Jump to content

New-to-Me Laptop with a lot of infections


Recommended Posts

Hi! A friend gave me their Toshiba Sattelite laptop. I unintalled programs I could identify and that I didn't want/need and downloaded Malware bytes to do a scan. 31 infections were found, numerous were root kit / registry infections. I ran another scan, which came up clean, but I know how hard those infections can be to remove and I would love some help in determining if my system is now clean.

I know about not having piracy software on computers before asking for help, but again, this computer is new to me, so I'm not positive if there is anything on here or not.

I'm attaching the dds files.

I so appreciate your help!

thanks,

heather

attach.txt

dds.txt

Link to post
Share on other sites

  • Staff

Greetings and Welcome to The Forums!!

My name is Gringo and I'll be glad to help you with your malware problems.

I have put together somethings for you to keep in mind while I am helping you to make things go easier and faster for both of us


  • Please do not run any tools unless instructed to do so.
    • We ask you to run different tools in a specific order to ensure the malware is completely removed from your machine, and running any additional tools may detect false positives, interfere with our tools, or cause unforeseen damage or system instability.

    [*]Please do not attach logs or use code boxes, just copy and paste the text.

    • Due to the high volume of logs we receive it helps to receive everything in the same format, and code boxes make the logs very difficult to read. Also, attachments require us to download and open the reports when it is easier to just read the reports in your post.

    [*]Please read every post completely before doing anything.

    • Pay special attention to the NOTE: lines, these entries identify an individual issue or important step in the cleanup process.

    [*]Please provide feedback about your experience as we go.

    • A short statement describing how the computer is working helps us understand where to go next, for example: I am still getting redirected, the computer is running normally, etc. Please do not describe the computer as "the same", this requires the extra step of looking back at your previous post.

NOTE: At the top of your post, click on the Watch Topic Button, select Immediate Notification, and click on Proceed. This will send you an e-mail as soon as I reply to your topic, allowing us to resolve the issue faster.

NOTE: Backup any files that cannot be replaced. Removing malware can be unpredictable and this step can save a lot of heartaches if things don't go as planed. You can put them on a CD/DVD, external drive or a pen drive, anywhere except on the computer.

NOTE: It is good practice to copy and paste the instructions into notepad and print them in case it is necessary for you to go offline during the cleanup process. To open notepad, navigate to Start Menu > All Programs > Accessories > Notepad. Please remember to copy the entire post so you do not miss any instructions.

These are the programs I would like you to run next, if you have any problems with these just skip it and run the next one.

-Security Check-

  • Download Security Check by screen317 from
here.
  • Save it to your Desktop.
  • Double click SecurityCheck.exe and follow the onscreen instructions inside of the black box.
  • A Notepad document should open automatically called checkup.txt; please post the contents of that document.

-AdwCleaner-

  • Please download
AdwCleaner by Xplode onto your desktop.
  • Close all open programs and internet browsers.
  • Double click on AdwCleaner.exe to run the tool.
  • Click on Delete.
  • Confirm each time with Ok.
  • Your computer will be rebooted automatically. A text file will open after the restart.
  • Please post the content of that logfile with your next answer.
  • You can find the logfile at C:\AdwCleaner[s1].txt as well.

--RogueKiller--

  • Download & SAVE to your Desktop RogueKiller or from here
    • Quit all programs that you may have started.
    • Please disconnect any USB or external drives from the computer before you run this scan!
    • For Vista or Windows 7, right-click and select "Run as Administrator to start"
    • For Windows XP, double-click to start.
    • Wait until Prescan has finished ...
    • Then Click on "Scan" button
    • Wait until the Status box shows "Scan Finished"
    • click on "delete"
    • Wait until the Status box shows "Deleting Finished"
    • Click on "Report" and copy/paste the content of the Notepad into your next reply.
    • The log should be found in RKreport[1].txt on your Desktop
    • Exit/Close RogueKiller+

Gringo

Link to post
Share on other sites

Gringo...thank you!!!! Other two reports to follow this message.

Security Check

Results of screen317's Security Check version 0.99.56

Windows 7 Service Pack 1 x86 (UAC is enabled)

Internet Explorer 9

``````````````Antivirus/Firewall Check:``````````````

Windows Firewall Enabled!

avast! Internet Security

Antivirus up to date! (On Access scanning disabled!)

`````````Anti-malware/Other Utilities Check:`````````

Malwarebytes Anti-Malware version 1.65.1.1000

Java 6 Update 26

Java version out of Date!

Adobe Flash Player 10 Flash Player out of Date!

Adobe Flash Player 10.3.181.26 Flash Player out of Date!

Adobe Reader 9 Adobe Reader out of Date!

Mozilla Firefox (17.0.1)

Google Chrome 13.0.782.220

Google Chrome 23.0.1271.97

````````Process Check: objlist.exe by Laurent````````

Malwarebytes Anti-Malware mbamservice.exe

Malwarebytes Anti-Malware mbamgui.exe

Malwarebytes Anti-Malware mbam.exe

Malwarebytes' Anti-Malware mbamscheduler.exe

Alwil Software Avast5 AvastUI.exe

`````````````````System Health check`````````````````

Total Fragmentation on Drive C: 0%

````````````````````End of Log``````````````````````

Link to post
Share on other sites

ADW report

# AdwCleaner v2.101 - Logfile created 12/16/2012 at 11:44:32

# Updated 16/12/2012 by Xplode

# Operating system : Windows 7 Home Premium Service Pack 1 (32 bits)

# User : Braun - BRAUN-PC

# Boot Mode : Normal

# Running from : C:\Users\Braun\Downloads\adwcleaner.exe

# Option [Delete]

***** [services] *****

***** [Files / Folders] *****

File Deleted : C:\Program Files\Mozilla Firefox\searchplugins\babylon.xml

File Deleted : C:\Users\Braun\AppData\Roaming\Mozilla\Firefox\Profiles\6kogi6ok.default\searchplugins\Askcom.xml

File Deleted : C:\Users\Braun\AppData\Roaming\Mozilla\Firefox\Profiles\6kogi6ok.default\searchplugins\Conduit.xml

Folder Deleted : C:\Program Files\Babylon

Folder Deleted : C:\Program Files\Search Toolbar

Folder Deleted : C:\ProgramData\Babylon

Folder Deleted : C:\ProgramData\GameTap Web Player

Folder Deleted : C:\ProgramData\Partner

Folder Deleted : C:\Users\Braun\AppData\Local\Babylon

Folder Deleted : C:\Users\Braun\AppData\Local\Conduit

Folder Deleted : C:\Users\Braun\AppData\Local\Google\Chrome\User Data\Default\Extensions\dhkplhfnhceodhffomolpfigojocbpcb

Folder Deleted : C:\Users\Braun\AppData\Local\Temp\AskSearch

Folder Deleted : C:\Users\Braun\AppData\Local\Temp\CT2504091

Folder Deleted : C:\Users\Braun\AppData\LocalLow\Conduit

Folder Deleted : C:\Users\Braun\AppData\LocalLow\facemoods.com

Folder Deleted : C:\Users\Braun\AppData\LocalLow\FunWebProducts

Folder Deleted : C:\Users\Braun\AppData\LocalLow\MyWebSearch

Folder Deleted : C:\Users\Braun\AppData\Roaming\Babylon

Folder Deleted : C:\Users\Braun\AppData\Roaming\Mozilla\Firefox\Profiles\6kogi6ok.default\Conduit

Folder Deleted : C:\Users\Braun\AppData\Roaming\Mozilla\Firefox\Profiles\6kogi6ok.default\ConduitCommon

Folder Deleted : C:\Users\Braun\AppData\Roaming\Mozilla\Firefox\Profiles\6kogi6ok.default\CT2504091

Folder Deleted : C:\Users\Braun\AppData\Roaming\Mozilla\Firefox\Profiles\6kogi6ok.default\CT2720081

Folder Deleted : C:\Users\Braun\AppData\Roaming\Mozilla\Firefox\Profiles\6kogi6ok.default\CT2856415

Folder Deleted : C:\Users\Braun\AppData\Roaming\Mozilla\Firefox\Profiles\6kogi6ok.default\CT2857571

Folder Deleted : C:\Users\Braun\AppData\Roaming\Mozilla\Firefox\Profiles\6kogi6ok.default\extensions\{22e03916-85c5-44b0-8dc9-1830c11238d9}

Folder Deleted : C:\Users\Braun\AppData\Roaming\Mozilla\Firefox\Profiles\6kogi6ok.default\extensions\{313a832a-aaf3-4880-a8d0-c42bee319c02}

Folder Deleted : C:\Users\Braun\AppData\Roaming\Mozilla\Firefox\Profiles\6kogi6ok.default\extensions\{ba14329e-9550-4989-b3f2-9732e92d17cc}

Folder Deleted : C:\Users\Braun\AppData\Roaming\Mozilla\Firefox\Profiles\6kogi6ok.default\extensions\{ce18769b-c7fa-42d2-860d-17c4662c70ad}

Folder Deleted : C:\Users\Braun\AppData\Roaming\Mozilla\Firefox\Profiles\6kogi6ok.default\extensions\ffxtlbr@babylon.com

Folder Deleted : C:\Users\Braun\AppData\Roaming\Mozilla\Firefox\Profiles\6kogi6ok.default\extensions\ffxtlbr@Facemoods.com

***** [Registry] *****

Key Deleted : HKCU\Software\AppDataLow\Software\Fun Web Products

Key Deleted : HKCU\Software\AppDataLow\Software\FunWebProducts

Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4D79-A620-CCE0C0A66CC9}

Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{171DEBEB-C3D4-40B7-AC73-056A5EBA4A7E}

Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{AFDBDDAA-5D3F-42EE-B79C-185A7020515B}

Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{9D425283-D487-4337-BAB6-AB8354A81457}

Key Deleted : HKCU\Software\Zugo

Key Deleted : HKLM\Software\Babylon

Key Deleted : HKLM\SOFTWARE\Classes\AppID\{09C554C3-109B-483C-A06B-F14172F1A947}

Key Deleted : HKLM\SOFTWARE\Classes\AppID\{5B1881D1-D9C7-46DF-B041-1E593282C7D0}

Key Deleted : HKLM\SOFTWARE\Classes\AppID\escort.DLL

Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{2EECD738-5844-4A99-B4B6-146BF802613B}

Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{9AFB8248-617F-460D-9366-D71CDEDA3179}

Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{E46C8196-B634-44A1-AF6E-957C64278AB1}

Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{E95EAD3F-18C6-4304-9DC6-BD6FD8E11D37}

Key Deleted : HKLM\SOFTWARE\Classes\Conduit.Engine

Key Deleted : HKLM\SOFTWARE\Classes\esrv.escrtSrvc

Key Deleted : HKLM\SOFTWARE\Classes\esrv.escrtSrvc.1

Key Deleted : HKLM\SOFTWARE\Classes\Interface\{542FA950-C57A-4E17-B3E1-D935DFE15DEE}

Key Deleted : HKLM\SOFTWARE\Classes\Interface\{5B035F86-41B5-40F1-AAAD-3D219F30244E}

Key Deleted : HKLM\SOFTWARE\Classes\Interface\{6365AC7B-9920-4D8B-AF5D-3BDFEAC340A8}

Key Deleted : HKLM\SOFTWARE\Classes\Interface\{6A934270-717F-4BC3-BA59-BC9BED47A8D2}

Key Deleted : HKLM\SOFTWARE\Classes\Interface\{74C012C4-00FB-4F04-9AFB-4AD5449D2018}

Key Deleted : HKLM\SOFTWARE\Classes\Interface\{79B13431-CCAC-4097-8889-D0289E5E924F}

Key Deleted : HKLM\SOFTWARE\Classes\Interface\{8B8558F6-DC26-4F39-8417-34B8934AA459}

Key Deleted : HKLM\SOFTWARE\Classes\Interface\{8C8D5C57-3CAD-4CF9-BCAD-F873678DA883}

Key Deleted : HKLM\SOFTWARE\Classes\Interface\{981334CB-7B8B-431F-B86D-67B7426B125B}

Key Deleted : HKLM\SOFTWARE\Classes\Interface\{9E393F82-2644-4AB6-B994-1AD39D6C59EE}

Key Deleted : HKLM\SOFTWARE\Classes\Interface\{A3A2A5C0-1306-4D1A-A093-9CECA4230002}

Key Deleted : HKLM\SOFTWARE\Classes\Interface\{C1C2FC43-F042-4F17-AEDB-C5ABF3B42E4B}

Key Deleted : HKLM\SOFTWARE\Classes\Interface\{C8D424EF-CB21-49A0-8659-476FBAB0F8E8}

Key Deleted : HKLM\SOFTWARE\Classes\Interface\{F7EC6286-297C-4981-9DCC-FD7F57BC24C9}

Key Deleted : HKLM\SOFTWARE\Classes\Prod.cap

Key Deleted : HKLM\SOFTWARE\Classes\Toolbar.CT2504091

Key Deleted : HKLM\SOFTWARE\Classes\Toolbar.CT2720081

Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{12A5F606-B1EC-474C-83ED-95E99FD8058E}

Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{AD25754E-D76C-42B3-A335-2F81478B722F}

Key Deleted : HKLM\Software\Conduit

Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\dhkplhfnhceodhffomolpfigojocbpcb

Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\ihflimipbcaljfnojhhknppphnnciiif

Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{AFDBDDAA-5D3F-42EE-B79C-185A7020515B}

Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\Babylon_RASAPI32

Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\Babylon_RASMANCS

Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9D425283-D487-4337-BAB6-AB8354A81457}

Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{08858AF6-42AD-4914-95D2-AC3AB0DC8E28}

Value Deleted : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{9D425283-D487-4337-BAB6-AB8354A81457}]

Value Deleted : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{D4027C7F-154A-4066-A1AD-4243D8127440}]

Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{9D425283-D487-4337-BAB6-AB8354A81457}]

***** [internet Browsers] *****

-\\ Internet Explorer v9.0.8112.16457

Replaced : [HKCU\Software\Microsoft\Internet Explorer\Main - Start Page] = hxxp://search.babylon.com/?babsrc=HP_ss&affID=100487&mntrId=08889085000000000000701a0461e2e1 --> hxxp://www.google.com

-\\ Mozilla Firefox v17.0.1 (en-US)

Profile name : default

File : C:\Users\Braun\AppData\Roaming\Mozilla\Firefox\Profiles\6kogi6ok.default\prefs.js

C:\Users\Braun\AppData\Roaming\Mozilla\Firefox\Profiles\6kogi6ok.default\user.js ... Deleted !

Deleted : user_pref("CT2504091..clientLogIsEnabled", false);

Deleted : user_pref("CT2504091..clientLogServiceUrl", "hxxp://clientlog.users.conduit.com/ClientDiagnostics.as[...]

Deleted : user_pref("CT2504091..uninstallLogServiceUrl", "hxxp://uninstall.users.conduit.com/Uninstall.asmx/Re[...]

Deleted : user_pref("CT2504091.ALLOW_SHOWING_HIDDEN_TOOLBAR", false);

Deleted : user_pref("CT2504091.AboutPrivacyUrl", "hxxp://www.conduit.com/privacy/Default.aspx");

Deleted : user_pref("CT2504091.AppTrackingLastCheckTime", "Tue Aug 02 2011 01:12:59 GMT-0500 (Central Daylight[...]

Deleted : user_pref("CT2504091.BrowserCompStateIsOpen_129566938558801595", true);

Deleted : user_pref("CT2504091.BrowserCompStateIsOpen_129707804829376918", true);

Deleted : user_pref("CT2504091.BrowserCompStateIsOpen_129990558296257215", true);

Deleted : user_pref("CT2504091.CTID", "ct2504091");

Deleted : user_pref("CT2504091.CurrentServerDate", "16-12-2012");

Deleted : user_pref("CT2504091.DialogsAlignMode", "LTR");

Deleted : user_pref("CT2504091.DialogsGetterLastCheckTime", "Sat Dec 15 2012 08:42:59 GMT-0600 (Central Standa[...]

Deleted : user_pref("CT2504091.DownloadReferralCookieData", "");

Deleted : user_pref("CT2504091.EMailNotifierPollDate", "Fri Aug 05 2011 14:27:18 GMT-0500 (Central Daylight Ti[...]

Deleted : user_pref("CT2504091.FeedLastCount129079840422964131", 0);

Deleted : user_pref("CT2504091.FeedPollDate128891351169457140", "Fri Aug 05 2011 13:42:18 GMT-0500 (Central Da[...]

Deleted : user_pref("CT2504091.FeedPollDate129079840422964131", "Fri Aug 05 2011 13:42:18 GMT-0500 (Central Da[...]

Deleted : user_pref("CT2504091.FeedTTL128891351169457140", 40);

Deleted : user_pref("CT2504091.FirstServerDate", "2-8-2011");

Deleted : user_pref("CT2504091.FirstTime", true);

Deleted : user_pref("CT2504091.FirstTimeFF3", true);

Deleted : user_pref("CT2504091.FixPageNotFoundErrors", true);

Deleted : user_pref("CT2504091.GroupingServerCheckInterval", 1440);

Deleted : user_pref("CT2504091.GroupingServiceUrl", "hxxp://grouping.services.conduit.com/");

Deleted : user_pref("CT2504091.HasUserGlobalKeys", true);

Deleted : user_pref("CT2504091.HomePageProtectorEnabled", true);

Deleted : user_pref("CT2504091.Initialize", true);

Deleted : user_pref("CT2504091.InitializeCommonPrefs", true);

Deleted : user_pref("CT2504091.InstallationAndCookieDataSentCount", 3);

Deleted : user_pref("CT2504091.InstallationType", "ConduitIntegration");

Deleted : user_pref("CT2504091.InstalledDate", "Tue Aug 02 2011 01:12:44 GMT-0500 (Central Daylight Time)");

Deleted : user_pref("CT2504091.IsAlertDBUpdated", true);

Deleted : user_pref("CT2504091.IsGrouping", false);

Deleted : user_pref("CT2504091.IsInitSetupIni", true);

Deleted : user_pref("CT2504091.IsMulticommunity", false);

Deleted : user_pref("CT2504091.IsOpenThankYouPage", false);

Deleted : user_pref("CT2504091.IsOpenUninstallPage", false);

Deleted : user_pref("CT2504091.IsProtectorsInit", true);

Deleted : user_pref("CT2504091.LanguagePackLastCheckTime", "Tue Aug 02 2011 01:12:51 GMT-0500 (Central Dayligh[...]

Deleted : user_pref("CT2504091.LanguagePackReloadIntervalMM", 1440);

Deleted : user_pref("CT2504091.LanguagePackServiceUrl", "hxxp://translation.users.conduit.com/Translation.ashx[...]

Deleted : user_pref("CT2504091.LastLogin_3.15.1.0", "Sat Dec 15 2012 22:07:49 GMT-0600 (Central Standard Time)[...]

Deleted : user_pref("CT2504091.LastLogin_3.5.0.12", "Fri Aug 05 2011 13:42:18 GMT-0500 (Central Daylight Time)[...]

Deleted : user_pref("CT2504091.LatestVersion", "3.15.1.0");

Deleted : user_pref("CT2504091.Locale", "en-us");

Deleted : user_pref("CT2504091.MCDetectTooltipHeight", "83");

Deleted : user_pref("CT2504091.MCDetectTooltipUrl", "hxxp://@EB_INSTALL_LINK@/rank/tooltip/?version=1");

Deleted : user_pref("CT2504091.MCDetectTooltipWidth", "295");

Deleted : user_pref("CT2504091.MyStuffEnabledAtInstallation", true);

Deleted : user_pref("CT2504091.OriginalFirstVersion", "3.5.0.12");

Deleted : user_pref("CT2504091.SavedHomepage", "hxxp://www.ask.com/?l=dis&o=16135");

Deleted : user_pref("CT2504091.SearchEngineBeforeUnload", "Web Search");

Deleted : user_pref("CT2504091.SearchFromAddressBarIsInit", true);

Deleted : user_pref("CT2504091.SearchFromAddressBarUrl", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT250[...]

Deleted : user_pref("CT2504091.SearchInNewTabEnabled", true);

Deleted : user_pref("CT2504091.SearchInNewTabIntervalMM", 1440);

Deleted : user_pref("CT2504091.SearchInNewTabLastCheckTime", "Tue Aug 02 2011 01:12:47 GMT-0500 (Central Dayli[...]

Deleted : user_pref("CT2504091.SearchInNewTabServiceUrl", "hxxp://newtab.conduit-hosting.com/newtab/?ctid=EB_T[...]

Deleted : user_pref("CT2504091.SearchInNewTabUsageUrl", "hxxp://Usage.Hosting.conduit-services.com/UsageServic[...]

Deleted : user_pref("CT2504091.SearchProtectorEnabled", true);

Deleted : user_pref("CT2504091.SearchProtectorToolbarDisabled", false);

Deleted : user_pref("CT2504091.ServiceMapLastCheckTime", "Sat Dec 15 2012 22:42:56 GMT-0600 (Central Standard [...]

Deleted : user_pref("CT2504091.SettingsLastCheckTime", "Tue Aug 02 2011 01:12:38 GMT-0500 (Central Daylight Ti[...]

Deleted : user_pref("CT2504091.SettingsLastUpdate", "1312221633");

Deleted : user_pref("CT2504091.ThirdPartyComponentsInterval", 504);

Deleted : user_pref("CT2504091.ThirdPartyComponentsLastCheck", "Tue Aug 02 2011 01:12:36 GMT-0500 (Central Day[...]

Deleted : user_pref("CT2504091.ThirdPartyComponentsLastUpdate", "1246786978");

Deleted : user_pref("CT2504091.ToolbarShrinkedFromSetup", false);

Deleted : user_pref("CT2504091.TrusteLinkUrl", "hxxp://trust.conduit.com/CT2504091");

Deleted : user_pref("CT2504091.TrustedApiDomains", "conduit.com,conduit-hosting.com,conduit-services.com,clien[...]

Deleted : user_pref("CT2504091.UserID", "UN99956971076801522");

Deleted : user_pref("CT2504091.alertChannelId", "897164");

Deleted : user_pref("CT2504091.ct2504091.AppTrackingLastCheckTime", "Fri Aug 05 2011 14:27:33 GMT-0500 (Centra[...]

Deleted : user_pref("CT2504091.ct2504091.DialogsAlignMode", "LTR");

Deleted : user_pref("CT2504091.ct2504091.FeedLastCount129079840422964131", 10);

Deleted : user_pref("CT2504091.ct2504091.LanguagePackLastCheckTime", "Sat Dec 15 2012 08:42:57 GMT-0600 (Centr[...]

Deleted : user_pref("CT2504091.ct2504091.Locale", "en-us");

Deleted : user_pref("CT2504091.ct2504091.SearchInNewTabLastCheckTime", "Sat Dec 15 2012 08:42:55 GMT-0600 (Cen[...]

Deleted : user_pref("CT2504091.ct2504091.SettingsLastCheckTime", "Sat Dec 15 2012 22:07:47 GMT-0600 (Central S[...]

Deleted : user_pref("CT2504091.ct2504091.SettingsLastUpdate", "1354704805");

Deleted : user_pref("CT2504091.ct2504091.ThirdPartyComponentsLastCheck", "Tue Aug 02 2011 01:12:44 GMT-0500 (C[...]

Deleted : user_pref("CT2504091.ct2504091.ThirdPartyComponentsLastUpdate", "1246786978");

Deleted : user_pref("CT2504091.ct2504091.globalFirstTimeInfoLastCheckTime", "Fri Aug 05 2011 13:42:18 GMT-0500[...]

Deleted : user_pref("CT2504091.ct2504091.toolbarAppMetaDataLastCheckTime", "Sat Dec 15 2012 08:42:57 GMT-0600 [...]

Deleted : user_pref("CT2504091.ct2504091.toolbarContextMenuLastCheckTime", "Tue Aug 02 2011 01:12:56 GMT-0500 [...]

Deleted : user_pref("CT2504091.generalConfigFromLogin", "{\"ApiMaxAlerts\":\"12\",\"SocialDomains\":\"social.c[...]

Deleted : user_pref("CT2504091.globalFirstTimeInfoLastCheckTime", "Tue Aug 02 2011 01:12:44 GMT-0500 (Central [...]

Deleted : user_pref("CT2504091.homepageProtectorEnableByLogin", true);

Deleted : user_pref("CT2504091.initDone", true);

Deleted : user_pref("CT2504091.isAppTrackingManagerOn", true);

Deleted : user_pref("CT2504091.myStuffEnabled", true);

Deleted : user_pref("CT2504091.myStuffPublihserMinWidth", 400);

Deleted : user_pref("CT2504091.myStuffSearchUrl", "hxxp://Apps.conduit.com/search?q=SEARCH_TERM&SearchSourceOr[...]

Deleted : user_pref("CT2504091.myStuffServiceIntervalMM", 1440);

Deleted : user_pref("CT2504091.myStuffServiceUrl", "hxxp://mystuff.conduit-services.com/MyStuffService.ashx?Co[...]

Deleted : user_pref("CT2504091.oldAppsList", "129079840421557838,129079840422026594,111,129079849636241789,129[...]

Deleted : user_pref("CT2504091.revertSettingsEnabled", true);

Deleted : user_pref("CT2504091.searchProtectorDialogDelayInSec", 10);

Deleted : user_pref("CT2504091.searchProtectorEnableByLogin", true);

Deleted : user_pref("CT2504091.testingCtid", "");

Deleted : user_pref("CT2504091.toolbarAppMetaDataLastCheckTime", "Tue Aug 02 2011 01:12:44 GMT-0500 (Central D[...]

Deleted : user_pref("CT2504091.toolbarContextMenuLastCheckTime", "Tue Aug 02 2011 01:12:55 GMT-0500 (Central D[...]

Deleted : user_pref("CT2504091.usagesFlag", 2);

Deleted : user_pref("CT2720081..clientLogIsEnabled", false);

Deleted : user_pref("CT2720081..clientLogServiceUrl", "hxxp://clientlog.users.conduit.com/ClientDiagnostics.as[...]

Deleted : user_pref("CT2720081..uninstallLogServiceUrl", "hxxp://uninstall.users.conduit.com/Uninstall.asmx/Re[...]

Deleted : user_pref("CT2720081.ALLOW_SHOWING_HIDDEN_TOOLBAR", false);

Deleted : user_pref("CT2720081.AboutPrivacyUrl", "hxxp://www.conduit.com/privacy/Default.aspx");

Deleted : user_pref("CT2720081.AppTrackingLastCheckTime", "Tue Oct 23 2012 13:05:37 GMT-0500 (Central Daylight[...]

Deleted : user_pref("CT2720081.CTID", "CT2720081");

Deleted : user_pref("CT2720081.CurrentServerDate", "30-10-2012");

Deleted : user_pref("CT2720081.DialogsAlignMode", "LTR");

Deleted : user_pref("CT2720081.DialogsGetterLastCheckTime", "Sat Dec 15 2012 08:32:12 GMT-0600 (Central Standa[...]

Deleted : user_pref("CT2720081.DownloadReferralCookieData", "");

Deleted : user_pref("CT2720081.EMailNotifierPollDate", "Sat Dec 15 2012 22:42:55 GMT-0600 (Central Standard Ti[...]

Deleted : user_pref("CT2720081.FeedLastCount129248891425073064", 200);

Deleted : user_pref("CT2720081.FeedPollDate129225116238185771", "Sat Dec 15 2012 22:07:45 GMT-0600 (Central St[...]

Deleted : user_pref("CT2720081.FeedPollDate129225147492879732", "Sat Dec 15 2012 22:07:45 GMT-0600 (Central St[...]

Deleted : user_pref("CT2720081.FeedPollDate129245643951202078", "Sat Dec 15 2012 22:07:45 GMT-0600 (Central St[...]

Deleted : user_pref("CT2720081.FeedPollDate129245643951202084", "Sat Dec 15 2012 22:07:45 GMT-0600 (Central St[...]

Deleted : user_pref("CT2720081.FeedTTL129225116238185771", 40);

Deleted : user_pref("CT2720081.FeedTTL129225147492879732", 40);

Deleted : user_pref("CT2720081.FeedTTL129245643951202078", 40);

Deleted : user_pref("CT2720081.FeedTTL129245643951202084", 40);

Deleted : user_pref("CT2720081.FirstServerDate", "21-9-2010");

Deleted : user_pref("CT2720081.FirstTime", true);

Deleted : user_pref("CT2720081.FirstTimeFF3", true);

Deleted : user_pref("CT2720081.FirstTimeSettingsDone", true);

Deleted : user_pref("CT2720081.FixPageNotFoundErrors", true);

Deleted : user_pref("CT2720081.GroupingServerCheckInterval", 1440);

Deleted : user_pref("CT2720081.GroupingServiceUrl", "hxxp://grouping.services.conduit.com/");

Deleted : user_pref("CT2720081.HasUserGlobalKeys", true);

Deleted : user_pref("CT2720081.HomePageProtectorEnabled", false);

Deleted : user_pref("CT2720081.Initialize", true);

Deleted : user_pref("CT2720081.InitializeCommonPrefs", true);

Deleted : user_pref("CT2720081.InstallationAndCookieDataSentCount", 3);

Deleted : user_pref("CT2720081.InstallationType", "UnknownIntegration");

Deleted : user_pref("CT2720081.InstalledDate", "Mon Sep 20 2010 18:14:36 GMT-0500 (Central Daylight Time)");

Deleted : user_pref("CT2720081.InvalidateCache", false);

Deleted : user_pref("CT2720081.IsAlertDBUpdated", true);

Deleted : user_pref("CT2720081.IsGrouping", false);

Deleted : user_pref("CT2720081.IsMulticommunity", false);

Deleted : user_pref("CT2720081.IsOpenThankYouPage", false);

Deleted : user_pref("CT2720081.IsOpenUninstallPage", true);

Deleted : user_pref("CT2720081.LanguagePackLastCheckTime", "Sat Dec 15 2012 08:32:12 GMT-0600 (Central Standar[...]

Deleted : user_pref("CT2720081.LanguagePackReloadIntervalMM", 1440);

Deleted : user_pref("CT2720081.LanguagePackServiceUrl", "hxxp://translation.users.conduit.com/Translation.ashx[...]

Deleted : user_pref("CT2720081.LastLogin_2.7.2.0", "Fri Oct 01 2010 02:54:29 GMT-0500 (Central Daylight Time)"[...]

Deleted : user_pref("CT2720081.LastLogin_3.15.1.0", "Sat Dec 15 2012 21:06:59 GMT-0600 (Central Standard Time)[...]

Deleted : user_pref("CT2720081.LastLogin_3.6.0.10", "Tue Oct 23 2012 13:04:11 GMT-0500 (Central Daylight Time)[...]

Deleted : user_pref("CT2720081.LatestVersion", "3.14.1.0");

Deleted : user_pref("CT2720081.Locale", "en");

Deleted : user_pref("CT2720081.LoginCache", 4);

Deleted : user_pref("CT2720081.MCDetectTooltipHeight", "83");

Deleted : user_pref("CT2720081.MCDetectTooltipUrl", "hxxp://@EB_INSTALL_LINK@/rank/tooltip/?version=1");

Deleted : user_pref("CT2720081.MCDetectTooltipWidth", "295");

Deleted : user_pref("CT2720081.MyStuffEnabledAtInstallation", true);

Deleted : user_pref("CT2720081.RadioIsPodcast", false);

Deleted : user_pref("CT2720081.RadioLastCheckTime", "Sat Dec 15 2012 08:32:13 GMT-0600 (Central Standard Time)[...]

Deleted : user_pref("CT2720081.RadioLastUpdateIPServer", "3");

Deleted : user_pref("CT2720081.RadioLastUpdateServer", "129248947734170000");

Deleted : user_pref("CT2720081.RadioMediaID", "21079850");

Deleted : user_pref("CT2720081.RadioMediaType", "Media Player");

Deleted : user_pref("CT2720081.RadioMenuSelectedID", "EBRadioMenu_CT272008121079850");

Deleted : user_pref("CT2720081.RadioShrinkedFromSetup", false);

Deleted : user_pref("CT2720081.RadioStationName", "AHL%20-%20Grand%20Rapids%20Griffins");

Deleted : user_pref("CT2720081.RadioStationURL", "hxxp://cdncon.wm.llnwd.net/cdncon_neulion1_ahl_griffins?eid=[...]

Deleted : user_pref("CT2720081.SearchEngine", "Search||hxxp://search.conduit.com/Results.aspx?q=UCM_SEARCH_TER[...]

Deleted : user_pref("CT2720081.SearchEngineBeforeUnload", "Ask.com");

Deleted : user_pref("CT2720081.SearchFromAddressBarIsInit", true);

Deleted : user_pref("CT2720081.SearchFromAddressBarUrl", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT272[...]

Deleted : user_pref("CT2720081.SearchInNewTabEnabled", true);

Deleted : user_pref("CT2720081.SearchInNewTabIntervalMM", 1440);

Deleted : user_pref("CT2720081.SearchInNewTabLastCheckTime", "Sat Dec 15 2012 08:32:11 GMT-0600 (Central Stand[...]

Deleted : user_pref("CT2720081.SearchInNewTabServiceUrl", "hxxp://newtab.conduit-hosting.com/newtab/?ctid=EB_T[...]

Deleted : user_pref("CT2720081.SearchInNewTabUsageUrl", "hxxp://usage.hosting.toolbar.conduit-services.com/usa[...]

Deleted : user_pref("CT2720081.SearchProtectorEnabled", false);

Deleted : user_pref("CT2720081.SearchProtectorToolbarDisabled", false);

Deleted : user_pref("CT2720081.ServiceMapLastCheckTime", "Sat Dec 15 2012 08:32:11 GMT-0600 (Central Standard [...]

Deleted : user_pref("CT2720081.SettingsCheckIntervalMin", 120);

Deleted : user_pref("CT2720081.SettingsLastCheckTime", "Sat Dec 15 2012 21:32:01 GMT-0600 (Central Standard Ti[...]

Deleted : user_pref("CT2720081.SettingsLastUpdate", "1354706882");

Deleted : user_pref("CT2720081.ThirdPartyComponentsInterval", 504);

Deleted : user_pref("CT2720081.ThirdPartyComponentsLastCheck", "Mon Dec 10 2012 09:31:36 GMT-0600 (Central Sta[...]

Deleted : user_pref("CT2720081.ThirdPartyComponentsLastUpdate", "1331805997");

Deleted : user_pref("CT2720081.ToolbarShrinkedFromSetup", false);

Deleted : user_pref("CT2720081.TrusteLinkUrl", "hxxp://trust.conduit.com/CT2720081");

Deleted : user_pref("CT2720081.TrustedApiDomains", "conduit.com,conduit-hosting.com,conduit-services.com,clien[...]

Deleted : user_pref("CT2720081.UserID", "UN66813298446950866");

Deleted : user_pref("CT2720081.ValidationData_Toolbar", 2);

Deleted : user_pref("CT2720081.WeatherNetwork", "");

Deleted : user_pref("CT2720081.WeatherPollDate", "Sat Dec 15 2012 22:42:56 GMT-0600 (Central Standard Time)");

Deleted : user_pref("CT2720081.WeatherUnit", "F");

Deleted : user_pref("CT2720081.alertChannelId", "1112366");

Deleted : user_pref("CT2720081.backendstorage.ct2720081ads1", "25374225323261647325323225334125354225374225323[...]

Deleted : user_pref("CT2720081.backendstorage.ct2720081current_term", "");

Deleted : user_pref("CT2720081.backendstorage.ct2720081sdate", "3135");

Deleted : user_pref("CT2720081.backendstorage.hxxp://api16_thetrafficstat_net.pid2", "353339383937313533333037[...]

Deleted : user_pref("CT2720081.backendstorage.hxxp://api18_thetrafficstat_net.pid2", "646566353335303235303961[...]

Deleted : user_pref("CT2720081.backendstorage.hxxp://api19_thetrafficstat_net.pid2", "613531313137613531383764[...]

Deleted : user_pref("CT2720081.backendstorage.hxxp://api20_thetrafficstat_net.pid2", "613531313137613531383764[...]

Deleted : user_pref("CT2720081.backendstorage.hxxp://api21_thetrafficstat_net.pid2", "643333306439643236313564[...]

Deleted : user_pref("CT2720081.backendstorage.hxxp://api22_thetrafficstat_net.pid2", "363364393462386264613330[...]

Deleted : user_pref("CT2720081.backendstorage.hxxp://api25_thetrafficstat_net.pid2", "333530356330363364303534[...]

Deleted : user_pref("CT2720081.backendstorage.hxxp://api29_thetrafficstat_net.pid2", "623335333735323963643336[...]

Deleted : user_pref("CT2720081.backendstorage.hxxp://api31_thetrafficstat_net.pid2", "633562383831393839643638[...]

Deleted : user_pref("CT2720081.clientLogIsEnabled", true);

Deleted : user_pref("CT2720081.clientLogServiceUrl", "hxxp://clientlog.users.conduit.com/ClientDiagnostics.asm[...]

Deleted : user_pref("CT2720081.generalConfigFromLogin", "{\"ApiMaxAlerts\":\"12\",\"SocialDomains\":\"social.c[...]

Deleted : user_pref("CT2720081.globalFirstTimeInfoLastCheckTime", "Mon Dec 10 2012 09:31:36 GMT-0600 (Central [...]

Deleted : user_pref("CT2720081.homepageProtectorEnableByLogin", true);

Deleted : user_pref("CT2720081.initDone", true);

Deleted : user_pref("CT2720081.isAppTrackingManagerOn", false);

Deleted : user_pref("CT2720081.isFirstRadioInstallation", false);

Deleted : user_pref("CT2720081.myStuffEnabled", true);

Deleted : user_pref("CT2720081.myStuffPublihserMinWidth", 400);

Deleted : user_pref("CT2720081.myStuffSearchUrl", "hxxp://Apps.conduit.com/search?q=SEARCH_TERM&SearchSourceOr[...]

Deleted : user_pref("CT2720081.myStuffServiceIntervalMM", 1440);

Deleted : user_pref("CT2720081.myStuffServiceUrl", "hxxp://mystuff.conduit-services.com/MyStuffService.ashx?Co[...]

Deleted : user_pref("CT2720081.oldAppsList", "129246060025636489,129246060025636490,111,4221156542888680494,12[...]

Deleted : user_pref("CT2720081.searchProtectorDialogDelayInSec", 10);

Deleted : user_pref("CT2720081.searchProtectorEnableByLogin", true);

Deleted : user_pref("CT2720081.testingCtid", "");

Deleted : user_pref("CT2720081.toolbarAppMetaDataLastCheckTime", "Sat Dec 15 2012 08:32:12 GMT-0600 (Central S[...]

Deleted : user_pref("CT2720081.toolbarContextMenuLastCheckTime", "Mon Dec 10 2012 09:31:36 GMT-0600 (Central S[...]

Deleted : user_pref("CT2720081.uninstallLogServiceUrl", "hxxp://uninstall.users.conduit.com/Uninstall.asmx/Reg[...]

Deleted : user_pref("CT2720081.usagesFlag", 2);

Deleted : user_pref("CT2856415..clientLogIsEnabled", false);

Deleted : user_pref("CT2856415..clientLogServiceUrl", "hxxp://clientlog.users.conduit.com/ClientDiagnostics.as[...]

Deleted : user_pref("CT2856415..uninstallLogServiceUrl", "hxxp://uninstall.users.conduit.com/Uninstall.asmx/Re[...]

Deleted : user_pref("CT2856415.ALLOW_SHOWING_HIDDEN_TOOLBAR", false);

Deleted : user_pref("CT2856415.AboutPrivacyUrl", "hxxp://www.conduit.com/privacy/Default.aspx");

Deleted : user_pref("CT2856415.BrowserCompStateIsOpen_129502651137682069", true);

Deleted : user_pref("CT2856415.BrowserCompStateIsOpen_129560745131733767", true);

Deleted : user_pref("CT2856415.BrowserCompStateIsOpen_129683315081957463", true);

Deleted : user_pref("CT2856415.CTID", "CT2856415");

Deleted : user_pref("CT2856415.CurrentServerDate", "16-12-2012");

Deleted : user_pref("CT2856415.DialogsAlignMode", "LTR");

Deleted : user_pref("CT2856415.DialogsGetterLastCheckTime", "Sat Dec 15 2012 08:32:08 GMT-0600 (Central Standa[...]

Deleted : user_pref("CT2856415.DownloadReferralCookieData", "");

Deleted : user_pref("CT2856415.ExternalComponentPollDate129400801613475328", "Thu Feb 24 2011 07:44:29 GMT-060[...]

Deleted : user_pref("CT2856415.FirstServerDate", "15-12-2010");

Deleted : user_pref("CT2856415.FirstTime", true);

Deleted : user_pref("CT2856415.FirstTimeFF3", true);

Deleted : user_pref("CT2856415.FixPageNotFoundErrors", true);

Deleted : user_pref("CT2856415.GroupingServerCheckInterval", 1440);

Deleted : user_pref("CT2856415.GroupingServiceUrl", "hxxp://grouping.services.conduit.com/");

Deleted : user_pref("CT2856415.HasUserGlobalKeys", true);

Deleted : user_pref("CT2856415.Initialize", true);

Deleted : user_pref("CT2856415.InitializeCommonPrefs", true);

Deleted : user_pref("CT2856415.InstallationAndCookieDataSentCount", 3);

Deleted : user_pref("CT2856415.InstalledDate", "Wed Dec 15 2010 14:11:58 GMT-0600 (Central Standard Time)");

Deleted : user_pref("CT2856415.InvalidateCache", false);

Deleted : user_pref("CT2856415.IsGrouping", false);

Deleted : user_pref("CT2856415.IsMulticommunity", false);

Deleted : user_pref("CT2856415.IsOpenThankYouPage", true);

Deleted : user_pref("CT2856415.IsOpenUninstallPage", true);

Deleted : user_pref("CT2856415.LanguagePackLastCheckTime", "Sat Dec 15 2012 08:32:08 GMT-0600 (Central Standar[...]

Deleted : user_pref("CT2856415.LanguagePackReloadIntervalMM", 1440);

Deleted : user_pref("CT2856415.LanguagePackServiceUrl", "hxxp://translation.users.conduit.com/Translation.ashx[...]

Deleted : user_pref("CT2856415.LastLogin_3.15.1.0", "Sat Dec 15 2012 22:07:41 GMT-0600 (Central Standard Time)[...]

Deleted : user_pref("CT2856415.LastLogin_3.2.5.2", "Fri Feb 25 2011 06:31:03 GMT-0600 (Central Standard Time)"[...]

Deleted : user_pref("CT2856415.LatestVersion", "3.16.0.3");

Deleted : user_pref("CT2856415.Locale", "en");

Deleted : user_pref("CT2856415.MCDetectTooltipHeight", "83");

Deleted : user_pref("CT2856415.MCDetectTooltipShow", false);

Deleted : user_pref("CT2856415.MCDetectTooltipUrl", "hxxp://@EB_INSTALL_LINK@/rank/tooltip/?version=1");

Deleted : user_pref("CT2856415.MCDetectTooltipWidth", "295");

Deleted : user_pref("CT2856415.MyStuffEnabledAtInstallation", true);

Deleted : user_pref("CT2856415.RadioIsPodcast", false);

Deleted : user_pref("CT2856415.RadioLastCheckTime", "Fri Feb 25 2011 06:11:14 GMT-0600 (Central Standard Time)[...]

Deleted : user_pref("CT2856415.RadioLastUpdateIPServer", "3");

Deleted : user_pref("CT2856415.RadioLastUpdateServer", "129400869186670000");

Deleted : user_pref("CT2856415.RadioMediaID", "21753721");

Deleted : user_pref("CT2856415.RadioMediaType", "Media Player");

Deleted : user_pref("CT2856415.RadioMenuSelectedID", "EBRadioMenu_CT285641521753721");

Deleted : user_pref("CT2856415.RadioStationName", "California%20Rock%20-%20Rock");

Deleted : user_pref("CT2856415.RadioStationURL", "hxxp://www.feedlive.net/california.asx");

Deleted : user_pref("CT2856415.SavedHomepage", "hxxp://search.babylon.com/home?AF=14542");

Deleted : user_pref("CT2856415.SearchFromAddressBarIsInit", true);

Deleted : user_pref("CT2856415.SearchFromAddressBarUrl", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT285[...]

Deleted : user_pref("CT2856415.SearchInNewTabEnabled", true);

Deleted : user_pref("CT2856415.SearchInNewTabIntervalMM", 1440);

Deleted : user_pref("CT2856415.SearchInNewTabLastCheckTime", "Sat Dec 15 2012 08:32:08 GMT-0600 (Central Stand[...]

Deleted : user_pref("CT2856415.SearchInNewTabServiceUrl", "hxxp://newtab.conduit-hosting.com/newtab/?ctid=EB_T[...]

Deleted : user_pref("CT2856415.SearchInNewTabUsageUrl", "hxxp://Usage.Hosting.conduit-services.com/UsageServic[...]

Deleted : user_pref("CT2856415.ServiceMapLastCheckTime", "Sat Dec 15 2012 08:32:08 GMT-0600 (Central Standard [...]

Deleted : user_pref("CT2856415.SettingsLastCheckTime", "Sat Dec 15 2012 22:07:39 GMT-0600 (Central Standard Ti[...]

Deleted : user_pref("CT2856415.SettingsLastUpdate", "1354704805");

Deleted : user_pref("CT2856415.ThirdPartyComponentsInterval", 504);

Deleted : user_pref("CT2856415.ThirdPartyComponentsLastCheck", "Sat Feb 19 2011 23:11:06 GMT-0600 (Central Sta[...]

Deleted : user_pref("CT2856415.ThirdPartyComponentsLastUpdate", "1246790578");

Deleted : user_pref("CT2856415.ToolbarShrinkedFromSetup", false);

Deleted : user_pref("CT2856415.TrusteLinkUrl", "hxxp://trust.conduit.com/CT2856415");

Deleted : user_pref("CT2856415.TrustedApiDomains", "conduit.com,conduit-hosting.com,conduit-services.com,clien[...]

Deleted : user_pref("CT2856415.UserID", "UN09260497554917901");

Deleted : user_pref("CT2856415.ValidationData_Toolbar", 2);

Deleted : user_pref("CT2856415.WeatherNetwork", "");

Deleted : user_pref("CT2856415.WeatherPollDate", "Fri Feb 25 2011 10:15:23 GMT-0600 (Central Standard Time)");

Deleted : user_pref("CT2856415.WeatherUnit", "F");

Deleted : user_pref("CT2856415.alertChannelId", "1248439");

Deleted : user_pref("CT2856415.backendstorage._fb_dailyactivity", "31323938353933383639373836");

Deleted : user_pref("CT2856415.backendstorage._fb_lifetimesent", "54525545");

Deleted : user_pref("CT2856415.backendstorage.facebook_ctid_connect_send", "73656E646564");

Deleted : user_pref("CT2856415.backendstorage.facebook_mode", "32");

Deleted : user_pref("CT2856415.backendstorage.facebook_user_first_login_date", "30332F30322F32303131");

Deleted : user_pref("CT2856415.backendstorage.facebook_user_locale", "656E");

Deleted : user_pref("CT2856415.backendstorage.facebook_user_survey_visit", "4E4F545F56495349544544");

Deleted : user_pref("CT2856415.backendstorage.hxxp://facebook_conduitapps_com/v3_2_1.facebook_ctid_connect_sen[...]

Deleted : user_pref("CT2856415.generalConfigFromLogin", "{\"ApiMaxAlerts\":\"12\",\"SocialDomains\":\"social.c[...]

Deleted : user_pref("CT2856415.homepageProtectorEnableByLogin", true);

Deleted : user_pref("CT2856415.initDone", true);

Deleted : user_pref("CT2856415.myStuffEnabled", true);

Deleted : user_pref("CT2856415.myStuffPublihserMinWidth", 400);

Deleted : user_pref("CT2856415.myStuffSearchUrl", "hxxp://Apps.conduit.com/search?q=SEARCH_TERM&SearchSourceOr[...]

Deleted : user_pref("CT2856415.myStuffServiceIntervalMM", 1440);

Deleted : user_pref("CT2856415.myStuffServiceUrl", "hxxp://mystuff.conduit-services.com/MyStuffService.ashx?Co[...]

Deleted : user_pref("CT2856415.revertSettingsEnabled", false);

Deleted : user_pref("CT2856415.searchProtectorDialogDelayInSec", 10);

Deleted : user_pref("CT2856415.searchProtectorEnableByLogin", true);

Deleted : user_pref("CT2856415.testingCtid", "");

Deleted : user_pref("CT2856415.toolbarAppMetaDataLastCheckTime", "Sat Dec 15 2012 08:32:08 GMT-0600 (Central S[...]

Deleted : user_pref("CT2856415.toolbarContextMenuLastCheckTime", "Sat Jan 29 2011 05:27:21 GMT-0600 (Central S[...]

Deleted : user_pref("CT2856415.usagesFlag", 2);

Deleted : user_pref("CT2857571..clientLogIsEnabled", false);

Deleted : user_pref("CT2857571..clientLogServiceUrl", "hxxp://clientlog.users.conduit.com/ClientDiagnostics.as[...]

Deleted : user_pref("CT2857571..uninstallLogServiceUrl", "hxxp://uninstall.users.conduit.com/Uninstall.asmx/Re[...]

Deleted : user_pref("CT2857571.ALLOW_SHOWING_HIDDEN_TOOLBAR", false);

Deleted : user_pref("CT2857571.AboutPrivacyUrl", "hxxp://www.conduit.com/privacy/Default.aspx");

Deleted : user_pref("CT2857571.BrowserCompStateIsOpen_1080744172", true);

Deleted : user_pref("CT2857571.BrowserCompStateIsOpen_129880153920461937", true);

Deleted : user_pref("CT2857571.BrowserCompStateIsOpen_3544786780", true);

Deleted : user_pref("CT2857571.CTID", "CT2857571");

Deleted : user_pref("CT2857571.CurrentServerDate", "16-12-2012");

Deleted : user_pref("CT2857571.DialogsAlignMode", "LTR");

Deleted : user_pref("CT2857571.DialogsGetterLastCheckTime", "Sat Dec 15 2012 08:32:10 GMT-0600 (Central Standa[...]

Deleted : user_pref("CT2857571.DownloadReferralCookieData", "");

Deleted : user_pref("CT2857571.ExternalComponentPollDate129356795173412782", "Thu Feb 24 2011 07:44:29 GMT-060[...]

Deleted : user_pref("CT2857571.FirstServerDate", "15-12-2010");

Deleted : user_pref("CT2857571.FirstTime", true);

Deleted : user_pref("CT2857571.FirstTimeFF3", true);

Deleted : user_pref("CT2857571.FixPageNotFoundErrors", true);

Deleted : user_pref("CT2857571.GroupingServerCheckInterval", 1440);

Deleted : user_pref("CT2857571.GroupingServiceUrl", "hxxp://grouping.services.conduit.com/");

Deleted : user_pref("CT2857571.HasUserGlobalKeys", true);

Deleted : user_pref("CT2857571.Initialize", true);

Deleted : user_pref("CT2857571.InitializeCommonPrefs", true);

Deleted : user_pref("CT2857571.InstallationAndCookieDataSentCount", 3);

Deleted : user_pref("CT2857571.InstalledDate", "Wed Dec 15 2010 14:11:58 GMT-0600 (Central Standard Time)");

Deleted : user_pref("CT2857571.InvalidateCache", false);

Deleted : user_pref("CT2857571.IsGrouping", false);

Deleted : user_pref("CT2857571.IsMulticommunity", false);

Deleted : user_pref("CT2857571.IsOpenThankYouPage", true);

Deleted : user_pref("CT2857571.IsOpenUninstallPage", true);

Deleted : user_pref("CT2857571.LanguagePackLastCheckTime", "Sat Dec 15 2012 08:32:10 GMT-0600 (Central Standar[...]

Deleted : user_pref("CT2857571.LanguagePackReloadIntervalMM", 1440);

Deleted : user_pref("CT2857571.LanguagePackServiceUrl", "hxxp://translation.users.conduit.com/Translation.ashx[...]

Deleted : user_pref("CT2857571.LastLogin_3.15.1.0", "Sat Dec 15 2012 22:07:40 GMT-0600 (Central Standard Time)[...]

Deleted : user_pref("CT2857571.LastLogin_3.2.5.2", "Fri Feb 25 2011 06:31:01 GMT-0600 (Central Standard Time)"[...]

Deleted : user_pref("CT2857571.LatestVersion", "3.16.0.3");

Deleted : user_pref("CT2857571.Locale", "en");

Deleted : user_pref("CT2857571.MCDetectTooltipHeight", "83");

Deleted : user_pref("CT2857571.MCDetectTooltipUrl", "hxxp://@EB_INSTALL_LINK@/rank/tooltip/?version=1");

Deleted : user_pref("CT2857571.MCDetectTooltipWidth", "295");

Deleted : user_pref("CT2857571.MyStuffEnabledAtInstallation", true);

Deleted : user_pref("CT2857571.RadioIsPodcast", false);

Deleted : user_pref("CT2857571.RadioLastCheckTime", "Fri Feb 25 2011 06:11:14 GMT-0600 (Central Standard Time)[...]

Deleted : user_pref("CT2857571.RadioLastUpdateIPServer", "3");

Deleted : user_pref("CT2857571.RadioLastUpdateServer", "3");

Deleted : user_pref("CT2857571.RadioMediaID", "9962");

Deleted : user_pref("CT2857571.RadioMediaType", "Media Player");

Deleted : user_pref("CT2857571.RadioMenuSelectedID", "EBRadioMenu_CT28575719962");

Deleted : user_pref("CT2857571.RadioStationName", "California%20Rock");

Deleted : user_pref("CT2857571.RadioStationURL", "hxxp://feedlive.net/california.asx");

Deleted : user_pref("CT2857571.SHRINK_TOOLBAR", 1);

Deleted : user_pref("CT2857571.SavedHomepage", "hxxp://search.conduit.com/?ctid=CT2856415&SearchSource=13");

Deleted : user_pref("CT2857571.SearchFromAddressBarIsInit", true);

Deleted : user_pref("CT2857571.SearchFromAddressBarUrl", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT285[...]

Deleted : user_pref("CT2857571.SearchInNewTabEnabled", true);

Deleted : user_pref("CT2857571.SearchInNewTabIntervalMM", 1440);

Deleted : user_pref("CT2857571.SearchInNewTabLastCheckTime", "Sat Dec 15 2012 08:32:10 GMT-0600 (Central Stand[...]

Deleted : user_pref("CT2857571.SearchInNewTabServiceUrl", "hxxp://newtab.conduit-hosting.com/newtab/?ctid=EB_T[...]

Deleted : user_pref("CT2857571.SearchInNewTabUsageUrl", "hxxp://Usage.Hosting.conduit-services.com/UsageServic[...]

Deleted : user_pref("CT2857571.ServiceMapLastCheckTime", "Sat Dec 15 2012 08:32:10 GMT-0600 (Central Standard [...]

Deleted : user_pref("CT2857571.SettingsLastCheckTime", "Sat Dec 15 2012 22:07:39 GMT-0600 (Central Standard Ti[...]

Deleted : user_pref("CT2857571.SettingsLastUpdate", "1355061410");

Deleted : user_pref("CT2857571.ThirdPartyComponentsInterval", 504);

Deleted : user_pref("CT2857571.ThirdPartyComponentsLastCheck", "Sat Feb 19 2011 23:11:00 GMT-0600 (Central Sta[...]

Deleted : user_pref("CT2857571.ThirdPartyComponentsLastUpdate", "1246790578");

Deleted : user_pref("CT2857571.TrusteLinkUrl", "hxxp://trust.conduit.com/CT2857571");

Deleted : user_pref("CT2857571.TrustedApiDomains", "conduit.com,conduit-hosting.com,conduit-services.com,clien[...]

Deleted : user_pref("CT2857571.UserID", "UN08354161463962151");

Deleted : user_pref("CT2857571.ValidationData_Toolbar", 1);

Deleted : user_pref("CT2857571.WeatherNetwork", "");

Deleted : user_pref("CT2857571.WeatherPollDate", "Fri Feb 25 2011 10:15:25 GMT-0600 (Central Standard Time)");

Deleted : user_pref("CT2857571.WeatherUnit", "F");

Deleted : user_pref("CT2857571.alertChannelId", "1249593");

Deleted : user_pref("CT2857571.approveUntrustedApps", false);

Deleted : user_pref("CT2857571.backendstorage._fb_dailyactivity", "31323938353933383639393331");

Deleted : user_pref("CT2857571.backendstorage._fb_lifetimesent", "54525545");

Deleted : user_pref("CT2857571.backendstorage.facebook_ctid_connect_send", "73656E646564");

Deleted : user_pref("CT2857571.components.129356795173412782", false);

Deleted : user_pref("CT2857571.generalConfigFromLogin", "{\"ApiMaxAlerts\":\"12\",\"SocialDomains\":\"social.c[...]

Deleted : user_pref("CT2857571.homepageProtectorEnableByLogin", true);

Deleted : user_pref("CT2857571.initDone", true);

Deleted : user_pref("CT2857571.myStuffEnabled", true);

Deleted : user_pref("CT2857571.myStuffPublihserMinWidth", 400);

Deleted : user_pref("CT2857571.myStuffSearchUrl", "hxxp://Apps.conduit.com/search?q=SEARCH_TERM&SearchSourceOr[...]

Deleted : user_pref("CT2857571.myStuffServiceIntervalMM", 1440);

Deleted : user_pref("CT2857571.myStuffServiceUrl", "hxxp://mystuff.conduit-services.com/MyStuffService.ashx?Co[...]

Deleted : user_pref("CT2857571.revertSettingsEnabled", false);

Deleted : user_pref("CT2857571.searchProtectorDialogDelayInSec", 10);

Deleted : user_pref("CT2857571.searchProtectorEnableByLogin", true);

Deleted : user_pref("CT2857571.testingCtid", "");

Deleted : user_pref("CT2857571.toolbarAppMetaDataLastCheckTime", "Sat Dec 15 2012 08:32:10 GMT-0600 (Central S[...]

Deleted : user_pref("CT2857571.toolbarContextMenuLastCheckTime", "Sat Jan 29 2011 05:27:22 GMT-0600 (Central S[...]

Deleted : user_pref("CT2857571.usagesFlag", 2);

Deleted : user_pref("CommunityToolbar.CantToolbarBeEngineOwner", "CT2856415");

Deleted : user_pref("CommunityToolbar.ConduitHomepagesList", "hxxp://search.conduit.com/?ctid=CT2504091&Search[...]

Deleted : user_pref("CommunityToolbar.ConduitSearchList", "Web Search");

Deleted : user_pref("CommunityToolbar.ETag.hxxp://Settings.toolbar.search.conduit.com/root/CT2720081/CT2720081[...]

Deleted : user_pref("CommunityToolbar.ETag.hxxp://Settings.toolbar.search.conduit.com/root/CT2856415/CT2856415[...]

Deleted : user_pref("CommunityToolbar.ETag.hxxp://Settings.toolbar.search.conduit.com/root/CT2857571/CT2857571[...]

Deleted : user_pref("CommunityToolbar.ETag.hxxp://Settings.toolbar.search.conduit.com/root/ct2504091/CT2504091[...]

Deleted : user_pref("CommunityToolbar.ETag.hxxp://alerts.conduit-services.com/root/1063839/1059543/US", "\"0\"[...]

Deleted : user_pref("CommunityToolbar.ETag.hxxp://alerts.conduit-services.com/root/1112366/1108070/US", "\"0\"[...]

Deleted : user_pref("CommunityToolbar.ETag.hxxp://alerts.conduit-services.com/root/1112915/1108619/US", "\"0\"[...]

Deleted : user_pref("CommunityToolbar.ETag.hxxp://alerts.conduit-services.com/root/1168936/1164621/US", "\"0\"[...]

Deleted : user_pref("CommunityToolbar.ETag.hxxp://alerts.conduit-services.com/root/1242656/1238329/US", "\"0\"[...]

Deleted : user_pref("CommunityToolbar.ETag.hxxp://alerts.conduit-services.com/root/1248439/1244112/US", "\"0\"[...]

Deleted : user_pref("CommunityToolbar.ETag.hxxp://alerts.conduit-services.com/root/1249593/1245266/US", "\"0\"[...]

Deleted : user_pref("CommunityToolbar.ETag.hxxp://alerts.conduit-services.com/root/1331722/1327393/US", "\"0\"[...]

Deleted : user_pref("CommunityToolbar.ETag.hxxp://alerts.conduit-services.com/root/1391262/1386921/US", "\"0\"[...]

Deleted : user_pref("CommunityToolbar.ETag.hxxp://alerts.conduit-services.com/root/1434998/1430653/US", "\"0\"[...]

Deleted : user_pref("CommunityToolbar.ETag.hxxp://alerts.conduit-services.com/root/909619/905414/US", "\"0\"")[...]

Deleted : user_pref("CommunityToolbar.ETag.hxxp://alerts.conduit-services.com/root/997308/993027/US", "\"0\"")[...]

Deleted : user_pref("CommunityToolbar.ETag.hxxp://appsmetadata.toolbar.conduit-services.com/?ctid=CT2504091", [...]

Deleted : user_pref("CommunityToolbar.ETag.hxxp://appsmetadata.toolbar.conduit-services.com/?ctid=CT2720081", [...]

Deleted : user_pref("CommunityToolbar.ETag.hxxp://appsmetadata.toolbar.conduit-services.com/?ctid=CT2856415", [...]

Deleted : user_pref("CommunityToolbar.ETag.hxxp://appsmetadata.toolbar.conduit-services.com/?ctid=CT2857571", [...]

Deleted : user_pref("CommunityToolbar.ETag.hxxp://appsmetadata.toolbar.conduit-services.com/?ctid=ct2504091", [...]

Deleted : user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-services.com/?name=GottenApps&lo[...]

Deleted : user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-services.com/?name=GottenApps&lo[...]

Deleted : user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-services.com/?name=OtherApps&loc[...]

Deleted : user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-services.com/?name=OtherApps&loc[...]

Deleted : user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-services.com/?name=SharedApps&lo[...]

Deleted : user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-services.com/?name=SharedApps&lo[...]

Deleted : user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-services.com/?name=Toolbar&local[...]

Deleted : user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-services.com/?name=Toolbar&local[...]

Deleted : user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.alert.conduit-services.com/alert/dlg.pkg", "\[...]

Deleted : user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.engine.conduit-services.com/DLG.pkg?ver=3.3.3[...]

Deleted : user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.toolbar.conduit-services.com/DLG.pkg?ver=3.15[...]

Deleted : user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.toolbar.conduit-services.com/DLG.pkg?ver=3.5.[...]

Deleted : user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.toolbar.conduit-services.com/DLG.pkg?ver=3.6.[...]

Deleted : user_pref("CommunityToolbar.ETag.hxxp://servicemap.conduit-services.com/Toolbar/?ownerId=CT2504091",[...]

Deleted : user_pref("CommunityToolbar.ETag.hxxp://servicemap.conduit-services.com/Toolbar/?ownerId=CT2720081",[...]

Deleted : user_pref("CommunityToolbar.ETag.hxxp://servicemap.conduit-services.com/Toolbar/?ownerId=CT2856415",[...]

Deleted : user_pref("CommunityToolbar.ETag.hxxp://servicemap.conduit-services.com/Toolbar/?ownerId=CT2857571",[...]

Deleted : user_pref("CommunityToolbar.ETag.hxxp://servicemap.conduit-services.com/toolbar/", "\"63433363123173[...]

Deleted : user_pref("CommunityToolbar.ETag.hxxp://settings.engine.conduit-services.com/?browser=FF&lut=0", "63[...]

Deleted : user_pref("CommunityToolbar.ETag.hxxp://settings.engine.conduit-services.com/?browser=FF&lut=1/11/20[...]

Deleted : user_pref("CommunityToolbar.ETag.hxxp://settings.engine.conduit-services.com/?browser=FF&lut=11/8/20[...]

Deleted : user_pref("CommunityToolbar.ETag.hxxp://settings.engine.conduit-services.com/?browser=FF&lut=12/21/2[...]

Deleted : user_pref("CommunityToolbar.ETag.hxxp://settings.engine.conduit-services.com/?browser=FF&lut=12/27/2[...]

Deleted : user_pref("CommunityToolbar.ETag.hxxp://settings.engine.conduit-services.com/?browser=FF&lut=12/30/2[...]

Deleted : user_pref("CommunityToolbar.ETag.hxxp://settings.engine.conduit-services.com/?browser=FF&lut=3/13/20[...]

Deleted : user_pref("CommunityToolbar.ETag.hxxp://settings.toolbar.conduit-services.com/?ctid=CT2504091&octid=[...]

Deleted : user_pref("CommunityToolbar.ETag.hxxp://settings.toolbar.conduit-services.com/?ctid=CT2720081&octid=[...]

Deleted : user_pref("CommunityToolbar.ETag.hxxp://settings.toolbar.conduit-services.com/?ctid=ct2504091&octid=[...]

Deleted : user_pref("CommunityToolbar.ETag.hxxp://settings.toolbar.search.conduit.com/root/CT2856415/CT2856415[...]

Deleted : user_pref("CommunityToolbar.ETag.hxxp://settings.toolbar.search.conduit.com/root/CT2857571/CT2857571[...]

Deleted : user_pref("CommunityToolbar.ETag.hxxp://storage.conduit.com/BankImages/RadioSkins/Cornflower/equaliz[...]

Deleted : user_pref("CommunityToolbar.ETag.hxxp://storage.conduit.com/BankImages/RadioSkins/Cornflower/minimiz[...]

Deleted : user_pref("CommunityToolbar.ETag.hxxp://storage.conduit.com/BankImages/RadioSkins/Cornflower/play.gi[...]

Deleted : user_pref("CommunityToolbar.ETag.hxxp://storage.conduit.com/BankImages/RadioSkins/Cornflower/stop.gi[...]

Deleted : user_pref("CommunityToolbar.ETag.hxxp://storage.conduit.com/BankImages/RadioSkins/Cornflower/vol.gif[...]

Deleted : user_pref("CommunityToolbar.ETag.hxxp://translation.toolbar.conduit-services.com/?locale=EB_LOCALE",[...]

Deleted : user_pref("CommunityToolbar.ETag.hxxp://translation.toolbar.conduit-services.com/?locale=en", "\"f61[...]

Deleted : user_pref("CommunityToolbar.ETag.hxxp://translation.toolbar.conduit-services.com/?locale=en-us", "\"[...]

Deleted : user_pref("CommunityToolbar.ETag.hxxp://twitter.com/users/show/14293310.xml", "\"cd7a55e6a77a53e5285[...]

Deleted : user_pref("CommunityToolbar.ETag.hxxp://twitter.com/users/show/2557521.xml", "\"07b673cafbc98ede4095[...]

Deleted : user_pref("CommunityToolbar.ETag.hxxp://twitter.com/users/show/428333.xml", "\"464ed1a00aca0b3d64db9[...]

Deleted : user_pref("CommunityToolbar.ETag.hxxp://twitter.com/users/show/807095.xml", "\"7ba998177190f596bfaf5[...]

Deleted : user_pref("CommunityToolbar.EngineHiddenByUser", true);

Deleted : user_pref("CommunityToolbar.EngineOwner", "");

Deleted : user_pref("CommunityToolbar.EngineOwnerGuid", "{313a832a-aaf3-4880-a8d0-c42bee319c02}");

Deleted : user_pref("CommunityToolbar.EngineOwnerToolbarId", "elf_1.11");

Deleted : user_pref("CommunityToolbar.IsEngineShown", true);

Deleted : user_pref("CommunityToolbar.IsMyStuffImportedToEngine", true);

Deleted : user_pref("CommunityToolbar.LatestLibsPath", "file:///C:\\Users\\Braun\\AppData\\Roaming\\Mozilla\\F[...]

Deleted : user_pref("CommunityToolbar.LatestToolbarVersionInstalled", "3.15.1.0");

Deleted : user_pref("CommunityToolbar.MiniIPageGadgetPosition.hxxp://games.beatsud.com/game/aa.html", "171x135[...]

Deleted : user_pref("CommunityToolbar.MiniIPageGadgetPosition.hxxp://storage.conduit.com/MarketPlace/6e/73/6e0[...]

Deleted : user_pref("CommunityToolbar.MiniIPageGadgetSize.hxxp://gmaps.conduitapps.com/v3.1.0/gadget.html", "8[...]

Deleted : user_pref("CommunityToolbar.OriginalEngineOwner", "CT2857571");

Deleted : user_pref("CommunityToolbar.OriginalEngineOwnerGuid", "{313a832a-aaf3-4880-a8d0-c42bee319c02}");

Deleted : user_pref("CommunityToolbar.OriginalEngineOwnerToolbarId", "elf_1.11");

Deleted : user_pref("CommunityToolbar.ToolbarsList", "CT2720081,CT2857571,CT2856415,CT2504091");

Deleted : user_pref("CommunityToolbar.ToolbarsList2", "CT2720081,CT2856415,CT2857571,CT2504091");

Deleted : user_pref("CommunityToolbar.ToolbarsList4", "CT2504091");

Deleted : user_pref("CommunityToolbar.alert.alertDialogsGetterLastCheckTime", "Tue Oct 23 2012 13:03:52 GMT-05[...]

Deleted : user_pref("CommunityToolbar.alert.alertInfoInterval", 1440);

Deleted : user_pref("CommunityToolbar.alert.alertInfoLastCheckTime", "Tue Oct 23 2012 14:04:08 GMT-0500 (Centr[...]

Deleted : user_pref("CommunityToolbar.alert.clientsServerUrl", "hxxp://alert.client.conduit.com");

Deleted : user_pref("CommunityToolbar.alert.firstTimeAlertShown", true);

Deleted : user_pref("CommunityToolbar.alert.locale", "en");

Deleted : user_pref("CommunityToolbar.alert.loginIntervalMin", 1440);

Deleted : user_pref("CommunityToolbar.alert.loginLastCheckTime", "Tue Oct 23 2012 13:03:47 GMT-0500 (Central D[...]

Deleted : user_pref("CommunityToolbar.alert.loginLastUpdateTime", "1313487611");

Deleted : user_pref("CommunityToolbar.alert.messageShowTimeSec", 20);

Deleted : user_pref("CommunityToolbar.alert.servicesServerUrl", "hxxp://alert.services.conduit.com");

Deleted : user_pref("CommunityToolbar.alert.showTrayIcon", false);

Deleted : user_pref("CommunityToolbar.alert.userCloseIntervalMin", 300);

Deleted : user_pref("CommunityToolbar.alert.userId", "7e543892-0e8e-4495-ad21-d329a6b75f09");

Deleted : user_pref("CommunityToolbar.facebook.settingsLastCheckTime", "Sat Dec 15 2012 08:32:12 GMT-0600 (Cen[...]

Deleted : user_pref("CommunityToolbar.globalUserId", "3d2c9c4e-4b6d-414b-b6a6-64efe8d1d73a");

Deleted : user_pref("CommunityToolbar.isAlertUrlAddedToFeedItemTable", true);

Deleted : user_pref("CommunityToolbar.isClickActionAddedToFeedItemTable", true);

Deleted : user_pref("CommunityToolbar.keywordURLSelectedCTID", "CT2857571");

Deleted : user_pref("CommunityToolbar.killedEngine", true);

Deleted : user_pref("CommunityToolbar.notifications.alertDialogsGetterLastCheckTime", "Mon Dec 10 2012 09:31:3[...]

Deleted : user_pref("CommunityToolbar.notifications.alertInfoInterval", 60);

Deleted : user_pref("CommunityToolbar.notifications.alertInfoLastCheckTime", "Sat Dec 15 2012 22:07:53 GMT-060[...]

Deleted : user_pref("CommunityToolbar.notifications.clientsServerUrl", "hxxp://alert.client.conduit.com");

Deleted : user_pref("CommunityToolbar.notifications.firstTimeAlertShown", true);

Deleted : user_pref("CommunityToolbar.notifications.locale", "en");

Deleted : user_pref("CommunityToolbar.notifications.loginIntervalMin", 1440);

Deleted : user_pref("CommunityToolbar.notifications.loginLastCheckTime", "Sat Dec 15 2012 08:42:55 GMT-0600 (C[...]

Deleted : user_pref("CommunityToolbar.notifications.loginLastUpdateTime", "1313487611");

Deleted : user_pref("CommunityToolbar.notifications.messageShowTimeSec", 20);

Deleted : user_pref("CommunityToolbar.notifications.servicesServerUrl", "hxxp://alert.services.conduit.com");

Deleted : user_pref("CommunityToolbar.notifications.showTrayIcon", false);

Deleted : user_pref("CommunityToolbar.notifications.userCloseIntervalMin", 300);

Deleted : user_pref("CommunityToolbar.notifications.userId", "486a8251-549b-475a-9e9c-4a15b18a0cd2");

Deleted : user_pref("CommunityToolbar.twitter.user_14293310.LastCheckTime", "Sat Dec 15 2012 21:07:57 GMT-0600[...]

Deleted : user_pref("CommunityToolbar.twitter.user_2557521.LastCheckTime", "Sat Dec 15 2012 21:07:57 GMT-0600 [...]

Deleted : user_pref("CommunityToolbar.twitter.user_428333.LastCheckTime", "Sat Dec 15 2012 21:07:57 GMT-0600 ([...]

Deleted : user_pref("CommunityToolbar.twitter.user_807095.LastCheckTime", "Sat Dec 15 2012 21:07:57 GMT-0600 ([...]

Deleted : user_pref("CommunityToolbar.undefined", "");

Deleted : user_pref("browser.babylon.HPOnNewTab", "1");

Deleted : user_pref("browser.search.defaultengine", "Ask.com");

Deleted : user_pref("browser.search.defaultenginename", "Ask.com");

Deleted : user_pref("browser.search.defaultthis.engineName", "Web Search");

Deleted : user_pref("browser.search.defaulturl", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT2504091&Sea[...]

Deleted : user_pref("browser.search.order.1", "Ask.com");

Deleted : user_pref("extensions.BabylonToolbar.bbDpng", 15);

Deleted : user_pref("extensions.BabylonToolbar.cntry", "US");

Deleted : user_pref("extensions.BabylonToolbar.firstRun", false);

Deleted : user_pref("extensions.BabylonToolbar.hdrMd5", "F35E6E2C39C67E9364CC6EC2DEBCCED0");

Deleted : user_pref("extensions.BabylonToolbar.lastActv", "15");

Deleted : user_pref("extensions.BabylonToolbar.lastDP", 15);

Deleted : user_pref("extensions.BabylonToolbar.lastVrsnTs", "1.4.31.217:33:26");

Deleted : user_pref("extensions.BabylonToolbar.mntrFFxVrsn", "3.6");

Deleted : user_pref("extensions.BabylonToolbar.newTab", true);

Deleted : user_pref("extensions.BabylonToolbar.newTabUrl", "hxxp://search.babylon.com/?babsrc=NT_bb");

Deleted : user_pref("extensions.BabylonToolbar.propectorlck", 94192977);

Deleted : user_pref("extensions.BabylonToolbar.ptch_0717", true);

Deleted : user_pref("extensions.BabylonToolbar.smplGrp", "azb");

Deleted : user_pref("extensions.facemoods.aflt", "_#fxt0");

Deleted : user_pref("extensions.facemoods.firstRun", false);

Deleted : user_pref("extensions.facemoods.lastActv", "15");

Deleted : user_pref("keyword.URL", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT2857571&q=");

-\\ Google Chrome v23.0.1271.97

File : C:\Users\Braun\AppData\Local\Google\Chrome\User Data\Default\Preferences

Deleted [l.13] : homepage = "hxxp://search.babylon.com/home?AF=14437",

Deleted [l.17] : urls_to_restore_on_startup = [ "hxxp://search.babylon.com/home?AF=14437" ]

Deleted [l.48] : icon_url = "hxxp://babylon.com/favicon.ico",

Deleted [l.51] : keyword = "babylon.com",

Deleted [l.54] : search_url = "hxxp://search.babylon.com/web/{searchTerms}?babsrc=browsersearch&hl={language}&[...]

Deleted [l.1818] : homepage = "hxxp://search.babylon.com/home?AF=14437",

Deleted [l.2081] : urls_to_restore_on_startup = [ "hxxp://search.babylon.com/home?AF=14437" ]

*************************

AdwCleaner[s1].txt - [57129 octets] - [16/12/2012 11:44:32]

########## EOF - C:\AdwCleaner[s1].txt - [57190 octets] ##########

Rogue Killer Report

RogueKiller V8.4.0 [Dec 15 2012] by Tigzy

mail : tigzyRK<at>gmail<dot>com

Feedback : http://www.geekstogo.com/forum/files/file/413-roguekiller/

Website : http://tigzy.geekstogo.com/roguekiller.php

Blog : http://tigzyrk.blogspot.com/

Operating System : Windows 7 (6.1.7601 Service Pack 1) 32 bits version

Started in : Normal mode

User : Braun [Admin rights]

Mode : Remove -- Date : 12/16/2012 11:54:04

¤¤¤ Bad processes : 0 ¤¤¤

¤¤¤ Registry Entries : 2 ¤¤¤

[HJ DESK] HKLM\[...]\NewStartPanel : {59031a47-3f72-44a7-89c5-5595fe6b30ee} (1) -> REPLACED (0)

[HJ DESK] HKLM\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> REPLACED (0)

¤¤¤ Particular Files / Folders: ¤¤¤

¤¤¤ Driver : [LOADED] ¤¤¤

¤¤¤ HOSTS File: ¤¤¤

--> C:\windows\system32\drivers\etc\hosts

¤¤¤ MBR Check: ¤¤¤

+++++ PhysicalDrive0: TOSHIBA MK2555GSX ATA Device +++++

--- User ---

[MBR] ee7f93ef193748a26c9f55a017e54960

[bSP] bb822f2f22e7fe542d4b4d5d666d1dd4 : Windows Vista MBR Code

Partition table:

0 - [ACTIVE] ACER (0x27) [VISIBLE] Offset (sectors): 2048 | Size: 1500 Mo

1 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 3074048 | Size: 228845 Mo

2 - [XXXXXX] NTFS (0x17) [HIDDEN!] Offset (sectors): 471748608 | Size: 8129 Mo

User = LL1 ... OK!

User = LL2 ... OK!

Finished : << RKreport[2]_D_12162012_02d1154.txt >>

RKreport[1]_S_12162012_02d1153.txt ; RKreport[2]_D_12162012_02d1154.txt

Link to post
Share on other sites

  • Staff

Hello

I Would like you to do the following.

Please print out or make a copy in notpad of any instructions given, as sometimes it is necessary to go offline and you will lose access to them.

Run Combofix:

You may be asked to install or update the Recovery Console (Win XP Only) if this happens please allow it to do so (you will need to be connected to the internet for this)

Before you run Combofix I will need you to turn off any security software you have running, If you do not know how to do this you can find out >here< or >here<

Combofix may need to reboot your computer more than once to do its job this is normal.

You can download Combofix from one of these links. I want you to save it to the desktop and run it from there.

Link 1
Link 2
Link 3

1. Close any open browsers or any other programs that are open.

2. Close/disable all anti virus and anti malware programs so they do not interfere with the running of ComboFix.

Double click on combofix.exe & follow the prompts.

When finished, it will produce a report for you.

Note 1: Do not mouseclick combofix's window while it's running. That may cause it to stall

Note 2: If you recieve an error "Illegal operation attempted on a registery key that has been marked for deletion." Please restart the computer

"information and logs"

  • In your next post I need the following
  • Log from Combofix
  • let me know of any problems you may have had
  • How is the computer doing now?

Gringo

Link to post
Share on other sites

Hi!

I began working on this as soon as I received the laptop, so I can't really speak to any problems since I haven't really used it much. It seems to be working well, I am noticing a faster response from the computer.

ComboFix 12-12-14.01 - Braun 12/16/2012 13:11:45.1.1 - x86

Microsoft Windows 7 Home Premium 6.1.7601.1.1252.1.1033.18.3582.2664 [GMT -6:00]

Running from: c:\users\Braun\Desktop\ComboFix.exe

AV: avast! Internet Security *Disabled/Updated* {2B2D1395-420B-D5C9-657E-930FE358FC3C}

FW: avast! Internet Security *Disabled* {131692B0-0864-D491-4E21-3A3A1D8BBB47}

SP: avast! Internet Security *Disabled/Updated* {904CF271-6431-DA47-5FCE-A87D98DFB681}

SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

.

.

((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))

.

.

c:\users\Braun\AppData\Local\assembly\tmp

c:\users\Public\invokesi.exe

.

.

((((((((((((((((((((((((( Files Created from 2012-11-16 to 2012-12-16 )))))))))))))))))))))))))))))))

.

.

2012-12-16 15:30 . 2012-12-16 15:30 40776 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys

2012-12-16 07:14 . 2012-07-26 03:39 526952 ----a-w- c:\windows\system32\drivers\Wdf01000.sys

2012-12-16 07:14 . 2012-07-26 03:39 47720 ----a-w- c:\windows\system32\drivers\WdfLdr.sys

2012-12-16 07:14 . 2012-07-26 02:46 9728 ----a-w- c:\windows\system32\Wdfres.dll

2012-12-16 07:13 . 2012-07-26 02:33 66560 ----a-w- c:\windows\system32\drivers\WUDFPf.sys

2012-12-16 07:13 . 2012-07-26 02:32 155136 ----a-w- c:\windows\system32\drivers\WUDFRd.sys

2012-12-16 07:13 . 2012-07-26 03:21 196608 ----a-w- c:\windows\system32\WUDFHost.exe

2012-12-16 07:13 . 2012-07-26 03:20 73216 ----a-w- c:\windows\system32\WUDFSvc.dll

2012-12-16 07:13 . 2012-07-26 03:20 38912 ----a-w- c:\windows\system32\WUDFCoinstaller.dll

2012-12-16 07:13 . 2012-07-26 03:20 172032 ----a-w- c:\windows\system32\WUDFPlatform.dll

2012-12-16 07:13 . 2012-07-26 03:20 613888 ----a-w- c:\windows\system32\WUDFx.dll

2012-12-16 05:13 . 2012-12-16 05:13 -------- d-----w- c:\users\Braun\AppData\Roaming\Malwarebytes

2012-12-16 05:13 . 2012-12-16 05:13 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware

2012-12-16 05:13 . 2012-12-16 05:13 -------- d-----w- c:\programdata\Malwarebytes

2012-12-16 05:13 . 2012-09-30 01:54 22856 ----a-w- c:\windows\system32\drivers\mbam.sys

2012-12-16 05:06 . 2012-10-03 16:58 1293680 ----a-w- c:\windows\system32\drivers\tcpip.sys

2012-12-16 05:06 . 2012-10-03 16:42 242176 ----a-w- c:\windows\system32\nlasvc.dll

2012-12-16 05:06 . 2012-10-03 16:42 175104 ----a-w- c:\windows\system32\netcorehc.dll

2012-12-16 05:06 . 2012-10-03 16:42 156672 ----a-w- c:\windows\system32\ncsi.dll

2012-12-16 05:06 . 2012-10-03 16:40 499712 ----a-w- c:\windows\system32\iphlpsvc.dll

2012-12-16 05:06 . 2012-10-03 16:42 52224 ----a-w- c:\windows\system32\nlaapi.dll

2012-12-16 05:06 . 2012-10-03 16:42 18944 ----a-w- c:\windows\system32\netevent.dll

2012-12-16 05:06 . 2012-10-03 15:21 35328 ----a-w- c:\windows\system32\drivers\tcpipreg.sys

2012-12-16 04:45 . 2012-11-22 02:56 2345984 ----a-w- c:\windows\system32\win32k.sys

2012-12-16 04:43 . 2012-11-02 05:11 376832 ----a-w- c:\windows\system32\dpnet.dll

2012-12-16 04:38 . 2012-11-08 18:00 6812136 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{2D104225-6142-474F-A6AB-62A0C291CD83}\mpengine.dll

2012-12-16 04:33 . 2012-10-09 17:40 44032 ----a-w- c:\windows\system32\dhcpcsvc6.dll

2012-12-16 04:33 . 2012-10-09 17:40 193536 ----a-w- c:\windows\system32\dhcpcore6.dll

2012-12-16 04:02 . 2012-09-25 22:47 78336 ----a-w- c:\windows\system32\synceng.dll

2012-12-16 04:00 . 2012-11-09 04:42 2048 ----a-w- c:\windows\system32\tzres.dll

.

.

.

(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))

.

2012-10-23 18:59 . 2012-10-23 18:59 163056 ----a-w- c:\programdata\Microsoft\Windows\Sqm\Manifest\Sqm10142.bin

2012-10-16 07:39 . 2012-12-16 04:43 561664 ----a-w- c:\windows\apppatch\AcLayers.dll

2012-11-29 08:27 . 2012-12-16 05:02 262112 ----a-w- c:\program files\mozilla firefox\components\browsercomps.dll

.

.

((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))

.

.

*Note* empty entries & legit default entries are not shown

REGEDIT4

.

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]

@="{472083B0-C522-11CF-8763-00608CC02F24}"

[HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]

2011-07-04 11:43 122512 ----a-w- c:\program files\Alwil Software\Avast5\ashShell.dll

.

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"Facebook Update"="c:\users\Braun\AppData\Local\Facebook\Update\FacebookUpdate.exe" [2012-10-23 138096]

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"RtHDVCpl"="c:\program files\Realtek\Audio\HDA\RtHDVCpl.exe" [2009-07-29 7625248]

"SynTPEnh"="c:\program files\Synaptics\SynTP\SynTPEnh.exe" [2009-07-21 1545512]

"TPwrMain"="c:\program files\TOSHIBA\Power Saver\TPwrMain.EXE" [2009-08-05 476512]

"SmoothView"="c:\program files\Toshiba\SmoothView\SmoothView.exe" [2009-07-28 460088]

"00TCrdMain"="c:\program files\TOSHIBA\FlashCards\TCrdMain.exe" [2009-08-05 738616]

"ToshibaServiceStation"="c:\program files\TOSHIBA\TOSHIBA Service Station\ToshibaServiceStation.exe" [2009-08-17 1294136]

"TosSENotify"="c:\program files\TOSHIBA\TOSHIBA HDD SSD Alert\TosWaitSrv.exe" [2009-09-17 611672]

"Windows Mobile Device Center"="c:\windows\WindowsMobile\wmdc.exe" [2007-05-31 648072]

"dcmsvc"="c:\program files\dcmsvc\dcmsvc.exe" [2009-04-07 30440]

"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2010-09-23 35760]

"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2010-09-21 932288]

"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2011-04-08 254696]

"APSDaemon"="c:\program files\Common Files\Apple\Apple Application Support\APSDaemon.exe" [2012-08-28 59280]

"QuickTime Task"="c:\program files\QuickTime\QTTask.exe" [2012-04-19 421888]

"iTunesHelper"="c:\program files\iTunes\iTunesHelper.exe" [2012-09-10 421776]

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce]

"AvgUninstallURL"="start http://www.avg.com/ww.special-uninstallation-feedback-appf?lic=OQBBAFYARgBSAEUARQAtAFYATgBKADMAMgAtAEcAMwBMAEEAQQAtAEEANAA4ADkAUgAtADkAVQBKAEsARgAtAEUASwBLADMAWAA&inst=NwA3AC0AMwAxADgAOAA1ADYANAAxADgALQBGAFAAOQArADYALQBCAEEAUgA5AEcAKwAxAC0AVABCADkAKwAyAC0ARgBMACsAOQAtAFgATwAzADYAKwAxAC0ARgA5AE0ANwBDACsANQAtAEYAOQBNADEAMABCACsAMQA∏=90&ver=9.0.872" [?]

.

c:\users\Braun\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\

MP3 Rocket (Minimized).lnk - c:\program files\MP3 Rocket\MP3Rocket.exe [N/A]

Stardock ObjectDock.lnk - c:\program files\Stardock\ObjectDockFree\ObjectDock.exe [N/A]

.

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]

"ConsentPromptBehaviorAdmin"= 5 (0x5)

"ConsentPromptBehaviorUser"= 3 (0x3)

"EnableUIADesktopToggle"= 0 (0x0)

.

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]

"aux"=wdmaud.drv

.

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WRConsumerService]

@="Service"

.

[HKLM\~\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^WDDMStatus.lnk]

backup=c:\windows\pss\WDDMStatus.lnk.CommonStartup

backupExtension=.CommonStartup

.

[HKLM\~\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^WinZip Quick Pick.lnk]

backup=c:\windows\pss\WinZip Quick Pick.lnk.CommonStartup

backupExtension=.CommonStartup

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\uTorrent

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Zune Launcher

.

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Google Update]

2011-08-20 17:29 136176 ----atw- c:\users\Braun\AppData\Local\Google\Update\GoogleUpdate.exe

.

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\msnmsgr]

2010-11-10 07:54 4240760 ----a-w- c:\program files\Windows Live\Messenger\msnmsgr.exe

.

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MyTOSHIBA]

2009-08-06 16:15 264048 ----a-w- c:\program files\TOSHIBA\My Toshiba\MyToshiba.exe

.

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]

2012-04-19 01:56 421888 ----a-w- c:\program files\QuickTime\QTTask.exe

.

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\StartCCC]

2009-07-30 06:32 98304 ----a-w- c:\program files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe

.

R2 LMIInfo;LogMeIn Kernel Information Provider;c:\program files\LogMeIn\x86\RaInfo.sys [x]

R2 LMIRescue_b12ad326-96b3-4d55-9b4a-a25b6aa153f0;LogMeIn Rescue (b12ad326-96b3-4d55-9b4a-a25b6aa153f0);c:\users\Braun\AppData\Local\Temp\LMIR0002.tmp\LMI_Rescue_srv.exe [x]

R2 LMIRescue_f476620f-fe55-469d-95d3-66e2919ec40f;LogMeIn Rescue (f476620f-fe55-469d-95d3-66e2919ec40f);c:\users\Braun\AppData\Local\Temp\LMIR0001.tmp\LMI_Rescue_srv.exe [x]

R2 MBAMService;MBAMService;c:\program files\Malwarebytes' Anti-Malware\mbamservice.exe [x]

R2 WRConsumerService;Webroot Client Service;c:\program files\Webroot\WebrootSecurity\WRConsumerService.exe [x]

R3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [x]

R3 MBAMSwissArmy;MBAMSwissArmy;c:\windows\system32\drivers\mbamswissarmy.sys [x]

R3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader;c:\windows\system32\Drivers\RtsUStor.sys [x]

R3 RtsUIR;Realtek IR Driver;c:\windows\system32\DRIVERS\Rts516xIR.sys [x]

R3 SrvHsfHDA;SrvHsfHDA;c:\windows\system32\DRIVERS\VSTAZL3.SYS [x]

R3 SrvHsfV92;SrvHsfV92;c:\windows\system32\DRIVERS\VSTDPV3.SYS [x]

R3 SrvHsfWinac;SrvHsfWinac;c:\windows\system32\DRIVERS\VSTCNXT3.SYS [x]

R3 TMachInfo;TMachInfo;c:\program files\TOSHIBA\TOSHIBA Service Station\TMachInfo.exe [x]

R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [x]

R3 WatAdminSvc;Windows Activation Technologies Service;c:\windows\system32\Wat\WatAdminSvc.exe [x]

R3 WDC_SAM;WD SCSI Pass Thru driver;c:\windows\system32\DRIVERS\wdcsam.sys [x]

S1 aswSnx;aswSnx; [x]

S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe [x]

S2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys [x]

S2 cfWiMAXService;ConfigFree WiMAX Service;c:\program files\TOSHIBA\ConfigFree\CFIWmxSvcs.exe [x]

S2 ConfigFree Service;ConfigFree Service;c:\program files\TOSHIBA\ConfigFree\CFSvcs.exe [x]

S2 MBAMScheduler;MBAMScheduler;c:\program files\Malwarebytes' Anti-Malware\mbamscheduler.exe [x]

S3 FwLnk;FwLnk Driver;c:\windows\system32\DRIVERS\FwLnk.sys [x]

S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt86win7.sys [x]

S3 RTL8187B;Realtek RTL8187B Wireless 802.11b/g 54Mbps USB 2.0 Network Adapter;c:\windows\system32\DRIVERS\RTL8187B.sys [x]

S3 TOSHIBA HDD SSD Alert Service;TOSHIBA HDD SSD Alert Service;c:\program files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSmartSrv.exe [x]

.

.

--- Other Services/Drivers In Memory ---

.

*NewlyCreated* - TRUESIGHT

*Deregistered* - TrueSight

.

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]

WindowsMobile REG_MULTI_SZ wcescomm rapimgr

LocalServiceRestricted REG_MULTI_SZ WcesComm RapiMgr

HPZ12 REG_MULTI_SZ Pml Driver HPZ12 Net Driver HPZ12

.

[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{01250B8F-D947-4F8A-9408-FE8E3EE2EC92}]

2009-08-06 16:15 264048 ----a-w- c:\program files\TOSHIBA\My Toshiba\MyToshiba.exe

.

Contents of the 'Scheduled Tasks' folder

.

2012-12-16 c:\windows\Tasks\FacebookUpdateTaskUserS-1-5-21-146636034-1766822535-2677241710-1000Core.job

- c:\users\Braun\AppData\Local\Facebook\Update\FacebookUpdate.exe [2011-09-09 18:05]

.

2012-12-16 c:\windows\Tasks\FacebookUpdateTaskUserS-1-5-21-146636034-1766822535-2677241710-1000UA.job

- c:\users\Braun\AppData\Local\Facebook\Update\FacebookUpdate.exe [2011-09-09 18:05]

.

2012-12-16 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-146636034-1766822535-2677241710-1000Core.job

- c:\users\Braun\AppData\Local\Google\Update\GoogleUpdate.exe [2011-08-20 17:29]

.

2012-12-16 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-146636034-1766822535-2677241710-1000UA.job

- c:\users\Braun\AppData\Local\Google\Update\GoogleUpdate.exe [2011-08-20 17:29]

.

.

------- Supplementary Scan -------

.

uStart Page = hxxp://www.google.com

mStart Page = hxxp://www.google.com/ig/redirectdomain?brand=TSNA&bmod=TSNA

IE: E&xport to Microsoft Excel - c:\progra~1\MIF5BA~1\Office12\EXCEL.EXE/3000

IE: eBay Search - c:\program files\eBay\eBay Toolbar2\eBayTb.dll/RCSearch.html

TCP: DhcpNameServer = 192.168.1.1

FF - ProfilePath - c:\users\Braun\AppData\Roaming\Mozilla\Firefox\Profiles\6kogi6ok.default\

FF - prefs.js: browser.search.selectedEngine - Google

FF - prefs.js: browser.startup.homepage - yahoo.com

FF - ExtSQL: 2012-10-23 15:08; {195A3098-0BD5-4e90-AE22-BA1C540AFD1E}; c:\users\Braun\AppData\Roaming\Mozilla\Firefox\Profiles\6kogi6ok.default\extensions\{195A3098-0BD5-4e90-AE22-BA1C540AFD1E}

.

- - - - ORPHANS REMOVED - - - -

.

URLSearchHooks-{ba14329e-9550-4989-b3f2-9732e92d17cc} - (no file)

Toolbar-Locked - (no file)

Toolbar-{CCC7A320-B3CA-4199-B1A6-9F516DD69829} - (no file)

WebBrowser-{CCC7A320-B3CA-4199-B1A6-9F516DD69829} - (no file)

WebBrowser-{BA14329E-9550-4989-B3F2-9732E92D17CC} - (no file)

HKLM-Run-LogMeIn GUI - c:\program files\LogMeIn\x86\LogMeInSystray.exe

SharedTaskScheduler-{1984D045-52CF-49cd-DB77-08F378FEA4DB} - (no file)

.

.

.

--------------------- LOCKED REGISTRY KEYS ---------------------

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\DbgagD\1*]

"value"="?\08\01\01\16\0a*?"

.

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]

@Denied: (A) (Users)

@Denied: (A) (Everyone)

@Allowed: (B 1 2 3 4 5) (S-1-5-20)

"BlindDial"=dword:00000000

.

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]

@Denied: (Full) (Everyone)

.

Completion time: 2012-12-16 13:46:04

ComboFix-quarantined-files.txt 2012-12-16 19:46

.

Pre-Run: 100,998,184,960 bytes free

Post-Run: 101,433,573,376 bytes free

.

- - End Of File - - A74D0BA9913DB1A876FEAFD598D5DD04

Link to post
Share on other sites

  • Staff

Greetings

I want you to run these next,

Please download the latest version of TDSSKiller from here and save it to your Desktop.

  • Doubleclick on TDSSKiller.exe to run the application, then click on Change parameters.
  • Put a checkmark beside loaded modules.
  • A reboot will be needed to apply the changes. Do it.
  • TDSSKiller will launch automatically after the reboot. Also your computer may seem very slow and unusable. This is normal. Give it enough time to load your background programs.
  • Then click on Change parameters in TDSSKiller.
  • Check all boxes then click OK.
  • Click the Start Scan button.
  • The scan should take no longer than 2 minutes.
  • If a suspicious object is detected, the default action will be Skip, click on Continue.
  • If malicious objects are found, they will show in the Scan results
  • Ensure Cure (default) is selected, then click Continue > Reboot now to finish the cleaning process.
    Note: If Cure is not available, please choose Skip instead, do not choose Delete unless instructed.
  • A report will be created in your root directory, (usually C:\ folder) in the form of "TDSSKiller.[Version]_[Date]_[Time]_log.txt". Please copy and paste the contents of that file here.

Please download aswMBR to your desktop.

  • Double click the aswMBR.exe icon to run it
  • it will ask to download extra definitions - ALLOW IT
  • Click the Scan button to start the scan
  • On completion of the scan, click the save log button, save it to your desktop and post it in your next reply.

If you have any problems running either one come back and let me know

please reply with the reports from TDSSKiller and aswMBR

Gringo

Link to post
Share on other sites

15:41:17.0375 3640 TDSS rootkit removing tool 2.8.15.0 Oct 31 2012 21:47:35

15:41:17.0984 3640 ============================================================

15:41:17.0984 3640 Current date / time: 2012/12/16 15:41:17.0984

15:41:17.0984 3640 SystemInfo:

15:41:17.0984 3640

15:41:17.0984 3640 OS Version: 6.1.7601 ServicePack: 1.0

15:41:17.0984 3640 Product type: Workstation

15:41:17.0984 3640 ComputerName: BRAUN-PC

15:41:17.0984 3640 UserName: Braun

15:41:17.0984 3640 Windows directory: C:\windows

15:41:17.0984 3640 System windows directory: C:\windows

15:41:17.0984 3640 Processor architecture: Intel x86

15:41:17.0984 3640 Number of processors: 1

15:41:17.0984 3640 Page size: 0x1000

15:41:17.0984 3640 Boot type: Normal boot

15:41:17.0984 3640 ============================================================

15:41:18.0827 3640 BG loaded

15:41:19.0155 3640 Drive \Device\Harddisk0\DR0 - Size: 0x3A38B2E000 (232.89 Gb), SectorSize: 0x200, Cylinders: 0x76C1, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000050

15:41:19.0186 3640 ============================================================

15:41:19.0186 3640 \Device\Harddisk0\DR0:

15:41:19.0248 3640 MBR partitions:

15:41:19.0248 3640 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x2EE800, BlocksNum 0x1BEF6800

15:41:19.0248 3640 ============================================================

15:41:19.0327 3640 C: <-> \Device\Harddisk0\DR0\Partition1

15:41:19.0327 3640 ============================================================

15:41:19.0327 3640 Initialize success

15:41:19.0327 3640 ============================================================

15:41:39.0158 4016 ============================================================

15:41:39.0158 4016 Scan started

15:41:39.0158 4016 Mode: Manual; SigCheck; TDLFS;

15:41:39.0158 4016 ============================================================

15:41:39.0846 4016 ================ Scan system memory ========================

15:41:39.0846 4016 System memory - ok

15:41:39.0846 4016 ================ Scan services =============================

15:41:40.0033 4016 [ 1B133875B8AA8AC48969BD3458AFE9F5 ] 1394ohci C:\windows\system32\drivers\1394ohci.sys

15:41:40.0111 4016 1394ohci - ok

15:41:40.0158 4016 [ CEA80C80BED809AA0DA6FEBC04733349 ] ACPI C:\windows\system32\drivers\ACPI.sys

15:41:40.0189 4016 ACPI - ok

15:41:40.0236 4016 [ 1EFBC664ABFF416D1D07DB115DCB264F ] AcpiPmi C:\windows\system32\drivers\acpipmi.sys

15:41:40.0251 4016 AcpiPmi - ok

15:41:40.0314 4016 [ 21E785EBD7DC90A06391141AAC7892FB ] adp94xx C:\windows\system32\DRIVERS\adp94xx.sys

15:41:40.0345 4016 adp94xx - ok

15:41:40.0376 4016 [ 0C676BC278D5B59FF5ABD57BBE9123F2 ] adpahci C:\windows\system32\DRIVERS\adpahci.sys

15:41:40.0392 4016 adpahci - ok

15:41:40.0439 4016 [ 7C7B5EE4B7B822EC85321FE23A27DB33 ] adpu320 C:\windows\system32\DRIVERS\adpu320.sys

15:41:40.0454 4016 adpu320 - ok

15:41:40.0485 4016 [ 8B5EEFEEC1E6D1A72A06C526628AD161 ] AeLookupSvc C:\windows\System32\aelupsvc.dll

15:41:40.0501 4016 AeLookupSvc - ok

15:41:40.0563 4016 [ 9EBBBA55060F786F0FCAA3893BFA2806 ] AFD C:\windows\system32\drivers\afd.sys

15:41:40.0596 4016 AFD - ok

15:41:40.0627 4016 [ 507812C3054C21CEF746B6EE3D04DD6E ] agp440 C:\windows\system32\drivers\agp440.sys

15:41:40.0642 4016 agp440 - ok

15:41:40.0705 4016 [ 8B30250D573A8F6B4BD23195160D8707 ] aic78xx C:\windows\system32\DRIVERS\djsvs.sys

15:41:40.0720 4016 aic78xx - ok

15:41:40.0783 4016 [ 18A54E132947CD98FEA9ACCC57F98F13 ] ALG C:\windows\System32\alg.exe

15:41:40.0798 4016 ALG - ok

15:41:40.0861 4016 [ 0D40BCF52EA90FC7DF2AEAB6503DEA44 ] aliide C:\windows\system32\drivers\aliide.sys

15:41:40.0861 4016 aliide - ok

15:41:40.0923 4016 [ 0BC6704F6FB4C63CDCB85401E8263A1B ] AMD External Events Utility C:\windows\system32\atiesrxx.exe

15:41:40.0939 4016 AMD External Events Utility - ok

15:41:40.0986 4016 [ 3C6600A0696E90A463771C7422E23AB5 ] amdagp C:\windows\system32\drivers\amdagp.sys

15:41:41.0001 4016 amdagp - ok

15:41:41.0064 4016 [ CD5914170297126B6266860198D1D4F0 ] amdide C:\windows\system32\drivers\amdide.sys

15:41:41.0079 4016 amdide - ok

15:41:41.0142 4016 [ 00DDA200D71BAC534BF56A9DB5DFD666 ] AmdK8 C:\windows\system32\DRIVERS\amdk8.sys

15:41:41.0157 4016 AmdK8 - ok

15:41:41.0204 4016 [ 3CBF30F5370FDA40DD3E87DF38EA53B6 ] AmdPPM C:\windows\system32\DRIVERS\amdppm.sys

15:41:41.0220 4016 AmdPPM - ok

15:41:41.0282 4016 [ D320BF87125326F996D4904FE24300FC ] amdsata C:\windows\system32\drivers\amdsata.sys

15:41:41.0298 4016 amdsata - ok

15:41:41.0344 4016 [ EA43AF0C423FF267355F74E7A53BDABA ] amdsbs C:\windows\system32\DRIVERS\amdsbs.sys

15:41:41.0360 4016 amdsbs - ok

15:41:41.0376 4016 [ 46387FB17B086D16DEA267D5BE23A2F2 ] amdxata C:\windows\system32\drivers\amdxata.sys

15:41:41.0391 4016 amdxata - ok

15:41:41.0454 4016 [ AEA177F783E20150ACE5383EE368DA19 ] AppID C:\windows\system32\drivers\appid.sys

15:41:41.0485 4016 AppID - ok

15:41:41.0563 4016 [ 62A9C86CB6085E20DB4823E4E97826F5 ] AppIDSvc C:\windows\System32\appidsvc.dll

15:41:41.0595 4016 AppIDSvc - ok

15:41:41.0657 4016 [ FB1959012294D6AD43E5304DF65E3C26 ] Appinfo C:\windows\System32\appinfo.dll

15:41:41.0689 4016 Appinfo - ok

15:41:41.0829 4016 [ A5299D04ED225D64CF07A568A3E1BF8C ] Apple Mobile Device C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe

15:41:41.0845 4016 Apple Mobile Device - ok

15:41:41.0907 4016 [ 2932004F49677BD84DBC72EDB754FFB3 ] arc C:\windows\system32\DRIVERS\arc.sys

15:41:41.0923 4016 arc - ok

15:41:42.0001 4016 [ 5D6F36C46FD283AE1B57BD2E9FEB0BC7 ] arcsas C:\windows\system32\DRIVERS\arcsas.sys

15:41:42.0016 4016 arcsas - ok

15:41:42.0079 4016 [ FF83C93AEEE8B0CF4B464CA667A67ACD ] aswMonFlt C:\windows\system32\drivers\aswMonFlt.sys

15:41:42.0110 4016 aswMonFlt - ok

15:41:42.0219 4016 [ 17230708A2028CD995656DF455F2E303 ] aswSnx C:\windows\system32\drivers\aswSnx.sys

15:41:42.0235 4016 aswSnx - ok

15:41:42.0281 4016 [ ADD2ADE1C2B285AB8378D2DAAF991481 ] AsyncMac C:\windows\system32\DRIVERS\asyncmac.sys

15:41:42.0313 4016 AsyncMac - ok

15:41:42.0375 4016 [ 338C86357871C167A96AB976519BF59E ] atapi C:\windows\system32\drivers\atapi.sys

15:41:42.0391 4016 atapi - ok

15:41:42.0469 4016 [ 76BAB0C824E2D05B940C4DD40A9B08BF ] athr C:\windows\system32\DRIVERS\athr.sys

15:41:42.0500 4016 athr - ok

15:41:42.0874 4016 [ C97BE8350FBCB1960B22FAD2E6C2B514 ] atikmdag C:\windows\system32\DRIVERS\atikmdag.sys

15:41:42.0983 4016 atikmdag - ok

15:41:43.0046 4016 [ B73C832088DD54B55E04FF6F9646AD8C ] AtiPcie C:\windows\system32\DRIVERS\AtiPcie.sys

15:41:43.0061 4016 AtiPcie - ok

15:41:43.0124 4016 [ CE3B4E731638D2EF62FCB419BE0D39F0 ] AudioEndpointBuilder C:\windows\System32\Audiosrv.dll

15:41:43.0171 4016 AudioEndpointBuilder - ok

15:41:43.0186 4016 [ CE3B4E731638D2EF62FCB419BE0D39F0 ] Audiosrv C:\windows\System32\Audiosrv.dll

15:41:43.0217 4016 Audiosrv - ok

15:41:43.0280 4016 [ 6E30D02AAC9CAC84F421622E3A2F6178 ] AxInstSV C:\windows\System32\AxInstSV.dll

15:41:43.0295 4016 AxInstSV - ok

15:41:43.0342 4016 [ 1A231ABEC60FD316EC54C66715543CEC ] b06bdrv C:\windows\system32\DRIVERS\bxvbdx.sys

15:41:43.0373 4016 b06bdrv - ok

15:41:43.0420 4016 [ BD8869EB9CDE6BBE4508D869929869EE ] b57nd60x C:\windows\system32\DRIVERS\b57nd60x.sys

15:41:43.0436 4016 b57nd60x - ok

15:41:43.0498 4016 [ EE1E9C3BB8228AE423DD38DB69128E71 ] BDESVC C:\windows\System32\bdesvc.dll

15:41:43.0514 4016 BDESVC - ok

15:41:43.0545 4016 [ 505506526A9D467307B3C393DEDAF858 ] Beep C:\windows\system32\drivers\Beep.sys

15:41:43.0576 4016 Beep - ok

15:41:43.0670 4016 [ 1E2BAC209D184BB851E1A187D8A29136 ] BFE C:\windows\System32\bfe.dll

15:41:43.0701 4016 BFE - ok

15:41:43.0795 4016 [ E585445D5021971FAE10393F0F1C3961 ] BITS C:\windows\system32\qmgr.dll

15:41:43.0841 4016 BITS - ok

15:41:43.0873 4016 [ 2287078ED48FCFC477B05B20CF38F36F ] blbdrive C:\windows\system32\DRIVERS\blbdrive.sys

15:41:43.0873 4016 blbdrive - ok

15:41:43.0919 4016 [ 8F2DA3028D5FCBD1A060A3DE64CD6506 ] bowser C:\windows\system32\DRIVERS\bowser.sys

15:41:43.0935 4016 bowser - ok

15:41:43.0951 4016 [ 9F9ACC7F7CCDE8A15C282D3F88B43309 ] BrFiltLo C:\windows\system32\DRIVERS\BrFiltLo.sys

15:41:43.0966 4016 BrFiltLo - ok

15:41:44.0075 4016 [ 56801AD62213A41F6497F96DEE83755A ] BrFiltUp C:\windows\system32\DRIVERS\BrFiltUp.sys

15:41:44.0091 4016 BrFiltUp - ok

15:41:44.0153 4016 [ 77361D72A04F18809D0EFB6CCEB74D4B ] BridgeMP C:\windows\system32\DRIVERS\bridge.sys

15:41:44.0185 4016 BridgeMP - ok

15:41:44.0278 4016 [ 3DAA727B5B0A45039B0E1C9A211B8400 ] Browser C:\windows\System32\browser.dll

15:41:44.0294 4016 Browser - ok

15:41:44.0356 4016 [ 845B8CE732E67F3B4133164868C666EA ] Brserid C:\windows\System32\Drivers\Brserid.sys

15:41:44.0372 4016 Brserid - ok

15:41:44.0403 4016 [ 203F0B1E73ADADBBB7B7B1FABD901F6B ] BrSerWdm C:\windows\System32\Drivers\BrSerWdm.sys

15:41:44.0419 4016 BrSerWdm - ok

15:41:44.0481 4016 [ BD456606156BA17E60A04E18016AE54B ] BrUsbMdm C:\windows\System32\Drivers\BrUsbMdm.sys

15:41:44.0497 4016 BrUsbMdm - ok

15:41:44.0512 4016 [ AF72ED54503F717A43268B3CC5FAEC2E ] BrUsbSer C:\windows\System32\Drivers\BrUsbSer.sys

15:41:44.0543 4016 BrUsbSer - ok

15:41:44.0559 4016 [ ED3DF7C56CE0084EB2034432FC56565A ] BTHMODEM C:\windows\system32\DRIVERS\bthmodem.sys

15:41:44.0575 4016 BTHMODEM - ok

15:41:44.0621 4016 [ 1DF19C96EEF6C29D1C3E1A8678E07190 ] bthserv C:\windows\system32\bthserv.dll

15:41:44.0668 4016 bthserv - ok

15:41:44.0793 4016 catchme - ok

15:41:44.0840 4016 [ 77EA11B065E0A8AB902D78145CA51E10 ] cdfs C:\windows\system32\DRIVERS\cdfs.sys

15:41:44.0871 4016 cdfs - ok

15:41:44.0933 4016 [ BE167ED0FDB9C1FA1133953C18D5A6C9 ] cdrom C:\windows\system32\drivers\cdrom.sys

15:41:44.0949 4016 cdrom - ok

15:41:44.0996 4016 [ 319C6B309773D063541D01DF8AC6F55F ] CertPropSvc C:\windows\System32\certprop.dll

15:41:45.0027 4016 CertPropSvc - ok

15:41:45.0136 4016 [ 1F8A319D29394F9CE1B7AE020DF2EBBF ] cfWiMAXService C:\Program Files\TOSHIBA\ConfigFree\CFIWmxSvcs.exe

15:41:45.0152 4016 cfWiMAXService - ok

15:41:45.0183 4016 [ 3FE3FE94A34DF6FB06E6418D0F6A0060 ] circlass C:\windows\system32\DRIVERS\circlass.sys

15:41:45.0199 4016 circlass - ok

15:41:45.0245 4016 [ 635181E0E9BBF16871BF5380D71DB02D ] CLFS C:\windows\system32\CLFS.sys

15:41:45.0261 4016 CLFS - ok

15:41:45.0370 4016 [ D88040F816FDA31C3B466F0FA0918F29 ] clr_optimization_v2.0.50727_32 C:\windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe

15:41:45.0370 4016 clr_optimization_v2.0.50727_32 - ok

15:41:45.0495 4016 [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe

15:41:45.0495 4016 clr_optimization_v4.0.30319_32 - ok

15:41:45.0589 4016 [ DEA805815E587DAD1DD2C502220B5616 ] CmBatt C:\windows\system32\DRIVERS\CmBatt.sys

15:41:45.0604 4016 CmBatt - ok

15:41:45.0651 4016 [ C537B1DB64D495B9B4717B4D6D9EDBF2 ] cmdide C:\windows\system32\drivers\cmdide.sys

15:41:45.0667 4016 cmdide - ok

15:41:45.0745 4016 [ 247B4CE2DAB1160CD422D532D5241E1F ] CNG C:\windows\system32\Drivers\cng.sys

15:41:45.0776 4016 CNG - ok

15:41:45.0823 4016 [ A6023D3823C37043986713F118A89BEE ] Compbatt C:\windows\system32\DRIVERS\compbatt.sys

15:41:45.0838 4016 Compbatt - ok

15:41:45.0901 4016 [ CBE8C58A8579CFE5FCCF809E6F114E89 ] CompositeBus C:\windows\system32\drivers\CompositeBus.sys

15:41:45.0916 4016 CompositeBus - ok

15:41:45.0947 4016 COMSysApp - ok

15:41:45.0994 4016 [ CAB0EEAF5295FC96DDD3E19DCE27E131 ] ConfigFree Service C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe

15:41:45.0994 4016 ConfigFree Service - ok

15:41:46.0041 4016 [ 2C4EBCFC84A9B44F209DFF6C6E6C61D1 ] crcdisk C:\windows\system32\DRIVERS\crcdisk.sys

15:41:46.0057 4016 crcdisk - ok

15:41:46.0135 4016 [ 96C0E38905CFD788313BE8E11DAE3F2F ] CryptSvc C:\windows\system32\cryptsvc.dll

15:41:46.0150 4016 CryptSvc - ok

15:41:46.0228 4016 [ 7660F01D3B38ACA1747E397D21D790AF ] DcomLaunch C:\windows\system32\rpcss.dll

15:41:46.0259 4016 DcomLaunch - ok

15:41:46.0291 4016 [ 8D6E10A2D9A5EED59562D9B82CF804E1 ] defragsvc C:\windows\System32\defragsvc.dll

15:41:46.0337 4016 defragsvc - ok

15:41:46.0400 4016 [ F024449C97EC1E464AAFFDA18593DB88 ] DfsC C:\windows\system32\Drivers\dfsc.sys

15:41:46.0431 4016 DfsC - ok

15:41:46.0493 4016 [ E9E01EB683C132F7FA27CD607B8A2B63 ] Dhcp C:\windows\system32\dhcpcore.dll

15:41:46.0525 4016 Dhcp - ok

15:41:46.0556 4016 [ 1A050B0274BFB3890703D490F330C0DA ] discache C:\windows\system32\drivers\discache.sys

15:41:46.0587 4016 discache - ok

15:41:46.0634 4016 [ 565003F326F99802E68CA78F2A68E9FF ] Disk C:\windows\system32\DRIVERS\disk.sys

15:41:46.0649 4016 Disk - ok

15:41:46.0681 4016 [ 33EF4861F19A0736B11314AAD9AE28D0 ] Dnscache C:\windows\System32\dnsrslvr.dll

15:41:46.0712 4016 Dnscache - ok

15:41:46.0821 4016 [ 366BA8FB4B7BB7435E3B9EACB3843F67 ] dot3svc C:\windows\System32\dot3svc.dll

15:41:46.0852 4016 dot3svc - ok

15:41:46.0930 4016 [ B5E479EB83707DD698F66953E922042C ] Dot4 C:\windows\system32\DRIVERS\Dot4.sys

15:41:46.0946 4016 Dot4 - ok

15:41:47.0024 4016 [ CAEFD09B6A6249C53A67D55A9A9FCABF ] Dot4Print C:\windows\system32\drivers\Dot4Prt.sys

15:41:47.0039 4016 Dot4Print - ok

15:41:47.0055 4016 [ CF491FF38D62143203C065260567E2F7 ] dot4usb C:\windows\system32\DRIVERS\dot4usb.sys

15:41:47.0071 4016 dot4usb - ok

15:41:47.0117 4016 [ 8EC04CA86F1D68DA9E11952EB85973D6 ] DPS C:\windows\system32\dps.dll

15:41:47.0149 4016 DPS - ok

15:41:47.0211 4016 [ B918E7C5F9BF77202F89E1A9539F2EB4 ] drmkaud C:\windows\system32\drivers\drmkaud.sys

15:41:47.0227 4016 drmkaud - ok

15:41:47.0305 4016 [ 23F5D28378A160352BA8F817BD8C71CB ] DXGKrnl C:\windows\System32\drivers\dxgkrnl.sys

15:41:47.0336 4016 DXGKrnl - ok

15:41:47.0383 4016 [ 8600142FA91C1B96367D3300AD0F3F3A ] EapHost C:\windows\System32\eapsvc.dll

15:41:47.0414 4016 EapHost - ok

15:41:47.0648 4016 [ 024E1B5CAC09731E4D868E64DBFB4AB0 ] ebdrv C:\windows\system32\DRIVERS\evbdx.sys

15:41:47.0710 4016 ebdrv - ok

15:41:47.0773 4016 [ 81951F51E318AECC2D68559E47485CC4 ] EFS C:\windows\System32\lsass.exe

15:41:47.0788 4016 EFS - ok

15:41:47.0913 4016 [ A8C362018EFC87BEB013EE28F29C0863 ] ehRecvr C:\windows\ehome\ehRecvr.exe

15:41:47.0929 4016 ehRecvr - ok

15:41:47.0960 4016 [ D389BFF34F80CAEDE417BF9D1507996A ] ehSched C:\windows\ehome\ehsched.exe

15:41:47.0975 4016 ehSched - ok

15:41:48.0022 4016 [ 0ED67910C8C326796FAA00B2BF6D9D3C ] elxstor C:\windows\system32\DRIVERS\elxstor.sys

15:41:48.0053 4016 elxstor - ok

15:41:48.0085 4016 [ 8FC3208352DD3912C94367A206AB3F11 ] ErrDev C:\windows\system32\drivers\errdev.sys

15:41:48.0100 4016 ErrDev - ok

15:41:48.0147 4016 [ F6916EFC29D9953D5D0DF06882AE8E16 ] EventSystem C:\windows\system32\es.dll

15:41:48.0178 4016 EventSystem - ok

15:41:48.0209 4016 [ 2DC9108D74081149CC8B651D3A26207F ] exfat C:\windows\system32\drivers\exfat.sys

15:41:48.0241 4016 exfat - ok

15:41:48.0256 4016 [ 7E0AB74553476622FB6AE36F73D97D35 ] fastfat C:\windows\system32\drivers\fastfat.sys

15:41:48.0303 4016 fastfat - ok

15:41:48.0365 4016 [ 967EA5B213E9984CBE270205DF37755B ] Fax C:\windows\system32\fxssvc.exe

15:41:48.0381 4016 Fax - ok

15:41:48.0428 4016 [ E817A017F82DF2A1F8CFDBDA29388B29 ] fdc C:\windows\system32\DRIVERS\fdc.sys

15:41:48.0428 4016 fdc - ok

15:41:48.0475 4016 [ F3222C893BD2F5821A0179E5C71E88FB ] fdPHost C:\windows\system32\fdPHost.dll

15:41:48.0521 4016 fdPHost - ok

15:41:48.0537 4016 [ 7DBE8CBFE79EFBDEB98C9FB08D3A9A5B ] FDResPub C:\windows\system32\fdrespub.dll

15:41:48.0568 4016 FDResPub - ok

15:41:48.0584 4016 [ 6CF00369C97F3CF563BE99BE983D13D8 ] FileInfo C:\windows\system32\drivers\fileinfo.sys

15:41:48.0599 4016 FileInfo - ok

15:41:48.0631 4016 [ 42C51DC94C91DA21CB9196EB64C45DB9 ] Filetrace C:\windows\system32\drivers\filetrace.sys

15:41:48.0662 4016 Filetrace - ok

15:41:48.0693 4016 [ 87907AA70CB3C56600F1C2FB8841579B ] flpydisk C:\windows\system32\DRIVERS\flpydisk.sys

15:41:48.0709 4016 flpydisk - ok

15:41:48.0755 4016 [ 7520EC808E0C35E0EE6F841294316653 ] FltMgr C:\windows\system32\drivers\fltmgr.sys

15:41:48.0771 4016 FltMgr - ok

15:41:48.0849 4016 [ B3A5EC6B6B6673DB7E87C2BCDBDDC074 ] FontCache C:\windows\system32\FntCache.dll

15:41:48.0865 4016 FontCache - ok

15:41:48.0958 4016 [ E56F39F6B7FDA0AC77A79B0FD3DE1A2F ] FontCache3.0.0.0 C:\windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe

15:41:48.0974 4016 FontCache3.0.0.0 - ok

15:41:49.0005 4016 [ 1A16B57943853E598CFF37FE2B8CBF1D ] FsDepends C:\windows\system32\drivers\FsDepends.sys

15:41:49.0021 4016 FsDepends - ok

15:41:49.0099 4016 [ D909075FA72C090F27AA926C32CB4612 ] fssfltr C:\windows\system32\DRIVERS\fssfltr.sys

15:41:49.0099 4016 fssfltr - ok

15:41:49.0239 4016 [ 4CE9DAC1518FF7E77BD213E6394B9D77 ] fsssvc C:\Program Files\Windows Live\Family Safety\fsssvc.exe

15:41:49.0286 4016 fsssvc - ok

15:41:49.0333 4016 [ 7DAE5EBCC80E45D3253F4923DC424D05 ] Fs_Rec C:\windows\system32\drivers\Fs_Rec.sys

15:41:49.0348 4016 Fs_Rec - ok

15:41:49.0411 4016 [ 8A73E79089B282100B9393B644CB853B ] fvevol C:\windows\system32\DRIVERS\fvevol.sys

15:41:49.0426 4016 fvevol - ok

15:41:49.0473 4016 [ 0F76E205BDC60364F08A5949082771CA ] FwLnk C:\windows\system32\DRIVERS\FwLnk.sys

15:41:49.0489 4016 FwLnk - ok

15:41:49.0551 4016 [ 65EE0C7A58B65E74AE05637418153938 ] gagp30kx C:\windows\system32\DRIVERS\gagp30kx.sys

15:41:49.0567 4016 gagp30kx - ok

15:41:49.0645 4016 [ 185ADA973B5020655CEE342059A86CBB ] GEARAspiWDM C:\windows\system32\DRIVERS\GEARAspiWDM.sys

15:41:49.0645 4016 GEARAspiWDM - ok

15:41:49.0707 4016 [ E897EAF5ED6BA41E081060C9B447A673 ] gpsvc C:\windows\System32\gpsvc.dll

15:41:49.0754 4016 gpsvc - ok

15:41:49.0785 4016 [ C44E3C2BAB6837DB337DDEE7544736DB ] hcw85cir C:\windows\system32\drivers\hcw85cir.sys

15:41:49.0801 4016 hcw85cir - ok

15:41:49.0879 4016 [ A5EF29D5315111C80A5C1ABAD14C8972 ] HdAudAddService C:\windows\system32\drivers\HdAudio.sys

15:41:49.0910 4016 HdAudAddService - ok

15:41:49.0941 4016 [ 9036377B8A6C15DC2EEC53E489D159B5 ] HDAudBus C:\windows\system32\drivers\HDAudBus.sys

15:41:49.0972 4016 HDAudBus - ok

15:41:50.0003 4016 [ 1D58A7F3E11A9731D0EAAAA8405ACC36 ] HidBatt C:\windows\system32\DRIVERS\HidBatt.sys

15:41:50.0019 4016 HidBatt - ok

15:41:50.0050 4016 [ 89448F40E6DF260C206A193A4683BA78 ] HidBth C:\windows\system32\DRIVERS\hidbth.sys

15:41:50.0066 4016 HidBth - ok

15:41:50.0113 4016 [ CF50B4CF4A4F229B9F3C08351F99CA5E ] HidIr C:\windows\system32\DRIVERS\hidir.sys

15:41:50.0128 4016 HidIr - ok

15:41:50.0159 4016 [ 2BC6F6A1992B3A77F5F41432CA6B3B6B ] hidserv C:\windows\System32\hidserv.dll

15:41:50.0206 4016 hidserv - ok

15:41:50.0269 4016 [ 10C19F8290891AF023EAEC0832E1EB4D ] HidUsb C:\windows\system32\drivers\hidusb.sys

15:41:50.0284 4016 HidUsb - ok

15:41:50.0331 4016 [ 196B4E3F4CCCC24AF836CE58FACBB699 ] hkmsvc C:\windows\system32\kmsvc.dll

15:41:50.0362 4016 hkmsvc - ok

15:41:50.0409 4016 [ 6658F4404DE03D75FE3BA09F7ABA6A30 ] HomeGroupListener C:\windows\system32\ListSvc.dll

15:41:50.0425 4016 HomeGroupListener - ok

15:41:50.0487 4016 [ DBC02D918FFF1CAD628ACBE0C0EAA8E8 ] HomeGroupProvider C:\windows\system32\provsvc.dll

15:41:50.0518 4016 HomeGroupProvider - ok

15:41:50.0565 4016 [ 295FDC419039090EB8B49FFDBB374549 ] HpSAMD C:\windows\system32\drivers\HpSAMD.sys

15:41:50.0581 4016 HpSAMD - ok

15:41:50.0674 4016 [ 871917B07A141BFF43D76D8844D48106 ] HTTP C:\windows\system32\drivers\HTTP.sys

15:41:50.0721 4016 HTTP - ok

15:41:50.0783 4016 [ 0C4E035C7F105F1299258C90886C64C5 ] hwpolicy C:\windows\system32\drivers\hwpolicy.sys

15:41:50.0799 4016 hwpolicy - ok

15:41:50.0861 4016 [ F151F0BDC47F4A28B1B20A0818EA36D6 ] i8042prt C:\windows\system32\drivers\i8042prt.sys

15:41:50.0877 4016 i8042prt - ok

15:41:50.0924 4016 [ 5CD5F9A5444E6CDCB0AC89BD62D8B76E ] iaStorV C:\windows\system32\drivers\iaStorV.sys

15:41:50.0939 4016 iaStorV - ok

15:41:51.0064 4016 [ C521D7EB6497BB1AF6AFA89E322FB43C ] idsvc C:\windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe

15:41:51.0095 4016 idsvc - ok

15:41:51.0158 4016 [ 4173FF5708F3236CF25195FECD742915 ] iirsp C:\windows\system32\DRIVERS\iirsp.sys

15:41:51.0173 4016 iirsp - ok

15:41:51.0283 4016 [ F95622F161474511B8D80D6B093AA610 ] IKEEXT C:\windows\System32\ikeext.dll

15:41:51.0345 4016 IKEEXT - ok

15:41:51.0501 4016 [ E4A2E810CB2607C9C159C0DFB0BD4C88 ] IntcAzAudAddService C:\windows\system32\drivers\RTKVHDA.sys

15:41:51.0579 4016 IntcAzAudAddService - ok

15:41:51.0642 4016 [ A0F12F2C9BA6C72F3987CE780E77C130 ] intelide C:\windows\system32\drivers\intelide.sys

15:41:51.0642 4016 intelide - ok

15:41:51.0688 4016 [ 3B514D27BFC4ACCB4037BC6685F766E0 ] intelppm C:\windows\system32\DRIVERS\intelppm.sys

15:41:51.0704 4016 intelppm - ok

15:41:51.0751 4016 [ ACB364B9075A45C0736E5C47BE5CAE19 ] IPBusEnum C:\windows\system32\ipbusenum.dll

15:41:51.0783 4016 IPBusEnum - ok

15:41:51.0830 4016 [ 709D1761D3B19A932FF0238EA6D50200 ] IpFilterDriver C:\windows\system32\DRIVERS\ipfltdrv.sys

15:41:51.0877 4016 IpFilterDriver - ok

15:41:51.0939 4016 [ 58F67245D041FBE7AF88F4EAF79DF0FA ] iphlpsvc C:\windows\System32\iphlpsvc.dll

15:41:51.0955 4016 iphlpsvc - ok

15:41:52.0017 4016 [ 4BD7134618C1D2A27466A099062547BF ] IPMIDRV C:\windows\system32\drivers\IPMIDrv.sys

15:41:52.0033 4016 IPMIDRV - ok

15:41:52.0079 4016 [ A5FA468D67ABCDAA36264E463A7BB0CD ] IPNAT C:\windows\system32\drivers\ipnat.sys

15:41:52.0126 4016 IPNAT - ok

15:41:52.0235 4016 [ BC0EA61246F8D940FBC5F652D337D6BD ] iPod Service C:\Program Files\iPod\bin\iPodService.exe

15:41:52.0267 4016 iPod Service - ok

15:41:52.0313 4016 [ 42996CFF20A3084A56017B7902307E9F ] IRENUM C:\windows\system32\drivers\irenum.sys

15:41:52.0329 4016 IRENUM - ok

15:41:52.0360 4016 [ 1F32BB6B38F62F7DF1A7AB7292638A35 ] isapnp C:\windows\system32\drivers\isapnp.sys

15:41:52.0376 4016 isapnp - ok

15:41:52.0438 4016 [ CB7A9ABB12B8415BCE5D74994C7BA3AE ] iScsiPrt C:\windows\system32\drivers\msiscsi.sys

15:41:52.0454 4016 iScsiPrt - ok

15:41:52.0532 4016 [ ADEF52CA1AEAE82B50DF86B56413107E ] kbdclass C:\windows\system32\drivers\kbdclass.sys

15:41:52.0547 4016 kbdclass - ok

15:41:52.0610 4016 [ 9E3CED91863E6EE98C24794D05E27A71 ] kbdhid C:\windows\system32\drivers\kbdhid.sys

15:41:52.0625 4016 kbdhid - ok

15:41:52.0657 4016 [ 81951F51E318AECC2D68559E47485CC4 ] KeyIso C:\windows\system32\lsass.exe

15:41:52.0672 4016 KeyIso - ok

15:41:52.0703 4016 [ B7895B4182C0D16F6EFADEB8081E8D36 ] KSecDD C:\windows\system32\Drivers\ksecdd.sys

15:41:52.0719 4016 KSecDD - ok

15:41:52.0750 4016 [ D30159AC9237519FBC62C6EC247D2D46 ] KSecPkg C:\windows\system32\Drivers\ksecpkg.sys

15:41:52.0766 4016 KSecPkg - ok

15:41:52.0798 4016 [ 89A7B9CC98D0D80C6F31B91C0A310FCD ] KtmRm C:\windows\system32\msdtckrm.dll

15:41:52.0845 4016 KtmRm - ok

15:41:52.0876 4016 [ D64AF876D53ECA3668BB97B51B4E70AB ] LanmanServer C:\windows\System32\srvsvc.dll

15:41:52.0923 4016 LanmanServer - ok

15:41:52.0970 4016 [ 58405E4F68BA8E4057C6E914F326ABA2 ] LanmanWorkstation C:\windows\System32\wkssvc.dll

15:41:53.0016 4016 LanmanWorkstation - ok

15:41:53.0079 4016 [ F7611EC07349979DA9B0AE1F18CCC7A6 ] lltdio C:\windows\system32\DRIVERS\lltdio.sys

15:41:53.0110 4016 lltdio - ok

15:41:53.0219 4016 [ 5700673E13A2117FA3B9020C852C01E2 ] lltdsvc C:\windows\System32\lltdsvc.dll

15:41:53.0250 4016 lltdsvc - ok

15:41:53.0297 4016 [ 55CA01BA19D0006C8F2639B6C045E08B ] lmhosts C:\windows\System32\lmhsvc.dll

15:41:53.0328 4016 lmhosts - ok

15:41:53.0422 4016 LMIInfo - ok

15:41:53.0484 4016 [ 4477689E2D8AE6B78BA34C9AF4CC1ED1 ] lmimirr C:\windows\system32\DRIVERS\lmimirr.sys

15:41:53.0500 4016 lmimirr - ok

15:41:53.0531 4016 LMIRescue_b12ad326-96b3-4d55-9b4a-a25b6aa153f0 - ok

15:41:53.0594 4016 LMIRescue_f476620f-fe55-469d-95d3-66e2919ec40f - ok

15:41:53.0609 4016 LMIRfsClientNP - ok

15:41:53.0656 4016 [ 3FAA563DDF853320F90259D455A01D79 ] LMIRfsDriver C:\windows\system32\drivers\LMIRfsDriver.sys

15:41:53.0672 4016 LMIRfsDriver - ok

15:41:53.0718 4016 [ EB119A53CCF2ACC000AC71B065B78FEF ] LSI_FC C:\windows\system32\DRIVERS\lsi_fc.sys

15:41:53.0734 4016 LSI_FC - ok

15:41:53.0781 4016 [ 8ADE1C877256A22E49B75D1CC9161F9C ] LSI_SAS C:\windows\system32\DRIVERS\lsi_sas.sys

15:41:53.0796 4016 LSI_SAS - ok

15:41:53.0828 4016 [ DC9DC3D3DAA0E276FD2EC262E38B11E9 ] LSI_SAS2 C:\windows\system32\DRIVERS\lsi_sas2.sys

15:41:53.0843 4016 LSI_SAS2 - ok

15:41:53.0874 4016 [ 0A036C7D7CAB643A7F07135AC47E0524 ] LSI_SCSI C:\windows\system32\DRIVERS\lsi_scsi.sys

15:41:53.0890 4016 LSI_SCSI - ok

15:41:53.0937 4016 [ 6703E366CC18D3B6E534F5CF7DF39CEE ] luafv C:\windows\system32\drivers\luafv.sys

15:41:53.0984 4016 luafv - ok

15:41:54.0062 4016 [ 500D089CE760D83DA2B6CBA681AA9949 ] MBAMProtector C:\windows\system32\drivers\mbam.sys

15:41:54.0077 4016 MBAMProtector - ok

15:41:54.0218 4016 [ 85B16A92B117A5A800032ECD904B86DB ] MBAMScheduler C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe

15:41:54.0233 4016 MBAMScheduler - ok

15:41:54.0311 4016 [ 20E2469DB709FC675E655CEAA11BE312 ] MBAMService C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe

15:41:54.0327 4016 MBAMService - ok

15:41:54.0374 4016 [ BFB9EE8EE977EFE85D1A3105ABEF6DD1 ] Mcx2Svc C:\windows\system32\Mcx2Svc.dll

15:41:54.0405 4016 Mcx2Svc - ok

15:41:54.0436 4016 [ 0FFF5B045293002AB38EB1FD1FC2FB74 ] megasas C:\windows\system32\DRIVERS\megasas.sys

15:41:54.0452 4016 megasas - ok

15:41:54.0498 4016 [ DCBAB2920C75F390CAF1D29F675D03D6 ] MegaSR C:\windows\system32\DRIVERS\MegaSR.sys

15:41:54.0514 4016 MegaSR - ok

15:41:54.0545 4016 [ 146B6F43A673379A3C670E86D89BE5EA ] MMCSS C:\windows\system32\mmcss.dll

15:41:54.0592 4016 MMCSS - ok

15:41:54.0623 4016 [ F001861E5700EE84E2D4E52C712F4964 ] Modem C:\windows\system32\drivers\modem.sys

15:41:54.0654 4016 Modem - ok

15:41:54.0686 4016 [ 79D10964DE86B292320E9DFE02282A23 ] monitor C:\windows\system32\DRIVERS\monitor.sys

15:41:54.0701 4016 monitor - ok

15:41:54.0764 4016 [ FB18CC1D4C2E716B6B903B0AC0CC0609 ] mouclass C:\windows\system32\drivers\mouclass.sys

15:41:54.0779 4016 mouclass - ok

15:41:54.0857 4016 [ 2C388D2CD01C9042596CF3C8F3C7B24D ] mouhid C:\windows\system32\DRIVERS\mouhid.sys

15:41:54.0873 4016 mouhid - ok

15:41:54.0920 4016 [ FC8771F45ECCCFD89684E38842539B9B ] mountmgr C:\windows\system32\drivers\mountmgr.sys

15:41:54.0935 4016 mountmgr - ok

15:41:55.0029 4016 [ 8C7336950F1E69CDFD811CBBD9CF00A2 ] MozillaMaintenance C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe

15:41:55.0044 4016 MozillaMaintenance - ok

15:41:55.0122 4016 [ 2D699FB6E89CE0D8DA14ECC03B3EDFE0 ] mpio C:\windows\system32\drivers\mpio.sys

15:41:55.0138 4016 mpio - ok

15:41:55.0169 4016 [ AD2723A7B53DD1AACAE6AD8C0BFBF4D0 ] mpsdrv C:\windows\system32\drivers\mpsdrv.sys

15:41:55.0200 4016 mpsdrv - ok

15:41:55.0294 4016 [ 9835584E999D25004E1EE8E5F3E3B881 ] MpsSvc C:\windows\system32\mpssvc.dll

15:41:55.0325 4016 MpsSvc - ok

15:41:55.0388 4016 [ CEB46AB7C01C9F825F8CC6BABC18166A ] MRxDAV C:\windows\system32\drivers\mrxdav.sys

15:41:55.0419 4016 MRxDAV - ok

15:41:55.0466 4016 [ 5D16C921E3671636C0EBA3BBAAC5FD25 ] mrxsmb C:\windows\system32\DRIVERS\mrxsmb.sys

15:41:55.0481 4016 mrxsmb - ok

15:41:55.0512 4016 [ 6D17A4791ACA19328C685D256349FEFC ] mrxsmb10 C:\windows\system32\DRIVERS\mrxsmb10.sys

15:41:55.0528 4016 mrxsmb10 - ok

15:41:55.0590 4016 [ B81F204D146000BE76651A50670A5E9E ] mrxsmb20 C:\windows\system32\DRIVERS\mrxsmb20.sys

15:41:55.0606 4016 mrxsmb20 - ok

15:41:55.0637 4016 [ 012C5F4E9349E711E11E0F19A8589F0A ] msahci C:\windows\system32\drivers\msahci.sys

15:41:55.0653 4016 msahci - ok

15:41:55.0700 4016 [ 55055F8AD8BE27A64C831322A780A228 ] msdsm C:\windows\system32\drivers\msdsm.sys

15:41:55.0715 4016 msdsm - ok

15:41:55.0746 4016 [ E1BCE74A3BD9902B72599C0192A07E27 ] MSDTC C:\windows\System32\msdtc.exe

15:41:55.0762 4016 MSDTC - ok

15:41:55.0824 4016 [ DAEFB28E3AF5A76ABCC2C3078C07327F ] Msfs C:\windows\system32\drivers\Msfs.sys

15:41:55.0856 4016 Msfs - ok

15:41:55.0871 4016 [ 3E1E5767043C5AF9367F0056295E9F84 ] mshidkmdf C:\windows\System32\drivers\mshidkmdf.sys

15:41:55.0934 4016 mshidkmdf - ok

15:41:55.0980 4016 [ 0A4E5757AE09FA9622E3158CC1AEF114 ] msisadrv C:\windows\system32\drivers\msisadrv.sys

15:41:55.0996 4016 msisadrv - ok

15:41:56.0027 4016 [ 90F7D9E6B6F27E1A707D4A297F077828 ] MSiSCSI C:\windows\system32\iscsiexe.dll

15:41:56.0058 4016 MSiSCSI - ok

15:41:56.0074 4016 msiserver - ok

15:41:56.0121 4016 [ 8C0860D6366AAFFB6C5BB9DF9448E631 ] MSKSSRV C:\windows\system32\drivers\MSKSSRV.sys

15:41:56.0168 4016 MSKSSRV - ok

15:41:56.0183 4016 [ 3EA8B949F963562CEDBB549EAC0C11CE ] MSPCLOCK C:\windows\system32\drivers\MSPCLOCK.sys

15:41:56.0214 4016 MSPCLOCK - ok

15:41:56.0230 4016 [ F456E973590D663B1073E9C463B40932 ] MSPQM C:\windows\system32\drivers\MSPQM.sys

15:41:56.0261 4016 MSPQM - ok

15:41:56.0292 4016 [ 0E008FC4819D238C51D7C93E7B41E560 ] MsRPC C:\windows\system32\drivers\MsRPC.sys

15:41:56.0308 4016 MsRPC - ok

15:41:56.0386 4016 [ FC6B9FF600CC585EA38B12589BD4E246 ] mssmbios C:\windows\system32\drivers\mssmbios.sys

15:41:56.0402 4016 mssmbios - ok

15:41:56.0464 4016 [ B42C6B921F61A6E55159B8BE6CD54A36 ] MSTEE C:\windows\system32\drivers\MSTEE.sys

15:41:56.0511 4016 MSTEE - ok

15:41:56.0542 4016 [ 33599130F44E1F34631CEA241DE8AC84 ] MTConfig C:\windows\system32\DRIVERS\MTConfig.sys

15:41:56.0573 4016 MTConfig - ok

15:41:56.0604 4016 [ 159FAD02F64E6381758C990F753BCC80 ] Mup C:\windows\system32\Drivers\mup.sys

15:41:56.0620 4016 Mup - ok

15:41:56.0698 4016 [ 61D57A5D7C6D9AFE10E77DAE6E1B445E ] napagent C:\windows\system32\qagentRT.dll

15:41:56.0745 4016 napagent - ok

15:41:56.0807 4016 [ 26384429FCD85D83746F63E798AB1480 ] NativeWifiP C:\windows\system32\DRIVERS\nwifi.sys

15:41:56.0838 4016 NativeWifiP - ok

15:41:56.0916 4016 [ 8C9C922D71F1CD4DEF73F186416B7896 ] NDIS C:\windows\system32\drivers\ndis.sys

15:41:56.0948 4016 NDIS - ok

15:41:56.0994 4016 [ 0E1787AA6C9191D3D319E8BAFE86F80C ] NdisCap C:\windows\system32\DRIVERS\ndiscap.sys

15:41:57.0041 4016 NdisCap - ok

15:41:57.0088 4016 [ E4A8AEC125A2E43A9E32AFEEA7C9C888 ] NdisTapi C:\windows\system32\DRIVERS\ndistapi.sys

15:41:57.0135 4016 NdisTapi - ok

15:41:57.0182 4016 [ D8A65DAFB3EB41CBB622745676FCD072 ] Ndisuio C:\windows\system32\DRIVERS\ndisuio.sys

15:41:57.0213 4016 Ndisuio - ok

15:41:57.0291 4016 [ 38FBE267E7E6983311179230FACB1017 ] NdisWan C:\windows\system32\DRIVERS\ndiswan.sys

15:41:57.0322 4016 NdisWan - ok

15:41:57.0384 4016 [ A4BDC541E69674FBFF1A8FF00BE913F2 ] NDProxy C:\windows\system32\drivers\NDProxy.sys

15:41:57.0416 4016 NDProxy - ok

15:41:57.0556 4016 [ C7F5C284B6F46FCAF6910EA4E644700B ] Nero BackItUp Scheduler 4.0 C:\Program Files\Common Files\Nero\Nero BackItUp 4\NBService.exe

15:41:57.0587 4016 Nero BackItUp Scheduler 4.0 - ok

15:41:57.0665 4016 [ 510C138564486FF926A3F773205C63D1 ] Net Driver HPZ12 C:\windows\system32\HPZinw12.dll

15:41:57.0681 4016 Net Driver HPZ12 ( UnsignedFile.Multi.Generic ) - warning

15:41:57.0681 4016 Net Driver HPZ12 - detected UnsignedFile.Multi.Generic (1)

15:41:57.0712 4016 [ 80B275B1CE3B0E79909DB7B39AF74D51 ] NetBIOS C:\windows\system32\DRIVERS\netbios.sys

15:41:57.0759 4016 NetBIOS - ok

15:41:57.0821 4016 [ 280122DDCF04B378EDD1AD54D71C1E54 ] NetBT C:\windows\system32\DRIVERS\netbt.sys

15:41:57.0868 4016 NetBT - ok

15:41:57.0884 4016 [ 81951F51E318AECC2D68559E47485CC4 ] Netlogon C:\windows\system32\lsass.exe

15:41:57.0899 4016 Netlogon - ok

15:41:57.0962 4016 [ 7CCCFCA7510684768DA22092D1FA4DB2 ] Netman C:\windows\System32\netman.dll

15:41:58.0008 4016 Netman - ok

15:41:58.0024 4016 [ 8C338238C16777A802D6A9211EB2BA50 ] netprofm C:\windows\System32\netprofm.dll

15:41:58.0071 4016 netprofm - ok

15:41:58.0133 4016 [ F476EC40033CDB91EFBE73EB99B8362D ] NetTcpPortSharing C:\windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe

15:41:58.0149 4016 NetTcpPortSharing - ok

15:41:58.0196 4016 [ 1D85C4B390B0EE09C7A46B91EFB2C097 ] nfrd960 C:\windows\system32\DRIVERS\nfrd960.sys

15:41:58.0211 4016 nfrd960 - ok

15:41:58.0274 4016 [ 374071043F9E4231EE43BE2BB48DD36D ] NlaSvc C:\windows\System32\nlasvc.dll

15:41:58.0289 4016 NlaSvc - ok

15:41:58.0320 4016 [ 1DB262A9F8C087E8153D89BEF3D2235F ] Npfs C:\windows\system32\drivers\Npfs.sys

15:41:58.0367 4016 Npfs - ok

15:41:58.0414 4016 [ BA387E955E890C8A88306D9B8D06BF17 ] nsi C:\windows\system32\nsisvc.dll

15:41:58.0461 4016 nsi - ok

15:41:58.0476 4016 [ E9A0A4D07E53D8FEA2BB8387A3293C58 ] nsiproxy C:\windows\system32\drivers\nsiproxy.sys

15:41:58.0523 4016 nsiproxy - ok

15:41:58.0601 4016 [ 0D87503986BB3DFED58E343FE39DDE13 ] Ntfs C:\windows\system32\drivers\Ntfs.sys

15:41:58.0648 4016 Ntfs - ok

15:41:58.0710 4016 [ F9756A98D69098DCA8945D62858A812C ] Null C:\windows\system32\drivers\Null.sys

15:41:58.0773 4016 Null - ok

15:41:58.0788 4016 [ B3E25EE28883877076E0E1FF877D02E0 ] nvraid C:\windows\system32\drivers\nvraid.sys

15:41:58.0804 4016 nvraid - ok

15:41:58.0866 4016 [ 4380E59A170D88C4F1022EFF6719A8A4 ] nvstor C:\windows\system32\drivers\nvstor.sys

15:41:58.0882 4016 nvstor - ok

15:41:58.0913 4016 [ 5A0983915F02BAE73267CC2A041F717D ] nv_agp C:\windows\system32\drivers\nv_agp.sys

15:41:58.0929 4016 nv_agp - ok

15:41:59.0085 4016 [ 785F487A64950F3CB8E9F16253BA3B7B ] odserv C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE

15:41:59.0116 4016 odserv - ok

15:41:59.0163 4016 [ 08A70A1F2CDDE9BB49B885CB817A66EB ] ohci1394 C:\windows\system32\drivers\ohci1394.sys

15:41:59.0178 4016 ohci1394 - ok

15:41:59.0256 4016 [ 5A432A042DAE460ABE7199B758E8606C ] ose C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE

15:41:59.0272 4016 ose - ok

15:41:59.0319 4016 [ 82A8521DDC60710C3D3D3E7325209BEC ] p2pimsvc C:\windows\system32\pnrpsvc.dll

15:41:59.0350 4016 p2pimsvc - ok

15:41:59.0412 4016 [ 59C3DDD501E39E006DAC31BF55150D91 ] p2psvc C:\windows\system32\p2psvc.dll

15:41:59.0428 4016 p2psvc - ok

15:41:59.0475 4016 [ 2EA877ED5DD9713C5AC74E8EA7348D14 ] Parport C:\windows\system32\DRIVERS\parport.sys

15:41:59.0490 4016 Parport - ok

15:41:59.0553 4016 [ 3F34A1B4C5F6475F320C275E63AFCE9B ] partmgr C:\windows\system32\drivers\partmgr.sys

15:41:59.0568 4016 partmgr - ok

15:41:59.0615 4016 [ EB0A59F29C19B86479D36B35983DAADC ] Parvdm C:\windows\system32\DRIVERS\parvdm.sys

15:41:59.0646 4016 Parvdm - ok

15:41:59.0693 4016 [ 358AB7956D3160000726574083DFC8A6 ] PcaSvc C:\windows\System32\pcasvc.dll

15:41:59.0724 4016 PcaSvc - ok

15:41:59.0787 4016 [ 673E55C3498EB970088E812EA820AA8F ] pci C:\windows\system32\drivers\pci.sys

15:41:59.0802 4016 pci - ok

15:41:59.0849 4016 [ AFE86F419014DB4E5593F69FFE26CE0A ] pciide C:\windows\system32\drivers\pciide.sys

15:41:59.0865 4016 pciide - ok

15:41:59.0912 4016 [ F396431B31693E71E8A80687EF523506 ] pcmcia C:\windows\system32\DRIVERS\pcmcia.sys

15:41:59.0927 4016 pcmcia - ok

15:41:59.0943 4016 [ 250F6B43D2B613172035C6747AEEB19F ] pcw C:\windows\system32\drivers\pcw.sys

15:41:59.0974 4016 pcw - ok

15:42:00.0021 4016 [ 9E0104BA49F4E6973749A02BF41344ED ] PEAUTH C:\windows\system32\drivers\peauth.sys

15:42:00.0099 4016 PEAUTH - ok

15:42:00.0286 4016 [ 414BBA67A3DED1D28437EB66AEB8A720 ] pla C:\windows\system32\pla.dll

15:42:00.0380 4016 pla - ok

15:42:00.0442 4016 [ EC7BC28D207DA09E79B3E9FAF8B232CA ] PlugPlay C:\windows\system32\umpnpmgr.dll

15:42:00.0473 4016 PlugPlay - ok

15:42:00.0551 4016 [ 37E5E8FFBAD35605DAEEC3224EA0E465 ] Pml Driver HPZ12 C:\windows\system32\HPZipm12.dll

15:42:00.0567 4016 Pml Driver HPZ12 ( UnsignedFile.Multi.Generic ) - warning

15:42:00.0567 4016 Pml Driver HPZ12 - detected UnsignedFile.Multi.Generic (1)

15:42:00.0598 4016 [ 63FF8572611249931EB16BB8EED6AFC8 ] PNRPAutoReg C:\windows\system32\pnrpauto.dll

15:42:00.0614 4016 PNRPAutoReg - ok

15:42:00.0676 4016 [ 82A8521DDC60710C3D3D3E7325209BEC ] PNRPsvc C:\windows\system32\pnrpsvc.dll

15:42:00.0692 4016 PNRPsvc - ok

15:42:00.0785 4016 [ 53946B69BA0836BD95B03759530C81EC ] PolicyAgent C:\windows\System32\ipsecsvc.dll

15:42:00.0832 4016 PolicyAgent - ok

15:42:00.0894 4016 [ F87D30E72E03D579A5199CCB3831D6EA ] Power C:\windows\system32\umpo.dll

15:42:00.0941 4016 Power - ok

15:42:00.0972 4016 [ 631E3E205AD6D86F2AED6A4A8E69F2DB ] PptpMiniport C:\windows\system32\DRIVERS\raspptp.sys

15:42:01.0019 4016 PptpMiniport - ok

15:42:01.0066 4016 [ 85B1E3A0C7585BC4AAE6899EC6FCF011 ] Processor C:\windows\system32\DRIVERS\processr.sys

15:42:01.0082 4016 Processor - ok

15:42:01.0144 4016 [ CADEFAC453040E370A1BDFF3973BE00D ] ProfSvc C:\windows\system32\profsvc.dll

15:42:01.0175 4016 ProfSvc - ok

15:42:01.0191 4016 [ 81951F51E318AECC2D68559E47485CC4 ] ProtectedStorage C:\windows\system32\lsass.exe

15:42:01.0222 4016 ProtectedStorage - ok

15:42:01.0269 4016 [ 6270CCAE2A86DE6D146529FE55B3246A ] Psched C:\windows\system32\DRIVERS\pacer.sys

15:42:01.0331 4016 Psched - ok

15:42:01.0409 4016 [ AB95ECF1F6659A60DDC166D8315B0751 ] ql2300 C:\windows\system32\DRIVERS\ql2300.sys

15:42:01.0440 4016 ql2300 - ok

15:42:01.0472 4016 [ B4DD51DD25182244B86737DC51AF2270 ] ql40xx C:\windows\system32\DRIVERS\ql40xx.sys

15:42:01.0487 4016 ql40xx - ok

15:42:01.0518 4016 [ 31AC809E7707EB580B2BDB760390765A ] QWAVE C:\windows\system32\qwave.dll

15:42:01.0550 4016 QWAVE - ok

15:42:01.0565 4016 [ 584078CA1B95CA72DF2A27C336F9719D ] QWAVEdrv C:\windows\system32\drivers\qwavedrv.sys

15:42:01.0596 4016 QWAVEdrv - ok

15:42:01.0659 4016 [ 8F97D374AD1857E1EED85A79F29A1D3D ] RapiMgr C:\windows\WindowsMobile\rapimgr.dll

15:42:01.0674 4016 RapiMgr - ok

15:42:01.0706 4016 [ 30A81B53C766D0133BB86D234E5556AB ] RasAcd C:\windows\system32\DRIVERS\rasacd.sys

15:42:01.0737 4016 RasAcd - ok

15:42:01.0784 4016 [ 57EC4AEF73660166074D8F7F31C0D4FD ] RasAgileVpn C:\windows\system32\DRIVERS\AgileVpn.sys

15:42:01.0815 4016 RasAgileVpn - ok

15:42:01.0846 4016 [ A60F1839849C0C00739787FD5EC03F13 ] RasAuto C:\windows\System32\rasauto.dll

15:42:01.0877 4016 RasAuto - ok

15:42:01.0924 4016 [ D9F91EAFEC2815365CBE6D167E4E332A ] Rasl2tp C:\windows\system32\DRIVERS\rasl2tp.sys

15:42:01.0955 4016 Rasl2tp - ok

15:42:02.0033 4016 [ CB9E04DC05EACF5B9A36CA276D475006 ] RasMan C:\windows\System32\rasmans.dll

15:42:02.0064 4016 RasMan - ok

15:42:02.0111 4016 [ 0FE8B15916307A6AC12BFB6A63E45507 ] RasPppoe C:\windows\system32\DRIVERS\raspppoe.sys

15:42:02.0142 4016 RasPppoe - ok

15:42:02.0174 4016 [ 44101F495A83EA6401D886E7FD70096B ] RasSstp C:\windows\system32\DRIVERS\rassstp.sys

15:42:02.0205 4016 RasSstp - ok

15:42:02.0267 4016 [ D528BC58A489409BA40334EBF96A311B ] rdbss C:\windows\system32\DRIVERS\rdbss.sys

15:42:02.0314 4016 rdbss - ok

15:42:02.0361 4016 [ 0D8F05481CB76E70E1DA06EE9F0DA9DF ] rdpbus C:\windows\system32\DRIVERS\rdpbus.sys

15:42:02.0392 4016 rdpbus - ok

15:42:02.0439 4016 [ 23DAE03F29D253AE74C44F99E515F9A1 ] RDPCDD C:\windows\system32\DRIVERS\RDPCDD.sys

15:42:02.0470 4016 RDPCDD - ok

15:42:02.0517 4016 [ 5A53CA1598DD4156D44196D200C94B8A ] RDPENCDD C:\windows\system32\drivers\rdpencdd.sys

15:42:02.0626 4016 RDPENCDD - ok

15:42:02.0657 4016 [ 44B0A53CD4F27D50ED461DAE0C0B4E1F ] RDPREFMP C:\windows\system32\drivers\rdprefmp.sys

15:42:02.0720 4016 RDPREFMP - ok

15:42:02.0766 4016 [ F031683E6D1FEA157ABB2FF260B51E61 ] RDPWD C:\windows\system32\drivers\RDPWD.sys

15:42:02.0829 4016 RDPWD - ok

15:42:02.0876 4016 [ 518395321DC96FE2C9F0E96AC743B656 ] rdyboost C:\windows\system32\drivers\rdyboost.sys

15:42:02.0891 4016 rdyboost - ok

15:42:02.0922 4016 [ 7B5E1419717FAC363A31CC302895217A ] RemoteAccess C:\windows\System32\mprdim.dll

15:42:02.0985 4016 RemoteAccess - ok

15:42:03.0000 4016 [ CB9A8683F4EF2BF99E123D79950D7935 ] RemoteRegistry C:\windows\system32\regsvc.dll

15:42:03.0063 4016 RemoteRegistry - ok

15:42:03.0110 4016 [ 78D072F35BC45D9E4E1B61895C152234 ] RpcEptMapper C:\windows\System32\RpcEpMap.dll

15:42:03.0156 4016 RpcEptMapper - ok

15:42:03.0172 4016 [ 94D36C0E44677DD26981D2BFEEF2A29D ] RpcLocator C:\windows\system32\locator.exe

15:42:03.0203 4016 RpcLocator - ok

15:42:03.0234 4016 [ 7660F01D3B38ACA1747E397D21D790AF ] RpcSs C:\windows\system32\rpcss.dll

15:42:03.0281 4016 RpcSs - ok

15:42:03.0344 4016 [ 032B0D36AD92B582D869879F5AF5B928 ] rspndr C:\windows\system32\DRIVERS\rspndr.sys

15:42:03.0375 4016 rspndr - ok

15:42:03.0406 4016 RSUSBSTOR - ok

15:42:03.0484 4016 [ 80B66A4181F782884A815E69D0AFA743 ] RTL8167 C:\windows\system32\DRIVERS\Rt86win7.sys

15:42:03.0500 4016 RTL8167 - ok

15:42:03.0546 4016 [ 8E7D6DBBA555C5D5A02DECC79FE9C638 ] RTL8187B C:\windows\system32\DRIVERS\RTL8187B.sys

15:42:03.0562 4016 RTL8187B - ok

15:42:03.0578 4016 RtsUIR - ok

15:42:03.0593 4016 [ 81951F51E318AECC2D68559E47485CC4 ] SamSs C:\windows\system32\lsass.exe

15:42:03.0624 4016 SamSs - ok

15:42:03.0671 4016 [ 05D860DA1040F111503AC416CCEF2BCA ] sbp2port C:\windows\system32\drivers\sbp2port.sys

15:42:03.0687 4016 sbp2port - ok

15:42:03.0718 4016 [ 8FC518FFE9519C2631D37515A68009C4 ] SCardSvr C:\windows\System32\SCardSvr.dll

15:42:03.0765 4016 SCardSvr - ok

15:42:03.0796 4016 [ 0693B5EC673E34DC147E195779A4DCF6 ] scfilter C:\windows\system32\DRIVERS\scfilter.sys

15:42:03.0827 4016 scfilter - ok

15:42:03.0905 4016 [ A04BB13F8A72F8B6E8B4071723E4E336 ] Schedule C:\windows\system32\schedsvc.dll

15:42:03.0952 4016 Schedule - ok

15:42:04.0014 4016 [ 319C6B309773D063541D01DF8AC6F55F ] SCPolicySvc C:\windows\System32\certprop.dll

15:42:04.0078 4016 SCPolicySvc - ok

15:42:04.0125 4016 [ 08236C4BCE5EDD0A0318A438AF28E0F7 ] SDRSVC C:\windows\System32\SDRSVC.dll

15:42:04.0156 4016 SDRSVC - ok

15:42:04.0187 4016 [ 90A3935D05B494A5A39D37E71F09A677 ] secdrv C:\windows\system32\drivers\secdrv.sys

15:42:04.0218 4016 secdrv - ok

15:42:04.0249 4016 [ A59B3A4442C52060CC7A85293AA3546F ] seclogon C:\windows\system32\seclogon.dll

15:42:04.0296 4016 seclogon - ok

15:42:04.0343 4016 [ DCB7FCDCC97F87360F75D77425B81737 ] SENS C:\windows\system32\sens.dll

15:42:04.0374 4016 SENS - ok

15:42:04.0405 4016 [ 50087FE1EE447009C9CC2997B90DE53F ] SensrSvc C:\windows\system32\sensrsvc.dll

15:42:04.0421 4016 SensrSvc - ok

15:42:04.0468 4016 [ 9AD8B8B515E3DF6ACD4212EF465DE2D1 ] Serenum C:\windows\system32\DRIVERS\serenum.sys

15:42:04.0483 4016 Serenum - ok

15:42:04.0515 4016 [ 5FB7FCEA0490D821F26F39CC5EA3D1E2 ] Serial C:\windows\system32\DRIVERS\serial.sys

15:42:04.0530 4016 Serial - ok

15:42:04.0593 4016 [ 79BFFB520327FF916A582DFEA17AA813 ] sermouse C:\windows\system32\DRIVERS\sermouse.sys

15:42:04.0608 4016 sermouse - ok

15:42:04.0671 4016 [ 4AE380F39A0032EAB7DD953030B26D28 ] SessionEnv C:\windows\system32\sessenv.dll

15:42:04.0717 4016 SessionEnv - ok

15:42:04.0764 4016 [ 9F976E1EB233DF46FCE808D9DEA3EB9C ] sffdisk C:\windows\system32\drivers\sffdisk.sys

15:42:04.0780 4016 sffdisk - ok

15:42:04.0811 4016 [ 932A68EE27833CFD57C1639D375F2731 ] sffp_mmc C:\windows\system32\drivers\sffp_mmc.sys

15:42:04.0842 4016 sffp_mmc - ok

15:42:04.0858 4016 [ 6D4CCAEDC018F1CF52866BBBAA235982 ] sffp_sd C:\windows\system32\drivers\sffp_sd.sys

15:42:04.0873 4016 sffp_sd - ok

15:42:04.0920 4016 [ DB96666CC8312EBC45032F30B007A547 ] sfloppy C:\windows\system32\DRIVERS\sfloppy.sys

15:42:04.0936 4016 sfloppy - ok

15:42:04.0998 4016 [ D1A079A0DE2EA524513B6930C24527A2 ] SharedAccess C:\windows\System32\ipnathlp.dll

15:42:05.0046 4016 SharedAccess - ok

15:42:05.0077 4016 [ 414DA952A35BF5D50192E28263B40577 ] ShellHWDetection C:\windows\System32\shsvcs.dll

15:42:05.0124 4016 ShellHWDetection - ok

15:42:05.0171 4016 [ 2565CAC0DC9FE0371BDCE60832582B2E ] sisagp C:\windows\system32\drivers\sisagp.sys

15:42:05.0186 4016 sisagp - ok

15:42:05.0233 4016 [ A9F0486851BECB6DDA1D89D381E71055 ] SiSRaid2 C:\windows\system32\DRIVERS\SiSRaid2.sys

15:42:05.0249 4016 SiSRaid2 - ok

15:42:05.0280 4016 [ 3727097B55738E2F554972C3BE5BC1AA ] SiSRaid4 C:\windows\system32\DRIVERS\sisraid4.sys

15:42:05.0296 4016 SiSRaid4 - ok

15:42:05.0342 4016 [ 3E21C083B8A01CB70BA1F09303010FCE ] Smb C:\windows\system32\DRIVERS\smb.sys

15:42:05.0374 4016 Smb - ok

15:42:05.0452 4016 [ 6A984831644ECA1A33FFEAE4126F4F37 ] SNMPTRAP C:\windows\System32\snmptrap.exe

15:42:05.0483 4016 SNMPTRAP - ok

15:42:05.0498 4016 [ 95CF1AE7527FB70F7816563CBC09D942 ] spldr C:\windows\system32\drivers\spldr.sys

15:42:05.0514 4016 spldr - ok

15:42:05.0576 4016 [ 9AEA093B8F9C37CF45538382CABA2475 ] Spooler C:\windows\System32\spoolsv.exe

15:42:05.0608 4016 Spooler - ok

15:42:05.0717 4016 [ CF87A1DE791347E75B98885214CED2B8 ] sppsvc C:\windows\system32\sppsvc.exe

15:42:05.0795 4016 sppsvc - ok

15:42:05.0888 4016 [ B0180B20B065D89232A78A40FE56EAA6 ] sppuinotify C:\windows\system32\sppuinotify.dll

15:42:05.0920 4016 sppuinotify - ok

15:42:05.0982 4016 [ E4C2764065D66EA1D2D3EBC28FE99C46 ] srv C:\windows\system32\DRIVERS\srv.sys

15:42:06.0029 4016 srv - ok

15:42:06.0060 4016 [ 03F0545BD8D4C77FA0AE1CEEDFCC71AB ] srv2 C:\windows\system32\DRIVERS\srv2.sys

15:42:06.0076 4016 srv2 - ok

15:42:06.0122 4016 [ E00FDFAFF025E94F9821153750C35A6D ] SrvHsfHDA C:\windows\system32\DRIVERS\VSTAZL3.SYS

15:42:06.0154 4016 SrvHsfHDA - ok

15:42:06.0216 4016 [ CEB4E3B6890E1E42DCA6694D9E59E1A0 ] SrvHsfV92 C:\windows\system32\DRIVERS\VSTDPV3.SYS

15:42:06.0247 4016 SrvHsfV92 - ok

15:42:06.0278 4016 [ BC0C7EA89194C299F051C24119000E17 ] SrvHsfWinac C:\windows\system32\DRIVERS\VSTCNXT3.SYS

15:42:06.0310 4016 SrvHsfWinac - ok

15:42:06.0356 4016 [ BE6BD660CAA6F291AE06A718A4FA8ABC ] srvnet C:\windows\system32\DRIVERS\srvnet.sys

15:42:06.0372 4016 srvnet - ok

15:42:06.0403 4016 [ D887C9FD02AC9FA880F6E5027A43E118 ] SSDPSRV C:\windows\System32\ssdpsrv.dll

15:42:06.0450 4016 SSDPSRV - ok

15:42:06.0481 4016 [ D318F23BE45D5E3A107469EB64815B50 ] SstpSvc C:\windows\system32\sstpsvc.dll

15:42:06.0512 4016 SstpSvc - ok

15:42:06.0559 4016 [ DB32D325C192B801DF274BFD12A7E72B ] stexstor C:\windows\system32\DRIVERS\stexstor.sys

15:42:06.0575 4016 stexstor - ok

15:42:06.0637 4016 [ EDB05BD63148796F23EA78506404A538 ] StillCam C:\windows\system32\DRIVERS\serscan.sys

15:42:06.0653 4016 StillCam - ok

15:42:06.0715 4016 [ E1FB3706030FB4578A0D72C2FC3689E4 ] StiSvc C:\windows\System32\wiaservc.dll

15:42:06.0778 4016 StiSvc - ok

15:42:06.0824 4016 [ E58C78A848ADD9610A4DB6D214AF5224 ] swenum C:\windows\system32\drivers\swenum.sys

15:42:06.0840 4016 swenum - ok

15:42:06.0887 4016 [ A28BD92DF340E57B024BA433165D34D7 ] swprv C:\windows\System32\swprv.dll

15:42:06.0965 4016 swprv - ok

15:42:07.0012 4016 [ 8BD10DC8809DC69A1C5A795CB10ADD76 ] SynTP C:\windows\system32\DRIVERS\SynTP.sys

15:42:07.0027 4016 SynTP - ok

15:42:07.0090 4016 [ 36650D618CA34C9D357DFD3D89B2C56F ] SysMain C:\windows\system32\sysmain.dll

15:42:07.0136 4016 SysMain - ok

15:42:07.0199 4016 [ 763FECDC3D30C815FE72DD57936C6CD1 ] TabletInputService C:\windows\System32\TabSvc.dll

15:42:07.0230 4016 TabletInputService - ok

15:42:07.0277 4016 [ 613BF4820361543956909043A265C6AC ] TapiSrv C:\windows\System32\tapisrv.dll

15:42:07.0324 4016 TapiSrv - ok

15:42:07.0355 4016 [ B799D9FDB26111737F58288D8DC172D9 ] TBS C:\windows\System32\tbssvc.dll

15:42:07.0417 4016 TBS - ok

15:42:07.0511 4016 [ E23A56F843E2AEBBB209D0ACCA73C640 ] Tcpip C:\windows\system32\drivers\tcpip.sys

15:42:07.0558 4016 Tcpip - ok

15:42:07.0636 4016 [ E23A56F843E2AEBBB209D0ACCA73C640 ] TCPIP6 C:\windows\system32\DRIVERS\tcpip.sys

15:42:07.0682 4016 TCPIP6 - ok

15:42:07.0760 4016 [ 3EEBD3BD93DA46A26E89893C7AB2FF3B ] tcpipreg C:\windows\system32\drivers\tcpipreg.sys

15:42:07.0776 4016 tcpipreg - ok

15:42:07.0838 4016 [ 4084EA00D50C858D6F9038F86AE2E2D0 ] tdcmdpst C:\windows\system32\DRIVERS\tdcmdpst.sys

15:42:07.0854 4016 tdcmdpst - ok

15:42:07.0948 4016 [ 1CB91B2BD8F6DD367DFC2EF26FD751B2 ] TDPIPE C:\windows\system32\drivers\tdpipe.sys

15:42:07.0979 4016 TDPIPE - ok

15:42:08.0026 4016 [ 2C2C5AFE7EE4F620D69C23C0617651A8 ] TDTCP C:\windows\system32\drivers\tdtcp.sys

15:42:08.0041 4016 TDTCP - ok

15:42:08.0135 4016 [ B459575348C20E8121D6039DA063C704 ] tdx C:\windows\system32\DRIVERS\tdx.sys

15:42:08.0166 4016 tdx - ok

15:42:08.0275 4016 [ 04DBF4B01EA4BF25A9A3E84AFFAC9B20 ] TermDD C:\windows\system32\drivers\termdd.sys

15:42:08.0291 4016 TermDD - ok

15:42:08.0353 4016 [ 382C804C92811BE57829D8E550A900E2 ] TermService C:\windows\System32\termsrv.dll

15:42:08.0400 4016 TermService - ok

15:42:08.0525 4016 [ 42FB6AFD6B79D9FE07381609172E7CA4 ] Themes C:\windows\system32\themeservice.dll

15:42:08.0556 4016 Themes - ok

15:42:08.0587 4016 [ 146B6F43A673379A3C670E86D89BE5EA ] THREADORDER C:\windows\system32\mmcss.dll

15:42:08.0618 4016 THREADORDER - ok

15:42:08.0696 4016 [ 32577B987AE5401038451BB392CB8D89 ] TMachInfo C:\Program Files\TOSHIBA\TOSHIBA Service Station\TMachInfo.exe

15:42:08.0712 4016 TMachInfo - ok

15:42:08.0774 4016 [ FE65D33B7D4FF07DD1D29526A48DF810 ] TODDSrv C:\Windows\system32\TODDSrv.exe

15:42:08.0790 4016 TODDSrv - ok

15:42:08.0868 4016 [ 451B09BA1A0D019BA0B5A27229559D55 ] TosCoSrv C:\Program Files\TOSHIBA\Power Saver\TosCoSrv.exe

15:42:08.0884 4016 TosCoSrv - ok

15:42:08.0962 4016 [ 67C1DA40D78C92622081A3E780C926B2 ] TOSHIBA HDD SSD Alert Service C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSmartSrv.exe

15:42:08.0977 4016 TOSHIBA HDD SSD Alert Service - ok

15:42:09.0024 4016 [ 969377943FE7284609BABBAB4E06B93C ] tos_sps32 C:\windows\system32\DRIVERS\tos_sps32.sys

15:42:09.0040 4016 tos_sps32 - ok

15:42:09.0086 4016 [ 4792C0378DB99A9BC2AE2DE6CFFF0C3A ] TrkWks C:\windows\System32\trkwks.dll

15:42:09.0118 4016 TrkWks - ok

15:42:09.0242 4016 [ 2C49B175AEE1D4364B91B531417FE583 ] TrustedInstaller C:\windows\servicing\TrustedInstaller.exe

15:42:09.0305 4016 TrustedInstaller - ok

15:42:09.0352 4016 [ 254BB140EEE3C59D6114C1A86B636877 ] tssecsrv C:\windows\system32\DRIVERS\tssecsrv.sys

15:42:09.0383 4016 tssecsrv - ok

15:42:09.0461 4016 [ FD1D6C73E6333BE727CBCC6054247654 ] TsUsbFlt C:\windows\system32\drivers\tsusbflt.sys

15:42:09.0476 4016 TsUsbFlt - ok

15:42:09.0554 4016 [ B2FA25D9B17A68BB93D58B0556E8C90D ] tunnel C:\windows\system32\DRIVERS\tunnel.sys

15:42:09.0586 4016 tunnel - ok

15:42:09.0632 4016 [ FC24015B4052600C324C43E3A79C0664 ] TVALZ C:\windows\system32\DRIVERS\TVALZ_O.SYS

15:42:09.0648 4016 TVALZ - ok

15:42:09.0679 4016 [ 750FBCB269F4D7DD2E420C56B795DB6D ] uagp35 C:\windows\system32\DRIVERS\uagp35.sys

15:42:09.0695 4016 uagp35 - ok

15:42:09.0726 4016 [ EE43346C7E4B5E63E54F927BABBB32FF ] udfs C:\windows\system32\DRIVERS\udfs.sys

15:42:09.0773 4016 udfs - ok

15:42:09.0820 4016 [ 8344FD4FCE927880AA1AA7681D4927E5 ] UI0Detect C:\windows\system32\UI0Detect.exe

15:42:09.0835 4016 UI0Detect - ok

15:42:09.0898 4016 [ 44E8048ACE47BEFBFDC2E9BE4CBC8880 ] uliagpkx C:\windows\system32\drivers\uliagpkx.sys

15:42:09.0913 4016 uliagpkx - ok

15:42:09.0944 4016 [ D295BED4B898F0FD999FCFA9B32B071B ] umbus C:\windows\system32\drivers\umbus.sys

15:42:09.0960 4016 umbus - ok

15:42:10.0007 4016 [ 7550AD0C6998BA1CB4843E920EE0FEAC ] UmPass C:\windows\system32\DRIVERS\umpass.sys

15:42:10.0022 4016 UmPass - ok

15:42:10.0054 4016 [ 833FBB672460EFCE8011D262175FAD33 ] upnphost C:\windows\System32\upnphost.dll

15:42:10.0100 4016 upnphost - ok

15:42:10.0147 4016 [ D4FB6ECC60A428564BA8768B0E23C0FC ] USBAAPL C:\windows\system32\Drivers\usbaapl.sys

15:42:10.0163 4016 USBAAPL ( UnsignedFile.Multi.Generic ) - warning

15:42:10.0163 4016 USBAAPL - detected UnsignedFile.Multi.Generic (1)

15:42:10.0210 4016 [ 5353218B3265E3B8190335059F697A11 ] usbbus C:\windows\system32\DRIVERS\lgusbbus.sys

15:42:10.0225 4016 usbbus - ok

15:42:10.0288 4016 [ BD9C55D7023C5DE374507ACC7A14E2AC ] usbccgp C:\windows\system32\DRIVERS\usbccgp.sys

15:42:10.0303 4016 usbccgp - ok

15:42:10.0319 4016 USBCCID - ok

15:42:10.0350 4016 [ 04EC7CEC62EC3B6D9354EEE93327FC82 ] usbcir C:\windows\system32\drivers\usbcir.sys

15:42:10.0366 4016 usbcir - ok

15:42:10.0428 4016 [ 7DD3EEFC62A1EF44E5F940FA651ED9ED ] UsbDiag C:\windows\system32\DRIVERS\lgusbdiag.sys

15:42:10.0444 4016 UsbDiag - ok

15:42:10.0475 4016 [ F92DE757E4B7CE9C07C5E65423F3AE3B ] usbehci C:\windows\system32\DRIVERS\usbehci.sys

15:42:10.0490 4016 usbehci - ok

15:42:10.0522 4016 [ 8DC94AEC6A7E644A06135AE7506DC2E9 ] usbhub C:\windows\system32\DRIVERS\usbhub.sys

15:42:10.0553 4016 usbhub - ok

15:42:10.0584 4016 [ 083031A78822ECCBD7510BCCD3E20D4C ] USBModem C:\windows\system32\DRIVERS\lgusbmodem.sys

15:42:10.0600 4016 USBModem - ok

15:42:10.0646 4016 [ E185D44FAC515A18D9DEDDC23C2CDF44 ] usbohci C:\windows\system32\DRIVERS\usbohci.sys

15:42:10.0662 4016 usbohci - ok

15:42:10.0724 4016 [ 797D862FE0875E75C7CC4C1AD7B30252 ] usbprint C:\windows\system32\DRIVERS\usbprint.sys

15:42:10.0740 4016 usbprint - ok

15:42:10.0787 4016 [ 576096CCBC07E7C4EA4F5E6686D6888F ] usbscan C:\windows\system32\DRIVERS\usbscan.sys

15:42:10.0802 4016 usbscan - ok

15:42:10.0880 4016 [ F991AB9CC6B908DB552166768176896A ] USBSTOR C:\windows\system32\drivers\USBSTOR.SYS

15:42:10.0896 4016 USBSTOR - ok

15:42:10.0943 4016 [ 68DF884CF41CDADA664BEB01DAF67E3D ] usbuhci C:\windows\system32\drivers\usbuhci.sys

15:42:10.0958 4016 usbuhci - ok

15:42:11.0005 4016 [ 45F4E7BF43DB40A6C6B4D92C76CBC3F2 ] usbvideo C:\windows\System32\Drivers\usbvideo.sys

15:42:11.0021 4016 usbvideo - ok

15:42:11.0083 4016 [ D82F43D15FDAA666856C0190CB73E7C9 ] usb_rndisx C:\windows\system32\drivers\usb8023x.sys

15:42:11.0099 4016 usb_rndisx - ok

15:42:11.0130 4016 [ 081E6E1C91AEC36758902A9F727CD23C ] UxSms C:\windows\System32\uxsms.dll

15:42:11.0177 4016 UxSms - ok

15:42:11.0208 4016 [ 81951F51E318AECC2D68559E47485CC4 ] VaultSvc C:\windows\system32\lsass.exe

15:42:11.0224 4016 VaultSvc - ok

15:42:11.0302 4016 [ A059C4C3EDB09E07D21A8E5C0AABD3CB ] vdrvroot C:\windows\system32\drivers\vdrvroot.sys

15:42:11.0317 4016 vdrvroot - ok

15:42:11.0395 4016 [ C3CD30495687C2A2F66A65CA6FD89BE9 ] vds C:\windows\System32\vds.exe

15:42:11.0442 4016 vds - ok

15:42:11.0489 4016 [ 17C408214EA61696CEC9C66E388B14F3 ] vga C:\windows\system32\DRIVERS\vgapnp.sys

15:42:11.0520 4016 vga - ok

15:42:11.0536 4016 [ 8E38096AD5C8570A6F1570A61E251561 ] VgaSave C:\windows\System32\drivers\vga.sys

15:42:11.0567 4016 VgaSave - ok

15:42:11.0629 4016 [ 5461686CCA2FDA57B024547733AB42E3 ] vhdmp C:\windows\system32\drivers\vhdmp.sys

15:42:11.0645 4016 vhdmp - ok

15:42:11.0676 4016 [ C829317A37B4BEA8F39735D4B076E923 ] viaagp C:\windows\system32\drivers\viaagp.sys

15:42:11.0692 4016 viaagp - ok

15:42:11.0754 4016 [ E02F079A6AA107F06B16549C6E5C7B74 ] ViaC7 C:\windows\system32\DRIVERS\viac7.sys

15:42:11.0770 4016 ViaC7 - ok

15:42:11.0832 4016 [ E43574F6A56A0EE11809B48C09E4FD3C ] viaide C:\windows\system32\drivers\viaide.sys

15:42:11.0848 4016 viaide - ok

15:42:11.0863 4016 [ 4C63E00F2F4B5F86AB48A58CD990F212 ] volmgr C:\windows\system32\drivers\volmgr.sys

15:42:11.0879 4016 volmgr - ok

15:42:11.0926 4016 [ B5BB72067DDDDBBFB04B2F89FF8C3C87 ] volmgrx C:\windows\system32\drivers\volmgrx.sys

15:42:11.0941 4016 volmgrx - ok

15:42:12.0004 4016 [ F497F67932C6FA693D7DE2780631CFE7 ] volsnap C:\windows\system32\drivers\volsnap.sys

15:42:12.0035 4016 volsnap - ok

15:42:12.0066 4016 [ 9DFA0CC2F8855A04816729651175B631 ] vsmraid C:\windows\system32\DRIVERS\vsmraid.sys

15:42:12.0082 4016 vsmraid - ok

15:42:12.0175 4016 [ 209A3B1901B83AEB8527ED211CCE9E4C ] VSS C:\windows\system32\vssvc.exe

15:42:12.0222 4016 VSS - ok

15:42:12.0269 4016 [ 90567B1E658001E79D7C8BBD3DDE5AA6 ] vwifibus C:\windows\system32\DRIVERS\vwifibus.sys

15:42:12.0284 4016 vwifibus - ok

15:42:12.0316 4016 [ 7090D3436EEB4E7DA3373090A23448F7 ] vwififlt C:\windows\system32\DRIVERS\vwififlt.sys

15:42:12.0347 4016 vwififlt - ok

15:42:12.0394 4016 [ A3F04CBEA6C2A10E6CB01F8B47611882 ] vwifimp C:\windows\system32\DRIVERS\vwifimp.sys

15:42:12.0409 4016 vwifimp - ok

15:42:12.0456 4016 [ 55187FD710E27D5095D10A472C8BAF1C ] W32Time C:\windows\system32\w32time.dll

15:42:12.0503 4016 W32Time - ok

15:42:12.0534 4016 [ DE3721E89C653AA281428C8A69745D90 ] WacomPen C:\windows\system32\DRIVERS\wacompen.sys

15:42:12.0550 4016 WacomPen - ok

15:42:12.0612 4016 [ 3C3C78515F5AB448B022BDF5B8FFDD2E ] WANARP C:\windows\system32\DRIVERS\wanarp.sys

15:42:12.0643 4016 WANARP - ok

15:42:12.0659 4016 [ 3C3C78515F5AB448B022BDF5B8FFDD2E ] Wanarpv6 C:\windows\system32\DRIVERS\wanarp.sys

15:42:12.0690 4016 Wanarpv6 - ok

15:42:12.0784 4016 [ 353A04C273EC58475D8633E75CCD5604 ] WatAdminSvc C:\windows\system32\Wat\WatAdminSvc.exe

15:42:12.0830 4016 WatAdminSvc - ok

15:42:12.0908 4016 [ 691E3285E53DCA558E1A84667F13E15A ] wbengine C:\windows\system32\wbengine.exe

15:42:12.0955 4016 wbengine - ok

15:42:13.0002 4016 [ 9614B5D29DC76AC3C29F6D2D3AA70E67 ] WbioSrvc C:\windows\System32\wbiosrvc.dll

15:42:13.0033 4016 WbioSrvc - ok

15:42:13.0096 4016 [ 59E19BD13C3BDB857646B9E436BA27F7 ] WcesComm C:\windows\WindowsMobile\wcescomm.dll

15:42:13.0127 4016 WcesComm - ok

15:42:13.0174 4016 [ 34EEE0DFAADB4F691D6D5308A51315DC ] wcncsvc C:\windows\System32\wcncsvc.dll

15:42:13.0205 4016 wcncsvc - ok

15:42:13.0252 4016 [ 5D930B6357A6D2AF4D7653BDABBF352F ] WcsPlugInService C:\windows\System32\WcsPlugInService.dll

15:42:13.0267 4016 WcsPlugInService - ok

15:42:13.0345 4016 [ 1112A9BADACB47B7C0BB0392E3158DFF ] Wd C:\windows\system32\DRIVERS\wd.sys

15:42:13.0361 4016 Wd - ok

Link to post
Share on other sites

15:42:13.0423 4016 [ D6EFAF429FD30C5DF613D220E344CCE7 ] WDC_SAM C:\windows\system32\DRIVERS\wdcsam.sys

15:42:13.0423 4016 WDC_SAM ( UnsignedFile.Multi.Generic ) - warning

15:42:13.0423 4016 WDC_SAM - detected UnsignedFile.Multi.Generic (1)

15:42:13.0486 4016 [ A840213F1ACDCC175B4D1D5AAEAC0D7A ] Wdf01000 C:\windows\system32\drivers\Wdf01000.sys

15:42:13.0517 4016 Wdf01000 - ok

15:42:13.0532 4016 [ 46EF9DC96265FD0B423DB72E7C38C2A5 ] WdiServiceHost C:\windows\system32\wdi.dll

15:42:13.0564 4016 WdiServiceHost - ok

15:42:13.0579 4016 [ 46EF9DC96265FD0B423DB72E7C38C2A5 ] WdiSystemHost C:\windows\system32\wdi.dll

15:42:13.0595 4016 WdiSystemHost - ok

15:42:13.0673 4016 [ A9D880F97530D5B8FEE278923349929D ] WebClient C:\windows\System32\webclnt.dll

15:42:13.0704 4016 WebClient - ok

15:42:13.0782 4016 [ 760F0AFE937A77CFF27153206534F275 ] Wecsvc C:\windows\system32\wecsvc.dll

15:42:13.0829 4016 Wecsvc - ok

15:42:13.0907 4016 [ AC804569BB2364FB6017370258A4091B ] wercplsupport C:\windows\System32\wercplsupport.dll

15:42:13.0938 4016 wercplsupport - ok

15:42:13.0969 4016 [ 08E420D873E4FD85241EE2421B02C4A4 ] WerSvc C:\windows\System32\WerSvc.dll

15:42:14.0016 4016 WerSvc - ok

15:42:14.0047 4016 [ 8B9A943F3B53861F2BFAF6C186168F79 ] WfpLwf C:\windows\system32\DRIVERS\wfplwf.sys

15:42:14.0078 4016 WfpLwf - ok

15:42:14.0125 4016 [ 5CF95B35E59E2A38023836FFF31BE64C ] WIMMount C:\windows\system32\drivers\wimmount.sys

15:42:14.0141 4016 WIMMount - ok

15:42:14.0281 4016 [ 3FAE8F94296001C32EAB62CD7D82E0FD ] WinDefend C:\Program Files\Windows Defender\mpsvc.dll

15:42:14.0312 4016 WinDefend - ok

15:42:14.0328 4016 WinHttpAutoProxySvc - ok

15:42:14.0437 4016 [ F62E510B6AD4C21EB9FE8668ED251826 ] Winmgmt C:\windows\system32\wbem\WMIsvc.dll

15:42:14.0468 4016 Winmgmt - ok

15:42:14.0624 4016 [ 1B91CD34EA3A90AB6A4EF0550174F4CC ] WinRM C:\windows\system32\WsmSvc.dll

15:42:14.0671 4016 WinRM - ok

15:42:14.0749 4016 [ A67E5F9A400F3BD1BE3D80613B45F708 ] WinUSB C:\windows\system32\DRIVERS\WinUSB.sys

15:42:14.0780 4016 WinUSB - ok

15:42:14.0999 4016 [ 16935C98FF639D185086A3529B1F2067 ] Wlansvc C:\windows\System32\wlansvc.dll

15:42:15.0030 4016 Wlansvc - ok

15:42:15.0280 4016 [ 0A70F4022EC2E14C159EFC4F69AA2477 ] wlidsvc C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE

15:42:15.0326 4016 wlidsvc - ok

15:42:15.0404 4016 [ 0217679B8FCA58714C3BF2726D2CA84E ] WmiAcpi C:\windows\system32\drivers\wmiacpi.sys

15:42:15.0420 4016 WmiAcpi - ok

15:42:15.0467 4016 [ 6EB6B66517B048D87DC1856DDF1F4C3F ] wmiApSrv C:\windows\system32\wbem\WmiApSrv.exe

15:42:15.0482 4016 wmiApSrv - ok

15:42:15.0701 4016 [ 3B40D3A61AA8C21B88AE57C58AB3122E ] WMPNetworkSvc C:\Program Files\Windows Media Player\wmpnetwk.exe

15:42:15.0732 4016 WMPNetworkSvc - ok

15:42:15.0794 4016 [ A2F0EC770A92F2B3F9DE6D518E11409C ] WPCSvc C:\windows\System32\wpcsvc.dll

15:42:15.0826 4016 WPCSvc - ok

15:42:15.0872 4016 [ AA53356D60AF47EACC85BC617A4F3F66 ] WPDBusEnum C:\windows\system32\wpdbusenum.dll

15:42:15.0904 4016 WPDBusEnum - ok

15:42:15.0950 4016 WRConsumerService - ok

15:42:16.0013 4016 [ 6DB3276587B853BF886B69528FDB048C ] ws2ifsl C:\windows\system32\drivers\ws2ifsl.sys

15:42:16.0075 4016 ws2ifsl - ok

15:42:16.0106 4016 [ 6F5D49EFE0E7164E03AE773A3FE25340 ] wscsvc C:\windows\system32\wscsvc.dll

15:42:16.0169 4016 wscsvc - ok

15:42:16.0169 4016 WSearch - ok

15:42:16.0262 4016 [ FC3EC24FCE372C89423E015A2AC1A31E ] wuauserv C:\windows\system32\wuaueng.dll

15:42:16.0325 4016 wuauserv - ok

15:42:16.0356 4016 [ 06E6F32C8D0A3F66D956F57B43A2E070 ] WudfPf C:\windows\system32\drivers\WudfPf.sys

15:42:16.0387 4016 WudfPf - ok

15:42:16.0434 4016 [ 867C301E8B790040AE9CF6486E8041DF ] WUDFRd C:\windows\system32\DRIVERS\WUDFRd.sys

15:42:16.0450 4016 WUDFRd - ok

15:42:16.0496 4016 [ FE47B7BC8EA320C2D9B5E5BF6E303765 ] wudfsvc C:\windows\System32\WUDFSvc.dll

15:42:16.0528 4016 wudfsvc - ok

15:42:16.0559 4016 [ FF2D745B560F7C71B31F30F4D49F73D2 ] WwanSvc C:\windows\System32\wwansvc.dll

15:42:16.0590 4016 WwanSvc - ok

15:42:16.0668 4016 ================ Scan global ===============================

15:42:16.0715 4016 [ DAB748AE0439955ED2FA22357533DDDB ] C:\windows\system32\basesrv.dll

15:42:16.0746 4016 [ 93F86C5CCC37D70EA09CE5E76F3E4338 ] C:\windows\system32\winsrv.dll

15:42:16.0777 4016 [ 93F86C5CCC37D70EA09CE5E76F3E4338 ] C:\windows\system32\winsrv.dll

15:42:16.0808 4016 [ 364455805E64882844EE9ACB72522830 ] C:\windows\system32\sxssrv.dll

15:42:16.0855 4016 [ 5F1B6A9C35D3D5CA72D6D6FDEF9747D6 ] C:\windows\system32\services.exe

15:42:16.0855 4016 [Global] - ok

15:42:16.0871 4016 ================ Scan MBR ==================================

15:42:16.0886 4016 [ 5B5E648D12FCADC244C1EC30318E1EB9 ] \Device\Harddisk0\DR0

15:42:17.0838 4016 \Device\Harddisk0\DR0 - ok

15:42:17.0838 4016 ================ Scan VBR ==================================

15:42:17.0869 4016 [ CD1000201D267B26F8B8243B79411511 ] \Device\Harddisk0\DR0\Partition1

15:42:17.0869 4016 \Device\Harddisk0\DR0\Partition1 - ok

15:42:17.0869 4016 ================ Scan active images ========================

15:42:17.0885 4016 [ B7EFEF22FF426EC4158A177CB3B558D3 ] C:\Windows\System32\drivers\crashdmp.sys

15:42:17.0885 4016 C:\Windows\System32\drivers\crashdmp.sys - ok

15:42:17.0900 4016 [ 5428227D4730EBDFC842E9FB593F8C8A ] C:\Windows\System32\drivers\Dumpata.sys

15:42:17.0900 4016 C:\Windows\System32\drivers\Dumpata.sys - ok

15:42:17.0900 4016 [ 012C5F4E9349E711E11E0F19A8589F0A ] C:\Windows\System32\drivers\msahci.sys

15:42:17.0900 4016 C:\Windows\System32\drivers\msahci.sys - ok

15:42:17.0916 4016 [ 62A63EF2F3053B461CB327E4D69AAA74 ] C:\Windows\System32\drivers\dumpfve.sys

15:42:17.0916 4016 C:\Windows\System32\drivers\dumpfve.sys - ok

15:42:17.0932 4016 [ BE167ED0FDB9C1FA1133953C18D5A6C9 ] C:\Windows\System32\drivers\cdrom.sys

15:42:17.0932 4016 C:\Windows\System32\drivers\cdrom.sys - ok

15:42:17.0932 4016 [ 17230708A2028CD995656DF455F2E303 ] C:\Windows\System32\drivers\aswSnx.sys

15:42:17.0932 4016 C:\Windows\System32\drivers\aswSnx.sys - ok

15:42:17.0947 4016 [ 505506526A9D467307B3C393DEDAF858 ] C:\Windows\System32\drivers\beep.sys

15:42:17.0947 4016 C:\Windows\System32\drivers\beep.sys - ok

15:42:17.0963 4016 [ F9756A98D69098DCA8945D62858A812C ] C:\Windows\System32\drivers\null.sys

15:42:17.0963 4016 C:\Windows\System32\drivers\null.sys - ok

15:42:17.0978 4016 [ 15C126D1B55814B9E5CAB10A9C1F4C67 ] C:\Windows\System32\drivers\videoprt.sys

15:42:17.0978 4016 C:\Windows\System32\drivers\videoprt.sys - ok

15:42:17.0978 4016 [ CB45A417C8EF7BA6BAC67EDCDDED8700 ] C:\Windows\System32\drivers\watchdog.sys

15:42:17.0978 4016 C:\Windows\System32\drivers\watchdog.sys - ok

15:42:17.0994 4016 [ 8E38096AD5C8570A6F1570A61E251561 ] C:\Windows\System32\drivers\vga.sys

15:42:17.0994 4016 C:\Windows\System32\drivers\vga.sys - ok

15:42:18.0010 4016 [ 23DAE03F29D253AE74C44F99E515F9A1 ] C:\Windows\System32\drivers\RDPCDD.sys

15:42:18.0010 4016 C:\Windows\System32\drivers\RDPCDD.sys - ok

15:42:18.0010 4016 [ 5A53CA1598DD4156D44196D200C94B8A ] C:\Windows\System32\drivers\RDPENCDD.sys

15:42:18.0010 4016 C:\Windows\System32\drivers\RDPENCDD.sys - ok

15:42:18.0025 4016 [ 44B0A53CD4F27D50ED461DAE0C0B4E1F ] C:\Windows\System32\drivers\RDPREFMP.sys

15:42:18.0025 4016 C:\Windows\System32\drivers\RDPREFMP.sys - ok

15:42:18.0041 4016 [ DAEFB28E3AF5A76ABCC2C3078C07327F ] C:\Windows\System32\drivers\msfs.sys

15:42:18.0041 4016 C:\Windows\System32\drivers\msfs.sys - ok

15:42:18.0056 4016 [ 1DB262A9F8C087E8153D89BEF3D2235F ] C:\Windows\System32\drivers\npfs.sys

15:42:18.0056 4016 C:\Windows\System32\drivers\npfs.sys - ok

15:42:18.0056 4016 [ 280122DDCF04B378EDD1AD54D71C1E54 ] C:\Windows\System32\drivers\netbt.sys

15:42:18.0056 4016 C:\Windows\System32\drivers\netbt.sys - ok

15:42:18.0072 4016 [ 2F885864D5BC8A16C86BEE595969A48A ] C:\Windows\System32\drivers\tdi.sys

15:42:18.0072 4016 C:\Windows\System32\drivers\tdi.sys - ok

15:42:18.0088 4016 [ B459575348C20E8121D6039DA063C704 ] C:\Windows\System32\drivers\tdx.sys

15:42:18.0088 4016 C:\Windows\System32\drivers\tdx.sys - ok

15:42:18.0088 4016 [ 9EBBBA55060F786F0FCAA3893BFA2806 ] C:\Windows\System32\drivers\afd.sys

15:42:18.0088 4016 C:\Windows\System32\drivers\afd.sys - ok

15:42:18.0103 4016 [ 6270CCAE2A86DE6D146529FE55B3246A ] C:\Windows\System32\drivers\pacer.sys

15:42:18.0103 4016 C:\Windows\System32\drivers\pacer.sys - ok

15:42:18.0119 4016 [ 8B9A943F3B53861F2BFAF6C186168F79 ] C:\Windows\System32\drivers\wfplwf.sys

15:42:18.0119 4016 C:\Windows\System32\drivers\wfplwf.sys - ok

15:42:18.0134 4016 [ 6DB3276587B853BF886B69528FDB048C ] C:\Windows\System32\drivers\ws2ifsl.sys

15:42:18.0134 4016 C:\Windows\System32\drivers\ws2ifsl.sys - ok

15:42:18.0134 4016 [ 7090D3436EEB4E7DA3373090A23448F7 ] C:\Windows\System32\drivers\vwififlt.sys

15:42:18.0134 4016 C:\Windows\System32\drivers\vwififlt.sys - ok

15:42:18.0150 4016 [ 80B275B1CE3B0E79909DB7B39AF74D51 ] C:\Windows\System32\drivers\netbios.sys

15:42:18.0150 4016 C:\Windows\System32\drivers\netbios.sys - ok

15:42:18.0166 4016 [ D528BC58A489409BA40334EBF96A311B ] C:\Windows\System32\drivers\rdbss.sys

15:42:18.0166 4016 C:\Windows\System32\drivers\rdbss.sys - ok

15:42:18.0181 4016 [ 04DBF4B01EA4BF25A9A3E84AFFAC9B20 ] C:\Windows\System32\drivers\termdd.sys

15:42:18.0181 4016 C:\Windows\System32\drivers\termdd.sys - ok

15:42:18.0181 4016 [ 3C3C78515F5AB448B022BDF5B8FFDD2E ] C:\Windows\System32\drivers\wanarp.sys

15:42:18.0181 4016 C:\Windows\System32\drivers\wanarp.sys - ok

15:42:18.0197 4016 [ F024449C97EC1E464AAFFDA18593DB88 ] C:\Windows\System32\drivers\dfsc.sys

15:42:18.0197 4016 C:\Windows\System32\drivers\dfsc.sys - ok

15:42:18.0212 4016 [ 1A050B0274BFB3890703D490F330C0DA ] C:\Windows\System32\drivers\discache.sys

15:42:18.0212 4016 C:\Windows\System32\drivers\discache.sys - ok

15:42:18.0212 4016 [ FC6B9FF600CC585EA38B12589BD4E246 ] C:\Windows\System32\drivers\mssmbios.sys

15:42:18.0212 4016 C:\Windows\System32\drivers\mssmbios.sys - ok

15:42:18.0228 4016 [ E9A0A4D07E53D8FEA2BB8387A3293C58 ] C:\Windows\System32\drivers\nsiproxy.sys

15:42:18.0228 4016 C:\Windows\System32\drivers\nsiproxy.sys - ok

15:42:18.0244 4016 [ 2287078ED48FCFC477B05B20CF38F36F ] C:\Windows\System32\drivers\blbdrive.sys

15:42:18.0244 4016 C:\Windows\System32\drivers\blbdrive.sys - ok

15:42:18.0244 4016 [ B2FA25D9B17A68BB93D58B0556E8C90D ] C:\Windows\System32\drivers\tunnel.sys

15:42:18.0244 4016 C:\Windows\System32\drivers\tunnel.sys - ok

15:42:18.0259 4016 [ 3CBF30F5370FDA40DD3E87DF38EA53B6 ] C:\Windows\System32\drivers\amdppm.sys

15:42:18.0259 4016 C:\Windows\System32\drivers\amdppm.sys - ok

15:42:18.0275 4016 [ DEA805815E587DAD1DD2C502220B5616 ] C:\Windows\System32\drivers\CmBatt.sys

15:42:18.0275 4016 C:\Windows\System32\drivers\CmBatt.sys - ok

15:42:18.0290 4016 [ 0F76E205BDC60364F08A5949082771CA ] C:\Windows\System32\drivers\FwLnk.sys

15:42:18.0290 4016 C:\Windows\System32\drivers\FwLnk.sys - ok

15:42:18.0290 4016 [ C30A91ADE8C9CB91E4281EC83C4500C6 ] C:\Windows\System32\ntdll.dll

15:42:18.0290 4016 C:\Windows\System32\ntdll.dll - ok

15:42:18.0306 4016 [ 16742790895960690237A5143CEDEC8B ] C:\Windows\System32\smss.exe

15:42:18.0306 4016 C:\Windows\System32\smss.exe - ok

15:42:18.0322 4016 [ C97BE8350FBCB1960B22FAD2E6C2B514 ] C:\Windows\System32\drivers\atikmdag.sys

15:42:18.0322 4016 C:\Windows\System32\drivers\atikmdag.sys - ok

15:42:18.0322 4016 [ 23F5D28378A160352BA8F817BD8C71CB ] C:\Windows\System32\drivers\dxgkrnl.sys

15:42:18.0322 4016 C:\Windows\System32\drivers\dxgkrnl.sys - ok

15:42:18.0337 4016 [ D458D1C7F1D49869000668E3C3BB0D4D ] C:\Windows\System32\drivers\dxgmms1.sys

15:42:18.0337 4016 C:\Windows\System32\drivers\dxgmms1.sys - ok

15:42:18.0353 4016 [ 80B66A4181F782884A815E69D0AFA743 ] C:\Windows\System32\drivers\Rt86win7.sys

15:42:18.0353 4016 C:\Windows\System32\drivers\Rt86win7.sys - ok

15:42:18.0368 4016 [ 185ADA973B5020655CEE342059A86CBB ] C:\Windows\System32\drivers\GEARAspiWDM.sys

15:42:18.0368 4016 C:\Windows\System32\drivers\GEARAspiWDM.sys - ok

15:42:18.0368 4016 [ 4084EA00D50C858D6F9038F86AE2E2D0 ] C:\Windows\System32\drivers\tdcmdpst.sys

15:42:18.0368 4016 C:\Windows\System32\drivers\tdcmdpst.sys - ok

15:42:18.0384 4016 [ F92DE757E4B7CE9C07C5E65423F3AE3B ] C:\Windows\System32\drivers\usbehci.sys

15:42:18.0384 4016 C:\Windows\System32\drivers\usbehci.sys - ok

15:42:18.0400 4016 [ E185D44FAC515A18D9DEDDC23C2CDF44 ] C:\Windows\System32\drivers\usbohci.sys

15:42:18.0400 4016 C:\Windows\System32\drivers\usbohci.sys - ok

15:42:18.0400 4016 [ 3AA940AA9AC3055FE32FF2D3D20CCD28 ] C:\Windows\System32\drivers\usbport.sys

15:42:18.0400 4016 C:\Windows\System32\drivers\usbport.sys - ok

15:42:18.0415 4016 [ 9036377B8A6C15DC2EEC53E489D159B5 ] C:\Windows\System32\drivers\hdaudbus.sys

15:42:18.0415 4016 C:\Windows\System32\drivers\hdaudbus.sys - ok

15:42:18.0415 4016 [ F151F0BDC47F4A28B1B20A0818EA36D6 ] C:\Windows\System32\drivers\i8042prt.sys

15:42:18.0415 4016 C:\Windows\System32\drivers\i8042prt.sys - ok

15:42:18.0431 4016 [ F88A52EB62019D6A62FDD9E08034DBD8 ] C:\Windows\System32\autochk.exe

15:42:18.0431 4016 C:\Windows\System32\autochk.exe - ok

15:42:18.0446 4016 [ ADEF52CA1AEAE82B50DF86B56413107E ] C:\Windows\System32\drivers\kbdclass.sys

15:42:18.0446 4016 C:\Windows\System32\drivers\kbdclass.sys - ok

15:42:18.0446 4016 [ 5787196F32D043572EC6565C0EF1B8E0 ] C:\Windows\System32\drivers\usbd.sys

15:42:18.0446 4016 C:\Windows\System32\drivers\usbd.sys - ok

15:42:18.0462 4016 [ CBE8C58A8579CFE5FCCF809E6F114E89 ] C:\Windows\System32\drivers\CompositeBus.sys

15:42:18.0462 4016 C:\Windows\System32\drivers\CompositeBus.sys - ok

15:42:18.0478 4016 [ FB18CC1D4C2E716B6B903B0AC0CC0609 ] C:\Windows\System32\drivers\mouclass.sys

15:42:18.0478 4016 C:\Windows\System32\drivers\mouclass.sys - ok

15:42:18.0478 4016 [ 8BD10DC8809DC69A1C5A795CB10ADD76 ] C:\Windows\System32\drivers\SynTP.sys

15:42:18.0478 4016 C:\Windows\System32\drivers\SynTP.sys - ok

15:42:18.0493 4016 [ 57EC4AEF73660166074D8F7F31C0D4FD ] C:\Windows\System32\drivers\agilevpn.sys

15:42:18.0493 4016 C:\Windows\System32\drivers\agilevpn.sys - ok

15:42:18.0509 4016 [ 4477689E2D8AE6B78BA34C9AF4CC1ED1 ] C:\Windows\System32\drivers\lmimirr.sys

15:42:18.0509 4016 C:\Windows\System32\drivers\lmimirr.sys - ok

15:42:18.0509 4016 [ E4A8AEC125A2E43A9E32AFEEA7C9C888 ] C:\Windows\System32\drivers\ndistapi.sys

15:42:18.0509 4016 C:\Windows\System32\drivers\ndistapi.sys - ok

15:42:18.0524 4016 [ 38FBE267E7E6983311179230FACB1017 ] C:\Windows\System32\drivers\ndiswan.sys

15:42:18.0524 4016 C:\Windows\System32\drivers\ndiswan.sys - ok

15:42:18.0524 4016 [ D9F91EAFEC2815365CBE6D167E4E332A ] C:\Windows\System32\drivers\rasl2tp.sys

15:42:18.0524 4016 C:\Windows\System32\drivers\rasl2tp.sys - ok

15:42:18.0540 4016 [ 0FE8B15916307A6AC12BFB6A63E45507 ] C:\Windows\System32\drivers\raspppoe.sys

15:42:18.0540 4016 C:\Windows\System32\drivers\raspppoe.sys - ok

15:42:18.0556 4016 [ 631E3E205AD6D86F2AED6A4A8E69F2DB ] C:\Windows\System32\drivers\raspptp.sys

15:42:18.0556 4016 C:\Windows\System32\drivers\raspptp.sys - ok

15:42:18.0556 4016 [ 44101F495A83EA6401D886E7FD70096B ] C:\Windows\System32\drivers\rassstp.sys

15:42:18.0556 4016 C:\Windows\System32\drivers\rassstp.sys - ok

15:42:18.0571 4016 [ 5DCEF0C32BE0F33277326586FA503689 ] C:\Windows\System32\drivers\ks.sys

15:42:18.0571 4016 C:\Windows\System32\drivers\ks.sys - ok

15:42:18.0587 4016 [ E58C78A848ADD9610A4DB6D214AF5224 ] C:\Windows\System32\drivers\swenum.sys

15:42:18.0587 4016 C:\Windows\System32\drivers\swenum.sys - ok

15:42:18.0587 4016 [ D295BED4B898F0FD999FCFA9B32B071B ] C:\Windows\System32\drivers\umbus.sys

15:42:18.0587 4016 C:\Windows\System32\drivers\umbus.sys - ok

15:42:18.0602 4016 [ E87F5393F7D8CE2FACC4DFF703531392 ] C:\Windows\System32\gdi32.dll

15:42:18.0602 4016 C:\Windows\System32\gdi32.dll - ok

15:42:18.0618 4016 [ 95E2376B3323F062EB562B8586D0F14A ] C:\Windows\System32\advapi32.dll

15:42:18.0618 4016 C:\Windows\System32\advapi32.dll - ok

15:42:18.0618 4016 [ 4A8E2F20809CC161107FAA94F6CF2685 ] C:\Windows\System32\imm32.dll

15:42:18.0618 4016 C:\Windows\System32\imm32.dll - ok

15:42:18.0634 4016 [ A543AC1F7138376D778D630A35FCBC4C ] C:\Windows\System32\psapi.dll

15:42:18.0634 4016 C:\Windows\System32\psapi.dll - ok

15:42:18.0634 4016 [ 8DC94AEC6A7E644A06135AE7506DC2E9 ] C:\Windows\System32\drivers\usbhub.sys

15:42:18.0634 4016 C:\Windows\System32\drivers\usbhub.sys - ok

15:42:18.0649 4016 [ A4BDC541E69674FBFF1A8FF00BE913F2 ] C:\Windows\System32\drivers\ndproxy.sys

15:42:18.0649 4016 C:\Windows\System32\drivers\ndproxy.sys - ok

15:42:18.0665 4016 [ 27F9288AF019E6DACA281EDE51FF5928 ] C:\Windows\System32\drivers\drmk.sys

15:42:18.0665 4016 C:\Windows\System32\drivers\drmk.sys - ok

15:42:18.0665 4016 [ D72708C9F49500C13D7D067E169B7715 ] C:\Windows\System32\drivers\portcls.sys

15:42:18.0665 4016 C:\Windows\System32\drivers\portcls.sys - ok

15:42:18.0680 4016 [ E4A2E810CB2607C9C159C0DFB0BD4C88 ] C:\Windows\System32\drivers\RTKVHDA.sys

15:42:18.0680 4016 C:\Windows\System32\drivers\RTKVHDA.sys - ok

15:42:18.0696 4016 [ 780E80E5502015EDAEC91DC0A0C96A79 ] C:\Windows\System32\iertutil.dll

15:42:18.0696 4016 C:\Windows\System32\iertutil.dll - ok

15:42:18.0696 4016 [ 6400774E903729ADD0A62A24A334EE56 ] C:\Windows\System32\rpcrt4.dll

15:42:18.0696 4016 C:\Windows\System32\rpcrt4.dll - ok

15:42:18.0712 4016 [ FF5688D309347F2720911D8796912834 ] C:\Windows\System32\clbcatq.dll

15:42:18.0712 4016 C:\Windows\System32\clbcatq.dll - ok

15:42:18.0712 4016 [ 7FF15A4F092CD4A96055BA69F903E3E9 ] C:\Windows\System32\ws2_32.dll

15:42:18.0712 4016 C:\Windows\System32\ws2_32.dll - ok

15:42:18.0727 4016 [ 804AAAFEBB3AD5F49334DD906BCB1DE5 ] C:\Windows\System32\usp10.dll

15:42:18.0727 4016 C:\Windows\System32\usp10.dll - ok

15:42:18.0743 4016 [ A8BB45F9ECAD993461E0FEF8E2A99152 ] C:\Windows\System32\Wldap32.dll

15:42:18.0743 4016 C:\Windows\System32\Wldap32.dll - ok

15:42:18.0743 4016 [ 4F154D2C9C6DF951FD6E5AABBAE6B5EE ] C:\Windows\System32\lpk.dll

15:42:18.0743 4016 C:\Windows\System32\lpk.dll - ok

15:42:18.0758 4016 [ C9618BC9B2B0FD7C1138D8774795A79B ] C:\Windows\System32\msctf.dll

15:42:18.0758 4016 C:\Windows\System32\msctf.dll - ok

15:42:18.0774 4016 [ 8CC3C111D653E96F3EA1590891491D71 ] C:\Windows\System32\shlwapi.dll

15:42:18.0774 4016 C:\Windows\System32\shlwapi.dll - ok

15:42:18.0774 4016 [ 10FB16B50AFFDA6D44588F3C445DC273 ] C:\Windows\System32\setupapi.dll

15:42:18.0774 4016 C:\Windows\System32\setupapi.dll - ok

15:42:18.0790 4016 [ B2DB6ABA2E292235749B80A9C3DFA867 ] C:\Windows\System32\imagehlp.dll

15:42:18.0790 4016 C:\Windows\System32\imagehlp.dll - ok

15:42:18.0805 4016 [ 9C278785347BCC991F8EA2999D90F58D ] C:\Windows\System32\normaliz.dll

15:42:18.0805 4016 C:\Windows\System32\normaliz.dll - ok

15:42:18.0805 4016 [ 7FA3A810F383588D46220967DE8B64FF ] C:\Windows\System32\wininet.dll

15:42:18.0805 4016 C:\Windows\System32\wininet.dll - ok

15:42:18.0821 4016 [ 070C5B9D3006602A07757179D9B56F5D ] C:\Windows\System32\difxapi.dll

15:42:18.0821 4016 C:\Windows\System32\difxapi.dll - ok

15:42:18.0821 4016 [ 4266A3230981DD4434C55957F6DD497D ] C:\Windows\System32\urlmon.dll

15:42:18.0821 4016 C:\Windows\System32\urlmon.dll - ok

15:42:18.0836 4016 [ 6C765E82B57F2E66CE9C54AC238471D9 ] C:\Windows\System32\oleaut32.dll

15:42:18.0836 4016 C:\Windows\System32\oleaut32.dll - ok

15:42:18.0852 4016 [ CFC97F07904067A1E5FAE195D534DA3A ] C:\Windows\System32\sechost.dll

15:42:18.0852 4016 C:\Windows\System32\sechost.dll - ok

15:42:18.0852 4016 [ 9DC80A8AAAAAC397BDAB3C67165A824E ] C:\Windows\System32\msvcrt.dll

15:42:18.0852 4016 C:\Windows\System32\msvcrt.dll - ok

15:42:18.0868 4016 [ 6377051C63D5552A311935C67E9FDFDC ] C:\Windows\System32\nsi.dll

15:42:18.0868 4016 C:\Windows\System32\nsi.dll - ok

15:42:18.0883 4016 [ F1DD3ACAEE5E6B4BBC69BC6DF75CEF66 ] C:\Windows\System32\user32.dll

15:42:18.0883 4016 C:\Windows\System32\user32.dll - ok

15:42:18.0883 4016 [ 3ED262888758E350C29E02207AF9AC59 ] C:\Windows\System32\kernel32.dll

15:42:18.0883 4016 C:\Windows\System32\kernel32.dll - ok

15:42:18.0899 4016 [ 928CF7268086631F54C3D8E17238C6DD ] C:\Windows\System32\ole32.dll

15:42:18.0899 4016 C:\Windows\System32\ole32.dll - ok

15:42:18.0899 4016 [ 8E7D6DBBA555C5D5A02DECC79FE9C638 ] C:\Windows\System32\drivers\RTL8187B.sys

15:42:18.0899 4016 C:\Windows\System32\drivers\RTL8187B.sys - ok

15:42:18.0914 4016 [ 90567B1E658001E79D7C8BBD3DDE5AA6 ] C:\Windows\System32\drivers\vwifibus.sys

15:42:18.0914 4016 C:\Windows\System32\drivers\vwifibus.sys - ok

15:42:18.0930 4016 [ 29E9794708DF51DB5DC89FB2E903A0F6 ] C:\Windows\System32\shell32.dll

15:42:18.0930 4016 C:\Windows\System32\shell32.dll - ok

15:42:18.0930 4016 [ D1DE1EAFDE97BE41CF6585027FF3E732 ] C:\Windows\System32\comdlg32.dll

15:42:18.0930 4016 C:\Windows\System32\comdlg32.dll - ok

15:42:18.0946 4016 [ 17448AF0BBA9E7AB5EC955AF93F271BD ] C:\Windows\System32\wintrust.dll

15:42:18.0946 4016 C:\Windows\System32\wintrust.dll - ok

15:42:18.0961 4016 [ E40ADC3B848650F1D5A932FD7DE0D018 ] C:\Windows\System32\KernelBase.dll

15:42:18.0961 4016 C:\Windows\System32\KernelBase.dll - ok

15:42:18.0961 4016 [ BDAC1AA64495D0F7E1FF810EBBF1F018 ] C:\Windows\System32\comctl32.dll

15:42:18.0961 4016 C:\Windows\System32\comctl32.dll - ok

15:42:18.0977 4016 [ CC4ED8BEA78B0DCA6F217E014C3291A7 ] C:\Windows\System32\devobj.dll

15:42:18.0977 4016 C:\Windows\System32\devobj.dll - ok

15:42:18.0977 4016 [ 60D21799A4AF4EDCE65FB98830E4B0C8 ] C:\Windows\System32\crypt32.dll

15:42:18.0977 4016 C:\Windows\System32\crypt32.dll - ok

15:42:18.0992 4016 [ 3FFAEA12666E565FF51BF2FCA674F543 ] C:\Windows\System32\cfgmgr32.dll

15:42:18.0992 4016 C:\Windows\System32\cfgmgr32.dll - ok

15:42:19.0008 4016 [ 938F39B50BAFE13D6F58C7790682C010 ] C:\Windows\System32\msasn1.dll

15:42:19.0008 4016 C:\Windows\System32\msasn1.dll - ok

15:42:19.0008 4016 [ 5FCD3320AAE71506B43F9E12E4E72172 ] C:\Windows\System32\drivers\dxapi.sys

15:42:19.0008 4016 C:\Windows\System32\drivers\dxapi.sys - ok

15:42:19.0024 4016 [ 46538741E0230731D3635D12DF85A7B5 ] C:\Windows\System32\win32k.sys

15:42:19.0024 4016 C:\Windows\System32\win32k.sys - ok

15:42:19.0039 4016 [ 6C062EA09313872D2235027EF7A4554E ] C:\Windows\System32\csrsrv.dll

15:42:19.0039 4016 C:\Windows\System32\csrsrv.dll - ok

15:42:19.0039 4016 [ 342271F6142E7C70805B8A81E1BA5F5C ] C:\Windows\System32\csrss.exe

15:42:19.0039 4016 C:\Windows\System32\csrss.exe - ok

15:42:19.0055 4016 [ DAB748AE0439955ED2FA22357533DDDB ] C:\Windows\System32\basesrv.dll

15:42:19.0055 4016 C:\Windows\System32\basesrv.dll - ok

15:42:19.0055 4016 [ 93F86C5CCC37D70EA09CE5E76F3E4338 ] C:\Windows\System32\winsrv.dll

15:42:19.0055 4016 C:\Windows\System32\winsrv.dll - ok

15:42:19.0070 4016 [ 79D10964DE86B292320E9DFE02282A23 ] C:\Windows\System32\drivers\monitor.sys

15:42:19.0070 4016 C:\Windows\System32\drivers\monitor.sys - ok

15:42:19.0086 4016 [ 7C76B61A5E1EF5D1FA554CF134100F18 ] C:\Windows\System32\tsddd.dll

15:42:19.0086 4016 C:\Windows\System32\tsddd.dll - ok

15:42:19.0086 4016 [ 364455805E64882844EE9ACB72522830 ] C:\Windows\System32\sxssrv.dll

15:42:19.0086 4016 C:\Windows\System32\sxssrv.dll - ok

15:42:19.0102 4016 [ B5C5DCAD3899512020D135600129D665 ] C:\Windows\System32\wininit.exe

15:42:19.0102 4016 C:\Windows\System32\wininit.exe - ok

15:42:19.0117 4016 [ C733D233B623B7FFCE5031E4B756EE26 ] C:\Windows\System32\profapi.dll

15:42:19.0117 4016 C:\Windows\System32\profapi.dll - ok

15:42:19.0117 4016 [ CAEF9CD6C10B1017E2C298D849CD31DB ] C:\Windows\System32\cdd.dll

15:42:19.0117 4016 C:\Windows\System32\cdd.dll - ok

15:42:19.0133 4016 [ 5997D769CDB108390DCFAEBF442BF816 ] C:\Windows\System32\RpcRtRemote.dll

15:42:19.0133 4016 C:\Windows\System32\RpcRtRemote.dll - ok

15:42:19.0133 4016 [ 357B990A4249D7F7485B230C0CC8825A ] C:\Windows\System32\KBDUS.DLL

15:42:19.0133 4016 C:\Windows\System32\KBDUS.DLL - ok

15:42:19.0148 4016 [ 633C2C060CF857099F6C4F8D75C952B1 ] C:\Windows\System32\WlS0WndH.dll

15:42:19.0148 4016 C:\Windows\System32\WlS0WndH.dll - ok

15:42:19.0164 4016 [ 919001D2BB17DF06CA3F8AC16AD039F6 ] C:\Windows\System32\sxs.dll

15:42:19.0164 4016 C:\Windows\System32\sxs.dll - ok

15:42:19.0164 4016 [ F08F6FCD09F9BE94C37ACC1B344685FF ] C:\Windows\System32\cryptbase.dll

15:42:19.0164 4016 C:\Windows\System32\cryptbase.dll - ok

15:42:19.0180 4016 [ 6D13E1406F50C66E2A95D97F22C47560 ] C:\Windows\System32\winlogon.exe

15:42:19.0180 4016 C:\Windows\System32\winlogon.exe - ok

15:42:19.0195 4016 [ 418E881201583A3039D81F43E39E6C78 ] C:\Windows\System32\winsta.dll

15:42:19.0195 4016 C:\Windows\System32\winsta.dll - ok

15:42:19.0195 4016 [ 863F793D15B4026B1A5FDECA873D4D84 ] C:\Windows\System32\apphelp.dll

15:42:19.0195 4016 C:\Windows\System32\apphelp.dll - ok

15:42:19.0211 4016 [ 3369D021265E369D57317D61FA86DD79 ] C:\Windows\System32\scext.dll

15:42:19.0211 4016 C:\Windows\System32\scext.dll - ok

15:42:19.0211 4016 [ 69678722290C78D5D7198C60B5A4E3E8 ] C:\Windows\System32\secur32.dll

15:42:19.0211 4016 C:\Windows\System32\secur32.dll - ok

15:42:19.0226 4016 [ 5F1B6A9C35D3D5CA72D6D6FDEF9747D6 ] C:\Windows\System32\services.exe

15:42:19.0226 4016 C:\Windows\System32\services.exe - ok

15:42:19.0242 4016 [ 4A054C853031616D161A84BECF281F47 ] C:\Windows\System32\sspicli.dll

15:42:19.0242 4016 C:\Windows\System32\sspicli.dll - ok

15:42:19.0242 4016 [ C95CA687D32DDAB1C91E1122E80D5E16 ] C:\Windows\System32\lsasrv.dll

15:42:19.0242 4016 C:\Windows\System32\lsasrv.dll - ok

15:42:19.0258 4016 [ 81951F51E318AECC2D68559E47485CC4 ] C:\Windows\System32\lsass.exe

15:42:19.0258 4016 C:\Windows\System32\lsass.exe - ok

15:42:19.0273 4016 [ 8AEA9A37C1A3565A204D37C5E72AB791 ] C:\Windows\System32\lsm.exe

15:42:19.0273 4016 C:\Windows\System32\lsm.exe - ok

15:42:19.0273 4016 [ 250AA41DE690561AF1282D598914564C ] C:\Windows\System32\scesrv.dll

15:42:19.0273 4016 C:\Windows\System32\scesrv.dll - ok

15:42:19.0289 4016 [ E361AE3010EA4B3123DAB5BDAE21798F ] C:\Windows\System32\sspisrv.dll

15:42:19.0289 4016 C:\Windows\System32\sspisrv.dll - ok

15:42:19.0289 4016 [ 5CCDCD40E732D54E0F7451AC66AC1C87 ] C:\Windows\System32\srvcli.dll

15:42:19.0289 4016 C:\Windows\System32\srvcli.dll - ok

15:42:19.0304 4016 [ BA51FFE170C5B3AE8EC4F5BD2581A29E ] C:\Windows\System32\sysntfy.dll

15:42:19.0304 4016 C:\Windows\System32\sysntfy.dll - ok

15:42:19.0320 4016 [ D412B1B72C5AB020218E9A047D90CA05 ] C:\Windows\System32\wmsgapi.dll

15:42:19.0320 4016 C:\Windows\System32\wmsgapi.dll - ok

15:42:19.0320 4016 [ 8B5EEFEEC1E6D1A72A06C526628AD161 ] C:\Windows\System32\aelupsvc.dll

15:42:19.0320 4016 C:\Windows\System32\aelupsvc.dll - ok

15:42:19.0336 4016 [ 245F4691314F42D4D1BC06442F0B2086 ] C:\Windows\System32\samsrv.dll

15:42:19.0336 4016 C:\Windows\System32\samsrv.dll - ok

15:42:19.0351 4016 [ 1128637CAD49A8E3C8B5FA5D0A061525 ] C:\Windows\System32\cryptdll.dll

15:42:19.0351 4016 C:\Windows\System32\cryptdll.dll - ok

15:42:19.0351 4016 [ 82C089EA2A3EEFADF3588EA71E8BDADA ] C:\Windows\System32\wevtapi.dll

15:42:19.0351 4016 C:\Windows\System32\wevtapi.dll - ok

15:42:19.0367 4016 [ FB4EB9352B7D698E6B3C2AA2ED724DAD ] C:\Windows\System32\authz.dll

15:42:19.0367 4016 C:\Windows\System32\authz.dll - ok

15:42:19.0367 4016 [ 50BA656134F78AF64E4DD3C8B6FEFD7E ] C:\Windows\System32\cngaudit.dll

15:42:19.0367 4016 C:\Windows\System32\cngaudit.dll - ok

15:42:19.0382 4016 [ FC7650224790CAE75A5E9231961FDEC5 ] C:\Windows\System32\bcrypt.dll

15:42:19.0382 4016 C:\Windows\System32\bcrypt.dll - ok

15:42:19.0398 4016 [ 591FE0A6CEB19BF886CEB1331F591940 ] C:\Windows\System32\ncrypt.dll

15:42:19.0398 4016 C:\Windows\System32\ncrypt.dll - ok

15:42:19.0398 4016 [ 18A54E132947CD98FEA9ACCC57F98F13 ] C:\Windows\System32\alg.exe

15:42:19.0398 4016 C:\Windows\System32\alg.exe - ok

15:42:19.0414 4016 [ 62A9C86CB6085E20DB4823E4E97826F5 ] C:\Windows\System32\appidsvc.dll

15:42:19.0414 4016 C:\Windows\System32\appidsvc.dll - ok

15:42:19.0429 4016 [ FB1959012294D6AD43E5304DF65E3C26 ] C:\Windows\System32\appinfo.dll

15:42:19.0429 4016 C:\Windows\System32\appinfo.dll - ok

15:42:19.0429 4016 [ CE3B4E731638D2EF62FCB419BE0D39F0 ] C:\Windows\System32\audiosrv.dll

15:42:19.0429 4016 C:\Windows\System32\audiosrv.dll - ok

15:42:19.0445 4016 [ C90878913DF3DC504790282043DB5F4C ] C:\Windows\System32\msprivs.dll

15:42:19.0445 4016 C:\Windows\System32\msprivs.dll - ok

15:42:19.0460 4016 [ 761A3A4038C1FD4F5795427907C28484 ] C:\Windows\System32\rascfg.dll

15:42:19.0460 4016 C:\Windows\System32\rascfg.dll - ok

15:42:19.0460 4016 [ E343CABBD8D600ABAF3F11625D33B3D0 ] C:\Windows\System32\netjoin.dll

15:42:19.0460 4016 C:\Windows\System32\netjoin.dll - ok

15:42:19.0476 4016 [ ED4649A28AFE0B3DB93C3198BA48E34E ] C:\Windows\System32\atmfd.dll

15:42:19.0476 4016 C:\Windows\System32\atmfd.dll - ok

15:42:19.0476 4016 [ 6E30D02AAC9CAC84F421622E3A2F6178 ] C:\Windows\System32\AxInstSv.dll

15:42:19.0476 4016 C:\Windows\System32\AxInstSv.dll - ok

15:42:19.0492 4016 [ 6DCFAEC6D1334AA6CDF8961DB4633CBF ] C:\Windows\System32\negoexts.dll

15:42:19.0492 4016 C:\Windows\System32\negoexts.dll - ok

15:42:19.0507 4016 [ BDA0B954A30498B5A7EDC6204CBA07ED ] C:\Windows\System32\kerberos.dll

15:42:19.0507 4016 C:\Windows\System32\kerberos.dll - ok

15:42:19.0507 4016 [ EE1E9C3BB8228AE423DD38DB69128E71 ] C:\Windows\System32\bdesvc.dll

15:42:19.0507 4016 C:\Windows\System32\bdesvc.dll - ok

15:42:19.0523 4016 [ 7321F18D1F820612ED0E9F2D4B578A7E ] C:\Windows\System32\cryptsp.dll

15:42:19.0523 4016 C:\Windows\System32\cryptsp.dll - ok

15:42:19.0538 4016 [ 4C1E16B9A53102C8D6FBA587CBCB95DE ] C:\Windows\System32\msv1_0.dll

15:42:19.0538 4016 C:\Windows\System32\msv1_0.dll - ok

15:42:19.0538 4016 [ 8999B8631C7FD9F7F9EC3CAFD953BA24 ] C:\Windows\System32\mswsock.dll

15:42:19.0538 4016 C:\Windows\System32\mswsock.dll - ok

15:42:19.0554 4016 [ 702254574E7E52052DE39408457B7149 ] C:\Windows\System32\version.dll

15:42:19.0554 4016 C:\Windows\System32\version.dll - ok

15:42:19.0554 4016 [ 73E8667A19FEEDD856DF2695E9E511D4 ] C:\Windows\System32\wship6.dll

15:42:19.0554 4016 C:\Windows\System32\wship6.dll - ok

15:42:19.0570 4016 [ 1E2BAC209D184BB851E1A187D8A29136 ] C:\Windows\System32\BFE.DLL

15:42:19.0570 4016 C:\Windows\System32\BFE.DLL - ok

15:42:19.0585 4016 [ C1809B9907ADEDAF16F50C894100883B ] C:\Windows\System32\netlogon.dll

15:42:19.0585 4016 C:\Windows\System32\netlogon.dll - ok

15:42:19.0585 4016 [ 3DAA727B5B0A45039B0E1C9A211B8400 ] C:\Windows\System32\browser.dll

15:42:19.0585 4016 C:\Windows\System32\browser.dll - ok

15:42:19.0601 4016 [ E585445D5021971FAE10393F0F1C3961 ] C:\Windows\System32\qmgr.dll

15:42:19.0601 4016 C:\Windows\System32\qmgr.dll - ok

15:42:19.0616 4016 [ B40420876B9288E0A1C8CCA8A84E5DC9 ] C:\Windows\System32\dnsapi.dll

15:42:19.0616 4016 C:\Windows\System32\dnsapi.dll - ok

15:42:19.0616 4016 [ 8EA53101FF2B15BDFF934B62A8FB326D ] C:\Windows\System32\logoncli.dll

15:42:19.0616 4016 C:\Windows\System32\logoncli.dll - ok

15:42:19.0632 4016 [ 1180159EE45AD1B110F6E482F244899E ] C:\Windows\System32\bridgeres.dll

15:42:19.0632 4016 C:\Windows\System32\bridgeres.dll - ok

15:42:19.0632 4016 [ 3D3CBD1847F980FB03343A63671E7886 ] C:\Windows\System32\schannel.dll

15:42:19.0632 4016 C:\Windows\System32\schannel.dll - ok

15:42:19.0648 4016 [ 0450CF487ECD8A67B56F59F9A96D024D ] C:\Windows\System32\wdigest.dll

15:42:19.0648 4016 C:\Windows\System32\wdigest.dll - ok

15:42:19.0663 4016 [ ED8EC63F7522DF4852147C84EC62C36A ] C:\Windows\System32\rsaenh.dll

15:42:19.0663 4016 C:\Windows\System32\rsaenh.dll - ok

15:42:19.0663 4016 [ D29E45078CF4020CE0AAC82EC652D1EA ] C:\Windows\System32\TSpkg.dll

15:42:19.0663 4016 C:\Windows\System32\TSpkg.dll - ok

15:42:19.0679 4016 [ E8449FE262D7406BCB2AC2A45C53EC5F ] C:\Windows\System32\bcryptprimitives.dll

15:42:19.0679 4016 C:\Windows\System32\bcryptprimitives.dll - ok

15:42:19.0694 4016 [ 93723774872D9FB903266A46ED1E0BC2 ] C:\Windows\System32\LIVESSP.DLL

15:42:19.0694 4016 C:\Windows\System32\LIVESSP.DLL - ok

15:42:19.0694 4016 [ 37CC990D4E2CDFAE12AC47F6B620FC13 ] C:\Windows\System32\pku2u.dll

15:42:19.0694 4016 C:\Windows\System32\pku2u.dll - ok

15:42:19.0710 4016 [ 4E5FE39C1076D115EC8BFCFE14D75B80 ] C:\Windows\System32\credssp.dll

15:42:19.0710 4016 C:\Windows\System32\credssp.dll - ok

15:42:19.0710 4016 [ 91F434FF6606ED9BDC6A05D651B69553 ] C:\Windows\System32\efslsaext.dll

15:42:19.0710 4016 C:\Windows\System32\efslsaext.dll - ok

15:42:19.0726 4016 [ 8124944EC89D6A1815E4E53F5B96AAF4 ] C:\Windows\System32\scecli.dll

15:42:19.0726 4016 C:\Windows\System32\scecli.dll - ok

15:42:19.0741 4016 [ 1DF19C96EEF6C29D1C3E1A8678E07190 ] C:\Windows\System32\bthserv.dll

15:42:19.0741 4016 C:\Windows\System32\bthserv.dll - ok

15:42:19.0741 4016 [ 319C6B309773D063541D01DF8AC6F55F ] C:\Windows\System32\certprop.dll

15:42:19.0741 4016 C:\Windows\System32\certprop.dll - ok

15:42:19.0757 4016 [ 635181E0E9BBF16871BF5380D71DB02D ] C:\Windows\System32\clfs.sys

15:42:19.0757 4016 C:\Windows\System32\clfs.sys - ok

15:42:19.0772 4016 [ 808D8A8B2A3074002852BC856D419576 ] C:\Windows\System32\comres.dll

15:42:19.0772 4016 C:\Windows\System32\comres.dll - ok

15:42:19.0772 4016 [ 96C0E38905CFD788313BE8E11DAE3F2F ] C:\Windows\System32\cryptsvc.dll

15:42:19.0772 4016 C:\Windows\System32\cryptsvc.dll - ok

15:42:19.0788 4016 [ 8D6E10A2D9A5EED59562D9B82CF804E1 ] C:\Windows\System32\defragsvc.dll

15:42:19.0788 4016 C:\Windows\System32\defragsvc.dll - ok

15:42:19.0804 4016 [ 370E6FB6F6FF1B3DAC7F1182AC493BB6 ] C:\Windows\System32\oleres.dll

15:42:19.0804 4016 C:\Windows\System32\oleres.dll - ok

15:42:19.0804 4016 [ E9E01EB683C132F7FA27CD607B8A2B63 ] C:\Windows\System32\dhcpcore.dll

15:42:19.0804 4016 C:\Windows\System32\dhcpcore.dll - ok

15:42:19.0819 4016 [ 366BA8FB4B7BB7435E3B9EACB3843F67 ] C:\Windows\System32\dot3svc.dll

15:42:19.0819 4016 C:\Windows\System32\dot3svc.dll - ok

15:42:19.0819 4016 [ 8EC04CA86F1D68DA9E11952EB85973D6 ] C:\Windows\System32\dps.dll

15:42:19.0819 4016 C:\Windows\System32\dps.dll - ok

15:42:19.0835 4016 [ A8C362018EFC87BEB013EE28F29C0863 ] C:\Windows\ehome\ehrecvr.exe

15:42:19.0835 4016 C:\Windows\ehome\ehrecvr.exe - ok

15:42:19.0850 4016 [ 8600142FA91C1B96367D3300AD0F3F3A ] C:\Windows\System32\eapsvc.dll

15:42:19.0850 4016 C:\Windows\System32\eapsvc.dll - ok

15:42:19.0850 4016 [ 00A99DA54C14969A899ED316D16E9A9E ] C:\Windows\System32\efssvc.dll

15:42:19.0850 4016 C:\Windows\System32\efssvc.dll - ok

15:42:19.0866 4016 [ D389BFF34F80CAEDE417BF9D1507996A ] C:\Windows\ehome\ehsched.exe

15:42:19.0866 4016 C:\Windows\ehome\ehsched.exe - ok

15:42:19.0866 4016 [ 241E015DD809CFB23242F890B1FC575B ] C:\Windows\System32\wevtsvc.dll

15:42:19.0866 4016 C:\Windows\System32\wevtsvc.dll - ok

15:42:19.0882 4016 [ C4096CA42199428B3D63DC206C197F0E ] C:\Windows\System32\FXSRESM.dll

15:42:19.0882 4016 C:\Windows\System32\FXSRESM.dll - ok

15:42:19.0897 4016 [ F3222C893BD2F5821A0179E5C71E88FB ] C:\Windows\System32\fdPHost.dll

15:42:19.0897 4016 C:\Windows\System32\fdPHost.dll - ok

15:42:19.0897 4016 [ 7DBE8CBFE79EFBDEB98C9FB08D3A9A5B ] C:\Windows\System32\FDResPub.dll

15:42:19.0897 4016 C:\Windows\System32\FDResPub.dll - ok

15:42:19.0913 4016 [ 6CF00369C97F3CF563BE99BE983D13D8 ] C:\Windows\System32\drivers\fileinfo.sys

15:42:19.0913 4016 C:\Windows\System32\drivers\fileinfo.sys - ok

15:42:19.0928 4016 [ 42C51DC94C91DA21CB9196EB64C45DB9 ] C:\Windows\System32\drivers\filetrace.sys

15:42:19.0928 4016 C:\Windows\System32\drivers\filetrace.sys - ok

15:42:19.0928 4016 [ 7520EC808E0C35E0EE6F841294316653 ] C:\Windows\System32\drivers\fltMgr.sys

15:42:19.0928 4016 C:\Windows\System32\drivers\fltMgr.sys - ok

15:42:19.0944 4016 [ B3A5EC6B6B6673DB7E87C2BCDBDDC074 ] C:\Windows\System32\FntCache.dll

15:42:19.0944 4016 C:\Windows\System32\FntCache.dll - ok

15:42:19.0960 4016 [ 6A08F1C87BBF6197F5DAD95CF41E5175 ] C:\Windows\System32\PresentationHost.exe

15:42:19.0960 4016 C:\Windows\System32\PresentationHost.exe - ok

15:42:19.0960 4016 [ 1A16B57943853E598CFF37FE2B8CBF1D ] C:\Windows\System32\drivers\fsdepends.sys

15:42:19.0960 4016 C:\Windows\System32\drivers\fsdepends.sys - ok

15:42:19.0975 4016 [ 8A73E79089B282100B9393B644CB853B ] C:\Windows\System32\drivers\fvevol.sys

15:42:19.0975 4016 C:\Windows\System32\drivers\fvevol.sys - ok

15:42:19.0975 4016 [ 1097F3035BAF46CED8B332B3564C5108 ] C:\Windows\System32\gpapi.dll

15:42:19.0991 4016 C:\Windows\System32\gpapi.dll - ok

15:42:19.0991 4016 [ 2BC6F6A1992B3A77F5F41432CA6B3B6B ] C:\Windows\System32\hidserv.dll

15:42:19.0991 4016 C:\Windows\System32\hidserv.dll - ok

15:42:20.0006 4016 [ 196B4E3F4CCCC24AF836CE58FACBB699 ] C:\Windows\System32\KMSVC.DLL

15:42:20.0006 4016 C:\Windows\System32\KMSVC.DLL - ok

15:42:20.0006 4016 [ 6658F4404DE03D75FE3BA09F7ABA6A30 ] C:\Windows\System32\ListSvc.dll

15:42:20.0006 4016 C:\Windows\System32\ListSvc.dll - ok

15:42:20.0022 4016 [ DBC02D918FFF1CAD628ACBE0C0EAA8E8 ] C:\Windows\System32\provsvc.dll

15:42:20.0022 4016 C:\Windows\System32\provsvc.dll - ok

15:42:20.0038 4016 [ 871917B07A141BFF43D76D8844D48106 ] C:\Windows\System32\drivers\http.sys

15:42:20.0038 4016 C:\Windows\System32\drivers\http.sys - ok

15:42:20.0038 4016 [ 68F94A45AB26C06221B6BF5C491436D8 ] C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\ServiceModelInstallRC.dll

15:42:20.0038 4016 C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\ServiceModelInstallRC.dll - ok

15:42:20.0053 4016 [ 0C4E035C7F105F1299258C90886C64C5 ] C:\Windows\System32\drivers\hwpolicy.sys

15:42:20.0053 4016 C:\Windows\System32\drivers\hwpolicy.sys - ok

15:42:20.0069 4016 [ F95622F161474511B8D80D6B093AA610 ] C:\Windows\System32\IKEEXT.DLL

15:42:20.0069 4016 C:\Windows\System32\IKEEXT.DLL - ok

15:42:20.0069 4016 [ ACB364B9075A45C0736E5C47BE5CAE19 ] C:\Windows\System32\IPBusEnum.dll

15:42:20.0069 4016 C:\Windows\System32\IPBusEnum.dll - ok

15:42:20.0084 4016 [ 58F67245D041FBE7AF88F4EAF79DF0FA ] C:\Windows\System32\iphlpsvc.dll

15:42:20.0084 4016 C:\Windows\System32\iphlpsvc.dll - ok

15:42:20.0084 4016 [ 42996CFF20A3084A56017B7902307E9F ] C:\Windows\System32\drivers\irenum.sys

15:42:20.0084 4016 C:\Windows\System32\drivers\irenum.sys - ok

15:42:20.0100 4016 [ AF75DBA674E55221B7A055B0A4345F16 ] C:\Windows\System32\keyiso.dll

15:42:20.0100 4016 C:\Windows\System32\keyiso.dll - ok

15:42:20.0116 4016 [ D64AF876D53ECA3668BB97B51B4E70AB ] C:\Windows\System32\srvsvc.dll

15:42:20.0116 4016 C:\Windows\System32\srvsvc.dll - ok

15:42:20.0116 4016 [ F7807FFF85E636D53A0C2C2CD8BCDC5F ] C:\Windows\ehome\ehres.dll

15:42:20.0116 4016 C:\Windows\ehome\ehres.dll - ok

15:42:20.0131 4016 [ 6703E366CC18D3B6E534F5CF7DF39CEE ] C:\Windows\System32\drivers\luafv.sys

15:42:20.0131 4016 C:\Windows\System32\drivers\luafv.sys - ok

15:42:20.0147 4016 [ 276678C13E3F01E9EC32ED7E56B4FEA0 ] C:\Windows\System32\lltdres.dll

15:42:20.0147 4016 C:\Windows\System32\lltdres.dll - ok

15:42:20.0147 4016 [ 55CA01BA19D0006C8F2639B6C045E08B ] C:\Windows\System32\lmhsvc.dll

15:42:20.0147 4016 C:\Windows\System32\lmhsvc.dll - ok

15:42:20.0162 4016 [ 58405E4F68BA8E4057C6E914F326ABA2 ] C:\Windows\System32\wkssvc.dll

15:42:20.0162 4016 C:\Windows\System32\wkssvc.dll - ok

15:42:20.0162 4016 [ FC8771F45ECCCFD89684E38842539B9B ] C:\Windows\System32\drivers\mountmgr.sys

15:42:20.0162 4016 C:\Windows\System32\drivers\mountmgr.sys - ok

15:42:20.0178 4016 [ 146B6F43A673379A3C670E86D89BE5EA ] C:\Windows\System32\mmcss.dll

15:42:20.0178 4016 C:\Windows\System32\mmcss.dll - ok

15:42:20.0194 4016 [ 3F50200237961034FACE602373838980 ] C:\Windows\System32\FirewallAPI.dll

15:42:20.0194 4016 C:\Windows\System32\FirewallAPI.dll - ok

15:42:20.0194 4016 [ A9D880F97530D5B8FEE278923349929D ] C:\Windows\System32\WebClnt.dll

15:42:20.0194 4016 C:\Windows\System32\WebClnt.dll - ok

15:42:20.0209 4016 [ 3E1E5767043C5AF9367F0056295E9F84 ] C:\Windows\System32\drivers\mshidkmdf.sys

15:42:20.0209 4016 C:\Windows\System32\drivers\mshidkmdf.sys - ok

15:42:20.0225 4016 [ BB5B4BA716D145B2ADF241052EDAB983 ] C:\Windows\System32\iscsidsc.dll

15:42:20.0225 4016 C:\Windows\System32\iscsidsc.dll - ok

15:42:20.0225 4016 [ 159FAD02F64E6381758C990F753BCC80 ] C:\Windows\System32\drivers\mup.sys

15:42:20.0225 4016 C:\Windows\System32\drivers\mup.sys - ok

15:42:20.0240 4016 [ 1F59B386F652A0484A3CC0B680B1132B ] C:\Windows\System32\msimsg.dll

15:42:20.0240 4016 C:\Windows\System32\msimsg.dll - ok

15:42:20.0256 4016 [ 61D57A5D7C6D9AFE10E77DAE6E1B445E ] C:\Windows\System32\QAGENTRT.DLL

15:42:20.0256 4016 C:\Windows\System32\QAGENTRT.DLL - ok

15:42:20.0256 4016 [ 8C9C922D71F1CD4DEF73F186416B7896 ] C:\Windows\System32\drivers\ndis.sys

15:42:20.0256 4016 C:\Windows\System32\drivers\ndis.sys - ok

15:42:20.0272 4016 [ 7CCCFCA7510684768DA22092D1FA4DB2 ] C:\Windows\System32\netman.dll

15:42:20.0272 4016 C:\Windows\System32\netman.dll - ok

15:42:20.0272 4016 [ 8C338238C16777A802D6A9211EB2BA50 ] C:\Windows\System32\netprofm.dll

15:42:20.0272 4016 C:\Windows\System32\netprofm.dll - ok

15:42:20.0287 4016 [ 374071043F9E4231EE43BE2BB48DD36D ] C:\Windows\System32\nlasvc.dll

15:42:20.0287 4016 C:\Windows\System32\nlasvc.dll - ok

15:42:20.0303 4016 [ BA387E955E890C8A88306D9B8D06BF17 ] C:\Windows\System32\nsisvc.dll

15:42:20.0303 4016 C:\Windows\System32\nsisvc.dll - ok

15:42:20.0303 4016 [ 82A8521DDC60710C3D3D3E7325209BEC ] C:\Windows\System32\pnrpsvc.dll

15:42:20.0303 4016 C:\Windows\System32\pnrpsvc.dll - ok

15:42:20.0318 4016 [ 59C3DDD501E39E006DAC31BF55150D91 ] C:\Windows\System32\p2psvc.dll

15:42:20.0318 4016 C:\Windows\System32\p2psvc.dll - ok

15:42:20.0318 4016 [ 3F34A1B4C5F6475F320C275E63AFCE9B ] C:\Windows\System32\drivers\partmgr.sys

15:42:20.0334 4016 C:\Windows\System32\drivers\partmgr.sys - ok

15:42:20.0334 4016 [ 358AB7956D3160000726574083DFC8A6 ] C:\Windows\System32\pcasvc.dll

15:42:20.0334 4016 C:\Windows\System32\pcasvc.dll - ok

15:42:20.0350 4016 [ 414BBA67A3DED1D28437EB66AEB8A720 ] C:\Windows\System32\pla.dll

15:42:20.0350 4016 C:\Windows\System32\pla.dll - ok

15:42:20.0350 4016 [ 63FF8572611249931EB16BB8EED6AFC8 ] C:\Windows\System32\pnrpauto.dll

15:42:20.0350 4016 C:\Windows\System32\pnrpauto.dll - ok

15:42:20.0365 4016 [ EC7BC28D207DA09E79B3E9FAF8B232CA ] C:\Windows\System32\umpnpmgr.dll

15:42:20.0365 4016 C:\Windows\System32\umpnpmgr.dll - ok

15:42:20.0381 4016 [ 0E6DCD164732580CC1E57276252F49CF ] C:\Windows\System32\polstore.dll

15:42:20.0381 4016 C:\Windows\System32\polstore.dll - ok

15:42:20.0381 4016 [ CADEFAC453040E370A1BDFF3973BE00D ] C:\Windows\System32\profsvc.dll

15:42:20.0381 4016 C:\Windows\System32\profsvc.dll - ok

15:42:20.0396 4016 [ F87D30E72E03D579A5199CCB3831D6EA ] C:\Windows\System32\umpo.dll

15:42:20.0396 4016 C:\Windows\System32\umpo.dll - ok

15:42:20.0396 4016 [ 274992D0945889A6B56D0E1BD4288A6E ] C:\Windows\System32\psbase.dll

15:42:20.0396 4016 C:\Windows\System32\psbase.dll - ok

15:42:20.0412 4016 [ 31AC809E7707EB580B2BDB760390765A ] C:\Windows\System32\qwave.dll

15:42:20.0412 4016 C:\Windows\System32\qwave.dll - ok

15:42:20.0428 4016 [ 584078CA1B95CA72DF2A27C336F9719D ] C:\Windows\System32\drivers\qwavedrv.sys

15:42:20.0428 4016 C:\Windows\System32\drivers\qwavedrv.sys - ok

15:42:20.0428 4016 [ 8F97D374AD1857E1EED85A79F29A1D3D ] C:\Windows\WindowsMobile\rapimgr.dll

15:42:20.0428 4016 C:\Windows\WindowsMobile\rapimgr.dll - ok

15:42:20.0443 4016 [ A60F1839849C0C00739787FD5EC03F13 ] C:\Windows\System32\rasauto.dll

15:42:20.0443 4016 C:\Windows\System32\rasauto.dll - ok

15:42:20.0459 4016 [ CB9E04DC05EACF5B9A36CA276D475006 ] C:\Windows\System32\rasmans.dll

15:42:20.0459 4016 C:\Windows\System32\rasmans.dll - ok

15:42:20.0459 4016 [ 7B5E1419717FAC363A31CC302895217A ] C:\Windows\System32\mprdim.dll

15:42:20.0459 4016 C:\Windows\System32\mprdim.dll - ok

15:42:20.0474 4016 [ D318F23BE45D5E3A107469EB64815B50 ] C:\Windows\System32\sstpsvc.dll

15:42:20.0474 4016 C:\Windows\System32\sstpsvc.dll - ok

15:42:20.0490 4016 [ CB9A8683F4EF2BF99E123D79950D7935 ] C:\Windows\System32\regsvc.dll

15:42:20.0490 4016 C:\Windows\System32\regsvc.dll - ok

15:42:20.0490 4016 [ 94D36C0E44677DD26981D2BFEEF2A29D ] C:\Windows\System32\Locator.exe

15:42:20.0490 4016 C:\Windows\System32\Locator.exe - ok

15:42:20.0506 4016 [ 78D072F35BC45D9E4E1B61895C152234 ] C:\Windows\System32\RpcEpMap.dll

15:42:20.0506 4016 C:\Windows\System32\RpcEpMap.dll - ok

15:42:20.0506 4016 [ 8FC518FFE9519C2631D37515A68009C4 ] C:\Windows\System32\SCardSvr.dll

15:42:20.0506 4016 C:\Windows\System32\SCardSvr.dll - ok

15:42:20.0521 4016 [ 0693B5EC673E34DC147E195779A4DCF6 ] C:\Windows\System32\drivers\scfilter.sys

15:42:20.0521 4016 C:\Windows\System32\drivers\scfilter.sys - ok

15:42:20.0537 4016 [ A04BB13F8A72F8B6E8B4071723E4E336 ] C:\Windows\System32\schedsvc.dll

15:42:20.0537 4016 C:\Windows\System32\schedsvc.dll - ok

15:42:20.0537 4016 [ 08236C4BCE5EDD0A0318A438AF28E0F7 ] C:\Windows\System32\sdrsvc.dll

15:42:20.0537 4016 C:\Windows\System32\sdrsvc.dll - ok

15:42:20.0552 4016 [ A59B3A4442C52060CC7A85293AA3546F ] C:\Windows\System32\seclogon.dll

15:42:20.0552 4016 C:\Windows\System32\seclogon.dll - ok

15:42:20.0568 4016 [ DCB7FCDCC97F87360F75D77425B81737 ] C:\Windows\System32\Sens.dll

15:42:20.0568 4016 C:\Windows\System32\Sens.dll - ok

15:42:20.0568 4016 [ 50087FE1EE447009C9CC2997B90DE53F ] C:\Windows\System32\sensrsvc.dll

15:42:20.0568 4016 C:\Windows\System32\sensrsvc.dll - ok

15:42:20.0584 4016 [ 4AE380F39A0032EAB7DD953030B26D28 ] C:\Windows\System32\SessEnv.dll

15:42:20.0584 4016 C:\Windows\System32\SessEnv.dll - ok

15:42:20.0584 4016 [ D1A079A0DE2EA524513B6930C24527A2 ] C:\Windows\System32\ipnathlp.dll

15:42:20.0584 4016 C:\Windows\System32\ipnathlp.dll - ok

15:42:20.0599 4016 [ 414DA952A35BF5D50192E28263B40577 ] C:\Windows\System32\shsvcs.dll

15:42:20.0599 4016 C:\Windows\System32\shsvcs.dll - ok

15:42:20.0615 4016 [ 6A984831644ECA1A33FFEAE4126F4F37 ] C:\Windows\System32\snmptrap.exe

15:42:20.0615 4016 C:\Windows\System32\snmptrap.exe - ok

15:42:20.0615 4016 [ CAFC0B884E5590B5E80D84F592388B3D ] C:\Windows\System32\tcpipcfg.dll

15:42:20.0615 4016 C:\Windows\System32\tcpipcfg.dll - ok

15:42:20.0630 4016 [ 9AEA093B8F9C37CF45538382CABA2475 ] C:\Windows\System32\spoolsv.exe

15:42:20.0630 4016 C:\Windows\System32\spoolsv.exe - ok

15:42:20.0646 4016 [ CF87A1DE791347E75B98885214CED2B8 ] C:\Windows\System32\sppsvc.exe

15:42:20.0646 4016 C:\Windows\System32\sppsvc.exe - ok

15:42:20.0646 4016 [ B0180B20B065D89232A78A40FE56EAA6 ] C:\Windows\System32\sppuinotify.dll

15:42:20.0646 4016 C:\Windows\System32\sppuinotify.dll - ok

15:42:20.0662 4016 [ D887C9FD02AC9FA880F6E5027A43E118 ] C:\Windows\System32\ssdpsrv.dll

15:42:20.0662 4016 C:\Windows\System32\ssdpsrv.dll - ok

15:42:20.0662 4016 [ E1FB3706030FB4578A0D72C2FC3689E4 ] C:\Windows\System32\wiaservc.dll

15:42:20.0662 4016 C:\Windows\System32\wiaservc.dll - ok

15:42:20.0677 4016 [ A28BD92DF340E57B024BA433165D34D7 ] C:\Windows\System32\swprv.dll

15:42:20.0677 4016 C:\Windows\System32\swprv.dll - ok

15:42:20.0693 4016 [ 36650D618CA34C9D357DFD3D89B2C56F ] C:\Windows\System32\sysmain.dll

15:42:20.0693 4016 C:\Windows\System32\sysmain.dll - ok

15:42:20.0693 4016 [ 763FECDC3D30C815FE72DD57936C6CD1 ] C:\Windows\System32\TabSvc.dll

15:42:20.0693 4016 C:\Windows\System32\TabSvc.dll - ok

15:42:20.0708 4016 [ 613BF4820361543956909043A265C6AC ] C:\Windows\System32\tapisrv.dll

15:42:20.0708 4016 C:\Windows\System32\tapisrv.dll - ok

15:42:20.0724 4016 [ B799D9FDB26111737F58288D8DC172D9 ] C:\Windows\System32\tbssvc.dll

15:42:20.0724 4016 C:\Windows\System32\tbssvc.dll - ok

15:42:20.0724 4016 [ 382C804C92811BE57829D8E550A900E2 ] C:\Windows\System32\termsrv.dll

15:42:20.0724 4016 C:\Windows\System32\termsrv.dll - ok

15:42:20.0740 4016 [ 42FB6AFD6B79D9FE07381609172E7CA4 ] C:\Windows\System32\themeservice.dll

15:42:20.0740 4016 C:\Windows\System32\themeservice.dll - ok

15:42:20.0740 4016 [ 4792C0378DB99A9BC2AE2DE6CFFF0C3A ] C:\Windows\System32\trkwks.dll

15:42:20.0740 4016 C:\Windows\System32\trkwks.dll - ok

15:42:20.0755 4016 [ 2C49B175AEE1D4364B91B531417FE583 ] C:\Windows\servicing\TrustedInstaller.exe

15:42:20.0755 4016 C:\Windows\servicing\TrustedInstaller.exe - ok

15:42:20.0771 4016 [ 254BB140EEE3C59D6114C1A86B636877 ] C:\Windows\System32\drivers\tssecsrv.sys

15:42:20.0771 4016 C:\Windows\System32\drivers\tssecsrv.sys - ok

15:42:20.0771 4016 [ FD1D6C73E6333BE727CBCC6054247654 ] C:\Windows\System32\drivers\TsUsbFlt.sys

15:42:20.0771 4016 C:\Windows\System32\drivers\TsUsbFlt.sys - ok

15:42:20.0786 4016 [ 8344FD4FCE927880AA1AA7681D4927E5 ] C:\Windows\System32\UI0Detect.exe

15:42:20.0786 4016 C:\Windows\System32\UI0Detect.exe - ok

15:42:20.0802 4016 [ 833FBB672460EFCE8011D262175FAD33 ] C:\Windows\System32\upnphost.dll

15:42:20.0802 4016 C:\Windows\System32\upnphost.dll - ok

15:42:20.0802 4016 [ 505BF4D1CADEB8D4F8BCD08D944DE25D ] C:\Windows\System32\dwm.exe

15:42:20.0802 4016 C:\Windows\System32\dwm.exe - ok

15:42:20.0818 4016 [ 6FEC7B9A76B41D9AC67615A3040017F5 ] C:\Windows\System32\vaultsvc.dll

15:42:20.0818 4016 C:\Windows\System32\vaultsvc.dll - ok

15:42:20.0833 4016 [ C3CD30495687C2A2F66A65CA6FD89BE9 ] C:\Windows\System32\vds.exe

15:42:20.0833 4016 C:\Windows\System32\vds.exe - ok

15:42:20.0833 4016 [ B5BB72067DDDDBBFB04B2F89FF8C3C87 ] C:\Windows\System32\drivers\volmgrx.sys

15:42:20.0833 4016 C:\Windows\System32\drivers\volmgrx.sys - ok

15:42:20.0849 4016 [ 209A3B1901B83AEB8527ED211CCE9E4C ] C:\Windows\System32\VSSVC.exe

15:42:20.0849 4016 C:\Windows\System32\VSSVC.exe - ok

15:42:20.0849 4016 [ 55187FD710E27D5095D10A472C8BAF1C ] C:\Windows\System32\w32time.dll

15:42:20.0849 4016 C:\Windows\System32\w32time.dll - ok

15:42:20.0864 4016 [ 6F3705B2E59AC26FDA582BF5826F9D21 ] C:\Windows\System32\Wat\WatUX.exe

15:42:20.0864 4016 C:\Windows\System32\Wat\WatUX.exe - ok

15:42:20.0880 4016 [ 691E3285E53DCA558E1A84667F13E15A ] C:\Windows\System32\wbengine.exe

15:42:20.0880 4016 C:\Windows\System32\wbengine.exe - ok

15:42:20.0880 4016 [ 9614B5D29DC76AC3C29F6D2D3AA70E67 ] C:\Windows\System32\wbiosrvc.dll

15:42:20.0880 4016 C:\Windows\System32\wbiosrvc.dll - ok

15:42:20.0896 4016 [ 34EEE0DFAADB4F691D6D5308A51315DC ] C:\Windows\System32\wcncsvc.dll

15:42:20.0896 4016 C:\Windows\System32\wcncsvc.dll - ok

15:42:20.0911 4016 [ 59E19BD13C3BDB857646B9E436BA27F7 ] C:\Windows\WindowsMobile\wcescomm.dll

15:42:20.0911 4016 C:\Windows\WindowsMobile\wcescomm.dll - ok

15:42:20.0911 4016 [ 5D930B6357A6D2AF4D7653BDABBF352F ] C:\Windows\System32\WcsPlugInService.dll

15:42:20.0911 4016 C:\Windows\System32\WcsPlugInService.dll - ok

15:42:20.0927 4016 [ A840213F1ACDCC175B4D1D5AAEAC0D7A ] C:\Windows\System32\drivers\Wdf01000.sys

15:42:20.0927 4016 C:\Windows\System32\drivers\Wdf01000.sys - ok

15:42:20.0927 4016 [ 46EF9DC96265FD0B423DB72E7C38C2A5 ] C:\Windows\System32\wdi.dll

15:42:20.0927 4016 C:\Windows\System32\wdi.dll - ok

15:42:20.0942 4016 [ 760F0AFE937A77CFF27153206534F275 ] C:\Windows\System32\wecsvc.dll

15:42:20.0942 4016 C:\Windows\System32\wecsvc.dll - ok

15:42:20.0958 4016 [ AC804569BB2364FB6017370258A4091B ] C:\Windows\System32\wercplsupport.dll

15:42:20.0958 4016 C:\Windows\System32\wercplsupport.dll - ok

15:42:20.0958 4016 [ EFD4E29FED530564BE4C3076C806FB65 ] C:\Program Files\Windows Defender\MsMpRes.dll

15:42:20.0958 4016 C:\Program Files\Windows Defender\MsMpRes.dll - ok

15:42:20.0974 4016 [ 08E420D873E4FD85241EE2421B02C4A4 ] C:\Windows\System32\wersvc.dll

15:42:20.0974 4016 C:\Windows\System32\wersvc.dll - ok

15:42:20.0989 4016 [ CA9F7888B524D8100B977C81F44C3234 ] C:\Windows\System32\winhttp.dll

15:42:20.0989 4016 C:\Windows\System32\winhttp.dll - ok

15:42:20.0989 4016 [ F62E510B6AD4C21EB9FE8668ED251826 ] C:\Windows\System32\wbem\WMIsvc.dll

15:42:20.0989 4016 C:\Windows\System32\wbem\WMIsvc.dll - ok

15:42:21.0005 4016 [ 1B91CD34EA3A90AB6A4EF0550174F4CC ] C:\Windows\System32\WsmSvc.dll

15:42:21.0005 4016 C:\Windows\System32\WsmSvc.dll - ok

15:42:21.0020 4016 [ 16935C98FF639D185086A3529B1F2067 ] C:\Windows\System32\wlansvc.dll

15:42:21.0020 4016 C:\Windows\System32\wlansvc.dll - ok

15:42:21.0020 4016 [ 6EB6B66517B048D87DC1856DDF1F4C3F ] C:\Windows\System32\wbem\WmiApSrv.exe

15:42:21.0020 4016 C:\Windows\System32\wbem\WmiApSrv.exe - ok

15:42:21.0036 4016 [ 3B40D3A61AA8C21B88AE57C58AB3122E ] C:\Program Files\Windows Media Player\wmpnetwk.exe

15:42:21.0036 4016 C:\Program Files\Windows Media Player\wmpnetwk.exe - ok

15:42:21.0036 4016 [ A2F0EC770A92F2B3F9DE6D518E11409C ] C:\Windows\System32\wpcsvc.dll

15:42:21.0036 4016 C:\Windows\System32\wpcsvc.dll - ok

15:42:21.0052 4016 [ AA53356D60AF47EACC85BC617A4F3F66 ] C:\Windows\System32\wpdbusenum.dll

15:42:21.0052 4016 C:\Windows\System32\wpdbusenum.dll - ok

15:42:21.0067 4016 [ 6F5D49EFE0E7164E03AE773A3FE25340 ] C:\Windows\System32\wscsvc.dll

15:42:21.0067 4016 C:\Windows\System32\wscsvc.dll - ok

15:42:21.0067 4016 [ 236F286E103FD44BD85FDD93097FD5DD ] C:\Windows\System32\SearchIndexer.exe

15:42:21.0067 4016 C:\Windows\System32\SearchIndexer.exe - ok

15:42:21.0083 4016 [ FC3EC24FCE372C89423E015A2AC1A31E ] C:\Windows\System32\wuaueng.dll

15:42:21.0083 4016 C:\Windows\System32\wuaueng.dll - ok

15:42:21.0098 4016 [ 06E6F32C8D0A3F66D956F57B43A2E070 ] C:\Windows\System32\drivers\WUDFPf.sys

15:42:21.0098 4016 C:\Windows\System32\drivers\WUDFPf.sys - ok

15:42:21.0098 4016 [ FE47B7BC8EA320C2D9B5E5BF6E303765 ] C:\Windows\System32\WUDFSvc.dll

15:42:21.0098 4016 C:\Windows\System32\WUDFSvc.dll - ok

15:42:21.0114 4016 [ FF2D745B560F7C71B31F30F4D49F73D2 ] C:\Windows\System32\wwansvc.dll

15:42:21.0114 4016 C:\Windows\System32\wwansvc.dll - ok

15:42:21.0114 4016 [ 7222995615BF93B628DCEA4BD6CCACF7 ] C:\Windows\System32\ubpm.dll

15:42:21.0114 4016 C:\Windows\System32\ubpm.dll - ok

15:42:21.0130 4016 [ 54A47F6B5E09A77E61649109C6A08866 ] C:\Windows\System32\svchost.exe

15:42:21.0130 4016 C:\Windows\System32\svchost.exe - ok

15:42:21.0145 4016 [ FD07F21E0A19C27ED4E1EEC2B07452B3 ] C:\Windows\System32\devrtl.dll

15:42:21.0145 4016 C:\Windows\System32\devrtl.dll - ok

15:42:21.0145 4016 [ 4BDBBE5E4208022DD794F7EEEB0F7366 ] C:\Windows\System32\SPInf.dll

15:42:21.0145 4016 C:\Windows\System32\SPInf.dll - ok

15:42:21.0161 4016 [ D15618A0FF8DBC2C5BF3726BACC75A0B ] C:\Windows\System32\userenv.dll

15:42:21.0161 4016 C:\Windows\System32\userenv.dll - ok

15:42:21.0176 4016 [ 5893EBDCE371174AC89ECD7731DD6D77 ] C:\Windows\System32\pcwum.dll

15:42:21.0176 4016 C:\Windows\System32\pcwum.dll - ok

15:42:21.0176 4016 [ 08DFDBD2FD4EA951DC46B1C7661ED35A ] C:\Windows\System32\powrprof.dll

15:42:21.0176 4016 C:\Windows\System32\powrprof.dll - ok

15:42:21.0192 4016 [ FF83C93AEEE8B0CF4B464CA667A67ACD ] C:\Windows\System32\drivers\aswMonFlt.sys

15:42:21.0192 4016 C:\Windows\System32\drivers\aswMonFlt.sys - ok

15:42:21.0192 4016 [ 500D089CE760D83DA2B6CBA681AA9949 ] C:\Windows\System32\drivers\mbam.sys

15:42:21.0192 4016 C:\Windows\System32\drivers\mbam.sys - ok

15:42:21.0208 4016 [ 7660F01D3B38ACA1747E397D21D790AF ] C:\Windows\System32\rpcss.dll

15:42:21.0208 4016 C:\Windows\System32\rpcss.dll - ok

15:42:21.0223 4016 [ 81F08948A0F1475894C99D4D19A158A8 ] C:\Windows\System32\wshqos.dll

15:42:21.0223 4016 C:\Windows\System32\wshqos.dll - ok

15:42:21.0223 4016 [ EE5C8E27C37B79CB54A2FCEEED2DC262 ] C:\Windows\System32\WSHTCPIP.DLL

15:42:21.0223 4016 C:\Windows\System32\WSHTCPIP.DLL - ok

15:42:21.0239 4016 [ 0BC6704F6FB4C63CDCB85401E8263A1B ] C:\Windows\System32\atiesrxx.exe

15:42:21.0239 4016 C:\Windows\System32\atiesrxx.exe - ok

15:42:21.0254 4016 [ 6A6B2EE4565A178035BE2A4FF6F2C968 ] C:\Windows\System32\wtsapi32.dll

15:42:21.0254 4016 C:\Windows\System32\wtsapi32.dll - ok

15:42:21.0254 4016 [ 3EF0D8AB08385AAB5802E773511A2E6A ] C:\Windows\System32\LogonUI.exe

15:42:21.0254 4016 C:\Windows\System32\LogonUI.exe - ok

15:42:21.0270 4016 [ CDD35C1CE1EBFE80C055691CDC8DF443 ] C:\Windows\System32\authui.dll

15:42:21.0270 4016 C:\Windows\System32\authui.dll - ok

15:42:21.0270 4016 [ 243974EC02F7AE49E4179C54624143AB ] C:\Windows\System32\MMDevAPI.dll

15:42:21.0270 4016 C:\Windows\System32\MMDevAPI.dll - ok

15:42:21.0286 4016 [ 12C45E3CB6D65F73209549E2D02ECA7A ] C:\Windows\System32\propsys.dll

15:42:21.0286 4016 C:\Windows\System32\propsys.dll - ok

15:42:21.0301 4016 [ 139D3AB6AA920C34C50CBFFB9EB7D222 ] C:\Windows\System32\avrt.dll

15:42:21.0301 4016 C:\Windows\System32\avrt.dll - ok

15:42:21.0301 4016 [ 28CA821606669BB9215CE010767720FA ] C:\Windows\System32\cryptui.dll

15:42:21.0301 4016 C:\Windows\System32\cryptui.dll - ok

15:42:21.0317 4016 [ 352B3DC62A0D259A82A052238425C872 ] C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2\comctl32.dll

15:42:21.0317 4016 C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2\comctl32.dll - ok

15:42:21.0332 4016 [ F14A9B1778376D0B1788E402AC1F831A ] C:\Windows\System32\shacct.dll

15:42:21.0332 4016 C:\Windows\System32\shacct.dll - ok

15:42:21.0332 4016 [ C30A3E5DEEEBA22E782AC54C5AF5F352 ] C:\Windows\System32\samlib.dll

15:42:21.0332 4016 C:\Windows\System32\samlib.dll - ok

15:42:21.0348 4016 [ 63BFDF555DA2075A77D677829C3CCCD0 ] C:\Windows\System32\uxtheme.dll

15:42:21.0348 4016 C:\Windows\System32\uxtheme.dll - ok

15:42:21.0364 4016 [ 7717F84F483002815490033BF069DABD ] C:\Windows\winsxs\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.17825_none_72d273598668a06b\GdiPlus.dll

15:42:21.0364 4016 C:\Windows\winsxs\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.17825_none_72d273598668a06b\GdiPlus.dll - ok

15:42:21.0364 4016 [ EE06B85BC69F18826302348A2AD089E0 ] C:\Windows\System32\dui70.dll

15:42:21.0364 4016 C:\Windows\System32\dui70.dll - ok

15:42:21.0379 4016 [ 6E1F8165C365D35C8E3C045AF0CDD481 ] C:\Windows\System32\duser.dll

15:42:21.0379 4016 C:\Windows\System32\duser.dll - ok

15:42:21.0379 4016 [ 2CFA4569350B7F84F815E9EC34E85766 ] C:\Windows\System32\SndVolSSO.dll

15:42:21.0379 4016 C:\Windows\System32\SndVolSSO.dll - ok

15:42:21.0395 4016 [ 39C5F32747B3414D1BB216FDB1DEFC58 ] C:\Windows\System32\dwmapi.dll

15:42:21.0395 4016 C:\Windows\System32\dwmapi.dll - ok

15:42:21.0410 4016 [ 63DF770DF74ACB370EF5A16727069AAF ] C:\Windows\System32\hid.dll

15:42:21.0410 4016 C:\Windows\System32\hid.dll - ok

15:42:21.0410 4016 [ EDF2A5E96BEC469DA3F64E9BDD386111 ] C:\Windows\System32\xmllite.dll

15:42:21.0410 4016 C:\Windows\System32\xmllite.dll - ok

15:42:21.0426 4016 [ 1DB71A41DAEE6B3F8CD0DDA8209FA2D5 ] C:\Windows\System32\WindowsCodecs.dll

15:42:21.0426 4016 C:\Windows\System32\WindowsCodecs.dll - ok

15:42:21.0442 4016 [ 326C7F76A29897A892AA7726E91C1C67 ] C:\Windows\System32\winbrand.dll

15:42:21.0442 4016 C:\Windows\System32\winbrand.dll - ok

15:42:21.0442 4016 [ 65BF13016A3C22775F3E17591AE5268A ] C:\Windows\System32\VaultCredProvider.dll

15:42:21.0442 4016 C:\Windows\System32\VaultCredProvider.dll - ok

15:42:21.0457 4016 [ 4A97045AFCA4A7373C951ED2D7AECF16 ] C:\Windows\System32\LMIinit.dll

15:42:21.0457 4016 C:\Windows\System32\LMIinit.dll - ok

15:42:21.0473 4016 [ 05BF975CA428E04B462FB90841B37C95 ] C:\Windows\System32\SmartcardCredentialProvider.dll

15:42:21.0473 4016 C:\Windows\System32\SmartcardCredentialProvider.dll - ok

15:42:21.0473 4016 [ E59F08ED9D2A128CE436BBFC232247F6 ] C:\Windows\System32\BioCredProv.dll

15:42:21.0473 4016 C:\Windows\System32\BioCredProv.dll - ok

15:42:21.0488 4016 [ 3FAD263CE1E2A6FFF40D00043B2275E3 ] C:\Windows\System32\winbio.dll

15:42:21.0488 4016 C:\Windows\System32\winbio.dll - ok

15:42:21.0504 4016 [ 108C2CFA5527458C096A699929ECBD80 ] C:\Windows\System32\credui.dll

15:42:21.0504 4016 C:\Windows\System32\credui.dll - ok

15:42:21.0504 4016 [ 2FCA0D2C59A855C54BAFA22AA329DF0F ] C:\Windows\System32\netapi32.dll

15:42:21.0504 4016 C:\Windows\System32\netapi32.dll - ok

15:42:21.0520 4016 [ 20B3934DB73EABA2B49B7177873CB81F ] C:\Windows\System32\netutils.dll

15:42:21.0520 4016 C:\Windows\System32\netutils.dll - ok

15:42:21.0520 4016 [ 36B8D5903CEEF0AA42A1EE002BD27FF1 ] C:\Windows\System32\vaultcli.dll

15:42:21.0520 4016 C:\Windows\System32\vaultcli.dll - ok

15:42:21.0535 4016 [ E5A4A1326A02F8E7B59E6C3270CE7202 ] C:\Windows\System32\wkscli.dll

15:42:21.0535 4016 C:\Windows\System32\wkscli.dll - ok

15:42:21.0551 4016 [ 6D8CACF3B1B54943EFCF420C2D667B37 ] C:\Windows\System32\certCredProvider.dll

15:42:21.0551 4016 C:\Windows\System32\certCredProvider.dll - ok

15:42:21.0551 4016 [ 68ECCA523ED760AAFC03C5D587569859 ] C:\Windows\System32\samcli.dll

15:42:21.0551 4016 C:\Windows\System32\samcli.dll - ok

15:42:21.0566 4016 [ EFDA8576B2BA177AE3DF78B29EA0C45B ] C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDCREDPROV.DLL

15:42:21.0566 4016 C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDCREDPROV.DLL - ok

15:42:21.0582 4016 [ FFE4BEC5C187C426A17AE76A773063A6 ] C:\Windows\System32\rasplap.dll

15:42:21.0582 4016 C:\Windows\System32\rasplap.dll - ok

15:42:21.0582 4016 [ 839F96DBAAFD3353E0B248A5E0BD2A51 ] C:\Windows\System32\rasapi32.dll

15:42:21.0582 4016 C:\Windows\System32\rasapi32.dll - ok

15:42:21.0598 4016 [ FFA7172354B9256DBB2CDD75F16F33FE ] C:\Windows\System32\rasman.dll

15:42:21.0598 4016 C:\Windows\System32\rasman.dll - ok

15:42:21.0598 4016 [ 0915C4DB6DBC3BB9E11B7ECBBE4B7159 ] C:\Windows\System32\rtutils.dll

15:42:21.0598 4016 C:\Windows\System32\rtutils.dll - ok

15:42:21.0613 4016 [ F68194F74350D4A2ADE98961E33F884C ] C:\Windows\System32\audiodg.exe

15:42:21.0613 4016 C:\Windows\System32\audiodg.exe - ok

15:42:21.0629 4016 [ 3FD15B4611D9BDA3F8013548C0ECAECA ] C:\Windows\System32\ntmarta.dll

15:42:21.0629 4016 C:\Windows\System32\ntmarta.dll - ok

15:42:21.0629 4016 [ E897EAF5ED6BA41E081060C9B447A673 ] C:\Windows\System32\gpsvc.dll

15:42:21.0629 4016 C:\Windows\System32\gpsvc.dll - ok

15:42:21.0644 4016 [ 50E0DD0A5B8D8BC353578F2F73926697 ] C:\Windows\System32\nlaapi.dll

15:42:21.0644 4016 C:\Windows\System32\nlaapi.dll - ok

15:42:21.0660 4016 [ F10E5311E5093FA3C00FF88C54C32FCA ] C:\Windows\System32\atl.dll

15:42:21.0660 4016 C:\Windows\System32\atl.dll - ok

15:42:21.0660 4016 [ 2F040CF0613A6D64DCBBA9EE81F5A5AE ] C:\Windows\System32\dsrole.dll

15:42:21.0660 4016 C:\Windows\System32\dsrole.dll - ok

15:42:21.0676 4016 [ 8B74CEC6980D4816B0037AE9A27E538F ] C:\Windows\System32\slc.dll

15:42:21.0676 4016 C:\Windows\System32\slc.dll - ok

15:42:21.0691 4016 [ AC8C80DC4F1A6E60C9A762C1799F0B39 ] C:\Windows\System32\adtschema.dll

15:42:21.0691 4016 C:\Windows\System32\adtschema.dll - ok

15:42:21.0691 4016 [ F6916EFC29D9953D5D0DF06882AE8E16 ] C:\Windows\System32\es.dll

15:42:21.0691 4016 C:\Windows\System32\es.dll - ok

15:42:21.0707 4016 [ A12829E9974F57E9B5DBFEA7C93190F6 ] C:\Windows\System32\UXInit.dll

15:42:21.0707 4016 C:\Windows\System32\UXInit.dll - ok

15:42:21.0707 4016 [ 5826854E4E420E29F59C2865F0FA562F ] C:\Program Files\Windows Defender\MpEvMsg.dll

15:42:21.0707 4016 C:\Program Files\Windows Defender\MpEvMsg.dll - ok

15:42:21.0722 4016 [ 85547363F2B00CD89A4AD7CDF7664B71 ] C:\Windows\System32\atieclxx.exe

15:42:21.0722 4016 C:\Windows\System32\atieclxx.exe - ok

15:42:21.0738 4016 [ 3E175EDE04DEC9E227091ED6E3DBE6F3 ] C:\Windows\System32\atiadlxx.dll

15:42:21.0738 4016 C:\Windows\System32\atiadlxx.dll - ok

15:42:21.0738 4016 [ E1A6B7537AA558DC0C2124A641A66C47 ] C:\Windows\System32\atimuixx.dll

15:42:21.0738 4016 C:\Windows\System32\atimuixx.dll - ok

15:42:21.0754 4016 [ 8B0B4C5927A333A05513791758350DC4 ] C:\Windows\System32\microsoft-windows-kernel-power-events.dll

15:42:21.0754 4016 C:\Windows\System32\microsoft-windows-kernel-power-events.dll - ok

15:42:21.0769 4016 [ 827CB0D6C3F8057EA037FF271F8E9795 ] C:\Windows\System32\imageres.dll

15:42:21.0769 4016 C:\Windows\System32\imageres.dll - ok

15:42:21.0769 4016 [ D93A937A2A9D2CBC06B3A615A197011F ] C:\Windows\System32\PSHED.DLL

15:42:21.0769 4016 C:\Windows\System32\PSHED.DLL - ok

15:42:21.0785 4016 [ 081E6E1C91AEC36758902A9F727CD23C ] C:\Windows\System32\uxsms.dll

15:42:21.0785 4016 C:\Windows\System32\uxsms.dll - ok

15:42:21.0800 4016 [ 1F5497D7D3D79C7BF0AB0C8B4C5BFE6E ] C:\Windows\System32\microsoft-windows-kernel-processor-power-events.dll

15:42:21.0800 4016 C:\Windows\System32\microsoft-windows-kernel-processor-power-events.dll - ok

15:42:21.0800 4016 [ D5CF1536137026ACDED95BF6CBF849F6 ] C:\Windows\System32\WUDFPlatform.dll

15:42:21.0800 4016 C:\Windows\System32\WUDFPlatform.dll - ok

15:42:21.0816 4016 [ 9835584E999D25004E1EE8E5F3E3B881 ] C:\Windows\System32\MPSSVC.dll

15:42:21.0816 4016 C:\Windows\System32\MPSSVC.dll - ok

15:42:21.0816 4016 [ F7611EC07349979DA9B0AE1F18CCC7A6 ] C:\Windows\System32\drivers\lltdio.sys

15:42:21.0816 4016 C:\Windows\System32\drivers\lltdio.sys - ok

15:42:21.0832 4016 [ 26384429FCD85D83746F63E798AB1480 ] C:\Windows\System32\drivers\nwifi.sys

15:42:21.0832 4016 C:\Windows\System32\drivers\nwifi.sys - ok

15:42:21.0847 4016 [ D8A65DAFB3EB41CBB622745676FCD072 ] C:\Windows\System32\drivers\ndisuio.sys

15:42:21.0847 4016 C:\Windows\System32\drivers\ndisuio.sys - ok

15:42:21.0847 4016 [ 032B0D36AD92B582D869879F5AF5B928 ] C:\Windows\System32\drivers\rspndr.sys

15:42:21.0847 4016 C:\Windows\System32\drivers\rspndr.sys - ok

15:42:21.0863 4016 [ A90DC9ABD65DB1A8902F361103029952 ] C:\Windows\System32\IPHLPAPI.DLL

15:42:21.0863 4016 C:\Windows\System32\IPHLPAPI.DLL - ok

15:42:21.0878 4016 [ D2A937964199F647B1C3BC435712E5D9 ] C:\Windows\System32\nrpsrv.dll

15:42:21.0878 4016 C:\Windows\System32\nrpsrv.dll - ok

15:42:21.0878 4016 [ CFF35B879D1618D42C86644C717BA947 ] C:\Windows\System32\winnsi.dll

15:42:21.0878 4016 C:\Windows\System32\winnsi.dll - ok

15:42:21.0894 4016 [ 33EF4861F19A0736B11314AAD9AE28D0 ] C:\Windows\System32\dnsrslvr.dll

15:42:21.0894 4016 C:\Windows\System32\dnsrslvr.dll - ok

15:42:21.0894 4016 [ EF71BA5DF59034962B0C62314A71351A ] C:\Windows\System32\dhcpcore6.dll

15:42:21.0894 4016 C:\Windows\System32\dhcpcore6.dll - ok

15:42:21.0910 4016 [ 9A892B3439884C62B04718F0303A49E9 ] C:\Windows\System32\eapphost.dll

15:42:21.0910 4016 C:\Windows\System32\eapphost.dll - ok

15:42:21.0925 4016 [ 100103C6535C66265267F5EEA5F5846E ] C:\Windows\System32\dnsext.dll

15:42:21.0925 4016 C:\Windows\System32\dnsext.dll - ok

15:42:21.0925 4016 [ 03A03A453F1AAAE0C73AAAF895321C7A ] C:\Windows\System32\FWPUCLNT.DLL

15:42:21.0925 4016 C:\Windows\System32\FWPUCLNT.DLL - ok

15:42:21.0941 4016 [ 9A85ABCE0FDD1AF8E79E731EB0B679F3 ] C:\Windows\System32\dhcpcsvc.dll

15:42:21.0941 4016 C:\Windows\System32\dhcpcsvc.dll - ok

15:42:21.0956 4016 [ 81F6C1AE23B1C493D9E996C3103915D7 ] C:\Windows\System32\dhcpcsvc6.dll

15:42:21.0956 4016 C:\Windows\System32\dhcpcsvc6.dll - ok

15:42:21.0956 4016 [ 6944501ED659F2C835F8DD16182C9330 ] C:\Windows\System32\rastls.dll

15:42:21.0956 4016 C:\Windows\System32\rastls.dll - ok

15:42:21.0972 4016 [ 207CF171B1C6B8AE50C1FBF87363EEBC ] C:\Windows\System32\raschap.dll

15:42:21.0972 4016 C:\Windows\System32\raschap.dll - ok

15:42:21.0972 4016 [ D33E95C0A2754061233B58DC41F8094C ] C:\Windows\System32\umb.dll

15:42:21.0972 4016 C:\Windows\System32\umb.dll - ok

15:42:21.0988 4016 [ 3C9035085141162416A0DD34DBF3F3C1 ] C:\Windows\System32\wlanmsm.dll

15:42:21.0988 4016 C:\Windows\System32\wlanmsm.dll - ok

15:42:22.0003 4016 [ 20C06A50DFC097E134BC6FA8444CA9BC ] C:\Windows\System32\wlansec.dll

15:42:22.0003 4016 C:\Windows\System32\wlansec.dll - ok

15:42:22.0003 4016 [ F748F53FE09D21D8ECBB6421E6792024 ] C:\Windows\System32\onex.dll

15:42:22.0003 4016 C:\Windows\System32\onex.dll - ok

15:42:22.0019 4016 [ 666E57B6B51824D1D235F80A3DD70A13 ] C:\Windows\System32\eappprxy.dll

15:42:22.0019 4016 C:\Windows\System32\eappprxy.dll - ok

15:42:22.0034 4016 [ 5A5FEDDF02588B8F9FE4A95E5E7EAE97 ] C:\Windows\System32\eappcfg.dll

15:42:22.0034 4016 C:\Windows\System32\eappcfg.dll - ok

15:42:22.0034 4016 [ 749F9795F01C35EEBE100A87D82B9681 ] C:\Windows\System32\wlgpclnt.dll

15:42:22.0034 4016 C:\Windows\System32\wlgpclnt.dll - ok

15:42:22.0050 4016 [ C1585EAA67C37A05BF6F93726FAFC069 ] C:\Windows\System32\l2gpstore.dll

15:42:22.0050 4016 C:\Windows\System32\l2gpstore.dll - ok

15:42:22.0066 4016 [ 9419ABF3163B6F0E3AD3DD2B381C879F ] C:\Windows\System32\WinSCard.dll

15:42:22.0066 4016 C:\Windows\System32\WinSCard.dll - ok

15:42:22.0066 4016 [ 1D6A771D1D702AE07919DB52C889A249 ] C:\Windows\System32\wlanutil.dll

15:42:22.0066 4016 C:\Windows\System32\wlanutil.dll - ok

15:42:22.0081 4016 [ D9A9702E43A5859896F34898D5FD3FEC ] C:\Windows\System32\msxml6.dll

15:42:22.0081 4016 C:\Windows\System32\msxml6.dll - ok

15:42:22.0081 4016 [ 1FF7E4F548C7C372C804938F0D5B36AE ] C:\Windows\System32\netcfgx.dll

15:42:22.0081 4016 C:\Windows\System32\netcfgx.dll - ok

15:42:22.0097 4016 [ A3F04CBEA6C2A10E6CB01F8B47611882 ] C:\Windows\System32\drivers\vwifimp.sys

15:42:22.0097 4016 C:\Windows\System32\drivers\vwifimp.sys - ok

Link to post
Share on other sites

15:42:22.0112 4016 [ F35314802B20CE37AF5F700A252812DD ] C:\Windows\System32\mpnotify.exe

15:42:22.0112 4016 C:\Windows\System32\mpnotify.exe - ok

15:42:22.0112 4016 [ 38B13C0DF479DBA23ECFA815159BA86E ] C:\Windows\System32\ktmw32.dll

15:42:22.0112 4016 C:\Windows\System32\ktmw32.dll - ok

15:42:22.0128 4016 [ E6D90DC604F407B3B5E0FD285E46B2A0 ] C:\Windows\System32\fveapi.dll

15:42:22.0128 4016 C:\Windows\System32\fveapi.dll - ok

15:42:22.0144 4016 [ C87F28A34B3840F4B40011D170B1A159 ] C:\Windows\System32\fvecerts.dll

15:42:22.0144 4016 C:\Windows\System32\fvecerts.dll - ok

15:42:22.0144 4016 [ EAFC149CD3BD78C443E31BB157841197 ] C:\Windows\System32\tbs.dll

15:42:22.0144 4016 C:\Windows\System32\tbs.dll - ok

15:42:22.0159 4016 [ 1C3E8371377E988B683797A132EFFE1B ] C:\Windows\System32\taskcomp.dll

15:42:22.0159 4016 C:\Windows\System32\taskcomp.dll - ok

15:42:22.0159 4016 [ E2D56AE1D40E3725084054CD8E9CFBB1 ] C:\Windows\System32\wiarpc.dll

15:42:22.0159 4016 C:\Windows\System32\wiarpc.dll - ok

15:42:22.0175 4016 [ 8F2DA3028D5FCBD1A060A3DE64CD6506 ] C:\Windows\System32\drivers\bowser.sys

15:42:22.0175 4016 C:\Windows\System32\drivers\bowser.sys - ok

15:42:22.0190 4016 [ AD2723A7B53DD1AACAE6AD8C0BFBF4D0 ] C:\Windows\System32\drivers\mpsdrv.sys

15:42:22.0190 4016 C:\Windows\System32\drivers\mpsdrv.sys - ok

15:42:22.0190 4016 [ 5D16C921E3671636C0EBA3BBAAC5FD25 ] C:\Windows\System32\drivers\mrxsmb.sys

15:42:22.0190 4016 C:\Windows\System32\drivers\mrxsmb.sys - ok

15:42:22.0206 4016 [ 6D17A4791ACA19328C685D256349FEFC ] C:\Windows\System32\drivers\mrxsmb10.sys

15:42:22.0206 4016 C:\Windows\System32\drivers\mrxsmb10.sys - ok

15:42:22.0222 4016 [ B81F204D146000BE76651A50670A5E9E ] C:\Windows\System32\drivers\mrxsmb20.sys

15:42:22.0222 4016 C:\Windows\System32\drivers\mrxsmb20.sys - ok

15:42:22.0222 4016 [ 2EA877ED5DD9713C5AC74E8EA7348D14 ] C:\Windows\System32\drivers\parport.sys

15:42:22.0222 4016 C:\Windows\System32\drivers\parport.sys - ok

15:42:22.0237 4016 [ A5299D04ED225D64CF07A568A3E1BF8C ] C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe

15:42:22.0237 4016 C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe - ok

15:42:22.0237 4016 [ 383842C021FC8C9F972F2841BC0743EC ] C:\Windows\System32\LMIRfsClientNP.dll

15:42:22.0237 4016 C:\Windows\System32\LMIRfsClientNP.dll - ok

15:42:22.0253 4016 [ B9A8CBCFCD3EC9D2EA4740AF347BF108 ] C:\Windows\System32\mpr.dll

15:42:22.0253 4016 C:\Windows\System32\mpr.dll - ok

15:42:22.0268 4016 [ 019C372B1A9DA73A22D0D35A4D40F5C9 ] C:\Windows\System32\wfapigp.dll

15:42:22.0268 4016 C:\Windows\System32\wfapigp.dll - ok

15:42:22.0268 4016 [ 0B3595A4FF0B36D68E5FC67FD7D70FDC ] C:\Windows\winsxs\x86_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.6195_none_d09154e044272b9a\msvcp80.dll

15:42:22.0268 4016 C:\Windows\winsxs\x86_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.6195_none_d09154e044272b9a\msvcp80.dll - ok

15:42:22.0284 4016 [ 7F8678C59F188528D60104E697C2361E ] C:\Windows\System32\mscms.dll

15:42:22.0284 4016 C:\Windows\System32\mscms.dll - ok

15:42:22.0300 4016 [ C9564CF4976E7E96B4052737AA2492B4 ] C:\Windows\winsxs\x86_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.6195_none_d09154e044272b9a\msvcr80.dll

15:42:22.0300 4016 C:\Windows\winsxs\x86_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.6195_none_d09154e044272b9a\msvcr80.dll - ok

15:42:22.0300 4016 [ 6C63DC384A15E2AFD4A860031EF40267 ] C:\Program Files\Common Files\Apple\Apple Application Support\AppleVersions.dll

15:42:22.0300 4016 C:\Program Files\Common Files\Apple\Apple Application Support\AppleVersions.dll - ok

15:42:22.0315 4016 [ 96B3C4E20F02CA16AA1E3E425BFFCC8B ] C:\Windows\WindowsMobile\wmdcBase.exe

15:42:22.0315 4016 C:\Windows\WindowsMobile\wmdcBase.exe - ok

15:42:22.0331 4016 [ D339D7F6E52AECCA9C0898CB547B2902 ] C:\Program Files\Common Files\Apple\Apple Application Support\YSCrashDump.dll

15:42:22.0331 4016 C:\Program Files\Common Files\Apple\Apple Application Support\YSCrashDump.dll - ok

15:42:22.0331 4016 [ 5F3347EBA403EE64780980A5BAF10304 ] C:\Program Files\Common Files\Apple\Apple Application Support\CoreFoundation.dll

15:42:22.0331 4016 C:\Program Files\Common Files\Apple\Apple Application Support\CoreFoundation.dll - ok

15:42:22.0346 4016 [ 6383C60EC0133B14F5705F96369421B2 ] C:\Windows\System32\hnetcfg.dll

15:42:22.0346 4016 C:\Windows\System32\hnetcfg.dll - ok

15:42:22.0362 4016 [ 0D75A1CFD1215875C8DD0BB9AFF4695C ] C:\Program Files\Common Files\Apple\Apple Application Support\pthreadVC2.dll

15:42:22.0362 4016 C:\Program Files\Common Files\Apple\Apple Application Support\pthreadVC2.dll - ok

15:42:22.0362 4016 [ 09B7E7CD6F202247B3CF2306108589C2 ] C:\Program Files\Common Files\Apple\Apple Application Support\libdispatch.dll

15:42:22.0362 4016 C:\Program Files\Common Files\Apple\Apple Application Support\libdispatch.dll - ok

15:42:22.0378 4016 [ 26655CA3645C49DA4A79AC18FE84EE11 ] C:\Program Files\Common Files\Apple\Apple Application Support\objc.dll

15:42:22.0378 4016 C:\Program Files\Common Files\Apple\Apple Application Support\objc.dll - ok

15:42:22.0393 4016 [ DF13A51A5C591887D2EC6AE64CEED0FA ] C:\Windows\System32\wsock32.dll

15:42:22.0393 4016 C:\Windows\System32\wsock32.dll - ok

15:42:22.0393 4016 [ E5B6D88B36BDDAD5039764FBF80284DD ] C:\Program Files\Common Files\Apple\Apple Application Support\libicuin.dll

15:42:22.0393 4016 C:\Program Files\Common Files\Apple\Apple Application Support\libicuin.dll - ok

15:42:22.0409 4016 [ D5AEFAD57C08349A4393D987DF7C715D ] C:\Windows\System32\winmm.dll

15:42:22.0409 4016 C:\Windows\System32\winmm.dll - ok

15:42:22.0424 4016 [ A63DC5C2EA944E6657203E0C8EDEAF61 ] C:\Windows\System32\dllhost.exe

15:42:22.0424 4016 C:\Windows\System32\dllhost.exe - ok

15:42:22.0424 4016 [ BDAC1AA64495D0F7E1FF810EBBF1F018 ] C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_5.82.7601.17514_none_ec83dffa859149af\comctl32.dll

15:42:22.0424 4016 C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_5.82.7601.17514_none_ec83dffa859149af\comctl32.dll - ok

15:42:22.0440 4016 [ 1D75BC73585969F41BA7EF0C882DFF2B ] C:\Program Files\Common Files\Apple\Apple Application Support\libicuuc.dll

15:42:22.0440 4016 C:\Program Files\Common Files\Apple\Apple Application Support\libicuuc.dll - ok

15:42:22.0456 4016 [ FC7A868DECC3AB027F29178EC8A7F252 ] C:\Program Files\Common Files\Apple\Apple Application Support\icudt46.dll

15:42:22.0456 4016 C:\Program Files\Common Files\Apple\Apple Application Support\icudt46.dll - ok

15:42:22.0456 4016 [ 0B31464B7B2D616BD5F7036673588EC1 ] C:\Windows\System32\IDStore.dll

15:42:22.0456 4016 C:\Windows\System32\IDStore.dll - ok

15:42:22.0471 4016 [ 24AA9776D6AB032071B61C88089AEA59 ] C:\Program Files\Common Files\Apple\Apple Application Support\ASL.dll

15:42:22.0471 4016 C:\Program Files\Common Files\Apple\Apple Application Support\ASL.dll - ok

15:42:22.0487 4016 [ 4E4EDF9CA82E95BAB2977DD9F21B00F6 ] C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService_main.dll

15:42:22.0487 4016 C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService_main.dll - ok

15:42:22.0487 4016 [ 7FA8BA5A780E4757964AC9D4238302B9 ] C:\Windows\System32\taskhost.exe

15:42:22.0487 4016 C:\Windows\System32\taskhost.exe - ok

15:42:22.0502 4016 [ 3CA2BB895E204478C7A4C9BAF70970CE ] C:\Windows\System32\AtBroker.exe

15:42:22.0502 4016 C:\Windows\System32\AtBroker.exe - ok

15:42:22.0502 4016 [ 0E1B02C9CC352A1F61703B7D1A8A2C45 ] C:\Program Files\Common Files\Apple\Mobile Device Support\MobileDevice.dll

15:42:22.0502 4016 C:\Program Files\Common Files\Apple\Mobile Device Support\MobileDevice.dll - ok

15:42:22.0518 4016 [ CA79539D3D4C0BA66F0F051A5EE5E923 ] C:\Windows\System32\cryptnet.dll

15:42:22.0518 4016 C:\Windows\System32\cryptnet.dll - ok

15:42:22.0534 4016 [ 7319102526BD11B45FD66335CF90CA12 ] C:\Windows\System32\HotStartUserAgent.dll

15:42:22.0534 4016 C:\Windows\System32\HotStartUserAgent.dll - ok

15:42:22.0534 4016 [ 8195B745A9C3235E4715F0A1B59206CF ] C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll

15:42:22.0534 4016 C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll - ok

15:42:22.0549 4016 [ 544EFF88AC6C85DF5A4D6F18DFE08CFC ] C:\Windows\System32\taskschd.dll

15:42:22.0549 4016 C:\Windows\System32\taskschd.dll - ok

15:42:22.0565 4016 [ E53B389AABC47A86A41884E94C9A3012 ] C:\Program Files\Common Files\Apple\Apple Application Support\CFNetwork.dll

15:42:22.0565 4016 C:\Program Files\Common Files\Apple\Apple Application Support\CFNetwork.dll - ok

15:42:22.0565 4016 [ 13337A3FB17F2242487FD45488ED0485 ] C:\Windows\System32\vssapi.dll

15:42:22.0565 4016 C:\Windows\System32\vssapi.dll - ok

15:42:22.0580 4016 [ B43687C534A49700BF4B3C9898763752 ] C:\Windows\System32\MsCtfMonitor.dll

15:42:22.0580 4016 C:\Windows\System32\MsCtfMonitor.dll - ok

15:42:22.0596 4016 [ 56CEED370508F69A1BA04939BD1BADDA ] C:\Windows\System32\msutb.dll

15:42:22.0596 4016 C:\Windows\System32\msutb.dll - ok

15:42:22.0596 4016 [ 3FAA563DDF853320F90259D455A01D79 ] C:\Windows\System32\drivers\LMIRfsDriver.sys

15:42:22.0596 4016 C:\Windows\System32\drivers\LMIRfsDriver.sys - ok

15:42:22.0612 4016 [ F58516E2DC0D963EF70D6BFC21FD82C4 ] C:\Windows\System32\PlaySndSrv.dll

15:42:22.0612 4016 C:\Windows\System32\PlaySndSrv.dll - ok

15:42:22.0627 4016 [ 61AC3EFDFACFDD3F0F11DD4FD4044223 ] C:\Windows\System32\userinit.exe

15:42:22.0627 4016 C:\Windows\System32\userinit.exe - ok

15:42:22.0627 4016 [ B940289C83121046BD6A60ACC6028593 ] C:\Windows\System32\vsstrace.dll

15:42:22.0627 4016 C:\Windows\System32\vsstrace.dll - ok

15:42:22.0643 4016 [ 85B16A92B117A5A800032ECD904B86DB ] C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe

15:42:22.0643 4016 C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe - ok

15:42:22.0643 4016 [ 240D42CBD1691C6B7D54AF4E3365BAAC ] C:\Program Files\Common Files\Apple\Apple Application Support\SQLite3.dll

15:42:22.0643 4016 C:\Program Files\Common Files\Apple\Apple Application Support\SQLite3.dll - ok

15:42:22.0658 4016 [ 282F84E0096499C42102D7234A4D14EF ] C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll

15:42:22.0658 4016 C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll - ok

15:42:22.0674 4016 [ 497E59D9F01C6F247E72222A61835119 ] C:\Windows\System32\dwmcore.dll

15:42:22.0674 4016 C:\Windows\System32\dwmcore.dll - ok

15:42:22.0674 4016 [ 754AFC50022C95DA7C86B7020DB78136 ] C:\Windows\System32\dwmredir.dll

15:42:22.0674 4016 C:\Windows\System32\dwmredir.dll - ok

15:42:22.0690 4016 [ 2DE90400A63818FA38C4C5C9ADB166BF ] C:\Windows\System32\d3d10_1.dll

15:42:22.0690 4016 C:\Windows\System32\d3d10_1.dll - ok

15:42:22.0705 4016 [ 5845B1C54380FB980F68024B3A8B1E66 ] C:\Windows\System32\vpnikeapi.dll

15:42:22.0705 4016 C:\Windows\System32\vpnikeapi.dll - ok

15:42:22.0705 4016 [ 9D4A1690AF93F233E15380398BEC7431 ] C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDNSP.DLL

15:42:22.0705 4016 C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDNSP.DLL - ok

15:42:22.0721 4016 [ 9C36A3CA80F9B204C670336D344F5DF8 ] C:\Windows\System32\d3d10_1core.dll

15:42:22.0721 4016 C:\Windows\System32\d3d10_1core.dll - ok

15:42:22.0721 4016 [ ED6EE83D61EBC683C2CD8E899EA6FEBE ] C:\Windows\System32\rasadhlp.dll

15:42:22.0721 4016 C:\Windows\System32\rasadhlp.dll - ok

15:42:22.0736 4016 [ 0411B7958C524BB2E91EE1B3035FE321 ] C:\Windows\System32\dxgi.dll

15:42:22.0736 4016 C:\Windows\System32\dxgi.dll - ok

15:42:22.0752 4016 [ 74AF6AA2E8B3180AADAE5FE8813CB1CD ] C:\Windows\System32\localspl.dll

15:42:22.0752 4016 C:\Windows\System32\localspl.dll - ok

15:42:22.0752 4016 [ 8B88EBBB05A0E56B7DCC708498C02B3E ] C:\Windows\explorer.exe

15:42:22.0752 4016 C:\Windows\explorer.exe - ok

15:42:22.0783 4016 [ 629181C26A78EB66B0B4E774E5AC2882 ] C:\Windows\System32\spoolss.dll

15:42:22.0783 4016 C:\Windows\System32\spoolss.dll - ok

15:42:22.0783 4016 [ 375FE18FCDBDB14E4F2704D602216DFD ] C:\Windows\System32\atidxx32.dll

15:42:22.0783 4016 C:\Windows\System32\atidxx32.dll - ok

15:42:22.0799 4016 [ E2A17BCC08D92F42E08AF6BA2F93ABA7 ] C:\Windows\System32\ExplorerFrame.dll

15:42:22.0799 4016 C:\Windows\System32\ExplorerFrame.dll - ok

15:42:22.0814 4016 [ 2100560AF3F7F2948F2676E44DFB4ECF ] C:\Windows\System32\uDWM.dll

15:42:22.0814 4016 C:\Windows\System32\uDWM.dll - ok

15:42:22.0814 4016 [ F24BDD5C07249766E15078D6A7BF9055 ] C:\Program Files\Alwil Software\Avast5\ashShell.dll

15:42:22.0814 4016 C:\Program Files\Alwil Software\Avast5\ashShell.dll - ok

15:42:22.0830 4016 [ 08914BC785004FB29CB58FF435EC0A7B ] C:\PROGRA~1\ALWILS~1\Avast5\1033\Base.dll

15:42:22.0830 4016 C:\PROGRA~1\ALWILS~1\Avast5\1033\Base.dll - ok

15:42:22.0830 4016 [ A6C29DB53ECA94FA8591C5388D604B82 ] C:\Windows\System32\msi.dll

15:42:22.0830 4016 C:\Windows\System32\msi.dll - ok

15:42:22.0846 4016 [ 846D0E4DB261CFAF363902E41498E961 ] C:\Windows\System32\EhStorShell.dll

15:42:22.0846 4016 C:\Windows\System32\EhStorShell.dll - ok

15:42:22.0861 4016 [ 03F3B770DFBED6131653CEDA8CA780F0 ] C:\Windows\System32\ntshrui.dll

15:42:22.0861 4016 C:\Windows\System32\ntshrui.dll - ok

15:42:22.0861 4016 [ 465BEA35F7ED4A4A57686DEA7EA10F47 ] C:\Windows\System32\cscapi.dll

15:42:22.0861 4016 C:\Windows\System32\cscapi.dll - ok

15:42:22.0877 4016 [ 523CF74A52C9A1762DA8B83AEE734498 ] C:\Windows\System32\IconCodecService.dll

15:42:22.0877 4016 C:\Windows\System32\IconCodecService.dll - ok

15:42:22.0892 4016 [ C0F7C25EEFB1C5FD554AAA801201A83C ] C:\Program Files\Malwarebytes' Anti-Malware\mbam.dll

15:42:22.0892 4016 C:\Program Files\Malwarebytes' Anti-Malware\mbam.dll - ok

15:42:22.0892 4016 [ 9E4B0E7472B4CEBA9E17F440B8CB0AB8 ] C:\Windows\System32\winspool.drv

15:42:22.0892 4016 C:\Windows\System32\winspool.drv - ok

15:42:22.0908 4016 [ A8AD2773202A3913D1E1564BD5703183 ] C:\Program Files\Malwarebytes' Anti-Malware\mbamnet.dll

15:42:22.0908 4016 C:\Program Files\Malwarebytes' Anti-Malware\mbamnet.dll - ok

15:42:22.0908 4016 [ 03CF941D031F30272D3063E5A4D686F5 ] C:\Windows\System32\PrintIsolationProxy.dll

15:42:22.0908 4016 C:\Windows\System32\PrintIsolationProxy.dll - ok

15:42:22.0924 4016 [ 477D3AFD61EA366AA673F9642A79A702 ] C:\Windows\System32\CNMLM9P.DLL

15:42:22.0924 4016 C:\Windows\System32\CNMLM9P.DLL - ok

15:42:22.0939 4016 [ 9D665DFFF8E070DF9130FD42B6210744 ] C:\Windows\System32\CNCF2Li.DLL

15:42:22.0939 4016 C:\Windows\System32\CNCF2Li.DLL - ok

15:42:22.0939 4016 [ B4BF52A20BFF53B74D8E037AE9F119ED ] C:\Windows\System32\hpf3l70v.dll

15:42:22.0939 4016 C:\Windows\System32\hpf3l70v.dll - ok

15:42:22.0955 4016 [ 5D3AA86F4D9AB5D4A50E6DAABB05C0BB ] C:\Windows\System32\LMIport.dll

15:42:22.0955 4016 C:\Windows\System32\LMIport.dll - ok

15:42:22.0970 4016 [ 126F8331BD023178C7F0EF2F5EDE16B3 ] C:\Windows\System32\FXSMON.dll

15:42:22.0970 4016 C:\Windows\System32\FXSMON.dll - ok

15:42:22.0970 4016 [ 20E2469DB709FC675E655CEAA11BE312 ] C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe

15:42:22.0970 4016 C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe - ok

15:42:22.0986 4016 [ B390C1D825C7687493BEDE237C6C2F25 ] C:\Windows\System32\tcpmon.dll

15:42:22.0986 4016 C:\Windows\System32\tcpmon.dll - ok

15:42:23.0002 4016 [ 1220595CABA75AB91A6B3FA3B89483CC ] C:\Windows\System32\snmpapi.dll

15:42:23.0002 4016 C:\Windows\System32\snmpapi.dll - ok

15:42:23.0002 4016 [ 8EB9DF4D405524D5EF69AE9ECB0EDD16 ] C:\Program Files\Malwarebytes' Anti-Malware\mbamcore.dll

15:42:23.0002 4016 C:\Program Files\Malwarebytes' Anti-Malware\mbamcore.dll - ok

15:42:23.0017 4016 [ 6357E2B68753A1F5CF4A68A25C4FD14A ] C:\Windows\System32\wsnmp32.dll

15:42:23.0017 4016 C:\Windows\System32\wsnmp32.dll - ok

15:42:23.0033 4016 [ C7F5C284B6F46FCAF6910EA4E644700B ] C:\Program Files\Common Files\Nero\Nero BackItUp 4\NBService.exe

15:42:23.0033 4016 C:\Program Files\Common Files\Nero\Nero BackItUp 4\NBService.exe - ok

15:42:23.0033 4016 [ 923CDD30092DB73EC4A0EBCDDD16C686 ] C:\Windows\System32\usbmon.dll

15:42:23.0033 4016 C:\Windows\System32\usbmon.dll - ok

15:42:23.0048 4016 [ 73F6C5223F7E9B5780DD4A6C30FCF569 ] C:\Windows\System32\WSDApi.dll

15:42:23.0048 4016 C:\Windows\System32\WSDApi.dll - ok

15:42:23.0048 4016 [ A8EB761DE499242BECF153B2B34F020E ] C:\Windows\System32\WSDMon.dll

15:42:23.0048 4016 C:\Windows\System32\WSDMon.dll - ok

15:42:23.0064 4016 [ 53223B673A3FA2F9A4D1C31C8D3F6CD8 ] C:\Windows\System32\dbghelp.dll

15:42:23.0064 4016 C:\Windows\System32\dbghelp.dll - ok

15:42:23.0080 4016 [ A2FF2A9A3099C1C2F0392746AA55E933 ] C:\Program Files\Common Files\Nero\Nero BackItUp 4\NB.dll

15:42:23.0080 4016 C:\Program Files\Common Files\Nero\Nero BackItUp 4\NB.dll - ok

15:42:23.0080 4016 [ DB846EECA70EE9D2E2FF31147C57B0F4 ] C:\Windows\System32\webservices.dll

15:42:23.0080 4016 C:\Windows\System32\webservices.dll - ok

15:42:23.0095 4016 [ 89D90579E5FB1469CB0464F6512E42B7 ] C:\Windows\System32\fundisc.dll

15:42:23.0095 4016 C:\Windows\System32\fundisc.dll - ok

15:42:23.0111 4016 [ F34CFADA6C48DAA41B996D24C7D8D3CA ] C:\Windows\System32\fdPnp.dll

15:42:23.0111 4016 C:\Windows\System32\fdPnp.dll - ok

15:42:23.0111 4016 [ CD72C6406BA561BED6D42CB145E55307 ] C:\Windows\System32\spool\prtprocs\w32x86\winprint.dll

15:42:23.0111 4016 C:\Windows\System32\spool\prtprocs\w32x86\winprint.dll - ok

15:42:23.0126 4016 [ 6AF58B23914B0D04307D5B4DB95E79EC ] C:\Windows\System32\spool\prtprocs\w32x86\CNMPD9P.DLL

15:42:23.0126 4016 C:\Windows\System32\spool\prtprocs\w32x86\CNMPD9P.DLL - ok

15:42:23.0142 4016 [ 446853099F258D87DD20A13DB3CD6933 ] C:\Windows\System32\spool\prtprocs\w32x86\hpfpp70v.dll

15:42:23.0142 4016 C:\Windows\System32\spool\prtprocs\w32x86\hpfpp70v.dll - ok

15:42:23.0142 4016 [ 3253FD6DD3E930D107B732C9EC71AA6D ] C:\Windows\System32\spool\prtprocs\w32x86\LMIproc.dll

15:42:23.0142 4016 C:\Windows\System32\spool\prtprocs\w32x86\LMIproc.dll - ok

15:42:23.0158 4016 [ BE3953C7DAE4ECC89134CF64A903F8ED ] C:\Windows\System32\win32spl.dll

15:42:23.0158 4016 C:\Windows\System32\win32spl.dll - ok

15:42:23.0173 4016 [ D27DDE7E0444C7F1819F958469EB7D93 ] C:\Windows\System32\inetpp.dll

15:42:23.0173 4016 C:\Windows\System32\inetpp.dll - ok

15:42:23.0173 4016 [ 1E8D06AAE74FED674C1156B3FEA911C2 ] C:\Windows\System32\Faultrep.dll

15:42:23.0173 4016 C:\Windows\System32\Faultrep.dll - ok

15:42:23.0189 4016 [ FB19FC5951A88F3C523E35C2C98D23C0 ] C:\Windows\System32\webio.dll

15:42:23.0189 4016 C:\Windows\System32\webio.dll - ok

15:42:23.0189 4016 [ 82E139A863734C238AF57A20359F980C ] C:\Program Files\Common Files\Nero\Nero BackItUp 4\LBFC.dll

15:42:23.0189 4016 C:\Program Files\Common Files\Nero\Nero BackItUp 4\LBFC.dll - ok

15:42:23.0204 4016 [ 510C138564486FF926A3F773205C63D1 ] C:\Windows\System32\HPZinw12.dll

15:42:23.0204 4016 C:\Windows\System32\HPZinw12.dll - ok

15:42:23.0220 4016 [ C5A99A4C0DC9F0F5A95BA0C83D30A549 ] C:\Windows\System32\mstask.dll

15:42:23.0220 4016 C:\Windows\System32\mstask.dll - ok

15:42:23.0220 4016 [ 9E0104BA49F4E6973749A02BF41344ED ] C:\Windows\System32\drivers\PEAuth.sys

15:42:23.0220 4016 C:\Windows\System32\drivers\PEAuth.sys - ok

15:42:23.0236 4016 [ 6DB2004232DD9F21C6BED8AD2AFDC48A ] C:\Program Files\Common Files\Nero\Nero BackItUp 4\NBBurn.dll

15:42:23.0236 4016 C:\Program Files\Common Files\Nero\Nero BackItUp 4\NBBurn.dll - ok

15:42:23.0251 4016 [ 140D9F911182357626165EA0BEB98C4F ] C:\Windows\System32\ncsi.dll

15:42:23.0251 4016 C:\Windows\System32\ncsi.dll - ok

15:42:23.0251 4016 [ 8BC19EF0C11DE279DD93D809B6404BF8 ] C:\Program Files\Common Files\Nero\Nero BackItUp 4\NeroAPIGlueLayerUnicode.dll

15:42:23.0251 4016 C:\Program Files\Common Files\Nero\Nero BackItUp 4\NeroAPIGlueLayerUnicode.dll - ok

15:42:23.0267 4016 [ 90A3935D05B494A5A39D37E71F09A677 ] C:\Windows\System32\drivers\secdrv.sys

15:42:23.0267 4016 C:\Windows\System32\drivers\secdrv.sys - ok

15:42:23.0282 4016 [ BE6BD660CAA6F291AE06A718A4FA8ABC ] C:\Windows\System32\drivers\srvnet.sys

15:42:23.0282 4016 C:\Windows\System32\drivers\srvnet.sys - ok

15:42:23.0282 4016 [ 28E2231BD34A39C854BDF3923AB2FF86 ] C:\Windows\System32\ssdpapi.dll

15:42:23.0282 4016 C:\Windows\System32\ssdpapi.dll - ok

15:42:23.0298 4016 [ 8CD1DEE212E52B9C22E66DBA44991D32 ] C:\Windows\System32\httpapi.dll

15:42:23.0298 4016 C:\Windows\System32\httpapi.dll - ok

15:42:23.0298 4016 [ B087F2B901570F6EF62F6C2E01A480F3 ] C:\Windows\System32\wiatrace.dll

15:42:23.0298 4016 C:\Windows\System32\wiatrace.dll - ok

15:42:23.0314 4016 [ 12E33DD823D74680DE6F33BFA359EFB3 ] C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe

15:42:23.0314 4016 C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe - ok

15:42:23.0329 4016 [ 37E5E8FFBAD35605DAEEC3224EA0E465 ] C:\Windows\System32\HPZipm12.dll

15:42:23.0329 4016 C:\Windows\System32\HPZipm12.dll - ok

15:42:23.0329 4016 [ 3EEBD3BD93DA46A26E89893C7AB2FF3B ] C:\Windows\System32\drivers\tcpipreg.sys

15:42:23.0329 4016 C:\Windows\System32\drivers\tcpipreg.sys - ok

15:42:23.0345 4016 [ FE65D33B7D4FF07DD1D29526A48DF810 ] C:\Windows\System32\TODDSrv.exe

15:42:23.0345 4016 C:\Windows\System32\TODDSrv.exe - ok

15:42:23.0360 4016 [ 451B09BA1A0D019BA0B5A27229559D55 ] C:\Program Files\TOSHIBA\Power Saver\TosCoSrv.exe

15:42:23.0360 4016 C:\Program Files\TOSHIBA\Power Saver\TosCoSrv.exe - ok

15:42:23.0360 4016 [ DA5F5ADD2088EEEB74007D938C63D585 ] C:\Program Files\TOSHIBA\Power Saver\TPwrReg.dll

15:42:23.0360 4016 C:\Program Files\TOSHIBA\Power Saver\TPwrReg.dll - ok

15:42:23.0376 4016 [ 5C09EEECF8CA1059F1A748625C162A89 ] C:\Program Files\TOSHIBA\Power Saver\TPwrFunc.dll

15:42:23.0376 4016 C:\Program Files\TOSHIBA\Power Saver\TPwrFunc.dll - ok

15:42:23.0392 4016 [ 704314FD398C81D5F342CAA5DF7B7F21 ] C:\Windows\System32\wbemcomn.dll

15:42:23.0392 4016 C:\Windows\System32\wbemcomn.dll - ok

15:42:23.0392 4016 [ 0A70F4022EC2E14C159EFC4F69AA2477 ] C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVC.EXE

15:42:23.0392 4016 C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVC.EXE - ok

15:42:23.0407 4016 [ 701C9EB15E1E23D22F7C7184C0506673 ] C:\Windows\System32\wbem\WmiDcPrv.dll

15:42:23.0407 4016 C:\Windows\System32\wbem\WmiDcPrv.dll - ok

15:42:23.0423 4016 [ 3FAE8F94296001C32EAB62CD7D82E0FD ] C:\Program Files\Windows Defender\MpSvc.dll

15:42:23.0423 4016 C:\Program Files\Windows Defender\MpSvc.dll - ok

15:42:23.0423 4016 [ 40CAEEE0EAF1B8569F7C8DF6420F2CB9 ] C:\Windows\System32\sfc.dll

15:42:23.0423 4016 C:\Windows\System32\sfc.dll - ok

15:42:23.0438 4016 [ D475BBD6FEF8DB2DDE0DA7CCFD2C9042 ] C:\Program Files\Common Files\microsoft shared\Windows Live\SQMAPI.DLL

15:42:23.0438 4016 C:\Program Files\Common Files\microsoft shared\Windows Live\SQMAPI.DLL - ok

15:42:23.0454 4016 [ 6F8E3B7B70E1BBA871212940C1FBDF60 ] C:\Windows\System32\SensApi.dll

15:42:23.0454 4016 C:\Windows\System32\SensApi.dll - ok

15:42:23.0454 4016 [ 590D5C506044FE02FF7643E32FF9BDAC ] C:\Windows\System32\wer.dll

15:42:23.0454 4016 C:\Windows\System32\wer.dll - ok

15:42:23.0470 4016 [ 84799328D87B3091A3BDD251E1AD31F9 ] C:\Windows\System32\sfc_os.dll

15:42:23.0470 4016 C:\Windows\System32\sfc_os.dll - ok

15:42:23.0485 4016 [ CFC7D8289D2B5F3CF8D16E2DB7F93D4A ] C:\Windows\System32\wbem\fastprox.dll

15:42:23.0485 4016 C:\Windows\System32\wbem\fastprox.dll - ok

15:42:23.0485 4016 [ E3E811471DE781900FF21C1FD84E941E ] C:\Windows\System32\ntdsapi.dll

15:42:23.0485 4016 C:\Windows\System32\ntdsapi.dll - ok

15:42:23.0501 4016 [ C5B0324DB461559ADD070E632A6919FA ] C:\Windows\System32\wbem\wbemprox.dll

15:42:23.0501 4016 C:\Windows\System32\wbem\wbemprox.dll - ok

15:42:23.0516 4016 [ 465DBF63A5049E4DB4BC5C12FFE781CB ] C:\Windows\System32\tquery.dll

15:42:23.0516 4016 C:\Windows\System32\tquery.dll - ok

15:42:23.0516 4016 [ 20308CF0675AD7CE5AAA6712DB823216 ] C:\Program Files\Windows Defender\MpClient.dll

15:42:23.0516 4016 C:\Program Files\Windows Defender\MpClient.dll - ok

15:42:23.0532 4016 [ 0241CB16136B9A4939CA0395768AE286 ] C:\Windows\System32\mssrch.dll

15:42:23.0532 4016 C:\Windows\System32\mssrch.dll - ok

15:42:23.0532 4016 [ 585EB475E7AF55C9065256E8FFB751A1 ] C:\Windows\System32\wbem\wbemcore.dll

15:42:23.0532 4016 C:\Windows\System32\wbem\wbemcore.dll - ok

15:42:23.0548 4016 [ 881D9F2D6E04E1C323050CF1574870F7 ] C:\Windows\System32\wbem\WinMgmtR.dll

15:42:23.0548 4016 C:\Windows\System32\wbem\WinMgmtR.dll - ok

15:42:23.0563 4016 [ 1CDEA9188899E76D4FFD54C9D512CCDB ] C:\Windows\System32\msxml3.dll

15:42:23.0563 4016 C:\Windows\System32\msxml3.dll - ok

15:42:23.0563 4016 [ 9C879E1C3B27085FB46EFECCD7120D51 ] C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVCM.EXE

15:42:23.0563 4016 C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVCM.EXE - ok

15:42:23.0579 4016 [ 5AE88135C6A86FCD67BA16AFBB1C8389 ] C:\Windows\System32\wbem\esscli.dll

15:42:23.0579 4016 C:\Windows\System32\wbem\esscli.dll - ok

15:42:23.0594 4016 [ 776AE0564F8B1C282E331FD95A1BDC5F ] C:\Windows\System32\wbem\wbemsvc.dll

15:42:23.0594 4016 C:\Windows\System32\wbem\wbemsvc.dll - ok

15:42:23.0594 4016 [ 99B9343280AF6A4C0F27CF2E28E94BBF ] C:\Windows\System32\dssenh.dll

15:42:23.0594 4016 C:\Windows\System32\dssenh.dll - ok

15:42:23.0610 4016 [ 371E3B05894549113D07CD3081ED55EF ] C:\Windows\System32\wbem\repdrvfs.dll

15:42:23.0610 4016 C:\Windows\System32\wbem\repdrvfs.dll - ok

15:42:23.0626 4016 [ 5610B0425518D185331CB8E968D060E6 ] C:\Windows\System32\wbem\wmiutils.dll

15:42:23.0626 4016 C:\Windows\System32\wbem\wmiutils.dll - ok

15:42:23.0626 4016 [ 5C3F9DBA818CD93379D1A0F215270374 ] C:\Windows\System32\esent.dll

15:42:23.0626 4016 C:\Windows\System32\esent.dll - ok

15:42:23.0641 4016 [ 3CDE2911462FEC80064A409C07710C06 ] C:\Windows\System32\wbem\WmiPrvSD.dll

15:42:23.0641 4016 C:\Windows\System32\wbem\WmiPrvSD.dll - ok

15:42:23.0641 4016 [ A4CC7227A452C4909F9499D91B184364 ] C:\Windows\System32\ncobjapi.dll

15:42:23.0641 4016 C:\Windows\System32\ncobjapi.dll - ok

15:42:23.0657 4016 [ B350509B6C9296529BC464C60FEEAEF1 ] C:\Windows\System32\wbem\wbemess.dll

15:42:23.0657 4016 C:\Windows\System32\wbem\wbemess.dll - ok

15:42:23.0672 4016 [ 81600E2E27ED61427AAD865B9BCDDB9D ] C:\Windows\System32\msidle.dll

15:42:23.0672 4016 C:\Windows\System32\msidle.dll - ok

15:42:23.0672 4016 [ CE292C4C10B8DB6070F262EA2733F0DC ] C:\Windows\System32\sqmapi.dll

15:42:23.0672 4016 C:\Windows\System32\sqmapi.dll - ok

15:42:23.0688 4016 [ A399514D3B28C9A3453A486BBAAFF1C7 ] C:\Windows\System32\wdscore.dll

15:42:23.0688 4016 C:\Windows\System32\wdscore.dll - ok

15:42:23.0704 4016 [ 03F0545BD8D4C77FA0AE1CEEDFCC71AB ] C:\Windows\System32\drivers\srv2.sys

15:42:23.0704 4016 C:\Windows\System32\drivers\srv2.sys - ok

15:42:23.0704 4016 [ B2E1E4A16EDD02396F451F915FA3CBFA ] C:\Windows\System32\rastapi.dll

15:42:23.0704 4016 C:\Windows\System32\rastapi.dll - ok

15:42:23.0719 4016 [ BA32509D9B340162327B341013DE6522 ] C:\Windows\System32\tapi32.dll

15:42:23.0719 4016 C:\Windows\System32\tapi32.dll - ok

15:42:23.0719 4016 [ E4C2764065D66EA1D2D3EBC28FE99C46 ] C:\Windows\System32\drivers\srv.sys

15:42:23.0719 4016 C:\Windows\System32\drivers\srv.sys - ok

15:42:23.0735 4016 [ 377F0C1DDBFA6A43CB7E7568BC0ECED0 ] C:\Windows\System32\unimdm.tsp

15:42:23.0735 4016 C:\Windows\System32\unimdm.tsp - ok

15:42:23.0750 4016 [ E675DE8CF57D8814218733B3DAE896D7 ] C:\Windows\System32\uniplat.dll

15:42:23.0750 4016 C:\Windows\System32\uniplat.dll - ok

15:42:23.0750 4016 [ F3FB146CDBDD26FCD0CF7941C547BEE4 ] C:\Windows\System32\kmddsp.tsp

15:42:23.0750 4016 C:\Windows\System32\kmddsp.tsp - ok

15:42:23.0766 4016 [ E2F6CC0D191361EE94FEA3957653F531 ] C:\Windows\System32\hidphone.tsp

15:42:23.0766 4016 C:\Windows\System32\hidphone.tsp - ok

15:42:23.0782 4016 [ AA11A26692E0DB2996CAEFE9EC61F61F ] C:\Windows\System32\ndptsp.tsp

15:42:23.0782 4016 C:\Windows\System32\ndptsp.tsp - ok

15:42:23.0782 4016 [ B63E24E9271E99FD4540E3CA22A937DA ] C:\Windows\System32\en-US\tquery.dll.mui

15:42:23.0782 4016 C:\Windows\System32\en-US\tquery.dll.mui - ok

15:42:23.0797 4016 [ 67F9B5C7E215B48F9256757E9CC09A7B ] C:\Windows\System32\rasppp.dll

15:42:23.0797 4016 C:\Windows\System32\rasppp.dll - ok

15:42:23.0813 4016 [ 80B562B5B59ED850C328DD75F964F3D8 ] C:\Windows\System32\vpnike.dll

15:42:23.0813 4016 C:\Windows\System32\vpnike.dll - ok

15:42:23.0813 4016 [ D4191EFAB91E00FC09257AA5EBAF503B ] C:\Windows\System32\mprapi.dll

15:42:23.0813 4016 C:\Windows\System32\mprapi.dll - ok

15:42:23.0828 4016 [ EAB975DB4C2805927FE5BD047D05C9AA ] C:\Windows\System32\netshell.dll

15:42:23.0828 4016 C:\Windows\System32\netshell.dll - ok

15:42:23.0828 4016 [ E4B72E71EC37A59FE574A998A0C0EB9B ] C:\Windows\System32\netmsg.dll

15:42:23.0828 4016 C:\Windows\System32\netmsg.dll - ok

15:42:23.0844 4016 [ 89E783711AF91AF09E1EF30EF3107446 ] C:\Windows\System32\sscore.dll

15:42:23.0844 4016 C:\Windows\System32\sscore.dll - ok

15:42:23.0860 4016 [ AE9898D5600A232CD8AE3298692162E5 ] C:\Windows\System32\clusapi.dll

15:42:23.0860 4016 C:\Windows\System32\clusapi.dll - ok

15:42:23.0860 4016 [ 2AF094C822BD6094F14A8E85FB51D52A ] C:\Windows\System32\resutils.dll

15:42:23.0860 4016 C:\Windows\System32\resutils.dll - ok

15:42:23.0875 4016 [ 04B88428A872390D235BE52D38A9D4EF ] C:\Windows\System32\dot3api.dll

15:42:23.0875 4016 C:\Windows\System32\dot3api.dll - ok

15:42:23.0891 4016 [ 8063046AA70B97CA9985672B8848FB2E ] C:\Windows\System32\wlanhlp.dll

15:42:23.0891 4016 C:\Windows\System32\wlanhlp.dll - ok

15:42:23.0891 4016 [ B010CF886420EE29C2C276646721D255 ] C:\Windows\System32\wlanapi.dll

15:42:23.0891 4016 C:\Windows\System32\wlanapi.dll - ok

15:42:23.0906 4016 [ A5FA468D67ABCDAA36264E463A7BB0CD ] C:\Windows\System32\drivers\ipnat.sys

15:42:23.0906 4016 C:\Windows\System32\drivers\ipnat.sys - ok

15:42:23.0906 4016 [ E98278865E8DABA21CFE5FE4BE34210A ] C:\Windows\System32\PortableDeviceApi.dll

15:42:23.0906 4016 C:\Windows\System32\PortableDeviceApi.dll - ok

15:42:23.0922 4016 [ 15E298B5EC5B89C5994A59863969D9FF ] C:\Windows\System32\npmproxy.dll

15:42:23.0922 4016 C:\Windows\System32\npmproxy.dll - ok

15:42:23.0938 4016 [ C693E642ACFBDD76433AF6BE3C3EEE6F ] C:\Windows\System32\PortableDeviceConnectApi.dll

15:42:23.0938 4016 C:\Windows\System32\PortableDeviceConnectApi.dll - ok

15:42:23.0938 4016 [ 53946B69BA0836BD95B03759530C81EC ] C:\Windows\System32\IPSECSVC.DLL

15:42:23.0938 4016 C:\Windows\System32\IPSECSVC.DLL - ok

15:42:23.0953 4016 [ 1B0EC94520CAB89A9CE1B2DA405166AF ] C:\Windows\System32\p2pcollab.dll

15:42:23.0953 4016 C:\Windows\System32\p2pcollab.dll - ok

15:42:23.0969 4016 [ 9FD6496B6D91C8BE2A10BD55EAE2D5F2 ] C:\Windows\System32\fveui.dll

15:42:23.0969 4016 C:\Windows\System32\fveui.dll - ok

15:42:23.0984 4016 [ 0B7E85364CB878E2AD531DB7B601A9E5 ] C:\Windows\System32\NapiNSP.dll

15:42:23.0984 4016 C:\Windows\System32\NapiNSP.dll - ok

15:42:23.0984 4016 [ F7FE730CE31B54145DEE1F1482BCCDD7 ] C:\Windows\System32\ndiscapCfg.dll

15:42:23.0984 4016 C:\Windows\System32\ndiscapCfg.dll - ok

15:42:24.0000 4016 [ 5CF640EDDB1E40A5AB1BB743BCDEC610 ] C:\Windows\System32\pnrpnsp.dll

15:42:24.0000 4016 C:\Windows\System32\pnrpnsp.dll - ok

15:42:24.0000 4016 [ 9A7B54D57594233EEB17892BAD309970 ] C:\Windows\System32\mprmsg.dll

15:42:24.0000 4016 C:\Windows\System32\mprmsg.dll - ok

15:42:24.0016 4016 [ DB603D3FD090C66F9709EF6493C26BA3 ] C:\Windows\System32\FwRemoteSvr.dll

15:42:24.0016 4016 C:\Windows\System32\FwRemoteSvr.dll - ok

15:42:24.0031 4016 [ 5DF5D8CFD9B9573FA3B2C89D9061A240 ] C:\Windows\System32\winrnr.dll

15:42:24.0031 4016 C:\Windows\System32\winrnr.dll - ok

15:42:24.0047 4016 [ D44741F65A1D71F65814A12CF6E2400A ] C:\Windows\System32\runonce.exe

15:42:24.0047 4016 C:\Windows\System32\runonce.exe - ok

15:42:24.0047 4016 [ 78DE417B7921DACA072059E6BF410FC7 ] C:\Windows\System32\wshnetbs.dll

15:42:24.0047 4016 C:\Windows\System32\wshnetbs.dll - ok

15:42:24.0062 4016 [ 45D9F6CD2469CDB6A640DD4BD2B01471 ] C:\Windows\System32\nci.dll

15:42:24.0062 4016 C:\Windows\System32\nci.dll - ok

15:42:24.0078 4016 [ 9E6AF823733C70E207D9FB6731A63B3D ] C:\Windows\System32\wlaninst.dll

15:42:24.0078 4016 C:\Windows\System32\wlaninst.dll - ok

15:42:24.0078 4016 [ 5B6EF0861BB5AC0EC347548E85C24A1D ] C:\Windows\System32\wwaninst.dll

15:42:24.0078 4016 C:\Windows\System32\wwaninst.dll - ok

15:42:24.0094 4016 [ D99621C0735B21DCC8BC4FEF02F379EF ] C:\Windows\System32\Apphlpdm.dll

15:42:24.0094 4016 C:\Windows\System32\Apphlpdm.dll - ok

15:42:24.0094 4016 [ ECF036299AA554B5E0455262857B39D0 ] C:\Windows\System32\diagperf.dll

15:42:24.0094 4016 C:\Windows\System32\diagperf.dll - ok

15:42:24.0109 4016 [ 7E82616BEE76BF5EAA5B30F681414E21 ] C:\Windows\System32\perftrack.dll

15:42:24.0109 4016 C:\Windows\System32\perftrack.dll - ok

15:42:24.0125 4016 [ F8E882C10AF4C29E378D1E28D4817CB1 ] C:\Windows\System32\pnpts.dll

15:42:24.0125 4016 C:\Windows\System32\pnpts.dll - ok

15:42:24.0125 4016 [ 8B794AE6D5C7D42092804BC39A2EB8F6 ] C:\Windows\System32\aepic.dll

15:42:24.0125 4016 C:\Windows\System32\aepic.dll - ok

15:42:24.0140 4016 [ 7FFD52D73352806969D424EF327D10A7 ] C:\Windows\System32\radardt.dll

15:42:24.0140 4016 C:\Windows\System32\radardt.dll - ok

15:42:24.0156 4016 [ AD7B9C14083B52BC532FBA5948342B98 ] C:\Windows\System32\cmd.exe

15:42:24.0156 4016 C:\Windows\System32\cmd.exe - ok

15:42:24.0156 4016 [ F0016853FA3F38F55FD868FF74C0359B ] C:\Windows\System32\wdiasqmmodule.dll

15:42:24.0156 4016 C:\Windows\System32\wdiasqmmodule.dll - ok

15:42:24.0172 4016 [ 310E9119D0A1CFDF1DA897089B533D81 ] C:\Windows\System32\conhost.exe

15:42:24.0172 4016 C:\Windows\System32\conhost.exe - ok

15:42:24.0187 4016 [ 4B9E4CE667DF26ADA061AA81E9AA841D ] C:\Windows\System32\spfileq.dll

15:42:24.0187 4016 C:\Windows\System32\spfileq.dll - ok

15:42:24.0187 4016 [ C5C867CD7EFAC60D5021223E374DEEC5 ] C:\Windows\System32\dimsjob.dll

15:42:24.0187 4016 C:\Windows\System32\dimsjob.dll - ok

15:42:24.0203 4016 [ 5466DCAEF5A648E04D1B6580F2C901B5 ] C:\Windows\System32\ieframe.dll

15:42:24.0203 4016 C:\Windows\System32\ieframe.dll - ok

15:42:24.0203 4016 [ 4F2659160AFCCA990305816946F69407 ] C:\Windows\System32\taskeng.exe

15:42:24.0203 4016 C:\Windows\System32\taskeng.exe - ok

15:42:24.0218 4016 [ 8D47D01378347889A662D54037A988CC ] C:\Windows\System32\tdh.dll

15:42:24.0218 4016 C:\Windows\System32\tdh.dll - ok

15:42:24.0234 4016 [ 8E01332CC4B68BC6B5B7EFFE374442AA ] C:\Windows\System32\oleacc.dll

15:42:24.0234 4016 C:\Windows\System32\oleacc.dll - ok

15:42:24.0234 4016 [ BE247AE996A9FDE007A27B51413A6C79 ] C:\Windows\System32\shdocvw.dll

15:42:24.0234 4016 C:\Windows\System32\shdocvw.dll - ok

15:42:24.0250 4016 [ 3D6F22551D422F97AACB0BB927E4C846 ] C:\Windows\System32\pnidui.dll

15:42:24.0250 4016 C:\Windows\System32\pnidui.dll - ok

15:42:24.0265 4016 [ EBC984F0CE40E0DAF0454D806EC2A7EC ] C:\Users\Braun\AppData\Local\Temp\DC189F9B-9570-40B8-889B-94A8B0C1EF95.exe

15:42:24.0265 4016 C:\Users\Braun\AppData\Local\Temp\DC189F9B-9570-40B8-889B-94A8B0C1EF95.exe - ok

15:42:24.0265 4016 [ 1957D49A9613FAAD1C73B508CCE02AA5 ] C:\Windows\System32\wmp.dll

15:42:24.0265 4016 C:\Windows\System32\wmp.dll - ok

15:42:24.0281 4016 [ 659E04E74135927CA6D7BC5E75C84417 ] C:\Windows\System32\TSChannel.dll

15:42:24.0281 4016 C:\Windows\System32\TSChannel.dll - ok

15:42:24.0281 4016 [ 9D77E8A2EE92E9DAFAC88DEFCF6D777D ] C:\Program Files\TOSHIBA\ConfigFree\NDSTray.exe

15:42:24.0281 4016 C:\Program Files\TOSHIBA\ConfigFree\NDSTray.exe - ok

15:42:24.0296 4016 [ 14486EB6AF542F2BD3239F7FC3E713F7 ] C:\Windows\System32\pautoenr.dll

15:42:24.0296 4016 C:\Windows\System32\pautoenr.dll - ok

15:42:24.0312 4016 [ 61B1ED5F429EFAC7E2036769870AB93E ] C:\Windows\System32\certcli.dll

15:42:24.0312 4016 C:\Windows\System32\certcli.dll - ok

15:42:24.0328 4016 [ 29BC473072568C072EC8B176498DE996 ] C:\Windows\System32\CertEnroll.dll

15:42:24.0328 4016 C:\Windows\System32\CertEnroll.dll - ok

15:42:24.0328 4016 [ ADB67488447D0FF271355A4451ED6C73 ] C:\Program Files\TOSHIBA\ConfigFree\NDSParts.dll

15:42:24.0328 4016 C:\Program Files\TOSHIBA\ConfigFree\NDSParts.dll - ok

15:42:24.0343 4016 [ D39DA70FEA6BD713682F70635587DA9E ] C:\Windows\System32\rasdlg.dll

15:42:24.0343 4016 C:\Windows\System32\rasdlg.dll - ok

15:42:24.0359 4016 [ 954EA9B34F155C844B11F4047A8F6F89 ] C:\Windows\System32\upnp.dll

15:42:24.0359 4016 C:\Windows\System32\upnp.dll - ok

15:42:24.0359 4016 [ C7F070BDD9700BD4A482401334D3488E ] C:\Program Files\TOSHIBA\ConfigFree\NDSAPI.dll

15:42:24.0359 4016 C:\Program Files\TOSHIBA\ConfigFree\NDSAPI.dll - ok

15:42:24.0374 4016 [ 2424231BBD703A677D115C29983B4293 ] C:\Program Files\Common Files\microsoft shared\OFFICE12\MSOXMLMF.DLL

15:42:24.0374 4016 C:\Program Files\Common Files\microsoft shared\OFFICE12\MSOXMLMF.DLL - ok

15:42:24.0374 4016 [ 995DFC3B647849E31942E13FA2017B11 ] C:\Program Files\TOSHIBA\ConfigFree\CFWlApi.dll

15:42:24.0374 4016 C:\Program Files\TOSHIBA\ConfigFree\CFWlApi.dll - ok

15:42:24.0390 4016 [ 1F5AFD468EB5E09E9ED75A087529EAB5 ] C:\Windows\winsxs\x86_microsoft.vc80.mfc_1fc8b3b9a1e18e3b_8.0.50727.6195_none_cbf5e994470a1a8f\mfc80.dll

15:42:24.0390 4016 C:\Windows\winsxs\x86_microsoft.vc80.mfc_1fc8b3b9a1e18e3b_8.0.50727.6195_none_cbf5e994470a1a8f\mfc80.dll - ok

15:42:24.0406 4016 [ 15936A348676D246A41A4781E6A34692 ] C:\Program Files\TOSHIBA\ConfigFree\NDSMUI.dll

15:42:24.0406 4016 C:\Program Files\TOSHIBA\ConfigFree\NDSMUI.dll - ok

15:42:24.0406 4016 [ E2C48CD0132D4D1DC7D0DF9A6BEF686A ] C:\Windows\winsxs\x86_microsoft.vc80.mfc_1fc8b3b9a1e18e3b_8.0.50727.6195_none_cbf5e994470a1a8f\mfc80u.dll

15:42:24.0406 4016 C:\Windows\winsxs\x86_microsoft.vc80.mfc_1fc8b3b9a1e18e3b_8.0.50727.6195_none_cbf5e994470a1a8f\mfc80u.dll - ok

15:42:24.0421 4016 [ 28A09777D2D952122567A8A82F1A2C7B ] C:\Windows\winsxs\x86_microsoft.vc80.mfcloc_1fc8b3b9a1e18e3b_8.0.50727.6195_none_03ce2c72205943d3\mfc80ENU.dll

15:42:24.0421 4016 C:\Windows\winsxs\x86_microsoft.vc80.mfcloc_1fc8b3b9a1e18e3b_8.0.50727.6195_none_03ce2c72205943d3\mfc80ENU.dll - ok

15:42:24.0437 4016 [ 4FB491AC8D46AAF22BA8BC5C73DABEF7 ] C:\Windows\System32\wbem\WmiPrvSE.exe

15:42:24.0437 4016 C:\Windows\System32\wbem\WmiPrvSE.exe - ok

15:42:24.0437 4016 [ CB67C2B94302DC94BC15ED6553A5C1C7 ] C:\Windows\System32\wbem\cimwin32.dll

15:42:24.0437 4016 C:\Windows\System32\wbem\cimwin32.dll - ok

15:42:24.0452 4016 [ D0481FB85BEEDD30A0884BE327880F80 ] C:\Windows\System32\framedynos.dll

15:42:24.0452 4016 C:\Windows\System32\framedynos.dll - ok

15:42:24.0468 4016 [ 907281ED4AD35D41B29FFDC211EBAD80 ] C:\Windows\System32\wmi.dll

15:42:24.0468 4016 C:\Windows\System32\wmi.dll - ok

15:42:24.0468 4016 [ 089B5F924E96BA9C40E4E4522BF43770 ] C:\Program Files\Windows Defender\MpRTP.dll

15:42:24.0468 4016 C:\Program Files\Windows Defender\MpRTP.dll - ok

15:42:24.0484 4016 [ E164CCD94F5CFDEE82785C801D33FFB3 ] C:\ProgramData\Microsoft\Windows Defender\Definition Updates\Updates\mpasdlta.vdm

15:42:24.0484 4016 C:\ProgramData\Microsoft\Windows Defender\Definition Updates\Updates\mpasdlta.vdm - ok

15:42:24.0499 4016 [ 11F06C27DAD83CD5E907D664CA591805 ] C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{2D104225-6142-474F-A6AB-62A0C291CD83}\mpengine.dll

15:42:24.0499 4016 C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{2D104225-6142-474F-A6AB-62A0C291CD83}\mpengine.dll - ok

15:42:24.0499 4016 [ B144A2223EF11ED42310124A7839258E ] C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{2D104225-6142-474F-A6AB-62A0C291CD83}\mpasbase.vdm

15:42:24.0499 4016 C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{2D104225-6142-474F-A6AB-62A0C291CD83}\mpasbase.vdm - ok

15:42:24.0515 4016 [ DA8CBCC158B2B2D538C2D75D05CB33D3 ] C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{2D104225-6142-474F-A6AB-62A0C291CD83}\mpasdlta.vdm

15:42:24.0515 4016 C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{2D104225-6142-474F-A6AB-62A0C291CD83}\mpasdlta.vdm - ok

15:42:24.0530 4016 [ E164CCD94F5CFDEE82785C801D33FFB3 ] C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{669A2038-D5E9-497E-83EA-C50E77E198B0}\mpasdlta.vdm

15:42:24.0530 4016 C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{669A2038-D5E9-497E-83EA-C50E77E198B0}\mpasdlta.vdm - ok

15:42:24.0530 4016 [ 3CA5D661E6C5DDE5574D02F324C32E53 ] C:\Program Files\Windows Defender\MsMpLics.dll

15:42:24.0530 4016 C:\Program Files\Windows Defender\MsMpLics.dll - ok

15:42:24.0546 4016 [ A8CDF3768604FF95B54669E20053D569 ] C:\Windows\System32\wscapi.dll

15:42:24.0546 4016 C:\Windows\System32\wscapi.dll - ok

15:42:24.0562 4016 [ 8258362DDB18B644A82D8B5061AD9426 ] C:\Windows\System32\wscisvif.dll

15:42:24.0562 4016 C:\Windows\System32\wscisvif.dll - ok

15:42:24.0577 4016 [ 7DF186D86CF8C571A12AAB788C777F84 ] C:\Windows\System32\wscproxystub.dll

15:42:24.0577 4016 C:\Windows\System32\wscproxystub.dll - ok

15:42:24.0593 4016 [ 7A6986DD659B96398A11AF5173892715 ] C:\Windows\System32\cabinet.dll

15:42:24.0593 4016 C:\Windows\System32\cabinet.dll - ok

15:42:24.0593 4016 [ F148865E4AC4F715E322EA06E6E21D84 ] C:\Windows\System32\wbem\NCProv.dll

15:42:24.0593 4016 C:\Windows\System32\wbem\NCProv.dll - ok

15:42:24.0608 4016 [ 0FBC74AA20FE0AE6884279F893169C60 ] C:\Windows\System32\wmploc.DLL

15:42:24.0608 4016 C:\Windows\System32\wmploc.DLL - ok

15:42:24.0608 4016 [ C0B8B96D018849FD8CCF15FED84E8782 ] C:\Windows\System32\ie4uinit.exe

15:42:24.0608 4016 C:\Windows\System32\ie4uinit.exe - ok

15:42:24.0624 4016 [ 5992A9DF57FD5E6960FDCC2DB69867F7 ] C:\Windows\System32\themeui.dll

15:42:24.0624 4016 C:\Windows\System32\themeui.dll - ok

15:42:24.0640 4016 [ 7E9917D5309A90E7576653BFE39F80D8 ] C:\Windows\System32\timedate.cpl

15:42:24.0640 4016 C:\Windows\System32\timedate.cpl - ok

15:42:24.0640 4016 [ 79DE9216B4800813CC3EFA8048F7B038 ] C:\Windows\System32\mmres.dll

15:42:24.0640 4016 C:\Windows\System32\mmres.dll - ok

15:42:24.0655 4016 [ 175383778EB24D98C84E624021E3AA0B ] C:\Windows\System32\aeevts.dll

15:42:24.0655 4016 C:\Windows\System32\aeevts.dll - ok

15:42:24.0671 4016 [ D2958325C1AE1AE37A83334C6229E3BC ] C:\Windows\System32\actxprxy.dll

15:42:24.0671 4016 C:\Windows\System32\actxprxy.dll - ok

15:42:24.0671 4016 [ 5987EA8A82C53359BCD2C29D6588583E ] C:\Windows\System32\linkinfo.dll

15:42:24.0671 4016 C:\Windows\System32\linkinfo.dll - ok

15:42:24.0686 4016 [ 45C0DF404182850C21749AF7763C095F ] C:\Windows\System32\accessibilitycpl.dll

15:42:24.0686 4016 C:\Windows\System32\accessibilitycpl.dll - ok

15:42:24.0686 4016 [ 2A8681AEA24003040CA7D677BE9F1702 ] C:\Windows\System32\drivers\87231406.sys

15:42:24.0686 4016 C:\Windows\System32\drivers\87231406.sys - ok

15:42:24.0702 4016 [ 285C594C4913FA9DC7BB6BA3AD6F101A ] C:\Windows\System32\wucltux.dll

15:42:24.0702 4016 C:\Windows\System32\wucltux.dll - ok

15:42:24.0718 4016 [ 3A16EA01FCFAAB40882DB5BFEE632322 ] C:\Windows\System32\msftedit.dll

15:42:24.0718 4016 C:\Windows\System32\msftedit.dll - ok

15:42:24.0718 4016 [ 35AAE2E841AA1A949775168E119482C9 ] C:\Windows\System32\msls31.dll

15:42:24.0718 4016 C:\Windows\System32\msls31.dll - ok

15:42:24.0733 4016 [ 7896EFFDEE215C172BE724A64931EF1C ] C:\Program Files\Common Files\microsoft shared\ink\tiptsf.dll

15:42:24.0733 4016 C:\Program Files\Common Files\microsoft shared\ink\tiptsf.dll - ok

15:42:24.0749 4016 [ DCCA4B04AF87E52EF9EAA2190E06CBAC ] C:\Program Files\Windows Sidebar\sidebar.exe

15:42:24.0749 4016 C:\Program Files\Windows Sidebar\sidebar.exe - ok

15:42:24.0749 4016 [ 8A07221789D46B2EA7DFCA2BC807572A ] C:\Program Files\TOSHIBA\ConfigFree\CFSwMgr.exe

15:42:24.0749 4016 C:\Program Files\TOSHIBA\ConfigFree\CFSwMgr.exe - ok

15:42:24.0764 4016 [ 90766F3987AA34BC5D6EAE8A38C1F533 ] C:\Windows\System32\WindowsAnytimeUpgradeui.exe

15:42:24.0764 4016 C:\Windows\System32\WindowsAnytimeUpgradeui.exe - ok

15:42:24.0780 4016 [ 5A8EBF167F36A7C0D6E9BDD027D55EEB ] C:\Program Files\DVD Maker\DVDMaker.exe

15:42:24.0780 4016 C:\Program Files\DVD Maker\DVDMaker.exe - ok

15:42:24.0780 4016 [ 2A39F32E0067CBF221611FE1FA8C6D8F ] C:\Windows\System32\DeviceCenter.dll

15:42:24.0780 4016 C:\Windows\System32\DeviceCenter.dll - ok

15:42:24.0796 4016 [ 967DCD9F36AAEA34FE859C9B82E6A4B9 ] C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe

15:42:24.0796 4016 C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe - ok

15:42:24.0811 4016 [ B2A88B3F19791E540B4A6228E5412C16 ] C:\PROGRA~1\WIC4A1~1\Mail\maillang.dll

15:42:24.0811 4016 C:\PROGRA~1\WIC4A1~1\Mail\maillang.dll - ok

15:42:24.0811 4016 [ 102CF6879887BBE846A00C459E6D4ABC ] C:\Windows\System32\riched20.dll

15:42:24.0811 4016 C:\Windows\System32\riched20.dll - ok

15:42:24.0827 4016 [ 3D57FFBAD3ED16B63DE3879BAB0FB56F ] C:\Windows\System32\networkexplorer.dll

15:42:24.0827 4016 C:\Windows\System32\networkexplorer.dll - ok

15:42:24.0842 4016 [ FA752544EE1EE59E8AD938CBB43CAC93 ] C:\PROGRA~1\WIC4A1~1\MESSEN~1\msgslang.dll

15:42:24.0842 4016 C:\PROGRA~1\WIC4A1~1\MESSEN~1\msgslang.dll - ok

15:42:24.0842 4016 [ D6692338B985D4A0CA52B828314D897D ] C:\Windows\System32\drprov.dll

15:42:24.0842 4016 C:\Windows\System32\drprov.dll - ok

15:42:24.0858 4016 [ 672D7C5080ACB003343006405DA2E621 ] C:\Windows\System32\thumbcache.dll

15:42:24.0858 4016 C:\Windows\System32\thumbcache.dll - ok

15:42:24.0874 4016 [ D7B7159BC8374E87D8C45A30377A3440 ] C:\Windows\System32\ntlanman.dll

15:42:24.0874 4016 C:\Windows\System32\ntlanman.dll - ok

15:42:24.0874 4016 [ 0E85C11F8850D524B02181C6E02BA9AE ] C:\Windows\System32\dsound.dll

15:42:24.0874 4016 C:\Windows\System32\dsound.dll - ok

15:42:24.0889 4016 [ 778B2333591E9D28063D491456DA18BE ] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe

15:42:24.0889 4016 C:\Program Files\Synaptics\SynTP\SynTPEnh.exe - ok

15:42:24.0905 4016 [ EB8224F66FD54B08DCBB52C409B1C3F4 ] C:\PROGRA~1\WIC4A1~1\PHOTOG~1\MOVIEM~2.DLL

15:42:24.0905 4016 C:\PROGRA~1\WIC4A1~1\PHOTOG~1\MOVIEM~2.DLL - ok

15:42:24.0905 4016 [ 284B59D7B56FC76C80E622AB856B1FAB ] C:\Windows\System32\davclnt.dll

15:42:24.0905 4016 C:\Windows\System32\davclnt.dll - ok

15:42:24.0920 4016 [ 18AB2E5A40064ED5F7791AC5946A90F3 ] C:\Windows\System32\msimg32.dll

15:42:24.0920 4016 C:\Windows\System32\msimg32.dll - ok

15:42:24.0936 4016 [ 179BECE8D1A4C488DDB7191FF9BE3FB0 ] C:\Windows\System32\davhlpr.dll

15:42:24.0936 4016 C:\Windows\System32\davhlpr.dll - ok

15:42:24.0936 4016 [ DB0E503EDF7C9030731070DB5EDA0CEA ] C:\Program Files\TOSHIBA\Power Saver\TPwrMain.exe

15:42:24.0936 4016 C:\Program Files\TOSHIBA\Power Saver\TPwrMain.exe - ok

15:42:24.0952 4016 [ 936F728E04ACCF3F38801CFFCF1E3F40 ] C:\Windows\System32\oledlg.dll

15:42:24.0952 4016 C:\Windows\System32\oledlg.dll - ok

15:42:24.0952 4016 [ 59B7280D73906B43B13B273A1F9CC3DD ] C:\Windows\System32\xpsrchvw.exe

15:42:24.0952 4016 C:\Windows\System32\xpsrchvw.exe - ok

15:42:24.0967 4016 [ BB9501FFB0223CF0C83A16A1CB7516D4 ] C:\Windows\System32\SynCOM.dll

15:42:24.0967 4016 C:\Windows\System32\SynCOM.dll - ok

15:42:24.0983 4016 [ BA4E1A60BD20CA7978C76D79F19E37F0 ] C:\Windows\System32\DisplaySwitch.exe

15:42:24.0983 4016 C:\Windows\System32\DisplaySwitch.exe - ok

15:42:24.0983 4016 [ A11F5EE731CD48F3DC509E2D180E1AF0 ] C:\Program Files\TOSHIBA\SmoothView\SmoothView.exe

15:42:24.0983 4016 C:\Program Files\TOSHIBA\SmoothView\SmoothView.exe - ok

15:42:24.0998 4016 [ 7B554081A0A80B14F1E5D06441DBAF58 ] C:\Program Files\Common Files\microsoft shared\ink\mip.exe

15:42:24.0998 4016 C:\Program Files\Common Files\microsoft shared\ink\mip.exe - ok

15:42:25.0014 4016 [ D7688EA8637F2E908259CBD5835B1571 ] C:\Windows\System32\SynTPAPI.dll

15:42:25.0014 4016 C:\Windows\System32\SynTPAPI.dll - ok

15:42:25.0014 4016 [ D205C24A9D069049FE2DF2A1B38726A7 ] C:\Windows\System32\wdmaud.drv

15:42:25.0014 4016 C:\Windows\System32\wdmaud.drv - ok

15:42:25.0030 4016 [ 9C67F6BBDA3881CFD02095160CF91576 ] C:\Windows\System32\ksuser.dll

15:42:25.0030 4016 C:\Windows\System32\ksuser.dll - ok

15:42:25.0030 4016 [ B5FFA9977015ED3E1B2C3FF266A1BEB9 ] C:\Windows\System32\mblctr.exe

15:42:25.0030 4016 C:\Windows\System32\mblctr.exe - ok

15:42:25.0045 4016 [ 68B4A549D0B56A4DD9A488751037CF09 ] C:\Windows\System32\mstsc.exe

15:42:25.0045 4016 C:\Windows\System32\mstsc.exe - ok

15:42:25.0061 4016 [ 32BE4A1FAFCCD5CA9AB0CE772C43D5E2 ] C:\Windows\System32\SnippingTool.exe

15:42:25.0061 4016 C:\Windows\System32\SnippingTool.exe - ok

15:42:25.0061 4016 [ E327C3E38A6C0C176D7AE89D30E24EF4 ] C:\Program Files\Synaptics\SynTP\SynTPHelper.exe

15:42:25.0061 4016 C:\Program Files\Synaptics\SynTP\SynTPHelper.exe - ok

15:42:25.0076 4016 [ 2A40F6AD59D3E598ECDAA6CAB90360A4 ] C:\Windows\System32\SoundRecorder.exe

15:42:25.0076 4016 C:\Windows\System32\SoundRecorder.exe - ok

15:42:25.0092 4016 [ 31AFFAA5C75FDCD3E646CA571367F902 ] C:\Program Files\TOSHIBA\FlashCards\TCrdMain.exe

15:42:25.0092 4016 C:\Program Files\TOSHIBA\FlashCards\TCrdMain.exe - ok

15:42:25.0108 4016 [ C940F2F5C60B3727C5F18840735B229C ] C:\Windows\System32\AudioSes.dll

15:42:25.0108 4016 C:\Windows\System32\AudioSes.dll - ok

15:42:25.0108 4016 [ 4ABBD0FEB53ECCD3B5C8A9D9FB1A79F6 ] C:\Windows\System32\SNTSearch.dll

15:42:25.0108 4016 C:\Windows\System32\SNTSearch.dll - ok

15:42:25.0123 4016 [ 0683803970A1375A2A632FEEA62D8D99 ] C:\Program Files\TOSHIBA\TOSHIBA Service Station\ToshibaServiceStation.exe

15:42:25.0123 4016 C:\Program Files\TOSHIBA\TOSHIBA Service Station\ToshibaServiceStation.exe - ok

15:42:25.0123 4016 [ 804D1B3F83682288619DF795543BF382 ] C:\Windows\System32\consent.exe

15:42:25.0123 4016 C:\Windows\System32\consent.exe - ok

15:42:25.0139 4016 [ DCCB7A4A05FA81B191D46797962CC7C4 ] C:\Windows\System32\RTCOM\RtkCfg.dll

15:42:25.0139 4016 C:\Windows\System32\RTCOM\RtkCfg.dll - ok

15:42:25.0154 4016 [ 07393A09C46083588E751B63B03C8301 ] C:\Windows\System32\msacm32.drv

15:42:25.0154 4016 C:\Windows\System32\msacm32.drv - ok

15:42:25.0154 4016 [ 85683DF1F917E4D7F6BE1A04986BF1C8 ] C:\Windows\System32\msacm32.dll

15:42:25.0154 4016 C:\Windows\System32\msacm32.dll - ok

15:42:25.0170 4016 [ D83947A58613E9091B4C9CC0F1546A8D ] C:\Windows\System32\mscoree.dll

15:42:25.0170 4016 C:\Windows\System32\mscoree.dll - ok

15:42:25.0186 4016 [ 72F898EA1F3F41BFB9320C532C240205 ] C:\Windows\System32\RtkAPO.dll

15:42:25.0186 4016 C:\Windows\System32\RtkAPO.dll - ok

15:42:25.0186 4016 [ 2DDEA2C345DA5BC589EFD398F220DB0E ] C:\Windows\System32\SyncCenter.dll

15:42:25.0186 4016 C:\Windows\System32\SyncCenter.dll - ok

15:42:25.0201 4016 [ A9BC134691E76EB00F0739046D433447 ] C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosWaitSrv.exe

15:42:25.0201 4016 C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosWaitSrv.exe - ok

15:42:25.0217 4016 [ 2F03490092C032392FB6FF635222B9B2 ] C:\Windows\System32\apisetschema.dll

15:42:25.0217 4016 C:\Windows\System32\apisetschema.dll - ok

15:42:25.0217 4016 [ 5A12C364AD1D4FCC0AD0E56DBBC34462 ] C:\Windows\System32\midimap.dll

15:42:25.0217 4016 C:\Windows\System32\midimap.dll - ok

15:42:25.0232 4016 [ 4E30ED3E551E867ADD1C8D58F5EDD9DF ] C:\Windows\System32\WMALFXGFXDSP.dll

15:42:25.0232 4016 C:\Windows\System32\WMALFXGFXDSP.dll - ok

15:42:25.0232 4016 [ 468D6989581E6AEA75DE74D4B3722CC3 ] C:\Windows\System32\OobeFldr.dll

15:42:25.0232 4016 C:\Windows\System32\OobeFldr.dll - ok

15:42:25.0248 4016 [ BE54E44F60F121782B84E5B1BFADF315 ] C:\Windows\System32\Speech\SpeechUX\sapi.cpl

15:42:25.0248 4016 C:\Windows\System32\Speech\SpeechUX\sapi.cpl - ok

15:42:25.0264 4016 [ F5DF6846F30E9F54EA60CCAEB3FB2055 ] C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscoreei.dll

15:42:25.0264 4016 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscoreei.dll - ok

15:42:25.0264 4016 [ FB036244DBD2FADC225AD8650886B641 ] C:\Windows\System32\dfrgui.exe

15:42:25.0264 4016 C:\Windows\System32\dfrgui.exe - ok

15:42:25.0279 4016 [ 8BCF1DCE05F4494C8891F33EEA450D0A ] C:\Windows\System32\wdc.dll

15:42:25.0279 4016 C:\Windows\System32\wdc.dll - ok

15:42:25.0295 4016 [ 96B3C4E20F02CA16AA1E3E425BFFCC8B ] C:\Windows\WindowsMobile\wmdc.exe

15:42:25.0295 4016 C:\Windows\WindowsMobile\wmdc.exe - ok

15:42:25.0295 4016 [ 5F2122888583347C9B81724CF169EFC6 ] C:\Windows\System32\msinfo32.exe

15:42:25.0295 4016 C:\Windows\System32\msinfo32.exe - ok

15:42:25.0310 4016 [ 5033F9928BDE9C57B4CF9472407D96F9 ] C:\Program Files\TOSHIBA\Power Saver\TtosFunc.dll

15:42:25.0310 4016 C:\Program Files\TOSHIBA\Power Saver\TtosFunc.dll - ok

15:42:25.0310 4016 [ 78079EB83665E1AC18AC9C5E273845BF ] C:\Windows\System32\rstrui.exe

15:42:25.0310 4016 C:\Windows\System32\rstrui.exe - ok

15:42:25.0326 4016 [ B72F77DA5A69F5626696182E17B503BA ] C:\Windows\System32\miguiresource.dll

15:42:25.0326 4016 C:\Windows\System32\miguiresource.dll - ok

15:42:25.0342 4016 [ 40B82688907A7DBA4DB3B5ADDE3EAB3B ] C:\Windows\System32\mfplat.dll

15:42:25.0342 4016 C:\Windows\System32\mfplat.dll - ok

15:42:25.0342 4016 [ 36143067E041A98083FB204DAC49293C ] C:\Program Files\dcmsvc\dcmsvc.exe

15:42:25.0342 4016 C:\Program Files\dcmsvc\dcmsvc.exe - ok

15:42:25.0357 4016 [ 2FF112EF1984C2AD73684F0B290DBFA3 ] C:\Windows\System32\migwiz\wet.dll

15:42:25.0357 4016 C:\Windows\System32\migwiz\wet.dll - ok

15:42:25.0373 4016 [ 1B8FF90D2E6CACC4FB83717A619F758D ] C:\Program Files\TOSHIBA\Power Saver\TCooling.dll

15:42:25.0373 4016 C:\Program Files\TOSHIBA\Power Saver\TCooling.dll - ok

15:42:25.0388 4016 [ 12673BCF7B32087DF63F0CFF550EA40B ] C:\Program Files\Adobe\Reader 9.0\Reader\reader_sl.exe

15:42:25.0388 4016 C:\Program Files\Adobe\Reader 9.0\Reader\reader_sl.exe - ok

15:42:25.0388 4016 [ BBA9D5A730D5E304117AD26923EBD8AA ] C:\Windows\System32\AudioEng.dll

15:42:25.0388 4016 C:\Windows\System32\AudioEng.dll - ok

15:42:25.0404 4016 [ 5BCB0EB1A8EC016C03375E5C87344400 ] C:\Program Files\Common Files\microsoft shared\ink\ShapeCollector.exe

15:42:25.0404 4016 C:\Program Files\Common Files\microsoft shared\ink\ShapeCollector.exe - ok

15:42:25.0420 4016 [ BAD6BEA0DE1F69C82BDB74378CE0C20A ] C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe

15:42:25.0420 4016 C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe - ok

15:42:25.0420 4016 [ 90D455F7037BB1AC2E98B74FD72D8AC7 ] C:\Program Files\TOSHIBA\Power Saver\TOddPwr.dll

15:42:25.0420 4016 C:\Program Files\TOSHIBA\Power Saver\TOddPwr.dll - ok

15:42:25.0435 4016 [ 912649A1B3F9E6ACB3899FBDABA2ED5F ] C:\Windows\System32\stobject.dll

15:42:25.0435 4016 C:\Windows\System32\stobject.dll - ok

15:42:25.0451 4016 [ 8B92BED5B8D4A8480E7AA631F35A6F35 ] C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorwks.dll

15:42:25.0451 4016 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorwks.dll - ok

15:42:25.0451 4016 [ 67C1B58706B47EEBA4E117AC197289E6 ] C:\Windows\System32\batmeter.dll

15:42:25.0451 4016 C:\Windows\System32\batmeter.dll - ok

Link to post
Share on other sites

15:42:25.0466 4016 [ F5B8F83EAACF6B6B4A00CFDF53778F15 ] C:\Program Files\TOSHIBA\Power Saver\TPwrSrv.dll

15:42:25.0466 4016 C:\Program Files\TOSHIBA\Power Saver\TPwrSrv.dll - ok

15:42:25.0482 4016 [ 5AF22331F2CA24D7688DE5C374519BA3 ] C:\Program Files\Windows Journal\Journal.exe

15:42:25.0482 4016 C:\Program Files\Windows Journal\Journal.exe - ok

15:42:25.0482 4016 [ 13E7CFE8E269ED15E7FC9C3EBBCB7E2B ] C:\Program Files\Common Files\Java\Java Update\jusched.exe

15:42:25.0482 4016 C:\Program Files\Common Files\Java\Java Update\jusched.exe - ok

15:42:25.0498 4016 [ 92F44E405DB16AC55D97E3BFE3B132FA ] C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe

15:42:25.0498 4016 C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe - ok

15:42:25.0498 4016 [ 96F0F8F4DEE598C8D12AD9633E0CFE2A ] C:\Windows\System32\AUDIOKSE.dll

15:42:25.0498 4016 C:\Windows\System32\AUDIOKSE.dll - ok

15:42:25.0513 4016 [ 82CC8F77E9EC61C6B4D48DD4D5CA78E7 ] C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe

15:42:25.0513 4016 C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe - ok

15:42:25.0529 4016 [ C8333F1F77A1B2E25F2202E892CAF634 ] C:\Windows\System32\prnfldr.dll

15:42:25.0529 4016 C:\Windows\System32\prnfldr.dll - ok

15:42:25.0529 4016 [ 30BC378F9736CE588263555EC774C64E ] C:\Program Files\TOSHIBA\Power Saver\T1394Pwr.dll

15:42:25.0529 4016 C:\Program Files\TOSHIBA\Power Saver\T1394Pwr.dll - ok

15:42:25.0544 4016 [ B1E4D190CD21CC75AE38562400DD5345 ] C:\Windows\System32\rapistub.dll

15:42:25.0544 4016 C:\Windows\System32\rapistub.dll - ok

15:42:25.0560 4016 [ 0BBDB0F5A25A2FE0502F44CA7D04AB61 ] C:\Windows\System32\mycomput.dll

15:42:25.0560 4016 C:\Windows\System32\mycomput.dll - ok

15:42:25.0560 4016 [ ABA457BFC7EC0B5E130B2F1E0F549DFF ] C:\Windows\System32\odbcint.dll

15:42:25.0560 4016 C:\Windows\System32\odbcint.dll - ok

15:42:25.0576 4016 [ 08E3003DAD2323A9C263795EB24358E4 ] C:\Program Files\TOSHIBA\Power Saver\TKBLEDPwr.dll

15:42:25.0576 4016 C:\Program Files\TOSHIBA\Power Saver\TKBLEDPwr.dll - ok

15:42:25.0591 4016 [ 916A2C4EB028604783FD5EA169236C1D ] C:\Program Files\QuickTime\QTTask.exe

15:42:25.0591 4016 C:\Program Files\QuickTime\QTTask.exe - ok

15:42:25.0591 4016 [ F945ADCEF203E6104AEC8EC9C337CFD0 ] C:\Windows\System32\iscsicpl.dll

15:42:25.0591 4016 C:\Windows\System32\iscsicpl.dll - ok

15:42:25.0607 4016 [ 4AFFDCAADCB1DBBFFAF06C7F82E7F6FC ] C:\Program Files\iTunes\iTunesHelper.exe

15:42:25.0607 4016 C:\Program Files\iTunes\iTunesHelper.exe - ok

15:42:25.0607 4016 [ 4D05BDE56A7116B744B04192173A0122 ] C:\Windows\System32\MdSched.exe

15:42:25.0607 4016 C:\Windows\System32\MdSched.exe - ok

15:42:25.0622 4016 [ 11FBB8CB6865B7BA387095398EB91ED4 ] C:\Windows\System32\rapi.dll

15:42:25.0622 4016 C:\Windows\System32\rapi.dll - ok

15:42:25.0638 4016 [ A6C1DADBDAFADEA484348636DC293A10 ] C:\Program Files\Adobe\Reader 9.0\Reader\AcroRd32.exe

15:42:25.0638 4016 C:\Program Files\Adobe\Reader 9.0\Reader\AcroRd32.exe - ok

15:42:25.0638 4016 [ A3E23DD82AA7963D9F7D184BEEEE5448 ] C:\Windows\System32\filemgmt.dll

15:42:25.0638 4016 C:\Windows\System32\filemgmt.dll - ok

15:42:25.0654 4016 [ 31D59387099070963EAD4CE14C5B5F04 ] C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\187d7c66735c533de851c76384f86912\mscorlib.ni.dll

15:42:25.0654 4016 C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\187d7c66735c533de851c76384f86912\mscorlib.ni.dll - ok

15:42:25.0669 4016 [ A00075951E38A73FE2F9D8384311710A ] C:\Windows\System32\msconfig.exe

15:42:25.0669 4016 C:\Windows\System32\msconfig.exe - ok

15:42:25.0669 4016 [ 81241E7723D5675AF6E27A7F0E7F3324 ] C:\Windows\System32\AuthFWGP.dll

15:42:25.0669 4016 C:\Windows\System32\AuthFWGP.dll - ok

15:42:25.0685 4016 [ 19BC13711AC403FEB830522E4831701B ] C:\Windows\System32\gameux.dll

15:42:25.0685 4016 C:\Windows\System32\gameux.dll - ok

15:42:25.0700 4016 [ AC301C9C2ED090B5AA3A4A0B34D82381 ] C:\Program Files\TOSHIBA\FlashCards\TCrdMain.dll

15:42:25.0700 4016 C:\Program Files\TOSHIBA\FlashCards\TCrdMain.dll - ok

15:42:25.0700 4016 [ 9EB925EDC8CF1C3D06E50E9348B54A0A ] C:\Users\Braun\AppData\Local\Facebook\Update\FacebookUpdate.exe

15:42:25.0700 4016 C:\Users\Braun\AppData\Local\Facebook\Update\FacebookUpdate.exe - ok

15:42:25.0716 4016 [ E24BB41C4EFC309A14709FC127A3B847 ] C:\Windows\System32\sdcpl.dll

15:42:25.0716 4016 C:\Windows\System32\sdcpl.dll - ok

15:42:25.0716 4016 [ B0B4C590C0CAE7741DA17E3DC86CC828 ] C:\Windows\System32\ceutil.dll

15:42:25.0732 4016 C:\Windows\System32\ceutil.dll - ok

15:42:25.0732 4016 [ 10372540F4E68583DA4325CF59074749 ] C:\Program Files\TOSHIBA\Power Saver\TSDPwr.dll

15:42:25.0732 4016 C:\Program Files\TOSHIBA\Power Saver\TSDPwr.dll - ok

15:42:25.0747 4016 [ 7635B6502882E4B1713F049FD8FD2EA4 ] C:\Windows\System32\recdisc.exe

15:42:25.0747 4016 C:\Windows\System32\recdisc.exe - ok

15:42:25.0747 4016 [ 6E9E439517D89EDC9A6CB1E94489620A ] C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsec.dll

15:42:25.0747 4016 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsec.dll - ok

15:42:25.0763 4016 [ 6161257008FE77D3ADFA9CBBC419F843 ] C:\Program Files\TOSHIBA\FlashCards\TCrdEvnt.dll

15:42:25.0763 4016 C:\Program Files\TOSHIBA\FlashCards\TCrdEvnt.dll - ok

15:42:25.0778 4016 [ ADDB05C93272A62606599B24730BD645 ] C:\Windows\System32\DXP.dll

15:42:25.0778 4016 C:\Windows\System32\DXP.dll - ok

15:42:25.0778 4016 [ 4AC5B4A0B8D22185C09EE5584BF1CFB5 ] C:\Windows\System32\msra.exe

15:42:25.0778 4016 C:\Windows\System32\msra.exe - ok

15:42:25.0794 4016 [ F4A703E6F5E76C2C7CF1531E1CB3AC6F ] C:\PROGRA~1\MIDDD5~1\mui\oaa.dll

15:42:25.0794 4016 C:\PROGRA~1\MIDDD5~1\mui\oaa.dll - ok

15:42:25.0810 4016 [ 4B0277F08085FB78113FC157DBF2D596 ] C:\Program Files\TOSHIBA\FlashCards\BlackPng.dll

15:42:25.0810 4016 C:\Program Files\TOSHIBA\FlashCards\BlackPng.dll - ok

15:42:25.0810 4016 [ EBF8791ABE6F7302241EE0A492452874 ] C:\Program Files\TOSHIBA\Power Saver\TPCIePwr.dll

15:42:25.0810 4016 C:\Program Files\TOSHIBA\Power Saver\TPCIePwr.dll - ok

15:42:25.0825 4016 [ 7B845BFE314509D08AB5865CB141E332 ] C:\Program Files\iTunes\iTunesHelper.dll

15:42:25.0825 4016 C:\Program Files\iTunes\iTunesHelper.dll - ok

15:42:25.0841 4016 [ 856CFFCD835528136367BB1A8FE1DB87 ] C:\Windows\System32\Syncreg.dll

15:42:25.0841 4016 C:\Windows\System32\Syncreg.dll - ok

15:42:25.0841 4016 [ 803051E1A6F884D9842C078AA09BDFF7 ] C:\Program Files\TOSHIBA\Power Saver\TFunctab.dll

15:42:25.0841 4016 C:\Program Files\TOSHIBA\Power Saver\TFunctab.dll - ok

15:42:25.0856 4016 [ F8F03D206F7D5811D630349A23E9B9B9 ] C:\Windows\ehome\ehSSO.dll

15:42:25.0856 4016 C:\Windows\ehome\ehSSO.dll - ok

15:42:25.0872 4016 [ EC971A8E4CA132D6F8482B0C8B79A9AD ] C:\PROGRA~1\WIC4A1~1\Writer\WI68BE~1.DLL

15:42:25.0872 4016 C:\PROGRA~1\WIC4A1~1\Writer\WI68BE~1.DLL - ok

15:42:25.0872 4016 [ C6A0C54ABD119B5F3C52630F08BE6040 ] C:\Program Files\TOSHIBA\FlashCards\Hotkey\FnESC.dll

15:42:25.0872 4016 C:\Program Files\TOSHIBA\FlashCards\Hotkey\FnESC.dll - ok

15:42:25.0888 4016 [ 0552A8684BF7566F744D5B19FF6AEC6B ] C:\Windows\System32\bitsperf.dll

15:42:25.0888 4016 C:\Windows\System32\bitsperf.dll - ok

15:42:25.0888 4016 [ B2B3DAE040F6B5AE1DF52B0CD7631A18 ] C:\Windows\System32\AltTab.dll

15:42:25.0888 4016 C:\Windows\System32\AltTab.dll - ok

15:42:25.0903 4016 [ F45ED8C4F9AF862CD9992849B5203C11 ] C:\Windows\System32\bitsigd.dll

15:42:25.0903 4016 C:\Windows\System32\bitsigd.dll - ok

15:42:25.0919 4016 [ 655DC8C88A87C587EC2F0A4F8990ADC9 ] C:\Program Files\TOSHIBA\FlashCards\Hotkey\FnZ.dll

15:42:25.0919 4016 C:\Program Files\TOSHIBA\FlashCards\Hotkey\FnZ.dll - ok

15:42:25.0919 4016 [ 46A6BA9274D075A2C30025C4E96D875A ] C:\Windows\System32\msvcp60.dll

15:42:25.0919 4016 C:\Windows\System32\msvcp60.dll - ok

15:42:25.0934 4016 [ 735263DA17BF5BAF9CCD483843BF9D5A ] C:\Windows\System32\WPDShServiceObj.dll

15:42:25.0934 4016 C:\Windows\System32\WPDShServiceObj.dll - ok

15:42:25.0950 4016 [ 81CA32EFCF10C09B9E8B0387F9479074 ] C:\Program Files\TOSHIBA\FlashCards\Hotkey\FnF1.dll

15:42:25.0950 4016 C:\Program Files\TOSHIBA\FlashCards\Hotkey\FnF1.dll - ok

15:42:25.0950 4016 [ ADB45A977BD9E45790CA496DB84BA148 ] C:\Windows\System32\PortableDeviceTypes.dll

15:42:25.0950 4016 C:\Windows\System32\PortableDeviceTypes.dll - ok

15:42:25.0966 4016 [ 5CEDF292F4573A1F36CC7DE598ECCFC7 ] C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon_main.dll

15:42:25.0966 4016 C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon_main.dll - ok

15:42:25.0981 4016 [ 230EA9ABBC3432CDE388F4891E76E867 ] C:\Windows\System32\udhisapi.dll

15:42:25.0981 4016 C:\Windows\System32\udhisapi.dll - ok

15:42:25.0981 4016 [ 85B45B4B285B159ACDB355FC8C1E8925 ] C:\Windows\System32\qmgrprxy.dll

15:42:25.0981 4016 C:\Windows\System32\qmgrprxy.dll - ok

15:42:25.0997 4016 [ 8DC3534953ECE00C7B993F219F8E6210 ] C:\Program Files\TOSHIBA\FlashCards\FnSticky.dll

15:42:25.0997 4016 C:\Program Files\TOSHIBA\FlashCards\FnSticky.dll - ok

15:42:26.0012 4016 [ BD626EF05967D14C772B8096292731A3 ] C:\Windows\System32\QUTIL.DLL

15:42:26.0012 4016 C:\Windows\System32\QUTIL.DLL - ok

15:42:26.0012 4016 [ 75BCC4043512E41D83C8F224B168039C ] C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorjit.dll

15:42:26.0012 4016 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorjit.dll - ok

15:42:26.0028 4016 [ 3379989F06B31347792836DCF028A325 ] C:\Windows\System32\rapiproxystub.dll

15:42:26.0028 4016 C:\Windows\System32\rapiproxystub.dll - ok

15:42:26.0028 4016 [ 49D3F53BEA86A4EFEFA53550E0DBFDB1 ] C:\Users\Braun\AppData\Local\Facebook\Update\1.2.205.0\goopdate.dll

15:42:26.0028 4016 C:\Users\Braun\AppData\Local\Facebook\Update\1.2.205.0\goopdate.dll - ok

15:42:26.0044 4016 [ 3D3782AC3E1260AAC90139BDA4B28A4B ] C:\Program Files\TOSHIBA\Power Saver\TFunc2.dll

15:42:26.0044 4016 C:\Program Files\TOSHIBA\Power Saver\TFunc2.dll - ok

15:42:26.0059 4016 [ 0803424C3751B2F96DF8E270E7157BF1 ] C:\Program Files\TOSHIBA\FlashCards\Hotkey\FnF3.dll

15:42:26.0059 4016 C:\Program Files\TOSHIBA\FlashCards\Hotkey\FnF3.dll - ok

15:42:26.0059 4016 [ A7146C0C90D7BA0F251AC073E655D4D2 ] C:\Program Files\iTunes\iTunesHelper.Resources\iTunesHelper.dll

15:42:26.0059 4016 C:\Program Files\iTunes\iTunesHelper.Resources\iTunesHelper.dll - ok

15:42:26.0075 4016 [ 674F1F10C790624E6AEFF1133EB5690A ] C:\Program Files\TOSHIBA\FlashCards\TWarnMsg\TWarnMsg.dll

15:42:26.0075 4016 C:\Program Files\TOSHIBA\FlashCards\TWarnMsg\TWarnMsg.dll - ok

15:42:26.0090 4016 [ 9DEE004269DADEE715BD572410AA6076 ] C:\Program Files\iTunes\iTunesHelper.Resources\en.lproj\iTunesHelperLocalized.dll

15:42:26.0090 4016 C:\Program Files\iTunes\iTunesHelper.Resources\en.lproj\iTunesHelperLocalized.dll - ok

15:42:26.0090 4016 [ 6D6596E046CA6A61DE250AD3A281A1AF ] C:\Windows\assembly\NativeImages_v2.0.50727_32\System\9dd758ac0bf7358ac6e4720610fcc63c\System.ni.dll

15:42:26.0090 4016 C:\Windows\assembly\NativeImages_v2.0.50727_32\System\9dd758ac0bf7358ac6e4720610fcc63c\System.ni.dll - ok

15:42:26.0106 4016 [ 843D21A20736016E5613E4B51EA60D46 ] C:\Windows\System32\winusb.dll

15:42:26.0106 4016 C:\Windows\System32\winusb.dll - ok

15:42:26.0122 4016 [ 674B0C0F6A448EB185CAAB9C51D44032 ] C:\Windows\System32\srchadmin.dll

15:42:26.0122 4016 C:\Windows\System32\srchadmin.dll - ok

15:42:26.0122 4016 [ 08415DC2E0DF45D52A0436587ADB64CA ] C:\Program Files\TOSHIBA\FlashCards\Hotkey\FnF4.dll

15:42:26.0122 4016 C:\Program Files\TOSHIBA\FlashCards\Hotkey\FnF4.dll - ok

15:42:26.0137 4016 [ 3010B6F95BB33F44EECF1601AB28FAB6 ] C:\Program Files\TOSHIBA\FlashCards\Hotkey\fnf5.dll

15:42:26.0137 4016 C:\Program Files\TOSHIBA\FlashCards\Hotkey\fnf5.dll - ok

15:42:26.0153 4016 [ 8C8C82633A7E90A33E8D7D9617B2B46C ] C:\Windows\WindowsMobile\tcp2udp.dll

15:42:26.0153 4016 C:\Windows\WindowsMobile\tcp2udp.dll - ok

15:42:26.0168 4016 [ 2A72853494912BB034AF7AC1C86EC04E ] C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\4e80768a2d88c7a333e43cbb7a6c0705\System.Drawing.ni.dll

15:42:26.0168 4016 C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\4e80768a2d88c7a333e43cbb7a6c0705\System.Drawing.ni.dll - ok

15:42:26.0168 4016 [ 1CBF15FDB0310345A68972EB5C5B948F ] C:\Windows\System32\mssprxy.dll

15:42:26.0168 4016 C:\Windows\System32\mssprxy.dll - ok

15:42:26.0184 4016 [ F1278B3514EA6FA9BC39B20D26139AAC ] C:\Windows\System32\msiltcfg.dll

15:42:26.0184 4016 C:\Windows\System32\msiltcfg.dll - ok

15:42:26.0200 4016 [ E79CAF0620FCA23560EFB8AC7C45E9A4 ] C:\Users\Braun\AppData\Local\Facebook\Update\1.2.205.0\goopdateres_en.dll

15:42:26.0200 4016 C:\Users\Braun\AppData\Local\Facebook\Update\1.2.205.0\goopdateres_en.dll - ok

15:42:26.0200 4016 [ C3F095D0614D2B3B999F892CA17A1936 ] C:\Windows\System32\atipdlxx.dll

15:42:26.0200 4016 C:\Windows\System32\atipdlxx.dll - ok

15:42:26.0215 4016 [ 917422E1B95A72B0328B301BACBF1B07 ] C:\Windows\System32\wcescommproxy.dll

15:42:26.0215 4016 C:\Windows\System32\wcescommproxy.dll - ok

15:42:26.0215 4016 [ 0DCA6A11D09D4C2CBE6B898B897EA915 ] C:\Windows\System32\UIAnimation.dll

15:42:26.0215 4016 C:\Windows\System32\UIAnimation.dll - ok

15:42:26.0231 4016 [ 05B9079A6663E3C6859E5515145C4951 ] C:\Program Files\TOSHIBA\FlashCards\Hotkey\FnF67.dll

15:42:26.0231 4016 C:\Program Files\TOSHIBA\FlashCards\Hotkey\FnF67.dll - ok

15:42:26.0246 4016 [ 348643BED4F3B17B7199B15392F14974 ] C:\Program Files\TOSHIBA\FlashCards\Hotkey\FnF8Dll.dll

15:42:26.0246 4016 C:\Program Files\TOSHIBA\FlashCards\Hotkey\FnF8Dll.dll - ok

15:42:26.0246 4016 [ AC6A3801F3CDE7EB41B3F52E9B0A1C2B ] C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\d040079bc7148afeca03c5abb6fc3c61\System.Windows.Forms.ni.dll

15:42:26.0246 4016 C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\d040079bc7148afeca03c5abb6fc3c61\System.Windows.Forms.ni.dll - ok

15:42:26.0262 4016 [ 9A39A2A5F443A756C568C6ED5748AFE4 ] C:\Windows\System32\ActionCenter.dll

15:42:26.0262 4016 C:\Windows\System32\ActionCenter.dll - ok

15:42:26.0278 4016 [ 523DF3B590D8A353A49235B1B7C571AD ] C:\Windows\WindowsMobile\dtptdns.dll

15:42:26.0278 4016 C:\Windows\WindowsMobile\dtptdns.dll - ok

15:42:26.0278 4016 [ E6F880F6CCEB6916C71D7C5504CA7996 ] C:\Program Files\TOSHIBA\TOSHIBA Service Station\PluginLib.dll

15:42:26.0278 4016 C:\Program Files\TOSHIBA\TOSHIBA Service Station\PluginLib.dll - ok

15:42:26.0293 4016 [ AB781C0E4C09E08F464081D17C0F6184 ] C:\Program Files\Common Files\Apple\Mobile Device Support\iTunesMobileDevice.dll

15:42:26.0293 4016 C:\Program Files\Common Files\Apple\Mobile Device Support\iTunesMobileDevice.dll - ok

15:42:26.0309 4016 [ 6F0DAB13529BCB7C0F8A3082A8B1CDE9 ] C:\Program Files\Windows Live\Messenger\msnmsgr.exe

15:42:26.0309 4016 C:\Program Files\Windows Live\Messenger\msnmsgr.exe - ok

15:42:26.0309 4016 [ 71E22E0BE06A21070AF772C7B499CFBE ] C:\Program Files\TOSHIBA\FlashCards\Hotkey\FnF9.dll

15:42:26.0309 4016 C:\Program Files\TOSHIBA\FlashCards\Hotkey\FnF9.dll - ok

15:42:26.0324 4016 [ D5D7C7CBDD63C5938C83846B313FCF3B ] C:\Windows\WindowsMobile\BthASPlugin.dll

15:42:26.0324 4016 C:\Windows\WindowsMobile\BthASPlugin.dll - ok

15:42:26.0340 4016 [ C2FB797884D9CC30AC0B5FB28146FE7A ] C:\Program Files\Windows Live\Messenger\uccapi.dll

15:42:26.0340 4016 C:\Program Files\Windows Live\Messenger\uccapi.dll - ok

15:42:26.0340 4016 [ 5193DE33F3284C447E0D31DAFBF92570 ] C:\Windows\System32\webcheck.dll

15:42:26.0340 4016 C:\Windows\System32\webcheck.dll - ok

15:42:26.0356 4016 [ A0617B5753E31126AD29C03154F4F329 ] C:\Windows\Microsoft.NET\Framework\v2.0.50727\Culture.dll

15:42:26.0356 4016 C:\Windows\Microsoft.NET\Framework\v2.0.50727\Culture.dll - ok

15:42:26.0371 4016 [ CA55D2F9F9FC2708DD6BD26E8FEA76D8 ] C:\Program Files\Windows Live\Messenger\vvpltfrm.dll

15:42:26.0371 4016 C:\Program Files\Windows Live\Messenger\vvpltfrm.dll - ok

15:42:26.0371 4016 [ E08C81ABB98956BA1F571138BE8983FA ] C:\Program Files\Windows Live\Messenger\shareanything.dll

15:42:26.0371 4016 C:\Program Files\Windows Live\Messenger\shareanything.dll - ok

15:42:26.0387 4016 [ F52BEEC973908E99F5B9FF30C8F0800E ] C:\Program Files\TOSHIBA\FlashCards\Hotkey\FnSpace.dll

15:42:26.0387 4016 C:\Program Files\TOSHIBA\FlashCards\Hotkey\FnSpace.dll - ok

15:42:26.0402 4016 [ 68CE18072E9CDFE63DD2E083868C7433 ] C:\Windows\assembly\GAC_MSIL\System.Windows.Forms\2.0.0.0__b77a5c561934e089\System.Windows.Forms.dll

15:42:26.0402 4016 C:\Windows\assembly\GAC_MSIL\System.Windows.Forms\2.0.0.0__b77a5c561934e089\System.Windows.Forms.dll - ok

15:42:26.0402 4016 [ A45CB10FC8C4DCA23F96FE4D334F64FE ] C:\Windows\System32\msxml3r.dll

15:42:26.0402 4016 C:\Windows\System32\msxml3r.dll - ok

15:42:26.0418 4016 [ 5C651246CD24095952F976A754C6B110 ] C:\Program Files\TOSHIBA\TOSHIBA Assist\NotifyX.dll

15:42:26.0418 4016 C:\Program Files\TOSHIBA\TOSHIBA Assist\NotifyX.dll - ok

15:42:26.0434 4016 [ 8EE6BDE1D572677AA35707C52C585F75 ] C:\Windows\System32\mlang.dll

15:42:26.0434 4016 C:\Windows\System32\mlang.dll - ok

15:42:26.0434 4016 [ 3054BAF0DFC7D5575D1789A75D914BBB ] C:\Windows\System32\en-US\consent.exe.mui

15:42:26.0434 4016 C:\Windows\System32\en-US\consent.exe.mui - ok

15:42:26.0449 4016 [ 43804516E0A84BEDE6A430869F48CDA5 ] C:\Program Files\TOSHIBA\PCDiag\NotifyPCD.dll

15:42:26.0449 4016 C:\Program Files\TOSHIBA\PCDiag\NotifyPCD.dll - ok

15:42:26.0465 4016 [ CD8E2AC80404403F63467643D2F4BCBF ] C:\Windows\System32\en-US\crypt32.dll.mui

15:42:26.0465 4016 C:\Windows\System32\en-US\crypt32.dll.mui - ok

15:42:26.0465 4016 [ 2B2C711D49E745113FA682D72A3EFA8F ] C:\Program Files\TOSHIBA\ConfigFree\CFNotify.dll

15:42:26.0465 4016 C:\Program Files\TOSHIBA\ConfigFree\CFNotify.dll - ok

15:42:26.0480 4016 [ 5704351536FDEACEBC4291D570826F17 ] C:\Windows\System32\en-US\imageres.dll.mui

15:42:26.0480 4016 C:\Windows\System32\en-US\imageres.dll.mui - ok

15:42:26.0496 4016 [ C2D6A4475B87651D5909E364439FDA52 ] C:\Windows\System32\FXSST.dll

15:42:26.0496 4016 C:\Windows\System32\FXSST.dll - ok

15:42:26.0496 4016 [ 970655FC35AFCE065761C0E49ADCD69E ] C:\Program Files\TOSHIBA\SmoothView\NotifyTZU.dll

15:42:26.0496 4016 C:\Program Files\TOSHIBA\SmoothView\NotifyTZU.dll - ok

15:42:26.0512 4016 [ EFE3A0EAFFE4A11C8EEEEB84D5A79936 ] C:\Windows\System32\en-US\authui.dll.mui

15:42:26.0512 4016 C:\Windows\System32\en-US\authui.dll.mui - ok

15:42:26.0527 4016 [ FAAAF481CC851CE9A1A35D53BD8163DB ] C:\Program Files\TOSHIBA\TOSHIBA Disc Creator\NotifyTDC.dll

15:42:26.0527 4016 C:\Program Files\TOSHIBA\TOSHIBA Disc Creator\NotifyTDC.dll - ok

15:42:26.0527 4016 [ 942E57152F1CD0533644AB30EF1A4728 ] C:\Windows\System32\FXSAPI.dll

15:42:26.0527 4016 C:\Windows\System32\FXSAPI.dll - ok

15:42:26.0543 4016 [ EB19E5CE71B9410FA81E3672AF2F8146 ] C:\Program Files\TOSHIBA\Utilities\NotifyX.dll

15:42:26.0543 4016 C:\Program Files\TOSHIBA\Utilities\NotifyX.dll - ok

15:42:26.0543 4016 [ 3BFAA4560430DC2B1B86E7EAD4A63F91 ] C:\Windows\System32\en-US\setupapi.dll.mui

15:42:26.0543 4016 C:\Windows\System32\en-US\setupapi.dll.mui - ok

15:42:26.0558 4016 [ BC0EA61246F8D940FBC5F652D337D6BD ] C:\Program Files\iPod\bin\iPodService.exe

15:42:26.0558 4016 C:\Program Files\iPod\bin\iPodService.exe - ok

15:42:26.0574 4016 [ CD5A94572650CB80E05D52F9617A0D1B ] C:\Windows\System32\en-US\wdmaud.drv.mui

15:42:26.0574 4016 C:\Windows\System32\en-US\wdmaud.drv.mui - ok

15:42:26.0574 4016 [ 2D11BC8B460957E62E4420373A0D8BDA ] C:\Windows\System32\imapi2.dll

15:42:26.0574 4016 C:\Windows\System32\imapi2.dll - ok

15:42:26.0590 4016 [ E0AD091B785EB541370660B0C3A4DCC4 ] C:\Windows\System32\en-US\MMDevAPI.dll.mui

15:42:26.0590 4016 C:\Windows\System32\en-US\MMDevAPI.dll.mui - ok

15:42:26.0605 4016 [ 967EA5B213E9984CBE270205DF37755B ] C:\Windows\System32\FXSSVC.exe

15:42:26.0605 4016 C:\Windows\System32\FXSSVC.exe - ok

15:42:26.0605 4016 [ 240DBC4B5E382CA2F63A2562062E9A08 ] C:\Program Files\iPod\bin\iPodService.Resources\iPodService.dll

15:42:26.0605 4016 C:\Program Files\iPod\bin\iPodService.Resources\iPodService.dll - ok

15:42:26.0621 4016 [ FC509EAAC8CFA34A961BB84147D66076 ] C:\Program Files\iPod\bin\iPodService.Resources\en.lproj\iPodServiceLocalized.dll

15:42:26.0621 4016 C:\Program Files\iPod\bin\iPodService.Resources\en.lproj\iPodServiceLocalized.dll - ok

15:42:26.0636 4016 [ C7952D0A4C43A965A1741916BB134751 ] C:\Windows\System32\hgcpl.dll

15:42:26.0636 4016 C:\Windows\System32\hgcpl.dll - ok

15:42:26.0636 4016 [ C02AA67276FEE0C15CC4D6D616BDE95E ] C:\Windows\System32\WWanAPI.dll

15:42:26.0636 4016 C:\Windows\System32\WWanAPI.dll - ok

15:42:26.0652 4016 [ F2ED6D00921CA138289E5E0CCB9ABF87 ] C:\Windows\System32\wwapi.dll

15:42:26.0652 4016 C:\Windows\System32\wwapi.dll - ok

15:42:26.0652 4016 [ 02530B0B7E048DD5AC8D52DAEACAEB2B ] C:\Windows\System32\QAGENT.DLL

15:42:26.0652 4016 C:\Windows\System32\QAGENT.DLL - ok

15:42:26.0668 4016 [ E3D5E244807AD655787FCD25477CC1BC ] C:\Windows\System32\bthprops.cpl

15:42:26.0668 4016 C:\Windows\System32\bthprops.cpl - ok

15:42:26.0683 4016 [ 1F8A319D29394F9CE1B7AE020DF2EBBF ] C:\Program Files\TOSHIBA\ConfigFree\CFIWmxSvcs.exe

15:42:26.0683 4016 C:\Program Files\TOSHIBA\ConfigFree\CFIWmxSvcs.exe - ok

15:42:26.0699 4016 [ C5A75EB48E2344ABDC162BDA79E16841 ] C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe

15:42:26.0699 4016 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe - ok

15:42:26.0699 4016 [ F7FDD963EC0DB59437CA637475110D33 ] C:\Windows\Microsoft.NET\assembly\GAC_MSIL\System.Data.Services.Client\v4.0_4.0.0.0__b77a5c561934e089\System.Data.Services.Client.dll

15:42:26.0699 4016 C:\Windows\Microsoft.NET\assembly\GAC_MSIL\System.Data.Services.Client\v4.0_4.0.0.0__b77a5c561934e089\System.Data.Services.Client.dll - ok

15:42:26.0714 4016 [ E5F7C30EDF0892667933BE879F067D67 ] C:\Windows\System32\msvcr100_clr0400.dll

15:42:26.0714 4016 C:\Windows\System32\msvcr100_clr0400.dll - ok

15:42:26.0730 4016 [ CAB0EEAF5295FC96DDD3E19DCE27E131 ] C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe

15:42:26.0730 4016 C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe - ok

15:42:26.0730 4016 [ DE6F4B7E62FDE776F3DE8E5FB5A05C48 ] C:\Windows\System32\fdWSD.dll

15:42:26.0730 4016 C:\Windows\System32\fdWSD.dll - ok

15:42:26.0746 4016 [ 674611721264013DB169EC12AFC9C3B6 ] C:\Windows\System32\fdSSDP.dll

15:42:26.0746 4016 C:\Windows\System32\fdSSDP.dll - ok

15:42:26.0761 4016 [ 3FF0FA0A81910617739644A06D06D016 ] C:\Windows\System32\fdProxy.dll

15:42:26.0761 4016 C:\Windows\System32\fdProxy.dll - ok

15:42:26.0761 4016 [ 3A11396EAC2414012155AB14E5C1E332 ] C:\Windows\System32\sppwinob.dll

15:42:26.0761 4016 C:\Windows\System32\sppwinob.dll - ok

15:42:26.0777 4016 [ D16D818E9930A6E5B4F6476DD0998D1A ] C:\Windows\System32\drivers\spsys.sys

15:42:26.0777 4016 C:\Windows\System32\drivers\spsys.sys - ok

15:42:26.0792 4016 [ 5CF15474FFDB5005E54958DF6EDD97AB ] C:\Windows\System32\wmdrmdev.dll

15:42:26.0792 4016 C:\Windows\System32\wmdrmdev.dll - ok

15:42:26.0792 4016 [ 47D052D9EE1FD3BA2A55D13F61E3EF24 ] C:\Windows\System32\drmv2clt.dll

15:42:26.0792 4016 C:\Windows\System32\drmv2clt.dll - ok

15:42:26.0808 4016 [ 387A8A473ECC5BA02CF453277C1F3274 ] C:\Windows\System32\mspatcha.dll

15:42:26.0808 4016 C:\Windows\System32\mspatcha.dll - ok

15:42:26.0824 4016 [ FFC76D883A4B2296823F28A16FA2AD5C ] C:\ProgramData\Microsoft\Windows\DRM\Cache\Indiv_SID_S-1-5-20\Indiv01.key

15:42:26.0824 4016 C:\ProgramData\Microsoft\Windows\DRM\Cache\Indiv_SID_S-1-5-20\Indiv01.key - ok

15:42:26.0824 4016 [ 1A617835452EEE5060976C9B9F5FE635 ] C:\Windows\System32\wuapi.dll

15:42:26.0824 4016 C:\Windows\System32\wuapi.dll - ok

15:42:26.0839 4016 [ 3458EDA96E30FBD0477A2800D3FB1909 ] C:\Windows\System32\wups.dll

15:42:26.0839 4016 C:\Windows\System32\wups.dll - ok

15:42:26.0855 4016 [ 62CBF36E3E10BAA74224BC7A6DD998B5 ] C:\Program Files\Internet Explorer\ieproxy.dll

15:42:26.0855 4016 C:\Program Files\Internet Explorer\ieproxy.dll - ok

15:42:26.0855 4016 [ 3F2B83695E5BF11930C16AF50E991F96 ] C:\Windows\System32\wmpps.dll

15:42:26.0855 4016 C:\Windows\System32\wmpps.dll - ok

15:42:26.0870 4016 [ 7B97346CE563B74BBCC120FC83E5A6D9 ] C:\Windows\System32\wmpmde.dll

15:42:26.0870 4016 C:\Windows\System32\wmpmde.dll - ok

15:42:26.0870 4016 [ 81C0FA250EF6DC1C6B3FA2BCE81D6C2E ] C:\Windows\System32\WinSATAPI.dll

15:42:26.0870 4016 C:\Windows\System32\WinSATAPI.dll - ok

15:42:26.0886 4016 [ CBBD4D79EEC3EF5A4ADAE9697944C6B9 ] C:\Windows\System32\MSMPEG2ENC.DLL

15:42:26.0886 4016 C:\Windows\System32\MSMPEG2ENC.DLL - ok

15:42:26.0902 4016 [ 5BB8C06EB5EA4BA22EE8A678F2D79B25 ] C:\Windows\System32\devenum.dll

15:42:26.0902 4016 C:\Windows\System32\devenum.dll - ok

15:42:26.0902 4016 [ 7069AAB8536F29ED7323140973A2894B ] C:\Windows\System32\msdmo.dll

15:42:26.0902 4016 C:\Windows\System32\msdmo.dll - ok

15:42:26.0917 4016 [ BDC0C99E472176C8C2C853A68ADC5073 ] C:\Windows\System32\wups2.dll

15:42:26.0917 4016 C:\Windows\System32\wups2.dll - ok

15:42:26.0933 4016 [ 421D9645B72CD341ECDBB0FCE06C97DE ] C:\Windows\System32\sppobjs.dll

15:42:26.0933 4016 C:\Windows\System32\sppobjs.dll - ok

15:42:26.0933 4016 [ 6B63EA7979F501C37FC55A26CA162ACD ] C:\Windows\System32\en-US\user32.dll.mui

15:42:26.0933 4016 C:\Windows\System32\en-US\user32.dll.mui - ok

15:42:26.0948 4016 [ C6B0509AA89F656247694E2D6ABF7255 ] C:\Windows\System32\wbem\wmiprov.dll

15:42:26.0948 4016 C:\Windows\System32\wbem\wmiprov.dll - ok

15:42:26.0964 4016 [ C5413BC4F10CEB4C3070BBF04D324117 ] C:\Windows\System32\msisip.dll

15:42:26.0964 4016 C:\Windows\System32\msisip.dll - ok

15:42:26.0964 4016 [ B80A1F17650DDB99B2214D0EA9590B36 ] C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeExtractFiles.dll

15:42:26.0964 4016 C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeExtractFiles.dll - ok

15:42:26.0980 4016 [ 43104328E99680FCF282E71CC45CB5D2 ] C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml\25e672ea505e50ab058258ac72a54f02\System.Xml.ni.dll

15:42:26.0980 4016 C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml\25e672ea505e50ab058258ac72a54f02\System.Xml.ni.dll - ok

15:42:26.0995 4016 [ 7221E380FB8BFCF0160B9D4E704E7E77 ] C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\c64ca3678261c8ffcd9e7efd1af6ed54\System.Configuration.ni.dll

15:42:26.0995 4016 C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\c64ca3678261c8ffcd9e7efd1af6ed54\System.Configuration.ni.dll - ok

15:42:26.0995 4016 [ 539C49CEBB3C50957AC8A09D95ECD880 ] C:\Windows\System32\shfolder.dll

15:42:26.0995 4016 C:\Windows\System32\shfolder.dll - ok

15:42:27.0011 4016 [ 6C52313AA302C80110D7B55CC84BBE6B ] C:\Windows\Microsoft.NET\Framework\v2.0.50727\dw20.exe

15:42:27.0011 4016 C:\Windows\Microsoft.NET\Framework\v2.0.50727\dw20.exe - ok

15:42:27.0026 4016 [ BB3C7E48088D37417EB37F1A9E3D2449 ] C:\Windows\System32\werui.dll

15:42:27.0026 4016 C:\Windows\System32\werui.dll - ok

15:42:27.0026 4016 [ 4F6E72B34ED3DC53DCC5E8708E60B61F ] C:\Windows\System32\security.dll

15:42:27.0026 4016 C:\Windows\System32\security.dll - ok

15:42:27.0042 4016 [ 72910F1DEB838E6E08A9017BFB7D4F0B ] C:\Windows\System32\browcli.dll

15:42:27.0042 4016 C:\Windows\System32\browcli.dll - ok

15:42:27.0058 4016 [ A42E7748BE906434C5FD17161D168C20 ] C:\Windows\System32\schedcli.dll

15:42:27.0058 4016 C:\Windows\System32\schedcli.dll - ok

15:42:27.0058 4016 [ 43BE3B9CA431F88E049928DC45C4365C ] C:\Windows\System32\wbem\wmipcima.dll

15:42:27.0058 4016 C:\Windows\System32\wbem\wmipcima.dll - ok

15:42:27.0073 4016 [ 19F75D71E4256F5113D64CE2BB66B838 ] C:\Windows\System32\slwga.dll

15:42:27.0073 4016 C:\Windows\System32\slwga.dll - ok

15:42:27.0089 4016 [ 8E4B58E12B3FA65ED1462846906E0B59 ] C:\Windows\System32\sppc.dll

15:42:27.0089 4016 C:\Windows\System32\sppc.dll - ok

15:42:27.0089 4016 [ 4FE6AA4422BEC5DC3995051C670FFB26 ] C:\Windows\System32\advpack.dll

15:42:27.0089 4016 C:\Windows\System32\advpack.dll - ok

15:42:27.0104 4016 [ 5B3D1C528CD6674FF6BD1F6720F5A686 ] C:\Windows\winsxs\x86_microsoft-windows-servicingstack_31bf3856ad364e35_6.1.7601.17592_none_0b0e4b4025cf4049\CbsCore.dll

15:42:27.0104 4016 C:\Windows\winsxs\x86_microsoft-windows-servicingstack_31bf3856ad364e35_6.1.7601.17592_none_0b0e4b4025cf4049\CbsCore.dll - ok

15:42:27.0104 4016 [ A36E64D0703C7CB9724C102CA89488D4 ] C:\Windows\servicing\CbsMsg.dll

15:42:27.0104 4016 C:\Windows\servicing\CbsMsg.dll - ok

15:42:27.0120 4016 [ 0C0DF0F05BAEA320FA301F34E256E08B ] C:\Windows\System32\dpx.dll

15:42:27.0120 4016 C:\Windows\System32\dpx.dll - ok

15:42:27.0136 4016 [ 8896EF6DEBA34C5507A488729A1D3AF2 ] C:\Windows\winsxs\x86_microsoft-windows-servicingstack_31bf3856ad364e35_6.1.7601.17592_none_0b0e4b4025cf4049\wcp.dll

15:42:27.0136 4016 C:\Windows\winsxs\x86_microsoft-windows-servicingstack_31bf3856ad364e35_6.1.7601.17592_none_0b0e4b4025cf4049\wcp.dll - ok

15:42:27.0136 4016 [ 4CCF86AAD1B67168FB51A477307EC288 ] C:\Windows\winsxs\x86_microsoft-windows-servicingstack_31bf3856ad364e35_6.1.7601.17592_none_0b0e4b4025cf4049\DrUpdate.dll

15:42:27.0136 4016 C:\Windows\winsxs\x86_microsoft-windows-servicingstack_31bf3856ad364e35_6.1.7601.17592_none_0b0e4b4025cf4049\DrUpdate.dll - ok

15:42:27.0151 4016 [ AA376FE53D239EC404AD28AA14F33564 ] C:\Windows\System32\srclient.dll

15:42:27.0151 4016 C:\Windows\System32\srclient.dll - ok

15:42:27.0167 4016 [ 971A36C4827AD1AE2A54E6407478921A ] C:\Windows\System32\spp.dll

15:42:27.0167 4016 C:\Windows\System32\spp.dll - ok

15:42:27.0167 4016 [ C9B89E87CB6D87FA4CC3F04EBC9F3D1C ] C:\Windows\winsxs\x86_microsoft-windows-servicingstack_31bf3856ad364e35_6.1.7601.17592_none_0b0e4b4025cf4049\wrpint.dll

15:42:27.0167 4016 C:\Windows\winsxs\x86_microsoft-windows-servicingstack_31bf3856ad364e35_6.1.7601.17592_none_0b0e4b4025cf4049\wrpint.dll - ok

15:42:27.0182 4016 [ BBED6A14692C48279F88B3127206A1BA ] C:\Windows\System32\sxsstore.dll

15:42:27.0182 4016 C:\Windows\System32\sxsstore.dll - ok

15:42:27.0198 4016 [ 665748B8F1770EFE09AC75D8EC020100 ] C:\Windows\servicing\CbsApi.dll

15:42:27.0198 4016 C:\Windows\servicing\CbsApi.dll - ok

15:42:27.0198 4016 [ 51138BEEA3E2C21EC44D0932C71762A8 ] C:\Windows\System32\rundll32.exe

15:42:27.0198 4016 C:\Windows\System32\rundll32.exe - ok

15:42:27.0214 4016 [ 7B46A076184B73AEDC1A66A71D9131E8 ] C:\Windows\Microsoft.NET\Framework\v2.0.50727\diasymreader.dll

15:42:27.0214 4016 C:\Windows\Microsoft.NET\Framework\v2.0.50727\diasymreader.dll - ok

15:42:27.0214 4016 [ 96C70BD48D49B87475F4572DEDC62EB9 ] C:\Windows\AppPatch\AcLayers.dll

15:42:27.0229 4016 C:\Windows\AppPatch\AcLayers.dll - ok

15:42:27.0229 4016 [ 1869BD251211FB6275067372A45682D6 ] C:\Windows\System32\werconcpl.dll

15:42:27.0229 4016 C:\Windows\System32\werconcpl.dll - ok

15:42:27.0245 4016 [ 2E0B0A051FFAA86E358465BB0880D453 ] C:\Windows\System32\wuauclt.exe

15:42:27.0245 4016 C:\Windows\System32\wuauclt.exe - ok

15:42:27.0245 4016 [ B39B8CC163C41B12FE83E777199F3378 ] C:\Windows\System32\tzres.dll

15:42:27.0245 4016 C:\Windows\System32\tzres.dll - ok

15:42:27.0260 4016 [ 90FB1802D488FFA9029854A77D4F3F27 ] C:\Windows\System32\oleaccrc.dll

15:42:27.0260 4016 C:\Windows\System32\oleaccrc.dll - ok

15:42:27.0276 4016 [ C6B8ED908E7A7123A73053A3B5F773E9 ] C:\Windows\System32\en-US\wucltux.dll.mui

15:42:27.0276 4016 C:\Windows\System32\en-US\wucltux.dll.mui - ok

15:42:27.0276 4016 [ 67C1DA40D78C92622081A3E780C926B2 ] C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSmartSrv.exe

15:42:27.0276 4016 C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSmartSrv.exe - ok

15:42:27.0292 4016 [ 89F4D0DD6606A2FE15931E6888DBBC8D ] C:\Windows\System32\stdole2.tlb

15:42:27.0292 4016 C:\Windows\System32\stdole2.tlb - ok

15:42:27.0307 4016 [ AB14127CC9D97CBB60F87DE6116FE30A ] C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosReg.dll

15:42:27.0307 4016 C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosReg.dll - ok

15:42:27.0307 4016 [ 19078AF6C597283C207D600D0467FFA0 ] C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSENotify.exe

15:42:27.0307 4016 C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSENotify.exe - ok

15:42:27.0323 4016 [ 116B0BCDD93A52B37CAEB0C478A89542 ] C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\en-US\tossenotify.exe.mui

15:42:27.0323 4016 C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\en-US\tossenotify.exe.mui - ok

15:42:27.0338 4016 [ 2C8B811E17B0C72A7FFD5B8CBDCC9535 ] C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosIPCWraper.dll

15:42:27.0338 4016 C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosIPCWraper.dll - ok

15:42:27.0338 4016 [ 8C56E9074F2586411A850738EDC865B7 ] C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TReport.dll

15:42:27.0338 4016 C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TReport.dll - ok

15:42:27.0354 4016 [ FA97AD1885871C3184427138B7C1DD41 ] C:\Program Files\Alwil Software\Avast5\snxhk.dll

15:42:27.0354 4016 C:\Program Files\Alwil Software\Avast5\snxhk.dll - ok

15:42:27.0370 4016 [ D561FDB401B689A11BE0FB678B097BE8 ] C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSmart.dll

15:42:27.0370 4016 C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSmart.dll - ok

15:42:27.0370 4016 [ 7E5EEECD068A1508C3CE5D83BF5C50E0 ] C:\Windows\System32\dskquota.dll

15:42:27.0370 4016 C:\Windows\System32\dskquota.dll - ok

15:42:27.0385 4016 [ F175E53C7C3B25A9029A131FB578B155 ] C:\Windows\System32\wscinterop.dll

15:42:27.0385 4016 C:\Windows\System32\wscinterop.dll - ok

15:42:27.0385 4016 [ 7FD5532C142DB6C9CC47AA4DCF71FDEC ] C:\Windows\System32\wscui.cpl

15:42:27.0385 4016 C:\Windows\System32\wscui.cpl - ok

15:42:27.0401 4016 [ 57CE9D8350B1DD76EEC596C423C3C0BC ] C:\Windows\System32\hcproviders.dll

15:42:27.0401 4016 C:\Windows\System32\hcproviders.dll - ok

15:42:27.0416 4016 [ 52799EAD792B0E9AE7FD4BA5BD18FE5C ] C:\Windows\System32\wbem\WMIADAP.exe

15:42:27.0416 4016 C:\Windows\System32\wbem\WMIADAP.exe - ok

15:42:27.0416 4016 [ 529879612A7FAE235914E3AA6A9A669C ] C:\Windows\System32\loadperf.dll

15:42:27.0416 4016 C:\Windows\System32\loadperf.dll - ok

15:42:27.0432 4016 [ 5EFDBEAECD69E250E5BA4A2950203CD4 ] C:\Windows\System32\sdclt.exe

15:42:27.0432 4016 C:\Windows\System32\sdclt.exe - ok

15:42:27.0448 4016 [ 3CC04CB09FAFAD87942437FDDEE11EE3 ] C:\Windows\System32\ReAgent.dll

15:42:27.0448 4016 C:\Windows\System32\ReAgent.dll - ok

15:42:27.0448 4016 [ 3B28814B74E898750A139FA4CBDFDCF7 ] C:\Windows\System32\sdengin2.dll

15:42:27.0448 4016 C:\Windows\System32\sdengin2.dll - ok

15:42:27.0463 4016 [ 9BF7BDBD1EC69D44EA8D9BE222FC93BB ] C:\Windows\System32\sxshared.dll

15:42:27.0463 4016 C:\Windows\System32\sxshared.dll - ok

15:42:27.0479 4016 [ FBC18BEE67E9179F02E7894EB548F18D ] C:\Windows\System32\en-US\svchost.exe.mui

15:42:27.0479 4016 C:\Windows\System32\en-US\svchost.exe.mui - ok

15:42:27.0494 4016 [ DD7596A0BC60AFFCCEB07E64F876FB59 ] C:\Windows\System32\sxproxy.dll

15:42:27.0494 4016 C:\Windows\System32\sxproxy.dll - ok

15:42:27.0494 4016 [ 53DA0477158774940C7FB45AC70645AA ] C:\Windows\System32\clb.dll

15:42:27.0494 4016 C:\Windows\System32\clb.dll - ok

15:42:27.0510 4016 [ F1E9A22C1D4F5D3AC7BA555D4E95329C ] C:\Windows\System32\sud.dll

15:42:27.0510 4016 C:\Windows\System32\sud.dll - ok

15:42:27.0510 4016 [ 737AFC772243C75E6AD17A7A8E8E23F9 ] C:\Windows\System32\fms.dll

15:42:27.0510 4016 C:\Windows\System32\fms.dll - ok

15:42:27.0526 4016 [ 33B0A618BA5F44E67757C561D0A935C1 ] C:\Windows\System32\WFS.exe

15:42:27.0526 4016 C:\Windows\System32\WFS.exe - ok

15:42:27.0541 4016 [ E49EF627A75C0BAD02180C97AC527C33 ] C:\Windows\System32\WFSR.dll

15:42:27.0541 4016 C:\Windows\System32\WFSR.dll - ok

15:42:27.0541 4016 [ F6C262D0278BAA06217949639A6392C6 ] C:\Windows\System32\batt.dll

15:42:27.0541 4016 C:\Windows\System32\batt.dll - ok

15:42:27.0557 4016 [ 079D12BFED9E3E03D02A44BAF8FFA3A9 ] C:\Windows\System32\desk.cpl

15:42:27.0557 4016 C:\Windows\System32\desk.cpl - ok

15:42:27.0557 4016 [ 2E2C17DF779AD51A7209754685B010A1 ] C:\Windows\System32\apss.dll

15:42:27.0557 4016 C:\Windows\System32\apss.dll - ok

15:42:27.0572 4016 [ F93C84B307573327779AE0DA41115957 ] C:\Windows\System32\ulib.dll

15:42:27.0572 4016 C:\Windows\System32\ulib.dll - ok

15:42:27.0588 4016 [ BA2B249CD7C8CE15E1A8D69ECAEE5FA3 ] C:\Windows\System32\main.cpl

15:42:27.0588 4016 C:\Windows\System32\main.cpl - ok

15:42:27.0588 4016 [ 7D44EE5DBCC3A6E90EB60EDF72B66D99 ] C:\Windows\System32\apds.dll

15:42:27.0588 4016 C:\Windows\System32\apds.dll - ok

15:42:27.0604 4016 [ 64615069F13DA2F0876E72200F40C97D ] C:\Windows\System32\sccls.dll

15:42:27.0604 4016 C:\Windows\System32\sccls.dll - ok

15:42:27.0619 4016 [ 987323F0247D023AD1AE52195540ECE0 ] C:\Windows\System32\mssvp.dll

15:42:27.0619 4016 C:\Windows\System32\mssvp.dll - ok

15:42:27.0619 4016 [ 583B799BB61EAFA6F19E74D35AD5D731 ] C:\Windows\System32\bthci.dll

15:42:27.0619 4016 C:\Windows\System32\bthci.dll - ok

15:42:27.0635 4016 [ 63B282FB2550893724647A359BA2323F ] C:\Windows\System32\Query.dll

15:42:27.0635 4016 C:\Windows\System32\Query.dll - ok

15:42:27.0635 4016 [ 2572E1F0254E2267E97DE1B15D099EC4 ] C:\Windows\System32\d3d10.dll

15:42:27.0635 4016 C:\Windows\System32\d3d10.dll - ok

15:42:27.0650 4016 [ C9708C9F3DBA3DBFB1D2FEE1E9DABAD0 ] C:\Windows\System32\twext.dll

15:42:27.0650 4016 C:\Windows\System32\twext.dll - ok

15:42:27.0666 4016 [ DAB5808E0C26740577AE67878A87136E ] C:\Windows\System32\aclui.dll

15:42:27.0666 4016 C:\Windows\System32\aclui.dll - ok

15:42:27.0666 4016 [ EB7B4563D6D20FC663F15FE8581D0BF2 ] C:\Windows\System32\dmocx.dll

15:42:27.0666 4016 C:\Windows\System32\dmocx.dll - ok

15:42:27.0682 4016 [ 53E054880ADBB856ECE6EB10EDBB8A32 ] C:\Windows\System32\mmsys.cpl

15:42:27.0682 4016 C:\Windows\System32\mmsys.cpl - ok

15:42:27.0697 4016 [ DB67C7C62038BDE813CB6486581A7611 ] C:\Windows\System32\mssph.dll

15:42:27.0697 4016 C:\Windows\System32\mssph.dll - ok

15:42:27.0697 4016 [ 069385484EA57B663D688894C88975C5 ] C:\Windows\System32\wuapp.exe

15:42:27.0697 4016 C:\Windows\System32\wuapp.exe - ok

15:42:27.0713 4016 [ 061CBB1058A10C0875D18CAFF835AE97 ] C:\Windows\System32\mshta.exe

15:42:27.0713 4016 C:\Windows\System32\mshta.exe - ok

15:42:27.0713 4016 [ E8F6851E4600CD3674422487EE240941 ] C:\Windows\System32\wshext.dll

15:42:27.0713 4016 C:\Windows\System32\wshext.dll - ok

15:42:27.0728 4016 [ 02A2ED8497F437EA200DF3ACED255AFE ] C:\Windows\System32\elslad.dll

15:42:27.0728 4016 C:\Windows\System32\elslad.dll - ok

15:42:27.0744 4016 [ C555046481601ED19920F2D3E76B8A36 ] C:\Windows\System32\tsgqec.dll

15:42:27.0744 4016 C:\Windows\System32\tsgqec.dll - ok

15:42:27.0760 4016 [ C9905EA4C326DAB778B9297BA5BD1889 ] C:\Windows\System32\wermgr.exe

15:42:27.0760 4016 C:\Windows\System32\wermgr.exe - ok

15:42:27.0775 4016 [ A6154A954F08E99D27CEA4D3B9563172 ] C:\Windows\System32\newdev.dll

15:42:27.0775 4016 C:\Windows\System32\newdev.dll - ok

15:42:27.0775 4016 [ 07F649CD36F266BBE33B814FA678AA43 ] C:\Windows\System32\mshtml.dll

15:42:27.0775 4016 C:\Windows\System32\mshtml.dll - ok

15:42:27.0791 4016 [ 24CAEDCD73B5B0E22226283B7B2468C7 ] C:\Windows\System32\mfc42u.dll

15:42:27.0791 4016 C:\Windows\System32\mfc42u.dll - ok

15:42:27.0806 4016 [ 4627D4C6D3BB999B123793C3A2709F86 ] C:\Windows\System32\dispci.dll

15:42:27.0806 4016 C:\Windows\System32\dispci.dll - ok

15:42:27.0806 4016 [ 297848A1D7D03A5735CEDF91F82ACFAB ] C:\Windows\System32\wpd_ci.dll

15:42:27.0806 4016 C:\Windows\System32\wpd_ci.dll - ok

15:42:27.0822 4016 [ F5F9CB23EDBF2C77AAE5A2A2FC4FC333 ] C:\Windows\System32\devmgr.dll

15:42:27.0822 4016 C:\Windows\System32\devmgr.dll - ok

15:42:27.0838 4016 [ CFD8B8537036CF35F6254192997A4D8E ] C:\Windows\System32\shgina.dll

15:42:27.0838 4016 C:\Windows\System32\shgina.dll - ok

15:42:27.0838 4016 [ 9FA14FFC9150B48C5D582DCF6A79D6F2 ] C:\Windows\System32\EAPQEC.DLL

15:42:27.0838 4016 C:\Windows\System32\EAPQEC.DLL - ok

15:42:27.0853 4016 [ 7AA994D0757EF3FDB4F3F7656E1E4D60 ] C:\Windows\System32\dfscli.dll

15:42:27.0853 4016 C:\Windows\System32\dfscli.dll - ok

15:42:27.0869 4016 [ 2607A85B6466C0110EA8ABB9D8CC83FC ] C:\Windows\System32\regapi.dll

15:42:27.0869 4016 C:\Windows\System32\regapi.dll - ok

15:42:27.0869 4016 [ 7D34AF98A706230CC2DEDFE0CABF87AB ] C:\Windows\System32\odbc32.dll

15:42:27.0869 4016 C:\Windows\System32\odbc32.dll - ok

15:42:27.0884 4016 [ 57A51217581614DE07F30E34D6BB4993 ] C:\Windows\System32\cscdll.dll

15:42:27.0884 4016 C:\Windows\System32\cscdll.dll - ok

15:42:27.0884 4016 [ 8BC9DB92C4B2F3BE89185BEAB2AFC1F6 ] C:\Windows\System32\mapi32.dll

15:42:27.0884 4016 C:\Windows\System32\mapi32.dll - ok

15:42:27.0900 4016 [ 1D1EAA16D193C6A2D45981ED3914D22A ] C:\Windows\System32\msimtf.dll

15:42:27.0900 4016 C:\Windows\System32\msimtf.dll - ok

15:42:27.0916 4016 [ 20A20A911CD79A6F6839167149A05668 ] C:\Windows\System32\syncui.dll

15:42:27.0916 4016 C:\Windows\System32\syncui.dll - ok

15:42:27.0916 4016 [ 843ED534E2F15F733F4A468FD9CF0CD1 ] C:\Windows\System32\sti_ci.dll

15:42:27.0916 4016 C:\Windows\System32\sti_ci.dll - ok

15:42:27.0931 4016 [ 68563AC389F92EE79F1C714288BA1DCE ] C:\Windows\System32\imgutil.dll

15:42:27.0931 4016 C:\Windows\System32\imgutil.dll - ok

15:42:27.0947 4016 [ 83EDF12A090F0B66CDC9F7390A701521 ] C:\Windows\System32\fontsub.dll

15:42:27.0947 4016 C:\Windows\System32\fontsub.dll - ok

15:42:27.0947 4016 [ A4B5A34EE451B5C501D5C90633D89BB0 ] C:\Windows\System32\McxDriv.dll

15:42:27.0947 4016 C:\Windows\System32\McxDriv.dll - ok

15:42:27.0962 4016 [ 3E158EB9DC295CA3EF8D1F1EF57ABEDD ] C:\Windows\System32\DiagCpl.dll

15:42:27.0962 4016 C:\Windows\System32\DiagCpl.dll - ok

15:42:27.0978 4016 [ 0A866897039E42DF8080BE5DD83BC8E0 ] C:\Windows\System32\jscript.dll

15:42:27.0978 4016 C:\Windows\System32\jscript.dll - ok

15:42:27.0978 4016 [ 00D7AB9A8E5C9A84CFCA19AD9E583E6F ] C:\Windows\System32\mmcbase.dll

15:42:27.0978 4016 C:\Windows\System32\mmcbase.dll - ok

15:42:27.0994 4016 [ D23E615E0969AECC1134E372B0B295D1 ] C:\Windows\System32\synceng.dll

15:42:27.0994 4016 C:\Windows\System32\synceng.dll - ok

15:42:28.0009 4016 [ 14558D849EC14160AC3DACD8AC36E10A ] C:\Windows\System32\Display.dll

15:42:28.0009 4016 C:\Windows\System32\Display.dll - ok

15:42:28.0025 4016 [ EEE470F2A771FC0B543BDEEF74FCECA0 ] C:\Windows\System32\msiexec.exe

15:42:28.0025 4016 C:\Windows\System32\msiexec.exe - ok

15:42:28.0025 4016 [ 2765B91A9EE086C20B451E80D2709CC9 ] C:\Windows\System32\DHCPQEC.DLL

15:42:28.0025 4016 C:\Windows\System32\DHCPQEC.DLL - ok

15:42:28.0040 4016 [ 51F5CC1E7DA3D9C664C2D0D61F315E06 ] C:\Windows\System32\adsldpc.dll

15:42:28.0040 4016 C:\Windows\System32\adsldpc.dll - ok

15:42:28.0040 4016 [ 77B1471A490B53B24EFE136F09F76550 ] C:\Windows\System32\d3d8thk.dll

15:42:28.0040 4016 C:\Windows\System32\d3d8thk.dll - ok

15:42:28.0056 4016 [ 04A8B2F67825380BC0C7C46D56776133 ] C:\Windows\System32\pngfilt.dll

15:42:28.0056 4016 C:\Windows\System32\pngfilt.dll - ok

15:42:28.0072 4016 [ 69C81451DCE63069A036FBF646A86996 ] C:\Windows\System32\fontext.dll

15:42:28.0072 4016 C:\Windows\System32\fontext.dll - ok

15:42:28.0072 4016 [ A205B7A5D8E4AE6E8DE7B313C7FC3FA4 ] C:\Windows\System32\mdminst.dll

15:42:28.0072 4016 C:\Windows\System32\mdminst.dll - ok

15:42:28.0087 4016 [ 432BE6CF7311062633459EEF6B242FB5 ] C:\Windows\System32\regsvr32.exe

15:42:28.0087 4016 C:\Windows\System32\regsvr32.exe - ok

15:42:28.0103 4016 [ 181F69BC9C406B7FB5C0ADE8031630AC ] C:\Windows\System32\wpdshext.dll

15:42:28.0103 4016 C:\Windows\System32\wpdshext.dll - ok

15:42:28.0103 4016 [ F0FEFB0B5D25A75D478A4317139D937E ] C:\Windows\System32\iedkcs32.dll

15:42:28.0103 4016 C:\Windows\System32\iedkcs32.dll - ok

15:42:28.0118 4016 [ 4071D132E66ACDA3776F1FEAD19E6E01 ] C:\Windows\System32\vbscript.dll

15:42:28.0118 4016 C:\Windows\System32\vbscript.dll - ok

15:42:28.0134 4016 [ 6435B29D2018CFAD173BD50AE8F8D5DD ] C:\Windows\System32\iscsicpl.exe

15:42:28.0134 4016 C:\Windows\System32\iscsicpl.exe - ok

15:42:28.0134 4016 [ CA75367CE419922291A11227E32FBA0C ] C:\Windows\System32\wsecedit.dll

15:42:28.0134 4016 C:\Windows\System32\wsecedit.dll - ok

15:42:28.0150 4016 [ 76B5A48D429D29F69485BD314B9866A6 ] C:\Windows\System32\odbcad32.exe

15:42:28.0150 4016 C:\Windows\System32\odbcad32.exe - ok

15:42:28.0165 4016 [ 3925944734DFC5D2253F3DC5923F797D ] C:\Windows\System32\powercpl.dll

15:42:28.0165 4016 C:\Windows\System32\powercpl.dll - ok

15:42:28.0165 4016 [ A5D237B8673025B052C0E6FDB6A883E8 ] C:\Windows\System32\msshooks.dll

15:42:28.0165 4016 C:\Windows\System32\msshooks.dll - ok

15:42:28.0181 4016 [ 73869A8A7AF77801387A36CF9B9B5886 ] C:\Windows\System32\sysclass.dll

15:42:28.0181 4016 C:\Windows\System32\sysclass.dll - ok

15:42:28.0181 4016 [ 50AF423CC8915B0010F0A96BF78672E9 ] C:\Windows\System32\prncache.dll

15:42:28.0181 4016 C:\Windows\System32\prncache.dll - ok

15:42:28.0196 4016 [ A29E036A5A3B37C7530F3EA1CF385129 ] C:\Windows\System32\lsmproxy.dll

15:42:28.0196 4016 C:\Windows\System32\lsmproxy.dll - ok

15:42:28.0212 4016 [ 547F78746F20901C770E8653B242217C ] C:\Windows\System32\d3d10core.dll

15:42:28.0212 4016 C:\Windows\System32\d3d10core.dll - ok

15:42:28.0212 4016 [ 7717A57C01812C3714BA25B96C36BF39 ] C:\Windows\System32\taskbarcpl.dll

15:42:28.0212 4016 C:\Windows\System32\taskbarcpl.dll - ok

15:42:28.0228 4016 [ E8CB091A918C1C687B087389D9A66B39 ] C:\Windows\System32\SensorsCpl.dll

15:42:28.0228 4016 C:\Windows\System32\SensorsCpl.dll - ok

15:42:28.0243 4016 [ 58D2343C32DF596FB6132B54395DE5DB ] C:\Windows\System32\rdpcorekmts.dll

15:42:28.0243 4016 C:\Windows\System32\rdpcorekmts.dll - ok

15:42:28.0243 4016 [ 6581B52E133CC6D00661C58968C7E212 ] C:\Windows\System32\SearchFolder.dll

15:42:28.0243 4016 C:\Windows\System32\SearchFolder.dll - ok

15:42:28.0259 4016 [ 6F6759407B843B99E0367036632EC798 ] C:\Windows\System32\HelpPaneProxy.dll

15:42:28.0259 4016 C:\Windows\System32\HelpPaneProxy.dll - ok

15:42:28.0259 4016 [ 54DEFF61C4E6AF1581DA2F236154BA4C ] C:\Windows\System32\ActionCenterCPL.dll

15:42:28.0259 4016 C:\Windows\System32\ActionCenterCPL.dll - ok

15:42:28.0274 4016 [ 6A1E8DEB746912DF47CF651E138401D7 ] C:\Windows\System32\StructuredQuery.dll

15:42:28.0274 4016 C:\Windows\System32\StructuredQuery.dll - ok

15:42:28.0290 4016 [ 347AAE83C7C7B787CED89544532AA47D ] C:\Windows\System32\PhotoMetadataHandler.dll

15:42:28.0290 4016 C:\Windows\System32\PhotoMetadataHandler.dll - ok

15:42:28.0306 4016 [ 84897874906481E0B3F4045DAD90D69F ] C:\Windows\System32\FirewallControlPanel.dll

15:42:28.0306 4016 C:\Windows\System32\FirewallControlPanel.dll - ok

15:42:28.0306 4016 [ 29FEA7A6277E775A870682F2F7435F9F ] C:\Windows\System32\AuxiliaryDisplayClassInstaller.dll

15:42:28.0306 4016 C:\Windows\System32\AuxiliaryDisplayClassInstaller.dll - ok

15:42:28.0321 4016 [ 2875B386B45B8A77E2343C5E129AE50C ] C:\Windows\System32\WindowsPowerShell\v1.0\pwrshsip.dll

15:42:28.0321 4016 C:\Windows\System32\WindowsPowerShell\v1.0\pwrshsip.dll - ok

15:42:28.0337 4016 [ EBC984F0CE40E0DAF0454D806EC2A7EC ] C:\Users\Braun\Desktop\tdsskiller.exe

15:42:28.0337 4016 C:\Users\Braun\Desktop\tdsskiller.exe - ok

15:42:28.0337 4016 [ 0CAED8C2A5A594AFC49EDB74D241EC9F ] C:\Windows\System32\en-US\KernelBase.dll.mui

15:42:28.0337 4016 C:\Windows\System32\en-US\KernelBase.dll.mui - ok

15:42:28.0352 4016 [ 338C86357871C167A96AB976519BF59E ] C:\Windows\System32\drivers\atapi.sys

15:42:28.0352 4016 C:\Windows\System32\drivers\atapi.sys - ok

15:42:28.0368 4016 [ 4B55C9F9A93B3BFD01ED7366EB0B9D2E ] C:\Windows\System32\drivers\ataport.sys

15:42:28.0368 4016 C:\Windows\System32\drivers\ataport.sys - ok

15:42:28.0368 4016 [ 9A5B1059FE015DB5269FBB25ACBF841D ] C:\Windows\System32\drivers\wmilib.sys

15:42:28.0368 4016 C:\Windows\System32\drivers\wmilib.sys - ok

15:42:28.0384 4016 [ 60B7C0FEAD45F2066E5B805A91F4F0FC ] C:\Windows\System32\calc.exe

15:42:28.0384 4016 C:\Windows\System32\calc.exe - ok

15:42:28.0384 4016 [ 8EC00CCCBB3436D534FC8DA85FF943BF ] C:\Windows\System32\appwiz.cpl

15:42:28.0384 4016 C:\Windows\System32\appwiz.cpl - ok

15:42:28.0399 4016 [ 1EBE9524683C7C4EED8B8BC93FB6FBCC ] C:\Windows\System32\fltLib.dll

15:42:28.0399 4016 C:\Windows\System32\fltLib.dll - ok

15:42:28.0415 4016 [ 5A8BF4E8810541C23F4067536FB48CA3 ] C:\Windows\System32\vss_ps.dll

15:42:28.0415 4016 C:\Windows\System32\vss_ps.dll - ok

15:42:28.0415 4016 [ A29D734F650F958424743BE3BAA052C8 ] C:\Windows\System32\DWrite.dll

15:42:28.0415 4016 C:\Windows\System32\DWrite.dll - ok

15:42:28.0430 4016 [ 9130377F87A2153FEAB900A00EA1EBFF ] C:\Windows\System32\control.exe

15:42:28.0430 4016 C:\Windows\System32\control.exe - ok

15:42:28.0446 4016 [ 18F02C555FBC9885DF9DB77754D6BB9B ] C:\Windows\System32\findstr.exe

15:42:28.0446 4016 C:\Windows\System32\findstr.exe - ok

15:42:28.0446 4016 [ D378BFFB70923139D6A4F546864AA61C ] C:\Windows\System32\notepad.exe

15:42:28.0446 4016 C:\Windows\System32\notepad.exe - ok

15:42:28.0462 4016 [ 6B140B1382F1FE04BA57B196AEB19725 ] C:\Windows\System32\t2embed.dll

15:42:28.0462 4016 C:\Windows\System32\t2embed.dll - ok

15:42:28.0462 4016 [ 9D6AA2ADD3F704134EE89C1E58BDFD1B ] C:\Windows\System32\xolehlp.dll

15:42:28.0462 4016 C:\Windows\System32\xolehlp.dll - ok

15:42:28.0477 4016 [ 0F416E23DD2EB4DEBE70608020CFD283 ] C:\Windows\System32\WMVCORE.DLL

15:42:28.0477 4016 C:\Windows\System32\WMVCORE.DLL - ok

15:42:28.0493 4016 [ 88C170086371CC5716010AF223F6F780 ] C:\Windows\System32\virtdisk.dll

15:42:28.0493 4016 C:\Windows\System32\virtdisk.dll - ok

15:42:28.0493 4016 [ 1EE8F90EAD0DB665A372B9F8EC3109C2 ] C:\Windows\System32\bitsprx5.dll

15:42:28.0493 4016 C:\Windows\System32\bitsprx5.dll - ok

15:42:28.0508 4016 [ 1BEB5EFEBEB145EBD2DFB8FE38EE42CD ] C:\Windows\System32\atiumdag.dll

15:42:28.0508 4016 C:\Windows\System32\atiumdag.dll - ok

15:42:28.0524 4016 [ F60877E20D02E506D1FF176CC90E3D3E ] C:\Windows\System32\atiumdva.dll

15:42:28.0524 4016 C:\Windows\System32\atiumdva.dll - ok

15:42:28.0524 4016 [ 2A8681AEA24003040CA7D677BE9F1702 ] C:\Windows\System32\drivers\56212861.sys

15:42:28.0524 4016 C:\Windows\System32\drivers\56212861.sys - ok

15:42:28.0540 4016 [ 3CCE7C726B88918915A1EF712B9D5F58 ] C:\Windows\AppPatch\AcXtrnal.dll

15:42:28.0540 4016 C:\Windows\AppPatch\AcXtrnal.dll - ok

15:42:28.0555 4016 [ 088CF5B6380FB9002F2A4246F812225D ] C:\Windows\System32\asycfilt.dll

15:42:28.0555 4016 C:\Windows\System32\asycfilt.dll - ok

15:42:28.0555 4016 [ 7CA00998C1AAF913AC089E29DB746037 ] C:\Windows\System32\unregmp2.exe

15:42:28.0555 4016 C:\Windows\System32\unregmp2.exe - ok

15:42:28.0571 4016 [ 5343A19C618BC515CEB1695586C6C137 ] C:\Windows\System32\msvbvm60.dll

15:42:28.0571 4016 C:\Windows\System32\msvbvm60.dll - ok

15:42:28.0586 4016 [ 1060D60CCA69A8136A87DBE3C8F4A467 ] C:\Windows\System32\EhStorAPI.dll

15:42:28.0586 4016 C:\Windows\System32\EhStorAPI.dll - ok

15:42:28.0586 4016 [ 60236C8C3B8C2D8B9A59326890533EB8 ] C:\Windows\System32\sqlceqp30.dll

15:42:28.0586 4016 C:\Windows\System32\sqlceqp30.dll - ok

15:42:28.0602 4016 [ 13CDD3FF0961A2EC6D9829A1640DD6DC ] C:\Windows\System32\sqlcese30.dll

15:42:28.0602 4016 C:\Windows\System32\sqlcese30.dll - ok

15:42:28.0618 4016 [ FE0C21131667A5860CBE56C1D0D00C66 ] C:\Program Files\iTunes\iTunes.exe

15:42:28.0618 4016 C:\Program Files\iTunes\iTunes.exe - ok

15:42:28.0618 4016 [ 28CAAA8B3DAC4604B6871F311C6B9F49 ] C:\Windows\System32\NlsData0000.dll

15:42:28.0618 4016 C:\Windows\System32\NlsData0000.dll - ok

15:42:28.0633 4016 [ 4E366E42D670DE243CE1811A24F1A472 ] C:\Program Files\WinZip\WINZIP32.EXE

15:42:28.0633 4016 C:\Program Files\WinZip\WINZIP32.EXE - ok

15:42:28.0633 4016 [ B6C756FA661C5EB7B3547E60647F87A7 ] C:\Windows\System32\sqlceoledb30.dll

15:42:28.0633 4016 C:\Windows\System32\sqlceoledb30.dll - ok

15:42:28.0649 4016 [ 8B57A1AD493653BB57F281FE75DD175B ] C:\Windows\System32\NaturalLanguage6.dll

15:42:28.0649 4016 C:\Windows\System32\NaturalLanguage6.dll - ok

15:42:28.0664 4016 [ 4C44A99BB7584D6B70507987BE786259 ] C:\Program Files\Mozilla Firefox\xul.dll

15:42:28.0664 4016 C:\Program Files\Mozilla Firefox\xul.dll - ok

15:42:28.0664 4016 [ F5720ED4EEA3D62A3C9AF0950F2B7D23 ] C:\Program Files\Mozilla Firefox\ssl3.dll

15:42:28.0664 4016 C:\Program Files\Mozilla Firefox\ssl3.dll - ok

15:42:28.0680 4016 [ 6F255F96534FCF5FF4B611B52C1AB813 ] C:\Program Files\Mozilla Firefox\plc4.dll

15:42:28.0680 4016 C:\Program Files\Mozilla Firefox\plc4.dll - ok

15:42:28.0696 4016 [ 2D64A5315260AAD1D6BEEE65D2681DB3 ] C:\Program Files\Mozilla Firefox\mozjs.dll

15:42:28.0696 4016 C:\Program Files\Mozilla Firefox\mozjs.dll - ok

15:42:28.0696 4016 [ 6B85D6ADEF244F9077BD7874610574A9 ] C:\Program Files\Mozilla Firefox\plds4.dll

15:42:28.0696 4016 C:\Program Files\Mozilla Firefox\plds4.dll - ok

15:42:28.0711 4016 [ 79E485E1361DA3CBE01FF760867F1D26 ] C:\Program Files\Windows Defender\MpOAV.dll

15:42:28.0711 4016 C:\Program Files\Windows Defender\MpOAV.dll - ok

15:42:28.0727 4016 [ C2EFE31691B0220BA2D366F6ECD9EEBC ] C:\Program Files\Mozilla Firefox\mozglue.dll

15:42:28.0727 4016 C:\Program Files\Mozilla Firefox\mozglue.dll - ok

15:42:28.0727 4016 [ D9FA57CBA32ABA63D5C30B854F660F07 ] C:\Program Files\Mozilla Firefox\freebl3.dll

15:42:28.0727 4016 C:\Program Files\Mozilla Firefox\freebl3.dll - ok

15:42:28.0742 4016 [ 2944201BCD2BCC92897551A95757DDBE ] C:\Program Files\Mozilla Firefox\nssckbi.dll

15:42:28.0742 4016 C:\Program Files\Mozilla Firefox\nssckbi.dll - ok

15:42:28.0742 4016 [ CF7C83513AD0F22070B6795590F6BA68 ] C:\Program Files\Mozilla Firefox\nssdbm3.dll

15:42:28.0742 4016 C:\Program Files\Mozilla Firefox\nssdbm3.dll - ok

15:42:28.0758 4016 [ 15A9691C1F00631BC5475CEEF9A6EA62 ] C:\Program Files\Mozilla Firefox\nssutil3.dll

15:42:28.0758 4016 C:\Program Files\Mozilla Firefox\nssutil3.dll - ok

15:42:28.0774 4016 [ 52652560BCE03F232CE6AF381D82CE5F ] C:\Program Files\Mozilla Firefox\mozalloc.dll

15:42:28.0774 4016 C:\Program Files\Mozilla Firefox\mozalloc.dll - ok

15:42:28.0774 4016 [ 3D2706E87D3E4433DB929B86207CA928 ] C:\Program Files\Mozilla Firefox\mozsqlite3.dll

15:42:28.0774 4016 C:\Program Files\Mozilla Firefox\mozsqlite3.dll - ok

15:42:28.0789 4016 [ C06E6E160F34CE092301BD2B29067F3F ] C:\Windows\System32\Macromed\Flash\Flash10e.ocx

15:42:28.0789 4016 C:\Windows\System32\Macromed\Flash\Flash10e.ocx - ok

15:42:28.0805 4016 [ 2FD69AEE607066766930CEB925DB0459 ] C:\Program Files\Alwil Software\Avast5\aswDld.dll

15:42:28.0805 4016 C:\Program Files\Alwil Software\Avast5\aswDld.dll - ok

15:42:28.0836 4016 [ 815CBBBAC9F4D44081955ABBC9544930 ] C:\Program Files\TOSHIBA\My Toshiba\MyToshiba.exe

15:42:28.0836 4016 C:\Program Files\TOSHIBA\My Toshiba\MyToshiba.exe - ok

15:42:28.0836 4016 [ CD2C416B97E37EE0341FEAF09A543A2E ] C:\Program Files\Alwil Software\Avast5\afwRpc.dll

15:42:28.0836 4016 C:\Program Files\Alwil Software\Avast5\afwRpc.dll - ok

15:42:28.0852 4016 [ 068031ECB876D6B0910D0FD088B6525E ] C:\Program Files\QuickTime\QTSystem\QuickTime.qts

15:42:28.0852 4016 C:\Program Files\QuickTime\QTSystem\QuickTime.qts - ok

15:42:28.0867 4016 [ ACE9981252E1F262AC276B7615EF6FEB ] C:\Program Files\Alwil Software\Avast5\ashBase.dll

15:42:28.0867 4016 C:\Program Files\Alwil Software\Avast5\ashBase.dll - ok

15:42:28.0867 4016 [ 96FFBB4C8E32325C1B49A393284F77EE ] C:\Program Files\Alwil Software\Avast5\ashTask.dll

15:42:28.0867 4016 C:\Program Files\Alwil Software\Avast5\ashTask.dll - ok

15:42:28.0883 4016 [ A2BD807F592B29114D99BF6163829B41 ] C:\Program Files\Alwil Software\Avast5\afwCore.dll

15:42:28.0883 4016 C:\Program Files\Alwil Software\Avast5\afwCore.dll - ok

15:42:28.0898 4016 [ 8B476D677DFE35EFE7B3EDBF377F0038 ] C:\Program Files\Alwil Software\Avast5\AhResJs.dll

15:42:28.0898 4016 C:\Program Files\Alwil Software\Avast5\AhResJs.dll - ok

15:42:28.0898 4016 [ 95FFE45120788D0BAC3071A913172A58 ] C:\Program Files\Alwil Software\Avast5\aswIdle.dll

15:42:28.0898 4016 C:\Program Files\Alwil Software\Avast5\aswIdle.dll - ok

15:42:28.0914 4016 [ 29F9D1A7D3D63FD2D10CE06901475888 ] C:\Program Files\QuickTime\Plugins\npqtplugin5.dll

15:42:28.0914 4016 C:\Program Files\QuickTime\Plugins\npqtplugin5.dll - ok

15:42:28.0930 4016 [ E7CF222185411C6A3E68273C452B3283 ] C:\Program Files\Alwil Software\Avast5\AvastUI.exe

15:42:28.0930 4016 C:\Program Files\Alwil Software\Avast5\AvastUI.exe - ok

15:42:28.0930 4016 [ A80C173AC5C75706BB74AE4D78F2A53D ] C:\Program Files\Windows Media Player\wmplayer.exe

15:42:28.0930 4016 C:\Program Files\Windows Media Player\wmplayer.exe - ok

15:42:28.0945 4016 [ 629F9B5B99B80679520623655E31B5D1 ] C:\Program Files\QuickTime\Plugins\npqtplugin3.dll

15:42:28.0945 4016 C:\Program Files\QuickTime\Plugins\npqtplugin3.dll - ok

15:42:28.0945 4016 [ D8EBF6A12964A58C10914DA54E175538 ] C:\Program Files\QuickTime\Plugins\npqtplugin7.dll

15:42:28.0945 4016 C:\Program Files\QuickTime\Plugins\npqtplugin7.dll - ok

15:42:28.0961 4016 [ 958EAE9951D450C33785AAA3E8C18643 ] C:\Program Files\Alwil Software\Avast5\AhResMai.dll

15:42:28.0961 4016 C:\Program Files\Alwil Software\Avast5\AhResMai.dll - ok

15:42:28.0976 4016 [ 14E6721D9883753A3C4BCF0159FA9CA8 ] C:\Program Files\Alwil Software\Avast5\AhResBhv.dll

15:42:28.0976 4016 C:\Program Files\Alwil Software\Avast5\AhResBhv.dll - ok

15:42:28.0976 4016 [ 3992D00EA19FCDE5710E31B1768EFA20 ] C:\Program Files\Alwil Software\Avast5\aswCmnBS.dll

15:42:28.0976 4016 C:\Program Files\Alwil Software\Avast5\aswCmnBS.dll - ok

15:42:28.0992 4016 [ E33106D7FFB0CBE106EED817E9F0AC42 ] C:\Program Files\QuickTime\QTSystem\QuickTimeVR.qtx

15:42:28.0992 4016 C:\Program Files\QuickTime\QTSystem\QuickTimeVR.qtx - ok

15:42:29.0008 4016 [ B3DD214F23037E3D3C27D6C9447B40B5 ] C:\Program Files\Windows NT\Accessories\wordpad.exe

15:42:29.0008 4016 C:\Program Files\Windows NT\Accessories\wordpad.exe - ok

15:42:29.0008 4016 [ D662F9567979FCACAC8301B6CE18971B ] C:\Program Files\Alwil Software\Avast5\aswCmnOS.dll

15:42:29.0008 4016 C:\Program Files\Alwil Software\Avast5\aswCmnOS.dll - ok

15:42:29.0023 4016 [ A333DD2E324C6BA76A3D3E4BBCB94F3C ] C:\Program Files\Alwil Software\Avast5\AhResStd.dll

15:42:29.0023 4016 C:\Program Files\Alwil Software\Avast5\AhResStd.dll - ok

15:42:29.0039 4016 [ D16C826F375A44802BF317982E81A7E2 ] C:\Program Files\Alwil Software\Avast5\AvastSvc.exe

15:42:29.0039 4016 C:\Program Files\Alwil Software\Avast5\AvastSvc.exe - ok

15:42:29.0039 4016 [ B14242184207DA229A3AC25168FFC44A ] C:\Program Files\Alwil Software\Avast5\AavmRpch.dll

15:42:29.0039 4016 C:\Program Files\Alwil Software\Avast5\AavmRpch.dll - ok

15:42:29.0054 4016 [ A822E400EB848449368A2D6C99DEE8E8 ] C:\Program Files\Alwil Software\Avast5\aswCmnIS.dll

15:42:29.0054 4016 C:\Program Files\Alwil Software\Avast5\aswCmnIS.dll - ok

15:42:29.0070 4016 [ 53FA4E859B6440EAF6673E813CAA7C4E ] C:\Program Files\Alwil Software\Avast5\ashTaskEx.dll

15:42:29.0070 4016 C:\Program Files\Alwil Software\Avast5\ashTaskEx.dll - ok

15:42:29.0070 4016 [ D28F68D1B224E4B254FD5FCECC941340 ] C:\Program Files\Alwil Software\Avast5\CommonRes.dll

15:42:29.0086 4016 C:\Program Files\Alwil Software\Avast5\CommonRes.dll - ok

15:42:29.0086 4016 [ C142445B59C1DABA31F6397A34C42C74 ] C:\Program Files\Mozilla Firefox\plugin-container.exe

15:42:29.0086 4016 C:\Program Files\Mozilla Firefox\plugin-container.exe - ok

15:42:29.0101 4016 [ 8283FBFF9B415F707D2F75CA893B7C8C ] C:\Program Files\QuickTime\QTSystem\QuickTimeH264.qtx

15:42:29.0101 4016 C:\Program Files\QuickTime\QTSystem\QuickTimeH264.qtx - ok

15:42:29.0101 4016 [ B52B199C1BA9489D35B96B2D51A3D22C ] C:\Program Files\QuickTime\QTSystem\QuickTime3GPP.qtx

15:42:29.0101 4016 C:\Program Files\QuickTime\QTSystem\QuickTime3GPP.qtx - ok

15:42:29.0117 4016 [ DE1E47D7616BC8CD015078969891ECAE ] C:\Program Files\QuickTime\QTSystem\QuickTimeImage.qtx

15:42:29.0117 4016 C:\Program Files\QuickTime\QTSystem\QuickTimeImage.qtx - ok

15:42:29.0132 4016 [ 464FDFA22C63D742DE476A83042D53F9 ] C:\Program Files\Alwil Software\Avast5\aswProperty.dll

15:42:29.0132 4016 C:\Program Files\Alwil Software\Avast5\aswProperty.dll - ok

15:42:29.0132 4016 [ 14D017562E8F6B945157471FD64CCD9B ] C:\Program Files\QuickTime\QTSystem\QuickTimeMusic.qtx

15:42:29.0132 4016 C:\Program Files\QuickTime\QTSystem\QuickTimeMusic.qtx - ok

15:42:29.0148 4016 [ B7AEF8442BE406778C7B98642EE1E6FE ] C:\Windows\System32\spool\drivers\w32x86\3\mxdwdui.dll

15:42:29.0148 4016 C:\Windows\System32\spool\drivers\w32x86\3\mxdwdui.dll - ok

15:42:29.0164 4016 [ 32F4D839CA942236F933A78C3DC404F9 ] C:\Windows\System32\spool\drivers\w32x86\3\unidrvui.dll

15:42:29.0164 4016 C:\Windows\System32\spool\drivers\w32x86\3\unidrvui.dll - ok

15:42:29.0164 4016 [ 3E31FF7F2EA6E7BB507605C2B9081FA3 ] C:\Program Files\Virtools\3D Life Player\npvirtools.dll

15:42:29.0164 4016 C:\Program Files\Virtools\3D Life Player\npvirtools.dll - ok

15:42:29.0179 4016 [ 56620DDFF8B1277CE12F198637B2AF93 ] C:\Program Files\QuickTime\QTSystem\QuickTimeCapture.qtx

15:42:29.0179 4016 C:\Program Files\QuickTime\QTSystem\QuickTimeCapture.qtx - ok

15:42:29.0195 4016 [ 91EA28804EC3A71126841554199E28BC ] C:\Program Files\Malwarebytes' Anti-Malware\ssubtmr6.dll

15:42:29.0195 4016 C:\Program Files\Malwarebytes' Anti-Malware\ssubtmr6.dll - ok

15:42:29.0195 4016 [ AFDE47ADFC785BFFE2CCAEBD31617871 ] C:\Program Files\Alwil Software\Avast5\1033\uiLangRes.dll

15:42:29.0195 4016 C:\Program Files\Alwil Software\Avast5\1033\uiLangRes.dll - ok

15:42:29.0210 4016 [ E0C9D4A1F4E8B45ED2FDAFA3F33B87EB ] C:\Program Files\Alwil Software\Avast5\winspamcatcher.dll

15:42:29.0210 4016 C:\Program Files\Alwil Software\Avast5\winspamcatcher.dll - ok

15:42:29.0226 4016 [ BAA4DE42156350754976DD563D02CDE4 ] C:\Program Files\Malwarebytes' Anti-Malware\vbalsgrid6.ocx

15:42:29.0226 4016 C:\Program Files\Malwarebytes' Anti-Malware\vbalsgrid6.ocx - ok

15:42:29.0226 4016 [ 7156D93D8A38DCCD9CCA090BD7DF931D ] C:\Program Files\QuickTime\QTSystem\QuickTimeStreaming.qtx

15:42:29.0226 4016 C:\Program Files\QuickTime\QTSystem\QuickTimeStreaming.qtx - ok

15:42:29.0242 4016 [ 82B5C24861BC388CFECDBD9485C317F9 ] C:\Program Files\QuickTime\QTSystem\QuickTimeEssentials.qtx

15:42:29.0242 4016 C:\Program Files\QuickTime\QTSystem\QuickTimeEssentials.qtx - ok

15:42:29.0257 4016 [ 700CC8A0CA98E056F7A951D0AB9F856B ] C:\Program Files\Adobe\Reader 9.0\Reader\Browser\nppdf32.dll

15:42:29.0257 4016 C:\Program Files\Adobe\Reader 9.0\Reader\Browser\nppdf32.dll - ok

15:42:29.0257 4016 [ 5FAAFEF7AFB42BD4EFACD1759EBBC2D4 ] C:\Program Files\QuickTime\QTSystem\QuickTime3GPPAuthoring.qtx

15:42:29.0257 4016 C:\Program Files\QuickTime\QTSystem\QuickTime3GPPAuthoring.qtx - ok

15:42:29.0273 4016 [ 9F1477010CD126FC7289DEC5840C0A66 ] C:\Program Files\Windows Live\Photo Gallery\WLXPhotoViewer.dll

15:42:29.0273 4016 C:\Program Files\Windows Live\Photo Gallery\WLXPhotoViewer.dll - ok

15:42:29.0288 4016 [ 549D6E58881C281251BECE284027FF33 ] C:\Program Files\Nero\Nero 9\Nero StartSmart\NeroStartSmart.exe

15:42:29.0288 4016 C:\Program Files\Nero\Nero 9\Nero StartSmart\NeroStartSmart.exe - ok

15:42:29.0288 4016 [ A00D5FBFABBF281FD059BB0CDA55B6E8 ] C:\Program Files\Windows Live\Photo Gallery\WLXPhotoGallery.exe

15:42:29.0288 4016 C:\Program Files\Windows Live\Photo Gallery\WLXPhotoGallery.exe - ok

15:42:29.0304 4016 [ C1872B4311202BCC6B8F912E1A35894B ] C:\Program Files\QuickTime\QTSystem\QuickTimeInternetExtras.qtx

15:42:29.0304 4016 C:\Program Files\QuickTime\QTSystem\QuickTimeInternetExtras.qtx - ok

15:42:29.0320 4016 [ E2987ADD4FD8CD66A1C21D46770C4B3E ] C:\Program Files\QuickTime\QTSystem\QuickTimeStreamingExtras.qtx

15:42:29.0320 4016 C:\Program Files\QuickTime\QTSystem\QuickTimeStreamingExtras.qtx - ok

15:42:29.0320 4016 [ 2D08AC1443FFA7FBED9A5EA5FD49AEB3 ] C:\Users\Braun\AppData\Local\Google\Chrome\Application\chrome.exe

15:42:29.0320 4016 C:\Users\Braun\AppData\Local\Google\Chrome\Application\chrome.exe - ok

15:42:29.0335 4016 [ 4136F44927D53997FC3C2DCAA9CDD8A1 ] C:\Program Files\Common Files\Adobe AIR\Versions\1.0\Adobe AIR.dll

15:42:29.0335 4016 C:\Program Files\Common Files\Adobe AIR\Versions\1.0\Adobe AIR.dll - ok

15:42:29.0351 4016 [ C87F4930CE27C044416428C463EBD90A ] C:\Program Files\QuickTime\QTSystem\QuickTimeStreamingAuthoring.qtx

15:42:29.0351 4016 C:\Program Files\QuickTime\QTSystem\QuickTimeStreamingAuthoring.qtx - ok

15:42:29.0366 4016 [ E4024CCF225A936207294DE50925D4F6 ] C:\Users\Braun\AppData\Local\Google\Update\1.3.21.123\goopdateres_en.dll

15:42:29.0366 4016 C:\Users\Braun\AppData\Local\Google\Update\1.3.21.123\goopdateres_en.dll - ok

15:42:29.0366 4016 [ F2EAA9C72F228E19D37D0B57C179E545 ] C:\Windows\Installer\{0F6F6876-6334-4977-B5DD-CFC12E193420}\iTunesIco.exe

15:42:29.0366 4016 C:\Windows\Installer\{0F6F6876-6334-4977-B5DD-CFC12E193420}\iTunesIco.exe - ok

15:42:29.0398 4016 [ AE2523EB48B0401262BEC0A59C1C19C2 ] C:\Program Files\Common Files\Apple\Apple Application Support\CoreGraphics.dll

15:42:29.0398 4016 C:\Program Files\Common Files\Apple\Apple Application Support\CoreGraphics.dll - ok

15:42:29.0413 4016 [ 1FDB299F78530F00AEE38F9400602007 ] C:\Windows\Installer\{CD95F661-A5C4-44F5-A6AA-ECDD91C240B8}\IconCD95F66110.exe

15:42:29.0413 4016 C:\Windows\Installer\{CD95F661-A5C4-44F5-A6AA-ECDD91C240B8}\IconCD95F66110.exe - ok

15:42:29.0413 4016 [ E2D66C03C0B8900702196268A6CC7542 ] C:\Program Files\Common Files\Apple\Apple Application Support\CoreAudioToolbox.dll

15:42:29.0413 4016 C:\Program Files\Common Files\Apple\Apple Application Support\CoreAudioToolbox.dll - ok

15:42:29.0429 4016 [ F6FFD0DD7BE7BC682350F1296E1E9742 ] C:\Program Files\Windows Live\Photo Gallery\WLXPhotoLibraryDuiResourcesLocalized.dll

15:42:29.0429 4016 C:\Program Files\Windows Live\Photo Gallery\WLXPhotoLibraryDuiResourcesLocalized.dll - ok

15:42:29.0444 4016 [ 4C39358EBDD2FFCD9132A30E1EC31E16 ] C:\Windows\winsxs\x86_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.6161_none_50934f2ebcb7eb57\msvcp90.dll

15:42:29.0444 4016 C:\Windows\winsxs\x86_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.6161_none_50934f2ebcb7eb57\msvcp90.dll - ok

15:42:29.0444 4016 [ 9D1693D5A9224A4CD64DD57E3614FBCC ] C:\Windows\winsxs\x86_microsoft-windows-servicingstack_31bf3856ad364e35_6.1.7601.17592_none_0b0e4b4025cf4049\smipi.dll

15:42:29.0444 4016 C:\Windows\winsxs\x86_microsoft-windows-servicingstack_31bf3856ad364e35_6.1.7601.17592_none_0b0e4b4025cf4049\smipi.dll - ok

15:42:29.0460 4016 [ 6B3E0452A8FD0F6A3063551E7F7705B8 ] C:\Windows\winsxs\x86_microsoft-windows-servicingstack_31bf3856ad364e35_6.1.7601.17592_none_0b0e4b4025cf4049\smiengine.dll

15:42:29.0460 4016 C:\Windows\winsxs\x86_microsoft-windows-servicingstack_31bf3856ad364e35_6.1.7601.17592_none_0b0e4b4025cf4049\smiengine.dll - ok

15:42:29.0460 4016 ============================================================

15:42:29.0460 4016 Scan finished

15:42:29.0460 4016 ============================================================

15:42:29.0491 1828 Detected object count: 4

15:42:29.0491 1828 Actual detected object count: 4

15:43:02.0830 1828 Net Driver HPZ12 ( UnsignedFile.Multi.Generic ) - skipped by user

15:43:02.0830 1828 Net Driver HPZ12 ( UnsignedFile.Multi.Generic ) - User select action: Skip

15:43:02.0830 1828 Pml Driver HPZ12 ( UnsignedFile.Multi.Generic ) - skipped by user

15:43:02.0830 1828 Pml Driver HPZ12 ( UnsignedFile.Multi.Generic ) - User select action: Skip

15:43:02.0846 1828 USBAAPL ( UnsignedFile.Multi.Generic ) - skipped by user

15:43:02.0846 1828 USBAAPL ( UnsignedFile.Multi.Generic ) - User select action: Skip

15:43:02.0846 1828 WDC_SAM ( UnsignedFile.Multi.Generic ) - skipped by user

15:43:02.0846 1828 WDC_SAM ( UnsignedFile.Multi.Generic ) - User select action: Skip

ASWMBR Report

aswMBR version 0.9.9.1707 Copyright© 2011 AVAST Software

Run date: 2012-12-16 15:51:49

-----------------------------

15:51:49.269 OS Version: Windows 6.1.7601 Service Pack 1

15:51:49.269 Number of processors: 1 586 0x301

15:51:49.269 ComputerName: BRAUN-PC UserName: Braun

15:52:15.555 Initialize success

15:52:15.836 AVAST engine defs: 11091302

15:52:56.081 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP0T0L0-0

15:52:56.081 Disk 0 Vendor: TOSHIBA_MK2555GSX FG001M Size: 238475MB BusType: 11

15:52:56.175 Disk 0 MBR read successfully

15:52:56.175 Disk 0 MBR scan

15:52:56.643 Disk 0 Windows VISTA default MBR code

15:52:56.659 Disk 0 Partition 1 80 (A) 27 Hidden NTFS WinRE NTFS 1500 MB offset 2048

15:52:57.143 Disk 0 Partition 2 00 07 HPFS/NTFS NTFS 228845 MB offset 3074048

15:52:57.206 Disk 0 Partition 3 00 17 Hidd HPFS/NTFS NTFS 8129 MB offset 471748608

15:52:57.315 Disk 0 scanning sectors +488396800

15:52:57.861 Disk 0 scanning C:\windows\system32\drivers

15:53:14.854 Service scanning

15:53:52.112 Modules scanning

15:54:04.577 Disk 0 trace - called modules:

15:54:05.138 ntkrnlpa.exe CLASSPNP.SYS disk.sys ACPI.sys halmacpi.dll ataport.SYS PCIIDEX.SYS msahci.sys

15:54:05.138 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0x86530030]

15:54:05.154 3 CLASSPNP.SYS[8c40459e] -> nt!IofCallDriver -> [0x85736580]

15:54:05.154 5 ACPI.sys[8c4433d4] -> nt!IofCallDriver -> \Device\Ide\IdeDeviceP0T0L0-0[0x864ec908]

15:54:05.809 AVAST engine scan C:\windows

15:54:08.570 AVAST engine scan C:\windows\system32

15:56:46.137 AVAST engine scan C:\windows\system32\drivers

15:57:01.316 AVAST engine scan C:\Users\Braun

16:05:05.446 AVAST engine scan C:\ProgramData

16:06:18.665 Scan finished successfully

16:39:38.389 Disk 0 MBR has been saved successfully to "C:\Users\Braun\Desktop\MBR.dat"

16:39:38.389 The log file has been saved successfully to "C:\Users\Braun\Desktop\aswMBR.txt"

Link to post
Share on other sites

  • Staff

Greetings

At this time I would like you to run this script for me and it is a good time to check out the computer to see if there is anything else that needs to be addressed.

:Run CFScript:

Open Notepad and copy/paste the text in the box into the window:

 ClearJavaCache:: 

Save it to your desktop as CFScript.txt

Refering to the picture above, drag CFScript.txt into ComboFix.exe

CFScriptB-4.gif

This will let ComboFix run again.

Restart if you have to.

Save the produced logfile to your desktop.

Note: Do not mouseclick combofix's window whilst it's running. That may cause it to stall

Note 2: If you recieve an error "Illegal operation attempted on a registery key that has been marked for deletion." Please restart the computer

"information and logs"

  • In your next post I need the following
  1. report from Combofix
  2. let me know of any problems you may have had
  3. How is the computer doing now after running the script?

Gringo

Link to post
Share on other sites

HI...the computer seems to be doing good. I know I need to update my Java and a few other things, and remove browsers other than firefox. Is there anything else you would recommend? I cannot thank you enough for your help!!!!

ComboFix 12-12-14.01 - Braun 12/16/2012 19:41:19.2.1 - x86

Microsoft Windows 7 Home Premium 6.1.7601.1.1252.1.1033.18.3582.2584 [GMT -6:00]

Running from: c:\users\Braun\Desktop\ComboFix.exe

Command switches used :: c:\users\Braun\Desktop\CFScript.txt

AV: avast! Internet Security *Disabled/Updated* {2B2D1395-420B-D5C9-657E-930FE358FC3C}

FW: avast! Internet Security *Disabled* {131692B0-0864-D491-4E21-3A3A1D8BBB47}

SP: avast! Internet Security *Disabled/Updated* {904CF271-6431-DA47-5FCE-A87D98DFB681}

SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

.

.

((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))

.

.

c:\users\Braun\AppData\Roaming\Mozilla\Firefox\Profiles\6kogi6ok.default\searchplugins\bing-zugo.xml

c:\windows\system32\drivers\etc\hosts.ics

c:\windows\system32\Thumbs.db

.

.

((((((((((((((((((((((((( Files Created from 2012-11-17 to 2012-12-17 )))))))))))))))))))))))))))))))

.

.

2012-12-17 01:51 . 2012-12-17 01:51 -------- d-----w- c:\users\LogMeInRemoteUser\AppData\Local\temp

2012-12-17 01:51 . 2012-12-17 01:51 -------- d-----w- c:\users\Default\AppData\Local\temp

2012-12-17 01:49 . 2012-12-17 01:49 60872 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{2D104225-6142-474F-A6AB-62A0C291CD83}\offreg.dll

2012-12-16 07:14 . 2012-07-26 03:39 526952 ----a-w- c:\windows\system32\drivers\Wdf01000.sys

2012-12-16 07:14 . 2012-07-26 03:39 47720 ----a-w- c:\windows\system32\drivers\WdfLdr.sys

2012-12-16 07:14 . 2012-07-26 02:46 9728 ----a-w- c:\windows\system32\Wdfres.dll

2012-12-16 07:13 . 2012-07-26 02:33 66560 ----a-w- c:\windows\system32\drivers\WUDFPf.sys

2012-12-16 07:13 . 2012-07-26 02:32 155136 ----a-w- c:\windows\system32\drivers\WUDFRd.sys

2012-12-16 07:13 . 2012-07-26 03:21 196608 ----a-w- c:\windows\system32\WUDFHost.exe

2012-12-16 07:13 . 2012-07-26 03:20 73216 ----a-w- c:\windows\system32\WUDFSvc.dll

2012-12-16 07:13 . 2012-07-26 03:20 38912 ----a-w- c:\windows\system32\WUDFCoinstaller.dll

2012-12-16 07:13 . 2012-07-26 03:20 172032 ----a-w- c:\windows\system32\WUDFPlatform.dll

2012-12-16 07:13 . 2012-07-26 03:20 613888 ----a-w- c:\windows\system32\WUDFx.dll

2012-12-16 05:13 . 2012-12-16 05:13 -------- d-----w- c:\users\Braun\AppData\Roaming\Malwarebytes

2012-12-16 05:13 . 2012-12-16 05:13 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware

2012-12-16 05:13 . 2012-12-16 05:13 -------- d-----w- c:\programdata\Malwarebytes

2012-12-16 05:13 . 2012-09-30 01:54 22856 ----a-w- c:\windows\system32\drivers\mbam.sys

2012-12-16 05:06 . 2012-10-03 16:58 1293680 ----a-w- c:\windows\system32\drivers\tcpip.sys

2012-12-16 05:06 . 2012-10-03 16:42 242176 ----a-w- c:\windows\system32\nlasvc.dll

2012-12-16 05:06 . 2012-10-03 16:42 175104 ----a-w- c:\windows\system32\netcorehc.dll

2012-12-16 05:06 . 2012-10-03 16:42 156672 ----a-w- c:\windows\system32\ncsi.dll

2012-12-16 05:06 . 2012-10-03 16:40 499712 ----a-w- c:\windows\system32\iphlpsvc.dll

2012-12-16 05:06 . 2012-10-03 16:42 52224 ----a-w- c:\windows\system32\nlaapi.dll

2012-12-16 05:06 . 2012-10-03 16:42 18944 ----a-w- c:\windows\system32\netevent.dll

2012-12-16 05:06 . 2012-10-03 15:21 35328 ----a-w- c:\windows\system32\drivers\tcpipreg.sys

2012-12-16 04:45 . 2012-11-22 02:56 2345984 ----a-w- c:\windows\system32\win32k.sys

2012-12-16 04:43 . 2012-11-02 05:11 376832 ----a-w- c:\windows\system32\dpnet.dll

2012-12-16 04:38 . 2012-11-08 18:00 6812136 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{2D104225-6142-474F-A6AB-62A0C291CD83}\mpengine.dll

2012-12-16 04:33 . 2012-10-09 17:40 44032 ----a-w- c:\windows\system32\dhcpcsvc6.dll

2012-12-16 04:33 . 2012-10-09 17:40 193536 ----a-w- c:\windows\system32\dhcpcore6.dll

2012-12-16 04:02 . 2012-09-25 22:47 78336 ----a-w- c:\windows\system32\synceng.dll

2012-12-16 04:00 . 2012-11-09 04:42 2048 ----a-w- c:\windows\system32\tzres.dll

.

.

.

(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))

.

2012-10-23 18:59 . 2012-10-23 18:59 163056 ----a-w- c:\programdata\Microsoft\Windows\Sqm\Manifest\Sqm10142.bin

2012-10-16 07:39 . 2012-12-16 04:43 561664 ----a-w- c:\windows\apppatch\AcLayers.dll

2012-11-29 08:27 . 2012-12-16 05:02 262112 ----a-w- c:\program files\mozilla firefox\components\browsercomps.dll

.

.

((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))

.

.

*Note* empty entries & legit default entries are not shown

REGEDIT4

.

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]

@="{472083B0-C522-11CF-8763-00608CC02F24}"

[HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]

2011-07-04 11:43 122512 ----a-w- c:\program files\Alwil Software\Avast5\ashShell.dll

.

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"Facebook Update"="c:\users\Braun\AppData\Local\Facebook\Update\FacebookUpdate.exe" [2012-10-23 138096]

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"RtHDVCpl"="c:\program files\Realtek\Audio\HDA\RtHDVCpl.exe" [2009-07-29 7625248]

"SynTPEnh"="c:\program files\Synaptics\SynTP\SynTPEnh.exe" [2009-07-21 1545512]

"TPwrMain"="c:\program files\TOSHIBA\Power Saver\TPwrMain.EXE" [2009-08-05 476512]

"SmoothView"="c:\program files\Toshiba\SmoothView\SmoothView.exe" [2009-07-28 460088]

"00TCrdMain"="c:\program files\TOSHIBA\FlashCards\TCrdMain.exe" [2009-08-05 738616]

"ToshibaServiceStation"="c:\program files\TOSHIBA\TOSHIBA Service Station\ToshibaServiceStation.exe" [2009-08-17 1294136]

"TosSENotify"="c:\program files\TOSHIBA\TOSHIBA HDD SSD Alert\TosWaitSrv.exe" [2009-09-17 611672]

"Windows Mobile Device Center"="c:\windows\WindowsMobile\wmdc.exe" [2007-05-31 648072]

"dcmsvc"="c:\program files\dcmsvc\dcmsvc.exe" [2009-04-07 30440]

"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2010-09-23 35760]

"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2010-09-21 932288]

"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2011-04-08 254696]

"APSDaemon"="c:\program files\Common Files\Apple\Apple Application Support\APSDaemon.exe" [2012-08-28 59280]

"QuickTime Task"="c:\program files\QuickTime\QTTask.exe" [2012-04-19 421888]

"iTunesHelper"="c:\program files\iTunes\iTunesHelper.exe" [2012-09-10 421776]

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce]

"AvgUninstallURL"="start http://www.avg.com/ww.special-uninstallation-feedback-appf?lic=OQBBAFYARgBSAEUARQAtAFYATgBKADMAMgAtAEcAMwBMAEEAQQAtAEEANAA4ADkAUgAtADkAVQBKAEsARgAtAEUASwBLADMAWAA&inst=NwA3AC0AMwAxADgAOAA1ADYANAAxADgALQBGAFAAOQArADYALQBCAEEAUgA5AEcAKwAxAC0AVABCADkAKwAyAC0ARgBMACsAOQAtAFgATwAzADYAKwAxAC0ARgA5AE0ANwBDACsANQAtAEYAOQBNADEAMABCACsAMQA∏=90&ver=9.0.872" [?]

.

c:\users\Braun\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\

MP3 Rocket (Minimized).lnk - c:\program files\MP3 Rocket\MP3Rocket.exe [N/A]

Stardock ObjectDock.lnk - c:\program files\Stardock\ObjectDockFree\ObjectDock.exe [N/A]

.

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]

"ConsentPromptBehaviorAdmin"= 5 (0x5)

"ConsentPromptBehaviorUser"= 3 (0x3)

"EnableUIADesktopToggle"= 0 (0x0)

.

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]

"aux"=wdmaud.drv

.

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WRConsumerService]

@="Service"

.

[HKLM\~\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^WDDMStatus.lnk]

backup=c:\windows\pss\WDDMStatus.lnk.CommonStartup

backupExtension=.CommonStartup

.

[HKLM\~\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^WinZip Quick Pick.lnk]

backup=c:\windows\pss\WinZip Quick Pick.lnk.CommonStartup

backupExtension=.CommonStartup

.

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Google Update]

2011-08-20 17:29 136176 ----atw- c:\users\Braun\AppData\Local\Google\Update\GoogleUpdate.exe

.

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\msnmsgr]

2010-11-10 07:54 4240760 ----a-w- c:\program files\Windows Live\Messenger\msnmsgr.exe

.

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MyTOSHIBA]

2009-08-06 16:15 264048 ----a-w- c:\program files\TOSHIBA\My Toshiba\MyToshiba.exe

.

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]

2012-04-19 01:56 421888 ----a-w- c:\program files\QuickTime\QTTask.exe

.

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\StartCCC]

2009-07-30 06:32 98304 ----a-w- c:\program files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe

.

R2 LMIInfo;LogMeIn Kernel Information Provider;c:\program files\LogMeIn\x86\RaInfo.sys [x]

R2 LMIRescue_b12ad326-96b3-4d55-9b4a-a25b6aa153f0;LogMeIn Rescue (b12ad326-96b3-4d55-9b4a-a25b6aa153f0);c:\users\Braun\AppData\Local\Temp\LMIR0002.tmp\LMI_Rescue_srv.exe [x]

R2 LMIRescue_f476620f-fe55-469d-95d3-66e2919ec40f;LogMeIn Rescue (f476620f-fe55-469d-95d3-66e2919ec40f);c:\users\Braun\AppData\Local\Temp\LMIR0001.tmp\LMI_Rescue_srv.exe [x]

R2 WRConsumerService;Webroot Client Service;c:\program files\Webroot\WebrootSecurity\WRConsumerService.exe [x]

R3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader;c:\windows\system32\Drivers\RtsUStor.sys [x]

R3 RtsUIR;Realtek IR Driver;c:\windows\system32\DRIVERS\Rts516xIR.sys [x]

R3 SrvHsfHDA;SrvHsfHDA;c:\windows\system32\DRIVERS\VSTAZL3.SYS [x]

R3 SrvHsfV92;SrvHsfV92;c:\windows\system32\DRIVERS\VSTDPV3.SYS [x]

R3 SrvHsfWinac;SrvHsfWinac;c:\windows\system32\DRIVERS\VSTCNXT3.SYS [x]

R3 TMachInfo;TMachInfo;c:\program files\TOSHIBA\TOSHIBA Service Station\TMachInfo.exe [x]

R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [x]

R3 WatAdminSvc;Windows Activation Technologies Service;c:\windows\system32\Wat\WatAdminSvc.exe [x]

R3 WDC_SAM;WD SCSI Pass Thru driver;c:\windows\system32\DRIVERS\wdcsam.sys [x]

S1 aswSnx;aswSnx; [x]

S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe [x]

S2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys [x]

S2 cfWiMAXService;ConfigFree WiMAX Service;c:\program files\TOSHIBA\ConfigFree\CFIWmxSvcs.exe [x]

S2 ConfigFree Service;ConfigFree Service;c:\program files\TOSHIBA\ConfigFree\CFSvcs.exe [x]

S2 MBAMScheduler;MBAMScheduler;c:\program files\Malwarebytes' Anti-Malware\mbamscheduler.exe [x]

S2 MBAMService;MBAMService;c:\program files\Malwarebytes' Anti-Malware\mbamservice.exe [x]

S3 FwLnk;FwLnk Driver;c:\windows\system32\DRIVERS\FwLnk.sys [x]

S3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [x]

S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt86win7.sys [x]

S3 RTL8187B;Realtek RTL8187B Wireless 802.11b/g 54Mbps USB 2.0 Network Adapter;c:\windows\system32\DRIVERS\RTL8187B.sys [x]

S3 TOSHIBA HDD SSD Alert Service;TOSHIBA HDD SSD Alert Service;c:\program files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSmartSrv.exe [x]

.

.

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]

WindowsMobile REG_MULTI_SZ wcescomm rapimgr

LocalServiceRestricted REG_MULTI_SZ WcesComm RapiMgr

HPZ12 REG_MULTI_SZ Pml Driver HPZ12 Net Driver HPZ12

.

[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{01250B8F-D947-4F8A-9408-FE8E3EE2EC92}]

2009-08-06 16:15 264048 ----a-w- c:\program files\TOSHIBA\My Toshiba\MyToshiba.exe

.

Contents of the 'Scheduled Tasks' folder

.

2012-12-16 c:\windows\Tasks\FacebookUpdateTaskUserS-1-5-21-146636034-1766822535-2677241710-1000Core.job

- c:\users\Braun\AppData\Local\Facebook\Update\FacebookUpdate.exe [2011-09-09 18:05]

.

2012-12-17 c:\windows\Tasks\FacebookUpdateTaskUserS-1-5-21-146636034-1766822535-2677241710-1000UA.job

- c:\users\Braun\AppData\Local\Facebook\Update\FacebookUpdate.exe [2011-09-09 18:05]

.

2012-12-16 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-146636034-1766822535-2677241710-1000Core.job

- c:\users\Braun\AppData\Local\Google\Update\GoogleUpdate.exe [2011-08-20 17:29]

.

2012-12-17 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-146636034-1766822535-2677241710-1000UA.job

- c:\users\Braun\AppData\Local\Google\Update\GoogleUpdate.exe [2011-08-20 17:29]

.

.

------- Supplementary Scan -------

.

uStart Page = hxxp://www.google.com

mStart Page = hxxp://www.google.com/ig/redirectdomain?brand=TSNA&bmod=TSNA

IE: E&xport to Microsoft Excel - c:\progra~1\MIF5BA~1\Office12\EXCEL.EXE/3000

IE: eBay Search - c:\program files\eBay\eBay Toolbar2\eBayTb.dll/RCSearch.html

TCP: DhcpNameServer = 192.168.1.1

FF - ProfilePath - c:\users\Braun\AppData\Roaming\Mozilla\Firefox\Profiles\6kogi6ok.default\

FF - prefs.js: browser.search.selectedEngine - Google

FF - prefs.js: browser.startup.homepage - yahoo.com

FF - ExtSQL: 2012-10-23 15:08; {195A3098-0BD5-4e90-AE22-BA1C540AFD1E}; c:\users\Braun\AppData\Roaming\Mozilla\Firefox\Profiles\6kogi6ok.default\extensions\{195A3098-0BD5-4e90-AE22-BA1C540AFD1E}

.

- - - - ORPHANS REMOVED - - - -

.

SafeBoot-26454189.sys

.

.

.

--------------------- LOCKED REGISTRY KEYS ---------------------

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\DbgagD\1*]

"value"="?\08\01\01\16\0a*?"

.

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]

@Denied: (A) (Users)

@Denied: (A) (Everyone)

@Allowed: (B 1 2 3 4 5) (S-1-5-20)

"BlindDial"=dword:00000000

.

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]

@Denied: (Full) (Everyone)

.

Completion time: 2012-12-16 19:53:50

ComboFix-quarantined-files.txt 2012-12-17 01:53

ComboFix2.txt 2012-12-16 19:46

.

Pre-Run: 101,375,328,256 bytes free

Post-Run: 100,955,185,152 bytes free

.

- - End Of File - - 02B6E45B07DCE165D233694F07C850B8

Link to post
Share on other sites

  • Staff

These logs are looking allot better. But we still have some work to do.

Please print out these instructions, or copy them to a Notepad file. It will make it easier for you to follow the instructions and complete all of the necessary steps..

uninstall some programs

NOTE** Because of the cleanup process some of the programs I have listed may not be in add/remove anymore this is fine just move to the next item on the list.

You can remove these programs using add/remove or you can use the free uninstaller from Revo (Revo does allot better of a job)

  • Programs to remove

    • Adobe Reader 9.4.1
      Java 6 Update 26

  • Please download and install
Revo Uninstaller FreeDouble click Revo Uninstaller to run it.
From the list of programs double click on The Program to remove
When prompted if you want to uninstall click Yes.
Be sure the Moderate option is selected then click Next.
The program will run, If prompted again click Yes
when the built-in uninstaller is finished click on Next.
Once the program has searched for leftovers click Next.
Check/tick the bolded items only on the list then click Delete
when prompted click on Yes and then on next.
put a check on any folders that are found and select delete
when prompted select yes then on next
Once done click Finish.

.

Update Adobe Reader

  • Recently there have been vulnerabilities detected in older versions of Adobe Reader. It is strongly suggested that you update to the current version.
    You can download it from
http://www.adobe.com/products/acrobat/readstep2.html
After installing the latest Adobe Reader, uninstall all previous versions.
If you already have Adobe Photoshop® Album Starter Edition installed or do not wish to have it installed UNcheck the box which says Also Download Adobe Photoshop® Album Starter Edition.
  • If you don't like Adobe Reader (53 MB), you can download Foxit PDF Reader(7 MB) from
here. It's a much smaller file to download and uses a lot less resources than Adobe Reader.
Note: When installing FoxitReader, be careful not to install anything to do with AskBar.

Install Java:

Please go here to install Java

  • click on the Free Java Download Button
  • click on Agree and start Free download
  • click on Run
  • click on run again
  • click on install
  • when install is complete click on close

Clean Out Temp Files

  • This small application you may want to keep and use once a week to keep the computer clean.
    Download CCleaner from here http://www.ccleaner.com/
    • Run the installer to install the application.
    • When it gives you the option to install Yahoo toolbar uncheck the box next to it.
    • Run CCleaner. (make sure under Windows tab all the boxes of Internet Explorer and Windows explorer are checked. Under System check Empty Recycle Bin and Temporary Files. Under Application tab all the boxes should be checked).
    • Click Run Cleaner.
    • Close CCleaner.

: Malwarebytes' Anti-Malware :

  • I would like you to rerun MBAM
  • Double-click mbam icon
  • go to the update tab at the top
  • click on check for updates
  • If an update is found, it will download and install the latest version.
  • Once the program has loaded, select Perform quick scan, then click Scan.
  • When the scan is complete, click OK, then Show Results to view the results.
  • Be sure that everything is Checked (ticked) except items in the C:\System Volume Information folder and click on Remove Selected.
  • When completed, a log will open in Notepad. please copy and paste the log into your next reply
    • If you accidentally close it, the log file is saved here and will be named like this:
    • C:\Documents and Settings\Username\Application Data\Malwarebytes\Malwarebytes' Anti-Malware\Logs\mbam-log-date (time).txt

Note: If MBAM encounters a file that is difficult to remove, you will be presented with 1 of 2 prompts.

Click OK to either and let MBAM proceed with the disinfection process.

If asked to restart the computer, please do so immediately. Failure to reboot will prevent MBAM from removing all the malware.

Download HijackThis

If you have any problems running Hijackthis see NOTE** below (Host file not read, blank notepad ...)

  • Go Here to download HijackThis Installer
  • Save HijackThis Installer to your desktop.
  • Double-click on the HijackThis Installer icon on your desktop. (Vista and Win 7 right click and run as admin)
  • By default it will install to C:\Program Files\Trend Micro\HijackThis .
  • Click on Install.
  • It will create a HijackThis icon on the desktop.
  • Once installed it will launch Hijackthis.
  • Click on the Do a system scan and save a log file button. It will scan and the log should open in notepad.
  • Click on Edit > Select All then click on Edit > Copy to copy the entire contents of the log.
  • Come back here to this thread and Paste the log in your next reply.
  • DO NOT use the Analyze This button its findings are dangerous if misinterpreted.
  • DO NOT have Hijackthis fix anything yet. Most of what it finds will be harmless or even required.

NOTE**

sometimes we have to run it like this To run HijackThis as an administrator, right-click HijackThis.exe

(located: C:\Program Files\Trend Micro\HiJackThis\HiJackThis.exe)<--32bit

(located: C:\Program Files(86)\Trend Micro\HiJackThis\HiJackThis.exe)<--64bit

and select to run as administrator

"information and logs"

  • In your next post I need the following
  1. Log From MBAM
  2. report from Hijackthis
  3. let me know of any problems you may have had
  4. How is the computer doing now?

Gringo

Link to post
Share on other sites

Malwarebytes Anti-Malware (Trial) 1.65.1.1000

www.malwarebytes.org

Database version: v2012.12.16.08

Windows 7 Service Pack 1 x86 NTFS

Internet Explorer 9.0.8112.16421

Braun :: BRAUN-PC [administrator]

Protection: Enabled

12/16/2012 10:31:23 PM

mbam-log-2012-12-16 (22-31-23).txt

Scan type: Full scan (C:\|)

Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM

Scan options disabled: P2P

Objects scanned: 339186

Time elapsed: 1 hour(s), 23 minute(s), 49 second(s)

Memory Processes Detected: 0

(No malicious items detected)

Memory Modules Detected: 0

(No malicious items detected)

Registry Keys Detected: 0

(No malicious items detected)

Registry Values Detected: 0

(No malicious items detected)

Registry Data Items Detected: 0

(No malicious items detected)

Folders Detected: 0

(No malicious items detected)

Files Detected: 0

(No malicious items detected)

(end)

Link to post
Share on other sites

I haven't experienced any issues with the computer. yay!

Logfile of Trend Micro HijackThis v2.0.4

Scan saved at 12:28:09 AM, on 12/17/2012

Platform: Windows 7 SP1 (WinNT 6.00.3505)

MSIE: Internet Explorer v9.00 (9.00.8112.16457)

Boot mode: Normal

Running processes:

C:\windows\system32\taskhost.exe

C:\windows\system32\Dwm.exe

C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe

C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe

C:\Program Files\Synaptics\SynTP\SynTPEnh.exe

C:\Program Files\TOSHIBA\Power Saver\TPwrMain.exe

C:\Program Files\TOSHIBA\SmoothView\SmoothView.exe

C:\Program Files\TOSHIBA\FlashCards\TCrdMain.exe

C:\Windows\WindowsMobile\wmdc.exe

C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe

C:\Program Files\Common Files\Java\Java Update\jusched.exe

C:\Program Files\iTunes\iTunesHelper.exe

C:\Program Files\Synaptics\SynTP\SynTPHelper.exe

C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSENotify.exe

C:\windows\system32\wuauclt.exe

C:\windows\explorer.exe

C:\Program Files\Mozilla Firefox\firefox.exe

C:\Program Files\Mozilla Firefox\plugin-container.exe

C:\windows\system32\SearchFilterHost.exe

C:\Users\Braun\Desktop\HijackThis.exe

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896

R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =

O2 - BHO: (no name) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - (no file)

O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll

O2 - BHO: Java Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll

O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll

O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll

O4 - HKLM\..\Run: [RtHDVCpl] "C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe"

O4 - HKLM\..\Run: [synTPEnh] "%ProgramFiles%\Synaptics\SynTP\SynTPEnh.exe"

O4 - HKLM\..\Run: [TPwrMain] "%ProgramFiles%\TOSHIBA\Power Saver\TPwrMain.EXE"

O4 - HKLM\..\Run: [smoothView] "%ProgramFiles%\Toshiba\SmoothView\SmoothView.exe"

O4 - HKLM\..\Run: [00TCrdMain] "%ProgramFiles%\TOSHIBA\FlashCards\TCrdMain.exe"

O4 - HKLM\..\Run: [ToshibaServiceStation] "C:\Program Files\TOSHIBA\TOSHIBA Service Station\ToshibaServiceStation.exe" /hide:60

O4 - HKLM\..\Run: [TosSENotify] "C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosWaitSrv.exe"

O4 - HKLM\..\Run: [Windows Mobile Device Center] "%windir%\WindowsMobile\wmdc.exe"

O4 - HKLM\..\Run: [dcmsvc] "C:\Program Files\dcmsvc\dcmsvc.exe"

O4 - HKLM\..\Run: [APSDaemon] "C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe"

O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime

O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"

O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"

O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe"

O4 - HKLM\..\RunOnce: [AvgUninstallURL] cmd.exe /c start http://www.avg.com/ww.special-uninstallation-feedback-appf?lic=OQBBAFYARgBSAEUARQAtAFYATgBKADMAMgAtAEcAMwBMAEEAQQAtAEEANAA4ADkAUgAtADkAVQBKAEsARgAtAEUASwBLADMAWAA"&"inst=NwA3AC0AMwAxADgAOAA1ADYANAAxADgALQBGAFAAOQArADYALQBCAEEAUgA5AEcAKwAxAC0AVABCADkAKwAyAC0ARgBMACsAOQAtAFgATwAzADYAKwAxAC0ARgA5AE0ANwBDACsANQAtAEYAOQBNADEAMABCACsAMQA"&"prod=90"&"ver=9.0.872

O4 - Startup: MP3 Rocket (Minimized).lnk = C:\Program Files\MP3 Rocket\MP3Rocket.exe

O4 - Startup: Stardock ObjectDock.lnk = C:\Program Files\Stardock\ObjectDockFree\ObjectDock.exe

O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MIF5BA~1\Office12\EXCEL.EXE/3000

O8 - Extra context menu item: eBay Search - res://C:\Program Files\eBay\eBay Toolbar2\eBayTb.dll/RCSearch.html

O9 - Extra button: @C:\Program Files\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll

O9 - Extra 'Tools' menuitem: @C:\Program Files\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll

O9 - Extra button: @C:\windows\WindowsMobile\INetRepl.dll,-222 - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\windows\WindowsMobile\INetRepl.dll

O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\windows\WindowsMobile\INetRepl.dll

O9 - Extra 'Tools' menuitem: @C:\windows\WindowsMobile\INetRepl.dll,-223 - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\windows\WindowsMobile\INetRepl.dll

O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MIF5BA~1\Office12\REFIEBAR.DLL

O10 - Unknown file in Winsock LSP: c:\program files\common files\microsoft shared\windows live\wlidnsp.dll

O10 - Unknown file in Winsock LSP: c:\program files\common files\microsoft shared\windows live\wlidnsp.dll

O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics

O16 - DPF: {40F576AD-8680-4F9E-9490-99D069CD665F} (System Requirements Lab Class) - http://srtest-cdn.systemrequirementslab.com.s3.amazonaws.com/bin/sysreqlabdetect.cab

O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll

O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe

O23 - Service: AMD External Events Utility - AMD - C:\windows\system32\atiesrxx.exe

O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe

O23 - Service: ConfigFree WiMAX Service (cfWiMAXService) - TOSHIBA CORPORATION - C:\Program Files\TOSHIBA\ConfigFree\CFIWmxSvcs.exe

O23 - Service: ConfigFree Service - TOSHIBA CORPORATION - C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe

O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe

O23 - Service: LogMeIn Rescue (b12ad326-96b3-4d55-9b4a-a25b6aa153f0) (LMIRescue_b12ad326-96b3-4d55-9b4a-a25b6aa153f0) - Unknown owner - C:\Users\Braun\AppData\Local\Temp\LMIR0002.tmp\LMI_Rescue_srv.exe (file missing)

O23 - Service: LogMeIn Rescue (f476620f-fe55-469d-95d3-66e2919ec40f) (LMIRescue_f476620f-fe55-469d-95d3-66e2919ec40f) - Unknown owner - C:\Users\Braun\AppData\Local\Temp\LMIR0001.tmp\LMI_Rescue_srv.exe (file missing)

O23 - Service: MBAMScheduler - Malwarebytes Corporation - C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe

O23 - Service: MBAMService - Malwarebytes Corporation - C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe

O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe

O23 - Service: Nero BackItUp Scheduler 4.0 - Nero AG - C:\Program Files\Common Files\Nero\Nero BackItUp 4\NBService.exe

O23 - Service: TMachInfo - TOSHIBA Corporation - C:\Program Files\TOSHIBA\TOSHIBA Service Station\TMachInfo.exe

O23 - Service: TOSHIBA Optical Disc Drive Service (TODDSrv) - TOSHIBA Corporation - C:\Windows\system32\TODDSrv.exe

O23 - Service: TOSHIBA Power Saver (TosCoSrv) - TOSHIBA Corporation - C:\Program Files\TOSHIBA\Power Saver\TosCoSrv.exe

O23 - Service: TOSHIBA HDD SSD Alert Service - TOSHIBA Corporation - C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSmartSrv.exe

O23 - Service: Webroot Client Service (WRConsumerService) - Unknown owner - C:\Program Files\Webroot\WebrootSecurity\WRConsumerService.exe (file missing)

--

End of file - 8105 bytes

Link to post
Share on other sites

  • Staff

Greetings

These logs are looking very good, we are almost done!!! Just one more scan to go.

:Remove unneeded start-up entries:

This part of the fix is purely optional

These are programs that start up when you turn on your computer but don't need to be, any of these programs you can click on their icons (or start from the control panel) and start the program when you need it. By stopping these programs you will boot up faster and your computer will work faster.

If you have any problems running Hijackthis see NOTE** below (Host file not read, blank notepad ...)

[*] Close all open windows and browsers/email, etc...

[*] Click on the "Fix Checked" button

[*] When completed, close the application.

  • NOTE**You can research each of those lines
>here< and see if you want to keep them or not
just copy the name between the brackets and paste into the search space
O4 - HKLM\..\Run: [IntelliPoint]

NOTE**

sometimes we have to run it like this To run HijackThis as an administrator, right-click HijackThis.exe

(located: C:\Program Files\Trend Micro\HiJackThis\HiJackThis.exe)<--32bit

(located: C:\Program Files(86)\Trend Micro\HiJackThis\HiJackThis.exe)<--64bit

and select to run as administrator

Eset Online Scanner

**Note** You will need to use Internet explorer for this scan - Vista and win 7 right click on IE shortcut and run as admin

Go Eset web page to run an online scanner from ESET.

  • Turn off the real time scanner of any existing antivirus program while performing the online scan
  • click on the Run ESET Online Scanner button
  • Tick the box next to YES, I accept the Terms of Use.
    • Click Start

    [*]When asked, allow the add/on to be installed

    • Click Start

    [*]Make sure that the option Remove found threats is unticked

    [*]Click on Advanced Settings, ensure the options

    • Scan for potentially unwanted applications, Scan for potentially unsafe applications, and Enable Anti-Stealth Technology are ticked.

    [*]Click Scan

    [*]wait for the virus definitions to be downloaded

    [*]Wait for the scan to finish

When the scan is complete

  • If no threats were found
    • put a checkmark in "Uninstall application on close"
    • close program
    • report to me that nothing was found

  • If threats were found
    • click on "list of threats found"
    • click on "export to text file" and save it as ESET SCAN and save to the desktop
    • Click on back
    • put a checkmark in "Uninstall application on close"
    • click on finish
    • close program
    • copy and paste the report here

Gringo

Link to post
Share on other sites

  • Staff

Greetings

I have not heard from you in a couple of days so I am coming by to check on you to see if you are having problems or you just need some more time.

Also to remind you that it is very important that we finish the process completely so as to not get reinfected. I will let you know when we are complete and I will ask to remove our tools

Gringo

Link to post
Share on other sites