Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Having problem with Enterfactory.com pop-ups


  • This topic is locked This topic is locked
28 replies to this topic

#1 Lohckm

Lohckm

  • Members
  • 20 posts
  • OFFLINE
  •  
  • Local time:09:53 PM

Posted 17 December 2012 - 08:12 AM

Hello guys! Sorry if i posted this at the wrong section.. Recently i visited omegle.com and chatroulette.com and after that i got a pop-up from Enterfactory.com. I did not click any links from omegle or chatroulette. It has been affecting me for quite some time. It is irritating as it keeps popping up whenever i surf on the net using either firefox or google chrome. I wonder will the malware/virus do any serious damage to my PC.
It also affects and slows down my internet. Below is an attachment of what i get sometimes while browsing the net.
Kindly advice and help me please.. Thanks in advance!

Attached Files



BC AdBot (Login to Remove)

 


#2 Lohckm

Lohckm
  • Topic Starter

  • Members
  • 20 posts
  • OFFLINE
  •  
  • Local time:09:53 PM

Posted 17 December 2012 - 09:08 AM

Sorry guys here are the DDS!

DDS (Ver_2012-11-20.01) - NTFS_x86
Internet Explorer: 9.0.8112.16457 BrowserJavaVersion: 10.9.2
Run by lohckm at 22:02:31 on 2012-12-17
.
============== Running Processes ================
.
C:\windows\system32\wininit.exe
C:\windows\system32\lsm.exe
C:\windows\system32\atiesrxx.exe
C:\windows\system32\atieclxx.exe
C:\windows\system32\WLANExt.exe
C:\windows\system32\conhost.exe
C:\windows\system32\Dwm.exe
C:\windows\Explorer.EXE
C:\Program Files\AVAST Software\Avast\AvastSvc.exe
C:\Program Files\CheckPoint\ZAForceField\IswSvc.exe
C:\Program Files\CheckPoint\ZAForceField\ForceField.exe
C:\Program Files\Toshiba\Power Saver\TPwrMain.exe
C:\Program Files\Toshiba\SmoothView\SmoothView.exe
C:\Program Files\Toshiba\FlashCards\TCrdMain.exe
C:\Program Files\CONEXANT\cAudioFilterAgent\cAudioFilterAgent.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
C:\Program Files\Toshiba\TECO\Teco.exe
C:\Program Files\Toshiba\TOSHIBA Service Station\ToshibaServiceStation.exe
C:\Program Files\Toshiba\TOSHIBA Web Camera Application\TWebCamera.exe
C:\Program Files\Toshiba\BulletinBoard\TosNcCore.exe
C:\Program Files\Toshiba\ReelTime\TosReelTimeMonitor.exe
C:\Program Files\Yuna Software\Messenger Plus!\PlusService.exe
C:\windows\System32\spoolsv.exe
C:\windows\system32\taskhost.exe
C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
C:\Program Files\Microsoft Small Business\Business Contact Manager\BcmSqlStartupSvc.exe
C:\Program Files\Intel\Intel® Management Engine Components\LMS\LMS.exe
C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe
C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
C:\Program Files\Yuna Software\Messenger Plus! for Skype\MsgPlusForSkypeService.exe
c:\Program Files\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe
C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe
c:\Program Files\Microsoft SQL Server\90\Shared\sqlbrowser.exe
c:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\Program Files\AVAST Software\Avast\AvastUI.exe
C:\windows\system32\TODDSrv.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Program Files\Toshiba\Power Saver\TosCoSrv.exe
C:\Program Files\TOSHIBA\TECO\TecoService.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtMng.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
C:\windows\system32\taskeng.exe
C:\windows\system32\SearchIndexer.exe
C:\Program Files\TOSHIBA\ConfigFree\NDSTray.exe
C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtSrv.exe
C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
C:\Program Files\Windows Live\Contacts\wlcomm.exe
C:\Program Files\TOSHIBA\TOSHIBA Service Station\TMachInfo.exe
C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosA2dp.exe
C:\Program Files\TOSHIBA\ConfigFree\CFSwMgr.exe
C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtHid.exe
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtHsp.exe
C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosAVRC.exe
C:\Program Files\Toshiba\Bluetooth Toshiba Stack\tosOBEX.exe
C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtProc.exe
C:\windows\system32\DllHost.exe
C:\Program Files\TOSHIBA\TPHM\TPCHSrv.exe
C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSmartSrv.exe
C:\Program Files\TOSHIBA\TPHM\TPCHWMsg.exe
C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSENotify.exe
C:\Program Files\TOSHIBA\ConfigFree\CFIWmxSvcs.exe
C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe
C:\Program Files\Intel\Intel® Management Engine Components\UNS\UNS.exe
C:\windows\system32\wuauclt.exe
C:\Program Files\Garena Messenger\GarenaMessenger.exe
C:\Windows\System32\rundll32.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Garena Messenger\bbtalk\GarenaTalkOverlay.exe
C:\Program Files\Garena Messenger\Apps\LoL\LoL.exe
C:\Program Files\Garena Messenger\Apps\LoL\Air\LOLClient.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\windows\system32\conhost.exe
C:\windows\system32\wbem\wmiprvse.exe
C:\windows\system32\wbem\wmiprvse.exe
C:\windows\system32\svchost.exe -k DcomLaunch
C:\windows\system32\svchost.exe -k RPCSS
C:\windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\windows\system32\svchost.exe -k netsvcs
C:\windows\system32\svchost.exe -k GPSvcGroup
C:\windows\system32\svchost.exe -k LocalService
C:\windows\system32\svchost.exe -k NetworkService
C:\windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\windows\System32\svchost.exe -k secsvcs
C:\windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\windows\System32\svchost.exe -k LocalServicePeerNet
.
============== Pseudo HJT Report ===============
.
uStart Page = about:blank
BHO: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelperShim.dll
BHO: Java™ Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - c:\program files\java\jre7\bin\ssv.dll
BHO: ZoneAlarm Security Engine Registrar: {8A4A36C2-0535-4D2C-BD3D-496CB7EED6E3} - c:\program files\checkpoint\zaforcefield\trustchecker\bin\TrustCheckerIEPlugin.dll
BHO: avast! WebRep: {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - c:\program files\avast software\avast\aswWebRepIE.dll
BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - c:\program files\common files\microsoft shared\windows live\WindowsLiveLogin.dll
BHO: Skype Browser Helper: {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - c:\program files\skype\toolbars\internet explorer\skypeieplugin.dll
BHO: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - c:\program files\microsoft office\office14\URLREDIR.DLL
BHO: Java™ Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - c:\program files\java\jre7\bin\jp2ssv.dll
BHO: TOSHIBA Media Controller Plug-in: {F3C88694-EFFA-4d78-B409-54B7B2535B14} - c:\program files\toshiba\toshiba media controller plug-in\TOSHIBAMediaControllerIE.dll
TB: ZoneAlarm Security Engine: {EE2AC4E5-B0B0-4EC6-88A9-BCA1A32AB107} - c:\program files\checkpoint\zaforcefield\trustchecker\bin\TrustCheckerIEPlugin.dll
TB: avast! WebRep: {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - c:\program files\avast software\avast\aswWebRepIE.dll
uRun: [Sidebar] c:\program files\windows sidebar\sidebar.exe /autoRun
uRun: [Pando Media Booster] c:\program files\pando networks\media booster\PMB.exe
uRun: [GarenaPlus] "c:\program files\garena messenger\GarenaMessenger.exe" -autolaunch
uRun: [Skype] "c:\program files\skype\phone\Skype.exe" /minimized /regrun
uRun: [msnmsgr] "c:\program files\windows live\messenger\msnmsgr.exe" /background
mRun: [StartCCC] "c:\program files\ati technologies\ati.ace\core-static\CLIStart.exe" MSRun
mRun: [TPwrMain] c:\program files\toshiba\power saver\TPwrMain.EXE
mRun: [HSON] c:\program files\toshiba\tbs\HSON.exe
mRun: [SmoothView] c:\program files\toshiba\smoothview\SmoothView.exe
mRun: [00TCrdMain] c:\program files\toshiba\flashcards\TCrdMain.exe
mRun: [cAudioFilterAgent] c:\program files\conexant\caudiofilteragent\cAudioFilterAgent.exe
mRun: [SynTPEnh] c:\program files\synaptics\syntp\SynTPEnh.exe
mRun: [ITSecMng] c:\program files\toshiba\bluetooth toshiba stack\ItSecMng.exe /START
mRun: [SmartFaceVWatcher] c:\program files\toshiba\smartfacev\SmartFaceVWatcher.exe
mRun: [Teco] "c:\program files\toshiba\teco\Teco.exe" /r
mRun: [TosSENotify] c:\program files\toshiba\toshiba hdd ssd alert\TosWaitSrv.exe
mRun: [ToshibaServiceStation] "c:\program files\toshiba\toshiba service station\ToshibaServiceStation.exe" /hide:60
mRun: [TosWaitSrv] c:\program files\toshiba\tphm\TosWaitSrv.exe
mRun: [TWebCamera] "c:\program files\toshiba\toshiba web camera application\TWebCamera.exe" autorun
mRun: [TosVolRegulator] c:\program files\toshiba\tosvolregulator\TosVolRegulator.exe
mRun: [TosNC] c:\program files\toshiba\bulletinboard\TosNcCore.exe
mRun: [TosReelTimeMonitor] c:\program files\toshiba\reeltime\TosReelTimeMonitor.exe
mRun: [PlusService] c:\program files\yuna software\messenger plus!\PlusService.exe
mRun: [MessengerPlusForSkypeService] "c:\program files\yuna software\messenger plus! for skype\MsgPlusForSkypeService.exe"
mRun: [ISW] "c:\program files\checkpoint\zaforcefield\ForceField.exe" /icon="hidden"
mRun: [ZoneAlarm] "c:\program files\checkpoint\zonealarm\zatray.exe"
mRun: [Adobe ARM] "c:\program files\common files\adobe\arm\1.0\AdobeARM.exe"
mRun: [SunJavaUpdateSched] "c:\program files\common files\java\java update\jusched.exe"
mRun: [avast] "c:\program files\avast software\avast\avastUI.exe" /nogui
uPolicies-Explorer: NoDrives = dword:0
mPolicies-Explorer: NoDrives = dword:0
mPolicies-System: ConsentPromptBehaviorAdmin = dword:5
mPolicies-System: ConsentPromptBehaviorUser = dword:3
mPolicies-System: EnableUIADesktopToggle = dword:0
IE: E&xport to Microsoft Excel - c:\progra~1\mif5ba~1\office14\EXCEL.EXE/3000
IE: Se&nd to OneNote - c:\progra~1\mif5ba~1\office14\ONBttnIE.dll/105
IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - c:\program files\windows live\writer\WriterBrowserExtension.dll
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - c:\program files\microsoft office\office14\ONBttnIE.dll
IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - c:\program files\microsoft office\office14\ONBttnIELinkedNotes.dll
IE: {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - c:\program files\skype\toolbars\internet explorer\skypeieplugin.dll
DPF: {5D6F45B3-9043-443D-A792-115447494D24} - hxxp://messenger.zone.msn.com/MessengerGamesContent/GameContent/Default/uno1/GAME_UNO1.cab
DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} - hxxp://download.eset.com/special/eos/OnlineScanner.cab
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_37-windows-i586.cab
DPF: {C345E174-3E87-4F41-A01C-B066A90A49B4} - hxxp://trial.trymicrosoftoffice.com/trialoaa/buymsoffice_assets/framework//microsoft/wrc32.ocx
DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} - hxxp://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab
DPF: {CAFEEFAC-0016-0000-0037-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_37-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_37-windows-i586.cab
DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} - hxxp://fpdownload2.macromedia.com/pub/shockwave/cabs/flash/swflash.cab
DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
TCP: NameServer = 192.168.1.254
TCP: Interfaces\{132375A9-1634-4F01-B8FC-6CEEA886F2E5} : DHCPNameServer = 192.168.1.254
Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - c:\program files\common files\microsoft shared\office14\MSOXMLMF.DLL
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - c:\program files\skype\toolbars\internet explorer\skypeieplugin.dll
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - c:\program files\common files\skype\Skype4COM.dll
Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - c:\program files\windows live\photo gallery\AlbumDownloadProtocolHandler.dll
SSODL: WebCheck - <orphaned>
.
================= FIREFOX ===================
.
FF - ProfilePath - c:\users\lohckm\appdata\roaming\mozilla\firefox\profiles\0v2ge1xj.default\
FF - prefs.js: browser.startup.homepage - http:sg.yahoo.com
FF - prefs.js: network.proxy.type - 0
FF - plugin: c:\progra~1\mif5ba~1\office14\NPAUTHZ.DLL
FF - plugin: c:\progra~1\mif5ba~1\office14\NPSPWRAP.DLL
FF - plugin: c:\program files\adobe\reader 11.0\reader\air\nppdf32.dll
FF - plugin: c:\program files\checkpoint\zaforcefield\trustchecker\bin\npFFApi.dll
FF - plugin: c:\program files\google\update\1.3.21.124\npGoogleUpdate3.dll
FF - plugin: c:\program files\java\jre7\bin\plugin2\npjp2.dll
FF - plugin: c:\program files\microsoft silverlight\5.1.10411.0\npctrlui.dll
FF - plugin: c:\program files\microsoft\office live\npOLW.dll
FF - plugin: c:\program files\pando networks\media booster\npPandoWebPlugin.dll
FF - plugin: c:\program files\wildtangent games\app\browserintegration\registered\3\NP_wtapp.dll
FF - plugin: c:\program files\windows live\photo gallery\NPWLPG.dll
FF - plugin: c:\windows\system32\adobe\director\np32dsw_1166636.dll
FF - plugin: c:\windows\system32\adobe\director\np32dsw_1168638.dll
FF - plugin: c:\windows\system32\macromed\flash\NPSWF32_11_5_502_135.dll
FF - plugin: c:\windows\system32\npdeployJava1.dll
FF - plugin: c:\windows\system32\npmproxy.dll
FF - ExtSQL: 2012-10-19 16:35; {CAFEEFAC-0016-0000-0037-ABCDEFFEDCBA}; c:\program files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0037-ABCDEFFEDCBA}
FF - ExtSQL: 2012-12-12 23:10; {FFB96CC1-7EB3-449D-B827-DB661701C6BB}; c:\program files\checkpoint\zaforcefield\TrustChecker
FF - ExtSQL: 2012-12-12 23:28; wrc@avast.com; c:\program files\avast software\avast\webrep\FF
.
============= SERVICES / DRIVERS ===============
.
R? 1394hub;1394 Enabled Hub
R? b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0
R? clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86
R? EagleXNt;EagleXNt
R? GamesAppService;GamesAppService
R? GGSAFERDriver;GGSAFER Driver
R? npggsvc;nProtect GameGuard Service
R? RdpVideoMiniport;Remote Desktop Video Miniport Driver
R? RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader
R? SkypeUpdate;Skype Updater
R? SrvHsfHDA;SrvHsfHDA
R? SrvHsfV92;SrvHsfV92
R? SrvHsfWinac;SrvHsfWinac
R? TsUsbFlt;TsUsbFlt
R? WatAdminSvc;Windows Activation Technologies Service
R? XDva396;XDva396
S? AMD External Events Utility;AMD External Events Utility
S? aswFsBlk;aswFsBlk
S? aswMonFlt;aswMonFlt
S? aswSnx;aswSnx
S? aswSP;aswSP
S? avast! Antivirus;avast! Antivirus
S? cfWiMAXService;ConfigFree WiMAX Service
S? CnxtHdmiAudService;Conexant UAA HDMI Function Driver for High Definition Audio Service
S? ConfigFree Service;ConfigFree Service
S? Impcd;Impcd
S? ISWKL;ZoneAlarm LTD Toolbar ISWKL
S? IswSvc;ZoneAlarm LTD Toolbar IswSvc
S? L1C;NDIS Miniport Driver for Atheros AR813x/AR815x PCI-E Ethernet Controller
S? MBAMProtector;MBAMProtector
S? MBAMScheduler;MBAMScheduler
S? MBAMService;MBAMService
S? MsgPlusService;Messenger Plus! Service
S? PGEffect;Pangu effect driver
S? QIOMem;Generic IO & Memory Access
S? TMachInfo;TMachInfo
S? TOSHIBA eco Utility Service;TOSHIBA eco Utility Service
S? TOSHIBA HDD SSD Alert Service;TOSHIBA HDD SSD Alert Service
S? TPCHSrv;TPCH Service
S? TVALZFL;TOSHIBA ACPI-Based Value Added Logical and General Purpose Device Filter Driver
S? UNS;Intel® Management & Security Application User Notification Service
.
=============== Created Last 30 ================
.
2012-12-17 03:35:30 -------- d-----w- c:\users\lohckm\appdata\local\{B39B6267-849D-47DF-86E8-A1B1D46BA33E}
2012-12-16 15:59:29 44784 ----a-w- c:\windows\system32\drivers\aswRdr2.sys
2012-12-16 15:59:27 738504 ----a-w- c:\windows\system32\drivers\aswSnx.sys
2012-12-16 15:59:26 58680 ----a-w- c:\windows\system32\drivers\aswMonFlt.sys
2012-12-16 15:59:07 41224 ----a-w- c:\windows\avastSS.scr
2012-12-16 15:34:46 -------- d-----w- c:\users\lohckm\appdata\local\{CE8B9C1C-6BB9-4D5A-9A7D-0380BA46CD6C}
2012-12-16 15:30:37 -------- d-sh--w- C:\$RECYCLE.BIN
2012-12-16 14:09:40 -------- d-----w- c:\program files\VS Revo Group
2012-12-16 14:08:21 93672 ----a-w- c:\windows\system32\WindowsAccessBridge.dll
2012-12-16 04:00:28 -------- d-----w- c:\program files\CCleaner
2012-12-16 01:32:35 -------- d-----w- c:\users\lohckm\appdata\local\{96707580-5DEE-4417-8914-3395F7DC0066}
2012-12-15 09:23:58 6812136 ----a-w- c:\programdata\microsoft\windows defender\definition updates\{e6494dd4-aecd-4c8b-9381-e887d72899d3}\mpengine.dll
2012-12-15 09:04:03 -------- d-----w- c:\users\lohckm\Tracing
2012-12-15 08:34:50 -------- d-----w- c:\users\lohckm\appdata\roaming\Anvisoft
2012-12-15 08:33:43 -------- d-----w- c:\programdata\Anvisoft
2012-12-15 08:33:41 -------- d-----w- c:\program files\Anvisoft
2012-12-15 07:45:14 -------- d-----w- c:\users\lohckm\appdata\local\{AC268486-1C97-4C77-A2C2-7DE402118EE5}
2012-12-15 06:54:14 -------- d-----w- c:\users\lohckm\appdata\local\{62EA68D2-5A1C-4160-8728-99D696AD1CA0}
2012-12-14 04:18:03 -------- d-----w- c:\windows\pss
2012-12-14 02:32:02 -------- d-----w- c:\users\lohckm\appdata\local\{26B0F0C2-504C-4A6C-A14E-FF010A1CA984}
2012-12-12 15:27:52 -------- d-----w- c:\programdata\AVAST Software
2012-12-12 15:27:52 -------- d-----w- c:\program files\AVAST Software
2012-12-12 15:11:35 -------- d-----w- c:\users\lohckm\appdata\local\{C3ED0B75-A5DF-4379-A287-8624D27320A8}
2012-12-12 15:10:11 -------- d-----w- c:\users\lohckm\appdata\roaming\CheckPoint
2012-12-12 15:07:42 -------- d-----w- c:\program files\CheckPoint
2012-12-12 15:07:40 -------- d-----w- c:\programdata\CheckPoint
2012-12-12 15:05:59 1427968 ----a-w- c:\windows\system32\inetcpl.cpl
2012-12-12 15:00:57 2345984 ----a-w- c:\windows\system32\win32k.sys
2012-12-12 15:00:52 2048 ----a-w- c:\windows\system32\tzres.dll
2012-12-12 15:00:44 34304 ----a-w- c:\windows\system32\atmlib.dll
2012-12-12 15:00:44 295424 ----a-w- c:\windows\system32\atmfd.dll
2012-12-12 13:12:50 -------- d-----w- c:\users\lohckm\appdata\roaming\Malwarebytes
2012-12-12 13:12:37 -------- d-----w- c:\programdata\Malwarebytes
2012-12-12 13:12:36 22856 ----a-w- c:\windows\system32\drivers\mbam.sys
2012-12-12 13:12:36 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2012-12-12 03:10:41 -------- d-----w- c:\users\lohckm\appdata\local\{82266040-374C-44BC-981F-9514F41E849F}
2012-12-11 07:04:51 -------- d-----w- c:\users\lohckm\appdata\local\{14C95F49-14B3-4748-B776-6EFF2EEB1A10}
2012-12-09 06:53:22 -------- d-----w- c:\users\lohckm\appdata\local\{39F920F7-038B-4E2F-8F19-AA14E1787DE9}
2012-12-08 12:55:35 -------- d-----w- c:\users\lohckm\appdata\local\{4D29FB0F-76A4-483F-BCE6-D98584C75FE2}
2012-12-07 07:23:08 -------- d-----w- c:\users\lohckm\appdata\local\{8E46349D-CCEC-4860-96E6-2F38176C0801}
2012-12-06 02:19:24 -------- d-----w- c:\users\lohckm\appdata\local\{4AA69D17-3D0A-4C62-B939-2D1D0BC9A49C}
2012-12-05 13:52:24 -------- d-----w- c:\users\lohckm\appdata\local\{E338B04E-47E8-4701-AECC-105E58978352}
2012-12-05 01:51:58 -------- d-----w- c:\users\lohckm\appdata\local\{A70BCD77-E02D-45A7-BCAC-EC1D38858C30}
2012-12-04 08:23:28 -------- d-----w- c:\users\lohckm\appdata\local\{17CBC1F1-3212-4CDD-ADB2-67870E3BBD40}
2012-12-03 08:35:58 -------- d-----w- c:\users\lohckm\appdata\local\{52A4C6A4-9855-48BE-AC7D-4A1D4EAC0670}
2012-12-02 15:00:30 -------- d-----w- c:\users\lohckm\appdata\local\{C6157DAF-A3D8-4A36-AA5F-1DF154D1BCD0}
2012-12-01 14:21:21 -------- d-----w- c:\users\lohckm\appdata\local\{964F57C9-1B3E-4DAD-BF77-FC283BF63582}
2012-11-30 04:08:58 -------- d-----w- c:\users\lohckm\appdata\local\{2D48853E-97D3-4886-9E29-3CD8EB0CA21B}
2012-11-29 08:35:42 -------- d-----w- c:\users\lohckm\appdata\local\{0FBBA364-A048-468B-B142-7702D177CC37}
2012-11-28 15:23:03 -------- d-----w- c:\users\lohckm\appdata\local\{A9231F31-0511-4B21-AB86-4A4D8C577E12}
2012-11-28 03:22:25 -------- d-----w- c:\users\lohckm\appdata\local\{AB540F63-C4E4-46B9-9FDC-370816E9DD87}
2012-11-27 14:30:21 -------- d-----w- c:\users\lohckm\appdata\local\{D1BB2BCD-D44F-46AD-B618-02E5E59BF18C}
2012-11-26 03:42:20 -------- d-----w- c:\users\lohckm\appdata\local\{5D4C341B-E197-47AF-AAED-C00B82EA8F96}
2012-11-25 07:12:15 -------- d-----w- c:\users\lohckm\appdata\local\{31060494-F9F7-4549-A881-FE5AD45BE3B4}
2012-11-24 02:41:30 -------- d-----w- c:\users\lohckm\appdata\local\{A0AE43BD-35B6-4C42-82F4-98C3535E4F62}
2012-11-22 02:32:09 9728 ----a-w- c:\windows\system32\Wdfres.dll
2012-11-22 02:32:09 526952 ----a-w- c:\windows\system32\drivers\Wdf01000.sys
2012-11-22 02:32:09 47720 ----a-w- c:\windows\system32\drivers\WdfLdr.sys
2012-11-22 02:31:45 66560 ----a-w- c:\windows\system32\drivers\WUDFPf.sys
2012-11-22 02:31:45 155136 ----a-w- c:\windows\system32\drivers\WUDFRd.sys
2012-11-22 02:31:44 73216 ----a-w- c:\windows\system32\WUDFSvc.dll
2012-11-22 02:31:44 172032 ----a-w- c:\windows\system32\WUDFPlatform.dll
2012-11-22 02:31:43 613888 ----a-w- c:\windows\system32\WUDFx.dll
2012-11-22 02:31:43 38912 ----a-w- c:\windows\system32\WUDFCoinstaller.dll
2012-11-22 02:31:43 196608 ----a-w- c:\windows\system32\WUDFHost.exe
2012-11-22 02:28:25 499712 ----a-w- c:\windows\system32\iphlpsvc.dll
2012-11-22 02:28:25 175104 ----a-w- c:\windows\system32\netcorehc.dll
2012-11-22 02:28:25 156672 ----a-w- c:\windows\system32\ncsi.dll
2012-11-22 02:28:25 1293680 ----a-w- c:\windows\system32\drivers\tcpip.sys
2012-11-22 02:28:24 52224 ----a-w- c:\windows\system32\nlaapi.dll
2012-11-22 02:28:24 35328 ----a-w- c:\windows\system32\drivers\tcpipreg.sys
2012-11-22 02:28:24 242176 ----a-w- c:\windows\system32\nlasvc.dll
2012-11-22 02:28:23 18944 ----a-w- c:\windows\system32\netevent.dll
2012-11-22 02:27:57 44032 ----a-w- c:\windows\system32\dhcpcsvc6.dll
2012-11-22 02:27:57 193536 ----a-w- c:\windows\system32\dhcpcore6.dll
2012-11-22 02:27:41 78336 ----a-w- c:\windows\system32\synceng.dll
2012-11-22 02:21:29 -------- d-----w- c:\users\lohckm\appdata\local\{ECE4DF7B-3C3C-48C9-98B2-7804D5197774}
2012-11-20 02:34:15 -------- d-----w- c:\users\lohckm\appdata\local\{0B751130-F525-4B47-A5F6-68ED745C8ECA}
2012-11-18 05:07:06 -------- d-----w- c:\users\lohckm\appdata\local\{AC00F418-5C49-40DE-824D-233111F045AC}
.
==================== Find3M ====================
.
2012-12-16 14:08:12 821736 ----a-w- c:\windows\system32\npdeployJava1.dll
2012-12-16 14:08:12 746984 ----a-w- c:\windows\system32\deployJava1.dll
2012-12-12 11:42:27 697272 ----a-w- c:\windows\system32\FlashPlayerApp.exe
2012-12-12 11:42:26 73656 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2012-11-14 02:09:22 1800704 ----a-w- c:\windows\system32\jscript9.dll
2012-11-14 01:57:37 1129472 ----a-w- c:\windows\system32\wininet.dll
2012-11-14 01:49:25 142848 ----a-w- c:\windows\system32\ieUnatt.exe
2012-11-14 01:48:27 420864 ----a-w- c:\windows\system32\vbscript.dll
2012-11-14 01:44:42 2382848 ----a-w- c:\windows\system32\mshtml.tlb
2012-11-02 05:11:31 376832 ----a-w- c:\windows\system32\dpnet.dll
2012-11-01 07:31:50 454744 ----a-w- c:\windows\system32\drivers\vsdatant.sys
2012-10-16 07:39:52 561664 ----a-w- c:\windows\apppatch\AcLayers.dll
2012-10-04 16:47:18 169984 ----a-w- c:\windows\system32\winsrv.dll
2012-10-04 16:43:05 293376 ----a-w- c:\windows\system32\KernelBase.dll
2012-10-04 14:57:58 271360 ----a-w- c:\windows\system32\conhost.exe
2012-10-04 14:41:50 6144 ---ha-w- c:\windows\system32\api-ms-win-security-base-l1-1-0.dll
2012-10-04 14:41:50 4608 ---ha-w- c:\windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2012-10-04 14:41:50 3584 ---ha-w- c:\windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2012-10-04 14:41:50 3072 ---ha-w- c:\windows\system32\api-ms-win-core-util-l1-1-0.dll
.
============= FINISH: 22:05:40.37 ===============

Attached Files



#3 gringo_pr

gringo_pr

    Bleepin Gringo


  • Malware Response Team
  • 136,772 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Puerto rico
  • Local time:09:53 AM

Posted 18 December 2012 - 12:31 AM

Greetings and Welcome to The Forums!!

My name is Gringo and I'll be glad to help you with your malware problems.

I have put together somethings for you to keep in mind while I am helping you to make things go easier and faster for both of us

  • Please do not run any tools unless instructed to do so.
    • We ask you to run different tools in a specific order to ensure the malware is completely removed from your machine, and running any additional tools may detect false positives, interfere with our tools, or cause unforeseen damage or system instability.
  • Please do not attach logs or use code boxes, just copy and paste the text.
    • Due to the high volume of logs we receive it helps to receive everything in the same format, and code boxes make the logs very difficult to read. Also, attachments require us to download and open the reports when it is easier to just read the reports in your post.
  • Please read every post completely before doing anything.
    • Pay special attention to the NOTE: lines, these entries identify an individual issue or important step in the cleanup process.
  • Please provide feedback about your experience as we go.
    • A short statement describing how the computer is working helps us understand where to go next, for example: I am still getting redirected, the computer is running normally, etc. Please do not describe the computer as "the same", this requires the extra step of looking back at your previous post.
NOTE: At the top of your post, click on the Watch Topic Button, select Immediate Notification, and click on Proceed. This will send you an e-mail as soon as I reply to your topic, allowing us to resolve the issue faster.

NOTE: Backup any files that cannot be replaced. Removing malware can be unpredictable and this step can save a lot of heartaches if things don't go as planed. You can put them on a CD/DVD, external drive or a pen drive, anywhere except on the computer.

NOTE: It is good practice to copy and paste the instructions into notepad and print them in case it is necessary for you to go offline during the cleanup process. To open notepad, navigate to Start Menu > All Programs > Accessories > Notepad. Please remember to copy the entire post so you do not miss any instructions.




These are the programs I would like you to run next, if you have any problems with these just skip it and run the next one.

-Security Check-

  • Download Security Check by screen317 from here.
  • Save it to your Desktop.
  • Double click SecurityCheck.exe and follow the onscreen instructions inside of the black box.
  • A Notepad document should open automatically called checkup.txt; please post the contents of that document.

-AdwCleaner-

  • Please download AdwCleaner by Xplode onto your desktop.
  • Close all open programs and internet browsers.
  • Double click on AdwCleaner.exe to run the tool.
  • Click on Delete.
  • Confirm each time with Ok.
  • Your computer will be rebooted automatically. A text file will open after the restart.
  • Please post the content of that logfile with your next answer.
  • You can find the logfile at C:\AdwCleaner[S1].txt as well.

--RogueKiller--

  • Download & SAVE to your Desktop RogueKiller or from here
  • Quit all programs that you may have started.
  • Please disconnect any USB or external drives from the computer before you run this scan!
  • For Vista or Windows 7, right-click and select "Run as Administrator to start"
  • For Windows XP, double-click to start.
  • Wait until Prescan has finished ...
  • Then Click on "Scan" button
  • Wait until the Status box shows "Scan Finished"
  • click on "delete"
  • Wait until the Status box shows "Deleting Finished"
  • Click on "Report" and copy/paste the content of the Notepad into your next reply.
  • The log should be found in RKreport[1].txt on your Desktop
  • Exit/Close RogueKiller+

Gringo
I Close My Topics If You Have Not Replied In 5 Days If You Will Be Longer Please Let Me Know

If I Have Not Replied To One Of My Topics In 48 Hrs Please Bump The Topic



My help is free, however, if you wish to make a small donation to show your appreciation or to help me continue the fight against Malware, then click here -->btn_donate_SM.gif<-- Don't worry every little bit helps.

Proud Graduate Of Malware Removal University

#4 Lohckm

Lohckm
  • Topic Starter

  • Members
  • 20 posts
  • OFFLINE
  •  
  • Local time:09:53 PM

Posted 18 December 2012 - 03:53 AM

Hi Gringo! Sorry for the late response as i was outside just now.

Here is the log by SecurityCheck.exe

Results of screen317's Security Check version 0.99.56
Windows 7 Service Pack 1 x86 (UAC is enabled)
Internet Explorer 9
``````````````Antivirus/Firewall Check:``````````````
Windows Firewall Disabled!
avast! Antivirus
Antivirus up to date!
`````````Anti-malware/Other Utilities Check:`````````
Malwarebytes Anti-Malware version 1.65.1.1000
CCleaner
Java™ 6 Update 37
Java 7 Update 9
Adobe Flash Player 11.5.502.135
Adobe Reader XI
Mozilla Firefox (17.0.1)
Google Chrome 23.0.1271.97
````````Process Check: objlist.exe by Laurent````````
Malwarebytes Anti-Malware mbamservice.exe
Malwarebytes Anti-Malware mbamgui.exe
Microsoft Small Business Business Contact Manager BcmSqlStartupSvc.exe
Malwarebytes' Anti-Malware mbamscheduler.exe
AVAST Software Avast AvastSvc.exe
AVAST Software Avast AvastUI.exe
CheckPoint ZoneAlarm vsmon.exe
CheckPoint ZoneAlarm zatray.exe
`````````````````System Health check`````````````````
Total Fragmentation on Drive C: 6%
````````````````````End of Log``````````````````````

#5 Lohckm

Lohckm
  • Topic Starter

  • Members
  • 20 posts
  • OFFLINE
  •  
  • Local time:09:53 PM

Posted 18 December 2012 - 03:57 AM

Hi Gringo! Here is the report by AdwCleaner.

# AdwCleaner v2.101 - Logfile created 12/18/2012 at 16:54:21
# Updated 16/12/2012 by Xplode
# Operating system : Windows 7 Home Premium Service Pack 1 (32 bits)
# User : lohckm - LOHCKM-PC
# Boot Mode : Normal
# Running from : C:\Users\lohckm\Desktop\adwcleaner.exe
# Option [Delete]


***** [Services] *****


***** [Files / Folders] *****


***** [Registry] *****


***** [Internet Browsers] *****

-\\ Internet Explorer v9.0.8112.16457

[OK] Registry is clean.

-\\ Mozilla Firefox v17.0.1 (en-GB)

Profile name : default
File : C:\Users\lohckm\AppData\Roaming\Mozilla\Firefox\Profiles\0v2ge1xj.default\prefs.js

[OK] File is clean.

-\\ Google Chrome v23.0.1271.97

File : C:\Users\lohckm\AppData\Local\Google\Chrome\User Data\Default\Preferences

[OK] File is clean.

*************************

AdwCleaner[S1].txt - [1699 octets] - [16/12/2012 22:02:17]
AdwCleaner[S2].txt - [900 octets] - [18/12/2012 16:54:21]

########## EOF - C:\AdwCleaner[S2].txt - [959 octets] ##########

#6 Lohckm

Lohckm
  • Topic Starter

  • Members
  • 20 posts
  • OFFLINE
  •  
  • Local time:09:53 PM

Posted 18 December 2012 - 04:09 AM

Hi Gringo! Here is the report from RogueKiller.

RogueKiller V8.4.0 [Dec 15 2012] by Tigzy
mail : tigzyRK<at>gmail<dot>com
Feedback : http://www.geekstogo.com/forum/files/file/413-roguekiller/
Website : http://tigzy.geekstogo.com/roguekiller.php
Blog : http://tigzyrk.blogspot.com/

Operating System : Windows 7 (6.1.7601 Service Pack 1) 32 bits version
Started in : Normal mode
User : lohckm [Admin rights]
Mode : Remove -- Date : 12/18/2012 17:05:33

Bad processes : 0

Registry Entries : 14
[TASK][SUSP PATH] {0A35DAF0-D329-4897-8BA2-DD3A722A56EB} : C:\Users\lohckm\Desktop\MARCUS\Warcraft III\Frozen Throne.exe -> DELETED
[TASK][SUSP PATH] {24DF7E16-64F2-483A-A215-80E220020756} : C:\Users\lohckm\Desktop\MARCUS\Warcraft III\Frozen Throne.exe -> DELETED
[TASK][SUSP PATH] {6018E47E-7779-4323-8BEA-9289151B855D} : C:\Users\lohckm\Desktop\MARCUS\Warcraft III\Frozen Throne.exe -> DELETED
[TASK][SUSP PATH] {6EE9D7CA-178C-4345-96A8-6D41A3B74ED8} : C:\Users\lohckm\Desktop\MARCUS\Warcraft III\Frozen Throne.exe -> DELETED
[TASK][SUSP PATH] {73A28BEB-45D0-4055-8ED6-7BA39339A9C0} : C:\Users\lohckm\Desktop\MARCUS\Warcraft III\Frozen Throne.exe -> DELETED
[TASK][SUSP PATH] {85FFE082-867E-472F-A4B7-CF6C6E1E7AE6} : C:\Users\lohckm\Desktop\MARCUS\Warcraft III\Frozen Throne.exe -> DELETED
[TASK][SUSP PATH] {A063C6D9-77F5-4BF1-8DFC-71021A4A26BC} : C:\Users\lohckm\Desktop\MARCUS\Warcraft III\Frozen Throne.exe -> DELETED
[TASK][SUSP PATH] {A18382D3-EF65-492D-905F-1F9A4A117B94} : C:\Users\lohckm\Desktop\MARCUS\Warcraft III\Frozen Throne.exe -> DELETED
[TASK][SUSP PATH] {CA05E6A0-9F9D-4A56-BAC5-1F3574ECFD65} : C:\Users\lohckm\Desktop\MARCUS\Warcraft III\Frozen Throne.exe -> DELETED
[TASK][SUSP PATH] {E96BDF0F-C1F8-46FC-A78C-0D0B656734E2} : C:\Users\lohckm\Desktop\MARCUS\Warcraft III\Frozen Throne.exe -> DELETED
[HJPOL] HKCU\[...]\System : disableregistrytools (0) -> DELETED
[HJPOL] HKLM\[...]\System : DisableRegistryTools (0) -> DELETED
[HJ DESK] HKLM\[...]\NewStartPanel : {59031a47-3f72-44a7-89c5-5595fe6b30ee} (1) -> REPLACED (0)
[HJ DESK] HKLM\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> REPLACED (0)

Particular Files / Folders:

Driver : [LOADED]

HOSTS File:
--> C:\windows\system32\drivers\etc\hosts

127.0.0.1 localhost


MBR Check:

+++++ PhysicalDrive0: TOSHIBA MK5065GSXN +++++
--- User ---
[MBR] 7152b101fddbc9984f8386d44a7c9c8b
[BSP] fdaf831bc29a23dd2daf17613d8c22a3 : Windows Vista MBR Code
Partition table:
0 - [ACTIVE] ACER (0x27) [VISIBLE] Offset (sectors): 2048 | Size: 1500 Mo
1 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 3074048 | Size: 463586 Mo
2 - [XXXXXX] NTFS (0x17) [HIDDEN!] Offset (sectors): 952498176 | Size: 11853 Mo
User = LL1 ... OK!
User = LL2 ... OK!

Finished : << RKreport[2]_D_12182012_02d1705.txt >>
RKreport[1]_S_12182012_02d1705.txt ; RKreport[2]_D_12182012_02d1705.txt

#7 gringo_pr

gringo_pr

    Bleepin Gringo


  • Malware Response Team
  • 136,772 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Puerto rico
  • Local time:09:53 AM

Posted 18 December 2012 - 04:50 AM

Hello

I Would like you to do the following.

Please print out or make a copy in notpad of any instructions given, as sometimes it is necessary to go offline and you will lose access to them.

Run Combofix:

You may be asked to install or update the Recovery Console (Win XP Only) if this happens please allow it to do so (you will need to be connected to the internet for this)

Before you run Combofix I will need you to turn off any security software you have running, If you do not know how to do this you can find out >here< or >here<

Combofix may need to reboot your computer more than once to do its job this is normal.

You can download Combofix from one of these links. I want you to save it to the desktop and run it from there.
Link 1
Link 2
Link 3
1. Close any open browsers or any other programs that are open.
2. Close/disable all anti virus and anti malware programs so they do not interfere with the running of ComboFix.

Double click on combofix.exe & follow the prompts.
When finished, it will produce a report for you.

Note 1: Do not mouseclick combofix's window while it's running. That may cause it to stall

Note 2: If you recieve an error "Illegal operation attempted on a registery key that has been marked for deletion." Please restart the computer

"information and logs"

  • In your next post I need the following
  • Log from Combofix
  • let me know of any problems you may have had
  • How is the computer doing now?

Gringo
I Close My Topics If You Have Not Replied In 5 Days If You Will Be Longer Please Let Me Know

If I Have Not Replied To One Of My Topics In 48 Hrs Please Bump The Topic



My help is free, however, if you wish to make a small donation to show your appreciation or to help me continue the fight against Malware, then click here -->btn_donate_SM.gif<-- Don't worry every little bit helps.

Proud Graduate Of Malware Removal University

#8 Lohckm

Lohckm
  • Topic Starter

  • Members
  • 20 posts
  • OFFLINE
  •  
  • Local time:09:53 PM

Posted 18 December 2012 - 07:26 AM

Hello Gringo! Sorry it took quite some time. Here is the ComboFix log.

ComboFix 12-12-17.02 - lohckm 18/12/2012 17:57:43.3.4 - x86
Microsoft Windows 7 Home Premium 6.1.7601.1.1252.65.1033.18.3062.1869 [GMT 8:00]
Running from: c:\users\lohckm\Desktop\ComboFix.exe
AV: avast! Antivirus *Disabled/Updated* {2B2D1395-420B-D5C9-657E-930FE358FC3C}
FW: ZoneAlarm Free Firewall Firewall *Disabled* {E6380B7E-D4B2-19F1-083E-56486607704B}
SP: avast! Antivirus *Disabled/Updated* {904CF271-6431-DA47-5FCE-A87D98DFB681}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
* Created a new restore point
.
.
((((((((((((((((((((((((( Files Created from 2012-11-18 to 2012-12-18 )))))))))))))))))))))))))))))))
.
.
2012-12-18 10:17 . 2012-12-18 10:17 -------- d-----w- c:\users\Default\AppData\Local\temp
2012-12-18 04:41 . 2012-12-18 04:41 -------- d-----w- c:\users\lohckm\AppData\Roaming\WildTangent
2012-12-16 15:59 . 2012-10-30 22:51 361032 ----a-w- c:\windows\system32\drivers\aswSP.sys
2012-12-16 15:59 . 2012-10-30 22:51 21256 ----a-w- c:\windows\system32\drivers\aswFsBlk.sys
2012-12-16 15:59 . 2012-10-30 22:51 54232 ----a-w- c:\windows\system32\drivers\aswTdi.sys
2012-12-16 15:59 . 2012-10-15 15:59 44784 ----a-w- c:\windows\system32\drivers\aswRdr2.sys
2012-12-16 15:59 . 2012-10-30 22:51 738504 ----a-w- c:\windows\system32\drivers\aswSnx.sys
2012-12-16 15:59 . 2012-10-30 22:51 58680 ----a-w- c:\windows\system32\drivers\aswMonFlt.sys
2012-12-16 15:59 . 2012-10-30 22:51 41224 ----a-w- c:\windows\avastSS.scr
2012-12-16 15:59 . 2012-10-30 22:50 227648 ----a-w- c:\windows\system32\aswBoot.exe
2012-12-16 14:09 . 2012-12-16 14:09 -------- d-----w- c:\program files\VS Revo Group
2012-12-16 14:08 . 2012-12-16 14:08 -------- d-----w- c:\program files\Common Files\Java
2012-12-16 14:08 . 2012-12-16 14:08 93672 ----a-w- c:\windows\system32\WindowsAccessBridge.dll
2012-12-16 04:00 . 2012-12-16 04:00 -------- d-----w- c:\program files\CCleaner
2012-12-15 09:23 . 2012-11-18 17:04 6812136 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{E6494DD4-AECD-4C8B-9381-E887D72899D3}\mpengine.dll
2012-12-15 09:04 . 2012-12-15 09:04 -------- d-----w- c:\users\lohckm\Tracing
2012-12-15 08:34 . 2012-12-15 09:05 -------- d-----w- c:\users\lohckm\AppData\Roaming\Anvisoft
2012-12-15 08:33 . 2012-12-15 08:33 -------- d-----w- c:\programdata\Anvisoft
2012-12-15 08:33 . 2012-12-15 08:33 -------- d-----w- c:\program files\Anvisoft
2012-12-12 15:27 . 2012-12-16 15:58 -------- d-----w- c:\programdata\AVAST Software
2012-12-12 15:27 . 2012-12-16 15:58 -------- d-----w- c:\program files\AVAST Software
2012-12-12 15:10 . 2012-12-12 15:10 -------- d-----w- c:\users\lohckm\AppData\Roaming\CheckPoint
2012-12-12 15:07 . 2012-12-12 15:09 -------- d-----w- c:\program files\CheckPoint
2012-12-12 15:07 . 2012-12-12 15:07 -------- d-----w- c:\programdata\CheckPoint
2012-12-12 15:05 . 2012-11-14 01:58 1427968 ----a-w- c:\windows\system32\inetcpl.cpl
2012-12-12 15:00 . 2012-11-22 02:56 2345984 ----a-w- c:\windows\system32\win32k.sys
2012-12-12 15:00 . 2012-11-09 04:42 2048 ----a-w- c:\windows\system32\tzres.dll
2012-12-12 15:00 . 2012-11-05 20:32 295424 ----a-w- c:\windows\system32\atmfd.dll
2012-12-12 15:00 . 2012-11-05 20:32 34304 ----a-w- c:\windows\system32\atmlib.dll
2012-12-12 13:12 . 2012-12-12 13:12 -------- d-----w- c:\users\lohckm\AppData\Roaming\Malwarebytes
2012-12-12 13:12 . 2012-12-12 13:12 -------- d-----w- c:\programdata\Malwarebytes
2012-12-12 13:12 . 2012-12-12 13:12 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2012-12-12 13:12 . 2012-09-29 11:54 22856 ----a-w- c:\windows\system32\drivers\mbam.sys
2012-11-28 11:43 . 2012-11-28 11:43 -------- d-----w- c:\program files\Common Files\Skype
2012-11-22 02:32 . 2012-07-26 03:39 526952 ----a-w- c:\windows\system32\drivers\Wdf01000.sys
2012-11-22 02:32 . 2012-07-26 03:39 47720 ----a-w- c:\windows\system32\drivers\WdfLdr.sys
2012-11-22 02:32 . 2012-07-26 02:46 9728 ----a-w- c:\windows\system32\Wdfres.dll
2012-11-22 02:31 . 2012-07-26 02:33 66560 ----a-w- c:\windows\system32\drivers\WUDFPf.sys
2012-11-22 02:31 . 2012-07-26 02:32 155136 ----a-w- c:\windows\system32\drivers\WUDFRd.sys
2012-11-22 02:31 . 2012-07-26 03:20 73216 ----a-w- c:\windows\system32\WUDFSvc.dll
2012-11-22 02:31 . 2012-07-26 03:20 172032 ----a-w- c:\windows\system32\WUDFPlatform.dll
2012-11-22 02:31 . 2012-07-26 03:21 196608 ----a-w- c:\windows\system32\WUDFHost.exe
2012-11-22 02:31 . 2012-07-26 03:20 613888 ----a-w- c:\windows\system32\WUDFx.dll
2012-11-22 02:31 . 2012-07-26 03:20 38912 ----a-w- c:\windows\system32\WUDFCoinstaller.dll
2012-11-22 02:28 . 2012-10-03 16:58 1293680 ----a-w- c:\windows\system32\drivers\tcpip.sys
2012-11-22 02:28 . 2012-10-03 16:42 175104 ----a-w- c:\windows\system32\netcorehc.dll
2012-11-22 02:28 . 2012-10-03 16:42 156672 ----a-w- c:\windows\system32\ncsi.dll
2012-11-22 02:28 . 2012-10-03 16:40 499712 ----a-w- c:\windows\system32\iphlpsvc.dll
2012-11-22 02:28 . 2012-10-03 16:42 52224 ----a-w- c:\windows\system32\nlaapi.dll
2012-11-22 02:28 . 2012-10-03 16:42 242176 ----a-w- c:\windows\system32\nlasvc.dll
2012-11-22 02:28 . 2012-10-03 15:21 35328 ----a-w- c:\windows\system32\drivers\tcpipreg.sys
2012-11-22 02:28 . 2012-10-03 16:42 18944 ----a-w- c:\windows\system32\netevent.dll
2012-11-22 02:27 . 2012-10-09 17:40 44032 ----a-w- c:\windows\system32\dhcpcsvc6.dll
2012-11-22 02:27 . 2012-10-09 17:40 193536 ----a-w- c:\windows\system32\dhcpcore6.dll
2012-11-22 02:27 . 2012-09-25 22:47 78336 ----a-w- c:\windows\system32\synceng.dll
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2012-12-16 14:08 . 2012-06-27 07:02 821736 ----a-w- c:\windows\system32\npdeployJava1.dll
2012-12-16 14:08 . 2011-02-14 14:48 746984 ----a-w- c:\windows\system32\deployJava1.dll
2012-12-12 11:42 . 2012-04-02 02:58 697272 ----a-w- c:\windows\system32\FlashPlayerApp.exe
2012-12-12 11:42 . 2011-05-14 13:27 73656 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2012-11-01 07:31 . 2012-11-01 07:31 454744 ----a-w- c:\windows\system32\drivers\vsdatant.sys
2012-10-16 07:39 . 2012-11-30 04:13 561664 ----a-w- c:\windows\apppatch\AcLayers.dll
2012-12-07 07:58 . 2012-12-07 07:58 262112 ----a-w- c:\program files\mozilla firefox\components\browsercomps.dll
.
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]
@="{472083B0-C522-11CF-8763-00608CC02F24}"
[HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]
2012-10-30 22:50 121528 ----a-w- c:\program files\AVAST Software\Avast\ashShell.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2010-11-20 1174016]
"Pando Media Booster"="c:\program files\Pando Networks\Media Booster\PMB.exe" [2011-07-09 3077528]
"GarenaPlus"="c:\program files\Garena Messenger\GarenaMessenger.exe" [2012-12-17 9152968]
"Skype"="c:\program files\Skype\Phone\Skype.exe" [2012-11-09 17877168]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"StartCCC"="c:\program files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2010-03-15 98304]
"TPwrMain"="c:\program files\TOSHIBA\Power Saver\TPwrMain.EXE" [2009-11-06 480608]
"HSON"="c:\program files\TOSHIBA\TBS\HSON.exe" [2009-03-09 55160]
"SmoothView"="c:\program files\Toshiba\SmoothView\SmoothView.exe" [2009-07-28 460088]
"00TCrdMain"="c:\program files\TOSHIBA\FlashCards\TCrdMain.exe" [2010-03-03 742712]
"cAudioFilterAgent"="c:\program files\Conexant\cAudioFilterAgent\cAudioFilterAgent.exe" [2010-03-10 496184]
"SynTPEnh"="c:\program files\Synaptics\SynTP\SynTPEnh.exe" [2010-03-11 1697064]
"ITSecMng"="c:\program files\TOSHIBA\Bluetooth Toshiba Stack\ItSecMng.exe" [2009-07-22 83336]
"SmartFaceVWatcher"="c:\program files\Toshiba\SmartFaceV\SmartFaceVWatcher.exe" [2009-10-20 163840]
"Teco"="c:\program files\TOSHIBA\TECO\Teco.exe" [2010-02-26 1323008]
"TosSENotify"="c:\program files\TOSHIBA\TOSHIBA HDD SSD Alert\TosWaitSrv.exe" [2010-02-06 611672]
"ToshibaServiceStation"="c:\program files\TOSHIBA\TOSHIBA Service Station\ToshibaServiceStation.exe" [2011-02-11 1295736]
"TosWaitSrv"="c:\program files\TOSHIBA\TPHM\TosWaitSrv.exe" [2010-02-24 611672]
"TWebCamera"="c:\program files\TOSHIBA\TOSHIBA Web Camera Application\TWebCamera.exe" [2010-02-24 2454840]
"TosVolRegulator"="c:\program files\TOSHIBA\TosVolRegulator\TosVolRegulator.exe" [2009-11-11 22840]
"TosNC"="c:\program files\Toshiba\BulletinBoard\TosNcCore.exe" [2010-03-09 467816]
"TosReelTimeMonitor"="c:\program files\TOSHIBA\ReelTime\TosReelTimeMonitor.exe" [2010-02-24 30040]
"PlusService"="c:\program files\Yuna Software\Messenger Plus!\PlusService.exe" [2012-09-24 802304]
"MessengerPlusForSkypeService"="c:\program files\Yuna Software\Messenger Plus! for Skype\MsgPlusForSkypeService.exe" [2012-11-22 125952]
"ISW"="c:\program files\CheckPoint\ZAForceField\ForceField.exe" [2012-11-02 738984]
"ZoneAlarm"="c:\program files\CheckPoint\ZoneAlarm\zatray.exe" [2012-11-19 73392]
"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2012-09-23 926896]
"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2012-07-03 252848]
"avast"="c:\program files\AVAST Software\Avast\avastUI.exe" [2012-10-30 4297136]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
Bluetooth Manager.lnk - c:\program files\Toshiba\Bluetooth Toshiba Stack\TosBtMng.exe [2010-1-7 2717024]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKLM\~\startupfolder\C:^Users^lohckm^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^tbhcn.lnk]
path=c:\users\lohckm\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\tbhcn.lnk
backup=c:\windows\pss\tbhcn.lnk.Startup
backupExtension=.Startup
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SmartAudio]
2010-04-28 18:31 307768 ------w- c:\program files\CONEXANT\SAII\SAIICpl.exe
.
R2 SkypeUpdate;Skype Updater;c:\program files\Skype\Updater\Updater.exe [x]
R3 1394hub;1394 Enabled Hub;c:\windows\System32\svchost.exe [x]
R3 EagleXNt;EagleXNt;c:\windows\system32\drivers\EagleXNt.sys [x]
R3 GamesAppService;GamesAppService;c:\program files\WildTangent Games\App\GamesAppService.exe [x]
R3 GGSAFERDriver;GGSAFER Driver;c:\program files\Garena\safedrv.sys [x]
R3 npggsvc;nProtect GameGuard Service;c:\windows\system32\GameMon.des [x]
R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys [x]
R3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader;c:\windows\system32\Drivers\RtsUStor.sys [x]
R3 SrvHsfHDA;SrvHsfHDA;c:\windows\system32\DRIVERS\VSTAZL3.SYS [x]
R3 SrvHsfV92;SrvHsfV92;c:\windows\system32\DRIVERS\VSTDPV3.SYS [x]
R3 SrvHsfWinac;SrvHsfWinac;c:\windows\system32\DRIVERS\VSTCNXT3.SYS [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [x]
R3 WatAdminSvc;Windows Activation Technologies Service;c:\windows\system32\Wat\WatAdminSvc.exe [x]
R3 XDva396;XDva396;c:\windows\system32\XDva396.sys [x]
S1 aswSnx;aswSnx; [x]
S1 aswSP;aswSP; [x]
S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe [x]
S2 aswFsBlk;aswFsBlk; [x]
S2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys [x]
S2 cfWiMAXService;ConfigFree WiMAX Service;c:\program files\TOSHIBA\ConfigFree\CFIWmxSvcs.exe [x]
S2 ConfigFree Service;ConfigFree Service;c:\program files\TOSHIBA\ConfigFree\CFSvcs.exe [x]
S2 ISWKL;ZoneAlarm LTD Toolbar ISWKL;c:\program files\CheckPoint\ZAForceField\ISWKL.sys [x]
S2 IswSvc;ZoneAlarm LTD Toolbar IswSvc;c:\program files\CheckPoint\ZAForceField\IswSvc.exe [x]
S2 MBAMScheduler;MBAMScheduler;c:\program files\Malwarebytes' Anti-Malware\mbamscheduler.exe [x]
S2 MBAMService;MBAMService;c:\program files\Malwarebytes' Anti-Malware\mbamservice.exe [x]
S2 MsgPlusService;Messenger Plus! Service;c:\program files\Yuna Software\Messenger Plus! for Skype\MsgPlusForSkypeService.exe [x]
S2 TOSHIBA eco Utility Service;TOSHIBA eco Utility Service;c:\program files\TOSHIBA\TECO\TecoService.exe [x]
S2 TVALZFL;TOSHIBA ACPI-Based Value Added Logical and General Purpose Device Filter Driver;c:\windows\system32\DRIVERS\TVALZFL.sys [x]
S2 UNS;Intel® Management & Security Application User Notification Service;c:\program files\Intel\Intel® Management Engine Components\UNS\UNS.exe [x]
S3 CnxtHdmiAudService;Conexant UAA HDMI Function Driver for High Definition Audio Service;c:\windows\system32\drivers\CHDMI32.sys [x]
S3 Impcd;Impcd;c:\windows\system32\DRIVERS\Impcd.sys [x]
S3 L1C;NDIS Miniport Driver for Atheros AR813x/AR815x PCI-E Ethernet Controller;c:\windows\system32\DRIVERS\L1C62x86.sys [x]
S3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [x]
S3 PGEffect;Pangu effect driver;c:\windows\system32\DRIVERS\pgeffect.sys [x]
S3 QIOMem;Generic IO & Memory Access;c:\windows\system32\DRIVERS\QIOMem.sys [x]
S3 TMachInfo;TMachInfo;c:\program files\TOSHIBA\TOSHIBA Service Station\TMachInfo.exe [x]
S3 TOSHIBA HDD SSD Alert Service;TOSHIBA HDD SSD Alert Service;c:\program files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSmartSrv.exe [x]
S3 TPCHSrv;TPCH Service;c:\program files\TOSHIBA\TPHM\TPCHSrv.exe [x]
.
.
--- Other Services/Drivers In Memory ---
.
*Deregistered* - TrueSight
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
GPSvcGroup REG_MULTI_SZ GPSvc
.
Contents of the 'Scheduled Tasks' folder
.
2012-12-18 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2012-04-02 11:42]
.
2012-12-18 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2012-12-12 15:01]
.
2012-12-18 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2012-12-12 15:01]
.
.
------- Supplementary Scan -------
.
uStart Page = about:blank
IE: E&xport to Microsoft Excel - c:\progra~1\MIF5BA~1\Office14\EXCEL.EXE/3000
IE: Se&nd to OneNote - c:\progra~1\MIF5BA~1\Office14\ONBttnIE.dll/105
TCP: DhcpNameServer = 192.168.1.254
FF - ProfilePath - c:\users\lohckm\AppData\Roaming\Mozilla\Firefox\Profiles\0v2ge1xj.default\
FF - prefs.js: browser.startup.homepage - http:sg.yahoo.com
FF - prefs.js: network.proxy.type - 0
FF - ExtSQL: 2012-10-19 16:35; {CAFEEFAC-0016-0000-0037-ABCDEFFEDCBA}; c:\program files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0037-ABCDEFFEDCBA}
FF - ExtSQL: 2012-12-12 23:10; {FFB96CC1-7EB3-449D-B827-DB661701C6BB}; c:\program files\CheckPoint\ZAForceField\TrustChecker
FF - ExtSQL: 2012-12-12 23:28; wrc@avast.com; c:\program files\AVAST Software\Avast\WebRep\FF
.
- - - - ORPHANS REMOVED - - - -
.
Toolbar-Locked - (no file)
AddRemove-LoL - c:\program files\Garena Messenger\Apps\LoL\uninst.exe
.
.
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\npggsvc]
"ImagePath"="c:\windows\system32\GameMon.des -service"
.
--------------------- LOCKED REGISTRY KEYS ---------------------
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
--------------------- DLLs Loaded Under Running Processes ---------------------
.
- - - - - - - > 'lsass.exe'(664)
c:\program files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll
.
- - - - - - - > 'Explorer.exe'(10136)
c:\program files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll
c:\program files\ATI Technologies\ATI.ACE\Core-Static\atiacmxx.dll
c:\program files\ATI Technologies\ATI.ACE\Core-Static\atiamenu.dll
.
Completion time: 2012-12-18 20:21:27
ComboFix-quarantined-files.txt 2012-12-18 12:20
.
Pre-Run: 434,790,055,936 bytes free
Post-Run: 434,602,373,120 bytes free
.
- - End Of File - - 9758605C1A1C5EE7976C1D2D544D13DB

#9 Lohckm

Lohckm
  • Topic Starter

  • Members
  • 20 posts
  • OFFLINE
  •  
  • Local time:09:53 PM

Posted 18 December 2012 - 07:42 AM

Hi Gringo. While i was surfing on the net a while ago, another pop-up just open. I suspect it is the same as Enterfactory.com. My PC is running ok. Just that the pop-ups are still happening. It happens once in a while. I can't attach the file as it is 902kb.

It has a big picture of a Palm Reader. the link is sg.vivamobile.asia:81/preader_02/index.php?tc=0&ref=AF_RINGP_preader_02_LP1 and so on.

I still have the "This webpage is not available" thing. My internet is connected so i do not suspect it is the modem or internet service provider.

Edited by Lohckm, 18 December 2012 - 07:44 AM.


#10 gringo_pr

gringo_pr

    Bleepin Gringo


  • Malware Response Team
  • 136,772 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Puerto rico
  • Local time:09:53 AM

Posted 18 December 2012 - 03:15 PM

Greetings

I want you to run these next,

Please download the latest version of TDSSKiller from here and save it to your Desktop.
  • Doubleclick on TDSSKiller.exe to run the application, then click on Change parameters.
  • Put a checkmark beside loaded modules.
  • A reboot will be needed to apply the changes. Do it.
  • TDSSKiller will launch automatically after the reboot. Also your computer may seem very slow and unusable. This is normal. Give it enough time to load your background programs.
  • Then click on Change parameters in TDSSKiller.
  • Check all boxes then click OK.
  • Click the Start Scan button.
  • The scan should take no longer than 2 minutes.
  • If a suspicious object is detected, the default action will be Skip, click on Continue.
  • If malicious objects are found, they will show in the Scan results
  • Ensure Cure (default) is selected, then click Continue > Reboot now to finish the cleaning process.
    Note: If Cure is not available, please choose Skip instead, do not choose Delete unless instructed.
  • A report will be created in your root directory, (usually C:\ folder) in the form of "TDSSKiller.[Version]_[Date]_[Time]_log.txt". Please copy and paste the contents of that file here.



Please download aswMBR to your desktop.
  • Double click the aswMBR.exe icon to run it
  • it will ask to download extra definitions - ALLOW IT
  • Click the Scan button to start the scan
  • On completion of the scan, click the save log button, save it to your desktop and post it in your next reply.

If you have any problems running either one come back and let me know

please reply with the reports from TDSSKiller and aswMBR

Gringo
I Close My Topics If You Have Not Replied In 5 Days If You Will Be Longer Please Let Me Know

If I Have Not Replied To One Of My Topics In 48 Hrs Please Bump The Topic



My help is free, however, if you wish to make a small donation to show your appreciation or to help me continue the fight against Malware, then click here -->btn_donate_SM.gif<-- Don't worry every little bit helps.

Proud Graduate Of Malware Removal University

#11 Lohckm

Lohckm
  • Topic Starter

  • Members
  • 20 posts
  • OFFLINE
  •  
  • Local time:09:53 PM

Posted 18 December 2012 - 09:45 PM

Hi Gringo! Here is the log by TDSSKiller.

10:37:14.0694 8128 TDSS rootkit removing tool 2.8.15.0 Oct 31 2012 21:47:35
10:37:15.0519 8128 ============================================================
10:37:15.0519 8128 Current date / time: 2012/12/19 10:37:15.0519
10:37:15.0519 8128 SystemInfo:
10:37:15.0519 8128
10:37:15.0519 8128 OS Version: 6.1.7601 ServicePack: 1.0
10:37:15.0519 8128 Product type: Workstation
10:37:15.0519 8128 ComputerName: LOHCKM-PC
10:37:15.0519 8128 UserName: lohckm
10:37:15.0519 8128 Windows directory: C:\windows
10:37:15.0519 8128 System windows directory: C:\windows
10:37:15.0519 8128 Processor architecture: Intel x86
10:37:15.0519 8128 Number of processors: 4
10:37:15.0519 8128 Page size: 0x1000
10:37:15.0519 8128 Boot type: Normal boot
10:37:15.0519 8128 ============================================================
10:37:17.0862 8128 Drive \Device\Harddisk0\DR0 - Size: 0x7470C06000 (465.76 Gb), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000050
10:37:17.0878 8128 ============================================================
10:37:17.0878 8128 \Device\Harddisk0\DR0:
10:37:17.0878 8128 MBR partitions:
10:37:17.0878 8128 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x2EE800, BlocksNum 0x38971000
10:37:17.0878 8128 ============================================================
10:37:17.0931 8128 C: <-> \Device\Harddisk0\DR0\Partition1
10:37:17.0931 8128 ============================================================
10:37:17.0931 8128 Initialize success
10:37:17.0931 8128 ============================================================
10:37:36.0944 8008 Deinitialize success

#12 Lohckm

Lohckm
  • Topic Starter

  • Members
  • 20 posts
  • OFFLINE
  •  
  • Local time:09:53 PM

Posted 18 December 2012 - 09:48 PM

Continued log from TDSSKiller.

10:39:29.0473 3288 TDSS rootkit removing tool 2.8.15.0 Oct 31 2012 21:47:35
10:39:30.0393 3288 ============================================================
10:39:30.0409 3288 Current date / time: 2012/12/19 10:39:30.0393
10:39:30.0409 3288 SystemInfo:
10:39:30.0409 3288
10:39:30.0409 3288 OS Version: 6.1.7601 ServicePack: 1.0
10:39:30.0409 3288 Product type: Workstation
10:39:30.0409 3288 ComputerName: LOHCKM-PC
10:39:30.0409 3288 UserName: lohckm
10:39:30.0409 3288 Windows directory: C:\windows
10:39:30.0409 3288 System windows directory: C:\windows
10:39:30.0409 3288 Processor architecture: Intel x86
10:39:30.0409 3288 Number of processors: 4
10:39:30.0409 3288 Page size: 0x1000
10:39:30.0409 3288 Boot type: Normal boot
10:39:30.0409 3288 ============================================================
10:39:31.0626 3288 BG loaded
10:39:32.0374 3288 Drive \Device\Harddisk0\DR0 - Size: 0x7470C06000 (465.76 Gb), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000050
10:39:32.0374 3288 ============================================================
10:39:32.0374 3288 \Device\Harddisk0\DR0:
10:39:32.0374 3288 MBR partitions:
10:39:32.0374 3288 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x2EE800, BlocksNum 0x38971000
10:39:32.0374 3288 ============================================================
10:39:32.0421 3288 C: <-> \Device\Harddisk0\DR0\Partition1
10:39:32.0421 3288 ============================================================
10:39:32.0421 3288 Initialize success
10:39:32.0421 3288 ============================================================
10:40:28.0110 8020 ============================================================
10:40:28.0110 8020 Scan started
10:40:28.0110 8020 Mode: Manual; SigCheck; TDLFS;
10:40:28.0110 8020 ============================================================
10:40:29.0227 8020 ================ Scan system memory ========================
10:40:29.0227 8020 System memory - ok
10:40:29.0228 8020 ================ Scan services =============================
10:40:29.0429 8020 1394hub - ok
10:40:29.0487 8020 [ 1B133875B8AA8AC48969BD3458AFE9F5 ] 1394ohci C:\windows\system32\drivers\1394ohci.sys
10:40:29.0681 8020 1394ohci - ok
10:40:29.0732 8020 [ CEA80C80BED809AA0DA6FEBC04733349 ] ACPI C:\windows\system32\drivers\ACPI.sys
10:40:29.0753 8020 ACPI - ok
10:40:29.0797 8020 [ 1EFBC664ABFF416D1D07DB115DCB264F ] AcpiPmi C:\windows\system32\drivers\acpipmi.sys
10:40:29.0852 8020 AcpiPmi - ok
10:40:29.0985 8020 [ B1EA9681502EE57F87DB71D726288A5B ] AdobeARMservice C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
10:40:30.0011 8020 AdobeARMservice - ok
10:40:30.0091 8020 [ 95CE557D16A75606CCC2D7F3B0B0BCCB ] AdobeFlashPlayerUpdateSvc C:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
10:40:30.0113 8020 AdobeFlashPlayerUpdateSvc - ok
10:40:30.0179 8020 [ 21E785EBD7DC90A06391141AAC7892FB ] adp94xx C:\windows\system32\DRIVERS\adp94xx.sys
10:40:30.0220 8020 adp94xx - ok
10:40:30.0284 8020 [ 0C676BC278D5B59FF5ABD57BBE9123F2 ] adpahci C:\windows\system32\DRIVERS\adpahci.sys
10:40:30.0320 8020 adpahci - ok
10:40:30.0356 8020 [ 7C7B5EE4B7B822EC85321FE23A27DB33 ] adpu320 C:\windows\system32\DRIVERS\adpu320.sys
10:40:30.0382 8020 adpu320 - ok
10:40:30.0416 8020 [ 8B5EEFEEC1E6D1A72A06C526628AD161 ] AeLookupSvc C:\windows\System32\aelupsvc.dll
10:40:30.0442 8020 AeLookupSvc - ok
10:40:30.0483 8020 [ 9EBBBA55060F786F0FCAA3893BFA2806 ] AFD C:\windows\system32\drivers\afd.sys
10:40:30.0532 8020 AFD - ok
10:40:30.0575 8020 [ 507812C3054C21CEF746B6EE3D04DD6E ] agp440 C:\windows\system32\drivers\agp440.sys
10:40:30.0603 8020 agp440 - ok
10:40:30.0663 8020 [ 8B30250D573A8F6B4BD23195160D8707 ] aic78xx C:\windows\system32\DRIVERS\djsvs.sys
10:40:30.0690 8020 aic78xx - ok
10:40:30.0746 8020 [ 18A54E132947CD98FEA9ACCC57F98F13 ] ALG C:\windows\System32\alg.exe
10:40:30.0794 8020 ALG - ok
10:40:30.0846 8020 [ 0D40BCF52EA90FC7DF2AEAB6503DEA44 ] aliide C:\windows\system32\drivers\aliide.sys
10:40:30.0872 8020 aliide - ok
10:40:30.0915 8020 [ 3E158A239992177C895458D9457A8859 ] AMD External Events Utility C:\windows\system32\atiesrxx.exe
10:40:30.0964 8020 AMD External Events Utility - ok
10:40:30.0987 8020 [ 3C6600A0696E90A463771C7422E23AB5 ] amdagp C:\windows\system32\drivers\amdagp.sys
10:40:31.0011 8020 amdagp - ok
10:40:31.0063 8020 [ CD5914170297126B6266860198D1D4F0 ] amdide C:\windows\system32\drivers\amdide.sys
10:40:31.0079 8020 amdide - ok
10:40:31.0115 8020 [ 00DDA200D71BAC534BF56A9DB5DFD666 ] AmdK8 C:\windows\system32\DRIVERS\amdk8.sys
10:40:31.0146 8020 AmdK8 - ok
10:40:31.0392 8020 [ 4AC9456B06B5CF56AAD4C547DD3DF553 ] amdkmdag C:\windows\system32\DRIVERS\atipmdag.sys
10:40:31.0479 8020 amdkmdag - ok
10:40:31.0513 8020 [ A9DB7F34F76BEF9C97F3574058FFCA92 ] amdkmdap C:\windows\system32\DRIVERS\atikmpag.sys
10:40:31.0544 8020 amdkmdap - ok
10:40:31.0580 8020 [ 3CBF30F5370FDA40DD3E87DF38EA53B6 ] AmdPPM C:\windows\system32\DRIVERS\amdppm.sys
10:40:31.0624 8020 AmdPPM - ok
10:40:31.0683 8020 [ D320BF87125326F996D4904FE24300FC ] amdsata C:\windows\system32\drivers\amdsata.sys
10:40:31.0711 8020 amdsata - ok
10:40:31.0752 8020 [ EA43AF0C423FF267355F74E7A53BDABA ] amdsbs C:\windows\system32\DRIVERS\amdsbs.sys
10:40:31.0782 8020 amdsbs - ok
10:40:31.0802 8020 [ 46387FB17B086D16DEA267D5BE23A2F2 ] amdxata C:\windows\system32\drivers\amdxata.sys
10:40:31.0822 8020 amdxata - ok
10:40:31.0861 8020 [ AEA177F783E20150ACE5383EE368DA19 ] AppID C:\windows\system32\drivers\appid.sys
10:40:31.0903 8020 AppID - ok
10:40:31.0943 8020 [ 62A9C86CB6085E20DB4823E4E97826F5 ] AppIDSvc C:\windows\System32\appidsvc.dll
10:40:32.0011 8020 AppIDSvc - ok
10:40:32.0063 8020 [ FB1959012294D6AD43E5304DF65E3C26 ] Appinfo C:\windows\System32\appinfo.dll
10:40:32.0116 8020 Appinfo - ok
10:40:32.0176 8020 [ 2932004F49677BD84DBC72EDB754FFB3 ] arc C:\windows\system32\DRIVERS\arc.sys
10:40:32.0194 8020 arc - ok
10:40:32.0207 8020 [ 5D6F36C46FD283AE1B57BD2E9FEB0BC7 ] arcsas C:\windows\system32\DRIVERS\arcsas.sys
10:40:32.0223 8020 arcsas - ok
10:40:32.0263 8020 [ DE6ED95AEF259979B2830450072A627B ] aswFsBlk C:\windows\system32\drivers\aswFsBlk.sys
10:40:32.0296 8020 aswFsBlk - ok
10:40:32.0364 8020 [ 62F9DCEC95F91B8E0203E85D344A7E65 ] aswMonFlt C:\windows\system32\drivers\aswMonFlt.sys
10:40:32.0378 8020 aswMonFlt - ok
10:40:32.0466 8020 [ 81F638A2DD94ABBF0B43880AB38D8DBD ] aswRdr C:\windows\System32\Drivers\aswrdr2.sys
10:40:32.0479 8020 aswRdr - ok
10:40:32.0624 8020 [ B32E9AD44A1DBB3E8095E80F8DF32B03 ] aswSnx C:\windows\system32\drivers\aswSnx.sys
10:40:32.0648 8020 aswSnx - ok
10:40:32.0676 8020 [ 67B558895695545FB0568B7541F3BCA7 ] aswSP C:\windows\system32\drivers\aswSP.sys
10:40:32.0691 8020 aswSP - ok
10:40:32.0756 8020 [ E3E73B2B73A4DFADFDDF557192C4B08A ] aswTdi C:\windows\system32\drivers\aswTdi.sys
10:40:32.0780 8020 aswTdi - ok
10:40:32.0815 8020 [ ADD2ADE1C2B285AB8378D2DAAF991481 ] AsyncMac C:\windows\system32\DRIVERS\asyncmac.sys
10:40:32.0866 8020 AsyncMac - ok
10:40:32.0913 8020 [ 338C86357871C167A96AB976519BF59E ] atapi C:\windows\system32\drivers\atapi.sys
10:40:32.0935 8020 atapi - ok
10:40:33.0003 8020 [ CE3B4E731638D2EF62FCB419BE0D39F0 ] AudioEndpointBuilder C:\windows\System32\Audiosrv.dll
10:40:33.0043 8020 AudioEndpointBuilder - ok
10:40:33.0091 8020 [ CE3B4E731638D2EF62FCB419BE0D39F0 ] Audiosrv C:\windows\System32\Audiosrv.dll
10:40:33.0132 8020 Audiosrv - ok
10:40:33.0276 8020 [ 8FA553E9AE69808D99C164733A0F9590 ] avast! Antivirus C:\Program Files\AVAST Software\Avast\AvastSvc.exe
10:40:33.0299 8020 avast! Antivirus - ok
10:40:33.0345 8020 [ 6E30D02AAC9CAC84F421622E3A2F6178 ] AxInstSV C:\windows\System32\AxInstSV.dll
10:40:33.0395 8020 AxInstSV - ok
10:40:33.0455 8020 [ 1A231ABEC60FD316EC54C66715543CEC ] b06bdrv C:\windows\system32\DRIVERS\bxvbdx.sys
10:40:33.0505 8020 b06bdrv - ok
10:40:33.0545 8020 [ BD8869EB9CDE6BBE4508D869929869EE ] b57nd60x C:\windows\system32\DRIVERS\b57nd60x.sys
10:40:33.0596 8020 b57nd60x - ok
10:40:33.0700 8020 [ CDA161020BF75B12728AE394196AD991 ] BCM43XX C:\windows\system32\DRIVERS\bcmwl6.sys
10:40:33.0758 8020 BCM43XX - ok
10:40:33.0826 8020 [ 6163664C7E9CD110AF70180C126C3FDC ] BcmSqlStartupSvc C:\Program Files\Microsoft Small Business\Business Contact Manager\BcmSqlStartupSvc.exe
10:40:33.0931 8020 BcmSqlStartupSvc - ok
10:40:33.0990 8020 [ EE1E9C3BB8228AE423DD38DB69128E71 ] BDESVC C:\windows\System32\bdesvc.dll
10:40:34.0036 8020 BDESVC - ok
10:40:34.0060 8020 [ 505506526A9D467307B3C393DEDAF858 ] Beep C:\windows\system32\drivers\Beep.sys
10:40:34.0122 8020 Beep - ok
10:40:34.0181 8020 [ 1E2BAC209D184BB851E1A187D8A29136 ] BFE C:\windows\System32\bfe.dll
10:40:34.0270 8020 BFE - ok
10:40:34.0331 8020 [ E585445D5021971FAE10393F0F1C3961 ] BITS C:\windows\system32\qmgr.dll
10:40:34.0396 8020 BITS - ok
10:40:34.0415 8020 [ 2287078ED48FCFC477B05B20CF38F36F ] blbdrive C:\windows\system32\DRIVERS\blbdrive.sys
10:40:34.0452 8020 blbdrive - ok
10:40:34.0476 8020 [ 8F2DA3028D5FCBD1A060A3DE64CD6506 ] bowser C:\windows\system32\DRIVERS\bowser.sys
10:40:34.0495 8020 bowser - ok
10:40:34.0550 8020 [ 9F9ACC7F7CCDE8A15C282D3F88B43309 ] BrFiltLo C:\windows\system32\DRIVERS\BrFiltLo.sys
10:40:34.0613 8020 BrFiltLo - ok
10:40:34.0627 8020 [ 56801AD62213A41F6497F96DEE83755A ] BrFiltUp C:\windows\system32\DRIVERS\BrFiltUp.sys
10:40:34.0659 8020 BrFiltUp - ok
10:40:34.0717 8020 [ 77361D72A04F18809D0EFB6CCEB74D4B ] BridgeMP C:\windows\system32\DRIVERS\bridge.sys
10:40:34.0781 8020 BridgeMP - ok
10:40:34.0817 8020 [ 3DAA727B5B0A45039B0E1C9A211B8400 ] Browser C:\windows\System32\browser.dll
10:40:34.0843 8020 Browser - ok
10:40:34.0866 8020 [ 845B8CE732E67F3B4133164868C666EA ] Brserid C:\windows\System32\Drivers\Brserid.sys
10:40:34.0895 8020 Brserid - ok
10:40:34.0922 8020 [ 203F0B1E73ADADBBB7B7B1FABD901F6B ] BrSerWdm C:\windows\System32\Drivers\BrSerWdm.sys
10:40:34.0960 8020 BrSerWdm - ok
10:40:34.0984 8020 [ BD456606156BA17E60A04E18016AE54B ] BrUsbMdm C:\windows\System32\Drivers\BrUsbMdm.sys
10:40:35.0018 8020 BrUsbMdm - ok
10:40:35.0050 8020 [ AF72ED54503F717A43268B3CC5FAEC2E ] BrUsbSer C:\windows\System32\Drivers\BrUsbSer.sys
10:40:35.0088 8020 BrUsbSer - ok
10:40:35.0110 8020 [ ED3DF7C56CE0084EB2034432FC56565A ] BTHMODEM C:\windows\system32\DRIVERS\bthmodem.sys
10:40:35.0147 8020 BTHMODEM - ok
10:40:35.0184 8020 [ 1DF19C96EEF6C29D1C3E1A8678E07190 ] bthserv C:\windows\system32\bthserv.dll
10:40:35.0238 8020 bthserv - ok
10:40:35.0375 8020 catchme - ok
10:40:35.0404 8020 [ 77EA11B065E0A8AB902D78145CA51E10 ] cdfs C:\windows\system32\DRIVERS\cdfs.sys
10:40:35.0471 8020 cdfs - ok
10:40:35.0521 8020 [ BE167ED0FDB9C1FA1133953C18D5A6C9 ] cdrom C:\windows\system32\drivers\cdrom.sys
10:40:35.0588 8020 cdrom - ok
10:40:35.0633 8020 [ 319C6B309773D063541D01DF8AC6F55F ] CertPropSvc C:\windows\System32\certprop.dll
10:40:35.0686 8020 CertPropSvc - ok
10:40:35.0774 8020 [ 3653FD7871E8B5B92E9C3E2945BD293D ] cfWiMAXService C:\Program Files\TOSHIBA\ConfigFree\CFIWmxSvcs.exe
10:40:35.0801 8020 cfWiMAXService - ok
10:40:35.0823 8020 [ 3FE3FE94A34DF6FB06E6418D0F6A0060 ] circlass C:\windows\system32\DRIVERS\circlass.sys
10:40:35.0863 8020 circlass - ok
10:40:35.0904 8020 [ 635181E0E9BBF16871BF5380D71DB02D ] CLFS C:\windows\system32\CLFS.sys
10:40:35.0926 8020 CLFS - ok
10:40:36.0029 8020 [ D88040F816FDA31C3B466F0FA0918F29 ] clr_optimization_v2.0.50727_32 C:\windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
10:40:36.0055 8020 clr_optimization_v2.0.50727_32 - ok
10:40:36.0116 8020 [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
10:40:36.0229 8020 clr_optimization_v4.0.30319_32 - ok
10:40:36.0256 8020 [ DEA805815E587DAD1DD2C502220B5616 ] CmBatt C:\windows\system32\DRIVERS\CmBatt.sys
10:40:36.0295 8020 CmBatt - ok
10:40:36.0320 8020 [ C537B1DB64D495B9B4717B4D6D9EDBF2 ] cmdide C:\windows\system32\drivers\cmdide.sys
10:40:36.0336 8020 cmdide - ok
10:40:36.0380 8020 [ 42F158036BD4C2FF3122BF142E60E6FD ] CNG C:\windows\system32\Drivers\cng.sys
10:40:36.0427 8020 CNG - ok
10:40:36.0461 8020 [ C2FA222AC9DB9463F801451FF65ECBE8 ] CnxtHdAudService C:\windows\system32\drivers\CHDRT32.sys
10:40:36.0479 8020 CnxtHdAudService - ok
10:40:36.0535 8020 [ 314BA59A46F9D9F1E044538DEA286797 ] CnxtHdmiAudService C:\windows\system32\drivers\CHDMI32.sys
10:40:36.0569 8020 CnxtHdmiAudService - ok
10:40:36.0604 8020 [ A6023D3823C37043986713F118A89BEE ] Compbatt C:\windows\system32\DRIVERS\compbatt.sys
10:40:36.0631 8020 Compbatt - ok
10:40:36.0664 8020 [ CBE8C58A8579CFE5FCCF809E6F114E89 ] CompositeBus C:\windows\system32\drivers\CompositeBus.sys
10:40:36.0706 8020 CompositeBus - ok
10:40:36.0721 8020 COMSysApp - ok
10:40:36.0754 8020 [ CAB0EEAF5295FC96DDD3E19DCE27E131 ] ConfigFree Service C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe
10:40:36.0776 8020 ConfigFree Service - ok
10:40:36.0797 8020 [ 2C4EBCFC84A9B44F209DFF6C6E6C61D1 ] crcdisk C:\windows\system32\DRIVERS\crcdisk.sys
10:40:36.0814 8020 crcdisk - ok
10:40:36.0859 8020 [ 96C0E38905CFD788313BE8E11DAE3F2F ] CryptSvc C:\windows\system32\cryptsvc.dll
10:40:36.0894 8020 CryptSvc - ok
10:40:36.0942 8020 [ 7660F01D3B38ACA1747E397D21D790AF ] DcomLaunch C:\windows\system32\rpcss.dll
10:40:37.0007 8020 DcomLaunch - ok
10:40:37.0042 8020 [ 8D6E10A2D9A5EED59562D9B82CF804E1 ] defragsvc C:\windows\System32\defragsvc.dll
10:40:37.0092 8020 defragsvc - ok
10:40:37.0133 8020 [ F024449C97EC1E464AAFFDA18593DB88 ] DfsC C:\windows\system32\Drivers\dfsc.sys
10:40:37.0179 8020 DfsC - ok
10:40:37.0226 8020 [ E9E01EB683C132F7FA27CD607B8A2B63 ] Dhcp C:\windows\system32\dhcpcore.dll
10:40:37.0273 8020 Dhcp - ok
10:40:37.0317 8020 [ 1A050B0274BFB3890703D490F330C0DA ] discache C:\windows\system32\drivers\discache.sys
10:40:37.0389 8020 discache - ok
10:40:37.0413 8020 [ 565003F326F99802E68CA78F2A68E9FF ] Disk C:\windows\system32\DRIVERS\disk.sys
10:40:37.0428 8020 Disk - ok
10:40:37.0450 8020 [ 33EF4861F19A0736B11314AAD9AE28D0 ] Dnscache C:\windows\System32\dnsrslvr.dll
10:40:37.0497 8020 Dnscache - ok
10:40:37.0527 8020 [ 366BA8FB4B7BB7435E3B9EACB3843F67 ] dot3svc C:\windows\System32\dot3svc.dll
10:40:37.0621 8020 dot3svc - ok
10:40:37.0665 8020 [ 8EC04CA86F1D68DA9E11952EB85973D6 ] DPS C:\windows\system32\dps.dll
10:40:37.0747 8020 DPS - ok
10:40:37.0795 8020 [ B918E7C5F9BF77202F89E1A9539F2EB4 ] drmkaud C:\windows\system32\drivers\drmkaud.sys
10:40:37.0836 8020 drmkaud - ok
10:40:37.0893 8020 [ 23F5D28378A160352BA8F817BD8C71CB ] DXGKrnl C:\windows\System32\drivers\dxgkrnl.sys
10:40:37.0933 8020 DXGKrnl - ok
10:40:37.0948 8020 EagleNT - ok
10:40:37.0961 8020 EagleXNt - ok
10:40:37.0986 8020 [ 8600142FA91C1B96367D3300AD0F3F3A ] EapHost C:\windows\System32\eapsvc.dll
10:40:38.0030 8020 EapHost - ok
10:40:38.0161 8020 [ 024E1B5CAC09731E4D868E64DBFB4AB0 ] ebdrv C:\windows\system32\DRIVERS\evbdx.sys
10:40:38.0322 8020 ebdrv - ok
10:40:38.0358 8020 [ 81951F51E318AECC2D68559E47485CC4 ] EFS C:\windows\System32\lsass.exe
10:40:38.0375 8020 EFS - ok
10:40:38.0487 8020 [ A8C362018EFC87BEB013EE28F29C0863 ] ehRecvr C:\windows\ehome\ehRecvr.exe
10:40:38.0559 8020 ehRecvr - ok
10:40:38.0596 8020 [ D389BFF34F80CAEDE417BF9D1507996A ] ehSched C:\windows\ehome\ehsched.exe
10:40:38.0639 8020 ehSched - ok
10:40:38.0687 8020 [ 0ED67910C8C326796FAA00B2BF6D9D3C ] elxstor C:\windows\system32\DRIVERS\elxstor.sys
10:40:38.0725 8020 elxstor - ok
10:40:38.0757 8020 [ 8FC3208352DD3912C94367A206AB3F11 ] ErrDev C:\windows\system32\drivers\errdev.sys
10:40:38.0791 8020 ErrDev - ok
10:40:38.0833 8020 [ F6916EFC29D9953D5D0DF06882AE8E16 ] EventSystem C:\windows\system32\es.dll
10:40:38.0892 8020 EventSystem - ok
10:40:38.0911 8020 [ 2DC9108D74081149CC8B651D3A26207F ] exfat C:\windows\system32\drivers\exfat.sys
10:40:38.0943 8020 exfat - ok
10:40:38.0998 8020 [ 7E0AB74553476622FB6AE36F73D97D35 ] fastfat C:\windows\system32\drivers\fastfat.sys
10:40:39.0068 8020 fastfat - ok
10:40:39.0141 8020 [ 967EA5B213E9984CBE270205DF37755B ] Fax C:\windows\system32\fxssvc.exe
10:40:39.0187 8020 Fax - ok
10:40:39.0206 8020 [ E817A017F82DF2A1F8CFDBDA29388B29 ] fdc C:\windows\system32\DRIVERS\fdc.sys
10:40:39.0234 8020 fdc - ok
10:40:39.0257 8020 [ F3222C893BD2F5821A0179E5C71E88FB ] fdPHost C:\windows\system32\fdPHost.dll
10:40:39.0310 8020 fdPHost - ok
10:40:39.0333 8020 [ 7DBE8CBFE79EFBDEB98C9FB08D3A9A5B ] FDResPub C:\windows\system32\fdrespub.dll
10:40:39.0370 8020 FDResPub - ok
10:40:39.0405 8020 [ 6CF00369C97F3CF563BE99BE983D13D8 ] FileInfo C:\windows\system32\drivers\fileinfo.sys
10:40:39.0421 8020 FileInfo - ok
10:40:39.0439 8020 [ 42C51DC94C91DA21CB9196EB64C45DB9 ] Filetrace C:\windows\system32\drivers\filetrace.sys
10:40:39.0473 8020 Filetrace - ok
10:40:39.0490 8020 [ 87907AA70CB3C56600F1C2FB8841579B ] flpydisk C:\windows\system32\DRIVERS\flpydisk.sys
10:40:39.0524 8020 flpydisk - ok
10:40:39.0569 8020 [ 7520EC808E0C35E0EE6F841294316653 ] FltMgr C:\windows\system32\drivers\fltmgr.sys
10:40:39.0586 8020 FltMgr - ok
10:40:39.0722 8020 [ B3A5EC6B6B6673DB7E87C2BCDBDDC074 ] FontCache C:\windows\system32\FntCache.dll
10:40:39.0773 8020 FontCache - ok
10:40:39.0827 8020 [ E56F39F6B7FDA0AC77A79B0FD3DE1A2F ] FontCache3.0.0.0 C:\windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe
10:40:39.0850 8020 FontCache3.0.0.0 - ok
10:40:39.0868 8020 [ 1A16B57943853E598CFF37FE2B8CBF1D ] FsDepends C:\windows\system32\drivers\FsDepends.sys
10:40:39.0893 8020 FsDepends - ok
10:40:39.0928 8020 [ 7DAE5EBCC80E45D3253F4923DC424D05 ] Fs_Rec C:\windows\system32\drivers\Fs_Rec.sys
10:40:39.0946 8020 Fs_Rec - ok
10:40:39.0997 8020 [ 8A73E79089B282100B9393B644CB853B ] fvevol C:\windows\system32\DRIVERS\fvevol.sys
10:40:40.0032 8020 fvevol - ok
10:40:40.0064 8020 [ 65EE0C7A58B65E74AE05637418153938 ] gagp30kx C:\windows\system32\DRIVERS\gagp30kx.sys
10:40:40.0080 8020 gagp30kx - ok
10:40:40.0211 8020 [ C403C5DB49A0F9AAF4F2128EDC0106D8 ] GamesAppService C:\Program Files\WildTangent Games\App\GamesAppService.exe
10:40:40.0228 8020 GamesAppService - ok
10:40:40.0288 8020 GGSAFERDriver - ok
10:40:40.0345 8020 [ E897EAF5ED6BA41E081060C9B447A673 ] gpsvc C:\windows\System32\gpsvc.dll
10:40:40.0404 8020 gpsvc - ok
10:40:40.0475 8020 [ 506708142BC63DABA64F2D3AD1DCD5BF ] gupdate C:\Program Files\Google\Update\GoogleUpdate.exe
10:40:40.0497 8020 gupdate - ok
10:40:40.0510 8020 [ 506708142BC63DABA64F2D3AD1DCD5BF ] gupdatem C:\Program Files\Google\Update\GoogleUpdate.exe
10:40:40.0524 8020 gupdatem - ok
10:40:40.0584 8020 [ C44E3C2BAB6837DB337DDEE7544736DB ] hcw85cir C:\windows\system32\drivers\hcw85cir.sys
10:40:40.0613 8020 hcw85cir - ok
10:40:40.0695 8020 [ A5EF29D5315111C80A5C1ABAD14C8972 ] HdAudAddService C:\windows\system32\drivers\HdAudio.sys
10:40:40.0754 8020 HdAudAddService - ok
10:40:40.0823 8020 [ 9036377B8A6C15DC2EEC53E489D159B5 ] HDAudBus C:\windows\system32\drivers\HDAudBus.sys
10:40:40.0870 8020 HDAudBus - ok
10:40:40.0898 8020 [ A88485DC6A7136C10D9A6C7E38FDFE3C ] HECI C:\windows\system32\DRIVERS\HECI.sys
10:40:40.0936 8020 HECI - ok
10:40:40.0969 8020 [ 1D58A7F3E11A9731D0EAAAA8405ACC36 ] HidBatt C:\windows\system32\DRIVERS\HidBatt.sys
10:40:41.0000 8020 HidBatt - ok
10:40:41.0012 8020 [ 89448F40E6DF260C206A193A4683BA78 ] HidBth C:\windows\system32\DRIVERS\hidbth.sys
10:40:41.0049 8020 HidBth - ok
10:40:41.0112 8020 [ CF50B4CF4A4F229B9F3C08351F99CA5E ] HidIr C:\windows\system32\DRIVERS\hidir.sys
10:40:41.0137 8020 HidIr - ok
10:40:41.0164 8020 [ 2BC6F6A1992B3A77F5F41432CA6B3B6B ] hidserv C:\windows\System32\hidserv.dll
10:40:41.0212 8020 hidserv - ok
10:40:41.0264 8020 [ 10C19F8290891AF023EAEC0832E1EB4D ] HidUsb C:\windows\system32\drivers\hidusb.sys
10:40:41.0752 8020 HidUsb - ok
10:40:41.0787 8020 [ 196B4E3F4CCCC24AF836CE58FACBB699 ] hkmsvc C:\windows\system32\kmsvc.dll
10:40:41.0826 8020 hkmsvc - ok
10:40:41.0878 8020 [ 6658F4404DE03D75FE3BA09F7ABA6A30 ] HomeGroupListener C:\windows\system32\ListSvc.dll
10:40:41.0907 8020 HomeGroupListener - ok
10:40:41.0944 8020 [ DBC02D918FFF1CAD628ACBE0C0EAA8E8 ] HomeGroupProvider C:\windows\system32\provsvc.dll
10:40:41.0981 8020 HomeGroupProvider - ok
10:40:42.0023 8020 [ 295FDC419039090EB8B49FFDBB374549 ] HpSAMD C:\windows\system32\drivers\HpSAMD.sys
10:40:42.0042 8020 HpSAMD - ok
10:40:42.0099 8020 [ 871917B07A141BFF43D76D8844D48106 ] HTTP C:\windows\system32\drivers\HTTP.sys
10:40:42.0136 8020 HTTP - ok
10:40:42.0184 8020 [ 0C4E035C7F105F1299258C90886C64C5 ] hwpolicy C:\windows\system32\drivers\hwpolicy.sys
10:40:42.0196 8020 hwpolicy - ok
10:40:42.0251 8020 [ F151F0BDC47F4A28B1B20A0818EA36D6 ] i8042prt C:\windows\system32\drivers\i8042prt.sys
10:40:42.0278 8020 i8042prt - ok
10:40:42.0315 8020 [ A5FFEB824E539C18CD23C32161AB55DB ] iaStor C:\windows\system32\DRIVERS\iaStor.sys
10:40:42.0333 8020 iaStor - ok
10:40:42.0385 8020 [ 5CD5F9A5444E6CDCB0AC89BD62D8B76E ] iaStorV C:\windows\system32\drivers\iaStorV.sys
10:40:42.0403 8020 iaStorV - ok
10:40:42.0475 8020 [ 1CF03C69B49ACB70C722DF92755C0C8C ] IDriverT C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
10:40:42.0503 8020 IDriverT ( UnsignedFile.Multi.Generic ) - warning
10:40:42.0503 8020 IDriverT - detected UnsignedFile.Multi.Generic (1)
10:40:42.0596 8020 [ C521D7EB6497BB1AF6AFA89E322FB43C ] idsvc C:\windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
10:40:42.0623 8020 idsvc - ok
10:40:42.0673 8020 [ 4173FF5708F3236CF25195FECD742915 ] iirsp C:\windows\system32\DRIVERS\iirsp.sys
10:40:42.0688 8020 iirsp - ok
10:40:42.0776 8020 [ F95622F161474511B8D80D6B093AA610 ] IKEEXT C:\windows\System32\ikeext.dll
10:40:42.0855 8020 IKEEXT - ok
10:40:42.0952 8020 [ 03C0D99BC2913226F1CEA7CB0D984659 ] Impcd C:\windows\system32\DRIVERS\Impcd.sys
10:40:42.0990 8020 Impcd - ok
10:40:43.0005 8020 [ A0F12F2C9BA6C72F3987CE780E77C130 ] intelide C:\windows\system32\drivers\intelide.sys
10:40:43.0025 8020 intelide - ok
10:40:43.0096 8020 [ 3B514D27BFC4ACCB4037BC6685F766E0 ] intelppm C:\windows\system32\DRIVERS\intelppm.sys
10:40:43.0129 8020 intelppm - ok
10:40:43.0155 8020 [ ACB364B9075A45C0736E5C47BE5CAE19 ] IPBusEnum C:\windows\system32\ipbusenum.dll
10:40:43.0213 8020 IPBusEnum - ok
10:40:43.0349 8020 [ 709D1761D3B19A932FF0238EA6D50200 ] IpFilterDriver C:\windows\system32\DRIVERS\ipfltdrv.sys
10:40:43.0408 8020 IpFilterDriver - ok
10:40:43.0455 8020 [ 58F67245D041FBE7AF88F4EAF79DF0FA ] iphlpsvc C:\windows\System32\iphlpsvc.dll
10:40:43.0496 8020 iphlpsvc - ok
10:40:43.0528 8020 [ 4BD7134618C1D2A27466A099062547BF ] IPMIDRV C:\windows\system32\drivers\IPMIDrv.sys
10:40:43.0558 8020 IPMIDRV - ok
10:40:43.0591 8020 [ A5FA468D67ABCDAA36264E463A7BB0CD ] IPNAT C:\windows\system32\drivers\ipnat.sys
10:40:43.0649 8020 IPNAT - ok
10:40:43.0684 8020 [ 42996CFF20A3084A56017B7902307E9F ] IRENUM C:\windows\system32\drivers\irenum.sys
10:40:43.0717 8020 IRENUM - ok
10:40:43.0754 8020 [ 1F32BB6B38F62F7DF1A7AB7292638A35 ] isapnp C:\windows\system32\drivers\isapnp.sys
10:40:43.0771 8020 isapnp - ok
10:40:43.0816 8020 [ CB7A9ABB12B8415BCE5D74994C7BA3AE ] iScsiPrt C:\windows\system32\drivers\msiscsi.sys
10:40:43.0849 8020 iScsiPrt - ok
10:40:43.0974 8020 [ 33112D12B95BD1DE18AF409D865DF10C ] ISWKL C:\Program Files\CheckPoint\ZAForceField\ISWKL.sys
10:40:43.0987 8020 ISWKL - ok
10:40:44.0081 8020 [ CFF1CD2C1CC8F5271967AA268982E878 ] IswSvc C:\Program Files\CheckPoint\ZAForceField\IswSvc.exe
10:40:44.0098 8020 IswSvc - ok
10:40:44.0138 8020 [ ADEF52CA1AEAE82B50DF86B56413107E ] kbdclass C:\windows\system32\drivers\kbdclass.sys
10:40:44.0150 8020 kbdclass - ok
10:40:44.0189 8020 [ 9E3CED91863E6EE98C24794D05E27A71 ] kbdhid C:\windows\system32\drivers\kbdhid.sys
10:40:44.0224 8020 kbdhid - ok
10:40:44.0246 8020 [ 81951F51E318AECC2D68559E47485CC4 ] KeyIso C:\windows\system32\lsass.exe
10:40:44.0259 8020 KeyIso - ok
10:40:44.0299 8020 [ B7895B4182C0D16F6EFADEB8081E8D36 ] KSecDD C:\windows\system32\Drivers\ksecdd.sys
10:40:44.0314 8020 KSecDD - ok
10:40:44.0330 8020 [ 5FE1ABF1AF591A3458C9CF24ED9A4D35 ] KSecPkg C:\windows\system32\Drivers\ksecpkg.sys
10:40:44.0344 8020 KSecPkg - ok
10:40:44.0380 8020 [ 89A7B9CC98D0D80C6F31B91C0A310FCD ] KtmRm C:\windows\system32\msdtckrm.dll
10:40:44.0431 8020 KtmRm - ok
10:40:44.0502 8020 [ ED8227578B0A3A3F8545388FB11782C1 ] L1C C:\windows\system32\DRIVERS\L1C62x86.sys
10:40:44.0515 8020 L1C - ok
10:40:44.0556 8020 [ D64AF876D53ECA3668BB97B51B4E70AB ] LanmanServer C:\windows\System32\srvsvc.dll
10:40:44.0624 8020 LanmanServer - ok
10:40:44.0639 8020 [ 58405E4F68BA8E4057C6E914F326ABA2 ] LanmanWorkstation C:\windows\System32\wkssvc.dll
10:40:44.0687 8020 LanmanWorkstation - ok
10:40:44.0735 8020 [ F7611EC07349979DA9B0AE1F18CCC7A6 ] lltdio C:\windows\system32\DRIVERS\lltdio.sys
10:40:44.0788 8020 lltdio - ok
10:40:44.0820 8020 [ 5700673E13A2117FA3B9020C852C01E2 ] lltdsvc C:\windows\System32\lltdsvc.dll
10:40:44.0868 8020 lltdsvc - ok
10:40:44.0899 8020 [ 55CA01BA19D0006C8F2639B6C045E08B ] lmhosts C:\windows\System32\lmhsvc.dll
10:40:44.0956 8020 lmhosts - ok
10:40:45.0045 8020 [ DBC1136A62BD4DECC3632DF650284C2E ] LMS C:\Program Files\Intel\Intel® Management Engine Components\LMS\LMS.exe
10:40:45.0068 8020 LMS - ok
10:40:45.0117 8020 [ EB119A53CCF2ACC000AC71B065B78FEF ] LSI_FC C:\windows\system32\DRIVERS\lsi_fc.sys
10:40:45.0131 8020 LSI_FC - ok
10:40:45.0145 8020 [ 8ADE1C877256A22E49B75D1CC9161F9C ] LSI_SAS C:\windows\system32\DRIVERS\lsi_sas.sys
10:40:45.0161 8020 LSI_SAS - ok
10:40:45.0176 8020 [ DC9DC3D3DAA0E276FD2EC262E38B11E9 ] LSI_SAS2 C:\windows\system32\DRIVERS\lsi_sas2.sys
10:40:45.0191 8020 LSI_SAS2 - ok
10:40:45.0205 8020 [ 0A036C7D7CAB643A7F07135AC47E0524 ] LSI_SCSI C:\windows\system32\DRIVERS\lsi_scsi.sys
10:40:45.0221 8020 LSI_SCSI - ok
10:40:45.0247 8020 [ 6703E366CC18D3B6E534F5CF7DF39CEE ] luafv C:\windows\system32\drivers\luafv.sys
10:40:45.0291 8020 luafv - ok
10:40:45.0335 8020 [ 500D089CE760D83DA2B6CBA681AA9949 ] MBAMProtector C:\windows\system32\drivers\mbam.sys
10:40:45.0361 8020 MBAMProtector - ok
10:40:45.0409 8020 [ 85B16A92B117A5A800032ECD904B86DB ] MBAMScheduler C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe
10:40:45.0441 8020 MBAMScheduler - ok
10:40:45.0501 8020 [ 20E2469DB709FC675E655CEAA11BE312 ] MBAMService C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
10:40:45.0534 8020 MBAMService - ok
10:40:45.0583 8020 [ BFB9EE8EE977EFE85D1A3105ABEF6DD1 ] Mcx2Svc C:\windows\system32\Mcx2Svc.dll
10:40:45.0613 8020 Mcx2Svc - ok
10:40:45.0642 8020 [ 0FFF5B045293002AB38EB1FD1FC2FB74 ] megasas C:\windows\system32\DRIVERS\megasas.sys
10:40:45.0659 8020 megasas - ok
10:40:45.0687 8020 [ DCBAB2920C75F390CAF1D29F675D03D6 ] MegaSR C:\windows\system32\DRIVERS\MegaSR.sys
10:40:45.0735 8020 MegaSR - ok
10:40:45.0761 8020 [ 146B6F43A673379A3C670E86D89BE5EA ] MMCSS C:\windows\system32\mmcss.dll
10:40:45.0823 8020 MMCSS - ok
10:40:45.0846 8020 [ F001861E5700EE84E2D4E52C712F4964 ] Modem C:\windows\system32\drivers\modem.sys
10:40:45.0876 8020 Modem - ok
10:40:45.0902 8020 [ 79D10964DE86B292320E9DFE02282A23 ] monitor C:\windows\system32\DRIVERS\monitor.sys
10:40:45.0938 8020 monitor - ok
10:40:45.0985 8020 [ FB18CC1D4C2E716B6B903B0AC0CC0609 ] mouclass C:\windows\system32\drivers\mouclass.sys
10:40:46.0007 8020 mouclass - ok
10:40:46.0051 8020 [ 2C388D2CD01C9042596CF3C8F3C7B24D ] mouhid C:\windows\system32\DRIVERS\mouhid.sys
10:40:46.0083 8020 mouhid - ok
10:40:46.0113 8020 [ FC8771F45ECCCFD89684E38842539B9B ] mountmgr C:\windows\system32\drivers\mountmgr.sys
10:40:46.0131 8020 mountmgr - ok
10:40:46.0208 8020 [ 8C7336950F1E69CDFD811CBBD9CF00A2 ] MozillaMaintenance C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
10:40:46.0222 8020 MozillaMaintenance - ok
10:40:46.0254 8020 [ 2D699FB6E89CE0D8DA14ECC03B3EDFE0 ] mpio C:\windows\system32\drivers\mpio.sys
10:40:46.0272 8020 mpio - ok
10:40:46.0301 8020 [ AD2723A7B53DD1AACAE6AD8C0BFBF4D0 ] mpsdrv C:\windows\system32\drivers\mpsdrv.sys
10:40:46.0347 8020 mpsdrv - ok
10:40:46.0387 8020 [ 9835584E999D25004E1EE8E5F3E3B881 ] MpsSvc C:\windows\system32\mpssvc.dll
10:40:46.0440 8020 MpsSvc - ok
10:40:46.0465 8020 [ CEB46AB7C01C9F825F8CC6BABC18166A ] MRxDAV C:\windows\system32\drivers\mrxdav.sys
10:40:46.0503 8020 MRxDAV - ok
10:40:46.0533 8020 [ 5D16C921E3671636C0EBA3BBAAC5FD25 ] mrxsmb C:\windows\system32\DRIVERS\mrxsmb.sys
10:40:46.0547 8020 mrxsmb - ok
10:40:46.0608 8020 [ 6D17A4791ACA19328C685D256349FEFC ] mrxsmb10 C:\windows\system32\DRIVERS\mrxsmb10.sys
10:40:46.0623 8020 mrxsmb10 - ok
10:40:46.0645 8020 [ B81F204D146000BE76651A50670A5E9E ] mrxsmb20 C:\windows\system32\DRIVERS\mrxsmb20.sys
10:40:46.0680 8020 mrxsmb20 - ok
10:40:46.0703 8020 [ 012C5F4E9349E711E11E0F19A8589F0A ] msahci C:\windows\system32\drivers\msahci.sys
10:40:46.0717 8020 msahci - ok
10:40:46.0733 8020 [ 55055F8AD8BE27A64C831322A780A228 ] msdsm C:\windows\system32\drivers\msdsm.sys
10:40:46.0748 8020 msdsm - ok
10:40:46.0767 8020 [ E1BCE74A3BD9902B72599C0192A07E27 ] MSDTC C:\windows\System32\msdtc.exe
10:40:46.0800 8020 MSDTC - ok
10:40:46.0834 8020 [ DAEFB28E3AF5A76ABCC2C3078C07327F ] Msfs C:\windows\system32\drivers\Msfs.sys
10:40:46.0860 8020 Msfs - ok
10:40:46.0954 8020 [ C9EAFDA6575D7ABAA4C704B78768564C ] MsgPlusService C:\Program Files\Yuna Software\Messenger Plus! for Skype\MsgPlusForSkypeService.exe
10:40:46.0978 8020 MsgPlusService ( UnsignedFile.Multi.Generic ) - warning
10:40:46.0978 8020 MsgPlusService - detected UnsignedFile.Multi.Generic (1)
10:40:47.0008 8020 [ 3E1E5767043C5AF9367F0056295E9F84 ] mshidkmdf C:\windows\System32\drivers\mshidkmdf.sys
10:40:47.0048 8020 mshidkmdf - ok
10:40:47.0098 8020 [ 0A4E5757AE09FA9622E3158CC1AEF114 ] msisadrv C:\windows\system32\drivers\msisadrv.sys
10:40:47.0110 8020 msisadrv - ok
10:40:47.0161 8020 [ 90F7D9E6B6F27E1A707D4A297F077828 ] MSiSCSI C:\windows\system32\iscsiexe.dll
10:40:47.0210 8020 MSiSCSI - ok
10:40:47.0213 8020 msiserver - ok
10:40:47.0259 8020 [ 8C0860D6366AAFFB6C5BB9DF9448E631 ] MSKSSRV C:\windows\system32\drivers\MSKSSRV.sys
10:40:47.0325 8020 MSKSSRV - ok
10:40:47.0344 8020 [ 3EA8B949F963562CEDBB549EAC0C11CE ] MSPCLOCK C:\windows\system32\drivers\MSPCLOCK.sys
10:40:47.0391 8020 MSPCLOCK - ok
10:40:47.0420 8020 [ F456E973590D663B1073E9C463B40932 ] MSPQM C:\windows\system32\drivers\MSPQM.sys
10:40:47.0464 8020 MSPQM - ok
10:40:47.0495 8020 [ 0E008FC4819D238C51D7C93E7B41E560 ] MsRPC C:\windows\system32\drivers\MsRPC.sys
10:40:47.0510 8020 MsRPC - ok
10:40:47.0543 8020 [ FC6B9FF600CC585EA38B12589BD4E246 ] mssmbios C:\windows\system32\drivers\mssmbios.sys
10:40:47.0559 8020 mssmbios - ok
10:40:47.0619 8020 MSSQL$MSSMLBIZ - ok
10:40:47.0674 8020 MSSQL$SQLEXPRESS - ok
10:40:47.0731 8020 [ 1D89EB4E2A99CABD4E81225F4F4C4B25 ] MSSQLServerADHelper c:\Program Files\Microsoft SQL Server\90\Shared\sqladhlp90.exe
10:40:47.0742 8020 MSSQLServerADHelper - ok
10:40:47.0776 8020 [ B42C6B921F61A6E55159B8BE6CD54A36 ] MSTEE C:\windows\system32\drivers\MSTEE.sys
10:40:47.0803 8020 MSTEE - ok
10:40:47.0831 8020 [ 33599130F44E1F34631CEA241DE8AC84 ] MTConfig C:\windows\system32\DRIVERS\MTConfig.sys
10:40:47.0859 8020 MTConfig - ok
10:40:47.0881 8020 [ 159FAD02F64E6381758C990F753BCC80 ] Mup C:\windows\system32\Drivers\mup.sys
10:40:47.0895 8020 Mup - ok
10:40:47.0943 8020 [ 61D57A5D7C6D9AFE10E77DAE6E1B445E ] napagent C:\windows\system32\qagentRT.dll
10:40:47.0994 8020 napagent - ok
10:40:48.0066 8020 [ 26384429FCD85D83746F63E798AB1480 ] NativeWifiP C:\windows\system32\DRIVERS\nwifi.sys
10:40:48.0102 8020 NativeWifiP - ok
10:40:48.0180 8020 [ 8C9C922D71F1CD4DEF73F186416B7896 ] NDIS C:\windows\system32\drivers\ndis.sys
10:40:48.0214 8020 NDIS - ok
10:40:48.0256 8020 [ 0E1787AA6C9191D3D319E8BAFE86F80C ] NdisCap C:\windows\system32\DRIVERS\ndiscap.sys
10:40:48.0295 8020 NdisCap - ok
10:40:48.0318 8020 [ E4A8AEC125A2E43A9E32AFEEA7C9C888 ] NdisTapi C:\windows\system32\DRIVERS\ndistapi.sys
10:40:48.0373 8020 NdisTapi - ok
10:40:48.0407 8020 [ D8A65DAFB3EB41CBB622745676FCD072 ] Ndisuio C:\windows\system32\DRIVERS\ndisuio.sys
10:40:48.0448 8020 Ndisuio - ok
10:40:48.0472 8020 [ 38FBE267E7E6983311179230FACB1017 ] NdisWan C:\windows\system32\DRIVERS\ndiswan.sys
10:40:48.0501 8020 NdisWan - ok
10:40:48.0558 8020 [ A4BDC541E69674FBFF1A8FF00BE913F2 ] NDProxy C:\windows\system32\drivers\NDProxy.sys
10:40:48.0583 8020 NDProxy - ok
10:40:48.0660 8020 [ 80B275B1CE3B0E79909DB7B39AF74D51 ] NetBIOS C:\windows\system32\DRIVERS\netbios.sys
10:40:48.0730 8020 NetBIOS - ok
10:40:48.0767 8020 [ 280122DDCF04B378EDD1AD54D71C1E54 ] NetBT C:\windows\system32\DRIVERS\netbt.sys
10:40:48.0812 8020 NetBT - ok
10:40:48.0824 8020 [ 81951F51E318AECC2D68559E47485CC4 ] Netlogon C:\windows\system32\lsass.exe
10:40:48.0841 8020 Netlogon - ok
10:40:48.0896 8020 [ 7CCCFCA7510684768DA22092D1FA4DB2 ] Netman C:\windows\System32\netman.dll
10:40:48.0950 8020 Netman - ok
10:40:48.0980 8020 [ 8C338238C16777A802D6A9211EB2BA50 ] netprofm C:\windows\System32\netprofm.dll
10:40:49.0031 8020 netprofm - ok
10:40:49.0058 8020 [ F476EC40033CDB91EFBE73EB99B8362D ] NetTcpPortSharing C:\windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe
10:40:49.0075 8020 NetTcpPortSharing - ok
10:40:49.0107 8020 [ 1D85C4B390B0EE09C7A46B91EFB2C097 ] nfrd960 C:\windows\system32\DRIVERS\nfrd960.sys
10:40:49.0126 8020 nfrd960 - ok
10:40:49.0158 8020 [ 374071043F9E4231EE43BE2BB48DD36D ] NlaSvc C:\windows\System32\nlasvc.dll
10:40:49.0193 8020 NlaSvc - ok
10:40:49.0205 8020 [ 1DB262A9F8C087E8153D89BEF3D2235F ] Npfs C:\windows\system32\drivers\Npfs.sys
10:40:49.0246 8020 Npfs - ok
10:40:49.0268 8020 npggsvc - ok
10:40:49.0313 8020 [ BA387E955E890C8A88306D9B8D06BF17 ] nsi C:\windows\system32\nsisvc.dll
10:40:49.0372 8020 nsi - ok
10:40:49.0402 8020 [ E9A0A4D07E53D8FEA2BB8387A3293C58 ] nsiproxy C:\windows\system32\drivers\nsiproxy.sys
10:40:49.0463 8020 nsiproxy - ok
10:40:49.0521 8020 [ 0D87503986BB3DFED58E343FE39DDE13 ] Ntfs C:\windows\system32\drivers\Ntfs.sys
10:40:49.0567 8020 Ntfs - ok
10:40:49.0609 8020 [ F9756A98D69098DCA8945D62858A812C ] Null C:\windows\system32\drivers\Null.sys
10:40:49.0645 8020 Null - ok
10:40:49.0672 8020 [ B3E25EE28883877076E0E1FF877D02E0 ] nvraid C:\windows\system32\drivers\nvraid.sys
10:40:49.0686 8020 nvraid - ok
10:40:49.0718 8020 [ 4380E59A170D88C4F1022EFF6719A8A4 ] nvstor C:\windows\system32\drivers\nvstor.sys
10:40:49.0733 8020 nvstor - ok
10:40:49.0759 8020 [ 5A0983915F02BAE73267CC2A041F717D ] nv_agp C:\windows\system32\drivers\nv_agp.sys
10:40:49.0776 8020 nv_agp - ok
10:40:49.0801 8020 [ 08A70A1F2CDDE9BB49B885CB817A66EB ] ohci1394 C:\windows\system32\drivers\ohci1394.sys
10:40:49.0833 8020 ohci1394 - ok
10:40:49.0911 8020 [ 9D10F99A6712E28F8ACD5641E3A7EA6B ] ose C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
10:40:49.0937 8020 ose - ok
10:40:50.0112 8020 [ 358A9CCA612C68EB2F07DDAD4CE1D8D7 ] osppsvc C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
10:40:50.0361 8020 osppsvc - ok
10:40:50.0421 8020 [ 82A8521DDC60710C3D3D3E7325209BEC ] p2pimsvc C:\windows\system32\pnrpsvc.dll
10:40:50.0469 8020 p2pimsvc - ok
10:40:50.0498 8020 [ 59C3DDD501E39E006DAC31BF55150D91 ] p2psvc C:\windows\system32\p2psvc.dll
10:40:50.0528 8020 p2psvc - ok
10:40:50.0556 8020 [ 2EA877ED5DD9713C5AC74E8EA7348D14 ] Parport C:\windows\system32\DRIVERS\parport.sys
10:40:50.0586 8020 Parport - ok
10:40:50.0615 8020 [ 3F34A1B4C5F6475F320C275E63AFCE9B ] partmgr C:\windows\system32\drivers\partmgr.sys
10:40:50.0636 8020 partmgr - ok
10:40:50.0665 8020 [ EB0A59F29C19B86479D36B35983DAADC ] Parvdm C:\windows\system32\DRIVERS\parvdm.sys
10:40:50.0703 8020 Parvdm - ok
10:40:50.0735 8020 [ 358AB7956D3160000726574083DFC8A6 ] PcaSvc C:\windows\System32\pcasvc.dll
10:40:50.0766 8020 PcaSvc - ok
10:40:50.0793 8020 [ 673E55C3498EB970088E812EA820AA8F ] pci C:\windows\system32\drivers\pci.sys
10:40:50.0807 8020 pci - ok
10:40:50.0852 8020 [ AFE86F419014DB4E5593F69FFE26CE0A ] pciide C:\windows\system32\drivers\pciide.sys
10:40:50.0869 8020 pciide - ok
10:40:50.0894 8020 [ F396431B31693E71E8A80687EF523506 ] pcmcia C:\windows\system32\DRIVERS\pcmcia.sys
10:40:50.0917 8020 pcmcia - ok
10:40:50.0928 8020 [ 250F6B43D2B613172035C6747AEEB19F ] pcw C:\windows\system32\drivers\pcw.sys
10:40:50.0943 8020 pcw - ok
10:40:50.0969 8020 [ 9E0104BA49F4E6973749A02BF41344ED ] PEAUTH C:\windows\system32\drivers\peauth.sys
10:40:51.0025 8020 PEAUTH - ok
10:40:51.0052 8020 [ 1B5011DD8D57F53AED31FF0F7D635802 ] PGEffect C:\windows\system32\DRIVERS\pgeffect.sys
10:40:51.0081 8020 PGEffect - ok
10:40:51.0179 8020 [ 414BBA67A3DED1D28437EB66AEB8A720 ] pla C:\windows\system32\pla.dll
10:40:51.0251 8020 pla - ok
10:40:51.0283 8020 [ EC7BC28D207DA09E79B3E9FAF8B232CA ] PlugPlay C:\windows\system32\umpnpmgr.dll
10:40:51.0317 8020 PlugPlay - ok
10:40:51.0350 8020 [ 63FF8572611249931EB16BB8EED6AFC8 ] PNRPAutoReg C:\windows\system32\pnrpauto.dll
10:40:51.0386 8020 PNRPAutoReg - ok
10:40:51.0409 8020 [ 82A8521DDC60710C3D3D3E7325209BEC ] PNRPsvc C:\windows\system32\pnrpsvc.dll
10:40:51.0434 8020 PNRPsvc - ok
10:40:51.0468 8020 [ 53946B69BA0836BD95B03759530C81EC ] PolicyAgent C:\windows\System32\ipsecsvc.dll
10:40:51.0509 8020 PolicyAgent - ok
10:40:51.0633 8020 [ F87D30E72E03D579A5199CCB3831D6EA ] Power C:\windows\system32\umpo.dll
10:40:51.0695 8020 Power - ok
10:40:51.0734 8020 [ 631E3E205AD6D86F2AED6A4A8E69F2DB ] PptpMiniport C:\windows\system32\DRIVERS\raspptp.sys
10:40:51.0761 8020 PptpMiniport - ok
10:40:51.0781 8020 [ 85B1E3A0C7585BC4AAE6899EC6FCF011 ] Processor C:\windows\system32\DRIVERS\processr.sys
10:40:51.0819 8020 Processor - ok
10:40:51.0853 8020 [ CADEFAC453040E370A1BDFF3973BE00D ] ProfSvc C:\windows\system32\profsvc.dll
10:40:51.0881 8020 ProfSvc - ok
10:40:51.0890 8020 [ 81951F51E318AECC2D68559E47485CC4 ] ProtectedStorage C:\windows\system32\lsass.exe
10:40:51.0906 8020 ProtectedStorage - ok
10:40:51.0957 8020 [ 6270CCAE2A86DE6D146529FE55B3246A ] Psched C:\windows\system32\DRIVERS\pacer.sys
10:40:51.0998 8020 Psched - ok
10:40:52.0074 8020 [ A0DB243AF3A2E427C172AF2BBA325473 ] QIOMem C:\windows\system32\DRIVERS\QIOMem.sys
10:40:52.0122 8020 QIOMem - ok
10:40:52.0299 8020 [ AB95ECF1F6659A60DDC166D8315B0751 ] ql2300 C:\windows\system32\DRIVERS\ql2300.sys
10:40:52.0389 8020 ql2300 - ok
10:40:52.0409 8020 [ B4DD51DD25182244B86737DC51AF2270 ] ql40xx C:\windows\system32\DRIVERS\ql40xx.sys
10:40:52.0423 8020 ql40xx - ok
10:40:52.0473 8020 [ 31AC809E7707EB580B2BDB760390765A ] QWAVE C:\windows\system32\qwave.dll
10:40:52.0504 8020 QWAVE - ok
10:40:52.0628 8020 [ 584078CA1B95CA72DF2A27C336F9719D ] QWAVEdrv C:\windows\system32\drivers\qwavedrv.sys
10:40:52.0663 8020 QWAVEdrv - ok
10:40:52.0695 8020 [ 30A81B53C766D0133BB86D234E5556AB ] RasAcd C:\windows\system32\DRIVERS\rasacd.sys
10:40:52.0727 8020 RasAcd - ok
10:40:52.0767 8020 [ 57EC4AEF73660166074D8F7F31C0D4FD ] RasAgileVpn C:\windows\system32\DRIVERS\AgileVpn.sys
10:40:52.0791 8020 RasAgileVpn - ok
10:40:52.0858 8020 [ A60F1839849C0C00739787FD5EC03F13 ] RasAuto C:\windows\System32\rasauto.dll
10:40:52.0909 8020 RasAuto - ok
10:40:52.0961 8020 [ D9F91EAFEC2815365CBE6D167E4E332A ] Rasl2tp C:\windows\system32\DRIVERS\rasl2tp.sys
10:40:53.0002 8020 Rasl2tp - ok
10:40:53.0044 8020 [ CB9E04DC05EACF5B9A36CA276D475006 ] RasMan C:\windows\System32\rasmans.dll
10:40:53.0085 8020 RasMan - ok
10:40:53.0161 8020 [ 0FE8B15916307A6AC12BFB6A63E45507 ] RasPppoe C:\windows\system32\DRIVERS\raspppoe.sys
10:40:53.0208 8020 RasPppoe - ok
10:40:53.0238 8020 [ 44101F495A83EA6401D886E7FD70096B ] RasSstp C:\windows\system32\DRIVERS\rassstp.sys
10:40:53.0291 8020 RasSstp - ok
10:40:53.0346 8020 [ D528BC58A489409BA40334EBF96A311B ] rdbss C:\windows\system32\DRIVERS\rdbss.sys
10:40:53.0405 8020 rdbss - ok
10:40:53.0430 8020 [ 0D8F05481CB76E70E1DA06EE9F0DA9DF ] rdpbus C:\windows\system32\DRIVERS\rdpbus.sys
10:40:53.0449 8020 rdpbus - ok
10:40:53.0480 8020 [ 23DAE03F29D253AE74C44F99E515F9A1 ] RDPCDD C:\windows\system32\DRIVERS\RDPCDD.sys
10:40:53.0522 8020 RDPCDD - ok
10:40:53.0548 8020 [ 5A53CA1598DD4156D44196D200C94B8A ] RDPENCDD C:\windows\system32\drivers\rdpencdd.sys
10:40:53.0594 8020 RDPENCDD - ok
10:40:53.0622 8020 [ 44B0A53CD4F27D50ED461DAE0C0B4E1F ] RDPREFMP C:\windows\system32\drivers\rdprefmp.sys
10:40:53.0669 8020 RDPREFMP - ok
10:40:53.0757 8020 [ 65375DF758CA1872AB7EBBBA457FD5E6 ] RdpVideoMiniport C:\windows\system32\drivers\rdpvideominiport.sys
10:40:53.0811 8020 RdpVideoMiniport - ok
10:40:53.0847 8020 [ F031683E6D1FEA157ABB2FF260B51E61 ] RDPWD C:\windows\system32\drivers\RDPWD.sys
10:40:53.0883 8020 RDPWD - ok
10:40:53.0934 8020 [ 518395321DC96FE2C9F0E96AC743B656 ] rdyboost C:\windows\system32\drivers\rdyboost.sys
10:40:53.0951 8020 rdyboost - ok
10:40:53.0975 8020 [ 7B5E1419717FAC363A31CC302895217A ] RemoteAccess C:\windows\System32\mprdim.dll
10:40:54.0016 8020 RemoteAccess - ok
10:40:54.0091 8020 [ CB9A8683F4EF2BF99E123D79950D7935 ] RemoteRegistry C:\windows\system32\regsvc.dll
10:40:54.0140 8020 RemoteRegistry - ok
10:40:54.0168 8020 [ 564297827D213F52C7A3A2FF749568CA ] ROOTMODEM C:\windows\system32\Drivers\RootMdm.sys
10:40:54.0215 8020 ROOTMODEM - ok
10:40:54.0266 8020 [ 78D072F35BC45D9E4E1B61895C152234 ] RpcEptMapper C:\windows\System32\RpcEpMap.dll
10:40:54.0349 8020 RpcEptMapper - ok
10:40:54.0377 8020 [ 94D36C0E44677DD26981D2BFEEF2A29D ] RpcLocator C:\windows\system32\locator.exe
10:40:54.0415 8020 RpcLocator - ok
10:40:54.0441 8020 [ 7660F01D3B38ACA1747E397D21D790AF ] RpcSs C:\windows\system32\rpcss.dll
10:40:54.0480 8020 RpcSs - ok
10:40:54.0508 8020 [ 032B0D36AD92B582D869879F5AF5B928 ] rspndr C:\windows\system32\DRIVERS\rspndr.sys
10:40:54.0538 8020 rspndr - ok
10:40:54.0682 8020 [ 867BEB23207BA425C85293BB0D3EA971 ] RSUSBSTOR C:\windows\system32\Drivers\RtsUStor.sys
10:40:54.0713 8020 RSUSBSTOR - ok
10:40:54.0736 8020 [ 81951F51E318AECC2D68559E47485CC4 ] SamSs C:\windows\system32\lsass.exe
10:40:54.0753 8020 SamSs - ok
10:40:54.0816 8020 [ 05D860DA1040F111503AC416CCEF2BCA ] sbp2port C:\windows\system32\drivers\sbp2port.sys
10:40:54.0832 8020 sbp2port - ok
10:40:54.0867 8020 [ 8FC518FFE9519C2631D37515A68009C4 ] SCardSvr C:\windows\System32\SCardSvr.dll
10:40:54.0913 8020 SCardSvr - ok
10:40:54.0954 8020 [ 0693B5EC673E34DC147E195779A4DCF6 ] scfilter C:\windows\system32\DRIVERS\scfilter.sys
10:40:54.0997 8020 scfilter - ok
10:40:55.0045 8020 [ A04BB13F8A72F8B6E8B4071723E4E336 ] Schedule C:\windows\system32\schedsvc.dll
10:40:55.0106 8020 Schedule - ok
10:40:55.0121 8020 [ 319C6B309773D063541D01DF8AC6F55F ] SCPolicySvc C:\windows\System32\certprop.dll
10:40:55.0159 8020 SCPolicySvc - ok
10:40:55.0237 8020 [ 08236C4BCE5EDD0A0318A438AF28E0F7 ] SDRSVC C:\windows\System32\SDRSVC.dll
10:40:55.0277 8020 SDRSVC - ok
10:40:55.0317 8020 [ 90A3935D05B494A5A39D37E71F09A677 ] secdrv C:\windows\system32\drivers\secdrv.sys
10:40:55.0363 8020 secdrv - ok
10:40:55.0393 8020 [ A59B3A4442C52060CC7A85293AA3546F ] seclogon C:\windows\system32\seclogon.dll
10:40:55.0444 8020 seclogon - ok
10:40:55.0470 8020 [ DCB7FCDCC97F87360F75D77425B81737 ] SENS C:\windows\system32\sens.dll
10:40:55.0514 8020 SENS - ok
10:40:55.0535 8020 [ 50087FE1EE447009C9CC2997B90DE53F ] SensrSvc C:\windows\system32\sensrsvc.dll
10:40:55.0575 8020 SensrSvc - ok
10:40:55.0620 8020 [ 9AD8B8B515E3DF6ACD4212EF465DE2D1 ] Serenum C:\windows\system32\DRIVERS\serenum.sys
10:40:55.0650 8020 Serenum - ok
10:40:55.0690 8020 [ 5FB7FCEA0490D821F26F39CC5EA3D1E2 ] Serial C:\windows\system32\DRIVERS\serial.sys
10:40:55.0729 8020 Serial - ok
10:40:55.0757 8020 [ 79BFFB520327FF916A582DFEA17AA813 ] sermouse C:\windows\system32\DRIVERS\sermouse.sys
10:40:55.0773 8020 sermouse - ok
10:40:55.0830 8020 [ 4AE380F39A0032EAB7DD953030B26D28 ] SessionEnv C:\windows\system32\sessenv.dll
10:40:55.0881 8020 SessionEnv - ok
10:40:55.0937 8020 [ 9F976E1EB233DF46FCE808D9DEA3EB9C ] sffdisk C:\windows\system32\drivers\sffdisk.sys
10:40:55.0967 8020 sffdisk - ok
10:40:55.0980 8020 [ 932A68EE27833CFD57C1639D375F2731 ] sffp_mmc C:\windows\system32\drivers\sffp_mmc.sys
10:40:56.0008 8020 sffp_mmc - ok
10:40:56.0012 8020 [ 6D4CCAEDC018F1CF52866BBBAA235982 ] sffp_sd C:\windows\system32\drivers\sffp_sd.sys
10:40:56.0044 8020 sffp_sd - ok
10:40:56.0073 8020 [ DB96666CC8312EBC45032F30B007A547 ] sfloppy C:\windows\system32\DRIVERS\sfloppy.sys
10:40:56.0095 8020 sfloppy - ok
10:40:56.0132 8020 [ D1A079A0DE2EA524513B6930C24527A2 ] SharedAccess C:\windows\System32\ipnathlp.dll
10:40:56.0185 8020 SharedAccess - ok
10:40:56.0210 8020 [ 414DA952A35BF5D50192E28263B40577 ] ShellHWDetection C:\windows\System32\shsvcs.dll
10:40:56.0241 8020 ShellHWDetection - ok
10:40:56.0254 8020 [ 2565CAC0DC9FE0371BDCE60832582B2E ] sisagp C:\windows\system32\drivers\sisagp.sys
10:40:56.0272 8020 sisagp - ok
10:40:56.0321 8020 [ A9F0486851BECB6DDA1D89D381E71055 ] SiSRaid2 C:\windows\system32\DRIVERS\SiSRaid2.sys
10:40:56.0333 8020 SiSRaid2 - ok
10:40:56.0345 8020 [ 3727097B55738E2F554972C3BE5BC1AA ] SiSRaid4 C:\windows\system32\DRIVERS\sisraid4.sys
10:40:56.0358 8020 SiSRaid4 - ok
10:40:56.0409 8020 [ A4FAB5F7818A69DA6E740943CB8F7CA9 ] SkypeUpdate C:\Program Files\Skype\Updater\Updater.exe
10:40:56.0420 8020 SkypeUpdate - ok
10:40:56.0453 8020 [ 3E21C083B8A01CB70BA1F09303010FCE ] Smb C:\windows\system32\DRIVERS\smb.sys
10:40:56.0481 8020 Smb - ok
10:40:56.0539 8020 [ 6A984831644ECA1A33FFEAE4126F4F37 ] SNMPTRAP C:\windows\System32\snmptrap.exe
10:40:56.0555 8020 SNMPTRAP - ok
10:40:56.0570 8020 [ 95CF1AE7527FB70F7816563CBC09D942 ] spldr C:\windows\system32\drivers\spldr.sys
10:40:56.0582 8020 spldr - ok
10:40:56.0620 8020 [ 9AEA093B8F9C37CF45538382CABA2475 ] Spooler C:\windows\System32\spoolsv.exe
10:40:56.0656 8020 Spooler - ok
10:40:56.0746 8020 [ CF87A1DE791347E75B98885214CED2B8 ] sppsvc C:\windows\system32\sppsvc.exe
10:40:56.0821 8020 sppsvc - ok
10:40:56.0863 8020 [ B0180B20B065D89232A78A40FE56EAA6 ] sppuinotify C:\windows\system32\sppuinotify.dll
10:40:56.0905 8020 sppuinotify - ok
10:40:56.0919 8020 [ 86EBD8B1F23E743AAD21F4D5B4D40985 ] SQLBrowser c:\Program Files\Microsoft SQL Server\90\Shared\sqlbrowser.exe
10:40:56.0934 8020 SQLBrowser - ok
10:40:56.0955 8020 [ D89083C4EB02DACA8F944B0E05E57F9D ] SQLWriter c:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
10:40:56.0966 8020 SQLWriter - ok
10:40:56.0995 8020 [ E4C2764065D66EA1D2D3EBC28FE99C46 ] srv C:\windows\system32\DRIVERS\srv.sys
10:40:57.0028 8020 srv - ok
10:40:57.0057 8020 [ 03F0545BD8D4C77FA0AE1CEEDFCC71AB ] srv2 C:\windows\system32\DRIVERS\srv2.sys
10:40:57.0073 8020 srv2 - ok
10:40:57.0107 8020 [ E00FDFAFF025E94F9821153750C35A6D ] SrvHsfHDA C:\windows\system32\DRIVERS\VSTAZL3.SYS
10:40:57.0156 8020 SrvHsfHDA - ok
10:40:57.0197 8020 [ CEB4E3B6890E1E42DCA6694D9E59E1A0 ] SrvHsfV92 C:\windows\system32\DRIVERS\VSTDPV3.SYS
10:40:57.0240 8020 SrvHsfV92 - ok
10:40:57.0302 8020 [ BC0C7EA89194C299F051C24119000E17 ] SrvHsfWinac C:\windows\system32\DRIVERS\VSTCNXT3.SYS
10:40:57.0324 8020 SrvHsfWinac - ok
10:40:57.0355 8020 [ BE6BD660CAA6F291AE06A718A4FA8ABC ] srvnet C:\windows\system32\DRIVERS\srvnet.sys
10:40:57.0378 8020 srvnet - ok
10:40:57.0419 8020 [ D887C9FD02AC9FA880F6E5027A43E118 ] SSDPSRV C:\windows\System32\ssdpsrv.dll
10:40:57.0451 8020 SSDPSRV - ok
10:40:57.0466 8020 [ D318F23BE45D5E3A107469EB64815B50 ] SstpSvc C:\windows\system32\sstpsvc.dll
10:40:57.0504 8020 SstpSvc - ok
10:40:57.0530 8020 [ DB32D325C192B801DF274BFD12A7E72B ] stexstor C:\windows\system32\DRIVERS\stexstor.sys
10:40:57.0542 8020 stexstor - ok
10:40:57.0599 8020 [ E1FB3706030FB4578A0D72C2FC3689E4 ] StiSvc C:\windows\System32\wiaservc.dll
10:40:57.0653 8020 StiSvc - ok
10:40:57.0681 8020 [ E58C78A848ADD9610A4DB6D214AF5224 ] swenum C:\windows\system32\drivers\swenum.sys
10:40:57.0694 8020 swenum - ok
10:40:57.0740 8020 [ A28BD92DF340E57B024BA433165D34D7 ] swprv C:\windows\System32\swprv.dll

#13 Lohckm

Lohckm
  • Topic Starter

  • Members
  • 20 posts
  • OFFLINE
  •  
  • Local time:09:53 PM

Posted 18 December 2012 - 09:49 PM

Continued log from TDSSKiller.

10:40:57.0780 8020 swprv - ok
10:40:57.0838 8020 [ 9A28F1C47CE0C8BBC02AAF5941AB44CD ] SynTP C:\windows\system32\DRIVERS\SynTP.sys
10:40:57.0854 8020 SynTP - ok
10:40:57.0939 8020 [ 36650D618CA34C9D357DFD3D89B2C56F ] SysMain C:\windows\system32\sysmain.dll
10:40:57.0970 8020 SysMain - ok
10:40:57.0995 8020 [ 763FECDC3D30C815FE72DD57936C6CD1 ] TabletInputService C:\windows\System32\TabSvc.dll
10:40:58.0023 8020 TabletInputService - ok
10:40:58.0055 8020 [ 613BF4820361543956909043A265C6AC ] TapiSrv C:\windows\System32\tapisrv.dll
10:40:58.0101 8020 TapiSrv - ok
10:40:58.0131 8020 [ B799D9FDB26111737F58288D8DC172D9 ] TBS C:\windows\System32\tbssvc.dll
10:40:58.0174 8020 TBS - ok
10:40:58.0265 8020 [ E23A56F843E2AEBBB209D0ACCA73C640 ] Tcpip C:\windows\system32\drivers\tcpip.sys
10:40:58.0301 8020 Tcpip - ok
10:40:58.0353 8020 [ E23A56F843E2AEBBB209D0ACCA73C640 ] TCPIP6 C:\windows\system32\DRIVERS\tcpip.sys
10:40:58.0383 8020 TCPIP6 - ok
10:40:58.0429 8020 [ 3EEBD3BD93DA46A26E89893C7AB2FF3B ] tcpipreg C:\windows\system32\drivers\tcpipreg.sys
10:40:58.0457 8020 tcpipreg - ok
10:40:58.0495 8020 [ 4084EA00D50C858D6F9038F86AE2E2D0 ] tdcmdpst C:\windows\system32\DRIVERS\tdcmdpst.sys
10:40:58.0508 8020 tdcmdpst - ok
10:40:58.0544 8020 [ 1CB91B2BD8F6DD367DFC2EF26FD751B2 ] TDPIPE C:\windows\system32\drivers\tdpipe.sys
10:40:58.0579 8020 TDPIPE - ok
10:40:58.0615 8020 [ 2C2C5AFE7EE4F620D69C23C0617651A8 ] TDTCP C:\windows\system32\drivers\tdtcp.sys
10:40:58.0635 8020 TDTCP - ok
10:40:58.0682 8020 [ B459575348C20E8121D6039DA063C704 ] tdx C:\windows\system32\DRIVERS\tdx.sys
10:40:58.0719 8020 tdx - ok
10:40:58.0741 8020 [ 04DBF4B01EA4BF25A9A3E84AFFAC9B20 ] TermDD C:\windows\system32\drivers\termdd.sys
10:40:58.0753 8020 TermDD - ok
10:40:58.0812 8020 [ 382C804C92811BE57829D8E550A900E2 ] TermService C:\windows\System32\termsrv.dll
10:40:58.0846 8020 TermService - ok
10:40:58.0877 8020 [ 42FB6AFD6B79D9FE07381609172E7CA4 ] Themes C:\windows\system32\themeservice.dll
10:40:58.0895 8020 Themes - ok
10:40:58.0905 8020 [ 146B6F43A673379A3C670E86D89BE5EA ] THREADORDER C:\windows\system32\mmcss.dll
10:40:58.0933 8020 THREADORDER - ok
10:40:58.0966 8020 [ F120967184A27E927052E8DDBB727851 ] TMachInfo C:\Program Files\TOSHIBA\TOSHIBA Service Station\TMachInfo.exe
10:40:58.0976 8020 TMachInfo - ok
10:40:59.0011 8020 [ FE65D33B7D4FF07DD1D29526A48DF810 ] TODDSrv C:\windows\system32\TODDSrv.exe
10:40:59.0023 8020 TODDSrv - ok
10:40:59.0080 8020 [ 85EDF7A274435E4DF051BB23F8E01581 ] TosCoSrv C:\Program Files\Toshiba\Power Saver\TosCoSrv.exe
10:40:59.0094 8020 TosCoSrv - ok
10:40:59.0154 8020 [ CF3AE1FE5D5D55747F1338DE5C07852A ] TOSHIBA Bluetooth Service C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtSrv.exe
10:40:59.0164 8020 TOSHIBA Bluetooth Service - ok
10:40:59.0212 8020 [ C0137AFD260FCA1FD5B754B880A1238C ] TOSHIBA eco Utility Service C:\Program Files\TOSHIBA\TECO\TecoService.exe
10:40:59.0236 8020 TOSHIBA eco Utility Service ( UnsignedFile.Multi.Generic ) - warning
10:40:59.0236 8020 TOSHIBA eco Utility Service - detected UnsignedFile.Multi.Generic (1)
10:40:59.0276 8020 [ 991E324DC137402148E01C2269632C6B ] TOSHIBA HDD SSD Alert Service C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSmartSrv.exe
10:40:59.0288 8020 TOSHIBA HDD SSD Alert Service - ok
10:40:59.0339 8020 [ 90AFA1A4451BBBEE87C9F18A665D8121 ] tosporte C:\windows\system32\DRIVERS\tosporte.sys
10:40:59.0348 8020 tosporte - ok
10:40:59.0392 8020 [ 51D7F024A66814F8BEE33E4BE394A03E ] tosrfbd C:\windows\system32\DRIVERS\tosrfbd.sys
10:40:59.0403 8020 tosrfbd - ok
10:40:59.0435 8020 [ 74392BAB3F0D4810DA8436EC79D6955D ] tosrfbnp C:\windows\system32\Drivers\tosrfbnp.sys
10:40:59.0445 8020 tosrfbnp - ok
10:40:59.0500 8020 [ 1AD9EB1B5ABD0AEEE4084C8153476F1E ] Tosrfcom C:\windows\system32\Drivers\tosrfcom.sys
10:40:59.0509 8020 Tosrfcom - ok
10:40:59.0550 8020 [ 9EE240F7029771B21CC6200BE6516D60 ] tosrfec C:\windows\system32\DRIVERS\tosrfec.sys
10:40:59.0559 8020 tosrfec - ok
10:40:59.0587 8020 [ A72A3473180F378CC07D342803FFD580 ] Tosrfhid C:\windows\system32\DRIVERS\Tosrfhid.sys
10:40:59.0596 8020 Tosrfhid - ok
10:40:59.0628 8020 [ B2A1A6538245FD69578224BBF2FD4677 ] tosrfnds C:\windows\system32\DRIVERS\tosrfnds.sys
10:40:59.0637 8020 tosrfnds - ok
10:40:59.0656 8020 [ F1CA74CCA8241D8B8A024AECC643C547 ] TosRfSnd C:\windows\system32\drivers\tosrfsnd.sys
10:40:59.0666 8020 TosRfSnd - ok
10:40:59.0706 8020 [ 18DFBB06907C169BB54F6960B9F95367 ] Tosrfusb C:\windows\system32\DRIVERS\tosrfusb.sys
10:40:59.0716 8020 Tosrfusb - ok
10:40:59.0750 8020 [ 7A3015457209333D5D08FF10A8F0C120 ] TPCHSrv C:\Program Files\TOSHIBA\TPHM\TPCHSrv.exe
10:40:59.0772 8020 TPCHSrv - ok
10:40:59.0813 8020 [ 4792C0378DB99A9BC2AE2DE6CFFF0C3A ] TrkWks C:\windows\System32\trkwks.dll
10:40:59.0859 8020 TrkWks - ok
10:40:59.0923 8020 [ 2C49B175AEE1D4364B91B531417FE583 ] TrustedInstaller C:\windows\servicing\TrustedInstaller.exe
10:40:59.0961 8020 TrustedInstaller - ok
10:40:59.0981 8020 [ 254BB140EEE3C59D6114C1A86B636877 ] tssecsrv C:\windows\system32\DRIVERS\tssecsrv.sys
10:41:00.0006 8020 tssecsrv - ok
10:41:00.0046 8020 [ 9CE253214ACAA5A7D323327D2055EFAA ] TsUsbFlt C:\windows\system32\drivers\tsusbflt.sys
10:41:00.0074 8020 TsUsbFlt - ok
10:41:00.0121 8020 [ B2FA25D9B17A68BB93D58B0556E8C90D ] tunnel C:\windows\system32\DRIVERS\tunnel.sys
10:41:00.0161 8020 tunnel - ok
10:41:00.0202 8020 [ FC24015B4052600C324C43E3A79C0664 ] TVALZ C:\windows\system32\DRIVERS\TVALZ_O.SYS
10:41:00.0212 8020 TVALZ - ok
10:41:00.0240 8020 [ 866462F5AE3F375EF83EF9DCE436031C ] TVALZFL C:\windows\system32\DRIVERS\TVALZFL.sys
10:41:00.0249 8020 TVALZFL - ok
10:41:00.0282 8020 [ 750FBCB269F4D7DD2E420C56B795DB6D ] uagp35 C:\windows\system32\DRIVERS\uagp35.sys
10:41:00.0294 8020 uagp35 - ok
10:41:00.0309 8020 [ EE43346C7E4B5E63E54F927BABBB32FF ] udfs C:\windows\system32\DRIVERS\udfs.sys
10:41:00.0352 8020 udfs - ok
10:41:00.0389 8020 [ 8344FD4FCE927880AA1AA7681D4927E5 ] UI0Detect C:\windows\system32\UI0Detect.exe
10:41:00.0421 8020 UI0Detect - ok
10:41:00.0459 8020 [ 44E8048ACE47BEFBFDC2E9BE4CBC8880 ] uliagpkx C:\windows\system32\drivers\uliagpkx.sys
10:41:00.0472 8020 uliagpkx - ok
10:41:00.0505 8020 [ D295BED4B898F0FD999FCFA9B32B071B ] umbus C:\windows\system32\drivers\umbus.sys
10:41:00.0534 8020 umbus - ok
10:41:00.0582 8020 [ 7550AD0C6998BA1CB4843E920EE0FEAC ] UmPass C:\windows\system32\DRIVERS\umpass.sys
10:41:00.0604 8020 UmPass - ok
10:41:00.0683 8020 [ 7466809E6DA561D60C2F1CE8EDE3C73F ] UNS C:\Program Files\Intel\Intel® Management Engine Components\UNS\UNS.exe
10:41:00.0727 8020 UNS - ok
10:41:00.0762 8020 [ 833FBB672460EFCE8011D262175FAD33 ] upnphost C:\windows\System32\upnphost.dll
10:41:00.0793 8020 upnphost - ok
10:41:00.0829 8020 [ BD9C55D7023C5DE374507ACC7A14E2AC ] usbccgp C:\windows\system32\DRIVERS\usbccgp.sys
10:41:00.0842 8020 usbccgp - ok
10:41:00.0864 8020 [ 04EC7CEC62EC3B6D9354EEE93327FC82 ] usbcir C:\windows\system32\drivers\usbcir.sys
10:41:00.0880 8020 usbcir - ok
10:41:00.0922 8020 [ F92DE757E4B7CE9C07C5E65423F3AE3B ] usbehci C:\windows\system32\drivers\usbehci.sys
10:41:00.0934 8020 usbehci - ok
10:41:00.0971 8020 [ 8DC94AEC6A7E644A06135AE7506DC2E9 ] usbhub C:\windows\system32\DRIVERS\usbhub.sys
10:41:00.0986 8020 usbhub - ok
10:41:01.0018 8020 [ E185D44FAC515A18D9DEDDC23C2CDF44 ] usbohci C:\windows\system32\drivers\usbohci.sys
10:41:01.0030 8020 usbohci - ok
10:41:01.0060 8020 [ 797D862FE0875E75C7CC4C1AD7B30252 ] usbprint C:\windows\system32\DRIVERS\usbprint.sys
10:41:01.0074 8020 usbprint - ok
10:41:01.0089 8020 [ F991AB9CC6B908DB552166768176896A ] USBSTOR C:\windows\system32\drivers\USBSTOR.SYS
10:41:01.0116 8020 USBSTOR - ok
10:41:01.0146 8020 [ 68DF884CF41CDADA664BEB01DAF67E3D ] usbuhci C:\windows\system32\drivers\usbuhci.sys
10:41:01.0158 8020 usbuhci - ok
10:41:01.0203 8020 [ 45F4E7BF43DB40A6C6B4D92C76CBC3F2 ] usbvideo C:\windows\System32\Drivers\usbvideo.sys
10:41:01.0233 8020 usbvideo - ok
10:41:01.0262 8020 [ 081E6E1C91AEC36758902A9F727CD23C ] UxSms C:\windows\System32\uxsms.dll
10:41:01.0300 8020 UxSms - ok
10:41:01.0313 8020 [ 81951F51E318AECC2D68559E47485CC4 ] VaultSvc C:\windows\system32\lsass.exe
10:41:01.0327 8020 VaultSvc - ok
10:41:01.0353 8020 [ A059C4C3EDB09E07D21A8E5C0AABD3CB ] vdrvroot C:\windows\system32\drivers\vdrvroot.sys
10:41:01.0366 8020 vdrvroot - ok
10:41:01.0408 8020 [ C3CD30495687C2A2F66A65CA6FD89BE9 ] vds C:\windows\System32\vds.exe
10:41:01.0463 8020 vds - ok
10:41:01.0504 8020 [ 17C408214EA61696CEC9C66E388B14F3 ] vga C:\windows\system32\DRIVERS\vgapnp.sys
10:41:01.0533 8020 vga - ok
10:41:01.0558 8020 [ 8E38096AD5C8570A6F1570A61E251561 ] VgaSave C:\windows\System32\drivers\vga.sys
10:41:01.0585 8020 VgaSave - ok
10:41:01.0607 8020 [ 5461686CCA2FDA57B024547733AB42E3 ] vhdmp C:\windows\system32\drivers\vhdmp.sys
10:41:01.0622 8020 vhdmp - ok
10:41:01.0648 8020 [ C829317A37B4BEA8F39735D4B076E923 ] viaagp C:\windows\system32\drivers\viaagp.sys
10:41:01.0661 8020 viaagp - ok
10:41:01.0687 8020 [ E02F079A6AA107F06B16549C6E5C7B74 ] ViaC7 C:\windows\system32\DRIVERS\viac7.sys
10:41:01.0713 8020 ViaC7 - ok
10:41:01.0734 8020 [ E43574F6A56A0EE11809B48C09E4FD3C ] viaide C:\windows\system32\drivers\viaide.sys
10:41:01.0747 8020 viaide - ok
10:41:01.0771 8020 [ 4C63E00F2F4B5F86AB48A58CD990F212 ] volmgr C:\windows\system32\drivers\volmgr.sys
10:41:01.0784 8020 volmgr - ok
10:41:01.0811 8020 [ B5BB72067DDDDBBFB04B2F89FF8C3C87 ] volmgrx C:\windows\system32\drivers\volmgrx.sys
10:41:01.0827 8020 volmgrx - ok
10:41:01.0849 8020 [ F497F67932C6FA693D7DE2780631CFE7 ] volsnap C:\windows\system32\drivers\volsnap.sys
10:41:01.0865 8020 volsnap - ok
10:41:01.0912 8020 [ 2A87EA684D949D74F133201E0BF79698 ] Vsdatant C:\windows\system32\DRIVERS\vsdatant.sys
10:41:01.0929 8020 Vsdatant - ok
10:41:01.0990 8020 vsmon - ok
10:41:02.0010 8020 [ 9DFA0CC2F8855A04816729651175B631 ] vsmraid C:\windows\system32\DRIVERS\vsmraid.sys
10:41:02.0024 8020 vsmraid - ok
10:41:02.0077 8020 [ 209A3B1901B83AEB8527ED211CCE9E4C ] VSS C:\windows\system32\vssvc.exe
10:41:02.0136 8020 VSS - ok
10:41:02.0156 8020 [ 90567B1E658001E79D7C8BBD3DDE5AA6 ] vwifibus C:\windows\system32\DRIVERS\vwifibus.sys
10:41:02.0192 8020 vwifibus - ok
10:41:02.0204 8020 [ 7090D3436EEB4E7DA3373090A23448F7 ] vwififlt C:\windows\system32\DRIVERS\vwififlt.sys
10:41:02.0222 8020 vwififlt - ok
10:41:02.0242 8020 [ 55187FD710E27D5095D10A472C8BAF1C ] W32Time C:\windows\system32\w32time.dll
10:41:02.0276 8020 W32Time - ok
10:41:02.0307 8020 [ DE3721E89C653AA281428C8A69745D90 ] WacomPen C:\windows\system32\DRIVERS\wacompen.sys
10:41:02.0320 8020 WacomPen - ok
10:41:02.0334 8020 [ 3C3C78515F5AB448B022BDF5B8FFDD2E ] WANARP C:\windows\system32\DRIVERS\wanarp.sys
10:41:02.0361 8020 WANARP - ok
10:41:02.0365 8020 [ 3C3C78515F5AB448B022BDF5B8FFDD2E ] Wanarpv6 C:\windows\system32\DRIVERS\wanarp.sys
10:41:02.0391 8020 Wanarpv6 - ok
10:41:02.0450 8020 [ 353A04C273EC58475D8633E75CCD5604 ] WatAdminSvc C:\windows\system32\Wat\WatAdminSvc.exe
10:41:02.0489 8020 WatAdminSvc - ok
10:41:02.0532 8020 [ 691E3285E53DCA558E1A84667F13E15A ] wbengine C:\windows\system32\wbengine.exe
10:41:02.0563 8020 wbengine - ok
10:41:02.0591 8020 [ 9614B5D29DC76AC3C29F6D2D3AA70E67 ] WbioSrvc C:\windows\System32\wbiosrvc.dll
10:41:02.0627 8020 WbioSrvc - ok
10:41:02.0657 8020 [ 34EEE0DFAADB4F691D6D5308A51315DC ] wcncsvc C:\windows\System32\wcncsvc.dll
10:41:02.0680 8020 wcncsvc - ok
10:41:02.0696 8020 [ 5D930B6357A6D2AF4D7653BDABBF352F ] WcsPlugInService C:\windows\System32\WcsPlugInService.dll
10:41:02.0725 8020 WcsPlugInService - ok
10:41:02.0750 8020 [ 1112A9BADACB47B7C0BB0392E3158DFF ] Wd C:\windows\system32\DRIVERS\wd.sys
10:41:02.0763 8020 Wd - ok
10:41:02.0799 8020 [ A840213F1ACDCC175B4D1D5AAEAC0D7A ] Wdf01000 C:\windows\system32\drivers\Wdf01000.sys
10:41:02.0821 8020 Wdf01000 - ok
10:41:02.0842 8020 [ 46EF9DC96265FD0B423DB72E7C38C2A5 ] WdiServiceHost C:\windows\system32\wdi.dll
10:41:02.0878 8020 WdiServiceHost - ok
10:41:02.0882 8020 [ 46EF9DC96265FD0B423DB72E7C38C2A5 ] WdiSystemHost C:\windows\system32\wdi.dll
10:41:02.0901 8020 WdiSystemHost - ok
10:41:02.0926 8020 [ A9D880F97530D5B8FEE278923349929D ] WebClient C:\windows\System32\webclnt.dll
10:41:02.0965 8020 WebClient - ok
10:41:02.0991 8020 [ 760F0AFE937A77CFF27153206534F275 ] Wecsvc C:\windows\system32\wecsvc.dll
10:41:03.0023 8020 Wecsvc - ok
10:41:03.0036 8020 [ AC804569BB2364FB6017370258A4091B ] wercplsupport C:\windows\System32\wercplsupport.dll
10:41:03.0065 8020 wercplsupport - ok
10:41:03.0104 8020 [ 08E420D873E4FD85241EE2421B02C4A4 ] WerSvc C:\windows\System32\WerSvc.dll
10:41:03.0142 8020 WerSvc - ok
10:41:03.0182 8020 [ 8B9A943F3B53861F2BFAF6C186168F79 ] WfpLwf C:\windows\system32\DRIVERS\wfplwf.sys
10:41:03.0208 8020 WfpLwf - ok
10:41:03.0230 8020 [ 5CF95B35E59E2A38023836FFF31BE64C ] WIMMount C:\windows\system32\drivers\wimmount.sys
10:41:03.0241 8020 WIMMount - ok
10:41:03.0297 8020 [ 3FAE8F94296001C32EAB62CD7D82E0FD ] WinDefend C:\Program Files\Windows Defender\mpsvc.dll
10:41:03.0329 8020 WinDefend - ok
10:41:03.0334 8020 WinHttpAutoProxySvc - ok
10:41:03.0382 8020 [ F62E510B6AD4C21EB9FE8668ED251826 ] Winmgmt C:\windows\system32\wbem\WMIsvc.dll
10:41:03.0408 8020 Winmgmt - ok
10:41:03.0461 8020 [ 1B91CD34EA3A90AB6A4EF0550174F4CC ] WinRM C:\windows\system32\WsmSvc.dll
10:41:03.0523 8020 WinRM - ok
10:41:03.0585 8020 [ 16935C98FF639D185086A3529B1F2067 ] Wlansvc C:\windows\System32\wlansvc.dll
10:41:03.0622 8020 Wlansvc - ok
10:41:03.0698 8020 [ FB01D4AE207B9EFDBABFC55DC95C7E31 ] wlidsvc C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
10:41:03.0733 8020 wlidsvc - ok
10:41:03.0769 8020 [ 0217679B8FCA58714C3BF2726D2CA84E ] WmiAcpi C:\windows\system32\drivers\wmiacpi.sys
10:41:03.0795 8020 WmiAcpi - ok
10:41:03.0829 8020 [ 6EB6B66517B048D87DC1856DDF1F4C3F ] wmiApSrv C:\windows\system32\wbem\WmiApSrv.exe
10:41:03.0857 8020 wmiApSrv - ok
10:41:03.0934 8020 [ 3B40D3A61AA8C21B88AE57C58AB3122E ] WMPNetworkSvc C:\Program Files\Windows Media Player\wmpnetwk.exe
10:41:03.0957 8020 WMPNetworkSvc - ok
10:41:03.0985 8020 [ A2F0EC770A92F2B3F9DE6D518E11409C ] WPCSvc C:\windows\System32\wpcsvc.dll
10:41:04.0001 8020 WPCSvc - ok
10:41:04.0041 8020 [ AA53356D60AF47EACC85BC617A4F3F66 ] WPDBusEnum C:\windows\system32\wpdbusenum.dll
10:41:04.0068 8020 WPDBusEnum - ok
10:41:04.0096 8020 [ 6DB3276587B853BF886B69528FDB048C ] ws2ifsl C:\windows\system32\drivers\ws2ifsl.sys
10:41:04.0134 8020 ws2ifsl - ok
10:41:04.0157 8020 [ 6F5D49EFE0E7164E03AE773A3FE25340 ] wscsvc C:\windows\system32\wscsvc.dll
10:41:04.0176 8020 wscsvc - ok
10:41:04.0180 8020 WSearch - ok
10:41:04.0241 8020 [ FC3EC24FCE372C89423E015A2AC1A31E ] wuauserv C:\windows\system32\wuaueng.dll
10:41:04.0284 8020 wuauserv - ok
10:41:04.0317 8020 [ 06E6F32C8D0A3F66D956F57B43A2E070 ] WudfPf C:\windows\system32\drivers\WudfPf.sys
10:41:04.0330 8020 WudfPf - ok
10:41:04.0354 8020 [ 867C301E8B790040AE9CF6486E8041DF ] WUDFRd C:\windows\system32\DRIVERS\WUDFRd.sys
10:41:04.0398 8020 WUDFRd - ok
10:41:04.0447 8020 [ FE47B7BC8EA320C2D9B5E5BF6E303765 ] wudfsvc C:\windows\System32\WUDFSvc.dll
10:41:04.0477 8020 wudfsvc - ok
10:41:04.0510 8020 [ FF2D745B560F7C71B31F30F4D49F73D2 ] WwanSvc C:\windows\System32\wwansvc.dll
10:41:04.0572 8020 WwanSvc - ok
10:41:04.0603 8020 XDva396 - ok
10:41:04.0636 8020 ================ Scan global ===============================
10:41:04.0681 8020 [ DAB748AE0439955ED2FA22357533DDDB ] C:\windows\system32\basesrv.dll
10:41:04.0714 8020 [ 93F86C5CCC37D70EA09CE5E76F3E4338 ] C:\windows\system32\winsrv.dll
10:41:04.0722 8020 [ 93F86C5CCC37D70EA09CE5E76F3E4338 ] C:\windows\system32\winsrv.dll
10:41:04.0751 8020 [ 364455805E64882844EE9ACB72522830 ] C:\windows\system32\sxssrv.dll
10:41:04.0775 8020 [ 5F1B6A9C35D3D5CA72D6D6FDEF9747D6 ] C:\windows\system32\services.exe
10:41:04.0779 8020 [Global] - ok
10:41:04.0780 8020 ================ Scan MBR ==================================
10:41:04.0798 8020 [ 5B5E648D12FCADC244C1EC30318E1EB9 ] \Device\Harddisk0\DR0
10:41:05.0488 8020 \Device\Harddisk0\DR0 - ok
10:41:05.0489 8020 ================ Scan VBR ==================================
10:41:05.0513 8020 [ 5488D029CB705E35E1078535F85B3681 ] \Device\Harddisk0\DR0\Partition1
10:41:05.0515 8020 \Device\Harddisk0\DR0\Partition1 - ok
10:41:05.0515 8020 ================ Scan active images ========================
10:41:05.0519 8020 [ B7EFEF22FF426EC4158A177CB3B558D3 ] C:\Windows\System32\drivers\crashdmp.sys
10:41:05.0519 8020 C:\Windows\System32\drivers\crashdmp.sys - ok
10:41:05.0525 8020 [ 62A63EF2F3053B461CB327E4D69AAA74 ] C:\Windows\System32\drivers\dumpfve.sys
10:41:05.0525 8020 C:\Windows\System32\drivers\dumpfve.sys - ok
10:41:05.0530 8020 [ A5FFEB824E539C18CD23C32161AB55DB ] C:\Windows\System32\drivers\iaStor.sys
10:41:05.0531 8020 C:\Windows\System32\drivers\iaStor.sys - ok
10:41:05.0536 8020 [ BE167ED0FDB9C1FA1133953C18D5A6C9 ] C:\Windows\System32\drivers\cdrom.sys
10:41:05.0536 8020 C:\Windows\System32\drivers\cdrom.sys - ok
10:41:05.0543 8020 [ B32E9AD44A1DBB3E8095E80F8DF32B03 ] C:\Windows\System32\drivers\aswSnx.sys
10:41:05.0543 8020 C:\Windows\System32\drivers\aswSnx.sys - ok
10:41:05.0549 8020 [ 505506526A9D467307B3C393DEDAF858 ] C:\Windows\System32\drivers\beep.sys
10:41:05.0549 8020 C:\Windows\System32\drivers\beep.sys - ok
10:41:05.0554 8020 [ F9756A98D69098DCA8945D62858A812C ] C:\Windows\System32\drivers\null.sys
10:41:05.0554 8020 C:\Windows\System32\drivers\null.sys - ok
10:41:05.0558 8020 [ 8E38096AD5C8570A6F1570A61E251561 ] C:\Windows\System32\drivers\vga.sys
10:41:05.0558 8020 C:\Windows\System32\drivers\vga.sys - ok
10:41:05.0562 8020 [ 15C126D1B55814B9E5CAB10A9C1F4C67 ] C:\Windows\System32\drivers\videoprt.sys
10:41:05.0562 8020 C:\Windows\System32\drivers\videoprt.sys - ok
10:41:05.0565 8020 [ CB45A417C8EF7BA6BAC67EDCDDED8700 ] C:\Windows\System32\drivers\watchdog.sys
10:41:05.0565 8020 C:\Windows\System32\drivers\watchdog.sys - ok
10:41:05.0569 8020 [ 23DAE03F29D253AE74C44F99E515F9A1 ] C:\Windows\System32\drivers\RDPCDD.sys
10:41:05.0569 8020 C:\Windows\System32\drivers\RDPCDD.sys - ok
10:41:05.0572 8020 [ 5A53CA1598DD4156D44196D200C94B8A ] C:\Windows\System32\drivers\RDPENCDD.sys
10:41:05.0572 8020 C:\Windows\System32\drivers\RDPENCDD.sys - ok
10:41:05.0576 8020 [ 44B0A53CD4F27D50ED461DAE0C0B4E1F ] C:\Windows\System32\drivers\RDPREFMP.sys
10:41:05.0576 8020 C:\Windows\System32\drivers\RDPREFMP.sys - ok
10:41:05.0579 8020 [ DAEFB28E3AF5A76ABCC2C3078C07327F ] C:\Windows\System32\drivers\msfs.sys
10:41:05.0579 8020 C:\Windows\System32\drivers\msfs.sys - ok
10:41:05.0582 8020 [ 9EBBBA55060F786F0FCAA3893BFA2806 ] C:\Windows\System32\drivers\afd.sys
10:41:05.0582 8020 C:\Windows\System32\drivers\afd.sys - ok
10:41:05.0585 8020 [ E3E73B2B73A4DFADFDDF557192C4B08A ] C:\Windows\System32\drivers\aswTdi.sys
10:41:05.0585 8020 C:\Windows\System32\drivers\aswTdi.sys - ok
10:41:05.0588 8020 [ 1DB262A9F8C087E8153D89BEF3D2235F ] C:\Windows\System32\drivers\npfs.sys
10:41:05.0589 8020 C:\Windows\System32\drivers\npfs.sys - ok
10:41:05.0592 8020 [ 2F885864D5BC8A16C86BEE595969A48A ] C:\Windows\System32\drivers\tdi.sys
10:41:05.0592 8020 C:\Windows\System32\drivers\tdi.sys - ok
10:41:05.0595 8020 [ B459575348C20E8121D6039DA063C704 ] C:\Windows\System32\drivers\tdx.sys
10:41:05.0595 8020 C:\Windows\System32\drivers\tdx.sys - ok
10:41:05.0598 8020 [ 81F638A2DD94ABBF0B43880AB38D8DBD ] C:\Windows\System32\drivers\aswRdr2.sys
10:41:05.0598 8020 C:\Windows\System32\drivers\aswRdr2.sys - ok
10:41:05.0601 8020 [ 280122DDCF04B378EDD1AD54D71C1E54 ] C:\Windows\System32\drivers\netbt.sys
10:41:05.0601 8020 C:\Windows\System32\drivers\netbt.sys - ok
10:41:05.0605 8020 [ 2A87EA684D949D74F133201E0BF79698 ] C:\Windows\System32\drivers\vsdatant.sys
10:41:05.0605 8020 C:\Windows\System32\drivers\vsdatant.sys - ok
10:41:05.0608 8020 [ 6270CCAE2A86DE6D146529FE55B3246A ] C:\Windows\System32\drivers\pacer.sys
10:41:05.0608 8020 C:\Windows\System32\drivers\pacer.sys - ok
10:41:05.0612 8020 [ 7090D3436EEB4E7DA3373090A23448F7 ] C:\Windows\System32\drivers\vwififlt.sys
10:41:05.0612 8020 C:\Windows\System32\drivers\vwififlt.sys - ok
10:41:05.0615 8020 [ 8B9A943F3B53861F2BFAF6C186168F79 ] C:\Windows\System32\drivers\wfplwf.sys
10:41:05.0615 8020 C:\Windows\System32\drivers\wfplwf.sys - ok
10:41:05.0618 8020 [ 6DB3276587B853BF886B69528FDB048C ] C:\Windows\System32\drivers\ws2ifsl.sys
10:41:05.0618 8020 C:\Windows\System32\drivers\ws2ifsl.sys - ok
10:41:05.0621 8020 [ 80B275B1CE3B0E79909DB7B39AF74D51 ] C:\Windows\System32\drivers\netbios.sys
10:41:05.0621 8020 C:\Windows\System32\drivers\netbios.sys - ok
10:41:05.0625 8020 [ 1AD9EB1B5ABD0AEEE4084C8153476F1E ] C:\Windows\System32\drivers\tosrfcom.sys
10:41:05.0625 8020 C:\Windows\System32\drivers\tosrfcom.sys - ok
10:41:05.0628 8020 [ 3C3C78515F5AB448B022BDF5B8FFDD2E ] C:\Windows\System32\drivers\wanarp.sys
10:41:05.0628 8020 C:\Windows\System32\drivers\wanarp.sys - ok
10:41:05.0631 8020 [ 2287078ED48FCFC477B05B20CF38F36F ] C:\Windows\System32\drivers\blbdrive.sys
10:41:05.0632 8020 C:\Windows\System32\drivers\blbdrive.sys - ok
10:41:05.0635 8020 [ F024449C97EC1E464AAFFDA18593DB88 ] C:\Windows\System32\drivers\dfsc.sys
10:41:05.0635 8020 C:\Windows\System32\drivers\dfsc.sys - ok
10:41:05.0638 8020 [ 1A050B0274BFB3890703D490F330C0DA ] C:\Windows\System32\drivers\discache.sys
10:41:05.0638 8020 C:\Windows\System32\drivers\discache.sys - ok
10:41:05.0641 8020 [ FC6B9FF600CC585EA38B12589BD4E246 ] C:\Windows\System32\drivers\mssmbios.sys
10:41:05.0641 8020 C:\Windows\System32\drivers\mssmbios.sys - ok
10:41:05.0645 8020 [ E9A0A4D07E53D8FEA2BB8387A3293C58 ] C:\Windows\System32\drivers\nsiproxy.sys
10:41:05.0645 8020 C:\Windows\System32\drivers\nsiproxy.sys - ok
10:41:05.0648 8020 [ D528BC58A489409BA40334EBF96A311B ] C:\Windows\System32\drivers\rdbss.sys
10:41:05.0648 8020 C:\Windows\System32\drivers\rdbss.sys - ok
10:41:05.0651 8020 [ 04DBF4B01EA4BF25A9A3E84AFFAC9B20 ] C:\Windows\System32\drivers\termdd.sys
10:41:05.0651 8020 C:\Windows\System32\drivers\termdd.sys - ok
10:41:05.0654 8020 [ 67B558895695545FB0568B7541F3BCA7 ] C:\Windows\System32\drivers\aswSP.sys
10:41:05.0654 8020 C:\Windows\System32\drivers\aswSP.sys - ok
10:41:05.0658 8020 [ B2FA25D9B17A68BB93D58B0556E8C90D ] C:\Windows\System32\drivers\tunnel.sys
10:41:05.0658 8020 C:\Windows\System32\drivers\tunnel.sys - ok
10:41:05.0661 8020 [ C30A91ADE8C9CB91E4281EC83C4500C6 ] C:\Windows\System32\ntdll.dll
10:41:05.0661 8020 C:\Windows\System32\ntdll.dll - ok
10:41:05.0664 8020 [ 16742790895960690237A5143CEDEC8B ] C:\Windows\System32\smss.exe
10:41:05.0664 8020 C:\Windows\System32\smss.exe - ok
10:41:05.0667 8020 [ F88A52EB62019D6A62FDD9E08034DBD8 ] C:\Windows\System32\autochk.exe
10:41:05.0667 8020 C:\Windows\System32\autochk.exe - ok
10:41:05.0671 8020 [ A9DB7F34F76BEF9C97F3574058FFCA92 ] C:\Windows\System32\drivers\atikmpag.sys
10:41:05.0671 8020 C:\Windows\System32\drivers\atikmpag.sys - ok
10:41:05.0674 8020 [ 4AC9456B06B5CF56AAD4C547DD3DF553 ] C:\Windows\System32\drivers\atipmdag.sys
10:41:05.0674 8020 C:\Windows\System32\drivers\atipmdag.sys - ok
10:41:05.0677 8020 [ 23F5D28378A160352BA8F817BD8C71CB ] C:\Windows\System32\drivers\dxgkrnl.sys
10:41:05.0677 8020 C:\Windows\System32\drivers\dxgkrnl.sys - ok
10:41:05.0682 8020 [ D458D1C7F1D49869000668E3C3BB0D4D ] C:\Windows\System32\drivers\dxgmms1.sys
10:41:05.0682 8020 C:\Windows\System32\drivers\dxgmms1.sys - ok
10:41:05.0684 8020 [ 9036377B8A6C15DC2EEC53E489D159B5 ] C:\Windows\System32\drivers\hdaudbus.sys
10:41:05.0684 8020 C:\Windows\System32\drivers\hdaudbus.sys - ok
10:41:05.0688 8020 [ A88485DC6A7136C10D9A6C7E38FDFE3C ] C:\Windows\System32\drivers\HECI.sys
10:41:05.0688 8020 C:\Windows\System32\drivers\HECI.sys - ok
10:41:05.0691 8020 [ F92DE757E4B7CE9C07C5E65423F3AE3B ] C:\Windows\System32\drivers\usbehci.sys
10:41:05.0691 8020 C:\Windows\System32\drivers\usbehci.sys - ok
10:41:05.0694 8020 [ 3AA940AA9AC3055FE32FF2D3D20CCD28 ] C:\Windows\System32\drivers\usbport.sys
10:41:05.0694 8020 C:\Windows\System32\drivers\usbport.sys - ok
10:41:05.0697 8020 [ CDA161020BF75B12728AE394196AD991 ] C:\Windows\System32\drivers\BCMWL6.SYS
10:41:05.0698 8020 C:\Windows\System32\drivers\BCMWL6.SYS - ok
10:41:05.0701 8020 [ F151F0BDC47F4A28B1B20A0818EA36D6 ] C:\Windows\System32\drivers\i8042prt.sys
10:41:05.0701 8020 C:\Windows\System32\drivers\i8042prt.sys - ok
10:41:05.0704 8020 [ ED8227578B0A3A3F8545388FB11782C1 ] C:\Windows\System32\drivers\L1C62x86.sys
10:41:05.0704 8020 C:\Windows\System32\drivers\L1C62x86.sys - ok
10:41:05.0708 8020 [ 90567B1E658001E79D7C8BBD3DDE5AA6 ] C:\Windows\System32\drivers\vwifibus.sys
10:41:05.0708 8020 C:\Windows\System32\drivers\vwifibus.sys - ok
10:41:05.0711 8020 [ ADEF52CA1AEAE82B50DF86B56413107E ] C:\Windows\System32\drivers\kbdclass.sys
10:41:05.0711 8020 C:\Windows\System32\drivers\kbdclass.sys - ok
10:41:05.0714 8020 [ 5787196F32D043572EC6565C0EF1B8E0 ] C:\Windows\System32\drivers\usbd.sys
10:41:05.0714 8020 C:\Windows\System32\drivers\usbd.sys - ok
10:41:05.0718 8020 [ 9A28F1C47CE0C8BBC02AAF5941AB44CD ] C:\Windows\System32\drivers\SynTP.sys
10:41:05.0718 8020 C:\Windows\System32\drivers\SynTP.sys - ok
10:41:05.0721 8020 [ FB18CC1D4C2E716B6B903B0AC0CC0609 ] C:\Windows\System32\drivers\mouclass.sys
10:41:05.0721 8020 C:\Windows\System32\drivers\mouclass.sys - ok
10:41:05.0723 8020 [ 4266A3230981DD4434C55957F6DD497D ] C:\Windows\System32\urlmon.dll
10:41:05.0723 8020 C:\Windows\System32\urlmon.dll - ok
10:41:05.0726 8020 [ C9618BC9B2B0FD7C1138D8774795A79B ] C:\Windows\System32\msctf.dll
10:41:05.0726 8020 C:\Windows\System32\msctf.dll - ok
10:41:05.0729 8020 [ E87F5393F7D8CE2FACC4DFF703531392 ] C:\Windows\System32\gdi32.dll
10:41:05.0729 8020 C:\Windows\System32\gdi32.dll - ok
10:41:05.0732 8020 [ B2DB6ABA2E292235749B80A9C3DFA867 ] C:\Windows\System32\imagehlp.dll
10:41:05.0732 8020 C:\Windows\System32\imagehlp.dll - ok
10:41:05.0736 8020 [ 9C278785347BCC991F8EA2999D90F58D ] C:\Windows\System32\normaliz.dll
10:41:05.0736 8020 C:\Windows\System32\normaliz.dll - ok
10:41:05.0739 8020 [ 6377051C63D5552A311935C67E9FDFDC ] C:\Windows\System32\nsi.dll
10:41:05.0739 8020 C:\Windows\System32\nsi.dll - ok
10:41:05.0742 8020 [ F1DD3ACAEE5E6B4BBC69BC6DF75CEF66 ] C:\Windows\System32\user32.dll
10:41:05.0742 8020 C:\Windows\System32\user32.dll - ok
10:41:05.0745 8020 [ 3ED262888758E350C29E02207AF9AC59 ] C:\Windows\System32\kernel32.dll
10:41:05.0745 8020 C:\Windows\System32\kernel32.dll - ok
10:41:05.0748 8020 [ 780E80E5502015EDAEC91DC0A0C96A79 ] C:\Windows\System32\iertutil.dll
10:41:05.0748 8020 C:\Windows\System32\iertutil.dll - ok
10:41:05.0751 8020 [ CFC97F07904067A1E5FAE195D534DA3A ] C:\Windows\System32\sechost.dll
10:41:05.0751 8020 C:\Windows\System32\sechost.dll - ok
10:41:05.0754 8020 [ 4A8E2F20809CC161107FAA94F6CF2685 ] C:\Windows\System32\imm32.dll
10:41:05.0755 8020 C:\Windows\System32\imm32.dll - ok
10:41:05.0758 8020 [ 7FA3A810F383588D46220967DE8B64FF ] C:\Windows\System32\wininet.dll
10:41:05.0758 8020 C:\Windows\System32\wininet.dll - ok
10:41:05.0761 8020 [ FF5688D309347F2720911D8796912834 ] C:\Windows\System32\clbcatq.dll
10:41:05.0761 8020 C:\Windows\System32\clbcatq.dll - ok
10:41:05.0764 8020 [ 03C0D99BC2913226F1CEA7CB0D984659 ] C:\Windows\System32\drivers\Impcd.sys
10:41:05.0764 8020 C:\Windows\System32\drivers\Impcd.sys - ok
10:41:05.0767 8020 [ 4084EA00D50C858D6F9038F86AE2E2D0 ] C:\Windows\System32\drivers\tdcmdpst.sys
10:41:05.0767 8020 C:\Windows\System32\drivers\tdcmdpst.sys - ok
10:41:05.0770 8020 [ DEA805815E587DAD1DD2C502220B5616 ] C:\Windows\System32\drivers\CmBatt.sys
10:41:05.0771 8020 C:\Windows\System32\drivers\CmBatt.sys - ok
10:41:05.0774 8020 [ 3B514D27BFC4ACCB4037BC6685F766E0 ] C:\Windows\System32\drivers\intelppm.sys
10:41:05.0774 8020 C:\Windows\System32\drivers\intelppm.sys - ok
10:41:05.0777 8020 [ A0DB243AF3A2E427C172AF2BBA325473 ] C:\Windows\System32\drivers\QIOMem.sys
10:41:05.0777 8020 C:\Windows\System32\drivers\QIOMem.sys - ok
10:41:05.0780 8020 [ 866462F5AE3F375EF83EF9DCE436031C ] C:\Windows\System32\drivers\TVALZFL.sys
10:41:05.0780 8020 C:\Windows\System32\drivers\TVALZFL.sys - ok
10:41:05.0784 8020 [ 0217679B8FCA58714C3BF2726D2CA84E ] C:\Windows\System32\drivers\wmiacpi.sys
10:41:05.0784 8020 C:\Windows\System32\drivers\wmiacpi.sys - ok
10:41:05.0787 8020 [ 57EC4AEF73660166074D8F7F31C0D4FD ] C:\Windows\System32\drivers\agilevpn.sys
10:41:05.0787 8020 C:\Windows\System32\drivers\agilevpn.sys - ok
10:41:05.0791 8020 [ CBE8C58A8579CFE5FCCF809E6F114E89 ] C:\Windows\System32\drivers\CompositeBus.sys
10:41:05.0791 8020 C:\Windows\System32\drivers\CompositeBus.sys - ok
10:41:05.0795 8020 [ E4A8AEC125A2E43A9E32AFEEA7C9C888 ] C:\Windows\System32\drivers\ndistapi.sys
10:41:05.0795 8020 C:\Windows\System32\drivers\ndistapi.sys - ok
10:41:05.0798 8020 [ 38FBE267E7E6983311179230FACB1017 ] C:\Windows\System32\drivers\ndiswan.sys
10:41:05.0798 8020 C:\Windows\System32\drivers\ndiswan.sys - ok
10:41:05.0802 8020 [ D9F91EAFEC2815365CBE6D167E4E332A ] C:\Windows\System32\drivers\rasl2tp.sys
10:41:05.0802 8020 C:\Windows\System32\drivers\rasl2tp.sys - ok
10:41:05.0805 8020 [ 0FE8B15916307A6AC12BFB6A63E45507 ] C:\Windows\System32\drivers\raspppoe.sys
10:41:05.0805 8020 C:\Windows\System32\drivers\raspppoe.sys - ok
10:41:05.0808 8020 [ 9EE240F7029771B21CC6200BE6516D60 ] C:\Windows\System32\drivers\tosrfec.sys
10:41:05.0808 8020 C:\Windows\System32\drivers\tosrfec.sys - ok
10:41:05.0812 8020 [ 5DCEF0C32BE0F33277326586FA503689 ] C:\Windows\System32\drivers\ks.sys
10:41:05.0812 8020 C:\Windows\System32\drivers\ks.sys - ok
10:41:05.0815 8020 [ 631E3E205AD6D86F2AED6A4A8E69F2DB ] C:\Windows\System32\drivers\raspptp.sys
10:41:05.0815 8020 C:\Windows\System32\drivers\raspptp.sys - ok
10:41:05.0818 8020 [ 44101F495A83EA6401D886E7FD70096B ] C:\Windows\System32\drivers\rassstp.sys
10:41:05.0818 8020 C:\Windows\System32\drivers\rassstp.sys - ok
10:41:05.0822 8020 [ E58C78A848ADD9610A4DB6D214AF5224 ] C:\Windows\System32\drivers\swenum.sys
10:41:05.0822 8020 C:\Windows\System32\drivers\swenum.sys - ok
10:41:05.0825 8020 [ D295BED4B898F0FD999FCFA9B32B071B ] C:\Windows\System32\drivers\umbus.sys
10:41:05.0825 8020 C:\Windows\System32\drivers\umbus.sys - ok
10:41:05.0828 8020 [ 8DC94AEC6A7E644A06135AE7506DC2E9 ] C:\Windows\System32\drivers\usbhub.sys
10:41:05.0828 8020 C:\Windows\System32\drivers\usbhub.sys - ok
10:41:05.0832 8020 [ 29E9794708DF51DB5DC89FB2E903A0F6 ] C:\Windows\System32\shell32.dll
10:41:05.0832 8020 C:\Windows\System32\shell32.dll - ok
10:41:05.0835 8020 [ 7FF15A4F092CD4A96055BA69F903E3E9 ] C:\Windows\System32\ws2_32.dll
10:41:05.0835 8020 C:\Windows\System32\ws2_32.dll - ok
10:41:05.0838 8020 [ A4BDC541E69674FBFF1A8FF00BE913F2 ] C:\Windows\System32\drivers\ndproxy.sys
10:41:05.0838 8020 C:\Windows\System32\drivers\ndproxy.sys - ok
10:41:05.0841 8020 [ 314BA59A46F9D9F1E044538DEA286797 ] C:\Windows\System32\drivers\CHDMI32.sys
10:41:05.0841 8020 C:\Windows\System32\drivers\CHDMI32.sys - ok
10:41:05.0845 8020 [ 27F9288AF019E6DACA281EDE51FF5928 ] C:\Windows\System32\drivers\drmk.sys
10:41:05.0845 8020 C:\Windows\System32\drivers\drmk.sys - ok
10:41:05.0848 8020 [ D72708C9F49500C13D7D067E169B7715 ] C:\Windows\System32\drivers\portcls.sys
10:41:05.0848 8020 C:\Windows\System32\drivers\portcls.sys - ok
10:41:05.0851 8020 [ C2FA222AC9DB9463F801451FF65ECBE8 ] C:\Windows\System32\drivers\CHDRT32.sys
10:41:05.0851 8020 C:\Windows\System32\drivers\CHDRT32.sys - ok
10:41:05.0854 8020 [ 90AFA1A4451BBBEE87C9F18A665D8121 ] C:\Windows\System32\drivers\tosporte.sys
10:41:05.0854 8020 C:\Windows\System32\drivers\tosporte.sys - ok
10:41:05.0857 8020 [ 4F154D2C9C6DF951FD6E5AABBAE6B5EE ] C:\Windows\System32\lpk.dll
10:41:05.0857 8020 C:\Windows\System32\lpk.dll - ok
10:41:05.0860 8020 [ 928CF7268086631F54C3D8E17238C6DD ] C:\Windows\System32\ole32.dll
10:41:05.0860 8020 C:\Windows\System32\ole32.dll - ok
10:41:05.0864 8020 [ 6C26122F1931D4D7810240F32DDCE890 ] C:\Windows\System32\drivers\hidparse.sys
10:41:05.0864 8020 C:\Windows\System32\drivers\hidparse.sys - ok
10:41:05.0867 8020 [ 931A1DF1520ABC6E84BA4A75E6957025 ] C:\Windows\System32\drivers\hidclass.sys
10:41:05.0867 8020 C:\Windows\System32\drivers\hidclass.sys - ok
10:41:05.0870 8020 [ 10C19F8290891AF023EAEC0832E1EB4D ] C:\Windows\System32\drivers\hidusb.sys
10:41:05.0870 8020 C:\Windows\System32\drivers\hidusb.sys - ok
10:41:05.0874 8020 [ 2C388D2CD01C9042596CF3C8F3C7B24D ] C:\Windows\System32\drivers\mouhid.sys
10:41:05.0874 8020 C:\Windows\System32\drivers\mouhid.sys - ok
10:41:05.0877 8020 [ BD9C55D7023C5DE374507ACC7A14E2AC ] C:\Windows\System32\drivers\usbccgp.sys
10:41:05.0877 8020 C:\Windows\System32\drivers\usbccgp.sys - ok
10:41:05.0881 8020 [ 45F4E7BF43DB40A6C6B4D92C76CBC3F2 ] C:\Windows\System32\drivers\usbvideo.sys
10:41:05.0881 8020 C:\Windows\System32\drivers\usbvideo.sys - ok
10:41:05.0884 8020 [ 804AAAFEBB3AD5F49334DD906BCB1DE5 ] C:\Windows\System32\usp10.dll
10:41:05.0884 8020 C:\Windows\System32\usp10.dll - ok
10:41:05.0888 8020 [ 070C5B9D3006602A07757179D9B56F5D ] C:\Windows\System32\difxapi.dll
10:41:05.0888 8020 C:\Windows\System32\difxapi.dll - ok
10:41:05.0891 8020 [ 6C765E82B57F2E66CE9C54AC238471D9 ] C:\Windows\System32\oleaut32.dll
10:41:05.0891 8020 C:\Windows\System32\oleaut32.dll - ok
10:41:05.0894 8020 [ 8CC3C111D653E96F3EA1590891491D71 ] C:\Windows\System32\shlwapi.dll
10:41:05.0894 8020 C:\Windows\System32\shlwapi.dll - ok
10:41:05.0897 8020 [ 1B5011DD8D57F53AED31FF0F7D635802 ] C:\Windows\System32\drivers\PGEffect.sys
10:41:05.0897 8020 C:\Windows\System32\drivers\PGEffect.sys - ok
10:41:05.0901 8020 [ D1DE1EAFDE97BE41CF6585027FF3E732 ] C:\Windows\System32\comdlg32.dll
10:41:05.0901 8020 C:\Windows\System32\comdlg32.dll - ok
10:41:05.0904 8020 [ 95E2376B3323F062EB562B8586D0F14A ] C:\Windows\System32\advapi32.dll
10:41:05.0904 8020 C:\Windows\System32\advapi32.dll - ok
10:41:05.0907 8020 [ 9DC80A8AAAAAC397BDAB3C67165A824E ] C:\Windows\System32\msvcrt.dll
10:41:05.0907 8020 C:\Windows\System32\msvcrt.dll - ok
10:41:05.0911 8020 [ A543AC1F7138376D778D630A35FCBC4C ] C:\Windows\System32\psapi.dll
10:41:05.0911 8020 C:\Windows\System32\psapi.dll - ok
10:41:05.0914 8020 [ 6400774E903729ADD0A62A24A334EE56 ] C:\Windows\System32\rpcrt4.dll
10:41:05.0914 8020 C:\Windows\System32\rpcrt4.dll - ok
10:41:05.0917 8020 [ 10FB16B50AFFDA6D44588F3C445DC273 ] C:\Windows\System32\setupapi.dll
10:41:05.0917 8020 C:\Windows\System32\setupapi.dll - ok
10:41:05.0920 8020 [ A8BB45F9ECAD993461E0FEF8E2A99152 ] C:\Windows\System32\Wldap32.dll
10:41:05.0920 8020 C:\Windows\System32\Wldap32.dll - ok
10:41:05.0923 8020 [ 3FFAEA12666E565FF51BF2FCA674F543 ] C:\Windows\System32\cfgmgr32.dll
10:41:05.0923 8020 C:\Windows\System32\cfgmgr32.dll - ok
10:41:05.0927 8020 [ 60D21799A4AF4EDCE65FB98830E4B0C8 ] C:\Windows\System32\crypt32.dll
10:41:05.0927 8020 C:\Windows\System32\crypt32.dll - ok
10:41:05.0930 8020 [ CC4ED8BEA78B0DCA6F217E014C3291A7 ] C:\Windows\System32\devobj.dll
10:41:05.0930 8020 C:\Windows\System32\devobj.dll - ok
10:41:05.0933 8020 [ 17448AF0BBA9E7AB5EC955AF93F271BD ] C:\Windows\System32\wintrust.dll
10:41:05.0933 8020 C:\Windows\System32\wintrust.dll - ok
10:41:05.0936 8020 [ BDAC1AA64495D0F7E1FF810EBBF1F018 ] C:\Windows\System32\comctl32.dll
10:41:05.0936 8020 C:\Windows\System32\comctl32.dll - ok
10:41:05.0939 8020 [ E40ADC3B848650F1D5A932FD7DE0D018 ] C:\Windows\System32\KernelBase.dll
10:41:05.0939 8020 C:\Windows\System32\KernelBase.dll - ok
10:41:05.0943 8020 [ 938F39B50BAFE13D6F58C7790682C010 ] C:\Windows\System32\msasn1.dll
10:41:05.0943 8020 C:\Windows\System32\msasn1.dll - ok
10:41:05.0946 8020 [ 5FCD3320AAE71506B43F9E12E4E72172 ] C:\Windows\System32\drivers\dxapi.sys
10:41:05.0946 8020 C:\Windows\System32\drivers\dxapi.sys - ok
10:41:05.0949 8020 [ 46538741E0230731D3635D12DF85A7B5 ] C:\Windows\System32\win32k.sys
10:41:05.0949 8020 C:\Windows\System32\win32k.sys - ok
10:41:05.0952 8020 [ 6C062EA09313872D2235027EF7A4554E ] C:\Windows\System32\csrsrv.dll
10:41:05.0952 8020 C:\Windows\System32\csrsrv.dll - ok
10:41:05.0955 8020 [ 342271F6142E7C70805B8A81E1BA5F5C ] C:\Windows\System32\csrss.exe
10:41:05.0956 8020 C:\Windows\System32\csrss.exe - ok
10:41:05.0959 8020 [ 867BEB23207BA425C85293BB0D3EA971 ] C:\Windows\System32\drivers\RtsUStor.sys
10:41:05.0959 8020 C:\Windows\System32\drivers\RtsUStor.sys - ok
10:41:05.0962 8020 [ DAB748AE0439955ED2FA22357533DDDB ] C:\Windows\System32\basesrv.dll
10:41:05.0962 8020 C:\Windows\System32\basesrv.dll - ok
10:41:05.0965 8020 [ 93F86C5CCC37D70EA09CE5E76F3E4338 ] C:\Windows\System32\winsrv.dll
10:41:05.0965 8020 C:\Windows\System32\winsrv.dll - ok
10:41:05.0968 8020 [ 18DFBB06907C169BB54F6960B9F95367 ] C:\Windows\System32\drivers\tosrfusb.sys
10:41:05.0968 8020 C:\Windows\System32\drivers\tosrfusb.sys - ok
10:41:05.0972 8020 [ 51D7F024A66814F8BEE33E4BE394A03E ] C:\Windows\System32\drivers\tosrfbd.sys
10:41:05.0972 8020 C:\Windows\System32\drivers\tosrfbd.sys - ok
10:41:05.0974 8020 [ 79D10964DE86B292320E9DFE02282A23 ] C:\Windows\System32\drivers\monitor.sys
10:41:05.0974 8020 C:\Windows\System32\drivers\monitor.sys - ok
10:41:05.0977 8020 [ A72A3473180F378CC07D342803FFD580 ] C:\Windows\System32\drivers\Tosrfhid.sys
10:41:05.0977 8020 C:\Windows\System32\drivers\Tosrfhid.sys - ok
10:41:05.0980 8020 [ 7C76B61A5E1EF5D1FA554CF134100F18 ] C:\Windows\System32\tsddd.dll
10:41:05.0981 8020 C:\Windows\System32\tsddd.dll - ok
10:41:05.0984 8020 [ C733D233B623B7FFCE5031E4B756EE26 ] C:\Windows\System32\profapi.dll
10:41:05.0984 8020 C:\Windows\System32\profapi.dll - ok
10:41:05.0987 8020 [ 364455805E64882844EE9ACB72522830 ] C:\Windows\System32\sxssrv.dll
10:41:05.0987 8020 C:\Windows\System32\sxssrv.dll - ok
10:41:05.0990 8020 [ B5C5DCAD3899512020D135600129D665 ] C:\Windows\System32\wininit.exe
10:41:05.0990 8020 C:\Windows\System32\wininit.exe - ok
10:41:05.0993 8020 [ 357B990A4249D7F7485B230C0CC8825A ] C:\Windows\System32\KBDUS.DLL
10:41:05.0993 8020 C:\Windows\System32\KBDUS.DLL - ok
10:41:05.0996 8020 [ 5997D769CDB108390DCFAEBF442BF816 ] C:\Windows\System32\RpcRtRemote.dll
10:41:05.0996 8020 C:\Windows\System32\RpcRtRemote.dll - ok
10:41:05.0999 8020 [ CAEF9CD6C10B1017E2C298D849CD31DB ] C:\Windows\System32\cdd.dll
10:41:05.0999 8020 C:\Windows\System32\cdd.dll - ok
10:41:06.0002 8020 [ 919001D2BB17DF06CA3F8AC16AD039F6 ] C:\Windows\System32\sxs.dll
10:41:06.0003 8020 C:\Windows\System32\sxs.dll - ok
10:41:06.0006 8020 [ 633C2C060CF857099F6C4F8D75C952B1 ] C:\Windows\System32\WlS0WndH.dll
10:41:06.0006 8020 C:\Windows\System32\WlS0WndH.dll - ok
10:41:06.0009 8020 [ F08F6FCD09F9BE94C37ACC1B344685FF ] C:\Windows\System32\cryptbase.dll
10:41:06.0009 8020 C:\Windows\System32\cryptbase.dll - ok
10:41:06.0012 8020 [ 863F793D15B4026B1A5FDECA873D4D84 ] C:\Windows\System32\apphelp.dll

#14 Lohckm

Lohckm
  • Topic Starter

  • Members
  • 20 posts
  • OFFLINE
  •  
  • Local time:09:53 PM

Posted 18 December 2012 - 09:53 PM

Continued log from TDSSKiller.

10:41:06.0012 8020 C:\Windows\System32\apphelp.dll - ok
10:41:06.0015 8020 [ 444430C44727B5F22B4DC17284798EBD ] C:\Windows\System32\lsasrv.dll
10:41:06.0016 8020 C:\Windows\System32\lsasrv.dll - ok
10:41:06.0019 8020 [ 81951F51E318AECC2D68559E47485CC4 ] C:\Windows\System32\lsass.exe
10:41:06.0019 8020 C:\Windows\System32\lsass.exe - ok
10:41:06.0022 8020 [ 8AEA9A37C1A3565A204D37C5E72AB791 ] C:\Windows\System32\lsm.exe
10:41:06.0022 8020 C:\Windows\System32\lsm.exe - ok
10:41:06.0025 8020 [ 3369D021265E369D57317D61FA86DD79 ] C:\Windows\System32\scext.dll
10:41:06.0025 8020 C:\Windows\System32\scext.dll - ok
10:41:06.0028 8020 [ 5F1B6A9C35D3D5CA72D6D6FDEF9747D6 ] C:\Windows\System32\services.exe
10:41:06.0028 8020 C:\Windows\System32\services.exe - ok
10:41:06.0032 8020 [ 4A054C853031616D161A84BECF281F47 ] C:\Windows\System32\sspicli.dll
10:41:06.0032 8020 C:\Windows\System32\sspicli.dll - ok
10:41:06.0035 8020 [ E361AE3010EA4B3123DAB5BDAE21798F ] C:\Windows\System32\sspisrv.dll
10:41:06.0035 8020 C:\Windows\System32\sspisrv.dll - ok
10:41:06.0038 8020 [ 250AA41DE690561AF1282D598914564C ] C:\Windows\System32\scesrv.dll
10:41:06.0038 8020 C:\Windows\System32\scesrv.dll - ok
10:41:06.0042 8020 [ 69678722290C78D5D7198C60B5A4E3E8 ] C:\Windows\System32\secur32.dll
10:41:06.0042 8020 C:\Windows\System32\secur32.dll - ok
10:41:06.0046 8020 [ BA51FFE170C5B3AE8EC4F5BD2581A29E ] C:\Windows\System32\sysntfy.dll
10:41:06.0046 8020 C:\Windows\System32\sysntfy.dll - ok
10:41:06.0049 8020 [ D412B1B72C5AB020218E9A047D90CA05 ] C:\Windows\System32\wmsgapi.dll
10:41:06.0049 8020 C:\Windows\System32\wmsgapi.dll - ok
10:41:06.0052 8020 [ 5CCDCD40E732D54E0F7451AC66AC1C87 ] C:\Windows\System32\srvcli.dll
10:41:06.0052 8020 C:\Windows\System32\srvcli.dll - ok
10:41:06.0055 8020 [ 1128637CAD49A8E3C8B5FA5D0A061525 ] C:\Windows\System32\cryptdll.dll
10:41:06.0055 8020 C:\Windows\System32\cryptdll.dll - ok
10:41:06.0058 8020 [ 245F4691314F42D4D1BC06442F0B2086 ] C:\Windows\System32\samsrv.dll
10:41:06.0058 8020 C:\Windows\System32\samsrv.dll - ok
10:41:06.0061 8020 [ FB4EB9352B7D698E6B3C2AA2ED724DAD ] C:\Windows\System32\authz.dll
10:41:06.0062 8020 C:\Windows\System32\authz.dll - ok
10:41:06.0065 8020 [ FC7650224790CAE75A5E9231961FDEC5 ] C:\Windows\System32\bcrypt.dll
10:41:06.0065 8020 C:\Windows\System32\bcrypt.dll - ok
10:41:06.0068 8020 [ 50BA656134F78AF64E4DD3C8B6FEFD7E ] C:\Windows\System32\cngaudit.dll
10:41:06.0068 8020 C:\Windows\System32\cngaudit.dll - ok
10:41:06.0071 8020 [ 859CFCE4A0F72916911BD9F6C6E84581 ] C:\Windows\System32\ncrypt.dll
10:41:06.0071 8020 C:\Windows\System32\ncrypt.dll - ok
10:41:06.0074 8020 [ 82C089EA2A3EEFADF3588EA71E8BDADA ] C:\Windows\System32\wevtapi.dll
10:41:06.0074 8020 C:\Windows\System32\wevtapi.dll - ok
10:41:06.0077 8020 [ C90878913DF3DC504790282043DB5F4C ] C:\Windows\System32\msprivs.dll
10:41:06.0077 8020 C:\Windows\System32\msprivs.dll - ok
10:41:06.0080 8020 [ E343CABBD8D600ABAF3F11625D33B3D0 ] C:\Windows\System32\netjoin.dll
10:41:06.0080 8020 C:\Windows\System32\netjoin.dll - ok
10:41:06.0084 8020 [ BDA0B954A30498B5A7EDC6204CBA07ED ] C:\Windows\System32\kerberos.dll
10:41:06.0084 8020 C:\Windows\System32\kerberos.dll - ok
10:41:06.0087 8020 [ 6DCFAEC6D1334AA6CDF8961DB4633CBF ] C:\Windows\System32\negoexts.dll
10:41:06.0087 8020 C:\Windows\System32\negoexts.dll - ok
10:41:06.0090 8020 [ 7321F18D1F820612ED0E9F2D4B578A7E ] C:\Windows\System32\cryptsp.dll
10:41:06.0090 8020 C:\Windows\System32\cryptsp.dll - ok
10:41:06.0093 8020 [ 9CE253214ACAA5A7D323327D2055EFAA ] C:\Windows\System32\drivers\TsUsbFlt.sys
10:41:06.0093 8020 C:\Windows\System32\drivers\TsUsbFlt.sys - ok
10:41:06.0096 8020 [ 4C1E16B9A53102C8D6FBA587CBCB95DE ] C:\Windows\System32\msv1_0.dll
10:41:06.0096 8020 C:\Windows\System32\msv1_0.dll - ok
10:41:06.0100 8020 [ 8999B8631C7FD9F7F9EC3CAFD953BA24 ] C:\Windows\System32\mswsock.dll
10:41:06.0100 8020 C:\Windows\System32\mswsock.dll - ok
10:41:06.0103 8020 [ C1809B9907ADEDAF16F50C894100883B ] C:\Windows\System32\netlogon.dll
10:41:06.0103 8020 C:\Windows\System32\netlogon.dll - ok
10:41:06.0106 8020 [ 73E8667A19FEEDD856DF2695E9E511D4 ] C:\Windows\System32\wship6.dll
10:41:06.0106 8020 C:\Windows\System32\wship6.dll - ok
10:41:06.0109 8020 [ B40420876B9288E0A1C8CCA8A84E5DC9 ] C:\Windows\System32\dnsapi.dll
10:41:06.0109 8020 C:\Windows\System32\dnsapi.dll - ok
10:41:06.0112 8020 [ 8EA53101FF2B15BDFF934B62A8FB326D ] C:\Windows\System32\logoncli.dll
10:41:06.0112 8020 C:\Windows\System32\logoncli.dll - ok
10:41:06.0115 8020 [ AF78F66116814FDD6677CEBD73035CDD ] C:\Windows\System32\schannel.dll
10:41:06.0115 8020 C:\Windows\System32\schannel.dll - ok
10:41:06.0118 8020 [ 0450CF487ECD8A67B56F59F9A96D024D ] C:\Windows\System32\wdigest.dll
10:41:06.0119 8020 C:\Windows\System32\wdigest.dll - ok
10:41:06.0122 8020 [ E8449FE262D7406BCB2AC2A45C53EC5F ] C:\Windows\System32\bcryptprimitives.dll
10:41:06.0122 8020 C:\Windows\System32\bcryptprimitives.dll - ok
10:41:06.0126 8020 [ 9EDE13F62E7BE92DBA561218EDDC4E21 ] C:\Windows\System32\LIVESSP.DLL
10:41:06.0126 8020 C:\Windows\System32\LIVESSP.DLL - ok
10:41:06.0129 8020 [ 37CC990D4E2CDFAE12AC47F6B620FC13 ] C:\Windows\System32\pku2u.dll
10:41:06.0129 8020 C:\Windows\System32\pku2u.dll - ok
10:41:06.0132 8020 [ ED8EC63F7522DF4852147C84EC62C36A ] C:\Windows\System32\rsaenh.dll
10:41:06.0132 8020 C:\Windows\System32\rsaenh.dll - ok
10:41:06.0135 8020 [ D29E45078CF4020CE0AAC82EC652D1EA ] C:\Windows\System32\TSpkg.dll
10:41:06.0135 8020 C:\Windows\System32\TSpkg.dll - ok
10:41:06.0138 8020 [ 4E5FE39C1076D115EC8BFCFE14D75B80 ] C:\Windows\System32\credssp.dll
10:41:06.0138 8020 C:\Windows\System32\credssp.dll - ok
10:41:06.0141 8020 [ 91F434FF6606ED9BDC6A05D651B69553 ] C:\Windows\System32\efslsaext.dll
10:41:06.0141 8020 C:\Windows\System32\efslsaext.dll - ok
10:41:06.0145 8020 [ 8124944EC89D6A1815E4E53F5B96AAF4 ] C:\Windows\System32\scecli.dll
10:41:06.0145 8020 C:\Windows\System32\scecli.dll - ok
10:41:06.0148 8020 [ 7222995615BF93B628DCEA4BD6CCACF7 ] C:\Windows\System32\ubpm.dll
10:41:06.0148 8020 C:\Windows\System32\ubpm.dll - ok
10:41:06.0151 8020 [ 418E881201583A3039D81F43E39E6C78 ] C:\Windows\System32\winsta.dll
10:41:06.0151 8020 C:\Windows\System32\winsta.dll - ok
10:41:06.0154 8020 [ FD07F21E0A19C27ED4E1EEC2B07452B3 ] C:\Windows\System32\devrtl.dll
10:41:06.0154 8020 C:\Windows\System32\devrtl.dll - ok
10:41:06.0157 8020 [ 1097F3035BAF46CED8B332B3564C5108 ] C:\Windows\System32\gpapi.dll
10:41:06.0157 8020 C:\Windows\System32\gpapi.dll - ok
10:41:06.0160 8020 [ 4BDBBE5E4208022DD794F7EEEB0F7366 ] C:\Windows\System32\SPInf.dll
10:41:06.0160 8020 C:\Windows\System32\SPInf.dll - ok
10:41:06.0163 8020 [ 54A47F6B5E09A77E61649109C6A08866 ] C:\Windows\System32\svchost.exe
10:41:06.0163 8020 C:\Windows\System32\svchost.exe - ok
10:41:06.0166 8020 [ EC7BC28D207DA09E79B3E9FAF8B232CA ] C:\Windows\System32\umpnpmgr.dll
10:41:06.0167 8020 C:\Windows\System32\umpnpmgr.dll - ok
10:41:06.0170 8020 [ D15618A0FF8DBC2C5BF3726BACC75A0B ] C:\Windows\System32\userenv.dll
10:41:06.0170 8020 C:\Windows\System32\userenv.dll - ok
10:41:06.0173 8020 [ 5893EBDCE371174AC89ECD7731DD6D77 ] C:\Windows\System32\pcwum.dll
10:41:06.0173 8020 C:\Windows\System32\pcwum.dll - ok
10:41:06.0176 8020 [ F87D30E72E03D579A5199CCB3831D6EA ] C:\Windows\System32\umpo.dll
10:41:06.0176 8020 C:\Windows\System32\umpo.dll - ok
10:41:06.0179 8020 [ 08DFDBD2FD4EA951DC46B1C7661ED35A ] C:\Windows\System32\powrprof.dll
10:41:06.0179 8020 C:\Windows\System32\powrprof.dll - ok
10:41:06.0182 8020 [ 6703E366CC18D3B6E534F5CF7DF39CEE ] C:\Windows\System32\drivers\luafv.sys
10:41:06.0182 8020 C:\Windows\System32\drivers\luafv.sys - ok
10:41:06.0186 8020 [ 62F9DCEC95F91B8E0203E85D344A7E65 ] C:\Windows\System32\drivers\aswMonFlt.sys
10:41:06.0186 8020 C:\Windows\System32\drivers\aswMonFlt.sys - ok
10:41:06.0189 8020 [ 500D089CE760D83DA2B6CBA681AA9949 ] C:\Windows\System32\drivers\mbam.sys
10:41:06.0189 8020 C:\Windows\System32\drivers\mbam.sys - ok
10:41:06.0192 8020 [ DE6ED95AEF259979B2830450072A627B ] C:\Windows\System32\drivers\aswFsBlk.sys
10:41:06.0192 8020 C:\Windows\System32\drivers\aswFsBlk.sys - ok
10:41:06.0196 8020 [ 06E6F32C8D0A3F66D956F57B43A2E070 ] C:\Windows\System32\drivers\WUDFPf.sys
10:41:06.0196 8020 C:\Windows\System32\drivers\WUDFPf.sys - ok
10:41:06.0199 8020 [ 7660F01D3B38ACA1747E397D21D790AF ] C:\Windows\System32\rpcss.dll
10:41:06.0199 8020 C:\Windows\System32\rpcss.dll - ok
10:41:06.0202 8020 [ 78D072F35BC45D9E4E1B61895C152234 ] C:\Windows\System32\RpcEpMap.dll
10:41:06.0202 8020 C:\Windows\System32\RpcEpMap.dll - ok
10:41:06.0205 8020 [ 81F08948A0F1475894C99D4D19A158A8 ] C:\Windows\System32\wshqos.dll
10:41:06.0205 8020 C:\Windows\System32\wshqos.dll - ok
10:41:06.0208 8020 [ EE5C8E27C37B79CB54A2FCEEED2DC262 ] C:\Windows\System32\WSHTCPIP.DLL
10:41:06.0208 8020 C:\Windows\System32\WSHTCPIP.DLL - ok
10:41:06.0212 8020 [ 3E158A239992177C895458D9457A8859 ] C:\Windows\System32\atiesrxx.exe
10:41:06.0212 8020 C:\Windows\System32\atiesrxx.exe - ok
10:41:06.0215 8020 [ 3F50200237961034FACE602373838980 ] C:\Windows\System32\FirewallAPI.dll
10:41:06.0215 8020 C:\Windows\System32\FirewallAPI.dll - ok
10:41:06.0218 8020 [ 702254574E7E52052DE39408457B7149 ] C:\Windows\System32\version.dll
10:41:06.0218 8020 C:\Windows\System32\version.dll - ok
10:41:06.0221 8020 [ 6A6B2EE4565A178035BE2A4FF6F2C968 ] C:\Windows\System32\wtsapi32.dll
10:41:06.0221 8020 C:\Windows\System32\wtsapi32.dll - ok
10:41:06.0223 8020 [ 6D13E1406F50C66E2A95D97F22C47560 ] C:\Windows\System32\winlogon.exe
10:41:06.0223 8020 C:\Windows\System32\winlogon.exe - ok
10:41:06.0228 8020 [ 241E015DD809CFB23242F890B1FC575B ] C:\Windows\System32\wevtsvc.dll
10:41:06.0228 8020 C:\Windows\System32\wevtsvc.dll - ok
10:41:06.0231 8020 [ AC8C80DC4F1A6E60C9A762C1799F0B39 ] C:\Windows\System32\adtschema.dll
10:41:06.0231 8020 C:\Windows\System32\adtschema.dll - ok
10:41:06.0234 8020 [ CE3B4E731638D2EF62FCB419BE0D39F0 ] C:\Windows\System32\audiosrv.dll
10:41:06.0234 8020 C:\Windows\System32\audiosrv.dll - ok
10:41:06.0237 8020 [ 8C338238C16777A802D6A9211EB2BA50 ] C:\Windows\System32\netprofm.dll
10:41:06.0237 8020 C:\Windows\System32\netprofm.dll - ok
10:41:06.0240 8020 [ 139D3AB6AA920C34C50CBFFB9EB7D222 ] C:\Windows\System32\avrt.dll
10:41:06.0240 8020 C:\Windows\System32\avrt.dll - ok
10:41:06.0244 8020 [ 146B6F43A673379A3C670E86D89BE5EA ] C:\Windows\System32\mmcss.dll
10:41:06.0244 8020 C:\Windows\System32\mmcss.dll - ok
10:41:06.0247 8020 [ 3EF0D8AB08385AAB5802E773511A2E6A ] C:\Windows\System32\LogonUI.exe
10:41:06.0247 8020 C:\Windows\System32\LogonUI.exe - ok
10:41:06.0250 8020 [ 243974EC02F7AE49E4179C54624143AB ] C:\Windows\System32\MMDevAPI.dll
10:41:06.0250 8020 C:\Windows\System32\MMDevAPI.dll - ok
10:41:06.0253 8020 [ 12C45E3CB6D65F73209549E2D02ECA7A ] C:\Windows\System32\propsys.dll
10:41:06.0253 8020 C:\Windows\System32\propsys.dll - ok
10:41:06.0256 8020 [ CDD35C1CE1EBFE80C055691CDC8DF443 ] C:\Windows\System32\authui.dll
10:41:06.0256 8020 C:\Windows\System32\authui.dll - ok
10:41:06.0260 8020 [ 28CA821606669BB9215CE010767720FA ] C:\Windows\System32\cryptui.dll
10:41:06.0260 8020 C:\Windows\System32\cryptui.dll - ok
10:41:06.0263 8020 [ 352B3DC62A0D259A82A052238425C872 ] C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2\comctl32.dll
10:41:06.0263 8020 C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2\comctl32.dll - ok
10:41:06.0266 8020 [ F14A9B1778376D0B1788E402AC1F831A ] C:\Windows\System32\shacct.dll
10:41:06.0266 8020 C:\Windows\System32\shacct.dll - ok
10:41:06.0270 8020 [ C30A3E5DEEEBA22E782AC54C5AF5F352 ] C:\Windows\System32\samlib.dll
10:41:06.0270 8020 C:\Windows\System32\samlib.dll - ok
10:41:06.0273 8020 [ 63BFDF555DA2075A77D677829C3CCCD0 ] C:\Windows\System32\uxtheme.dll
10:41:06.0273 8020 C:\Windows\System32\uxtheme.dll - ok
10:41:06.0276 8020 [ 7717F84F483002815490033BF069DABD ] C:\Windows\winsxs\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.17825_none_72d273598668a06b\GdiPlus.dll
10:41:06.0276 8020 C:\Windows\winsxs\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.17825_none_72d273598668a06b\GdiPlus.dll - ok
10:41:06.0280 8020 [ EE06B85BC69F18826302348A2AD089E0 ] C:\Windows\System32\dui70.dll
10:41:06.0280 8020 C:\Windows\System32\dui70.dll - ok
10:41:06.0283 8020 [ 6E1F8165C365D35C8E3C045AF0CDD481 ] C:\Windows\System32\duser.dll
10:41:06.0283 8020 C:\Windows\System32\duser.dll - ok
10:41:06.0286 8020 [ 2CFA4569350B7F84F815E9EC34E85766 ] C:\Windows\System32\SndVolSSO.dll
10:41:06.0286 8020 C:\Windows\System32\SndVolSSO.dll - ok
10:41:06.0289 8020 [ 39C5F32747B3414D1BB216FDB1DEFC58 ] C:\Windows\System32\dwmapi.dll
10:41:06.0289 8020 C:\Windows\System32\dwmapi.dll - ok
10:41:06.0292 8020 [ 63DF770DF74ACB370EF5A16727069AAF ] C:\Windows\System32\hid.dll
10:41:06.0292 8020 C:\Windows\System32\hid.dll - ok
10:41:06.0295 8020 [ EDF2A5E96BEC469DA3F64E9BDD386111 ] C:\Windows\System32\xmllite.dll
10:41:06.0295 8020 C:\Windows\System32\xmllite.dll - ok
10:41:06.0299 8020 [ 1DB71A41DAEE6B3F8CD0DDA8209FA2D5 ] C:\Windows\System32\WindowsCodecs.dll
10:41:06.0299 8020 C:\Windows\System32\WindowsCodecs.dll - ok
10:41:06.0302 8020 [ 16935C98FF639D185086A3529B1F2067 ] C:\Windows\System32\wlansvc.dll
10:41:06.0302 8020 C:\Windows\System32\wlansvc.dll - ok
10:41:06.0305 8020 [ F68194F74350D4A2ADE98961E33F884C ] C:\Windows\System32\audiodg.exe
10:41:06.0305 8020 C:\Windows\System32\audiodg.exe - ok
10:41:06.0308 8020 [ 3FD15B4611D9BDA3F8013548C0ECAECA ] C:\Windows\System32\ntmarta.dll
10:41:06.0309 8020 C:\Windows\System32\ntmarta.dll - ok
10:41:06.0312 8020 [ 65BF13016A3C22775F3E17591AE5268A ] C:\Windows\System32\VaultCredProvider.dll
10:41:06.0312 8020 C:\Windows\System32\VaultCredProvider.dll - ok
10:41:06.0315 8020 [ 326C7F76A29897A892AA7726E91C1C67 ] C:\Windows\System32\winbrand.dll
10:41:06.0315 8020 C:\Windows\System32\winbrand.dll - ok
10:41:06.0318 8020 [ 05BF975CA428E04B462FB90841B37C95 ] C:\Windows\System32\SmartcardCredentialProvider.dll
10:41:06.0318 8020 C:\Windows\System32\SmartcardCredentialProvider.dll - ok
10:41:06.0322 8020 [ E59F08ED9D2A128CE436BBFC232247F6 ] C:\Windows\System32\BioCredProv.dll
10:41:06.0322 8020 C:\Windows\System32\BioCredProv.dll - ok
10:41:06.0325 8020 [ E897EAF5ED6BA41E081060C9B447A673 ] C:\Windows\System32\gpsvc.dll
10:41:06.0325 8020 C:\Windows\System32\gpsvc.dll - ok
10:41:06.0328 8020 [ CADEFAC453040E370A1BDFF3973BE00D ] C:\Windows\System32\profsvc.dll
10:41:06.0328 8020 C:\Windows\System32\profsvc.dll - ok
10:41:06.0331 8020 [ F10E5311E5093FA3C00FF88C54C32FCA ] C:\Windows\System32\atl.dll
10:41:06.0331 8020 C:\Windows\System32\atl.dll - ok
10:41:06.0334 8020 [ 42FB6AFD6B79D9FE07381609172E7CA4 ] C:\Windows\System32\themeservice.dll
10:41:06.0335 8020 C:\Windows\System32\themeservice.dll - ok
10:41:06.0338 8020 [ 108C2CFA5527458C096A699929ECBD80 ] C:\Windows\System32\credui.dll
10:41:06.0338 8020 C:\Windows\System32\credui.dll - ok
10:41:06.0340 8020 [ 2F040CF0613A6D64DCBBA9EE81F5A5AE ] C:\Windows\System32\dsrole.dll
10:41:06.0340 8020 C:\Windows\System32\dsrole.dll - ok
10:41:06.0343 8020 [ 50E0DD0A5B8D8BC353578F2F73926697 ] C:\Windows\System32\nlaapi.dll
10:41:06.0344 8020 C:\Windows\System32\nlaapi.dll - ok
10:41:06.0347 8020 [ 8B74CEC6980D4816B0037AE9A27E538F ] C:\Windows\System32\slc.dll
10:41:06.0347 8020 C:\Windows\System32\slc.dll - ok
10:41:06.0350 8020 [ 3FAD263CE1E2A6FFF40D00043B2275E3 ] C:\Windows\System32\winbio.dll
10:41:06.0350 8020 C:\Windows\System32\winbio.dll - ok
10:41:06.0353 8020 [ 1A61FF452B72860F58B9F07536E6AD80 ] C:\Program Files\Toshiba\SmartFaceV\SmartFaceVCP.dll
10:41:06.0353 8020 C:\Program Files\Toshiba\SmartFaceV\SmartFaceVCP.dll - ok
10:41:06.0356 8020 [ F6916EFC29D9953D5D0DF06882AE8E16 ] C:\Windows\System32\es.dll
10:41:06.0356 8020 C:\Windows\System32\es.dll - ok
10:41:06.0360 8020 [ 2FCA0D2C59A855C54BAFA22AA329DF0F ] C:\Windows\System32\netapi32.dll
10:41:06.0360 8020 C:\Windows\System32\netapi32.dll - ok
10:41:06.0363 8020 [ 20B3934DB73EABA2B49B7177873CB81F ] C:\Windows\System32\netutils.dll
10:41:06.0363 8020 C:\Windows\System32\netutils.dll - ok
10:41:06.0366 8020 [ 68ECCA523ED760AAFC03C5D587569859 ] C:\Windows\System32\samcli.dll
10:41:06.0366 8020 C:\Windows\System32\samcli.dll - ok
10:41:06.0369 8020 [ 36B8D5903CEEF0AA42A1EE002BD27FF1 ] C:\Windows\System32\vaultcli.dll
10:41:06.0369 8020 C:\Windows\System32\vaultcli.dll - ok
10:41:06.0372 8020 [ E5A4A1326A02F8E7B59E6C3270CE7202 ] C:\Windows\System32\wkscli.dll
10:41:06.0372 8020 C:\Windows\System32\wkscli.dll - ok
10:41:06.0376 8020 [ 0E35F9F99877BE603A3B44276D18EDD2 ] C:\Program Files\Toshiba\SmartFaceV\SmartFaceVHelper.dll
10:41:06.0376 8020 C:\Program Files\Toshiba\SmartFaceV\SmartFaceVHelper.dll - ok
10:41:06.0379 8020 [ DCB7FCDCC97F87360F75D77425B81737 ] C:\Windows\System32\Sens.dll
10:41:06.0379 8020 C:\Windows\System32\Sens.dll - ok
10:41:06.0382 8020 [ 081E6E1C91AEC36758902A9F727CD23C ] C:\Windows\System32\uxsms.dll
10:41:06.0382 8020 C:\Windows\System32\uxsms.dll - ok
10:41:06.0385 8020 [ D5CF1536137026ACDED95BF6CBF849F6 ] C:\Windows\System32\WUDFPlatform.dll
10:41:06.0385 8020 C:\Windows\System32\WUDFPlatform.dll - ok
10:41:06.0388 8020 [ FE47B7BC8EA320C2D9B5E5BF6E303765 ] C:\Windows\System32\WUDFSvc.dll
10:41:06.0388 8020 C:\Windows\System32\WUDFSvc.dll - ok
10:41:06.0392 8020 [ 0B3595A4FF0B36D68E5FC67FD7D70FDC ] C:\Windows\winsxs\x86_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.6195_none_d09154e044272b9a\msvcp80.dll
10:41:06.0392 8020 C:\Windows\winsxs\x86_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.6195_none_d09154e044272b9a\msvcp80.dll - ok
10:41:06.0396 8020 [ E161BDB20AA7704A0F2803C5069A859C ] C:\Program Files\Toshiba\SmartFaceV\SmartFaceVCtrl.dll
10:41:06.0396 8020 C:\Program Files\Toshiba\SmartFaceV\SmartFaceVCtrl.dll - ok
10:41:06.0399 8020 [ F7611EC07349979DA9B0AE1F18CCC7A6 ] C:\Windows\System32\drivers\lltdio.sys
10:41:06.0399 8020 C:\Windows\System32\drivers\lltdio.sys - ok
10:41:06.0403 8020 [ 26384429FCD85D83746F63E798AB1480 ] C:\Windows\System32\drivers\nwifi.sys
10:41:06.0403 8020 C:\Windows\System32\drivers\nwifi.sys - ok
10:41:06.0406 8020 [ C9564CF4976E7E96B4052737AA2492B4 ] C:\Windows\winsxs\x86_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.6195_none_d09154e044272b9a\msvcr80.dll
10:41:06.0406 8020 C:\Windows\winsxs\x86_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.6195_none_d09154e044272b9a\msvcr80.dll - ok
10:41:06.0410 8020 [ D8A65DAFB3EB41CBB622745676FCD072 ] C:\Windows\System32\drivers\ndisuio.sys
10:41:06.0410 8020 C:\Windows\System32\drivers\ndisuio.sys - ok
10:41:06.0413 8020 [ 032B0D36AD92B582D869879F5AF5B928 ] C:\Windows\System32\drivers\rspndr.sys
10:41:06.0413 8020 C:\Windows\System32\drivers\rspndr.sys - ok
10:41:06.0416 8020 [ A90DC9ABD65DB1A8902F361103029952 ] C:\Windows\System32\IPHLPAPI.DLL
10:41:06.0416 8020 C:\Windows\System32\IPHLPAPI.DLL - ok
10:41:06.0419 8020 [ 55CA01BA19D0006C8F2639B6C045E08B ] C:\Windows\System32\lmhsvc.dll
10:41:06.0419 8020 C:\Windows\System32\lmhsvc.dll - ok
10:41:06.0422 8020 [ D2A937964199F647B1C3BC435712E5D9 ] C:\Windows\System32\nrpsrv.dll
10:41:06.0422 8020 C:\Windows\System32\nrpsrv.dll - ok
10:41:06.0425 8020 [ BA387E955E890C8A88306D9B8D06BF17 ] C:\Windows\System32\nsisvc.dll
10:41:06.0426 8020 C:\Windows\System32\nsisvc.dll - ok
10:41:06.0429 8020 [ CFF35B879D1618D42C86644C717BA947 ] C:\Windows\System32\winnsi.dll
10:41:06.0429 8020 C:\Windows\System32\winnsi.dll - ok
10:41:06.0432 8020 [ CA79539D3D4C0BA66F0F051A5EE5E923 ] C:\Windows\System32\cryptnet.dll
10:41:06.0432 8020 C:\Windows\System32\cryptnet.dll - ok
10:41:06.0435 8020 [ 96C0E38905CFD788313BE8E11DAE3F2F ] C:\Windows\System32\cryptsvc.dll
10:41:06.0435 8020 C:\Windows\System32\cryptsvc.dll - ok
10:41:06.0438 8020 [ E9E01EB683C132F7FA27CD607B8A2B63 ] C:\Windows\System32\dhcpcore.dll
10:41:06.0438 8020 C:\Windows\System32\dhcpcore.dll - ok
10:41:06.0441 8020 [ 33EF4861F19A0736B11314AAD9AE28D0 ] C:\Windows\System32\dnsrslvr.dll
10:41:06.0441 8020 C:\Windows\System32\dnsrslvr.dll - ok
10:41:06.0445 8020 [ 8600142FA91C1B96367D3300AD0F3F3A ] C:\Windows\System32\eapsvc.dll
10:41:06.0445 8020 C:\Windows\System32\eapsvc.dll - ok
10:41:06.0448 8020 [ AF75DBA674E55221B7A055B0A4345F16 ] C:\Windows\System32\keyiso.dll
10:41:06.0448 8020 C:\Windows\System32\keyiso.dll - ok
10:41:06.0452 8020 [ 512A9FC80129AF68F3395CEDA0ACC965 ] C:\Program Files\Toshiba\SmartFaceV\FaceRec.dll
10:41:06.0452 8020 C:\Program Files\Toshiba\SmartFaceV\FaceRec.dll - ok
10:41:06.0455 8020 [ 9A892B3439884C62B04718F0303A49E9 ] C:\Windows\System32\eapphost.dll
10:41:06.0455 8020 C:\Windows\System32\eapphost.dll - ok
10:41:06.0458 8020 [ 03A03A453F1AAAE0C73AAAF895321C7A ] C:\Windows\System32\FWPUCLNT.DLL
10:41:06.0458 8020 C:\Windows\System32\FWPUCLNT.DLL - ok
10:41:06.0462 8020 [ D5AEFAD57C08349A4393D987DF7C715D ] C:\Windows\System32\winmm.dll
10:41:06.0462 8020 C:\Windows\System32\winmm.dll - ok
10:41:06.0465 8020 [ 336DC743F3E6EECA74A48719D323E5A5 ] C:\Program Files\CheckPoint\ZoneAlarm\vsmon.exe
10:41:06.0465 8020 C:\Program Files\CheckPoint\ZoneAlarm\vsmon.exe - ok
10:41:06.0468 8020 [ D33E95C0A2754061233B58DC41F8094C ] C:\Windows\System32\umb.dll
10:41:06.0468 8020 C:\Windows\System32\umb.dll - ok
10:41:06.0471 8020 [ 2A3DBA2D82EBF9DA8950F76B440540BD ] C:\Program Files\Toshiba\SmartFaceV\FaceHI.dll
10:41:06.0471 8020 C:\Program Files\Toshiba\SmartFaceV\FaceHI.dll - ok
10:41:06.0473 8020 [ 1F2065C1262E2A6F26C3864177C535DC ] C:\Program Files\Toshiba\SmartFaceV\SmartFaceVLogOn.dll
10:41:06.0473 8020 C:\Program Files\Toshiba\SmartFaceV\SmartFaceVLogOn.dll - ok
10:41:06.0477 8020 [ 6D8CACF3B1B54943EFCF420C2D667B37 ] C:\Windows\System32\certCredProvider.dll
10:41:06.0477 8020 C:\Windows\System32\certCredProvider.dll - ok
10:41:06.0480 8020 [ B230D1B54017C2B56DAFE311DFEB0102 ] C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDCREDPROV.DLL
10:41:06.0480 8020 C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDCREDPROV.DLL - ok
10:41:06.0484 8020 [ FFE4BEC5C187C426A17AE76A773063A6 ] C:\Windows\System32\rasplap.dll
10:41:06.0484 8020 C:\Windows\System32\rasplap.dll - ok
10:41:06.0487 8020 [ 839F96DBAAFD3353E0B248A5E0BD2A51 ] C:\Windows\System32\rasapi32.dll
10:41:06.0487 8020 C:\Windows\System32\rasapi32.dll - ok
10:41:06.0490 8020 [ FFA7172354B9256DBB2CDD75F16F33FE ] C:\Windows\System32\rasman.dll
10:41:06.0490 8020 C:\Windows\System32\rasman.dll - ok
10:41:06.0493 8020 [ 0915C4DB6DBC3BB9E11B7ECBBE4B7159 ] C:\Windows\System32\rtutils.dll
10:41:06.0493 8020 C:\Windows\System32\rtutils.dll - ok
10:41:06.0497 8020 [ 13337A3FB17F2242487FD45488ED0485 ] C:\Windows\System32\vssapi.dll
10:41:06.0497 8020 C:\Windows\System32\vssapi.dll - ok
10:41:06.0500 8020 [ B940289C83121046BD6A60ACC6028593 ] C:\Windows\System32\vsstrace.dll
10:41:06.0500 8020 C:\Windows\System32\vsstrace.dll - ok
10:41:06.0503 8020 [ 9A85ABCE0FDD1AF8E79E731EB0B679F3 ] C:\Windows\System32\dhcpcsvc.dll
10:41:06.0503 8020 C:\Windows\System32\dhcpcsvc.dll - ok
10:41:06.0506 8020 [ 81F6C1AE23B1C493D9E996C3103915D7 ] C:\Windows\System32\dhcpcsvc6.dll
10:41:06.0506 8020 C:\Windows\System32\dhcpcsvc6.dll - ok
10:41:06.0509 8020 [ 100103C6535C66265267F5EEA5F5846E ] C:\Windows\System32\dnsext.dll
10:41:06.0509 8020 C:\Windows\System32\dnsext.dll - ok
10:41:06.0513 8020 [ EF71BA5DF59034962B0C62314A71351A ] C:\Windows\System32\dhcpcore6.dll
10:41:06.0513 8020 C:\Windows\System32\dhcpcore6.dll - ok
10:41:06.0516 8020 [ 808D8A8B2A3074002852BC856D419576 ] C:\Windows\System32\comres.dll
10:41:06.0516 8020 C:\Windows\System32\comres.dll - ok
10:41:06.0520 8020 [ 27B320442235D7C8721C8BFAB94A05C1 ] C:\Program Files\CheckPoint\ZoneAlarm\vsdata.dll
10:41:06.0520 8020 C:\Program Files\CheckPoint\ZoneAlarm\vsdata.dll - ok
10:41:06.0524 8020 [ F15B927FA96BA9D1098FA32FF02EA650 ] C:\Program Files\CheckPoint\ZoneAlarm\vsinit.dll
10:41:06.0524 8020 C:\Program Files\CheckPoint\ZoneAlarm\vsinit.dll - ok
10:41:06.0528 8020 [ 4C39358EBDD2FFCD9132A30E1EC31E16 ] C:\Windows\winsxs\x86_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.6161_none_50934f2ebcb7eb57\msvcp90.dll
10:41:06.0529 8020 C:\Windows\winsxs\x86_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.6161_none_50934f2ebcb7eb57\msvcp90.dll - ok
10:41:06.0532 8020 [ CDBE9690CF2B8409FACAD94FAC9479C9 ] C:\Windows\winsxs\x86_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.6161_none_50934f2ebcb7eb57\msvcr90.dll
10:41:06.0532 8020 C:\Windows\winsxs\x86_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.6161_none_50934f2ebcb7eb57\msvcr90.dll - ok
10:41:06.0536 8020 [ 0A50A861C65C5DB809CE57D1B6A93C00 ] C:\Program Files\CheckPoint\ZoneAlarm\vsutil.dll
10:41:06.0536 8020 C:\Program Files\CheckPoint\ZoneAlarm\vsutil.dll - ok
10:41:06.0539 8020 [ DF13A51A5C591887D2EC6AE64CEED0FA ] C:\Windows\System32\wsock32.dll
10:41:06.0539 8020 C:\Windows\System32\wsock32.dll - ok
10:41:06.0542 8020 [ BDAC1AA64495D0F7E1FF810EBBF1F018 ] C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_5.82.7601.17514_none_ec83dffa859149af\comctl32.dll
10:41:06.0542 8020 C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_5.82.7601.17514_none_ec83dffa859149af\comctl32.dll - ok
10:41:06.0546 8020 [ A12829E9974F57E9B5DBFEA7C93190F6 ] C:\Windows\System32\UXInit.dll
10:41:06.0546 8020 C:\Windows\System32\UXInit.dll - ok
10:41:06.0549 8020 [ D9C1A99EE9E8F6A30A22E8E87C1DF9DC ] C:\Windows\System32\atieclxx.exe
10:41:06.0549 8020 C:\Windows\System32\atieclxx.exe - ok
10:41:06.0552 8020 [ 76A338F26173FDE674B0F47A3E6E9869 ] C:\Windows\System32\atiadlxx.dll
10:41:06.0552 8020 C:\Windows\System32\atiadlxx.dll - ok
10:41:06.0556 8020 [ DD072705435259D5ABB5D7E0C348EB35 ] C:\Program Files\CheckPoint\ZoneAlarm\dbghelp.dll
10:41:06.0556 8020 C:\Program Files\CheckPoint\ZoneAlarm\dbghelp.dll - ok
10:41:06.0561 8020 [ D9C590B08696CC49ED31A32D3BE5AF6E ] C:\Windows\System32\atimuixx.dll
10:41:06.0561 8020 C:\Windows\System32\atimuixx.dll - ok
10:41:06.0564 8020 [ 66F67AA5A830BAED4CBBB00032AB0514 ] C:\Program Files\CheckPoint\ZoneAlarm\icslta.dll
10:41:06.0564 8020 C:\Program Files\CheckPoint\ZoneAlarm\icslta.dll - ok
10:41:06.0567 8020 [ AE60E56FBE0D1ACF6BF4A148A39B0E57 ] C:\Program Files\CheckPoint\ZoneAlarm\ssleay32.dll
10:41:06.0568 8020 C:\Program Files\CheckPoint\ZoneAlarm\ssleay32.dll - ok
10:41:06.0571 8020 [ 8E01332CC4B68BC6B5B7EFFE374442AA ] C:\Windows\System32\oleacc.dll
10:41:06.0571 8020 C:\Windows\System32\oleacc.dll - ok
10:41:06.0574 8020 [ FD049C25A168D3DE310D9207B7B6367B ] C:\Windows\System32\UIAutomationCore.dll
10:41:06.0574 8020 C:\Windows\System32\UIAutomationCore.dll - ok
10:41:06.0577 8020 [ 53A2AF18493B0F83BC4BDAA2F5F9633F ] C:\Program Files\CheckPoint\ZoneAlarm\vsdb.dll
10:41:06.0577 8020 C:\Program Files\CheckPoint\ZoneAlarm\vsdb.dll - ok
10:41:06.0581 8020 [ BB3CF9180711B6641ADD043C236D37F1 ] C:\Program Files\CheckPoint\ZoneAlarm\vsxml.dll
10:41:06.0581 8020 C:\Program Files\CheckPoint\ZoneAlarm\vsxml.dll - ok
10:41:06.0584 8020 [ 3C9035085141162416A0DD34DBF3F3C1 ] C:\Windows\System32\wlanmsm.dll
10:41:06.0584 8020 C:\Windows\System32\wlanmsm.dll - ok
10:41:06.0587 8020 [ 827CB0D6C3F8057EA037FF271F8E9795 ] C:\Windows\System32\imageres.dll
10:41:06.0587 8020 C:\Windows\System32\imageres.dll - ok
10:41:06.0590 8020 [ 20C06A50DFC097E134BC6FA8444CA9BC ] C:\Windows\System32\wlansec.dll
10:41:06.0590 8020 C:\Windows\System32\wlansec.dll - ok
10:41:06.0594 8020 [ F748F53FE09D21D8ECBB6421E6792024 ] C:\Windows\System32\onex.dll
10:41:06.0594 8020 C:\Windows\System32\onex.dll - ok
10:41:06.0597 8020 [ 666E57B6B51824D1D235F80A3DD70A13 ] C:\Windows\System32\eappprxy.dll

Continued log from TDSSKiller.

10:41:06.0597 8020 C:\Windows\System32\eappprxy.dll - ok
10:41:06.0600 8020 [ 5A5FEDDF02588B8F9FE4A95E5E7EAE97 ] C:\Windows\System32\eappcfg.dll
10:41:06.0600 8020 C:\Windows\System32\eappcfg.dll - ok
10:41:06.0603 8020 [ C1585EAA67C37A05BF6F93726FAFC069 ] C:\Windows\System32\l2gpstore.dll
10:41:06.0603 8020 C:\Windows\System32\l2gpstore.dll - ok
10:41:06.0606 8020 [ 749F9795F01C35EEBE100A87D82B9681 ] C:\Windows\System32\wlgpclnt.dll
10:41:06.0606 8020 C:\Windows\System32\wlgpclnt.dll - ok
10:41:06.0610 8020 [ 1D780D2F02D24678AEAFE55D38C2CDC8 ] C:\Program Files\CheckPoint\ZoneAlarm\fbl.dll
10:41:06.0610 8020 C:\Program Files\CheckPoint\ZoneAlarm\fbl.dll - ok
10:41:06.0613 8020 [ D9A9702E43A5859896F34898D5FD3FEC ] C:\Windows\System32\msxml6.dll
10:41:06.0613 8020 C:\Windows\System32\msxml6.dll - ok
10:41:06.0616 8020 [ 9419ABF3163B6F0E3AD3DD2B381C879F ] C:\Windows\System32\WinSCard.dll
10:41:06.0616 8020 C:\Windows\System32\WinSCard.dll - ok
10:41:06.0619 8020 [ 1D6A771D1D702AE07919DB52C889A249 ] C:\Windows\System32\wlanutil.dll
10:41:06.0619 8020 C:\Windows\System32\wlanutil.dll - ok
10:41:06.0623 8020 [ 3BC78CD7E60988D1BD8F62B929ED9B58 ] C:\Program Files\CheckPoint\ZoneAlarm\featuremap.dll
10:41:06.0623 8020 C:\Program Files\CheckPoint\ZoneAlarm\featuremap.dll - ok
10:41:06.0626 8020 [ D34FFF543D3199FC5C4A8C93F87F9E0A ] C:\Program Files\CheckPoint\ZoneAlarm\vswmi.dll
10:41:06.0626 8020 C:\Program Files\CheckPoint\ZoneAlarm\vswmi.dll - ok
10:41:06.0630 8020 [ 183A3084324183AE2DCE079AFB9E4BFB ] C:\Program Files\CheckPoint\ZoneAlarm\zlcomm.dll
10:41:06.0630 8020 C:\Program Files\CheckPoint\ZoneAlarm\zlcomm.dll - ok
10:41:06.0634 8020 [ 02735EA86556AD2E83A891DFE6021F9A ] C:\Program Files\CheckPoint\ZoneAlarm\zlcommdb.dll
10:41:06.0634 8020 C:\Program Files\CheckPoint\ZoneAlarm\zlcommdb.dll - ok
10:41:06.0637 8020 [ 9835584E999D25004E1EE8E5F3E3B881 ] C:\Windows\System32\MPSSVC.dll
10:41:06.0637 8020 C:\Windows\System32\MPSSVC.dll - ok
10:41:06.0640 8020 [ 6F44F5C0BC6B210FE5F5A1C8D899AD0A ] C:\Windows\System32\wlanext.exe
10:41:06.0640 8020 C:\Windows\System32\wlanext.exe - ok
10:41:06.0643 8020 [ 310E9119D0A1CFDF1DA897089B533D81 ] C:\Windows\System32\conhost.exe
10:41:06.0643 8020 C:\Windows\System32\conhost.exe - ok
10:41:06.0646 8020 [ 93720B6FA9943E3A03F49EC7C5619B60 ] C:\Windows\System32\bcmihvsrv.dll
10:41:06.0647 8020 C:\Windows\System32\bcmihvsrv.dll - ok
10:41:06.0650 8020 [ B010CF886420EE29C2C276646721D255 ] C:\Windows\System32\wlanapi.dll
10:41:06.0650 8020 C:\Windows\System32\wlanapi.dll - ok
10:41:06.0653 8020 [ 8B0B4C5927A333A05513791758350DC4 ] C:\Windows\System32\microsoft-windows-kernel-power-events.dll
10:41:06.0653 8020 C:\Windows\System32\microsoft-windows-kernel-power-events.dll - ok
10:41:06.0656 8020 [ 1FF7E4F548C7C372C804938F0D5B36AE ] C:\Windows\System32\netcfgx.dll
10:41:06.0657 8020 C:\Windows\System32\netcfgx.dll - ok
10:41:06.0660 8020 [ 7520EC808E0C35E0EE6F841294316653 ] C:\Windows\System32\drivers\fltMgr.sys
10:41:06.0660 8020 C:\Windows\System32\drivers\fltMgr.sys - ok
10:41:06.0663 8020 [ D93A937A2A9D2CBC06B3A615A197011F ] C:\Windows\System32\PSHED.DLL
10:41:06.0663 8020 C:\Windows\System32\PSHED.DLL - ok
10:41:06.0667 8020 [ 1F5497D7D3D79C7BF0AB0C8B4C5BFE6E ] C:\Windows\System32\microsoft-windows-kernel-processor-power-events.dll
10:41:06.0667 8020 C:\Windows\System32\microsoft-windows-kernel-processor-power-events.dll - ok
10:41:06.0670 8020 [ 5A24181282EC20C9D697DEDC9F938216 ] C:\Program Files\CheckPoint\ZoneAlarm\vsruledb.dll
10:41:06.0670 8020 C:\Program Files\CheckPoint\ZoneAlarm\vsruledb.dll - ok
10:41:06.0673 8020 [ 53ABA7774AD4D20F37D22667D202239E ] C:\Program Files\CheckPoint\ZoneAlarm\vsvault.dll
10:41:06.0673 8020 C:\Program Files\CheckPoint\ZoneAlarm\vsvault.dll - ok
10:41:06.0677 8020 [ 360360AD16EEA0B8BB8165D9D9C15503 ] C:\Program Files\CheckPoint\ZoneAlarm\scheduler.dll
10:41:06.0677 8020 C:\Program Files\CheckPoint\ZoneAlarm\scheduler.dll - ok
10:41:06.0680 8020 [ 3C87E3D3DE47CE97AC0D525C1C9686C3 ] C:\Program Files\CheckPoint\ZoneAlarm\zlupdate.dll
10:41:06.0680 8020 C:\Program Files\CheckPoint\ZoneAlarm\zlupdate.dll - ok
10:41:06.0683 8020 [ FD4E5A6ACBEE807F7D31E78C5877E192 ] C:\Program Files\CheckPoint\ZoneAlarm\zdx.dll
10:41:06.0683 8020 C:\Program Files\CheckPoint\ZoneAlarm\zdx.dll - ok
10:41:06.0687 8020 [ 8FA553E9AE69808D99C164733A0F9590 ] C:\Program Files\AVAST Software\Avast\AvastSvc.exe
10:41:06.0687 8020 C:\Program Files\AVAST Software\Avast\AvastSvc.exe - ok
10:41:06.0690 8020 [ EB398DED91CFF2F425610EAA2CCF2A23 ] C:\Program Files\AVAST Software\Avast\aswCmnBS.dll
10:41:06.0690 8020 C:\Program Files\AVAST Software\Avast\aswCmnBS.dll - ok
10:41:06.0694 8020 [ BABE99A18A382A5E2F99B48E0BC3E0D4 ] C:\Program Files\AVAST Software\Avast\aswCmnIS.dll
10:41:06.0694 8020 C:\Program Files\AVAST Software\Avast\aswCmnIS.dll - ok
10:41:06.0697 8020 [ 178B51198B7B46CD3C5E744474459A63 ] C:\Program Files\AVAST Software\Avast\aswCmnOS.dll
10:41:06.0697 8020 C:\Program Files\AVAST Software\Avast\aswCmnOS.dll - ok
10:41:06.0700 8020 [ 55AFA63F5F2A6CED0C09E2AFE57ECA8D ] C:\Program Files\AVAST Software\Avast\ashBase.dll
10:41:06.0700 8020 C:\Program Files\AVAST Software\Avast\ashBase.dll - ok
10:41:06.0704 8020 [ C515CAEC6B3C6970007954C0250A124C ] C:\Program Files\AVAST Software\Avast\aswEngLdr.dll
10:41:06.0704 8020 C:\Program Files\AVAST Software\Avast\aswEngLdr.dll - ok
10:41:06.0707 8020 [ 53223B673A3FA2F9A4D1C31C8D3F6CD8 ] C:\Windows\System32\dbghelp.dll
10:41:06.0707 8020 C:\Windows\System32\dbghelp.dll - ok
10:41:06.0710 8020 [ B316906B4A04DD39985350D29DE31068 ] C:\Program Files\AVAST Software\Avast\1033\Base.dll
10:41:06.0710 8020 C:\Program Files\AVAST Software\Avast\1033\Base.dll - ok
10:41:06.0714 8020 [ 977C54291BFA6FEE7FF865630E51757B ] C:\Program Files\AVAST Software\Avast\ashServ.dll
10:41:06.0714 8020 C:\Program Files\AVAST Software\Avast\ashServ.dll - ok
10:41:06.0717 8020 [ 465BEA35F7ED4A4A57686DEA7EA10F47 ] C:\Windows\System32\cscapi.dll
10:41:06.0717 8020 C:\Windows\System32\cscapi.dll - ok
10:41:06.0720 8020 [ 16CE3ED063923253905341C9AF850FE7 ] C:\Program Files\AVAST Software\Avast\ashTask.dll
10:41:06.0720 8020 C:\Program Files\AVAST Software\Avast\ashTask.dll - ok
10:41:06.0724 8020 [ 4FF19AC422B7709D786DE58B385C9647 ] C:\Program Files\AVAST Software\Avast\ashTaskEx.dll
10:41:06.0724 8020 C:\Program Files\AVAST Software\Avast\ashTaskEx.dll - ok
10:41:06.0726 8020 [ 045EE3DC56B12B404DC07848D8597C66 ] C:\Program Files\AVAST Software\Avast\aswAux.dll
10:41:06.0726 8020 C:\Program Files\AVAST Software\Avast\aswAux.dll - ok
10:41:06.0730 8020 [ 33112D12B95BD1DE18AF409D865DF10C ] C:\Program Files\CheckPoint\ZAForceField\ISWKL.sys
10:41:06.0730 8020 C:\Program Files\CheckPoint\ZAForceField\ISWKL.sys - ok
10:41:06.0733 8020 [ CFF1CD2C1CC8F5271967AA268982E878 ] C:\Program Files\CheckPoint\ZAForceField\ISWSVC.exe
10:41:06.0734 8020 C:\Program Files\CheckPoint\ZAForceField\ISWSVC.exe - ok
10:41:06.0737 8020 [ FCA9CC8611654B790DD6242BF862B7F5 ] C:\Program Files\AVAST Software\Avast\aswLog.dll
10:41:06.0737 8020 C:\Program Files\AVAST Software\Avast\aswLog.dll - ok
10:41:06.0740 8020 [ 6F8E3B7B70E1BBA871212940C1FBDF60 ] C:\Windows\System32\SensApi.dll
10:41:06.0740 8020 C:\Windows\System32\SensApi.dll - ok
10:41:06.0743 8020 [ 414DA952A35BF5D50192E28263B40577 ] C:\Windows\System32\shsvcs.dll
10:41:06.0744 8020 C:\Windows\System32\shsvcs.dll - ok
10:41:06.0747 8020 [ 0F08DFA0268ABB7190A6E5EDE06EFA06 ] C:\Program Files\CheckPoint\ZAForceField\ZDXUI.dll
10:41:06.0747 8020 C:\Program Files\CheckPoint\ZAForceField\ZDXUI.dll - ok
10:41:06.0750 8020 [ 23F7F730E14E77FC83BB4B55A844C3EF ] C:\Program Files\CheckPoint\ZAForceField\FFApi.dll
10:41:06.0750 8020 C:\Program Files\CheckPoint\ZAForceField\FFApi.dll - ok
10:41:06.0753 8020 [ E6D90DC604F407B3B5E0FD285E46B2A0 ] C:\Windows\System32\fveapi.dll
10:41:06.0753 8020 C:\Windows\System32\fveapi.dll - ok
10:41:06.0757 8020 [ EAFC149CD3BD78C443E31BB157841197 ] C:\Windows\System32\tbs.dll
10:41:06.0757 8020 C:\Windows\System32\tbs.dll - ok
10:41:06.0760 8020 [ 458560B0C21BCB08A04EFE1DD667189A ] C:\Program Files\CheckPoint\ZAForceField\ISWUL.dll
10:41:06.0760 8020 C:\Program Files\CheckPoint\ZAForceField\ISWUL.dll - ok
10:41:06.0763 8020 [ E71E83DA7D7845BA6868A1966D43B07F ] C:\Program Files\CheckPoint\ZAForceField\iswrcs.dll
10:41:06.0763 8020 C:\Program Files\CheckPoint\ZAForceField\iswrcs.dll - ok
10:41:06.0767 8020 [ 1A3FB4E84D8FE3801BE6B2220F1E38C4 ] C:\Program Files\CheckPoint\ZAForceField\Zdx.dll
10:41:06.0767 8020 C:\Program Files\CheckPoint\ZAForceField\Zdx.dll - ok
10:41:06.0770 8020 [ 6FBB36AA405CD6FB8A43263AE0026AB3 ] C:\Program Files\CheckPoint\ZAForceField\ISWUILib.dll
10:41:06.0770 8020 C:\Program Files\CheckPoint\ZAForceField\ISWUILib.dll - ok
10:41:06.0773 8020 [ 18AB2E5A40064ED5F7791AC5946A90F3 ] C:\Windows\System32\msimg32.dll
10:41:06.0774 8020 C:\Windows\System32\msimg32.dll - ok
10:41:06.0777 8020 [ 89A3EF1084ACE00797563FD1E1816960 ] C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWDMP.dll
10:41:06.0777 8020 C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWDMP.dll - ok
10:41:06.0780 8020 [ 82C49A6E9BA2BE32CC5EC29D46D61F66 ] C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWMENUS.dll
10:41:06.0781 8020 C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWMENUS.dll - ok
10:41:06.0784 8020 [ FEF29A62BB8E16B133E70072C9C5DC28 ] C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSTATS.dll
10:41:06.0784 8020 C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSTATS.dll - ok
10:41:06.0787 8020 [ 1F808F582249F69F600314E3BDC5972A ] C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWFWMON.dll
10:41:06.0787 8020 C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWFWMON.dll - ok
10:41:06.0791 8020 [ 54F6A185217F311E14C9CC0D09E42D52 ] C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWUPD.dll
10:41:06.0791 8020 C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWUPD.dll - ok
10:41:06.0795 8020 [ 0FC23C1779922059AFCE60C5B8A91AF5 ] C:\Program Files\CheckPoint\ZAForceField\ForceField.exe
10:41:06.0795 8020 C:\Program Files\CheckPoint\ZAForceField\ForceField.exe - ok
10:41:06.0798 8020 [ C87F28A34B3840F4B40011D170B1A159 ] C:\Windows\System32\fvecerts.dll
10:41:06.0798 8020 C:\Windows\System32\fvecerts.dll - ok
10:41:06.0801 8020 [ E2D56AE1D40E3725084054CD8E9CFBB1 ] C:\Windows\System32\wiarpc.dll
10:41:06.0801 8020 C:\Windows\System32\wiarpc.dll - ok
10:41:06.0804 8020 [ A63DC5C2EA944E6657203E0C8EDEAF61 ] C:\Windows\System32\dllhost.exe
10:41:06.0805 8020 C:\Windows\System32\dllhost.exe - ok
10:41:06.0808 8020 [ 0B31464B7B2D616BD5F7036673588EC1 ] C:\Windows\System32\IDStore.dll
10:41:06.0808 8020 C:\Windows\System32\IDStore.dll - ok
10:41:06.0811 8020 [ 3CA2BB895E204478C7A4C9BAF70970CE ] C:\Windows\System32\AtBroker.exe
10:41:06.0811 8020 C:\Windows\System32\AtBroker.exe - ok
10:41:06.0814 8020 [ B9A8CBCFCD3EC9D2EA4740AF347BF108 ] C:\Windows\System32\mpr.dll
10:41:06.0814 8020 C:\Windows\System32\mpr.dll - ok
10:41:06.0817 8020 [ 61AC3EFDFACFDD3F0F11DD4FD4044223 ] C:\Windows\System32\userinit.exe
10:41:06.0817 8020 C:\Windows\System32\userinit.exe - ok
10:41:06.0820 8020 [ A8CDF3768604FF95B54669E20053D569 ] C:\Windows\System32\wscapi.dll
10:41:06.0820 8020 C:\Windows\System32\wscapi.dll - ok
10:41:06.0824 8020 [ 8258362DDB18B644A82D8B5061AD9426 ] C:\Windows\System32\wscisvif.dll
10:41:06.0824 8020 C:\Windows\System32\wscisvif.dll - ok
10:41:06.0827 8020 [ 505BF4D1CADEB8D4F8BCD08D944DE25D ] C:\Windows\System32\dwm.exe
10:41:06.0827 8020 C:\Windows\System32\dwm.exe - ok
10:41:06.0830 8020 [ 754AFC50022C95DA7C86B7020DB78136 ] C:\Windows\System32\dwmredir.dll
10:41:06.0830 8020 C:\Windows\System32\dwmredir.dll - ok
10:41:06.0833 8020 [ 497E59D9F01C6F247E72222A61835119 ] C:\Windows\System32\dwmcore.dll
10:41:06.0833 8020 C:\Windows\System32\dwmcore.dll - ok
10:41:06.0837 8020 [ 231ED4A5F08F5318B33C6DD2AF0C13C2 ] C:\Program Files\CheckPoint\ZAForceField\Trustchecker\bin\TrustChecker.dll
10:41:06.0837 8020 C:\Program Files\CheckPoint\ZAForceField\Trustchecker\bin\TrustChecker.dll - ok
10:41:06.0840 8020 [ 2DE90400A63818FA38C4C5C9ADB166BF ] C:\Windows\System32\d3d10_1.dll
10:41:06.0840 8020 C:\Windows\System32\d3d10_1.dll - ok
10:41:06.0843 8020 [ 9C36A3CA80F9B204C670336D344F5DF8 ] C:\Windows\System32\d3d10_1core.dll
10:41:06.0843 8020 C:\Windows\System32\d3d10_1core.dll - ok
10:41:06.0846 8020 [ 0411B7958C524BB2E91EE1B3035FE321 ] C:\Windows\System32\dxgi.dll
10:41:06.0847 8020 C:\Windows\System32\dxgi.dll - ok
10:41:06.0850 8020 [ 6A12D0A9BD067BF2C8A6FDCB09D74504 ] C:\Windows\System32\aticfx32.dll
10:41:06.0850 8020 C:\Windows\System32\aticfx32.dll - ok
10:41:06.0853 8020 [ 96C2D4CBD403ED74971AC0BD1FC40120 ] C:\Windows\System32\atidxx32.dll
10:41:06.0853 8020 C:\Windows\System32\atidxx32.dll - ok
10:41:06.0856 8020 [ BDE2D4B682D529FEDCAC58697E6FFC79 ] C:\Windows\System32\atiuxpag.dll
10:41:06.0856 8020 C:\Windows\System32\atiuxpag.dll - ok
10:41:06.0859 8020 [ 8B88EBBB05A0E56B7DCC708498C02B3E ] C:\Windows\explorer.exe
10:41:06.0859 8020 C:\Windows\explorer.exe - ok
10:41:06.0863 8020 [ 9DA886B6FBC0AA69D36774844B370D90 ] C:\Program Files\CheckPoint\ZAForceField\ISWUL_MIN\ISWUL.dll
10:41:06.0863 8020 C:\Program Files\CheckPoint\ZAForceField\ISWUL_MIN\ISWUL.dll - ok
10:41:06.0866 8020 [ E2A17BCC08D92F42E08AF6BA2F93ABA7 ] C:\Windows\System32\ExplorerFrame.dll
10:41:06.0866 8020 C:\Windows\System32\ExplorerFrame.dll - ok
10:41:06.0869 8020 [ 2100560AF3F7F2948F2676E44DFB4ECF ] C:\Windows\System32\uDWM.dll
10:41:06.0869 8020 C:\Windows\System32\uDWM.dll - ok
10:41:06.0872 8020 [ 4D153BDE01AA3FD33414199052051549 ] C:\Program Files\AVAST Software\Avast\ashShell.dll
10:41:06.0872 8020 C:\Program Files\AVAST Software\Avast\ashShell.dll - ok
10:41:06.0876 8020 [ A6C29DB53ECA94FA8591C5388D604B82 ] C:\Windows\System32\msi.dll
10:41:06.0876 8020 C:\Windows\System32\msi.dll - ok
10:41:06.0879 8020 [ B950289EEE38651A3E24CBB33962D29F ] C:\Program Files\CheckPoint\ZAForceField\Plugins\updating.dll
10:41:06.0879 8020 C:\Program Files\CheckPoint\ZAForceField\Plugins\updating.dll - ok
10:41:06.0883 8020 [ DE90100850C224D18902570B8A44A58B ] C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll
10:41:06.0883 8020 C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll - ok
10:41:06.0886 8020 [ 846D0E4DB261CFAF363902E41498E961 ] C:\Windows\System32\EhStorShell.dll
10:41:06.0886 8020 C:\Windows\System32\EhStorShell.dll - ok
10:41:06.0889 8020 [ 03F3B770DFBED6131653CEDA8CA780F0 ] C:\Windows\System32\ntshrui.dll
10:41:06.0889 8020 C:\Windows\System32\ntshrui.dll - ok
10:41:06.0893 8020 [ DFF6D43BBBBF75A797A79AA5D31C6F13 ] C:\Program Files\CheckPoint\ZAForceField\Plugins\SiteChecker.dll
10:41:06.0893 8020 C:\Program Files\CheckPoint\ZAForceField\Plugins\SiteChecker.dll - ok
10:41:06.0896 8020 [ 523CF74A52C9A1762DA8B83AEE734498 ] C:\Windows\System32\IconCodecService.dll
10:41:06.0896 8020 C:\Windows\System32\IconCodecService.dll - ok
10:41:06.0900 8020 [ C7D789DF7DA3813DD70D8B19D5A308B5 ] C:\Program Files\CheckPoint\ZAForceField\Trustchecker\bin\samplesites.dll
10:41:06.0900 8020 C:\Program Files\CheckPoint\ZAForceField\Trustchecker\bin\samplesites.dll - ok
10:41:06.0903 8020 [ FB19FC5951A88F3C523E35C2C98D23C0 ] C:\Windows\System32\webio.dll
10:41:06.0903 8020 C:\Windows\System32\webio.dll - ok
10:41:06.0906 8020 [ CA9F7888B524D8100B977C81F44C3234 ] C:\Windows\System32\winhttp.dll
10:41:06.0906 8020 C:\Windows\System32\winhttp.dll - ok
10:41:06.0910 8020 [ F186897E0A3B9D0784041221D0265069 ] C:\Program Files\AVAST Software\Avast\aswSqLt.dll
10:41:06.0910 8020 C:\Program Files\AVAST Software\Avast\aswSqLt.dll - ok
10:41:06.0913 8020 [ ED12110CD5BFE686F645E145A7DD28C5 ] C:\Windows\System32\comsvcs.dll
10:41:06.0913 8020 C:\Windows\System32\comsvcs.dll - ok
10:41:06.0916 8020 [ 680FAD4AF9C6F910F28D1FB579068740 ] C:\Program Files\CheckPoint\ZAForceField\Trustchecker\bin\liblua.dll
10:41:06.0917 8020 C:\Program Files\CheckPoint\ZAForceField\Trustchecker\bin\liblua.dll - ok
10:41:06.0920 8020 [ C586F6FCBF3A05971CE6B20A47F3EFA9 ] C:\Program Files\CheckPoint\ZAForceField\Trustchecker\bin\libtextcat.dll
10:41:06.0920 8020 C:\Program Files\CheckPoint\ZAForceField\Trustchecker\bin\libtextcat.dll - ok
10:41:06.0924 8020 [ 88C2756F53A11EA5A84FEF16A3728FEF ] C:\Program Files\CheckPoint\ZAForceField\Trustchecker\bin\TCData.dll
10:41:06.0924 8020 C:\Program Files\CheckPoint\ZAForceField\Trustchecker\bin\TCData.dll - ok
10:41:06.0927 8020 [ 6F367A9B88CFDD46F42C1D11E5CB7964 ] C:\Program Files\AVAST Software\Avast\Aavm4h.dll
10:41:06.0927 8020 C:\Program Files\AVAST Software\Avast\Aavm4h.dll - ok
10:41:06.0931 8020 [ 12B9869E74F9E698F550F04F8989C591 ] C:\Program Files\AVAST Software\Avast\aswProperty.dll
10:41:06.0931 8020 C:\Program Files\AVAST Software\Avast\aswProperty.dll - ok
10:41:06.0934 8020 [ C2434DEA392826C1687D9BD7FA4845BC ] C:\Program Files\AVAST Software\Avast\AavmRpch.dll
10:41:06.0934 8020 C:\Program Files\AVAST Software\Avast\AavmRpch.dll - ok
10:41:06.0937 8020 [ 264B5D8F4C70A26749FF2CEDDE06BA30 ] C:\Program Files\AVAST Software\Avast\aswDld.dll
10:41:06.0938 8020 C:\Program Files\AVAST Software\Avast\aswDld.dll - ok
10:41:06.0941 8020 [ 902F670F58193A2BC30AA342B11B2C7B ] C:\Program Files\AVAST Software\Avast\aswIdle.dll
10:41:06.0941 8020 C:\Program Files\AVAST Software\Avast\aswIdle.dll - ok
10:41:06.0945 8020 [ 273FD83FC8C4E12F8C55381674F92A44 ] C:\Program Files\AVAST Software\Avast\aswStrm.dll
10:41:06.0945 8020 C:\Program Files\AVAST Software\Avast\aswStrm.dll - ok
10:41:06.0948 8020 [ 0B7E85364CB878E2AD531DB7B601A9E5 ] C:\Windows\System32\NapiNSP.dll
10:41:06.0948 8020 C:\Windows\System32\NapiNSP.dll - ok
10:41:06.0951 8020 [ 12B79422A23814429CDA9E734C58F78F ] C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDNSP.DLL
10:41:06.0951 8020 C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDNSP.DLL - ok
10:41:06.0954 8020 [ 5CF640EDDB1E40A5AB1BB743BCDEC610 ] C:\Windows\System32\pnrpnsp.dll
10:41:06.0954 8020 C:\Windows\System32\pnrpnsp.dll - ok
10:41:06.0957 8020 [ ED6EE83D61EBC683C2CD8E899EA6FEBE ] C:\Windows\System32\rasadhlp.dll
10:41:06.0957 8020 C:\Windows\System32\rasadhlp.dll - ok
10:41:06.0961 8020 [ 5DF5D8CFD9B9573FA3B2C89D9061A240 ] C:\Windows\System32\winrnr.dll
10:41:06.0961 8020 C:\Windows\System32\winrnr.dll - ok
10:41:06.0964 8020 [ A04BB13F8A72F8B6E8B4071723E4E336 ] C:\Windows\System32\schedsvc.dll
10:41:06.0964 8020 C:\Windows\System32\schedsvc.dll - ok
10:41:06.0967 8020 [ 9184FA2B677CBF2F8E26098980E47304 ] C:\Program Files\AVAST Software\Avast\defs\12121801\aswEngin.dll
10:41:06.0967 8020 C:\Program Files\AVAST Software\Avast\defs\12121801\aswEngin.dll - ok
10:41:06.0971 8020 [ A94AF354E4EA9C835DCF3E60EC75911C ] C:\Program Files\AVAST Software\Avast\defs\12121801\aswCmnOS.dll
10:41:06.0971 8020 C:\Program Files\AVAST Software\Avast\defs\12121801\aswCmnOS.dll - ok
10:41:06.0974 8020 [ F8AC522C1DAEED05BDA7C0E4E394BCD7 ] C:\Program Files\AVAST Software\Avast\defs\12121801\aswCmnIS.dll
10:41:06.0974 8020 C:\Program Files\AVAST Software\Avast\defs\12121801\aswCmnIS.dll - ok
10:41:06.0977 8020 [ 1E7EAFF858538C516D7358C360605E3A ] C:\Program Files\AVAST Software\Avast\defs\12121801\aswCmnBS.dll
10:41:06.0977 8020 C:\Program Files\AVAST Software\Avast\defs\12121801\aswCmnBS.dll - ok
10:41:06.0980 8020 [ 2E929D6CF669AEF225552EEA9BE7E150 ] C:\Program Files\AVAST Software\Avast\defs\12121801\aswScan.dll
10:41:06.0980 8020 C:\Program Files\AVAST Software\Avast\defs\12121801\aswScan.dll - ok
10:41:06.0984 8020 [ 1752EE915B9003E1FD1FFB4DE63E538B ] C:\Program Files\AVAST Software\Avast\defs\12121801\aswRep.dll
10:41:06.0984 8020 C:\Program Files\AVAST Software\Avast\defs\12121801\aswRep.dll - ok
10:41:06.0987 8020 [ CE7828A0EA430338BBCFFC6914462BAA ] C:\Program Files\AVAST Software\Avast\defs\12121801\aswFiDb.dll
10:41:06.0988 8020 C:\Program Files\AVAST Software\Avast\defs\12121801\aswFiDb.dll - ok
10:41:06.0991 8020 [ B17E0B8CF8B8EADFA2C8FE8FA9A6238D ] C:\Program Files\AVAST Software\Avast\defs\12121801\algo.dll
10:41:06.0991 8020 C:\Program Files\AVAST Software\Avast\defs\12121801\algo.dll - ok
10:41:06.0995 8020 [ D025E95247353BA8ADB53CFF3A4E5BBB ] C:\Program Files\AVAST Software\Avast\Setup\setiface.dll
10:41:06.0995 8020 C:\Program Files\AVAST Software\Avast\Setup\setiface.dll - ok
10:41:06.0998 8020 [ 38B13C0DF479DBA23ECFA815159BA86E ] C:\Windows\System32\ktmw32.dll
10:41:06.0998 8020 C:\Windows\System32\ktmw32.dll - ok
10:41:07.0001 8020 [ 1C3E8371377E988B683797A132EFFE1B ] C:\Windows\System32\taskcomp.dll
10:41:07.0001 8020 C:\Windows\System32\taskcomp.dll - ok
10:41:07.0004 8020 [ 871917B07A141BFF43D76D8844D48106 ] C:\Windows\System32\drivers\http.sys
10:41:07.0004 8020 C:\Windows\System32\drivers\http.sys - ok
10:41:07.0006 8020 [ 9AEA093B8F9C37CF45538382CABA2475 ] C:\Windows\System32\spoolsv.exe
10:41:07.0006 8020 C:\Windows\System32\spoolsv.exe - ok
10:41:07.0010 8020 [ 7FA8BA5A780E4757964AC9D4238302B9 ] C:\Windows\System32\taskhost.exe
10:41:07.0010 8020 C:\Windows\System32\taskhost.exe - ok
10:41:07.0013 8020 [ 1E2BAC209D184BB851E1A187D8A29136 ] C:\Windows\System32\BFE.DLL
10:41:07.0013 8020 C:\Windows\System32\BFE.DLL - ok
10:41:07.0016 8020 [ 1F27643C4C626457FCE8F047AE1CD7E1 ] C:\Windows\System32\dxva2.dll
10:41:07.0016 8020 C:\Windows\System32\dxva2.dll - ok
10:41:07.0019 8020 [ 7F8678C59F188528D60104E697C2361E ] C:\Windows\System32\mscms.dll
10:41:07.0019 8020 C:\Windows\System32\mscms.dll - ok
10:41:07.0022 8020 [ F58516E2DC0D963EF70D6BFC21FD82C4 ] C:\Windows\System32\PlaySndSrv.dll
10:41:07.0022 8020 C:\Windows\System32\PlaySndSrv.dll - ok
10:41:07.0026 8020 [ 7319102526BD11B45FD66335CF90CA12 ] C:\Windows\System32\HotStartUserAgent.dll
10:41:07.0026 8020 C:\Windows\System32\HotStartUserAgent.dll - ok
10:41:07.0029 8020 [ B43687C534A49700BF4B3C9898763752 ] C:\Windows\System32\MsCtfMonitor.dll
10:41:07.0029 8020 C:\Windows\System32\MsCtfMonitor.dll - ok
10:41:07.0032 8020 [ 56CEED370508F69A1BA04939BD1BADDA ] C:\Windows\System32\msutb.dll
10:41:07.0032 8020 C:\Windows\System32\msutb.dll - ok
10:41:07.0035 8020 [ 8F2DA3028D5FCBD1A060A3DE64CD6506 ] C:\Windows\System32\drivers\bowser.sys
10:41:07.0035 8020 C:\Windows\System32\drivers\bowser.sys - ok
10:41:07.0038 8020 [ AD2723A7B53DD1AACAE6AD8C0BFBF4D0 ] C:\Windows\System32\drivers\mpsdrv.sys
10:41:07.0038 8020 C:\Windows\System32\drivers\mpsdrv.sys - ok
10:41:07.0042 8020 [ 5D16C921E3671636C0EBA3BBAAC5FD25 ] C:\Windows\System32\drivers\mrxsmb.sys
10:41:07.0042 8020 C:\Windows\System32\drivers\mrxsmb.sys - ok
10:41:07.0045 8020 [ 6D17A4791ACA19328C685D256349FEFC ] C:\Windows\System32\drivers\mrxsmb10.sys
10:41:07.0045 8020 C:\Windows\System32\drivers\mrxsmb10.sys - ok
10:41:07.0049 8020 [ B81F204D146000BE76651A50670A5E9E ] C:\Windows\System32\drivers\mrxsmb20.sys
10:41:07.0049 8020 C:\Windows\System32\drivers\mrxsmb20.sys - ok
10:41:07.0052 8020 [ 019C372B1A9DA73A22D0D35A4D40F5C9 ] C:\Windows\System32\wfapigp.dll
10:41:07.0052 8020 C:\Windows\System32\wfapigp.dll - ok
10:41:07.0056 8020 [ 58405E4F68BA8E4057C6E914F326ABA2 ] C:\Windows\System32\wkssvc.dll
10:41:07.0056 8020 C:\Windows\System32\wkssvc.dll - ok
10:41:07.0059 8020 [ B1EA9681502EE57F87DB71D726288A5B ] C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
10:41:07.0059 8020 C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe - ok
10:41:07.0063 8020 [ 2EA877ED5DD9713C5AC74E8EA7348D14 ] C:\Windows\System32\drivers\parport.sys
10:41:07.0063 8020 C:\Windows\System32\drivers\parport.sys - ok
10:41:07.0066 8020 [ 4F2659160AFCCA990305816946F69407 ] C:\Windows\System32\taskeng.exe
10:41:07.0066 8020 C:\Windows\System32\taskeng.exe - ok
10:41:07.0070 8020 [ 6163664C7E9CD110AF70180C126C3FDC ] C:\Program Files\Microsoft Small Business\Business Contact Manager\BcmSqlStartupSvc.exe
10:41:07.0070 8020 C:\Program Files\Microsoft Small Business\Business Contact Manager\BcmSqlStartupSvc.exe - ok
10:41:07.0073 8020 [ 358AB7956D3160000726574083DFC8A6 ] C:\Windows\System32\pcasvc.dll
10:41:07.0073 8020 C:\Windows\System32\pcasvc.dll - ok
10:41:07.0076 8020 [ 6A984831644ECA1A33FFEAE4126F4F37 ] C:\Windows\System32\snmptrap.exe
10:41:07.0076 8020 C:\Windows\System32\snmptrap.exe - ok
10:41:07.0080 8020 [ A86F5616EACB7155998011CEFFFB52F6 ] C:\Windows\System32\RdpGroupPolicyExtension.dll
10:41:07.0080 8020 C:\Windows\System32\RdpGroupPolicyExtension.dll - ok
10:41:07.0083 8020 [ 8EC04CA86F1D68DA9E11952EB85973D6 ] C:\Windows\System32\dps.dll
10:41:07.0083 8020 C:\Windows\System32\dps.dll - ok
10:41:07.0086 8020 [ F95622F161474511B8D80D6B093AA610 ] C:\Windows\System32\IKEEXT.DLL
10:41:07.0086 8020 C:\Windows\System32\IKEEXT.DLL - ok
10:41:07.0089 8020 [ DBC02D918FFF1CAD628ACBE0C0EAA8E8 ] C:\Windows\System32\provsvc.dll
10:41:07.0089 8020 C:\Windows\System32\provsvc.dll - ok
10:41:07.0092 8020 [ D318F23BE45D5E3A107469EB64815B50 ] C:\Windows\System32\sstpsvc.dll
10:41:07.0092 8020 C:\Windows\System32\sstpsvc.dll - ok
10:41:07.0095 8020 [ 5845B1C54380FB980F68024B3A8B1E66 ] C:\Windows\System32\vpnikeapi.dll
10:41:07.0095 8020 C:\Windows\System32\vpnikeapi.dll - ok
10:41:07.0099 8020 [ 659E04E74135927CA6D7BC5E75C84417 ] C:\Windows\System32\TSChannel.dll
10:41:07.0099 8020 C:\Windows\System32\TSChannel.dll - ok
10:41:07.0102 8020 [ 51138BEEA3E2C21EC44D0932C71762A8 ] C:\Windows\System32\rundll32.exe
10:41:07.0102 8020 C:\Windows\System32\rundll32.exe - ok
10:41:07.0105 8020 [ DBC1136A62BD4DECC3632DF650284C2E ] C:\Program Files\Intel\Intel® Management Engine Components\LMS\LMS.exe
10:41:07.0105 8020 C:\Program Files\Intel\Intel® Management Engine Components\LMS\LMS.exe - ok
10:41:07.0109 8020 [ 506708142BC63DABA64F2D3AD1DCD5BF ] C:\Program Files\Google\Update\GoogleUpdate.exe
10:41:07.0109 8020 C:\Program Files\Google\Update\GoogleUpdate.exe - ok
10:41:07.0112 8020 [ 85B16A92B117A5A800032ECD904B86DB ] C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe
10:41:07.0112 8020 C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe - ok
10:41:07.0115 8020 [ 544EFF88AC6C85DF5A4D6F18DFE08CFC ] C:\Windows\System32\taskschd.dll
10:41:07.0115 8020 C:\Windows\System32\taskschd.dll - ok
10:41:07.0119 8020 [ C0F7C25EEFB1C5FD554AAA801201A83C ] C:\Program Files\Malwarebytes' Anti-Malware\mbam.dll
10:41:07.0119 8020 C:\Program Files\Malwarebytes' Anti-Malware\mbam.dll - ok
10:41:07.0123 8020 [ A8AD2773202A3913D1E1564BD5703183 ] C:\Program Files\Malwarebytes' Anti-Malware\mbamnet.dll
10:41:07.0123 8020 C:\Program Files\Malwarebytes' Anti-Malware\mbamnet.dll - ok
10:41:07.0126 8020 [ 20E2469DB709FC675E655CEAA11BE312 ] C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
10:41:07.0126 8020 C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe - ok
10:41:07.0130 8020 [ 8EB9DF4D405524D5EF69AE9ECB0EDD16 ] C:\Program Files\Malwarebytes' Anti-Malware\mbamcore.dll
10:41:07.0130 8020 C:\Program Files\Malwarebytes' Anti-Malware\mbamcore.dll - ok
10:41:07.0133 8020 [ C9EAFDA6575D7ABAA4C704B78768564C ] C:\Program Files\Yuna Software\Messenger Plus! for Skype\MsgPlusForSkypeService.exe
10:41:07.0133 8020 C:\Program Files\Yuna Software\Messenger Plus! for Skype\MsgPlusForSkypeService.exe - ok
10:41:07.0137 8020 [ 2B92A88E329F4845D31941967A3BAA90 ] C:\Program Files\Yuna Software\Messenger Plus! for Skype\msvcr100.dll
10:41:07.0137 8020 C:\Program Files\Yuna Software\Messenger Plus! for Skype\msvcr100.dll - ok
10:41:07.0140 8020 [ 1EBE9524683C7C4EED8B8BC93FB6FBCC ] C:\Windows\System32\fltLib.dll
10:41:07.0140 8020 C:\Windows\System32\fltLib.dll - ok
10:41:07.0143 8020 [ 07F7AE68602448F4B6D5A9A40BBA977C ] C:\Program Files\Google\Update\1.3.21.124\goopdate.dll
10:41:07.0143 8020 C:\Program Files\Google\Update\1.3.21.124\goopdate.dll - ok
10:41:07.0147 8020 [ 96C70BD48D49B87475F4572DEDC62EB9 ] C:\Windows\AppPatch\AcLayers.dll
10:41:07.0147 8020 C:\Windows\AppPatch\AcLayers.dll - ok
10:41:07.0150 8020 [ 9E4B0E7472B4CEBA9E17F440B8CB0AB8 ] C:\Windows\System32\winspool.drv
10:41:07.0150 8020 C:\Windows\System32\winspool.drv - ok
10:41:07.0153 8020 [ 940B466DF86678D49AD41CE3D9387E5F ] C:\Program Files\Garena Messenger\ggspawn.dll
10:41:07.0153 8020 C:\Program Files\Garena Messenger\ggspawn.dll - ok
10:41:07.0156 8020 [ 9C09AF87AC7351985AB5FFBA3FC52575 ] C:\Program Files\AVAST Software\Avast\AhResBhv.dll
10:41:07.0157 8020 C:\Program Files\AVAST Software\Avast\AhResBhv.dll - ok
10:41:07.0160 8020 [ E844C96552989FA1ECA95778583A904C ] C:\Program Files\AVAST Software\Avast\AhResJs.dll
10:41:07.0160 8020 C:\Program Files\AVAST Software\Avast\AhResJs.dll - ok
10:41:07.0163 8020 [ 17F5861A03516864A5F4CC04C7324278 ] C:\Program Files\AVAST Software\Avast\AhResMai.dll
10:41:07.0163 8020 C:\Program Files\AVAST Software\Avast\AhResMai.dll - ok
10:41:07.0167 8020 [ 8BEC10C53E927CD5E442FE332804F1AC ] C:\Program Files\AVAST Software\Avast\AhResMes.dll
10:41:07.0167 8020 C:\Program Files\AVAST Software\Avast\AhResMes.dll - ok
10:41:07.0170 8020 [ 9B2F20ECF609EDF54FEC43E792028261 ] C:\Program Files\AVAST Software\Avast\AhResNS.dll
10:41:07.0170 8020 C:\Program Files\AVAST Software\Avast\AhResNS.dll - ok
10:41:07.0173 8020 [ 857661F2E5A677CFB6D3B2CF6E428227 ] C:\Program Files\AVAST Software\Avast\AhResP2P.dll
10:41:07.0174 8020 C:\Program Files\AVAST Software\Avast\AhResP2P.dll - ok
10:41:07.0177 8020 [ 2466ED58B8EFB3320BCA73ACF8179D24 ] C:\Program Files\AVAST Software\Avast\AhResStd.dll
10:41:07.0177 8020 C:\Program Files\AVAST Software\Avast\AhResStd.dll - ok
10:41:07.0180 8020 [ 5D9550E02D981B92B133E5F8F7BDF8D2 ] C:\Program Files\AVAST Software\Avast\AhResWS.dll
10:41:07.0180 8020 C:\Program Files\AVAST Software\Avast\AhResWS.dll - ok
10:41:07.0184 8020 [ 72A7C1EC4D3BF38CB115395AD721AE3C ] C:\Program Files\AVAST Software\Avast\defs\12121801\ArPot.dll
10:41:07.0184 8020 C:\Program Files\AVAST Software\Avast\defs\12121801\ArPot.dll - ok
10:41:07.0187 8020 [ 1ABFFB6ABE8B70EDA4206F0F3D3D72F4 ] C:\Program Files\AVAST Software\Avast\ashMaiSv.dll
10:41:07.0187 8020 C:\Program Files\AVAST Software\Avast\ashMaiSv.dll - ok
10:41:07.0191 8020 [ CFB3EEDF620E7F32464A3091BA76D5E8 ] C:\Program Files\AVAST Software\Avast\defs\12121801\exts.dll
10:41:07.0191 8020 C:\Program Files\AVAST Software\Avast\defs\12121801\exts.dll - ok
10:41:07.0194 8020 [ 39EADCAA61372C038BCFED96DF5323DA ] C:\Program Files\AVAST Software\Avast\ashWebSv.dll
10:41:07.0194 8020 C:\Program Files\AVAST Software\Avast\ashWebSv.dll - ok
10:41:07.0198 8020 [ 26BA928D3FBA2A12589A8A9B1A47FB08 ] C:\Program Files\AVAST Software\Avast\defs\12121801\aswAR.dll
10:41:07.0198 8020 C:\Program Files\AVAST Software\Avast\defs\12121801\aswAR.dll - ok
10:41:07.0201 8020 [ 0D0FA4434A9434641AB0A6332AC5560A ] C:\Program Files\AVAST Software\Avast\defs\12121801\aswRawFS.dll
10:41:07.0201 8020 C:\Program Files\AVAST Software\Avast\defs\12121801\aswRawFS.dll - ok
10:41:07.0205 8020 [ AE5A69F44C1F97EDC83237FC0B29B6FB ] C:\Program Files\Google\Update\1.3.21.124\GoogleCrashHandler.exe
10:41:07.0205 8020 C:\Program Files\Google\Update\1.3.21.124\GoogleCrashHandler.exe - ok
10:41:07.0208 8020 [ 4F6E72B34ED3DC53DCC5E8708E60B61F ] C:\Windows\System32\security.dll
10:41:07.0208 8020 C:\Windows\System32\security.dll - ok
10:41:07.0211 8020 [ 96386E75BCFED6F339BE01359D6CBFAF ] C:\Program Files\AVAST Software\Avast\ashWsFtr.dll
10:41:07.0211 8020 C:\Program Files\AVAST Software\Avast\ashWsFtr.dll - ok
10:41:07.0215 8020 [ D79D3EABD4730970770EFA530D094E0F ] C:\Program Files\AVAST Software\Avast\snxhk.dll
10:41:07.0215 8020 C:\Program Files\AVAST Software\Avast\snxhk.dll - ok
10:41:07.0218 8020 [ C5A99A4C0DC9F0F5A95BA0C83D30A549 ] C:\Windows\System32\mstask.dll
10:41:07.0218 8020 C:\Windows\System32\mstask.dll - ok
10:41:07.0221 8020 [ 12E33DD823D74680DE6F33BFA359EFB3 ] C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe
10:41:07.0221 8020 C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe - ok
10:41:07.0225 8020 [ 837608240884733792DDAE81E50B802A ] C:\Program Files\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe
10:41:07.0225 8020 C:\Program Files\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe - ok
10:41:07.0227 8020 [ D6D4130C0BBC0D18C2DA703CC38260A9 ] C:\Program Files\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlos.dll
10:41:07.0227 8020 C:\Program Files\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlos.dll - ok
10:41:07.0231 8020 [ E111CED19D6A9FF9BBA5C219D0C5A3CE ] C:\Program Files\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\opends60.dll
10:41:07.0231 8020 C:\Program Files\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\opends60.dll - ok
10:41:07.0234 8020 [ 7B193BA3F0245D5867B71AD1CF631474 ] C:\Program Files\Microsoft SQL Server\90\Shared\instapi.dll
10:41:07.0235 8020 C:\Program Files\Microsoft SQL Server\90\Shared\instapi.dll - ok
10:41:07.0238 8020 [ 1AF54261C283BAFB021B3D84A7BAE978 ] C:\Program Files\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\SQLBOOT.dll
10:41:07.0238 8020 C:\Program Files\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\SQLBOOT.dll - ok
10:41:07.0241 8020 [ 7CCCFCA7510684768DA22092D1FA4DB2 ] C:\Windows\System32\netman.dll
10:41:07.0241 8020 C:\Windows\System32\netman.dll - ok
10:41:07.0244 8020 [ 9E0104BA49F4E6973749A02BF41344ED ] C:\Windows\System32\drivers\PEAuth.sys
10:41:07.0244 8020 C:\Windows\System32\drivers\PEAuth.sys - ok
10:41:07.0248 8020 [ 374071043F9E4231EE43BE2BB48DD36D ] C:\Windows\System32\nlasvc.dll
10:41:07.0248 8020 C:\Windows\System32\nlasvc.dll - ok
10:41:07.0251 8020 [ 247FE8DEFBB95A4319C7B4B215F92891 ] C:\Program Files\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\Resources\1033\sqlevn70.rll
10:41:07.0251 8020 C:\Program Files\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\Resources\1033\sqlevn70.rll - ok
10:41:07.0254 8020 [ 90A3935D05B494A5A39D37E71F09A677 ] C:\Windows\System32\drivers\secdrv.sys
10:41:07.0254 8020 C:\Windows\System32\drivers\secdrv.sys - ok
10:41:07.0258 8020 [ 140D9F911182357626165EA0BEB98C4F ] C:\Windows\System32\ncsi.dll
10:41:07.0258 8020 C:\Windows\System32\ncsi.dll - ok
10:41:07.0261 8020 [ A4FAB5F7818A69DA6E740943CB8F7CA9 ] C:\Program Files\Skype\Updater\Updater.exe
10:41:07.0261 8020 C:\Program Files\Skype\Updater\Updater.exe - ok
10:41:07.0264 8020 [ A59B3A4442C52060CC7A85293AA3546F ] C:\Windows\System32\seclogon.dll
10:41:07.0264 8020 C:\Windows\System32\seclogon.dll - ok
10:41:07.0268 8020 [ 28E2231BD34A39C854BDF3923AB2FF86 ] C:\Windows\System32\ssdpapi.dll
10:41:07.0268 8020 C:\Windows\System32\ssdpapi.dll - ok
10:41:07.0271 8020 [ 86EBD8B1F23E743AAD21F4D5B4D40985 ] C:\Program Files\Microsoft SQL Server\90\Shared\sqlbrowser.exe
10:41:07.0271 8020 C:\Program Files\Microsoft SQL Server\90\Shared\sqlbrowser.exe - ok
10:41:07.0275 8020 [ D89083C4EB02DACA8F944B0E05E57F9D ] C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
10:41:07.0275 8020 C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe - ok
10:41:07.0279 8020 [ 72910F1DEB838E6E08A9017BFB7D4F0B ] C:\Windows\System32\browcli.dll
10:41:07.0279 8020 C:\Windows\System32\browcli.dll - ok
10:41:07.0283 8020 [ 0D77436DA61BE7338BC600F0D8773331 ] C:\Program Files\Microsoft SQL Server\90\Shared\sqlwvss.dll
10:41:07.0283 8020 C:\Program Files\Microsoft SQL Server\90\Shared\sqlwvss.dll - ok
10:41:07.0287 8020 [ BE6BD660CAA6F291AE06A718A4FA8ABC ] C:\Windows\System32\drivers\srvnet.sys
10:41:07.0287 8020 C:\Windows\System32\drivers\srvnet.sys - ok
10:41:07.0291 8020 [ D83947A58613E9091B4C9CC0F1546A8D ] C:\Windows\System32\mscoree.dll
10:41:07.0291 8020 C:\Windows\System32\mscoree.dll - ok
10:41:07.0294 8020 [ F5DF6846F30E9F54EA60CCAEB3FB2055 ] C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscoreei.dll
10:41:07.0295 8020 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscoreei.dll - ok
10:41:07.0298 8020 [ 36650D618CA34C9D357DFD3D89B2C56F ] C:\Windows\System32\sysmain.dll
10:41:07.0298 8020 C:\Windows\System32\sysmain.dll - ok
10:41:07.0301 8020 [ 3EEBD3BD93DA46A26E89893C7AB2FF3B ] C:\Windows\System32\drivers\tcpipreg.sys
10:41:07.0301 8020 C:\Windows\System32\drivers\tcpipreg.sys - ok
10:41:07.0304 8020 [ 613BF4820361543956909043A265C6AC ] C:\Windows\System32\tapisrv.dll
10:41:07.0304 8020 C:\Windows\System32\tapisrv.dll - ok
10:41:07.0307 8020 [ FE65D33B7D4FF07DD1D29526A48DF810 ] C:\Windows\System32\TODDSrv.exe
10:41:07.0307 8020 C:\Windows\System32\TODDSrv.exe - ok
10:41:07.0311 8020 [ 8CD1DEE212E52B9C22E66DBA44991D32 ] C:\Windows\System32\httpapi.dll
10:41:07.0311 8020 C:\Windows\System32\httpapi.dll - ok
10:41:07.0314 8020 [ 85EDF7A274435E4DF051BB23F8E01581 ] C:\Program Files\Toshiba\Power Saver\TosCoSrv.exe
10:41:07.0314 8020 C:\Program Files\Toshiba\Power Saver\TosCoSrv.exe - ok
10:41:07.0317 8020 [ 99B9343280AF6A4C0F27CF2E28E94BBF ] C:\Windows\System32\dssenh.dll
10:41:07.0317 8020 C:\Windows\System32\dssenh.dll - ok
10:41:07.0321 8020 [ 829F9461E33F7332DF88F07A574DE929 ] C:\Program Files\Toshiba\Power Saver\TPwrReg.dll
10:41:07.0321 8020 C:\Program Files\Toshiba\Power Saver\TPwrReg.dll - ok
10:41:07.0324 8020 [ B0E2AA53E8B930FAA21E2D865F95F704 ] C:\Program Files\Toshiba\Power Saver\TPwrFunc.dll
10:41:07.0324 8020 C:\Program Files\Toshiba\Power Saver\TPwrFunc.dll - ok
10:41:07.0328 8020 [ C0137AFD260FCA1FD5B754B880A1238C ] C:\Program Files\Toshiba\TECO\TecoService.exe
10:41:07.0328 8020 C:\Program Files\Toshiba\TECO\TecoService.exe - ok
10:41:07.0331 8020 [ 0A0BF77CE0F3F57AEA4A1CCAF4F1F5E0 ] C:\Program Files\Toshiba\TECO\TecoHci.dll
10:41:07.0331 8020 C:\Program Files\Toshiba\TECO\TecoHci.dll - ok
10:41:07.0334 8020 [ 7B65ABE386AEF76FC688FCBFB5E5B732 ] C:\Program Files\Toshiba\TECO\TecoPower.dll
10:41:07.0334 8020 C:\Program Files\Toshiba\TECO\TecoPower.dll - ok
10:41:07.0337 8020 [ 4792C0378DB99A9BC2AE2DE6CFFF0C3A ] C:\Windows\System32\trkwks.dll
10:41:07.0337 8020 C:\Windows\System32\trkwks.dll - ok
10:41:07.0341 8020 [ FB01D4AE207B9EFDBABFC55DC95C7E31 ] C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVC.EXE
10:41:07.0341 8020 C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVC.EXE - ok
10:41:07.0345 8020 [ 3FAE8F94296001C32EAB62CD7D82E0FD ] C:\Program Files\Windows Defender\MpSvc.dll
10:41:07.0345 8020 C:\Program Files\Windows Defender\MpSvc.dll - ok
10:41:07.0348 8020 [ F62E510B6AD4C21EB9FE8668ED251826 ] C:\Windows\System32\wbem\WMIsvc.dll
10:41:07.0348 8020 C:\Windows\System32\wbem\WMIsvc.dll - ok
10:41:07.0351 8020 [ 1B0EC94520CAB89A9CE1B2DA405166AF ] C:\Windows\System32\p2pcollab.dll
10:41:07.0351 8020 C:\Windows\System32\p2pcollab.dll - ok
10:41:07.0354 8020 [ 61D57A5D7C6D9AFE10E77DAE6E1B445E ] C:\Windows\System32\QAGENTRT.DLL
10:41:07.0354 8020 C:\Windows\System32\QAGENTRT.DLL - ok
10:41:07.0358 8020 [ 704314FD398C81D5F342CAA5DF7B7F21 ] C:\Windows\System32\wbemcomn.dll
10:41:07.0358 8020 C:\Windows\System32\wbemcomn.dll - ok
10:41:07.0362 8020 [ 9FD6496B6D91C8BE2A10BD55EAE2D5F2 ] C:\Windows\System32\fveui.dll
10:41:07.0362 8020 C:\Windows\System32\fveui.dll - ok
10:41:07.0365 8020 [ 40CAEEE0EAF1B8569F7C8DF6420F2CB9 ] C:\Windows\System32\sfc.dll
10:41:07.0365 8020 C:\Windows\System32\sfc.dll - ok
10:41:07.0368 8020 [ 84799328D87B3091A3BDD251E1AD31F9 ] C:\Windows\System32\sfc_os.dll
10:41:07.0368 8020 C:\Windows\System32\sfc_os.dll - ok
10:41:07.0372 8020 [ 881D9F2D6E04E1C323050CF1574870F7 ] C:\Windows\System32\wbem\WinMgmtR.dll
10:41:07.0372 8020 C:\Windows\System32\wbem\WinMgmtR.dll - ok
10:41:07.0375 8020 [ 20308CF0675AD7CE5AAA6712DB823216 ] C:\Program Files\Windows Defender\MpClient.dll
10:41:07.0375 8020 C:\Program Files\Windows Defender\MpClient.dll - ok
10:41:07.0378 8020 [ 701C9EB15E1E23D22F7C7184C0506673 ] C:\Windows\System32\wbem\WmiDcPrv.dll
10:41:07.0378 8020 C:\Windows\System32\wbem\WmiDcPrv.dll - ok
10:41:07.0382 8020 [ CFC7D8289D2B5F3CF8D16E2DB7F93D4A ] C:\Windows\System32\wbem\fastprox.dll
10:41:07.0382 8020 C:\Windows\System32\wbem\fastprox.dll - ok
10:41:07.0385 8020 [ D475BBD6FEF8DB2DDE0DA7CCFD2C9042 ] C:\Program Files\Common Files\microsoft shared\Windows Live\SQMAPI.DLL
10:41:07.0385 8020 C:\Program Files\Common Files\microsoft shared\Windows Live\SQMAPI.DLL - ok
10:41:07.0389 8020 [ 590D5C506044FE02FF7643E32FF9BDAC ] C:\Windows\System32\wer.dll
10:41:07.0389 8020 C:\Windows\System32\wer.dll - ok
10:41:07.0392 8020 [ E3E811471DE781900FF21C1FD84E941E ] C:\Windows\System32\ntdsapi.dll
10:41:07.0392 8020 C:\Windows\System32\ntdsapi.dll - ok
10:41:07.0395 8020 [ C5B0324DB461559ADD070E632A6919FA ] C:\Windows\System32\wbem\wbemprox.dll
10:41:07.0395 8020 C:\Windows\System32\wbem\wbemprox.dll - ok
10:41:07.0398 8020 [ 03F0545BD8D4C77FA0AE1CEEDFCC71AB ] C:\Windows\System32\drivers\srv2.sys
10:41:07.0398 8020 C:\Windows\System32\drivers\srv2.sys - ok
10:41:07.0401 8020 [ 58F67245D041FBE7AF88F4EAF79DF0FA ] C:\Windows\System32\iphlpsvc.dll
10:41:07.0401 8020 C:\Windows\System32\iphlpsvc.dll - ok
10:41:07.0404 8020 [ 5C3F9DBA818CD93379D1A0F215270374 ] C:\Windows\System32\esent.dll
10:41:07.0404 8020 C:\Windows\System32\esent.dll - ok
10:41:07.0407 8020 [ E4C2764065D66EA1D2D3EBC28FE99C46 ] C:\Windows\System32\drivers\srv.sys
10:41:07.0408 8020 C:\Windows\System32\drivers\srv.sys - ok
10:41:07.0411 8020 [ 1CDEA9188899E76D4FFD54C9D512CCDB ] C:\Windows\System32\msxml3.dll
10:41:07.0411 8020 C:\Windows\System32\msxml3.dll - ok
10:41:07.0414 8020 [ CE292C4C10B8DB6070F262EA2733F0DC ] C:\Windows\System32\sqmapi.dll
10:41:07.0414 8020 C:\Windows\System32\sqmapi.dll - ok
10:41:07.0417 8020 [ 893F8E81D1117C48CB9D6E9E5F64BAB1 ] C:\Program Files\AVAST Software\Avast\Setup\avast.setup
10:41:07.0417 8020 C:\Program Files\AVAST Software\Avast\Setup\avast.setup - ok
10:41:07.0421 8020 [ 089B5F924E96BA9C40E4E4522BF43770 ] C:\Program Files\Windows Defender\MpRTP.dll
10:41:07.0421 8020 C:\Program Files\Windows Defender\MpRTP.dll - ok
10:41:07.0424 8020 [ 8D47D01378347889A662D54037A988CC ] C:\Windows\System32\tdh.dll
10:41:07.0424 8020 C:\Windows\System32\tdh.dll - ok
10:41:07.0427 8020 [ A399514D3B28C9A3453A486BBAAFF1C7 ] C:\Windows\System32\wdscore.dll
10:41:07.0427 8020 C:\Windows\System32\wdscore.dll - ok
10:41:07.0430 8020 [ CB9E04DC05EACF5B9A36CA276D475006 ] C:\Windows\System32\rasmans.dll
10:41:07.0430 8020 C:\Windows\System32\rasmans.dll - ok
10:41:07.0433 8020 [ C649F293B8B047A2694F3C615D09BF17 ] C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVCM.EXE
10:41:07.0433 8020 C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVCM.EXE - ok
10:41:07.0436 8020 [ 2F03490092C032392FB6FF635222B9B2 ] C:\Windows\System32\apisetschema.dll
10:41:07.0436 8020 C:\Windows\System32\apisetschema.dll - ok
10:41:07.0439 8020 [ B2E1E4A16EDD02396F451F915FA3CBFA ] C:\Windows\System32\rastapi.dll
10:41:07.0440 8020 C:\Windows\System32\rastapi.dll - ok
10:41:07.0443 8020 [ BA32509D9B340162327B341013DE6522 ] C:\Windows\System32\tapi32.dll
10:41:07.0443 8020 C:\Windows\System32\tapi32.dll - ok
10:41:07.0446 8020 [ D64AF876D53ECA3668BB97B51B4E70AB ] C:\Windows\System32\srvsvc.dll
10:41:07.0446 8020 C:\Windows\System32\srvsvc.dll - ok
10:41:07.0449 8020 [ 3DAA727B5B0A45039B0E1C9A211B8400 ] C:\Windows\System32\browser.dll
10:41:07.0449 8020 C:\Windows\System32\browser.dll - ok
10:41:07.0452 8020 [ 5826854E4E420E29F59C2865F0FA562F ] C:\Program Files\Windows Defender\MpEvMsg.dll
10:41:07.0452 8020 C:\Program Files\Windows Defender\MpEvMsg.dll - ok
10:41:07.0455 8020 [ 11F06C27DAD83CD5E907D664CA591805 ] C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{E6494DD4-AECD-4C8B-9381-E887D72899D3}\mpengine.dll
10:41:07.0455 8020 C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{E6494DD4-AECD-4C8B-9381-E887D72899D3}\mpengine.dll - ok
10:41:07.0459 8020 [ B144A2223EF11ED42310124A7839258E ] C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{E6494DD4-AECD-4C8B-9381-E887D72899D3}\mpasbase.vdm
10:41:07.0459 8020 C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{E6494DD4-AECD-4C8B-9381-E887D72899D3}\mpasbase.vdm - ok
10:41:07.0462 8020 [ 936F728E04ACCF3F38801CFFCF1E3F40 ] C:\Windows\System32\oledlg.dll
10:41:07.0462 8020 C:\Windows\System32\oledlg.dll - ok
10:41:07.0465 8020 [ DA8CBCC158B2B2D538C2D75D05CB33D3 ] C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{E6494DD4-AECD-4C8B-9381-E887D72899D3}\mpasdlta.vdm
10:41:07.0466 8020 C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{E6494DD4-AECD-4C8B-9381-E887D72899D3}\mpasdlta.vdm - ok
10:41:07.0469 8020 [ 6383C60EC0133B14F5705F96369421B2 ] C:\Windows\System32\hnetcfg.dll
10:41:07.0469 8020 C:\Windows\System32\hnetcfg.dll - ok
10:41:07.0472 8020 [ E4B72E71EC37A59FE574A998A0C0EB9B ] C:\Windows\System32\netmsg.dll
10:41:07.0472 8020 C:\Windows\System32\netmsg.dll - ok
10:41:07.0475 8020 [ 89E783711AF91AF09E1EF30EF3107446 ] C:\Windows\System32\sscore.dll
10:41:07.0475 8020 C:\Windows\System32\sscore.dll - ok
10:41:07.0477 8020 [ 45D9F6CD2469CDB6A640DD4BD2B01471 ] C:\Windows\System32\nci.dll
10:41:07.0477 8020 C:\Windows\System32\nci.dll - ok
10:41:07.0481 8020 [ 377F0C1DDBFA6A43CB7E7568BC0ECED0 ] C:\Windows\System32\unimdm.tsp
10:41:07.0481 8020 C:\Windows\System32\unimdm.tsp - ok
10:41:07.0484 8020 [ E675DE8CF57D8814218733B3DAE896D7 ] C:\Windows\System32\uniplat.dll
10:41:07.0484 8020 C:\Windows\System32\uniplat.dll - ok
10:41:07.0487 8020 [ 585EB475E7AF55C9065256E8FFB751A1 ] C:\Windows\System32\wbem\wbemcore.dll
10:41:07.0487 8020 C:\Windows\System32\wbem\wbemcore.dll - ok
10:41:07.0490 8020 [ F3FB146CDBDD26FCD0CF7941C547BEE4 ] C:\Windows\System32\kmddsp.tsp
10:41:07.0490 8020 C:\Windows\System32\kmddsp.tsp - ok
10:41:07.0493 8020 [ 5AE88135C6A86FCD67BA16AFBB1C8389 ] C:\Windows\System32\wbem\esscli.dll
10:41:07.0493 8020 C:\Windows\System32\wbem\esscli.dll - ok
10:41:07.0496 8020 [ AA11A26692E0DB2996CAEFE9EC61F61F ] C:\Windows\System32\ndptsp.tsp
10:41:07.0496 8020 C:\Windows\System32\ndptsp.tsp - ok
10:41:07.0499 8020 [ E2F6CC0D191361EE94FEA3957653F531 ] C:\Windows\System32\hidphone.tsp
10:41:07.0499 8020 C:\Windows\System32\hidphone.tsp - ok
10:41:07.0502 8020 [ 776AE0564F8B1C282E331FD95A1BDC5F ] C:\Windows\System32\wbem\wbemsvc.dll
10:41:07.0502 8020 C:\Windows\System32\wbem\wbemsvc.dll - ok
10:41:07.0505 8020 [ AE9898D5600A232CD8AE3298692162E5 ] C:\Windows\System32\clusapi.dll
10:41:07.0505 8020 C:\Windows\System32\clusapi.dll - ok
10:41:07.0508 8020 [ 2AF094C822BD6094F14A8E85FB51D52A ] C:\Windows\System32\resutils.dll
10:41:07.0509 8020 C:\Windows\System32\resutils.dll - ok
10:41:07.0512 8020 [ 9C17DCD6DDFEB1A012544FAF4F2789F6 ] C:\Windows\AppPatch\AcGenral.dll
10:41:07.0512 8020 C:\Windows\AppPatch\AcGenral.dll - ok
10:41:07.0515 8020 [ 85683DF1F917E4D7F6BE1A04986BF1C8 ] C:\Windows\System32\msacm32.dll
10:41:07.0515 8020 C:\Windows\System32\msacm32.dll - ok
10:41:07.0518 8020 [ B39B8CC163C41B12FE83E777199F3378 ] C:\Windows\System32\tzres.dll
10:41:07.0518 8020 C:\Windows\System32\tzres.dll - ok
10:41:07.0521 8020 [ 67F9B5C7E215B48F9256757E9CC09A7B ] C:\Windows\System32\rasppp.dll
10:41:07.0521 8020 C:\Windows\System32\rasppp.dll - ok
10:41:07.0524 8020 [ 80B562B5B59ED850C328DD75F964F3D8 ] C:\Windows\System32\vpnike.dll
10:41:07.0524 8020 C:\Windows\System32\vpnike.dll - ok
10:41:07.0527 8020 [ 5610B0425518D185331CB8E968D060E6 ] C:\Windows\System32\wbem\wmiutils.dll
10:41:07.0527 8020 C:\Windows\System32\wbem\wmiutils.dll - ok
10:41:07.0531 8020 [ 371E3B05894549113D07CD3081ED55EF ] C:\Windows\System32\wbem\repdrvfs.dll
10:41:07.0531 8020 C:\Windows\System32\wbem\repdrvfs.dll - ok
10:41:07.0534 8020 [ 207CF171B1C6B8AE50C1FBF87363EEBC ] C:\Windows\System32\raschap.dll
10:41:07.0534 8020 C:\Windows\System32\raschap.dll - ok
10:41:07.0537 8020 [ D1A079A0DE2EA524513B6930C24527A2 ] C:\Windows\System32\ipnathlp.dll
10:41:07.0537 8020 C:\Windows\System32\ipnathlp.dll - ok
10:41:07.0540 8020 [ D4191EFAB91E00FC09257AA5EBAF503B ] C:\Windows\System32\mprapi.dll
10:41:07.0540 8020 C:\Windows\System32\mprapi.dll - ok
10:41:07.0543 8020 [ EAB975DB4C2805927FE5BD047D05C9AA ] C:\Windows\System32\netshell.dll
10:41:07.0543 8020 C:\Windows\System32\netshell.dll - ok
10:41:07.0546 8020 [ 3CDE2911462FEC80064A409C07710C06 ] C:\Windows\System32\wbem\WmiPrvSD.dll
10:41:07.0546 8020 C:\Windows\System32\wbem\WmiPrvSD.dll - ok
10:41:07.0549 8020 [ A4CC7227A452C4909F9499D91B184364 ] C:\Windows\System32\ncobjapi.dll
10:41:07.0549 8020 C:\Windows\System32\ncobjapi.dll - ok
10:41:07.0553 8020 [ B350509B6C9296529BC464C60FEEAEF1 ] C:\Windows\System32\wbem\wbemess.dll
10:41:07.0553 8020 C:\Windows\System32\wbem\wbemess.dll - ok
10:41:07.0556 8020 [ 3CA5D661E6C5DDE5574D02F324C32E53 ] C:\Program Files\Windows Defender\MsMpLics.dll
10:41:07.0556 8020 C:\Program Files\Windows Defender\MsMpLics.dll - ok
10:41:07.0559 8020 [ 46EF9DC96265FD0B423DB72E7C38C2A5 ] C:\Windows\System32\wdi.dll
10:41:07.0559 8020 C:\Windows\System32\wdi.dll - ok
10:41:07.0562 8020 [ FB1959012294D6AD43E5304DF65E3C26 ] C:\Windows\System32\appinfo.dll
10:41:07.0562 8020 C:\Windows\System32\appinfo.dll - ok
10:41:07.0565 8020 [ AA53356D60AF47EACC85BC617A4F3F66 ] C:\Windows\System32\wpdbusenum.dll
10:41:07.0565 8020 C:\Windows\System32\wpdbusenum.dll - ok
10:41:07.0568 8020 [ 15E298B5EC5B89C5994A59863969D9FF ] C:\Windows\System32\npmproxy.dll
10:41:07.0568 8020 C:\Windows\System32\npmproxy.dll - ok
10:41:07.0572 8020 [ E98278865E8DABA21CFE5FE4BE34210A ] C:\Windows\System32\PortableDeviceApi.dll
10:41:07.0572 8020 C:\Windows\System32\PortableDeviceApi.dll - ok
10:41:07.0575 8020 [ ECF036299AA554B5E0455262857B39D0 ] C:\Windows\System32\diagperf.dll
10:41:07.0575 8020 C:\Windows\System32\diagperf.dll - ok
10:41:07.0578 8020 [ C693E642ACFBDD76433AF6BE3C3EEE6F ] C:\Windows\System32\PortableDeviceConnectApi.dll
10:41:07.0578 8020 C:\Windows\System32\PortableDeviceConnectApi.dll - ok
10:41:07.0581 8020 [ F7FE730CE31B54145DEE1F1482BCCDD7 ] C:\Windows\System32\ndiscapCfg.dll
10:41:07.0581 8020 C:\Windows\System32\ndiscapCfg.dll - ok
10:41:07.0584 8020 [ D99621C0735B21DCC8BC4FEF02F379EF ] C:\Windows\System32\Apphlpdm.dll
10:41:07.0584 8020 C:\Windows\System32\Apphlpdm.dll - ok
10:41:07.0587 8020 [ F8E882C10AF4C29E378D1E28D4817CB1 ] C:\Windows\System32\pnpts.dll
10:41:07.0587 8020 C:\Windows\System32\pnpts.dll - ok
10:41:07.0590 8020 [ 761A3A4038C1FD4F5795427907C28484 ] C:\Windows\System32\rascfg.dll
10:41:07.0590 8020 C:\Windows\System32\rascfg.dll - ok
10:41:07.0593 8020 [ 7FFD52D73352806969D424EF327D10A7 ] C:\Windows\System32\radardt.dll
10:41:07.0594 8020 C:\Windows\System32\radardt.dll - ok
10:41:07.0597 8020 [ 7E82616BEE76BF5EAA5B30F681414E21 ] C:\Windows\System32\perftrack.dll
10:41:07.0597 8020 C:\Windows\System32\perftrack.dll - ok
10:41:07.0600 8020 [ 8B794AE6D5C7D42092804BC39A2EB8F6 ] C:\Windows\System32\aepic.dll
10:41:07.0600 8020 C:\Windows\System32\aepic.dll - ok
10:41:07.0603 8020 [ 9A7B54D57594233EEB17892BAD309970 ] C:\Windows\System32\mprmsg.dll
10:41:07.0603 8020 C:\Windows\System32\mprmsg.dll - ok
10:41:07.0606 8020 [ F0016853FA3F38F55FD868FF74C0359B ] C:\Windows\System32\wdiasqmmodule.dll
10:41:07.0606 8020 C:\Windows\System32\wdiasqmmodule.dll - ok
10:41:07.0609 8020 [ CAFC0B884E5590B5E80D84F592388B3D ] C:\Windows\System32\tcpipcfg.dll
10:41:07.0609 8020 C:\Windows\System32\tcpipcfg.dll - ok
10:41:07.0612 8020 [ 53946B69BA0836BD95B03759530C81EC ] C:\Windows\System32\IPSECSVC.DLL
10:41:07.0612 8020 C:\Windows\System32\IPSECSVC.DLL - ok
10:41:07.0615 8020 [ DB603D3FD090C66F9709EF6493C26BA3 ] C:\Windows\System32\FwRemoteSvr.dll
10:41:07.0615 8020 C:\Windows\System32\FwRemoteSvr.dll - ok
10:41:07.0618 8020 [ 13CDD3FF0961A2EC6D9829A1640DD6DC ] C:\Windows\System32\sqlcese30.dll
10:41:07.0619 8020 C:\Windows\System32\sqlcese30.dll - ok
10:41:07.0622 8020 [ B6C756FA661C5EB7B3547E60647F87A7 ] C:\Windows\System32\sqlceoledb30.dll
10:41:07.0622 8020 C:\Windows\System32\sqlceoledb30.dll - ok
10:41:07.0625 8020 [ C5C867CD7EFAC60D5021223E374DEEC5 ] C:\Windows\System32\dimsjob.dll
10:41:07.0625 8020 C:\Windows\System32\dimsjob.dll - ok
10:41:07.0628 8020 [ 89F4D0DD6606A2FE15931E6888DBBC8D ] C:\Windows\System32\stdole2.tlb
10:41:07.0628 8020 C:\Windows\System32\stdole2.tlb - ok
10:41:07.0632 8020 [ D44741F65A1D71F65814A12CF6E2400A ] C:\Windows\System32\runonce.exe
10:41:07.0632 8020 C:\Windows\System32\runonce.exe - ok
10:41:07.0635 8020 [ 14486EB6AF542F2BD3239F7FC3E713F7 ] C:\Windows\System32\pautoenr.dll
10:41:07.0635 8020 C:\Windows\System32\pautoenr.dll - ok
10:41:07.0638 8020 [ 61B1ED5F429EFAC7E2036769870AB93E ] C:\Windows\System32\certcli.dll
10:41:07.0638 8020 C:\Windows\System32\certcli.dll - ok
10:41:07.0641 8020 [ 29BC473072568C072EC8B176498DE996 ] C:\Windows\System32\CertEnroll.dll
10:41:07.0641 8020 C:\Windows\System32\CertEnroll.dll - ok
10:41:07.0645 8020 [ 78DE417B7921DACA072059E6BF410FC7 ] C:\Windows\System32\wshnetbs.dll
10:41:07.0645 8020 C:\Windows\System32\wshnetbs.dll - ok
10:41:07.0648 8020 [ 7DF186D86CF8C571A12AAB788C777F84 ] C:\Windows\System32\wscproxystub.dll
10:41:07.0648 8020 C:\Windows\System32\wscproxystub.dll - ok
10:41:07.0651 8020 [ 95CE557D16A75606CCC2D7F3B0B0BCCB ] C:\Windows\System32\Macromed\Flash\FlashPlayerUpdateService.exe

Continued log from TDSSKiller.

10:41:07.0651 8020 C:\Windows\System32\Macromed\Flash\FlashPlayerUpdateService.exe - ok
10:41:07.0655 8020 [ A7E406711790197712D376B44A9FBB0B ] C:\Program Files\Toshiba\ConfigFree\NDSTray.exe
10:41:07.0655 8020 C:\Program Files\Toshiba\ConfigFree\NDSTray.exe - ok
10:41:07.0658 8020 [ CCADB6C52495F036C366AA479392A7D4 ] C:\Program Files\Toshiba\ConfigFree\NDSParts.dll
10:41:07.0658 8020 C:\Program Files\Toshiba\ConfigFree\NDSParts.dll - ok
10:41:07.0662 8020 [ 2766769440198C1E63122865850BB631 ] C:\Program Files\Toshiba\ConfigFree\NDSAPI.dll
10:41:07.0662 8020 C:\Program Files\Toshiba\ConfigFree\NDSAPI.dll - ok
10:41:07.0665 8020 [ DA4950C4239E0C4FF35895FD7AA46B05 ] C:\Program Files\Toshiba\ConfigFree\CFWlApi.dll
10:41:07.0665 8020 C:\Program Files\Toshiba\ConfigFree\CFWlApi.dll - ok
10:41:07.0669 8020 [ 1F5AFD468EB5E09E9ED75A087529EAB5 ] C:\Windows\winsxs\x86_microsoft.vc80.mfc_1fc8b3b9a1e18e3b_8.0.50727.6195_none_cbf5e994470a1a8f\mfc80.dll
10:41:07.0669 8020 C:\Windows\winsxs\x86_microsoft.vc80.mfc_1fc8b3b9a1e18e3b_8.0.50727.6195_none_cbf5e994470a1a8f\mfc80.dll - ok
10:41:07.0672 8020 [ D39DA70FEA6BD713682F70635587DA9E ] C:\Windows\System32\rasdlg.dll
10:41:07.0672 8020 C:\Windows\System32\rasdlg.dll - ok
10:41:07.0676 8020 [ 15936A348676D246A41A4781E6A34692 ] C:\Program Files\Toshiba\ConfigFree\NDSMUI.dll
10:41:07.0676 8020 C:\Program Files\Toshiba\ConfigFree\NDSMUI.dll - ok
10:41:07.0679 8020 [ E2C48CD0132D4D1DC7D0DF9A6BEF686A ] C:\Windows\winsxs\x86_microsoft.vc80.mfc_1fc8b3b9a1e18e3b_8.0.50727.6195_none_cbf5e994470a1a8f\mfc80u.dll
10:41:07.0679 8020 C:\Windows\winsxs\x86_microsoft.vc80.mfc_1fc8b3b9a1e18e3b_8.0.50727.6195_none_cbf5e994470a1a8f\mfc80u.dll - ok
10:41:07.0682 8020 [ AD7B9C14083B52BC532FBA5948342B98 ] C:\Windows\System32\cmd.exe
10:41:07.0682 8020 C:\Windows\System32\cmd.exe - ok
10:41:07.0686 8020 [ 28A09777D2D952122567A8A82F1A2C7B ] C:\Windows\winsxs\x86_microsoft.vc80.mfcloc_1fc8b3b9a1e18e3b_8.0.50727.6195_none_03ce2c72205943d3\mfc80ENU.dll
10:41:07.0686 8020 C:\Windows\winsxs\x86_microsoft.vc80.mfcloc_1fc8b3b9a1e18e3b_8.0.50727.6195_none_03ce2c72205943d3\mfc80ENU.dll - ok
10:41:07.0689 8020 [ 4FB491AC8D46AAF22BA8BC5C73DABEF7 ] C:\Windows\System32\wbem\WmiPrvSE.exe
10:41:07.0689 8020 C:\Windows\System32\wbem\WmiPrvSE.exe - ok
10:41:07.0693 8020 [ C6B0509AA89F656247694E2D6ABF7255 ] C:\Windows\System32\wbem\wmiprov.dll
10:41:07.0693 8020 C:\Windows\System32\wbem\wmiprov.dll - ok
10:41:07.0696 8020 [ CEA80C80BED809AA0DA6FEBC04733349 ] C:\Windows\System32\drivers\acpi.sys
10:41:07.0696 8020 C:\Windows\System32\drivers\acpi.sys - ok
10:41:07.0699 8020 [ 2B8EE031FD700AB942EBE60665440E83 ] C:\Windows\System32\drivers\battc.sys
10:41:07.0699 8020 C:\Windows\System32\drivers\battc.sys - ok
10:41:07.0702 8020 [ 8C9C922D71F1CD4DEF73F186416B7896 ] C:\Windows\System32\drivers\ndis.sys
10:41:07.0702 8020 C:\Windows\System32\drivers\ndis.sys - ok
10:41:07.0706 8020 [ 5466DCAEF5A648E04D1B6580F2C901B5 ] C:\Windows\System32\ieframe.dll
10:41:07.0706 8020 C:\Windows\System32\ieframe.dll - ok
10:41:07.0709 8020 [ 3035DC245A7824DD438FD93C7F2DC806 ] C:\Windows\System32\en-US\advapi32.dll.mui
10:41:07.0709 8020 C:\Windows\System32\en-US\advapi32.dll.mui - ok
10:41:07.0712 8020 [ 8892761FB6CF5BBB73EE2657618A90A6 ] C:\Windows\System32\drivers\en-US\acpi.sys.mui
10:41:07.0712 8020 C:\Windows\System32\drivers\en-US\acpi.sys.mui - ok
10:41:07.0716 8020 [ 2A73CDAF528D477CEB91D0D39DD21ADD ] C:\Windows\System32\drivers\en-US\ndis.sys.mui
10:41:07.0716 8020 C:\Windows\System32\drivers\en-US\ndis.sys.mui - ok
10:41:07.0719 8020 [ AAE3CA55E846868C982B44E4CBACA3A5 ] C:\Windows\System32\drivers\en-US\battc.sys.mui
10:41:07.0719 8020 C:\Windows\System32\drivers\en-US\battc.sys.mui - ok
10:41:07.0722 8020 [ 6708C343C9ABCFA739416F3E0A678507 ] C:\Windows\System32\drivers\en-US\mssmbios.sys.mui
10:41:07.0723 8020 C:\Windows\System32\drivers\en-US\mssmbios.sys.mui - ok
10:41:07.0726 8020 [ 0B21192D64495409CE72858A9287AFA2 ] C:\Windows\System32\drivers\en-US\hdaudbus.sys.mui
10:41:07.0726 8020 C:\Windows\System32\drivers\en-US\hdaudbus.sys.mui - ok
10:41:07.0728 8020 [ A52FE9F129FEE502D31A6CE91B4BFD6E ] C:\Windows\System32\drivers\en-US\intelppm.sys.mui
10:41:07.0728 8020 C:\Windows\System32\drivers\en-US\intelppm.sys.mui - ok
10:41:07.0732 8020 [ 29F19CF048E0A255A35D2D73B8B08F59 ] C:\Windows\System32\drivers\en-US\portcls.sys.mui
10:41:07.0732 8020 C:\Windows\System32\drivers\en-US\portcls.sys.mui - ok
10:41:07.0735 8020 [ BE247AE996A9FDE007A27B51413A6C79 ] C:\Windows\System32\shdocvw.dll
10:41:07.0735 8020 C:\Windows\System32\shdocvw.dll - ok
10:41:07.0738 8020 [ CB67C2B94302DC94BC15ED6553A5C1C7 ] C:\Windows\System32\wbem\cimwin32.dll
10:41:07.0738 8020 C:\Windows\System32\wbem\cimwin32.dll - ok
10:41:07.0743 8020 [ EBC984F0CE40E0DAF0454D806EC2A7EC ] C:\Users\lohckm\AppData\Local\Temp\5DA7FC65-B4AD-4364-8BC8-9C9FBAE616E0.exe
10:41:07.0743 8020 C:\Users\lohckm\AppData\Local\Temp\5DA7FC65-B4AD-4364-8BC8-9C9FBAE616E0.exe - ok
10:41:07.0746 8020 [ D0481FB85BEEDD30A0884BE327880F80 ] C:\Windows\System32\framedynos.dll
10:41:07.0746 8020 C:\Windows\System32\framedynos.dll - ok
10:41:07.0749 8020 [ 907281ED4AD35D41B29FFDC211EBAD80 ] C:\Windows\System32\wmi.dll
10:41:07.0750 8020 C:\Windows\System32\wmi.dll - ok
10:41:07.0753 8020 [ C0B8B96D018849FD8CCF15FED84E8782 ] C:\Windows\System32\ie4uinit.exe
10:41:07.0753 8020 C:\Windows\System32\ie4uinit.exe - ok
10:41:07.0756 8020 [ F0FEFB0B5D25A75D478A4317139D937E ] C:\Windows\System32\iedkcs32.dll
10:41:07.0756 8020 C:\Windows\System32\iedkcs32.dll - ok
10:41:07.0759 8020 [ 7E9917D5309A90E7576653BFE39F80D8 ] C:\Windows\System32\timedate.cpl
10:41:07.0759 8020 C:\Windows\System32\timedate.cpl - ok
10:41:07.0762 8020 [ D2958325C1AE1AE37A83334C6229E3BC ] C:\Windows\System32\actxprxy.dll
10:41:07.0762 8020 C:\Windows\System32\actxprxy.dll - ok
10:41:07.0766 8020 [ 175383778EB24D98C84E624021E3AA0B ] C:\Windows\System32\aeevts.dll
10:41:07.0766 8020 C:\Windows\System32\aeevts.dll - ok
10:41:07.0769 8020 [ 5987EA8A82C53359BCD2C29D6588583E ] C:\Windows\System32\linkinfo.dll
10:41:07.0769 8020 C:\Windows\System32\linkinfo.dll - ok
10:41:07.0772 8020 [ 19BC13711AC403FEB830522E4831701B ] C:\Windows\System32\gameux.dll
10:41:07.0772 8020 C:\Windows\System32\gameux.dll - ok
10:41:07.0775 8020 [ 3A16EA01FCFAAB40882DB5BFEE632322 ] C:\Windows\System32\msftedit.dll
10:41:07.0775 8020 C:\Windows\System32\msftedit.dll - ok
10:41:07.0778 8020 [ 35AAE2E841AA1A949775168E119482C9 ] C:\Windows\System32\msls31.dll
10:41:07.0778 8020 C:\Windows\System32\msls31.dll - ok
10:41:07.0782 8020 [ 7896EFFDEE215C172BE724A64931EF1C ] C:\Program Files\Common Files\microsoft shared\ink\tiptsf.dll
10:41:07.0782 8020 C:\Program Files\Common Files\microsoft shared\ink\tiptsf.dll - ok
10:41:07.0785 8020 [ F1278B3514EA6FA9BC39B20D26139AAC ] C:\Windows\System32\msiltcfg.dll
10:41:07.0785 8020 C:\Windows\System32\msiltcfg.dll - ok
10:41:07.0788 8020 [ 915F12B7FE7C3D072A375B47F1FC52BC ] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe
10:41:07.0788 8020 C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe - ok
10:41:07.0792 8020 [ 2A39F32E0067CBF221611FE1FA8C6D8F ] C:\Windows\System32\DeviceCenter.dll
10:41:07.0792 8020 C:\Windows\System32\DeviceCenter.dll - ok
10:41:07.0795 8020 [ 672D7C5080ACB003343006405DA2E621 ] C:\Windows\System32\thumbcache.dll
10:41:07.0795 8020 C:\Windows\System32\thumbcache.dll - ok
10:41:07.0798 8020 [ 3D57FFBAD3ED16B63DE3879BAB0FB56F ] C:\Windows\System32\networkexplorer.dll
10:41:07.0798 8020 C:\Windows\System32\networkexplorer.dll - ok
10:41:07.0801 8020 [ D205C24A9D069049FE2DF2A1B38726A7 ] C:\Windows\System32\wdmaud.drv
10:41:07.0801 8020 C:\Windows\System32\wdmaud.drv - ok
10:41:07.0805 8020 [ 9C67F6BBDA3881CFD02095160CF91576 ] C:\Windows\System32\ksuser.dll
10:41:07.0805 8020 C:\Windows\System32\ksuser.dll - ok
10:41:07.0808 8020 [ E9A60A1CA8850EA5642F7CC673009639 ] C:\Program Files\Toshiba\Power Saver\TPwrMain.exe
10:41:07.0808 8020 C:\Program Files\Toshiba\Power Saver\TPwrMain.exe - ok
10:41:07.0811 8020 [ C940F2F5C60B3727C5F18840735B229C ] C:\Windows\System32\AudioSes.dll
10:41:07.0811 8020 C:\Windows\System32\AudioSes.dll - ok
10:41:07.0814 8020 [ 07393A09C46083588E751B63B03C8301 ] C:\Windows\System32\msacm32.drv
10:41:07.0814 8020 C:\Windows\System32\msacm32.drv - ok
10:41:07.0817 8020 [ 5A12C364AD1D4FCC0AD0E56DBBC34462 ] C:\Windows\System32\midimap.dll
10:41:07.0817 8020 C:\Windows\System32\midimap.dll - ok
10:41:07.0821 8020 [ BBA9D5A730D5E304117AD26923EBD8AA ] C:\Windows\System32\AudioEng.dll
10:41:07.0821 8020 C:\Windows\System32\AudioEng.dll - ok
10:41:07.0824 8020 [ E7704CBF568815C1CAA6E513387BD3F2 ] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
10:41:07.0824 8020 C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe - ok
10:41:07.0828 8020 [ 96F0F8F4DEE598C8D12AD9633E0CFE2A ] C:\Windows\System32\AUDIOKSE.dll
10:41:07.0828 8020 C:\Windows\System32\AUDIOKSE.dll - ok
10:41:07.0831 8020 [ 1694B28EBF704C0C0DA037EA65CD051F ] C:\Program Files\Toshiba\TBS\HSON.exe
10:41:07.0831 8020 C:\Program Files\Toshiba\TBS\HSON.exe - ok
10:41:07.0834 8020 [ 2A8681AEA24003040CA7D677BE9F1702 ] C:\Windows\System32\drivers\54254332.sys
10:41:07.0834 8020 C:\Windows\System32\drivers\54254332.sys - ok
10:41:07.0837 8020 [ 8A07221789D46B2EA7DFCA2BC807572A ] C:\Program Files\Toshiba\ConfigFree\CFSwMgr.exe
10:41:07.0837 8020 C:\Program Files\Toshiba\ConfigFree\CFSwMgr.exe - ok
10:41:07.0841 8020 [ 8B92BED5B8D4A8480E7AA631F35A6F35 ] C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorwks.dll
10:41:07.0841 8020 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorwks.dll - ok
10:41:07.0844 8020 [ 552FFE7BDF817751756AB6D5EB95C370 ] C:\Windows\System32\CX32GP25.dll
10:41:07.0844 8020 C:\Windows\System32\CX32GP25.dll - ok
10:41:07.0848 8020 [ 31E411B16CB82835D5D626E4206E8A09 ] C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\703b27023a4fddb44d47f4b3010c324c\mscorlib.ni.dll
10:41:07.0848 8020 C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\703b27023a4fddb44d47f4b3010c324c\mscorlib.ni.dll - ok
10:41:07.0851 8020 [ A11F5EE731CD48F3DC509E2D180E1AF0 ] C:\Program Files\Toshiba\SmoothView\SmoothView.exe
10:41:07.0851 8020 C:\Program Files\Toshiba\SmoothView\SmoothView.exe - ok
10:41:07.0853 8020 [ 4E30ED3E551E867ADD1C8D58F5EDD9DF ] C:\Windows\System32\WMALFXGFXDSP.dll
10:41:07.0853 8020 C:\Windows\System32\WMALFXGFXDSP.dll - ok
10:41:07.0857 8020 [ 102CF6879887BBE846A00C459E6D4ABC ] C:\Windows\System32\riched20.dll
10:41:07.0857 8020 C:\Windows\System32\riched20.dll - ok
10:41:07.0860 8020 [ 75BCC4043512E41D83C8F224B168039C ] C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorjit.dll
10:41:07.0860 8020 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorjit.dll - ok
10:41:07.0864 8020 [ 93E0244FD5AB93CECD31CB4B8FD9E758 ] C:\Windows\assembly\NativeImages_v2.0.50727_32\System\1eccdb959aa1aedaa2e7b4e14e332f3e\System.ni.dll
10:41:07.0864 8020 C:\Windows\assembly\NativeImages_v2.0.50727_32\System\1eccdb959aa1aedaa2e7b4e14e332f3e\System.ni.dll - ok
10:41:07.0868 8020 [ BCF93B3F1BBDCEE000D17A04185C1030 ] C:\Program Files\Toshiba\Power Saver\TtosFunc.dll
10:41:07.0868 8020 C:\Program Files\Toshiba\Power Saver\TtosFunc.dll - ok
10:41:07.0871 8020 [ 40B82688907A7DBA4DB3B5ADDE3EAB3B ] C:\Windows\System32\mfplat.dll
10:41:07.0871 8020 C:\Windows\System32\mfplat.dll - ok
10:41:07.0874 8020 [ B2B399E6180351593E2D29067D9E4216 ] C:\Program Files\Toshiba\FlashCards\TCrdMain.exe
10:41:07.0874 8020 C:\Program Files\Toshiba\FlashCards\TCrdMain.exe - ok
10:41:07.0877 8020 [ 52999C60386C123BDD6C93D73BEF37CD ] C:\Windows\System32\EEL32A.dll
10:41:07.0877 8020 C:\Windows\System32\EEL32A.dll - ok
10:41:07.0880 8020 [ 573A6934D4BC8FB8F19AB6E47EBB9128 ] C:\Windows\System32\EED32A.dll
10:41:07.0880 8020 C:\Windows\System32\EED32A.dll - ok
10:41:07.0884 8020 [ 0DCA6A11D09D4C2CBE6B898B897EA915 ] C:\Windows\System32\UIAnimation.dll
10:41:07.0884 8020 C:\Windows\System32\UIAnimation.dll - ok
10:41:07.0887 8020 [ 3964DADF548EC001AC6E6F87C94D2E32 ] C:\Program Files\Toshiba\Power Saver\TCooling.dll
10:41:07.0887 8020 C:\Program Files\Toshiba\Power Saver\TCooling.dll - ok
10:41:07.0891 8020 [ B93CCB2063F61ABB989517C4E574F1D4 ] C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\d86faac9b3fb996a7210e9783b76ca1a\System.Drawing.ni.dll
10:41:07.0891 8020 C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\d86faac9b3fb996a7210e9783b76ca1a\System.Drawing.ni.dll - ok
10:41:07.0894 8020 [ A28E51816BF6F0F47B15BFB7FF062EDC ] C:\Program Files\Toshiba\Power Saver\TOddPwr.dll
10:41:07.0894 8020 C:\Program Files\Toshiba\Power Saver\TOddPwr.dll - ok
10:41:07.0897 8020 [ 9E524CF21ECC0BDF780F3F62C88458D3 ] C:\Program Files\Toshiba\Power Saver\TPwrSrv.dll
10:41:07.0897 8020 C:\Program Files\Toshiba\Power Saver\TPwrSrv.dll - ok
10:41:07.0901 8020 [ 4E26346EDA512700EB59160268D5D9F8 ] C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\c423a5b0a857fb4fe4f856a6b88787e2\System.Windows.Forms.ni.dll
10:41:07.0901 8020 C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\c423a5b0a857fb4fe4f856a6b88787e2\System.Windows.Forms.ni.dll - ok
10:41:07.0904 8020 [ 90BE5CBD1C3303CF48416E60794744D5 ] C:\Program Files\Toshiba\Power Saver\T1394Pwr.dll
10:41:07.0905 8020 C:\Program Files\Toshiba\Power Saver\T1394Pwr.dll - ok
10:41:07.0908 8020 [ DD038D1818D209695D060E2C90610363 ] C:\Program Files\Toshiba\Power Saver\TKBLEDPwr.dll
10:41:07.0908 8020 C:\Program Files\Toshiba\Power Saver\TKBLEDPwr.dll - ok
10:41:07.0911 8020 [ B97A11480F71EA4594ED19031F529308 ] C:\Program Files\Toshiba\Power Saver\TSDPwr.dll
10:41:07.0911 8020 C:\Program Files\Toshiba\Power Saver\TSDPwr.dll - ok
10:41:07.0915 8020 [ 1350C408A60F4222016722DA01E68810 ] C:\Program Files\CONEXANT\cAudioFilterAgent\cAudioFilterAgent.exe
10:41:07.0915 8020 C:\Program Files\CONEXANT\cAudioFilterAgent\cAudioFilterAgent.exe - ok
10:41:07.0919 8020 [ EC7637591B6B8BAE7B09815E208305DE ] C:\Windows\assembly\GAC_MSIL\MOM.Implementation\2.0.3726.17644__90ba9c70f846762e\MOM.Implementation.DLL
10:41:07.0919 8020 C:\Windows\assembly\GAC_MSIL\MOM.Implementation\2.0.3726.17644__90ba9c70f846762e\MOM.Implementation.DLL - ok
10:41:07.0922 8020 [ DD3DF0D7A84EECD58994245FBA874D9D ] C:\Program Files\Toshiba\Power Saver\TPCIePwr.dll
10:41:07.0922 8020 C:\Program Files\Toshiba\Power Saver\TPCIePwr.dll - ok
10:41:07.0926 8020 [ AB49FFAA4B767F67A77672DC5A324984 ] C:\Windows\assembly\GAC_MSIL\LOG.Foundation\2.0.3726.17533__90ba9c70f846762e\LOG.Foundation.DLL
10:41:07.0926 8020 C:\Windows\assembly\GAC_MSIL\LOG.Foundation\2.0.3726.17533__90ba9c70f846762e\LOG.Foundation.DLL - ok
10:41:07.0929 8020 [ 35DA07F8C8F89CB9748583F3226DDCC5 ] C:\Windows\assembly\GAC_MSIL\LOG.Foundation.Private\2.0.3726.17537__90ba9c70f846762e\LOG.Foundation.Private.DLL
10:41:07.0929 8020 C:\Windows\assembly\GAC_MSIL\LOG.Foundation.Private\2.0.3726.17537__90ba9c70f846762e\LOG.Foundation.Private.DLL - ok
10:41:07.0933 8020 [ 1A24523C5CED926CBB11F06ACED4E0D1 ] C:\Windows\assembly\GAC_MSIL\LOG.Foundation.Implementation\2.0.3726.17642__90ba9c70f846762e\LOG.Foundation.Implementation.DLL
10:41:07.0933 8020 C:\Windows\assembly\GAC_MSIL\LOG.Foundation.Implementation\2.0.3726.17642__90ba9c70f846762e\LOG.Foundation.Implementation.DLL - ok
10:41:07.0936 8020 [ ABC9D9010F4BD0AAC8CACF4C5606A362 ] C:\Windows\assembly\GAC_MSIL\MOM.Foundation\2.0.3726.17538__90ba9c70f846762e\MOM.Foundation.DLL
10:41:07.0937 8020 C:\Windows\assembly\GAC_MSIL\MOM.Foundation\2.0.3726.17538__90ba9c70f846762e\MOM.Foundation.DLL - ok
10:41:07.0940 8020 [ 1BEED7D1EB43D9480ECB29FAE6455627 ] C:\Windows\assembly\GAC_MSIL\LOG.Foundation.Implementation.Private\2.0.3726.17538__90ba9c70f846762e\LOG.Foundation.Implementation.Private.DLL
10:41:07.0940 8020 C:\Windows\assembly\GAC_MSIL\LOG.Foundation.Implementation.Private\2.0.3726.17538__90ba9c70f846762e\LOG.Foundation.Implementation.Private.DLL - ok
10:41:07.0944 8020 [ 0AF5F5273EFA197B946FC30F6B666990 ] C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Remo#\c11e8c8ee98243f81088d49822c15852\System.Runtime.Remoting.ni.dll
10:41:07.0944 8020 C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Remo#\c11e8c8ee98243f81088d49822c15852\System.Runtime.Remoting.ni.dll - ok
10:41:07.0947 8020 [ 539C49CEBB3C50957AC8A09D95ECD880 ] C:\Windows\System32\shfolder.dll
10:41:07.0947 8020 C:\Windows\System32\shfolder.dll - ok
10:41:07.0951 8020 [ 66E44CD685FE1E81773FD14248EA4433 ] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
10:41:07.0951 8020 C:\Program Files\Synaptics\SynTP\SynTPEnh.exe - ok
10:41:07.0954 8020 [ 74EF310FAC89341CE2897B7F2C4A7B0F ] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
10:41:07.0954 8020 C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe - ok
10:41:07.0957 8020 [ 2A550B9099E66CDB40BA5A4AD50586AA ] C:\Windows\assembly\GAC_MSIL\CCC.Implementation\2.0.3726.17644__90ba9c70f846762e\CCC.Implementation.DLL
10:41:07.0958 8020 C:\Windows\assembly\GAC_MSIL\CCC.Implementation\2.0.3726.17644__90ba9c70f846762e\CCC.Implementation.DLL - ok
10:41:07.0961 8020 [ 543EAFF2C97A81081E696300B3F6FA8D ] C:\Windows\assembly\GAC_MSIL\CLI.Foundation\2.0.3726.17534__90ba9c70f846762e\CLI.Foundation.DLL
10:41:07.0962 8020 C:\Windows\assembly\GAC_MSIL\CLI.Foundation\2.0.3726.17534__90ba9c70f846762e\CLI.Foundation.DLL - ok
10:41:07.0965 8020 [ 3B2FBD2EA5D3D33D650EED46D7FE1BF5 ] C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Web\130a01a65302d258744f423012fc4983\System.Web.ni.dll
10:41:07.0965 8020 C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Web\130a01a65302d258744f423012fc4983\System.Web.ni.dll - ok
10:41:07.0969 8020 [ B9FBE2C4DE9A72E8997697C8D5CAD009 ] C:\Program Files\Toshiba\Bluetooth Toshiba Stack\ItSecMng.exe
10:41:07.0969 8020 C:\Program Files\Toshiba\Bluetooth Toshiba Stack\ItSecMng.exe - ok
10:41:07.0972 8020 [ A859E869AB947311DF0FE6DFEA5ACDCE ] C:\Windows\System32\SynCOM.dll
10:41:07.0972 8020 C:\Windows\System32\SynCOM.dll - ok
10:41:07.0976 8020 [ 862CEFDAE76195D7FDEE75EE9840A5D1 ] C:\Windows\assembly\GAC_MSIL\CLI.Component.SkinFactory\2.0.3726.17544__90ba9c70f846762e\CLI.Component.SkinFactory.DLL
10:41:07.0976 8020 C:\Windows\assembly\GAC_MSIL\CLI.Component.SkinFactory\2.0.3726.17544__90ba9c70f846762e\CLI.Component.SkinFactory.DLL - ok
10:41:07.0977 8020 [ DDDCFA20FF6363FABB0249A0CF176514 ] C:\Windows\System32\SynTPAPI.dll
10:41:07.0977 8020 C:\Windows\System32\SynTPAPI.dll - ok
10:41:07.0981 8020 [ 24961FECEF4AF59A5254810945E583B7 ] C:\Windows\assembly\GAC_MSIL\CLI.Foundation.XManifest\2.0.3726.17644__90ba9c70f846762e\CLI.Foundation.XManifest.DLL
10:41:07.0981 8020 C:\Windows\assembly\GAC_MSIL\CLI.Foundation.XManifest\2.0.3726.17644__90ba9c70f846762e\CLI.Foundation.XManifest.DLL - ok
10:41:07.0985 8020 [ 9BD849D9BA738ACB0629191D41D412A1 ] C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml\3b9f9cee47282e10cdafb32b8c5d240a\System.Xml.ni.dll
10:41:07.0985 8020 C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml\3b9f9cee47282e10cdafb32b8c5d240a\System.Xml.ni.dll - ok
10:41:07.0988 8020 [ 2E3F9FA245211FEA91FC1CC7EAC6AFF5 ] C:\Program Files\Toshiba\SmartFaceV\SmartFaceVWatcher.exe
10:41:07.0988 8020 C:\Program Files\Toshiba\SmartFaceV\SmartFaceVWatcher.exe - ok
10:41:07.0992 8020 [ 23F85BBD8EB9AA7228F9D725493485D8 ] C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
10:41:07.0992 8020 C:\Program Files\Synaptics\SynTP\SynTPHelper.exe - ok
10:41:07.0995 8020 [ 912649A1B3F9E6ACB3899FBDABA2ED5F ] C:\Windows\System32\stobject.dll
10:41:07.0995 8020 C:\Windows\System32\stobject.dll - ok
10:41:07.0998 8020 [ 67C1B58706B47EEBA4E117AC197289E6 ] C:\Windows\System32\batmeter.dll
10:41:07.0998 8020 C:\Windows\System32\batmeter.dll - ok
10:41:08.0001 8020 [ 804D1B3F83682288619DF795543BF382 ] C:\Windows\System32\consent.exe
10:41:08.0001 8020 C:\Windows\System32\consent.exe - ok
10:41:08.0005 8020 [ E5211DF0073B0E9F85D0817DD00724FB ] C:\Windows\assembly\GAC_MSIL\CLI.Component.Runtime\2.0.3726.17543__90ba9c70f846762e\CLI.Component.Runtime.DLL
10:41:08.0005 8020 C:\Windows\assembly\GAC_MSIL\CLI.Component.Runtime\2.0.3726.17543__90ba9c70f846762e\CLI.Component.Runtime.DLL - ok
10:41:08.0009 8020 [ E0A06F8392FEA16BDD742F2A362DBEBA ] C:\Windows\assembly\GAC_MSIL\CLI.Component.Runtime.Shared.Private\2.0.3726.17539__90ba9c70f846762e\CLI.Component.Runtime.Shared.Private.DLL
10:41:08.0009 8020 C:\Windows\assembly\GAC_MSIL\CLI.Component.Runtime.Shared.Private\2.0.3726.17539__90ba9c70f846762e\CLI.Component.Runtime.Shared.Private.DLL - ok
10:41:08.0012 8020 [ C8333F1F77A1B2E25F2202E892CAF634 ] C:\Windows\System32\prnfldr.dll
10:41:08.0012 8020 C:\Windows\System32\prnfldr.dll - ok
10:41:08.0015 8020 [ F13EA9483473CCCBA54FFB4A08D82324 ] C:\Windows\assembly\GAC_MSIL\CLI.Foundation.Private\2.0.3726.17539__90ba9c70f846762e\CLI.Foundation.Private.DLL
10:41:08.0015 8020 C:\Windows\assembly\GAC_MSIL\CLI.Foundation.Private\2.0.3726.17539__90ba9c70f846762e\CLI.Foundation.Private.DLL - ok
10:41:08.0019 8020 [ 681CB0766FC8CB2D637B5C885249237E ] C:\Windows\assembly\GAC_MSIL\CLI.Component.Runtime.Shared\2.0.3726.17539__90ba9c70f846762e\CLI.Component.Runtime.Shared.DLL
10:41:08.0019 8020 C:\Windows\assembly\GAC_MSIL\CLI.Component.Runtime.Shared\2.0.3726.17539__90ba9c70f846762e\CLI.Component.Runtime.Shared.DLL - ok
10:41:08.0022 8020 [ C6DCD7F0573919BFE1A768FF5134CD1C ] C:\Windows\assembly\GAC_MSIL\ATICCCom\2.0.0.0__90ba9c70f846762e\ATICCCom.DLL
10:41:08.0023 8020 C:\Windows\assembly\GAC_MSIL\ATICCCom\2.0.0.0__90ba9c70f846762e\ATICCCom.DLL - ok
10:41:08.0026 8020 [ 9B9A0802B4E34CC4D9DB04AB6ABFA8AE ] C:\Windows\System32\input.dll
10:41:08.0026 8020 C:\Windows\System32\input.dll - ok
10:41:08.0029 8020 [ D629F73E88B2DA7F5BDA2C06466DCCC4 ] C:\Windows\IME\SPTIP.DLL
10:41:08.0029 8020 C:\Windows\IME\SPTIP.DLL - ok
10:41:08.0032 8020 [ FCEBDCCD70A8E4EB4C44F6705B3EA777 ] C:\Program Files\Windows NT\TableTextService\TableTextService.dll
10:41:08.0032 8020 C:\Program Files\Windows NT\TableTextService\TableTextService.dll - ok
10:41:08.0036 8020 [ 175A3854D24AEB4AFD65C1546A98A566 ] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\ADL.Foundation.dll
10:41:08.0036 8020 C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\ADL.Foundation.dll - ok
10:41:08.0039 8020 [ 0CAED8C2A5A594AFC49EDB74D241EC9F ] C:\Windows\System32\en-US\KernelBase.dll.mui
10:41:08.0039 8020 C:\Windows\System32\en-US\KernelBase.dll.mui - ok
10:41:08.0043 8020 [ 3B6DA3373F3266190D4397F5C8DAEFDD ] C:\Windows\assembly\GAC_MSIL\AEM.Server\2.0.3726.17541__90ba9c70f846762e\AEM.Server.DLL
10:41:08.0043 8020 C:\Windows\assembly\GAC_MSIL\AEM.Server\2.0.3726.17541__90ba9c70f846762e\AEM.Server.DLL - ok
10:41:08.0046 8020 [ A54F7697130D7BE5722D646CB1EEDB7D ] C:\Windows\assembly\GAC_MSIL\NEWAEM.Foundation\2.0.3726.17535__90ba9c70f846762e\NEWAEM.Foundation.DLL
10:41:08.0046 8020 C:\Windows\assembly\GAC_MSIL\NEWAEM.Foundation\2.0.3726.17535__90ba9c70f846762e\NEWAEM.Foundation.DLL - ok
10:41:08.0049 8020 [ ADDB05C93272A62606599B24730BD645 ] C:\Windows\System32\DXP.dll
10:41:08.0050 8020 C:\Windows\System32\DXP.dll - ok
10:41:08.0053 8020 [ 856CFFCD835528136367BB1A8FE1DB87 ] C:\Windows\System32\Syncreg.dll
10:41:08.0053 8020 C:\Windows\System32\Syncreg.dll - ok
10:41:08.0056 8020 [ 1EC09DE284601053A20C6E70EFC68A13 ] C:\Program Files\Toshiba\TECO\Teco.exe
10:41:08.0056 8020 C:\Program Files\Toshiba\TECO\Teco.exe - ok
10:41:08.0059 8020 [ C50FFF679E588AFBC7E13BD794AE4C9B ] C:\Windows\assembly\GAC_MSIL\AEM.Server.Shared\2.0.3726.17541__90ba9c70f846762e\AEM.Server.Shared.DLL
10:41:08.0059 8020 C:\Windows\assembly\GAC_MSIL\AEM.Server.Shared\2.0.3726.17541__90ba9c70f846762e\AEM.Server.Shared.DLL - ok
10:41:08.0063 8020 [ 76162C7C1C91DB6736CC55EC6F81ABC9 ] C:\Windows\assembly\GAC_MSIL\AEM.Plugin.Source.Kit.Server\2.0.3726.17657__90ba9c70f846762e\AEM.Plugin.Source.Kit.Server.DLL
10:41:08.0063 8020 C:\Windows\assembly\GAC_MSIL\AEM.Plugin.Source.Kit.Server\2.0.3726.17657__90ba9c70f846762e\AEM.Plugin.Source.Kit.Server.DLL - ok
10:41:08.0067 8020 [ F8F03D206F7D5811D630349A23E9B9B9 ] C:\Windows\ehome\ehSSO.dll
10:41:08.0067 8020 C:\Windows\ehome\ehSSO.dll - ok
10:41:08.0071 8020 [ 1C7F1C3EA5894995E6C563E9AE9F029F ] C:\Windows\System32\l3codeca.acm
10:41:08.0071 8020 C:\Windows\System32\l3codeca.acm - ok
10:41:08.0074 8020 [ B342825C2E6368693F2265F554A17B5E ] C:\Windows\assembly\GAC_MSIL\AEM.Plugin.DPPE.Shared\2.0.3726.17649__90ba9c70f846762e\AEM.Plugin.DPPE.Shared.DLL
10:41:08.0075 8020 C:\Windows\assembly\GAC_MSIL\AEM.Plugin.DPPE.Shared\2.0.3726.17649__90ba9c70f846762e\AEM.Plugin.DPPE.Shared.DLL - ok
10:41:08.0078 8020 [ E564AA635EBE88A4FDEFD5D81CA65517 ] C:\Windows\System32\en-US\l3codeca.acm.mui
10:41:08.0078 8020 C:\Windows\System32\en-US\l3codeca.acm.mui - ok
10:41:08.0081 8020 [ CAEE49FF78BD6E1791E9729C5F7FB273 ] C:\Program Files\Toshiba\TOSHIBA HDD SSD Alert\TosWaitSrv.exe
10:41:08.0082 8020 C:\Program Files\Toshiba\TOSHIBA HDD SSD Alert\TosWaitSrv.exe - ok
10:41:08.0085 8020 [ 55C22204E55AC7809A57769E3434F1C4 ] C:\Windows\assembly\GAC_MSIL\AEM.Plugin.Hotkeys.Shared\2.0.3726.17535__90ba9c70f846762e\AEM.Plugin.Hotkeys.Shared.DLL
10:41:08.0085 8020 C:\Windows\assembly\GAC_MSIL\AEM.Plugin.Hotkeys.Shared\2.0.3726.17535__90ba9c70f846762e\AEM.Plugin.Hotkeys.Shared.DLL - ok
10:41:08.0089 8020 [ DEFADA1DCCF0304AB1771A248027BD1A ] C:\Program Files\Garena Messenger\bbtalk\GarenaTalkOverlay.exe
10:41:08.0089 8020 C:\Program Files\Garena Messenger\bbtalk\GarenaTalkOverlay.exe - ok
10:41:08.0093 8020 [ B2B3DAE040F6B5AE1DF52B0CD7631A18 ] C:\Windows\System32\AltTab.dll
10:41:08.0093 8020 C:\Windows\System32\AltTab.dll - ok
10:41:08.0096 8020 [ 6F5B32393EBBE84B3F1640B10360E9E4 ] C:\Windows\assembly\GAC_MSIL\AEM.Plugin.WinMessages.Shared\2.0.3726.17540__90ba9c70f846762e\AEM.Plugin.WinMessages.Shared.DLL
10:41:08.0096 8020 C:\Windows\assembly\GAC_MSIL\AEM.Plugin.WinMessages.Shared\2.0.3726.17540__90ba9c70f846762e\AEM.Plugin.WinMessages.Shared.DLL - ok
10:41:08.0099 8020 [ CCE69BC85D019F49691C592DDCC2FA97 ] C:\Windows\assembly\GAC_MSIL\DEM.Graphics.I0601\2.0.2573.17685__90ba9c70f846762e\DEM.Graphics.I0601.DLL
10:41:08.0100 8020 C:\Windows\assembly\GAC_MSIL\DEM.Graphics.I0601\2.0.2573.17685__90ba9c70f846762e\DEM.Graphics.I0601.DLL - ok
10:41:08.0103 8020 [ 735263DA17BF5BAF9CCD483843BF9D5A ] C:\Windows\System32\WPDShServiceObj.dll
10:41:08.0103 8020 C:\Windows\System32\WPDShServiceObj.dll - ok
10:41:08.0106 8020 [ 110D2A7BBFBA80AAE36B5F229FE800AD ] C:\Windows\assembly\GAC_MSIL\DEM.Foundation\2.0.2573.17684__90ba9c70f846762e\DEM.Foundation.DLL
10:41:08.0106 8020 C:\Windows\assembly\GAC_MSIL\DEM.Foundation\2.0.2573.17684__90ba9c70f846762e\DEM.Foundation.DLL - ok
10:41:08.0110 8020 [ ADB45A977BD9E45790CA496DB84BA148 ] C:\Windows\System32\PortableDeviceTypes.dll
10:41:08.0110 8020 C:\Windows\System32\PortableDeviceTypes.dll - ok
10:41:08.0113 8020 [ 8255C932433FE181C673D399F29B6F3F ] C:\Windows\assembly\GAC_MSIL\DEM.Graphics\2.0.3726.17544__90ba9c70f846762e\DEM.Graphics.DLL
10:41:08.0113 8020 C:\Windows\assembly\GAC_MSIL\DEM.Graphics\2.0.3726.17544__90ba9c70f846762e\DEM.Graphics.DLL - ok
10:41:08.0116 8020 [ 3D6F22551D422F97AACB0BB927E4C846 ] C:\Windows\System32\pnidui.dll
10:41:08.0117 8020 C:\Windows\System32\pnidui.dll - ok
10:41:08.0120 8020 [ 209E95C65FECAE268DDE2D41876A4702 ] C:\Windows\System32\ATIDEMGX.dll
10:41:08.0120 8020 C:\Windows\System32\ATIDEMGX.dll - ok
10:41:08.0123 8020 [ A680B697545EE8787FF4FD99920CBFF8 ] C:\Program Files\Toshiba\FlashCards\TCrdMain.dll
10:41:08.0123 8020 C:\Program Files\Toshiba\FlashCards\TCrdMain.dll - ok
10:41:08.0126 8020 [ BD626EF05967D14C772B8096292731A3 ] C:\Windows\System32\QUTIL.DLL
10:41:08.0126 8020 C:\Windows\System32\QUTIL.DLL - ok
10:41:08.0130 8020 [ 7F68DEF1375B30F02FC20395D9F97E23 ] C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\4db13ed5b635a3d708647855400b6750\System.Configuration.ni.dll
10:41:08.0130 8020 C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\4db13ed5b635a3d708647855400b6750\System.Configuration.ni.dll - ok
10:41:08.0133 8020 [ 615B86C3038889C8B70F201AD0A76689 ] C:\Program Files\Toshiba\FlashCards\TCrdEvnt.dll
10:41:08.0133 8020 C:\Program Files\Toshiba\FlashCards\TCrdEvnt.dll - ok
10:41:08.0136 8020 [ D223B164752DBF73D879363E677A9FCA ] C:\Windows\System32\atipdlxx.dll
10:41:08.0136 8020 C:\Windows\System32\atipdlxx.dll - ok
10:41:08.0139 8020 [ 674B0C0F6A448EB185CAAB9C51D44032 ] C:\Windows\System32\srchadmin.dll
10:41:08.0139 8020 C:\Windows\System32\srchadmin.dll - ok
10:41:08.0143 8020 [ D30A21DB4FB52A31F6277B11163C59C0 ] C:\Program Files\Toshiba\FlashCards\FnPRTSC.dll
10:41:08.0143 8020 C:\Program Files\Toshiba\FlashCards\FnPRTSC.dll - ok
10:41:08.0146 8020 [ 236F286E103FD44BD85FDD93097FD5DD ] C:\Windows\System32\SearchIndexer.exe
10:41:08.0146 8020 C:\Windows\System32\SearchIndexer.exe - ok
10:41:08.0150 8020 [ 4DC8C4ABA8322D7D66B6F05356929DBB ] C:\Windows\assembly\GAC_MSIL\CLI.Caste.Graphics.Runtime\2.0.3726.17545__90ba9c70f846762e\CLI.Caste.Graphics.Runtime.DLL
10:41:08.0150 8020 C:\Windows\assembly\GAC_MSIL\CLI.Caste.Graphics.Runtime\2.0.3726.17545__90ba9c70f846762e\CLI.Caste.Graphics.Runtime.DLL - ok
10:41:08.0153 8020 [ 552B331DC253F28C6B3B0B2A2B9BA398 ] C:\Program Files\Toshiba\TOSHIBA Service Station\ToshibaServiceStation.exe
10:41:08.0153 8020 C:\Program Files\Toshiba\TOSHIBA Service Station\ToshibaServiceStation.exe - ok
10:41:08.0157 8020 [ 04B88428A872390D235BE52D38A9D4EF ] C:\Windows\System32\dot3api.dll
10:41:08.0157 8020 C:\Windows\System32\dot3api.dll - ok
10:41:08.0160 8020 [ 8DC3534953ECE00C7B993F219F8E6210 ] C:\Program Files\Toshiba\FlashCards\FnSticky.dll
10:41:08.0160 8020 C:\Program Files\Toshiba\FlashCards\FnSticky.dll - ok
10:41:08.0163 8020 [ 8063046AA70B97CA9985672B8848FB2E ] C:\Windows\System32\wlanhlp.dll
10:41:08.0163 8020 C:\Windows\System32\wlanhlp.dll - ok
10:41:08.0167 8020 [ 57A00F69C3ADB21651EBAF4FD26B19DC ] C:\Windows\assembly\GAC_MSIL\CLI.Caste.Graphics.Shared\2.0.3726.17537__90ba9c70f846762e\CLI.Caste.Graphics.Shared.DLL
10:41:08.0167 8020 C:\Windows\assembly\GAC_MSIL\CLI.Caste.Graphics.Shared\2.0.3726.17537__90ba9c70f846762e\CLI.Caste.Graphics.Shared.DLL - ok
10:41:08.0170 8020 [ 90DBA85A10741BA59EC2064BB4440491 ] C:\Program Files\Toshiba\FlashCards\BlackPng.dll
10:41:08.0170 8020 C:\Program Files\Toshiba\FlashCards\BlackPng.dll - ok
10:41:08.0174 8020 [ 40261429E4139A04D27BC9489F3ED7EB ] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\DEM.Graphics.I0709.dll
10:41:08.0174 8020 C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\DEM.Graphics.I0709.dll - ok
10:41:08.0177 8020 [ 9A39A2A5F443A756C568C6ED5748AFE4 ] C:\Windows\System32\ActionCenter.dll
10:41:08.0177 8020 C:\Windows\System32\ActionCenter.dll - ok
10:41:08.0181 8020 [ B8C27C05EF28D3399850B3A963C465D6 ] C:\Windows\assembly\GAC_MSIL\AEM.Plugin.GD.Shared\2.0.3726.17545__90ba9c70f846762e\AEM.Plugin.GD.Shared.DLL
10:41:08.0181 8020 C:\Windows\assembly\GAC_MSIL\AEM.Plugin.GD.Shared\2.0.3726.17545__90ba9c70f846762e\AEM.Plugin.GD.Shared.DLL - ok
10:41:08.0184 8020 [ 465DBF63A5049E4DB4BC5C12FFE781CB ] C:\Windows\System32\tquery.dll
10:41:08.0184 8020 C:\Windows\System32\tquery.dll - ok
10:41:08.0188 8020 [ 8AF9A5C7301956C46717CAA35C73F249 ] C:\Program Files\Toshiba\Power Saver\TFunctab.dll
10:41:08.0188 8020 C:\Program Files\Toshiba\Power Saver\TFunctab.dll - ok
10:41:08.0191 8020 [ 1AF8668CBE56C42921D8CAB7356447A5 ] C:\Program Files\Toshiba\TOSHIBA Service Station\PluginLib.dll
10:41:08.0191 8020 C:\Program Files\Toshiba\TOSHIBA Service Station\PluginLib.dll - ok
10:41:08.0194 8020 [ 0241CB16136B9A4939CA0395768AE286 ] C:\Windows\System32\mssrch.dll
10:41:08.0194 8020 C:\Windows\System32\mssrch.dll - ok
10:41:08.0198 8020 [ C71170A488F408F312BFDA3C6955E1E8 ] C:\Windows\assembly\GAC_MSIL\AEM.Actions.CCAA.Shared\2.0.3726.17539__90ba9c70f846762e\AEM.Actions.CCAA.Shared.DLL
10:41:08.0198 8020 C:\Windows\assembly\GAC_MSIL\AEM.Actions.CCAA.Shared\2.0.3726.17539__90ba9c70f846762e\AEM.Actions.CCAA.Shared.DLL - ok
10:41:08.0201 8020 [ ABE39F956F312174085C5642A48B02A0 ] C:\Program Files\Toshiba\TPHM\TosWaitSrv.exe
10:41:08.0201 8020 C:\Program Files\Toshiba\TPHM\TosWaitSrv.exe - ok
10:41:08.0205 8020 [ 53683A331F8A1BB20ADD0330F1DE6388 ] C:\Program Files\Windows Media Player\wmpnscfg.exe
10:41:08.0205 8020 C:\Program Files\Windows Media Player\wmpnscfg.exe - ok
10:41:08.0208 8020 [ 674F1F10C790624E6AEFF1133EB5690A ] C:\Program Files\Toshiba\FlashCards\TWarnMsg\TWarnMsg.dll
10:41:08.0208 8020 C:\Program Files\Toshiba\FlashCards\TWarnMsg\TWarnMsg.dll - ok
10:41:08.0212 8020 [ E962ADCF9231FC588C9DC6CF07B7D728 ] C:\Windows\assembly\GAC_MSIL\ResourceManagement.Foundation.Private\2.0.3726.17543__90ba9c70f846762e\ResourceManagement.Foundation.Private.DLL
10:41:08.0212 8020 C:\Windows\assembly\GAC_MSIL\ResourceManagement.Foundation.Private\2.0.3726.17543__90ba9c70f846762e\ResourceManagement.Foundation.Private.DLL - ok
10:41:08.0215 8020 [ C02AA67276FEE0C15CC4D6D616BDE95E ] C:\Windows\System32\WWanAPI.dll
10:41:08.0215 8020 C:\Windows\System32\WWanAPI.dll - ok
10:41:08.0218 8020 [ 7F9A009E33940087FDE0FA25D8AA5706 ] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\DEM.Graphics.I0804.dll
10:41:08.0218 8020 C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\DEM.Graphics.I0804.dll - ok
10:41:08.0222 8020 [ A0617B5753E31126AD29C03154F4F329 ] C:\Windows\Microsoft.NET\Framework\v2.0.50727\Culture.dll
10:41:08.0222 8020 C:\Windows\Microsoft.NET\Framework\v2.0.50727\Culture.dll - ok
10:41:08.0226 8020 [ 81600E2E27ED61427AAD865B9BCDDB9D ] C:\Windows\System32\msidle.dll
10:41:08.0226 8020 C:\Windows\System32\msidle.dll - ok
10:41:08.0227 8020 [ 8F8AB20AA863EA95A421B9D54C74F20C ] C:\Program Files\Windows Media Player\wmpnssci.dll
10:41:08.0227 8020 C:\Program Files\Windows Media Player\wmpnssci.dll - ok
10:41:08.0231 8020 [ F2ED6D00921CA138289E5E0CCB9ABF87 ] C:\Windows\System32\wwapi.dll
10:41:08.0231 8020 C:\Windows\System32\wwapi.dll - ok
10:41:08.0234 8020 [ AF5112A454DEE214A44C070E2A59042C ] C:\Program Files\Toshiba\Bluetooth Toshiba Stack\sys\TosBtAPI.dll
10:41:08.0234 8020 C:\Program Files\Toshiba\Bluetooth Toshiba Stack\sys\TosBtAPI.dll - ok
10:41:08.0237 8020 [ 02530B0B7E048DD5AC8D52DAEACAEB2B ] C:\Windows\System32\QAGENT.DLL
10:41:08.0237 8020 C:\Windows\System32\QAGENT.DLL - ok
10:41:08.0241 8020 [ 0A2BF9A8863FF653D53960F0759C5037 ] C:\Program Files\Toshiba\FlashCards\Hotkey\FnESC.dll
10:41:08.0241 8020 C:\Program Files\Toshiba\FlashCards\Hotkey\FnESC.dll - ok
10:41:08.0244 8020 [ 1CBF15FDB0310345A68972EB5C5B948F ] C:\Windows\System32\mssprxy.dll
10:41:08.0244 8020 C:\Windows\System32\mssprxy.dll - ok
10:41:08.0247 8020 [ 3B40D3A61AA8C21B88AE57C58AB3122E ] C:\Program Files\Windows Media Player\wmpnetwk.exe
10:41:08.0247 8020 C:\Program Files\Windows Media Player\wmpnetwk.exe - ok
10:41:08.0251 8020 [ 68CE18072E9CDFE63DD2E083868C7433 ] C:\Windows\assembly\GAC_MSIL\System.Windows.Forms\2.0.0.0__b77a5c561934e089\System.Windows.Forms.dll
10:41:08.0251 8020 C:\Windows\assembly\GAC_MSIL\System.Windows.Forms\2.0.0.0__b77a5c561934e089\System.Windows.Forms.dll - ok
10:41:08.0255 8020 [ D241900C8E03F850E862664F3FBEB5B6 ] C:\Program Files\Toshiba\Bluetooth Toshiba Stack\sys\TosBdAPI.dll
10:41:08.0255 8020 C:\Program Files\Toshiba\Bluetooth Toshiba Stack\sys\TosBdAPI.dll - ok
10:41:08.0258 8020 [ 6CD238F5EDA432DE7896E60D020B905B ] C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DisplaysColour2.Graphics.Runtime\2.0.3726.17575__90ba9c70f846762e\CLI.Aspect.DisplaysColour2.Graphics.Runtime.DLL
10:41:08.0258 8020 C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DisplaysColour2.Graphics.Runtime\2.0.3726.17575__90ba9c70f846762e\CLI.Aspect.DisplaysColour2.Graphics.Runtime.DLL - ok
10:41:08.0262 8020 [ EA712CD98ED9668152AE8C2395EA602A ] C:\Program Files\Toshiba\FlashCards\Hotkey\FnZ.dll
10:41:08.0262 8020 C:\Program Files\Toshiba\FlashCards\Hotkey\FnZ.dll - ok
10:41:08.0265 8020 [ 27F3259304517C3571E192F7E312C9AD ] C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceTV.Graphics.Runtime\2.0.3726.17628__90ba9c70f846762e\CLI.Aspect.DeviceTV.Graphics.Runtime.DLL
10:41:08.0265 8020 C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceTV.Graphics.Runtime\2.0.3726.17628__90ba9c70f846762e\CLI.Aspect.DeviceTV.Graphics.Runtime.DLL - ok
10:41:08.0269 8020 [ DCF3BD06A642B582B950EDA308B08DAD ] C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceCV.Graphics.Runtime\2.0.3726.17607__90ba9c70f846762e\CLI.Aspect.DeviceCV.Graphics.Runtime.DLL
10:41:08.0269 8020 C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceCV.Graphics.Runtime\2.0.3726.17607__90ba9c70f846762e\CLI.Aspect.DeviceCV.Graphics.Runtime.DLL - ok
10:41:08.0272 8020 [ E3D5E244807AD655787FCD25477CC1BC ] C:\Windows\System32\bthprops.cpl
10:41:08.0273 8020 C:\Windows\System32\bthprops.cpl - ok
10:41:08.0276 8020 [ BB9266E63E64F3B58EDF290CC51D0167 ] C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DisplaysOptions.Graphics.Runtime\2.0.3726.17604__90ba9c70f846762e\CLI.Aspect.DisplaysOptions.Graphics.Runtime.DLL
10:41:08.0276 8020 C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DisplaysOptions.Graphics.Runtime\2.0.3726.17604__90ba9c70f846762e\CLI.Aspect.DisplaysOptions.Graphics.Runtime.DLL - ok
10:41:08.0280 8020 [ CEAF2C8E923EE87307161232E5AE0FB9 ] C:\Windows\assembly\GAC_MSIL\CLI.Aspect.HotkeysHandling.Graphics.Runtime\2.0.3726.17557__90ba9c70f846762e\CLI.Aspect.HotkeysHandling.Graphics.Runtime.DLL
10:41:08.0280 8020 C:\Windows\assembly\GAC_MSIL\CLI.Aspect.HotkeysHandling.Graphics.Runtime\2.0.3726.17557__90ba9c70f846762e\CLI.Aspect.HotkeysHandling.Graphics.Runtime.DLL - ok
10:41:08.0283 8020 [ 5CF15474FFDB5005E54958DF6EDD97AB ] C:\Windows\System32\wmdrmdev.dll
10:41:08.0283 8020 C:\Windows\System32\wmdrmdev.dll - ok
10:41:08.0287 8020 [ FCB60AA9E5FDDEA93E9C4DA31AB5B590 ] C:\Windows\assembly\GAC_MSIL\CLI.Caste.Graphics.Runtime.Shared.Private\2.0.3726.17569__90ba9c70f846762e\CLI.Caste.Graphics.Runtime.Shared.Private.DLL
10:41:08.0287 8020 C:\Windows\assembly\GAC_MSIL\CLI.Caste.Graphics.Runtime.Shared.Private\2.0.3726.17569__90ba9c70f846762e\CLI.Caste.Graphics.Runtime.Shared.Private.DLL - ok
10:41:08.0290 8020 [ 47D052D9EE1FD3BA2A55D13F61E3EF24 ] C:\Windows\System32\drmv2clt.dll
10:41:08.0290 8020 C:\Windows\System32\drmv2clt.dll - ok
10:41:08.0294 8020 [ B63E24E9271E99FD4540E3CA22A937DA ] C:\Windows\System32\en-US\tquery.dll.mui
10:41:08.0294 8020 C:\Windows\System32\en-US\tquery.dll.mui - ok
10:41:08.0297 8020 [ 341595E3413A7EBD1B487503A4984287 ] C:\Program Files\Toshiba\FlashCards\Hotkey\TCrdKBB.exe
10:41:08.0297 8020 C:\Program Files\Toshiba\FlashCards\Hotkey\TCrdKBB.exe - ok
10:41:08.0301 8020 [ F7E0783DA9043BC131BB37C77EDB04DF ] C:\Program Files\Toshiba\TOSHIBA Web Camera Application\TWebCamera.exe
10:41:08.0301 8020 C:\Program Files\Toshiba\TOSHIBA Web Camera Application\TWebCamera.exe - ok
10:41:08.0304 8020 [ 7A6986DD659B96398A11AF5173892715 ] C:\Windows\System32\cabinet.dll
10:41:08.0304 8020 C:\Windows\System32\cabinet.dll - ok
10:41:08.0308 8020 [ 08DCE0B10F3DCF48F8A2818B7423FA28 ] C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DisplaysColour2.Graphics.Shared\2.0.3726.17557__90ba9c70f846762e\CLI.Aspect.DisplaysColour2.Graphics.Shared.DLL
10:41:08.0308 8020 C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DisplaysColour2.Graphics.Shared\2.0.3726.17557__90ba9c70f846762e\CLI.Aspect.DisplaysColour2.Graphics.Shared.DLL - ok
10:41:08.0312 8020 [ B34102C817E0D1CDFB41897DCBCAB6BC ] C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceCV.Graphics.Shared\2.0.3726.17607__90ba9c70f846762e\CLI.Aspect.DeviceCV.Graphics.Shared.DLL
10:41:08.0312 8020 C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceCV.Graphics.Shared\2.0.3726.17607__90ba9c70f846762e\CLI.Aspect.DeviceCV.Graphics.Shared.DLL - ok

Continued log from TDSSKiller.

10:41:08.0315 8020 [ 1957D49A9613FAAD1C73B508CCE02AA5 ] C:\Windows\System32\wmp.dll
10:41:08.0315 8020 C:\Windows\System32\wmp.dll - ok
10:41:08.0318 8020 [ C2D6A4475B87651D5909E364439FDA52 ] C:\Windows\System32\FXSST.dll
10:41:08.0318 8020 C:\Windows\System32\FXSST.dll - ok
10:41:08.0322 8020 [ 0FBC74AA20FE0AE6884279F893169C60 ] C:\Windows\System32\wmploc.DLL
10:41:08.0322 8020 C:\Windows\System32\wmploc.DLL - ok
10:41:08.0326 8020 [ 6F54D1C369F0A9A4598D899D7518832A ] C:\Windows\assembly\GAC_MSIL\CLI.Aspect.PowerPlayDPPE.Graphics.Runtime\2.0.3726.17649__90ba9c70f846762e\CLI.Aspect.PowerPlayDPPE.Graphics.Runtime.DLL
10:41:08.0326 8020 C:\Windows\assembly\GAC_MSIL\CLI.Aspect.PowerPlayDPPE.Graphics.Runtime\2.0.3726.17649__90ba9c70f846762e\CLI.Aspect.PowerPlayDPPE.Graphics.Runtime.DLL - ok
10:41:08.0329 8020 [ C6B2F7EE97BDDA5B790ACE1B62FA3A37 ] C:\Windows\assembly\GAC_MSIL\CLI.Aspect.CustomFormats.Graphics.Shared\2.0.3726.17567__90ba9c70f846762e\CLI.Aspect.CustomFormats.Graphics.Shared.DLL
10:41:08.0329 8020 C:\Windows\assembly\GAC_MSIL\CLI.Aspect.CustomFormats.Graphics.Shared\2.0.3726.17567__90ba9c70f846762e\CLI.Aspect.CustomFormats.Graphics.Shared.DLL - ok
10:41:08.0333 8020 [ 14FEA0F71CDD2CD56CB85144D5C32553 ] C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceDFP.Graphics.Runtime\2.0.3726.17596__90ba9c70f846762e\CLI.Aspect.DeviceDFP.Graphics.Runtime.DLL
10:41:08.0333 8020 C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceDFP.Graphics.Runtime\2.0.3726.17596__90ba9c70f846762e\CLI.Aspect.DeviceDFP.Graphics.Runtime.DLL - ok
10:41:08.0337 8020 [ 80770AFCFA913F39BBCA943889004B59 ] C:\Windows\assembly\GAC_MSIL\CLI.Aspect.MMVideo.Graphics.Runtime\2.0.3726.17598__90ba9c70f846762e\CLI.Aspect.MMVideo.Graphics.Runtime.DLL
10:41:08.0337 8020 C:\Windows\assembly\GAC_MSIL\CLI.Aspect.MMVideo.Graphics.Runtime\2.0.3726.17598__90ba9c70f846762e\CLI.Aspect.MMVideo.Graphics.Runtime.DLL - ok
10:41:08.0340 8020 [ 95487462D66905AAE27DDE3138CF623B ] C:\Windows\assembly\GAC_MSIL\CLI.Aspect.Radeon3D.Graphics.Runtime\2.0.3726.17612__90ba9c70f846762e\CLI.Aspect.Radeon3D.Graphics.Runtime.DLL
10:41:08.0340 8020 C:\Windows\assembly\GAC_MSIL\CLI.Aspect.Radeon3D.Graphics.Runtime\2.0.3726.17612__90ba9c70f846762e\CLI.Aspect.Radeon3D.Graphics.Runtime.DLL - ok
10:41:08.0344 8020 [ AA423458D01056BB0EDBB3F861B4B793 ] C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceLCD.Graphics.Runtime\2.0.3726.17605__90ba9c70f846762e\CLI.Aspect.DeviceLCD.Graphics.Runtime.DLL
10:41:08.0344 8020 C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceLCD.Graphics.Runtime\2.0.3726.17605__90ba9c70f846762e\CLI.Aspect.DeviceLCD.Graphics.Runtime.DLL - ok
10:41:08.0348 8020 [ 113D66690F39EFE4CC23A46BC9FF7F61 ] C:\Windows\assembly\GAC_MSIL\CLI.Aspect.HotkeysHandling.Graphics.Shared\2.0.3726.17544__90ba9c70f846762e\CLI.Aspect.HotkeysHandling.Graphics.Shared.DLL
10:41:08.0348 8020 C:\Windows\assembly\GAC_MSIL\CLI.Aspect.HotkeysHandling.Graphics.Shared\2.0.3726.17544__90ba9c70f846762e\CLI.Aspect.HotkeysHandling.Graphics.Shared.DLL - ok
10:41:08.0351 8020 [ 4C8FEFC52A029467D1B73919EDDC8B3D ] C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceCRT.Graphics.Runtime\2.0.3726.17597__90ba9c70f846762e\CLI.Aspect.DeviceCRT.Graphics.Runtime.DLL
10:41:08.0351 8020 C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceCRT.Graphics.Runtime\2.0.3726.17597__90ba9c70f846762e\CLI.Aspect.DeviceCRT.Graphics.Runtime.DLL - ok
10:41:08.0355 8020 [ 942E57152F1CD0533644AB30EF1A4728 ] C:\Windows\System32\FXSAPI.dll
10:41:08.0355 8020 C:\Windows\System32\FXSAPI.dll - ok
10:41:08.0358 8020 [ 0F416E23DD2EB4DEBE70608020CFD283 ] C:\Windows\System32\WMVCORE.DLL
10:41:08.0358 8020 C:\Windows\System32\WMVCORE.DLL - ok
10:41:08.0361 8020 [ 156BA064ECE69A5F06D027B5D93EA8EC ] C:\ProgramData\Microsoft\Windows\DRM\Cache\Indiv_SID_S-1-5-20\Indiv01.key
10:41:08.0361 8020 C:\ProgramData\Microsoft\Windows\DRM\Cache\Indiv_SID_S-1-5-20\Indiv01.key - ok
10:41:08.0365 8020 [ C4096CA42199428B3D63DC206C197F0E ] C:\Windows\System32\FXSRESM.dll
10:41:08.0365 8020 C:\Windows\System32\FXSRESM.dll - ok
10:41:08.0368 8020 [ 7D8823CDB4E89BC3B42320CEB9F95353 ] C:\Program Files\Toshiba\TosVolRegulator\TosVolRegulator.exe
10:41:08.0368 8020 C:\Program Files\Toshiba\TosVolRegulator\TosVolRegulator.exe - ok
10:41:08.0372 8020 [ 5A646D67901159C3B065E24472FFF0C8 ] C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceDFP.Graphics.Shared\2.0.3726.17567__90ba9c70f846762e\CLI.Aspect.DeviceDFP.Graphics.Shared.DLL
10:41:08.0372 8020 C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceDFP.Graphics.Shared\2.0.3726.17567__90ba9c70f846762e\CLI.Aspect.DeviceDFP.Graphics.Shared.DLL - ok
10:41:08.0376 8020 [ A7DD56261518373F70F23079EB3CD0A2 ] C:\Windows\System32\WMASF.DLL
10:41:08.0376 8020 C:\Windows\System32\WMASF.DLL - ok
10:41:08.0378 8020 [ 967EA5B213E9984CBE270205DF37755B ] C:\Windows\System32\FXSSVC.exe
10:41:08.0379 8020 C:\Windows\System32\FXSSVC.exe - ok
10:41:08.0382 8020 [ AF0ABE3A1DD903E71B857D6C1E35FFFF ] C:\Windows\assembly\GAC_MSIL\CLI.Aspect.Radeon3D.Graphics.Shared\2.0.3726.17612__90ba9c70f846762e\CLI.Aspect.Radeon3D.Graphics.Shared.DLL
10:41:08.0382 8020 C:\Windows\assembly\GAC_MSIL\CLI.Aspect.Radeon3D.Graphics.Shared\2.0.3726.17612__90ba9c70f846762e\CLI.Aspect.Radeon3D.Graphics.Shared.DLL - ok
10:41:08.0385 8020 [ 5193DE33F3284C447E0D31DAFBF92570 ] C:\Windows\System32\webcheck.dll
10:41:08.0385 8020 C:\Windows\System32\webcheck.dll - ok
10:41:08.0388 8020 [ 8EE6BDE1D572677AA35707C52C585F75 ] C:\Windows\System32\mlang.dll
10:41:08.0388 8020 C:\Windows\System32\mlang.dll - ok
10:41:08.0392 8020 [ 246511D2E235B040B1456D732E52D9F6 ] C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DisplaysOptions.Graphics.Shared\2.0.3726.17603__90ba9c70f846762e\CLI.Aspect.DisplaysOptions.Graphics.Shared.DLL
10:41:08.0392 8020 C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DisplaysOptions.Graphics.Shared\2.0.3726.17603__90ba9c70f846762e\CLI.Aspect.DisplaysOptions.Graphics.Shared.DLL - ok
10:41:08.0396 8020 [ AAAEF4BFFE8AC7F583DD68A6CEC9DC78 ] C:\Windows\assembly\GAC_MSIL\CLI.Aspect.Welcome.Graphics.Runtime\2.0.3726.17684__90ba9c70f846762e\CLI.Aspect.Welcome.Graphics.Runtime.DLL
10:41:08.0396 8020 C:\Windows\assembly\GAC_MSIL\CLI.Aspect.Welcome.Graphics.Runtime\2.0.3726.17684__90ba9c70f846762e\CLI.Aspect.Welcome.Graphics.Runtime.DLL - ok
10:41:08.0399 8020 [ 73DBAA64D589F3262615550DD6881FEE ] C:\Windows\winsxs\x86_microsoft.vc80.openmp_1fc8b3b9a1e18e3b_8.0.50727.6195_none_3b1209fdc9ac7774\vcomp.dll
10:41:08.0399 8020 C:\Windows\winsxs\x86_microsoft.vc80.openmp_1fc8b3b9a1e18e3b_8.0.50727.6195_none_3b1209fdc9ac7774\vcomp.dll - ok
10:41:08.0403 8020 [ 954EA9B34F155C844B11F4047A8F6F89 ] C:\Windows\System32\upnp.dll
10:41:08.0403 8020 C:\Windows\System32\upnp.dll - ok
10:41:08.0406 8020 [ 2DDEA2C345DA5BC589EFD398F220DB0E ] C:\Windows\System32\SyncCenter.dll
10:41:08.0406 8020 C:\Windows\System32\SyncCenter.dll - ok
10:41:08.0410 8020 [ C3593F862D74FF4198920DBF0F27395C ] C:\Windows\assembly\GAC_MSIL\CLI.Aspect.PowerPlayDPPE.Graphics.Shared\2.0.3726.17623__90ba9c70f846762e\CLI.Aspect.PowerPlayDPPE.Graphics.Shared.DLL
10:41:08.0410 8020 C:\Windows\assembly\GAC_MSIL\CLI.Aspect.PowerPlayDPPE.Graphics.Shared\2.0.3726.17623__90ba9c70f846762e\CLI.Aspect.PowerPlayDPPE.Graphics.Shared.DLL - ok
10:41:08.0413 8020 [ E82FD3171BF413C26D7C93BD8272CBA7 ] C:\Windows\assembly\GAC_MSIL\CLI.Aspect.MMVideo.Graphics.Shared\2.0.3726.17587__90ba9c70f846762e\CLI.Aspect.MMVideo.Graphics.Shared.DLL
10:41:08.0413 8020 C:\Windows\assembly\GAC_MSIL\CLI.Aspect.MMVideo.Graphics.Shared\2.0.3726.17587__90ba9c70f846762e\CLI.Aspect.MMVideo.Graphics.Shared.DLL - ok
10:41:08.0417 8020 [ 3335266E5355027E33B8D87F7FEBF8AE ] C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceLCD.Graphics.Shared\2.0.3726.17556__90ba9c70f846762e\CLI.Aspect.DeviceLCD.Graphics.Shared.DLL
10:41:08.0417 8020 C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceLCD.Graphics.Shared\2.0.3726.17556__90ba9c70f846762e\CLI.Aspect.DeviceLCD.Graphics.Shared.DLL - ok
10:41:08.0420 8020 [ 5BB8C06EB5EA4BA22EE8A678F2D79B25 ] C:\Windows\System32\devenum.dll
10:41:08.0420 8020 C:\Windows\System32\devenum.dll - ok
10:41:08.0424 8020 [ 7CF9FC62274C0A7C05CCFBB3EA5DB933 ] C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceTV.Graphics.Shared\2.0.3726.17628__90ba9c70f846762e\CLI.Aspect.DeviceTV.Graphics.Shared.DLL
10:41:08.0424 8020 C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceTV.Graphics.Shared\2.0.3726.17628__90ba9c70f846762e\CLI.Aspect.DeviceTV.Graphics.Shared.DLL - ok
10:41:08.0428 8020 [ 0386FAD4FEE556BE7C263DD397D30E75 ] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\DEM.Graphics.I0805.dll
10:41:08.0428 8020 C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\DEM.Graphics.I0805.dll - ok
10:41:08.0432 8020 [ 18CEDFF86F2507A7116C5795D0EABC7B ] C:\Program Files\Toshiba\BulletinBoard\TosNcCore.exe
10:41:08.0432 8020 C:\Program Files\Toshiba\BulletinBoard\TosNcCore.exe - ok
10:41:08.0435 8020 [ 7069AAB8536F29ED7323140973A2894B ] C:\Windows\System32\msdmo.dll
10:41:08.0435 8020 C:\Windows\System32\msdmo.dll - ok
10:41:08.0438 8020 [ 2D11BC8B460957E62E4420373A0D8BDA ] C:\Windows\System32\imapi2.dll
10:41:08.0438 8020 C:\Windows\System32\imapi2.dll - ok
10:41:08.0441 8020 [ E24FE90E9DE8D8AE70E59F7B01675DEF ] C:\Windows\System32\avicap32.dll
10:41:08.0441 8020 C:\Windows\System32\avicap32.dll - ok
10:41:08.0445 8020 [ 98D06080096A4AF3EC11DB2EF072CAB3 ] C:\Windows\assembly\GAC_MSIL\CLI.Aspect.Welcome.Graphics.Shared\2.0.3726.17651__90ba9c70f846762e\CLI.Aspect.Welcome.Graphics.Shared.DLL
10:41:08.0445 8020 C:\Windows\assembly\GAC_MSIL\CLI.Aspect.Welcome.Graphics.Shared\2.0.3726.17651__90ba9c70f846762e\CLI.Aspect.Welcome.Graphics.Shared.DLL - ok
10:41:08.0448 8020 [ D887C9FD02AC9FA880F6E5027A43E118 ] C:\Windows\System32\ssdpsrv.dll
10:41:08.0448 8020 C:\Windows\System32\ssdpsrv.dll - ok
10:41:08.0451 8020 [ C335EC1182AC10B188705554E0BC1186 ] C:\Windows\System32\msvfw32.dll
10:41:08.0451 8020 C:\Windows\System32\msvfw32.dll - ok
10:41:08.0454 8020 [ C7952D0A4C43A965A1741916BB134751 ] C:\Windows\System32\hgcpl.dll
10:41:08.0454 8020 C:\Windows\System32\hgcpl.dll - ok
10:41:08.0457 8020 [ 24498D084FAA7A459C91066EC241E1CE ] C:\Windows\System32\vfwwdm32.dll
10:41:08.0457 8020 C:\Windows\System32\vfwwdm32.dll - ok
10:41:08.0461 8020 [ C140F86932B5B61F54A4D836E2D34AB2 ] C:\Windows\System32\ksproxy.ax
10:41:08.0461 8020 C:\Windows\System32\ksproxy.ax - ok
10:41:08.0464 8020 [ F3222C893BD2F5821A0179E5C71E88FB ] C:\Windows\System32\fdPHost.dll
10:41:08.0464 8020 C:\Windows\System32\fdPHost.dll - ok
10:41:08.0467 8020 [ 7DBE8CBFE79EFBDEB98C9FB08D3A9A5B ] C:\Windows\System32\FDResPub.dll
10:41:08.0467 8020 C:\Windows\System32\FDResPub.dll - ok
10:41:08.0471 8020 [ 81CA32EFCF10C09B9E8B0387F9479074 ] C:\Program Files\Toshiba\FlashCards\Hotkey\FnF1.dll
10:41:08.0471 8020 C:\Program Files\Toshiba\FlashCards\Hotkey\FnF1.dll - ok
10:41:08.0474 8020 [ 7773B889E7948A3A02B8027D8CE88899 ] C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceCRT.Graphics.Shared\2.0.3726.17596__90ba9c70f846762e\CLI.Aspect.DeviceCRT.Graphics.Shared.DLL
10:41:08.0474 8020 C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceCRT.Graphics.Shared\2.0.3726.17596__90ba9c70f846762e\CLI.Aspect.DeviceCRT.Graphics.Shared.DLL - ok
10:41:08.0478 8020 [ 258C457AED786E5F6360A8472BF6C176 ] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\DEM.Graphics.I0906.dll
10:41:08.0478 8020 C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\DEM.Graphics.I0906.dll - ok
10:41:08.0480 8020 [ 73F6C5223F7E9B5780DD4A6C30FCF569 ] C:\Windows\System32\WSDApi.dll
10:41:08.0480 8020 C:\Windows\System32\WSDApi.dll - ok
10:41:08.0484 8020 [ 9E897687058F8A8D95CE888AC6835AD7 ] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\DEM.Graphics.I0912.dll
10:41:08.0484 8020 C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\DEM.Graphics.I0912.dll - ok
10:41:08.0487 8020 [ DE6F4B7E62FDE776F3DE8E5FB5A05C48 ] C:\Windows\System32\fdWSD.dll
10:41:08.0487 8020 C:\Windows\System32\fdWSD.dll - ok
10:41:08.0490 8020 [ A7CE9387141E46E9106EA247901B9FC3 ] C:\Program Files\Toshiba\Power Saver\TFunc2.dll
10:41:08.0490 8020 C:\Program Files\Toshiba\Power Saver\TFunc2.dll - ok
10:41:08.0493 8020 [ 6EF5F3F18413C367195F06E503AB86A6 ] C:\Windows\System32\d3d9.dll
10:41:08.0493 8020 C:\Windows\System32\d3d9.dll - ok
10:41:08.0496 8020 [ DB846EECA70EE9D2E2FF31147C57B0F4 ] C:\Windows\System32\webservices.dll
10:41:08.0496 8020 C:\Windows\System32\webservices.dll - ok
10:41:08.0500 8020 [ 77B1471A490B53B24EFE136F09F76550 ] C:\Windows\System32\d3d8thk.dll
10:41:08.0500 8020 C:\Windows\System32\d3d8thk.dll - ok
10:41:08.0503 8020 [ 2E7FAB502A8615B1AAB0EAB35AFBCA3B ] C:\Windows\assembly\GAC_MSIL\DEM.Graphics.I0706\2.0.2743.23304__90ba9c70f846762e\DEM.Graphics.I0706.DLL
10:41:08.0503 8020 C:\Windows\assembly\GAC_MSIL\DEM.Graphics.I0706\2.0.2743.23304__90ba9c70f846762e\DEM.Graphics.I0706.DLL - ok
10:41:08.0507 8020 [ 0803424C3751B2F96DF8E270E7157BF1 ] C:\Program Files\Toshiba\FlashCards\Hotkey\FnF3.dll
10:41:08.0507 8020 C:\Program Files\Toshiba\FlashCards\Hotkey\FnF3.dll - ok
10:41:08.0510 8020 [ 674611721264013DB169EC12AFC9C3B6 ] C:\Windows\System32\fdSSDP.dll
10:41:08.0510 8020 C:\Windows\System32\fdSSDP.dll - ok
10:41:08.0513 8020 [ 89D90579E5FB1469CB0464F6512E42B7 ] C:\Windows\System32\fundisc.dll
10:41:08.0513 8020 C:\Windows\System32\fundisc.dll - ok
10:41:08.0518 8020 [ E74F147EBBCEE5602A9FE79993B0F833 ] C:\Program Files\Toshiba\ReelTime\TosReelTimeMonitor.exe
10:41:08.0518 8020 C:\Program Files\Toshiba\ReelTime\TosReelTimeMonitor.exe - ok
10:41:08.0521 8020 [ 4DDACA8A66B95ABA02812FF3C13DE198 ] C:\Windows\System32\vidcap.ax
10:41:08.0521 8020 C:\Windows\System32\vidcap.ax - ok
10:41:08.0524 8020 [ 95A905ECE979DE78067CA2C229A6A69B ] C:\Program Files\Toshiba\BulletinBoard\TosNcUi.dll
10:41:08.0524 8020 C:\Program Files\Toshiba\BulletinBoard\TosNcUi.dll - ok
10:41:08.0528 8020 [ 021A14CC31FB10582998138F56BD9A02 ] C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceProperty.Graphics.Shared\2.0.3726.17556__90ba9c70f846762e\CLI.Aspect.DeviceProperty.Graphics.Shared.DLL
10:41:08.0528 8020 C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceProperty.Graphics.Shared\2.0.3726.17556__90ba9c70f846762e\CLI.Aspect.DeviceProperty.Graphics.Shared.DLL - ok
10:41:08.0531 8020 [ 630A31F277349109299E590856A4B004 ] C:\Windows\System32\Kswdmcap.ax
10:41:08.0531 8020 C:\Windows\System32\Kswdmcap.ax - ok
10:41:08.0535 8020 [ 08415DC2E0DF45D52A0436587ADB64CA ] C:\Program Files\Toshiba\FlashCards\Hotkey\FnF4.dll
10:41:08.0535 8020 C:\Program Files\Toshiba\FlashCards\Hotkey\FnF4.dll - ok
10:41:08.0538 8020 [ 89FAB38817DCB739D7EA8931B99E2257 ] C:\Program Files\Toshiba\FlashCards\Hotkey\fnf5.dll
10:41:08.0539 8020 C:\Program Files\Toshiba\FlashCards\Hotkey\fnf5.dll - ok
10:41:08.0542 8020 [ DC6612A9EE015A36BA2A27BC9CC12537 ] C:\Windows\System32\mfc42.dll
10:41:08.0542 8020 C:\Windows\System32\mfc42.dll - ok
10:41:08.0545 8020 [ 4AC9456B06B5CF56AAD4C547DD3DF553 ] C:\Windows\System32\drivers\atikmdag.sys
10:41:08.0545 8020 C:\Windows\System32\drivers\atikmdag.sys - ok
10:41:08.0549 8020 [ 5C281FFE91B8639A7448FCEC5754E123 ] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\DEM.Graphics.I0712.dll
10:41:08.0549 8020 C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\DEM.Graphics.I0712.dll - ok
10:41:08.0552 8020 [ 7D34AF98A706230CC2DEDFE0CABF87AB ] C:\Windows\System32\odbc32.dll
10:41:08.0552 8020 C:\Windows\System32\odbc32.dll - ok
10:41:08.0556 8020 [ 370A24C696A8E93750D96A9B9AB705F2 ] C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceProperty.Graphics.Runtime\2.0.3726.17596__90ba9c70f846762e\CLI.Aspect.DeviceProperty.Graphics.Runtime.DLL
10:41:08.0556 8020 C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceProperty.Graphics.Runtime\2.0.3726.17596__90ba9c70f846762e\CLI.Aspect.DeviceProperty.Graphics.Runtime.DLL - ok
10:41:08.0559 8020 [ ABA457BFC7EC0B5E130B2F1E0F549DFF ] C:\Windows\System32\odbcint.dll
10:41:08.0559 8020 C:\Windows\System32\odbcint.dll - ok
10:41:08.0562 8020 [ 3FF0FA0A81910617739644A06D06D016 ] C:\Windows\System32\fdProxy.dll
10:41:08.0562 8020 C:\Windows\System32\fdProxy.dll - ok
10:41:08.0566 8020 [ 05B9079A6663E3C6859E5515145C4951 ] C:\Program Files\Toshiba\FlashCards\Hotkey\FnF67.dll
10:41:08.0566 8020 C:\Program Files\Toshiba\FlashCards\Hotkey\FnF67.dll - ok
10:41:08.0569 8020 [ 62CBF36E3E10BAA74224BC7A6DD998B5 ] C:\Program Files\Internet Explorer\ieproxy.dll
10:41:08.0569 8020 C:\Program Files\Internet Explorer\ieproxy.dll - ok
10:41:08.0573 8020 [ ACFD0D2CD67C478673F2EAB1CB4D9D79 ] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\DEM.Graphics.I0812.dll
10:41:08.0573 8020 C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\DEM.Graphics.I0812.dll - ok
10:41:08.0576 8020 [ E7DD4B34C5940BC176073E8539E5660C ] C:\Program Files\Toshiba\FlashCards\Hotkey\FnF8Dll.dll
10:41:08.0576 8020 C:\Program Files\Toshiba\FlashCards\Hotkey\FnF8Dll.dll - ok
10:41:08.0579 8020 [ 08DF1B8C9C0754A7069E80A986373F52 ] C:\Windows\System32\P2P.dll
10:41:08.0579 8020 C:\Windows\System32\P2P.dll - ok
10:41:08.0582 8020 [ 6658F4404DE03D75FE3BA09F7ABA6A30 ] C:\Windows\System32\ListSvc.dll
10:41:08.0583 8020 C:\Windows\System32\ListSvc.dll - ok
10:41:08.0586 8020 [ 3F2B83695E5BF11930C16AF50E991F96 ] C:\Windows\System32\wmpps.dll
10:41:08.0586 8020 C:\Windows\System32\wmpps.dll - ok
10:41:08.0589 8020 [ 71E22E0BE06A21070AF772C7B499CFBE ] C:\Program Files\Toshiba\FlashCards\Hotkey\FnF9.dll
10:41:08.0589 8020 C:\Program Files\Toshiba\FlashCards\Hotkey\FnF9.dll - ok
10:41:08.0592 8020 [ FA435C17BA90303285148A4F19D5DF0F ] C:\Program Files\Toshiba\FlashCards\Hotkey\FnF10.dll
10:41:08.0592 8020 C:\Program Files\Toshiba\FlashCards\Hotkey\FnF10.dll - ok
10:41:08.0596 8020 [ 84417D5F72361A8D14E7B0BAAE1F9DCA ] C:\Program Files\Yuna Software\Messenger Plus!\PlusService.exe
10:41:08.0596 8020 C:\Program Files\Yuna Software\Messenger Plus!\PlusService.exe - ok
10:41:08.0599 8020 [ 3DDCAE04E08B673826157D51DB9C427F ] C:\Program Files\Toshiba\FlashCards\Hotkey\FnF11.dll
10:41:08.0599 8020 C:\Program Files\Toshiba\FlashCards\Hotkey\FnF11.dll - ok
10:41:08.0603 8020 [ 82A8521DDC60710C3D3D3E7325209BEC ] C:\Windows\System32\pnrpsvc.dll
10:41:08.0603 8020 C:\Windows\System32\pnrpsvc.dll - ok
10:41:08.0606 8020 [ 7B97346CE563B74BBCC120FC83E5A6D9 ] C:\Windows\System32\wmpmde.dll
10:41:08.0606 8020 C:\Windows\System32\wmpmde.dll - ok
10:41:08.0609 8020 [ 8BD3BB73C83C5A6B73E9D84597A817E3 ] C:\Program Files\Toshiba\FlashCards\Hotkey\FnSpace.dll
10:41:08.0609 8020 C:\Program Files\Toshiba\FlashCards\Hotkey\FnSpace.dll - ok
10:41:08.0612 8020 [ 649ED39CA880B4CC5602D80931FF8817 ] C:\Program Files\Windows Live\Messenger\msgsres.dll
10:41:08.0612 8020 C:\Program Files\Windows Live\Messenger\msgsres.dll - ok
10:41:08.0616 8020 [ C94D9591F6C18267F9EE731EF740085B ] C:\Windows\assembly\GAC_MSIL\APM.Server\2.0.3726.17542__90ba9c70f846762e\APM.Server.DLL
10:41:08.0616 8020 C:\Windows\assembly\GAC_MSIL\APM.Server\2.0.3726.17542__90ba9c70f846762e\APM.Server.DLL - ok
10:41:08.0620 8020 [ 2FAD0C06D536B31F529E365CFBA98BCB ] C:\Windows\assembly\GAC_MSIL\APM.Foundation\2.0.3726.17535__90ba9c70f846762e\APM.Foundation.DLL
10:41:08.0620 8020 C:\Windows\assembly\GAC_MSIL\APM.Foundation\2.0.3726.17535__90ba9c70f846762e\APM.Foundation.DLL - ok
10:41:08.0623 8020 [ 5C651246CD24095952F976A754C6B110 ] C:\Program Files\Toshiba\TOSHIBA Assist\NotifyX.dll
10:41:08.0623 8020 C:\Program Files\Toshiba\TOSHIBA Assist\NotifyX.dll - ok
10:41:08.0626 8020 [ 81C0FA250EF6DC1C6B3FA2BCE81D6C2E ] C:\Windows\System32\WinSATAPI.dll
10:41:08.0627 8020 C:\Windows\System32\WinSATAPI.dll - ok
10:41:08.0630 8020 [ 43804516E0A84BEDE6A430869F48CDA5 ] C:\Program Files\Toshiba\PCDiag\NotifyPCD.dll
10:41:08.0630 8020 C:\Program Files\Toshiba\PCDiag\NotifyPCD.dll - ok
10:41:08.0633 8020 [ 24B1666FD14CC71C7B0679AC61625B90 ] C:\Program Files\Windows Live\Messenger\msnmsgr.exe
10:41:08.0633 8020 C:\Program Files\Windows Live\Messenger\msnmsgr.exe - ok
10:41:08.0637 8020 [ 81E7E920312D372CF57A817049AC7C76 ] C:\Program Files\Common Files\microsoft shared\OFFICE14\MSOXMLMF.DLL
10:41:08.0637 8020 C:\Program Files\Common Files\microsoft shared\OFFICE14\MSOXMLMF.DLL - ok
10:41:08.0640 8020 [ 2B2C711D49E745113FA682D72A3EFA8F ] C:\Program Files\Toshiba\ConfigFree\CFNotify.dll
10:41:08.0640 8020 C:\Program Files\Toshiba\ConfigFree\CFNotify.dll - ok
10:41:08.0644 8020 [ 924DD568399FA10E019A7DCC0BDBB2FB ] C:\Program Files\Toshiba\Bluetooth Toshiba Stack\NotifyBT.dll
10:41:08.0644 8020 C:\Program Files\Toshiba\Bluetooth Toshiba Stack\NotifyBT.dll - ok
10:41:08.0647 8020 [ 59C3DDD501E39E006DAC31BF55150D91 ] C:\Windows\System32\p2psvc.dll
10:41:08.0647 8020 C:\Windows\System32\p2psvc.dll - ok
10:41:08.0650 8020 [ CBBD4D79EEC3EF5A4ADAE9697944C6B9 ] C:\Windows\System32\MSMPEG2ENC.DLL
10:41:08.0650 8020 C:\Windows\System32\MSMPEG2ENC.DLL - ok
10:41:08.0653 8020 [ 1372E8E8FD066002131E3D509275E697 ] C:\Windows\System32\P2PGraph.dll
10:41:08.0653 8020 C:\Windows\System32\P2PGraph.dll - ok
10:41:08.0657 8020 [ 970655FC35AFCE065761C0E49ADCD69E ] C:\Program Files\Toshiba\SmoothView\NotifyTZU.dll
10:41:08.0657 8020 C:\Program Files\Toshiba\SmoothView\NotifyTZU.dll - ok
10:41:08.0660 8020 [ FAAAF481CC851CE9A1A35D53BD8163DB ] C:\Program Files\Toshiba\TOSHIBA Disc Creator\NotifyTDC.dll
10:41:08.0660 8020 C:\Program Files\Toshiba\TOSHIBA Disc Creator\NotifyTDC.dll - ok
10:41:08.0664 8020 [ 953354184450334CBE651EEA9C8CBD5F ] C:\Windows\assembly\GAC_MSIL\CLI.Component.Runtime.Extension.EEU\2.0.3726.17540__90ba9c70f846762e\CLI.Component.Runtime.Extension.EEU.DLL
10:41:08.0664 8020 C:\Windows\assembly\GAC_MSIL\CLI.Component.Runtime.Extension.EEU\2.0.3726.17540__90ba9c70f846762e\CLI.Component.Runtime.Extension.EEU.DLL - ok
10:41:08.0667 8020 [ 833FBB672460EFCE8011D262175FAD33 ] C:\Windows\System32\upnphost.dll
10:41:08.0667 8020 C:\Windows\System32\upnphost.dll - ok
10:41:08.0671 8020 [ 19811770D1A0659F6BA016336E1C53FA ] C:\Windows\assembly\GAC_MSIL\CLI.Component.Wizard\2.0.3726.17562__90ba9c70f846762e\CLI.Component.Wizard.DLL
10:41:08.0671 8020 C:\Windows\assembly\GAC_MSIL\CLI.Component.Wizard\2.0.3726.17562__90ba9c70f846762e\CLI.Component.Wizard.DLL - ok
10:41:08.0674 8020 [ EB19E5CE71B9410FA81E3672AF2F8146 ] C:\Program Files\Toshiba\Utilities\NotifyX.dll
10:41:08.0674 8020 C:\Program Files\Toshiba\Utilities\NotifyX.dll - ok
10:41:08.0678 8020 [ 5CF0F707E0D7CB0B7A94585DC901239E ] C:\Windows\assembly\GAC_MSIL\CLI.Component.Client.Shared.Private\2.0.3726.17550__90ba9c70f846762e\CLI.Component.Client.Shared.Private.DLL
10:41:08.0678 8020 C:\Windows\assembly\GAC_MSIL\CLI.Component.Client.Shared.Private\2.0.3726.17550__90ba9c70f846762e\CLI.Component.Client.Shared.Private.DLL - ok
10:41:08.0682 8020 [ DD8BC0612CFC86B916342E6ECCE12738 ] C:\Windows\assembly\GAC_MSIL\AEM.Plugin.REG.Shared\2.0.3726.17657__90ba9c70f846762e\AEM.Plugin.REG.Shared.DLL
10:41:08.0682 8020 C:\Windows\assembly\GAC_MSIL\AEM.Plugin.REG.Shared\2.0.3726.17657__90ba9c70f846762e\AEM.Plugin.REG.Shared.DLL - ok
10:41:08.0686 8020 [ 32D1D16EB9B584F990AF34BC4CD3B17B ] C:\Windows\assembly\GAC_MSIL\CLI.Component.Client.Shared\2.0.3726.17536__90ba9c70f846762e\CLI.Component.Client.Shared.DLL
10:41:08.0686 8020 C:\Windows\assembly\GAC_MSIL\CLI.Component.Client.Shared\2.0.3726.17536__90ba9c70f846762e\CLI.Component.Client.Shared.DLL - ok
10:41:08.0689 8020 [ 59AC0571720868A8E9A7C9C38D4A8703 ] C:\Windows\assembly\GAC_MSIL\AEM.Plugin.EEU.Shared\2.0.3726.17540__90ba9c70f846762e\AEM.Plugin.EEU.Shared.DLL
10:41:08.0690 8020 C:\Windows\assembly\GAC_MSIL\AEM.Plugin.EEU.Shared\2.0.3726.17540__90ba9c70f846762e\AEM.Plugin.EEU.Shared.DLL - ok
10:41:08.0693 8020 [ 58FD154FF8F578EEBC878B1302F618BC ] C:\Windows\assembly\GAC_MSIL\CLI.Component.Wizard.Shared\2.0.3726.17536__90ba9c70f846762e\CLI.Component.Wizard.Shared.DLL
10:41:08.0693 8020 C:\Windows\assembly\GAC_MSIL\CLI.Component.Wizard.Shared\2.0.3726.17536__90ba9c70f846762e\CLI.Component.Wizard.Shared.DLL - ok
10:41:08.0697 8020 [ 2A8623697C131D86D68F07234EDB2D7D ] C:\Windows\assembly\GAC_MSIL\CLI.Component.Wizard.Shared.Private\2.0.3726.17562__90ba9c70f846762e\CLI.Component.Wizard.Shared.Private.DLL
10:41:08.0697 8020 C:\Windows\assembly\GAC_MSIL\CLI.Component.Wizard.Shared.Private\2.0.3726.17562__90ba9c70f846762e\CLI.Component.Wizard.Shared.Private.DLL - ok
10:41:08.0700 8020 [ 9DC23ACF360AEA7DF55AD7A8D3FBF4E6 ] C:\Windows\System32\IdListen.dll
10:41:08.0700 8020 C:\Windows\System32\IdListen.dll - ok
10:41:08.0704 8020 [ 91B2BA1CD2C81E8E80D8E4811A7CD699 ] C:\Program Files\CheckPoint\ZoneAlarm\zatray.exe
10:41:08.0704 8020 C:\Program Files\CheckPoint\ZoneAlarm\zatray.exe - ok
10:41:08.0707 8020 [ 118326902D738BA89C35D0622B43546E ] C:\Windows\assembly\GAC_MSIL\CLI.Caste.Graphics.Wizard\2.0.3726.17563__90ba9c70f846762e\CLI.Caste.Graphics.Wizard.DLL
10:41:08.0707 8020 C:\Windows\assembly\GAC_MSIL\CLI.Caste.Graphics.Wizard\2.0.3726.17563__90ba9c70f846762e\CLI.Caste.Graphics.Wizard.DLL - ok

Continued log from TDSSKiller.

10:41:08.0711 8020 [ F059EB4C9C256F62F196EAA439E28F74 ] C:\Windows\System32\hgprint.dll
10:41:08.0711 8020 C:\Windows\System32\hgprint.dll - ok
10:41:08.0714 8020 [ B903E0FF2537533DCB96A7C9F80E1BBE ] C:\Windows\assembly\GAC_MSIL\CLI.Caste.Graphics.Wizard.Shared\2.0.3726.17563__90ba9c70f846762e\CLI.Caste.Graphics.Wizard.Shared.DLL
10:41:08.0714 8020 C:\Windows\assembly\GAC_MSIL\CLI.Caste.Graphics.Wizard.Shared\2.0.3726.17563__90ba9c70f846762e\CLI.Caste.Graphics.Wizard.Shared.DLL - ok
10:41:08.0718 8020 [ F9A446F1A786E02AE13566054DBA33C8 ] C:\Program Files\CheckPoint\ZoneAlarm\zpeng25.dll
10:41:08.0718 8020 C:\Program Files\CheckPoint\ZoneAlarm\zpeng25.dll - ok
10:41:08.0721 8020 [ FE821F6FA60E9DF9FDEE69A23488BBAB ] C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe
10:41:08.0721 8020 C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe - ok
10:41:08.0724 8020 [ 09CB1F7B6080ECEA051444580538F568 ] C:\Windows\assembly\GAC_MSIL\CLI.Aspect.TransCode.Graphics.Wizard\2.0.3726.17650__90ba9c70f846762e\CLI.Aspect.TransCode.Graphics.Wizard.DLL
10:41:08.0724 8020 C:\Windows\assembly\GAC_MSIL\CLI.Aspect.TransCode.Graphics.Wizard\2.0.3726.17650__90ba9c70f846762e\CLI.Aspect.TransCode.Graphics.Wizard.DLL - ok
10:41:08.0728 8020 [ 9F5085E5793007B3830EEE6AC8AF5039 ] C:\Windows\assembly\GAC_MSIL\CLI.Aspect.TransCode.Graphics.Shared\2.0.3726.17650__90ba9c70f846762e\CLI.Aspect.TransCode.Graphics.Shared.DLL
10:41:08.0728 8020 C:\Windows\assembly\GAC_MSIL\CLI.Aspect.TransCode.Graphics.Shared\2.0.3726.17650__90ba9c70f846762e\CLI.Aspect.TransCode.Graphics.Shared.DLL - ok
10:41:08.0731 8020 [ 39E14E01C3C398E29F10607C4C1C2561 ] C:\Windows\assembly\GAC_MSIL\CLI.Aspect.Radeon3D.Graphics.Wizard\2.0.3726.17613__90ba9c70f846762e\CLI.Aspect.Radeon3D.Graphics.Wizard.DLL
10:41:08.0731 8020 C:\Windows\assembly\GAC_MSIL\CLI.Aspect.Radeon3D.Graphics.Wizard\2.0.3726.17613__90ba9c70f846762e\CLI.Aspect.Radeon3D.Graphics.Wizard.DLL - ok
10:41:08.0735 8020 [ EE850C95ED088E8835F2425EE551296F ] C:\Windows\assembly\GAC_MSIL\atixclib\1.0.0.0__90ba9c70f846762e\atixclib.DLL
10:41:08.0735 8020 C:\Windows\assembly\GAC_MSIL\atixclib\1.0.0.0__90ba9c70f846762e\atixclib.DLL - ok
10:41:08.0738 8020 [ ED59CBD4D058CFF36BAE62006E080A47 ] C:\Windows\assembly\GAC_MSIL\CLI.Aspect.MMVideo.Graphics.Wizard\2.0.3726.17621__90ba9c70f846762e\CLI.Aspect.MMVideo.Graphics.Wizard.DLL
10:41:08.0738 8020 C:\Windows\assembly\GAC_MSIL\CLI.Aspect.MMVideo.Graphics.Wizard\2.0.3726.17621__90ba9c70f846762e\CLI.Aspect.MMVideo.Graphics.Wizard.DLL - ok
10:41:08.0742 8020 [ CA0C67BA7AEBA6AED5DDB852E6EEA811 ] C:\Program Files\Adobe\Reader 11.0\Reader\AcroRd32.exe
10:41:08.0742 8020 C:\Program Files\Adobe\Reader 11.0\Reader\AcroRd32.exe - ok
10:41:08.0745 8020 [ 12916E0642E92561C98B18A2A2D01B14 ] C:\Program Files\Common Files\Java\Java Update\jusched.exe
10:41:08.0745 8020 C:\Program Files\Common Files\Java\Java Update\jusched.exe - ok
10:41:08.0749 8020 [ F6F486986A2BF241A6B1E57A7989C2EA ] C:\Program Files\CheckPoint\ZoneAlarm\lib\MainLoop.zip.dll
10:41:08.0749 8020 C:\Program Files\CheckPoint\ZoneAlarm\lib\MainLoop.zip.dll - ok
10:41:08.0752 8020 [ D21D736E8C4EC3ECA3EEE25F6693790D ] C:\Program Files\CheckPoint\ZoneAlarm\lib\NavBar.zip.dll
10:41:08.0752 8020 C:\Program Files\CheckPoint\ZoneAlarm\lib\NavBar.zip.dll - ok
10:41:08.0756 8020 [ 083649EF692A066880C9326020915AFE ] C:\Program Files\AVAST Software\Avast\AvastUI.exe
10:41:08.0756 8020 C:\Program Files\AVAST Software\Avast\AvastUI.exe - ok
10:41:08.0759 8020 [ E097FE5956E9193C917912FE89E3E2D2 ] C:\Program Files\CheckPoint\ZoneAlarm\lib\ZAlert.zip.dll
10:41:08.0759 8020 C:\Program Files\CheckPoint\ZoneAlarm\lib\ZAlert.zip.dll - ok
10:41:08.0762 8020 [ B464B79F82D623EAD7B559A46CC98CE5 ] C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceLCD.Graphics.Wizard\2.0.3726.17575__90ba9c70f846762e\CLI.Aspect.DeviceLCD.Graphics.Wizard.DLL
10:41:08.0763 8020 C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceLCD.Graphics.Wizard\2.0.3726.17575__90ba9c70f846762e\CLI.Aspect.DeviceLCD.Graphics.Wizard.DLL - ok
10:41:08.0766 8020 [ AFD37361BB4B72253B2A79220B841EF4 ] C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DisplaysManager2.Graphics.Wizard\2.0.3726.17684__90ba9c70f846762e\CLI.Aspect.DisplaysManager2.Graphics.Wizard.DLL
10:41:08.0766 8020 C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DisplaysManager2.Graphics.Wizard\2.0.3726.17684__90ba9c70f846762e\CLI.Aspect.DisplaysManager2.Graphics.Wizard.DLL - ok
10:41:08.0770 8020 [ 179EED57FED3C7422A559633641032BA ] C:\Program Files\AVAST Software\Avast\aswUtil.dll
10:41:08.0770 8020 C:\Program Files\AVAST Software\Avast\aswUtil.dll - ok
10:41:08.0772 8020 [ CA6ADE4F7761BB15B3325356DC3B82BB ] C:\Windows\winsxs\x86_microsoft.vc90.mfc_1fc8b3b9a1e18e3b_9.0.30729.6161_none_4bf7e3e2bf9ada4c\mfc90u.dll
10:41:08.0772 8020 C:\Windows\winsxs\x86_microsoft.vc90.mfc_1fc8b3b9a1e18e3b_9.0.30729.6161_none_4bf7e3e2bf9ada4c\mfc90u.dll - ok
10:41:08.0776 8020 [ DCCA4B04AF87E52EF9EAA2190E06CBAC ] C:\Program Files\Windows Sidebar\sidebar.exe
10:41:08.0776 8020 C:\Program Files\Windows Sidebar\sidebar.exe - ok
10:41:08.0779 8020 [ B00888F02DACF135A88ACF581C4B6DF0 ] C:\Program Files\CheckPoint\ZoneAlarm\lib\ZClient.zip.dll
10:41:08.0780 8020 C:\Program Files\CheckPoint\ZoneAlarm\lib\ZClient.zip.dll - ok
10:41:08.0783 8020 [ FC00B421E4CDBDD4C73CF7F3CD6C4EDE ] C:\Program Files\CheckPoint\ZoneAlarm\lib\zfde.zip.dll
10:41:08.0783 8020 C:\Program Files\CheckPoint\ZoneAlarm\lib\zfde.zip.dll - ok
10:41:08.0786 8020 [ 58B8702C20DE211D1FCB248D2FDD71D1 ] C:\Program Files\Adobe\Reader 11.0\Reader\reader_sl.exe
10:41:08.0786 8020 C:\Program Files\Adobe\Reader 11.0\Reader\reader_sl.exe - ok
10:41:08.0790 8020 [ BDA21302929CEB61543B7730DDD597B3 ] C:\Program Files\CheckPoint\ZoneAlarm\lib\zmenu.zip.dll
10:41:08.0790 8020 C:\Program Files\CheckPoint\ZoneAlarm\lib\zmenu.zip.dll - ok
10:41:08.0794 8020 [ 1FC815F53BBFBEE005FE280341D0FDE9 ] C:\Windows\assembly\GAC_MSIL\CLI.Aspect.InfoCentre.Graphics.Wizard\2.0.3726.17570__90ba9c70f846762e\CLI.Aspect.InfoCentre.Graphics.Wizard.DLL
10:41:08.0794 8020 C:\Windows\assembly\GAC_MSIL\CLI.Aspect.InfoCentre.Graphics.Wizard\2.0.3726.17570__90ba9c70f846762e\CLI.Aspect.InfoCentre.Graphics.Wizard.DLL - ok
10:41:08.0797 8020 [ FBFCA1A574D47EE575448B719CBBF2E4 ] C:\Windows\winsxs\x86_microsoft.vc90.mfcloc_1fc8b3b9a1e18e3b_9.0.30729.6161_none_49768ef57548175e\MFC90ENU.DLL
10:41:08.0797 8020 C:\Windows\winsxs\x86_microsoft.vc90.mfcloc_1fc8b3b9a1e18e3b_9.0.30729.6161_none_49768ef57548175e\MFC90ENU.DLL - ok
10:41:08.0801 8020 [ 13790C4FB6311ECE6D6763A7EC2313FB ] C:\Program Files\AVAST Software\Avast\aswAra.dll
10:41:08.0801 8020 C:\Program Files\AVAST Software\Avast\aswAra.dll - ok
10:41:08.0804 8020 [ 9FC2ABF499DFB8E6C4C2E5D03D76369D ] C:\Windows\assembly\GAC_MSIL\CLI.Component.Dashboard\2.0.3726.17551__90ba9c70f846762e\CLI.Component.Dashboard.DLL
10:41:08.0804 8020 C:\Windows\assembly\GAC_MSIL\CLI.Component.Dashboard\2.0.3726.17551__90ba9c70f846762e\CLI.Component.Dashboard.DLL - ok
10:41:08.0807 8020 [ E3C817F7FE44CC870ECDBCBC3EA36132 ] C:\Windows\System32\msvcp100.dll
10:41:08.0807 8020 C:\Windows\System32\msvcp100.dll - ok
10:41:08.0811 8020 [ F0E7DEC6F7A3610949BDED0CA8CCB3EA ] C:\Program Files\AVAST Software\Avast\aswData.dll
10:41:08.0811 8020 C:\Program Files\AVAST Software\Avast\aswData.dll - ok
10:41:08.0814 8020 [ AB6E3DF509C6BD59062F685A40395C23 ] C:\Program Files\AVAST Software\Avast\1033\uiLangRes.dll
10:41:08.0814 8020 C:\Program Files\AVAST Software\Avast\1033\uiLangRes.dll - ok
10:41:08.0818 8020 [ AB04C6CE5DF23819B914F822E9AA0EDF ] C:\Program Files\AVAST Software\Avast\CommonRes.dll
10:41:08.0818 8020 C:\Program Files\AVAST Software\Avast\CommonRes.dll - ok
10:41:08.0821 8020 [ BF38660A9125935658CFA3E53FDC7D65 ] C:\Windows\System32\msvcr100.dll
10:41:08.0821 8020 C:\Windows\System32\msvcr100.dll - ok
10:41:08.0824 8020 [ C7144387E236687F8FB3F26FC845A822 ] C:\Program Files\Pando Networks\Media Booster\PMB.exe
10:41:08.0824 8020 C:\Program Files\Pando Networks\Media Booster\PMB.exe - ok
10:41:08.0828 8020 [ C1905C384E891FBBB490FD3878110A3D ] C:\Windows\assembly\GAC_MSIL\CLI.Component.Dashboard.Shared\2.0.3726.17536__90ba9c70f846762e\CLI.Component.Dashboard.Shared.DLL
10:41:08.0828 8020 C:\Windows\assembly\GAC_MSIL\CLI.Component.Dashboard.Shared\2.0.3726.17536__90ba9c70f846762e\CLI.Component.Dashboard.Shared.DLL - ok
10:41:08.0831 8020 [ 4C5E139FAB02BEE58EDC88E1512110FB ] C:\Program Files\Pando Networks\Media Booster\nspr4.dll
10:41:08.0831 8020 C:\Program Files\Pando Networks\Media Booster\nspr4.dll - ok
10:41:08.0835 8020 [ 1650C5B02D1BB1DC9A55235690055FD8 ] C:\Program Files\CheckPoint\ZoneAlarm\lib\zpy.zip.dll
10:41:08.0835 8020 C:\Program Files\CheckPoint\ZoneAlarm\lib\zpy.zip.dll - ok
10:41:08.0838 8020 [ 1D897E081DF5FF3C783B2731B53649D0 ] C:\Windows\assembly\GAC_MSIL\CLI.Component.Dashboard.Shared.Private\2.0.3726.17550__90ba9c70f846762e\CLI.Component.Dashboard.Shared.Private.DLL
10:41:08.0838 8020 C:\Windows\assembly\GAC_MSIL\CLI.Component.Dashboard.Shared.Private\2.0.3726.17550__90ba9c70f846762e\CLI.Component.Dashboard.Shared.Private.DLL - ok
10:41:08.0842 8020 [ ED9748E5FB04CD722F746079C24C731F ] C:\Program Files\CheckPoint\ZoneAlarm\lib\zsys.zip.dll
10:41:08.0842 8020 C:\Program Files\CheckPoint\ZoneAlarm\lib\zsys.zip.dll - ok
10:41:08.0845 8020 [ 07F649CD36F266BBE33B814FA678AA43 ] C:\Windows\System32\mshtml.dll
10:41:08.0845 8020 C:\Windows\System32\mshtml.dll - ok
10:41:08.0848 8020 [ 25DEF2EF843275862FFBF55487CEFDDD ] C:\Windows\System32\Macromed\Flash\Flash32_11_5_502_135.ocx
10:41:08.0848 8020 C:\Windows\System32\Macromed\Flash\Flash32_11_5_502_135.ocx - ok
10:41:08.0852 8020 [ 80A44106AC048D325B4F667B24DE1E40 ] C:\Program Files\Pando Networks\Media Booster\plc4.dll
10:41:08.0852 8020 C:\Program Files\Pando Networks\Media Booster\plc4.dll - ok
10:41:08.0855 8020 [ 0376C9EFA3A00FB80752DDEC9084DFFC ] C:\Program Files\CheckPoint\ZoneAlarm\lib\ztv.zip.dll
10:41:08.0855 8020 C:\Program Files\CheckPoint\ZoneAlarm\lib\ztv.zip.dll - ok
10:41:08.0859 8020 [ 63DA5CAD540EF9074ED25DAFF40FC299 ] C:\Program Files\Pando Networks\Media Booster\BugSplat.dll
10:41:08.0859 8020 C:\Program Files\Pando Networks\Media Booster\BugSplat.dll - ok
10:41:08.0862 8020 [ 093ED123014B2ABF385B588A9867F3CE ] C:\Program Files\CheckPoint\ZoneAlarm\lib\zui.zip.dll
10:41:08.0862 8020 C:\Program Files\CheckPoint\ZoneAlarm\lib\zui.zip.dll - ok
10:41:08.0865 8020 [ 1D1EAA16D193C6A2D45981ED3914D22A ] C:\Windows\System32\msimtf.dll
10:41:08.0865 8020 C:\Windows\System32\msimtf.dll - ok
10:41:08.0869 8020 [ CBFA0B98EFBEB31D5B98C5BFB918328F ] C:\Program Files\Pando Networks\Media Booster\nss3.dll
10:41:08.0869 8020 C:\Program Files\Pando Networks\Media Booster\nss3.dll - ok
10:41:08.0872 8020 [ C57EBCB5184022EF395F8B9F466DEAAB ] C:\Program Files\CheckPoint\ZoneAlarm\lib\pyd\zpui.pyd
10:41:08.0872 8020 C:\Program Files\CheckPoint\ZoneAlarm\lib\pyd\zpui.pyd - ok
10:41:08.0876 8020 [ D6692338B985D4A0CA52B828314D897D ] C:\Windows\System32\drprov.dll
10:41:08.0876 8020 C:\Windows\System32\drprov.dll - ok
10:41:08.0879 8020 [ 63C5640C22ED06766B7EDD04ABE76287 ] C:\Program Files\Pando Networks\Media Booster\softokn3.dll
10:41:08.0879 8020 C:\Program Files\Pando Networks\Media Booster\softokn3.dll - ok
10:41:08.0882 8020 [ C96442E1D75A229E9A583E6773FF4B6F ] C:\Program Files\Pando Networks\Media Booster\plds4.dll
10:41:08.0882 8020 C:\Program Files\Pando Networks\Media Booster\plds4.dll - ok
10:41:08.0886 8020 [ A3FA99A16F10D44EDB7A8C340FA2EE1B ] C:\Windows\System32\jscript9.dll
10:41:08.0886 8020 C:\Windows\System32\jscript9.dll - ok
10:41:08.0889 8020 [ EF8E5E4FD6C023B1E6F26E947EDD1DD4 ] C:\Program Files\CheckPoint\ZoneAlarm\zhtml.dll
10:41:08.0889 8020 C:\Program Files\CheckPoint\ZoneAlarm\zhtml.dll - ok
10:41:08.0893 8020 [ B4AF61BDA9D4C58FB9B67B9759A98205 ] C:\Program Files\Pando Networks\Media Booster\ssl3.dll
10:41:08.0893 8020 C:\Program Files\Pando Networks\Media Booster\ssl3.dll - ok
10:41:08.0896 8020 [ 4AC74F2373122E85910775FF812DA3F0 ] C:\Program Files\CheckPoint\ZoneAlarm\lib\pyd\_ctypes.pyd
10:41:08.0896 8020 C:\Program Files\CheckPoint\ZoneAlarm\lib\pyd\_ctypes.pyd - ok
10:41:08.0900 8020 [ 487F44B08EFEAF5AD087878357B9403D ] C:\Windows\System32\pdh.dll
10:41:08.0900 8020 C:\Windows\System32\pdh.dll - ok
10:41:08.0903 8020 [ D7B7159BC8374E87D8C45A30377A3440 ] C:\Windows\System32\ntlanman.dll
10:41:08.0903 8020 C:\Windows\System32\ntlanman.dll - ok
10:41:08.0906 8020 [ 124715CD10C62A78404F1A3B1048D062 ] C:\Program Files\AVAST Software\Avast\aswJsFlt.dll
10:41:08.0906 8020 C:\Program Files\AVAST Software\Avast\aswJsFlt.dll - ok
10:41:08.0910 8020 [ ED8FCD899E8F7A0E167E7926747BFA9E ] C:\Program Files\CheckPoint\ZoneAlarm\lib\pyd\zpdx.pyd
10:41:08.0910 8020 C:\Program Files\CheckPoint\ZoneAlarm\lib\pyd\zpdx.pyd - ok
10:41:08.0913 8020 [ 6A5ED595E0CAD51DDE2DA14EDC8F4BFF ] C:\Program Files\Pando Networks\Media Booster\smime3.dll
10:41:08.0913 8020 C:\Program Files\Pando Networks\Media Booster\smime3.dll - ok
10:41:08.0917 8020 [ 0A7977FF7535F237C8C745AE09887C35 ] C:\Program Files\ATI Technologies\ATI.ACE\Branding\Branding.dll
10:41:08.0917 8020 C:\Program Files\ATI Technologies\ATI.ACE\Branding\Branding.dll - ok
10:41:08.0920 8020 [ 284B59D7B56FC76C80E622AB856B1FAB ] C:\Windows\System32\davclnt.dll
10:41:08.0920 8020 C:\Windows\System32\davclnt.dll - ok
10:41:08.0924 8020 [ EE892CF15BAAD3BB3253D46145DC482F ] C:\Program Files\Garena Messenger\GarenaMessenger.exe
10:41:08.0924 8020 C:\Program Files\Garena Messenger\GarenaMessenger.exe - ok
10:41:08.0927 8020 [ 35CEDE6439FF0D8903223A0817FFE46C ] C:\Windows\System32\d2d1.dll
10:41:08.0927 8020 C:\Windows\System32\d2d1.dll - ok
10:41:08.0931 8020 [ 1F20844A045AEC1D8A77E36AC599A5FF ] C:\Program Files\CheckPoint\ZoneAlarm\lib\pyd\pyexpat.pyd
10:41:08.0931 8020 C:\Program Files\CheckPoint\ZoneAlarm\lib\pyd\pyexpat.pyd - ok
10:41:08.0934 8020 [ 179BECE8D1A4C488DDB7191FF9BE3FB0 ] C:\Windows\System32\davhlpr.dll
10:41:08.0934 8020 C:\Windows\System32\davhlpr.dll - ok
10:41:08.0937 8020 [ 2ECA21283D6F0D3084B3998905675A8C ] C:\Windows\assembly\GAC_MSIL\CLI.Caste.Graphics.Dashboard\2.0.3726.17556__90ba9c70f846762e\CLI.Caste.Graphics.Dashboard.DLL
10:41:08.0937 8020 C:\Windows\assembly\GAC_MSIL\CLI.Caste.Graphics.Dashboard\2.0.3726.17556__90ba9c70f846762e\CLI.Caste.Graphics.Dashboard.DLL - ok
10:41:08.0941 8020 [ 0E85C11F8850D524B02181C6E02BA9AE ] C:\Windows\System32\dsound.dll
10:41:08.0941 8020 C:\Windows\System32\dsound.dll - ok
10:41:08.0944 8020 [ A29D734F650F958424743BE3BAA052C8 ] C:\Windows\System32\DWrite.dll
10:41:08.0944 8020 C:\Windows\System32\DWrite.dll - ok
10:41:08.0947 8020 [ FDDC324F95457685512E85C203F907C9 ] C:\Program Files\CheckPoint\ZoneAlarm\lib\pyd\_socket.pyd
10:41:08.0947 8020 C:\Program Files\CheckPoint\ZoneAlarm\lib\pyd\_socket.pyd - ok
10:41:08.0951 8020 [ A979EDAB5305A06B458DB1823AEF5B99 ] C:\Windows\assembly\GAC_MSIL\CLI.Caste.Graphics.Dashboard.Shared\2.0.3726.17555__90ba9c70f846762e\CLI.Caste.Graphics.Dashboard.Shared.DLL
10:41:08.0951 8020 C:\Windows\assembly\GAC_MSIL\CLI.Caste.Graphics.Dashboard.Shared\2.0.3726.17555__90ba9c70f846762e\CLI.Caste.Graphics.Dashboard.Shared.DLL - ok
10:41:08.0954 8020 [ D2AF7A30E4B7BA1C743F0DCE11E04B5E ] C:\Program Files\Pando Networks\Media Booster\freebl3.dll
10:41:08.0954 8020 C:\Program Files\Pando Networks\Media Booster\freebl3.dll - ok
10:41:08.0957 8020 [ B3A5EC6B6B6673DB7E87C2BCDBDDC074 ] C:\Windows\System32\FntCache.dll
10:41:08.0957 8020 C:\Windows\System32\FntCache.dll - ok
10:41:08.0961 8020 [ 462894BD6DD50F4DCCDEBD14A505B7F2 ] C:\Windows\assembly\GAC_MSIL\CLI.Aspect.Welcome.Graphics.Dashboard\2.0.3726.17651__90ba9c70f846762e\CLI.Aspect.Welcome.Graphics.Dashboard.DLL
10:41:08.0961 8020 C:\Windows\assembly\GAC_MSIL\CLI.Aspect.Welcome.Graphics.Dashboard\2.0.3726.17651__90ba9c70f846762e\CLI.Aspect.Welcome.Graphics.Dashboard.DLL - ok
10:41:08.0965 8020 [ 9B07448D61CD04A9968B8A2F9D435892 ] C:\Program Files\CheckPoint\ZoneAlarm\lib\pyd\zptv.pyd
10:41:08.0965 8020 C:\Program Files\CheckPoint\ZoneAlarm\lib\pyd\zptv.pyd - ok
10:41:08.0968 8020 [ 7EDA7E453CE6C19E6FE3DB6A22F66B38 ] C:\Windows\assembly\GAC_MSIL\CLI.Aspect.InfoCentre.Graphics.Dashboard\2.0.3726.17570__90ba9c70f846762e\CLI.Aspect.InfoCentre.Graphics.Dashboard.DLL
10:41:08.0968 8020 C:\Windows\assembly\GAC_MSIL\CLI.Aspect.InfoCentre.Graphics.Dashboard\2.0.3726.17570__90ba9c70f846762e\CLI.Aspect.InfoCentre.Graphics.Dashboard.DLL - ok
10:41:08.0972 8020 [ 78E1C783877D40F002B436E993CBD319 ] C:\Program Files\CheckPoint\ZoneAlarm\vspubapi.dll
10:41:08.0972 8020 C:\Program Files\CheckPoint\ZoneAlarm\vspubapi.dll - ok
10:41:08.0975 8020 [ 40E4B99DB86D8F269157221737276860 ] C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DisplaysManager2.Graphics.Dashboard\2.0.3726.17680__90ba9c70f846762e\CLI.Aspect.DisplaysManager2.Graphics.Dashboard.DLL
10:41:08.0976 8020 C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DisplaysManager2.Graphics.Dashboard\2.0.3726.17680__90ba9c70f846762e\CLI.Aspect.DisplaysManager2.Graphics.Dashboard.DLL - ok
10:41:08.0979 8020 [ 83D0C449C534CC014799BEC0A060726C ] C:\Program Files\AVAST Software\Avast\defs\12121801\uiext.dll
10:41:08.0979 8020 C:\Program Files\AVAST Software\Avast\defs\12121801\uiext.dll - ok
10:41:08.0981 8020 [ 230EA9ABBC3432CDE388F4891E76E867 ] C:\Windows\System32\udhisapi.dll
10:41:08.0981 8020 C:\Windows\System32\udhisapi.dll - ok
10:41:08.0984 8020 [ 8DAD5CFF6ABB4B2E485922F1083D4A0B ] C:\Windows\assembly\GAC_MSIL\CLI.Aspect.CrossDisplay.Graphics.Dashboard\1.0.0.0__90ba9c70f846762e\CLI.Aspect.CrossDisplay.Graphics.Dashboard.DLL
10:41:08.0984 8020 C:\Windows\assembly\GAC_MSIL\CLI.Aspect.CrossDisplay.Graphics.Dashboard\1.0.0.0__90ba9c70f846762e\CLI.Aspect.CrossDisplay.Graphics.Dashboard.DLL - ok
10:41:08.0988 8020 [ BE810E9CD6BC6046C8DA1F72660FBB81 ] C:\Program Files\CheckPoint\ZoneAlarm\vsmonapi.dll
10:41:08.0988 8020 C:\Program Files\CheckPoint\ZoneAlarm\vsmonapi.dll - ok
10:41:08.0991 8020 [ 3241D86B454FA7ABF3CB3182B86FBBF0 ] C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DisplaysOptions.Graphics.Dashboard\2.0.3726.17604__90ba9c70f846762e\CLI.Aspect.DisplaysOptions.Graphics.Dashboard.DLL
10:41:08.0992 8020 C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DisplaysOptions.Graphics.Dashboard\2.0.3726.17604__90ba9c70f846762e\CLI.Aspect.DisplaysOptions.Graphics.Dashboard.DLL - ok
10:41:08.0995 8020 [ 0129754D609535963AA8DABC9BE3B83E ] C:\Program Files\Garena Messenger\CommonLib.dll
10:41:08.0995 8020 C:\Program Files\Garena Messenger\CommonLib.dll - ok
10:41:08.0998 8020 [ 78B7A3BDA25C90DAA50D36A56A8D1351 ] C:\Windows\System32\d3d10warp.dll
10:41:08.0998 8020 C:\Windows\System32\d3d10warp.dll - ok
10:41:09.0002 8020 [ FA663ED68D9E76C6CF08421822F6EBD6 ] C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceCRT.Graphics.Dashboard\2.0.3726.17597__90ba9c70f846762e\CLI.Aspect.DeviceCRT.Graphics.Dashboard.DLL
10:41:09.0002 8020 C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceCRT.Graphics.Dashboard\2.0.3726.17597__90ba9c70f846762e\CLI.Aspect.DeviceCRT.Graphics.Dashboard.DLL - ok
10:41:09.0006 8020 [ 23DA24DD50BA19FDA74948B7B02DECB0 ] C:\Program Files\Garena Messenger\log4cxx.dll
10:41:09.0006 8020 C:\Program Files\Garena Messenger\log4cxx.dll - ok
10:41:09.0009 8020 [ F7363266C7B9B96B39586ED3121FCCD2 ] C:\Windows\System32\atiu9pag.dll
10:41:09.0009 8020 C:\Windows\System32\atiu9pag.dll - ok
10:41:09.0013 8020 [ 075FF4C0427B25DA85ECA4C43BDB8B90 ] C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceLCD.Graphics.Dashboard\2.0.3726.17606__90ba9c70f846762e\CLI.Aspect.DeviceLCD.Graphics.Dashboard.DLL
10:41:09.0013 8020 C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceLCD.Graphics.Dashboard\2.0.3726.17606__90ba9c70f846762e\CLI.Aspect.DeviceLCD.Graphics.Dashboard.DLL - ok
10:41:09.0017 8020 [ BE3356321EAD786FFC621357EC1560A2 ] C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceDFP.Graphics.Dashboard\2.0.3726.17592__90ba9c70f846762e\CLI.Aspect.DeviceDFP.Graphics.Dashboard.DLL
10:41:09.0017 8020 C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceDFP.Graphics.Dashboard\2.0.3726.17592__90ba9c70f846762e\CLI.Aspect.DeviceDFP.Graphics.Dashboard.DLL - ok
10:41:09.0020 8020 [ 2C6DFC761F1DAE61940C7EAE97EBDB19 ] C:\Program Files\Skype\Phone\Skype.exe
10:41:09.0020 8020 C:\Program Files\Skype\Phone\Skype.exe - ok
10:41:09.0023 8020 [ 2269FC4CE7C113C70D50EAE1B5D49412 ] C:\Program Files\Garena Messenger\DibModule.dll
10:41:09.0023 8020 C:\Program Files\Garena Messenger\DibModule.dll - ok
10:41:09.0027 8020 [ 39137C527968218EEAF45154A5A02440 ] C:\Windows\assembly\GAC_MSIL\CLI.Aspect.Radeon3D.Graphics.Dashboard\2.0.3726.17613__90ba9c70f846762e\CLI.Aspect.Radeon3D.Graphics.Dashboard.DLL
10:41:09.0027 8020 C:\Windows\assembly\GAC_MSIL\CLI.Aspect.Radeon3D.Graphics.Dashboard\2.0.3726.17613__90ba9c70f846762e\CLI.Aspect.Radeon3D.Graphics.Dashboard.DLL - ok
10:41:09.0030 8020 [ 533631FE7DB9FF2A1D456A3D15A2DD46 ] C:\Windows\System32\icmp.dll
10:41:09.0030 8020 C:\Windows\System32\icmp.dll - ok
10:41:09.0034 8020 [ 72CCEA81284738266409728517DB0EBB ] C:\Program Files\Garena Messenger\VersionModule.dll
10:41:09.0034 8020 C:\Program Files\Garena Messenger\VersionModule.dll - ok
10:41:09.0037 8020 [ D6336D0482F748E786F7903935033860 ] C:\Program Files\Garena Messenger\FileLoader.dll
10:41:09.0037 8020 C:\Program Files\Garena Messenger\FileLoader.dll - ok
10:41:09.0041 8020 [ D186B70173BC846BEB4A5F0AC4198B10 ] C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DisplaysColour2.Graphics.Dashboard\2.0.3726.17571__90ba9c70f846762e\CLI.Aspect.DisplaysColour2.Graphics.Dashboard.DLL
10:41:09.0041 8020

Continued log from TDSSKiller.

C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DisplaysColour2.Graphics.Dashboard\2.0.3726.17571__90ba9c70f846762e\CLI.Aspect.DisplaysColour2.Graphics.Dashboard.DLL - ok
10:41:09.0044 8020 [ 9211046810EB78EBEFDB6C5EED0D0FDF ] C:\Program Files\Garena Messenger\PluginKernel.dll
10:41:09.0044 8020 C:\Program Files\Garena Messenger\PluginKernel.dll - ok
10:41:09.0048 8020 [ C983721C41124E11A4EA6BD456036B5C ] C:\Program Files\Garena Messenger\libeay32.dll
10:41:09.0048 8020 C:\Program Files\Garena Messenger\libeay32.dll - ok
10:41:09.0051 8020 [ 2FAF31446B267EBDDC7A26C1DBDBFA82 ] C:\Windows\assembly\GAC_MSIL\CLI.Aspect.MMVideo.Graphics.Dashboard\2.0.3726.17598__90ba9c70f846762e\CLI.Aspect.MMVideo.Graphics.Dashboard.DLL
10:41:09.0051 8020 C:\Windows\assembly\GAC_MSIL\CLI.Aspect.MMVideo.Graphics.Dashboard\2.0.3726.17598__90ba9c70f846762e\CLI.Aspect.MMVideo.Graphics.Dashboard.DLL - ok
10:41:09.0054 8020 [ 2572E1F0254E2267E97DE1B15D099EC4 ] C:\Windows\System32\d3d10.dll
10:41:09.0054 8020 C:\Windows\System32\d3d10.dll - ok
10:41:09.0058 8020 [ B8C57B13BDA3D454FEA2640F3558B590 ] C:\Program Files\Garena Messenger\CxImage.dll
10:41:09.0058 8020 C:\Program Files\Garena Messenger\CxImage.dll - ok
10:41:09.0061 8020 [ 547F78746F20901C770E8653B242217C ] C:\Windows\System32\d3d10core.dll
10:41:09.0061 8020 C:\Windows\System32\d3d10core.dll - ok
10:41:09.0064 8020 [ 369746C1669E2E3EB28A78B05CC6BE79 ] C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtMng.exe
10:41:09.0064 8020 C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtMng.exe - ok
10:41:09.0068 8020 [ 66E17D805A408FA5EE355D9787D528CF ] C:\Windows\assembly\GAC_MSIL\CLI.Aspect.PowerPlayDPPE.Graphics.Dashboard\2.0.3726.17649__90ba9c70f846762e\CLI.Aspect.PowerPlayDPPE.Graphics.Dashboard.DLL
10:41:09.0068 8020 C:\Windows\assembly\GAC_MSIL\CLI.Aspect.PowerPlayDPPE.Graphics.Dashboard\2.0.3726.17649__90ba9c70f846762e\CLI.Aspect.PowerPlayDPPE.Graphics.Dashboard.DLL - ok
10:41:09.0071 8020 [ F356CA592E7A536BC21F9D202C02A611 ] C:\Program Files\Garena Messenger\PluginModule.dll
10:41:09.0072 8020 C:\Program Files\Garena Messenger\PluginModule.dll - ok
10:41:09.0075 8020 [ 198552AEFECA69D646867EC8D792DE95 ] C:\Windows\System32\ddraw.dll
10:41:09.0075 8020 C:\Windows\System32\ddraw.dll - ok
10:41:09.0078 8020 [ AC5324BD1F1B8762E420704E66E45ECF ] C:\Program Files\Garena Messenger\lib\fs\YYFileSystem.dll
10:41:09.0078 8020 C:\Program Files\Garena Messenger\lib\fs\YYFileSystem.dll - ok
10:41:09.0082 8020 [ 55E5B32AE8D1F51A63C82919656FD275 ] C:\Windows\System32\dciman32.dll
10:41:09.0082 8020 C:\Windows\System32\dciman32.dll - ok
10:41:09.0086 8020 [ BD65625AD4CC3A559B05633627008D49 ] C:\Program Files\Garena Messenger\lib\Http.dll
10:41:09.0086 8020 C:\Program Files\Garena Messenger\lib\Http.dll - ok
10:41:09.0089 8020 [ F22A8483E57ED3229AEB9C9723AA7836 ] C:\Program Files\Garena Messenger\lib\MP3Module.dll
10:41:09.0089 8020 C:\Program Files\Garena Messenger\lib\MP3Module.dll - ok
10:41:09.0093 8020 [ 8C7E2CE0A4563FEE7720A9E1AA26E083 ] C:\Program Files\Toshiba\Bluetooth Toshiba Stack\sys\TosHdpAPI.dll
10:41:09.0093 8020 C:\Program Files\Toshiba\Bluetooth Toshiba Stack\sys\TosHdpAPI.dll - ok
10:41:09.0096 8020 [ 8B32D7B34592D8369A73A3929F131ED0 ] C:\Windows\System32\atiumdag.dll
10:41:09.0096 8020 C:\Windows\System32\atiumdag.dll - ok
10:41:09.0100 8020 [ 3C0AC9F753DD0C4AD3D46F5F6AA36AA9 ] C:\Program Files\Garena Messenger\lame_enc.dll
10:41:09.0100 8020 C:\Program Files\Garena Messenger\lame_enc.dll - ok
10:41:09.0103 8020 [ 47D6895A1E3D53B9D2FB86F918EE7372 ] C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosCpsAPI.dll
10:41:09.0103 8020 C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosCpsAPI.dll - ok
10:41:09.0107 8020 [ C4B7C2B5A5D3F7F62D0835FD8AE53A00 ] C:\Program Files\Garena Messenger\lib\TaskManagerLib.dll
10:41:09.0107 8020 C:\Program Files\Garena Messenger\lib\TaskManagerLib.dll - ok
10:41:09.0110 8020 [ 908CB969FB6E9758CBE87B98C20FCCB7 ] C:\Program Files\Garena Messenger\lib\UILayout.dll
10:41:09.0110 8020 C:\Program Files\Garena Messenger\lib\UILayout.dll - ok
10:41:09.0113 8020 [ 6F24E7C28F6697C782F2B3C00CE97E56 ] C:\Windows\System32\atiumdva.dll
10:41:09.0113 8020 C:\Windows\System32\atiumdva.dll - ok
10:41:09.0116 8020 [ F2C9FAD6CCA8A19E646106E1AC247C1E ] C:\Program Files\Garena Messenger\lib\XLL.dll
10:41:09.0116 8020 C:\Program Files\Garena Messenger\lib\XLL.dll - ok
10:41:09.0120 8020 [ 2697C06C62B50E290363E912EED33BD3 ] C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtMngHelp.dll
10:41:09.0120 8020 C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtMngHelp.dll - ok
10:41:09.0124 8020 [ F26C1B2A3345035582411B72D42D4166 ] C:\Program Files\Garena Messenger\lib\XmlUIModule.dll
10:41:09.0124 8020 C:\Program Files\Garena Messenger\lib\XmlUIModule.dll - ok
10:41:09.0127 8020 [ 3EED16F7B8DCC045BD071ADEE00A20BC ] C:\Program Files\Toshiba\Bluetooth Toshiba Stack\sys\TosAvAPI.dll
10:41:09.0128 8020 C:\Program Files\Toshiba\Bluetooth Toshiba Stack\sys\TosAvAPI.dll - ok
10:41:09.0131 8020 [ F6EDE3B35CC88449345765D6EDD855C5 ] C:\Program Files\Toshiba\Bluetooth Toshiba Stack\sys\TosBtSDDB.dll
10:41:09.0131 8020 C:\Program Files\Toshiba\Bluetooth Toshiba Stack\sys\TosBtSDDB.dll - ok
10:41:09.0134 8020 [ 703FFD301AB900B047337C5D40FD6F96 ] C:\Windows\System32\olepro32.dll
10:41:09.0134 8020 C:\Windows\System32\olepro32.dll - ok
10:41:09.0138 8020 [ 0B18046D65A107E1E51E7BDC9B50FF6B ] C:\Program Files\Garena Messenger\sqlite3.dll
10:41:09.0138 8020 C:\Program Files\Garena Messenger\sqlite3.dll - ok
10:41:09.0141 8020 [ C94D996F02CA0CC3C3FFA58ED13AA8BB ] C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtMngLang.dll
10:41:09.0141 8020 C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtMngLang.dll - ok
10:41:09.0145 8020 [ 523214677C1D31D7991632C6D11E6B42 ] C:\Windows\System32\d3dim700.dll
10:41:09.0145 8020 C:\Windows\System32\d3dim700.dll - ok
10:41:09.0148 8020 [ 8BF6082922224173BE2DFA9555DE7A3C ] C:\Program Files\Toshiba\Bluetooth Toshiba Stack\sys\TosCommAPI.dll
10:41:09.0148 8020 C:\Program Files\Toshiba\Bluetooth Toshiba Stack\sys\TosCommAPI.dll - ok
10:41:09.0152 8020 [ 8BC9DB92C4B2F3BE89185BEAB2AFC1F6 ] C:\Windows\System32\mapi32.dll
10:41:09.0152 8020 C:\Windows\System32\mapi32.dll - ok
10:41:09.0155 8020 [ ECD579FC16A5996DECDD37C8EC9C833B ] C:\Program Files\Toshiba\Bluetooth Toshiba Stack\sys\TosLaneAPI.dll
10:41:09.0155 8020 C:\Program Files\Toshiba\Bluetooth Toshiba Stack\sys\TosLaneAPI.dll - ok
10:41:09.0158 8020 [ EDD2AD141DEBD425D74A52A4D7BE6AC4 ] C:\Windows\System32\perfctrs.dll
10:41:09.0158 8020 C:\Windows\System32\perfctrs.dll - ok
10:41:09.0162 8020 [ 18D469393FD25EBBC3B555F6B2050B23 ] C:\Program Files\Toshiba\Bluetooth Toshiba Stack\sys\LCWizard.dll
10:41:09.0162 8020 C:\Program Files\Toshiba\Bluetooth Toshiba Stack\sys\LCWizard.dll - ok
10:41:09.0165 8020 [ 98BF72A77A242860F75D28BEEBABA155 ] C:\Program Files\Garena Messenger\Plugins\StatsPlugin.dll
10:41:09.0165 8020 C:\Program Files\Garena Messenger\Plugins\StatsPlugin.dll - ok
10:41:09.0168 8020 [ BB50B21FEE2A6F3E5FC92B330ECCF050 ] C:\Windows\System32\hhctrl.ocx
10:41:09.0168 8020 C:\Windows\System32\hhctrl.ocx - ok
10:41:09.0172 8020 [ 9FDF9585F2019D25271B0711955BC80D ] C:\Program Files\Toshiba\Bluetooth Toshiba Stack\BtUsrMod.dll
10:41:09.0172 8020 C:\Program Files\Toshiba\Bluetooth Toshiba Stack\BtUsrMod.dll - ok
10:41:09.0175 8020 [ CDC857AC4458995EA0512CEBB1C00FB6 ] C:\Program Files\Garena Messenger\Plugins\ggplugin.dll
10:41:09.0175 8020 C:\Program Files\Garena Messenger\Plugins\ggplugin.dll - ok
10:41:09.0179 8020 [ 44D7199A20E24501DC10541E86834459 ] C:\Program Files\Toshiba\Bluetooth Toshiba Stack\sys\TosHidAPI.dll
10:41:09.0179 8020 C:\Program Files\Toshiba\Bluetooth Toshiba Stack\sys\TosHidAPI.dll - ok
10:41:09.0182 8020 [ D07BB5AD81906DF7E43C53612CC91A68 ] C:\Program Files\Yuna Software\Messenger Plus! for Skype\Messenger Plus! for Skype.exe
10:41:09.0182 8020 C:\Program Files\Yuna Software\Messenger Plus! for Skype\Messenger Plus! for Skype.exe - ok
10:41:09.0186 8020 [ 32D77D84A67069879559E43359C7C107 ] C:\Program Files\Garena Messenger\ImageModule.dll
10:41:09.0186 8020 C:\Program Files\Garena Messenger\ImageModule.dll - ok
10:41:09.0189 8020 [ 9F76E4AAA4D7DC959071269B5D3346F3 ] C:\Program Files\Toshiba\Bluetooth Toshiba Stack\sys\TosGnsAPI.dll
10:41:09.0189 8020 C:\Program Files\Toshiba\Bluetooth Toshiba Stack\sys\TosGnsAPI.dll - ok
10:41:09.0193 8020 [ 053319E0929098F520596B88D770088E ] C:\Program Files\Garena Messenger\ggdownloader.dll
10:41:09.0193 8020 C:\Program Files\Garena Messenger\ggdownloader.dll - ok
10:41:09.0197 8020 [ BEEF0BC13496F3A807ABDBD23EFB5231 ] C:\Program Files\Yuna Software\Messenger Plus! for Skype\QtCore4.dll
10:41:09.0197 8020 C:\Program Files\Yuna Software\Messenger Plus! for Skype\QtCore4.dll - ok
10:41:09.0200 8020 [ 32E390954B2C6B1583A969ED0E7C8A9D ] C:\Program Files\Yuna Software\Messenger Plus! for Skype\msvcp100.dll
10:41:09.0200 8020 C:\Program Files\Yuna Software\Messenger Plus! for Skype\msvcp100.dll - ok
10:41:09.0203 8020 [ 6D682B489F19D9F942FB757920A0F0C1 ] C:\Program Files\Yuna Software\Messenger Plus! for Skype\QtGui4.dll
10:41:09.0203 8020 C:\Program Files\Yuna Software\Messenger Plus! for Skype\QtGui4.dll - ok
10:41:09.0207 8020 [ 00742B11F1492D15A0A8FF25E36AB9BE ] C:\Program Files\Yuna Software\Messenger Plus! for Skype\libsndfile.dll
10:41:09.0207 8020 C:\Program Files\Yuna Software\Messenger Plus! for Skype\libsndfile.dll - ok
10:41:09.0210 8020 [ 75430D2F8B2E204814247D62D9445CE4 ] C:\Program Files\Yuna Software\Messenger Plus! for Skype\lame_enc.dll
10:41:09.0211 8020 C:\Program Files\Yuna Software\Messenger Plus! for Skype\lame_enc.dll - ok
10:41:09.0214 8020 [ C33F9F516BABD63878DAD6343FD5CE39 ] C:\Program Files\Yuna Software\Messenger Plus! for Skype\f_in_box.dll
10:41:09.0214 8020 C:\Program Files\Yuna Software\Messenger Plus! for Skype\f_in_box.dll - ok
10:41:09.0217 8020 [ 0A866897039E42DF8080BE5DD83BC8E0 ] C:\Windows\System32\jscript.dll
10:41:09.0217 8020 C:\Windows\System32\jscript.dll - ok
10:41:09.0221 8020 [ DC0B5102793FAC997DED2544B88E0354 ] C:\Program Files\Yuna Software\Messenger Plus! for Skype\QtNetwork4.dll
10:41:09.0221 8020 C:\Program Files\Yuna Software\Messenger Plus! for Skype\QtNetwork4.dll - ok
10:41:09.0224 8020 [ 94E74CAE9005B14E8EB7FCA6941CC777 ] C:\Program Files\Garena Messenger\lib\delay_load\AudioMixerLib.dll
10:41:09.0224 8020 C:\Program Files\Garena Messenger\lib\delay_load\AudioMixerLib.dll - ok
10:41:09.0228 8020 [ 6F962A0389F73A71F82B9059F7326FFD ] C:\Program Files\Garena Messenger\lib\delay_load\ClientTcp.dll
10:41:09.0228 8020 C:\Program Files\Garena Messenger\lib\delay_load\ClientTcp.dll - ok
10:41:09.0230 8020 [ EEAB8571165521296E71DCD6486666E0 ] C:\Program Files\Garena Messenger\lib\delay_load\FileSender.dll
10:41:09.0230 8020 C:\Program Files\Garena Messenger\lib\delay_load\FileSender.dll - ok
10:41:09.0234 8020 [ D0629A462AFFD2D104BB4A974E7C5E5F ] C:\Program Files\Garena Messenger\libcurl.dll
10:41:09.0234 8020 C:\Program Files\Garena Messenger\libcurl.dll - ok
10:41:09.0237 8020 [ 5AECF11B213AB113DCFC51A9DF0045FE ] C:\Program Files\Yuna Software\Messenger Plus! for Skype\imageformats\qgif4.dll
10:41:09.0237 8020 C:\Program Files\Yuna Software\Messenger Plus! for Skype\imageformats\qgif4.dll - ok
10:41:09.0241 8020 [ 21C3A5162061E129A0CFF1FD9403DF6A ] C:\Program Files\Garena Messenger\libzmq.dll
10:41:09.0242 8020 C:\Program Files\Garena Messenger\libzmq.dll - ok
10:41:09.0245 8020 [ C0110D1BEBDE8CC311D51BCC21AFBF84 ] C:\Program Files\Yuna Software\Messenger Plus! for Skype\imageformats\qjpeg4.dll
10:41:09.0245 8020 C:\Program Files\Yuna Software\Messenger Plus! for Skype\imageformats\qjpeg4.dll - ok
10:41:09.0249 8020 [ A644B0EDAE716744653A5DFB18B2436B ] C:\Program Files\Garena Messenger\lib\delay_load\GaFileTransfer.dll
10:41:09.0249 8020 C:\Program Files\Garena Messenger\lib\delay_load\GaFileTransfer.dll - ok
10:41:09.0252 8020 [ 573D793227991A43EDD346099A706330 ] C:\Program Files\Garena Messenger\lib\delay_load\GaVoiceGroup.dll
10:41:09.0253 8020 C:\Program Files\Garena Messenger\lib\delay_load\GaVoiceGroup.dll - ok
10:41:09.0256 8020 [ DFC119CD70D582299DA6202981BDDC1B ] C:\Program Files\Garena Messenger\lib\delay_load\MediaEngine.dll
10:41:09.0256 8020 C:\Program Files\Garena Messenger\lib\delay_load\MediaEngine.dll - ok
10:41:09.0259 8020 [ 681A09B6086DE15B916B66B5B0AE8887 ] C:\Program Files\Garena Messenger\ServerMemAlloc.dll
10:41:09.0260 8020 C:\Program Files\Garena Messenger\ServerMemAlloc.dll - ok
10:41:09.0263 8020 [ 3E9EC192E58191B1741A59538D6D8CB8 ] C:\Program Files\Garena Messenger\lib\delay_load\RSALib.dll
10:41:09.0263 8020 C:\Program Files\Garena Messenger\lib\delay_load\RSALib.dll - ok
10:41:09.0266 8020 [ C9B286F46B7A545A9BF9758110EFAF7C ] C:\Program Files\Garena Messenger\lib\delay_load\UdtLib.dll
10:41:09.0267 8020 C:\Program Files\Garena Messenger\lib\delay_load\UdtLib.dll - ok
10:41:09.0270 8020 [ FA8DE54F698D4103B8B15C43163CEBAD ] C:\Program Files\Garena Messenger\ggcode.dll
10:41:09.0270 8020 C:\Program Files\Garena Messenger\ggcode.dll - ok
10:41:09.0273 8020 [ 90FB1802D488FFA9029854A77D4F3F27 ] C:\Windows\System32\oleaccrc.dll
10:41:09.0273 8020 C:\Windows\System32\oleaccrc.dll - ok
10:41:09.0276 8020 [ 01A635A7A9F5960335C182FAD1AD6ED1 ] C:\Program Files\Garena Messenger\xIM.dll
10:41:09.0276 8020 C:\Program Files\Garena Messenger\xIM.dll - ok
10:41:09.0280 8020 [ B65A7C995A1D4DEF09B5DA04ECF2C036 ] C:\Program Files\Garena Messenger\xim\plugin_msn.dll
10:41:09.0280 8020 C:\Program Files\Garena Messenger\xim\plugin_msn.dll - ok
10:41:09.0283 8020 [ 3353B2EF2B4B8B319BB25AF7C64C7262 ] C:\Program Files\Garena Messenger\ssleay32.dll
10:41:09.0283 8020 C:\Program Files\Garena Messenger\ssleay32.dll - ok
10:41:09.0287 8020 [ 1BA08F13E08FE4B93C9A17A5E1A53090 ] C:\Program Files\Yuna Software\Messenger Plus! for Skype\VCamFilter.ax
10:41:09.0287 8020 C:\Program Files\Yuna Software\Messenger Plus! for Skype\VCamFilter.ax - ok
10:41:09.0291 8020 [ CF3AE1FE5D5D55747F1338DE5C07852A ] C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtSrv.exe
10:41:09.0291 8020 C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtSrv.exe - ok
10:41:09.0295 8020 [ 96F12F7C1C98737471AFA6E7F2BBE0D0 ] C:\Program Files\Garena Messenger\xim\plugin_xmpp.dll
10:41:09.0295 8020 C:\Program Files\Garena Messenger\xim\plugin_xmpp.dll - ok
10:41:09.0299 8020 [ F148865E4AC4F715E322EA06E6E21D84 ] C:\Windows\System32\wbem\NCProv.dll
10:41:09.0299 8020 C:\Windows\System32\wbem\NCProv.dll - ok
10:41:09.0303 8020 [ 88DF8B855005122205690F0345D77579 ] C:\Program Files\Garena Messenger\xim\plugin_yahoo.dll
10:41:09.0304 8020 C:\Program Files\Garena Messenger\xim\plugin_yahoo.dll - ok
10:41:09.0307 8020 [ 0AE0C4955E1DE29CCDC9DA1B816FE5EE ] C:\Windows\System32\quartz.dll
10:41:09.0307 8020 C:\Windows\System32\quartz.dll - ok
10:41:09.0310 8020 [ 91A3C18F1C181C0943778392EE0CEF91 ] C:\Program Files\Garena Messenger\UpdateEx.exe
10:41:09.0310 8020 C:\Program Files\Garena Messenger\UpdateEx.exe - ok
10:41:09.0314 8020 [ CC5BF60E9D3F181C0B62AC91AD8634B8 ] C:\Windows\System32\qcap.dll
10:41:09.0314 8020 C:\Windows\System32\qcap.dll - ok
10:41:09.0317 8020 [ AA3B91B70E79BCE70AD3B190789B9574 ] C:\Windows\System32\drttransport.dll
10:41:09.0317 8020 C:\Windows\System32\drttransport.dll - ok
10:41:09.0320 8020 [ EE29FCC244C8033E2F748D863DCBF378 ] C:\Windows\System32\drt.dll
10:41:09.0320 8020 C:\Windows\System32\drt.dll - ok
10:41:09.0323 8020 [ 97E7E28577134072D88FA8564DEAC662 ] C:\Program Files\Toshiba\Bluetooth Toshiba Stack\OemBtAcpiAPI.dll
10:41:09.0323 8020 C:\Program Files\Toshiba\Bluetooth Toshiba Stack\OemBtAcpiAPI.dll - ok
10:41:09.0327 8020 [ D68DA341BD86908146512742D304F2E0 ] C:\Program Files\Toshiba\Bluetooth Toshiba Stack\sys\TosAcpiAPI.dll
10:41:09.0327 8020 C:\Program Files\Toshiba\Bluetooth Toshiba Stack\sys\TosAcpiAPI.dll - ok
10:41:09.0330 8020 [ 694170724C9C8EBA38AD25E216C7302D ] C:\Program Files\Toshiba\Bluetooth Toshiba Stack\sys\TosBtFuncLmt.dll
10:41:09.0331 8020 C:\Program Files\Toshiba\Bluetooth Toshiba Stack\sys\TosBtFuncLmt.dll - ok
10:41:09.0334 8020 [ E2A66559FEC8C5D3F017C53E2C63667B ] C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtChk.dll
10:41:09.0334 8020 C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtChk.dll - ok
10:41:09.0338 8020 [ 50B9A430075A2D8D9DC55506C73F2608 ] C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtLoad.dll
10:41:09.0338 8020 C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtLoad.dll - ok
10:41:09.0341 8020 [ B296F295AE1D40187E4538678FDB8D60 ] C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosA2dp.exe
10:41:09.0341 8020 C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosA2dp.exe - ok
10:41:09.0345 8020 [ 34190066B60F2618A83813D8032DDAD5 ] C:\Program Files\Toshiba\Bluetooth Toshiba Stack\sys\TosBtECCAPI.dll
10:41:09.0345 8020 C:\Program Files\Toshiba\Bluetooth Toshiba Stack\sys\TosBtECCAPI.dll - ok
10:41:09.0349 8020 [ B2D3379F911B9F8E008E7C4FE27126CF ] C:\Program Files\Toshiba\Bluetooth Toshiba Stack\sys\TosAvdtAPI.dll
10:41:09.0349 8020 C:\Program Files\Toshiba\Bluetooth Toshiba Stack\sys\TosAvdtAPI.dll - ok
10:41:09.0352 8020 [ 3F4BC7B388CCB25460AC12DE7F3FA257 ] C:\Program Files\Toshiba\Bluetooth Toshiba Stack\sys\TosSndAPI.dll
10:41:09.0352 8020 C:\Program Files\Toshiba\Bluetooth Toshiba Stack\sys\TosSndAPI.dll - ok
10:41:09.0356 8020 [ 0C1950E99AC8381E2F7C77E1B53BAAAB ] C:\Program Files\Toshiba\Bluetooth Toshiba Stack\sys\TosSndPlug.dll
10:41:09.0356 8020 C:\Program Files\Toshiba\Bluetooth Toshiba Stack\sys\TosSndPlug.dll - ok
10:41:09.0360 8020 [ A1091A01468D5CF18BBE39A9A1749EDB ] C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtHid.exe
10:41:09.0360 8020 C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtHid.exe - ok
10:41:09.0363 8020 [ 3AA7AD92FC4AB7F684A282FA63901545 ] C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtAvAC.exe
10:41:09.0363 8020 C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtAvAC.exe - ok
10:41:09.0366 8020 [ 24CAEDCD73B5B0E22226283B7B2468C7 ] C:\Windows\System32\mfc42u.dll
10:41:09.0367 8020 C:\Windows\System32\mfc42u.dll - ok
10:41:09.0370 8020 [ 29842E7F024AA198E92480F2CEA950CD ] C:\Program Files\Toshiba\Bluetooth Toshiba Stack\ReModem.exe
10:41:09.0370 8020 C:\Program Files\Toshiba\Bluetooth Toshiba Stack\ReModem.exe - ok
10:41:09.0373 8020 [ 36BE59DD932CD8D82E09EB9046F584A3 ] C:\Program Files\Toshiba\Bluetooth Toshiba Stack\ECHelper.dll
10:41:09.0373 8020 C:\Program Files\Toshiba\Bluetooth Toshiba Stack\ECHelper.dll - ok
10:41:09.0377 8020 [ EE8277A66B1C956F9099630A9E6FD04C ] C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtHSP.exe
10:41:09.0377 8020 C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtHSP.exe - ok
10:41:09.0380 8020 [ 7919A5BEE825D64C9AF8301E538B6CB7 ] C:\Program Files\Toshiba\Bluetooth Toshiba Stack\BtAssist.exe
10:41:09.0380 8020 C:\Program Files\Toshiba\Bluetooth Toshiba Stack\BtAssist.exe - ok
10:41:09.0383 8020 [ 8887F0866A068F0C3A215C6A59C1F6AD ] C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBt1st.exe
10:41:09.0383 8020 C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBt1st.exe - ok
10:41:09.0386 8020 [ CD8C6E6A51013CAFE13354F0CA62F0C7 ] C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtChkB.dll
10:41:09.0387 8020 C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtChkB.dll - ok
10:41:09.0390 8020 [ BDDAD529D037C62EFCE613C025CEAF7C ] C:\Program Files\Toshiba\Bluetooth Toshiba Stack\BTWLANDP.exe
10:41:09.0390 8020 C:\Program Files\Toshiba\Bluetooth Toshiba Stack\BTWLANDP.exe - ok
10:41:09.0393 8020 [ 56CC5D6D4F01033D037890F807215A6E ] C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtAfh.dll
10:41:09.0393 8020 C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtAfh.dll - ok
10:41:09.0397 8020 [ 47B4FCDCE4C0A64A54BC9A66B176B0F1 ] C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosAVRC.exe
10:41:09.0397 8020 C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosAVRC.exe - ok
10:41:09.0400 8020 [ FBE50E1DC5881CF6D74F3911F3BE1897 ] C:\Program Files\Toshiba\Bluetooth Toshiba Stack\sys\TosAvctAPI.dll
10:41:09.0400 8020 C:\Program Files\Toshiba\Bluetooth Toshiba Stack\sys\TosAvctAPI.dll - ok
10:41:09.0404 8020 [ 00AF6E2EEDA212036597C46D00B3679E ] C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosOBEX.exe
10:41:09.0404 8020 C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosOBEX.exe - ok
10:41:09.0407 8020 [ 1D9FB33312D3A86E0596650F3A7889E4 ] C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosNtfs.dll
10:41:09.0407 8020 C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosNtfs.dll - ok
10:41:09.0410 8020 [ 9FEC2820AA4DE56DB9A4EA4ED42EFE21 ] C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosSkypeApl.exe
10:41:09.0410 8020 C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosSkypeApl.exe - ok
10:41:09.0413 8020 [ DD1B8826F8B188FB478C968FF0E3B7AC ] C:\Program Files\Toshiba\Bluetooth Toshiba Stack\sys\TosBtHSPAPI.dll
10:41:09.0414 8020 C:\Program Files\Toshiba\Bluetooth Toshiba Stack\sys\TosBtHSPAPI.dll - ok
10:41:09.0417 8020 [ 9724795F306390CA5FDDC63314ABE7F3 ] C:\Program Files\Toshiba\Bluetooth Toshiba Stack\sys\TosBTHFPAPI.dll
10:41:09.0417 8020 C:\Program Files\Toshiba\Bluetooth Toshiba Stack\sys\TosBTHFPAPI.dll - ok
10:41:09.0420 8020 [ 67F3881F57F0DD30A2D64813B74F8749 ] C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtProc.exe
10:41:09.0420 8020 C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtProc.exe - ok
10:41:09.0424 8020 [ 950F5CE8FCC5CEB040E2C005B1804DFB ] C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosOBEX.dll
10:41:09.0424 8020 C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosOBEX.dll - ok
10:41:09.0427 8020 [ 74AF6AA2E8B3180AADAE5FE8813CB1CD ] C:\Windows\System32\localspl.dll
10:41:09.0427 8020 C:\Windows\System32\localspl.dll - ok
10:41:09.0430 8020 [ A5611A6D9CF770D8BBE916C0C84CEC6A ] C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDPROV.DLL
10:41:09.0430 8020 C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDPROV.DLL - ok
10:41:09.0433 8020 [ 629181C26A78EB66B0B4E774E5AC2882 ] C:\Windows\System32\spoolss.dll
10:41:09.0433 8020 C:\Windows\System32\spoolss.dll - ok
10:41:09.0437 8020 [ 45406FFD87F6BA4345B018E303A64FF1 ] C:\Program Files\Common Files\microsoft shared\Windows Live\wlidcli.dll
10:41:09.0437 8020 C:\Program Files\Common Files\microsoft shared\Windows Live\wlidcli.dll - ok
10:41:09.0440 8020 [ 03CF941D031F30272D3063E5A4D686F5 ] C:\Windows\System32\PrintIsolationProxy.dll
10:41:09.0440 8020 C:\Windows\System32\PrintIsolationProxy.dll - ok
10:41:09.0444 8020 [ 126F8331BD023178C7F0EF2F5EDE16B3 ] C:\Windows\System32\FXSMON.dll
10:41:09.0444 8020 C:\Windows\System32\FXSMON.dll - ok
10:41:09.0447 8020 [ B390C1D825C7687493BEDE237C6C2F25 ] C:\Windows\System32\tcpmon.dll
10:41:09.0447 8020 C:\Windows\System32\tcpmon.dll - ok
10:41:09.0450 8020 [ 1220595CABA75AB91A6B3FA3B89483CC ] C:\Windows\System32\snmpapi.dll
10:41:09.0450 8020 C:\Windows\System32\snmpapi.dll - ok
10:41:09.0453 8020 [ 6357E2B68753A1F5CF4A68A25C4FD14A ] C:\Windows\System32\wsnmp32.dll
10:41:09.0453 8020 C:\Windows\System32\wsnmp32.dll - ok
10:41:09.0456 8020 [ 18BA660C7022422A9B3BE14C37D7401E ] C:\Windows\System32\TBTMon.dll
10:41:09.0456 8020 C:\Windows\System32\TBTMon.dll - ok
10:41:09.0459 8020 [ E015C3AF4EBEFCD47BB05781126898BD ] C:\Windows\System32\tbtmon98Language.dll
10:41:09.0459 8020 C:\Windows\System32\tbtmon98Language.dll - ok
10:41:09.0462 8020 [ 756D84D65E727B60F149D8058720521A ] C:\Program Files\Toshiba\Bluetooth Toshiba Stack\sys\TosBtHcrpAPI.dll
10:41:09.0462 8020 C:\Program Files\Toshiba\Bluetooth Toshiba Stack\sys\TosBtHcrpAPI.dll - ok
10:41:09.0466 8020 [ 923CDD30092DB73EC4A0EBCDDD16C686 ] C:\Windows\System32\usbmon.dll
10:41:09.0466 8020 C:\Windows\System32\usbmon.dll - ok
10:41:09.0469 8020 [ A8EB761DE499242BECF153B2B34F020E ] C:\Windows\System32\WSDMon.dll
10:41:09.0469 8020 C:\Windows\System32\WSDMon.dll - ok
10:41:09.0472 8020 [ F34CFADA6C48DAA41B996D24C7D8D3CA ] C:\Windows\System32\fdPnp.dll
10:41:09.0472 8020 C:\Windows\System32\fdPnp.dll - ok
10:41:09.0475 8020 [ CD72C6406BA561BED6D42CB145E55307 ] C:\Windows\System32\spool\prtprocs\w32x86\winprint.dll
10:41:09.0475 8020 C:\Windows\System32\spool\prtprocs\w32x86\winprint.dll - ok
10:41:09.0478 8020 [ BE3953C7DAE4ECC89134CF64A903F8ED ] C:\Windows\System32\win32spl.dll
10:41:09.0478 8020 C:\Windows\System32\win32spl.dll - ok
10:41:09.0480 8020 [ D27DDE7E0444C7F1819F958469EB7D93 ] C:\Windows\System32\inetpp.dll
10:41:09.0480 8020 C:\Windows\System32\inetpp.dll - ok
10:41:09.0483 8020 ============================================================
10:41:09.0483 8020 Scan finished
10:41:09.0483 8020 ============================================================
10:41:09.0490 8012 Detected object count: 3
10:41:09.0490 8012 Actual detected object count: 3
10:42:28.0836 8012 IDriverT ( UnsignedFile.Multi.Generic ) - skipped by user
10:42:28.0837 8012 IDriverT ( UnsignedFile.Multi.Generic ) - User select action: Skip
10:42:28.0838 8012 MsgPlusService ( UnsignedFile.Multi.Generic ) - skipped by user
10:42:28.0838 8012 MsgPlusService ( UnsignedFile.Multi.Generic ) - User select action: Skip
10:42:28.0839 8012 TOSHIBA eco Utility Service ( UnsignedFile.Multi.Generic ) - skipped by user
10:42:28.0839 8012 TOSHIBA eco Utility Service ( UnsignedFile.Multi.Generic ) - User select action: Skip

#15 Lohckm

Lohckm
  • Topic Starter

  • Members
  • 20 posts
  • OFFLINE
  •  
  • Local time:09:53 PM

Posted 18 December 2012 - 10:08 PM

Hello Gringo! Thank you for the patience in reading the logs. Here is the log report by aswMBR.exe

aswMBR version 0.9.9.1707 Copyright© 2011 AVAST Software
Run date: 2012-12-19 10:56:10
-----------------------------
10:56:10.841 OS Version: Windows 6.1.7601 Service Pack 1
10:56:10.841 Number of processors: 4 586 0x2505
10:56:10.844 ComputerName: LOHCKM-PC UserName: lohckm
10:56:12.097 Initialize success
10:56:12.291 AVAST engine defs: 12121801
10:57:00.317 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IAAStorageDevice-1
10:57:00.317 Disk 0 Vendor: TOSHIBA_ GH10 Size: 476940MB BusType: 3
10:57:00.349 Disk 0 MBR read successfully
10:57:00.349 Disk 0 MBR scan
10:57:00.349 Disk 0 Windows VISTA default MBR code
10:57:00.364 Disk 0 Partition 1 80 (A) 27 Hidden NTFS WinRE NTFS 1500 MB offset 2048
10:57:00.380 Disk 0 Partition 2 00 07 HPFS/NTFS NTFS 463586 MB offset 3074048
10:57:00.411 Disk 0 Partition 3 00 17 Hidd HPFS/NTFS NTFS 11853 MB offset 952498176
10:57:00.442 Disk 0 scanning sectors +976773120
10:57:00.583 Disk 0 scanning C:\windows\system32\drivers
10:57:09.131 Service scanning
10:57:44.622 Modules scanning
10:57:58.474 Disk 0 trace - called modules:
10:57:58.490 ntoskrnl.exe CLASSPNP.SYS disk.sys iaStor.sys halmacpi.dll
10:57:58.506 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0x87b632d8]
10:57:58.506 3 CLASSPNP.SYS[8c38d59e] -> nt!IofCallDriver -> \Device\Ide\IAAStorageDevice-1[0x86003028]
10:57:59.691 AVAST engine scan C:\windows
10:58:00.549 File: C:\windows\PEV.exe **INFECTED** Win32:Rootkit-gen [Rtk]
10:58:02.562 AVAST engine scan C:\windows\system32
11:00:36.830 AVAST engine scan C:\windows\system32\drivers
11:00:49.622 AVAST engine scan C:\Users\lohckm
11:03:31.878 AVAST engine scan C:\ProgramData
11:05:02.889 Scan finished successfully
11:05:41.124 Disk 0 MBR has been saved successfully to "C:\Users\lohckm\Desktop\MBR.dat"
11:05:41.124 The log file has been saved successfully to "C:\Users\lohckm\Desktop\aswMBR.txt"




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users