:49.0660 4568 C:\Windows\System32\drivers\mouclass.sys - ok
20:34:49.0677 4568 [ 0840155D0BDDF1190F84A663C284BD33 ] C:\Windows\System32\drivers\CmBatt.sys
20:34:49.0677 4568 C:\Windows\System32\drivers\CmBatt.sys - ok
20:34:49.0695 4568 [ 513338976B722822B555D739D78F9E9F ] C:\Windows\System32\drivers\rtl8192ce.sys
20:34:49.0695 4568 C:\Windows\System32\drivers\rtl8192ce.sys - ok
20:34:49.0713 4568 [ 36D4720B72B5C5D9CB2B9C29E9DF67A1 ] C:\Windows\System32\drivers\vwifibus.sys
20:34:49.0713 4568 C:\Windows\System32\drivers\vwifibus.sys - ok
20:34:49.0729 4568 [ E50CFB92986DCAB49DE93788FD695813 ] C:\Windows\System32\drivers\Rt64win7.sys
20:34:49.0730 4568 C:\Windows\System32\drivers\Rt64win7.sys - ok
20:34:49.0747 4568 [ 03EDB043586CCEBA243D689BDDA370A8 ] C:\Windows\System32\drivers\CompositeBus.sys
20:34:49.0747 4568 C:\Windows\System32\drivers\CompositeBus.sys - ok
20:34:49.0764 4568 [ 60ACB128E64C35C2B4E4AAB1B0A5C293 ] C:\Windows\System32\drivers\FwLnk.sys
20:34:49.0765 4568 C:\Windows\System32\drivers\FwLnk.sys - ok
20:34:49.0782 4568 [ 7ECFF9B22276B73F43A99A15A6094E90 ] C:\Windows\System32\drivers\agilevpn.sys
20:34:49.0782 4568 C:\Windows\System32\drivers\agilevpn.sys - ok
20:34:49.0800 4568 [ 30639C932D9FEF22B31268FE25A1B6E5 ] C:\Windows\System32\drivers\ndistapi.sys
20:34:49.0800 4568 C:\Windows\System32\drivers\ndistapi.sys - ok
20:34:49.0826 4568 [ 471815800AE33E6F1C32FB1B97C490CA ] C:\Windows\System32\drivers\rasl2tp.sys
20:34:49.0826 4568 C:\Windows\System32\drivers\rasl2tp.sys - ok
20:34:49.0844 4568 [ 53F7305169863F0A2BDDC49E116C2E11 ] C:\Windows\System32\drivers\ndiswan.sys
20:34:49.0844 4568 C:\Windows\System32\drivers\ndiswan.sys - ok
20:34:49.0861 4568 [ 855C9B1CD4756C5E9A2AA58A15F58C25 ] C:\Windows\System32\drivers\raspppoe.sys
20:34:49.0861 4568 C:\Windows\System32\drivers\raspppoe.sys - ok
20:34:49.0878 4568 [ F92A2C41117A11A00BE01CA01A7FCDE9 ] C:\Windows\System32\drivers\raspptp.sys
20:34:49.0878 4568 C:\Windows\System32\drivers\raspptp.sys - ok
20:34:49.0896 4568 [ E8B1E447B008D07FF47D016C2B0EEECB ] C:\Windows\System32\drivers\rassstp.sys
20:34:49.0896 4568 C:\Windows\System32\drivers\rassstp.sys - ok
20:34:49.0913 4568 [ 24FBF5CC5C04150073C315A7C83521EE ] C:\Windows\System32\drivers\ks.sys
20:34:49.0914 4568 C:\Windows\System32\drivers\ks.sys - ok
20:34:49.0930 4568 [ D01EC09B6711A5F8E7E6564A4D0FBC90 ] C:\Windows\System32\drivers\swenum.sys
20:34:49.0931 4568 C:\Windows\System32\drivers\swenum.sys - ok
20:34:49.0948 4568 [ DC54A574663A895C8763AF0FA1FF7561 ] C:\Windows\System32\drivers\umbus.sys
20:34:49.0948 4568 C:\Windows\System32\drivers\umbus.sys - ok
20:34:49.0965 4568 [ 287C6C9410B111B68B52CA298F7B8C24 ] C:\Windows\System32\drivers\usbhub.sys
20:34:49.0965 4568 C:\Windows\System32\drivers\usbhub.sys - ok
20:34:49.0983 4568 [ 015C0D8E0E0421B4CFD48CFFE2825879 ] C:\Windows\System32\drivers\ndproxy.sys
20:34:49.0983 4568 C:\Windows\System32\drivers\ndproxy.sys - ok
20:34:50.0001 4568 [ 21D26064AEDB4988F785BB4A3A2C051E ] C:\Windows\System32\drivers\drmk.sys
20:34:50.0002 4568 C:\Windows\System32\drivers\drmk.sys - ok
20:34:50.0019 4568 [ 32E11315B5126921FFD9074840EF13D3 ] C:\Windows\System32\drivers\portcls.sys
20:34:50.0019 4568 C:\Windows\System32\drivers\portcls.sys - ok
20:34:50.0037 4568 [ 0A30A899C6295F908729EDA7F95615A8 ] C:\Windows\System32\drivers\RTKVHD64.sys
20:34:50.0037 4568 C:\Windows\System32\drivers\RTKVHD64.sys - ok
20:34:50.0055 4568 [ 6869281E78CB31A43E969F06B57347C4 ] C:\Windows\System32\drivers\ksthunk.sys
20:34:50.0055 4568 C:\Windows\System32\drivers\ksthunk.sys - ok
20:34:50.0084 4568 [ 6F1A3157A1C89435352CEB543CDB359C ] C:\Windows\System32\drivers\usbccgp.sys
20:34:50.0084 4568 C:\Windows\System32\drivers\usbccgp.sys - ok
20:34:50.0102 4568 [ 49EE2E52E6CD03947DAD72F65367BE06 ] C:\Windows\System32\drivers\hidparse.sys
20:34:50.0102 4568 C:\Windows\System32\drivers\hidparse.sys - ok
20:34:50.0119 4568 [ 8B0E40E7E8BBF5ACF390465609D89FF1 ] C:\Windows\System32\drivers\hidclass.sys
20:34:50.0119 4568 C:\Windows\System32\drivers\hidclass.sys - ok
20:34:50.0137 4568 [ 9592090A7E2B61CD582B612B6DF70536 ] C:\Windows\System32\drivers\hidusb.sys
20:34:50.0138 4568 C:\Windows\System32\drivers\hidusb.sys - ok
20:34:50.0155 4568 [ D3BF052C40B0C4166D9FD86A4288C1E6 ] C:\Windows\System32\drivers\mouhid.sys
20:34:50.0156 4568 C:\Windows\System32\drivers\mouhid.sys - ok
20:34:50.0173 4568 [ 454800C2BC7F3927CE030141EE4F4C50 ] C:\Windows\System32\drivers\usbvideo.sys
20:34:50.0173 4568 C:\Windows\System32\drivers\usbvideo.sys - ok
20:34:50.0190 4568 [ 91111CEBBDE8015E822C46120ED9537C ] C:\Windows\System32\drivers\PGEffect.sys
20:34:50.0190 4568 C:\Windows\System32\drivers\PGEffect.sys - ok
20:34:50.0208 4568 [ 36FCA0C67BCDC0DA047F5F36743B5CB9 ] C:\Windows\System32\drivers\rtsuvstor.sys
20:34:50.0209 4568 C:\Windows\System32\drivers\rtsuvstor.sys - ok
20:34:50.0226 4568 [ 65C113214F7B05820F6D8A65B1485196 ] C:\Windows\System32\kernel32.dll
20:34:50.0226 4568 C:\Windows\System32\kernel32.dll - ok
20:34:50.0244 4568 [ D202223587518B13D72D68937B7E3F70 ] C:\Windows\System32\lpk.dll
20:34:50.0244 4568 C:\Windows\System32\lpk.dll - ok
20:34:50.0261 4568 [ C431EAF5CAA1C82CAC2534A2EAB348A3 ] C:\Windows\System32\msctf.dll
20:34:50.0261 4568 C:\Windows\System32\msctf.dll - ok
20:34:50.0278 4568 [ D87E1E59C73C1F98D5DED5B3850C40F5 ] C:\Windows\System32\psapi.dll
20:34:50.0278 4568 C:\Windows\System32\psapi.dll - ok
20:34:50.0296 4568 [ A1BE6A720D02E37F72E9CD89AE9CB3CF ] C:\Windows\System32\imagehlp.dll
20:34:50.0297 4568 C:\Windows\System32\imagehlp.dll - ok
20:34:50.0325 4568 [ AA2C08CE85653B1A0D2E4AB407FA176C ] C:\Windows\System32\imm32.dll
20:34:50.0325 4568 C:\Windows\System32\imm32.dll - ok
20:34:50.0342 4568 [ 6C60B5ACA7442EFB794082CDACFC001C ] C:\Windows\System32\ole32.dll
20:34:50.0342 4568 C:\Windows\System32\ole32.dll - ok
20:34:50.0359 4568 [ DBF99FD9CAF75CA66D042BD8D050FF71 ] C:\Windows\System32\usp10.dll
20:34:50.0359 4568 C:\Windows\System32\usp10.dll - ok
20:34:50.0377 4568 [ 0611473C1AD9E2D991CD9482068417F7 ] C:\Windows\System32\rpcrt4.dll
20:34:50.0377 4568 C:\Windows\System32\rpcrt4.dll - ok
20:34:50.0394 4568 [ 83404DCBCE4925B6A5A77C5170F46D86 ] C:\Windows\System32\sechost.dll
20:34:50.0394 4568 C:\Windows\System32\sechost.dll - ok
20:34:50.0404 4568 [ 6DF46D2BD74E3DA1B45F08F10D172732 ] C:\Windows\System32\advapi32.dll
20:34:50.0405 4568 C:\Windows\System32\advapi32.dll - ok
20:34:50.0427 4568 [ C06B32165E23A72A898B7A89679AD754 ] C:\Windows\System32\oleaut32.dll
20:34:50.0427 4568 C:\Windows\System32\oleaut32.dll - ok
20:34:50.0444 4568 [ 4BBFA57F594F7E8A8EDC8F377184C3F0 ] C:\Windows\System32\ws2_32.dll
20:34:50.0444 4568 C:\Windows\System32\ws2_32.dll - ok
20:34:50.0460 4568 [ 1084AA52CCC324EA54C7121FA24C2221 ] C:\Windows\System32\gdi32.dll
20:34:50.0460 4568 C:\Windows\System32\gdi32.dll - ok
20:34:50.0478 4568 [ 4E4FFB09D895AA000DD56D1404F69A7E ] C:\Windows\System32\Wldap32.dll
20:34:50.0478 4568 C:\Windows\System32\Wldap32.dll - ok
20:34:50.0496 4568 [ EAF32CB8C1F810E4715B4DFBE785C7FF ] C:\Windows\System32\shlwapi.dll
20:34:50.0496 4568 C:\Windows\System32\shlwapi.dll - ok
20:34:50.0514 4568 [ 5D8E6C95156ED1F79A63D1EADE6F9ED5 ] C:\Windows\System32\setupapi.dll
20:34:50.0514 4568 C:\Windows\System32\setupapi.dll - ok
20:34:50.0531 4568 [ A54A16DAE7497CDCB8C5A021C0F6FEB8 ] C:\Windows\System32\iertutil.dll
20:34:50.0531 4568 C:\Windows\System32\iertutil.dll - ok
20:34:50.0548 4568 [ FA274190682AA41A46B285208ED46A74 ] C:\Windows\System32\wininet.dll
20:34:50.0548 4568 C:\Windows\System32\wininet.dll - ok
20:34:50.0576 4568 [ 1F56F209585F350A5666E3CC7931FD67 ] C:\Windows\System32\KernelBase.dll
20:34:50.0577 4568 C:\Windows\System32\KernelBase.dll - ok
20:34:50.0594 4568 [ 044FE45FFD6AD40E3BBBE60B7F41BABE ] C:\Windows\System32\nsi.dll
20:34:50.0594 4568 C:\Windows\System32\nsi.dll - ok
20:34:50.0611 4568 [ 12EE6FE9268CEE6D90FDCCBF89236C65 ] C:\Windows\System32\crypt32.dll
20:34:50.0611 4568 C:\Windows\System32\crypt32.dll - ok
20:34:50.0629 4568 [ AA06902362B1422D7A7DA7061E07C624 ] C:\Windows\System32\wintrust.dll
20:34:50.0629 4568 C:\Windows\System32\wintrust.dll - ok
20:34:50.0647 4568 [ 2477A28081BDAEE622CF045ACF8EE124 ] C:\Windows\System32\cfgmgr32.dll
20:34:50.0647 4568 C:\Windows\System32\cfgmgr32.dll - ok
20:34:50.0664 4568 [ 14DFDEAF4E589ED3F1FF187A86B9408C ] C:\Windows\System32\comctl32.dll
20:34:50.0665 4568 C:\Windows\System32\comctl32.dll - ok
20:34:50.0681 4568 [ 06FEC9E8117103BB1141A560E98077DA ] C:\Windows\System32\devobj.dll
20:34:50.0682 4568 C:\Windows\System32\devobj.dll - ok
20:34:50.0698 4568 [ 884415BD4269C02EAF8E2613BF85500D ] C:\Windows\System32\msasn1.dll
20:34:50.0698 4568 C:\Windows\System32\msasn1.dll - ok
20:34:50.0716 4568 [ 9C278785347BCC991F8EA2999D90F58D ] C:\Windows\SysWOW64\normaliz.dll
20:34:50.0717 4568 C:\Windows\SysWOW64\normaliz.dll - ok
20:34:50.0733 4568 [ BF24D6F2ED97FE830BFD52B246F98E67 ] C:\Windows\System32\drivers\dxapi.sys
20:34:50.0733 4568 C:\Windows\System32\drivers\dxapi.sys - ok
20:34:50.0750 4568 [ 59E21156113E438D1D91AF4FC0C3B19F ] C:\Windows\System32\win32k.sys
20:34:50.0750 4568 C:\Windows\System32\win32k.sys - ok
20:34:50.0768 4568 [ 96F587CA26A6AA894BD8CACE4540CFFC ] C:\Windows\System32\csrsrv.dll
20:34:50.0768 4568 C:\Windows\System32\csrsrv.dll - ok
20:34:50.0788 4568 [ 60C2862B4BF0FD9F582EF344C2B1EC72 ] C:\Windows\System32\csrss.exe
20:34:50.0788 4568 C:\Windows\System32\csrss.exe - ok
20:34:50.0805 4568 [ BA0CD8C393E8C9F83354106093832C7B ] C:\Windows\System32\basesrv.dll
20:34:50.0805 4568 C:\Windows\System32\basesrv.dll - ok
20:34:50.0829 4568 [ 0C27239FEA4DB8A2AAC9E502186B7264 ] C:\Windows\System32\winsrv.dll
20:34:50.0829 4568 C:\Windows\System32\winsrv.dll - ok
20:34:50.0846 4568 [ B03D591DC7DA45ECE20B3B467E6AADAA ] C:\Windows\System32\drivers\monitor.sys
20:34:50.0847 4568 C:\Windows\System32\drivers\monitor.sys - ok
20:34:50.0864 4568 [ F29FE765E1448EF371CFE05BFAC74ADB ] C:\Windows\System32\tsddd.dll
20:34:50.0864 4568 C:\Windows\System32\tsddd.dll - ok
20:34:50.0880 4568 [ D6160F9D869BA3AF0B787F971DB56368 ] C:\Windows\System32\sxssrv.dll
20:34:50.0881 4568 C:\Windows\System32\sxssrv.dll - ok
20:34:50.0897 4568 [ 94355C28C1970635A31B3FE52EB7CEBA ] C:\Windows\System32\wininit.exe
20:34:50.0898 4568 C:\Windows\System32\wininit.exe - ok
20:34:50.0914 4568 [ 2C942733A5983DD4502219FF37C7EBC7 ] C:\Windows\System32\profapi.dll
20:34:50.0915 4568 C:\Windows\System32\profapi.dll - ok
20:34:50.0932 4568 [ C2A8CB1275ECB85D246A9ECC02A728E3 ] C:\Windows\System32\RpcRtRemote.dll
20:34:50.0932 4568 C:\Windows\System32\RpcRtRemote.dll - ok
20:34:50.0949 4568 [ 78523A26F5604C0568FE9D1CE86E36F4 ] C:\Windows\System32\KBDUS.DLL
20:34:50.0949 4568 C:\Windows\System32\KBDUS.DLL - ok
20:34:50.0966 4568 [ B26B1801356760841C3BC69F9F91537F ] C:\Windows\System32\WlS0WndH.dll
20:34:50.0966 4568 C:\Windows\System32\WlS0WndH.dll - ok
20:34:50.0983 4568 [ 90499F3163A9F815CF196A205EA3CD5D ] C:\Windows\System32\apphelp.dll
20:34:50.0983 4568 C:\Windows\System32\apphelp.dll - ok
20:34:51.0000 4568 [ 943F527DF79E6B400104341AA7023C75 ] C:\Windows\System32\cdd.dll
20:34:51.0000 4568 C:\Windows\System32\cdd.dll - ok
20:34:51.0019 4568 [ 24ACB7E5BE595468E3B9AA488B9B4FCB ] C:\Windows\System32\services.exe
20:34:51.0019 4568 C:\Windows\System32\services.exe - ok
20:34:51.0036 4568 [ 9CEAD32E79A62150FE9F8557E58E008B ] C:\Windows\System32\sxs.dll
20:34:51.0036 4568 C:\Windows\System32\sxs.dll - ok
20:34:51.0053 4568 [ 784FA3DF338E2E8F5F0389D6FAC428AF ] C:\Windows\System32\cryptbase.dll
20:34:51.0053 4568 C:\Windows\System32\cryptbase.dll - ok
20:34:51.0070 4568 [ C118A82CD78818C29AB228366EBF81C3 ] C:\Windows\System32\lsass.exe
20:34:51.0070 4568 C:\Windows\System32\lsass.exe - ok
20:34:51.0094 4568 [ 9662EE182644511439F1C53745DC1C88 ] C:\Windows\System32\lsm.exe
20:34:51.0095 4568 C:\Windows\System32\lsm.exe - ok
20:34:51.0111 4568 [ 3A0CE5FE781708CD6ABD55313607EC8B ] C:\Windows\System32\sspisrv.dll
20:34:51.0112 4568 C:\Windows\System32\sspisrv.dll - ok
20:34:51.0128 4568 [ B66BC8B20B7F33975865B1DF99783FD8 ] C:\Windows\System32\sspicli.dll
20:34:51.0128 4568 C:\Windows\System32\sspicli.dll - ok
20:34:51.0145 4568 [ 1151B1BAA6F350B1DB6598E0FEA7C457 ] C:\Windows\System32\winlogon.exe
20:34:51.0146 4568 C:\Windows\System32\winlogon.exe - ok
20:34:51.0163 4568 [ 66A6063D0BAAD3F7B2B9868859E0743B ] C:\Windows\System32\lsasrv.dll
20:34:51.0163 4568 C:\Windows\System32\lsasrv.dll - ok
20:34:51.0179 4568 [ 68083118797CAF30FB2EA3E71494D67E ] C:\Windows\System32\sysntfy.dll
20:34:51.0180 4568 C:\Windows\System32\sysntfy.dll - ok
20:34:51.0197 4568 [ DEE7267C5D232A3B816866872CE199E6 ] C:\Windows\System32\wmsgapi.dll
20:34:51.0197 4568 C:\Windows\System32\wmsgapi.dll - ok
20:34:51.0214 4568 [ A744BA6E04C8AA4592818178DBF89521 ] C:\Windows\System32\samsrv.dll
20:34:51.0214 4568 C:\Windows\System32\samsrv.dll - ok
20:34:51.0231 4568 [ E914A50A151DFFE63D3935226DB5E2C1 ] C:\Windows\System32\scext.dll
20:34:51.0231 4568 C:\Windows\System32\scext.dll - ok
20:34:51.0248 4568 [ 0144D8D75A0B12938AEEE859E3310A46 ] C:\Windows\System32\secur32.dll
20:34:51.0248 4568 C:\Windows\System32\secur32.dll - ok
20:34:51.0268 4568 [ BBCDF350817BA86416C0F06B6981BE8D ] C:\Windows\System32\scesrv.dll
20:34:51.0268 4568 C:\Windows\System32\scesrv.dll - ok
20:34:51.0285 4568 [ 3A9C9BAF610B0DD4967086040B3B62A9 ] C:\Windows\System32\srvcli.dll
20:34:51.0285 4568 C:\Windows\System32\srvcli.dll - ok
20:34:51.0301 4568 [ 0D9764D58C5EFD672B7184854B152E5E ] C:\Windows\System32\winsta.dll
20:34:51.0302 4568 C:\Windows\System32\winsta.dll - ok
20:34:51.0318 4568 [ 3A061472B38233BAFF9CFEFF2E49C46B ] C:\Windows\System32\cryptdll.dll
20:34:51.0318 4568 C:\Windows\System32\cryptdll.dll - ok
20:34:51.0343 4568 [ 3C073B0C596A0AF84933E7406766B040 ] C:\Windows\System32\wevtapi.dll
20:34:51.0343 4568 C:\Windows\System32\wevtapi.dll - ok
20:34:51.0360 4568 [ 7FBEBD2229EA5FD48D41B199EC2D541C ] C:\Windows\System32\authz.dll
20:34:51.0360 4568 C:\Windows\System32\authz.dll - ok
20:34:51.0377 4568 [ 86FE1B1F8FD42CD0DB641AB1CDB13093 ] C:\Windows\System32\cngaudit.dll
20:34:51.0377 4568 C:\Windows\System32\cngaudit.dll - ok
20:34:51.0395 4568 [ 5F3307352216618221A17CFEF273EEE2 ] C:\Windows\System32\ncrypt.dll
20:34:51.0395 4568 C:\Windows\System32\ncrypt.dll - ok
20:34:51.0412 4568 [ B9A95365E52F421A20E1501935FADDA5 ] C:\Windows\System32\bcrypt.dll
20:34:51.0412 4568 C:\Windows\System32\bcrypt.dll - ok
20:34:51.0429 4568 [ 02B64609F865A39365FF88580DF11738 ] C:\Windows\System32\msprivs.dll
20:34:51.0429 4568 C:\Windows\System32\msprivs.dll - ok
20:34:51.0446 4568 [ C6505DE3561537BA1004D638C2F93F2F ] C:\Windows\System32\netjoin.dll
20:34:51.0447 4568 C:\Windows\System32\netjoin.dll - ok
20:34:51.0464 4568 [ 50532FCD7ECF02DD169CE5C485F02534 ] C:\Windows\System32\negoexts.dll
20:34:51.0464 4568 C:\Windows\System32\negoexts.dll - ok
20:34:51.0481 4568 [ 44E1A196DFCB53B01FE4B855C3B56A15 ] C:\Windows\System32\kerberos.dll
20:34:51.0482 4568 C:\Windows\System32\kerberos.dll - ok
20:34:51.0501 4568 [ D0C2FBB6D97416B0166478FC7AE2B212 ] C:\Windows\System32\cryptsp.dll
20:34:51.0501 4568 C:\Windows\System32\cryptsp.dll - ok
20:34:51.0518 4568 [ 1D5185A4C7E6695431AE4B55C3D7D333 ] C:\Windows\System32\mswsock.dll
20:34:51.0518 4568 C:\Windows\System32\mswsock.dll - ok
20:34:51.0539 4568 [ 94E026870A55AAEAFF7853C1754091E9 ] C:\Windows\System32\version.dll
20:34:51.0539 4568 C:\Windows\System32\version.dll - ok
20:34:51.0556 4568 [ EF12B8385AA2849999008A977918F96B ] C:\Windows\System32\msv1_0.dll
20:34:51.0556 4568 C:\Windows\System32\msv1_0.dll - ok
20:34:51.0573 4568 [ EC7CBFF96B05ECF3D366355B3C64ADCF ] C:\Windows\System32\wship6.dll
20:34:51.0573 4568 C:\Windows\System32\wship6.dll - ok
20:34:51.0598 4568 [ AA339DD8BB128EF66660DFBBB59043D3 ] C:\Windows\System32\netlogon.dll
20:34:51.0598 4568 C:\Windows\System32\netlogon.dll - ok
20:34:51.0615 4568 [ 492D07D79E7024CA310867B526D9636D ] C:\Windows\System32\dnsapi.dll
20:34:51.0615 4568 C:\Windows\System32\dnsapi.dll - ok
20:34:51.0633 4568 [ 8FFE297B8449386E7B6851458B6E474E ] C:\Windows\System32\logoncli.dll
20:34:51.0633 4568 C:\Windows\System32\logoncli.dll - ok
20:34:51.0650 4568 [ 1573C45E65DE32B1BC3572634F8F1E8E ] C:\Windows\System32\schannel.dll
20:34:51.0650 4568 C:\Windows\System32\schannel.dll - ok
20:34:51.0668 4568 [ 95FB6CA4374E343DDD653FCC43F9D26B ] C:\Windows\System32\wdigest.dll
20:34:51.0668 4568 C:\Windows\System32\wdigest.dll - ok
20:34:51.0685 4568 [ 5D8874A8C11DDDDE29E12DE0E2013493 ] C:\Windows\System32\rsaenh.dll
20:34:51.0685 4568 C:\Windows\System32\rsaenh.dll - ok
20:34:51.0702 4568 [ E08088A97F95345E181C3DFCE2C615EF ] C:\Windows\System32\pku2u.dll
20:34:51.0703 4568 C:\Windows\System32\pku2u.dll - ok
20:34:51.0719 4568 [ 8A25506B6948EFBD5A7F37E53CCD36D9 ] C:\Windows\System32\TSpkg.dll
20:34:51.0719 4568 C:\Windows\System32\TSpkg.dll - ok
20:34:51.0738 4568 [ 7DBA64AD70C2E2481C68D9E0F7CD7840 ] C:\Windows\System32\LIVESSP.DLL
20:34:51.0739 4568 C:\Windows\System32\LIVESSP.DLL - ok
20:34:51.0756 4568 [ D6C7780A364C6BBACFA796BAB9F1B374 ] C:\Windows\System32\bcryptprimitives.dll
20:34:51.0757 4568 C:\Windows\System32\bcryptprimitives.dll - ok
20:34:51.0775 4568 [ 90BDEFC5DF334E5100EAA781D798DE1A ] C:\Windows\System32\efslsaext.dll
20:34:51.0775 4568 C:\Windows\System32\efslsaext.dll - ok
20:34:51.0793 4568 [ 52D3D5E3586988D4D9E34ACAAC33105C ] C:\Windows\System32\credssp.dll
20:34:51.0793 4568 C:\Windows\System32\credssp.dll - ok
20:34:51.0810 4568 [ ED78427259134C63ED69804D2132B86C ] C:\Windows\System32\scecli.dll
20:34:51.0811 4568 C:\Windows\System32\scecli.dll - ok
20:34:51.0828 4568 [ 7CC7DF5B654DA579613F811D8C637E29 ] C:\Windows\System32\ubpm.dll
20:34:51.0828 4568 C:\Windows\System32\ubpm.dll - ok
20:34:51.0855 4568 [ 6F68F63794097E54F36474ED4384B759 ] C:\Windows\System32\svchost.exe
20:34:51.0855 4568 C:\Windows\System32\svchost.exe - ok
20:34:51.0873 4568 [ 25FBDEF06C4D92815B353F6E792C8129 ] C:\Windows\System32\umpnpmgr.dll
20:34:51.0873 4568 C:\Windows\System32\umpnpmgr.dll - ok
20:34:51.0889 4568 [ E6EB44ABAAF1F330119F854856C53EBE ] C:\Windows\System32\SPInf.dll
20:34:51.0890 4568 C:\Windows\System32\SPInf.dll - ok
20:34:51.0907 4568 [ CD1B5AD07E5F7FEF30E055DCC9E96180 ] C:\Windows\System32\devrtl.dll
20:34:51.0907 4568 C:\Windows\System32\devrtl.dll - ok
20:34:51.0919 4568 [ 7A17485DC7D8A7AC81321A42CD034519 ] C:\Windows\System32\userenv.dll
20:34:51.0919 4568 C:\Windows\System32\userenv.dll - ok
20:34:51.0941 4568 [ 9C9307C95671AC962F3D6EB3A4A89BAE ] C:\Windows\System32\gpapi.dll
20:34:51.0941 4568 C:\Windows\System32\gpapi.dll - ok
20:34:51.0958 4568 [ 6BA9D927DDED70BD1A9CADED45F8B184 ] C:\Windows\System32\umpo.dll
20:34:51.0958 4568 C:\Windows\System32\umpo.dll - ok
20:34:51.0978 4568 [ F6C011B46FAEEF33536B2E80F48B5CBE ] C:\Windows\System32\pcwum.dll
20:34:51.0978 4568 C:\Windows\System32\pcwum.dll - ok
20:34:51.0996 4568 [ 716175021BDA290504CE434273F666BC ] C:\Windows\System32\powrprof.dll
20:34:51.0996 4568 C:\Windows\System32\powrprof.dll - ok
20:34:52.0014 4568 [ 43D0F98E1D56CCDDB0D5254CFF7B356E ] C:\Windows\System32\drivers\luafv.sys
20:34:52.0014 4568 C:\Windows\System32\drivers\luafv.sys - ok
20:34:52.0031 4568 [ 92EB844D90615CB266F84C3202B8786E ] C:\Windows\System32\drivers\mbam.sys
20:34:52.0032 4568 C:\Windows\System32\drivers\mbam.sys - ok
20:34:52.0049 4568 [ 5C627D1B1138676C0A7AB2C2C190D123 ] C:\Windows\System32\rpcss.dll
20:34:52.0049 4568 C:\Windows\System32\rpcss.dll - ok
20:34:52.0066 4568 [ E4DC58CF7B3EA515AE917FF0D402A7BB ] C:\Windows\System32\RpcEpMap.dll
20:34:52.0067 4568 C:\Windows\System32\RpcEpMap.dll - ok
20:34:52.0084 4568 [ 31559F3244C6BC00A52030CAA83B6B91 ] C:\Windows\System32\WSHTCPIP.DLL
20:34:52.0085 4568 C:\Windows\System32\WSHTCPIP.DLL - ok
20:34:52.0108 4568 [ 16E964ABF6D1E0F0CC7822FCA9BA754D ] C:\Windows\System32\wshqos.dll
20:34:52.0108 4568 C:\Windows\System32\wshqos.dll - ok
20:34:52.0126 4568 [ E07DEC52FF801841BA9B6878A60304FB ] C:\Program Files\Microsoft Security Client\MsMpEng.exe
20:34:52.0126 4568 C:\Program Files\Microsoft Security Client\MsMpEng.exe - ok
20:34:52.0144 4568 [ 9AD9E06F8656F296D91FAE8EE5B95A27 ] C:\Windows\System32\FirewallAPI.dll
20:34:52.0144 4568 C:\Windows\System32\FirewallAPI.dll - ok
20:34:52.0161 4568 [ 715F03B4C7223349768013EA95D9E5B7 ] C:\Windows\System32\LogonUI.exe
20:34:52.0161 4568 C:\Windows\System32\LogonUI.exe - ok
20:34:52.0178 4568 [ 0BEE002C68E28CE6DA161DCF1376D7D7 ] C:\Windows\System32\authui.dll
20:34:52.0178 4568 C:\Windows\System32\authui.dll - ok
20:34:52.0199 4568 [ B3BFBD758506ECB50C5804AAA76318F9 ] C:\Windows\System32\cryptui.dll
20:34:52.0199 4568 C:\Windows\System32\cryptui.dll - ok
20:34:52.0217 4568 [ 7FA8FDC2C2A27817FD0F624E78D3B50C ] C:\Windows\winsxs\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac\comctl32.dll
20:34:52.0217 4568 C:\Windows\winsxs\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac\comctl32.dll - ok
20:34:52.0235 4568 [ 5B3EBFC3DA142324B388DDCC4465E1FF ] C:\Windows\System32\samlib.dll
20:34:52.0235 4568 C:\Windows\System32\samlib.dll - ok
20:34:52.0253 4568 [ 4E9C2DB10F7E6AE91BF761139D4B745B ] C:\Windows\System32\shacct.dll
20:34:52.0253 4568 C:\Windows\System32\shacct.dll - ok
20:34:52.0270 4568 [ F06BB4E336EA57511FDBAFAFCC47DE62 ] C:\Windows\System32\propsys.dll
20:34:52.0270 4568 C:\Windows\System32\propsys.dll - ok
20:34:52.0288 4568 [ D29E998E8277666982B4F0303BF4E7AF ] C:\Windows\System32\uxtheme.dll
20:34:52.0288 4568 C:\Windows\System32\uxtheme.dll - ok
20:34:52.0306 4568 [ 179E8401224D557ECFF3695F2016EA5B ] C:\Windows\winsxs\amd64_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.17825_none_2b253c8271ec7765\GdiPlus.dll
20:34:52.0306 4568 C:\Windows\winsxs\amd64_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.17825_none_2b253c8271ec7765\GdiPlus.dll - ok
20:34:52.0323 4568 [ 3CB6A7286422C72C34DAB54A5DFF1A34 ] C:\Windows\System32\dui70.dll
20:34:52.0323 4568 C:\Windows\System32\dui70.dll - ok
20:34:52.0340 4568 [ 8CCDE014A4CDF84564E03ACE064CA753 ] C:\Windows\System32\duser.dll
20:34:52.0340 4568 C:\Windows\System32\duser.dll - ok
20:34:52.0365 4568 [ D7F1EF374A90709B31591823B002F918 ] C:\Windows\System32\SndVolSSO.dll
20:34:52.0366 4568 C:\Windows\System32\SndVolSSO.dll - ok
20:34:52.0383 4568 [ 896F15A6434D93EDB42519D5E18E6B50 ] C:\Windows\System32\hid.dll
20:34:52.0383 4568 C:\Windows\System32\hid.dll - ok
20:34:52.0400 4568 [ 227E2C382A1E02F8D4965E664D3BBE43 ] C:\Windows\System32\MMDevAPI.dll
20:34:52.0400 4568 C:\Windows\System32\MMDevAPI.dll - ok
20:34:52.0417 4568 [ DA1B7075260F3872585BFCDD668C648B ] C:\Windows\System32\dwmapi.dll
20:34:52.0417 4568 C:\Windows\System32\dwmapi.dll - ok
20:34:52.0435 4568 [ 6F8B48F3D343E4B186AB6A9E302B7E16 ] C:\Windows\System32\xmllite.dll
20:34:52.0435 4568 C:\Windows\System32\xmllite.dll - ok
20:34:52.0455 4568 [ BDDF242A49E7B7DC5CCEC291BCE53ACB ] C:\Windows\System32\WindowsCodecs.dll
20:34:52.0455 4568 C:\Windows\System32\WindowsCodecs.dll - ok
20:34:52.0472 4568 [ 9F2BACD5E1776A4BB7CC0EC3C3A4F96D ] C:\Windows\System32\winbrand.dll
20:34:52.0473 4568 C:\Windows\System32\winbrand.dll - ok
20:34:52.0489 4568 [ BD3674BE7FC9D8D3732C83E8499576ED ] C:\Windows\System32\wtsapi32.dll
20:34:52.0489 4568 C:\Windows\System32\wtsapi32.dll - ok
20:34:52.0506 4568 [ C2762A57DF0EE85E63CE4893C5215313 ] C:\Windows\System32\VaultCredProvider.dll
20:34:52.0506 4568 C:\Windows\System32\VaultCredProvider.dll - ok
20:34:52.0523 4568 [ CA2985996BB49924B677113DF95CFEA7 ] C:\Windows\System32\SmartcardCredentialProvider.dll
20:34:52.0524 4568 C:\Windows\System32\SmartcardCredentialProvider.dll - ok
20:34:52.0541 4568 [ BF352E73615F5461AA6884472435A544 ] C:\Windows\System32\BioCredProv.dll
20:34:52.0541 4568 C:\Windows\System32\BioCredProv.dll - ok
20:34:52.0558 4568 [ 796B8123A7859AFD3A4AE10514DBAEB5 ] C:\Windows\System32\winbio.dll
20:34:52.0558 4568 C:\Windows\System32\winbio.dll - ok
20:34:52.0575 4568 [ CC0AB40F02D2C2A12209715A3C1B07B8 ] C:\Windows\System32\credui.dll
20:34:52.0575 4568 C:\Windows\System32\credui.dll - ok
20:34:52.0593 4568 [ EEEA40F0EDB0A6E5359E539E15D0BC77 ] C:\Windows\System32\netapi32.dll
20:34:52.0593 4568 C:\Windows\System32\netapi32.dll - ok
20:34:52.0617 4568 [ 44B9C66177651F3F53C87B665D58D17A ] C:\Windows\System32\vaultcli.dll
20:34:52.0617 4568 C:\Windows\System32\vaultcli.dll - ok
20:34:52.0634 4568 [ 6CECA4C6A489C9B2E6073AFDAAE3F607 ] C:\Windows\System32\netutils.dll
20:34:52.0634 4568 C:\Windows\System32\netutils.dll - ok
20:34:52.0651 4568 [ 3C91392D448F6E5D525A85B7550D8BA9 ] C:\Windows\System32\wkscli.dll
20:34:52.0651 4568 C:\Windows\System32\wkscli.dll - ok
20:34:52.0668 4568 [ FC51229C7D4AFA0D6F186133728B95AB ] C:\Windows\System32\samcli.dll
20:34:52.0668 4568 C:\Windows\System32\samcli.dll - ok
20:34:52.0688 4568 [ 08D8C5E32648D6E7976F0458545EA600 ] C:\Program Files\TOSHIBA\SmartFaceV\SmartFaceVCP.dll
20:34:52.0688 4568 C:\Program Files\TOSHIBA\SmartFaceV\SmartFaceVCP.dll - ok
20:34:52.0706 4568 [ D037BEA6039248D4DE0C5F361F19970D ] C:\Program Files\TOSHIBA\SmartFaceV\SmartFaceVHelper.dll
20:34:52.0706 4568 C:\Program Files\TOSHIBA\SmartFaceV\SmartFaceVHelper.dll - ok
20:34:52.0718 4568 [ 7AE92C896AF9ABFBDB18C1D055B6EBA7 ] C:\Windows\winsxs\amd64_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.4940_none_88df89932faf0bf6\msvcp80.dll
20:34:52.0718 4568 C:\Windows\winsxs\amd64_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.4940_none_88df89932faf0bf6\msvcp80.dll - ok
20:34:52.0733 4568 [ 06A754FE28A06F780A099703CFCAAA22 ] C:\Windows\winsxs\amd64_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.4940_none_88df89932faf0bf6\msvcr80.dll
20:34:52.0733 4568 C:\Windows\winsxs\amd64_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.4940_none_88df89932faf0bf6\msvcr80.dll - ok
20:34:52.0749 4568 [ 9AE75388EE2C110216B8319584E8AC34 ] C:\Program Files\TOSHIBA\SmartFaceV\SmartFaceVCtrl.dll
20:34:52.0749 4568 C:\Program Files\TOSHIBA\SmartFaceV\SmartFaceVCtrl.dll - ok
20:34:52.0764 4568 [ EF2AE43BCD46ABB13FC3E5B2B1935C73 ] C:\Windows\System32\winmm.dll
20:34:52.0764 4568 C:\Windows\System32\winmm.dll - ok
20:34:52.0778 4568 [ 2A9238A326763122424E07EF320D5D3A ] C:\Program Files\TOSHIBA\SmartFaceV\FaceRec.dll
20:34:52.0779 4568 C:\Program Files\TOSHIBA\SmartFaceV\FaceRec.dll - ok
20:34:52.0794 4568 [ 91175B7E997CFAC64F271A15B4217BC7 ] C:\Program Files\TOSHIBA\SmartFaceV\FaceHI.dll
20:34:52.0794 4568 C:\Program Files\TOSHIBA\SmartFaceV\FaceHI.dll - ok
20:34:52.0809 4568 [ A905E156A7D52B55892C3255670FE97B ] C:\Program Files\Microsoft Security Client\MsMpRes.dll
20:34:52.0809 4568 C:\Program Files\Microsoft Security Client\MsMpRes.dll - ok
20:34:52.0824 4568 [ 9C5BF3E0541B8A2F85DF1D642E495EE4 ] C:\Program Files\TOSHIBA\SmartFaceV\SmartFaceVLogOn.dll
20:34:52.0825 4568 C:\Program Files\TOSHIBA\SmartFaceV\SmartFaceVLogOn.dll - ok
20:34:52.0877 4568 [ 972C3301DB3DA91AE06A95F6B4160B1B ] C:\Windows\System32\certCredProvider.dll
20:34:52.0877 4568 C:\Windows\System32\certCredProvider.dll - ok
20:34:52.0887 4568 [ 032229246107C5C7211E6D1498B52D3D ] C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDCREDPROV.DLL
20:34:52.0887 4568 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDCREDPROV.DLL - ok
20:34:52.0899 4568 [ 87FA0C48C3B2E9FEE518818FE26B15B5 ] C:\Windows\System32\rasplap.dll
20:34:52.0900 4568 C:\Windows\System32\rasplap.dll - ok
20:34:52.0916 4568 [ 019CD868461B646E09BDF04474C19341 ] C:\Windows\System32\rasapi32.dll
20:34:52.0916 4568 C:\Windows\System32\rasapi32.dll - ok
20:34:52.0930 4568 [ B28DEEC597C8DEB70C744C7CF9210E3E ] C:\Windows\System32\rasman.dll
20:34:52.0931 4568 C:\Windows\System32\rasman.dll - ok
20:34:52.0945 4568 [ B53C4B69B695EDA1B7E41D35CA4244E2 ] C:\Windows\System32\rtutils.dll
20:34:52.0945 4568 C:\Windows\System32\rtutils.dll - ok
20:34:52.0960 4568 [ CF636C92B762B26F0B39B38E92380A09 ] C:\Windows\System32\oleacc.dll
20:34:52.0960 4568 C:\Windows\System32\oleacc.dll - ok
20:34:52.0975 4568 [ 019BDD35DE269CB98B22DE8923C2AA3B ] C:\Windows\System32\UIAutomationCore.dll
20:34:52.0976 4568 C:\Windows\System32\UIAutomationCore.dll - ok
20:34:53.0003 4568 [ 905601FFF40D8DA9FA82CBE77D1F5EB1 ] C:\Program Files\Microsoft Security Client\MpSvc.dll
20:34:53.0003 4568 C:\Program Files\Microsoft Security Client\MpSvc.dll - ok
20:34:53.0019 4568 [ 2D4230F2F1D204A523998DF93F9DF066 ] C:\Program Files\Microsoft Security Client\MpClient.dll
20:34:53.0019 4568 C:\Program Files\Microsoft Security Client\MpClient.dll - ok
20:34:53.0034 4568 [ 1F4492FE41767CDB8B89D17655847CDD ] C:\Windows\System32\ntmarta.dll
20:34:53.0035 4568 C:\Windows\System32\ntmarta.dll - ok
20:34:53.0050 4568 [ 9121C2E2507AD0BCBF9A7438051BEF34 ] C:\Program Files\Microsoft Security Client\EppManifest.dll
20:34:53.0051 4568 C:\Program Files\Microsoft Security Client\EppManifest.dll - ok
20:34:53.0067 4568 [ 2F2E91FD092811353C3BC968BEC274D8 ] C:\Windows\System32\atiesrxx.exe
20:34:53.0068 4568 C:\Windows\System32\atiesrxx.exe - ok
20:34:53.0083 4568 [ 2F034150ECCBC498C53B61F98C5378AC ] C:\Program Files\Microsoft Security Client\MpRTP.dll
20:34:53.0083 4568 C:\Program Files\Microsoft Security Client\MpRTP.dll - ok
20:34:53.0098 4568 [ C4C1947985144721A809965A19D616BC ] C:\Program Files\Microsoft Security Client\MsMpLics.dll
20:34:53.0098 4568 C:\Program Files\Microsoft Security Client\MsMpLics.dll - ok
20:34:53.0116 4568 [ F3D202F53A222D5F6944D459B73CF967 ] C:\Windows\System32\fltLib.dll
20:34:53.0116 4568 C:\Windows\System32\fltLib.dll - ok
20:34:53.0134 4568 [ F8A10560B35C66F9DE212F03DAD5BFA7 ] C:\Windows\System32\drivers\MpFilter.sys
20:34:53.0134 4568 C:\Windows\System32\drivers\MpFilter.sys - ok
20:34:53.0152 4568 [ 967BC3664DDC26959BD43A7B1681FF86 ] C:\Program Files\Microsoft Security Client\NisIpsPlugin.dll
20:34:53.0152 4568 C:\Program Files\Microsoft Security Client\NisIpsPlugin.dll - ok
20:34:53.0175 4568 [ 76A11F575782DBAE74F05B8796EF7F9D ] C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{B1AD65C3-89D0-4093-9CC1-B3FC82BB674A}\mpengine.dll
20:34:53.0176 4568 C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{B1AD65C3-89D0-4093-9CC1-B3FC82BB674A}\mpengine.dll - ok
20:34:53.0191 4568 [ 6011714C8C5C55CBFFAD24D61E879FBD ] C:\Windows\System32\wevtsvc.dll
20:34:53.0191 4568 C:\Windows\System32\wevtsvc.dll - ok
20:34:53.0206 4568 [ 5F28111C648F1E24F7DBC87CDEB091B8 ] C:\Windows\System32\netprofm.dll
20:34:53.0206 4568 C:\Windows\System32\netprofm.dll - ok
20:34:53.0221 4568 [ 588CD0C78A7FAAE4186B5EEA0AF3ED67 ] C:\Windows\System32\adtschema.dll
20:34:53.0221 4568 C:\Windows\System32\adtschema.dll - ok
20:34:53.0237 4568 [ F23FEF6D569FCE88671949894A8BECF1 ] C:\Windows\System32\audiosrv.dll
20:34:53.0237 4568 C:\Windows\System32\audiosrv.dll - ok
20:34:53.0260 4568 [ 78A1E65207484B7F8D3217507745F47C ] C:\Windows\System32\avrt.dll
20:34:53.0260 4568 C:\Windows\System32\avrt.dll - ok
20:34:53.0283 4568 [ 4FADA86E62F18A1B2F42BA18AE24E6AA ] C:\Windows\System32\wlansvc.dll
20:34:53.0284 4568 C:\Windows\System32\wlansvc.dll - ok
20:34:53.0301 4568 [ 50544D04AD845C43130B70212EC05CCD ] C:\Windows\System32\microsoft-windows-kernel-power-events.dll
20:34:53.0301 4568 C:\Windows\System32\microsoft-windows-kernel-power-events.dll - ok
20:34:53.0316 4568 [ DA6B67270FD9DB3697B20FCE94950741 ] C:\Windows\System32\drivers\fltMgr.sys
20:34:53.0316 4568 C:\Windows\System32\drivers\fltMgr.sys - ok
20:34:53.0331 4568 [ C4C183E6551084039EC862DA1C945E3D ] C:\Windows\System32\FntCache.dll
20:34:53.0332 4568 C:\Windows\System32\FntCache.dll - ok
20:34:53.0346 4568 [ 53E83F1F6CF9D62F32801CF66D8352A8 ] C:\Windows\System32\profsvc.dll
20:34:53.0346 4568 C:\Windows\System32\profsvc.dll - ok
20:34:53.0362 4568 [ A3DB3C17EE6CAE65D53602B4E80BCCBC ] C:\Windows\System32\PSHED.DLL
20:34:53.0362 4568 C:\Windows\System32\PSHED.DLL - ok
20:34:53.0394 4568 [ 54FFC9C8898113ACE189D4AA7199D2C1 ] C:\Windows\System32\MPSSVC.dll
20:34:53.0394 4568 C:\Windows\System32\MPSSVC.dll - ok
20:34:53.0411 4568 [ E40E80D0304A73E8D269F7141D77250B ] C:\Windows\System32\mmcss.dll
20:34:53.0411 4568 C:\Windows\System32\mmcss.dll - ok
20:34:53.0428 4568 [ 436EB2742ED35C1ED9DDCB83C9BCF68A ] C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{B1AD65C3-89D0-4093-9CC1-B3FC82BB674A}\mpasbase.vdm
20:34:53.0428 4568 C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{B1AD65C3-89D0-4093-9CC1-B3FC82BB674A}\mpasbase.vdm - ok
20:34:53.0445 4568 [ D5CCA1453B98A5801E6D5FF0FF89DC6C ] C:\Windows\System32\audiodg.exe
20:34:53.0445 4568 C:\Windows\System32\audiodg.exe - ok
20:34:53.0464 4568 [ B0945E538CF906BBDDC5A11C8EE868CC ] C:\Windows\System32\microsoft-windows-kernel-processor-power-events.dll
20:34:53.0464 4568 C:\Windows\System32\microsoft-windows-kernel-processor-power-events.dll - ok
20:34:53.0479 4568 [ 277BBC7E1AA1EE957F573A10ECA7EF3A ] C:\Windows\System32\gpsvc.dll
20:34:53.0479 4568 C:\Windows\System32\gpsvc.dll - ok
20:34:53.0494 4568 [ 1473768973453DE50DC738C2955FC4DD ] C:\Windows\System32\wdmaud.drv
20:34:53.0494 4568 C:\Windows\System32\wdmaud.drv - ok
20:34:53.0544 4568 [ 8560FFFC8EB3A806DCD4F82252CFC8C6 ] C:\Windows\System32\ksuser.dll
20:34:53.0544 4568 C:\Windows\System32\ksuser.dll - ok
20:34:53.0559 4568 [ DC220AE6F64819099F7EBD6F137E32E7 ] C:\Windows\System32\AudioSes.dll
20:34:53.0559 4568 C:\Windows\System32\AudioSes.dll - ok
20:34:53.0573 4568 [ 10AC5CE9F78DC281A1BBD9B8CC587B8A ] C:\Windows\System32\msacm32.dll
20:34:53.0574 4568 C:\Windows\System32\msacm32.dll - ok
20:34:53.0588 4568 [ 1B7C3A37362C7B2890168C5FC61C8D9B ] C:\Windows\System32\msacm32.drv
20:34:53.0589 4568 C:\Windows\System32\msacm32.drv - ok
20:34:53.0604 4568 [ 46BB91A169B9B31FF44EB04C48EC1D41 ] C:\Windows\System32\nlaapi.dll
20:34:53.0604 4568 C:\Windows\System32\nlaapi.dll - ok
20:34:53.0620 4568 [ 58775492FFD419248B08325E583C527F ] C:\Windows\System32\atl.dll
20:34:53.0620 4568 C:\Windows\System32\atl.dll - ok
20:34:53.0633 4568 [ CA2A0750ED830678997695FF61B04C30 ] C:\Windows\System32\midimap.dll
20:34:53.0633 4568 C:\Windows\System32\midimap.dll - ok
20:34:53.0663 4568 [ F0344071948D1A1FA732231785A0664C ] C:\Windows\System32\themeservice.dll
20:34:53.0663 4568 C:\Windows\System32\themeservice.dll - ok
20:34:53.0673 4568 [ A77BE7CB3222B4FB0AC6C71D1C2698D4 ] C:\Windows\System32\dsrole.dll
20:34:53.0673 4568 C:\Windows\System32\dsrole.dll - ok
20:34:53.0690 4568 [ 4166F82BE4D24938977DD1746BE9B8A0 ] C:\Windows\System32\es.dll
20:34:53.0690 4568 C:\Windows\System32\es.dll - ok
20:34:53.0706 4568 [ BE097F5BB10F9079FCEB2DC4E7E20F02 ] C:\Windows\System32\slc.dll
20:34:53.0706 4568 C:\Windows\System32\slc.dll - ok
20:34:53.0721 4568 [ 5EDBB34736DD7AC1A73CF8792A835E10 ] C:\Windows\System32\AudioEng.dll
20:34:53.0721 4568 C:\Windows\System32\AudioEng.dll - ok
20:34:53.0737 4568 [ C32AB8FA018EF34C0F113BD501436D21 ] C:\Windows\System32\Sens.dll
20:34:53.0738 4568 C:\Windows\System32\Sens.dll - ok
20:34:53.0754 4568 [ 1A47D52E303B7543E4E6026595B95422 ] C:\Windows\System32\comres.dll
20:34:53.0754 4568 C:\Windows\System32\comres.dll - ok
20:34:53.0771 4568 [ 9BC8610C32C96A2983A65DC21CAFA921 ] C:\Windows\System32\UXInit.dll
20:34:53.0771 4568 C:\Windows\System32\UXInit.dll - ok
20:34:53.0791 4568 [ 13EB517A22F8AE2E4A02718C163BA401 ] C:\Windows\System32\atieclxx.exe
20:34:53.0791 4568 C:\Windows\System32\atieclxx.exe - ok
20:34:53.0807 4568 [ EDBB23CBCF2CDF727D64FF9B51A6070E ] C:\Windows\System32\uxsms.dll
20:34:53.0808 4568 C:\Windows\System32\uxsms.dll - ok
20:34:53.0824 4568 [ C1395286B822E306B4FE1568A8A77813 ] C:\Windows\System32\AUDIOKSE.dll
20:34:53.0824 4568 C:\Windows\System32\AUDIOKSE.dll - ok
20:34:53.0839 4568 [ 1538831CF8AD2979A04C423779465827 ] C:\Windows\System32\drivers\lltdio.sys
20:34:53.0839 4568 C:\Windows\System32\drivers\lltdio.sys - ok
20:34:53.0852 4568 [ 1EA3749C4114DB3E3161156FFFFA6B33 ] C:\Windows\System32\drivers\nwifi.sys
20:34:53.0852 4568 C:\Windows\System32\drivers\nwifi.sys - ok
20:34:53.0868 4568 [ 136185F9FB2CC61E573E676AA5402356 ] C:\Windows\System32\drivers\ndisuio.sys
20:34:53.0868 4568 C:\Windows\System32\drivers\ndisuio.sys - ok
20:34:53.0884 4568 [ DDC86E4F8E7456261E637E3552E804FF ] C:\Windows\System32\drivers\rspndr.sys
20:34:53.0884 4568 C:\Windows\System32\drivers\rspndr.sys - ok
20:34:53.0917 4568 [ 3449B6738794D2234ED2C3FADA85D487 ] C:\Windows\System32\atiadlxx.dll
20:34:53.0917 4568 C:\Windows\System32\atiadlxx.dll - ok
20:34:53.0927 4568 [ F993A32249B66C9D622EA5592A8B76B8 ] C:\Windows\System32\lmhsvc.dll
20:34:53.0927 4568 C:\Windows\System32\lmhsvc.dll - ok
20:34:53.0941 4568 [ 706B9A55E4B1EDD2F6C2D7A1CF37E197 ] C:\Windows\System32\RtkAPO64.dll
20:34:53.0941 4568 C:\Windows\System32\RtkAPO64.dll - ok
20:34:53.0957 4568 [ 2B81776DA02017A37FE26C662827470E ] C:\Windows\System32\IPHLPAPI.DLL
20:34:53.0958 4568 C:\Windows\System32\IPHLPAPI.DLL - ok
20:34:53.0973 4568 [ D54BFDF3E0C953F823B3D0BFE4732528 ] C:\Windows\System32\nsisvc.dll
20:34:53.0974 4568 C:\Windows\System32\nsisvc.dll - ok
20:34:53.0988 4568 [ B73A6E4B319AFFE64582AC5C1801BB3F ] C:\Windows\System32\nrpsrv.dll
20:34:53.0989 4568 C:\Windows\System32\nrpsrv.dll - ok
20:34:54.0004 4568 [ 4C9210E8F4E052F6A4EB87716DA0C24C ] C:\Windows\System32\winnsi.dll
20:34:54.0004 4568 C:\Windows\System32\winnsi.dll - ok
20:34:54.0019 4568 [ 43D808F5D9E1A18E5EEB5EBC83969E4E ] C:\Windows\System32\dhcpcore.dll
20:34:54.0019 4568 C:\Windows\System32\dhcpcore.dll - ok
20:34:54.0038 4568 [ 3CC16A849E6092E43909F48EF0E60306 ] C:\Windows\System32\dhcpcore6.dll
20:34:54.0038 4568 C:\Windows\System32\dhcpcore6.dll - ok
20:34:54.0054 4568 [ B6C244055D019CAC3FE8298DAD973D6D ] C:\Windows\System32\atimuixx.dll
20:34:54.0054 4568 C:\Windows\System32\atimuixx.dll - ok
20:34:54.0066 4568 [ 16835866AAA693C7D7FCEBA8FFF706E4 ] C:\Windows\System32\dnsrslvr.dll
20:34:54.0067 4568 C:\Windows\System32\dnsrslvr.dll - ok
20:34:54.0082 4568 [ 5AA945234E9D4CCE4F715276B9AA712C ] C:\Windows\System32\imageres.dll
20:34:54.0083 4568 C:\Windows\System32\imageres.dll - ok
20:34:54.0098 4568 [ F9EC845C5EECF20E9A67F9F805F2EF1F ] C:\Windows\System32\keyiso.dll
20:34:54.0098 4568 C:\Windows\System32\keyiso.dll - ok
20:34:54.0113 4568 [ 87356377F31DA5F20A833811CD59499C ] C:\Windows\System32\eapphost.dll
20:34:54.0114 4568 C:\Windows\System32\eapphost.dll - ok
20:34:54.0128 4568 [ E2DDA8726DA9CB5B2C4000C9018A9633 ] C:\Windows\System32\eapsvc.dll
20:34:54.0128 4568 C:\Windows\System32\eapsvc.dll - ok
20:34:54.0160 4568 [ 0040C486584A8E582C861CFB57AB5387 ] C:\Windows\System32\FWPUCLNT.DLL
20:34:54.0160 4568 C:\Windows\System32\FWPUCLNT.DLL - ok
20:34:54.0175 4568 [ 9FCA3A84338ADEF2AFF67CDA46EF8539 ] C:\Windows\System32\umb.dll
20:34:54.0175 4568 C:\Windows\System32\umb.dll - ok
20:34:54.0185 4568 [ A648C4A06DE367065B24056D067B4460 ] C:\Windows\System32\wlanmsm.dll
20:34:54.0186 4568 C:\Windows\System32\wlanmsm.dll - ok
20:34:54.0203 4568 [ 06A1386B6E3A0CBC368665C1840906F4 ] C:\Windows\System32\wlansec.dll
20:34:54.0203 4568 C:\Windows\System32\wlansec.dll - ok
20:34:54.0219 4568 [ 885D0942E0F28DB90919BE3129ECF279 ] C:\Windows\System32\dnsext.dll
20:34:54.0219 4568 C:\Windows\System32\dnsext.dll - ok
20:34:54.0235 4568 [ 73FCB7919DEE80EE556F2E498594EBAE ] C:\Windows\System32\onex.dll
20:34:54.0235 4568 C:\Windows\System32\onex.dll - ok
20:34:54.0251 4568 [ F568F7C08458D69E4FCD8675BBB107E4 ] C:\Windows\System32\dhcpcsvc.dll
20:34:54.0251 4568 C:\Windows\System32\dhcpcsvc.dll - ok
20:34:54.0267 4568 [ 65522E77A1360DBC8D199DA3BF5EFFE4 ] C:\Windows\System32\eappprxy.dll
20:34:54.0267 4568 C:\Windows\System32\eappprxy.dll - ok
20:34:54.0316 4568 [ 3C06D5A929B798D0B13F6481242A0FD2 ] C:\Windows\System32\dhcpcsvc6.dll
20:34:54.0316 4568 C:\Windows\System32\dhcpcsvc6.dll - ok
20:34:54.0332 4568 [ 0D753307D274F3688BD21C377B616700 ] C:\Windows\System32\eappcfg.dll
20:34:54.0333 4568 C:\Windows\System32\eappcfg.dll - ok
20:34:54.0349 4568 [ 97E43F324BE1503CB2FFB058534688DA ] C:\Windows\System32\l2gpstore.dll
20:34:54.0349 4568 C:\Windows\System32\l2gpstore.dll - ok
20:34:54.0367 4568 [ 730BF204A595D5B6D7DC57A247CC741C ] C:\Windows\System32\wlgpclnt.dll
20:34:54.0367 4568 C:\Windows\System32\wlgpclnt.dll - ok
20:34:54.0384 4568 [ 7D5645EE0EA77D539828433D9B95F5EB ] C:\Windows\System32\WinSCard.dll
20:34:54.0384 4568 C:\Windows\System32\WinSCard.dll - ok
20:34:54.0400 4568 [ 7F1B4C6FF3B85F9ADF74055187B8A22C ] C:\Windows\System32\wlanutil.dll
20:34:54.0400 4568 C:\Windows\System32\wlanutil.dll - ok
20:34:54.0415 4568 [ 99B91C5D2FCEF218CAD3600ECB62A799 ] C:\Windows\System32\msxml6.dll
20:34:54.0415 4568 C:\Windows\System32\msxml6.dll - ok
20:34:54.0463 4568 [ ECAEC5FBBBEF8612AF0A866AFA5F7EF2 ] C:\Windows\System32\RTEEL64A.dll
20:34:54.0463 4568 C:\Windows\System32\RTEEL64A.dll - ok
20:34:54.0472 4568 [ A6286A6C7A1BBFCBA17AA54384A21D1C ] C:\Windows\System32\RTEED64A.dll
20:34:54.0473 4568 C:\Windows\System32\RTEED64A.dll - ok
20:34:54.0489 4568 [ AAF932B4011D14052955D4B212A4DA8D ] C:\Windows\System32\shsvcs.dll
20:34:54.0489 4568 C:\Windows\System32\shsvcs.dll - ok
20:34:54.0505 4568 [ 262F6592C3299C005FD6BEC90FC4463A ] C:\Windows\System32\schedsvc.dll
20:34:54.0505 4568 C:\Windows\System32\schedsvc.dll - ok
20:34:54.0522 4568 [ BC414631876B2F28B8DAB08E849C12C5 ] C:\Windows\System32\ktmw32.dll
20:34:54.0522 4568 C:\Windows\System32\ktmw32.dll - ok
20:34:54.0538 4568 [ 945E54F23C72D37B8CD1987AF0DB63BF ] C:\Windows\System32\fveapi.dll
20:34:54.0538 4568 C:\Windows\System32\fveapi.dll - ok
20:34:54.0549 4568 [ 891ECFD08E2C538B7948CBC45106D697 ] C:\Windows\System32\fvecerts.dll
20:34:54.0549 4568 C:\Windows\System32\fvecerts.dll - ok
20:34:54.0564 4568 [ 694865362F0965779F92BCFE97712323 ] C:\Windows\System32\tbs.dll
20:34:54.0565 4568 C:\Windows\System32\tbs.dll - ok
20:34:54.0601 4568 [ 6DC4A7242F565C9E9C9CCC7BB0FA75C7 ] C:\Windows\System32\taskcomp.dll
20:34:54.0601 4568 C:\Windows\System32\taskcomp.dll - ok
20:34:54.0617 4568 [ 82A27E52A96757803CCE2BB7793095EA ] C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{B1AD65C3-89D0-4093-9CC1-B3FC82BB674A}\mpasdlta.vdm
20:34:54.0617 4568 C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{B1AD65C3-89D0-4093-9CC1-B3FC82BB674A}\mpasdlta.vdm - ok
20:34:54.0633 4568 [ 8269210DAF3B12BC8300631B28A2A442 ] C:\Windows\System32\wiarpc.dll
20:34:54.0633 4568 C:\Windows\System32\wiarpc.dll - ok
20:34:54.0648 4568 [ 03706015DB44368375AEBE6339490E66 ] C:\Windows\System32\netcfgx.dll
20:34:54.0648 4568 C:\Windows\System32\netcfgx.dll - ok
20:34:54.0664 4568 [ 6A638FC4BFDDC4D9B186C28C91BD1A01 ] C:\Windows\System32\drivers\vwifimp.sys
20:34:54.0664 4568 C:\Windows\System32\drivers\vwifimp.sys - ok
20:34:54.0679 4568 [ 425800DD197C336EF1D6A3AC6428DEB3 ] C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{B1AD65C3-89D0-4093-9CC1-B3FC82BB674A}\mpavbase.vdm
20:34:54.0680 4568 C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{B1AD65C3-89D0-4093-9CC1-B3FC82BB674A}\mpavbase.vdm - ok
20:34:54.0695 4568 [ 0EA7DE1ACB728DD5A369FD742D6EEE28 ] C:\Windows\System32\drivers\http.sys
20:34:54.0695 4568 C:\Windows\System32\drivers\http.sys - ok
20:34:54.0721 4568 [ 85DAA09A98C9286D4EA2BA8D0E644377 ] C:\Windows\System32\spoolsv.exe
20:34:54.0721 4568 C:\Windows\System32\spoolsv.exe - ok
20:34:54.0739 4568 [ 82974D6A2FD19445CC5171FC378668A4 ] C:\Windows\System32\BFE.DLL
20:34:54.0739 4568 C:\Windows\System32\BFE.DLL - ok
20:34:54.0751 4568 [ 6C02A83164F5CC0A262F4199F0871CF5 ] C:\Windows\System32\drivers\bowser.sys
20:34:54.0751 4568 C:\Windows\System32\drivers\bowser.sys - ok
20:34:54.0767 4568 [ 6C38C9E45AE0EA2FA5E551F2ED5E978F ] C:\Windows\System32\drivers\mpsdrv.sys
20:34:54.0767 4568 C:\Windows\System32\drivers\mpsdrv.sys - ok
20:34:54.0792 4568 [ A5D9106A73DC88564C825D317CAC68AC ] C:\Windows\System32\drivers\mrxsmb.sys
20:34:54.0792 4568 C:\Windows\System32\drivers\mrxsmb.sys - ok
20:34:54.0810 4568 [ D711B3C1D5F42C0C2415687BE09FC163 ] C:\Windows\System32\drivers\mrxsmb10.sys
20:34:54.0810 4568 C:\Windows\System32\drivers\mrxsmb10.sys - ok
20:34:54.0831 4568 [ 9423E9D355C8D303E76B8CFBD8A5C30C ] C:\Windows\System32\drivers\mrxsmb20.sys
20:34:54.0831 4568 C:\Windows\System32\drivers\mrxsmb20.sys - ok
20:34:54.0848 4568 [ 851A1382EED3E3A7476DB004F4EE3E1A ] C:\Windows\System32\wkssvc.dll
20:34:54.0848 4568 C:\Windows\System32\wkssvc.dll - ok
20:34:54.0867 4568 [ 9C01375BE382E834CC26D1B7EAF2C4FE ] C:\Windows\System32\cryptsvc.dll
20:34:54.0867 4568 C:\Windows\System32\cryptsvc.dll - ok
20:34:54.0886 4568 [ B26F4F737E8F9DF4F31AF6CF31D05820 ] C:\Windows\System32\dps.dll
20:34:54.0886 4568 C:\Windows\System32\dps.dll - ok
20:34:54.0905 4568 [ 8792BAB371B4B1589E015B6FD1ED3B15 ] C:\Windows\System32\cryptnet.dll
20:34:54.0905 4568 C:\Windows\System32\cryptnet.dll - ok
20:34:54.0924 4568 [ 0E2F58F6E698EDCB9E58FAD0CBCD0567 ] C:\Windows\System32\vssapi.dll
20:34:54.0925 4568 C:\Windows\System32\vssapi.dll - ok
20:34:54.0942 4568 [ BAAFAF9CEAEC0B73C2A3550A01F6CECB ] C:\Windows\System32\taskschd.dll
20:34:54.0942 4568 C:\Windows\System32\taskschd.dll - ok
20:34:54.0959 4568 [ FCD84C381E0140AF901E58D48882D26B ] C:\Windows\System32\IKEEXT.DLL
20:34:54.0959 4568 C:\Windows\System32\IKEEXT.DLL - ok
20:34:54.0976 4568 [ 802496CB59A30349F9A6DD22D6947644 ] C:\Windows\System32\FDResPub.dll
20:34:54.0976 4568 C:\Windows\System32\FDResPub.dll - ok
20:34:54.0995 4568 [ F1B205F932F62F94506A5F332C895DAF ] C:\Windows\System32\WSDApi.dll
20:34:54.0995 4568 C:\Windows\System32\WSDApi.dll - ok
20:34:55.0018 4568 [ C55516D98DD5D8F0153C2A9B4227DA86 ] C:\Windows\System32\webservices.dll
20:34:55.0018 4568 C:\Windows\System32\webservices.dll - ok
20:34:55.0032 4568 [ 1ACAA67676E9E7BDA5E0C41B6E0DECAF ] C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
20:34:55.0033 4568 C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe - ok
20:34:55.0056 4568 [ E73B0F1819602CB6EF176FB78D76A47B ] C:\Windows\SysWOW64\ntdll.dll
20:34:55.0056 4568 C:\Windows\SysWOW64\ntdll.dll - ok
20:34:55.0072 4568 [ C67F8A962B2534224D5908D16D2AD3CE ] C:\Windows\System32\wfapigp.dll
20:34:55.0072 4568 C:\Windows\System32\wfapigp.dll - ok
20:34:55.0087 4568 [ 1834B31C749B86DAC233BBBA1C03BC48 ] C:\Windows\System32\mscms.dll
20:34:55.0087 4568 C:\Windows\System32\mscms.dll - ok
20:34:55.0103 4568 [ B5055B51BAA0FD0A736A88653DA3C1C0 ] C:\Windows\System32\fundisc.dll
20:34:55.0103 4568 C:\Windows\System32\fundisc.dll - ok
20:34:55.0119 4568 [ 77B5035BC6EDF4D1B6265391AECEE4C0 ] C:\Windows\System32\vpnikeapi.dll
20:34:55.0119 4568 C:\Windows\System32\vpnikeapi.dll - ok
20:34:55.0140 4568 [ 259EB5F7D95A29842B476C5B3EB6E186 ] C:\Windows\System32\wow64.dll
20:34:55.0140 4568 C:\Windows\System32\wow64.dll - ok
20:34:55.0157 4568 [ 5674E21E82CFBEA36DDAD5DB285D6DBC ] C:\Windows\System32\wow64win.dll
20:34:55.0157 4568 C:\Windows\System32\wow64win.dll - ok
20:34:55.0174 4568 [ 287923557447D7E4BDD7E65B1F0F5428 ] C:\Windows\System32\vsstrace.dll
20:34:55.0175 4568 C:\Windows\System32\vsstrace.dll - ok
20:34:55.0190 4568 [ 3EE3AA76D8AB6D5644C4C8F34471CEB3 ] C:\Windows\System32\wow64cpu.dll
20:34:55.0190 4568 C:\Windows\System32\wow64cpu.dll - ok
20:34:55.0206 4568 [ AC0B6F41882FC6ED186962D770EBF1D2 ] C:\Windows\SysWOW64\kernel32.dll
20:34:55.0206 4568 C:\Windows\SysWOW64\kernel32.dll - ok
20:34:55.0221 4568 [ 3AEAA8B561E63452C655DC0584922257 ] C:\Windows\System32\pcasvc.dll
20:34:55.0222 4568 C:\Windows\System32\pcasvc.dll - ok
20:34:55.0230 4568 [ 6313F223E817CC09AA41811DAA7F541D ] C:\Windows\System32\snmptrap.exe
20:34:55.0230 4568 C:\Windows\System32\snmptrap.exe - ok
20:34:55.0256 4568 [ 10EAB90C1AE8271B5FE5A8930987EE5C ] C:\Program Files\Windows Live\Mesh\WLRemoteServiceResource.dll
20:34:55.0256 4568 C:\Program Files\Windows Live\Mesh\WLRemoteServiceResource.dll - ok
20:34:55.0271 4568 [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB ] C:\Windows\System32\sstpsvc.dll
20:34:55.0271 4568 C:\Windows\System32\sstpsvc.dll - ok
20:34:55.0294 4568 [ 908ACB1F594274965A53926B10C81E89 ] C:\Windows\System32\provsvc.dll
20:34:55.0294 4568 C:\Windows\System32\provsvc.dll - ok
20:34:55.0310 4568 [ 58F4493BF748A3A89689997B7BD00E95 ] C:\Windows\System32\winhttp.dll
20:34:55.0311 4568 C:\Windows\System32\winhttp.dll - ok
20:34:55.0328 4568 [ 603EBD34E216C5654A2D774EAC98D278 ] C:\Windows\System32\webio.dll
20:34:55.0328 4568 C:\Windows\System32\webio.dll - ok
20:34:55.0343 4568 [ BCEA9AB347E53BC03B2E36BE0B8BA0EF ] C:\Windows\System32\httpapi.dll
20:34:55.0343 4568 C:\Windows\System32\httpapi.dll - ok
20:34:55.0363 4568 [ E954A79D6A754A5475582CACED1565E6 ] C:\Windows\SysWOW64\KernelBase.dll
20:34:55.0363 4568 C:\Windows\SysWOW64\KernelBase.dll - ok
20:34:55.0388 4568 [ 8624E0E2418413614EE1FECDB7B76B88 ] C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbam.dll
20:34:55.0388 4568 C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbam.dll - ok
20:34:55.0439 4568 [ 8CC3C111D653E96F3EA1590891491D71 ] C:\Windows\SysWOW64\shlwapi.dll
20:34:55.0439 4568 C:\Windows\SysWOW64\shlwapi.dll - ok
20:34:55.0456 4568 [ D6D3AD7BF1D6F6CE9547613ED5E170A2 ] C:\Windows\SysWOW64\gdi32.dll
20:34:55.0456 4568 C:\Windows\SysWOW64\gdi32.dll - ok
20:34:55.0471 4568 [ 5E0DB2D8B2750543CD2EBB9EA8E6CDD3 ] C:\Windows\SysWOW64\user32.dll
20:34:55.0471 4568 C:\Windows\SysWOW64\user32.dll - ok
20:34:55.0488 4568 [ 95E2376B3323F062EB562B8586D0F14A ] C:\Windows\SysWOW64\advapi32.dll
20:34:55.0488 4568 C:\Windows\SysWOW64\advapi32.dll - ok
20:34:55.0503 4568 [ 9DC80A8AAAAAC397BDAB3C67165A824E ] C:\Windows\SysWOW64\msvcrt.dll
20:34:55.0503 4568 C:\Windows\SysWOW64\msvcrt.dll - ok
20:34:55.0519 4568 [ CFC97F07904067A1E5FAE195D534DA3A ] C:\Windows\SysWOW64\sechost.dll
20:34:55.0519 4568 C:\Windows\SysWOW64\sechost.dll - ok
20:34:55.0536 4568 [ C5AD8083CF94201F1F8084ECC696A8B7 ] C:\Windows\SysWOW64\rpcrt4.dll
20:34:55.0536 4568 C:\Windows\SysWOW64\rpcrt4.dll - ok
20:34:55.0608 4568 [ F08F6FCD09F9BE94C37ACC1B344685FF ] C:\Windows\SysWOW64\cryptbase.dll
20:34:55.0608 4568 C:\Windows\SysWOW64\cryptbase.dll - ok
20:34:55.0624 4568 [ 384721EF4024890092625E20CADFAF85 ] C:\Windows\SysWOW64\lpk.dll
20:34:55.0625 4568 C:\Windows\SysWOW64\lpk.dll - ok
20:34:55.0640 4568 [ EDA7AD21DF8945528F01F0A86D69E524 ] C:\Windows\SysWOW64\sspicli.dll
20:34:55.0640 4568 C:\Windows\SysWOW64\sspicli.dll - ok
20:34:55.0657 4568 [ B7230010D97787AF3D25E4C82F2B06B9 ] C:\Windows\SysWOW64\usp10.dll
20:34:55.0657 4568 C:\Windows\SysWOW64\usp10.dll - ok
20:34:55.0673 4568 [ 29E9794708DF51DB5DC89FB2E903A0F6 ] C:\Windows\SysWOW64\shell32.dll
20:34:55.0674 4568 C:\Windows\SysWOW64\shell32.dll - ok
20:34:55.0689 4568 [ 702254574E7E52052DE39408457B7149 ] C:\Windows\SysWOW64\version.dll
20:34:55.0689 4568 C:\Windows\SysWOW64\version.dll - ok
20:34:55.0705 4568 [ D4467A285C91752018F67CDBA8680BAB ] C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamnet.dll
20:34:55.0705 4568 C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamnet.dll - ok
20:34:55.0737 4568 [ 60D21799A4AF4EDCE65FB98830E4B0C8 ] C:\Windows\SysWOW64\crypt32.dll
20:34:55.0737 4568 C:\Windows\SysWOW64\crypt32.dll - ok
20:34:55.0748 4568 [ A90DC9ABD65DB1A8902F361103029952 ] C:\Windows\SysWOW64\IPHLPAPI.DLL
20:34:55.0748 4568 C:\Windows\SysWOW64\IPHLPAPI.DLL - ok
20:34:55.0782 4568 [ 938F39B50BAFE13D6F58C7790682C010 ] C:\Windows\SysWOW64\msasn1.dll
20:34:55.0783 4568 C:\Windows\SysWOW64\msasn1.dll - ok
20:34:55.0801 4568 [ 6377051C63D5552A311935C67E9FDFDC ] C:\Windows\SysWOW64\nsi.dll
20:34:55.0801 4568 C:\Windows\SysWOW64\nsi.dll - ok
20:34:55.0816 4568 [ CFF35B879D1618D42C86644C717BA947 ] C:\Windows\SysWOW64\winnsi.dll
20:34:55.0817 4568 C:\Windows\SysWOW64\winnsi.dll - ok
20:34:55.0829 4568 [ 7FF15A4F092CD4A96055BA69F903E3E9 ] C:\Windows\SysWOW64\ws2_32.dll
20:34:55.0829 4568 C:\Windows\SysWOW64\ws2_32.dll - ok
20:34:55.0835 4568 [ D15618A0FF8DBC2C5BF3726BACC75A0B ] C:\Windows\SysWOW64\userenv.dll
20:34:55.0835 4568 C:\Windows\SysWOW64\userenv.dll - ok
20:34:55.0855 4568 [ 6A6B2EE4565A178035BE2A4FF6F2C968 ] C:\Windows\SysWOW64\wtsapi32.dll
20:34:55.0855 4568 C:\Windows\SysWOW64\wtsapi32.dll - ok
20:34:55.0865 4568 [ C733D233B623B7FFCE5031E4B756EE26 ] C:\Windows\SysWOW64\profapi.dll
20:34:55.0865 4568 C:\Windows\SysWOW64\profapi.dll - ok
20:34:55.0885 4568 [ A6F09E5669D9A19035F6D942CAA15882 ] C:\Windows\SysWOW64\imm32.dll
20:34:55.0885 4568 C:\Windows\SysWOW64\imm32.dll - ok
20:34:55.0905 4568 [ C9618BC9B2B0FD7C1138D8774795A79B ] C:\Windows\SysWOW64\msctf.dll
20:34:55.0905 4568 C:\Windows\SysWOW64\msctf.dll - ok
20:34:55.0925 4568 [ F10E5311E5093FA3C00FF88C54C32FCA ] C:\Windows\SysWOW64\atl.dll
20:34:55.0925 4568 C:\Windows\SysWOW64\atl.dll - ok
20:34:55.0946 4568 [ 03728C624D05C2F157BBD46F6B7F6EA0 ] C:\Windows\SysWOW64\wininet.dll
20:34:55.0946 4568 C:\Windows\SysWOW64\wininet.dll - ok
20:34:55.0964 4568 [ 73BDB1C0801D44BEA5F6749FD340CC0F ] C:\Windows\SysWOW64\iertutil.dll
20:34:55.0965 4568 C:\Windows\SysWOW64\iertutil.dll - ok
20:34:55.0990 4568 [ 180D098704551DE37C6299AA888D6821 ] C:\Windows\SysWOW64\urlmon.dll
20:34:55.0990 4568 C:\Windows\SysWOW64\urlmon.dll - ok
20:34:56.0000 4568 [ 928CF7268086631F54C3D8E17238C6DD ] C:\Windows\SysWOW64\ole32.dll
20:34:56.0000 4568 C:\Windows\SysWOW64\ole32.dll - ok
20:34:56.0021 4568 [ 6C765E82B57F2E66CE9C54AC238471D9 ] C:\Windows\SysWOW64\oleaut32.dll
20:34:56.0021 4568 C:\Windows\SysWOW64\oleaut32.dll - ok
20:34:56.0037 4568 [ D5AEFAD57C08349A4393D987DF7C715D ] C:\Windows\SysWOW64\winmm.dll
20:34:56.0037 4568 C:\Windows\SysWOW64\winmm.dll - ok
20:34:56.0049 4568 [ 7321F18D1F820612ED0E9F2D4B578A7E ] C:\Windows\SysWOW64\cryptsp.dll
20:34:56.0049 4568 C:\Windows\SysWOW64\cryptsp.dll - ok
20:34:56.0064 4568 [ 916B8954AC3E06DC9E898AFFB41F3FB6 ] C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
20:34:56.0065 4568 C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe - ok
20:34:56.0082 4568 [ ED8EC63F7522DF4852147C84EC62C36A ] C:\Windows\SysWOW64\rsaenh.dll
20:34:56.0082 4568 C:\Windows\SysWOW64\rsaenh.dll - ok
20:34:56.0098 4568 [ 4BE1DCAD76BE96D1EC887A41E570C404 ] C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamcore.dll
20:34:56.0098 4568 C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamcore.dll - ok
20:34:56.0118 4568 [ CA74F949EF96D1B829DB7B1B894AAF0C ] C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{B1AD65C3-89D0-4093-9CC1-B3FC82BB674A}\mpavdlta.vdm
20:34:56.0118 4568 C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{B1AD65C3-89D0-4093-9CC1-B3FC82BB674A}\mpavdlta.vdm - ok
20:34:56.0140 4568 [ B9A8CBCFCD3EC9D2EA4740AF347BF108 ] C:\Windows\SysWOW64\mpr.dll
20:34:56.0141 4568 C:\Windows\SysWOW64\mpr.dll - ok
20:34:56.0162 4568 [ 17448AF0BBA9E7AB5EC955AF93F271BD ] C:\Windows\SysWOW64\wintrust.dll
20:34:56.0165 4568 C:\Windows\SysWOW64\wintrust.dll - ok
20:34:56.0183 4568 [ A543AC1F7138376D778D630A35FCBC4C ] C:\Windows\SysWOW64\psapi.dll
20:34:56.0183 4568 C:\Windows\SysWOW64\psapi.dll - ok
20:34:56.0200 4568 [ 847D3AE376C0817161A14A82C8922A9E ] C:\Windows\System32\netman.dll
20:34:56.0200 4568 C:\Windows\System32\netman.dll - ok
20:34:56.0218 4568 [ 8AD77806D336673F270DB31645267293 ] C:\Windows\System32\nlasvc.dll
20:34:56.0219 4568 C:\Windows\System32\nlasvc.dll - ok
20:34:56.0230 4568 [ 1727B2A2F379A32B864C096FA794AADC ] C:\Windows\System32\aepic.dll
20:34:56.0231 4568 C:\Windows\System32\aepic.dll - ok
20:34:56.0249 4568 [ D4FAC263861BAE06971C7F7D0A8EBF15 ] C:\Windows\System32\ncsi.dll
20:34:56.0249 4568 C:\Windows\System32\ncsi.dll - ok
20:34:56.0264 4568 [ 2BBF3FDB70B8965DFA0258CBAB41ECCE ] C:\Windows\System32\ssdpapi.dll
20:34:56.0264 4568 C:\Windows\System32\ssdpapi.dll - ok
20:34:56.0288 4568 [ 68769C3356B3BE5D1C732C97B9A80D6E ] C:\Windows\System32\drivers\PEAuth.sys
20:34:56.0289 4568 C:\Windows\System32\drivers\PEAuth.sys - ok
20:34:56.0309 4568 [ C6DCD1D11ED6827F05C00773C3E7053C ] C:\Windows\System32\sfc.dll
20:34:56.0309 4568 C:\Windows\System32\sfc.dll - ok
20:34:56.0321 4568 [ 895C9AB0A855547445C4181195230757 ] C:\Windows\System32\sfc_os.dll
20:34:56.0321 4568 C:\Windows\System32\sfc_os.dll - ok
20:34:56.0337 4568 [ 3EA8A16169C26AFBEB544E0E48421186 ] C:\Windows\System32\drivers\secdrv.sys
20:34:56.0338 4568 C:\Windows\System32\drivers\secdrv.sys - ok
20:34:56.0359 4568 [ 27E461F0BE5BFF5FC737328F749538C3 ] C:\Windows\System32\drivers\srvnet.sys
20:34:56.0359 4568 C:\Windows\System32\drivers\srvnet.sys - ok
20:34:56.0372 4568 [ BC617A4E1B4FA8DF523A061739A0BD87 ] C:\Windows\System32\seclogon.dll
20:34:56.0373 4568 C:\Windows\System32\seclogon.dll - ok
20:34:56.0388 4568 [ BF9CCC0BF39B418C8D0AE8B05CF95B7D ] C:\Windows\System32\sysmain.dll
20:34:56.0389 4568 C:\Windows\System32\sysmain.dll - ok
20:34:56.0405 4568 [ 40F0849F65D13EE87B9A9AE3C1DD6823 ] C:\Windows\System32\tapisrv.dll
20:34:56.0406 4568 C:\Windows\System32\tapisrv.dll - ok
20:34:56.0422 4568 [ 8DD52E8E6128F4B2DA92CE27402871C1 ] C:\Windows\System32\wiaservc.dll
20:34:56.0423 4568 C:\Windows\System32\wiaservc.dll - ok
20:34:56.0440 4568 [ 1B16D0BD9841794A6E0CDE0CEF744ABC ] C:\Windows\System32\drivers\tcpipreg.sys
20:34:56.0440 4568 C:\Windows\System32\drivers\tcpipreg.sys - ok
20:34:56.0457 4568 [ 0B4734AE9EC70B843DF02E7B1C056377 ] C:\Windows\System32\ThpSrv.exe
20:34:56.0457 4568 C:\Windows\System32\ThpSrv.exe - ok
20:34:56.0473 4568 [ 0364256B4A2A93A8C8CDA6B3B5A0EFF5 ] C:\Windows\System32\wiatrace.dll
20:34:56.0473 4568 C:\Windows\System32\wiatrace.dll - ok
20:34:56.0517 4568 [ 8E2C799D3476EAC32C3BA0DF7CE6AF19 ] C:\Windows\System32\TODDSrv.exe
20:34:56.0517 4568 C:\Windows\System32\TODDSrv.exe - ok
20:34:56.0535 4568 [ 1C73689B900428C7D054A41C4687F55C ] C:\Program Files\TOSHIBA\Power Saver\TosCoSrv.exe
20:34:56.0535 4568 C:\Program Files\TOSHIBA\Power Saver\TosCoSrv.exe - ok
20:34:56.0553 4568 [ 3EAE925DCD7D2704982BBCA4DC7EAE7E ] C:\Program Files\TOSHIBA\Power Saver\TPwrReg.dll
20:34:56.0553 4568 C:\Program Files\TOSHIBA\Power Saver\TPwrReg.dll - ok
20:34:56.0571 4568 [ D1103CFC8D7EA09ED22536EC301603F9 ] C:\Program Files\TOSHIBA\Power Saver\TPwrFunc.dll
20:34:56.0571 4568 C:\Program Files\TOSHIBA\Power Saver\TPwrFunc.dll - ok
20:34:56.0589 4568 [ 210FCACAF902B2CD47CF9FD17D846146 ] C:\Windows\System32\aeevts.dll
20:34:56.0589 4568 C:\Windows\System32\aeevts.dll - ok
20:34:56.0606 4568 [ DF5246F51E8557E20D40B3641CAE57B7 ] C:\Program Files\TOSHIBA\Power Saver\TtosFunc.dll
20:34:56.0606 4568 C:\Program Files\TOSHIBA\Power Saver\TtosFunc.dll - ok
20:34:56.0622 4568 [ 0015ACFBBDD164A8A730009908868CA7 ] C:\Windows\System32\winspool.drv
20:34:56.0623 4568 C:\Windows\System32\winspool.drv - ok
20:34:56.0647 4568 [ 7E7AFD841694F6AC397E99D75CEAD49D ] C:\Windows\System32\trkwks.dll
20:34:56.0647 4568 C:\Windows\System32\trkwks.dll - ok
20:34:56.0663 4568 [ 19B07E7E8915D701225DA41CB3877306 ] C:\Windows\System32\wbem\WMIsvc.dll
20:34:56.0663 4568 C:\Windows\System32\wbem\WMIsvc.dll - ok
20:34:56.0678 4568 [ 2BACD71123F42CEA603F4E205E1AE337 ] C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
20:34:56.0678 4568 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE - ok
20:34:56.0695 4568 [ 7DB5AA22A8A8E5C2D335F44853C1F6DE ] C:\Windows\System32\wbemcomn.dll
20:34:56.0695 4568 C:\Windows\System32\wbemcomn.dll - ok
20:34:56.0710 4568 [ 0C52762C606BCF6A377D5E4688191A6B ] C:\Windows\System32\wbem\WmiDcPrv.dll
20:34:56.0710 4568 C:\Windows\System32\wbem\WmiDcPrv.dll - ok
20:34:56.0762 4568 [ A3F5E8EC1316C3E2562B82694A251C9E ] C:\Windows\System32\wbem\fastprox.dll
20:34:56.0762 4568 C:\Windows\System32\wbem\fastprox.dll - ok
20:34:56.0775 4568 [ 93812FDC01AA864195816CD814445F95 ] C:\Program Files\Common Files\Microsoft Shared\Windows Live\SQMAPI.DLL
20:34:56.0776 4568 C:\Program Files\Common Files\Microsoft Shared\Windows Live\SQMAPI.DLL - ok
20:34:56.0811 4568 [ B837D1528CE2E3CB79F09496BC08DDC6 ] C:\Windows\System32\SensApi.dll
20:34:56.0811 4568 C:\Windows\System32\SensApi.dll - ok
20:34:56.0834 4568 [ EE26D130808D16C0E417BBBED0451B34 ] C:\Windows\System32\ntdsapi.dll
20:34:56.0834 4568 C:\Windows\System32\ntdsapi.dll - ok
20:34:56.0854 4568 [ 0255C22D99602534F15CBB8D9B6F152F ] C:\Windows\System32\wbem\WinMgmtR.dll
20:34:56.0854 4568 C:\Windows\System32\wbem\WinMgmtR.dll - ok
20:34:56.0873 4568 [ 9689A9C7F7C2A1A423CDA2C3B43FFF65 ] C:\Windows\System32\wer.dll
20:34:56.0873 4568 C:\Windows\System32\wer.dll - ok
20:34:56.0890 4568 [ 666A60F6F5E719856FF6254E0966EFF7 ] C:\Windows\System32\wbem\wbemprox.dll
20:34:56.0890 4568 C:\Windows\System32\wbem\wbemprox.dll - ok
20:34:56.0910 4568 [ 08C2957BB30058E663720C5606885653 ] C:\Windows\System32\iphlpsvc.dll
20:34:56.0910 4568 C:\Windows\System32\iphlpsvc.dll - ok
20:34:56.0922 4568 [ 27B9E163740A226B65E4B9E186117911 ] C:\Windows\System32\sqmapi.dll
20:34:56.0922 4568 C:\Windows\System32\sqmapi.dll - ok
20:34:56.0950 4568 [ 7B38D7916A7CD058C16A0A6CA5077901 ] C:\Windows\System32\wdscore.dll
20:34:56.0950 4568 C:\Windows\System32\wdscore.dll - ok
20:34:56.0965 4568 [ B4ADEBBF5E3677CCE9651E0F01F7CC28 ] C:\Windows\System32\drivers\srv2.sys
20:34:56.0966 4568 C:\Windows\System32\drivers\srv2.sys - ok
20:34:56.0980 4568 [ EE867A0870FC9E4972BA9EAAD35651E2 ] C:\Windows\System32\rasmans.dll
20:34:56.0980 4568 C:\Windows\System32\rasmans.dll - ok
20:34:56.0995 4568 [ 441FBA48BFF01FDB9D5969EBC1838F0B ] C:\Windows\System32\drivers\srv.sys
20:34:56.0996 4568 C:\Windows\System32\drivers\srv.sys - ok
20:34:57.0018 4568 [ D9F42719019740BAA6D1C6D536CBDAA6 ] C:\Windows\System32\srvsvc.dll
20:34:57.0018 4568 C:\Windows\System32\srvsvc.dll - ok
20:34:57.0038 4568 [ 05F5A0D14A2EE1D8255C2AA0E9E8E694 ] C:\Windows\System32\browser.dll
20:34:57.0038 4568 C:\Windows\System32\browser.dll - ok
20:34:57.0090 4568 [ CFEFA40DDE34659BE5211966EAD86437 ] C:\Windows\System32\netmsg.dll
20:34:57.0090 4568 C:\Windows\System32\netmsg.dll - ok
20:34:57.0101 4568 [ 5EB55F661DEBF156E126160BCD4D89F8 ] C:\Windows\System32\wbem\wbemcore.dll
20:34:57.0102 4568 C:\Windows\System32\wbem\wbemcore.dll - ok
20:34:57.0117 4568 [ 087D8668C71634A3A3761135ABF16EEE ] C:\Windows\System32\wbem\esscli.dll
20:34:57.0117 4568 C:\Windows\System32\wbem\esscli.dll - ok
20:34:57.0133 4568 [ 718B6F51AB7F6FE2988A36868F9AD3AB ] C:\Windows\System32\wbem\wbemsvc.dll
20:34:57.0133 4568 C:\Windows\System32\wbem\wbemsvc.dll - ok
20:34:57.0148 4568 [ 44C96B48112EB24AE7764EBF1C527000 ] C:\Windows\System32\rastapi.dll
20:34:57.0148 4568 C:\Windows\System32\rastapi.dll - ok
20:34:57.0163 4568 [ FAFAE01E889DC9C05A6CA2138CFC220B ] C:\Windows\System32\tapi32.dll
20:34:57.0163 4568 C:\Windows\System32\tapi32.dll - ok
20:34:57.0178 4568 [ 079FD1D59EAD19270C979AF174D881A3 ] C:\ProgramData\Microsoft\IdentityCRL\production\ppcrlconfig600.dll
20:34:57.0178 4568 C:\ProgramData\Microsoft\IdentityCRL\production\ppcrlconfig600.dll - ok
20:34:57.0193 4568 [ 371948BC5911ABA06168FAC91ED25F06 ] C:\Windows\System32\msxml3.dll
20:34:57.0194 4568 C:\Windows\System32\msxml3.dll - ok
20:34:57.0240 4568 [ 0143DB80DACFB7C2B5B7009ED9063353 ] C:\Windows\System32\wbem\wmiutils.dll
20:34:57.0240 4568 C:\Windows\System32\wbem\wmiutils.dll - ok
20:34:57.0255 4568 [ 0AB34456654C283DAA13B8D2BA21439B ] C:\Windows\System32\wbem\repdrvfs.dll
20:34:57.0255 4568 C:\Windows\System32\wbem\repdrvfs.dll - ok
20:34:57.0270 4568 [ FF80CAD87555E8E4D2CFD7B9058343F8 ] C:\Windows\System32\sscore.dll
20:34:57.0270 4568 C:\Windows\System32\sscore.dll - ok
20:34:57.0279 4568 [ 81749E073AC5857B044A686B406E5244 ] C:\Windows\System32\clusapi.dll
20:34:57.0280 4568 C:\Windows\System32\clusapi.dll - ok
20:34:57.0297 4568 [ 344FCC9850C3A8A3B4D3C65151AF8E4C ] C:\Windows\System32\resutils.dll
20:34:57.0297 4568 C:\Windows\System32\resutils.dll - ok
20:34:57.0310 4568 [ 2A46FFE841EC43001D5A293A54DB34DE ] C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
20:34:57.0310 4568 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE - ok
20:34:57.0332 4568 [ D2A0FFA75AB181B19B5EB93BB29C7686 ] C:\Windows\System32\unimdm.tsp
20:34:57.0332 4568 C:\Windows\System32\unimdm.tsp - ok
20:34:57.0343 4568 [ 3B367397320C26DBA890B260F80D1B1B ] C:\Windows\System32\hnetcfg.dll
20:34:57.0343 4568 C:\Windows\System32\hnetcfg.dll - ok
20:34:57.0370 4568 [ DDD0357A92FA843EFF8915ED17253D6C ] C:\Windows\System32\wbem\WmiPrvSD.dll
20:34:57.0370 4568 C:\Windows\System32\wbem\WmiPrvSD.dll - ok
20:34:57.0393 4568 [ 94B7DF336815B47236724019FAB24B7C ] C:\Windows\System32\uniplat.dll
20:34:57.0393 4568 C:\Windows\System32\uniplat.dll - ok
20:34:57.0411 4568 [ D41FEBD098234F02485A4EA98D4730A4 ] C:\Windows\System32\ncobjapi.dll
20:34:57.0411 4568 C:\Windows\System32\ncobjapi.dll - ok
20:34:57.0429 4568 [ 7C1BAE7D23D4874FEE256A2B9C00E019 ] C:\Windows\System32\hidphone.tsp
20:34:57.0429 4568 C:\Windows\System32\hidphone.tsp - ok
20:34:57.0441 4568 [ 41326DD08ACC0CDC5F8177AF96C066E8 ] C:\Windows\System32\kmddsp.tsp
20:34:57.0441 4568 C:\Windows\System32\kmddsp.tsp - ok
20:34:57.0466 4568 [ 1D6BC2769DA66C1145F4DA5A65F52E61 ] C:\Windows\System32\ndptsp.tsp
20:34:57.0466 4568 C:\Windows\System32\ndptsp.tsp - ok
20:34:57.0491 4568 [ 6F40D6FB05E0C1E5402812B426971AF0 ] C:\Windows\System32\wbem\wbemess.dll
20:34:57.0491 4568 C:\Windows\System32\wbem\wbemess.dll - ok
20:34:57.0507 4568 [ AFB5B500AD69E24ED1BC15D1161641EF ] C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL
20:34:57.0507 4568 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL - ok
20:34:57.0523 4568 [ 88351B29B622B30962D2FEB6CA8D860B ] C:\Windows\System32\rasadhlp.dll
20:34:57.0523 4568 C:\Windows\System32\rasadhlp.dll - ok
20:34:57.0533 4568 [ A717A35120DBAB5AB707AB40662AF9DD ] C:\Windows\System32\rasppp.dll
20:34:57.0533 4568 C:\Windows\System32\rasppp.dll - ok
20:34:57.0549 4568 [ 45CFBFA8EDC3DF4E2B7FB0D0260FE051 ] C:\Windows\System32\localspl.dll
20:34:57.0549 4568 C:\Windows\System32\localspl.dll - ok
20:34:57.0564 4568 [ 0FE5CD5F9C9248F42D1EF56E495B182E ] C:\Windows\System32\vpnike.dll
20:34:57.0564 4568 C:\Windows\System32\vpnike.dll - ok
20:34:57.0579 4568 [ 6A84E68B538B8B04608BF2F0D426CE6F ] C:\Windows\System32\raschap.dll
20:34:57.0579 4568 C:\Windows\System32\raschap.dll - ok
20:34:57.0594 4568 [ 3285481F5C12305CA104A6C493CA5A0B ] C:\Windows\System32\spoolss.dll
20:34:57.0594 4568 C:\Windows\System32\spoolss.dll - ok
20:34:57.0611 4568 [ E3BF12C68F844E689D1A9D7E6B54742A ] C:\Program Files\Microsoft Security Client\MpAsDesc.dll
20:34:57.0611 4568 C:\Program Files\Microsoft Security Client\MpAsDesc.dll - ok
20:34:57.0626 4568 [ C5AC93CF3BA30D367FB49148A2B673B9 ] C:\Windows\System32\PrintIsolationProxy.dll
20:34:57.0627 4568 C:\Windows\System32\PrintIsolationProxy.dll - ok
20:34:57.0642 4568 [ 0BEB0C931BC24F610EE87179F31A8A42 ] C:\Program Files\Microsoft Security Client\MpCmdRun.exe
20:34:57.0643 4568 C:\Program Files\Microsoft Security Client\MpCmdRun.exe - ok
20:34:57.0657 4568 [ B95F6501A2F8B2E78C697FEC401970CE ] C:\Windows\System32\ipnathlp.dll
20:34:57.0657 4568 C:\Windows\System32\ipnathlp.dll - ok
20:34:57.0672 4568 [ 2DF29664ED261F0FC448E58F338F0671 ] C:\Windows\System32\mprapi.dll
20:34:57.0672 4568 C:\Windows\System32\mprapi.dll - ok
20:34:57.0688 4568 [ A42F2C1EB3B66C54FB3C7B79D30C1A6D ] C:\Windows\System32\netshell.dll
20:34:57.0688 4568 C:\Windows\System32\netshell.dll - ok
20:34:57.0703 4568 [ 218A400108F280428FA22282D3268BBC ] C:\Windows\System32\wscapi.dll
20:34:57.0703 4568 C:\Windows\System32\wscapi.dll - ok
20:34:57.0727 4568 [ 1BCDB508143B517F21BBDAC10F5777BF ] C:\Windows\System32\conhost.exe
20:34:57.0728 4568 C:\Windows\System32\conhost.exe - ok
20:34:57.0743 4568 [ FA43D418BC945D27D0625B697B8442B5 ] C:\Windows\System32\cabinet.dll
20:34:57.0743 4568 C:\Windows\System32\cabinet.dll - ok
20:34:57.0781 4568 [ 5F552F1DD619482E9F37A17914B0B5CD ] C:\Windows\System32\KMPJL64.DLL
20:34:57.0781 4568 C:\Windows\System32\KMPJL64.DLL - ok
20:34:57.0798 4568 [ 19E41CCCEE697CC9465396B370929792 ] C:\Windows\System32\FXSMON.dll
20:34:57.0799 4568 C:\Windows\System32\FXSMON.dll - ok
20:34:57.0815 4568 [ 32A3C8600AF124CBAAD845F13CFAE3CB ] C:\Windows\System32\tcpmon.dll
20:34:57.0816 4568 C:\Windows\System32\tcpmon.dll - ok
20:34:57.0833 4568 [ 92E0508D924512F63FFEEFE498CBD11F ] C:\Windows\System32\p2pcollab.dll
20:34:57.0833 4568 C:\Windows\System32\p2pcollab.dll - ok
20:34:57.0853 4568 [ 93518C6EDE0B61BCBD02BDB02BD05FEE ] C:\Windows\System32\snmpapi.dll
20:34:57.0854 4568 C:\Windows\System32\snmpapi.dll - ok
20:34:57.0868 4568 [ FFF9D00CF16397C64317F213484F94BD ] C:\Windows\System32\wsnmp32.dll
20:34:57.0868 4568 C:\Windows\System32\wsnmp32.dll - ok
20:34:57.0884 4568 [ 582AC6D9873E31DFA28A4547270862DD ] C:\Windows\System32\QAGENTRT.DLL
20:34:57.0884 4568 C:\Windows\System32\QAGENTRT.DLL - ok
20:34:57.0899 4568 [ DF72A9936D0C3F517083119648814B09 ] C:\Windows\System32\usbmon.dll
20:34:57.0899 4568 C:\Windows\System32\usbmon.dll - ok
20:34:57.0914 4568 [ A1D7E3ADCDB07DDB6F423862DCB1A52B ] C:\Windows\System32\WSDMon.dll
20:34:57.0915 4568 C:\Windows\System32\WSDMon.dll - ok
20:34:57.0929 4568 [ 4581716B4BF76ACFD8E167EB0B26D82A ] C:\Windows\System32\fdPnp.dll
20:34:57.0930 4568 C:\Windows\System32\fdPnp.dll - ok
20:34:57.0945 4568 [ 1D626FE2E13C1CE49CA0136CFF214E93 ] C:\Windows\System32\spool\prtprocs\x64\winprint.dll
20:34:57.0945 4568 C:\Windows\System32\spool\prtprocs\x64\winprint.dll - ok
20:34:57.0967 4568 [ 0353B239C28B0E9EBC7FA3D1F6181661 ] C:\Windows\System32\win32spl.dll
20:34:57.0967 4568 C:\Windows\System32\win32spl.dll - ok
20:34:57.0984 4568 [ 506A83A3BEEE9FCA09F0170DE9FC7D1B ] C:\Windows\System32\fveui.dll
20:34:57.0984 4568 C:\Windows\System32\fveui.dll - ok
20:34:57.0998 4568 [ 507D5567A0A4EE86C4B0CE2CE1777025 ] C:\Windows\System32\inetpp.dll
20:34:57.0999 4568 C:\Windows\System32\inetpp.dll - ok
20:34:58.0015 4568 [ A8EDB86FC2A4D6D1285E4C70384AC35A ] C:\Windows\System32\dllhost.exe
20:34:58.0016 4568 C:\Windows\System32\dllhost.exe - ok
20:34:58.0027 4568 [ 14DFDEAF4E589ED3F1FF187A86B9408C ] C:\Windows\winsxs\amd64_microsoft.windows.common-controls_6595b64144ccf1df_5.82.7601.17514_none_a4d6a923711520a9\comctl32.dll
20:34:58.0027 4568 C:\Windows\winsxs\amd64_microsoft.windows.common-controls_6595b64144ccf1df_5.82.7601.17514_none_a4d6a923711520a9\comctl32.dll - ok
20:34:58.0037 4568 [ 577D0DC85524A16FE29D7956B22974C4 ] C:\Program Files\Microsoft Security Client\MsseWat.dll
20:34:58.0037 4568 C:\Program Files\Microsoft Security Client\MsseWat.dll - ok
20:34:58.0052 4568 [ A0A2C1D812C231C9BFE119FDC68E341B ] C:\Windows\System32\IDStore.dll
20:34:58.0053 4568 C:\Windows\System32\IDStore.dll - ok
20:34:58.0068 4568 [ B6D6886149573278CBA6ABD44C4317F5 ] C:\Windows\System32\slwga.dll
20:34:58.0068 4568 C:\Windows\System32\slwga.dll - ok
20:34:58.0091 4568 [ DB76DB15EFC6E4D1153A6C5BC895948D ] C:\Windows\System32\sppc.dll
20:34:58.0091 4568 C:\Windows\System32\sppc.dll - ok
20:34:58.0108 4568 [ 1BF0CB861A48FEB1638228760750F3CB ] C:\Windows\System32\cscapi.dll
20:34:58.0108 4568 C:\Windows\System32\cscapi.dll - ok
20:34:58.0123 4568 [ BF1FC3F79B863C914687A737C2F3D681 ] C:\Windows\System32\wdi.dll
20:34:58.0124 4568 C:\Windows\System32\wdi.dll - ok
20:34:58.0140 4568 [ 639774C9ACD063F028F6084ABF5593AD ] C:\Windows\System32\taskhost.exe
20:34:58.0140 4568 C:\Windows\System32\taskhost.exe - ok
20:34:58.0156 4568 [ 162100E0BC8377710F9D170631921C03 ] C:\Windows\System32\drivers\NisDrvWFP.sys
20:34:58.0156 4568 C:\Windows\System32\drivers\NisDrvWFP.sys - ok
20:34:58.0172 4568 [ D8DAD1E59B580BE2F5C079BCCE33EA96 ] C:\Windows\System32\KBDKOR.DLL
20:34:58.0172 4568 C:\Windows\System32\KBDKOR.DLL - ok
20:34:58.0188 4568 [ 4F5A3681A762FBCCC5A02D2DB3A04A79 ] C:\Windows\System32\kbd101a.dll
20:34:58.0188 4568 C:\Windows\System32\kbd101a.dll - ok
20:34:58.0206 4568 [ 06F85BA017A3D9B955AC7A00525ACF6B ] C:\Windows\System32\kbd103.dll
20:34:58.0206 4568 C:\Windows\System32\kbd103.dll - ok
20:34:58.0218 4568 [ C6E15F2F95F9C0A6098D43510B604E52 ] C:\Program Files\Microsoft Security Client\NisSrv.exe
20:34:58.0218 4568 C:\Program Files\Microsoft Security Client\NisSrv.exe - ok
20:34:58.0235 4568 [ F7073C962C4FB7C415565DDE109DE49F ] C:\Windows\System32\npmproxy.dll
20:34:58.0235 4568 C:\Windows\System32\npmproxy.dll - ok
20:34:58.0250 4568 [ 65EA57712340C09B1B0C427B4848AE05 ] C:\Windows\System32\taskeng.exe
20:34:58.0250 4568 C:\Windows\System32\taskeng.exe - ok
20:34:58.0266 4568 [ 23566F9723771108D2E6CD768AC27407 ] C:\Windows\System32\AtBroker.exe
20:34:58.0266 4568 C:\Windows\System32\AtBroker.exe - ok
20:34:58.0283 4568 [ 6BF27D309C6077F1E8A7747B49F7B17F ] C:\Program Files\Microsoft Security Client\NisLog.dll
20:34:58.0284 4568 C:\Program Files\Microsoft Security Client\NisLog.dll - ok
20:34:58.0294 4568 [ 79AFFC7FEEA9CD2FEFEA5EF3B631A02C ] C:\Windows\System32\ndiscapCfg.dll
20:34:58.0294 4568 C:\Windows\System32\ndiscapCfg.dll - ok
20:34:58.0309 4568 [ 1CF21800E337F4039AAD4C94B4280EE4 ] C:\Windows\System32\mprmsg.dll
20:34:58.0309 4568 C:\Windows\System32\mprmsg.dll - ok
20:34:58.0342 4568 [ 3D6AF45673C4B31CDECD7F80AF09D443 ] C:\Windows\System32\rascfg.dll
20:34:58.0342 4568 C:\Windows\System32\rascfg.dll - ok
20:34:58.0369 4568 [ 6CEF7856A3EFAC59470F6208F0F585CE ] C:\Windows\System32\mpr.dll
20:34:58.0369 4568 C:\Windows\System32\mpr.dll - ok
20:34:58.0410 4568 [ 58A0CDABEA255616827B1C22C9994466 ] C:\Windows\System32\NapiNSP.dll
20:34:58.0410 4568 C:\Windows\System32\NapiNSP.dll - ok
20:34:58.0433 4568 [ 55DE45B116711881C852D2841E4C84DD ] C:\Windows\System32\tcpipcfg.dll
20:34:58.0433 4568 C:\Windows\System32\tcpipcfg.dll - ok
20:34:58.0451 4568 [ 9BB99503D6A4DD62569EDE9E5E2672A5 ] C:\Windows\System32\HotStartUserAgent.dll
20:34:58.0451 4568 C:\Windows\System32\HotStartUserAgent.dll - ok
20:34:58.0469 4568 [ 94EEAC26F57811BD1AEFC164412F7FCE ] C:\Windows\System32\PlaySndSrv.dll
20:34:58.0470 4568 C:\Windows\System32\PlaySndSrv.dll - ok
20:34:58.0480 4568 [ 613C8CE10A5FDE582BA5FA64C4D56AAA ] C:\Windows\System32\pnrpnsp.dll
20:34:58.0480 4568 C:\Windows\System32\pnrpnsp.dll - ok
20:34:58.0508 4568 [ BAFE84E637BF7388C96EF48D4D3FDD53 ] C:\Windows\System32\userinit.exe
20:34:58.0508 4568 C:\Windows\System32\userinit.exe - ok
20:34:58.0561 4568 [ 1F1CA9E99DD5BF918BE0BF30B5A42FDA ] C:\Windows\System32\MsCtfMonitor.dll
20:34:58.0561 4568 C:\Windows\System32\MsCtfMonitor.dll - ok
20:34:58.0586 4568 [ F09A9A1AD21FE618C4C8B0A0D830C886 ] C:\Windows\System32\msutb.dll
20:34:58.0586 4568 C:\Windows\System32\msutb.dll - ok
20:34:58.0601 4568 [ 0EBB390B7AEEC45EC061D9870A34FD42 ] C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{B1AD65C3-89D0-4093-9CC1-B3FC82BB674A}\MpKslb5551029.sys
20:34:58.0601 4568 C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{B1AD65C3-89D0-4093-9CC1-B3FC82BB674A}\MpKslb5551029.sys - ok
20:34:58.0622 4568 [ F162D5F5E845B9DC352DD1BAD8CEF1BC ] C:\Windows\System32\dwm.exe
20:34:58.0622 4568 C:\Windows\System32\dwm.exe - ok
20:34:58.0638 4568 [ F11A57E91FDAECFB41A5CB21EB1EBC8E ] C:\Windows\System32\dssenh.dll
20:34:58.0638 4568 C:\Windows\System32\dssenh.dll - ok
20:34:58.0656 4568 [ 4B78B431F225FD8624C5655CB1DE7B61 ] C:\Windows\System32\aelupsvc.dll
20:34:58.0656 4568 C:\Windows\System32\aelupsvc.dll - ok
20:34:58.0672 4568 [ BD9EB3958F213F96B97B1D897DEE006D ] C:\Windows\System32\hidserv.dll
20:34:58.0672 4568 C:\Windows\System32\hidserv.dll - ok
20:34:58.0689 4568 [ 4449D23E8F197862F1B16F1E6C89C36C ] C:\Windows\System32\diagperf.dll
20:34:58.0689 4568 C:\Windows\System32\diagperf.dll - ok
20:34:58.0705 4568 [ FCFCD1101C5DA23B4B95F93D02B2C169 ] C:\Windows\System32\dwmredir.dll
20:34:58.0705 4568 C:\Windows\System32\dwmredir.dll - ok
20:34:58.0730 4568 [ 93221146D4EBBF314C29B23CD6CC391D ] C:\Windows\System32\wpdbusenum.dll
20:34:58.0731 4568 C:\Windows\System32\wpdbusenum.dll - ok
20:34:58.0745 4568 [ 332FEAB1435662FC6C672E25BEB37BE3 ] C:\Windows\explorer.exe
20:34:58.0746 4568 C:\Windows\explorer.exe - ok
20:34:58.0762 4568 [ BF4AC709BE5BF64F331F5D67773A0C82 ] C:\Windows\System32\perftrack.dll
20:34:58.0762 4568 C:\Windows\System32\perftrack.dll - ok
20:34:58.0781 4568 [ 4BA77A5EF71C14C764B0ED4701683E3E ] C:\Windows\System32\dwmcore.dll
20:34:58.0781 4568 C:\Windows\System32\dwmcore.dll - ok
20:34:58.0796 4568 [ 9719E3D834F5C8C43F56A93DFA497023 ] C:\Windows\System32\pnpts.dll
20:34:58.0796 4568 C:\Windows\System32\pnpts.dll - ok
20:34:58.0813 4568 [ E64D9EC8018C55873B40FDEE9DBEF5B3 ] C:\Windows\System32\PortableDeviceApi.dll
20:34:58.0813 4568 C:\Windows\System32\PortableDeviceApi.dll - ok
20:34:58.0822 4568 [ E811F8510B133E70CF6E509FB809824F ] C:\Windows\System32\wdiasqmmodule.dll
20:34:58.0823 4568 C:\Windows\System32\wdiasqmmodule.dll - ok
20:34:58.0838 4568 [ E1B22739C933BE33F53DB58C5393ADD3 ] C:\Windows\System32\Apphlpdm.dll
20:34:58.0838 4568 C:\Windows\System32\Apphlpdm.dll - ok
20:34:58.0854 4568 [ AFA79C343F9D1555F7E5D5FA70BB2A14 ] C:\Windows\System32\PortableDeviceConnectApi.dll
20:34:58.0854 4568 C:\Windows\System32\PortableDeviceConnectApi.dll - ok
20:34:58.0869 4568 [ EED05D42D91835064703E2318552ED25 ] C:\Windows\System32\ExplorerFrame.dll
20:34:58.0869 4568 C:\Windows\System32\ExplorerFrame.dll - ok
20:34:58.0884 4568 [ 4F15D75ADF6156BF56ECED6D4A55C389 ] C:\Windows\System32\IPSECSVC.DLL
20:34:58.0884 4568 C:\Windows\System32\IPSECSVC.DLL - ok
20:34:58.0908 4568 [ 9AE80F6A66B30E3ED8CDF858CF28B11B ] C:\Windows\System32\d3d10_1.dll
20:34:58.0908 4568 C:\Windows\System32\d3d10_1.dll - ok
20:34:58.0923 4568 [ 9BC93C9ACFA34DB5A41B89357B31E4ED ] C:\Windows\System32\FwRemoteSvr.dll
20:34:58.0923 4568 C:\Windows\System32\FwRemoteSvr.dll - ok
20:34:58.0938 4568 [ 63F72417CA38D8FC8F53709649B589E3 ] C:\Windows\System32\d3d10_1core.dll
20:34:58.0939 4568 C:\Windows\System32\d3d10_1core.dll - ok
20:34:58.0954 4568 [ 8DFB5752FCE145A6B295093C0A8BE131 ] C:\Windows\System32\dxgi.dll
20:34:58.0954 4568 C:\Windows\System32\dxgi.dll - ok
20:34:58.0966 4568 [ 448B02AD260EC3E1E892FCE6DFDDEEBD ] C:\Windows\System32\d3d11.dll
20:34:58.0966 4568 C:\Windows\System32\d3d11.dll - ok
20:34:58.0980 4568 [ 024352FEEC9042260BB4CFB4D79A206B ] C:\Windows\System32\EhStorShell.dll
20:34:58.0981 4568 C:\Windows\System32\EhStorShell.dll - ok
20:34:58.0996 4568 [ 805A52C5AE26C28E88FDD9BCCFE6F312 ] C:\Windows\System32\TSChannel.dll
20:34:58.0996 4568 C:\Windows\System32\TSChannel.dll - ok
20:34:59.0013 4568 [ 037A719DAD50603202C978CD802623E4 ] C:\Windows\System32\ntshrui.dll
20:34:59.0013 4568 C:\Windows\System32\ntshrui.dll - ok
20:34:59.0031 4568 [ F02A533F517EB38333CB12A9E8963773 ] C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
20:34:59.0031 4568 C:\Program Files (x86)\Google\Update\GoogleUpdate.exe - ok
20:34:59.0047 4568 [ 1D63F4366288B8A7595397E27010FD44 ] C:\Windows\System32\IconCodecService.dll
20:34:59.0047 4568 C:\Windows\System32\IconCodecService.dll - ok
20:34:59.0064 4568 [ B4AC3953C16443158DCA772F187DF92C ] C:\Windows\System32\aticfx64.dll
20:34:59.0065 4568 C:\Windows\System32\aticfx64.dll - ok
20:34:59.0074 4568 [ 9E8CFD920F2D542FA9FE9FBD142C2B0A ] C:\Windows\System32\atidxx64.dll
20:34:59.0075 4568 C:\Windows\System32\atidxx64.dll - ok
20:34:59.0090 4568 [ 1D8FF340333F3D023668467574523FCF ] C:\Windows\System32\atiuxp64.dll
20:34:59.0090 4568 C:\Windows\System32\atiuxp64.dll - ok
20:34:59.0106 4568 [ 3977D4A871CA0D4F2ED1E7DB46829731 ] C:\Windows\System32\appinfo.dll
20:34:59.0106 4568 C:\Windows\System32\appinfo.dll - ok
20:34:59.0126 4568 [ 20C7F2ADAE249D6708941BC8CDD9735F ] C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{6671647A-D593-488C-A849-D3C86E0F9E6F}\gapaengine.dll
20:34:59.0126 4568 C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{6671647A-D593-488C-A849-D3C86E0F9E6F}\gapaengine.dll - ok
20:34:59.0157 4568 [ 7B31FB7DA69A72C03637BD8A2B2111CE ] C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{6671647A-D593-488C-A849-D3C86E0F9E6F}\nisfull.vdm
20:34:59.0158 4568 C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{6671647A-D593-488C-A849-D3C86E0F9E6F}\nisfull.vdm - ok
20:34:59.0176 4568 [ 46863C4CC5B68EB09EA2D5EEF0F1193A ] C:\Windows\System32\radardt.dll
20:34:59.0176 4568 C:\Windows\System32\radardt.dll - ok
20:34:59.0197 4568 [ 49E5753D923F1AC63B22D3DCB0B47E00 ] C:\Windows\System32\uDWM.dll
20:34:59.0197 4568 C:\Windows\System32\uDWM.dll - ok
20:34:59.0214 4568 [ 2E2072EB48238FCA8FBB7A9F5FABAC45 ] C:\Windows\System32\winrnr.dll
20:34:59.0215 4568 C:\Windows\System32\winrnr.dll - ok
20:34:59.0232 4568 [ FEB91B4DA0D540865260A33838654FA3 ] C:\Windows\System32\nci.dll
20:34:59.0232 4568 C:\Windows\System32\nci.dll - ok
20:34:59.0249 4568 [ AC0C9CEA1218DAB1994AF8B28E680BD9 ] C:\Windows\System32\wlaninst.dll
20:34:59.0249 4568 C:\Windows\System32\wlaninst.dll - ok
20:34:59.0267 4568 [ 5A406C9C8E0880D3EABADC5DFD1ACDAE ] C:\Windows\System32\wwaninst.dll
20:34:59.0268 4568 C:\Windows\System32\wwaninst.dll - ok
20:34:59.0285 4568 [ 025E7DBDB98866ED3CB2D4DDA70B364D ] C:\Windows\System32\runonce.exe
20:34:59.0285 4568 C:\Windows\System32\runonce.exe - ok
20:34:59.0303 4568 [ DD81D91FF3B0763C392422865C9AC12E ] C:\Windows\System32\rundll32.exe
20:34:59.0303 4568 C:\Windows\System32\rundll32.exe - ok
20:34:59.0321 4568 [ E629F1A051C82795DDFFD3E8D4855811 ] C:\Windows\System32\dimsjob.dll
20:34:59.0321 4568 C:\Windows\System32\dimsjob.dll - ok
20:34:59.0346 4568 [ E6F0F82788E8BD0F7A616350EFA0761C ] C:\Windows\System32\actxprxy.dll
20:34:59.0347 4568 C:\Windows\System32\actxprxy.dll - ok
20:34:59.0364 4568 [ 2E5672EEA419A4DC9DACD714632E1DC3 ] C:\Program Files (x86)\Google\Update\1.3.21.135\goopdate.dll
20:34:59.0365 4568 C:\Program Files (x86)\Google\Update\1.3.21.135\goopdate.dll - ok
20:34:59.0383 4568 [ 2FCA0D2C59A855C54BAFA22AA329DF0F ] C:\Windows\SysWOW64\netapi32.dll
20:34:59.0383 4568 C:\Windows\SysWOW64\netapi32.dll - ok
20:34:59.0400 4568 [ 20B3934DB73EABA2B49B7177873CB81F ] C:\Windows\SysWOW64\netutils.dll
20:34:59.0400 4568 C:\Windows\SysWOW64\netutils.dll - ok
20:34:59.0415 4568 [ 5CCDCD40E732D54E0F7451AC66AC1C87 ] C:\Windows\SysWOW64\srvcli.dll
20:34:59.0415 4568 C:\Windows\SysWOW64\srvcli.dll - ok
20:34:59.0432 4568 [ E5A4A1326A02F8E7B59E6C3270CE7202 ] C:\Windows\SysWOW64\wkscli.dll
20:34:59.0432 4568 C:\Windows\SysWOW64\wkscli.dll - ok
20:34:59.0459 4568 [ 352B3DC62A0D259A82A052238425C872 ] C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2\comctl32.dll
20:34:59.0459 4568 C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2\comctl32.dll - ok
20:34:59.0477 4568 [ D44741F65A1D71F65814A12CF6E2400A ] C:\Windows\SysWOW64\runonce.exe
20:34:59.0477 4568 C:\Windows\SysWOW64\runonce.exe - ok
20:34:59.0495 4568 [ B2DB6ABA2E292235749B80A9C3DFA867 ] C:\Windows\SysWOW64\imagehlp.dll
20:34:59.0495 4568 C:\Windows\SysWOW64\imagehlp.dll - ok
20:34:59.0513 4568 [ A6C29DB53ECA94FA8591C5388D604B82 ] C:\Windows\SysWOW64\msi.dll
20:34:59.0513 4568 C:\Windows\SysWOW64\msi.dll - ok
20:34:59.0532 4568 [ 465BEA35F7ED4A4A57686DEA7EA10F47 ] C:\Windows\SysWOW64\cscapi.dll
20:34:59.0533 4568 C:\Windows\SysWOW64\cscapi.dll - ok
20:34:59.0544 4568 [ 3FD15B4611D9BDA3F8013548C0ECAECA ] C:\Windows\SysWOW64\ntmarta.dll
20:34:59.0544 4568 C:\Windows\SysWOW64\ntmarta.dll - ok
20:34:59.0560 4568 [ 35CB97CBC3EDC463418ED4997AAB29B6 ] C:\Windows\System32\pautoenr.dll
20:34:59.0560 4568 C:\Windows\System32\pautoenr.dll - ok
20:34:59.0580 4568 [ 43964FA89CCF97BA6BE34D69455AC65F ] C:\Windows\SysWOW64\uxtheme.dll
20:34:59.0581 4568 C:\Windows\SysWOW64\uxtheme.dll - ok
20:34:59.0598 4568 [ A8BB45F9ECAD993461E0FEF8E2A99152 ] C:\Windows\SysWOW64\Wldap32.dll
20:34:59.0598 4568 C:\Windows\SysWOW64\Wldap32.dll - ok
20:34:59.0613 4568 [ FBD879D17B26D49DD7A48FF58062FAE6 ] C:\Windows\System32\tdh.dll
20:34:59.0613 4568 C:\Windows\System32\tdh.dll - ok
20:34:59.0628 4568 [ 94DFBB481BF51158B216E23C5C1C9D6E ] C:\Windows\System32\certcli.dll
20:34:59.0628 4568 C:\Windows\System32\certcli.dll - ok
20:34:59.0643 4568 [ 53223B673A3FA2F9A4D1C31C8D3F6CD8 ] C:\Windows\SysWOW64\dbghelp.dll
20:34:59.0644 4568 C:\Windows\SysWOW64\dbghelp.dll - ok
20:34:59.0659 4568 [ 10FB16B50AFFDA6D44588F3C445DC273 ] C:\Windows\SysWOW64\setupapi.dll
20:34:59.0659 4568 C:\Windows\SysWOW64\setupapi.dll - ok
20:34:59.0693 4568 [ 863F793D15B4026B1A5FDECA873D4D84 ] C:\Windows\SysWOW64\apphelp.dll
20:34:59.0694 4568 C:\Windows\SysWOW64\apphelp.dll - ok
20:34:59.0709 4568 [ BECDDA0990DEBD72A30096533521AD73 ] C:\Program Files (x86)\Google\Update\1.3.21.135\GoogleCrashHandler.exe
20:34:59.0709 4568 C:\Program Files (x86)\Google\Update\1.3.21.135\GoogleCrashHandler.exe - ok
20:34:59.0726 4568 [ 263B26106606A010CF877472B535E4BB ] C:\Windows\System32\CertEnroll.dll
20:34:59.0726 4568 C:\Windows\System32\CertEnroll.dll - ok
20:34:59.0743 4568 [ B676429E44F2F8ACC3BAE7C89F46B212 ] C:\Program Files (x86)\Google\Update\1.3.21.135\GoogleCrashHandler64.exe
20:34:59.0744 4568 C:\Program Files (x86)\Google\Update\1.3.21.135\GoogleCrashHandler64.exe - ok
20:34:59.0759 4568 [ FF5688D309347F2720911D8796912834 ] C:\Windows\SysWOW64\clbcatq.dll
20:34:59.0759 4568 C:\Windows\SysWOW64\clbcatq.dll - ok
20:34:59.0773 4568 [ C5A99A4C0DC9F0F5A95BA0C83D30A549 ] C:\Windows\SysWOW64\mstask.dll
20:34:59.0774 4568 C:\Windows\SysWOW64\mstask.dll - ok
20:34:59.0788 4568 [ F436E847FA799ECD75AD8C313673F450 ] C:\Windows\SysWOW64\cfgmgr32.dll
20:34:59.0788 4568 C:\Windows\SysWOW64\cfgmgr32.dll - ok
20:34:59.0814 4568 [ 2EEFF4502F5E13B1BED4A04CCAD64C08 ] C:\Windows\SysWOW64\devobj.dll
20:34:59.0814 4568 C:\Windows\SysWOW64\devobj.dll - ok
20:34:59.0829 4568 [ 12C45E3CB6D65F73209549E2D02ECA7A ] C:\Windows\SysWOW64\propsys.dll
20:34:59.0829 4568 C:\Windows\SysWOW64\propsys.dll - ok
20:34:59.0845 4568 [ B2DFFEA8FB6B8DA0501F53C9F2112612 ] C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{B1AD65C3-89D0-4093-9CC1-B3FC82BB674A}\offreg.dll
20:34:59.0845 4568 C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{B1AD65C3-89D0-4093-9CC1-B3FC82BB674A}\offreg.dll - ok
20:34:59.0855 4568 [ F93674263F6B07C77956E966953242D9 ] C:\Windows\SysWOW64\secur32.dll
20:34:59.0855 4568 C:\Windows\SysWOW64\secur32.dll - ok
20:34:59.0870 4568 [ ADF3E771F429940E762AC097F5A54EAF ] C:\Program Files\Windows Defender\MpClient.dll
20:34:59.0870 4568 C:\Program Files\Windows Defender\MpClient.dll - ok
20:34:59.0885 4568 [ A7A8CA53D9C9FD90C07AB0EB38E5316B ] C:\Windows\System32\dbghelp.dll
20:34:59.0885 4568 C:\Windows\System32\dbghelp.dll - ok
20:34:59.0902 4568 [ AD7B9C14083B52BC532FBA5948342B98 ] C:\Windows\SysWOW64\cmd.exe
20:34:59.0902 4568 C:\Windows\SysWOW64\cmd.exe - ok
20:34:59.0913 4568 [ 10F815BE90A66AAFC6C713D1BD626064 ] C:\Windows\System32\pnidui.dll
20:34:59.0914 4568 C:\Windows\System32\pnidui.dll - ok
20:34:59.0938 4568 [ 1EB82516F21F27EED1833B4F9FD9614E ] C:\Windows\System32\wmp.dll
20:34:59.0938 4568 C:\Windows\System32\wmp.dll - ok
20:34:59.0954 4568 [ D2155709E336C3BC15729EB87FEC6064 ] C:\Windows\System32\rasdlg.dll
20:34:59.0954 4568 C:\Windows\System32\rasdlg.dll - ok
20:34:59.0969 4568 [ 198803E5E93E29967DFB0BCFD0186151 ] C:\Windows\System32\spfileq.dll
20:34:59.0969 4568 C:\Windows\System32\spfileq.dll - ok
20:34:59.0984 4568 [ 326C7F76A29897A892AA7726E91C1C67 ] C:\Windows\SysWOW64\winbrand.dll
20:34:59.0984 4568 C:\Windows\SysWOW64\winbrand.dll - ok
20:35:00.0000 4568 [ D3EAB9BCB2B92EFCA615781C215644C0 ] C:\Windows\SysWOW64\ieframe.dll
20:35:00.0000 4568 C:\Windows\SysWOW64\ieframe.dll - ok
20:35:00.0015 4568 [ 8E01332CC4B68BC6B5B7EFFE374442AA ] C:\Windows\SysWOW64\oleacc.dll
20:35:00.0016 4568 C:\Windows\SysWOW64\oleacc.dll - ok
20:35:00.0030 4568 [ BE247AE996A9FDE007A27B51413A6C79 ] C:\Windows\SysWOW64\shdocvw.dll
20:35:00.0030 4568 C:\Windows\SysWOW64\shdocvw.dll - ok
20:35:00.0073 4568 [ 178A34E5554DCE485E1262DDF027960C ] C:\Users\Jessie\AppData\Local\Temp\46B31E1A-953D-44B9-9C1B-CE51A9CDB21D.exe
20:35:00.0073 4568 C:\Users\Jessie\AppData\Local\Temp\46B31E1A-953D-44B9-9C1B-CE51A9CDB21D.exe - ok
20:35:00.0088 4568 [ BF6D6ED5FADCEEE885BD0144ECF1BA27 ] C:\Windows\SysWOW64\ncrypt.dll
20:35:00.0088 4568 C:\Windows\SysWOW64\ncrypt.dll - ok
20:35:00.0103 4568 [ CE71B9119A258EDD0A05B37D7B0F92E3 ] C:\Windows\SysWOW64\bcrypt.dll
20:35:00.0103 4568 C:\Windows\SysWOW64\bcrypt.dll - ok
20:35:00.0112 4568 [ E8449FE262D7406BCB2AC2A45C53EC5F ] C:\Windows\SysWOW64\bcryptprimitives.dll
20:35:00.0113 4568 C:\Windows\SysWOW64\bcryptprimitives.dll - ok
20:35:00.0125 4568 [ 1097F3035BAF46CED8B332B3564C5108 ] C:\Windows\SysWOW64\gpapi.dll
20:35:00.0125 4568 C:\Windows\SysWOW64\gpapi.dll - ok
20:35:00.0141 4568 [ CA79539D3D4C0BA66F0F051A5EE5E923 ] C:\Windows\SysWOW64\cryptnet.dll
20:35:00.0141 4568 C:\Windows\SysWOW64\cryptnet.dll - ok
20:35:00.0160 4568 [ 6F8E3B7B70E1BBA871212940C1FBDF60 ] C:\Windows\SysWOW64\SensApi.dll
20:35:00.0160 4568 C:\Windows\SysWOW64\SensApi.dll - ok
20:35:00.0180 4568 [ 39C5F32747B3414D1BB216FDB1DEFC58 ] C:\Windows\SysWOW64\dwmapi.dll
20:35:00.0181 4568 C:\Windows\SysWOW64\dwmapi.dll - ok
20:35:00.0220 4568 [ 3BCECD87AB4E6743BFB45B352AD1A529 ] C:\Windows\SysWOW64\WindowsCodecs.dll
20:35:00.0221 4568 C:\Windows\SysWOW64\WindowsCodecs.dll - ok
20:35:00.0239 4568 [ 846D0E4DB261CFAF363902E41498E961 ] C:\Windows\SysWOW64\EhStorShell.dll
20:35:00.0239 4568 C:\Windows\SysWOW64\EhStorShell.dll - ok
20:35:00.0259 4568 [ 03F3B770DFBED6131653CEDA8CA780F0 ] C:\Windows\SysWOW64\ntshrui.dll
20:35:00.0261 4568 C:\Windows\SysWOW64\ntshrui.dll - ok
20:35:00.0279 4568 [ 8B74CEC6980D4816B0037AE9A27E538F ] C:\Windows\SysWOW64\slc.dll
20:35:00.0279 4568 C:\Windows\SysWOW64\slc.dll - ok
20:35:00.0300 4568 [ 827CB0D6C3F8057EA037FF271F8E9795 ] C:\Windows\SysWOW64\imageres.dll
20:35:00.0300 4568 C:\Windows\SysWOW64\imageres.dll - ok
20:35:00.0311 4568 [ 523CF74A52C9A1762DA8B83AEE734498 ] C:\Windows\SysWOW64\IconCodecService.dll
20:35:00.0311 4568 C:\Windows\SysWOW64\IconCodecService.dll - ok
20:35:00.0341 4568 [ 522B0466ED967A0762E9AF5B37D8F40A ] C:\Windows\System32\esent.dll
20:35:00.0341 4568 C:\Windows\System32\esent.dll - ok
20:35:00.0358 4568 [ E03082BF43266EAC72E2CD3BC1283F24 ] C:\Program Files\Microsoft Security Client\MpCommu.dll
20:35:00.0358 4568 C:\Program Files\Microsoft Security Client\MpCommu.dll - ok
20:35:00.0368 4568 [ 2CEFF13ACE25A40BD8D97654944297CD ] C:\Windows\svchost.exe
20:35:00.0368 4568 C:\Windows\svchost.exe - ok
20:35:00.0383 4568 [ 0E85C11F8850D524B02181C6E02BA9AE ] C:\Windows\SysWOW64\dsound.dll
20:35:00.0384 4568 C:\Windows\SysWOW64\dsound.dll - ok
20:35:00.0400 4568 [ 08DFDBD2FD4EA951DC46B1C7661ED35A ] C:\Windows\SysWOW64\powrprof.dll
20:35:00.0400 4568 C:\Windows\SysWOW64\powrprof.dll - ok
20:35:00.0420 4568 [ 40CAEEE0EAF1B8569F7C8DF6420F2CB9 ] C:\Windows\SysWOW64\sfc.dll
20:35:00.0421 4568 C:\Windows\SysWOW64\sfc.dll - ok
20:35:00.0431 4568 [ 84799328D87B3091A3BDD251E1AD31F9 ] C:\Windows\SysWOW64\sfc_os.dll
20:35:00.0432 4568 C:\Windows\SysWOW64\sfc_os.dll - ok
20:35:00.0459 4568 [ 162D247E995EAEBF3EF4289069E1111C ] C:\Windows\SysWOW64\devrtl.dll
20:35:00.0460 4568 C:\Windows\SysWOW64\devrtl.dll - ok
20:35:00.0477 4568 [ B519848DFA30AE2B306576B51321D102 ] C:\Windows\System32\ie4uinit.exe
20:35:00.0477 4568 C:\Windows\System32\ie4uinit.exe - ok
20:35:00.0492 4568 [ 2C647ABE9A424E55B5F3DAE4629B4277 ] C:\Windows\System32\themeui.dll
20:35:00.0492 4568 C:\Windows\System32\themeui.dll - ok
20:35:00.0508 4568 [ CA9F7888B524D8100B977C81F44C3234 ] C:\Windows\SysWOW64\winhttp.dll
20:35:00.0508 4568 C:\Windows\SysWOW64\winhttp.dll - ok
20:35:00.0524 4568 [ FB19FC5951A88F3C523E35C2C98D23C0 ] C:\Windows\SysWOW64\webio.dll
20:35:00.0524 4568 C:\Windows\SysWOW64\webio.dll - ok
20:35:00.0538 4568 [ FB10715E4099AF9FA389C71873245226 ] C:\Windows\System32\timedate.cpl
20:35:00.0538 4568 C:\Windows\System32\timedate.cpl - ok
20:35:00.0554 4568 [ C4F40F6CACD796A8E16671D0E9A2F319 ] C:\Windows\System32\shdocvw.dll
20:35:00.0554 4568 C:\Windows\System32\shdocvw.dll - ok
20:35:00.0596 4568 [ A0A65D306A5490D2EB8E7DE66898ECFD ] C:\Windows\System32\linkinfo.dll
20:35:00.0596 4568 C:\Windows\System32\linkinfo.dll - ok
20:35:00.0613 4568 [ 4E5FE39C1076D115EC8BFCFE14D75B80 ] C:\Windows\SysWOW64\credssp.dll
20:35:00.0613 4568 C:\Windows\SysWOW64\credssp.dll - ok
20:35:00.0626 4568 [ 8999B8631C7FD9F7F9EC3CAFD953BA24 ] C:\Windows\SysWOW64\mswsock.dll
20:35:00.0626 4568 C:\Windows\SysWOW64\mswsock.dll - ok
20:35:00.0644 4568 [ 661CEEDE98A2E0E5CDD7DE239EB38353 ] C:\PROGRA~2\WIC4A1~1\MESSEN~1\msgslang.dll
20:35:00.0645 4568 C:\PROGRA~2\WIC4A1~1\MESSEN~1\msgslang.dll - ok
20:35:00.0660 4568 [ EE5C8E27C37B79CB54A2FCEEED2DC262 ] C:\Windows\SysWOW64\WSHTCPIP.DLL
20:35:00.0660 4568 C:\Windows\SysWOW64\WSHTCPIP.DLL - ok
20:35:00.0676 4568 [ 1EAC1A8CA6874BF5B15E2EFB9A9A7B86 ] C:\Windows\System32\msftedit.dll
20:35:00.0676 4568 C:\Windows\System32\msftedit.dll - ok
20:35:00.0690 4568 [ 73E8667A19FEEDD856DF2695E9E511D4 ] C:\Windows\SysWOW64\wship6.dll
20:35:00.0690 4568 C:\Windows\SysWOW64\wship6.dll - ok
20:35:00.0705 4568 [ 7FCAB194F01E3403C300EB034E480B36 ] C:\Windows\System32\msls31.dll
20:35:00.0706 4568 C:\Windows\System32\msls31.dll - ok
20:35:00.0736 4568 [ 2BCBA6052374959A30BD7948444DBB79 ] C:\Windows\System32\gameux.dll
20:35:00.0736 4568 C:\Windows\System32\gameux.dll - ok
20:35:00.0754 4568 [ B40420876B9288E0A1C8CCA8A84E5DC9 ] C:\Windows\SysWOW64\dnsapi.dll
20:35:00.0754 4568 C:\Windows\SysWOW64\dnsapi.dll - ok
20:35:00.0771 4568 [ 12B79422A23814429CDA9E734C58F78F ] C:\Program Files (x86)\Common Files\microsoft shared\Windows Live\WLIDNSP.DLL
20:35:00.0771 4568 C:\Program Files (x86)\Common Files\microsoft shared\Windows Live\WLIDNSP.DLL - ok
20:35:00.0789 4568 [ 7DBA84667DC18877AEF693E3543DFAD7 ] C:\Program Files\Common Files\Microsoft Shared\ink\tiptsf.dll
20:35:00.0789 4568 C:\Program Files\Common Files\Microsoft Shared\ink\tiptsf.dll - ok
20:35:00.0805 4568 [ 4C2C4640BF23AAFCF90519E0F34436CE ] C:\Windows\System32\DeviceCenter.dll
20:35:00.0805 4568 C:\Windows\System32\DeviceCenter.dll - ok
20:35:00.0822 4568 [ ED6EE83D61EBC683C2CD8E899EA6FEBE ] C:\Windows\SysWOW64\rasadhlp.dll
20:35:00.0822 4568 C:\Windows\SysWOW64\rasadhlp.dll - ok
20:35:00.0837 4568 [ BCFF8CD24809941E28C73185FC58CA39 ] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
20:35:00.0837 4568 C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe - ok
20:35:00.0896 4568 [ 03A03A453F1AAAE0C73AAAF895321C7A ] C:\Windows\SysWOW64\FWPUCLNT.DLL
20:35:00.0896 4568 C:\Windows\SysWOW64\FWPUCLNT.DLL - ok
20:35:00.0910 4568 [ 0BE126224273ACB0925C07B30A0E4209 ] C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
20:35:00.0911 4568 C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe - ok
20:35:00.0928 4568 [ 405F4D32D2185F1F1BD753D8EEAFFB3A ] C:\Windows\System32\networkexplorer.dll
20:35:00.0928 4568 C:\Windows\System32\networkexplorer.dll - ok
20:35:00.0943 4568 [ 5F639198C4137075DA50E61C23963C11 ] C:\Windows\System32\drprov.dll
20:35:00.0943 4568 C:\Windows\System32\drprov.dll - ok
20:35:00.0959 4568 [ 439669E153EF11FA16861EC33D4AFC81 ] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
20:35:00.0959 4568 C:\Program Files\Synaptics\SynTP\SynTPEnh.exe - ok
20:35:00.0975 4568 [ BC566D17914B07ABAAB3A5A385CC3300 ] C:\Windows\System32\ntlanman.dll
20:35:00.0976 4568 C:\Windows\System32\ntlanman.dll - ok
20:35:00.0990 4568 [ B3A33600DCDFB84D7FBE09ADEB1C9B8A ] C:\Windows\System32\davclnt.dll
20:35:00.0991 4568 C:\Windows\System32\davclnt.dll - ok
20:35:01.0020 4568 [ 45B24A357C801CE62052FE0CDC8BD4D2 ] C:\Windows\System32\davhlpr.dll
20:35:01.0020 4568 C:\Windows\System32\davhlpr.dll - ok
20:35:01.0036 4568 [ 24F4B480F335A6C724AF352253C5D98B ] C:\Windows\System32\thumbcache.dll
20:35:01.0036 4568 C:\Windows\System32\thumbcache.dll - ok
20:35:01.0056 4568 [ 585FED4CDB8034B8B58AEB8008255817 ] C:\Windows\System32\opengl32.dll
20:35:01.0057 4568 C:\Windows\System32\opengl32.dll - ok
20:35:01.0072 4568 [ C5BCAB2B9BD316DDFD53D4CB5E1C438D ] C:\Program Files\TOSHIBA\Power Saver\TPwrMain.exe
20:35:01.0073 4568 C:\Program Files\TOSHIBA\Power Saver\TPwrMain.exe - ok
20:35:01.0088 4568 [ 69754747274B76E7FAF287239333D7E6 ] C:\Windows\System32\msiltcfg.dll
20:35:01.0088 4568 C:\Windows\System32\msiltcfg.dll - ok
20:35:01.0100 4568 [ 5EB6E9C8BE1ACC5830780E0F9A846255 ] C:\Windows\System32\msi.dll
20:35:01.0101 4568 C:\Windows\System32\msi.dll - ok
20:35:01.0115 4568 [ F2967C0A97C0EA67D79D7F557213950D ] C:\Windows\System32\glu32.dll
20:35:01.0116 4568 C:\Windows\System32\glu32.dll - ok
20:35:01.0130 4568 [ A6C09924C6730DE8DEED9890A12AA691 ] C:\Windows\System32\ddraw.dll
20:35:01.0130 4568 C:\Windows\System32\ddraw.dll - ok
20:35:01.0161 4568 [ 29C22748937F45C26590909E9F8E7137 ] C:\Windows\System32\dciman32.dll
20:35:01.0161 4568 C:\Windows\System32\dciman32.dll - ok
20:35:01.0184 4568 [ E424B3EF666B184CEE0B6871AAA8C9F6 ] C:\Windows\System32\msimg32.dll
20:35:01.0184 4568 C:\Windows\System32\msimg32.dll - ok
20:35:01.0201 4568 [ 263E9A047D17CD50BAA9D3C02910D18D ] C:\Windows\System32\oledlg.dll
20:35:01.0201 4568 C:\Windows\System32\oledlg.dll - ok
20:35:01.0218 4568 [ 9110FFAD124283F37D38771BB60556AF ] C:\Windows\System32\dsound.dll
20:35:01.0219 4568 C:\Windows\System32\dsound.dll - ok
20:35:01.0236 4568 [ EFE8A50B9AE0205D399E94E89E244E65 ] C:\Program Files\TOSHIBA\Power Saver\TCooling.dll
20:35:01.0236 4568 C:\Program Files\TOSHIBA\Power Saver\TCooling.dll - ok
20:35:01.0254 4568 [ 0805289E121F3E3C458C970B08314EB2 ] C:\Windows\System32\RtkCfg64.dll
20:35:01.0254 4568 C:\Windows\System32\RtkCfg64.dll - ok
20:35:01.0271 4568 [ C3761661C17C2248A9379A8FB89E3DE1 ] C:\Windows\System32\stobject.dll
20:35:01.0271 4568 C:\Windows\System32\stobject.dll - ok
20:35:01.0287 4568 [ E542A10321E884C2C50290AC67E82DAE ] C:\Program Files\TOSHIBA\Power Saver\TOddPwr.dll
20:35:01.0287 4568 C:\Program Files\TOSHIBA\Power Saver\TOddPwr.dll - ok
20:35:01.0304 4568 [ DC604BBAF9F613D150CC6060E0E47788 ] C:\Program Files\TOSHIBA\FlashCards\TCrdMain.exe
20:35:01.0304 4568 C:\Program Files\TOSHIBA\FlashCards\TCrdMain.exe - ok
20:35:01.0321 4568 [ F832EEEA97CDDA1AF577E721F652A0D1 ] C:\Windows\System32\batmeter.dll
20:35:01.0321 4568 C:\Windows\System32\batmeter.dll - ok
20:35:01.0337 4568 [ 60FB378B6D1C80DC69DD80F8E05D4346 ] C:\Program Files\TOSHIBA\Power Saver\TPwrSrv.dll
20:35:01.0337 4568 C:\Program Files\TOSHIBA\Power Saver\TPwrSrv.dll - ok
20:35:01.0352 4568 [ 565E25C82AAE17EA97884B43F05A720E ] C:\Windows\System32\SynCOM.dll
20:35:01.0352 4568 C:\Windows\System32\SynCOM.dll - ok
20:35:01.0368 4568 [ B3F4982BD2542AB40AFA6D6E695E5E06 ] C:\Program Files\TOSHIBA\Power Saver\TPwrBrightness.dll
20:35:01.0368 4568 C:\Program Files\TOSHIBA\Power Saver\TPwrBrightness.dll - ok
20:35:01.0390 4568 [ 4936B83586C1F81630AE9C8EED6E356A ] C:\Windows\System32\SynTPAPI.dll
20:35:01.0390 4568 C:\Windows\System32\SynTPAPI.dll - ok
20:35:01.0406 4568 [ DFD8F75F0E27D522AB8424AD71719C8B ] C:\Program Files\TOSHIBA\TBS\HSON.exe
20:35:01.0406 4568 C:\Program Files\TOSHIBA\TBS\HSON.exe - ok
20:35:01.0418 4568 [ F164E175B6092D3BA0DC7056487717BC ] C:\Program Files\TOSHIBA\Power Saver\T1394Pwr.dll
20:35:01.0418 4568 C:\Program Files\TOSHIBA\Power Saver\T1394Pwr.dll - ok
20:35:01.0434 4568 [ 6B8966ECB093271DE794286850432225 ] C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
20:35:01.0434 4568 C:\Program Files\Synaptics\SynTP\SynTPHelper.exe - ok
20:35:01.0450 4568 [ F82483A80D49ACCA81193A294FB233CD ] C:\Program Files\TOSHIBA\TosVolRegulator\TosVolRegulator.exe
20:35:01.0450 4568 C:\Program Files\TOSHIBA\TosVolRegulator\TosVolRegulator.exe - ok
20:35:01.0466 4568 [ D70D6B42933C1174FE961F0BCA3573A3 ] C:\Program Files\TOSHIBA\FlashCards\TCrdEvnt.dll
20:35:01.0466 4568 C:\Program Files\TOSHIBA\FlashCards\TCrdEvnt.dll - ok
20:35:01.0483 4568 [ E436C2E89416F31699F2A3CA79DDC095 ] C:\Program Files\TOSHIBA\Power Saver\TKBLEDPwr.dll
20:35:01.0483 4568 C:\Program Files\TOSHIBA\Power Saver\TKBLEDPwr.dll - ok
20:35:01.0513 4568 [ 426350B428CD70D037A3326EB9E5EDFD ] C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosWaitSrv.exe
20:35:01.0514 4568 C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosWaitSrv.exe - ok
20:35:01.0530 4568 [ 76849AB697E63D85CC35DD2F8AEA1C6B ] C:\Program Files\TOSHIBA\FlashCards\TCrdMain.dll
20:35:01.0531 4568 C:\Program Files\TOSHIBA\FlashCards\TCrdMain.dll - ok
20:35:01.0547 4568 [ C4CA3DBBCEC3136D37DA20B50291E63A ] C:\Program Files\TOSHIBA\Power Saver\TSDPwr.dll
20:35:01.0548 4568 C:\Program Files\TOSHIBA\Power Saver\TSDPwr.dll - ok
20:35:01.0563 4568 [ 3911917B93DD9023DAA8258147AA7BCF ] C:\Program Files\Microsoft Security Client\msseces.exe
20:35:01.0563 4568 C:\Program Files\Microsoft Security Client\msseces.exe - ok
20:35:01.0576 4568 [ 5D61BE7DB55B026A5D61A3EED09D0EAD ] C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
20:35:01.0576 4568 C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe - ok
20:35:01.0594 4568 [ DF987E7AA36D53411B1087B246739326 ] C:\Program Files\TOSHIBA\Power Saver\TPCIePwr.dll
20:35:01.0594 4568 C:\Program Files\TOSHIBA\Power Saver\TPCIePwr.dll - ok
20:35:01.0609 4568 [ 220159496484D34009DE71CA1A68E0D4 ] C:\Windows\System32\wbem\NCProv.dll
20:35:01.0609 4568 C:\Windows\System32\wbem\NCProv.dll - ok
20:35:01.0624 4568 [ 0B5511674394666E9D221F8681B2C2E6 ] C:\Windows\System32\consent.exe
20:35:01.0624 4568 C:\Windows\System32\consent.exe - ok
20:35:01.0652 4568 [ 76F123E491B26DAAD5DFBC20FC5996DB ] C:\Program Files\TOSHIBA\Power Saver\TScreen.dll
20:35:01.0653 4568 C:\Program Files\TOSHIBA\Power Saver\TScreen.dll - ok
20:35:01.0661 4568 [ 0F042176F243D71C552E9D07D2FCB141 ] C:\Program Files\TOSHIBA\FlashCards\BlackPng.dll
20:35:01.0661 4568 C:\Program Files\TOSHIBA\FlashCards\BlackPng.dll - ok
20:35:01.0678 4568 [ 2D2A6EC8EAD30EC3ACE2FD6FB1B3E122 ] C:\Windows\System32\prnfldr.dll
20:35:01.0678 4568 C:\Windows\System32\prnfldr.dll - ok
20:35:01.0693 4568 [ 42A9CB6906D9A8BEDC83B57163E62924 ] C:\Windows\System32\DXP.dll
20:35:01.0694 4568 C:\Windows\System32\DXP.dll - ok
20:35:01.0708 4568 [ 2BC7C9FD0A9F2C9AFC373F3AD1EE3891 ] C:\Windows\System32\Syncreg.dll
20:35:01.0708 4568 C:\Windows\System32\Syncreg.dll - ok
20:35:01.0723 4568 [ DDEA7F06F8A00E706C4DB75D7C6F2612 ] C:\Program Files\TOSHIBA\HDD Protection\Thp3dv.exe
20:35:01.0724 4568 C:\Program Files\TOSHIBA\HDD Protection\Thp3dv.exe - ok
20:35:01.0739 4568 [ 76E7410B3A308F6960D3CE06DC7874AD ] C:\Program Files (x86)\Google\GoogleToolbarNotifier\5.7.8313.1002\gtn.dll
20:35:01.0739 4568 C:\Program Files (x86)\Google\GoogleToolbarNotifier\5.7.8313.1002\gtn.dll - ok
20:35:01.0766 4568 [ C836175870E00ACC546066632E15BD10 ] C:\Windows\ehome\ehSSO.dll
20:35:01.0766 4568 C:\Windows\ehome\ehSSO.dll - ok
20:35:01.0782 4568 [ 839F96DBAAFD3353E0B248A5E0BD2A51 ] C:\Windows\SysWOW64\rasapi32.dll
20:35:01.0782 4568 C:\Windows\SysWOW64\rasapi32.dll - ok
20:35:01.0795 4568 [ C8FDF0FA9E97E2FAAF3F814716AAA881 ] C:\Windows\System32\WPDShServiceObj.dll
20:35:01.0795 4568 C:\Windows\System32\WPDShServiceObj.dll - ok
20:35:01.0811 4568 [ 4F3CD1C59EA71401E155C432BCECE180 ] C:\Windows\System32\PortableDeviceTypes.dll
20:35:01.0811 4568 C:\Windows\System32\PortableDeviceTypes.dll - ok
20:35:01.0826 4568 [ 6D137963730144698CBD10F202E9F251 ] C:\Windows\System32\wersvc.dll
20:35:01.0826 4568 C:\Windows\System32\wersvc.dll - ok
20:35:01.0843 4568 [ 9C96B167C21F6DCCF68E96853B0A8F93 ] C:\Program Files\TOSHIBA\FlashCards\FnPRTSC.dll
20:35:01.0843 4568 C:\Program Files\TOSHIBA\FlashCards\FnPRTSC.dll - ok
20:35:01.0858 4568 [ FFA7172354B9256DBB2CDD75F16F33FE ] C:\Windows\SysWOW64\rasman.dll
20:35:01.0858 4568 C:\Windows\SysWOW64\rasman.dll - ok
20:35:01.0885 4568 [ 8569E35D00F45972E506502EEE622BA4 ] C:\Windows\System32\srchadmin.dll
20:35:01.0886 4568 C:\Windows\System32\srchadmin.dll - ok
20:35:01.0901 4568 [ E126445756DFE53F9788911BBD7BFF16 ] C:\Program Files\TOSHIBA\FlashCards\FnSticky.dll
20:35:01.0901 4568 C:\Program Files\TOSHIBA\FlashCards\FnSticky.dll - ok
20:35:01.0918 4568 [ 0915C4DB6DBC3BB9E11B7ECBBE4B7159 ] C:\Windows\SysWOW64\rtutils.dll
20:35:01.0918 4568 C:\Windows\SysWOW64\rtutils.dll - ok
20:35:01.0928 4568 [ 93812FDC01AA864195816CD814445F95 ] C:\Program Files\Microsoft Security Client\sqmapi.dll
20:35:01.0928 4568 C:\Program Files\Microsoft Security Client\sqmapi.dll - ok
20:35:01.0945 4568 [ CACB1FB9B211A8BEF470A78FC573AEBA ] C:\Program Files\TOSHIBA\FlashCards\Hotkey\Brightness.dll
20:35:01.0945 4568 C:\Program Files\TOSHIBA\FlashCards\Hotkey\Brightness.dll - ok
20:35:01.0961 4568 [ 917A728A12F25FCF4636858FAC9979FA ] C:\Program Files (x86)\Google\GoogleToolbarNotifier\5.7.8313.1002\swg.dll
20:35:01.0961 4568 C:\Program Files (x86)\Google\GoogleToolbarNotifier\5.7.8313.1002\swg.dll - ok
20:35:01.0977 4568 [ 92DBF0A4C9239169010FC6E07859C82E ] C:\Windows\System32\ActionCenter.dll
20:35:01.0977 4568 C:\Windows\System32\ActionCenter.dll - ok
20:35:01.0993 4568 [ 241AF87821FDA0F5792037B779F49BE0 ] C:\Windows\winsxs\amd64_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.6161_none_08e61857a83bc251\msvcp90.dll
20:35:01.0993 4568 C:\Windows\winsxs\amd64_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.6161_none_08e61857a83bc251\msvcp90.dll - ok
20:35:02.0039 4568 [ C746F3BF98E92FB137B5BD2B8B5925BD ] C:\Windows\System32\FXSST.dll
20:35:02.0040 4568 C:\Windows\System32\FXSST.dll - ok
20:35:02.0057 4568 [ E0B340996A41C9A75DFA3B99BBA9C500 ] C:\Windows\System32\SearchIndexer.exe
20:35:02.0057 4568 C:\Windows\System32\SearchIndexer.exe - ok
20:35:02.0073 4568 [ DDE5A0DFAF7C6370FB36402D7A746ED3 ] C:\Program Files (x86)\Internet Explorer\iexplore.exe
20:35:02.0074 4568 C:\Program Files (x86)\Internet Explorer\iexplore.exe - ok
20:35:02.0089 4568 [ D233C7FEAE3FAA25F93A9E6B46815ADC ] C:\Windows\winsxs\amd64_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.6161_none_08e61857a83bc251\msvcr90.dll
20:35:02.0090 4568 C:\Windows\winsxs\amd64_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.6161_none_08e61857a83bc251\msvcr90.dll - ok
20:35:02.0105 4568 [ 650CAEA856943E29F25A25D31E004B18 ] C:\Windows\System32\FXSAPI.dll
20:35:02.0105 4568 C:\Windows\System32\FXSAPI.dll - ok
20:35:02.0120 4568 [ 5997D769CDB108390DCFAEBF442BF816 ] C:\Windows\SysWOW64\RpcRtRemote.dll
20:35:02.0120 4568 C:\Windows\SysWOW64\RpcRtRemote.dll - ok
20:35:02.0135 4568 [ 919001D2BB17DF06CA3F8AC16AD039F6 ] C:\Windows\SysWOW64\sxs.dll
20:35:02.0135 4568 C:\Windows\SysWOW64\sxs.dll - ok
20:35:02.0156 4568 [ 1C937AA6A3E2E5F5F650686437AE2854 ] C:\Program Files\TOSHIBA\FlashCards\SmoothView.dll
20:35:02.0156 4568 C:\Program Files\TOSHIBA\FlashCards\SmoothView.dll - ok
20:35:02.0176 4568 [ 43AA2EFD14590DE58A545BF3B28ED09F ] C:\Program Files\TOSHIBA\FlashCards\Hotkey\FnF8Dll.dll
20:35:02.0177 4568 C:\Program Files\TOSHIBA\FlashCards\Hotkey\FnF8Dll.dll - ok
20:35:02.0187 4568 [ C8E8B8239FCF17BEA10E751BE5854631 ] C:\Windows\System32\FXSRESM.dll
20:35:02.0187 4568 C:\Windows\System32\FXSRESM.dll - ok
20:35:02.0204 4568 [ 357BE883C5236BFC7341CB9E82308908 ] C:\Windows\System32\wlanapi.dll
20:35:02.0204 4568 C:\Windows\System32\wlanapi.dll - ok
20:35:02.0220 4568 [ D66423EB59EA81B1D9C0DE0AAFE2EB25 ] C:\Program Files\TOSHIBA\TBS\TBSMain.dll
20:35:02.0220 4568 C:\Program Files\TOSHIBA\TBS\TBSMain.dll - ok
20:35:02.0238 4568 [ 11615D80DC10ABB83D2A9002B70A4E36 ] C:\Program Files\TOSHIBA\FlashCards\TWarnMsg\TWarnMsg.dll
20:35:02.0238 4568 C:\Program Files\TOSHIBA\FlashCards\TWarnMsg\TWarnMsg.dll - ok
20:35:02.0256 4568 [ 7C74C407EEFE30A423B49E2D10850281 ] C:\Program Files\Common Files\Microsoft Shared\OFFICE14\msoshext.dll
20:35:02.0256 4568 C:\Program Files\Common Files\Microsoft Shared\OFFICE14\msoshext.dll - ok
20:35:02.0293 4568 [ 1AC9B56AC7E043AC2874D61CBCED5F49 ] C:\Program Files\TOSHIBA\FlashCards\Hotkey\Mute.dll
20:35:02.0294 4568 C:\Program Files\TOSHIBA\FlashCards\Hotkey\Mute.dll - ok
20:35:02.0307 4568 [ 589DF683A6C81424A6CECE52ABF98A50 ] C:\Windows\System32\tquery.dll
20:35:02.0307 4568 C:\Windows\System32\tquery.dll - ok
20:35:02.0325 4568 [ 619A67C9F617B7E69315BB28ECD5E1DF ] C:\Windows\System32\wbem\WmiPrvSE.exe
20:35:02.0326 4568 C:\Windows\System32\wbem\WmiPrvSE.exe - ok
20:35:02.0341 4568 [ DBEFD454F8318A0EF691FDD2EAAB44EB ] C:\Windows\System32\FXSSVC.exe
20:35:02.0341 4568 C:\Windows\System32\FXSSVC.exe - ok
20:35:02.0356 4568 [ E7368F0A8D19445EAF5C5D0DBB8B8DAB ] C:\Windows\System32\AltTab.dll
20:35:02.0356 4568 C:\Windows\System32\AltTab.dll - ok
20:35:02.0370 4568 [ B9F0A4020AA98B7A20287BF7FE99A1FD ] C:\Windows\System32\QUTIL.DLL
20:35:02.0371 4568 C:\Windows\System32\QUTIL.DLL - ok
20:35:02.0385 4568 [ 07AD88DF9EF73215458867EFC1BFFE9E ] C:\Windows\System32\wbem\wmiprov.dll
20:35:02.0385 4568 C:\Windows\System32\wbem\wmiprov.dll - ok
20:35:02.0401 4568 [ F7A256EC899C72B4ECDD2C02CB592EFD ] C:\Windows\System32\bthprops.cpl
20:35:02.0401 4568 C:\Windows\System32\bthprops.cpl - ok
20:35:02.0429 4568 [ 7568CC720ACE4D03B84AF97817E745EF ] C:\Windows\System32\mssrch.dll
20:35:02.0429 4568 C:\Windows\System32\mssrch.dll - ok
20:35:02.0441 4568 [ E829C45F0D77852C43BE99C4B1BD215D ] C:\Windows\System32\ieframe.dll
20:35:02.0441 4568 C:\Windows\System32\ieframe.dll - ok
20:35:02.0455 4568 [ 3121A79D13A61562BE9CC902CD46B542 ] C:\Windows\System32\msidle.dll
20:35:02.0455 4568 C:\Windows\System32\msidle.dll - ok
20:35:02.0469 4568 [ ACE1BB07E0377E37A2C514CD2EC119B1 ] C:\Windows\System32\mssprxy.dll
20:35:02.0469 4568 C:\Windows\System32\mssprxy.dll - ok
20:35:02.0486 4568 [ C9FB9038B15036CA28CF0B4BE2BED9BD ] C:\Windows\System32\en-US\tquery.dll.mui
20:35:02.0486 4568 C:\Windows\System32\en-US\tquery.dll.mui - ok
20:35:02.0497 4568 [ F146E2BA475893DD77B2370DC1211FC6 ] C:\Windows\System32\drivers\70697027.sys
20:35:02.0497 4568 C:\Windows\System32\drivers\70697027.sys - ok
20:35:02.0511 4568 [ F9AFD12BB4B1CFA5FCC0A5B37C604FD2 ] C:\Windows\System32\dot3api.dll
20:35:02.0512 4568 C:\Windows\System32\dot3api.dll - ok
20:35:02.0529 4568 [ E4FCA0F99A41E460C84016DEFD31E6EF ] C:\Windows\System32\wlanhlp.dll
20:35:02.0529 4568 C:\Windows\System32\wlanhlp.dll - ok
20:35:02.0546 4568 [ 6699A112A3BDC9B52338512894EBA9D6 ] C:\Program Files\Windows Media Player\wmpnscfg.exe
20:35:02.0546 4568 C:\Program Files\Windows Media Player\wmpnscfg.exe - ok
20:35:02.0562 4568 [ 5DA219F57A9076FB6FBD3C9C3713A672 ] C:\Windows\System32\WWanAPI.dll
20:35:02.0562 4568 C:\Windows\System32\WWanAPI.dll - ok
20:35:02.0576 4568 [ 62C7AACC746C9723468A8F2169ED3E85 ] C:\Windows\System32\wwapi.dll
20:35:02.0576 4568 C:\Windows\System32\wwapi.dll - ok
20:35:02.0591 4568 [ 6B851E682A36453E1B1EE297FFB6E2AB ] C:\Windows\System32\QAGENT.DLL
20:35:02.0592 4568 C:\Windows\System32\QAGENT.DLL - ok
20:35:02.0607 4568 [ C7494C67A6BF6FE914808E42F8265FEF ] C:\Program Files\Windows Media Player\wmpnssci.dll
20:35:02.0607 4568 C:\Program Files\Windows Media Player\wmpnssci.dll - ok
20:35:02.0623 4568 [ D7CEAEDD5F75D2C8A2E80887D7C114CE ] C:\Windows\System32\webcheck.dll
20:35:02.0623 4568 C:\Windows\System32\webcheck.dll - ok
20:35:02.0646 4568 [ 8494E126F0B10180F3293AF861CE1F7A ] C:\Windows\System32\mlang.dll
20:35:02.0646 4568 C:\Windows\System32\mlang.dll - ok
20:35:02.0660 4568 [ 101797BA603D227946B4B5109867EB19 ] C:\Windows\System32\SyncCenter.dll
20:35:02.0660 4568 C:\Windows\System32\SyncCenter.dll - ok
20:35:02.0679 4568 [ A9F3BFC9345F49614D5859EC95B9E994 ] C:\Program Files\Windows Media Player\wmpnetwk.exe
20:35:02.0679 4568 C:\Program Files\Windows Media Player\wmpnetwk.exe - ok
20:35:02.0688 4568 [ 8130391F82D52D36C0441F714136957F ] C:\Windows\System32\imapi2.dll
20:35:02.0688 4568 C:\Windows\System32\imapi2.dll - ok
20:35:02.0705 4568 [ E36112A8A6C7F840169A7E92C12F4203 ] C:\Windows\System32\wsock32.dll
20:35:02.0705 4568 C:\Windows\System32\wsock32.dll - ok
20:35:02.0716 4568 [ 102CF6879887BBE846A00C459E6D4ABC ] C:\Windows\SysWOW64\riched20.dll
20:35:02.0716 4568 C:\Windows\SysWOW64\riched20.dll - ok
20:35:02.0730 4568 [ E2A17BCC08D92F42E08AF6BA2F93ABA7 ] C:\Windows\SysWOW64\ExplorerFrame.dll
20:35:02.0730 4568 C:\Windows\SysWOW64\ExplorerFrame.dll - ok
20:35:02.0745 4568 [ 6A5C1A8AC0B572679361026D0E900420 ] C:\Windows\System32\hgcpl.dll
20:35:02.0745 4568 C:\Windows\System32\hgcpl.dll - ok
20:35:02.0762 4568 [ 423982DD851406A52B6399DDB196C606 ] C:\Windows\System32\wmdrmdev.dll
20:35:02.0762 4568 C:\Windows\System32\wmdrmdev.dll - ok
20:35:02.0777 4568 [ 2C1055E2C6D42753241FB2A129136994 ] C:\Windows\System32\drmv2clt.dll
20:35:02.0777 4568 C:\Windows\System32\drmv2clt.dll - ok
20:35:02.0791 4568 [ 54B5DCD55B223BC5DF50B82E1E9E86B1 ] C:\Windows\System32\mfplat.dll
20:35:02.0791 4568 C:\Windows\System32\mfplat.dll - ok
20:35:02.0817 4568 [ 6E1F8165C365D35C8E3C045AF0CDD481 ] C:\Windows\SysWOW64\duser.dll
20:35:02.0817 4568 C:\Windows\SysWOW64\duser.dll - ok
20:35:02.0839 4568 [ 0438CAB2E03F4FB61455A7956026FE86 ] C:\Windows\System32\fdPHost.dll
20:35:02.0839 4568 C:\Windows\System32\fdPHost.dll - ok
20:35:02.0854 4568 [ EE06B85BC69F18826302348A2AD089E0 ] C:\Windows\SysWOW64\dui70.dll
20:35:02.0854 4568 C:\Windows\SysWOW64\dui70.dll - ok
20:35:02.0868 4568 [ 171D7DB433314A868507C4326E8209DC ] C:\Windows\System32\fdWSD.dll
20:35:02.0868 4568 C:\Windows\System32\fdWSD.dll - ok
20:35:02.0928 4568 [ A2E5B2D20954210DCE1A75A1FC8CC36D ] C:\Windows\System32\fdSSDP.dll
20:35:02.0929 4568 C:\Windows\System32\fdSSDP.dll - ok
20:35:02.0940 4568 [ 97A891E2BF7FDA830BCFC6269DA3F5E9 ] C:\Windows\System32\blackbox.dll
20:35:02.0940 4568 C:\Windows\System32\blackbox.dll - ok
20:35:02.0950 4568 [ 04CB7C8FDC6D9640DD82A527208F72C4 ] C:\Windows\System32\UIAnimation.dll
20:35:02.0950 4568 C:\Windows\System32\UIAnimation.dll - ok
20:35:02.0964 4568 [ E19AD0D49BFF5938B3E374873AC174DE ] C:\Windows\System32\wmploc.DLL
20:35:02.0964 4568 C:\Windows\System32\wmploc.DLL - ok
20:35:02.0979 4568 [ 96DB78C9C50CEED9DA5050EFFEE272A2 ] C:\Windows\System32\upnp.dll
20:35:02.0979 4568 C:\Windows\System32\upnp.dll - ok
20:35:02.0993 4568 [ 2A436796758BF2555A26C770FE8A6FEE ] C:\Windows\System32\fdProxy.dll
20:35:02.0994 4568 C:\Windows\System32\fdProxy.dll - ok
20:35:03.0008 4568 [ 51B52FBD583CDE8AA9BA62B8B4298F33 ] C:\Windows\System32\ssdpsrv.dll
20:35:03.0008 4568 C:\Windows\System32\ssdpsrv.dll - ok
20:35:03.0023 4568 [ EFDFB3DD38A4376F93E7985173813ABD ] C:\Windows\System32\ListSvc.dll
20:35:03.0023 4568 C:\Windows\System32\ListSvc.dll - ok
20:35:03.0078 4568 [ B6411CED931AFD059E48C52DBFBA95B4 ] C:\Windows\System32\P2P.dll
20:35:03.0078 4568 C:\Windows\System32\P2P.dll - ok
20:35:03.0093 4568 [ 4A82EA2807B16FF577AEAF8ADB8779FF ] C:\Windows\System32\IdListen.dll
20:35:03.0093 4568 C:\Windows\System32\IdListen.dll - ok
20:35:03.0109 4568 [ A0524499F4C63CADA7E1529FC77F5DC1 ] C:\Windows\System32\hgprint.dll
20:35:03.0109 4568 C:\Windows\System32\hgprint.dll - ok
20:35:03.0124 4568 [ F7220A36464885AC591C21544B47D443 ] C:\Program Files\Internet Explorer\ieproxy.dll
20:35:03.0124 4568 C:\Program Files\Internet Explorer\ieproxy.dll - ok
20:35:03.0139 4568 [ 3EAC4455472CC2C97107B5291E0DCAFE ] C:\Windows\System32\pnrpsvc.dll
20:35:03.0139 4568 C:\Windows\System32\pnrpsvc.dll - ok
20:35:03.0154 4568 [ 355A138ABDFD43FBABCAE3A1B06AB93D ] C:\Windows\System32\wmpps.dll
20:35:03.0154 4568 C:\Windows\System32\wmpps.dll - ok
20:35:03.0168 4568 [ F149E8CAE538DBF7059B00326673F602 ] C:\Windows\System32\wmpmde.dll
20:35:03.0168 4568 C:\Windows\System32\wmpmde.dll - ok
20:35:03.0226 4568 [ 021287C2050FD5DB4A8B084E2C38139C ] C:\Windows\System32\WinSATAPI.dll
20:35:03.0226 4568 C:\Windows\System32\WinSATAPI.dll - ok
20:35:03.0238 4568 [ 66C87DB880052104808507D6FA84D68E ] C:\Program Files\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
20:35:03.0239 4568 C:\Program Files\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL - ok
20:35:03.0254 4568 [ 28A7D7C7E2FDD1D55F12F750CD6331EC ] C:\Windows\System32\MSMPEG2ENC.DLL
20:35:03.0255 4568 C:\Windows\System32\MSMPEG2ENC.DLL - ok
20:35:03.0269 4568 [ 46767946E7B559D981C1DC04EC0AB36F ] C:\Windows\System32\devenum.dll
20:35:03.0269 4568 C:\Windows\System32\devenum.dll - ok
20:35:03.0285 4568 [ 558C42D165DB5799B4072DC0A9C27C0B ] C:\Windows\System32\msdmo.dll
20:35:03.0285 4568 C:\Windows\System32\msdmo.dll - ok
20:35:03.0299 4568 [ 927463ECB02179F88E4B9A17568C63C3 ] C:\Windows\System32\p2psvc.dll
20:35:03.0300 4568 C:\Windows\System32\p2psvc.dll - ok
20:35:03.0317 4568 [ 3AEE02CEDAA3ACD14F9D7E038E44D6D1 ] C:\Windows\System32\P2PGraph.dll
20:35:03.0318 4568 C:\Windows\System32\P2PGraph.dll - ok
20:35:03.0335 4568 [ D47EC6A8E81633DD18D2436B19BAF6DE ] C:\Windows\System32\upnphost.dll
20:35:03.0335 4568 C:\Windows\System32\upnphost.dll - ok
20:35:03.0421 4568 [ 8C338238C16777A802D6A9211EB2BA50 ] C:\Windows\SysWOW64\netprofm.dll
20:35:03.0421 4568 C:\Windows\SysWOW64\netprofm.dll - ok
20:35:03.0434 4568 [ 0BA65122FFA7E37564EE86422DBF7AE8 ] C:\Windows\SysWOW64\nlaapi.dll
20:35:03.0434 4568 C:\Windows\SysWOW64\nlaapi.dll - ok
20:35:03.0448 4568 [ 15E298B5EC5B89C5994A59863969D9FF ] C:\Windows\SysWOW64\npmproxy.dll
20:35:03.0449 4568 C:\Windows\SysWOW64\npmproxy.dll - ok
20:35:03.0464 4568 [ 9A85ABCE0FDD1AF8E79E731EB0B679F3 ] C:\Windows\SysWOW64\dhcpcsvc.dll
20:35:03.0464 4568 C:\Windows\SysWOW64\dhcpcsvc.dll - ok
20:35:03.0479 4568 [ 81F6C1AE23B1C493D9E996C3103915D7 ] C:\Windows\SysWOW64\dhcpcsvc6.dll
20:35:03.0479 4568 C:\Windows\SysWOW64\dhcpcsvc6.dll - ok
20:35:03.0502 4568 [ 263963D93A3CA8F685EFA5966F1E6581 ] C:\Windows\SysWOW64\mshtml.dll
20:35:03.0502 4568 C:\Windows\SysWOW64\mshtml.dll - ok
20:35:03.0517 4568 [ 71E68F2443A80BD4DA89181889C457EA ] C:\Windows\System32\udhisapi.dll
20:35:03.0517 4568 C:\Windows\System32\udhisapi.dll - ok
20:35:03.0540 4568 [ 8EE6BDE1D572677AA35707C52C585F75 ] C:\Windows\SysWOW64\mlang.dll
20:35:03.0540 4568 C:\Windows\SysWOW64\mlang.dll - ok
20:35:03.0556 4568 [ 1D1EAA16D193C6A2D45981ED3914D22A ] C:\Windows\SysWOW64\msimtf.dll
20:35:03.0556 4568 C:\Windows\SysWOW64\msimtf.dll - ok
20:35:03.0574 4568 [ 35AAE2E841AA1A949775168E119482C9 ] C:\Windows\SysWOW64\msls31.dll
20:35:03.0574 4568 C:\Windows\SysWOW64\msls31.dll - ok
20:35:03.0589 4568 [ 69F42E40A0C4344939437D86A8893DA6 ] C:\Windows\SysWOW64\jscript9.dll
20:35:03.0590 4568 C:\Windows\SysWOW64\jscript9.dll - ok
20:35:03.0607 4568 [ 9FF8F684BACF326082E5562F7C104A79 ] C:\Windows\SysWOW64\d2d1.dll
20:35:03.0607 4568 C:\Windows\SysWOW64\d2d1.dll - ok
20:35:03.0621 4568 [ 4277F5164DE9B7C665BB928B9145BEE0 ] C:\Windows\SysWOW64\DWrite.dll
20:35:03.0621 4568 C:\Windows\SysWOW64\DWrite.dll - ok
20:35:03.0636 4568 [ D4F264FE23F8953D840904418220C15E ] C:\Windows\SysWOW64\dxgi.dll
20:35:03.0637 4568 C:\Windows\SysWOW64\dxgi.dll - ok
20:35:03.0651 4568 [ 3C1936A12C62254F914A01BBC6A8DC69 ] C:\Windows\SysWOW64\d3d10_1.dll
20:35:03.0652 4568 C:\Windows\SysWOW64\d3d10_1.dll - ok
20:35:03.0687 4568 [ D4212AB475A3B25EC4DF574536C3EDC5 ] C:\Windows\SysWOW64\d3d10_1core.dll
20:35:03.0687 4568 C:\Windows\SysWOW64\d3d10_1core.dll - ok
20:35:03.0702 4568 [ 7ACDFB4CC67F4993DF0E0731576309B2 ] C:\Windows\SysWOW64\d3d11.dll
20:35:03.0702 4568 C:\Windows\SysWOW64\d3d11.dll - ok
20:35:03.0720 4568 [ B3170CCC779B682C3341873EA60CF084 ] C:\Windows\SysWOW64\d3d10warp.dll
20:35:03.0720 4568 C:\Windows\SysWOW64\d3d10warp.dll - ok
20:35:03.0731 4568 [ FF855B794961EC8785FD5CCB7B8285D3 ] C:\Windows\SysWOW64\aticfx32.dll
20:35:03.0731 4568 C:\Windows\SysWOW64\aticfx32.dll - ok
20:35:03.0748 4568 [ 38A0BE38EB53510AB425E33EA0847AD6 ] C:\Windows\SysWOW64\Macromed\Flash\Flash32_11_6_602_180.ocx
20:35:03.0750 4568 C:\Windows\SysWOW64\Macromed\Flash\Flash32_11_6_602_180.ocx - ok
20:35:03.0760 4568 [ D1DE1EAFDE97BE41CF6585027FF3E732 ] C:\Windows\SysWOW64\comdlg32.dll
20:35:03.0761 4568 C:\Windows\SysWOW64\comdlg32.dll - ok
20:35:03.0777 4568 [ 18AB2E5A40064ED5F7791AC5946A90F3 ] C:\Windows\SysWOW64\msimg32.dll
20:35:03.0777 4568 C:\Windows\SysWOW64\msimg32.dll - ok
20:35:03.0820 4568 [ BDAC1AA64495D0F7E1FF810EBBF1F018 ] C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_5.82.7601.17514_none_ec83dffa859149af\comctl32.dll
20:35:03.0820 4568 C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_5.82.7601.17514_none_ec83dffa859149af\comctl32.dll - ok
20:35:03.0837 4568 [ 7F8678C59F188528D60104E697C2361E ] C:\Windows\SysWOW64\mscms.dll
20:35:03.0837 4568 C:\Windows\SysWOW64\mscms.dll - ok
20:35:03.0853 4568 [ 21D3A18769EC2C4E56756D04E989A221 ] C:\Windows\SysWOW64\msxml3.dll
20:35:03.0853 4568 C:\Windows\SysWOW64\msxml3.dll - ok
20:35:03.0871 4568 [ 773212B2AAA24C1E31F10246B15B276C ] C:\Windows\servicing\TrustedInstaller.exe
20:35:03.0871 4568 C:\Windows\servicing\TrustedInstaller.exe - ok
20:35:03.0888 4568 [ 2E7ADF9B0389CD94605717784D7E416A ] C:\Windows\System32\drttransport.dll
20:35:03.0889 4568 C:\Windows\System32\drttransport.dll - ok
20:35:03.0908 4568 [ C57BC99A4467B3E8F1CC2184A3F46729 ] C:\Windows\System32\drt.dll
20:35:03.0908 4568 C:\Windows\System32\drt.dll - ok
20:35:03.0928 4568 [ 1957D49A9613FAAD1C73B508CCE02AA5 ] C:\Windows\SysWOW64\wmp.dll
20:35:03.0928 4568 C:\Windows\SysWOW64\wmp.dll - ok
20:35:03.0978 4568 [ 7717F84F483002815490033BF069DABD ] C:\Windows\winsxs\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.17825_none_72d273598668a06b\GdiPlus.dll
20:35:03.0979 4568 C:\Windows\winsxs\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.17825_none_72d273598668a06b\GdiPlus.dll - ok
20:35:03.0992 4568 [ 0FBC74AA20FE0AE6884279F893169C60 ] C:\Windows\SysWOW64\wmploc.DLL
20:35:03.0992 4568 C:\Windows\SysWOW64\wmploc.DLL - ok
20:35:04.0008 4568 [ 43C9CF6825CEA58F1815B7C3DBBB385C ] C:\Windows\SysWOW64\Wpc.dll
20:35:04.0008 4568 C:\Windows\SysWOW64\Wpc.dll - ok
20:35:04.0017 4568 [ 82C089EA2A3EEFADF3588EA71E8BDADA ] C:\Windows\SysWOW64\wevtapi.dll
20:35:04.0018 4568 C:\Windows\SysWOW64\wevtapi.dll - ok
20:35:04.0033 4568 [ 68ECCA523ED760AAFC03C5D587569859 ] C:\Windows\SysWOW64\samcli.dll
20:35:04.0034 4568 C:\Windows\SysWOW64\samcli.dll - ok
20:35:04.0048 4568 [ C30A3E5DEEEBA22E782AC54C5AF5F352 ] C:\Windows\SysWOW64\samlib.dll
20:35:04.0048 4568 C:\Windows\SysWOW64\samlib.dll - ok
20:35:04.0064 4568 [ 3C06536A9AA332E9E0CEBDE5A596822A ] C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDPROV.DLL
20:35:04.0065 4568 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDPROV.DLL - ok
20:35:04.0082 4568 [ 0C15DB6FF927935F0ECA52FEEA40E6C2 ] C:\Program Files\Common Files\Microsoft Shared\Windows Live\wlidcli.dll
20:35:04.0082 4568 C:\Program Files\Common Files\Microsoft Shared\Windows Live\wlidcli.dll - ok
20:35:04.0131 4568 [ 3D3CBD1847F980FB03343A63671E7886 ] C:\Windows\SysWOW64\schannel.dll
20:35:04.0132 4568 C:\Windows\SysWOW64\schannel.dll - ok
20:35:04.0140 4568 ============================================================
20:35:04.0140 4568 Scan finished
20:35:04.0140 4568 ============================================================
20:35:04.0177 4560 Detected object count: 3
20:35:04.0178 4560 Actual detected object count: 3
20:36:02.0189 4560 Thpsrv ( UnsignedFile.Multi.Generic ) - skipped by user
20:36:02.0189 4560 Thpsrv ( UnsignedFile.Multi.Generic ) - User select action: Skip
20:36:03.0873 4560 \Device\Harddisk0\DR0\# - copied to quarantine
20:36:03.0889 4560 \Device\Harddisk0\DR0 - copied to quarantine
20:36:03.0998 4560 \Device\Harddisk0\DR0\TDLFS\cmd.dll - copied to quarantine
20:36:04.0139 4560 \Device\Harddisk0\DR0\TDLFS\cmd64.dll - copied to quarantine
20:36:04.0279 4560 \Device\Harddisk0\DR0\TDLFS\drv32 - copied to quarantine
20:36:04.0419 4560 \Device\Harddisk0\DR0\TDLFS\drv64 - copied to quarantine
20:36:04.0497 4560 \Device\Harddisk0\DR0\TDLFS\servers.dat - copied to quarantine
20:36:04.0544 4560 \Device\Harddisk0\DR0\TDLFS\config.ini - copied to quarantine
20:36:04.0591 4560 \Device\Harddisk0\DR0\TDLFS\ldr16 - copied to quarantine
20:36:05.0262 4560 \Device\Harddisk0\DR0\TDLFS\ldr32 - copied to quarantine
20:36:05.0340 4560 \Device\Harddisk0\DR0\TDLFS\ldr64 - copied to quarantine
20:36:05.0402 4560 \Device\Harddisk0\DR0\TDLFS\s - copied to quarantine
20:36:05.0433 4560 \Device\Harddisk0\DR0\TDLFS\ldrm - copied to quarantine
20:36:05.0449 4560 \Device\Harddisk0\DR0\TDLFS\u - copied to quarantine
20:36:05.0574 4560 \Device\Harddisk0\DR0 ( Rootkit.Boot.Pihar.c ) - will be cured on reboot
20:36:05.0574 4560 \Device\Harddisk0\DR0 - ok
20:36:06.0619 4560 \Device\Harddisk0\DR0 ( Rootkit.Boot.Pihar.c ) - User select action: Cure
20:36:06.0619 4560 \Device\Harddisk0\DR0 ( TDSS File System ) - skipped by user
20:36:06.0619 4560 \Device\Harddisk0\DR0 ( TDSS File System ) - User select action: Skip
  • 0

#8
maliprog

maliprog

    Trusted Helper

  • Malware Removal
  • 6,172 posts
TDSSKiller did great job but infection is still there. Can you please try to run Combofix in Safe mode and let me know results.

Please restart in safe mode:

  • If the computer is running, shut down Windows, and then turn off the power
  • Start tapping the F8 key. The Windows Advanced Options Menu appears. If you begin tapping the F8 key too soon, some computers display a "keyboard error" message. To resolve this, restart the computer and try again.
  • Ensure that the Safe mode option is selected.
  • Press Enter. The computer then begins to start in Safe mode.

  • 0

#9
jkabat

jkabat

    Member

  • Topic Starter
  • Member
  • PipPip
  • 98 posts
Tried to run combofix in safemode. The first part happened with the screen below. Nothing else happened. I think there is supposed to be another step that goes through stages/steps. That never came up nor is there a log.

Posted Image
  • 0

#10
maliprog

maliprog

    Trusted Helper

  • Malware Removal
  • 6,172 posts
OK. We will first scan you system with AVAST then restart your syste in Normal mode and try to run Combofix. Hopefully we'll get Combofix log this time.

Let's install the free Avast:

AVAST Free

Once you have it installed and it has updated, right click on it and select Open Avast! User Interface then click on Scan Computer, then on
Boot-Time Scan then Schedule Now.

Reboot and let it run a scan. It will take many hours (like overnight) and unfortunately you may need to check back with it once in a while to see if it needs an input from you.
  • 0

Advertisements


#11
jkabat

jkabat

    Member

  • Topic Starter
  • Member
  • PipPip
  • 98 posts
Ok,thanks for your response. As the scan will take many hours I will try to find a time this weekend when I can free the computer from other tasks. I will post again after the scan.
  • 0

#12
jkabat

jkabat

    Member

  • Topic Starter
  • Member
  • PipPip
  • 98 posts
Hi,

I ran the avira scan overnight.

I instructed avira to move detected threats to the 'chest'. I haven't taken any other action based on the scan results.

I now get a number of avast notices that avast! Network shield has blocked a malicious url site.

Should I try to run combofix now?

If so, should I disable avast?

Thanks.


  • 0

#13
maliprog

maliprog

    Trusted Helper

  • Malware Removal
  • 6,172 posts
Hi jkabat,

I instructed avira to move detected threats to the 'chest'. I haven't taken any other action based on the scan results.


Did you run Avast boot scan? Why did you run avira instead?

Please try to run Combofix now. If you fail then please run AVAST boot scan.
  • 0

#14
jkabat

jkabat

    Member

  • Topic Starter
  • Member
  • PipPip
  • 98 posts
My mistake. I ran avast boot scan (not avira).

Avast is now running on the computer and I get continuous popup notices that avast detects malicious websites.

Should I somehow turn this off/disable this before running combofix?

Thanks.
  • 0

#15
maliprog

maliprog

    Trusted Helper

  • Malware Removal
  • 6,172 posts
Yes please. Disable all antivirus solutions before you run Combofix. To disable AVAST:

  • Right-click the "Avast!" tray icon.
  • Select "Avast! Shield Controls."
  • Select an amount of time to disable the shields.

  • 0






Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP