Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

TORPIG trojan: Dorm IT team says I have this in computer...


  • This topic is locked This topic is locked
29 replies to this topic

#1 vmoose

vmoose

  • Members
  • 14 posts
  • OFFLINE
  •  
  • Local time:02:56 AM

Posted 06 December 2012 - 09:09 AM

Hi,
My dorm IT personnel has recently locked my computer out of the wireless network saying its been infected by the torpig trojan. It must have gotten past the Trend Micro Titanium firewall I have up. I have used Trend Micro, Malware Bytes and Microsoft Safety Scanner, none of which have found the Torpig Trojan (unless it's hidden somewhere and is not called 'torpig trojan' when found. I used combofix (as suggested by the Dorm IT guy) and this is the log... not sure what to do now. Is the Torpig gone already?

ComboFix 12-12-04.01 - Vanessa Wong 07/12/2012 0:35.1.4 - x86
Microsoft Windows 7 Home Premium 6.1.7601.1.1252.61.1033.18.2998.1329 [GMT 11:00]
Running from: c:\users\Vanessa Wong\Downloads\ComboFix.exe
AV: Trend Micro Titanium Maximum Security 2012 *Disabled/Updated* {B7599298-8445-728A-A5C7-A26A082C8BDA}
SP: Trend Micro Titanium Maximum Security 2012 *Disabled/Updated* {0C38737C-A27F-7D04-9F77-991873ABC167}
SP: Windows Defender *Disabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
* Created a new restore point
.
.
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\users\Vanessa Wong\AppData\Local\Microsoft\Windows\Temporary Internet Files\{00788B6A-94A7-4589-B2B5-5344784473ED}.xps
c:\users\Vanessa Wong\AppData\Local\Microsoft\Windows\Temporary Internet Files\{171D49D8-BAF1-471F-BEDC-2B4D94D26BC9}.xps
c:\users\Vanessa Wong\AppData\Local\Microsoft\Windows\Temporary Internet Files\{182D5AF9-86CD-44E9-B578-A6A1AC71FB53}.xps
c:\users\Vanessa Wong\AppData\Local\Microsoft\Windows\Temporary Internet Files\{81FF8524-21A2-44AF-ACEC-FD7A77B7A52A}.xps
c:\windows\system32\service
c:\windows\system32\service\04072011_TIS17_SfFniAU.log
c:\windows\system32\Thumbs.db
.
.
((((((((((((((((((((((((( Files Created from 2012-11-06 to 2012-12-06 )))))))))))))))))))))))))))))))
.
.
2012-12-06 13:45 . 2012-12-06 13:45 -------- d-----w- c:\users\Default\AppData\Local\temp
2012-12-06 00:57 . 2011-02-17 07:26 356352 ----a-w- c:\windows\eSellerateEngine.dll
2012-12-06 00:57 . 2012-12-06 02:02 -------- d-----w- c:\program files\Torpig Removal Tool
2012-12-06 00:57 . 2011-02-17 07:26 81920 ----a-w- c:\windows\eSellerateControl350.dll
2012-12-06 00:53 . 2012-12-06 00:53 -------- d-----w- c:\programdata\Sophos
2012-12-06 00:47 . 2012-12-06 00:47 -------- d-----w- C:\sec_51
2012-12-05 10:46 . 2012-12-05 10:46 -------- d-----w- c:\users\Vanessa Wong\AppData\Roaming\Malwarebytes
2012-12-05 10:45 . 2012-12-05 10:45 -------- d-----w- c:\programdata\Malwarebytes
2012-12-05 10:45 . 2012-12-05 10:45 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2012-12-05 10:45 . 2012-09-29 08:54 22856 ----a-w- c:\windows\system32\drivers\mbam.sys
2012-12-04 09:49 . 2012-12-04 09:49 -------- d-----w- c:\programdata\Wild Tangent
2012-11-21 13:32 . 2012-07-26 03:39 47720 ----a-w- c:\windows\system32\drivers\WdfLdr.sys
2012-11-21 13:32 . 2012-07-26 03:39 526952 ----a-w- c:\windows\system32\drivers\Wdf01000.sys
2012-11-21 13:32 . 2012-07-26 02:46 9728 ----a-w- c:\windows\system32\Wdfres.dll
2012-11-19 02:01 . 2012-10-03 16:58 1293680 ----a-w- c:\windows\system32\drivers\tcpip.sys
2012-11-19 02:01 . 2012-10-03 16:42 52224 ----a-w- c:\windows\system32\nlaapi.dll
2012-11-19 02:01 . 2012-10-03 16:42 242176 ----a-w- c:\windows\system32\nlasvc.dll
2012-11-19 02:01 . 2012-10-03 16:42 18944 ----a-w- c:\windows\system32\netevent.dll
2012-11-19 02:01 . 2012-10-03 16:42 175104 ----a-w- c:\windows\system32\netcorehc.dll
2012-11-19 02:01 . 2012-10-03 16:42 156672 ----a-w- c:\windows\system32\ncsi.dll
2012-11-19 02:01 . 2012-10-03 16:40 499712 ----a-w- c:\windows\system32\iphlpsvc.dll
2012-11-19 02:01 . 2012-10-03 15:21 35328 ----a-w- c:\windows\system32\drivers\tcpipreg.sys
2012-11-19 02:01 . 2012-09-25 22:47 78336 ----a-w- c:\windows\system32\synceng.dll
2012-11-19 02:01 . 2012-10-18 17:59 2345984 ----a-w- c:\windows\system32\win32k.sys
2012-11-19 02:01 . 2012-10-09 17:40 44032 ----a-w- c:\windows\system32\dhcpcsvc6.dll
2012-11-19 02:01 . 2012-10-09 17:40 193536 ----a-w- c:\windows\system32\dhcpcore6.dll
2012-11-08 11:00 . 2012-11-08 11:00 -------- d-----w- c:\users\Vanessa Wong\AppData\Local\Facebook
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2012-10-16 07:39 . 2012-11-27 22:54 561664 ----a-w- c:\windows\apppatch\AcLayers.dll
2012-09-26 11:23 . 2009-07-14 02:05 152576 ----a-w- c:\windows\system32\msclmd.dll
2012-09-24 11:01 . 2012-02-18 12:20 95224 ----a-w- c:\windows\system32\drivers\tmactmon.sys
2012-09-24 11:00 . 2012-02-18 12:20 76648 ----a-w- c:\windows\system32\drivers\tmevtmgr.sys
2012-09-24 11:00 . 2012-02-18 12:20 257952 ----a-w- c:\windows\system32\drivers\tmcomm.sys
2012-09-14 18:28 . 2012-10-10 08:10 2048 ----a-w- c:\windows\system32\tzres.dll
2009-05-01 21:02 . 2009-05-01 21:02 1044480 ----a-w- c:\program files\mozilla firefox\plugins\libdivx.dll
2009-05-01 21:02 . 2009-05-01 21:02 200704 ----a-w- c:\program files\mozilla firefox\plugins\ssldivx.dll
2012-02-19 10:08 . 2011-05-10 23:35 134104 ----a-w- c:\program files\mozilla firefox\components\browsercomps.dll
.
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt1]
@="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]
2011-12-05 19:17 94208 ----a-w- c:\users\Vanessa Wong\AppData\Roaming\Dropbox\bin\DropboxExt.14.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt2]
@="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]
2011-12-05 19:17 94208 ----a-w- c:\users\Vanessa Wong\AppData\Roaming\Dropbox\bin\DropboxExt.14.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt3]
@="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]
2011-12-05 19:17 94208 ----a-w- c:\users\Vanessa Wong\AppData\Roaming\Dropbox\bin\DropboxExt.14.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"="c:\program files\Common Files\Ahead\Lib\NMBgMonitor.exe" [2007-03-07 149040]
"MobileDocuments"="c:\program files\Common Files\Apple\Internet Services\ubd.exe" [2012-02-23 59240]
"TK8 StickyNotes"="c:\program files\TK8 StickyNotes\TK8StickyNotes.exe" [2012-08-02 10134360]
"Facebook Update"="c:\users\Vanessa Wong\AppData\Local\Facebook\Update\FacebookUpdate.exe" [2012-11-08 138096]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2010-02-26 141848]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2010-02-26 175640]
"Persistence"="c:\windows\system32\igfxpers.exe" [2010-02-26 167960]
"TPwrMain"="c:\program files\TOSHIBA\Power Saver\TPwrMain.EXE" [2009-11-06 480608]
"HSON"="c:\program files\TOSHIBA\TBS\HSON.exe" [2009-03-09 55160]
"SmoothView"="c:\program files\Toshiba\SmoothView\SmoothView.exe" [2009-07-28 460088]
"00TCrdMain"="c:\program files\TOSHIBA\FlashCards\TCrdMain.exe" [2010-03-03 742712]
"cAudioFilterAgent"="c:\program files\Conexant\cAudioFilterAgent\cAudioFilterAgent.exe" [2010-03-10 496184]
"SmartAudio"="c:\program files\CONEXANT\SAII\SAIICpl.exe" [2010-04-28 307768]
"SynTPEnh"="c:\program files\Synaptics\SynTP\SynTPEnh.exe" [2010-03-11 1697064]
"SmartFaceVWatcher"="c:\program files\Toshiba\SmartFaceV\SmartFaceVWatcher.exe" [2009-10-20 163840]
"Teco"="c:\program files\TOSHIBA\TECO\Teco.exe" [2010-02-26 1323008]
"TosSENotify"="c:\program files\TOSHIBA\TOSHIBA HDD SSD Alert\TosWaitSrv.exe" [2010-02-06 611672]
"ToshibaServiceStation"="c:\program files\TOSHIBA\TOSHIBA Service Station\ToshibaServiceStation.exe" [2009-10-06 1294136]
"TosWaitSrv"="c:\program files\TOSHIBA\TPHM\TosWaitSrv.exe" [2010-02-24 611672]
"TWebCamera"="c:\program files\TOSHIBA\TOSHIBA Web Camera Application\TWebCamera.exe" [2010-02-24 2454840]
"Bing Bar"="c:\program files\MSN Toolbar\Platform\5.0.1407.0\mswinext.exe" [2010-03-12 243032]
"Microsoft Default Manager"="c:\program files\Microsoft\Search Enhancement Pack\Default Manager\DefMgr.exe" [2009-11-12 288088]
"NortonOnlineBackupReminder"="c:\program files\Symantec\Norton Online Backup\Activation\NOBuActivation.exe" [2010-02-18 3272040]
"TosVolRegulator"="c:\program files\TOSHIBA\TosVolRegulator\TosVolRegulator.exe" [2009-11-11 22840]
"TosNC"="c:\program files\Toshiba\BulletinBoard\TosNcCore.exe" [2010-03-09 467816]
"TosReelTimeMonitor"="c:\program files\TOSHIBA\ReelTime\TosReelTimeMonitor.exe" [2010-02-24 30040]
"BigPondWirelessBroadbandCM"="c:\program files\Telstra\Mobile Broadband Manager\TelstraUCM.exe" [2010-05-14 4352408]
"NeroFilterCheck"="c:\program files\Common Files\Ahead\Lib\NeroCheck.exe" [2007-03-07 161328]
"APSDaemon"="c:\program files\Common Files\Apple\Apple Application Support\APSDaemon.exe" [2012-08-27 59280]
"Trend Micro Titanium"="c:\program files\Trend Micro\Titanium\UIFramework\uiWinMgr.exe" [2012-09-08 1304824]
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2012-07-31 38872]
"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2012-07-11 919008]
"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2012-01-18 254696]
"QuickTime Task"="c:\program files\QuickTime\QTTask.exe" [2012-04-18 421888]
"ConnectionCenter"="c:\program files\Citrix\ICA Client\concentr.exe" [2012-05-22 371896]
"iTunesHelper"="c:\program files\iTunes\iTunesHelper.exe" [2012-09-09 421776]
"Trend Micro Client Framework"="c:\program files\Trend Micro\UniClient\UiFrmWrk\UIWatchDog.exe" [2012-02-27 133424]
.
c:\users\Vanessa Wong\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
Dropbox.lnk - c:\users\Vanessa Wong\AppData\Roaming\Dropbox\bin\Dropbox.exe [2012-5-25 27112840]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows]
"AppInit_DLLs"=c:\progra~1\Citrix\ICACLI~1\RSHook.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"aux"=wdmaud.drv
.
R2 SkypeUpdate;Skype Updater;c:\program files\Skype\Updater\Updater.exe [x]
R3 ivusb;Initio Driver for USB Default Controller;c:\windows\system32\DRIVERS\ivusb.sys [x]
R3 massfilter;ZTE Mass Storage Filter Driver;c:\windows\system32\drivers\massfilter.sys [x]
R3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader;c:\windows\system32\Drivers\RtsUStor.sys [x]
R3 SrvHsfHDA;SrvHsfHDA;c:\windows\system32\DRIVERS\VSTAZL3.SYS [x]
R3 SrvHsfV92;SrvHsfV92;c:\windows\system32\DRIVERS\VSTDPV3.SYS [x]
R3 SrvHsfWinac;SrvHsfWinac;c:\windows\system32\DRIVERS\VSTCNXT3.SYS [x]
R3 TMachInfo;TMachInfo;c:\program files\TOSHIBA\TOSHIBA Service Station\TMachInfo.exe [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [x]
R3 WatAdminSvc;Windows Activation Technologies Service;c:\windows\system32\Wat\WatAdminSvc.exe [x]
R3 WDC_SAM;WD SCSI Pass Thru driver;c:\windows\system32\DRIVERS\wdcsam.sys [x]
R3 ZTEusbnet;ZTE USB-NDIS miniport;c:\windows\system32\DRIVERS\ZTEusbnet.sys [x]
S1 ctxusbm;Citrix USB Monitor Driver;c:\windows\system32\DRIVERS\ctxusbm.sys [x]
S1 tmevtmgr;tmevtmgr;c:\windows\system32\DRIVERS\tmevtmgr.sys [x]
S2 Amsp;Trend Micro Solution Platform;c:\program files\Trend Micro\AMSP\coreServiceShell.exe coreFrameworkHost.exe [x]
S2 cfWiMAXService;ConfigFree WiMAX Service;c:\program files\TOSHIBA\ConfigFree\CFIWmxSvcs.exe [x]
S2 ConfigFree Service;ConfigFree Service;c:\program files\TOSHIBA\ConfigFree\CFSvcs.exe [x]
S2 HsfXAudioService;HsfXAudioService;c:\windows\system32\svchost.exe [x]
S2 MBAMScheduler;MBAMScheduler;c:\program files\Malwarebytes' Anti-Malware\mbamscheduler.exe [x]
S2 MBAMService;MBAMService;c:\program files\Malwarebytes' Anti-Malware\mbamservice.exe [x]
S2 Norton PC Checkup Application Launcher;Norton PC Checkup Application Launcher;c:\program files\Norton PC Checkup\Engine\2.0.3.202\SymcPCCULaunchSvc.exe [x]
S2 PCCUJobMgr;Common Client Job Manager Service;c:\program files\Norton PC Checkup\Engine\2.0.3.202\ccSvcHst.exe [x]
S2 TOSHIBA eco Utility Service;TOSHIBA eco Utility Service;c:\program files\TOSHIBA\TECO\TecoService.exe [x]
S2 TVALZFL;TOSHIBA ACPI-Based Value Added Logical and General Purpose Device Filter Driver;c:\windows\system32\DRIVERS\TVALZFL.sys [x]
S2 UNS;Intel® Management & Security Application User Notification Service;c:\program files\Intel\Intel® Management Engine Components\UNS\UNS.exe [x]
S3 Impcd;Impcd;c:\windows\system32\DRIVERS\Impcd.sys [x]
S3 L1C;NDIS Miniport Driver for Atheros AR813x/AR815x PCI-E Ethernet Controller;c:\windows\system32\DRIVERS\L1C62x86.sys [x]
S3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [x]
S3 PGEffect;Pangu effect driver;c:\windows\system32\DRIVERS\pgeffect.sys [x]
S3 QIOMem;Generic IO & Memory Access;c:\windows\system32\DRIVERS\QIOMem.sys [x]
S3 rtl8192se;Realtek Wireless LAN 802.11n PCI-E NIC NT Driver;c:\windows\system32\DRIVERS\rtl8192se.sys [x]
S3 TOSHIBA HDD SSD Alert Service;TOSHIBA HDD SSD Alert Service;c:\program files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSmartSrv.exe [x]
S3 TPCHSrv;TPCH Service;c:\program files\TOSHIBA\TPHM\TPCHSrv.exe [x]
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
HsfXAudioService REG_MULTI_SZ HsfXAudioService
.
Contents of the 'Scheduled Tasks' folder
.
2012-12-06 c:\windows\Tasks\FacebookUpdateTaskUserS-1-5-21-4056854143-918768083-863506422-1005Core.job
- c:\users\Vanessa Wong\AppData\Local\Facebook\Update\FacebookUpdate.exe [2012-11-08 11:03]
.
2012-12-06 c:\windows\Tasks\FacebookUpdateTaskUserS-1-5-21-4056854143-918768083-863506422-1005UA.job
- c:\users\Vanessa Wong\AppData\Local\Facebook\Update\FacebookUpdate.exe [2012-11-08 11:03]
.
2012-12-06 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-4056854143-918768083-863506422-1005Core.job
- c:\users\Vanessa Wong\AppData\Local\Google\Update\GoogleUpdate.exe [2012-03-01 08:02]
.
2012-12-06 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-4056854143-918768083-863506422-1005UA.job
- c:\users\Vanessa Wong\AppData\Local\Google\Update\GoogleUpdate.exe [2012-03-01 08:02]
.
.
------- Supplementary Scan -------
.
uStart Page = hxxp://toshiba.msn.com
uInternet Settings,ProxyOverride = *.local
TCP: DhcpNameServer = 10.0.0.1
FF - ProfilePath - c:\users\Vanessa Wong\AppData\Roaming\Mozilla\Firefox\Profiles\exgmq3xm.default\
FF - prefs.js: browser.startup.homepage - hxxp://www.google.com.au/
FF - prefs.js: keyword.URL - hxxp://search.babylon.com/?AF=100482&babsrc=adbartrp&mntrId=ba8adc0800000000000060eb6994b5cf&q=
FF - prefs.js: network.proxy.type - 0
FF - user.js: extensions.BabylonToolbar_i.babTrack - affID=100482
FF - user.js: extensions.BabylonToolbar_i.babExt -
FF - user.js: extensions.BabylonToolbar_i.srcExt - ss
FF - user.js: extensions.BabylonToolbar_i.id - ba8adc0800000000000060eb6994b5cf
FF - user.js: extensions.BabylonToolbar_i.hardId - ba8adc0800000000000060eb6994b5cf
FF - user.js: extensions.BabylonToolbar_i.instlDay - 15342
FF - user.js: extensions.BabylonToolbar_i.vrsn - 1.5.3.17
FF - user.js: extensions.BabylonToolbar_i.vrsni - 1.5.3.17
FF - user.js: extensions.BabylonToolbar_i.vrsnTs - 1.5.3.1721:57
FF - user.js: extensions.BabylonToolbar_i.prtnrId - babylon
FF - user.js: extensions.BabylonToolbar_i.prdct - BabylonToolbar
FF - user.js: extensions.BabylonToolbar_i.aflt - babsst
FF - user.js: extensions.BabylonToolbar_i.smplGrp - none
FF - user.js: extensions.BabylonToolbar_i.tlbrId - tb9
FF - user.js: extensions.BabylonToolbar_i.instlRef - sst
.
- - - - ORPHANS REMOVED - - - -
.
Toolbar-Locked - (no file)
.
.
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\PCCUJobMgr]
"ImagePath"="\"c:\program files\Norton PC Checkup\Engine\2.0.3.202\ccSvcHst.exe\" /s \"PCCUJobMgr\" /m \"c:\program files\Norton PC Checkup\Engine\2.0.3.202\diMaster.dll\" /prefetch:1"
.
--------------------- LOCKED REGISTRY KEYS ---------------------
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
"MSCurrentCountry"=dword:00000009
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Completion time: 2012-12-07 00:46:47
ComboFix-quarantined-files.txt 2012-12-06 13:46
.
Pre-Run: 192,704,045,056 bytes free
Post-Run: 193,352,175,616 bytes free
.
- - End Of File - - FBF6E59134829088257F83C8B62C3BDA

BC AdBot (Login to Remove)

 


#2 gringo_pr

gringo_pr

    Bleepin Gringo


  • Malware Response Team
  • 136,772 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Puerto rico
  • Local time:12:56 PM

Posted 06 December 2012 - 08:38 PM

Greetings and Welcome to The Forums!!

My name is Gringo and I'll be glad to help you with your malware problems.

I have put together somethings for you to keep in mind while I am helping you to make things go easier and faster for both of us

  • Please do not run any tools unless instructed to do so.
    • We ask you to run different tools in a specific order to ensure the malware is completely removed from your machine, and running any additional tools may detect false positives, interfere with our tools, or cause unforeseen damage or system instability.
  • Please do not attach logs or use code boxes, just copy and paste the text.
    • Due to the high volume of logs we receive it helps to receive everything in the same format, and code boxes make the logs very difficult to read. Also, attachments require us to download and open the reports when it is easier to just read the reports in your post.
  • Please read every post completely before doing anything.
    • Pay special attention to the NOTE: lines, these entries identify an individual issue or important step in the cleanup process.
  • Please provide feedback about your experience as we go.
    • A short statement describing how the computer is working helps us understand where to go next, for example: I am still getting redirected, the computer is running normally, etc. Please do not describe the computer as "the same", this requires the extra step of looking back at your previous post.
NOTE: At the top of your post, click on the Watch Topic Button, select Immediate Notification, and click on Proceed. This will send you an e-mail as soon as I reply to your topic, allowing us to resolve the issue faster.

NOTE: Backup any files that cannot be replaced. Removing malware can be unpredictable and this step can save a lot of heartaches if things don't go as planed. You can put them on a CD/DVD, external drive or a pen drive, anywhere except on the computer.

NOTE: It is good practice to copy and paste the instructions into notepad and print them in case it is necessary for you to go offline during the cleanup process. To open notepad, navigate to Start Menu > All Programs > Accessories > Notepad. Please remember to copy the entire post so you do not miss any instructions.




These are the programs I would like you to run next, if you have any problems with these just skip it and run the next one.

-Security Check-

  • Download Security Check by screen317 from here.
  • Save it to your Desktop.
  • Double click SecurityCheck.exe and follow the onscreen instructions inside of the black box.
  • A Notepad document should open automatically called checkup.txt; please post the contents of that document.

-AdwCleaner-

  • Please download AdwCleaner by Xplode onto your desktop.
  • Close all open programs and internet browsers.
  • Double click on AdwCleaner.exe to run the tool.
  • Click on Delete.
  • Confirm each time with Ok.
  • Your computer will be rebooted automatically. A text file will open after the restart.
  • Please post the content of that logfile with your next answer.
  • You can find the logfile at C:\AdwCleaner[S1].txt as well.

--RogueKiller--

  • Download & SAVE to your Desktop RogueKiller or from here
  • Quit all programs that you may have started.
  • Please disconnect any USB or external drives from the computer before you run this scan!
  • For Vista or Windows 7, right-click and select "Run as Administrator to start"
  • For Windows XP, double-click to start.
  • Wait until Prescan has finished ...
  • Then Click on "Scan" button
  • Wait until the Status box shows "Scan Finished"
  • click on "delete"
  • Wait until the Status box shows "Deleting Finished"
  • Click on "Report" and copy/paste the content of the Notepad into your next reply.
  • The log should be found in RKreport[1].txt on your Desktop
  • Exit/Close RogueKiller+

Gringo
I Close My Topics If You Have Not Replied In 5 Days If You Will Be Longer Please Let Me Know

If I Have Not Replied To One Of My Topics In 48 Hrs Please Bump The Topic



My help is free, however, if you wish to make a small donation to show your appreciation or to help me continue the fight against Malware, then click here -->btn_donate_SM.gif<-- Don't worry every little bit helps.

Proud Graduate Of Malware Removal University

#3 gringo_pr

gringo_pr

    Bleepin Gringo


  • Malware Response Team
  • 136,772 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Puerto rico
  • Local time:12:56 PM

Posted 09 December 2012 - 02:21 PM

Hello

48 Hour bump

It has been more than 48 hours since my last post.

  • do you still need help with this?
  • do you need more time?
  • are you having problems following my instructions?
  • if after 48hrs you have not replied to this thread then it will have to be closed!

Gringo
I Close My Topics If You Have Not Replied In 5 Days If You Will Be Longer Please Let Me Know

If I Have Not Replied To One Of My Topics In 48 Hrs Please Bump The Topic



My help is free, however, if you wish to make a small donation to show your appreciation or to help me continue the fight against Malware, then click here -->btn_donate_SM.gif<-- Don't worry every little bit helps.

Proud Graduate Of Malware Removal University

#4 vmoose

vmoose
  • Topic Starter

  • Members
  • 14 posts
  • OFFLINE
  •  
  • Local time:02:56 AM

Posted 09 December 2012 - 06:41 PM

Hi Gringo
Could you please give me another 48hrs. I do not have Internet in my dorm so I need to wait to return home to download the programs.

Thanks

#5 gringo_pr

gringo_pr

    Bleepin Gringo


  • Malware Response Team
  • 136,772 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Puerto rico
  • Local time:12:56 PM

Posted 09 December 2012 - 09:24 PM

No problem and I will check on you in a couyple of days



gringo
I Close My Topics If You Have Not Replied In 5 Days If You Will Be Longer Please Let Me Know

If I Have Not Replied To One Of My Topics In 48 Hrs Please Bump The Topic



My help is free, however, if you wish to make a small donation to show your appreciation or to help me continue the fight against Malware, then click here -->btn_donate_SM.gif<-- Don't worry every little bit helps.

Proud Graduate Of Malware Removal University

#6 gringo_pr

gringo_pr

    Bleepin Gringo


  • Malware Response Team
  • 136,772 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Puerto rico
  • Local time:12:56 PM

Posted 12 December 2012 - 12:41 AM

Greetings


I have not heard from you in a couple of days so I am coming by to check on you to see if you are having problems or you just need some more time.

Also to remind you that it is very important that we finish the process completely so as to not get reinfected. I will let you know when we are complete and I will ask to remove our tools




Gringo
I Close My Topics If You Have Not Replied In 5 Days If You Will Be Longer Please Let Me Know

If I Have Not Replied To One Of My Topics In 48 Hrs Please Bump The Topic



My help is free, however, if you wish to make a small donation to show your appreciation or to help me continue the fight against Malware, then click here -->btn_donate_SM.gif<-- Don't worry every little bit helps.

Proud Graduate Of Malware Removal University

#7 vmoose

vmoose
  • Topic Starter

  • Members
  • 14 posts
  • OFFLINE
  •  
  • Local time:02:56 AM

Posted 12 December 2012 - 02:11 AM

Yep am downloading the programs now

#8 vmoose

vmoose
  • Topic Starter

  • Members
  • 14 posts
  • OFFLINE
  •  
  • Local time:02:56 AM

Posted 12 December 2012 - 02:14 AM

also will the adwcleaner or roguecleaner delete my entire hard drive. i have updated almost all my important files - but it would be quite tedious to re load the entire computer...

#9 gringo_pr

gringo_pr

    Bleepin Gringo


  • Malware Response Team
  • 136,772 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Puerto rico
  • Local time:12:56 PM

Posted 12 December 2012 - 01:55 PM

Hello


also will the adwcleaner or roguecleaner delete my entire hard drive. i have updated almost all my important files - but it would be quite tedious to re load the entire computer... - None of the programs SHOULD delete the entire harddrive, but it is always a great idea to backup anything that you cannot replace,
I Close My Topics If You Have Not Replied In 5 Days If You Will Be Longer Please Let Me Know

If I Have Not Replied To One Of My Topics In 48 Hrs Please Bump The Topic



My help is free, however, if you wish to make a small donation to show your appreciation or to help me continue the fight against Malware, then click here -->btn_donate_SM.gif<-- Don't worry every little bit helps.

Proud Graduate Of Malware Removal University

#10 vmoose

vmoose
  • Topic Starter

  • Members
  • 14 posts
  • OFFLINE
  •  
  • Local time:02:56 AM

Posted 13 December 2012 - 12:34 AM

Hi Gringo,

Below you will find the 3 Logs. Could you please tell me if the Torpig Trojan is still on the computer, or has it been deleted. Also my antivirus program that I have paid for until February 2013 is Trend Micro, and is the one that all my family computers have.

Many thanks and for your patience as well.



Security Check (checkup)

Results of screen317's Security Check version 0.99.56
Windows 7 Service Pack 1 x86 (UAC is enabled)
Internet Explorer 9
``````````````Antivirus/Firewall Check:``````````````
Windows Firewall Enabled!
Trend Micro Titanium Maximum Security 2012
Antivirus up to date!
`````````Anti-malware/Other Utilities Check:`````````
Malwarebytes Anti-Malware version 1.65.1.1000
Java™ 6 Update 35
Java version out of Date!
Adobe Flash Player 10 Flash Player out of Date!
Adobe Flash Player 11.1.102.62
Adobe Reader 9 Adobe Reader out of Date!
Mozilla Firefox 10.0.2 Firefox out of Date!
Google Chrome 21.0.1180.77
Google Chrome 21.0.1180.83
Google Chrome 21.0.1180.89
Google Chrome 22.0.1229.79
Google Chrome 22.0.1229.92
Google Chrome 22.0.1229.94
Google Chrome 23.0.1271.64
Google Chrome 23.0.1271.91
Google Chrome 23.0.1271.95
````````Process Check: objlist.exe by Laurent````````
Norton ccSvcHst.exe
Malwarebytes Anti-Malware mbamservice.exe
Malwarebytes Anti-Malware mbamgui.exe
Microsoft Small Business Business Contact Manager BcmSqlStartupSvc.exe
Malwarebytes' Anti-Malware mbamscheduler.exe
Trend Micro AMSP coreServiceShell.exe
Trend Micro UniClient UiFrmWrk uiWatchDog.exe
Trend Micro AMSP coreFrameworkHost.exe
Trend Micro UniClient UiFrmWrk uiSeAgnt.exe
`````````````````System Health check`````````````````
Total Fragmentation on Drive C: 0%
````````````````````End of Log``````````````````````

Adware Cleaner

# AdwCleaner v2.100 - Logfile created 12/13/2012 at 13:30:30
# Updated 09/12/2012 by Xplode
# Operating system : Windows 7 Home Premium Service Pack 1 (32 bits)
# User : Vanessa Wong - VANESSAWONG
# Boot Mode : Normal
# Running from : C:\Users\Vanessa Wong\Downloads\adwcleaner.exe
# Option [Delete]


***** [Services] *****


***** [Files / Folders] *****

File Deleted : C:\Program Files\Mozilla Firefox\searchplugins\babylon.xml
Folder Deleted : C:\Program Files\BabylonToolbar
Folder Deleted : C:\ProgramData\Babylon
Folder Deleted : C:\ProgramData\InstallMate
Folder Deleted : C:\ProgramData\Premium
Folder Deleted : C:\Users\Vanessa Wong\AppData\Local\Babylon
Folder Deleted : C:\Users\Vanessa Wong\AppData\Roaming\Babylon

***** [Registry] *****

Key Deleted : HKCU\Software\BabylonToolbar
Key Deleted : HKLM\Software\Babylon
Key Deleted : HKLM\Software\BabylonToolbar
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{4E1E9D45-8BF9-4139-915C-9F83CC3D5921}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{BDB69379-802F-4EAF-B541-F8DE92DD98DB}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\escorTlbr.DLL
Key Deleted : HKLM\SOFTWARE\Classes\Babylon.dskBnd
Key Deleted : HKLM\SOFTWARE\Classes\Babylon.dskBnd.1
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{98889811-442D-49DD-99D7-DC866BE87DBC}
Key Deleted : HKLM\SOFTWARE\Classes\Prod.cap
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{4E1E9D45-8BF9-4139-915C-9F83CC3D5921}
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\MyBabylontb_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\MyBabylontb_RASMANCS
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{CD95D125-2992-4858-B3EF-5F6FB52FBAD6}
Key Deleted : HKLM\SOFTWARE\Software

***** [Internet Browsers] *****

-\\ Internet Explorer v9.0.8112.16455

[OK] Registry is clean.

-\\ Mozilla Firefox v10.0.2 (en-GB)

Profile name : default
File : C:\Users\Vanessa Wong\AppData\Roaming\Mozilla\Firefox\Profiles\exgmq3xm.default\prefs.js

C:\Users\Vanessa Wong\AppData\Roaming\Mozilla\Firefox\Profiles\exgmq3xm.default\user.js ... Deleted !

Deleted : user_pref("browser.babylon.HPOnNewTab", "search.babylon.com");
Deleted : user_pref("browser.search.defaultenginename", "Search the web (Babylon)");
Deleted : user_pref("browser.search.order.1", "Search the web (Babylon)");
Deleted : user_pref("extensions.BabylonToolbar_i.aflt", "babsst");
Deleted : user_pref("extensions.BabylonToolbar_i.babExt", "");
Deleted : user_pref("extensions.BabylonToolbar_i.babTrack", "affID=100482");
Deleted : user_pref("extensions.BabylonToolbar_i.hardId", "ba8adc0800000000000060eb6994b5cf");
Deleted : user_pref("extensions.BabylonToolbar_i.id", "ba8adc0800000000000060eb6994b5cf");
Deleted : user_pref("extensions.BabylonToolbar_i.instlDay", "15342");
Deleted : user_pref("extensions.BabylonToolbar_i.instlRef", "sst");
Deleted : user_pref("extensions.BabylonToolbar_i.newTab", true);
Deleted : user_pref("extensions.BabylonToolbar_i.newTabUrl", "hxxp://search.babylon.com/?AF=100482&babsrc=NT_s[...]
Deleted : user_pref("extensions.BabylonToolbar_i.prdct", "BabylonToolbar");
Deleted : user_pref("extensions.BabylonToolbar_i.prtnrId", "babylon");
Deleted : user_pref("extensions.BabylonToolbar_i.smplGrp", "none");
Deleted : user_pref("extensions.BabylonToolbar_i.srcExt", "ss");
Deleted : user_pref("extensions.BabylonToolbar_i.tlbrId", "tb9");
Deleted : user_pref("extensions.BabylonToolbar_i.vrsn", "1.5.3.17");
Deleted : user_pref("extensions.BabylonToolbar_i.vrsnTs", "1.5.3.1721:57:38");
Deleted : user_pref("extensions.BabylonToolbar_i.vrsni", "1.5.3.17");
Deleted : user_pref("keyword.URL", "hxxp://search.babylon.com/?AF=100482&babsrc=adbartrp&mntrId=ba8adc08000000[...]

-\\ Google Chrome v23.0.1271.95

File : C:\Users\Vanessa Wong\AppData\Local\Google\Chrome\User Data\Default\Preferences

[OK] File is clean.

*************************

AdwCleaner[S1].txt - [3925 octets] - [13/12/2012 13:30:30]

########## EOF - C:\AdwCleaner[S1].txt - [3985 octets] ##########

RogueCleaner

RogueKiller V8.4.0 [Dec 12 2012] by Tigzy
mail : tigzyRK<at>gmail<dot>com
Feedback : http://www.geekstogo.com/forum/files/file/413-roguekiller/
Website : http://tigzy.geekstogo.com/roguekiller.php
Blog : http://tigzyrk.blogspot.com/

Operating System : Windows 7 (6.1.7601 Service Pack 1) 32 bits version
Started in : Normal mode
User : Vanessa Wong [Admin rights]
Mode : Scan -- Date : 12/13/2012 13:42:43

Bad processes : 0

Registry Entries : 3
[HJPOL] HKLM\[...]\System : DisableRegistryTools (0) -> FOUND
[HJ DESK] HKLM\[...]\NewStartPanel : {59031a47-3f72-44a7-89c5-5595fe6b30ee} (1) -> FOUND
[HJ DESK] HKLM\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> FOUND

Particular Files / Folders:

Driver : [LOADED]
SSDT[70] : NtCreateKey @ 0x83232917 -> HOOKED (Unknown @ 0x884D73AC)
SSDT[74] : NtCreateMutant @ 0x8327A1FE -> HOOKED (Unknown @ 0x884EF31C)
SSDT[79] : NtCreateProcess @ 0x832E0957 -> HOOKED (Unknown @ 0x884D53BC)
SSDT[80] : NtCreateProcessEx @ 0x832E09A2 -> HOOKED (Unknown @ 0x884D800C)
SSDT[86] : NtCreateSymbolicLinkObject @ 0x831F91AD -> HOOKED (Unknown @ 0x884EF2E4)
SSDT[87] : NtCreateThread @ 0x832E075E -> HOOKED (Unknown @ 0x884EF3C4)
SSDT[88] : NtCreateThreadEx @ 0x83269831 -> HOOKED (Unknown @ 0x884EF38C)
SSDT[93] : NtCreateUserProcess @ 0x83231C6F -> HOOKED (Unknown @ 0x884ECC14)
SSDT[103] : NtDeleteKey @ 0x831E6160 -> HOOKED (Unknown @ 0x884EF6EC)
SSDT[106] : NtDeleteValueKey @ 0x831EBE10 -> HOOKED (Unknown @ 0x884EAD34)
SSDT[111] : NtDuplicateObject @ 0x832658E5 -> HOOKED (Unknown @ 0x884EF2AC)
SSDT[155] : NtLoadDriver @ 0x831AF466 -> HOOKED (Unknown @ 0x884EF354)
SSDT[190] : NtOpenProcess @ 0x83226F35 -> HOOKED (Unknown @ 0x884D54AC)
SSDT[194] : NtOpenSection @ 0x83273A20 -> HOOKED (Unknown @ 0x884EACFC)
SSDT[198] : NtOpenThread @ 0x8327CB28 -> HOOKED (Unknown @ 0x884EFE44)
SSDT[290] : NtRenameKey @ 0x832A0F05 -> HOOKED (Unknown @ 0x884D8714)
SSDT[302] : NtRestoreKey @ 0x83295142 -> HOOKED (Unknown @ 0x884D86DC)
SSDT[350] : NtSetSystemInformation @ 0x831F263C -> HOOKED (Unknown @ 0x884EF274)
SSDT[358] : NtSetValueKey @ 0x832708F5 -> HOOKED (Unknown @ 0x87F42E84)
SSDT[370] : NtTerminateProcess @ 0x83227414 -> HOOKED (Unknown @ 0x884EFA6C)
SSDT[371] : NtTerminateThread @ 0x8323E965 -> HOOKED (Unknown @ 0x884EFC04)
SSDT[399] : NtWriteVirtualMemory @ 0x832572C5 -> HOOKED (Unknown @ 0x884EF3FC)
S_SSDT[584] : NtUserSetWindowsHookAW -> HOOKED (Unknown @ 0x858FD174)
S_SSDT[585] : NtUserSetWindowsHookEx -> HOOKED (Unknown @ 0x85A180C4)

HOSTS File:
--> C:\windows\system32\drivers\etc\hosts

127.0.0.1 localhost


MBR Check:

+++++ PhysicalDrive0: Hitachi HTS545050B9A300 +++++
--- User ---
[MBR] 7152b101fddbc9984f8386d44a7c9c8b
[BSP] fdaf831bc29a23dd2daf17613d8c22a3 : Windows Vista MBR Code
Partition table:
0 - [ACTIVE] ACER (0x27) [VISIBLE] Offset (sectors): 2048 | Size: 1500 Mo
1 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 3074048 | Size: 463586 Mo
2 - [XXXXXX] NTFS (0x17) [HIDDEN!] Offset (sectors): 952498176 | Size: 11853 Mo
User = LL1 ... OK!
User = LL2 ... OK!

Finished : << RKreport[1]_S_12132012_02d1342.txt >>
RKreport[1]_S_12132012_02d1342.txt

#11 gringo_pr

gringo_pr

    Bleepin Gringo


  • Malware Response Team
  • 136,772 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Puerto rico
  • Local time:12:56 PM

Posted 13 December 2012 - 08:42 AM

Hello

I Would like you to do the following.

Please print out or make a copy in notpad of any instructions given, as sometimes it is necessary to go offline and you will lose access to them.

Run Combofix:

You may be asked to install or update the Recovery Console (Win XP Only) if this happens please allow it to do so (you will need to be connected to the internet for this)

Before you run Combofix I will need you to turn off any security software you have running, If you do not know how to do this you can find out >here< or >here<

Combofix may need to reboot your computer more than once to do its job this is normal.

You can download Combofix from one of these links. I want you to save it to the desktop and run it from there.
Link 1
Link 2
Link 3
1. Close any open browsers or any other programs that are open.
2. Close/disable all anti virus and anti malware programs so they do not interfere with the running of ComboFix.

Double click on combofix.exe & follow the prompts.
When finished, it will produce a report for you.

Note 1: Do not mouseclick combofix's window while it's running. That may cause it to stall

Note 2: If you recieve an error "Illegal operation attempted on a registery key that has been marked for deletion." Please restart the computer

"information and logs"

  • In your next post I need the following
  • Log from Combofix
  • let me know of any problems you may have had
  • How is the computer doing now?

Gringo
I Close My Topics If You Have Not Replied In 5 Days If You Will Be Longer Please Let Me Know

If I Have Not Replied To One Of My Topics In 48 Hrs Please Bump The Topic



My help is free, however, if you wish to make a small donation to show your appreciation or to help me continue the fight against Malware, then click here -->btn_donate_SM.gif<-- Don't worry every little bit helps.

Proud Graduate Of Malware Removal University

#12 vmoose

vmoose
  • Topic Starter

  • Members
  • 14 posts
  • OFFLINE
  •  
  • Local time:02:56 AM

Posted 13 December 2012 - 10:32 PM

Log from ComboFix:

ComboFix 12-12-13.02 - Vanessa Wong 14/12/2012 13:50:43.2.4 - x86
Microsoft Windows 7 Home Premium 6.1.7601.1.1252.61.1033.18.2998.1412 [GMT 11:00]
Running from: c:\users\Vanessa Wong\Desktop\ComboFix.exe
AV: Trend Micro Titanium Maximum Security 2012 *Disabled/Updated* {B7599298-8445-728A-A5C7-A26A082C8BDA}
SP: Trend Micro Titanium Maximum Security 2012 *Disabled/Updated* {0C38737C-A27F-7D04-9F77-991873ABC167}
SP: Windows Defender *Disabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((( Files Created from 2012-11-14 to 2012-12-14 )))))))))))))))))))))))))))))))
.
.
2012-12-14 03:05 . 2012-12-14 03:05 40776 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2012-12-14 03:01 . 2012-12-14 03:01 -------- d-----w- c:\users\Default\AppData\Local\temp
2012-12-13 05:36 . 2012-11-09 04:42 2048 ----a-w- c:\windows\system32\tzres.dll
2012-12-06 00:57 . 2012-12-06 14:20 -------- d-----w- c:\program files\Torpig Removal Tool
2012-12-06 00:53 . 2012-12-06 00:53 -------- d-----w- c:\programdata\Sophos
2012-12-06 00:47 . 2012-12-06 00:47 -------- d-----w- C:\sec_51
2012-12-05 10:46 . 2012-12-05 10:46 -------- d-----w- c:\users\Vanessa Wong\AppData\Roaming\Malwarebytes
2012-12-05 10:45 . 2012-12-05 10:45 -------- d-----w- c:\programdata\Malwarebytes
2012-12-05 10:45 . 2012-12-05 10:45 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2012-12-05 10:45 . 2012-09-29 08:54 22856 ----a-w- c:\windows\system32\drivers\mbam.sys
2012-12-04 09:49 . 2012-12-04 09:49 -------- d-----w- c:\programdata\Wild Tangent
2012-11-21 13:32 . 2012-07-26 03:39 47720 ----a-w- c:\windows\system32\drivers\WdfLdr.sys
2012-11-21 13:32 . 2012-07-26 03:39 526952 ----a-w- c:\windows\system32\drivers\Wdf01000.sys
2012-11-21 13:32 . 2012-07-26 02:46 9728 ----a-w- c:\windows\system32\Wdfres.dll
2012-11-19 02:01 . 2012-10-03 16:58 1293680 ----a-w- c:\windows\system32\drivers\tcpip.sys
2012-11-19 02:01 . 2012-10-03 16:42 52224 ----a-w- c:\windows\system32\nlaapi.dll
2012-11-19 02:01 . 2012-10-03 16:42 242176 ----a-w- c:\windows\system32\nlasvc.dll
2012-11-19 02:01 . 2012-10-03 16:42 18944 ----a-w- c:\windows\system32\netevent.dll
2012-11-19 02:01 . 2012-10-03 16:42 175104 ----a-w- c:\windows\system32\netcorehc.dll
2012-11-19 02:01 . 2012-10-03 16:42 156672 ----a-w- c:\windows\system32\ncsi.dll
2012-11-19 02:01 . 2012-10-03 16:40 499712 ----a-w- c:\windows\system32\iphlpsvc.dll
2012-11-19 02:01 . 2012-10-03 15:21 35328 ----a-w- c:\windows\system32\drivers\tcpipreg.sys
2012-11-19 02:01 . 2012-09-25 22:47 78336 ----a-w- c:\windows\system32\synceng.dll
2012-11-19 02:01 . 2012-10-18 17:59 2345984 ----a-w- c:\windows\system32\win32k.sys
2012-11-19 02:01 . 2012-10-09 17:40 44032 ----a-w- c:\windows\system32\dhcpcsvc6.dll
2012-11-19 02:01 . 2012-10-09 17:40 193536 ----a-w- c:\windows\system32\dhcpcore6.dll
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2012-10-16 07:39 . 2012-11-27 22:54 561664 ----a-w- c:\windows\apppatch\AcLayers.dll
2012-09-26 11:23 . 2009-07-14 02:05 152576 ----a-w- c:\windows\system32\msclmd.dll
2012-09-24 11:01 . 2012-02-18 12:20 95224 ----a-w- c:\windows\system32\drivers\tmactmon.sys
2012-09-24 11:00 . 2012-02-18 12:20 76648 ----a-w- c:\windows\system32\drivers\tmevtmgr.sys
2012-09-24 11:00 . 2012-02-18 12:20 257952 ----a-w- c:\windows\system32\drivers\tmcomm.sys
2009-05-01 21:02 . 2009-05-01 21:02 1044480 ----a-w- c:\program files\mozilla firefox\plugins\libdivx.dll
2009-05-01 21:02 . 2009-05-01 21:02 200704 ----a-w- c:\program files\mozilla firefox\plugins\ssldivx.dll
2012-02-19 10:08 . 2011-05-10 23:35 134104 ----a-w- c:\program files\mozilla firefox\components\browsercomps.dll
.
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt1]
@="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]
2011-12-05 19:17 94208 ----a-w- c:\users\Vanessa Wong\AppData\Roaming\Dropbox\bin\DropboxExt.14.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt2]
@="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]
2011-12-05 19:17 94208 ----a-w- c:\users\Vanessa Wong\AppData\Roaming\Dropbox\bin\DropboxExt.14.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt3]
@="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]
2011-12-05 19:17 94208 ----a-w- c:\users\Vanessa Wong\AppData\Roaming\Dropbox\bin\DropboxExt.14.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"="c:\program files\Common Files\Ahead\Lib\NMBgMonitor.exe" [2007-03-07 149040]
"MobileDocuments"="c:\program files\Common Files\Apple\Internet Services\ubd.exe" [2012-02-23 59240]
"TK8 StickyNotes"="c:\program files\TK8 StickyNotes\TK8StickyNotes.exe" [2012-08-02 10134360]
"Facebook Update"="c:\users\Vanessa Wong\AppData\Local\Facebook\Update\FacebookUpdate.exe" [2012-11-08 138096]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2010-02-26 141848]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2010-02-26 175640]
"Persistence"="c:\windows\system32\igfxpers.exe" [2010-02-26 167960]
"TPwrMain"="c:\program files\TOSHIBA\Power Saver\TPwrMain.EXE" [2009-11-06 480608]
"HSON"="c:\program files\TOSHIBA\TBS\HSON.exe" [2009-03-09 55160]
"SmoothView"="c:\program files\Toshiba\SmoothView\SmoothView.exe" [2009-07-28 460088]
"00TCrdMain"="c:\program files\TOSHIBA\FlashCards\TCrdMain.exe" [2010-03-03 742712]
"cAudioFilterAgent"="c:\program files\Conexant\cAudioFilterAgent\cAudioFilterAgent.exe" [2010-03-10 496184]
"SmartAudio"="c:\program files\CONEXANT\SAII\SAIICpl.exe" [2010-04-28 307768]
"SynTPEnh"="c:\program files\Synaptics\SynTP\SynTPEnh.exe" [2010-03-11 1697064]
"SmartFaceVWatcher"="c:\program files\Toshiba\SmartFaceV\SmartFaceVWatcher.exe" [2009-10-20 163840]
"Teco"="c:\program files\TOSHIBA\TECO\Teco.exe" [2010-02-26 1323008]
"TosSENotify"="c:\program files\TOSHIBA\TOSHIBA HDD SSD Alert\TosWaitSrv.exe" [2010-02-06 611672]
"ToshibaServiceStation"="c:\program files\TOSHIBA\TOSHIBA Service Station\ToshibaServiceStation.exe" [2009-10-06 1294136]
"TosWaitSrv"="c:\program files\TOSHIBA\TPHM\TosWaitSrv.exe" [2010-02-24 611672]
"TWebCamera"="c:\program files\TOSHIBA\TOSHIBA Web Camera Application\TWebCamera.exe" [2010-02-24 2454840]
"NortonOnlineBackupReminder"="c:\program files\Symantec\Norton Online Backup\Activation\NOBuActivation.exe" [2010-02-18 3272040]
"TosVolRegulator"="c:\program files\TOSHIBA\TosVolRegulator\TosVolRegulator.exe" [2009-11-11 22840]
"TosNC"="c:\program files\Toshiba\BulletinBoard\TosNcCore.exe" [2010-03-09 467816]
"TosReelTimeMonitor"="c:\program files\TOSHIBA\ReelTime\TosReelTimeMonitor.exe" [2010-02-24 30040]
"BigPondWirelessBroadbandCM"="c:\program files\Telstra\Mobile Broadband Manager\TelstraUCM.exe" [2010-05-14 4352408]
"NeroFilterCheck"="c:\program files\Common Files\Ahead\Lib\NeroCheck.exe" [2007-03-07 161328]
"APSDaemon"="c:\program files\Common Files\Apple\Apple Application Support\APSDaemon.exe" [2012-08-27 59280]
"Trend Micro Titanium"="c:\program files\Trend Micro\Titanium\UIFramework\uiWinMgr.exe" [2012-09-08 1304824]
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2012-07-31 38872]
"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2012-07-11 919008]
"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2012-01-18 254696]
"QuickTime Task"="c:\program files\QuickTime\QTTask.exe" [2012-04-18 421888]
"ConnectionCenter"="c:\program files\Citrix\ICA Client\concentr.exe" [2012-05-22 371896]
"iTunesHelper"="c:\program files\iTunes\iTunesHelper.exe" [2012-09-09 421776]
"Trend Micro Client Framework"="c:\program files\Trend Micro\UniClient\UiFrmWrk\UIWatchDog.exe" [2012-02-27 133424]
.
c:\users\Vanessa Wong\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
Dropbox.lnk - c:\users\Vanessa Wong\AppData\Roaming\Dropbox\bin\Dropbox.exe [2012-5-25 27112840]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows]
"AppInit_DLLs"=c:\progra~1\Citrix\ICACLI~1\RSHook.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"aux"=wdmaud.drv
.
R2 SkypeUpdate;Skype Updater;c:\program files\Skype\Updater\Updater.exe [x]
R3 ivusb;Initio Driver for USB Default Controller;c:\windows\system32\DRIVERS\ivusb.sys [x]
R3 massfilter;ZTE Mass Storage Filter Driver;c:\windows\system32\drivers\massfilter.sys [x]
R3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader;c:\windows\system32\Drivers\RtsUStor.sys [x]
R3 SrvHsfHDA;SrvHsfHDA;c:\windows\system32\DRIVERS\VSTAZL3.SYS [x]
R3 SrvHsfV92;SrvHsfV92;c:\windows\system32\DRIVERS\VSTDPV3.SYS [x]
R3 SrvHsfWinac;SrvHsfWinac;c:\windows\system32\DRIVERS\VSTCNXT3.SYS [x]
R3 TMachInfo;TMachInfo;c:\program files\TOSHIBA\TOSHIBA Service Station\TMachInfo.exe [x]
R3 TOSHIBA HDD SSD Alert Service;TOSHIBA HDD SSD Alert Service;c:\program files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSmartSrv.exe [x]
R3 TPCHSrv;TPCH Service;c:\program files\TOSHIBA\TPHM\TPCHSrv.exe [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [x]
R3 WatAdminSvc;Windows Activation Technologies Service;c:\windows\system32\Wat\WatAdminSvc.exe [x]
R3 WDC_SAM;WD SCSI Pass Thru driver;c:\windows\system32\DRIVERS\wdcsam.sys [x]
R3 ZTEusbnet;ZTE USB-NDIS miniport;c:\windows\system32\DRIVERS\ZTEusbnet.sys [x]
S1 ctxusbm;Citrix USB Monitor Driver;c:\windows\system32\DRIVERS\ctxusbm.sys [x]
S1 tmevtmgr;tmevtmgr;c:\windows\system32\DRIVERS\tmevtmgr.sys [x]
S2 Amsp;Trend Micro Solution Platform;c:\program files\Trend Micro\AMSP\coreServiceShell.exe coreFrameworkHost.exe [x]
S2 cfWiMAXService;ConfigFree WiMAX Service;c:\program files\TOSHIBA\ConfigFree\CFIWmxSvcs.exe [x]
S2 ConfigFree Service;ConfigFree Service;c:\program files\TOSHIBA\ConfigFree\CFSvcs.exe [x]
S2 HsfXAudioService;HsfXAudioService;c:\windows\system32\svchost.exe [x]
S2 Norton PC Checkup Application Launcher;Norton PC Checkup Application Launcher;c:\program files\Norton PC Checkup\Engine\2.0.3.202\SymcPCCULaunchSvc.exe [x]
S2 PCCUJobMgr;Common Client Job Manager Service;c:\program files\Norton PC Checkup\Engine\2.0.3.202\ccSvcHst.exe [x]
S2 TOSHIBA eco Utility Service;TOSHIBA eco Utility Service;c:\program files\TOSHIBA\TECO\TecoService.exe [x]
S2 TVALZFL;TOSHIBA ACPI-Based Value Added Logical and General Purpose Device Filter Driver;c:\windows\system32\DRIVERS\TVALZFL.sys [x]
S2 UNS;Intel® Management & Security Application User Notification Service;c:\program files\Intel\Intel® Management Engine Components\UNS\UNS.exe [x]
S3 Impcd;Impcd;c:\windows\system32\DRIVERS\Impcd.sys [x]
S3 L1C;NDIS Miniport Driver for Atheros AR813x/AR815x PCI-E Ethernet Controller;c:\windows\system32\DRIVERS\L1C62x86.sys [x]
S3 PGEffect;Pangu effect driver;c:\windows\system32\DRIVERS\pgeffect.sys [x]
S3 QIOMem;Generic IO & Memory Access;c:\windows\system32\DRIVERS\QIOMem.sys [x]
S3 rtl8192se;Realtek Wireless LAN 802.11n PCI-E NIC NT Driver;c:\windows\system32\DRIVERS\rtl8192se.sys [x]
.
.
--- Other Services/Drivers In Memory ---
.
*NewlyCreated* - MBAMSWISSARMY
*Deregistered* - MBAMSwissArmy
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
HsfXAudioService REG_MULTI_SZ HsfXAudioService
.
Contents of the 'Scheduled Tasks' folder
.
2012-12-13 c:\windows\Tasks\FacebookUpdateTaskUserS-1-5-21-4056854143-918768083-863506422-1005Core.job
- c:\users\Vanessa Wong\AppData\Local\Facebook\Update\FacebookUpdate.exe [2012-11-08 11:03]
.
2012-12-13 c:\windows\Tasks\FacebookUpdateTaskUserS-1-5-21-4056854143-918768083-863506422-1005UA.job
- c:\users\Vanessa Wong\AppData\Local\Facebook\Update\FacebookUpdate.exe [2012-11-08 11:03]
.
2012-12-13 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-4056854143-918768083-863506422-1005Core.job
- c:\users\Vanessa Wong\AppData\Local\Google\Update\GoogleUpdate.exe [2012-03-01 08:02]
.
2012-12-13 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-4056854143-918768083-863506422-1005UA.job
- c:\users\Vanessa Wong\AppData\Local\Google\Update\GoogleUpdate.exe [2012-03-01 08:02]
.
.
------- Supplementary Scan -------
.
uStart Page = hxxp://toshiba.msn.com
uInternet Settings,ProxyOverride = *.local
TCP: DhcpNameServer = 10.49.128.28 10.49.128.18
FF - ProfilePath - c:\users\Vanessa Wong\AppData\Roaming\Mozilla\Firefox\Profiles\exgmq3xm.default\
FF - prefs.js: browser.startup.homepage - hxxp://www.google.com.au/
FF - prefs.js: network.proxy.type - 0
.
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\PCCUJobMgr]
"ImagePath"="\"c:\program files\Norton PC Checkup\Engine\2.0.3.202\ccSvcHst.exe\" /s \"PCCUJobMgr\" /m \"c:\program files\Norton PC Checkup\Engine\2.0.3.202\diMaster.dll\" /prefetch:1"
.
--------------------- LOCKED REGISTRY KEYS ---------------------
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
"MSCurrentCountry"=dword:00000009
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
--------------------- DLLs Loaded Under Running Processes ---------------------
.
- - - - - - - > 'Explorer.exe'(5292)
c:\users\Vanessa Wong\AppData\Roaming\Dropbox\bin\DropboxExt.14.dll
.
------------------------ Other Running Processes ------------------------
.
c:\windows\servicing\TrustedInstaller.exe
c:\program files\Trend Micro\AMSP\coreServiceShell.exe
c:\program files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
c:\windows\system32\conhost.exe
c:\program files\Trend Micro\AMSP\coreFrameworkHost.exe
c:\windows\system32\conhost.exe
c:\program files\Microsoft Small Business\Business Contact Manager\BcmSqlStartupSvc.exe
c:\program files\Bonjour\mDNSResponder.exe
c:\program files\Intel\Intel® Management Engine Components\LMS\LMS.exe
c:\program files\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe
c:\program files\Microsoft SQL Server\90\Shared\sqlbrowser.exe
c:\program files\Microsoft SQL Server\90\Shared\sqlwriter.exe
c:\windows\system32\TODDSrv.exe
c:\program files\Toshiba\Power Saver\TosCoSrv.exe
c:\program files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
c:\program files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
c:\windows\system32\taskhost.exe
c:\windows\system32\conhost.exe
c:\program files\TOSHIBA\ConfigFree\NDSTray.exe
c:\windows\system32\sppsvc.exe
c:\program files\Windows Media Player\wmpnetwk.exe
.
**************************************************************************
.
Completion time: 2012-12-14 14:10:08 - machine was rebooted
ComboFix-quarantined-files.txt 2012-12-14 03:10
ComboFix2.txt 2012-12-06 13:46
.
Pre-Run: 191,831,023,616 bytes free
Post-Run: 191,823,446,016 bytes free
.
- - End Of File - - F92993AC820BEC5C7762A7F0907F86DE


Gringo,

I have not had any problems following your instructions.
And my computer is running fine now, I have never had any problems with the supposed 'torpig trojan' on my computer. It was only what the IT people that run the wireless internet from my dorm said when my computer was unable to connect to the wireless network. I'm not even quite sure how they identified it.

Thanks,
Vanessa

#13 gringo_pr

gringo_pr

    Bleepin Gringo


  • Malware Response Team
  • 136,772 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Puerto rico
  • Local time:12:56 PM

Posted 13 December 2012 - 10:38 PM

Greetings

I want you to run these next,

Please download the latest version of TDSSKiller from here and save it to your Desktop.
  • Doubleclick on TDSSKiller.exe to run the application, then click on Change parameters.
  • Put a checkmark beside loaded modules.
  • A reboot will be needed to apply the changes. Do it.
  • TDSSKiller will launch automatically after the reboot. Also your computer may seem very slow and unusable. This is normal. Give it enough time to load your background programs.
  • Then click on Change parameters in TDSSKiller.
  • Check all boxes then click OK.
  • Click the Start Scan button.
  • The scan should take no longer than 2 minutes.
  • If a suspicious object is detected, the default action will be Skip, click on Continue.
  • If malicious objects are found, they will show in the Scan results
  • Ensure Cure (default) is selected, then click Continue > Reboot now to finish the cleaning process.
    Note: If Cure is not available, please choose Skip instead, do not choose Delete unless instructed.
  • A report will be created in your root directory, (usually C:\ folder) in the form of "TDSSKiller.[Version]_[Date]_[Time]_log.txt". Please copy and paste the contents of that file here.



Please download aswMBR to your desktop.
  • Double click the aswMBR.exe icon to run it
  • it will ask to download extra definitions - ALLOW IT
  • Click the Scan button to start the scan
  • On completion of the scan, click the save log button, save it to your desktop and post it in your next reply.

If you have any problems running either one come back and let me know

please reply with the reports from TDSSKiller and aswMBR

Gringo
I Close My Topics If You Have Not Replied In 5 Days If You Will Be Longer Please Let Me Know

If I Have Not Replied To One Of My Topics In 48 Hrs Please Bump The Topic



My help is free, however, if you wish to make a small donation to show your appreciation or to help me continue the fight against Malware, then click here -->btn_donate_SM.gif<-- Don't worry every little bit helps.

Proud Graduate Of Malware Removal University

#14 vmoose

vmoose
  • Topic Starter

  • Members
  • 14 posts
  • OFFLINE
  •  
  • Local time:02:56 AM

Posted 14 December 2012 - 03:40 AM

TDSSKiller Log File (Part 1)

15:45:17.0648 5792 TDSS rootkit removing tool 2.8.15.0 Oct 31 2012 21:47:35
15:45:18.0724 5792 ============================================================
15:45:18.0724 5792 Current date / time: 2012/12/14 15:45:18.0724
15:45:18.0724 5792 SystemInfo:
15:45:18.0724 5792
15:45:18.0724 5792 OS Version: 6.1.7601 ServicePack: 1.0
15:45:18.0724 5792 Product type: Workstation
15:45:18.0724 5792 ComputerName: VANESSAWONG
15:45:18.0724 5792 UserName: Vanessa Wong
15:45:18.0724 5792 Windows directory: C:\windows
15:45:18.0724 5792 System windows directory: C:\windows
15:45:18.0724 5792 Processor architecture: Intel x86
15:45:18.0724 5792 Number of processors: 4
15:45:18.0724 5792 Page size: 0x1000
15:45:18.0724 5792 Boot type: Normal boot
15:45:18.0724 5792 ============================================================
15:45:31.0407 5792 BG loaded
15:45:36.0274 5792 Drive \Device\Harddisk0\DR0 - Size: 0x7470C06000 (465.76 Gb), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000050
15:45:36.0321 5792 ============================================================
15:45:36.0321 5792 \Device\Harddisk0\DR0:
15:45:36.0352 5792 MBR partitions:
15:45:36.0352 5792 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x2EE800, BlocksNum 0x38971000
15:45:36.0352 5792 ============================================================
15:45:36.0446 5792 C: <-> \Device\Harddisk0\DR0\Partition1
15:45:36.0446 5792 ============================================================
15:45:36.0446 5792 Initialize success
15:45:36.0446 5792 ============================================================
15:45:59.0550 4524 ============================================================
15:45:59.0550 4524 Scan started
15:45:59.0550 4524 Mode: Manual; SigCheck; TDLFS;
15:45:59.0550 4524 ============================================================
15:46:01.0406 4524 ================ Scan system memory ========================
15:46:01.0406 4524 System memory - ok
15:46:01.0406 4524 ================ Scan services =============================
15:46:01.0718 4524 [ 1B133875B8AA8AC48969BD3458AFE9F5 ] 1394ohci C:\windows\system32\drivers\1394ohci.sys
15:46:20.0547 4524 1394ohci - ok
15:46:21.0000 4524 [ CEA80C80BED809AA0DA6FEBC04733349 ] ACPI C:\windows\system32\drivers\ACPI.sys
15:46:21.0031 4524 ACPI - ok
15:46:21.0218 4524 [ 1EFBC664ABFF416D1D07DB115DCB264F ] AcpiPmi C:\windows\system32\drivers\acpipmi.sys
15:46:22.0778 4524 AcpiPmi - ok
15:46:23.0589 4524 [ 21E785EBD7DC90A06391141AAC7892FB ] adp94xx C:\windows\system32\DRIVERS\adp94xx.sys
15:46:24.0198 4524 adp94xx - ok
15:46:24.0463 4524 [ 0C676BC278D5B59FF5ABD57BBE9123F2 ] adpahci C:\windows\system32\DRIVERS\adpahci.sys
15:46:24.0915 4524 adpahci - ok
15:46:25.0071 4524 [ 7C7B5EE4B7B822EC85321FE23A27DB33 ] adpu320 C:\windows\system32\DRIVERS\adpu320.sys
15:46:25.0633 4524 adpu320 - ok
15:46:25.0695 4524 [ 8B5EEFEEC1E6D1A72A06C526628AD161 ] AeLookupSvc C:\windows\System32\aelupsvc.dll
15:46:25.0820 4524 AeLookupSvc - ok
15:46:26.0257 4524 [ 9EBBBA55060F786F0FCAA3893BFA2806 ] AFD C:\windows\system32\drivers\afd.sys
15:46:26.0366 4524 AFD - ok
15:46:26.0444 4524 [ 507812C3054C21CEF746B6EE3D04DD6E ] agp440 C:\windows\system32\drivers\agp440.sys
15:46:26.0647 4524 agp440 - ok
15:46:26.0803 4524 [ 8B30250D573A8F6B4BD23195160D8707 ] aic78xx C:\windows\system32\DRIVERS\djsvs.sys
15:46:26.0943 4524 aic78xx - ok
15:46:27.0146 4524 [ 18A54E132947CD98FEA9ACCC57F98F13 ] ALG C:\windows\System32\alg.exe
15:46:27.0240 4524 ALG - ok
15:46:27.0505 4524 [ 0D40BCF52EA90FC7DF2AEAB6503DEA44 ] aliide C:\windows\system32\drivers\aliide.sys
15:46:27.0583 4524 aliide - ok
15:46:27.0692 4524 [ 3C6600A0696E90A463771C7422E23AB5 ] amdagp C:\windows\system32\drivers\amdagp.sys
15:46:27.0786 4524 amdagp - ok
15:46:27.0879 4524 [ CD5914170297126B6266860198D1D4F0 ] amdide C:\windows\system32\drivers\amdide.sys
15:46:27.0942 4524 amdide - ok
15:46:28.0035 4524 [ 00DDA200D71BAC534BF56A9DB5DFD666 ] AmdK8 C:\windows\system32\DRIVERS\amdk8.sys
15:46:28.0238 4524 AmdK8 - ok
15:46:28.0332 4524 [ 3CBF30F5370FDA40DD3E87DF38EA53B6 ] AmdPPM C:\windows\system32\DRIVERS\amdppm.sys
15:46:28.0425 4524 AmdPPM - ok
15:46:28.0566 4524 [ D320BF87125326F996D4904FE24300FC ] amdsata C:\windows\system32\drivers\amdsata.sys
15:46:28.0675 4524 amdsata - ok
15:46:28.0784 4524 [ EA43AF0C423FF267355F74E7A53BDABA ] amdsbs C:\windows\system32\DRIVERS\amdsbs.sys
15:46:29.0096 4524 amdsbs - ok
15:46:29.0268 4524 [ 46387FB17B086D16DEA267D5BE23A2F2 ] amdxata C:\windows\system32\drivers\amdxata.sys
15:46:29.0314 4524 amdxata - ok
15:46:30.0266 4524 [ FEB0B5022C012A4A68DABCB711FAFF03 ] Amsp C:\Program Files\Trend Micro\AMSP\coreServiceShell.exe
15:46:30.0328 4524 Amsp - ok
15:46:30.0578 4524 [ AEA177F783E20150ACE5383EE368DA19 ] AppID C:\windows\system32\drivers\appid.sys
15:46:30.0796 4524 AppID - ok
15:46:31.0108 4524 [ 62A9C86CB6085E20DB4823E4E97826F5 ] AppIDSvc C:\windows\System32\appidsvc.dll
15:46:31.0264 4524 AppIDSvc - ok
15:46:31.0420 4524 [ FB1959012294D6AD43E5304DF65E3C26 ] Appinfo C:\windows\System32\appinfo.dll
15:46:31.0514 4524 Appinfo - ok
15:46:31.0888 4524 [ A5299D04ED225D64CF07A568A3E1BF8C ] Apple Mobile Device C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
15:46:31.0935 4524 Apple Mobile Device - ok
15:46:32.0138 4524 [ 2932004F49677BD84DBC72EDB754FFB3 ] arc C:\windows\system32\DRIVERS\arc.sys
15:46:32.0294 4524 arc - ok
15:46:32.0372 4524 [ 5D6F36C46FD283AE1B57BD2E9FEB0BC7 ] arcsas C:\windows\system32\DRIVERS\arcsas.sys
15:46:32.0528 4524 arcsas - ok
15:46:32.0637 4524 [ ADD2ADE1C2B285AB8378D2DAAF991481 ] AsyncMac C:\windows\system32\DRIVERS\asyncmac.sys
15:46:35.0648 4524 AsyncMac - ok
15:46:35.0742 4524 [ 338C86357871C167A96AB976519BF59E ] atapi C:\windows\system32\drivers\atapi.sys
15:46:35.0788 4524 atapi - ok
15:46:36.0022 4524 [ CE3B4E731638D2EF62FCB419BE0D39F0 ] AudioEndpointBuilder C:\windows\System32\Audiosrv.dll
15:46:36.0116 4524 AudioEndpointBuilder - ok
15:46:36.0210 4524 [ CE3B4E731638D2EF62FCB419BE0D39F0 ] Audiosrv C:\windows\System32\Audiosrv.dll
15:46:36.0256 4524 Audiosrv - ok
15:46:36.0366 4524 [ 6E30D02AAC9CAC84F421622E3A2F6178 ] AxInstSV C:\windows\System32\AxInstSV.dll
15:46:37.0458 4524 AxInstSV - ok
15:46:37.0801 4524 [ 1A231ABEC60FD316EC54C66715543CEC ] b06bdrv C:\windows\system32\DRIVERS\bxvbdx.sys
15:46:38.0378 4524 b06bdrv - ok
15:46:38.0628 4524 [ BD8869EB9CDE6BBE4508D869929869EE ] b57nd60x C:\windows\system32\DRIVERS\b57nd60x.sys
15:46:38.0877 4524 b57nd60x - ok
15:46:39.0314 4524 [ 6163664C7E9CD110AF70180C126C3FDC ] BcmSqlStartupSvc C:\Program Files\Microsoft Small Business\Business Contact Manager\BcmSqlStartupSvc.exe
15:46:39.0361 4524 BcmSqlStartupSvc - ok
15:46:39.0501 4524 [ EE1E9C3BB8228AE423DD38DB69128E71 ] BDESVC C:\windows\System32\bdesvc.dll
15:46:39.0610 4524 BDESVC - ok
15:46:39.0735 4524 [ 505506526A9D467307B3C393DEDAF858 ] Beep C:\windows\system32\drivers\Beep.sys
15:46:39.0860 4524 Beep - ok
15:46:40.0297 4524 [ 1E2BAC209D184BB851E1A187D8A29136 ] BFE C:\windows\System32\bfe.dll
15:46:40.0390 4524 BFE - ok
15:46:40.0609 4524 [ E585445D5021971FAE10393F0F1C3961 ] BITS C:\windows\system32\qmgr.dll
15:46:40.0780 4524 BITS - ok
15:46:40.0812 4524 [ 2287078ED48FCFC477B05B20CF38F36F ] blbdrive C:\windows\system32\DRIVERS\blbdrive.sys
15:46:40.0890 4524 blbdrive - ok
15:46:41.0576 4524 [ DB5BEA73EDAF19AC68B2C0FAD0F92B1A ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe
15:46:41.0623 4524 Bonjour Service - ok
15:46:41.0904 4524 [ 8F2DA3028D5FCBD1A060A3DE64CD6506 ] bowser C:\windows\system32\DRIVERS\bowser.sys
15:46:42.0075 4524 bowser - ok
15:46:42.0262 4524 [ 9F9ACC7F7CCDE8A15C282D3F88B43309 ] BrFiltLo C:\windows\system32\DRIVERS\BrFiltLo.sys
15:46:43.0370 4524 BrFiltLo - ok
15:46:43.0417 4524 [ 56801AD62213A41F6497F96DEE83755A ] BrFiltUp C:\windows\system32\DRIVERS\BrFiltUp.sys
15:46:43.0526 4524 BrFiltUp - ok
15:46:44.0946 4524 [ 77361D72A04F18809D0EFB6CCEB74D4B ] BridgeMP C:\windows\system32\DRIVERS\bridge.sys
15:46:45.0351 4524 BridgeMP - ok
15:46:45.0523 4524 [ 3DAA727B5B0A45039B0E1C9A211B8400 ] Browser C:\windows\System32\browser.dll
15:46:45.0632 4524 Browser - ok
15:46:45.0726 4524 [ 845B8CE732E67F3B4133164868C666EA ] Brserid C:\windows\System32\Drivers\Brserid.sys
15:46:46.0069 4524 Brserid - ok
15:46:46.0116 4524 [ 203F0B1E73ADADBBB7B7B1FABD901F6B ] BrSerWdm C:\windows\System32\Drivers\BrSerWdm.sys
15:46:46.0428 4524 BrSerWdm - ok
15:46:46.0474 4524 [ BD456606156BA17E60A04E18016AE54B ] BrUsbMdm C:\windows\System32\Drivers\BrUsbMdm.sys
15:46:46.0552 4524 BrUsbMdm - ok
15:46:46.0740 4524 [ AF72ED54503F717A43268B3CC5FAEC2E ] BrUsbSer C:\windows\System32\Drivers\BrUsbSer.sys
15:46:46.0942 4524 BrUsbSer - ok
15:46:46.0974 4524 [ ED3DF7C56CE0084EB2034432FC56565A ] BTHMODEM C:\windows\system32\DRIVERS\bthmodem.sys
15:46:47.0052 4524 BTHMODEM - ok
15:46:47.0208 4524 [ 1DF19C96EEF6C29D1C3E1A8678E07190 ] bthserv C:\windows\system32\bthserv.dll
15:46:47.0301 4524 bthserv - ok
15:46:50.0718 4524 catchme - ok
15:46:50.0842 4524 [ 77EA11B065E0A8AB902D78145CA51E10 ] cdfs C:\windows\system32\DRIVERS\cdfs.sys
15:46:51.0045 4524 cdfs - ok
15:46:51.0217 4524 [ BE167ED0FDB9C1FA1133953C18D5A6C9 ] cdrom C:\windows\system32\drivers\cdrom.sys
15:46:51.0279 4524 cdrom - ok
15:46:51.0388 4524 [ 319C6B309773D063541D01DF8AC6F55F ] CertPropSvc C:\windows\System32\certprop.dll
15:46:51.0498 4524 CertPropSvc - ok
15:46:51.0856 4524 [ 3653FD7871E8B5B92E9C3E2945BD293D ] cfWiMAXService C:\Program Files\TOSHIBA\ConfigFree\CFIWmxSvcs.exe
15:46:51.0888 4524 cfWiMAXService - ok
15:46:51.0981 4524 [ 3FE3FE94A34DF6FB06E6418D0F6A0060 ] circlass C:\windows\system32\DRIVERS\circlass.sys
15:46:52.0153 4524 circlass - ok
15:46:52.0278 4524 [ 635181E0E9BBF16871BF5380D71DB02D ] CLFS C:\windows\system32\CLFS.sys
15:46:52.0340 4524 CLFS - ok
15:46:52.0636 4524 [ D88040F816FDA31C3B466F0FA0918F29 ] clr_optimization_v2.0.50727_32 C:\windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
15:46:52.0746 4524 clr_optimization_v2.0.50727_32 - ok
15:46:53.0276 4524 [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
15:46:53.0370 4524 clr_optimization_v4.0.30319_32 - ok
15:46:53.0417 4524 [ DEA805815E587DAD1DD2C502220B5616 ] CmBatt C:\windows\system32\DRIVERS\CmBatt.sys
15:46:53.0448 4524 CmBatt - ok
15:46:53.0479 4524 [ C537B1DB64D495B9B4717B4D6D9EDBF2 ] cmdide C:\windows\system32\drivers\cmdide.sys
15:46:53.0526 4524 cmdide - ok
15:46:53.0635 4524 [ 247B4CE2DAB1160CD422D532D5241E1F ] CNG C:\windows\system32\Drivers\cng.sys
15:46:54.0009 4524 CNG - ok
15:46:54.0571 4524 [ C2FA222AC9DB9463F801451FF65ECBE8 ] CnxtHdAudService C:\windows\system32\drivers\CHDRT32.sys
15:46:54.0649 4524 CnxtHdAudService - ok
15:46:54.0852 4524 [ A6023D3823C37043986713F118A89BEE ] Compbatt C:\windows\system32\DRIVERS\compbatt.sys
15:46:54.0930 4524 Compbatt - ok
15:46:55.0211 4524 [ CBE8C58A8579CFE5FCCF809E6F114E89 ] CompositeBus C:\windows\system32\drivers\CompositeBus.sys
15:46:55.0273 4524 CompositeBus - ok
15:46:55.0351 4524 COMSysApp - ok
15:46:55.0523 4524 [ CAB0EEAF5295FC96DDD3E19DCE27E131 ] ConfigFree Service C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe
15:46:55.0554 4524 ConfigFree Service - ok
15:46:55.0803 4524 [ 2C4EBCFC84A9B44F209DFF6C6E6C61D1 ] crcdisk C:\windows\system32\DRIVERS\crcdisk.sys
15:46:55.0897 4524 crcdisk - ok
15:46:56.0303 4524 [ 96C0E38905CFD788313BE8E11DAE3F2F ] CryptSvc C:\windows\system32\cryptsvc.dll
15:46:56.0490 4524 CryptSvc - ok
15:46:56.0755 4524 [ FFC5377AA2C1A3F5B18F359F661E76C8 ] ctxusbm C:\windows\system32\DRIVERS\ctxusbm.sys
15:46:56.0786 4524 ctxusbm - ok
15:46:57.0098 4524 [ 7660F01D3B38ACA1747E397D21D790AF ] DcomLaunch C:\windows\system32\rpcss.dll
15:46:57.0207 4524 DcomLaunch - ok
15:46:57.0457 4524 [ 8D6E10A2D9A5EED59562D9B82CF804E1 ] defragsvc C:\windows\System32\defragsvc.dll
15:46:57.0519 4524 defragsvc - ok
15:46:57.0722 4524 [ F024449C97EC1E464AAFFDA18593DB88 ] DfsC C:\windows\system32\Drivers\dfsc.sys
15:46:57.0785 4524 DfsC - ok
15:46:57.0925 4524 [ E9E01EB683C132F7FA27CD607B8A2B63 ] Dhcp C:\windows\system32\dhcpcore.dll
15:46:58.0081 4524 Dhcp - ok
15:46:58.0190 4524 [ 1A050B0274BFB3890703D490F330C0DA ] discache C:\windows\system32\drivers\discache.sys
15:46:58.0299 4524 discache - ok
15:46:58.0424 4524 [ 565003F326F99802E68CA78F2A68E9FF ] Disk C:\windows\system32\DRIVERS\disk.sys
15:46:58.0487 4524 Disk - ok
15:46:58.0674 4524 [ 33EF4861F19A0736B11314AAD9AE28D0 ] Dnscache C:\windows\System32\dnsrslvr.dll
15:46:58.0892 4524 Dnscache - ok
15:46:59.0064 4524 [ 366BA8FB4B7BB7435E3B9EACB3843F67 ] dot3svc C:\windows\System32\dot3svc.dll
15:46:59.0157 4524 dot3svc - ok
15:46:59.0282 4524 [ 8EC04CA86F1D68DA9E11952EB85973D6 ] DPS C:\windows\system32\dps.dll
15:46:59.0391 4524 DPS - ok
15:46:59.0469 4524 [ B918E7C5F9BF77202F89E1A9539F2EB4 ] drmkaud C:\windows\system32\drivers\drmkaud.sys
15:46:59.0563 4524 drmkaud - ok
15:46:59.0906 4524 [ 23F5D28378A160352BA8F817BD8C71CB ] DXGKrnl C:\windows\System32\drivers\dxgkrnl.sys
15:46:59.0984 4524 DXGKrnl - ok
15:47:00.0187 4524 [ 8600142FA91C1B96367D3300AD0F3F3A ] EapHost C:\windows\System32\eapsvc.dll
15:47:00.0312 4524 EapHost - ok
15:47:01.0279 4524 [ 024E1B5CAC09731E4D868E64DBFB4AB0 ] ebdrv C:\windows\system32\DRIVERS\evbdx.sys
15:47:03.0962 4524 ebdrv - ok
15:47:04.0040 4524 [ 81951F51E318AECC2D68559E47485CC4 ] EFS C:\windows\System32\lsass.exe
15:47:04.0087 4524 EFS - ok
15:47:04.0664 4524 [ A8C362018EFC87BEB013EE28F29C0863 ] ehRecvr C:\windows\ehome\ehRecvr.exe
15:47:04.0711 4524 ehRecvr - ok
15:47:05.0257 4524 [ D389BFF34F80CAEDE417BF9D1507996A ] ehSched C:\windows\ehome\ehsched.exe
15:47:05.0631 4524 ehSched - ok
15:47:05.0975 4524 [ 0ED67910C8C326796FAA00B2BF6D9D3C ] elxstor C:\windows\system32\DRIVERS\elxstor.sys
15:47:06.0770 4524 elxstor - ok
15:47:06.0848 4524 [ 8FC3208352DD3912C94367A206AB3F11 ] ErrDev C:\windows\system32\drivers\errdev.sys
15:47:06.0957 4524 ErrDev - ok
15:47:07.0269 4524 [ F6916EFC29D9953D5D0DF06882AE8E16 ] EventSystem C:\windows\system32\es.dll
15:47:07.0488 4524 EventSystem - ok
15:47:07.0644 4524 [ 2DC9108D74081149CC8B651D3A26207F ] exfat C:\windows\system32\drivers\exfat.sys
15:47:08.0221 4524 exfat - ok
15:47:08.0361 4524 [ 7E0AB74553476622FB6AE36F73D97D35 ] fastfat C:\windows\system32\drivers\fastfat.sys
15:47:08.0767 4524 fastfat - ok
15:47:09.0126 4524 [ 967EA5B213E9984CBE270205DF37755B ] Fax C:\windows\system32\fxssvc.exe
15:47:09.0344 4524 Fax - ok
15:47:09.0375 4524 [ E817A017F82DF2A1F8CFDBDA29388B29 ] fdc C:\windows\system32\DRIVERS\fdc.sys
15:47:09.0485 4524 fdc - ok
15:47:09.0578 4524 [ F3222C893BD2F5821A0179E5C71E88FB ] fdPHost C:\windows\system32\fdPHost.dll
15:47:09.0703 4524 fdPHost - ok
15:47:09.0812 4524 [ 7DBE8CBFE79EFBDEB98C9FB08D3A9A5B ] FDResPub C:\windows\system32\fdrespub.dll
15:47:09.0890 4524 FDResPub - ok
15:47:09.0953 4524 [ 6CF00369C97F3CF563BE99BE983D13D8 ] FileInfo C:\windows\system32\drivers\fileinfo.sys
15:47:09.0999 4524 FileInfo - ok
15:47:10.0062 4524 [ 42C51DC94C91DA21CB9196EB64C45DB9 ] Filetrace C:\windows\system32\drivers\filetrace.sys
15:47:10.0109 4524 Filetrace - ok
15:47:10.0187 4524 [ 87907AA70CB3C56600F1C2FB8841579B ] flpydisk C:\windows\system32\DRIVERS\flpydisk.sys
15:47:10.0296 4524 flpydisk - ok
15:47:10.0421 4524 [ 7520EC808E0C35E0EE6F841294316653 ] FltMgr C:\windows\system32\drivers\fltmgr.sys
15:47:10.0467 4524 FltMgr - ok
15:47:10.0764 4524 [ B3A5EC6B6B6673DB7E87C2BCDBDDC074 ] FontCache C:\windows\system32\FntCache.dll
15:47:10.0935 4524 FontCache - ok
15:47:11.0138 4524 [ E56F39F6B7FDA0AC77A79B0FD3DE1A2F ] FontCache3.0.0.0 C:\windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe
15:47:11.0232 4524 FontCache3.0.0.0 - ok
15:47:11.0279 4524 [ 1A16B57943853E598CFF37FE2B8CBF1D ] FsDepends C:\windows\system32\drivers\FsDepends.sys
15:47:11.0294 4524 FsDepends - ok
15:47:11.0372 4524 [ 7DAE5EBCC80E45D3253F4923DC424D05 ] Fs_Rec C:\windows\system32\drivers\Fs_Rec.sys
15:47:11.0450 4524 Fs_Rec - ok
15:47:11.0684 4524 [ 8A73E79089B282100B9393B644CB853B ] fvevol C:\windows\system32\DRIVERS\fvevol.sys
15:47:11.0731 4524 fvevol - ok
15:47:12.0105 4524 [ 65EE0C7A58B65E74AE05637418153938 ] gagp30kx C:\windows\system32\DRIVERS\gagp30kx.sys
15:47:12.0199 4524 gagp30kx - ok
15:47:12.0464 4524 [ CE16683CFD11FE70BDE435DDA5EA1FCA ] GameConsoleService C:\Program Files\TOSHIBA Games\TOSHIBA Game Console\GameConsoleService.exe
15:47:12.0620 4524 GameConsoleService - ok
15:47:12.0729 4524 [ 185ADA973B5020655CEE342059A86CBB ] GEARAspiWDM C:\windows\system32\DRIVERS\GEARAspiWDM.sys
15:47:12.0761 4524 GEARAspiWDM - ok
15:47:13.0026 4524 [ E897EAF5ED6BA41E081060C9B447A673 ] gpsvc C:\windows\System32\gpsvc.dll
15:47:13.0073 4524 gpsvc - ok
15:47:13.0119 4524 [ C44E3C2BAB6837DB337DDEE7544736DB ] hcw85cir C:\windows\system32\drivers\hcw85cir.sys
15:47:13.0338 4524 hcw85cir - ok
15:47:13.0821 4524 [ A5EF29D5315111C80A5C1ABAD14C8972 ] HdAudAddService C:\windows\system32\drivers\HdAudio.sys
15:47:14.0133 4524 HdAudAddService - ok
15:47:14.0211 4524 [ 9036377B8A6C15DC2EEC53E489D159B5 ] HDAudBus C:\windows\system32\drivers\HDAudBus.sys
15:47:14.0352 4524 HDAudBus - ok
15:47:14.0539 4524 [ A88485DC6A7136C10D9A6C7E38FDFE3C ] HECI C:\windows\system32\DRIVERS\HECI.sys
15:47:14.0648 4524 HECI - ok
15:47:14.0726 4524 [ 1D58A7F3E11A9731D0EAAAA8405ACC36 ] HidBatt C:\windows\system32\DRIVERS\HidBatt.sys
15:47:15.0023 4524 HidBatt - ok
15:47:15.0085 4524 [ 89448F40E6DF260C206A193A4683BA78 ] HidBth C:\windows\system32\DRIVERS\hidbth.sys
15:47:15.0210 4524 HidBth - ok
15:47:15.0413 4524 [ CF50B4CF4A4F229B9F3C08351F99CA5E ] HidIr C:\windows\system32\DRIVERS\hidir.sys
15:47:15.0553 4524 HidIr - ok
15:47:15.0678 4524 [ 2BC6F6A1992B3A77F5F41432CA6B3B6B ] hidserv C:\windows\System32\hidserv.dll
15:47:15.0803 4524 hidserv - ok
15:47:15.0959 4524 [ 10C19F8290891AF023EAEC0832E1EB4D ] HidUsb C:\windows\system32\drivers\hidusb.sys
15:47:16.0068 4524 HidUsb - ok
15:47:16.0146 4524 [ 196B4E3F4CCCC24AF836CE58FACBB699 ] hkmsvc C:\windows\system32\kmsvc.dll
15:47:16.0255 4524 hkmsvc - ok
15:47:16.0458 4524 [ 6658F4404DE03D75FE3BA09F7ABA6A30 ] HomeGroupListener C:\windows\system32\ListSvc.dll
15:47:16.0598 4524 HomeGroupListener - ok
15:47:16.0817 4524 [ DBC02D918FFF1CAD628ACBE0C0EAA8E8 ] HomeGroupProvider C:\windows\system32\provsvc.dll
15:47:16.0910 4524 HomeGroupProvider - ok
15:47:17.0129 4524 [ 295FDC419039090EB8B49FFDBB374549 ] HpSAMD C:\windows\system32\drivers\HpSAMD.sys
15:47:17.0643 4524 HpSAMD - ok
15:47:18.0189 4524 [ 210388FD8225B02BD83D77628AAE64A9 ] HsfXAudioService C:\windows\system32\XAudio32.dll
15:47:18.0377 4524 HsfXAudioService - ok
15:47:18.0767 4524 [ 227C3BA25012752BB7450235392C719F ] HSF_DPV C:\windows\system32\DRIVERS\HSX_DPV.sys
15:47:18.0860 4524 HSF_DPV - ok
15:47:18.0923 4524 [ 4DF5C76302DC2F8F3465966C8426A292 ] HSXHWAZL C:\windows\system32\DRIVERS\HSXHWAZL.sys
15:47:18.0969 4524 HSXHWAZL - ok
15:47:19.0172 4524 [ 871917B07A141BFF43D76D8844D48106 ] HTTP C:\windows\system32\drivers\HTTP.sys
15:47:19.0250 4524 HTTP - ok
15:47:19.0453 4524 [ 0C4E035C7F105F1299258C90886C64C5 ] hwpolicy C:\windows\system32\drivers\hwpolicy.sys
15:47:19.0484 4524 hwpolicy - ok
15:47:19.0656 4524 [ F151F0BDC47F4A28B1B20A0818EA36D6 ] i8042prt C:\windows\system32\drivers\i8042prt.sys
15:47:19.0734 4524 i8042prt - ok
15:47:20.0030 4524 [ A5FFEB824E539C18CD23C32161AB55DB ] iaStor C:\windows\system32\DRIVERS\iaStor.sys
15:47:20.0093 4524 iaStor - ok
15:47:20.0592 4524 [ 5CD5F9A5444E6CDCB0AC89BD62D8B76E ] iaStorV C:\windows\system32\drivers\iaStorV.sys
15:47:21.0528 4524 iaStorV - ok
15:47:21.0762 4524 [ 1CF03C69B49ACB70C722DF92755C0C8C ] IDriverT C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
15:47:22.0027 4524 IDriverT ( UnsignedFile.Multi.Generic ) - warning
15:47:22.0027 4524 IDriverT - detected UnsignedFile.Multi.Generic (1)
15:47:22.0433 4524 [ C521D7EB6497BB1AF6AFA89E322FB43C ] idsvc C:\windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
15:47:23.0228 4524 idsvc - ok
15:47:27.0019 4524 [ B3A313080B0F73F4C8292290606FC15D ] igfx C:\windows\system32\DRIVERS\igdkmd32.sys
15:47:27.0768 4524 igfx - ok
15:47:27.0908 4524 [ 4173FF5708F3236CF25195FECD742915 ] iirsp C:\windows\system32\DRIVERS\iirsp.sys
15:47:28.0267 4524 iirsp - ok
15:47:29.0203 4524 [ F95622F161474511B8D80D6B093AA610 ] IKEEXT C:\windows\System32\ikeext.dll
15:47:29.0343 4524 IKEEXT - ok
15:47:29.0609 4524 [ 03C0D99BC2913226F1CEA7CB0D984659 ] Impcd C:\windows\system32\DRIVERS\Impcd.sys
15:47:29.0765 4524 Impcd - ok
15:47:29.0967 4524 [ A0F12F2C9BA6C72F3987CE780E77C130 ] intelide C:\windows\system32\drivers\intelide.sys
15:47:30.0186 4524 intelide - ok
15:47:30.0467 4524 [ 3B514D27BFC4ACCB4037BC6685F766E0 ] intelppm C:\windows\system32\DRIVERS\intelppm.sys
15:47:30.0560 4524 intelppm - ok
15:47:30.0701 4524 [ ACB364B9075A45C0736E5C47BE5CAE19 ] IPBusEnum C:\windows\system32\ipbusenum.dll
15:47:30.0888 4524 IPBusEnum - ok
15:47:30.0981 4524 [ 709D1761D3B19A932FF0238EA6D50200 ] IpFilterDriver C:\windows\system32\DRIVERS\ipfltdrv.sys
15:47:31.0325 4524 IpFilterDriver - ok
15:47:31.0715 4524 [ 58F67245D041FBE7AF88F4EAF79DF0FA ] iphlpsvc C:\windows\System32\iphlpsvc.dll
15:47:31.0933 4524 iphlpsvc - ok
15:47:32.0073 4524 [ 4BD7134618C1D2A27466A099062547BF ] IPMIDRV C:\windows\system32\drivers\IPMIDrv.sys
15:47:32.0432 4524 IPMIDRV - ok
15:47:32.0557 4524 [ A5FA468D67ABCDAA36264E463A7BB0CD ] IPNAT C:\windows\system32\drivers\ipnat.sys
15:47:32.0822 4524 IPNAT - ok
15:47:33.0727 4524 [ BC0EA61246F8D940FBC5F652D337D6BD ] iPod Service C:\Program Files\iPod\bin\iPodService.exe
15:47:33.0789 4524 iPod Service - ok
15:47:33.0930 4524 [ 42996CFF20A3084A56017B7902307E9F ] IRENUM C:\windows\system32\drivers\irenum.sys
15:47:34.0569 4524 IRENUM - ok
15:47:34.0694 4524 [ 1F32BB6B38F62F7DF1A7AB7292638A35 ] isapnp C:\windows\system32\drivers\isapnp.sys
15:47:34.0866 4524 isapnp - ok
15:47:35.0100 4524 [ CB7A9ABB12B8415BCE5D74994C7BA3AE ] iScsiPrt C:\windows\system32\drivers\msiscsi.sys
15:47:36.0348 4524 iScsiPrt - ok
15:47:36.0878 4524 [ 994EBB45C4B438E1F6EA0B958AE9B9A3 ] ivusb C:\windows\system32\DRIVERS\ivusb.sys
15:47:36.0987 4524 ivusb - ok
15:47:37.0237 4524 [ ADEF52CA1AEAE82B50DF86B56413107E ] kbdclass C:\windows\system32\drivers\kbdclass.sys
15:47:37.0284 4524 kbdclass - ok
15:47:37.0362 4524 [ 9E3CED91863E6EE98C24794D05E27A71 ] kbdhid C:\windows\system32\drivers\kbdhid.sys
15:47:37.0518 4524 kbdhid - ok
15:47:37.0580 4524 [ 81951F51E318AECC2D68559E47485CC4 ] KeyIso C:\windows\system32\lsass.exe
15:47:37.0611 4524 KeyIso - ok
15:47:37.0799 4524 [ B7895B4182C0D16F6EFADEB8081E8D36 ] KSecDD C:\windows\system32\Drivers\ksecdd.sys
15:47:37.0955 4524 KSecDD - ok
15:47:38.0048 4524 [ D30159AC9237519FBC62C6EC247D2D46 ] KSecPkg C:\windows\system32\Drivers\ksecpkg.sys
15:47:38.0220 4524 KSecPkg - ok
15:47:40.0482 4524 [ 89A7B9CC98D0D80C6F31B91C0A310FCD ] KtmRm C:\windows\system32\msdtckrm.dll
15:47:40.0841 4524 KtmRm - ok
15:47:41.0168 4524 [ B05ADCD03AAED42607371186F359D8A5 ] L1C C:\windows\system32\DRIVERS\L1C62x86.sys
15:47:41.0199 4524 L1C - ok
15:47:41.0402 4524 [ D64AF876D53ECA3668BB97B51B4E70AB ] LanmanServer C:\windows\System32\srvsvc.dll
15:47:41.0511 4524 LanmanServer - ok
15:47:41.0652 4524 [ 58405E4F68BA8E4057C6E914F326ABA2 ] LanmanWorkstation C:\windows\System32\wkssvc.dll
15:47:41.0777 4524 LanmanWorkstation - ok
15:47:42.0338 4524 [ F7611EC07349979DA9B0AE1F18CCC7A6 ] lltdio C:\windows\system32\DRIVERS\lltdio.sys
15:47:42.0479 4524 lltdio - ok
15:47:42.0884 4524 [ 5700673E13A2117FA3B9020C852C01E2 ] lltdsvc C:\windows\System32\lltdsvc.dll
15:47:43.0196 4524 lltdsvc - ok
15:47:43.0274 4524 [ 55CA01BA19D0006C8F2639B6C045E08B ] lmhosts C:\windows\System32\lmhsvc.dll
15:47:43.0430 4524 lmhosts - ok
15:47:44.0023 4524 [ DBC1136A62BD4DECC3632DF650284C2E ] LMS C:\Program Files\Intel\Intel® Management Engine Components\LMS\LMS.exe
15:47:44.0054 4524 LMS - ok
15:47:45.0021 4524 [ EB119A53CCF2ACC000AC71B065B78FEF ] LSI_FC C:\windows\system32\DRIVERS\lsi_fc.sys
15:47:45.0630 4524 LSI_FC - ok
15:47:46.0379 4524 [ 8ADE1C877256A22E49B75D1CC9161F9C ] LSI_SAS C:\windows\system32\DRIVERS\lsi_sas.sys
15:47:46.0550 4524 LSI_SAS - ok
15:47:46.0706 4524 [ DC9DC3D3DAA0E276FD2EC262E38B11E9 ] LSI_SAS2 C:\windows\system32\DRIVERS\lsi_sas2.sys
15:47:46.0862 4524 LSI_SAS2 - ok
15:47:46.0893 4524 [ 0A036C7D7CAB643A7F07135AC47E0524 ] LSI_SCSI C:\windows\system32\DRIVERS\lsi_scsi.sys
15:47:46.0987 4524 LSI_SCSI - ok
15:47:47.0003 4524 [ 6703E366CC18D3B6E534F5CF7DF39CEE ] luafv C:\windows\system32\drivers\luafv.sys
15:47:47.0049 4524 luafv - ok
15:47:47.0237 4524 [ 6490FE1B088C7199A9B6CE0E04A98A8B ] massfilter C:\windows\system32\drivers\massfilter.sys
15:47:47.0502 4524 massfilter - ok
15:47:47.0611 4524 [ BFB9EE8EE977EFE85D1A3105ABEF6DD1 ] Mcx2Svc C:\windows\system32\Mcx2Svc.dll
15:47:47.0720 4524 Mcx2Svc - ok
15:47:47.0767 4524 [ 0CEA2D0D3FA284B85ED5B68365114F76 ] mdmxsdk C:\windows\system32\DRIVERS\mdmxsdk.sys
15:47:47.0783 4524 mdmxsdk - ok
15:47:47.0970 4524 [ 0FFF5B045293002AB38EB1FD1FC2FB74 ] megasas C:\windows\system32\DRIVERS\megasas.sys
15:47:48.0126 4524 megasas - ok
15:47:48.0453 4524 [ DCBAB2920C75F390CAF1D29F675D03D6 ] MegaSR C:\windows\system32\DRIVERS\MegaSR.sys
15:47:49.0608 4524 MegaSR - ok
15:47:49.0733 4524 [ 146B6F43A673379A3C670E86D89BE5EA ] MMCSS C:\windows\system32\mmcss.dll
15:47:49.0842 4524 MMCSS - ok
15:47:49.0873 4524 [ F001861E5700EE84E2D4E52C712F4964 ] Modem C:\windows\system32\drivers\modem.sys
15:47:49.0982 4524 Modem - ok
15:47:50.0310 4524 [ 79D10964DE86B292320E9DFE02282A23 ] monitor C:\windows\system32\DRIVERS\monitor.sys
15:47:51.0230 4524 monitor - ok
15:47:51.0293 4524 [ FB18CC1D4C2E716B6B903B0AC0CC0609 ] mouclass C:\windows\system32\drivers\mouclass.sys
15:47:51.0339 4524 mouclass - ok
15:47:51.0542 4524 [ 2C388D2CD01C9042596CF3C8F3C7B24D ] mouhid C:\windows\system32\DRIVERS\mouhid.sys
15:47:51.0683 4524 mouhid - ok
15:47:51.0761 4524 [ FC8771F45ECCCFD89684E38842539B9B ] mountmgr C:\windows\system32\drivers\mountmgr.sys
15:47:51.0792 4524 mountmgr - ok
15:47:51.0839 4524 [ 2D699FB6E89CE0D8DA14ECC03B3EDFE0 ] mpio C:\windows\system32\drivers\mpio.sys
15:47:51.0979 4524 mpio - ok
15:47:52.0088 4524 [ AD2723A7B53DD1AACAE6AD8C0BFBF4D0 ] mpsdrv C:\windows\system32\drivers\mpsdrv.sys
15:47:52.0229 4524 mpsdrv - ok
15:47:52.0369 4524 [ 9835584E999D25004E1EE8E5F3E3B881 ] MpsSvc C:\windows\system32\mpssvc.dll
15:47:52.0463 4524 MpsSvc - ok
15:47:52.0525 4524 [ CEB46AB7C01C9F825F8CC6BABC18166A ] MRxDAV C:\windows\system32\drivers\mrxdav.sys
15:47:52.0634 4524 MRxDAV - ok
15:47:52.0775 4524 [ 5D16C921E3671636C0EBA3BBAAC5FD25 ] mrxsmb C:\windows\system32\DRIVERS\mrxsmb.sys
15:47:52.0837 4524 mrxsmb - ok
15:47:52.0993 4524 [ 6D17A4791ACA19328C685D256349FEFC ] mrxsmb10 C:\windows\system32\DRIVERS\mrxsmb10.sys
15:47:53.0024 4524 mrxsmb10 - ok
15:47:53.0055 4524 [ B81F204D146000BE76651A50670A5E9E ] mrxsmb20 C:\windows\system32\DRIVERS\mrxsmb20.sys
15:47:53.0118 4524 mrxsmb20 - ok
15:47:53.0227 4524 [ 012C5F4E9349E711E11E0F19A8589F0A ] msahci C:\windows\system32\drivers\msahci.sys
15:47:53.0274 4524 msahci - ok
15:47:53.0336 4524 [ 55055F8AD8BE27A64C831322A780A228 ] msdsm C:\windows\system32\drivers\msdsm.sys
15:47:53.0383 4524 msdsm - ok
15:47:53.0477 4524 [ E1BCE74A3BD9902B72599C0192A07E27 ] MSDTC C:\windows\System32\msdtc.exe
15:47:53.0570 4524 MSDTC - ok
15:47:53.0617 4524 [ DAEFB28E3AF5A76ABCC2C3078C07327F ] Msfs C:\windows\system32\drivers\Msfs.sys
15:47:53.0679 4524 Msfs - ok
15:47:53.0789 4524 [ 3E1E5767043C5AF9367F0056295E9F84 ] mshidkmdf C:\windows\System32\drivers\mshidkmdf.sys
15:47:53.0867 4524 mshidkmdf - ok
15:47:53.0960 4524 [ 0A4E5757AE09FA9622E3158CC1AEF114 ] msisadrv C:\windows\system32\drivers\msisadrv.sys
15:47:54.0054 4524 msisadrv - ok
15:47:54.0241 4524 [ 90F7D9E6B6F27E1A707D4A297F077828 ] MSiSCSI C:\windows\system32\iscsiexe.dll
15:47:54.0584 4524 MSiSCSI - ok
15:47:54.0584 4524 msiserver - ok
15:47:54.0818 4524 [ 8C0860D6366AAFFB6C5BB9DF9448E631 ] MSKSSRV C:\windows\system32\drivers\MSKSSRV.sys
15:47:55.0021 4524 MSKSSRV - ok
15:47:55.0099 4524 [ 3EA8B949F963562CEDBB549EAC0C11CE ] MSPCLOCK C:\windows\system32\drivers\MSPCLOCK.sys
15:47:55.0239 4524 MSPCLOCK - ok
15:47:55.0333 4524 [ F456E973590D663B1073E9C463B40932 ] MSPQM C:\windows\system32\drivers\MSPQM.sys
15:47:55.0489 4524 MSPQM - ok
15:47:55.0614 4524 [ 0E008FC4819D238C51D7C93E7B41E560 ] MsRPC C:\windows\system32\drivers\MsRPC.sys
15:47:55.0739 4524 MsRPC - ok
15:47:55.0817 4524 [ FC6B9FF600CC585EA38B12589BD4E246 ] mssmbios C:\windows\system32\drivers\mssmbios.sys
15:47:55.0863 4524 mssmbios - ok
15:47:56.0082 4524 MSSQL$MSSMLBIZ - ok
15:47:56.0285 4524 MSSQL$SQLEXPRESS - ok
15:47:56.0441 4524 [ 1D89EB4E2A99CABD4E81225F4F4C4B25 ] MSSQLServerADHelper c:\Program Files\Microsoft SQL Server\90\Shared\sqladhlp90.exe
15:47:56.0503 4524 MSSQLServerADHelper - ok
15:47:56.0643 4524 [ B42C6B921F61A6E55159B8BE6CD54A36 ] MSTEE C:\windows\system32\drivers\MSTEE.sys
15:47:56.0737 4524 MSTEE - ok
15:47:56.0784 4524 [ 33599130F44E1F34631CEA241DE8AC84 ] MTConfig C:\windows\system32\DRIVERS\MTConfig.sys
15:47:56.0846 4524 MTConfig - ok
15:47:56.0893 4524 [ 159FAD02F64E6381758C990F753BCC80 ] Mup C:\windows\system32\Drivers\mup.sys
15:47:56.0924 4524 Mup - ok
15:47:57.0018 4524 [ 61D57A5D7C6D9AFE10E77DAE6E1B445E ] napagent C:\windows\system32\qagentRT.dll
15:47:57.0111 4524 napagent - ok
15:47:57.0299 4524 [ 26384429FCD85D83746F63E798AB1480 ] NativeWifiP C:\windows\system32\DRIVERS\nwifi.sys
15:47:57.0345 4524 NativeWifiP - ok
15:47:58.0281 4524 [ C0C326C4957D1027B757769B4D9271BB ] NBService C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe
15:47:59.0186 4524 NBService - ok
15:47:59.0576 4524 [ 8C9C922D71F1CD4DEF73F186416B7896 ] NDIS C:\windows\system32\drivers\ndis.sys
15:47:59.0654 4524 NDIS - ok
15:47:59.0888 4524 [ 0E1787AA6C9191D3D319E8BAFE86F80C ] NdisCap C:\windows\system32\DRIVERS\ndiscap.sys
15:48:00.0107 4524 NdisCap - ok
15:48:00.0216 4524 [ E4A8AEC125A2E43A9E32AFEEA7C9C888 ] NdisTapi C:\windows\system32\DRIVERS\ndistapi.sys
15:48:00.0325 4524 NdisTapi - ok
15:48:00.0481 4524 [ D8A65DAFB3EB41CBB622745676FCD072 ] Ndisuio C:\windows\system32\DRIVERS\ndisuio.sys
15:48:00.0575 4524 Ndisuio - ok
15:48:00.0653 4524 [ 38FBE267E7E6983311179230FACB1017 ] NdisWan C:\windows\system32\DRIVERS\ndiswan.sys
15:48:00.0731 4524 NdisWan - ok
15:48:00.0840 4524 [ A4BDC541E69674FBFF1A8FF00BE913F2 ] NDProxy C:\windows\system32\drivers\NDProxy.sys
15:48:00.0965 4524 NDProxy - ok
15:48:01.0043 4524 [ 80B275B1CE3B0E79909DB7B39AF74D51 ] NetBIOS C:\windows\system32\DRIVERS\netbios.sys
15:48:01.0136 4524 NetBIOS - ok
15:48:01.0292 4524 [ 280122DDCF04B378EDD1AD54D71C1E54 ] NetBT C:\windows\system32\DRIVERS\netbt.sys
15:48:01.0355 4524 NetBT - ok
15:48:01.0401 4524 [ 81951F51E318AECC2D68559E47485CC4 ] Netlogon C:\windows\system32\lsass.exe
15:48:01.0433 4524 Netlogon - ok
15:48:01.0713 4524 [ 7CCCFCA7510684768DA22092D1FA4DB2 ] Netman C:\windows\System32\netman.dll
15:48:01.0776 4524 Netman - ok
15:48:02.0025 4524 [ 8C338238C16777A802D6A9211EB2BA50 ] netprofm C:\windows\System32\netprofm.dll
15:48:02.0119 4524 netprofm - ok
15:48:02.0181 4524 [ F476EC40033CDB91EFBE73EB99B8362D ] NetTcpPortSharing C:\windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe
15:48:02.0306 4524 NetTcpPortSharing - ok
15:48:02.0447 4524 [ 1D85C4B390B0EE09C7A46B91EFB2C097 ] nfrd960 C:\windows\system32\DRIVERS\nfrd960.sys
15:48:02.0556 4524 nfrd960 - ok
15:48:02.0696 4524 [ 374071043F9E4231EE43BE2BB48DD36D ] NlaSvc C:\windows\System32\nlasvc.dll
15:48:02.0790 4524 NlaSvc - ok
15:48:03.0273 4524 [ D003B59B1A1522308B55462CA866E4D2 ] NMIndexingService C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe
15:48:03.0289 4524 NMIndexingService - ok
15:48:03.0336 4524 Norton PC Checkup Application Launcher - ok
15:48:03.0383 4524 [ 1DB262A9F8C087E8153D89BEF3D2235F ] Npfs C:\windows\system32\drivers\Npfs.sys
15:48:13.0304 4524 Npfs - ok
15:48:13.0491 4524 [ BA387E955E890C8A88306D9B8D06BF17 ] nsi C:\windows\system32\nsisvc.dll
15:48:13.0569 4524 nsi - ok
15:48:13.0632 4524 [ E9A0A4D07E53D8FEA2BB8387A3293C58 ] nsiproxy C:\windows\system32\drivers\nsiproxy.sys
15:48:13.0710 4524 nsiproxy - ok
15:48:14.0147 4524 [ 0D87503986BB3DFED58E343FE39DDE13 ] Ntfs C:\windows\system32\drivers\Ntfs.sys
15:48:15.0488 4524 Ntfs - ok
15:48:15.0551 4524 [ F9756A98D69098DCA8945D62858A812C ] Null C:\windows\system32\drivers\Null.sys
15:48:15.0613 4524 Null - ok
15:48:15.0785 4524 [ B3E25EE28883877076E0E1FF877D02E0 ] nvraid C:\windows\system32\drivers\nvraid.sys
15:48:16.0081 4524 nvraid - ok
15:48:16.0331 4524 [ 4380E59A170D88C4F1022EFF6719A8A4 ] nvstor C:\windows\system32\drivers\nvstor.sys
15:48:16.0627 4524 nvstor - ok
15:48:16.0705 4524 [ 5A0983915F02BAE73267CC2A041F717D ] nv_agp C:\windows\system32\drivers\nv_agp.sys
15:48:16.0955 4524 nv_agp - ok
15:48:17.0095 4524 [ 08A70A1F2CDDE9BB49B885CB817A66EB ] ohci1394 C:\windows\system32\drivers\ohci1394.sys
15:48:17.0282 4524 ohci1394 - ok
15:48:17.0579 4524 [ 9D10F99A6712E28F8ACD5641E3A7EA6B ] ose C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
15:48:17.0766 4524 ose - ok
15:48:18.0234 4524 [ 358A9CCA612C68EB2F07DDAD4CE1D8D7 ] osppsvc C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
15:48:18.0764 4524 osppsvc - ok
15:48:18.0811 4524 [ 82A8521DDC60710C3D3D3E7325209BEC ] p2pimsvc C:\windows\system32\pnrpsvc.dll
15:48:28.0015 4524 p2pimsvc - ok
15:48:28.0046 4524 [ 59C3DDD501E39E006DAC31BF55150D91 ] p2psvc C:\windows\system32\p2psvc.dll
15:48:33.0101 4524 p2psvc - ok
15:48:33.0163 4524 [ 2EA877ED5DD9713C5AC74E8EA7348D14 ] Parport C:\windows\system32\DRIVERS\parport.sys
15:48:38.0171 4524 Parport - ok
15:48:38.0264 4524 [ 3F34A1B4C5F6475F320C275E63AFCE9B ] partmgr C:\windows\system32\drivers\partmgr.sys
15:48:38.0295 4524 partmgr - ok
15:48:38.0327 4524 [ EB0A59F29C19B86479D36B35983DAADC ] Parvdm C:\windows\system32\DRIVERS\parvdm.sys
15:48:43.0365 4524 Parvdm - ok
15:48:43.0506 4524 [ 358AB7956D3160000726574083DFC8A6 ] PcaSvc C:\windows\System32\pcasvc.dll
15:48:43.0553 4524 PcaSvc - ok
15:48:43.0646 4524 [ 2F86BE1818C2D7AC90478E3323EE7FCB ] PCCUJobMgr C:\Program Files\Norton PC Checkup\Engine\2.0.3.202\ccSvcHst.exe
15:48:43.0693 4524 PCCUJobMgr - ok
15:48:43.0833 4524 [ 673E55C3498EB970088E812EA820AA8F ] pci C:\windows\system32\drivers\pci.sys
15:48:43.0974 4524 pci - ok
15:48:44.0052 4524 [ AFE86F419014DB4E5593F69FFE26CE0A ] pciide C:\windows\system32\drivers\pciide.sys
15:48:44.0130 4524 pciide - ok
15:48:44.0333 4524 [ F396431B31693E71E8A80687EF523506 ] pcmcia C:\windows\system32\DRIVERS\pcmcia.sys
15:48:44.0661 4524 pcmcia - ok
15:48:44.0739 4524 [ 250F6B43D2B613172035C6747AEEB19F ] pcw C:\windows\system32\drivers\pcw.sys
15:48:44.0864 4524 pcw - ok
15:48:45.0176 4524 [ 9E0104BA49F4E6973749A02BF41344ED ] PEAUTH C:\windows\system32\drivers\peauth.sys
15:48:45.0285 4524 PEAUTH - ok
15:48:45.0519 4524 [ 1B5011DD8D57F53AED31FF0F7D635802 ] PGEffect C:\windows\system32\DRIVERS\pgeffect.sys
15:48:45.0675 4524 PGEffect - ok
15:48:46.0330 4524 [ 414BBA67A3DED1D28437EB66AEB8A720 ] pla C:\windows\system32\pla.dll
15:48:46.0455 4524 pla - ok
15:48:46.0689 4524 [ EC7BC28D207DA09E79B3E9FAF8B232CA ] PlugPlay C:\windows\system32\umpnpmgr.dll
15:48:46.0783 4524 PlugPlay - ok
15:48:46.0876 4524 [ 63FF8572611249931EB16BB8EED6AFC8 ] PNRPAutoReg C:\windows\system32\pnrpauto.dll
15:48:46.0954 4524 PNRPAutoReg - ok
15:48:46.0970 4524 [ 82A8521DDC60710C3D3D3E7325209BEC ] PNRPsvc C:\windows\system32\pnrpsvc.dll
15:48:47.0001 4524 PNRPsvc - ok
15:48:47.0095 4524 [ 53946B69BA0836BD95B03759530C81EC ] PolicyAgent C:\windows\System32\ipsecsvc.dll
15:48:47.0204 4524 PolicyAgent - ok
15:48:47.0251 4524 [ F87D30E72E03D579A5199CCB3831D6EA ] Power C:\windows\system32\umpo.dll
15:48:47.0313 4524 Power - ok
15:48:47.0376 4524 [ 631E3E205AD6D86F2AED6A4A8E69F2DB ] PptpMiniport C:\windows\system32\DRIVERS\raspptp.sys
15:48:47.0407 4524 PptpMiniport - ok
15:48:47.0423 4524 [ 85B1E3A0C7585BC4AAE6899EC6FCF011 ] Processor C:\windows\system32\DRIVERS\processr.sys
15:48:47.0469 4524 Processor - ok
15:48:47.0657 4524 [ CADEFAC453040E370A1BDFF3973BE00D ] ProfSvc C:\windows\system32\profsvc.dll
15:48:47.0750 4524 ProfSvc - ok
15:48:47.0781 4524 [ 81951F51E318AECC2D68559E47485CC4 ] ProtectedStorage C:\windows\system32\lsass.exe
15:48:47.0797 4524 ProtectedStorage - ok
15:48:47.0891 4524 [ 6270CCAE2A86DE6D146529FE55B3246A ] Psched C:\windows\system32\DRIVERS\pacer.sys
15:48:47.0953 4524 Psched - ok
15:48:48.0015 4524 [ A0DB243AF3A2E427C172AF2BBA325473 ] QIOMem C:\windows\system32\DRIVERS\QIOMem.sys
15:48:48.0078 4524 QIOMem - ok
15:48:48.0468 4524 [ AB95ECF1F6659A60DDC166D8315B0751 ] ql2300 C:\windows\system32\DRIVERS\ql2300.sys
15:48:48.0561 4524 ql2300 - ok
15:48:48.0608 4524 [ B4DD51DD25182244B86737DC51AF2270 ] ql40xx C:\windows\system32\DRIVERS\ql40xx.sys
15:48:48.0702 4524 ql40xx - ok
15:48:48.0780 4524 [ 31AC809E7707EB580B2BDB760390765A ] QWAVE C:\windows\system32\qwave.dll
15:48:48.0827 4524 QWAVE - ok
15:48:48.0858 4524 [ 584078CA1B95CA72DF2A27C336F9719D ] QWAVEdrv C:\windows\system32\drivers\qwavedrv.sys
15:48:48.0905 4524 QWAVEdrv - ok
15:48:48.0983 4524 [ 30A81B53C766D0133BB86D234E5556AB ] RasAcd C:\windows\system32\DRIVERS\rasacd.sys
15:48:49.0139 4524 RasAcd - ok
15:48:49.0263 4524 [ 57EC4AEF73660166074D8F7F31C0D4FD ] RasAgileVpn C:\windows\system32\DRIVERS\AgileVpn.sys
15:48:49.0373 4524 RasAgileVpn - ok
15:48:49.0419 4524 [ A60F1839849C0C00739787FD5EC03F13 ] RasAuto C:\windows\System32\rasauto.dll
15:48:49.0482 4524 RasAuto - ok
15:48:49.0560 4524 [ D9F91EAFEC2815365CBE6D167E4E332A ] Rasl2tp C:\windows\system32\DRIVERS\rasl2tp.sys
15:48:49.0669 4524 Rasl2tp - ok
15:48:49.0856 4524 [ CB9E04DC05EACF5B9A36CA276D475006 ] RasMan C:\windows\System32\rasmans.dll
15:48:49.0934 4524 RasMan - ok
15:48:50.0028 4524 [ 0FE8B15916307A6AC12BFB6A63E45507 ] RasPppoe C:\windows\system32\DRIVERS\raspppoe.sys
15:48:50.0075 4524 RasPppoe - ok
15:48:50.0153 4524 [ 44101F495A83EA6401D886E7FD70096B ] RasSstp C:\windows\system32\DRIVERS\rassstp.sys
15:48:50.0231 4524 RasSstp - ok
15:48:50.0355 4524 [ D528BC58A489409BA40334EBF96A311B ] rdbss C:\windows\system32\DRIVERS\rdbss.sys
15:48:50.0418 4524 rdbss - ok
15:48:50.0480 4524 [ 0D8F05481CB76E70E1DA06EE9F0DA9DF ] rdpbus C:\windows\system32\DRIVERS\rdpbus.sys
15:48:50.0605 4524 rdpbus - ok
15:48:50.0652 4524 [ 23DAE03F29D253AE74C44F99E515F9A1 ] RDPCDD C:\windows\system32\DRIVERS\RDPCDD.sys
15:48:50.0761 4524 RDPCDD - ok
15:48:50.0808 4524 [ 5A53CA1598DD4156D44196D200C94B8A ] RDPENCDD C:\windows\system32\drivers\rdpencdd.sys
15:48:50.0870 4524 RDPENCDD - ok
15:48:50.0901 4524 [ 44B0A53CD4F27D50ED461DAE0C0B4E1F ] RDPREFMP C:\windows\system32\drivers\rdprefmp.sys
15:48:50.0964 4524 RDPREFMP - ok
15:48:51.0026 4524 [ F031683E6D1FEA157ABB2FF260B51E61 ] RDPWD C:\windows\system32\drivers\RDPWD.sys
15:48:51.0135 4524 RDPWD - ok
15:48:51.0245 4524 [ 518395321DC96FE2C9F0E96AC743B656 ] rdyboost C:\windows\system32\drivers\rdyboost.sys
15:48:51.0307 4524 rdyboost - ok
15:48:51.0401 4524 [ 7B5E1419717FAC363A31CC302895217A ] RemoteAccess C:\windows\System32\mprdim.dll
15:48:51.0494 4524 RemoteAccess - ok
15:48:51.0588 4524 [ CB9A8683F4EF2BF99E123D79950D7935 ] RemoteRegistry C:\windows\system32\regsvc.dll
15:48:51.0650 4524 RemoteRegistry - ok
15:48:51.0744 4524 [ 78D072F35BC45D9E4E1B61895C152234 ] RpcEptMapper C:\windows\System32\RpcEpMap.dll
15:48:51.0791 4524 RpcEptMapper - ok
15:48:51.0853 4524 [ 94D36C0E44677DD26981D2BFEEF2A29D ] RpcLocator C:\windows\system32\locator.exe
15:48:51.0900 4524 RpcLocator - ok
15:48:52.0071 4524 [ 7660F01D3B38ACA1747E397D21D790AF ] RpcSs C:\windows\system32\rpcss.dll
15:48:52.0134 4524 RpcSs - ok
15:48:52.0243 4524 [ 032B0D36AD92B582D869879F5AF5B928 ] rspndr C:\windows\system32\DRIVERS\rspndr.sys
15:48:52.0383 4524 rspndr - ok
15:48:52.0602 4524 [ 867BEB23207BA425C85293BB0D3EA971 ] RSUSBSTOR C:\windows\system32\Drivers\RtsUStor.sys
15:48:52.0742 4524 RSUSBSTOR - ok
15:48:53.0304 4524 [ 44B7739F2D623AD6FB46755BB60351A4 ] rtl8192se C:\windows\system32\DRIVERS\rtl8192se.sys
15:48:53.0475 4524 rtl8192se - ok
15:48:53.0522 4524 [ 81951F51E318AECC2D68559E47485CC4 ] SamSs C:\windows\system32\lsass.exe
15:48:53.0538 4524 SamSs - ok
15:48:53.0694 4524 [ 05D860DA1040F111503AC416CCEF2BCA ] sbp2port C:\windows\system32\drivers\sbp2port.sys
15:48:53.0865 4524 sbp2port - ok
15:48:54.0021 4524 [ 8FC518FFE9519C2631D37515A68009C4 ] SCardSvr C:\windows\System32\SCardSvr.dll
15:48:54.0068 4524 SCardSvr - ok
15:48:54.0131 4524 [ 0693B5EC673E34DC147E195779A4DCF6 ] scfilter C:\windows\system32\DRIVERS\scfilter.sys
15:48:54.0209 4524 scfilter - ok
15:48:54.0505 4524 [ A04BB13F8A72F8B6E8B4071723E4E336 ] Schedule C:\windows\system32\schedsvc.dll
15:48:54.0599 4524 Schedule - ok
15:48:54.0614 4524 [ 319C6B309773D063541D01DF8AC6F55F ] SCPolicySvc C:\windows\System32\certprop.dll
15:48:54.0677 4524 SCPolicySvc - ok
15:48:54.0739 4524 [ 08236C4BCE5EDD0A0318A438AF28E0F7 ] SDRSVC C:\windows\System32\SDRSVC.dll
15:48:54.0864 4524 SDRSVC - ok
15:48:54.0973 4524 SeaPort - ok
15:48:55.0098 4524 [ 90A3935D05B494A5A39D37E71F09A677 ] secdrv C:\windows\system32\drivers\secdrv.sys
15:48:55.0223 4524 secdrv - ok
15:48:55.0285 4524 [ A59B3A4442C52060CC7A85293AA3546F ] seclogon C:\windows\system32\seclogon.dll
15:48:55.0425 4524 seclogon - ok
15:48:55.0550 4524 [ DCB7FCDCC97F87360F75D77425B81737 ] SENS C:\windows\system32\sens.dll
15:48:55.0597 4524 SENS - ok
15:48:55.0659 4524 [ 50087FE1EE447009C9CC2997B90DE53F ] SensrSvc C:\windows\system32\sensrsvc.dll
15:48:55.0769 4524 SensrSvc - ok
15:48:55.0847 4524 [ 9AD8B8B515E3DF6ACD4212EF465DE2D1 ] Serenum C:\windows\system32\DRIVERS\serenum.sys
15:48:55.0893 4524 Serenum - ok
15:48:55.0940 4524 [ 5FB7FCEA0490D821F26F39CC5EA3D1E2 ] Serial C:\windows\system32\DRIVERS\serial.sys
15:48:56.0112 4524 Serial - ok
15:48:56.0283 4524 [ 79BFFB520327FF916A582DFEA17AA813 ] sermouse C:\windows\system32\DRIVERS\sermouse.sys
15:48:56.0486 4524 sermouse - ok
15:48:56.0642 4524 [ 4AE380F39A0032EAB7DD953030B26D28 ] SessionEnv C:\windows\system32\sessenv.dll
15:48:56.0705 4524 SessionEnv - ok
15:48:56.0751 4524 [ 9F976E1EB233DF46FCE808D9DEA3EB9C ] sffdisk C:\windows\system32\drivers\sffdisk.sys
15:48:56.0814 4524 sffdisk - ok
15:48:56.0829 4524 [ 932A68EE27833CFD57C1639D375F2731 ] sffp_mmc C:\windows\system32\drivers\sffp_mmc.sys
15:48:56.0892 4524 sffp_mmc - ok
15:48:56.0892 4524 [ 6D4CCAEDC018F1CF52866BBBAA235982 ] sffp_sd C:\windows\system32\drivers\sffp_sd.sys
15:48:56.0939 4524 sffp_sd - ok
15:48:56.0985 4524 [ DB96666CC8312EBC45032F30B007A547 ] sfloppy C:\windows\system32\DRIVERS\sfloppy.sys
15:48:57.0048 4524 sfloppy - ok
15:48:57.0188 4524 [ D1A079A0DE2EA524513B6930C24527A2 ] SharedAccess C:\windows\System32\ipnathlp.dll
15:48:57.0251 4524 SharedAccess - ok
15:48:57.0297 4524 [ 414DA952A35BF5D50192E28263B40577 ] ShellHWDetection C:\windows\System32\shsvcs.dll
15:48:57.0375 4524 ShellHWDetection - ok
15:48:57.0453 4524 [ 2565CAC0DC9FE0371BDCE60832582B2E ] sisagp C:\windows\system32\drivers\sisagp.sys
15:48:57.0500 4524 sisagp - ok
15:48:57.0609 4524 [ A9F0486851BECB6DDA1D89D381E71055 ] SiSRaid2 C:\windows\system32\DRIVERS\SiSRaid2.sys
15:48:57.0734 4524 SiSRaid2 - ok
15:48:57.0765 4524 [ 3727097B55738E2F554972C3BE5BC1AA ] SiSRaid4 C:\windows\system32\DRIVERS\sisraid4.sys
15:48:57.0875 4524 SiSRaid4 - ok
15:48:58.0155 4524 [ F07AF60B152221472FBDB2FECEC4896D ] SkypeUpdate C:\Program Files\Skype\Updater\Updater.exe
15:48:58.0389 4524 SkypeUpdate - ok
15:48:58.0499 4524 [ 3E21C083B8A01CB70BA1F09303010FCE ] Smb C:\windows\system32\DRIVERS\smb.sys
15:48:58.0686 4524 Smb - ok
15:48:58.0920 4524 [ 6A984831644ECA1A33FFEAE4126F4F37 ] SNMPTRAP C:\windows\System32\snmptrap.exe
15:48:58.0967 4524 SNMPTRAP - ok
15:48:59.0123 4524 [ 95CF1AE7527FB70F7816563CBC09D942 ] spldr C:\windows\system32\drivers\spldr.sys
15:48:59.0154 4524 spldr - ok
15:48:59.0325 4524 [ 9AEA093B8F9C37CF45538382CABA2475 ] Spooler C:\windows\System32\spoolsv.exe
15:48:59.0388 4524 Spooler - ok
15:48:59.0513 4524 [ CF87A1DE791347E75B98885214CED2B8 ] sppsvc C:\windows\system32\sppsvc.exe
15:48:59.0575 4524 sppsvc - ok
15:48:59.0637 4524 [ B0180B20B065D89232A78A40FE56EAA6 ] sppuinotify C:\windows\system32\sppuinotify.dll
15:48:59.0731 4524 sppuinotify - ok
15:48:59.0778 4524 [ 86EBD8B1F23E743AAD21F4D5B4D40985 ] SQLBrowser c:\Program Files\Microsoft SQL Server\90\Shared\sqlbrowser.exe
15:48:59.0809 4524 SQLBrowser - ok
15:48:59.0840 4524 [ D89083C4EB02DACA8F944B0E05E57F9D ] SQLWriter c:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
15:48:59.0871 4524 SQLWriter - ok
15:48:59.0934 4524 [ E4C2764065D66EA1D2D3EBC28FE99C46 ] srv C:\windows\system32\DRIVERS\srv.sys
15:49:00.0059 4524 srv - ok
15:49:00.0105 4524 [ 03F0545BD8D4C77FA0AE1CEEDFCC71AB ] srv2 C:\windows\system32\DRIVERS\srv2.sys
15:49:00.0199 4524 srv2 - ok
15:49:00.0417 4524 [ E00FDFAFF025E94F9821153750C35A6D ] SrvHsfHDA C:\windows\system32\DRIVERS\VSTAZL3.SYS
15:49:00.0636 4524 SrvHsfHDA - ok
15:49:00.0776 4524 [ CEB4E3B6890E1E42DCA6694D9E59E1A0 ] SrvHsfV92 C:\windows\system32\DRIVERS\VSTDPV3.SYS
15:49:01.0821 4524 SrvHsfV92 - ok
15:49:01.0931 4524 [ BC0C7EA89194C299F051C24119000E17 ] SrvHsfWinac C:\windows\system32\DRIVERS\VSTCNXT3.SYS
15:49:02.0024 4524 SrvHsfWinac - ok
15:49:02.0087 4524 [ BE6BD660CAA6F291AE06A718A4FA8ABC ] srvnet C:\windows\system32\DRIVERS\srvnet.sys
15:49:02.0149 4524 srvnet - ok
15:49:02.0243 4524 [ D887C9FD02AC9FA880F6E5027A43E118 ] SSDPSRV C:\windows\System32\ssdpsrv.dll
15:49:02.0289 4524 SSDPSRV - ok
15:49:02.0321 4524 [ D318F23BE45D5E3A107469EB64815B50 ] SstpSvc C:\windows\system32\sstpsvc.dll
15:49:02.0383 4524 SstpSvc - ok
15:49:02.0461 4524 [ DB32D325C192B801DF274BFD12A7E72B ] stexstor C:\windows\system32\DRIVERS\stexstor.sys
15:49:02.0523 4524 stexstor - ok
15:49:02.0633 4524 [ E1FB3706030FB4578A0D72C2FC3689E4 ] StiSvc C:\windows\System32\wiaservc.dll
15:49:02.0679 4524 StiSvc - ok
15:49:02.0757 4524 [ E58C78A848ADD9610A4DB6D214AF5224 ] swenum C:\windows\system32\drivers\swenum.sys
15:49:02.0773 4524 swenum - ok
15:49:02.0913 4524 [ A28BD92DF340E57B024BA433165D34D7 ] swprv C:\windows\System32\swprv.dll
15:49:03.0023 4524 swprv - ok
15:49:03.0288 4524 [ 9A28F1C47CE0C8BBC02AAF5941AB44CD ] SynTP C:\windows\system32\DRIVERS\SynTP.sys
15:49:03.0335 4524 SynTP - ok
15:49:03.0787 4524 [ 36650D618CA34C9D357DFD3D89B2C56F ] SysMain C:\windows\system32\sysmain.dll
15:49:03.0849 4524 SysMain - ok
15:49:03.0943 4524 [ 763FECDC3D30C815FE72DD57936C6CD1 ] TabletInputService C:\windows\System32\TabSvc.dll
15:49:03.0990 4524 TabletInputService - ok
15:49:04.0052 4524 [ 613BF4820361543956909043A265C6AC ] TapiSrv C:\windows\System32\tapisrv.dll
15:49:04.0115 4524 TapiSrv - ok
15:49:04.0161 4524 [ B799D9FDB26111737F58288D8DC172D9 ] TBS C:\windows\System32\tbssvc.dll
15:49:04.0239 4524 TBS - ok
15:49:04.0505 4524 [ E23A56F843E2AEBBB209D0ACCA73C640 ] Tcpip C:\windows\system32\drivers\tcpip.sys
15:49:04.0661 4524 Tcpip - ok
15:49:04.0895 4524 [ E23A56F843E2AEBBB209D0ACCA73C640 ] TCPIP6 C:\windows\system32\DRIVERS\tcpip.sys
15:49:04.0957 4524 TCPIP6 - ok
15:49:05.0238 4524 [ 3EEBD3BD93DA46A26E89893C7AB2FF3B ] tcpipreg C:\windows\system32\drivers\tcpipreg.sys
15:49:05.0347 4524 tcpipreg - ok
15:49:05.0441 4524 [ 4084EA00D50C858D6F9038F86AE2E2D0 ] tdcmdpst C:\windows\system32\DRIVERS\tdcmdpst.sys
15:49:05.0472 4524 tdcmdpst - ok
15:49:05.0565 4524 [ 1CB91B2BD8F6DD367DFC2EF26FD751B2 ] TDPIPE C:\windows\system32\drivers\tdpipe.sys
15:49:05.0784 4524 TDPIPE - ok
15:49:05.0862 4524 [ 2C2C5AFE7EE4F620D69C23C0617651A8 ] TDTCP C:\windows\system32\drivers\tdtcp.sys
15:49:06.0002 4524 TDTCP - ok
15:49:06.0096 4524 [ B459575348C20E8121D6039DA063C704 ] tdx C:\windows\system32\DRIVERS\tdx.sys
15:49:06.0205 4524 tdx - ok
15:49:06.0299 4524 [ 04DBF4B01EA4BF25A9A3E84AFFAC9B20 ] TermDD C:\windows\system32\drivers\termdd.sys
15:49:06.0330 4524 TermDD - ok
15:49:06.0533 4524 [ 382C804C92811BE57829D8E550A900E2 ] TermService C:\windows\System32\termsrv.dll
15:49:06.0595 4524 TermService - ok
15:49:06.0673 4524 [ 42FB6AFD6B79D9FE07381609172E7CA4 ] Themes C:\windows\system32\themeservice.dll
15:49:06.0720 4524 Themes - ok
15:49:06.0735 4524 [ 146B6F43A673379A3C670E86D89BE5EA ] THREADORDER C:\windows\system32\mmcss.dll
15:49:06.0813 4524 THREADORDER - ok
15:49:06.0891 4524 [ 28644B0523D64EFF2FC7312A2EE74B0A ] TMachInfo C:\Program Files\TOSHIBA\TOSHIBA Service Station\TMachInfo.exe
15:49:06.0923 4524 TMachInfo - ok
15:49:07.0110 4524 [ FB5DFD175E3BE936D87CCBA4A2B0EAAD ] tmactmon C:\windows\system32\DRIVERS\tmactmon.sys
15:49:07.0125 4524 tmactmon - ok
15:49:07.0266 4524 [ 20AC031A8E2AC58EC9F04BD728071D43 ] tmcomm C:\windows\system32\DRIVERS\tmcomm.sys
15:49:07.0297 4524 tmcomm - ok
15:49:07.0422 4524 [ 96132CF615891C05494F5321C8245086 ] tmevtmgr C:\windows\system32\DRIVERS\tmevtmgr.sys
15:49:07.0453 4524 tmevtmgr - ok
15:49:07.0640 4524 [ A6E20B094A8D3E3F46D10BBE7E1EBB82 ] tmtdi C:\windows\system32\DRIVERS\tmtdi.sys
15:49:07.0671 4524 tmtdi - ok
15:49:07.0718 4524 [ FE65D33B7D4FF07DD1D29526A48DF810 ] TODDSrv C:\windows\system32\TODDSrv.exe
15:49:07.0749 4524 TODDSrv - ok
15:49:08.0030 4524 [ 85EDF7A274435E4DF051BB23F8E01581 ] TosCoSrv C:\Program Files\Toshiba\Power Saver\TosCoSrv.exe
15:49:08.0061 4524 TosCoSrv - ok
15:49:08.0217 4524 [ C0137AFD260FCA1FD5B754B880A1238C ] TOSHIBA eco Utility Service C:\Program Files\TOSHIBA\TECO\TecoService.exe
15:49:08.0280 4524 TOSHIBA eco Utility Service ( UnsignedFile.Multi.Generic ) - warning
15:49:08.0280 4524 TOSHIBA eco Utility Service - detected UnsignedFile.Multi.Generic (1)
15:49:08.0436 4524 [ 991E324DC137402148E01C2269632C6B ] TOSHIBA HDD SSD Alert Service C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSmartSrv.exe
15:49:08.0451 4524 TOSHIBA HDD SSD Alert Service - ok
15:49:08.0763 4524 [ 7A3015457209333D5D08FF10A8F0C120 ] TPCHSrv C:\Program Files\TOSHIBA\TPHM\TPCHSrv.exe
15:49:08.0795 4524 TPCHSrv - ok
15:49:08.0935 4524 [ 4792C0378DB99A9BC2AE2DE6CFFF0C3A ] TrkWks C:\windows\System32\trkwks.dll
15:49:08.0997 4524 TrkWks - ok
15:49:09.0247 4524 [ 2C49B175AEE1D4364B91B531417FE583 ] TrustedInstaller C:\windows\servicing\TrustedInstaller.exe
15:49:09.0294 4524 TrustedInstaller - ok
15:49:09.0387 4524 [ 254BB140EEE3C59D6114C1A86B636877 ] tssecsrv C:\windows\system32\DRIVERS\tssecsrv.sys
15:49:09.0450 4524 tssecsrv - ok
15:49:09.0528 4524 [ FD1D6C73E6333BE727CBCC6054247654 ] TsUsbFlt C:\windows\system32\drivers\tsusbflt.sys
15:49:09.0637 4524 TsUsbFlt - ok
15:49:09.0793 4524 [ B2FA25D9B17A68BB93D58B0556E8C90D ] tunnel C:\windows\system32\DRIVERS\tunnel.sys
15:49:09.0902 4524 tunnel - ok
15:49:09.0980 4524 [ FC24015B4052600C324C43E3A79C0664 ] TVALZ C:\windows\system32\DRIVERS\TVALZ_O.SYS
15:49:10.0027 4524 TVALZ - ok
15:49:10.0152 4524 [ 866462F5AE3F375EF83EF9DCE436031C ] TVALZFL C:\windows\system32\DRIVERS\TVALZFL.sys
15:49:10.0183 4524 TVALZFL - ok
15:49:10.0277 4524 [ 750FBCB269F4D7DD2E420C56B795DB6D ] uagp35 C:\windows\system32\DRIVERS\uagp35.sys
15:49:10.0308 4524 uagp35 - ok
15:49:10.0401 4524 [ EE43346C7E4B5E63E54F927BABBB32FF ] udfs C:\windows\system32\DRIVERS\udfs.sys
15:49:10.0511 4524 udfs - ok
15:49:10.0573 4524 [ 8344FD4FCE927880AA1AA7681D4927E5 ] UI0Detect C:\windows\system32\UI0Detect.exe
15:49:10.0635 4524 UI0Detect - ok
15:49:10.0760 4524 [ 44E8048ACE47BEFBFDC2E9BE4CBC8880 ] uliagpkx C:\windows\system32\drivers\uliagpkx.sys
15:49:10.0854 4524 uliagpkx - ok
15:49:10.0947 4524 [ D295BED4B898F0FD999FCFA9B32B071B ] umbus C:\windows\system32\drivers\umbus.sys
15:49:11.0025 4524 umbus - ok
15:49:11.0166 4524 [ 7550AD0C6998BA1CB4843E920EE0FEAC ] UmPass C:\windows\system32\DRIVERS\umpass.sys
15:49:11.0369 4524 UmPass - ok
15:49:12.0180 4524 [ 7466809E6DA561D60C2F1CE8EDE3C73F ] UNS C:\Program Files\Intel\Intel® Management Engine Components\UNS\UNS.exe
15:49:12.0242 4524 UNS - ok
15:49:12.0367 4524 [ 833FBB672460EFCE8011D262175FAD33 ] upnphost C:\windows\System32\upnphost.dll
15:49:12.0429 4524 upnphost - ok
15:49:12.0570 4524 [ 73B41F4EAD65F355962168D766AF0F2E ] USBAAPL C:\windows\system32\Drivers\usbaapl.sys
15:49:12.0773 4524 USBAAPL - ok
15:49:12.0851 4524 [ BD9C55D7023C5DE374507ACC7A14E2AC ] usbccgp C:\windows\system32\DRIVERS\usbccgp.sys
15:49:12.0913 4524 usbccgp - ok
15:49:13.0053 4524 [ 04EC7CEC62EC3B6D9354EEE93327FC82 ] usbcir C:\windows\system32\drivers\usbcir.sys
15:49:13.0459 4524 usbcir - ok
15:49:13.0506 4524 [ F92DE757E4B7CE9C07C5E65423F3AE3B ] usbehci C:\windows\system32\drivers\usbehci.sys
15:49:13.0521 4524 usbehci - ok
15:49:13.0709 4524 [ 8DC94AEC6A7E644A06135AE7506DC2E9 ] usbhub C:\windows\system32\DRIVERS\usbhub.sys
15:49:13.0802 4524 usbhub - ok
15:49:13.0911 4524 [ E185D44FAC515A18D9DEDDC23C2CDF44 ] usbohci C:\windows\system32\drivers\usbohci.sys
15:49:14.0083 4524 usbohci - ok
15:49:14.0255 4524 [ 797D862FE0875E75C7CC4C1AD7B30252 ] usbprint C:\windows\system32\DRIVERS\usbprint.sys
15:49:14.0520 4524 usbprint - ok
15:49:14.0645 4524 [ F991AB9CC6B908DB552166768176896A ] USBSTOR C:\windows\system32\drivers\USBSTOR.SYS

TDSSKiller (log file part 1)

15:45:17.0648 5792 TDSS rootkit removing tool 2.8.15.0 Oct 31 2012 21:47:35
15:45:18.0724 5792 ============================================================
15:45:18.0724 5792 Current date / time: 2012/12/14 15:45:18.0724
15:45:18.0724 5792 SystemInfo:
15:45:18.0724 5792
15:45:18.0724 5792 OS Version: 6.1.7601 ServicePack: 1.0
15:45:18.0724 5792 Product type: Workstation
15:45:18.0724 5792 ComputerName: VANESSAWONG
15:45:18.0724 5792 UserName: Vanessa Wong
15:45:18.0724 5792 Windows directory: C:\windows
15:45:18.0724 5792 System windows directory: C:\windows
15:45:18.0724 5792 Processor architecture: Intel x86
15:45:18.0724 5792 Number of processors: 4
15:45:18.0724 5792 Page size: 0x1000
15:45:18.0724 5792 Boot type: Normal boot
15:45:18.0724 5792 ============================================================
15:45:31.0407 5792 BG loaded
15:45:36.0274 5792 Drive \Device\Harddisk0\DR0 - Size: 0x7470C06000 (465.76 Gb), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000050
15:45:36.0321 5792 ============================================================
15:45:36.0321 5792 \Device\Harddisk0\DR0:
15:45:36.0352 5792 MBR partitions:
15:45:36.0352 5792 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x2EE800, BlocksNum 0x38971000
15:45:36.0352 5792 ============================================================
15:45:36.0446 5792 C: <-> \Device\Harddisk0\DR0\Partition1
15:45:36.0446 5792 ============================================================
15:45:36.0446 5792 Initialize success
15:45:36.0446 5792 ============================================================
15:45:59.0550 4524 ============================================================
15:45:59.0550 4524 Scan started
15:45:59.0550 4524 Mode: Manual; SigCheck; TDLFS;
15:45:59.0550 4524 ============================================================
15:46:01.0406 4524 ================ Scan system memory ========================
15:46:01.0406 4524 System memory - ok
15:46:01.0406 4524 ================ Scan services =============================
15:46:01.0718 4524 [ 1B133875B8AA8AC48969BD3458AFE9F5 ] 1394ohci C:\windows\system32\drivers\1394ohci.sys
15:46:20.0547 4524 1394ohci - ok
15:46:21.0000 4524 [ CEA80C80BED809AA0DA6FEBC04733349 ] ACPI C:\windows\system32\drivers\ACPI.sys
15:46:21.0031 4524 ACPI - ok
15:46:21.0218 4524 [ 1EFBC664ABFF416D1D07DB115DCB264F ] AcpiPmi C:\windows\system32\drivers\acpipmi.sys
15:46:22.0778 4524 AcpiPmi - ok
15:46:23.0589 4524 [ 21E785EBD7DC90A06391141AAC7892FB ] adp94xx C:\windows\system32\DRIVERS\adp94xx.sys
15:46:24.0198 4524 adp94xx - ok
15:46:24.0463 4524 [ 0C676BC278D5B59FF5ABD57BBE9123F2 ] adpahci C:\windows\system32\DRIVERS\adpahci.sys
15:46:24.0915 4524 adpahci - ok
15:46:25.0071 4524 [ 7C7B5EE4B7B822EC85321FE23A27DB33 ] adpu320 C:\windows\system32\DRIVERS\adpu320.sys
15:46:25.0633 4524 adpu320 - ok
15:46:25.0695 4524 [ 8B5EEFEEC1E6D1A72A06C526628AD161 ] AeLookupSvc C:\windows\System32\aelupsvc.dll
15:46:25.0820 4524 AeLookupSvc - ok
15:46:26.0257 4524 [ 9EBBBA55060F786F0FCAA3893BFA2806 ] AFD C:\windows\system32\drivers\afd.sys
15:46:26.0366 4524 AFD - ok
15:46:26.0444 4524 [ 507812C3054C21CEF746B6EE3D04DD6E ] agp440 C:\windows\system32\drivers\agp440.sys
15:46:26.0647 4524 agp440 - ok
15:46:26.0803 4524 [ 8B30250D573A8F6B4BD23195160D8707 ] aic78xx C:\windows\system32\DRIVERS\djsvs.sys
15:46:26.0943 4524 aic78xx - ok
15:46:27.0146 4524 [ 18A54E132947CD98FEA9ACCC57F98F13 ] ALG C:\windows\System32\alg.exe
15:46:27.0240 4524 ALG - ok
15:46:27.0505 4524 [ 0D40BCF52EA90FC7DF2AEAB6503DEA44 ] aliide C:\windows\system32\drivers\aliide.sys
15:46:27.0583 4524 aliide - ok
15:46:27.0692 4524 [ 3C6600A0696E90A463771C7422E23AB5 ] amdagp C:\windows\system32\drivers\amdagp.sys
15:46:27.0786 4524 amdagp - ok
15:46:27.0879 4524 [ CD5914170297126B6266860198D1D4F0 ] amdide C:\windows\system32\drivers\amdide.sys
15:46:27.0942 4524 amdide - ok
15:46:28.0035 4524 [ 00DDA200D71BAC534BF56A9DB5DFD666 ] AmdK8 C:\windows\system32\DRIVERS\amdk8.sys
15:46:28.0238 4524 AmdK8 - ok
15:46:28.0332 4524 [ 3CBF30F5370FDA40DD3E87DF38EA53B6 ] AmdPPM C:\windows\system32\DRIVERS\amdppm.sys
15:46:28.0425 4524 AmdPPM - ok
15:46:28.0566 4524 [ D320BF87125326F996D4904FE24300FC ] amdsata C:\windows\system32\drivers\amdsata.sys
15:46:28.0675 4524 amdsata - ok
15:46:28.0784 4524 [ EA43AF0C423FF267355F74E7A53BDABA ] amdsbs C:\windows\system32\DRIVERS\amdsbs.sys
15:46:29.0096 4524 amdsbs - ok
15:46:29.0268 4524 [ 46387FB17B086D16DEA267D5BE23A2F2 ] amdxata C:\windows\system32\drivers\amdxata.sys
15:46:29.0314 4524 amdxata - ok
15:46:30.0266 4524 [ FEB0B5022C012A4A68DABCB711FAFF03 ] Amsp C:\Program Files\Trend Micro\AMSP\coreServiceShell.exe
15:46:30.0328 4524 Amsp - ok
15:46:30.0578 4524 [ AEA177F783E20150ACE5383EE368DA19 ] AppID C:\windows\system32\drivers\appid.sys
15:46:30.0796 4524 AppID - ok
15:46:31.0108 4524 [ 62A9C86CB6085E20DB4823E4E97826F5 ] AppIDSvc C:\windows\System32\appidsvc.dll
15:46:31.0264 4524 AppIDSvc - ok
15:46:31.0420 4524 [ FB1959012294D6AD43E5304DF65E3C26 ] Appinfo C:\windows\System32\appinfo.dll
15:46:31.0514 4524 Appinfo - ok
15:46:31.0888 4524 [ A5299D04ED225D64CF07A568A3E1BF8C ] Apple Mobile Device C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
15:46:31.0935 4524 Apple Mobile Device - ok
15:46:32.0138 4524 [ 2932004F49677BD84DBC72EDB754FFB3 ] arc C:\windows\system32\DRIVERS\arc.sys
15:46:32.0294 4524 arc - ok
15:46:32.0372 4524 [ 5D6F36C46FD283AE1B57BD2E9FEB0BC7 ] arcsas C:\windows\system32\DRIVERS\arcsas.sys
15:46:32.0528 4524 arcsas - ok
15:46:32.0637 4524 [ ADD2ADE1C2B285AB8378D2DAAF991481 ] AsyncMac C:\windows\system32\DRIVERS\asyncmac.sys
15:46:35.0648 4524 AsyncMac - ok
15:46:35.0742 4524 [ 338C86357871C167A96AB976519BF59E ] atapi C:\windows\system32\drivers\atapi.sys
15:46:35.0788 4524 atapi - ok
15:46:36.0022 4524 [ CE3B4E731638D2EF62FCB419BE0D39F0 ] AudioEndpointBuilder C:\windows\System32\Audiosrv.dll
15:46:36.0116 4524 AudioEndpointBuilder - ok
15:46:36.0210 4524 [ CE3B4E731638D2EF62FCB419BE0D39F0 ] Audiosrv C:\windows\System32\Audiosrv.dll
15:46:36.0256 4524 Audiosrv - ok
15:46:36.0366 4524 [ 6E30D02AAC9CAC84F421622E3A2F6178 ] AxInstSV C:\windows\System32\AxInstSV.dll
15:46:37.0458 4524 AxInstSV - ok
15:46:37.0801 4524 [ 1A231ABEC60FD316EC54C66715543CEC ] b06bdrv C:\windows\system32\DRIVERS\bxvbdx.sys
15:46:38.0378 4524 b06bdrv - ok
15:46:38.0628 4524 [ BD8869EB9CDE6BBE4508D869929869EE ] b57nd60x C:\windows\system32\DRIVERS\b57nd60x.sys
15:46:38.0877 4524 b57nd60x - ok
15:46:39.0314 4524 [ 6163664C7E9CD110AF70180C126C3FDC ] BcmSqlStartupSvc C:\Program Files\Microsoft Small Business\Business Contact Manager\BcmSqlStartupSvc.exe
15:46:39.0361 4524 BcmSqlStartupSvc - ok
15:46:39.0501 4524 [ EE1E9C3BB8228AE423DD38DB69128E71 ] BDESVC C:\windows\System32\bdesvc.dll
15:46:39.0610 4524 BDESVC - ok
15:46:39.0735 4524 [ 505506526A9D467307B3C393DEDAF858 ] Beep C:\windows\system32\drivers\Beep.sys
15:46:39.0860 4524 Beep - ok
15:46:40.0297 4524 [ 1E2BAC209D184BB851E1A187D8A29136 ] BFE C:\windows\System32\bfe.dll
15:46:40.0390 4524 BFE - ok
15:46:40.0609 4524 [ E585445D5021971FAE10393F0F1C3961 ] BITS C:\windows\system32\qmgr.dll
15:46:40.0780 4524 BITS - ok
15:46:40.0812 4524 [ 2287078ED48FCFC477B05B20CF38F36F ] blbdrive C:\windows\system32\DRIVERS\blbdrive.sys
15:46:40.0890 4524 blbdrive - ok
15:46:41.0576 4524 [ DB5BEA73EDAF19AC68B2C0FAD0F92B1A ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe
15:46:41.0623 4524 Bonjour Service - ok
15:46:41.0904 4524 [ 8F2DA3028D5FCBD1A060A3DE64CD6506 ] bowser C:\windows\system32\DRIVERS\bowser.sys
15:46:42.0075 4524 bowser - ok
15:46:42.0262 4524 [ 9F9ACC7F7CCDE8A15C282D3F88B43309 ] BrFiltLo C:\windows\system32\DRIVERS\BrFiltLo.sys
15:46:43.0370 4524 BrFiltLo - ok
15:46:43.0417 4524 [ 56801AD62213A41F6497F96DEE83755A ] BrFiltUp C:\windows\system32\DRIVERS\BrFiltUp.sys
15:46:43.0526 4524 BrFiltUp - ok
15:46:44.0946 4524 [ 77361D72A04F18809D0EFB6CCEB74D4B ] BridgeMP C:\windows\system32\DRIVERS\bridge.sys
15:46:45.0351 4524 BridgeMP - ok
15:46:45.0523 4524 [ 3DAA727B5B0A45039B0E1C9A211B8400 ] Browser C:\windows\System32\browser.dll
15:46:45.0632 4524 Browser - ok
15:46:45.0726 4524 [ 845B8CE732E67F3B4133164868C666EA ] Brserid C:\windows\System32\Drivers\Brserid.sys
15:46:46.0069 4524 Brserid - ok
15:46:46.0116 4524 [ 203F0B1E73ADADBBB7B7B1FABD901F6B ] BrSerWdm C:\windows\System32\Drivers\BrSerWdm.sys
15:46:46.0428 4524 BrSerWdm - ok
15:46:46.0474 4524 [ BD456606156BA17E60A04E18016AE54B ] BrUsbMdm C:\windows\System32\Drivers\BrUsbMdm.sys
15:46:46.0552 4524 BrUsbMdm - ok
15:46:46.0740 4524 [ AF72ED54503F717A43268B3CC5FAEC2E ] BrUsbSer C:\windows\System32\Drivers\BrUsbSer.sys
15:46:46.0942 4524 BrUsbSer - ok
15:46:46.0974 4524 [ ED3DF7C56CE0084EB2034432FC56565A ] BTHMODEM C:\windows\system32\DRIVERS\bthmodem.sys
15:46:47.0052 4524 BTHMODEM - ok
15:46:47.0208 4524 [ 1DF19C96EEF6C29D1C3E1A8678E07190 ] bthserv C:\windows\system32\bthserv.dll
15:46:47.0301 4524 bthserv - ok
15:46:50.0718 4524 catchme - ok
15:46:50.0842 4524 [ 77EA11B065E0A8AB902D78145CA51E10 ] cdfs C:\windows\system32\DRIVERS\cdfs.sys
15:46:51.0045 4524 cdfs - ok
15:46:51.0217 4524 [ BE167ED0FDB9C1FA1133953C18D5A6C9 ] cdrom C:\windows\system32\drivers\cdrom.sys
15:46:51.0279 4524 cdrom - ok
15:46:51.0388 4524 [ 319C6B309773D063541D01DF8AC6F55F ] CertPropSvc C:\windows\System32\certprop.dll
15:46:51.0498 4524 CertPropSvc - ok
15:46:51.0856 4524 [ 3653FD7871E8B5B92E9C3E2945BD293D ] cfWiMAXService C:\Program Files\TOSHIBA\ConfigFree\CFIWmxSvcs.exe
15:46:51.0888 4524 cfWiMAXService - ok
15:46:51.0981 4524 [ 3FE3FE94A34DF6FB06E6418D0F6A0060 ] circlass C:\windows\system32\DRIVERS\circlass.sys
15:46:52.0153 4524 circlass - ok
15:46:52.0278 4524 [ 635181E0E9BBF16871BF5380D71DB02D ] CLFS C:\windows\system32\CLFS.sys
15:46:52.0340 4524 CLFS - ok
15:46:52.0636 4524 [ D88040F816FDA31C3B466F0FA0918F29 ] clr_optimization_v2.0.50727_32 C:\windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
15:46:52.0746 4524 clr_optimization_v2.0.50727_32 - ok
15:46:53.0276 4524 [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
15:46:53.0370 4524 clr_optimization_v4.0.30319_32 - ok
15:46:53.0417 4524 [ DEA805815E587DAD1DD2C502220B5616 ] CmBatt C:\windows\system32\DRIVERS\CmBatt.sys
15:46:53.0448 4524 CmBatt - ok
15:46:53.0479 4524 [ C537B1DB64D495B9B4717B4D6D9EDBF2 ] cmdide C:\windows\system32\drivers\cmdide.sys
15:46:53.0526 4524 cmdide - ok
15:46:53.0635 4524 [ 247B4CE2DAB1160CD422D532D5241E1F ] CNG C:\windows\system32\Drivers\cng.sys
15:46:54.0009 4524 CNG - ok
15:46:54.0571 4524 [ C2FA222AC9DB9463F801451FF65ECBE8 ] CnxtHdAudService C:\windows\system32\drivers\CHDRT32.sys
15:46:54.0649 4524 CnxtHdAudService - ok
15:46:54.0852 4524 [ A6023D3823C37043986713F118A89BEE ] Compbatt C:\windows\system32\DRIVERS\compbatt.sys
15:46:54.0930 4524 Compbatt - ok
15:46:55.0211 4524 [ CBE8C58A8579CFE5FCCF809E6F114E89 ] CompositeBus C:\windows\system32\drivers\CompositeBus.sys
15:46:55.0273 4524 CompositeBus - ok
15:46:55.0351 4524 COMSysApp - ok
15:46:55.0523 4524 [ CAB0EEAF5295FC96DDD3E19DCE27E131 ] ConfigFree Service C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe
15:46:55.0554 4524 ConfigFree Service - ok
15:46:55.0803 4524 [ 2C4EBCFC84A9B44F209DFF6C6E6C61D1 ] crcdisk C:\windows\system32\DRIVERS\crcdisk.sys
15:46:55.0897 4524 crcdisk - ok
15:46:56.0303 4524 [ 96C0E38905CFD788313BE8E11DAE3F2F ] CryptSvc C:\windows\system32\cryptsvc.dll
15:46:56.0490 4524 CryptSvc - ok
15:46:56.0755 4524 [ FFC5377AA2C1A3F5B18F359F661E76C8 ] ctxusbm C:\windows\system32\DRIVERS\ctxusbm.sys
15:46:56.0786 4524 ctxusbm - ok
15:46:57.0098 4524 [ 7660F01D3B38ACA1747E397D21D790AF ] DcomLaunch C:\windows\system32\rpcss.dll
15:46:57.0207 4524 DcomLaunch - ok
15:46:57.0457 4524 [ 8D6E10A2D9A5EED59562D9B82CF804E1 ] defragsvc C:\windows\System32\defragsvc.dll
15:46:57.0519 4524 defragsvc - ok
15:46:57.0722 4524 [ F024449C97EC1E464AAFFDA18593DB88 ] DfsC C:\windows\system32\Drivers\dfsc.sys
15:46:57.0785 4524 DfsC - ok
15:46:57.0925 4524 [ E9E01EB683C132F7FA27CD607B8A2B63 ] Dhcp C:\windows\system32\dhcpcore.dll
15:46:58.0081 4524 Dhcp - ok
15:46:58.0190 4524 [ 1A050B0274BFB3890703D490F330C0DA ] discache C:\windows\system32\drivers\discache.sys
15:46:58.0299 4524 discache - ok
15:46:58.0424 4524 [ 565003F326F99802E68CA78F2A68E9FF ] Disk C:\windows\system32\DRIVERS\disk.sys
15:46:58.0487 4524 Disk - ok
15:46:58.0674 4524 [ 33EF4861F19A0736B11314AAD9AE28D0 ] Dnscache C:\windows\System32\dnsrslvr.dll
15:46:58.0892 4524 Dnscache - ok
15:46:59.0064 4524 [ 366BA8FB4B7BB7435E3B9EACB3843F67 ] dot3svc C:\windows\System32\dot3svc.dll
15:46:59.0157 4524 dot3svc - ok
15:46:59.0282 4524 [ 8EC04CA86F1D68DA9E11952EB85973D6 ] DPS C:\windows\system32\dps.dll
15:46:59.0391 4524 DPS - ok
15:46:59.0469 4524 [ B918E7C5F9BF77202F89E1A9539F2EB4 ] drmkaud C:\windows\system32\drivers\drmkaud.sys
15:46:59.0563 4524 drmkaud - ok
15:46:59.0906 4524 [ 23F5D28378A160352BA8F817BD8C71CB ] DXGKrnl C:\windows\System32\drivers\dxgkrnl.sys
15:46:59.0984 4524 DXGKrnl - ok
15:47:00.0187 4524 [ 8600142FA91C1B96367D3300AD0F3F3A ] EapHost C:\windows\System32\eapsvc.dll
15:47:00.0312 4524 EapHost - ok
15:47:01.0279 4524 [ 024E1B5CAC09731E4D868E64DBFB4AB0 ] ebdrv C:\windows\system32\DRIVERS\evbdx.sys
15:47:03.0962 4524 ebdrv - ok
15:47:04.0040 4524 [ 81951F51E318AECC2D68559E47485CC4 ] EFS C:\windows\System32\lsass.exe
15:47:04.0087 4524 EFS - ok
15:47:04.0664 4524 [ A8C362018EFC87BEB013EE28F29C0863 ] ehRecvr C:\windows\ehome\ehRecvr.exe
15:47:04.0711 4524 ehRecvr - ok
15:47:05.0257 4524 [ D389BFF34F80CAEDE417BF9D1507996A ] ehSched C:\windows\ehome\ehsched.exe
15:47:05.0631 4524 ehSched - ok
15:47:05.0975 4524 [ 0ED67910C8C326796FAA00B2BF6D9D3C ] elxstor C:\windows\system32\DRIVERS\elxstor.sys
15:47:06.0770 4524 elxstor - ok
15:47:06.0848 4524 [ 8FC3208352DD3912C94367A206AB3F11 ] ErrDev C:\windows\system32\drivers\errdev.sys
15:47:06.0957 4524 ErrDev - ok
15:47:07.0269 4524 [ F6916EFC29D9953D5D0DF06882AE8E16 ] EventSystem C:\windows\system32\es.dll
15:47:07.0488 4524 EventSystem - ok
15:47:07.0644 4524 [ 2DC9108D74081149CC8B651D3A26207F ] exfat C:\windows\system32\drivers\exfat.sys
15:47:08.0221 4524 exfat - ok
15:47:08.0361 4524 [ 7E0AB74553476622FB6AE36F73D97D35 ] fastfat C:\windows\system32\drivers\fastfat.sys
15:47:08.0767 4524 fastfat - ok
15:47:09.0126 4524 [ 967EA5B213E9984CBE270205DF37755B ] Fax C:\windows\system32\fxssvc.exe
15:47:09.0344 4524 Fax - ok
15:47:09.0375 4524 [ E817A017F82DF2A1F8CFDBDA29388B29 ] fdc C:\windows\system32\DRIVERS\fdc.sys
15:47:09.0485 4524 fdc - ok
15:47:09.0578 4524 [ F3222C893BD2F5821A0179E5C71E88FB ] fdPHost C:\windows\system32\fdPHost.dll
15:47:09.0703 4524 fdPHost - ok
15:47:09.0812 4524 [ 7DBE8CBFE79EFBDEB98C9FB08D3A9A5B ] FDResPub C:\windows\system32\fdrespub.dll
15:47:09.0890 4524 FDResPub - ok
15:47:09.0953 4524 [ 6CF00369C97F3CF563BE99BE983D13D8 ] FileInfo C:\windows\system32\drivers\fileinfo.sys
15:47:09.0999 4524 FileInfo - ok
15:47:10.0062 4524 [ 42C51DC94C91DA21CB9196EB64C45DB9 ] Filetrace C:\windows\system32\drivers\filetrace.sys
15:47:10.0109 4524 Filetrace - ok
15:47:10.0187 4524 [ 87907AA70CB3C56600F1C2FB8841579B ] flpydisk C:\windows\system32\DRIVERS\flpydisk.sys
15:47:10.0296 4524 flpydisk - ok
15:47:10.0421 4524 [ 7520EC808E0C35E0EE6F841294316653 ] FltMgr C:\windows\system32\drivers\fltmgr.sys
15:47:10.0467 4524 FltMgr - ok
15:47:10.0764 4524 [ B3A5EC6B6B6673DB7E87C2BCDBDDC074 ] FontCache C:\windows\system32\FntCache.dll
15:47:10.0935 4524 FontCache - ok
15:47:11.0138 4524 [ E56F39F6B7FDA0AC77A79B0FD3DE1A2F ] FontCache3.0.0.0 C:\windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe
15:47:11.0232 4524 FontCache3.0.0.0 - ok
15:47:11.0279 4524 [ 1A16B57943853E598CFF37FE2B8CBF1D ] FsDepends C:\windows\system32\drivers\FsDepends.sys
15:47:11.0294 4524 FsDepends - ok
15:47:11.0372 4524 [ 7DAE5EBCC80E45D3253F4923DC424D05 ] Fs_Rec C:\windows\system32\drivers\Fs_Rec.sys
15:47:11.0450 4524 Fs_Rec - ok
15:47:11.0684 4524 [ 8A73E79089B282100B9393B644CB853B ] fvevol C:\windows\system32\DRIVERS\fvevol.sys
15:47:11.0731 4524 fvevol - ok
15:47:12.0105 4524 [ 65EE0C7A58B65E74AE05637418153938 ] gagp30kx C:\windows\system32\DRIVERS\gagp30kx.sys
15:47:12.0199 4524 gagp30kx - ok
15:47:12.0464 4524 [ CE16683CFD11FE70BDE435DDA5EA1FCA ] GameConsoleService C:\Program Files\TOSHIBA Games\TOSHIBA Game Console\GameConsoleService.exe
15:47:12.0620 4524 GameConsoleService - ok
15:47:12.0729 4524 [ 185ADA973B5020655CEE342059A86CBB ] GEARAspiWDM C:\windows\system32\DRIVERS\GEARAspiWDM.sys
15:47:12.0761 4524 GEARAspiWDM - ok
15:47:13.0026 4524 [ E897EAF5ED6BA41E081060C9B447A673 ] gpsvc C:\windows\System32\gpsvc.dll
15:47:13.0073 4524 gpsvc - ok
15:47:13.0119 4524 [ C44E3C2BAB6837DB337DDEE7544736DB ] hcw85cir C:\windows\system32\drivers\hcw85cir.sys
15:47:13.0338 4524 hcw85cir - ok
15:47:13.0821 4524 [ A5EF29D5315111C80A5C1ABAD14C8972 ] HdAudAddService C:\windows\system32\drivers\HdAudio.sys
15:47:14.0133 4524 HdAudAddService - ok
15:47:14.0211 4524 [ 9036377B8A6C15DC2EEC53E489D159B5 ] HDAudBus C:\windows\system32\drivers\HDAudBus.sys
15:47:14.0352 4524 HDAudBus - ok
15:47:14.0539 4524 [ A88485DC6A7136C10D9A6C7E38FDFE3C ] HECI C:\windows\system32\DRIVERS\HECI.sys
15:47:14.0648 4524 HECI - ok
15:47:14.0726 4524 [ 1D58A7F3E11A9731D0EAAAA8405ACC36 ] HidBatt C:\windows\system32\DRIVERS\HidBatt.sys
15:47:15.0023 4524 HidBatt - ok
15:47:15.0085 4524 [ 89448F40E6DF260C206A193A4683BA78 ] HidBth C:\windows\system32\DRIVERS\hidbth.sys
15:47:15.0210 4524 HidBth - ok
15:47:15.0413 4524 [ CF50B4CF4A4F229B9F3C08351F99CA5E ] HidIr C:\windows\system32\DRIVERS\hidir.sys
15:47:15.0553 4524 HidIr - ok
15:47:15.0678 4524 [ 2BC6F6A1992B3A77F5F41432CA6B3B6B ] hidserv C:\windows\System32\hidserv.dll
15:47:15.0803 4524 hidserv - ok
15:47:15.0959 4524 [ 10C19F8290891AF023EAEC0832E1EB4D ] HidUsb C:\windows\system32\drivers\hidusb.sys
15:47:16.0068 4524 HidUsb - ok
15:47:16.0146 4524 [ 196B4E3F4CCCC24AF836CE58FACBB699 ] hkmsvc C:\windows\system32\kmsvc.dll
15:47:16.0255 4524 hkmsvc - ok
15:47:16.0458 4524 [ 6658F4404DE03D75FE3BA09F7ABA6A30 ] HomeGroupListener C:\windows\system32\ListSvc.dll
15:47:16.0598 4524 HomeGroupListener - ok
15:47:16.0817 4524 [ DBC02D918FFF1CAD628ACBE0C0EAA8E8 ] HomeGroupProvider C:\windows\system32\provsvc.dll
15:47:16.0910 4524 HomeGroupProvider - ok
15:47:17.0129 4524 [ 295FDC419039090EB8B49FFDBB374549 ] HpSAMD C:\windows\system32\drivers\HpSAMD.sys
15:47:17.0643 4524 HpSAMD - ok
15:47:18.0189 4524 [ 210388FD8225B02BD83D77628AAE64A9 ] HsfXAudioService C:\windows\system32\XAudio32.dll
15:47:18.0377 4524 HsfXAudioService - ok
15:47:18.0767 4524 [ 227C3BA25012752BB7450235392C719F ] HSF_DPV C:\windows\system32\DRIVERS\HSX_DPV.sys
15:47:18.0860 4524 HSF_DPV - ok
15:47:18.0923 4524 [ 4DF5C76302DC2F8F3465966C8426A292 ] HSXHWAZL C:\windows\system32\DRIVERS\HSXHWAZL.sys
15:47:18.0969 4524 HSXHWAZL - ok
15:47:19.0172 4524 [ 871917B07A141BFF43D76D8844D48106 ] HTTP C:\windows\system32\drivers\HTTP.sys
15:47:19.0250 4524 HTTP - ok
15:47:19.0453 4524 [ 0C4E035C7F105F1299258C90886C64C5 ] hwpolicy C:\windows\system32\drivers\hwpolicy.sys
15:47:19.0484 4524 hwpolicy - ok
15:47:19.0656 4524 [ F151F0BDC47F4A28B1B20A0818EA36D6 ] i8042prt C:\windows\system32\drivers\i8042prt.sys
15:47:19.0734 4524 i8042prt - ok
15:47:20.0030 4524 [ A5FFEB824E539C18CD23C32161AB55DB ] iaStor C:\windows\system32\DRIVERS\iaStor.sys
15:47:20.0093 4524 iaStor - ok
15:47:20.0592 4524 [ 5CD5F9A5444E6CDCB0AC89BD62D8B76E ] iaStorV C:\windows\system32\drivers\iaStorV.sys
15:47:21.0528 4524 iaStorV - ok
15:47:21.0762 4524 [ 1CF03C69B49ACB70C722DF92755C0C8C ] IDriverT C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
15:47:22.0027 4524 IDriverT ( UnsignedFile.Multi.Generic ) - warning
15:47:22.0027 4524 IDriverT - detected UnsignedFile.Multi.Generic (1)
15:47:22.0433 4524 [ C521D7EB6497BB1AF6AFA89E322FB43C ] idsvc C:\windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
15:47:23.0228 4524 idsvc - ok
15:47:27.0019 4524 [ B3A313080B0F73F4C8292290606FC15D ] igfx C:\windows\system32\DRIVERS\igdkmd32.sys
15:47:27.0768 4524 igfx - ok
15:47:27.0908 4524 [ 4173FF5708F3236CF25195FECD742915 ] iirsp C:\windows\system32\DRIVERS\iirsp.sys
15:47:28.0267 4524 iirsp - ok
15:47:29.0203 4524 [ F95622F161474511B8D80D6B093AA610 ] IKEEXT C:\windows\System32\ikeext.dll
15:47:29.0343 4524 IKEEXT - ok
15:47:29.0609 4524 [ 03C0D99BC2913226F1CEA7CB0D984659 ] Impcd C:\windows\system32\DRIVERS\Impcd.sys
15:47:29.0765 4524 Impcd - ok
15:47:29.0967 4524 [ A0F12F2C9BA6C72F3987CE780E77C130 ] intelide C:\windows\system32\drivers\intelide.sys
15:47:30.0186 4524 intelide - ok
15:47:30.0467 4524 [ 3B514D27BFC4ACCB4037BC6685F766E0 ] intelppm C:\windows\system32\DRIVERS\intelppm.sys
15:47:30.0560 4524 intelppm - ok
15:47:30.0701 4524 [ ACB364B9075A45C0736E5C47BE5CAE19 ] IPBusEnum C:\windows\system32\ipbusenum.dll
15:47:30.0888 4524 IPBusEnum - ok
15:47:30.0981 4524 [ 709D1761D3B19A932FF0238EA6D50200 ] IpFilterDriver C:\windows\system32\DRIVERS\ipfltdrv.sys
15:47:31.0325 4524 IpFilterDriver - ok
15:47:31.0715 4524 [ 58F67245D041FBE7AF88F4EAF79DF0FA ] iphlpsvc C:\windows\System32\iphlpsvc.dll
15:47:31.0933 4524 iphlpsvc - ok
15:47:32.0073 4524 [ 4BD7134618C1D2A27466A099062547BF ] IPMIDRV C:\windows\system32\drivers\IPMIDrv.sys
15:47:32.0432 4524 IPMIDRV - ok
15:47:32.0557 4524 [ A5FA468D67ABCDAA36264E463A7BB0CD ] IPNAT C:\windows\system32\drivers\ipnat.sys
15:47:32.0822 4524 IPNAT - ok
15:47:33.0727 4524 [ BC0EA61246F8D940FBC5F652D337D6BD ] iPod Service C:\Program Files\iPod\bin\iPodService.exe
15:47:33.0789 4524 iPod Service - ok
15:47:33.0930 4524 [ 42996CFF20A3084A56017B7902307E9F ] IRENUM C:\windows\system32\drivers\irenum.sys
15:47:34.0569 4524 IRENUM - ok
15:47:34.0694 4524 [ 1F32BB6B38F62F7DF1A7AB7292638A35 ] isapnp C:\windows\system32\drivers\isapnp.sys
15:47:34.0866 4524 isapnp - ok
15:47:35.0100 4524 [ CB7A9ABB12B8415BCE5D74994C7BA3AE ] iScsiPrt C:\windows\system32\drivers\msiscsi.sys
15:47:36.0348 4524 iScsiPrt - ok
15:47:36.0878 4524 [ 994EBB45C4B438E1F6EA0B958AE9B9A3 ] ivusb C:\windows\system32\DRIVERS\ivusb.sys
15:47:36.0987 4524 ivusb - ok
15:47:37.0237 4524 [ ADEF52CA1AEAE82B50DF86B56413107E ] kbdclass C:\windows\system32\drivers\kbdclass.sys
15:47:37.0284 4524 kbdclass - ok
15:47:37.0362 4524 [ 9E3CED91863E6EE98C24794D05E27A71 ] kbdhid C:\windows\system32\drivers\kbdhid.sys
15:47:37.0518 4524 kbdhid - ok
15:47:37.0580 4524 [ 81951F51E318AECC2D68559E47485CC4 ] KeyIso C:\windows\system32\lsass.exe
15:47:37.0611 4524 KeyIso - ok
15:47:37.0799 4524 [ B7895B4182C0D16F6EFADEB8081E8D36 ] KSecDD C:\windows\system32\Drivers\ksecdd.sys
15:47:37.0955 4524 KSecDD - ok
15:47:38.0048 4524 [ D30159AC9237519FBC62C6EC247D2D46 ] KSecPkg C:\windows\system32\Drivers\ksecpkg.sys
15:47:38.0220 4524 KSecPkg - ok
15:47:40.0482 4524 [ 89A7B9CC98D0D80C6F31B91C0A310FCD ] KtmRm C:\windows\system32\msdtckrm.dll
15:47:40.0841 4524 KtmRm - ok
15:47:41.0168 4524 [ B05ADCD03AAED42607371186F359D8A5 ] L1C C:\windows\system32\DRIVERS\L1C62x86.sys
15:47:41.0199 4524 L1C - ok
15:47:41.0402 4524 [ D64AF876D53ECA3668BB97B51B4E70AB ] LanmanServer C:\windows\System32\srvsvc.dll
15:47:41.0511 4524 LanmanServer - ok
15:47:41.0652 4524 [ 58405E4F68BA8E4057C6E914F326ABA2 ] LanmanWorkstation C:\windows\System32\wkssvc.dll
15:47:41.0777 4524 LanmanWorkstation - ok
15:47:42.0338 4524 [ F7611EC07349979DA9B0AE1F18CCC7A6 ] lltdio C:\windows\system32\DRIVERS\lltdio.sys
15:47:42.0479 4524 lltdio - ok
15:47:42.0884 4524 [ 5700673E13A2117FA3B9020C852C01E2 ] lltdsvc C:\windows\System32\lltdsvc.dll
15:47:43.0196 4524 lltdsvc - ok
15:47:43.0274 4524 [ 55CA01BA19D0006C8F2639B6C045E08B ] lmhosts C:\windows\System32\lmhsvc.dll
15:47:43.0430 4524 lmhosts - ok
15:47:44.0023 4524 [ DBC1136A62BD4DECC3632DF650284C2E ] LMS C:\Program Files\Intel\Intel® Management Engine Components\LMS\LMS.exe
15:47:44.0054 4524 LMS - ok
15:47:45.0021 4524 [ EB119A53CCF2ACC000AC71B065B78FEF ] LSI_FC C:\windows\system32\DRIVERS\lsi_fc.sys
15:47:45.0630 4524 LSI_FC - ok
15:47:46.0379 4524 [ 8ADE1C877256A22E49B75D1CC9161F9C ] LSI_SAS C:\windows\system32\DRIVERS\lsi_sas.sys
15:47:46.0550 4524 LSI_SAS - ok
15:47:46.0706 4524 [ DC9DC3D3DAA0E276FD2EC262E38B11E9 ] LSI_SAS2 C:\windows\system32\DRIVERS\lsi_sas2.sys
15:47:46.0862 4524 LSI_SAS2 - ok
15:47:46.0893 4524 [ 0A036C7D7CAB643A7F07135AC47E0524 ] LSI_SCSI C:\windows\system32\DRIVERS\lsi_scsi.sys
15:47:46.0987 4524 LSI_SCSI - ok
15:47:47.0003 4524 [ 6703E366CC18D3B6E534F5CF7DF39CEE ] luafv C:\windows\system32\drivers\luafv.sys
15:47:47.0049 4524 luafv - ok
15:47:47.0237 4524 [ 6490FE1B088C7199A9B6CE0E04A98A8B ] massfilter C:\windows\system32\drivers\massfilter.sys
15:47:47.0502 4524 massfilter - ok
15:47:47.0611 4524 [ BFB9EE8EE977EFE85D1A3105ABEF6DD1 ] Mcx2Svc C:\windows\system32\Mcx2Svc.dll
15:47:47.0720 4524 Mcx2Svc - ok
15:47:47.0767 4524 [ 0CEA2D0D3FA284B85ED5B68365114F76 ] mdmxsdk C:\windows\system32\DRIVERS\mdmxsdk.sys
15:47:47.0783 4524 mdmxsdk - ok
15:47:47.0970 4524 [ 0FFF5B045293002AB38EB1FD1FC2FB74 ] megasas C:\windows\system32\DRIVERS\megasas.sys
15:47:48.0126 4524 megasas - ok
15:47:48.0453 4524 [ DCBAB2920C75F390CAF1D29F675D03D6 ] MegaSR C:\windows\system32\DRIVERS\MegaSR.sys
15:47:49.0608 4524 MegaSR - ok
15:47:49.0733 4524 [ 146B6F43A673379A3C670E86D89BE5EA ] MMCSS C:\windows\system32\mmcss.dll
15:47:49.0842 4524 MMCSS - ok
15:47:49.0873 4524 [ F001861E5700EE84E2D4E52C712F4964 ] Modem C:\windows\system32\drivers\modem.sys
15:47:49.0982 4524 Modem - ok
15:47:50.0310 4524 [ 79D10964DE86B292320E9DFE02282A23 ] monitor C:\windows\system32\DRIVERS\monitor.sys
15:47:51.0230 4524 monitor - ok
15:47:51.0293 4524 [ FB18CC1D4C2E716B6B903B0AC0CC0609 ] mouclass C:\windows\system32\drivers\mouclass.sys
15:47:51.0339 4524 mouclass - ok
15:47:51.0542 4524 [ 2C388D2CD01C9042596CF3C8F3C7B24D ] mouhid C:\windows\system32\DRIVERS\mouhid.sys
15:47:51.0683 4524 mouhid - ok
15:47:51.0761 4524 [ FC8771F45ECCCFD89684E38842539B9B ] mountmgr C:\windows\system32\drivers\mountmgr.sys
15:47:51.0792 4524 mountmgr - ok
15:47:51.0839 4524 [ 2D699FB6E89CE0D8DA14ECC03B3EDFE0 ] mpio C:\windows\system32\drivers\mpio.sys
15:47:51.0979 4524 mpio - ok
15:47:52.0088 4524 [ AD2723A7B53DD1AACAE6AD8C0BFBF4D0 ] mpsdrv C:\windows\system32\drivers\mpsdrv.sys
15:47:52.0229 4524 mpsdrv - ok
15:47:52.0369 4524 [ 9835584E999D25004E1EE8E5F3E3B881 ] MpsSvc C:\windows\system32\mpssvc.dll
15:47:52.0463 4524 MpsSvc - ok
15:47:52.0525 4524 [ CEB46AB7C01C9F825F8CC6BABC18166A ] MRxDAV C:\windows\system32\drivers\mrxdav.sys
15:47:52.0634 4524 MRxDAV - ok
15:47:52.0775 4524 [ 5D16C921E3671636C0EBA3BBAAC5FD25 ] mrxsmb C:\windows\system32\DRIVERS\mrxsmb.sys
15:47:52.0837 4524 mrxsmb - ok
15:47:52.0993 4524 [ 6D17A4791ACA19328C685D256349FEFC ] mrxsmb10 C:\windows\system32\DRIVERS\mrxsmb10.sys
15:47:53.0024 4524 mrxsmb10 - ok
15:47:53.0055 4524 [ B81F204D146000BE76651A50670A5E9E ] mrxsmb20 C:\windows\system32\DRIVERS\mrxsmb20.sys
15:47:53.0118 4524 mrxsmb20 - ok
15:47:53.0227 4524 [ 012C5F4E9349E711E11E0F19A8589F0A ] msahci C:\windows\system32\drivers\msahci.sys
15:47:53.0274 4524 msahci - ok
15:47:53.0336 4524 [ 55055F8AD8BE27A64C831322A780A228 ] msdsm C:\windows\system32\drivers\msdsm.sys
15:47:53.0383 4524 msdsm - ok
15:47:53.0477 4524 [ E1BCE74A3BD9902B72599C0192A07E27 ] MSDTC C:\windows\System32\msdtc.exe
15:47:53.0570 4524 MSDTC - ok
15:47:53.0617 4524 [ DAEFB28E3AF5A76ABCC2C3078C07327F ] Msfs C:\windows\system32\drivers\Msfs.sys
15:47:53.0679 4524 Msfs - ok
15:47:53.0789 4524 [ 3E1E5767043C5AF9367F0056295E9F84 ] mshidkmdf C:\windows\System32\drivers\mshidkmdf.sys
15:47:53.0867 4524 mshidkmdf - ok
15:47:53.0960 4524 [ 0A4E5757AE09FA9622E3158CC1AEF114 ] msisadrv C:\windows\system32\drivers\msisadrv.sys
15:47:54.0054 4524 msisadrv - ok
15:47:54.0241 4524 [ 90F7D9E6B6F27E1A707D4A297F077828 ] MSiSCSI C:\windows\system32\iscsiexe.dll
15:47:54.0584 4524 MSiSCSI - ok
15:47:54.0584 4524 msiserver - ok
15:47:54.0818 4524 [ 8C0860D6366AAFFB6C5BB9DF9448E631 ] MSKSSRV C:\windows\system32\drivers\MSKSSRV.sys
15:47:55.0021 4524 MSKSSRV - ok
15:47:55.0099 4524 [ 3EA8B949F963562CEDBB549EAC0C11CE ] MSPCLOCK C:\windows\system32\drivers\MSPCLOCK.sys
15:47:55.0239 4524 MSPCLOCK - ok
15:47:55.0333 4524 [ F456E973590D663B1073E9C463B40932 ] MSPQM C:\windows\system32\drivers\MSPQM.sys
15:47:55.0489 4524 MSPQM - ok
15:47:55.0614 4524 [ 0E008FC4819D238C51D7C93E7B41E560 ] MsRPC C:\windows\system32\drivers\MsRPC.sys
15:47:55.0739 4524 MsRPC - ok
15:47:55.0817 4524 [ FC6B9FF600CC585EA38B12589BD4E246 ] mssmbios C:\windows\system32\drivers\mssmbios.sys
15:47:55.0863 4524 mssmbios - ok
15:47:56.0082 4524 MSSQL$MSSMLBIZ - ok
15:47:56.0285 4524 MSSQL$SQLEXPRESS - ok
15:47:56.0441 4524 [ 1D89EB4E2A99CABD4E81225F4F4C4B25 ] MSSQLServerADHelper c:\Program Files\Microsoft SQL Server\90\Shared\sqladhlp90.exe
15:47:56.0503 4524 MSSQLServerADHelper - ok
15:47:56.0643 4524 [ B42C6B921F61A6E55159B8BE6CD54A36 ] MSTEE C:\windows\system32\drivers\MSTEE.sys
15:47:56.0737 4524 MSTEE - ok
15:47:56.0784 4524 [ 33599130F44E1F34631CEA241DE8AC84 ] MTConfig C:\windows\system32\DRIVERS\MTConfig.sys
15:47:56.0846 4524 MTConfig - ok
15:47:56.0893 4524 [ 159FAD02F64E6381758C990F753BCC80 ] Mup C:\windows\system32\Drivers\mup.sys
15:47:56.0924 4524 Mup - ok
15:47:57.0018 4524 [ 61D57A5D7C6D9AFE10E77DAE6E1B445E ] napagent C:\windows\system32\qagentRT.dll
15:47:57.0111 4524 napagent - ok
15:47:57.0299 4524 [ 26384429FCD85D83746F63E798AB1480 ] NativeWifiP C:\windows\system32\DRIVERS\nwifi.sys
15:47:57.0345 4524 NativeWifiP - ok
15:47:58.0281 4524 [ C0C326C4957D1027B757769B4D9271BB ] NBService C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe
15:47:59.0186 4524 NBService - ok
15:47:59.0576 4524 [ 8C9C922D71F1CD4DEF73F186416B7896 ] NDIS C:\windows\system32\drivers\ndis.sys
15:47:59.0654 4524 NDIS - ok
15:47:59.0888 4524 [ 0E1787AA6C9191D3D319E8BAFE86F80C ] NdisCap C:\windows\system32\DRIVERS\ndiscap.sys
15:48:00.0107 4524 NdisCap - ok
15:48:00.0216 4524 [ E4A8AEC125A2E43A9E32AFEEA7C9C888 ] NdisTapi C:\windows\system32\DRIVERS\ndistapi.sys
15:48:00.0325 4524 NdisTapi - ok
15:48:00.0481 4524 [ D8A65DAFB3EB41CBB622745676FCD072 ] Ndisuio C:\windows\system32\DRIVERS\ndisuio.sys
15:48:00.0575 4524 Ndisuio - ok
15:48:00.0653 4524 [ 38FBE267E7E6983311179230FACB1017 ] NdisWan C:\windows\system32\DRIVERS\ndiswan.sys
15:48:00.0731 4524 NdisWan - ok
15:48:00.0840 4524 [ A4BDC541E69674FBFF1A8FF00BE913F2 ] NDProxy C:\windows\system32\drivers\NDProxy.sys
15:48:00.0965 4524 NDProxy - ok
15:48:01.0043 4524 [ 80B275B1CE3B0E79909DB7B39AF74D51 ] NetBIOS C:\windows\system32\DRIVERS\netbios.sys
15:48:01.0136 4524 NetBIOS - ok
15:48:01.0292 4524 [ 280122DDCF04B378EDD1AD54D71C1E54 ] NetBT C:\windows\system32\DRIVERS\netbt.sys
15:48:01.0355 4524 NetBT - ok
15:48:01.0401 4524 [ 81951F51E318AECC2D68559E47485CC4 ] Netlogon C:\windows\system32\lsass.exe
15:48:01.0433 4524 Netlogon - ok
15:48:01.0713 4524 [ 7CCCFCA7510684768DA22092D1FA4DB2 ] Netman C:\windows\System32\netman.dll
15:48:01.0776 4524 Netman - ok
15:48:02.0025 4524 [ 8C338238C16777A802D6A9211EB2BA50 ] netprofm C:\windows\System32\netprofm.dll
15:48:02.0119 4524 netprofm - ok
15:48:02.0181 4524 [ F476EC40033CDB91EFBE73EB99B8362D ] NetTcpPortSharing C:\windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe
15:48:02.0306 4524 NetTcpPortSharing - ok
15:48:02.0447 4524 [ 1D85C4B390B0EE09C7A46B91EFB2C097 ] nfrd960 C:\windows\system32\DRIVERS\nfrd960.sys
15:48:02.0556 4524 nfrd960 - ok
15:48:02.0696 4524 [ 374071043F9E4231EE43BE2BB48DD36D ] NlaSvc C:\windows\System32\nlasvc.dll
15:48:02.0790 4524 NlaSvc - ok
15:48:03.0273 4524 [ D003B59B1A1522308B55462CA866E4D2 ] NMIndexingService C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe
15:48:03.0289 4524 NMIndexingService - ok
15:48:03.0336 4524 Norton PC Checkup Application Launcher - ok
15:48:03.0383 4524 [ 1DB262A9F8C087E8153D89BEF3D2235F ] Npfs C:\windows\system32\drivers\Npfs.sys
15:48:13.0304 4524 Npfs - ok
15:48:13.0491 4524 [ BA387E955E890C8A88306D9B8D06BF17 ] nsi C:\windows\system32\nsisvc.dll
15:48:13.0569 4524 nsi - ok
15:48:13.0632 4524 [ E9A0A4D07E53D8FEA2BB8387A3293C58 ] nsiproxy C:\windows\system32\drivers\nsiproxy.sys
15:48:13.0710 4524 nsiproxy - ok
15:48:14.0147 4524 [ 0D87503986BB3DFED58E343FE39DDE13 ] Ntfs C:\windows\system32\drivers\Ntfs.sys
15:48:15.0488 4524 Ntfs - ok
15:48:15.0551 4524 [ F9756A98D69098DCA8945D62858A812C ] Null C:\windows\system32\drivers\Null.sys
15:48:15.0613 4524 Null - ok
15:48:15.0785 4524 [ B3E25EE28883877076E0E1FF877D02E0 ] nvraid C:\windows\system32\drivers\nvraid.sys
15:48:16.0081 4524 nvraid - ok
15:48:16.0331 4524 [ 4380E59A170D88C4F1022EFF6719A8A4 ] nvstor C:\windows\system32\drivers\nvstor.sys
15:48:16.0627 4524 nvstor - ok
15:48:16.0705 4524 [ 5A0983915F02BAE73267CC2A041F717D ] nv_agp C:\windows\system32\drivers\nv_agp.sys
15:48:16.0955 4524 nv_agp - ok
15:48:17.0095 4524 [ 08A70A1F2CDDE9BB49B885CB817A66EB ] ohci1394 C:\windows\system32\drivers\ohci1394.sys
15:48:17.0282 4524 ohci1394 - ok
15:48:17.0579 4524 [ 9D10F99A6712E28F8ACD5641E3A7EA6B ] ose C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
15:48:17.0766 4524 ose - ok
15:48:18.0234 4524 [ 358A9CCA612C68EB2F07DDAD4CE1D8D7 ] osppsvc C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
15:48:18.0764 4524 osppsvc - ok
15:48:18.0811 4524 [ 82A8521DDC60710C3D3D3E7325209BEC ] p2pimsvc C:\windows\system32\pnrpsvc.dll
15:48:28.0015 4524 p2pimsvc - ok
15:48:28.0046 4524 [ 59C3DDD501E39E006DAC31BF55150D91 ] p2psvc C:\windows\system32\p2psvc.dll
15:48:33.0101 4524 p2psvc - ok
15:48:33.0163 4524 [ 2EA877ED5DD9713C5AC74E8EA7348D14 ] Parport C:\windows\system32\DRIVERS\parport.sys
15:48:38.0171 4524 Parport - ok
15:48:38.0264 4524 [ 3F34A1B4C5F6475F320C275E63AFCE9B ] partmgr C:\windows\system32\drivers\partmgr.sys
15:48:38.0295 4524 partmgr - ok
15:48:38.0327 4524 [ EB0A59F29C19B86479D36B35983DAADC ] Parvdm C:\windows\system32\DRIVERS\parvdm.sys
15:48:43.0365 4524 Parvdm - ok
15:48:43.0506 4524 [ 358AB7956D3160000726574083DFC8A6 ] PcaSvc C:\windows\System32\pcasvc.dll
15:48:43.0553 4524 PcaSvc - ok
15:48:43.0646 4524 [ 2F86BE1818C2D7AC90478E3323EE7FCB ] PCCUJobMgr C:\Program Files\Norton PC Checkup\Engine\2.0.3.202\ccSvcHst.exe
15:48:43.0693 4524 PCCUJobMgr - ok
15:48:43.0833 4524 [ 673E55C3498EB970088E812EA820AA8F ] pci C:\windows\system32\drivers\pci.sys
15:48:43.0974 4524 pci - ok
15:48:44.0052 4524 [ AFE86F419014DB4E5593F69FFE26CE0A ] pciide C:\windows\system32\drivers\pciide.sys
15:48:44.0130 4524 pciide - ok
15:48:44.0333 4524 [ F396431B31693E71E8A80687EF523506 ] pcmcia C:\windows\system32\DRIVERS\pcmcia.sys
15:48:44.0661 4524 pcmcia - ok
15:48:44.0739 4524 [ 250F6B43D2B613172035C6747AEEB19F ] pcw C:\windows\system32\drivers\pcw.sys
15:48:44.0864 4524 pcw - ok
15:48:45.0176 4524 [ 9E0104BA49F4E6973749A02BF41344ED ] PEAUTH C:\windows\system32\drivers\peauth.sys
15:48:45.0285 4524 PEAUTH - ok
15:48:45.0519 4524 [ 1B5011DD8D57F53AED31FF0F7D635802 ] PGEffect C:\windows\system32\DRIVERS\pgeffect.sys
15:48:45.0675 4524 PGEffect - ok
15:48:46.0330 4524 [ 414BBA67A3DED1D28437EB66AEB8A720 ] pla C:\windows\system32\pla.dll
15:48:46.0455 4524 pla - ok
15:48:46.0689 4524 [ EC7BC28D207DA09E79B3E9FAF8B232CA ] PlugPlay C:\windows\system32\umpnpmgr.dll
15:48:46.0783 4524 PlugPlay - ok
15:48:46.0876 4524 [ 63FF8572611249931EB16BB8EED6AFC8 ] PNRPAutoReg C:\windows\system32\pnrpauto.dll
15:48:46.0954 4524 PNRPAutoReg - ok
15:48:46.0970 4524 [ 82A8521DDC60710C3D3D3E7325209BEC ] PNRPsvc C:\windows\system32\pnrpsvc.dll
15:48:47.0001 4524 PNRPsvc - ok
15:48:47.0095 4524 [ 53946B69BA0836BD95B03759530C81EC ] PolicyAgent C:\windows\System32\ipsecsvc.dll
15:48:47.0204 4524 PolicyAgent - ok
15:48:47.0251 4524 [ F87D30E72E03D579A5199CCB3831D6EA ] Power C:\windows\system32\umpo.dll
15:48:47.0313 4524 Power - ok
15:48:47.0376 4524 [ 631E3E205AD6D86F2AED6A4A8E69F2DB ] PptpMiniport C:\windows\system32\DRIVERS\raspptp.sys
15:48:47.0407 4524 PptpMiniport - ok
15:48:47.0423 4524 [ 85B1E3A0C7585BC4AAE6899EC6FCF011 ] Processor C:\windows\system32\DRIVERS\processr.sys
15:48:47.0469 4524 Processor - ok
15:48:47.0657 4524 [ CADEFAC453040E370A1BDFF3973BE00D ] ProfSvc C:\windows\system32\profsvc.dll
15:48:47.0750 4524 ProfSvc - ok
15:48:47.0781 4524 [ 81951F51E318AECC2D68559E47485CC4 ] ProtectedStorage C:\windows\system32\lsass.exe
15:48:47.0797 4524 ProtectedStorage - ok
15:48:47.0891 4524 [ 6270CCAE2A86DE6D146529FE55B3246A ] Psched C:\windows\system32\DRIVERS\pacer.sys
15:48:47.0953 4524 Psched - ok
15:48:48.0015 4524 [ A0DB243AF3A2E427C172AF2BBA325473 ] QIOMem C:\windows\system32\DRIVERS\QIOMem.sys
15:48:48.0078 4524 QIOMem - ok
15:48:48.0468 4524 [ AB95ECF1F6659A60DDC166D8315B0751 ] ql2300 C:\windows\system32\DRIVERS\ql2300.sys
15:48:48.0561 4524 ql2300 - ok
15:48:48.0608 4524 [ B4DD51DD25182244B86737DC51AF2270 ] ql40xx C:\windows\system32\DRIVERS\ql40xx.sys
15:48:48.0702 4524 ql40xx - ok
15:48:48.0780 4524 [ 31AC809E7707EB580B2BDB760390765A ] QWAVE C:\windows\system32\qwave.dll
15:48:48.0827 4524 QWAVE - ok
15:48:48.0858 4524 [ 584078CA1B95CA72DF2A27C336F9719D ] QWAVEdrv C:\windows\system32\drivers\qwavedrv.sys
15:48:48.0905 4524 QWAVEdrv - ok
15:48:48.0983 4524 [ 30A81B53C766D0133BB86D234E5556AB ] RasAcd C:\windows\system32\DRIVERS\rasacd.sys
15:48:49.0139 4524 RasAcd - ok
15:48:49.0263 4524 [ 57EC4AEF73660166074D8F7F31C0D4FD ] RasAgileVpn C:\windows\system32\DRIVERS\AgileVpn.sys
15:48:49.0373 4524 RasAgileVpn - ok
15:48:49.0419 4524 [ A60F1839849C0C00739787FD5EC03F13 ] RasAuto C:\windows\System32\rasauto.dll
15:48:49.0482 4524 RasAuto - ok
15:48:49.0560 4524 [ D9F91EAFEC2815365CBE6D167E4E332A ] Rasl2tp C:\windows\system32\DRIVERS\rasl2tp.sys
15:48:49.0669 4524 Rasl2tp - ok
15:48:49.0856 4524 [ CB9E04DC05EACF5B9A36CA276D475006 ] RasMan C:\windows\System32\rasmans.dll
15:48:49.0934 4524 RasMan - ok
15:48:50.0028 4524 [ 0FE8B15916307A6AC12BFB6A63E45507 ] RasPppoe C:\windows\system32\DRIVERS\raspppoe.sys
15:48:50.0075 4524 RasPppoe - ok
15:48:50.0153 4524 [ 44101F495A83EA6401D886E7FD70096B ] RasSstp C:\windows\system32\DRIVERS\rassstp.sys
15:48:50.0231 4524 RasSstp - ok
15:48:50.0355 4524 [ D528BC58A489409BA40334EBF96A311B ] rdbss C:\windows\system32\DRIVERS\rdbss.sys
15:48:50.0418 4524 rdbss - ok
15:48:50.0480 4524 [ 0D8F05481CB76E70E1DA06EE9F0DA9DF ] rdpbus C:\windows\system32\DRIVERS\rdpbus.sys
15:48:50.0605 4524 rdpbus - ok
15:48:50.0652 4524 [ 23DAE03F29D253AE74C44F99E515F9A1 ] RDPCDD C:\windows\system32\DRIVERS\RDPCDD.sys
15:48:50.0761 4524 RDPCDD - ok
15:48:50.0808 4524 [ 5A53CA1598DD4156D44196D200C94B8A ] RDPENCDD C:\windows\system32\drivers\rdpencdd.sys
15:48:50.0870 4524 RDPENCDD - ok
15:48:50.0901 4524 [ 44B0A53CD4F27D50ED461DAE0C0B4E1F ] RDPREFMP C:\windows\system32\drivers\rdprefmp.sys
15:48:50.0964 4524 RDPREFMP - ok
15:48:51.0026 4524 [ F031683E6D1FEA157ABB2FF260B51E61 ] RDPWD C:\windows\system32\drivers\RDPWD.sys
15:48:51.0135 4524 RDPWD - ok
15:48:51.0245 4524 [ 518395321DC96FE2C9F0E96AC743B656 ] rdyboost C:\windows\system32\drivers\rdyboost.sys
15:48:51.0307 4524 rdyboost - ok
15:48:51.0401 4524 [ 7B5E1419717FAC363A31CC302895217A ] RemoteAccess C:\windows\System32\mprdim.dll
15:48:51.0494 4524 RemoteAccess - ok
15:48:51.0588 4524 [ CB9A8683F4EF2BF99E123D79950D7935 ] RemoteRegistry C:\windows\system32\regsvc.dll
15:48:51.0650 4524 RemoteRegistry - ok
15:48:51.0744 4524 [ 78D072F35BC45D9E4E1B61895C152234 ] RpcEptMapper C:\windows\System32\RpcEpMap.dll
15:48:51.0791 4524 RpcEptMapper - ok
15:48:51.0853 4524 [ 94D36C0E44677DD26981D2BFEEF2A29D ] RpcLocator C:\windows\system32\locator.exe
15:48:51.0900 4524 RpcLocator - ok
15:48:52.0071 4524 [ 7660F01D3B38ACA1747E397D21D790AF ] RpcSs C:\windows\system32\rpcss.dll
15:48:52.0134 4524 RpcSs - ok
15:48:52.0243 4524 [ 032B0D36AD92B582D869879F5AF5B928 ] rspndr C:\windows\system32\DRIVERS\rspndr.sys
15:48:52.0383 4524 rspndr - ok
15:48:52.0602 4524 [ 867BEB23207BA425C85293BB0D3EA971 ] RSUSBSTOR C:\windows\system32\Drivers\RtsUStor.sys
15:48:52.0742 4524 RSUSBSTOR - ok
15:48:53.0304 4524 [ 44B7739F2D623AD6FB46755BB60351A4 ] rtl8192se C:\windows\system32\DRIVERS\rtl8192se.sys
15:48:53.0475 4524 rtl8192se - ok
15:48:53.0522 4524 [ 81951F51E318AECC2D68559E47485CC4 ] SamSs C:\windows\system32\lsass.exe
15:48:53.0538 4524 SamSs - ok
15:48:53.0694 4524 [ 05D860DA1040F111503AC416CCEF2BCA ] sbp2port C:\windows\system32\drivers\sbp2port.sys
15:48:53.0865 4524 sbp2port - ok
15:48:54.0021 4524 [ 8FC518FFE9519C2631D37515A68009C4 ] SCardSvr C:\windows\System32\SCardSvr.dll
15:48:54.0068 4524 SCardSvr - ok
15:48:54.0131 4524 [ 0693B5EC673E34DC147E195779A4DCF6 ] scfilter C:\windows\system32\DRIVERS\scfilter.sys
15:48:54.0209 4524 scfilter - ok
15:48:54.0505 4524 [ A04BB13F8A72F8B6E8B4071723E4E336 ] Schedule C:\windows\system32\schedsvc.dll
15:48:54.0599 4524 Schedule - ok
15:48:54.0614 4524 [ 319C6B309773D063541D01DF8AC6F55F ] SCPolicySvc C:\windows\System32\certprop.dll
15:48:54.0677 4524 SCPolicySvc - ok
15:48:54.0739 4524 [ 08236C4BCE5EDD0A0318A438AF28E0F7 ] SDRSVC C:\windows\System32\SDRSVC.dll
15:48:54.0864 4524 SDRSVC - ok
15:48:54.0973 4524 SeaPort - ok
15:48:55.0098 4524 [ 90A3935D05B494A5A39D37E71F09A677 ] secdrv C:\windows\system32\drivers\secdrv.sys
15:48:55.0223 4524 secdrv - ok
15:48:55.0285 4524 [ A59B3A4442C52060CC7A85293AA3546F ] seclogon C:\windows\system32\seclogon.dll
15:48:55.0425 4524 seclogon - ok
15:48:55.0550 4524 [ DCB7FCDCC97F87360F75D77425B81737 ] SENS C:\windows\system32\sens.dll
15:48:55.0597 4524 SENS - ok
15:48:55.0659 4524 [ 50087FE1EE447009C9CC2997B90DE53F ] SensrSvc C:\windows\system32\sensrsvc.dll
15:48:55.0769 4524 SensrSvc - ok
15:48:55.0847 4524 [ 9AD8B8B515E3DF6ACD4212EF465DE2D1 ] Serenum C:\windows\system32\DRIVERS\serenum.sys
15:48:55.0893 4524 Serenum - ok
15:48:55.0940 4524 [ 5FB7FCEA0490D821F26F39CC5EA3D1E2 ] Serial C:\windows\system32\DRIVERS\serial.sys
15:48:56.0112 4524 Serial - ok
15:48:56.0283 4524 [ 79BFFB520327FF916A582DFEA17AA813 ] sermouse C:\windows\system32\DRIVERS\sermouse.sys
15:48:56.0486 4524 sermouse - ok
15:48:56.0642 4524 [ 4AE380F39A0032EAB7DD953030B26D28 ] SessionEnv C:\windows\system32\sessenv.dll
15:48:56.0705 4524 SessionEnv - ok
15:48:56.0751 4524 [ 9F976E1EB233DF46FCE808D9DEA3EB9C ] sffdisk C:\windows\system32\drivers\sffdisk.sys
15:48:56.0814 4524 sffdisk - ok
15:48:56.0829 4524 [ 932A68EE27833CFD57C1639D375F2731 ] sffp_mmc C:\windows\system32\drivers\sffp_mmc.sys
15:48:56.0892 4524 sffp_mmc - ok
15:48:56.0892 4524 [ 6D4CCAEDC018F1CF52866BBBAA235982 ] sffp_sd C:\windows\system32\drivers\sffp_sd.sys
15:48:56.0939 4524 sffp_sd - ok
15:48:56.0985 4524 [ DB96666CC8312EBC45032F30B007A547 ] sfloppy C:\windows\system32\DRIVERS\sfloppy.sys
15:48:57.0048 4524 sfloppy - ok
15:48:57.0188 4524 [ D1A079A0DE2EA524513B6930C24527A2 ] SharedAccess C:\windows\System32\ipnathlp.dll
15:48:57.0251 4524 SharedAccess - ok
15:48:57.0297 4524 [ 414DA952A35BF5D50192E28263B40577 ] ShellHWDetection C:\windows\System32\shsvcs.dll
15:48:57.0375 4524 ShellHWDetection - ok
15:48:57.0453 4524 [ 2565CAC0DC9FE0371BDCE60832582B2E ] sisagp C:\windows\system32\drivers\sisagp.sys
15:48:57.0500 4524 sisagp - ok
15:48:57.0609 4524 [ A9F0486851BECB6DDA1D89D381E71055 ] SiSRaid2 C:\windows\system32\DRIVERS\SiSRaid2.sys
15:48:57.0734 4524 SiSRaid2 - ok
15:48:57.0765 4524 [ 3727097B55738E2F554972C3BE5BC1AA ] SiSRaid4 C:\windows\system32\DRIVERS\sisraid4.sys
15:48:57.0875 4524 SiSRaid4 - ok
15:48:58.0155 4524 [ F07AF60B152221472FBDB2FECEC4896D ] SkypeUpdate C:\Program Files\Skype\Updater\Updater.exe
15:48:58.0389 4524 SkypeUpdate - ok
15:48:58.0499 4524 [ 3E21C083B8A01CB70BA1F09303010FCE ] Smb C:\windows\system32\DRIVERS\smb.sys
15:48:58.0686 4524 Smb - ok
15:48:58.0920 4524 [ 6A984831644ECA1A33FFEAE4126F4F37 ] SNMPTRAP C:\windows\System32\snmptrap.exe
15:48:58.0967 4524 SNMPTRAP - ok
15:48:59.0123 4524 [ 95CF1AE7527FB70F7816563CBC09D942 ] spldr C:\windows\system32\drivers\spldr.sys
15:48:59.0154 4524 spldr - ok
15:48:59.0325 4524 [ 9AEA093B8F9C37CF45538382CABA2475 ] Spooler C:\windows\System32\spoolsv.exe
15:48:59.0388 4524 Spooler - ok
15:48:59.0513 4524 [ CF87A1DE791347E75B98885214CED2B8 ] sppsvc C:\windows\system32\sppsvc.exe
15:48:59.0575 4524 sppsvc - ok
15:48:59.0637 4524 [ B0180B20B065D89232A78A40FE56EAA6 ] sppuinotify C:\windows\system32\sppuinotify.dll
15:48:59.0731 4524 sppuinotify - ok
15:48:59.0778 4524 [ 86EBD8B1F23E743AAD21F4D5B4D40985 ] SQLBrowser c:\Program Files\Microsoft SQL Server\90\Shared\sqlbrowser.exe
15:48:59.0809 4524 SQLBrowser - ok
15:48:59.0840 4524 [ D89083C4EB02DACA8F944B0E05E57F9D ] SQLWriter c:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
15:48:59.0871 4524 SQLWriter - ok
15:48:59.0934 4524 [ E4C2764065D66EA1D2D3EBC28FE99C46 ] srv C:\windows\system32\DRIVERS\srv.sys
15:49:00.0059 4524 srv - ok
15:49:00.0105 4524 [ 03F0545BD8D4C77FA0AE1CEEDFCC71AB ] srv2 C:\windows\system32\DRIVERS\srv2.sys
15:49:00.0199 4524 srv2 - ok
15:49:00.0417 4524 [ E00FDFAFF025E94F9821153750C35A6D ] SrvHsfHDA C:\windows\system32\DRIVERS\VSTAZL3.SYS
15:49:00.0636 4524 SrvHsfHDA - ok
15:49:00.0776 4524 [ CEB4E3B6890E1E42DCA6694D9E59E1A0 ] SrvHsfV92 C:\windows\system32\DRIVERS\VSTDPV3.SYS
15:49:01.0821 4524 SrvHsfV92 - ok
15:49:01.0931 4524 [ BC0C7EA89194C299F051C24119000E17 ] SrvHsfWinac C:\windows\system32\DRIVERS\VSTCNXT3.SYS
15:49:02.0024 4524 SrvHsfWinac - ok
15:49:02.0087 4524 [ BE6BD660CAA6F291AE06A718A4FA8ABC ] srvnet C:\windows\system32\DRIVERS\srvnet.sys
15:49:02.0149 4524 srvnet - ok
15:49:02.0243 4524 [ D887C9FD02AC9FA880F6E5027A43E118 ] SSDPSRV C:\windows\System32\ssdpsrv.dll
15:49:02.0289 4524 SSDPSRV - ok
15:49:02.0321 4524 [ D318F23BE45D5E3A107469EB64815B50 ] SstpSvc C:\windows\system32\sstpsvc.dll
15:49:02.0383 4524 SstpSvc - ok
15:49:02.0461 4524 [ DB32D325C192B801DF274BFD12A7E72B ] stexstor C:\windows\system32\DRIVERS\stexstor.sys
15:49:02.0523 4524 stexstor - ok
15:49:02.0633 4524 [ E1FB3706030FB4578A0D72C2FC3689E4 ] StiSvc C:\windows\System32\wiaservc.dll
15:49:02.0679 4524 StiSvc - ok
15:49:02.0757 4524 [ E58C78A848ADD9610A4DB6D214AF5224 ] swenum C:\windows\system32\drivers\swenum.sys
15:49:02.0773 4524 swenum - ok
15:49:02.0913 4524 [ A28BD92DF340E57B024BA433165D34D7 ] swprv C:\windows\System32\swprv.dll
15:49:03.0023 4524 swprv - ok
15:49:03.0288 4524 [ 9A28F1C47CE0C8BBC02AAF5941AB44CD ] SynTP C:\windows\system32\DRIVERS\SynTP.sys
15:49:03.0335 4524 SynTP - ok
15:49:03.0787 4524 [ 36650D618CA34C9D357DFD3D89B2C56F ] SysMain C:\windows\system32\sysmain.dll
15:49:03.0849 4524 SysMain - ok
15:49:03.0943 4524 [ 763FECDC3D30C815FE72DD57936C6CD1 ] TabletInputService C:\windows\System32\TabSvc.dll
15:49:03.0990 4524 TabletInputService - ok
15:49:04.0052 4524 [ 613BF4820361543956909043A265C6AC ] TapiSrv C:\windows\System32\tapisrv.dll
15:49:04.0115 4524 TapiSrv - ok
15:49:04.0161 4524 [ B799D9FDB26111737F58288D8DC172D9 ] TBS C:\windows\System32\tbssvc.dll
15:49:04.0239 4524 TBS - ok
15:49:04.0505 4524 [ E23A56F843E2AEBBB209D0ACCA73C640 ] Tcpip C:\windows\system32\drivers\tcpip.sys
15:49:04.0661 4524 Tcpip - ok
15:49:04.0895 4524 [ E23A56F843E2AEBBB209D0ACCA73C640 ] TCPIP6 C:\windows\system32\DRIVERS\tcpip.sys
15:49:04.0957 4524 TCPIP6 - ok
15:49:05.0238 4524 [ 3EEBD3BD93DA46A26E89893C7AB2FF3B ] tcpipreg C:\windows\system32\drivers\tcpipreg.sys
15:49:05.0347 4524 tcpipreg - ok
15:49:05.0441 4524 [ 4084EA00D50C858D6F9038F86AE2E2D0 ] tdcmdpst C:\windows\system32\DRIVERS\tdcmdpst.sys
15:49:05.0472 4524 tdcmdpst - ok
15:49:05.0565 4524 [ 1CB91B2BD8F6DD367DFC2EF26FD751B2 ] TDPIPE C:\windows\system32\drivers\tdpipe.sys
15:49:05.0784 4524 TDPIPE - ok
15:49:05.0862 4524 [ 2C2C5AFE7EE4F620D69C23C0617651A8 ] TDTCP C:\windows\system32\drivers\tdtcp.sys
15:49:06.0002 4524 TDTCP - ok
15:49:06.0096 4524 [ B459575348C20E8121D6039DA063C704 ] tdx C:\windows\system32\DRIVERS\tdx.sys
15:49:06.0205 4524 tdx - ok
15:49:06.0299 4524 [ 04DBF4B01EA4BF25A9A3E84AFFAC9B20 ] TermDD C:\windows\system32\drivers\termdd.sys
15:49:06.0330 4524 TermDD - ok
15:49:06.0533 4524 [ 382C804C92811BE57829D8E550A900E2 ] TermService C:\windows\System32\termsrv.dll
15:49:06.0595 4524 TermService - ok
15:49:06.0673 4524 [ 42FB6AFD6B79D9FE07381609172E7CA4 ] Themes C:\windows\system32\themeservice.dll
15:49:06.0720 4524 Themes - ok
15:49:06.0735 4524 [ 146B6F43A673379A3C670E86D89BE5EA ] THREADORDER C:\windows\system32\mmcss.dll
15:49:06.0813 4524 THREADORDER - ok
15:49:06.0891 4524 [ 28644B0523D64EFF2FC7312A2EE74B0A ] TMachInfo C:\Program Files\TOSHIBA\TOSHIBA Service Station\TMachInfo.exe
15:49:06.0923 4524 TMachInfo - ok
15:49:07.0110 4524 [ FB5DFD175E3BE936D87CCBA4A2B0EAAD ] tmactmon C:\windows\system32\DRIVERS\tmactmon.sys
15:49:07.0125 4524 tmactmon - ok
15:49:07.0266 4524 [ 20AC031A8E2AC58EC9F04BD728071D43 ] tmcomm C:\windows\system32\DRIVERS\tmcomm.sys
15:49:07.0297 4524 tmcomm - ok
15:49:07.0422 4524 [ 96132CF615891C05494F5321C8245086 ] tmevtmgr C:\windows\system32\DRIVERS\tmevtmgr.sys
15:49:07.0453 4524 tmevtmgr - ok
15:49:07.0640 4524 [ A6E20B094A8D3E3F46D10BBE7E1EBB82 ] tmtdi C:\windows\system32\DRIVERS\tmtdi.sys
15:49:07.0671 4524 tmtdi - ok
15:49:07.0718 4524 [ FE65D33B7D4FF07DD1D29526A48DF810 ] TODDSrv C:\windows\system32\TODDSrv.exe
15:49:07.0749 4524 TODDSrv - ok
15:49:08.0030 4524 [ 85EDF7A274435E4DF051BB23F8E01581 ] TosCoSrv C:\Program Files\Toshiba\Power Saver\TosCoSrv.exe
15:49:08.0061 4524 TosCoSrv - ok
15:49:08.0217 4524 [ C0137AFD260FCA1FD5B754B880A1238C ] TOSHIBA eco Utility Service C:\Program Files\TOSHIBA\TECO\TecoService.exe
15:49:08.0280 4524 TOSHIBA eco Utility Service ( UnsignedFile.Multi.Generic ) - warning
15:49:08.0280 4524 TOSHIBA eco Utility Service - detected UnsignedFile.Multi.Generic (1)
15:49:08.0436 4524 [ 991E324DC137402148E01C2269632C6B ] TOSHIBA HDD SSD Alert Service C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSmartSrv.exe
15:49:08.0451 4524 TOSHIBA HDD SSD Alert Service - ok
15:49:08.0763 4524 [ 7A3015457209333D5D08FF10A8F0C120 ] TPCHSrv C:\Program Files\TOSHIBA\TPHM\TPCHSrv.exe
15:49:08.0795 4524 TPCHSrv - ok
15:49:08.0935 4524 [ 4792C0378DB99A9BC2AE2DE6CFFF0C3A ] TrkWks C:\windows\System32\trkwks.dll
15:49:08.0997 4524 TrkWks - ok
15:49:09.0247 4524 [ 2C49B175AEE1D4364B91B531417FE583 ] TrustedInstaller C:\windows\servicing\TrustedInstaller.exe
15:49:09.0294 4524 TrustedInstaller - ok
15:49:09.0387 4524 [ 254BB140EEE3C59D6114C1A86B636877 ] tssecsrv C:\windows\system32\DRIVERS\tssecsrv.sys
15:49:09.0450 4524 tssecsrv - ok
15:49:09.0528 4524 [ FD1D6C73E6333BE727CBCC6054247654 ] TsUsbFlt C:\windows\system32\drivers\tsusbflt.sys
15:49:09.0637 4524 TsUsbFlt - ok
15:49:09.0793 4524 [ B2FA25D9B17A68BB93D58B0556E8C90D ] tunnel C:\windows\system32\DRIVERS\tunnel.sys
15:49:09.0902 4524 tunnel - ok
15:49:09.0980 4524 [ FC24015B4052600C324C43E3A79C0664 ] TVALZ C:\windows\system32\DRIVERS\TVALZ_O.SYS
15:49:10.0027 4524 TVALZ - ok
15:49:10.0152 4524 [ 866462F5AE3F375EF83EF9DCE436031C ] TVALZFL C:\windows\system32\DRIVERS\TVALZFL.sys
15:49:10.0183 4524 TVALZFL - ok
15:49:10.0277 4524 [ 750FBCB269F4D7DD2E420C56B795DB6D ] uagp35 C:\windows\system32\DRIVERS\uagp35.sys
15:49:10.0308 4524 uagp35 - ok
15:49:10.0401 4524 [ EE43346C7E4B5E63E54F927BABBB32FF ] udfs C:\windows\system32\DRIVERS\udfs.sys
15:49:10.0511 4524 udfs - ok
15:49:10.0573 4524 [ 8344FD4FCE927880AA1AA7681D4927E5 ] UI0Detect C:\windows\system32\UI0Detect.exe
15:49:10.0635 4524 UI0Detect - ok
15:49:10.0760 4524 [ 44E8048ACE47BEFBFDC2E9BE4CBC8880 ] uliagpkx C:\windows\system32\drivers\uliagpkx.sys
15:49:10.0854 4524 uliagpkx - ok
15:49:10.0947 4524 [ D295BED4B898F0FD999FCFA9B32B071B ] umbus C:\windows\system32\drivers\umbus.sys
15:49:11.0025 4524 umbus - ok
15:49:11.0166 4524 [ 7550AD0C6998BA1CB4843E920EE0FEAC ] UmPass C:\windows\system32\DRIVERS\umpass.sys
15:49:11.0369 4524 UmPass - ok
15:49:12.0180 4524 [ 7466809E6DA561D60C2F1CE8EDE3C73F ] UNS C:\Program Files\Intel\Intel® Management Engine Components\UNS\UNS.exe
15:49:12.0242 4524 UNS - ok
15:49:12.0367 4524 [ 833FBB672460EFCE8011D262175FAD33 ] upnphost C:\windows\System32\upnphost.dll
15:49:12.0429 4524 upnphost - ok
15:49:12.0570 4524 [ 73B41F4EAD65F355962168D766AF0F2E ] USBAAPL C:\windows\system32\Drivers\usbaapl.sys
15:49:12.0773 4524 USBAAPL - ok
15:49:12.0851 4524 [ BD9C55D7023C5DE374507ACC7A14E2AC ] usbccgp C:\windows\system32\DRIVERS\usbccgp.sys
15:49:12.0913 4524 usbccgp - ok
15:49:13.0053 4524 [ 04EC7CEC62EC3B6D9354EEE93327FC82 ] usbcir C:\windows\system32\drivers\usbcir.sys
15:49:13.0459 4524 usbcir - ok
15:49:13.0506 4524 [ F92DE757E4B7CE9C07C5E65423F3AE3B ] usbehci C:\windows\system32\drivers\usbehci.sys
15:49:13.0521 4524 usbehci - ok
15:49:13.0709 4524 [ 8DC94AEC6A7E644A06135AE7506DC2E9 ] usbhub C:\windows\system32\DRIVERS\usbhub.sys
15:49:13.0802 4524 usbhub - ok
15:49:13.0911 4524 [ E185D44FAC515A18D9DEDDC23C2CDF44 ] usbohci C:\windows\system32\drivers\usbohci.sys
15:49:14.0083 4524 usbohci - ok
15:49:14.0255 4524 [ 797D862FE0875E75C7CC4C1AD7B30252 ] usbprint C:\windows\system32\DRIVERS\usbprint.sys
15:49:14.0520 4524 usbprint - ok
15:49:14.0645 4524 [ F991AB9CC6B908DB552166768176896A ] USBSTOR C:\windows\system32\drivers\USBSTOR.SYS

TDSKiller Log File (part 2)

15:49:14.0925 4524 USBSTOR - ok
15:49:15.0081 4524 [ 68DF884CF41CDADA664BEB01DAF67E3D ] usbuhci C:\windows\system32\drivers\usbuhci.sys
15:49:15.0206 4524 usbuhci - ok
15:49:15.0627 4524 [ 45F4E7BF43DB40A6C6B4D92C76CBC3F2 ] usbvideo C:\windows\System32\Drivers\usbvideo.sys
15:49:15.0721 4524 usbvideo - ok
15:49:16.0095 4524 [ 081E6E1C91AEC36758902A9F727CD23C ] UxSms C:\windows\System32\uxsms.dll
15:49:16.0173 4524 UxSms - ok
15:49:16.0236 4524 [ 81951F51E318AECC2D68559E47485CC4 ] VaultSvc C:\windows\system32\lsass.exe
15:49:16.0485 4524 VaultSvc - ok
15:49:16.0626 4524 [ A059C4C3EDB09E07D21A8E5C0AABD3CB ] vdrvroot C:\windows\system32\drivers\vdrvroot.sys
15:49:16.0688 4524 vdrvroot - ok
15:49:16.0969 4524 [ C3CD30495687C2A2F66A65CA6FD89BE9 ] vds C:\windows\System32\vds.exe
15:49:17.0063 4524 vds - ok
15:49:17.0203 4524 [ 17C408214EA61696CEC9C66E388B14F3 ] vga C:\windows\system32\DRIVERS\vgapnp.sys
15:49:17.0328 4524 vga - ok
15:49:17.0375 4524 [ 8E38096AD5C8570A6F1570A61E251561 ] VgaSave C:\windows\System32\drivers\vga.sys
15:49:17.0406 4524 VgaSave - ok
15:49:17.0499 4524 [ 5461686CCA2FDA57B024547733AB42E3 ] vhdmp C:\windows\system32\drivers\vhdmp.sys
15:49:17.0702 4524 vhdmp - ok
15:49:17.0765 4524 [ C829317A37B4BEA8F39735D4B076E923 ] viaagp C:\windows\system32\drivers\viaagp.sys
15:49:17.0858 4524 viaagp - ok
15:49:17.0921 4524 [ E02F079A6AA107F06B16549C6E5C7B74 ] ViaC7 C:\windows\system32\DRIVERS\viac7.sys
15:49:18.0014 4524 ViaC7 - ok
15:49:18.0045 4524 [ E43574F6A56A0EE11809B48C09E4FD3C ] viaide C:\windows\system32\drivers\viaide.sys
15:49:18.0155 4524 viaide - ok
15:49:18.0201 4524 [ 4C63E00F2F4B5F86AB48A58CD990F212 ] volmgr C:\windows\system32\drivers\volmgr.sys
15:49:18.0326 4524 volmgr - ok
15:49:18.0545 4524 [ B5BB72067DDDDBBFB04B2F89FF8C3C87 ] volmgrx C:\windows\system32\drivers\volmgrx.sys
15:49:18.0576 4524 volmgrx - ok
15:49:18.0701 4524 [ F497F67932C6FA693D7DE2780631CFE7 ] volsnap C:\windows\system32\drivers\volsnap.sys
15:49:18.0841 4524 volsnap - ok
15:49:18.0997 4524 [ 9DFA0CC2F8855A04816729651175B631 ] vsmraid C:\windows\system32\DRIVERS\vsmraid.sys
15:49:19.0137 4524 vsmraid - ok
15:49:19.0730 4524 [ 209A3B1901B83AEB8527ED211CCE9E4C ] VSS C:\windows\system32\vssvc.exe
15:49:19.0808 4524 VSS - ok
15:49:19.0855 4524 [ 90567B1E658001E79D7C8BBD3DDE5AA6 ] vwifibus C:\windows\system32\DRIVERS\vwifibus.sys
15:49:19.0949 4524 vwifibus - ok
15:49:20.0027 4524 [ 7090D3436EEB4E7DA3373090A23448F7 ] vwififlt C:\windows\system32\DRIVERS\vwififlt.sys
15:49:20.0151 4524 vwififlt - ok
15:49:20.0183 4524 [ 55187FD710E27D5095D10A472C8BAF1C ] W32Time C:\windows\system32\w32time.dll
15:49:20.0229 4524 W32Time - ok
15:49:20.0261 4524 [ DE3721E89C653AA281428C8A69745D90 ] WacomPen C:\windows\system32\DRIVERS\wacompen.sys
15:49:20.0323 4524 WacomPen - ok
15:49:20.0370 4524 [ 3C3C78515F5AB448B022BDF5B8FFDD2E ] WANARP C:\windows\system32\DRIVERS\wanarp.sys
15:49:20.0417 4524 WANARP - ok
15:49:20.0417 4524 [ 3C3C78515F5AB448B022BDF5B8FFDD2E ] Wanarpv6 C:\windows\system32\DRIVERS\wanarp.sys
15:49:20.0448 4524 Wanarpv6 - ok
15:49:20.0573 4524 [ 353A04C273EC58475D8633E75CCD5604 ] WatAdminSvc C:\windows\system32\Wat\WatAdminSvc.exe
15:49:20.0760 4524 WatAdminSvc - ok
15:49:20.0869 4524 [ 691E3285E53DCA558E1A84667F13E15A ] wbengine C:\windows\system32\wbengine.exe
15:49:21.0009 4524 wbengine - ok
15:49:21.0072 4524 [ 9614B5D29DC76AC3C29F6D2D3AA70E67 ] WbioSrvc C:\windows\System32\wbiosrvc.dll
15:49:21.0165 4524 WbioSrvc - ok
15:49:21.0321 4524 [ 34EEE0DFAADB4F691D6D5308A51315DC ] wcncsvc C:\windows\System32\wcncsvc.dll
15:49:21.0399 4524 wcncsvc - ok
15:49:21.0477 4524 [ 5D930B6357A6D2AF4D7653BDABBF352F ] WcsPlugInService C:\windows\System32\WcsPlugInService.dll
15:49:21.0618 4524 WcsPlugInService - ok
15:49:21.0696 4524 [ 1112A9BADACB47B7C0BB0392E3158DFF ] Wd C:\windows\system32\DRIVERS\wd.sys
15:49:21.0758 4524 Wd - ok
15:49:21.0836 4524 [ D6EFAF429FD30C5DF613D220E344CCE7 ] WDC_SAM C:\windows\system32\DRIVERS\wdcsam.sys
15:49:22.0008 4524 WDC_SAM - ok
15:49:22.0335 4524 [ A840213F1ACDCC175B4D1D5AAEAC0D7A ] Wdf01000 C:\windows\system32\drivers\Wdf01000.sys
15:49:22.0398 4524 Wdf01000 - ok
15:49:22.0445 4524 [ 46EF9DC96265FD0B423DB72E7C38C2A5 ] WdiServiceHost C:\windows\system32\wdi.dll
15:49:23.0006 4524 WdiServiceHost - ok
15:49:23.0022 4524 [ 46EF9DC96265FD0B423DB72E7C38C2A5 ] WdiSystemHost C:\windows\system32\wdi.dll
15:49:23.0037 4524 WdiSystemHost - ok
15:49:23.0193 4524 [ A9D880F97530D5B8FEE278923349929D ] WebClient C:\windows\System32\webclnt.dll
15:49:23.0381 4524 WebClient - ok
15:49:23.0521 4524 [ 760F0AFE937A77CFF27153206534F275 ] Wecsvc C:\windows\system32\wecsvc.dll
15:49:23.0583 4524 Wecsvc - ok
15:49:23.0630 4524 [ AC804569BB2364FB6017370258A4091B ] wercplsupport C:\windows\System32\wercplsupport.dll
15:49:23.0708 4524 wercplsupport - ok
15:49:23.0880 4524 [ 08E420D873E4FD85241EE2421B02C4A4 ] WerSvc C:\windows\System32\WerSvc.dll
15:49:23.0973 4524 WerSvc - ok
15:49:24.0129 4524 [ 8B9A943F3B53861F2BFAF6C186168F79 ] WfpLwf C:\windows\system32\DRIVERS\wfplwf.sys
15:49:24.0176 4524 WfpLwf - ok
15:49:24.0192 4524 [ 5CF95B35E59E2A38023836FFF31BE64C ] WIMMount C:\windows\system32\drivers\wimmount.sys
15:49:24.0223 4524 WIMMount - ok
15:49:24.0410 4524 [ 8B976D4CA270110111DF4F313DA0E6E8 ] winachsf C:\windows\system32\DRIVERS\HSX_CNXT.sys
15:49:24.0473 4524 winachsf - ok
15:49:24.0738 4524 [ 3FAE8F94296001C32EAB62CD7D82E0FD ] WinDefend C:\Program Files\Windows Defender\mpsvc.dll
15:49:24.0847 4524 WinDefend - ok
15:49:24.0847 4524 WinHttpAutoProxySvc - ok
15:49:25.0034 4524 [ F62E510B6AD4C21EB9FE8668ED251826 ] Winmgmt C:\windows\system32\wbem\WMIsvc.dll
15:49:25.0081 4524 Winmgmt - ok
15:49:25.0596 4524 [ 1B91CD34EA3A90AB6A4EF0550174F4CC ] WinRM C:\windows\system32\WsmSvc.dll
15:49:25.0861 4524 WinRM - ok
15:49:26.0220 4524 [ A67E5F9A400F3BD1BE3D80613B45F708 ] WinUsb C:\windows\system32\DRIVERS\WinUsb.sys
15:49:26.0438 4524 WinUsb - ok
15:49:26.0937 4524 [ 16935C98FF639D185086A3529B1F2067 ] Wlansvc C:\windows\System32\wlansvc.dll
15:49:27.0031 4524 Wlansvc - ok
15:49:28.0139 4524 [ 5144AE67D60EC653F97DDF3FEED29E77 ] wlidsvc C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
15:49:28.0482 4524 wlidsvc - ok
15:49:28.0607 4524 [ 0217679B8FCA58714C3BF2726D2CA84E ] WmiAcpi C:\windows\system32\drivers\wmiacpi.sys
15:49:28.0700 4524 WmiAcpi - ok
15:49:28.0903 4524 [ 6EB6B66517B048D87DC1856DDF1F4C3F ] wmiApSrv C:\windows\system32\wbem\WmiApSrv.exe
15:49:28.0950 4524 wmiApSrv - ok
15:49:29.0730 4524 [ 3B40D3A61AA8C21B88AE57C58AB3122E ] WMPNetworkSvc C:\Program Files\Windows Media Player\wmpnetwk.exe
15:49:29.0792 4524 WMPNetworkSvc - ok
15:49:29.0964 4524 [ A2F0EC770A92F2B3F9DE6D518E11409C ] WPCSvc C:\windows\System32\wpcsvc.dll
15:49:30.0135 4524 WPCSvc - ok
15:49:30.0323 4524 [ AA53356D60AF47EACC85BC617A4F3F66 ] WPDBusEnum C:\windows\system32\wpdbusenum.dll
15:49:30.0369 4524 WPDBusEnum - ok
15:49:30.0479 4524 [ 6DB3276587B853BF886B69528FDB048C ] ws2ifsl C:\windows\system32\drivers\ws2ifsl.sys
15:49:30.0728 4524 ws2ifsl - ok
15:49:30.0822 4524 [ 6F5D49EFE0E7164E03AE773A3FE25340 ] wscsvc C:\windows\system32\wscsvc.dll
15:49:30.0962 4524 wscsvc - ok
15:49:30.0962 4524 WSearch - ok
15:49:31.0742 4524 [ FC3EC24FCE372C89423E015A2AC1A31E ] wuauserv C:\windows\system32\wuaueng.dll
15:49:31.0836 4524 wuauserv - ok
15:49:31.0921 4524 [ 06E6F32C8D0A3F66D956F57B43A2E070 ] WudfPf C:\windows\system32\drivers\WudfPf.sys
15:49:32.0041 4524 WudfPf - ok
15:49:32.0301 4524 [ 867C301E8B790040AE9CF6486E8041DF ] WUDFRd C:\windows\system32\DRIVERS\WUDFRd.sys
15:49:32.0441 4524 WUDFRd - ok
15:49:32.0531 4524 [ FE47B7BC8EA320C2D9B5E5BF6E303765 ] wudfsvc C:\windows\System32\WUDFSvc.dll
15:49:32.0601 4524 wudfsvc - ok
15:49:32.0751 4524 [ FF2D745B560F7C71B31F30F4D49F73D2 ] WwanSvc C:\windows\System32\wwansvc.dll
15:49:32.0911 4524 WwanSvc - ok
15:49:35.0021 4524 [ 894F963BE999BA9DB5AAC3AED55B115D ] XAudio C:\windows\system32\DRIVERS\XAudio32.sys
15:49:35.0051 4524 XAudio - ok
15:49:35.0171 4524 [ C9C0B1EF87F1B88DC5477BC887CA1960 ] ZTEusbmdm6k C:\windows\system32\DRIVERS\ZTEusbmdm6k.sys
15:49:35.0331 4524 ZTEusbmdm6k - ok
15:49:35.0421 4524 [ 453A60F8DC22FC296BC482CBF3EFF213 ] ZTEusbnet C:\windows\system32\DRIVERS\ZTEusbnet.sys
15:49:35.0541 4524 ZTEusbnet - ok
15:49:35.0661 4524 [ C9C0B1EF87F1B88DC5477BC887CA1960 ] ZTEusbnmea C:\windows\system32\DRIVERS\ZTEusbnmea.sys
15:49:35.0801 4524 ZTEusbnmea - ok
15:49:35.0961 4524 [ C9C0B1EF87F1B88DC5477BC887CA1960 ] ZTEusbser6k C:\windows\system32\DRIVERS\ZTEusbser6k.sys
15:49:36.0101 4524 ZTEusbser6k - ok
15:49:36.0501 4524 ================ Scan global ===============================
15:49:36.0641 4524 [ DAB748AE0439955ED2FA22357533DDDB ] C:\windows\system32\basesrv.dll
15:49:36.0991 4524 [ 48CB4FDBCAAEAC7BCE2F5941545FF071 ] C:\windows\system32\winsrv.dll
15:49:37.0101 4524 [ 48CB4FDBCAAEAC7BCE2F5941545FF071 ] C:\windows\system32\winsrv.dll
15:49:37.0191 4524 [ 364455805E64882844EE9ACB72522830 ] C:\windows\system32\sxssrv.dll
15:49:37.0471 4524 [ 5F1B6A9C35D3D5CA72D6D6FDEF9747D6 ] C:\windows\system32\services.exe
15:49:37.0511 4524 [Global] - ok
15:49:37.0511 4524 ================ Scan MBR ==================================
15:49:37.0551 4524 [ 5B5E648D12FCADC244C1EC30318E1EB9 ] \Device\Harddisk0\DR0
15:49:41.0062 4524 \Device\Harddisk0\DR0 - ok
15:49:41.0072 4524 ================ Scan VBR ==================================
15:49:41.0112 4524 [ 5488D029CB705E35E1078535F85B3681 ] \Device\Harddisk0\DR0\Partition1
15:49:41.0132 4524 \Device\Harddisk0\DR0\Partition1 - ok
15:49:41.0132 4524 ================ Scan active images ========================
15:49:41.0132 4524 [ B7EFEF22FF426EC4158A177CB3B558D3 ] C:\Windows\System32\drivers\crashdmp.sys
15:49:41.0132 4524 C:\Windows\System32\drivers\crashdmp.sys - ok
15:49:41.0132 4524 [ 62A63EF2F3053B461CB327E4D69AAA74 ] C:\Windows\System32\drivers\dumpfve.sys
15:49:41.0132 4524 C:\Windows\System32\drivers\dumpfve.sys - ok
15:49:41.0132 4524 [ A5FFEB824E539C18CD23C32161AB55DB ] C:\Windows\System32\drivers\iaStor.sys
15:49:41.0132 4524 C:\Windows\System32\drivers\iaStor.sys - ok
15:49:41.0132 4524 [ BE167ED0FDB9C1FA1133953C18D5A6C9 ] C:\Windows\System32\drivers\cdrom.sys
15:49:41.0132 4524 C:\Windows\System32\drivers\cdrom.sys - ok
15:49:41.0132 4524 [ F9756A98D69098DCA8945D62858A812C ] C:\Windows\System32\drivers\null.sys
15:49:41.0132 4524 C:\Windows\System32\drivers\null.sys - ok
15:49:41.0132 4524 [ 505506526A9D467307B3C393DEDAF858 ] C:\Windows\System32\drivers\beep.sys
15:49:41.0132 4524 C:\Windows\System32\drivers\beep.sys - ok
15:49:41.0132 4524 [ 23DAE03F29D253AE74C44F99E515F9A1 ] C:\Windows\System32\drivers\RDPCDD.sys
15:49:41.0132 4524 C:\Windows\System32\drivers\RDPCDD.sys - ok
15:49:41.0132 4524 [ 8E38096AD5C8570A6F1570A61E251561 ] C:\Windows\System32\drivers\vga.sys
15:49:41.0132 4524 C:\Windows\System32\drivers\vga.sys - ok
15:49:41.0142 4524 [ 15C126D1B55814B9E5CAB10A9C1F4C67 ] C:\Windows\System32\drivers\videoprt.sys
15:49:41.0142 4524 C:\Windows\System32\drivers\videoprt.sys - ok
15:49:41.0142 4524 [ CB45A417C8EF7BA6BAC67EDCDDED8700 ] C:\Windows\System32\drivers\watchdog.sys
15:49:41.0142 4524 C:\Windows\System32\drivers\watchdog.sys - ok
15:49:41.0142 4524 [ 5A53CA1598DD4156D44196D200C94B8A ] C:\Windows\System32\drivers\RDPENCDD.sys
15:49:41.0142 4524 C:\Windows\System32\drivers\RDPENCDD.sys - ok
15:49:41.0142 4524 [ 44B0A53CD4F27D50ED461DAE0C0B4E1F ] C:\Windows\System32\drivers\RDPREFMP.sys
15:49:41.0142 4524 C:\Windows\System32\drivers\RDPREFMP.sys - ok
15:49:41.0142 4524 [ 9EBBBA55060F786F0FCAA3893BFA2806 ] C:\Windows\System32\drivers\afd.sys
15:49:41.0142 4524 C:\Windows\System32\drivers\afd.sys - ok
15:49:41.0142 4524 [ DAEFB28E3AF5A76ABCC2C3078C07327F ] C:\Windows\System32\drivers\msfs.sys
15:49:41.0142 4524 C:\Windows\System32\drivers\msfs.sys - ok
15:49:41.0142 4524 [ 1DB262A9F8C087E8153D89BEF3D2235F ] C:\Windows\System32\drivers\npfs.sys
15:49:41.0142 4524 C:\Windows\System32\drivers\npfs.sys - ok
15:49:41.0142 4524 [ 2F885864D5BC8A16C86BEE595969A48A ] C:\Windows\System32\drivers\tdi.sys
15:49:41.0142 4524 C:\Windows\System32\drivers\tdi.sys - ok
15:49:41.0142 4524 [ B459575348C20E8121D6039DA063C704 ] C:\Windows\System32\drivers\tdx.sys
15:49:41.0142 4524 C:\Windows\System32\drivers\tdx.sys - ok
15:49:41.0142 4524 [ 280122DDCF04B378EDD1AD54D71C1E54 ] C:\Windows\System32\drivers\netbt.sys
15:49:41.0142 4524 C:\Windows\System32\drivers\netbt.sys - ok
15:49:41.0142 4524 [ 6270CCAE2A86DE6D146529FE55B3246A ] C:\Windows\System32\drivers\pacer.sys
15:49:41.0142 4524 C:\Windows\System32\drivers\pacer.sys - ok
15:49:41.0142 4524 [ 7090D3436EEB4E7DA3373090A23448F7 ] C:\Windows\System32\drivers\vwififlt.sys
15:49:41.0142 4524 C:\Windows\System32\drivers\vwififlt.sys - ok
15:49:41.0152 4524 [ 8B9A943F3B53861F2BFAF6C186168F79 ] C:\Windows\System32\drivers\wfplwf.sys
15:49:41.0152 4524 C:\Windows\System32\drivers\wfplwf.sys - ok
15:49:41.0152 4524 [ 6DB3276587B853BF886B69528FDB048C ] C:\Windows\System32\drivers\ws2ifsl.sys
15:49:41.0152 4524 C:\Windows\System32\drivers\ws2ifsl.sys - ok
15:49:41.0152 4524 [ 80B275B1CE3B0E79909DB7B39AF74D51 ] C:\Windows\System32\drivers\netbios.sys
15:49:41.0152 4524 C:\Windows\System32\drivers\netbios.sys - ok
15:49:41.0152 4524 [ 20AC031A8E2AC58EC9F04BD728071D43 ] C:\Windows\System32\drivers\tmcomm.sys
15:49:41.0152 4524 C:\Windows\System32\drivers\tmcomm.sys - ok
15:49:41.0152 4524 [ 96132CF615891C05494F5321C8245086 ] C:\Windows\System32\drivers\tmevtmgr.sys
15:49:41.0152 4524 C:\Windows\System32\drivers\tmevtmgr.sys - ok
15:49:41.0152 4524 [ D528BC58A489409BA40334EBF96A311B ] C:\Windows\System32\drivers\rdbss.sys
15:49:41.0152 4524 C:\Windows\System32\drivers\rdbss.sys - ok
15:49:41.0152 4524 [ 04DBF4B01EA4BF25A9A3E84AFFAC9B20 ] C:\Windows\System32\drivers\termdd.sys
15:49:41.0152 4524 C:\Windows\System32\drivers\termdd.sys - ok
15:49:41.0152 4524 [ FB5DFD175E3BE936D87CCBA4A2B0EAAD ] C:\Windows\System32\drivers\tmactmon.sys
15:49:41.0152 4524 C:\Windows\System32\drivers\tmactmon.sys - ok
15:49:41.0152 4524 [ A6E20B094A8D3E3F46D10BBE7E1EBB82 ] C:\Windows\System32\drivers\tmtdi.sys
15:49:41.0152 4524 C:\Windows\System32\drivers\tmtdi.sys - ok
15:49:41.0152 4524 [ 3C3C78515F5AB448B022BDF5B8FFDD2E ] C:\Windows\System32\drivers\wanarp.sys
15:49:41.0152 4524 C:\Windows\System32\drivers\wanarp.sys - ok
15:49:41.0152 4524 [ FC6B9FF600CC585EA38B12589BD4E246 ] C:\Windows\System32\drivers\mssmbios.sys
15:49:41.0162 4524 C:\Windows\System32\drivers\mssmbios.sys - ok
15:49:41.0162 4524 [ E9A0A4D07E53D8FEA2BB8387A3293C58 ] C:\Windows\System32\drivers\nsiproxy.sys
15:49:41.0162 4524 C:\Windows\System32\drivers\nsiproxy.sys - ok
15:49:41.0162 4524 [ 1A050B0274BFB3890703D490F330C0DA ] C:\Windows\System32\drivers\discache.sys
15:49:41.0162 4524 C:\Windows\System32\drivers\discache.sys - ok
15:49:41.0162 4524 [ 2287078ED48FCFC477B05B20CF38F36F ] C:\Windows\System32\drivers\blbdrive.sys
15:49:41.0162 4524 C:\Windows\System32\drivers\blbdrive.sys - ok
15:49:41.0162 4524 [ FFC5377AA2C1A3F5B18F359F661E76C8 ] C:\Windows\System32\drivers\ctxusbm.sys
15:49:41.0162 4524 C:\Windows\System32\drivers\ctxusbm.sys - ok
15:49:41.0162 4524 [ F024449C97EC1E464AAFFDA18593DB88 ] C:\Windows\System32\drivers\dfsc.sys
15:49:41.0162 4524 C:\Windows\System32\drivers\dfsc.sys - ok
15:49:41.0162 4524 [ B2FA25D9B17A68BB93D58B0556E8C90D ] C:\Windows\System32\drivers\tunnel.sys
15:49:41.0162 4524 C:\Windows\System32\drivers\tunnel.sys - ok
15:49:41.0162 4524 [ C30A91ADE8C9CB91E4281EC83C4500C6 ] C:\Windows\System32\ntdll.dll
15:49:41.0162 4524 C:\Windows\System32\ntdll.dll - ok
15:49:41.0162 4524 [ 16742790895960690237A5143CEDEC8B ] C:\Windows\System32\smss.exe
15:49:41.0162 4524 C:\Windows\System32\smss.exe - ok
15:49:41.0162 4524 [ F88A52EB62019D6A62FDD9E08034DBD8 ] C:\Windows\System32\autochk.exe
15:49:41.0162 4524 C:\Windows\System32\autochk.exe - ok
15:49:41.0162 4524 [ D1DE1EAFDE97BE41CF6585027FF3E732 ] C:\Windows\System32\comdlg32.dll
15:49:41.0162 4524 C:\Windows\System32\comdlg32.dll - ok
15:49:41.0172 4524 [ B3A313080B0F73F4C8292290606FC15D ] C:\Windows\System32\drivers\igdkmd32.sys
15:49:41.0172 4524 C:\Windows\System32\drivers\igdkmd32.sys - ok
15:49:41.0172 4524 [ 23F5D28378A160352BA8F817BD8C71CB ] C:\Windows\System32\drivers\dxgkrnl.sys
15:49:41.0172 4524 C:\Windows\System32\drivers\dxgkrnl.sys - ok
15:49:41.0172 4524 [ D458D1C7F1D49869000668E3C3BB0D4D ] C:\Windows\System32\drivers\dxgmms1.sys
15:49:41.0172 4524 C:\Windows\System32\drivers\dxgmms1.sys - ok
15:49:41.0172 4524 [ A88485DC6A7136C10D9A6C7E38FDFE3C ] C:\Windows\System32\drivers\HECI.sys
15:49:41.0172 4524 C:\Windows\System32\drivers\HECI.sys - ok
15:49:41.0172 4524 [ F92DE757E4B7CE9C07C5E65423F3AE3B ] C:\Windows\System32\drivers\usbehci.sys
15:49:41.0172 4524 C:\Windows\System32\drivers\usbehci.sys - ok
15:49:41.0172 4524 [ 3AA940AA9AC3055FE32FF2D3D20CCD28 ] C:\Windows\System32\drivers\usbport.sys
15:49:41.0172 4524 C:\Windows\System32\drivers\usbport.sys - ok
15:49:41.0172 4524 [ 9036377B8A6C15DC2EEC53E489D159B5 ] C:\Windows\System32\drivers\hdaudbus.sys
15:49:41.0172 4524 C:\Windows\System32\drivers\hdaudbus.sys - ok
15:49:41.0172 4524 [ 44B7739F2D623AD6FB46755BB60351A4 ] C:\Windows\System32\drivers\rtl8192se.sys
15:49:41.0172 4524 C:\Windows\System32\drivers\rtl8192se.sys - ok
15:49:41.0172 4524 [ F151F0BDC47F4A28B1B20A0818EA36D6 ] C:\Windows\System32\drivers\i8042prt.sys
15:49:41.0172 4524 C:\Windows\System32\drivers\i8042prt.sys - ok
15:49:41.0172 4524 [ ADEF52CA1AEAE82B50DF86B56413107E ] C:\Windows\System32\drivers\kbdclass.sys
15:49:41.0172 4524 C:\Windows\System32\drivers\kbdclass.sys - ok
15:49:41.0172 4524 [ B05ADCD03AAED42607371186F359D8A5 ] C:\Windows\System32\drivers\L1C62x86.sys
15:49:41.0172 4524 C:\Windows\System32\drivers\L1C62x86.sys - ok
15:49:41.0172 4524 [ 90567B1E658001E79D7C8BBD3DDE5AA6 ] C:\Windows\System32\drivers\vwifibus.sys
15:49:41.0172 4524 C:\Windows\System32\drivers\vwifibus.sys - ok
15:49:41.0172 4524 [ 5787196F32D043572EC6565C0EF1B8E0 ] C:\Windows\System32\drivers\usbd.sys
15:49:41.0172 4524 C:\Windows\System32\drivers\usbd.sys - ok
15:49:41.0172 4524 [ FB18CC1D4C2E716B6B903B0AC0CC0609 ] C:\Windows\System32\drivers\mouclass.sys
15:49:41.0172 4524 C:\Windows\System32\drivers\mouclass.sys - ok
15:49:41.0172 4524 [ 9A28F1C47CE0C8BBC02AAF5941AB44CD ] C:\Windows\System32\drivers\SynTP.sys
15:49:41.0172 4524 C:\Windows\System32\drivers\SynTP.sys - ok
15:49:41.0172 4524 [ 4084EA00D50C858D6F9038F86AE2E2D0 ] C:\Windows\System32\drivers\tdcmdpst.sys
15:49:41.0172 4524 C:\Windows\System32\drivers\tdcmdpst.sys - ok
15:49:41.0172 4524 [ 185ADA973B5020655CEE342059A86CBB ] C:\Windows\System32\drivers\GEARAspiWDM.sys
15:49:41.0172 4524 C:\Windows\System32\drivers\GEARAspiWDM.sys - ok
15:49:41.0172 4524 [ 03C0D99BC2913226F1CEA7CB0D984659 ] C:\Windows\System32\drivers\Impcd.sys
15:49:41.0172 4524 C:\Windows\System32\drivers\Impcd.sys - ok
15:49:41.0172 4524 [ DEA805815E587DAD1DD2C502220B5616 ] C:\Windows\System32\drivers\CmBatt.sys
15:49:41.0172 4524 C:\Windows\System32\drivers\CmBatt.sys - ok
15:49:41.0182 4524 [ 3B514D27BFC4ACCB4037BC6685F766E0 ] C:\Windows\System32\drivers\intelppm.sys
15:49:41.0182 4524 C:\Windows\System32\drivers\intelppm.sys - ok
15:49:41.0182 4524 [ A0DB243AF3A2E427C172AF2BBA325473 ] C:\Windows\System32\drivers\QIOMem.sys
15:49:41.0182 4524 C:\Windows\System32\drivers\QIOMem.sys - ok
15:49:41.0182 4524 [ 866462F5AE3F375EF83EF9DCE436031C ] C:\Windows\System32\drivers\TVALZFL.sys
15:49:41.0182 4524 C:\Windows\System32\drivers\TVALZFL.sys - ok
15:49:41.0182 4524 [ 0217679B8FCA58714C3BF2726D2CA84E ] C:\Windows\System32\drivers\wmiacpi.sys
15:49:41.0182 4524 C:\Windows\System32\drivers\wmiacpi.sys - ok
15:49:41.0182 4524 [ 57EC4AEF73660166074D8F7F31C0D4FD ] C:\Windows\System32\drivers\agilevpn.sys
15:49:41.0182 4524 C:\Windows\System32\drivers\agilevpn.sys - ok
15:49:41.0182 4524 [ CBE8C58A8579CFE5FCCF809E6F114E89 ] C:\Windows\System32\drivers\CompositeBus.sys
15:49:41.0182 4524 C:\Windows\System32\drivers\CompositeBus.sys - ok
15:49:41.0182 4524 [ E4A8AEC125A2E43A9E32AFEEA7C9C888 ] C:\Windows\System32\drivers\ndistapi.sys
15:49:41.0182 4524 C:\Windows\System32\drivers\ndistapi.sys - ok
15:49:41.0182 4524 [ D9F91EAFEC2815365CBE6D167E4E332A ] C:\Windows\System32\drivers\rasl2tp.sys
15:49:41.0182 4524 C:\Windows\System32\drivers\rasl2tp.sys - ok
15:49:41.0182 4524 [ 38FBE267E7E6983311179230FACB1017 ] C:\Windows\System32\drivers\ndiswan.sys
15:49:41.0182 4524 C:\Windows\System32\drivers\ndiswan.sys - ok
15:49:41.0182 4524 [ 0FE8B15916307A6AC12BFB6A63E45507 ] C:\Windows\System32\drivers\raspppoe.sys
15:49:41.0182 4524 C:\Windows\System32\drivers\raspppoe.sys - ok
15:49:41.0182 4524 [ 631E3E205AD6D86F2AED6A4A8E69F2DB ] C:\Windows\System32\drivers\raspptp.sys
15:49:41.0182 4524 C:\Windows\System32\drivers\raspptp.sys - ok
15:49:41.0182 4524 [ 44101F495A83EA6401D886E7FD70096B ] C:\Windows\System32\drivers\rassstp.sys
15:49:41.0182 4524 C:\Windows\System32\drivers\rassstp.sys - ok
15:49:41.0182 4524 [ 5DCEF0C32BE0F33277326586FA503689 ] C:\Windows\System32\drivers\ks.sys
15:49:41.0182 4524 C:\Windows\System32\drivers\ks.sys - ok
15:49:41.0182 4524 [ E58C78A848ADD9610A4DB6D214AF5224 ] C:\Windows\System32\drivers\swenum.sys
15:49:41.0182 4524 C:\Windows\System32\drivers\swenum.sys - ok
15:49:41.0192 4524 [ D295BED4B898F0FD999FCFA9B32B071B ] C:\Windows\System32\drivers\umbus.sys
15:49:41.0192 4524 C:\Windows\System32\drivers\umbus.sys - ok
15:49:41.0192 4524 [ 8DC94AEC6A7E644A06135AE7506DC2E9 ] C:\Windows\System32\drivers\usbhub.sys
15:49:41.0192 4524 C:\Windows\System32\drivers\usbhub.sys - ok
15:49:41.0192 4524 [ FC4EE980C3BD87D35816EC55007E00B5 ] C:\Windows\System32\urlmon.dll
15:49:41.0192 4524 C:\Windows\System32\urlmon.dll - ok
15:49:41.0192 4524 [ 4A8E2F20809CC161107FAA94F6CF2685 ] C:\Windows\System32\imm32.dll
15:49:41.0192 4524 C:\Windows\System32\imm32.dll - ok
15:49:41.0192 4524 [ 9C278785347BCC991F8EA2999D90F58D ] C:\Windows\System32\normaliz.dll
15:49:41.0192 4524 C:\Windows\System32\normaliz.dll - ok
15:49:41.0192 4524 [ A4BDC541E69674FBFF1A8FF00BE913F2 ] C:\Windows\System32\drivers\ndproxy.sys
15:49:41.0192 4524 C:\Windows\System32\drivers\ndproxy.sys - ok
15:49:41.0192 4524 [ FF5688D309347F2720911D8796912834 ] C:\Windows\System32\clbcatq.dll
15:49:41.0192 4524 C:\Windows\System32\clbcatq.dll - ok
15:49:41.0192 4524 [ 6377051C63D5552A311935C67E9FDFDC ] C:\Windows\System32\nsi.dll
15:49:41.0192 4524 C:\Windows\System32\nsi.dll - ok
15:49:41.0192 4524 [ 8CC3C111D653E96F3EA1590891491D71 ] C:\Windows\System32\shlwapi.dll
15:49:41.0192 4524 C:\Windows\System32\shlwapi.dll - ok
15:49:41.0192 4524 [ 6F93A0F455963DC8A9A16BB682C8D589 ] C:\Windows\System32\kernel32.dll
15:49:41.0192 4524 C:\Windows\System32\kernel32.dll - ok
15:49:41.0192 4524 [ 4F154D2C9C6DF951FD6E5AABBAE6B5EE ] C:\Windows\System32\lpk.dll
15:49:41.0192 4524 C:\Windows\System32\lpk.dll - ok
15:49:41.0192 4524 [ 928CF7268086631F54C3D8E17238C6DD ] C:\Windows\System32\ole32.dll
15:49:41.0192 4524 C:\Windows\System32\ole32.dll - ok
15:49:41.0192 4524 [ 95E2376B3323F062EB562B8586D0F14A ] C:\Windows\System32\advapi32.dll
15:49:41.0192 4524 C:\Windows\System32\advapi32.dll - ok
15:49:41.0192 4524 [ E87F5393F7D8CE2FACC4DFF703531392 ] C:\Windows\System32\gdi32.dll
15:49:41.0192 4524 C:\Windows\System32\gdi32.dll - ok
15:49:41.0192 4524 [ 6400774E903729ADD0A62A24A334EE56 ] C:\Windows\System32\rpcrt4.dll
15:49:41.0192 4524 C:\Windows\System32\rpcrt4.dll - ok
15:49:41.0192 4524 [ 29E9794708DF51DB5DC89FB2E903A0F6 ] C:\Windows\System32\shell32.dll
15:49:41.0192 4524 C:\Windows\System32\shell32.dll - ok
15:49:41.0192 4524 [ 3178C47DB9F1615E5334029607BD3459 ] C:\Windows\System32\iertutil.dll
15:49:41.0192 4524 C:\Windows\System32\iertutil.dll - ok
15:49:41.0202 4524 [ 9DC80A8AAAAAC397BDAB3C67165A824E ] C:\Windows\System32\msvcrt.dll
15:49:41.0202 4524 C:\Windows\System32\msvcrt.dll - ok
15:49:41.0202 4524 [ A8BB45F9ECAD993461E0FEF8E2A99152 ] C:\Windows\System32\Wldap32.dll
15:49:41.0202 4524 C:\Windows\System32\Wldap32.dll - ok
15:49:41.0202 4524 [ CFC97F07904067A1E5FAE195D534DA3A ] C:\Windows\System32\sechost.dll
15:49:41.0202 4524 C:\Windows\System32\sechost.dll - ok
15:49:41.0202 4524 [ 9CB0D2A9A77D91D9614355EE9FF00519 ] C:\Windows\System32\wininet.dll
15:49:41.0202 4524 C:\Windows\System32\wininet.dll - ok
15:49:41.0202 4524 [ 7FF15A4F092CD4A96055BA69F903E3E9 ] C:\Windows\System32\ws2_32.dll
15:49:41.0202 4524 C:\Windows\System32\ws2_32.dll - ok
15:49:41.0202 4524 [ B2DB6ABA2E292235749B80A9C3DFA867 ] C:\Windows\System32\imagehlp.dll
15:49:41.0202 4524 C:\Windows\System32\imagehlp.dll - ok
15:49:41.0202 4524 [ 070C5B9D3006602A07757179D9B56F5D ] C:\Windows\System32\difxapi.dll
15:49:41.0202 4524 C:\Windows\System32\difxapi.dll - ok
15:49:41.0202 4524 [ 6C765E82B57F2E66CE9C54AC238471D9 ] C:\Windows\System32\oleaut32.dll
15:49:41.0202 4524 C:\Windows\System32\oleaut32.dll - ok
15:49:41.0202 4524 [ C9618BC9B2B0FD7C1138D8774795A79B ] C:\Windows\System32\msctf.dll
15:49:41.0202 4524 C:\Windows\System32\msctf.dll - ok
15:49:41.0202 4524 [ 804AAAFEBB3AD5F49334DD906BCB1DE5 ] C:\Windows\System32\usp10.dll
15:49:41.0202 4524 C:\Windows\System32\usp10.dll - ok
15:49:41.0202 4524 [ A543AC1F7138376D778D630A35FCBC4C ] C:\Windows\System32\psapi.dll
15:49:41.0202 4524 C:\Windows\System32\psapi.dll - ok
15:49:41.0202 4524 [ 10FB16B50AFFDA6D44588F3C445DC273 ] C:\Windows\System32\setupapi.dll
15:49:41.0202 4524 C:\Windows\System32\setupapi.dll - ok
15:49:41.0202 4524 [ F1DD3ACAEE5E6B4BBC69BC6DF75CEF66 ] C:\Windows\System32\user32.dll
15:49:41.0202 4524 C:\Windows\System32\user32.dll - ok
15:49:41.0202 4524 [ 17448AF0BBA9E7AB5EC955AF93F271BD ] C:\Windows\System32\wintrust.dll
15:49:41.0202 4524 C:\Windows\System32\wintrust.dll - ok
15:49:41.0202 4524 [ BDAC1AA64495D0F7E1FF810EBBF1F018 ] C:\Windows\System32\comctl32.dll
15:49:41.0202 4524 C:\Windows\System32\comctl32.dll - ok
15:49:41.0202 4524 [ CE90695129BD27591C47F7A4AB526789 ] C:\Windows\System32\KernelBase.dll
15:49:41.0202 4524 C:\Windows\System32\KernelBase.dll - ok
15:49:41.0202 4524 [ 60D21799A4AF4EDCE65FB98830E4B0C8 ] C:\Windows\System32\crypt32.dll
15:49:41.0202 4524 C:\Windows\System32\crypt32.dll - ok
15:49:41.0202 4524 [ 3FFAEA12666E565FF51BF2FCA674F543 ] C:\Windows\System32\cfgmgr32.dll
15:49:41.0202 4524 C:\Windows\System32\cfgmgr32.dll - ok
15:49:41.0212 4524 [ CC4ED8BEA78B0DCA6F217E014C3291A7 ] C:\Windows\System32\devobj.dll
15:49:41.0212 4524 C:\Windows\System32\devobj.dll - ok
15:49:41.0212 4524 [ 938F39B50BAFE13D6F58C7790682C010 ] C:\Windows\System32\msasn1.dll
15:49:41.0212 4524 C:\Windows\System32\msasn1.dll - ok
15:49:41.0212 4524 [ C2FA222AC9DB9463F801451FF65ECBE8 ] C:\Windows\System32\drivers\CHDRT32.sys
15:49:41.0212 4524 C:\Windows\System32\drivers\CHDRT32.sys - ok
15:49:41.0212 4524 [ 27F9288AF019E6DACA281EDE51FF5928 ] C:\Windows\System32\drivers\drmk.sys
15:49:41.0212 4524 C:\Windows\System32\drivers\drmk.sys - ok
15:49:41.0212 4524 [ 4DF5C76302DC2F8F3465966C8426A292 ] C:\Windows\System32\drivers\HSXHWAZL.sys
15:49:41.0212 4524 C:\Windows\System32\drivers\HSXHWAZL.sys - ok
15:49:41.0212 4524 [ D72708C9F49500C13D7D067E169B7715 ] C:\Windows\System32\drivers\portcls.sys
15:49:41.0212 4524 C:\Windows\System32\drivers\portcls.sys - ok
15:49:41.0212 4524 [ 227C3BA25012752BB7450235392C719F ] C:\Windows\System32\drivers\HSX_DPV.sys
15:49:41.0212 4524 C:\Windows\System32\drivers\HSX_DPV.sys - ok
15:49:41.0212 4524 [ 8B976D4CA270110111DF4F313DA0E6E8 ] C:\Windows\System32\drivers\HSX_CNXT.sys
15:49:41.0212 4524 C:\Windows\System32\drivers\HSX_CNXT.sys - ok
15:49:41.0212 4524 [ F001861E5700EE84E2D4E52C712F4964 ] C:\Windows\System32\drivers\modem.sys
15:49:41.0212 4524 C:\Windows\System32\drivers\modem.sys - ok
15:49:41.0212 4524 [ 5FCD3320AAE71506B43F9E12E4E72172 ] C:\Windows\System32\drivers\dxapi.sys
15:49:41.0212 4524 C:\Windows\System32\drivers\dxapi.sys - ok
15:49:41.0212 4524 [ 97A30C905E6080E72E23425D72A15957 ] C:\Windows\System32\win32k.sys
15:49:41.0212 4524 C:\Windows\System32\win32k.sys - ok
15:49:41.0212 4524 [ 6C062EA09313872D2235027EF7A4554E ] C:\Windows\System32\csrsrv.dll
15:49:41.0212 4524 C:\Windows\System32\csrsrv.dll - ok
15:49:41.0212 4524 [ 342271F6142E7C70805B8A81E1BA5F5C ] C:\Windows\System32\csrss.exe
15:49:41.0212 4524 C:\Windows\System32\csrss.exe - ok
15:49:41.0212 4524 [ DAB748AE0439955ED2FA22357533DDDB ] C:\Windows\System32\basesrv.dll
15:49:41.0212 4524 C:\Windows\System32\basesrv.dll - ok
15:49:41.0212 4524 [ 48CB4FDBCAAEAC7BCE2F5941545FF071 ] C:\Windows\System32\winsrv.dll
15:49:41.0212 4524 C:\Windows\System32\winsrv.dll - ok
15:49:41.0212 4524 [ 79D10964DE86B292320E9DFE02282A23 ] C:\Windows\System32\drivers\monitor.sys
15:49:41.0212 4524 C:\Windows\System32\drivers\monitor.sys - ok
15:49:41.0212 4524 [ 7C76B61A5E1EF5D1FA554CF134100F18 ] C:\Windows\System32\tsddd.dll
15:49:41.0212 4524 C:\Windows\System32\tsddd.dll - ok
15:49:41.0212 4524 [ C733D233B623B7FFCE5031E4B756EE26 ] C:\Windows\System32\profapi.dll
15:49:41.0212 4524 C:\Windows\System32\profapi.dll - ok
15:49:41.0222 4524 [ 364455805E64882844EE9ACB72522830 ] C:\Windows\System32\sxssrv.dll
15:49:41.0222 4524 C:\Windows\System32\sxssrv.dll - ok
15:49:41.0222 4524 [ B5C5DCAD3899512020D135600129D665 ] C:\Windows\System32\wininit.exe
15:49:41.0222 4524 C:\Windows\System32\wininit.exe - ok
15:49:41.0222 4524 [ CAEF9CD6C10B1017E2C298D849CD31DB ] C:\Windows\System32\cdd.dll
15:49:41.0222 4524 C:\Windows\System32\cdd.dll - ok
15:49:41.0222 4524 [ 357B990A4249D7F7485B230C0CC8825A ] C:\Windows\System32\KBDUS.DLL
15:49:41.0222 4524 C:\Windows\System32\KBDUS.DLL - ok
15:49:41.0222 4524 [ 5997D769CDB108390DCFAEBF442BF816 ] C:\Windows\System32\RpcRtRemote.dll
15:49:41.0222 4524 C:\Windows\System32\RpcRtRemote.dll - ok
15:49:41.0222 4524 [ AB0DDD50695906570E81F21D3481D4A9 ] C:\Windows\System32\KBDUK.DLL
15:49:41.0222 4524 C:\Windows\System32\KBDUK.DLL - ok
15:49:41.0222 4524 [ 919001D2BB17DF06CA3F8AC16AD039F6 ] C:\Windows\System32\sxs.dll
15:49:41.0222 4524 C:\Windows\System32\sxs.dll - ok
15:49:41.0222 4524 [ 633C2C060CF857099F6C4F8D75C952B1 ] C:\Windows\System32\WlS0WndH.dll
15:49:41.0222 4524 C:\Windows\System32\WlS0WndH.dll - ok
15:49:41.0222 4524 [ F08F6FCD09F9BE94C37ACC1B344685FF ] C:\Windows\System32\cryptbase.dll
15:49:41.0222 4524 C:\Windows\System32\cryptbase.dll - ok
15:49:41.0222 4524 [ BD9C55D7023C5DE374507ACC7A14E2AC ] C:\Windows\System32\drivers\usbccgp.sys
15:49:41.0222 4524 C:\Windows\System32\drivers\usbccgp.sys - ok
15:49:41.0222 4524 [ 45F4E7BF43DB40A6C6B4D92C76CBC3F2 ] C:\Windows\System32\drivers\usbvideo.sys
15:49:41.0222 4524 C:\Windows\System32\drivers\usbvideo.sys - ok
15:49:41.0222 4524 [ 863F793D15B4026B1A5FDECA873D4D84 ] C:\Windows\System32\apphelp.dll
15:49:41.0222 4524 C:\Windows\System32\apphelp.dll - ok
15:49:41.0222 4524 [ 81951F51E318AECC2D68559E47485CC4 ] C:\Windows\System32\lsass.exe
15:49:41.0222 4524 C:\Windows\System32\lsass.exe - ok
15:49:41.0222 4524 [ 8AEA9A37C1A3565A204D37C5E72AB791 ] C:\Windows\System32\lsm.exe
15:49:41.0222 4524 C:\Windows\System32\lsm.exe - ok
15:49:41.0222 4524 [ 5F1B6A9C35D3D5CA72D6D6FDEF9747D6 ] C:\Windows\System32\services.exe
15:49:41.0222 4524 C:\Windows\System32\services.exe - ok
15:49:41.0222 4524 [ C95CA687D32DDAB1C91E1122E80D5E16 ] C:\Windows\System32\lsasrv.dll
15:49:41.0222 4524 C:\Windows\System32\lsasrv.dll - ok
15:49:41.0222 4524 [ 250AA41DE690561AF1282D598914564C ] C:\Windows\System32\scesrv.dll
15:49:41.0222 4524 C:\Windows\System32\scesrv.dll - ok
15:49:41.0222 4524 [ 3369D021265E369D57317D61FA86DD79 ] C:\Windows\System32\scext.dll
15:49:41.0222 4524 C:\Windows\System32\scext.dll - ok
15:49:41.0222 4524 [ 69678722290C78D5D7198C60B5A4E3E8 ] C:\Windows\System32\secur32.dll
15:49:41.0222 4524 C:\Windows\System32\secur32.dll - ok
15:49:41.0222 4524 [ 4A054C853031616D161A84BECF281F47 ] C:\Windows\System32\sspicli.dll
15:49:41.0222 4524 C:\Windows\System32\sspicli.dll - ok
15:49:41.0222 4524 [ E361AE3010EA4B3123DAB5BDAE21798F ] C:\Windows\System32\sspisrv.dll
15:49:41.0222 4524 C:\Windows\System32\sspisrv.dll - ok
15:49:41.0222 4524 [ BA51FFE170C5B3AE8EC4F5BD2581A29E ] C:\Windows\System32\sysntfy.dll
15:49:41.0222 4524 C:\Windows\System32\sysntfy.dll - ok
15:49:41.0232 4524 [ D412B1B72C5AB020218E9A047D90CA05 ] C:\Windows\System32\wmsgapi.dll
15:49:41.0232 4524 C:\Windows\System32\wmsgapi.dll - ok
15:49:41.0232 4524 [ 1B5011DD8D57F53AED31FF0F7D635802 ] C:\Windows\System32\drivers\PGEffect.sys
15:49:41.0232 4524 C:\Windows\System32\drivers\PGEffect.sys - ok
15:49:41.0232 4524 [ 5CCDCD40E732D54E0F7451AC66AC1C87 ] C:\Windows\System32\srvcli.dll
15:49:41.0232 4524 C:\Windows\System32\srvcli.dll - ok
15:49:41.0232 4524 [ 245F4691314F42D4D1BC06442F0B2086 ] C:\Windows\System32\samsrv.dll
15:49:41.0232 4524 C:\Windows\System32\samsrv.dll - ok
15:49:41.0232 4524 [ 8B5EEFEEC1E6D1A72A06C526628AD161 ] C:\Windows\System32\aelupsvc.dll
15:49:41.0232 4524 C:\Windows\System32\aelupsvc.dll - ok
15:49:41.0232 4524 [ 18A54E132947CD98FEA9ACCC57F98F13 ] C:\Windows\System32\alg.exe
15:49:41.0232 4524 C:\Windows\System32\alg.exe - ok
15:49:41.0232 4524 [ 1128637CAD49A8E3C8B5FA5D0A061525 ] C:\Windows\System32\cryptdll.dll
15:49:41.0232 4524 C:\Windows\System32\cryptdll.dll - ok
15:49:41.0232 4524 [ 82C089EA2A3EEFADF3588EA71E8BDADA ] C:\Windows\System32\wevtapi.dll
15:49:41.0232 4524 C:\Windows\System32\wevtapi.dll - ok
15:49:41.0232 4524 [ FB4EB9352B7D698E6B3C2AA2ED724DAD ] C:\Windows\System32\authz.dll
15:49:41.0232 4524 C:\Windows\System32\authz.dll - ok
15:49:41.0232 4524 [ FC7650224790CAE75A5E9231961FDEC5 ] C:\Windows\System32\bcrypt.dll
15:49:41.0232 4524 C:\Windows\System32\bcrypt.dll - ok
15:49:41.0232 4524 [ 50BA656134F78AF64E4DD3C8B6FEFD7E ] C:\Windows\System32\cngaudit.dll
15:49:41.0232 4524 C:\Windows\System32\cngaudit.dll - ok
15:49:41.0232 4524 [ 591FE0A6CEB19BF886CEB1331F591940 ] C:\Windows\System32\ncrypt.dll
15:49:41.0232 4524 C:\Windows\System32\ncrypt.dll - ok
15:49:41.0232 4524 [ 62A9C86CB6085E20DB4823E4E97826F5 ] C:\Windows\System32\appidsvc.dll
15:49:41.0232 4524 C:\Windows\System32\appidsvc.dll - ok
15:49:41.0232 4524 [ C90878913DF3DC504790282043DB5F4C ] C:\Windows\System32\msprivs.dll
15:49:41.0232 4524 C:\Windows\System32\msprivs.dll - ok
15:49:41.0232 4524 [ E343CABBD8D600ABAF3F11625D33B3D0 ] C:\Windows\System32\netjoin.dll
15:49:41.0232 4524 C:\Windows\System32\netjoin.dll - ok
15:49:41.0232 4524 [ 867BEB23207BA425C85293BB0D3EA971 ] C:\Windows\System32\drivers\RtsUStor.sys
15:49:41.0232 4524 C:\Windows\System32\drivers\RtsUStor.sys - ok
15:49:41.0232 4524 [ BDA0B954A30498B5A7EDC6204CBA07ED ] C:\Windows\System32\kerberos.dll
15:49:41.0232 4524 C:\Windows\System32\kerberos.dll - ok
15:49:41.0232 4524 [ 6DCFAEC6D1334AA6CDF8961DB4633CBF ] C:\Windows\System32\negoexts.dll
15:49:41.0232 4524 C:\Windows\System32\negoexts.dll - ok
15:49:41.0232 4524 [ 7321F18D1F820612ED0E9F2D4B578A7E ] C:\Windows\System32\cryptsp.dll
15:49:41.0232 4524 C:\Windows\System32\cryptsp.dll - ok
15:49:41.0232 4524 [ 4C1E16B9A53102C8D6FBA587CBCB95DE ] C:\Windows\System32\msv1_0.dll
15:49:41.0232 4524 C:\Windows\System32\msv1_0.dll - ok
15:49:41.0242 4524 [ 8999B8631C7FD9F7F9EC3CAFD953BA24 ] C:\Windows\System32\mswsock.dll
15:49:41.0242 4524 C:\Windows\System32\mswsock.dll - ok
15:49:41.0242 4524 [ 73E8667A19FEEDD856DF2695E9E511D4 ] C:\Windows\System32\wship6.dll
15:49:41.0242 4524 C:\Windows\System32\wship6.dll - ok
15:49:41.0242 4524 [ C1809B9907ADEDAF16F50C894100883B ] C:\Windows\System32\netlogon.dll
15:49:41.0242 4524 C:\Windows\System32\netlogon.dll - ok
15:49:41.0242 4524 [ B40420876B9288E0A1C8CCA8A84E5DC9 ] C:\Windows\System32\dnsapi.dll
15:49:41.0242 4524 C:\Windows\System32\dnsapi.dll - ok
15:49:41.0242 4524 [ 8EA53101FF2B15BDFF934B62A8FB326D ] C:\Windows\System32\logoncli.dll
15:49:41.0242 4524 C:\Windows\System32\logoncli.dll - ok
15:49:41.0242 4524 [ 3D3CBD1847F980FB03343A63671E7886 ] C:\Windows\System32\schannel.dll
15:49:41.0242 4524 C:\Windows\System32\schannel.dll - ok
15:49:41.0242 4524 [ 0450CF487ECD8A67B56F59F9A96D024D ] C:\Windows\System32\wdigest.dll
15:49:41.0242 4524 C:\Windows\System32\wdigest.dll - ok
15:49:41.0242 4524 [ ED8EC63F7522DF4852147C84EC62C36A ] C:\Windows\System32\rsaenh.dll
15:49:41.0242 4524 C:\Windows\System32\rsaenh.dll - ok
15:49:41.0242 4524 [ D29E45078CF4020CE0AAC82EC652D1EA ] C:\Windows\System32\TSpkg.dll
15:49:41.0242 4524 C:\Windows\System32\TSpkg.dll - ok
15:49:41.0242 4524 [ 37CC990D4E2CDFAE12AC47F6B620FC13 ] C:\Windows\System32\pku2u.dll
15:49:41.0242 4524 C:\Windows\System32\pku2u.dll - ok
15:49:41.0242 4524 [ F704A6DA12C30FABCF90D84C87109037 ] C:\Windows\System32\LIVESSP.DLL
15:49:41.0242 4524 C:\Windows\System32\LIVESSP.DLL - ok
15:49:41.0242 4524 [ E8449FE262D7406BCB2AC2A45C53EC5F ] C:\Windows\System32\bcryptprimitives.dll
15:49:41.0242 4524 C:\Windows\System32\bcryptprimitives.dll - ok
15:49:41.0242 4524 [ 4E5FE39C1076D115EC8BFCFE14D75B80 ] C:\Windows\System32\credssp.dll
15:49:41.0242 4524 C:\Windows\System32\credssp.dll - ok
15:49:41.0242 4524 [ 91F434FF6606ED9BDC6A05D651B69553 ] C:\Windows\System32\efslsaext.dll
15:49:41.0242 4524 C:\Windows\System32\efslsaext.dll - ok
15:49:41.0242 4524 [ 8124944EC89D6A1815E4E53F5B96AAF4 ] C:\Windows\System32\scecli.dll
15:49:41.0242 4524 C:\Windows\System32\scecli.dll - ok
15:49:41.0242 4524 [ 6D13E1406F50C66E2A95D97F22C47560 ] C:\Windows\System32\winlogon.exe
15:49:41.0242 4524 C:\Windows\System32\winlogon.exe - ok
15:49:41.0242 4524 [ 418E881201583A3039D81F43E39E6C78 ] C:\Windows\System32\winsta.dll
15:49:41.0242 4524 C:\Windows\System32\winsta.dll - ok
15:49:41.0242 4524 [ FB1959012294D6AD43E5304DF65E3C26 ] C:\Windows\System32\appinfo.dll
15:49:41.0242 4524 C:\Windows\System32\appinfo.dll - ok
15:49:41.0242 4524 [ 761A3A4038C1FD4F5795427907C28484 ] C:\Windows\System32\rascfg.dll
15:49:41.0242 4524 C:\Windows\System32\rascfg.dll - ok
15:49:41.0242 4524 [ CE3B4E731638D2EF62FCB419BE0D39F0 ] C:\Windows\System32\audiosrv.dll
15:49:41.0242 4524 C:\Windows\System32\audiosrv.dll - ok
15:49:41.0242 4524 [ 6E30D02AAC9CAC84F421622E3A2F6178 ] C:\Windows\System32\AxInstSv.dll
15:49:41.0242 4524 C:\Windows\System32\AxInstSv.dll - ok
15:49:41.0252 4524 [ EE1E9C3BB8228AE423DD38DB69128E71 ] C:\Windows\System32\bdesvc.dll
15:49:41.0252 4524 C:\Windows\System32\bdesvc.dll - ok
15:49:41.0252 4524 [ 1E2BAC209D184BB851E1A187D8A29136 ] C:\Windows\System32\BFE.DLL
15:49:41.0252 4524 C:\Windows\System32\BFE.DLL - ok
15:49:41.0252 4524 [ E585445D5021971FAE10393F0F1C3961 ] C:\Windows\System32\qmgr.dll
15:49:41.0252 4524 C:\Windows\System32\qmgr.dll - ok
15:49:41.0252 4524 [ 3DAA727B5B0A45039B0E1C9A211B8400 ] C:\Windows\System32\browser.dll
15:49:41.0252 4524 C:\Windows\System32\browser.dll - ok
15:49:41.0252 4524 [ 1180159EE45AD1B110F6E482F244899E ] C:\Windows\System32\bridgeres.dll
15:49:41.0252 4524 C:\Windows\System32\bridgeres.dll - ok
15:49:41.0252 4524 [ 1DF19C96EEF6C29D1C3E1A8678E07190 ] C:\Windows\System32\bthserv.dll
15:49:41.0252 4524 C:\Windows\System32\bthserv.dll - ok
15:49:41.0252 4524 [ 319C6B309773D063541D01DF8AC6F55F ] C:\Windows\System32\certprop.dll
15:49:41.0252 4524 C:\Windows\System32\certprop.dll - ok
15:49:41.0252 4524 [ 635181E0E9BBF16871BF5380D71DB02D ] C:\Windows\System32\clfs.sys
15:49:41.0252 4524 C:\Windows\System32\clfs.sys - ok
15:49:41.0252 4524 [ 808D8A8B2A3074002852BC856D419576 ] C:\Windows\System32\comres.dll
15:49:41.0252 4524 C:\Windows\System32\comres.dll - ok
15:49:41.0252 4524 [ 96C0E38905CFD788313BE8E11DAE3F2F ] C:\Windows\System32\cryptsvc.dll
15:49:41.0252 4524 C:\Windows\System32\cryptsvc.dll - ok
15:49:41.0252 4524 [ 370E6FB6F6FF1B3DAC7F1182AC493BB6 ] C:\Windows\System32\oleres.dll
15:49:41.0252 4524 C:\Windows\System32\oleres.dll - ok
15:49:41.0252 4524 [ 8D6E10A2D9A5EED59562D9B82CF804E1 ] C:\Windows\System32\defragsvc.dll
15:49:41.0252 4524 C:\Windows\System32\defragsvc.dll - ok
15:49:41.0252 4524 [ E9E01EB683C132F7FA27CD607B8A2B63 ] C:\Windows\System32\dhcpcore.dll
15:49:41.0252 4524 C:\Windows\System32\dhcpcore.dll - ok
15:49:41.0252 4524 [ 366BA8FB4B7BB7435E3B9EACB3843F67 ] C:\Windows\System32\dot3svc.dll
15:49:41.0252 4524 C:\Windows\System32\dot3svc.dll - ok
15:49:41.0252 4524 [ 8EC04CA86F1D68DA9E11952EB85973D6 ] C:\Windows\System32\dps.dll
15:49:41.0252 4524 C:\Windows\System32\dps.dll - ok
15:49:41.0252 4524 [ 8600142FA91C1B96367D3300AD0F3F3A ] C:\Windows\System32\eapsvc.dll
15:49:41.0252 4524 C:\Windows\System32\eapsvc.dll - ok
15:49:41.0252 4524 [ 00A99DA54C14969A899ED316D16E9A9E ] C:\Windows\System32\efssvc.dll
15:49:41.0252 4524 C:\Windows\System32\efssvc.dll - ok
15:49:41.0262 4524 [ A8C362018EFC87BEB013EE28F29C0863 ] C:\Windows\ehome\ehrecvr.exe
15:49:41.0262 4524 C:\Windows\ehome\ehrecvr.exe - ok
15:49:41.0262 4524 [ D389BFF34F80CAEDE417BF9D1507996A ] C:\Windows\ehome\ehsched.exe
15:49:41.0262 4524 C:\Windows\ehome\ehsched.exe - ok
15:49:41.0262 4524 [ 241E015DD809CFB23242F890B1FC575B ] C:\Windows\System32\wevtsvc.dll
15:49:41.0262 4524 C:\Windows\System32\wevtsvc.dll - ok
15:49:41.0262 4524 [ C4096CA42199428B3D63DC206C197F0E ] C:\Windows\System32\FXSRESM.dll
15:49:41.0262 4524 C:\Windows\System32\FXSRESM.dll - ok
15:49:41.0262 4524 [ F3222C893BD2F5821A0179E5C71E88FB ] C:\Windows\System32\fdPHost.dll
15:49:41.0262 4524 C:\Windows\System32\fdPHost.dll - ok
15:49:41.0262 4524 [ 7DBE8CBFE79EFBDEB98C9FB08D3A9A5B ] C:\Windows\System32\FDResPub.dll
15:49:41.0262 4524 C:\Windows\System32\FDResPub.dll - ok
15:49:41.0262 4524 [ 6CF00369C97F3CF563BE99BE983D13D8 ] C:\Windows\System32\drivers\fileinfo.sys
15:49:41.0262 4524 C:\Windows\System32\drivers\fileinfo.sys - ok
15:49:41.0262 4524 [ 42C51DC94C91DA21CB9196EB64C45DB9 ] C:\Windows\System32\drivers\filetrace.sys
15:49:41.0262 4524 C:\Windows\System32\drivers\filetrace.sys - ok
15:49:41.0262 4524 [ 7520EC808E0C35E0EE6F841294316653 ] C:\Windows\System32\drivers\fltMgr.sys
15:49:41.0262 4524 C:\Windows\System32\drivers\fltMgr.sys - ok
15:49:41.0262 4524 [ B3A5EC6B6B6673DB7E87C2BCDBDDC074 ] C:\Windows\System32\FntCache.dll
15:49:41.0262 4524 C:\Windows\System32\FntCache.dll - ok
15:49:41.0262 4524 [ 6A08F1C87BBF6197F5DAD95CF41E5175 ] C:\Windows\System32\PresentationHost.exe
15:49:41.0262 4524 C:\Windows\System32\PresentationHost.exe - ok
15:49:41.0262 4524 [ 1A16B57943853E598CFF37FE2B8CBF1D ] C:\Windows\System32\drivers\fsdepends.sys
15:49:41.0262 4524 C:\Windows\System32\drivers\fsdepends.sys - ok
15:49:41.0262 4524 [ 8A73E79089B282100B9393B644CB853B ] C:\Windows\System32\drivers\fvevol.sys
15:49:41.0262 4524 C:\Windows\System32\drivers\fvevol.sys - ok
15:49:41.0262 4524 [ 1097F3035BAF46CED8B332B3564C5108 ] C:\Windows\System32\gpapi.dll
15:49:41.0262 4524 C:\Windows\System32\gpapi.dll - ok
15:49:41.0262 4524 [ 2BC6F6A1992B3A77F5F41432CA6B3B6B ] C:\Windows\System32\hidserv.dll
15:49:41.0262 4524 C:\Windows\System32\hidserv.dll - ok
15:49:41.0262 4524 [ 196B4E3F4CCCC24AF836CE58FACBB699 ] C:\Windows\System32\KMSVC.DLL
15:49:41.0262 4524 C:\Windows\System32\KMSVC.DLL - ok
15:49:41.0262 4524 [ 6658F4404DE03D75FE3BA09F7ABA6A30 ] C:\Windows\System32\ListSvc.dll
15:49:41.0262 4524 C:\Windows\System32\ListSvc.dll - ok
15:49:41.0262 4524 [ 871917B07A141BFF43D76D8844D48106 ] C:\Windows\System32\drivers\http.sys
15:49:41.0262 4524 C:\Windows\System32\drivers\http.sys - ok
15:49:41.0262 4524 [ DBC02D918FFF1CAD628ACBE0C0EAA8E8 ] C:\Windows\System32\provsvc.dll
15:49:41.0262 4524 C:\Windows\System32\provsvc.dll - ok
15:49:41.0262 4524 [ 0C4E035C7F105F1299258C90886C64C5 ] C:\Windows\System32\drivers\hwpolicy.sys
15:49:41.0262 4524 C:\Windows\System32\drivers\hwpolicy.sys - ok
15:49:41.0262 4524 [ 68F94A45AB26C06221B6BF5C491436D8 ] C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\ServiceModelInstallRC.dll
15:49:41.0262 4524 C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\ServiceModelInstallRC.dll - ok
15:49:41.0262 4524 [ F95622F161474511B8D80D6B093AA610 ] C:\Windows\System32\IKEEXT.DLL
15:49:41.0262 4524 C:\Windows\System32\IKEEXT.DLL - ok
15:49:41.0262 4524 [ ACB364B9075A45C0736E5C47BE5CAE19 ] C:\Windows\System32\IPBusEnum.dll
15:49:41.0262 4524 C:\Windows\System32\IPBusEnum.dll - ok
15:49:41.0262 4524 [ 58F67245D041FBE7AF88F4EAF79DF0FA ] C:\Windows\System32\iphlpsvc.dll
15:49:41.0262 4524 C:\Windows\System32\iphlpsvc.dll - ok
15:49:41.0262 4524 [ 42996CFF20A3084A56017B7902307E9F ] C:\Windows\System32\drivers\irenum.sys
15:49:41.0262 4524 C:\Windows\System32\drivers\irenum.sys - ok
15:49:41.0262 4524 [ AF75DBA674E55221B7A055B0A4345F16 ] C:\Windows\System32\keyiso.dll
15:49:41.0262 4524 C:\Windows\System32\keyiso.dll - ok
15:49:41.0272 4524 [ D64AF876D53ECA3668BB97B51B4E70AB ] C:\Windows\System32\srvsvc.dll
15:49:41.0272 4524 C:\Windows\System32\srvsvc.dll - ok
15:49:41.0272 4524 [ 58405E4F68BA8E4057C6E914F326ABA2 ] C:\Windows\System32\wkssvc.dll
15:49:41.0272 4524 C:\Windows\System32\wkssvc.dll - ok
15:49:41.0272 4524 [ 276678C13E3F01E9EC32ED7E56B4FEA0 ] C:\Windows\System32\lltdres.dll
15:49:41.0272 4524 C:\Windows\System32\lltdres.dll - ok
15:49:41.0272 4524 [ 55CA01BA19D0006C8F2639B6C045E08B ] C:\Windows\System32\lmhsvc.dll
15:49:41.0272 4524 C:\Windows\System32\lmhsvc.dll - ok
15:49:41.0272 4524 [ 6703E366CC18D3B6E534F5CF7DF39CEE ] C:\Windows\System32\drivers\luafv.sys
15:49:41.0272 4524 C:\Windows\System32\drivers\luafv.sys - ok
15:49:41.0272 4524 [ F7807FFF85E636D53A0C2C2CD8BCDC5F ] C:\Windows\ehome\ehres.dll
15:49:41.0272 4524 C:\Windows\ehome\ehres.dll - ok
15:49:41.0272 4524 [ 146B6F43A673379A3C670E86D89BE5EA ] C:\Windows\System32\mmcss.dll
15:49:41.0272 4524 C:\Windows\System32\mmcss.dll - ok
15:49:41.0272 4524 [ FC8771F45ECCCFD89684E38842539B9B ] C:\Windows\System32\drivers\mountmgr.sys
15:49:41.0272 4524 C:\Windows\System32\drivers\mountmgr.sys - ok
15:49:41.0272 4524 [ 3F50200237961034FACE602373838980 ] C:\Windows\System32\FirewallAPI.dll
15:49:41.0272 4524 C:\Windows\System32\FirewallAPI.dll - ok
15:49:41.0272 4524 [ A9D880F97530D5B8FEE278923349929D ] C:\Windows\System32\WebClnt.dll
15:49:41.0272 4524 C:\Windows\System32\WebClnt.dll - ok
15:49:41.0272 4524 [ 3E1E5767043C5AF9367F0056295E9F84 ] C:\Windows\System32\drivers\mshidkmdf.sys
15:49:41.0272 4524 C:\Windows\System32\drivers\mshidkmdf.sys - ok
15:49:41.0272 4524 [ BB5B4BA716D145B2ADF241052EDAB983 ] C:\Windows\System32\iscsidsc.dll
15:49:41.0272 4524 C:\Windows\System32\iscsidsc.dll - ok
15:49:41.0272 4524 [ 1F59B386F652A0484A3CC0B680B1132B ] C:\Windows\System32\msimsg.dll
15:49:41.0272 4524 C:\Windows\System32\msimsg.dll - ok

#15 vmoose

vmoose
  • Topic Starter

  • Members
  • 14 posts
  • OFFLINE
  •  
  • Local time:02:56 AM

Posted 14 December 2012 - 03:42 AM

TDS Killer (Log File part 3)
15:49:41.0272 4524 [ 159FAD02F64E6381758C990F753BCC80 ] C:\Windows\System32\drivers\mup.sys
15:49:41.0272 4524 C:\Windows\System32\drivers\mup.sys - ok
15:49:41.0272 4524 [ 61D57A5D7C6D9AFE10E77DAE6E1B445E ] C:\Windows\System32\QAGENTRT.DLL
15:49:41.0272 4524 C:\Windows\System32\QAGENTRT.DLL - ok
15:49:41.0272 4524 [ 8C9C922D71F1CD4DEF73F186416B7896 ] C:\Windows\System32\drivers\ndis.sys
15:49:41.0272 4524 C:\Windows\System32\drivers\ndis.sys - ok
15:49:41.0272 4524 [ 7CCCFCA7510684768DA22092D1FA4DB2 ] C:\Windows\System32\netman.dll
15:49:41.0272 4524 C:\Windows\System32\netman.dll - ok
15:49:41.0272 4524 [ 8C338238C16777A802D6A9211EB2BA50 ] C:\Windows\System32\netprofm.dll
15:49:41.0272 4524 C:\Windows\System32\netprofm.dll - ok
15:49:41.0272 4524 [ 374071043F9E4231EE43BE2BB48DD36D ] C:\Windows\System32\nlasvc.dll
15:49:41.0272 4524 C:\Windows\System32\nlasvc.dll - ok
15:49:41.0272 4524 [ BA387E955E890C8A88306D9B8D06BF17 ] C:\Windows\System32\nsisvc.dll
15:49:41.0272 4524 C:\Windows\System32\nsisvc.dll - ok
15:49:41.0272 4524 [ 82A8521DDC60710C3D3D3E7325209BEC ] C:\Windows\System32\pnrpsvc.dll
15:49:41.0272 4524 C:\Windows\System32\pnrpsvc.dll - ok
15:49:41.0272 4524 [ 59C3DDD501E39E006DAC31BF55150D91 ] C:\Windows\System32\p2psvc.dll
15:49:41.0272 4524 C:\Windows\System32\p2psvc.dll - ok
15:49:41.0272 4524 [ 3F34A1B4C5F6475F320C275E63AFCE9B ] C:\Windows\System32\drivers\partmgr.sys
15:49:41.0272 4524 C:\Windows\System32\drivers\partmgr.sys - ok
15:49:41.0272 4524 [ 358AB7956D3160000726574083DFC8A6 ] C:\Windows\System32\pcasvc.dll
15:49:41.0272 4524 C:\Windows\System32\pcasvc.dll - ok
15:49:41.0272 4524 [ 414BBA67A3DED1D28437EB66AEB8A720 ] C:\Windows\System32\pla.dll
15:49:41.0272 4524 C:\Windows\System32\pla.dll - ok
15:49:41.0272 4524 [ EC7BC28D207DA09E79B3E9FAF8B232CA ] C:\Windows\System32\umpnpmgr.dll
15:49:41.0272 4524 C:\Windows\System32\umpnpmgr.dll - ok
15:49:41.0272 4524 [ 63FF8572611249931EB16BB8EED6AFC8 ] C:\Windows\System32\pnrpauto.dll
15:49:41.0272 4524 C:\Windows\System32\pnrpauto.dll - ok
15:49:41.0282 4524 [ 0E6DCD164732580CC1E57276252F49CF ] C:\Windows\System32\polstore.dll
15:49:41.0282 4524 C:\Windows\System32\polstore.dll - ok
15:49:41.0282 4524 [ CADEFAC453040E370A1BDFF3973BE00D ] C:\Windows\System32\profsvc.dll
15:49:41.0282 4524 C:\Windows\System32\profsvc.dll - ok
15:49:41.0282 4524 [ F87D30E72E03D579A5199CCB3831D6EA ] C:\Windows\System32\umpo.dll
15:49:41.0282 4524 C:\Windows\System32\umpo.dll - ok
15:49:41.0282 4524 [ 274992D0945889A6B56D0E1BD4288A6E ] C:\Windows\System32\psbase.dll
15:49:41.0282 4524 C:\Windows\System32\psbase.dll - ok
15:49:41.0282 4524 [ 31AC809E7707EB580B2BDB760390765A ] C:\Windows\System32\qwave.dll
15:49:41.0282 4524 C:\Windows\System32\qwave.dll - ok
15:49:41.0282 4524 [ 584078CA1B95CA72DF2A27C336F9719D ] C:\Windows\System32\drivers\qwavedrv.sys
15:49:41.0282 4524 C:\Windows\System32\drivers\qwavedrv.sys - ok
15:49:41.0282 4524 [ A60F1839849C0C00739787FD5EC03F13 ] C:\Windows\System32\rasauto.dll
15:49:41.0282 4524 C:\Windows\System32\rasauto.dll - ok
15:49:41.0282 4524 [ CB9E04DC05EACF5B9A36CA276D475006 ] C:\Windows\System32\rasmans.dll
15:49:41.0282 4524 C:\Windows\System32\rasmans.dll - ok
15:49:41.0282 4524 [ D318F23BE45D5E3A107469EB64815B50 ] C:\Windows\System32\sstpsvc.dll
15:49:41.0282 4524 C:\Windows\System32\sstpsvc.dll - ok
15:49:41.0282 4524 [ 7B5E1419717FAC363A31CC302895217A ] C:\Windows\System32\mprdim.dll
15:49:41.0282 4524 C:\Windows\System32\mprdim.dll - ok
15:49:41.0282 4524 [ CB9A8683F4EF2BF99E123D79950D7935 ] C:\Windows\System32\regsvc.dll
15:49:41.0282 4524 C:\Windows\System32\regsvc.dll - ok
15:49:41.0282 4524 [ 78D072F35BC45D9E4E1B61895C152234 ] C:\Windows\System32\RpcEpMap.dll
15:49:41.0282 4524 C:\Windows\System32\RpcEpMap.dll - ok
15:49:41.0282 4524 [ 94D36C0E44677DD26981D2BFEEF2A29D ] C:\Windows\System32\Locator.exe
15:49:41.0282 4524 C:\Windows\System32\Locator.exe - ok
15:49:41.0282 4524 [ 8FC518FFE9519C2631D37515A68009C4 ] C:\Windows\System32\SCardSvr.dll
15:49:41.0282 4524 C:\Windows\System32\SCardSvr.dll - ok
15:49:41.0282 4524 [ 0693B5EC673E34DC147E195779A4DCF6 ] C:\Windows\System32\drivers\scfilter.sys
15:49:41.0282 4524 C:\Windows\System32\drivers\scfilter.sys - ok
15:49:41.0282 4524 [ A04BB13F8A72F8B6E8B4071723E4E336 ] C:\Windows\System32\schedsvc.dll
15:49:41.0282 4524 C:\Windows\System32\schedsvc.dll - ok
15:49:41.0282 4524 [ 08236C4BCE5EDD0A0318A438AF28E0F7 ] C:\Windows\System32\sdrsvc.dll
15:49:41.0282 4524 C:\Windows\System32\sdrsvc.dll - ok
15:49:41.0282 4524 [ A59B3A4442C52060CC7A85293AA3546F ] C:\Windows\System32\seclogon.dll
15:49:41.0282 4524 C:\Windows\System32\seclogon.dll - ok
15:49:41.0282 4524 [ DCB7FCDCC97F87360F75D77425B81737 ] C:\Windows\System32\Sens.dll
15:49:41.0282 4524 C:\Windows\System32\Sens.dll - ok
15:49:41.0282 4524 [ 50087FE1EE447009C9CC2997B90DE53F ] C:\Windows\System32\sensrsvc.dll
15:49:41.0282 4524 C:\Windows\System32\sensrsvc.dll - ok
15:49:41.0282 4524 [ 4AE380F39A0032EAB7DD953030B26D28 ] C:\Windows\System32\SessEnv.dll
15:49:41.0282 4524 C:\Windows\System32\SessEnv.dll - ok
15:49:41.0282 4524 [ D1A079A0DE2EA524513B6930C24527A2 ] C:\Windows\System32\ipnathlp.dll
15:49:41.0282 4524 C:\Windows\System32\ipnathlp.dll - ok
15:49:41.0282 4524 [ 414DA952A35BF5D50192E28263B40577 ] C:\Windows\System32\shsvcs.dll
15:49:41.0282 4524 C:\Windows\System32\shsvcs.dll - ok
15:49:41.0282 4524 [ CAFC0B884E5590B5E80D84F592388B3D ] C:\Windows\System32\tcpipcfg.dll
15:49:41.0282 4524 C:\Windows\System32\tcpipcfg.dll - ok
15:49:41.0282 4524 [ 6A984831644ECA1A33FFEAE4126F4F37 ] C:\Windows\System32\snmptrap.exe
15:49:41.0282 4524 C:\Windows\System32\snmptrap.exe - ok
15:49:41.0292 4524 [ 9AEA093B8F9C37CF45538382CABA2475 ] C:\Windows\System32\spoolsv.exe
15:49:41.0292 4524 C:\Windows\System32\spoolsv.exe - ok
15:49:41.0292 4524 [ CF87A1DE791347E75B98885214CED2B8 ] C:\Windows\System32\sppsvc.exe
15:49:41.0292 4524 C:\Windows\System32\sppsvc.exe - ok
15:49:41.0292 4524 [ B0180B20B065D89232A78A40FE56EAA6 ] C:\Windows\System32\sppuinotify.dll
15:49:41.0292 4524 C:\Windows\System32\sppuinotify.dll - ok
15:49:41.0292 4524 [ D887C9FD02AC9FA880F6E5027A43E118 ] C:\Windows\System32\ssdpsrv.dll
15:49:41.0292 4524 C:\Windows\System32\ssdpsrv.dll - ok
15:49:41.0292 4524 [ E1FB3706030FB4578A0D72C2FC3689E4 ] C:\Windows\System32\wiaservc.dll
15:49:41.0292 4524 C:\Windows\System32\wiaservc.dll - ok
15:49:41.0292 4524 [ A28BD92DF340E57B024BA433165D34D7 ] C:\Windows\System32\swprv.dll
15:49:41.0292 4524 C:\Windows\System32\swprv.dll - ok
15:49:41.0292 4524 [ 36650D618CA34C9D357DFD3D89B2C56F ] C:\Windows\System32\sysmain.dll
15:49:41.0292 4524 C:\Windows\System32\sysmain.dll - ok
15:49:41.0292 4524 [ 763FECDC3D30C815FE72DD57936C6CD1 ] C:\Windows\System32\TabSvc.dll
15:49:41.0292 4524 C:\Windows\System32\TabSvc.dll - ok
15:49:41.0292 4524 [ 613BF4820361543956909043A265C6AC ] C:\Windows\System32\tapisrv.dll
15:49:41.0292 4524 C:\Windows\System32\tapisrv.dll - ok
15:49:41.0292 4524 [ B799D9FDB26111737F58288D8DC172D9 ] C:\Windows\System32\tbssvc.dll
15:49:41.0292 4524 C:\Windows\System32\tbssvc.dll - ok
15:49:41.0292 4524 [ 382C804C92811BE57829D8E550A900E2 ] C:\Windows\System32\termsrv.dll
15:49:41.0292 4524 C:\Windows\System32\termsrv.dll - ok
15:49:41.0292 4524 [ 42FB6AFD6B79D9FE07381609172E7CA4 ] C:\Windows\System32\themeservice.dll
15:49:41.0292 4524 C:\Windows\System32\themeservice.dll - ok
15:49:41.0292 4524 [ 4792C0378DB99A9BC2AE2DE6CFFF0C3A ] C:\Windows\System32\trkwks.dll
15:49:41.0292 4524 C:\Windows\System32\trkwks.dll - ok
15:49:41.0292 4524 [ 2C49B175AEE1D4364B91B531417FE583 ] C:\Windows\servicing\TrustedInstaller.exe
15:49:41.0292 4524 C:\Windows\servicing\TrustedInstaller.exe - ok
15:49:41.0292 4524 [ 254BB140EEE3C59D6114C1A86B636877 ] C:\Windows\System32\drivers\tssecsrv.sys
15:49:41.0292 4524 C:\Windows\System32\drivers\tssecsrv.sys - ok
15:49:41.0292 4524 [ FD1D6C73E6333BE727CBCC6054247654 ] C:\Windows\System32\drivers\TsUsbFlt.sys
15:49:41.0292 4524 C:\Windows\System32\drivers\TsUsbFlt.sys - ok
15:49:41.0292 4524 [ 8344FD4FCE927880AA1AA7681D4927E5 ] C:\Windows\System32\UI0Detect.exe
15:49:41.0292 4524 C:\Windows\System32\UI0Detect.exe - ok
15:49:41.0292 4524 [ 833FBB672460EFCE8011D262175FAD33 ] C:\Windows\System32\upnphost.dll
15:49:41.0292 4524 C:\Windows\System32\upnphost.dll - ok
15:49:41.0292 4524 [ 505BF4D1CADEB8D4F8BCD08D944DE25D ] C:\Windows\System32\dwm.exe
15:49:41.0292 4524 C:\Windows\System32\dwm.exe - ok
15:49:41.0292 4524 [ 6FEC7B9A76B41D9AC67615A3040017F5 ] C:\Windows\System32\vaultsvc.dll
15:49:41.0292 4524 C:\Windows\System32\vaultsvc.dll - ok
15:49:41.0292 4524 [ C3CD30495687C2A2F66A65CA6FD89BE9 ] C:\Windows\System32\vds.exe
15:49:41.0292 4524 C:\Windows\System32\vds.exe - ok
15:49:41.0292 4524 [ B5BB72067DDDDBBFB04B2F89FF8C3C87 ] C:\Windows\System32\drivers\volmgrx.sys
15:49:41.0292 4524 C:\Windows\System32\drivers\volmgrx.sys - ok
15:49:41.0292 4524 [ 209A3B1901B83AEB8527ED211CCE9E4C ] C:\Windows\System32\VSSVC.exe
15:49:41.0292 4524 C:\Windows\System32\VSSVC.exe - ok
15:49:41.0292 4524 [ 55187FD710E27D5095D10A472C8BAF1C ] C:\Windows\System32\w32time.dll
15:49:41.0292 4524 C:\Windows\System32\w32time.dll - ok
15:49:41.0292 4524 [ 6F3705B2E59AC26FDA582BF5826F9D21 ] C:\Windows\System32\Wat\WatUX.exe
15:49:41.0292 4524 C:\Windows\System32\Wat\WatUX.exe - ok
15:49:41.0292 4524 [ 691E3285E53DCA558E1A84667F13E15A ] C:\Windows\System32\wbengine.exe
15:49:41.0292 4524 C:\Windows\System32\wbengine.exe - ok
15:49:41.0292 4524 [ 9614B5D29DC76AC3C29F6D2D3AA70E67 ] C:\Windows\System32\wbiosrvc.dll
15:49:41.0292 4524 C:\Windows\System32\wbiosrvc.dll - ok
15:49:41.0302 4524 [ 34EEE0DFAADB4F691D6D5308A51315DC ] C:\Windows\System32\wcncsvc.dll
15:49:41.0302 4524 C:\Windows\System32\wcncsvc.dll - ok
15:49:41.0302 4524 [ 5D930B6357A6D2AF4D7653BDABBF352F ] C:\Windows\System32\WcsPlugInService.dll
15:49:41.0302 4524 C:\Windows\System32\WcsPlugInService.dll - ok
15:49:41.0302 4524 [ A840213F1ACDCC175B4D1D5AAEAC0D7A ] C:\Windows\System32\drivers\Wdf01000.sys
15:49:41.0302 4524 C:\Windows\System32\drivers\Wdf01000.sys - ok
15:49:41.0302 4524 [ 46EF9DC96265FD0B423DB72E7C38C2A5 ] C:\Windows\System32\wdi.dll
15:49:41.0302 4524 C:\Windows\System32\wdi.dll - ok
15:49:41.0302 4524 [ 760F0AFE937A77CFF27153206534F275 ] C:\Windows\System32\wecsvc.dll
15:49:41.0302 4524 C:\Windows\System32\wecsvc.dll - ok
15:49:41.0302 4524 [ AC804569BB2364FB6017370258A4091B ] C:\Windows\System32\wercplsupport.dll
15:49:41.0302 4524 C:\Windows\System32\wercplsupport.dll - ok
15:49:41.0302 4524 [ 08E420D873E4FD85241EE2421B02C4A4 ] C:\Windows\System32\wersvc.dll
15:49:41.0302 4524 C:\Windows\System32\wersvc.dll - ok
15:49:41.0302 4524 [ EFD4E29FED530564BE4C3076C806FB65 ] C:\Program Files\Windows Defender\MsMpRes.dll
15:49:41.0302 4524 C:\Program Files\Windows Defender\MsMpRes.dll - ok
15:49:41.0302 4524 [ F62E510B6AD4C21EB9FE8668ED251826 ] C:\Windows\System32\wbem\WMIsvc.dll
15:49:41.0302 4524 C:\Windows\System32\wbem\WMIsvc.dll - ok
15:49:41.0302 4524 [ CA9F7888B524D8100B977C81F44C3234 ] C:\Windows\System32\winhttp.dll
15:49:41.0302 4524 C:\Windows\System32\winhttp.dll - ok
15:49:41.0302 4524 [ 1B91CD34EA3A90AB6A4EF0550174F4CC ] C:\Windows\System32\WsmSvc.dll
15:49:41.0302 4524 C:\Windows\System32\WsmSvc.dll - ok
15:49:41.0302 4524 [ 16935C98FF639D185086A3529B1F2067 ] C:\Windows\System32\wlansvc.dll
15:49:41.0302 4524 C:\Windows\System32\wlansvc.dll - ok
15:49:41.0302 4524 [ 6EB6B66517B048D87DC1856DDF1F4C3F ] C:\Windows\System32\wbem\WmiApSrv.exe
15:49:41.0302 4524 C:\Windows\System32\wbem\WmiApSrv.exe - ok
15:49:41.0302 4524 [ 3B40D3A61AA8C21B88AE57C58AB3122E ] C:\Program Files\Windows Media Player\wmpnetwk.exe
15:49:41.0302 4524 C:\Program Files\Windows Media Player\wmpnetwk.exe - ok
15:49:41.0302 4524 [ A2F0EC770A92F2B3F9DE6D518E11409C ] C:\Windows\System32\wpcsvc.dll
15:49:41.0302 4524 C:\Windows\System32\wpcsvc.dll - ok
15:49:41.0302 4524 [ AA53356D60AF47EACC85BC617A4F3F66 ] C:\Windows\System32\wpdbusenum.dll
15:49:41.0302 4524 C:\Windows\System32\wpdbusenum.dll - ok
15:49:41.0302 4524 [ 6F5D49EFE0E7164E03AE773A3FE25340 ] C:\Windows\System32\wscsvc.dll
15:49:41.0302 4524 C:\Windows\System32\wscsvc.dll - ok
15:49:41.0302 4524 [ 236F286E103FD44BD85FDD93097FD5DD ] C:\Windows\System32\SearchIndexer.exe
15:49:41.0302 4524 C:\Windows\System32\SearchIndexer.exe - ok
15:49:41.0302 4524 [ FC3EC24FCE372C89423E015A2AC1A31E ] C:\Windows\System32\wuaueng.dll
15:49:41.0302 4524 C:\Windows\System32\wuaueng.dll - ok
15:49:41.0302 4524 [ 06E6F32C8D0A3F66D956F57B43A2E070 ] C:\Windows\System32\drivers\WUDFPf.sys
15:49:41.0302 4524 C:\Windows\System32\drivers\WUDFPf.sys - ok
15:49:41.0302 4524 [ FE47B7BC8EA320C2D9B5E5BF6E303765 ] C:\Windows\System32\WUDFSvc.dll
15:49:41.0302 4524 C:\Windows\System32\WUDFSvc.dll - ok
15:49:41.0302 4524 [ FF2D745B560F7C71B31F30F4D49F73D2 ] C:\Windows\System32\wwansvc.dll
15:49:41.0302 4524 C:\Windows\System32\wwansvc.dll - ok
15:49:41.0302 4524 [ 7222995615BF93B628DCEA4BD6CCACF7 ] C:\Windows\System32\ubpm.dll
15:49:41.0302 4524 C:\Windows\System32\ubpm.dll - ok
15:49:41.0302 4524 [ FD07F21E0A19C27ED4E1EEC2B07452B3 ] C:\Windows\System32\devrtl.dll
15:49:41.0302 4524 C:\Windows\System32\devrtl.dll - ok
15:49:41.0302 4524 [ 4BDBBE5E4208022DD794F7EEEB0F7366 ] C:\Windows\System32\SPInf.dll
15:49:41.0302 4524 C:\Windows\System32\SPInf.dll - ok
15:49:41.0302 4524 [ 54A47F6B5E09A77E61649109C6A08866 ] C:\Windows\System32\svchost.exe
15:49:41.0302 4524 C:\Windows\System32\svchost.exe - ok
15:49:41.0302 4524 [ D15618A0FF8DBC2C5BF3726BACC75A0B ] C:\Windows\System32\userenv.dll
15:49:41.0302 4524 C:\Windows\System32\userenv.dll - ok
15:49:41.0312 4524 [ 5893EBDCE371174AC89ECD7731DD6D77 ] C:\Windows\System32\pcwum.dll
15:49:41.0312 4524 C:\Windows\System32\pcwum.dll - ok
15:49:41.0312 4524 [ 08DFDBD2FD4EA951DC46B1C7661ED35A ] C:\Windows\System32\powrprof.dll
15:49:41.0312 4524 C:\Windows\System32\powrprof.dll - ok
15:49:41.0312 4524 [ 7660F01D3B38ACA1747E397D21D790AF ] C:\Windows\System32\rpcss.dll
15:49:41.0312 4524 C:\Windows\System32\rpcss.dll - ok
15:49:41.0312 4524 [ EE5C8E27C37B79CB54A2FCEEED2DC262 ] C:\Windows\System32\WSHTCPIP.DLL
15:49:41.0312 4524 C:\Windows\System32\WSHTCPIP.DLL - ok
15:49:41.0312 4524 [ 702254574E7E52052DE39408457B7149 ] C:\Windows\System32\version.dll
15:49:41.0312 4524 C:\Windows\System32\version.dll - ok
15:49:41.0312 4524 [ 81F08948A0F1475894C99D4D19A158A8 ] C:\Windows\System32\wshqos.dll
15:49:41.0312 4524 C:\Windows\System32\wshqos.dll - ok
15:49:41.0312 4524 [ 3EF0D8AB08385AAB5802E773511A2E6A ] C:\Windows\System32\LogonUI.exe
15:49:41.0312 4524 C:\Windows\System32\LogonUI.exe - ok
15:49:41.0312 4524 [ CDD35C1CE1EBFE80C055691CDC8DF443 ] C:\Windows\System32\authui.dll
15:49:41.0312 4524 C:\Windows\System32\authui.dll - ok
15:49:41.0312 4524 [ AC8C80DC4F1A6E60C9A762C1799F0B39 ] C:\Windows\System32\adtschema.dll
15:49:41.0312 4524 C:\Windows\System32\adtschema.dll - ok
15:49:41.0312 4524 [ 243974EC02F7AE49E4179C54624143AB ] C:\Windows\System32\MMDevAPI.dll
15:49:41.0312 4524 C:\Windows\System32\MMDevAPI.dll - ok
15:49:41.0312 4524 [ 12C45E3CB6D65F73209549E2D02ECA7A ] C:\Windows\System32\propsys.dll
15:49:41.0312 4524 C:\Windows\System32\propsys.dll - ok
15:49:41.0312 4524 [ 139D3AB6AA920C34C50CBFFB9EB7D222 ] C:\Windows\System32\avrt.dll
15:49:41.0312 4524 C:\Windows\System32\avrt.dll - ok
15:49:41.0312 4524 [ 28CA821606669BB9215CE010767720FA ] C:\Windows\System32\cryptui.dll
15:49:41.0312 4524 C:\Windows\System32\cryptui.dll - ok
15:49:41.0312 4524 [ 8B0B4C5927A333A05513791758350DC4 ] C:\Windows\System32\microsoft-windows-kernel-power-events.dll
15:49:41.0312 4524 C:\Windows\System32\microsoft-windows-kernel-power-events.dll - ok
15:49:41.0312 4524 [ 9835584E999D25004E1EE8E5F3E3B881 ] C:\Windows\System32\MPSSVC.dll
15:49:41.0312 4524 C:\Windows\System32\MPSSVC.dll - ok
15:49:41.0312 4524 [ D93A937A2A9D2CBC06B3A615A197011F ] C:\Windows\System32\PSHED.DLL
15:49:41.0312 4524 C:\Windows\System32\PSHED.DLL - ok
15:49:41.0312 4524 [ 1F5497D7D3D79C7BF0AB0C8B4C5BFE6E ] C:\Windows\System32\microsoft-windows-kernel-processor-power-events.dll
15:49:41.0312 4524 C:\Windows\System32\microsoft-windows-kernel-processor-power-events.dll - ok
15:49:41.0312 4524 [ 352B3DC62A0D259A82A052238425C872 ] C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2\comctl32.dll
15:49:41.0312 4524 C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2\comctl32.dll - ok
15:49:41.0312 4524 [ C30A3E5DEEEBA22E782AC54C5AF5F352 ] C:\Windows\System32\samlib.dll
15:49:41.0312 4524 C:\Windows\System32\samlib.dll - ok
15:49:41.0312 4524 [ F14A9B1778376D0B1788E402AC1F831A ] C:\Windows\System32\shacct.dll
15:49:41.0312 4524 C:\Windows\System32\shacct.dll - ok
15:49:41.0312 4524 [ 63BFDF555DA2075A77D677829C3CCCD0 ] C:\Windows\System32\uxtheme.dll
15:49:41.0312 4524 C:\Windows\System32\uxtheme.dll - ok
15:49:41.0312 4524 [ 7717F84F483002815490033BF069DABD ] C:\Windows\winsxs\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.17825_none_72d273598668a06b\GdiPlus.dll
15:49:41.0312 4524 C:\Windows\winsxs\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.17825_none_72d273598668a06b\GdiPlus.dll - ok
15:49:41.0312 4524 [ F68194F74350D4A2ADE98961E33F884C ] C:\Windows\System32\audiodg.exe
15:49:41.0312 4524 C:\Windows\System32\audiodg.exe - ok
15:49:41.0312 4524 [ EE06B85BC69F18826302348A2AD089E0 ] C:\Windows\System32\dui70.dll
15:49:41.0312 4524 C:\Windows\System32\dui70.dll - ok
15:49:41.0312 4524 [ 6E1F8165C365D35C8E3C045AF0CDD481 ] C:\Windows\System32\duser.dll
15:49:41.0312 4524 C:\Windows\System32\duser.dll - ok
15:49:41.0312 4524 [ 3FD15B4611D9BDA3F8013548C0ECAECA ] C:\Windows\System32\ntmarta.dll
15:49:41.0312 4524 C:\Windows\System32\ntmarta.dll - ok
15:49:41.0322 4524 [ E897EAF5ED6BA41E081060C9B447A673 ] C:\Windows\System32\gpsvc.dll
15:49:41.0322 4524 C:\Windows\System32\gpsvc.dll - ok
15:49:41.0322 4524 [ 9C67F6BBDA3881CFD02095160CF91576 ] C:\Windows\System32\ksuser.dll
15:49:41.0322 4524 C:\Windows\System32\ksuser.dll - ok
15:49:41.0322 4524 [ D205C24A9D069049FE2DF2A1B38726A7 ] C:\Windows\System32\wdmaud.drv
15:49:41.0322 4524 C:\Windows\System32\wdmaud.drv - ok
15:49:41.0322 4524 [ D5AEFAD57C08349A4393D987DF7C715D ] C:\Windows\System32\winmm.dll
15:49:41.0322 4524 C:\Windows\System32\winmm.dll - ok
15:49:41.0322 4524 [ C940F2F5C60B3727C5F18840735B229C ] C:\Windows\System32\AudioSes.dll
15:49:41.0322 4524 C:\Windows\System32\AudioSes.dll - ok
15:49:41.0322 4524 [ 5A12C364AD1D4FCC0AD0E56DBBC34462 ] C:\Windows\System32\midimap.dll
15:49:41.0322 4524 C:\Windows\System32\midimap.dll - ok
15:49:41.0322 4524 [ 85683DF1F917E4D7F6BE1A04986BF1C8 ] C:\Windows\System32\msacm32.dll
15:49:41.0322 4524 C:\Windows\System32\msacm32.dll - ok
15:49:41.0322 4524 [ 07393A09C46083588E751B63B03C8301 ] C:\Windows\System32\msacm32.drv
15:49:41.0322 4524 C:\Windows\System32\msacm32.drv - ok
15:49:41.0322 4524 [ 2CFA4569350B7F84F815E9EC34E85766 ] C:\Windows\System32\SndVolSSO.dll
15:49:41.0322 4524 C:\Windows\System32\SndVolSSO.dll - ok
15:49:41.0322 4524 [ BBA9D5A730D5E304117AD26923EBD8AA ] C:\Windows\System32\AudioEng.dll
15:49:41.0322 4524 C:\Windows\System32\AudioEng.dll - ok
15:49:41.0322 4524 [ 39C5F32747B3414D1BB216FDB1DEFC58 ] C:\Windows\System32\dwmapi.dll
15:49:41.0322 4524 C:\Windows\System32\dwmapi.dll - ok
15:49:41.0322 4524 [ 63DF770DF74ACB370EF5A16727069AAF ] C:\Windows\System32\hid.dll
15:49:41.0322 4524 C:\Windows\System32\hid.dll - ok
15:49:41.0322 4524 [ 50E0DD0A5B8D8BC353578F2F73926697 ] C:\Windows\System32\nlaapi.dll
15:49:41.0322 4524 C:\Windows\System32\nlaapi.dll - ok
15:49:41.0322 4524 [ EDF2A5E96BEC469DA3F64E9BDD386111 ] C:\Windows\System32\xmllite.dll
15:49:41.0322 4524 C:\Windows\System32\xmllite.dll - ok
15:49:41.0322 4524 [ F10E5311E5093FA3C00FF88C54C32FCA ] C:\Windows\System32\atl.dll
15:49:41.0322 4524 C:\Windows\System32\atl.dll - ok
15:49:41.0322 4524 [ 96F0F8F4DEE598C8D12AD9633E0CFE2A ] C:\Windows\System32\AUDIOKSE.dll
15:49:41.0322 4524 C:\Windows\System32\AUDIOKSE.dll - ok
15:49:41.0322 4524 [ 2F040CF0613A6D64DCBBA9EE81F5A5AE ] C:\Windows\System32\dsrole.dll
15:49:41.0322 4524 C:\Windows\System32\dsrole.dll - ok
15:49:41.0322 4524 [ 8B74CEC6980D4816B0037AE9A27E538F ] C:\Windows\System32\slc.dll
15:49:41.0322 4524 C:\Windows\System32\slc.dll - ok
15:49:41.0322 4524 [ 1DB71A41DAEE6B3F8CD0DDA8209FA2D5 ] C:\Windows\System32\WindowsCodecs.dll
15:49:41.0322 4524 C:\Windows\System32\WindowsCodecs.dll - ok
15:49:41.0322 4524 [ 552FFE7BDF817751756AB6D5EB95C370 ] C:\Windows\System32\CX32GP25.dll
15:49:41.0322 4524 C:\Windows\System32\CX32GP25.dll - ok
15:49:41.0322 4524 [ F6916EFC29D9953D5D0DF06882AE8E16 ] C:\Windows\System32\es.dll
15:49:41.0322 4524 C:\Windows\System32\es.dll - ok
15:49:41.0322 4524 [ A399514D3B28C9A3453A486BBAAFF1C7 ] C:\Windows\System32\wdscore.dll
15:49:41.0322 4524 C:\Windows\System32\wdscore.dll - ok
15:49:41.0322 4524 [ 53223B673A3FA2F9A4D1C31C8D3F6CD8 ] C:\Windows\System32\dbghelp.dll
15:49:41.0322 4524 C:\Windows\System32\dbghelp.dll - ok
15:49:41.0322 4524 [ 326C7F76A29897A892AA7726E91C1C67 ] C:\Windows\System32\winbrand.dll
15:49:41.0322 4524 C:\Windows\System32\winbrand.dll - ok
15:49:41.0322 4524 [ 65BF13016A3C22775F3E17591AE5268A ] C:\Windows\System32\VaultCredProvider.dll
15:49:41.0322 4524 C:\Windows\System32\VaultCredProvider.dll - ok
15:49:41.0322 4524 [ 05BF975CA428E04B462FB90841B37C95 ] C:\Windows\System32\SmartcardCredentialProvider.dll
15:49:41.0322 4524 C:\Windows\System32\SmartcardCredentialProvider.dll - ok
15:49:41.0322 4524 [ E59F08ED9D2A128CE436BBFC232247F6 ] C:\Windows\System32\BioCredProv.dll
15:49:41.0322 4524 C:\Windows\System32\BioCredProv.dll - ok
15:49:41.0332 4524 [ 6A6B2EE4565A178035BE2A4FF6F2C968 ] C:\Windows\System32\wtsapi32.dll
15:49:41.0332 4524 C:\Windows\System32\wtsapi32.dll - ok
15:49:41.0332 4524 [ 108C2CFA5527458C096A699929ECBD80 ] C:\Windows\System32\credui.dll
15:49:41.0332 4524 C:\Windows\System32\credui.dll - ok
15:49:41.0332 4524 [ 3FAD263CE1E2A6FFF40D00043B2275E3 ] C:\Windows\System32\winbio.dll
15:49:41.0332 4524 C:\Windows\System32\winbio.dll - ok
15:49:41.0332 4524 [ 4E30ED3E551E867ADD1C8D58F5EDD9DF ] C:\Windows\System32\WMALFXGFXDSP.dll
15:49:41.0332 4524 C:\Windows\System32\WMALFXGFXDSP.dll - ok
15:49:41.0332 4524 [ 36B8D5903CEEF0AA42A1EE002BD27FF1 ] C:\Windows\System32\vaultcli.dll
15:49:41.0332 4524 C:\Windows\System32\vaultcli.dll - ok
15:49:41.0332 4524 [ 1A61FF452B72860F58B9F07536E6AD80 ] C:\Program Files\Toshiba\SmartFaceV\SmartFaceVCP.dll
15:49:41.0332 4524 C:\Program Files\Toshiba\SmartFaceV\SmartFaceVCP.dll - ok
15:49:41.0332 4524 [ 2FCA0D2C59A855C54BAFA22AA329DF0F ] C:\Windows\System32\netapi32.dll
15:49:41.0332 4524 C:\Windows\System32\netapi32.dll - ok
15:49:41.0332 4524 [ 20B3934DB73EABA2B49B7177873CB81F ] C:\Windows\System32\netutils.dll
15:49:41.0332 4524 C:\Windows\System32\netutils.dll - ok
15:49:41.0332 4524 [ 68ECCA523ED760AAFC03C5D587569859 ] C:\Windows\System32\samcli.dll
15:49:41.0332 4524 C:\Windows\System32\samcli.dll - ok
15:49:41.0332 4524 [ E5A4A1326A02F8E7B59E6C3270CE7202 ] C:\Windows\System32\wkscli.dll
15:49:41.0332 4524 C:\Windows\System32\wkscli.dll - ok
15:49:41.0332 4524 [ 0E35F9F99877BE603A3B44276D18EDD2 ] C:\Program Files\Toshiba\SmartFaceV\SmartFaceVHelper.dll
15:49:41.0332 4524 C:\Program Files\Toshiba\SmartFaceV\SmartFaceVHelper.dll - ok
15:49:41.0332 4524 [ 5B3D1C528CD6674FF6BD1F6720F5A686 ] C:\Windows\winsxs\x86_microsoft-windows-servicingstack_31bf3856ad364e35_6.1.7601.17592_none_0b0e4b4025cf4049\CbsCore.dll
15:49:41.0332 4524 C:\Windows\winsxs\x86_microsoft-windows-servicingstack_31bf3856ad364e35_6.1.7601.17592_none_0b0e4b4025cf4049\CbsCore.dll - ok
15:49:41.0332 4524 [ E161BDB20AA7704A0F2803C5069A859C ] C:\Program Files\Toshiba\SmartFaceV\SmartFaceVCtrl.dll
15:49:41.0332 4524 C:\Program Files\Toshiba\SmartFaceV\SmartFaceVCtrl.dll - ok
15:49:41.0332 4524 [ 0B3595A4FF0B36D68E5FC67FD7D70FDC ] C:\Windows\winsxs\x86_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.6195_none_d09154e044272b9a\msvcp80.dll
15:49:41.0332 4524 C:\Windows\winsxs\x86_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.6195_none_d09154e044272b9a\msvcp80.dll - ok
15:49:41.0332 4524 [ C9564CF4976E7E96B4052737AA2492B4 ] C:\Windows\winsxs\x86_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.6195_none_d09154e044272b9a\msvcr80.dll
15:49:41.0332 4524 C:\Windows\winsxs\x86_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.6195_none_d09154e044272b9a\msvcr80.dll - ok
15:49:41.0332 4524 [ 38B13C0DF479DBA23ECFA815159BA86E ] C:\Windows\System32\ktmw32.dll
15:49:41.0332 4524 C:\Windows\System32\ktmw32.dll - ok
15:49:41.0332 4524 [ 40B82688907A7DBA4DB3B5ADDE3EAB3B ] C:\Windows\System32\mfplat.dll
15:49:41.0332 4524 C:\Windows\System32\mfplat.dll - ok
15:49:41.0332 4524 [ 512A9FC80129AF68F3395CEDA0ACC965 ] C:\Program Files\Toshiba\SmartFaceV\FaceRec.dll
15:49:41.0332 4524 C:\Program Files\Toshiba\SmartFaceV\FaceRec.dll - ok
15:49:41.0332 4524 [ 0C0DF0F05BAEA320FA301F34E256E08B ] C:\Windows\System32\dpx.dll
15:49:41.0332 4524 C:\Windows\System32\dpx.dll - ok
15:49:41.0332 4524 [ 8896EF6DEBA34C5507A488729A1D3AF2 ] C:\Windows\winsxs\x86_microsoft-windows-servicingstack_31bf3856ad364e35_6.1.7601.17592_none_0b0e4b4025cf4049\wcp.dll
15:49:41.0332 4524 C:\Windows\winsxs\x86_microsoft-windows-servicingstack_31bf3856ad364e35_6.1.7601.17592_none_0b0e4b4025cf4049\wcp.dll - ok
15:49:41.0332 4524 [ 2A3DBA2D82EBF9DA8950F76B440540BD ] C:\Program Files\Toshiba\SmartFaceV\FaceHI.dll
15:49:41.0332 4524 C:\Program Files\Toshiba\SmartFaceV\FaceHI.dll - ok
15:49:41.0332 4524 [ 1F2065C1262E2A6F26C3864177C535DC ] C:\Program Files\Toshiba\SmartFaceV\SmartFaceVLogOn.dll
15:49:41.0332 4524 C:\Program Files\Toshiba\SmartFaceV\SmartFaceVLogOn.dll - ok
15:49:41.0332 4524 [ 6D8CACF3B1B54943EFCF420C2D667B37 ] C:\Windows\System32\certCredProvider.dll
15:49:41.0332 4524 C:\Windows\System32\certCredProvider.dll - ok
15:49:41.0332 4524 [ D5B6BA211A1E7C8CD001A613788B238D ] C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDCREDPROV.DLL
15:49:41.0332 4524 C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDCREDPROV.DLL - ok
15:49:41.0332 4524 [ FFE4BEC5C187C426A17AE76A773063A6 ] C:\Windows\System32\rasplap.dll
15:49:41.0332 4524 C:\Windows\System32\rasplap.dll - ok
15:49:41.0332 4524 [ 839F96DBAAFD3353E0B248A5E0BD2A51 ] C:\Windows\System32\rasapi32.dll
15:49:41.0332 4524 C:\Windows\System32\rasapi32.dll - ok
15:49:41.0342 4524 [ FFA7172354B9256DBB2CDD75F16F33FE ] C:\Windows\System32\rasman.dll
15:49:41.0342 4524 C:\Windows\System32\rasman.dll - ok
15:49:41.0342 4524 [ 0915C4DB6DBC3BB9E11B7ECBBE4B7159 ] C:\Windows\System32\rtutils.dll
15:49:41.0342 4524 C:\Windows\System32\rtutils.dll - ok
15:49:41.0342 4524 [ 8E01332CC4B68BC6B5B7EFFE374442AA ] C:\Windows\System32\oleacc.dll
15:49:41.0342 4524 C:\Windows\System32\oleacc.dll - ok
15:49:41.0342 4524 [ 4CCF86AAD1B67168FB51A477307EC288 ] C:\Windows\winsxs\x86_microsoft-windows-servicingstack_31bf3856ad364e35_6.1.7601.17592_none_0b0e4b4025cf4049\DrUpdate.dll
15:49:41.0342 4524 C:\Windows\winsxs\x86_microsoft-windows-servicingstack_31bf3856ad364e35_6.1.7601.17592_none_0b0e4b4025cf4049\DrUpdate.dll - ok
15:49:41.0342 4524 [ B9A8CBCFCD3EC9D2EA4740AF347BF108 ] C:\Windows\System32\mpr.dll
15:49:41.0342 4524 C:\Windows\System32\mpr.dll - ok
15:49:41.0342 4524 [ FD049C25A168D3DE310D9207B7B6367B ] C:\Windows\System32\UIAutomationCore.dll
15:49:41.0342 4524 C:\Windows\System32\UIAutomationCore.dll - ok
15:49:41.0342 4524 [ AA376FE53D239EC404AD28AA14F33564 ] C:\Windows\System32\srclient.dll
15:49:41.0342 4524 C:\Windows\System32\srclient.dll - ok
15:49:41.0342 4524 [ 971A36C4827AD1AE2A54E6407478921A ] C:\Windows\System32\spp.dll
15:49:41.0342 4524 C:\Windows\System32\spp.dll - ok
15:49:41.0342 4524 [ 18AB2E5A40064ED5F7791AC5946A90F3 ] C:\Windows\System32\msimg32.dll
15:49:41.0342 4524 C:\Windows\System32\msimg32.dll - ok
15:49:41.0342 4524 [ 13337A3FB17F2242487FD45488ED0485 ] C:\Windows\System32\vssapi.dll
15:49:41.0342 4524 C:\Windows\System32\vssapi.dll - ok
15:49:41.0342 4524 [ B940289C83121046BD6A60ACC6028593 ] C:\Windows\System32\vsstrace.dll
15:49:41.0342 4524 C:\Windows\System32\vsstrace.dll - ok
15:49:41.0342 4524 [ C9B89E87CB6D87FA4CC3F04EBC9F3D1C ] C:\Windows\winsxs\x86_microsoft-windows-servicingstack_31bf3856ad364e35_6.1.7601.17592_none_0b0e4b4025cf4049\wrpint.dll
15:49:41.0342 4524 C:\Windows\winsxs\x86_microsoft-windows-servicingstack_31bf3856ad364e35_6.1.7601.17592_none_0b0e4b4025cf4049\wrpint.dll - ok
15:49:41.0342 4524 [ BBED6A14692C48279F88B3127206A1BA ] C:\Windows\System32\sxsstore.dll
15:49:41.0342 4524 C:\Windows\System32\sxsstore.dll - ok
15:49:41.0342 4524 [ CE292C4C10B8DB6070F262EA2733F0DC ] C:\Windows\System32\sqmapi.dll
15:49:41.0342 4524 C:\Windows\System32\sqmapi.dll - ok
15:49:41.0342 4524 [ 081E6E1C91AEC36758902A9F727CD23C ] C:\Windows\System32\uxsms.dll
15:49:41.0342 4524 C:\Windows\System32\uxsms.dll - ok
15:49:41.0342 4524 [ D5CF1536137026ACDED95BF6CBF849F6 ] C:\Windows\System32\WUDFPlatform.dll
15:49:41.0342 4524 C:\Windows\System32\WUDFPlatform.dll - ok
15:49:41.0342 4524 [ A90DC9ABD65DB1A8902F361103029952 ] C:\Windows\System32\IPHLPAPI.DLL
15:49:41.0342 4524 C:\Windows\System32\IPHLPAPI.DLL - ok
15:49:41.0342 4524 [ 6F8E3B7B70E1BBA871212940C1FBDF60 ] C:\Windows\System32\SensApi.dll
15:49:41.0342 4524 C:\Windows\System32\SensApi.dll - ok
15:49:41.0342 4524 [ FB19FC5951A88F3C523E35C2C98D23C0 ] C:\Windows\System32\webio.dll
15:49:41.0342 4524 C:\Windows\System32\webio.dll - ok
15:49:41.0342 4524 [ CFF35B879D1618D42C86644C717BA947 ] C:\Windows\System32\winnsi.dll
15:49:41.0342 4524 C:\Windows\System32\winnsi.dll - ok
15:49:41.0342 4524 [ F7611EC07349979DA9B0AE1F18CCC7A6 ] C:\Windows\System32\drivers\lltdio.sys
15:49:41.0342 4524 C:\Windows\System32\drivers\lltdio.sys - ok
15:49:41.0342 4524 [ 26384429FCD85D83746F63E798AB1480 ] C:\Windows\System32\drivers\nwifi.sys
15:49:41.0342 4524 C:\Windows\System32\drivers\nwifi.sys - ok
15:49:41.0342 4524 [ D8A65DAFB3EB41CBB622745676FCD072 ] C:\Windows\System32\drivers\ndisuio.sys
15:49:41.0342 4524 C:\Windows\System32\drivers\ndisuio.sys - ok
15:49:41.0342 4524 [ EF71BA5DF59034962B0C62314A71351A ] C:\Windows\System32\dhcpcore6.dll
15:49:41.0342 4524 C:\Windows\System32\dhcpcore6.dll - ok
15:49:41.0342 4524 [ 032B0D36AD92B582D869879F5AF5B928 ] C:\Windows\System32\drivers\rspndr.sys
15:49:41.0342 4524 C:\Windows\System32\drivers\rspndr.sys - ok
15:49:41.0342 4524 [ D2A937964199F647B1C3BC435712E5D9 ] C:\Windows\System32\nrpsrv.dll
15:49:41.0342 4524 C:\Windows\System32\nrpsrv.dll - ok
15:49:41.0352 4524 [ 100103C6535C66265267F5EEA5F5846E ] C:\Windows\System32\dnsext.dll
15:49:41.0352 4524 C:\Windows\System32\dnsext.dll - ok
15:49:41.0352 4524 [ 33EF4861F19A0736B11314AAD9AE28D0 ] C:\Windows\System32\dnsrslvr.dll
15:49:41.0352 4524 C:\Windows\System32\dnsrslvr.dll - ok
15:49:41.0352 4524 [ 9A892B3439884C62B04718F0303A49E9 ] C:\Windows\System32\eapphost.dll
15:49:41.0352 4524 C:\Windows\System32\eapphost.dll - ok
15:49:41.0352 4524 [ 03A03A453F1AAAE0C73AAAF895321C7A ] C:\Windows\System32\FWPUCLNT.DLL
15:49:41.0352 4524 C:\Windows\System32\FWPUCLNT.DLL - ok
15:49:41.0352 4524 [ 9A85ABCE0FDD1AF8E79E731EB0B679F3 ] C:\Windows\System32\dhcpcsvc.dll
15:49:41.0352 4524 C:\Windows\System32\dhcpcsvc.dll - ok
15:49:41.0352 4524 [ 81F6C1AE23B1C493D9E996C3103915D7 ] C:\Windows\System32\dhcpcsvc6.dll
15:49:41.0352 4524 C:\Windows\System32\dhcpcsvc6.dll - ok
15:49:41.0352 4524 [ 6B2609E5DB23E05E86290F6054117C56 ] C:\Program Files\Cisco\Cisco LEAP Module\CiscoEapLeap.dll
15:49:41.0352 4524 C:\Program Files\Cisco\Cisco LEAP Module\CiscoEapLeap.dll - ok
15:49:41.0352 4524 [ C5C72A7CD3F547B0B0D3D542E69F670A ] C:\Program Files\Cisco\Cisco PEAP Module\CiscoEapPeap.dll
15:49:41.0352 4524 C:\Program Files\Cisco\Cisco PEAP Module\CiscoEapPeap.dll - ok
15:49:41.0352 4524 [ DAF473A146A3D77B4E26C1F809997329 ] C:\Program Files\Cisco\Cisco EAP-FAST Module\CiscoEapFast.dll
15:49:41.0352 4524 C:\Program Files\Cisco\Cisco EAP-FAST Module\CiscoEapFast.dll - ok
15:49:41.0352 4524 [ 6944501ED659F2C835F8DD16182C9330 ] C:\Windows\System32\rastls.dll
15:49:41.0352 4524 C:\Windows\System32\rastls.dll - ok
15:49:41.0352 4524 [ 207CF171B1C6B8AE50C1FBF87363EEBC ] C:\Windows\System32\raschap.dll
15:49:41.0352 4524 C:\Windows\System32\raschap.dll - ok
15:49:41.0352 4524 [ D33E95C0A2754061233B58DC41F8094C ] C:\Windows\System32\umb.dll
15:49:41.0352 4524 C:\Windows\System32\umb.dll - ok
15:49:41.0352 4524 [ 3C9035085141162416A0DD34DBF3F3C1 ] C:\Windows\System32\wlanmsm.dll
15:49:41.0352 4524 C:\Windows\System32\wlanmsm.dll - ok
15:49:41.0352 4524 [ 20C06A50DFC097E134BC6FA8444CA9BC ] C:\Windows\System32\wlansec.dll
15:49:41.0352 4524 C:\Windows\System32\wlansec.dll - ok
15:49:41.0352 4524 [ F748F53FE09D21D8ECBB6421E6792024 ] C:\Windows\System32\onex.dll
15:49:41.0352 4524 C:\Windows\System32\onex.dll - ok
15:49:41.0352 4524 [ 5A5FEDDF02588B8F9FE4A95E5E7EAE97 ] C:\Windows\System32\eappcfg.dll
15:49:41.0352 4524 C:\Windows\System32\eappcfg.dll - ok
15:49:41.0352 4524 [ 666E57B6B51824D1D235F80A3DD70A13 ] C:\Windows\System32\eappprxy.dll
15:49:41.0352 4524 C:\Windows\System32\eappprxy.dll - ok
15:49:41.0352 4524 [ C1585EAA67C37A05BF6F93726FAFC069 ] C:\Windows\System32\l2gpstore.dll
15:49:41.0352 4524 C:\Windows\System32\l2gpstore.dll - ok
15:49:41.0352 4524 [ 1D6A771D1D702AE07919DB52C889A249 ] C:\Windows\System32\wlanutil.dll
15:49:41.0352 4524 C:\Windows\System32\wlanutil.dll - ok
15:49:41.0352 4524 [ 749F9795F01C35EEBE100A87D82B9681 ] C:\Windows\System32\wlgpclnt.dll
15:49:41.0352 4524 C:\Windows\System32\wlgpclnt.dll - ok
15:49:41.0352 4524 [ 9419ABF3163B6F0E3AD3DD2B381C879F ] C:\Windows\System32\WinSCard.dll
15:49:41.0352 4524 C:\Windows\System32\WinSCard.dll - ok
15:49:41.0352 4524 [ D9A9702E43A5859896F34898D5FD3FEC ] C:\Windows\System32\msxml6.dll
15:49:41.0352 4524 C:\Windows\System32\msxml6.dll - ok
15:49:41.0352 4524 [ E6D90DC604F407B3B5E0FD285E46B2A0 ] C:\Windows\System32\fveapi.dll
15:49:41.0352 4524 C:\Windows\System32\fveapi.dll - ok
15:49:41.0352 4524 [ C87F28A34B3840F4B40011D170B1A159 ] C:\Windows\System32\fvecerts.dll
15:49:41.0352 4524 C:\Windows\System32\fvecerts.dll - ok
15:49:41.0352 4524 [ EAFC149CD3BD78C443E31BB157841197 ] C:\Windows\System32\tbs.dll
15:49:41.0352 4524 C:\Windows\System32\tbs.dll - ok
15:49:41.0352 4524 [ E2D56AE1D40E3725084054CD8E9CFBB1 ] C:\Windows\System32\wiarpc.dll
15:49:41.0352 4524 C:\Windows\System32\wiarpc.dll - ok
15:49:41.0352 4524 [ 1C3E8371377E988B683797A132EFFE1B ] C:\Windows\System32\taskcomp.dll
15:49:41.0352 4524 C:\Windows\System32\taskcomp.dll - ok
15:49:41.0362 4524 [ 1FF7E4F548C7C372C804938F0D5B36AE ] C:\Windows\System32\netcfgx.dll
15:49:41.0362 4524 C:\Windows\System32\netcfgx.dll - ok
15:49:41.0362 4524 [ 8F2DA3028D5FCBD1A060A3DE64CD6506 ] C:\Windows\System32\drivers\bowser.sys
15:49:41.0362 4524 C:\Windows\System32\drivers\bowser.sys - ok
15:49:41.0362 4524 [ AD2723A7B53DD1AACAE6AD8C0BFBF4D0 ] C:\Windows\System32\drivers\mpsdrv.sys
15:49:41.0362 4524 C:\Windows\System32\drivers\mpsdrv.sys - ok
15:49:41.0362 4524 [ 5D16C921E3671636C0EBA3BBAAC5FD25 ] C:\Windows\System32\drivers\mrxsmb.sys
15:49:41.0362 4524 C:\Windows\System32\drivers\mrxsmb.sys - ok
15:49:41.0362 4524 [ 6D17A4791ACA19328C685D256349FEFC ] C:\Windows\System32\drivers\mrxsmb10.sys
15:49:41.0362 4524 C:\Windows\System32\drivers\mrxsmb10.sys - ok
15:49:41.0362 4524 [ 019C372B1A9DA73A22D0D35A4D40F5C9 ] C:\Windows\System32\wfapigp.dll
15:49:41.0362 4524 C:\Windows\System32\wfapigp.dll - ok
15:49:41.0362 4524 [ B81F204D146000BE76651A50670A5E9E ] C:\Windows\System32\drivers\mrxsmb20.sys
15:49:41.0362 4524 C:\Windows\System32\drivers\mrxsmb20.sys - ok
15:49:41.0362 4524 [ 2EA877ED5DD9713C5AC74E8EA7348D14 ] C:\Windows\System32\drivers\parport.sys
15:49:41.0362 4524 C:\Windows\System32\drivers\parport.sys - ok
15:49:41.0362 4524 [ FEB0B5022C012A4A68DABCB711FAFF03 ] C:\Program Files\Trend Micro\AMSP\coreServiceShell.exe
15:49:41.0362 4524 C:\Program Files\Trend Micro\AMSP\coreServiceShell.exe - ok
15:49:41.0362 4524 [ 7F8678C59F188528D60104E697C2361E ] C:\Windows\System32\mscms.dll
15:49:41.0362 4524 C:\Windows\System32\mscms.dll - ok
15:49:41.0362 4524 [ 5E60B831680050819CBE6A6527742096 ] C:\Program Files\Trend Micro\AMSP\utilGenericLoader.dll
15:49:41.0362 4524 C:\Program Files\Trend Micro\AMSP\utilGenericLoader.dll - ok
15:49:41.0362 4524 [ E5F607501A8FF7E09531F533E94302B8 ] C:\Program Files\Trend Micro\AMSP\utilDebugLog.dll
15:49:41.0362 4524 C:\Program Files\Trend Micro\AMSP\utilDebugLog.dll - ok
15:49:41.0362 4524 [ 3AA91575233E69A2BF5202A2BB260EC7 ] C:\Program Files\Trend Micro\AMSP\boost_thread-vc80-mt-1_36.dll
15:49:41.0362 4524 C:\Program Files\Trend Micro\AMSP\boost_thread-vc80-mt-1_36.dll - ok
15:49:41.0362 4524 [ 110F7A199FEDAC5D4792B02002ED5A3A ] C:\Program Files\Trend Micro\AMSP\boost_date_time-vc80-mt-1_36.dll
15:49:41.0362 4524 C:\Program Files\Trend Micro\AMSP\boost_date_time-vc80-mt-1_36.dll - ok
15:49:41.0362 4524 [ 8DF6CFE21DD741A7A3448227C4C97E1E ] C:\Program Files\Trend Micro\AMSP\utilInstallation.dll
15:49:41.0362 4524 C:\Program Files\Trend Micro\AMSP\utilInstallation.dll - ok
15:49:41.0362 4524 [ 77FFF9094774AA4FFABDE0452FA07ADB ] C:\Program Files\Trend Micro\AMSP\utilComponentInfo.dll
15:49:41.0362 4524 C:\Program Files\Trend Micro\AMSP\utilComponentInfo.dll - ok
15:49:41.0362 4524 [ FF5D279FB10F5BC8D6990E7A52565112 ] C:\Program Files\Trend Micro\AMSP\utilMsgBuffer.dll
15:49:41.0362 4524 C:\Program Files\Trend Micro\AMSP\utilMsgBuffer.dll - ok
15:49:41.0362 4524 [ 38B819307398E120A8FAF56524BD6854 ] C:\Program Files\Trend Micro\AMSP\utilThread.dll
15:49:41.0362 4524 C:\Program Files\Trend Micro\AMSP\utilThread.dll - ok
15:49:41.0362 4524 [ A5299D04ED225D64CF07A568A3E1BF8C ] C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
15:49:41.0362 4524 C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe - ok
15:49:41.0362 4524 [ 9595E77641CE2BC39B26BD75CC77402F ] C:\Program Files\Trend Micro\UniClient\UiFrmwrk\uiWatchDog.exe
15:49:41.0362 4524 C:\Program Files\Trend Micro\UniClient\UiFrmwrk\uiWatchDog.exe - ok
15:49:41.0362 4524 [ 848BC9A0BB2361E549FD4C22D7548FB8 ] C:\Program Files\Common Files\Apple\Apple Application Support\AppleVersions.dll
15:49:41.0362 4524 C:\Program Files\Common Files\Apple\Apple Application Support\AppleVersions.dll - ok
15:49:41.0372 4524 [ D339D7F6E52AECCA9C0898CB547B2902 ] C:\Program Files\Common Files\Apple\Apple Application Support\YSCrashDump.dll
15:49:41.0372 4524 C:\Program Files\Common Files\Apple\Apple Application Support\YSCrashDump.dll - ok
15:49:41.0372 4524 [ 47005361FF2A479A0554F352266BAED3 ] C:\Windows\System32\conhost.exe
15:49:41.0372 4524 C:\Windows\System32\conhost.exe - ok
15:49:41.0372 4524 [ 5F3347EBA403EE64780980A5BAF10304 ] C:\Program Files\Common Files\Apple\Apple Application Support\CoreFoundation.dll
15:49:41.0372 4524 C:\Program Files\Common Files\Apple\Apple Application Support\CoreFoundation.dll - ok
15:49:41.0372 4524 [ 84F4B0653AE23D48C5D3B653EA59DE6E ] C:\Program Files\Trend Micro\AMSP\coreFrameworkHost.exe
15:49:41.0372 4524 C:\Program Files\Trend Micro\AMSP\coreFrameworkHost.exe - ok
15:49:41.0372 4524 [ 09B7E7CD6F202247B3CF2306108589C2 ] C:\Program Files\Common Files\Apple\Apple Application Support\libdispatch.dll
15:49:41.0372 4524 C:\Program Files\Common Files\Apple\Apple Application Support\libdispatch.dll - ok
15:49:41.0372 4524 [ 32D78DCABFB942275E01363D5232C77D ] C:\Program Files\Common Files\Apple\Apple Application Support\objc.dll
15:49:41.0372 4524 C:\Program Files\Common Files\Apple\Apple Application Support\objc.dll - ok
15:49:41.0372 4524 [ 152F8772D5A5CD7883305C3B8D28470E ] C:\Program Files\Common Files\Apple\Apple Application Support\pthreadVC2.dll
15:49:41.0372 4524 C:\Program Files\Common Files\Apple\Apple Application Support\pthreadVC2.dll - ok
15:49:41.0372 4524 [ DF13A51A5C591887D2EC6AE64CEED0FA ] C:\Windows\System32\wsock32.dll
15:49:41.0372 4524 C:\Windows\System32\wsock32.dll - ok
15:49:41.0372 4524 [ 5A963C340DE1A01BA6E24945CE05D16A ] C:\Program Files\Common Files\Apple\Apple Application Support\libicuin.dll
15:49:41.0372 4524 C:\Program Files\Common Files\Apple\Apple Application Support\libicuin.dll - ok
15:49:41.0372 4524 [ 09588529557D695FA74275AF7C69219F ] C:\Program Files\Trend Micro\AMSP\sqlite3.dll
15:49:41.0372 4524 C:\Program Files\Trend Micro\AMSP\sqlite3.dll - ok
15:49:41.0372 4524 [ F4BC62990E7E5C29799A895B80FC3177 ] C:\Program Files\Common Files\Apple\Apple Application Support\libicuuc.dll
15:49:41.0372 4524 C:\Program Files\Common Files\Apple\Apple Application Support\libicuuc.dll - ok
15:49:41.0372 4524 [ 149D74E1128A86DC9CFB2851FBEA11EB ] C:\Program Files\Common Files\Apple\Apple Application Support\icudt46.dll
15:49:41.0372 4524 C:\Program Files\Common Files\Apple\Apple Application Support\icudt46.dll - ok
15:49:41.0372 4524 [ BA02F01BE7ED88E8974C798ACB3075F5 ] C:\Program Files\Common Files\Apple\Apple Application Support\ASL.dll
15:49:41.0372 4524 C:\Program Files\Common Files\Apple\Apple Application Support\ASL.dll - ok
15:49:41.0372 4524 [ 4E4EDF9CA82E95BAB2977DD9F21B00F6 ] C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService_main.dll
15:49:41.0372 4524 C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService_main.dll - ok
15:49:41.0372 4524 [ 062373995EAE5F0EAC9EAA9192136BFB ] C:\Windows\System32\dnssd.dll
15:49:41.0372 4524 C:\Windows\System32\dnssd.dll - ok
15:49:41.0372 4524 [ 0E1B02C9CC352A1F61703B7D1A8A2C45 ] C:\Program Files\Common Files\Apple\Mobile Device Support\MobileDevice.dll
15:49:41.0372 4524 C:\Program Files\Common Files\Apple\Mobile Device Support\MobileDevice.dll - ok
15:49:41.0372 4524 [ 6163664C7E9CD110AF70180C126C3FDC ] C:\Program Files\Microsoft Small Business\Business Contact Manager\BcmSqlStartupSvc.exe
15:49:41.0372 4524 C:\Program Files\Microsoft Small Business\Business Contact Manager\BcmSqlStartupSvc.exe - ok
15:49:41.0372 4524 [ DB5BEA73EDAF19AC68B2C0FAD0F92B1A ] C:\Program Files\Bonjour\mDNSResponder.exe
15:49:41.0372 4524 C:\Program Files\Bonjour\mDNSResponder.exe - ok
15:49:41.0372 4524 [ AF54247F97CCF3539DE7505C09972FF9 ] C:\Program Files\Common Files\Apple\Apple Application Support\CFNetwork.dll
15:49:41.0372 4524 C:\Program Files\Common Files\Apple\Apple Application Support\CFNetwork.dll - ok
15:49:41.0372 4524 [ 2E14406E05789F91C9282AE7CFCA3A07 ] C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
15:49:41.0372 4524 C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll - ok
15:49:41.0372 4524 [ CA79539D3D4C0BA66F0F051A5EE5E923 ] C:\Windows\System32\cryptnet.dll
15:49:41.0372 4524 C:\Windows\System32\cryptnet.dll - ok
15:49:41.0372 4524 [ 3F6D9269E7B3A754B1C2F8533DC7F318 ] C:\Windows\System32\efscore.dll
15:49:41.0372 4524 C:\Windows\System32\efscore.dll - ok
15:49:41.0372 4524 [ 359C3AC547AA1D24EED35BE3AB3759DC ] C:\Windows\System32\efsutil.dll
15:49:41.0372 4524 C:\Windows\System32\efsutil.dll - ok
15:49:41.0382 4524 [ 544EFF88AC6C85DF5A4D6F18DFE08CFC ] C:\Windows\System32\taskschd.dll
15:49:41.0382 4524 C:\Windows\System32\taskschd.dll - ok
15:49:41.0382 4524 [ 73F6C5223F7E9B5780DD4A6C30FCF569 ] C:\Windows\System32\WSDApi.dll
15:49:41.0382 4524 C:\Windows\System32\WSDApi.dll - ok
15:49:41.0382 4524 [ 210388FD8225B02BD83D77628AAE64A9 ] C:\Windows\System32\XAudio32.dll
15:49:41.0382 4524 C:\Windows\System32\XAudio32.dll - ok
15:49:41.0382 4524 [ DBC1136A62BD4DECC3632DF650284C2E ] C:\Program Files\Intel\Intel® Management Engine Components\LMS\LMS.exe
15:49:41.0382 4524 C:\Program Files\Intel\Intel® Management Engine Components\LMS\LMS.exe - ok
15:49:41.0382 4524 [ DB846EECA70EE9D2E2FF31147C57B0F4 ] C:\Windows\System32\webservices.dll
15:49:41.0382 4524 C:\Windows\System32\webservices.dll - ok
15:49:41.0382 4524 [ 5845B1C54380FB980F68024B3A8B1E66 ] C:\Windows\System32\vpnikeapi.dll
15:49:41.0382 4524 C:\Windows\System32\vpnikeapi.dll - ok
15:49:41.0382 4524 [ 0CEA2D0D3FA284B85ED5B68365114F76 ] C:\Windows\System32\drivers\mdmxsdk.sys
15:49:41.0382 4524 C:\Windows\System32\drivers\mdmxsdk.sys - ok
15:49:41.0382 4524 [ 837608240884733792DDAE81E50B802A ] C:\Program Files\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe
15:49:41.0382 4524 C:\Program Files\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe - ok
15:49:41.0382 4524 [ 89D90579E5FB1469CB0464F6512E42B7 ] C:\Windows\System32\fundisc.dll
15:49:41.0382 4524 C:\Windows\System32\fundisc.dll - ok
15:49:41.0382 4524 [ 8BA9851E671E8B5E49E303748FFD530C ] C:\Program Files\Common Files\Apple\Apple Application Support\SQLite3.dll
15:49:41.0382 4524 C:\Program Files\Common Files\Apple\Apple Application Support\SQLite3.dll - ok
15:49:41.0382 4524 [ 73862FF693168369A90F046E7F227B83 ] C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
15:49:41.0382 4524 C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll - ok
15:49:41.0382 4524 [ 8CD1DEE212E52B9C22E66DBA44991D32 ] C:\Windows\System32\httpapi.dll
15:49:41.0382 4524 C:\Windows\System32\httpapi.dll - ok
15:49:41.0382 4524 [ D6D4130C0BBC0D18C2DA703CC38260A9 ] C:\Program Files\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlos.dll
15:49:41.0382 4524 C:\Program Files\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlos.dll - ok
15:49:41.0382 4524 [ E111CED19D6A9FF9BBA5C219D0C5A3CE ] C:\Program Files\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\opends60.dll
15:49:41.0382 4524 C:\Program Files\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\opends60.dll - ok
15:49:41.0382 4524 [ 7B193BA3F0245D5867B71AD1CF631474 ] C:\Program Files\Microsoft SQL Server\90\Shared\instapi.dll
15:49:41.0382 4524 C:\Program Files\Microsoft SQL Server\90\Shared\instapi.dll - ok
15:49:41.0382 4524 [ 1AF54261C283BAFB021B3D84A7BAE978 ] C:\Program Files\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\SQLBOOT.dll
15:49:41.0382 4524 C:\Program Files\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\SQLBOOT.dll - ok
15:49:41.0382 4524 [ 2F86BE1818C2D7AC90478E3323EE7FCB ] C:\Program Files\Norton PC Checkup\Engine\2.0.3.202\ccSvcHst.exe
15:49:41.0382 4524 C:\Program Files\Norton PC Checkup\Engine\2.0.3.202\ccSvcHst.exe - ok
15:49:41.0382 4524 [ 140D9F911182357626165EA0BEB98C4F ] C:\Windows\System32\ncsi.dll
15:49:41.0382 4524 C:\Windows\System32\ncsi.dll - ok
15:49:41.0382 4524 [ 28E2231BD34A39C854BDF3923AB2FF86 ] C:\Windows\System32\ssdpapi.dll
15:49:41.0382 4524 C:\Windows\System32\ssdpapi.dll - ok
15:49:41.0382 4524 [ 4C39358EBDD2FFCD9132A30E1EC31E16 ] C:\Windows\winsxs\x86_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.6161_none_50934f2ebcb7eb57\msvcp90.dll
15:49:41.0382 4524 C:\Windows\winsxs\x86_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.6161_none_50934f2ebcb7eb57\msvcp90.dll - ok
15:49:41.0382 4524 [ CDBE9690CF2B8409FACAD94FAC9479C9 ] C:\Windows\winsxs\x86_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.6161_none_50934f2ebcb7eb57\msvcr90.dll
15:49:41.0382 4524 C:\Windows\winsxs\x86_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.6161_none_50934f2ebcb7eb57\msvcr90.dll - ok
15:49:41.0382 4524 [ 88104CCBC329D185A881031A11259229 ] C:\Program Files\Norton PC Checkup\Engine\2.0.3.202\ccL90U.dll
15:49:41.0382 4524 C:\Program Files\Norton PC Checkup\Engine\2.0.3.202\ccL90U.dll - ok
15:49:41.0392 4524 [ 465BEA35F7ED4A4A57686DEA7EA10F47 ] C:\Windows\System32\cscapi.dll
15:49:41.0392 4524 C:\Windows\System32\cscapi.dll - ok
15:49:41.0392 4524 [ 247FE8DEFBB95A4319C7B4B215F92891 ] C:\Program Files\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\Resources\1033\sqlevn70.rll
15:49:41.0392 4524 C:\Program Files\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\Resources\1033\sqlevn70.rll - ok
15:49:41.0392 4524 [ 40947436A70E0034E41123DF5A0A7702 ] C:\Program Files\Bonjour\mdnsNSP.dll
15:49:41.0392 4524 C:\Program Files\Bonjour\mdnsNSP.dll - ok
15:49:41.0392 4524 [ 835BFF67EBD89BCE0B13460B2A56C53E ] C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDNSP.DLL
15:49:41.0392 4524 C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDNSP.DLL - ok
15:49:41.0392 4524 [ ED6EE83D61EBC683C2CD8E899EA6FEBE ] C:\Windows\System32\rasadhlp.dll
15:49:41.0392 4524 C:\Windows\System32\rasadhlp.dll - ok
15:49:41.0392 4524 [ 0921ED273D89BA9778437ECD26B6A78A ] C:\Program Files\Norton PC Checkup\Engine\2.0.3.202\ccVrTrst.dll
15:49:41.0392 4524 C:\Program Files\Norton PC Checkup\Engine\2.0.3.202\ccVrTrst.dll - ok
15:49:41.0392 4524 [ 9E0104BA49F4E6973749A02BF41344ED ] C:\Windows\System32\drivers\PEAuth.sys
15:49:41.0392 4524 C:\Windows\System32\drivers\PEAuth.sys - ok
15:49:41.0392 4524 [ F07AF60B152221472FBDB2FECEC4896D ] C:\Program Files\Skype\Updater\Updater.exe
15:49:41.0392 4524 C:\Program Files\Skype\Updater\Updater.exe - ok
15:49:41.0392 4524 [ 90A3935D05B494A5A39D37E71F09A677 ] C:\Windows\System32\drivers\secdrv.sys
15:49:41.0392 4524 C:\Windows\System32\drivers\secdrv.sys - ok
15:49:41.0392 4524 [ 1B0EC94520CAB89A9CE1B2DA405166AF ] C:\Windows\System32\p2pcollab.dll
15:49:41.0392 4524 C:\Windows\System32\p2pcollab.dll - ok
15:49:41.0392 4524 [ 9FD6496B6D91C8BE2A10BD55EAE2D5F2 ] C:\Windows\System32\fveui.dll
15:49:41.0392 4524 C:\Windows\System32\fveui.dll - ok
15:49:41.0392 4524 [ 86EBD8B1F23E743AAD21F4D5B4D40985 ] C:\Program Files\Microsoft SQL Server\90\Shared\sqlbrowser.exe
15:49:41.0392 4524 C:\Program Files\Microsoft SQL Server\90\Shared\sqlbrowser.exe - ok
15:49:41.0392 4524 [ D89083C4EB02DACA8F944B0E05E57F9D ] C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
15:49:41.0392 4524 C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe - ok
15:49:41.0392 4524 [ 0D77436DA61BE7338BC600F0D8773331 ] C:\Program Files\Microsoft SQL Server\90\Shared\sqlwvss.dll
15:49:41.0392 4524 C:\Program Files\Microsoft SQL Server\90\Shared\sqlwvss.dll - ok
15:49:41.0392 4524 [ BE6BD660CAA6F291AE06A718A4FA8ABC ] C:\Windows\System32\drivers\srvnet.sys
15:49:41.0392 4524 C:\Windows\System32\drivers\srvnet.sys - ok
15:49:41.0392 4524 [ 3EEBD3BD93DA46A26E89893C7AB2FF3B ] C:\Windows\System32\drivers\tcpipreg.sys
15:49:41.0392 4524 C:\Windows\System32\drivers\tcpipreg.sys - ok
15:49:41.0392 4524 [ FE65D33B7D4FF07DD1D29526A48DF810 ] C:\Windows\System32\TODDSrv.exe
15:49:41.0392 4524 C:\Windows\System32\TODDSrv.exe - ok
15:49:41.0392 4524 [ B087F2B901570F6EF62F6C2E01A480F3 ] C:\Windows\System32\wiatrace.dll
15:49:41.0392 4524 C:\Windows\System32\wiatrace.dll - ok
15:49:41.0392 4524 [ 4050600091370422C9B20AC34DC1ACAC ] C:\Program Files\Norton PC Checkup\Engine\2.0.3.202\ccSvc.dll
15:49:41.0392 4524 C:\Program Files\Norton PC Checkup\Engine\2.0.3.202\ccSvc.dll - ok
15:49:41.0392 4524 [ 85EDF7A274435E4DF051BB23F8E01581 ] C:\Program Files\Toshiba\Power Saver\TosCoSrv.exe
15:49:41.0392 4524 C:\Program Files\Toshiba\Power Saver\TosCoSrv.exe - ok
15:49:41.0392 4524 [ 09A06ECC3CE3048B17F25F75ACC63D14 ] C:\Program Files\Norton PC Checkup\Engine\2.0.3.202\ccIPC.dll
15:49:41.0392 4524 C:\Program Files\Norton PC Checkup\Engine\2.0.3.202\ccIPC.dll - ok
15:49:41.0392 4524 [ 725E8022808C6B92D99EF36F2E9FCE02 ] C:\Program Files\Norton PC Checkup\Engine\2.0.3.202\diMaster.dll
15:49:41.0392 4524 C:\Program Files\Norton PC Checkup\Engine\2.0.3.202\diMaster.dll - ok
15:49:41.0402 4524 [ 2B61F6766CAE1125C00DD9DDD268D876 ] C:\Program Files\Norton PC Checkup\Engine\2.0.3.202\ccSet.dll
15:49:41.0402 4524 C:\Program Files\Norton PC Checkup\Engine\2.0.3.202\ccSet.dll - ok
15:49:41.0402 4524 [ 5B465C535EA4F73C4B14A1320B8CA5F8 ] C:\Program Files\Norton PC Checkup\Engine\2.0.3.202\ccJobMgr.dll
15:49:41.0402 4524 C:\Program Files\Norton PC Checkup\Engine\2.0.3.202\ccJobMgr.dll - ok
15:49:41.0402 4524 [ 829F9461E33F7332DF88F07A574DE929 ] C:\Program Files\Toshiba\Power Saver\TPwrReg.dll
15:49:41.0402 4524 C:\Program Files\Toshiba\Power Saver\TPwrReg.dll - ok
15:49:41.0402 4524 [ B0E2AA53E8B930FAA21E2D865F95F704 ] C:\Program Files\Toshiba\Power Saver\TPwrFunc.dll
15:49:41.0402 4524 C:\Program Files\Toshiba\Power Saver\TPwrFunc.dll - ok
15:49:41.0402 4524 [ 72910F1DEB838E6E08A9017BFB7D4F0B ] C:\Windows\System32\browcli.dll
15:49:41.0402 4524 C:\Windows\System32\browcli.dll - ok
15:49:41.0402 4524 [ D83947A58613E9091B4C9CC0F1546A8D ] C:\Windows\System32\mscoree.dll
15:49:41.0402 4524 C:\Windows\System32\mscoree.dll - ok
15:49:41.0402 4524 [ C0137AFD260FCA1FD5B754B880A1238C ] C:\Program Files\Toshiba\TECO\TecoService.exe
15:49:41.0402 4524 C:\Program Files\Toshiba\TECO\TecoService.exe - ok
15:49:41.0402 4524 [ F5DF6846F30E9F54EA60CCAEB3FB2055 ] C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscoreei.dll
15:49:41.0402 4524 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscoreei.dll - ok
15:49:41.0402 4524 [ 4F6E72B34ED3DC53DCC5E8708E60B61F ] C:\Windows\System32\security.dll
15:49:41.0402 4524 C:\Windows\System32\security.dll - ok
15:49:41.0402 4524 [ 99B9343280AF6A4C0F27CF2E28E94BBF ] C:\Windows\System32\dssenh.dll
15:49:41.0402 4524 C:\Windows\System32\dssenh.dll - ok
15:49:41.0402 4524 [ 0A0BF77CE0F3F57AEA4A1CCAF4F1F5E0 ] C:\Program Files\Toshiba\TECO\TecoHci.dll
15:49:41.0402 4524 C:\Program Files\Toshiba\TECO\TecoHci.dll - ok
15:49:41.0402 4524 [ 7B65ABE386AEF76FC688FCBFB5E5B732 ] C:\Program Files\Toshiba\TECO\TecoPower.dll
15:49:41.0402 4524 C:\Program Files\Toshiba\TECO\TecoPower.dll - ok
15:49:41.0402 4524 [ 5144AE67D60EC653F97DDF3FEED29E77 ] C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVC.EXE
15:49:41.0402 4524 C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVC.EXE - ok
15:49:41.0402 4524 [ 704314FD398C81D5F342CAA5DF7B7F21 ] C:\Windows\System32\wbemcomn.dll
15:49:41.0402 4524 C:\Windows\System32\wbemcomn.dll - ok
15:49:41.0402 4524 [ 3FAE8F94296001C32EAB62CD7D82E0FD ] C:\Program Files\Windows Defender\MpSvc.dll
15:49:41.0402 4524 C:\Program Files\Windows Defender\MpSvc.dll - ok
15:49:41.0402 4524 [ 5EB87BA0B93CA7E894FC8002E3CE4C2A ] C:\Program Files\Common Files\microsoft shared\Windows Live\SQMAPI.DLL
15:49:41.0402 4524 C:\Program Files\Common Files\microsoft shared\Windows Live\SQMAPI.DLL - ok
15:49:41.0402 4524 [ 881D9F2D6E04E1C323050CF1574870F7 ] C:\Windows\System32\wbem\WinMgmtR.dll
15:49:41.0402 4524 C:\Windows\System32\wbem\WinMgmtR.dll - ok
15:49:41.0402 4524 [ 701C9EB15E1E23D22F7C7184C0506673 ] C:\Windows\System32\wbem\WmiDcPrv.dll
15:49:41.0402 4524 C:\Windows\System32\wbem\WmiDcPrv.dll - ok
15:49:41.0402 4524 [ E3E811471DE781900FF21C1FD84E941E ] C:\Windows\System32\ntdsapi.dll
15:49:41.0402 4524 C:\Windows\System32\ntdsapi.dll - ok
15:49:41.0402 4524 [ CFC7D8289D2B5F3CF8D16E2DB7F93D4A ] C:\Windows\System32\wbem\fastprox.dll
15:49:41.0402 4524 C:\Windows\System32\wbem\fastprox.dll - ok
15:49:41.0402 4524 [ C5B0324DB461559ADD070E632A6919FA ] C:\Windows\System32\wbem\wbemprox.dll
15:49:41.0402 4524 C:\Windows\System32\wbem\wbemprox.dll - ok
15:49:41.0402 4524 [ 894F963BE999BA9DB5AAC3AED55B115D ] C:\Windows\System32\drivers\XAudio32.sys
15:49:41.0402 4524 C:\Windows\System32\drivers\XAudio32.sys - ok
15:49:41.0402 4524 [ 03F0545BD8D4C77FA0AE1CEEDFCC71AB ] C:\Windows\System32\drivers\srv2.sys
15:49:41.0402 4524 C:\Windows\System32\drivers\srv2.sys - ok
15:49:41.0402 4524 [ B2E1E4A16EDD02396F451F915FA3CBFA ] C:\Windows\System32\rastapi.dll
15:49:41.0402 4524 C:\Windows\System32\rastapi.dll - ok
15:49:41.0402 4524 [ BA32509D9B340162327B341013DE6522 ] C:\Windows\System32\tapi32.dll
15:49:41.0402 4524 C:\Windows\System32\tapi32.dll - ok
15:49:41.0402 4524 [ 582224DF20C0F6DBCCF0C089FF6DEBA8 ] C:\ProgramData\Microsoft\IdentityCRL\production\ppcrlconfig600.dll
15:49:41.0402 4524 C:\ProgramData\Microsoft\IdentityCRL\production\ppcrlconfig600.dll - ok
15:49:41.0402 4524 [ A1CF0ED4315C7EBFF0B8E86C36B86FE6 ] C:\ProgramData\Microsoft\IdentityCRL\production\wlidui.dll
15:49:41.0402 4524 C:\ProgramData\Microsoft\IdentityCRL\production\wlidui.dll - ok
15:49:41.0412 4524 [ E4C2764065D66EA1D2D3EBC28FE99C46 ] C:\Windows\System32\drivers\srv.sys
15:49:41.0412 4524 C:\Windows\System32\drivers\srv.sys - ok
15:49:41.0412 4524 [ 1CDEA9188899E76D4FFD54C9D512CCDB ] C:\Windows\System32\msxml3.dll
15:49:41.0412 4524 C:\Windows\System32\msxml3.dll - ok
15:49:41.0412 4524 [ 6383C60EC0133B14F5705F96369421B2 ] C:\Windows\System32\hnetcfg.dll
15:49:41.0412 4524 C:\Windows\System32\hnetcfg.dll - ok
15:49:41.0412 4524 [ E4B72E71EC37A59FE574A998A0C0EB9B ] C:\Windows\System32\netmsg.dll
15:49:41.0412 4524 C:\Windows\System32\netmsg.dll - ok
15:49:41.0412 4524 [ 40CAEEE0EAF1B8569F7C8DF6420F2CB9 ] C:\Windows\System32\sfc.dll
15:49:41.0412 4524 C:\Windows\System32\sfc.dll - ok
15:49:41.0412 4524 [ 84799328D87B3091A3BDD251E1AD31F9 ] C:\Windows\System32\sfc_os.dll
15:49:41.0412 4524 C:\Windows\System32\sfc_os.dll - ok
15:49:41.0412 4524 [ 377F0C1DDBFA6A43CB7E7568BC0ECED0 ] C:\Windows\System32\unimdm.tsp
15:49:41.0412 4524 C:\Windows\System32\unimdm.tsp - ok
15:49:41.0412 4524 [ 45D9F6CD2469CDB6A640DD4BD2B01471 ] C:\Windows\System32\nci.dll
15:49:41.0412 4524 C:\Windows\System32\nci.dll - ok
15:49:41.0412 4524 [ 585EB475E7AF55C9065256E8FFB751A1 ] C:\Windows\System32\wbem\wbemcore.dll
15:49:41.0412 4524 C:\Windows\System32\wbem\wbemcore.dll - ok
15:49:41.0412 4524 [ E675DE8CF57D8814218733B3DAE896D7 ] C:\Windows\System32\uniplat.dll
15:49:41.0412 4524 C:\Windows\System32\uniplat.dll - ok
15:49:41.0412 4524 [ 4EAF682E27490A3D45C0EBB6537EE6A8 ] C:\Windows\System32\modemui.dll
15:49:41.0412 4524 C:\Windows\System32\modemui.dll - ok
15:49:41.0412 4524 [ 53CA6BF58658815FCB472205291DD953 ] C:\Windows\System32\unimdmat.dll
15:49:41.0412 4524 C:\Windows\System32\unimdmat.dll - ok
15:49:41.0412 4524 [ 20308CF0675AD7CE5AAA6712DB823216 ] C:\Program Files\Windows Defender\MpClient.dll
15:49:41.0412 4524 C:\Program Files\Windows Defender\MpClient.dll - ok
15:49:41.0412 4524 [ E2F6CC0D191361EE94FEA3957653F531 ] C:\Windows\System32\hidphone.tsp
15:49:41.0412 4524 C:\Windows\System32\hidphone.tsp - ok
15:49:41.0412 4524 [ F3FB146CDBDD26FCD0CF7941C547BEE4 ] C:\Windows\System32\kmddsp.tsp
15:49:41.0412 4524 C:\Windows\System32\kmddsp.tsp - ok
15:49:41.0412 4524 [ AA11A26692E0DB2996CAEFE9EC61F61F ] C:\Windows\System32\ndptsp.tsp
15:49:41.0412 4524 C:\Windows\System32\ndptsp.tsp - ok
15:49:41.0412 4524 [ 5AE88135C6A86FCD67BA16AFBB1C8389 ] C:\Windows\System32\wbem\esscli.dll
15:49:41.0412 4524 C:\Windows\System32\wbem\esscli.dll - ok
15:49:41.0412 4524 [ 371E3B05894549113D07CD3081ED55EF ] C:\Windows\System32\wbem\repdrvfs.dll
15:49:41.0412 4524 C:\Windows\System32\wbem\repdrvfs.dll - ok
15:49:41.0412 4524 [ 776AE0564F8B1C282E331FD95A1BDC5F ] C:\Windows\System32\wbem\wbemsvc.dll
15:49:41.0412 4524 C:\Windows\System32\wbem\wbemsvc.dll - ok
15:49:41.0412 4524 [ 5610B0425518D185331CB8E968D060E6 ] C:\Windows\System32\wbem\wmiutils.dll
15:49:41.0412 4524 C:\Windows\System32\wbem\wmiutils.dll - ok
15:49:41.0412 4524 [ D2958325C1AE1AE37A83334C6229E3BC ] C:\Windows\System32\actxprxy.dll
15:49:41.0412 4524 C:\Windows\System32\actxprxy.dll - ok
15:49:41.0412 4524 [ 67F9B5C7E215B48F9256757E9CC09A7B ] C:\Windows\System32\rasppp.dll
15:49:41.0412 4524 C:\Windows\System32\rasppp.dll - ok
15:49:41.0412 4524 [ 80B562B5B59ED850C328DD75F964F3D8 ] C:\Windows\System32\vpnike.dll
15:49:41.0412 4524 C:\Windows\System32\vpnike.dll - ok
15:49:41.0412 4524 [ AE9898D5600A232CD8AE3298692162E5 ] C:\Windows\System32\clusapi.dll
15:49:41.0412 4524 C:\Windows\System32\clusapi.dll - ok
15:49:41.0412 4524 [ 03F3B770DFBED6131653CEDA8CA780F0 ] C:\Windows\System32\ntshrui.dll
15:49:41.0412 4524 C:\Windows\System32\ntshrui.dll - ok
15:49:41.0412 4524 [ 89E783711AF91AF09E1EF30EF3107446 ] C:\Windows\System32\sscore.dll
15:49:41.0412 4524 C:\Windows\System32\sscore.dll - ok
15:49:41.0422 4524 [ 2AF094C822BD6094F14A8E85FB51D52A ] C:\Windows\System32\resutils.dll
15:49:41.0422 4524 C:\Windows\System32\resutils.dll - ok
15:49:41.0422 4524 [ D4191EFAB91E00FC09257AA5EBAF503B ] C:\Windows\System32\mprapi.dll
15:49:41.0422 4524 C:\Windows\System32\mprapi.dll - ok
15:49:41.0422 4524 [ EAB975DB4C2805927FE5BD047D05C9AA ] C:\Windows\System32\netshell.dll
15:49:41.0422 4524 C:\Windows\System32\netshell.dll - ok
15:49:41.0422 4524 [ 3CDE2911462FEC80064A409C07710C06 ] C:\Windows\System32\wbem\WmiPrvSD.dll
15:49:41.0422 4524 C:\Windows\System32\wbem\WmiPrvSD.dll - ok
15:49:41.0422 4524 [ A4CC7227A452C4909F9499D91B184364 ] C:\Windows\System32\ncobjapi.dll
15:49:41.0422 4524 C:\Windows\System32\ncobjapi.dll - ok
15:49:41.0422 4524 [ B350509B6C9296529BC464C60FEEAEF1 ] C:\Windows\System32\wbem\wbemess.dll
15:49:41.0422 4524 C:\Windows\System32\wbem\wbemess.dll - ok
15:49:41.0422 4524 [ 9E4B0E7472B4CEBA9E17F440B8CB0AB8 ] C:\Windows\System32\winspool.drv
15:49:41.0422 4524 C:\Windows\System32\winspool.drv - ok
15:49:41.0422 4524 [ 4FB491AC8D46AAF22BA8BC5C73DABEF7 ] C:\Windows\System32\wbem\WmiPrvSE.exe
15:49:41.0422 4524 C:\Windows\System32\wbem\WmiPrvSE.exe - ok
15:49:41.0422 4524 [ 74AF6AA2E8B3180AADAE5FE8813CB1CD ] C:\Windows\System32\localspl.dll
15:49:41.0422 4524 C:\Windows\System32\localspl.dll - ok
15:49:41.0422 4524 [ CB67C2B94302DC94BC15ED6553A5C1C7 ] C:\Windows\System32\wbem\cimwin32.dll
15:49:41.0422 4524 C:\Windows\System32\wbem\cimwin32.dll - ok
15:49:41.0422 4524 [ 03CF941D031F30272D3063E5A4D686F5 ] C:\Windows\System32\PrintIsolationProxy.dll
15:49:41.0422 4524 C:\Windows\System32\PrintIsolationProxy.dll - ok
15:49:41.0422 4524 [ 629181C26A78EB66B0B4E774E5AC2882 ] C:\Windows\System32\spoolss.dll
15:49:41.0422 4524 C:\Windows\System32\spoolss.dll - ok
15:49:41.0422 4524 [ B06AEF7D9948F1F29CDE80C6027C4535 ] C:\Windows\System32\bzpdf.dll
15:49:41.0422 4524 C:\Windows\System32\bzpdf.dll - ok
15:49:41.0422 4524 [ D0481FB85BEEDD30A0884BE327880F80 ] C:\Windows\System32\framedynos.dll
15:49:41.0422 4524 C:\Windows\System32\framedynos.dll - ok
15:49:41.0422 4524 [ 126F8331BD023178C7F0EF2F5EDE16B3 ] C:\Windows\System32\FXSMON.dll
15:49:41.0422 4524 C:\Windows\System32\FXSMON.dll - ok
15:49:41.0422 4524 [ 1220595CABA75AB91A6B3FA3B89483CC ] C:\Windows\System32\snmpapi.dll
15:49:41.0422 4524 C:\Windows\System32\snmpapi.dll - ok
15:49:41.0422 4524 [ B390C1D825C7687493BEDE237C6C2F25 ] C:\Windows\System32\tcpmon.dll
15:49:41.0422 4524 C:\Windows\System32\tcpmon.dll - ok
15:49:41.0432 4524 [ 923CDD30092DB73EC4A0EBCDDD16C686 ] C:\Windows\System32\usbmon.dll
15:49:41.0432 4524 C:\Windows\System32\usbmon.dll - ok
15:49:41.0432 4524 [ A8EB761DE499242BECF153B2B34F020E ] C:\Windows\System32\WSDMon.dll
15:49:41.0432 4524 C:\Windows\System32\WSDMon.dll - ok
15:49:41.0432 4524 [ 6357E2B68753A1F5CF4A68A25C4FD14A ] C:\Windows\System32\wsnmp32.dll
15:49:41.0432 4524 C:\Windows\System32\wsnmp32.dll - ok
15:49:41.0432 4524 [ F34CFADA6C48DAA41B996D24C7D8D3CA ] C:\Windows\System32\fdPnp.dll
15:49:41.0432 4524 C:\Windows\System32\fdPnp.dll - ok
15:49:41.0432 4524 [ CD72C6406BA561BED6D42CB145E55307 ] C:\Windows\System32\spool\prtprocs\w32x86\winprint.dll
15:49:41.0432 4524 C:\Windows\System32\spool\prtprocs\w32x86\winprint.dll - ok
15:49:41.0432 4524 [ D2CAB9F7DAC758F796781695B92E5681 ] C:\Windows\System32\spool\prtprocs\w32x86\LXKPTPRC.DLL
15:49:41.0432 4524 C:\Windows\System32\spool\prtprocs\w32x86\LXKPTPRC.DLL - ok
15:49:41.0432 4524 [ BE3953C7DAE4ECC89134CF64A903F8ED ] C:\Windows\System32\win32spl.dll
15:49:41.0432 4524 C:\Windows\System32\win32spl.dll - ok
15:49:41.0432 4524 [ D27DDE7E0444C7F1819F958469EB7D93 ] C:\Windows\System32\inetpp.dll
15:49:41.0432 4524 C:\Windows\System32\inetpp.dll - ok
15:49:41.0432 4524 [ E91B5FA739CCF7F0CE3282B0FCFA5108 ] C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVCM.EXE
15:49:41.0432 4524 C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVCM.EXE - ok
15:49:41.0432 4524 [ 1F826DC5F8D51CBC82D54616BFC41987 ] C:\Windows\winsxs\x86_microsoft-windows-servicingstack_31bf3856ad364e35_6.1.7601.17592_none_0b0e4b4025cf4049\drvstore.dll
15:49:41.0432 4524 C:\Windows\winsxs\x86_microsoft-windows-servicingstack_31bf3856ad364e35_6.1.7601.17592_none_0b0e4b4025cf4049\drvstore.dll - ok
15:49:41.0432 4524 [ 15E298B5EC5B89C5994A59863969D9FF ] C:\Windows\System32\npmproxy.dll
15:49:41.0432 4524 C:\Windows\System32\npmproxy.dll - ok
15:49:41.0432 4524 [ 465DBF63A5049E4DB4BC5C12FFE781CB ] C:\Windows\System32\tquery.dll
15:49:41.0432 4524 C:\Windows\System32\tquery.dll - ok
15:49:41.0432 4524 [ 0241CB16136B9A4939CA0395768AE286 ] C:\Windows\System32\mssrch.dll
15:49:41.0432 4524 C:\Windows\System32\mssrch.dll - ok
15:49:41.0432 4524 [ 5C3F9DBA818CD93379D1A0F215270374 ] C:\Windows\System32\esent.dll
15:49:41.0432 4524 C:\Windows\System32\esent.dll - ok
15:49:41.0432 4524 [ 81600E2E27ED61427AAD865B9BCDDB9D ] C:\Windows\System32\msidle.dll
15:49:41.0432 4524 C:\Windows\System32\msidle.dll - ok
15:49:41.0432 4524 [ 7E82616BEE76BF5EAA5B30F681414E21 ] C:\Windows\System32\perftrack.dll
15:49:41.0432 4524 C:\Windows\System32\perftrack.dll - ok
15:49:41.0432 4524 [ E98278865E8DABA21CFE5FE4BE34210A ] C:\Windows\System32\PortableDeviceApi.dll
15:49:41.0432 4524 C:\Windows\System32\PortableDeviceApi.dll - ok
15:49:41.0432 4524 [ C693E642ACFBDD76433AF6BE3C3EEE6F ] C:\Windows\System32\PortableDeviceConnectApi.dll
15:49:41.0432 4524 C:\Windows\System32\PortableDeviceConnectApi.dll - ok
15:49:41.0432 4524 [ 8B794AE6D5C7D42092804BC39A2EB8F6 ] C:\Windows\System32\aepic.dll
15:49:41.0432 4524 C:\Windows\System32\aepic.dll - ok
15:49:41.0432 4524 [ ECF036299AA554B5E0455262857B39D0 ] C:\Windows\System32\diagperf.dll
15:49:41.0432 4524 C:\Windows\System32\diagperf.dll - ok
15:49:41.0432 4524 [ 1CBF15FDB0310345A68972EB5C5B948F ] C:\Windows\System32\mssprxy.dll
15:49:41.0432 4524 C:\Windows\System32\mssprxy.dll - ok
15:49:41.0432 4524 [ 590D5C506044FE02FF7643E32FF9BDAC ] C:\Windows\System32\wer.dll
15:49:41.0432 4524 C:\Windows\System32\wer.dll - ok
15:49:41.0432 4524 [ 0B7E85364CB878E2AD531DB7B601A9E5 ] C:\Windows\System32\NapiNSP.dll
15:49:41.0432 4524 C:\Windows\System32\NapiNSP.dll - ok
15:49:41.0432 4524 [ 5CF640EDDB1E40A5AB1BB743BCDEC610 ] C:\Windows\System32\pnrpnsp.dll
15:49:41.0432 4524 C:\Windows\System32\pnrpnsp.dll - ok
15:49:41.0432 4524 [ 5DF5D8CFD9B9573FA3B2C89D9061A240 ] C:\Windows\System32\winrnr.dll
15:49:41.0432 4524 C:\Windows\System32\winrnr.dll - ok
15:49:41.0432 4524 [ D99621C0735B21DCC8BC4FEF02F379EF ] C:\Windows\System32\Apphlpdm.dll
15:49:41.0432 4524 C:\Windows\System32\Apphlpdm.dll - ok
15:49:41.0442 4524 [ F8E882C10AF4C29E378D1E28D4817CB1 ] C:\Windows\System32\pnpts.dll
15:49:41.0442 4524 C:\Windows\System32\pnpts.dll - ok
15:49:41.0442 4524 [ F0016853FA3F38F55FD868FF74C0359B ] C:\Windows\System32\wdiasqmmodule.dll
15:49:41.0442 4524 C:\Windows\System32\wdiasqmmodule.dll - ok
15:49:41.0442 4524 [ B63E24E9271E99FD4540E3CA22A937DA ] C:\Windows\System32\en-US\tquery.dll.mui
15:49:41.0442 4524 C:\Windows\System32\en-US\tquery.dll.mui - ok
15:49:41.0442 4524 [ 9A7B54D57594233EEB17892BAD309970 ] C:\Windows\System32\mprmsg.dll
15:49:41.0442 4524 C:\Windows\System32\mprmsg.dll - ok
15:49:41.0442 4524 [ F7FE730CE31B54145DEE1F1482BCCDD7 ] C:\Windows\System32\ndiscapCfg.dll
15:49:41.0442 4524 C:\Windows\System32\ndiscapCfg.dll - ok
15:49:41.0442 4524 [ 78DE417B7921DACA072059E6BF410FC7 ] C:\Windows\System32\wshnetbs.dll
15:49:41.0442 4524 C:\Windows\System32\wshnetbs.dll - ok
15:49:41.0442 4524 [ 9E6AF823733C70E207D9FB6731A63B3D ] C:\Windows\System32\wlaninst.dll
15:49:41.0442 4524 C:\Windows\System32\wlaninst.dll - ok
15:49:41.0442 4524 [ 5B6EF0861BB5AC0EC347548E85C24A1D ] C:\Windows\System32\wwaninst.dll
15:49:41.0442 4524 C:\Windows\System32\wwaninst.dll - ok
15:49:41.0442 4524 [ C9905EA4C326DAB778B9297BA5BD1889 ] C:\Windows\System32\wermgr.exe
15:49:41.0442 4524 C:\Windows\System32\wermgr.exe - ok
15:49:41.0442 4524 [ 7FA8BA5A780E4757964AC9D4238302B9 ] C:\Windows\System32\taskhost.exe
15:49:41.0442 4524 C:\Windows\System32\taskhost.exe - ok
15:49:41.0442 4524 [ C5C867CD7EFAC60D5021223E374DEEC5 ] C:\Windows\System32\dimsjob.dll
15:49:41.0442 4524 C:\Windows\System32\dimsjob.dll - ok
15:49:41.0442 4524 [ 61B1ED5F429EFAC7E2036769870AB93E ] C:\Windows\System32\certcli.dll
15:49:41.0442 4524 C:\Windows\System32\certcli.dll - ok
15:49:41.0442 4524 [ 14486EB6AF542F2BD3239F7FC3E713F7 ] C:\Windows\System32\pautoenr.dll
15:49:41.0442 4524 C:\Windows\System32\pautoenr.dll - ok
15:49:41.0442 4524 [ 29BC473072568C072EC8B176498DE996 ] C:\Windows\System32\CertEnroll.dll
15:49:41.0442 4524 C:\Windows\System32\CertEnroll.dll - ok
15:49:41.0442 4524 [ 4B9E4CE667DF26ADA061AA81E9AA841D ] C:\Windows\System32\spfileq.dll
15:49:41.0442 4524 C:\Windows\System32\spfileq.dll - ok
15:49:41.0442 4524 [ 81C0FA250EF6DC1C6B3FA2BCE81D6C2E ] C:\Windows\System32\WinSATAPI.dll
15:49:41.0442 4524 C:\Windows\System32\WinSATAPI.dll - ok
15:49:41.0442 4524 [ 0411B7958C524BB2E91EE1B3035FE321 ] C:\Windows\System32\dxgi.dll
15:49:41.0442 4524 C:\Windows\System32\dxgi.dll - ok
15:49:41.0442 4524 [ 81E7E920312D372CF57A817049AC7C76 ] C:\Program Files\Common Files\microsoft shared\OFFICE14\MSOXMLMF.DLL
15:49:41.0442 4524 C:\Program Files\Common Files\microsoft shared\OFFICE14\MSOXMLMF.DLL - ok
15:49:41.0442 4524 [ A36E64D0703C7CB9724C102CA89488D4 ] C:\Windows\servicing\CbsMsg.dll
15:49:41.0442 4524 C:\Windows\servicing\CbsMsg.dll - ok
15:49:41.0442 4524 [ A12829E9974F57E9B5DBFEA7C93190F6 ] C:\Windows\System32\UXInit.dll
15:49:41.0442 4524 C:\Windows\System32\UXInit.dll - ok
15:49:41.0442 4524 [ 827CB0D6C3F8057EA037FF271F8E9795 ] C:\Windows\System32\imageres.dll
15:49:41.0442 4524 C:\Windows\System32\imageres.dll - ok
15:49:41.0442 4524 [ A63DC5C2EA944E6657203E0C8EDEAF61 ] C:\Windows\System32\dllhost.exe
15:49:41.0442 4524 C:\Windows\System32\dllhost.exe - ok
15:49:41.0442 4524 [ 0B31464B7B2D616BD5F7036673588EC1 ] C:\Windows\System32\IDStore.dll
15:49:41.0442 4524 C:\Windows\System32\IDStore.dll - ok
15:49:41.0442 4524 [ BDAC1AA64495D0F7E1FF810EBBF1F018 ] C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_5.82.7601.17514_none_ec83dffa859149af\comctl32.dll
15:49:41.0442 4524 C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_5.82.7601.17514_none_ec83dffa859149af\comctl32.dll - ok
15:49:41.0442 4524 [ 3CA2BB895E204478C7A4C9BAF70970CE ] C:\Windows\System32\AtBroker.exe
15:49:41.0442 4524 C:\Windows\System32\AtBroker.exe - ok
15:49:41.0442 4524 [ 61AC3EFDFACFDD3F0F11DD4FD4044223 ] C:\Windows\System32\userinit.exe
15:49:41.0442 4524 C:\Windows\System32\userinit.exe - ok
15:49:41.0442 4524 [ 497E59D9F01C6F247E72222A61835119 ] C:\Windows\System32\dwmcore.dll
15:49:41.0442 4524 C:\Windows\System32\dwmcore.dll - ok
15:49:41.0452 4524 [ 754AFC50022C95DA7C86B7020DB78136 ] C:\Windows\System32\dwmredir.dll
15:49:41.0452 4524 C:\Windows\System32\dwmredir.dll - ok
15:49:41.0452 4524 [ 8B88EBBB05A0E56B7DCC708498C02B3E ] C:\Windows\explorer.exe
15:49:41.0452 4524 C:\Windows\explorer.exe - ok




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users