Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Trojan:DOS/Shetwirl.A


  • This topic is locked This topic is locked
14 replies to this topic

#1 MoOPH

MoOPH

  • Members
  • 8 posts
  • OFFLINE
  •  
  • Local time:03:22 PM

Posted 19 August 2012 - 07:29 PM

Hi, I was hoping BleepingComputer could help me resolve an issue I am having.

I am running Windows 7 SP1 on a Toshiba laptop (new laptop). I own an external hard drive that I use to store photos, backups, and music mainly. When I connected this hard drive to my new laptop, Microsoft Security Essentials detected Trojan:DOS/Shetwirl.A and attempted to quarantine, failed to quarantine it with an error code 0x80070032 (request is not supported), but then was able to remove it. This repeats as long as the hard drive is connected to my laptop at a regular interval of once every 5 minutes. MSE detects the trojan, tries to quarantine, fails to quarantine, and eventually removes it.

I have run an MSE scan of my new laptop, but it does not seem to be affected. However, since this was connected to my old laptop, I suspect that the laptop itself is infected as well. My old laptop is running Windows Vista.

I would appreciate it if you could help me get rid of this virus.

Thank you!

BC AdBot (Login to Remove)

 


#2 HelpBot

HelpBot

    Bleepin' Binary Bot


  • Bots
  • 12,660 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:04:22 PM

Posted 24 August 2012 - 07:30 PM

Hello and welcome to Bleeping Computer!

I am HelpBot: an automated program designed to help the Bleeping Computer Staff better assist you! This message contains very important information, so please read through all of it before doing anything.

We apologize for the delay in responding to your request for help. Here at Bleeping Computer we get overwhelmed at times, and we are trying our best to keep up. Please note that your topic was not intentionally overlooked. Our mission is to help everyone in need, but sometimes it takes just a little longer to get to every request for help. No one is ignored here.

To help Bleeping Computer better assist you please perform the following steps:

***************************************************

Posted Image In order to continue receiving help at BleepingComputer.com, YOU MUST tell me if you still need help or if your issue has already been resolved on your own or through another resource! To tell me this, please click on the following link and follow the instructions there.

CLICK THIS LINK >>> http://www.bleepingcomputer.com/logreply/465835 <<< CLICK THIS LINK



If you no longer need help, then all you needed to do was the previous instructions of telling me so. You can skip the rest of this post. If you do need help please continue with Step 2 below.

***************************************************

Posted Image If you still need help, I would like you to post a Reply to this topic (click the "Add Reply" button in the lower right hand of this page). In that reply, please include the following information:

  • If you have not done so already, include a clear description of the problems you're having, along with any steps you may have performed so far.
  • A new DDS and GMER log. For your convenience, you will find the instructions for generating these logs repeated at the bottom of this post.
    • Please do this even if you have previously posted logs for us.
    • If you were unable to produce the logs originally please try once more.
    • If you are unable to create a log please provide detailed information about your installed Windows Operating System including the Version, Edition and if it is a 32bit or a 64bit system.
    • If you are unsure about any of these characteristics just post what you can and we will guide you.
  • Please tell us if you have your original Windows CD/DVD available.
  • Upon completing the above steps and posting a reply, another staff member will review your topic and do their best to resolve your issues.

Thank you for your patience, and again sorry for the delay.

***************************************************

We need to see some information about what is happening in your machine. Please perform the following scan again:

  • Download DDS by sUBs from one of the following links if you no longer have it available. Save it to your desktop.
  • Double click on the DDS icon, allow it to run.
  • A small box will open, with an explanation about the tool. No input is needed, the scan is running.
  • Notepad will open with the results.
  • Follow the instructions that pop up for posting the results.
  • Close the program window, and delete the program from your desktop.
Please note: You may have to disable any script protection running if the scan fails to run. After downloading the tool, disconnect from the internet and disable all antivirus protection. Run the scan, enable your A/V and reconnect to the internet.

Information on A/V control HERE


We also need a new log from the GMER anti-rootkit Scanner.

Please note that if you are running a 64-bit version of Windows, you should not bother creating a GMER log.

Please first disable any CD emulation programs using the steps found in this topic:

Why we request you disable CD Emulation when receiving Malware Removal Advice


Then create another GMER log and post it as an attachment to the reply where you post your new DDS log. Instructions on how to properly create a GMER log can be found here:

How to create a GMER log


As I am just a silly little program running on the BleepingComputer.com servers, please do not send me private messages as I do not know how to read and reply to them! Thanks!

#3 fireman4it

fireman4it

    Bleepin' Fireman


  • Malware Response Team
  • 13,505 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Greenup, Ill USA
  • Local time:03:22 PM

Posted 26 August 2012 - 07:54 PM

Hello MoOPH,
  • Welcome to Bleeping Computer.
  • My name is fireman4it and I will be helping you with your Malware problem.

    Please take note of some guidelines for this fix:
  • Refrain from making any changes to your computer including installing/uninstall programs, deleting files, modifying the registry, and running scanners or tools.
  • If you do not understand any step(s) provided, please do not hesitate to ask before continuing.
  • Even if things appear to be better, it might not mean we are finished. Please continue to follow my instructions and reply back until I give you the "all clean".
  • In the upper right hand corner of the topic you will see a button called Watch Topic.I suggest you click it and select Immediate E-Mail notification and click on Proceed. This way you will be advised when we respond to your topic and facilitate the cleaning of your machine.

  • Finally, please reply using the ADD REPLY button in the lower right hand corner of your screen. Do not start a new topic. The logs that you post should be pasted directly into the reply, unless they do not fit into the post.

1.
Please post the logs requested in the previous post by Helpbot.

2.
Do you have a USB Flash Drive to use?

" Extinguishing Malware from the world"

The Virus, Trojan, Spyware, and Malware Removal forum is very busy. If I'm helping you and I've not posted back within 24 hrs., send a PM with your topic link. Thank you.

ALL OTHER HELP REQUESTS VIA THE PM SYSTEM WILL BE IGNORED. The Forums are there for a reason!
Thanks-


  userbar_eis_500.gif

If I have helped you, consider making a donation to help me continue the fight against Malware! Just click btn_donate_LG.gif


#4 MoOPH

MoOPH
  • Topic Starter

  • Members
  • 8 posts
  • OFFLINE
  •  
  • Local time:03:22 PM

Posted 27 August 2012 - 07:38 PM

Hi fireman4it, thanks for replying to my post.

Sorry for my delayed response; my email filed the messages from this forum as spam; I just caught them tonight in my spam folder.

I am running 64-bit Windows, so I did not create a GMER log. I do not have a Windows CD available for my computer (my computer does not have a CD/DVD drive).

I do have a USB flash drive that I can use.

The following is the DDS log that was created. I did not attach "Attach.txt," since it said not to unless it was specifically asked for.


.
DDS (Ver_2011-08-26.01) - NTFSAMD64
Internet Explorer: 9.0.8112.16421
Run by Ken at 20:28:24 on 2012-08-27
Microsoft Windows 7 Home Premium 6.1.7601.1.1252.1.1033.18.3990.1705 [GMT -4:00]
.
AV: Microsoft Security Essentials *Enabled/Updated* {9765EA51-0D3C-7DFB-6091-10E4E1F341F6}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
SP: Microsoft Security Essentials *Enabled/Updated* {2C040BB5-2B06-7275-5A21-2B969A740B4B}
.
============== Running Processes ===============
.
C:\windows\system32\wininit.exe
C:\windows\system32\lsm.exe
C:\windows\system32\svchost.exe -k DcomLaunch
C:\windows\system32\svchost.exe -k RPCSS
c:\Program Files\Microsoft Security Client\MsMpEng.exe
C:\windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\windows\system32\svchost.exe -k netsvcs
C:\windows\system32\svchost.exe -k LocalService
C:\windows\system32\svchost.exe -k NetworkService
C:\windows\system32\WLANExt.exe
C:\windows\system32\conhost.exe
C:\windows\System32\spoolsv.exe
C:\windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Program Files\Intel\WiFi\bin\EvtEng.exe
C:\windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Program Files\Intel\iCLS Client\HeciServer.exe
C:\Program Files (x86)\Intel\Intel® Management Engine Components\FWService\IntelMeFWService.exe
C:\windows\SysWOW64\irstrtsv.exe
C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe
C:\Program Files (x86)\Memeo\AutoBackup\MemeoBackgroundService.exe
C:\Program Files (x86)\Norton PC Checkup\Engine\2.0.17.38\SymcPCCULaunchSvc.exe
C:\Program Files (x86)\Norton PC Checkup\Engine\2.0.17.38\ccSvcHst.exe
C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
C:\Program Files (x86)\Seagate\Seagate Dashboard\SeagateDashboardService.exe
C:\windows\system32\TODDSrv.exe
C:\Program Files\TOSHIBA\Power Saver\TosCoSrv.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe
C:\windows\system32\wbem\unsecapp.exe
C:\Program Files\TOSHIBA\TECO\TecoService.exe
C:\windows\system32\wbem\wmiprvse.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
C:\windows\system32\wbem\wmiprvse.exe
C:\windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
C:\Program Files (x86)\Toshiba\ToshibaRegistration\TaisRegistPinger.exe
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\windows\system32\SearchIndexer.exe
C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe
C:\windows\system32\taskhost.exe
C:\Program Files (x86)\Norton PC Checkup\Engine\2.0.17.38\ccSvcHst.exe
C:\windows\system32\Dwm.exe
C:\windows\Explorer.EXE
C:\Windows\System32\igfxtray.exe
C:\Windows\System32\hkcmd.exe
C:\Windows\System32\igfxpers.exe
C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
C:\Program Files\SRS Labs\SRS Control Panel\SRSPanel_64.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\TOSHIBA\Power Saver\TPwrMain.exe
C:\Program Files\TOSHIBA\FlashCards\TCrdMain.exe
C:\Program Files\TOSHIBA\Power Saver\TBatmgrTrayicon.exe
C:\Program Files\TOSHIBA\TECO\Teco.exe
C:\Program Files\TOSHIBA\BulletinBoard\TosNcCore.exe
C:\Program Files\TOSHIBA\ReelTime\TosReelTimeMonitor.exe
C:\Program Files\Microsoft Security Client\msseces.exe
C:\Program Files (x86)\Google\Drive\googledrivesync.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Program Files\TOSHIBA\FlashCards\Hotkey\TcrdKBB.exe
C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Users\Ken\AppData\Roaming\Dropbox\bin\Dropbox.exe
C:\Program Files (x86)\Intel\Intel® USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
C:\Program Files (x86)\Toshiba\TOSHIBA Sleep Utility\TSleepSrv.exe
C:\Program Files (x86)\Google\Google Talk\googletalk.exe
C:\Program Files (x86)\Evernote\Evernote\EvernoteClipper.exe
C:\PROGRAM FILES\SYNAPTICS\SYNTP\SYNTPHELPER.EXE
C:\Program Files (x86)\Seagate\Seagate Dashboard\MemeoDashboard.exe
C:\Program Files (x86)\Memeo\AutoBackup\InstantBackup.exe
C:\Program Files (x86)\Google\Drive\googledrivesync.exe
C:\Program Files (x86)\Seagate\Seagate Dashboard\HipServAgent\HipServAgent.exe
C:\windows\system32\wuauclt.exe
C:\Program Files (x86)\TOSHIBA\TOSHIBA Service Station\ToshibaServiceStation.exe
C:\Program Files (x86)\TOSHIBA\TOSHIBA Service Station\TMachInfo.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files\TOSHIBA\TPHM\TPCHSrv.exe
C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSmartSrv.exe
C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSENotify.exe
C:\Program Files\TOSHIBA\TPHM\TPCHWMsg.exe
C:\Program Files (x86)\Microsoft Office\Office14\EXCEL.EXE
C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files\TOSHIBA\TECO\TecoHook.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\windows\system32\igfxsrvc.exe
C:\windows\system32\DllHost.exe
C:\windows\system32\DllHost.exe
C:\windows\SysWOW64\cmd.exe
C:\windows\system32\conhost.exe
C:\windows\SysWOW64\cscript.exe
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxp://start.toshiba.com/?cid=C001B2Y
uDefault_Page_URL = hxxp://start.toshiba.com/?cid=C001B2Y
uInternet Settings,ProxyOverride = <local>
mWinlogon: Userinit=userinit.exe
BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
BHO: Windows Live ID Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
BHO: Google Toolbar Helper: {aa58ed58-01dd-4d91-8333-cf10577473f7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
BHO: Office Document Cache Handler: {b4f3a835-0e21-4959-ba22-42b3008e02ff} - C:\PROGRA~2\MICROS~3\Office14\URLREDIR.DLL
BHO: Java™ Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
BHO: TOSHIBA Media Controller Plug-in: {f3c88694-effa-4d78-b409-54b7b2535b14} - C:\Program Files (x86)\TOSHIBA\TOSHIBA Media Controller Plug-in\TOSHIBAMediaControllerIE.dll
TB: Google Toolbar: {2318c2b1-4965-11d4-9b18-009027a5cd4f} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
uRun: [Best Buy pc app] C:\Users\Ken\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Best Buy\Best Buy pc app.appref-ms
uRun: [GoogleDriveSync] "C:\Program Files (x86)\Google\Drive\googledrivesync.exe" /autostart
uRun: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
uRun: [swg] "C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"
mRun: [ITSecMng] %ProgramFiles%\TOSHIBA\Bluetooth Toshiba Stack\ItSecMng.exe /START
mRun: [USB3MON] "C:\Program Files (x86)\Intel\Intel® USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe"
mRun: [Intel AT Service signup] C:\Program Files (x86)\Intel Corporation\Intel AT Service signup\IntelATServiceSignup.exe -launchonboot
mRun: [TOSDCR] %ProgramFiles%\TOSHIBA\PasswordUtility\TOSDCR.exe
mRun: [DelayTSS] "C:\Program Files\Toshiba\DelayTSS\DelayTSS.exe"
mRun: [TSleepSrv] %ProgramFiles(x86)%\TOSHIBA\TOSHIBA Sleep Utility\TSleepSrv.exe
mRun: [googletalk] C:\Program Files (x86)\Google\Google Talk\googletalk.exe /autostart
mRun: [Memeo Instant Backup] C:\Program Files (x86)\Memeo\AutoBackup\MemeoLauncher2.exe --silent --no_ui
mRun: [Seagate Dashboard] C:\Program Files (x86)\Seagate\Seagate Dashboard\MemeoLauncher.exe --silent --no_ui
StartupFolder: C:\Users\Ken\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\Dropbox.lnk - C:\Users\Ken\AppData\Roaming\Dropbox\bin\Dropbox.exe
StartupFolder: C:\Users\Ken\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\EVERNO~1.LNK - C:\Program Files (x86)\Evernote\Evernote\EvernoteClipper.exe
mPolicies-explorer: NoActiveDesktop = 1 (0x1)
mPolicies-explorer: NoActiveDesktopChanges = 1 (0x1)
mPolicies-system: ConsentPromptBehaviorAdmin = 5 (0x5)
mPolicies-system: ConsentPromptBehaviorUser = 3 (0x3)
mPolicies-system: EnableUIADesktopToggle = 0 (0x0)
IE: Add to Evernote 4.0 - C:\Program Files (x86)\Evernote\Evernote\EvernoteIE.dll/204
IE: E&xport to Microsoft Excel - C:\PROGRA~2\MICROS~3\Office14\EXCEL.EXE/3000
IE: Se&nd to OneNote - C:\PROGRA~2\MICROS~3\Office14\ONBttnIE.dll/105
IE: {A95fe080-8f5d-11d2-a20b-00aa003c157a} - res://C:\Program Files (x86)\Evernote\Evernote\EvernoteIE.dll/204
IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_25-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0025-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_25-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_25-windows-i586.cab
TCP: DhcpNameServer = 18.71.0.151 18.70.0.160 18.72.0.3
TCP: Interfaces\{3D930849-3F03-4D42-B68F-2C8BEDC7E1F9} : DhcpNameServer = 18.71.0.151 18.70.0.160 18.72.0.3
TCP: Interfaces\{3D930849-3F03-4D42-B68F-2C8BEDC7E1F9}\B4167716D6F647F6 : DhcpNameServer = 167.206.245.129 167.206.245.130
TCP: Interfaces\{3D930849-3F03-4D42-B68F-2C8BEDC7E1F9}\D49445 : DhcpNameServer = 18.71.0.151 18.70.0.160 18.72.0.3
Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\microsoft shared\OFFICE14\MSOXMLMF.DLL
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
BHO-X64: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
BHO-X64: AcroIEHelperStub - No File
BHO-X64: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
BHO-X64: Google Toolbar Helper: {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
BHO-X64: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~3\Office14\URLREDIR.DLL
BHO-X64: URLRedirectionBHO - No File
BHO-X64: Java™ Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
BHO-X64: TOSHIBA Media Controller Plug-in: {F3C88694-EFFA-4d78-B409-54B7B2535B14} - C:\Program Files (x86)\TOSHIBA\TOSHIBA Media Controller Plug-in\TOSHIBAMediaControllerIE.dll
TB-X64: Google Toolbar: {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
mRun-x64: [ITSecMng] %ProgramFiles%\TOSHIBA\Bluetooth Toshiba Stack\ItSecMng.exe /START
mRun-x64: [USB3MON] "C:\Program Files (x86)\Intel\Intel® USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe"
mRun-x64: [Intel AT Service signup] C:\Program Files (x86)\Intel Corporation\Intel AT Service signup\IntelATServiceSignup.exe -launchonboot
mRun-x64: [TOSDCR] %ProgramFiles%\TOSHIBA\PasswordUtility\TOSDCR.exe
mRun-x64: [DelayTSS] "C:\Program Files\Toshiba\DelayTSS\DelayTSS.exe"
mRun-x64: [TSleepSrv] %ProgramFiles(x86)%\TOSHIBA\TOSHIBA Sleep Utility\TSleepSrv.exe
mRun-x64: [googletalk] C:\Program Files (x86)\Google\Google Talk\googletalk.exe /autostart
mRun-x64: [Memeo Instant Backup] C:\Program Files (x86)\Memeo\AutoBackup\MemeoLauncher2.exe --silent --no_ui
mRun-x64: [Seagate Dashboard] C:\Program Files (x86)\Seagate\Seagate Dashboard\MemeoLauncher.exe --silent --no_ui
IE-X64: {A95fe080-8f5d-11d2-a20b-00aa003c157a} - res://C:\Program Files (x86)\Evernote\Evernote\EvernoteIE.dll/204
.
================= FIREFOX ===================
.
FF - ProfilePath -
.
============= SERVICES / DRIVERS ===============
.
R0 iusb3hcs;Intel® USB 3.0 Host Controller Switch Driver;C:\windows\system32\DRIVERS\iusb3hcs.sys --> C:\windows\system32\DRIVERS\iusb3hcs.sys [?]
R0 MpFilter;Microsoft Malware Protection Driver;C:\windows\system32\DRIVERS\MpFilter.sys --> C:\windows\system32\DRIVERS\MpFilter.sys [?]
R0 tos_sps64;TOSHIBA tos_sps64 Service;C:\windows\system32\DRIVERS\tos_sps64.sys --> C:\windows\system32\DRIVERS\tos_sps64.sys [?]
R1 vwififlt;Virtual WiFi Filter Driver;C:\windows\system32\DRIVERS\vwififlt.sys --> C:\windows\system32\DRIVERS\vwififlt.sys [?]
R2 Intel® Capability Licensing Service Interface;Intel® Capability Licensing Service Interface;C:\Program Files\Intel\iCLS Client\HeciServer.exe [2012-2-3 628448]
R2 Intel® ME Service;Intel® ME Service;C:\Program Files (x86)\Intel\Intel® Management Engine Components\FWService\IntelMeFWService.exe [2012-7-15 128280]
R2 irstrtsv;Intel® Rapid Start Technology Service;C:\Windows\SysWOW64\irstrtsv.exe [2012-7-15 192856]
R2 jhi_service;Intel® Dynamic Application Loader Host Interface Service;C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\Jhi_service.exe [2012-7-15 161560]
R2 MemeoBackgroundService;MemeoBackgroundService;C:\Program Files (x86)\Memeo\AutoBackup\MemeoBackgroundService.exe [2011-5-4 25824]
R2 Norton PC Checkup Application Launcher;Toshiba Laptop Checkup Application Launcher;C:\Program Files (x86)\Norton PC Checkup\Engine\2.0.17.38\SymcPCCULaunchSvc.exe [2012-7-15 135608]
R2 PCCUJobMgr;Common Client Job Manager Service;C:\Program Files (x86)\Norton PC Checkup\Engine\2.0.17.38\ccSvcHst.exe [2012-7-15 126392]
R2 risdxc;risdxc;C:\windows\system32\DRIVERS\risdxc64.sys --> C:\windows\system32\DRIVERS\risdxc64.sys [?]
R2 SeagateDashboardService;Seagate Dashboard Service;C:\Program Files (x86)\Seagate\Seagate Dashboard\SeagateDashboardService.exe [2011-6-1 14088]
R2 taisregispinger;taisregispinger;C:\Program Files (x86)\Toshiba\ToshibaRegistration\TaisRegistPinger.exe [2012-5-11 2186240]
R2 TOSHIBA eco Utility Service;TOSHIBA eco Utility Service;C:\Program Files\TOSHIBA\TECO\TecoService.exe [2012-2-28 342464]
R2 TVALZFL;TOSHIBA ACPI-Based Value Added Logical and General Purpose Device Filter Driver;C:\windows\system32\DRIVERS\TVALZFL.sys --> C:\windows\system32\DRIVERS\TVALZFL.sys [?]
R2 UNS;Intel® Management and Security Application User Notification Service;C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe [2012-7-15 363800]
R2 ZeroConfigService;Intel® PROSet/Wireless Zero Configuration Service;C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe [2012-2-26 2669840]
R3 e1cexpress;Intel® PRO/1000 PCI Express Network Connection Driver C;C:\windows\system32\DRIVERS\e1c62x64.sys --> C:\windows\system32\DRIVERS\e1c62x64.sys [?]
R3 IntcDAud;Intel® Display Audio;C:\windows\system32\DRIVERS\IntcDAud.sys --> C:\windows\system32\DRIVERS\IntcDAud.sys [?]
R3 irstrtdv;Intel® Rapid Start Technology Driver;C:\windows\system32\DRIVERS\irstrtdv.sys --> C:\windows\system32\DRIVERS\irstrtdv.sys [?]
R3 iusb3hub;Intel® USB 3.0 Hub Driver;C:\windows\system32\DRIVERS\iusb3hub.sys --> C:\windows\system32\DRIVERS\iusb3hub.sys [?]
R3 iusb3xhc;Intel® USB 3.0 eXtensible Host Controller Driver;C:\windows\system32\DRIVERS\iusb3xhc.sys --> C:\windows\system32\DRIVERS\iusb3xhc.sys [?]
R3 iwdbus;IWD Bus Enumerator;C:\windows\system32\DRIVERS\iwdbus.sys --> C:\windows\system32\DRIVERS\iwdbus.sys [?]
R3 MEIx64;Intel® Management Engine Interface ;C:\windows\system32\DRIVERS\HECIx64.sys --> C:\windows\system32\DRIVERS\HECIx64.sys [?]
R3 NETwNs64;___ Intel® Wireless WiFi Link 5000 Series Adapter Driver for Windows 7 - 64 Bit;C:\windows\system32\DRIVERS\Netwsw00.sys --> C:\windows\system32\DRIVERS\Netwsw00.sys [?]
R3 osppsvc;Office Software Protection Platform;C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-1-9 4925184]
R3 PGEffect;Pangu effect driver;C:\windows\system32\DRIVERS\pgeffect.sys --> C:\windows\system32\DRIVERS\pgeffect.sys [?]
R3 TMachInfo;TMachInfo;C:\Program Files (x86)\Toshiba\TOSHIBA Service Station\TMachInfo.exe [2012-7-15 57216]
R3 TOSHIBA HDD SSD Alert Service;TOSHIBA HDD SSD Alert Service;C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSmartSrv.exe [2012-4-11 138152]
R3 TPCHSrv;TPCH Service;C:\Program Files\TOSHIBA\TPHM\TPCHSrv.exe [2012-3-16 846208]
R3 vwifimp;Microsoft Virtual WiFi Miniport Service;C:\windows\system32\DRIVERS\vwifimp.sys --> C:\windows\system32\DRIVERS\vwifimp.sys [?]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576]
S2 gupdate;Google Update Service (gupdate);C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2012-7-15 136176]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service;C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-5-11 250568]
S3 cphs;Intel® Content Protection HECI Service;C:\Windows\SysWOW64\IntelCpHeciSvc.exe [2012-4-2 276248]
S3 gupdatem;Google Update Service (gupdatem);C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2012-7-15 136176]
S3 intaud_WaveExtensible;Intel WiDi Audio Device;C:\windows\system32\drivers\intelaud.sys --> C:\windows\system32\drivers\intelaud.sys [?]
S3 MozillaMaintenance;Mozilla Maintenance Service;C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2012-8-8 113120]
S3 MyWiFiDHCPDNS;Wireless PAN DHCP Server;C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [2012-2-26 273168]
S3 NisDrv;Microsoft Network Inspection System;C:\windows\system32\DRIVERS\NisDrvWFP.sys --> C:\windows\system32\DRIVERS\NisDrvWFP.sys [?]
S3 NisSrv;Microsoft Network Inspection;C:\Program Files\Microsoft Security Client\NisSrv.exe [2012-3-26 291696]
S3 TsUsbFlt;TsUsbFlt;C:\windows\system32\drivers\tsusbflt.sys --> C:\windows\system32\drivers\tsusbflt.sys [?]
S3 TsUsbGD;Remote Desktop Generic USB Device;C:\windows\system32\drivers\TsUsbGD.sys --> C:\windows\system32\drivers\TsUsbGD.sys [?]
S3 WatAdminSvc;Windows Activation Technologies Service;C:\windows\system32\Wat\WatAdminSvc.exe --> C:\windows\system32\Wat\WatAdminSvc.exe [?]
S4 wlcrasvc;Windows Live Mesh remote connections service;C:\Program Files\Windows Live\Mesh\wlcrasvc.exe [2010-9-22 57184]
.
=============== Created Last 30 ================
.
2012-08-27 01:31:52 9309624 ----a-w- C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{3D900F57-B99F-44C0-A2D2-5015C1ED01C8}\mpengine.dll
2012-08-26 15:13:20 9309624 ------w- C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\Backup\mpengine.dll
2012-08-20 22:22:00 -------- d-----w- C:\ProgramData\MemeoCommon
2012-08-18 22:06:45 -------- d-----w- C:\Users\Ken\AppData\Roaming\Memeo
2012-08-18 22:06:33 -------- d-----w- C:\Users\Ken\AppData\Roaming\Seagate
2012-08-18 22:06:15 -------- d-----w- C:\Program Files (x86)\Common Files\Memeo
2012-08-18 22:06:11 -------- d-----w- C:\Program Files (x86)\Memeo
2012-08-18 22:05:39 -------- d-----w- C:\Program Files (x86)\Seagate
2012-08-18 19:30:21 -------- d-----w- C:\Users\Ken\AppData\Local\Diagnostics
2012-08-17 04:44:21 -------- d-----w- C:\Users\Ken\AppData\Local\Adobe
2012-08-15 14:05:11 503808 ----a-w- C:\windows\System32\srcore.dll
2012-08-15 14:05:11 43008 ----a-w- C:\windows\SysWow64\srclient.dll
2012-08-15 14:05:02 751104 ----a-w- C:\windows\System32\win32spl.dll
2012-08-15 14:05:02 67072 ----a-w- C:\windows\splwow64.exe
2012-08-15 14:05:02 559104 ----a-w- C:\windows\System32\spoolsv.exe
2012-08-15 14:05:02 492032 ----a-w- C:\windows\SysWow64\win32spl.dll
2012-08-15 14:05:00 59392 ----a-w- C:\windows\System32\browcli.dll
2012-08-15 14:05:00 41984 ----a-w- C:\windows\SysWow64\browcli.dll
2012-08-15 14:05:00 136704 ----a-w- C:\windows\System32\browser.dll
2012-08-15 14:04:58 3148800 ----a-w- C:\windows\System32\win32k.sys
2012-08-15 14:04:56 956928 ----a-w- C:\windows\System32\localspl.dll
2012-08-11 02:12:12 -------- d-----w- C:\windows\SysWow64\Wat
2012-08-11 02:12:12 -------- d-----w- C:\windows\System32\Wat
2012-08-09 21:24:28 -------- d-----w- C:\Program Files (x86)\Microsoft Analysis Services
2012-08-09 21:24:24 -------- d-----w- C:\Users\Ken\AppData\Local\Microsoft Help
2012-08-09 16:05:53 210944 ----a-w- C:\windows\System32\drivers\rdpwd.sys
2012-08-08 17:57:25 -------- d-s---w- C:\Users\Ken\Google Drive
2012-08-08 17:09:14 -------- d-----r- C:\Users\Ken\Dropbox
2012-08-08 17:06:03 -------- d-----w- C:\Users\Ken\AppData\Local\Evernote
2012-08-08 17:05:16 -------- d-----w- C:\ProgramData\Malwarebytes
2012-08-08 17:05:15 24904 ----a-w- C:\windows\System32\drivers\mbam.sys
2012-08-08 17:05:15 -------- d-----w- C:\Program Files (x86)\Malwarebytes' Anti-Malware
2012-08-08 17:04:19 -------- d-----w- C:\Program Files (x86)\Evernote
2012-08-08 16:47:59 -------- d-----w- C:\Program Files (x86)\VideoLAN
2012-08-08 16:39:53 -------- d-----r- C:\Program Files (x86)\Skype
2012-08-08 16:35:44 178688 ----a-w- C:\windows\SysWow64\unrar.dll
2012-08-08 16:35:39 -------- d-----w- C:\Program Files (x86)\K-Lite Codec Pack
2012-08-08 16:33:58 -------- d-----w- C:\Users\Ken\AppData\Roaming\Dropbox
2012-08-08 16:30:37 -------- d-----w- C:\Program Files (x86)\Combined Community Codec Pack
2012-08-08 16:27:46 927800 ------w- C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{6FFB98A0-A68D-4346-A2D3-790BE503AE95}\gapaengine.dll
2012-08-08 16:23:22 -------- d-----w- C:\Program Files (x86)\Microsoft Security Client
2012-08-08 16:23:20 -------- d-----w- C:\Program Files\Microsoft Security Client
2012-08-08 16:12:52 -------- d-----w- C:\Users\Ken\AppData\Local\Google
2012-08-08 16:12:16 -------- d-----w- C:\Users\Ken\AppData\Local\Deployment
2012-08-08 16:12:16 -------- d-----w- C:\Users\Ken\AppData\Local\Apps
2012-08-08 16:12:07 -------- d-----w- C:\Users\Ken\AppData\Local\Intel_Corporation
2012-08-08 16:12:01 -------- d-----w- C:\Users\Ken\AppData\Local\TOSHIBA
2012-08-08 16:12:01 -------- d-----w- C:\Users\Ken\AppData\Local\SRS Labs
.
==================== Find3M ====================
.
2012-08-23 13:23:39 73416 ----a-w- C:\windows\SysWow64\FlashPlayerCPLApp.cpl
2012-08-23 13:23:39 696520 ----a-w- C:\windows\SysWow64\FlashPlayerApp.exe
2012-06-29 03:56:34 2312704 ----a-w- C:\windows\System32\jscript9.dll
2012-06-29 03:49:11 1392128 ----a-w- C:\windows\System32\wininet.dll
2012-06-29 03:48:07 1494528 ----a-w- C:\windows\System32\inetcpl.cpl
2012-06-29 03:43:49 173056 ----a-w- C:\windows\System32\ieUnatt.exe
2012-06-29 03:39:48 2382848 ----a-w- C:\windows\System32\mshtml.tlb
2012-06-29 00:16:58 1800704 ----a-w- C:\windows\SysWow64\jscript9.dll
2012-06-29 00:09:01 1129472 ----a-w- C:\windows\SysWow64\wininet.dll
2012-06-29 00:08:59 1427968 ----a-w- C:\windows\SysWow64\inetcpl.cpl
2012-06-29 00:04:43 142848 ----a-w- C:\windows\SysWow64\ieUnatt.exe
2012-06-29 00:00:45 2382848 ----a-w- C:\windows\SysWow64\mshtml.tlb
2012-06-06 12:49:52 1070152 ----a-w- C:\windows\SysWow64\MSCOMCTL.OCX
2012-06-06 06:06:16 2004480 ----a-w- C:\windows\System32\msxml6.dll
2012-06-06 06:06:16 1881600 ----a-w- C:\windows\System32\msxml3.dll
2012-06-06 06:02:54 1133568 ----a-w- C:\windows\System32\cdosys.dll
2012-06-06 05:05:52 1390080 ----a-w- C:\windows\SysWow64\msxml6.dll
2012-06-06 05:05:52 1236992 ----a-w- C:\windows\SysWow64\msxml3.dll
2012-06-06 05:03:06 805376 ----a-w- C:\windows\SysWow64\cdosys.dll
2012-06-02 22:15:31 2622464 ----a-w- C:\windows\System32\wucltux.dll
2012-06-02 22:15:08 99840 ----a-w- C:\windows\System32\wudriver.dll
2012-06-02 19:19:42 186752 ----a-w- C:\windows\System32\wuwebv.dll
2012-06-02 19:15:12 36864 ----a-w- C:\windows\System32\wuapp.exe
2012-06-02 05:50:10 458704 ----a-w- C:\windows\System32\drivers\cng.sys
2012-06-02 05:48:16 95600 ----a-w- C:\windows\System32\drivers\ksecdd.sys
2012-06-02 05:48:16 151920 ----a-w- C:\windows\System32\drivers\ksecpkg.sys
2012-06-02 05:45:31 340992 ----a-w- C:\windows\System32\schannel.dll
2012-06-02 05:44:21 307200 ----a-w- C:\windows\System32\ncrypt.dll
2012-06-02 04:40:42 22016 ----a-w- C:\windows\SysWow64\secur32.dll
2012-06-02 04:40:39 225280 ----a-w- C:\windows\SysWow64\schannel.dll
2012-06-02 04:39:10 219136 ----a-w- C:\windows\SysWow64\ncrypt.dll
2012-06-02 04:34:09 96768 ----a-w- C:\windows\SysWow64\sspicli.dll
.
============= FINISH: 20:28:42.92 ===============

#5 fireman4it

fireman4it

    Bleepin' Fireman


  • Malware Response Team
  • 13,505 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Greenup, Ill USA
  • Local time:03:22 PM

Posted 27 August 2012 - 09:36 PM

For x32 (x86) bit systems download Farbar Recovery Scan Tool and save it to a flash drive.
For x64 bit systems download Farbar Recovery Scan Tool x64 and save it to a flash drive.

Plug the flashdrive into the infected PC.

Enter System Recovery Options.

To enter System Recovery Options from the Advanced Boot Options:
  • Restart the computer.
  • As soon as the BIOS is loaded begin tapping the F8 key until Advanced Boot Options appears.
  • Use the arrow keys to select the Repair your computer menu item.
  • Select US as the keyboard language settings, and then click Next.
  • Select the operating system you want to repair, and then click Next.
  • Select your user account an click Next.

To enter System Recovery Options by using Windows installation disc:
  • Insert the installation disc.
  • Restart your computer.
  • If prompted, press any key to start Windows from the installation disc. If your computer is not configured to start from a CD or DVD, check your BIOS settings.
  • Click Repair your computer.
  • Select US as the keyboard language settings, and then click Next.
  • Select the operating system you want to repair, and then click Next.
  • Select your user account and click Next.

On the System Recovery Options menu you will get the following options:Startup Repair
System Restore
Windows Complete PC Restore
Windows Memory Diagnostic Tool
Command Prompt
[*]Select Command Prompt[*]In the command window type in notepad and press Enter.[*]The notepad opens. Under File menu select Open.[*]Select "Computer" and find your flash drive letter and close the notepad.[*]In the command window type e:\frst.exe (for x64 bit version type e:\frst64) and press Enter
Note: Replace letter e with the drive letter of your flash drive.[*]The tool will start to run.[*]When the tool opens click Yes to disclaimer.[*]Press Scan button.[*]It will make a log (FRST.txt) on the flash drive. Please copy and paste it to your reply.[/list][/quote]

" Extinguishing Malware from the world"

The Virus, Trojan, Spyware, and Malware Removal forum is very busy. If I'm helping you and I've not posted back within 24 hrs., send a PM with your topic link. Thank you.

ALL OTHER HELP REQUESTS VIA THE PM SYSTEM WILL BE IGNORED. The Forums are there for a reason!
Thanks-


  userbar_eis_500.gif

If I have helped you, consider making a donation to help me continue the fight against Malware! Just click btn_donate_LG.gif


#6 MoOPH

MoOPH
  • Topic Starter

  • Members
  • 8 posts
  • OFFLINE
  •  
  • Local time:03:22 PM

Posted 28 August 2012 - 03:53 PM

Here is the output from FRST:

Scan result of Farbar Recovery Scan Tool Version: 28-08-2012
Ran by SYSTEM at 28-08-2012 16:50:47
Running from E:\
Windows 7 Home Premium Service Pack 1 (X64) OS Language: English(US)
The current controlset is ControlSet001

==================== Registry (Whitelisted) ===================

HKLM\...\Run: [] [x]
HKLM\...\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe -s [12452968 2012-03-13] (Realtek Semiconductor)
HKLM\...\Run: [SRS Premium Sound 3D] "C:\Program Files\SRS Labs\SRS Control Panel\SRSPanel_64.exe" /f="C:\Program Files\SRS Labs\SRS Control Panel\SRS_Premium_Sound_PS3D.zip" /h [212281 2012-03-22] ()
HKLM\...\Run: [SynTPEnh] %ProgramFiles%\Synaptics\SynTP\SynTPEnh.exe [2832168 2011-09-30] (Synaptics Incorporated)
HKLM\...\Run: [TPwrMain] %ProgramFiles%\TOSHIBA\Power Saver\TPwrMain.EXE [595840 2012-03-02] ()
HKLM\...\Run: [TCrdMain] %ProgramFiles%\TOSHIBA\FlashCards\TCrdMain.exe [989056 2012-03-16] (TOSHIBA Corporation)
HKLM\...\Run: [BatteryManager] %ProgramFiles%\TOSHIBA\Power Saver\TBatmgrTrayIcon.EXE [286632 2011-11-24] (TOSHIBA Corporation)
HKLM\...\Run: [Teco] "%ProgramFiles%\TOSHIBA\TECO\Teco.exe" /r [1562032 2012-02-28] (TOSHIBA Corporation)
HKLM\...\Run: [TosSENotify] C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosWaitSrv.exe [710560 2012-04-11] (TOSHIBA Corporation)
HKLM\...\Run: [TosWaitSrv] %ProgramFiles%\TOSHIBA\TPHM\TosWaitSrv.exe [712096 2011-12-14] (TOSHIBA Corporation)
HKLM\...\Run: [TosVolRegulator] C:\Program Files\TOSHIBA\TosVolRegulator\TosVolRegulator.exe [24376 2009-11-11] (TOSHIBA Corporation)
HKLM\...\Run: [TosNC] %ProgramFiles%\Toshiba\BulletinBoard\TosNcCore.exe [597936 2011-07-27] (TOSHIBA Corporation)
HKLM\...\Run: [TosReelTimeMonitor] %ProgramFiles%\TOSHIBA\ReelTime\TosReelTimeMonitor.exe [38824 2012-04-04] (TOSHIBA Corporation)
HKLM\...\Run: [MSC] "c:\Program Files\Microsoft Security Client\msseces.exe" -hide -runkey [1271168 2012-03-26] (Microsoft Corporation)
HKLM-x32\...\Run: [ITSecMng] %ProgramFiles%\TOSHIBA\Bluetooth Toshiba Stack\ItSecMng.exe /START [x]
HKLM-x32\...\Run: [USB3MON] "C:\Program Files (x86)\Intel\Intel® USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe" [291608 2012-02-27] (Intel Corporation)
HKLM-x32\...\Run: [Intel AT Service signup] C:\Program Files (x86)\Intel Corporation\Intel AT Service signup\IntelATServiceSignup.exe -launchonboot [382976 2012-02-16] (Intel Corporation)
HKLM-x32\...\Run: [TOSDCR] %ProgramFiles%\TOSHIBA\PasswordUtility\TOSDCR.exe [x]
HKLM-x32\...\Run: [DelayTSS] "C:\Program Files\Toshiba\DelayTSS\DelayTSS.exe" [2153328 2011-11-21] ()
HKLM-x32\...\Run: [TSleepSrv] %ProgramFiles(x86)%\TOSHIBA\TOSHIBA Sleep Utility\TSleepSrv.exe [x]
HKLM-x32\...\Run: [googletalk] C:\Program Files (x86)\Google\Google Talk\googletalk.exe /autostart [3739648 2007-01-01] (Google)
HKLM-x32\...\Run: [Memeo Instant Backup] C:\Program Files (x86)\Memeo\AutoBackup\MemeoLauncher2.exe --silent --no_ui [136416 2011-05-04] (Memeo Inc.)
HKLM-x32\...\Run: [Seagate Dashboard] C:\Program Files (x86)\Seagate\Seagate Dashboard\MemeoLauncher.exe --silent --no_ui [79112 2011-06-01] ()
HKU\Ken\...\Run: [Best Buy pc app] C:\Users\Ken\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Best Buy\Best Buy pc app.appref-ms [x]
HKU\Ken\...\Run: [GoogleDriveSync] "C:\Program Files (x86)\Google\Drive\googledrivesync.exe" /autostart [12218904 2012-07-20] (Google)
HKU\Ken\...\Run: [swg] "C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [39408 2012-07-15] (Google Inc.)
Tcpip\Parameters: [DhcpNameServer] 18.71.0.151 18.70.0.160 18.72.0.3
Startup: C:\Users\Default\Start Menu\Programs\Startup\Best Buy pc app.lnk
ShortcutTarget: Best Buy pc app.lnk -> C:\ProgramData\Best Buy pc app\ClickOnceSetup.exe (Microsoft)
Startup: C:\Users\Default User\Start Menu\Programs\Startup\Best Buy pc app.lnk
ShortcutTarget: Best Buy pc app.lnk -> C:\ProgramData\Best Buy pc app\ClickOnceSetup.exe (Microsoft)
Startup: C:\Users\Ken\Start Menu\Programs\Startup\Dropbox.lnk
ShortcutTarget: Dropbox.lnk -> (No File)
Startup: C:\Users\Ken\Start Menu\Programs\Startup\EvernoteClipper.lnk
ShortcutTarget: EvernoteClipper.lnk -> C:\Program Files (x86)\Evernote\Evernote\EvernoteClipper.exe (Evernote Corp., 333 W Evelyn Ave. Mountain View, CA 94041)

==================== Services (Whitelisted) ======

2 Intel® Capability Licensing Service Interface; "C:\Program Files\Intel\iCLS Client\HeciServer.exe" [628448 2012-02-02] (Intel® Corporation)
2 Intel® ME Service; C:\Program Files (x86)\Intel\Intel® Management Engine Components\FWService\IntelMeFWService.exe [128280 2012-02-21] ()
2 irstrtsv; C:\windows\SysWOW64\irstrtsv.exe [192856 2012-02-24] (Intel Corporation)
2 jhi_service; C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe [161560 2012-02-21] (Intel Corporation)
2 MsMpSvc; "C:\Program Files\Microsoft Security Client\MsMpEng.exe" [12600 2012-03-26] (Microsoft Corporation)
3 MyWiFiDHCPDNS; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [273168 2012-02-26] ()
3 NisSrv; "C:\Program Files\Microsoft Security Client\NisSrv.exe" [291696 2012-03-26] (Microsoft Corporation)
2 Norton PC Checkup Application Launcher; C:\Program Files (x86)\Norton PC Checkup\Engine\2.0.17.38\SymcPCCULaunchSvc.exe /s [135608 2011-11-30] (Symantec Corporation)
2 PCCUJobMgr; "C:\Program Files (x86)\Norton PC Checkup\Engine\2.0.17.38\ccSvcHst.exe" /s "PCCUJobMgr" /m "C:\Program Files (x86)\Norton PC Checkup\Engine\2.0.17.38\diMaster.dll" /prefetch:1 [132984 2011-11-30] (Symantec Corporation)
2 taisregispinger; C:\Program Files (x86)\Toshiba\ToshibaRegistration\TaisRegistPinger.exe [2186240 2012-04-25] (Toshiba America Information Systems.)
2 UNS; "C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe" [363800 2012-02-28] (Intel Corporation)
2 ZeroConfigService; "C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe" [2669840 2012-02-26] (Intel® Corporation)

==================== Drivers (Whitelisted) ===================

3 irstrtdv; C:\Windows\System32\Drivers\irstrtdv.sys [26504 2012-02-22] (Intel Corporation)
0 iusb3hcs; C:\Windows\System32\Drivers\iusb3hcs.sys [16152 2012-02-27] (Intel Corporation)
3 iusb3hub; C:\Windows\System32\Drivers\iusb3hub.sys [356120 2012-02-27] (Intel Corporation)
3 iusb3xhc; C:\Windows\System32\Drivers\iusb3xhc.sys [788760 2012-02-27] (Intel Corporation)
3 NETwNs64; C:\Windows\System32\DRIVERS\Netwsw00.sys [11472384 2012-03-14] (Intel Corporation)
3 Tosrfcom; [x]

==================== NetSvcs (Whitelisted) =================


==================== One Month Created Files and Folders ======================

2012-08-28 16:50 - 2012-08-28 16:50 - 00000000 ____D C:\FRST
2012-08-28 12:44 - 2012-08-28 12:44 - 00000000 ___AH C:\Windows\System32\Drivers\Msft_User_WpdFs_01_09_00.Wdf
2012-08-27 16:31 - 2012-08-27 16:31 - 00026576 ____A C:\Users\Ken\Documents\DDS.txt
2012-08-27 16:31 - 2012-08-27 16:31 - 00008606 ____A C:\Users\Ken\Documents\Attach.txt
2012-08-26 16:37 - 2012-08-26 16:37 - 00906752 ____A C:\Users\Ken\Downloads\531 v3.0F Release.xls
2012-08-26 16:05 - 2012-08-26 16:05 - 00607260 ____R (Swearware) C:\Users\Ken\Downloads\dds.com
2012-08-21 20:18 - 2012-08-21 20:18 - 00002078 ____A C:\Users\Public\Desktop\Lightroom 4.1 64-bit.lnk
2012-08-21 20:18 - 2012-08-21 20:18 - 00000000 ____D C:\Program Files\Common Files\Adobe
2012-08-21 20:17 - 2012-08-21 20:17 - 00000000 ____D C:\Program Files\Adobe
2012-08-21 20:15 - 2012-08-21 20:15 - 00000000 ____D C:\Users\Ken\Desktop\Adobe
2012-08-21 19:53 - 2012-08-21 20:14 - 765299656 ____A (Adobe Systems Incorporated) C:\Users\Ken\Downloads\setup.exe
2012-08-21 19:23 - 2012-08-21 19:24 - 00000000 ____D C:\Users\Ken\AppData\Roaming\Google
2012-08-21 19:17 - 2012-08-21 19:17 - 00051950 ____A C:\Users\Ken\Downloads\download
2012-08-21 19:02 - 2012-08-21 19:02 - 00138871 ____A C:\Users\Ken\Downloads\AL4.KG.rar
2012-08-20 20:38 - 2012-08-20 20:38 - 00000873 ____A C:\Users\Ken\Downloads\mitca (2).crt
2012-08-20 20:37 - 2012-08-20 20:37 - 00000873 ____A C:\Users\Ken\Downloads\mitca (1).crt
2012-08-20 14:22 - 2012-08-20 14:22 - 00000000 ____D C:\Users\All Users\MemeoCommon
2012-08-19 06:29 - 2012-08-19 06:29 - 00000873 ____A C:\Users\Ken\Downloads\mitca.crt
2012-08-18 14:06 - 2012-08-18 14:06 - 00001296 ____A C:\Users\Public\Desktop\Seagate Dashboard.lnk
2012-08-18 14:06 - 2012-08-18 14:06 - 00000000 ____D C:\Users\Ken\AppData\Roaming\Seagate
2012-08-18 14:06 - 2012-08-18 14:06 - 00000000 ____D C:\Users\Ken\AppData\Roaming\Memeo
2012-08-18 14:06 - 2012-08-18 14:06 - 00000000 ____D C:\Program Files (x86)\Memeo
2012-08-18 14:05 - 2012-08-18 14:05 - 00000000 ____D C:\Program Files (x86)\Seagate
2012-08-18 14:04 - 2012-08-18 14:04 - 00000000 ____D C:\Users\Ken\AppData\Roaming\Leadertech
2012-08-17 05:58 - 2012-08-17 05:58 - 00036352 ____A C:\Users\Ken\Downloads\531 spreadsheet.xls
2012-08-17 05:54 - 2012-08-17 05:57 - 20633313 ____A C:\Users\Ken\Downloads\VID_20120815_113754.mp4
2012-08-17 05:54 - 2012-08-17 05:57 - 17340411 ____A C:\Users\Ken\Downloads\VID_20120815_114608.mp4
2012-08-17 05:54 - 2012-08-17 05:57 - 15333301 ____A C:\Users\Ken\Downloads\VID_20120815_115309.mp4
2012-08-17 05:54 - 2012-08-17 05:57 - 13309642 ____A C:\Users\Ken\Downloads\VID_20120815_115022.mp4
2012-08-17 05:54 - 2012-08-17 05:57 - 13020576 ____A C:\Users\Ken\Downloads\VID_20120815_114200.mp4
2012-08-16 20:44 - 2012-08-21 20:20 - 00000000 ____D C:\Users\Ken\AppData\Local\Adobe
2012-08-16 05:27 - 2012-06-28 20:55 - 17809920 ____A (Microsoft Corporation) C:\Windows\System32\mshtml.dll
2012-08-16 05:27 - 2012-06-28 20:09 - 10925568 ____A (Microsoft Corporation) C:\Windows\System32\ieframe.dll
2012-08-16 05:27 - 2012-06-28 19:56 - 02312704 ____A (Microsoft Corporation) C:\Windows\System32\jscript9.dll
2012-08-16 05:27 - 2012-06-28 19:49 - 01392128 ____A (Microsoft Corporation) C:\Windows\System32\wininet.dll
2012-08-16 05:27 - 2012-06-28 19:49 - 01346048 ____A (Microsoft Corporation) C:\Windows\System32\urlmon.dll
2012-08-16 05:27 - 2012-06-28 19:48 - 01494528 ____A (Microsoft Corporation) C:\Windows\System32\inetcpl.cpl
2012-08-16 05:27 - 2012-06-28 19:47 - 00237056 ____A (Microsoft Corporation) C:\Windows\System32\url.dll
2012-08-16 05:27 - 2012-06-28 19:45 - 00085504 ____A (Microsoft Corporation) C:\Windows\System32\jsproxy.dll
2012-08-16 05:27 - 2012-06-28 19:44 - 00816640 ____A (Microsoft Corporation) C:\Windows\System32\jscript.dll
2012-08-16 05:27 - 2012-06-28 19:43 - 00173056 ____A (Microsoft Corporation) C:\Windows\System32\ieUnatt.exe
2012-08-16 05:27 - 2012-06-28 19:42 - 02144768 ____A (Microsoft Corporation) C:\Windows\System32\iertutil.dll
2012-08-16 05:27 - 2012-06-28 19:40 - 00096768 ____A (Microsoft Corporation) C:\Windows\System32\mshtmled.dll
2012-08-16 05:27 - 2012-06-28 19:39 - 02382848 ____A (Microsoft Corporation) C:\Windows\System32\mshtml.tlb
2012-08-16 05:27 - 2012-06-28 19:35 - 00248320 ____A (Microsoft Corporation) C:\Windows\System32\ieui.dll
2012-08-16 05:27 - 2012-06-28 16:52 - 12317184 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2012-08-16 05:27 - 2012-06-28 16:27 - 09737728 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2012-08-16 05:27 - 2012-06-28 16:16 - 01800704 ____A (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2012-08-16 05:27 - 2012-06-28 16:09 - 01129472 ____A (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2012-08-16 05:27 - 2012-06-28 16:09 - 01103872 ____A (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2012-08-16 05:27 - 2012-06-28 16:08 - 01427968 ____A (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2012-08-16 05:27 - 2012-06-28 16:07 - 00231936 ____A (Microsoft Corporation) C:\Windows\SysWOW64\url.dll
2012-08-16 05:27 - 2012-06-28 16:06 - 00065024 ____A (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2012-08-16 05:27 - 2012-06-28 16:04 - 00717824 ____A (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2012-08-16 05:27 - 2012-06-28 16:04 - 00142848 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2012-08-16 05:27 - 2012-06-28 16:01 - 01793024 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2012-08-16 05:27 - 2012-06-28 16:01 - 00073216 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2012-08-16 05:27 - 2012-06-28 16:00 - 02382848 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2012-08-16 05:27 - 2012-06-28 15:57 - 00176640 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2012-08-15 06:05 - 2012-07-04 14:16 - 00073216 ____A (Microsoft Corporation) C:\Windows\System32\netapi32.dll
2012-08-15 06:05 - 2012-07-04 14:13 - 00136704 ____A (Microsoft Corporation) C:\Windows\System32\browser.dll
2012-08-15 06:05 - 2012-07-04 14:13 - 00059392 ____A (Microsoft Corporation) C:\Windows\System32\browcli.dll
2012-08-15 06:05 - 2012-07-04 13:16 - 00057344 ____A (Microsoft Corporation) C:\Windows\SysWOW64\netapi32.dll
2012-08-15 06:05 - 2012-07-04 13:14 - 00041984 ____A (Microsoft Corporation) C:\Windows\SysWOW64\browcli.dll
2012-08-15 06:05 - 2012-05-05 00:36 - 00503808 ____A (Microsoft Corporation) C:\Windows\System32\srcore.dll
2012-08-15 06:05 - 2012-05-04 23:46 - 00043008 ____A (Microsoft Corporation) C:\Windows\SysWOW64\srclient.dll
2012-08-15 06:05 - 2012-02-10 22:43 - 00751104 ____A (Microsoft Corporation) C:\Windows\System32\win32spl.dll
2012-08-15 06:05 - 2012-02-10 22:36 - 00559104 ____A (Microsoft Corporation) C:\Windows\System32\spoolsv.exe
2012-08-15 06:05 - 2012-02-10 22:36 - 00067072 ____A (Microsoft Corporation) C:\Windows\splwow64.exe
2012-08-15 06:05 - 2012-02-10 21:43 - 00492032 ____A (Microsoft Corporation) C:\Windows\SysWOW64\win32spl.dll
2012-08-15 06:04 - 2012-07-18 10:15 - 03148800 ____A (Microsoft Corporation) C:\Windows\System32\win32k.sys
2012-08-15 06:04 - 2012-05-13 21:26 - 00956928 ____A (Microsoft Corporation) C:\Windows\System32\localspl.dll
2012-08-11 14:37 - 2012-08-19 08:45 - 00000000 ____D C:\Users\Ken\AppData\Roaming\vlc
2012-08-09 20:01 - 2012-08-09 20:01 - 00000000 ____D C:\Users\Default\AppData\Local\Microsoft Help
2012-08-09 20:01 - 2012-08-09 20:01 - 00000000 ____D C:\Users\Default User\AppData\Local\Microsoft Help
2012-08-09 13:24 - 2012-08-16 05:28 - 00000000 ____D C:\Users\All Users\Microsoft Help
2012-08-09 13:24 - 2012-08-11 21:13 - 00000000 ____D C:\Users\Ken\AppData\Local\Microsoft Help
2012-08-09 13:24 - 2012-08-09 13:24 - 00000000 __RHD C:\MSOCache
2012-08-09 13:24 - 2012-08-09 13:24 - 00000000 ____D C:\Program Files\Microsoft Office
2012-08-09 13:24 - 2012-08-09 13:24 - 00000000 ____D C:\Program Files (x86)\Microsoft Analysis Services
2012-08-09 08:06 - 2012-06-08 21:43 - 14172672 ____A (Microsoft Corporation) C:\Windows\System32\shell32.dll
2012-08-09 08:06 - 2012-06-08 20:41 - 12873728 ____A (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll
2012-08-09 08:06 - 2012-06-05 22:06 - 02004480 ____A (Microsoft Corporation) C:\Windows\System32\msxml6.dll
2012-08-09 08:06 - 2012-06-05 22:06 - 01881600 ____A (Microsoft Corporation) C:\Windows\System32\msxml3.dll
2012-08-09 08:06 - 2012-06-05 21:05 - 01390080 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msxml6.dll
2012-08-09 08:06 - 2012-06-05 21:05 - 01236992 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msxml3.dll
2012-08-09 08:06 - 2012-06-01 21:50 - 00458704 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\cng.sys
2012-08-09 08:06 - 2012-06-01 21:48 - 00151920 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\ksecpkg.sys
2012-08-09 08:06 - 2012-06-01 21:48 - 00095600 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\ksecdd.sys
2012-08-09 08:06 - 2012-06-01 21:45 - 00340992 ____A (Microsoft Corporation) C:\Windows\System32\schannel.dll
2012-08-09 08:06 - 2012-06-01 21:44 - 00307200 ____A (Microsoft Corporation) C:\Windows\System32\ncrypt.dll
2012-08-09 08:06 - 2012-06-01 20:40 - 00225280 ____A (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2012-08-09 08:06 - 2012-06-01 20:40 - 00022016 ____A (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2012-08-09 08:06 - 2012-06-01 20:39 - 00219136 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2012-08-09 08:06 - 2012-06-01 20:34 - 00096768 ____A (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2012-08-09 08:06 - 2012-05-04 03:06 - 05559664 ____A (Microsoft Corporation) C:\Windows\System32\ntoskrnl.exe
2012-08-09 08:06 - 2012-05-04 02:03 - 03968368 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2012-08-09 08:06 - 2012-05-04 02:03 - 03913072 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2012-08-09 08:06 - 2012-04-30 21:40 - 00209920 ____A (Microsoft Corporation) C:\Windows\System32\profsvc.dll
2012-08-09 08:06 - 2012-04-25 21:41 - 00149504 ____A (Microsoft Corporation) C:\Windows\System32\rdpcorekmts.dll
2012-08-09 08:06 - 2012-04-25 21:41 - 00077312 ____A (Microsoft Corporation) C:\Windows\System32\rdpwsx.dll
2012-08-09 08:06 - 2012-04-25 21:34 - 00009216 ____A (Microsoft Corporation) C:\Windows\System32\rdrmemptylst.exe
2012-08-09 08:06 - 2012-03-02 22:35 - 01544704 ____A (Microsoft Corporation) C:\Windows\System32\DWrite.dll
2012-08-09 08:06 - 2012-03-02 21:31 - 01077248 ____A (Microsoft Corporation) C:\Windows\SysWOW64\DWrite.dll
2012-08-09 08:06 - 2011-03-12 04:08 - 01465344 ____A (Microsoft Corporation) C:\Windows\System32\XpsPrint.dll
2012-08-09 08:06 - 2011-03-12 03:23 - 00870912 ____A (Microsoft Corporation) C:\Windows\SysWOW64\XpsPrint.dll
2012-08-09 08:06 - 2010-06-25 19:55 - 00002048 ____A (Microsoft Corporation) C:\Windows\System32\msxml3r.dll
2012-08-09 08:06 - 2010-06-25 19:24 - 00002048 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msxml3r.dll
2012-08-09 08:05 - 2012-06-05 22:02 - 01133568 ____A (Microsoft Corporation) C:\Windows\System32\cdosys.dll
2012-08-09 08:05 - 2012-06-05 21:03 - 00805376 ____A (Microsoft Corporation) C:\Windows\SysWOW64\cdosys.dll
2012-08-09 08:05 - 2012-04-27 19:55 - 00210944 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\rdpwd.sys
2012-08-09 08:05 - 2012-04-23 21:37 - 01462272 ____A (Microsoft Corporation) C:\Windows\System32\crypt32.dll
2012-08-09 08:05 - 2012-04-23 21:37 - 00184320 ____A (Microsoft Corporation) C:\Windows\System32\cryptsvc.dll
2012-08-09 08:05 - 2012-04-23 21:37 - 00140288 ____A (Microsoft Corporation) C:\Windows\System32\cryptnet.dll
2012-08-09 08:05 - 2012-04-23 20:36 - 01158656 ____A (Microsoft Corporation) C:\Windows\SysWOW64\crypt32.dll
2012-08-09 08:05 - 2012-04-23 20:36 - 00140288 ____A (Microsoft Corporation) C:\Windows\SysWOW64\cryptsvc.dll
2012-08-09 08:05 - 2012-04-23 20:36 - 00103936 ____A (Microsoft Corporation) C:\Windows\SysWOW64\cryptnet.dll
2012-08-09 08:05 - 2012-04-07 04:31 - 03216384 ____A (Microsoft Corporation) C:\Windows\System32\msi.dll
2012-08-09 08:05 - 2012-04-07 03:26 - 02342400 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msi.dll
2012-08-09 08:05 - 2012-03-30 03:35 - 01918320 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\tcpip.sys
2012-08-09 08:05 - 2012-03-16 23:58 - 00075120 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\partmgr.sys
2012-08-09 08:05 - 2011-02-22 20:55 - 00090624 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\bowser.sys
2012-08-08 17:21 - 2012-08-09 07:51 - 00000000 ____D C:\Users\Ken\AppData\Roaming\Skype
2012-08-08 09:57 - 2012-08-23 05:23 - 00000000 ___SD C:\Users\Ken\Google Drive
2012-08-08 09:57 - 2012-08-08 09:57 - 00001707 ____A C:\Users\Ken\Desktop\Google Drive.lnk
2012-08-08 09:09 - 2012-08-28 12:47 - 00000000 ___RD C:\Users\Ken\Dropbox
2012-08-08 09:06 - 2012-08-08 09:06 - 00000000 ____D C:\Users\Ken\AppData\Local\Evernote
2012-08-08 09:05 - 2012-08-08 09:05 - 00000000 ____D C:\Users\All Users\Malwarebytes
2012-08-08 09:05 - 2012-08-08 09:05 - 00000000 ____D C:\Program Files (x86)\Malwarebytes' Anti-Malware
2012-08-08 09:05 - 2012-07-03 09:46 - 00024904 ____A (Malwarebytes Corporation) C:\Windows\System32\Drivers\mbam.sys
2012-08-08 09:04 - 2012-08-08 09:04 - 00000936 ____A C:\Users\Public\Desktop\Evernote.lnk
2012-08-08 09:04 - 2012-08-08 09:04 - 00000000 ____D C:\Program Files (x86)\Evernote
2012-08-08 08:48 - 2012-08-08 08:48 - 00001081 ____A C:\Users\Public\Desktop\VLC media player.lnk
2012-08-08 08:47 - 2012-08-08 08:47 - 00000000 ____D C:\Program Files (x86)\VideoLAN
2012-08-08 08:39 - 2012-08-08 08:39 - 00002515 ____A C:\Users\Public\Desktop\Skype.lnk
2012-08-08 08:39 - 2012-08-08 08:39 - 00000000 ___RD C:\Program Files (x86)\Skype
2012-08-08 08:39 - 2012-08-08 08:39 - 00000000 ____D C:\Users\All Users\Skype
2012-08-08 08:35 - 2012-08-08 08:35 - 00001306 ____A C:\Users\Public\Desktop\Media Player Classic.lnk
2012-08-08 08:35 - 2012-08-08 08:35 - 00000000 ____D C:\Program Files (x86)\K-Lite Codec Pack
2012-08-08 08:35 - 2012-06-09 09:21 - 00178688 ____A C:\Windows\SysWOW64\unrar.dll
2012-08-08 08:34 - 2012-08-08 08:34 - 00001013 ____A C:\Users\Ken\Desktop\Dropbox.lnk
2012-08-08 08:33 - 2012-08-28 12:47 - 00000000 ____D C:\Users\Ken\AppData\Roaming\Dropbox
2012-08-08 08:31 - 2012-08-08 08:31 - 00001091 ____A C:\Users\Public\Desktop\Google Drive.lnk
2012-08-08 08:31 - 2012-08-08 08:31 - 00000000 ____D C:\Users\Ken\AppData\LocalGoogle
2012-08-08 08:30 - 2012-08-08 08:30 - 00000000 ____D C:\Program Files (x86)\Combined Community Codec Pack
2012-08-08 08:29 - 2012-08-08 08:29 - 00001145 ____A C:\Users\Public\Desktop\Mozilla Firefox.lnk
2012-08-08 08:29 - 2012-08-08 08:29 - 00000000 ____D C:\Users\All Users\Mozilla
2012-08-08 08:29 - 2012-08-08 08:29 - 00000000 ____D C:\Program Files\7-Zip
2012-08-08 08:29 - 2012-08-08 08:29 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2012-08-08 08:29 - 2012-08-08 08:29 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2012-08-08 08:28 - 2012-08-08 08:28 - 00254152 ____A (Secure By Design Inc.) C:\Users\Ken\Downloads\Ninite 7Zip CCCP Dropbox Evernote Firefox Installer.exe
2012-08-08 08:23 - 2012-08-08 08:23 - 00001945 ____A C:\Windows\epplauncher.mif
2012-08-08 08:23 - 2012-08-08 08:23 - 00000000 ____D C:\Program Files\Microsoft Security Client
2012-08-08 08:23 - 2012-08-08 08:23 - 00000000 ____D C:\Program Files (x86)\Microsoft Security Client
2012-08-08 08:20 - 2012-08-08 08:22 - 12621696 ____A (Microsoft Corporation) C:\Users\Ken\Downloads\mseinstall.exe
2012-08-08 08:15 - 2012-08-21 20:20 - 00000000 ____D C:\Users\Ken\AppData\Roaming\Adobe
2012-08-08 08:13 - 2012-08-08 08:13 - 00000000 ____D C:\Users\Ken\AppData\Roaming\Toshiba
2012-08-08 08:12 - 2012-08-21 19:23 - 00000000 ____D C:\Users\Ken\AppData\Local\Google
2012-08-08 08:12 - 2012-08-09 14:14 - 00085704 ____A C:\Users\Ken\AppData\Local\GDIPFONTCACHEV1.DAT
2012-08-08 08:12 - 2012-08-08 09:00 - 00000000 ____D C:\Users\Ken\AppData\Local\TOSHIBA
2012-08-08 08:12 - 2012-08-08 08:12 - 00000000 ____D C:\Users\Ken\AppData\Local\SRS Labs
2012-08-08 08:12 - 2012-08-08 08:12 - 00000000 ____D C:\Users\Ken\AppData\Local\Intel_Corporation
2012-08-08 08:12 - 2012-08-08 08:12 - 00000000 ____D C:\Users\Ken\AppData\Local\Deployment
2012-08-08 08:12 - 2012-08-08 08:12 - 00000000 ____D C:\Users\Ken\AppData\Local\Apps\2.0
2012-08-08 08:09 - 2012-08-08 09:57 - 00000000 ____D C:\users\Ken
2012-08-08 08:09 - 2012-08-08 08:09 - 00000020 ___SH C:\Users\Ken\ntuser.ini
2012-08-08 08:09 - 2012-08-08 08:09 - 00000013 __RSH C:\Windows\System32\Drivers\fbd.sys
2012-08-08 08:09 - 2012-08-08 08:09 - 00000000 ____D C:\Users\Ken\AppData\Roaming\WinBatch
2012-08-08 08:09 - 2012-08-08 08:09 - 00000000 ____D C:\Users\Ken\AppData\Roaming\Intel
2012-08-08 08:09 - 2012-08-08 08:09 - 00000000 ____D C:\Users\Ken\AppData\Local\VirtualStore
2012-08-08 08:09 - 2012-08-08 08:09 - 00000000 ____A C:\Users\Ken\agent.log
2012-08-08 08:09 - 2012-06-02 14:19 - 02428952 ____A (Microsoft Corporation) C:\Windows\System32\wuaueng.dll
2012-08-08 08:09 - 2012-06-02 14:19 - 00701976 ____A (Microsoft Corporation) C:\Windows\System32\wuapi.dll
2012-08-08 08:09 - 2012-06-02 14:19 - 00057880 ____A (Microsoft Corporation) C:\Windows\System32\wuauclt.exe
2012-08-08 08:09 - 2012-06-02 14:19 - 00044056 ____A (Microsoft Corporation) C:\Windows\System32\wups2.dll
2012-08-08 08:09 - 2012-06-02 14:19 - 00038424 ____A (Microsoft Corporation) C:\Windows\System32\wups.dll
2012-08-08 08:09 - 2012-06-02 14:15 - 02622464 ____A (Microsoft Corporation) C:\Windows\System32\wucltux.dll
2012-08-08 08:09 - 2012-06-02 14:15 - 00099840 ____A (Microsoft Corporation) C:\Windows\System32\wudriver.dll
2012-08-08 08:09 - 2012-06-02 11:19 - 00186752 ____A (Microsoft Corporation) C:\Windows\System32\wuwebv.dll
2012-08-08 08:09 - 2012-06-02 11:15 - 00036864 ____A (Microsoft Corporation) C:\Windows\System32\wuapp.exe
2012-08-08 08:09 - 2012-05-11 17:42 - 00000000 ____D C:\Users\Ken\AppData\Roaming\Macromedia

==================== 3 Months Modified Files ================================

2012-08-28 12:47 - 2012-07-15 00:27 - 01367536 ____A C:\Windows\WindowsUpdate.log
2012-08-28 12:45 - 2009-07-13 21:13 - 00782206 ____A C:\Windows\System32\PerfStringBackup.INI
2012-08-28 12:44 - 2012-08-28 12:44 - 00000000 ___AH C:\Windows\System32\Drivers\Msft_User_WpdFs_01_09_00.Wdf
2012-08-28 12:44 - 2009-07-13 20:51 - 00034186 ____A C:\Windows\setupact.log
2012-08-28 12:42 - 2012-05-11 17:42 - 00000830 ____A C:\Windows\Tasks\Adobe Flash Player Updater.job
2012-08-28 12:41 - 2012-07-15 00:43 - 00000912 ____A C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2012-08-28 08:14 - 2012-07-15 00:43 - 00000908 ____A C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2012-08-28 07:41 - 2012-07-15 00:27 - 00000830 ____A C:\Windows\Tasks\ISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d.job
2012-08-27 16:31 - 2012-08-27 16:31 - 00026576 ____A C:\Users\Ken\Documents\DDS.txt
2012-08-27 16:31 - 2012-08-27 16:31 - 00008606 ____A C:\Users\Ken\Documents\Attach.txt
2012-08-26 16:37 - 2012-08-26 16:37 - 00906752 ____A C:\Users\Ken\Downloads\531 v3.0F Release.xls
2012-08-26 16:05 - 2012-08-26 16:05 - 00607260 ____R (Swearware) C:\Users\Ken\Downloads\dds.com
2012-08-24 05:49 - 2009-07-13 20:45 - 00024608 ___AH C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2012-08-24 05:49 - 2009-07-13 20:45 - 00024608 ___AH C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2012-08-23 05:23 - 2012-07-15 00:27 - 00000828 ____A C:\Windows\Tasks\ISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d-Logon.job
2012-08-23 05:23 - 2012-05-11 17:42 - 00696520 ____A (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2012-08-23 05:23 - 2012-05-11 17:42 - 00073416 ____A (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2012-08-23 05:14 - 2009-07-13 21:08 - 00000006 ___AH C:\Windows\Tasks\SA.DAT
2012-08-21 20:18 - 2012-08-21 20:18 - 00002078 ____A C:\Users\Public\Desktop\Lightroom 4.1 64-bit.lnk
2012-08-21 20:14 - 2012-08-21 19:53 - 765299656 ____A (Adobe Systems Incorporated) C:\Users\Ken\Downloads\setup.exe
2012-08-21 19:17 - 2012-08-21 19:17 - 00051950 ____A C:\Users\Ken\Downloads\download
2012-08-21 19:02 - 2012-08-21 19:02 - 00138871 ____A C:\Users\Ken\Downloads\AL4.KG.rar
2012-08-21 05:11 - 2010-11-20 19:47 - 00521048 ____A C:\Windows\PFRO.log
2012-08-20 20:38 - 2012-08-20 20:38 - 00000873 ____A C:\Users\Ken\Downloads\mitca (2).crt
2012-08-20 20:37 - 2012-08-20 20:37 - 00000873 ____A C:\Users\Ken\Downloads\mitca (1).crt
2012-08-19 06:29 - 2012-08-19 06:29 - 00000873 ____A C:\Users\Ken\Downloads\mitca.crt
2012-08-18 14:06 - 2012-08-18 14:06 - 00001296 ____A C:\Users\Public\Desktop\Seagate Dashboard.lnk
2012-08-17 05:58 - 2012-08-17 05:58 - 00036352 ____A C:\Users\Ken\Downloads\531 spreadsheet.xls
2012-08-17 05:57 - 2012-08-17 05:54 - 20633313 ____A C:\Users\Ken\Downloads\VID_20120815_113754.mp4
2012-08-17 05:57 - 2012-08-17 05:54 - 17340411 ____A C:\Users\Ken\Downloads\VID_20120815_114608.mp4
2012-08-17 05:57 - 2012-08-17 05:54 - 15333301 ____A C:\Users\Ken\Downloads\VID_20120815_115309.mp4
2012-08-17 05:57 - 2012-08-17 05:54 - 13309642 ____A C:\Users\Ken\Downloads\VID_20120815_115022.mp4
2012-08-17 05:57 - 2012-08-17 05:54 - 13020576 ____A C:\Users\Ken\Downloads\VID_20120815_114200.mp4
2012-08-17 05:53 - 2009-07-13 20:45 - 00341296 ____A C:\Windows\System32\FNTCACHE.DAT
2012-08-09 20:15 - 2012-07-15 00:48 - 00776054 ____A C:\Windows\SysWOW64\PerfStringBackup.INI
2012-08-09 14:14 - 2012-08-08 08:12 - 00085704 ____A C:\Users\Ken\AppData\Local\GDIPFONTCACHEV1.DAT
2012-08-08 09:57 - 2012-08-08 09:57 - 00001707 ____A C:\Users\Ken\Desktop\Google Drive.lnk
2012-08-08 09:04 - 2012-08-08 09:04 - 00000936 ____A C:\Users\Public\Desktop\Evernote.lnk
2012-08-08 08:48 - 2012-08-08 08:48 - 00001081 ____A C:\Users\Public\Desktop\VLC media player.lnk
2012-08-08 08:39 - 2012-08-08 08:39 - 00002515 ____A C:\Users\Public\Desktop\Skype.lnk
2012-08-08 08:35 - 2012-08-08 08:35 - 00001306 ____A C:\Users\Public\Desktop\Media Player Classic.lnk
2012-08-08 08:34 - 2012-08-08 08:34 - 00001013 ____A C:\Users\Ken\Desktop\Dropbox.lnk
2012-08-08 08:31 - 2012-08-08 08:31 - 00001091 ____A C:\Users\Public\Desktop\Google Drive.lnk
2012-08-08 08:29 - 2012-08-08 08:29 - 00001145 ____A C:\Users\Public\Desktop\Mozilla Firefox.lnk
2012-08-08 08:28 - 2012-08-08 08:28 - 00254152 ____A (Secure By Design Inc.) C:\Users\Ken\Downloads\Ninite 7Zip CCCP Dropbox Evernote Firefox Installer.exe
2012-08-08 08:23 - 2012-08-08 08:23 - 00001945 ____A C:\Windows\epplauncher.mif
2012-08-08 08:22 - 2012-08-08 08:20 - 12621696 ____A (Microsoft Corporation) C:\Users\Ken\Downloads\mseinstall.exe
2012-08-08 08:09 - 2012-08-08 08:09 - 00000020 ___SH C:\Users\Ken\ntuser.ini
2012-08-08 08:09 - 2012-08-08 08:09 - 00000013 __RSH C:\Windows\System32\Drivers\fbd.sys
2012-08-08 08:09 - 2012-08-08 08:09 - 00000000 ____A C:\Users\Ken\agent.log
2012-07-18 10:15 - 2012-08-15 06:04 - 03148800 ____A (Microsoft Corporation) C:\Windows\System32\win32k.sys
2012-07-15 01:22 - 2009-07-13 21:38 - 00025600 __ASH C:\Windows\System32\config\BCD-Template.LOG
2012-07-15 01:22 - 2009-07-13 21:32 - 00028672 ____A C:\Windows\System32\config\BCD-Template
2012-07-15 01:11 - 2009-07-13 20:46 - 00004059 ____A C:\Windows\DtcInstall.log
2012-07-15 01:10 - 2012-05-11 18:09 - 00000050 ____A C:\Windows\System32\Drivers\DCX.LOG
2012-07-15 01:01 - 2012-05-11 17:01 - 00012642 ____A C:\Windows\IE9_main.log
2012-07-15 00:41 - 2012-07-15 00:41 - 00000000 ___AH C:\Windows\System32\Drivers\Msft_Kernel_iusb3hcs_01009.Wdf
2012-07-15 00:39 - 2012-07-15 00:39 - 00000000 ___AH C:\Windows\System32\Drivers\Msft_Kernel_iwdbus_01009.Wdf
2012-07-15 00:37 - 2012-07-15 00:34 - 00027008 ____A C:\Windows\DPINST.LOG
2012-07-15 00:34 - 2012-07-15 00:34 - 00001524 ____A C:\Windows\Synaptics.log
2012-07-15 00:34 - 2012-07-15 00:34 - 00000000 ___AH C:\Windows\System32\Drivers\Msft_Kernel_SynTP_01009.Wdf
2012-07-15 00:28 - 2012-07-15 00:28 - 00015818 ____A C:\Windows\System32\results.xml
2012-07-15 00:23 - 2012-05-11 16:56 - 00003652 ____A C:\Windows\TSSysprep.log
2012-07-04 14:16 - 2012-08-15 06:05 - 00073216 ____A (Microsoft Corporation) C:\Windows\System32\netapi32.dll
2012-07-04 14:13 - 2012-08-15 06:05 - 00136704 ____A (Microsoft Corporation) C:\Windows\System32\browser.dll
2012-07-04 14:13 - 2012-08-15 06:05 - 00059392 ____A (Microsoft Corporation) C:\Windows\System32\browcli.dll
2012-07-04 13:16 - 2012-08-15 06:05 - 00057344 ____A (Microsoft Corporation) C:\Windows\SysWOW64\netapi32.dll
2012-07-04 13:14 - 2012-08-15 06:05 - 00041984 ____A (Microsoft Corporation) C:\Windows\SysWOW64\browcli.dll
2012-07-03 09:46 - 2012-08-08 09:05 - 00024904 ____A (Malwarebytes Corporation) C:\Windows\System32\Drivers\mbam.sys
2012-06-28 20:55 - 2012-08-16 05:27 - 17809920 ____A (Microsoft Corporation) C:\Windows\System32\mshtml.dll
2012-06-28 20:09 - 2012-08-16 05:27 - 10925568 ____A (Microsoft Corporation) C:\Windows\System32\ieframe.dll
2012-06-28 19:56 - 2012-08-16 05:27 - 02312704 ____A (Microsoft Corporation) C:\Windows\System32\jscript9.dll
2012-06-28 19:49 - 2012-08-16 05:27 - 01392128 ____A (Microsoft Corporation) C:\Windows\System32\wininet.dll
2012-06-28 19:49 - 2012-08-16 05:27 - 01346048 ____A (Microsoft Corporation) C:\Windows\System32\urlmon.dll
2012-06-28 19:48 - 2012-08-16 05:27 - 01494528 ____A (Microsoft Corporation) C:\Windows\System32\inetcpl.cpl
2012-06-28 19:47 - 2012-08-16 05:27 - 00237056 ____A (Microsoft Corporation) C:\Windows\System32\url.dll
2012-06-28 19:45 - 2012-08-16 05:27 - 00085504 ____A (Microsoft Corporation) C:\Windows\System32\jsproxy.dll
2012-06-28 19:44 - 2012-08-16 05:27 - 00816640 ____A (Microsoft Corporation) C:\Windows\System32\jscript.dll
2012-06-28 19:43 - 2012-08-16 05:27 - 00173056 ____A (Microsoft Corporation) C:\Windows\System32\ieUnatt.exe
2012-06-28 19:42 - 2012-08-16 05:27 - 02144768 ____A (Microsoft Corporation) C:\Windows\System32\iertutil.dll
2012-06-28 19:40 - 2012-08-16 05:27 - 00096768 ____A (Microsoft Corporation) C:\Windows\System32\mshtmled.dll
2012-06-28 19:39 - 2012-08-16 05:27 - 02382848 ____A (Microsoft Corporation) C:\Windows\System32\mshtml.tlb
2012-06-28 19:35 - 2012-08-16 05:27 - 00248320 ____A (Microsoft Corporation) C:\Windows\System32\ieui.dll
2012-06-28 16:52 - 2012-08-16 05:27 - 12317184 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2012-06-28 16:27 - 2012-08-16 05:27 - 09737728 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2012-06-28 16:16 - 2012-08-16 05:27 - 01800704 ____A (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2012-06-28 16:09 - 2012-08-16 05:27 - 01129472 ____A (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2012-06-28 16:09 - 2012-08-16 05:27 - 01103872 ____A (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2012-06-28 16:08 - 2012-08-16 05:27 - 01427968 ____A (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2012-06-28 16:07 - 2012-08-16 05:27 - 00231936 ____A (Microsoft Corporation) C:\Windows\SysWOW64\url.dll
2012-06-28 16:06 - 2012-08-16 05:27 - 00065024 ____A (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2012-06-28 16:04 - 2012-08-16 05:27 - 00717824 ____A (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2012-06-28 16:04 - 2012-08-16 05:27 - 00142848 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2012-06-28 16:01 - 2012-08-16 05:27 - 01793024 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2012-06-28 16:01 - 2012-08-16 05:27 - 00073216 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2012-06-28 16:00 - 2012-08-16 05:27 - 02382848 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2012-06-28 15:57 - 2012-08-16 05:27 - 00176640 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2012-06-09 09:21 - 2012-08-08 08:35 - 00178688 ____A C:\Windows\SysWOW64\unrar.dll
2012-06-08 21:43 - 2012-08-09 08:06 - 14172672 ____A (Microsoft Corporation) C:\Windows\System32\shell32.dll
2012-06-08 20:41 - 2012-08-09 08:06 - 12873728 ____A (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll
2012-06-06 04:49 - 2012-06-06 04:49 - 01070152 ____A (Microsoft Corporation) C:\Windows\SysWOW64\MSCOMCTL.OCX
2012-06-05 22:06 - 2012-08-09 08:06 - 02004480 ____A (Microsoft Corporation) C:\Windows\System32\msxml6.dll
2012-06-05 22:06 - 2012-08-09 08:06 - 01881600 ____A (Microsoft Corporation) C:\Windows\System32\msxml3.dll
2012-06-05 22:02 - 2012-08-09 08:05 - 01133568 ____A (Microsoft Corporation) C:\Windows\System32\cdosys.dll
2012-06-05 21:05 - 2012-08-09 08:06 - 01390080 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msxml6.dll
2012-06-05 21:05 - 2012-08-09 08:06 - 01236992 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msxml3.dll
2012-06-05 21:03 - 2012-08-09 08:05 - 00805376 ____A (Microsoft Corporation) C:\Windows\SysWOW64\cdosys.dll
2012-06-02 14:19 - 2012-08-08 08:09 - 02428952 ____A (Microsoft Corporation) C:\Windows\System32\wuaueng.dll
2012-06-02 14:19 - 2012-08-08 08:09 - 00701976 ____A (Microsoft Corporation) C:\Windows\System32\wuapi.dll
2012-06-02 14:19 - 2012-08-08 08:09 - 00057880 ____A (Microsoft Corporation) C:\Windows\System32\wuauclt.exe
2012-06-02 14:19 - 2012-08-08 08:09 - 00044056 ____A (Microsoft Corporation) C:\Windows\System32\wups2.dll
2012-06-02 14:19 - 2012-08-08 08:09 - 00038424 ____A (Microsoft Corporation) C:\Windows\System32\wups.dll
2012-06-02 14:15 - 2012-08-08 08:09 - 02622464 ____A (Microsoft Corporation) C:\Windows\System32\wucltux.dll
2012-06-02 14:15 - 2012-08-08 08:09 - 00099840 ____A (Microsoft Corporation) C:\Windows\System32\wudriver.dll
2012-06-02 11:19 - 2012-08-08 08:09 - 00186752 ____A (Microsoft Corporation) C:\Windows\System32\wuwebv.dll
2012-06-02 11:15 - 2012-08-08 08:09 - 00036864 ____A (Microsoft Corporation) C:\Windows\System32\wuapp.exe
2012-06-01 21:50 - 2012-08-09 08:06 - 00458704 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\cng.sys
2012-06-01 21:48 - 2012-08-09 08:06 - 00151920 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\ksecpkg.sys
2012-06-01 21:48 - 2012-08-09 08:06 - 00095600 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\ksecdd.sys
2012-06-01 21:45 - 2012-08-09 08:06 - 00340992 ____A (Microsoft Corporation) C:\Windows\System32\schannel.dll
2012-06-01 21:44 - 2012-08-09 08:06 - 00307200 ____A (Microsoft Corporation) C:\Windows\System32\ncrypt.dll
2012-06-01 20:40 - 2012-08-09 08:06 - 00225280 ____A (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2012-06-01 20:40 - 2012-08-09 08:06 - 00022016 ____A (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2012-06-01 20:39 - 2012-08-09 08:06 - 00219136 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2012-06-01 20:34 - 2012-08-09 08:06 - 00096768 ____A (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll


==================== Known DLLs (Whitelisted) =================


==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit

==================== EXE ASSOCIATION =====================

HKLM\...\.exe: exefile => OK
HKLM\...\exefile\DefaultIcon: %1 => OK
HKLM\...\exefile\open\command: "%1" %* => OK

==================== Restore Points =========================

Restore point made on: 2012-08-19 06:57:32
Restore point made on: 2012-08-20 05:03:36
Restore point made on: 2012-08-21 20:17:29
Restore point made on: 2012-08-24 05:44:48
Restore point made on: 2012-08-27 18:17:05

==================== Memory info ===========================

Percentage of memory in use: 14%
Total physical RAM: 3990.17 MB
Available physical RAM: 3398.14 MB
Total Pagefile: 3988.37 MB
Available Pagefile: 3391.73 MB
Total Virtual: 8192 MB
Available Virtual: 8191.89 MB

==================== Partitions ============================

1 Drive c: (TI106424W0F) (Fixed) (Total:101.19 GB) (Free:59.97 GB) NTFS ==>[System with boot components (obtained from reading drive)]
2 Drive d: (System) (Fixed) (Total:1.46 GB) (Free:1.25 GB) NTFS ==>[System with boot components (obtained from reading drive)]
3 Drive e: (USB DISK) (Removable) (Total:1.86 GB) (Free:1.86 GB) FAT32
4 Drive f: (LOCAL DISK) (Fixed) (Total:931.4 GB) (Free:181.24 GB) FAT32
5 Drive x: (Boot) (Fixed) (Total:0.03 GB) (Free:0.03 GB) NTFS

Disk ### Status Size Free Dyn Gpt
-------- ------------- ------- ------- --- ---
Disk 0 Online 119 GB 0 B
Disk 1 Online 1912 MB 0 B
Disk 2 Online 931 GB 0 B

Partitions of Disk 0:
===============

Partition ### Type Size Offset
------------- ---------------- ------- -------
Partition 1 Recovery 1500 MB 1024 KB
Partition 2 Primary 101 GB 1501 MB
Partition 3 OEM 4096 MB 102 GB
Partition 4 Primary 12 GB 106 GB

==================================================================================

Disk: 0
Partition 1
Type : 27
Hidden: Yes
Active: Yes

Volume ### Ltr Label Fs Type Size Status Info
---------- --- ----------- ----- ---------- ------- --------- --------
* Volume 1 D System NTFS Partition 1500 MB Healthy Hidden

==================================================================================

Disk: 0
Partition 2
Type : 07
Hidden: No
Active: No

Volume ### Ltr Label Fs Type Size Status Info
---------- --- ----------- ----- ---------- ------- --------- --------
* Volume 0 C TI106424W0F NTFS Partition 101 GB Healthy

==================================================================================

Disk: 0
Partition 3
Type : 84
Hidden: Yes
Active: No

Volume ### Ltr Label Fs Type Size Status Info
---------- --- ----------- ----- ---------- ------- --------- --------
* Volume 4 RAW Partition 4096 MB Healthy Hidden

==================================================================================

Disk: 0
Partition 4
Type : 17 (Suspicious Type)
Hidden: Yes
Active: No

There is no volume associated with this partition.

==================================================================================

Partitions of Disk 1:
===============

Partition ### Type Size Offset
------------- ---------------- ------- -------
Partition 1 Primary 1911 MB 16 KB

==================================================================================

Disk: 1
Partition 1
Type : 0C
Hidden: No
Active: Yes

Volume ### Ltr Label Fs Type Size Status Info
---------- --- ----------- ----- ---------- ------- --------- --------
* Volume 2 E USB DISK FAT32 Removable 1911 MB Healthy

==================================================================================

Partitions of Disk 2:
===============

Partition ### Type Size Offset
------------- ---------------- ------- -------
Partition 1 Primary 931 GB 31 KB

==================================================================================

Disk: 2
Partition 1
Type : 0C
Hidden: No
Active: No

Volume ### Ltr Label Fs Type Size Status Info
---------- --- ----------- ----- ---------- ------- --------- --------
* Volume 3 F LOCAL DISK FAT32 Partition 931 GB Healthy

==================================================================================

Last Boot: 2012-08-27 18:06

==================== End Of Log =============================

#7 fireman4it

fireman4it

    Bleepin' Fireman


  • Malware Response Team
  • 13,505 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Greenup, Ill USA
  • Local time:03:22 PM

Posted 28 August 2012 - 03:59 PM

1.
Please download the latest version of TDSSKiller from here and save it to your Desktop.
  • Doubleclick on TDSSKiller.exe to run the application, then click on Change parameters.
    Posted Image
  • Put a checkmark beside loaded modules.
    Posted Image
  • A reboot will be needed to apply the changes. Do it.
  • TDSSKiller will launch automatically after the reboot. Also your computer may seem very slow and unusable. This is normal. Give it enough time to load your background programs.
  • Then click on Change parameters in TDSSKiller.
  • Check all boxes then click OK.
    Posted Image
  • Click the Start Scan button.
    Posted Image
  • The scan should take no longer than 2 minutes.
  • If a suspicious object is detected, the default action will be Skip, click on Continue.
    Posted Image
  • If malicious objects are found, they will show in the Scan results - Select action for found objects and offer three options.
    Ensure Cure (default) is selected, then click Continue > Reboot now to finish the cleaning process.
    Posted Image
    Note: If Cure is not available, please choose Skip instead, do not choose Delete unless instructed.
  • A report will be created in your root directory, (usually C:\ folder) in the form of "TDSSKiller.[Version]_[Date]_[Time]_log.txt". Please copy and paste the contents of that file here.

2.
Install Recovery Console and Run ComboFix

This tool is not a toy. If used the wrong way you could trash your computer. Please use only under direction of a Helper. If you decide to do so anyway, please do not blame me or ComboFix.

Download Combofix from any of the links below, and save it to your desktop.

Link 1
Link 2
  • Close/disable all anti-virus and anti-malware programs so they do not interfere with the running of ComboFix. Refer to this page if you are not sure how.
  • Close any open windows, including this one.
  • Double click on ComboFix.exe & follow the prompts.
  • As part of it's process, ComboFix will check to see if the Microsoft Windows Recovery Console is installed. With malware infections being as they are today, it's strongly recommended to have this pre-installed on your machine before doing any malware removal. It will allow you to boot up into a special recovery/repair mode that will allow us to more easily help you should your computer have a problem after an attempted removal of malware.
  • If you did not have it installed, you will see the prompt below. Choose YES.
  • Posted Image
  • Follow the prompts to allow ComboFix to download and install the Microsoft Windows Recovery Console, and when prompted, agree to the End-User License Agreement to install the Microsoft Windows Recovery Console.
**Please note: If the Microsoft Windows Recovery Console is already installed, ComboFix will continue it's malware removal procedures.

Note:The Windows Recovery Console will allow you to boot up into a special recovery (repair) mode. This allows us to more easily help you
should your computer have a problem after an attempted removal of malware. It is a simple procedure that will only take a few moments of your time.

  • Once the Microsoft Windows Recovery Console is installed using ComboFix, you should see the following message:

    Posted Image
  • Click on Yes, to continue scanning for malware.
  • When finished, it will produce a report for you. Please post the contents of the log (C:\ComboFix.txt).
Leave your computer alone while ComboFix is running.
ComboFix will restart your computer if malware is found; allow it to do so.


Note: Please Do NOT mouseclick combofix's window while its running because it may cause it to stall.


Things to include in your next reply::
TdssKiller log
Combofix.txt
How is your machine running now?

" Extinguishing Malware from the world"

The Virus, Trojan, Spyware, and Malware Removal forum is very busy. If I'm helping you and I've not posted back within 24 hrs., send a PM with your topic link. Thank you.

ALL OTHER HELP REQUESTS VIA THE PM SYSTEM WILL BE IGNORED. The Forums are there for a reason!
Thanks-


  userbar_eis_500.gif

If I have helped you, consider making a donation to help me continue the fight against Malware! Just click btn_donate_LG.gif


#8 MoOPH

MoOPH
  • Topic Starter

  • Members
  • 8 posts
  • OFFLINE
  •  
  • Local time:03:22 PM

Posted 28 August 2012 - 05:26 PM

Hi, here are the combofix and TDSSKiller logs, respectively.

An observation: I have not seen the MSE notification for Trojan:DOS/Shetwirl.A, even with the external hard drive I suspected was infected plugged in. I have not seen any messages in general, and now I'm not sure if it was really infected to begin with. Regardless, the logs are pasted below.


ComboFix 12-08-28.03 - Ken 08/28/2012 18:12:32.1.4 - x64
Microsoft Windows 7 Home Premium 6.1.7601.1.1252.1.1033.18.3990.2431 [GMT -4:00]
Running from: c:\users\Ken\Desktop\ComboFix.exe
AV: Microsoft Security Essentials *Disabled/Updated* {9765EA51-0D3C-7DFB-6091-10E4E1F341F6}
SP: Microsoft Security Essentials *Disabled/Updated* {2C040BB5-2B06-7275-5A21-2B969A740B4B}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\programdata\Roaming
c:\users\Ken\AppData\Local\Temp\_MEI40322\_ctypes.pyd
c:\users\Ken\AppData\Local\Temp\_MEI40322\_elementtree.pyd
c:\users\Ken\AppData\Local\Temp\_MEI40322\_hashlib.pyd
c:\users\Ken\AppData\Local\Temp\_MEI40322\_socket.pyd
c:\users\Ken\AppData\Local\Temp\_MEI40322\_ssl.pyd
c:\users\Ken\AppData\Local\Temp\_MEI40322\pyexpat.pyd
c:\users\Ken\AppData\Local\Temp\_MEI40322\pysqlite2._sqlite.pyd
c:\users\Ken\AppData\Local\Temp\_MEI40322\python26.dll
c:\users\Ken\AppData\Local\Temp\_MEI40322\pythoncom26.dll
c:\users\Ken\AppData\Local\Temp\_MEI40322\PyWinTypes26.dll
c:\users\Ken\AppData\Local\Temp\_MEI40322\select.pyd
c:\users\Ken\AppData\Local\Temp\_MEI40322\unicodedata.pyd
c:\users\Ken\AppData\Local\Temp\_MEI40322\win32api.pyd
c:\users\Ken\AppData\Local\Temp\_MEI40322\win32com.shell.shell.pyd
c:\users\Ken\AppData\Local\Temp\_MEI40322\win32crypt.pyd
c:\users\Ken\AppData\Local\Temp\_MEI40322\win32event.pyd
c:\users\Ken\AppData\Local\Temp\_MEI40322\win32file.pyd
c:\users\Ken\AppData\Local\Temp\_MEI40322\win32inet.pyd
c:\users\Ken\AppData\Local\Temp\_MEI40322\win32pdh.pyd
c:\users\Ken\AppData\Local\Temp\_MEI40322\win32process.pyd
c:\users\Ken\AppData\Local\Temp\_MEI40322\windows._cacheinvalidation.pyd
c:\users\Ken\AppData\Local\Temp\_MEI40322\wx._controls_.pyd
c:\users\Ken\AppData\Local\Temp\_MEI40322\wx._core_.pyd
c:\users\Ken\AppData\Local\Temp\_MEI40322\wx._gdi_.pyd
c:\users\Ken\AppData\Local\Temp\_MEI40322\wx._html2.pyd
c:\users\Ken\AppData\Local\Temp\_MEI40322\wx._misc_.pyd
c:\users\Ken\AppData\Local\Temp\_MEI40322\wx._windows_.pyd
c:\users\Ken\AppData\Local\Temp\_MEI40322\wx._wizard.pyd
c:\users\Ken\AppData\Local\Temp\_MEI40322\wxbase293u_net_vc.dll
c:\users\Ken\AppData\Local\Temp\_MEI40322\wxbase293u_vc.dll
c:\users\Ken\AppData\Local\Temp\_MEI40322\wxmsw293u_adv_vc.dll
c:\users\Ken\AppData\Local\Temp\_MEI40322\wxmsw293u_core_vc.dll
c:\users\Ken\AppData\Local\Temp\_MEI40322\wxmsw293u_html_vc.dll
c:\users\Ken\AppData\Local\Temp\_MEI40322\wxmsw293u_webview_vc.dll
D:\Autorun.inf
D:\Setup.exe
.
.
((((((((((((((((((((((((( Files Created from 2012-07-28 to 2012-08-28 )))))))))))))))))))))))))))))))
.
.
2012-08-29 00:50 . 2012-08-29 00:50 -------- d-----w- C:\FRST
2012-08-28 02:17 . 2012-08-01 22:58 9309624 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{60434423-2823-4E6D-96E8-236601F21821}\mpengine.dll
2012-08-27 01:31 . 2012-08-01 22:58 9309624 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\Backup\mpengine.dll
2012-08-22 04:18 . 2012-08-22 04:18 -------- d-----w- c:\program files\Common Files\Adobe
2012-08-22 04:17 . 2012-08-22 04:17 -------- d-----w- c:\program files\Adobe
2012-08-20 22:22 . 2012-08-20 22:22 -------- d-----w- c:\programdata\MemeoCommon
2012-08-18 22:06 . 2012-08-18 22:06 -------- d-----w- c:\program files (x86)\Common Files\Memeo
2012-08-18 22:06 . 2012-08-18 22:06 -------- d-----w- c:\program files (x86)\Memeo
2012-08-18 22:05 . 2012-08-18 22:05 -------- d-----w- c:\program files (x86)\Seagate
2012-08-15 14:05 . 2012-05-05 08:36 503808 ----a-w- c:\windows\system32\srcore.dll
2012-08-15 14:05 . 2012-05-05 07:46 43008 ----a-w- c:\windows\SysWow64\srclient.dll
2012-08-15 14:05 . 2012-02-11 06:43 751104 ----a-w- c:\windows\system32\win32spl.dll
2012-08-15 14:05 . 2012-02-11 06:36 559104 ----a-w- c:\windows\system32\spoolsv.exe
2012-08-15 14:05 . 2012-02-11 06:36 67072 ----a-w- c:\windows\splwow64.exe
2012-08-15 14:05 . 2012-02-11 05:43 492032 ----a-w- c:\windows\SysWow64\win32spl.dll
2012-08-15 14:05 . 2012-07-04 22:16 73216 ----a-w- c:\windows\system32\netapi32.dll
2012-08-15 14:05 . 2012-07-04 22:13 59392 ----a-w- c:\windows\system32\browcli.dll
2012-08-15 14:05 . 2012-07-04 22:13 136704 ----a-w- c:\windows\system32\browser.dll
2012-08-15 14:05 . 2012-07-04 21:14 41984 ----a-w- c:\windows\SysWow64\browcli.dll
2012-08-15 14:04 . 2012-07-18 18:15 3148800 ----a-w- c:\windows\system32\win32k.sys
2012-08-15 14:04 . 2012-05-14 05:26 956928 ----a-w- c:\windows\system32\localspl.dll
2012-08-11 02:12 . 2012-08-11 02:12 -------- d-----w- c:\windows\SysWow64\Wat
2012-08-11 02:12 . 2012-08-11 02:12 -------- d-----w- c:\windows\system32\Wat
2012-08-10 04:01 . 2012-08-10 04:01 -------- d-----w- c:\users\Default\AppData\Local\Microsoft Help
2012-08-09 21:24 . 2012-08-09 21:24 -------- d-----w- c:\program files\Microsoft Office
2012-08-09 21:24 . 2012-08-09 21:24 -------- d-----w- c:\program files (x86)\Microsoft Analysis Services
2012-08-09 21:24 . 2012-08-16 13:28 -------- d-----w- c:\programdata\Microsoft Help
2012-08-09 21:24 . 2012-08-09 21:24 -------- d-----r- C:\MSOCache
2012-08-09 16:05 . 2012-04-28 03:55 210944 ----a-w- c:\windows\system32\drivers\rdpwd.sys
2012-08-08 17:05 . 2012-08-08 17:05 -------- d-----w- c:\programdata\Malwarebytes
2012-08-08 17:05 . 2012-08-08 17:05 -------- d-----w- c:\program files (x86)\Malwarebytes' Anti-Malware
2012-08-08 17:05 . 2012-07-03 17:46 24904 ----a-w- c:\windows\system32\drivers\mbam.sys
2012-08-08 17:04 . 2012-08-08 17:04 -------- d-----w- c:\program files (x86)\Evernote
2012-08-08 16:47 . 2012-08-08 16:47 -------- d-----w- c:\program files (x86)\VideoLAN
2012-08-08 16:39 . 2012-08-08 16:39 -------- d-----w- c:\program files (x86)\Common Files\Skype
2012-08-08 16:39 . 2012-08-08 16:39 -------- d-----r- c:\program files (x86)\Skype
2012-08-08 16:39 . 2012-08-08 16:39 -------- d-----w- c:\programdata\Skype
2012-08-08 16:35 . 2012-06-09 17:21 178688 ----a-w- c:\windows\SysWow64\unrar.dll
2012-08-08 16:35 . 2012-08-08 16:35 -------- d-----w- c:\program files (x86)\K-Lite Codec Pack
2012-08-08 16:30 . 2012-08-08 16:30 -------- d-----w- c:\program files (x86)\Combined Community Codec Pack
2012-08-08 16:29 . 2012-08-08 16:29 -------- d-----w- c:\program files\7-Zip
2012-08-08 16:29 . 2012-08-08 16:29 -------- d-----w- c:\program files (x86)\Mozilla Maintenance Service
2012-08-08 16:27 . 2012-08-08 16:27 927800 ------w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{6FFB98A0-A68D-4346-A2D3-790BE503AE95}\gapaengine.dll
2012-08-08 16:23 . 2012-08-08 16:23 -------- d-----w- c:\program files (x86)\Microsoft Security Client
2012-08-08 16:23 . 2012-08-08 16:23 -------- d-----w- c:\program files\Microsoft Security Client
2012-08-08 16:09 . 2012-08-08 16:09 13 --sh--r- c:\windows\system32\drivers\fbd.sys
2012-08-08 16:09 . 2012-06-02 22:19 2428952 ----a-w- c:\windows\system32\wuaueng.dll
2012-08-08 16:09 . 2012-06-02 22:19 57880 ----a-w- c:\windows\system32\wuauclt.exe
2012-08-08 16:09 . 2012-06-02 22:19 44056 ----a-w- c:\windows\system32\wups2.dll
2012-08-08 16:09 . 2012-06-02 22:15 2622464 ----a-w- c:\windows\system32\wucltux.dll
2012-08-08 16:09 . 2012-06-02 22:19 38424 ----a-w- c:\windows\system32\wups.dll
2012-08-08 16:09 . 2012-06-02 22:19 701976 ----a-w- c:\windows\system32\wuapi.dll
2012-08-08 16:09 . 2012-06-02 22:15 99840 ----a-w- c:\windows\system32\wudriver.dll
2012-08-08 16:09 . 2012-06-02 19:19 186752 ----a-w- c:\windows\system32\wuwebv.dll
2012-08-08 16:09 . 2012-06-02 19:15 36864 ----a-w- c:\windows\system32\wuapp.exe
2012-08-08 16:09 . 2012-08-08 17:57 -------- d-----w- c:\users\Ken
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2012-08-23 13:23 . 2012-05-12 01:42 73416 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2012-08-23 13:23 . 2012-05-12 01:42 696520 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe
2012-08-08 16:09 . 2011-03-29 01:36 19720 ----a-w- c:\programdata\Microsoft\IdentityCRL\production\ppcrlconfig600.dll
2012-06-06 12:49 . 2012-06-06 12:49 1070152 ----a-w- c:\windows\SysWow64\MSCOMCTL.OCX
.
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt1]
@="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]
2012-06-30 04:19 94208 ----a-w- c:\users\Ken\AppData\Roaming\Dropbox\bin\DropboxExt.14.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt2]
@="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]
2012-06-30 04:19 94208 ----a-w- c:\users\Ken\AppData\Roaming\Dropbox\bin\DropboxExt.14.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt3]
@="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]
2012-06-30 04:19 94208 ----a-w- c:\users\Ken\AppData\Roaming\Dropbox\bin\DropboxExt.14.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt4]
@="{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}]
2012-06-30 04:19 94208 ----a-w- c:\users\Ken\AppData\Roaming\Dropbox\bin\DropboxExt.14.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"GoogleDriveSync"="c:\program files (x86)\Google\Drive\googledrivesync.exe" [2012-07-20 12218904]
"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2010-11-21 1475584]
"swg"="c:\program files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2012-07-15 39408]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"ITSecMng"="c:\program files (x86)\TOSHIBA\Bluetooth Toshiba Stack\ItSecMng.exe" [2011-04-02 80840]
"USB3MON"="c:\program files (x86)\Intel\Intel® USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe" [2012-02-27 291608]
"Intel AT Service signup"="c:\program files (x86)\Intel Corporation\Intel AT Service signup\IntelATServiceSignup.exe" [2012-02-16 382976]
"TOSDCR"="c:\program files (x86)\TOSHIBA\PasswordUtility\TOSDCR.exe" [2007-08-28 169296]
"DelayTSS"="c:\program files\Toshiba\DelayTSS\DelayTSS.exe" [2011-11-21 2153328]
"googletalk"="c:\program files (x86)\Google\Google Talk\googletalk.exe" [2007-01-01 3739648]
"Memeo Instant Backup"="c:\program files (x86)\Memeo\AutoBackup\MemeoLauncher2.exe" [2011-05-04 136416]
"Seagate Dashboard"="c:\program files (x86)\Seagate\Seagate Dashboard\MemeoLauncher.exe" [2011-06-01 79112]
.
c:\users\Ken\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
Dropbox.lnk - c:\users\Ken\AppData\Roaming\Dropbox\bin\Dropbox.exe [2012-7-24 26909544]
EvernoteClipper.lnk - c:\program files (x86)\Evernote\Evernote\EvernoteClipper.exe [2012-6-13 1014112]
.
c:\users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
Best Buy pc app.lnk - c:\programdata\Best Buy pc app\ClickOnceSetup.exe [2011-9-22 16032]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\drivers32]
"mixer3"=wdmaud.drv
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]
Security Packages REG_MULTI_SZ kerberos msv1_0 schannel wdigest tspkg pku2u livessp
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]
@="Service"
.
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
R2 gupdate;Google Update Service (gupdate);c:\program files (x86)\Google\Update\GoogleUpdate.exe [2012-07-15 136176]
R3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service;c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-08-23 250568]
R3 cphs;Intel® Content Protection HECI Service;c:\windows\SysWow64\IntelCpHeciSvc.exe [2012-04-02 276248]
R3 gupdatem;Google Update Service (gupdatem);c:\program files (x86)\Google\Update\GoogleUpdate.exe [2012-07-15 136176]
R3 intaud_WaveExtensible;Intel WiDi Audio Device;c:\windows\system32\drivers\intelaud.sys [2012-01-27 34200]
R3 MozillaMaintenance;Mozilla Maintenance Service;c:\program files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2012-07-14 113120]
R3 MyWiFiDHCPDNS;Wireless PAN DHCP Server;c:\program files\Intel\WiFi\bin\PanDhcpDns.exe [2012-02-26 273168]
R3 NisDrv;Microsoft Network Inspection System;c:\windows\system32\DRIVERS\NisDrvWFP.sys [2012-03-21 98688]
R3 NisSrv;Microsoft Network Inspection;c:\program files\Microsoft Security Client\NisSrv.exe [2012-03-26 291696]
R3 osppsvc;Office Software Protection Platform;c:\program files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-10 4925184]
R3 TMachInfo;TMachInfo;c:\program files (x86)\TOSHIBA\TOSHIBA Service Station\TMachInfo.exe [2011-11-21 57216]
R3 TOSHIBA HDD SSD Alert Service;TOSHIBA HDD SSD Alert Service;c:\program files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSmartSrv.exe [2012-04-12 138152]
R3 TPCHSrv;TPCH Service;c:\program files\TOSHIBA\TPHM\TPCHSrv.exe [2012-03-16 846208]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [2010-11-21 59392]
R3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD.sys [2010-11-21 31232]
R3 WatAdminSvc;Windows Activation Technologies Service;c:\windows\system32\Wat\WatAdminSvc.exe [2012-08-10 1255736]
R4 wlcrasvc;Windows Live Mesh remote connections service;c:\program files\Windows Live\Mesh\wlcrasvc.exe [2010-09-23 57184]
S0 iusb3hcs;Intel® USB 3.0 Host Controller Switch Driver;c:\windows\system32\DRIVERS\iusb3hcs.sys [2012-02-27 16152]
S0 tos_sps64;TOSHIBA tos_sps64 Service;c:\windows\system32\DRIVERS\tos_sps64.sys [2009-06-24 482384]
S1 vwififlt;Virtual WiFi Filter Driver;c:\windows\system32\DRIVERS\vwififlt.sys [2009-07-14 59904]
S2 Intel® Capability Licensing Service Interface;Intel® Capability Licensing Service Interface;c:\program files\Intel\iCLS Client\HeciServer.exe [2012-02-03 628448]
S2 Intel® ME Service;Intel® ME Service;c:\program files (x86)\Intel\Intel® Management Engine Components\FWService\IntelMeFWService.exe [2012-02-21 128280]
S2 irstrtsv;Intel® Rapid Start Technology Service;c:\windows\SysWOW64\irstrtsv.exe [2012-02-24 192856]
S2 jhi_service;Intel® Dynamic Application Loader Host Interface Service;c:\program files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe [2012-02-21 161560]
S2 MemeoBackgroundService;MemeoBackgroundService;c:\program files (x86)\Memeo\AutoBackup\MemeoBackgroundService.exe [2011-05-04 25824]
S2 Norton PC Checkup Application Launcher;Toshiba Laptop Checkup Application Launcher;c:\program files (x86)\Norton PC Checkup\Engine\2.0.17.38\SymcPCCULaunchSvc.exe [2011-12-01 135608]
S2 PCCUJobMgr;Common Client Job Manager Service;c:\program files (x86)\Norton PC Checkup\Engine\2.0.17.38\ccSvcHst.exe [2011-12-01 126392]
S2 risdxc;risdxc;c:\windows\system32\DRIVERS\risdxc64.sys [2011-05-26 101888]
S2 SeagateDashboardService;Seagate Dashboard Service;c:\program files (x86)\Seagate\Seagate Dashboard\SeagateDashboardService.exe [2011-06-01 14088]
S2 taisregispinger;taisregispinger;c:\program files (x86)\Toshiba\ToshibaRegistration\TaisRegistPinger.exe [2012-04-26 2186240]
S2 TOSHIBA eco Utility Service;TOSHIBA eco Utility Service;c:\program files\TOSHIBA\TECO\TecoService.exe [2012-02-29 342464]
S2 TVALZFL;TOSHIBA ACPI-Based Value Added Logical and General Purpose Device Filter Driver;c:\windows\system32\DRIVERS\TVALZFL.sys [2009-06-20 14472]
S2 UNS;Intel® Management and Security Application User Notification Service;c:\program files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe [2012-02-29 363800]
S2 ZeroConfigService;Intel® PROSet/Wireless Zero Configuration Service;c:\program files\Intel\WiFi\bin\ZeroConfigService.exe [2012-02-26 2669840]
S3 e1cexpress;Intel® PRO/1000 PCI Express Network Connection Driver C;c:\windows\system32\DRIVERS\e1c62x64.sys [2012-02-22 360624]
S3 IntcDAud;Intel® Display Audio;c:\windows\system32\DRIVERS\IntcDAud.sys [2011-12-06 331264]
S3 irstrtdv;Intel® Rapid Start Technology Driver;c:\windows\system32\DRIVERS\irstrtdv.sys [2012-02-22 26504]
S3 iusb3hub;Intel® USB 3.0 Hub Driver;c:\windows\system32\DRIVERS\iusb3hub.sys [2012-02-27 356120]
S3 iusb3xhc;Intel® USB 3.0 eXtensible Host Controller Driver;c:\windows\system32\DRIVERS\iusb3xhc.sys [2012-02-27 788760]
S3 iwdbus;IWD Bus Enumerator;c:\windows\system32\DRIVERS\iwdbus.sys [2012-01-27 25496]
S3 MEIx64;Intel® Management Engine Interface ;c:\windows\system32\DRIVERS\HECIx64.sys [2011-11-10 60184]
S3 NETwNs64;___ Intel® Wireless WiFi Link 5000 Series Adapter Driver for Windows 7 - 64 Bit;c:\windows\system32\DRIVERS\Netwsw00.sys [2012-03-14 11472384]
S3 PGEffect;Pangu effect driver;c:\windows\system32\DRIVERS\pgeffect.sys [2011-02-09 38096]
S3 vwifimp;Microsoft Virtual WiFi Miniport Service;c:\windows\system32\DRIVERS\vwifimp.sys [2009-07-14 17920]
.
.
--- Other Services/Drivers In Memory ---
.
*NewlyCreated* - WS2IFSL
.
Contents of the 'Scheduled Tasks' folder
.
2012-08-28 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-05-12 13:23]
.
2012-08-28 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2012-07-15 08:43]
.
2012-08-28 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2012-07-15 08:43]
.
2012-08-28 c:\windows\Tasks\ISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d-Logon.job
- c:\program files (x86)\Intel\Intel® ME FW Recovery Agent\bin\Bootstrap.exe [2011-11-25 20:41]
.
2012-08-28 c:\windows\Tasks\ISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d.job
- c:\program files (x86)\Intel\Intel® ME FW Recovery Agent\bin\Bootstrap.exe [2011-11-25 20:41]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt1]
@="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]
2012-06-30 04:19 97792 ----a-w- c:\users\Ken\AppData\Roaming\Dropbox\bin\DropboxExt64.14.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt2]
@="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]
2012-06-30 04:19 97792 ----a-w- c:\users\Ken\AppData\Roaming\Dropbox\bin\DropboxExt64.14.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt3]
@="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]
2012-06-30 04:19 97792 ----a-w- c:\users\Ken\AppData\Roaming\Dropbox\bin\DropboxExt64.14.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt4]
@="{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}]
2012-06-30 04:19 97792 ----a-w- c:\users\Ken\AppData\Roaming\Dropbox\bin\DropboxExt64.14.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveBlacklistedOverlay]
@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42}"
[HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42}]
2012-07-20 19:17 755544 ----a-w- c:\program files (x86)\Google\Drive\googledrivesync64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveSharedOverlay]
@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D43}"
[HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D43}]
2012-07-20 19:17 755544 ----a-w- c:\program files (x86)\Google\Drive\googledrivesync64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveSyncedOverlay]
@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40}"
[HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40}]
2012-07-20 19:17 755544 ----a-w- c:\program files (x86)\Google\Drive\googledrivesync64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveSyncingOverlay]
@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41}"
[HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41}]
2012-07-20 19:17 755544 ----a-w- c:\program files (x86)\Google\Drive\googledrivesync64.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2012-04-02 170264]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2012-04-02 398616]
"Persistence"="c:\windows\system32\igfxpers.exe" [2012-04-02 439064]
"RtHDVCpl"="c:\program files\Realtek\Audio\HDA\RAVCpl64.exe" [2012-03-13 12452968]
"SRS Premium Sound 3D"="c:\program files\SRS Labs\SRS Control Panel\SRSPanel_64.exe" [2012-03-22 2165120]
"TosSENotify"="c:\program files\TOSHIBA\TOSHIBA HDD SSD Alert\TosWaitSrv.exe" [2012-04-12 710560]
"TosVolRegulator"="c:\program files\TOSHIBA\TosVolRegulator\TosVolRegulator.exe" [2009-11-11 24376]
"MSC"="c:\program files\Microsoft Security Client\msseces.exe" [2012-03-26 1271168]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"LoadAppInit_DLLs"=0x0
.
------- Supplementary Scan -------
.
uLocal Page = c:\windows\system32\blank.htm
uStart Page = hxxp://start.toshiba.com/?cid=C001B2Y
mLocal Page = c:\windows\SysWOW64\blank.htm
uInternet Settings,ProxyOverride = <local>
IE: Add to Evernote 4.0 - c:\program files (x86)\Evernote\Evernote\EvernoteIE.dll/204
IE: E&xport to Microsoft Excel - c:\progra~2\MICROS~3\Office14\EXCEL.EXE/3000
IE: Se&nd to OneNote - c:\progra~2\MICROS~3\Office14\ONBttnIE.dll/105
TCP: DhcpNameServer = 18.71.0.151 18.70.0.160 18.72.0.3
FF - ProfilePath -
.
- - - - ORPHANS REMOVED - - - -
.
Toolbar-Locked - (no file)
Wow6432Node-HKLM-Run-TSleepSrv - %ProgramFiles(x86)%\TOSHIBA\TOSHIBA Sleep Utility\TSleepSrv.exe
SafeBoot-39779514.sys
Toolbar-Locked - (no file)
HKLM-Run-(Default) - (no file)
HKLM-Run-SynTPEnh - c:\program files (x86)\Synaptics\SynTP\SynTPEnh.exe
HKLM-Run-TPwrMain - c:\program files (x86)\TOSHIBA\Power Saver\TPwrMain.EXE
HKLM-Run-TCrdMain - c:\program files (x86)\TOSHIBA\FlashCards\TCrdMain.exe
HKLM-Run-BatteryManager - c:\program files (x86)\TOSHIBA\Power Saver\TBatmgrTrayIcon.EXE
HKLM-Run-Teco - c:\program files (x86)\TOSHIBA\TECO\Teco.exe
HKLM-Run-TosWaitSrv - c:\program files (x86)\TOSHIBA\TPHM\TosWaitSrv.exe
HKLM-Run-TosNC - c:\program files (x86)\Toshiba\BulletinBoard\TosNcCore.exe
HKLM-Run-TosReelTimeMonitor - c:\program files (x86)\TOSHIBA\ReelTime\TosReelTimeMonitor.exe
.
.
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\PCCUJobMgr]
"ImagePath"="\"c:\program files (x86)\Norton PC Checkup\Engine\2.0.17.38\ccSvcHst.exe\" /s \"PCCUJobMgr\" /m \"c:\program files (x86)\Norton PC Checkup\Engine\2.0.17.38\diMaster.dll\" /prefetch:1"
.
--------------------- LOCKED REGISTRY KEYS ---------------------
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\windows\\system32\\Macromed\\Flash\\FlashUtil64_11_4_402_265_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\windows\\system32\\Macromed\\Flash\\FlashUtil64_11_4_402_265_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_4_402_265_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_4_402_265_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_4_402_265.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.11"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_4_402_265.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_4_402_265.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_4_402_265.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VideoLAN.VLCPlugin.*1*]
@="?????????????????? v1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VideoLAN.VLCPlugin.*1*\CLSID]
@="{E23FE9C6-778E-49D4-B537-38FCDE4887D8}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VideoLAN.VLCPlugin.*2*]
@="?????????????????? v2"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VideoLAN.VLCPlugin.*2*\CLSID]
@="{9BE31822-FDAD-461B-AD51-BE1D1C159921}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Office\Common\Smart Tag\Actions\{B7EFF951-E52F-45CC-9EF7-57124F2177CC}]
@Denied: (A) (Everyone)
"Solution"="{15727DE6-F92D-4E46-ACB4-0E2C58B31A18}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Schema Library\ActionsPane3]
@Denied: (A) (Everyone)
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Schema Library\ActionsPane3\0]
"Key"="ActionsPane3"
"Location"="c:\\Program Files (x86)\\Common Files\\Microsoft Shared\\VSTO\\ActionsPane3.xsd"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
------------------------ Other Running Processes ------------------------
.
c:\program files (x86)\TOSHIBA\widimon\widimon.exe
c:\program files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
.
**************************************************************************
.
Completion time: 2012-08-28 18:19:09 - machine was rebooted
ComboFix-quarantined-files.txt 2012-08-28 22:19
.
Pre-Run: 64,113,926,144 bytes free
Post-Run: 64,032,141,312 bytes free
.
- - End Of File - - 6CC8860DCA8AF7317CC3D18D73D6340C

#9 MoOPH

MoOPH
  • Topic Starter

  • Members
  • 8 posts
  • OFFLINE
  •  
  • Local time:03:22 PM

Posted 28 August 2012 - 05:29 PM

TDSS Killer chopped up because it was too long:

18:05:47.0732 4612 TDSS rootkit removing tool 2.8.8.0 Aug 24 2012 13:27:48
18:05:48.0107 4612 ============================================================
18:05:48.0107 4612 Current date / time: 2012/08/28 18:05:48.0107
18:05:48.0107 4612 SystemInfo:
18:05:48.0107 4612
18:05:48.0107 4612 OS Version: 6.1.7601 ServicePack: 1.0
18:05:48.0107 4612 Product type: Workstation
18:05:48.0107 4612 ComputerName: KEN-PC
18:05:48.0107 4612 UserName: Ken
18:05:48.0107 4612 Windows directory: C:\windows
18:05:48.0107 4612 System windows directory: C:\windows
18:05:48.0107 4612 Running under WOW64
18:05:48.0107 4612 Processor architecture: Intel x64
18:05:48.0107 4612 Number of processors: 4
18:05:48.0107 4612 Page size: 0x1000
18:05:48.0107 4612 Boot type: Normal boot
18:05:48.0107 4612 ============================================================
18:05:49.0041 4612 BG loaded
18:05:49.0400 4612 Drive \Device\Harddisk0\DR0 - Size: 0x1DCF856000 (119.24 Gb), SectorSize: 0x200, Cylinders: 0x3CCE, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
18:05:49.0416 4612 Drive \Device\Harddisk1\DR1 - Size: 0x77800000 (1.87 Gb), SectorSize: 0x200, Cylinders: 0xF3, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'W'
18:05:49.0447 4612 Drive \Device\Harddisk2\DR2 - Size: 0xE8E0DB6000 (931.51 Gb), SectorSize: 0x200, Cylinders: 0x1DB01, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'W'
18:05:49.0447 4612 ============================================================
18:05:49.0447 4612 \Device\Harddisk0\DR0:
18:05:49.0447 4612 MBR partitions:
18:05:49.0447 4612 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x2EE800, BlocksNum 0xCA62800
18:05:49.0447 4612 \Device\Harddisk1\DR1:
18:05:49.0447 4612 MBR partitions:
18:05:49.0447 4612 \Device\Harddisk1\DR1\Partition1: MBR, Type 0xC, StartLBA 0x20, BlocksNum 0x3BBFE0
18:05:49.0447 4612 \Device\Harddisk2\DR2:
18:05:49.0447 4612 MBR partitions:
18:05:49.0447 4612 \Device\Harddisk2\DR2\Partition1: MBR, Type 0xC, StartLBA 0x3F, BlocksNum 0x74705982
18:05:49.0447 4612 ============================================================
18:05:49.0447 4612 C: <-> \Device\Harddisk0\DR0\Partition1
18:05:49.0463 4612 E: <-> \Device\Harddisk2\DR2\Partition1
18:05:49.0463 4612 ============================================================
18:05:49.0463 4612 Initialize success
18:05:49.0463 4612 ============================================================
18:07:01.0917 3916 ============================================================
18:07:01.0918 3916 Scan started
18:07:01.0918 3916 Mode: Manual; SigCheck; TDLFS;
18:07:01.0918 3916 ============================================================
18:07:02.0000 3916 ================ Scan system memory ========================
18:07:02.0000 3916 System memory - ok
18:07:02.0001 3916 ================ Scan services =============================
18:07:02.0034 3916 [ A87D604AEA360176311474C87A63BB88 ] 1394ohci C:\windows\system32\drivers\1394ohci.sys
18:07:02.0073 3916 1394ohci - ok
18:07:02.0079 3916 [ D81D9E70B8A6DD14D42D7B4EFA65D5F2 ] ACPI C:\windows\system32\drivers\ACPI.sys
18:07:02.0091 3916 ACPI - ok
18:07:02.0094 3916 [ 99F8E788246D495CE3794D7E7821D2CA ] AcpiPmi C:\windows\system32\drivers\acpipmi.sys
18:07:02.0110 3916 AcpiPmi - ok
18:07:02.0128 3916 [ B2B64AF436FACCFA854DD397027C5360 ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
18:07:02.0139 3916 AdobeFlashPlayerUpdateSvc - ok
18:07:02.0145 3916 [ 2F6B34B83843F0C5118B63AC634F5BF4 ] adp94xx C:\windows\system32\drivers\adp94xx.sys
18:07:02.0160 3916 adp94xx - ok
18:07:02.0165 3916 [ 597F78224EE9224EA1A13D6350CED962 ] adpahci C:\windows\system32\drivers\adpahci.sys
18:07:02.0177 3916 adpahci - ok
18:07:02.0181 3916 [ E109549C90F62FB570B9540C4B148E54 ] adpu320 C:\windows\system32\drivers\adpu320.sys
18:07:02.0191 3916 adpu320 - ok
18:07:02.0196 3916 [ 4B78B431F225FD8624C5655CB1DE7B61 ] AeLookupSvc C:\windows\System32\aelupsvc.dll
18:07:02.0245 3916 AeLookupSvc - ok
18:07:02.0252 3916 [ 1C7857B62DE5994A75B054A9FD4C3825 ] AFD C:\windows\system32\drivers\afd.sys
18:07:02.0266 3916 AFD - ok
18:07:02.0270 3916 [ 608C14DBA7299D8CB6ED035A68A15799 ] agp440 C:\windows\system32\drivers\agp440.sys
18:07:02.0279 3916 agp440 - ok
18:07:02.0282 3916 [ 3290D6946B5E30E70414990574883DDB ] ALG C:\windows\System32\alg.exe
18:07:02.0295 3916 ALG - ok
18:07:02.0297 3916 [ 5812713A477A3AD7363C7438CA2EE038 ] aliide C:\windows\system32\drivers\aliide.sys
18:07:02.0306 3916 aliide - ok
18:07:02.0309 3916 [ 1FF8B4431C353CE385C875F194924C0C ] amdide C:\windows\system32\drivers\amdide.sys
18:07:02.0317 3916 amdide - ok
18:07:02.0320 3916 [ 7024F087CFF1833A806193EF9D22CDA9 ] AmdK8 C:\windows\system32\drivers\amdk8.sys
18:07:02.0330 3916 AmdK8 - ok
18:07:02.0333 3916 [ 1E56388B3FE0D031C44144EB8C4D6217 ] AmdPPM C:\windows\system32\drivers\amdppm.sys
18:07:02.0344 3916 AmdPPM - ok
18:07:02.0347 3916 [ D4121AE6D0C0E7E13AA221AA57EF2D49 ] amdsata C:\windows\system32\drivers\amdsata.sys
18:07:02.0358 3916 amdsata - ok
18:07:02.0362 3916 [ F67F933E79241ED32FF46A4F29B5120B ] amdsbs C:\windows\system32\drivers\amdsbs.sys
18:07:02.0372 3916 amdsbs - ok
18:07:02.0375 3916 [ 540DAF1CEA6094886D72126FD7C33048 ] amdxata C:\windows\system32\drivers\amdxata.sys
18:07:02.0383 3916 amdxata - ok
18:07:02.0386 3916 [ 89A69C3F2F319B43379399547526D952 ] AppID C:\windows\system32\drivers\appid.sys
18:07:02.0437 3916 AppID - ok
18:07:02.0440 3916 [ 0BC381A15355A3982216F7172F545DE1 ] AppIDSvc C:\windows\System32\appidsvc.dll
18:07:02.0469 3916 AppIDSvc - ok
18:07:02.0473 3916 [ 3977D4A871CA0D4F2ED1E7DB46829731 ] Appinfo C:\windows\System32\appinfo.dll
18:07:02.0505 3916 Appinfo - ok
18:07:02.0508 3916 [ C484F8CEB1717C540242531DB7845C4E ] arc C:\windows\system32\drivers\arc.sys
18:07:02.0517 3916 arc - ok
18:07:02.0521 3916 [ 019AF6924AEFE7839F61C830227FE79C ] arcsas C:\windows\system32\drivers\arcsas.sys
18:07:02.0530 3916 arcsas - ok
18:07:02.0539 3916 [ 9217D874131AE6FF8F642F124F00A555 ] aspnet_state C:\windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
18:07:02.0549 3916 aspnet_state - ok
18:07:02.0551 3916 [ 769765CE2CC62867468CEA93969B2242 ] AsyncMac C:\windows\system32\DRIVERS\asyncmac.sys
18:07:02.0580 3916 AsyncMac - ok
18:07:02.0583 3916 [ 02062C0B390B7729EDC9E69C680A6F3C ] atapi C:\windows\system32\drivers\atapi.sys
18:07:02.0591 3916 atapi - ok
18:07:02.0598 3916 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioEndpointBuilder C:\windows\System32\Audiosrv.dll
18:07:02.0630 3916 AudioEndpointBuilder - ok
18:07:02.0637 3916 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioSrv C:\windows\System32\Audiosrv.dll
18:07:02.0667 3916 AudioSrv - ok
18:07:02.0671 3916 [ A6BF31A71B409DFA8CAC83159E1E2AFF ] AxInstSV C:\windows\System32\AxInstSV.dll
18:07:02.0692 3916 AxInstSV - ok
18:07:02.0698 3916 [ 3E5B191307609F7514148C6832BB0842 ] b06bdrv C:\windows\system32\drivers\bxvbda.sys
18:07:02.0711 3916 b06bdrv - ok
18:07:02.0716 3916 [ B5ACE6968304A3900EEB1EBFD9622DF2 ] b57nd60a C:\windows\system32\DRIVERS\b57nd60a.sys
18:07:02.0731 3916 b57nd60a - ok
18:07:02.0735 3916 [ FDE360167101B4E45A96F939F388AEB0 ] BDESVC C:\windows\System32\bdesvc.dll
18:07:02.0746 3916 BDESVC - ok
18:07:02.0749 3916 [ 16A47CE2DECC9B099349A5F840654746 ] Beep C:\windows\system32\drivers\Beep.sys
18:07:02.0776 3916 Beep - ok
18:07:02.0784 3916 [ 82974D6A2FD19445CC5171FC378668A4 ] BFE C:\windows\System32\bfe.dll
18:07:02.0815 3916 BFE - ok
18:07:02.0824 3916 [ 1EA7969E3271CBC59E1730697DC74682 ] BITS C:\windows\System32\qmgr.dll
18:07:02.0859 3916 BITS - ok
18:07:02.0862 3916 [ 61583EE3C3A17003C4ACD0475646B4D3 ] blbdrive C:\windows\system32\DRIVERS\blbdrive.sys
18:07:02.0871 3916 blbdrive - ok
18:07:02.0874 3916 [ 6C02A83164F5CC0A262F4199F0871CF5 ] bowser C:\windows\system32\DRIVERS\bowser.sys
18:07:02.0884 3916 bowser - ok
18:07:02.0888 3916 [ F09EEE9EDC320B5E1501F749FDE686C8 ] BrFiltLo C:\windows\system32\drivers\BrFiltLo.sys
18:07:02.0899 3916 BrFiltLo - ok
18:07:02.0902 3916 [ B114D3098E9BDB8BEA8B053685831BE6 ] BrFiltUp C:\windows\system32\drivers\BrFiltUp.sys
18:07:02.0913 3916 BrFiltUp - ok
18:07:02.0917 3916 [ 05F5A0D14A2EE1D8255C2AA0E9E8E694 ] Browser C:\windows\System32\browser.dll
18:07:02.0928 3916 Browser - ok
18:07:02.0933 3916 [ 43BEA8D483BF1870F018E2D02E06A5BD ] Brserid C:\windows\System32\Drivers\Brserid.sys
18:07:02.0947 3916 Brserid - ok
18:07:02.0950 3916 [ A6ECA2151B08A09CACECA35C07F05B42 ] BrSerWdm C:\windows\System32\Drivers\BrSerWdm.sys
18:07:02.0962 3916 BrSerWdm - ok
18:07:02.0964 3916 [ B79968002C277E869CF38BD22CD61524 ] BrUsbMdm C:\windows\System32\Drivers\BrUsbMdm.sys
18:07:02.0976 3916 BrUsbMdm - ok
18:07:02.0979 3916 [ A87528880231C54E75EA7A44943B38BF ] BrUsbSer C:\windows\System32\Drivers\BrUsbSer.sys
18:07:02.0989 3916 BrUsbSer - ok
18:07:02.0992 3916 [ 9DA669F11D1F894AB4EB69BF546A42E8 ] BTHMODEM C:\windows\system32\drivers\bthmodem.sys
18:07:03.0004 3916 BTHMODEM - ok
18:07:03.0009 3916 [ 95F9C2976059462CBBF227F7AAB10DE9 ] bthserv C:\windows\system32\bthserv.dll
18:07:03.0037 3916 bthserv - ok
18:07:03.0040 3916 [ B8BD2BB284668C84865658C77574381A ] cdfs C:\windows\system32\DRIVERS\cdfs.sys
18:07:03.0068 3916 cdfs - ok
18:07:03.0073 3916 [ F036CE71586E93D94DAB220D7BDF4416 ] cdrom C:\windows\system32\drivers\cdrom.sys
18:07:03.0085 3916 cdrom - ok
18:07:03.0088 3916 [ F17D1D393BBC69C5322FBFAFACA28C7F ] CertPropSvc C:\windows\System32\certprop.dll
18:07:03.0115 3916 CertPropSvc - ok
18:07:03.0118 3916 [ D7CD5C4E1B71FA62050515314CFB52CF ] circlass C:\windows\system32\drivers\circlass.sys
18:07:03.0130 3916 circlass - ok
18:07:03.0135 3916 [ FE1EC06F2253F691FE36217C592A0206 ] CLFS C:\windows\system32\CLFS.sys
18:07:03.0148 3916 CLFS - ok
18:07:03.0152 3916 [ D88040F816FDA31C3B466F0FA0918F29 ] clr_optimization_v2.0.50727_32 C:\windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
18:07:03.0161 3916 clr_optimization_v2.0.50727_32 - ok
18:07:03.0165 3916 [ D1CEEA2B47CB998321C579651CE3E4F8 ] clr_optimization_v2.0.50727_64 C:\windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
18:07:03.0173 3916 clr_optimization_v2.0.50727_64 - ok
18:07:03.0180 3916 [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
18:07:03.0193 3916 clr_optimization_v4.0.30319_32 - ok
18:07:03.0197 3916 [ C6F9AF94DCD58122A4D7E89DB6BED29D ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
18:07:03.0207 3916 clr_optimization_v4.0.30319_64 - ok
18:07:03.0210 3916 [ 0840155D0BDDF1190F84A663C284BD33 ] CmBatt C:\windows\system32\DRIVERS\CmBatt.sys
18:07:03.0219 3916 CmBatt - ok
18:07:03.0222 3916 [ E19D3F095812725D88F9001985B94EDD ] cmdide C:\windows\system32\drivers\cmdide.sys
18:07:03.0230 3916 cmdide - ok
18:07:03.0236 3916 [ 9AC4F97C2D3E93367E2148EA940CD2CD ] CNG C:\windows\system32\Drivers\cng.sys
18:07:03.0254 3916 CNG - ok
18:07:03.0257 3916 [ 102DE219C3F61415F964C88E9085AD14 ] Compbatt C:\windows\system32\drivers\compbatt.sys
18:07:03.0265 3916 Compbatt - ok
18:07:03.0268 3916 [ 03EDB043586CCEBA243D689BDDA370A8 ] CompositeBus C:\windows\system32\DRIVERS\CompositeBus.sys
18:07:03.0279 3916 CompositeBus - ok
18:07:03.0281 3916 COMSysApp - ok
18:07:03.0287 3916 [ 702E7510ADD9F64CD5DC3160EF804A97 ] cphs C:\windows\SysWow64\IntelCpHeciSvc.exe
18:07:03.0301 3916 cphs - ok
18:07:03.0305 3916 [ 1C827878A998C18847245FE1F34EE597 ] crcdisk C:\windows\system32\drivers\crcdisk.sys
18:07:03.0313 3916 crcdisk - ok
18:07:03.0318 3916 [ 4F5414602E2544A4554D95517948B705 ] CryptSvc C:\windows\system32\cryptsvc.dll
18:07:03.0329 3916 CryptSvc - ok
18:07:03.0336 3916 [ 5C627D1B1138676C0A7AB2C2C190D123 ] DcomLaunch C:\windows\system32\rpcss.dll
18:07:03.0366 3916 DcomLaunch - ok
18:07:03.0371 3916 [ 3CEC7631A84943677AA8FA8EE5B6B43D ] defragsvc C:\windows\System32\defragsvc.dll
18:07:03.0401 3916 defragsvc - ok
18:07:03.0405 3916 [ 9BB2EF44EAA163B29C4A4587887A0FE4 ] DfsC C:\windows\system32\Drivers\dfsc.sys
18:07:03.0433 3916 DfsC - ok
18:07:03.0442 3916 [ 43D808F5D9E1A18E5EEB5EBC83969E4E ] Dhcp C:\windows\system32\dhcpcore.dll
18:07:03.0470 3916 Dhcp - ok
18:07:03.0473 3916 [ 13096B05847EC78F0977F2C0F79E9AB3 ] discache C:\windows\system32\drivers\discache.sys
18:07:03.0500 3916 discache - ok
18:07:03.0504 3916 [ 9819EEE8B5EA3784EC4AF3B137A5244C ] Disk C:\windows\system32\drivers\disk.sys
18:07:03.0512 3916 Disk - ok
18:07:03.0516 3916 [ 16835866AAA693C7D7FCEBA8FFF706E4 ] Dnscache C:\windows\System32\dnsrslvr.dll
18:07:03.0527 3916 Dnscache - ok
18:07:03.0532 3916 [ B1FB3DDCA0FDF408750D5843591AFBC6 ] dot3svc C:\windows\System32\dot3svc.dll
18:07:03.0561 3916 dot3svc - ok
18:07:03.0564 3916 [ B26F4F737E8F9DF4F31AF6CF31D05820 ] DPS C:\windows\system32\dps.dll
18:07:03.0592 3916 DPS - ok
18:07:03.0595 3916 [ 9B19F34400D24DF84C858A421C205754 ] drmkaud C:\windows\system32\drivers\drmkaud.sys
18:07:03.0606 3916 drmkaud - ok
18:07:03.0616 3916 [ 85DBF6EC7BDFA6187F4A1EC8F3145CD0 ] DXGKrnl C:\windows\System32\drivers\dxgkrnl.sys
18:07:03.0636 3916 DXGKrnl - ok
18:07:03.0642 3916 [ 2E83CF60759CAEA3F0CEB26D58208CAB ] e1cexpress C:\windows\system32\DRIVERS\e1c62x64.sys
18:07:03.0657 3916 e1cexpress - ok
18:07:03.0661 3916 [ E2DDA8726DA9CB5B2C4000C9018A9633 ] EapHost C:\windows\System32\eapsvc.dll
18:07:03.0690 3916 EapHost - ok
18:07:03.0717 3916 [ DC5D737F51BE844D8C82C695EB17372F ] ebdrv C:\windows\system32\drivers\evbda.sys
18:07:03.0759 3916 ebdrv - ok
18:07:03.0762 3916 [ C118A82CD78818C29AB228366EBF81C3 ] EFS C:\windows\System32\lsass.exe
18:07:03.0772 3916 EFS - ok
18:07:03.0780 3916 [ C4002B6B41975F057D98C439030CEA07 ] ehRecvr C:\windows\ehome\ehRecvr.exe
18:07:03.0799 3916 ehRecvr - ok
18:07:03.0802 3916 [ 4705E8EF9934482C5BB488CE28AFC681 ] ehSched C:\windows\ehome\ehsched.exe
18:07:03.0812 3916 ehSched - ok
18:07:03.0819 3916 [ 0E5DA5369A0FCAEA12456DD852545184 ] elxstor C:\windows\system32\drivers\elxstor.sys
18:07:03.0834 3916 elxstor - ok
18:07:03.0837 3916 [ 34A3C54752046E79A126E15C51DB409B ] ErrDev C:\windows\system32\drivers\errdev.sys
18:07:03.0846 3916 ErrDev - ok
18:07:03.0854 3916 [ 4166F82BE4D24938977DD1746BE9B8A0 ] EventSystem C:\windows\system32\es.dll
18:07:03.0884 3916 EventSystem - ok
18:07:03.0893 3916 [ 23D401A43DADED10A153B9F3A7E66C91 ] EvtEng C:\Program Files\Intel\WiFi\bin\EvtEng.exe
18:07:03.0921 3916 EvtEng - ok
18:07:03.0926 3916 [ A510C654EC00C1E9BDD91EEB3A59823B ] exfat C:\windows\system32\drivers\exfat.sys
18:07:03.0954 3916 exfat - ok
18:07:03.0958 3916 [ 0ADC83218B66A6DB380C330836F3E36D ] fastfat C:\windows\system32\drivers\fastfat.sys
18:07:03.0986 3916 fastfat - ok
18:07:03.0994 3916 [ DBEFD454F8318A0EF691FDD2EAAB44EB ] Fax C:\windows\system32\fxssvc.exe
18:07:04.0011 3916 Fax - ok
18:07:04.0014 3916 [ D765D19CD8EF61F650C384F62FAC00AB ] fdc C:\windows\system32\drivers\fdc.sys
18:07:04.0024 3916 fdc - ok
18:07:04.0028 3916 [ 0438CAB2E03F4FB61455A7956026FE86 ] fdPHost C:\windows\system32\fdPHost.dll
18:07:04.0055 3916 fdPHost - ok
18:07:04.0058 3916 [ 802496CB59A30349F9A6DD22D6947644 ] FDResPub C:\windows\system32\fdrespub.dll
18:07:04.0085 3916 FDResPub - ok
18:07:04.0088 3916 [ 655661BE46B5F5F3FD454E2C3095B930 ] FileInfo C:\windows\system32\drivers\fileinfo.sys
18:07:04.0097 3916 FileInfo - ok
18:07:04.0100 3916 [ 5F671AB5BC87EEA04EC38A6CD5962A47 ] Filetrace C:\windows\system32\drivers\filetrace.sys
18:07:04.0127 3916 Filetrace - ok
18:07:04.0130 3916 [ C172A0F53008EAEB8EA33FE10E177AF5 ] flpydisk C:\windows\system32\drivers\flpydisk.sys
18:07:04.0139 3916 flpydisk - ok
18:07:04.0143 3916 [ DA6B67270FD9DB3697B20FCE94950741 ] FltMgr C:\windows\system32\drivers\fltmgr.sys
18:07:04.0154 3916 FltMgr - ok
18:07:04.0166 3916 [ 5C4CB4086FB83115B153E47ADD961A0C ] FontCache C:\windows\system32\FntCache.dll
18:07:04.0185 3916 FontCache - ok
18:07:04.0188 3916 [ A8B7F3818AB65695E3A0BB3279F6DCE6 ] FontCache3.0.0.0 C:\windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
18:07:04.0196 3916 FontCache3.0.0.0 - ok
18:07:04.0199 3916 [ D43703496149971890703B4B1B723EAC ] FsDepends C:\windows\system32\drivers\FsDepends.sys
18:07:04.0207 3916 FsDepends - ok
18:07:04.0210 3916 [ 6BD9295CC032DD3077C671FCCF579A7B ] Fs_Rec C:\windows\system32\drivers\Fs_Rec.sys
18:07:04.0220 3916 Fs_Rec - ok
18:07:04.0224 3916 [ 1F7B25B858FA27015169FE95E54108ED ] fvevol C:\windows\system32\DRIVERS\fvevol.sys
18:07:04.0237 3916 fvevol - ok
18:07:04.0241 3916 [ 8C778D335C9D272CFD3298AB02ABE3B6 ] gagp30kx C:\windows\system32\drivers\gagp30kx.sys
18:07:04.0249 3916 gagp30kx - ok
18:07:04.0258 3916 [ 277BBC7E1AA1EE957F573A10ECA7EF3A ] gpsvc C:\windows\System32\gpsvc.dll
18:07:04.0290 3916 gpsvc - ok
18:07:04.0295 3916 [ F02A533F517EB38333CB12A9E8963773 ] gupdate C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
18:07:04.0302 3916 gupdate - ok
18:07:04.0305 3916 [ F02A533F517EB38333CB12A9E8963773 ] gupdatem C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
18:07:04.0313 3916 gupdatem - ok
18:07:04.0317 3916 [ 5D4BC124FAAE6730AC002CDB67BF1A1C ] gusvc C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
18:07:04.0326 3916 gusvc - ok
18:07:04.0329 3916 [ F2523EF6460FC42405B12248338AB2F0 ] hcw85cir C:\windows\system32\drivers\hcw85cir.sys
18:07:04.0339 3916 hcw85cir - ok
18:07:04.0344 3916 [ 975761C778E33CD22498059B91E7373A ] HdAudAddService C:\windows\system32\drivers\HdAudio.sys
18:07:04.0359 3916 HdAudAddService - ok
18:07:04.0362 3916 [ 97BFED39B6B79EB12CDDBFEED51F56BB ] HDAudBus C:\windows\system32\DRIVERS\HDAudBus.sys
18:07:04.0374 3916 HDAudBus - ok
18:07:04.0377 3916 [ 78E86380454A7B10A5EB255DC44A355F ] HidBatt C:\windows\system32\drivers\HidBatt.sys
18:07:04.0387 3916 HidBatt - ok
18:07:04.0390 3916 [ 7FD2A313F7AFE5C4DAB14798C48DD104 ] HidBth C:\windows\system32\drivers\hidbth.sys
18:07:04.0402 3916 HidBth - ok
18:07:04.0405 3916 [ 0A77D29F311B88CFAE3B13F9C1A73825 ] HidIr C:\windows\system32\drivers\hidir.sys
18:07:04.0416 3916 HidIr - ok
18:07:04.0420 3916 [ BD9EB3958F213F96B97B1D897DEE006D ] hidserv C:\windows\system32\hidserv.dll
18:07:04.0447 3916 hidserv - ok
18:07:04.0450 3916 [ 9592090A7E2B61CD582B612B6DF70536 ] HidUsb C:\windows\system32\DRIVERS\hidusb.sys
18:07:04.0469 3916 HidUsb - ok
18:07:04.0472 3916 [ 387E72E739E15E3D37907A86D9FF98E2 ] hkmsvc C:\windows\system32\kmsvc.dll
18:07:04.0500 3916 hkmsvc - ok
18:07:04.0504 3916 [ EFDFB3DD38A4376F93E7985173813ABD ] HomeGroupListener C:\windows\system32\ListSvc.dll
18:07:04.0516 3916 HomeGroupListener - ok
18:07:04.0520 3916 [ 908ACB1F594274965A53926B10C81E89 ] HomeGroupProvider C:\windows\system32\provsvc.dll
18:07:04.0531 3916 HomeGroupProvider - ok
18:07:04.0535 3916 [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC ] HpSAMD C:\windows\system32\drivers\HpSAMD.sys
18:07:04.0544 3916 HpSAMD - ok
18:07:04.0551 3916 [ 0EA7DE1ACB728DD5A369FD742D6EEE28 ] HTTP C:\windows\system32\drivers\HTTP.sys
18:07:04.0583 3916 HTTP - ok
18:07:04.0586 3916 [ A5462BD6884960C9DC85ED49D34FF392 ] hwpolicy C:\windows\system32\drivers\hwpolicy.sys
18:07:04.0594 3916 hwpolicy - ok
18:07:04.0597 3916 [ FA55C73D4AFFA7EE23AC4BE53B4592D3 ] i8042prt C:\windows\system32\DRIVERS\i8042prt.sys
18:07:04.0607 3916 i8042prt - ok
18:07:04.0616 3916 [ C224331A54571C8C9162F7714400BBBD ] iaStor C:\windows\system32\DRIVERS\iaStor.sys
18:07:04.0629 3916 iaStor - ok
18:07:04.0635 3916 [ AAAF44DB3BD0B9D1FB6969B23ECC8366 ] iaStorV C:\windows\system32\drivers\iaStorV.sys
18:07:04.0648 3916 iaStorV - ok
18:07:04.0658 3916 [ 5988FC40F8DB5B0739CD1E3A5D0D78BD ] idsvc C:\windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
18:07:04.0677 3916 idsvc - ok
18:07:04.0789 3916 [ 3FB253E8059A1AAC3A8B83A31D094CC5 ] igfx C:\windows\system32\DRIVERS\igdkmd64.sys
18:07:04.0928 3916 igfx - ok
18:07:04.0935 3916 [ 5C18831C61933628F5BB0EA2675B9D21 ] iirsp C:\windows\system32\drivers\iirsp.sys
18:07:04.0943 3916 iirsp - ok
18:07:04.0952 3916 [ FCD84C381E0140AF901E58D48882D26B ] IKEEXT C:\windows\System32\ikeext.dll
18:07:04.0984 3916 IKEEXT - ok
18:07:04.0988 3916 [ CADDF0927DAC63EDAE48F5C35A61D87D ] intaud_WaveExtensible C:\windows\system32\drivers\intelaud.sys
18:07:04.0996 3916 intaud_WaveExtensible - ok
18:07:05.0035 3916 [ 21F54139C93FC595902B58ED947D47D5 ] IntcAzAudAddService C:\windows\system32\drivers\RTKVHD64.sys
18:07:05.0095 3916 IntcAzAudAddService - ok
18:07:05.0103 3916 [ 6C9FFFECA9FED31347D211C5D1FFBD2D ] IntcDAud C:\windows\system32\DRIVERS\IntcDAud.sys
18:07:05.0114 3916 IntcDAud - ok
18:07:05.0122 3916 [ 832CE330DD987227B7DEA8C03F22AEFA ] Intel® Capability Licensing Service Interface C:\Program Files\Intel\iCLS Client\HeciServer.exe
18:07:05.0833 3916 Intel® Capability Licensing Service Interface - ok
18:07:05.0839 3916 [ 896AA2F1D79662B17D5DBBE588E24E30 ] Intel® ME Service C:\Program Files (x86)\Intel\Intel® Management Engine Components\FWService\IntelMeFWService.exe
18:07:05.0847 3916 Intel® ME Service - ok
18:07:05.0850 3916 [ F00F20E70C6EC3AA366910083A0518AA ] intelide C:\windows\system32\drivers\intelide.sys
18:07:05.0858 3916 intelide - ok
18:07:05.0861 3916 [ ADA036632C664CAA754079041CF1F8C1 ] intelppm C:\windows\system32\DRIVERS\intelppm.sys
18:07:05.0870 3916 intelppm - ok
18:07:05.0874 3916 [ 098A91C54546A3B878DAD6A7E90A455B ] IPBusEnum C:\windows\system32\ipbusenum.dll
18:07:05.0902 3916 IPBusEnum - ok
18:07:05.0905 3916 [ C9F0E1BD74365A8771590E9008D22AB6 ] IpFilterDriver C:\windows\system32\DRIVERS\ipfltdrv.sys
18:07:05.0933 3916 IpFilterDriver - ok
18:07:05.0940 3916 [ A34A587FFFD45FA649FBA6D03784D257 ] iphlpsvc C:\windows\System32\iphlpsvc.dll
18:07:05.0972 3916 iphlpsvc - ok
18:07:05.0975 3916 [ 0FC1AEA580957AA8817B8F305D18CA3A ] IPMIDRV C:\windows\system32\drivers\IPMIDrv.sys
18:07:05.0985 3916 IPMIDRV - ok
18:07:05.0989 3916 [ AF9B39A7E7B6CAA203B3862582E9F2D0 ] IPNAT C:\windows\system32\drivers\ipnat.sys
18:07:06.0017 3916 IPNAT - ok
18:07:06.0020 3916 [ 3ABF5E7213EB28966D55D58B515D5CE9 ] IRENUM C:\windows\system32\drivers\irenum.sys
18:07:06.0032 3916 IRENUM - ok
18:07:06.0036 3916 [ 6DC22BDAA595BE00F19696E72F2F3312 ] irstrtdv C:\windows\system32\DRIVERS\irstrtdv.sys
18:07:06.0043 3916 irstrtdv - ok
18:07:06.0047 3916 [ 49869B871F6DB76021D0E9B5DF1CC2CB ] irstrtsv C:\windows\SysWOW64\irstrtsv.exe
18:07:06.0056 3916 irstrtsv - ok
18:07:06.0059 3916 [ 2F7B28DC3E1183E5EB418DF55C204F38 ] isapnp C:\windows\system32\drivers\isapnp.sys
18:07:06.0067 3916 isapnp - ok
18:07:06.0072 3916 [ D931D7309DEB2317035B07C9F9E6B0BD ] iScsiPrt C:\windows\system32\drivers\msiscsi.sys
18:07:06.0083 3916 iScsiPrt - ok
18:07:06.0087 3916 [ 846354992EBB373F452EB9182D501B08 ] iusb3hcs C:\windows\system32\DRIVERS\iusb3hcs.sys
18:07:06.0093 3916 iusb3hcs - ok
18:07:06.0099 3916 [ 1D88A23853387D34D52CC8F9DDBFC56C ] iusb3hub C:\windows\system32\DRIVERS\iusb3hub.sys
18:07:06.0109 3916 iusb3hub - ok
18:07:06.0118 3916 [ FC5EFD7C797DF19DFB999F0605A7924E ] iusb3xhc C:\windows\system32\DRIVERS\iusb3xhc.sys
18:07:06.0134 3916 iusb3xhc - ok
18:07:06.0137 3916 [ 716F66336F10885D935B08174DC54242 ] iwdbus C:\windows\system32\DRIVERS\iwdbus.sys
18:07:06.0145 3916 iwdbus - ok
18:07:06.0148 3916 [ 3C6630473DD42FFC57D9F5564F533127 ] jhi_service C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe
18:07:06.0157 3916 jhi_service - ok
18:07:06.0160 3916 [ BC02336F1CBA7DCC7D1213BB588A68A5 ] kbdclass C:\windows\system32\DRIVERS\kbdclass.sys
18:07:06.0169 3916 kbdclass - ok
18:07:06.0172 3916 [ 0705EFF5B42A9DB58548EEC3B26BB484 ] kbdhid C:\windows\system32\drivers\kbdhid.sys
18:07:06.0182 3916 kbdhid - ok
18:07:06.0185 3916 [ C118A82CD78818C29AB228366EBF81C3 ] KeyIso C:\windows\system32\lsass.exe
18:07:06.0194 3916 KeyIso - ok
18:07:06.0197 3916 [ 97A7070AEA4C058B6418519E869A63B4 ] KSecDD C:\windows\system32\Drivers\ksecdd.sys
18:07:06.0207 3916 KSecDD - ok
18:07:06.0211 3916 [ 26C43A7C2862447EC59DEDA188D1DA07 ] KSecPkg C:\windows\system32\Drivers\ksecpkg.sys
18:07:06.0221 3916 KSecPkg - ok
18:07:06.0224 3916 [ 6869281E78CB31A43E969F06B57347C4 ] ksthunk C:\windows\system32\drivers\ksthunk.sys
18:07:06.0251 3916 ksthunk - ok
18:07:06.0256 3916 [ 6AB66E16AA859232F64DEB66887A8C9C ] KtmRm C:\windows\system32\msdtckrm.dll
18:07:06.0287 3916 KtmRm - ok
18:07:06.0292 3916 [ D9F42719019740BAA6D1C6D536CBDAA6 ] LanmanServer C:\windows\system32\srvsvc.dll
18:07:06.0321 3916 LanmanServer - ok
18:07:06.0324 3916 [ 851A1382EED3E3A7476DB004F4EE3E1A ] LanmanWorkstation C:\windows\System32\wkssvc.dll
18:07:06.0352 3916 LanmanWorkstation - ok
18:07:06.0356 3916 [ 1538831CF8AD2979A04C423779465827 ] lltdio C:\windows\system32\DRIVERS\lltdio.sys
18:07:06.0382 3916 lltdio - ok
18:07:06.0387 3916 [ C1185803384AB3FEED115F79F109427F ] lltdsvc C:\windows\System32\lltdsvc.dll
18:07:06.0418 3916 lltdsvc - ok
18:07:06.0420 3916 [ F993A32249B66C9D622EA5592A8B76B8 ] lmhosts C:\windows\System32\lmhsvc.dll
18:07:06.0447 3916 lmhosts - ok
18:07:06.0451 3916 [ 2B23FAA39D8F949ED5EEE03ECA50BCD5 ] LMS C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
18:07:06.0463 3916 LMS - ok
18:07:06.0469 3916 [ 1A93E54EB0ECE102495A51266DCDB6A6 ] LSI_FC C:\windows\system32\drivers\lsi_fc.sys
18:07:06.0478 3916 LSI_FC - ok
18:07:06.0481 3916 [ 1047184A9FDC8BDBFF857175875EE810 ] LSI_SAS C:\windows\system32\drivers\lsi_sas.sys
18:07:06.0491 3916 LSI_SAS - ok
18:07:06.0494 3916 [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93 ] LSI_SAS2 C:\windows\system32\drivers\lsi_sas2.sys
18:07:06.0503 3916 LSI_SAS2 - ok
18:07:06.0507 3916 [ 0504EACAFF0D3C8AED161C4B0D369D4A ] LSI_SCSI C:\windows\system32\drivers\lsi_scsi.sys
18:07:06.0516 3916 LSI_SCSI - ok
18:07:06.0520 3916 [ 43D0F98E1D56CCDDB0D5254CFF7B356E ] luafv C:\windows\system32\drivers\luafv.sys
18:07:06.0547 3916 luafv - ok
18:07:06.0551 3916 [ 0BE09CD858ABF9DF6ED259D57A1A1663 ] Mcx2Svc C:\windows\system32\Mcx2Svc.dll
18:07:06.0561 3916 Mcx2Svc - ok
18:07:06.0564 3916 [ A55805F747C6EDB6A9080D7C633BD0F4 ] megasas C:\windows\system32\drivers\megasas.sys
18:07:06.0573 3916 megasas - ok
18:07:06.0578 3916 [ BAF74CE0072480C3B6B7C13B2A94D6B3 ] MegaSR C:\windows\system32\drivers\MegaSR.sys
18:07:06.0590 3916 MegaSR - ok
18:07:06.0593 3916 [ 6B01B7414A105B9E51652089A03027CF ] MEIx64 C:\windows\system32\DRIVERS\HECIx64.sys
18:07:06.0600 3916 MEIx64 - ok
18:07:06.0604 3916 [ 780D96F551833E0DCFE0A33B02B774E8 ] MemeoBackgroundService C:\Program Files (x86)\Memeo\AutoBackup\MemeoBackgroundService.exe
18:07:06.0610 3916 MemeoBackgroundService - ok
18:07:06.0613 3916 [ E40E80D0304A73E8D269F7141D77250B ] MMCSS C:\windows\system32\mmcss.dll
18:07:06.0642 3916 MMCSS - ok
18:07:06.0645 3916 [ 800BA92F7010378B09F9ED9270F07137 ] Modem C:\windows\system32\drivers\modem.sys
18:07:06.0673 3916 Modem - ok
18:07:06.0676 3916 [ B03D591DC7DA45ECE20B3B467E6AADAA ] monitor C:\windows\system32\DRIVERS\monitor.sys
18:07:06.0688 3916 monitor - ok
18:07:06.0691 3916 [ 7D27EA49F3C1F687D357E77A470AEA99 ] mouclass C:\windows\system32\DRIVERS\mouclass.sys
18:07:06.0698 3916 mouclass - ok
18:07:06.0702 3916 [ D3BF052C40B0C4166D9FD86A4288C1E6 ] mouhid C:\windows\system32\DRIVERS\mouhid.sys
18:07:06.0721 3916 mouhid - ok
18:07:06.0724 3916 [ 32E7A3D591D671A6DF2DB515A5CBE0FA ] mountmgr C:\windows\system32\drivers\mountmgr.sys
18:07:06.0732 3916 mountmgr - ok
18:07:06.0736 3916 [ 46297FA8E30A6007F14118FC2B942FBC ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
18:07:06.0745 3916 MozillaMaintenance - ok
18:07:06.0750 3916 [ 94C66EDEDCDB6A126880472F9A704D8E ] MpFilter C:\windows\system32\DRIVERS\MpFilter.sys
18:07:06.0760 3916 MpFilter - ok
18:07:06.0764 3916 [ A44B420D30BD56E145D6A2BC8768EC58 ] mpio C:\windows\system32\drivers\mpio.sys
18:07:06.0774 3916 mpio - ok
18:07:06.0777 3916 [ 6C38C9E45AE0EA2FA5E551F2ED5E978F ] mpsdrv C:\windows\system32\drivers\mpsdrv.sys
18:07:06.0803 3916 mpsdrv - ok
18:07:06.0812 3916 [ 54FFC9C8898113ACE189D4AA7199D2C1 ] MpsSvc C:\windows\system32\mpssvc.dll
18:07:06.0846 3916 MpsSvc - ok
18:07:06.0849 3916 [ DC722758B8261E1ABAFD31A3C0A66380 ] MRxDAV C:\windows\system32\drivers\mrxdav.sys
18:07:06.0864 3916 MRxDAV - ok
18:07:06.0868 3916 [ A5D9106A73DC88564C825D317CAC68AC ] mrxsmb C:\windows\system32\DRIVERS\mrxsmb.sys
18:07:06.0878 3916 mrxsmb - ok
18:07:06.0883 3916 [ D711B3C1D5F42C0C2415687BE09FC163 ] mrxsmb10 C:\windows\system32\DRIVERS\mrxsmb10.sys
18:07:06.0894 3916 mrxsmb10 - ok
18:07:06.0897 3916 [ 9423E9D355C8D303E76B8CFBD8A5C30C ] mrxsmb20 C:\windows\system32\DRIVERS\mrxsmb20.sys
18:07:06.0907 3916 mrxsmb20 - ok
18:07:06.0909 3916 [ C25F0BAFA182CBCA2DD3C851C2E75796 ] msahci C:\windows\system32\DRIVERS\msahci.sys
18:07:06.0919 3916 msahci - ok
18:07:06.0922 3916 [ DB801A638D011B9633829EB6F663C900 ] msdsm C:\windows\system32\drivers\msdsm.sys
18:07:06.0932 3916 msdsm - ok
18:07:06.0936 3916 [ DE0ECE52236CFA3ED2DBFC03F28253A8 ] MSDTC C:\windows\System32\msdtc.exe
18:07:06.0947 3916 MSDTC - ok
18:07:06.0953 3916 [ AA3FB40E17CE1388FA1BEDAB50EA8F96 ] Msfs C:\windows\system32\drivers\Msfs.sys
18:07:06.0979 3916 Msfs - ok
18:07:06.0982 3916 [ F9D215A46A8B9753F61767FA72A20326 ] mshidkmdf C:\windows\System32\drivers\mshidkmdf.sys
18:07:07.0010 3916 mshidkmdf - ok
18:07:07.0012 3916 [ D916874BBD4F8B07BFB7FA9B3CCAE29D ] msisadrv C:\windows\system32\drivers\msisadrv.sys
18:07:07.0021 3916 msisadrv - ok
18:07:07.0025 3916 [ 808E98FF49B155C522E6400953177B08 ] MSiSCSI C:\windows\system32\iscsiexe.dll
18:07:07.0054 3916 MSiSCSI - ok
18:07:07.0057 3916 msiserver - ok
18:07:07.0060 3916 [ 49CCF2C4FEA34FFAD8B1B59D49439366 ] MSKSSRV C:\windows\system32\drivers\MSKSSRV.sys
18:07:07.0088 3916 MSKSSRV - ok
18:07:07.0092 3916 [ 59FAAF2C83C8169EA20F9E335E418907 ] MsMpSvc c:\Program Files\Microsoft Security Client\MsMpEng.exe
18:07:07.0100 3916 MsMpSvc - ok
18:07:07.0103 3916 [ BDD71ACE35A232104DDD349EE70E1AB3 ] MSPCLOCK C:\windows\system32\drivers\MSPCLOCK.sys
18:07:07.0130 3916 MSPCLOCK - ok
18:07:07.0134 3916 [ 4ED981241DB27C3383D72092B618A1D0 ] MSPQM C:\windows\system32\drivers\MSPQM.sys
18:07:07.0160 3916 MSPQM - ok
18:07:07.0165 3916 [ 759A9EEB0FA9ED79DA1FB7D4EF78866D ] MsRPC C:\windows\system32\drivers\MsRPC.sys
18:07:07.0178 3916 MsRPC - ok
18:07:07.0183 3916 [ 0EED230E37515A0EAEE3C2E1BC97B288 ] mssmbios C:\windows\system32\DRIVERS\mssmbios.sys
18:07:07.0191 3916 mssmbios - ok
18:07:07.0194 3916 [ 2E66F9ECB30B4221A318C92AC2250779 ] MSTEE C:\windows\system32\drivers\MSTEE.sys
18:07:07.0221 3916 MSTEE - ok
18:07:07.0224 3916 [ 7EA404308934E675BFFDE8EDF0757BCD ] MTConfig C:\windows\system32\drivers\MTConfig.sys
18:07:07.0235 3916 MTConfig - ok
18:07:07.0239 3916 [ F9A18612FD3526FE473C1BDA678D61C8 ] Mup C:\windows\system32\Drivers\mup.sys
18:07:07.0247 3916 Mup - ok
18:07:07.0252 3916 [ 48C9BA25EDA90E3DB07ADAC8CD32F5F3 ] MyWiFiDHCPDNS C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe
18:07:07.0304 3916 MyWiFiDHCPDNS - ok
18:07:07.0311 3916 [ 582AC6D9873E31DFA28A4547270862DD ] napagent C:\windows\system32\qagentRT.dll
18:07:07.0341 3916 napagent - ok
18:07:07.0346 3916 [ 1EA3749C4114DB3E3161156FFFFA6B33 ] NativeWifiP C:\windows\system32\DRIVERS\nwifi.sys
18:07:07.0361 3916 NativeWifiP - ok
18:07:07.0371 3916 [ C38B8AE57F78915905064A9A24DC1586 ] NDIS C:\windows\system32\drivers\ndis.sys
18:07:07.0391 3916 NDIS - ok
18:07:07.0394 3916 [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC ] NdisCap C:\windows\system32\DRIVERS\ndiscap.sys
18:07:07.0423 3916 NdisCap - ok
18:07:07.0426 3916 [ 30639C932D9FEF22B31268FE25A1B6E5 ] NdisTapi C:\windows\system32\DRIVERS\ndistapi.sys
18:07:07.0452 3916 NdisTapi - ok
18:07:07.0456 3916 [ 136185F9FB2CC61E573E676AA5402356 ] Ndisuio C:\windows\system32\DRIVERS\ndisuio.sys
18:07:07.0482 3916 Ndisuio - ok
18:07:07.0486 3916 [ 53F7305169863F0A2BDDC49E116C2E11 ] NdisWan C:\windows\system32\DRIVERS\ndiswan.sys
18:07:07.0513 3916 NdisWan - ok
18:07:07.0516 3916 [ 015C0D8E0E0421B4CFD48CFFE2825879 ] NDProxy C:\windows\system32\drivers\NDProxy.sys
18:07:07.0543 3916 NDProxy - ok
18:07:07.0546 3916 [ 86743D9F5D2B1048062B14B1D84501C4 ] NetBIOS C:\windows\system32\DRIVERS\netbios.sys
18:07:07.0572 3916 NetBIOS - ok
18:07:07.0576 3916 [ 09594D1089C523423B32A4229263F068 ] NetBT C:\windows\system32\DRIVERS\netbt.sys
18:07:07.0603 3916 NetBT - ok
18:07:07.0606 3916 [ C118A82CD78818C29AB228366EBF81C3 ] Netlogon C:\windows\system32\lsass.exe
18:07:07.0614 3916 Netlogon - ok
18:07:07.0620 3916 [ 847D3AE376C0817161A14A82C8922A9E ] Netman C:\windows\System32\netman.dll
18:07:07.0650 3916 Netman - ok
18:07:07.0654 3916 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetMsmqActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
18:07:07.0664 3916 NetMsmqActivator - ok
18:07:07.0667 3916 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetPipeActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
18:07:07.0675 3916 NetPipeActivator - ok
18:07:07.0682 3916 [ 5F28111C648F1E24F7DBC87CDEB091B8 ] netprofm C:\windows\System32\netprofm.dll
18:07:07.0714 3916 netprofm - ok
18:07:07.0717 3916 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetTcpActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
18:07:07.0725 3916 NetTcpActivator - ok
18:07:07.0728 3916 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
18:07:07.0736 3916 NetTcpPortSharing - ok
18:07:07.0824 3916 [ 079F133C8BF1CF5DE310DEB467CA6AA6 ] NETwNs64 C:\windows\system32\DRIVERS\Netwsw00.sys
18:07:07.0928 3916 NETwNs64 - ok
18:07:07.0934 3916 [ 77889813BE4D166CDAB78DDBA990DA92 ] nfrd960 C:\windows\system32\drivers\nfrd960.sys
18:07:07.0943 3916 nfrd960 - ok
18:07:07.0947 3916 [ 91B4E0273D2F6C24EF845F2B41311289 ] NisDrv C:\windows\system32\DRIVERS\NisDrvWFP.sys
18:07:07.0955 3916 NisDrv - ok
18:07:07.0960 3916 [ 10A43829A9E606AF3EEF25A1C1665923 ] NisSrv c:\Program Files\Microsoft Security Client\NisSrv.exe
18:07:07.0972 3916 NisSrv - ok
18:07:07.0977 3916 [ 1EE99A89CC788ADA662441D1E9830529 ] NlaSvc C:\windows\System32\nlasvc.dll
18:07:08.0005 3916 NlaSvc - ok
18:07:08.0008 3916 Norton PC Checkup Application Launcher - ok
18:07:08.0012 3916 [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7 ] Npfs C:\windows\system32\drivers\Npfs.sys
18:07:08.0039 3916 Npfs - ok
18:07:08.0042 3916 [ D54BFDF3E0C953F823B3D0BFE4732528 ] nsi C:\windows\system32\nsisvc.dll
18:07:08.0069 3916 nsi - ok
18:07:08.0073 3916 [ E7F5AE18AF4168178A642A9247C63001 ] nsiproxy C:\windows\system32\drivers\nsiproxy.sys
18:07:08.0099 3916 nsiproxy - ok
18:07:08.0116 3916 [ A2F74975097F52A00745F9637451FDD8 ] Ntfs C:\windows\system32\drivers\Ntfs.sys
18:07:08.0146 3916 Ntfs - ok
18:07:08.0149 3916 [ 9899284589F75FA8724FF3D16AED75C1 ] Null C:\windows\system32\drivers\Null.sys
18:07:08.0175 3916 Null - ok
18:07:08.0179 3916 [ 0A92CB65770442ED0DC44834632F66AD ] nvraid C:\windows\system32\drivers\nvraid.sys
18:07:08.0189 3916 nvraid - ok
18:07:08.0193 3916 [ DAB0E87525C10052BF65F06152F37E4A ] nvstor C:\windows\system32\drivers\nvstor.sys
18:07:08.0203 3916 nvstor - ok
18:07:08.0206 3916 [ 270D7CD42D6E3979F6DD0146650F0E05 ] nv_agp C:\windows\system32\drivers\nv_agp.sys
18:07:08.0215 3916 nv_agp - ok
18:07:08.0218 3916 [ 3589478E4B22CE21B41FA1BFC0B8B8A0 ] ohci1394 C:\windows\system32\drivers\ohci1394.sys
18:07:08.0228 3916 ohci1394 - ok
18:07:08.0232 3916 [ 9D10F99A6712E28F8ACD5641E3A7EA6B ] ose C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
18:07:08.0241 3916 ose - ok
18:07:08.0280 3916 [ 61BFFB5F57AD12F83AB64B7181829B34 ] osppsvc C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
18:07:08.0353 3916 osppsvc - ok
18:07:08.0361 3916 [ 3EAC4455472CC2C97107B5291E0DCAFE ] p2pimsvc C:\windows\system32\pnrpsvc.dll
18:07:08.0374 3916 p2pimsvc - ok
18:07:08.0381 3916 [ 927463ECB02179F88E4B9A17568C63C3 ] p2psvc C:\windows\system32\p2psvc.dll
18:07:08.0394 3916 p2psvc - ok
18:07:08.0398 3916 [ 0086431C29C35BE1DBC43F52CC273887 ] Parport C:\windows\system32\drivers\parport.sys
18:07:08.0408 3916 Parport - ok
18:07:08.0411 3916 [ E9766131EEADE40A27DC27D2D68FBA9C ] partmgr C:\windows\system32\drivers\partmgr.sys
18:07:08.0421 3916 partmgr - ok
18:07:08.0425 3916 [ 3AEAA8B561E63452C655DC0584922257 ] PcaSvc C:\windows\System32\pcasvc.dll
18:07:08.0440 3916 PcaSvc - ok
18:07:08.0443 3916 [ 2F86BE1818C2D7AC90478E3323EE7FCB ] PCCUJobMgr C:\Program Files (x86)\Norton PC Checkup\Engine\2.0.17.38\ccSvcHst.exe
18:07:08.0452 3916 PCCUJobMgr - ok
18:07:08.0656 3916 [ 94575C0571D1462A0F70BDE6BD6EE6B3 ] pci C:\windows\system32\drivers\pci.sys
18:07:08.0668 3916 pci - ok
18:07:08.0673 3916 [ B5B8B5EF2E5CB34DF8DCF8831E3534FA ] pciide C:\windows\system32\DRIVERS\pciide.sys
18:07:08.0686 3916 pciide - ok
18:07:08.0693 3916 [ B2E81D4E87CE48589F98CB8C05B01F2F ] pcmcia C:\windows\system32\drivers\pcmcia.sys
18:07:08.0710 3916 pcmcia - ok
18:07:08.0716 3916 [ D6B9C2E1A11A3A4B26A182FFEF18F603 ] pcw C:\windows\system32\drivers\pcw.sys
18:07:08.0731 3916 pcw - ok
18:07:08.0740 3916 [ 68769C3356B3BE5D1C732C97B9A80D6E ] PEAUTH C:\windows\system32\drivers\peauth.sys
18:07:08.0787 3916 PEAUTH - ok
18:07:08.0793 3916 [ E495E408C93141E8FC72DC0C6046DDFA ] PerfHost C:\windows\SysWow64\perfhost.exe
18:07:08.0818 3916 PerfHost - ok
18:07:08.0829 3916 [ 91111CEBBDE8015E822C46120ED9537C ] PGEffect C:\windows\system32\DRIVERS\pgeffect.sys
18:07:08.0840 3916 PGEffect - ok
18:07:08.0860 3916 [ C7CF6A6E137463219E1259E3F0F0DD6C ] pla C:\windows\system32\pla.dll
18:07:08.0920 3916 pla - ok
18:07:08.0928 3916 [ 25FBDEF06C4D92815B353F6E792C8129 ] PlugPlay C:\windows\system32\umpnpmgr.dll
18:07:08.0943 3916 PlugPlay - ok
18:07:08.0947 3916 [ 7195581CEC9BB7D12ABE54036ACC2E38 ] PNRPAutoReg C:\windows\system32\pnrpauto.dll
18:07:08.0959 3916 PNRPAutoReg - ok
18:07:08.0965 3916 [ 3EAC4455472CC2C97107B5291E0DCAFE ] PNRPsvc C:\windows\system32\pnrpsvc.dll
18:07:08.0977 3916 PNRPsvc - ok
18:07:08.0984 3916 [ 4F15D75ADF6156BF56ECED6D4A55C389 ] PolicyAgent C:\windows\System32\ipsecsvc.dll
18:07:09.0015 3916 PolicyAgent - ok
18:07:09.0021 3916 [ A2CCA4FB273E6050F17A0A416CFF2FCD ] Power C:\windows\system32\umpo.dll
18:07:09.0035 3916 Power - ok
18:07:09.0038 3916 [ F92A2C41117A11A00BE01CA01A7FCDE9 ] PptpMiniport C:\windows\system32\DRIVERS\raspptp.sys
18:07:09.0069 3916 PptpMiniport - ok
18:07:09.0073 3916 [ 0D922E23C041EFB1C3FAC2A6F943C9BF ] Processor C:\windows\system32\drivers\processr.sys
18:07:09.0083 3916 Processor - ok
18:07:09.0087 3916 [ 53E83F1F6CF9D62F32801CF66D8352A8 ] ProfSvc C:\windows\system32\profsvc.dll
18:07:09.0099 3916 ProfSvc - ok
18:07:09.0102 3916 [ C118A82CD78818C29AB228366EBF81C3 ] ProtectedStorage C:\windows\system32\lsass.exe
18:07:09.0112 3916 ProtectedStorage - ok
18:07:09.0116 3916 [ 0557CF5A2556BD58E26384169D72438D ] Psched C:\windows\system32\DRIVERS\pacer.sys
18:07:09.0147 3916 Psched - ok
18:07:09.0161 3916 [ A53A15A11EBFD21077463EE2C7AFEEF0 ] ql2300 C:\windows\system32\drivers\ql2300.sys
18:07:09.0190 3916 ql2300 - ok
18:07:09.0195 3916 [ 4F6D12B51DE1AAEFF7DC58C4D75423C8 ] ql40xx C:\windows\system32\drivers\ql40xx.sys
18:07:09.0204 3916 ql40xx - ok
18:07:09.0209 3916 [ 906191634E99AEA92C4816150BDA3732 ] QWAVE C:\windows\system32\qwave.dll
18:07:09.0227 3916 QWAVE - ok
18:07:09.0231 3916 [ 76707BB36430888D9CE9D705398ADB6C ] QWAVEdrv C:\windows\system32\drivers\qwavedrv.sys
18:07:09.0245 3916 QWAVEdrv - ok
18:07:09.0248 3916 [ 5A0DA8AD5762FA2D91678A8A01311704 ] RasAcd C:\windows\system32\DRIVERS\rasacd.sys
18:07:09.0279 3916 RasAcd - ok
18:07:09.0283 3916 [ 7ECFF9B22276B73F43A99A15A6094E90 ] RasAgileVpn C:\windows\system32\DRIVERS\AgileVpn.sys
18:07:09.0311 3916 RasAgileVpn - ok
18:07:09.0315 3916 [ 8F26510C5383B8DBE976DE1CD00FC8C7 ] RasAuto C:\windows\System32\rasauto.dll
18:07:09.0344 3916 RasAuto - ok
18:07:09.0348 3916 [ 471815800AE33E6F1C32FB1B97C490CA ] Rasl2tp C:\windows\system32\DRIVERS\rasl2tp.sys
18:07:09.0377 3916 Rasl2tp - ok
18:07:09.0383 3916 [ EE867A0870FC9E4972BA9EAAD35651E2 ] RasMan C:\windows\System32\rasmans.dll
18:07:09.0415 3916 RasMan - ok
18:07:09.0421 3916 [ 855C9B1CD4756C5E9A2AA58A15F58C25 ] RasPppoe C:\windows\system32\DRIVERS\raspppoe.sys
18:07:09.0457 3916 RasPppoe - ok
18:07:09.0460 3916 [ E8B1E447B008D07FF47D016C2B0EEECB ] RasSstp C:\windows\system32\DRIVERS\rassstp.sys
18:07:09.0488 3916 RasSstp - ok
18:07:09.0494 3916 [ 77F665941019A1594D887A74F301FA2F ] rdbss C:\windows\system32\DRIVERS\rdbss.sys
18:07:09.0532 3916 rdbss - ok
18:07:09.0535 3916 [ 302DA2A0539F2CF54D7C6CC30C1F2D8D ] rdpbus C:\windows\system32\drivers\rdpbus.sys
18:07:09.0547 3916 rdpbus - ok
18:07:09.0550 3916 [ CEA6CC257FC9B7715F1C2B4849286D24 ] RDPCDD C:\windows\system32\DRIVERS\RDPCDD.sys
18:07:09.0580 3916 RDPCDD - ok
18:07:09.0585 3916 [ BB5971A4F00659529A5C44831AF22365 ] RDPENCDD C:\windows\system32\drivers\rdpencdd.sys
18:07:09.0615 3916 RDPENCDD - ok
18:07:09.0620 3916 [ 216F3FA57533D98E1F74DED70113177A ] RDPREFMP C:\windows\system32\drivers\rdprefmp.sys
18:07:09.0652 3916 RDPREFMP - ok
18:07:09.0657 3916 [ E61608AA35E98999AF9AAEEEA6114B0A ] RDPWD C:\windows\system32\drivers\RDPWD.sys
18:07:09.0674 3916 RDPWD - ok
18:07:09.0679 3916 [ 34ED295FA0121C241BFEF24764FC4520 ] rdyboost C:\windows\system32\drivers\rdyboost.sys
18:07:09.0693 3916 rdyboost - ok
18:07:09.0697 3916 [ 0C2B4C3B10D183BE116A38353E937F62 ] RegSrvc C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
18:07:09.0707 3916 RegSrvc - ok
18:07:09.0711 3916 [ 254FB7A22D74E5511C73A3F6D802F192 ] RemoteAccess C:\windows\System32\mprdim.dll
18:07:09.0743 3916 RemoteAccess - ok
18:07:09.0748 3916 [ E4D94F24081440B5FC5AA556C7C62702 ] RemoteRegistry C:\windows\system32\regsvc.dll
18:07:09.0778 3916 RemoteRegistry - ok
18:07:09.0783 3916 [ 5A227511ED22DDFEDF7EF7323C8F7D2F ] risdxc C:\windows\system32\DRIVERS\risdxc64.sys
18:07:09.0792 3916 risdxc - ok
18:07:09.0798 3916 [ E4DC58CF7B3EA515AE917FF0D402A7BB ] RpcEptMapper C:\windows\System32\RpcEpMap.dll
18:07:09.0827 3916 RpcEptMapper - ok
18:07:09.0831 3916 [ D5BA242D4CF8E384DB90E6A8ED850B8C ] RpcLocator C:\windows\system32\locator.exe
18:07:09.0840 3916 RpcLocator - ok
18:07:09.0847 3916 [ 5C627D1B1138676C0A7AB2C2C190D123 ] RpcSs C:\windows\system32\rpcss.dll
18:07:09.0877 3916 RpcSs - ok
18:07:09.0881 3916 [ DDC86E4F8E7456261E637E3552E804FF ] rspndr C:\windows\system32\DRIVERS\rspndr.sys
18:07:09.0916 3916 rspndr - ok
18:07:09.0920 3916 [ C118A82CD78818C29AB228366EBF81C3 ] SamSs C:\windows\system32\lsass.exe
18:07:09.0930 3916 SamSs - ok
18:07:09.0934 3916 [ AC03AF3329579FFFB455AA2DAABBE22B ] sbp2port C:\windows\system32\drivers\sbp2port.sys
18:07:09.0945 3916 sbp2port - ok
18:07:09.0950 3916 [ 9B7395789E3791A3B6D000FE6F8B131E ] SCardSvr C:\windows\System32\SCardSvr.dll
18:07:09.0985 3916 SCardSvr - ok
18:07:09.0988 3916 [ 253F38D0D7074C02FF8DEB9836C97D2B ] scfilter C:\windows\system32\DRIVERS\scfilter.sys
18:07:10.0019 3916 scfilter - ok
18:07:10.0030 3916 [ 262F6592C3299C005FD6BEC90FC4463A ] Schedule C:\windows\system32\schedsvc.dll
18:07:10.0068 3916 Schedule - ok
18:07:10.0072 3916 [ F17D1D393BBC69C5322FBFAFACA28C7F ] SCPolicySvc C:\windows\System32\certprop.dll
18:07:10.0112 3916 SCPolicySvc - ok
18:07:10.0116 3916 [ 6EA4234DC55346E0709560FE7C2C1972 ] SDRSVC C:\windows\System32\SDRSVC.dll
18:07:10.0152 3916 SDRSVC - ok
18:07:10.0159 3916 [ 16B44D246835EAC156F8DAF0AA4F530C ] SeagateDashboardService C:\Program Files (x86)\Seagate\Seagate Dashboard\SeagateDashboardService.exe
18:07:10.0167 3916 SeagateDashboardService - ok
18:07:10.0173 3916 [ 3EA8A16169C26AFBEB544E0E48421186 ] secdrv C:\windows\system32\drivers\secdrv.sys
18:07:10.0201 3916 secdrv - ok
18:07:10.0207 3916 [ BC617A4E1B4FA8DF523A061739A0BD87 ] seclogon C:\windows\system32\seclogon.dll
18:07:10.0242 3916 seclogon - ok
18:07:10.0249 3916 [ C32AB8FA018EF34C0F113BD501436D21 ] SENS C:\windows\System32\sens.dll
18:07:10.0277 3916 SENS - ok
18:07:10.0281 3916 [ 0336CFFAFAAB87A11541F1CF1594B2B2 ] SensrSvc C:\windows\system32\sensrsvc.dll
18:07:10.0291 3916 SensrSvc - ok
18:07:10.0294 3916 [ CB624C0035412AF0DEBEC78C41F5CA1B ] Serenum C:\windows\system32\drivers\serenum.sys
18:07:10.0305 3916 Serenum - ok
18:07:10.0309 3916 [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6 ] Serial C:\windows\system32\drivers\serial.sys
18:07:10.0319 3916 Serial - ok
18:07:10.0323 3916 [ 1C545A7D0691CC4A027396535691C3E3 ] sermouse C:\windows\system32\drivers\sermouse.sys
18:07:10.0335 3916 sermouse - ok
18:07:10.0343 3916 [ 0B6231BF38174A1628C4AC812CC75804 ] SessionEnv C:\windows\system32\sessenv.dll
18:07:10.0372 3916 SessionEnv - ok
18:07:10.0375 3916 [ A554811BCD09279536440C964AE35BBF ] sffdisk C:\windows\system32\drivers\sffdisk.sys
18:07:10.0388 3916 sffdisk - ok
18:07:10.0391 3916 [ FF414F0BAEFEBA59BC6C04B3DB0B87BF ] sffp_mmc C:\windows\system32\drivers\sffp_mmc.sys
18:07:10.0402 3916 sffp_mmc - ok
18:07:10.0405 3916 [ DD85B78243A19B59F0637DCF284DA63C ] sffp_sd C:\windows\system32\drivers\sffp_sd.sys
18:07:10.0420 3916 sffp_sd - ok
18:07:10.0424 3916 [ A9D601643A1647211A1EE2EC4E433FF4 ] sfloppy C:\windows\system32\drivers\sfloppy.sys
18:07:10.0434 3916 sfloppy - ok
18:07:10.0440 3916 [ B95F6501A2F8B2E78C697FEC401970CE ] SharedAccess C:\windows\System32\ipnathlp.dll
18:07:10.0477 3916 SharedAccess - ok
18:07:10.0482 3916 [ AAF932B4011D14052955D4B212A4DA8D ] ShellHWDetection C:\windows\System32\shsvcs.dll
18:07:10.0512 3916 ShellHWDetection - ok
18:07:10.0515 3916 [ 843CAF1E5FDE1FFD5FF768F23A51E2E1 ] SiSRaid2 C:\windows\system32\drivers\SiSRaid2.sys
18:07:10.0523 3916 SiSRaid2 - ok
18:07:10.0526 3916 [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4 ] SiSRaid4 C:\windows\system32\drivers\sisraid4.sys
18:07:10.0535 3916 SiSRaid4 - ok
18:07:10.0538 3916 [ 548260A7B8654E024DC30BF8A7C5BAA4 ] Smb C:\windows\system32\DRIVERS\smb.sys
18:07:10.0566 3916 Smb - ok
18:07:10.0572 3916 [ 6313F223E817CC09AA41811DAA7F541D ] SNMPTRAP C:\windows\System32\snmptrap.exe
18:07:10.0582 3916 SNMPTRAP - ok
18:07:10.0585 3916 [ B9E31E5CACDFE584F34F730A677803F9 ] spldr C:\windows\system32\drivers\spldr.sys
18:07:10.0593 3916 spldr - ok
18:07:10.0601 3916 [ 85DAA09A98C9286D4EA2BA8D0E644377 ] Spooler C:\windows\System32\spoolsv.exe
18:07:10.0631 3916 Spooler - ok
18:07:10.0661 3916 [ E17E0188BB90FAE42D83E98707EFA59C ] sppsvc C:\windows\system32\sppsvc.exe
18:07:10.0724 3916 sppsvc - ok
18:07:10.0728 3916 [ 93D7D61317F3D4BC4F4E9F8A96A7DE45 ] sppuinotify C:\windows\system32\sppuinotify.dll
18:07:10.0757 3916 sppuinotify - ok
18:07:10.0763 3916 [ 441FBA48BFF01FDB9D5969EBC1838F0B ] srv C:\windows\system32\DRIVERS\srv.sys
18:07:10.0776 3916 srv - ok
18:07:10.0783 3916 [ B4ADEBBF5E3677CCE9651E0F01F7CC28 ] srv2 C:\windows\system32\DRIVERS\srv2.sys
18:07:10.0795 3916 srv2 - ok
18:07:10.0799 3916 [ 27E461F0BE5BFF5FC737328F749538C3 ] srvnet C:\windows\system32\DRIVERS\srvnet.sys
18:07:10.0809 3916 srvnet - ok
18:07:10.0814 3916 [ 51B52FBD583CDE8AA9BA62B8B4298F33 ] SSDPSRV C:\windows\System32\ssdpsrv.dll
18:07:10.0843 3916 SSDPSRV - ok
18:07:10.0846 3916 [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB ] SstpSvc C:\windows\system32\sstpsvc.dll
18:07:10.0874 3916 SstpSvc - ok
18:07:10.0876 3916 [ F3817967ED533D08327DC73BC4D5542A ] stexstor C:\windows\system32\drivers\stexstor.sys
18:07:10.0885 3916 stexstor - ok
18:07:10.0892 3916 [ 8DD52E8E6128F4B2DA92CE27402871C1 ] stisvc C:\windows\System32\wiaservc.dll
18:07:10.0912 3916 stisvc - ok
18:07:10.0915 3916 [ D01EC09B6711A5F8E7E6564A4D0FBC90 ] swenum C:\windows\system32\DRIVERS\swenum.sys
18:07:10.0923 3916 swenum - ok
18:07:10.0930 3916 [ E08E46FDD841B7184194011CA1955A0B ] swprv C:\windows\System32\swprv.dll
18:07:10.0963 3916 swprv - ok
18:07:10.0969 3916 [ 772493A8945495F1A287BF6C4CA25B48 ] SynTP C:\windows\system32\DRIVERS\SynTP.sys
18:07:10.0980 3916 SynTP - ok
18:07:10.0996 3916 [ BF9CCC0BF39B418C8D0AE8B05CF95B7D ] SysMain C:\windows\system32\sysmain.dll
18:07:11.0024 3916 SysMain - ok
18:07:11.0027 3916 [ E3C61FD7B7C2557E1F1B0B4CEC713585 ] TabletInputService C:\windows\System32\TabSvc.dll
18:07:11.0043 3916 TabletInputService - ok
18:07:11.0064 3916 [ C31E897894B1759BC2D0D9D3F88C70E6 ] taisregispinger C:\Program Files (x86)\Toshiba\ToshibaRegistration\TaisRegistPinger.exe
18:07:11.0143 3916 taisregispinger ( UnsignedFile.Multi.Generic ) - warning
18:07:11.0143 3916 taisregispinger - detected UnsignedFile.Multi.Generic (1)
18:07:11.0149 3916 [ 40F0849F65D13EE87B9A9AE3C1DD6823 ] TapiSrv C:\windows\System32\tapisrv.dll
18:07:11.0180 3916 TapiSrv - ok
18:07:11.0183 3916 [ 1BE03AC720F4D302EA01D40F588162F6 ] TBS C:\windows\System32\tbssvc.dll
18:07:11.0210 3916 TBS - ok
18:07:11.0227 3916 [ ACB82BDA8F46C84F465C1AFA517DC4B9 ] Tcpip C:\windows\system32\drivers\tcpip.sys
18:07:11.0261 3916 Tcpip - ok
18:07:11.0278 3916 [ ACB82BDA8F46C84F465C1AFA517DC4B9 ] TCPIP6 C:\windows\system32\DRIVERS\tcpip.sys
18:07:11.0307 3916 TCPIP6 - ok
18:07:11.0312 3916 [ DF687E3D8836BFB04FCC0615BF15A519 ] tcpipreg C:\windows\system32\drivers\tcpipreg.sys
18:07:11.0339 3916 tcpipreg - ok
18:07:11.0344 3916 [ FD542B661BD22FA69CA789AD0AC58C29 ] tdcmdpst C:\windows\system32\DRIVERS\tdcmdpst.sys
18:07:11.0352 3916 tdcmdpst - ok
18:07:11.0355 3916 [ 3371D21011695B16333A3934340C4E7C ] TDPIPE C:\windows\system32\drivers\tdpipe.sys
18:07:11.0364 3916 TDPIPE - ok
18:07:11.0367 3916 [ 51C5ECEB1CDEE2468A1748BE550CFBC8 ] TDTCP C:\windows\system32\drivers\tdtcp.sys
18:07:11.0375 3916 TDTCP - ok
18:07:11.0379 3916 [ DDAD5A7AB24D8B65F8D724F5C20FD806 ] tdx C:\windows\system32\DRIVERS\tdx.sys
18:07:11.0405 3916 tdx - ok
18:07:11.0409 3916 [ 561E7E1F06895D78DE991E01DD0FB6E5 ] TermDD C:\windows\system32\DRIVERS\termdd.sys
18:07:11.0419 3916 TermDD - ok
18:07:11.0427 3916 [ 2E648163254233755035B46DD7B89123 ] TermService C:\windows\System32\termsrv.dll
18:07:11.0461 3916 TermService - ok
18:07:11.0464 3916 [ F0344071948D1A1FA732231785A0664C ] Themes C:\windows\system32\themeservice.dll
18:07:11.0478 3916 Themes - ok
18:07:11.0481 3916 [ E40E80D0304A73E8D269F7141D77250B ] THREADORDER C:\windows\system32\mmcss.dll
18:07:11.0509 3916 THREADORDER - ok
18:07:11.0513 3916 [ 521C21E7F6EAB98679F90CA4E135FB95 ] TMachInfo C:\Program Files (x86)\TOSHIBA\TOSHIBA Service Station\TMachInfo.exe
18:07:11.0520 3916 TMachInfo - ok
18:07:11.0524 3916 [ ED32035BDFECED1AD66D459FD9CC1140 ] TODDSrv C:\windows\system32\TODDSrv.exe
18:07:11.0532 3916 TODDSrv - ok
18:07:11.0540 3916 [ DDFB839074FA7980726D24495AEB25E3 ] TosCoSrv C:\Program Files\TOSHIBA\Power Saver\TosCoSrv.exe
18:07:11.0553 3916 TosCoSrv - ok
18:07:11.0558 3916 [ A22DEB5EC05FEBFDCA1D3FF70FA1FF46 ] TOSHIBA Bluetooth Service C:\Program Files (x86)\Toshiba\Bluetooth Toshiba Stack\TosBtSrv.exe
18:07:11.0567 3916 TOSHIBA Bluetooth Service - ok
18:07:11.0573 3916 [ 18CC3B3DB8840C6776A69E758A2B8A77 ] TOSHIBA eco Utility Service C:\Program Files\TOSHIBA\TECO\TecoService.exe
18:07:11.0583 3916 TOSHIBA eco Utility Service - ok
18:07:11.0587 3916 [ 7C33EF3DD1A861010AE0E614A06439D1 ] TOSHIBA HDD SSD Alert Service C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSmartSrv.exe
18:07:11.0629 3916 TOSHIBA HDD SSD Alert Service - ok
18:07:11.0632 3916 Tosrfcom - ok
18:07:11.0635 3916 [ A4DDAD3BF13F370EC392BE243E334EBA ] tosrfec C:\windows\system32\DRIVERS\tosrfec.sys
18:07:11.0642 3916 tosrfec - ok
18:07:11.0650 3916 [ 09FF7B0B1B5C3D225495CB6F5A9B39F8 ] tos_sps64 C:\windows\system32\DRIVERS\tos_sps64.sys
18:07:11.0663 3916 tos_sps64 - ok
18:07:11.0672 3916 [ ED53F965168AFB40DB9068092349AD64 ] TPCHSrv C:\Program Files\TOSHIBA\TPHM\TPCHSrv.exe
18:07:11.0690 3916 TPCHSrv - ok
18:07:11.0985 3916 [ 7E7AFD841694F6AC397E99D75CEAD49D ] TrkWks C:\windows\System32\trkwks.dll
18:07:12.0014 3916 TrkWks - ok
18:07:12.0018 3916 [ 773212B2AAA24C1E31F10246B15B276C ] TrustedInstaller C:\windows\servicing\TrustedInstaller.exe
18:07:12.0045 3916 TrustedInstaller - ok
18:07:12.0050 3916 [ CE18B2CDFC837C99E5FAE9CA6CBA5D30 ] tssecsrv C:\windows\system32\DRIVERS\tssecsrv.sys
18:07:12.0076 3916 tssecsrv - ok
18:07:12.0080 3916 [ D11C783E3EF9A3C52C0EBE83CC5000E9 ] TsUsbFlt C:\windows\system32\drivers\tsusbflt.sys
18:07:12.0089 3916 TsUsbFlt - ok
18:07:12.0092 3916 [ 9CC2CCAE8A84820EAECB886D477CBCB8 ] TsUsbGD C:\windows\system32\drivers\TsUsbGD.sys
18:07:12.0101 3916 TsUsbGD - ok
18:07:12.0104 3916 [ 3566A8DAAFA27AF944F5D705EAA64894 ] tunnel C:\windows\system32\DRIVERS\tunnel.sys
18:07:12.0130 3916 tunnel - ok
18:07:12.0134 3916 [ EFFCE6E033EBDD0F3C0F14A413558F65 ] TVALZ C:\windows\system32\DRIVERS\TVALZ.SYS
18:07:12.0140 3916 TVALZ - ok
18:07:12.0143 3916 [ 9C7191F4B2E49BFF47A6C1144B5923FA ] TVALZFL C:\windows\system32\DRIVERS\TVALZFL.sys
18:07:12.0149 3916 TVALZFL - ok
18:07:12.0152 3916 [ B4DD609BD7E282BFC683CEC7EAAAAD67 ] uagp35 C:\windows\system32\drivers\uagp35.sys
18:07:12.0161 3916 uagp35 - ok
18:07:12.0167 3916 [ FF4232A1A64012BAA1FD97C7B67DF593 ] udfs C:\windows\system32\DRIVERS\udfs.sys
18:07:12.0196 3916 udfs - ok
18:07:12.0202 3916 [ 3CBDEC8D06B9968ABA702EBA076364A1 ] UI0Detect C:\windows\system32\UI0Detect.exe
18:07:12.0213 3916 UI0Detect - ok
18:07:12.0216 3916 [ 4BFE1BC28391222894CBF1E7D0E42320 ] uliagpkx C:\windows\system32\drivers\uliagpkx.sys
18:07:12.0225 3916 uliagpkx - ok
18:07:12.0228 3916 [ DC54A574663A895C8763AF0FA1FF7561 ] umbus C:\windows\system32\DRIVERS\umbus.sys
18:07:12.0244 3916 umbus - ok
18:07:12.0247 3916 [ B2E8E8CB557B156DA5493BBDDCC1474D ] UmPass C:\windows\system32\drivers\umpass.sys
18:07:12.0257 3916 UmPass - ok
18:07:12.0265 3916 [ 3C5405EF78576E8E4D791EB18F6856A8 ] UNS C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe
18:07:12.0277 3916 UNS - ok
18:07:12.0283 3916 [ D47EC6A8E81633DD18D2436B19BAF6DE ] upnphost C:\windows\System32\upnphost.dll
18:07:12.0314 3916 upnphost - ok
18:07:12.0317 3916 [ 6F1A3157A1C89435352CEB543CDB359C ] usbccgp C:\windows\system32\DRIVERS\usbccgp.sys
18:07:12.0327 3916 usbccgp - ok
18:07:12.0330 3916 [ AF0892A803FDDA7492F595368E3B68E7 ] usbcir C:\windows\system32\drivers\usbcir.sys
18:07:12.0342 3916 usbcir - ok
18:07:12.0345 3916 [ C025055FE7B87701EB042095DF1A2D7B ] usbehci C:\windows\system32\DRIVERS\usbehci.sys
18:07:12.0355 3916 usbehci - ok
18:07:12.0360 3916 [ 287C6C9410B111B68B52CA298F7B8C24 ] usbhub C:\windows\system32\DRIVERS\usbhub.sys
18:07:12.0372 3916 usbhub - ok
18:07:12.0375 3916 [ 9840FC418B4CBD632D3D0A667A725C31 ] usbohci C:\windows\system32\drivers\usbohci.sys
18:07:12.0384 3916 usbohci - ok
18:07:12.0387 3916 [ 73188F58FB384E75C4063D29413CEE3D ] usbprint C:\windows\system32\drivers\usbprint.sys
18:07:12.0399 3916 usbprint - ok
18:07:12.0402 3916 [ FED648B01349A3C8395A5169DB5FB7D6 ] USBSTOR C:\windows\system32\DRIVERS\USBSTOR.SYS
18:07:12.0422 3916 USBSTOR - ok
18:07:12.0425 3916 [ 62069A34518BCF9C1FD9E74B3F6DB7CD ] usbuhci C:\windows\system32\drivers\usbuhci.sys
18:07:12.0434 3916 usbuhci - ok
18:07:12.0438 3916 [ 454800C2BC7F3927CE030141EE4F4C50 ] usbvideo C:\windows\system32\Drivers\usbvideo.sys
18:07:12.0450 3916 usbvideo - ok
18:07:12.0453 3916 [ EDBB23CBCF2CDF727D64FF9B51A6070E ] UxSms C:\windows\System32\uxsms.dll
18:07:12.0482 3916 UxSms - ok
18:07:12.0485 3916 [ C118A82CD78818C29AB228366EBF81C3 ] VaultSvc C:\windows\system32\lsass.exe
18:07:12.0493 3916 VaultSvc - ok
18:07:12.0496 3916 [ C5C876CCFC083FF3B128F933823E87BD ] vdrvroot C:\windows\system32\drivers\vdrvroot.sys
18:07:12.0505 3916 vdrvroot - ok
18:07:12.0511 3916 [ 8D6B481601D01A456E75C3210F1830BE ] vds C:\windows\System32\vds.exe
18:07:12.0544 3916 vds - ok
18:07:12.0547 3916 [ DA4DA3F5E02943C2DC8C6ED875DE68DD ] vga C:\windows\system32\DRIVERS\vgapnp.sys
18:07:12.0558 3916 vga - ok
18:07:12.0561 3916 [ 53E92A310193CB3C03BEA963DE7D9CFC ] VgaSave C:\windows\System32\drivers\vga.sys
18:07:12.0588 3916 VgaSave - ok
18:07:12.0592 3916 [ 2CE2DF28C83AEAF30084E1B1EB253CBB ] vhdmp C:\windows\system32\drivers\vhdmp.sys
18:07:12.0603 3916 vhdmp - ok
18:07:12.0606 3916 [ E5689D93FFE4E5D66C0178761240DD54 ] viaide C:\windows\system32\drivers\viaide.sys
18:07:12.0614 3916 viaide - ok
18:07:12.0618 3916 [ D2AAFD421940F640B407AEFAAEBD91B0 ] volmgr C:\windows\system32\drivers\volmgr.sys
18:07:12.0626 3916 volmgr - ok
18:07:12.0632 3916 [ A255814907C89BE58B79EF2F189B843B ] volmgrx C:\windows\system32\drivers\volmgrx.sys
18:07:12.0645 3916 volmgrx - ok
18:07:12.0650 3916 [ DF8126BD41180351A093A3AD2FC8903B ] volsnap C:\windows\system32\drivers\volsnap.sys
18:07:12.0662 3916 volsnap - ok
18:07:12.0666 3916 [ 5E2016EA6EBACA03C04FEAC5F330D997 ] vsmraid C:\windows\system32\drivers\vsmraid.sys
18:07:12.0676 3916 vsmraid - ok
18:07:12.0691 3916 [ B60BA0BC31B0CB414593E169F6F21CC2 ] VSS C:\windows\system32\vssvc.exe
18:07:12.0734 3916 VSS - ok
18:07:12.0737 3916 [ 36D4720B72B5C5D9CB2B9C29E9DF67A1 ] vwifibus C:\windows\system32\DRIVERS\vwifibus.sys
18:07:12.0749 3916 vwifibus - ok
18:07:12.0752 3916 [ 6A3D66263414FF0D6FA754C646612F3F ] vwififlt C:\windows\system32\DRIVERS\vwififlt.sys
18:07:12.0766 3916 vwififlt - ok
18:07:12.0769 3916 [ 6A638FC4BFDDC4D9B186C28C91BD1A01 ] vwifimp C:\windows\system32\DRIVERS\vwifimp.sys
18:07:12.0782 3916 vwifimp - ok
18:07:12.0788 3916 [ 1C9D80CC3849B3788048078C26486E1A ] W32Time C:\windows\system32\w32time.dll
18:07:12.0819 3916 W32Time - ok
18:07:12.0824 3916 [ 4E9440F4F152A7B944CB1663D3935A3E ] WacomPen C:\windows\system32\drivers\wacompen.sys
18:07:12.0834 3916 WacomPen - ok
18:07:12.0838 3916 [ 356AFD78A6ED4457169241AC3965230C ] WANARP C:\windows\system32\DRIVERS\wanarp.sys
18:07:12.0864 3916 WANARP - ok
18:07:12.0867 3916 [ 356AFD78A6ED4457169241AC3965230C ] Wanarpv6 C:\windows\system32\DRIVERS\wanarp.sys
18:07:12.0894 3916 Wanarpv6 - ok
18:07:12.0907 3916 [ 3CEC96DE223E49EAAE3651FCF8FAEA6C ] WatAdminSvc C:\windows\system32\Wat\WatAdminSvc.exe
18:07:12.0932 3916 WatAdminSvc - ok
18:07:12.0947 3916 [ 78F4E7F5C56CB9716238EB57DA4B6A75 ] wbengine C:\windows\system32\wbengine.exe
18:07:12.0971 3916 wbengine - ok
18:07:12.0976 3916 [ 3AA101E8EDAB2DB4131333F4325C76A3 ] WbioSrvc C:\windows\System32\wbiosrvc.dll
18:07:12.0991 3916 WbioSrvc - ok
18:07:12.0996 3916 [ 7368A2AFD46E5A4481D1DE9D14848EDD ] wcncsvc C:\windows\System32\wcncsvc.dll
18:07:13.0013 3916 wcncsvc - ok
18:07:13.0016 3916 [ 20F7441334B18CEE52027661DF4A6129 ] WcsPlugInService C:\windows\System32\WcsPlugInService.dll
18:07:13.0026 3916 WcsPlugInService - ok
18:07:13.0029 3916 [ 72889E16FF12BA0F235467D6091B17DC ] Wd C:\windows\system32\drivers\wd.sys
18:07:13.0037 3916 Wd - ok
18:07:13.0044 3916 [ 441BD2D7B4F98134C3A4F9FA570FD250 ] Wdf01000 C:\windows\system32\drivers\Wdf01000.sys
18:07:13.0061 3916 Wdf01000 - ok
18:07:13.0064 3916 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiServiceHost C:\windows\system32\wdi.dll
18:07:13.0087 3916 WdiServiceHost - ok
18:07:13.0090 3916 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiSystemHost C:\windows\system32\wdi.dll
18:07:13.0103 3916 WdiSystemHost - ok
18:07:13.0109 3916 [ 3DB6D04E1C64272F8B14EB8BC4616280 ] WebClient C:\windows\System32\webclnt.dll
18:07:13.0126 3916 WebClient - ok
18:07:13.0130 3916 [ C749025A679C5103E575E3B48E092C43 ] Wecsvc C:\windows\system32\wecsvc.dll
18:07:13.0160 3916 Wecsvc - ok
18:07:13.0164 3916 [ 7E591867422DC788B9E5BD337A669A08 ] wercplsupport C:\windows\System32\wercplsupport.dll
18:07:13.0196 3916 wercplsupport - ok
18:07:13.0200 3916 [ 6D137963730144698CBD10F202E9F251 ] WerSvc C:\windows\System32\WerSvc.dll
18:07:13.0229 3916 WerSvc - ok
18:07:13.0232 3916 [ 611B23304BF067451A9FDEE01FBDD725 ] WfpLwf C:\windows\system32\DRIVERS\wfplwf.sys
18:07:13.0261 3916 WfpLwf - ok
18:07:13.0264 3916 [ 05ECAEC3E4529A7153B3136CEB49F0EC ] WIMMount C:\windows\system32\drivers\wimmount.sys
18:07:13.0272 3916 WIMMount - ok
18:07:13.0274 3916 WinDefend - ok
18:07:13.0282 3916 WinHttpAutoProxySvc - ok
18:07:13.0289 3916 [ 19B07E7E8915D701225DA41CB3877306 ] Winmgmt C:\windows\system32\wbem\WMIsvc.dll
18:07:13.0318 3916 Winmgmt - ok
18:07:13.0337 3916 [ BCB1310604AA415C4508708975B3931E ] WinRM C:\windows\system32\WsmSvc.dll
18:07:13.0384 3916 WinRM - ok
18:07:13.0397 3916 [ 4FADA86E62F18A1B2F42BA18AE24E6AA ] Wlansvc C:\windows\System32\wlansvc.dll
18:07:13.0418 3916 Wlansvc - ok
18:07:13.0422 3916 [ 06C8FA1CF39DE6A735B54D906BA791C6 ] wlcrasvc C:\Program Files\Windows Live\Mesh\wlcrasvc.exe
18:07:13.0430 3916 wlcrasvc - ok
18:07:13.0452 3916 [ 2BACD71123F42CEA603F4E205E1AE337 ] wlidsvc C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
18:07:13.0485 3916 wlidsvc - ok
18:07:13.0489 3916 [ F6FF8944478594D0E414D3F048F0D778 ] WmiAcpi C:\windows\system32\drivers\wmiacpi.sys
18:07:13.0498 3916 WmiAcpi - ok
18:07:13.0504 3916 [ 38B84C94C5A8AF291ADFEA478AE54F93 ] wmiApSrv C:\windows\system32\wbem\WmiApSrv.exe
18:07:13.0515 3916 wmiApSrv - ok
18:07:13.0518 3916 WMPNetworkSvc - ok
18:07:13.0522 3916 [ 96C6E7100D724C69FCF9E7BF590D1DCA ] WPCSvc C:\windows\System32\wpcsvc.dll
18:07:13.0531 3916 WPCSvc - ok
18:07:13.0535 3916 [ 93221146D4EBBF314C29B23CD6CC391D ] WPDBusEnum C:\windows\system32\wpdbusenum.dll
18:07:13.0546 3916 WPDBusEnum - ok
18:07:13.0549 3916 [ 6BCC1D7D2FD2453957C5479A32364E52 ] ws2ifsl C:\windows\system32\drivers\ws2ifsl.sys
18:07:13.0576 3916 ws2ifsl - ok
18:07:13.0580 3916 [ E8B1FE6669397D1772D8196DF0E57A9E ] wscsvc C:\windows\System32\wscsvc.dll
18:07:13.0595 3916 wscsvc - ok
18:07:13.0598 3916 WSearch - ok
18:07:13.0622 3916 [ D9EF901DCA379CFE914E9FA13B73B4C4 ] wuauserv C:\windows\system32\wuaueng.dll
18:07:13.0665 3916 wuauserv - ok
18:07:13.0669 3916 [ D3381DC54C34D79B22CEE0D65BA91B7C ] WudfPf C:\windows\system32\drivers\WudfPf.sys
18:07:13.0696 3916 WudfPf - ok
18:07:13.0700 3916 [ CF8D590BE3373029D57AF80914190682 ] WUDFRd C:\windows\system32\DRIVERS\WUDFRd.sys
18:07:13.0727 3916 WUDFRd - ok
18:07:13.0731 3916 [ 7A95C95B6C4CF292D689106BCAE49543 ] wudfsvc C:\windows\System32\WUDFSvc.dll
18:07:13.0758 3916 wudfsvc - ok
18:07:13.0763 3916 [ F0B1D8725FAB9F4A559CCC91A960FCE0 ] WwanSvc C:\windows\System32\wwansvc.dll
18:07:13.0775 3916 WwanSvc - ok
18:07:13.0800 3916 [ D2FE4103450E52CB248D842501F84B90 ] ZeroConfigService C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe
18:07:13.0837 3916 ZeroConfigService - ok
18:07:13.0845 3916 ================ Scan global ===============================
18:07:13.0848 3916 [ BA0CD8C393E8C9F83354106093832C7B ] C:\windows\system32\basesrv.dll
18:07:13.0852 3916 [ EB6A48CC998E1090E44E8E7F1009A640 ] C:\windows\system32\winsrv.dll
18:07:13.0857 3916 [ EB6A48CC998E1090E44E8E7F1009A640 ] C:\windows\system32\winsrv.dll
18:07:13.0862 3916 [ D6160F9D869BA3AF0B787F971DB56368 ] C:\windows\system32\sxssrv.dll
18:07:13.0867 3916 [ 24ACB7E5BE595468E3B9AA488B9B4FCB ] C:\windows\system32\services.exe
18:07:13.0869 3916 [Global] - ok
18:07:13.0869 3916 ================ Scan MBR ==================================
18:07:13.0871 3916 [ 5B5E648D12FCADC244C1EC30318E1EB9 ] \Device\Harddisk0\DR0
18:07:13.0969 3916 \Device\Harddisk0\DR0 - ok
18:07:14.0445 3916 [ 8F558EB6672622401DA993E1E865C861 ] \Device\Harddisk2\DR2
18:07:14.0548 3916 \Device\Harddisk2\DR2 - ok
18:07:14.0550 3916 ================ Scan VBR ==================================
18:07:14.0553 3916 [ 1B550D175C03DE560AB025EC469E1DBB ] \Device\Harddisk0\DR0\Partition1
18:07:14.0554 3916 \Device\Harddisk0\DR0\Partition1 - ok
18:07:14.0562 3916 [ E30D9A72BA192BBD10F418A5536C99C3 ] \Device\Harddisk2\DR2\Partition1
18:07:14.0563 3916 \Device\Harddisk2\DR2\Partition1 - ok
18:07:14.0564 3916 ================ Scan active images ========================
18:07:14.0565 3916 [ 3E588B60EC061686BA05D33574A344C6 ] C:\Windows\System32\drivers\crashdmp.sys
18:07:14.0565 3916 C:\Windows\System32\drivers\crashdmp.sys - ok
18:07:14.0568 3916 [ 814DB88F2641691575A455CF25354098 ] C:\Windows\System32\drivers\dumpfve.sys
18:07:14.0568 3916 C:\Windows\System32\drivers\dumpfve.sys - ok
18:07:14.0571 3916 [ C224331A54571C8C9162F7714400BBBD ] C:\Windows\System32\drivers\iaStor.sys
18:07:14.0571 3916 C:\Windows\System32\drivers\iaStor.sys - ok
18:07:14.0574 3916 [ 16A47CE2DECC9B099349A5F840654746 ] C:\Windows\System32\drivers\beep.sys
18:07:14.0574 3916 C:\Windows\System32\drivers\beep.sys - ok
18:07:14.0577 3916 [ 9899284589F75FA8724FF3D16AED75C1 ] C:\Windows\System32\drivers\null.sys
18:07:14.0577 3916 C:\Windows\System32\drivers\null.sys - ok
18:07:14.0580 3916 [ CEA6CC257FC9B7715F1C2B4849286D24 ] C:\Windows\System32\drivers\RDPCDD.sys
18:07:14.0580 3916 C:\Windows\System32\drivers\RDPCDD.sys - ok
18:07:14.0583 3916 [ 53E92A310193CB3C03BEA963DE7D9CFC ] C:\Windows\System32\drivers\vga.sys
18:07:14.0583 3916 C:\Windows\System32\drivers\vga.sys - ok
18:07:14.0587 3916 [ E7353D59C9842BC7299FAEB7E7E09340 ] C:\Windows\System32\drivers\videoprt.sys
18:07:14.0587 3916 C:\Windows\System32\drivers\videoprt.sys - ok
18:07:14.0591 3916 [ FC438D1430B28618E2D0C7C332A710AD ] C:\Windows\System32\drivers\watchdog.sys
18:07:14.0591 3916 C:\Windows\System32\drivers\watchdog.sys - ok
18:07:14.0594 3916 [ AA3FB40E17CE1388FA1BEDAB50EA8F96 ] C:\Windows\System32\drivers\msfs.sys
18:07:14.0594 3916 C:\Windows\System32\drivers\msfs.sys - ok
18:07:14.0597 3916 [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7 ] C:\Windows\System32\drivers\npfs.sys
18:07:14.0597 3916 C:\Windows\System32\drivers\npfs.sys - ok
18:07:14.0600 3916 [ BB5971A4F00659529A5C44831AF22365 ] C:\Windows\System32\drivers\RDPENCDD.sys
18:07:14.0600 3916 C:\Windows\System32\drivers\RDPENCDD.sys - ok
18:07:14.0603 3916 [ 216F3FA57533D98E1F74DED70113177A ] C:\Windows\System32\drivers\RDPREFMP.sys
18:07:14.0603 3916 C:\Windows\System32\drivers\RDPREFMP.sys - ok
18:07:14.0607 3916 [ 6F020A220388ECA0AB6062DC27BD16B6 ] C:\Windows\System32\drivers\tdi.sys
18:07:14.0607 3916 C:\Windows\System32\drivers\tdi.sys - ok
18:07:14.0611 3916 [ DDAD5A7AB24D8B65F8D724F5C20FD806 ] C:\Windows\System32\drivers\tdx.sys
18:07:14.0611 3916 C:\Windows\System32\drivers\tdx.sys - ok
18:07:14.0614 3916 [ 1C7857B62DE5994A75B054A9FD4C3825 ] C:\Windows\System32\drivers\afd.sys
18:07:14.0614 3916 C:\Windows\System32\drivers\afd.sys - ok
18:07:14.0617 3916 [ 09594D1089C523423B32A4229263F068 ] C:\Windows\System32\drivers\netbt.sys
18:07:14.0617 3916 C:\Windows\System32\drivers\netbt.sys - ok
18:07:14.0620 3916 [ 611B23304BF067451A9FDEE01FBDD725 ] C:\Windows\System32\drivers\wfplwf.sys
18:07:14.0620 3916 C:\Windows\System32\drivers\wfplwf.sys - ok
18:07:14.0623 3916 [ 86743D9F5D2B1048062B14B1D84501C4 ] C:\Windows\System32\drivers\netbios.sys
18:07:14.0623 3916 C:\Windows\System32\drivers\netbios.sys - ok
18:07:14.0626 3916 [ 0557CF5A2556BD58E26384169D72438D ] C:\Windows\System32\drivers\pacer.sys
18:07:14.0626 3916 C:\Windows\System32\drivers\pacer.sys - ok
18:07:14.0630 3916 [ 561E7E1F06895D78DE991E01DD0FB6E5 ] C:\Windows\System32\drivers\termdd.sys
18:07:14.0630 3916 C:\Windows\System32\drivers\termdd.sys - ok
18:07:14.0634 3916 [ 6A3D66263414FF0D6FA754C646612F3F ] C:\Windows\System32\drivers\vwififlt.sys
18:07:14.0634 3916 C:\Windows\System32\drivers\vwififlt.sys - ok
18:07:14.0637 3916 [ 356AFD78A6ED4457169241AC3965230C ] C:\Windows\System32\drivers\wanarp.sys
18:07:14.0637 3916 C:\Windows\System32\drivers\wanarp.sys - ok
18:07:14.0640 3916 [ 61583EE3C3A17003C4ACD0475646B4D3 ] C:\Windows\System32\drivers\blbdrive.sys
18:07:14.0640 3916 C:\Windows\System32\drivers\blbdrive.sys - ok
18:07:14.0643 3916 [ 9BB2EF44EAA163B29C4A4587887A0FE4 ] C:\Windows\System32\drivers\dfsc.sys
18:07:14.0643 3916 C:\Windows\System32\drivers\dfsc.sys - ok
18:07:14.0646 3916 [ 13096B05847EC78F0977F2C0F79E9AB3 ] C:\Windows\System32\drivers\discache.sys
18:07:14.0646 3916 C:\Windows\System32\drivers\discache.sys - ok
18:07:14.0649 3916 [ 0EED230E37515A0EAEE3C2E1BC97B288 ] C:\Windows\System32\drivers\mssmbios.sys
18:07:14.0649 3916 C:\Windows\System32\drivers\mssmbios.sys - ok
18:07:14.0652 3916 [ E7F5AE18AF4168178A642A9247C63001 ] C:\Windows\System32\drivers\nsiproxy.sys
18:07:14.0652 3916 C:\Windows\System32\drivers\nsiproxy.sys - ok
18:07:14.0654 3916 [ 77F665941019A1594D887A74F301FA2F ] C:\Windows\System32\drivers\rdbss.sys
18:07:14.0654 3916 C:\Windows\System32\drivers\rdbss.sys - ok
18:07:14.0657 3916 [ ADA036632C664CAA754079041CF1F8C1 ] C:\Windows\System32\drivers\intelppm.sys
18:07:14.0657 3916 C:\Windows\System32\drivers\intelppm.sys - ok
18:07:14.0660 3916 [ 3566A8DAAFA27AF944F5D705EAA64894 ] C:\Windows\System32\drivers\tunnel.sys
18:07:14.0660 3916 C:\Windows\System32\drivers\tunnel.sys - ok
18:07:14.0663 3916 [ CF95B85FF8D128385ABD411C8CA74DED ] C:\Windows\System32\ntdll.dll
18:07:14.0663 3916 C:\Windows\System32\ntdll.dll - ok
18:07:14.0666 3916 [ 1911A3356FA3F77CCC825CCBAC038C2A ] C:\Windows\System32\smss.exe
18:07:14.0666 3916 C:\Windows\System32\smss.exe - ok
18:07:14.0668 3916 [ 3B536A8BEC3B4F23FFDFD78B11A2AB93 ] C:\Windows\System32\autochk.exe
18:07:14.0668 3916 C:\Windows\System32\autochk.exe - ok
18:07:14.0670 3916 [ 3FB253E8059A1AAC3A8B83A31D094CC5 ] C:\Windows\System32\drivers\igdkmd64.sys
18:07:14.0670 3916 C:\Windows\System32\drivers\igdkmd64.sys - ok
18:07:14.0673 3916 [ E10A0704318A6F7E52787D09717D7C2C ] C:\Windows\System32\iertutil.dll
18:07:14.0673 3916 C:\Windows\System32\iertutil.dll - ok
18:07:14.0677 3916 [ 85DBF6EC7BDFA6187F4A1EC8F3145CD0 ] C:\Windows\System32\drivers\dxgkrnl.sys
18:07:14.0677 3916 C:\Windows\System32\drivers\dxgkrnl.sys - ok
18:07:14.0681 3916 [ D0BF5B74A3B75F5B07DF04DA258A29B9 ] C:\Windows\System32\drivers\dxgmms1.sys
18:07:14.0681 3916 C:\Windows\System32\drivers\dxgmms1.sys - ok
18:07:14.0684 3916 [ 6B01B7414A105B9E51652089A03027CF ] C:\Windows\System32\drivers\HECIx64.sys
18:07:14.0684 3916 C:\Windows\System32\drivers\HECIx64.sys - ok
18:07:14.0687 3916 [ FC5EFD7C797DF19DFB999F0605A7924E ] C:\Windows\System32\drivers\iusb3xhc.sys
18:07:14.0687 3916 C:\Windows\System32\drivers\iusb3xhc.sys - ok
18:07:14.0690 3916 [ CCA2AB1752A61F29C3C941CD79D78CEA ] C:\Windows\System32\drivers\usbd.sys
18:07:14.0690 3916 C:\Windows\System32\drivers\usbd.sys - ok
18:07:14.0694 3916 [ 2E83CF60759CAEA3F0CEB26D58208CAB ] C:\Windows\System32\drivers\e1c62x64.sys
18:07:14.0694 3916 C:\Windows\System32\drivers\e1c62x64.sys - ok
18:07:14.0697 3916 [ AE259C75F9A0B057B6BF9E9695632B09 ] C:\Windows\System32\drivers\usbport.sys
18:07:14.0697 3916 C:\Windows\System32\drivers\usbport.sys - ok
18:07:14.0700 3916 [ 97BFED39B6B79EB12CDDBFEED51F56BB ] C:\Windows\System32\drivers\hdaudbus.sys
18:07:14.0700 3916 C:\Windows\System32\drivers\hdaudbus.sys - ok
18:07:14.0703 3916 [ 5A227511ED22DDFEDF7EF7323C8F7D2F ] C:\Windows\System32\drivers\risdxc64.sys
18:07:14.0703 3916 C:\Windows\System32\drivers\risdxc64.sys - ok
18:07:14.0706 3916 [ C025055FE7B87701EB042095DF1A2D7B ] C:\Windows\System32\drivers\usbehci.sys
18:07:14.0706 3916 C:\Windows\System32\drivers\usbehci.sys - ok
18:07:14.0709 3916 [ 079F133C8BF1CF5DE310DEB467CA6AA6 ] C:\Windows\System32\drivers\Netwsw00.sys
18:07:14.0709 3916 C:\Windows\System32\drivers\Netwsw00.sys - ok
18:07:14.0712 3916 [ 36D4720B72B5C5D9CB2B9C29E9DF67A1 ] C:\Windows\System32\drivers\vwifibus.sys
18:07:14.0712 3916 C:\Windows\System32\drivers\vwifibus.sys - ok
18:07:14.0715 3916 [ FA55C73D4AFFA7EE23AC4BE53B4592D3 ] C:\Windows\System32\drivers\i8042prt.sys
18:07:14.0715 3916 C:\Windows\System32\drivers\i8042prt.sys - ok
18:07:14.0718 3916 [ BC02336F1CBA7DCC7D1213BB588A68A5 ] C:\Windows\System32\drivers\kbdclass.sys
18:07:14.0718 3916 C:\Windows\System32\drivers\kbdclass.sys - ok
18:07:14.0720 3916 [ 772493A8945495F1A287BF6C4CA25B48 ] C:\Windows\System32\drivers\SynTP.sys
18:07:14.0720 3916 C:\Windows\System32\drivers\SynTP.sys - ok
18:07:14.0723 3916 [ 7D27EA49F3C1F687D357E77A470AEA99 ] C:\Windows\System32\drivers\mouclass.sys
18:07:14.0723 3916 C:\Windows\System32\drivers\mouclass.sys - ok
18:07:14.0726 3916 [ 9C7191F4B2E49BFF47A6C1144B5923FA ] C:\Windows\System32\drivers\TVALZFL.sys
18:07:14.0727 3916 C:\Windows\System32\drivers\TVALZFL.sys - ok
18:07:14.0729 3916 [ 7ECFF9B22276B73F43A99A15A6094E90 ] C:\Windows\System32\drivers\agilevpn.sys
18:07:14.0729 3916 C:\Windows\System32\drivers\agilevpn.sys - ok
18:07:14.0733 3916 [ 0840155D0BDDF1190F84A663C284BD33 ] C:\Windows\System32\drivers\CmBatt.sys
18:07:14.0733 3916 C:\Windows\System32\drivers\CmBatt.sys - ok
18:07:14.0736 3916 [ 03EDB043586CCEBA243D689BDDA370A8 ] C:\Windows\System32\drivers\CompositeBus.sys
18:07:14.0736 3916 C:\Windows\System32\drivers\CompositeBus.sys - ok
18:07:14.0739 3916 [ 6DC22BDAA595BE00F19696E72F2F3312 ] C:\Windows\System32\drivers\irstrtdv.sys
18:07:14.0739 3916 C:\Windows\System32\drivers\irstrtdv.sys - ok
18:07:14.0743 3916 [ 471815800AE33E6F1C32FB1B97C490CA ] C:\Windows\System32\drivers\rasl2tp.sys
18:07:14.0743 3916 C:\Windows\System32\drivers\rasl2tp.sys - ok
18:07:14.0747 3916 [ A4DDAD3BF13F370EC392BE243E334EBA ] C:\Windows\System32\drivers\tosrfec.sys
18:07:14.0747 3916 C:\Windows\System32\drivers\tosrfec.sys - ok
18:07:14.0751 3916 [ 30639C932D9FEF22B31268FE25A1B6E5 ] C:\Windows\System32\drivers\ndistapi.sys
18:07:14.0751 3916 C:\Windows\System32\drivers\ndistapi.sys - ok
18:07:14.0753 3916 [ 53F7305169863F0A2BDDC49E116C2E11 ] C:\Windows\System32\drivers\ndiswan.sys
18:07:14.0753 3916 C:\Windows\System32\drivers\ndiswan.sys - ok
18:07:14.0757 3916 [ 855C9B1CD4756C5E9A2AA58A15F58C25 ] C:\Windows\System32\drivers\raspppoe.sys
18:07:14.0757 3916 C:\Windows\System32\drivers\raspppoe.sys - ok
18:07:14.0760 3916 [ F92A2C41117A11A00BE01CA01A7FCDE9 ] C:\Windows\System32\drivers\raspptp.sys
18:07:14.0761 3916 C:\Windows\System32\drivers\raspptp.sys - ok
18:07:14.0763 3916 [ E8B1E447B008D07FF47D016C2B0EEECB ] C:\Windows\System32\drivers\rassstp.sys
18:07:14.0763 3916 C:\Windows\System32\drivers\rassstp.sys - ok
18:07:14.0766 3916 [ 716F66336F10885D935B08174DC54242 ] C:\Windows\System32\drivers\iwdbus.sys
18:07:14.0766 3916 C:\Windows\System32\drivers\iwdbus.sys - ok
18:07:14.0769 3916 [ 24FBF5CC5C04150073C315A7C83521EE ] C:\Windows\System32\drivers\ks.sys
18:07:14.0769 3916 C:\Windows\System32\drivers\ks.sys - ok
18:07:14.0772 3916 [ D01EC09B6711A5F8E7E6564A4D0FBC90 ] C:\Windows\System32\drivers\swenum.sys
18:07:14.0772 3916 C:\Windows\System32\drivers\swenum.sys - ok
18:07:14.0775 3916 [ DC54A574663A895C8763AF0FA1FF7561 ] C:\Windows\System32\drivers\umbus.sys
18:07:14.0775 3916 C:\Windows\System32\drivers\umbus.sys - ok
18:07:14.0778 3916 [ 5D8E6C95156ED1F79A63D1EADE6F9ED5 ] C:\Windows\System32\setupapi.dll
18:07:14.0778 3916 C:\Windows\System32\setupapi.dll - ok
18:07:14.0781 3916 [ 25983DE69B57142039AC8D95E71CD9C9 ] C:\Windows\System32\clbcatq.dll
18:07:14.0781 3916 C:\Windows\System32\clbcatq.dll - ok
18:07:14.0783 3916 [ 2F8B1E3EE3545D3B5A8D56FA1AE07B65 ] C:\Windows\System32\usp10.dll
18:07:14.0783 3916 C:\Windows\System32\usp10.dll - ok
18:07:14.0786 3916 [ B9B42A302325537D7B9DC52D47F33A73 ] C:\Windows\System32\kernel32.dll
18:07:14.0786 3916 C:\Windows\System32\kernel32.dll - ok
18:07:14.0789 3916 [ 044FE45FFD6AD40E3BBBE60B7F41BABE ] C:\Windows\System32\nsi.dll
18:07:14.0789 3916 C:\Windows\System32\nsi.dll - ok
18:07:14.0792 3916 [ 0611473C1AD9E2D991CD9482068417F7 ] C:\Windows\System32\rpcrt4.dll
18:07:14.0792 3916 C:\Windows\System32\rpcrt4.dll - ok
18:07:14.0795 3916 [ 9835E63E09F824D22B689D2BB789BAB9 ] C:\Windows\System32\comdlg32.dll
18:07:14.0795 3916 C:\Windows\System32\comdlg32.dll - ok
18:07:14.0798 3916 [ 1084AA52CCC324EA54C7121FA24C2221 ] C:\Windows\System32\gdi32.dll
18:07:14.0798 3916 C:\Windows\System32\gdi32.dll - ok
18:07:14.0800 3916 [ A1BE6A720D02E37F72E9CD89AE9CB3CF ] C:\Windows\System32\imagehlp.dll
18:07:14.0800 3916 C:\Windows\System32\imagehlp.dll - ok
18:07:14.0803 3916 [ C391FC68282A000CDF953F8B6B55D2EF ] C:\Windows\System32\msvcrt.dll
18:07:14.0803 3916 C:\Windows\System32\msvcrt.dll - ok
18:07:14.0806 3916 [ 4E4FFB09D895AA000DD56D1404F69A7E ] C:\Windows\System32\Wldap32.dll
18:07:14.0806 3916 C:\Windows\System32\Wldap32.dll - ok
18:07:14.0809 3916 [ C431EAF5CAA1C82CAC2534A2EAB348A3 ] C:\Windows\System32\msctf.dll
18:07:14.0809 3916 C:\Windows\System32\msctf.dll - ok
18:07:14.0812 3916 [ 287C6C9410B111B68B52CA298F7B8C24 ] C:\Windows\System32\drivers\usbhub.sys
18:07:14.0812 3916 C:\Windows\System32\drivers\usbhub.sys - ok
18:07:14.0815 3916 [ D202223587518B13D72D68937B7E3F70 ] C:\Windows\System32\lpk.dll
18:07:14.0815 3916 C:\Windows\System32\lpk.dll - ok
18:07:14.0817 3916 [ 28C0B5024F5C5A438E78B188CFC81B7F ] C:\Windows\System32\normaliz.dll
18:07:14.0817 3916 C:\Windows\System32\normaliz.dll - ok
18:07:14.0820 3916 [ C06B32165E23A72A898B7A89679AD754 ] C:\Windows\System32\oleaut32.dll
18:07:14.0820 3916 C:\Windows\System32\oleaut32.dll - ok
18:07:14.0824 3916 [ D87E1E59C73C1F98D5DED5B3850C40F5 ] C:\Windows\System32\psapi.dll
18:07:14.0824 3916 C:\Windows\System32\psapi.dll - ok
18:07:14.0827 3916 [ 83404DCBCE4925B6A5A77C5170F46D86 ] C:\Windows\System32\sechost.dll
18:07:14.0827 3916 C:\Windows\System32\sechost.dll - ok
18:07:14.0830 3916 [ FE70103391A64039A921DBFFF9C7AB1B ] C:\Windows\System32\user32.dll
18:07:14.0830 3916 C:\Windows\System32\user32.dll - ok
18:07:14.0833 3916 [ 6DF46D2BD74E3DA1B45F08F10D172732 ] C:\Windows\System32\advapi32.dll
18:07:14.0833 3916 C:\Windows\System32\advapi32.dll - ok
18:07:14.0835 3916 [ 6C60B5ACA7442EFB794082CDACFC001C ] C:\Windows\System32\ole32.dll
18:07:14.0836 3916 C:\Windows\System32\ole32.dll - ok
18:07:14.0838 3916 [ F7CE0C81C545364020ED8203CF0A633E ] C:\Windows\System32\difxapi.dll
18:07:14.0838 3916 C:\Windows\System32\difxapi.dll - ok
18:07:14.0842 3916 [ 015C0D8E0E0421B4CFD48CFFE2825879 ] C:\Windows\System32\drivers\ndproxy.sys
18:07:14.0842 3916 C:\Windows\System32\drivers\ndproxy.sys - ok
18:07:14.0845 3916 [ AA2C08CE85653B1A0D2E4AB407FA176C ] C:\Windows\System32\imm32.dll
18:07:14.0845 3916 C:\Windows\System32\imm32.dll - ok
18:07:14.0848 3916 [ 8EA68FD3780DDDD5072F8CB830B3CB3D ] C:\Windows\System32\wininet.dll
18:07:14.0848 3916 C:\Windows\System32\wininet.dll - ok
18:07:14.0851 3916 [ EAF32CB8C1F810E4715B4DFBE785C7FF ] C:\Windows\System32\shlwapi.dll
18:07:14.0851 3916 C:\Windows\System32\shlwapi.dll - ok
18:07:14.0855 3916 [ 7F7FE11DF2D67B36DFE5013881619A94 ] C:\Windows\System32\urlmon.dll
18:07:14.0855 3916 C:\Windows\System32\urlmon.dll - ok
18:07:14.0858 3916 [ 4BBFA57F594F7E8A8EDC8F377184C3F0 ] C:\Windows\System32\ws2_32.dll
18:07:14.0858 3916 C:\Windows\System32\ws2_32.dll - ok
18:07:14.0862 3916 [ C6689007B3A749C49A5438DCF36E0CE4 ] C:\Windows\System32\shell32.dll
18:07:14.0862 3916 C:\Windows\System32\shell32.dll - ok
18:07:14.0864 3916 [ 6B5174702343BD955E174FDFEFA2A1A3 ] C:\Windows\System32\KernelBase.dll
18:07:14.0864 3916 C:\Windows\System32\KernelBase.dll - ok
18:07:14.0867 3916 [ 53238D99636BBA85F491C3E8FD22AB00 ] C:\Windows\System32\wintrust.dll
18:07:14.0867 3916 C:\Windows\System32\wintrust.dll - ok
18:07:14.0870 3916 [ 2477A28081BDAEE622CF045ACF8EE124 ] C:\Windows\System32\cfgmgr32.dll
18:07:14.0870 3916 C:\Windows\System32\cfgmgr32.dll - ok
18:07:14.0873 3916 [ 14DFDEAF4E589ED3F1FF187A86B9408C ] C:\Windows\System32\comctl32.dll
18:07:14.0873 3916 C:\Windows\System32\comctl32.dll - ok
18:07:14.0876 3916 [ FAF1BA660F84789CCCE747CE6F9D055A ] C:\Windows\System32\crypt32.dll
18:07:14.0876 3916 C:\Windows\System32\crypt32.dll - ok
18:07:14.0878 3916 [ 06FEC9E8117103BB1141A560E98077DA ] C:\Windows\System32\devobj.dll
18:07:14.0879 3916 C:\Windows\System32\devobj.dll - ok
18:07:14.0881 3916 [ 884415BD4269C02EAF8E2613BF85500D ] C:\Windows\System32\msasn1.dll
18:07:14.0881 3916 C:\Windows\System32\msasn1.dll - ok
18:07:14.0884 3916 [ 9C278785347BCC991F8EA2999D90F58D ] C:\Windows\SysWOW64\normaliz.dll
18:07:14.0884 3916 C:\Windows\SysWOW64\normaliz.dll - ok
18:07:14.0887 3916 [ 1D88A23853387D34D52CC8F9DDBFC56C ] C:\Windows\System32\drivers\iusb3hub.sys
18:07:14.0887 3916 C:\Windows\System32\drivers\iusb3hub.sys - ok
18:07:14.0889 3916 [ 21D26064AEDB4988F785BB4A3A2C051E ] C:\Windows\System32\drivers\drmk.sys
18:07:14.0890 3916 C:\Windows\System32\drivers\drmk.sys - ok
18:07:14.0893 3916 [ 32E11315B5126921FFD9074840EF13D3 ] C:\Windows\System32\drivers\portcls.sys
18:07:14.0893 3916 C:\Windows\System32\drivers\portcls.sys - ok
18:07:14.0895 3916 [ 21F54139C93FC595902B58ED947D47D5 ] C:\Windows\System32\drivers\RTKVHD64.sys
18:07:14.0895 3916 C:\Windows\System32\drivers\RTKVHD64.sys - ok
18:07:14.0898 3916 [ 6C9FFFECA9FED31347D211C5D1FFBD2D ] C:\Windows\System32\drivers\IntcDAud.sys
18:07:14.0898 3916 C:\Windows\System32\drivers\IntcDAud.sys - ok
18:07:14.0901 3916 [ 6869281E78CB31A43E969F06B57347C4 ] C:\Windows\System32\drivers\ksthunk.sys
18:07:14.0901 3916 C:\Windows\System32\drivers\ksthunk.sys - ok
18:07:14.0904 3916 [ BF24D6F2ED97FE830BFD52B246F98E67 ] C:\Windows\System32\drivers\dxapi.sys
18:07:14.0904 3916 C:\Windows\System32\drivers\dxapi.sys - ok
18:07:14.0907 3916 [ F0D6864A7D52CE137E0A9D24795C3F0E ] C:\Windows\System32\win32k.sys
18:07:14.0907 3916 C:\Windows\System32\win32k.sys - ok
18:07:14.0910 3916 [ BA0CD8C393E8C9F83354106093832C7B ] C:\Windows\System32\basesrv.dll
18:07:14.0911 3916 C:\Windows\System32\basesrv.dll - ok
18:07:14.0913 3916 [ 96F587CA26A6AA894BD8CACE4540CFFC ] C:\Windows\System32\csrsrv.dll
18:07:14.0913 3916 C:\Windows\System32\csrsrv.dll - ok
18:07:14.0916 3916 [ 60C2862B4BF0FD9F582EF344C2B1EC72 ] C:\Windows\System32\csrss.exe
18:07:14.0916 3916 C:\Windows\System32\csrss.exe - ok
18:07:14.0918 3916 [ EB6A48CC998E1090E44E8E7F1009A640 ] C:\Windows\System32\winsrv.dll
18:07:14.0918 3916 C:\Windows\System32\winsrv.dll - ok
18:07:14.0921 3916 [ FED648B01349A3C8395A5169DB5FB7D6 ] C:\Windows\System32\drivers\USBSTOR.SYS
18:07:14.0921 3916 C:\Windows\System32\drivers\USBSTOR.SYS - ok
18:07:14.0925 3916 [ 8B0E40E7E8BBF5ACF390465609D89FF1 ] C:\Windows\System32\drivers\hidclass.sys
18:07:14.0925 3916 C:\Windows\System32\drivers\hidclass.sys - ok
18:07:14.0928 3916 [ 49EE2E52E6CD03947DAD72F65367BE06 ] C:\Windows\System32\drivers\hidparse.sys
18:07:14.0929 3916 C:\Windows\System32\drivers\hidparse.sys - ok
18:07:14.0932 3916 [ 9592090A7E2B61CD582B612B6DF70536 ] C:\Windows\System32\drivers\hidusb.sys
18:07:14.0932 3916 C:\Windows\System32\drivers\hidusb.sys - ok
18:07:14.0935 3916 [ D3BF052C40B0C4166D9FD86A4288C1E6 ] C:\Windows\System32\drivers\mouhid.sys
18:07:14.0935 3916 C:\Windows\System32\drivers\mouhid.sys - ok
18:07:14.0939 3916 [ 0ADC83218B66A6DB380C330836F3E36D ] C:\Windows\System32\drivers\fastfat.sys
18:07:14.0939 3916 C:\Windows\System32\drivers\fastfat.sys - ok
18:07:14.0942 3916 [ 6F1A3157A1C89435352CEB543CDB359C ] C:\Windows\System32\drivers\usbccgp.sys
18:07:14.0942 3916 C:\Windows\System32\drivers\usbccgp.sys - ok
18:07:14.0945 3916 [ 454800C2BC7F3927CE030141EE4F4C50 ] C:\Windows\System32\drivers\usbvideo.sys
18:07:14.0945 3916 C:\Windows\System32\drivers\usbvideo.sys - ok
18:07:14.0947 3916 [ 91111CEBBDE8015E822C46120ED9537C ] C:\Windows\System32\drivers\PGEffect.sys
18:07:14.0948 3916 C:\Windows\System32\drivers\PGEffect.sys - ok
18:07:14.0950 3916 [ B03D591DC7DA45ECE20B3B467E6AADAA ] C:\Windows\System32\drivers\monitor.sys
18:07:14.0950 3916 C:\Windows\System32\drivers\monitor.sys - ok
18:07:14.0953 3916 [ D6160F9D869BA3AF0B787F971DB56368 ] C:\Windows\System32\sxssrv.dll
18:07:14.0953 3916 C:\Windows\System32\sxssrv.dll - ok
18:07:14.0956 3916 [ F29FE765E1448EF371CFE05BFAC74ADB ] C:\Windows\System32\tsddd.dll
18:07:14.0956 3916 C:\Windows\System32\tsddd.dll - ok
18:07:14.0959 3916 [ 94355C28C1970635A31B3FE52EB7CEBA ] C:\Windows\System32\wininit.exe
18:07:14.0959 3916 C:\Windows\System32\wininit.exe - ok
18:07:14.0962 3916 [ 78523A26F5604C0568FE9D1CE86E36F4 ] C:\Windows\System32\KBDUS.DLL
18:07:14.0962 3916 C:\Windows\System32\KBDUS.DLL - ok
18:07:14.0964 3916 [ 2C942733A5983DD4502219FF37C7EBC7 ] C:\Windows\System32\profapi.dll
18:07:14.0964 3916 C:\Windows\System32\profapi.dll - ok
18:07:14.0967 3916 [ C2A8CB1275ECB85D246A9ECC02A728E3 ] C:\Windows\System32\RpcRtRemote.dll
18:07:14.0967 3916 C:\Windows\System32\RpcRtRemote.dll - ok
18:07:14.0970 3916 [ 943F527DF79E6B400104341AA7023C75 ] C:\Windows\System32\cdd.dll
18:07:14.0970 3916 C:\Windows\System32\cdd.dll - ok
18:07:14.0973 3916 [ 784FA3DF338E2E8F5F0389D6FAC428AF ] C:\Windows\System32\cryptbase.dll
18:07:14.0973 3916 C:\Windows\System32\cryptbase.dll - ok
18:07:14.0975 3916 [ 9CEAD32E79A62150FE9F8557E58E008B ] C:\Windows\System32\sxs.dll
18:07:14.0976 3916 C:\Windows\System32\sxs.dll - ok
18:07:14.0979 3916 [ B26B1801356760841C3BC69F9F91537F ] C:\Windows\System32\WlS0WndH.dll
18:07:14.0979 3916 C:\Windows\System32\WlS0WndH.dll - ok
18:07:14.0981 3916 [ 90499F3163A9F815CF196A205EA3CD5D ] C:\Windows\System32\apphelp.dll
18:07:14.0981 3916 C:\Windows\System32\apphelp.dll - ok
18:07:14.0984 3916 [ 66A6063D0BAAD3F7B2B9868859E0743B ] C:\Windows\System32\lsasrv.dll
18:07:14.0984 3916 C:\Windows\System32\lsasrv.dll - ok
18:07:14.0987 3916 [ C118A82CD78818C29AB228366EBF81C3 ] C:\Windows\System32\lsass.exe
18:07:14.0987 3916 C:\Windows\System32\lsass.exe - ok
18:07:14.0990 3916 [ 9662EE182644511439F1C53745DC1C88 ] C:\Windows\System32\lsm.exe
18:07:14.0990 3916 C:\Windows\System32\lsm.exe - ok
18:07:14.0994 3916 [ 24ACB7E5BE595468E3B9AA488B9B4FCB ] C:\Windows\System32\services.exe
18:07:14.0994 3916 C:\Windows\System32\services.exe - ok
18:07:14.0998 3916 [ B66BC8B20B7F33975865B1DF99783FD8 ] C:\Windows\System32\sspicli.dll
18:07:14.0998 3916 C:\Windows\System32\sspicli.dll - ok
18:07:15.0001 3916 [ 3A0CE5FE781708CD6ABD55313607EC8B ] C:\Windows\System32\sspisrv.dll
18:07:15.0001 3916 C:\Windows\System32\sspisrv.dll - ok
18:07:15.0005 3916 [ A744BA6E04C8AA4592818178DBF89521 ] C:\Windows\System32\samsrv.dll
18:07:15.0005 3916 C:\Windows\System32\samsrv.dll - ok
18:07:15.0009 3916 [ BBCDF350817BA86416C0F06B6981BE8D ] C:\Windows\System32\scesrv.dll
18:07:15.0009 3916 C:\Windows\System32\scesrv.dll - ok
18:07:15.0012 3916 [ E914A50A151DFFE63D3935226DB5E2C1 ] C:\Windows\System32\scext.dll
18:07:15.0012 3916 C:\Windows\System32\scext.dll - ok
18:07:15.0014 3916 [ 0144D8D75A0B12938AEEE859E3310A46 ] C:\Windows\System32\secur32.dll
18:07:15.0015 3916 C:\Windows\System32\secur32.dll - ok
18:07:15.0017 3916 [ 3A9C9BAF610B0DD4967086040B3B62A9 ] C:\Windows\System32\srvcli.dll
18:07:15.0017 3916 C:\Windows\System32\srvcli.dll - ok
18:07:15.0020 3916 [ 68083118797CAF30FB2EA3E71494D67E ] C:\Windows\System32\sysntfy.dll
18:07:15.0020 3916 C:\Windows\System32\sysntfy.dll - ok
18:07:15.0023 3916 [ DEE7267C5D232A3B816866872CE199E6 ] C:\Windows\System32\wmsgapi.dll
18:07:15.0023 3916 C:\Windows\System32\wmsgapi.dll - ok
18:07:15.0026 3916 [ 7FBEBD2229EA5FD48D41B199EC2D541C ] C:\Windows\System32\authz.dll
18:07:15.0026 3916 C:\Windows\System32\authz.dll - ok
18:07:15.0029 3916 [ B9A95365E52F421A20E1501935FADDA5 ] C:\Windows\System32\bcrypt.dll
18:07:15.0029 3916 C:\Windows\System32\bcrypt.dll - ok
18:07:15.0032 3916 [ 86FE1B1F8FD42CD0DB641AB1CDB13093 ] C:\Windows\System32\cngaudit.dll
18:07:15.0032 3916 C:\Windows\System32\cngaudit.dll - ok
18:07:15.0035 3916 [ 3A061472B38233BAFF9CFEFF2E49C46B ] C:\Windows\System32\cryptdll.dll
18:07:15.0035 3916 C:\Windows\System32\cryptdll.dll - ok
18:07:15.0038 3916 [ 400645085A91BF3EB0271329B95AE0BE ] C:\Windows\System32\ncrypt.dll
18:07:15.0038 3916 C:\Windows\System32\ncrypt.dll - ok
18:07:15.0041 3916 [ 3C073B0C596A0AF84933E7406766B040 ] C:\Windows\System32\wevtapi.dll
18:07:15.0041 3916 C:\Windows\System32\wevtapi.dll - ok
18:07:15.0044 3916 [ 16ECE8BD6734CC170B9AE74176E89A9B ] C:\Windows\System32\kerberos.dll
18:07:15.0044 3916 C:\Windows\System32\kerberos.dll - ok
18:07:15.0047 3916 [ 02B64609F865A39365FF88580DF11738 ] C:\Windows\System32\msprivs.dll
18:07:15.0047 3916 C:\Windows\System32\msprivs.dll - ok
18:07:15.0049 3916 [ 50532FCD7ECF02DD169CE5C485F02534 ] C:\Windows\System32\negoexts.dll
18:07:15.0049 3916 C:\Windows\System32\negoexts.dll - ok
18:07:15.0053 3916 [ C6505DE3561537BA1004D638C2F93F2F ] C:\Windows\System32\netjoin.dll
18:07:15.0053 3916 C:\Windows\System32\netjoin.dll - ok
18:07:15.0056 3916 [ D0C2FBB6D97416B0166478FC7AE2B212 ] C:\Windows\System32\cryptsp.dll
18:07:15.0056 3916 C:\Windows\System32\cryptsp.dll - ok
18:07:15.0060 3916 [ EF12B8385AA2849999008A977918F96B ] C:\Windows\System32\msv1_0.dll
18:07:15.0060 3916 C:\Windows\System32\msv1_0.dll - ok
18:07:15.0063 3916 [ 1D5185A4C7E6695431AE4B55C3D7D333 ] C:\Windows\System32\mswsock.dll
18:07:15.0063 3916 C:\Windows\System32\mswsock.dll - ok
18:07:15.0067 3916 [ EC7CBFF96B05ECF3D366355B3C64ADCF ] C:\Windows\System32\wship6.dll
18:07:15.0067 3916 C:\Windows\System32\wship6.dll - ok
18:07:15.0070 3916 [ 492D07D79E7024CA310867B526D9636D ] C:\Windows\System32\dnsapi.dll
18:07:15.0070 3916 C:\Windows\System32\dnsapi.dll - ok
18:07:15.0073 3916 [ 8FFE297B8449386E7B6851458B6E474E ] C:\Windows\System32\logoncli.dll
18:07:15.0073 3916 C:\Windows\System32\logoncli.dll - ok
18:07:15.0076 3916 [ AA339DD8BB128EF66660DFBBB59043D3 ] C:\Windows\System32\netlogon.dll
18:07:15.0076 3916 C:\Windows\System32\netlogon.dll - ok
18:07:15.0079 3916 [ 1573C45E65DE32B1BC3572634F8F1E8E ] C:\Windows\System32\schannel.dll
18:07:15.0079 3916 C:\Windows\System32\schannel.dll - ok
18:07:15.0081 3916 [ E08088A97F95345E181C3DFCE2C615EF ] C:\Windows\System32\pku2u.dll
18:07:15.0082 3916 C:\Windows\System32\pku2u.dll - ok
18:07:15.0084 3916 [ 5D8874A8C11DDDDE29E12DE0E2013493 ] C:\Windows\System32\rsaenh.dll
18:07:15.0084 3916 C:\Windows\System32\rsaenh.dll - ok
18:07:15.0087 3916 [ 8A25506B6948EFBD5A7F37E53CCD36D9 ] C:\Windows\System32\TSpkg.dll
18:07:15.0087 3916 C:\Windows\System32\TSpkg.dll - ok
18:07:15.0090 3916 [ 95FB6CA4374E343DDD653FCC43F9D26B ] C:\Windows\System32\wdigest.dll
18:07:15.0090 3916 C:\Windows\System32\wdigest.dll - ok
18:07:15.0094 3916 [ D6C7780A364C6BBACFA796BAB9F1B374 ] C:\Windows\System32\bcryptprimitives.dll
18:07:15.0094 3916 C:\Windows\System32\bcryptprimitives.dll - ok
18:07:15.0096 3916 [ 52D3D5E3586988D4D9E34ACAAC33105C ] C:\Windows\System32\credssp.dll

18:07:15.0096 3916 C:\Windows\System32\credssp.dll - ok
18:07:15.0099 3916 [ 90BDEFC5DF334E5100EAA781D798DE1A ] C:\Windows\System32\efslsaext.dll
18:07:15.0099 3916 C:\Windows\System32\efslsaext.dll - ok
18:07:15.0102 3916 [ 7DBA64AD70C2E2481C68D9E0F7CD7840 ] C:\Windows\System32\LIVESSP.DLL
18:07:15.0102 3916 C:\Windows\System32\LIVESSP.DLL - ok
18:07:15.0106 3916 [ ED78427259134C63ED69804D2132B86C ] C:\Windows\System32\scecli.dll
18:07:15.0106 3916 C:\Windows\System32\scecli.dll - ok
18:07:15.0110 3916 [ 7CC7DF5B654DA579613F811D8C637E29 ] C:\Windows\System32\ubpm.dll
18:07:15.0110 3916 C:\Windows\System32\ubpm.dll - ok
18:07:15.0113 3916 [ E6EB44ABAAF1F330119F854856C53EBE ] C:\Windows\System32\SPInf.dll
18:07:15.0113 3916 C:\Windows\System32\SPInf.dll - ok
18:07:15.0115 3916 [ 6F68F63794097E54F36474ED4384B759 ] C:\Windows\System32\svchost.exe
18:07:15.0115 3916 C:\Windows\System32\svchost.exe - ok
18:07:15.0118 3916 [ 25FBDEF06C4D92815B353F6E792C8129 ] C:\Windows\System32\umpnpmgr.dll
18:07:15.0118 3916 C:\Windows\System32\umpnpmgr.dll - ok
18:07:15.0121 3916 [ 0D9764D58C5EFD672B7184854B152E5E ] C:\Windows\System32\winsta.dll
18:07:15.0121 3916 C:\Windows\System32\winsta.dll - ok
18:07:15.0124 3916 [ CD1B5AD07E5F7FEF30E055DCC9E96180 ] C:\Windows\System32\devrtl.dll
18:07:15.0124 3916 C:\Windows\System32\devrtl.dll - ok
18:07:15.0127 3916 [ 9C9307C95671AC962F3D6EB3A4A89BAE ] C:\Windows\System32\gpapi.dll
18:07:15.0127 3916 C:\Windows\System32\gpapi.dll - ok
18:07:15.0130 3916 [ A2CCA4FB273E6050F17A0A416CFF2FCD ] C:\Windows\System32\umpo.dll
18:07:15.0130 3916 C:\Windows\System32\umpo.dll - ok
18:07:15.0132 3916 [ 7A17485DC7D8A7AC81321A42CD034519 ] C:\Windows\System32\userenv.dll
18:07:15.0133 3916 C:\Windows\System32\userenv.dll - ok
18:07:15.0135 3916 [ F6C011B46FAEEF33536B2E80F48B5CBE ] C:\Windows\System32\pcwum.dll
18:07:15.0135 3916 C:\Windows\System32\pcwum.dll - ok
18:07:15.0138 3916 [ 716175021BDA290504CE434273F666BC ] C:\Windows\System32\powrprof.dll
18:07:15.0138 3916 C:\Windows\System32\powrprof.dll - ok
18:07:15.0141 3916 [ 43D0F98E1D56CCDDB0D5254CFF7B356E ] C:\Windows\System32\drivers\luafv.sys
18:07:15.0141 3916 C:\Windows\System32\drivers\luafv.sys - ok
18:07:15.0144 3916 [ D3381DC54C34D79B22CEE0D65BA91B7C ] C:\Windows\System32\drivers\WUDFPf.sys
18:07:15.0144 3916 C:\Windows\System32\drivers\WUDFPf.sys - ok
18:07:15.0146 3916 [ 5C627D1B1138676C0A7AB2C2C190D123 ] C:\Windows\System32\rpcss.dll
18:07:15.0147 3916 C:\Windows\System32\rpcss.dll - ok
18:07:15.0149 3916 [ E4DC58CF7B3EA515AE917FF0D402A7BB ] C:\Windows\System32\RpcEpMap.dll
18:07:15.0149 3916 C:\Windows\System32\RpcEpMap.dll - ok
18:07:15.0152 3916 [ 31559F3244C6BC00A52030CAA83B6B91 ] C:\Windows\System32\WSHTCPIP.DLL
18:07:15.0152 3916 C:\Windows\System32\WSHTCPIP.DLL - ok
18:07:15.0155 3916 [ 267DE30D38FBB8ABB40DA0A395280215 ] C:\Program Files\Microsoft Security Client\MpSvc.dll
18:07:15.0155 3916 C:\Program Files\Microsoft Security Client\MpSvc.dll - ok
18:07:15.0158 3916 [ 59FAAF2C83C8169EA20F9E335E418907 ] C:\Program Files\Microsoft Security Client\MsMpEng.exe
18:07:15.0158 3916 C:\Program Files\Microsoft Security Client\MsMpEng.exe - ok
18:07:15.0161 3916 [ 9AD9E06F8656F296D91FAE8EE5B95A27 ] C:\Windows\System32\FirewallAPI.dll
18:07:15.0161 3916 C:\Windows\System32\FirewallAPI.dll - ok
18:07:15.0164 3916 [ 16E964ABF6D1E0F0CC7822FCA9BA754D ] C:\Windows\System32\wshqos.dll
18:07:15.0164 3916 C:\Windows\System32\wshqos.dll - ok
18:07:15.0167 3916 [ 27CE807EE1E61A30D136D2C59D4B1627 ] C:\Program Files\Microsoft Security Client\MpClient.dll
18:07:15.0167 3916 C:\Program Files\Microsoft Security Client\MpClient.dll - ok
18:07:15.0168 3916 [ 94E026870A55AAEAFF7853C1754091E9 ] C:\Windows\System32\version.dll
18:07:15.0169 3916 C:\Windows\System32\version.dll - ok
18:07:15.0171 3916 [ BD3674BE7FC9D8D3732C83E8499576ED ] C:\Windows\System32\wtsapi32.dll
18:07:15.0171 3916 C:\Windows\System32\wtsapi32.dll - ok
18:07:15.0174 3916 [ 948BF310B8AE0DA1821175FF027B3391 ] C:\Program Files\Microsoft Security Client\EppManifest.dll
18:07:15.0174 3916 C:\Program Files\Microsoft Security Client\EppManifest.dll - ok
18:07:15.0177 3916 [ 658744929D634AA782DD0DF17004C3AA ] C:\Program Files\Microsoft Security Client\MpRTP.dll
18:07:15.0177 3916 C:\Program Files\Microsoft Security Client\MpRTP.dll - ok
18:07:15.0180 3916 [ 1F4492FE41767CDB8B89D17655847CDD ] C:\Windows\System32\ntmarta.dll
18:07:15.0180 3916 C:\Windows\System32\ntmarta.dll - ok
18:07:15.0183 3916 [ 6011714C8C5C55CBFFAD24D61E879FBD ] C:\Windows\System32\wevtsvc.dll
18:07:15.0183 3916 C:\Windows\System32\wevtsvc.dll - ok
18:07:15.0186 3916 [ 077567CE3D35E129A984D707928D70F1 ] C:\Program Files\Microsoft Security Client\MsMpLics.dll
18:07:15.0186 3916 C:\Program Files\Microsoft Security Client\MsMpLics.dll - ok
18:07:15.0189 3916 [ 2E3FF871D8208A4D0C0020B97BC4C961 ] C:\Program Files\Microsoft Security Client\NisIpsPlugin.dll
18:07:15.0189 3916 C:\Program Files\Microsoft Security Client\NisIpsPlugin.dll - ok
18:07:15.0192 3916 [ 94C66EDEDCDB6A126880472F9A704D8E ] C:\Windows\System32\drivers\MpFilter.sys
18:07:15.0192 3916 C:\Windows\System32\drivers\MpFilter.sys - ok
18:07:15.0195 3916 [ F3D202F53A222D5F6944D459B73CF967 ] C:\Windows\System32\fltLib.dll
18:07:15.0195 3916 C:\Windows\System32\fltLib.dll - ok
18:07:15.0198 3916 [ 6A9B80CE5EC5AC8B870E5290CB4B00B8 ] C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{60434423-2823-4E6D-96E8-236601F21821}\mpengine.dll
18:07:15.0198 3916 C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{60434423-2823-4E6D-96E8-236601F21821}\mpengine.dll - ok
18:07:15.0201 3916 [ F23FEF6D569FCE88671949894A8BECF1 ] C:\Windows\System32\audiosrv.dll
18:07:15.0201 3916 C:\Windows\System32\audiosrv.dll - ok
18:07:15.0203 3916 [ 227E2C382A1E02F8D4965E664D3BBE43 ] C:\Windows\System32\MMDevAPI.dll
18:07:15.0203 3916 C:\Windows\System32\MMDevAPI.dll - ok
18:07:15.0206 3916 [ 53E83F1F6CF9D62F32801CF66D8352A8 ] C:\Windows\System32\profsvc.dll
18:07:15.0206 3916 C:\Windows\System32\profsvc.dll - ok
18:07:15.0209 3916 [ 78A1E65207484B7F8D3217507745F47C ] C:\Windows\System32\avrt.dll
18:07:15.0209 3916 C:\Windows\System32\avrt.dll - ok
18:07:15.0212 3916 [ E40E80D0304A73E8D269F7141D77250B ] C:\Windows\System32\mmcss.dll
18:07:15.0212 3916 C:\Windows\System32\mmcss.dll - ok
18:07:15.0214 3916 [ 5F28111C648F1E24F7DBC87CDEB091B8 ] C:\Windows\System32\netprofm.dll
18:07:15.0214 3916 C:\Windows\System32\netprofm.dll - ok
18:07:15.0217 3916 [ F06BB4E336EA57511FDBAFAFCC47DE62 ] C:\Windows\System32\propsys.dll
18:07:15.0217 3916 C:\Windows\System32\propsys.dll - ok
18:07:15.0220 3916 [ 4FADA86E62F18A1B2F42BA18AE24E6AA ] C:\Windows\System32\wlansvc.dll
18:07:15.0220 3916 C:\Windows\System32\wlansvc.dll - ok
18:07:15.0223 3916 [ 588CD0C78A7FAAE4186B5EEA0AF3ED67 ] C:\Windows\System32\adtschema.dll
18:07:15.0223 3916 C:\Windows\System32\adtschema.dll - ok
18:07:15.0226 3916 [ 50544D04AD845C43130B70212EC05CCD ] C:\Windows\System32\microsoft-windows-kernel-power-events.dll
18:07:15.0226 3916 C:\Windows\System32\microsoft-windows-kernel-power-events.dll - ok
18:07:15.0229 3916 [ 54FFC9C8898113ACE189D4AA7199D2C1 ] C:\Windows\System32\MPSSVC.dll
18:07:15.0229 3916 C:\Windows\System32\MPSSVC.dll - ok
18:07:15.0232 3916 [ DA6B67270FD9DB3697B20FCE94950741 ] C:\Windows\System32\drivers\fltMgr.sys
18:07:15.0232 3916 C:\Windows\System32\drivers\fltMgr.sys - ok
18:07:15.0235 3916 [ A3DB3C17EE6CAE65D53602B4E80BCCBC ] C:\Windows\System32\PSHED.DLL
18:07:15.0235 3916 C:\Windows\System32\PSHED.DLL - ok
18:07:15.0237 3916 [ 80E69670BDA10F32A941BA7358E33012 ] C:\Windows\System32\WUDFPlatform.dll
18:07:15.0237 3916 C:\Windows\System32\WUDFPlatform.dll - ok
18:07:15.0240 3916 [ B0945E538CF906BBDDC5A11C8EE868CC ] C:\Windows\System32\microsoft-windows-kernel-processor-power-events.dll
18:07:15.0240 3916 C:\Windows\System32\microsoft-windows-kernel-processor-power-events.dll - ok
18:07:15.0244 3916 [ D5CCA1453B98A5801E6D5FF0FF89DC6C ] C:\Windows\System32\audiodg.exe
18:07:15.0244 3916 C:\Windows\System32\audiodg.exe - ok
18:07:15.0248 3916 [ 277BBC7E1AA1EE957F573A10ECA7EF3A ] C:\Windows\System32\gpsvc.dll
18:07:15.0248 3916 C:\Windows\System32\gpsvc.dll - ok
18:07:15.0252 3916 [ 58775492FFD419248B08325E583C527F ] C:\Windows\System32\atl.dll
18:07:15.0252 3916 C:\Windows\System32\atl.dll - ok
18:07:15.0255 3916 [ A77BE7CB3222B4FB0AC6C71D1C2698D4 ] C:\Windows\System32\dsrole.dll
18:07:15.0255 3916 C:\Windows\System32\dsrole.dll - ok
18:07:15.0258 3916 [ 2DF36F15B2BC1571A6A542A3C2107920 ] C:\Windows\System32\nlaapi.dll
18:07:15.0258 3916 C:\Windows\System32\nlaapi.dll - ok
18:07:15.0261 3916 [ F0344071948D1A1FA732231785A0664C ] C:\Windows\System32\themeservice.dll
18:07:15.0261 3916 C:\Windows\System32\themeservice.dll - ok
18:07:15.0264 3916 [ 4166F82BE4D24938977DD1746BE9B8A0 ] C:\Windows\System32\es.dll
18:07:15.0264 3916 C:\Windows\System32\es.dll - ok
18:07:15.0267 3916 [ BE097F5BB10F9079FCEB2DC4E7E20F02 ] C:\Windows\System32\slc.dll
18:07:15.0267 3916 C:\Windows\System32\slc.dll - ok
18:07:15.0269 3916 [ 1A47D52E303B7543E4E6026595B95422 ] C:\Windows\System32\comres.dll
18:07:15.0269 3916 C:\Windows\System32\comres.dll - ok
18:07:15.0272 3916 [ C32AB8FA018EF34C0F113BD501436D21 ] C:\Windows\System32\Sens.dll
18:07:15.0272 3916 C:\Windows\System32\Sens.dll - ok
18:07:15.0275 3916 [ EDBB23CBCF2CDF727D64FF9B51A6070E ] C:\Windows\System32\uxsms.dll
18:07:15.0275 3916 C:\Windows\System32\uxsms.dll - ok
18:07:15.0278 3916 [ 7A95C95B6C4CF292D689106BCAE49543 ] C:\Windows\System32\WUDFSvc.dll
18:07:15.0278 3916 C:\Windows\System32\WUDFSvc.dll - ok
18:07:15.0281 3916 [ 1538831CF8AD2979A04C423779465827 ] C:\Windows\System32\drivers\lltdio.sys
18:07:15.0281 3916 C:\Windows\System32\drivers\lltdio.sys - ok
18:07:15.0284 3916 [ 136185F9FB2CC61E573E676AA5402356 ] C:\Windows\System32\drivers\ndisuio.sys
18:07:15.0284 3916 C:\Windows\System32\drivers\ndisuio.sys - ok
18:07:15.0286 3916 [ 1EA3749C4114DB3E3161156FFFFA6B33 ] C:\Windows\System32\drivers\nwifi.sys
18:07:15.0286 3916 C:\Windows\System32\drivers\nwifi.sys - ok
18:07:15.0289 3916 [ 43D808F5D9E1A18E5EEB5EBC83969E4E ] C:\Windows\System32\dhcpcore.dll
18:07:15.0289 3916 C:\Windows\System32\dhcpcore.dll - ok
18:07:15.0292 3916 [ 71C7B65B6557B75B99907E76956AE4B8 ] C:\Windows\System32\dhcpcore6.dll
18:07:15.0292 3916 C:\Windows\System32\dhcpcore6.dll - ok
18:07:15.0295 3916 [ DDC86E4F8E7456261E637E3552E804FF ] C:\Windows\System32\drivers\rspndr.sys
18:07:15.0295 3916 C:\Windows\System32\drivers\rspndr.sys - ok
18:07:15.0298 3916 [ 2B81776DA02017A37FE26C662827470E ] C:\Windows\System32\IPHLPAPI.DLL
18:07:15.0298 3916 C:\Windows\System32\IPHLPAPI.DLL - ok
18:07:15.0301 3916 [ F993A32249B66C9D622EA5592A8B76B8 ] C:\Windows\System32\lmhsvc.dll
18:07:15.0301 3916 C:\Windows\System32\lmhsvc.dll - ok
18:07:15.0303 3916 [ B73A6E4B319AFFE64582AC5C1801BB3F ] C:\Windows\System32\nrpsrv.dll
18:07:15.0303 3916 C:\Windows\System32\nrpsrv.dll - ok
18:07:15.0306 3916 [ D54BFDF3E0C953F823B3D0BFE4732528 ] C:\Windows\System32\nsisvc.dll
18:07:15.0306 3916 C:\Windows\System32\nsisvc.dll - ok
18:07:15.0309 3916 [ 4C9210E8F4E052F6A4EB87716DA0C24C ] C:\Windows\System32\winnsi.dll
18:07:15.0309 3916 C:\Windows\System32\winnsi.dll - ok
18:07:15.0312 3916 [ 885D0942E0F28DB90919BE3129ECF279 ] C:\Windows\System32\dnsext.dll
18:07:15.0312 3916 C:\Windows\System32\dnsext.dll - ok
18:07:15.0314 3916 [ 16835866AAA693C7D7FCEBA8FFF706E4 ] C:\Windows\System32\dnsrslvr.dll
18:07:15.0314 3916 C:\Windows\System32\dnsrslvr.dll - ok
18:07:15.0317 3916 [ 87356377F31DA5F20A833811CD59499C ] C:\Windows\System32\eapphost.dll
18:07:15.0317 3916 C:\Windows\System32\eapphost.dll - ok
18:07:15.0320 3916 [ E2DDA8726DA9CB5B2C4000C9018A9633 ] C:\Windows\System32\eapsvc.dll
18:07:15.0320 3916 C:\Windows\System32\eapsvc.dll - ok
18:07:15.0323 3916 [ 0040C486584A8E582C861CFB57AB5387 ] C:\Windows\System32\FWPUCLNT.DLL
18:07:15.0323 3916 C:\Windows\System32\FWPUCLNT.DLL - ok
18:07:15.0326 3916 [ F9EC845C5EECF20E9A67F9F805F2EF1F ] C:\Windows\System32\keyiso.dll
18:07:15.0326 3916 C:\Windows\System32\keyiso.dll - ok
18:07:15.0329 3916 [ F568F7C08458D69E4FCD8675BBB107E4 ] C:\Windows\System32\dhcpcsvc.dll
18:07:15.0329 3916 C:\Windows\System32\dhcpcsvc.dll - ok
18:07:15.0333 3916 [ 4CBCC37856EA2039C27A2FB661DDA0E5 ] C:\Windows\System32\dhcpcsvc6.dll
18:07:15.0333 3916 C:\Windows\System32\dhcpcsvc6.dll - ok
18:07:15.0337 3916 [ 9FCA3A84338ADEF2AFF67CDA46EF8539 ] C:\Windows\System32\umb.dll
18:07:15.0337 3916 C:\Windows\System32\umb.dll - ok
18:07:15.0339 3916 [ A648C4A06DE367065B24056D067B4460 ] C:\Windows\System32\wlanmsm.dll
18:07:15.0339 3916 C:\Windows\System32\wlanmsm.dll - ok
18:07:15.0342 3916 [ 06A1386B6E3A0CBC368665C1840906F4 ] C:\Windows\System32\wlansec.dll
18:07:15.0343 3916 C:\Windows\System32\wlansec.dll - ok
18:07:15.0345 3916 [ 0D753307D274F3688BD21C377B616700 ] C:\Windows\System32\eappcfg.dll
18:07:15.0345 3916 C:\Windows\System32\eappcfg.dll - ok
18:07:15.0348 3916 [ 65522E77A1360DBC8D199DA3BF5EFFE4 ] C:\Windows\System32\eappprxy.dll
18:07:15.0348 3916 C:\Windows\System32\eappprxy.dll - ok
18:07:15.0351 3916 [ 97E43F324BE1503CB2FFB058534688DA ] C:\Windows\System32\l2gpstore.dll
18:07:15.0351 3916 C:\Windows\System32\l2gpstore.dll - ok
18:07:15.0353 3916 [ 73FCB7919DEE80EE556F2E498594EBAE ] C:\Windows\System32\onex.dll
18:07:15.0354 3916 C:\Windows\System32\onex.dll - ok
18:07:15.0356 3916 [ 7D5645EE0EA77D539828433D9B95F5EB ] C:\Windows\System32\WinSCard.dll
18:07:15.0356 3916 C:\Windows\System32\WinSCard.dll - ok
18:07:15.0359 3916 [ 7F1B4C6FF3B85F9ADF74055187B8A22C ] C:\Windows\System32\wlanutil.dll
18:07:15.0359 3916 C:\Windows\System32\wlanutil.dll - ok
18:07:15.0362 3916 [ 730BF204A595D5B6D7DC57A247CC741C ] C:\Windows\System32\wlgpclnt.dll
18:07:15.0362 3916 C:\Windows\System32\wlgpclnt.dll - ok
18:07:15.0365 3916 [ 4FFDE68C4B7C9993FA551E7E36DDB34D ] C:\Windows\System32\msxml6.dll
18:07:15.0365 3916 C:\Windows\System32\msxml6.dll - ok
18:07:15.0367 3916 [ 1151B1BAA6F350B1DB6598E0FEA7C457 ] C:\Windows\System32\winlogon.exe
18:07:15.0367 3916 C:\Windows\System32\winlogon.exe - ok
18:07:15.0370 3916 [ 262F6592C3299C005FD6BEC90FC4463A ] C:\Windows\System32\schedsvc.dll
18:07:15.0370 3916 C:\Windows\System32\schedsvc.dll - ok
18:07:15.0373 3916 [ AAF932B4011D14052955D4B212A4DA8D ] C:\Windows\System32\shsvcs.dll
18:07:15.0373 3916 C:\Windows\System32\shsvcs.dll - ok
18:07:15.0376 3916 [ 448BF22538F1DFCB3412AE2B1CF123A9 ] C:\Windows\System32\conhost.exe
18:07:15.0376 3916 C:\Windows\System32\conhost.exe - ok
18:07:15.0379 3916 [ BC414631876B2F28B8DAB08E849C12C5 ] C:\Windows\System32\ktmw32.dll
18:07:15.0379 3916 C:\Windows\System32\ktmw32.dll - ok
18:07:15.0382 3916 [ EEEA40F0EDB0A6E5359E539E15D0BC77 ] C:\Windows\System32\netapi32.dll
18:07:15.0382 3916 C:\Windows\System32\netapi32.dll - ok
18:07:15.0385 3916 [ 6CECA4C6A489C9B2E6073AFDAAE3F607 ] C:\Windows\System32\netutils.dll
18:07:15.0385 3916 C:\Windows\System32\netutils.dll - ok
18:07:15.0389 3916 [ 3C91392D448F6E5D525A85B7550D8BA9 ] C:\Windows\System32\wkscli.dll
18:07:15.0389 3916 C:\Windows\System32\wkscli.dll - ok
18:07:15.0392 3916 [ 43FAB56AE5F639AD59D7209693F4C4C2 ] C:\Windows\System32\wlanext.exe
18:07:15.0392 3916 C:\Windows\System32\wlanext.exe - ok
18:07:15.0395 3916 [ 6F8B48F3D343E4B186AB6A9E302B7E16 ] C:\Windows\System32\xmllite.dll
18:07:15.0395 3916 C:\Windows\System32\xmllite.dll - ok
18:07:15.0398 3916 [ 65AED587868B915827220B3190DBBFA9 ] C:\Windows\System32\iwmssvc.dll
18:07:15.0398 3916 C:\Windows\System32\iwmssvc.dll - ok
18:07:15.0401 3916 [ 7595386AFBA54A95AFF3BDD3FA5FFC48 ] C:\Windows\System32\mfc100.dll
18:07:15.0401 3916 C:\Windows\System32\mfc100.dll - ok
18:07:15.0404 3916 [ 366FD6F3A451351B5DF2D7C4ECF4C73A ] C:\Windows\System32\msvcr100.dll
18:07:15.0404 3916 C:\Windows\System32\msvcr100.dll - ok
18:07:15.0407 3916 [ E424B3EF666B184CEE0B6871AAA8C9F6 ] C:\Windows\System32\msimg32.dll
18:07:15.0407 3916 C:\Windows\System32\msimg32.dll - ok
18:07:15.0410 3916 [ D029339C0F59CF662094EDDF8C42B2B5 ] C:\Windows\System32\msvcp100.dll
18:07:15.0410 3916 C:\Windows\System32\msvcp100.dll - ok
18:07:15.0413 3916 [ 14DFDEAF4E589ED3F1FF187A86B9408C ] C:\Windows\winsxs\amd64_microsoft.windows.common-controls_6595b64144ccf1df_5.82.7601.17514_none_a4d6a923711520a9\comctl32.dll
18:07:15.0413 3916 C:\Windows\winsxs\amd64_microsoft.windows.common-controls_6595b64144ccf1df_5.82.7601.17514_none_a4d6a923711520a9\comctl32.dll - ok
18:07:15.0416 3916 [ 5203BA7F91EE2E113BB5C6AE1816E704 ] C:\Program Files\Common Files\Intel\WirelessCommon\libeay32.dll
18:07:15.0416 3916 C:\Program Files\Common Files\Intel\WirelessCommon\libeay32.dll - ok
18:07:15.0419 3916 [ DA1B7075260F3872585BFCDD668C648B ] C:\Windows\System32\dwmapi.dll
18:07:15.0419 3916 C:\Windows\System32\dwmapi.dll - ok
18:07:15.0423 3916 [ 5E2F28A979A0CE9B43F1815A593617C5 ] C:\Windows\System32\mfc100enu.dll
18:07:15.0423 3916 C:\Windows\System32\mfc100enu.dll - ok
18:07:15.0426 3916 [ 6DC4A7242F565C9E9C9CCC7BB0FA75C7 ] C:\Windows\System32\taskcomp.dll
18:07:15.0426 3916 C:\Windows\System32\taskcomp.dll - ok
18:07:15.0429 3916 [ D29E998E8277666982B4F0303BF4E7AF ] C:\Windows\System32\uxtheme.dll
18:07:15.0429 3916 C:\Windows\System32\uxtheme.dll - ok
18:07:15.0432 3916 [ 357BE883C5236BFC7341CB9E82308908 ] C:\Windows\System32\wlanapi.dll
18:07:15.0432 3916 C:\Windows\System32\wlanapi.dll - ok
18:07:15.0435 3916 [ 5AAE14EB993861876693679941CB9E9C ] C:\Program Files\Common Files\Intel\WirelessCommon\PsRegApi.dll
18:07:15.0435 3916 C:\Program Files\Common Files\Intel\WirelessCommon\PsRegApi.dll - ok
18:07:15.0438 3916 [ 46E47F953CF1085AC91504F16A3B1E42 ] C:\Program Files\Common Files\Intel\WirelessCommon\TraceAPI.dll
18:07:15.0438 3916 C:\Program Files\Common Files\Intel\WirelessCommon\TraceAPI.dll - ok
18:07:15.0441 3916 [ 2B84AFE861815796C744823CC6A912F1 ] C:\Program Files\Intel\WiFi\bin\KmmdlPlugins\ccxplugin.dll
18:07:15.0441 3916 C:\Program Files\Intel\WiFi\bin\KmmdlPlugins\ccxplugin.dll - ok
18:07:15.0444 3916 [ 0EA7DE1ACB728DD5A369FD742D6EEE28 ] C:\Windows\System32\drivers\http.sys
18:07:15.0444 3916 C:\Windows\System32\drivers\http.sys - ok
18:07:15.0448 3916 [ 715F03B4C7223349768013EA95D9E5B7 ] C:\Windows\System32\LogonUI.exe
18:07:15.0448 3916 C:\Windows\System32\LogonUI.exe - ok
18:07:15.0452 3916 [ 85DAA09A98C9286D4EA2BA8D0E644377 ] C:\Windows\System32\spoolsv.exe
18:07:15.0452 3916 C:\Windows\System32\spoolsv.exe - ok
18:07:15.0455 3916 [ 0BEE002C68E28CE6DA161DCF1376D7D7 ] C:\Windows\System32\authui.dll
18:07:15.0455 3916 C:\Windows\System32\authui.dll - ok
18:07:15.0458 3916 [ B3BFBD758506ECB50C5804AAA76318F9 ] C:\Windows\System32\cryptui.dll
18:07:15.0458 3916 C:\Windows\System32\cryptui.dll - ok
18:07:15.0462 3916 [ 2827B4E4943E51C9389A402B141F8DD0 ] C:\Program Files\Intel\WiFi\bin\KmmdlPlugins\IHVWPSPlugin.dll
18:07:15.0462 3916 C:\Program Files\Intel\WiFi\bin\KmmdlPlugins\IHVWPSPlugin.dll - ok
18:07:15.0466 3916 [ 7FA8FDC2C2A27817FD0F624E78D3B50C ] C:\Windows\winsxs\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac\comctl32.dll
18:07:15.0466 3916 C:\Windows\winsxs\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac\comctl32.dll - ok
18:07:15.0469 3916 [ 82974D6A2FD19445CC5171FC378668A4 ] C:\Windows\System32\BFE.DLL
18:07:15.0469 3916 C:\Windows\System32\BFE.DLL - ok
18:07:15.0471 3916 [ CF636C92B762B26F0B39B38E92380A09 ] C:\Windows\System32\oleacc.dll
18:07:15.0471 3916 C:\Windows\System32\oleacc.dll - ok
18:07:15.0474 3916 [ 5B3EBFC3DA142324B388DDCC4465E1FF ] C:\Windows\System32\samlib.dll
18:07:15.0474 3916 C:\Windows\System32\samlib.dll - ok
18:07:15.0477 3916 [ 4E9C2DB10F7E6AE91BF761139D4B745B ] C:\Windows\System32\shacct.dll
18:07:15.0477 3916 C:\Windows\System32\shacct.dll - ok
18:07:15.0480 3916 [ 0015ACFBBDD164A8A730009908868CA7 ] C:\Windows\System32\winspool.drv
18:07:15.0480 3916 C:\Windows\System32\winspool.drv - ok
18:07:15.0483 3916 [ 179E8401224D557ECFF3695F2016EA5B ] C:\Windows\winsxs\amd64_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.17825_none_2b253c8271ec7765\GdiPlus.dll
18:07:15.0483 3916 C:\Windows\winsxs\amd64_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.17825_none_2b253c8271ec7765\GdiPlus.dll - ok
18:07:15.0486 3916 [ 3CB6A7286422C72C34DAB54A5DFF1A34 ] C:\Windows\System32\dui70.dll
18:07:15.0486 3916 C:\Windows\System32\dui70.dll - ok
18:07:15.0489 3916 [ EF2AE43BCD46ABB13FC3E5B2B1935C73 ] C:\Windows\System32\winmm.dll
18:07:15.0489 3916 C:\Windows\System32\winmm.dll - ok
18:07:15.0492 3916 [ 8CCDE014A4CDF84564E03ACE064CA753 ] C:\Windows\System32\duser.dll
18:07:15.0492 3916 C:\Windows\System32\duser.dll - ok
18:07:15.0495 3916 [ 0665D3D242FE8C1E8D3B0F70DF2A42DD ] C:\Program Files\Intel\WiFi\bin\KmmdlPlugins\P2PSupplicantPlugin.dll
18:07:15.0495 3916 C:\Program Files\Intel\WiFi\bin\KmmdlPlugins\P2PSupplicantPlugin.dll - ok
18:07:15.0497 3916 [ 896F15A6434D93EDB42519D5E18E6B50 ] C:\Windows\System32\hid.dll
18:07:15.0498 3916 C:\Windows\System32\hid.dll - ok
18:07:15.0500 3916 [ 8560FFFC8EB3A806DCD4F82252CFC8C6 ] C:\Windows\System32\ksuser.dll
18:07:15.0500 3916 C:\Windows\System32\ksuser.dll - ok
18:07:15.0504 3916 [ D7F1EF374A90709B31591823B002F918 ] C:\Windows\System32\SndVolSSO.dll
18:07:15.0504 3916 C:\Windows\System32\SndVolSSO.dll - ok
18:07:15.0508 3916 [ 1473768973453DE50DC738C2955FC4DD ] C:\Windows\System32\wdmaud.drv
18:07:15.0508 3916 C:\Windows\System32\wdmaud.drv - ok
18:07:15.0511 3916 [ 6461B344CDA2AD3026036167EF73CC98 ] C:\Program Files\Intel\WiFi\bin\KmmdlPlugins\PanAuthenticator.dll
18:07:15.0511 3916 C:\Program Files\Intel\WiFi\bin\KmmdlPlugins\PanAuthenticator.dll - ok
18:07:15.0514 3916 [ 26B73A85855681500BCC25C7CD9FF5B1 ] C:\Windows\System32\WindowsCodecs.dll
18:07:15.0514 3916 C:\Windows\System32\WindowsCodecs.dll - ok
18:07:15.0517 3916 [ DC220AE6F64819099F7EBD6F137E32E7 ] C:\Windows\System32\AudioSes.dll
18:07:15.0517 3916 C:\Windows\System32\AudioSes.dll - ok
18:07:15.0520 3916 [ CA2A0750ED830678997695FF61B04C30 ] C:\Windows\System32\midimap.dll
18:07:15.0520 3916 C:\Windows\System32\midimap.dll - ok
18:07:15.0522 3916 [ 10AC5CE9F78DC281A1BBD9B8CC587B8A ] C:\Windows\System32\msacm32.dll
18:07:15.0523 3916 C:\Windows\System32\msacm32.dll - ok
18:07:15.0526 3916 [ 1B7C3A37362C7B2890168C5FC61C8D9B ] C:\Windows\System32\msacm32.drv
18:07:15.0526 3916 C:\Windows\System32\msacm32.drv - ok
18:07:15.0529 3916 [ 5EDBB34736DD7AC1A73CF8792A835E10 ] C:\Windows\System32\AudioEng.dll
18:07:15.0529 3916 C:\Windows\System32\AudioEng.dll - ok
18:07:15.0531 3916 [ 6C02A83164F5CC0A262F4199F0871CF5 ] C:\Windows\System32\drivers\bowser.sys
18:07:15.0532 3916 C:\Windows\System32\drivers\bowser.sys - ok
18:07:15.0534 3916 [ 6C38C9E45AE0EA2FA5E551F2ED5E978F ] C:\Windows\System32\drivers\mpsdrv.sys
18:07:15.0534 3916 C:\Windows\System32\drivers\mpsdrv.sys - ok
18:07:15.0537 3916 [ A5D9106A73DC88564C825D317CAC68AC ] C:\Windows\System32\drivers\mrxsmb.sys
18:07:15.0537 3916 C:\Windows\System32\drivers\mrxsmb.sys - ok
18:07:15.0542 3916 [ C1395286B822E306B4FE1568A8A77813 ] C:\Windows\System32\AUDIOKSE.dll
18:07:15.0542 3916 C:\Windows\System32\AUDIOKSE.dll - ok
18:07:15.0545 3916 [ D711B3C1D5F42C0C2415687BE09FC163 ] C:\Windows\System32\drivers\mrxsmb10.sys
18:07:15.0545 3916 C:\Windows\System32\drivers\mrxsmb10.sys - ok
18:07:15.0547 3916 [ 9423E9D355C8D303E76B8CFBD8A5C30C ] C:\Windows\System32\drivers\mrxsmb20.sys
18:07:15.0547 3916 C:\Windows\System32\drivers\mrxsmb20.sys - ok
18:07:15.0550 3916 [ D1E457E70C5DF4A102F440AE8B4E547B ] C:\Windows\System32\RtkAPO64.dll
18:07:15.0550 3916 C:\Windows\System32\RtkAPO64.dll - ok
18:07:15.0553 3916 [ 4F5414602E2544A4554D95517948B705 ] C:\Windows\System32\cryptsvc.dll
18:07:15.0553 3916 C:\Windows\System32\cryptsvc.dll - ok
18:07:15.0556 3916 [ 851A1382EED3E3A7476DB004F4EE3E1A ] C:\Windows\System32\wkssvc.dll
18:07:15.0556 3916 C:\Windows\System32\wkssvc.dll - ok
18:07:15.0559 3916 [ 23D401A43DADED10A153B9F3A7E66C91 ] C:\Program Files\Intel\WiFi\bin\EvtEng.exe
18:07:15.0559 3916 C:\Program Files\Intel\WiFi\bin\EvtEng.exe - ok
18:07:15.0561 3916 [ 1D817D77C8EB600AB311AAC8E68B5A1A ] C:\Windows\System32\cryptnet.dll
18:07:15.0562 3916 C:\Windows\System32\cryptnet.dll - ok
18:07:15.0564 3916 [ B26F4F737E8F9DF4F31AF6CF31D05820 ] C:\Windows\System32\dps.dll
18:07:15.0564 3916 C:\Windows\System32\dps.dll - ok
18:07:15.0567 3916 [ BAAFAF9CEAEC0B73C2A3550A01F6CECB ] C:\Windows\System32\taskschd.dll
18:07:15.0567 3916 C:\Windows\System32\taskschd.dll - ok
18:07:15.0571 3916 [ 0E2F58F6E698EDCB9E58FAD0CBCD0567 ] C:\Windows\System32\vssapi.dll
18:07:15.0571 3916 C:\Windows\System32\vssapi.dll - ok
18:07:15.0575 3916 [ FAEE7CE324559FCDBAE94E38C2A99806 ] C:\Program Files\Intel\WiFi\bin\MurocApi.dll
18:07:15.0575 3916 C:\Program Files\Intel\WiFi\bin\MurocApi.dll - ok
18:07:15.0578 3916 [ FC51229C7D4AFA0D6F186133728B95AB ] C:\Windows\System32\samcli.dll
18:07:15.0578 3916 C:\Windows\System32\samcli.dll - ok
18:07:15.0580 3916 [ 287923557447D7E4BDD7E65B1F0F5428 ] C:\Windows\System32\vsstrace.dll
18:07:15.0581 3916 C:\Windows\System32\vsstrace.dll - ok
18:07:15.0585 3916 [ 9F2BACD5E1776A4BB7CC0EC3C3A4F96D ] C:\Windows\System32\winbrand.dll
18:07:15.0585 3916 C:\Windows\System32\winbrand.dll - ok
18:07:15.0589 3916 [ 6B3B98E116B175FEDC4AFA343E3C5DBE ] C:\Program Files (x86)\Toshiba\Bluetooth Toshiba Stack\TosBtCp.dll
18:07:15.0589 3916 C:\Program Files (x86)\Toshiba\Bluetooth Toshiba Stack\TosBtCp.dll - ok
18:07:15.0593 3916 [ CA2985996BB49924B677113DF95CFEA7 ] C:\Windows\System32\SmartcardCredentialProvider.dll
18:07:15.0593 3916 C:\Windows\System32\SmartcardCredentialProvider.dll - ok
18:07:15.0596 3916 [ C2762A57DF0EE85E63CE4893C5215313 ] C:\Windows\System32\VaultCredProvider.dll
18:07:15.0596 3916 C:\Windows\System32\VaultCredProvider.dll - ok
18:07:15.0598 3916 [ C67F8A962B2534224D5908D16D2AD3CE ] C:\Windows\System32\wfapigp.dll
18:07:15.0598 3916 C:\Windows\System32\wfapigp.dll - ok
18:07:15.0601 3916 [ BF352E73615F5461AA6884472435A544 ] C:\Windows\System32\BioCredProv.dll
18:07:15.0601 3916 C:\Windows\System32\BioCredProv.dll - ok
18:07:15.0604 3916 [ CC0AB40F02D2C2A12209715A3C1B07B8 ] C:\Windows\System32\credui.dll
18:07:15.0604 3916 C:\Windows\System32\credui.dll - ok
18:07:15.0607 3916 [ 796B8123A7859AFD3A4AE10514DBAEB5 ] C:\Windows\System32\winbio.dll
18:07:15.0607 3916 C:\Windows\System32\winbio.dll - ok
18:07:15.0610 3916 [ 2AC6029D934225F6C91F86FA8A81D6AB ] C:\Program Files\TOSHIBA\SmartFaceV\SmartFaceVCP.dll
18:07:15.0610 3916 C:\Program Files\TOSHIBA\SmartFaceV\SmartFaceVCP.dll - ok
18:07:15.0613 3916 [ 44B9C66177651F3F53C87B665D58D17A ] C:\Windows\System32\vaultcli.dll
18:07:15.0613 3916 C:\Windows\System32\vaultcli.dll - ok
18:07:15.0617 3916 [ 87C1629EC2743FE752B6089C29ADEE5C ] C:\Program Files\TOSHIBA\SmartFaceV\SmartFaceVHelper.dll
18:07:15.0617 3916 C:\Program Files\TOSHIBA\SmartFaceV\SmartFaceVHelper.dll - ok
18:07:15.0620 3916 [ 6F3C559B82F2912354BE5B098744CC8C ] C:\Windows\System32\WMALFXGFXDSP.dll
18:07:15.0620 3916 C:\Windows\System32\WMALFXGFXDSP.dll - ok
18:07:15.0625 3916 [ 7AE92C896AF9ABFBDB18C1D055B6EBA7 ] C:\Windows\winsxs\amd64_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.4940_none_88df89932faf0bf6\msvcp80.dll
18:07:15.0625 3916 C:\Windows\winsxs\amd64_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.4940_none_88df89932faf0bf6\msvcp80.dll - ok
18:07:15.0629 3916 [ A816817974BABB5BA18AAD3B296CCA03 ] C:\Program Files\Intel\WiFi\bin\iWrap.exe
18:07:15.0629 3916 C:\Program Files\Intel\WiFi\bin\iWrap.exe - ok
18:07:15.0632 3916 [ 9AE75388EE2C110216B8319584E8AC34 ] C:\Program Files\TOSHIBA\SmartFaceV\SmartFaceVCtrl.dll
18:07:15.0632 3916 C:\Program Files\TOSHIBA\SmartFaceV\SmartFaceVCtrl.dll - ok
18:07:15.0635 3916 [ 802496CB59A30349F9A6DD22D6947644 ] C:\Windows\System32\FDResPub.dll
18:07:15.0635 3916 C:\Windows\System32\FDResPub.dll - ok
18:07:15.0638 3916 [ FCD84C381E0140AF901E58D48882D26B ] C:\Windows\System32\IKEEXT.DLL
18:07:15.0638 3916 C:\Windows\System32\IKEEXT.DLL - ok
18:07:15.0641 3916 [ F1B205F932F62F94506A5F332C895DAF ] C:\Windows\System32\WSDApi.dll
18:07:15.0641 3916 C:\Windows\System32\WSDApi.dll - ok
18:07:15.0644 3916 [ 06A754FE28A06F780A099703CFCAAA22 ] C:\Windows\winsxs\amd64_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.4940_none_88df89932faf0bf6\msvcr80.dll
18:07:15.0644 3916 C:\Windows\winsxs\amd64_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.4940_none_88df89932faf0bf6\msvcr80.dll - ok
18:07:15.0647 3916 [ 832CE330DD987227B7DEA8C03F22AEFA ] C:\Program Files\Intel\iCLS Client\HeciServer.exe
18:07:15.0647 3916 C:\Program Files\Intel\iCLS Client\HeciServer.exe - ok
18:07:15.0650 3916 [ 2A9238A326763122424E07EF320D5D3A ] C:\Program Files\TOSHIBA\SmartFaceV\FaceRec.dll
18:07:15.0650 3916 C:\Program Files\TOSHIBA\SmartFaceV\FaceRec.dll - ok
18:07:15.0653 3916 [ 54B5DCD55B223BC5DF50B82E1E9E86B1 ] C:\Windows\System32\mfplat.dll
18:07:15.0653 3916 C:\Windows\System32\mfplat.dll - ok
18:07:15.0656 3916 [ 1834B31C749B86DAC233BBBA1C03BC48 ] C:\Windows\System32\mscms.dll
18:07:15.0656 3916 C:\Windows\System32\mscms.dll - ok
18:07:15.0659 3916 [ 3AEAA8B561E63452C655DC0584922257 ] C:\Windows\System32\pcasvc.dll
18:07:15.0659 3916 C:\Windows\System32\pcasvc.dll - ok
18:07:15.0662 3916 [ C55516D98DD5D8F0153C2A9B4227DA86 ] C:\Windows\System32\webservices.dll
18:07:15.0662 3916 C:\Windows\System32\webservices.dll - ok
18:07:15.0666 3916 [ B5055B51BAA0FD0A736A88653DA3C1C0 ] C:\Windows\System32\fundisc.dll
18:07:15.0666 3916 C:\Windows\System32\fundisc.dll - ok
18:07:15.0668 3916 [ 6313F223E817CC09AA41811DAA7F541D ] C:\Windows\System32\snmptrap.exe
18:07:15.0668 3916 C:\Windows\System32\snmptrap.exe - ok
18:07:15.0673 3916 [ 8CDDFE6410C5E1A79C22D8CBA9732A1A ] C:\Windows\System32\SRSLabs\{176F4E15-8F7C-4833-ADED-81FAE8CCD186}\sluapo64.dll
18:07:15.0673 3916 C:\Windows\System32\SRSLabs\{176F4E15-8F7C-4833-ADED-81FAE8CCD186}\sluapo64.dll - ok
18:07:15.0677 3916 [ 91175B7E997CFAC64F271A15B4217BC7 ] C:\Program Files\TOSHIBA\SmartFaceV\FaceHI.dll
18:07:15.0677 3916 C:\Program Files\TOSHIBA\SmartFaceV\FaceHI.dll - ok
18:07:15.0679 3916 [ 558C42D165DB5799B4072DC0A9C27C0B ] C:\Windows\System32\msdmo.dll
18:07:15.0679 3916 C:\Windows\System32\msdmo.dll - ok
18:07:15.0682 3916 [ F6B2CCCC8AB705ECCB8DECCB32AAF755 ] C:\Windows\System32\SRSLabs\{176F4E15-8F7C-4833-ADED-81FAE8CCD186}\slcc3d64.dll
18:07:15.0683 3916 C:\Windows\System32\SRSLabs\{176F4E15-8F7C-4833-ADED-81FAE8CCD186}\slcc3d64.dll - ok
18:07:15.0686 3916 [ 14A20B658146B618F5241B479F8BDBAC ] C:\Windows\System32\SRSLabs\{176F4E15-8F7C-4833-ADED-81FAE8CCD186}\slcshp64.dll
18:07:15.0686 3916 C:\Windows\System32\SRSLabs\{176F4E15-8F7C-4833-ADED-81FAE8CCD186}\slcshp64.dll - ok
18:07:15.0690 3916 [ 10EAB90C1AE8271B5FE5A8930987EE5C ] C:\Program Files\Windows Live\Mesh\WLRemoteServiceResource.dll
18:07:15.0691 3916 C:\Program Files\Windows Live\Mesh\WLRemoteServiceResource.dll - ok
18:07:15.0694 3916 [ 12EA00E820F215D1C0944A72EF2E4F58 ] C:\Windows\System32\SRSLabs\{176F4E15-8F7C-4833-ADED-81FAE8CCD186}\slcsii64.dll
18:07:15.0694 3916 C:\Windows\System32\SRSLabs\{176F4E15-8F7C-4833-ADED-81FAE8CCD186}\slcsii64.dll - ok
18:07:15.0697 3916 [ 41E4DE6158DC06CFF1FD352B364E59A9 ] C:\Windows\System32\SRSLabs\{176F4E15-8F7C-4833-ADED-81FAE8CCD186}\slgeq64.dll
18:07:15.0697 3916 C:\Windows\System32\SRSLabs\{176F4E15-8F7C-4833-ADED-81FAE8CCD186}\slgeq64.dll - ok
18:07:15.0700 3916 [ 77B5035BC6EDF4D1B6265391AECEE4C0 ] C:\Windows\System32\vpnikeapi.dll
18:07:15.0700 3916 C:\Windows\System32\vpnikeapi.dll - ok
18:07:15.0703 3916 [ 896AA2F1D79662B17D5DBBE588E24E30 ] C:\Program Files (x86)\Intel\Intel® Management Engine Components\FWService\IntelMeFWService.exe
18:07:15.0703 3916 C:\Program Files (x86)\Intel\Intel® Management Engine Components\FWService\IntelMeFWService.exe - ok
18:07:15.0707 3916 [ 125AEC09C5E68118252048D629CB8086 ] C:\Windows\System32\SRSLabs\{176F4E15-8F7C-4833-ADED-81FAE8CCD186}\slh36064.dll
18:07:15.0707 3916 C:\Windows\System32\SRSLabs\{176F4E15-8F7C-4833-ADED-81FAE8CCD186}\slh36064.dll - ok
18:07:15.0710 3916 [ 96508657EAE1CFDAF95B5E1307E170D8 ] C:\Windows\System32\SRSLabs\{176F4E15-8F7C-4833-ADED-81FAE8CCD186}\slhlim64.dll
18:07:15.0710 3916 C:\Windows\System32\SRSLabs\{176F4E15-8F7C-4833-ADED-81FAE8CCD186}\slhlim64.dll - ok
18:07:15.0713 3916 [ 175E1D0908A99B41BF5F9D3738DB9337 ] C:\Windows\System32\SRSLabs\{176F4E15-8F7C-4833-ADED-81FAE8CCD186}\slInit64.dll
18:07:15.0713 3916 C:\Windows\System32\SRSLabs\{176F4E15-8F7C-4833-ADED-81FAE8CCD186}\slInit64.dll - ok
18:07:15.0716 3916 [ 7C00C608FE4C8EDE9E30940837B9AC8B ] C:\Windows\Microsoft.NET\Framework64\v4.0.30319\ServiceModelEvents.dll
18:07:15.0716 3916 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\ServiceModelEvents.dll - ok
18:07:15.0719 3916 [ 263E9A047D17CD50BAA9D3C02910D18D ] C:\Windows\System32\oledlg.dll
18:07:15.0719 3916 C:\Windows\System32\oledlg.dll - ok
18:07:15.0722 3916 [ AAB2F38243C12DDC83A71E7A442B5CDD ] C:\Windows\System32\SRSLabs\{176F4E15-8F7C-4833-ADED-81FAE8CCD186}\slmaxv64.dll
18:07:15.0722 3916 C:\Windows\System32\SRSLabs\{176F4E15-8F7C-4833-ADED-81FAE8CCD186}\slmaxv64.dll - ok
18:07:15.0726 3916 [ 2CD51D82FAEAF29BF740BD2D0607D940 ] C:\Windows\System32\SRSLabs\{176F4E15-8F7C-4833-ADED-81FAE8CCD186}\sltshd64.dll
18:07:15.0726 3916 C:\Windows\System32\SRSLabs\{176F4E15-8F7C-4833-ADED-81FAE8CCD186}\sltshd64.dll - ok
18:07:15.0729 3916 [ 5B45F8ED76023C3E3B251D93E5A3D4FB ] C:\Windows\System32\SRSLabs\{176F4E15-8F7C-4833-ADED-81FAE8CCD186}\slvipp64.dll
18:07:15.0729 3916 C:\Windows\System32\SRSLabs\{176F4E15-8F7C-4833-ADED-81FAE8CCD186}\slvipp64.dll - ok
18:07:15.0731 3916 [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB ] C:\Windows\System32\sstpsvc.dll
18:07:15.0731 3916 C:\Windows\System32\sstpsvc.dll - ok
18:07:15.0734 3916 [ E73B0F1819602CB6EF176FB78D76A47B ] C:\Windows\SysWOW64\ntdll.dll
18:07:15.0734 3916 C:\Windows\SysWOW64\ntdll.dll - ok
18:07:15.0737 3916 [ 908ACB1F594274965A53926B10C81E89 ] C:\Windows\System32\provsvc.dll
18:07:15.0737 3916 C:\Windows\System32\provsvc.dll - ok
18:07:15.0740 3916 [ F018E98209E82396C9E70A2C049DBB49 ] C:\Windows\System32\SRSLabs\{176F4E15-8F7C-4833-ADED-81FAE8CCD186}\slviq64.dll
18:07:15.0740 3916 C:\Windows\System32\SRSLabs\{176F4E15-8F7C-4833-ADED-81FAE8CCD186}\slviq64.dll - ok
18:07:15.0743 3916 [ ADD26297F53141BB5F5737719E01D460 ] C:\Program Files\TOSHIBA\SmartFaceV\SmartFaceVLogOn.dll
18:07:15.0743 3916 C:\Program Files\TOSHIBA\SmartFaceV\SmartFaceVLogOn.dll - ok
18:07:15.0746 3916 [ FB24438F64BAF5198EE7648B51FD3AB0 ] C:\Windows\System32\cacls.exe
18:07:15.0746 3916 C:\Windows\System32\cacls.exe - ok
18:07:15.0750 3916 [ B1E3772FFA96AC5AEE89BF202AF8E348 ] C:\Windows\System32\wow64.dll
18:07:15.0750 3916 C:\Windows\System32\wow64.dll - ok
18:07:15.0753 3916 [ AA0D2571A4348838B8DD49FD0043826A ] C:\Windows\System32\wow64cpu.dll
18:07:15.0754 3916 C:\Windows\System32\wow64cpu.dll - ok
18:07:15.0756 3916 [ FC5A43FA257F546F8F2B96B5529857E1 ] C:\Windows\System32\wow64win.dll
18:07:15.0756 3916 C:\Windows\System32\wow64win.dll - ok
18:07:15.0759 3916 [ 99C3F8E9CC59D95666EB8D8A8B4C2BEB ] C:\Windows\SysWOW64\kernel32.dll
18:07:15.0759 3916 C:\Windows\SysWOW64\kernel32.dll - ok
18:07:15.0762 3916 [ AC7E707AFB0967078996CD9C77604F3E ] C:\Program Files\Intel\WiFi\bin\IntStngs.dll
18:07:15.0762 3916 C:\Program Files\Intel\WiFi\bin\IntStngs.dll - ok
18:07:15.0765 3916 [ 972C3301DB3DA91AE06A95F6B4160B1B ] C:\Windows\System32\certCredProvider.dll
18:07:15.0765 3916 C:\Windows\System32\certCredProvider.dll - ok
18:07:15.0768 3916 [ 5C2D21C9B6B6175B89BC5D7E3CB979E1 ] C:\Windows\SysWOW64\KernelBase.dll
18:07:15.0768 3916 C:\Windows\SysWOW64\KernelBase.dll - ok
18:07:15.0771 3916 [ 032229246107C5C7211E6D1498B52D3D ] C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDCREDPROV.DLL
18:07:15.0771 3916 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDCREDPROV.DLL - ok
18:07:15.0774 3916 [ 10FB16B50AFFDA6D44588F3C445DC273 ] C:\Windows\SysWOW64\setupapi.dll
18:07:15.0775 3916 C:\Windows\SysWOW64\setupapi.dll - ok
18:07:15.0778 3916 [ 87FA0C48C3B2E9FEE518818FE26B15B5 ] C:\Windows\System32\rasplap.dll
18:07:15.0778 3916 C:\Windows\System32\rasplap.dll - ok
18:07:15.0781 3916 [ 019CD868461B646E09BDF04474C19341 ] C:\Windows\System32\rasapi32.dll
18:07:15.0781 3916 C:\Windows\System32\rasapi32.dll - ok
18:07:15.0784 3916 [ B28DEEC597C8DEB70C744C7CF9210E3E ] C:\Windows\System32\rasman.dll
18:07:15.0784 3916 C:\Windows\System32\rasman.dll - ok
18:07:15.0787 3916 [ 9BC8610C32C96A2983A65DC21CAFA921 ] C:\Windows\System32\UXInit.dll
18:07:15.0787 3916 C:\Windows\System32\UXInit.dll - ok
18:07:15.0790 3916 [ B53C4B69B695EDA1B7E41D35CA4244E2 ] C:\Windows\System32\rtutils.dll
18:07:15.0790 3916 C:\Windows\System32\rtutils.dll - ok
18:07:15.0793 3916 [ F436E847FA799ECD75AD8C313673F450 ] C:\Windows\SysWOW64\cfgmgr32.dll
18:07:15.0793 3916 C:\Windows\SysWOW64\cfgmgr32.dll - ok
18:07:15.0796 3916 [ 9DC80A8AAAAAC397BDAB3C67165A824E ] C:\Windows\SysWOW64\msvcrt.dll
18:07:15.0796 3916 C:\Windows\SysWOW64\msvcrt.dll - ok
18:07:15.0798 3916 [ C5AD8083CF94201F1F8084ECC696A8B7 ] C:\Windows\SysWOW64\rpcrt4.dll
18:07:15.0798 3916 C:\Windows\SysWOW64\rpcrt4.dll - ok
18:07:15.0801 3916 [ 603EBD34E216C5654A2D774EAC98D278 ] C:\Windows\System32\webio.dll
18:07:15.0801 3916 C:\Windows\System32\webio.dll - ok
18:07:15.0804 3916 [ 58F4493BF748A3A89689997B7BD00E95 ] C:\Windows\System32\winhttp.dll
18:07:15.0804 3916 C:\Windows\System32\winhttp.dll - ok
18:07:15.0807 3916 [ EDA7AD21DF8945528F01F0A86D69E524 ] C:\Windows\SysWOW64\sspicli.dll
18:07:15.0807 3916 C:\Windows\SysWOW64\sspicli.dll - ok
18:07:15.0810 3916 [ BCEA9AB347E53BC03B2E36BE0B8BA0EF ] C:\Windows\System32\httpapi.dll
18:07:15.0810 3916 C:\Windows\System32\httpapi.dll - ok
18:07:15.0813 3916 [ 019BDD35DE269CB98B22DE8923C2AA3B ] C:\Windows\System32\UIAutomationCore.dll
18:07:15.0813 3916 C:\Windows\System32\UIAutomationCore.dll - ok
18:07:15.0815 3916 [ 95E2376B3323F062EB562B8586D0F14A ] C:\Windows\SysWOW64\advapi32.dll
18:07:15.0815 3916 C:\Windows\SysWOW64\advapi32.dll - ok
18:07:15.0818 3916 [ F08F6FCD09F9BE94C37ACC1B344685FF ] C:\Windows\SysWOW64\cryptbase.dll
18:07:15.0818 3916 C:\Windows\SysWOW64\cryptbase.dll - ok
18:07:15.0821 3916 [ CFC97F07904067A1E5FAE195D534DA3A ] C:\Windows\SysWOW64\sechost.dll
18:07:15.0821 3916 C:\Windows\SysWOW64\sechost.dll - ok
18:07:15.0824 3916 [ D6D3AD7BF1D6F6CE9547613ED5E170A2 ] C:\Windows\SysWOW64\gdi32.dll
18:07:15.0824 3916 C:\Windows\SysWOW64\gdi32.dll - ok
18:07:15.0827 3916 [ 5E0DB2D8B2750543CD2EBB9EA8E6CDD3 ] C:\Windows\SysWOW64\user32.dll
18:07:15.0827 3916 C:\Windows\SysWOW64\user32.dll - ok
18:07:15.0830 3916 [ F15F98BB1135077BEAA22BEE146B8B11 ] C:\Program Files\Intel\WiFi\bin\AmtWsMan.dll
18:07:15.0830 3916 C:\Program Files\Intel\WiFi\bin\AmtWsMan.dll - ok
18:07:15.0832 3916 [ 384721EF4024890092625E20CADFAF85 ] C:\Windows\SysWOW64\lpk.dll
18:07:15.0832 3916 C:\Windows\SysWOW64\lpk.dll - ok
18:07:15.0835 3916 [ 6C765E82B57F2E66CE9C54AC238471D9 ] C:\Windows\SysWOW64\oleaut32.dll
18:07:15.0835 3916 C:\Windows\SysWOW64\oleaut32.dll - ok
18:07:15.0838 3916 [ 804AAAFEBB3AD5F49334DD906BCB1DE5 ] C:\Windows\SysWOW64\usp10.dll
18:07:15.0838 3916 C:\Windows\SysWOW64\usp10.dll - ok
18:07:15.0841 3916 [ 928CF7268086631F54C3D8E17238C6DD ] C:\Windows\SysWOW64\ole32.dll
18:07:15.0841 3916 C:\Windows\SysWOW64\ole32.dll - ok
18:07:15.0844 3916 [ 945E54F23C72D37B8CD1987AF0DB63BF ] C:\Windows\System32\fveapi.dll
18:07:15.0844 3916 C:\Windows\System32\fveapi.dll - ok
18:07:15.0847 3916 [ 891ECFD08E2C538B7948CBC45106D697 ] C:\Windows\System32\fvecerts.dll
18:07:15.0847 3916 C:\Windows\System32\fvecerts.dll - ok
18:07:15.0849 3916 [ 694865362F0965779F92BCFE97712323 ] C:\Windows\System32\tbs.dll
18:07:15.0849 3916 C:\Windows\System32\tbs.dll - ok
18:07:15.0852 3916 [ 2EEFF4502F5E13B1BED4A04CCAD64C08 ] C:\Windows\SysWOW64\devobj.dll
18:07:15.0852 3916 C:\Windows\SysWOW64\devobj.dll - ok
18:07:15.0855 3916 [ A6F09E5669D9A19035F6D942CAA15882 ] C:\Windows\SysWOW64\imm32.dll
18:07:15.0855 3916 C:\Windows\SysWOW64\imm32.dll - ok
18:07:15.0858 3916 [ C9618BC9B2B0FD7C1138D8774795A79B ] C:\Windows\SysWOW64\msctf.dll
18:07:15.0858 3916 C:\Windows\SysWOW64\msctf.dll - ok
18:07:15.0861 3916 [ 623FEE8BDC376E48A6F161F82FF6279E ] C:\Program Files\Microsoft Security Client\MpAsDesc.dll
18:07:15.0861 3916 C:\Program Files\Microsoft Security Client\MpAsDesc.dll - ok
18:07:15.0864 3916 [ B6DD2A245268D961CC163C21457201D4 ] C:\Program Files\Microsoft Security Client\MpCmdRun.exe
18:07:15.0864 3916 C:\Program Files\Microsoft Security Client\MpCmdRun.exe - ok
18:07:15.0867 3916 [ 03706015DB44368375AEBE6339490E66 ] C:\Windows\System32\netcfgx.dll
18:07:15.0867 3916 C:\Windows\System32\netcfgx.dll - ok
18:07:15.0870 3916 [ 49869B871F6DB76021D0E9B5DF1CC2CB ] C:\Windows\SysWOW64\irstrtsv.exe
18:07:15.0870 3916 C:\Windows\SysWOW64\irstrtsv.exe - ok
18:07:15.0872 3916 [ 218A400108F280428FA22282D3268BBC ] C:\Windows\System32\wscapi.dll
18:07:15.0872 3916 C:\Windows\System32\wscapi.dll - ok
18:07:15.0875 3916 [ FA43D418BC945D27D0625B697B8442B5 ] C:\Windows\System32\cabinet.dll
18:07:15.0875 3916 C:\Windows\System32\cabinet.dll - ok
18:07:15.0878 3916 [ 3C6630473DD42FFC57D9F5564F533127 ] C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\Jhi_service.exe
18:07:15.0879 3916 C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\Jhi_service.exe - ok
18:07:15.0882 3916 [ 5AA945234E9D4CCE4F715276B9AA712C ] C:\Windows\System32\imageres.dll
18:07:15.0882 3916 C:\Windows\System32\imageres.dll - ok
18:07:15.0885 3916 [ 8269210DAF3B12BC8300631B28A2A442 ] C:\Windows\System32\wiarpc.dll
18:07:15.0885 3916 C:\Windows\System32\wiarpc.dll - ok
18:07:15.0888 3916 [ 7FF15A4F092CD4A96055BA69F903E3E9 ] C:\Windows\SysWOW64\ws2_32.dll
18:07:15.0888 3916 C:\Windows\SysWOW64\ws2_32.dll - ok
18:07:15.0890 3916 [ 1295338CFE6F249823EF9BC8D4368A84 ] C:\Windows\SysWOW64\crypt32.dll
18:07:15.0890 3916 C:\Windows\SysWOW64\crypt32.dll - ok
18:07:15.0894 3916 [ 6377051C63D5552A311935C67E9FDFDC ] C:\Windows\SysWOW64\nsi.dll
18:07:15.0894 3916 C:\Windows\SysWOW64\nsi.dll - ok
18:07:15.0897 3916 [ A7D79E9F660340AB20CD73F12910985F ] C:\Windows\SysWOW64\wintrust.dll
18:07:15.0897 3916 C:\Windows\SysWOW64\wintrust.dll - ok
18:07:15.0901 3916 [ 938F39B50BAFE13D6F58C7790682C010 ] C:\Windows\SysWOW64\msasn1.dll
18:07:15.0901 3916 C:\Windows\SysWOW64\msasn1.dll - ok
18:07:15.0904 3916 [ BC83108B18756547013ED443B8CDB31B ] C:\Windows\SysWOW64\msvcp100.dll
18:07:15.0904 3916 C:\Windows\SysWOW64\msvcp100.dll - ok
18:07:15.0907 3916 [ 0E37FBFA79D349D672456923EC5FBBE3 ] C:\Windows\SysWOW64\msvcr100.dll
18:07:15.0908 3916 C:\Windows\SysWOW64\msvcr100.dll - ok
18:07:15.0911 3916 [ 8CC3C111D653E96F3EA1590891491D71 ] C:\Windows\SysWOW64\shlwapi.dll
18:07:15.0911 3916 C:\Windows\SysWOW64\shlwapi.dll - ok
18:07:15.0914 3916 [ 12B79422A23814429CDA9E734C58F78F ] C:\Program Files (x86)\Common Files\microsoft shared\Windows Live\WLIDNSP.DLL
18:07:15.0914 3916 C:\Program Files (x86)\Common Files\microsoft shared\Windows Live\WLIDNSP.DLL - ok
18:07:15.0917 3916 [ 780D96F551833E0DCFE0A33B02B774E8 ] C:\Program Files (x86)\Memeo\AutoBackup\MemeoBackgroundService.exe
18:07:15.0917 3916 C:\Program Files (x86)\Memeo\AutoBackup\MemeoBackgroundService.exe - ok
18:07:15.0919 3916 [ A08C010D859F8EB42BDD7E1D55B8CA27 ] C:\Windows\System32\mscoree.dll
18:07:15.0920 3916 C:\Windows\System32\mscoree.dll - ok
18:07:15.0923 3916 [ B40420876B9288E0A1C8CCA8A84E5DC9 ] C:\Windows\SysWOW64\dnsapi.dll
18:07:15.0923 3916 C:\Windows\SysWOW64\dnsapi.dll - ok
18:07:15.0928 3916 [ 8999B8631C7FD9F7F9EC3CAFD953BA24 ] C:\Windows\SysWOW64\mswsock.dll
18:07:15.0928 3916 C:\Windows\SysWOW64\mswsock.dll - ok
18:07:15.0932 3916 [ 73E8667A19FEEDD856DF2695E9E511D4 ] C:\Windows\SysWOW64\wship6.dll
18:07:15.0932 3916 C:\Windows\SysWOW64\wship6.dll - ok
18:07:15.0936 3916 [ EE5C8E27C37B79CB54A2FCEEED2DC262 ] C:\Windows\SysWOW64\WSHTCPIP.DLL
18:07:15.0936 3916 C:\Windows\SysWOW64\WSHTCPIP.DLL - ok
18:07:15.0941 3916 [ AA794B099F776B37ACCDEAD00E0FBFC9 ] C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscoreei.dll
18:07:15.0941 3916 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscoreei.dll - ok
18:07:15.0944 3916 [ 03A03A453F1AAAE0C73AAAF895321C7A ] C:\Windows\SysWOW64\FWPUCLNT.DLL
18:07:15.0945 3916 C:\Windows\SysWOW64\FWPUCLNT.DLL - ok
18:07:15.0948 3916 [ A90DC9ABD65DB1A8902F361103029952 ] C:\Windows\SysWOW64\IPHLPAPI.DLL
18:07:15.0948 3916 C:\Windows\SysWOW64\IPHLPAPI.DLL - ok
18:07:15.0951 3916 [ A543AC1F7138376D778D630A35FCBC4C ] C:\Windows\SysWOW64\psapi.dll
18:07:15.0951 3916 C:\Windows\SysWOW64\psapi.dll - ok
18:07:15.0955 3916 [ ED6EE83D61EBC683C2CD8E899EA6FEBE ] C:\Windows\SysWOW64\rasadhlp.dll
18:07:15.0955 3916 C:\Windows\SysWOW64\rasadhlp.dll - ok
18:07:15.0960 3916 [ CFF35B879D1618D42C86644C717BA947 ] C:\Windows\SysWOW64\winnsi.dll
18:07:15.0960 3916 C:\Windows\SysWOW64\winnsi.dll - ok
18:07:15.0964 3916 [ A05C0003E8D7CEA359A439690554F8BB ] C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorwks.dll
18:07:15.0965 3916 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorwks.dll - ok
18:07:15.0968 3916 [ E36112A8A6C7F840169A7E92C12F4203 ] C:\Windows\System32\wsock32.dll
18:07:15.0968 3916 C:\Windows\System32\wsock32.dll - ok
18:07:15.0973 3916 [ 92E0508D924512F63FFEEFE498CBD11F ] C:\Windows\System32\p2pcollab.dll
18:07:15.0973 3916 C:\Windows\System32\p2pcollab.dll - ok
18:07:15.0977 3916 [ 8D76651EDF837E9A4DBFC0A2B7DB4881 ] C:\Program Files\Intel\WiFi\bin\S24MUDLL.dll
18:07:15.0977 3916 C:\Program Files\Intel\WiFi\bin\S24MUDLL.dll - ok
18:07:15.0982 3916 [ 76CDA84DCB30EBDEF0D86051A72E0C0F ] C:\Windows\assembly\NativeImages_v2.0.50727_64\mscorlib\f73f0a9c9a83dcd3ff428be509a7992f\mscorlib.ni.dll
18:07:15.0982 3916 C:\Windows\assembly\NativeImages_v2.0.50727_64\mscorlib\f73f0a9c9a83dcd3ff428be509a7992f\mscorlib.ni.dll - ok
18:07:15.0987 3916 [ 955D29A1CE1D1C729C61535641CE2BA3 ] C:\Program Files\Intel\WiFi\bin\iWMSProv.dll
18:07:15.0987 3916 C:\Program Files\Intel\WiFi\bin\iWMSProv.dll - ok
18:07:15.0992 3916 [ B84E2D174DC84916A536572BB8F691A8 ] C:\Windows\System32\wscisvif.dll
18:07:15.0992 3916 C:\Windows\System32\wscisvif.dll - ok
18:07:15.0997 3916 [ 6C1E3C43B35268C17833244C8ED96430 ] C:\Windows\System32\wscproxystub.dll
18:07:15.0997 3916 C:\Windows\System32\wscproxystub.dll - ok
18:07:16.0001 3916 [ 506A83A3BEEE9FCA09F0170DE9FC7D1B ] C:\Windows\System32\fveui.dll
18:07:16.0002 3916 C:\Windows\System32\fveui.dll - ok
18:07:16.0006 3916 [ 582AC6D9873E31DFA28A4547270862DD ] C:\Windows\System32\QAGENTRT.DLL
18:07:16.0006 3916 C:\Windows\System32\QAGENTRT.DLL - ok
18:07:16.0011 3916 [ 7373DE70D405FF08DC53336B83989138 ] C:\Windows\System32\rastls.dll
18:07:16.0011 3916 C:\Windows\System32\rastls.dll - ok
18:07:16.0016 3916 [ 6A84E68B538B8B04608BF2F0D426CE6F ] C:\Windows\System32\raschap.dll
18:07:16.0017 3916 C:\Windows\System32\raschap.dll - ok
18:07:16.0021 3916 [ 187A29743880CE49D6A2AF372AEFC7DE ] C:\Program Files\Microsoft Security Client\MsseWat.dll
18:07:16.0021 3916 C:\Program Files\Microsoft Security Client\MsseWat.dll - ok
18:07:16.0027 3916 [ B6D6886149573278CBA6ABD44C4317F5 ] C:\Windows\System32\slwga.dll
18:07:16.0027 3916 C:\Windows\System32\slwga.dll - ok
18:07:16.0033 3916 [ DB76DB15EFC6E4D1153A6C5BC895948D ] C:\Windows\System32\sppc.dll
18:07:16.0033 3916 C:\Windows\System32\sppc.dll - ok
18:07:16.0037 3916 [ A8EDB86FC2A4D6D1285E4C70384AC35A ] C:\Windows\System32\dllhost.exe
18:07:16.0037 3916 C:\Windows\System32\dllhost.exe - ok
18:07:16.0042 3916 [ 0A94DE4AA9864D312E60D747FD249ABE ] C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsec.dll
18:07:16.0042 3916 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsec.dll - ok
18:07:16.0047 3916 [ A0A2C1D812C231C9BFE119FDC68E341B ] C:\Windows\System32\IDStore.dll
18:07:16.0047 3916 C:\Windows\System32\IDStore.dll - ok
18:07:16.0050 3916 [ 850BD2D2D9CB5894935C3B6333CAD6FD ] C:\Windows\System32\riched20.dll
18:07:16.0050 3916 C:\Windows\System32\riched20.dll - ok
18:07:16.0053 3916 [ 001D7099C3DB8E53A955FF4D66E25AA2 ] C:\Windows\System32\kbd101.dll
18:07:16.0054 3916 C:\Windows\System32\kbd101.dll - ok
18:07:16.0058 3916 [ A1D990022654CFE37E2561E540F0253B ] C:\Windows\System32\kbd106.dll
18:07:16.0058 3916 C:\Windows\System32\kbd106.dll - ok
18:07:16.0062 3916 [ 6D707786D7163383C64F07263BB9478E ] C:\Windows\System32\KBDJPN.DLL
18:07:16.0062 3916 C:\Windows\System32\KBDJPN.DLL - ok
18:07:16.0066 3916 [ 117865AD39587EB4DA218AAF2E559B8C ] C:\Windows\System32\kbdnec.dll
18:07:16.0066 3916 C:\Windows\System32\kbdnec.dll - ok
18:07:16.0070 3916 [ 517110BD83835338C037269E603DB55D ] C:\Windows\System32\taskhost.exe
18:07:16.0070 3916 C:\Windows\System32\taskhost.exe - ok
18:07:16.0073 3916 [ 6CEF7856A3EFAC59470F6208F0F585CE ] C:\Windows\System32\mpr.dll
18:07:16.0074 3916 C:\Windows\System32\mpr.dll - ok
18:07:16.0077 3916 [ 65EA57712340C09B1B0C427B4848AE05 ] C:\Windows\System32\taskeng.exe
18:07:16.0077 3916 C:\Windows\System32\taskeng.exe - ok
18:07:16.0080 3916 [ 9BB99503D6A4DD62569EDE9E5E2672A5 ] C:\Windows\System32\HotStartUserAgent.dll
18:07:16.0080 3916 C:\Windows\System32\HotStartUserAgent.dll - ok
18:07:16.0084 3916 [ AFB5B500AD69E24ED1BC15D1161641EF ] C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL
18:07:16.0084 3916 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL - ok
18:07:16.0088 3916 [ 88351B29B622B30962D2FEB6CA8D860B ] C:\Windows\System32\rasadhlp.dll
18:07:16.0088 3916 C:\Windows\System32\rasadhlp.dll - ok
18:07:16.0093 3916 [ BAFE84E637BF7388C96EF48D4D3FDD53 ] C:\Windows\System32\userinit.exe
18:07:16.0093 3916 C:\Windows\System32\userinit.exe - ok
18:07:16.0096 3916 [ F162D5F5E845B9DC352DD1BAD8CEF1BC ] C:\Windows\System32\dwm.exe
18:07:16.0097 3916 C:\Windows\System32\dwm.exe - ok
18:07:16.0100 3916 [ 4BA77A5EF71C14C764B0ED4701683E3E ] C:\Windows\System32\dwmcore.dll
18:07:16.0100 3916 C:\Windows\System32\dwmcore.dll - ok
18:07:16.0103 3916 [ FCFCD1101C5DA23B4B95F93D02B2C169 ] C:\Windows\System32\dwmredir.dll
18:07:16.0103 3916 C:\Windows\System32\dwmredir.dll - ok
18:07:16.0107 3916 [ B837D1528CE2E3CB79F09496BC08DDC6 ] C:\Windows\System32\SensApi.dll
18:07:16.0108 3916 C:\Windows\System32\SensApi.dll - ok
18:07:16.0112 3916 [ E1374D37477322D4956604711008C69D ] C:\Windows\System32\d3d10_1.dll
18:07:16.0112 3916 C:\Windows\System32\d3d10_1.dll - ok
18:07:16.0115 3916 [ 426BA4E737A7988FD1202AF2F2B2F4A6 ] C:\Windows\System32\d3d10_1core.dll
18:07:16.0115 3916 C:\Windows\System32\d3d10_1core.dll - ok
18:07:16.0119 3916 [ 45CFBFA8EDC3DF4E2B7FB0D0260FE051 ] C:\Windows\System32\localspl.dll
18:07:16.0119 3916 C:\Windows\System32\localspl.dll - ok
18:07:16.0122 3916 [ BA48FCD5653B8A62F39AAF2663EC5D10 ] C:\Windows\assembly\NativeImages_v2.0.50727_64\System\c40ec0f4cd203c880298f94c0427dd54\System.ni.dll
18:07:16.0122 3916 C:\Windows\assembly\NativeImages_v2.0.50727_64\System\c40ec0f4cd203c880298f94c0427dd54\System.ni.dll - ok
18:07:16.0126 3916 [ F404E59DB6A0F122AB26BF4F3E2FD0FA ] C:\Windows\System32\dxgi.dll
18:07:16.0126 3916 C:\Windows\System32\dxgi.dll - ok
18:07:16.0129 3916 [ 19E41CCCEE697CC9465396B370929792 ] C:\Windows\System32\FXSMON.dll
18:07:16.0129 3916 C:\Windows\System32\FXSMON.dll - ok
18:07:16.0132 3916 [ C5AC93CF3BA30D367FB49148A2B673B9 ] C:\Windows\System32\PrintIsolationProxy.dll
18:07:16.0132 3916 C:\Windows\System32\PrintIsolationProxy.dll - ok
18:07:16.0136 3916 [ 3285481F5C12305CA104A6C493CA5A0B ] C:\Windows\System32\spoolss.dll
18:07:16.0136 3916 C:\Windows\System32\spoolss.dll - ok
18:07:16.0139 3916 [ 332FEAB1435662FC6C672E25BEB37BE3 ] C:\Windows\explorer.exe
18:07:16.0139 3916 C:\Windows\explorer.exe - ok
18:07:16.0142 3916 [ 93518C6EDE0B61BCBD02BDB02BD05FEE ] C:\Windows\System32\snmpapi.dll
18:07:16.0142 3916 C:\Windows\System32\snmpapi.dll - ok
18:07:16.0145 3916 [ EF73976903AB2674574C37D0ED62741F ] C:\Windows\System32\TBTMon.dll
18:07:16.0145 3916 C:\Windows\System32\TBTMon.dll - ok
18:07:16.0149 3916 [ BC01DF232FD65E50A4FCDF349526AB27 ] C:\Windows\System32\tbtmon98Language.dll
18:07:16.0149 3916 C:\Windows\System32\tbtmon98Language.dll - ok
18:07:16.0152 3916 [ 32A3C8600AF124CBAAD845F13CFAE3CB ] C:\Windows\System32\tcpmon.dll
18:07:16.0152 3916 C:\Windows\System32\tcpmon.dll - ok
18:07:16.0156 3916 [ FFF9D00CF16397C64317F213484F94BD ] C:\Windows\System32\wsnmp32.dll
18:07:16.0156 3916 C:\Windows\System32\wsnmp32.dll - ok
18:07:16.0161 3916 [ B81203B400B4890BFDAE3F2E8793404D ] C:\Program Files (x86)\Toshiba\Bluetooth Toshiba Stack\sys\x64\TosBdAPI.dll
18:07:16.0161 3916 C:\Program Files (x86)\Toshiba\Bluetooth Toshiba Stack\sys\x64\TosBdAPI.dll - ok
18:07:16.0168 3916 [ 01F5A41AA875BE6EA189A1D35A18AF2F ] C:\Program Files (x86)\Toshiba\Bluetooth Toshiba Stack\sys\x64\TosBtAPI.dll
18:07:16.0168 3916 C:\Program Files (x86)\Toshiba\Bluetooth Toshiba Stack\sys\x64\TosBtAPI.dll - ok
18:07:16.0171 3916 [ 1274AA4D87F32549574DBCEA0DE94ACC ] C:\Program Files (x86)\Toshiba\Bluetooth Toshiba Stack\sys\x64\TosBtHcrpAPI.dll
18:07:16.0171 3916 C:\Program Files (x86)\Toshiba\Bluetooth Toshiba Stack\sys\x64\TosBtHcrpAPI.dll - ok
18:07:16.0178 3916 [ F0E5CD1E28E81298AA5CF08E6D052B33 ] C:\Windows\System32\igd10umd64.dll
18:07:16.0178 3916 C:\Windows\System32\igd10umd64.dll - ok
18:07:16.0182 3916 [ DF72A9936D0C3F517083119648814B09 ] C:\Windows\System32\usbmon.dll
18:07:16.0182 3916 C:\Windows\System32\usbmon.dll - ok
18:07:16.0188 3916 [ 1F1CA9E99DD5BF918BE0BF30B5A42FDA ] C:\Windows\System32\MsCtfMonitor.dll
18:07:16.0188 3916 C:\Windows\System32\MsCtfMonitor.dll - ok
18:07:16.0193 3916 [ F09A9A1AD21FE618C4C8B0A0D830C886 ] C:\Windows\System32\msutb.dll
18:07:16.0193 3916 C:\Windows\System32\msutb.dll - ok
18:07:16.0197 3916 [ 94EEAC26F57811BD1AEFC164412F7FCE ] C:\Windows\System32\PlaySndSrv.dll
18:07:16.0197 3916 C:\Windows\System32\PlaySndSrv.dll - ok
18:07:16.0202 3916 [ A1D7E3ADCDB07DDB6F423862DCB1A52B ] C:\Windows\System32\WSDMon.dll
18:07:16.0202 3916 C:\Windows\System32\WSDMon.dll - ok
18:07:16.0207 3916 [ EED05D42D91835064703E2318552ED25 ] C:\Windows\System32\ExplorerFrame.dll
18:07:16.0207 3916 C:\Windows\System32\ExplorerFrame.dll - ok
18:07:16.0212 3916 [ 4581716B4BF76ACFD8E167EB0B26D82A ] C:\Windows\System32\fdPnp.dll
18:07:16.0212 3916 C:\Windows\System32\fdPnp.dll - ok
18:07:16.0217 3916 [ 1D626FE2E13C1CE49CA0136CFF214E93 ] C:\Windows\System32\spool\prtprocs\x64\winprint.dll
18:07:16.0217 3916 C:\Windows\System32\spool\prtprocs\x64\winprint.dll - ok
18:07:16.0221 3916 [ 805A52C5AE26C28E88FDD9BCCFE6F312 ] C:\Windows\System32\TSChannel.dll
18:07:16.0221 3916 C:\Windows\System32\TSChannel.dll - ok
18:07:16.0225 3916 [ 548CB980D7876E207CC9F8B60C1587A3 ] C:\Windows\System32\win32spl.dll
18:07:16.0225 3916 C:\Windows\System32\win32spl.dll - ok
18:07:16.0229 3916 [ F02A533F517EB38333CB12A9E8963773 ] C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
18:07:16.0229 3916 C:\Program Files (x86)\Google\Update\GoogleUpdate.exe - ok
18:07:16.0236 3916 [ 507D5567A0A4EE86C4B0CE2CE1777025 ] C:\Windows\System32\inetpp.dll
18:07:16.0236 3916 C:\Windows\System32\inetpp.dll - ok
18:07:16.0240 3916 [ 49E5753D923F1AC63B22D3DCB0B47E00 ] C:\Windows\System32\uDWM.dll
18:07:16.0240 3916 C:\Windows\System32\uDWM.dll - ok
18:07:16.0244 3916 [ 1EEF6ACBBE1D5DCD2EE545895DA87454 ] C:\Users\Ken\AppData\Roaming\Dropbox\bin\DropboxExt64.14.dll
18:07:16.0244 3916 C:\Users\Ken\AppData\Roaming\Dropbox\bin\DropboxExt64.14.dll - ok
18:07:16.0249 3916 [ 87204B04A63E684D3FD02A7BC10741CD ] C:\Windows\assembly\NativeImages_v2.0.50727_64\System.ServiceProce#\f71d2f65d0f149c75ac7a569dbcc8500\System.ServiceProcess.ni.dll
18:07:16.0250 3916 C:\Windows\assembly\NativeImages_v2.0.50727_64\System.ServiceProce#\f71d2f65d0f149c75ac7a569dbcc8500\System.ServiceProcess.ni.dll - ok
18:07:16.0254 3916 [ A7A8CA53D9C9FD90C07AB0EB38E5316B ] C:\Windows\System32\dbghelp.dll
18:07:16.0254 3916 C:\Windows\System32\dbghelp.dll - ok
18:07:16.0259 3916 [ 29E9794708DF51DB5DC89FB2E903A0F6 ] C:\Windows\SysWOW64\shell32.dll
18:07:16.0259 3916 C:\Windows\SysWOW64\shell32.dll - ok
18:07:16.0262 3916 [ 3ABB7ADB9CCBCD24D6C55201A3842A94 ] C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorjit.dll
18:07:16.0262 3916 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorjit.dll - ok
18:07:16.0265 3916 [ 1658E808E4D4889C66DE47EC87F1DED1 ] C:\Windows\System32\msvcp60.dll
18:07:16.0266 3916 C:\Windows\System32\msvcp60.dll - ok
18:07:16.0270 3916 [ 1BF0CB861A48FEB1638228760750F3CB ] C:\Windows\System32\cscapi.dll
18:07:16.0270 3916 C:\Windows\System32\cscapi.dll - ok
18:07:16.0274 3916 [ 6A638FC4BFDDC4D9B186C28C91BD1A01 ] C:\Windows\System32\drivers\vwifimp.sys
18:07:16.0274 3916 C:\Windows\System32\drivers\vwifimp.sys - ok
18:07:16.0279 3916 [ 024352FEEC9042260BB4CFB4D79A206B ] C:\Windows\System32\EhStorShell.dll
18:07:16.0279 3916 C:\Windows\System32\EhStorShell.dll - ok
18:07:16.0284 3916 [ DCE7610D823A31547C6C1E5F18FB128F ] C:\Program Files (x86)\Google\Drive\googledrivesync64.dll
18:07:16.0284 3916 C:\Program Files (x86)\Google\Drive\googledrivesync64.dll - ok
18:07:16.0289 3916 [ 241AF87821FDA0F5792037B779F49BE0 ] C:\Windows\winsxs\amd64_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.6161_none_08e61857a83bc251\msvcp90.dll
18:07:16.0289 3916 C:\Windows\winsxs\amd64_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.6161_none_08e61857a83bc251\msvcp90.dll - ok
18:07:16.0293 3916 [ D233C7FEAE3FAA25F93A9E6B46815ADC ] C:\Windows\winsxs\amd64_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.6161_none_08e61857a83bc251\msvcr90.dll
18:07:16.0293 3916 C:\Windows\winsxs\amd64_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.6161_none_08e61857a83bc251\msvcr90.dll - ok
18:07:16.0296 3916 [ 037A719DAD50603202C978CD802623E4 ] C:\Windows\System32\ntshrui.dll
18:07:16.0296 3916 C:\Windows\System32\ntshrui.dll - ok
18:07:16.0300 3916 [ CDAD3376DFF3D9AC7FDCBE2B94B0D3C8 ] C:\Windows\System32\shfolder.dll
18:07:16.0300 3916 C:\Windows\System32\shfolder.dll - ok
18:07:16.0304 3916 [ 7DB5AA22A8A8E5C2D335F44853C1F6DE ] C:\Windows\System32\wbemcomn.dll
18:07:16.0304 3916 C:\Windows\System32\wbemcomn.dll - ok
18:07:16.0309 3916 [ 666A60F6F5E719856FF6254E0966EFF7 ] C:\Windows\System32\wbem\wbemprox.dll
18:07:16.0309 3916 C:\Windows\System32\wbem\wbemprox.dll - ok
18:07:16.0312 3916 [ C7AAC31A910E4BBFDF94D3786ED13E71 ] C:\Program Files (x86)\Intel\Intel® ME FW Recovery Agent\bin\Bootstrap.exe
18:07:16.0312 3916 C:\Program Files (x86)\Intel\Intel® ME FW Recovery Agent\bin\Bootstrap.exe - ok
18:07:16.0315 3916 [ D64D99EC088B54FFE8EE67A480386C20 ] C:\Windows\Microsoft.NET\Framework64\v2.0.50727\Culture.dll
18:07:16.0315 3916 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\Culture.dll - ok
18:07:16.0318 3916 [ 1D63F4366288B8A7595397E27010FD44 ] C:\Windows\System32\IconCodecService.dll
18:07:16.0318 3916 C:\Windows\System32\IconCodecService.dll - ok
18:07:16.0321 3916 [ 857F78A80A36BF9BE8B10D85E49CE2C4 ] C:\Windows\assembly\NativeImages_v2.0.50727_64\System.Configuration\193d03ca60573c92f92d9b07fa5bc243\System.Configuration.ni.dll
18:07:16.0321 3916 C:\Windows\assembly\NativeImages_v2.0.50727_64\System.Configuration\193d03ca60573c92f92d9b07fa5bc243\System.Configuration.ni.dll - ok
18:07:16.0324 3916 [ C733D233B623B7FFCE5031E4B756EE26 ] C:\Windows\SysWOW64\profapi.dll
18:07:16.0324 3916 C:\Windows\SysWOW64\profapi.dll - ok
18:07:16.0328 3916 [ D15618A0FF8DBC2C5BF3726BACC75A0B ] C:\Windows\SysWOW64\userenv.dll
18:07:16.0328 3916 C:\Windows\SysWOW64\userenv.dll - ok
18:07:16.0330 3916 [ 6A6B2EE4565A178035BE2A4FF6F2C968 ] C:\Windows\SysWOW64\wtsapi32.dll
18:07:16.0330 3916 C:\Windows\SysWOW64\wtsapi32.dll - ok
18:07:16.0333 3916 [ 39C5FCF8AA3B83D79A0E853ECB38BF25 ] C:\Program Files (x86)\Google\Update\1.3.21.115\goopdate.dll
18:07:16.0333 3916 C:\Program Files (x86)\Google\Update\1.3.21.115\goopdate.dll - ok
18:07:16.0336 3916 [ 37C813CF6B4E892E2CDA6FEF3B871AFC ] C:\Windows\assembly\NativeImages_v2.0.50727_64\System.Xml\24d1b7ccbedaa3602bae6a6acea9929e\System.Xml.ni.dll
18:07:16.0336 3916 C:\Windows\assembly\NativeImages_v2.0.50727_64\System.Xml\24d1b7ccbedaa3602bae6a6acea9929e\System.Xml.ni.dll - ok
18:07:16.0339 3916 [ 8FE3C29793755400E7876D17FA5811CF ] C:\Program Files (x86)\Intel\Intel® ME FW Recovery Agent\bin\configurationManager.dll
18:07:16.0339 3916 C:\Program Files (x86)\Intel\Intel® ME FW Recovery Agent\bin\configurationManager.dll - ok
18:07:16.0343 3916 [ 2FCA0D2C59A855C54BAFA22AA329DF0F ] C:\Windows\SysWOW64\netapi32.dll
18:07:16.0343 3916 C:\Windows\SysWOW64\netapi32.dll - ok
18:07:16.0345 3916 [ 20B3934DB73EABA2B49B7177873CB81F ] C:\Windows\SysWOW64\netutils.dll
18:07:16.0345 3916 C:\Windows\SysWOW64\netutils.dll - ok
18:07:16.0348 3916 [ 5CCDCD40E732D54E0F7451AC66AC1C87 ] C:\Windows\SysWOW64\srvcli.dll
18:07:16.0348 3916 C:\Windows\SysWOW64\srvcli.dll - ok
18:07:16.0350 3916 [ E5A4A1326A02F8E7B59E6C3270CE7202 ] C:\Windows\SysWOW64\wkscli.dll
18:07:16.0351 3916 C:\Windows\SysWOW64\wkscli.dll - ok
18:07:16.0354 3916 [ 352B3DC62A0D259A82A052238425C872 ] C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2\comctl32.dll
18:07:16.0354 3916 C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2\comctl32.dll - ok
18:07:16.0356 3916 [ B2DB6ABA2E292235749B80A9C3DFA867 ] C:\Windows\SysWOW64\imagehlp.dll
18:07:16.0357 3916 C:\Windows\SysWOW64\imagehlp.dll - ok
18:07:16.0360 3916 [ A6C29DB53ECA94FA8591C5388D604B82 ] C:\Windows\SysWOW64\msi.dll
18:07:16.0360 3916 C:\Windows\SysWOW64\msi.dll - ok
18:07:16.0362 3916 [ C1B656AECD986A9DDE55F19009CF6843 ] C:\Program Files (x86)\Norton PC Checkup\Engine\2.0.17.38\SymcPCCULaunchSvc.exe
18:07:16.0363 3916 C:\Program Files (x86)\Norton PC Checkup\Engine\2.0.17.38\SymcPCCULaunchSvc.exe - ok
18:07:16.0365 3916 [ 4A435F95B940E93A88FEC144BD409789 ] C:\Windows\System32\ncsi.dll
18:07:16.0365 3916 C:\Windows\System32\ncsi.dll - ok
18:07:16.0368 3916 [ 1EE99A89CC788ADA662441D1E9830529 ] C:\Windows\System32\nlasvc.dll
18:07:16.0368 3916 C:\Windows\System32\nlasvc.dll - ok
18:07:16.0371 3916 [ 368B2BEE3F88BFB883D2C74A258DE6F6 ] C:\Windows\AppPatch\AcLayers.dll
18:07:16.0371 3916 C:\Windows\AppPatch\AcLayers.dll - ok
18:07:16.0374 3916 [ A9DA8CC5E02FF594E11A78D86D5B6A5B ] C:\Windows\assembly\NativeImages_v2.0.50727_64\System.Runtime.Remo#\2a02b172fa4cf3d93ce7388b67b2a199\System.Runtime.Remoting.ni.dll
18:07:16.0374 3916 C:\Windows\assembly\NativeImages_v2.0.50727_64\System.Runtime.Remo#\2a02b172fa4cf3d93ce7388b67b2a199\System.Runtime.Remoting.ni.dll - ok
18:07:16.0377 3916 [ 2BBF3FDB70B8965DFA0258CBAB41ECCE ] C:\Windows\System32\ssdpapi.dll
18:07:16.0377 3916 C:\Windows\System32\ssdpapi.dll - ok
18:07:16.0380 3916 [ 863F793D15B4026B1A5FDECA873D4D84 ] C:\Windows\SysWOW64\apphelp.dll
18:07:16.0380 3916 C:\Windows\SysWOW64\apphelp.dll - ok
18:07:16.0383 3916 [ B9A8CBCFCD3EC9D2EA4740AF347BF108 ] C:\Windows\SysWOW64\mpr.dll
18:07:16.0383 3916 C:\Windows\SysWOW64\mpr.dll - ok
18:07:16.0385 3916 [ 9E4B0E7472B4CEBA9E17F440B8CB0AB8 ] C:\Windows\SysWOW64\winspool.drv
18:07:16.0385 3916 C:\Windows\SysWOW64\winspool.drv - ok
18:07:16.0388 3916 [ 1727B2A2F379A32B864C096FA794AADC ] C:\Windows\System32\aepic.dll
18:07:16.0388 3916 C:\Windows\System32\aepic.dll - ok
18:07:16.0391 3916 [ C6DCD1D11ED6827F05C00773C3E7053C ] C:\Windows\System32\sfc.dll
18:07:16.0391 3916 C:\Windows\System32\sfc.dll - ok
18:07:16.0394 3916 [ 895C9AB0A855547445C4181195230757 ] C:\Windows\System32\sfc_os.dll
18:07:16.0394 3916 C:\Windows\System32\sfc_os.dll - ok
18:07:16.0396 3916 [ 7321F18D1F820612ED0E9F2D4B578A7E ] C:\Windows\SysWOW64\cryptsp.dll
18:07:16.0397 3916 C:\Windows\SysWOW64\cryptsp.dll - ok
18:07:16.0399 3916 [ 75A97A2C060E72AB49E071E08C7DD2BA ] C:\Windows\SysWOW64\wininet.dll
18:07:16.0399 3916 C:\Windows\SysWOW64\wininet.dll - ok
18:07:16.0402 3916 [ 2F86BE1818C2D7AC90478E3323EE7FCB ] C:\Program Files (x86)\Norton PC Checkup\Engine\2.0.17.38\ccSvcHst.exe
18:07:16.0402 3916 C:\Program Files (x86)\Norton PC Checkup\Engine\2.0.17.38\ccSvcHst.exe - ok
18:07:16.0405 3916 [ ED8EC63F7522DF4852147C84EC62C36A ] C:\Windows\SysWOW64\rsaenh.dll
18:07:16.0405 3916 C:\Windows\SysWOW64\rsaenh.dll - ok
18:07:16.0408 3916 [ 4C39358EBDD2FFCD9132A30E1EC31E16 ] C:\Windows\winsxs\x86_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.6161_none_50934f2ebcb7eb57\msvcp90.dll
18:07:16.0408 3916 C:\Windows\winsxs\x86_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.6161_none_50934f2ebcb7eb57\msvcp90.dll - ok
18:07:16.0411 3916 [ 88104CCBC329D185A881031A11259229 ] C:\Program Files (x86)\Norton PC Checkup\Engine\2.0.17.38\ccL90U.dll
18:07:16.0411 3916 C:\Program Files (x86)\Norton PC Checkup\Engine\2.0.17.38\ccL90U.dll - ok
18:07:16.0414 3916 [ CE71B9119A258EDD0A05B37D7B0F92E3 ] C:\Windows\SysWOW64\bcrypt.dll
18:07:16.0414 3916 C:\Windows\SysWOW64\bcrypt.dll - ok
18:07:16.0417 3916 [ E8449FE262D7406BCB2AC2A45C53EC5F ] C:\Windows\SysWOW64\bcryptprimitives.dll
18:07:16.0417 3916 C:\Windows\SysWOW64\bcryptprimitives.dll - ok
18:07:16.0419 3916 [ B17ADBBBDC97148D28F995F32C380F2E ] C:\Windows\SysWOW64\iertutil.dll
18:07:16.0419 3916 C:\Windows\SysWOW64\iertutil.dll - ok
18:07:16.0421 3916 [ 591FE0A6CEB19BF886CEB1331F591940 ] C:\Windows\SysWOW64\ncrypt.dll
18:07:16.0421 3916 C:\Windows\SysWOW64\ncrypt.dll - ok
18:07:16.0424 3916 [ CDBE9690CF2B8409FACAD94FAC9479C9 ] C:\Windows\winsxs\x86_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.6161_none_50934f2ebcb7eb57\msvcr90.dll
18:07:16.0425 3916 C:\Windows\winsxs\x86_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.6161_none_50934f2ebcb7eb57\msvcr90.dll - ok
18:07:16.0428 3916 [ 32EE27E6AC39863A2C99D29E73ED63A9 ] C:\Program Files (x86)\Intel\Intel® ME FW Recovery Agent\bin\QtCore4.dll
18:07:16.0428 3916 C:\Program Files (x86)\Intel\Intel® ME FW Recovery Agent\bin\QtCore4.dll - ok
18:07:16.0430 3916 [ 53223B673A3FA2F9A4D1C31C8D3F6CD8 ] C:\Windows\SysWOW64\dbghelp.dll
18:07:16.0431 3916 C:\Windows\SysWOW64\dbghelp.dll - ok
18:07:16.0433 3916 [ 1097F3035BAF46CED8B332B3564C5108 ] C:\Windows\SysWOW64\gpapi.dll
18:07:16.0433 3916 C:\Windows\SysWOW64\gpapi.dll - ok
18:07:16.0436 3916 [ 702254574E7E52052DE39408457B7149 ] C:\Windows\SysWOW64\version.dll
18:07:16.0436 3916 C:\Windows\SysWOW64\version.dll - ok
18:07:16.0441 3916 [ 0921ED273D89BA9778437ECD26B6A78A ] C:\Program Files (x86)\Norton PC Checkup\Engine\2.0.17.38\ccVrTrst.dll
18:07:16.0441 3916 C:\Program Files (x86)\Norton PC Checkup\Engine\2.0.17.38\ccVrTrst.dll - ok
18:07:16.0445 3916 [ 68769C3356B3BE5D1C732C97B9A80D6E ] C:\Windows\System32\drivers\PEAuth.sys
18:07:16.0445 3916 C:\Windows\System32\drivers\PEAuth.sys - ok
18:07:16.0448 3916 [ 667981F2E7C26275F0694B58EEE303B9 ] C:\Windows\SysWOW64\urlmon.dll
18:07:16.0449 3916 C:\Windows\SysWOW64\urlmon.dll - ok
18:07:16.0453 3916 [ 0C2B4C3B10D183BE116A38353E937F62 ] C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
18:07:16.0453 3916 C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe - ok
18:07:16.0457 3916 [ 465BEA35F7ED4A4A57686DEA7EA10F47 ] C:\Windows\SysWOW64\cscapi.dll
18:07:16.0457 3916 C:\Windows\SysWOW64\cscapi.dll - ok
18:07:16.0460 3916 [ 3FD15B4611D9BDA3F8013548C0ECAECA ] C:\Windows\SysWOW64\ntmarta.dll
18:07:16.0460 3916 C:\Windows\SysWOW64\ntmarta.dll - ok
18:07:16.0463 3916 [ A8BB45F9ECAD993461E0FEF8E2A99152 ] C:\Windows\SysWOW64\Wldap32.dll
18:07:16.0463 3916 C:\Windows\SysWOW64\Wldap32.dll - ok
18:07:16.0466 3916 [ 93F29E6964BAEF31E53D203992B0AFD4 ] C:\Program Files (x86)\Google\Update\1.3.21.115\GoogleCrashHandler.exe
18:07:16.0466 3916 C:\Program Files (x86)\Google\Update\1.3.21.115\GoogleCrashHandler.exe - ok
18:07:16.0469 3916 [ 4050600091370422C9B20AC34DC1ACAC ] C:\Program Files (x86)\Norton PC Checkup\Engine\2.0.17.38\ccSvc.dll
18:07:16.0469 3916 C:\Program Files (x86)\Norton PC Checkup\Engine\2.0.17.38\ccSvc.dll - ok
18:07:16.0472 3916 [ 16B44D246835EAC156F8DAF0AA4F530C ] C:\Program Files (x86)\Seagate\Seagate Dashboard\SeagateDashboardService.exe
18:07:16.0472 3916 C:\Program Files (x86)\Seagate\Seagate Dashboard\SeagateDashboardService.exe - ok
18:07:16.0475 3916 [ C282F4A84FDA6EF4376996542F7A1249 ] C:\Program Files (x86)\Google\Update\1.3.21.115\GoogleCrashHandler64.exe
18:07:16.0475 3916 C:\Program Files (x86)\Google\Update\1.3.21.115\GoogleCrashHandler64.exe - ok
18:07:16.0478 3916 [ 2A5D98F0F5232E466F2A2EF5E549DF08 ] C:\Program Files (x86)\Intel\Intel® ME FW Recovery Agent\bin\uuid.dll
18:07:16.0478 3916 C:\Program Files (x86)\Intel\Intel® ME FW Recovery Agent\bin\uuid.dll - ok
18:07:16.0481 3916 [ 09A06ECC3CE3048B17F25F75ACC63D14 ] C:\Program Files (x86)\Norton PC Checkup\Engine\2.0.17.38\ccIPC.dll
18:07:16.0481 3916 C:\Program Files (x86)\Norton PC Checkup\Engine\2.0.17.38\ccIPC.dll - ok
18:07:16.0484 3916 [ FF5688D309347F2720911D8796912834 ] C:\Windows\SysWOW64\clbcatq.dll
18:07:16.0484 3916 C:\Windows\SysWOW64\clbcatq.dll - ok
18:07:16.0487 3916 [ D83947A58613E9091B4C9CC0F1546A8D ] C:\Windows\SysWOW64\mscoree.dll
18:07:16.0487 3916 C:\Windows\SysWOW64\mscoree.dll - ok
18:07:16.0489 3916 [ C5A99A4C0DC9F0F5A95BA0C83D30A549 ] C:\Windows\SysWOW64\mstask.dll
18:07:16.0489 3916 C:\Windows\SysWOW64\mstask.dll - ok
18:07:16.0493 3916 [ 4552F8F61A7975C2359D19673483604D ] C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorwks.dll
18:07:16.0493 3916 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorwks.dll - ok
18:07:16.0495 3916 [ F5DF6846F30E9F54EA60CCAEB3FB2055 ] C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscoreei.dll
18:07:16.0495 3916 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscoreei.dll - ok
18:07:16.0498 3916 [ 6316957BB3431DFB06BFFA98C0F1926E ] C:\Windows\SysWOW64\cryptnet.dll
18:07:16.0498 3916 C:\Windows\SysWOW64\cryptnet.dll - ok
18:07:16.0501 3916 [ 6F8E3B7B70E1BBA871212940C1FBDF60 ] C:\Windows\SysWOW64\SensApi.dll
18:07:16.0501 3916 C:\Windows\SysWOW64\SensApi.dll - ok
18:07:16.0504 3916 [ 725E8022808C6B92D99EF36F2E9FCE02 ] C:\Program Files (x86)\Norton PC Checkup\Engine\2.0.17.38\diMaster.dll
18:07:16.0505 3916 C:\Program Files (x86)\Norton PC Checkup\Engine\2.0.17.38\diMaster.dll - ok
18:07:16.0508 3916 [ 5997D769CDB108390DCFAEBF442BF816 ] C:\Windows\SysWOW64\RpcRtRemote.dll
18:07:16.0508 3916 C:\Windows\SysWOW64\RpcRtRemote.dll - ok
18:07:16.0513 3916 [ 6C518D405318E21AB6F1987EA056638F ] C:\Program Files (x86)\Intel\Intel® ME FW Recovery Agent\bin\logger.dll
18:07:16.0513 3916 C:\Program Files (x86)\Intel\Intel® ME FW Recovery Agent\bin\logger.dll - ok
18:07:16.0518 3916 [ 2B61F6766CAE1125C00DD9DDD268D876 ] C:\Program Files (x86)\Norton PC Checkup\Engine\2.0.17.38\ccSet.dll
18:07:16.0518 3916 C:\Program Files (x86)\Norton PC Checkup\Engine\2.0.17.38\ccSet.dll - ok
18:07:16.0522 3916 [ F93674263F6B07C77956E966953242D9 ] C:\Windows\SysWOW64\secur32.dll
18:07:16.0522 3916 C:\Windows\SysWOW64\secur32.dll - ok
18:07:16.0526 3916 [ C9564CF4976E7E96B4052737AA2492B4 ] C:\Windows\winsxs\x86_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.6195_none_d09154e044272b9a\msvcr80.dll
18:07:16.0526 3916 C:\Windows\winsxs\x86_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.6195_none_d09154e044272b9a\msvcr80.dll - ok
18:07:16.0530 3916 [ 5B465C535EA4F73C4B14A1320B8CA5F8 ] C:\Program Files (x86)\Norton PC Checkup\Engine\2.0.17.38\ccJobMgr.dll
18:07:16.0530 3916 C:\Program Files (x86)\Norton PC Checkup\Engine\2.0.17.38\ccJobMgr.dll - ok
18:07:16.0533 3916 [ 418E881201583A3039D81F43E39E6C78 ] C:\Windows\SysWOW64\winsta.dll
18:07:16.0533 3916 C:\Windows\SysWOW64\winsta.dll - ok
18:07:16.0536 3916 [ C2335D714EFAFFFB4C7A3C164F2024B1 ] C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\acfc1391e45fedd2a359778ea57d914c\mscorlib.ni.dll
18:07:16.0536 3916 C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\acfc1391e45fedd2a359778ea57d914c\mscorlib.ni.dll - ok
18:07:16.0539 3916 [ 08DFDBD2FD4EA951DC46B1C7661ED35A ] C:\Windows\SysWOW64\powrprof.dll
18:07:16.0539 3916 C:\Windows\SysWOW64\powrprof.dll - ok
18:07:16.0543 3916 [ F6252071299496777D1E3EC407A90929 ] C:\Program Files (x86)\Intel\Intel® ME FW Recovery Agent\bin\log4cplus.dll
18:07:16.0543 3916 C:\Program Files (x86)\Intel\Intel® ME FW Recovery Agent\bin\log4cplus.dll - ok
18:07:16.0546 3916 [ 6A35DA5E8324247CA2915D0F40F69A99 ] C:\Program Files (x86)\Intel\Intel® ME FW Recovery Agent\bin\UpdateServiceProxy.dll
18:07:16.0546 3916 C:\Program Files (x86)\Intel\Intel® ME FW Recovery Agent\bin\UpdateServiceProxy.dll - ok
18:07:16.0549 3916 [ 26A68554F95A344B62E5771AF598E0E8 ] C:\Windows\assembly\NativeImages_v2.0.50727_32\System\ce9ff6baf9053ed2ed673d948179195c\System.ni.dll
18:07:16.0549 3916 C:\Windows\assembly\NativeImages_v2.0.50727_32\System\ce9ff6baf9053ed2ed673d948179195c\System.ni.dll - ok
18:07:16.0552 3916 [ 75BCC4043512E41D83C8F224B168039C ] C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorjit.dll
18:07:16.0552 3916 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorjit.dll - ok
18:07:16.0555 3916 [ 20D7EDD027DE6DB15517EAE69FB5F9DC ] C:\Program Files (x86)\Intel\Intel® ME FW Recovery Agent\bin\serializer.dll
18:07:16.0555 3916 C:\Program Files (x86)\Intel\Intel® ME FW Recovery Agent\bin\serializer.dll - ok
18:07:16.0558 3916 [ 17FADECB631FF8DBE735BA33409885C2 ] C:\Windows\assembly\NativeImages_v2.0.50727_32\System.ServiceProce#\69ca4a43ba14b66689715ad62aed70e6\System.ServiceProcess.ni.dll
18:07:16.0558 3916 C:\Windows\assembly\NativeImages_v2.0.50727_32\System.ServiceProce#\69ca4a43ba14b66689715ad62aed70e6\System.ServiceProcess.ni.dll - ok
18:07:16.0561 3916 [ 3EA8A16169C26AFBEB544E0E48421186 ] C:\Windows\System32\drivers\secdrv.sys
18:07:16.0561 3916 C:\Windows\System32\drivers\secdrv.sys - ok
18:07:16.0564 3916 [ 27E461F0BE5BFF5FC737328F749538C3 ] C:\Windows\System32\drivers\srvnet.sys
18:07:16.0564 3916 C:\Windows\System32\drivers\srvnet.sys - ok
18:07:16.0567 3916 [ DF687E3D8836BFB04FCC0615BF15A519 ] C:\Windows\System32\drivers\tcpipreg.sys
18:07:16.0568 3916 C:\Windows\System32\drivers\tcpipreg.sys - ok
18:07:16.0570 3916 [ BF9CCC0BF39B418C8D0AE8B05CF95B7D ] C:\Windows\System32\sysmain.dll
18:07:16.0570 3916 C:\Windows\System32\sysmain.dll - ok
18:07:16.0573 3916 [ A490B22BD077D42E385581047801B6B2 ] C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Remo#\03dee80574f4ec770b6f77ca030ded6c\System.Runtime.Remoting.ni.dll
18:07:16.0574 3916 C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Remo#\03dee80574f4ec770b6f77ca030ded6c\System.Runtime.Remoting.ni.dll - ok
18:07:16.0576 3916 [ ED32035BDFECED1AD66D459FD9CC1140 ] C:\Windows\System32\TODDSrv.exe
18:07:16.0577 3916 C:\Windows\System32\TODDSrv.exe - ok
18:07:16.0580 3916 [ 10307046E19C8EC964C792A798B32BB3 ] C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\cfa9c506bfb9254c89dace7b83bc9f9d\System.Configuration.ni.dll
18:07:16.0580 3916 C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\cfa9c506bfb9254c89dace7b83bc9f9d\System.Configuration.ni.dll - ok
18:07:16.0582 3916 [ EE77F3CC36F8F96B9F0E1691AAC39C81 ] C:\Program Files (x86)\Seagate\Seagate Dashboard\Memeo.Common.dll
18:07:16.0582 3916 C:\Program Files (x86)\Seagate\Seagate Dashboard\Memeo.Common.dll - ok
18:07:16.0586 3916 [ DDFB839074FA7980726D24495AEB25E3 ] C:\Program Files\TOSHIBA\Power Saver\TosCoSrv.exe
18:07:16.0586 3916 C:\Program Files\TOSHIBA\Power Saver\TosCoSrv.exe - ok
18:07:16.0588 3916 [ 7706954547701CBF38BE672A60746BD7 ] C:\Program Files\TOSHIBA\Power Saver\TPwrFunc.dll
18:07:16.0588 3916 C:\Program Files\TOSHIBA\Power Saver\TPwrFunc.dll - ok
18:07:16.0591 3916 [ 6650A8960EC5AAD4903D534105506024 ] C:\Program Files\TOSHIBA\Power Saver\TPwrReg.dll
18:07:16.0592 3916 C:\Program Files\TOSHIBA\Power Saver\TPwrReg.dll - ok
18:07:16.0594 3916 [ 2291D1FABC087E43D4122CACE1CA30F9 ] C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml\ba3d70b651454c7d49b407b93663bfed\System.Xml.ni.dll
18:07:16.0594 3916 C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml\ba3d70b651454c7d49b407b93663bfed\System.Xml.ni.dll - ok
18:07:16.0598 3916 [ 6C12350190D86FA7C19D9D4F47C78958 ] C:\Program Files\TOSHIBA\Power Saver\TtosFunc.dll
18:07:16.0598 3916 C:\Program Files\TOSHIBA\Power Saver\TtosFunc.dll - ok
18:07:16.0601 3916 [ ED6EA226D8C2C1176D8D9A98A135D5E4 ] C:\Program Files (x86)\Intel\Intel® ME FW Recovery Agent\bin\QtXml4.dll
18:07:16.0601 3916 C:\Program Files (x86)\Intel\Intel® ME FW Recovery Agent\bin\QtXml4.dll - ok
18:07:16.0604 3916 [ 2BACD71123F42CEA603F4E205E1AE337 ] C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
18:07:16.0604 3916 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE - ok
18:07:16.0607 3916 [ 7E7AFD841694F6AC397E99D75CEAD49D ] C:\Windows\System32\trkwks.dll
18:07:16.0607 3916 C:\Windows\System32\trkwks.dll - ok

18:07:16.0610 3916 [ 0255C22D99602534F15CBB8D9B6F152F ] C:\Windows\System32\wbem\WinMgmtR.dll
18:07:16.0610 3916 C:\Windows\System32\wbem\WinMgmtR.dll - ok
18:07:16.0613 3916 [ 0C52762C606BCF6A377D5E4688191A6B ] C:\Windows\System32\wbem\WmiDcPrv.dll
18:07:16.0613 3916 C:\Windows\System32\wbem\WmiDcPrv.dll - ok
18:07:16.0616 3916 [ 19B07E7E8915D701225DA41CB3877306 ] C:\Windows\System32\wbem\WMIsvc.dll
18:07:16.0616 3916 C:\Windows\System32\wbem\WMIsvc.dll - ok
18:07:16.0618 3916 [ 93812FDC01AA864195816CD814445F95 ] C:\Program Files\Common Files\Microsoft Shared\Windows Live\SQMAPI.DLL
18:07:16.0618 3916 C:\Program Files\Common Files\Microsoft Shared\Windows Live\SQMAPI.DLL - ok
18:07:16.0621 3916 [ EE26D130808D16C0E417BBBED0451B34 ] C:\Windows\System32\ntdsapi.dll
18:07:16.0621 3916 C:\Windows\System32\ntdsapi.dll - ok
18:07:16.0624 3916 [ A3F5E8EC1316C3E2562B82694A251C9E ] C:\Windows\System32\wbem\fastprox.dll
18:07:16.0625 3916 C:\Windows\System32\wbem\fastprox.dll - ok
18:07:16.0628 3916 [ 539C49CEBB3C50957AC8A09D95ECD880 ] C:\Windows\SysWOW64\shfolder.dll
18:07:16.0628 3916 C:\Windows\SysWOW64\shfolder.dll - ok
18:07:16.0631 3916 [ 5EB55F661DEBF156E126160BCD4D89F8 ] C:\Windows\System32\wbem\wbemcore.dll
18:07:16.0631 3916 C:\Windows\System32\wbem\wbemcore.dll - ok
18:07:16.0634 3916 [ 9689A9C7F7C2A1A423CDA2C3B43FFF65 ] C:\Windows\System32\wer.dll
18:07:16.0634 3916 C:\Windows\System32\wer.dll - ok
18:07:16.0637 3916 [ 087D8668C71634A3A3761135ABF16EEE ] C:\Windows\System32\wbem\esscli.dll
18:07:16.0637 3916 C:\Windows\System32\wbem\esscli.dll - ok
18:07:16.0640 3916 [ 718B6F51AB7F6FE2988A36868F9AD3AB ] C:\Windows\System32\wbem\wbemsvc.dll
18:07:16.0641 3916 C:\Windows\System32\wbem\wbemsvc.dll - ok
18:07:16.0643 3916 [ 0143DB80DACFB7C2B5B7009ED9063353 ] C:\Windows\System32\wbem\wmiutils.dll
18:07:16.0643 3916 C:\Windows\System32\wbem\wmiutils.dll - ok
18:07:16.0646 3916 [ 275B00B7DC661CCF9146B63659041908 ] C:\Program Files (x86)\Intel\Intel® ME FW Recovery Agent\bin\payload.dll
18:07:16.0646 3916 C:\Program Files (x86)\Intel\Intel® ME FW Recovery Agent\bin\payload.dll - ok
18:07:16.0649 3916 [ 3B919CBDDE7AE3376ED296839846C3DD ] C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\6bb439b3f87736d3248ae27d43e2c0d6\System.Drawing.ni.dll
18:07:16.0649 3916 C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\6bb439b3f87736d3248ae27d43e2c0d6\System.Drawing.ni.dll - ok
18:07:16.0653 3916 [ 0AB34456654C283DAA13B8D2BA21439B ] C:\Windows\System32\wbem\repdrvfs.dll
18:07:16.0653 3916 C:\Windows\System32\wbem\repdrvfs.dll - ok
18:07:16.0656 3916 [ BD23077CBAD092A5EA5F77ED874F32A2 ] C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\7b7fbe651c6e72f12099a298654c9594\System.Windows.Forms.ni.dll
18:07:16.0656 3916 C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\7b7fbe651c6e72f12099a298654c9594\System.Windows.Forms.ni.dll - ok
18:07:16.0660 3916 [ DDD0357A92FA843EFF8915ED17253D6C ] C:\Windows\System32\wbem\WmiPrvSD.dll
18:07:16.0661 3916 C:\Windows\System32\wbem\WmiPrvSD.dll - ok
18:07:16.0663 3916 [ D2FE4103450E52CB248D842501F84B90 ] C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe
18:07:16.0663 3916 C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe - ok
18:07:16.0666 3916 [ D41FEBD098234F02485A4EA98D4730A4 ] C:\Windows\System32\ncobjapi.dll
18:07:16.0666 3916 C:\Windows\System32\ncobjapi.dll - ok
18:07:16.0670 3916 [ 6F40D6FB05E0C1E5402812B426971AF0 ] C:\Windows\System32\wbem\wbemess.dll
18:07:16.0670 3916 C:\Windows\System32\wbem\wbemess.dll - ok
18:07:16.0672 3916 [ C4BAEC2E8B56B6337E722F8161BAAAAF ] C:\Program Files (x86)\Intel\Intel® ME FW Recovery Agent\bin\DispatcherProxy.dll
18:07:16.0672 3916 C:\Program Files (x86)\Intel\Intel® ME FW Recovery Agent\bin\DispatcherProxy.dll - ok
18:07:16.0675 3916 [ 521202AA6F2B74FCCC6BC7E162109D71 ] C:\Windows\System32\wbem\unsecapp.exe
18:07:16.0675 3916 C:\Windows\System32\wbem\unsecapp.exe - ok
18:07:16.0679 3916 [ A34A587FFFD45FA649FBA6D03784D257 ] C:\Windows\System32\iphlpsvc.dll
18:07:16.0679 3916 C:\Windows\System32\iphlpsvc.dll - ok
18:07:16.0683 3916 [ 18CC3B3DB8840C6776A69E758A2B8A77 ] C:\Program Files\TOSHIBA\TECO\TecoService.exe
18:07:16.0683 3916 C:\Program Files\TOSHIBA\TECO\TecoService.exe - ok
18:07:16.0687 3916 [ 715CFFF09131C968E1A72424D89D2627 ] C:\ProgramData\Microsoft\IdentityCRL\production\ppcrlconfig600.dll
18:07:16.0687 3916 C:\ProgramData\Microsoft\IdentityCRL\production\ppcrlconfig600.dll - ok
18:07:16.0691 3916 [ B4ADEBBF5E3677CCE9651E0F01F7CC28 ] C:\Windows\System32\drivers\srv2.sys
18:07:16.0691 3916 C:\Windows\System32\drivers\srv2.sys - ok
18:07:16.0694 3916 [ 0B2D65FDDE31069299AA6330F359FF9C ] C:\Windows\System32\msxml3.dll
18:07:16.0694 3916 C:\Windows\System32\msxml3.dll - ok
18:07:16.0697 3916 [ 27B9E163740A226B65E4B9E186117911 ] C:\Windows\System32\sqmapi.dll
18:07:16.0698 3916 C:\Windows\System32\sqmapi.dll - ok
18:07:16.0700 3916 [ 7B38D7916A7CD058C16A0A6CA5077901 ] C:\Windows\System32\wdscore.dll
18:07:16.0700 3916 C:\Windows\System32\wdscore.dll - ok
18:07:16.0704 3916 [ E257D8DAD1E7CEBC18C6E2672BDF127D ] C:\Program Files\TOSHIBA\TECO\TecoHci.dll
18:07:16.0704 3916 C:\Program Files\TOSHIBA\TECO\TecoHci.dll - ok
18:07:16.0707 3916 [ 2EF8713AE6C56B055DF95F425EEE433A ] C:\Program Files\TOSHIBA\TECO\TecoPower.dll
18:07:16.0708 3916 C:\Program Files\TOSHIBA\TECO\TecoPower.dll - ok
18:07:16.0711 3916 [ FEB91B4DA0D540865260A33838654FA3 ] C:\Windows\System32\nci.dll
18:07:16.0711 3916 C:\Windows\System32\nci.dll - ok
18:07:16.0714 3916 [ 8E66B9D4748B330D5918F91EBAFFA59C ] C:\Program Files (x86)\Seagate\Seagate Dashboard\Memeo.Dashboard.Remote.dll
18:07:16.0714 3916 C:\Program Files (x86)\Seagate\Seagate Dashboard\Memeo.Dashboard.Remote.dll - ok
18:07:16.0717 3916 [ 2A46FFE841EC43001D5A293A54DB34DE ] C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
18:07:16.0717 3916 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE - ok
18:07:16.0720 3916 [ 3B367397320C26DBA890B260F80D1B1B ] C:\Windows\System32\hnetcfg.dll
18:07:16.0720 3916 C:\Windows\System32\hnetcfg.dll - ok
18:07:16.0723 3916 [ 220159496484D34009DE71CA1A68E0D4 ] C:\Windows\System32\wbem\NCProv.dll
18:07:16.0723 3916 C:\Windows\System32\wbem\NCProv.dll - ok
18:07:16.0726 3916 [ 4F096E6DF6D6AA79E0F1F5A8C09345F8 ] C:\Program Files (x86)\Intel\Intel® ME FW Recovery Agent\bin\libgsoap.dll
18:07:16.0726 3916 C:\Program Files (x86)\Intel\Intel® ME FW Recovery Agent\bin\libgsoap.dll - ok
18:07:16.0729 3916 [ 441FBA48BFF01FDB9D5969EBC1838F0B ] C:\Windows\System32\drivers\srv.sys
18:07:16.0729 3916 C:\Windows\System32\drivers\srv.sys - ok
18:07:16.0732 3916 [ 619A67C9F617B7E69315BB28ECD5E1DF ] C:\Windows\System32\wbem\WmiPrvSE.exe
18:07:16.0732 3916 C:\Windows\System32\wbem\WmiPrvSE.exe - ok
18:07:16.0735 3916 [ D9F42719019740BAA6D1C6D536CBDAA6 ] C:\Windows\System32\srvsvc.dll
18:07:16.0735 3916 C:\Windows\System32\srvsvc.dll - ok
18:07:16.0737 3916 [ F9A5AEDEB954D37BE3C13F2CAC02727B ] C:\Program Files (x86)\Intel\Intel® ME FW Recovery Agent\bin\libeay32.dll
18:07:16.0737 3916 C:\Program Files (x86)\Intel\Intel® ME FW Recovery Agent\bin\libeay32.dll - ok
18:07:16.0741 3916 [ 99EB1546D6F02C259D8F05CFE99A995B ] C:\Program Files\Intel\WiFi\bin\Ps7ZCfgS.dll
18:07:16.0741 3916 C:\Program Files\Intel\WiFi\bin\Ps7ZCfgS.dll - ok
18:07:16.0743 3916 [ 05F5A0D14A2EE1D8255C2AA0E9E8E694 ] C:\Windows\System32\browser.dll
18:07:16.0743 3916 C:\Windows\System32\browser.dll - ok
18:07:16.0746 3916 [ F11A57E91FDAECFB41A5CB21EB1EBC8E ] C:\Windows\System32\dssenh.dll
18:07:16.0746 3916 C:\Windows\System32\dssenh.dll - ok
18:07:16.0749 3916 [ CFEFA40DDE34659BE5211966EAD86437 ] C:\Windows\System32\netmsg.dll
18:07:16.0749 3916 C:\Windows\System32\netmsg.dll - ok
18:07:16.0751 3916 [ DF13A51A5C591887D2EC6AE64CEED0FA ] C:\Windows\SysWOW64\wsock32.dll
18:07:16.0751 3916 C:\Windows\SysWOW64\wsock32.dll - ok
18:07:16.0754 3916 [ 81749E073AC5857B044A686B406E5244 ] C:\Windows\System32\clusapi.dll
18:07:16.0754 3916 C:\Windows\System32\clusapi.dll - ok
18:07:16.0757 3916 [ 344FCC9850C3A8A3B4D3C65151AF8E4C ] C:\Windows\System32\resutils.dll
18:07:16.0758 3916 C:\Windows\System32\resutils.dll - ok
18:07:16.0760 3916 [ FF80CAD87555E8E4D2CFD7B9058343F8 ] C:\Windows\System32\sscore.dll
18:07:16.0760 3916 C:\Windows\System32\sscore.dll - ok
18:07:16.0763 3916 [ B3FB360040585245DF0A4E63A8987BDF ] C:\Program Files (x86)\Intel\Intel® ME FW Recovery Agent\bin\ssleay32.dll
18:07:16.0763 3916 C:\Program Files (x86)\Intel\Intel® ME FW Recovery Agent\bin\ssleay32.dll - ok
18:07:16.0766 3916 [ 79AFFC7FEEA9CD2FEFEA5EF3B631A02C ] C:\Windows\System32\ndiscapCfg.dll
18:07:16.0766 3916 C:\Windows\System32\ndiscapCfg.dll - ok
18:07:16.0770 3916 [ 83564FD69621419EABBE1AE03428976D ] C:\Program Files (x86)\Intel\Intel® ME FW Recovery Agent\bin\zlib1.dll
18:07:16.0770 3916 C:\Program Files (x86)\Intel\Intel® ME FW Recovery Agent\bin\zlib1.dll - ok
18:07:16.0774 3916 [ 2DF29664ED261F0FC448E58F338F0671 ] C:\Windows\System32\mprapi.dll
18:07:16.0774 3916 C:\Windows\System32\mprapi.dll - ok
18:07:16.0778 3916 [ 1CF21800E337F4039AAD4C94B4280EE4 ] C:\Windows\System32\mprmsg.dll
18:07:16.0778 3916 C:\Windows\System32\mprmsg.dll - ok
18:07:16.0781 3916 [ 3D6AF45673C4B31CDECD7F80AF09D443 ] C:\Windows\System32\rascfg.dll
18:07:16.0781 3916 C:\Windows\System32\rascfg.dll - ok
18:07:16.0784 3916 [ 55DE45B116711881C852D2841E4C84DD ] C:\Windows\System32\tcpipcfg.dll
18:07:16.0784 3916 C:\Windows\System32\tcpipcfg.dll - ok
18:07:16.0788 3916 [ DDB8769E14BDF097879B6345394C5889 ] C:\Program Files (x86)\Intel\Intel® ME FW Recovery Agent\bin\localMessage.dll
18:07:16.0788 3916 C:\Program Files (x86)\Intel\Intel® ME FW Recovery Agent\bin\localMessage.dll - ok
18:07:16.0793 3916 [ A9539131F6C8EF5068FA16D581285EBB ] C:\Program Files (x86)\Intel\Intel® ME FW Recovery Agent\bin\ServiceManagerStarter.dll
18:07:16.0793 3916 C:\Program Files (x86)\Intel\Intel® ME FW Recovery Agent\bin\ServiceManagerStarter.dll - ok
18:07:16.0797 3916 [ AD18A46DE75479C9B9AEC783FB7F9883 ] C:\Program Files (x86)\Intel\Intel® ME FW Recovery Agent\bin\QtNetwork4.dll
18:07:16.0797 3916 C:\Program Files (x86)\Intel\Intel® ME FW Recovery Agent\bin\QtNetwork4.dll - ok
18:07:16.0801 3916 [ 704314FD398C81D5F342CAA5DF7B7F21 ] C:\Windows\SysWOW64\wbemcomn.dll
18:07:16.0801 3916 C:\Windows\SysWOW64\wbemcomn.dll - ok
18:07:16.0805 3916 [ CFC7D8289D2B5F3CF8D16E2DB7F93D4A ] C:\Windows\SysWOW64\wbem\fastprox.dll
18:07:16.0805 3916 C:\Windows\SysWOW64\wbem\fastprox.dll - ok
18:07:16.0809 3916 [ C5B0324DB461559ADD070E632A6919FA ] C:\Windows\SysWOW64\wbem\wbemprox.dll
18:07:16.0809 3916 C:\Windows\SysWOW64\wbem\wbemprox.dll - ok
18:07:16.0818 3916 [ 776AE0564F8B1C282E331FD95A1BDC5F ] C:\Windows\SysWOW64\wbem\wbemsvc.dll
18:07:16.0818 3916 C:\Windows\SysWOW64\wbem\wbemsvc.dll - ok
18:07:16.0821 3916 [ E3E811471DE781900FF21C1FD84E941E ] C:\Windows\SysWOW64\ntdsapi.dll
18:07:16.0821 3916 C:\Windows\SysWOW64\ntdsapi.dll - ok
18:07:16.0825 3916 [ 3977D4A871CA0D4F2ED1E7DB46829731 ] C:\Windows\System32\appinfo.dll
18:07:16.0825 3916 C:\Windows\System32\appinfo.dll - ok
18:07:16.0830 3916 [ F7073C962C4FB7C415565DDE109DE49F ] C:\Windows\System32\npmproxy.dll
18:07:16.0830 3916 C:\Windows\System32\npmproxy.dll - ok
18:07:16.0835 3916 [ 93221146D4EBBF314C29B23CD6CC391D ] C:\Windows\System32\wpdbusenum.dll
18:07:16.0835 3916 C:\Windows\System32\wpdbusenum.dll - ok
18:07:16.0838 3916 [ BF4AC709BE5BF64F331F5D67773A0C82 ] C:\Windows\System32\perftrack.dll
18:07:16.0838 3916 C:\Windows\System32\perftrack.dll - ok
18:07:16.0841 3916 [ BF1FC3F79B863C914687A737C2F3D681 ] C:\Windows\System32\wdi.dll
18:07:16.0841 3916 C:\Windows\System32\wdi.dll - ok
18:07:16.0845 3916 [ 4449D23E8F197862F1B16F1E6C89C36C ] C:\Windows\System32\diagperf.dll
18:07:16.0845 3916 C:\Windows\System32\diagperf.dll - ok
18:07:16.0849 3916 [ E64D9EC8018C55873B40FDEE9DBEF5B3 ] C:\Windows\System32\PortableDeviceApi.dll
18:07:16.0849 3916 C:\Windows\System32\PortableDeviceApi.dll - ok
18:07:16.0852 3916 [ 12C45E3CB6D65F73209549E2D02ECA7A ] C:\Windows\SysWOW64\propsys.dll
18:07:16.0852 3916 C:\Windows\SysWOW64\propsys.dll - ok
18:07:16.0855 3916 [ 43964FA89CCF97BA6BE34D69455AC65F ] C:\Windows\SysWOW64\uxtheme.dll
18:07:16.0855 3916 C:\Windows\SysWOW64\uxtheme.dll - ok
18:07:16.0858 3916 [ D5AEFAD57C08349A4393D987DF7C715D ] C:\Windows\SysWOW64\winmm.dll
18:07:16.0858 3916 C:\Windows\SysWOW64\winmm.dll - ok
18:07:16.0861 3916 [ AFA79C343F9D1555F7E5D5FA70BB2A14 ] C:\Windows\System32\PortableDeviceConnectApi.dll
18:07:16.0861 3916 C:\Windows\System32\PortableDeviceConnectApi.dll - ok
18:07:16.0864 3916 [ E1B22739C933BE33F53DB58C5393ADD3 ] C:\Windows\System32\Apphlpdm.dll
18:07:16.0864 3916 C:\Windows\System32\Apphlpdm.dll - ok
18:07:16.0867 3916 [ 9719E3D834F5C8C43F56A93DFA497023 ] C:\Windows\System32\pnpts.dll
18:07:16.0867 3916 C:\Windows\System32\pnpts.dll - ok
18:07:16.0869 3916 [ 46863C4CC5B68EB09EA2D5EEF0F1193A ] C:\Windows\System32\radardt.dll
18:07:16.0870 3916 C:\Windows\System32\radardt.dll - ok
18:07:16.0872 3916 [ E811F8510B133E70CF6E509FB809824F ] C:\Windows\System32\wdiasqmmodule.dll
18:07:16.0872 3916 C:\Windows\System32\wdiasqmmodule.dll - ok
18:07:16.0875 3916 [ CF8D590BE3373029D57AF80914190682 ] C:\Windows\System32\drivers\WUDFRd.sys
18:07:16.0875 3916 C:\Windows\System32\drivers\WUDFRd.sys - ok
18:07:16.0878 3916 [ 07AD88DF9EF73215458867EFC1BFFE9E ] C:\Windows\System32\wbem\wmiprov.dll
18:07:16.0878 3916 C:\Windows\System32\wbem\wmiprov.dll - ok
18:07:16.0881 3916 [ 6607C2182C6A53ED983813AFE2F85768 ] C:\Windows\System32\wbem\cimwin32.dll
18:07:16.0881 3916 C:\Windows\System32\wbem\cimwin32.dll - ok
18:07:16.0884 3916 [ D0FF1CA89D013B94768A289023958F6B ] C:\Windows\System32\WUDFHost.exe
18:07:16.0884 3916 C:\Windows\System32\WUDFHost.exe - ok
18:07:16.0887 3916 [ 1484B9EBF567346582DE571B0E164AE0 ] C:\Windows\System32\framedynos.dll
18:07:16.0887 3916 C:\Windows\System32\framedynos.dll - ok
18:07:16.0890 3916 [ 32E15ECF5854F5610BC895490BC3246A ] C:\Windows\SysWOW64\ieframe.dll
18:07:16.0890 3916 C:\Windows\SysWOW64\ieframe.dll - ok
18:07:16.0892 3916 [ 1950B1C38AED4154BA79F77E36494D8A ] C:\Windows\System32\WUDFx.dll
18:07:16.0892 3916 C:\Windows\System32\WUDFx.dll - ok
18:07:16.0895 3916 [ 8E01332CC4B68BC6B5B7EFFE374442AA ] C:\Windows\SysWOW64\oleacc.dll
18:07:16.0895 3916 C:\Windows\SysWOW64\oleacc.dll - ok
18:07:16.0898 3916 [ 91D6F0AB79AA36FFB932157865206F35 ] C:\Windows\System32\drivers\UMDF\WpdFs.dll
18:07:16.0898 3916 C:\Windows\System32\drivers\UMDF\WpdFs.dll - ok
18:07:16.0901 3916 [ 9864D52F15AD32094A636C6B5281D9E7 ] C:\Windows\System32\WMVCORE.DLL
18:07:16.0901 3916 C:\Windows\System32\WMVCORE.DLL - ok
18:07:16.0903 3916 [ A42F2C1EB3B66C54FB3C7B79D30C1A6D ] C:\Windows\System32\netshell.dll
18:07:16.0903 3916 C:\Windows\System32\netshell.dll - ok
18:07:16.0906 3916 [ AACC48FE239F0DF126DA2F28930A5B83 ] C:\Windows\System32\WMASF.DLL
18:07:16.0906 3916 C:\Windows\System32\WMASF.DLL - ok
18:07:16.0909 3916 [ 389CA818132C1D7DCF0C791E8D9035DE ] C:\Windows\System32\PortableDeviceClassExtension.dll
18:07:16.0909 3916 C:\Windows\System32\PortableDeviceClassExtension.dll - ok
18:07:16.0912 3916 [ 4F3CD1C59EA71401E155C432BCECE180 ] C:\Windows\System32\PortableDeviceTypes.dll
18:07:16.0912 3916 C:\Windows\System32\PortableDeviceTypes.dll - ok
18:07:16.0915 3916 [ 39C5F32747B3414D1BB216FDB1DEFC58 ] C:\Windows\SysWOW64\dwmapi.dll
18:07:16.0915 3916 C:\Windows\SysWOW64\dwmapi.dll - ok
18:07:16.0918 3916 [ 378EFC4E8261EFBA586CBB056CFB1B1E ] C:\Program Files\Intel\WiFi\bin\P2PSupplicant.dll
18:07:16.0918 3916 C:\Program Files\Intel\WiFi\bin\P2PSupplicant.dll - ok
18:07:16.0921 3916 [ CD37E8F77BFF71F104BDC941A393F0B5 ] C:\Program Files (x86)\Intel\Intel® ME FW Recovery Agent\bin\ismagent.exe
18:07:16.0921 3916 C:\Program Files (x86)\Intel\Intel® ME FW Recovery Agent\bin\ismagent.exe - ok
18:07:16.0923 3916 [ BAE2ADC5391049EB4EE4B35231882460 ] C:\Program Files\Intel\WiFi\bin\PfMgrApi.dll
18:07:16.0923 3916 C:\Program Files\Intel\WiFi\bin\PfMgrApi.dll - ok
18:07:16.0926 3916 [ 025E7DBDB98866ED3CB2D4DDA70B364D ] C:\Windows\System32\runonce.exe
18:07:16.0926 3916 C:\Windows\System32\runonce.exe - ok
18:07:16.0929 3916 [ D44741F65A1D71F65814A12CF6E2400A ] C:\Windows\SysWOW64\runonce.exe
18:07:16.0930 3916 C:\Windows\SysWOW64\runonce.exe - ok
18:07:16.0933 3916 [ 52A8D9F0E8ADBEB6D82E8ED3364FE231 ] C:\Program Files\Intel\WiFi\bin\DbEngine.dll
18:07:16.0934 3916 C:\Program Files\Intel\WiFi\bin\DbEngine.dll - ok
18:07:16.0938 3916 [ 858176715EA25C14303FFEC047B98169 ] C:\Program Files (x86)\Intel\Intel® ME FW Recovery Agent\bin\CorePersistenceAPI.dll
18:07:16.0938 3916 C:\Program Files (x86)\Intel\Intel® ME FW Recovery Agent\bin\CorePersistenceAPI.dll - ok
18:07:16.0942 3916 [ 210FCACAF902B2CD47CF9FD17D846146 ] C:\Windows\System32\aeevts.dll
18:07:16.0942 3916 C:\Windows\System32\aeevts.dll - ok
18:07:16.0945 3916 [ 9743899CE8E4C9686DC8D87E3AD2B0D3 ] C:\Program Files (x86)\Intel\Intel® ME FW Recovery Agent\bin\sqlite3.dll
18:07:16.0945 3916 C:\Program Files (x86)\Intel\Intel® ME FW Recovery Agent\bin\sqlite3.dll - ok
18:07:16.0948 3916 [ AD7B9C14083B52BC532FBA5948342B98 ] C:\Windows\SysWOW64\cmd.exe
18:07:16.0948 3916 C:\Windows\SysWOW64\cmd.exe - ok
18:07:16.0950 3916 [ 06A347F37D33D16520768EB3D5EAE9A0 ] C:\Program Files (x86)\Intel\Intel® ME FW Recovery Agent\bin\sealing.dll
18:07:16.0951 3916 C:\Program Files (x86)\Intel\Intel® ME FW Recovery Agent\bin\sealing.dll - ok
18:07:16.0953 3916 [ 326C7F76A29897A892AA7726E91C1C67 ] C:\Windows\SysWOW64\winbrand.dll
18:07:16.0954 3916 C:\Windows\SysWOW64\winbrand.dll - ok
18:07:16.0957 3916 [ AC0C9CEA1218DAB1994AF8B28E680BD9 ] C:\Windows\System32\wlaninst.dll
18:07:16.0957 3916 C:\Windows\System32\wlaninst.dll - ok
18:07:16.0961 3916 [ 5A406C9C8E0880D3EABADC5DFD1ACDAE ] C:\Windows\System32\wwaninst.dll
18:07:16.0961 3916 C:\Windows\System32\wwaninst.dll - ok
18:07:16.0966 3916 [ 198803E5E93E29967DFB0BCFD0186151 ] C:\Windows\System32\spfileq.dll
18:07:16.0966 3916 C:\Windows\System32\spfileq.dll - ok
18:07:16.0970 3916 [ 5B9E01A5C9370CA6A686C090C41A075E ] C:\Program Files (x86)\Intel\Intel® ME FW Recovery Agent\bin\orchestrator.dll
18:07:16.0970 3916 C:\Program Files (x86)\Intel\Intel® ME FW Recovery Agent\bin\orchestrator.dll - ok
18:07:16.0974 3916 [ BE247AE996A9FDE007A27B51413A6C79 ] C:\Windows\SysWOW64\shdocvw.dll
18:07:16.0975 3916 C:\Windows\SysWOW64\shdocvw.dll - ok
18:07:16.0979 3916 [ 4B78B431F225FD8624C5655CB1DE7B61 ] C:\Windows\System32\aelupsvc.dll
18:07:16.0979 3916 C:\Windows\System32\aelupsvc.dll - ok
18:07:16.0983 3916 [ 577F78F9116565D5D634A85BA65D8815 ] C:\Program Files (x86)\Intel\Intel® ME FW Recovery Agent\bin\dispatcher.dll
18:07:16.0983 3916 C:\Program Files (x86)\Intel\Intel® ME FW Recovery Agent\bin\dispatcher.dll - ok
18:07:16.0988 3916 [ E6A55378B998F55CD67BD44245FF4F1F ] C:\Program Files (x86)\Intel\Intel® ME FW Recovery Agent\bin\featureController.dll
18:07:16.0988 3916 C:\Program Files (x86)\Intel\Intel® ME FW Recovery Agent\bin\featureController.dll - ok
18:07:16.0992 3916 [ 181F69BC9C406B7FB5C0ADE8031630AC ] C:\Windows\SysWOW64\wpdshext.dll
18:07:16.0992 3916 C:\Windows\SysWOW64\wpdshext.dll - ok
18:07:16.0997 3916 [ 7717F84F483002815490033BF069DABD ] C:\Windows\winsxs\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.17825_none_72d273598668a06b\GdiPlus.dll
18:07:16.0997 3916 C:\Windows\winsxs\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.17825_none_72d273598668a06b\GdiPlus.dll - ok
18:07:17.0001 3916 [ 58A0CDABEA255616827B1C22C9994466 ] C:\Windows\System32\NapiNSP.dll
18:07:17.0001 3916 C:\Windows\System32\NapiNSP.dll - ok
18:07:17.0006 3916 [ 613C8CE10A5FDE582BA5FA64C4D56AAA ] C:\Windows\System32\pnrpnsp.dll
18:07:17.0006 3916 C:\Windows\System32\pnrpnsp.dll - ok
18:07:17.0009 3916 [ 2E2072EB48238FCA8FBB7A9F5FABAC45 ] C:\Windows\System32\winrnr.dll
18:07:17.0009 3916 C:\Windows\System32\winrnr.dll - ok
18:07:17.0012 3916 [ 9A695D012EDAF624EB6BADA5B115C4A5 ] C:\Program Files\Intel\WiFi\bin\PanIHVInt.dll
18:07:17.0012 3916 C:\Program Files\Intel\WiFi\bin\PanIHVInt.dll - ok
18:07:17.0017 3916 [ 6B9FF8CBE106F76B8CF4DC8146FBFDC6 ] C:\Program Files (x86)\Intel\Intel® ME FW Recovery Agent\bin\CrashReportSender.exe
18:07:17.0017 3916 C:\Program Files (x86)\Intel\Intel® ME FW Recovery Agent\bin\CrashReportSender.exe - ok
18:07:17.0022 3916 [ 61930F3CFF07F50B503AFA6397BFB40A ] C:\Program Files (x86)\Intel\Intel® ME FW Recovery Agent\bin\plugin\BackendService.dll
18:07:17.0022 3916 C:\Program Files (x86)\Intel\Intel® ME FW Recovery Agent\bin\plugin\BackendService.dll - ok
18:07:17.0026 3916 [ 52FDF003556C7DC2733F1B0687487B1C ] C:\Program Files (x86)\Intel\Intel® ME FW Recovery Agent\bin\QtGui4.dll
18:07:17.0026 3916 C:\Program Files (x86)\Intel\Intel® ME FW Recovery Agent\bin\QtGui4.dll - ok
18:07:17.0029 3916 [ 064CB6CD2B1B525BF52425A818C1A15E ] C:\Program Files (x86)\Intel\Intel® ME FW Recovery Agent\bin\policyManager.dll
18:07:17.0029 3916 C:\Program Files (x86)\Intel\Intel® ME FW Recovery Agent\bin\policyManager.dll - ok
18:07:17.0032 3916 [ D1DE1EAFDE97BE41CF6585027FF3E732 ] C:\Windows\SysWOW64\comdlg32.dll
18:07:17.0032 3916 C:\Windows\SysWOW64\comdlg32.dll - ok
18:07:17.0036 3916 [ BDAC1AA64495D0F7E1FF810EBBF1F018 ] C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_5.82.7601.17514_none_ec83dffa859149af\comctl32.dll
18:07:17.0036 3916 C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_5.82.7601.17514_none_ec83dffa859149af\comctl32.dll - ok
18:07:17.0040 3916 [ AC627A247B23297B50B03856626C19B7 ] C:\Program Files (x86)\Intel\Intel® ME FW Recovery Agent\bin\network.dll
18:07:17.0040 3916 C:\Program Files (x86)\Intel\Intel® ME FW Recovery Agent\bin\network.dll - ok
18:07:17.0045 3916 [ FB19FC5951A88F3C523E35C2C98D23C0 ] C:\Windows\SysWOW64\webio.dll
18:07:17.0045 3916 C:\Windows\SysWOW64\webio.dll - ok
18:07:17.0049 3916 [ CA9F7888B524D8100B977C81F44C3234 ] C:\Windows\SysWOW64\winhttp.dll
18:07:17.0049 3916 C:\Windows\SysWOW64\winhttp.dll - ok
18:07:17.0052 3916 [ 4E5FE39C1076D115EC8BFCFE14D75B80 ] C:\Windows\SysWOW64\credssp.dll
18:07:17.0052 3916 C:\Windows\SysWOW64\credssp.dll - ok
18:07:17.0054 3916 [ 2F040CF0613A6D64DCBBA9EE81F5A5AE ] C:\Windows\SysWOW64\dsrole.dll
18:07:17.0055 3916 C:\Windows\SysWOW64\dsrole.dll - ok
18:07:17.0058 3916 [ 8EA53101FF2B15BDFF934B62A8FB326D ] C:\Windows\SysWOW64\logoncli.dll
18:07:17.0058 3916 C:\Windows\SysWOW64\logoncli.dll - ok
18:07:17.0061 3916 [ AB113FF5C7FC4571135A1B7E8BA8BB1D ] C:\Program Files (x86)\Intel\Intel® ME FW Recovery Agent\bin\plugin\DeviceProfileService.dll
18:07:17.0061 3916 C:\Program Files (x86)\Intel\Intel® ME FW Recovery Agent\bin\plugin\DeviceProfileService.dll - ok
18:07:17.0064 3916 [ 8A28776BC6DA3AA5BE8EA80567ECB2B7 ] C:\Program Files (x86)\Intel\Intel® ME FW Recovery Agent\bin\DeviceProfile.dll
18:07:17.0064 3916 C:\Program Files (x86)\Intel\Intel® ME FW Recovery Agent\bin\DeviceProfile.dll - ok
18:07:17.0067 3916 [ E1DDFAE44AC4746207B8704F8D647020 ] C:\Program Files (x86)\Intel\Intel® ME FW Recovery Agent\bin\systemInfo.dll
18:07:17.0067 3916 C:\Program Files (x86)\Intel\Intel® ME FW Recovery Agent\bin\systemInfo.dll - ok
18:07:17.0070 3916 [ 0D4E31F533C7773DF732F1189A55A72C ] C:\Program Files (x86)\Intel\Intel® ME FW Recovery Agent\bin\plugin\dispatcherServer.dll
18:07:17.0070 3916 C:\Program Files (x86)\Intel\Intel® ME FW Recovery Agent\bin\plugin\dispatcherServer.dll - ok
18:07:17.0074 3916 [ 9BA4D8AA5EE052D34EFAF4D6358A90A5 ] C:\Program Files (x86)\Intel\Intel® ME FW Recovery Agent\bin\plugin\DownloadManager.dll
18:07:17.0074 3916 C:\Program Files (x86)\Intel\Intel® ME FW Recovery Agent\bin\plugin\DownloadManager.dll - ok
18:07:17.0077 3916 [ 7C883AACA6C9A774CA9D7AEE67113D47 ] C:\Program Files (x86)\Intel\Intel® ME FW Recovery Agent\bin\plugin\PServerPlugin.dll
18:07:17.0077 3916 C:\Program Files (x86)\Intel\Intel® ME FW Recovery Agent\bin\plugin\PServerPlugin.dll - ok
18:07:17.0081 3916 [ C29BD7974796BF039B15D2BB74E21A8B ] C:\Program Files (x86)\Intel\Intel® ME FW Recovery Agent\bin\plugin\SystemMonitor.dll
18:07:17.0081 3916 C:\Program Files (x86)\Intel\Intel® ME FW Recovery Agent\bin\plugin\SystemMonitor.dll - ok
18:07:17.0084 3916 [ 6575B3174C3C86515916CDC2FDC5EF32 ] C:\Program Files (x86)\Intel\Intel® ME FW Recovery Agent\bin\plugin\UpdateService.dll
18:07:17.0084 3916 C:\Program Files (x86)\Intel\Intel® ME FW Recovery Agent\bin\plugin\UpdateService.dll - ok
18:07:17.0088 3916 [ 8A327BB9D9C77B48474FAB738AC2F2F3 ] C:\Program Files (x86)\Intel\Intel® ME FW Recovery Agent\bin\eventsSender.dll
18:07:17.0088 3916 C:\Program Files (x86)\Intel\Intel® ME FW Recovery Agent\bin\eventsSender.dll - ok
18:07:17.0093 3916 [ 037D78392A17C46EF00129A827A7684E ] C:\Program Files (x86)\Intel\Intel® ME FW Recovery Agent\bin\ChannelAdapter.dll
18:07:17.0093 3916 C:\Program Files (x86)\Intel\Intel® ME FW Recovery Agent\bin\ChannelAdapter.dll - ok
18:07:17.0097 3916 [ E629F1A051C82795DDFFD3E8D4855811 ] C:\Windows\System32\dimsjob.dll
18:07:17.0097 3916 C:\Windows\System32\dimsjob.dll - ok
18:07:17.0100 3916 [ 94DFBB481BF51158B216E23C5C1C9D6E ] C:\Windows\System32\certcli.dll
18:07:17.0100 3916 C:\Windows\System32\certcli.dll - ok
18:07:17.0103 3916 [ 35CB97CBC3EDC463418ED4997AAB29B6 ] C:\Windows\System32\pautoenr.dll
18:07:17.0103 3916 C:\Windows\System32\pautoenr.dll - ok
18:07:17.0106 3916 [ 263B26106606A010CF877472B535E4BB ] C:\Windows\System32\CertEnroll.dll
18:07:17.0107 3916 C:\Windows\System32\CertEnroll.dll - ok
18:07:17.0110 3916 [ AD6B1A69B0CCCF27A792F4C00740D24D ] C:\Users\Ken\AppData\Local\Temp\5978EA04-1632-4178-9D8D-ABAF96883341.exe
18:07:17.0110 3916 C:\Users\Ken\AppData\Local\Temp\5978EA04-1632-4178-9D8D-ABAF96883341.exe - ok
18:07:17.0112 3916 [ 8EE6BDE1D572677AA35707C52C585F75 ] C:\Windows\SysWOW64\mlang.dll
18:07:17.0113 3916 C:\Windows\SysWOW64\mlang.dll - ok
18:07:17.0115 3916 [ 0D893F8D145D3B125B0226727C243A69 ] C:\Windows\System32\security.dll
18:07:17.0115 3916 C:\Windows\System32\security.dll - ok
18:07:17.0118 3916 [ 9A85ABCE0FDD1AF8E79E731EB0B679F3 ] C:\Windows\SysWOW64\dhcpcsvc.dll
18:07:17.0118 3916 C:\Windows\SysWOW64\dhcpcsvc.dll - ok
18:07:17.0120 3916 [ 29CA5974FAB0E8AE4AA7814FE05CF832 ] C:\Windows\SysWOW64\dhcpcsvc6.dll
18:07:17.0121 3916 C:\Windows\SysWOW64\dhcpcsvc6.dll - ok
18:07:17.0124 3916 [ 012787CEB35505EB78DF82E0A0072888 ] C:\Windows\System32\browcli.dll
18:07:17.0124 3916 C:\Windows\System32\browcli.dll - ok
18:07:17.0126 3916 [ C4BFE4B61086416B0529212F92BCE081 ] C:\Windows\System32\schedcli.dll
18:07:17.0126 3916 C:\Windows\System32\schedcli.dll - ok
18:07:17.0129 3916 [ 1DB71A41DAEE6B3F8CD0DDA8209FA2D5 ] C:\Windows\SysWOW64\WindowsCodecs.dll
18:07:17.0129 3916 C:\Windows\SysWOW64\WindowsCodecs.dll - ok
18:07:17.0132 3916 [ 846D0E4DB261CFAF363902E41498E961 ] C:\Windows\SysWOW64\EhStorShell.dll
18:07:17.0132 3916 C:\Windows\SysWOW64\EhStorShell.dll - ok
18:07:17.0134 3916 [ 03F3B770DFBED6131653CEDA8CA780F0 ] C:\Windows\SysWOW64\ntshrui.dll
18:07:17.0135 3916 C:\Windows\SysWOW64\ntshrui.dll - ok
18:07:17.0137 3916 [ 827CB0D6C3F8057EA037FF271F8E9795 ] C:\Windows\SysWOW64\imageres.dll
18:07:17.0137 3916 C:\Windows\SysWOW64\imageres.dll - ok
18:07:17.0140 3916 [ 8B74CEC6980D4816B0037AE9A27E538F ] C:\Windows\SysWOW64\slc.dll
18:07:17.0140 3916 C:\Windows\SysWOW64\slc.dll - ok
18:07:17.0143 3916 [ C00DB14550E4BD49737F311C644E45FF ] C:\Windows\System32\wmi.dll
18:07:17.0143 3916 C:\Windows\System32\wmi.dll - ok
18:07:17.0145 3916 [ F1387F5674697F2D8EB6DE2266477860 ] C:\Windows\System32\dskquota.dll
18:07:17.0145 3916 C:\Windows\System32\dskquota.dll - ok
18:07:17.0149 3916 [ E601860AA04CE2198DBC6AC2AF80AFF7 ] C:\Windows\System32\perfos.dll
18:07:17.0149 3916 C:\Windows\System32\perfos.dll - ok
18:07:17.0153 3916 [ 4F15D75ADF6156BF56ECED6D4A55C389 ] C:\Windows\System32\IPSECSVC.DLL
18:07:17.0153 3916 C:\Windows\System32\IPSECSVC.DLL - ok
18:07:17.0157 3916 [ 9BC93C9ACFA34DB5A41B89357B31E4ED ] C:\Windows\System32\FwRemoteSvr.dll
18:07:17.0157 3916 C:\Windows\System32\FwRemoteSvr.dll - ok
18:07:17.0160 3916 [ B9BED985C148ED68F407A00B39885D4F ] C:\ProgramData\Intel\Intel® ME FW Recovery Agent\device_profile\providers\MEProvider.dll
18:07:17.0160 3916 C:\ProgramData\Intel\Intel® ME FW Recovery Agent\device_profile\providers\MEProvider.dll - ok
18:07:17.0164 3916 [ 83C27AD4040B60B81322ABE7E7B0057A ] C:\Program Files (x86)\Intel\Intel® ME FW Recovery Agent\bin\MEFWRDsc.dll
18:07:17.0164 3916 C:\Program Files (x86)\Intel\Intel® ME FW Recovery Agent\bin\MEFWRDsc.dll - ok
18:07:17.0167 3916 [ 169C83471930C8C9945684AF8B9B26BC ] C:\Program Files (x86)\Toshiba\widimon\widimon.exe
18:07:17.0167 3916 C:\Program Files (x86)\Toshiba\widimon\widimon.exe - ok
18:07:17.0170 3916 [ 18AB2E5A40064ED5F7791AC5946A90F3 ] C:\Windows\SysWOW64\msimg32.dll
18:07:17.0170 3916 C:\Windows\SysWOW64\msimg32.dll - ok
18:07:17.0173 3916 [ 936F728E04ACCF3F38801CFFCF1E3F40 ] C:\Windows\SysWOW64\oledlg.dll
18:07:17.0173 3916 C:\Windows\SysWOW64\oledlg.dll - ok
18:07:17.0177 3916 [ 615DCEAD20BAFADA2336FD4C472F5311 ] C:\Windows\System32\igfxext.exe
18:07:17.0177 3916 C:\Windows\System32\igfxext.exe - ok
18:07:17.0181 3916 [ 73B932FBC7A25ED89CBE2816EAF09859 ] C:\Windows\System32\igfxsrvc.exe
18:07:17.0181 3916 C:\Windows\System32\igfxsrvc.exe - ok
18:07:17.0185 3916 [ C59344FD8E890DAB476F565E75DB14C6 ] C:\Windows\System32\igfxdev.dll
18:07:17.0185 3916 C:\Windows\System32\igfxdev.dll - ok
18:07:17.0189 3916 [ 4CAEEF9FDC51F6EBF650A90B682071CC ] C:\Windows\System32\igfxexps.dll
18:07:17.0189 3916 C:\Windows\System32\igfxexps.dll - ok
18:07:17.0193 3916 [ B1A842D573DA2F1238CE965C589DBC2E ] C:\Windows\System32\igfxsrvc.dll
18:07:17.0193 3916 C:\Windows\System32\igfxsrvc.dll - ok
18:07:17.0196 3916 [ BBE5EF45922224809A32B170165F3893 ] C:\Windows\SysWOW64\igfxexps32.dll
18:07:17.0196 3916 C:\Windows\SysWOW64\igfxexps32.dll - ok
18:07:17.0199 3916 [ 40CAEEE0EAF1B8569F7C8DF6420F2CB9 ] C:\Windows\SysWOW64\sfc.dll
18:07:17.0199 3916 C:\Windows\SysWOW64\sfc.dll - ok
18:07:17.0201 3916 [ 84799328D87B3091A3BDD251E1AD31F9 ] C:\Windows\SysWOW64\sfc_os.dll
18:07:17.0201 3916 C:\Windows\SysWOW64\sfc_os.dll - ok
18:07:17.0204 3916 [ 162D247E995EAEBF3EF4289069E1111C ] C:\Windows\SysWOW64\devrtl.dll
18:07:17.0204 3916 C:\Windows\SysWOW64\devrtl.dll - ok
18:07:17.0207 3916 [ B519848DFA30AE2B306576B51321D102 ] C:\Windows\System32\ie4uinit.exe
18:07:17.0207 3916 C:\Windows\System32\ie4uinit.exe - ok
18:07:17.0210 3916 [ FB10715E4099AF9FA389C71873245226 ] C:\Windows\System32\timedate.cpl
18:07:17.0210 3916 C:\Windows\System32\timedate.cpl - ok
18:07:17.0213 3916 [ E6F0F82788E8BD0F7A616350EFA0761C ] C:\Windows\System32\actxprxy.dll
18:07:17.0213 3916 C:\Windows\System32\actxprxy.dll - ok
18:07:17.0215 3916 [ C4F40F6CACD796A8E16671D0E9A2F319 ] C:\Windows\System32\shdocvw.dll
18:07:17.0215 3916 C:\Windows\System32\shdocvw.dll - ok
18:07:17.0218 3916 [ A0A65D306A5490D2EB8E7DE66898ECFD ] C:\Windows\System32\linkinfo.dll
18:07:17.0218 3916 C:\Windows\System32\linkinfo.dll - ok
18:07:17.0221 3916 [ 661CEEDE98A2E0E5CDD7DE239EB38353 ] C:\PROGRA~2\WIC4A1~1\MESSEN~1\msgslang.dll
18:07:17.0221 3916 C:\PROGRA~2\WIC4A1~1\MESSEN~1\msgslang.dll - ok
18:07:17.0224 3916 [ 1EAC1A8CA6874BF5B15E2EFB9A9A7B86 ] C:\Windows\System32\msftedit.dll
18:07:17.0224 3916 C:\Windows\System32\msftedit.dll - ok
18:07:17.0227 3916 [ 7FCAB194F01E3403C300EB034E480B36 ] C:\Windows\System32\msls31.dll
18:07:17.0227 3916 C:\Windows\System32\msls31.dll - ok
18:07:17.0230 3916 [ 7DBA84667DC18877AEF693E3543DFAD7 ] C:\Program Files\Common Files\Microsoft Shared\ink\tiptsf.dll
18:07:17.0230 3916 C:\Program Files\Common Files\Microsoft Shared\ink\tiptsf.dll - ok
18:07:17.0232 3916 [ 3504B34CD2DE00BA3CC1A195F1B739BD ] C:\Windows\System32\gameux.dll
18:07:17.0232 3916 C:\Windows\System32\gameux.dll - ok
18:07:17.0235 3916 [ C4CAFB377FC240144340FFA31C4229BC ] C:\Windows\System32\hccutils.dll
18:07:17.0235 3916 C:\Windows\System32\hccutils.dll - ok
18:07:17.0238 3916 [ 4E3BC9A65C8F9075A33675E7A19A5CE9 ] C:\Windows\System32\igfxtray.exe
18:07:17.0238 3916 C:\Windows\System32\igfxtray.exe - ok
18:07:17.0241 3916 [ 69754747274B76E7FAF287239333D7E6 ] C:\Windows\System32\msiltcfg.dll
18:07:17.0241 3916 C:\Windows\System32\msiltcfg.dll - ok
18:07:17.0243 3916 [ 5EB6E9C8BE1ACC5830780E0F9A846255 ] C:\Windows\System32\msi.dll
18:07:17.0243 3916 C:\Windows\System32\msi.dll - ok
18:07:17.0246 3916 [ 579430AF061158BFCE857D37F90A0A47 ] C:\Windows\System32\igfxrenu.lrc
18:07:17.0246 3916 C:\Windows\System32\igfxrenu.lrc - ok
18:07:17.0249 3916 [ 4C2C4640BF23AAFCF90519E0F34436CE ] C:\Windows\System32\DeviceCenter.dll
18:07:17.0249 3916 C:\Windows\System32\DeviceCenter.dll - ok
18:07:17.0252 3916 [ 752E236B4EEDCAAF528662D6F263A7FD ] C:\Windows\System32\hkcmd.exe
18:07:17.0252 3916 C:\Windows\System32\hkcmd.exe - ok
18:07:17.0255 3916 [ 5D9827D1A6DEC35EC9233A1360512EF4 ] C:\Windows\System32\igfxpers.exe
18:07:17.0255 3916 C:\Windows\System32\igfxpers.exe - ok
18:07:17.0261 3916 [ AE5173F4415FD64246F6E2B3745E66C1 ] C:\Windows\System32\igfxress.dll
18:07:17.0261 3916 C:\Windows\System32\igfxress.dll - ok
18:07:17.0263 3916 [ AB1B47B949264CF55C9B980FF2BE1F97 ] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
18:07:17.0263 3916 C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe - ok
18:07:17.0267 3916 [ 24F4B480F335A6C724AF352253C5D98B ] C:\Windows\System32\thumbcache.dll
18:07:17.0267 3916 C:\Windows\System32\thumbcache.dll - ok
18:07:17.0270 3916 [ 405F4D32D2185F1F1BD753D8EEAFFB3A ] C:\Windows\System32\networkexplorer.dll
18:07:17.0270 3916 C:\Windows\System32\networkexplorer.dll - ok
18:07:17.0275 3916 [ B31453AE19EB461D99BA65BFAFC8D403 ] C:\Program Files\SRS Labs\SRS Control Panel\SRSPanel_64.exe
18:07:17.0275 3916 C:\Program Files\SRS Labs\SRS Control Panel\SRSPanel_64.exe - ok
18:07:17.0279 3916 [ 9110FFAD124283F37D38771BB60556AF ] C:\Windows\System32\dsound.dll
18:07:17.0279 3916 C:\Windows\System32\dsound.dll - ok
18:07:17.0282 3916 [ 444AB7BCE6032426FE1443F8C0DBA2FE ] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
18:07:17.0282 3916 C:\Program Files\Synaptics\SynTP\SynTPEnh.exe - ok
18:07:17.0286 3916 [ DE7B97039C35DD05725FB0B1899DD96F ] C:\Program Files\TOSHIBA\Power Saver\TPwrMain.exe
18:07:17.0286 3916 C:\Program Files\TOSHIBA\Power Saver\TPwrMain.exe - ok
18:07:17.0290 3916 [ 7C7915D80170A3832CC8EB0F16648090 ] C:\Program Files\TOSHIBA\FlashCards\TCrdEvnt.dll
18:07:17.0291 3916 C:\Program Files\TOSHIBA\FlashCards\TCrdEvnt.dll - ok
18:07:17.0295 3916 [ F90F0459A1AFBB3AD97158423576FF89 ] C:\Program Files\TOSHIBA\FlashCards\TCrdMain.exe
18:07:17.0295 3916 C:\Program Files\TOSHIBA\FlashCards\TCrdMain.exe - ok
18:07:17.0299 3916 [ 874DCC6F79DF9E2F2FDFEF3FA0BEFA9E ] C:\Program Files\TOSHIBA\FlashCards\TCrdMain.dll
18:07:17.0299 3916 C:\Program Files\TOSHIBA\FlashCards\TCrdMain.dll - ok
18:07:17.0302 3916 [ C709034F25484712F0C2E89B3BFD49F1 ] C:\Program Files\TOSHIBA\Power Saver\TBatmgrTrayicon.exe
18:07:17.0302 3916 C:\Program Files\TOSHIBA\Power Saver\TBatmgrTrayicon.exe - ok
18:07:17.0306 3916 [ 422521567B79B613EBA5E7CE7DB80032 ] C:\Program Files\TOSHIBA\TECO\Teco.exe
18:07:17.0306 3916 C:\Program Files\TOSHIBA\TECO\Teco.exe - ok
18:07:17.0310 3916 [ 099B3847531EAF7BA63B5BB504CE8461 ] C:\Program Files\TOSHIBA\TECO\MUIHelp.dll
18:07:17.0310 3916 C:\Program Files\TOSHIBA\TECO\MUIHelp.dll - ok
18:07:17.0314 3916 [ 51E4BFA07DC27451FBF7E8665745E0EB ] C:\Program Files\TOSHIBA\Power Saver\TBatmgrFunc.dll
18:07:17.0314 3916 C:\Program Files\TOSHIBA\Power Saver\TBatmgrFunc.dll - ok
18:07:17.0317 3916 [ 97D0894AFD72494870A4943B2145E658 ] C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosWaitSrv.exe
18:07:17.0317 3916 C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosWaitSrv.exe - ok
18:07:17.0323 3916 [ DD123C8B48335B668F5ED17A3FCEE973 ] C:\Windows\System32\SynCOM.dll
18:07:17.0323 3916 C:\Windows\System32\SynCOM.dll - ok
18:07:17.0327 3916 [ 1AB8813DED097F7B202B4D2A6D08E114 ] C:\Program Files\TOSHIBA\TPHM\TosWaitSrv.exe
18:07:17.0327 3916 C:\Program Files\TOSHIBA\TPHM\TosWaitSrv.exe - ok
18:07:17.0331 3916 [ 4FD6E8F52DC28F5C3238314DF61DACEF ] C:\Program Files\TOSHIBA\FlashCards\BlackPng.dll
18:07:17.0331 3916 C:\Program Files\TOSHIBA\FlashCards\BlackPng.dll - ok
18:07:17.0334 3916 [ 105CFE016CCB20175BEACEC146F175AB ] C:\Windows\System32\IccLibDll_x64.dll
18:07:17.0334 3916 C:\Windows\System32\IccLibDll_x64.dll - ok
18:07:17.0337 3916 [ 60B097BBC1907688F77D30BAA59B722F ] C:\Windows\System32\SynTPAPI.dll
18:07:17.0337 3916 C:\Windows\System32\SynTPAPI.dll - ok
18:07:17.0340 3916 [ F82483A80D49ACCA81193A294FB233CD ] C:\Program Files\TOSHIBA\TosVolRegulator\TosVolRegulator.exe
18:07:17.0340 3916 C:\Program Files\TOSHIBA\TosVolRegulator\TosVolRegulator.exe - ok
18:07:17.0343 3916 [ A709D7F4DCC91CF0945F784F7D233B89 ] C:\Program Files\TOSHIBA\BulletinBoard\TosNcCore.exe
18:07:17.0343 3916 C:\Program Files\TOSHIBA\BulletinBoard\TosNcCore.exe - ok
18:07:17.0346 3916 [ 0287C9E40BC751BF94A90FEA39B4CAE6 ] C:\Program Files\TOSHIBA\BulletinBoard\TosNcUi.dll
18:07:17.0346 3916 C:\Program Files\TOSHIBA\BulletinBoard\TosNcUi.dll - ok
18:07:17.0349 3916 [ 9C96B167C21F6DCCF68E96853B0A8F93 ] C:\Program Files\TOSHIBA\FlashCards\FnPRTSC.dll
18:07:17.0349 3916 C:\Program Files\TOSHIBA\FlashCards\FnPRTSC.dll - ok
18:07:17.0352 3916 [ 1D5EB2FBC3AF02D795246F5FE3B486F2 ] C:\Program Files\TOSHIBA\ReelTime\TosReelTimeMonitor.exe
18:07:17.0352 3916 C:\Program Files\TOSHIBA\ReelTime\TosReelTimeMonitor.exe - ok
18:07:17.0355 3916 [ 00490C2A421579311EFF460ADDAB7AD0 ] C:\Program Files\Microsoft Security Client\msseces.exe
18:07:17.0355 3916 C:\Program Files\Microsoft Security Client\msseces.exe - ok
18:07:17.0359 3916 [ A820268F06B7D49B4D62F9517750CAA3 ] C:\Program Files\TOSHIBA\FlashCards\FnSticky.dll
18:07:17.0359 3916 C:\Program Files\TOSHIBA\FlashCards\FnSticky.dll - ok
18:07:17.0362 3916 [ A343FE7D51F3C63645254DCC2663437E ] C:\Program Files\TOSHIBA\Power Saver\TFunctab.dll
18:07:17.0362 3916 C:\Program Files\TOSHIBA\Power Saver\TFunctab.dll - ok
18:07:17.0365 3916 [ 6C07C7F41B93C0393F5FA5DD42C3C4AA ] C:\Program Files (x86)\Google\Drive\googledrivesync.exe
18:07:17.0365 3916 C:\Program Files (x86)\Google\Drive\googledrivesync.exe - ok
18:07:17.0368 3916 [ 1C937AA6A3E2E5F5F650686437AE2854 ] C:\Program Files\TOSHIBA\FlashCards\SmoothView.dll
18:07:17.0368 3916 C:\Program Files\TOSHIBA\FlashCards\SmoothView.dll - ok
18:07:17.0371 3916 [ E3BF29CED96790CDAAFA981FFDDF53A3 ] C:\Program Files\Windows Sidebar\sidebar.exe
18:07:17.0371 3916 C:\Program Files\Windows Sidebar\sidebar.exe - ok
18:07:17.0374 3916 [ E3F6A938E96121B0713C5442B07FBEFA ] C:\Program Files\TOSHIBA\Power Saver\TOddPwr.dll
18:07:17.0374 3916 C:\Program Files\TOSHIBA\Power Saver\TOddPwr.dll - ok
18:07:17.0377 3916 [ 1AC9B56AC7E043AC2874D61CBCED5F49 ] C:\Program Files\TOSHIBA\FlashCards\Hotkey\Mute.dll
18:07:17.0377 3916 C:\Program Files\TOSHIBA\FlashCards\Hotkey\Mute.dll - ok
18:07:17.0380 3916 [ 11615D80DC10ABB83D2A9002B70A4E36 ] C:\Program Files\TOSHIBA\FlashCards\TWarnMsg\TWarnMsg.dll
18:07:17.0380 3916 C:\Program Files\TOSHIBA\FlashCards\TWarnMsg\TWarnMsg.dll - ok
18:07:17.0383 3916 [ A2C6C94C5F45893B745EABC6B6A6061B ] C:\Program Files\TOSHIBA\Power Saver\TPwrSrv.dll
18:07:17.0383 3916 C:\Program Files\TOSHIBA\Power Saver\TPwrSrv.dll - ok
18:07:17.0386 3916 [ 0805289E121F3E3C458C970B08314EB2 ] C:\Windows\System32\RtkCfg64.dll
18:07:17.0386 3916 C:\Windows\System32\RtkCfg64.dll - ok
18:07:17.0390 3916 [ 5D61BE7DB55B026A5D61A3EED09D0EAD ] C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
18:07:17.0390 3916 C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe - ok
18:07:17.0393 3916 [ 1DCD0B1345720349220CE79316A56751 ] C:\Program Files\TOSHIBA\FlashCards\Hotkey\FnZ.dll
18:07:17.0393 3916 C:\Program Files\TOSHIBA\FlashCards\Hotkey\FnZ.dll - ok
18:07:17.0396 3916 [ BE56D0547E24644DEEB19397521B1EAA ] C:\Program Files (x86)\Google\GoogleToolbarNotifier\5.7.7529.1424\gtn.dll
18:07:17.0396 3916 C:\Program Files (x86)\Google\GoogleToolbarNotifier\5.7.7529.1424\gtn.dll - ok
18:07:17.0399 3916 [ E365B567A4DC4A50B10A84B2B2D09EA7 ] C:\Program Files\TOSHIBA\FlashCards\Hotkey\TCrdKBB.exe
18:07:17.0399 3916 C:\Program Files\TOSHIBA\FlashCards\Hotkey\TCrdKBB.exe - ok
18:07:17.0401 3916 [ 839F96DBAAFD3353E0B248A5E0BD2A51 ] C:\Windows\SysWOW64\rasapi32.dll
18:07:17.0401 3916 C:\Windows\SysWOW64\rasapi32.dll - ok
18:07:17.0404 3916 [ FFA7172354B9256DBB2CDD75F16F33FE ] C:\Windows\SysWOW64\rasman.dll
18:07:17.0404 3916 C:\Windows\SysWOW64\rasman.dll - ok
18:07:17.0407 3916 [ ADC791328EA38BA2E3EEC817C95A7D35 ] C:\Users\Ken\AppData\Roaming\Dropbox\bin\Dropbox.exe
18:07:17.0407 3916 C:\Users\Ken\AppData\Roaming\Dropbox\bin\Dropbox.exe - ok
18:07:17.0410 3916 [ 0915C4DB6DBC3BB9E11B7ECBBE4B7159 ] C:\Windows\SysWOW64\rtutils.dll
18:07:17.0410 3916 C:\Windows\SysWOW64\rtutils.dll - ok
18:07:17.0413 3916 [ EF9F69074FF0A48DD30FEF5A33518D86 ] C:\Program Files (x86)\Google\GoogleToolbarNotifier\5.7.7529.1424\swg.dll
18:07:17.0413 3916 C:\Program Files (x86)\Google\GoogleToolbarNotifier\5.7.7529.1424\swg.dll - ok
18:07:17.0416 3916 [ 1C1EB95D36C6D5ED8CAE9D29A66028B3 ] C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
18:07:17.0416 3916 C:\Program Files\Synaptics\SynTP\SynTPHelper.exe - ok
18:07:17.0419 3916 [ 93569D46D79F9756ED077156496AFE23 ] C:\Program Files (x86)\Internet Explorer\iexplore.exe
18:07:17.0419 3916 C:\Program Files (x86)\Internet Explorer\iexplore.exe - ok
18:07:17.0422 3916 [ 0B5511674394666E9D221F8681B2C2E6 ] C:\Windows\System32\consent.exe
18:07:17.0422 3916 C:\Windows\System32\consent.exe - ok
18:07:17.0424 3916 [ C8AEBDDAAD605E68DBCCD41CD58FC841 ] C:\Program Files (x86)\Toshiba\Bluetooth Toshiba Stack\ItSecMng.exe
18:07:17.0424 3916 C:\Program Files (x86)\Toshiba\Bluetooth Toshiba Stack\ItSecMng.exe - ok
18:07:17.0427 3916 [ 6055F2812C4E4658D772074AEF132098 ] C:\Program Files\Microsoft Security Client\MsMpRes.dll
18:07:17.0427 3916 C:\Program Files\Microsoft Security Client\MsMpRes.dll - ok
18:07:17.0430 3916 [ 4D1DA8CE5E364D22B4FF00F163194514 ] C:\Program Files (x86)\Intel\Intel® USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
18:07:17.0431 3916 C:\Program Files (x86)\Intel\Intel® USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe - ok
18:07:17.0433 3916 [ F146E2BA475893DD77B2370DC1211FC6 ] C:\Windows\System32\drivers\31345145.sys
18:07:17.0433 3916 C:\Windows\System32\drivers\31345145.sys - ok
18:07:17.0436 3916 [ 919001D2BB17DF06CA3F8AC16AD039F6 ] C:\Windows\SysWOW64\sxs.dll
18:07:17.0436 3916 C:\Windows\SysWOW64\sxs.dll - ok
18:07:17.0439 3916 [ A3DA49FF1D7288237FF18B31B7FE1087 ] C:\Program Files (x86)\Intel\Intel® USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.dll
18:07:17.0439 3916 C:\Program Files (x86)\Intel\Intel® USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.dll - ok
18:07:17.0442 3916 [ 86F1895AE8C5E8B17D99ECE768A70732 ] C:\Users\Ken\AppData\Roaming\Dropbox\bin\msvcr71.dll
18:07:17.0442 3916 C:\Users\Ken\AppData\Roaming\Dropbox\bin\msvcr71.dll - ok
18:07:17.0445 3916 [ CFFA0B185396455C7553DFCC01D267FE ] C:\Program Files (x86)\Intel Corporation\Intel AT Service signup\IntelATServiceSignup.exe
18:07:17.0445 3916 C:\Program Files (x86)\Intel Corporation\Intel AT Service signup\IntelATServiceSignup.exe - ok
18:07:17.0448 3916 [ CE7648AF53E26CEB484F54866F195328 ] C:\Program Files (x86)\Toshiba\PasswordUtility\TOSDCR.exe
18:07:17.0448 3916 C:\Program Files (x86)\Toshiba\PasswordUtility\TOSDCR.exe - ok
18:07:17.0451 3916 [ 8415F4792D7BC07BE328DF56FE32045A ] C:\Windows\System32\mshtml.dll
18:07:17.0451 3916 C:\Windows\System32\mshtml.dll - ok
18:07:17.0454 3916 [ FECC5EDFDB1AB0D0182AB6247B3591C4 ] C:\Program Files\TOSHIBA\DelayTSS\DelayTSS.exe
18:07:17.0454 3916 C:\Program Files\TOSHIBA\DelayTSS\DelayTSS.exe - ok
18:07:17.0458 3916 [ 4169FFB6158D630463DBE8FAA1BFEAE3 ] C:\Program Files (x86)\Toshiba\TOSHIBA Sleep Utility\TSleepSrv.exe
18:07:17.0458 3916 C:\Program Files (x86)\Toshiba\TOSHIBA Sleep Utility\TSleepSrv.exe - ok
18:07:17.0461 3916 [ 93812FDC01AA864195816CD814445F95 ] C:\Program Files\Microsoft Security Client\SqmApi.dll
18:07:17.0461 3916 C:\Program Files\Microsoft Security Client\SqmApi.dll - ok
18:07:17.0464 3916 [ 61F28D179B0E21764ADAFCCC8953F9B8 ] C:\Program Files\TOSHIBA\Power Saver\TCooling.dll
18:07:17.0464 3916 C:\Program Files\TOSHIBA\Power Saver\TCooling.dll - ok
18:07:17.0467 3916 [ AAFC6646CC649D9A2E3FFE3F6389EFAB ] C:\Program Files\TOSHIBA\TECO\TecoHook.exe
18:07:17.0467 3916 C:\Program Files\TOSHIBA\TECO\TecoHook.exe - ok
18:07:17.0469 3916 [ CCAD62A2D120A2AE11849FE336FFB59B ] C:\Program Files\TOSHIBA\TECO\TecoHookDll.dll
18:07:17.0470 3916 C:\Program Files\TOSHIBA\TECO\TecoHookDll.dll - ok
18:07:17.0473 3916 [ 79BD79C3EB6A4AD49E2F5ECB045BFCD4 ] C:\Program Files\TOSHIBA\Power Saver\TPwrBrightness.dll
18:07:17.0473 3916 C:\Program Files\TOSHIBA\Power Saver\TPwrBrightness.dll - ok
18:07:17.0476 3916 [ CE7E2C9DA6814ABD75BD3663EB2529E4 ] C:\Program Files\TOSHIBA\Power Saver\T1394Pwr.dll
18:07:17.0476 3916 C:\Program Files\TOSHIBA\Power Saver\T1394Pwr.dll - ok
18:07:17.0479 3916 [ 01D585C95A0E752EFFB11EA899B0E387 ] C:\Windows\assembly\NativeImages_v2.0.50727_32\WindowsBase\46fce56db7685a586d3eeb7c373e3c1c\WindowsBase.ni.dll
18:07:17.0479 3916 C:\Windows\assembly\NativeImages_v2.0.50727_32\WindowsBase\46fce56db7685a586d3eeb7c373e3c1c\WindowsBase.ni.dll - ok
18:07:17.0482 3916 [ 35D063AE49A538F939CE257C15DE4F8A ] C:\Program Files\TOSHIBA\Power Saver\TKBLEDPwr.dll
18:07:17.0482 3916 C:\Program Files\TOSHIBA\Power Saver\TKBLEDPwr.dll - ok
18:07:17.0486 3916 [ F59DF79CB996287EB7183D0E08502EC6 ] C:\Program Files\TOSHIBA\Power Saver\TSDPwr.dll
18:07:17.0486 3916 C:\Program Files\TOSHIBA\Power Saver\TSDPwr.dll - ok
18:07:17.0489 3916 [ CB0EA991903412B425BA6F4A8CC51F8E ] C:\Program Files\TOSHIBA\Power Saver\TPCIePwr.dll
18:07:17.0490 3916 C:\Program Files\TOSHIBA\Power Saver\TPCIePwr.dll - ok
18:07:17.0492 3916 [ 76F123E491B26DAAD5DFBC20FC5996DB ] C:\Program Files\TOSHIBA\Power Saver\TScreen.dll
18:07:17.0493 3916 C:\Program Files\TOSHIBA\Power Saver\TScreen.dll - ok
18:07:17.0495 3916 [ BCD9CBF0621F9A6767276A2E0BF1DD15 ] C:\Program Files (x86)\Google\Google Talk\googletalk.exe
18:07:17.0495 3916 C:\Program Files (x86)\Google\Google Talk\googletalk.exe - ok
18:07:17.0498 3916 [ B3CE0951E3C1EA3C733573C472EE85F9 ] C:\Windows\System32\msimtf.dll
18:07:17.0498 3916 C:\Windows\System32\msimtf.dll - ok
18:07:17.0501 3916 [ 777F34146CD4126A2B8D6F2342F57536 ] C:\Windows\assembly\NativeImages_v2.0.50727_32\PresentationCore\14a87218ea49639f38097e278b98a3da\PresentationCore.ni.dll
18:07:17.0501 3916 C:\Windows\assembly\NativeImages_v2.0.50727_32\PresentationCore\14a87218ea49639f38097e278b98a3da\PresentationCore.ni.dll - ok
18:07:17.0504 3916 [ 85683DF1F917E4D7F6BE1A04986BF1C8 ] C:\Windows\SysWOW64\msacm32.dll
18:07:17.0504 3916 C:\Windows\SysWOW64\msacm32.dll - ok
18:07:17.0507 3916 [ 102CF6879887BBE846A00C459E6D4ABC ] C:\Windows\SysWOW64\riched20.dll
18:07:17.0507 3916 C:\Windows\SysWOW64\riched20.dll - ok
18:07:17.0510 3916 [ 850B548DFCC9794A69092A3CF4946556 ] C:\Program Files (x86)\Memeo\AutoBackup\MemeoLauncher2.exe
18:07:17.0510 3916 C:\Program Files (x86)\Memeo\AutoBackup\MemeoLauncher2.exe - ok
18:07:17.0513 3916 [ 41C56FB44C7B18744BCB87B7A3CCF1DE ] C:\Windows\System32\jscript9.dll
18:07:17.0513 3916 C:\Windows\System32\jscript9.dll - ok
18:07:17.0516 3916 [ A853FB4774AAA16D7D57E26F46196ABF ] C:\Program Files (x86)\Seagate\Seagate Dashboard\MemeoLauncher.exe
18:07:17.0516 3916 C:\Program Files (x86)\Seagate\Seagate Dashboard\MemeoLauncher.exe - ok
18:07:17.0518 3916 [ E2A17BCC08D92F42E08AF6BA2F93ABA7 ] C:\Windows\SysWOW64\ExplorerFrame.dll
18:07:17.0519 3916 C:\Windows\SysWOW64\ExplorerFrame.dll - ok
18:07:17.0521 3916 [ EE06B85BC69F18826302348A2AD089E0 ] C:\Windows\SysWOW64\dui70.dll
18:07:17.0521 3916 C:\Windows\SysWOW64\dui70.dll - ok
18:07:17.0524 3916 [ 6E1F8165C365D35C8E3C045AF0CDD481 ] C:\Windows\SysWOW64\duser.dll
18:07:17.0525 3916 C:\Windows\SysWOW64\duser.dll - ok
18:07:17.0528 3916 [ 6E9E439517D89EDC9A6CB1E94489620A ] C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsec.dll
18:07:17.0528 3916 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsec.dll - ok
18:07:17.0533 3916 [ 1F04E809409A9B5FFD510B5FD89A1155 ] C:\Windows\System32\d2d1.dll
18:07:17.0533 3916 C:\Windows\System32\d2d1.dll - ok
18:07:17.0538 3916 [ 02E185944CFA58DAD47D409E5655FB28 ] C:\Windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\e717a230496832656b05b515eb9f3bc5\PresentationFramework.ni.dll
18:07:17.0538 3916 C:\Windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\e717a230496832656b05b515eb9f3bc5\PresentationFramework.ni.dll - ok
18:07:17.0541 3916 [ 7426279D625196393EABBEFE1C60A0C2 ] C:\Windows\System32\DWrite.dll
18:07:17.0541 3916 C:\Windows\System32\DWrite.dll - ok
18:07:17.0544 3916 [ 5C4CB4086FB83115B153E47ADD961A0C ] C:\Windows\System32\FntCache.dll
18:07:17.0544 3916 C:\Windows\System32\FntCache.dll - ok
18:07:17.0547 3916 [ 4F6E72B34ED3DC53DCC5E8708E60B61F ] C:\Windows\SysWOW64\security.dll
18:07:17.0547 3916 C:\Windows\SysWOW64\security.dll - ok
18:07:17.0550 3916 [ AEDDFD540E3E6BECDB14C30D1F12B78A ] C:\Windows\assembly\GAC_32\PresentationCore\3.0.0.0__31bf3856ad364e35\PresentationCore.dll
18:07:17.0550 3916 C:\Windows\assembly\GAC_32\PresentationCore\3.0.0.0__31bf3856ad364e35\PresentationCore.dll - ok
18:07:17.0553 3916 [ 238D6405F9FC4DF0744492DCE80988A5 ] C:\Program Files (x86)\Memeo\AutoBackup\Tanagra.Utility.dll
18:07:17.0553 3916 C:\Program Files (x86)\Memeo\AutoBackup\Tanagra.Utility.dll - ok
18:07:17.0556 3916 [ DDFBFD8959F32AC0CF3947F36BAC3081 ] C:\Windows\Microsoft.NET\Framework\v3.0\WPF\wpfgfx_v0300.dll
18:07:17.0557 3916 C:\Windows\Microsoft.NET\Framework\v3.0\WPF\wpfgfx_v0300.dll - ok
18:07:17.0559 3916 [ DC6612A9EE015A36BA2A27BC9CC12537 ] C:\Windows\SysWOW64\mfc42.dll
18:07:17.0559 3916 C:\Windows\SysWOW64\mfc42.dll - ok
18:07:17.0562 3916 [ 2BAB54632EAF98ED75D55E19C46955E4 ] C:\Windows\SysWOW64\THCI.dll
18:07:17.0562 3916 C:\Windows\SysWOW64\THCI.dll - ok
18:07:17.0565 3916 [ 8C338238C16777A802D6A9211EB2BA50 ] C:\Windows\SysWOW64\netprofm.dll
18:07:17.0566 3916 C:\Windows\SysWOW64\netprofm.dll - ok
18:07:17.0569 3916 [ 7D34AF98A706230CC2DEDFE0CABF87AB ] C:\Windows\SysWOW64\odbc32.dll
18:07:17.0569 3916 C:\Windows\SysWOW64\odbc32.dll - ok
18:07:17.0571 3916 [ 104A1070E90F1C530328E69B49718841 ] C:\Windows\SysWOW64\nlaapi.dll
18:07:17.0572 3916 C:\Windows\SysWOW64\nlaapi.dll - ok
18:07:17.0575 3916 [ 15E298B5EC5B89C5994A59863969D9FF ] C:\Windows\SysWOW64\npmproxy.dll
18:07:17.0575 3916 C:\Windows\SysWOW64\npmproxy.dll - ok
18:07:17.0578 3916 [ ABA457BFC7EC0B5E130B2F1E0F549DFF ] C:\Windows\SysWOW64\odbcint.dll
18:07:17.0578 3916 C:\Windows\SysWOW64\odbcint.dll - ok
18:07:17.0581 3916 [ 723F894F4F7AD011398466F1843F18F7 ] C:\Program Files (x86)\Evernote\Evernote\EvernoteClipper.exe
18:07:17.0581 3916 C:\Program Files (x86)\Evernote\Evernote\EvernoteClipper.exe - ok
18:07:17.0584 3916 [ A0617B5753E31126AD29C03154F4F329 ] C:\Windows\Microsoft.NET\Framework\v2.0.50727\Culture.dll
18:07:17.0584 3916 C:\Windows\Microsoft.NET\Framework\v2.0.50727\Culture.dll - ok
18:07:17.0588 3916 [ 88B0BCC23660D466879099F26CCB8CA5 ] C:\Program Files\TOSHIBA\FlashCards\Hotkey\FnF1.dll
18:07:17.0588 3916 C:\Program Files\TOSHIBA\FlashCards\Hotkey\FnF1.dll - ok
18:07:17.0592 3916 [ 2855A56670865D35AB6F2AF15D26D743 ] C:\Program Files\TOSHIBA\Power Saver\TFunc2.dll
18:07:17.0592 3916 C:\Program Files\TOSHIBA\Power Saver\TFunc2.dll - ok
18:07:17.0595 3916 [ 5F44B1A92E09E8803B0A10DA6B1D15C9 ] C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Core\dfd33f59a5803a3c73cf408362e6e0b7\System.Core.ni.dll
18:07:17.0595 3916 C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Core\dfd33f59a5803a3c73cf408362e6e0b7\System.Core.ni.dll - ok
18:07:17.0598 3916 [ E6BC081DDE7391AD0A044C0796A86D08 ] C:\Program Files\TOSHIBA\FlashCards\Hotkey\FnF3.dll
18:07:17.0598 3916 C:\Program Files\TOSHIBA\FlashCards\Hotkey\FnF3.dll - ok
18:07:17.0601 3916 [ EDE3D67AE2951D330AA6A4EB7FEF7739 ] C:\Program Files\TOSHIBA\FlashCards\Hotkey\FnF4.dll
18:07:17.0601 3916 C:\Program Files\TOSHIBA\FlashCards\Hotkey\FnF4.dll - ok
18:07:17.0604 3916 [ 8B1DF5DE30BFE3E0A359F6E612591E74 ] C:\Program Files\TOSHIBA\FlashCards\Hotkey\FnF5_2.dll
18:07:17.0605 3916 C:\Program Files\TOSHIBA\FlashCards\Hotkey\FnF5_2.dll - ok
18:07:17.0608 3916 [ 5C198F64830EEC77491794F684922F30 ] C:\Program Files (x86)\Memeo\AutoBackup\XMLSettings.dll
18:07:17.0608 3916 C:\Program Files (x86)\Memeo\AutoBackup\XMLSettings.dll - ok
18:07:17.0611 3916 [ 5E8E869E1342308752A37A2C90CCA79D ] C:\Windows\SysWOW64\mshtml.dll
18:07:17.0611 3916 C:\Windows\SysWOW64\mshtml.dll - ok
18:07:17.0615 3916 [ 566D1F57F5C422BE44C5E4A08D778901 ] C:\Program Files (x86)\Evernote\Evernote\encrashrep.dll
18:07:17.0615 3916 C:\Program Files (x86)\Evernote\Evernote\encrashrep.dll - ok
18:07:17.0618 3916 [ 561FA2ABB31DFA8FAB762145F81667C2 ] C:\Users\Ken\AppData\Roaming\Dropbox\bin\msvcp71.dll
18:07:17.0619 3916 C:\Users\Ken\AppData\Roaming\Dropbox\bin\msvcp71.dll - ok
18:07:17.0622 3916 [ E8CFC11D1916EB3607EC6B9C166F05E4 ] C:\Windows\assembly\NativeImages_v2.0.50727_32\Microsoft.VisualBas#\6c59a14a23f734093e80d6093e25302a\Microsoft.VisualBasic.ni.dll
18:07:17.0622 3916 C:\Windows\assembly\NativeImages_v2.0.50727_32\Microsoft.VisualBas#\6c59a14a23f734093e80d6093e25302a\Microsoft.VisualBasic.ni.dll - ok
18:07:17.0626 3916 [ 1D1EAA16D193C6A2D45981ED3914D22A ] C:\Windows\SysWOW64\msimtf.dll
18:07:17.0626 3916 C:\Windows\SysWOW64\msimtf.dll - ok
18:07:17.0630 3916 [ 64ABE1250EC1A1CFD1442E7C8800216E ] C:\Windows\System32\d3d10warp.dll
18:07:17.0630 3916 C:\Windows\System32\d3d10warp.dll - ok
18:07:17.0634 3916 [ 714445FBC09B4D8A791FFCF8EA0E7320 ] C:\Program Files (x86)\Evernote\Evernote\libxml2.dll
18:07:17.0634 3916 C:\Program Files (x86)\Evernote\Evernote\libxml2.dll - ok
18:07:17.0638 3916 [ 35AAE2E841AA1A949775168E119482C9 ] C:\Windows\SysWOW64\msls31.dll
18:07:17.0638 3916 C:\Windows\SysWOW64\msls31.dll - ok
18:07:17.0643 3916 [ DB4BC74DC444CC7A5F8F6DF2D38FBD96 ] C:\Windows\winsxs\amd64_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.6161_none_08e61857a83bc251\msvcm90.dll
18:07:17.0643 3916 C:\Windows\winsxs\amd64_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.6161_none_08e61857a83bc251\msvcm90.dll - ok
18:07:17.0647 3916 [ 7C93A120A68DE45DA9794D5765C81F88 ] C:\Program Files (x86)\Evernote\Evernote\libpcre.dll
18:07:17.0647 3916 C:\Program Files (x86)\Evernote\Evernote\libpcre.dll - ok
18:07:17.0651 3916 [ 35CEDE6439FF0D8903223A0817FFE46C ] C:\Windows\SysWOW64\d2d1.dll
18:07:17.0651 3916 C:\Windows\SysWOW64\d2d1.dll - ok
18:07:17.0654 3916 [ BE3F2025B87338524FF4331B9D31D02D ] C:\Program Files (x86)\Evernote\Evernote\libtidy.dll
18:07:17.0654 3916 C:\Program Files (x86)\Evernote\Evernote\libtidy.dll - ok
18:07:17.0659 3916 [ A29D734F650F958424743BE3BAA052C8 ] C:\Windows\SysWOW64\DWrite.dll
18:07:17.0659 3916 C:\Windows\SysWOW64\DWrite.dll - ok
18:07:17.0662 3916 [ 0411B7958C524BB2E91EE1B3035FE321 ] C:\Windows\SysWOW64\dxgi.dll
18:07:17.0662 3916 C:\Windows\SysWOW64\dxgi.dll - ok
18:07:17.0665 3916 [ 28AA3FF02E50553836E822546C32090C ] C:\Program Files\TOSHIBA\FlashCards\Hotkey\Brightness.dll
18:07:17.0665 3916 C:\Program Files\TOSHIBA\FlashCards\Hotkey\Brightness.dll - ok
18:07:17.0668 3916 [ 43AA2EFD14590DE58A545BF3B28ED09F ] C:\Program Files\TOSHIBA\FlashCards\Hotkey\FnF8Dll.dll
18:07:17.0668 3916 C:\Program Files\TOSHIBA\FlashCards\Hotkey\FnF8Dll.dll - ok
18:07:17.0671 3916 [ E4993A704ACA876FC68E3FE2EF858E1E ] C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Management\9b2f17fb61b7197f2a04108f5d1a1cc6\System.Management.ni.dll
18:07:17.0672 3916 C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Management\9b2f17fb61b7197f2a04108f5d1a1cc6\System.Management.ni.dll - ok
18:07:17.0675 3916 [ 972DCC74D4CDCB64086E7CFACBDB74CB ] C:\Windows\Microsoft.NET\Framework\v2.0.50727\WMINet_Utils.dll
18:07:17.0675 3916 C:\Windows\Microsoft.NET\Framework\v2.0.50727\WMINet_Utils.dll - ok
18:07:17.0679 3916 [ 5610B0425518D185331CB8E968D060E6 ] C:\Windows\SysWOW64\wbem\wmiutils.dll
18:07:17.0679 3916 C:\Windows\SysWOW64\wbem\wmiutils.dll - ok
18:07:17.0682 3916 [ 8779B0143674F1D8212C5412BE0511C1 ] C:\Windows\System32\igdumd64.dll
18:07:17.0682 3916 C:\Windows\System32\igdumd64.dll - ok
18:07:17.0685 3916 [ 984E31DC64A8385F017DDA9E1BB232D4 ] C:\Program Files (x86)\Memeo\AutoBackup\Tanagra.Interop.dll
18:07:17.0685 3916 C:\Program Files (x86)\Memeo\AutoBackup\Tanagra.Interop.dll - ok
18:07:17.0689 3916 [ DCF133F1F0134DBC0AC26F075FC64285 ] C:\Program Files (x86)\Seagate\Seagate Dashboard\MemeoDashboard.exe
18:07:17.0689 3916 C:\Program Files (x86)\Seagate\Seagate Dashboard\MemeoDashboard.exe - ok
18:07:17.0693 3916 [ 66935625C1758EFEFFAF8CF0E020A6F9 ] C:\Program Files\TOSHIBA\FlashCards\Hotkey\FnF10.dll
18:07:17.0693 3916 C:\Program Files\TOSHIBA\FlashCards\Hotkey\FnF10.dll - ok
18:07:17.0696 3916 [ D964DA1E8FA2A8C7FAB7C1CF1FD10577 ] C:\Program Files\TOSHIBA\FlashCards\Hotkey\TouchPad.dll
18:07:17.0696 3916 C:\Program Files\TOSHIBA\FlashCards\Hotkey\TouchPad.dll - ok
18:07:17.0699 3916 [ 2DE90400A63818FA38C4C5C9ADB166BF ] C:\Windows\SysWOW64\d3d10_1.dll
18:07:17.0699 3916 C:\Windows\SysWOW64\d3d10_1.dll - ok
18:07:17.0702 3916 [ 9C36A3CA80F9B204C670336D344F5DF8 ] C:\Windows\SysWOW64\d3d10_1core.dll
18:07:17.0702 3916 C:\Windows\SysWOW64\d3d10_1core.dll - ok
18:07:17.0705 3916 [ 78B7A3BDA25C90DAA50D36A56A8D1351 ] C:\Windows\SysWOW64\d3d10warp.dll
18:07:17.0706 3916 C:\Windows\SysWOW64\d3d10warp.dll - ok
18:07:17.0709 3916 [ F5B7D0E678F7A7C395E7C8B51A16BBA7 ] C:\Program Files (x86)\Seagate\Seagate Dashboard\MemeoUpdater.exe
18:07:17.0709 3916 C:\Program Files (x86)\Seagate\Seagate Dashboard\MemeoUpdater.exe - ok
18:07:17.0712 3916 [ D693EE4C56EE179408FAEF36B9EFFCE5 ] C:\Windows\SysWOW64\igdumd32.dll
18:07:17.0712 3916 C:\Windows\SysWOW64\igdumd32.dll - ok
18:07:17.0715 3916 [ 4C671C688884F18152441DC16AA629F6 ] C:\Program Files\TOSHIBA\FlashCards\Hotkey\FnF11.dll
18:07:17.0715 3916 C:\Program Files\TOSHIBA\FlashCards\Hotkey\FnF11.dll - ok
18:07:17.0719 3916 [ 1815FAC968E492F80537BB0103E60D4D ] C:\Program Files (x86)\Memeo\AutoBackup\InstantBackup.exe
18:07:17.0719 3916 C:\Program Files (x86)\Memeo\AutoBackup\InstantBackup.exe - ok
18:07:17.0723 3916 [ 4A2351D1228BF6B1AE44E52CDF60995F ] C:\Program Files\TOSHIBA\FlashCards\Hotkey\FnSpace.dll
18:07:17.0723 3916 C:\Program Files\TOSHIBA\FlashCards\Hotkey\FnSpace.dll - ok
18:07:17.0727 3916 [ 9F179DA6BF972F2B8B7F90978D02D719 ] C:\Windows\SysWOW64\jscript9.dll
18:07:17.0727 3916 C:\Windows\SysWOW64\jscript9.dll - ok
18:07:17.0731 3916 [ 3D3CBD1847F980FB03343A63671E7886 ] C:\Windows\SysWOW64\schannel.dll
18:07:17.0731 3916 C:\Windows\SysWOW64\schannel.dll - ok
18:07:17.0735 3916 [ 3819AD4329303EAC88480CA16A650735 ] C:\Windows\System32\UIAnimation.dll
18:07:17.0735 3916 C:\Windows\System32\UIAnimation.dll - ok
18:07:17.0738 3916 [ BD66ECA9479C688412DDDA9F2CCD2C69 ] C:\Windows\System32\d3d10.dll
18:07:17.0738 3916 C:\Windows\System32\d3d10.dll - ok
18:07:17.0741 3916 [ B628DA8B548E6D11A35B86799714CB22 ] C:\Windows\System32\d3d10core.dll
18:07:17.0741 3916 C:\Windows\System32\d3d10core.dll - ok
18:07:17.0744 3916 [ A6C09924C6730DE8DEED9890A12AA691 ] C:\Windows\System32\ddraw.dll
18:07:17.0744 3916 C:\Windows\System32\ddraw.dll - ok
18:07:17.0746 3916 [ 29C22748937F45C26590909E9F8E7137 ] C:\Windows\System32\dciman32.dll
18:07:17.0746 3916 C:\Windows\System32\dciman32.dll - ok
18:07:17.0750 3916 [ E95A3D25BF14AFD72AFD6EB38E3B756E ] C:\Program Files (x86)\Memeo\AutoBackup\Memeo.Client.dll
18:07:17.0750 3916 C:\Program Files (x86)\Memeo\AutoBackup\Memeo.Client.dll - ok
18:07:17.0753 3916 [ 68CE18072E9CDFE63DD2E083868C7433 ] C:\Windows\assembly\GAC_MSIL\System.Windows.Forms\2.0.0.0__b77a5c561934e089\System.Windows.Forms.dll
18:07:17.0753 3916 C:\Windows\assembly\GAC_MSIL\System.Windows.Forms\2.0.0.0__b77a5c561934e089\System.Windows.Forms.dll - ok
18:07:17.0757 3916 [ 59CD6341C2EE5BBF33954B634F24312D ] C:\Program Files (x86)\Seagate\Seagate Dashboard\Memeo.Dashboard.UI.dll
18:07:17.0757 3916 C:\Program Files (x86)\Seagate\Seagate Dashboard\Memeo.Dashboard.UI.dll - ok
18:07:17.0760 3916 [ 0B7E85364CB878E2AD531DB7B601A9E5 ] C:\Windows\SysWOW64\NapiNSP.dll
18:07:17.0760 3916 C:\Windows\SysWOW64\NapiNSP.dll - ok
18:07:17.0763 3916 [ 5CF640EDDB1E40A5AB1BB743BCDEC610 ] C:\Windows\SysWOW64\pnrpnsp.dll
18:07:17.0763 3916 C:\Windows\SysWOW64\pnrpnsp.dll - ok
18:07:17.0766 3916 [ 5DF5D8CFD9B9573FA3B2C89D9061A240 ] C:\Windows\SysWOW64\winrnr.dll
18:07:17.0766 3916 C:\Windows\SysWOW64\winrnr.dll - ok
18:07:17.0770 3916 [ F832EEEA97CDDA1AF577E721F652A0D1 ] C:\Windows\System32\batmeter.dll
18:07:17.0770 3916 C:\Windows\System32\batmeter.dll - ok
18:07:17.0773 3916 [ C3761661C17C2248A9379A8FB89E3DE1 ] C:\Windows\System32\stobject.dll
18:07:17.0773 3916 C:\Windows\System32\stobject.dll - ok
18:07:17.0776 3916 [ ADB26AA6CD9D9DC0886B6468F505E248 ] C:\Program Files (x86)\Memeo\AutoBackup\Tanagra.DataClad.dll
18:07:17.0776 3916 C:\Program Files (x86)\Memeo\AutoBackup\Tanagra.DataClad.dll - ok
18:07:17.0778 3916 [ 3F50200237961034FACE602373838980 ] C:\Windows\SysWOW64\FirewallAPI.dll
18:07:17.0779 3916 C:\Windows\SysWOW64\FirewallAPI.dll - ok
18:07:17.0782 3916 [ 6EF5F3F18413C367195F06E503AB86A6 ] C:\Windows\SysWOW64\d3d9.dll
18:07:17.0782 3916 C:\Windows\SysWOW64\d3d9.dll - ok
18:07:17.0785 3916 [ 77B1471A490B53B24EFE136F09F76550 ] C:\Windows\SysWOW64\d3d8thk.dll
18:07:17.0785 3916 C:\Windows\SysWOW64\d3d8thk.dll - ok
18:07:17.0788 3916 [ ECE10CA8054B0513610BA27D4762D9D6 ] C:\Program Files (x86)\Memeo\AutoBackup\Memeo.Client.UI.dll
18:07:17.0788 3916 C:\Program Files (x86)\Memeo\AutoBackup\Memeo.Client.UI.dll - ok
18:07:17.0791 3916 [ D9A9702E43A5859896F34898D5FD3FEC ] C:\Windows\SysWOW64\msxml6.dll
18:07:17.0791 3916 C:\Windows\SysWOW64\msxml6.dll - ok
18:07:17.0794 3916 [ 39E9AACC4C5FB3C3C0B12DE6D491553D ] C:\Windows\SysWOW64\WindowsCodecsExt.dll
18:07:17.0794 3916 C:\Windows\SysWOW64\WindowsCodecsExt.dll - ok
18:07:17.0797 3916 [ B0B58AE895942364DEFF5AB7A5958EAF ] C:\Program Files (x86)\Memeo\AutoBackup\Memeo.Client.DriveDetection.dll
18:07:17.0797 3916 C:\Program Files (x86)\Memeo\AutoBackup\Memeo.Client.DriveDetection.dll - ok
18:07:17.0800 3916 [ 2D2A6EC8EAD30EC3ACE2FD6FB1B3E122 ] C:\Windows\System32\prnfldr.dll
18:07:17.0800 3916 C:\Windows\System32\prnfldr.dll - ok
18:07:17.0803 3916 [ D1F4FF96FAD977645AFA6F4FD980A8F8 ] C:\Program Files (x86)\Seagate\Seagate Dashboard\Memeo.Dashboard.HelperAgentAdapter.dll
18:07:17.0803 3916 C:\Program Files (x86)\Seagate\Seagate Dashboard\Memeo.Dashboard.HelperAgentAdapter.dll - ok
18:07:17.0806 3916 [ 40E60C0C6E4B9F4D9B8AF2EDE7A6A2E3 ] C:\Windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\8e56489276063ededde74e597a121df3\PresentationFramework.Aero.ni.dll
18:07:17.0806 3916 C:\Windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\8e56489276063ededde74e597a121df3\PresentationFramework.Aero.ni.dll - ok
18:07:17.0809 3916 [ E92785026245126DA5563287FBAB3923 ] C:\Program Files (x86)\Seagate\Seagate Dashboard\Memeo.Dashboard.NasListener.dll
18:07:17.0810 3916 C:\Program Files (x86)\Seagate\Seagate Dashboard\Memeo.Dashboard.NasListener.dll - ok
18:07:17.0813 3916 [ 08175580F349708D7B9A55CA729F9A55 ] C:\Program Files (x86)\Seagate\Seagate Dashboard\Memeo.Progress.dll
18:07:17.0813 3916 C:\Program Files (x86)\Seagate\Seagate Dashboard\Memeo.Progress.dll - ok
18:07:17.0815 3916 [ 811D52DEEF4EF761BDFE961FED4DC5CC ] C:\Program Files (x86)\Seagate\Seagate Dashboard\SeagateAdapter.dll
18:07:17.0816 3916 C:\Program Files (x86)\Seagate\Seagate Dashboard\SeagateAdapter.dll - ok
18:07:17.0818 3916 [ 42A9CB6906D9A8BEDC83B57163E62924 ] C:\Windows\System32\DXP.dll
18:07:17.0818 3916 C:\Windows\System32\DXP.dll - ok
18:07:17.0821 3916 [ 2BC7C9FD0A9F2C9AFC373F3AD1EE3891 ] C:\Windows\System32\Syncreg.dll
18:07:17.0821 3916 C:\Windows\System32\Syncreg.dll - ok
18:07:17.0824 3916 [ 277687786A5323E522C63F07D8164B32 ] C:\Program Files (x86)\Seagate\Seagate Dashboard\STXDEVIF.dll
18:07:17.0824 3916 C:\Program Files (x86)\Seagate\Seagate Dashboard\STXDEVIF.dll - ok
18:07:17.0827 3916 [ E2C48CD0132D4D1DC7D0DF9A6BEF686A ] C:\Windows\winsxs\x86_microsoft.vc80.mfc_1fc8b3b9a1e18e3b_8.0.50727.6195_none_cbf5e994470a1a8f\mfc80u.dll
18:07:17.0828 3916 C:\Windows\winsxs\x86_microsoft.vc80.mfc_1fc8b3b9a1e18e3b_8.0.50727.6195_none_cbf5e994470a1a8f\mfc80u.dll - ok
18:07:17.0831 3916 [ 28A09777D2D952122567A8A82F1A2C7B ] C:\Windows\winsxs\x86_microsoft.vc80.mfcloc_1fc8b3b9a1e18e3b_8.0.50727.6195_none_03ce2c72205943d3\mfc80ENU.dll
18:07:17.0831 3916 C:\Windows\winsxs\x86_microsoft.vc80.mfcloc_1fc8b3b9a1e18e3b_8.0.50727.6195_none_03ce2c72205943d3\mfc80ENU.dll - ok
18:07:17.0834 3916 [ 30F3D3E322C5339004415D7BC8BF246E ] C:\Users\Ken\AppData\Local\Temp\_MEI40322\python26.dll
18:07:17.0834 3916 C:\Users\Ken\AppData\Local\Temp\_MEI40322\python26.dll - ok
18:07:17.0837 3916 [ ABC5DCAC962AE8AF7AF214DD0D6D4FF6 ] C:\Users\Ken\AppData\Local\Temp\_MEI40322\PyWinTypes26.dll
18:07:17.0837 3916 C:\Users\Ken\AppData\Local\Temp\_MEI40322\PyWinTypes26.dll - ok
18:07:17.0840 3916 [ 526D928D13E0E141C01BA3799FD8338B ] C:\Users\Ken\AppData\Local\Temp\_MEI40322\win32api.pyd
18:07:17.0840 3916 C:\Users\Ken\AppData\Local\Temp\_MEI40322\win32api.pyd - ok
18:07:17.0843 3916 [ 65EE7A7C20134DED91485AEF23C882D4 ] C:\Users\Ken\AppData\Local\Temp\_MEI40322\pythoncom26.dll
18:07:17.0843 3916 C:\Users\Ken\AppData\Local\Temp\_MEI40322\pythoncom26.dll - ok
18:07:17.0846 3916 [ FAB18E11587305BF8039EA6F8F731207 ] C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Web\a501b7960f6c6e2e39162b83f3303aaa\System.Web.ni.dll
18:07:17.0846 3916 C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Web\a501b7960f6c6e2e39162b83f3303aaa\System.Web.ni.dll - ok
18:07:17.0849 3916 [ C836175870E00ACC546066632E15BD10 ] C:\Windows\ehome\ehSSO.dll
18:07:17.0849 3916 C:\Windows\ehome\ehSSO.dll - ok
18:07:17.0852 3916 [ A78890BF2712D6E472788711FB60113B ] C:\Users\Ken\AppData\Local\Temp\_MEI40322\win32com.shell.shell.pyd
18:07:17.0852 3916 C:\Users\Ken\AppData\Local\Temp\_MEI40322\win32com.shell.shell.pyd - ok
18:07:17.0855 3916 [ 2931B1A98FA187834F7E39A598B947E1 ] C:\Users\Ken\AppData\Local\Temp\_MEI40322\_socket.pyd
18:07:17.0855 3916 C:\Users\Ken\AppData\Local\Temp\_MEI40322\_socket.pyd - ok
18:07:17.0858 3916 [ 234CF1A2306CD5645011A298F0D3584A ] C:\Users\Ken\AppData\Local\Temp\_MEI40322\_ssl.pyd
18:07:17.0858 3916 C:\Users\Ken\AppData\Local\Temp\_MEI40322\_ssl.pyd - ok
18:07:17.0861 3916 [ E03DF04690FE5BA99CA64F1C68088D5E ] C:\Program Files (x86)\Seagate\Seagate Dashboard\Memeo.Dashboard.PluginCore.dll
18:07:17.0861 3916 C:\Program Files (x86)\Seagate\Seagate Dashboard\Memeo.Dashboard.PluginCore.dll - ok
18:07:17.0864 3916 [ DAFA56C9092C7CC163CD85A246E5A674 ] C:\Users\Ken\AppData\Local\Temp\_MEI40322\wx._core_.pyd
18:07:17.0864 3916 C:\Users\Ken\AppData\Local\Temp\_MEI40322\wx._core_.pyd - ok
18:07:17.0867 3916 [ 9E6AD2917D6FD7730FF37B50F7053183 ] C:\Users\Ken\AppData\Local\Temp\_MEI40322\wxbase293u_vc.dll
18:07:17.0867 3916 C:\Users\Ken\AppData\Local\Temp\_MEI40322\wxbase293u_vc.dll - ok
18:07:17.0870 3916 [ CBEA6456DEB8A9C3B0C53B66D350D543 ] C:\Program Files (x86)\Seagate\Seagate Dashboard\Plugins\Memeo.Dashboard.AddComputersPlugin.dll
18:07:17.0870 3916 C:\Program Files (x86)\Seagate\Seagate Dashboard\Plugins\Memeo.Dashboard.AddComputersPlugin.dll - ok
18:07:17.0873 3916 [ 29CD1F3E9148FCD542DEC355A41776AF ] C:\Users\Ken\AppData\Local\Temp\_MEI40322\wxbase293u_net_vc.dll
18:07:17.0873 3916 C:\Users\Ken\AppData\Local\Temp\_MEI40322\wxbase293u_net_vc.dll - ok
18:07:17.0876 3916 [ 2B9A6B7B7A3997C12841A5D869F022A4 ] C:\Users\Ken\AppData\Local\Temp\_MEI40322\wxmsw293u_core_vc.dll
18:07:17.0876 3916 C:\Users\Ken\AppData\Local\Temp\_MEI40322\wxmsw293u_core_vc.dll - ok
18:07:17.0879 3916 [ FF13BC0EAD656E2DE88BD245BA3D2BF7 ] C:\Users\Ken\AppData\Local\Temp\_MEI40322\wxmsw293u_adv_vc.dll
18:07:17.0879 3916 C:\Users\Ken\AppData\Local\Temp\_MEI40322\wxmsw293u_adv_vc.dll - ok
18:07:17.0882 3916 [ 5746BD7E255DD6A8AFA06F7C42C1BA41 ] C:\Windows\System32\cmd.exe
18:07:17.0882 3916 C:\Windows\System32\cmd.exe - ok
18:07:17.0885 3916 [ 86AEF2219E35F086AB78BA9FBC0FA1E7 ] C:\Users\Ken\AppData\Local\Temp\_MEI40322\wx._gdi_.pyd
18:07:17.0885 3916 C:\Users\Ken\AppData\Local\Temp\_MEI40322\wx._gdi_.pyd - ok
18:07:17.0888 3916 [ E93FDA17DD68091979B3B56831CD07D7 ] C:\Program Files (x86)\Seagate\Seagate Dashboard\Plugins\Memeo.Dashboard.AddUserPlugin.dll
18:07:17.0888 3916 C:\Program Files (x86)\Seagate\Seagate Dashboard\Plugins\Memeo.Dashboard.AddUserPlugin.dll - ok
18:07:17.0891 3916 [ E84FE4D398705276D1E87EDD90E1D179 ] C:\Program Files (x86)\Seagate\Seagate Dashboard\Plugins\Memeo.Dashboard.BackupPlugin.dll
18:07:17.0891 3916 C:\Program Files (x86)\Seagate\Seagate Dashboard\Plugins\Memeo.Dashboard.BackupPlugin.dll - ok
18:07:17.0894 3916 [ 6CB0403BDFB83F114F6EBFBD1163B220 ] C:\Users\Ken\AppData\Local\Temp\_MEI40322\wx._windows_.pyd
18:07:17.0894 3916 C:\Users\Ken\AppData\Local\Temp\_MEI40322\wx._windows_.pyd - ok
18:07:17.0897 3916 [ 699EFC4D6FE0A2FE24D7049608F2D543 ] C:\Users\Ken\AppData\Local\Temp\_MEI40322\wxmsw293u_html_vc.dll
18:07:17.0897 3916 C:\Users\Ken\AppData\Local\Temp\_MEI40322\wxmsw293u_html_vc.dll - ok
18:07:17.0900 3916 [ 1D3A2646A0106F88A66E83A5B9DB82DB ] C:\Program Files (x86)\Seagate\Seagate Dashboard\Plugins\Memeo.Dashboard.BackupPremiumPlugin.dll
18:07:17.0900 3916 C:\Program Files (x86)\Seagate\Seagate Dashboard\Plugins\Memeo.Dashboard.BackupPremiumPlugin.dll - ok
18:07:17.0903 3916 [ 09B6A5A2F9EAD10D50E3AEA7934E6DE4 ] C:\Users\Ken\AppData\Local\Temp\_MEI40322\wx._controls_.pyd
18:07:17.0903 3916 C:\Users\Ken\AppData\Local\Temp\_MEI40322\wx._controls_.pyd - ok
18:07:17.0907 3916 [ 095959AE2B6645A78EDF37C69E1E161A ] C:\Program Files (x86)\Seagate\Seagate Dashboard\Plugins\Memeo.Dashboard.FolderViewPlugin.dll
18:07:17.0907 3916 C:\Program Files (x86)\Seagate\Seagate Dashboard\Plugins\Memeo.Dashboard.FolderViewPlugin.dll - ok
18:07:17.0910 3916 [ 03B6D87D79E269526AA2B1370DE65675 ] C:\Users\Ken\AppData\Local\Temp\_MEI40322\wx._misc_.pyd
18:07:17.0910 3916 C:\Users\Ken\AppData\Local\Temp\_MEI40322\wx._misc_.pyd - ok
18:07:17.0912 3916 [ E7368F0A8D19445EAF5C5D0DBB8B8DAB ] C:\Windows\System32\AltTab.dll
18:07:17.0912 3916 C:\Windows\System32\AltTab.dll - ok
18:07:17.0915 3916 [ E0F30C6E78DA1909BEA87BE163A022FC ] C:\Program Files (x86)\Seagate\Seagate Dashboard\Plugins\Memeo.Dashboard.LoadContentPlugin.dll
18:07:17.0915 3916 C:\Program Files (x86)\Seagate\Seagate Dashboard\Plugins\Memeo.Dashboard.LoadContentPlugin.dll - ok
18:07:17.0918 3916 [ 9173210A0CA1888F8EFFBB4AFE58F916 ] C:\Program Files (x86)\Seagate\Seagate Dashboard\Plugins\Memeo.Dashboard.RebitPlugin.dll
18:07:17.0918 3916 C:\Program Files (x86)\Seagate\Seagate Dashboard\Plugins\Memeo.Dashboard.RebitPlugin.dll - ok
18:07:17.0921 3916 [ 78B16D439F3562552AEB38D352F00567 ] C:\Users\Ken\AppData\Local\Temp\_MEI40322\_hashlib.pyd
18:07:17.0921 3916 C:\Users\Ken\AppData\Local\Temp\_MEI40322\_hashlib.pyd - ok
18:07:17.0925 3916 [ 15DE81EC02716D08B17EBF5AFC2190B8 ] C:\Users\Ken\AppData\Local\Temp\_MEI40322\pysqlite2._sqlite.pyd
18:07:17.0925 3916 C:\Users\Ken\AppData\Local\Temp\_MEI40322\pysqlite2._sqlite.pyd - ok
18:07:17.0927 3916 [ 8DC2EB39AF2A01C5C28E50685F5B78A5 ] C:\Users\Ken\AppData\Local\Temp\_MEI40322\_ctypes.pyd
18:07:17.0927 3916 C:\Users\Ken\AppData\Local\Temp\_MEI40322\_ctypes.pyd - ok
18:07:17.0929 3916 [ 94CD8007843957C9A499F3B4ECBAF0D8 ] C:\Users\Ken\AppData\Local\Temp\_MEI40322\win32file.pyd
18:07:17.0930 3916 C:\Users\Ken\AppData\Local\Temp\_MEI40322\win32file.pyd - ok
18:07:17.0933 3916 [ B06C6F766FA2F631BA1FA3BE6805FB97 ] C:\Program Files (x86)\Seagate\Seagate Dashboard\Plugins\Memeo.Dashboard.SeagatePreferencesPlugin.dll
18:07:17.0933 3916 C:\Program Files (x86)\Seagate\Seagate Dashboard\Plugins\Memeo.Dashboard.SeagatePreferencesPlugin.dll - ok
18:07:17.0935 3916 [ E282EA80BE94B90E656A475EFCAC89C2 ] C:\Users\Ken\AppData\Local\Temp\_MEI40322\win32event.pyd
18:07:17.0935 3916 C:\Users\Ken\AppData\Local\Temp\_MEI40322\win32event.pyd - ok
18:07:17.0938 3916 [ 243974EC02F7AE49E4179C54624143AB ] C:\Windows\SysWOW64\MMDevAPI.dll
18:07:17.0938 3916 C:\Windows\SysWOW64\MMDevAPI.dll - ok
18:07:17.0941 3916 [ 6FA41E0C86EF049A12C05CA4BBA8F9AF ] C:\Windows\SysWOW64\perfos.dll
18:07:17.0941 3916 C:\Windows\SysWOW64\perfos.dll - ok
18:07:17.0944 3916 [ 2C8A74FF77190E87F732C43795D39410 ] C:\Program Files (x86)\Seagate\Seagate Dashboard\Plugins\Memeo.Dashboard.SeagateSharePlugin.dll
18:07:17.0944 3916 C:\Program Files (x86)\Seagate\Seagate Dashboard\Plugins\Memeo.Dashboard.SeagateSharePlugin.dll - ok
18:07:17.0947 3916 [ C940F2F5C60B3727C5F18840735B229C ] C:\Windows\SysWOW64\AudioSes.dll
18:07:17.0947 3916 C:\Windows\SysWOW64\AudioSes.dll - ok
18:07:17.0950 3916 [ 139D3AB6AA920C34C50CBFFB9EB7D222 ] C:\Windows\SysWOW64\avrt.dll
18:07:17.0950 3916 C:\Windows\SysWOW64\avrt.dll - ok
18:07:17.0952 3916 [ 9C67F6BBDA3881CFD02095160CF91576 ] C:\Windows\SysWOW64\ksuser.dll
18:07:17.0953 3916 C:\Windows\SysWOW64\ksuser.dll - ok
18:07:17.0955 3916 [ D205C24A9D069049FE2DF2A1B38726A7 ] C:\Windows\SysWOW64\wdmaud.drv
18:07:17.0956 3916 C:\Windows\SysWOW64\wdmaud.drv - ok
18:07:17.0958 3916 [ C8FDF0FA9E97E2FAAF3F814716AAA881 ] C:\Windows\System32\WPDShServiceObj.dll
18:07:17.0958 3916 C:\Windows\System32\WPDShServiceObj.dll - ok
18:07:17.0961 3916 [ 5A12C364AD1D4FCC0AD0E56DBBC34462 ] C:\Windows\SysWOW64\midimap.dll
18:07:17.0961 3916 C:\Windows\SysWOW64\midimap.dll - ok
18:07:17.0964 3916 [ 07393A09C46083588E751B63B03C8301 ] C:\Windows\SysWOW64\msacm32.drv
18:07:17.0964 3916 C:\Windows\SysWOW64\msacm32.drv - ok
18:07:17.0967 3916 [ 579E6061DCFFDFA298896782D74D618F ] C:\Program Files (x86)\Seagate\Seagate Dashboard\Plugins\Memeo.Dashboard.SeagateSharePlusPlugin.dll
18:07:17.0967 3916 C:\Program Files (x86)\Seagate\Seagate Dashboard\Plugins\Memeo.Dashboard.SeagateSharePlusPlugin.dll - ok
18:07:17.0970 3916 [ 37FAE00D4F6DEC20EFAFC157C4B3499A ] C:\Users\Ken\AppData\Local\Temp\_MEI40322\_elementtree.pyd
18:07:17.0970 3916 C:\Users\Ken\AppData\Local\Temp\_MEI40322\_elementtree.pyd - ok
18:07:17.0973 3916 [ E0B340996A41C9A75DFA3B99BBA9C500 ] C:\Windows\System32\SearchIndexer.exe
18:07:17.0973 3916 C:\Windows\System32\SearchIndexer.exe - ok
18:07:17.0975 3916 [ 589DF683A6C81424A6CECE52ABF98A50 ] C:\Windows\System32\tquery.dll
18:07:17.0975 3916 C:\Windows\System32\tquery.dll - ok
18:07:17.0978 3916 [ 52421409B46D9E9AA30374F3BD7853C6 ] C:\Program Files (x86)\Seagate\Seagate Dashboard\Plugins\Memeo.Dashboard.SendPlugin.dll
18:07:17.0978 3916 C:\Program Files (x86)\Seagate\Seagate Dashboard\Plugins\Memeo.Dashboard.SendPlugin.dll - ok
18:07:17.0981 3916 [ DF495F31AA306DBFEC3E7CDBB2711CF1 ] C:\Users\Ken\AppData\Local\Temp\_MEI40322\pyexpat.pyd
18:07:17.0981 3916 C:\Users\Ken\AppData\Local\Temp\_MEI40322\pyexpat.pyd - ok
18:07:17.0985 3916 [ 7568CC720ACE4D03B84AF97817E745EF ] C:\Windows\System32\mssrch.dll
18:07:17.0985 3916 C:\Windows\System32\mssrch.dll - ok
18:07:17.0987 3916 [ 9F4FE873D23AFC083B8FE974746D47D0 ] C:\Program Files (x86)\Seagate\Seagate Dashboard\Plugins\Memeo.Dashboard.SharePlugin.dll
18:07:17.0988 3916 C:\Program Files (x86)\Seagate\Seagate Dashboard\Plugins\Memeo.Dashboard.SharePlugin.dll - ok
18:07:17.0991 3916 [ 522B0466ED967A0762E9AF5B37D8F40A ] C:\Windows\System32\esent.dll
18:07:17.0991 3916 C:\Windows\System32\esent.dll - ok
18:07:17.0993 3916 [ 10F815BE90A66AAFC6C713D1BD626064 ] C:\Windows\System32\pnidui.dll
18:07:17.0993 3916 C:\Windows\System32\pnidui.dll - ok
18:07:17.0996 3916 [ B9F0A4020AA98B7A20287BF7FE99A1FD ] C:\Windows\System32\QUTIL.DLL
18:07:17.0996 3916 C:\Windows\System32\QUTIL.DLL - ok
18:07:17.0999 3916 [ 3121A79D13A61562BE9CC902CD46B542 ] C:\Windows\System32\msidle.dll
18:07:17.0999 3916 C:\Windows\System32\msidle.dll - ok
18:07:18.0002 3916 [ F8BFE6B4745F973A1E60AF81FD6938B4 ] C:\Program Files (x86)\Seagate\Seagate Dashboard\Plugins\Memeo.Dashboard.SyncPlugin.dll
18:07:18.0002 3916 C:\Program Files (x86)\Seagate\Seagate Dashboard\Plugins\Memeo.Dashboard.SyncPlugin.dll - ok
18:07:18.0004 3916 [ ACE1BB07E0377E37A2C514CD2EC119B1 ] C:\Windows\System32\mssprxy.dll
18:07:18.0004 3916 C:\Windows\System32\mssprxy.dll - ok
18:07:18.0008 3916 [ 7106BE04428936372FB6D826956A12D4 ] C:\Users\Ken\AppData\Local\Temp\_MEI40322\wx._wizard.pyd
18:07:18.0008 3916 C:\Users\Ken\AppData\Local\Temp\_MEI40322\wx._wizard.pyd - ok
18:07:18.0011 3916 [ 4BB30A272DF1E89EC54151041D97B0EA ] C:\Program Files (x86)\Memeo\AutoBackup\Interop.eWebControl.dll
18:07:18.0011 3916 C:\Program Files (x86)\Memeo\AutoBackup\Interop.eWebControl.dll - ok
18:07:18.0014 3916 [ 8569E35D00F45972E506502EEE622BA4 ] C:\Windows\System32\srchadmin.dll
18:07:18.0014 3916 C:\Windows\System32\srchadmin.dll - ok
18:07:18.0016 3916 [ C9FB9038B15036CA28CF0B4BE2BED9BD ] C:\Windows\System32\en-US\tquery.dll.mui
18:07:18.0016 3916 C:\Windows\System32\en-US\tquery.dll.mui - ok
18:07:18.0019 3916 [ 847D3AE376C0817161A14A82C8922A9E ] C:\Windows\System32\netman.dll
18:07:18.0019 3916 C:\Windows\System32\netman.dll - ok
18:07:18.0022 3916 [ BA3C226B01FF615107659411AE01E3B0 ] C:\Users\Ken\AppData\Local\Temp\_MEI40322\unicodedata.pyd
18:07:18.0022 3916 C:\Users\Ken\AppData\Local\Temp\_MEI40322\unicodedata.pyd - ok
18:07:18.0026 3916 [ 3A4F66ADDDF413DCD1C714B2BEBAF98A ] C:\Users\Ken\AppData\Local\Temp\_MEI40322\wx._html2.pyd
18:07:18.0026 3916 C:\Users\Ken\AppData\Local\Temp\_MEI40322\wx._html2.pyd - ok
18:07:18.0029 3916 [ 3D01C7F884349A6170A1E0D3CF812333 ] C:\Users\Ken\AppData\Local\Temp\_MEI40322\wxmsw293u_webview_vc.dll
18:07:18.0029 3916 C:\Users\Ken\AppData\Local\Temp\_MEI40322\wxmsw293u_webview_vc.dll - ok
18:07:18.0033 3916 [ 5EED26992767EEB0988205A3ADB30F4B ] C:\Program Files (x86)\Common Files\Memeo\eWebControl365.dll
18:07:18.0033 3916 C:\Program Files (x86)\Common Files\Memeo\eWebControl365.dll - ok
18:07:18.0037 3916 [ A294A77B4271CE24BC830F8CA376E018 ] C:\Users\Ken\AppData\Local\Temp\_MEI40322\win32inet.pyd
18:07:18.0038 3916 C:\Users\Ken\AppData\Local\Temp\_MEI40322\win32inet.pyd - ok
18:07:18.0041 3916 [ F4F6BB58923C216F56A6CB7EDDC2D994 ] C:\Program Files (x86)\Memeo\AutoBackup\Tanagra.Third-party.Security.dll
18:07:18.0041 3916 C:\Program Files (x86)\Memeo\AutoBackup\Tanagra.Third-party.Security.dll - ok
18:07:18.0046 3916 [ 61A4E2E48CD692390EC964F0F1BBEFE2 ] C:\Users\Ken\AppData\Local\Temp\_MEI40322\win32pdh.pyd
18:07:18.0046 3916 C:\Users\Ken\AppData\Local\Temp\_MEI40322\win32pdh.pyd - ok
18:07:18.0049 3916 [ 487F44B08EFEAF5AD087878357B9403D ] C:\Windows\SysWOW64\pdh.dll
18:07:18.0049 3916 C:\Windows\SysWOW64\pdh.dll - ok
18:07:18.0051 3916 [ 3C303C9D3EA9C64742931CAC0E351910 ] C:\Users\Ken\AppData\Local\Temp\_MEI40322\select.pyd
18:07:18.0051 3916 C:\Users\Ken\AppData\Local\Temp\_MEI40322\select.pyd - ok
18:07:18.0055 3916 [ 61A2041B25ADBFA3268C27E6D70C324F ] C:\Users\Ken\AppData\Local\Temp\_MEI40322\windows._cacheinvalidation.pyd
18:07:18.0055 3916 C:\Users\Ken\AppData\Local\Temp\_MEI40322\windows._cacheinvalidation.pyd - ok
18:07:18.0058 3916 [ AC24D702FFB6E20669349EFEE145ED27 ] C:\Program Files (x86)\Seagate\Seagate Dashboard\HipServAgent\HipServAgent.exe
18:07:18.0058 3916 C:\Program Files (x86)\Seagate\Seagate Dashboard\HipServAgent\HipServAgent.exe - ok
18:07:18.0061 3916 [ 4BBF7B46893201357F5F3928F2486C35 ] C:\Program Files (x86)\Memeo\AutoBackup\Tanagra.DataClad.DataAccess.dll
18:07:18.0061 3916 C:\Program Files (x86)\Memeo\AutoBackup\Tanagra.DataClad.DataAccess.dll - ok
18:07:18.0064 3916 [ 6EC174E577B7AB75B3A1A9858B2DB261 ] C:\Users\Ken\AppData\Local\Temp\_MEI40322\win32crypt.pyd
18:07:18.0064 3916 C:\Users\Ken\AppData\Local\Temp\_MEI40322\win32crypt.pyd - ok
18:07:18.0067 3916 [ 5BF6BA38B703DF5BBE18358A3188C929 ] C:\Users\Ken\AppData\Local\Temp\_MEI40322\win32process.pyd
18:07:18.0067 3916 C:\Users\Ken\AppData\Local\Temp\_MEI40322\win32process.pyd - ok
18:07:18.0070 3916 [ D9E21CBF9E6A87847AFFD39EA3FA28EE ] C:\Windows\System32\SearchProtocolHost.exe
18:07:18.0070 3916 C:\Windows\System32\SearchProtocolHost.exe - ok
18:07:18.0073 3916 [ 411C1C00A8B9E363DD9651B30EF9B6A7 ] C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Data\f3814b488d9e083cbbc623e01b389f09\System.Data.ni.dll
18:07:18.0073 3916 C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Data\f3814b488d9e083cbbc623e01b389f09\System.Data.ni.dll - ok
18:07:18.0076 3916 [ 75BB3C7816650126683817B814E62E4D ] C:\Program Files (x86)\Seagate\Seagate Dashboard\HipServAgent\libcurl.dll
18:07:18.0076 3916 C:\Program Files (x86)\Seagate\Seagate Dashboard\HipServAgent\libcurl.dll - ok
18:07:18.0079 3916 [ D2155709E336C3BC15729EB87FEC6064 ] C:\Windows\System32\rasdlg.dll
18:07:18.0079 3916 C:\Windows\System32\rasdlg.dll - ok
18:07:18.0082 3916 [ D2A5B2B09F2AF5ED13BF494508B09788 ] C:\Windows\System32\msshooks.dll
18:07:18.0082 3916 C:\Windows\System32\msshooks.dll - ok
18:07:18.0085 3916 [ 35CAB7CF3754C41AEB69DCE1D5ACA5A4 ] C:\Windows\assembly\GAC_32\System.Data\2.0.0.0__b77a5c561934e089\System.Data.dll
18:07:18.0085 3916 C:\Windows\assembly\GAC_32\System.Data\2.0.0.0__b77a5c561934e089\System.Data.dll - ok
18:07:18.0088 3916 [ C114A12269C27694B379151D6140CA3E ] C:\Program Files (x86)\Seagate\Seagate Dashboard\HipServAgent\libeay32.dll
18:07:18.0088 3916 C:\Program Files (x86)\Seagate\Seagate Dashboard\HipServAgent\libeay32.dll - ok
18:07:18.0091 3916 [ 49A3AD5CE578CD77F445F3D244AEAB2D ] C:\Windows\System32\SearchFilterHost.exe
18:07:18.0091 3916 C:\Windows\System32\SearchFilterHost.exe - ok
18:07:18.0093 3916 [ D7CEAEDD5F75D2C8A2E80887D7C114CE ] C:\Windows\System32\webcheck.dll
18:07:18.0093 3916 C:\Windows\System32\webcheck.dll - ok
18:07:18.0096 3916 [ 0553D91DDFB2B463A188E02A6967EC1E ] C:\Program Files (x86)\Seagate\Seagate Dashboard\HipServAgent\ssleay32.dll
18:07:18.0096 3916 C:\Program Files (x86)\Seagate\Seagate Dashboard\HipServAgent\ssleay32.dll - ok
18:07:18.0099 3916 [ 9C6F3CC6A3BB310D70026AF1B4561F65 ] C:\Windows\System32\ieframe.dll
18:07:18.0099 3916 C:\Windows\System32\ieframe.dll - ok
18:07:18.0102 3916 [ B949ABFD3F4BEC77F024D80BDAD44124 ] C:\Program Files (x86)\Seagate\Seagate Dashboard\HipServAgent\libupnp.dll
18:07:18.0103 3916 C:\Program Files (x86)\Seagate\Seagate Dashboard\HipServAgent\libupnp.dll - ok
18:07:18.0106 3916 [ 0AB7D0E87F3843F8104B3670F5A9AF62 ] C:\Program Files (x86)\Seagate\Seagate Dashboard\HipServAgent\pthreadVC2.dll
18:07:18.0106 3916 C:\Program Files (x86)\Seagate\Seagate Dashboard\HipServAgent\pthreadVC2.dll - ok
18:07:18.0109 3916 [ 8494E126F0B10180F3293AF861CE1F7A ] C:\Windows\System32\mlang.dll
18:07:18.0109 3916 C:\Windows\System32\mlang.dll - ok
18:07:18.0112 3916 [ 101797BA603D227946B4B5109867EB19 ] C:\Windows\System32\SyncCenter.dll
18:07:18.0112 3916 C:\Windows\System32\SyncCenter.dll - ok
18:07:18.0115 3916 [ 901CC55FEA600A14E4EBF4205D5F5ACE ] C:\Program Files (x86)\Seagate\Seagate Dashboard\HipServAgent\libxml2.dll
18:07:18.0115 3916 C:\Program Files (x86)\Seagate\Seagate Dashboard\HipServAgent\libxml2.dll - ok
18:07:18.0117 3916 [ F9AFD12BB4B1CFA5FCC0A5B37C604FD2 ] C:\Windows\System32\dot3api.dll
18:07:18.0117 3916 C:\Windows\System32\dot3api.dll - ok
18:07:18.0120 3916 [ E4FCA0F99A41E460C84016DEFD31E6EF ] C:\Windows\System32\wlanhlp.dll
18:07:18.0120 3916 C:\Windows\System32\wlanhlp.dll - ok
18:07:18.0123 3916 [ 92DBF0A4C9239169010FC6E07859C82E ] C:\Windows\System32\ActionCenter.dll
18:07:18.0123 3916 C:\Windows\System32\ActionCenter.dll - ok
18:07:18.0126 3916 [ FD1DC6C680299A2ED1EEDCC3EABDA601 ] C:\Program Files (x86)\Seagate\Seagate Dashboard\HipServAgent\iconv.dll
18:07:18.0126 3916 C:\Program Files (x86)\Seagate\Seagate Dashboard\HipServAgent\iconv.dll - ok
18:07:18.0129 3916 [ C7D4D685A0AF2A09CBC21CB474358595 ] C:\Program Files (x86)\Seagate\Seagate Dashboard\HipServAgent\zlib1.dll
18:07:18.0129 3916 C:\Program Files (x86)\Seagate\Seagate Dashboard\HipServAgent\zlib1.dll - ok
18:07:18.0132 3916 [ 0B3595A4FF0B36D68E5FC67FD7D70FDC ] C:\Windows\winsxs\x86_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.6195_none_d09154e044272b9a\msvcp80.dll
18:07:18.0132 3916 C:\Windows\winsxs\x86_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.6195_none_d09154e044272b9a\msvcp80.dll - ok
18:07:18.0135 3916 [ 48041BAEB60CE5F34F13CC2A1361E49C ] C:\Windows\System32\mssph.dll
18:07:18.0135 3916 C:\Windows\System32\mssph.dll - ok
18:07:18.0138 3916 [ 8130391F82D52D36C0441F714136957F ] C:\Windows\System32\imapi2.dll
18:07:18.0138 3916 C:\Windows\System32\imapi2.dll - ok
18:07:18.0141 3916 [ 8F4BB0CFECED925D440ABC2481278360 ] C:\Windows\System32\mapi32.dll
18:07:18.0141 3916 C:\Windows\System32\mapi32.dll - ok
18:07:18.0144 3916 [ 6A5C1A8AC0B572679361026D0E900420 ] C:\Windows\System32\hgcpl.dll
18:07:18.0144 3916 C:\Windows\System32\hgcpl.dll - ok
18:07:18.0146 3916 [ 6699A112A3BDC9B52338512894EBA9D6 ] C:\Program Files\Windows Media Player\wmpnscfg.exe
18:07:18.0146 3916 C:\Program Files\Windows Media Player\wmpnscfg.exe - ok
18:07:18.0149 3916 [ 5DA219F57A9076FB6FBD3C9C3713A672 ] C:\Windows\System32\WWanAPI.dll
18:07:18.0149 3916 C:\Windows\System32\WWanAPI.dll - ok
18:07:18.0152 3916 [ 62C7AACC746C9723468A8F2169ED3E85 ] C:\Windows\System32\wwapi.dll
18:07:18.0152 3916 C:\Windows\System32\wwapi.dll - ok
18:07:18.0155 3916 [ 6B851E682A36453E1B1EE297FFB6E2AB ] C:\Windows\System32\QAGENT.DLL
18:07:18.0155 3916 C:\Windows\System32\QAGENT.DLL - ok
18:07:18.0158 3916 [ F7A256EC899C72B4ECDD2C02CB592EFD ] C:\Windows\System32\bthprops.cpl
18:07:18.0158 3916 C:\Windows\System32\bthprops.cpl - ok
18:07:18.0161 3916 [ FF2B106909EED48C536DA04742C0324A ] C:\Windows\System32\Query.dll
18:07:18.0161 3916 C:\Windows\System32\Query.dll - ok
18:07:18.0163 3916 [ C7494C67A6BF6FE914808E42F8265FEF ] C:\Program Files\Windows Media Player\wmpnssci.dll
18:07:18.0163 3916 C:\Program Files\Windows Media Player\wmpnssci.dll - ok
18:07:18.0166 3916 [ A9F3BFC9345F49614D5859EC95B9E994 ] C:\Program Files\Windows Media Player\wmpnetwk.exe
18:07:18.0166 3916 C:\Program Files\Windows Media Player\wmpnetwk.exe - ok
18:07:18.0169 3916 [ 423982DD851406A52B6399DDB196C606 ] C:\Windows\System32\wmdrmdev.dll
18:07:18.0170 3916 C:\Windows\System32\wmdrmdev.dll - ok
18:07:18.0173 3916 [ 2C1055E2C6D42753241FB2A129136994 ] C:\Windows\System32\drmv2clt.dll
18:07:18.0173 3916 C:\Windows\System32\drmv2clt.dll - ok
18:07:18.0176 3916 [ 7DD201D70D9F39037C0E8E7E7D3ACA7E ] C:\Program Files (x86)\Memeo\AutoBackup\Newtonsoft.Json.dll
18:07:18.0176 3916 C:\Program Files (x86)\Memeo\AutoBackup\Newtonsoft.Json.dll - ok
18:07:18.0178 3916 [ 6D74290856347CF8682277A54B433D4B ] C:\Users\Ken\AppData\Roaming\Dropbox\bin\DropboxExt.14.dll
18:07:18.0178 3916 C:\Users\Ken\AppData\Roaming\Dropbox\bin\DropboxExt.14.dll - ok
18:07:18.0181 3916 [ E2CF2CB1BEAF7EEFDABCC37D3FD0EE1D ] C:\Program Files (x86)\Memeo\AutoBackup\Tanagra.BMU.dll
18:07:18.0181 3916 C:\Program Files (x86)\Memeo\AutoBackup\Tanagra.BMU.dll - ok
18:07:18.0183 3916 [ 1EB82516F21F27EED1833B4F9FD9614E ] C:\Windows\System32\wmp.dll
18:07:18.0183 3916 C:\Windows\System32\wmp.dll - ok
18:07:18.0186 3916 [ E19AD0D49BFF5938B3E374873AC174DE ] C:\Windows\System32\wmploc.DLL
18:07:18.0186 3916 C:\Windows\System32\wmploc.DLL - ok
18:07:18.0189 3916 [ FE42B83379AE89A6EDA7DF206A0B398A ] C:\Program Files (x86)\Memeo\AutoBackup\SQLite.NET.dll
18:07:18.0189 3916 C:\Program Files (x86)\Memeo\AutoBackup\SQLite.NET.dll - ok
18:07:18.0192 3916 [ F3455E60B905D95D22F7AB8A6B49ACCE ] C:\Program Files (x86)\Memeo\AutoBackup\sqlite3.dll
18:07:18.0192 3916 C:\Program Files (x86)\Memeo\AutoBackup\sqlite3.dll - ok
18:07:18.0195 3916 [ 97A891E2BF7FDA830BCFC6269DA3F5E9 ] C:\Windows\System32\blackbox.dll
18:07:18.0195 3916 C:\Windows\System32\blackbox.dll - ok
18:07:18.0198 3916 [ EE6A0F68F54FE2B659F46FD6AA28862C ] C:\Program Files (x86)\Memeo\AutoBackup\providers\Tanagra.BMU.Providers.HardDiskBackupProvider.dll
18:07:18.0198 3916 C:\Program Files (x86)\Memeo\AutoBackup\providers\Tanagra.BMU.Providers.HardDiskBackupProvider.dll - ok
18:07:18.0201 3916 [ B1CDA813132FFAB6098909F94B7E6857 ] C:\Program Files (x86)\Memeo\AutoBackup\providers\Tanagra.BMU.Providers.FileCopyBackupProvider.dll
18:07:18.0201 3916 C:\Program Files (x86)\Memeo\AutoBackup\providers\Tanagra.BMU.Providers.FileCopyBackupProvider.dll - ok
18:07:18.0204 3916 [ 96DB78C9C50CEED9DA5050EFFEE272A2 ] C:\Windows\System32\upnp.dll
18:07:18.0204 3916 C:\Windows\System32\upnp.dll - ok
18:07:18.0207 3916 [ 51B52FBD583CDE8AA9BA62B8B4298F33 ] C:\Windows\System32\ssdpsrv.dll
18:07:18.0207 3916 C:\Windows\System32\ssdpsrv.dll - ok
18:07:18.0210 3916 [ D6692338B985D4A0CA52B828314D897D ] C:\Windows\SysWOW64\drprov.dll
18:07:18.0210 3916 C:\Windows\SysWOW64\drprov.dll - ok
18:07:18.0212 3916 [ D7B7159BC8374E87D8C45A30377A3440 ] C:\Windows\SysWOW64\ntlanman.dll
18:07:18.0212 3916 C:\Windows\SysWOW64\ntlanman.dll - ok
18:07:18.0215 3916 [ 284B59D7B56FC76C80E622AB856B1FAB ] C:\Windows\SysWOW64\davclnt.dll
18:07:18.0215 3916 C:\Windows\SysWOW64\davclnt.dll - ok
18:07:18.0218 3916 [ 179BECE8D1A4C488DDB7191FF9BE3FB0 ] C:\Windows\SysWOW64\davhlpr.dll
18:07:18.0218 3916 C:\Windows\SysWOW64\davhlpr.dll - ok
18:07:18.0221 3916 [ 270CBAA170C7905CBA1EA6E94788D44B ] C:\Program Files\Internet Explorer\ieproxy.dll
18:07:18.0221 3916 C:\Program Files\Internet Explorer\ieproxy.dll - ok
18:07:18.0224 3916 [ 355A138ABDFD43FBABCAE3A1B06AB93D ] C:\Windows\System32\wmpps.dll
18:07:18.0224 3916 C:\Windows\System32\wmpps.dll - ok
18:07:18.0226 3916 [ F149E8CAE538DBF7059B00326673F602 ] C:\Windows\System32\wmpmde.dll
18:07:18.0226 3916 C:\Windows\System32\wmpmde.dll - ok
18:07:18.0229 3916 [ 021287C2050FD5DB4A8B084E2C38139C ] C:\Windows\System32\WinSATAPI.dll
18:07:18.0229 3916 C:\Windows\System32\WinSATAPI.dll - ok
18:07:18.0232 3916 [ 66C87DB880052104808507D6FA84D68E ] C:\Program Files\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
18:07:18.0232 3916 C:\Program Files\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL - ok
18:07:18.0235 3916 [ 28A7D7C7E2FDD1D55F12F750CD6331EC ] C:\Windows\System32\MSMPEG2ENC.DLL
18:07:18.0235 3916 C:\Windows\System32\MSMPEG2ENC.DLL - ok
18:07:18.0238 3916 [ 46767946E7B559D981C1DC04EC0AB36F ] C:\Windows\System32\devenum.dll
18:07:18.0238 3916 C:\Windows\System32\devenum.dll - ok
18:07:18.0240 3916 [ D47EC6A8E81633DD18D2436B19BAF6DE ] C:\Windows\System32\upnphost.dll
18:07:18.0241 3916 C:\Windows\System32\upnphost.dll - ok
18:07:18.0243 3916 [ C746F3BF98E92FB137B5BD2B8B5925BD ] C:\Windows\System32\FXSST.dll
18:07:18.0243 3916 C:\Windows\System32\FXSST.dll - ok
18:07:18.0246 3916 [ 650CAEA856943E29F25A25D31E004B18 ] C:\Windows\System32\FXSAPI.dll
18:07:18.0246 3916 C:\Windows\System32\FXSAPI.dll - ok
18:07:18.0249 3916 [ C8E8B8239FCF17BEA10E751BE5854631 ] C:\Windows\System32\FXSRESM.dll
18:07:18.0249 3916 C:\Windows\System32\FXSRESM.dll - ok
18:07:18.0251 3916 [ DBEFD454F8318A0EF691FDD2EAAB44EB ] C:\Windows\System32\FXSSVC.exe
18:07:18.0251 3916 C:\Windows\System32\FXSSVC.exe - ok
18:07:18.0254 3916 [ 71E68F2443A80BD4DA89181889C457EA ] C:\Windows\System32\udhisapi.dll
18:07:18.0254 3916 C:\Windows\System32\udhisapi.dll - ok
18:07:18.0257 3916 [ A59DD04D3A7D19A263E6C6F444A6CDA6 ] C:\Program Files (x86)\Seagate\Seagate Dashboard\DevComponents.DotNetBar2.dll
18:07:18.0257 3916 C:\Program Files (x86)\Seagate\Seagate Dashboard\DevComponents.DotNetBar2.dll - ok
18:07:18.0260 3916 [ A3B86764F7D698995CFDF09D4A7E69A6 ] C:\Windows\assembly\NativeImages_v2.0.50727_32\Accessibility\2ec98ab0193d64e95b7d09d094deed97\Accessibility.ni.dll
18:07:18.0260 3916 C:\Windows\assembly\NativeImages_v2.0.50727_32\Accessibility\2ec98ab0193d64e95b7d09d094deed97\Accessibility.ni.dll - ok
18:07:18.0263 3916 [ F5853232683EA1297C102A021FEC7C46 ] C:\Program Files (x86)\Seagate\Seagate Dashboard\Memeo.Dashboard.HipServAdapter.dll
18:07:18.0263 3916 C:\Program Files (x86)\Seagate\Seagate Dashboard\Memeo.Dashboard.HipServAdapter.dll - ok
18:07:18.0266 3916 [ 5F639198C4137075DA50E61C23963C11 ] C:\Windows\System32\drprov.dll
18:07:18.0266 3916 C:\Windows\System32\drprov.dll - ok
18:07:18.0269 3916 [ BC566D17914B07ABAAB3A5A385CC3300 ] C:\Windows\System32\ntlanman.dll
18:07:18.0269 3916 C:\Windows\System32\ntlanman.dll - ok
18:07:18.0272 3916 [ B3A33600DCDFB84D7FBE09ADEB1C9B8A ] C:\Windows\System32\davclnt.dll
18:07:18.0272 3916 C:\Windows\System32\davclnt.dll - ok
18:07:18.0275 3916 [ 45B24A357C801CE62052FE0CDC8BD4D2 ] C:\Windows\System32\davhlpr.dll
18:07:18.0275 3916 C:\Windows\System32\davhlpr.dll - ok
18:07:18.0277 3916 [ DD81D91FF3B0763C392422865C9AC12E ] C:\Windows\System32\rundll32.exe
18:07:18.0278 3916 C:\Windows\System32\rundll32.exe - ok
18:07:18.0281 3916 [ 7B46A076184B73AEDC1A66A71D9131E8 ] C:\Windows\Microsoft.NET\Framework\v2.0.50727\diasymreader.dll
18:07:18.0281 3916 C:\Windows\Microsoft.NET\Framework\v2.0.50727\diasymreader.dll - ok
18:07:18.0284 3916 [ 4715F8F8CDBFFF2728BA38B789A1D7C7 ] C:\Windows\System32\wpdshext.dll
18:07:18.0284 3916 C:\Windows\System32\wpdshext.dll - ok
18:07:18.0287 3916 [ C809A0DD5C78BF1FA7DC8C9E4BB1BFF7 ] C:\Program Files (x86)\Toshiba\TOSHIBA Service Station\ToshibaServiceStation.exe
18:07:18.0287 3916 C:\Program Files (x86)\Toshiba\TOSHIBA Service Station\ToshibaServiceStation.exe - ok
18:07:18.0290 3916 [ 040CAD6E6600BCEF7A91AE9885C4158F ] C:\Windows\assembly\NativeImages_v2.0.50727_64\System.Drawing\222eb8aa336953a6b0216db2b0c4770d\System.Drawing.ni.dll
18:07:18.0290 3916 C:\Windows\assembly\NativeImages_v2.0.50727_64\System.Drawing\222eb8aa336953a6b0216db2b0c4770d\System.Drawing.ni.dll - ok
18:07:18.0293 3916 [ 1E8D1091011E1C51B44A94DE5EE89A6A ] C:\Windows\assembly\NativeImages_v2.0.50727_64\System.Windows.Forms\dc5bb74eefdbf954cdfb70dd534d5564\System.Windows.Forms.ni.dll
18:07:18.0293 3916 C:\Windows\assembly\NativeImages_v2.0.50727_64\System.Windows.Forms\dc5bb74eefdbf954cdfb70dd534d5564\System.Windows.Forms.ni.dll - ok
18:07:18.0296 3916 [ 521C21E7F6EAB98679F90CA4E135FB95 ] C:\Program Files (x86)\Toshiba\TOSHIBA Service Station\TMachInfo.exe
18:07:18.0296 3916 C:\Program Files (x86)\Toshiba\TOSHIBA Service Station\TMachInfo.exe - ok
18:07:18.0299 3916 [ E2107F227E1C174C20BEB7A51404BBAC ] C:\Windows\Microsoft.NET\Framework64\v2.0.50727\csc.exe
18:07:18.0299 3916 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\csc.exe - ok
18:07:18.0302 3916 [ 17ED2224666F6F65F8054D84A3839E71 ] C:\Windows\Microsoft.NET\Framework64\v2.0.50727\cscomp.dll
18:07:18.0302 3916 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\cscomp.dll - ok
18:07:18.0305 3916 [ EE338F7673C339D5497C97E86D1011A3 ] C:\Windows\Microsoft.NET\Framework64\v2.0.50727\alink.dll
18:07:18.0305 3916 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\alink.dll - ok
18:07:18.0308 3916 [ E3A4D59ED585226D381225521BF2A36D ] C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorpe.dll
18:07:18.0308 3916 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorpe.dll - ok
18:07:18.0311 3916 [ 449F7C92A14B7F50B898FC67202A326C ] C:\Windows\Microsoft.NET\Framework64\v2.0.50727\cvtres.exe
18:07:18.0311 3916 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\cvtres.exe - ok
18:07:18.0314 3916 [ 4370B54FC11742DC5A88DC8602729459 ] C:\Windows\assembly\NativeImages_v2.0.50727_64\System.Management\fd4a8227569e64d657b80483da8ffe78\System.Management.ni.dll
18:07:18.0315 3916 C:\Windows\assembly\NativeImages_v2.0.50727_64\System.Management\fd4a8227569e64d657b80483da8ffe78\System.Management.ni.dll - ok
18:07:18.0318 3916 [ 45375DF47ED4D0535739465105AAABE3 ] C:\Windows\Microsoft.NET\Framework64\v2.0.50727\WMINet_Utils.dll
18:07:18.0318 3916 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\WMINet_Utils.dll - ok
18:07:18.0321 3916 [ CBD4D0E9D7C761913D8C91FD269586B1 ] C:\Program Files\TOSHIBA\ReelTime\ReelTimeRemoteStorage.dll
18:07:18.0321 3916 C:\Program Files\TOSHIBA\ReelTime\ReelTimeRemoteStorage.dll - ok
18:07:18.0324 3916 [ 20E5EBC09EDFC400B13BA3AEF0880F21 ] C:\Program Files\TOSHIBA\ReelTime\DataProcess.DLL
18:07:18.0324 3916 C:\Program Files\TOSHIBA\ReelTime\DataProcess.DLL - ok
18:07:18.0327 3916 [ 2A436796758BF2555A26C770FE8A6FEE ] C:\Windows\System32\fdProxy.dll
18:07:18.0327 3916 C:\Windows\System32\fdProxy.dll - ok
18:07:18.0329 3916 [ 7E2EB3A4AE11190EF4C8A9B9A9123234 ] C:\Windows\System32\DeviceDisplayObjectProvider.exe
18:07:18.0329 3916 C:\Windows\System32\DeviceDisplayObjectProvider.exe - ok
18:07:18.0332 3916 [ 8D88F7083A9195BCF8B04C88E275A978 ] C:\Windows\System32\dmrc.dll
18:07:18.0332 3916 C:\Windows\System32\dmrc.dll - ok
18:07:18.0335 3916 [ BBF9112CB6F98BA498A59FFEEA177178 ] C:\Windows\System32\DDORes.dll
18:07:18.0335 3916 C:\Windows\System32\DDORes.dll - ok
18:07:18.0337 3916 [ 21BA4C7EB740C697451EF0941DDD2F5F ] C:\Windows\System32\fdBth.dll
18:07:18.0338 3916 C:\Windows\System32\fdBth.dll - ok
18:07:18.0341 3916 [ EEAAA8F44C7DAD4D1131B0705BEC6FD4 ] C:\Windows\System32\fdprint.dll
18:07:18.0341 3916 C:\Windows\System32\fdprint.dll - ok
18:07:18.0343 3916 [ A1CDE92DDC170D307DB3C5BAA348811B ] C:\Windows\System32\prncache.dll
18:07:18.0343 3916 C:\Windows\System32\prncache.dll - ok
18:07:18.0346 3916 [ 65C3EBEB893594298FD658338AD82A5B ] C:\Windows\System32\StorageContextHandler.dll
18:07:18.0346 3916 C:\Windows\System32\StorageContextHandler.dll - ok
18:07:18.0349 3916 [ F46B4D986BC782BD3A5B95447CD127DC ] C:\Program Files (x86)\Toshiba\TOSHIBA Sleep Utility\TSleepInfo.exe
18:07:18.0349 3916 C:\Program Files (x86)\Toshiba\TOSHIBA Sleep Utility\TSleepInfo.exe - ok
18:07:18.0352 3916 [ 679E82F9D5BE28F5B05064A2F46CE4F2 ] C:\Windows\System32\wbem\mofd.dll
18:07:18.0352 3916 C:\Windows\System32\wbem\mofd.dll - ok
18:07:18.0355 3916 [ 7C9FFA3C67ED95C28B46A8E425B82112 ] C:\Program Files (x86)\Toshiba\TOSHIBA Sleep Utility\TSleep.dll
18:07:18.0355 3916 C:\Program Files (x86)\Toshiba\TOSHIBA Sleep Utility\TSleep.dll - ok
18:07:18.0358 3916 [ 1B2548CF4AC8999EF101656B2B4CB8C1 ] C:\Program Files (x86)\Toshiba\TOSHIBA Sleep Utility\TosPwChk.dll
18:07:18.0358 3916 C:\Program Files (x86)\Toshiba\TOSHIBA Sleep Utility\TosPwChk.dll - ok
18:07:18.0361 3916 [ 97D3B0BFEAEBA0B05CA4B4161E91512C ] C:\ProgramData\Toshiba\Common\b6e8aa2d.tmp
18:07:18.0361 3916 C:\ProgramData\Toshiba\Common\b6e8aa2d.tmp - ok
18:07:18.0364 3916 [ D570279E5B017CF2EC1908FBCE113E89 ] C:\Windows\System32\wzcdlg.dll
18:07:18.0364 3916 C:\Windows\System32\wzcdlg.dll - ok
18:07:18.0367 3916 [ 6F45174675278B189EC749D17DE21EF7 ] C:\Windows\System32\sdautoplay.dll
18:07:18.0367 3916 C:\Windows\System32\sdautoplay.dll - ok
18:07:18.0369 3916 [ B7AC66C1CCD87D7C49256B5451DED4FA ] C:\Windows\System32\spp.dll
18:07:18.0369 3916 C:\Windows\System32\spp.dll - ok
18:07:18.0372 3916 [ 11C405A2DCF38E098316FD904A4FB662 ] C:\Windows\System32\sdengin2.dll
18:07:18.0373 3916 C:\Windows\System32\sdengin2.dll - ok
18:07:18.0375 3916 [ D5A9D0118E6C7DC0423C34D7726C0D12 ] C:\Program Files\Adobe\Adobe Photoshop Lightroom 4.1\lightroom.exe
18:07:18.0375 3916 C:\Program Files\Adobe\Adobe Photoshop Lightroom 4.1\lightroom.exe - ok
18:07:18.0378 3916 [ AFDFEB573CFFF6F717CC7F9E899DF161 ] C:\Program Files\Windows Photo Viewer\PhotoAcq.dll
18:07:18.0378 3916 C:\Program Files\Windows Photo Viewer\PhotoAcq.dll - ok
18:07:18.0381 3916 [ 2572E1F0254E2267E97DE1B15D099EC4 ] C:\Windows\SysWOW64\d3d10.dll
18:07:18.0381 3916 C:\Windows\SysWOW64\d3d10.dll - ok
18:07:18.0384 3916 [ 547F78746F20901C770E8653B242217C ] C:\Windows\SysWOW64\d3d10core.dll
18:07:18.0384 3916 C:\Windows\SysWOW64\d3d10core.dll - ok
18:07:18.0387 3916 [ 581E39612F6354FFC5CC1D63517242FE ] C:\Program Files (x86)\Memeo\AutoBackup\MemeoRemoteCore.dll
18:07:18.0387 3916 C:\Program Files (x86)\Memeo\AutoBackup\MemeoRemoteCore.dll - ok
18:07:18.0389 3916 ============================================================
18:07:18.0389 3916 Scan finished
18:07:18.0389 3916 ============================================================
18:07:18.0395 3516 Detected object count: 1
18:07:18.0395 3516 Actual detected object count: 1
18:07:38.0475 3516 taisregispinger ( UnsignedFile.Multi.Generic ) - skipped by user
18:07:38.0475 3516 taisregispinger ( UnsignedFile.Multi.Generic ) - User select action: Skip
18:08:28.0705 4504 Deinitialize success

#10 fireman4it

fireman4it

    Bleepin' Fireman


  • Malware Response Team
  • 13,505 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Greenup, Ill USA
  • Local time:03:22 PM

Posted 28 August 2012 - 08:32 PM

Hello,


Lets run a couple others scans make sure nothing else is around.

1.
Please download Malwarebytes Anti-Malware and save it to your desktop.
  • Important!! When you save the mbam-setup file, rename it to something random (such as 123abc.exe) before beginning the download.
Malwarebytes may "make changes to your registry" as part of its disinfection routine. If using other security programs that detect registry changes (ie Spybot's Teatimer), they may interfere or alert you. Temporarily disable such programs or permit them to allow the changes.

  • Make sure you are connected to the Internet and double-click on the renamed file to install the application.
    For instructions with screenshots, please refer to this Guide.
  • When the installation begins, follow the prompts and do not make any changes to default settings.
  • Malwarebytes will automatically start and you will be asked to update the program before performing a scan.
  • If an update is found, the program will automatically update itself. Press the OK button and continue.
  • If you encounter any problems while downloading the definition updates, manually download them from here and just double-click on mbam-rules.exe to install.
  • Under the Scanner tab, make sure the "Perform Quick Scan" option is selected.
  • Click on the Scan button.
  • When finished, a message box will say "The scan completed successfully. Click 'Show Results' to display all objects found".
  • Click OK to close the message box, then click the Show Results button to see a list of any malware that was found.
  • Make sure that everything is checked and then click Remove Selected.
  • When removal is completed, a log report will open in Notepad.
  • The log is automatically saved and can be viewed by clicking the Logs tab.
  • Copy and paste the contents of that report in your next reply. Be sure to post the complete log to include the top portion which shows the database version and your operating system.
  • Exit Malwarebytes when done.
Note: If Malwarebytes encounters a file that is difficult to remove, you will be asked to reboot your computer so it can proceed with the disinfection process. If asked to restart the computer, please do so immediately. Failure to reboot normally will prevent Malwarebytes from removing all the malware.

2.
I'd like us to scan your machine with ESET OnlineScan
  • Hold down Control and click on this link to open ESET OnlineScan in a new window.
  • Click the Posted Image button.
  • For alternate browsers only: (Microsoft Internet Explorer users can skip these steps)
    • Click on esetsmartinstaller_enu.exe to download the ESET Smart Installer. Save it to your desktop.
    • Double click on the Posted Image
      icon on your desktop.
  • Check "YES, I accept the Terms of Use."
  • Click the Start button.
  • Accept any security warnings from your browser.
  • Under scan settings, check "Scan Archives" and "Remove found threats"
  • Click Advanced settings and select the following:
    • Scan potentially unwanted applications
    • Scan for potentially unsafe applications
    • Enable Anti-Stealth technology
  • ESET will then download updates for itself, install itself, and begin scanning your computer. Please be patient as this can take some time.
  • When the scan completes, click List Threats
  • Click Export, and save the file to your desktop using a unique name, such as ESETScan. Include the contents of this report in your next reply.
  • Click the Back button.
  • Click the Finish button.


Things to include in your next reply::
MBAM log
Eset log
How is your machine running now?

" Extinguishing Malware from the world"

The Virus, Trojan, Spyware, and Malware Removal forum is very busy. If I'm helping you and I've not posted back within 24 hrs., send a PM with your topic link. Thank you.

ALL OTHER HELP REQUESTS VIA THE PM SYSTEM WILL BE IGNORED. The Forums are there for a reason!
Thanks-


  userbar_eis_500.gif

If I have helped you, consider making a donation to help me continue the fight against Malware! Just click btn_donate_LG.gif


#11 MoOPH

MoOPH
  • Topic Starter

  • Members
  • 8 posts
  • OFFLINE
  •  
  • Local time:03:22 PM

Posted 28 August 2012 - 08:37 PM

Hello,

Here is my MalwareBytes log. I will get to the second scan in the next several minutes:


Malwarebytes Anti-Malware 1.62.0.1300
www.malwarebytes.org

Database version: v2012.08.29.01

Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 9.0.8112.16421
Ken :: KEN-PC [administrator]

8/28/2012 9:35:23 PM
mbam-log-2012-08-28 (21-35-23).txt

Scan type: Quick scan
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 198376
Time elapsed: 56 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 0
(No malicious items detected)

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 0
(No malicious items detected)

Files Detected: 0
(No malicious items detected)

(end)

#12 MoOPH

MoOPH
  • Topic Starter

  • Members
  • 8 posts
  • OFFLINE
  •  
  • Local time:03:22 PM

Posted 29 August 2012 - 02:23 PM

ESET Scanner took a while because I accidentally put my computer to sleep and I had to rerun it.


ESETSmartInstaller@High as downloader log:
all ok
# version=7
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.6583
# api_version=3.0.2
# EOSSerial=46f88bd97262bb47b37106090d1c35e4
# end=finished
# remove_checked=true
# archives_checked=true
# unwanted_checked=true
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2012-08-29 03:59:15
# local_time=2012-08-28 11:59:15 (-0500, Eastern Daylight Time)
# country="United States"
# lang=1033
# osver=6.1.7601 NT Service Pack 1
# compatibility_mode=5893 16776574 100 94 54963441 97748102 0 0
# compatibility_mode=8192 67108863 100 0 0 0 0 0
# scanned=217053
# found=1
# cleaned=1
# scan_time=8102
E:\My Documents Backups\Ken\Documents\Google Talk Received Files\hello.exe Win32/KillFiles.NEQ trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C
ESETSmartInstaller@High as downloader log:
all ok
# version=7
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.6583
# api_version=3.0.2
# EOSSerial=46f88bd97262bb47b37106090d1c35e4
# end=finished
# remove_checked=true
# archives_checked=true
# unwanted_checked=true
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2012-08-29 03:52:58
# local_time=2012-08-29 11:52:58 (-0500, Eastern Daylight Time)
# country="United States"
# lang=1033
# osver=6.1.7601 NT Service Pack 1
# compatibility_mode=5893 16776574 100 94 54999196 97783857 0 0
# compatibility_mode=8192 67108863 100 0 0 0 0 0
# scanned=221991
# found=0
# cleaned=0
# scan_time=15171

#13 fireman4it

fireman4it

    Bleepin' Fireman


  • Malware Response Team
  • 13,505 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Greenup, Ill USA
  • Local time:03:22 PM

Posted 29 August 2012 - 04:43 PM

Hello, MoOPH.
Congratulations! You now appear clean! :cool:


Uninstall Combofix
  • Make sure that Combofix.exe that you downloaded is on your Desktop but Do not run it!
    o *If it is not on your Desktop, the below will not work.
  • Click on Posted Image then Run....
  • Now copy & paste the green bolded text in the run-box and click OK.

    ComboFix /Uninstall

    Posted Image

    <Notice the space between the "x" and "/".> <--- It needs to be there
    Windows Vista users: Press the Windows Key + R to bring the Run... Command and then from there you can add in the Combofix /Uninstall

  • Please advise if this step is missed for any reason as it performs some important actions:
    "This will uninstall Combofix, delete its related folders and files, reset your clock settings, hide file extensions, hide the system/hidden files and resets System Restore again.
    It also makes a clean Restore Point and flashes all the old restore points in order to prevent possible reinfection from an old one through system restore".




Are things running okay? Do you have any more questions?

System Still Slow?
You may wish to try StartupLite. Simply download this tool to your desktop and run it. It will explain any optional auto-start programs on your system, and offer the option to stop these programs from starting at startup. This will result in fewer programs running when you boot your system, and should improve preformance.
If that does not work, you can try the steps mentioned in Slow Computer/browser? Check Here First; It May Not Be Malware.

We Need to Clean Up Our Mess
  • Download OTC by OldTimer and save it to your desktop.
  • Double click Posted Image icon to start the program. If you are using Vista, please right-click and choose run as administrator
  • Then Click the big Posted Image button.
  • You will get a prompt saying "Being Cleanup Process". Please select Yes.
  • Restart your computer when prompted.




One of the most common questions found when cleaning malware is "how did my machine get infected?"

There are a variety of reasons, but the most common ones are that you are not practicing Safe Internet, you are not running the proper security software or that your computer's security settings are set too low.

Below I have outlined a series of categories that outline how you can increase the security of your computer to help reduce the chance of being infected again in the future.

Do not use P2P programs
Peer-to-peer or file-sharing programs (such as uTorrent, Limewire and Bitorrent) are probably the primary route of infection nowadays. These programs allow file sharing between users as the name(s) suggest. It is almost impossible to know whether the file you’re downloading through P2P programs is safe.

It is therefore possible to be infected by downloading infected files via peer-to-peer programs and so I recommend that you do not use these programs. Should you wish to use them, they must be used with extreme care. Some further reading on this subject, along with included links, are as follows: "File-Sharing, otherwise known as Peer To Peer" and "Risks of File-Sharing Technology."

In addition, P2P programs facilitate cyber crime and help distribute pirated software, movies and other illegal material.

Practice Safe Internet
Another one of the main reasons people get infected in the first place is that they are not practicing Safe Internet. You practice Safe Internet when you educate yourself on how to properly use the Internet through the use of security tools and good practice. Knowing how you can get infected and what types of files and sites to avoid will be the most crucial step in keeping your computer malware free. The reality is that the majority of people who are infected with malware are ones who click on things they shouldn't be clicking on. Whether these things are files or sites it doesn't really matter. If something is out to get you, and you click on it, it most likely will.

Below are a list of simple precautions to take to keep your computer clean and running securely:
  • If you receive an attachment from someone you do not know, DO NOT OPEN IT! Simple as that. Opening attachments from people you do not know is a very common method for viruses or worms to infect your computer.
  • If you receive an attachment and it ends with a .exe, .com, .bat, or .pif do not open the attachment unless you know for a fact that it is clean. For the casual computer user, you will almost never receive a valid attachment of this type.
  • If you receive an attachment from someone you know, and it looks suspicious, then it probably is. The email could be from someone you know who is themselves infected with malware which is trying to infect everyone in their address book. A key thing to look out for here is: does the email sound as though it’s from the person you know? Often, the email may simply have a web link or a “Run this file to make your PC run fast” message in it.
  • If you are browsing the Internet and a popup appears saying that you are infected, ignore it!. These are, as far as I am concerned, scams that are being used to scare you into purchasing a piece of software. For an example of these types of pop-ups, or Foistware, you should read this article: Foistware, And how to avoid it.
    There are also programs that disguise themselves as Anti-Spyware or security products but are instead scams. Removal instructions for a lot of these "rogues" can be found here.
  • Another tactic to fool you on the web is when a site displays a popup that looks like a normal Windows message or alert. When you click on them, though, they instead bring you to another site that is trying to push a product on you, or will download a file to your PC without your knowledge. You can check to see if it's a real alert by right-clicking on the window. If there is a menu that comes up saying Add to Favorites... you know it's a fake. DO NOT click on these windows, instead close them by finding the open window on your http://en.wikipedia.org/wiki/Taskbar#Screenshots '>Taskbar, right click and chose close.
  • Do not visit pornographic websites. I know this may bother some of you, but the fact is that a large amount of malware is pushed through these types of sites. I am not saying all adult sites do this, but a lot do, as this can often form part of their funding.
  • When using an Instant Messaging program be cautious about clicking on links people send to you. It is not uncommon for infections to send a message to everyone in the infected person's contact list that contains a link to an infection. Instead when you receive a message that contains a link you should message back to the person asking if it is legit.
  • Stay away from Warez and Crack sites! As with Peer-2-Peer programs, in addition to the obvious copyright issues, the downloads from these sites are typically overrun with infections.
  • Be careful of what you download off of web sites and Peer-2-Peer networks. Some sites disguise malware as legitimate software to trick you into installing them and Peer-2-Peer networks are crawling with it. If you want to download files from a site, and are not sure if they are legitimate, you can use tools such as BitDefender Traffic Light, Norton Safe Web, or McAfee SiteAdvisor to look up info on the site and stay protected against malicious sites. Please be sure to only choose and install one of those tool bars.
  • DO NOT INSTALL any software without first reading the End User License Agreement, otherwise known as the EULA. A tactic that some developers use is to offer their software for free, but have spyware and other programs you do not want bundled with it. This is where they make their money. By reading the agreement there is a good chance you can spot this and not install the software.
    Sometimes even legitimate programs will try to bundle extra, unwanted, software with the program you want - this is done to raise money for the program. Be sure to untick any boxes which may indicate that other programs will be downloaded.

Keep Windows up-to-date
Microsoft continually releases security and stability updates for its supported operating systems and you should always apply these to help keep your PC secure.

  • Windows XP users
    You should visit Windows Update to check for the latest updates to your system. The latest service pack (SP3) can be obtained directly from Microsoft here.
  • Windows Vista users
    You should run the Windows Update program from your start menu to access the latest updates to your operating system (information can be found here). The latest service pack (SP2) can be obtained directly from Microsoft here.
  • Windows 7 users
    You should run the Windows Update program from your start menu to access the latest updates to your operating system (information can be found here). The latest service pack (SP1) can be obtained directly from Microsoft here


Keep your browser secure
Most modern browsers have come on in leaps and bounds with their inbuilt, default security. The best way to keep your browser secure nowadays is simply to keep it up-to-date.

The latest versions of the three common browsers can be found below:

Use an AntiVirus Software
It is very important that your computer has an up-to-date anti-virus software on it which has a real-time agent running. This alone can save you a lot of trouble with malware in the future.
See this link for a listing of some online & their stand-alone antivirus programs: Virus, Spyware, and Malware Protection and Removal Resources, a couple of free Anti-Virus programs you may be interested in are Microsoft Security Essentials and Avast.

It is imperative that you update your Antivirus software at least once a week (even more if you wish). If you do not update your antivirus software then it will not be able to catch any of the new variants that may come out. If you use a commercial antivirus program you must make sure you keep renewing your subscription. Otherwise, once your subscription runs out, you may not be able to update the programs virus definitions.

Use a Firewall
I can not stress how important it is that you use a Firewall on your computer. Without a firewall your computer is susceptible to being hacked and taken over. Simply using a Firewall in its default configuration can lower your risk greatly.

All versions of Windows starting from XP have an in-built firewall. With Windows XP this firewall will protect you from incoming traffic (i.e. hackers). Starting with Windows Vista, the firewall was beefed up to also protect you against outgoing traffic (i.e. malicious programs installed on your machine should be blocked from sending data, such as your bank details and passwords, out).

In addition, if you connect to the internet via a router, this will normally have a firewall in-built.

Some people will recommend installing a different firewall (instead of the Windows’ built one), this is personal choice, but the message is to definitely have one! For a tutorial on Firewalls and a listing of some available ones see this link: Understanding and Using Firewalls

Install an Anti-Malware program
Recommended, and free, Anti-Malware programs are Malwarebytes Anti-Malware and SuperAntiSpyware.

You should regularly (perhaps once a week) scan your computer with an Anti-Malware program just as you would with an antivirus software.

Make sure your applications have all of their updates
It is also possible for other programs on your computer to have security vulnerability that can allow malware to infect you. Therefore, it is very important to check for the latest versions of commonly installed applications that are regularly patched to fix vulnerabilities (such as Adobe Reader and Java). You can check these by visiting Secunia Software Inspector.

Follow this list and your potential for being infected again will reduce dramatically.

" Extinguishing Malware from the world"

The Virus, Trojan, Spyware, and Malware Removal forum is very busy. If I'm helping you and I've not posted back within 24 hrs., send a PM with your topic link. Thank you.

ALL OTHER HELP REQUESTS VIA THE PM SYSTEM WILL BE IGNORED. The Forums are there for a reason!
Thanks-


  userbar_eis_500.gif

If I have helped you, consider making a donation to help me continue the fight against Malware! Just click btn_donate_LG.gif


#14 MoOPH

MoOPH
  • Topic Starter

  • Members
  • 8 posts
  • OFFLINE
  •  
  • Local time:03:22 PM

Posted 30 August 2012 - 04:17 PM

Okay, I've done all that and everything looks clean.

Thank you so much for your help! I was able to get my computer cleaned up just before classes start for the semester.

Thank you again!

#15 fireman4it

fireman4it

    Bleepin' Fireman


  • Malware Response Team
  • 13,505 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Greenup, Ill USA
  • Local time:03:22 PM

Posted 30 August 2012 - 05:30 PM

It appears that this issue is resolved, therefore I am closing the topic. If that is not the case and you need or wish to continue with this topic, please send me or any Moderator a Personal Message (PM) that you would like this topic re-opened.

" Extinguishing Malware from the world"

The Virus, Trojan, Spyware, and Malware Removal forum is very busy. If I'm helping you and I've not posted back within 24 hrs., send a PM with your topic link. Thank you.

ALL OTHER HELP REQUESTS VIA THE PM SYSTEM WILL BE IGNORED. The Forums are there for a reason!
Thanks-


  userbar_eis_500.gif

If I have helped you, consider making a donation to help me continue the fight against Malware! Just click btn_donate_LG.gif





0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users