Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Suspecting that it is virus that's causing many problems.


  • This topic is locked This topic is locked
41 replies to this topic

#1 Mr.Problem

Mr.Problem

  • Members
  • 30 posts
  • OFFLINE
  •  
  • Local time:09:49 PM

Posted 23 January 2013 - 11:12 PM

A few days ago, I started to notice that I couldn't do anything with my windows firewall. I tried to change some firewall settings but what ended up happening was receiving a error saying:

Firewall can't change some of your settings. Error code:0x800742c.

I searched the problems up and went to services.msc but found that firewall was set to automatic, but it was not started. I tried to start it, but an error popped up and said:

Windows could not start the Windows Firewall services on Local Computer.
Error 1068: The dependency services or group failed to start.

I checked and BFE was on, but a trip to Device Manager and I found that there was an exclamation mark next to the Windows Firewall Authorization Driver.

Also, I tried to start Windows Defender in services, but another error:

Windows could not start the Windows Defender service on Local Computer.
Error 126: The specified module could not be found.

I searched up and tried to fix the problem according to posts with other people having a similar problems. But none worked. Some said it could be virus causing these problems, and I thought it could be possible because lately google's been redirecting me to other random sites unrelated to what I searched for and clicked on and random ads have been appearing in the corners of firefox when I'm browsing. I scanned the computer with MBAM and it found nothing, so I used SuperAntiSpyware instead. The first time I used it, it found around 100 items (I don't really remember) and it told me to reboot the computer after. I did, but after the computer shut down and restarted, a screen telling me that windows was unable to boot appeared instead of the log in screen. The recovery service made me use system restore and got my computer back to a restore point a couple days ago. I don't know why SAS caused windows to be unable to start. I used SAS again a couple days later and it found another like, 30 or so items, but the same problems occurred again. I had to use system restore again. The firewall problem remained unfixed and my computer feels a little weird to me. I don't know what to do now. I am not great with computers and I use it daily only for entertainment purposes. Help would be appreciated!

BC AdBot (Login to Remove)

 


#2 gringo_pr

gringo_pr

    Bleepin Gringo


  • Malware Response Team
  • 136,772 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Puerto rico
  • Local time:01:49 AM

Posted 23 January 2013 - 11:19 PM

Greetings and Welcome to The Forums!!

My name is Gringo and I'll be glad to help you with your malware problems.

I have put together somethings for you to keep in mind while I am helping you to make things go easier and faster for both of us

  • Please do not run any tools unless instructed to do so.
    • We ask you to run different tools in a specific order to ensure the malware is completely removed from your machine, and running any additional tools may detect false positives, interfere with our tools, or cause unforeseen damage or system instability.
  • Please do not attach logs or use code boxes, just copy and paste the text.
    • Due to the high volume of logs we receive it helps to receive everything in the same format, and code boxes make the logs very difficult to read. Also, attachments require us to download and open the reports when it is easier to just read the reports in your post.
  • Please read every post completely before doing anything.
    • Pay special attention to the NOTE: lines, these entries identify an individual issue or important step in the cleanup process.
  • Please provide feedback about your experience as we go.
    • A short statement describing how the computer is working helps us understand where to go next, for example: I am still getting redirected, the computer is running normally, etc. Please do not describe the computer as "the same", this requires the extra step of looking back at your previous post.
NOTE: At the top of your post, click on the Watch Topic Button, select Immediate Notification, and click on Proceed. This will send you an e-mail as soon as I reply to your topic, allowing us to resolve the issue faster.

NOTE: Backup any files that cannot be replaced. Removing malware can be unpredictable and this step can save a lot of heartaches if things don't go as planed. You can put them on a CD/DVD, external drive or a pen drive, anywhere except on the computer.

NOTE: It is good practice to copy and paste the instructions into notepad and print them in case it is necessary for you to go offline during the cleanup process. To open notepad, navigate to Start Menu > All Programs > Accessories > Notepad. Please remember to copy the entire post so you do not miss any instructions.





I need to get some reports to get a base to start from so I need you to run these programs first.


-DeFogger-

  • Please download DeFogger to your desktop.

    Double click DeFogger to run the tool.
  • The application window will appear
  • Click the Disable button to disable your CD Emulation drivers
  • Click Yes to continue
  • A 'Finished!' message will appear
  • Click OK
  • DeFogger may ask you to reboot the machine, if it does - click OK
Do not re-enable these drivers until otherwise instructed.


-Security Check-

  • Download Security Check by screen317 from here.
  • Save it to your Desktop.
  • Double click SecurityCheck.exe and follow the onscreen instructions inside of the black box.
  • A Notepad document should open automatically called checkup.txt; please post the contents of that document.


-Download DDS-

  • Please download DDS from one of the links below and save it to your desktop:

    Posted Image
    Download DDS and save it to your desktop

    Link1
    Link2
    Link3


    • Double-Click on dds.scr and a command window will appear. This is normal.
    • Shortly after two logs will appear:
    • DDS.txt
    • Attach.txt
  • A window will open instructing you save & post the logs
  • Save the logs to a convenient place such as your desktop
  • Copy the contents of both logs & post in your next reply

information and logs

  • In your next post I need the following

  • both reports from DDS
  • report from security check
  • let me know of any problems you may have had

Gringo

I Close My Topics If You Have Not Replied In 5 Days If You Will Be Longer Please Let Me Know

If I Have Not Replied To One Of My Topics In 48 Hrs Please Bump The Topic



My help is free, however, if you wish to make a small donation to show your appreciation or to help me continue the fight against Malware, then click here -->btn_donate_SM.gif<-- Don't worry every little bit helps.

Proud Graduate Of Malware Removal University

#3 Mr.Problem

Mr.Problem
  • Topic Starter

  • Members
  • 30 posts
  • OFFLINE
  •  
  • Local time:09:49 PM

Posted 24 January 2013 - 07:05 PM

Thank you

Report from DDS.txt:

DDS (Ver_2012-11-20.01) - NTFS_AMD64
Internet Explorer: 8.0.7601.17514
Run by Administrator at 15:58:47 on 2013-01-24
Microsoft Windows 7 Home Premium 6.1.7601.1.1252.1.1033.18.3687.1992 [GMT -8:00]
.
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
============== Running Processes ===============
.
C:\windows\system32\lsm.exe
C:\windows\system32\svchost.exe -k DcomLaunch
C:\windows\system32\svchost.exe -k RPCSS
C:\windows\system32\atiesrxx.exe
C:\windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\windows\system32\svchost.exe -k netsvcs
C:\windows\system32\svchost.exe -k LocalService
C:\windows\system32\svchost.exe -k NetworkService
C:\windows\system32\atieclxx.exe
C:\windows\System32\spoolsv.exe
C:\windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe
C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
C:\Program Files\TENCENT\AddrUpdate\AddrUpdate.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
C:\windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
C:\windows\system32\svchost.exe -k imgsvc
C:\windows\system32\TODDSrv.exe
C:\Program Files\Toshiba\Power Saver\TosCoSrv.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
C:\Program Files\TOSHIBA\TECO\TecoService.exe
C:\windows\system32\wbem\wmiprvse.exe
C:\windows\system32\taskhost.exe
C:\windows\system32\taskeng.exe
C:\windows\system32\Dwm.exe
C:\Program Files (x86)\IObit\Game Booster 3\gbtray.exe
C:\windows\Explorer.EXE
C:\Program Files\Toshiba\Power Saver\TPwrMain.exe
C:\Program Files\Toshiba\FlashCards\TCrdMain.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\Toshiba\TECO\Teco.exe
C:\Program Files\Toshiba\ReelTime\TosReelTimeMonitor.exe
C:\Windows\System32\rundll32.exe
C:\windows\SysWOW64\rundll32.exe
C:\Users\Administrator.Toshiba\AppData\Local\Akamai\netsession_win.exe
C:\Program Files (x86)\Pando Networks\Media Booster\PMB.exe
C:\Users\Administrator.Toshiba\AppData\Local\Akamai\netsession_win.exe
C:\Program Files (x86)\Toshiba\TOSHIBA Sleep Utility\TSleepSrv.exe
C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe
C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE
C:\windows\system32\SearchIndexer.exe
C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
C:\Program Files (x86)\TOSHIBA\ConfigFree\NDSTray.exe
C:\Program Files (x86)\TOSHIBA\ConfigFree\CFSwMgr.exe
C:\Program Files\TOSHIBA\TPHM\TPCHSrv.exe
C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSmartSrv.exe
C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSENotify.exe
C:\Program Files\TOSHIBA\TPHM\TPCHWMsg.exe
C:\Program Files (x86)\TOSHIBA\ConfigFree\CFIWmxSvcs64.exe
C:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
C:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
C:\Program Files (x86)\TOSHIBA\ConfigFree\CFSvcs.exe
C:\windows\system32\svchost.exe -k defragsvc
"C:\windows\SysWOW64\svchost.exe" -k LocalServiceDns
C:\windows\system32\SearchProtocolHost.exe
C:\windows\SysWOW64\notepad.exe
C:\windows\system32\SearchFilterHost.exe
C:\windows\system32\wbem\wmiprvse.exe
C:\windows\System32\cscript.exe
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxp://hao.kuaibo.com/?qi20120930
uWindow Title = Presented by TOSHIBA Leading Innovation >>>
uDefault_Page_URL = hxxp://www.toshiba.ca/welcome
mStart Page = hxxp://www.google.com/ig/redirectdomain?brand=TSCA&bmod=TSCA
mDefault_Page_URL = hxxp://www.google.com/ig/redirectdomain?brand=TSCA&bmod=TSCA
uURLSearchHooks: {687578b9-7132-4a7a-80e4-30ee31099e03} - <orphaned>
mWinlogon: Userinit = userinit.exe,
BHO: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
BHO: Tencent Browser Helper: {40C03A4A-45BF-A5F1-E2ED-5A2B34E4BC86} - C:\Program Files\TENCENT\SSPlus\SAddr.dll
BHO: SteadyVideoBHO Class: {6C680BAE-655C-4E3D-8FC4-E6A520C3D928} - C:\Program Files (x86)\AMD\SteadyVideo\SteadyVideo.dll
BHO: Groove GFS Browser Helper: {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll
BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
BHO: Windows Live Messenger Companion Helper: {9FDDE16B-836F-4806-AB1F-1455CBEFF289} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll
BHO: Java™ Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
uRun: [Akamai NetSession Interface] "C:\Users\Administrator.Toshiba\AppData\Local\Akamai\netsession_win.exe"
uRun: [ACFinder] "C:\Users\Administrator.Toshiba\AppData\Local\AppCore\ACFinder\ACFinder.exe"
uRun: [Pando Media Booster] C:\Program Files (x86)\Pando Networks\Media Booster\PMB.exe
mRun: [TSleepSrv] C:\Program Files (x86)\TOSHIBA\TOSHIBA Sleep Utility\TSleepSrv.exe
mRun: [GrooveMonitor] "C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe"
mRun: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe"
mRun: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
mRun: [StartCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
mRun: [EEventManager] C:\PROGRA~2\EPSONS~1\EVENTM~1\EEventManager.exe
mRun: [Microsoft Pinyin IME Migration] C:\PROGRA~2\COMMON~1\MICROS~1\IME12\IMESC\IMSCMIG.EXE /INSTALL
uPolicies-Explorer: NoDriveTypeAutoRun = dword:145
mPolicies-Explorer: NoActiveDesktop = dword:1
mPolicies-Explorer: NoActiveDesktopChanges = dword:1
mPolicies-System: ConsentPromptBehaviorAdmin = dword:5
mPolicies-System: ConsentPromptBehaviorUser = dword:3
mPolicies-System: EnableUIADesktopToggle = dword:0
IE: Add to TOSHIBA Bulletin Board - C:\Program Files\TOSHIBA\BulletinBoard\TosBBCom.dll/1000
IE: E&xport to Microsoft Excel - C:\PROGRA~2\MICROS~3\Office12\EXCEL.EXE/3000
IE: {0000036B-C524-4050-81A0-243669A86B9F} - {B63DBA5F-523F-4B9C-A43D-65DF1977EAD3} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll
IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files (x86)\Microsoft Office\Office12\ONBttnIE.dll
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503}
IE: {97F922BD-8563-4184-87EE-8C4ACA438823} - {5D29E593-73A5-400A-B3BD-6B7A1AF05A31} - C:\Program Files\Toshiba\BulletinBoard\TosBBCom.dll
LSP: mswsock.dll
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab
DPF: {99CAAA27-FA0C-4FA4-B88A-4AB1CC7A17FE} - hxxp://www.netgame.com/mplugin/mglaunch_USAv1005.cab
DPF: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab
TCP: NameServer = 64.59.144.93 64.59.150.139 192.168.1.1
TCP: Interfaces\{77A6C5E0-23A7-4149-A169-026EF6115647} : DHCPNameServer = 64.59.144.93 64.59.150.139 192.168.1.1
Filter: video/mp4 - {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Program Files (x86)\AMD\SteadyVideo\VideoMIMEFilter.dll
Filter: video/x-flv - {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Program Files (x86)\AMD\SteadyVideo\VideoMIMEFilter.dll
Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveSystemServices.dll
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll
Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
SSODL: WebCheck - <orphaned>
SEH: Groove GFS Stub Execution Hook - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll
SubSystems: Windows = basesrv,1 winsrv:UserServerDllInitialization,3 consrv:ConServerDllInitialization,2 sxssrv,4
x64-mStart Page = hxxp://www.toshiba.ca/welcome
x64-mDefault_Page_URL = hxxp://www.toshiba.ca/welcome
x64-BHO: SteadyVideoBHO Class: {6C680BAE-655C-4E3D-8FC4-E6A520C3D928} - C:\Program Files\AMD\SteadyVideo\SteadyVideo.dll
x64-BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
x64-Run: [TPwrMain] C:\Program Files (x86)\TOSHIBA\Power Saver\TPwrMain.EXE
x64-Run: [HSON] C:\Program Files (x86)\TOSHIBA\TBS\HSON.exe
x64-Run: [TCrdMain] C:\Program Files (x86)\TOSHIBA\FlashCards\TCrdMain.exe
x64-Run: [SmartAudio] C:\Program Files\CONEXANT\SAII\SAIICpl.exe /t
x64-Run: [SynTPEnh] C:\Program Files (x86)\Synaptics\SynTP\SynTPEnh.exe
x64-Run: [Teco] "C:\Program Files (x86)\TOSHIBA\TECO\Teco.exe" /r
x64-Run: [TosSENotify] C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosWaitSrv.exe
x64-Run: [TosWaitSrv] C:\Program Files (x86)\TOSHIBA\TPHM\TosWaitSrv.exe
x64-Run: [TosVolRegulator] C:\Program Files\TOSHIBA\TosVolRegulator\TosVolRegulator.exe
x64-Run: [TosReelTimeMonitor] C:\Program Files (x86)\TOSHIBA\ReelTime\TosReelTimeMonitor.exe
x64-Run: [wicats] rundll32.exe "C:\Users\ADMINI~1.TOS\AppData\Local\Temp\wicats.dll",PreprocessShaderFromResourceW
x64-Run: [scfere] rundll32.exe "C:\Users\ADMINI~1.TOS\AppData\Local\Temp\scfere.dll",D3D9ResourceGetMappedArray
x64-Run: [Microsoft Pinyin IME Migration] C:\PROGRA~1\COMMON~1\MICROS~1\IME12\IMESC\IMSCMIG.EXE /INSTALL
x64-IE: {97F922BD-8563-4184-87EE-8C4ACA438823} - {5D29E593-73A5-400A-B3BD-6B7A1AF05A31} - C:\Program Files\Toshiba\BulletinBoard\TosBBCom64.dll
x64-Filter: video/mp4 - {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Program Files\AMD\SteadyVideo\VideoMIMEFilter.dll
x64-Filter: video/x-flv - {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Program Files\AMD\SteadyVideo\VideoMIMEFilter.dll
x64-Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - <orphaned>
x64-Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - <orphaned>
x64-Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - <orphaned>
x64-SSODL: WebCheck - <orphaned>
Hosts: 67.215.245.19 www.google-analytics.com.
Hosts: 67.215.245.19 ad-emea.doubleclick.net.
Hosts: 67.215.245.19 www.statcounter.com.
Hosts: 108.163.215.51 www.google-analytics.com.
Hosts: 108.163.215.51 ad-emea.doubleclick.net.
.
Note: multiple HOSTS entries found. Please refer to Attach.txt
.
================= FIREFOX ===================
.
FF - ProfilePath - C:\Users\Administrator.Toshiba\AppData\Roaming\Mozilla\Firefox\Profiles\qdoz0alu.default-1358720648846\
FF - plugin: C:\PROGRA~2\MICROS~3\Office14\NPSPWRAP.DLL
FF - plugin: C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll
FF - plugin: C:\Program Files (x86)\Google\Update\1.3.21.123\npGoogleUpdate3.dll
FF - plugin: C:\Program Files (x86)\Java\jre6\bin\new_plugin\npdeployJava1.dll
FF - plugin: c:\Program Files (x86)\Microsoft Silverlight\4.1.10329.0\npctrlui.dll
FF - plugin: C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll
FF - plugin: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
FF - plugin: C:\windows\SysWOW64\Macromed\Flash\NPSWF32_11_5_502_146.dll
FF - ExtSQL: !HIDDEN! 2012-05-01 20:41; {DDA27E4C-75E6-11E1-826D-B8AC6F996F26}; C:\Users\Administrator.Toshiba\AppData\Local\{DDA27E4C-75E6-11E1-826D-B8AC6F996F26}
.
============= SERVICES / DRIVERS ===============
.
R1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;C:\windows\System32\drivers\dtsoftbus01.sys [2012-7-15 283200]
R2 AMD External Events Utility;AMD External Events Utility;C:\windows\System32\atiesrxx.exe [2012-9-27 239616]
R2 AMD FUEL Service;AMD FUEL Service;C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [2012-9-28 361984]
R2 ARUpdate;Tencent SOSO Update Service;C:\Program Files\TENCENT\AddrUpdate\AddrUpdate.exe [2012-3-16 116088]
R2 cfWiMAXService;ConfigFree WiMAX Service;C:\Program Files (x86)\Toshiba\ConfigFree\CFIWmxSvcs64.exe [2010-1-28 249200]
R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576]
R2 ConfigFree Service;ConfigFree Service;C:\Program Files (x86)\Toshiba\ConfigFree\CFSvcs.exe [2009-3-10 46448]
R2 cvhsvc;Client Virtualization Handler;C:\Program Files (x86)\Common Files\microsoft shared\Virtualization Handler\CVHSVC.EXE [2012-1-4 822624]
R2 MBAMScheduler;MBAMScheduler;C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [2012-9-16 398184]
R2 sftlist;Application Virtualization Client;C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe [2011-10-1 508776]
R2 TOSHIBA eco Utility Service;TOSHIBA eco Utility Service;C:\Program Files\Toshiba\TECO\TecoService.exe [2010-12-8 267192]
R2 TVALZFL;TOSHIBA ACPI-Based Value Added Logical and General Purpose Device Filter Driver;C:\windows\System32\drivers\TVALZFL.sys [2009-6-19 14472]
R3 amdiox64;AMD IO Driver;C:\windows\System32\drivers\amdiox64.sys [2012-2-26 46136]
R3 AtiHDAudioService;AMD Function Driver for HD Audio Service;C:\windows\System32\drivers\AtihdW76.sys [2012-5-13 96896]
R3 MBAMProtector;MBAMProtector;C:\windows\System32\drivers\mbam.sys [2012-2-28 24176]
R3 PGEffect;Pangu effect driver;C:\windows\System32\drivers\PGEffect.sys [2011-6-24 38096]
R3 QIOMem;Generic IO & Memory Access;C:\windows\System32\drivers\QIOMem.sys [2009-6-15 12800]
R3 RTL8192Ce;Realtek Wireless LAN 802.11n PCI-E NIC Driver;C:\windows\System32\drivers\rtl8192ce.sys [2011-6-24 1109096]
R3 Sftfs;Sftfs;C:\windows\System32\drivers\Sftfslh.sys [2011-10-1 764264]
R3 Sftplay;Sftplay;C:\windows\System32\drivers\Sftplaylh.sys [2011-10-1 268648]
R3 Sftredir;Sftredir;C:\windows\System32\drivers\Sftredirlh.sys [2011-10-1 25960]
R3 Sftvol;Sftvol;C:\windows\System32\drivers\Sftvollh.sys [2011-10-1 22376]
R3 sftvsa;Application Virtualization Service Agent;C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe [2011-10-1 219496]
R3 TOSHIBA HDD SSD Alert Service;TOSHIBA HDD SSD Alert Service;C:\Program Files\Toshiba\TOSHIBA HDD SSD Alert\TosSmartSrv.exe [2010-12-8 137632]
R3 TPCHSrv;TPCH Service;C:\Program Files\Toshiba\TPHM\TPCHSrv.exe [2010-12-20 822704]
S2 MBAMService;MBAMService;C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [2012-9-16 682344]
S2 SkypeUpdate;Skype Updater;C:\Program Files (x86)\Skype\Updater\Updater.exe [2012-11-9 160944]
S3 androidusb;SAMSUNG Android Composite ADB Interface Driver;C:\windows\System32\drivers\ssadadb.sys [2011-5-13 36328]
S3 fssfltr;fssfltr;C:\windows\System32\drivers\fssfltr.sys [2011-6-24 48488]
S3 fsssvc;Windows Live Family Safety Service;C:\Program Files (x86)\Windows Live\Family Safety\fsssvc.exe [2010-9-22 1493352]
S3 L1C;NDIS Miniport Driver for Atheros AR813x/AR815x PCI-E Ethernet Controller;C:\windows\System32\drivers\L1C62x64.sys [2011-2-9 77424]
S3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader;C:\windows\System32\drivers\RtsUStor.sys [2011-6-24 250984]
S3 RSUSBVSTOR;RTSUVSTOR.Sys Realtek USB Card Reader;C:\windows\System32\drivers\rtsuvstor.sys [2011-6-24 307304]
S3 SrvHsfHDA;SrvHsfHDA;C:\windows\System32\drivers\VSTAZL6.SYS [2009-7-13 292864]
S3 SrvHsfV92;SrvHsfV92;C:\windows\System32\drivers\VSTDPV6.SYS [2009-7-13 1485312]
S3 SrvHsfWinac;SrvHsfWinac;C:\windows\System32\drivers\VSTCNXT6.SYS [2009-7-13 740864]
S3 ssadbus;SAMSUNG Android USB Composite Device driver (WDM);C:\windows\System32\drivers\ssadbus.sys [2011-5-13 157672]
S3 ssadmdfl;SAMSUNG Android USB Modem (Filter);C:\windows\System32\drivers\ssadmdfl.sys [2011-5-13 16872]
S3 ssadmdm;SAMSUNG Android USB Modem Drivers;C:\windows\System32\drivers\ssadmdm.sys [2011-5-13 177640]
S3 ssadserd;SAMSUNG Android USB Diagnostic Serial Port (WDM);C:\windows\System32\drivers\ssadserd.sys [2011-5-13 146920]
S3 TMachInfo;TMachInfo;C:\Program Files (x86)\Toshiba\TOSHIBA Service Station\TMachInfo.exe [2011-6-24 54136]
S3 TsUsbFlt;TsUsbFlt;C:\windows\System32\drivers\TsUsbFlt.sys [2010-11-20 59392]
S3 TsUsbGD;Remote Desktop Generic USB Device;C:\windows\System32\drivers\TsUsbGD.sys [2010-11-20 31232]
S3 USBAAPL64;Apple Mobile USB Driver;C:\windows\System32\drivers\usbaapl64.sys [2012-9-28 53760]
S3 WatAdminSvc;Windows Activation Technologies Service;C:\windows\System32\Wat\WatAdminSvc.exe [2011-11-21 1255736]
S3 WinRing0_1_2_0;WinRing0_1_2_0;C:\Program Files (x86)\IObit\Game Booster 3\Driver\WinRing0x64.sys [2012-5-9 14544]
S4 wlcrasvc;Windows Live Mesh remote connections service;C:\Program Files\Windows Live\Mesh\wlcrasvc.exe [2010-9-22 57184]
.
=============== Created Last 30 ================
.
2013-01-24 03:37:19 -------- d-----w- C:\Program Files (x86)\Emsisoft Anti-Malware
2013-01-24 02:58:56 -------- d-----w- C:\6bc296202d2276f17f6655ab
2013-01-24 02:21:35 46080 ----a-w- C:\windows\System32\atmlib.dll
2013-01-24 02:21:35 367616 ----a-w- C:\windows\System32\atmfd.dll
2013-01-24 02:21:35 34304 ----a-w- C:\windows\SysWow64\atmlib.dll
2013-01-24 02:21:35 295424 ----a-w- C:\windows\SysWow64\atmfd.dll
2013-01-24 02:20:03 87040 ----a-w- C:\windows\System32\drivers\WUDFPf.sys
2013-01-24 02:20:03 198656 ----a-w- C:\windows\System32\drivers\WUDFRd.sys
2013-01-24 02:20:02 84992 ----a-w- C:\windows\System32\WUDFSvc.dll
2013-01-24 02:20:02 194048 ----a-w- C:\windows\System32\WUDFPlatform.dll
2013-01-24 02:20:01 744448 ----a-w- C:\windows\System32\WUDFx.dll
2013-01-24 02:20:01 45056 ----a-w- C:\windows\System32\WUDFCoinstaller.dll
2013-01-24 02:20:01 229888 ----a-w- C:\windows\System32\WUDFHost.exe
2013-01-24 02:05:48 81408 ----a-w- C:\windows\System32\imagehlp.dll
2013-01-24 02:05:48 5120 ----a-w- C:\windows\SysWow64\wmi.dll
2013-01-24 02:05:48 5120 ----a-w- C:\windows\System32\wmi.dll
2013-01-24 02:05:48 23408 ----a-w- C:\windows\System32\drivers\fs_rec.sys
2013-01-24 02:05:48 159232 ----a-w- C:\windows\SysWow64\imagehlp.dll
2013-01-23 08:09:55 5559664 ----a-w- C:\windows\System32\ntoskrnl.exe
2013-01-23 08:08:36 478208 ----a-w- C:\windows\System32\dpnet.dll
2013-01-23 08:08:36 376832 ----a-w- C:\windows\SysWow64\dpnet.dll
2013-01-23 08:08:35 307200 ----a-w- C:\windows\System32\ncrypt.dll
2013-01-23 08:08:35 220160 ----a-w- C:\windows\SysWow64\ncrypt.dll
2013-01-23 08:08:34 220160 ----a-w- C:\windows\System32\wintrust.dll
2013-01-23 08:08:34 172544 ----a-w- C:\windows\SysWow64\wintrust.dll
2013-01-23 08:08:29 245760 ----a-w- C:\windows\System32\OxpsConverter.exe
2013-01-23 08:08:03 800768 ----a-w- C:\windows\System32\usp10.dll
2013-01-23 08:08:01 626688 ----a-w- C:\windows\SysWow64\usp10.dll
2013-01-23 08:06:59 210944 ----a-w- C:\windows\System32\drivers\rdpwd.sys
2013-01-23 08:05:53 68608 ----a-w- C:\windows\System32\taskhost.exe
2013-01-23 07:46:22 9161176 ------w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\Updates\mpengine.dll
2013-01-23 07:45:38 751104 ----a-w- C:\windows\System32\win32spl.dll
2013-01-23 07:45:38 67072 ----a-w- C:\windows\splwow64.exe
2013-01-23 07:45:38 559104 ----a-w- C:\windows\System32\spoolsv.exe
2013-01-23 07:45:38 492032 ----a-w- C:\windows\SysWow64\win32spl.dll
2013-01-23 07:45:21 1464320 ----a-w- C:\windows\System32\crypt32.dll
2013-01-23 07:45:20 184320 ----a-w- C:\windows\System32\cryptsvc.dll
2013-01-23 07:45:20 140288 ----a-w- C:\windows\SysWow64\cryptsvc.dll
2013-01-23 07:45:20 140288 ----a-w- C:\windows\System32\cryptnet.dll
2013-01-23 07:45:20 1159680 ----a-w- C:\windows\SysWow64\crypt32.dll
2013-01-23 07:45:20 103936 ----a-w- C:\windows\SysWow64\cryptnet.dll
2013-01-23 07:38:57 2622464 ----a-w- C:\windows\System32\wucltux.dll
2013-01-23 07:38:35 99840 ----a-w- C:\windows\System32\wudriver.dll
2013-01-23 07:38:22 36864 ----a-w- C:\windows\System32\wuapp.exe
2013-01-23 07:38:22 186752 ----a-w- C:\windows\System32\wuwebv.dll
2013-01-23 05:17:46 -------- d-----w- C:\ProgramData\SUPERSetup
2013-01-23 03:50:01 -------- d-----w- C:\Riot Games
2013-01-22 02:50:09 -------- d-----w- C:\Users\Administrator.Toshiba\AppData\Roaming\SUPERAntiSpyware.com
2013-01-22 02:49:36 -------- d-----w- C:\ProgramData\SUPERAntiSpyware.com
2013-01-22 02:49:36 -------- d-----w- C:\Program Files\SUPERAntiSpyware
2013-01-21 19:20:01 -------- d-----w- C:\Users\Administrator.Toshiba\.swt
2013-01-20 22:24:46 -------- d-----w- C:\Users\Administrator.Toshiba\AppData\Local\Programs
2012-12-26 21:07:21 -------- d-sh--w- C:\windows\ftpcache
2012-12-26 21:07:18 -------- d-----w- C:\Program Files (x86)\Window Gadgets
2012-12-26 21:06:40 -------- d-----w- C:\Users\Administrator.Toshiba\AppData\Local\Wajam
.
==================== Find3M ====================
.
2013-01-09 07:08:22 74248 ----a-w- C:\windows\SysWow64\FlashPlayerCPLApp.cpl
2013-01-09 07:08:22 697864 ----a-w- C:\windows\SysWow64\FlashPlayerApp.exe
2012-12-15 00:49:28 24176 ----a-w- C:\windows\System32\drivers\mbam.sys
2012-12-07 13:20:16 441856 ----a-w- C:\windows\System32\Wpc.dll
2012-12-07 13:15:31 2746368 ----a-w- C:\windows\System32\gameux.dll
2012-12-07 12:26:17 308736 ----a-w- C:\windows\SysWow64\Wpc.dll
2012-12-07 12:20:43 2576384 ----a-w- C:\windows\SysWow64\gameux.dll
2012-12-07 11:20:04 30720 ----a-w- C:\windows\System32\usk.rs
2012-12-07 11:20:03 43520 ----a-w- C:\windows\System32\csrr.rs
2012-12-07 11:20:03 23552 ----a-w- C:\windows\System32\oflc.rs
2012-12-07 11:20:01 45568 ----a-w- C:\windows\System32\oflc-nz.rs
2012-12-07 11:20:01 44544 ----a-w- C:\windows\System32\pegibbfc.rs
2012-12-07 11:20:01 20480 ----a-w- C:\windows\System32\pegi-fi.rs
2012-12-07 11:20:00 20480 ----a-w- C:\windows\System32\pegi-pt.rs
2012-12-07 11:19:59 20480 ----a-w- C:\windows\System32\pegi.rs
2012-12-07 11:19:58 46592 ----a-w- C:\windows\System32\fpb.rs
2012-12-07 11:19:57 40960 ----a-w- C:\windows\System32\cob-au.rs
2012-12-07 11:19:57 21504 ----a-w- C:\windows\System32\grb.rs
2012-12-07 11:19:57 15360 ----a-w- C:\windows\System32\djctq.rs
2012-12-07 11:19:56 55296 ----a-w- C:\windows\System32\cero.rs
2012-12-07 11:19:55 51712 ----a-w- C:\windows\System32\esrb.rs
2012-11-30 05:45:35 362496 ----a-w- C:\windows\System32\wow64win.dll
2012-11-30 05:45:35 243200 ----a-w- C:\windows\System32\wow64.dll
2012-11-30 05:45:35 13312 ----a-w- C:\windows\System32\wow64cpu.dll
2012-11-30 05:45:14 215040 ----a-w- C:\windows\System32\winsrv.dll
2012-11-30 05:43:12 16384 ----a-w- C:\windows\System32\ntvdm64.dll
2012-11-30 05:41:07 424448 ----a-w- C:\windows\System32\KernelBase.dll
2012-11-30 04:54:00 5120 ----a-w- C:\windows\SysWow64\wow32.dll
2012-11-30 04:53:59 274944 ----a-w- C:\windows\SysWow64\KernelBase.dll
2012-11-30 03:23:48 338432 ----a-w- C:\windows\System32\conhost.exe
2012-11-30 02:44:06 25600 ----a-w- C:\windows\SysWow64\setup16.exe
2012-11-30 02:44:04 7680 ----a-w- C:\windows\SysWow64\instnm.exe
2012-11-30 02:44:04 14336 ----a-w- C:\windows\SysWow64\ntvdm64.dll
2012-11-30 02:44:03 2048 ----a-w- C:\windows\SysWow64\user.exe
2012-11-30 02:38:59 6144 ---ha-w- C:\windows\SysWow64\api-ms-win-security-base-l1-1-0.dll
2012-11-30 02:38:59 4608 ---ha-w- C:\windows\SysWow64\api-ms-win-core-threadpool-l1-1-0.dll
2012-11-30 02:38:59 3584 ---ha-w- C:\windows\SysWow64\api-ms-win-core-xstate-l1-1-0.dll
2012-11-30 02:38:59 3072 ---ha-w- C:\windows\SysWow64\api-ms-win-core-util-l1-1-0.dll
2012-11-23 03:26:31 3149824 ----a-w- C:\windows\System32\win32k.sys
2012-11-12 12:28:37 1638912 ----a-w- C:\windows\System32\mshtml.tlb
2012-11-12 11:52:18 1638912 ----a-w- C:\windows\SysWow64\mshtml.tlb
2012-11-01 05:43:42 2002432 ----a-w- C:\windows\System32\msxml6.dll
2012-11-01 05:43:42 1882624 ----a-w- C:\windows\System32\msxml3.dll
2012-11-01 04:47:54 1389568 ----a-w- C:\windows\SysWow64\msxml6.dll
2012-11-01 04:47:54 1236992 ----a-w- C:\windows\SysWow64\msxml3.dll
2012-10-27 06:26:55 981504 ----a-w- C:\windows\SysWow64\wininet.dll
2012-10-27 05:51:21 1188864 ----a-w- C:\windows\System32\wininet.dll
.
============= FINISH: 15:59:42.73 ===============

Report from Attach.txt:

.
UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
IF REQUESTED, ZIP IT UP & ATTACH IT
.
DDS (Ver_2012-11-20.01)
.
Microsoft Windows 7 Home Premium
Boot Device: \Device\HarddiskVolume1
Install Date: 11/20/2011 6:48:05 PM
System Uptime: 1/24/2013 3:47:49 PM (0 hours ago)
.
Motherboard: AMD | | Inagua
Processor: AMD E-350 Processor | Socket FT1 | 800/100mhz
.
==== Disk Partitions =========================
.
C: is FIXED (NTFS) - 452 GiB total, 371.191 GiB free.
D: is CDROM ()
E: is CDROM ()
.
==== Disabled Device Manager Items =============
.
Class GUID: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Description: Windows Firewall Authorization Driver
Device ID: ROOT\LEGACY_MPSDRV\0000
Manufacturer:
Name: Windows Firewall Authorization Driver
PNP Device ID: ROOT\LEGACY_MPSDRV\0000
Service: mpsdrv
.
Class GUID: {4d36e972-e325-11ce-bfc1-08002be10318}
Description: Atheros AR8152/8158 PCI-E Fast Ethernet Controller (NDIS 6.20)
Device ID: PCI\VEN_1969&DEV_2062&SUBSYS_FD521179&REV_C1\4&2E978161&0&00AA
Manufacturer: Atheros
Name: Atheros AR8152/8158 PCI-E Fast Ethernet Controller (NDIS 6.20)
PNP Device ID: PCI\VEN_1969&DEV_2062&SUBSYS_FD521179&REV_C1\4&2E978161&0&00AA
Service: L1C
.
==== System Restore Points ===================
.
RP120: 1/22/2013 8:34:37 PM - Windows Update
RP121: 1/22/2013 11:37:48 PM - Windows Update
RP122: 1/22/2013 11:45:41 PM - Windows Update
RP123: 1/23/2013 5:46:09 PM - Windows Update
.
==== Hosts File Hijack ======================
.
Hosts: 67.215.245.19 www.google-analytics.com.
Hosts: 67.215.245.19 ad-emea.doubleclick.net.
Hosts: 67.215.245.19 www.statcounter.com.
Hosts: 108.163.215.51 www.google-analytics.com.
Hosts: 108.163.215.51 ad-emea.doubleclick.net.
Hosts: 108.163.215.51 www.statcounter.com.
.
==== Installed Programs ======================
.
Update for Microsoft Office 2007 (KB2508958)
??????? 6.2???
礣orrent
Adobe AIR
Adobe Flash Player 11 ActiveX
Adobe Flash Player 11 Plugin
Adobe Reader 9.5.3
Akamai NetSession Interface
Amazon Kindle For PC v1.1
AMD Accelerated Video Transcoding
AMD APP SDK Runtime
AMD Catalyst Install Manager
AMD Drag and Drop Transcoding
AMD Fuel
AMD Media Foundation Decoders
AMD Steady Video Plug-In
AMD VISION Engine Control Center
Apple Application Support
Apple Mobile Device Support
Apple Software Update
Atheros Communications Inc.® AR81Family Gigabit/Fast Ethernet Driver
Bejeweled 2 Deluxe
Bonjour
Cake Mania - Lights, Camera, Action!™
Catalyst Control Center - Branding
Catalyst Control Center Graphics Previews Common
Catalyst Control Center InstallProxy
Catalyst Control Center Localization All
ccc-utility64
CCC Help Chinese Standard
CCC Help Chinese Traditional
CCC Help Czech
CCC Help Danish
CCC Help Dutch
CCC Help English
CCC Help Finnish
CCC Help French
CCC Help German
CCC Help Greek
CCC Help Hungarian
CCC Help Italian
CCC Help Japanese
CCC Help Korean
CCC Help Norwegian
CCC Help Polish
CCC Help Portuguese
CCC Help Russian
CCC Help Spanish
CCC Help Swedish
CCC Help Thai
CCC Help Turkish
Chuzzle Deluxe
Cisco EAP-FAST Module
Cisco LEAP Module
Cisco PEAP Module
Conexant HD Audio
D3DX10
DAEMON Tools Lite
Epson Event Manager
EPSON NX110 Series Printer Uninstall
EPSON Scan
FATE - The Traitor Soul
ffdshow [rev 3154] [2009-12-09]
Game Booster 3
Google Update Helper
Governor of Poker 2 Premium Edition
Grand Theft Auto IV
IE搜索助手
iTunes
Java Auto Updater
Java™ 6 Update 20
Jewel Quest - Heritage
Junk Mail filter update
League of Legends
Malwarebytes Anti-Malware version 1.70.0.1100
Mesh Runtime
Messenger Companion
Microsoft .NET Framework 4 Client Profile
Microsoft Application Error Reporting
Microsoft Games for Windows - LIVE Redistributable
Microsoft Office 2007 Service Pack 3 (SP3)
Microsoft Office 2010
Microsoft Office Access MUI (Chinese (Simplified)) 2007
Microsoft Office Access MUI (English) 2007
Microsoft Office Access Setup Metadata MUI (English) 2007
Microsoft Office Click-to-Run 2010
Microsoft Office Enterprise 2007
Microsoft Office Excel 2007 Help 更新 (KB963678)
Microsoft Office Excel MUI (Chinese (Simplified)) 2007
Microsoft Office Excel MUI (English) 2007
Microsoft Office File Validation Add-In
Microsoft Office Groove MUI (English) 2007
Microsoft Office Groove Setup Metadata MUI (Chinese (Simplified)) 2007
Microsoft Office Groove Setup Metadata MUI (English) 2007
Microsoft Office Home and Business 2010 - English
Microsoft Office IME (Chinese (Simplified)) 2007
Microsoft Office InfoPath MUI (Chinese (Simplified)) 2007
Microsoft Office InfoPath MUI (English) 2007
Microsoft Office Office 64-bit Components 2007
Microsoft Office OneNote MUI (Chinese (Simplified)) 2007
Microsoft Office OneNote MUI (English) 2007
Microsoft Office Outlook 2007 Help 更新 (KB963677)
Microsoft Office Outlook MUI (Chinese (Simplified)) 2007
Microsoft Office Outlook MUI (English) 2007
Microsoft Office Powerpoint 2007 Help 更新 (KB963669)
Microsoft Office PowerPoint MUI (Chinese (Simplified)) 2007
Microsoft Office PowerPoint MUI (English) 2007
Microsoft Office Proof (Chinese (Simplified)) 2007
Microsoft Office Proof (English) 2007
Microsoft Office Proof (French) 2007
Microsoft Office Proof (Spanish) 2007
Microsoft Office Proofing (Chinese (Simplified)) 2007
Microsoft Office Proofing (English) 2007
Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
Microsoft Office Publisher MUI (Chinese (Simplified)) 2007
Microsoft Office Publisher MUI (English) 2007
Microsoft Office Shared 64-bit MUI (Chinese (Simplified)) 2007
Microsoft Office Shared 64-bit MUI (English) 2007
Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2007
Microsoft Office Shared MUI (Chinese (Simplified)) 2007
Microsoft Office Shared MUI (English) 2007
Microsoft Office Shared Setup Metadata MUI (English) 2007
Microsoft Office Word 2007 Help 更新 (KB963665)
Microsoft Office Word MUI (Chinese (Simplified)) 2007
Microsoft Office Word MUI (English) 2007
Microsoft Primary Interoperability Assemblies 2005
Microsoft Silverlight
Microsoft SQL Server 2005 Compact Edition [ENU]
Microsoft Visual C++ 2005 Redistributable
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.30319
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.30319
Mozilla Firefox 18.0.1 (x86 en-US)
Mozilla Maintenance Service
MSVCRT
MSVCRT_amd64
Mystery P.I. - The London Caper
Pando Media Booster
Plants vs. Zombies - Game of the Year
PlayReady PC Runtime amd64
Polar Bowler
Realtek USB 2.0 Reader Driver
Realtek WLAN Driver
SancMedia
Security Update for Microsoft .NET Framework 4 Client Profile (KB2478663)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2518870)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2539636)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2572078)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2604121)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2633870)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656351)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2729449)
Security Update for Microsoft Office 2007 suites (KB2596615) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2596672) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2596754) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2596785) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2596792) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2596871) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2597969) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2687311) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2687439) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2687441) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2760416) 32-Bit Edition
Security Update for Microsoft Office Excel 2007 (KB2687307) 32-Bit Edition
Security Update for Microsoft Office InfoPath 2007 (KB2687440) 32-Bit Edition
Security Update for Microsoft Office PowerPoint 2007 (KB2596764) 32-Bit Edition
Security Update for Microsoft Office PowerPoint 2007 (KB2596912) 32-Bit Edition
Security Update for Microsoft Office Publisher 2007 (KB2596705) 32-Bit Edition
Security Update for Microsoft Office Word 2007 (KB2760421) 32-Bit Edition
Skype 6.0
Slingo Supreme
Synaptics Pointing Device Driver
TOSHIBA Assist
TOSHIBA Bulletin Board
TOSHIBA ConfigFree
TOSHIBA Disc Creator
TOSHIBA eco Utility
TOSHIBA Face Recognition
TOSHIBA Hardware Setup
TOSHIBA HDD/SSD Alert
TOSHIBA Media Controller
TOSHIBA PC Health Monitor
TOSHIBA Recovery Media Creator
TOSHIBA ReelTime
TOSHIBA Service Station
TOSHIBA Sleep Utility
TOSHIBA Speech System Applications
TOSHIBA Speech System SR Engine(U.S.) Version1.0
TOSHIBA Speech System TTS Engine(U.S.) Version1.0
TOSHIBA Supervisor Password
TOSHIBA Value Added Package
TOSHIBA Web Camera Application
TOSHIBA Wireless LAN Indicator
Update for 2007 Microsoft Office System (KB967642)
Update for Microsoft .NET Framework 4 Client Profile (KB2468871)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523)
Update for Microsoft .NET Framework 4 Client Profile (KB2600217)
Update for Microsoft Office 2007 Help for Common Features (KB963673)
Update for Microsoft Office 2007 suites (KB2596660) 32-Bit Edition
Update for Microsoft Office 2007 suites (KB2596848) 32-Bit Edition
Update for Microsoft Office 2007 suites (KB2597998) 32-Bit Edition
Update for Microsoft Office Access 2007 Help (KB963663)
Update for Microsoft Office Excel 2007 Help (KB963678)
Update for Microsoft Office Infopath 2007 Help (KB963662)
Update for Microsoft Office OneNote 2007 Help (KB963670)
Update for Microsoft Office Outlook 2007 (KB2687404) 32-Bit Edition
Update for Microsoft Office Outlook 2007 Help (KB963677)
Update for Microsoft Office Powerpoint 2007 Help (KB963669)
Update for Microsoft Office Publisher 2007 Help (KB963667)
Update for Microsoft Office Script Editor Help (KB963671)
Update for Microsoft Office Word 2007 Help (KB963665)
WildTangent Games
WildTangent ORB Game Console
Windows Live Communications Platform
Windows Live Essentials
Windows Live Family Safety
Windows Live ID Sign-in Assistant
Windows Live Installer
Windows Live Language Selector
Windows Live Mail
Windows Live Mesh
Windows Live Mesh ActiveX Control for Remote Connections
Windows Live Messenger
Windows Live Messenger Companion Core
Windows Live MIME IFilter
Windows Live Movie Maker
Windows Live Photo Common
Windows Live Photo Gallery
Windows Live PIMT Platform
Windows Live Remote Client
Windows Live Remote Client Resources
Windows Live Remote Service
Windows Live Remote Service Resources
Windows Live SOXE
Windows Live SOXE Definitions
Windows Live UX Platform
Windows Live UX Platform Language Pack
Windows Live Writer
Windows Live Writer Resources
WinRAR 4.20 (64-bit)
.
==== Event Viewer Messages From Past Week ========
.
1/24/2013 3:50:45 PM, Error: Service Control Manager [7023] - The Windows Defender service terminated with the following error: The specified module could not be found.
1/24/2013 3:48:18 PM, Error: Service Control Manager [7001] - The Windows Firewall service depends on the Windows Firewall Authorization Driver service which failed to start because of the following error: Cannot create a file when that file already exists.
1/24/2013 3:48:18 PM, Error: Service Control Manager [7000] - The Windows Firewall Authorization Driver service failed to start due to the following error: Cannot create a file when that file already exists.
1/23/2013 7:10:43 PM, Error: Service Control Manager [7031] - The Apple Mobile Device service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service.
1/23/2013 7:09:57 PM, Error: Service Control Manager [7034] - The Tencent SOSO Update Service service terminated unexpectedly. It has done this 1 time(s).
1/23/2013 7:08:25 PM, Error: Microsoft-Windows-Application-Experience [205] - The Program Compatibility Assistant service failed to perform the phase two initialization.
1/23/2013 7:08:02 PM, Error: Microsoft-Windows-WMPNSS-Service [14332] - Service 'WMPNetworkSvc' did not start correctly because CoCreateInstance(CLSID_UPnPDeviceFinder) encountered error '0x80004005'. Verify that the UPnPHost service is running and that the UPnPHost component of Windows is installed properly.
1/23/2013 7:02:54 PM, Error: Service Control Manager [7009] - A timeout was reached (30000 milliseconds) while waiting for the Windows Installer service to connect.
1/23/2013 7:02:54 PM, Error: Service Control Manager [7000] - The Windows Installer service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion.
1/23/2013 7:01:43 PM, Error: Microsoft-Windows-WindowsUpdateClient [20] - Installation Failure: Windows failed to install the following update with error 0x800706ba: Update for Windows 7 for x64-based Systems (KB2739159).
1/23/2013 7:01:43 PM, Error: Microsoft-Windows-WindowsUpdateClient [20] - Installation Failure: Windows failed to install the following update with error 0x800706ba: Update for Microsoft Office Outlook 2007 Junk Email Filter (KB2760586).
1/23/2013 7:01:43 PM, Error: Microsoft-Windows-WindowsUpdateClient [20] - Installation Failure: Windows failed to install the following update with error 0x800706ba: Security Update for Windows 7 for x64-based Systems (KB2769369).
1/23/2013 7:01:43 PM, Error: Microsoft-Windows-WindowsUpdateClient [20] - Installation Failure: Windows failed to install the following update with error 0x800706ba: Security Update for Windows 7 for x64-based Systems (KB2658846).
1/23/2013 7:01:43 PM, Error: Microsoft-Windows-WindowsUpdateClient [20] - Installation Failure: Windows failed to install the following update with error 0x800706ba: Security Update for Microsoft .NET Framework 3.5.1 on Windows 7 and Windows Server 2008 R2 SP1 for x64-based Systems (KB2756921).
1/23/2013 7:00:54 PM, Error: Service Control Manager [7031] - The Windows Installer service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 120000 milliseconds: Restart the service.
1/23/2013 7:00:39 PM, Error: Microsoft-Windows-WindowsUpdateClient [20] - Installation Failure: Windows failed to install the following update with error 0x800706be: Windows Malicious Software Removal Tool x64 - January 2013 (KB890830).
1/23/2013 7:00:39 PM, Error: Microsoft-Windows-WindowsUpdateClient [20] - Installation Failure: Windows failed to install the following update with error 0x800706ba: Update for Windows 7 for x64-based Systems (KB2779562).
1/23/2013 7:00:39 PM, Error: Microsoft-Windows-WindowsUpdateClient [20] - Installation Failure: Windows failed to install the following update with error 0x800706ba: Update for Windows 7 for x64-based Systems (KB2763523).
1/23/2013 7:00:39 PM, Error: Microsoft-Windows-WindowsUpdateClient [20] - Installation Failure: Windows failed to install the following update with error 0x800706ba: Update for Windows 7 for x64-based Systems (KB2718704).
1/23/2013 7:00:39 PM, Error: Microsoft-Windows-WindowsUpdateClient [20] - Installation Failure: Windows failed to install the following update with error 0x800706ba: Update for Kernel-Mode Driver Framework version 1.11 for Windows 7 for x64-based Systems (KB2685811).
1/23/2013 7:00:39 PM, Error: Microsoft-Windows-WindowsUpdateClient [20] - Installation Failure: Windows failed to install the following update with error 0x800706ba: Security Update for Microsoft Office 2007 suites (KB2687499).
1/23/2013 7:00:39 PM, Error: Microsoft-Windows-WindowsUpdateClient [20] - Installation Failure: Windows failed to install the following update with error 0x800706ba: Security Update for Microsoft Office 2007 suites (KB2596744).
1/23/2013 7:00:39 PM, Error: Microsoft-Windows-WindowsUpdateClient [20] - Installation Failure: Windows failed to install the following update with error 0x800706ba: Security Update for Microsoft .NET Framework 4 on XP, Server 2003, Vista, Windows 7, Server 2008, Server 2008 R2 for x64 (KB2742595).
1/23/2013 7:00:39 PM, Error: Microsoft-Windows-WindowsUpdateClient [20] - Installation Failure: Windows failed to install the following update with error 0x800706ba: Security Update for Microsoft .NET Framework 4 on XP, Server 2003, Vista, Windows 7, Server 2008, Server 2008 R2 for x64 (KB2737019).
1/23/2013 7:00:39 PM, Error: Microsoft-Windows-WindowsUpdateClient [20] - Installation Failure: Windows failed to install the following update with error 0x800706ba: Security Update for Internet Explorer 8 for Windows 7 for x64-based Systems (KB2799329).
1/23/2013 7:00:05 PM, Error: Service Control Manager [7034] - The MBAMScheduler service terminated unexpectedly. It has done this 1 time(s).
1/23/2013 5:49:47 PM, Error: Service Control Manager [7009] - A timeout was reached (30000 milliseconds) while waiting for the Windows Search service to connect.
1/23/2013 5:49:47 PM, Error: Service Control Manager [7000] - The Windows Search service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion.
1/22/2013 11:48:59 PM, Error: Microsoft-Windows-WindowsUpdateClient [20] - Installation Failure: Windows failed to install the following update with error 0x80070643: Definition Update for Windows Defender - KB915597 (Definition 1.143.502.0).
1/22/2013 11:37:20 PM, Error: Microsoft-Windows-WindowsUpdateClient [20] - Installation Failure: Windows failed to install the following update with error 0x80242016: Update for Windows 7 for x64-based Systems (KB2661254).
1/22/2013 11:37:20 PM, Error: Microsoft-Windows-WindowsUpdateClient [20] - Installation Failure: Windows failed to install the following update with error 0x80242016: Update for Windows 7 for x64-based Systems (KB2647753).
1/22/2013 11:37:20 PM, Error: Microsoft-Windows-WindowsUpdateClient [20] - Installation Failure: Windows failed to install the following update with error 0x80242016: Security Update for Windows 7 for x64-based Systems (KB2698365).
1/22/2013 11:37:20 PM, Error: Microsoft-Windows-WindowsUpdateClient [20] - Installation Failure: Windows failed to install the following update with error 0x80242016: Security Update for Windows 7 for x64-based Systems (KB2660649).
1/22/2013 11:37:20 PM, Error: Microsoft-Windows-WindowsUpdateClient [20] - Installation Failure: Windows failed to install the following update with error 0x80242016: Security Update for Microsoft .NET Framework 3.5.1 on Windows 7 and Windows Server 2008 R2 SP1 for x64-based Systems (KB2736422).
1/22/2013 11:37:19 PM, Error: Microsoft-Windows-WindowsUpdateClient [20] - Installation Failure: Windows failed to install the following update with error 0x80242016: Update for Windows 7 for x64-based Systems (KB2786081).
1/22/2013 11:37:19 PM, Error: Microsoft-Windows-WindowsUpdateClient [20] - Installation Failure: Windows failed to install the following update with error 0x80242016: Update for Windows 7 for x64-based Systems (KB2762895).
1/22/2013 11:37:19 PM, Error: Microsoft-Windows-WindowsUpdateClient [20] - Installation Failure: Windows failed to install the following update with error 0x80242016: Update for Windows 7 for x64-based Systems (KB2761217).
1/22/2013 11:37:19 PM, Error: Microsoft-Windows-WindowsUpdateClient [20] - Installation Failure: Windows failed to install the following update with error 0x80242016: Update for Windows 7 for x64-based Systems (KB2732500).
1/22/2013 11:37:19 PM, Error: Microsoft-Windows-WindowsUpdateClient [20] - Installation Failure: Windows failed to install the following update with error 0x80242016: Update for Windows 7 for x64-based Systems (KB2732487).
1/22/2013 11:37:19 PM, Error: Microsoft-Windows-WindowsUpdateClient [20] - Installation Failure: Windows failed to install the following update with error 0x80242016: Update for Windows 7 for x64-based Systems (KB2729094).
1/22/2013 11:37:19 PM, Error: Microsoft-Windows-WindowsUpdateClient [20] - Installation Failure: Windows failed to install the following update with error 0x80242016: Update for Windows 7 for x64-based Systems (KB2726535).
1/22/2013 11:37:19 PM, Error: Microsoft-Windows-WindowsUpdateClient [20] - Installation Failure: Windows failed to install the following update with error 0x80242016: Update for Windows 7 for x64-based Systems (KB2699779).
1/22/2013 11:37:19 PM, Error: Microsoft-Windows-WindowsUpdateClient [20] - Installation Failure: Windows failed to install the following update with error 0x80242016: Security Update for Windows 7 for x64-based Systems (KB2778930).
1/22/2013 11:37:19 PM, Error: Microsoft-Windows-WindowsUpdateClient [20] - Installation Failure: Windows failed to install the following update with error 0x80242016: Security Update for Windows 7 for x64-based Systems (KB2743555).
1/22/2013 11:37:19 PM, Error: Microsoft-Windows-WindowsUpdateClient [20] - Installation Failure: Windows failed to install the following update with error 0x80242016: Security Update for Windows 7 for x64-based Systems (KB2727528).
1/22/2013 11:37:19 PM, Error: Microsoft-Windows-WindowsUpdateClient [20] - Installation Failure: Windows failed to install the following update with error 0x80242016: Security Update for Windows 7 for x64-based Systems (KB2712808).
1/22/2013 11:37:19 PM, Error: Microsoft-Windows-WindowsUpdateClient [20] - Installation Failure: Windows failed to install the following update with error 0x80242016: Security Update for Windows 7 for x64-based Systems (KB2706045).
1/22/2013 11:37:19 PM, Error: Microsoft-Windows-WindowsUpdateClient [20] - Installation Failure: Windows failed to install the following update with error 0x80242016: Security Update for Windows 7 for x64-based Systems (KB2705219).
1/22/2013 11:37:19 PM, Error: Microsoft-Windows-WindowsUpdateClient [20] - Installation Failure: Windows failed to install the following update with error 0x80242016: Security Update for Windows 7 for x64-based Systems (KB2690533).
1/22/2013 11:37:19 PM, Error: Microsoft-Windows-WindowsUpdateClient [20] - Installation Failure: Windows failed to install the following update with error 0x80242016: Security Update for Windows 7 for x64-based Systems (KB2688338).
1/22/2013 11:37:19 PM, Error: Microsoft-Windows-WindowsUpdateClient [20] - Installation Failure: Windows failed to install the following update with error 0x80242016: Security Update for Windows 7 for x64-based Systems (KB2659262).
1/22/2013 11:37:19 PM, Error: Microsoft-Windows-WindowsUpdateClient [20] - Installation Failure: Windows failed to install the following update with error 0x80242016: Security Update for Windows 7 for x64-based Systems (KB2653956).
1/22/2013 11:37:19 PM, Error: Microsoft-Windows-WindowsUpdateClient [20] - Installation Failure: Windows failed to install the following update with error 0x80242016: Security Update for Microsoft .NET Framework 3.5.1 on Windows 7 and Windows Server 2008 R2 SP1 for x64-based Systems (KB2656411).
1/22/2013 11:37:19 PM, Error: Microsoft-Windows-WindowsUpdateClient [20] - Installation Failure: Windows failed to install the following update with error 0x800f0816: Security Update for Windows 7 for x64-based Systems (KB2621440).
1/22/2013 11:37:18 PM, Error: Microsoft-Windows-WindowsUpdateClient [20] - Installation Failure: Windows failed to install the following update with error 0x80242016: Update for Windows 7 for x64-based Systems (KB2786400).
1/22/2013 11:37:18 PM, Error: Microsoft-Windows-WindowsUpdateClient [20] - Installation Failure: Windows failed to install the following update with error 0x80242016: Update for Windows 7 for x64-based Systems (KB2773072).
1/22/2013 11:37:18 PM, Error: Microsoft-Windows-WindowsUpdateClient [20] - Installation Failure: Windows failed to install the following update with error 0x80242016: Update for Windows 7 for x64-based Systems (KB2749655).
1/22/2013 11:37:18 PM, Error: Microsoft-Windows-WindowsUpdateClient [20] - Installation Failure: Windows failed to install the following update with error 0x80242016: Update for Windows 7 for x64-based Systems (KB2732059).
1/22/2013 11:37:18 PM, Error: Microsoft-Windows-WindowsUpdateClient [20] - Installation Failure: Windows failed to install the following update with error 0x80242016: Update for User-Mode Driver Framework version 1.11 for Windows 7 for x64-based Systems (KB2685813).
1/22/2013 11:37:18 PM, Error: Microsoft-Windows-WindowsUpdateClient [20] - Installation Failure: Windows failed to install the following update with error 0x80242016: Security Update for Windows 7 for x64-based Systems (KB2753842).
1/22/2013 11:37:18 PM, Error: Microsoft-Windows-WindowsUpdateClient [20] - Installation Failure: Windows failed to install the following update with error 0x80242016: Security Update for Windows 7 for x64-based Systems (KB2685939).
1/22/2013 11:37:18 PM, Error: Microsoft-Windows-WindowsUpdateClient [20] - Installation Failure: Windows failed to install the following update with error 0x80242016: Security Update for Microsoft .NET Framework 3.5.1 on Windows 7 and Windows Server 2008 R2 SP1 for x64-based Systems (KB2742599).
1/22/2013 11:37:18 PM, Error: Microsoft-Windows-WindowsUpdateClient [20] - Installation Failure: Windows failed to install the following update with error 0x80242016: Security Update for Microsoft .NET Framework 3.5.1 on Windows 7 and Windows Server 2008 R2 SP1 for x64-based Systems (KB2729452).
1/22/2013 11:37:18 PM, Error: Microsoft-Windows-WindowsUpdateClient [20] - Installation Failure: Windows failed to install the following update with error 0x80242016: Security Update for Microsoft .NET Framework 3.5.1 on Windows 7 and Windows Server 2008 R2 SP1 for x64-based Systems (KB2604115).
1/22/2013 11:37:17 PM, Error: Microsoft-Windows-WindowsUpdateClient [20] - Installation Failure: Windows failed to install the following update with error 0x80242016: Update Rollup for ActiveX Killbits for Windows 7 for x64-based Systems (KB2736233).
1/22/2013 11:37:17 PM, Error: Microsoft-Windows-WindowsUpdateClient [20] - Installation Failure: Windows failed to install the following update with error 0x80242016: Update for Windows 7 for x64-based Systems (KB2750841).
1/22/2013 11:37:17 PM, Error: Microsoft-Windows-WindowsUpdateClient [20] - Installation Failure: Windows failed to install the following update with error 0x80242016: Update for Windows 7 for x64-based Systems (KB2735855).
1/22/2013 11:37:17 PM, Error: Microsoft-Windows-WindowsUpdateClient [20] - Installation Failure: Windows failed to install the following update with error 0x80242016: Update for Windows 7 for x64-based Systems (KB2709630).
1/22/2013 11:37:17 PM, Error: Microsoft-Windows-WindowsUpdateClient [20] - Installation Failure: Windows failed to install the following update with error 0x80242016: Security Update for Windows 7 for x64-based Systems (KB2785220).
1/22/2013 11:37:17 PM, Error: Microsoft-Windows-WindowsUpdateClient [20] - Installation Failure: Windows failed to install the following update with error 0x80242016: Security Update for Windows 7 for x64-based Systems (KB2770660).
1/22/2013 11:37:17 PM, Error: Microsoft-Windows-WindowsUpdateClient [20] - Installation Failure: Windows failed to install the following update with error 0x80242016: Security Update for Windows 7 for x64-based Systems (KB2758857).
1/22/2013 11:37:17 PM, Error: Microsoft-Windows-WindowsUpdateClient [20] - Installation Failure: Windows failed to install the following update with error 0x80242016: Security Update for Windows 7 for x64-based Systems (KB2757638).
1/22/2013 11:37:17 PM, Error: Microsoft-Windows-WindowsUpdateClient [20] - Installation Failure: Windows failed to install the following update with error 0x80242016: Security Update for Windows 7 for x64-based Systems (KB2667402).
1/22/2013 11:37:17 PM, Error: Microsoft-Windows-WindowsUpdateClient [20] - Installation Failure: Windows failed to install the following update with error 0x80242016: Security Update for Windows 7 for x64-based Systems (KB2655992).
1/22/2013 11:37:16 PM, Error: Microsoft-Windows-WindowsUpdateClient [20] - Installation Failure: Windows failed to install the following update with error 0x80242016: Update for Windows 7 for x64-based Systems (KB2779562).
1/22/2013 11:37:16 PM, Error: Microsoft-Windows-WindowsUpdateClient [20] - Installation Failure: Windows failed to install the following update with error 0x80242016: Update for Windows 7 for x64-based Systems (KB2763523).
1/22/2013 11:37:16 PM, Error: Microsoft-Windows-WindowsUpdateClient [20] - Installation Failure: Windows failed to install the following update with error 0x80242016: Update for Windows 7 for x64-based Systems (KB2741355).
1/22/2013 11:37:16 PM, Error: Microsoft-Windows-WindowsUpdateClient [20] - Installation Failure: Windows failed to install the following update with error 0x80242016: Update for Windows 7 for x64-based Systems (KB2739159).
1/22/2013 11:37:16 PM, Error: Microsoft-Windows-WindowsUpdateClient [20] - Installation Failure: Windows failed to install the following update with error 0x80242016: Update for Windows 7 for x64-based Systems (KB2719857).
1/22/2013 11:37:16 PM, Error: Microsoft-Windows-WindowsUpdateClient [20] - Installation Failure: Windows failed to install the following update with error 0x80242016: Update for Windows 7 for x64-based Systems (KB2718704).
1/22/2013 11:37:16 PM, Error: Microsoft-Windows-WindowsUpdateClient [20] - Installation Failure: Windows failed to install the following update with error 0x80242016: Update for Kernel-Mode Driver Framework version 1.11 for Windows 7 for x64-based Systems (KB2685811).
1/22/2013 11:37:16 PM, Error: Microsoft-Windows-WindowsUpdateClient [20] - Installation Failure: Windows failed to install the following update with error 0x80242016: Security Update for Windows 7 for x64-based Systems (KB2769369).
1/22/2013 11:37:16 PM, Error: Microsoft-Windows-WindowsUpdateClient [20] - Installation Failure: Windows failed to install the following update with error 0x80242016: Security Update for Windows 7 for x64-based Systems (KB2724197).
1/22/2013 11:37:16 PM, Error: Microsoft-Windows-WindowsUpdateClient [20] - Installation Failure: Windows failed to install the following update with error 0x80242016: Security Update for Windows 7 for x64-based Systems (KB2691442).
1/22/2013 11:37:16 PM, Error: Microsoft-Windows-WindowsUpdateClient [20] - Installation Failure: Windows failed to install the following update with error 0x80242016: Security Update for Windows 7 for x64-based Systems (KB2676562).
1/22/2013 11:37:16 PM, Error: Microsoft-Windows-WindowsUpdateClient [20] - Installation Failure: Windows failed to install the following update with error 0x80242016: Security Update for Windows 7 for x64-based Systems (KB2658846).
1/22/2013 11:37:16 PM, Error: Microsoft-Windows-WindowsUpdateClient [20] - Installation Failure: Windows failed to install the following update with error 0x80242016: Security Update for Microsoft .NET Framework 3.5.1 on Windows 7 and Windows Server 2008 R2 SP1 for x64-based Systems (KB2756921).
1/22/2013 11:37:16 PM, Error: Microsoft-Windows-WindowsUpdateClient [20] - Installation Failure: Windows failed to install the following update with error 0x80242016: Security Update for Internet Explorer 8 for Windows 7 for x64-based Systems (KB2799329).
1/22/2013 11:37:16 PM, Error: Microsoft-Windows-WindowsUpdateClient [20] - Installation Failure: Windows failed to install the following update with error 0x80242016: Cumulative Security Update for Internet Explorer 8 for Windows 7 for x64-based Systems (KB2761465).
1/21/2013 11:53:03 AM, Error: Service Control Manager [7001] - The IPsec Policy Agent service depends on the Base Filtering Engine service which failed to start because of the following error: Access is denied.
1/21/2013 11:53:02 AM, Error: Service Control Manager [7001] - The IKE and AuthIP IPsec Keying Modules service depends on the Base Filtering Engine service which failed to start because of the following error: Access is denied.
1/21/2013 11:53:01 AM, Error: Service Control Manager [7023] - The Base Filtering Engine service terminated with the following error: Access is denied.
1/21/2013 11:53:01 AM, Error: Service Control Manager [7001] - The Windows Firewall service depends on the Base Filtering Engine service which failed to start because of the following error: Access is denied.
1/21/2013 11:01:19 AM, Error: Service Control Manager [7003] - The IPsec Policy Agent service depends the following service: BFE. This service might not be installed.
1/21/2013 11:01:19 AM, Error: Service Control Manager [7003] - The IKE and AuthIP IPsec Keying Modules service depends the following service: BFE. This service might not be installed.
1/21/2013 11:01:18 AM, Error: Service Control Manager [7023] - The Computer Browser service terminated with the following error: The specified service does not exist as an installed service.
1/20/2013 9:44:05 PM, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the SSDPSRV service.
1/20/2013 9:44:05 PM, Error: Service Control Manager [7000] - The SSDP Discovery service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion.
1/20/2013 9:44:05 PM, Error: Microsoft-Windows-WMPNSS-Service [14332] - Service 'WMPNetworkSvc' did not start correctly because CoCreateInstance(CLSID_UPnPDeviceFinder) encountered error '0x8007041d'. Verify that the UPnPHost service is running and that the UPnPHost component of Windows is installed properly.
1/20/2013 9:43:21 PM, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the upnphost service.
1/20/2013 9:42:50 PM, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the FDResPub service.
1/20/2013 11:06:07 PM, Error: Schannel [36887] - The following fatal alert was received: 80.
1/20/2013 11:02:20 PM, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the FontCache service.
1/20/2013 11:02:20 PM, Error: Service Control Manager [7000] - The Windows Font Cache Service service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion.
1/17/2013 10:48:07 PM, Error: Service Control Manager [7000] - The UPnP Device Host service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion.
1/17/2013 10:47:37 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1053" attempting to start the service upnphost with arguments "" in order to run the server: {204810B9-73B2-11D4-BF42-00B0D0118B56}
.
==== End Of File ===========================

Report from Security Check (Checkup.txt):

Results of screen317's Security Check version 0.99.57
Windows 7 Service Pack 1 x64 (UAC is enabled)
Internet Explorer 8 Out of date!
``````````````Antivirus/Firewall Check:``````````````
WMI entry may not exist for antivirus; attempting automatic update.
`````````Anti-malware/Other Utilities Check:`````````
Malwarebytes Anti-Malware version 1.70.0.1100
Java™ 6 Update 20
Java version out of Date!
Adobe Flash Player 11.5.502.146
Adobe Reader 9 Adobe Reader out of Date!
Mozilla Firefox (18.0.1)
Google Chrome 24.0.1312.56
````````Process Check: objlist.exe by Laurent````````
Malwarebytes' Anti-Malware mbamscheduler.exe
`````````````````System Health check`````````````````
Total Fragmentation on Drive C: 11% Defragment your hard drive soon! (Do NOT defrag if SSD!)
````````````````````End of Log``````````````````````

#4 gringo_pr

gringo_pr

    Bleepin Gringo


  • Malware Response Team
  • 136,772 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Puerto rico
  • Local time:01:49 AM

Posted 24 January 2013 - 08:48 PM

Hello


These are the programs I would like you to run next, if you have any problems with these just skip it and run the next one.


-AdwCleaner-

  • Please download AdwCleaner by Xplode onto your desktop.
  • Close all open programs and internet browsers.
  • Double click on AdwCleaner.exe to run the tool.
  • Click on Delete.
  • Confirm each time with Ok.
  • Your computer will be rebooted automatically. A text file will open after the restart.
  • Please post the content of that logfile with your next answer.
  • You can find the logfile at C:\AdwCleaner[S1].txt as well.

--RogueKiller--

  • Download & SAVE to your Desktop RogueKiller or from here
  • Quit all programs that you may have started.
  • Please disconnect any USB or external drives from the computer before you run this scan!
  • For Vista or Windows 7, right-click and select "Run as Administrator to start"
  • For Windows XP, double-click to start.
  • Wait until Prescan has finished ...
  • Then Click on "Scan" button
  • Wait until the Status box shows "Scan Finished"
  • click on "delete"
  • Wait until the Status box shows "Deleting Finished"
  • Click on "Report" and copy/paste the content of the Notepad into your next reply.
  • The log should be found in RKreport[1].txt on your Desktop
  • Exit/Close RogueKiller+

Gringo
I Close My Topics If You Have Not Replied In 5 Days If You Will Be Longer Please Let Me Know

If I Have Not Replied To One Of My Topics In 48 Hrs Please Bump The Topic



My help is free, however, if you wish to make a small donation to show your appreciation or to help me continue the fight against Malware, then click here -->btn_donate_SM.gif<-- Don't worry every little bit helps.

Proud Graduate Of Malware Removal University

#5 Mr.Problem

Mr.Problem
  • Topic Starter

  • Members
  • 30 posts
  • OFFLINE
  •  
  • Local time:09:49 PM

Posted 24 January 2013 - 11:28 PM

Log from ADWCleaner:

# AdwCleaner v2.108 - Logfile created 01/24/2013 at 19:57:33
# Updated 24/01/2013 by Xplode
# Operating system : Windows 7 Home Premium Service Pack 1 (64 bits)
# User : Administrator - JAY-PC
# Boot Mode : Normal
# Running from : C:\Users\Administrator.Toshiba\Desktop\adwcleaner.exe
# Option [Delete]


***** [Services] *****


***** [Files / Folders] *****

File Deleted : C:\Program Files (x86)\Mozilla Firefox\searchplugins\babylon.xml
File Deleted : C:\user.js
Folder Deleted : C:\Program Files (x86)\Common Files\spigot
Folder Deleted : C:\Program Files (x86)\Conduit
Folder Deleted : C:\ProgramData\Babylon
Folder Deleted : C:\ProgramData\InstallMate
Folder Deleted : C:\ProgramData\Partner
Folder Deleted : C:\ProgramData\Premium
Folder Deleted : C:\Users\Administrator.Toshiba\AppData\Local\Google\Chrome\User Data\Default\Extensions\jpmbfleldcgkldadpdinhjjopdfpjfjp

***** [Registry] *****

Key Deleted : HKCU\Software\AppDataLow\Software\Conduit
Key Deleted : HKCU\Software\AppDataLow\Software\SmartBar
Key Deleted : HKCU\Software\AppDataLow\TENCENT
Key Deleted : HKCU\Software\Conduit
Key Deleted : HKCU\Software\InstallCore
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{2EECD738-5844-4A99-B4B6-146BF802613B}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{83FF80F4-8C74-4B80-B5BA-C8DDD434E5C4}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{97F2FF5B-260C-4CCF-834A-2DDA4E29E39E}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{98889811-442D-49DD-99D7-DC866BE87DBC}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{A6174F27-1FFF-E1D6-A93F-BA48AD5DD448}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{D4027C7F-154A-4066-A1AD-4243D8127440}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{2EECD738-5844-4A99-B4B6-146BF802613B}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{83FF80F4-8C74-4B80-B5BA-C8DDD434E5C4}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{97F2FF5B-260C-4CCF-834A-2DDA4E29E39E}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{98889811-442D-49DD-99D7-DC866BE87DBC}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{A6174F27-1FFF-E1D6-A93F-BA48AD5DD448}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{D4027C7F-154A-4066-A1AD-4243D8127440}
Key Deleted : HKCU\Software\Softonic
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4D79-A620-CCE0C0A66CC9}
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{67A2568C-7A0A-4EED-AECC-B5405DE63B64}
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{AFDBDDAA-5D3F-42EE-B79C-185A7020515B}
Key Deleted : HKLM\Software\Babylon
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{09C554C3-109B-483C-A06B-F14172F1A947}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{BDB69379-802F-4EAF-B541-F8DE92DD98DB}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{D616A4A2-7B38-4DBC-9093-6FE7A4A21B17}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\escort.DLL
Key Deleted : HKLM\SOFTWARE\Classes\Prod.cap
Key Deleted : HKLM\SOFTWARE\Classes\Toolbar.CT3072253
Key Deleted : HKLM\Software\Conduit
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\MyBabylontb_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\MyBabylontb_RASMANCS
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\wajam_install_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\wajam_install_RASMANCS
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\WajamUpdater_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\WajamUpdater_RASMANCS
Key Deleted : HKLM\Software\TENCENT
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{2EECD738-5844-4A99-B4B6-146BF802613B}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{3C471948-F874-49F5-B338-4F214A2EE0B1}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{E46C8196-B634-44A1-AF6E-957C64278AB1}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\jpmbfleldcgkldadpdinhjjopdfpjfjp
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{67A2568C-7A0A-4EED-AECC-B5405DE63B64}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{AFDBDDAA-5D3F-42EE-B79C-185A7020515B}
Key Deleted : HKLM\SYSTEM\CurrentControlSet\Services\Eventlog\Application\WajamUpdater
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{431532BD-0AE1-4ABC-BE8C-919F3D1332E2}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{44C3C1DB-2127-433C-98EC-4C9412B5FC3A}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{4D5132DD-BB2B-4249-B5E0-D145A8C982E1}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{706D4A4B-184A-4434-B331-296B07493D2D}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{8BE10F21-185F-4CA0-B789-9921674C3993}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{94C0B25D-3359-4B10-B227-F96A77DB773F}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{B0B75FBA-7288-4FD3-A9EB-7EE27FA65599}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{B173667F-8395-4317-8DD6-45AD1FE00047}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{B32672B3-F656-46E0-B584-FE61C0BB6037}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{BFE569F7-646C-4512-969B-9BE3E580D393}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{C2434722-5C85-4CA0-BA69-1B67E7AB3D68}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{C2996524-2187-441F-A398-CD6CB6B3D020}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{E047E227-5342-4D94-80F7-CFB154BF55BD}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{E3F79BE9-24D4-4F4D-8C13-DF2C9899F82E}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{E77EEF95-3E83-4BB8-9C0D-4A5163774997}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{67A2568C-7A0A-4EED-AECC-B5405DE63B64}
Key Deleted : HKLM\SOFTWARE\Software
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{D4027C7F-154A-4066-A1AD-4243D8127440}]

***** [Internet Browsers] *****

-\\ Internet Explorer v8.0.7601.17514

Replaced : [HKLM\SOFTWARE\Microsoft\Internet Explorer\AboutURls - Tabs] = hxxp://search.babylon.com/?AF=109980&babsrc=NT_ss&mntrId=282ed3ab000000000000e89a8f5d4793 --> hxxp://www.google.com

-\\ Mozilla Firefox v18.0.1 (en-US)

-\\ Google Chrome v [Unable to get version]

*************************

AdwCleaner[S1].txt - [6503 octets] - [24/01/2013 19:57:33]

########## EOF - C:\AdwCleaner[S1].txt - [6563 octets] ##########

Log from RogueKiller:

VRogueKiller V8.4.3 [Jan 24 2013] by Tigzy
mail : tigzyRK<at>gmail<dot>com
Feedback : http://www.geekstogo.com/forum/files/file/413-roguekiller/
Website : http://tigzy.geekstogo.com/roguekiller.php
Blog : http://tigzyrk.blogspot.com/

Operating System : Windows 7 (6.1.7601 Service Pack 1) 64 bits version
Started in : Normal mode
User : Administrator [Admin rights]
Mode : Scan -- Date : 01/24/2013 20:06:11
| ARK || MBR |

い Bad processes : 2 い
[DLL] rundll32.exe -- C:\Windows\System32\rundll32.exe : C:\Users\Administrator.Toshiba\AppData\Local\Temp\scfere.dll -> KILLED [TermProc]
[DLL] rundll32.exe -- C:\Windows\SysWOW64\rundll32.exe : C:\Users\Administrator.Toshiba\AppData\Local\Temp\scfere.dll -> KILLED [TermProc]

い Registry Entries : 18 い
[RUN][SUSP PATH] HKCU\[...]\Run : ACFinder ("C:\Users\Administrator.Toshiba\AppData\Local\AppCore\ACFinder\ACFinder.exe") -> FOUND
[RUN][SUSP PATH] HKLM\[...]\Run : wicats (rundll32.exe "C:\Users\ADMINI~1.TOS\AppData\Local\Temp\wicats.dll",PreprocessShaderFromResourceW) -> FOUND
[RUN][SUSP PATH] HKLM\[...]\Run : scfere (rundll32.exe "C:\Users\ADMINI~1.TOS\AppData\Local\Temp\scfere.dll",D3D9ResourceGetMappedArray) -> FOUND
[RUN][SUSP PATH] HKUS\S-1-5-21-1452266003-2859470017-3219035066-500[...]\Run : ACFinder ("C:\Users\Administrator.Toshiba\AppData\Local\AppCore\ACFinder\ACFinder.exe") -> FOUND
[HJPOL] HKCU\[...]\System : DisableTaskMgr (0) -> FOUND
[HJPOL] HKLM\[...]\System : DisableTaskMgr (0) -> FOUND
[HJPOL] HKLM\[...]\Wow6432Node\System : DisableTaskMgr (0) -> FOUND
[HJ SMENU] HKCU\[...]\Advanced : Start_ShowMyDocs (0) -> FOUND
[HJ SMENU] HKCU\[...]\Advanced : Start_ShowRecentDocs (0) -> FOUND
[HJ SMENU] HKCU\[...]\Advanced : Start_ShowUser (0) -> FOUND
[HJ SMENU] HKCU\[...]\Advanced : Start_ShowHelp (0) -> FOUND
[HJ SMENU] HKCU\[...]\Advanced : Start_ShowRun (0) -> FOUND
[HJ SMENU] HKCU\[...]\Advanced : Start_TrackProgs (0) -> FOUND
[HJ DESK] HKCU\[...]\ClassicStartMenu : {59031a47-3f72-44a7-89c5-5595fe6b30ee} (1) -> FOUND
[HJ DESK] HKCU\[...]\ClassicStartMenu : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> FOUND
[HJ DESK] HKCU\[...]\ClassicStartMenu : {645FF040-5081-101B-9F08-00AA002F954E} (1) -> FOUND
[HJ DESK] HKLM\[...]\NewStartPanel : {59031a47-3f72-44a7-89c5-5595fe6b30ee} (1) -> FOUND
[HJ DESK] HKLM\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> FOUND

い Particular Files / Folders: い
[ZeroAccess][FILE] Desktop.ini : C:\windows\Assembly\GAC_32\Desktop.ini --> FOUND
[ZeroAccess][FILE] Desktop.ini : C:\windows\Assembly\GAC_64\Desktop.ini --> FOUND

い Driver : [NOT LOADED] い

い Infection : ZeroAccess い
[ZeroAccess] sys32\consrv.dll present!

い HOSTS File: い
--> C:\windows\system32\drivers\etc\hosts

127.0.0.1 localhost
::1 localhost
67.215.245.19 www.google-analytics.com.
67.215.245.19 ad-emea.doubleclick.net.
67.215.245.19 www.statcounter.com.
108.163.215.51 www.google-analytics.com.
108.163.215.51 ad-emea.doubleclick.net.
108.163.215.51 www.statcounter.com.


い MBR Check: い

+++++ PhysicalDrive0: TOSHIBA MK5075GSX ATA Device +++++
--- User ---
[MBR] 784829e5a8825b97be3f172211daece1
[BSP] 63df75d56f41ec6a169e7a22f6d68221 : Windows Vista MBR Code
Partition table:
0 - [ACTIVE] ACER (0x27) [VISIBLE] Offset (sectors): 2048 | Size: 1500 Mo
1 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 3074048 | Size: 463319 Mo
3 - [XXXXXX] NTFS (0x17) [HIDDEN!] Offset (sectors): 951951360 | Size: 12120 Mo
User = LL1 ... OK!
User = LL2 ... OK!

Finished : << RKreport[1]_S_01242013_02d2006.txt >>
RKreport[1]_S_01242013_02d2006.txt



Also, after the RogueKiller scan, there was line of text with a exclamation sign saying ZeroAccess, and then Firefox popped up and brought me to a roguekiller website that had some information about ZeroAccess as a rootkit or something.

#6 gringo_pr

gringo_pr

    Bleepin Gringo


  • Malware Response Team
  • 136,772 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Puerto rico
  • Local time:01:49 AM

Posted 25 January 2013 - 12:13 AM

Hello

I Would like you to do the following.

Please print out or make a copy in notepad of any instructions given, as sometimes it is necessary to go offline and you will lose access to them.

Run Combofix:

You may be asked to install or update the Recovery Console (Win XP Only) if this happens please allow it to do so (you will need to be connected to the internet for this)

Before you run Combofix I will need you to turn off any security software you have running, If you do not know how to do this you can find out >here< or >here<

Combofix may need to reboot your computer more than once to do its job this is normal.

You can download Combofix from one of these links. I want you to save it to the desktop and run it from there.
Link 1
Link 2
Link 3
1. Close any open browsers or any other programs that are open.
2. Close/disable all anti virus and anti malware programs so they do not interfere with the running of ComboFix.

Double click on combofix.exe & follow the prompts.
When finished, it will produce a report for you.

Note 1: Do not mouseclick combofix's window while it's running. That may cause it to stall

Note 2: If you receive an error "Illegal operation attempted on a registry key that has been marked for deletion." Please restart the computer

"information and logs"

  • In your next post I need the following
  • Log from Combofix
  • let me know of any problems you may have had
  • How is the computer doing now?

Gringo
I Close My Topics If You Have Not Replied In 5 Days If You Will Be Longer Please Let Me Know

If I Have Not Replied To One Of My Topics In 48 Hrs Please Bump The Topic



My help is free, however, if you wish to make a small donation to show your appreciation or to help me continue the fight against Malware, then click here -->btn_donate_SM.gif<-- Don't worry every little bit helps.

Proud Graduate Of Malware Removal University

#7 Mr.Problem

Mr.Problem
  • Topic Starter

  • Members
  • 30 posts
  • OFFLINE
  •  
  • Local time:09:49 PM

Posted 25 January 2013 - 01:09 AM

Alright... So I used combofix and after the first reboot a error popped up and said "Illegal operation attempted on a registry key that has been marked for deletion.", so I restarted the computer. But after restarting it it said windows was unable to start and it led to a startup repair...

#8 gringo_pr

gringo_pr

    Bleepin Gringo


  • Malware Response Team
  • 136,772 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Puerto rico
  • Local time:01:49 AM

Posted 25 January 2013 - 02:28 AM

Hello

download Farbar Recovery Scan Tool x64 and save it to a flash drive.

Plug the flashdrive into the infected PC.

Enter System Recovery Options.

To enter System Recovery Options from the Advanced Boot Options:
  • Restart the computer.
  • As soon as the BIOS is loaded begin tapping the F8 key until Advanced Boot Options appears.
  • Use the arrow keys to select the Repair your computer menu item.
  • Select US as the keyboard language settings, and then click Next.
  • Select the operating system you want to repair, and then click Next.
  • Select your user account an click Next.

To enter System Recovery Options by using Windows installation disc:
  • Insert the installation disc.
  • Restart your computer.
  • If prompted, press any key to start Windows from the installation disc. If your computer is not configured to start from a CD or DVD, check your BIOS settings.
  • Click Repair your computer.
  • Select US as the keyboard language settings, and then click Next.
  • Select the operating system you want to repair, and then click Next.
  • Select your user account and click Next.
On the System Recovery Options menu you will get the following options:
Startup Repair
System Restore
Windows Complete PC Restore
Windows Memory Diagnostic Tool
Command Prompt
[*]Select Command Prompt
[*]In the command window type in notepad and press Enter.
[*]The notepad opens. Under File menu select Open.
[*]Select "Computer" and find your flash drive letter and close the notepad.
[*]In the command window type e:\frst64.exe and press Enter
Note: Replace letter e with the drive letter of your flash drive.
[*]The tool will start to run.
[*]When the tool opens click Yes to disclaimer.

[*]First Press the Scan button.
[*]It will make a log (FRST.txt)

[*]Second Type the following in the edit box after "Search:". services.exe
[*]Click the Search button
[*]It will make a log (Search.txt)
[/list]
I want you to poste Both the FRST.txt report and the Search.txt into your reply to me

Gringo
I Close My Topics If You Have Not Replied In 5 Days If You Will Be Longer Please Let Me Know

If I Have Not Replied To One Of My Topics In 48 Hrs Please Bump The Topic



My help is free, however, if you wish to make a small donation to show your appreciation or to help me continue the fight against Malware, then click here -->btn_donate_SM.gif<-- Don't worry every little bit helps.

Proud Graduate Of Malware Removal University

#9 Mr.Problem

Mr.Problem
  • Topic Starter

  • Members
  • 30 posts
  • OFFLINE
  •  
  • Local time:09:49 PM

Posted 25 January 2013 - 10:35 PM

I didn't get to use the tool because windows ran the system recovery tool and used system restore. So now my computer is back to the way it was a couple days ago and the programs you told me to install before are all unusable and only logs from these programs are left. What do i do now?

#10 Mr.Problem

Mr.Problem
  • Topic Starter

  • Members
  • 30 posts
  • OFFLINE
  •  
  • Local time:09:49 PM

Posted 25 January 2013 - 10:36 PM

What is exactly happening to the computer anyways?

#11 gringo_pr

gringo_pr

    Bleepin Gringo


  • Malware Response Team
  • 136,772 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Puerto rico
  • Local time:01:49 AM

Posted 25 January 2013 - 11:00 PM

trhere are some bad virus on here

I want you to run these next,

Please download the latest version of TDSSKiller from here and save it to your Desktop.
  • Doubleclick on TDSSKiller.exe to run the application, then click on Change parameters.
  • Put a checkmark beside loaded modules.
  • A reboot will be needed to apply the changes. Do it.
  • TDSSKiller will launch automatically after the reboot. Also your computer may seem very slow and unusable. This is normal. Give it enough time to load your background programs.
  • Then click on Change parameters in TDSSKiller.
  • Check all boxes then click OK.
  • Click the Start Scan button.
  • The scan should take no longer than 2 minutes.
  • If a suspicious object is detected, the default action will be Skip, click on Continue.
  • If malicious objects are found, they will show in the Scan results
  • Ensure Cure (default) is selected, then click Continue > Reboot now to finish the cleaning process.
    Note: If Cure is not available, please choose Skip instead, do not choose Delete unless instructed.
  • A report will be created in your root directory, (usually C:\ folder) in the form of "TDSSKiller.[Version]_[Date]_[Time]_log.txt". Please copy and paste the contents of that file here.



Please download aswMBR to your desktop.
  • Double click the aswMBR.exe icon to run it
  • it will ask to download extra definitions - ALLOW IT
  • Click the Scan button to start the scan
  • On completion of the scan, click the save log button, save it to your desktop and post it in your next reply.

If you have any problems running either one come back and let me know

please reply with the reports from TDSSKiller and aswMBR

Gringo
I Close My Topics If You Have Not Replied In 5 Days If You Will Be Longer Please Let Me Know

If I Have Not Replied To One Of My Topics In 48 Hrs Please Bump The Topic



My help is free, however, if you wish to make a small donation to show your appreciation or to help me continue the fight against Malware, then click here -->btn_donate_SM.gif<-- Don't worry every little bit helps.

Proud Graduate Of Malware Removal University

#12 Mr.Problem

Mr.Problem
  • Topic Starter

  • Members
  • 30 posts
  • OFFLINE
  •  
  • Local time:09:49 PM

Posted 26 January 2013 - 12:35 AM

Alright, after the TDSS scan there were three objects found.

Unsigned file
Service: IDriverT

Backdoor.Multi.ZAccess.gen
Service: unrealircd

Backdoor.Multi.ZAccess.genb
File: C:\windows\system32\consrv.dll

There were no cure option for any of these so I followed what you said and selected skip for all of them.

I'll be posting the logs in the next post.

#13 Mr.Problem

Mr.Problem
  • Topic Starter

  • Members
  • 30 posts
  • OFFLINE
  •  
  • Local time:09:49 PM

Posted 26 January 2013 - 01:09 AM

Log from TDDSKiller:

21:26:59.0221 2252 TDSS rootkit removing tool 2.8.15.0 Oct 31 2012 21:47:35
21:27:00.0001 2252 ============================================================
21:27:00.0001 2252 Current date / time: 2013/01/25 21:27:00.0001
21:27:00.0001 2252 SystemInfo:
21:27:00.0001 2252
21:27:00.0001 2252 OS Version: 6.1.7601 ServicePack: 1.0
21:27:00.0001 2252 Product type: Workstation
21:27:00.0001 2252 ComputerName: JAY-PC
21:27:00.0017 2252 UserName: Administrator
21:27:00.0017 2252 Windows directory: C:\windows
21:27:00.0017 2252 System windows directory: C:\windows
21:27:00.0017 2252 Running under WOW64
21:27:00.0017 2252 Processor architecture: Intel x64
21:27:00.0017 2252 Number of processors: 2
21:27:00.0017 2252 Page size: 0x1000
21:27:00.0017 2252 Boot type: Normal boot
21:27:00.0017 2252 ============================================================
21:27:02.0264 2252 BG loaded
21:27:02.0810 2252 Drive \Device\Harddisk0\DR0 - Size: 0x7470C06000 (465.76 Gb), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
21:27:02.0826 2252 ============================================================
21:27:02.0826 2252 \Device\Harddisk0\DR0:
21:27:02.0826 2252 MBR partitions:
21:27:02.0826 2252 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x2EE800, BlocksNum 0x388EB800
21:27:02.0826 2252 ============================================================
21:27:02.0873 2252 C: <-> \Device\Harddisk0\DR0\Partition1
21:27:02.0873 2252 ============================================================
21:27:02.0873 2252 Initialize success
21:27:02.0873 2252 ============================================================
21:28:56.0674 5844 ============================================================
21:28:56.0674 5844 Scan started
21:28:56.0674 5844 Mode: Manual; SigCheck; TDLFS;
21:28:56.0674 5844 ============================================================
21:29:00.0122 5844 ================ Scan system memory ========================
21:29:00.0122 5844 System memory - ok
21:29:00.0137 5844 ================ Scan services =============================
21:29:00.0309 5844 [ A87D604AEA360176311474C87A63BB88 ] 1394ohci C:\windows\system32\drivers\1394ohci.sys
21:29:00.0715 5844 1394ohci - ok
21:29:00.0761 5844 [ D81D9E70B8A6DD14D42D7B4EFA65D5F2 ] ACPI C:\windows\system32\drivers\ACPI.sys
21:29:00.0793 5844 ACPI - ok
21:29:00.0824 5844 [ 99F8E788246D495CE3794D7E7821D2CA ] AcpiPmi C:\windows\system32\drivers\acpipmi.sys
21:29:00.0917 5844 AcpiPmi - ok
21:29:01.0089 5844 [ 424877CB9D5517F980FF7BACA2EB379D ] AdobeFlashPlayerUpdateSvc C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
21:29:01.0136 5844 AdobeFlashPlayerUpdateSvc - ok
21:29:01.0183 5844 [ 2F6B34B83843F0C5118B63AC634F5BF4 ] adp94xx C:\windows\system32\drivers\adp94xx.sys
21:29:01.0214 5844 adp94xx - ok
21:29:01.0261 5844 [ 597F78224EE9224EA1A13D6350CED962 ] adpahci C:\windows\system32\drivers\adpahci.sys
21:29:01.0292 5844 adpahci - ok
21:29:01.0339 5844 [ E109549C90F62FB570B9540C4B148E54 ] adpu320 C:\windows\system32\drivers\adpu320.sys
21:29:01.0370 5844 adpu320 - ok
21:29:01.0417 5844 [ 4B78B431F225FD8624C5655CB1DE7B61 ] AeLookupSvc C:\windows\System32\aelupsvc.dll
21:29:01.0588 5844 AeLookupSvc - ok
21:29:01.0651 5844 [ 1C7857B62DE5994A75B054A9FD4C3825 ] AFD C:\windows\system32\drivers\afd.sys
21:29:01.0729 5844 AFD - ok
21:29:01.0760 5844 [ 608C14DBA7299D8CB6ED035A68A15799 ] agp440 C:\windows\system32\drivers\agp440.sys
21:29:01.0775 5844 agp440 - ok
21:29:01.0822 5844 [ 3290D6946B5E30E70414990574883DDB ] ALG C:\windows\System32\alg.exe
21:29:01.0900 5844 ALG - ok
21:29:01.0931 5844 [ 5812713A477A3AD7363C7438CA2EE038 ] aliide C:\windows\system32\drivers\aliide.sys
21:29:01.0947 5844 aliide - ok
21:29:01.0994 5844 [ 4C1E3649C89C7D542CD18ECC5210099D ] AMD External Events Utility C:\windows\system32\atiesrxx.exe
21:29:02.0119 5844 AMD External Events Utility - ok
21:29:02.0228 5844 AMD FUEL Service - ok
21:29:02.0259 5844 [ 1FF8B4431C353CE385C875F194924C0C ] amdide C:\windows\system32\drivers\amdide.sys
21:29:02.0275 5844 amdide - ok
21:29:02.0353 5844 [ 6A2EEB0C4133B20773BB3DD0B7B377B4 ] amdiox64 C:\windows\system32\DRIVERS\amdiox64.sys
21:29:02.0415 5844 amdiox64 - ok
21:29:02.0477 5844 [ 7024F087CFF1833A806193EF9D22CDA9 ] AmdK8 C:\windows\system32\drivers\amdk8.sys
21:29:02.0540 5844 AmdK8 - ok
21:29:02.0867 5844 [ A3C0A15B39F979E8F3EABA901D72ECD7 ] amdkmdag C:\windows\system32\DRIVERS\atikmdag.sys
21:29:03.0148 5844 amdkmdag - ok
21:29:03.0211 5844 [ 20F3CD38B107C1BD747C0EA37D450165 ] amdkmdap C:\windows\system32\DRIVERS\atikmpag.sys
21:29:03.0273 5844 amdkmdap - ok
21:29:03.0320 5844 [ 1E56388B3FE0D031C44144EB8C4D6217 ] AmdPPM C:\windows\system32\DRIVERS\amdppm.sys
21:29:03.0382 5844 AmdPPM - ok
21:29:03.0413 5844 [ D4121AE6D0C0E7E13AA221AA57EF2D49 ] amdsata C:\windows\system32\drivers\amdsata.sys
21:29:03.0429 5844 amdsata - ok
21:29:03.0460 5844 [ F67F933E79241ED32FF46A4F29B5120B ] amdsbs C:\windows\system32\drivers\amdsbs.sys
21:29:03.0491 5844 amdsbs - ok
21:29:03.0523 5844 [ 540DAF1CEA6094886D72126FD7C33048 ] amdxata C:\windows\system32\drivers\amdxata.sys
21:29:03.0538 5844 amdxata - ok
21:29:03.0601 5844 [ 4DE0D5D747A73797C95A97DCCE5018B5 ] androidusb C:\windows\system32\Drivers\ssadadb.sys
21:29:03.0663 5844 androidusb - ok
21:29:03.0741 5844 [ 89A69C3F2F319B43379399547526D952 ] AppID C:\windows\system32\drivers\appid.sys
21:29:03.0928 5844 AppID - ok
21:29:03.0975 5844 [ 0BC381A15355A3982216F7172F545DE1 ] AppIDSvc C:\windows\System32\appidsvc.dll
21:29:04.0069 5844 AppIDSvc - ok
21:29:04.0100 5844 [ 3977D4A871CA0D4F2ED1E7DB46829731 ] Appinfo C:\windows\System32\appinfo.dll
21:29:04.0178 5844 Appinfo - ok
21:29:04.0318 5844 [ A5299D04ED225D64CF07A568A3E1BF8C ] Apple Mobile Device C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
21:29:04.0349 5844 Apple Mobile Device - ok
21:29:04.0381 5844 [ C484F8CEB1717C540242531DB7845C4E ] arc C:\windows\system32\drivers\arc.sys
21:29:04.0412 5844 arc - ok
21:29:04.0427 5844 [ 019AF6924AEFE7839F61C830227FE79C ] arcsas C:\windows\system32\drivers\arcsas.sys
21:29:04.0459 5844 arcsas - ok
21:29:04.0505 5844 ARUpdate - ok
21:29:04.0552 5844 [ 769765CE2CC62867468CEA93969B2242 ] AsyncMac C:\windows\system32\DRIVERS\asyncmac.sys
21:29:04.0646 5844 AsyncMac - ok
21:29:04.0739 5844 [ 02062C0B390B7729EDC9E69C680A6F3C ] atapi C:\windows\system32\drivers\atapi.sys
21:29:04.0771 5844 atapi - ok
21:29:05.0005 5844 [ B0790FF0E25B7A2674296052F2162C1A ] AtiHDAudioService C:\windows\system32\drivers\AtihdW76.sys
21:29:05.0020 5844 AtiHDAudioService - ok
21:29:05.0114 5844 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioEndpointBuilder C:\windows\System32\Audiosrv.dll
21:29:05.0223 5844 AudioEndpointBuilder - ok
21:29:05.0301 5844 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioSrv C:\windows\System32\Audiosrv.dll
21:29:05.0379 5844 AudioSrv - ok
21:29:05.0519 5844 [ A6BF31A71B409DFA8CAC83159E1E2AFF ] AxInstSV C:\windows\System32\AxInstSV.dll
21:29:05.0613 5844 AxInstSV - ok
21:29:05.0722 5844 [ 3E5B191307609F7514148C6832BB0842 ] b06bdrv C:\windows\system32\drivers\bxvbda.sys
21:29:05.0800 5844 b06bdrv - ok
21:29:06.0393 5844 [ B5ACE6968304A3900EEB1EBFD9622DF2 ] b57nd60a C:\windows\system32\DRIVERS\b57nd60a.sys
21:29:06.0736 5844 b57nd60a - ok
21:29:07.0735 5844 [ FDE360167101B4E45A96F939F388AEB0 ] BDESVC C:\windows\System32\bdesvc.dll
21:29:08.0015 5844 BDESVC - ok
21:29:08.0109 5844 [ 16A47CE2DECC9B099349A5F840654746 ] Beep C:\windows\system32\drivers\Beep.sys
21:29:08.0249 5844 Beep - ok
21:29:08.0343 5844 [ 82974D6A2FD19445CC5171FC378668A4 ] BFE C:\windows\System32\bfe.dll
21:29:08.0437 5844 BFE - ok
21:29:08.0499 5844 [ 1EA7969E3271CBC59E1730697DC74682 ] BITS C:\windows\System32\qmgr.dll
21:29:08.0624 5844 BITS - ok
21:29:08.0671 5844 [ 61583EE3C3A17003C4ACD0475646B4D3 ] blbdrive C:\windows\system32\DRIVERS\blbdrive.sys
21:29:08.0717 5844 blbdrive - ok
21:29:08.0811 5844 [ EBBCD5DFBB1DE70E8F4AF8FA59E401FD ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe
21:29:08.0842 5844 Bonjour Service - ok
21:29:08.0873 5844 [ 6C02A83164F5CC0A262F4199F0871CF5 ] bowser C:\windows\system32\DRIVERS\bowser.sys
21:29:08.0920 5844 bowser - ok
21:29:08.0936 5844 [ F09EEE9EDC320B5E1501F749FDE686C8 ] BrFiltLo C:\windows\system32\drivers\BrFiltLo.sys
21:29:08.0983 5844 BrFiltLo - ok
21:29:08.0998 5844 [ B114D3098E9BDB8BEA8B053685831BE6 ] BrFiltUp C:\windows\system32\drivers\BrFiltUp.sys
21:29:09.0029 5844 BrFiltUp - ok
21:29:09.0092 5844 [ 05F5A0D14A2EE1D8255C2AA0E9E8E694 ] Browser C:\windows\System32\browser.dll
21:29:09.0123 5844 Browser - ok
21:29:09.0154 5844 [ 43BEA8D483BF1870F018E2D02E06A5BD ] Brserid C:\windows\System32\Drivers\Brserid.sys
21:29:09.0232 5844 Brserid - ok
21:29:09.0263 5844 [ A6ECA2151B08A09CACECA35C07F05B42 ] BrSerWdm C:\windows\System32\Drivers\BrSerWdm.sys
21:29:09.0326 5844 BrSerWdm - ok
21:29:09.0357 5844 [ B79968002C277E869CF38BD22CD61524 ] BrUsbMdm C:\windows\System32\Drivers\BrUsbMdm.sys
21:29:09.0388 5844 BrUsbMdm - ok
21:29:09.0419 5844 [ A87528880231C54E75EA7A44943B38BF ] BrUsbSer C:\windows\System32\Drivers\BrUsbSer.sys
21:29:09.0451 5844 BrUsbSer - ok
21:29:09.0482 5844 [ 9DA669F11D1F894AB4EB69BF546A42E8 ] BTHMODEM C:\windows\system32\drivers\bthmodem.sys
21:29:09.0513 5844 BTHMODEM - ok
21:29:09.0575 5844 [ 95F9C2976059462CBBF227F7AAB10DE9 ] bthserv C:\windows\system32\bthserv.dll
21:29:09.0653 5844 bthserv - ok
21:29:09.0716 5844 [ B8BD2BB284668C84865658C77574381A ] cdfs C:\windows\system32\DRIVERS\cdfs.sys
21:29:09.0794 5844 cdfs - ok
21:29:09.0841 5844 [ F036CE71586E93D94DAB220D7BDF4416 ] cdrom C:\windows\system32\DRIVERS\cdrom.sys
21:29:09.0903 5844 cdrom - ok
21:29:10.0012 5844 [ F17D1D393BBC69C5322FBFAFACA28C7F ] CertPropSvc C:\windows\System32\certprop.dll
21:29:10.0121 5844 CertPropSvc - ok
21:29:10.0232 5844 [ 41E7C4FA6491747402CFCA77CC1C7AAB ] cfWiMAXService C:\Program Files (x86)\TOSHIBA\ConfigFree\CFIWmxSvcs64.exe
21:29:10.0263 5844 cfWiMAXService - ok
21:29:10.0294 5844 [ D7CD5C4E1B71FA62050515314CFB52CF ] circlass C:\windows\system32\drivers\circlass.sys
21:29:10.0372 5844 circlass - ok
21:29:10.0590 5844 [ FE1EC06F2253F691FE36217C592A0206 ] CLFS C:\windows\system32\CLFS.sys
21:29:10.0637 5844 CLFS - ok
21:29:10.0824 5844 [ D88040F816FDA31C3B466F0FA0918F29 ] clr_optimization_v2.0.50727_32 C:\windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
21:29:10.0871 5844 clr_optimization_v2.0.50727_32 - ok
21:29:10.0949 5844 [ D1CEEA2B47CB998321C579651CE3E4F8 ] clr_optimization_v2.0.50727_64 C:\windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
21:29:10.0996 5844 clr_optimization_v2.0.50727_64 - ok
21:29:11.0121 5844 [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
21:29:11.0214 5844 clr_optimization_v4.0.30319_32 - ok
21:29:11.0324 5844 [ C6F9AF94DCD58122A4D7E89DB6BED29D ] clr_optimization_v4.0.30319_64 C:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
21:29:11.0402 5844 clr_optimization_v4.0.30319_64 - ok
21:29:11.0932 5844 [ 0840155D0BDDF1190F84A663C284BD33 ] CmBatt C:\windows\system32\DRIVERS\CmBatt.sys
21:29:12.0041 5844 CmBatt - ok
21:29:12.0088 5844 [ E19D3F095812725D88F9001985B94EDD ] cmdide C:\windows\system32\drivers\cmdide.sys
21:29:12.0104 5844 cmdide - ok
21:29:12.0166 5844 [ 9AC4F97C2D3E93367E2148EA940CD2CD ] CNG C:\windows\system32\Drivers\cng.sys
21:29:12.0228 5844 CNG - ok
21:29:12.0291 5844 [ 66847C979893A11CFCC2280E772D7EA1 ] CnxtHdAudService C:\windows\system32\drivers\CHDRT64.sys
21:29:12.0369 5844 CnxtHdAudService - ok
21:29:12.0494 5844 [ 102DE219C3F61415F964C88E9085AD14 ] Compbatt C:\windows\system32\drivers\compbatt.sys
21:29:12.0587 5844 Compbatt - ok
21:29:12.0774 5844 [ 03EDB043586CCEBA243D689BDDA370A8 ] CompositeBus C:\windows\system32\DRIVERS\CompositeBus.sys
21:29:12.0806 5844 CompositeBus - ok
21:29:12.0821 5844 COMSysApp - ok
21:29:12.0868 5844 [ CAB0EEAF5295FC96DDD3E19DCE27E131 ] ConfigFree Service C:\Program Files (x86)\TOSHIBA\ConfigFree\CFSvcs.exe
21:29:12.0884 5844 ConfigFree Service - ok
21:29:12.0915 5844 [ 1C827878A998C18847245FE1F34EE597 ] crcdisk C:\windows\system32\drivers\crcdisk.sys
21:29:12.0930 5844 crcdisk - ok
21:29:13.0024 5844 [ 9C01375BE382E834CC26D1B7EAF2C4FE ] CryptSvc C:\windows\system32\cryptsvc.dll
21:29:13.0102 5844 CryptSvc - ok
21:29:13.0227 5844 [ 72794D112CBAFF3BC0C29BF7350D4741 ] cvhsvc C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE
21:29:13.0274 5844 cvhsvc - ok
21:29:13.0398 5844 [ C7259495924D21F1AFA26467D9F4DAE0 ] dc3d C:\windows\system32\DRIVERS\dc3d.sys
21:29:13.0414 5844 dc3d - ok
21:29:13.0586 5844 [ 5C627D1B1138676C0A7AB2C2C190D123 ] DcomLaunch C:\windows\system32\rpcss.dll
21:29:13.0710 5844 DcomLaunch - ok
21:29:13.0757 5844 [ 3CEC7631A84943677AA8FA8EE5B6B43D ] defragsvc C:\windows\System32\defragsvc.dll
21:29:13.0851 5844 defragsvc - ok
21:29:13.0898 5844 [ 9BB2EF44EAA163B29C4A4587887A0FE4 ] DfsC C:\windows\system32\Drivers\dfsc.sys
21:29:13.0976 5844 DfsC - ok
21:29:14.0054 5844 [ 43D808F5D9E1A18E5EEB5EBC83969E4E ] Dhcp C:\windows\system32\dhcpcore.dll
21:29:14.0163 5844 Dhcp - ok
21:29:14.0210 5844 [ 13096B05847EC78F0977F2C0F79E9AB3 ] discache C:\windows\system32\drivers\discache.sys
21:29:14.0288 5844 discache - ok
21:29:14.0397 5844 [ 9819EEE8B5EA3784EC4AF3B137A5244C ] Disk C:\windows\system32\drivers\disk.sys
21:29:14.0428 5844 Disk - ok
21:29:14.0490 5844 [ 16835866AAA693C7D7FCEBA8FFF706E4 ] Dnscache C:\windows\System32\dnsrslvr.dll
21:29:14.0584 5844 Dnscache - ok
21:29:14.0662 5844 [ B1FB3DDCA0FDF408750D5843591AFBC6 ] dot3svc C:\windows\System32\dot3svc.dll
21:29:14.0756 5844 dot3svc - ok
21:29:14.0802 5844 [ B26F4F737E8F9DF4F31AF6CF31D05820 ] DPS C:\windows\system32\dps.dll
21:29:14.0896 5844 DPS - ok
21:29:14.0990 5844 [ 9B19F34400D24DF84C858A421C205754 ] drmkaud C:\windows\system32\drivers\drmkaud.sys
21:29:15.0021 5844 drmkaud - ok
21:29:15.0146 5844 [ 46571ED73AE84469DCA53081D33CF3C8 ] dtsoftbus01 C:\windows\system32\DRIVERS\dtsoftbus01.sys
21:29:15.0177 5844 dtsoftbus01 - ok
21:29:15.0255 5844 [ F5BEE30450E18E6B83A5012C100616FD ] DXGKrnl C:\windows\System32\drivers\dxgkrnl.sys
21:29:15.0317 5844 DXGKrnl - ok
21:29:15.0364 5844 EagleX64 - ok
21:29:15.0395 5844 [ E2DDA8726DA9CB5B2C4000C9018A9633 ] EapHost C:\windows\System32\eapsvc.dll
21:29:15.0489 5844 EapHost - ok
21:29:15.0645 5844 [ DC5D737F51BE844D8C82C695EB17372F ] ebdrv C:\windows\system32\drivers\evbda.sys
21:29:15.0801 5844 ebdrv - ok
21:29:15.0863 5844 [ C118A82CD78818C29AB228366EBF81C3 ] EFS C:\windows\System32\lsass.exe
21:29:15.0910 5844 EFS - ok
21:29:16.0004 5844 [ C4002B6B41975F057D98C439030CEA07 ] ehRecvr C:\windows\ehome\ehRecvr.exe
21:29:16.0097 5844 ehRecvr - ok
21:29:16.0128 5844 [ 4705E8EF9934482C5BB488CE28AFC681 ] ehSched C:\windows\ehome\ehsched.exe
21:29:16.0160 5844 ehSched - ok
21:29:16.0206 5844 [ 0E5DA5369A0FCAEA12456DD852545184 ] elxstor C:\windows\system32\drivers\elxstor.sys
21:29:16.0238 5844 elxstor - ok
21:29:16.0284 5844 [ 34A3C54752046E79A126E15C51DB409B ] ErrDev C:\windows\system32\drivers\errdev.sys
21:29:16.0316 5844 ErrDev - ok
21:29:16.0409 5844 [ 4166F82BE4D24938977DD1746BE9B8A0 ] EventSystem C:\windows\system32\es.dll
21:29:16.0503 5844 EventSystem - ok
21:29:16.0565 5844 [ A510C654EC00C1E9BDD91EEB3A59823B ] exfat C:\windows\system32\drivers\exfat.sys
21:29:16.0643 5844 exfat - ok
21:29:16.0674 5844 [ 0ADC83218B66A6DB380C330836F3E36D ] fastfat C:\windows\system32\drivers\fastfat.sys
21:29:16.0784 5844 fastfat - ok
21:29:16.0846 5844 [ DBEFD454F8318A0EF691FDD2EAAB44EB ] Fax C:\windows\system32\fxssvc.exe
21:29:16.0924 5844 Fax - ok
21:29:16.0955 5844 [ D765D19CD8EF61F650C384F62FAC00AB ] fdc C:\windows\system32\drivers\fdc.sys
21:29:16.0986 5844 fdc - ok
21:29:17.0033 5844 [ 0438CAB2E03F4FB61455A7956026FE86 ] fdPHost C:\windows\system32\fdPHost.dll
21:29:17.0111 5844 fdPHost - ok
21:29:17.0127 5844 [ 802496CB59A30349F9A6DD22D6947644 ] FDResPub C:\windows\system32\fdrespub.dll
21:29:17.0205 5844 FDResPub - ok
21:29:17.0252 5844 [ 655661BE46B5F5F3FD454E2C3095B930 ] FileInfo C:\windows\system32\drivers\fileinfo.sys
21:29:17.0267 5844 FileInfo - ok
21:29:17.0298 5844 [ 5F671AB5BC87EEA04EC38A6CD5962A47 ] Filetrace C:\windows\system32\drivers\filetrace.sys
21:29:17.0376 5844 Filetrace - ok
21:29:17.0392 5844 [ C172A0F53008EAEB8EA33FE10E177AF5 ] flpydisk C:\windows\system32\drivers\flpydisk.sys
21:29:17.0423 5844 flpydisk - ok
21:29:17.0470 5844 [ DA6B67270FD9DB3697B20FCE94950741 ] FltMgr C:\windows\system32\drivers\fltmgr.sys
21:29:17.0501 5844 FltMgr - ok
21:29:17.0657 5844 [ 5C4CB4086FB83115B153E47ADD961A0C ] FontCache C:\windows\system32\FntCache.dll
21:29:17.0720 5844 FontCache - ok
21:29:17.0782 5844 [ A8B7F3818AB65695E3A0BB3279F6DCE6 ] FontCache3.0.0.0 C:\windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
21:29:17.0798 5844 FontCache3.0.0.0 - ok
21:29:17.0844 5844 [ D43703496149971890703B4B1B723EAC ] FsDepends C:\windows\system32\drivers\FsDepends.sys
21:29:17.0860 5844 FsDepends - ok
21:29:17.0907 5844 [ 6C06701BF1DB05405804D7EB610991CE ] fssfltr C:\windows\system32\DRIVERS\fssfltr.sys
21:29:17.0922 5844 fssfltr - ok
21:29:18.0047 5844 [ 4CE9DAC1518FF7E77BD213E6394B9D77 ] fsssvc C:\Program Files (x86)\Windows Live\Family Safety\fsssvc.exe
21:29:18.0110 5844 fsssvc - ok
21:29:18.0156 5844 [ 6BD9295CC032DD3077C671FCCF579A7B ] Fs_Rec C:\windows\system32\drivers\Fs_Rec.sys
21:29:18.0172 5844 Fs_Rec - ok
21:29:18.0219 5844 [ 1F7B25B858FA27015169FE95E54108ED ] fvevol C:\windows\system32\DRIVERS\fvevol.sys
21:29:18.0250 5844 fvevol - ok
21:29:18.0297 5844 [ 8C778D335C9D272CFD3298AB02ABE3B6 ] gagp30kx C:\windows\system32\drivers\gagp30kx.sys
21:29:18.0344 5844 gagp30kx - ok
21:29:18.0453 5844 [ 1FDA0DF739234C4023851A282DD28704 ] GameConsoleService C:\Program Files (x86)\TOSHIBA Games\TOSHIBA Game Console\GameConsoleService.exe
21:29:18.0484 5844 GameConsoleService - ok
21:29:18.0562 5844 [ 8E98D21EE06192492A5671A6144D092F ] GEARAspiWDM C:\windows\system32\DRIVERS\GEARAspiWDM.sys
21:29:18.0578 5844 GEARAspiWDM - ok
21:29:18.0640 5844 [ 277BBC7E1AA1EE957F573A10ECA7EF3A ] gpsvc C:\windows\System32\gpsvc.dll
21:29:18.0734 5844 gpsvc - ok
21:29:18.0874 5844 [ 8F0DE4FEF8201E306F9938B0905AC96A ] gupdate C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
21:29:18.0905 5844 gupdate - ok
21:29:18.0936 5844 [ 8F0DE4FEF8201E306F9938B0905AC96A ] gupdatem C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
21:29:18.0968 5844 gupdatem - ok
21:29:18.0983 5844 [ F2523EF6460FC42405B12248338AB2F0 ] hcw85cir C:\windows\system32\drivers\hcw85cir.sys
21:29:19.0046 5844 hcw85cir - ok
21:29:19.0092 5844 [ 975761C778E33CD22498059B91E7373A ] HdAudAddService C:\windows\system32\drivers\HdAudio.sys
21:29:19.0139 5844 HdAudAddService - ok
21:29:19.0186 5844 [ 97BFED39B6B79EB12CDDBFEED51F56BB ] HDAudBus C:\windows\system32\DRIVERS\HDAudBus.sys
21:29:19.0233 5844 HDAudBus - ok
21:29:19.0264 5844 [ 78E86380454A7B10A5EB255DC44A355F ] HidBatt C:\windows\system32\drivers\HidBatt.sys
21:29:19.0295 5844 HidBatt - ok
21:29:19.0311 5844 [ 7FD2A313F7AFE5C4DAB14798C48DD104 ] HidBth C:\windows\system32\drivers\hidbth.sys
21:29:19.0358 5844 HidBth - ok
21:29:19.0404 5844 [ 0A77D29F311B88CFAE3B13F9C1A73825 ] HidIr C:\windows\system32\drivers\hidir.sys
21:29:19.0420 5844 HidIr - ok
21:29:19.0451 5844 [ BD9EB3958F213F96B97B1D897DEE006D ] hidserv C:\windows\system32\hidserv.dll
21:29:19.0545 5844 hidserv - ok
21:29:19.0592 5844 [ 9592090A7E2B61CD582B612B6DF70536 ] HidUsb C:\windows\system32\DRIVERS\hidusb.sys
21:29:19.0623 5844 HidUsb - ok
21:29:19.0654 5844 [ 387E72E739E15E3D37907A86D9FF98E2 ] hkmsvc C:\windows\system32\kmsvc.dll
21:29:19.0763 5844 hkmsvc - ok
21:29:19.0779 5844 [ EFDFB3DD38A4376F93E7985173813ABD ] HomeGroupListener C:\windows\system32\ListSvc.dll
21:29:19.0826 5844 HomeGroupListener - ok
21:29:19.0872 5844 [ 908ACB1F594274965A53926B10C81E89 ] HomeGroupProvider C:\windows\system32\provsvc.dll
21:29:19.0904 5844 HomeGroupProvider - ok
21:29:19.0935 5844 [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC ] HpSAMD C:\windows\system32\drivers\HpSAMD.sys
21:29:19.0966 5844 HpSAMD - ok
21:29:20.0028 5844 [ 0EA7DE1ACB728DD5A369FD742D6EEE28 ] HTTP C:\windows\system32\drivers\HTTP.sys
21:29:20.0122 5844 HTTP - ok
21:29:20.0138 5844 [ A5462BD6884960C9DC85ED49D34FF392 ] hwpolicy C:\windows\system32\drivers\hwpolicy.sys
21:29:20.0153 5844 hwpolicy - ok
21:29:20.0200 5844 [ FA55C73D4AFFA7EE23AC4BE53B4592D3 ] i8042prt C:\windows\system32\DRIVERS\i8042prt.sys
21:29:20.0216 5844 i8042prt - ok
21:29:20.0262 5844 [ AAAF44DB3BD0B9D1FB6969B23ECC8366 ] iaStorV C:\windows\system32\drivers\iaStorV.sys
21:29:20.0294 5844 iaStorV - ok
21:29:20.0403 5844 [ DAF66902F08796F9C694901660E5A64A ] IDriverT C:\Program Files (x86)\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe
21:29:20.0434 5844 IDriverT ( UnsignedFile.Multi.Generic ) - warning
21:29:20.0434 5844 IDriverT - detected UnsignedFile.Multi.Generic (1)
21:29:20.0481 5844 [ 5988FC40F8DB5B0739CD1E3A5D0D78BD ] idsvc C:\windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
21:29:20.0543 5844 idsvc - ok
21:29:20.0574 5844 [ 5C18831C61933628F5BB0EA2675B9D21 ] iirsp C:\windows\system32\drivers\iirsp.sys
21:29:20.0606 5844 iirsp - ok
21:29:20.0668 5844 [ FCD84C381E0140AF901E58D48882D26B ] IKEEXT C:\windows\System32\ikeext.dll
21:29:20.0762 5844 IKEEXT - ok
21:29:20.0808 5844 [ F00F20E70C6EC3AA366910083A0518AA ] intelide C:\windows\system32\drivers\intelide.sys
21:29:20.0824 5844 intelide - ok
21:29:20.0855 5844 [ ADA036632C664CAA754079041CF1F8C1 ] intelppm C:\windows\system32\drivers\intelppm.sys
21:29:20.0902 5844 intelppm - ok
21:29:20.0933 5844 [ 098A91C54546A3B878DAD6A7E90A455B ] IPBusEnum C:\windows\system32\ipbusenum.dll
21:29:21.0027 5844 IPBusEnum - ok
21:29:21.0058 5844 [ C9F0E1BD74365A8771590E9008D22AB6 ] IpFilterDriver C:\windows\system32\DRIVERS\ipfltdrv.sys
21:29:21.0120 5844 IpFilterDriver - ok
21:29:21.0167 5844 [ 0FC1AEA580957AA8817B8F305D18CA3A ] IPMIDRV C:\windows\system32\drivers\IPMIDrv.sys
21:29:21.0214 5844 IPMIDRV - ok
21:29:21.0230 5844 [ AF9B39A7E7B6CAA203B3862582E9F2D0 ] IPNAT C:\windows\system32\drivers\ipnat.sys
21:29:21.0323 5844 IPNAT - ok
21:29:21.0401 5844 [ 0F261EC4F514926177C70C1832374231 ] iPod Service C:\Program Files\iPod\bin\iPodService.exe
21:29:21.0432 5844 iPod Service - ok
21:29:21.0479 5844 [ 3ABF5E7213EB28966D55D58B515D5CE9 ] IRENUM C:\windows\system32\drivers\irenum.sys
21:29:21.0510 5844 IRENUM - ok
21:29:21.0526 5844 [ 2F7B28DC3E1183E5EB418DF55C204F38 ] isapnp C:\windows\system32\drivers\isapnp.sys
21:29:21.0557 5844 isapnp - ok
21:29:21.0588 5844 [ D931D7309DEB2317035B07C9F9E6B0BD ] iScsiPrt C:\windows\system32\drivers\msiscsi.sys
21:29:21.0620 5844 iScsiPrt - ok
21:29:21.0666 5844 [ BC02336F1CBA7DCC7D1213BB588A68A5 ] kbdclass C:\windows\system32\DRIVERS\kbdclass.sys
21:29:21.0682 5844 kbdclass - ok
21:29:21.0713 5844 [ 0705EFF5B42A9DB58548EEC3B26BB484 ] kbdhid C:\windows\system32\DRIVERS\kbdhid.sys
21:29:21.0760 5844 kbdhid - ok
21:29:21.0776 5844 [ C118A82CD78818C29AB228366EBF81C3 ] KeyIso C:\windows\system32\lsass.exe
21:29:21.0807 5844 KeyIso - ok
21:29:21.0838 5844 [ 97A7070AEA4C058B6418519E869A63B4 ] KSecDD C:\windows\system32\Drivers\ksecdd.sys
21:29:21.0869 5844 KSecDD - ok
21:29:21.0900 5844 [ 26C43A7C2862447EC59DEDA188D1DA07 ] KSecPkg C:\windows\system32\Drivers\ksecpkg.sys
21:29:21.0916 5844 KSecPkg - ok
21:29:21.0978 5844 [ 6869281E78CB31A43E969F06B57347C4 ] ksthunk C:\windows\system32\drivers\ksthunk.sys
21:29:22.0056 5844 ksthunk - ok
21:29:22.0103 5844 [ 6AB66E16AA859232F64DEB66887A8C9C ] KtmRm C:\windows\system32\msdtckrm.dll
21:29:22.0197 5844 KtmRm - ok
21:29:22.0228 5844 [ 045FB70BC993B691517CE309045FF02D ] L1C C:\windows\system32\DRIVERS\L1C62x64.sys
21:29:22.0259 5844 L1C - ok
21:29:22.0306 5844 [ D9F42719019740BAA6D1C6D536CBDAA6 ] LanmanServer C:\windows\system32\srvsvc.dll
21:29:22.0387 5844 LanmanServer - ok
21:29:22.0450 5844 [ 851A1382EED3E3A7476DB004F4EE3E1A ] LanmanWorkstation C:\windows\System32\wkssvc.dll
21:29:22.0590 5844 LanmanWorkstation - ok
21:29:22.0637 5844 [ 1538831CF8AD2979A04C423779465827 ] lltdio C:\windows\system32\DRIVERS\lltdio.sys
21:29:22.0731 5844 lltdio - ok
21:29:22.0777 5844 [ C1185803384AB3FEED115F79F109427F ] lltdsvc C:\windows\System32\lltdsvc.dll
21:29:22.0855 5844 lltdsvc - ok
21:29:22.0871 5844 [ F993A32249B66C9D622EA5592A8B76B8 ] lmhosts C:\windows\System32\lmhsvc.dll
21:29:22.0949 5844 lmhosts - ok
21:29:22.0980 5844 [ 1A93E54EB0ECE102495A51266DCDB6A6 ] LSI_FC C:\windows\system32\drivers\lsi_fc.sys
21:29:23.0011 5844 LSI_FC - ok
21:29:23.0027 5844 [ 1047184A9FDC8BDBFF857175875EE810 ] LSI_SAS C:\windows\system32\drivers\lsi_sas.sys
21:29:23.0058 5844 LSI_SAS - ok
21:29:23.0089 5844 [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93 ] LSI_SAS2 C:\windows\system32\drivers\lsi_sas2.sys
21:29:23.0105 5844 LSI_SAS2 - ok
21:29:23.0136 5844 [ 0504EACAFF0D3C8AED161C4B0D369D4A ] LSI_SCSI C:\windows\system32\drivers\lsi_scsi.sys
21:29:23.0167 5844 LSI_SCSI - ok
21:29:23.0230 5844 [ 43D0F98E1D56CCDDB0D5254CFF7B356E ] luafv C:\windows\system32\drivers\luafv.sys
21:29:23.0308 5844 luafv - ok
21:29:23.0386 5844 [ 92EB844D90615CB266F84C3202B8786E ] MBAMProtector C:\windows\system32\drivers\mbam.sys
21:29:23.0401 5844 MBAMProtector - ok
21:29:23.0479 5844 [ 1ACAA67676E9E7BDA5E0C41B6E0DECAF ] MBAMScheduler C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
21:29:23.0526 5844 MBAMScheduler - ok
21:29:23.0604 5844 [ 916B8954AC3E06DC9E898AFFB41F3FB6 ] MBAMService C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
21:29:23.0635 5844 MBAMService - ok
21:29:23.0667 5844 [ 0BE09CD858ABF9DF6ED259D57A1A1663 ] Mcx2Svc C:\windows\system32\Mcx2Svc.dll
21:29:23.0698 5844 Mcx2Svc - ok
21:29:23.0713 5844 [ A55805F747C6EDB6A9080D7C633BD0F4 ] megasas C:\windows\system32\drivers\megasas.sys
21:29:23.0745 5844 megasas - ok
21:29:23.0776 5844 [ BAF74CE0072480C3B6B7C13B2A94D6B3 ] MegaSR C:\windows\system32\drivers\MegaSR.sys
21:29:23.0807 5844 MegaSR - ok
21:29:23.0916 5844 [ 123271BD5237AB991DC5C21FDF8835EB ] Microsoft Office Groove Audit Service C:\Program Files (x86)\Microsoft Office\Office12\GrooveAuditService.exe
21:29:23.0947 5844 Microsoft Office Groove Audit Service - ok
21:29:23.0994 5844 [ E40E80D0304A73E8D269F7141D77250B ] MMCSS C:\windows\system32\mmcss.dll
21:29:24.0088 5844 MMCSS - ok
21:29:24.0135 5844 [ 800BA92F7010378B09F9ED9270F07137 ] Modem C:\windows\system32\drivers\modem.sys
21:29:24.0228 5844 Modem - ok
21:29:24.0259 5844 [ B03D591DC7DA45ECE20B3B467E6AADAA ] monitor C:\windows\system32\DRIVERS\monitor.sys
21:29:24.0306 5844 monitor - ok
21:29:24.0337 5844 [ 7D27EA49F3C1F687D357E77A470AEA99 ] mouclass C:\windows\system32\DRIVERS\mouclass.sys
21:29:24.0353 5844 mouclass - ok
21:29:24.0400 5844 [ D3BF052C40B0C4166D9FD86A4288C1E6 ] mouhid C:\windows\system32\DRIVERS\mouhid.sys
21:29:24.0462 5844 mouhid - ok
21:29:24.0478 5844 [ 32E7A3D591D671A6DF2DB515A5CBE0FA ] mountmgr C:\windows\system32\drivers\mountmgr.sys
21:29:24.0509 5844 mountmgr - ok
21:29:24.0603 5844 [ 9C3758018DED02F4AE53CCA1C5F084A2 ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
21:29:24.0634 5844 MozillaMaintenance - ok
21:29:24.0681 5844 [ A44B420D30BD56E145D6A2BC8768EC58 ] mpio C:\windows\system32\drivers\mpio.sys
21:29:24.0712 5844 mpio - ok
21:29:24.0759 5844 [ 6C38C9E45AE0EA2FA5E551F2ED5E978F ] mpsdrv C:\windows\system32\drivers\mpsdrv.sys
21:29:24.0837 5844 mpsdrv - ok
21:29:24.0915 5844 [ 54FFC9C8898113ACE189D4AA7199D2C1 ] MpsSvc C:\windows\system32\mpssvc.dll
21:29:25.0039 5844 MpsSvc - ok
21:29:25.0071 5844 [ DC722758B8261E1ABAFD31A3C0A66380 ] MRxDAV C:\windows\system32\drivers\mrxdav.sys
21:29:25.0117 5844 MRxDAV - ok
21:29:25.0164 5844 [ A5D9106A73DC88564C825D317CAC68AC ] mrxsmb C:\windows\system32\DRIVERS\mrxsmb.sys
21:29:25.0242 5844 mrxsmb - ok
21:29:25.0258 5844 [ D711B3C1D5F42C0C2415687BE09FC163 ] mrxsmb10 C:\windows\system32\DRIVERS\mrxsmb10.sys
21:29:25.0289 5844 mrxsmb10 - ok
21:29:25.0320 5844 [ 9423E9D355C8D303E76B8CFBD8A5C30C ] mrxsmb20 C:\windows\system32\DRIVERS\mrxsmb20.sys
21:29:25.0336 5844 mrxsmb20 - ok
21:29:25.0367 5844 [ C25F0BAFA182CBCA2DD3C851C2E75796 ] msahci C:\windows\system32\DRIVERS\msahci.sys
21:29:25.0383 5844 msahci - ok
21:29:25.0414 5844 [ DB801A638D011B9633829EB6F663C900 ] msdsm C:\windows\system32\drivers\msdsm.sys
21:29:25.0445 5844 msdsm - ok
21:29:25.0461 5844 [ DE0ECE52236CFA3ED2DBFC03F28253A8 ] MSDTC C:\windows\System32\msdtc.exe
21:29:25.0507 5844 MSDTC - ok
21:29:25.0554 5844 [ AA3FB40E17CE1388FA1BEDAB50EA8F96 ] Msfs C:\windows\system32\drivers\Msfs.sys
21:29:25.0617 5844 Msfs - ok
21:29:25.0648 5844 [ F9D215A46A8B9753F61767FA72A20326 ] mshidkmdf C:\windows\System32\drivers\mshidkmdf.sys
21:29:25.0726 5844 mshidkmdf - ok
21:29:25.0741 5844 [ D916874BBD4F8B07BFB7FA9B3CCAE29D ] msisadrv C:\windows\system32\drivers\msisadrv.sys
21:29:25.0773 5844 msisadrv - ok
21:29:25.0804 5844 [ 808E98FF49B155C522E6400953177B08 ] MSiSCSI C:\windows\system32\iscsiexe.dll
21:29:25.0897 5844 MSiSCSI - ok
21:29:25.0913 5844 msiserver - ok
21:29:25.0960 5844 [ 49CCF2C4FEA34FFAD8B1B59D49439366 ] MSKSSRV C:\windows\system32\drivers\MSKSSRV.sys
21:29:26.0038 5844 MSKSSRV - ok
21:29:26.0069 5844 [ BDD71ACE35A232104DDD349EE70E1AB3 ] MSPCLOCK C:\windows\system32\drivers\MSPCLOCK.sys
21:29:26.0147 5844 MSPCLOCK - ok
21:29:26.0178 5844 [ 4ED981241DB27C3383D72092B618A1D0 ] MSPQM C:\windows\system32\drivers\MSPQM.sys
21:29:26.0256 5844 MSPQM - ok
21:29:26.0287 5844 [ 759A9EEB0FA9ED79DA1FB7D4EF78866D ] MsRPC C:\windows\system32\drivers\MsRPC.sys
21:29:26.0319 5844 MsRPC - ok
21:29:26.0350 5844 [ 0EED230E37515A0EAEE3C2E1BC97B288 ] mssmbios C:\windows\system32\DRIVERS\mssmbios.sys
21:29:26.0381 5844 mssmbios - ok
21:29:26.0412 5844 [ 2E66F9ECB30B4221A318C92AC2250779 ] MSTEE C:\windows\system32\drivers\MSTEE.sys
21:29:26.0506 5844 MSTEE - ok
21:29:26.0521 5844 [ 7EA404308934E675BFFDE8EDF0757BCD ] MTConfig C:\windows\system32\drivers\MTConfig.sys
21:29:26.0553 5844 MTConfig - ok
21:29:26.0568 5844 [ F9A18612FD3526FE473C1BDA678D61C8 ] Mup C:\windows\system32\Drivers\mup.sys
21:29:26.0599 5844 Mup - ok
21:29:26.0631 5844 [ 582AC6D9873E31DFA28A4547270862DD ] napagent C:\windows\system32\qagentRT.dll
21:29:26.0724 5844 napagent - ok
21:29:26.0771 5844 [ 1EA3749C4114DB3E3161156FFFFA6B33 ] NativeWifiP C:\windows\system32\DRIVERS\nwifi.sys
21:29:26.0818 5844 NativeWifiP - ok
21:29:26.0880 5844 [ 760E38053BF56E501D562B70AD796B88 ] NDIS C:\windows\system32\drivers\ndis.sys
21:29:26.0943 5844 NDIS - ok
21:29:26.0974 5844 [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC ] NdisCap C:\windows\system32\DRIVERS\ndiscap.sys
21:29:27.0052 5844 NdisCap - ok
21:29:27.0099 5844 [ 30639C932D9FEF22B31268FE25A1B6E5 ] NdisTapi C:\windows\system32\DRIVERS\ndistapi.sys
21:29:27.0161 5844 NdisTapi - ok
21:29:27.0192 5844 [ 136185F9FB2CC61E573E676AA5402356 ] Ndisuio C:\windows\system32\DRIVERS\ndisuio.sys
21:29:27.0270 5844 Ndisuio - ok
21:29:27.0301 5844 [ 53F7305169863F0A2BDDC49E116C2E11 ] NdisWan C:\windows\system32\DRIVERS\ndiswan.sys
21:29:27.0395 5844 NdisWan - ok
21:29:27.0426 5844 [ 015C0D8E0E0421B4CFD48CFFE2825879 ] NDProxy C:\windows\system32\drivers\NDProxy.sys
21:29:27.0489 5844 NDProxy - ok
21:29:27.0535 5844 [ 86743D9F5D2B1048062B14B1D84501C4 ] NetBIOS C:\windows\system32\DRIVERS\netbios.sys
21:29:27.0613 5844 NetBIOS - ok
21:29:27.0645 5844 [ 09594D1089C523423B32A4229263F068 ] NetBT C:\windows\system32\DRIVERS\netbt.sys
21:29:27.0707 5844 NetBT - ok
21:29:27.0723 5844 [ C118A82CD78818C29AB228366EBF81C3 ] Netlogon C:\windows\system32\lsass.exe
21:29:27.0754 5844 Netlogon - ok
21:29:27.0801 5844 [ 847D3AE376C0817161A14A82C8922A9E ] Netman C:\windows\System32\netman.dll
21:29:27.0879 5844 Netman - ok
21:29:27.0925 5844 [ 5F28111C648F1E24F7DBC87CDEB091B8 ] netprofm C:\windows\System32\netprofm.dll
21:29:28.0003 5844 netprofm - ok
21:29:28.0035 5844 [ 3E5A36127E201DDF663176B66828FAFE ] NetTcpPortSharing C:\windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe
21:29:28.0066 5844 NetTcpPortSharing - ok
21:29:28.0113 5844 [ 77889813BE4D166CDAB78DDBA990DA92 ] nfrd960 C:\windows\system32\drivers\nfrd960.sys
21:29:28.0128 5844 nfrd960 - ok
21:29:28.0175 5844 [ 8AD77806D336673F270DB31645267293 ] NlaSvc C:\windows\System32\nlasvc.dll
21:29:28.0237 5844 NlaSvc - ok
21:29:28.0269 5844 [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7 ] Npfs C:\windows\system32\drivers\Npfs.sys
21:29:28.0347 5844 Npfs - ok
21:29:28.0393 5844 [ D54BFDF3E0C953F823B3D0BFE4732528 ] nsi C:\windows\system32\nsisvc.dll
21:29:28.0471 5844 nsi - ok
21:29:28.0487 5844 [ E7F5AE18AF4168178A642A9247C63001 ] nsiproxy C:\windows\system32\drivers\nsiproxy.sys
21:29:28.0565 5844 nsiproxy - ok
21:29:28.0643 5844 [ E453ACF4E7D44E5530B5D5F2B9CA8563 ] Ntfs C:\windows\system32\drivers\Ntfs.sys
21:29:28.0721 5844 Ntfs - ok
21:29:28.0768 5844 [ 9899284589F75FA8724FF3D16AED75C1 ] Null C:\windows\system32\drivers\Null.sys
21:29:28.0861 5844 Null - ok
21:29:28.0893 5844 [ 0A92CB65770442ED0DC44834632F66AD ] nvraid C:\windows\system32\drivers\nvraid.sys
21:29:28.0924 5844 nvraid - ok
21:29:28.0939 5844 [ DAB0E87525C10052BF65F06152F37E4A ] nvstor C:\windows\system32\drivers\nvstor.sys
21:29:28.0971 5844 nvstor - ok
21:29:29.0002 5844 [ 270D7CD42D6E3979F6DD0146650F0E05 ] nv_agp C:\windows\system32\drivers\nv_agp.sys
21:29:29.0033 5844 nv_agp - ok
21:29:29.0095 5844 [ 785F487A64950F3CB8E9F16253BA3B7B ] odserv C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
21:29:29.0142 5844 odserv - ok
21:29:29.0173 5844 [ 3589478E4B22CE21B41FA1BFC0B8B8A0 ] ohci1394 C:\windows\system32\drivers\ohci1394.sys
21:29:29.0205 5844 ohci1394 - ok
21:29:29.0251 5844 [ 9D10F99A6712E28F8ACD5641E3A7EA6B ] ose C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
21:29:29.0267 5844 ose - ok
21:29:29.0423 5844 [ 61BFFB5F57AD12F83AB64B7181829B34 ] osppsvc C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
21:29:29.0705 5844 osppsvc - ok
21:29:29.0752 5844 [ 3EAC4455472CC2C97107B5291E0DCAFE ] p2pimsvc C:\windows\system32\pnrpsvc.dll
21:29:29.0814 5844 p2pimsvc - ok
21:29:29.0845 5844 [ 927463ECB02179F88E4B9A17568C63C3 ] p2psvc C:\windows\system32\p2psvc.dll
21:29:29.0892 5844 p2psvc - ok
21:29:29.0908 5844 [ 0086431C29C35BE1DBC43F52CC273887 ] Parport C:\windows\system32\drivers\parport.sys
21:29:29.0939 5844 Parport - ok
21:29:29.0970 5844 [ E9766131EEADE40A27DC27D2D68FBA9C ] partmgr C:\windows\system32\drivers\partmgr.sys
21:29:29.0986 5844 partmgr - ok
21:29:30.0017 5844 [ 3AEAA8B561E63452C655DC0584922257 ] PcaSvc C:\windows\System32\pcasvc.dll
21:29:30.0064 5844 PcaSvc - ok
21:29:30.0110 5844 [ 94575C0571D1462A0F70BDE6BD6EE6B3 ] pci C:\windows\system32\drivers\pci.sys
21:29:30.0142 5844 pci - ok
21:29:30.0157 5844 [ B5B8B5EF2E5CB34DF8DCF8831E3534FA ] pciide C:\windows\system32\DRIVERS\pciide.sys
21:29:30.0173 5844 pciide - ok
21:29:30.0204 5844 [ B2E81D4E87CE48589F98CB8C05B01F2F ] pcmcia C:\windows\system32\drivers\pcmcia.sys
21:29:30.0220 5844 pcmcia - ok
21:29:30.0251 5844 [ D6B9C2E1A11A3A4B26A182FFEF18F603 ] pcw C:\windows\system32\drivers\pcw.sys
21:29:30.0282 5844 pcw - ok
21:29:30.0313 5844 [ 68769C3356B3BE5D1C732C97B9A80D6E ] PEAUTH C:\windows\system32\drivers\peauth.sys
21:29:30.0407 5844 PEAUTH - ok
21:29:30.0516 5844 [ E495E408C93141E8FC72DC0C6046DDFA ] PerfHost C:\windows\SysWow64\perfhost.exe
21:29:30.0578 5844 PerfHost - ok
21:29:30.0641 5844 [ 91111CEBBDE8015E822C46120ED9537C ] PGEffect C:\windows\system32\DRIVERS\pgeffect.sys
21:29:30.0656 5844 PGEffect - ok
21:29:30.0719 5844 [ C7CF6A6E137463219E1259E3F0F0DD6C ] pla C:\windows\system32\pla.dll
21:29:30.0844 5844 pla - ok
21:29:30.0875 5844 [ 25FBDEF06C4D92815B353F6E792C8129 ] PlugPlay C:\windows\system32\umpnpmgr.dll
21:29:30.0953 5844 PlugPlay - ok
21:29:30.0984 5844 [ 7195581CEC9BB7D12ABE54036ACC2E38 ] PNRPAutoReg C:\windows\system32\pnrpauto.dll
21:29:31.0015 5844 PNRPAutoReg - ok
21:29:31.0046 5844 [ 3EAC4455472CC2C97107B5291E0DCAFE ] PNRPsvc C:\windows\system32\pnrpsvc.dll
21:29:31.0078 5844 PNRPsvc - ok
21:29:31.0124 5844 [ 4F15D75ADF6156BF56ECED6D4A55C389 ] PolicyAgent C:\windows\System32\ipsecsvc.dll
21:29:31.0218 5844 PolicyAgent - ok
21:29:31.0249 5844 [ 6BA9D927DDED70BD1A9CADED45F8B184 ] Power C:\windows\system32\umpo.dll
21:29:31.0327 5844 Power - ok
21:29:31.0390 5844 [ F92A2C41117A11A00BE01CA01A7FCDE9 ] PptpMiniport C:\windows\system32\DRIVERS\raspptp.sys
21:29:31.0468 5844 PptpMiniport - ok
21:29:31.0483 5844 [ 0D922E23C041EFB1C3FAC2A6F943C9BF ] Processor C:\windows\system32\drivers\processr.sys
21:29:31.0530 5844 Processor - ok
21:29:31.0561 5844 [ 53E83F1F6CF9D62F32801CF66D8352A8 ] ProfSvc C:\windows\system32\profsvc.dll
21:29:31.0639 5844 ProfSvc - ok
21:29:31.0670 5844 [ C118A82CD78818C29AB228366EBF81C3 ] ProtectedStorage C:\windows\system32\lsass.exe
21:29:31.0702 5844 ProtectedStorage - ok
21:29:31.0733 5844 [ 0557CF5A2556BD58E26384169D72438D ] Psched C:\windows\system32\DRIVERS\pacer.sys
21:29:31.0826 5844 Psched - ok
21:29:31.0873 5844 [ C8FCB4899F8B70CC34E0D9876A80963C ] QIOMem C:\windows\system32\DRIVERS\QIOMem.sys
21:29:31.0920 5844 QIOMem - ok
21:29:31.0982 5844 [ A53A15A11EBFD21077463EE2C7AFEEF0 ] ql2300 C:\windows\system32\drivers\ql2300.sys
21:29:32.0045 5844 ql2300 - ok
21:29:32.0092 5844 [ 4F6D12B51DE1AAEFF7DC58C4D75423C8 ] ql40xx C:\windows\system32\drivers\ql40xx.sys
21:29:32.0107 5844 ql40xx - ok
21:29:32.0138 5844 [ 906191634E99AEA92C4816150BDA3732 ] QWAVE C:\windows\system32\qwave.dll
21:29:32.0185 5844 QWAVE - ok
21:29:32.0216 5844 [ 76707BB36430888D9CE9D705398ADB6C ] QWAVEdrv C:\windows\system32\drivers\qwavedrv.sys
21:29:32.0263 5844 QWAVEdrv - ok
21:29:32.0294 5844 [ 5A0DA8AD5762FA2D91678A8A01311704 ] RasAcd C:\windows\system32\DRIVERS\rasacd.sys
21:29:32.0372 5844 RasAcd - ok
21:29:32.0404 5844 [ 7ECFF9B22276B73F43A99A15A6094E90 ] RasAgileVpn C:\windows\system32\DRIVERS\AgileVpn.sys
21:29:32.0482 5844 RasAgileVpn - ok
21:29:32.0513 5844 [ 8F26510C5383B8DBE976DE1CD00FC8C7 ] RasAuto C:\windows\System32\rasauto.dll
21:29:32.0606 5844 RasAuto - ok
21:29:32.0638 5844 [ 471815800AE33E6F1C32FB1B97C490CA ] Rasl2tp C:\windows\system32\DRIVERS\rasl2tp.sys
21:29:32.0716 5844 Rasl2tp - ok
21:29:32.0747 5844 [ EE867A0870FC9E4972BA9EAAD35651E2 ] RasMan C:\windows\System32\rasmans.dll
21:29:32.0825 5844 RasMan - ok
21:29:32.0856 5844 [ 855C9B1CD4756C5E9A2AA58A15F58C25 ] RasPppoe C:\windows\system32\DRIVERS\raspppoe.sys
21:29:32.0934 5844 RasPppoe - ok
21:29:32.0965 5844 [ E8B1E447B008D07FF47D016C2B0EEECB ] RasSstp C:\windows\system32\DRIVERS\rassstp.sys
21:29:33.0059 5844 RasSstp - ok
21:29:33.0074 5844 [ 77F665941019A1594D887A74F301FA2F ] rdbss C:\windows\system32\DRIVERS\rdbss.sys
21:29:33.0168 5844 rdbss - ok
21:29:33.0184 5844 [ 302DA2A0539F2CF54D7C6CC30C1F2D8D ] rdpbus C:\windows\system32\drivers\rdpbus.sys
21:29:33.0230 5844 rdpbus - ok
21:29:33.0262 5844 [ CEA6CC257FC9B7715F1C2B4849286D24 ] RDPCDD C:\windows\system32\DRIVERS\RDPCDD.sys
21:29:33.0340 5844 RDPCDD - ok
21:29:33.0386 5844 [ BB5971A4F00659529A5C44831AF22365 ] RDPENCDD C:\windows\system32\drivers\rdpencdd.sys
21:29:33.0464 5844 RDPENCDD - ok
21:29:33.0496 5844 [ 216F3FA57533D98E1F74DED70113177A ] RDPREFMP C:\windows\system32\drivers\rdprefmp.sys
21:29:33.0558 5844 RDPREFMP - ok
21:29:33.0605 5844 [ E61608AA35E98999AF9AAEEEA6114B0A ] RDPWD C:\windows\system32\drivers\RDPWD.sys
21:29:33.0636 5844 RDPWD - ok
21:29:33.0683 5844 [ 34ED295FA0121C241BFEF24764FC4520 ] rdyboost C:\windows\system32\drivers\rdyboost.sys
21:29:33.0714 5844 rdyboost - ok
21:29:33.0761 5844 [ 254FB7A22D74E5511C73A3F6D802F192 ] RemoteAccess C:\windows\System32\mprdim.dll
21:29:33.0839 5844 RemoteAccess - ok
21:29:33.0886 5844 [ E4D94F24081440B5FC5AA556C7C62702 ] RemoteRegistry C:\windows\system32\regsvc.dll
21:29:33.0964 5844 RemoteRegistry - ok
21:29:33.0979 5844 [ E4DC58CF7B3EA515AE917FF0D402A7BB ] RpcEptMapper C:\windows\System32\RpcEpMap.dll
21:29:34.0057 5844 RpcEptMapper - ok
21:29:34.0088 5844 [ D5BA242D4CF8E384DB90E6A8ED850B8C ] RpcLocator C:\windows\system32\locator.exe
21:29:34.0104 5844 RpcLocator - ok
21:29:34.0135 5844 [ 5C627D1B1138676C0A7AB2C2C190D123 ] RpcSs C:\windows\system32\rpcss.dll
21:29:34.0229 5844 RpcSs - ok
21:29:34.0276 5844 [ DDC86E4F8E7456261E637E3552E804FF ] rspndr C:\windows\system32\DRIVERS\rspndr.sys
21:29:34.0338 5844 rspndr - ok
21:29:34.0385 5844 [ 135A64530D7699AD48F29D73A658DD11 ] RSUSBSTOR C:\windows\system32\Drivers\RtsUStor.sys
21:29:34.0416 5844 RSUSBSTOR - ok
21:29:34.0463 5844 [ E54A5586A28D0630A79A68BBAB84BFCF ] RSUSBVSTOR C:\windows\system32\Drivers\RTSUVSTOR.sys
21:29:34.0478 5844 RSUSBVSTOR - ok
21:29:34.0572 5844 [ 64FDF4FE366CA42DA2B7D9D424B6E39B ] RTL8192Ce C:\windows\system32\DRIVERS\rtl8192Ce.sys
21:29:34.0634 5844 RTL8192Ce - ok
21:29:34.0650 5844 [ C118A82CD78818C29AB228366EBF81C3 ] SamSs C:\windows\system32\lsass.exe
21:29:34.0666 5844 SamSs - ok
21:29:34.0697 5844 [ AC03AF3329579FFFB455AA2DAABBE22B ] sbp2port C:\windows\system32\drivers\sbp2port.sys
21:29:34.0712 5844 sbp2port - ok
21:29:34.0759 5844 [ 9B7395789E3791A3B6D000FE6F8B131E ] SCardSvr C:\windows\System32\SCardSvr.dll
21:29:34.0837 5844 SCardSvr - ok
21:29:34.0853 5844 [ 253F38D0D7074C02FF8DEB9836C97D2B ] scfilter C:\windows\system32\DRIVERS\scfilter.sys
21:29:34.0931 5844 scfilter - ok
21:29:34.0978 5844 [ 262F6592C3299C005FD6BEC90FC4463A ] Schedule C:\windows\system32\schedsvc.dll
21:29:35.0071 5844 Schedule - ok
21:29:35.0118 5844 [ F17D1D393BBC69C5322FBFAFACA28C7F ] SCPolicySvc C:\windows\System32\certprop.dll
21:29:35.0180 5844 SCPolicySvc - ok
21:29:35.0227 5844 [ 6EA4234DC55346E0709560FE7C2C1972 ] SDRSVC C:\windows\System32\SDRSVC.dll
21:29:35.0274 5844 SDRSVC - ok
21:29:35.0305 5844 [ 3EA8A16169C26AFBEB544E0E48421186 ] secdrv C:\windows\system32\drivers\secdrv.sys
21:29:35.0399 5844 secdrv - ok
21:29:35.0430 5844 [ BC617A4E1B4FA8DF523A061739A0BD87 ] seclogon C:\windows\system32\seclogon.dll
21:29:35.0492 5844 seclogon - ok
21:29:35.0524 5844 [ C32AB8FA018EF34C0F113BD501436D21 ] SENS C:\windows\System32\sens.dll
21:29:35.0602 5844 SENS - ok
21:29:35.0633 5844 [ 0336CFFAFAAB87A11541F1CF1594B2B2 ] SensrSvc C:\windows\system32\sensrsvc.dll
21:29:35.0695 5844 SensrSvc - ok
21:29:35.0711 5844 [ CB624C0035412AF0DEBEC78C41F5CA1B ] Serenum C:\windows\system32\drivers\serenum.sys
21:29:35.0742 5844 Serenum - ok
21:29:35.0773 5844 [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6 ] Serial C:\windows\system32\drivers\serial.sys
21:29:35.0820 5844 Serial - ok
21:29:35.0867 5844 [ 1C545A7D0691CC4A027396535691C3E3 ] sermouse C:\windows\system32\drivers\sermouse.sys
21:29:35.0898 5844 sermouse - ok
21:29:35.0960 5844 [ 0B6231BF38174A1628C4AC812CC75804 ] SessionEnv C:\windows\system32\sessenv.dll
21:29:36.0054 5844 SessionEnv - ok
21:29:36.0070 5844 [ A554811BCD09279536440C964AE35BBF ] sffdisk C:\windows\system32\drivers\sffdisk.sys
21:29:36.0101 5844 sffdisk - ok
21:29:36.0116 5844 [ FF414F0BAEFEBA59BC6C04B3DB0B87BF ] sffp_mmc C:\windows\system32\drivers\sffp_mmc.sys
21:29:36.0163 5844 sffp_mmc - ok
21:29:36.0179 5844 [ DD85B78243A19B59F0637DCF284DA63C ] sffp_sd C:\windows\system32\drivers\sffp_sd.sys
21:29:36.0210 5844 sffp_sd - ok
21:29:36.0257 5844 [ A9D601643A1647211A1EE2EC4E433FF4 ] sfloppy C:\windows\system32\drivers\sfloppy.sys
21:29:36.0288 5844 sfloppy - ok
21:29:36.0350 5844 [ C6CC9297BD53E5229653303E556AA539 ] Sftfs C:\windows\system32\DRIVERS\Sftfslh.sys
21:29:36.0382 5844 Sftfs - ok
21:29:36.0491 5844 [ 13693B6354DD6E72DC5131DA7D764B90 ] sftlist C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
21:29:36.0538 5844 sftlist - ok
21:29:36.0553 5844 [ 390AA7BC52CEE43F6790CDEA1E776703 ] Sftplay C:\windows\system32\DRIVERS\Sftplaylh.sys
21:29:36.0584 5844 Sftplay - ok
21:29:36.0600 5844 [ 617E29A0B0A2807466560D4C4E338D3E ] Sftredir C:\windows\system32\DRIVERS\Sftredirlh.sys
21:29:36.0616 5844 Sftredir - ok
21:29:36.0662 5844 [ 8F571F016FA1976F445147E9E6C8AE9B ] Sftvol C:\windows\system32\DRIVERS\Sftvollh.sys
21:29:36.0678 5844 Sftvol - ok
21:29:36.0725 5844 [ C3CDDD18F43D44AB713CF8C4916F7696 ] sftvsa C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
21:29:36.0756 5844 sftvsa - ok
21:29:36.0803 5844 [ B95F6501A2F8B2E78C697FEC401970CE ] SharedAccess C:\windows\System32\ipnathlp.dll
21:29:36.0881 5844 SharedAccess - ok
21:29:36.0928 5844 [ AAF932B4011D14052955D4B212A4DA8D ] ShellHWDetection C:\windows\System32\shsvcs.dll
21:29:37.0006 5844 ShellHWDetection - ok
21:29:37.0037 5844 [ 843CAF1E5FDE1FFD5FF768F23A51E2E1 ] SiSRaid2 C:\windows\system32\drivers\SiSRaid2.sys
21:29:37.0068 5844 SiSRaid2 - ok
21:29:37.0084 5844 [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4 ] SiSRaid4 C:\windows\system32\drivers\sisraid4.sys
21:29:37.0115 5844 SiSRaid4 - ok
21:29:37.0177 5844 [ A4FAB5F7818A69DA6E740943CB8F7CA9 ] SkypeUpdate C:\Program Files (x86)\Skype\Updater\Updater.exe
21:29:37.0193 5844 SkypeUpdate - ok
21:29:37.0240 5844 [ 548260A7B8654E024DC30BF8A7C5BAA4 ] Smb C:\windows\system32\DRIVERS\smb.sys
21:29:37.0333 5844 Smb - ok
21:29:37.0380 5844 [ 6313F223E817CC09AA41811DAA7F541D ] SNMPTRAP C:\windows\System32\snmptrap.exe
21:29:37.0427 5844 SNMPTRAP - ok
21:29:37.0442 5844 [ B9E31E5CACDFE584F34F730A677803F9 ] spldr C:\windows\system32\drivers\spldr.sys
21:29:37.0474 5844 spldr - ok
21:29:37.0520 5844 [ 85DAA09A98C9286D4EA2BA8D0E644377 ] Spooler C:\windows\System32\spoolsv.exe
21:29:37.0583 5844 Spooler - ok
21:29:37.0708 5844 [ E17E0188BB90FAE42D83E98707EFA59C ] sppsvc C:\windows\system32\sppsvc.exe
21:29:37.0864 5844 sppsvc - ok
21:29:37.0895 5844 [ 93D7D61317F3D4BC4F4E9F8A96A7DE45 ] sppuinotify C:\windows\system32\sppuinotify.dll
21:29:37.0957 5844 sppuinotify - ok
21:29:38.0020 5844 [ A15860E920B02C9A7CE8F3A6C2FF1E3A ] sptd C:\windows\System32\Drivers\sptd.sys
21:29:38.0051 5844 sptd - ok
21:29:38.0098 5844 [ 441FBA48BFF01FDB9D5969EBC1838F0B ] srv C:\windows\system32\DRIVERS\srv.sys
21:29:38.0176 5844 srv - ok
21:29:38.0207 5844 [ B4ADEBBF5E3677CCE9651E0F01F7CC28 ] srv2 C:\windows\system32\DRIVERS\srv2.sys
21:29:38.0254 5844 srv2 - ok
21:29:38.0316 5844 [ 0C4540311E11664B245A263E1154CEF8 ] SrvHsfHDA C:\windows\system32\DRIVERS\VSTAZL6.SYS
21:29:38.0347 5844 SrvHsfHDA - ok
21:29:38.0410 5844 [ 02071D207A9858FBE3A48CBFD59C4A04 ] SrvHsfV92 C:\windows\system32\DRIVERS\VSTDPV6.SYS
21:29:38.0488 5844 SrvHsfV92 - ok
21:29:38.0534 5844 [ 18E40C245DBFAF36FD0134A7EF2DF396 ] SrvHsfWinac C:\windows\system32\DRIVERS\VSTCNXT6.SYS
21:29:38.0581 5844 SrvHsfWinac - ok
21:29:38.0612 5844 [ 27E461F0BE5BFF5FC737328F749538C3 ] srvnet C:\windows\system32\DRIVERS\srvnet.sys
21:29:38.0644 5844 srvnet - ok
21:29:38.0722 5844 [ 8F8324ED1DE63FFC7B1A02CD2D963C72 ] ssadbus C:\windows\system32\DRIVERS\ssadbus.sys
21:29:38.0784 5844 ssadbus - ok
21:29:38.0815 5844 [ 58221EFCB74167B73667F0024C661CE0 ] ssadmdfl C:\windows\system32\DRIVERS\ssadmdfl.sys
21:29:38.0862 5844 ssadmdfl - ok
21:29:38.0893 5844 [ 4DA7C71BFAC5AD71255B7E4CAB980163 ] ssadmdm C:\windows\system32\DRIVERS\ssadmdm.sys
21:29:38.0940 5844 ssadmdm - ok
21:29:38.0971 5844 [ D33D1BD3EC0E766211A234F56A12726D ] ssadserd C:\windows\system32\DRIVERS\ssadserd.sys
21:29:39.0034 5844 ssadserd - ok
21:29:39.0096 5844 [ 51B52FBD583CDE8AA9BA62B8B4298F33 ] SSDPSRV C:\windows\System32\ssdpsrv.dll
21:29:39.0174 5844 SSDPSRV - ok
21:29:39.0205 5844 [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB ] SstpSvc C:\windows\system32\sstpsvc.dll
21:29:39.0268 5844 SstpSvc - ok
21:29:39.0314 5844 [ F3817967ED533D08327DC73BC4D5542A ] stexstor C:\windows\system32\drivers\stexstor.sys
21:29:39.0330 5844 stexstor - ok
21:29:39.0377 5844 [ 8DD52E8E6128F4B2DA92CE27402871C1 ] stisvc C:\windows\System32\wiaservc.dll
21:29:39.0424 5844 stisvc - ok
21:29:39.0439 5844 [ D01EC09B6711A5F8E7E6564A4D0FBC90 ] swenum C:\windows\system32\DRIVERS\swenum.sys
21:29:39.0470 5844 swenum - ok
21:29:39.0502 5844 [ E08E46FDD841B7184194011CA1955A0B ] swprv C:\windows\System32\swprv.dll
21:29:39.0611 5844 swprv - ok
21:29:39.0689 5844 [ F5B46DF59FEAA48A442AED7EEB754D4B ] SynTP C:\windows\system32\DRIVERS\SynTP.sys
21:29:39.0751 5844 SynTP - ok
21:29:39.0814 5844 [ BF9CCC0BF39B418C8D0AE8B05CF95B7D ] SysMain C:\windows\system32\sysmain.dll
21:29:39.0907 5844 SysMain - ok
21:29:39.0923 5844 [ E3C61FD7B7C2557E1F1B0B4CEC713585 ] TabletInputService C:\windows\System32\TabSvc.dll
21:29:39.0970 5844 TabletInputService - ok
21:29:40.0016 5844 [ 40F0849F65D13EE87B9A9AE3C1DD6823 ] TapiSrv C:\windows\System32\tapisrv.dll
21:29:40.0126 5844 TapiSrv - ok
21:29:40.0141 5844 [ 1BE03AC720F4D302EA01D40F588162F6 ] TBS C:\windows\System32\tbssvc.dll
21:29:40.0219 5844 TBS - ok
21:29:40.0328 5844 [ 37608401DFDB388CAF66917F6B2D6FB0 ] Tcpip C:\windows\system32\drivers\tcpip.sys
21:29:40.0406 5844 Tcpip - ok
21:29:40.0453 5844 [ 37608401DFDB388CAF66917F6B2D6FB0 ] TCPIP6 C:\windows\system32\DRIVERS\tcpip.sys
21:29:40.0531 5844 TCPIP6 - ok
21:29:40.0578 5844 [ 1B16D0BD9841794A6E0CDE0CEF744ABC ] tcpipreg C:\windows\system32\drivers\tcpipreg.sys
21:29:40.0594 5844 tcpipreg - ok
21:29:40.0625 5844 [ FD542B661BD22FA69CA789AD0AC58C29 ] tdcmdpst C:\windows\system32\DRIVERS\tdcmdpst.sys
21:29:40.0656 5844 tdcmdpst - ok
21:29:40.0687 5844 [ 3371D21011695B16333A3934340C4E7C ] TDPIPE C:\windows\system32\drivers\tdpipe.sys
21:29:40.0734 5844 TDPIPE - ok
21:29:40.0781 5844 [ 51C5ECEB1CDEE2468A1748BE550CFBC8 ] TDTCP C:\windows\system32\drivers\tdtcp.sys
21:29:40.0828 5844 TDTCP - ok
21:29:40.0843 5844 [ DDAD5A7AB24D8B65F8D724F5C20FD806 ] tdx C:\windows\system32\DRIVERS\tdx.sys
21:29:40.0921 5844 tdx - ok
21:29:40.0937 5844 [ 561E7E1F06895D78DE991E01DD0FB6E5 ] TermDD C:\windows\system32\DRIVERS\termdd.sys
21:29:40.0952 5844 TermDD - ok
21:29:40.0999 5844 [ 2E648163254233755035B46DD7B89123 ] TermService C:\windows\System32\termsrv.dll
21:29:41.0093 5844 TermService - ok
21:29:41.0124 5844 [ F0344071948D1A1FA732231785A0664C ] Themes C:\windows\system32\themeservice.dll
21:29:41.0155 5844 Themes - ok
21:29:41.0171 5844 [ E40E80D0304A73E8D269F7141D77250B ] THREADORDER C:\windows\system32\mmcss.dll
21:29:41.0249 5844 THREADORDER - ok
21:29:41.0342 5844 [ 83E91963C4452BE6899503CF9EBFD3ED ] TMachInfo C:\Program Files (x86)\TOSHIBA\TOSHIBA Service Station\TMachInfo.exe
21:29:41.0358 5844 TMachInfo - ok
21:29:41.0405 5844 [ 8E2C799D3476EAC32C3BA0DF7CE6AF19 ] TODDSrv C:\windows\system32\TODDSrv.exe
21:29:41.0420 5844 TODDSrv - ok
21:29:41.0545 5844 [ CDC97FA5C42B07FB0D4600E17C32F582 ] TosCoSrv C:\Program Files\Toshiba\Power Saver\TosCoSrv.exe
21:29:41.0608 5844 TosCoSrv - ok
21:29:41.0686 5844 [ D33D5588576B04FC489DCCC66E98F546 ] TOSHIBA eco Utility Service C:\Program Files\TOSHIBA\TECO\TecoService.exe
21:29:41.0717 5844 TOSHIBA eco Utility Service - ok
21:29:41.0764 5844 [ EDB4B432DB13EA3D1EB2356310D33263 ] TOSHIBA HDD SSD Alert Service C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSmartSrv.exe
21:29:41.0795 5844 TOSHIBA HDD SSD Alert Service - ok
21:29:41.0873 5844 [ D65C6B0C070534336B72005391B6168A ] TPCHSrv C:\Program Files\TOSHIBA\TPHM\TPCHSrv.exe
21:29:41.0920 5844 TPCHSrv - ok
21:29:41.0951 5844 [ 7E7AFD841694F6AC397E99D75CEAD49D ] TrkWks C:\windows\System32\trkwks.dll
21:29:42.0044 5844 TrkWks - ok
21:29:42.0091 5844 [ 773212B2AAA24C1E31F10246B15B276C ] TrustedInstaller C:\windows\servicing\TrustedInstaller.exe
21:29:42.0185 5844 TrustedInstaller - ok
21:29:42.0216 5844 [ CE18B2CDFC837C99E5FAE9CA6CBA5D30 ] tssecsrv C:\windows\system32\DRIVERS\tssecsrv.sys
21:29:42.0294 5844 tssecsrv - ok
21:29:42.0325 5844 [ D11C783E3EF9A3C52C0EBE83CC5000E9 ] TsUsbFlt C:\windows\system32\drivers\tsusbflt.sys
21:29:42.0372 5844 TsUsbFlt - ok
21:29:42.0403 5844 [ 9CC2CCAE8A84820EAECB886D477CBCB8 ] TsUsbGD C:\windows\system32\drivers\TsUsbGD.sys
21:29:42.0450 5844 TsUsbGD - ok
21:29:42.0512 5844 [ 3566A8DAAFA27AF944F5D705EAA64894 ] tunnel C:\windows\system32\DRIVERS\tunnel.sys
21:29:42.0606 5844 tunnel - ok
21:29:42.0653 5844 [ 550B567F9364D8F7684C3FB3EA665A72 ] TVALZ C:\windows\system32\DRIVERS\TVALZ_O.SYS
21:29:42.0668 5844 TVALZ - ok
21:29:42.0700 5844 [ 9C7191F4B2E49BFF47A6C1144B5923FA ] TVALZFL C:\windows\system32\DRIVERS\TVALZFL.sys
21:29:42.0715 5844 TVALZFL - ok
21:29:42.0731 5844 [ B4DD609BD7E282BFC683CEC7EAAAAD67 ] uagp35 C:\windows\system32\drivers\uagp35.sys
21:29:42.0747 5844 uagp35 - ok
21:29:42.0794 5844 [ FF4232A1A64012BAA1FD97C7B67DF593 ] udfs C:\windows\system32\DRIVERS\udfs.sys
21:29:42.0888 5844 udfs - ok
21:29:42.0919 5844 [ 3CBDEC8D06B9968ABA702EBA076364A1 ] UI0Detect C:\windows\system32\UI0Detect.exe
21:29:42.0966 5844 UI0Detect - ok
21:29:42.0997 5844 [ 4BFE1BC28391222894CBF1E7D0E42320 ] uliagpkx C:\windows\system32\drivers\uliagpkx.sys
21:29:43.0028 5844 uliagpkx - ok
21:29:43.0059 5844 [ DC54A574663A895C8763AF0FA1FF7561 ] umbus C:\windows\system32\DRIVERS\umbus.sys
21:29:43.0091 5844 umbus - ok
21:29:43.0106 5844 [ B2E8E8CB557B156DA5493BBDDCC1474D ] UmPass C:\windows\system32\drivers\umpass.sys
21:29:43.0153 5844 UmPass - ok
21:29:43.0169 5844 [ 5F22132C9153639762708909F156B33D ] unrealircd C:\windows\system32\ftpqueue.dll
21:29:43.0169 5844 unrealircd ( Backdoor.Multi.ZAccess.gen ) - infected
21:29:43.0169 5844 unrealircd - detected Backdoor.Multi.ZAccess.gen (0)
21:29:43.0215 5844 [ D47EC6A8E81633DD18D2436B19BAF6DE ] upnphost C:\windows\System32\upnphost.dll
21:29:43.0309 5844 upnphost - ok
21:29:43.0356 5844 [ 43228F8EDD1B0BCDD3145AD246E63D39 ] USBAAPL64 C:\windows\system32\Drivers\usbaapl64.sys
21:29:43.0418 5844 USBAAPL64 - ok
21:29:43.0465 5844 [ 82E8F44688E6FAC57B5B7C6FC7ADBC2A ] usbaudio C:\windows\system32\drivers\usbaudio.sys
21:29:43.0496 5844 usbaudio - ok
21:29:43.0527 5844 [ 6F1A3157A1C89435352CEB543CDB359C ] usbccgp C:\windows\system32\DRIVERS\usbccgp.sys
21:29:43.0574 5844 usbccgp - ok
21:29:43.0605 5844 [ AF0892A803FDDA7492F595368E3B68E7 ] usbcir C:\windows\system32\drivers\usbcir.sys
21:29:43.0637 5844 usbcir - ok
21:29:43.0668 5844 [ C025055FE7B87701EB042095DF1A2D7B ] usbehci C:\windows\system32\DRIVERS\usbehci.sys
21:29:43.0699 5844 usbehci - ok
21:29:43.0746 5844 [ 287C6C9410B111B68B52CA298F7B8C24 ] usbhub C:\windows\system32\DRIVERS\usbhub.sys
21:29:43.0778 5844 usbhub - ok
21:29:43.0809 5844 [ 9840FC418B4CBD632D3D0A667A725C31 ] usbohci C:\windows\system32\DRIVERS\usbohci.sys
21:29:43.0840 5844 usbohci - ok
21:29:43.0887 5844 [ 73188F58FB384E75C4063D29413CEE3D ] usbprint C:\windows\system32\DRIVERS\usbprint.sys
21:29:43.0934 5844 usbprint - ok
21:29:43.0965 5844 [ AAA2513C8AED8B54B189FD0C6B1634C0 ] usbscan C:\windows\system32\DRIVERS\usbscan.sys
21:29:43.0981 5844 usbscan - ok
21:29:44.0028 5844 [ FED648B01349A3C8395A5169DB5FB7D6 ] USBSTOR C:\windows\system32\DRIVERS\USBSTOR.SYS
21:29:44.0074 5844 USBSTOR - ok
21:29:44.0106 5844 [ 62069A34518BCF9C1FD9E74B3F6DB7CD ] usbuhci C:\windows\system32\drivers\usbuhci.sys
21:29:44.0137 5844 usbuhci - ok
21:29:44.0199 5844 [ 454800C2BC7F3927CE030141EE4F4C50 ] usbvideo C:\windows\system32\Drivers\usbvideo.sys
21:29:44.0230 5844 usbvideo - ok
21:29:44.0277 5844 [ EDBB23CBCF2CDF727D64FF9B51A6070E ] UxSms C:\windows\System32\uxsms.dll
21:29:44.0355 5844 UxSms - ok
21:29:44.0386 5844 [ C118A82CD78818C29AB228366EBF81C3 ] VaultSvc C:\windows\system32\lsass.exe
21:29:44.0402 5844 VaultSvc - ok
21:29:44.0433 5844 [ C5C876CCFC083FF3B128F933823E87BD ] vdrvroot C:\windows\system32\drivers\vdrvroot.sys
21:29:44.0464 5844 vdrvroot - ok
21:29:44.0496 5844 [ 8D6B481601D01A456E75C3210F1830BE ] vds C:\windows\System32\vds.exe
21:29:44.0589 5844 vds - ok
21:29:44.0636 5844 [ DA4DA3F5E02943C2DC8C6ED875DE68DD ] vga C:\windows\system32\DRIVERS\vgapnp.sys
21:29:44.0667 5844 vga - ok
21:29:44.0683 5844 [ 53E92A310193CB3C03BEA963DE7D9CFC ] VgaSave C:\windows\System32\drivers\vga.sys
21:29:44.0761 5844 VgaSave - ok
21:29:44.0792 5844 [ 2CE2DF28C83AEAF30084E1B1EB253CBB ] vhdmp C:\windows\system32\drivers\vhdmp.sys
21:29:44.0808 5844 vhdmp - ok
21:29:44.0839 5844 [ E5689D93FFE4E5D66C0178761240DD54 ] viaide C:\windows\system32\drivers\viaide.sys
21:29:44.0854 5844 viaide - ok
21:29:44.0901 5844 [ D2AAFD421940F640B407AEFAAEBD91B0 ] volmgr C:\windows\system32\drivers\volmgr.sys
21:29:44.0917 5844 volmgr - ok
21:29:44.0948 5844 [ A255814907C89BE58B79EF2F189B843B ] volmgrx C:\windows\system32\drivers\volmgrx.sys
21:29:44.0979 5844 volmgrx - ok
21:29:45.0010 5844 [ 0D08D2F3B3FF84E433346669B5E0F639 ] volsnap C:\windows\system32\drivers\volsnap.sys
21:29:45.0042 5844 volsnap - ok
21:29:45.0057 5844 [ 5E2016EA6EBACA03C04FEAC5F330D997 ] vsmraid C:\windows\system32\drivers\vsmraid.sys
21:29:45.0088 5844 vsmraid - ok
21:29:45.0151 5844 [ B60BA0BC31B0CB414593E169F6F21CC2 ] VSS C:\windows\system32\vssvc.exe
21:29:45.0276 5844 VSS - ok
21:29:45.0307 5844 [ 36D4720B72B5C5D9CB2B9C29E9DF67A1 ] vwifibus C:\windows\system32\DRIVERS\vwifibus.sys
21:29:45.0338 5844 vwifibus - ok
21:29:45.0385 5844 [ 6A3D66263414FF0D6FA754C646612F3F ] vwififlt C:\windows\system32\DRIVERS\vwififlt.sys
21:29:45.0432 5844 vwififlt - ok
21:29:45.0478 5844 [ 1C9D80CC3849B3788048078C26486E1A ] W32Time C:\windows\system32\w32time.dll
21:29:45.0556 5844 W32Time - ok
21:29:45.0603 5844 [ 4E9440F4F152A7B944CB1663D3935A3E ] WacomPen C:\windows\system32\drivers\wacompen.sys
21:29:45.0650 5844 WacomPen - ok
21:29:45.0712 5844 [ 356AFD78A6ED4457169241AC3965230C ] WANARP C:\windows\system32\DRIVERS\wanarp.sys
21:29:45.0790 5844 WANARP - ok
21:29:45.0806 5844 [ 356AFD78A6ED4457169241AC3965230C ] Wanarpv6 C:\windows\system32\DRIVERS\wanarp.sys
21:29:45.0868 5844 Wanarpv6 - ok
21:29:45.0946 5844 [ 3CEC96DE223E49EAAE3651FCF8FAEA6C ] WatAdminSvc C:\windows\system32\Wat\WatAdminSvc.exe
21:29:46.0009 5844 WatAdminSvc - ok
21:29:46.0071 5844 [ 78F4E7F5C56CB9716238EB57DA4B6A75 ] wbengine C:\windows\system32\wbengine.exe
21:29:46.0165 5844 wbengine - ok
21:29:46.0196 5844 [ 3AA101E8EDAB2DB4131333F4325C76A3 ] WbioSrvc C:\windows\System32\wbiosrvc.dll
21:29:46.0243 5844 WbioSrvc - ok
21:29:46.0274 5844 [ 7368A2AFD46E5A4481D1DE9D14848EDD ] wcncsvc C:\windows\System32\wcncsvc.dll
21:29:46.0336 5844 wcncsvc - ok
21:29:46.0352 5844 [ 20F7441334B18CEE52027661DF4A6129 ] WcsPlugInService C:\windows\System32\WcsPlugInService.dll
21:29:46.0383 5844 WcsPlugInService - ok
21:29:46.0446 5844 [ 72889E16FF12BA0F235467D6091B17DC ] Wd C:\windows\system32\drivers\wd.sys
21:29:46.0492 5844 Wd - ok
21:29:46.0555 5844 [ 442783E2CB0DA19873B7A63833FF4CB4 ] Wdf01000 C:\windows\system32\drivers\Wdf01000.sys
21:29:46.0602 5844 Wdf01000 - ok
21:29:46.0633 5844 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiServiceHost C:\windows\system32\wdi.dll
21:29:46.0742 5844 WdiServiceHost - ok
21:29:46.0742 5844 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiSystemHost C:\windows\system32\wdi.dll
21:29:46.0789 5844 WdiSystemHost - ok
21:29:46.0820 5844 [ 3DB6D04E1C64272F8B14EB8BC4616280 ] WebClient C:\windows\System32\webclnt.dll
21:29:46.0882 5844 WebClient - ok
21:29:46.0914 5844 [ C749025A679C5103E575E3B48E092C43 ] Wecsvc C:\windows\system32\wecsvc.dll
21:29:47.0007 5844 Wecsvc - ok
21:29:47.0038 5844 [ 7E591867422DC788B9E5BD337A669A08 ] wercplsupport C:\windows\System32\wercplsupport.dll
21:29:47.0116 5844 wercplsupport - ok
21:29:47.0163 5844 [ 6D137963730144698CBD10F202E9F251 ] WerSvc C:\windows\System32\WerSvc.dll
21:29:47.0257 5844 WerSvc - ok
21:29:47.0304 5844 [ 611B23304BF067451A9FDEE01FBDD725 ] WfpLwf C:\windows\system32\DRIVERS\wfplwf.sys
21:29:47.0366 5844 WfpLwf - ok
21:29:47.0397 5844 [ 05ECAEC3E4529A7153B3136CEB49F0EC ] WIMMount C:\windows\system32\drivers\wimmount.sys
21:29:47.0413 5844 WIMMount - ok
21:29:47.0491 5844 WinDefend - ok
21:29:47.0506 5844 WinHttpAutoProxySvc - ok
21:29:47.0553 5844 [ 19B07E7E8915D701225DA41CB3877306 ] Winmgmt C:\windows\system32\wbem\WMIsvc.dll
21:29:47.0631 5844 Winmgmt - ok
21:29:47.0709 5844 [ 0C0195C48B6B8582FA6F6373032118DA ] WinRing0_1_2_0 C:\Program Files (x86)\IObit\Game Booster 3\Driver\WinRing0x64.sys
21:29:47.0740 5844 WinRing0_1_2_0 - ok
21:29:47.0818 5844 [ BCB1310604AA415C4508708975B3931E ] WinRM C:\windows\system32\WsmSvc.dll
21:29:47.0943 5844 WinRM - ok
21:29:48.0021 5844 [ 4FADA86E62F18A1B2F42BA18AE24E6AA ] Wlansvc C:\windows\System32\wlansvc.dll
21:29:48.0084 5844 Wlansvc - ok
21:29:48.0130 5844 [ 06C8FA1CF39DE6A735B54D906BA791C6 ] wlcrasvc C:\Program Files\Windows Live\Mesh\wlcrasvc.exe
21:29:48.0146 5844 wlcrasvc - ok
21:29:48.0318 5844 [ 7E47C328FC4768CB8BEAFBCFAFA70362 ] wlidsvc C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
21:29:48.0396 5844 wlidsvc - ok
21:29:48.0458 5844 [ F6FF8944478594D0E414D3F048F0D778 ] WmiAcpi C:\windows\system32\DRIVERS\wmiacpi.sys
21:29:48.0489 5844 WmiAcpi - ok
21:29:48.0536 5844 [ 38B84C94C5A8AF291ADFEA478AE54F93 ] wmiApSrv C:\windows\system32\wbem\WmiApSrv.exe
21:29:48.0598 5844 wmiApSrv - ok
21:29:48.0630 5844 WMPNetworkSvc - ok
21:29:48.0661 5844 [ 96C6E7100D724C69FCF9E7BF590D1DCA ] WPCSvc C:\windows\System32\wpcsvc.dll
21:29:48.0708 5844 WPCSvc - ok
21:29:48.0723 5844 [ 93221146D4EBBF314C29B23CD6CC391D ] WPDBusEnum C:\windows\system32\wpdbusenum.dll
21:29:48.0754 5844 WPDBusEnum - ok
21:29:48.0786 5844 [ 6BCC1D7D2FD2453957C5479A32364E52 ] ws2ifsl C:\windows\system32\drivers\ws2ifsl.sys
21:29:48.0864 5844 ws2ifsl - ok
21:29:48.0926 5844 [ E8B1FE6669397D1772D8196DF0E57A9E ] wscsvc C:\windows\System32\wscsvc.dll
21:29:49.0004 5844 wscsvc - ok
21:29:49.0020 5844 WSearch - ok
21:29:49.0129 5844 [ D9EF901DCA379CFE914E9FA13B73B4C4 ] wuauserv C:\windows\system32\wuaueng.dll
21:29:49.0222 5844 wuauserv - ok
21:29:49.0254 5844 [ AB886378EEB55C6C75B4F2D14B6C869F ] WudfPf C:\windows\system32\drivers\WudfPf.sys
21:29:49.0316 5844 WudfPf - ok
21:29:49.0347 5844 [ DDA4CAF29D8C0A297F886BFE561E6659 ] WUDFRd C:\windows\system32\DRIVERS\WUDFRd.sys
21:29:49.0394 5844 WUDFRd - ok
21:29:49.0441 5844 [ B20F051B03A966392364C83F009F7D17 ] wudfsvc C:\windows\System32\WUDFSvc.dll
21:29:49.0472 5844 wudfsvc - ok
21:29:49.0503 5844 [ 9A3452B3C2A46C073166C5CF49FAD1AE ] WwanSvc C:\windows\System32\wwansvc.dll
21:29:49.0550 5844 WwanSvc - ok
21:29:49.0581 5844 ================ Scan global ===============================
21:29:49.0612 5844 [ BA0CD8C393E8C9F83354106093832C7B ] C:\windows\system32\basesrv.dll
21:29:49.0644 5844 [ 9E479C2B605C25DA4971ABA36250FAEF ] C:\windows\system32\winsrv.dll
21:29:49.0675 5844 [ 6BF2039986AF96D98E08824AC6C383FD ] C:\windows\system32\consrv.dll
21:29:49.0690 5844 C:\windows\system32\consrv.dll ( Backdoor.Multi.ZAccess.genb ) - infected
21:29:49.0690 5844 C:\windows\system32\consrv.dll - detected Backdoor.Multi.ZAccess.genb (0)
21:29:49.0722 5844 [ 24ACB7E5BE595468E3B9AA488B9B4FCB ] C:\windows\system32\services.exe
21:29:49.0722 5844 ================ Scan MBR ==================================
21:29:49.0737 5844 [ 5B5E648D12FCADC244C1EC30318E1EB9 ] \Device\Harddisk0\DR0
21:29:50.0034 5844 \Device\Harddisk0\DR0 - ok
21:29:50.0034 5844 ================ Scan VBR ==================================
21:29:50.0080 5844 [ DEA26EF1EE643898497E53491D9AABBB ] \Device\Harddisk0\DR0\Partition1
21:29:50.0080 5844 \Device\Harddisk0\DR0\Partition1 - ok
21:29:50.0080 5844 ================ Scan active images ========================
21:29:50.0096 5844 [ 3E588B60EC061686BA05D33574A344C6 ] C:\Windows\System32\drivers\crashdmp.sys
21:29:50.0096 5844 C:\Windows\System32\drivers\crashdmp.sys - ok
21:29:50.0112 5844 [ 839B5FE3D48E9F35B22C21A3D5103F6C ] C:\Windows\System32\drivers\Dumpata.sys
21:29:50.0112 5844 C:\Windows\System32\drivers\Dumpata.sys - ok
21:29:50.0127 5844 [ 814DB88F2641691575A455CF25354098 ] C:\Windows\System32\drivers\dumpfve.sys
21:29:50.0127 5844 C:\Windows\System32\drivers\dumpfve.sys - ok
21:29:50.0127 5844 [ C25F0BAFA182CBCA2DD3C851C2E75796 ] C:\Windows\System32\drivers\msahci.sys
21:29:50.0127 5844 C:\Windows\System32\drivers\msahci.sys - ok
21:29:50.0143 5844 [ 46571ED73AE84469DCA53081D33CF3C8 ] C:\Windows\System32\drivers\dtsoftbus01.sys
21:29:50.0143 5844 C:\Windows\System32\drivers\dtsoftbus01.sys - ok
21:29:50.0158 5844 [ 16A47CE2DECC9B099349A5F840654746 ] C:\Windows\System32\drivers\beep.sys
21:29:50.0158 5844 C:\Windows\System32\drivers\beep.sys - ok
21:29:50.0174 5844 [ F036CE71586E93D94DAB220D7BDF4416 ] C:\Windows\System32\drivers\cdrom.sys
21:29:50.0174 5844 C:\Windows\System32\drivers\cdrom.sys - ok
21:29:50.0174 5844 [ 9899284589F75FA8724FF3D16AED75C1 ] C:\Windows\System32\drivers\null.sys
21:29:50.0174 5844 C:\Windows\System32\drivers\null.sys - ok
21:29:50.0190 5844 [ CEA6CC257FC9B7715F1C2B4849286D24 ] C:\Windows\System32\drivers\RDPCDD.sys
21:29:50.0190 5844 C:\Windows\System32\drivers\RDPCDD.sys - ok
21:29:50.0205 5844 [ BB5971A4F00659529A5C44831AF22365 ] C:\Windows\System32\drivers\RDPENCDD.sys
21:29:50.0205 5844 C:\Windows\System32\drivers\RDPENCDD.sys - ok
21:29:50.0205 5844 [ 53E92A310193CB3C03BEA963DE7D9CFC ] C:\Windows\System32\drivers\vga.sys
21:29:50.0205 5844 C:\Windows\System32\drivers\vga.sys - ok
21:29:50.0221 5844 [ E7353D59C9842BC7299FAEB7E7E09340 ] C:\Windows\System32\drivers\videoprt.sys
21:29:50.0221 5844 C:\Windows\System32\drivers\videoprt.sys - ok
21:29:50.0236 5844 [ FC438D1430B28618E2D0C7C332A710AD ] C:\Windows\System32\drivers\watchdog.sys
21:29:50.0236 5844 C:\Windows\System32\drivers\watchdog.sys - ok
21:29:50.0252 5844 [ AA3FB40E17CE1388FA1BEDAB50EA8F96 ] C:\Windows\System32\drivers\msfs.sys
21:29:50.0252 5844 C:\Windows\System32\drivers\msfs.sys - ok
21:29:50.0268 5844 [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7 ] C:\Windows\System32\drivers\npfs.sys
21:29:50.0268 5844 C:\Windows\System32\drivers\npfs.sys - ok
21:29:50.0268 5844 [ 216F3FA57533D98E1F74DED70113177A ] C:\Windows\System32\drivers\RDPREFMP.sys
21:29:50.0268 5844 C:\Windows\System32\drivers\RDPREFMP.sys - ok
21:29:50.0283 5844 [ 6F020A220388ECA0AB6062DC27BD16B6 ] C:\Windows\System32\drivers\tdi.sys
21:29:50.0283 5844 C:\Windows\System32\drivers\tdi.sys - ok
21:29:50.0299 5844 [ DDAD5A7AB24D8B65F8D724F5C20FD806 ] C:\Windows\System32\drivers\tdx.sys
21:29:50.0299 5844 C:\Windows\System32\drivers\tdx.sys - ok
21:29:50.0314 5844 [ 1C7857B62DE5994A75B054A9FD4C3825 ] C:\Windows\System32\drivers\afd.sys
21:29:50.0314 5844 C:\Windows\System32\drivers\afd.sys - ok
21:29:50.0314 5844 [ 09594D1089C523423B32A4229263F068 ] C:\Windows\System32\drivers\netbt.sys
21:29:50.0314 5844 C:\Windows\System32\drivers\netbt.sys - ok
21:29:50.0330 5844 [ 0557CF5A2556BD58E26384169D72438D ] C:\Windows\System32\drivers\pacer.sys
21:29:50.0330 5844 C:\Windows\System32\drivers\pacer.sys - ok
21:29:50.0346 5844 [ 611B23304BF067451A9FDEE01FBDD725 ] C:\Windows\System32\drivers\wfplwf.sys
21:29:50.0346 5844 C:\Windows\System32\drivers\wfplwf.sys - ok
21:29:50.0361 5844 [ 86743D9F5D2B1048062B14B1D84501C4 ] C:\Windows\System32\drivers\netbios.sys
21:29:50.0361 5844 C:\Windows\System32\drivers\netbios.sys - ok
21:29:50.0377 5844 [ 6A3D66263414FF0D6FA754C646612F3F ] C:\Windows\System32\drivers\vwififlt.sys
21:29:50.0377 5844 C:\Windows\System32\drivers\vwififlt.sys - ok
21:29:50.0377 5844 [ 356AFD78A6ED4457169241AC3965230C ] C:\Windows\System32\drivers\wanarp.sys
21:29:50.0377 5844 C:\Windows\System32\drivers\wanarp.sys - ok
21:29:50.0392 5844 [ 561E7E1F06895D78DE991E01DD0FB6E5 ] C:\Windows\System32\drivers\termdd.sys
21:29:50.0392 5844 C:\Windows\System32\drivers\termdd.sys - ok
21:29:50.0408 5844 [ 0EED230E37515A0EAEE3C2E1BC97B288 ] C:\Windows\System32\drivers\mssmbios.sys
21:29:50.0408 5844 C:\Windows\System32\drivers\mssmbios.sys - ok
21:29:50.0424 5844 [ E7F5AE18AF4168178A642A9247C63001 ] C:\Windows\System32\drivers\nsiproxy.sys
21:29:50.0424 5844 C:\Windows\System32\drivers\nsiproxy.sys - ok
21:29:50.0424 5844 [ 77F665941019A1594D887A74F301FA2F ] C:\Windows\System32\drivers\rdbss.sys
21:29:50.0424 5844 C:\Windows\System32\drivers\rdbss.sys - ok
21:29:50.0439 5844 [ 61583EE3C3A17003C4ACD0475646B4D3 ] C:\Windows\System32\drivers\blbdrive.sys
21:29:50.0439 5844 C:\Windows\System32\drivers\blbdrive.sys - ok
21:29:50.0455 5844 [ 9BB2EF44EAA163B29C4A4587887A0FE4 ] C:\Windows\System32\drivers\dfsc.sys
21:29:50.0455 5844 C:\Windows\System32\drivers\dfsc.sys - ok
21:29:50.0455 5844 [ 13096B05847EC78F0977F2C0F79E9AB3 ] C:\Windows\System32\drivers\discache.sys
21:29:50.0455 5844 C:\Windows\System32\drivers\discache.sys - ok
21:29:50.0470 5844 [ 3566A8DAAFA27AF944F5D705EAA64894 ] C:\Windows\System32\drivers\tunnel.sys
21:29:50.0470 5844 C:\Windows\System32\drivers\tunnel.sys - ok
21:29:50.0486 5844 [ 1E56388B3FE0D031C44144EB8C4D6217 ] C:\Windows\System32\drivers\amdppm.sys
21:29:50.0486 5844 C:\Windows\System32\drivers\amdppm.sys - ok
21:29:50.0502 5844 [ 1911A3356FA3F77CCC825CCBAC038C2A ] C:\Windows\System32\smss.exe
21:29:50.0502 5844 C:\Windows\System32\smss.exe - ok
21:29:50.0517 5844 [ 20F3CD38B107C1BD747C0EA37D450165 ] C:\Windows\System32\drivers\atikmpag.sys
21:29:50.0517 5844 C:\Windows\System32\drivers\atikmpag.sys - ok
21:29:50.0517 5844 [ CF95B85FF8D128385ABD411C8CA74DED ] C:\Windows\System32\ntdll.dll
21:29:50.0517 5844 C:\Windows\System32\ntdll.dll - ok
21:29:50.0533 5844 [ 3B536A8BEC3B4F23FFDFD78B11A2AB93 ] C:\Windows\System32\autochk.exe
21:29:50.0533 5844 C:\Windows\System32\autochk.exe - ok
21:29:50.0548 5844 [ A3C0A15B39F979E8F3EABA901D72ECD7 ] C:\Windows\System32\drivers\atikmdag.sys
21:29:50.0548 5844 C:\Windows\System32\drivers\atikmdag.sys - ok
21:29:50.0564 5844 [ F5BEE30450E18E6B83A5012C100616FD ] C:\Windows\System32\drivers\dxgkrnl.sys
21:29:50.0564 5844 C:\Windows\System32\drivers\dxgkrnl.sys - ok
21:29:50.0580 5844 [ 9CD68BDDF322535C02ADC8331013D13D ] C:\Windows\System32\drivers\dxgmms1.sys
21:29:50.0580 5844 C:\Windows\System32\drivers\dxgmms1.sys - ok
21:29:50.0580 5844 [ 97BFED39B6B79EB12CDDBFEED51F56BB ] C:\Windows\System32\drivers\hdaudbus.sys
21:29:50.0580 5844 C:\Windows\System32\drivers\hdaudbus.sys - ok
21:29:50.0595 5844 [ 8E98D21EE06192492A5671A6144D092F ] C:\Windows\System32\drivers\GEARAspiWDM.sys
21:29:50.0595 5844 C:\Windows\System32\drivers\GEARAspiWDM.sys - ok
21:29:50.0611 5844 [ FD542B661BD22FA69CA789AD0AC58C29 ] C:\Windows\System32\drivers\tdcmdpst.sys
21:29:50.0611 5844 C:\Windows\System32\drivers\tdcmdpst.sys - ok
21:29:50.0626 5844 [ A1BE6A720D02E37F72E9CD89AE9CB3CF ] C:\Windows\System32\imagehlp.dll
21:29:50.0626 5844 C:\Windows\System32\imagehlp.dll - ok
21:29:50.0642 5844 [ 5D8E6C95156ED1F79A63D1EADE6F9ED5 ] C:\Windows\System32\setupapi.dll
21:29:50.0642 5844 C:\Windows\System32\setupapi.dll - ok
21:29:50.0642 5844 [ 6DF46D2BD74E3DA1B45F08F10D172732 ] C:\Windows\System32\advapi32.dll
21:29:50.0642 5844 C:\Windows\System32\advapi32.dll - ok
21:29:50.0658 5844 [ 1084AA52CCC324EA54C7121FA24C2221 ] C:\Windows\System32\gdi32.dll
21:29:50.0658 5844 C:\Windows\System32\gdi32.dll - ok
21:29:50.0673 5844 [ D87E1E59C73C1F98D5DED5B3850C40F5 ] C:\Windows\System32\psapi.dll
21:29:50.0673 5844 C:\Windows\System32\psapi.dll - ok
21:29:50.0689 5844 [ DBF99FD9CAF75CA66D042BD8D050FF71 ] C:\Windows\System32\usp10.dll
21:29:50.0689 5844 C:\Windows\System32\usp10.dll - ok
21:29:50.0704 5844 [ 65C113214F7B05820F6D8A65B1485196 ] C:\Windows\System32\kernel32.dll
21:29:50.0704 5844 C:\Windows\System32\kernel32.dll - ok
21:29:50.0704 5844 [ 83404DCBCE4925B6A5A77C5170F46D86 ] C:\Windows\System32\sechost.dll
21:29:50.0704 5844 C:\Windows\System32\sechost.dll - ok
21:29:50.0720 5844 [ C41A504715F1BC09105D1FE8B46E9B2C ] C:\Windows\System32\iertutil.dll
21:29:50.0720 5844 C:\Windows\System32\iertutil.dll - ok
21:29:50.0736 5844 [ AE259C75F9A0B057B6BF9E9695632B09 ] C:\Windows\System32\drivers\usbport.sys
21:29:50.0736 5844 C:\Windows\System32\drivers\usbport.sys - ok
21:29:50.0751 5844 [ C025055FE7B87701EB042095DF1A2D7B ] C:\Windows\System32\drivers\usbehci.sys
21:29:50.0751 5844 C:\Windows\System32\drivers\usbehci.sys - ok
21:29:50.0751 5844 [ 9840FC418B4CBD632D3D0A667A725C31 ] C:\Windows\System32\drivers\usbohci.sys
21:29:50.0751 5844 C:\Windows\System32\drivers\usbohci.sys - ok
21:29:50.0767 5844 [ FA55C73D4AFFA7EE23AC4BE53B4592D3 ] C:\Windows\System32\drivers\i8042prt.sys
21:29:50.0767 5844 C:\Windows\System32\drivers\i8042prt.sys - ok
21:29:50.0782 5844 [ BC02336F1CBA7DCC7D1213BB588A68A5 ] C:\Windows\System32\drivers\kbdclass.sys
21:29:50.0782 5844 C:\Windows\System32\drivers\kbdclass.sys - ok
21:29:50.0798 5844 [ CCA2AB1752A61F29C3C941CD79D78CEA ] C:\Windows\System32\drivers\usbd.sys
21:29:50.0798 5844 C:\Windows\System32\drivers\usbd.sys - ok
21:29:50.0814 5844 [ F5B46DF59FEAA48A442AED7EEB754D4B ] C:\Windows\System32\drivers\SynTP.sys
21:29:50.0814 5844 C:\Windows\System32\drivers\SynTP.sys - ok
21:29:50.0814 5844 [ 74E96226CB92225E40AACC0E42D27AC0 ] C:\Windows\System32\urlmon.dll
21:29:50.0814 5844 C:\Windows\System32\urlmon.dll - ok
21:29:50.0829 5844 [ 7D27EA49F3C1F687D357E77A470AEA99 ] C:\Windows\System32\drivers\mouclass.sys
21:29:50.0829 5844 C:\Windows\System32\drivers\mouclass.sys - ok
21:29:50.0845 5844 [ 64FDF4FE366CA42DA2B7D9D424B6E39B ] C:\Windows\System32\drivers\rtl8192ce.sys
21:29:50.0845 5844 C:\Windows\System32\drivers\rtl8192ce.sys - ok
21:29:50.0860 5844 [ 25983DE69B57142039AC8D95E71CD9C9 ] C:\Windows\System32\clbcatq.dll
21:29:50.0860 5844 C:\Windows\System32\clbcatq.dll - ok
21:29:50.0876 5844 [ 36D4720B72B5C5D9CB2B9C29E9DF67A1 ] C:\Windows\System32\drivers\vwifibus.sys
21:29:50.0876 5844 C:\Windows\System32\drivers\vwifibus.sys - ok
21:29:50.0876 5844 [ 7E04D13661FB771CA4FDBB836AD0BA49 ] C:\Windows\System32\wininet.dll
21:29:50.0876 5844 C:\Windows\System32\wininet.dll - ok
21:29:50.0892 5844 [ 1B1E264203D4EF9D3DA1987AD70355AB ] C:\Windows\System32\drivers\scsiport.sys
21:29:50.0892 5844 C:\Windows\System32\drivers\scsiport.sys - ok
21:29:50.0907 5844 [ 044FE45FFD6AD40E3BBBE60B7F41BABE ] C:\Windows\System32\nsi.dll
21:29:50.0907 5844 C:\Windows\System32\nsi.dll - ok
21:29:50.0923 5844 [ 0FAD70B541338024A667AA5858BCFE62 ] \Device\2697469449
21:29:50.0923 5844 \Device\2697469449 - ok
21:29:50.0923 5844 [ 0840155D0BDDF1190F84A663C284BD33 ] C:\Windows\System32\drivers\CmBatt.sys
21:29:50.0923 5844 C:\Windows\System32\drivers\CmBatt.sys - ok
21:29:50.0938 5844 [ C8FCB4899F8B70CC34E0D9876A80963C ] C:\Windows\System32\drivers\QIOMem.sys
21:29:50.0938 5844 C:\Windows\System32\drivers\QIOMem.sys - ok
21:29:50.0954 5844 [ 9C7191F4B2E49BFF47A6C1144B5923FA ] C:\Windows\System32\drivers\TVALZFL.sys
21:29:50.0954 5844 C:\Windows\System32\drivers\TVALZFL.sys - ok
21:29:50.0970 5844 [ C6689007B3A749C49A5438DCF36E0CE4 ] C:\Windows\System32\shell32.dll
21:29:50.0970 5844 C:\Windows\System32\shell32.dll - ok
21:29:50.0970 5844 [ F6FF8944478594D0E414D3F048F0D778 ] C:\Windows\System32\drivers\wmiacpi.sys
21:29:50.0970 5844 C:\Windows\System32\drivers\wmiacpi.sys - ok
21:29:50.0985 5844 [ 7ECFF9B22276B73F43A99A15A6094E90 ] C:\Windows\System32\drivers\agilevpn.sys
21:29:50.0985 5844 C:\Windows\System32\drivers\agilevpn.sys - ok
21:29:51.0001 5844 [ 03EDB043586CCEBA243D689BDDA370A8 ] C:\Windows\System32\drivers\CompositeBus.sys
21:29:51.0001 5844 C:\Windows\System32\drivers\CompositeBus.sys - ok
21:29:51.0001 5844 [ 471815800AE33E6F1C32FB1B97C490CA ] C:\Windows\System32\drivers\rasl2tp.sys
21:29:51.0001 5844 C:\Windows\System32\drivers\rasl2tp.sys - ok
21:29:51.0016 5844 [ 30639C932D9FEF22B31268FE25A1B6E5 ] C:\Windows\System32\drivers\ndistapi.sys
21:29:51.0016 5844 C:\Windows\System32\drivers\ndistapi.sys - ok
21:29:51.0032 5844 [ 53F7305169863F0A2BDDC49E116C2E11 ] C:\Windows\System32\drivers\ndiswan.sys
21:29:51.0032 5844 C:\Windows\System32\drivers\ndiswan.sys - ok
21:29:51.0048 5844 [ 855C9B1CD4756C5E9A2AA58A15F58C25 ] C:\Windows\System32\drivers\raspppoe.sys
21:29:51.0048 5844 C:\Windows\System32\drivers\raspppoe.sys - ok
21:29:51.0063 5844 [ F92A2C41117A11A00BE01CA01A7FCDE9 ] C:\Windows\System32\drivers\raspptp.sys
21:29:51.0063 5844 C:\Windows\System32\drivers\raspptp.sys - ok
21:29:51.0063 5844 [ E8B1E447B008D07FF47D016C2B0EEECB ] C:\Windows\System32\drivers\rassstp.sys
21:29:51.0063 5844 C:\Windows\System32\drivers\rassstp.sys - ok
21:29:51.0079 5844 [ 24FBF5CC5C04150073C315A7C83521EE ] C:\Windows\System32\drivers\ks.sys
21:29:51.0079 5844 C:\Windows\System32\drivers\ks.sys - ok
21:29:51.0094 5844 [ D01EC09B6711A5F8E7E6564A4D0FBC90 ] C:\Windows\System32\drivers\swenum.sys
21:29:51.0094 5844 C:\Windows\System32\drivers\swenum.sys - ok
21:29:51.0110 5844 [ 6A2EEB0C4133B20773BB3DD0B7B377B4 ] C:\Windows\System32\drivers\amdiox64.sys
21:29:51.0110 5844 C:\Windows\System32\drivers\amdiox64.sys - ok
21:29:51.0110 5844 [ DC54A574663A895C8763AF0FA1FF7561 ] C:\Windows\System32\drivers\umbus.sys
21:29:51.0110 5844 C:\Windows\System32\drivers\umbus.sys - ok
21:29:51.0126 5844 [ 287C6C9410B111B68B52CA298F7B8C24 ] C:\Windows\System32\drivers\usbhub.sys
21:29:51.0126 5844 C:\Windows\System32\drivers\usbhub.sys - ok
21:29:51.0141 5844 [ 015C0D8E0E0421B4CFD48CFFE2825879 ] C:\Windows\System32\drivers\ndproxy.sys
21:29:51.0141 5844 C:\Windows\System32\drivers\ndproxy.sys - ok
21:29:51.0157 5844 [ 21D26064AEDB4988F785BB4A3A2C051E ] C:\Windows\System32\drivers\drmk.sys
21:29:51.0157 5844 C:\Windows\System32\drivers\drmk.sys - ok
21:29:51.0172 5844 [ B0790FF0E25B7A2674296052F2162C1A ] C:\Windows\System32\drivers\AtihdW76.sys
21:29:51.0172 5844 C:\Windows\System32\drivers\AtihdW76.sys - ok
21:29:51.0172 5844 [ 32E11315B5126921FFD9074840EF13D3 ] C:\Windows\System32\drivers\portcls.sys
21:29:51.0172 5844 C:\Windows\System32\drivers\portcls.sys - ok
21:29:51.0188 5844 [ 66847C979893A11CFCC2280E772D7EA1 ] C:\Windows\System32\drivers\CHDRT64.sys
21:29:51.0188 5844 C:\Windows\System32\drivers\CHDRT64.sys - ok
21:29:51.0204 5844 [ 49EE2E52E6CD03947DAD72F65367BE06 ] C:\Windows\System32\drivers\hidparse.sys
21:29:51.0204 5844 C:\Windows\System32\drivers\hidparse.sys - ok
21:29:51.0219 5844 [ 8B0E40E7E8BBF5ACF390465609D89FF1 ] C:\Windows\System32\drivers\hidclass.sys
21:29:51.0219 5844 C:\Windows\System32\drivers\hidclass.sys - ok
21:29:51.0219 5844 [ 9592090A7E2B61CD582B612B6DF70536 ] C:\Windows\System32\drivers\hidusb.sys
21:29:51.0235 5844 C:\Windows\System32\drivers\hidusb.sys - ok
21:29:51.0235 5844 [ D3BF052C40B0C4166D9FD86A4288C1E6 ] C:\Windows\System32\drivers\mouhid.sys
21:29:51.0235 5844 C:\Windows\System32\drivers\mouhid.sys - ok
21:29:51.0250 5844 [ 6F1A3157A1C89435352CEB543CDB359C ] C:\Windows\System32\drivers\usbccgp.sys
21:29:51.0250 5844 C:\Windows\System32\drivers\usbccgp.sys - ok
21:29:51.0266 5844 [ 454800C2BC7F3927CE030141EE4F4C50 ] C:\Windows\System32\drivers\usbvideo.sys
21:29:51.0266 5844 C:\Windows\System32\drivers\usbvideo.sys - ok
21:29:51.0266 5844 [ 6869281E78CB31A43E969F06B57347C4 ] C:\Windows\System32\drivers\ksthunk.sys
21:29:51.0266 5844 C:\Windows\System32\drivers\ksthunk.sys - ok
21:29:51.0282 5844 [ 91111CEBBDE8015E822C46120ED9537C ] C:\Windows\System32\drivers\PGEffect.sys
21:29:51.0282 5844 C:\Windows\System32\drivers\PGEffect.sys - ok
21:29:51.0297 5844 [ F7CE0C81C545364020ED8203CF0A633E ] C:\Windows\System32\difxapi.dll
21:29:51.0297 5844 C:\Windows\System32\difxapi.dll - ok
21:29:51.0313 5844 [ D202223587518B13D72D68937B7E3F70 ] C:\Windows\System32\lpk.dll
21:29:51.0313 5844 C:\Windows\System32\lpk.dll - ok
21:29:51.0313 5844 [ EAF32CB8C1F810E4715B4DFBE785C7FF ] C:\Windows\System32\shlwapi.dll
21:29:51.0313 5844 C:\Windows\System32\shlwapi.dll - ok
21:29:51.0328 5844 [ 6C60B5ACA7442EFB794082CDACFC001C ] C:\Windows\System32\ole32.dll
21:29:51.0328 5844 C:\Windows\System32\ole32.dll - ok
21:29:51.0344 5844 [ C391FC68282A000CDF953F8B6B55D2EF ] C:\Windows\System32\msvcrt.dll
21:29:51.0344 5844 C:\Windows\System32\msvcrt.dll - ok
21:29:51.0360 5844 [ 9835E63E09F824D22B689D2BB789BAB9 ] C:\Windows\System32\comdlg32.dll
21:29:51.0360 5844 C:\Windows\System32\comdlg32.dll - ok
21:29:51.0360 5844 [ 4BBFA57F594F7E8A8EDC8F377184C3F0 ] C:\Windows\System32\ws2_32.dll
21:29:51.0360 5844 C:\Windows\System32\ws2_32.dll - ok
21:29:51.0375 5844 [ C431EAF5CAA1C82CAC2534A2EAB348A3 ] C:\Windows\System32\msctf.dll
21:29:51.0375 5844 C:\Windows\System32\msctf.dll - ok
21:29:51.0391 5844 [ 28C0B5024F5C5A438E78B188CFC81B7F ] C:\Windows\System32\normaliz.dll
21:29:51.0391 5844 C:\Windows\System32\normaliz.dll - ok
21:29:51.0406 5844 [ C06B32165E23A72A898B7A89679AD754 ] C:\Windows\System32\oleaut32.dll
21:29:51.0406 5844 C:\Windows\System32\oleaut32.dll - ok
21:29:51.0406 5844 [ 0611473C1AD9E2D991CD9482068417F7 ] C:\Windows\System32\rpcrt4.dll
21:29:51.0406 5844 C:\Windows\System32\rpcrt4.dll - ok
21:29:51.0422 5844 [ 4E4FFB09D895AA000DD56D1404F69A7E ] C:\Windows\System32\Wldap32.dll
21:29:51.0422 5844 C:\Windows\System32\Wldap32.dll - ok
21:29:51.0438 5844 [ AA2C08CE85653B1A0D2E4AB407FA176C ] C:\Windows\System32\imm32.dll
21:29:51.0438 5844 C:\Windows\System32\imm32.dll - ok
21:29:51.0453 5844 [ FE70103391A64039A921DBFFF9C7AB1B ] C:\Windows\System32\user32.dll
21:29:51.0453 5844 C:\Windows\System32\user32.dll - ok
21:29:51.0453 5844 [ 2477A28081BDAEE622CF045ACF8EE124 ] C:\Windows\System32\cfgmgr32.dll
21:29:51.0453 5844 C:\Windows\System32\cfgmgr32.dll - ok
21:29:51.0469 5844 [ AA06902362B1422D7A7DA7061E07C624 ] C:\Windows\System32\wintrust.dll
21:29:51.0469 5844 C:\Windows\System32\wintrust.dll - ok
21:29:51.0484 5844 [ 06FEC9E8117103BB1141A560E98077DA ] C:\Windows\System32\devobj.dll
21:29:51.0484 5844 C:\Windows\System32\devobj.dll - ok
21:29:51.0500 5844 [ 12EE6FE9268CEE6D90FDCCBF89236C65 ] C:\Windows\System32\crypt32.dll
21:29:51.0500 5844 C:\Windows\System32\crypt32.dll - ok
21:29:51.0500 5844 [ 1F56F209585F350A5666E3CC7931FD67 ] C:\Windows\System32\KernelBase.dll
21:29:51.0500 5844 C:\Windows\System32\KernelBase.dll - ok
21:29:51.0516 5844 [ 14DFDEAF4E589ED3F1FF187A86B9408C ] C:\Windows\System32\comctl32.dll
21:29:51.0516 5844 C:\Windows\System32\comctl32.dll - ok
21:29:51.0531 5844 [ 884415BD4269C02EAF8E2613BF85500D ] C:\Windows\System32\msasn1.dll
21:29:51.0531 5844 C:\Windows\System32\msasn1.dll - ok
21:29:51.0547 5844 [ 9C278785347BCC991F8EA2999D90F58D ] C:\Windows\SysWOW64\normaliz.dll
21:29:51.0547 5844 C:\Windows\SysWOW64\normaliz.dll - ok
21:29:51.0547 5844 [ BF24D6F2ED97FE830BFD52B246F98E67 ] C:\Windows\System32\drivers\dxapi.sys
21:29:51.0547 5844 C:\Windows\System32\drivers\dxapi.sys - ok
21:29:51.0562 5844 [ 523B9B64F2B6C630A2E0A87116C05F12 ] C:\Windows\System32\win32k.sys
21:29:51.0562 5844 C:\Windows\System32\win32k.sys - ok
21:29:51.0578 5844 [ 96F587CA26A6AA894BD8CACE4540CFFC ] C:\Windows\System32\csrsrv.dll
21:29:51.0578 5844 C:\Windows\System32\csrsrv.dll - ok
21:29:51.0594 5844 [ 60C2862B4BF0FD9F582EF344C2B1EC72 ] C:\Windows\System32\csrss.exe
21:29:51.0594 5844 C:\Windows\System32\csrss.exe - ok
21:29:51.0594 5844 [ BA0CD8C393E8C9F83354106093832C7B ] C:\Windows\System32\basesrv.dll
21:29:51.0594 5844 C:\Windows\System32\basesrv.dll - ok
21:29:51.0609 5844 [ 9E479C2B605C25DA4971ABA36250FAEF ] C:\Windows\System32\winsrv.dll
21:29:51.0609 5844 C:\Windows\System32\winsrv.dll - ok
21:29:51.0625 5844 [ B03D591DC7DA45ECE20B3B467E6AADAA ] C:\Windows\System32\drivers\monitor.sys
21:29:51.0625 5844 C:\Windows\System32\drivers\monitor.sys - ok
21:29:51.0640 5844 [ 6BF2039986AF96D98E08824AC6C383FD ] C:\Windows\System32\consrv.dll
21:29:51.0640 5844 C:\Windows\System32\consrv.dll - ok
21:29:51.0656 5844 [ F29FE765E1448EF371CFE05BFAC74ADB ] C:\Windows\System32\tsddd.dll
21:29:51.0656 5844 C:\Windows\System32\tsddd.dll - ok
21:29:51.0656 5844 [ 1D5185A4C7E6695431AE4B55C3D7D333 ] C:\Windows\System32\mswsock.dll
21:29:51.0656 5844 C:\Windows\System32\mswsock.dll - ok
21:29:51.0672 5844 [ D6160F9D869BA3AF0B787F971DB56368 ] C:\Windows\System32\sxssrv.dll
21:29:51.0672 5844 C:\Windows\System32\sxssrv.dll - ok
21:29:51.0687 5844 [ 94355C28C1970635A31B3FE52EB7CEBA ] C:\Windows\System32\wininit.exe
21:29:51.0687 5844 C:\Windows\System32\wininit.exe - ok
21:29:51.0687 5844 [ 05569A79BF4693670B709144382D02D4 ] C:\Windows\System32\cdd.dll
21:29:51.0687 5844 C:\Windows\System32\cdd.dll - ok
21:29:51.0703 5844 [ 2C942733A5983DD4502219FF37C7EBC7 ] C:\Windows\System32\profapi.dll
21:29:51.0703 5844 C:\Windows\System32\profapi.dll - ok
21:29:51.0718 5844 [ C2A8CB1275ECB85D246A9ECC02A728E3 ] C:\Windows\System32\RpcRtRemote.dll
21:29:51.0718 5844 C:\Windows\System32\RpcRtRemote.dll - ok
21:29:51.0734 5844 [ 78523A26F5604C0568FE9D1CE86E36F4 ] C:\Windows\System32\KBDUS.DLL
21:29:51.0734 5844 C:\Windows\System32\KBDUS.DLL - ok
21:29:51.0734 5844 [ B26B1801356760841C3BC69F9F91537F ] C:\Windows\System32\WlS0WndH.dll
21:29:51.0734 5844 C:\Windows\System32\WlS0WndH.dll - ok
21:29:51.0750 5844 [ 90499F3163A9F815CF196A205EA3CD5D ] C:\Windows\System32\apphelp.dll
21:29:51.0750 5844 C:\Windows\System32\apphelp.dll - ok
21:29:51.0765 5844 [ 24ACB7E5BE595468E3B9AA488B9B4FCB ] C:\Windows\System32\services.exe
21:29:51.0765 5844 C:\Windows\System32\services.exe - ok
21:29:51.0765 5844 [ 9CEAD32E79A62150FE9F8557E58E008B ] C:\Windows\System32\sxs.dll
21:29:51.0765 5844 C:\Windows\System32\sxs.dll - ok
21:29:51.0781 5844 [ 784FA3DF338E2E8F5F0389D6FAC428AF ] C:\Windows\System32\cryptbase.dll
21:29:51.0781 5844 C:\Windows\System32\cryptbase.dll - ok
21:29:51.0796 5844 [ C118A82CD78818C29AB228366EBF81C3 ] C:\Windows\System32\lsass.exe
21:29:51.0796 5844 C:\Windows\System32\lsass.exe - ok
21:29:51.0812 5844 [ 66A6063D0BAAD3F7B2B9868859E0743B ] C:\Windows\System32\lsasrv.dll
21:29:51.0812 5844 C:\Windows\System32\lsasrv.dll - ok
21:29:51.0812 5844 [ 9662EE182644511439F1C53745DC1C88 ] C:\Windows\System32\lsm.exe
21:29:51.0812 5844 C:\Windows\System32\lsm.exe - ok
21:29:51.0828 5844 [ 3A0CE5FE781708CD6ABD55313607EC8B ] C:\Windows\System32\sspisrv.dll
21:29:51.0828 5844 C:\Windows\System32\sspisrv.dll - ok
21:29:51.0843 5844 [ B66BC8B20B7F33975865B1DF99783FD8 ] C:\Windows\System32\sspicli.dll
21:29:51.0843 5844 C:\Windows\System32\sspicli.dll - ok
21:29:51.0859 5844 [ 68083118797CAF30FB2EA3E71494D67E ] C:\Windows\System32\sysntfy.dll
21:29:51.0859 5844 C:\Windows\System32\sysntfy.dll - ok
21:29:51.0874 5844 [ DEE7267C5D232A3B816866872CE199E6 ] C:\Windows\System32\wmsgapi.dll
21:29:51.0874 5844 C:\Windows\System32\wmsgapi.dll - ok
21:29:51.0874 5844 [ A744BA6E04C8AA4592818178DBF89521 ] C:\Windows\System32\samsrv.dll
21:29:51.0874 5844 C:\Windows\System32\samsrv.dll - ok
21:29:51.0890 5844 [ E914A50A151DFFE63D3935226DB5E2C1 ] C:\Windows\System32\scext.dll
21:29:51.0890 5844 C:\Windows\System32\scext.dll - ok
21:29:51.0906 5844 [ 3A061472B38233BAFF9CFEFF2E49C46B ] C:\Windows\System32\cryptdll.dll
21:29:51.0906 5844 C:\Windows\System32\cryptdll.dll - ok
21:29:51.0921 5844 [ BBCDF350817BA86416C0F06B6981BE8D ] C:\Windows\System32\scesrv.dll
21:29:51.0921 5844 C:\Windows\System32\scesrv.dll - ok
21:29:51.0921 5844 [ 0144D8D75A0B12938AEEE859E3310A46 ] C:\Windows\System32\secur32.dll
21:29:51.0921 5844 C:\Windows\System32\secur32.dll - ok
21:29:51.0937 5844 [ 3C073B0C596A0AF84933E7406766B040 ] C:\Windows\System32\wevtapi.dll
21:29:51.0937 5844 C:\Windows\System32\wevtapi.dll - ok
21:29:51.0952 5844 [ 3A9C9BAF610B0DD4967086040B3B62A9 ] C:\Windows\System32\srvcli.dll
21:29:51.0952 5844 C:\Windows\System32\srvcli.dll - ok
21:29:51.0968 5844 [ 7FBEBD2229EA5FD48D41B199EC2D541C ] C:\Windows\System32\authz.dll
21:29:51.0968 5844 C:\Windows\System32\authz.dll - ok
21:29:51.0968 5844 [ 86FE1B1F8FD42CD0DB641AB1CDB13093 ] C:\Windows\System32\cngaudit.dll
21:29:51.0968 5844 C:\Windows\System32\cngaudit.dll - ok
21:29:51.0984 5844 [ 5F3307352216618221A17CFEF273EEE2 ] C:\Windows\System32\ncrypt.dll
21:29:51.0984 5844 C:\Windows\System32\ncrypt.dll - ok
21:29:51.0999 5844 [ B9A95365E52F421A20E1501935FADDA5 ] C:\Windows\System32\bcrypt.dll
21:29:51.0999 5844 C:\Windows\System32\bcrypt.dll - ok
21:29:52.0015 5844 [ 02B64609F865A39365FF88580DF11738 ] C:\Windows\System32\msprivs.dll
21:29:52.0015 5844 C:\Windows\System32\msprivs.dll - ok
21:29:52.0015 5844 [ C6505DE3561537BA1004D638C2F93F2F ] C:\Windows\System32\netjoin.dll
21:29:52.0015 5844 C:\Windows\System32\netjoin.dll - ok
21:29:52.0030 5844 [ 1151B1BAA6F350B1DB6598E0FEA7C457 ] C:\Windows\System32\winlogon.exe
21:29:52.0030 5844 C:\Windows\System32\winlogon.exe - ok
21:29:52.0046 5844 [ 50532FCD7ECF02DD169CE5C485F02534 ] C:\Windows\System32\negoexts.dll
21:29:52.0046 5844 C:\Windows\System32\negoexts.dll - ok
21:29:52.0046 5844 [ 44E1A196DFCB53B01FE4B855C3B56A15 ] C:\Windows\System32\kerberos.dll
21:29:52.0046 5844 C:\Windows\System32\kerberos.dll - ok
21:29:52.0062 5844 [ 0D9764D58C5EFD672B7184854B152E5E ] C:\Windows\System32\winsta.dll
21:29:52.0062 5844 C:\Windows\System32\winsta.dll - ok
21:29:52.0077 5844 [ 9D7EC1E355AC35CBE6991721EF5AE3B8 ] C:\Windows\assembly\GAC_64\Desktop.ini
21:29:52.0077 5844 C:\Windows\assembly\GAC_64\Desktop.ini - ok
21:29:52.0093 5844 [ D0C2FBB6D97416B0166478FC7AE2B212 ] C:\Windows\System32\cryptsp.dll
21:29:52.0093 5844 C:\Windows\System32\cryptsp.dll - ok
21:29:52.0108 5844 [ 7E6E32FDAF785DD1EE2B83956E8E3B49 ] C:\Windows\assembly\temp\U\80000064.@
21:29:52.0108 5844 C:\Windows\assembly\temp\U\80000064.@ - ok
21:29:52.0108 5844 [ FA43D418BC945D27D0625B697B8442B5 ] C:\Windows\System32\cabinet.dll
21:29:52.0108 5844 C:\Windows\System32\cabinet.dll - ok
21:29:52.0124 5844 [ 1F4492FE41767CDB8B89D17655847CDD ] C:\Windows\System32\ntmarta.dll
21:29:52.0124 5844 C:\Windows\System32\ntmarta.dll - ok
21:29:52.0140 5844 [ EF12B8385AA2849999008A977918F96B ] C:\Windows\System32\msv1_0.dll
21:29:52.0140 5844 C:\Windows\System32\msv1_0.dll - ok
21:29:52.0155 5844 [ EC7CBFF96B05ECF3D366355B3C64ADCF ] C:\Windows\System32\wship6.dll
21:29:52.0155 5844 C:\Windows\System32\wship6.dll - ok
21:29:52.0155 5844 [ AA339DD8BB128EF66660DFBBB59043D3 ] C:\Windows\System32\netlogon.dll
21:29:52.0155 5844 C:\Windows\System32\netlogon.dll - ok
21:29:52.0171 5844 [ 492D07D79E7024CA310867B526D9636D ] C:\Windows\System32\dnsapi.dll
21:29:52.0171 5844 C:\Windows\System32\dnsapi.dll - ok
21:29:52.0186 5844 [ 8FFE297B8449386E7B6851458B6E474E ] C:\Windows\System32\logoncli.dll
21:29:52.0186 5844 C:\Windows\System32\logoncli.dll - ok
21:29:52.0202 5844 [ 1573C45E65DE32B1BC3572634F8F1E8E ] C:\Windows\System32\schannel.dll
21:29:52.0202 5844 C:\Windows\System32\schannel.dll - ok
21:29:52.0202 5844 [ 95FB6CA4374E343DDD653FCC43F9D26B ] C:\Windows\System32\wdigest.dll
21:29:52.0202 5844 C:\Windows\System32\wdigest.dll - ok
21:29:52.0218 5844 [ 5D8874A8C11DDDDE29E12DE0E2013493 ] C:\Windows\System32\rsaenh.dll
21:29:52.0218 5844 C:\Windows\System32\rsaenh.dll - ok
21:29:52.0233 5844 [ 8A25506B6948EFBD5A7F37E53CCD36D9 ] C:\Windows\System32\TSpkg.dll
21:29:52.0233 5844 C:\Windows\System32\TSpkg.dll - ok
21:29:52.0249 5844 [ E08088A97F95345E181C3DFCE2C615EF ] C:\Windows\System32\pku2u.dll
21:29:52.0249 5844 C:\Windows\System32\pku2u.dll - ok
21:29:52.0249 5844 [ 55C892560C1B42BC57FB61AEFCED2F22 ] C:\Windows\System32\LIVESSP.DLL
21:29:52.0249 5844 C:\Windows\System32\LIVESSP.DLL - ok
21:29:52.0264 5844 [ D6C7780A364C6BBACFA796BAB9F1B374 ] C:\Windows\System32\bcryptprimitives.dll
21:29:52.0264 5844 C:\Windows\System32\bcryptprimitives.dll - ok
21:29:52.0280 5844 [ 90BDEFC5DF334E5100EAA781D798DE1A ] C:\Windows\System32\efslsaext.dll
21:29:52.0280 5844 C:\Windows\System32\efslsaext.dll - ok
21:29:52.0296 5844 [ 52D3D5E3586988D4D9E34ACAAC33105C ] C:\Windows\System32\credssp.dll
21:29:52.0296 5844 C:\Windows\System32\credssp.dll - ok
21:29:52.0296 5844 [ ED78427259134C63ED69804D2132B86C ] C:\Windows\System32\scecli.dll
21:29:52.0296 5844 C:\Windows\System32\scecli.dll - ok
21:29:52.0311 5844 [ 7CC7DF5B654DA579613F811D8C637E29 ] C:\Windows\System32\ubpm.dll
21:29:52.0311 5844 C:\Windows\System32\ubpm.dll - ok
21:29:52.0327 5844 [ C78655BC80301D76ED4FEF1C1EA40A7D ] C:\Windows\System32\svchost.exe
21:29:52.0327 5844 C:\Windows\System32\svchost.exe - ok
21:29:52.0327 5844 [ 25FBDEF06C4D92815B353F6E792C8129 ] C:\Windows\System32\umpnpmgr.dll
21:29:52.0327 5844 C:\Windows\System32\umpnpmgr.dll - ok
21:29:52.0342 5844 [ E6EB44ABAAF1F330119F854856C53EBE ] C:\Windows\System32\SPInf.dll
21:29:52.0342 5844 C:\Windows\System32\SPInf.dll - ok
21:29:52.0358 5844 [ CD1B5AD07E5F7FEF30E055DCC9E96180 ] C:\Windows\System32\devrtl.dll
21:29:52.0358 5844 C:\Windows\System32\devrtl.dll - ok
21:29:52.0374 5844 [ 9C9307C95671AC962F3D6EB3A4A89BAE ] C:\Windows\System32\gpapi.dll
21:29:52.0374 5844 C:\Windows\System32\gpapi.dll - ok
21:29:52.0374 5844 [ 7A17485DC7D8A7AC81321A42CD034519 ] C:\Windows\System32\userenv.dll
21:29:52.0374 5844 C:\Windows\System32\userenv.dll - ok
21:29:52.0389 5844 [ 6BA9D927DDED70BD1A9CADED45F8B184 ] C:\Windows\System32\umpo.dll
21:29:52.0389 5844 C:\Windows\System32\umpo.dll - ok
21:29:52.0405 5844 [ F6C011B46FAEEF33536B2E80F48B5CBE ] C:\Windows\System32\pcwum.dll
21:29:52.0405 5844 C:\Windows\System32\pcwum.dll - ok
21:29:52.0420 5844 [ 716175021BDA290504CE434273F666BC ] C:\Windows\System32\powrprof.dll
21:29:52.0420 5844 C:\Windows\System32\powrprof.dll - ok
21:29:52.0436 5844 [ 43D0F98E1D56CCDDB0D5254CFF7B356E ] C:\Windows\System32\drivers\luafv.sys
21:29:52.0436 5844 C:\Windows\System32\drivers\luafv.sys - ok
21:29:52.0436 5844 [ 92EB844D90615CB266F84C3202B8786E ] C:\Windows\System32\drivers\mbam.sys
21:29:52.0436 5844 C:\Windows\System32\drivers\mbam.sys - ok
21:29:52.0452 5844 [ 8F571F016FA1976F445147E9E6C8AE9B ] C:\Windows\System32\drivers\Sftvollh.sys
21:29:52.0452 5844 C:\Windows\System32\drivers\Sftvollh.sys - ok
21:29:52.0467 5844 [ AB886378EEB55C6C75B4F2D14B6C869F ] C:\Windows\System32\drivers\WUDFPf.sys
21:29:52.0467 5844 C:\Windows\System32\drivers\WUDFPf.sys - ok
21:29:52.0483 5844 [ 5C627D1B1138676C0A7AB2C2C190D123 ] C:\Windows\System32\rpcss.dll
21:29:52.0483 5844 C:\Windows\System32\rpcss.dll - ok
21:29:52.0483 5844 [ E4DC58CF7B3EA515AE917FF0D402A7BB ] C:\Windows\System32\RpcEpMap.dll
21:29:52.0483 5844 C:\Windows\System32\RpcEpMap.dll - ok
21:29:52.0498 5844 [ 31559F3244C6BC00A52030CAA83B6B91 ] C:\Windows\System32\WSHTCPIP.DLL
21:29:52.0498 5844 C:\Windows\System32\WSHTCPIP.DLL - ok
21:29:52.0514 5844 [ 16E964ABF6D1E0F0CC7822FCA9BA754D ] C:\Windows\System32\wshqos.dll
21:29:52.0514 5844 C:\Windows\System32\wshqos.dll - ok
21:29:52.0530 5844 [ 4C1E3649C89C7D542CD18ECC5210099D ] C:\Windows\System32\atiesrxx.exe
21:29:52.0530 5844 C:\Windows\System32\atiesrxx.exe - ok
21:29:52.0530 5844 [ 9AD9E06F8656F296D91FAE8EE5B95A27 ] C:\Windows\System32\FirewallAPI.dll
21:29:52.0530 5844 C:\Windows\System32\FirewallAPI.dll - ok
21:29:52.0545 5844 [ BD3674BE7FC9D8D3732C83E8499576ED ] C:\Windows\System32\wtsapi32.dll
21:29:52.0545 5844 C:\Windows\System32\wtsapi32.dll - ok
21:29:52.0561 5844 [ 94E026870A55AAEAFF7853C1754091E9 ] C:\Windows\System32\version.dll
21:29:52.0561 5844 C:\Windows\System32\version.dll - ok
21:29:52.0561 5844 [ 715F03B4C7223349768013EA95D9E5B7 ] C:\Windows\System32\LogonUI.exe
21:29:52.0561 5844 C:\Windows\System32\LogonUI.exe - ok
21:29:52.0576 5844 [ 0BEE002C68E28CE6DA161DCF1376D7D7 ] C:\Windows\System32\authui.dll
21:29:52.0576 5844 C:\Windows\System32\authui.dll - ok
21:29:52.0592 5844 [ B3BFBD758506ECB50C5804AAA76318F9 ] C:\Windows\System32\cryptui.dll
21:29:52.0592 5844 C:\Windows\System32\cryptui.dll - ok
21:29:52.0608 5844 [ 6011714C8C5C55CBFFAD24D61E879FBD ] C:\Windows\System32\wevtsvc.dll
21:29:52.0608 5844 C:\Windows\System32\wevtsvc.dll - ok
21:29:52.0623 5844 [ 7FA8FDC2C2A27817FD0F624E78D3B50C ] C:\Windows\winsxs\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac\comctl32.dll
21:29:52.0623 5844 C:\Windows\winsxs\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac\comctl32.dll - ok
21:29:52.0623 5844 [ 4E9C2DB10F7E6AE91BF761139D4B745B ] C:\Windows\System32\shacct.dll
21:29:52.0623 5844 C:\Windows\System32\shacct.dll - ok
21:29:52.0639 5844 [ 5B3EBFC3DA142324B388DDCC4465E1FF ] C:\Windows\System32\samlib.dll
21:29:52.0639 5844 C:\Windows\System32\samlib.dll - ok
21:29:52.0654 5844 [ F23FEF6D569FCE88671949894A8BECF1 ] C:\Windows\System32\audiosrv.dll
21:29:52.0654 5844 C:\Windows\System32\audiosrv.dll - ok
21:29:52.0670 5844 [ 5F28111C648F1E24F7DBC87CDEB091B8 ] C:\Windows\System32\netprofm.dll
21:29:52.0670 5844 C:\Windows\System32\netprofm.dll - ok
21:29:52.0670 5844 [ F06BB4E336EA57511FDBAFAFCC47DE62 ] C:\Windows\System32\propsys.dll
21:29:52.0670 5844 C:\Windows\System32\propsys.dll - ok
21:29:52.0686 5844 [ 78A1E65207484B7F8D3217507745F47C ] C:\Windows\System32\avrt.dll
21:29:52.0686 5844 C:\Windows\System32\avrt.dll - ok
21:29:52.0701 5844 [ E40E80D0304A73E8D269F7141D77250B ] C:\Windows\System32\mmcss.dll
21:29:52.0701 5844 C:\Windows\System32\mmcss.dll - ok
21:29:52.0717 5844 [ 588CD0C78A7FAAE4186B5EEA0AF3ED67 ] C:\Windows\System32\adtschema.dll
21:29:52.0717 5844 C:\Windows\System32\adtschema.dll - ok
21:29:52.0732 5844 [ 227E2C382A1E02F8D4965E664D3BBE43 ] C:\Windows\System32\MMDevAPI.dll
21:29:52.0732 5844 C:\Windows\System32\MMDevAPI.dll - ok
21:29:52.0732 5844 [ D29E998E8277666982B4F0303BF4E7AF ] C:\Windows\System32\uxtheme.dll
21:29:52.0732 5844 C:\Windows\System32\uxtheme.dll - ok
21:29:52.0748 5844 [ 4FADA86E62F18A1B2F42BA18AE24E6AA ] C:\Windows\System32\wlansvc.dll
21:29:52.0748 5844 C:\Windows\System32\wlansvc.dll - ok
21:29:52.0764 5844 [ 50544D04AD845C43130B70212EC05CCD ] C:\Windows\System32\microsoft-windows-kernel-power-events.dll
21:29:52.0764 5844 C:\Windows\System32\microsoft-windows-kernel-power-events.dll - ok
21:29:52.0764 5844 [ DA6B67270FD9DB3697B20FCE94950741 ] C:\Windows\System32\drivers\fltMgr.sys
21:29:52.0764 5844 C:\Windows\System32\drivers\fltMgr.sys - ok
21:29:52.0779 5844 [ A3DB3C17EE6CAE65D53602B4E80BCCBC ] C:\Windows\System32\PSHED.DLL
21:29:52.0779 5844 C:\Windows\System32\PSHED.DLL - ok
21:29:52.0795 5844 [ 179E8401224D557ECFF3695F2016EA5B ] C:\Windows\winsxs\amd64_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.17825_none_2b253c8271ec7765\GdiPlus.dll
21:29:52.0795 5844 C:\Windows\winsxs\amd64_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.17825_none_2b253c8271ec7765\GdiPlus.dll - ok
21:29:52.0810 5844 [ 53E83F1F6CF9D62F32801CF66D8352A8 ] C:\Windows\System32\profsvc.dll
21:29:52.0810 5844 C:\Windows\System32\profsvc.dll - ok
21:29:52.0810 5844 [ B0945E538CF906BBDDC5A11C8EE868CC ] C:\Windows\System32\microsoft-windows-kernel-processor-power-events.dll
21:29:52.0810 5844 C:\Windows\System32\microsoft-windows-kernel-processor-power-events.dll - ok
21:29:52.0826 5844 [ D5CCA1453B98A5801E6D5FF0FF89DC6C ] C:\Windows\System32\audiodg.exe
21:29:52.0826 5844 C:\Windows\System32\audiodg.exe - ok
21:29:52.0842 5844 [ 3CB6A7286422C72C34DAB54A5DFF1A34 ] C:\Windows\System32\dui70.dll
21:29:52.0842 5844 C:\Windows\System32\dui70.dll - ok
21:29:52.0842 5844 [ 8CCDE014A4CDF84564E03ACE064CA753 ] C:\Windows\System32\duser.dll
21:29:52.0842 5844 C:\Windows\System32\duser.dll - ok
21:29:52.0857 5844 [ 58775492FFD419248B08325E583C527F ] C:\Windows\System32\atl.dll
21:29:52.0857 5844 C:\Windows\System32\atl.dll - ok
21:29:52.0873 5844 [ 277BBC7E1AA1EE957F573A10ECA7EF3A ] C:\Windows\System32\gpsvc.dll
21:29:52.0873 5844 C:\Windows\System32\gpsvc.dll - ok
21:29:52.0888 5844 [ D7F1EF374A90709B31591823B002F918 ] C:\Windows\System32\SndVolSSO.dll
21:29:52.0888 5844 C:\Windows\System32\SndVolSSO.dll - ok
21:29:52.0904 5844 [ 896F15A6434D93EDB42519D5E18E6B50 ] C:\Windows\System32\hid.dll
21:29:52.0904 5844 C:\Windows\System32\hid.dll - ok
21:29:52.0904 5844 [ EF2AE43BCD46ABB13FC3E5B2B1935C73 ] C:\Windows\System32\winmm.dll
21:29:52.0904 5844 C:\Windows\System32\winmm.dll - ok
21:29:52.0920 5844 [ 46BB91A169B9B31FF44EB04C48EC1D41 ] C:\Windows\System32\nlaapi.dll
21:29:52.0920 5844 C:\Windows\System32\nlaapi.dll - ok
21:29:52.0935 5844 [ F0344071948D1A1FA732231785A0664C ] C:\Windows\System32\themeservice.dll
21:29:52.0935 5844 C:\Windows\System32\themeservice.dll - ok
21:29:52.0951 5844 [ 1473768973453DE50DC738C2955FC4DD ] C:\Windows\System32\wdmaud.drv
21:29:52.0951 5844 C:\Windows\System32\wdmaud.drv - ok
21:29:52.0951 5844 [ A77BE7CB3222B4FB0AC6C71D1C2698D4 ] C:\Windows\System32\dsrole.dll
21:29:52.0951 5844 C:\Windows\System32\dsrole.dll - ok
21:29:52.0966 5844 [ 8560FFFC8EB3A806DCD4F82252CFC8C6 ] C:\Windows\System32\ksuser.dll
21:29:52.0966 5844 C:\Windows\System32\ksuser.dll - ok
21:29:52.0982 5844 [ BE097F5BB10F9079FCEB2DC4E7E20F02 ] C:\Windows\System32\slc.dll
21:29:52.0982 5844 C:\Windows\System32\slc.dll - ok
21:29:52.0998 5844 [ DA1B7075260F3872585BFCDD668C648B ] C:\Windows\System32\dwmapi.dll
21:29:52.0998 5844 C:\Windows\System32\dwmapi.dll - ok
21:29:52.0998 5844 [ 4166F82BE4D24938977DD1746BE9B8A0 ] C:\Windows\System32\es.dll
21:29:52.0998 5844 C:\Windows\System32\es.dll - ok
21:29:53.0013 5844 [ 6F8B48F3D343E4B186AB6A9E302B7E16 ] C:\Windows\System32\xmllite.dll
21:29:53.0013 5844 C:\Windows\System32\xmllite.dll - ok
21:29:53.0029 5844 [ DC220AE6F64819099F7EBD6F137E32E7 ] C:\Windows\System32\AudioSes.dll
21:29:53.0029 5844 C:\Windows\System32\AudioSes.dll - ok
21:29:53.0044 5844 [ 1A47D52E303B7543E4E6026595B95422 ] C:\Windows\System32\comres.dll
21:29:53.0044 5844 C:\Windows\System32\comres.dll - ok
21:29:53.0044 5844 [ C32AB8FA018EF34C0F113BD501436D21 ] C:\Windows\System32\Sens.dll
21:29:53.0044 5844 C:\Windows\System32\Sens.dll - ok
21:29:53.0060 5844 [ EDBB23CBCF2CDF727D64FF9B51A6070E ] C:\Windows\System32\uxsms.dll
21:29:53.0060 5844 C:\Windows\System32\uxsms.dll - ok
21:29:53.0076 5844 [ B20F051B03A966392364C83F009F7D17 ] C:\Windows\System32\WUDFSvc.dll
21:29:53.0076 5844 C:\Windows\System32\WUDFSvc.dll - ok
21:29:53.0076 5844 [ 26B73A85855681500BCC25C7CD9FF5B1 ] C:\Windows\System32\WindowsCodecs.dll
21:29:53.0076 5844 C:\Windows\System32\WindowsCodecs.dll - ok
21:29:53.0091 5844 [ B1DF2D87DC8BF6072699AC8301B37796 ] C:\Windows\System32\WUDFPlatform.dll
21:29:53.0091 5844 C:\Windows\System32\WUDFPlatform.dll - ok
21:29:53.0107 5844 [ CA2A0750ED830678997695FF61B04C30 ] C:\Windows\System32\midimap.dll
21:29:53.0107 5844 C:\Windows\System32\midimap.dll - ok
21:29:53.0122 5844 [ 10AC5CE9F78DC281A1BBD9B8CC587B8A ] C:\Windows\System32\msacm32.dll
21:29:53.0122 5844 C:\Windows\System32\msacm32.dll - ok
21:29:53.0122 5844 [ 1B7C3A37362C7B2890168C5FC61C8D9B ] C:\Windows\System32\msacm32.drv
21:29:53.0122 5844 C:\Windows\System32\msacm32.drv - ok
21:29:53.0138 5844 [ 5EDBB34736DD7AC1A73CF8792A835E10 ] C:\Windows\System32\AudioEng.dll
21:29:53.0138 5844 C:\Windows\System32\AudioEng.dll - ok
21:29:53.0154 5844 [ 1538831CF8AD2979A04C423779465827 ] C:\Windows\System32\drivers\lltdio.sys
21:29:53.0154 5844 C:\Windows\System32\drivers\lltdio.sys - ok
21:29:53.0169 5844 [ 1EA3749C4114DB3E3161156FFFFA6B33 ] C:\Windows\System32\drivers\nwifi.sys
21:29:53.0169 5844 C:\Windows\System32\drivers\nwifi.sys - ok
21:29:53.0169 5844 [ 136185F9FB2CC61E573E676AA5402356 ] C:\Windows\System32\drivers\ndisuio.sys
21:29:53.0169 5844 C:\Windows\System32\drivers\ndisuio.sys - ok
21:29:53.0185 5844 [ DDC86E4F8E7456261E637E3552E804FF ] C:\Windows\System32\drivers\rspndr.sys
21:29:53.0185 5844 C:\Windows\System32\drivers\rspndr.sys - ok
21:29:53.0200 5844 [ C1395286B822E306B4FE1568A8A77813 ] C:\Windows\System32\AUDIOKSE.dll
21:29:53.0200 5844 C:\Windows\System32\AUDIOKSE.dll - ok
21:29:53.0216 5844 [ 2B81776DA02017A37FE26C662827470E ] C:\Windows\System32\IPHLPAPI.DLL
21:29:53.0216 5844 C:\Windows\System32\IPHLPAPI.DLL - ok
21:29:53.0216 5844 [ F993A32249B66C9D622EA5592A8B76B8 ] C:\Windows\System32\lmhsvc.dll
21:29:53.0232 5844 C:\Windows\System32\lmhsvc.dll - ok
21:29:53.0232 5844 [ B73A6E4B319AFFE64582AC5C1801BB3F ] C:\Windows\System32\nrpsrv.dll
21:29:53.0232 5844 C:\Windows\System32\nrpsrv.dll - ok
21:29:53.0247 5844 [ 4C9210E8F4E052F6A4EB87716DA0C24C ] C:\Windows\System32\winnsi.dll
21:29:53.0247 5844 C:\Windows\System32\winnsi.dll - ok
21:29:53.0263 5844 [ 43D808F5D9E1A18E5EEB5EBC83969E4E ] C:\Windows\System32\dhcpcore.dll
21:29:53.0263 5844 C:\Windows\System32\dhcpcore.dll - ok
21:29:53.0278 5844 [ D54BFDF3E0C953F823B3D0BFE4732528 ] C:\Windows\System32\nsisvc.dll
21:29:53.0278 5844 C:\Windows\System32\nsisvc.dll - ok
21:29:53.0278 5844 [ AA0B1A7B4750F655936F2F82B5E84428 ] C:\Windows\System32\CX64AP40.dll
21:29:53.0278 5844 C:\Windows\System32\CX64AP40.dll - ok
21:29:53.0294 5844 [ 3CC16A849E6092E43909F48EF0E60306 ] C:\Windows\System32\dhcpcore6.dll
21:29:53.0294 5844 C:\Windows\System32\dhcpcore6.dll - ok
21:29:53.0310 5844 [ 16835866AAA693C7D7FCEBA8FFF706E4 ] C:\Windows\System32\dnsrslvr.dll
21:29:53.0310 5844 C:\Windows\System32\dnsrslvr.dll - ok
21:29:53.0325 5844 [ F9EC845C5EECF20E9A67F9F805F2EF1F ] C:\Windows\System32\keyiso.dll
21:29:53.0325 5844 C:\Windows\System32\keyiso.dll - ok
21:29:53.0325 5844 [ E2DDA8726DA9CB5B2C4000C9018A9633 ] C:\Windows\System32\eapsvc.dll
21:29:53.0325 5844 C:\Windows\System32\eapsvc.dll - ok
21:29:53.0341 5844 [ 87356377F31DA5F20A833811CD59499C ] C:\Windows\System32\eapphost.dll
21:29:53.0341 5844 C:\Windows\System32\eapphost.dll - ok
21:29:53.0356 5844 [ 0040C486584A8E582C861CFB57AB5387 ] C:\Windows\System32\FWPUCLNT.DLL
21:29:53.0356 5844 C:\Windows\System32\FWPUCLNT.DLL - ok
21:29:53.0372 5844 [ 9F2BACD5E1776A4BB7CC0EC3C3A4F96D ] C:\Windows\System32\winbrand.dll
21:29:53.0372 5844 C:\Windows\System32\winbrand.dll - ok
21:29:53.0372 5844 [ 885D0942E0F28DB90919BE3129ECF279 ] C:\Windows\System32\dnsext.dll
21:29:53.0372 5844 C:\Windows\System32\dnsext.dll - ok
21:29:53.0388 5844 [ 9FCA3A84338ADEF2AFF67CDA46EF8539 ] C:\Windows\System32\umb.dll
21:29:53.0388 5844 C:\Windows\System32\umb.dll - ok
21:29:53.0403 5844 [ 3C06D5A929B798D0B13F6481242A0FD2 ] C:\Windows\System32\dhcpcsvc6.dll
21:29:53.0403 5844 C:\Windows\System32\dhcpcsvc6.dll - ok
21:29:53.0419 5844 [ A648C4A06DE367065B24056D067B4460 ] C:\Windows\System32\wlanmsm.dll
21:29:53.0419 5844 C:\Windows\System32\wlanmsm.dll - ok
21:29:53.0434 5844 [ 06A1386B6E3A0CBC368665C1840906F4 ] C:\Windows\System32\wlansec.dll
21:29:53.0434 5844 C:\Windows\System32\wlansec.dll - ok

#14 Mr.Problem

Mr.Problem
  • Topic Starter

  • Members
  • 30 posts
  • OFFLINE
  •  
  • Local time:09:49 PM

Posted 26 January 2013 - 01:17 AM

21:29:53.0434 5844 [ F568F7C08458D69E4FCD8675BBB107E4 ] C:\Windows\System32\dhcpcsvc.dll
21:29:53.0434 5844 C:\Windows\System32\dhcpcsvc.dll - ok
21:29:53.0450 5844 [ 6F3C559B82F2912354BE5B098744CC8C ] C:\Windows\System32\WMALFXGFXDSP.dll
21:29:53.0450 5844 C:\Windows\System32\WMALFXGFXDSP.dll - ok
21:29:53.0466 5844 [ 73FCB7919DEE80EE556F2E498594EBAE ] C:\Windows\System32\onex.dll
21:29:53.0466 5844 C:\Windows\System32\onex.dll - ok
21:29:53.0481 5844 [ 0D753307D274F3688BD21C377B616700 ] C:\Windows\System32\eappcfg.dll
21:29:53.0481 5844 C:\Windows\System32\eappcfg.dll - ok
21:29:53.0481 5844 [ 65522E77A1360DBC8D199DA3BF5EFFE4 ] C:\Windows\System32\eappprxy.dll
21:29:53.0481 5844 C:\Windows\System32\eappprxy.dll - ok
21:29:53.0497 5844 [ 97E43F324BE1503CB2FFB058534688DA ] C:\Windows\System32\l2gpstore.dll
21:29:53.0497 5844 C:\Windows\System32\l2gpstore.dll - ok
21:29:53.0512 5844 [ 7D5645EE0EA77D539828433D9B95F5EB ] C:\Windows\System32\WinSCard.dll
21:29:53.0512 5844 C:\Windows\System32\WinSCard.dll - ok
21:29:53.0528 5844 [ 7F1B4C6FF3B85F9ADF74055187B8A22C ] C:\Windows\System32\wlanutil.dll
21:29:53.0528 5844 C:\Windows\System32\wlanutil.dll - ok
21:29:53.0528 5844 [ 730BF204A595D5B6D7DC57A247CC741C ] C:\Windows\System32\wlgpclnt.dll
21:29:53.0528 5844 C:\Windows\System32\wlgpclnt.dll - ok
21:29:53.0544 5844 [ 54B5DCD55B223BC5DF50B82E1E9E86B1 ] C:\Windows\System32\mfplat.dll
21:29:53.0544 5844 C:\Windows\System32\mfplat.dll - ok
21:29:53.0559 5844 [ 99B91C5D2FCEF218CAD3600ECB62A799 ] C:\Windows\System32\msxml6.dll
21:29:53.0559 5844 C:\Windows\System32\msxml6.dll - ok
21:29:53.0575 5844 [ CB3CF9915ED7888FDBAF3694775DCCC7 ] C:\Windows\System32\EEL64A.dll
21:29:53.0575 5844 C:\Windows\System32\EEL64A.dll - ok
21:29:53.0575 5844 [ 483849E481652C22BAFC8052414B3099 ] C:\Windows\System32\EED64A.dll
21:29:53.0575 5844 C:\Windows\System32\EED64A.dll - ok
21:29:53.0590 5844 [ AAF932B4011D14052955D4B212A4DA8D ] C:\Windows\System32\shsvcs.dll
21:29:53.0590 5844 C:\Windows\System32\shsvcs.dll - ok
21:29:53.0606 5844 [ 262F6592C3299C005FD6BEC90FC4463A ] C:\Windows\System32\schedsvc.dll
21:29:53.0606 5844 C:\Windows\System32\schedsvc.dll - ok
21:29:53.0622 5844 [ EEEA40F0EDB0A6E5359E539E15D0BC77 ] C:\Windows\System32\netapi32.dll
21:29:53.0622 5844 C:\Windows\System32\netapi32.dll - ok
21:29:53.0622 5844 [ 6CECA4C6A489C9B2E6073AFDAAE3F607 ] C:\Windows\System32\netutils.dll
21:29:53.0622 5844 C:\Windows\System32\netutils.dll - ok
21:29:53.0637 5844 [ 3C91392D448F6E5D525A85B7550D8BA9 ] C:\Windows\System32\wkscli.dll
21:29:53.0637 5844 C:\Windows\System32\wkscli.dll - ok
21:29:53.0653 5844 [ BC414631876B2F28B8DAB08E849C12C5 ] C:\Windows\System32\ktmw32.dll
21:29:53.0653 5844 C:\Windows\System32\ktmw32.dll - ok
21:29:53.0668 5844 [ 03706015DB44368375AEBE6339490E66 ] C:\Windows\System32\netcfgx.dll
21:29:53.0668 5844 C:\Windows\System32\netcfgx.dll - ok
21:29:53.0668 5844 [ 945E54F23C72D37B8CD1987AF0DB63BF ] C:\Windows\System32\fveapi.dll
21:29:53.0668 5844 C:\Windows\System32\fveapi.dll - ok
21:29:53.0684 5844 [ 891ECFD08E2C538B7948CBC45106D697 ] C:\Windows\System32\fvecerts.dll
21:29:53.0684 5844 C:\Windows\System32\fvecerts.dll - ok
21:29:53.0700 5844 [ 694865362F0965779F92BCFE97712323 ] C:\Windows\System32\tbs.dll
21:29:53.0700 5844 C:\Windows\System32\tbs.dll - ok
21:29:53.0715 5844 [ 6DC4A7242F565C9E9C9CCC7BB0FA75C7 ] C:\Windows\System32\taskcomp.dll
21:29:53.0715 5844 C:\Windows\System32\taskcomp.dll - ok
21:29:53.0715 5844 [ 8269210DAF3B12BC8300631B28A2A442 ] C:\Windows\System32\wiarpc.dll
21:29:53.0715 5844 C:\Windows\System32\wiarpc.dll - ok
21:29:53.0731 5844 [ C2762A57DF0EE85E63CE4893C5215313 ] C:\Windows\System32\VaultCredProvider.dll
21:29:53.0731 5844 C:\Windows\System32\VaultCredProvider.dll - ok
21:29:53.0746 5844 [ CA2985996BB49924B677113DF95CFEA7 ] C:\Windows\System32\SmartcardCredentialProvider.dll
21:29:53.0746 5844 C:\Windows\System32\SmartcardCredentialProvider.dll - ok
21:29:53.0762 5844 [ BF352E73615F5461AA6884472435A544 ] C:\Windows\System32\BioCredProv.dll
21:29:53.0762 5844 C:\Windows\System32\BioCredProv.dll - ok
21:29:53.0762 5844 [ 796B8123A7859AFD3A4AE10514DBAEB5 ] C:\Windows\System32\winbio.dll
21:29:53.0762 5844 C:\Windows\System32\winbio.dll - ok
21:29:53.0778 5844 [ CC0AB40F02D2C2A12209715A3C1B07B8 ] C:\Windows\System32\credui.dll
21:29:53.0778 5844 C:\Windows\System32\credui.dll - ok
21:29:53.0793 5844 [ 44B9C66177651F3F53C87B665D58D17A ] C:\Windows\System32\vaultcli.dll
21:29:53.0793 5844 C:\Windows\System32\vaultcli.dll - ok
21:29:53.0809 5844 [ FC51229C7D4AFA0D6F186133728B95AB ] C:\Windows\System32\samcli.dll
21:29:53.0809 5844 C:\Windows\System32\samcli.dll - ok
21:29:53.0809 5844 [ F79C9E3947B904FA3200A2204F9C52BB ] C:\Windows\System32\tosWirelessLANIndicatorCP.dll
21:29:53.0809 5844 C:\Windows\System32\tosWirelessLANIndicatorCP.dll - ok
21:29:53.0824 5844 [ B88DA7FD10BDBB3754D98AFD39677C29 ] C:\Windows\System32\msvcr100.dll
21:29:53.0824 5844 C:\Windows\System32\msvcr100.dll - ok
21:29:53.0840 5844 [ 698EB872F1B16C2E874281BCEE55F396 ] C:\Program Files\Toshiba\SmartFaceV\SmartFaceVCP.dll
21:29:53.0840 5844 C:\Program Files\Toshiba\SmartFaceV\SmartFaceVCP.dll - ok
21:29:53.0856 5844 [ AAFE92235773EDED003A84CD0FFA8326 ] C:\Program Files\Toshiba\SmartFaceV\SmartFaceVHelper.dll
21:29:53.0856 5844 C:\Program Files\Toshiba\SmartFaceV\SmartFaceVHelper.dll - ok
21:29:53.0871 5844 [ 7AE92C896AF9ABFBDB18C1D055B6EBA7 ] C:\Windows\winsxs\amd64_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.4940_none_88df89932faf0bf6\msvcp80.dll
21:29:53.0871 5844 C:\Windows\winsxs\amd64_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.4940_none_88df89932faf0bf6\msvcp80.dll - ok
21:29:53.0871 5844 [ 06A754FE28A06F780A099703CFCAAA22 ] C:\Windows\winsxs\amd64_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.4940_none_88df89932faf0bf6\msvcr80.dll
21:29:53.0871 5844 C:\Windows\winsxs\amd64_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.4940_none_88df89932faf0bf6\msvcr80.dll - ok
21:29:53.0887 5844 [ 9AE75388EE2C110216B8319584E8AC34 ] C:\Program Files\Toshiba\SmartFaceV\SmartFaceVCtrl.dll
21:29:53.0887 5844 C:\Program Files\Toshiba\SmartFaceV\SmartFaceVCtrl.dll - ok
21:29:53.0902 5844 [ 2A9238A326763122424E07EF320D5D3A ] C:\Program Files\Toshiba\SmartFaceV\FaceRec.dll
21:29:53.0902 5844 C:\Program Files\Toshiba\SmartFaceV\FaceRec.dll - ok
21:29:53.0918 5844 [ 91175B7E997CFAC64F271A15B4217BC7 ] C:\Program Files\Toshiba\SmartFaceV\FaceHI.dll
21:29:53.0918 5844 C:\Program Files\Toshiba\SmartFaceV\FaceHI.dll - ok
21:29:53.0918 5844 [ 15BE2309C00B0EBBE0D420BD42C3E0F1 ] C:\Program Files\Toshiba\SmartFaceV\SmartFaceVLogOn.dll
21:29:53.0918 5844 C:\Program Files\Toshiba\SmartFaceV\SmartFaceVLogOn.dll - ok
21:29:53.0934 5844 [ 972C3301DB3DA91AE06A95F6B4160B1B ] C:\Windows\System32\certCredProvider.dll
21:29:53.0934 5844 C:\Windows\System32\certCredProvider.dll - ok
21:29:53.0949 5844 [ 7097425051CE67B450EBF2B1390AE492 ] C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDCREDPROV.DLL
21:29:53.0949 5844 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDCREDPROV.DLL - ok
21:29:53.0965 5844 [ 87FA0C48C3B2E9FEE518818FE26B15B5 ] C:\Windows\System32\rasplap.dll
21:29:53.0965 5844 C:\Windows\System32\rasplap.dll - ok
21:29:53.0965 5844 [ 9BC8610C32C96A2983A65DC21CAFA921 ] C:\Windows\System32\UXInit.dll
21:29:53.0965 5844 C:\Windows\System32\UXInit.dll - ok
21:29:53.0980 5844 [ 16E116784B900D8A58DA4FB2FF1F0931 ] C:\Windows\System32\atieclxx.exe
21:29:53.0980 5844 C:\Windows\System32\atieclxx.exe - ok
21:29:53.0996 5844 [ 019CD868461B646E09BDF04474C19341 ] C:\Windows\System32\rasapi32.dll
21:29:53.0996 5844 C:\Windows\System32\rasapi32.dll - ok
21:29:54.0012 5844 [ F76BE04CD180721363FBD7884C90C09E ] C:\Windows\System32\atiadlxx.dll
21:29:54.0012 5844 C:\Windows\System32\atiadlxx.dll - ok
21:29:54.0027 5844 [ B28DEEC597C8DEB70C744C7CF9210E3E ] C:\Windows\System32\rasman.dll
21:29:54.0027 5844 C:\Windows\System32\rasman.dll - ok
21:29:54.0027 5844 [ B53C4B69B695EDA1B7E41D35CA4244E2 ] C:\Windows\System32\rtutils.dll
21:29:54.0027 5844 C:\Windows\System32\rtutils.dll - ok
21:29:54.0043 5844 [ E36112A8A6C7F840169A7E92C12F4203 ] C:\Windows\System32\wsock32.dll
21:29:54.0043 5844 C:\Windows\System32\wsock32.dll - ok
21:29:54.0058 5844 [ AB6F6FABEDA4990F3F9ED294C2959577 ] C:\Windows\System32\atimuixx.dll
21:29:54.0058 5844 C:\Windows\System32\atimuixx.dll - ok
21:29:54.0074 5844 [ CF636C92B762B26F0B39B38E92380A09 ] C:\Windows\System32\oleacc.dll
21:29:54.0074 5844 C:\Windows\System32\oleacc.dll - ok
21:29:54.0074 5844 [ 019BDD35DE269CB98B22DE8923C2AA3B ] C:\Windows\System32\UIAutomationCore.dll
21:29:54.0074 5844 C:\Windows\System32\UIAutomationCore.dll - ok
21:29:54.0090 5844 [ E424B3EF666B184CEE0B6871AAA8C9F6 ] C:\Windows\System32\msimg32.dll
21:29:54.0090 5844 C:\Windows\System32\msimg32.dll - ok
21:29:54.0105 5844 [ 0EA7DE1ACB728DD5A369FD742D6EEE28 ] C:\Windows\System32\drivers\http.sys
21:29:54.0105 5844 C:\Windows\System32\drivers\http.sys - ok
21:29:54.0121 5844 [ 85DAA09A98C9286D4EA2BA8D0E644377 ] C:\Windows\System32\spoolsv.exe
21:29:54.0121 5844 C:\Windows\System32\spoolsv.exe - ok
21:29:54.0121 5844 [ 65EA57712340C09B1B0C427B4848AE05 ] C:\Windows\System32\taskeng.exe
21:29:54.0121 5844 C:\Windows\System32\taskeng.exe - ok
21:29:54.0136 5844 [ 805A52C5AE26C28E88FDD9BCCFE6F312 ] C:\Windows\System32\TSChannel.dll
21:29:54.0136 5844 C:\Windows\System32\TSChannel.dll - ok
21:29:54.0152 5844 [ 6845A6D853862E27FB2F835325A73E30 ] C:\PROGRA~2\SOGOUI~1\SogouExe\SogouExe.exe
21:29:54.0152 5844 C:\PROGRA~2\SOGOUI~1\SogouExe\SogouExe.exe - ok
21:29:54.0152 5844 [ E73B0F1819602CB6EF176FB78D76A47B ] C:\Windows\SysWOW64\ntdll.dll
21:29:54.0152 5844 C:\Windows\SysWOW64\ntdll.dll - ok
21:29:54.0168 5844 [ 259EB5F7D95A29842B476C5B3EB6E186 ] C:\Windows\System32\wow64.dll
21:29:54.0168 5844 C:\Windows\System32\wow64.dll - ok
21:29:54.0183 5844 [ 5674E21E82CFBEA36DDAD5DB285D6DBC ] C:\Windows\System32\wow64win.dll
21:29:54.0183 5844 C:\Windows\System32\wow64win.dll - ok
21:29:54.0199 5844 [ 3EE3AA76D8AB6D5644C4C8F34471CEB3 ] C:\Windows\System32\wow64cpu.dll
21:29:54.0199 5844 C:\Windows\System32\wow64cpu.dll - ok
21:29:54.0199 5844 [ AC0B6F41882FC6ED186962D770EBF1D2 ] C:\Windows\SysWOW64\kernel32.dll
21:29:54.0214 5844 C:\Windows\SysWOW64\kernel32.dll - ok
21:29:54.0214 5844 [ E954A79D6A754A5475582CACED1565E6 ] C:\Windows\SysWOW64\KernelBase.dll
21:29:54.0214 5844 C:\Windows\SysWOW64\KernelBase.dll - ok
21:29:54.0230 5844 [ 9DC80A8AAAAAC397BDAB3C67165A824E ] C:\Windows\SysWOW64\msvcrt.dll
21:29:54.0230 5844 C:\Windows\SysWOW64\msvcrt.dll - ok
21:29:54.0246 5844 [ 702254574E7E52052DE39408457B7149 ] C:\Windows\SysWOW64\version.dll
21:29:54.0246 5844 C:\Windows\SysWOW64\version.dll - ok
21:29:54.0261 5844 [ 42C671E0525618E23371D0E68282F37C ] C:\Windows\SysWOW64\wininet.dll
21:29:54.0261 5844 C:\Windows\SysWOW64\wininet.dll - ok
21:29:54.0261 5844 [ 8CC3C111D653E96F3EA1590891491D71 ] C:\Windows\SysWOW64\shlwapi.dll
21:29:54.0261 5844 C:\Windows\SysWOW64\shlwapi.dll - ok
21:29:54.0277 5844 [ D6D3AD7BF1D6F6CE9547613ED5E170A2 ] C:\Windows\SysWOW64\gdi32.dll
21:29:54.0277 5844 C:\Windows\SysWOW64\gdi32.dll - ok
21:29:54.0292 5844 [ 5E0DB2D8B2750543CD2EBB9EA8E6CDD3 ] C:\Windows\SysWOW64\user32.dll
21:29:54.0292 5844 C:\Windows\SysWOW64\user32.dll - ok
21:29:54.0308 5844 [ 95E2376B3323F062EB562B8586D0F14A ] C:\Windows\SysWOW64\advapi32.dll
21:29:54.0308 5844 C:\Windows\SysWOW64\advapi32.dll - ok
21:29:54.0308 5844 [ C5AD8083CF94201F1F8084ECC696A8B7 ] C:\Windows\SysWOW64\rpcrt4.dll
21:29:54.0308 5844 C:\Windows\SysWOW64\rpcrt4.dll - ok
21:29:54.0324 5844 [ CFC97F07904067A1E5FAE195D534DA3A ] C:\Windows\SysWOW64\sechost.dll
21:29:54.0324 5844 C:\Windows\SysWOW64\sechost.dll - ok
21:29:54.0339 5844 [ F08F6FCD09F9BE94C37ACC1B344685FF ] C:\Windows\SysWOW64\cryptbase.dll
21:29:54.0339 5844 C:\Windows\SysWOW64\cryptbase.dll - ok
21:29:54.0355 5844 [ 384721EF4024890092625E20CADFAF85 ] C:\Windows\SysWOW64\lpk.dll
21:29:54.0355 5844 C:\Windows\SysWOW64\lpk.dll - ok
21:29:54.0355 5844 [ EDA7AD21DF8945528F01F0A86D69E524 ] C:\Windows\SysWOW64\sspicli.dll
21:29:54.0355 5844 C:\Windows\SysWOW64\sspicli.dll - ok
21:29:54.0386 5844 [ B7230010D97787AF3D25E4C82F2B06B9 ] C:\Windows\SysWOW64\usp10.dll
21:29:54.0386 5844 C:\Windows\SysWOW64\usp10.dll - ok
21:29:54.0386 5844 [ 557A086A4659799D63A9CE474ADFEBE8 ] C:\Windows\SysWOW64\urlmon.dll
21:29:54.0386 5844 C:\Windows\SysWOW64\urlmon.dll - ok
21:29:54.0402 5844 [ 928CF7268086631F54C3D8E17238C6DD ] C:\Windows\SysWOW64\ole32.dll
21:29:54.0402 5844 C:\Windows\SysWOW64\ole32.dll - ok
21:29:54.0417 5844 [ 6C765E82B57F2E66CE9C54AC238471D9 ] C:\Windows\SysWOW64\oleaut32.dll
21:29:54.0417 5844 C:\Windows\SysWOW64\oleaut32.dll - ok
21:29:54.0417 5844 [ 60D21799A4AF4EDCE65FB98830E4B0C8 ] C:\Windows\SysWOW64\crypt32.dll
21:29:54.0417 5844 C:\Windows\SysWOW64\crypt32.dll - ok
21:29:54.0433 5844 [ C5D48985BADF6CFEDCBCCDD5D92F526D ] C:\Windows\SysWOW64\iertutil.dll
21:29:54.0433 5844 C:\Windows\SysWOW64\iertutil.dll - ok
21:29:54.0448 5844 [ 938F39B50BAFE13D6F58C7790682C010 ] C:\Windows\SysWOW64\msasn1.dll
21:29:54.0448 5844 C:\Windows\SysWOW64\msasn1.dll - ok
21:29:54.0464 5844 [ 82974D6A2FD19445CC5171FC378668A4 ] C:\Windows\System32\BFE.DLL
21:29:54.0464 5844 C:\Windows\System32\BFE.DLL - ok
21:29:54.0464 5844 [ 27E461F0BE5BFF5FC737328F749538C3 ] C:\Windows\System32\drivers\srvnet.sys
21:29:54.0464 5844 C:\Windows\System32\drivers\srvnet.sys - ok
21:29:54.0480 5844 [ 453E3EB4AB6BEF87B3855EBF83EDBE51 ] C:\Program Files (x86)\Toshiba\Wireless LAN Indicator\tosIndicator.exe
21:29:54.0480 5844 C:\Program Files (x86)\Toshiba\Wireless LAN Indicator\tosIndicator.exe - ok
21:29:54.0495 5844 [ 6C02A83164F5CC0A262F4199F0871CF5 ] C:\Windows\System32\drivers\bowser.sys
21:29:54.0495 5844 C:\Windows\System32\drivers\bowser.sys - ok
21:29:54.0511 5844 [ 6C38C9E45AE0EA2FA5E551F2ED5E978F ] C:\Windows\System32\drivers\mpsdrv.sys
21:29:54.0511 5844 C:\Windows\System32\drivers\mpsdrv.sys - ok
21:29:54.0526 5844 [ A5D9106A73DC88564C825D317CAC68AC ] C:\Windows\System32\drivers\mrxsmb.sys
21:29:54.0526 5844 C:\Windows\System32\drivers\mrxsmb.sys - ok
21:29:54.0542 5844 [ D711B3C1D5F42C0C2415687BE09FC163 ] C:\Windows\System32\drivers\mrxsmb10.sys
21:29:54.0542 5844 C:\Windows\System32\drivers\mrxsmb10.sys - ok
21:29:54.0558 5844 [ 9423E9D355C8D303E76B8CFBD8A5C30C ] C:\Windows\System32\drivers\mrxsmb20.sys
21:29:54.0558 5844 C:\Windows\System32\drivers\mrxsmb20.sys - ok
21:29:54.0558 5844 [ D83947A58613E9091B4C9CC0F1546A8D ] C:\Windows\SysWOW64\mscoree.dll
21:29:54.0558 5844 C:\Windows\SysWOW64\mscoree.dll - ok
21:29:54.0573 5844 [ B4ADEBBF5E3677CCE9651E0F01F7CC28 ] C:\Windows\System32\drivers\srv2.sys
21:29:54.0573 5844 C:\Windows\System32\drivers\srv2.sys - ok
21:29:54.0589 5844 [ F5DF6846F30E9F54EA60CCAEB3FB2055 ] C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscoreei.dll
21:29:54.0589 5844 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscoreei.dll - ok
21:29:54.0604 5844 [ 5AA945234E9D4CCE4F715276B9AA712C ] C:\Windows\System32\imageres.dll
21:29:54.0604 5844 C:\Windows\System32\imageres.dll - ok
21:29:54.0620 5844 [ 851A1382EED3E3A7476DB004F4EE3E1A ] C:\Windows\System32\wkssvc.dll
21:29:54.0620 5844 C:\Windows\System32\wkssvc.dll - ok
21:29:54.0636 5844 [ 441FBA48BFF01FDB9D5969EBC1838F0B ] C:\Windows\System32\drivers\srv.sys
21:29:54.0636 5844 C:\Windows\System32\drivers\srv.sys - ok
21:29:54.0651 5844 [ A6F09E5669D9A19035F6D942CAA15882 ] C:\Windows\SysWOW64\imm32.dll
21:29:54.0651 5844 C:\Windows\SysWOW64\imm32.dll - ok
21:29:54.0651 5844 [ D9F42719019740BAA6D1C6D536CBDAA6 ] C:\Windows\System32\srvsvc.dll
21:29:54.0651 5844 C:\Windows\System32\srvsvc.dll - ok
21:29:54.0667 5844 [ C9618BC9B2B0FD7C1138D8774795A79B ] C:\Windows\SysWOW64\msctf.dll
21:29:54.0667 5844 C:\Windows\SysWOW64\msctf.dll - ok
21:29:54.0682 5844 [ 05F5A0D14A2EE1D8255C2AA0E9E8E694 ] C:\Windows\System32\browser.dll
21:29:54.0682 5844 C:\Windows\System32\browser.dll - ok
21:29:54.0682 5844 [ CFEFA40DDE34659BE5211966EAD86437 ] C:\Windows\System32\netmsg.dll
21:29:54.0682 5844 C:\Windows\System32\netmsg.dll - ok
21:29:54.0698 5844 [ 8B92BED5B8D4A8480E7AA631F35A6F35 ] C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorwks.dll
21:29:54.0698 5844 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorwks.dll - ok
21:29:54.0714 5844 [ C9564CF4976E7E96B4052737AA2492B4 ] C:\Windows\winsxs\x86_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.6195_none_d09154e044272b9a\msvcr80.dll
21:29:54.0714 5844 C:\Windows\winsxs\x86_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.6195_none_d09154e044272b9a\msvcr80.dll - ok
21:29:54.0729 5844 [ 29E9794708DF51DB5DC89FB2E903A0F6 ] C:\Windows\SysWOW64\shell32.dll
21:29:54.0729 5844 C:\Windows\SysWOW64\shell32.dll - ok
21:29:54.0729 5844 [ C733D233B623B7FFCE5031E4B756EE26 ] C:\Windows\SysWOW64\profapi.dll
21:29:54.0729 5844 C:\Windows\SysWOW64\profapi.dll - ok
21:29:54.0745 5844 [ C3E39FB1398EEE8E612C2FE53A9192EF ] C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\7150b9136fad5b79e88f6c7f9d3d2c39\mscorlib.ni.dll
21:29:54.0745 5844 C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\7150b9136fad5b79e88f6c7f9d3d2c39\mscorlib.ni.dll - ok
21:29:54.0760 5844 [ 43964FA89CCF97BA6BE34D69455AC65F ] C:\Windows\SysWOW64\uxtheme.dll
21:29:54.0760 5844 C:\Windows\SysWOW64\uxtheme.dll - ok
21:29:54.0776 5844 [ 3518CB4E2D896CAB53D5386F15AC0566 ] C:\Windows\assembly\NativeImages_v2.0.50727_32\System\369f8bdca364e2b4936d18dea582912c\System.ni.dll
21:29:54.0776 5844 C:\Windows\assembly\NativeImages_v2.0.50727_32\System\369f8bdca364e2b4936d18dea582912c\System.ni.dll - ok
21:29:54.0792 5844 [ FF6961EBECEB04E137AF26AAFFD58D0C ] C:\Windows\assembly\NativeImages_v2.0.50727_32\tosIndicator\86fecd25d5bf1bc845afd8aa6d765f56\tosIndicator.ni.exe
21:29:54.0792 5844 C:\Windows\assembly\NativeImages_v2.0.50727_32\tosIndicator\86fecd25d5bf1bc845afd8aa6d765f56\tosIndicator.ni.exe - ok
21:29:54.0807 5844 [ FBA4773ECFEFFC6566FB2AD13CEC4940 ] C:\Windows\assembly\NativeImages_v2.0.50727_32\WindowsBase\cf827fe7bc99d9bcf0ba3621054ef527\WindowsBase.ni.dll
21:29:54.0807 5844 C:\Windows\assembly\NativeImages_v2.0.50727_32\WindowsBase\cf827fe7bc99d9bcf0ba3621054ef527\WindowsBase.ni.dll - ok
21:29:54.0807 5844 [ 1E3CB1435EC745058628AE40FEA9F471 ] C:\Windows\assembly\NativeImages_v2.0.50727_32\PresentationCore\19b3d17c3ce0e264c4fb62028161adf7\PresentationCore.ni.dll
21:29:54.0807 5844 C:\Windows\assembly\NativeImages_v2.0.50727_32\PresentationCore\19b3d17c3ce0e264c4fb62028161adf7\PresentationCore.ni.dll - ok
21:29:54.0823 5844 [ EE74A0FF7C5752E49911986F22BBAEEF ] C:\Windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\ff7c9a4f41f7cccc47e696c11b9f8469\PresentationFramework.ni.dll
21:29:54.0823 5844 C:\Windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\ff7c9a4f41f7cccc47e696c11b9f8469\PresentationFramework.ni.dll - ok
21:29:54.0838 5844 [ FF80CAD87555E8E4D2CFD7B9058343F8 ] C:\Windows\System32\sscore.dll
21:29:54.0838 5844 C:\Windows\System32\sscore.dll - ok
21:29:54.0854 5844 [ 81749E073AC5857B044A686B406E5244 ] C:\Windows\System32\clusapi.dll
21:29:54.0854 5844 C:\Windows\System32\clusapi.dll - ok
21:29:54.0870 5844 [ 344FCC9850C3A8A3B4D3C65151AF8E4C ] C:\Windows\System32\resutils.dll
21:29:54.0870 5844 C:\Windows\System32\resutils.dll - ok
21:29:54.0870 5844 [ B8590E612C0DC80DF2BBC543F744BA92 ] C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe
21:29:54.0870 5844 C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe - ok
21:29:54.0885 5844 [ 28AD5E311996A34025CFB07E131058DD ] C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL
21:29:54.0885 5844 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL - ok
21:29:54.0901 5844 [ F9D908DE6B166DAC9B89BF62FA291CE8 ] C:\Program Files\Bonjour\mdnsNSP.dll
21:29:54.0901 5844 C:\Program Files\Bonjour\mdnsNSP.dll - ok
21:29:54.0916 5844 [ 88351B29B622B30962D2FEB6CA8D860B ] C:\Windows\System32\rasadhlp.dll
21:29:54.0916 5844 C:\Windows\System32\rasadhlp.dll - ok
21:29:54.0932 5844 [ 37D44BFEA9B50D75764660ADC35C83AC ] C:\Windows\System32\msvcp100.dll
21:29:54.0932 5844 C:\Windows\System32\msvcp100.dll - ok
21:29:54.0932 5844 [ 0F30820D2C84A695E511AEA844890307 ] C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Container.PerformanceTuning.dll
21:29:54.0932 5844 C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Container.PerformanceTuning.dll - ok
21:29:54.0948 5844 [ 5D306463535067E4E275C12B678311AF ] C:\Program Files\ATI Technologies\ATI.ACE\Fuel\device.dll
21:29:54.0948 5844 C:\Program Files\ATI Technologies\ATI.ACE\Fuel\device.dll - ok
21:29:54.0963 5844 [ A5299D04ED225D64CF07A568A3E1BF8C ] C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
21:29:54.0963 5844 C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe - ok
21:29:54.0963 5844 [ 0B3595A4FF0B36D68E5FC67FD7D70FDC ] C:\Windows\winsxs\x86_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.6195_none_d09154e044272b9a\msvcp80.dll
21:29:54.0963 5844 C:\Windows\winsxs\x86_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.6195_none_d09154e044272b9a\msvcp80.dll - ok
21:29:54.0979 5844 [ 2C0A8B0B4CB11F3F61090B5CB3ADEAA8 ] C:\Program Files\ATI Technologies\ATI.ACE\Fuel\platform.dll
21:29:54.0979 5844 C:\Program Files\ATI Technologies\ATI.ACE\Fuel\platform.dll - ok
21:29:54.0994 5844 [ 863F793D15B4026B1A5FDECA873D4D84 ] C:\Windows\SysWOW64\apphelp.dll
21:29:54.0994 5844 C:\Windows\SysWOW64\apphelp.dll - ok
21:29:55.0010 5844 [ D573F2420E029A5236DE0754AD7657CE ] C:\PROGRA~2\SOGOUI~1\620~1.827\SGTool.exe
21:29:55.0010 5844 C:\PROGRA~2\SOGOUI~1\620~1.827\SGTool.exe - ok
21:29:55.0026 5844 [ 92DA9EDE07390B4352B29DD82079E398 ] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\AppleVersions.dll
21:29:55.0026 5844 C:\Program Files (x86)\Common Files\Apple\Apple Application Support\AppleVersions.dll - ok
21:29:55.0041 5844 [ 64894527838C86454E2F378FF39FA336 ] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\YSCrashDump.dll
21:29:55.0041 5844 C:\Program Files (x86)\Common Files\Apple\Apple Application Support\YSCrashDump.dll - ok
21:29:55.0041 5844 [ EF8CD3C64EE9C08980D6D06CCCE46C68 ] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\CoreFoundation.dll
21:29:55.0041 5844 C:\Program Files (x86)\Common Files\Apple\Apple Application Support\CoreFoundation.dll - ok
21:29:55.0057 5844 [ CFFDEE337B36F82DFAF7265DEB552E0A ] C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Container.Wlan.dll
21:29:55.0057 5844 C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Container.Wlan.dll - ok
21:29:55.0072 5844 [ 357BE883C5236BFC7341CB9E82308908 ] C:\Windows\System32\wlanapi.dll
21:29:55.0072 5844 C:\Windows\System32\wlanapi.dll - ok
21:29:55.0088 5844 [ 7FF15A4F092CD4A96055BA69F903E3E9 ] C:\Windows\SysWOW64\ws2_32.dll
21:29:55.0088 5844 C:\Windows\SysWOW64\ws2_32.dll - ok
21:29:55.0104 5844 [ 6377051C63D5552A311935C67E9FDFDC ] C:\Windows\SysWOW64\nsi.dll
21:29:55.0104 5844 C:\Windows\SysWOW64\nsi.dll - ok
21:29:55.0104 5844 [ 638C7596B493F5F77DB9EF6BAD8FE46C ] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\pthreadVC2.dll
21:29:55.0104 5844 C:\Program Files (x86)\Common Files\Apple\Apple Application Support\pthreadVC2.dll - ok
21:29:55.0119 5844 [ 78865ABC5F5D13190F8B35BD9044714A ] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\objc.dll
21:29:55.0119 5844 C:\Program Files (x86)\Common Files\Apple\Apple Application Support\objc.dll - ok
21:29:55.0135 5844 [ DF13A51A5C591887D2EC6AE64CEED0FA ] C:\Windows\SysWOW64\wsock32.dll
21:29:55.0135 5844 C:\Windows\SysWOW64\wsock32.dll - ok
21:29:55.0150 5844 [ FF9831030678C7B6D70BAC00F68F8976 ] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libdispatch.dll
21:29:55.0150 5844 C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libdispatch.dll - ok
21:29:55.0166 5844 [ 6A6B2EE4565A178035BE2A4FF6F2C968 ] C:\Windows\SysWOW64\wtsapi32.dll
21:29:55.0166 5844 C:\Windows\SysWOW64\wtsapi32.dll - ok
21:29:55.0166 5844 [ 352B3DC62A0D259A82A052238425C872 ] C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2\comctl32.dll
21:29:55.0166 5844 C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2\comctl32.dll - ok
21:29:55.0182 5844 [ D5AEFAD57C08349A4393D987DF7C715D ] C:\Windows\SysWOW64\winmm.dll
21:29:55.0182 5844 C:\Windows\SysWOW64\winmm.dll - ok
21:29:55.0197 5844 [ 5A963C340DE1A01BA6E24945CE05D16A ] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libicuin.dll
21:29:55.0197 5844 C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libicuin.dll - ok
21:29:55.0213 5844 [ F4BC62990E7E5C29799A895B80FC3177 ] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libicuuc.dll
21:29:55.0213 5844 C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libicuuc.dll - ok
21:29:55.0213 5844 [ 149D74E1128A86DC9CFB2851FBEA11EB ] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\icudt46.dll
21:29:55.0213 5844 C:\Program Files (x86)\Common Files\Apple\Apple Application Support\icudt46.dll - ok
21:29:55.0228 5844 [ AEDDFD540E3E6BECDB14C30D1F12B78A ] C:\Windows\assembly\GAC_32\PresentationCore\3.0.0.0__31bf3856ad364e35\PresentationCore.dll
21:29:55.0228 5844 C:\Windows\assembly\GAC_32\PresentationCore\3.0.0.0__31bf3856ad364e35\PresentationCore.dll - ok
21:29:55.0244 5844 [ DDFBFD8959F32AC0CF3947F36BAC3081 ] C:\Windows\Microsoft.NET\Framework\v3.0\WPF\wpfgfx_v0300.dll
21:29:55.0244 5844 C:\Windows\Microsoft.NET\Framework\v3.0\WPF\wpfgfx_v0300.dll - ok
21:29:55.0260 5844 [ A0617B5753E31126AD29C03154F4F329 ] C:\Windows\Microsoft.NET\Framework\v2.0.50727\Culture.dll
21:29:55.0260 5844 C:\Windows\Microsoft.NET\Framework\v2.0.50727\Culture.dll - ok
21:29:55.0275 5844 [ 39C5F32747B3414D1BB216FDB1DEFC58 ] C:\Windows\SysWOW64\dwmapi.dll
21:29:55.0275 5844 C:\Windows\SysWOW64\dwmapi.dll - ok
21:29:55.0275 5844 [ 7321F18D1F820612ED0E9F2D4B578A7E ] C:\Windows\SysWOW64\cryptsp.dll
21:29:55.0275 5844 C:\Windows\SysWOW64\cryptsp.dll - ok
21:29:55.0291 5844 [ 5997D769CDB108390DCFAEBF442BF816 ] C:\Windows\SysWOW64\RpcRtRemote.dll
21:29:55.0291 5844 C:\Windows\SysWOW64\RpcRtRemote.dll - ok
21:29:55.0306 5844 [ ED8EC63F7522DF4852147C84EC62C36A ] C:\Windows\SysWOW64\rsaenh.dll
21:29:55.0306 5844 C:\Windows\SysWOW64\rsaenh.dll - ok
21:29:55.0322 5844 [ B010CF886420EE29C2C276646721D255 ] C:\Windows\SysWOW64\wlanapi.dll
21:29:55.0322 5844 C:\Windows\SysWOW64\wlanapi.dll - ok
21:29:55.0338 5844 [ 1D6A771D1D702AE07919DB52C889A249 ] C:\Windows\SysWOW64\wlanutil.dll
21:29:55.0338 5844 C:\Windows\SysWOW64\wlanutil.dll - ok
21:29:55.0338 5844 [ 6EF5F3F18413C367195F06E503AB86A6 ] C:\Windows\SysWOW64\d3d9.dll
21:29:55.0338 5844 C:\Windows\SysWOW64\d3d9.dll - ok
21:29:55.0353 5844 [ 7F8BB5F228CF551C44A5C001712C1A39 ] C:\Windows\SysWOW64\aticfx32.dll
21:29:55.0353 5844 C:\Windows\SysWOW64\aticfx32.dll - ok
21:29:55.0369 5844 [ 77B1471A490B53B24EFE136F09F76550 ] C:\Windows\SysWOW64\d3d8thk.dll
21:29:55.0369 5844 C:\Windows\SysWOW64\d3d8thk.dll - ok
21:29:55.0384 5844 [ 75A9BA2E84C0C9F661ACA17EA4E1F233 ] C:\Windows\SysWOW64\atiu9pag.dll
21:29:55.0384 5844 C:\Windows\SysWOW64\atiu9pag.dll - ok
21:29:55.0384 5844 [ 544CF876CF2327D21246BC1B66700F95 ] C:\Windows\SysWOW64\atiumdag.dll
21:29:55.0384 5844 C:\Windows\SysWOW64\atiumdag.dll - ok
21:29:55.0400 5844 [ F6FD367C9EAAEDF90CD7A7952AE0B336 ] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\ASL.dll
21:29:55.0400 5844 C:\Program Files (x86)\Common Files\Apple\Apple Application Support\ASL.dll - ok
21:29:55.0416 5844 [ A1156481B844AAF74560D3FB970559D1 ] C:\Windows\SysWOW64\atiumdva.dll
21:29:55.0416 5844 C:\Windows\SysWOW64\atiumdva.dll - ok
21:29:55.0431 5844 [ BE39E22059A3082D5289739299C33C01 ] C:\Windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\d7d20811a7ce7cc589153648cbb1ce5c\PresentationFramework.Aero.ni.dll
21:29:55.0431 5844 C:\Windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\d7d20811a7ce7cc589153648cbb1ce5c\PresentationFramework.Aero.ni.dll - ok
21:29:55.0447 5844 [ 27E79A455EF80647F4F57FA3C2B09C94 ] C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\eead6629e384a5b69f9ae35284b7eeed\System.Drawing.ni.dll
21:29:55.0447 5844 C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\eead6629e384a5b69f9ae35284b7eeed\System.Drawing.ni.dll - ok
21:29:55.0462 5844 [ 31E7CF1736A3CB25098CEE6E07FE270C ] C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\865d2bf19a7af7fab8660a42d92550fe\System.Windows.Forms.ni.dll
21:29:55.0462 5844 C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\865d2bf19a7af7fab8660a42d92550fe\System.Windows.Forms.ni.dll - ok
21:29:55.0462 5844 [ 45FB05F743E626D9E239E52602CEA041 ] C:\Windows\SysWOW64\msctfui.dll
21:29:55.0462 5844 C:\Windows\SysWOW64\msctfui.dll - ok
21:29:55.0478 5844 [ F3B650D3566E96E765AEA2AB05D4830C ] C:\Program Files (x86)\Toshiba\Wireless LAN Indicator\tosmui.dll
21:29:55.0478 5844 C:\Program Files (x86)\Toshiba\Wireless LAN Indicator\tosmui.dll - ok
21:29:55.0494 5844 [ D1DE1EAFDE97BE41CF6585027FF3E732 ] C:\Windows\SysWOW64\comdlg32.dll
21:29:55.0494 5844 C:\Windows\SysWOW64\comdlg32.dll - ok
21:29:55.0494 5844 [ 18AB2E5A40064ED5F7791AC5946A90F3 ] C:\Windows\SysWOW64\msimg32.dll
21:29:55.0494 5844 C:\Windows\SysWOW64\msimg32.dll - ok
21:29:55.0509 5844 [ BDAC1AA64495D0F7E1FF810EBBF1F018 ] C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_5.82.7601.17514_none_ec83dffa859149af\comctl32.dll
21:29:55.0509 5844 C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_5.82.7601.17514_none_ec83dffa859149af\comctl32.dll - ok
21:29:55.0525 5844 [ 9E4B0E7472B4CEBA9E17F440B8CB0AB8 ] C:\Windows\SysWOW64\winspool.drv
21:29:55.0525 5844 C:\Windows\SysWOW64\winspool.drv - ok
21:29:55.0540 5844 [ 7717F84F483002815490033BF069DABD ] C:\Windows\winsxs\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.17825_none_72d273598668a06b\GdiPlus.dll
21:29:55.0540 5844 C:\Windows\winsxs\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.17825_none_72d273598668a06b\GdiPlus.dll - ok
21:29:55.0556 5844 [ 8E01332CC4B68BC6B5B7EFFE374442AA ] C:\Windows\SysWOW64\oleacc.dll
21:29:55.0556 5844 C:\Windows\SysWOW64\oleacc.dll - ok
21:29:55.0556 5844 [ EAB975DB4C2805927FE5BD047D05C9AA ] C:\Windows\SysWOW64\netshell.dll
21:29:55.0556 5844 C:\Windows\SysWOW64\netshell.dll - ok
21:29:55.0572 5844 [ A90DC9ABD65DB1A8902F361103029952 ] C:\Windows\SysWOW64\IPHLPAPI.DLL
21:29:55.0572 5844 C:\Windows\SysWOW64\IPHLPAPI.DLL - ok
21:29:55.0587 5844 [ CFF35B879D1618D42C86644C717BA947 ] C:\Windows\SysWOW64\winnsi.dll
21:29:55.0587 5844 C:\Windows\SysWOW64\winnsi.dll - ok
21:29:55.0603 5844 [ 0BA65122FFA7E37564EE86422DBF7AE8 ] C:\Windows\SysWOW64\nlaapi.dll
21:29:55.0603 5844 C:\Windows\SysWOW64\nlaapi.dll - ok
21:29:55.0603 5844 [ 370349F79315D4DB86CD992CACEFEE61 ] C:\Windows\SysWOW64\VAN.dll
21:29:55.0603 5844 C:\Windows\SysWOW64\VAN.dll - ok
21:29:55.0618 5844 [ 4E4EDF9CA82E95BAB2977DD9F21B00F6 ] C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService_main.dll
21:29:55.0618 5844 C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService_main.dll - ok
21:29:55.0634 5844 [ 10FB16B50AFFDA6D44588F3C445DC273 ] C:\Windows\SysWOW64\setupapi.dll
21:29:55.0634 5844 C:\Windows\SysWOW64\setupapi.dll - ok
21:29:55.0650 5844 [ F436E847FA799ECD75AD8C313673F450 ] C:\Windows\SysWOW64\cfgmgr32.dll
21:29:55.0650 5844 C:\Windows\SysWOW64\cfgmgr32.dll - ok
21:29:55.0650 5844 [ 2EEFF4502F5E13B1BED4A04CCAD64C08 ] C:\Windows\SysWOW64\devobj.dll
21:29:55.0650 5844 C:\Windows\SysWOW64\devobj.dll - ok
21:29:55.0665 5844 [ D15618A0FF8DBC2C5BF3726BACC75A0B ] C:\Windows\SysWOW64\userenv.dll
21:29:55.0665 5844 C:\Windows\SysWOW64\userenv.dll - ok
21:29:55.0681 5844 [ 062373995EAE5F0EAC9EAA9192136BFB ] C:\Windows\SysWOW64\dnssd.dll
21:29:55.0681 5844 C:\Windows\SysWOW64\dnssd.dll - ok
21:29:55.0696 5844 [ 3FD15B4611D9BDA3F8013548C0ECAECA ] C:\Windows\SysWOW64\ntmarta.dll
21:29:55.0696 5844 C:\Windows\SysWOW64\ntmarta.dll - ok
21:29:55.0712 5844 [ 1DB71A41DAEE6B3F8CD0DDA8209FA2D5 ] C:\Windows\SysWOW64\WindowsCodecs.dll
21:29:55.0712 5844 C:\Windows\SysWOW64\WindowsCodecs.dll - ok
21:29:55.0712 5844 [ A8BB45F9ECAD993461E0FEF8E2A99152 ] C:\Windows\SysWOW64\Wldap32.dll
21:29:55.0712 5844 C:\Windows\SysWOW64\Wldap32.dll - ok
21:29:55.0728 5844 [ 878F9B6DA85CB98FCBDF6ABD1730A32F ] C:\Windows\assembly\GAC_32\Desktop.ini
21:29:55.0728 5844 C:\Windows\assembly\GAC_32\Desktop.ini - ok
21:29:55.0743 5844 [ 8999B8631C7FD9F7F9EC3CAFD953BA24 ] C:\Windows\SysWOW64\mswsock.dll
21:29:55.0743 5844 C:\Windows\SysWOW64\mswsock.dll - ok
21:29:55.0743 5844 [ DD49653BA3B4B30493E3FCC290A532E6 ] C:\Windows\assembly\temp\U\80000032.@
21:29:55.0743 5844 C:\Windows\assembly\temp\U\80000032.@ - ok
21:29:55.0759 5844 [ 7A6986DD659B96398A11AF5173892715 ] C:\Windows\SysWOW64\cabinet.dll
21:29:55.0759 5844 C:\Windows\SysWOW64\cabinet.dll - ok
21:29:55.0774 5844 [ 9E59F10C007D5C9462A96EA9DBA21233 ] C:\Program Files\TENCENT\AddrUpdate\AddrUpdate.exe
21:29:55.0774 5844 C:\Program Files\TENCENT\AddrUpdate\AddrUpdate.exe - ok
21:29:55.0790 5844 [ F93674263F6B07C77956E966953242D9 ] C:\Windows\SysWOW64\secur32.dll
21:29:55.0790 5844 C:\Windows\SysWOW64\secur32.dll - ok
21:29:55.0790 5844 [ 17448AF0BBA9E7AB5EC955AF93F271BD ] C:\Windows\SysWOW64\wintrust.dll
21:29:55.0790 5844 C:\Windows\SysWOW64\wintrust.dll - ok
21:29:55.0806 5844 [ 126B75D50756FE204283D418AE1A66DF ] C:\Windows\SysWOW64\msvcirt.dll
21:29:55.0806 5844 C:\Windows\SysWOW64\msvcirt.dll - ok
21:29:55.0821 5844 [ 0E1B02C9CC352A1F61703B7D1A8A2C45 ] C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\MobileDevice.dll
21:29:55.0821 5844 C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\MobileDevice.dll - ok
21:29:55.0837 5844 [ 9C17DCD6DDFEB1A012544FAF4F2789F6 ] C:\Windows\AppPatch\AcGenral.dll
21:29:55.0837 5844 C:\Windows\AppPatch\AcGenral.dll - ok
21:29:55.0852 5844 [ EE5C8E27C37B79CB54A2FCEEED2DC262 ] C:\Windows\SysWOW64\WSHTCPIP.DLL
21:29:55.0852 5844 C:\Windows\SysWOW64\WSHTCPIP.DLL - ok
21:29:55.0852 5844 [ 2E14406E05789F91C9282AE7CFCA3A07 ] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
21:29:55.0852 5844 C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll - ok
21:29:55.0868 5844 [ CF3126A2FF45AA224FC541BC543C2D9C ] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\CFNetwork.dll
21:29:55.0868 5844 C:\Program Files (x86)\Common Files\Apple\Apple Application Support\CFNetwork.dll - ok
21:29:55.0884 5844 [ 85683DF1F917E4D7F6BE1A04986BF1C8 ] C:\Windows\SysWOW64\msacm32.dll
21:29:55.0884 5844 C:\Windows\SysWOW64\msacm32.dll - ok
21:29:55.0899 5844 [ 68ECCA523ED760AAFC03C5D587569859 ] C:\Windows\SysWOW64\samcli.dll
21:29:55.0899 5844 C:\Windows\SysWOW64\samcli.dll - ok
21:29:55.0915 5844 [ 40CAEEE0EAF1B8569F7C8DF6420F2CB9 ] C:\Windows\SysWOW64\sfc.dll
21:29:55.0915 5844 C:\Windows\SysWOW64\sfc.dll - ok
21:29:55.0915 5844 [ 84799328D87B3091A3BDD251E1AD31F9 ] C:\Windows\SysWOW64\sfc_os.dll
21:29:55.0915 5844 C:\Windows\SysWOW64\sfc_os.dll - ok
21:29:55.0930 5844 [ B9A8CBCFCD3EC9D2EA4740AF347BF108 ] C:\Windows\SysWOW64\mpr.dll
21:29:55.0930 5844 C:\Windows\SysWOW64\mpr.dll - ok
21:29:55.0946 5844 [ 8BA9851E671E8B5E49E303748FFD530C ] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\SQLite3.dll
21:29:55.0946 5844 C:\Program Files (x86)\Common Files\Apple\Apple Application Support\SQLite3.dll - ok
21:29:55.0962 5844 [ EBBCD5DFBB1DE70E8F4AF8FA59E401FD ] C:\Program Files\Bonjour\mDNSResponder.exe
21:29:55.0962 5844 C:\Program Files\Bonjour\mDNSResponder.exe - ok
21:29:55.0977 5844 [ 5E33C164DC7FA74728D8A83036C438BB ] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
21:29:55.0977 5844 C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll - ok
21:29:55.0977 5844 [ 9C01375BE382E834CC26D1B7EAF2C4FE ] C:\Windows\System32\cryptsvc.dll
21:29:55.0977 5844 C:\Windows\System32\cryptsvc.dll - ok
21:29:55.0993 5844 [ B26F4F737E8F9DF4F31AF6CF31D05820 ] C:\Windows\System32\dps.dll
21:29:55.0993 5844 C:\Windows\System32\dps.dll - ok
21:29:56.0008 5844 [ 8792BAB371B4B1589E015B6FD1ED3B15 ] C:\Windows\System32\cryptnet.dll
21:29:56.0008 5844 C:\Windows\System32\cryptnet.dll - ok
21:29:56.0008 5844 [ 802496CB59A30349F9A6DD22D6947644 ] C:\Windows\System32\FDResPub.dll
21:29:56.0008 5844 C:\Windows\System32\FDResPub.dll - ok
21:29:56.0024 5844 [ FCD84C381E0140AF901E58D48882D26B ] C:\Windows\System32\IKEEXT.DLL
21:29:56.0024 5844 C:\Windows\System32\IKEEXT.DLL - ok
21:29:56.0040 5844 [ BAAFAF9CEAEC0B73C2A3550A01F6CECB ] C:\Windows\System32\taskschd.dll
21:29:56.0040 5844 C:\Windows\System32\taskschd.dll - ok
21:29:56.0055 5844 [ F1B205F932F62F94506A5F332C895DAF ] C:\Windows\System32\WSDApi.dll
21:29:56.0055 5844 C:\Windows\System32\WSDApi.dll - ok
21:29:56.0055 5844 [ 0E2F58F6E698EDCB9E58FAD0CBCD0567 ] C:\Windows\System32\vssapi.dll
21:29:56.0055 5844 C:\Windows\System32\vssapi.dll - ok
21:29:56.0071 5844 [ 1ACAA67676E9E7BDA5E0C41B6E0DECAF ] C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
21:29:56.0071 5844 C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe - ok
21:29:56.0086 5844 [ 8624E0E2418413614EE1FECDB7B76B88 ] C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbam.dll
21:29:56.0086 5844 C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbam.dll - ok
21:29:56.0102 5844 [ 77B5035BC6EDF4D1B6265391AECEE4C0 ] C:\Windows\System32\vpnikeapi.dll
21:29:56.0102 5844 C:\Windows\System32\vpnikeapi.dll - ok
21:29:56.0102 5844 [ A543AC1F7138376D778D630A35FCBC4C ] C:\Windows\SysWOW64\psapi.dll
21:29:56.0102 5844 C:\Windows\SysWOW64\psapi.dll - ok
21:29:56.0118 5844 [ C55516D98DD5D8F0153C2A9B4227DA86 ] C:\Windows\System32\webservices.dll
21:29:56.0118 5844 C:\Windows\System32\webservices.dll - ok
21:29:56.0133 5844 [ D4467A285C91752018F67CDBA8680BAB ] C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamnet.dll
21:29:56.0133 5844 C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamnet.dll - ok
21:29:56.0149 5844 [ 287923557447D7E4BDD7E65B1F0F5428 ] C:\Windows\System32\vsstrace.dll
21:29:56.0149 5844 C:\Windows\System32\vsstrace.dll - ok
21:29:56.0164 5844 [ B5055B51BAA0FD0A736A88653DA3C1C0 ] C:\Windows\System32\fundisc.dll
21:29:56.0164 5844 C:\Windows\System32\fundisc.dll - ok
21:29:56.0164 5844 [ 916B8954AC3E06DC9E898AFFB41F3FB6 ] C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
21:29:56.0164 5844 C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe - ok
21:29:56.0180 5844 [ 4BE1DCAD76BE96D1EC887A41E570C404 ] C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamcore.dll
21:29:56.0180 5844 C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamcore.dll - ok
21:29:56.0196 5844 [ 8AD77806D336673F270DB31645267293 ] C:\Windows\System32\nlasvc.dll
21:29:56.0196 5844 C:\Windows\System32\nlasvc.dll - ok
21:29:56.0211 5844 [ 3AEAA8B561E63452C655DC0584922257 ] C:\Windows\System32\pcasvc.dll
21:29:56.0211 5844 C:\Windows\System32\pcasvc.dll - ok
21:29:56.0211 5844 [ 1727B2A2F379A32B864C096FA794AADC ] C:\Windows\System32\aepic.dll
21:29:56.0211 5844 C:\Windows\System32\aepic.dll - ok
21:29:56.0227 5844 [ 68769C3356B3BE5D1C732C97B9A80D6E ] C:\Windows\System32\drivers\PEAuth.sys
21:29:56.0227 5844 C:\Windows\System32\drivers\PEAuth.sys - ok
21:29:56.0242 5844 [ D4FAC263861BAE06971C7F7D0A8EBF15 ] C:\Windows\System32\ncsi.dll
21:29:56.0242 5844 C:\Windows\System32\ncsi.dll - ok
21:29:56.0258 5844 [ 58F4493BF748A3A89689997B7BD00E95 ] C:\Windows\System32\winhttp.dll
21:29:56.0258 5844 C:\Windows\System32\winhttp.dll - ok
21:29:56.0258 5844 [ C6DCD1D11ED6827F05C00773C3E7053C ] C:\Windows\System32\sfc.dll
21:29:56.0258 5844 C:\Windows\System32\sfc.dll - ok
21:29:56.0274 5844 [ 895C9AB0A855547445C4181195230757 ] C:\Windows\System32\sfc_os.dll
21:29:56.0274 5844 C:\Windows\System32\sfc_os.dll - ok
21:29:56.0289 5844 [ 603EBD34E216C5654A2D774EAC98D278 ] C:\Windows\System32\webio.dll
21:29:56.0289 5844 C:\Windows\System32\webio.dll - ok
21:29:56.0289 5844 [ 3EA8A16169C26AFBEB544E0E48421186 ] C:\Windows\System32\drivers\secdrv.sys
21:29:56.0289 5844 C:\Windows\System32\drivers\secdrv.sys - ok
21:29:56.0305 5844 [ BCEA9AB347E53BC03B2E36BE0B8BA0EF ] C:\Windows\System32\httpapi.dll
21:29:56.0305 5844 C:\Windows\System32\httpapi.dll - ok
21:29:56.0320 5844 [ 2BBF3FDB70B8965DFA0258CBAB41ECCE ] C:\Windows\System32\ssdpapi.dll
21:29:56.0320 5844 C:\Windows\System32\ssdpapi.dll - ok
21:29:56.0336 5844 [ 4F15D75ADF6156BF56ECED6D4A55C389 ] C:\Windows\System32\IPSECSVC.DLL
21:29:56.0336 5844 C:\Windows\System32\IPSECSVC.DLL - ok
21:29:56.0352 5844 [ C6CC9297BD53E5229653303E556AA539 ] C:\Windows\System32\drivers\Sftfslh.sys
21:29:56.0352 5844 C:\Windows\System32\drivers\Sftfslh.sys - ok
21:29:56.0352 5844 [ 9BC93C9ACFA34DB5A41B89357B31E4ED ] C:\Windows\System32\FwRemoteSvr.dll
21:29:56.0352 5844 C:\Windows\System32\FwRemoteSvr.dll - ok
21:29:56.0367 5844 [ 390AA7BC52CEE43F6790CDEA1E776703 ] C:\Windows\System32\drivers\Sftplaylh.sys
21:29:56.0367 5844 C:\Windows\System32\drivers\Sftplaylh.sys - ok
21:29:56.0383 5844 [ C3CDDD18F43D44AB713CF8C4916F7696 ] C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
21:29:56.0383 5844 C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe - ok
21:29:56.0398 5844 [ 4C39358EBDD2FFCD9132A30E1EC31E16 ] C:\Windows\winsxs\x86_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.6161_none_50934f2ebcb7eb57\msvcp90.dll
21:29:56.0398 5844 C:\Windows\winsxs\x86_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.6161_none_50934f2ebcb7eb57\msvcp90.dll - ok
21:29:56.0414 5844 [ CDBE9690CF2B8409FACAD94FAC9479C9 ] C:\Windows\winsxs\x86_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.6161_none_50934f2ebcb7eb57\msvcr90.dll
21:29:56.0414 5844 C:\Windows\winsxs\x86_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.6161_none_50934f2ebcb7eb57\msvcr90.dll - ok
21:29:56.0430 5844 [ 4E5FE39C1076D115EC8BFCFE14D75B80 ] C:\Windows\SysWOW64\credssp.dll
21:29:56.0430 5844 C:\Windows\SysWOW64\credssp.dll - ok
21:29:56.0430 5844 [ A4FAB5F7818A69DA6E740943CB8F7CA9 ] C:\Program Files (x86)\Skype\Updater\Updater.exe
21:29:56.0430 5844 C:\Program Files (x86)\Skype\Updater\Updater.exe - ok
21:29:56.0445 5844 [ FF5688D309347F2720911D8796912834 ] C:\Windows\SysWOW64\clbcatq.dll
21:29:56.0445 5844 C:\Windows\SysWOW64\clbcatq.dll - ok
21:29:56.0461 5844 [ 1B16D0BD9841794A6E0CDE0CEF744ABC ] C:\Windows\System32\drivers\tcpipreg.sys
21:29:56.0461 5844 C:\Windows\System32\drivers\tcpipreg.sys - ok
21:29:56.0476 5844 [ BF9CCC0BF39B418C8D0AE8B05CF95B7D ] C:\Windows\System32\sysmain.dll
21:29:56.0476 5844 C:\Windows\System32\sysmain.dll - ok
21:29:56.0476 5844 [ 8E2C799D3476EAC32C3BA0DF7CE6AF19 ] C:\Windows\System32\TODDSrv.exe
21:29:56.0476 5844 C:\Windows\System32\TODDSrv.exe - ok
21:29:56.0492 5844 [ 8DD52E8E6128F4B2DA92CE27402871C1 ] C:\Windows\System32\wiaservc.dll
21:29:56.0492 5844 C:\Windows\System32\wiaservc.dll - ok
21:29:56.0508 5844 [ 0364256B4A2A93A8C8CDA6B3B5A0EFF5 ] C:\Windows\System32\wiatrace.dll
21:29:56.0508 5844 C:\Windows\System32\wiatrace.dll - ok
21:29:56.0523 5844 [ 210FCACAF902B2CD47CF9FD17D846146 ] C:\Windows\System32\aeevts.dll
21:29:56.0523 5844 C:\Windows\System32\aeevts.dll - ok
21:29:56.0523 5844 [ CDC97FA5C42B07FB0D4600E17C32F582 ] C:\Program Files\Toshiba\Power Saver\TosCoSrv.exe
21:29:56.0523 5844 C:\Program Files\Toshiba\Power Saver\TosCoSrv.exe - ok
21:29:56.0539 5844 [ 20FC7C01204EC5AC975F5F793599A17D ] C:\Program Files\Toshiba\Power Saver\TPwrReg.dll
21:29:56.0539 5844 C:\Program Files\Toshiba\Power Saver\TPwrReg.dll - ok
21:29:56.0554 5844 [ 1E0892351AD2A85D3448978FFFD2CF25 ] C:\Program Files\Toshiba\Power Saver\TPwrFunc.dll
21:29:56.0554 5844 C:\Program Files\Toshiba\Power Saver\TPwrFunc.dll - ok
21:29:56.0570 5844 [ A8EDB86FC2A4D6D1285E4C70384AC35A ] C:\Windows\System32\dllhost.exe
21:29:56.0570 5844 C:\Windows\System32\dllhost.exe - ok
21:29:56.0570 5844 [ 14DFDEAF4E589ED3F1FF187A86B9408C ] C:\Windows\winsxs\amd64_microsoft.windows.common-controls_6595b64144ccf1df_5.82.7601.17514_none_a4d6a923711520a9\comctl32.dll
21:29:56.0570 5844 C:\Windows\winsxs\amd64_microsoft.windows.common-controls_6595b64144ccf1df_5.82.7601.17514_none_a4d6a923711520a9\comctl32.dll - ok
21:29:56.0586 5844 [ A0A2C1D812C231C9BFE119FDC68E341B ] C:\Windows\System32\IDStore.dll
21:29:56.0586 5844 C:\Windows\System32\IDStore.dll - ok
21:29:56.0601 5844 [ 418E881201583A3039D81F43E39E6C78 ] C:\Windows\SysWOW64\winsta.dll
21:29:56.0601 5844 C:\Windows\SysWOW64\winsta.dll - ok
21:29:56.0617 5844 [ 0B767380AB5AC43745650CAF3B2DBB8F ] C:\Windows\System32\SogouPY.ime
21:29:56.0617 5844 C:\Windows\System32\SogouPY.ime - ok
21:29:56.0632 5844 [ 639774C9ACD063F028F6084ABF5593AD ] C:\Windows\System32\taskhost.exe
21:29:56.0632 5844 C:\Windows\System32\taskhost.exe - ok
21:29:56.0632 5844 [ 1F1CA9E99DD5BF918BE0BF30B5A42FDA ] C:\Windows\System32\MsCtfMonitor.dll
21:29:56.0632 5844 C:\Windows\System32\MsCtfMonitor.dll - ok
21:29:56.0648 5844 [ F09A9A1AD21FE618C4C8B0A0D830C886 ] C:\Windows\System32\msutb.dll
21:29:56.0648 5844 C:\Windows\System32\msutb.dll - ok
21:29:56.0664 5844 [ 1834B31C749B86DAC233BBBA1C03BC48 ] C:\Windows\System32\mscms.dll
21:29:56.0664 5844 C:\Windows\System32\mscms.dll - ok
21:29:56.0679 5844 [ 6CEF7856A3EFAC59470F6208F0F585CE ] C:\Windows\System32\mpr.dll
21:29:56.0679 5844 C:\Windows\System32\mpr.dll - ok
21:29:56.0679 5844 [ 9BB99503D6A4DD62569EDE9E5E2672A5 ] C:\Windows\System32\HotStartUserAgent.dll
21:29:56.0679 5844 C:\Windows\System32\HotStartUserAgent.dll - ok
21:29:56.0695 5844 [ 94EEAC26F57811BD1AEFC164412F7FCE ] C:\Windows\System32\PlaySndSrv.dll
21:29:56.0695 5844 C:\Windows\System32\PlaySndSrv.dll - ok
21:29:56.0710 5844 [ BAFE84E637BF7388C96EF48D4D3FDD53 ] C:\Windows\System32\userinit.exe
21:29:56.0710 5844 C:\Windows\System32\userinit.exe - ok
21:29:56.0726 5844 [ B2742EA6ED844D747E2348A504E491CB ] C:\Windows\System32\dxva2.dll
21:29:56.0726 5844 C:\Windows\System32\dxva2.dll - ok
21:29:56.0726 5844 [ 332FEAB1435662FC6C672E25BEB37BE3 ] C:\Windows\explorer.exe
21:29:56.0726 5844 C:\Windows\explorer.exe - ok
21:29:56.0742 5844 [ EED05D42D91835064703E2318552ED25 ] C:\Windows\System32\ExplorerFrame.dll
21:29:56.0742 5844 C:\Windows\System32\ExplorerFrame.dll - ok
21:29:56.0757 5844 [ 024352FEEC9042260BB4CFB4D79A206B ] C:\Windows\System32\EhStorShell.dll
21:29:56.0757 5844 C:\Windows\System32\EhStorShell.dll - ok
21:29:56.0773 5844 [ 037A719DAD50603202C978CD802623E4 ] C:\Windows\System32\ntshrui.dll
21:29:56.0773 5844 C:\Windows\System32\ntshrui.dll - ok
21:29:56.0773 5844 [ 1BF0CB861A48FEB1638228760750F3CB ] C:\Windows\System32\cscapi.dll
21:29:56.0773 5844 C:\Windows\System32\cscapi.dll - ok
21:29:56.0788 5844 [ 1D63F4366288B8A7595397E27010FD44 ] C:\Windows\System32\IconCodecService.dll
21:29:56.0788 5844 C:\Windows\System32\IconCodecService.dll - ok
21:29:56.0804 5844 [ 025E7DBDB98866ED3CB2D4DDA70B364D ] C:\Windows\System32\runonce.exe
21:29:56.0804 5844 C:\Windows\System32\runonce.exe - ok
21:29:56.0804 5844 [ D44741F65A1D71F65814A12CF6E2400A ] C:\Windows\SysWOW64\runonce.exe
21:29:56.0804 5844 C:\Windows\SysWOW64\runonce.exe - ok
21:29:56.0820 5844 [ 12C45E3CB6D65F73209549E2D02ECA7A ] C:\Windows\SysWOW64\propsys.dll
21:29:56.0820 5844 C:\Windows\SysWOW64\propsys.dll - ok
21:29:56.0835 5844 [ 7E47C328FC4768CB8BEAFBCFAFA70362 ] C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
21:29:56.0835 5844 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE - ok
21:29:56.0851 5844 [ 5F22132C9153639762708909F156B33D ] C:\Windows\System32\ftpqueue.dll
21:29:56.0851 5844 C:\Windows\System32\ftpqueue.dll - ok
21:29:56.0866 5844 [ 19B07E7E8915D701225DA41CB3877306 ] C:\Windows\System32\wbem\WMIsvc.dll
21:29:56.0866 5844 C:\Windows\System32\wbem\WMIsvc.dll - ok
21:29:56.0866 5844 [ 7DB5AA22A8A8E5C2D335F44853C1F6DE ] C:\Windows\System32\wbemcomn.dll
21:29:56.0866 5844 C:\Windows\System32\wbemcomn.dll - ok
21:29:56.0882 5844 [ B837D1528CE2E3CB79F09496BC08DDC6 ] C:\Windows\System32\SensApi.dll
21:29:56.0882 5844 C:\Windows\System32\SensApi.dll - ok
21:29:56.0898 5844 [ 0255C22D99602534F15CBB8D9B6F152F ] C:\Windows\System32\wbem\WinMgmtR.dll
21:29:56.0898 5844 C:\Windows\System32\wbem\WinMgmtR.dll - ok
21:29:56.0913 5844 [ 0C52762C606BCF6A377D5E4688191A6B ] C:\Windows\System32\wbem\WmiDcPrv.dll
21:29:56.0913 5844 C:\Windows\System32\wbem\WmiDcPrv.dll - ok
21:29:56.0913 5844 [ 93812FDC01AA864195816CD814445F95 ] C:\Program Files\Common Files\Microsoft Shared\Windows Live\SQMAPI.DLL
21:29:56.0913 5844 C:\Program Files\Common Files\Microsoft Shared\Windows Live\SQMAPI.DLL - ok
21:29:56.0929 5844 [ A3F5E8EC1316C3E2562B82694A251C9E ] C:\Windows\System32\wbem\fastprox.dll
21:29:56.0929 5844 C:\Windows\System32\wbem\fastprox.dll - ok
21:29:56.0944 5844 [ 9689A9C7F7C2A1A423CDA2C3B43FFF65 ] C:\Windows\System32\wer.dll
21:29:56.0944 5844 C:\Windows\System32\wer.dll - ok
21:29:56.0960 5844 [ EE26D130808D16C0E417BBBED0451B34 ] C:\Windows\System32\ntdsapi.dll
21:29:56.0960 5844 C:\Windows\System32\ntdsapi.dll - ok
21:29:56.0976 5844 [ 666A60F6F5E719856FF6254E0966EFF7 ] C:\Windows\System32\wbem\wbemprox.dll
21:29:56.0976 5844 C:\Windows\System32\wbem\wbemprox.dll - ok
21:29:56.0976 5844 [ 13693B6354DD6E72DC5131DA7D764B90 ] C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
21:29:56.0976 5844 C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe - ok
21:29:56.0991 5844 [ 6177E1A8F215576A56D437B48A00848B ] C:\Program Files (x86)\Microsoft Application Virtualization Client\sftsync.dll
21:29:56.0991 5844 C:\Program Files (x86)\Microsoft Application Virtualization Client\sftsync.dll - ok
21:29:57.0007 5844 [ 08F0BE836428436724EE15964AE8A2E1 ] C:\ProgramData\Microsoft\IdentityCRL\production\ppcrlconfig600.dll
21:29:57.0007 5844 C:\ProgramData\Microsoft\IdentityCRL\production\ppcrlconfig600.dll - ok
21:29:57.0022 5844 [ 371948BC5911ABA06168FAC91ED25F06 ] C:\Windows\System32\msxml3.dll
21:29:57.0022 5844 C:\Windows\System32\msxml3.dll - ok
21:29:57.0038 5844 [ 295E1F2BC1AFDAFD98FF426BCE524BA9 ] C:\Program Files (x86)\Microsoft Application Virtualization Client\sftuser.dll
21:29:57.0038 5844 C:\Program Files (x86)\Microsoft Application Virtualization Client\sftuser.dll - ok
21:29:57.0054 5844 [ 5EB55F661DEBF156E126160BCD4D89F8 ] C:\Windows\System32\wbem\wbemcore.dll
21:29:57.0054 5844 C:\Windows\System32\wbem\wbemcore.dll - ok
21:29:57.0054 5844 [ A733CC986EB51F8FBF598B981DC19FBA ] C:\Program Files (x86)\Microsoft Application Virtualization Client\sftcore.dll
21:29:57.0054 5844 C:\Program Files (x86)\Microsoft Application Virtualization Client\sftcore.dll - ok
21:29:57.0069 5844 [ 087D8668C71634A3A3761135ABF16EEE ] C:\Windows\System32\wbem\esscli.dll
21:29:57.0069 5844 C:\Windows\System32\wbem\esscli.dll - ok
21:29:57.0085 5844 [ 70A176BF2ED362862944C371838262F8 ] C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
21:29:57.0085 5844 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE - ok
21:29:57.0085 5844 [ 718B6F51AB7F6FE2988A36868F9AD3AB ] C:\Windows\System32\wbem\wbemsvc.dll
21:29:57.0085 5844 C:\Windows\System32\wbem\wbemsvc.dll - ok
21:29:57.0100 5844 [ 0143DB80DACFB7C2B5B7009ED9063353 ] C:\Windows\System32\wbem\wmiutils.dll
21:29:57.0100 5844 C:\Windows\System32\wbem\wmiutils.dll - ok
21:29:57.0116 5844 [ 2FCA0D2C59A855C54BAFA22AA329DF0F ] C:\Windows\SysWOW64\netapi32.dll
21:29:57.0116 5844 C:\Windows\SysWOW64\netapi32.dll - ok
21:29:57.0132 5844 [ 20B3934DB73EABA2B49B7177873CB81F ] C:\Windows\SysWOW64\netutils.dll
21:29:57.0132 5844 C:\Windows\SysWOW64\netutils.dll - ok
21:29:57.0132 5844 [ 5CCDCD40E732D54E0F7451AC66AC1C87 ] C:\Windows\SysWOW64\srvcli.dll
21:29:57.0132 5844 C:\Windows\SysWOW64\srvcli.dll - ok
21:29:57.0147 5844 [ 32BFCF1CA719F2A3A31C721BD5F90303 ] C:\Program Files (x86)\Microsoft Application Virtualization Client\sftpsr.dll
21:29:57.0147 5844 C:\Program Files (x86)\Microsoft Application Virtualization Client\sftpsr.dll - ok
21:29:57.0163 5844 [ E5A4A1326A02F8E7B59E6C3270CE7202 ] C:\Windows\SysWOW64\wkscli.dll
21:29:57.0163 5844 C:\Windows\SysWOW64\wkscli.dll - ok
21:29:57.0178 5844 [ 40EE4E67311F4019CCA2120D88C60576 ] C:\Program Files (x86)\Microsoft Application Virtualization Client\sftfsi_wow64.dll
21:29:57.0178 5844 C:\Program Files (x86)\Microsoft Application Virtualization Client\sftfsi_wow64.dll - ok
21:29:57.0194 5844 [ 0AB34456654C283DAA13B8D2BA21439B ] C:\Windows\System32\wbem\repdrvfs.dll
21:29:57.0194 5844 C:\Windows\System32\wbem\repdrvfs.dll - ok
21:29:57.0194 5844 [ 09AB81CEE443569D9A3CC151DDF70444 ] C:\Program Files (x86)\Microsoft Application Virtualization Client\sftcomp.dll
21:29:57.0194 5844 C:\Program Files (x86)\Microsoft Application Virtualization Client\sftcomp.dll - ok
21:29:57.0210 5844 [ 6F8E3B7B70E1BBA871212940C1FBDF60 ] C:\Windows\SysWOW64\SensApi.dll
21:29:57.0210 5844 C:\Windows\SysWOW64\SensApi.dll - ok
21:29:57.0225 5844 [ CA9F7888B524D8100B977C81F44C3234 ] C:\Windows\SysWOW64\winhttp.dll
21:29:57.0225 5844 C:\Windows\SysWOW64\winhttp.dll - ok
21:29:57.0241 5844 [ FB19FC5951A88F3C523E35C2C98D23C0 ] C:\Windows\SysWOW64\webio.dll
21:29:57.0241 5844 C:\Windows\SysWOW64\webio.dll - ok
21:29:57.0256 5844 [ 8EA53101FF2B15BDFF934B62A8FB326D ] C:\Windows\SysWOW64\logoncli.dll
21:29:57.0256 5844 C:\Windows\SysWOW64\logoncli.dll - ok
21:29:57.0256 5844 [ DDD0357A92FA843EFF8915ED17253D6C ] C:\Windows\System32\wbem\WmiPrvSD.dll
21:29:57.0256 5844 C:\Windows\System32\wbem\WmiPrvSD.dll - ok
21:29:57.0272 5844 [ D41FEBD098234F02485A4EA98D4730A4 ] C:\Windows\System32\ncobjapi.dll
21:29:57.0272 5844 C:\Windows\System32\ncobjapi.dll - ok
21:29:57.0288 5844 [ 6F40D6FB05E0C1E5402812B426971AF0 ] C:\Windows\System32\wbem\wbemess.dll
21:29:57.0288 5844 C:\Windows\System32\wbem\wbemess.dll - ok
21:29:57.0303 5844 [ A6C29DB53ECA94FA8591C5388D604B82 ] C:\Windows\SysWOW64\msi.dll
21:29:57.0303 5844 C:\Windows\SysWOW64\msi.dll - ok
21:29:57.0303 5844 [ F11A57E91FDAECFB41A5CB21EB1EBC8E ] C:\Windows\System32\dssenh.dll
21:29:57.0303 5844 C:\Windows\System32\dssenh.dll - ok
21:29:57.0319 5844 [ 30DB64D316F502558DB2380F7343C9FD ] C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll
21:29:57.0319 5844 C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll - ok
21:29:57.0334 5844 [ 207204AF80505AF51271FE164B56F662 ] C:\Program Files (x86)\Microsoft Office\Office12\GrooveUtil.dll
21:29:57.0334 5844 C:\Program Files (x86)\Microsoft Office\Office12\GrooveUtil.dll - ok
21:29:57.0350 5844 [ 30EFEBDC960A482E3E188B9960B286E2 ] C:\Program Files (x86)\Microsoft Office\Office12\GrooveNew.dll
21:29:57.0350 5844 C:\Program Files (x86)\Microsoft Office\Office12\GrooveNew.dll - ok
21:29:57.0350 5844 [ D5E459BED3DB9CF7FC6CC1455F177D2D ] C:\Windows\winsxs\x86_microsoft.vc80.atl_1fc8b3b9a1e18e3b_8.0.50727.6195_none_d1cb102c435421de\ATL80.dll
21:29:57.0350 5844 C:\Windows\winsxs\x86_microsoft.vc80.atl_1fc8b3b9a1e18e3b_8.0.50727.6195_none_d1cb102c435421de\ATL80.dll - ok
21:29:57.0366 5844 [ D8C2B95BC2353E1F18850D6B8F5DBA13 ] C:\Program Files (x86)\Microsoft Office\Office12\GrooveSystemServices.dll
21:29:57.0366 5844 C:\Program Files (x86)\Microsoft Office\Office12\GrooveSystemServices.dll - ok
21:29:57.0381 5844 [ 533AECD1B5356870AE2D905B4D3B42B7 ] C:\Program Files (x86)\Microsoft Office\Office12\GrooveMisc.dll
21:29:57.0381 5844 C:\Program Files (x86)\Microsoft Office\Office12\GrooveMisc.dll - ok
21:29:57.0397 5844 [ 21D3A18769EC2C4E56756D04E989A221 ] C:\Windows\SysWOW64\msxml3.dll
21:29:57.0397 5844 C:\Windows\SysWOW64\msxml3.dll - ok
21:29:57.0412 5844 [ AD7B9C14083B52BC532FBA5948342B98 ] C:\Windows\SysWOW64\cmd.exe
21:29:57.0412 5844 C:\Windows\SysWOW64\cmd.exe - ok
21:29:57.0412 5844 [ 1BCDB508143B517F21BBDAC10F5777BF ] C:\Windows\System32\conhost.exe
21:29:57.0412 5844 C:\Windows\System32\conhost.exe - ok
21:29:57.0428 5844 [ D33D5588576B04FC489DCCC66E98F546 ] C:\Program Files\Toshiba\TECO\TecoService.exe
21:29:57.0428 5844 C:\Program Files\Toshiba\TECO\TecoService.exe - ok
21:29:57.0444 5844 [ ACBA5BD315232E8547C7EB71674D641C ] C:\Program Files\Toshiba\TECO\TecoHci.dll
21:29:57.0444 5844 C:\Program Files\Toshiba\TECO\TecoHci.dll - ok
21:29:57.0444 5844 [ 1EBE9524683C7C4EED8B8BC93FB6FBCC ] C:\Windows\SysWOW64\fltLib.dll
21:29:57.0444 5844 C:\Windows\SysWOW64\fltLib.dll - ok
21:29:57.0459 5844 [ 18EEA583C7799888EB3E75D8546CF546 ] C:\Program Files\Toshiba\TECO\TecoPower.dll
21:29:57.0459 5844 C:\Program Files\Toshiba\TECO\TecoPower.dll - ok
21:29:57.0475 5844 [ 617E29A0B0A2807466560D4C4E338D3E ] C:\Windows\System32\drivers\Sftredirlh.sys
21:29:57.0475 5844 C:\Windows\System32\drivers\Sftredirlh.sys - ok
21:29:57.0490 5844 [ 3D3CBD1847F980FB03343A63671E7886 ] C:\Windows\SysWOW64\schannel.dll
21:29:57.0490 5844 C:\Windows\SysWOW64\schannel.dll - ok
21:29:57.0506 5844 [ 619A67C9F617B7E69315BB28ECD5E1DF ] C:\Windows\System32\wbem\WmiPrvSE.exe
21:29:57.0506 5844 C:\Windows\System32\wbem\WmiPrvSE.exe - ok
21:29:57.0506 5844 [ 07AD88DF9EF73215458867EFC1BFFE9E ] C:\Windows\System32\wbem\wmiprov.dll
21:29:57.0506 5844 C:\Windows\System32\wbem\wmiprov.dll - ok
21:29:57.0522 5844 [ EAADD6E47ED2A7003ACE1793B98CF63F ] C:\Windows\SysWOW64\msxml6.dll
21:29:57.0522 5844 C:\Windows\SysWOW64\msxml6.dll - ok
21:29:57.0537 5844 [ B40420876B9288E0A1C8CCA8A84E5DC9 ] C:\Windows\SysWOW64\dnsapi.dll
21:29:57.0537 5844 C:\Windows\SysWOW64\dnsapi.dll - ok
21:29:57.0553 5844 [ 7E7AFD841694F6AC397E99D75CEAD49D ] C:\Windows\System32\trkwks.dll
21:29:57.0553 5844 C:\Windows\System32\trkwks.dll - ok
21:29:57.0553 5844 [ F162D5F5E845B9DC352DD1BAD8CEF1BC ] C:\Windows\System32\dwm.exe
21:29:57.0553 5844 C:\Windows\System32\dwm.exe - ok
21:29:57.0568 5844 [ FCFCD1101C5DA23B4B95F93D02B2C169 ] C:\Windows\System32\dwmredir.dll
21:29:57.0568 5844 C:\Windows\System32\dwmredir.dll - ok
21:29:57.0584 5844 [ 4BA77A5EF71C14C764B0ED4701683E3E ] C:\Windows\System32\dwmcore.dll
21:29:57.0584 5844 C:\Windows\System32\dwmcore.dll - ok
21:29:57.0600 5844 [ 8F0DE4FEF8201E306F9938B0905AC96A ] C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
21:29:57.0600 5844 C:\Program Files (x86)\Google\Update\GoogleUpdate.exe - ok
21:29:57.0600 5844 [ E1374D37477322D4956604711008C69D ] C:\Windows\System32\d3d10_1.dll
21:29:57.0600 5844 C:\Windows\System32\d3d10_1.dll - ok
21:29:57.0615 5844 [ 9FF47CD8A3787C8FD3CDFE40441C722E ] C:\Program Files (x86)\Google\Update\1.3.21.123\goopdate.dll
21:29:57.0615 5844 C:\Program Files (x86)\Google\Update\1.3.21.123\goopdate.dll - ok
21:29:57.0631 5844 [ 45CFBFA8EDC3DF4E2B7FB0D0260FE051 ] C:\Windows\System32\localspl.dll
21:29:57.0631 5844 C:\Windows\System32\localspl.dll - ok
21:29:57.0646 5844 [ 426BA4E737A7988FD1202AF2F2B2F4A6 ] C:\Windows\System32\d3d10_1core.dll
21:29:57.0646 5844 C:\Windows\System32\d3d10_1core.dll - ok
21:29:57.0646 5844 [ 3285481F5C12305CA104A6C493CA5A0B ] C:\Windows\System32\spoolss.dll
21:29:57.0646 5844 C:\Windows\System32\spoolss.dll - ok
21:29:57.0662 5844 [ F404E59DB6A0F122AB26BF4F3E2FD0FA ] C:\Windows\System32\dxgi.dll
21:29:57.0662 5844 C:\Windows\System32\dxgi.dll - ok
21:29:57.0678 5844 [ 0015ACFBBDD164A8A730009908868CA7 ] C:\Windows\System32\winspool.drv
21:29:57.0678 5844 C:\Windows\System32\winspool.drv - ok
21:29:57.0693 5844 [ C5AC93CF3BA30D367FB49148A2B673B9 ] C:\Windows\System32\PrintIsolationProxy.dll
21:29:57.0693 5844 C:\Windows\System32\PrintIsolationProxy.dll - ok
21:29:57.0693 5844 [ B2DB6ABA2E292235749B80A9C3DFA867 ] C:\Windows\SysWOW64\imagehlp.dll
21:29:57.0693 5844 C:\Windows\SysWOW64\imagehlp.dll - ok
21:29:57.0709 5844 [ DDCAC2477FF82BCDD8782C3982B5BA06 ] C:\Windows\System32\E_ILMFBA.DLL
21:29:57.0709 5844 C:\Windows\System32\E_ILMFBA.DLL - ok
21:29:57.0724 5844 [ 19E41CCCEE697CC9465396B370929792 ] C:\Windows\System32\FXSMON.dll
21:29:57.0724 5844 C:\Windows\System32\FXSMON.dll - ok
21:29:57.0740 5844 [ 32A3C8600AF124CBAAD845F13CFAE3CB ] C:\Windows\System32\tcpmon.dll
21:29:57.0740 5844 C:\Windows\System32\tcpmon.dll - ok
21:29:57.0740 5844 [ 8696D6FA6F96F34EB9151704ABAF133A ] C:\Windows\System32\aticfx64.dll
21:29:57.0740 5844 C:\Windows\System32\aticfx64.dll - ok
21:29:57.0756 5844 [ 93518C6EDE0B61BCBD02BDB02BD05FEE ] C:\Windows\System32\snmpapi.dll
21:29:57.0756 5844 C:\Windows\System32\snmpapi.dll - ok
21:29:57.0771 5844 [ FFF9D00CF16397C64317F213484F94BD ] C:\Windows\System32\wsnmp32.dll
21:29:57.0771 5844 C:\Windows\System32\wsnmp32.dll - ok
21:29:57.0787 5844 [ 465BEA35F7ED4A4A57686DEA7EA10F47 ] C:\Windows\SysWOW64\cscapi.dll
21:29:57.0787 5844 C:\Windows\SysWOW64\cscapi.dll - ok
21:29:57.0787 5844 [ DF72A9936D0C3F517083119648814B09 ] C:\Windows\System32\usbmon.dll
21:29:57.0787 5844 C:\Windows\System32\usbmon.dll - ok
21:29:57.0802 5844 [ A1D7E3ADCDB07DDB6F423862DCB1A52B ] C:\Windows\System32\WSDMon.dll
21:29:57.0802 5844 C:\Windows\System32\WSDMon.dll - ok
21:29:57.0818 5844 [ 53223B673A3FA2F9A4D1C31C8D3F6CD8 ] C:\Windows\SysWOW64\dbghelp.dll
21:29:57.0818 5844 C:\Windows\SysWOW64\dbghelp.dll - ok
21:29:57.0834 5844 [ 297A16EB62460FF10506539AAC515527 ] C:\Windows\System32\atiuxp64.dll
21:29:57.0834 5844 C:\Windows\System32\atiuxp64.dll - ok
21:29:57.0849 5844 [ AE5A69F44C1F97EDC83237FC0B29B6FB ] C:\Program Files (x86)\Google\Update\1.3.21.123\GoogleCrashHandler.exe
21:29:57.0849 5844 C:\Program Files (x86)\Google\Update\1.3.21.123\GoogleCrashHandler.exe - ok
21:29:57.0849 5844 [ 9FACF68EE6BDED00108002C61517D08A ] C:\Program Files (x86)\IObit\Game Booster 3\AutoUpdate.exe
21:29:57.0849 5844 C:\Program Files (x86)\IObit\Game Booster 3\AutoUpdate.exe - ok
21:29:57.0865 5844 [ FA705724D337C7555FE22C0D4E93F790 ] C:\Windows\System32\atidxx64.dll
21:29:57.0865 5844 C:\Windows\System32\atidxx64.dll - ok
21:29:57.0880 5844 [ C5A99A4C0DC9F0F5A95BA0C83D30A549 ] C:\Windows\SysWOW64\mstask.dll
21:29:57.0880 5844 C:\Windows\SysWOW64\mstask.dll - ok
21:29:57.0880 5844 [ 41938F2C1642459CBBA691B5DBD6395A ] C:\Program Files (x86)\Google\Update\1.3.21.123\GoogleCrashHandler64.exe
21:29:57.0880 5844 C:\Program Files (x86)\Google\Update\1.3.21.123\GoogleCrashHandler64.exe - ok
21:29:57.0896 5844 [ 4581716B4BF76ACFD8E167EB0B26D82A ] C:\Windows\System32\fdPnp.dll
21:29:57.0896 5844 C:\Windows\System32\fdPnp.dll - ok
21:29:57.0912 5844 [ 1D626FE2E13C1CE49CA0136CFF214E93 ] C:\Windows\System32\spool\prtprocs\x64\winprint.dll
21:29:57.0912 5844 C:\Windows\System32\spool\prtprocs\x64\winprint.dll - ok
21:29:57.0927 5844 [ 0353B239C28B0E9EBC7FA3D1F6181661 ] C:\Windows\System32\win32spl.dll
21:29:57.0927 5844 C:\Windows\System32\win32spl.dll - ok
21:29:57.0943 5844 [ D41A8A1751E52CCFCB209E09478A13DB ] C:\Program Files (x86)\IObit\Game Booster 3\gbtray.exe
21:29:57.0943 5844 C:\Program Files (x86)\IObit\Game Booster 3\gbtray.exe - ok
21:29:57.0943 5844 [ A7A8CA53D9C9FD90C07AB0EB38E5316B ] C:\Windows\System32\dbghelp.dll
21:29:57.0943 5844 C:\Windows\System32\dbghelp.dll - ok
21:29:57.0958 5844 [ DD82EB68D97944B192C7803EB585B03C ] C:\Program Files (x86)\IObit\Game Booster 3\rtl120.bpl
21:29:57.0958 5844 C:\Program Files (x86)\IObit\Game Booster 3\rtl120.bpl - ok
21:29:57.0974 5844 [ 773EBD87010A6F644869A59D98792C9C ] C:\Program Files (x86)\IObit\Game Booster 3\vcl120.bpl
21:29:57.0974 5844 C:\Program Files (x86)\IObit\Game Booster 3\vcl120.bpl - ok
21:29:57.0990 5844 [ 936F728E04ACCF3F38801CFFCF1E3F40 ] C:\Windows\SysWOW64\oledlg.dll
21:29:57.0990 5844 C:\Windows\SysWOW64\oledlg.dll - ok
21:29:57.0990 5844 [ 07DE550E2C672BCA2B2FA3D082094CB7 ] C:\Program Files (x86)\IObit\Game Booster 3\PowerConfig.dll
21:29:58.0005 5844 C:\Program Files (x86)\IObit\Game Booster 3\PowerConfig.dll - ok
21:29:58.0005 5844 [ 08DFDBD2FD4EA951DC46B1C7661ED35A ] C:\Windows\SysWOW64\powrprof.dll
21:29:58.0005 5844 C:\Windows\SysWOW64\powrprof.dll - ok
21:29:58.0021 5844 [ 507D5567A0A4EE86C4B0CE2CE1777025 ] C:\Windows\System32\inetpp.dll
21:29:58.0021 5844 C:\Windows\System32\inetpp.dll - ok
21:29:58.0036 5844 [ 326C7F76A29897A892AA7726E91C1C67 ] C:\Windows\SysWOW64\winbrand.dll
21:29:58.0036 5844 C:\Windows\SysWOW64\winbrand.dll - ok
21:29:58.0052 5844 [ 37F358CBD2A1D82C56A542325DA6D368 ] C:\Windows\SysWOW64\ieframe.dll
21:29:58.0052 5844 C:\Windows\SysWOW64\ieframe.dll - ok
21:29:58.0052 5844 [ 03A03A453F1AAAE0C73AAAF895321C7A ] C:\Windows\SysWOW64\FWPUCLNT.DLL
21:29:58.0052 5844 C:\Windows\SysWOW64\FWPUCLNT.DLL - ok
21:29:58.0068 5844 [ BE247AE996A9FDE007A27B51413A6C79 ] C:\Windows\SysWOW64\shdocvw.dll
21:29:58.0068 5844 C:\Windows\SysWOW64\shdocvw.dll - ok
21:29:58.0083 5844 [ EBC984F0CE40E0DAF0454D806EC2A7EC ] C:\Users\Administrator.Toshiba\AppData\Local\Temp\21B63858-DEBE-4B19-BB09-E9FEEF81E782.exe
21:29:58.0083 5844 C:\Users\Administrator.Toshiba\AppData\Local\Temp\21B63858-DEBE-4B19-BB09-E9FEEF81E782.exe - ok
21:29:58.0099 5844 [ 162D247E995EAEBF3EF4289069E1111C ] C:\Windows\SysWOW64\devrtl.dll
21:29:58.0099 5844 C:\Windows\SysWOW64\devrtl.dll - ok
21:29:58.0099 5844 [ 9D4A1690AF93F233E15380398BEC7431 ] C:\Program Files (x86)\Common Files\microsoft shared\Windows Live\WLIDNSP.DLL
21:29:58.0099 5844 C:\Program Files (x86)\Common Files\microsoft shared\Windows Live\WLIDNSP.DLL - ok
21:29:58.0114 5844 [ 73E8667A19FEEDD856DF2695E9E511D4 ] C:\Windows\SysWOW64\wship6.dll
21:29:58.0114 5844 C:\Windows\SysWOW64\wship6.dll - ok
21:29:58.0130 5844 [ 40947436A70E0034E41123DF5A0A7702 ] C:\Program Files (x86)\Bonjour\mdnsNSP.dll
21:29:58.0130 5844 C:\Program Files (x86)\Bonjour\mdnsNSP.dll - ok
21:29:58.0130 5844 [ ED6EE83D61EBC683C2CD8E899EA6FEBE ] C:\Windows\SysWOW64\rasadhlp.dll
21:29:58.0146 5844 C:\Windows\SysWOW64\rasadhlp.dll - ok
21:29:58.0146 5844 [ D56C13F26ADCB3BC0455DB42883F6E7D ] C:\Windows\System32\iedkcs32.dll
21:29:58.0146 5844 C:\Windows\System32\iedkcs32.dll - ok
21:29:58.0161 5844 [ F146E2BA475893DD77B2370DC1211FC6 ] C:\Windows\System32\drivers\48326660.sys
21:29:58.0161 5844 C:\Windows\System32\drivers\48326660.sys - ok
21:29:58.0177 5844 [ 6D220604AA4240303DD8DEAEAB428377 ] C:\Windows\System32\ie4uinit.exe
21:29:58.0177 5844 C:\Windows\System32\ie4uinit.exe - ok
21:29:58.0192 5844 [ FB10715E4099AF9FA389C71873245226 ] C:\Windows\System32\timedate.cpl
21:29:58.0192 5844 C:\Windows\System32\timedate.cpl - ok
21:29:58.0192 5844 [ E6F0F82788E8BD0F7A616350EFA0761C ] C:\Windows\System32\actxprxy.dll
21:29:58.0192 5844 C:\Windows\System32\actxprxy.dll - ok
21:29:58.0208 5844 [ 102CF6879887BBE846A00C459E6D4ABC ] C:\Windows\SysWOW64\riched20.dll
21:29:58.0208 5844 C:\Windows\SysWOW64\riched20.dll - ok
21:29:58.0224 5844 [ E2A17BCC08D92F42E08AF6BA2F93ABA7 ] C:\Windows\SysWOW64\ExplorerFrame.dll
21:29:58.0224 5844 C:\Windows\SysWOW64\ExplorerFrame.dll - ok
21:29:58.0239 5844 [ C4F40F6CACD796A8E16671D0E9A2F319 ] C:\Windows\System32\shdocvw.dll
21:29:58.0239 5844 C:\Windows\System32\shdocvw.dll - ok
21:29:58.0239 5844 [ A0A65D306A5490D2EB8E7DE66898ECFD ] C:\Windows\System32\linkinfo.dll
21:29:58.0239 5844 C:\Windows\System32\linkinfo.dll - ok
21:29:58.0255 5844 [ 6E1F8165C365D35C8E3C045AF0CDD481 ] C:\Windows\SysWOW64\duser.dll
21:29:58.0255 5844 C:\Windows\SysWOW64\duser.dll - ok
21:29:58.0270 5844 [ EE06B85BC69F18826302348A2AD089E0 ] C:\Windows\SysWOW64\dui70.dll
21:29:58.0270 5844 C:\Windows\SysWOW64\dui70.dll - ok
21:29:58.0286 5844 [ 2BCBA6052374959A30BD7948444DBB79 ] C:\Windows\System32\gameux.dll
21:29:58.0286 5844 C:\Windows\System32\gameux.dll - ok
21:29:58.0286 5844 [ 1EAC1A8CA6874BF5B15E2EFB9A9A7B86 ] C:\Windows\System32\msftedit.dll
21:29:58.0302 5844 C:\Windows\System32\msftedit.dll - ok
21:29:58.0302 5844 [ 5EB6E9C8BE1ACC5830780E0F9A846255 ] C:\Windows\System32\msi.dll
21:29:58.0302 5844 C:\Windows\System32\msi.dll - ok
21:29:58.0317 5844 [ 69754747274B76E7FAF287239333D7E6 ] C:\Windows\System32\msiltcfg.dll
21:29:58.0317 5844 C:\Windows\System32\msiltcfg.dll - ok
21:29:58.0333 5844 [ 7CB3ACB163DE051169095DC6507B8977 ] C:\Windows\System32\msls31.dll
21:29:58.0333 5844 C:\Windows\System32\msls31.dll - ok
21:29:58.0348 5844 [ 7DBA84667DC18877AEF693E3543DFAD7 ] C:\Program Files\Common Files\Microsoft Shared\ink\tiptsf.dll
21:29:58.0348 5844 C:\Program Files\Common Files\Microsoft Shared\ink\tiptsf.dll - ok
21:29:58.0348 5844 [ 4C2C4640BF23AAFCF90519E0F34436CE ] C:\Windows\System32\DeviceCenter.dll
21:29:58.0348 5844 C:\Windows\System32\DeviceCenter.dll - ok
21:29:58.0364 5844 [ 3A25973E0B5C1C6ED5A64EF0F85386B2 ] C:\Program Files\Toshiba\Power Saver\TPwrMain.exe
21:29:58.0364 5844 C:\Program Files\Toshiba\Power Saver\TPwrMain.exe - ok
21:29:58.0380 5844 [ 084A1FF737383AAC721204861A5A9011 ] C:\Program Files\Toshiba\FlashCards\TCrdMain.exe
21:29:58.0380 5844 C:\Program Files\Toshiba\FlashCards\TCrdMain.exe - ok
21:29:58.0395 5844 [ A61BA3762126CC714E78207847F36BF2 ] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
21:29:58.0426 5844 C:\Program Files\Synaptics\SynTP\SynTPEnh.exe - ok
21:29:58.0442 5844 [ 4F12EAD0B4C8BDAED5A11CC11F394B0A ] C:\Program Files\CONEXANT\SAII\SAIICpl.exe
21:29:58.0442 5844 C:\Program Files\CONEXANT\SAII\SAIICpl.exe - ok
21:29:58.0442 5844 [ DFD8F75F0E27D522AB8424AD71719C8B ] C:\Program Files\Toshiba\TBS\HSON.exe
21:29:58.0442 5844 C:\Program Files\Toshiba\TBS\HSON.exe - ok
21:29:58.0458 5844 [ CE6DE8C9015B37FDD120BE583197F440 ] C:\Program Files\Toshiba\TECO\Teco.exe
21:29:58.0458 5844 C:\Program Files\Toshiba\TECO\Teco.exe - ok
21:29:58.0473 5844 [ 578AD386192D03662C38D5E155144C59 ] C:\Program Files\Toshiba\TOSHIBA HDD SSD Alert\TosWaitSrv.exe
21:29:58.0473 5844 C:\Program Files\Toshiba\TOSHIBA HDD SSD Alert\TosWaitSrv.exe - ok
21:29:58.0489 5844 [ F82483A80D49ACCA81193A294FB233CD ] C:\Program Files\Toshiba\TosVolRegulator\TosVolRegulator.exe
21:29:58.0489 5844 C:\Program Files\Toshiba\TosVolRegulator\TosVolRegulator.exe - ok
21:29:58.0504 5844 [ 0E7DF65078420B6E69A06A7B329EBEFE ] C:\Program Files\Toshiba\Power Saver\TtosFunc.dll
21:29:58.0504 5844 C:\Program Files\Toshiba\Power Saver\TtosFunc.dll - ok
21:29:58.0504 5844 [ B1D779583629876C0C64DECC51F205A8 ] C:\Program Files\Toshiba\TPHM\TosWaitSrv.exe
21:29:58.0504 5844 C:\Program Files\Toshiba\TPHM\TosWaitSrv.exe - ok
21:29:58.0520 5844 [ ECDFE872F158AE111D9692A1CEBEF960 ] C:\Program Files\Toshiba\ReelTime\TosReelTimeMonitor.exe
21:29:58.0520 5844 C:\Program Files\Toshiba\ReelTime\TosReelTimeMonitor.exe - ok
21:29:58.0536 5844 [ DD81D91FF3B0763C392422865C9AC12E ] C:\Windows\System32\rundll32.exe
21:29:58.0536 5844 C:\Windows\System32\rundll32.exe - ok
21:29:58.0551 5844 [ D70D6B42933C1174FE961F0BCA3573A3 ] C:\Program Files\Toshiba\FlashCards\TCrdEvnt.dll
21:29:58.0551 5844 C:\Program Files\Toshiba\FlashCards\TCrdEvnt.dll - ok
21:29:58.0567 5844 [ 76849AB697E63D85CC35DD2F8AEA1C6B ] C:\Program Files\Toshiba\FlashCards\TCrdMain.dll
21:29:58.0567 5844 C:\Program Files\Toshiba\FlashCards\TCrdMain.dll - ok
21:29:58.0582 5844 [ 241AF87821FDA0F5792037B779F49BE0 ] C:\Windows\winsxs\amd64_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.6161_none_08e61857a83bc251\msvcp90.dll
21:29:58.0582 5844 C:\Windows\winsxs\amd64_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.6161_none_08e61857a83bc251\msvcp90.dll - ok
21:29:58.0582 5844 [ 10A01C0BCF66F91820B7CF8309D7C051 ] C:\Program Files\Toshiba\Power Saver\TCooling.dll
21:29:58.0582 5844 C:\Program Files\Toshiba\Power Saver\TCooling.dll - ok
21:29:58.0598 5844 [ 0F042176F243D71C552E9D07D2FCB141 ] C:\Program Files\Toshiba\FlashCards\BlackPng.dll
21:29:58.0598 5844 C:\Program Files\Toshiba\FlashCards\BlackPng.dll - ok
21:29:58.0614 5844 [ CD2B5743E36067630B547DF6C34BD9B1 ] C:\Program Files\Toshiba\Power Saver\TOddPwr.dll
21:29:58.0614 5844 C:\Program Files\Toshiba\Power Saver\TOddPwr.dll - ok
21:29:58.0629 5844 [ 4A3C0984E5B2584EDFA82CF9591FB50A ] C:\Program Files\Common Files\Microsoft Shared\IME12\IMESC\IMSCMIG.EXE
21:29:58.0629 5844 C:\Program Files\Common Files\Microsoft Shared\IME12\IMESC\IMSCMIG.EXE - ok
21:29:58.0645 5844 [ F023A14FE899F5401935CAC119A723CE ] C:\Users\Administrator.Toshiba\AppData\Local\Akamai\netsession_win.exe
21:29:58.0645 5844 C:\Users\Administrator.Toshiba\AppData\Local\Akamai\netsession_win.exe - ok
21:29:58.0645 5844 [ C78679298F9BC17A4E5B54F7E2060491 ] C:\Program Files\Toshiba\Power Saver\TPwrSrv.dll
21:29:58.0645 5844 C:\Program Files\Toshiba\Power Saver\TPwrSrv.dll - ok
21:29:58.0660 5844 [ 46E7056A91A5C9AF2F66DBF5828E6289 ] C:\Program Files\Toshiba\Power Saver\TPwrBrightness.dll
21:29:58.0660 5844 C:\Program Files\Toshiba\Power Saver\TPwrBrightness.dll - ok
21:29:58.0676 5844 [ D233C7FEAE3FAA25F93A9E6B46815ADC ] C:\Windows\winsxs\amd64_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.6161_none_08e61857a83bc251\msvcr90.dll
21:29:58.0676 5844 C:\Windows\winsxs\amd64_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.6161_none_08e61857a83bc251\msvcr90.dll - ok
21:29:58.0676 5844 [ 5046E55184021406C27E8D48A1B2C9D2 ] C:\Windows\System32\l3codeca.acm
21:29:58.0676 5844 C:\Windows\System32\l3codeca.acm - ok
21:29:58.0692 5844 [ B531C33C3D7454EA50BA043AAAEED7E0 ] C:\Program Files\Toshiba\Power Saver\T1394Pwr.dll
21:29:58.0692 5844 C:\Program Files\Toshiba\Power Saver\T1394Pwr.dll - ok
21:29:58.0707 5844 [ 099B3847531EAF7BA63B5BB504CE8461 ] C:\Program Files\Toshiba\TECO\MUIHelp.dll
21:29:58.0707 5844 C:\Program Files\Toshiba\TECO\MUIHelp.dll - ok
21:29:58.0723 5844 [ 097A078A4E772AB4D0359E5572905DF1 ] C:\Users\Administrator.Toshiba\AppData\Local\AppCore\ACFinder\ACFinder.exe
21:29:58.0723 5844 C:\Users\Administrator.Toshiba\AppData\Local\AppCore\ACFinder\ACFinder.exe - ok
21:29:58.0738 5844 [ 72794D112CBAFF3BC0C29BF7350D4741 ] C:\Program Files (x86)\Common Files\microsoft shared\Virtualization Handler\CVHSVC.EXE
21:29:58.0738 5844 C:\Program Files (x86)\Common Files\microsoft shared\Virtualization Handler\CVHSVC.EXE - ok
21:29:58.0738 5844 [ 4458989C34FA84B5A75DD3ABCFBE786A ] C:\Program Files (x86)\Pando Networks\Media Booster\PMB.exe
21:29:58.0738 5844 C:\Program Files (x86)\Pando Networks\Media Booster\PMB.exe - ok
21:29:58.0770 5844 [ 4DB8BE65B7567A28833D2F10BC7FD667 ] C:\Program Files\Toshiba\Power Saver\TKBLEDPwr.dll
21:29:58.0770 5844 C:\Program Files\Toshiba\Power Saver\TKBLEDPwr.dll - ok
21:29:58.0770 5844 [ 91E9762DE0BFF5F38466A1B23D2A69D3 ] C:\Windows\System32\SynCOM.dll
21:29:58.0770 5844 C:\Windows\System32\SynCOM.dll - ok
21:29:58.0785 5844 [ 891C25B7BE7DF5394207BE2DB07EE208 ] C:\Program Files\Toshiba\Power Saver\TSDPwr.dll
21:29:58.0785 5844 C:\Program Files\Toshiba\Power Saver\TSDPwr.dll - ok
21:29:58.0801 5844 [ C797D1677BA81306AFBB9FA8A9A8F483 ] C:\Program Files (x86)\Common Files\microsoft shared\Virtualization Handler\CVHSHARED.DLL
21:29:58.0801 5844 C:\Program Files (x86)\Common Files\microsoft shared\Virtualization Handler\CVHSHARED.DLL - ok
21:29:58.0801 5844 [ C5F58174DE74878197722B5A8AA8B45B ] C:\Program Files\Toshiba\Power Saver\TPCIePwr.dll
21:29:58.0801 5844 C:\Program Files\Toshiba\Power Saver\TPCIePwr.dll - ok
21:29:58.0816 5844 [ BB752714D14CB1F13969D721F1A3A60F ] C:\Program Files (x86)\Toshiba\TOSHIBA Sleep Utility\TSleepSrv.exe
21:29:58.0816 5844 C:\Program Files (x86)\Toshiba\TOSHIBA Sleep Utility\TSleepSrv.exe - ok
21:29:58.0832 5844 [ 0E34B7BB1FCF22BCC1E394D16F9E992B ] C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe
21:29:58.0832 5844 C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe - ok
21:29:58.0848 5844 [ E66532FD491AD5604C36916715FBA092 ] C:\Program Files (x86)\Adobe\Reader 9.0\Reader\reader_sl.exe
21:29:58.0848 5844 C:\Program Files (x86)\Adobe\Reader 9.0\Reader\reader_sl.exe - ok
21:29:58.0863 5844 [ 3CB07566302BCEEB898DE270A0BEC175 ] C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
21:29:58.0863 5844 C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe - ok
21:29:58.0863 5844 [ E2B41D6676B915FBC39517BD3C969CB9 ] C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
21:29:58.0863 5844 C:\Program Files\Synaptics\SynTP\SynTPHelper.exe - ok
21:29:58.0879 5844 [ 7E88404F838D7E99727C2741D3990A46 ] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe
21:29:58.0879 5844 C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe - ok
21:29:58.0894 5844 [ E9041DF716F40D9D3FF5D7C3D3967D11 ] C:\Windows\System32\SynTPAPI.dll
21:29:58.0894 5844 C:\Windows\System32\SynTPAPI.dll - ok
21:29:58.0910 5844 [ 90A3525C7399B7784D28F99EA1A51C4C ] C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe
21:29:58.0910 5844 C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe - ok
21:29:58.0926 5844 [ 327477FD1853EDD05E8A02E1960092BD ] C:\Program Files (x86)\Pando Networks\Media Booster\nspr4.dll
21:29:58.0926 5844 C:\Program Files (x86)\Pando Networks\Media Booster\nspr4.dll - ok
21:29:58.0926 5844 [ 3819AD4329303EAC88480CA16A650735 ] C:\Windows\System32\UIAnimation.dll
21:29:58.0926 5844 C:\Windows\System32\UIAnimation.dll - ok
21:29:58.0941 5844 [ 12A7F64643F1768EFC9B099B248EE3EC ] C:\Program Files (x86)\Common Files\microsoft shared\IME12\IMESC\IMSCMIG.EXE
21:29:58.0941 5844 C:\Program Files (x86)\Common Files\microsoft shared\IME12\IMESC\IMSCMIG.EXE - ok
21:29:58.0957 5844 [ DC6612A9EE015A36BA2A27BC9CC12537 ] C:\Windows\SysWOW64\mfc42.dll
21:29:58.0957 5844 C:\Windows\SysWOW64\mfc42.dll - ok
21:29:58.0957 5844 [ F7F2F299DD5019C67D9FDDB18E5D3916 ] C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe
21:29:58.0957 5844 C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe - ok
21:29:58.0972 5844 [ 487F44B08EFEAF5AD087878357B9403D ] C:\Windows\SysWOW64\pdh.dll
21:29:58.0972 5844 C:\Windows\SysWOW64\pdh.dll - ok
21:29:58.0988 5844 [ 904991696B997C540EFF553B5E775809 ] C:\Program Files (x86)\Pando Networks\Media Booster\plc4.dll
21:29:58.0988 5844 C:\Program Files (x86)\Pando Networks\Media Booster\plc4.dll - ok
21:29:59.0004 5844 [ E67D2876E0892FFF0CF3B4B4630C8E4C ] C:\Program Files (x86)\Pando Networks\Media Booster\BugSplat.dll
21:29:59.0004 5844 C:\Program Files (x86)\Pando Networks\Media Booster\BugSplat.dll - ok
21:29:59.0019 5844 [ 24F4B480F335A6C724AF352253C5D98B ] C:\Windows\System32\thumbcache.dll
21:29:59.0019 5844 C:\Windows\System32\thumbcache.dll - ok
21:29:59.0019 5844 [ 405F4D32D2185F1F1BD753D8EEAFFB3A ] C:\Windows\System32\networkexplorer.dll
21:29:59.0019 5844 C:\Windows\System32\networkexplorer.dll - ok
21:29:59.0035 5844 [ C0FD64EB5824071B6B5683AAFDB2C60C ] C:\Program Files (x86)\Pando Networks\Media Booster\nss3.dll
21:29:59.0035 5844 C:\Program Files (x86)\Pando Networks\Media Booster\nss3.dll - ok
21:29:59.0050 5844 [ D1AE6648BB68F9275652E8EDBC32B914 ] C:\Program Files (x86)\Pando Networks\Media Booster\softokn3.dll
21:29:59.0050 5844 C:\Program Files (x86)\Pando Networks\Media Booster\softokn3.dll - ok
21:29:59.0066 5844 [ E5CC42D5D8AB979BEFE132A9741E8F59 ] C:\Windows\SysWOW64\atiadlxy.dll
21:29:59.0066 5844 C:\Windows\SysWOW64\atiadlxy.dll - ok
21:29:59.0082 5844 [ 82C2CEA9AFA85E483481374621DAE39E ] C:\Program Files (x86)\Pando Networks\Media Booster\plds4.dll
21:29:59.0082 5844 C:\Program Files (x86)\Pando Networks\Media Booster\plds4.dll - ok
21:29:59.0082 5844 [ E37857FF2E9B95D1C70DF2F68DBBBD2F ] C:\Program Files (x86)\Pando Networks\Media Booster\ssl3.dll
21:29:59.0082 5844 C:\Program Files (x86)\Pando Networks\Media Booster\ssl3.dll - ok
21:29:59.0097 5844 [ 5D7542A68AA96C3B69AF1086318AAC54 ] C:\Program Files (x86)\Pando Networks\Media Booster\smime3.dll
21:29:59.0097 5844 C:\Program Files (x86)\Pando Networks\Media Booster\smime3.dll - ok
21:29:59.0113 5844 [ 1E09DFA4048196C9D3CC40C485A39422 ] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
21:29:59.0113 5844 C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe - ok
21:29:59.0128 5844 [ A08C010D859F8EB42BDD7E1D55B8CA27 ] C:\Windows\System32\mscoree.dll
21:29:59.0128 5844 C:\Windows\System32\mscoree.dll - ok
21:29:59.0144 5844 [ AA794B099F776B37ACCDEAD00E0FBFC9 ] C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscoreei.dll
21:29:59.0144 5844 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscoreei.dll - ok
21:29:59.0144 5844 [ 7D34AF98A706230CC2DEDFE0CABF87AB ] C:\Windows\SysWOW64\odbc32.dll
21:29:59.0144 5844 C:\Windows\SysWOW64\odbc32.dll - ok
21:29:59.0160 5844 [ 3DBEAEE8645FAF1232CE464C2CAC12EF ] C:\Windows\Microsoft.NET\Framework64\v4.0.30319\clr.dll
21:29:59.0160 5844 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\clr.dll - ok
21:29:59.0175 5844 [ EE3920731FDEAA8CD2D4B218B03B23D0 ] C:\Program Files (x86)\Pando Networks\Media Booster\freebl3.dll
21:29:59.0175 5844 C:\Program Files (x86)\Pando Networks\Media Booster\freebl3.dll - ok
21:29:59.0191 5844 [ 108C2CFA5527458C096A699929ECBD80 ] C:\Windows\SysWOW64\credui.dll
21:29:59.0191 5844 C:\Windows\SysWOW64\credui.dll - ok
21:29:59.0191 5844 [ 565A30B70BE8A9B171839003F2D69683 ] C:\Windows\SysWOW64\hlink.dll
21:29:59.0191 5844 C:\Windows\SysWOW64\hlink.dll - ok
21:29:59.0206 5844 [ 9C96B167C21F6DCCF68E96853B0A8F93 ] C:\Program Files\Toshiba\FlashCards\FnPRTSC.dll
21:29:59.0206 5844 C:\Program Files\Toshiba\FlashCards\FnPRTSC.dll - ok
21:29:59.0222 5844 [ ABA457BFC7EC0B5E130B2F1E0F549DFF ] C:\Windows\SysWOW64\odbcint.dll
21:29:59.0222 5844 C:\Windows\SysWOW64\odbcint.dll - ok
21:29:59.0222 5844 [ 09A116FB06C5E362EF8938D29CDAB27B ] C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorjit.dll
21:29:59.0238 5844 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorjit.dll - ok
21:29:59.0238 5844 [ 4AEC7C26C39681196E3B28C4B9E798FE ] C:\Program Files (x86)\Toshiba\Wireless LAN Indicator\tosKillIndicator.exe
21:29:59.0238 5844 C:\Program Files (x86)\Toshiba\Wireless LAN Indicator\tosKillIndicator.exe - ok
21:29:59.0253 5844 [ 74AF1FFCAFD60DA88A386AE161F56438 ] C:\Program Files (x86)\Common Files\microsoft shared\Virtualization Handler\en-us\CVHIntl.dll
21:29:59.0253 5844 C:\Program Files (x86)\Common Files\microsoft shared\Virtualization Handler\en-us\CVHIntl.dll - ok
21:29:59.0269 5844 [ BBD528E137DEF442AED3017606466EDE ] C:\Program Files\Toshiba\Power Saver\TFunctab.dll
21:29:59.0269 5844 C:\Program Files\Toshiba\Power Saver\TFunctab.dll - ok
21:29:59.0284 5844 [ B08E3476F0874DBAD672D0AC4FB2580B ] C:\Program Files (x86)\Microsoft Application Virtualization Client\sftintf.dll
21:29:59.0284 5844 C:\Program Files (x86)\Microsoft Application Virtualization Client\sftintf.dll - ok
21:29:59.0300 5844 [ 3F84D23C338592CE690E5B186A6BC2C9 ] C:\Program Files\Toshiba\FlashCards\FnSticky.dll
21:29:59.0300 5844 C:\Program Files\Toshiba\FlashCards\FnSticky.dll - ok
21:29:59.0300 5844 [ 1C937AA6A3E2E5F5F650686437AE2854 ] C:\Program Files\Toshiba\FlashCards\SmoothView.dll
21:29:59.0300 5844 C:\Program Files\Toshiba\FlashCards\SmoothView.dll - ok
21:29:59.0316 5844 [ C3761661C17C2248A9379A8FB89E3DE1 ] C:\Windows\System32\stobject.dll
21:29:59.0316 5844 C:\Windows\System32\stobject.dll - ok
21:29:59.0331 5844 [ F2A24E4AEC0F8D5DBAB10CB87A8EFED2 ] C:\Windows\SysWOW64\sti.dll
21:29:59.0331 5844 C:\Windows\SysWOW64\sti.dll - ok
21:29:59.0347 5844 [ 11615D80DC10ABB83D2A9002B70A4E36 ] C:\Program Files\Toshiba\FlashCards\TWarnMsg\TWarnMsg.dll
21:29:59.0347 5844 C:\Program Files\Toshiba\FlashCards\TWarnMsg\TWarnMsg.dll - ok
21:29:59.0347 5844 [ F832EEEA97CDDA1AF577E721F652A0D1 ] C:\Windows\System32\batmeter.dll
21:29:59.0347 5844 C:\Windows\System32\batmeter.dll - ok
21:29:59.0362 5844 [ 4C1E16B9A53102C8D6FBA587CBCB95DE ] C:\Windows\SysWOW64\msv1_0.dll
21:29:59.0362 5844 C:\Windows\SysWOW64\msv1_0.dll - ok
21:29:59.0378 5844 [ CB21CD39637AC13F3455454B2F648257 ] C:\Windows\System32\msvcr100_clr0400.dll
21:29:59.0378 5844 C:\Windows\System32\msvcr100_clr0400.dll - ok
21:29:59.0394 5844 [ 1128637CAD49A8E3C8B5FA5D0A061525 ] C:\Windows\SysWOW64\cryptdll.dll
21:29:59.0394 5844 C:\Windows\SysWOW64\cryptdll.dll - ok
21:29:59.0409 5844 [ 1AC9B56AC7E043AC2874D61CBCED5F49 ] C:\Program Files\Toshiba\FlashCards\Hotkey\Mute.dll
21:29:59.0409 5844 C:\Program Files\Toshiba\FlashCards\Hotkey\Mute.dll - ok
21:29:59.0425 5844 [ 1DCD0B1345720349220CE79316A56751 ] C:\Program Files\Toshiba\FlashCards\Hotkey\FnZ.dll
21:29:59.0425 5844 C:\Program Files\Toshiba\FlashCards\Hotkey\FnZ.dll - ok
21:29:59.0425 5844 [ 4F4E73046DF0DB404C27B82C2147419A ] C:\Windows\assembly\NativeImages_v2.0.50727_32\tosKillIndicator\a7219e7f8558b126b0c859a5ed8a8e1d\tosKillIndicator.ni.exe
21:29:59.0425 5844 C:\Windows\assembly\NativeImages_v2.0.50727_32\tosKillIndicator\a7219e7f8558b126b0c859a5ed8a8e1d\tosKillIndicator.ni.exe - ok
21:29:59.0440 5844 [ 06DEF9378C701E638B707B33B1E8151C ] C:\Program Files\Toshiba\FlashCards\Hotkey\TCrdKBB.exe
21:29:59.0440 5844 C:\Program Files\Toshiba\FlashCards\Hotkey\TCrdKBB.exe - ok
21:29:59.0456 5844 [ 80117DBE266DE563C7C661562530B556 ] C:\PROGRA~2\EPSONS~1\EVENTM~1\ASSIST~1\SCANAS~1\SCANEN~1.DLL
21:29:59.0456 5844 C:\PROGRA~2\EPSONS~1\EVENTM~1\ASSIST~1\SCANAS~1\SCANEN~1.DLL - ok
21:29:59.0456 5844 [ 85D5125275E44CA04D5514947A9FF874 ] C:\Program Files\Toshiba\TBS\TBSMain.dll
21:29:59.0456 5844 C:\Program Files\Toshiba\TBS\TBSMain.dll - ok
21:29:59.0472 5844 [ 533631FE7DB9FF2A1D456A3D15A2DD46 ] C:\Windows\SysWOW64\icmp.dll
21:29:59.0472 5844 C:\Windows\SysWOW64\icmp.dll - ok
21:29:59.0487 5844 [ 0BF1785D199B5DA3CB6C61D7AEECE654 ] C:\PROGRA~2\EPSONS~1\EVENTM~1\ASSIST~1\SCANAS~1\Ism.dll
21:29:59.0487 5844 C:\PROGRA~2\EPSONS~1\EVENTM~1\ASSIST~1\SCANAS~1\Ism.dll - ok
21:29:59.0503 5844 [ 539C49CEBB3C50957AC8A09D95ECD880 ] C:\Windows\SysWOW64\shfolder.dll
21:29:59.0503 5844 C:\Windows\SysWOW64\shfolder.dll - ok
21:29:59.0518 5844 [ 7741F775060E84319198A7A67F1FE664 ] C:\PROGRA~2\EPSONS~1\EVENTM~1\ASSIST~1\SCANAS~1\Tcm.dll
21:29:59.0518 5844 C:\PROGRA~2\EPSONS~1\EVENTM~1\ASSIST~1\SCANAS~1\Tcm.dll - ok
21:29:59.0518 5844 [ D3F8A00D598090BFB18E70E02C12E38E ] C:\PROGRA~2\EPSONS~1\EVENTM~1\ASSIST~1\SCANAS~1\Satwain.dll
21:29:59.0518 5844 C:\PROGRA~2\EPSONS~1\EVENTM~1\ASSIST~1\SCANAS~1\Satwain.dll - ok
21:29:59.0534 5844 [ E0B340996A41C9A75DFA3B99BBA9C500 ] C:\Windows\System32\SearchIndexer.exe
21:29:59.0534 5844 C:\Windows\System32\SearchIndexer.exe - ok
21:29:59.0550 5844 [ 8C338238C16777A802D6A9211EB2BA50 ] C:\Windows\SysWOW64\netprofm.dll
21:29:59.0550 5844 C:\Windows\SysWOW64\netprofm.dll - ok
21:29:59.0565 5844 [ DFD0D26D2056F1D01ADCDBB1E851119F ] C:\PROGRA~2\EPSONS~1\EVENTM~1\ASSIST~1\SCANAS~1\fioall32.dll
21:29:59.0565 5844 C:\PROGRA~2\EPSONS~1\EVENTM~1\ASSIST~1\SCANAS~1\fioall32.dll - ok
21:29:59.0581 5844 [ FE4D9C36122778C9C2A84ACA08D54321 ] C:\Windows\assembly\NativeImages_v4.0.30319_64\mscorlib\4f52500ab48877b85e71430f4f46670f\mscorlib.ni.dll
21:29:59.0581 5844 C:\Windows\assembly\NativeImages_v4.0.30319_64\mscorlib\4f52500ab48877b85e71430f4f46670f\mscorlib.ni.dll - ok
21:29:59.0581 5844 [ 4F6E72B34ED3DC53DCC5E8708E60B61F ] C:\Windows\SysWOW64\security.dll
21:29:59.0581 5844 C:\Windows\SysWOW64\security.dll - ok
21:29:59.0596 5844 [ 2D2A6EC8EAD30EC3ACE2FD6FB1B3E122 ] C:\Windows\System32\prnfldr.dll
21:29:59.0596 5844 C:\Windows\System32\prnfldr.dll - ok
21:29:59.0612 5844 [ 7F8678C59F188528D60104E697C2361E ] C:\Windows\SysWOW64\mscms.dll
21:29:59.0612 5844 C:\Windows\SysWOW64\mscms.dll - ok
21:29:59.0628 5844 [ 5F725D2B7428BA815126F9EFA21A1DB9 ] C:\PROGRA~2\EPSONS~1\EVENTM~1\ASSIST~1\SCANAS~1\SASM.dll
21:29:59.0628 5844 C:\PROGRA~2\EPSONS~1\EVENTM~1\ASSIST~1\SCANAS~1\SASM.dll - ok
21:29:59.0628 5844 [ 163A95975E1D8819E653AA3E961371CA ] C:\Windows\twain_32.dll
21:29:59.0628 5844 C:\Windows\twain_32.dll - ok
21:29:59.0643 5844 [ 609C3367541635188EDC9AFB99BAE631 ] C:\Windows\twain_32\escndv\nx110.ds
21:29:59.0643 5844 C:\Windows\twain_32\escndv\nx110.ds - ok
21:29:59.0659 5844 [ 42A9CB6906D9A8BEDC83B57163E62924 ] C:\Windows\System32\DXP.dll
21:29:59.0659 5844 C:\Windows\System32\DXP.dll - ok
21:29:59.0674 5844 [ 80279007CAB3549A5999348BD0C23732 ] C:\Windows\SysWOW64\wiadss.dll
21:29:59.0674 5844 C:\Windows\SysWOW64\wiadss.dll - ok
21:29:59.0690 5844 [ 0503D60AFCED7CB601C7CA70C08E8CAC ] C:\Windows\twain_32\wiatwain.ds
21:29:59.0690 5844 C:\Windows\twain_32\wiatwain.ds - ok
21:29:59.0690 5844 [ 2E483EC51216B52C711C7EC642798BB7 ] C:\Windows\System32\sti.dll
21:29:59.0690 5844 C:\Windows\System32\sti.dll - ok
21:29:59.0706 5844 [ 2BC7C9FD0A9F2C9AFC373F3AD1EE3891 ] C:\Windows\System32\Syncreg.dll
21:29:59.0706 5844 C:\Windows\System32\Syncreg.dll - ok
21:29:59.0737 5844 [ B087F2B901570F6EF62F6C2E01A480F3 ] C:\Windows\SysWOW64\wiatrace.dll
21:29:59.0737 5844 C:\Windows\SysWOW64\wiatrace.dll - ok
21:29:59.0752 5844 [ C836175870E00ACC546066632E15BD10 ] C:\Windows\ehome\ehSSO.dll
21:29:59.0752 5844 C:\Windows\ehome\ehSSO.dll - ok
21:29:59.0768 5844 [ BAF7BDD5A1EB63ACD6EEA20D4F731CB0 ] C:\Program Files (x86)\Epson Software\Event Manager\EPNSM.dll
21:29:59.0768 5844 C:\Program Files (x86)\Epson Software\Event Manager\EPNSM.dll - ok
21:29:59.0784 5844 [ 637124CDBFF5819CB8A8478838A33048 ] C:\Program Files (x86)\Epson Software\Event Manager\ESPSUTL.dll
21:29:59.0784 5844 C:\Program Files (x86)\Epson Software\Event Manager\ESPSUTL.dll - ok
21:29:59.0784 5844 [ A42F2C1EB3B66C54FB3C7B79D30C1A6D ] C:\Windows\System32\netshell.dll
21:29:59.0784 5844 C:\Windows\System32\netshell.dll - ok
21:29:59.0799 5844 [ 0B7E85364CB878E2AD531DB7B601A9E5 ] C:\Windows\SysWOW64\NapiNSP.dll
21:29:59.0799 5844 C:\Windows\SysWOW64\NapiNSP.dll - ok
21:29:59.0815 5844 [ 5CF640EDDB1E40A5AB1BB743BCDEC610 ] C:\Windows\SysWOW64\pnrpnsp.dll
21:29:59.0815 5844 C:\Windows\SysWOW64\pnrpnsp.dll - ok
21:29:59.0830 5844 [ 5DF5D8CFD9B9573FA3B2C89D9061A240 ] C:\Windows\SysWOW64\winrnr.dll
21:29:59.0830 5844 C:\Windows\SysWOW64\winrnr.dll - ok
21:29:59.0830 5844 [ 88B0BCC23660D466879099F26CCB8CA5 ] C:\Program Files\Toshiba\FlashCards\Hotkey\FnF1.dll
21:29:59.0830 5844 C:\Program Files\Toshiba\FlashCards\Hotkey\FnF1.dll - ok
21:29:59.0846 5844 [ 3E155B3194E74F93485E65CCE740AE5E ] C:\Program Files\Toshiba\Power Saver\TFunc2.dll
21:29:59.0846 5844 C:\Program Files\Toshiba\Power Saver\TFunc2.dll - ok
21:29:59.0862 5844 [ E6BC081DDE7391AD0A044C0796A86D08 ] C:\Program Files\Toshiba\FlashCards\Hotkey\FnF3.dll
21:29:59.0862 5844 C:\Program Files\Toshiba\FlashCards\Hotkey\FnF3.dll - ok
21:29:59.0877 5844 [ EDE3D67AE2951D330AA6A4EB7FEF7739 ] C:\Program Files\Toshiba\FlashCards\Hotkey\FnF4.dll
21:29:59.0877 5844 C:\Program Files\Toshiba\FlashCards\Hotkey\FnF4.dll - ok
21:29:59.0877 5844 [ 6692D5BCC14A6FA25C6F4FABFEB9DCAB ] C:\Program Files\Toshiba\FlashCards\Hotkey\FnF5.dll
21:29:59.0893 5844 C:\Program Files\Toshiba\FlashCards\Hotkey\FnF5.dll - ok
21:29:59.0893 5844 [ E7368F0A8D19445EAF5C5D0DBB8B8DAB ] C:\Windows\System32\AltTab.dll
21:29:59.0893 5844 C:\Windows\System32\AltTab.dll - ok
21:29:59.0908 5844 [ 10F815BE90A66AAFC6C713D1BD626064 ] C:\Windows\System32\pnidui.dll
21:29:59.0908 5844 C:\Windows\System32\pnidui.dll - ok
21:29:59.0924 5844 [ 5CD93C2AAB7204D3D3CD9E9CC581C3C1 ] C:\Windows\System32\atipdl64.dll
21:29:59.0924 5844 C:\Windows\System32\atipdl64.dll - ok
21:29:59.0940 5844 [ B9F0A4020AA98B7A20287BF7FE99A1FD ] C:\Windows\System32\QUTIL.DLL
21:29:59.0940 5844 C:\Windows\System32\QUTIL.DLL - ok
21:29:59.0940 5844 [ CACB1FB9B211A8BEF470A78FC573AEBA ] C:\Program Files\Toshiba\FlashCards\Hotkey\Brightness.dll
21:29:59.0940 5844 C:\Program Files\Toshiba\FlashCards\Hotkey\Brightness.dll - ok
21:29:59.0955 5844 [ BD83E040B391C81CA88A7A36CDEC257E ] C:\Program Files\Toshiba\FlashCards\Hotkey\FnF8Dll.dll
21:29:59.0955 5844 C:\Program Files\Toshiba\FlashCards\Hotkey\FnF8Dll.dll - ok
21:29:59.0979 5844 [ C8FDF0FA9E97E2FAAF3F814716AAA881 ] C:\Windows\System32\WPDShServiceObj.dll
21:29:59.0979 5844 C:\Windows\System32\WPDShServiceObj.dll - ok
21:29:59.0980 5844 [ 4F3CD1C59EA71401E155C432BCECE180 ] C:\Windows\System32\PortableDeviceTypes.dll
21:29:59.0980 5844 C:\Windows\System32\PortableDeviceTypes.dll - ok
21:29:59.0995 5844 [ E64D9EC8018C55873B40FDEE9DBEF5B3 ] C:\Windows\System32\PortableDeviceApi.dll
21:29:59.0995 5844 C:\Windows\System32\PortableDeviceApi.dll - ok
21:30:00.0011 5844 [ E625ABBE3ED37D3160151DFD33AE6B91 ] C:\Program Files\Toshiba\FlashCards\Hotkey\TouchPad.dll
21:30:00.0011 5844 C:\Program Files\Toshiba\FlashCards\Hotkey\TouchPad.dll - ok
21:30:00.0027 5844 [ F7A256EC899C72B4ECDD2C02CB592EFD ] C:\Windows\System32\bthprops.cpl
21:30:00.0027 5844 C:\Windows\System32\bthprops.cpl - ok
21:30:00.0042 5844 [ 66935625C1758EFEFFAF8CF0E020A6F9 ] C:\Program Files\Toshiba\FlashCards\Hotkey\FnF10.dll
21:30:00.0042 5844 C:\Program Files\Toshiba\FlashCards\Hotkey\FnF10.dll - ok
21:30:00.0058 5844 [ 4C671C688884F18152441DC16AA629F6 ] C:\Program Files\Toshiba\FlashCards\Hotkey\FnF11.dll
21:30:00.0058 5844 C:\Program Files\Toshiba\FlashCards\Hotkey\FnF11.dll - ok
21:30:00.0058 5844 [ 13BC9BF69A7A03ED92BFDF36E9B4C508 ] C:\Program Files\Toshiba\FlashCards\Hotkey\FnSpace.dll
21:30:00.0058 5844 C:\Program Files\Toshiba\FlashCards\Hotkey\FnSpace.dll - ok
21:30:00.0073 5844 [ 55E3C4F4D953D8518EBDC5EA9AD786CE ] C:\Windows\System32\ieframe.dll
21:30:00.0073 5844 C:\Windows\System32\ieframe.dll - ok
21:30:00.0089 5844 [ 4374B2528BCBB8F95FB12CC6C8FF0773 ] C:\Windows\Microsoft.NET\Framework64\v4.0.30319\nlssorting.dll
21:30:00.0089 5844 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\nlssorting.dll - ok
21:30:00.0105 5844 [ 51621E4B29575A8CF429E6F6DA58A577 ] C:\Windows\Microsoft.NET\Framework64\v4.0.30319\clrjit.dll
21:30:00.0105 5844 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\clrjit.dll - ok
21:30:00.0120 5844 [ 8569E35D00F45972E506502EEE622BA4 ] C:\Windows\System32\srchadmin.dll
21:30:00.0120 5844 C:\Windows\System32\srchadmin.dll - ok
21:30:00.0136 5844 [ 3E9FC80F084589CDA4AE3322EEECFFC0 ] C:\Windows\assembly\NativeImages_v4.0.30319_64\System\a91f32875cb3ba779f1b3ceff1690251\System.ni.dll
21:30:00.0136 5844 C:\Windows\assembly\NativeImages_v4.0.30319_64\System\a91f32875cb3ba779f1b3ceff1690251\System.ni.dll - ok
21:30:00.0151 5844 [ 81F6C1AE23B1C493D9E996C3103915D7 ] C:\Windows\SysWOW64\dhcpcsvc6.dll
21:30:00.0151 5844 C:\Windows\SysWOW64\dhcpcsvc6.dll - ok
21:30:00.0167 5844 [ 9A85ABCE0FDD1AF8E79E731EB0B679F3 ] C:\Windows\SysWOW64\dhcpcsvc.dll
21:30:00.0167 5844 C:\Windows\SysWOW64\dhcpcsvc.dll - ok
21:30:00.0167 5844 [ 1C326927D68D0922179EBC71D609E617 ] C:\Windows\assembly\NativeImages_v4.0.30319_64\System.Drawing\5ae853f556290da9399b15b3619f7e15\System.Drawing.ni.dll
21:30:00.0167 5844 C:\Windows\assembly\NativeImages_v4.0.30319_64\System.Drawing\5ae853f556290da9399b15b3619f7e15\System.Drawing.ni.dll - ok
21:30:00.0183 5844 [ C746F3BF98E92FB137B5BD2B8B5925BD ] C:\Windows\System32\FXSST.dll
21:30:00.0183 5844 C:\Windows\System32\FXSST.dll - ok
21:30:00.0198 5844 [ 6278AD5B8C56F6795076444DF086765A ] C:\Windows\assembly\GAC_MSIL\System.Windows.Forms\2.0.0.0__b77a5c561934e089\System.Windows.Forms.dll
21:30:00.0198 5844 C:\Windows\assembly\GAC_MSIL\System.Windows.Forms\2.0.0.0__b77a5c561934e089\System.Windows.Forms.dll - ok
21:30:00.0214 5844 [ 650CAEA856943E29F25A25D31E004B18 ] C:\Windows\System32\FXSAPI.dll
21:30:00.0214 5844 C:\Windows\System32\FXSAPI.dll - ok
21:30:00.0214 5844 [ 6CF9482AC37D6D1C6D16DCDFCFC362FE ] C:\Windows\assembly\NativeImages_v4.0.30319_64\System.Windows.Forms\ca012278cb2f5e6cb3905ccce83c1376\System.Windows.Forms.ni.dll
21:30:00.0229 5844 C:\Windows\assembly\NativeImages_v4.0.30319_64\System.Windows.Forms\ca012278cb2f5e6cb3905ccce83c1376\System.Windows.Forms.ni.dll - ok
21:30:00.0229 5844 [ C8E8B8239FCF17BEA10E751BE5854631 ] C:\Windows\System32\FXSRESM.dll
21:30:00.0229 5844 C:\Windows\System32\FXSRESM.dll - ok
21:30:00.0245 5844 [ 589DF683A6C81424A6CECE52ABF98A50 ] C:\Windows\System32\tquery.dll
21:30:00.0245 5844 C:\Windows\System32\tquery.dll - ok
21:30:00.0261 5844 [ DBEFD454F8318A0EF691FDD2EAAB44EB ] C:\Windows\System32\FXSSVC.exe
21:30:00.0261 5844 C:\Windows\System32\FXSSVC.exe - ok
21:30:00.0276 5844 [ 7568CC720ACE4D03B84AF97817E745EF ] C:\Windows\System32\mssrch.dll
21:30:00.0276 5844 C:\Windows\System32\mssrch.dll - ok
21:30:00.0276 5844 [ 6FA41E0C86EF049A12C05CA4BBA8F9AF ] C:\Windows\SysWOW64\perfos.dll
21:30:00.0276 5844 C:\Windows\SysWOW64\perfos.dll - ok
21:30:00.0292 5844 [ E49D261B496212CEC55AF2243F8700FA ] C:\Windows\assembly\NativeImages_v4.0.30319_64\System.Runtime.Remo#\3d2dee5ad894eb08eee6932307f87cf1\System.Runtime.Remoting.ni.dll
21:30:00.0292 5844 C:\Windows\assembly\NativeImages_v4.0.30319_64\System.Runtime.Remo#\3d2dee5ad894eb08eee6932307f87cf1\System.Runtime.Remoting.ni.dll - ok
21:30:00.0307 5844 [ 51D2F66C0C55419CA4A797C8D1B0AD8D ] C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Management\302207b4fa3083899fd8ab4db98cecc5\System.Management.ni.dll
21:30:00.0307 5844 C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Management\302207b4fa3083899fd8ab4db98cecc5\System.Management.ni.dll - ok
21:30:00.0323 5844 [ CDAD3376DFF3D9AC7FDCBE2B94B0D3C8 ] C:\Windows\System32\shfolder.dll
21:30:00.0323 5844 C:\Windows\System32\shfolder.dll - ok
21:30:00.0339 5844 [ 5610B0425518D185331CB8E968D060E6 ] C:\Windows\SysWOW64\wbem\wmiutils.dll
21:30:00.0339 5844 C:\Windows\SysWOW64\wbem\wmiutils.dll - ok
21:30:00.0339 5844 [ 74CDE657245C114B98816E89B8D4CCD1 ] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
21:30:00.0339 5844 C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe - ok
21:30:00.0354 5844 [ 522B0466ED967A0762E9AF5B37D8F40A ] C:\Windows\System32\esent.dll
21:30:00.0354 5844 C:\Windows\System32\esent.dll - ok
21:30:00.0370 5844 [ D85E50C36D2AF4B9F69873E4A31FB1F8 ] C:\Windows\assembly\NativeImages_v4.0.30319_64\System.Xml\f4afb233f160b8e55aad4660e45b374c\System.Xml.ni.dll
21:30:00.0370 5844 C:\Windows\assembly\NativeImages_v4.0.30319_64\System.Xml\f4afb233f160b8e55aad4660e45b374c\System.Xml.ni.dll - ok
21:30:00.0385 5844 [ 3121A79D13A61562BE9CC902CD46B542 ] C:\Windows\System32\msidle.dll
21:30:00.0385 5844 C:\Windows\System32\msidle.dll - ok
21:30:00.0401 5844 [ A8B7F3818AB65695E3A0BB3279F6DCE6 ] C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
21:30:00.0401 5844 C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe - ok
21:30:00.0417 5844 [ 02CD5B2C3B017122CAC00BDB520CD7AC ] C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorwks.dll
21:30:00.0417 5844 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorwks.dll - ok
21:30:00.0417 5844 [ ACE1BB07E0377E37A2C514CD2EC119B1 ] C:\Windows\System32\mssprxy.dll
21:30:00.0417 5844 C:\Windows\System32\mssprxy.dll - ok
21:30:00.0432 5844 [ 58A0CDABEA255616827B1C22C9994466 ] C:\Windows\System32\NapiNSP.dll
21:30:00.0432 5844 C:\Windows\System32\NapiNSP.dll - ok
21:30:00.0448 5844 [ 1CBF15FDB0310345A68972EB5C5B948F ] C:\Windows\SysWOW64\mssprxy.dll
21:30:00.0448 5844 C:\Windows\SysWOW64\mssprxy.dll - ok
21:30:00.0463 5844 [ C9FB9038B15036CA28CF0B4BE2BED9BD ] C:\Windows\System32\en-US\tquery.dll.mui
21:30:00.0463 5844 C:\Windows\System32\en-US\tquery.dll.mui - ok
21:30:00.0463 5844 [ 613C8CE10A5FDE582BA5FA64C4D56AAA ] C:\Windows\System32\pnrpnsp.dll
21:30:00.0463 5844 C:\Windows\System32\pnrpnsp.dll - ok
21:30:00.0479 5844 [ 2E2072EB48238FCA8FBB7A9F5FABAC45 ] C:\Windows\System32\winrnr.dll
21:30:00.0479 5844 C:\Windows\System32\winrnr.dll - ok
21:30:00.0495 5844 [ 704314FD398C81D5F342CAA5DF7B7F21 ] C:\Windows\SysWOW64\wbemcomn.dll
21:30:00.0495 5844 C:\Windows\SysWOW64\wbemcomn.dll - ok
21:30:00.0510 5844 [ 2C1BB3AD51826AA96C9802CBC123814F ] C:\Windows\assembly\NativeImages_v2.0.50727_64\mscorlib\51a23687fdafc32b697f5a719e364651\mscorlib.ni.dll
21:30:00.0510 5844 C:\Windows\assembly\NativeImages_v2.0.50727_64\mscorlib\51a23687fdafc32b697f5a719e364651\mscorlib.ni.dll - ok
21:30:00.0526 5844 [ 8481890EB7A25A48DB214FCEDFFACB8F ] C:\Windows\assembly\NativeImages_v4.0.30319_64\System.Core\93864146d7ce552dabb2e9d07fa3a926\System.Core.ni.dll
21:30:00.0526 5844 C:\Windows\assembly\NativeImages_v4.0.30319_64\System.Core\93864146d7ce552dabb2e9d07fa3a926\System.Core.ni.dll - ok
21:30:00.0541 5844 [ 9682D5B9D9309377C1A7E08C3E6B7B3D ] C:\Windows\assembly\NativeImages_v2.0.50727_64\System\6be6efa1e2ffc9d46e99839edac5c5a8\System.ni.dll
21:30:00.0541 5844 C:\Windows\assembly\NativeImages_v2.0.50727_64\System\6be6efa1e2ffc9d46e99839edac5c5a8\System.ni.dll - ok
21:30:00.0541 5844 [ 4BCB1FFD7FA292557F63DDC1770CEC88 ] C:\Windows\assembly\NativeImages_v4.0.30319_64\System.Configuration\a43bf29e6d6c959640c70eded05dad1a\System.Configuration.ni.dll
21:30:00.0541 5844 C:\Windows\assembly\NativeImages_v4.0.30319_64\System.Configuration\a43bf29e6d6c959640c70eded05dad1a\System.Configuration.ni.dll - ok
21:30:00.0557 5844 [ 4BCAC176BE9F87E0A85A4C9A5EB63B3E ] C:\Windows\assembly\NativeImages_v2.0.50727_64\System.ServiceProce#\c48041d72e78f31f231c42309328779b\System.ServiceProcess.ni.dll
21:30:00.0557 5844 C:\Windows\assembly\NativeImages_v2.0.50727_64\System.ServiceProce#\c48041d72e78f31f231c42309328779b\System.ServiceProcess.ni.dll - ok
21:30:00.0573 5844 [ 1B1431D9520C7578AD5633ED2A70625F ] C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorjit.dll
21:30:00.0573 5844 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorjit.dll - ok
21:30:00.0588 5844 [ 89344657836F91640F3DDB235D0E7F73 ] C:\Windows\assembly\NativeImages_v2.0.50727_64\WindowsBase\5f684be17ae6b826f6f9eaa170b41b05\WindowsBase.ni.dll
21:30:00.0588 5844 C:\Windows\assembly\NativeImages_v2.0.50727_64\WindowsBase\5f684be17ae6b826f6f9eaa170b41b05\WindowsBase.ni.dll - ok
21:30:00.0604 5844 [ 7BB710183AAD6C420A8FAF7C4ABC6384 ] C:\Windows\assembly\NativeImages_v2.0.50727_64\PresentationCore\68f908f70841f6159b1124f89029ef77\PresentationCore.ni.dll
21:30:00.0604 5844 C:\Windows\assembly\NativeImages_v2.0.50727_64\PresentationCore\68f908f70841f6159b1124f89029ef77\PresentationCore.ni.dll - ok
21:30:00.0619 5844 [ C264145F107437CBD3B30303733AEE4F ] C:\Windows\assembly\GAC_64\PresentationCore\3.0.0.0__31bf3856ad364e35\PresentationCore.dll
21:30:00.0619 5844 C:\Windows\assembly\GAC_64\PresentationCore\3.0.0.0__31bf3856ad364e35\PresentationCore.dll - ok
21:30:00.0619 5844 [ C8541AECCCA9260DE93C85F214110FA8 ] C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\wpfgfx_v0300.dll
21:30:00.0619 5844 C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\wpfgfx_v0300.dll - ok
21:30:00.0651 5844 [ 3977D4A871CA0D4F2ED1E7DB46829731 ] C:\Windows\System32\appinfo.dll
21:30:00.0651 5844 C:\Windows\System32\appinfo.dll - ok
21:30:00.0651 5844 [ BF1FC3F79B863C914687A737C2F3D681 ] C:\Windows\System32\wdi.dll
21:30:00.0651 5844 C:\Windows\System32\wdi.dll - ok
21:30:00.0666 5844 [ 4B78B431F225FD8624C5655CB1DE7B61 ] C:\Windows\System32\aelupsvc.dll
21:30:00.0666 5844 C:\Windows\System32\aelupsvc.dll - ok
21:30:00.0682 5844 [ 93221146D4EBBF314C29B23CD6CC391D ] C:\Windows\System32\wpdbusenum.dll
21:30:00.0682 5844 C:\Windows\System32\wpdbusenum.dll - ok
21:30:00.0682 5844 [ F7073C962C4FB7C415565DDE109DE49F ] C:\Windows\System32\npmproxy.dll
21:30:00.0682 5844 C:\Windows\System32\npmproxy.dll - ok
21:30:00.0697 5844 [ 15E298B5EC5B89C5994A59863969D9FF ] C:\Windows\SysWOW64\npmproxy.dll
21:30:00.0697 5844 C:\Windows\SysWOW64\npmproxy.dll - ok
21:30:00.0713 5844 [ 847D3AE376C0817161A14A82C8922A9E ] C:\Windows\System32\netman.dll
21:30:00.0713 5844 C:\Windows\System32\netman.dll - ok
21:30:00.0729 5844 [ 4449D23E8F197862F1B16F1E6C89C36C ] C:\Windows\System32\diagperf.dll
21:30:00.0729 5844 C:\Windows\System32\diagperf.dll - ok
21:30:00.0729 5844 [ BF4AC709BE5BF64F331F5D67773A0C82 ] C:\Windows\System32\perftrack.dll
21:30:00.0729 5844 C:\Windows\System32\perftrack.dll - ok
21:30:00.0744 5844 [ AFA79C343F9D1555F7E5D5FA70BB2A14 ] C:\Windows\System32\PortableDeviceConnectApi.dll
21:30:00.0744 5844 C:\Windows\System32\PortableDeviceConnectApi.dll - ok
21:30:00.0760 5844 [ E629F1A051C82795DDFFD3E8D4855811 ] C:\Windows\System32\dimsjob.dll
21:30:00.0760 5844 C:\Windows\System32\dimsjob.dll - ok
21:30:00.0760 5844 [ E1B22739C933BE33F53DB58C5393ADD3 ] C:\Windows\System32\Apphlpdm.dll
21:30:00.0760 5844 C:\Windows\System32\Apphlpdm.dll - ok
21:30:00.0775 5844 [ 46863C4CC5B68EB09EA2D5EEF0F1193A ] C:\Windows\System32\radardt.dll
21:30:00.0775 5844 C:\Windows\System32\radardt.dll - ok
21:30:00.0791 5844 [ D2155709E336C3BC15729EB87FEC6064 ] C:\Windows\System32\rasdlg.dll
21:30:00.0791 5844 C:\Windows\System32\rasdlg.dll - ok
21:30:00.0807 5844 [ 9719E3D834F5C8C43F56A93DFA497023 ] C:\Windows\System32\pnpts.dll
21:30:00.0807 5844 C:\Windows\System32\pnpts.dll - ok
21:30:00.0822 5844 [ E811F8510B133E70CF6E509FB809824F ] C:\Windows\System32\wdiasqmmodule.dll
21:30:00.0822 5844 C:\Windows\System32\wdiasqmmodule.dll - ok
21:30:00.0822 5844 [ 2DF29664ED261F0FC448E58F338F0671 ] C:\Windows\System32\mprapi.dll
21:30:00.0822 5844 C:\Windows\System32\mprapi.dll - ok
21:30:00.0838 5844 [ 35CB97CBC3EDC463418ED4997AAB29B6 ] C:\Windows\System32\pautoenr.dll
21:30:00.0838 5844 C:\Windows\System32\pautoenr.dll - ok
21:30:00.0853 5844 [ 94DFBB481BF51158B216E23C5C1C9D6E ] C:\Windows\System32\certcli.dll
21:30:00.0853 5844 C:\Windows\System32\certcli.dll - ok
21:30:00.0869 5844 [ 263B26106606A010CF877472B535E4BB ] C:\Windows\System32\CertEnroll.dll
21:30:00.0869 5844 C:\Windows\System32\CertEnroll.dll - ok
21:30:00.0869 5844 [ F9AFD12BB4B1CFA5FCC0A5B37C604FD2 ] C:\Windows\System32\dot3api.dll
21:30:00.0869 5844 C:\Windows\System32\dot3api.dll - ok
21:30:00.0885 5844 [ E4FCA0F99A41E460C84016DEFD31E6EF ] C:\Windows\System32\wlanhlp.dll
21:30:00.0885 5844 C:\Windows\System32\wlanhlp.dll - ok
21:30:00.0900 5844 [ 3B367397320C26DBA890B260F80D1B1B ] C:\Windows\System32\hnetcfg.dll
21:30:00.0900 5844 C:\Windows\System32\hnetcfg.dll - ok
21:30:00.0916 5844 [ 0B5511674394666E9D221F8681B2C2E6 ] C:\Windows\System32\consent.exe
21:30:00.0916 5844 C:\Windows\System32\consent.exe - ok
21:30:00.0916 5844 [ 5DA219F57A9076FB6FBD3C9C3713A672 ] C:\Windows\System32\WWanAPI.dll
21:30:00.0916 5844 C:\Windows\System32\WWanAPI.dll - ok
21:30:00.0931 5844 [ 62C7AACC746C9723468A8F2169ED3E85 ] C:\Windows\System32\wwapi.dll
21:30:00.0931 5844 C:\Windows\System32\wwapi.dll - ok
21:30:00.0947 5844 [ 6B851E682A36453E1B1EE297FFB6E2AB ] C:\Windows\System32\QAGENT.DLL
21:30:00.0947 5844 C:\Windows\System32\QAGENT.DLL - ok
21:30:00.0963 5844 [ 6699A112A3BDC9B52338512894EBA9D6 ] C:\Program Files\Windows Media Player\wmpnscfg.exe
21:30:00.0963 5844 C:\Program Files\Windows Media Player\wmpnscfg.exe - ok
21:30:00.0963 5844 [ 908ACB1F594274965A53926B10C81E89 ] C:\Windows\System32\provsvc.dll
21:30:00.0963 5844 C:\Windows\System32\provsvc.dll - ok
21:30:00.0978 5844 [ C7494C67A6BF6FE914808E42F8265FEF ] C:\Program Files\Windows Media Player\wmpnssci.dll
21:30:00.0978 5844 C:\Program Files\Windows Media Player\wmpnssci.dll - ok
21:30:00.0994 5844 [ A9F3BFC9345F49614D5859EC95B9E994 ] C:\Program Files\Windows Media Player\wmpnetwk.exe
21:30:00.0994 5844 C:\Program Files\Windows Media Player\wmpnetwk.exe - ok
21:30:01.0009 5844 [ 423982DD851406A52B6399DDB196C606 ] C:\Windows\System32\wmdrmdev.dll
21:30:01.0009 5844 C:\Windows\System32\wmdrmdev.dll - ok
21:30:01.0025 5844 [ A3C465224F83ABE1C274C5A0A101133E ] C:\Windows\assembly\temp\U\800000cf.@
21:30:01.0025 5844 C:\Windows\assembly\temp\U\800000cf.@ - ok
21:30:01.0025 5844 [ 00A29CDC90021D91949A9C5FF39F4AC4 ] C:\Windows\assembly\temp\U\800000cb.@
21:30:01.0025 5844 C:\Windows\assembly\temp\U\800000cb.@ - ok
21:30:01.0041 5844 [ 057A2908C613989B6F4E0FF7673FDF7A ] C:\Windows\assembly\temp\U\800000c0.@
21:30:01.0041 5844 C:\Windows\assembly\temp\U\800000c0.@ - ok
21:30:01.0056 5844 [ ECA8A730868AE946E555C47373D230DA ] C:\Windows\assembly\temp\U\80000004.@
21:30:01.0056 5844 C:\Windows\assembly\temp\U\80000004.@ - ok
21:30:01.0072 5844 [ C25432264AC275257F2EEC4F659B5A89 ] C:\Windows\assembly\temp\U\80000000.@
21:30:01.0072 5844 C:\Windows\assembly\temp\U\80000000.@ - ok
21:30:01.0072 5844 [ 864851B1AA03B5A37C8D2428A2744A3B ] C:\Windows\assembly\temp\U\00000004.@
21:30:01.0072 5844 C:\Windows\assembly\temp\U\00000004.@ - ok
21:30:01.0087 5844 [ 1EB82516F21F27EED1833B4F9FD9614E ] C:\Windows\System32\wmp.dll
21:30:01.0087 5844 C:\Windows\System32\wmp.dll - ok
21:30:01.0103 5844 [ C5B0324DB461559ADD070E632A6919FA ] C:\Windows\SysWOW64\wbem\wbemprox.dll
21:30:01.0103 5844 C:\Windows\SysWOW64\wbem\wbemprox.dll - ok
21:30:01.0119 5844 [ 972DCC74D4CDCB64086E7CFACBDB74CB ] C:\Windows\Microsoft.NET\Framework\v2.0.50727\WMINet_Utils.dll
21:30:01.0119 5844 C:\Windows\Microsoft.NET\Framework\v2.0.50727\WMINet_Utils.dll - ok
21:30:01.0119 5844 [ 776AE0564F8B1C282E331FD95A1BDC5F ] C:\Windows\SysWOW64\wbem\wbemsvc.dll
21:30:01.0119 5844 C:\Windows\SysWOW64\wbem\wbemsvc.dll - ok
21:30:01.0134 5844 [ CFC7D8289D2B5F3CF8D16E2DB7F93D4A ] C:\Windows\SysWOW64\wbem\fastprox.dll
21:30:01.0134 5844 C:\Windows\SysWOW64\wbem\fastprox.dll - ok
21:30:01.0150 5844 [ E3E811471DE781900FF21C1FD84E941E ] C:\Windows\SysWOW64\ntdsapi.dll
21:30:01.0150 5844 C:\Windows\SysWOW64\ntdsapi.dll - ok
21:30:01.0165 5844 [ 25B50D384D3B6EBC782DC544502AB373 ] C:\Windows\System32\jscript.dll
21:30:01.0165 5844 C:\Windows\System32\jscript.dll - ok
21:30:01.0181 5844 [ E19AD0D49BFF5938B3E374873AC174DE ] C:\Windows\System32\wmploc.DLL
21:30:01.0181 5844 C:\Windows\System32\wmploc.DLL - ok
21:30:01.0181 5844 [ 6607C2182C6A53ED983813AFE2F85768 ] C:\Windows\System32\wbem\cimwin32.dll
21:30:01.0181 5844 C:\Windows\System32\wbem\cimwin32.dll - ok
21:30:01.0197 5844 [ 1484B9EBF567346582DE571B0E164AE0 ] C:\Windows\System32\framedynos.dll
21:30:01.0197 5844 C:\Windows\System32\framedynos.dll - ok
21:30:01.0212 5844 [ 0D893F8D145D3B125B0226727C243A69 ] C:\Windows\System32\security.dll
21:30:01.0212 5844 C:\Windows\System32\security.dll - ok
21:30:01.0228 5844 [ 2C1055E2C6D42753241FB2A129136994 ] C:\Windows\System32\drmv2clt.dll
21:30:01.0228 5844 C:\Windows\System32\drmv2clt.dll - ok
21:30:01.0228 5844 [ 012787CEB35505EB78DF82E0A0072888 ] C:\Windows\System32\browcli.dll
21:30:01.0228 5844 C:\Windows\System32\browcli.dll - ok
21:30:01.0243 5844 [ EDD2AD141DEBD425D74A52A4D7BE6AC4 ] C:\Windows\SysWOW64\perfctrs.dll
21:30:01.0243 5844 C:\Windows\SysWOW64\perfctrs.dll - ok
21:30:01.0259 5844 [ C4BFE4B61086416B0529212F92BCE081 ] C:\Windows\System32\schedcli.dll
21:30:01.0259 5844 C:\Windows\System32\schedcli.dll - ok
21:30:01.0275 5844 [ D9E21CBF9E6A87847AFFD39EA3FA28EE ] C:\Windows\System32\SearchProtocolHost.exe
21:30:01.0275 5844 C:\Windows\System32\SearchProtocolHost.exe - ok
21:30:01.0290 5844 [ 47B8DEBEC68FACCD026F99CAE8698C93 ] C:\Windows\System32\webcheck.dll
21:30:01.0290 5844 C:\Windows\System32\webcheck.dll - ok
21:30:01.0290 5844 [ 871F7F32E3441580138E61A4AA072DF6 ] C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml\f687c43e9fdec031988b33ae722c4613\System.Xml.ni.dll
21:30:01.0290 5844 C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml\f687c43e9fdec031988b33ae722c4613\System.Xml.ni.dll - ok
21:30:01.0306 5844 [ 21E110FF1C0E948860458BD7B692DE13 ] C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\195a77fcc6206f8bb35d419ff2cf0d72\System.Configuration.ni.dll
21:30:01.0306 5844 C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\195a77fcc6206f8bb35d419ff2cf0d72\System.Configuration.ni.dll - ok
21:30:01.0321 5844 [ 97A891E2BF7FDA830BCFC6269DA3F5E9 ] C:\Windows\System32\blackbox.dll
21:30:01.0321 5844 C:\Windows\System32\blackbox.dll - ok
21:30:01.0321 5844 [ 8494E126F0B10180F3293AF861CE1F7A ] C:\Windows\System32\mlang.dll
21:30:01.0321 5844 C:\Windows\System32\mlang.dll - ok
21:30:01.0337 5844 [ 101797BA603D227946B4B5109867EB19 ] C:\Windows\System32\SyncCenter.dll
21:30:01.0337 5844 C:\Windows\System32\SyncCenter.dll - ok
21:30:01.0353 5844 [ 97A1AFD42B8016D132C7BF38C955C6E1 ] C:\Program Files (x86)\Toshiba\ConfigFree\NDSTray.exe
21:30:01.0353 5844 C:\Program Files (x86)\Toshiba\ConfigFree\NDSTray.exe - ok
21:30:01.0368 5844 [ 131DFB6DC47571B23523504F947A991D ] C:\Program Files (x86)\Toshiba\ConfigFree\NDSParts.dll
21:30:01.0368 5844 C:\Program Files (x86)\Toshiba\ConfigFree\NDSParts.dll - ok
21:30:01.0384 5844 [ D2A5B2B09F2AF5ED13BF494508B09788 ] C:\Windows\System32\msshooks.dll
21:30:01.0384 5844 C:\Windows\System32\msshooks.dll - ok
21:30:01.0384 5844 [ 49A3AD5CE578CD77F445F3D244AEAB2D ] C:\Windows\System32\SearchFilterHost.exe
21:30:01.0384 5844 C:\Windows\System32\SearchFilterHost.exe - ok
21:30:01.0399 5844 [ 8130391F82D52D36C0441F714136957F ] C:\Windows\System32\imapi2.dll
21:30:01.0399 5844 C:\Windows\System32\imapi2.dll - ok
21:30:01.0415 5844 [ AB11CEFE591909A85E98E27A230807C7 ] C:\Program Files\Windows Sidebar\sbdrop.dll
21:30:01.0415 5844 C:\Program Files\Windows Sidebar\sbdrop.dll - ok
21:30:01.0431 5844 [ A13028FCACBA4EF766F6BA7CD04E3565 ] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\atiacm64.dll
21:30:01.0431 5844 C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\atiacm64.dll - ok
21:30:01.0431 5844 [ 441A0C03D97D5A1B89B4B2AC5A6DD467 ] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\atiamenu.dll
21:30:01.0431 5844 C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\atiamenu.dll - ok
21:30:01.0446 5844 [ F0074CEB72EA93608037C98A1F187DB5 ] C:\Windows\System32\Display.dll
21:30:01.0446 5844 C:\Windows\System32\Display.dll - ok
21:30:01.0462 5844 [ 6A5C1A8AC0B572679361026D0E900420 ] C:\Windows\System32\hgcpl.dll
21:30:01.0462 5844 C:\Windows\System32\hgcpl.dll - ok
21:30:01.0477 5844 [ 0438CAB2E03F4FB61455A7956026FE86 ] C:\Windows\System32\fdPHost.dll
21:30:01.0477 5844 C:\Windows\System32\fdPHost.dll - ok
21:30:01.0493 5844 [ E3BF29CED96790CDAAFA981FFDDF53A3 ] C:\Program Files\Windows Sidebar\sidebar.exe
21:30:01.0493 5844 C:\Program Files\Windows Sidebar\sidebar.exe - ok
21:30:01.0493 5844 [ CFA6B4D4A70D67C6387C29FA6FD703D0 ] C:\Windows\System32\themecpl.dll
21:30:01.0493 5844 C:\Windows\System32\themecpl.dll - ok
21:30:01.0509 5844 [ 48041BAEB60CE5F34F13CC2A1361E49C ] C:\Windows\System32\mssph.dll
21:30:01.0509 5844 C:\Windows\System32\mssph.dll - ok
21:30:01.0524 5844 [ 8F4BB0CFECED925D440ABC2481278360 ] C:\Windows\System32\mapi32.dll
21:30:01.0524 5844 C:\Windows\System32\mapi32.dll - ok
21:30:01.0540 5844 [ 171D7DB433314A868507C4326E8209DC ] C:\Windows\System32\fdWSD.dll
21:30:01.0540 5844 C:\Windows\System32\fdWSD.dll - ok
21:30:01.0540 5844 [ A2E5B2D20954210DCE1A75A1FC8CC36D ] C:\Windows\System32\fdSSDP.dll
21:30:01.0540 5844 C:\Windows\System32\fdSSDP.dll - ok
21:30:01.0555 5844 [ 96DB78C9C50CEED9DA5050EFFEE272A2 ] C:\Windows\System32\upnp.dll
21:30:01.0555 5844 C:\Windows\System32\upnp.dll - ok
21:30:01.0571 5844 [ 2A436796758BF2555A26C770FE8A6FEE ] C:\Windows\System32\fdProxy.dll
21:30:01.0571 5844 C:\Windows\System32\fdProxy.dll - ok
21:30:01.0571 5844 [ 51B52FBD583CDE8AA9BA62B8B4298F33 ] C:\Windows\System32\ssdpsrv.dll
21:30:01.0571 5844 C:\Windows\System32\ssdpsrv.dll - ok
21:30:01.0587 5844 [ 2766769440198C1E63122865850BB631 ] C:\Program Files (x86)\Toshiba\ConfigFree\NDSAPI.dll
21:30:01.0587 5844 C:\Program Files (x86)\Toshiba\ConfigFree\NDSAPI.dll - ok
21:30:01.0602 5844 [ DA4950C4239E0C4FF35895FD7AA46B05 ] C:\Program Files (x86)\Toshiba\ConfigFree\CFWlApi.dll
21:30:01.0602 5844 C:\Program Files (x86)\Toshiba\ConfigFree\CFWlApi.dll - ok
21:30:01.0618 5844 [ 1F5AFD468EB5E09E9ED75A087529EAB5 ] C:\Windows\winsxs\x86_microsoft.vc80.mfc_1fc8b3b9a1e18e3b_8.0.50727.6195_none_cbf5e994470a1a8f\mfc80.dll
21:30:01.0618 5844 C:\Windows\winsxs\x86_microsoft.vc80.mfc_1fc8b3b9a1e18e3b_8.0.50727.6195_none_cbf5e994470a1a8f\mfc80.dll - ok
21:30:01.0633 5844 [ C1D9E25FC988516DF703D6E12ACA915F ] C:\Program Files\Internet Explorer\ieproxy.dll
21:30:01.0633 5844 C:\Program Files\Internet Explorer\ieproxy.dll - ok
21:30:01.0633 5844 [ 355A138ABDFD43FBABCAE3A1B06AB93D ] C:\Windows\System32\wmpps.dll
21:30:01.0633 5844 C:\Windows\System32\wmpps.dll - ok
21:30:01.0649 5844 [ 839F96DBAAFD3353E0B248A5E0BD2A51 ] C:\Windows\SysWOW64\rasapi32.dll
21:30:01.0649 5844 C:\Windows\SysWOW64\rasapi32.dll - ok
21:30:01.0665 5844 [ FFA7172354B9256DBB2CDD75F16F33FE ] C:\Windows\SysWOW64\rasman.dll
21:30:01.0665 5844 C:\Windows\SysWOW64\rasman.dll - ok
21:30:01.0680 5844 [ 0915C4DB6DBC3BB9E11B7ECBBE4B7159 ] C:\Windows\SysWOW64\rtutils.dll
21:30:01.0680 5844 C:\Windows\SysWOW64\rtutils.dll - ok
21:30:01.0680 5844 [ D39DA70FEA6BD713682F70635587DA9E ] C:\Windows\SysWOW64\rasdlg.dll
21:30:01.0680 5844 C:\Windows\SysWOW64\rasdlg.dll - ok
21:30:01.0696 5844 [ D4191EFAB91E00FC09257AA5EBAF503B ] C:\Windows\SysWOW64\mprapi.dll
21:30:01.0696 5844 C:\Windows\SysWOW64\mprapi.dll - ok
21:30:01.0711 5844 [ D6B4CA6DB025235CF02540098677065C ] C:\Program Files (x86)\Toshiba\ConfigFree\NDSMUI.dll
21:30:01.0711 5844 C:\Program Files (x86)\Toshiba\ConfigFree\NDSMUI.dll - ok
21:30:01.0727 5844 [ E2C48CD0132D4D1DC7D0DF9A6BEF686A ] C:\Windows\winsxs\x86_microsoft.vc80.mfc_1fc8b3b9a1e18e3b_8.0.50727.6195_none_cbf5e994470a1a8f\mfc80u.dll
21:30:01.0727 5844 C:\Windows\winsxs\x86_microsoft.vc80.mfc_1fc8b3b9a1e18e3b_8.0.50727.6195_none_cbf5e994470a1a8f\mfc80u.dll - ok
21:30:01.0743 5844 [ 14A4EDA189DB5953B9E1C4391E796619 ] C:\Program Files (x86)\Toshiba\ConfigFree\CFWRPAR_CS.dll
21:30:01.0743 5844 C:\Program Files (x86)\Toshiba\ConfigFree\CFWRPAR_CS.dll - ok
21:30:01.0743 5844 [ 28A09777D2D952122567A8A82F1A2C7B ] C:\Windows\winsxs\x86_microsoft.vc80.mfcloc_1fc8b3b9a1e18e3b_8.0.50727.6195_none_03ce2c72205943d3\mfc80ENU.dll
21:30:01.0758 5844 C:\Windows\winsxs\x86_microsoft.vc80.mfcloc_1fc8b3b9a1e18e3b_8.0.50727.6195_none_03ce2c72205943d3\mfc80ENU.dll - ok
21:30:01.0758 5844 [ 42F4E3B9B55ECF4A8CCB9316DE40595E ] C:\Windows\assembly\NativeImages_v2.0.50727_32\Accessibility\d908c91e24616e6b8d38c9da61038b25\Accessibility.ni.dll
21:30:01.0758 5844 C:\Windows\assembly\NativeImages_v2.0.50727_32\Accessibility\d908c91e24616e6b8d38c9da61038b25\Accessibility.ni.dll - ok
21:30:01.0774 5844 [ 1D109ED0D660654EA7FF1574558031C4 ] C:\Windows\winsxs\x86_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.6195_none_d09154e044272b9a\msvcm80.dll
21:30:01.0774 5844 C:\Windows\winsxs\x86_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.6195_none_d09154e044272b9a\msvcm80.dll - ok
21:30:01.0789 5844 [ 914B21DE81294E650020D6F216E4C62A ] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MMLoadDrv.exe
21:30:01.0789 5844 C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MMLoadDrv.exe - ok
21:30:01.0805 5844 [ C00DB14550E4BD49737F311C644E45FF ] C:\Windows\System32\wmi.dll
21:30:01.0805 5844 C:\Windows\System32\wmi.dll - ok
21:30:01.0821 5844 [ 67EC459E42D3081DD8FD34356F7CAFC1 ] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\msvcr100.dll
21:30:01.0821 5844 C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\msvcr100.dll - ok
21:30:01.0821 5844 [ 0AE0C4955E1DE29CCDC9DA1B816FE5EE ] C:\Windows\SysWOW64\quartz.dll
21:30:01.0821 5844 C:\Windows\SysWOW64\quartz.dll - ok
21:30:01.0836 5844 [ 9CBA622FF7067C25335CA7EB5583479D ] C:\Windows\assembly\NativeImages_v4.0.30319_64\WindowsBase\64ab53fcea54a4fad6023e1fb6bfa8eb\WindowsBase.ni.dll
21:30:01.0836 5844 C:\Windows\assembly\NativeImages_v4.0.30319_64\WindowsBase\64ab53fcea54a4fad6023e1fb6bfa8eb\WindowsBase.ni.dll - ok
21:30:01.0852 5844 [ 8A07221789D46B2EA7DFCA2BC807572A ] C:\Program Files (x86)\Toshiba\ConfigFree\CFSwMgr.exe
21:30:01.0852 5844 C:\Program Files (x86)\Toshiba\ConfigFree\CFSwMgr.exe - ok
21:30:01.0852 5844 [ 1F27643C4C626457FCE8F047AE1CD7E1 ] C:\Windows\SysWOW64\dxva2.dll
21:30:01.0852 5844 C:\Windows\SysWOW64\dxva2.dll - ok
21:30:01.0867 5844 [ 3F50200237961034FACE602373838980 ] C:\Windows\SysWOW64\FirewallAPI.dll
21:30:01.0867 5844 C:\Windows\SysWOW64\FirewallAPI.dll - ok
21:30:01.0883 5844 [ 1775EF109C03ABF4556B985523614BFA ] C:\Windows\assembly\NativeImages_v4.0.30319_64\PresentationCore\71b70f14cbaf2f9ff3160c82f673841f\PresentationCore.ni.dll
21:30:01.0883 5844 C:\Windows\assembly\NativeImages_v4.0.30319_64\PresentationCore\71b70f14cbaf2f9ff3160c82f673841f\PresentationCore.ni.dll - ok
21:30:01.0899 5844 [ B583470196CE1A262FDEA84D8A06E9B1 ] C:\Windows\assembly\NativeImages_v4.0.30319_64\PresentationFramewo#\9acf78eb30602fa08d0888be7335ec95\PresentationFramework.ni.dll
21:30:01.0899 5844 C:\Windows\assembly\NativeImages_v4.0.30319_64\PresentationFramewo#\9acf78eb30602fa08d0888be7335ec95\PresentationFramework.ni.dll - ok
21:30:01.0914 5844 [ C9729DE2AD256E51566FCDA8684E7E85 ] C:\Windows\assembly\NativeImages_v4.0.30319_64\System.Xaml\9ae2351f8a6cec0be0f3730d8efaccfb\System.Xaml.ni.dll
21:30:01.0914 5844 C:\Windows\assembly\NativeImages_v4.0.30319_64\System.Xaml\9ae2351f8a6cec0be0f3730d8efaccfb\System.Xaml.ni.dll - ok
21:30:01.0914 5844 [ 7426279D625196393EABBEFE1C60A0C2 ] C:\Windows\System32\DWrite.dll
21:30:01.0914 5844 C:\Windows\System32\DWrite.dll - ok
21:30:01.0930 5844 [ BDC206224E13CFD897FD7C7D31F90BB4 ] C:\Windows\Microsoft.NET\Framework64\v4.0.30319\WPF\wpfgfx_v0400.dll
21:30:01.0930 5844 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\WPF\wpfgfx_v0400.dll - ok
21:30:01.0945 5844 [ BF83B1B5DAD46A4A88A0CEDF36176F0E ] C:\Windows\Microsoft.NET\Framework64\v4.0.30319\WPF\PresentationNative_v0400.dll
21:30:01.0945 5844 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\WPF\PresentationNative_v0400.dll - ok
21:30:01.0961 5844 [ 809767F5D7C013579A8BD97320DEEACD ] C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Proxy.Native.dll
21:30:01.0961 5844 C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Proxy.Native.dll - ok
21:30:01.0977 5844 [ 0BF4362E18DFC52382F418278DCC52C4 ] C:\Windows\System32\rdpdd.dll
21:30:01.0977 5844 C:\Windows\System32\rdpdd.dll - ok
21:30:01.0977 5844 [ FF6148B1C150DA05D35C68D143AD6DEA ] C:\Windows\System32\RDPENCDD.dll
21:30:01.0977 5844 C:\Windows\System32\RDPENCDD.dll - ok
21:30:01.0992 5844 [ A23A9301EE7152FB6776052E52BDE9D9 ] C:\Windows\System32\RDPREFDD.dll
21:30:01.0992 5844 C:\Windows\System32\RDPREFDD.dll - ok
21:30:02.0008 5844 [ 534D84434D9DB1D1E1E865F64E52AA8E ] C:\Windows\System32\twext.dll
21:30:02.0008 5844 C:\Windows\System32\twext.dll - ok
21:30:02.0023 5844 [ 0B1C3C977F5C7261E6C569C3CF40D6D1 ] C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamext.dll
21:30:02.0023 5844 C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamext.dll - ok
21:30:02.0023 5844 [ 6441D2FFB14B613C1D44D709BC7F8FFA ] C:\Windows\System32\sendmail.dll
21:30:02.0039 5844 C:\Windows\System32\sendmail.dll - ok
21:30:02.0039 5844 [ BBAAE027C176402E221CADBFCAEB5407 ] C:\Windows\System32\zipfldr.dll
21:30:02.0039 5844 C:\Windows\System32\zipfldr.dll - ok
21:30:02.0055 5844 [ 28F23AF5D04C5B6E50C8951437ED851C ] C:\Program Files (x86)\IObit\Game Booster 3\GBV3ContextMenu.dll
21:30:02.0055 5844 C:\Program Files (x86)\IObit\Game Booster 3\GBV3ContextMenu.dll - ok
21:30:02.0070 5844 [ 1850DAAA7E7A2E543C4A299B58AC9162 ] C:\Program Files\WinRAR\RarExt.dll
21:30:02.0070 5844 C:\Program Files\WinRAR\RarExt.dll - ok
21:30:02.0086 5844 [ A10B048B681C38E26CA90CD1BC123604 ] C:\Windows\System32\syncui.dll
21:30:02.0086 5844 C:\Windows\System32\syncui.dll - ok
21:30:02.0086 5844 [ 8699D17DFCFCD327784034DB6BD3A422 ] C:\Windows\System32\synceng.dll
21:30:02.0086 5844 C:\Windows\System32\synceng.dll - ok
21:30:02.0101 5844 [ C8994E2703410F8DFE19DE5BF82994C0 ] C:\Windows\System32\mydocs.dll
21:30:02.0101 5844 C:\Windows\System32\mydocs.dll - ok
21:30:02.0117 5844 [ A943D670747778C7597987A4B5B9A679 ] C:\Windows\System32\WFS.exe
21:30:02.0117 5844 C:\Windows\System32\WFS.exe - ok
21:30:02.0133 5844 [ 21B62252D283FBF75A5F67849EBD9B2E ] C:\Windows\System32\WFSR.dll
21:30:02.0133 5844 C:\Windows\System32\WFSR.dll - ok
21:30:02.0133 5844 [ 5F639198C4137075DA50E61C23963C11 ] C:\Windows\System32\drprov.dll
21:30:02.0133 5844 C:\Windows\System32\drprov.dll - ok
21:30:02.0148 5844 [ BC566D17914B07ABAAB3A5A385CC3300 ] C:\Windows\System32\ntlanman.dll
21:30:02.0148 5844 C:\Windows\System32\ntlanman.dll - ok
21:30:02.0164 5844 [ B3A33600DCDFB84D7FBE09ADEB1C9B8A ] C:\Windows\System32\davclnt.dll
21:30:02.0164 5844 C:\Windows\System32\davclnt.dll - ok
21:30:02.0179 5844 [ 45B24A357C801CE62052FE0CDC8BD4D2 ] C:\Windows\System32\davhlpr.dll
21:30:02.0179 5844 C:\Windows\System32\davhlpr.dll - ok
21:30:02.0195 5844 [ 4715F8F8CDBFFF2728BA38B789A1D7C7 ] C:\Windows\System32\wpdshext.dll
21:30:02.0195 5844 C:\Windows\System32\wpdshext.dll - ok
21:30:02.0195 5844 [ 03AB2A2E426C2AD400AC8315226347F8 ] C:\Windows\System32\EhStorAPI.dll
21:30:02.0195 5844 C:\Windows\System32\EhStorAPI.dll - ok
21:30:02.0211 5844 [ F2C7BB8ACC97F92E987A2D4087D021B1 ] C:\Windows\System32\notepad.exe
21:30:02.0211 5844 C:\Windows\System32\notepad.exe - ok
21:30:02.0226 5844 [ 220159496484D34009DE71CA1A68E0D4 ] C:\Windows\System32\wbem\NCProv.dll
21:30:02.0226 5844 C:\Windows\System32\wbem\NCProv.dll - ok
21:30:02.0242 5844 [ 5C4CB4086FB83115B153E47ADD961A0C ] C:\Windows\System32\FntCache.dll
21:30:02.0242 5844 C:\Windows\System32\FntCache.dll - ok
21:30:02.0242 5844 [ 4C3DAEE652B005B483F16B8E9131C99D ] C:\Windows\System32\d3d9.dll
21:30:02.0242 5844 C:\Windows\System32\d3d9.dll - ok
21:30:02.0257 5844 [ 3044D07ABDF4BBEA27E2EE7B1E0C0C65 ] C:\Windows\System32\d3d8thk.dll
21:30:02.0257 5844 C:\Windows\System32\d3d8thk.dll - ok
21:30:02.0273 5844 [ EC4D2AFB67006710FF7E88301A61C255 ] C:\Windows\System32\atiu9p64.dll
21:30:02.0273 5844 C:\Windows\System32\atiu9p64.dll - ok
21:30:02.0289 5844 [ C1500AE321A62D2BA6F1CEBDD5A5CD34 ] C:\Windows\System32\atiumd64.dll
21:30:02.0289 5844 C:\Windows\System32\atiumd64.dll - ok
21:30:02.0289 5844 [ 890E46398C02846B43238DBE2EF7E78F ] C:\Windows\System32\atiumd6a.dll
21:30:02.0304 5844 C:\Windows\System32\atiumd6a.dll - ok
21:30:02.0304 5844 [ 8D3172BA107390656B93264E71E4B471 ] C:\Windows\assembly\NativeImages_v4.0.30319_64\PresentationFramewo#\d4b68a6a6c426322c687ad921005132f\PresentationFramework.Classic.ni.dll
21:30:02.0304 5844 C:\Windows\assembly\NativeImages_v4.0.30319_64\PresentationFramewo#\d4b68a6a6c426322c687ad921005132f\PresentationFramework.Classic.ni.dll - ok
21:30:02.0320 5844 [ 80C834BA6B844C4B717F2465C4E8EC0F ] C:\Windows\System32\WindowsCodecsExt.dll
21:30:02.0320 5844 C:\Windows\System32\WindowsCodecsExt.dll - ok
21:30:02.0335 5844 [ 1D296F090ED401967B30BD2B970DC306 ] C:\Windows\System32\icm32.dll
21:30:02.0335 5844 C:\Windows\System32\icm32.dll - ok
21:30:02.0351 5844 [ A448643FC3CFC619AE306798D971ACC7 ] C:\Windows\assembly\NativeImages_v4.0.30319_64\WindowsFormsIntegra#\25d7d70b52741c89804b017e156b02b6\WindowsFormsIntegration.ni.dll
21:30:02.0351 5844 C:\Windows\assembly\NativeImages_v4.0.30319_64\WindowsFormsIntegra#\25d7d70b52741c89804b017e156b02b6\WindowsFormsIntegration.ni.dll - ok
21:30:02.0351 5844 ============================================================
21:30:02.0351 5844 Scan finished
21:30:02.0351 5844 ============================================================
21:30:02.0367 5836 Detected object count: 3
21:30:02.0367 5836 Actual detected object count: 3
21:37:06.0608 5836 IDriverT ( UnsignedFile.Multi.Generic ) - skipped by user
21:37:06.0608 5836 IDriverT ( UnsignedFile.Multi.Generic ) - User select action: Skip
21:37:06.0608 5836 unrealircd ( Backdoor.Multi.ZAccess.gen ) - skipped by user
21:37:06.0608 5836 unrealircd ( Backdoor.Multi.ZAccess.gen ) - User select action: Skip
21:37:06.0608 5836 C:\windows\system32\consrv.dll ( Backdoor.Multi.ZAccess.genb ) - skipped by user
21:37:06.0608 5836 C:\windows\system32\consrv.dll ( Backdoor.Multi.ZAccess.genb ) - User select action: Skip
21:40:50.0259 2884 Deinitialize success

Log from aswMBR:

aswMBR version 0.9.9.1707 Copyright© 2011 AVAST Software
Run date: 2013-01-25 21:43:46
-----------------------------
21:43:46.469 OS Version: Windows x64 6.1.7601 Service Pack 1
21:43:46.469 Number of processors: 2 586 0x100
21:43:46.469 ComputerName: JAY-PC UserName:
21:43:48.159 Initialize success
21:47:42.069 AVAST engine defs: 13012501
21:48:17.850 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP0T0L0-0
21:48:17.858 Disk 0 Vendor: TOSHIBA_MK5075GSX GT001M Size: 476940MB BusType: 11
21:48:17.878 Disk 0 MBR read successfully
21:48:17.885 Disk 0 MBR scan
21:48:17.903 Disk 0 Windows VISTA default MBR code
21:48:17.924 Disk 0 Partition 1 80 (A) 27 Hidden NTFS WinRE NTFS 1500 MB offset 2048
21:48:17.941 Disk 0 Partition 2 00 07 HPFS/NTFS NTFS 463319 MB offset 3074048
21:48:17.976 Disk 0 Partition 3 00 17 Hidd HPFS/NTFS NTFS 12120 MB offset 951951360
21:48:18.032 Disk 0 scanning C:\windows\system32\drivers
21:48:33.048 Service scanning
21:49:14.161 Service unrealircd C:\windows\system32\ftpqueue.dll **INFECTED** Win64:ZAccess-E [Rtk]
21:49:21.617 Modules scanning
21:49:21.627 Disk 0 trace - called modules:
21:49:22.027 ntoskrnl.exe CLASSPNP.SYS disk.sys >>UNKNOWN [0xfffffa8003b112c0]<<sptd.sys ataport.SYS PCIIDEX.SYS hal.dll msahci.sys
21:49:22.037 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0xfffffa80041c1060]
21:49:22.047 3 CLASSPNP.SYS[fffff8800180143f] -> nt!IofCallDriver -> \Device\Ide\IdeDeviceP0T0L0-0[0xfffffa8004062060]
21:49:22.057 \Driver\atapi[0xfffffa8004044910] -> IRP_MJ_CREATE -> 0xfffffa8003b112c0
21:49:24.168 AVAST engine scan C:\windows
21:49:27.988 AVAST engine scan C:\windows\system32
21:49:43.935 File: C:\windows\system32\consrv.dll **INFECTED** Win32:Sirefef-HO [Rtk]
21:50:10.354 File: C:\windows\system32\ftpqueue.dll **INFECTED** Win64:ZAccess-E [Rtk]
21:52:03.153 File: C:\windows\assembly\GAC_32\Desktop.ini **INFECTED** Win32:Sirefef-FQ [Drp]
21:52:05.944 File: C:\windows\assembly\GAC_64\Desktop.ini **INFECTED** Win32:Sirefef-HO [Rtk]
21:54:46.277 File: C:\windows\assembly\temp\U\80000032.@ **INFECTED** Win32:Sirefef-AOO [Trj]
21:54:46.359 File: C:\windows\assembly\temp\U\80000064.@ **INFECTED** Win32:Malware-gen
21:54:48.052 AVAST engine scan C:\windows\system32\drivers
21:55:10.354 AVAST engine scan C:\Users\Administrator.Toshiba
21:56:02.592 File: C:\Users\Administrator.Toshiba\AppData\Local\AppCore\ACFinder\ACFinder.exe **INFECTED** MSIL:Adware-A [Adw]
21:58:17.223 File: C:\Users\Administrator.Toshiba\Downloads\initial d street stage pc.exe **INFECTED** Win32:Adware-gen [Adw]
21:58:50.207 AVAST engine scan C:\ProgramData
22:01:08.352 Scan finished successfully
22:02:50.114 Disk 0 MBR has been saved successfully to "C:\Users\Administrator.Toshiba\Desktop\MBR.dat"
22:02:50.114 The log file has been saved successfully to "C:\Users\Administrator.Toshiba\Desktop\aswMBR.txt"

#15 gringo_pr

gringo_pr

    Bleepin Gringo


  • Malware Response Team
  • 136,772 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Puerto rico
  • Local time:01:49 AM

Posted 26 January 2013 - 07:13 AM

Malwarebytes Anti-Rootkit

1.Download Malwarebytes Anti-Rootkit
2.Unzip the contents to a folder in a convenient location.
3.Open the folder where the contents were unzipped and run mbar.exe
4.Follow the instructions in the wizard to update and allow the program to scan your computer for threats.
5.Click on the Cleanup button to remove any threats and reboot if prompted to do so.
6.Wait while the system shuts down and the cleanup process is performed.
7.Perform another scan with Malwarebytes Anti-Rootkit to verify that no threats remain. If they do, then click Cleanup once more and repeat the process.
8.If no additional threats were found, verify that your system is now running normally, making sure that the following items are functional:
旾nternet access
昗indows Update
昗indows Firewall9.If there are additional problems with your system, such as any of those listed above or other system issues, then run the 'fixdamage' tool included with Malwarebytes Anti-Rootkit and reboot.
10.Verify that your system is now functioning normally.
I Close My Topics If You Have Not Replied In 5 Days If You Will Be Longer Please Let Me Know

If I Have Not Replied To One Of My Topics In 48 Hrs Please Bump The Topic



My help is free, however, if you wish to make a small donation to show your appreciation or to help me continue the fight against Malware, then click here -->btn_donate_SM.gif<-- Don't worry every little bit helps.

Proud Graduate Of Malware Removal University




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users