Jump to content

youtube coupondropdown is back


agozar

Recommended Posts

Hello,

i used mbam a couple of months ago. I think i hunted the same problem as i do now, the youtube coupondropdown. Then it was gone, but it is back now. The MBAM says there is nothing wrong. So i post here the <dds-attach-adcleaner-mbam> report logs. Thank you

DDS.TXT

===================================================

DDS (Ver_2012-11-20.01) - NTFS_x86

Internet Explorer: 9.0.8112.16457 BrowserJavaVersion: 10.7.2

Run by A at 16:57:58 on 2013-02-14

.

============== Running Processes ================

.

C:\Windows\system32\wininit.exe

C:\Windows\system32\lsm.exe

C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe

C:\Windows\system32\Ati2evxx.exe

C:\Windows\system32\SLsvc.exe

C:\Windows\system32\Ati2evxx.exe

C:\Program Files\AVAST Software\Avast\AvastSvc.exe

C:\Program Files\AVAST Software\Avast\afwServ.exe

C:\Windows\system32\Dwm.exe

C:\Windows\Explorer.EXE

C:\Windows\System32\spoolsv.exe

C:\Windows\system32\taskeng.exe

C:\Windows\system32\taskeng.exe

C:\Windows\system32\taskeng.exe

C:\Program Files\FinalMediaPlayer\FMPCheckForUpdates.exe

C:\Program Files\Windows Defender\MSASCui.exe

C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe

C:\Windows\system32\agrsmsvc.exe

C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe

C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTMon.exe

C:\Windows\system32\lxctcoms.exe

E:\Bac\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe

E:\Bac\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe

E:\Bac\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe

C:\Program Files\TOSHIBA\TOSHIBA HD DVD PLAYER\TNaviSrv.exe

C:\Windows\system32\TODDSrv.exe

C:\Program Files\TOSHIBA\Power Saver\TosCoSrv.exe

c:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtSrv.exe

C:\Windows\system32\SearchIndexer.exe

C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe

C:\Program Files\Windows Media Player\wmpnscfg.exe

C:\Windows\RtHDVCpl.exe

C:\Program Files\TOSHIBA\Power Saver\TPwrMain.exe

C:\Program Files\Windows Media Player\wmpnetwk.exe

C:\Program Files\TOSHIBA\SmoothView\SmoothView.exe

C:\Program Files\TOSHIBA\FlashCards\TCrdMain.exe

C:\Program Files\TOSHIBA\ConfigFree\NDSTray.exe

C:\Program Files\IDM\Desktop SMS\DesktopSMS.exe

C:\Program Files\TOSHIBA\Toshiba Online Product Information\TOPI.exe

C:\Program Files\Camera Assistant Software for Toshiba\traybar.exe

C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe

C:\Program Files\DivX\DivX Update\DivXUpdate.exe

C:\Program Files\AVAST Software\Avast\AvastUI.exe

C:\Program Files\Synaptics\SynTP\SynTPEnh.exe

C:\Program Files\Common Files\Java\Java Update\jusched.exe

C:\Program Files\Wetelecom\LoadMdm.exe

C:\Program Files\Windows Sidebar\sidebar.exe

C:\Program Files\TOSHIBA\TOSCDSPD\TOSCDSPD.exe

C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe

C:\Windows\ehome\ehtray.exe

C:\Program Files\Skype\Phone\Skype.exe

C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtMng.exe

C:\Program Files\McAfee Security Scan\3.0.318\SSScheduler.exe

C:\Program Files\OpenOffice.org 3\program\soffice.exe

C:\Program Files\Synaptics\SynTP\SynToshiba.exe

C:\Program Files\OpenOffice.org 3\program\soffice.bin

C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.EXE

C:\Program Files\Camera Assistant Software for Toshiba\CEC_MAIN.exe

C:\Program Files\TOSHIBA\ConfigFree\CFSwMgr.exe

C:\Windows\ehome\ehmsas.exe

C:\Program Files\Windows Mail\WinMail.exe

c:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosA2dp.exe

c:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtHid.exe

c:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtHsp.exe

C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe

C:\Program Files\Synaptics\SynTP\SynTPHelper.exe

C:\Windows\system32\conime.exe

C:\Windows\system32\wuauclt.exe

E:\Bac\Program Files\Firefox\firefox.exe

E:\Bac\Program Files\Firefox\plugin-container.exe

C:\Windows\system32\Macromed\Flash\FlashPlayerPlugin_11_5_502_149.exe

C:\Windows\system32\Macromed\Flash\FlashPlayerPlugin_11_5_502_149.exe

E:\Bac\Program Files\TeXnicCenter\TEXCNTR.EXE

C:\Windows\system32\svchost.exe -k DcomLaunch

C:\Windows\system32\svchost.exe -k rpcss

C:\Windows\System32\svchost.exe -k secsvcs

C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted

C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted

C:\Windows\system32\svchost.exe -k netsvcs

C:\Windows\system32\svchost.exe -k GPSvcGroup

C:\Windows\system32\svchost.exe -k LocalService

C:\Windows\system32\svchost.exe -k NetworkService

C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork

C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted

C:\Windows\system32\svchost.exe -k imgsvc

C:\Windows\System32\svchost.exe -k WerSvcGroup

C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation

.

============== Pseudo HJT Report ===============

.

uStart Page = hxxp://www.google.com

uURLSearchHooks: {4daac69c-cba7-45e2-9bc8-1044483d3352} - <orphaned>

BHO: &Yahoo! Toolbar Helper: {02478D38-C3F9-4efb-9B51-7695ECA05670} - c:\program files\yahoo!\companion\installs\cpn\yt.dll

BHO: MSS+ Identifier: {0E8A89AD-95D7-40EB-8D9D-083EF7066A01} - c:\program files\mcafee security scan\3.0.318\McAfeeMSS_IE.dll

BHO: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelperShim.dll

BHO: Java™ Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - e:\bac\program files\java\bin\ssv.dll

BHO: avast! WebRep: {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - c:\program files\avast software\avast\aswWebRepIE.dll

BHO: Google Toolbar Helper: {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\google toolbar\GoogleToolbar_32.dll

BHO: Java™ Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - e:\bac\program files\java\bin\jp2ssv.dll

BHO: SingleInstance Class: {FDAD4DA1-61A2-4FD8-9C17-86F7AC245081} - c:\program files\yahoo!\companion\installs\cpn\YTSingleInstance.dll

TB: Google Toolbar: {2318C2B1-4965-11D4-9B18-009027A5CD4F} - c:\program files\google\google toolbar\GoogleToolbar_32.dll

TB: Yahoo! Toolbar: {EF99BD32-C1FB-11D2-892F-0090271D4F88} - c:\program files\yahoo!\companion\installs\cpn\yt.dll

TB: avast! WebRep: {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - c:\program files\avast software\avast\aswWebRepIE.dll

TB: Google Toolbar: {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\google toolbar\GoogleToolbar_32.dll

uRun: [sidebar] c:\program files\windows sidebar\sidebar.exe /autoRun

uRun: [TOSCDSPD] c:\program files\toshiba\toscdspd\TOSCDSPD.exe

uRun: [swg] "c:\program files\google\googletoolbarnotifier\GoogleToolbarNotifier.exe"

uRun: [ehTray.exe] c:\windows\ehome\ehTray.exe

uRun: [WMPNSCFG] c:\program files\windows media player\WMPNSCFG.exe

uRun: [skype] "c:\program files\skype\phone\Skype.exe" /minimized /regrun

mRun: [Windows Defender] c:\program files\windows defender\MSASCui.exe -hide

mRun: [KeNotify] c:\program files\toshiba\utilities\KeNotify.exe

mRun: [sVPWUTIL] c:\program files\toshiba\utilities\SVPWUTIL.exe SVPwUTIL

mRun: [HWSetup] \HWSetup.exe hwSetUP

mRun: [RtHDVCpl] RtHDVCpl.exe

mRun: [TPwrMain] c:\program files\toshiba\power saver\TPwrMain.EXE

mRun: [HSON] c:\program files\toshiba\tbs\HSON.exe

mRun: [smoothView] c:\program files\toshiba\smoothview\SmoothView.exe

mRun: [00TCrdMain] c:\program files\toshiba\flashcards\TCrdMain.exe

mRun: [NDSTray.exe] NDSTray.exe

mRun: [Desktop SMS] c:\program files\idm\desktop sms\DesktopSMS.exe /auto

mRun: [topi] c:\program files\toshiba\toshiba online product information\topi.exe -startup

mRun: [skytel] Skytel.exe

mRun: [startCCC] "c:\program files\ati technologies\ati.ace\core-static\CLIStart.exe"

mRun: [Camera Assistant Software] "c:\program files\camera assistant software for toshiba\traybar.exe"

mRun: [synTPStart] c:\program files\synaptics\syntp\SynTPStart.exe

mRun: [Toshiba Registration] c:\program files\toshiba\registration\ToshibaRegistration.exe

mRun: [iAAnotif] c:\program files\intel\intel matrix storage manager\iaanotif.exe

mRun: [synTPEnh] c:\program files\synaptics\syntp\SynTPEnh.exe

mRun: [DivXUpdate] "c:\program files\divx\divx update\DivXUpdate.exe" /CHECKNOW

mRun: [avast] "c:\program files\avast software\avast\avastUI.exe" /nogui

mRun: [sunJavaUpdateSched] "c:\program files\common files\java\java update\jusched.exe"

mRun: [VDownloader] e:\bac\program files\vdownloader\VDownloader.exe /silent

mRun: [Adobe ARM] "c:\program files\common files\adobe\arm\1.0\AdobeARM.exe"

mRun: [LoadMdm] c:\program files\wetelecom\LoadMdm.exe

mPolicies-Explorer: BindDirectlyToPropertySetStorage = dword:0

mPolicies-System: EnableUIADesktopToggle = dword:0

IE: E&xporter vers Microsoft Excel - c:\progra~1\micros~2\office12\EXCEL.EXE/3000

IE: {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - {CAFEEFAC-0016-0000-0000-ABCDEFFEDCBC} - e:\bac\program files\java\bin\jp2iexp.dll

IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - c:\program files\microsoft office\office12\ONBttnIE.dll

IE: {76577871-04EC-495E-A12B-91F7C3600AFA} - http://rover.ebay.co...-44555-9400-3/4

IE: {8A918C1D-E123-4E36-B562-5C1519E434CE} - http://www.amazon.fr...nk-21&site=home

IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503}

IE: {C08CAF1D-C0A3-40D5-9970-06D067EAC017} - http://www.webtip.ch...acker_url.pl?FR

DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0-windows-i586.cab

DPF: {CAFEEFAC-0016-0000-0000-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0-windows-i586.cab

DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0-windows-i586.cab

DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab

TCP: NameServer = 192.168.1.254

TCP: Interfaces\{09D3E7A3-EBAA-41F3-8727-63E730142A80} : DHCPNameServer = 192.168.1.254

TCP: Interfaces\{0CD10193-1D2D-4EAD-B773-4C787342C064} : DHCPNameServer = 212.27.40.241 212.27.40.240

Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - c:\program files\common files\skype\Skype4COM.dll

LSA: Security Packages = kerberos msv1_0 schannel wdigest tspkg

.

============= SERVICES / DRIVERS ===============

.

R? clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86

R? CplIR;Embedded IR Driver

R? fbxusb;Carte r‚seau virtuelle FreeBox USB (32 bits)

R? McComponentHostService;McAfee Security Scan Component Host Service

R? SkypeUpdate;Skype Updater

R? TpChoice;Touch Pad Detection Filter driver

R? wmdusbser;Wetelecom USB Device for Legacy Serial Communication

R? WPFFontCache_v0400;Cache de police de Windows Presentation Foundation 4.0.0.0

S? aswFsBlk;aswFsBlk

S? aswFW;avast! TDI Firewall driver

S? aswKbd;aswKbd

S? aswMonFlt;aswMonFlt

S? aswNdis;avast! Firewall NDIS Filter Service

S? aswNdis2;avast! Firewall Core Firewall Service

S? aswSnx;aswSnx

S? aswSP;aswSP

S? avast! Antivirus;avast! Antivirus

S? avast! Firewall;avast! Firewall

S? FontCache;Service de cache de police Windows

S? MBAMProtector;MBAMProtector

S? MBAMScheduler;MBAMScheduler

S? MBAMService;MBAMService

S? NETw5v32;Intel® Wireless WiFi Link 5000 Series Adapter Driver for Windows Vista 32 Bit

.

=============== Created Last 30 ================

.

2013-02-14 12:15:50 60872 ----a-w- c:\programdata\microsoft\windows defender\definition updates\{14331cad-38c3-4cee-b009-d59353647bd7}\offreg.dll

2013-02-12 09:07:11 6991832 ----a-w- c:\programdata\microsoft\windows defender\definition updates\{14331cad-38c3-4cee-b009-d59353647bd7}\mpengine.dll

2013-02-09 11:09:54 -------- d-----w- c:\users\a\appdata\roaming\OpenOffice.org

2013-02-09 11:01:26 -------- d-----w- c:\program files\OpenOffice.org 3

2013-01-23 09:26:08 -------- d-----r- c:\program files\Skype

.

==================== Find3M ====================

.

2013-02-09 20:49:11 74096 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl

2013-02-09 20:49:11 697712 ----a-w- c:\windows\system32\FlashPlayerApp.exe

2013-01-17 00:28:58 232336 ------w- c:\windows\system32\MpSigStub.exe

2012-12-16 13:12:54 34304 ----a-w- c:\windows\system32\atmlib.dll

2012-12-16 10:50:29 293376 ----a-w- c:\windows\system32\atmfd.dll

2012-11-23 01:35:53 2048000 ----a-w- c:\windows\system32\win32k.sys

2012-11-20 04:22:50 204288 ----a-w- c:\windows\system32\ncrypt.dll

2010-01-26 09:11:08 444283 ----a-w- c:\program files\common files\WinPcapNmap.exe

.

============= FINISH: 17:00:09,21 ===============

ATTACH.TXT.

==== Installed Programs ======================

.

Adobe Flash Player 11 ActiveX

Adobe Flash Player 11 Plugin

Adobe Reader X (10.1.5) - Français

ATI Catalyst Install Manager

avast! Internet Security

Bluetooth Stack for Windows by Toshiba

Camera Assistant Software for Toshiba

Catalyst Control Center - Branding

Catalyst Control Center Core Implementation

Catalyst Control Center Graphics Full Existing

Catalyst Control Center Graphics Full New

Catalyst Control Center Graphics Light

Catalyst Control Center Graphics Previews Common

Catalyst Control Center Graphics Previews Vista

Catalyst Control Center Localization Chinese Standard

Catalyst Control Center Localization Chinese Traditional

Catalyst Control Center Localization Czech

Catalyst Control Center Localization Danish

Catalyst Control Center Localization Dutch

Catalyst Control Center Localization Finnish

Catalyst Control Center Localization French

Catalyst Control Center Localization German

Catalyst Control Center Localization Greek

Catalyst Control Center Localization Hungarian

Catalyst Control Center Localization Italian

Catalyst Control Center Localization Japanese

Catalyst Control Center Localization Korean

Catalyst Control Center Localization Norwegian

Catalyst Control Center Localization Polish

Catalyst Control Center Localization Portuguese

Catalyst Control Center Localization Russian

Catalyst Control Center Localization Spanish

Catalyst Control Center Localization Swedish

Catalyst Control Center Localization Thai

Catalyst Control Center Localization Turkish

ccc-core-static

ccc-utility

CCC Help Chinese Standard

CCC Help Chinese Traditional

CCC Help Czech

CCC Help Danish

CCC Help Dutch

CCC Help English

CCC Help Finnish

CCC Help French

CCC Help German

CCC Help Greek

CCC Help Hungarian

CCC Help Italian

CCC Help Japanese

CCC Help Korean

CCC Help Norwegian

CCC Help Polish

CCC Help Portuguese

CCC Help Russian

CCC Help Spanish

CCC Help Swedish

CCC Help Thai

CCC Help Turkish

Codeur Windows Media Série 9

Configuration DivX

Desktop SMS

Emdedded IR Driver

Final Media Player 2010

FoxTab FLV Player

Google Toolbar for Internet Explorer

Google Update Helper

GPL Ghostscript 8.61

GPL Ghostscript Fonts

GSview 4.9

Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)

Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484)

Intel Matrix Storage Manager

Java 7 Update 7

Java Auto Updater

Java™ SE Runtime Environment 6

JavaFX 2.1.1

Malwarebytes Anti-Malware version 1.65.1.1000

McAfee Security Scan Plus

Microsoft .NET Framework 3.5 Language Pack SP1 - fra

Microsoft .NET Framework 3.5 SP1

Microsoft .NET Framework 4 Client Profile

Microsoft .NET Framework 4 Client Profile FRA Language Pack

Microsoft .NET Framework 4 Extended

Microsoft .NET Framework 4 Extended FRA Language Pack

Microsoft Office Excel MUI (French) 2007

Microsoft Office Home and Student 2007

Microsoft Office OneNote MUI (French) 2007

Microsoft Office PowerPoint MUI (French) 2007

Microsoft Office Proof (Arabic) 2007

Microsoft Office Proof (Dutch) 2007

Microsoft Office Proof (English) 2007

Microsoft Office Proof (French) 2007

Microsoft Office Proof (German) 2007

Microsoft Office Proof (Spanish) 2007

Microsoft Office Proofing (French) 2007

Microsoft Office Shared MUI (French) 2007

Microsoft Office Word MUI (French) 2007

Microsoft Save as PDF or XPS Add-in for 2007 Microsoft Office programs

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161

Microsoft XML Parser

MiKTeX 2.9

Module linguistique Microsoft .NET Framework 3.5 SP1- fra

Module linguistique Microsoft .NET Framework 4 Client Profile FRA

Module linguistique Microsoft .NET Framework 4 Extended FRA

Mozilla Firefox 18.0.2 (x86 fr)

MSXML 4.0 SP2 (KB927978)

MSXML 4.0 SP2 (KB954430)

MSXML 4.0 SP2 (KB973688)

myphotobook 3.1

OpenOffice.org 3.4.1

Realtek 8169 PCI, 8168 and 8101E PCIe Ethernet Network Card Driver for Windows Vista

Realtek High Definition Audio Driver

Réducteur de bruit lect. CD/DVD

Security Update for Microsoft .NET Framework 3.5 SP1 (KB2604111)

Security Update for Microsoft .NET Framework 3.5 SP1 (KB2657424)

Security Update for Microsoft .NET Framework 3.5 SP1 (KB2736416)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2518870)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2539636)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2572078)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2604121)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2633870)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2656351)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368v2)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2656405)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2686827)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2729449)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2736428)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2737019)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2742595)

Security Update for Microsoft .NET Framework 4 Extended (KB2487367)

Security Update for Microsoft .NET Framework 4 Extended (KB2656351)

Security Update for Microsoft .NET Framework 4 Extended (KB2736428)

Security Update for Microsoft .NET Framework 4 Extended (KB2742595)

Security Update for Module linguistique Microsoft .NET Framework 4 Client Profile FRA (KB2518870)

Security Update for Windows Media Encoder (KB2447961)

Security Update for Windows Media Encoder (KB954156)

Skins

Skype™ 6.1

SweetIM for Messenger 3.3

Synaptics Pointing Device Driver

Texas Instruments PCIxx21/x515/xx12 drivers.

TeXnicCenter Version 1.0 Stable RC1

TeXnicCenter Version 2.0 Alpha 4

TIPCI

Torrent Stream (remove only)

TOSHIBA Assist

TOSHIBA ConfigFree

TOSHIBA Disc Creator

TOSHIBA Extended Tiles for Windows Mobility Center

TOSHIBA Flash Cards Support Utility

TOSHIBA Hardware Setup

TOSHIBA HD DVD PLAYER

TOSHIBA Mot de passe responsable

Toshiba Online Product Information

TOSHIBA SD Memory Utilities

TOSHIBA Software Modem

TOSHIBA Supervisor Password

TOSHIBA Value Added Package

Update for Microsoft .NET Framework 3.5 SP1 (KB963707)

Update for Microsoft .NET Framework 4 Client Profile (KB2468871)

Update for Microsoft .NET Framework 4 Client Profile (KB2533523)

Update for Microsoft .NET Framework 4 Client Profile (KB2600217)

Update for Microsoft .NET Framework 4 Extended (KB2468871)

Update for Microsoft .NET Framework 4 Extended (KB2533523)

Update for Microsoft .NET Framework 4 Extended (KB2600217)

Utility Common Driver

VC80CRTRedist - 8.0.50727.6195

VDownloader 3.9.1326

Wetelecom

Windows Media Player Firefox Plugin

WinRAR 4.00 beta 3 (32-bit)

Yahoo! Detect

Yahoo! Software Update

Yahoo! Toolbar

.

==== End Of File ===========================

AdwCleaner[R2].TXT

===================================================

# AdwCleaner v2.112 - Rapport créé le 14/02/2013 à 17:02:55

# Mis à jour le 10/02/2013 par Xplode

# Système d'exploitation : Windows Vista ™ Home Premium Service Pack 2 (32 bits)

# Nom d'utilisateur : A - PC-DE-A

# Mode de démarrage : Normal

# Exécuté depuis : C:\Users\A\Downloads\adwcleaner0.exe

# Option [Recherche]

***** [services] *****

***** [Fichiers / Dossiers] *****

***** [Registre] *****

Clé Présente : HKCU\Software\1ClickDownload

Clé Présente : HKCU\Software\InstallCore

Clé Présente : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\{BF67F764-95B6-4360-BB57-B2E5AA6C814B}

Clé Présente : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{02478D38-C3F9-4EFB-9B51-7695ECA05670}

Clé Présente : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{02478D38-C3F9-4EFB-9B51-7695ECA05670}

Clé Présente : HKLM\SOFTWARE\Classes\CLSID\{02478D38-C3F9-4EFB-9B51-7695ECA05670}

Clé Présente : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Scheduled Update for Ask Toolbar

Clé Présente : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{02478D38-C3F9-4EFB-9B51-7695ECA05670}

Clé Présente : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{02478D38-C3F9-4EFB-9B51-7695ECA05670}

Clé Présente : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\0238BBE24EA3A70408B81E4BB89C15E5

Clé Présente : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\02F47BF73B948514FAACADD8CBBDF37D

Clé Présente : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\07D5290CDBDAE4242926B8E6CA650501

Clé Présente : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\080D9F5E1E95FEE4794CE438E635239E

Clé Présente : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\08E33F7B61DEFF24BB9673ED7D467636

Clé Présente : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\0CFE535C35F99574E8340BFA75BF92C2

Clé Présente : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\0E3D8A5B48622A445A7DF73FEFF32C3F

Clé Présente : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\120DFADEB50841F408F04D2A278F9509

Clé Présente : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\1E264E0A5959A1C46BA9175A878B12EA

Clé Présente : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\29799DE249E7DBC459FC6C8F07EB8375

Clé Présente : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\2E6768B6932D112438F047C54D180635

Clé Présente : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\34EDDB1BFB3A2D448845F3EFD0F15A43

Clé Présente : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\351716A953E21214898904032EAE2E81

Clé Présente : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\397C771A7BCAC904697C3EC629ED33ED

Clé Présente : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\427EA997C413D1D47907CBFC7B2DB432

Clé Présente : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\4318DF19719275242801CBE292063A4C

Clé Présente : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\45FC115D1FEAEF849A4E1610D6EC8BF0

Clé Présente : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\46A5861A389ADB844AF89E31BC9DF0A1

Clé Présente : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\49B0E1A6FF50BBE4289E4E23DE6EA0C7

Clé Présente : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\4CCCAC049F34D0540AAC13011398BEDB

Clé Présente : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\5C4389D0BFB302C479DE4178BD5D9EBA

Clé Présente : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\5D2B09BDEF4FE54418E6F3373CDBC7AC

Clé Présente : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\61B65D3397A1FBF4CB1571B5E4F6B5B0

Clé Présente : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\68E8A05C60DD9254591DBD16C94EDDBF

Clé Présente : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\697E782CF574CC34CBB9566440BA12BC

Clé Présente : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\69D6A6B2ED56AF24EA6335EAD6E91CA4

Clé Présente : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\6AE27A8613CF7EA4782F2886F67295E5

Clé Présente : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\7CE172051F585E04187BCB97570BFA74

Clé Présente : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\7FFA128C2B0FF414D805FC5627883401

Clé Présente : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\86A901BA5265452499DCBF719C378EE3

Clé Présente : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\86EDC790504E1834DBC20C9A04328FD2

Clé Présente : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\88ABD1CD5C40EC84789A7F6EF86DAC5E

Clé Présente : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\97C3D0F82E712E241A2F969F45E3351C

Clé Présente : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\980289C22F80A7C4BB9323DC61255E4E

Clé Présente : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\98CC8BF5A4A6E6C4ABF7051DDAB8B058

Clé Présente : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\9A4B7EF3789F871419D9302583B20C15

Clé Présente : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\9E7F556BF224D804D96A96F0F6344789

Clé Présente : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\A189D17A469616C4688D23E192996267

Clé Présente : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\A6C53B0F76C44004A8F36716213017DB

Clé Présente : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\AB676B0E1B9EFA049B9F7DDDA9645734

Clé Présente : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\B59F2D8189784CC46A4597F2842480B0

Clé Présente : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\B5BAE2ED018083A4C8DA86D6E3F4B024

Clé Présente : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\BD746FB95FB8E5B45BF66BE54D5FD91F

Clé Présente : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\BF4F885EDEE45644EB1E0C99E0162399

Clé Présente : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\CCF399FCD6D2D3F46BF02A1378654FC9

Clé Présente : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\CE21F3FD57B244142880EF15A165A156

Clé Présente : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\D149C1355C98DE24E82CEFBD996FE06A

Clé Présente : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\D15DAF33C220F91468A1D7D57C31ACD7

Clé Présente : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\D3BA76A44C779424889063D5098ED2D6

Clé Présente : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\D6D0EB9FDBD90C04D92A7E729058F10D

Clé Présente : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\DB59FDB786388EA4D897F3EE715683AC

Clé Présente : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\DB8DAD19CFBCC2049A4477183787E8C5

Clé Présente : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\E1C820A74ED67374BA048B52CB3C3804

Clé Présente : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\E4748F9A4181FCE46A23C13B517B9420

Clé Présente : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\EC65F200D112357449C8B1BC3CFA03D0

Clé Présente : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\F327D0C73C0973644A21E8CC852267A0

Clé Présente : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\FA96423FE2B98E248A3B23548D1E22D9

***** [Navigateurs] *****

-\\ Internet Explorer v9.0.8112.16457

[OK] Le registre ne contient aucune entrée illégitime.

-\\ Mozilla Firefox v18.0.2 (fr)

Fichier : C:\Users\A\AppDAtA\RoAming\MozillA\Firefox\Profiles\jt565p2v.default\prefs.js

[OK] Le fichier ne contient aucune entrée illégitime.

-\\ Google Chrome v [impossible d'obtenir la version]

Fichier : C:\Users\A\AppDAtA\LocAl\Google\Chrome\User DAtA\DefAult\Preferences

[OK] Le fichier ne contient aucune entrée illégitime.

*************************

AdwCleaner[R1].txt - [22706 octets] - [30/11/2012 11:59:47]

AdwCleaner[R2].txt - [9619 octets] - [14/02/2013 17:02:56]

AdwCleaner[s1].txt - [22398 octets] - [30/11/2012 12:00:41]

########## EOF - C:\AdwCleaner[R2].txt - [9740 octets] ##########

MBAM.TXT

===================================================

Malwarebytes Anti-Malware 1.70.0.1100

www.malwarebytes.org

Database version: v2013.02.14.06

Windows Vista Service Pack 2 x86 NTFS

Internet Explorer 9.0.8112.16421

A :: PC-DE-A [administrator]

14/02/2013 17:11:58

mbam-log-2013-02-14 (17-11-58).txt

Scan type: Quick scan

Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM

Scan options disabled: P2P

Objects scanned: 206682

Time elapsed: 23 minute(s), 15 second(s)

Memory Processes Detected: 0

(No malicious items detected)

Memory Modules Detected: 0

(No malicious items detected)

Registry Keys Detected: 0

(No malicious items detected)

Registry Values Detected: 0

(No malicious items detected)

Registry Data Items Detected: 0

(No malicious items detected)

Folders Detected: 0

(No malicious items detected)

Files Detected: 0

(No malicious items detected)

(end)

Link to post
Share on other sites

  • Staff

Greetings and Welcome to The Forums!!

My name is Gringo and I'll be glad to help you with your malware problems.

I have put together somethings for you to keep in mind while I am helping you to make things go easier and faster for both of us


  • Please do not run any tools unless instructed to do so.
    • We ask you to run different tools in a specific order to ensure the malware is completely removed from your machine, and running any additional tools may detect false positives, interfere with our tools, or cause unforeseen damage or system instability.

    [*]Please do not attach logs or use code boxes, just copy and paste the text.

    • Due to the high volume of logs we receive it helps to receive everything in the same format, and code boxes make the logs very difficult to read. Also, attachments require us to download and open the reports when it is easier to just read the reports in your post.

    [*]Please read every post completely before doing anything.

    • Pay special attention to the NOTE: lines, these entries identify an individual issue or important step in the cleanup process.

    [*]Please provide feedback about your experience as we go.

    • A short statement describing how the computer is working helps us understand where to go next, for example: I am still getting redirected, the computer is running normally, etc. Please do not describe the computer as "the same", this requires the extra step of looking back at your previous post.

NOTE: At the top of your post, click on the Watch Topic Button, select Immediate Notification, and click on Proceed. This will send you an e-mail as soon as I reply to your topic, allowing us to resolve the issue faster.

NOTE: Backup any files that cannot be replaced. Removing malware can be unpredictable and this step can save a lot of heartaches if things don't go as planed. You can put them on a CD/DVD, external drive or a pen drive, anywhere except on the computer.

NOTE: It is good practice to copy and paste the instructions into notepad and print them in case it is necessary for you to go offline during the cleanup process. To open notepad, navigate to Start Menu > All Programs > Accessories > Notepad. Please remember to copy the entire post so you do not miss any instructions.

These are the programs I would like you to run next, if you have any problems with these just skip it and run the next one.

-Security Check-

  • Download Security Check by screen317 from
here.
  • Save it to your Desktop.
  • Double click SecurityCheck.exe and follow the onscreen instructions inside of the black box.
  • A Notepad document should open automatically called checkup.txt; please post the contents of that document.

-AdwCleaner-

  • Please download
AdwCleaner by Xplode onto your desktop.
  • Close all open programs and internet browsers.
  • Double click on AdwCleaner.exe to run the tool.
  • Click on Delete.
  • Confirm each time with Ok.
  • Your computer will be rebooted automatically. A text file will open after the restart.
  • Please post the content of that logfile with your next answer.
  • You can find the logfile at C:\AdwCleaner[s1].txt as well.

--RogueKiller--

  • Download & SAVE to your Desktop RogueKiller or from here
    • Quit all programs that you may have started.
    • Please disconnect any USB or external drives from the computer before you run this scan!
    • For Vista or Windows 7, right-click and select "Run as Administrator to start"
    • For Windows XP, double-click to start.
    • Wait until Prescan has finished ...
    • Then Click on "Scan" button
    • Wait until the Status box shows "Scan Finished"
    • click on "delete"
    • Wait until the Status box shows "Deleting Finished"
    • Click on "Report" and copy/paste the content of the Notepad into your next reply.
    • The log should be found in RKreport[1].txt on your Desktop
    • Exit/Close RogueKiller+

Gringo

Link to post
Share on other sites

Hello, Gringo, thanks fro replying. It looks like RogueKiller found 2 files. Here are the reports.

================================================

SecurityCheck

Results of screen317's Security Check version 0.99.57

Windows Vista Service Pack 2 x86 (UAC is enabled)

Internet Explorer 9

``````````````Antivirus/Firewall Check:``````````````

WMI entry may not exist for antivirus; attempting automatic update.

`````````Anti-malware/Other Utilities Check:`````````

Malwarebytes Anti-Malware version 1.70.0.1100

JavaFX 2.1.1

Java 7 Update 7

Java SE Runtime Environment 6

Java version out of Date!

Adobe Flash Player 11.5.502.149

Adobe Reader 10.1.5 Adobe Reader out of Date!

````````Process Check: objlist.exe by Laurent````````

Windows Defender MSASCui.exe

Malwarebytes Anti-Malware mbamservice.exe

Malwarebytes Anti-Malware mbamgui.exe

Program Files Malwarebytes' Anti-Malware mbamscheduler.exe

Windows Defender MSASCui.exe

TOSHIBA Toshiba Online Product Information TOPI.exe

AVAST Software Avast AvastSvc.exe

AVAST Software Avast afwServ.exe

AVAST Software Avast AvastUI.exe

`````````````````System Health check`````````````````

Total Fragmentation on Drive C: %

````````````````````End of Log``````````````````````

======================================================

AdwCleaner[s2]

# AdwCleaner v2.112 - Rapport créé le 15/02/2013 à 09:47:49

# Mis à jour le 10/02/2013 par Xplode

# Système d'exploitation : Windows Vista Home Premium Service Pack 2 (32 bits)

# Nom d'utilisateur : A - PC-DE-A

# Mode de démarrage : Normal

# Exécuté depuis : C:\Users\A\Downloads\adwcleaner0.exe

# Option [suppression]

***** [services] *****

***** [Fichiers / Dossiers] *****

***** [Registre] *****

Clé Supprimée : HKCU\Software\1ClickDownload

Clé Supprimée : HKCU\Software\InstallCore

Clé Supprimée : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\{BF67F764-95B6-4360-BB57-B2E5AA6C814B}

Clé Supprimée : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{02478D38-C3F9-4EFB-9B51-7695ECA05670}

Clé Supprimée : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{02478D38-C3F9-4EFB-9B51-7695ECA05670}

Clé Supprimée : HKLM\SOFTWARE\Classes\CLSID\{02478D38-C3F9-4EFB-9B51-7695ECA05670}

Clé Supprimée : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{02478D38-C3F9-4EFB-9B51-7695ECA05670}

Clé Supprimée : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{02478D38-C3F9-4EFB-9B51-7695ECA05670}

Clé Supprimée : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\0238BBE24EA3A70408B81E4BB89C15E5

Clé Supprimée : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\02F47BF73B948514FAACADD8CBBDF37D

Clé Supprimée : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\07D5290CDBDAE4242926B8E6CA650501

Clé Supprimée : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\080D9F5E1E95FEE4794CE438E635239E

Clé Supprimée : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\08E33F7B61DEFF24BB9673ED7D467636

Clé Supprimée : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\0CFE535C35F99574E8340BFA75BF92C2

Clé Supprimée : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\0E3D8A5B48622A445A7DF73FEFF32C3F

Clé Supprimée : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\120DFADEB50841F408F04D2A278F9509

Clé Supprimée : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\1E264E0A5959A1C46BA9175A878B12EA

Clé Supprimée : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\29799DE249E7DBC459FC6C8F07EB8375

Clé Supprimée : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\2E6768B6932D112438F047C54D180635

Clé Supprimée : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\34EDDB1BFB3A2D448845F3EFD0F15A43

Clé Supprimée : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\351716A953E21214898904032EAE2E81

Clé Supprimée : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\397C771A7BCAC904697C3EC629ED33ED

Clé Supprimée : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\427EA997C413D1D47907CBFC7B2DB432

Clé Supprimée : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\4318DF19719275242801CBE292063A4C

Clé Supprimée : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\45FC115D1FEAEF849A4E1610D6EC8BF0

Clé Supprimée : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\46A5861A389ADB844AF89E31BC9DF0A1

Clé Supprimée : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\49B0E1A6FF50BBE4289E4E23DE6EA0C7

Clé Supprimée : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\4CCCAC049F34D0540AAC13011398BEDB

Clé Supprimée : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\5C4389D0BFB302C479DE4178BD5D9EBA

Clé Supprimée : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\5D2B09BDEF4FE54418E6F3373CDBC7AC

Clé Supprimée : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\61B65D3397A1FBF4CB1571B5E4F6B5B0

Clé Supprimée : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\68E8A05C60DD9254591DBD16C94EDDBF

Clé Supprimée : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\697E782CF574CC34CBB9566440BA12BC

Clé Supprimée : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\69D6A6B2ED56AF24EA6335EAD6E91CA4

Clé Supprimée : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\6AE27A8613CF7EA4782F2886F67295E5

Clé Supprimée : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\7CE172051F585E04187BCB97570BFA74

Clé Supprimée : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\7FFA128C2B0FF414D805FC5627883401

Clé Supprimée : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\86A901BA5265452499DCBF719C378EE3

Clé Supprimée : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\86EDC790504E1834DBC20C9A04328FD2

Clé Supprimée : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\88ABD1CD5C40EC84789A7F6EF86DAC5E

Clé Supprimée : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\97C3D0F82E712E241A2F969F45E3351C

Clé Supprimée : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\980289C22F80A7C4BB9323DC61255E4E

Clé Supprimée : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\98CC8BF5A4A6E6C4ABF7051DDAB8B058

Clé Supprimée : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\9A4B7EF3789F871419D9302583B20C15

Clé Supprimée : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\9E7F556BF224D804D96A96F0F6344789

Clé Supprimée : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\A189D17A469616C4688D23E192996267

Clé Supprimée : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\A6C53B0F76C44004A8F36716213017DB

Clé Supprimée : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\AB676B0E1B9EFA049B9F7DDDA9645734

Clé Supprimée : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\B59F2D8189784CC46A4597F2842480B0

Clé Supprimée : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\B5BAE2ED018083A4C8DA86D6E3F4B024

Clé Supprimée : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\BD746FB95FB8E5B45BF66BE54D5FD91F

Clé Supprimée : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\BF4F885EDEE45644EB1E0C99E0162399

Clé Supprimée : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\CCF399FCD6D2D3F46BF02A1378654FC9

Clé Supprimée : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\CE21F3FD57B244142880EF15A165A156

Clé Supprimée : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\D149C1355C98DE24E82CEFBD996FE06A

Clé Supprimée : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\D15DAF33C220F91468A1D7D57C31ACD7

Clé Supprimée : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\D3BA76A44C779424889063D5098ED2D6

Clé Supprimée : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\D6D0EB9FDBD90C04D92A7E729058F10D

Clé Supprimée : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\DB59FDB786388EA4D897F3EE715683AC

Clé Supprimée : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\DB8DAD19CFBCC2049A4477183787E8C5

Clé Supprimée : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\E1C820A74ED67374BA048B52CB3C3804

Clé Supprimée : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\E4748F9A4181FCE46A23C13B517B9420

Clé Supprimée : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\EC65F200D112357449C8B1BC3CFA03D0

Clé Supprimée : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\F327D0C73C0973644A21E8CC852267A0

Clé Supprimée : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\FA96423FE2B98E248A3B23548D1E22D9

***** [Navigateurs] *****

-\\ Internet Explorer v9.0.8112.16464

[OK] Le registre ne contient aucune entrée illégitime.

-\\ Mozilla Firefox v18.0.2 (fr)

Fichier : C:\Users\A\AppDAtA\RoAming\MozillA\Firefox\Profiles\jt565p2v.default\prefs.js

[OK] Le fichier ne contient aucune entrée illégitime.

-\\ Google Chrome v [impossible d'obtenir la version]

Fichier : C:\Users\A\AppDAtA\LocAl\Google\Chrome\User DAtA\DefAult\Preferences

[OK] Le fichier ne contient aucune entrée illégitime.

*************************

AdwCleaner[R1].txt - [22706 octets] - [30/11/2012 11:59:47]

AdwCleaner[R2].txt - [9809 octets] - [14/02/2013 17:02:56]

AdwCleaner[R3].txt - [9869 octets] - [15/02/2013 09:46:21]

AdwCleaner[s1].txt - [22398 octets] - [30/11/2012 12:00:41]

AdwCleaner[s2].txt - [9744 octets] - [15/02/2013 09:47:49]

########## EOF - C:\AdwCleaner[s2].txt - [9804 octets] ##########

================================================================

RogueKiller V8.5.1 [Feb 12 2013] par Tigzy

mail : tigzyRK<at>gmail<dot>com

Remontees : http://www.sur-la-toile.com/discussion-193725-1--RogueKiller-Remontees.html

Site Web : http://www.sur-la-toile.com/RogueKiller/

Blog : http://tigzyrk.blogspot.com/

Systeme d'exploitation : Windows Vista (6.0.6002 Service Pack 2) 32 bits version

Demarrage : Mode normal

Utilisateur : A [Droits d'admin]

Mode : Suppression -- Date : 15/02/2013 10:13:06

| ARK || FAK || MBR |

¤¤¤ Processus malicieux : 0 ¤¤¤

¤¤¤ Entrees de registre : 2 ¤¤¤

[HJ DESK] HKLM\[...]\NewStartPanel : {59031a47-3f72-44a7-89c5-5595fe6b30ee} (1) -> REMPLACÉ (0)

[HJ DESK] HKLM\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> REMPLACÉ (0)

¤¤¤ Fichiers / Dossiers particuliers: ¤¤¤

¤¤¤ Driver : [CHARGE] ¤¤¤

¤¤¤ Fichier HOSTS: ¤¤¤

--> C:\Windows\system32\drivers\etc\hosts

127.0.0.1 localhost

::1 localhost

¤¤¤ MBR Verif: ¤¤¤

+++++ PhysicalDrive0: FUJITSU MHX2250BT +++++

--- User ---

[MBR] a7c362359b2ba1e4e0e8cc33ee26bc09

[bSP] 6f61b268712277867aed00aa48b4a619 : Windows Vista MBR Code

Partition table:

0 - [XXXXXX] ACER (0x27) [VISIBLE] Offset (sectors): 2048 | Size: 1500 Mo

1 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 3074048 | Size: 144000 Mo

2 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 297986048 | Size: 92973 Mo

User = LL1 ... OK!

User = LL2 ... OK!

Termine : << RKreport[2]_D_15022013_101306.txt >>

RKreport[1]_S_15022013_101002.txt ; RKreport[2]_D_15022013_101306.txt

Link to post
Share on other sites

  • Staff

Hello

I Would like you to do the following.

Please print out or make a copy in notepad of any instructions given, as sometimes it is necessary to go offline and you will lose access to them.

Run Combofix:

You may be asked to install or update the Recovery Console (Win XP Only) if this happens please allow it to do so (you will need to be connected to the internet for this)

Before you run Combofix I will need you to turn off any security software you have running, If you do not know how to do this you can find out >here< or >here<

Combofix may need to reboot your computer more than once to do its job this is normal.

You can download Combofix from one of these links. I want you to save it to the desktop and run it from there.

Link 1
Link 2
Link 3

1. Close any open browsers or any other programs that are open.

2. Close/disable all anti virus and anti malware programs so they do not interfere with the running of ComboFix.

Double click on combofix.exe & follow the prompts.

When finished, it will produce a report for you.

Note 1: Do not mouseclick combofix's window while it's running. That may cause it to stall

Note 2: If you receive an error "Illegal operation attempted on a registry key that has been marked for deletion." Please restart the computer

"information and logs"

  • In your next post I need the following
  • Log from Combofix
  • let me know of any problems you may have had
  • How is the computer doing now?

Gringo

Link to post
Share on other sites

hi there, here is the combofix log. It took more than half an hour.

==========================================================

ComboFix 13-02-13.02 - A 15/02/2013 12:34:20.1.2 - x86

Lancé depuis: c:\users\A\Desktop\ComboFix.exe

.

.

(((((((((((((((((((((((((((((((((((( Autres suppressions ))))))))))))))))))))))))))))))))))))))))))))))))

.

.

c:\programdata\Amazon.ico

c:\programdata\MercadoLivre.ico

c:\users\A\AppData\Local\Temp\ppcrlui_5424_2

c:\users\A\Documents\~WRL3767.tmp

.

.

((((((((((((((((((((((((((((( Fichiers créés du 2013-01-15 au 2013-02-15 ))))))))))))))))))))))))))))))))))))

.

.

2013-02-15 12:00 . 2013-02-15 12:00 -------- d-----w- c:\users\Default\AppData\Local\temp

2013-02-15 08:23 . 2013-01-08 04:57 6991832 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{50344AE7-06B0-461A-9DD7-CDA4C4B87D29}\mpengine.dll

2013-02-14 19:06 . 2013-01-08 22:01 768000 ----a-w- c:\program files\Common Files\Microsoft Shared\vgx\VGX.dll

2013-02-14 12:02 . 2013-01-04 01:38 2048512 ----a-w- c:\windows\system32\win32k.sys

2013-02-14 12:02 . 2012-11-08 03:48 1314816 ----a-w- c:\windows\system32\quartz.dll

2013-02-14 12:01 . 2013-01-04 11:28 905576 ----a-w- c:\windows\system32\drivers\tcpip.sys

2013-02-14 12:01 . 2013-01-05 05:26 3550072 ----a-w- c:\windows\system32\ntoskrnl.exe

2013-02-14 12:01 . 2013-01-05 05:26 3602808 ----a-w- c:\windows\system32\ntkrnlpa.exe

2013-02-09 11:09 . 2013-02-09 11:09 -------- d-----w- c:\users\A\AppData\Roaming\OpenOffice.org

2013-02-09 11:01 . 2013-02-09 11:01 -------- d-----w- c:\program files\OpenOffice.org 3

2013-01-23 09:26 . 2013-01-23 09:26 -------- d-----w- c:\program files\Common Files\Skype

2013-01-23 09:26 . 2013-01-23 09:26 -------- d-----r- c:\program files\Skype

.

.

.

(((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))

.

2013-02-09 20:49 . 2012-10-06 06:32 74096 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl

2013-02-09 20:49 . 2012-10-06 06:32 697712 ----a-w- c:\windows\system32\FlashPlayerApp.exe

2013-01-17 00:28 . 2010-11-24 18:48 232336 ------w- c:\windows\system32\MpSigStub.exe

2012-12-16 13:12 . 2012-12-21 19:02 34304 ----a-w- c:\windows\system32\atmlib.dll

2012-12-16 10:50 . 2012-12-21 19:02 293376 ----a-w- c:\windows\system32\atmfd.dll

2012-12-14 15:49 . 2012-11-30 11:36 21104 ----a-w- c:\windows\system32\drivers\mbam.sys

2012-11-20 04:22 . 2013-01-11 11:17 204288 ----a-w- c:\windows\system32\ncrypt.dll

2010-01-26 09:11 . 2012-10-08 21:24 444283 ----a-w- c:\program files\Common Files\WinPcapNmap.exe

.

.

((((((((((((((((((((((((((((((((( Points de chargement Reg ))))))))))))))))))))))))))))))))))))))))))))))))

.

.

*Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés

REGEDIT4

.

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]

@="{472083B0-C522-11CF-8763-00608CC02F24}"

[HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]

2012-10-30 22:50 121528 ----a-w- c:\program files\AVAST Software\Avast\ashShell.dll

.

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2009-04-11 1233920]

"TOSCDSPD"="c:\program files\TOSHIBA\TOSCDSPD\TOSCDSPD.exe" [2006-11-13 413696]

"swg"="c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2010-11-25 39408]

"ehTray.exe"="c:\windows\ehome\ehTray.exe" [2008-01-19 125952]

"WMPNSCFG"="c:\program files\Windows Media Player\WMPNSCFG.exe" [2008-01-19 202240]

"Skype"="c:\program files\Skype\Phone\Skype.exe" [2013-01-08 18705664]

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"HWSetup"="\HWSetup.exe hwSetUP" [X]

"KeNotify"="c:\program files\TOSHIBA\Utilities\KeNotify.exe" [2006-11-06 34352]

"SVPWUTIL"="c:\program files\TOSHIBA\Utilities\SVPWUTIL.exe" [2006-03-22 438272]

"RtHDVCpl"="RtHDVCpl.exe" [2007-09-03 4702208]

"TPwrMain"="c:\program files\TOSHIBA\Power Saver\TPwrMain.EXE" [2007-03-29 411192]

"HSON"="c:\program files\TOSHIBA\TBS\HSON.exe" [2006-12-07 55416]

"SmoothView"="c:\program files\Toshiba\SmoothView\SmoothView.exe" [2007-04-03 509496]

"00TCrdMain"="c:\program files\TOSHIBA\FlashCards\TCrdMain.exe" [2007-05-22 538744]

"NDSTray.exe"="NDSTray.exe" [bU]

"Desktop SMS"="c:\program files\IDM\Desktop SMS\DesktopSMS.exe" [2007-06-18 1507328]

"topi"="c:\program files\TOSHIBA\Toshiba Online Product Information\topi.exe" [2007-07-10 581632]

"Skytel"="Skytel.exe" [2007-08-03 1826816]

"StartCCC"="c:\program files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2006-11-10 90112]

"Camera Assistant Software"="c:\program files\Camera Assistant Software for Toshiba\traybar.exe" [2007-04-10 413696]

"SynTPStart"="c:\program files\Synaptics\SynTP\SynTPStart.exe" [2007-07-27 204800]

"Toshiba Registration"="c:\program files\Toshiba\Registration\ToshibaRegistration.exe" [2007-02-19 571024]

"IAAnotif"="c:\program files\Intel\Intel Matrix Storage Manager\iaanotif.exe" [2007-02-12 174872]

"SynTPEnh"="c:\program files\Synaptics\SynTP\SynTPEnh.exe" [2009-03-20 1451304]

"DivXUpdate"="c:\program files\DivX\DivX Update\DivXUpdate.exe" [2011-07-28 1259376]

"avast"="c:\program files\AVAST Software\Avast\avastUI.exe" [2012-10-30 4297136]

"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2012-07-03 252848]

"VDownloader"="e:\bac\Program Files\VDownloader\VDownloader.exe" [2012-09-27 881664]

"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2012-12-03 946352]

"LoadMdm"="c:\program files\Wetelecom\LoadMdm.exe" [2010-07-13 397312]

.

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]

"EnableUIADesktopToggle"= 0 (0x0)

.

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]

"mixer6"=wdmaud.drv

.

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfPf]

@="Driver"

.

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfRd]

@="Driver"

.

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfSvc]

@="Service"

.

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring]

"DisableMonitoring"=dword:00000001

.

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecAntiVirus]

"DisableMonitoring"=dword:00000001

.

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecFirewall]

"DisableMonitoring"=dword:00000001

.

--- Autres Services/Pilotes en mémoire ---

.

*NewlyCreated* - TRUESIGHT

*Deregistered* - TrueSight

.

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]

LocalServiceAndNoImpersonation REG_MULTI_SZ FontCache

.

Contenu du dossier 'Tâches planifiées'

.

2013-02-15 c:\windows\Tasks\Adobe Flash Player Updater.job

- c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2012-10-06 20:49]

.

2013-02-15 c:\windows\Tasks\Final Media Player Update Checker.job

- c:\program files\FinalMediaPlayer\FMPCheckForUpdates.exe [2011-01-01 10:25]

.

2013-02-15 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job

- c:\program files\Google\Update\GoogleUpdate.exe [2010-11-25 21:33]

.

2013-02-15 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job

- c:\program files\Google\Update\GoogleUpdate.exe [2010-11-25 21:33]

.

.

------- Examen supplémentaire -------

.

uStart Page = hxxp://www.google.com

IE: E&xporter vers Microsoft Excel - c:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000

TCP: DhcpNameServer = 192.168.1.254

.

- - - - ORPHELINS SUPPRIMES - - - -

.

URLSearchHooks-{4daac69c-cba7-45e2-9bc8-1044483d3352} - (no file)

WebBrowser-{4DAAC69C-CBA7-45E2-9BC8-1044483D3352} - (no file)

AddRemove-myphotobook - c:\program files\myphotobook\uninst.exe

AddRemove-FoxTab FLV Player - c:\program files\FoxTabFLVPlayer\Uninstall\Uninstall.exe

.

.

.

**************************************************************************

.

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net

Rootkit scan 2013-02-15 13:02

Windows 6.0.6002 Service Pack 2 NTFS

.

Recherche de processus cachés ...

.

Recherche d'éléments en démarrage automatique cachés ...

.

HKCU\Software\Microsoft\Windows\CurrentVersion\Run

TOSCDSPD = c:\program files\TOSHIBA\TOSCDSPD\TOSCDSPD.exe?/i?????p_8S?A??8???`????????????

.

Recherche de fichiers cachés ...

.

Scan terminé avec succès

Fichiers cachés: 0

.

**************************************************************************

.

--------------------- CLES DE REGISTRE BLOQUEES ---------------------

.

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]

@Denied: (A 2) (Everyone)

@="FlashBroker"

"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil32_11_5_502_149_ActiveX.exe,-101"

.

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]

"Enabled"=dword:00000001

.

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]

@="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil32_11_5_502_149_ActiveX.exe"

.

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]

@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"

.

[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]

@Denied: (A 2) (Everyone)

@="IFlashBroker5"

.

[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]

@="{00020424-0000-0000-C000-000000000046}"

.

[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]

@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"

"Version"="1.0"

.

[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]

@Denied: (A) (Users)

@Denied: (A) (Everyone)

@Allowed: (B 1 2 3 4 5) (S-1-5-20)

"BlindDial"=dword:00000000

"MSCurrentCountry"=dword:000000b5

.

[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]

@Denied: (A) (Users)

@Denied: (A) (Everyone)

@Allowed: (B 1 2 3 4 5) (S-1-5-20)

"BlindDial"=dword:00000000

.

[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0002\AllUserSettings]

@Denied: (A) (Users)

@Denied: (A) (Everyone)

@Allowed: (B 1 2 3 4 5) (S-1-5-20)

"BlindDial"=dword:00000000

.

Heure de fin: 2013-02-15 13:10:22

ComboFix-quarantined-files.txt 2013-02-15 12:10

.

Avant-CF: 96 506 556 416 octets libres

Après-CF: 97 117 106 176 octets libres

.

- - End Of File - - 907AF33C5042B9D9D5DFD95A8735236E

Link to post
Share on other sites

  • Staff

Greetings

I want you to run these next,

TDSSKiller

Please download the latest version of TDSSKiller from here and save it to your Desktop.

  • Doubleclick on TDSSKiller.exe to run the application, then click on Change parameters.
  • Put a checkmark beside loaded modules.
  • A reboot will be needed to apply the changes. Do it.
  • TDSSKiller will launch automatically after the reboot. Also your computer may seem very slow and unusable. This is normal. Give it enough time to load your background programs.
  • Then click on Change parameters in TDSSKiller.
  • Check all boxes then click OK.
  • Click the Start Scan button.
  • The scan should take no longer than 2 minutes.
  • If a suspicious object is detected, the default action will be Skip, click on Continue.
  • If malicious objects are found, they will show in the Scan results
  • Ensure Cure (default) is selected, then click Continue > Reboot now to finish the cleaning process.
    Note: If Cure is not available, please choose Skip instead, do not choose Delete unless instructed.
  • A report will be created in your root directory, (usually C:\ folder) in the form of "TDSSKiller.[Version]_[Date]_[Time]_log.txt". Please copy and paste the contents of that file here.
    Note** this report can be very long - so if the website gives you an error saying it is to long you may attache it or you can upload it here and send me the link - http://www.2shared.com/

Malwarebytes Anti-Rootkit

1.Download Malwarebytes Anti-Rootkit

2.Unzip the contents to a folder in a convenient location.

3.Open the folder where the contents were unzipped and run mbar.exe

4.Follow the instructions in the wizard to update and allow the program to scan your computer for threats.

5.Click on the Cleanup button to remove any threats and reboot if prompted to do so.

6.Wait while the system shuts down and the cleanup process is performed.

7.Perform another scan with Malwarebytes Anti-Rootkit to verify that no threats remain. If they do, then click Cleanup once more and repeat the process.

8.If no additional threats were found, verify that your system is now running normally, making sure that the following items are functional:

  • •Internet access
    •Windows Update
    •Windows Firewall

9.If there are additional problems with your system, such as any of those listed above or other system issues, then run the 'fixdamage' tool included with Malwarebytes Anti-Rootkit and reboot.

10.Verify that your system is now functioning normally.

If you have any problems running either one come back and let me know

please reply with the reports from TDSSKiller and MBAR

Gringo

Link to post
Share on other sites

hello, smth went not like you specified

1. TDSSKiller episode

  • A reboot will be needed to apply the changes. Do it.

-->BUT After the reboot the Kaspersky Lab smth sked to check the system. I did not allow

  • TDSSKiller will launch automatically after the reboot. Also your computer may seem very slow and unusable. This is normal. Give it enough time to load your background programs.

--->BUT TDSKiller did not relaunch automatically

2. I can not find the TDSKIller report log.

3. Malwarebytes Anti Root does not find anything bad

4. I can not find the MBAR report log

5. Youtube coupondropsdown is still there

6. The laptop looks slow.

so i am a bit lost :unsure:

Link to post
Share on other sites

-concerning my prev message i found the TDSKiller reportS, yes, 2 of them, below

- there was a 'copy to quarantine' of 4 files

1st

=============================================================================

19:45:34.0517 1376 TDSS rootkit removing tool 2.8.16.0 Feb 11 2013 18:50:42

19:45:34.0673 1376 ============================================================

19:45:34.0673 1376 Current date / time: 2013/02/15 19:45:34.0673

19:45:34.0673 1376 SystemInfo:

19:45:34.0673 1376

19:45:34.0673 1376 OS Version: 6.0.6002 ServicePack: 2.0

19:45:34.0673 1376 Product type: Workstation

19:45:34.0673 1376 ComputerName: PC-DE-A

19:45:34.0673 1376 UserName: A

19:45:34.0673 1376 Windows directory: C:\Windows

19:45:34.0673 1376 System windows directory: C:\Windows

19:45:34.0673 1376 Processor architecture: Intel x86

19:45:34.0673 1376 Number of processors: 2

19:45:34.0673 1376 Page size: 0x1000

19:45:34.0673 1376 Boot type: Normal boot

19:45:34.0673 1376 ============================================================

19:45:35.0359 1376 Drive \Device\Harddisk0\DR0 - Size: 0x3A38B2E000 (232.89 Gb), SectorSize: 0x200, Cylinders: 0x76C1, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000050

19:45:35.0359 1376 ============================================================

19:45:35.0359 1376 \Device\Harddisk0\DR0:

19:45:35.0375 1376 MBR partitions:

19:45:35.0375 1376 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x2EE800, BlocksNum 0x11940000

19:45:35.0375 1376 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x11C2E800, BlocksNum 0xB596800

19:45:35.0375 1376 ============================================================

19:45:35.0406 1376 C: <-> \Device\Harddisk0\DR0\Partition1

19:45:35.0453 1376 E: <-> \Device\Harddisk0\DR0\Partition2

19:45:35.0453 1376 ============================================================

19:45:35.0453 1376 Initialize success

19:45:35.0453 1376 ============================================================

19:46:26.0164 1632 Deinitialize success

===============================================================================

Link to post
Share on other sites

the 2nd is too long

2nd 1st third

==============================

19:56:47.0222 5364 TDSS rootkit removing tool 2.8.16.0 Feb 11 2013 18:50:42

19:56:47.0518 5364 ============================================================

19:56:47.0518 5364 Current date / time: 2013/02/15 19:56:47.0518

19:56:47.0518 5364 SystemInfo:

19:56:47.0518 5364

19:56:47.0518 5364 OS Version: 6.0.6002 ServicePack: 2.0

19:56:47.0518 5364 Product type: Workstation

19:56:47.0518 5364 ComputerName: PC-DE-A

19:56:47.0518 5364 UserName: A

19:56:47.0518 5364 Windows directory: C:\Windows

19:56:47.0518 5364 System windows directory: C:\Windows

19:56:47.0518 5364 Processor architecture: Intel x86

19:56:47.0518 5364 Number of processors: 2

19:56:47.0518 5364 Page size: 0x1000

19:56:47.0518 5364 Boot type: Normal boot

19:56:47.0518 5364 ============================================================

19:56:47.0799 5364 BG loaded

19:56:48.0642 5364 Drive \Device\Harddisk0\DR0 - Size: 0x3A38B2E000 (232.89 Gb), SectorSize: 0x200, Cylinders: 0x76C1, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000050

19:56:48.0658 5364 ============================================================

19:56:48.0658 5364 \Device\Harddisk0\DR0:

19:56:48.0658 5364 MBR partitions:

19:56:48.0658 5364 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x2EE800, BlocksNum 0x11940000

19:56:48.0658 5364 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x11C2E800, BlocksNum 0xB596800

19:56:48.0658 5364 ============================================================

19:56:48.0689 5364 C: <-> \Device\Harddisk0\DR0\Partition1

19:56:48.0736 5364 E: <-> \Device\Harddisk0\DR0\Partition2

19:56:48.0736 5364 ============================================================

19:56:48.0736 5364 Initialize success

19:56:48.0736 5364 ============================================================

19:58:21.0064 4184 ============================================================

19:58:21.0064 4184 Scan started

19:58:21.0064 4184 Mode: Manual; SigCheck; TDLFS;

19:58:21.0064 4184 ============================================================

19:58:22.0562 4184 ================ Scan system memory ========================

19:58:22.0562 4184 System memory - ok

19:58:22.0562 4184 ================ Scan services =============================

19:58:22.0905 4184 [ 82B296AE1892FE3DBEE00C9CF92F8AC7 ] ACPI C:\Windows\system32\drivers\acpi.sys

19:58:23.0092 4184 ACPI - ok

19:58:23.0217 4184 [ 3927397AC60D943DAF8808AFFED582B7 ] AdobeARMservice C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe

19:58:23.0232 4184 AdobeARMservice - ok

19:58:23.0310 4184 [ EC807244904FA170C299AB06D87FBDBE ] AdobeFlashPlayerUpdateSvc C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe

19:58:23.0342 4184 AdobeFlashPlayerUpdateSvc - ok

19:58:23.0451 4184 [ 2EDC5BBAC6C651ECE337BDE8ED97C9FB ] adp94xx C:\Windows\system32\drivers\adp94xx.sys

19:58:23.0498 4184 adp94xx - ok

19:58:23.0513 4184 [ B84088CA3CDCA97DA44A984C6CE1CCAD ] adpahci C:\Windows\system32\drivers\adpahci.sys

19:58:23.0544 4184 adpahci - ok

19:58:23.0576 4184 [ 7880C67BCCC27C86FD05AA2AFB5EA469 ] adpu160m C:\Windows\system32\drivers\adpu160m.sys

19:58:23.0607 4184 adpu160m - ok

19:58:23.0607 4184 [ 9AE713F8E30EFC2ABCCD84904333DF4D ] adpu320 C:\Windows\system32\drivers\adpu320.sys

19:58:23.0638 4184 adpu320 - ok

19:58:23.0685 4184 [ 9D1FDA9E086BA64E3C93C9DE32461BCF ] AeLookupSvc C:\Windows\System32\aelupsvc.dll

19:58:23.0763 4184 AeLookupSvc - ok

19:58:23.0825 4184 [ 3911B972B55FEA0478476B2E777B29FA ] AFD C:\Windows\system32\drivers\afd.sys

19:58:23.0856 4184 AFD - ok

19:58:23.0903 4184 [ 39E435C90C9C4F780FA0ED05CA3C3A1B ] AgereModemAudio C:\Windows\system32\agrsmsvc.exe

19:58:23.0950 4184 AgereModemAudio - ok

19:58:24.0044 4184 [ CE91B158FA490CF4C4D487A4130F4660 ] AgereSoftModem C:\Windows\system32\DRIVERS\AGRSM.sys

19:58:24.0215 4184 AgereSoftModem - ok

19:58:24.0246 4184 [ EF23439CDD587F64C2C1B8825CEAD7D8 ] agp440 C:\Windows\system32\drivers\agp440.sys

19:58:24.0278 4184 agp440 - ok

19:58:24.0309 4184 [ AE1FDF7BF7BB6C6A70F67699D880592A ] aic78xx C:\Windows\system32\drivers\djsvs.sys

19:58:24.0340 4184 aic78xx - ok

19:58:24.0387 4184 [ A1545B731579895D8CC44FC0481C1192 ] ALG C:\Windows\System32\alg.exe

19:58:24.0496 4184 ALG - ok

19:58:24.0496 4184 [ 90395B64600EBB4552E26E178C94B2E4 ] aliide C:\Windows\system32\drivers\aliide.sys

19:58:24.0512 4184 aliide - ok

19:58:24.0590 4184 [ 2B13E304C9DFDFA5EB582F6A149FA2C7 ] amdagp C:\Windows\system32\drivers\amdagp.sys

19:58:24.0605 4184 amdagp - ok

19:58:24.0636 4184 [ 0577DF1D323FE75A739C787893D300EA ] amdide C:\Windows\system32\drivers\amdide.sys

19:58:24.0652 4184 amdide - ok

19:58:24.0655 4184 [ DC487885BCEF9F28EECE6FAC0E5DDFC5 ] AmdK7 C:\Windows\system32\drivers\amdk7.sys

19:58:24.0756 4184 AmdK7 - ok

19:58:24.0787 4184 [ 0CA0071DA4315B00FC1328CA86B425DA ] AmdK8 C:\Windows\system32\drivers\amdk8.sys

19:58:24.0865 4184 AmdK8 - ok

19:58:24.0927 4184 [ C6D704C7F0434DC791AAC37CAC4B6E14 ] Appinfo C:\Windows\System32\appinfo.dll

19:58:24.0943 4184 Appinfo - ok

19:58:24.0990 4184 [ 5F673180268BB1FDB69C99B6619FE379 ] arc C:\Windows\system32\drivers\arc.sys

19:58:25.0005 4184 arc - ok

19:58:25.0021 4184 [ 957F7540B5E7F602E44648C7DE5A1C05 ] arcsas C:\Windows\system32\drivers\arcsas.sys

19:58:25.0036 4184 arcsas - ok

19:58:25.0208 4184 [ 776ACEFA0CA9DF0FAA51A5FB2F435705 ] aspnet_state C:\Windows\Microsoft.NET\Framework\v4.0.30319\aspnet_state.exe

19:58:25.0255 4184 aspnet_state - ok

19:58:25.0317 4184 [ DE6ED95AEF259979B2830450072A627B ] aswFsBlk C:\Windows\system32\drivers\aswFsBlk.sys

19:58:25.0395 4184 aswFsBlk - ok

19:58:25.0520 4184 [ CCAFDA4AB7F3738142B3BA7DA311FFB0 ] aswFW C:\Windows\system32\drivers\aswFW.sys

19:58:25.0536 4184 aswFW - ok

19:58:25.0598 4184 [ E2FEE0486D68BF85355D3EDA1A24FF68 ] aswKbd C:\Windows\system32\drivers\aswKbd.sys

19:58:25.0614 4184 aswKbd - ok

19:58:25.0676 4184 [ 62F9DCEC95F91B8E0203E85D344A7E65 ] aswMonFlt C:\Windows\system32\drivers\aswMonFlt.sys

19:58:25.0707 4184 aswMonFlt - ok

19:58:25.0738 4184 [ 7B948E3657BEA62E437BC46CA6EF6012 ] aswNdis C:\Windows\system32\DRIVERS\aswNdis.sys

19:58:25.0754 4184 aswNdis - ok

19:58:25.0801 4184 [ DCF8B68A3A6217F87CA7FA95F535B47E ] aswNdis2 C:\Windows\system32\drivers\aswNdis2.sys

19:58:25.0832 4184 aswNdis2 - ok

19:58:25.0863 4184 [ 7C9F0A2AB17D52261A9252A2EB320884 ] aswRdr C:\Windows\system32\drivers\aswRdr.sys

19:58:25.0879 4184 aswRdr - ok

19:58:25.0957 4184 [ B32E9AD44A1DBB3E8095E80F8DF32B03 ] aswSnx C:\Windows\system32\drivers\aswSnx.sys

19:58:25.0988 4184 aswSnx - ok

19:58:26.0082 4184 [ 67B558895695545FB0568B7541F3BCA7 ] aswSP C:\Windows\system32\drivers\aswSP.sys

19:58:26.0128 4184 aswSP - ok

19:58:26.0206 4184 [ E3E73B2B73A4DFADFDDF557192C4B08A ] aswTdi C:\Windows\system32\drivers\aswTdi.sys

19:58:26.0222 4184 aswTdi - ok

19:58:26.0284 4184 [ 53B202ABEE6455406254444303E87BE1 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys

19:58:26.0362 4184 AsyncMac - ok

19:58:26.0409 4184 [ 1F05B78AB91C9075565A9D8A4B880BC4 ] atapi C:\Windows\system32\drivers\atapi.sys

19:58:26.0425 4184 atapi - ok

19:58:26.0550 4184 [ 6046A55F79DE9C581B8D5E9C1366CC81 ] athr C:\Windows\system32\DRIVERS\athr.sys

19:58:26.0659 4184 athr - ok

19:58:26.0721 4184 [ CED8A3D0DA7803CC755A21D78D326139 ] Ati External Event Utility C:\Windows\system32\Ati2evxx.exe

19:58:26.0846 4184 Ati External Event Utility - ok

19:58:27.0002 4184 [ 8CE91545423A431353869ED5ADE90ECE ] atikmdag C:\Windows\system32\DRIVERS\atikmdag.sys

19:58:27.0205 4184 atikmdag - ok

19:58:27.0267 4184 [ 68E2A1A0407A66CF50DA0300852424AB ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll

19:58:27.0345 4184 AudioEndpointBuilder - ok

19:58:27.0361 4184 [ 68E2A1A0407A66CF50DA0300852424AB ] Audiosrv C:\Windows\System32\Audiosrv.dll

19:58:27.0392 4184 Audiosrv - ok

19:58:27.0564 4184 [ 8FA553E9AE69808D99C164733A0F9590 ] avast! Antivirus C:\Program Files\AVAST Software\Avast\AvastSvc.exe

19:58:27.0579 4184 avast! Antivirus - ok

19:58:27.0610 4184 [ BC0E07A768A0A14C48E3CE1875F2C377 ] avast! Firewall C:\Program Files\AVAST Software\Avast\afwServ.exe

19:58:27.0626 4184 avast! Firewall - ok

19:58:27.0688 4184 [ 67E506B75BD5326A3EC7B70BD014DFB6 ] Beep C:\Windows\system32\drivers\Beep.sys

19:58:27.0751 4184 Beep - ok

19:58:27.0860 4184 [ C789AF0F724FDA5852FB9A7D3A432381 ] BFE C:\Windows\System32\bfe.dll

19:58:27.0907 4184 BFE - ok

19:58:27.0969 4184 [ 93952506C6D67330367F7E7934B6A02F ] BITS C:\Windows\system32\qmgr.dll

19:58:28.0063 4184 BITS - ok

19:58:28.0063 4184 blbdrive - ok

19:58:28.0141 4184 [ 35F376253F687BDE63976CCB3F2108CA ] bowser C:\Windows\system32\DRIVERS\bowser.sys

19:58:28.0188 4184 bowser - ok

19:58:28.0234 4184 [ 9F9ACC7F7CCDE8A15C282D3F88B43309 ] BrFiltLo C:\Windows\system32\drivers\brfiltlo.sys

19:58:28.0281 4184 BrFiltLo - ok

19:58:28.0281 4184 [ 56801AD62213A41F6497F96DEE83755A ] BrFiltUp C:\Windows\system32\drivers\brfiltup.sys

19:58:28.0344 4184 BrFiltUp - ok

19:58:28.0406 4184 [ A3629A0C4226F9E9C72FAAEEBC3AD33C ] Browser C:\Windows\System32\browser.dll

19:58:28.0468 4184 Browser - ok

19:58:28.0515 4184 [ B304E75CFF293029EDDF094246747113 ] Brserid C:\Windows\system32\drivers\brserid.sys

19:58:28.0609 4184 Brserid - ok

19:58:28.0609 4184 [ 203F0B1E73ADADBBB7B7B1FABD901F6B ] BrSerWdm C:\Windows\system32\drivers\brserwdm.sys

19:58:28.0671 4184 BrSerWdm - ok

19:58:28.0687 4184 [ BD456606156BA17E60A04E18016AE54B ] BrUsbMdm C:\Windows\system32\drivers\brusbmdm.sys

19:58:28.0749 4184 BrUsbMdm - ok

19:58:28.0765 4184 [ AF72ED54503F717A43268B3CC5FAEC2E ] BrUsbSer C:\Windows\system32\drivers\brusbser.sys

19:58:28.0843 4184 BrUsbSer - ok

19:58:28.0890 4184 [ AD07C1EC6665B8B35741AB91200C6B68 ] BTHMODEM C:\Windows\system32\drivers\bthmodem.sys

19:58:28.0936 4184 BTHMODEM - ok

19:58:29.0139 4184 catchme - ok

19:58:29.0202 4184 [ 7ADD03E75BEB9E6DD102C3081D29840A ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys

19:58:29.0264 4184 cdfs - ok

19:58:29.0295 4184 [ 6B4BFFB9BECD728097024276430DB314 ] cdrom C:\Windows\system32\DRIVERS\cdrom.sys

19:58:29.0373 4184 cdrom - ok

19:58:29.0451 4184 [ 312EC3E37A0A1F2006534913E37B4423 ] CertPropSvc C:\Windows\System32\certprop.dll

19:58:29.0498 4184 CertPropSvc - ok

19:58:29.0623 4184 [ C82162949BBA6CC5D006C7BD008F3CF1 ] CFSvcs C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe

19:58:29.0654 4184 CFSvcs ( UnsignedFile.Multi.Generic ) - warning

19:58:29.0654 4184 CFSvcs - detected UnsignedFile.Multi.Generic (1)

19:58:29.0685 4184 [ E5D4133F37219DBCFE102BC61072589D ] circlass C:\Windows\system32\DRIVERS\circlass.sys

19:58:29.0749 4184 circlass - ok

19:58:29.0795 4184 [ D7659D3B5B92C31E84E53C1431F35132 ] CLFS C:\Windows\system32\CLFS.sys

19:58:29.0827 4184 CLFS - ok

19:58:29.0889 4184 [ 8EE772032E2FE80A924F3B8DD5082194 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe

19:58:29.0920 4184 clr_optimization_v2.0.50727_32 - ok

19:58:29.0983 4184 [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe

19:58:30.0061 4184 clr_optimization_v4.0.30319_32 - ok

19:58:30.0076 4184 [ 99AFC3795B58CC478FBBBCDC658FCB56 ] CmBatt C:\Windows\system32\DRIVERS\CmBatt.sys

19:58:30.0154 4184 CmBatt - ok

19:58:30.0201 4184 [ 45201046C776FFDAF3FC8A0029C581C8 ] cmdide C:\Windows\system32\drivers\cmdide.sys

19:58:30.0217 4184 cmdide - ok

19:58:30.0248 4184 [ 6AFEF0B60FA25DE07C0968983EE4F60A ] Compbatt C:\Windows\system32\DRIVERS\compbatt.sys

19:58:30.0263 4184 Compbatt - ok

19:58:30.0263 4184 COMSysApp - ok

19:58:30.0341 4184 [ C3156B712E3873AAD354F1696B2B2925 ] CplIR C:\Windows\system32\DRIVERS\CplIR.SYS

19:58:30.0373 4184 CplIR - ok

19:58:30.0388 4184 [ 2A213AE086BBEC5E937553C7D9A2B22C ] crcdisk C:\Windows\system32\drivers\crcdisk.sys

19:58:30.0404 4184 crcdisk - ok

19:58:30.0404 4184 [ 22A7F883508176489F559EE745B5BF5D ] Crusoe C:\Windows\system32\drivers\crusoe.sys

19:58:30.0482 4184 Crusoe - ok

19:58:30.0529 4184 [ F1E8C34892336D33EDDCDFE44E474F64 ] CryptSvc C:\Windows\system32\cryptsvc.dll

19:58:30.0575 4184 CryptSvc - ok

19:58:30.0638 4184 [ 3B5B4D53FEC14F7476CA29A20CC31AC9 ] DcomLaunch C:\Windows\system32\rpcss.dll

19:58:30.0747 4184 DcomLaunch - ok

19:58:30.0794 4184 [ 622C41A07CA7E6DD91770F50D532CB6C ] DfsC C:\Windows\system32\Drivers\dfsc.sys

19:58:30.0809 4184 DfsC - ok

19:58:30.0919 4184 [ 2CC3DCFB533A1035B13DCAB6160AB38B ] DFSR C:\Windows\system32\DFSR.exe

19:58:31.0121 4184 DFSR - ok

19:58:31.0199 4184 [ 9028559C132146FB75EB7ACF384B086A ] Dhcp C:\Windows\System32\dhcpcsvc.dll

19:58:31.0246 4184 Dhcp - ok

19:58:31.0293 4184 [ 5D4AEFC3386920236A548271F8F1AF6A ] disk C:\Windows\system32\drivers\disk.sys

19:58:31.0324 4184 disk - ok

19:58:31.0387 4184 [ 57D762F6F5974AF0DA2BE88A3349BAAA ] Dnscache C:\Windows\System32\dnsrslvr.dll

19:58:31.0433 4184 Dnscache - ok

19:58:31.0465 4184 [ 324FD74686B1EF5E7C19A8AF49E748F6 ] dot3svc C:\Windows\System32\dot3svc.dll

19:58:31.0527 4184 dot3svc - ok

19:58:31.0574 4184 [ A622E888F8AA2F6B49E9BC466F0E5DEF ] DPS C:\Windows\system32\dps.dll

19:58:31.0636 4184 DPS - ok

19:58:31.0667 4184 [ 97FEF831AB90BEE128C9AF390E243F80 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys

19:58:31.0745 4184 drmkaud - ok

19:58:31.0808 4184 [ C68AC676B0EF30CFBB1080ADCE49EB1F ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys

19:58:31.0855 4184 DXGKrnl - ok

19:58:31.0917 4184 [ F88FB26547FD2CE6D0A5AF2985892C48 ] E1G60 C:\Windows\system32\DRIVERS\E1G60I32.sys

19:58:32.0011 4184 E1G60 - ok

19:58:32.0057 4184 [ C0B95E40D85CD807D614E264248A45B9 ] EapHost C:\Windows\System32\eapsvc.dll

19:58:32.0104 4184 EapHost - ok

19:58:32.0182 4184 [ 7F64EA048DCFAC7ACF8B4D7B4E6FE371 ] Ecache C:\Windows\system32\drivers\ecache.sys

19:58:32.0198 4184 Ecache - ok

19:58:32.0260 4184 [ 9BE3744D295A7701EB425332014F0797 ] ehRecvr C:\Windows\ehome\ehRecvr.exe

19:58:32.0291 4184 ehRecvr - ok

19:58:32.0323 4184 [ AD1870C8E5D6DD340C829E6074BF3C3F ] ehSched C:\Windows\ehome\ehsched.exe

19:58:32.0369 4184 ehSched - ok

19:58:32.0401 4184 [ C27C4EE8926E74AA72EFCAB24C5242C3 ] ehstart C:\Windows\ehome\ehstart.dll

19:58:32.0447 4184 ehstart - ok

19:58:32.0479 4184 [ E8F3F21A71720C84BCF423B80028359F ] elxstor C:\Windows\system32\drivers\elxstor.sys

19:58:32.0510 4184 elxstor - ok

19:58:32.0588 4184 [ 4E6B23DFC917EA39306B529B773950F4 ] EMDMgmt C:\Windows\system32\emdmgmt.dll

19:58:32.0681 4184 EMDMgmt - ok

19:58:32.0728 4184 [ 67058C46504BC12D821F38CF99B7B28F ] EventSystem C:\Windows\system32\es.dll

19:58:32.0759 4184 EventSystem - ok

19:58:32.0806 4184 [ 22B408651F9123527BCEE54B4F6C5CAE ] exfat C:\Windows\system32\drivers\exfat.sys

19:58:32.0853 4184 exfat - ok

19:58:32.0900 4184 [ 1E9B9A70D332103C52995E957DC09EF8 ] fastfat C:\Windows\system32\drivers\fastfat.sys

19:58:32.0947 4184 fastfat - ok

19:58:33.0009 4184 [ A0A4099F99DC352B64C87684E49CE927 ] fbxusb C:\Windows\system32\DRIVERS\fbxusb32.sys

19:58:33.0025 4184 fbxusb - ok

19:58:33.0056 4184 [ 63BDADA84951B9C03E641800E176898A ] fdc C:\Windows\system32\DRIVERS\fdc.sys

19:58:33.0149 4184 fdc - ok

19:58:33.0196 4184 [ 6629B5F0E98151F4AFDD87567EA32BA3 ] fdPHost C:\Windows\system32\fdPHost.dll

19:58:33.0243 4184 fdPHost - ok

19:58:33.0274 4184 [ 89ED56DCE8E47AF40892778A5BD31FD2 ] FDResPub C:\Windows\system32\fdrespub.dll

19:58:33.0337 4184 FDResPub - ok

19:58:33.0399 4184 [ A8C0139A884861E3AAE9CFE73B208A9F ] FileInfo C:\Windows\system32\drivers\fileinfo.sys

19:58:33.0430 4184 FileInfo - ok

19:58:33.0477 4184 [ 0AE429A696AECBC5970E3CF2C62635AE ] Filetrace C:\Windows\system32\drivers\filetrace.sys

19:58:33.0524 4184 Filetrace - ok

19:58:33.0539 4184 [ 6603957EFF5EC62D25075EA8AC27DE68 ] flpydisk C:\Windows\system32\DRIVERS\flpydisk.sys

19:58:33.0617 4184 flpydisk - ok

19:58:33.0649 4184 [ 01334F9EA68E6877C4EF05D3EA8ABB05 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys

19:58:33.0680 4184 FltMgr - ok

19:58:33.0758 4184 [ 8CE364388C8ECA59B14B539179276D44 ] FontCache C:\Windows\system32\FntCache.dll

19:58:33.0883 4184 FontCache - ok

19:58:33.0976 4184 [ C7FBDD1ED42F82BFA35167A5C9803EA3 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe

19:58:33.0992 4184 FontCache3.0.0.0 - ok

19:58:34.0039 4184 [ B972A66758577E0BFD1DE0F91AAA27B5 ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys

19:58:34.0085 4184 Fs_Rec - ok

19:58:34.0132 4184 [ 4E1CD0A45C50A8882616CAE5BF82F3C5 ] gagp30kx C:\Windows\system32\drivers\gagp30kx.sys

19:58:34.0148 4184 gagp30kx - ok

19:58:34.0210 4184 [ CD5D0AEEE35DFD4E986A5AA1500A6E66 ] gpsvc C:\Windows\System32\gpsvc.dll

19:58:34.0304 4184 gpsvc - ok

19:58:34.0397 4184 [ F02A533F517EB38333CB12A9E8963773 ] gupdate C:\Program Files\Google\Update\GoogleUpdate.exe

19:58:34.0413 4184 gupdate - ok

19:58:34.0460 4184 [ F02A533F517EB38333CB12A9E8963773 ] gupdatem C:\Program Files\Google\Update\GoogleUpdate.exe

19:58:34.0475 4184 gupdatem - ok

19:58:34.0507 4184 [ 5D4BC124FAAE6730AC002CDB67BF1A1C ] gusvc C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe

19:58:34.0522 4184 gusvc - ok

19:58:34.0585 4184 [ 3F90E001369A07243763BD5A523D8722 ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys

19:58:34.0631 4184 HdAudAddService - ok

19:58:34.0694 4184 [ 062452B7FFD68C8C042A6261FE8DFF4A ] HDAudBus C:\Windows\system32\DRIVERS\HDAudBus.sys

19:58:34.0787 4184 HDAudBus - ok

19:58:34.0840 4184 [ 1338520E78D90154ED6BE8F84DE5FCEB ] HidBth C:\Windows\system32\drivers\hidbth.sys

19:58:34.0918 4184 HidBth - ok

19:58:34.0918 4184 [ FF3160C3A2445128C5A6D9B076DA519E ] HidIr C:\Windows\system32\DRIVERS\hidir.sys

19:58:34.0981 4184 HidIr - ok

19:58:35.0027 4184 [ 84067081F3318162797385E11A8F0582 ] hidserv C:\Windows\System32\hidserv.dll

19:58:35.0059 4184 hidserv - ok

19:58:35.0105 4184 [ CCA4B519B17E23A00B826C55716809CC ] HidUsb C:\Windows\system32\DRIVERS\hidusb.sys

19:58:35.0137 4184 HidUsb - ok

19:58:35.0168 4184 [ D8AD255B37DA92434C26E4876DB7D418 ] hkmsvc C:\Windows\system32\kmsvc.dll

19:58:35.0230 4184 hkmsvc - ok

19:58:35.0246 4184 [ DF353B401001246853763C4B7AAA6F50 ] HpCISSs C:\Windows\system32\drivers\hpcisss.sys

19:58:35.0261 4184 HpCISSs - ok

19:58:35.0324 4184 [ F870AA3E254628EBEAFE754108D664DE ] HTTP C:\Windows\system32\drivers\HTTP.sys

19:58:35.0386 4184 HTTP - ok

19:58:35.0417 4184 [ 324C2152FF2C61ABAE92D09F3CCA4D63 ] i2omp C:\Windows\system32\drivers\i2omp.sys

19:58:35.0433 4184 i2omp - ok

19:58:35.0495 4184 [ 22D56C8184586B7A1F6FA60BE5F5A2BD ] i8042prt C:\Windows\system32\DRIVERS\i8042prt.sys

19:58:35.0558 4184 i8042prt - ok

19:58:35.0683 4184 [ 582F2D900A3AC34C98FBDC2C0ABEF6B9 ] IAANTMON C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTMon.exe

19:58:35.0714 4184 IAANTMON - ok

19:58:35.0761 4184 [ FD7F9D74C2B35DBDA400804A3F5ED5D8 ] iaStor C:\Windows\system32\DRIVERS\iaStor.sys

19:58:35.0776 4184 iaStor - ok

19:58:35.0823 4184 [ C957BF4B5D80B46C5017BF0101E6C906 ] iaStorV C:\Windows\system32\drivers\iastorv.sys

19:58:35.0854 4184 iaStorV - ok

19:58:35.0917 4184 [ 6F95324909B502E2651442C1548AB12F ] IDriverT C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe

19:58:35.0948 4184 IDriverT ( UnsignedFile.Multi.Generic ) - warning

19:58:35.0948 4184 IDriverT - detected UnsignedFile.Multi.Generic (1)

19:58:36.0041 4184 [ 98477B08E61945F974ED9FDC4CB6BDAB ] idsvc C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe

19:58:36.0182 4184 idsvc - ok

19:58:36.0244 4184 [ 2D077BF86E843F901D8DB709C95B49A5 ] iirsp C:\Windows\system32\drivers\iirsp.sys

19:58:36.0275 4184 iirsp - ok

19:58:36.0322 4184 [ 9908D8A397B76CD8D31D0D383C5773C9 ] IKEEXT C:\Windows\System32\ikeext.dll

19:58:36.0431 4184 IKEEXT - ok

19:58:36.0556 4184 [ 0F16D98C3AF2138FABFA20ADDE4E01FE ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHDA.sys

19:58:36.0650 4184 IntcAzAudAddService - ok

19:58:36.0743 4184 [ 83AA759F3189E6370C30DE5DC5590718 ] intelide C:\Windows\system32\drivers\intelide.sys

19:58:36.0759 4184 intelide - ok

19:58:36.0775 4184 [ 224191001E78C89DFA78924C3EA595FF ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys

19:58:36.0837 4184 intelppm - ok

19:58:36.0884 4184 [ 9AC218C6E6105477484C6FDBE7D409A4 ] IPBusEnum C:\Windows\system32\ipbusenum.dll

19:58:36.0946 4184 IPBusEnum - ok

19:58:36.0977 4184 [ 62C265C38769B864CB25B4BCF62DF6C3 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys

19:58:37.0040 4184 IpFilterDriver - ok

19:58:37.0087 4184 [ 1998BD97F950680BB55F55A7244679C2 ] iphlpsvc C:\Windows\System32\iphlpsvc.dll

19:58:37.0133 4184 iphlpsvc - ok

19:58:37.0133 4184 IpInIp - ok

19:58:37.0180 4184 [ 40F34F8ABA2A015D780E4B09138B6C17 ] IPMIDRV C:\Windows\system32\drivers\ipmidrv.sys

19:58:37.0258 4184 IPMIDRV - ok

19:58:37.0336 4184 [ 8793643A67B42CEC66490B2A0CF92D68 ] IPNAT C:\Windows\system32\DRIVERS\ipnat.sys

19:58:37.0399 4184 IPNAT - ok

19:58:37.0445 4184 [ 109C0DFB82C3632FBD11949B73AEEAC9 ] IRENUM C:\Windows\system32\drivers\irenum.sys

19:58:37.0492 4184 IRENUM - ok

19:58:37.0492 4184 [ 350FCA7E73CF65BCEF43FAE1E4E91293 ] isapnp C:\Windows\system32\drivers\isapnp.sys

19:58:37.0508 4184 isapnp - ok

19:58:37.0570 4184 [ 232FA340531D940AAC623B121A595034 ] iScsiPrt C:\Windows\system32\DRIVERS\msiscsi.sys

19:58:37.0601 4184 iScsiPrt - ok

19:58:37.0617 4184 [ BCED60D16156E428F8DF8CF27B0DF150 ] iteatapi C:\Windows\system32\drivers\iteatapi.sys

19:58:37.0633 4184 iteatapi - ok

19:58:37.0648 4184 [ 06FA654504A498C30ADCA8BEC4E87E7E ] iteraid C:\Windows\system32\drivers\iteraid.sys

19:58:37.0664 4184 iteraid - ok

19:58:37.0711 4184 [ 37605E0A8CF00CBBA538E753E4344C6E ] kbdclass C:\Windows\system32\DRIVERS\kbdclass.sys

19:58:37.0726 4184 kbdclass - ok

19:58:37.0742 4184 [ D2600CB17B7408B4A83F231DC9A11AC3 ] kbdhid C:\Windows\system32\DRIVERS\kbdhid.sys

19:58:37.0835 4184 kbdhid - ok

19:58:37.0867 4184 [ A3E186B4B935905B829219502557314E ] KeyIso C:\Windows\system32\lsass.exe

19:58:37.0929 4184 KeyIso - ok

19:58:37.0991 4184 [ A383F2CEA0A8F4E76E71ABC869BD5748 ] KR10I C:\Windows\system32\drivers\kr10i.sys

19:58:38.0038 4184 KR10I - ok

19:58:38.0069 4184 [ 6E9922332386C2A49936B30B2B6FD298 ] KR10N C:\Windows\system32\drivers\kr10n.sys

19:58:38.0116 4184 KR10N - ok

19:58:38.0179 4184 [ 4A1445EFA932A3BAF5BDB02D7131EE20 ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys

19:58:38.0225 4184 KSecDD - ok

19:58:38.0288 4184 [ 8078F8F8F7A79E2E6B494523A828C585 ] KtmRm C:\Windows\system32\msdtckrm.dll

19:58:38.0366 4184 KtmRm - ok

19:58:38.0413 4184 [ 1BF5EEBFD518DD7298434D8C862F825D ] LanmanServer C:\Windows\System32\srvsvc.dll

19:58:38.0475 4184 LanmanServer - ok

19:58:38.0537 4184 [ 1DB69705B695B987082C8BAEC0C6B34F ] LanmanWorkstation C:\Windows\System32\wkssvc.dll

19:58:38.0600 4184 LanmanWorkstation - ok

19:58:38.0647 4184 [ D1C5883087A0C3F1344D9D55A44901F6 ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys

19:58:38.0709 4184 lltdio - ok

19:58:38.0740 4184 [ 2D5A428872F1442631D0959A34ABFF63 ] lltdsvc C:\Windows\System32\lltdsvc.dll

19:58:38.0787 4184 lltdsvc - ok

19:58:38.0834 4184 [ 35D40113E4A5B961B6CE5C5857702518 ] lmhosts C:\Windows\System32\lmhsvc.dll

19:58:38.0896 4184 lmhosts - ok

19:58:38.0959 4184 [ 515FC18CABEE0158A324B08B1C2667CF ] LPCFilter C:\Windows\system32\DRIVERS\LPCFilter.sys

19:58:38.0974 4184 LPCFilter - ok

19:58:39.0037 4184 [ A2262FB9F28935E862B4DB46438C80D2 ] LSI_FC C:\Windows\system32\drivers\lsi_fc.sys

19:58:39.0052 4184 LSI_FC - ok

19:58:39.0068 4184 [ 30D73327D390F72A62F32C103DAF1D6D ] LSI_SAS C:\Windows\system32\drivers\lsi_sas.sys

19:58:39.0083 4184 LSI_SAS - ok

19:58:39.0083 4184 [ E1E36FEFD45849A95F1AB81DE0159FE3 ] LSI_SCSI C:\Windows\system32\drivers\lsi_scsi.sys

19:58:39.0115 4184 LSI_SCSI - ok

19:58:39.0146 4184 [ 8F5C7426567798E62A3B3614965D62CC ] luafv C:\Windows\system32\drivers\luafv.sys

19:58:39.0208 4184 luafv - ok

19:58:39.0224 4184 lxct_device - ok

19:58:39.0286 4184 [ 629CABB0421668C9D3D402A3C3D77E14 ] MBAMProtector C:\Windows\system32\drivers\mbam.sys

19:58:39.0302 4184 MBAMProtector - ok

19:58:39.0427 4184 [ 1ACAA67676E9E7BDA5E0C41B6E0DECAF ] MBAMScheduler E:\Bac\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe

19:58:39.0458 4184 MBAMScheduler - ok

19:58:39.0520 4184 [ 916B8954AC3E06DC9E898AFFB41F3FB6 ] MBAMService E:\Bac\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe

19:58:39.0598 4184 MBAMService - ok

19:58:39.0723 4184 [ DDCC236009C707761D60E5C76D639176 ] McComponentHostService C:\Program Files\McAfee Security Scan\3.0.318\McCHSvc.exe

19:58:39.0754 4184 McComponentHostService - ok

19:58:39.0785 4184 [ AEF9BABB8A506BC4CE0451A64AADED46 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll

19:58:39.0832 4184 Mcx2Svc - ok

19:58:39.0900 4184 [ D153B14FC6598EAE8422A2037553ADCE ] megasas C:\Windows\system32\drivers\megasas.sys

19:58:39.0915 4184 megasas - ok

19:58:39.0931 4184 [ 1076FFCFFAAE8385FD62DFCB25AC4708 ] MMCSS C:\Windows\system32\mmcss.dll

19:58:39.0993 4184 MMCSS - ok

19:58:40.0040 4184 [ E13B5EA0F51BA5B1512EC671393D09BA ] Modem C:\Windows\system32\drivers\modem.sys

19:58:40.0071 4184 Modem - ok

19:58:40.0134 4184 [ 0A9BB33B56E294F686ABB7C1E4E2D8A8 ] monitor C:\Windows\system32\DRIVERS\monitor.sys

19:58:40.0196 4184 monitor - ok

19:58:40.0212 4184 [ 5BF6A1326A335C5298477754A506D263 ] mouclass C:\Windows\system32\DRIVERS\mouclass.sys

19:58:40.0243 4184 mouclass - ok

19:58:40.0243 4184 [ A3A6DFF7E9E757DB3DF51A833BC28885 ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys

19:58:40.0321 4184 mouhid - ok

19:58:40.0368 4184 [ BDAFC88AA6B92F7842416EA6A48E1600 ] MountMgr C:\Windows\system32\drivers\mountmgr.sys

19:58:40.0383 4184 MountMgr - ok

19:58:40.0461 4184 [ 583A41F26278D9E0EA548163D6139397 ] mpio C:\Windows\system32\drivers\mpio.sys

19:58:40.0477 4184 mpio - ok

19:58:40.0524 4184 [ 22241FEBA9B2DEFA669C8CB0A8DD7D2E ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys

19:58:40.0570 4184 mpsdrv - ok

19:58:40.0633 4184 [ 5DE62C6E9108F14F6794060A9BDECAEC ] MpsSvc C:\Windows\system32\mpssvc.dll

19:58:40.0758 4184 MpsSvc - ok

19:58:40.0789 4184 [ 4FBBB70D30FD20EC51F80061703B001E ] Mraid35x C:\Windows\system32\drivers\mraid35x.sys

19:58:40.0804 4184 Mraid35x - ok

19:58:40.0836 4184 [ 82CEA0395524AACFEB58BA1448E8325C ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys

19:58:40.0882 4184 MRxDAV - ok

19:58:40.0914 4184 [ 1E94971C4B446AB2290DEB71D01CF0C2 ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys

19:58:40.0976 4184 mrxsmb - ok

19:58:41.0023 4184 [ 4FCCB34D793B116423209C0F8B7A3B03 ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys

19:58:41.0070 4184 mrxsmb10 - ok

19:58:41.0101 4184 [ C3CB1B40AD4A0124D617A1199B0B9D7C ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys

19:58:41.0132 4184 mrxsmb20 - ok

19:58:41.0179 4184 [ 742AED7939E734C36B7E8D6228CE26B7 ] msahci C:\Windows\system32\drivers\msahci.sys

19:58:41.0194 4184 msahci - ok

19:58:41.0210 4184 [ 3FC82A2AE4CC149165A94699183D3028 ] msdsm C:\Windows\system32\drivers\msdsm.sys

19:58:41.0241 4184 msdsm - ok

19:58:41.0288 4184 [ FD7520CC3A80C5FC8C48852BB24C6DED ] MSDTC C:\Windows\System32\msdtc.exe

19:58:41.0335 4184 MSDTC - ok

19:58:41.0366 4184 [ A9927F4A46B816C92F461ACB90CF8515 ] Msfs C:\Windows\system32\drivers\Msfs.sys

19:58:41.0428 4184 Msfs - ok

19:58:41.0460 4184 [ 0F400E306F385C56317357D6DEA56F62 ] msisadrv C:\Windows\system32\drivers\msisadrv.sys

19:58:41.0491 4184 msisadrv - ok

19:58:41.0538 4184 [ 85466C0757A23D9A9AECDC0755203CB2 ] MSiSCSI C:\Windows\system32\iscsiexe.dll

19:58:41.0584 4184 MSiSCSI - ok

19:58:41.0600 4184 msiserver - ok

19:58:41.0631 4184 [ D8C63D34D9C9E56C059E24EC7185CC07 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys

19:58:41.0694 4184 MSKSSRV - ok

19:58:41.0709 4184 [ 1D373C90D62DDB641D50E55B9E78D65E ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys

19:58:41.0756 4184 MSPCLOCK - ok

19:58:41.0787 4184 [ B572DA05BF4E098D4BBA3A4734FB505B ] MSPQM C:\Windows\system32\drivers\MSPQM.sys

19:58:41.0834 4184 MSPQM - ok

19:58:41.0881 4184 [ B49456D70555DE905C311BCDA6EC6ADB ] MsRPC C:\Windows\system32\drivers\MsRPC.sys

19:58:41.0912 4184 MsRPC - ok

19:58:41.0928 4184 [ E384487CB84BE41D09711C30CA79646C ] mssmbios C:\Windows\system32\DRIVERS\mssmbios.sys

19:58:41.0959 4184 mssmbios - ok

19:58:41.0974 4184 [ 7199C1EEC1E4993CAF96B8C0A26BD58A ] MSTEE C:\Windows\system32\drivers\MSTEE.sys

19:58:42.0037 4184 MSTEE - ok

19:58:42.0068 4184 [ 6A57B5733D4CB702C8EA4542E836B96C ] Mup C:\Windows\system32\Drivers\mup.sys

19:58:42.0099 4184 Mup - ok

19:58:42.0146 4184 [ E4EAF0C5C1B41B5C83386CF212CA9584 ] napagent C:\Windows\system32\qagentRT.dll

19:58:42.0177 4184 napagent - ok

19:58:42.0240 4184 [ 85C44FDFF9CF7E72A40DCB7EC06A4416 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys

19:58:42.0271 4184 NativeWifiP - ok

19:58:42.0349 4184 [ 1357274D1883F68300AEADD15D7BBB42 ] NDIS C:\Windows\system32\drivers\ndis.sys

19:58:42.0411 4184 NDIS - ok

19:58:42.0474 4184 [ 0E186E90404980569FB449BA7519AE61 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys

19:58:42.0520 4184 NdisTapi - ok

19:58:42.0567 4184 [ D6973AA34C4D5D76C0430B181C3CD389 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys

19:58:42.0614 4184 Ndisuio - ok

19:58:42.0692 4184 [ 818F648618AE34F729FDB47EC68345C3 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys

19:58:42.0739 4184 NdisWan - ok

19:58:42.0770 4184 [ 71DAB552B41936358F3B541AE5997FB3 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys

19:58:42.0817 4184 NDProxy - ok

19:58:42.0848 4184 [ BCD093A5A6777CF626434568DC7DBA78 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys

19:58:42.0879 4184 NetBIOS - ok

19:58:42.0942 4184 [ ECD64230A59CBD93C85F1CD1CAB9F3F6 ] netbt C:\Windows\system32\DRIVERS\netbt.sys

19:58:42.0988 4184 netbt - ok

19:58:43.0035 4184 [ A3E186B4B935905B829219502557314E ] Netlogon C:\Windows\system32\lsass.exe

19:58:43.0051 4184 Netlogon - ok

19:58:43.0113 4184 [ C8052711DAECC48B982434C5116CA401 ] Netman C:\Windows\System32\netman.dll

19:58:43.0160 4184 Netman - ok

19:58:43.0254 4184 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetMsmqActivator c:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe

19:58:43.0285 4184 NetMsmqActivator - ok

19:58:43.0285 4184 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetPipeActivator c:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe

19:58:43.0316 4184 NetPipeActivator - ok

19:58:43.0347 4184 [ 2EF3BBE22E5A5ACD1428EE387A0D0172 ] netprofm C:\Windows\System32\netprofm.dll

19:58:43.0410 4184 netprofm - ok

19:58:43.0425 4184 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetTcpActivator c:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe

19:58:43.0441 4184 NetTcpActivator - ok

19:58:43.0441 4184 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetTcpPortSharing c:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe

19:58:43.0472 4184 NetTcpPortSharing - ok

19:58:43.0628 4184 [ C4F27BA95327B6441CA44DDCFB47562A ] NETw4v32 C:\Windows\system32\DRIVERS\NETw4v32.sys

19:58:43.0862 4184 NETw4v32 - ok

19:58:44.0049 4184 [ 8DE67BD902095A13329FD82C85A1FA09 ] NETw5v32 C:\Windows\system32\DRIVERS\NETw5v32.sys

19:58:44.0268 4184 NETw5v32 - ok

19:58:44.0299 4184 [ 2E7FB731D4790A1BC6270ACCEFACB36E ] nfrd960 C:\Windows\system32\drivers\nfrd960.sys

19:58:44.0314 4184 nfrd960 - ok

19:58:44.0361 4184 [ 2997B15415F9BBE05B5A4C1C85E0C6A2 ] NlaSvc C:\Windows\System32\nlasvc.dll

19:58:44.0408 4184 NlaSvc - ok

19:58:44.0455 4184 [ D36F239D7CCE1931598E8FB90A0DBC26 ] Npfs C:\Windows\system32\drivers\Npfs.sys

19:58:44.0502 4184 Npfs - ok

19:58:44.0533 4184 [ 8BB86F0C7EEA2BDED6FE095D0B4CA9BD ] nsi C:\Windows\system32\nsisvc.dll

19:58:44.0595 4184 nsi - ok

19:58:44.0642 4184 [ 609773E344A97410CE4EBF74A8914FCF ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys

19:58:44.0673 4184 nsiproxy - ok

19:58:44.0751 4184 [ 6A4A98CEE84CF9E99564510DDA4BAA47 ] Ntfs C:\Windows\system32\drivers\Ntfs.sys

19:58:44.0876 4184 Ntfs - ok

19:58:44.0939 4184 [ E875C093AEC0C978A90F30C9E0DFBB72 ] ntrigdigi C:\Windows\system32\drivers\ntrigdigi.sys

19:58:45.0017 4184 ntrigdigi - ok

19:58:45.0064 4184 [ C5DBBCDA07D780BDA9B685DF333BB41E ] Null C:\Windows\system32\drivers\Null.sys

19:58:45.0111 4184 Null - ok

19:58:45.0111 4184 [ E69E946F80C1C31C53003BFBF50CBB7C ] nvraid C:\Windows\system32\drivers\nvraid.sys

19:58:45.0142 4184 nvraid - ok

19:58:45.0142 4184 [ 9E0BA19A28C498A6D323D065DB76DFFC ] nvstor C:\Windows\system32\drivers\nvstor.sys

19:58:45.0158 4184 nvstor - ok

19:58:45.0189 4184 [ 07C186427EB8FCC3D8D7927187F260F7 ] nv_agp C:\Windows\system32\drivers\nv_agp.sys

19:58:45.0205 4184 nv_agp - ok

19:58:45.0220 4184 NwlnkFlt - ok

19:58:45.0220 4184 NwlnkFwd - ok

19:58:45.0439 4184 [ 84DE1DD996B48B05ACE31AD015FA108A ] odserv C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE

19:58:45.0470 4184 odserv - ok

19:58:45.0548 4184 [ 6F310E890D46E246E0E261A63D9B36B4 ] ohci1394 C:\Windows\system32\DRIVERS\ohci1394.sys

19:58:45.0579 4184 ohci1394 - ok

19:58:45.0626 4184 [ 5A432A042DAE460ABE7199B758E8606C ] ose C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE

19:58:45.0641 4184 ose - ok

19:58:45.0719 4184 [ 0C8E8E61AD1EB0B250B846712C917506 ] p2pimsvc C:\Windows\system32\p2psvc.dll

19:58:45.0797 4184 p2pimsvc - ok

19:58:45.0844 4184 [ 0C8E8E61AD1EB0B250B846712C917506 ] p2psvc C:\Windows\system32\p2psvc.dll

19:58:45.0938 4184 p2psvc - ok

19:58:45.0969 4184 [ 0FA9B5055484649D63C303FE404E5F4D ] Parport C:\Windows\system32\drivers\parport.sys

19:58:46.0063 4184 Parport - ok

19:58:46.0109 4184 [ B9C2B89F08670E159F7181891E449CD9 ] partmgr C:\Windows\system32\drivers\partmgr.sys

19:58:46.0141 4184 partmgr - ok

19:58:46.0156 4184 [ 4F9A6A8A31413180D0FCB279AD5D8112 ] Parvdm C:\Windows\system32\drivers\parvdm.sys

19:58:46.0219 4184 Parvdm - ok

19:58:46.0297 4184 [ C6276AD11F4BB49B58AA1ED88537F14A ] PcaSvc C:\Windows\System32\pcasvc.dll

19:58:46.0328 4184 PcaSvc - ok

19:58:46.0421 4184 [ 941DC1D19E7E8620F40BBC206981EFDB ] pci C:\Windows\system32\drivers\pci.sys

19:58:46.0484 4184 pci - ok

19:58:46.0531 4184 [ 3B1901E401473E03EB8C874271E50C26 ] pciide C:\Windows\system32\drivers\pciide.sys

19:58:46.0546 4184 pciide - ok

19:58:46.0577 4184 [ 3BB2244F343B610C29C98035504C9B75 ] pcmcia C:\Windows\system32\DRIVERS\pcmcia.sys

19:58:46.0609 4184 pcmcia - ok

19:58:46.0687 4184 [ 6349F6ED9C623B44B52EA3C63C831A92 ] PEAUTH C:\Windows\system32\drivers\peauth.sys

19:58:46.0858 4184 PEAUTH - ok

19:58:47.0014 4184 [ B1689DF169143F57053F795390C99DB3 ] pla C:\Windows\system32\pla.dll

19:58:47.0155 4184 pla - ok

19:58:47.0217 4184 [ C5E7F8A996EC0A82D508FD9064A5569E ] PlugPlay C:\Windows\system32\umpnpmgr.dll

19:58:47.0279 4184 PlugPlay - ok

19:58:47.0311 4184 [ 0C8E8E61AD1EB0B250B846712C917506 ] PNRPAutoReg C:\Windows\system32\p2psvc.dll

19:58:47.0357 4184 PNRPAutoReg - ok

19:58:47.0420 4184 [ 0C8E8E61AD1EB0B250B846712C917506 ] PNRPsvc C:\Windows\system32\p2psvc.dll

19:58:47.0498 4184 PNRPsvc - ok

19:58:47.0529 4184 [ D0494460421A03CD5225CCA0059AA146 ] PolicyAgent C:\Windows\System32\ipsecsvc.dll

19:58:47.0576 4184 PolicyAgent - ok

19:58:47.0623 4184 [ ECFFFAEC0C1ECD8DBC77F39070EA1DB1 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys

19:58:47.0654 4184 PptpMiniport - ok

19:58:47.0701 4184 [ 0E3CEF5D28B40CF273281D620C50700A ] Processor C:\Windows\system32\drivers\processr.sys

19:58:47.0779 4184 Processor - ok

19:58:47.0825 4184 [ 0508FAA222D28835310B7BFCA7A77346 ] ProfSvc C:\Windows\system32\profsvc.dll

19:58:47.0857 4184 ProfSvc - ok

19:58:47.0872 4184 [ A3E186B4B935905B829219502557314E ] ProtectedStorage C:\Windows\system32\lsass.exe

19:58:47.0903 4184 ProtectedStorage - ok

19:58:47.0950 4184 [ 99514FAA8DF93D34B5589187DB3AA0BA ] PSched C:\Windows\system32\DRIVERS\pacer.sys

19:58:47.0997 4184 PSched - ok

19:58:48.0075 4184 [ CCDAC889326317792480C0A67156A1EC ] ql2300 C:\Windows\system32\drivers\ql2300.sys

19:58:48.0153 4184 ql2300 - ok

19:58:48.0200 4184 [ 81A7E5C076E59995D54BC1ED3A16E60B ] ql40xx C:\Windows\system32\drivers\ql40xx.sys

19:58:48.0231 4184 ql40xx - ok

19:58:48.0278 4184 [ E9ECAE663F47E6CB43962D18AB18890F ] QWAVE C:\Windows\system32\qwave.dll

19:58:48.0325 4184 QWAVE - ok

19:58:48.0356 4184 [ 9F5E0E1926014D17486901C88ECA2DB7 ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys

19:58:48.0403 4184 QWAVEdrv - ok

19:58:48.0449 4184 [ 147D7F9C556D259924351FEB0DE606C3 ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys

19:58:48.0512 4184 RasAcd - ok

19:58:48.0559 4184 [ F6A452EB4CEADBB51C9E0EE6B3ECEF0F ] RasAuto C:\Windows\System32\rasauto.dll

19:58:48.0621 4184 RasAuto - ok

19:58:48.0668 4184 [ A214ADBAF4CB47DD2728859EF31F26B0 ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys

19:58:48.0715 4184 Rasl2tp - ok

19:58:48.0777 4184 [ 75D47445D70CA6F9F894B032FBC64FCF ] RasMan C:\Windows\System32\rasmans.dll

19:58:48.0871 4184 RasMan - ok

19:58:48.0902 4184 [ 509A98DD18AF4375E1FC40BC175F1DEF ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys

19:58:48.0964 4184 RasPppoe - ok

19:58:48.0995 4184 [ 2005F4A1E05FA09389AC85840F0A9E4D ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys

19:58:49.0011 4184 RasSstp - ok

19:58:49.0073 4184 [ B14C9D5B9ADD2F84F70570BBBFAA7935 ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys

19:58:49.0120 4184 rdbss - ok

19:58:49.0167 4184 [ 89E59BE9A564262A3FB6C4F4F1CD9899 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys

19:58:49.0292 4184 RDPCDD - ok

19:58:49.0354 4184 [ E8BD98D46F2ED77132BA927FCCB47D8B ] rdpdr C:\Windows\system32\drivers\rdpdr.sys

19:58:49.0448 4184 rdpdr - ok

19:58:49.0479 4184 [ 9D91FE5286F748862ECFFA05F8A0710C ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys

19:58:49.0510 4184 RDPENCDD - ok

19:58:49.0557 4184 [ C127EBD5AFAB31524662C48DFCEB773A ] RDPWD C:\Windows\system32\drivers\RDPWD.sys

19:58:49.0604 4184 RDPWD - ok

19:58:49.0635 4184 [ BCDD6B4804D06B1F7EBF29E53A57ECE9 ] RemoteAccess C:\Windows\System32\mprdim.dll

19:58:49.0697 4184 RemoteAccess - ok

19:58:49.0729 4184 [ 9E6894EA18DAFF37B63E1005F83AE4AB ] RemoteRegistry C:\Windows\system32\regsvc.dll

19:58:49.0760 4184 RemoteRegistry - ok

19:58:49.0807 4184 [ 5123F83CBC4349D065534EEB6BBDC42B ] RpcLocator C:\Windows\system32\locator.exe

19:58:49.0838 4184 RpcLocator - ok

19:58:49.0885 4184 [ 3B5B4D53FEC14F7476CA29A20CC31AC9 ] RpcSs C:\Windows\system32\rpcss.dll

19:58:49.0931 4184 RpcSs - ok

19:58:49.0978 4184 [ 9C508F4074A39E8B4B31D27198146FAD ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys

19:58:50.0042 4184 rspndr - ok

19:58:50.0088 4184 [ B8B159FA669C6386A458FCD468EBB1E6 ] RTL8169 C:\Windows\system32\DRIVERS\Rtlh86.sys

19:58:50.0135 4184 RTL8169 - ok

19:58:50.0166 4184 [ A3E186B4B935905B829219502557314E ] SamSs C:\Windows\system32\lsass.exe

19:58:50.0182 4184 SamSs - ok

19:58:50.0213 4184 [ 3CE8F073A557E172B330109436984E30 ] sbp2port C:\Windows\system32\drivers\sbp2port.sys

19:58:50.0229 4184 sbp2port - ok

19:58:50.0276 4184 [ 77B7A11A0C3D78D3386398FBBEA1B632 ] SCardSvr C:\Windows\System32\SCardSvr.dll

19:58:50.0338 4184 SCardSvr - ok

19:58:50.0447 4184 [ 1A58069DB21D05EB2AB58EE5753EBE8D ] Schedule C:\Windows\system32\schedsvc.dll

19:58:50.0588 4184 Schedule - ok

19:58:50.0603 4184 [ 312EC3E37A0A1F2006534913E37B4423 ] SCPolicySvc C:\Windows\System32\certprop.dll

19:58:50.0634 4184 SCPolicySvc - ok

19:58:50.0697 4184 [ 8F36B54688C31EED4580129040C6A3D3 ] sdbus C:\Windows\system32\DRIVERS\sdbus.sys

19:58:50.0728 4184 sdbus - ok

19:58:50.0806 4184 [ 716313D9F6B0529D03F726D5AAF6F191 ] SDRSVC C:\Windows\System32\SDRSVC.dll

19:58:50.0884 4184 SDRSVC - ok

19:58:50.0915 4184 [ 90A3935D05B494A5A39D37E71F09A677 ] secdrv C:\Windows\system32\drivers\secdrv.sys

19:58:50.0993 4184 secdrv - ok

19:58:51.0040 4184 [ FD5199D4D8A521005E4B5EE7FE00FA9B ] seclogon C:\Windows\system32\seclogon.dll

19:58:51.0321 4184 seclogon - ok

19:58:51.0352 4184 [ A9BBAB5759771E523F55563D6CBE140F ] SENS C:\Windows\system32\sens.dll

19:58:51.0414 4184 SENS - ok

19:58:51.0461 4184 [ 68E44E331D46F0FB38F0863A84CD1A31 ] Serenum C:\Windows\system32\drivers\serenum.sys

19:58:51.0570 4184 Serenum - ok

19:58:51.0602 4184 [ C70D69A918B178D3C3B06339B40C2E1B ] Serial C:\Windows\system32\drivers\serial.sys

19:58:51.0695 4184 Serial - ok

19:58:51.0726 4184 [ 8AF3D28A879BF75DB53A0EE7A4289624 ] sermouse C:\Windows\system32\drivers\sermouse.sys

19:58:51.0804 4184 sermouse - ok

19:58:51.0882 4184 [ D2193326F729B163125610DBF3E17D57 ] SessionEnv C:\Windows\system32\sessenv.dll

19:58:51.0976 4184 SessionEnv - ok

19:58:52.0007 4184 [ 103B79418DA647736EE95645F305F68A ] sffdisk C:\Windows\system32\drivers\sffdisk.sys

19:58:52.0116 4184 sffdisk - ok

19:58:52.0179 4184 [ 8FD08A310645FE872EEEC6E08C6BF3EE ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys

19:58:52.0272 4184 sffp_mmc - ok

19:58:52.0319 4184 [ 9CFA05FCFCB7124E69CFC812B72F9614 ] sffp_sd C:\Windows\system32\drivers\sffp_sd.sys

19:58:52.0413 4184 sffp_sd - ok

19:58:52.0413 4184 [ 46ED8E91793B2E6F848015445A0AC188 ] sfloppy C:\Windows\system32\drivers\sfloppy.sys

19:58:52.0506 4184 sfloppy - ok

19:58:52.0600 4184 [ E1499BD0FF76B1B2FBBF1AF339D91165 ] SharedAccess C:\Windows\System32\ipnathlp.dll

19:58:52.0678 4184 SharedAccess - ok

19:58:52.0787 4184 [ C7230FBEE14437716701C15BE02C27B8 ] ShellHWDetection C:\Windows\System32\shsvcs.dll

19:58:52.0865 4184 ShellHWDetection - ok

19:58:52.0896 4184 [ D2A595D6EEBEEAF4334F8E50EFBC9931 ] sisagp C:\Windows\system32\drivers\sisagp.sys

19:58:52.0943 4184 sisagp - ok

19:58:52.0943 4184 [ CEDD6F4E7D84E9F98B34B3FE988373AA ] SiSRaid2 C:\Windows\system32\drivers\sisraid2.sys

19:58:52.0974 4184 SiSRaid2 - ok

19:58:52.0974 4184 [ DF843C528C4F69D12CE41CE462E973A7 ] SiSRaid4 C:\Windows\system32\drivers\sisraid4.sys

19:58:52.0990 4184 SiSRaid4 - ok

19:58:53.0068 4184 [ 8C4F0DCC6A5100D48F9B2F950CDD220F ] SkypeUpdate C:\Program Files\Skype\Updater\Updater.exe

19:58:53.0084 4184 SkypeUpdate - ok

19:58:53.0708 4184 [ 862BB4CBC05D80C5B45BE430E5EF872F ] slsvc C:\Windows\system32\SLsvc.exe

19:58:54.0066 4184 slsvc - ok

19:58:54.0129 4184 [ 6EDC422215CD78AA8A9CDE6B30ABBD35 ] SLUINotify C:\Windows\system32\SLUINotify.dll

19:58:54.0160 4184 SLUINotify - ok

19:58:54.0222 4184 [ 7B75299A4D201D6A6533603D6914AB04 ] Smb C:\Windows\system32\DRIVERS\smb.sys

19:58:54.0269 4184 Smb - ok

19:58:54.0347 4184 [ 2A146A055B4401C16EE62D18B8E2A032 ] SNMPTRAP C:\Windows\System32\snmptrap.exe

19:58:54.0378 4184 SNMPTRAP - ok

19:58:54.0425 4184 [ 7AEBDEEF071FE28B0EEF2CDD69102BFF ] spldr C:\Windows\system32\drivers\spldr.sys

19:58:54.0472 4184 spldr - ok

19:58:54.0503 4184 [ 8554097E5136C3BF9F69FE578A1B35F4 ] Spooler C:\Windows\System32\spoolsv.exe

19:58:54.0550 4184 Spooler - ok

19:58:54.0628 4184 [ 41987F9FC0E61ADF54F581E15029AD91 ] srv C:\Windows\system32\DRIVERS\srv.sys

19:58:54.0659 4184 srv - ok

19:58:54.0737 4184 [ FF33AFF99564B1AA534F58868CBE41EF ] srv2 C:\Windows\system32\DRIVERS\srv2.sys

19:58:54.0784 4184 srv2 - ok

19:58:54.0815 4184 [ 7605C0E1D01A08F3ECD743F38B834A44 ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys

19:58:54.0846 4184 srvnet - ok

19:58:54.0909 4184 [ 03D50B37234967433A5EA5BA72BC0B62 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll

19:58:54.0971 4184 SSDPSRV - ok

19:58:55.0034 4184 [ 6F1A32E7B7B30F004D9A20AFADB14944 ] SstpSvc C:\Windows\system32\sstpsvc.dll

19:58:55.0098 4184 SstpSvc - ok

19:58:55.0176 4184 [ 5DE7D67E49B88F5F07F3E53C4B92A352 ] stisvc C:\Windows\System32\wiaservc.dll

19:58:55.0254 4184 stisvc - ok

19:58:55.0270 4184 [ 7BA58ECF0C0A9A69D44B3DCA62BECF56 ] swenum C:\Windows\system32\DRIVERS\swenum.sys

19:58:55.0301 4184 swenum - ok

19:58:55.0410 4184 [ F21FD248040681CCA1FB6C9A03AAA93D ] swprv C:\Windows\System32\swprv.dll

19:58:55.0472 4184 swprv - ok

19:58:55.0504 4184 [ 192AA3AC01DF071B541094F251DEED10 ] Symc8xx C:\Windows\system32\drivers\symc8xx.sys

19:58:55.0550 4184 Symc8xx - ok

19:58:55.0582 4184 [ 8C8EB8C76736EBAF3B13B633B2E64125 ] Sym_hi C:\Windows\system32\drivers\sym_hi.sys

19:58:55.0597 4184 Sym_hi - ok

19:58:55.0613 4184 [ 8072AF52B5FD103BBBA387A1E49F62CB ] Sym_u3 C:\Windows\system32\drivers\sym_u3.sys

19:58:55.0628 4184 Sym_u3 - ok

19:58:55.0706 4184 [ 5EFCEDCF3DAF5C8D9E8B77A34A4EEC99 ] SynTP C:\Windows\system32\DRIVERS\SynTP.sys

19:58:55.0722 4184 SynTP - ok

19:58:55.0816 4184 [ 9A51B04E9886AA4EE90093586B0BA88D ] SysMain C:\Windows\system32\sysmain.dll

19:58:55.0940 4184 SysMain - ok

19:58:55.0987 4184 [ 2DCA225EAE15F42C0933E998EE0231C3 ] TabletInputService C:\Windows\System32\TabSvc.dll

19:58:56.0034 4184 TabletInputService - ok

19:58:56.0096 4184 [ D7673E4B38CE21EE54C59EEEB65E2483 ] TapiSrv C:\Windows\System32\tapisrv.dll

19:58:56.0143 4184 TapiSrv - ok

19:58:56.0190 4184 [ CB05822CD9CC6C688168E113C603DBE7 ] TBS C:\Windows\System32\tbssvc.dll

19:58:56.0268 4184 TBS - ok

19:58:56.0455 4184 [ 74E2D020C47BB2B2FCCBA29A518A7EB4 ] Tcpip C:\Windows\system32\drivers\tcpip.sys

19:58:56.0627 4184 Tcpip - ok

19:58:56.0767 4184 [ 74E2D020C47BB2B2FCCBA29A518A7EB4 ] Tcpip6 C:\Windows\system32\DRIVERS\tcpip.sys

19:58:56.0830 4184 Tcpip6 - ok

19:58:56.0892 4184 [ 608C345A255D82A6289C2D468EB41FD7 ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys

19:58:56.0939 4184 tcpipreg - ok

19:58:57.0001 4184 [ 1825BCEB47BF41C5A9F0E44DE82FC27A ] tdcmdpst C:\Windows\system32\DRIVERS\tdcmdpst.sys

19:58:57.0017 4184 tdcmdpst - ok

19:58:57.0064 4184 [ 5DCF5E267BE67A1AE926F2DF77FBCC56 ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys

19:58:57.0142 4184 TDPIPE - ok

19:58:57.0173 4184 [ 389C63E32B3CEFED425B61ED92D3F021 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys

19:58:57.0251 4184 TDTCP - ok

19:58:57.0298 4184 [ 76B06EB8A01FC8624D699E7045303E54 ] tdx C:\Windows\system32\DRIVERS\tdx.sys

19:58:57.0329 4184 tdx - ok

19:58:57.0391 4184 [ 3CAD38910468EAB9A6479E2F01DB43C7 ] TermDD C:\Windows\system32\DRIVERS\termdd.sys

19:58:57.0407 4184 TermDD - ok

19:58:57.0516 4184 [ BB95DA09BEF6E7A131BFF3BA5032090D ] TermService C:\Windows\System32\termsrv.dll

19:58:57.0610 4184 TermService - ok

19:58:57.0641 4184 [ C7230FBEE14437716701C15BE02C27B8 ] Themes C:\Windows\system32\shsvcs.dll

19:58:57.0672 4184 Themes - ok

19:58:57.0703 4184 [ 1076FFCFFAAE8385FD62DFCB25AC4708 ] THREADORDER C:\Windows\system32\mmcss.dll

19:58:57.0734 4184 THREADORDER - ok

19:58:57.0828 4184 [ E4C85C291DDB3DC5E4A2F227CA465BA6 ] tifm21 C:\Windows\system32\drivers\tifm21.sys

19:58:57.0875 4184 tifm21 - ok

19:58:58.0062 4184 [ 1F9A37B633C11EBE5D68137645FA1337 ] TNaviSrv C:\Program Files\TOSHIBA\TOSHIBA HD DVD PLAYER\TNaviSrv.exe

19:58:58.0109 4184 TNaviSrv ( UnsignedFile.Multi.Generic ) - warning

19:58:58.0109 4184 TNaviSrv - detected UnsignedFile.Multi.Generic (1)

19:58:58.0140 4184 [ D540858E65BFA6FDED41AD2495ECE344 ] TODDSrv C:\Windows\system32\TODDSrv.exe

19:58:58.0156 4184 TODDSrv ( UnsignedFile.Multi.Generic ) - warning

19:58:58.0156 4184 TODDSrv - detected UnsignedFile.Multi.Generic (1)

19:58:58.0234 4184 [ 6A54C28B53C6B50D333C8EE974C6B208 ] TosCoSrv C:\Program Files\TOSHIBA\Power Saver\TosCoSrv.exe

19:58:58.0265 4184 TosCoSrv - ok

19:58:58.0327 4184 [ 87843B2DA99051BC66E2D6C211E3D6A4 ] TOSHIBA Bluetooth Service c:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtSrv.exe

19:58:58.0343 4184 TOSHIBA Bluetooth Service - ok

19:58:58.0390 4184 [ 8D624D3BD1F2D78BD1C01A2D4E954B4E ] tosporte C:\Windows\system32\DRIVERS\tosporte.sys

19:58:58.0452 4184 tosporte - ok

19:58:58.0483 4184 [ 266DF087A8C24DA34FF40CF3DF86CCFB ] tosrfbd C:\Windows\system32\DRIVERS\tosrfbd.sys

19:58:58.0530 4184 tosrfbd - ok

19:58:58.0561 4184 [ 90C8525BC578AAFFE87C2D0ED4379E9E ] tosrfbnp C:\Windows\system32\Drivers\tosrfbnp.sys

19:58:58.0577 4184 tosrfbnp - ok

19:58:58.0624 4184 [ 5BA1CA3B3CDDB1DDC67DF473F05D1EC2 ] Tosrfcom C:\Windows\system32\Drivers\tosrfcom.sys

19:58:58.0670 4184 Tosrfcom - ok

19:58:58.0702 4184 [ 5C4103544612E5011EF46301B93D1AA6 ] tosrfec C:\Windows\system32\DRIVERS\tosrfec.sys

19:58:58.0733 4184 tosrfec - ok

19:58:58.0780 4184 [ 7C807BA9660E2995CC0217A14A24094C ] Tosrfhid C:\Windows\system32\DRIVERS\Tosrfhid.sys

19:58:58.0811 4184 Tosrfhid - ok

19:58:58.0858 4184 [ C52FD27B9ADF3A1F22CB90E6BCF9B0CB ] tosrfnds C:\Windows\system32\DRIVERS\tosrfnds.sys

19:58:58.0889 4184 tosrfnds - ok

19:58:58.0936 4184 [ A4CE9572BC4AC8D329455059B43C5BEA ] TosRfSnd C:\Windows\system32\drivers\tosrfsnd.sys

19:58:58.0951 4184 TosRfSnd - ok

19:58:58.0998 4184 [ CDDA265C7617A2745B48E0DE572012A6 ] Tosrfusb C:\Windows\system32\DRIVERS\tosrfusb.sys

19:58:59.0045 4184 Tosrfusb - ok

19:58:59.0092 4184 [ 1EA5F27C29405BF49799FECA77186DA9 ] tos_sps32 C:\Windows\system32\DRIVERS\tos_sps32.sys

19:58:59.0123 4184 tos_sps32 - ok

19:58:59.0123 4184 TpChoice - ok

19:58:59.0170 4184 [ EC74E77D0EB004BD3A809B5F8FB8C2CE ] TrkWks C:\Windows\System32\trkwks.dll

19:58:59.0263 4184 TrkWks - ok

19:58:59.0341 4184 [ 97D9D6A04E3AD9B6C626B9931DB78DBA ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe

19:58:59.0388 4184 TrustedInstaller - ok

19:58:59.0419 4184 [ DCF0F056A2E4F52287264F5AB29CF206 ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys

19:58:59.0450 4184 tssecsrv - ok

19:58:59.0482 4184 [ CAECC0120AC49E3D2F758B9169872D38 ] tunmp C:\Windows\system32\DRIVERS\tunmp.sys

19:58:59.0528 4184 tunmp - ok

19:58:59.0544 4184 [ 300DB877AC094FEAB0BE7688C3454A9C ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys

19:58:59.0560 4184 tunnel - ok

19:58:59.0606 4184 [ 792A8B80F8188ABA4B2BE271583F3E46 ] TVALZ C:\Windows\system32\DRIVERS\TVALZ_O.SYS

19:58:59.0638 4184 TVALZ - ok

19:58:59.0669 4184 [ C3ADE15414120033A36C0F293D4A4121 ] uagp35 C:\Windows\system32\drivers\uagp35.sys

19:58:59.0684 4184 uagp35 - ok

19:58:59.0731 4184 [ D9728AF68C4C7693CB100B8441CBDEC6 ] udfs C:\Windows\system32\DRIVERS\udfs.sys

19:58:59.0778 4184 udfs - ok

19:58:59.0809 4184 [ ECEF404F62863755951E09C802C94AD5 ] UI0Detect C:\Windows\system32\UI0Detect.exe

19:58:59.0856 4184 UI0Detect - ok

19:58:59.0887 4184 [ 75E6890EBFCE0841D3291B02E7A8BDB0 ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys

19:58:59.0903 4184 uliagpkx - ok

19:58:59.0918 4184 [ 3CD4EA35A6221B85DCC25DAA46313F8D ] uliahci C:\Windows\system32\drivers\uliahci.sys

19:58:59.0950 4184 uliahci - ok

19:58:59.0965 4184 [ 8514D0E5CD0534467C5FC61BE94A569F ] UlSata C:\Windows\system32\drivers\ulsata.sys

19:58:59.0981 4184 UlSata - ok

19:58:59.0981 4184 [ 38C3C6E62B157A6BC46594FADA45C62B ] ulsata2 C:\Windows\system32\drivers\ulsata2.sys

19:59:00.0012 4184 ulsata2 - ok

19:59:00.0043 4184 [ 32CFF9F809AE9AED85464492BF3E32D2 ] umbus C:\Windows\system32\DRIVERS\umbus.sys

19:59:00.0106 4184 umbus - ok

19:59:00.0155 4184 [ 68308183F4AE0BE7BF8ECD07CB297999 ] upnphost C:\Windows\System32\upnphost.dll

19:59:00.0202 4184 upnphost - ok

19:59:00.0280 4184 [ CAF811AE4C147FFCD5B51750C7F09142 ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys

19:59:00.0327 4184 usbccgp - ok

19:59:00.0358 4184 [ E9476E6C486E76BC4898074768FB7131 ] usbcir C:\Windows\system32\drivers\usbcir.sys

19:59:00.0421 4184 usbcir - ok

19:59:00.0499 4184 [ 79E96C23A97CE7B8F14D310DA2DB0C9B ] usbehci C:\Windows\system32\DRIVERS\usbehci.sys

19:59:00.0545 4184 usbehci - ok

19:59:00.0577 4184 [ 4673BBCB006AF60E7ABDDBE7A130BA42 ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys

19:59:00.0608 4184 usbhub - ok

19:59:00.0623 4184 [ 38DBC7DD6CC5A72011F187425384388B ] usbohci C:\Windows\system32\drivers\usbohci.sys

19:59:00.0717 4184 usbohci - ok

19:59:00.0779 4184 [ E75C4B5269091D15A2E7DC0B6D35F2F5 ] usbprint C:\Windows\system32\DRIVERS\usbprint.sys

19:59:00.0826 4184 usbprint - ok

19:59:00.0889 4184 [ A508C9BD8724980512136B039BBA65E9 ] usbscan C:\Windows\system32\DRIVERS\usbscan.sys

19:59:00.0951 4184 usbscan - ok

19:59:00.0982 4184 [ BE3DA31C191BC222D9AD503C5224F2AD ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS

19:59:01.0045 4184 USBSTOR - ok

19:59:01.0107 4184 [ 814D653EFC4D48BE3B04A307ECEFF56F ] usbuhci C:\Windows\system32\DRIVERS\usbuhci.sys

19:59:01.0169 4184 usbuhci - ok

19:59:01.0325 4184 [ E67998E8F14CB0627A769F6530BCB352 ] usbvideo C:\Windows\system32\Drivers\usbvideo.sys

19:59:01.0388 4184 usbvideo - ok

19:59:01.0435 4184 [ 3B929A72AAEA96DC0150D3A6DA268C89 ] UVCFTR C:\Windows\system32\Drivers\UVCFTR_S.SYS

19:59:01.0481 4184 UVCFTR - ok

19:59:01.0528 4184 [ 1509E705F3AC1D474C92454A5C2DD81F ] UxSms C:\Windows\System32\uxsms.dll

19:59:01.0606 4184 UxSms - ok

19:59:01.0684 4184 [ CD88D1B7776DC17A119049742EC07EB4 ] vds C:\Windows\System32\vds.exe

19:59:01.0778 4184 vds - ok

19:59:01.0840 4184 [ 7D92BE0028ECDEDEC74617009084B5EF ] vga C:\Windows\system32\DRIVERS\vgapnp.sys

19:59:01.0934 4184 vga - ok

19:59:01.0996 4184 [ 2E93AC0A1D8C79D019DB6C51F036636C ] VgaSave C:\Windows\System32\drivers\vga.sys

19:59:02.0027 4184 VgaSave - ok

19:59:02.0059 4184 [ 045D9961E591CF0674A920B6BA3BA5CB ] viaagp C:\Windows\system32\drivers\viaagp.sys

19:59:02.0074 4184 viaagp - ok

19:59:02.0090 4184 [ 56A4DE5F02F2E88182B0981119B4DD98 ] ViaC7 C:\Windows\system32\drivers\viac7.sys

19:59:02.0152 4184 ViaC7 - ok

19:59:02.0168 4184 [ FD2E3175FCADA350C7AB4521DCA187EC ] viaide C:\Windows\system32\drivers\viaide.sys

19:59:02.0199 4184 viaide - ok

19:59:02.0230 4184 [ 69503668AC66C77C6CD7AF86FBDF8C43 ] volmgr C:\Windows\system32\drivers\volmgr.sys

19:59:02.0277 4184 volmgr - ok

19:59:02.0402 4184 [ 23E41B834759917BFD6B9A0D625D0C28 ] volmgrx C:\Windows\system32\drivers\volmgrx.sys

19:59:02.0464 4184 volmgrx - ok

19:59:02.0511 4184 [ 786DB5771F05EF300390399F626BF30A ] volsnap C:\Windows\system32\drivers\volsnap.sys

19:59:02.0573 4184 volsnap - ok

19:59:02.0620 4184 [ D984439746D42B30FC65A4C3546C6829 ] vsmraid C:\Windows\system32\drivers\vsmraid.sys

19:59:02.0651 4184 vsmraid - ok

19:59:02.0823 4184 [ DB3D19F850C6EB32BDCB9BC0836ACDDB ] VSS C:\Windows\system32\vssvc.exe

19:59:02.0979 4184 VSS - ok

19:59:03.0057 4184 [ 96EA68B9EB310A69C25EBB0282B2B9DE ] W32Time C:\Windows\system32\w32time.dll

19:59:03.0104 4184 W32Time - ok

19:59:03.0151 4184 [ 48DFEE8F1AF7C8235D4E626F0C4FE031 ] WacomPen C:\Windows\system32\drivers\wacompen.sys

19:59:03.0229 4184 WacomPen - ok

19:59:03.0275 4184 [ 55201897378CCA7AF8B5EFD874374A26 ] Wanarp C:\Windows\system32\DRIVERS\wanarp.sys

19:59:03.0307 4184 Wanarp - ok

19:59:03.0307 4184 [ 55201897378CCA7AF8B5EFD874374A26 ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys

19:59:03.0338 4184 Wanarpv6 - ok

19:59:03.0416 4184 [ A3CD60FD826381B49F03832590E069AF ] wcncsvc C:\Windows\System32\wcncsvc.dll

19:59:03.0541 4184 wcncsvc - ok

19:59:03.0603 4184 [ 11BCB7AFCDD7AADACB5746F544D3A9C7 ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll

19:59:03.0681 4184 WcsPlugInService - ok

19:59:03.0759 4184 [ AFC5AD65B991C1E205CF25CFDBF7A6F4 ] Wd C:\Windows\system32\drivers\wd.sys

19:59:03.0790 4184 Wd - ok

19:59:03.0853 4184 [ A840213F1ACDCC175B4D1D5AAEAC0D7A ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys

19:59:03.0899 4184 Wdf01000 - ok

19:59:03.0977 4184 [ ABFC76B48BB6C96E3338D8943C5D93B5 ] WdiServiceHost C:\Windows\system32\wdi.dll

19:59:04.0071 4184 WdiServiceHost - ok

19:59:04.0087 4184 [ ABFC76B48BB6C96E3338D8943C5D93B5 ] WdiSystemHost C:\Windows\system32\wdi.dll

19:59:04.0133 4184 WdiSystemHost - ok

19:59:04.0196 4184 [ 04C37D8107320312FBAE09926103D5E2 ] WebClient C:\Windows\System32\webclnt.dll

19:59:04.0305 4184 WebClient - ok

19:59:04.0383 4184 [ AE3736E7E8892241C23E4EBBB7453B60 ] Wecsvc C:\Windows\system32\wecsvc.dll

19:59:04.0461 4184 Wecsvc - ok

19:59:04.0492 4184 [ 670FF720071ED741206D69BD995EA453 ] wercplsupport C:\Windows\System32\wercplsupport.dll

19:59:04.0539 4184 wercplsupport - ok

19:59:04.0601 4184 [ 32B88481D3B326DA6DEB07B1D03481E7 ] WerSvc C:\Windows\System32\WerSvc.dll

19:59:04.0679 4184 WerSvc - ok

19:59:04.0789 4184 [ 4575AA12561C5648483403541D0D7F2B ] WinDefend C:\Program Files\Windows Defender\mpsvc.dll

19:59:04.0820 4184 WinDefend - ok

19:59:04.0835 4184 WinHttpAutoProxySvc - ok

19:59:04.0991 4184 [ 6B2A1D0E80110E3D04E6863C6E62FD8A ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll

19:59:05.0038 4184 Winmgmt - ok

19:59:05.0273 4184 [ 7CFE68BDC065E55AA5E8421607037511 ] WinRM C:\Windows\system32\WsmSvc.dll

19:59:05.0398 4184 WinRM - ok

19:59:05.0554 4184 [ C008405E4FEEB069E30DA1D823910234 ] Wlansvc C:\Windows\System32\wlansvc.dll

19:59:05.0679 4184 Wlansvc - ok

19:59:05.0741 4184 [ 4A7CBA39C73675CAD73EDB6D2F770105 ] wmdusbser C:\Windows\system32\DRIVERS\wmdusbser.sys

19:59:05.0788 4184 wmdusbser - ok

19:59:05.0819 4184 [ 701A9F884A294327E9141D73746EE279 ] WmiAcpi C:\Windows\system32\drivers\wmiacpi.sys

19:59:05.0928 4184 WmiAcpi - ok

19:59:06.0006 4184 [ 43BE3875207DCB62A85C8C49970B66CC ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe

19:59:06.0069 4184 wmiApSrv - ok

19:59:06.0272 4184 [ 3978704576A121A9204F8CC49A301A9B ] WMPNetworkSvc C:\Program Files\Windows Media Player\wmpnetwk.exe

19:59:06.0396 4184 WMPNetworkSvc - ok

19:59:06.0459 4184 [ CFC5A04558F5070CEE3E3A7809F3FF52 ] WPCSvc C:\Windows\System32\wpcsvc.dll

19:59:06.0537 4184 WPCSvc - ok

19:59:06.0615 4184 [ 801FBDB89D472B3C467EB112A0FC9246 ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll

19:59:06.0662 4184 WPDBusEnum - ok

19:59:06.0786 4184 [ DE9D36F91A4DF3D911626643DEBF11EA ] WpdUsb C:\Windows\system32\DRIVERS\wpdusb.sys

19:59:06.0849 4184 WpdUsb - ok

19:59:07.0114 4184 [ DCF3E3EDF5109EE8BC02FE6E1F045795 ] WPFFontCache_v0400 C:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe

19:59:07.0223 4184 WPFFontCache_v0400 - ok

19:59:07.0286 4184 [ E3A3CB253C0EC2494D4A61F5E43A389C ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys

19:59:07.0364 4184 ws2ifsl - ok

19:59:07.0410 4184 [ 1CA6C40261DDC0425987980D0CD2AAAB ] wscsvc C:\Windows\system32\wscsvc.dll

19:59:07.0473 4184 wscsvc - ok

19:59:07.0473 4184 WSearch - ok

19:59:07.0769 4184 [ FC3EC24FCE372C89423E015A2AC1A31E ] wuauserv C:\Windows\system32\wuaueng.dll

19:59:08.0034 4184 wuauserv - ok

19:59:08.0128 4184 [ 06E6F32C8D0A3F66D956F57B43A2E070 ] WudfPf C:\Windows\system32\drivers\WudfPf.sys

19:59:08.0159 4184 WudfPf - ok

19:59:08.0190 4184 [ 867C301E8B790040AE9CF6486E8041DF ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys

19:59:08.0222 4184 WUDFRd - ok

19:59:08.0284 4184 [ FE47B7BC8EA320C2D9B5E5BF6E303765 ] wudfsvc C:\Windows\System32\WUDFSvc.dll

19:59:08.0346 4184 wudfsvc - ok

19:59:08.0518 4184 [ DD0042F0C3B606A6A8B92D49AFB18AD6 ] YahooAUService C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe

19:59:08.0627 4184 YahooAUService - ok

19:59:08.0658 4184 ================ Scan global ===============================

19:59:08.0705 4184 [ F31EEBC1A1C81FD04005489CC3DCDFE7 ] C:\Windows\system32\basesrv.dll

19:59:08.0768 4184 [ D2293B069E4B63DC17B2F08D45E71124 ] C:\Windows\system32\winsrv.dll

19:59:08.0924 4184 [ D2293B069E4B63DC17B2F08D45E71124 ] C:\Windows\system32\winsrv.dll

19:59:09.0017 4184 [ D4E6D91C1349B7BFB3599A6ADA56851B ] C:\Windows\system32\services.exe

19:59:09.0048 4184 [Global] - ok

19:59:09.0048 4184 ================ Scan MBR ==================================

19:59:09.0080 4184 [ 5C616939100B85E558DA92B899A0FC36 ] \Device\Harddisk0\DR0

19:59:11.0296 4184 \Device\Harddisk0\DR0 - ok

19:59:11.0296 4184 ================ Scan VBR ==================================

19:59:11.0358 4184 [ B3E2C29447B39A27174591757D1A1EAE ] \Device\Harddisk0\DR0\Partition1

19:59:11.0389 4184 \Device\Harddisk0\DR0\Partition1 - ok

19:59:11.0405 4184 [ 4F2EAA2F4E5CC0917C2CAF3B5D85D367 ] \Device\Harddisk0\DR0\Partition2

19:59:11.0436 4184 \Device\Harddisk0\DR0\Partition2 - ok

19:59:11.0436 4184 ================ Scan active images ========================

19:59:11.0436 4184 [ 36975327EF03949CC378AB01E316B574 ] C:\Windows\System32\drivers\crashdmp.sys

19:59:11.0436 4184 C:\Windows\System32\drivers\crashdmp.sys - ok

19:59:11.0452 4184 [ FD7F9D74C2B35DBDA400804A3F5ED5D8 ] C:\Windows\System32\drivers\iaStor.sys

19:59:11.0452 4184 C:\Windows\System32\drivers\iaStor.sys - ok

19:59:11.0452 4184 [ 300DB877AC094FEAB0BE7688C3454A9C ] C:\Windows\System32\drivers\tunnel.sys

19:59:11.0452 4184 C:\Windows\System32\drivers\tunnel.sys - ok

19:59:11.0467 4184 [ CAECC0120AC49E3D2F758B9169872D38 ] C:\Windows\System32\drivers\TUNMP.SYS

19:59:11.0467 4184 C:\Windows\System32\drivers\TUNMP.SYS - ok

19:59:11.0467 4184 [ 224191001E78C89DFA78924C3EA595FF ] C:\Windows\System32\drivers\intelppm.sys

19:59:11.0467 4184 C:\Windows\System32\drivers\intelppm.sys - ok

19:59:11.0483 4184 [ 8CE91545423A431353869ED5ADE90ECE ] C:\Windows\System32\drivers\atikmdag.sys

19:59:11.0483 4184 C:\Windows\System32\drivers\atikmdag.sys - ok

19:59:11.0483 4184 [ C68AC676B0EF30CFBB1080ADCE49EB1F ] C:\Windows\System32\drivers\dxgkrnl.sys

19:59:11.0483 4184 C:\Windows\System32\drivers\dxgkrnl.sys - ok

19:59:11.0499 4184 [ 4A5C31E2C1646034E6A60EBA4C747FF6 ] C:\Windows\System32\drivers\watchdog.sys

19:59:11.0499 4184 C:\Windows\System32\drivers\watchdog.sys - ok

19:59:11.0499 4184 [ 062452B7FFD68C8C042A6261FE8DFF4A ] C:\Windows\System32\drivers\hdaudbus.sys

19:59:11.0499 4184 C:\Windows\System32\drivers\hdaudbus.sys - ok

19:59:11.0499 4184 [ A1C100A87D981AD0774FBC0B4B82E913 ] C:\Windows\System32\drivers\usbport.sys

19:59:11.0499 4184 C:\Windows\System32\drivers\usbport.sys - ok

19:59:11.0514 4184 [ 814D653EFC4D48BE3B04A307ECEFF56F ] C:\Windows\System32\drivers\usbuhci.sys

19:59:11.0514 4184 C:\Windows\System32\drivers\usbuhci.sys - ok

19:59:11.0514 4184 [ 79E96C23A97CE7B8F14D310DA2DB0C9B ] C:\Windows\System32\drivers\usbehci.sys

19:59:11.0514 4184 C:\Windows\System32\drivers\usbehci.sys - ok

19:59:11.0530 4184 [ B8B159FA669C6386A458FCD468EBB1E6 ] C:\Windows\System32\drivers\Rtlh86.sys

19:59:11.0530 4184 C:\Windows\System32\drivers\Rtlh86.sys - ok

19:59:11.0530 4184 [ 8DE67BD902095A13329FD82C85A1FA09 ] C:\Windows\System32\drivers\NETw5v32.sys

19:59:11.0530 4184 C:\Windows\System32\drivers\NETw5v32.sys - ok

19:59:11.0545 4184 [ 0349BE02F329F4F48F1D48097FD65974 ] C:\Windows\System32\drivers\1394bus.sys

19:59:11.0545 4184 C:\Windows\System32\drivers\1394bus.sys - ok

19:59:11.0545 4184 [ 6F310E890D46E246E0E261A63D9B36B4 ] C:\Windows\System32\drivers\ohci1394.sys

19:59:11.0545 4184 C:\Windows\System32\drivers\ohci1394.sys - ok

19:59:11.0561 4184 [ E4C85C291DDB3DC5E4A2F227CA465BA6 ] C:\Windows\System32\drivers\tifm21.sys

19:59:11.0561 4184 C:\Windows\System32\drivers\tifm21.sys - ok

19:59:11.0561 4184 [ 99AFC3795B58CC478FBBBCDC658FCB56 ] C:\Windows\System32\drivers\CmBatt.sys

19:59:11.0561 4184 C:\Windows\System32\drivers\CmBatt.sys - ok

19:59:11.0577 4184 [ 8F36B54688C31EED4580129040C6A3D3 ] C:\Windows\System32\drivers\sdbus.sys

19:59:11.0577 4184 C:\Windows\System32\drivers\sdbus.sys - ok

19:59:11.0577 4184 [ 5C4103544612E5011EF46301B93D1AA6 ] C:\Windows\System32\drivers\tosrfec.sys

19:59:11.0577 4184 C:\Windows\System32\drivers\tosrfec.sys - ok

19:59:11.0577 4184 [ E2FEE0486D68BF85355D3EDA1A24FF68 ] C:\Windows\System32\drivers\aswKbd.sys

19:59:11.0577 4184 C:\Windows\System32\drivers\aswKbd.sys - ok

19:59:11.0592 4184 [ 22D56C8184586B7A1F6FA60BE5F5A2BD ] C:\Windows\System32\drivers\i8042prt.sys

19:59:11.0592 4184 C:\Windows\System32\drivers\i8042prt.sys - ok

19:59:11.0592 4184 [ 37605E0A8CF00CBBA538E753E4344C6E ] C:\Windows\System32\drivers\kbdclass.sys

19:59:11.0592 4184 C:\Windows\System32\drivers\kbdclass.sys - ok

19:59:11.0608 4184 [ 5EFCEDCF3DAF5C8D9E8B77A34A4EEC99 ] C:\Windows\System32\drivers\SynTP.sys

19:59:11.0608 4184 C:\Windows\System32\drivers\SynTP.sys - ok

19:59:11.0608 4184 [ 790FDAC6D0C762DF9047C3C625A6FF6C ] C:\Windows\System32\drivers\usbd.sys

19:59:11.0608 4184 C:\Windows\System32\drivers\usbd.sys - ok

19:59:11.0623 4184 [ 5BF6A1326A335C5298477754A506D263 ] C:\Windows\System32\drivers\mouclass.sys

19:59:11.0623 4184 C:\Windows\System32\drivers\mouclass.sys - ok

19:59:11.0623 4184 [ 1825BCEB47BF41C5A9F0E44DE82FC27A ] C:\Windows\System32\drivers\tdcmdpst.sys

19:59:11.0623 4184 C:\Windows\System32\drivers\tdcmdpst.sys - ok

19:59:11.0639 4184 [ 6B4BFFB9BECD728097024276430DB314 ] C:\Windows\System32\drivers\cdrom.sys

19:59:11.0639 4184 C:\Windows\System32\drivers\cdrom.sys - ok

19:59:11.0639 4184 [ 5BA1CA3B3CDDB1DDC67DF473F05D1EC2 ] C:\Windows\System32\drivers\tosrfcom.sys

19:59:11.0639 4184 C:\Windows\System32\drivers\tosrfcom.sys - ok

19:59:11.0639 4184 [ 232FA340531D940AAC623B121A595034 ] C:\Windows\System32\drivers\msiscsi.sys

19:59:11.0655 4184 C:\Windows\System32\drivers\msiscsi.sys - ok

19:59:11.0655 4184 [ 47E55AFE1ED1D5AFF09690DB226F4A7A ] C:\Windows\System32\drivers\Storport.sys

19:59:11.0655 4184 C:\Windows\System32\drivers\Storport.sys - ok

19:59:11.0655 4184 [ 77937EFF009AC696B90E09F671F9D0A4 ] C:\Windows\System32\drivers\tdi.sys

19:59:11.0655 4184 C:\Windows\System32\drivers\tdi.sys - ok

19:59:11.0670 4184 [ A214ADBAF4CB47DD2728859EF31F26B0 ] C:\Windows\System32\drivers\rasl2tp.sys

19:59:11.0670 4184 C:\Windows\System32\drivers\rasl2tp.sys - ok

19:59:11.0670 4184 [ 0E186E90404980569FB449BA7519AE61 ] C:\Windows\System32\drivers\ndistapi.sys

19:59:11.0670 4184 C:\Windows\System32\drivers\ndistapi.sys - ok

19:59:11.0686 4184 [ 818F648618AE34F729FDB47EC68345C3 ] C:\Windows\System32\drivers\ndiswan.sys

19:59:11.0686 4184 C:\Windows\System32\drivers\ndiswan.sys - ok

19:59:11.0686 4184 [ 509A98DD18AF4375E1FC40BC175F1DEF ] C:\Windows\System32\drivers\raspppoe.sys

19:59:11.0686 4184 C:\Windows\System32\drivers\raspppoe.sys - ok

19:59:11.0701 4184 [ ECFFFAEC0C1ECD8DBC77F39070EA1DB1 ] C:\Windows\System32\drivers\raspptp.sys

19:59:11.0701 4184 C:\Windows\System32\drivers\raspptp.sys - ok

19:59:11.0701 4184 [ 2005F4A1E05FA09389AC85840F0A9E4D ] C:\Windows\System32\drivers\rassstp.sys

19:59:11.0701 4184 C:\Windows\System32\drivers\rassstp.sys - ok

19:59:11.0717 4184 [ 3CAD38910468EAB9A6479E2F01DB43C7 ] C:\Windows\System32\drivers\termdd.sys

19:59:11.0717 4184 C:\Windows\System32\drivers\termdd.sys - ok

19:59:11.0717 4184 [ EF73C1E29FBE7B0FD0274BF4394E346A ] C:\Windows\System32\drivers\ks.sys

19:59:11.0717 4184 C:\Windows\System32\drivers\ks.sys - ok

19:59:11.0733 4184 [ E5D4133F37219DBCFE102BC61072589D ] C:\Windows\System32\drivers\circlass.sys

19:59:11.0733 4184 C:\Windows\System32\drivers\circlass.sys - ok

19:59:11.0733 4184 [ 7BA58ECF0C0A9A69D44B3DCA62BECF56 ] C:\Windows\System32\drivers\swenum.sys

19:59:11.0733 4184 C:\Windows\System32\drivers\swenum.sys - ok

19:59:11.0748 4184 [ E384487CB84BE41D09711C30CA79646C ] C:\Windows\System32\drivers\mssmbios.sys

19:59:11.0748 4184 C:\Windows\System32\drivers\mssmbios.sys - ok

19:59:11.0748 4184 [ 32CFF9F809AE9AED85464492BF3E32D2 ] C:\Windows\System32\drivers\umbus.sys

19:59:11.0748 4184 C:\Windows\System32\drivers\umbus.sys - ok

19:59:11.0764 4184 [ 4673BBCB006AF60E7ABDDBE7A130BA42 ] C:\Windows\System32\drivers\usbhub.sys

19:59:11.0764 4184 C:\Windows\System32\drivers\usbhub.sys - ok

19:59:11.0764 4184 [ 8D624D3BD1F2D78BD1C01A2D4E954B4E ] C:\Windows\System32\drivers\tosporte.sys

19:59:11.0764 4184 C:\Windows\System32\drivers\tosporte.sys - ok

19:59:11.0779 4184 [ 71DAB552B41936358F3B541AE5997FB3 ] C:\Windows\System32\drivers\ndproxy.sys

19:59:11.0779 4184 C:\Windows\System32\drivers\ndproxy.sys - ok

19:59:11.0779 4184 [ 7BE5A3C671A2CB56E94403BFC2020A0D ] C:\Windows\System32\drivers\drmk.sys

19:59:11.0779 4184 C:\Windows\System32\drivers\drmk.sys - ok

19:59:11.0779 4184 [ 218286724EC530FF252648369E05B090 ] C:\Windows\System32\drivers\portcls.sys

19:59:11.0779 4184 C:\Windows\System32\drivers\portcls.sys - ok

19:59:11.0795 4184 [ 3F90E001369A07243763BD5A523D8722 ] C:\Windows\System32\drivers\HdAudio.sys

19:59:11.0795 4184 C:\Windows\System32\drivers\HdAudio.sys - ok

19:59:11.0795 4184 [ 0F16D98C3AF2138FABFA20ADDE4E01FE ] C:\Windows\System32\drivers\RTKVHDA.sys

19:59:11.0795 4184 C:\Windows\System32\drivers\RTKVHDA.sys - ok

19:59:11.0811 4184 [ CE91B158FA490CF4C4D487A4130F4660 ] C:\Windows\System32\drivers\AGRSM.sys

19:59:11.0811 4184 C:\Windows\System32\drivers\AGRSM.sys - ok

19:59:11.0811 4184 [ E13B5EA0F51BA5B1512EC671393D09BA ] C:\Windows\System32\drivers\modem.sys

19:59:11.0811 4184 C:\Windows\System32\drivers\modem.sys - ok

19:59:11.0826 4184 [ B32E9AD44A1DBB3E8095E80F8DF32B03 ] C:\Windows\System32\drivers\aswSnx.sys

19:59:11.0826 4184 C:\Windows\System32\drivers\aswSnx.sys - ok

19:59:11.0826 4184 [ B972A66758577E0BFD1DE0F91AAA27B5 ] C:\Windows\System32\drivers\fs_rec.sys

19:59:11.0826 4184 C:\Windows\System32\drivers\fs_rec.sys - ok

19:59:11.0842 4184 [ 67E506B75BD5326A3EC7B70BD014DFB6 ] C:\Windows\System32\drivers\beep.sys

19:59:11.0842 4184 C:\Windows\System32\drivers\beep.sys - ok

19:59:11.0842 4184 [ C5DBBCDA07D780BDA9B685DF333BB41E ] C:\Windows\System32\drivers\null.sys

19:59:11.0842 4184 C:\Windows\System32\drivers\null.sys - ok

19:59:11.0857 4184 [ C048D2C33D27441A0CDCAAE2651EB03D ] C:\Windows\System32\drivers\videoprt.sys

19:59:11.0857 4184 C:\Windows\System32\drivers\videoprt.sys - ok

19:59:11.0857 4184 [ 2E93AC0A1D8C79D019DB6C51F036636C ] C:\Windows\System32\drivers\vga.sys

19:59:11.0857 4184 C:\Windows\System32\drivers\vga.sys - ok

19:59:11.0873 4184 [ 89E59BE9A564262A3FB6C4F4F1CD9899 ] C:\Windows\System32\drivers\RDPCDD.sys

19:59:11.0873 4184 C:\Windows\System32\drivers\RDPCDD.sys - ok

19:59:11.0873 4184 [ 9D91FE5286F748862ECFFA05F8A0710C ] C:\Windows\System32\drivers\RDPENCDD.sys

19:59:11.0873 4184 C:\Windows\System32\drivers\RDPENCDD.sys - ok

19:59:11.0873 4184 [ A9927F4A46B816C92F461ACB90CF8515 ] C:\Windows\System32\drivers\msfs.sys

19:59:11.0873 4184 C:\Windows\System32\drivers\msfs.sys - ok

19:59:11.0889 4184 [ D36F239D7CCE1931598E8FB90A0DBC26 ] C:\Windows\System32\drivers\npfs.sys

19:59:11.0889 4184 C:\Windows\System32\drivers\npfs.sys - ok

19:59:11.0889 4184 [ 147D7F9C556D259924351FEB0DE606C3 ] C:\Windows\System32\drivers\rasacd.sys

19:59:11.0889 4184 C:\Windows\System32\drivers\rasacd.sys - ok

19:59:11.0904 4184 [ 76B06EB8A01FC8624D699E7045303E54 ] C:\Windows\System32\drivers\tdx.sys

19:59:11.0904 4184 C:\Windows\System32\drivers\tdx.sys - ok

19:59:11.0904 4184 [ CCAFDA4AB7F3738142B3BA7DA311FFB0 ] C:\Windows\System32\drivers\aswFW.sys

19:59:11.0904 4184 C:\Windows\System32\drivers\aswFW.sys - ok

19:59:11.0920 4184 [ E3E73B2B73A4DFADFDDF557192C4B08A ] C:\Windows\System32\drivers\aswTdi.sys

19:59:11.0920 4184 C:\Windows\System32\drivers\aswTdi.sys - ok

19:59:11.0920 4184 [ 7B75299A4D201D6A6533603D6914AB04 ] C:\Windows\System32\drivers\smb.sys

19:59:11.0920 4184 C:\Windows\System32\drivers\smb.sys - ok

19:59:11.0935 4184 [ 3911B972B55FEA0478476B2E777B29FA ] C:\Windows\System32\drivers\afd.sys

19:59:11.0935 4184 C:\Windows\System32\drivers\afd.sys - ok

19:59:11.0935 4184 [ 7C9F0A2AB17D52261A9252A2EB320884 ] C:\Windows\System32\drivers\aswRdr.sys

19:59:11.0935 4184 C:\Windows\System32\drivers\aswRdr.sys - ok

19:59:11.0951 4184 [ ECD64230A59CBD93C85F1CD1CAB9F3F6 ] C:\Windows\System32\drivers\netbt.sys

19:59:11.0951 4184 C:\Windows\System32\drivers\netbt.sys - ok

19:59:11.0951 4184 [ E3A3CB253C0EC2494D4A61F5E43A389C ] C:\Windows\System32\drivers\ws2ifsl.sys

19:59:11.0951 4184 C:\Windows\System32\drivers\ws2ifsl.sys - ok

19:59:11.0967 4184 [ 99514FAA8DF93D34B5589187DB3AA0BA ] C:\Windows\System32\drivers\pacer.sys

19:59:11.0967 4184 C:\Windows\System32\drivers\pacer.sys - ok

19:59:11.0967 4184 [ BCD093A5A6777CF626434568DC7DBA78 ] C:\Windows\System32\drivers\netbios.sys

19:59:11.0967 4184 C:\Windows\System32\drivers\netbios.sys - ok

19:59:11.0967 4184 [ 55201897378CCA7AF8B5EFD874374A26 ] C:\Windows\System32\drivers\wanarp.sys

19:59:11.0967 4184 C:\Windows\System32\drivers\wanarp.sys - ok

19:59:11.0982 4184 [ B14C9D5B9ADD2F84F70570BBBFAA7935 ] C:\Windows\System32\drivers\rdbss.sys

19:59:11.0982 4184 C:\Windows\System32\drivers\rdbss.sys - ok

19:59:11.0982 4184 [ 609773E344A97410CE4EBF74A8914FCF ] C:\Windows\System32\drivers\nsiproxy.sys

19:59:11.0982 4184 C:\Windows\System32\drivers\nsiproxy.sys - ok

19:59:11.0998 4184 [ 622C41A07CA7E6DD91770F50D532CB6C ] C:\Windows\System32\drivers\dfsc.sys

19:59:11.0998 4184 C:\Windows\System32\drivers\dfsc.sys - ok

19:59:11.0998 4184 [ 67B558895695545FB0568B7541F3BCA7 ] C:\Windows\System32\drivers\aswSP.sys

19:59:11.0998 4184 C:\Windows\System32\drivers\aswSP.sys - ok

19:59:12.0013 4184 [ CAF811AE4C147FFCD5B51750C7F09142 ] C:\Windows\System32\drivers\usbccgp.sys

19:59:12.0013 4184 C:\Windows\System32\drivers\usbccgp.sys - ok

19:59:12.0013 4184 [ 3B929A72AAEA96DC0150D3A6DA268C89 ] C:\Windows\System32\drivers\UVCFTR_S.SYS

19:59:12.0013 4184 C:\Windows\System32\drivers\UVCFTR_S.SYS - ok

19:59:12.0029 4184 [ E67998E8F14CB0627A769F6530BCB352 ] C:\Windows\System32\drivers\usbvideo.sys

19:59:12.0029 4184 C:\Windows\System32\drivers\usbvideo.sys - ok

19:59:12.0029 4184 [ DDA770BBD7C2ED024D6F50E279D90E5B ] C:\Windows\System32\ntdll.dll

19:59:12.0029 4184 C:\Windows\System32\ntdll.dll - ok

Link to post
Share on other sites

2nd 2nd third

===================================

19:59:12.0045 4184 [ 98AF15A94CD6AC37248E72E5FE789B35 ] C:\Windows\System32\smss.exe

19:59:12.0045 4184 C:\Windows\System32\smss.exe - ok

19:59:12.0045 4184 [ 10761177A6EBE45843F443E99509F5E7 ] C:\Windows\System32\autochk.exe

19:59:12.0045 4184 C:\Windows\System32\autochk.exe - ok

19:59:12.0045 4184 [ BE157C3800DA3010EFC48280ECF81C16 ] C:\Windows\System32\urlmon.dll

19:59:12.0045 4184 C:\Windows\System32\urlmon.dll - ok

19:59:12.0060 4184 [ DC3105CC925A0D47F61B54E66AB730FC ] C:\Windows\System32\kernel32.dll

19:59:12.0060 4184 C:\Windows\System32\kernel32.dll - ok

19:59:12.0060 4184 [ 4AA2A0E26CEF1A803741253DCF9A1503 ] C:\Windows\System32\comdlg32.dll

19:59:12.0060 4184 C:\Windows\System32\comdlg32.dll - ok

19:59:12.0076 4184 [ 6F29236AB5926100972924BD29D9D225 ] C:\Windows\System32\normaliz.dll

19:59:12.0076 4184 C:\Windows\System32\normaliz.dll - ok

19:59:12.0076 4184 [ 80FFF14F1757B9AF8BE9D314FC1AE88B ] C:\Windows\System32\usp10.dll

19:59:12.0076 4184 C:\Windows\System32\usp10.dll - ok

19:59:12.0091 4184 [ 17AF64D727545F2804F6E6D998327E3F ] C:\Windows\System32\msvcrt.dll

19:59:12.0091 4184 C:\Windows\System32\msvcrt.dll - ok

19:59:12.0091 4184 [ E2281CFF793D7A09CE2B35F9F8732EE3 ] C:\Windows\System32\rpcrt4.dll

19:59:12.0091 4184 C:\Windows\System32\rpcrt4.dll - ok

19:59:12.0107 4184 [ 75510147B94598407666F4802797C75A ] C:\Windows\System32\user32.dll

19:59:12.0107 4184 C:\Windows\System32\user32.dll - ok

19:59:12.0107 4184 [ EB0E02749CE5C488741C9A0ABEAB5DEC ] C:\Windows\System32\lpk.dll

19:59:12.0107 4184 C:\Windows\System32\lpk.dll - ok

19:59:12.0123 4184 [ A64AEBC6C78B4CFD7F41A7277879DF8F ] C:\Windows\System32\nsi.dll

19:59:12.0123 4184 C:\Windows\System32\nsi.dll - ok

19:59:12.0123 4184 [ 551F51B66E5EA87A38D8197EB3BDB57A ] C:\Windows\System32\setupapi.dll

19:59:12.0123 4184 C:\Windows\System32\setupapi.dll - ok

19:59:12.0123 4184 [ 420B075CD71AB9E58D15DD258958FBA3 ] C:\Windows\System32\shlwapi.dll

19:59:12.0123 4184 C:\Windows\System32\shlwapi.dll - ok

19:59:12.0138 4184 [ B218342214D9BBA0F54EA12BA2E9278C ] C:\Windows\System32\oleaut32.dll

19:59:12.0138 4184 C:\Windows\System32\oleaut32.dll - ok

19:59:12.0138 4184 [ AAF101900A23D75AE1AE00840FA6F3B8 ] C:\Windows\System32\shell32.dll

19:59:12.0138 4184 C:\Windows\System32\shell32.dll - ok

19:59:12.0154 4184 [ D171EAA745A2C0C583CDDA13D9088EE4 ] C:\Windows\System32\iertutil.dll

19:59:12.0154 4184 C:\Windows\System32\iertutil.dll - ok

19:59:12.0154 4184 [ 7856E3B4594714EF89BB97375E8644EE ] C:\Windows\System32\gdi32.dll

19:59:12.0154 4184 C:\Windows\System32\gdi32.dll - ok

19:59:12.0169 4184 [ 9586E7CB2255A8B097A7E4538202585E ] C:\Windows\System32\ole32.dll

19:59:12.0169 4184 C:\Windows\System32\ole32.dll - ok

19:59:12.0169 4184 [ B8A609FB5EFB4E44FC1355B1C01C64BC ] C:\Windows\System32\Wldap32.dll

19:59:12.0169 4184 C:\Windows\System32\Wldap32.dll - ok

19:59:12.0185 4184 [ C394079EB162E812D682C73FA96AF6E4 ] C:\Windows\System32\clbcatq.dll

19:59:12.0185 4184 C:\Windows\System32\clbcatq.dll - ok

19:59:12.0185 4184 [ B304D47D5744BA20FCB99FB8B2C07B0B ] C:\Windows\System32\ws2_32.dll

19:59:12.0185 4184 C:\Windows\System32\ws2_32.dll - ok

19:59:12.0201 4184 [ 50CAA7072C171B9887215C83D52069E4 ] C:\Windows\System32\advapi32.dll

19:59:12.0201 4184 C:\Windows\System32\advapi32.dll - ok

19:59:12.0201 4184 [ EB49FAA5EBBC06356FB12476438781B9 ] C:\Windows\System32\imagehlp.dll

19:59:12.0201 4184 C:\Windows\System32\imagehlp.dll - ok

19:59:12.0201 4184 [ C8BDCECEE082B54F0BAC838BF0A34597 ] C:\Windows\System32\imm32.dll

19:59:12.0201 4184 C:\Windows\System32\imm32.dll - ok

19:59:12.0216 4184 [ B49B56B64F57699A1A663D2CF7D0A56F ] C:\Windows\System32\wininet.dll

19:59:12.0216 4184 C:\Windows\System32\wininet.dll - ok

19:59:12.0216 4184 [ E3C3BD69701CE6B7B17101E4F7740534 ] C:\Windows\System32\msctf.dll

19:59:12.0216 4184 C:\Windows\System32\msctf.dll - ok

19:59:12.0232 4184 [ DC8891A9203810FC994E7FCCF76E94C8 ] C:\Windows\System32\comctl32.dll

19:59:12.0232 4184 C:\Windows\System32\comctl32.dll - ok

19:59:12.0232 4184 [ 93A1732F7F997E36A5C3893539E2FF02 ] C:\Windows\System32\psapi.dll

19:59:12.0232 4184 C:\Windows\System32\psapi.dll - ok

19:59:12.0247 4184 [ EAAAFEF04FBB45665C9576E525D45A12 ] C:\Windows\System32\drivers\dxapi.sys

19:59:12.0247 4184 C:\Windows\System32\drivers\dxapi.sys - ok

19:59:12.0247 4184 [ 1C1F3014453865E805A8708751743A48 ] C:\Windows\System32\win32k.sys

19:59:12.0247 4184 C:\Windows\System32\win32k.sys - ok

19:59:12.0263 4184 [ 187076DD5D8D4D5D23079D0741195EAD ] C:\Windows\System32\csrsrv.dll

19:59:12.0263 4184 C:\Windows\System32\csrsrv.dll - ok

19:59:12.0263 4184 [ ABCA209EBA02CB59233614DB83B4F50D ] C:\Windows\System32\csrss.exe

19:59:12.0263 4184 C:\Windows\System32\csrss.exe - ok

19:59:12.0263 4184 [ F31EEBC1A1C81FD04005489CC3DCDFE7 ] C:\Windows\System32\basesrv.dll

19:59:12.0263 4184 C:\Windows\System32\basesrv.dll - ok

19:59:12.0279 4184 [ D2293B069E4B63DC17B2F08D45E71124 ] C:\Windows\System32\winsrv.dll

19:59:12.0279 4184 C:\Windows\System32\winsrv.dll - ok

19:59:12.0279 4184 [ 0A9BB33B56E294F686ABB7C1E4E2D8A8 ] C:\Windows\System32\drivers\monitor.sys

19:59:12.0279 4184 C:\Windows\System32\drivers\monitor.sys - ok

19:59:12.0294 4184 [ CC21507D246861671A0BF97E75CE1B00 ] C:\Windows\System32\tsddd.dll

19:59:12.0294 4184 C:\Windows\System32\tsddd.dll - ok

19:59:12.0294 4184 [ 101BA3EA053480BB5D957EF37C06B5ED ] C:\Windows\System32\wininit.exe

19:59:12.0294 4184 C:\Windows\System32\wininit.exe - ok

19:59:12.0310 4184 [ D602FEDBD9155FC2DED6863FB60C950F ] C:\Windows\System32\secur32.dll

19:59:12.0310 4184 C:\Windows\System32\secur32.dll - ok

19:59:12.0310 4184 [ 665417528489096BBCB8AEA46D3DA924 ] C:\Windows\System32\userenv.dll

19:59:12.0310 4184 C:\Windows\System32\userenv.dll - ok

19:59:12.0325 4184 [ CC9A67E6AD8A0081BC709061F81DD992 ] C:\Windows\System32\KBDFR.DLL

19:59:12.0325 4184 C:\Windows\System32\KBDFR.DLL - ok

19:59:12.0325 4184 [ 12C8D6C564702B0776512932290A3F6B ] C:\Windows\System32\KBDUS.DLL

19:59:12.0325 4184 C:\Windows\System32\KBDUS.DLL - ok

19:59:12.0341 4184 [ 1107BD574A84367735FEC38B9BD64E6B ] C:\Windows\System32\apphelp.dll

19:59:12.0341 4184 C:\Windows\System32\apphelp.dll - ok

19:59:12.0341 4184 [ 92283D9E33EC5F41ECC0B430B7459241 ] C:\Windows\System32\WlS0WndH.dll

19:59:12.0341 4184 C:\Windows\System32\WlS0WndH.dll - ok

19:59:12.0357 4184 [ D4E6D91C1349B7BFB3599A6ADA56851B ] C:\Windows\System32\services.exe

19:59:12.0357 4184 C:\Windows\System32\services.exe - ok

19:59:12.0372 4184 [ BE6FAC6F0745C67DAE7522C96406D083 ] C:\Windows\System32\sxs.dll

19:59:12.0372 4184 C:\Windows\System32\sxs.dll - ok

19:59:12.0372 4184 [ A3E186B4B935905B829219502557314E ] C:\Windows\System32\lsass.exe

19:59:12.0372 4184 C:\Windows\System32\lsass.exe - ok

19:59:12.0372 4184 [ 178FAC2B7C66E9A4400CE7AC37623E3F ] C:\Windows\System32\lsasrv.dll

19:59:12.0372 4184 C:\Windows\System32\lsasrv.dll - ok

19:59:12.0388 4184 [ 4774AD6C447E02E954BD9A793614EBEC ] C:\Windows\System32\lsm.exe

19:59:12.0388 4184 C:\Windows\System32\lsm.exe - ok

19:59:12.0388 4184 [ 7808BF0E367ED7348808879CEF482AB3 ] C:\Windows\System32\samsrv.dll

19:59:12.0388 4184 C:\Windows\System32\samsrv.dll - ok

19:59:12.0403 4184 [ 71F5A7104FDF16C0AC5283A6CE666553 ] C:\Windows\System32\sysntfy.dll

19:59:12.0403 4184 C:\Windows\System32\sysntfy.dll - ok

19:59:12.0403 4184 [ F0321DA5203F1E71917F3B7A13DC4912 ] C:\Windows\System32\wmsgapi.dll

19:59:12.0403 4184 C:\Windows\System32\wmsgapi.dll - ok

19:59:12.0419 4184 [ CF9F5BBC2740C41DD471278C41B91F5F ] C:\Windows\System32\cdd.dll

19:59:12.0419 4184 C:\Windows\System32\cdd.dll - ok

19:59:12.0419 4184 [ 459B48188494490707DCA8BAA91AA185 ] C:\Windows\System32\cryptdll.dll

19:59:12.0419 4184 C:\Windows\System32\cryptdll.dll - ok

19:59:12.0435 4184 [ 85E861D0B88DB2B54ACB0839654C09F7 ] C:\Windows\System32\dnsapi.dll

19:59:12.0435 4184 C:\Windows\System32\dnsapi.dll - ok

19:59:12.0435 4184 [ 98B656EAF128CD06F625B09C84D959E1 ] C:\Windows\System32\netapi32.dll

19:59:12.0435 4184 C:\Windows\System32\netapi32.dll - ok

19:59:12.0435 4184 [ EE2FF9A3FC4404234BE3B7C6AA383AF8 ] C:\Windows\System32\msasn1.dll

19:59:12.0435 4184 C:\Windows\System32\msasn1.dll - ok

19:59:12.0450 4184 [ 453DE2958C885527E20C79A3FEFE6AF7 ] C:\Windows\System32\samlib.dll

19:59:12.0450 4184 C:\Windows\System32\samlib.dll - ok

19:59:12.0466 4184 [ 965AC9FBF2C67231C157E99C03C58D24 ] C:\Windows\System32\feclient.dll

19:59:12.0466 4184 C:\Windows\System32\feclient.dll - ok

19:59:12.0466 4184 [ 7F0F1D4B0D847696F8E309423D227DCE ] C:\Windows\System32\ntdsapi.dll

19:59:12.0466 4184 C:\Windows\System32\ntdsapi.dll - ok

19:59:12.0466 4184 [ D90911B3FA05D7B930C1286084B404DE ] C:\Windows\System32\scesrv.dll

19:59:12.0466 4184 C:\Windows\System32\scesrv.dll - ok

19:59:12.0481 4184 [ B0F9073BE86C6D4EDD4EBA674251E699 ] C:\Windows\System32\crypt32.dll

19:59:12.0481 4184 C:\Windows\System32\crypt32.dll - ok

19:59:12.0481 4184 [ 1F94EA31C9543B855F53BDAC7792DA4E ] C:\Windows\System32\mpr.dll

19:59:12.0481 4184 C:\Windows\System32\mpr.dll - ok

19:59:12.0497 4184 [ 1AE011BB950A5E0B05023D2AFEC3666D ] C:\Windows\System32\authz.dll

19:59:12.0497 4184 C:\Windows\System32\authz.dll - ok

19:59:12.0497 4184 [ C6DF7A87063D006ECF1FD8156CB6DE3F ] C:\Windows\System32\SLC.dll

19:59:12.0497 4184 C:\Windows\System32\SLC.dll - ok

19:59:12.0513 4184 [ 4FE8425F21B3F0F8C4B4726351D43EAA ] C:\Windows\System32\IPHLPAPI.DLL

19:59:12.0513 4184 C:\Windows\System32\IPHLPAPI.DLL - ok

19:59:12.0513 4184 [ 4DE3C4D07BAFDE616EFA0ADE076CBAC2 ] C:\Windows\System32\wevtapi.dll

19:59:12.0513 4184 C:\Windows\System32\wevtapi.dll - ok

19:59:12.0528 4184 [ 9028559C132146FB75EB7ACF384B086A ] C:\Windows\System32\dhcpcsvc.dll

19:59:12.0528 4184 C:\Windows\System32\dhcpcsvc.dll - ok

19:59:12.0528 4184 [ DFB6B71CDABA9DFB49C9D2B318B97A1A ] C:\Windows\System32\dhcpcsvc6.dll

19:59:12.0528 4184 C:\Windows\System32\dhcpcsvc6.dll - ok

19:59:12.0544 4184 [ 6B09105742C75DF80CEF21700F20F55A ] C:\Windows\System32\winnsi.dll

19:59:12.0544 4184 C:\Windows\System32\winnsi.dll - ok

19:59:12.0544 4184 [ 7F15B4953378C8B5161D65C26D5FED4D ] C:\Windows\System32\cngaudit.dll

19:59:12.0544 4184 C:\Windows\System32\cngaudit.dll - ok

19:59:12.0544 4184 [ 2FA16465F64DB54B1F7F511395EB4FD7 ] C:\Windows\System32\ncobjapi.dll

19:59:12.0559 4184 C:\Windows\System32\ncobjapi.dll - ok

19:59:12.0559 4184 [ 13CC59C1B04E9F20A87987C68CD4BE3F ] C:\Windows\System32\ncrypt.dll

19:59:12.0559 4184 C:\Windows\System32\ncrypt.dll - ok

19:59:12.0559 4184 [ DE0DD9AE3430F84A96B5501112A696BE ] C:\Windows\System32\bcrypt.dll

19:59:12.0559 4184 C:\Windows\System32\bcrypt.dll - ok

19:59:12.0575 4184 [ 26F139DDEC6407508071930D3D07337E ] C:\Windows\System32\credssp.dll

19:59:12.0575 4184 C:\Windows\System32\credssp.dll - ok

19:59:12.0575 4184 [ ABE9EEA1EABEA0711610A637A7B1C25D ] C:\Windows\System32\msprivs.dll

19:59:12.0575 4184 C:\Windows\System32\msprivs.dll - ok

19:59:12.0591 4184 [ AA01497884F9CBAC89470120AF78D2B1 ] C:\Windows\System32\kerberos.dll

19:59:12.0591 4184 C:\Windows\System32\kerberos.dll - ok

19:59:12.0591 4184 [ 898E7C06A350D4A1A64A9EA264D55452 ] C:\Windows\System32\winlogon.exe

19:59:12.0591 4184 C:\Windows\System32\winlogon.exe - ok

19:59:12.0606 4184 [ 9D1FDA9E086BA64E3C93C9DE32461BCF ] C:\Windows\System32\aelupsvc.dll

19:59:12.0606 4184 C:\Windows\System32\aelupsvc.dll - ok

19:59:12.0606 4184 [ 4AAFC7461633848AA87A363B2CBEC522 ] C:\Windows\System32\winsta.dll

19:59:12.0606 4184 C:\Windows\System32\winsta.dll - ok

19:59:12.0622 4184 [ 9E80FF0752E365F97FD2D1D68C2AFDA1 ] C:\Windows\System32\wship6.dll

19:59:12.0622 4184 C:\Windows\System32\wship6.dll - ok

19:59:12.0622 4184 [ 22CFAEB9172F5F198048401485CD0571 ] C:\Windows\System32\WSHTCPIP.DLL

19:59:12.0622 4184 C:\Windows\System32\WSHTCPIP.DLL - ok

19:59:12.0637 4184 [ 05C3B38DB95BA5585817A4F898EE5581 ] C:\Windows\System32\wshqos.dll

19:59:12.0637 4184 C:\Windows\System32\wshqos.dll - ok

19:59:12.0637 4184 [ A1545B731579895D8CC44FC0481C1192 ] C:\Windows\System32\alg.exe

19:59:12.0637 4184 C:\Windows\System32\alg.exe - ok

19:59:12.0637 4184 [ C6D704C7F0434DC791AAC37CAC4B6E14 ] C:\Windows\System32\appinfo.dll

19:59:12.0637 4184 C:\Windows\System32\appinfo.dll - ok

19:59:12.0653 4184 [ FC62A635063B762E1C3C60EA77279378 ] C:\Windows\System32\NapiNSP.dll

19:59:12.0653 4184 C:\Windows\System32\NapiNSP.dll - ok

19:59:12.0653 4184 [ 2997B15415F9BBE05B5A4C1C85E0C6A2 ] C:\Windows\System32\nlasvc.dll

19:59:12.0653 4184 C:\Windows\System32\nlasvc.dll - ok

19:59:12.0669 4184 [ 690D41DF1D555F96D4898A0F54EBA065 ] C:\Windows\System32\pnrpnsp.dll

19:59:12.0669 4184 C:\Windows\System32\pnrpnsp.dll - ok

19:59:12.0669 4184 [ 8617350C9B590B63E620881092751BCB ] C:\Windows\System32\mswsock.dll

19:59:12.0669 4184 C:\Windows\System32\mswsock.dll - ok

19:59:12.0684 4184 [ 4ABCE74D012971305249E45E095E9EA6 ] C:\Windows\System32\msv1_0.dll

19:59:12.0684 4184 C:\Windows\System32\msv1_0.dll - ok

19:59:12.0684 4184 [ 95DAECF0FB120A7B5DA679CC54E37DDE ] C:\Windows\System32\netlogon.dll

19:59:12.0684 4184 C:\Windows\System32\netlogon.dll - ok

19:59:12.0700 4184 [ 72910BC4A218C49EA8E43D1FAEC403A5 ] C:\Windows\System32\winbrand.dll

19:59:12.0700 4184 C:\Windows\System32\winbrand.dll - ok

19:59:12.0700 4184 [ 50E3E76B0901BB4FC029BB88BFA5CE79 ] C:\Windows\System32\schannel.dll

19:59:12.0700 4184 C:\Windows\System32\schannel.dll - ok

19:59:12.0700 4184 [ 93620229F3CC3B67A3528BF39F064C30 ] C:\Windows\System32\wdigest.dll

19:59:12.0700 4184 C:\Windows\System32\wdigest.dll - ok

19:59:12.0715 4184 [ 68E2A1A0407A66CF50DA0300852424AB ] C:\Windows\System32\audiosrv.dll

19:59:12.0715 4184 C:\Windows\System32\audiosrv.dll - ok

19:59:12.0715 4184 [ C789AF0F724FDA5852FB9A7D3A432381 ] C:\Windows\System32\BFE.DLL

19:59:12.0715 4184 C:\Windows\System32\BFE.DLL - ok

19:59:12.0731 4184 [ 93952506C6D67330367F7E7934B6A02F ] C:\Windows\System32\qmgr.dll

19:59:12.0731 4184 C:\Windows\System32\qmgr.dll - ok

19:59:12.0731 4184 [ A3629A0C4226F9E9C72FAAEEBC3AD33C ] C:\Windows\System32\browser.dll

19:59:12.0731 4184 C:\Windows\System32\browser.dll - ok

19:59:12.0747 4184 [ 312EC3E37A0A1F2006534913E37B4423 ] C:\Windows\System32\certprop.dll

19:59:12.0747 4184 C:\Windows\System32\certprop.dll - ok

19:59:12.0747 4184 [ E14170AEA125119B98FA2BDE3FF4F462 ] C:\Windows\System32\rsaenh.dll

19:59:12.0747 4184 C:\Windows\System32\rsaenh.dll - ok

19:59:12.0762 4184 [ 4211249955AF9133E2E357CC92B54DFD ] C:\Windows\System32\comres.dll

19:59:12.0762 4184 C:\Windows\System32\comres.dll - ok

19:59:12.0762 4184 [ F1E8C34892336D33EDDCDFE44E474F64 ] C:\Windows\System32\cryptsvc.dll

19:59:12.0762 4184 C:\Windows\System32\cryptsvc.dll - ok

19:59:12.0778 4184 [ 74F380C8EC8813626C670D46E8A714D1 ] C:\Windows\System32\dfsrres.dll

19:59:12.0778 4184 C:\Windows\System32\dfsrres.dll - ok

19:59:12.0778 4184 [ 08D6D1692B62C9EE4062E1FA04D8FE2F ] C:\Windows\System32\oleres.dll

19:59:12.0778 4184 C:\Windows\System32\oleres.dll - ok

19:59:12.0793 4184 [ 0F420E81062757EA8363CBACD4D40D6D ] C:\Windows\System32\gpapi.dll

19:59:12.0793 4184 C:\Windows\System32\gpapi.dll - ok

19:59:12.0809 4184 [ F8873D15018F411588BEC02C1725BADA ] C:\Windows\System32\TSpkg.dll

19:59:12.0809 4184 C:\Windows\System32\TSpkg.dll - ok

19:59:12.0809 4184 [ 324FD74686B1EF5E7C19A8AF49E748F6 ] C:\Windows\System32\dot3svc.dll

19:59:12.0809 4184 C:\Windows\System32\dot3svc.dll - ok

19:59:12.0809 4184 [ A622E888F8AA2F6B49E9BC466F0E5DEF ] C:\Windows\System32\dps.dll

19:59:12.0809 4184 C:\Windows\System32\dps.dll - ok

19:59:12.0825 4184 [ C0B95E40D85CD807D614E264248A45B9 ] C:\Windows\System32\eapsvc.dll

19:59:12.0825 4184 C:\Windows\System32\eapsvc.dll - ok

19:59:12.0825 4184 [ 9BE3744D295A7701EB425332014F0797 ] C:\Windows\ehome\ehrecvr.exe

19:59:12.0825 4184 C:\Windows\ehome\ehrecvr.exe - ok

19:59:12.0840 4184 [ AD1870C8E5D6DD340C829E6074BF3C3F ] C:\Windows\ehome\ehsched.exe

19:59:12.0840 4184 C:\Windows\ehome\ehsched.exe - ok

19:59:12.0840 4184 [ C27C4EE8926E74AA72EFCAB24C5242C3 ] C:\Windows\ehome\ehstart.dll

19:59:12.0840 4184 C:\Windows\ehome\ehstart.dll - ok

19:59:12.0856 4184 [ 4E6B23DFC917EA39306B529B773950F4 ] C:\Windows\System32\emdmgmt.dll

19:59:12.0856 4184 C:\Windows\System32\emdmgmt.dll - ok

19:59:12.0856 4184 [ A1B40A28F38D27A7E3229EE4C7064434 ] C:\Windows\System32\wevtsvc.dll

19:59:12.0856 4184 C:\Windows\System32\wevtsvc.dll - ok

19:59:12.0871 4184 [ 6629B5F0E98151F4AFDD87567EA32BA3 ] C:\Windows\System32\fdPHost.dll

19:59:12.0871 4184 C:\Windows\System32\fdPHost.dll - ok

19:59:12.0871 4184 [ 89ED56DCE8E47AF40892778A5BD31FD2 ] C:\Windows\System32\FDResPub.dll

19:59:12.0871 4184 C:\Windows\System32\FDResPub.dll - ok

19:59:12.0887 4184 [ 8CE364388C8ECA59B14B539179276D44 ] C:\Windows\System32\FntCache.dll

19:59:12.0887 4184 C:\Windows\System32\FntCache.dll - ok

19:59:12.0887 4184 [ 302964DCAC79D618CC7B72C778DA9FD2 ] C:\Windows\System32\PresentationHost.exe

19:59:12.0887 4184 C:\Windows\System32\PresentationHost.exe - ok

19:59:12.0887 4184 [ 84067081F3318162797385E11A8F0582 ] C:\Windows\System32\hidserv.dll

19:59:12.0887 4184 C:\Windows\System32\hidserv.dll - ok

19:59:12.0903 4184 [ 05586F5438AB0DA4F5149159E0E5FD4B ] C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\ServiceModelInstallRC.dll

19:59:12.0903 4184 C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\ServiceModelInstallRC.dll - ok

19:59:12.0903 4184 [ D8AD255B37DA92434C26E4876DB7D418 ] C:\Windows\System32\KMSVC.DLL

19:59:12.0903 4184 C:\Windows\System32\KMSVC.DLL - ok

19:59:12.0918 4184 [ 9908D8A397B76CD8D31D0D383C5773C9 ] C:\Windows\System32\IKEEXT.DLL

19:59:12.0918 4184 C:\Windows\System32\IKEEXT.DLL - ok

19:59:12.0918 4184 [ 9AC218C6E6105477484C6FDBE7D409A4 ] C:\Windows\System32\IPBusEnum.dll

19:59:12.0918 4184 C:\Windows\System32\IPBusEnum.dll - ok

19:59:12.0934 4184 [ 3464DAE0E801F5A81A23C571D86F30B2 ] C:\Windows\System32\rascfg.dll

19:59:12.0934 4184 C:\Windows\System32\rascfg.dll - ok

19:59:12.0934 4184 [ 1998BD97F950680BB55F55A7244679C2 ] C:\Windows\System32\iphlpsvc.dll

19:59:12.0934 4184 C:\Windows\System32\iphlpsvc.dll - ok

19:59:12.0949 4184 [ 74C2F29CC612B2B34231BEBD824D2FB2 ] C:\Windows\System32\keyiso.dll

19:59:12.0949 4184 C:\Windows\System32\keyiso.dll - ok

19:59:12.0949 4184 [ 1BF5EEBFD518DD7298434D8C862F825D ] C:\Windows\System32\srvsvc.dll

19:59:12.0949 4184 C:\Windows\System32\srvsvc.dll - ok

19:59:12.0965 4184 [ 1DB69705B695B987082C8BAEC0C6B34F ] C:\Windows\System32\wkssvc.dll

19:59:12.0965 4184 C:\Windows\System32\wkssvc.dll - ok

19:59:12.0965 4184 [ FA0593D936C9B95FB6FAA32AD1595D49 ] C:\Windows\System32\lltdres.dll

19:59:12.0965 4184 C:\Windows\System32\lltdres.dll - ok

19:59:12.0981 4184 [ 132F6237FA3BF3E9715F63A1CCF72BF1 ] C:\Windows\ehome\ehres.dll

19:59:12.0981 4184 C:\Windows\ehome\ehres.dll - ok

19:59:12.0981 4184 [ 35D40113E4A5B961B6CE5C5857702518 ] C:\Windows\System32\lmhsvc.dll

19:59:12.0981 4184 C:\Windows\System32\lmhsvc.dll - ok

19:59:12.0996 4184 [ 95F1EB99B81CFD6F581C85F0A0AA9B2B ] C:\Windows\System32\FirewallAPI.dll

19:59:12.0996 4184 C:\Windows\System32\FirewallAPI.dll - ok

19:59:12.0996 4184 [ 1076FFCFFAAE8385FD62DFCB25AC4708 ] C:\Windows\System32\mmcss.dll

19:59:12.0996 4184 C:\Windows\System32\mmcss.dll - ok

19:59:12.0996 4184 [ EA822412BBBA9B7D2B1A3748AD50EFB8 ] C:\Windows\System32\iscsidsc.dll

19:59:12.0996 4184 C:\Windows\System32\iscsidsc.dll - ok

19:59:13.0012 4184 [ ED21401F1E2F6BC2F54C462BB66D0D6B ] C:\Windows\System32\msimsg.dll

19:59:13.0012 4184 C:\Windows\System32\msimsg.dll - ok

19:59:13.0012 4184 [ E4EAF0C5C1B41B5C83386CF212CA9584 ] C:\Windows\System32\QAGENTRT.DLL

19:59:13.0012 4184 C:\Windows\System32\QAGENTRT.DLL - ok

19:59:13.0027 4184 [ C8052711DAECC48B982434C5116CA401 ] C:\Windows\System32\netman.dll

19:59:13.0027 4184 C:\Windows\System32\netman.dll - ok

19:59:13.0027 4184 [ 4EF5DF1B011B05737ECB8F0B7B171510 ] C:\Windows\Microsoft.NET\Framework\v4.0.30319\ServiceModelInstallRC.dll

19:59:13.0027 4184 C:\Windows\Microsoft.NET\Framework\v4.0.30319\ServiceModelInstallRC.dll - ok

19:59:13.0043 4184 [ ED640F4CE585058119B824CC76591D9C ] C:\Windows\System32\netprof.dll

19:59:13.0043 4184 C:\Windows\System32\netprof.dll - ok

19:59:13.0043 4184 [ 8BB86F0C7EEA2BDED6FE095D0B4CA9BD ] C:\Windows\System32\nsisvc.dll

19:59:13.0043 4184 C:\Windows\System32\nsisvc.dll - ok

19:59:13.0059 4184 [ 0C8E8E61AD1EB0B250B846712C917506 ] C:\Windows\System32\p2psvc.dll

19:59:13.0059 4184 C:\Windows\System32\p2psvc.dll - ok

19:59:13.0059 4184 [ C6276AD11F4BB49B58AA1ED88537F14A ] C:\Windows\System32\pcasvc.dll

19:59:13.0059 4184 C:\Windows\System32\pcasvc.dll - ok

19:59:13.0074 4184 [ B1689DF169143F57053F795390C99DB3 ] C:\Windows\System32\pla.dll

19:59:13.0074 4184 C:\Windows\System32\pla.dll - ok

19:59:13.0074 4184 [ C5E7F8A996EC0A82D508FD9064A5569E ] C:\Windows\System32\umpnpmgr.dll

19:59:13.0074 4184 C:\Windows\System32\umpnpmgr.dll - ok

19:59:13.0090 4184 [ 64B28D672B5B6A01E87B0C3096B1E047 ] C:\Windows\System32\polstore.dll

19:59:13.0090 4184 C:\Windows\System32\polstore.dll - ok

19:59:13.0090 4184 [ 0508FAA222D28835310B7BFCA7A77346 ] C:\Windows\System32\profsvc.dll

19:59:13.0090 4184 C:\Windows\System32\profsvc.dll - ok

19:59:13.0090 4184 [ 08F9134A2215B7ED985409A4DF60AC60 ] C:\Windows\System32\psbase.dll

19:59:13.0105 4184 C:\Windows\System32\psbase.dll - ok

19:59:13.0105 4184 [ E9ECAE663F47E6CB43962D18AB18890F ] C:\Windows\System32\qwave.dll

19:59:13.0105 4184 C:\Windows\System32\qwave.dll - ok

19:59:13.0105 4184 [ 9F5E0E1926014D17486901C88ECA2DB7 ] C:\Windows\System32\drivers\qwavedrv.sys

19:59:13.0105 4184 C:\Windows\System32\drivers\qwavedrv.sys - ok

19:59:13.0121 4184 [ F6A452EB4CEADBB51C9E0EE6B3ECEF0F ] C:\Windows\System32\rasauto.dll

19:59:13.0121 4184 C:\Windows\System32\rasauto.dll - ok

19:59:13.0121 4184 [ 75D47445D70CA6F9F894B032FBC64FCF ] C:\Windows\System32\rasmans.dll

19:59:13.0121 4184 C:\Windows\System32\rasmans.dll - ok

19:59:13.0137 4184 [ BCDD6B4804D06B1F7EBF29E53A57ECE9 ] C:\Windows\System32\mprdim.dll

19:59:13.0137 4184 C:\Windows\System32\mprdim.dll - ok

19:59:13.0137 4184 [ 6F1A32E7B7B30F004D9A20AFADB14944 ] C:\Windows\System32\sstpsvc.dll

19:59:13.0137 4184 C:\Windows\System32\sstpsvc.dll - ok

19:59:13.0152 4184 [ 9E6894EA18DAFF37B63E1005F83AE4AB ] C:\Windows\System32\regsvc.dll

19:59:13.0152 4184 C:\Windows\System32\regsvc.dll - ok

19:59:13.0152 4184 [ 5123F83CBC4349D065534EEB6BBDC42B ] C:\Windows\System32\Locator.exe

19:59:13.0152 4184 C:\Windows\System32\Locator.exe - ok

19:59:13.0168 4184 [ 77B7A11A0C3D78D3386398FBBEA1B632 ] C:\Windows\System32\SCardSvr.dll

19:59:13.0168 4184 C:\Windows\System32\SCardSvr.dll - ok

19:59:13.0168 4184 [ 1A58069DB21D05EB2AB58EE5753EBE8D ] C:\Windows\System32\schedsvc.dll

19:59:13.0168 4184 C:\Windows\System32\schedsvc.dll - ok

19:59:13.0168 4184 [ 716313D9F6B0529D03F726D5AAF6F191 ] C:\Windows\System32\sdrsvc.dll

19:59:13.0168 4184 C:\Windows\System32\sdrsvc.dll - ok

19:59:13.0183 4184 [ FD5199D4D8A521005E4B5EE7FE00FA9B ] C:\Windows\System32\seclogon.dll

19:59:13.0183 4184 C:\Windows\System32\seclogon.dll - ok

19:59:13.0183 4184 [ A9BBAB5759771E523F55563D6CBE140F ] C:\Windows\System32\Sens.dll

19:59:13.0183 4184 C:\Windows\System32\Sens.dll - ok

19:59:13.0199 4184 [ D2193326F729B163125610DBF3E17D57 ] C:\Windows\System32\SessEnv.dll

19:59:13.0199 4184 C:\Windows\System32\SessEnv.dll - ok

19:59:13.0199 4184 [ E1499BD0FF76B1B2FBBF1AF339D91165 ] C:\Windows\System32\ipnathlp.dll

19:59:13.0199 4184 C:\Windows\System32\ipnathlp.dll - ok

19:59:13.0215 4184 [ C7230FBEE14437716701C15BE02C27B8 ] C:\Windows\System32\shsvcs.dll

19:59:13.0215 4184 C:\Windows\System32\shsvcs.dll - ok

19:59:13.0215 4184 [ 862BB4CBC05D80C5B45BE430E5EF872F ] C:\Windows\System32\SLsvc.exe

19:59:13.0215 4184 C:\Windows\System32\SLsvc.exe - ok

19:59:13.0230 4184 [ 6EDC422215CD78AA8A9CDE6B30ABBD35 ] C:\Windows\System32\SLUINotify.dll

19:59:13.0230 4184 C:\Windows\System32\SLUINotify.dll - ok

19:59:13.0230 4184 [ E4060CFE50F87C72316CB0FDB20E4913 ] C:\Windows\System32\tcpipcfg.dll

19:59:13.0230 4184 C:\Windows\System32\tcpipcfg.dll - ok

19:59:13.0246 4184 [ 2A146A055B4401C16EE62D18B8E2A032 ] C:\Windows\System32\snmptrap.exe

19:59:13.0246 4184 C:\Windows\System32\snmptrap.exe - ok

19:59:13.0246 4184 [ 8554097E5136C3BF9F69FE578A1B35F4 ] C:\Windows\System32\spoolsv.exe

19:59:13.0246 4184 C:\Windows\System32\spoolsv.exe - ok

19:59:13.0261 4184 [ 03D50B37234967433A5EA5BA72BC0B62 ] C:\Windows\System32\ssdpsrv.dll

19:59:13.0261 4184 C:\Windows\System32\ssdpsrv.dll - ok

19:59:13.0261 4184 [ 5DE7D67E49B88F5F07F3E53C4B92A352 ] C:\Windows\System32\wiaservc.dll

19:59:13.0261 4184 C:\Windows\System32\wiaservc.dll - ok

19:59:13.0261 4184 [ F21FD248040681CCA1FB6C9A03AAA93D ] C:\Windows\System32\swprv.dll

19:59:13.0261 4184 C:\Windows\System32\swprv.dll - ok

19:59:13.0277 4184 [ 9A51B04E9886AA4EE90093586B0BA88D ] C:\Windows\System32\sysmain.dll

19:59:13.0277 4184 C:\Windows\System32\sysmain.dll - ok

19:59:13.0277 4184 [ 2DCA225EAE15F42C0933E998EE0231C3 ] C:\Windows\System32\TabSvc.dll

19:59:13.0277 4184 C:\Windows\System32\TabSvc.dll - ok

19:59:13.0293 4184 [ D7673E4B38CE21EE54C59EEEB65E2483 ] C:\Windows\System32\tapisrv.dll

19:59:13.0293 4184 C:\Windows\System32\tapisrv.dll - ok

19:59:13.0293 4184 [ CB05822CD9CC6C688168E113C603DBE7 ] C:\Windows\System32\tbssvc.dll

19:59:13.0293 4184 C:\Windows\System32\tbssvc.dll - ok

19:59:13.0308 4184 [ BB95DA09BEF6E7A131BFF3BA5032090D ] C:\Windows\System32\termsrv.dll

19:59:13.0308 4184 C:\Windows\System32\termsrv.dll - ok

19:59:13.0308 4184 [ EC74E77D0EB004BD3A809B5F8FB8C2CE ] C:\Windows\System32\trkwks.dll

19:59:13.0308 4184 C:\Windows\System32\trkwks.dll - ok

19:59:13.0324 4184 [ 97D9D6A04E3AD9B6C626B9931DB78DBA ] C:\Windows\servicing\TrustedInstaller.exe

19:59:13.0324 4184 C:\Windows\servicing\TrustedInstaller.exe - ok

19:59:13.0324 4184 [ ECEF404F62863755951E09C802C94AD5 ] C:\Windows\System32\UI0Detect.exe

19:59:13.0324 4184 C:\Windows\System32\UI0Detect.exe - ok

19:59:13.0339 4184 [ 01DD1004181FD46ECDC3628228EB269D ] C:\Windows\System32\dwm.exe

19:59:13.0339 4184 C:\Windows\System32\dwm.exe - ok

19:59:13.0339 4184 [ 68308183F4AE0BE7BF8ECD07CB297999 ] C:\Windows\System32\upnphost.dll

19:59:13.0339 4184 C:\Windows\System32\upnphost.dll - ok

19:59:13.0355 4184 [ CD88D1B7776DC17A119049742EC07EB4 ] C:\Windows\System32\vds.exe

19:59:13.0355 4184 C:\Windows\System32\vds.exe - ok

19:59:13.0355 4184 [ DB3D19F850C6EB32BDCB9BC0836ACDDB ] C:\Windows\System32\VSSVC.exe

19:59:13.0355 4184 C:\Windows\System32\VSSVC.exe - ok

19:59:13.0371 4184 [ 96EA68B9EB310A69C25EBB0282B2B9DE ] C:\Windows\System32\w32time.dll

19:59:13.0371 4184 C:\Windows\System32\w32time.dll - ok

19:59:13.0371 4184 [ A3CD60FD826381B49F03832590E069AF ] C:\Windows\System32\wcncsvc.dll

19:59:13.0371 4184 C:\Windows\System32\wcncsvc.dll - ok

19:59:13.0386 4184 [ 11BCB7AFCDD7AADACB5746F544D3A9C7 ] C:\Windows\System32\WcsPlugInService.dll

19:59:13.0386 4184 C:\Windows\System32\WcsPlugInService.dll - ok

19:59:13.0386 4184 [ A840213F1ACDCC175B4D1D5AAEAC0D7A ] C:\Windows\System32\drivers\Wdf01000.sys

19:59:13.0386 4184 C:\Windows\System32\drivers\Wdf01000.sys - ok

19:59:13.0402 4184 [ ABFC76B48BB6C96E3338D8943C5D93B5 ] C:\Windows\System32\wdi.dll

19:59:13.0402 4184 C:\Windows\System32\wdi.dll - ok

19:59:13.0402 4184 [ 04C37D8107320312FBAE09926103D5E2 ] C:\Windows\System32\WebClnt.dll

19:59:13.0402 4184 C:\Windows\System32\WebClnt.dll - ok

19:59:13.0417 4184 [ AE3736E7E8892241C23E4EBBB7453B60 ] C:\Windows\System32\wecsvc.dll

19:59:13.0417 4184 C:\Windows\System32\wecsvc.dll - ok

19:59:13.0417 4184 [ 670FF720071ED741206D69BD995EA453 ] C:\Windows\System32\wercplsupport.dll

19:59:13.0417 4184 C:\Windows\System32\wercplsupport.dll - ok

19:59:13.0433 4184 [ 32B88481D3B326DA6DEB07B1D03481E7 ] C:\Windows\System32\wersvc.dll

19:59:13.0433 4184 C:\Windows\System32\wersvc.dll - ok

19:59:13.0433 4184 [ 6B2A1D0E80110E3D04E6863C6E62FD8A ] C:\Windows\System32\wbem\WMIsvc.dll

19:59:13.0433 4184 C:\Windows\System32\wbem\WMIsvc.dll - ok

19:59:13.0449 4184 [ DBD02E3E6F061EBBBF9B99A9D7CBA30B ] C:\Windows\System32\winhttp.dll

19:59:13.0449 4184 C:\Windows\System32\winhttp.dll - ok

19:59:13.0449 4184 [ 7CFE68BDC065E55AA5E8421607037511 ] C:\Windows\System32\WsmSvc.dll

19:59:13.0449 4184 C:\Windows\System32\WsmSvc.dll - ok

19:59:13.0449 4184 [ C008405E4FEEB069E30DA1D823910234 ] C:\Windows\System32\wlansvc.dll

19:59:13.0449 4184 C:\Windows\System32\wlansvc.dll - ok

19:59:13.0464 4184 [ 43BE3875207DCB62A85C8C49970B66CC ] C:\Windows\System32\wbem\WmiApSrv.exe

19:59:13.0464 4184 C:\Windows\System32\wbem\WmiApSrv.exe - ok

19:59:13.0464 4184 [ 3978704576A121A9204F8CC49A301A9B ] C:\Program Files\Windows Media Player\wmpnetwk.exe

19:59:13.0464 4184 C:\Program Files\Windows Media Player\wmpnetwk.exe - ok

19:59:13.0480 4184 [ CFC5A04558F5070CEE3E3A7809F3FF52 ] C:\Windows\System32\wpcsvc.dll

19:59:13.0480 4184 C:\Windows\System32\wpcsvc.dll - ok

19:59:13.0480 4184 [ 801FBDB89D472B3C467EB112A0FC9246 ] C:\Windows\System32\wpdbusenum.dll

19:59:13.0480 4184 C:\Windows\System32\wpdbusenum.dll - ok

19:59:13.0495 4184 [ DCF3E3EDF5109EE8BC02FE6E1F045795 ] C:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe

19:59:13.0495 4184 C:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe - ok

19:59:13.0495 4184 [ 1CA6C40261DDC0425987980D0CD2AAAB ] C:\Windows\System32\wscsvc.dll

19:59:13.0495 4184 C:\Windows\System32\wscsvc.dll - ok

19:59:13.0511 4184 [ AED0DFF80C6B3914769407E78D7AB21A ] C:\Windows\System32\SearchIndexer.exe

19:59:13.0511 4184 C:\Windows\System32\SearchIndexer.exe - ok

19:59:13.0511 4184 [ FC3EC24FCE372C89423E015A2AC1A31E ] C:\Windows\System32\wuaueng.dll

19:59:13.0511 4184 C:\Windows\System32\wuaueng.dll - ok

19:59:13.0527 4184 [ 06E6F32C8D0A3F66D956F57B43A2E070 ] C:\Windows\System32\drivers\WUDFPf.sys

19:59:13.0527 4184 C:\Windows\System32\drivers\WUDFPf.sys - ok

19:59:13.0527 4184 [ FE47B7BC8EA320C2D9B5E5BF6E303765 ] C:\Windows\System32\WUDFSvc.dll

19:59:13.0527 4184 C:\Windows\System32\WUDFSvc.dll - ok

19:59:13.0542 4184 [ 8FC182167381E9915651267044105EE1 ] C:\Windows\System32\scecli.dll

19:59:13.0542 4184 C:\Windows\System32\scecli.dll - ok

19:59:13.0542 4184 [ CD08EEC61C591AF59A39F4363C567D30 ] C:\Windows\System32\ntmarta.dll

19:59:13.0542 4184 C:\Windows\System32\ntmarta.dll - ok

19:59:13.0558 4184 [ 3794B461C45882E06856F282EEF025AF ] C:\Windows\System32\svchost.exe

19:59:13.0558 4184 C:\Windows\System32\svchost.exe - ok

19:59:13.0558 4184 [ 9A7F4B2EDACD11444D048AA19CBB26AF ] C:\Windows\System32\powrprof.dll

19:59:13.0558 4184 C:\Windows\System32\powrprof.dll - ok

19:59:13.0573 4184 [ 8F5C7426567798E62A3B3614965D62CC ] C:\Windows\System32\drivers\luafv.sys

19:59:13.0573 4184 C:\Windows\System32\drivers\luafv.sys - ok

19:59:13.0573 4184 [ 62F9DCEC95F91B8E0203E85D344A7E65 ] C:\Windows\System32\drivers\aswMonFlt.sys

19:59:13.0573 4184 C:\Windows\System32\drivers\aswMonFlt.sys - ok

19:59:13.0589 4184 [ DE6ED95AEF259979B2830450072A627B ] C:\Windows\System32\drivers\aswFsBlk.sys

19:59:13.0589 4184 C:\Windows\System32\drivers\aswFsBlk.sys - ok

19:59:13.0589 4184 [ 629CABB0421668C9D3D402A3C3D77E14 ] C:\Windows\System32\drivers\mbam.sys

19:59:13.0589 4184 C:\Windows\System32\drivers\mbam.sys - ok

19:59:13.0605 4184 [ C7FBDD1ED42F82BFA35167A5C9803EA3 ] C:\Windows\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe

19:59:13.0605 4184 C:\Windows\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe - ok

19:59:13.0605 4184 [ 128DD9AF8640DBCC711940903C8B554F ] C:\Windows\System32\mscoree.dll

19:59:13.0605 4184 C:\Windows\System32\mscoree.dll - ok

19:59:13.0620 4184 [ F5DF6846F30E9F54EA60CCAEB3FB2055 ] C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscoreei.dll

19:59:13.0620 4184 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscoreei.dll - ok

19:59:13.0620 4184 [ BE3C082837866C4C291ADAF163C10EA6 ] C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18305_none_5cb72f2a088b0ed3\comctl32.dll

19:59:13.0620 4184 C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18305_none_5cb72f2a088b0ed3\comctl32.dll - ok

19:59:13.0636 4184 [ 4E289C24E5BEB5FF9CF5B118AB96FDB0 ] C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorwks.dll

19:59:13.0636 4184 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorwks.dll - ok

19:59:13.0636 4184 [ C9564CF4976E7E96B4052737AA2492B4 ] C:\Windows\winsxs\x86_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.6195_none_d09154e044272b9a\msvcr80.dll

19:59:13.0636 4184 C:\Windows\winsxs\x86_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.6195_none_d09154e044272b9a\msvcr80.dll - ok

19:59:13.0651 4184 [ B0D16BC319E37E875C4B491460807051 ] C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\2227d1559f87943255069398608d5c56\mscorlib.ni.dll

19:59:13.0651 4184 C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\2227d1559f87943255069398608d5c56\mscorlib.ni.dll - ok

19:59:13.0651 4184 [ 3B5B4D53FEC14F7476CA29A20CC31AC9 ] C:\Windows\System32\rpcss.dll

19:59:13.0651 4184 C:\Windows\System32\rpcss.dll - ok

19:59:13.0667 4184 [ 92D1B7E3981A24B8F3093CE42AB31C68 ] C:\Windows\assembly\NativeImages_v2.0.50727_32\System\cc149d08e75f8c53cd28ac926b38c370\System.ni.dll

19:59:13.0667 4184 C:\Windows\assembly\NativeImages_v2.0.50727_32\System\cc149d08e75f8c53cd28ac926b38c370\System.ni.dll - ok

19:59:13.0683 4184 [ 89E80495C896D21673588F1290AA0879 ] C:\Windows\assembly\NativeImages_v2.0.50727_32\PresentationFontCac#\9619f29de927dbf580cbcc90f0dcfd69\PresentationFontCache.ni.exe

19:59:13.0683 4184 C:\Windows\assembly\NativeImages_v2.0.50727_32\PresentationFontCac#\9619f29de927dbf580cbcc90f0dcfd69\PresentationFontCache.ni.exe - ok

19:59:13.0683 4184 [ 593555359AC8A70A59BC3A4EAE154F26 ] C:\Windows\assembly\NativeImages_v2.0.50727_32\System.ServiceProce#\15e2d7f51f15830591727d6d6a1e4032\System.ServiceProcess.ni.dll

19:59:13.0683 4184 C:\Windows\assembly\NativeImages_v2.0.50727_32\System.ServiceProce#\15e2d7f51f15830591727d6d6a1e4032\System.ServiceProcess.ni.dll - ok

19:59:13.0698 4184 [ B6A6A022E4878DAD9F61E069A67E7B76 ] C:\Windows\assembly\NativeImages_v2.0.50727_32\WindowsBase\9126f2ff9fd9c05900f67e963ccc27ef\WindowsBase.ni.dll

19:59:13.0698 4184 C:\Windows\assembly\NativeImages_v2.0.50727_32\WindowsBase\9126f2ff9fd9c05900f67e963ccc27ef\WindowsBase.ni.dll - ok

19:59:13.0698 4184 [ AFB3677620C6782B4E778B05C337055A ] C:\Windows\assembly\NativeImages_v2.0.50727_32\PresentationCore\a8080296b18898342ce986091c08b0a4\PresentationCore.ni.dll

19:59:13.0698 4184 C:\Windows\assembly\NativeImages_v2.0.50727_32\PresentationCore\a8080296b18898342ce986091c08b0a4\PresentationCore.ni.dll - ok

19:59:13.0698 4184 [ 61E69498B2724FD093B23C87ED90CC9A ] C:\Windows\assembly\GAC_32\PresentationCore\3.0.0.0__31bf3856ad364e35\PresentationCore.dll

19:59:13.0698 4184 C:\Windows\assembly\GAC_32\PresentationCore\3.0.0.0__31bf3856ad364e35\PresentationCore.dll - ok

19:59:13.0714 4184 [ 41826F4A4FCDDFCAD0A66CF004A67BE8 ] C:\Windows\Microsoft.NET\Framework\v3.0\WPF\wpfgfx_v0300.dll

19:59:13.0714 4184 C:\Windows\Microsoft.NET\Framework\v3.0\WPF\wpfgfx_v0300.dll - ok

19:59:13.0729 4184 [ 3606CE1AC3D6A9A9CB7DB35D7F5C54EC ] C:\Windows\System32\shfolder.dll

19:59:13.0729 4184 C:\Windows\System32\shfolder.dll - ok

19:59:13.0729 4184 [ 219AF0F9A54EBEEB3E7E20025D801034 ] C:\Windows\Microsoft.NET\Framework\v2.0.50727\Culture.dll

19:59:13.0729 4184 C:\Windows\Microsoft.NET\Framework\v2.0.50727\Culture.dll - ok

19:59:13.0729 4184 [ F949BF3170FCBECBF7B50152355EEF56 ] C:\Windows\assembly\GAC_MSIL\System.ServiceProcess.resources\2.0.0.0_fr_b03f5f7f11d50a3a\System.ServiceProcess.Resources.dll

19:59:13.0745 4184 C:\Windows\assembly\GAC_MSIL\System.ServiceProcess.resources\2.0.0.0_fr_b03f5f7f11d50a3a\System.ServiceProcess.Resources.dll - ok

19:59:13.0745 4184 [ 69827805A221C21450BA22F4326A2EE3 ] C:\Windows\System32\version.dll

19:59:13.0745 4184 C:\Windows\System32\version.dll - ok

19:59:13.0745 4184 [ 62D577288B48998FC6667BF22DC5B690 ] C:\Windows\System32\LogonUI.exe

19:59:13.0745 4184 C:\Windows\System32\LogonUI.exe - ok

19:59:13.0761 4184 [ 58C2521D87C494831A625202C80354AD ] C:\Windows\System32\authui.dll

19:59:13.0761 4184 C:\Windows\System32\authui.dll - ok

19:59:13.0776 4184 [ CED8A3D0DA7803CC755A21D78D326139 ] C:\Windows\System32\Ati2evxx.exe

19:59:13.0776 4184 C:\Windows\System32\Ati2evxx.exe - ok

19:59:13.0776 4184 [ F42483814FC39170B3982A184EC5AAA2 ] C:\Windows\System32\wtsapi32.dll

19:59:13.0776 4184 C:\Windows\System32\wtsapi32.dll - ok

19:59:13.0792 4184 [ 1A09CB187440993FA5E24DE1EEB7B916 ] C:\Windows\System32\cfgmgr32.dll

19:59:13.0792 4184 C:\Windows\System32\cfgmgr32.dll - ok

19:59:13.0792 4184 [ 2EC53B5A351C4D443896DBAD117F7E82 ] C:\Windows\System32\msimg32.dll

19:59:13.0792 4184 C:\Windows\System32\msimg32.dll - ok

19:59:13.0807 4184 [ 999D69DEB576C2C424294DF025891CC6 ] C:\Windows\System32\uxtheme.dll

19:59:13.0807 4184 C:\Windows\System32\uxtheme.dll - ok

19:59:13.0807 4184 [ 76EAEF4DDEBBC7C38853F586C0E91DCE ] C:\Windows\winsxs\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6002.18581_none_9e591052ca1013d0\GdiPlus.dll

19:59:13.0807 4184 C:\Windows\winsxs\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6002.18581_none_9e591052ca1013d0\GdiPlus.dll - ok

19:59:13.0823 4184 [ 75EB73E64F5B4655D9797D20F26DE320 ] C:\Windows\System32\duser.dll

19:59:13.0823 4184 C:\Windows\System32\duser.dll - ok

19:59:13.0823 4184 [ 1908CC7673F72601AFFDCA022689CEDF ] C:\Windows\System32\xmllite.dll

19:59:13.0823 4184 C:\Windows\System32\xmllite.dll - ok

19:59:13.0839 4184 [ 56B5914070B2C243DFB3D186070DA89D ] C:\Windows\System32\MMDevAPI.dll

19:59:13.0839 4184 C:\Windows\System32\MMDevAPI.dll - ok

19:59:13.0839 4184 [ C9244BCAC83B259B920BBEE18A97BFE1 ] C:\Windows\System32\avrt.dll

19:59:13.0839 4184 C:\Windows\System32\avrt.dll - ok

19:59:13.0854 4184 [ B2E569EF26DAC9D6994A2AFF4F601B7A ] C:\Windows\System32\wintrust.dll

19:59:13.0854 4184 C:\Windows\System32\wintrust.dll - ok

19:59:13.0870 4184 [ A99871BA522CB2539AE275AC18CACC8F ] C:\Windows\System32\cabinet.dll

19:59:13.0870 4184 C:\Windows\System32\cabinet.dll - ok

19:59:13.0870 4184 [ EC43D9CC95C3BB5FEFDBCF22D375E1F5 ] C:\Windows\System32\adtschema.dll

19:59:13.0870 4184 C:\Windows\System32\adtschema.dll - ok

19:59:13.0885 4184 [ 01334F9EA68E6877C4EF05D3EA8ABB05 ] C:\Windows\System32\drivers\fltMgr.sys

19:59:13.0885 4184 C:\Windows\System32\drivers\fltMgr.sys - ok

19:59:13.0885 4184 [ 22F73612087430A94DBE912AB58E0C79 ] C:\Windows\System32\ci.dll

19:59:13.0885 4184 C:\Windows\System32\ci.dll - ok

19:59:13.0901 4184 [ B25DBBA6C63A61FF4AFDB5ADAB4E70CB ] C:\Windows\System32\SmartcardCredentialProvider.dll

19:59:13.0901 4184 C:\Windows\System32\SmartcardCredentialProvider.dll - ok

19:59:13.0901 4184 [ 9DC3723519F52B6BC63EACD4BD411313 ] C:\Windows\System32\rasplap.dll

19:59:13.0901 4184 C:\Windows\System32\rasplap.dll - ok

19:59:13.0917 4184 [ 3CB863B78642405371CB3A71C07E2382 ] C:\Windows\System32\rasapi32.dll

19:59:13.0917 4184 C:\Windows\System32\rasapi32.dll - ok

19:59:13.0917 4184 [ 3A1DDA77F331D107BA40DB06E4D666E9 ] C:\Windows\System32\rasman.dll

19:59:13.0917 4184 C:\Windows\System32\rasman.dll - ok

19:59:13.0917 4184 [ 70F08ECE7A30A639D3F0C8C433685C7D ] C:\Windows\System32\tapi32.dll

19:59:13.0932 4184 C:\Windows\System32\tapi32.dll - ok

19:59:13.0932 4184 [ 70C6489D56008D75DEDF73226FA63C11 ] C:\Windows\System32\dimsjob.dll

19:59:13.0932 4184 C:\Windows\System32\dimsjob.dll - ok

19:59:13.0932 4184 [ 3D418A22A56471295AEB1CEB9027C3DA ] C:\Windows\System32\rtutils.dll

19:59:13.0932 4184 C:\Windows\System32\rtutils.dll - ok

19:59:13.0948 4184 [ 57418956DDAE128D1023C508E7D07071 ] C:\Windows\System32\PSHED.DLL

19:59:13.0948 4184 C:\Windows\System32\PSHED.DLL - ok

19:59:13.0948 4184 [ DC15AB7168C0309D8F04FD95B6240422 ] C:\Windows\System32\oleacc.dll

19:59:13.0948 4184 C:\Windows\System32\oleacc.dll - ok

19:59:13.0963 4184 [ 14FF750EFE13B0C21E5A06507C3A97B1 ] C:\Windows\System32\winmm.dll

19:59:13.0963 4184 C:\Windows\System32\winmm.dll - ok

19:59:13.0963 4184 [ 97FEF831AB90BEE128C9AF390E243F80 ] C:\Windows\System32\drivers\drmkaud.sys

19:59:13.0963 4184 C:\Windows\System32\drivers\drmkaud.sys - ok

19:59:13.0979 4184 [ 627920CFF5DFCF8CF54CF2D592D61307 ] C:\Windows\System32\WinSCard.dll

19:59:13.0979 4184 C:\Windows\System32\WinSCard.dll - ok

19:59:13.0979 4184 [ 3437B9E218A2E4586BEF4F7A3BD00777 ] C:\Windows\System32\audiodg.exe

19:59:13.0979 4184 C:\Windows\System32\audiodg.exe - ok

19:59:13.0979 4184 [ 12A1DF1B84FB45A00D47B2CDE2CEEBBA ] C:\Windows\System32\shgina.dll

19:59:13.0979 4184 C:\Windows\System32\shgina.dll - ok

19:59:13.0995 4184 [ 70932D6C3D59B416CBD2BE5A3B3D4BE6 ] C:\Windows\System32\shacct.dll

19:59:13.0995 4184 C:\Windows\System32\shacct.dll - ok

19:59:13.0995 4184 [ 7DACD94118E2D8B6D72F47ADEB0367BF ] C:\Windows\System32\propsys.dll

19:59:13.0995 4184 C:\Windows\System32\propsys.dll - ok

19:59:14.0010 4184 [ CD5D0AEEE35DFD4E986A5AA1500A6E66 ] C:\Windows\System32\gpsvc.dll

19:59:14.0010 4184 C:\Windows\System32\gpsvc.dll - ok

19:59:14.0010 4184 [ 919CC2A0476D5A6A4C935D4B88E29912 ] C:\Windows\System32\ksuser.dll

19:59:14.0010 4184 C:\Windows\System32\ksuser.dll - ok

19:59:14.0026 4184 [ 4DF066ECEE5A7B20BF8B39EF4D646600 ] C:\Windows\System32\wdmaud.drv

19:59:14.0026 4184 C:\Windows\System32\wdmaud.drv - ok

19:59:14.0026 4184 [ 67058C46504BC12D821F38CF99B7B28F ] C:\Windows\System32\es.dll

19:59:14.0026 4184 C:\Windows\System32\es.dll - ok

19:59:14.0041 4184 [ A7F8BAD9590ADDC425B4003E94780DFA ] C:\Windows\System32\drivers\spsys.sys

19:59:14.0041 4184 C:\Windows\System32\drivers\spsys.sys - ok

19:59:14.0041 4184 [ D1A84F7D4CAFCFE2A32149FF418056E5 ] C:\Windows\System32\nlaapi.dll

19:59:14.0041 4184 C:\Windows\System32\nlaapi.dll - ok

19:59:14.0057 4184 [ 409F36C8BD06FCE184631EB4142B009A ] C:\Windows\System32\atl.dll

19:59:14.0057 4184 C:\Windows\System32\atl.dll - ok

19:59:14.0057 4184 [ DB7F4AB85298F3FE522C5512B8B0F56D ] C:\Windows\System32\AudioEng.dll

19:59:14.0057 4184 C:\Windows\System32\AudioEng.dll - ok

19:59:14.0073 4184 [ 7258434974EA735725FD2D4A65C5E821 ] C:\Windows\System32\AudioSes.dll

19:59:14.0073 4184 C:\Windows\System32\AudioSes.dll - ok

19:59:14.0073 4184 [ 83199EF88D691E730B80666E29F90D58 ] C:\Windows\System32\midimap.dll

19:59:14.0073 4184 C:\Windows\System32\midimap.dll - ok

19:59:14.0088 4184 [ BDBB449425991154135E5ED1559927E6 ] C:\Windows\System32\msacm32.dll

19:59:14.0088 4184 C:\Windows\System32\msacm32.dll - ok

19:59:14.0104 4184 [ 166F004D73EA2CF4AC61800CA469458D ] C:\Windows\System32\msacm32.drv

19:59:14.0104 4184 C:\Windows\System32\msacm32.drv - ok

19:59:14.0104 4184 [ 296937202E4D930AAE98085B99D744D8 ] C:\Windows\System32\AUDIOKSE.dll

19:59:14.0104 4184 C:\Windows\System32\AUDIOKSE.dll - ok

19:59:14.0119 4184 [ 1509E705F3AC1D474C92454A5C2DD81F ] C:\Windows\System32\uxsms.dll

19:59:14.0119 4184 C:\Windows\System32\uxsms.dll - ok

19:59:14.0119 4184 [ D5CF1536137026ACDED95BF6CBF849F6 ] C:\Windows\System32\WUDFPlatform.dll

19:59:14.0119 4184 C:\Windows\System32\WUDFPlatform.dll - ok

19:59:14.0135 4184 [ 8269CC01940A202BBB9FDF26705DBD67 ] C:\Windows\System32\hid.dll

19:59:14.0135 4184 C:\Windows\System32\hid.dll - ok

19:59:14.0135 4184 [ D1C5883087A0C3F1344D9D55A44901F6 ] C:\Windows\System32\drivers\lltdio.sys

19:59:14.0135 4184 C:\Windows\System32\drivers\lltdio.sys - ok

19:59:14.0151 4184 [ 85C44FDFF9CF7E72A40DCB7EC06A4416 ] C:\Windows\System32\drivers\nwifi.sys

19:59:14.0151 4184 C:\Windows\System32\drivers\nwifi.sys - ok

19:59:14.0151 4184 [ D6973AA34C4D5D76C0430B181C3CD389 ] C:\Windows\System32\drivers\ndisuio.sys

19:59:14.0151 4184 C:\Windows\System32\drivers\ndisuio.sys - ok

19:59:14.0166 4184 [ 9C508F4074A39E8B4B31D27198146FAD ] C:\Windows\System32\drivers\rspndr.sys

19:59:14.0166 4184 C:\Windows\System32\drivers\rspndr.sys - ok

19:59:14.0166 4184 [ 6836D001FC733F205ACB80A7986CB6C9 ] C:\Windows\System32\WindowsCodecs.dll

19:59:14.0166 4184 C:\Windows\System32\WindowsCodecs.dll - ok

19:59:14.0182 4184 [ A7E37B332082963005E2549FF411B6F8 ] C:\Windows\System32\ati2edxx.dll

19:59:14.0182 4184 C:\Windows\System32\ati2edxx.dll - ok

19:59:14.0182 4184 [ 1112101004A44952440F88CFC3DB03E1 ] C:\Windows\System32\atipdlxx.dll

19:59:14.0182 4184 C:\Windows\System32\atipdlxx.dll - ok

19:59:14.0197 4184 [ 57D762F6F5974AF0DA2BE88A3349BAAA ] C:\Windows\System32\dnsrslvr.dll

19:59:14.0197 4184 C:\Windows\System32\dnsrslvr.dll - ok

19:59:14.0197 4184 [ 1FD2B41B605850EE20E1A1F597331E50 ] C:\Windows\System32\RtkAPO.dll

19:59:14.0197 4184 C:\Windows\System32\RtkAPO.dll - ok

19:59:14.0213 4184 [ 3AB4023CBD406AC33AB8CDFF6C8079A0 ] C:\Windows\System32\eapphost.dll

19:59:14.0213 4184 C:\Windows\System32\eapphost.dll - ok

19:59:14.0213 4184 [ 3B0489DE8CC3058B48471660C60A7B75 ] C:\Windows\System32\rastls.dll

19:59:14.0213 4184 C:\Windows\System32\rastls.dll - ok

19:59:14.0229 4184 [ C20DEADADFE3FC2B7F507403B98DEE39 ] C:\Windows\System32\Ati2evxx.dll

19:59:14.0229 4184 C:\Windows\System32\Ati2evxx.dll - ok

19:59:14.0229 4184 [ 82A79D5BE740D0AE9C91AA6DE4B3AC5A ] C:\Windows\System32\raschap.dll

19:59:14.0229 4184 C:\Windows\System32\raschap.dll - ok

19:59:14.0229 4184 [ E45051C374F845EDF3DB02A35BA13193 ] C:\Windows\System32\umb.dll

19:59:14.0229 4184 C:\Windows\System32\umb.dll - ok

19:59:14.0244 4184 [ 3727F8B85E24BBDD325BFF75F029DDE3 ] C:\Windows\System32\wlanmsm.dll

19:59:14.0244 4184 C:\Windows\System32\wlanmsm.dll - ok

19:59:14.0244 4184 [ 4662AF853DFAD5648CE3814E7D9EF3D6 ] C:\Windows\System32\wlansec.dll

19:59:14.0244 4184 C:\Windows\System32\wlansec.dll - ok

19:59:14.0260 4184 [ B64AC7967D6B9FB2D6152AC768A1CB88 ] C:\Windows\System32\onex.dll

19:59:14.0260 4184 C:\Windows\System32\onex.dll - ok

19:59:14.0260 4184 [ 9D9FFC923FADBB575E0452EA0BBB15BD ] C:\Windows\System32\eappprxy.dll

19:59:14.0260 4184 C:\Windows\System32\eappprxy.dll - ok

19:59:14.0275 4184 [ 5D0FE613570CABE3992F7DBCD68E61D1 ] C:\Windows\System32\eappcfg.dll

19:59:14.0275 4184 C:\Windows\System32\eappcfg.dll - ok

19:59:14.0275 4184 [ BE01E566D1F569AAB32D0335613E1EEA ] C:\Windows\System32\dllhost.exe

19:59:14.0275 4184 C:\Windows\System32\dllhost.exe - ok

19:59:14.0291 4184 [ 0727200F10320A6BA7E59433094FBBA7 ] C:\Windows\System32\WMALFXGFXDSP.dll

19:59:14.0291 4184 C:\Windows\System32\WMALFXGFXDSP.dll - ok

19:59:14.0291 4184 [ BF142D4F8C61ED3629A9CDD7BA867900 ] C:\Windows\System32\mfplat.dll

19:59:14.0291 4184 C:\Windows\System32\mfplat.dll - ok

19:59:14.0307 4184 [ 91D995A67D9447592A1BF21CBC15C628 ] C:\Windows\System32\wlgpclnt.dll

19:59:14.0307 4184 C:\Windows\System32\wlgpclnt.dll - ok

19:59:14.0307 4184 [ 19FFAD68A02AF1BF0BC336EE26CD6767 ] C:\Windows\System32\l2gpstore.dll

19:59:14.0307 4184 C:\Windows\System32\l2gpstore.dll - ok

19:59:14.0322 4184 [ EB2170D0DDF3B2A92506AE16BC524B0B ] C:\Windows\System32\wlanutil.dll

19:59:14.0322 4184 C:\Windows\System32\wlanutil.dll - ok

19:59:14.0322 4184 [ 0296DAEB5555A248E8ABF7E5012A37A6 ] C:\Windows\System32\msxml6.dll

19:59:14.0322 4184 C:\Windows\System32\msxml6.dll - ok

19:59:14.0338 4184 [ 1DACD1530C6E58AEAE9F6DE7DA851935 ] C:\Windows\System32\shimeng.dll

19:59:14.0338 4184 C:\Windows\System32\shimeng.dll - ok

19:59:14.0338 4184 [ 8FA553E9AE69808D99C164733A0F9590 ] C:\Program Files\AVAST Software\Avast\AvastSvc.exe

19:59:14.0338 4184 C:\Program Files\AVAST Software\Avast\AvastSvc.exe - ok

19:59:14.0353 4184 [ 35ACD5EA63D75E97DD0E9A1629E582B2 ] C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_5.82.6002.18305_none_88f3a38569c2c436\comctl32.dll

19:59:14.0353 4184 C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_5.82.6002.18305_none_88f3a38569c2c436\comctl32.dll - ok

19:59:14.0353 4184 [ EB398DED91CFF2F425610EAA2CCF2A23 ] C:\Program Files\AVAST Software\Avast\aswCmnBS.dll

19:59:14.0353 4184 C:\Program Files\AVAST Software\Avast\aswCmnBS.dll - ok

19:59:14.0369 4184 [ 178B51198B7B46CD3C5E744474459A63 ] C:\Program Files\AVAST Software\Avast\aswCmnOS.dll

19:59:14.0369 4184 C:\Program Files\AVAST Software\Avast\aswCmnOS.dll - ok

19:59:14.0385 4184 [ BABE99A18A382A5E2F99B48E0BC3E0D4 ] C:\Program Files\AVAST Software\Avast\aswCmnIS.dll

19:59:14.0385 4184 C:\Program Files\AVAST Software\Avast\aswCmnIS.dll - ok

19:59:14.0385 4184 [ CDBE9690CF2B8409FACAD94FAC9479C9 ] C:\Windows\winsxs\x86_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.6161_none_50934f2ebcb7eb57\msvcr90.dll

19:59:14.0385 4184 C:\Windows\winsxs\x86_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.6161_none_50934f2ebcb7eb57\msvcr90.dll - ok

19:59:14.0400 4184 [ 4C39358EBDD2FFCD9132A30E1EC31E16 ] C:\Windows\winsxs\x86_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.6161_none_50934f2ebcb7eb57\msvcp90.dll

19:59:14.0400 4184 C:\Windows\winsxs\x86_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.6161_none_50934f2ebcb7eb57\msvcp90.dll - ok

19:59:14.0400 4184 [ B476286AABA94507D062757A862A516C ] C:\Windows\System32\KBDRU.DLL

19:59:14.0400 4184 C:\Windows\System32\KBDRU.DLL - ok

19:59:14.0416 4184 [ 5AC2959FE26E47AEDCA4B0E2075C6D4A ] C:\Windows\System32\KBDUR.DLL

19:59:14.0416 4184 C:\Windows\System32\KBDUR.DLL - ok

19:59:14.0416 4184 [ 55AFA63F5F2A6CED0C09E2AFE57ECA8D ] C:\Program Files\AVAST Software\Avast\ashBase.dll

19:59:14.0416 4184 C:\Program Files\AVAST Software\Avast\ashBase.dll - ok

19:59:14.0431 4184 [ E582816A4855914DEFFC212E12B3B744 ] C:\Windows\System32\wsock32.dll

19:59:14.0431 4184 C:\Windows\System32\wsock32.dll - ok

19:59:14.0431 4184 [ C515CAEC6B3C6970007954C0250A124C ] C:\Program Files\AVAST Software\Avast\aswEngLdr.dll

19:59:14.0431 4184 C:\Program Files\AVAST Software\Avast\aswEngLdr.dll - ok

19:59:14.0447 4184 [ 6BC5FCEF351E4CB5A269C1E84B5A06DA ] C:\Windows\System32\netcfgx.dll

19:59:14.0447 4184 C:\Windows\System32\netcfgx.dll - ok

19:59:14.0447 4184 [ 0E135526E9785D085BCD9AEDE6FBCBF9 ] C:\Windows\System32\userinit.exe

19:59:14.0447 4184 C:\Windows\System32\userinit.exe - ok

19:59:14.0447 4184 [ 9B96F6952186336CC6E3D4E08BE2E0AF ] C:\Windows\System32\dwmapi.dll

19:59:14.0447 4184 C:\Windows\System32\dwmapi.dll - ok

19:59:14.0463 4184 [ D80C6539C00CB4F5D59066865479C308 ] C:\Windows\System32\dwmredir.dll

19:59:14.0463 4184 C:\Windows\System32\dwmredir.dll - ok

19:59:14.0463 4184 [ 4934241CD20AC87D78121352E3BA8318 ] C:\Windows\System32\dbghelp.dll

19:59:14.0463 4184 C:\Windows\System32\dbghelp.dll - ok

19:59:14.0478 4184 [ C99403A5B641520DAED0021DDA06F272 ] C:\Windows\System32\milcore.dll

19:59:14.0478 4184 C:\Windows\System32\milcore.dll - ok

19:59:14.0478 4184 [ BA532056D96DD262EAE1F201D8E2E1F6 ] C:\Program Files\AVAST Software\Avast\1036\Base.dll

19:59:14.0478 4184 C:\Program Files\AVAST Software\Avast\1036\Base.dll - ok

19:59:14.0494 4184 [ D922592AB65C5D9B88B30B4510A3464E ] C:\Windows\System32\cscapi.dll

19:59:14.0494 4184 C:\Windows\System32\cscapi.dll - ok

19:59:14.0494 4184 [ 977C54291BFA6FEE7FF865630E51757B ] C:\Program Files\AVAST Software\Avast\ashServ.dll

19:59:14.0494 4184 C:\Program Files\AVAST Software\Avast\ashServ.dll - ok

19:59:14.0509 4184 [ BC0E07A768A0A14C48E3CE1875F2C377 ] C:\Program Files\AVAST Software\Avast\afwServ.exe

19:59:14.0509 4184 C:\Program Files\AVAST Software\Avast\afwServ.exe - ok

19:59:14.0509 4184 [ 045EE3DC56B12B404DC07848D8597C66 ] C:\Program Files\AVAST Software\Avast\aswAux.dll

19:59:14.0509 4184 C:\Program Files\AVAST Software\Avast\aswAux.dll - ok

19:59:14.0525 4184 [ 16CE3ED063923253905341C9AF850FE7 ] C:\Program Files\AVAST Software\Avast\ashTask.dll

19:59:14.0525 4184 C:\Program Files\AVAST Software\Avast\ashTask.dll - ok

19:59:14.0525 4184 [ CF2ABD2AC91850BC2832078F4EEE95C2 ] C:\Program Files\AVAST Software\Avast\afwCore.dll

19:59:14.0525 4184 C:\Program Files\AVAST Software\Avast\afwCore.dll - ok

19:59:14.0541 4184 [ 4FF19AC422B7709D786DE58B385C9647 ] C:\Program Files\AVAST Software\Avast\ashTaskEx.dll

19:59:14.0541 4184 C:\Program Files\AVAST Software\Avast\ashTaskEx.dll - ok

19:59:14.0556 4184 [ 6F367A9B88CFDD46F42C1D11E5CB7964 ] C:\Program Files\AVAST Software\Avast\Aavm4h.dll

19:59:14.0556 4184 C:\Program Files\AVAST Software\Avast\Aavm4h.dll - ok

19:59:14.0556 4184 [ FCA9CC8611654B790DD6242BF862B7F5 ] C:\Program Files\AVAST Software\Avast\aswLog.dll

19:59:14.0556 4184 C:\Program Files\AVAST Software\Avast\aswLog.dll - ok

19:59:14.0572 4184 [ C2434DEA392826C1687D9BD7FA4845BC ] C:\Program Files\AVAST Software\Avast\AavmRpch.dll

19:59:14.0572 4184 C:\Program Files\AVAST Software\Avast\AavmRpch.dll - ok

19:59:14.0572 4184 [ F186897E0A3B9D0784041221D0265069 ] C:\Program Files\AVAST Software\Avast\aswSqLt.dll

19:59:14.0572 4184 C:\Program Files\AVAST Software\Avast\aswSqLt.dll - ok

19:59:14.0587 4184 [ 12B9869E74F9E698F550F04F8989C591 ] C:\Program Files\AVAST Software\Avast\aswProperty.dll

19:59:14.0587 4184 C:\Program Files\AVAST Software\Avast\aswProperty.dll - ok

19:59:14.0587 4184 [ 902F670F58193A2BC30AA342B11B2C7B ] C:\Program Files\AVAST Software\Avast\aswIdle.dll

19:59:14.0587 4184 C:\Program Files\AVAST Software\Avast\aswIdle.dll - ok

19:59:14.0603 4184 [ D07D4C3038F3578FFCE1C0237F2A1253 ] C:\Windows\explorer.exe

19:59:14.0603 4184 C:\Windows\explorer.exe - ok

19:59:14.0603 4184 [ 264B5D8F4C70A26749FF2CEDDE06BA30 ] C:\Program Files\AVAST Software\Avast\aswDld.dll

19:59:14.0603 4184 C:\Program Files\AVAST Software\Avast\aswDld.dll - ok

19:59:14.0619 4184 [ 273FD83FC8C4E12F8C55381674F92A44 ] C:\Program Files\AVAST Software\Avast\aswStrm.dll

19:59:14.0619 4184 C:\Program Files\AVAST Software\Avast\aswStrm.dll - ok

19:59:14.0619 4184 [ D7B3DE60620D5ADA3D75428A845A0F67 ] C:\Program Files\AVAST Software\Avast\afwCoreServ.dll

19:59:14.0619 4184 C:\Program Files\AVAST Software\Avast\afwCoreServ.dll - ok

19:59:14.0634 4184 [ E959C3E026B7C0D0A3890F99B6274536 ] C:\Program Files\AVAST Software\Avast\afwRpc.dll

19:59:14.0634 4184 C:\Program Files\AVAST Software\Avast\afwRpc.dll - ok

19:59:14.0634 4184 [ E491A3812A4AEE8C2A5FBD1265BBF701 ] C:\Program Files\AVAST Software\Avast\afwCoreClient.dll

19:59:14.0634 4184 C:\Program Files\AVAST Software\Avast\afwCoreClient.dll - ok

19:59:14.0650 4184 [ 167AC31450C0C53A01FA1491E94D7678 ] C:\Windows\System32\shdocvw.dll

19:59:14.0650 4184 C:\Windows\System32\shdocvw.dll - ok

19:59:14.0665 4184 [ 90C081738668AC4118B0F397159C7848 ] C:\Program Files\AVAST Software\Avast\afwGeoIP.dll

19:59:14.0665 4184 C:\Program Files\AVAST Software\Avast\afwGeoIP.dll - ok

19:59:14.0665 4184 [ 8AAEEE8E59A70F37579993D118A34EE0 ] C:\Windows\System32\d3d9.dll

19:59:14.0665 4184 C:\Windows\System32\d3d9.dll - ok

19:59:14.0665 4184 [ 4504819D18FAC09B6108D8728467E5B2 ] C:\Windows\System32\browseui.dll

19:59:14.0665 4184 C:\Windows\System32\browseui.dll - ok

19:59:14.0681 4184 [ CD6DA5770CAE9D5E6E86722E17B442E0 ] C:\Windows\System32\d3d8thk.dll

19:59:14.0681 4184 C:\Windows\System32\d3d8thk.dll - ok

19:59:14.0681 4184 [ B0BE007C2BB3FC8DCE4718662ABE1947 ] C:\Windows\System32\atiumdag.dll

19:59:14.0681 4184 C:\Windows\System32\atiumdag.dll - ok

19:59:14.0697 4184 [ 196CBFAAF7CAAA5C5DE14FD2959869E4 ] C:\Program Files\AVAST Software\Avast\defs\13021500\aswEngin.dll

19:59:14.0697 4184 C:\Program Files\AVAST Software\Avast\defs\13021500\aswEngin.dll - ok

19:59:14.0697 4184 [ B0387E7CFCBB41317AC94708204B19D5 ] C:\Program Files\AVAST Software\Avast\defs\13021500\aswCmnOS.dll

19:59:14.0697 4184 C:\Program Files\AVAST Software\Avast\defs\13021500\aswCmnOS.dll - ok

19:59:14.0712 4184 [ 3AE814769FD59498E9AF30A1B86417DF ] C:\Program Files\AVAST Software\Avast\defs\13021500\aswCmnIS.dll

19:59:14.0712 4184 C:\Program Files\AVAST Software\Avast\defs\13021500\aswCmnIS.dll - ok

19:59:14.0712 4184 [ 499BABC5A821EBE438213BB4908F12B1 ] C:\Windows\System32\atiumdva.dll

19:59:14.0712 4184 C:\Windows\System32\atiumdva.dll - ok

19:59:14.0728 4184 [ 8685ECAFFBCD99E16B1D8F8003C456D7 ] C:\Program Files\AVAST Software\Avast\defs\13021500\aswCmnBS.dll

19:59:14.0728 4184 C:\Program Files\AVAST Software\Avast\defs\13021500\aswCmnBS.dll - ok

19:59:14.0728 4184 [ 707715D4C54AC3F754D954CC8D759414 ] C:\Program Files\AVAST Software\Avast\defs\13021500\aswScan.dll

19:59:14.0728 4184 C:\Program Files\AVAST Software\Avast\defs\13021500\aswScan.dll - ok

19:59:14.0743 4184 [ C25001B470B1456BB32B20002C4DB9BB ] C:\Program Files\AVAST Software\Avast\defs\13021500\aswRep.dll

19:59:14.0743 4184 C:\Program Files\AVAST Software\Avast\defs\13021500\aswRep.dll - ok

19:59:14.0759 4184 [ C1F048B33A1BD8F5B05AF76469252F55 ] C:\Program Files\AVAST Software\Avast\defs\13021500\aswFiDb.dll

19:59:14.0759 4184 C:\Program Files\AVAST Software\Avast\defs\13021500\aswFiDb.dll - ok

19:59:14.0759 4184 [ 7A623F6B4C51F6F2BC1A31D5787FC0A7 ] C:\Windows\System32\uDWM.dll

19:59:14.0759 4184 C:\Windows\System32\uDWM.dll - ok

19:59:14.0759 4184 [ CA0B849566776A17F35F0339BE17DFD9 ] C:\Windows\System32\ktmw32.dll

19:59:14.0759 4184 C:\Windows\System32\ktmw32.dll - ok

19:59:14.0775 4184 [ 4D153BDE01AA3FD33414199052051549 ] C:\Program Files\AVAST Software\Avast\ashShell.dll

19:59:14.0775 4184 C:\Program Files\AVAST Software\Avast\ashShell.dll - ok

19:59:14.0775 4184 [ D0A95E567224B4C347CBDD6541E5D928 ] C:\Windows\System32\wscisvif.dll

19:59:14.0775 4184 C:\Windows\System32\wscisvif.dll - ok

19:59:14.0790 4184 [ A0F4852A5DB9754BEC06F84B400AE743 ] C:\Windows\System32\wscapi.dll

19:59:14.0790 4184 C:\Windows\System32\wscapi.dll - ok

19:59:14.0790 4184 [ 401DFFDBBBD3F07C747ED1AE2BB88106 ] C:\Windows\System32\msi.dll

19:59:14.0790 4184 C:\Windows\System32\msi.dll - ok

19:59:14.0806 4184 [ 2A6A2C09ECC2CB495628E45F1379ECE8 ] C:\Windows\System32\taskcomp.dll

19:59:14.0806 4184 C:\Windows\System32\taskcomp.dll - ok

19:59:14.0806 4184 [ 73FE2E5FA55088A241AA2732F5D387D6 ] C:\Windows\System32\wiarpc.dll

19:59:14.0806 4184 C:\Windows\System32\wiarpc.dll - ok

19:59:14.0821 4184 [ D0F4D18D2A3B8B12AEF86ADA7D196078 ] C:\Program Files\AVAST Software\Avast\defs\13021500\algo.dll

19:59:14.0821 4184 C:\Program Files\AVAST Software\Avast\defs\13021500\algo.dll - ok

19:59:14.0821 4184 [ 3D50C4B10352367D5CB20ED1F50F8DA2 ] C:\Windows\System32\taskeng.exe

19:59:14.0821 4184 C:\Windows\System32\taskeng.exe - ok

19:59:14.0837 4184 [ B11FDCA4410D6252964EF97F9A47DE74 ] C:\Windows\System32\TSChannel.dll

19:59:14.0837 4184 C:\Windows\System32\TSChannel.dll - ok

19:59:14.0837 4184 [ 4AD7832278DD2BDC503335C86B357A57 ] C:\Program Files\AVAST Software\Avast\defs\13021500\fwAux.dll

19:59:14.0837 4184 C:\Program Files\AVAST Software\Avast\defs\13021500\fwAux.dll - ok

19:59:14.0853 4184 [ F870AA3E254628EBEAFE754108D664DE ] C:\Windows\System32\drivers\http.sys

19:59:14.0853 4184 C:\Windows\System32\drivers\http.sys - ok

19:59:14.0853 4184 [ E79FDA8D320147FDC347C504B3487F87 ] C:\Windows\System32\spoolss.dll

19:59:14.0853 4184 C:\Windows\System32\spoolss.dll - ok

19:59:14.0868 4184 [ 7605C0E1D01A08F3ECD743F38B834A44 ] C:\Windows\System32\drivers\srvnet.sys

19:59:14.0868 4184 C:\Windows\System32\drivers\srvnet.sys - ok

19:59:14.0868 4184 [ 14E4470BF8ACA69A85D741BA99F75F96 ] C:\Windows\System32\EhStorShell.dll

19:59:14.0868 4184 C:\Windows\System32\EhStorShell.dll - ok

19:59:14.0884 4184 [ B0D12F4344EB2AE96E487D2DF6F74413 ] C:\Windows\System32\FWPUCLNT.DLL

19:59:14.0884 4184 C:\Windows\System32\FWPUCLNT.DLL - ok

19:59:14.0884 4184 [ 111C47816F39A91EAAA18DA0A54E8E63 ] C:\Windows\System32\imageres.dll

19:59:14.0884 4184 C:\Windows\System32\imageres.dll - ok

19:59:14.0899 4184 [ 08578F3CA5365F896D90CE2BF97FD000 ] C:\Windows\System32\IconCodecService.dll

19:59:14.0899 4184 C:\Windows\System32\IconCodecService.dll - ok

19:59:14.0899 4184 [ 35F376253F687BDE63976CCB3F2108CA ] C:\Windows\System32\drivers\bowser.sys

19:59:14.0899 4184 C:\Windows\System32\drivers\bowser.sys - ok

19:59:14.0915 4184 [ 22241FEBA9B2DEFA669C8CB0A8DD7D2E ] C:\Windows\System32\drivers\mpsdrv.sys

19:59:14.0915 4184 C:\Windows\System32\drivers\mpsdrv.sys - ok

19:59:14.0915 4184 [ 5DE62C6E9108F14F6794060A9BDECAEC ] C:\Windows\System32\MPSSVC.dll

19:59:14.0915 4184 C:\Windows\System32\MPSSVC.dll - ok

19:59:14.0931 4184 [ 82CEA0395524AACFEB58BA1448E8325C ] C:\Windows\System32\drivers\mrxdav.sys

19:59:14.0931 4184 C:\Windows\System32\drivers\mrxdav.sys - ok

19:59:14.0931 4184 [ 1E94971C4B446AB2290DEB71D01CF0C2 ] C:\Windows\System32\drivers\mrxsmb.sys

19:59:14.0931 4184 C:\Windows\System32\drivers\mrxsmb.sys - ok

19:59:14.0946 4184 [ 4FCCB34D793B116423209C0F8B7A3B03 ] C:\Windows\System32\drivers\mrxsmb10.sys

19:59:14.0946 4184 C:\Windows\System32\drivers\mrxsmb10.sys - ok

19:59:14.0946 4184 [ C3CB1B40AD4A0124D617A1199B0B9D7C ] C:\Windows\System32\drivers\mrxsmb20.sys

19:59:14.0946 4184 C:\Windows\System32\drivers\mrxsmb20.sys - ok

19:59:14.0962 4184 [ FF33AFF99564B1AA534F58868CBE41EF ] C:\Windows\System32\drivers\srv2.sys

19:59:14.0962 4184 C:\Windows\System32\drivers\srv2.sys - ok

19:59:14.0962 4184 [ 41987F9FC0E61ADF54F581E15029AD91 ] C:\Windows\System32\drivers\srv.sys

19:59:14.0962 4184 C:\Windows\System32\drivers\srv.sys - ok

19:59:14.0977 4184 [ 043E565DE901F2C284F44B3C834CC0B2 ] C:\Program Files\FinalMediaPlayer\FMPCheckForUpdates.exe

19:59:14.0977 4184 C:\Program Files\FinalMediaPlayer\FMPCheckForUpdates.exe - ok

19:59:14.0977 4184 [ 0745D6EAD386710110817FBEC03F5161 ] C:\Windows\System32\wfapigp.dll

19:59:14.0977 4184 C:\Windows\System32\wfapigp.dll - ok

19:59:14.0993 4184 [ 5F1DEC3824E566457F53F24F493FEF08 ] C:\Windows\System32\mscms.dll

19:59:14.0993 4184 C:\Windows\System32\mscms.dll - ok

19:59:14.0993 4184 [ F02A533F517EB38333CB12A9E8963773 ] C:\Program Files\Google\Update\GoogleUpdate.exe

19:59:14.0993 4184 C:\Program Files\Google\Update\GoogleUpdate.exe - ok

19:59:15.0009 4184 [ E223D2851906B84F52E1B75EA16198F9 ] C:\Windows\Microsoft.NET\Framework\v4.0.30319\ServiceModelEvents.dll

19:59:15.0009 4184 C:\Windows\Microsoft.NET\Framework\v4.0.30319\ServiceModelEvents.dll - ok

19:59:15.0009 4184 [ 1311171CF8F6D2954441EF2A42693035 ] C:\Windows\System32\WsmRes.dll

19:59:15.0009 4184 C:\Windows\System32\WsmRes.dll - ok

19:59:15.0024 4184 [ E230F3776F373F4C5E788794B53101E4 ] C:\Windows\System32\plasrv.exe

19:59:15.0024 4184 C:\Windows\System32\plasrv.exe - ok

19:59:15.0024 4184 [ D025E95247353BA8ADB53CFF3A4E5BBB ] C:\Program Files\AVAST Software\Avast\Setup\setiface.dll

19:59:15.0024 4184 C:\Program Files\AVAST Software\Avast\Setup\setiface.dll - ok

19:59:15.0024 4184 [ 782C8019C89920A77B1907AD3B4C8FF9 ] C:\Windows\System32\HotStartUserAgent.dll

19:59:15.0024 4184 C:\Windows\System32\HotStartUserAgent.dll - ok

19:59:15.0040 4184 [ 57125869A7B9638A5D11DD685AA65EB4 ] C:\Windows\System32\PlaySndSrv.dll

19:59:15.0040 4184 C:\Windows\System32\PlaySndSrv.dll - ok

19:59:15.0055 4184 [ 9FF47CD8A3787C8FD3CDFE40441C722E ] C:\Program Files\Google\Update\1.3.21.123\goopdate.dll

19:59:15.0055 4184 C:\Program Files\Google\Update\1.3.21.123\goopdate.dll - ok

19:59:15.0055 4184 [ 43E1054C713C48D252A1826C5E14AACA ] C:\Windows\System32\MsCtfMonitor.dll

19:59:15.0055 4184 C:\Windows\System32\MsCtfMonitor.dll - ok

19:59:15.0071 4184 [ C6DA42ADA0C5FC8CB05744229D632B47 ] C:\Windows\System32\msutb.dll

19:59:15.0071 4184 C:\Windows\System32\msutb.dll - ok

19:59:15.0071 4184 [ 293C5CCD99D332ECC94637FEDA38D1F2 ] C:\Windows\System32\TMM.dll

19:59:15.0071 4184 C:\Windows\System32\TMM.dll - ok

19:59:15.0087 4184 [ 4B555106290BD117334E9A08761C035A ] C:\Windows\System32\rundll32.exe

19:59:15.0087 4184 C:\Windows\System32\rundll32.exe - ok

19:59:15.0087 4184 [ AE5A69F44C1F97EDC83237FC0B29B6FB ] C:\Program Files\Google\Update\1.3.21.123\GoogleCrashHandler.exe

19:59:15.0087 4184 C:\Program Files\Google\Update\1.3.21.123\GoogleCrashHandler.exe - ok

19:59:15.0102 4184 [ 73FD66B14D3C4252F7A524B8836A4359 ] C:\Windows\System32\mstask.dll

19:59:15.0102 4184 C:\Windows\System32\mstask.dll - ok

19:59:15.0118 4184 [ D6804F089CBB6749E95124E7C4D80900 ] C:\Windows\AppPatch\AcLayers.dll

19:59:15.0118 4184 C:\Windows\AppPatch\AcLayers.dll - ok

19:59:15.0118 4184 [ BDE89AB6F15F0093A2A7861D1FC413ED ] C:\Windows\System32\QAGENT.DLL

19:59:15.0118 4184 C:\Windows\System32\QAGENT.DLL - ok

19:59:15.0133 4184 [ 769D027B977CED05658C85E698D3C5B1 ] C:\Windows\System32\QUTIL.DLL

19:59:15.0133 4184 C:\Windows\System32\QUTIL.DLL - ok

19:59:15.0133 4184 [ AD721E748E632BFDB578627C8E60E83D ] C:\Windows\System32\atitmmxx.dll

19:59:15.0133 4184 C:\Windows\System32\atitmmxx.dll - ok

19:59:15.0149 4184 [ 5EC8FB83F31AA2D6F421F02C3F4F4475 ] C:\Windows\System32\winspool.drv

19:59:15.0149 4184 C:\Windows\System32\winspool.drv - ok

19:59:15.0149 4184 [ 295363D4317820AED0D527E15B90A8ED ] C:\Windows\System32\pdh.dll

19:59:15.0149 4184 C:\Windows\System32\pdh.dll - ok

19:59:15.0165 4184 [ 8A38B5E8493A9D103083B8620AC5F3A1 ] C:\Windows\System32\tdh.dll

19:59:15.0165 4184 C:\Windows\System32\tdh.dll - ok

19:59:15.0165 4184 [ A9542FF2E9A82CF100E5729EC79068F0 ] C:\Windows\System32\fltLib.dll

19:59:15.0165 4184 C:\Windows\System32\fltLib.dll - ok

19:59:15.0180 4184 [ 9C09AF87AC7351985AB5FFBA3FC52575 ] C:\Program Files\AVAST Software\Avast\AhResBhv.dll

19:59:15.0180 4184 C:\Program Files\AVAST Software\Avast\AhResBhv.dll - ok

19:59:15.0180 4184 [ E844C96552989FA1ECA95778583A904C ] C:\Program Files\AVAST Software\Avast\AhResJs.dll

19:59:15.0180 4184 C:\Program Files\AVAST Software\Avast\AhResJs.dll - ok

19:59:15.0196 4184 [ 17F5861A03516864A5F4CC04C7324278 ] C:\Program Files\AVAST Software\Avast\AhResMai.dll

19:59:15.0196 4184 C:\Program Files\AVAST Software\Avast\AhResMai.dll - ok

19:59:15.0196 4184 [ 8BEC10C53E927CD5E442FE332804F1AC ] C:\Program Files\AVAST Software\Avast\AhResMes.dll

19:59:15.0196 4184 C:\Program Files\AVAST Software\Avast\AhResMes.dll - ok

19:59:15.0211 4184 [ 9B2F20ECF609EDF54FEC43E792028261 ] C:\Program Files\AVAST Software\Avast\AhResNS.dll

19:59:15.0211 4184 C:\Program Files\AVAST Software\Avast\AhResNS.dll - ok

19:59:15.0211 4184 [ 857661F2E5A677CFB6D3B2CF6E428227 ] C:\Program Files\AVAST Software\Avast\AhResP2P.dll

19:59:15.0211 4184 C:\Program Files\AVAST Software\Avast\AhResP2P.dll - ok

19:59:15.0227 4184 [ 4187264E696698CE1FB7081EDDF9A6F2 ] C:\Program Files\AVAST Software\Avast\AhResSPM.dll

19:59:15.0227 4184 C:\Program Files\AVAST Software\Avast\AhResSPM.dll - ok

19:59:15.0227 4184 [ 2466ED58B8EFB3320BCA73ACF8179D24 ] C:\Program Files\AVAST Software\Avast\AhResStd.dll

19:59:15.0227 4184 C:\Program Files\AVAST Software\Avast\AhResStd.dll - ok

19:59:15.0243 4184 [ 5D9550E02D981B92B133E5F8F7BDF8D2 ] C:\Program Files\AVAST Software\Avast\AhResWS.dll

19:59:15.0243 4184 C:\Program Files\AVAST Software\Avast\AhResWS.dll - ok

19:59:15.0243 4184 [ 823C5BEB3D5B79090473FBD00C2D05C8 ] C:\Program Files\AVAST Software\Avast\defs\13021500\ArPot.dll

19:59:15.0243 4184 C:\Program Files\AVAST Software\Avast\defs\13021500\ArPot.dll - ok

19:59:15.0258 4184 [ 1ABFFB6ABE8B70EDA4206F0F3D3D72F4 ] C:\Program Files\AVAST Software\Avast\ashMaiSv.dll

19:59:15.0258 4184 C:\Program Files\AVAST Software\Avast\ashMaiSv.dll - ok

19:59:15.0258 4184 [ C411C80F90D6732380352B98B37BBD53 ] C:\Windows\System32\winrnr.dll

19:59:15.0258 4184 C:\Windows\System32\winrnr.dll - ok

19:59:15.0274 4184 [ 6CF93FC44E346AE4D117C7A1F340BE2F ] C:\Program Files\AVAST Software\Avast\defs\13021500\exts.dll

19:59:15.0274 4184 C:\Program Files\AVAST Software\Avast\defs\13021500\exts.dll - ok

19:59:15.0274 4184 [ A7D525E5C0D91C8C1D84C6BCD25AD77D ] C:\Windows\System32\rasadhlp.dll

19:59:15.0274 4184 C:\Windows\System32\rasadhlp.dll - ok

19:59:15.0289 4184 [ 39EADCAA61372C038BCFED96DF5323DA ] C:\Program Files\AVAST Software\Avast\ashWebSv.dll

19:59:15.0289 4184 C:\Program Files\AVAST Software\Avast\ashWebSv.dll - ok

19:59:15.0289 4184 [ 0A990AFB9F2726323D61C8ECB8B70B17 ] C:\Windows\System32\security.dll

19:59:15.0289 4184 C:\Windows\System32\security.dll - ok

19:59:15.0305 4184 [ 96386E75BCFED6F339BE01359D6CBFAF ] C:\Program Files\AVAST Software\Avast\ashWsFtr.dll

19:59:15.0305 4184 C:\Program Files\AVAST Software\Avast\ashWsFtr.dll - ok

19:59:15.0305 4184 [ 2604B56B92A344B7ED66BEF4AFE8AD3A ] C:\Program Files\AVAST Software\Avast\aswSpam.dll

19:59:15.0305 4184 C:\Program Files\AVAST Software\Avast\aswSpam.dll - ok

19:59:15.0306 4184 [ C363295621BF0CD8C2E05D62DBBE1A8C ] C:\Program Files\AVAST Software\Avast\winspamcatcher.dll

19:59:15.0306 4184 C:\Program Files\AVAST Software\Avast\winspamcatcher.dll - ok

19:59:15.0306 4184 [ A324D72A06C110152E7607745F39BFA1 ] C:\Windows\System32\netmsg.dll

19:59:15.0306 4184 C:\Windows\System32\netmsg.dll - ok

19:59:15.0317 4184 [ 452341E471D2D961229DFE0842957272 ] C:\Windows\System32\sscore.dll

19:59:15.0317 4184 C:\Windows\System32\sscore.dll - ok

19:59:15.0326 4184 [ D333058925CE305E39DE8D5AD2B52A46 ] C:\Windows\System32\clusapi.dll

19:59:15.0326 4184 C:\Windows\System32\clusapi.dll - ok

19:59:15.0335 4184 [ 6468C3FF6D0C7874FA8C619AF3E23B22 ] C:\Windows\System32\activeds.dll

19:59:15.0335 4184 C:\Windows\System32\activeds.dll - ok

19:59:15.0367 4184 [ E9B9C1B98C8D6D48407E1C1203EAC659 ] C:\Windows\System32\adsldpc.dll

19:59:15.0367 4184 C:\Windows\System32\adsldpc.dll - ok

19:59:15.0367 4184 [ 93E317D7AD783D8EAEE2E3500BFE889D ] C:\Windows\System32\credui.dll

19:59:15.0367 4184 C:\Windows\System32\credui.dll - ok

19:59:15.0383 4184 [ B9F3FF52B84FD9E3CAFB29B8EE385E5B ] C:\Windows\System32\resutils.dll

19:59:15.0383 4184 C:\Windows\System32\resutils.dll - ok

19:59:15.0383 4184 [ D79D3EABD4730970770EFA530D094E0F ] C:\Program Files\AVAST Software\Avast\snxhk.dll

19:59:15.0383 4184 C:\Program Files\AVAST Software\Avast\snxhk.dll - ok

19:59:15.0398 4184 [ 0E008AD2A6D9FFA8A9BABA7DB2C1C742 ] C:\Program Files\AVAST Software\Avast\defs\13021500\aswAR.dll

19:59:15.0398 4184 C:\Program Files\AVAST Software\Avast\defs\13021500\aswAR.dll - ok

19:59:15.0398 4184 [ 200D4A6CA70D1D8725851FA9A484033E ] C:\Program Files\AVAST Software\Avast\defs\13021500\aswRawFS.dll

19:59:15.0398 4184 C:\Program Files\AVAST Software\Avast\defs\13021500\aswRawFS.dll - ok

19:59:15.0414 4184 [ 0FA9B5055484649D63C303FE404E5F4D ] C:\Windows\System32\drivers\parport.sys

19:59:15.0414 4184 C:\Windows\System32\drivers\parport.sys - ok

19:59:15.0414 4184 [ 3927397AC60D943DAF8808AFFED582B7 ] C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe

19:59:15.0414 4184 C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe - ok

19:59:15.0430 4184 [ 893F8E81D1117C48CB9D6E9E5F64BAB1 ] C:\Program Files\AVAST Software\Avast\Setup\avast.setup

19:59:15.0430 4184 C:\Program Files\AVAST Software\Avast\Setup\avast.setup - ok

19:59:15.0430 4184 [ 80BD4B26E2CBC0D65445D0463DFF6FC2 ] C:\Windows\System32\oledlg.dll

19:59:15.0430 4184 C:\Windows\System32\oledlg.dll - ok

19:59:15.0445 4184 [ FD647CA82ACF232DBE5F20345647B948 ] C:\Windows\AppPatch\AcGenral.dll

19:59:15.0445 4184 C:\Windows\AppPatch\AcGenral.dll - ok

19:59:15.0445 4184 [ F4E1AA5D59C849A4AB47E895DC76B9C8 ] C:\Windows\System32\sfc.dll

19:59:15.0445 4184 C:\Windows\System32\sfc.dll - ok

19:59:15.0461 4184 [ 12BCF4DAD8E5A1B3D5FA7AB4A79DA105 ] C:\Windows\System32\sfc_os.dll

19:59:15.0461 4184 C:\Windows\System32\sfc_os.dll - ok

19:59:15.0461 4184 [ 39E435C90C9C4F780FA0ED05CA3C3A1B ] C:\Windows\System32\agrsmsvc.exe

19:59:15.0461 4184 C:\Windows\System32\agrsmsvc.exe - ok

19:59:15.0476 4184 [ C82162949BBA6CC5D006C7BD008F3CF1 ] C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe

19:59:15.0476 4184 C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe - ok

19:59:15.0476 4184 [ 23D50368E7B7B6ED4E973A0B57C2AD5A ] C:\Program Files\TOSHIBA\ConfigFree\NDSAPI.dll

19:59:15.0476 4184 C:\Program Files\TOSHIBA\ConfigFree\NDSAPI.dll - ok

19:59:15.0492 4184 [ 1EC8EB7B0D502642E01E1F93A8F5927C ] C:\Program Files\TOSHIBA\ConfigFree\CFWlApi.dll

19:59:15.0492 4184 C:\Program Files\TOSHIBA\ConfigFree\CFWlApi.dll - ok

19:59:15.0508 4184 [ 17C0E094BEE5BC03CF491972F71AA6EF ] C:\Windows\System32\wlanapi.dll

19:59:15.0508 4184 C:\Windows\System32\wlanapi.dll - ok

19:59:15.0508 4184 [ 56931BAF613550CE64141BE8153D03AC ] C:\Windows\winsxs\x86_microsoft.vc80.mfc_1fc8b3b9a1e18e3b_8.0.50727.42_none_d6c3e7af9bae13a2\mfc80.dll

19:59:15.0508 4184 C:\Windows\winsxs\x86_microsoft.vc80.mfc_1fc8b3b9a1e18e3b_8.0.50727.42_none_d6c3e7af9bae13a2\mfc80.dll - ok

19:59:15.0523 4184 [ 6397686F43C5C41F36BC9B674B9B9480 ] C:\Program Files\TOSHIBA\ConfigFree\IpAdrSet.dll

19:59:15.0523 4184 C:\Program Files\TOSHIBA\ConfigFree\IpAdrSet.dll - ok

19:59:15.0523 4184 [ 2DD6AF8E97F59C9D39329BBC2A81F13F ] C:\Windows\System32\rasdlg.dll

19:59:15.0523 4184 C:\Windows\System32\rasdlg.dll - ok

19:59:15.0539 4184 [ 56E315ACFB08A177B4D01E42B9044DB5 ] C:\Windows\System32\mprapi.dll

19:59:15.0539 4184 C:\Windows\System32\mprapi.dll - ok

19:59:15.0539 4184 [ AC6EEEF41468F8F30C29FC33647E7FDE ] C:\Windows\winsxs\x86_microsoft.vc80.mfcloc_1fc8b3b9a1e18e3b_8.0.50727.42_none_0e9c2a8d74fd3ce6\mfc80FRA.dll

19:59:15.0539 4184 C:\Windows\winsxs\x86_microsoft.vc80.mfcloc_1fc8b3b9a1e18e3b_8.0.50727.42_none_0e9c2a8d74fd3ce6\mfc80FRA.dll - ok

19:59:15.0554 4184 [ 582F2D900A3AC34C98FBDC2C0ABEF6B9 ] C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTmon.exe

19:59:15.0554 4184 C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTmon.exe - ok

19:59:15.0554 4184 [ AD48183027CAFCEBC322CB9CAC60F9B8 ] C:\Windows\System32\WSDApi.dll

19:59:15.0554 4184 C:\Windows\System32\WSDApi.dll - ok

19:59:15.0570 4184 [ F86293D93760C70ADF4F19E66E3FA5E8 ] C:\Windows\System32\httpapi.dll

19:59:15.0570 4184 C:\Windows\System32\httpapi.dll - ok

19:59:15.0570 4184 [ 4EDA94333BDB75B1BC0A7610BED34F00 ] C:\Windows\System32\fundisc.dll

19:59:15.0570 4184 C:\Windows\System32\fundisc.dll - ok

19:59:15.0570 4184 [ C6FD3425B1ADD739B95DC4D661FF4DD3 ] C:\Windows\System32\PresentationSettings.exe

19:59:15.0586 4184 C:\Windows\System32\PresentationSettings.exe - ok

19:59:15.0586 4184 [ 17FC3EDA0162F513E858B8C8FA7FA6E0 ] C:\Windows\System32\vssapi.dll

19:59:15.0586 4184 C:\Windows\System32\vssapi.dll - ok

19:59:15.0601 4184 [ E7D0F91E44D9D3B2116FA549BDCDB756 ] C:\Windows\System32\wdscore.dll

19:59:15.0601 4184 C:\Windows\System32\wdscore.dll - ok

19:59:15.0601 4184 [ 6ABD253226770EAE1292B4C945ED4B4B ] C:\Windows\System32\msxml3.dll

19:59:15.0601 4184 C:\Windows\System32\msxml3.dll - ok

19:59:15.0617 4184 [ DC3AE9F1554DCD97F90983DDBDACD83D ] C:\Windows\System32\vsstrace.dll

19:59:15.0617 4184 C:\Windows\System32\vsstrace.dll - ok

19:59:15.0617 4184 [ 52E129522C1775DBB8CC252E7A0655C7 ] C:\Windows\System32\taskschd.dll

19:59:15.0617 4184 C:\Windows\System32\taskschd.dll - ok

19:59:15.0617 4184 [ 09469B8EDD2755143FDA06867AAD7E73 ] C:\Windows\System32\cryptnet.dll

19:59:15.0617 4184 C:\Windows\System32\cryptnet.dll - ok

19:59:15.0632 4184 [ EC760B0B76A4353DE49D66520EB2141F ] C:\Windows\System32\SensApi.dll

19:59:15.0632 4184 C:\Windows\System32\SensApi.dll - ok

19:59:15.0632 4184 [ E9E95E7B9527F9899E6DEDEAD894C574 ] C:\Program Files\Intel\Intel Matrix Storage Manager\ISDI.dll

19:59:15.0632 4184 C:\Program Files\Intel\Intel Matrix Storage Manager\ISDI.dll - ok

19:59:15.0648 4184 [ ECB9DE4BDE2F339EFD26C5462A3B0910 ] C:\Program Files\Intel\Intel Matrix Storage Manager\PlugInRAID_FRA.dll

19:59:15.0648 4184 C:\Program Files\Intel\Intel Matrix Storage Manager\PlugInRAID_FRA.dll - ok

Link to post
Share on other sites

2nd 3rd third

==========================================

19:59:15.0648 4184 [ 30F0DC266B46118E9FBCF5B2A30EB1DB ] C:\Windows\System32\wbem\wbemprox.dll

19:59:15.0648 4184 C:\Windows\System32\wbem\wbemprox.dll - ok

19:59:15.0664 4184 [ 74B8C2EA72D43727142D12397D5A49F9 ] C:\Windows\System32\wbemcomn.dll

19:59:15.0664 4184 C:\Windows\System32\wbemcomn.dll - ok

19:59:15.0664 4184 [ 4C937AA8261062ED9781885C6CB61D5E ] C:\Windows\System32\lxctcoms.exe

19:59:15.0664 4184 C:\Windows\System32\lxctcoms.exe - ok

19:59:15.0679 4184 [ 1ACAA67676E9E7BDA5E0C41B6E0DECAF ] E:\Bac\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe

19:59:15.0679 4184 E:\Bac\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe - ok

19:59:15.0679 4184 [ 8624E0E2418413614EE1FECDB7B76B88 ] E:\Bac\Program Files\Malwarebytes' Anti-Malware\mbam.dll

19:59:15.0679 4184 E:\Bac\Program Files\Malwarebytes' Anti-Malware\mbam.dll - ok

19:59:15.0695 4184 [ D4467A285C91752018F67CDBA8680BAB ] E:\Bac\Program Files\Malwarebytes' Anti-Malware\mbamnet.dll

19:59:15.0695 4184 E:\Bac\Program Files\Malwarebytes' Anti-Malware\mbamnet.dll - ok

19:59:15.0710 4184 [ 916B8954AC3E06DC9E898AFFB41F3FB6 ] E:\Bac\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe

19:59:15.0710 4184 E:\Bac\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe - ok

19:59:15.0710 4184 [ 4BE1DCAD76BE96D1EC887A41E570C404 ] E:\Bac\Program Files\Malwarebytes' Anti-Malware\mbamcore.dll

19:59:15.0710 4184 E:\Bac\Program Files\Malwarebytes' Anti-Malware\mbamcore.dll - ok

19:59:15.0726 4184 [ 6349F6ED9C623B44B52EA3C63C831A92 ] C:\Windows\System32\drivers\PEAuth.sys

19:59:15.0726 4184 C:\Windows\System32\drivers\PEAuth.sys - ok

19:59:15.0726 4184 [ F4D9ED6BD74AD7CC0BEC83C43A1CB76B ] C:\Windows\System32\ncsi.dll

19:59:15.0726 4184 C:\Windows\System32\ncsi.dll - ok

19:59:15.0742 4184 [ 01BCD91CC2B0EFDA4890F547010750BD ] C:\Windows\System32\ssdpapi.dll

19:59:15.0742 4184 C:\Windows\System32\ssdpapi.dll - ok

19:59:15.0742 4184 [ 90A3935D05B494A5A39D37E71F09A677 ] C:\Windows\System32\drivers\secdrv.sys

19:59:15.0742 4184 C:\Windows\System32\drivers\secdrv.sys - ok

19:59:15.0757 4184 [ 8C4F0DCC6A5100D48F9B2F950CDD220F ] C:\Program Files\Skype\Updater\Updater.exe

19:59:15.0757 4184 C:\Program Files\Skype\Updater\Updater.exe - ok

19:59:15.0757 4184 [ D0494460421A03CD5225CCA0059AA146 ] C:\Windows\System32\IPSECSVC.DLL

19:59:15.0757 4184 C:\Windows\System32\IPSECSVC.DLL - ok

19:59:15.0773 4184 [ 42608AE9AF2641EE473A1797C25CFFC2 ] C:\Windows\System32\FwRemoteSvr.dll

19:59:15.0773 4184 C:\Windows\System32\FwRemoteSvr.dll - ok

19:59:15.0773 4184 [ 608C345A255D82A6289C2D468EB41FD7 ] C:\Windows\System32\drivers\tcpipreg.sys

19:59:15.0773 4184 C:\Windows\System32\drivers\tcpipreg.sys - ok

19:59:15.0788 4184 [ 1F9A37B633C11EBE5D68137645FA1337 ] C:\Program Files\TOSHIBA\TOSHIBA HD DVD PLAYER\TNaviSrv.exe

19:59:15.0788 4184 C:\Program Files\TOSHIBA\TOSHIBA HD DVD PLAYER\TNaviSrv.exe - ok

19:59:15.0788 4184 [ 0C84B6AFFA7486422235584110D7176F ] C:\Windows\System32\icaapi.dll

19:59:15.0788 4184 C:\Windows\System32\icaapi.dll - ok

19:59:15.0804 4184 [ CCC2E312486AE6B80970211DA472268B ] C:\Program Files\TOSHIBA\TOSHIBA HD DVD PLAYER\mfc80u.dll

19:59:15.0804 4184 C:\Program Files\TOSHIBA\TOSHIBA HD DVD PLAYER\mfc80u.dll - ok

19:59:15.0804 4184 [ 428FF21418ADCD6FAD6189CD9520A67B ] C:\Windows\System32\wiatrace.dll

19:59:15.0804 4184 C:\Windows\System32\wiatrace.dll - ok

19:59:15.0820 4184 [ D540858E65BFA6FDED41AD2495ECE344 ] C:\Windows\System32\TODDSrv.exe

19:59:15.0820 4184 C:\Windows\System32\TODDSrv.exe - ok

19:59:15.0820 4184 [ 4DBA143F06BAD1DF935CB9603140CF2A ] C:\Windows\System32\wsdchngr.dll

19:59:15.0820 4184 C:\Windows\System32\wsdchngr.dll - ok

19:59:15.0820 4184 [ 7853D2AB445C10F97610B2B05FA4CF0A ] E:\Bac\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe

19:59:15.0820 4184 E:\Bac\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe - ok

19:59:15.0835 4184 [ 6A54C28B53C6B50D333C8EE974C6B208 ] C:\Program Files\TOSHIBA\Power Saver\TosCoSrv.exe

19:59:15.0835 4184 C:\Program Files\TOSHIBA\Power Saver\TosCoSrv.exe - ok

19:59:15.0835 4184 [ 22B7710F6037981AFB32602FBE5DC594 ] C:\Program Files\TOSHIBA\Power Saver\TPwrReg.dll

19:59:15.0835 4184 C:\Program Files\TOSHIBA\Power Saver\TPwrReg.dll - ok

19:59:15.0851 4184 [ CCE076BFDDE7D6323FC66543FCFDDC0B ] C:\Program Files\TOSHIBA\Power Saver\TPwrFunc.dll

19:59:15.0851 4184 C:\Program Files\TOSHIBA\Power Saver\TPwrFunc.dll - ok

19:59:15.0866 4184 [ 87843B2DA99051BC66E2D6C211E3D6A4 ] C:\Program Files\TOSHIBA\Bluetooth Toshiba Stack\TosBtSrv.exe

19:59:15.0866 4184 C:\Program Files\TOSHIBA\Bluetooth Toshiba Stack\TosBtSrv.exe - ok

19:59:15.0866 4184 [ DEB9D08750423069647C3A066CEC7A1B ] C:\Windows\System32\tquery.dll

19:59:15.0866 4184 C:\Windows\System32\tquery.dll - ok

19:59:15.0866 4184 [ 2205A220A264E8C8B86492BF3D112907 ] C:\Windows\System32\PortableDeviceApi.dll

19:59:15.0866 4184 C:\Windows\System32\PortableDeviceApi.dll - ok

19:59:15.0882 4184 [ 218B73EA8341EA9FDF018D43052E790A ] C:\Windows\System32\mssrch.dll

19:59:15.0882 4184 C:\Windows\System32\mssrch.dll - ok

19:59:15.0898 4184 [ 1F18B9EA1BBFF033413414C3BEA13AD6 ] C:\Windows\System32\wbem\WinMgmtR.dll

19:59:15.0898 4184 C:\Windows\System32\wbem\WinMgmtR.dll - ok

19:59:15.0898 4184 [ B53BD9E63867CD9FD853F666CA172713 ] C:\Windows\System32\PortableDeviceConnectApi.dll

19:59:15.0898 4184 C:\Windows\System32\PortableDeviceConnectApi.dll - ok

19:59:15.0898 4184 [ AAB5FEAABF4CB6F76D794203831C8D94 ] C:\Windows\System32\msidle.dll

19:59:15.0898 4184 C:\Windows\System32\msidle.dll - ok

19:59:15.0913 4184 [ DD0042F0C3B606A6A8B92D49AFB18AD6 ] C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe

19:59:15.0913 4184 C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe - ok

19:59:15.0929 4184 [ B458B58F7BB97C48D01AC3CF5805AAAC ] C:\Windows\System32\Query.dll

19:59:15.0929 4184 C:\Windows\System32\Query.dll - ok

19:59:15.0929 4184 [ 22DC784B32BEE306A99F50D6DC2460BC ] C:\Windows\System32\esent.dll

19:59:15.0929 4184 C:\Windows\System32\esent.dll - ok

19:59:15.0944 4184 [ F85134BF76CB335A39F8D7BC4173D4FB ] C:\Windows\System32\msscb.dll

19:59:15.0944 4184 C:\Windows\System32\msscb.dll - ok

19:59:15.0944 4184 [ 2EF3BBE22E5A5ACD1428EE387A0D0172 ] C:\Windows\System32\netprofm.dll

19:59:15.0944 4184 C:\Windows\System32\netprofm.dll - ok

19:59:15.0960 4184 [ DFCAB29E8FD38F95650CC1E203E8D318 ] C:\Windows\System32\npmproxy.dll

19:59:15.0960 4184 C:\Windows\System32\npmproxy.dll - ok

19:59:15.0960 4184 [ BF7E4D6F60A6D9E866432855C6F8C262 ] C:\Windows\System32\sqmapi.dll

19:59:15.0960 4184 C:\Windows\System32\sqmapi.dll - ok

19:59:15.0976 4184 [ 1D6B95871DC006190964B04E5657E35F ] C:\Windows\System32\rastapi.dll

19:59:15.0976 4184 C:\Windows\System32\rastapi.dll - ok

19:59:15.0976 4184 [ A952D0DED445F26AEFCF593A935AB300 ] C:\Windows\System32\hnetcfg.dll

19:59:15.0976 4184 C:\Windows\System32\hnetcfg.dll - ok

19:59:15.0991 4184 [ B96B60EC821F86D445C9739A0F3DED59 ] C:\Windows\System32\unimdm.tsp

19:59:15.0991 4184 C:\Windows\System32\unimdm.tsp - ok

19:59:15.0991 4184 [ DFBAADF1B624DC71E88D34D86B3595BE ] C:\Windows\System32\uniplat.dll

19:59:15.0991 4184 C:\Windows\System32\uniplat.dll - ok

19:59:16.0007 4184 [ FC1EEE57EB9CD57279D70BA2A9131C38 ] C:\Windows\System32\wbem\wbemcore.dll

19:59:16.0007 4184 C:\Windows\System32\wbem\wbemcore.dll - ok

19:59:16.0007 4184 [ C10E13721B0AAEBEB5EBA914F1D18181 ] C:\Windows\System32\wbem\esscli.dll

19:59:16.0007 4184 C:\Windows\System32\wbem\esscli.dll - ok

19:59:16.0022 4184 [ BC5A34B6A14C93BF04E3F4E8EA57090A ] C:\Windows\System32\wbem\fastprox.dll

19:59:16.0022 4184 C:\Windows\System32\wbem\fastprox.dll - ok

19:59:16.0022 4184 [ DB0F37DBA4C245C61E5936DDBDE62438 ] C:\Windows\System32\wbem\wbemsvc.dll

19:59:16.0022 4184 C:\Windows\System32\wbem\wbemsvc.dll - ok

19:59:16.0038 4184 [ 2C3B09E586BDA2CC49A292BE7BADC589 ] C:\Windows\System32\wbem\wmiutils.dll

19:59:16.0038 4184 C:\Windows\System32\wbem\wmiutils.dll - ok

19:59:16.0038 4184 [ 834933F16EA839AC5AC7CBF88638DF27 ] C:\Windows\System32\wbem\repdrvfs.dll

19:59:16.0038 4184 C:\Windows\System32\wbem\repdrvfs.dll - ok

19:59:16.0054 4184 [ C2C6C014B96581EC8BF0C8604DE1743E ] C:\Windows\System32\wbem\WmiPrvSD.dll

19:59:16.0054 4184 C:\Windows\System32\wbem\WmiPrvSD.dll - ok

19:59:16.0054 4184 [ 0B71899E60D1265229BF3D080EAB573D ] C:\Windows\System32\unimdmat.dll

19:59:16.0054 4184 C:\Windows\System32\unimdmat.dll - ok

19:59:16.0069 4184 [ A609A192E98934A8D352704C99AB8577 ] C:\Windows\System32\wbem\wbemess.dll

19:59:16.0069 4184 C:\Windows\System32\wbem\wbemess.dll - ok

19:59:16.0069 4184 [ 2E837F3D406224DF131C34BC8F71621E ] C:\Windows\System32\modemui.dll

19:59:16.0069 4184 C:\Windows\System32\modemui.dll - ok

19:59:16.0085 4184 [ 953193A9DEA40348C1086D171F6440AE ] C:\Windows\System32\kmddsp.tsp

19:59:16.0085 4184 C:\Windows\System32\kmddsp.tsp - ok

19:59:16.0085 4184 [ 2F6776ACEFE41EE889C464EA407918F2 ] C:\Windows\System32\ndptsp.tsp

19:59:16.0085 4184 C:\Windows\System32\ndptsp.tsp - ok

19:59:16.0100 4184 [ B4B59AC042EE3733A862F26CBC0B17FC ] C:\Windows\System32\hidphone.tsp

19:59:16.0100 4184 C:\Windows\System32\hidphone.tsp - ok

19:59:16.0100 4184 [ 8B645890A93F1FBBC7DA3E07CC72D762 ] C:\Windows\System32\rasppp.dll

19:59:16.0100 4184 C:\Windows\System32\rasppp.dll - ok

19:59:16.0116 4184 [ 88225070DD2F7B0B2ED51E7935078641 ] C:\Windows\System32\rasqec.dll

19:59:16.0116 4184 C:\Windows\System32\rasqec.dll - ok

19:59:16.0116 4184 [ 248A1F31ABB58DDDDC01490EF0BDC777 ] C:\Windows\System32\cryptui.dll

19:59:16.0116 4184 C:\Windows\System32\cryptui.dll - ok

19:59:16.0132 4184 [ E98E402067978DB38282158F9E8609CA ] C:\Windows\System32\netshell.dll

19:59:16.0132 4184 C:\Windows\System32\netshell.dll - ok

19:59:16.0132 4184 [ 1DFC366D2154EF2B381A7F2CB165C7F4 ] C:\Windows\System32\diagperf.dll

19:59:16.0132 4184 C:\Windows\System32\diagperf.dll - ok

19:59:16.0147 4184 [ FEA6D21F78922D641A0C9346D885133B ] C:\Windows\System32\mssprxy.dll

19:59:16.0147 4184 C:\Windows\System32\mssprxy.dll - ok

19:59:16.0147 4184 [ 21322832C99E8DE85BD047689A2A69DB ] C:\Windows\System32\pnpts.dll

19:59:16.0147 4184 C:\Windows\System32\pnpts.dll - ok

19:59:16.0163 4184 [ F0062778F50838145AC46B384FFB4FA3 ] C:\Windows\System32\pcadm.dll

19:59:16.0163 4184 C:\Windows\System32\pcadm.dll - ok

19:59:16.0178 4184 [ 4EBC60E4209A9491CE1DEFE1538CEBE8 ] C:\Program Files\Intel\Intel Matrix Storage Manager\PlugInRAID.pin

19:59:16.0178 4184 C:\Program Files\Intel\Intel Matrix Storage Manager\PlugInRAID.pin - ok

19:59:16.0178 4184 [ 37722C57489F36565C4DDC2752AAFABD ] C:\Program Files\Intel\Intel Matrix Storage Manager\RAIDWizM.dll

19:59:16.0178 4184 C:\Program Files\Intel\Intel Matrix Storage Manager\RAIDWizM.dll - ok

19:59:16.0194 4184 [ 34F0C5CBA3C2759B5B968A0F187AF85A ] C:\Program Files\Intel\Intel Matrix Storage Manager\RAIDWizD.dll

19:59:16.0194 4184 C:\Program Files\Intel\Intel Matrix Storage Manager\RAIDWizD.dll - ok

19:59:16.0194 4184 [ 2BEDD3CBCD02A3CD62481E8DF1A792C2 ] C:\Program Files\Intel\Intel Matrix Storage Manager\RAIDWizR.dll

19:59:16.0194 4184 C:\Program Files\Intel\Intel Matrix Storage Manager\RAIDWizR.dll - ok

19:59:16.0210 4184 [ BD3472750E35D4735EF202FD5A06D76A ] C:\Program Files\Intel\Intel Matrix Storage Manager\RaidWizCnG.dll

19:59:16.0210 4184 C:\Program Files\Intel\Intel Matrix Storage Manager\RaidWizCnG.dll - ok

19:59:16.0225 4184 [ CD1EAE1495B7A95E280CD433850A81B8 ] C:\Program Files\Intel\Intel Matrix Storage Manager\RAIDWizC.dll

19:59:16.0225 4184 C:\Program Files\Intel\Intel Matrix Storage Manager\RAIDWizC.dll - ok

19:59:16.0225 4184 [ 66755EBF4768FAB6E12CEA6BD85738CD ] C:\Program Files\Intel\Intel Matrix Storage Manager\RAIDWizCFE.dll

19:59:16.0225 4184 C:\Program Files\Intel\Intel Matrix Storage Manager\RAIDWizCFE.dll - ok

19:59:16.0241 4184 [ C7C70AE1DE8F0FCC8F2431C5D15632DF ] C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe

19:59:16.0241 4184 C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe - ok

19:59:16.0241 4184 [ 9A6A653ADF28D9D69670B48F535E6B90 ] C:\Windows\System32\runonce.exe

19:59:16.0256 4184 C:\Windows\System32\runonce.exe - ok

19:59:16.0256 4184 [ 74F26FC01B180D4A99A168ED69C30A53 ] C:\Windows\System32\cmd.exe

19:59:16.0256 4184 C:\Windows\System32\cmd.exe - ok

19:59:16.0272 4184 [ 6080A176D09435FC8E6E800996656E18 ] C:\Windows\System32\conime.exe

19:59:16.0272 4184 C:\Windows\System32\conime.exe - ok

19:59:16.0272 4184 [ 0E816EA3C5DCE94C95099E8B38E75E67 ] C:\Windows\System32\ieframe.dll

19:59:16.0272 4184 C:\Windows\System32\ieframe.dll - ok

19:59:16.0288 4184 [ 178A34E5554DCE485E1262DDF027960C ] C:\Users\A\AppData\Local\Temp\EDACA2DE-55C0-4BDB-AA3C-9792E64B48DE.exe

19:59:16.0288 4184 C:\Users\A\AppData\Local\Temp\EDACA2DE-55C0-4BDB-AA3C-9792E64B48DE.exe - ok

19:59:16.0288 4184 [ 5CAAE5333EF36DB4A8D294418AB37E80 ] C:\Windows\System32\p2pcollab.dll

19:59:16.0288 4184 C:\Windows\System32\p2pcollab.dll - ok

19:59:16.0303 4184 [ 98638A4CA187245C469DA0DEC4F04A45 ] C:\Windows\System32\pautoenr.dll

19:59:16.0303 4184 C:\Windows\System32\pautoenr.dll - ok

19:59:16.0319 4184 [ AC48FD62E22C4425879FCA5A63F50497 ] C:\Windows\System32\certcli.dll

19:59:16.0319 4184 C:\Windows\System32\certcli.dll - ok

19:59:16.0319 4184 [ 0053319C4438CDE659AA75C19BBD22F1 ] C:\Windows\System32\CertEnroll.dll

19:59:16.0319 4184 C:\Windows\System32\CertEnroll.dll - ok

19:59:16.0334 4184 [ 254AC97C9AF4DDF3F5F57855198527B7 ] C:\Windows\System32\wermgr.exe

19:59:16.0334 4184 C:\Windows\System32\wermgr.exe - ok

19:59:16.0334 4184 [ 8BE000F9A0B0FF7194AAEFB02C9BDE99 ] C:\Windows\System32\wer.dll

19:59:16.0334 4184 C:\Windows\System32\wer.dll - ok

19:59:16.0350 4184 [ C8AE490A93C3CC2E537B6E06247785A1 ] C:\Windows\System32\wbem\NCProv.dll

19:59:16.0350 4184 C:\Windows\System32\wbem\NCProv.dll - ok

19:59:16.0350 4184 [ E3F535656B5ABF249702EB64F3CF9AF0 ] C:\Windows\System32\wbem\wbemcons.dll

19:59:16.0350 4184 C:\Windows\System32\wbem\wbemcons.dll - ok

19:59:16.0366 4184 [ 7F19838AC317C34FCED020BE529AF71E ] C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe

19:59:16.0366 4184 C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe - ok

19:59:16.0366 4184 [ 63396CBB1365769D520E0FD89C2419F2 ] C:\Windows\System32\localspl.dll

19:59:16.0366 4184 C:\Windows\System32\localspl.dll - ok

19:59:16.0381 4184 [ E9EB121EB5B7A85C06C91B689ABB8667 ] C:\Windows\System32\lxctlmpm.dll

19:59:16.0381 4184 C:\Windows\System32\lxctlmpm.dll - ok

19:59:16.0381 4184 [ F0AE692B5137640B573D22FF90F38FC3 ] C:\Windows\System32\lxctcomc.dll

19:59:16.0381 4184 C:\Windows\System32\lxctcomc.dll - ok

19:59:16.0397 4184 [ 906E85B7DDFF8AF4FB5B8F39EDB187A4 ] C:\Windows\System32\lxctserv.dll

19:59:16.0397 4184 C:\Windows\System32\lxctserv.dll - ok

19:59:16.0397 4184 [ 15F8FF59ECA198F4404759A481E17FA0 ] C:\Windows\System32\lxctinpa.dll

19:59:16.0397 4184 C:\Windows\System32\lxctinpa.dll - ok

19:59:16.0412 4184 [ 6A88AAA6E2A7866D1E1D2C8FB8DD5B92 ] C:\Windows\System32\lxctiesc.dll

19:59:16.0412 4184 C:\Windows\System32\lxctiesc.dll - ok

19:59:16.0412 4184 [ AF28DADFA9CE266068F5B960CD8456F3 ] C:\Windows\System32\lxctusb1.dll

19:59:16.0412 4184 C:\Windows\System32\lxctusb1.dll - ok

19:59:16.0428 4184 [ C4325CA52037BD89BDA75AB30CD470B9 ] C:\Windows\System32\lxcthbn3.dll

19:59:16.0428 4184 C:\Windows\System32\lxcthbn3.dll - ok

19:59:16.0428 4184 [ B9B3F6D8B8F1E0029C58B304632A729B ] C:\Windows\System32\msonpmon.dll

19:59:16.0428 4184 C:\Windows\System32\msonpmon.dll - ok

19:59:16.0444 4184 [ BB0EB921877A1A7EF15AE2D97A71CBA9 ] C:\Windows\System32\tcpmon.dll

19:59:16.0444 4184 C:\Windows\System32\tcpmon.dll - ok

19:59:16.0444 4184 [ AF24A9DF84637BF9858EC6FB88EBA7B2 ] C:\Windows\System32\snmpapi.dll

19:59:16.0444 4184 C:\Windows\System32\snmpapi.dll - ok

19:59:16.0459 4184 [ 1EDE113859276E4B0F19B80F39E2CC95 ] C:\Windows\System32\wsnmp32.dll

19:59:16.0459 4184 C:\Windows\System32\wsnmp32.dll - ok

19:59:16.0459 4184 [ 5091452DC719281CF1DD69367E13B494 ] C:\Windows\System32\tcpmib.dll

19:59:16.0459 4184 C:\Windows\System32\tcpmib.dll - ok

19:59:16.0459 4184 [ B4F5DE3DAD8E6B97272F45DB97674878 ] C:\Windows\System32\mgmtapi.dll

19:59:16.0475 4184 C:\Windows\System32\mgmtapi.dll - ok

19:59:16.0475 4184 [ E662722D5C50AD1C0E201499E405FD73 ] C:\Windows\System32\TBTMon.dll

19:59:16.0475 4184 C:\Windows\System32\TBTMon.dll - ok

19:59:16.0475 4184 [ DE955D6A5097DC306AF8C9F67E9A5F2D ] C:\Windows\System32\TosBtHcrpAPI.dll

19:59:16.0475 4184 C:\Windows\System32\TosBtHcrpAPI.dll - ok

19:59:16.0490 4184 [ E6E67F4B840FCD0BCA5E1DADB5B575BE ] C:\Windows\System32\TosBtAPI.dll

19:59:16.0490 4184 C:\Windows\System32\TosBtAPI.dll - ok

19:59:16.0490 4184 [ 085F180F10BAD13396CFFADAC5AFB5D9 ] C:\Windows\System32\TosBdAPI.dll

19:59:16.0490 4184 C:\Windows\System32\TosBdAPI.dll - ok

19:59:16.0506 4184 [ 61FB95B6F2A8715282E05C92E4527C5A ] C:\Windows\System32\tbtmon98Language.dll

19:59:16.0506 4184 C:\Windows\System32\tbtmon98Language.dll - ok

19:59:16.0506 4184 [ 0BF0BB276F17B6AD61A8694D2551EC28 ] C:\Windows\System32\usbmon.dll

19:59:16.0506 4184 C:\Windows\System32\usbmon.dll - ok

19:59:16.0522 4184 [ 0EB1CC5EBFCAAB7DBAEE881E2887F7F9 ] C:\Windows\System32\WSDMon.dll

19:59:16.0522 4184 C:\Windows\System32\WSDMon.dll - ok

19:59:16.0522 4184 [ 0148206979121013A3EC269D8A87F30B ] C:\Windows\System32\spool\prtprocs\w32x86\lxctdrpp.dll

19:59:16.0522 4184 C:\Windows\System32\spool\prtprocs\w32x86\lxctdrpp.dll - ok

19:59:16.0537 4184 [ F348280907B38FDBDB3CEF55D456E149 ] C:\Windows\System32\spool\prtprocs\w32x86\msonpppr.dll

19:59:16.0537 4184 C:\Windows\System32\spool\prtprocs\w32x86\msonpppr.dll - ok

19:59:16.0553 4184 [ C90B296C43EDD9DD1751AD3B590ACDE6 ] C:\Windows\System32\win32spl.dll

19:59:16.0553 4184 C:\Windows\System32\win32spl.dll - ok

19:59:16.0553 4184 [ 4BF053944E973C073339BE841C9ECF28 ] C:\Windows\System32\netrap.dll

19:59:16.0553 4184 C:\Windows\System32\netrap.dll - ok

19:59:16.0568 4184 [ E340845C8E96D107C36420065D7A5733 ] C:\Windows\System32\printcom.dll

19:59:16.0568 4184 C:\Windows\System32\printcom.dll - ok

19:59:16.0568 4184 [ 2E8E30F3B318A9FDA5A2485723F4C2B3 ] C:\Windows\System32\inetpp.dll

19:59:16.0568 4184 C:\Windows\System32\inetpp.dll - ok

19:59:16.0584 4184 [ C0B8B96D018849FD8CCF15FED84E8782 ] C:\Windows\System32\ie4uinit.exe

19:59:16.0584 4184 C:\Windows\System32\ie4uinit.exe - ok

19:59:16.0584 4184 [ F0FEFB0B5D25A75D478A4317139D937E ] C:\Windows\System32\iedkcs32.dll

19:59:16.0584 4184 C:\Windows\System32\iedkcs32.dll - ok

19:59:16.0600 4184 [ 4B19A9A4191353007E9819A832B81186 ] C:\Windows\System32\timedate.cpl

19:59:16.0600 4184 C:\Windows\System32\timedate.cpl - ok

19:59:16.0600 4184 [ 8D78BA30DB4AE040A52EDEE725782715 ] C:\Windows\System32\actxprxy.dll

19:59:16.0600 4184 C:\Windows\System32\actxprxy.dll - ok

19:59:16.0615 4184 [ FF41E1AC301F51E16F61AD7C0F45467C ] C:\Windows\System32\msshsq.dll

19:59:16.0615 4184 C:\Windows\System32\msshsq.dll - ok

19:59:16.0615 4184 [ 1CE4A2790EB4A96F4ED1E4264866AFE6 ] C:\Windows\System32\NaturalLanguage6.dll

19:59:16.0615 4184 C:\Windows\System32\NaturalLanguage6.dll - ok

19:59:16.0631 4184 [ 840935DA7EB259D4E870FDF1A6A73C91 ] C:\Windows\System32\NlsData000c.dll

19:59:16.0631 4184 C:\Windows\System32\NlsData000c.dll - ok

19:59:16.0631 4184 [ 11A77885F55ACA1C4BB3B1AC1642CE60 ] C:\Windows\System32\NlsLexicons000c.dll

19:59:16.0631 4184 C:\Windows\System32\NlsLexicons000c.dll - ok

19:59:16.0646 4184 [ 24F90AEFEBE601D427CB4511E74CDCB6 ] C:\Windows\System32\linkinfo.dll

19:59:16.0646 4184 C:\Windows\System32\linkinfo.dll - ok

19:59:16.0646 4184 [ 04044BF8E6989BE45FA718C24407CA28 ] C:\Windows\System32\networkexplorer.dll

19:59:16.0646 4184 C:\Windows\System32\networkexplorer.dll - ok

19:59:16.0662 4184 [ AFD400AEBCAB252C99E60991FF00D9D2 ] C:\Program Files\TOSHIBA\Utilities\KeNotify.exe

19:59:16.0662 4184 C:\Program Files\TOSHIBA\Utilities\KeNotify.exe - ok

19:59:16.0662 4184 [ E44C7D6F8D665DA2D9385E5E15EDEEF7 ] C:\Windows\System32\consent.exe

19:59:16.0662 4184 C:\Windows\System32\consent.exe - ok

19:59:16.0678 4184 [ DE7F813217EC88C0A6D4D8F2F39D7949 ] C:\Windows\System32\msiltcfg.dll

19:59:16.0678 4184 C:\Windows\System32\msiltcfg.dll - ok

19:59:16.0678 4184 [ 5016B8FC59AD616F03813FBE63295081 ] C:\Windows\System32\thumbcache.dll

19:59:16.0678 4184 C:\Windows\System32\thumbcache.dll - ok

19:59:16.0693 4184 [ BADC359C9A0D9C217B7E8DA17BF3F5BB ] C:\Windows\System32\ntshrui.dll

19:59:16.0693 4184 C:\Windows\System32\ntshrui.dll - ok

19:59:16.0693 4184 [ 61216539E55DDF2F78E421E7EF140650 ] C:\Windows\System32\ExplorerFrame.dll

19:59:16.0693 4184 C:\Windows\System32\ExplorerFrame.dll - ok

19:59:16.0709 4184 [ 790222D6CCFC576F0D07D418E6115D85 ] C:\Program Files\Windows Calendar\WinCal.exe

19:59:16.0709 4184 C:\Program Files\Windows Calendar\WinCal.exe - ok

19:59:16.0709 4184 [ B5950DF243837D8217F4E597919B224A ] C:\Windows\System32\stobject.dll

19:59:16.0709 4184 C:\Windows\System32\stobject.dll - ok

19:59:16.0724 4184 [ EC69B16644C613F41A57169F8D068F1D ] C:\Windows\System32\batmeter.dll

19:59:16.0724 4184 C:\Windows\System32\batmeter.dll - ok

19:59:16.0724 4184 [ 06164026C38AA5366E4D127E2E36FDE8 ] C:\Program Files\Windows Mail\wab.exe

19:59:16.0724 4184 C:\Program Files\Windows Mail\wab.exe - ok

19:59:16.0740 4184 [ 395335431AD55C167CFDBBAB8420DA73 ] C:\Program Files\Movie Maker\DVDMaker.exe

19:59:16.0740 4184 C:\Program Files\Movie Maker\DVDMaker.exe - ok

19:59:16.0756 4184 [ 52BC119E49F88F2A5D1466230B1275C7 ] C:\Program Files\Windows Collaboration\WinCollab.exe

19:59:16.0756 4184 C:\Program Files\Windows Collaboration\WinCollab.exe - ok

19:59:16.0756 4184 [ C03AC1FBCD625F93D2C245D97E06F270 ] C:\Program Files\Windows Photo Gallery\WindowsPhotoGallery.exe

19:59:16.0756 4184 C:\Program Files\Windows Photo Gallery\WindowsPhotoGallery.exe - ok

19:59:16.0771 4184 [ 027E5E14C9CFF810377701BDEAD8210F ] C:\Windows\System32\control.exe

19:59:16.0771 4184 C:\Windows\System32\control.exe - ok

19:59:16.0771 4184 [ 30F02D9C55053367E26A11482F51E255 ] C:\Windows\System32\SndVolSSO.dll

19:59:16.0771 4184 C:\Windows\System32\SndVolSSO.dll - ok

19:59:16.0787 4184 [ 313B30189557A2E2793F845DE0F0A4D5 ] C:\Windows\ehome\ehSSO.dll

19:59:16.0787 4184 C:\Windows\ehome\ehSSO.dll - ok

19:59:16.0802 4184 [ 75AD59B9B12EB194486BE8D97B062994 ] C:\Windows\System32\pnidui.dll

19:59:16.0802 4184 C:\Windows\System32\pnidui.dll - ok

19:59:16.0802 4184 [ B7ED332A57FC78CA29E40D3619550225 ] C:\Windows\ehome\ehshell.exe

19:59:16.0802 4184 C:\Windows\ehome\ehshell.exe - ok

19:59:16.0818 4184 [ ABAEAEE763E287BDD39094C4165E1F3F ] C:\Windows\System32\fdProxy.dll

19:59:16.0818 4184 C:\Windows\System32\fdProxy.dll - ok

19:59:16.0818 4184 [ E8FE2998200DBD6FA80D253F136713BA ] C:\Program Files\TOSHIBA\Utilities\SVPWUTIL.exe

19:59:16.0818 4184 C:\Program Files\TOSHIBA\Utilities\SVPWUTIL.exe - ok

19:59:16.0834 4184 [ C4AB08459CD7B59B410ACFC04D90E87B ] C:\Program Files\Movie Maker\MOVIEMK.exe

19:59:16.0834 4184 C:\Program Files\Movie Maker\MOVIEMK.exe - ok

19:59:16.0834 4184 [ 4BAEC13BCAA595639EBB5185278DEFEA ] C:\Windows\System32\fdWSD.dll

19:59:16.0834 4184 C:\Windows\System32\fdWSD.dll - ok

19:59:16.0849 4184 [ 3EB6D30D82F0E300FCFBAD0498F654FD ] C:\Windows\System32\mlang.dll

19:59:16.0849 4184 C:\Windows\System32\mlang.dll - ok

19:59:16.0865 4184 [ 443C5961CACD4ABC16648874AF06E4A0 ] C:\Windows\System32\fdSSDP.dll

19:59:16.0865 4184 C:\Windows\System32\fdSSDP.dll - ok

19:59:16.0865 4184 [ 069385484EA57B663D688894C88975C5 ] C:\Windows\System32\wuapp.exe

19:59:16.0865 4184 C:\Windows\System32\wuapp.exe - ok

19:59:16.0880 4184 [ 35937EAD711207544E219C2A19A78A7D ] C:\Program Files\Windows Media Player\wmpnscfg.exe

19:59:16.0880 4184 C:\Program Files\Windows Media Player\wmpnscfg.exe - ok

19:59:16.0880 4184 [ F5EF0675D6EC37F81F8794AEC9630BE0 ] C:\Program Files\TOSHIBA\Power Saver\TPwrMain.exe

19:59:16.0880 4184 C:\Program Files\TOSHIBA\Power Saver\TPwrMain.exe - ok

19:59:16.0896 4184 [ E46A4765F8E6D631C9C9CB0B083602F5 ] C:\Program Files\Windows Media Player\wmpnssci.dll

19:59:16.0896 4184 C:\Program Files\Windows Media Player\wmpnssci.dll - ok

19:59:16.0896 4184 [ 4A839160ED1963F9A1526DDA2D1233B2 ] C:\Windows\System32\AltTab.dll

19:59:16.0896 4184 C:\Windows\System32\AltTab.dll - ok

19:59:16.0912 4184 [ 6B5C53E0932C510606D700B7A896EF73 ] C:\Windows\System32\WPDShServiceObj.dll

19:59:16.0912 4184 C:\Windows\System32\WPDShServiceObj.dll - ok

19:59:16.0912 4184 [ 15058804D8A48C67C007DD1D797CC72A ] C:\Program Files\TOSHIBA\TBS\HSON.exe

19:59:16.0912 4184 C:\Program Files\TOSHIBA\TBS\HSON.exe - ok

19:59:16.0927 4184 [ 883D02AB5D350BC45E0F60E8CFA97FDC ] C:\Windows\System32\PortableDeviceTypes.dll

19:59:16.0927 4184 C:\Windows\System32\PortableDeviceTypes.dll - ok

19:59:16.0974 4184 [ 1FD7BBB8C48017277F552DE09AE9BF1F ] C:\Program Files\TOSHIBA\SmoothView\SmoothView.exe

19:59:16.0974 4184 C:\Program Files\TOSHIBA\SmoothView\SmoothView.exe - ok

19:59:16.0974 4184 [ 648AB74D9C104FB500B6C4EEDC6A8772 ] C:\Windows\System32\wmpmde.dll

19:59:16.0974 4184 C:\Windows\System32\wmpmde.dll - ok

19:59:16.0990 4184 [ EF24642D5FB52A1EEF56DE9E47CBB993 ] C:\Windows\System32\mfc42.dll

19:59:16.0990 4184 C:\Windows\System32\mfc42.dll - ok

19:59:16.0990 4184 [ 866CD9A4BF30B79B3BEC2D4E2ED2F059 ] C:\Windows\RtHDVCpl.exe

19:59:16.0990 4184 C:\Windows\RtHDVCpl.exe - ok

19:59:17.0005 4184 [ 744F08CF9ACFFB1C715191D04DEEE907 ] C:\Windows\System32\srchadmin.dll

19:59:17.0005 4184 C:\Windows\System32\srchadmin.dll - ok

19:59:17.0005 4184 [ 862363973DCBCC31DD161EF41A69153C ] C:\Windows\System32\odbc32.dll

19:59:17.0005 4184 C:\Windows\System32\odbc32.dll - ok

19:59:17.0021 4184 [ 6D7EA1B6C6DF62E016605B381F411AC4 ] C:\Program Files\TOSHIBA\FlashCards\TCrdMain.exe

19:59:17.0021 4184 C:\Program Files\TOSHIBA\FlashCards\TCrdMain.exe - ok

19:59:17.0036 4184 [ 5193DE33F3284C447E0D31DAFBF92570 ] C:\Windows\System32\webcheck.dll

19:59:17.0036 4184 C:\Windows\System32\webcheck.dll - ok

19:59:17.0036 4184 [ 67D16247C56C26A4F0D79D1A7F272B8F ] C:\Windows\System32\mf.dll

19:59:17.0036 4184 C:\Windows\System32\mf.dll - ok

19:59:17.0036 4184 [ 0DAAF8032546D1B4543D7B101B53FD6C ] C:\Windows\System32\odbcint.dll

19:59:17.0052 4184 C:\Windows\System32\odbcint.dll - ok

19:59:17.0052 4184 [ 4ACEA0C4BB15ACE55E3AE5EC4E88DD55 ] C:\Windows\System32\SyncCenter.dll

19:59:17.0052 4184 C:\Windows\System32\SyncCenter.dll - ok

19:59:17.0068 4184 [ 705CE4B7389A9BC7BC70BB381E4540D2 ] C:\Windows\System32\SPCtl.dll

19:59:17.0068 4184 C:\Windows\System32\SPCtl.dll - ok

19:59:17.0068 4184 [ 0B5AC46982E77CAF3EC1D55C9AC6AB56 ] C:\Windows\System32\wscntfy.dll

19:59:17.0068 4184 C:\Windows\System32\wscntfy.dll - ok

19:59:17.0083 4184 [ 2495C4204C63678F8FD5D488CA7DAD26 ] C:\Windows\System32\evr.dll

19:59:17.0083 4184 C:\Windows\System32\evr.dll - ok

19:59:17.0083 4184 [ 7ADD03E75BEB9E6DD102C3081D29840A ] C:\Windows\System32\drivers\cdfs.sys

19:59:17.0083 4184 C:\Windows\System32\drivers\cdfs.sys - ok

19:59:17.0099 4184 [ C0ABD66F31C0B84CD944802E6D3D02C2 ] C:\Windows\System32\bthprops.cpl

19:59:17.0099 4184 C:\Windows\System32\bthprops.cpl - ok

19:59:17.0099 4184 [ E1FAAF7915BC07352CCF1DFF37058414 ] C:\Program Files\TOSHIBA\Toshiba Online Product Information\TOPI.exe

19:59:17.0099 4184 C:\Program Files\TOSHIBA\Toshiba Online Product Information\TOPI.exe - ok

19:59:17.0114 4184 [ 4DF10CE50010D70152944B51E03588B0 ] C:\Windows\System32\wmdrmsdk.dll

19:59:17.0114 4184 C:\Windows\System32\wmdrmsdk.dll - ok

19:59:17.0114 4184 [ 9B0726A03B790E5B82BED44D24009BEF ] C:\Windows\System32\imapi2.dll

19:59:17.0114 4184 C:\Windows\System32\imapi2.dll - ok

19:59:17.0130 4184 [ EEAB9DF84B132F78C909CD8061A4076C ] C:\Program Files\TOSHIBA\ConfigFree\NDSTray.exe

19:59:17.0130 4184 C:\Program Files\TOSHIBA\ConfigFree\NDSTray.exe - ok

19:59:17.0146 4184 [ 77BA12557358DA6798DBCD9C69BD0E65 ] C:\Program Files\TOSHIBA\Power Saver\TtosFunc.dll

19:59:17.0146 4184 C:\Program Files\TOSHIBA\Power Saver\TtosFunc.dll - ok

19:59:17.0146 4184 [ EFD278F8129EE12F1D4AE0250494B791 ] C:\Windows\System32\dxva2.dll

19:59:17.0146 4184 C:\Windows\System32\dxva2.dll - ok

19:59:17.0161 4184 [ 8180B57AB18361E44734CDC76DB4846D ] C:\Windows\System32\EBLib.DLL

19:59:17.0161 4184 C:\Windows\System32\EBLib.DLL - ok

19:59:17.0161 4184 [ 84B8827562B005C118CADBA0F25DB2C6 ] C:\Windows\System32\dsound.dll

19:59:17.0161 4184 C:\Windows\System32\dsound.dll - ok

19:59:17.0177 4184 [ 3192ED5E2FFDF5B630541B9643AE1AA3 ] C:\Windows\System32\upnp.dll

19:59:17.0177 4184 C:\Windows\System32\upnp.dll - ok

19:59:17.0224 4184 [ 84D370C0C6DA57F0A7F2F08805934F91 ] C:\Program Files\TOSHIBA\ConfigFree\CFUPNP.dll

19:59:17.0224 4184 C:\Program Files\TOSHIBA\ConfigFree\CFUPNP.dll - ok

19:59:17.0239 4184 [ 0B988393D6BB43B5E2C615EEAFC5E4F4 ] C:\Program Files\TOSHIBA\Power Saver\TCooling.dll

19:59:17.0239 4184 C:\Program Files\TOSHIBA\Power Saver\TCooling.dll - ok

19:59:17.0255 4184 [ 015E99A7634B93E8BB0380C70F3D2CC3 ] C:\Windows\System32\wmp.dll

19:59:17.0255 4184 C:\Windows\System32\wmp.dll - ok

19:59:17.0255 4184 [ 5F5764E4046019031C7445541D728721 ] C:\Program Files\IDM\Desktop SMS\DesktopSMS.exe

19:59:17.0255 4184 C:\Program Files\IDM\Desktop SMS\DesktopSMS.exe - ok

19:59:17.0270 4184 [ 98C77FD99F3DB37B2C03F32B8F837B65 ] C:\Windows\System32\mapi32.dll

19:59:17.0270 4184 C:\Windows\System32\mapi32.dll - ok

19:59:17.0270 4184 [ EACACA0F2FF4CC54A909E3C5721FCDE8 ] C:\Windows\System32\msvfw32.dll

19:59:17.0270 4184 C:\Windows\System32\msvfw32.dll - ok

19:59:17.0286 4184 [ 9441A231C0AA0712F7CF3B10D9CFCF76 ] C:\Windows\System32\wmploc.DLL

19:59:17.0286 4184 C:\Windows\System32\wmploc.DLL - ok

19:59:17.0286 4184 [ 21835B95A455B8D7BB4D7AD2ABADC28C ] C:\Program Files\TOSHIBA\ConfigFree\CFP2API.dll

19:59:17.0286 4184 C:\Program Files\TOSHIBA\ConfigFree\CFP2API.dll - ok

19:59:17.0302 4184 [ A6FA5D45ACF2E855F890FAC505EFEDB2 ] C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsec.dll

19:59:17.0302 4184 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsec.dll - ok

19:59:17.0302 4184 [ C297A92852F494ED69A5EC0CC2AF9B89 ] C:\Windows\winsxs\x86_microsoft.vc80.mfc_1fc8b3b9a1e18e3b_8.0.50727.42_none_d6c3e7af9bae13a2\mfc80u.dll

19:59:17.0302 4184 C:\Windows\winsxs\x86_microsoft.vc80.mfc_1fc8b3b9a1e18e3b_8.0.50727.42_none_d6c3e7af9bae13a2\mfc80u.dll - ok

19:59:17.0317 4184 [ 617F9A5813E69F6E9ED94B811EC75396 ] C:\Windows\System32\wmpps.dll

19:59:17.0317 4184 C:\Windows\System32\wmpps.dll - ok

19:59:17.0317 4184 [ 1AFA1CBBB859A9F335FEC2F8CF3D5D0B ] C:\Windows\SkyTel.exe

19:59:17.0317 4184 C:\Windows\SkyTel.exe - ok

19:59:17.0333 4184 [ 1FBBC1DABA901FAF7F52AE1FD010BB44 ] C:\Program Files\TOSHIBA\Power Saver\TOddPwr.dll

19:59:17.0333 4184 C:\Program Files\TOSHIBA\Power Saver\TOddPwr.dll - ok

19:59:17.0348 4184 [ A8E2F76F136A0E664B68A48028D4AF93 ] C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorjit.dll

19:59:17.0348 4184 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorjit.dll - ok

19:59:17.0348 4184 [ B29E8BE2252F53E9A82F36DD5499FE63 ] C:\Program Files\TOSHIBA\ConfigFree\OpenProp.dll

19:59:17.0348 4184 C:\Program Files\TOSHIBA\ConfigFree\OpenProp.dll - ok

19:59:17.0364 4184 [ 0CFCDE5D9D074D96B78D1F1CBF1AAB1D ] C:\Windows\System32\riched20.dll

19:59:17.0364 4184 C:\Windows\System32\riched20.dll - ok

19:59:17.0364 4184 [ CC777A4D95F2EE7EBB4CCD0A31420094 ] C:\Program Files\TOSHIBA\ConfigFree\NDSParts.dll

19:59:17.0364 4184 C:\Program Files\TOSHIBA\ConfigFree\NDSParts.dll - ok

19:59:17.0380 4184 [ 033FF248550305ED52ED2D2844A8A11B ] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe

19:59:17.0380 4184 C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe - ok

19:59:17.0380 4184 [ A93FFCC769BEB9642946CD86BBC2217F ] C:\Program Files\TOSHIBA\Power Saver\TPwrSrv.dll

19:59:17.0380 4184 C:\Program Files\TOSHIBA\Power Saver\TPwrSrv.dll - ok

19:59:17.0395 4184 [ DEFFED4DDF802E2A64AB06D4EDCCB84B ] C:\Program Files\Camera Assistant Software for Toshiba\traybar.exe

19:59:17.0395 4184 C:\Program Files\Camera Assistant Software for Toshiba\traybar.exe - ok

19:59:17.0395 4184 [ 108C49BB443E08DBE065A66DE758B5BA ] C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\78157a494dc9a7e52be8840decfcd9cc\System.Drawing.ni.dll

19:59:17.0411 4184 C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\78157a494dc9a7e52be8840decfcd9cc\System.Drawing.ni.dll - ok

19:59:17.0411 4184 [ A872DA843C321EA3583C7B603D50148A ] C:\Program Files\TOSHIBA\ConfigFree\NDSNLS.dll

19:59:17.0411 4184 C:\Program Files\TOSHIBA\ConfigFree\NDSNLS.dll - ok

19:59:17.0411 4184 [ 85948695C8A021EC8ACCBFFED8906D97 ] C:\Program Files\Synaptics\SynTP\SynTPStart.exe

19:59:17.0426 4184 C:\Program Files\Synaptics\SynTP\SynTPStart.exe - ok

19:59:17.0426 4184 [ 4EB0C6C3EF4D8885CF2B5D0062F31E44 ] C:\Program Files\DivX\DivX Update\DivXUpdate.exe

19:59:17.0426 4184 C:\Program Files\DivX\DivX Update\DivXUpdate.exe - ok

19:59:17.0442 4184 [ 0B3595A4FF0B36D68E5FC67FD7D70FDC ] C:\Windows\winsxs\x86_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.6195_none_d09154e044272b9a\msvcp80.dll

19:59:17.0442 4184 C:\Windows\winsxs\x86_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.6195_none_d09154e044272b9a\msvcp80.dll - ok

19:59:17.0442 4184 [ 12916E0642E92561C98B18A2A2D01B14 ] C:\Program Files\Common Files\Java\Java Update\jusched.exe

19:59:17.0442 4184 C:\Program Files\Common Files\Java\Java Update\jusched.exe - ok

19:59:17.0458 4184 [ EB4CDF2ECA64FBACAFBAD2B04B1B2862 ] C:\Program Files\DivX\DivX Update\DivXUpdateCheck.dll

19:59:17.0458 4184 C:\Program Files\DivX\DivX Update\DivXUpdateCheck.dll - ok

19:59:17.0458 4184 [ 785D56C39EE6DADEA5F0FE6D558C6A3B ] E:\Bac\Program Files\VDownloader\VDownloader.exe

19:59:17.0458 4184 E:\Bac\Program Files\VDownloader\VDownloader.exe - ok

19:59:17.0473 4184 [ 3CB07566302BCEEB898DE270A0BEC175 ] C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe

19:59:17.0473 4184 C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe - ok

19:59:17.0473 4184 [ 19A8F2AA9E5473D07F3E1FA8E32FEDB3 ] C:\Program Files\Wetelecom\LoadMdm.exe

19:59:17.0473 4184 C:\Program Files\Wetelecom\LoadMdm.exe - ok

19:59:17.0489 4184 [ F7BC2822F0388C6DBCE3CD179E1075BF ] C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\e64304962098e90f0d3f4c33c1b080a6\System.Windows.Forms.ni.dll

19:59:17.0489 4184 C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\e64304962098e90f0d3f4c33c1b080a6\System.Windows.Forms.ni.dll - ok

19:59:17.0489 4184 [ 9E35FF7F943AE0FB89192BFE058B7FD4 ] C:\Program Files\Windows Sidebar\sidebar.exe

19:59:17.0489 4184 C:\Program Files\Windows Sidebar\sidebar.exe - ok

19:59:17.0504 4184 [ 002835A0AFFF66D5A7B7FB266A6AA368 ] C:\Program Files\TOSHIBA\TOSCDSPD\TOSCDSPD.exe

19:59:17.0504 4184 C:\Program Files\TOSHIBA\TOSCDSPD\TOSCDSPD.exe - ok

19:59:17.0536 4184 [ 5D61BE7DB55B026A5D61A3EED09D0EAD ] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe

19:59:17.0536 4184 C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe - ok

19:59:17.0551 4184 [ BF08674925F151BD4537B89A493E3E0C ] C:\Windows\ehome\ehtray.exe

19:59:17.0551 4184 C:\Windows\ehome\ehtray.exe - ok

19:59:17.0551 4184 [ F466CA13D7025A3D53AB2A905D345819 ] C:\Program Files\TOSHIBA\Registration\ToshibaRegistration.exe

19:59:17.0551 4184 C:\Program Files\TOSHIBA\Registration\ToshibaRegistration.exe - ok

19:59:17.0567 4184 [ 000AB9E4783BCFCF01FF0183AFD40D67 ] C:\Program Files\TOSHIBA\Power Saver\T1394Pwr.dll

19:59:17.0567 4184 C:\Program Files\TOSHIBA\Power Saver\T1394Pwr.dll - ok

19:59:17.0582 4184 [ EDD5A412B10F21CE705B51977B3D7137 ] C:\Program Files\Intel\Intel Matrix Storage Manager\IAAMON_FRA.dll

19:59:17.0582 4184 C:\Program Files\Intel\Intel Matrix Storage Manager\IAAMON_FRA.dll - ok

19:59:17.0582 4184 [ E681281D9BFC9D45D3B72532717E5880 ] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe

19:59:17.0582 4184 C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe - ok

19:59:17.0598 4184 [ AB530FDD34C67B497A20171D1234CFE9 ] C:\Windows\System32\riched32.dll

19:59:17.0598 4184 C:\Windows\System32\riched32.dll - ok

19:59:17.0598 4184 [ 76E7410B3A308F6960D3CE06DC7874AD ] C:\Program Files\Google\GoogleToolbarNotifier\5.7.8313.1002\gtn.dll

19:59:17.0598 4184 C:\Program Files\Google\GoogleToolbarNotifier\5.7.8313.1002\gtn.dll - ok

19:59:17.0614 4184 [ 497F27E279C0F921E2130BB89C1CB5CA ] C:\Program Files\Skype\Phone\Skype.exe

19:59:17.0614 4184 C:\Program Files\Skype\Phone\Skype.exe - ok

19:59:17.0614 4184 [ 083649EF692A066880C9326020915AFE ] C:\Program Files\AVAST Software\Avast\AvastUI.exe

19:59:17.0614 4184 C:\Program Files\AVAST Software\Avast\AvastUI.exe - ok

19:59:17.0629 4184 [ E589F7DF4F9B0E8E857022256F447F6E ] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe

19:59:17.0629 4184 C:\Program Files\Synaptics\SynTP\SynTPEnh.exe - ok

19:59:17.0629 4184 [ 8E59B57506504E632DE6C48E64AAAC0D ] C:\Program Files\TOSHIBA\Toshiba Online Product Information\fr\TOPI.resources.dll

19:59:17.0629 4184 C:\Program Files\TOSHIBA\Toshiba Online Product Information\fr\TOPI.resources.dll - ok

19:59:17.0645 4184 [ 69F04354148A3A4C13E4B4731F307AD2 ] C:\Windows\assembly\NativeImages_v2.0.50727_32\TCrdMain\8bdc0fd7faad9446b2823a50a4708e7b\TCrdMain.ni.exe

19:59:17.0645 4184 C:\Windows\assembly\NativeImages_v2.0.50727_32\TCrdMain\8bdc0fd7faad9446b2823a50a4708e7b\TCrdMain.ni.exe - ok

19:59:17.0660 4184 [ 4C9521159A1236466CB2365AE02C3B88 ] C:\Program Files\TOSHIBA\Bluetooth Toshiba Stack\TosBtMng.exe

19:59:17.0660 4184 C:\Program Files\TOSHIBA\Bluetooth Toshiba Stack\TosBtMng.exe - ok

19:59:17.0660 4184 [ 5AA4DF6CD3C96086955064BEC1CD0C9B ] C:\Program Files\Adobe\Reader 10.0\Reader\AcroRd32.exe

19:59:17.0660 4184 C:\Program Files\Adobe\Reader 10.0\Reader\AcroRd32.exe - ok

19:59:17.0676 4184 [ BD713579A87D698E1F2158CE10E48130 ] C:\Program Files\McAfee Security Scan\3.0.318\SSScheduler.exe

19:59:17.0676 4184 C:\Program Files\McAfee Security Scan\3.0.318\SSScheduler.exe - ok

19:59:17.0676 4184 [ 9EEA44241049616766BEEFD14D3B30AC ] C:\Windows\System32\Macromed\Flash\FlashUtil32_11_5_502_149_Plugin.exe

19:59:17.0676 4184 C:\Windows\System32\Macromed\Flash\FlashUtil32_11_5_502_149_Plugin.exe - ok

19:59:17.0692 4184 [ 7E38DA8C11833B99766A97CEE3F80F07 ] C:\Windows\System32\oleaccrc.dll

19:59:17.0692 4184 C:\Windows\System32\oleaccrc.dll - ok

19:59:17.0692 4184 [ 8D8D9B608DFAF8447315CDC90B7CD189 ] C:\Users\A\AppData\Local\Temp\{182A6AA2-BB40-41CB-A80C-741FC1E0F881}\fpb.tmp

19:59:17.0692 4184 C:\Users\A\AppData\Local\Temp\{182A6AA2-BB40-41CB-A80C-741FC1E0F881}\fpb.tmp - ok

19:59:17.0707 4184 [ 179EED57FED3C7422A559633641032BA ] C:\Program Files\AVAST Software\Avast\aswUtil.dll

19:59:17.0707 4184 C:\Program Files\AVAST Software\Avast\aswUtil.dll - ok

19:59:17.0707 4184 [ 9495FCC01D7AB7B60E5B8BA7AEFE9E3D ] C:\Windows\System32\wbem\WmiPrvSE.exe

19:59:17.0707 4184 C:\Windows\System32\wbem\WmiPrvSE.exe - ok

19:59:17.0723 4184 [ C5A75EB48E2344ABDC162BDA79E16841 ] C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe

19:59:17.0723 4184 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe - ok

19:59:17.0723 4184 [ F723422A11CD6FA13036746272200993 ] C:\Windows\System32\wbem\cimwin32.dll

19:59:17.0723 4184 C:\Windows\System32\wbem\cimwin32.dll - ok

19:59:17.0738 4184 [ E5F7C30EDF0892667933BE879F067D67 ] C:\Windows\System32\msvcr100_clr0400.dll

19:59:17.0738 4184 C:\Windows\System32\msvcr100_clr0400.dll - ok

19:59:17.0738 4184 [ 67BB7141F7F5F37411F796943B3418B6 ] C:\Windows\System32\framedynos.dll

19:59:17.0738 4184 C:\Windows\System32\framedynos.dll - ok

19:59:17.0754 4184 [ 2FAD69503166BF30ED15B64DAA1B116D ] C:\Program Files\OpenOffice.org 3\program\quickstart.exe

19:59:17.0754 4184 C:\Program Files\OpenOffice.org 3\program\quickstart.exe - ok

19:59:17.0770 4184 [ 87CDFFCBD09C1CA03A068343D5D93250 ] C:\Windows\System32\wmi.dll

19:59:17.0770 4184 C:\Windows\System32\wmi.dll - ok

19:59:17.0770 4184 [ 917A728A12F25FCF4636858FAC9979FA ] C:\Program Files\Google\GoogleToolbarNotifier\5.7.8313.1002\swg.dll

19:59:17.0770 4184 C:\Program Files\Google\GoogleToolbarNotifier\5.7.8313.1002\swg.dll - ok

19:59:17.0785 4184 [ 81ADBC4E31A721AEF23251A952049BA2 ] C:\Program Files\Adobe\Reader 10.0\Reader\reader_sl.exe

19:59:17.0785 4184 C:\Program Files\Adobe\Reader 10.0\Reader\reader_sl.exe - ok

19:59:17.0785 4184 [ F075CC087451A6B4809CDFE3282A11CA ] C:\Windows\System32\SynCOM.dll

19:59:17.0785 4184 C:\Windows\System32\SynCOM.dll - ok

19:59:17.0801 4184 [ 77EF8A15FE6D465965C97848A88DF4DC ] C:\Windows\System32\SynTPAPI.dll

19:59:17.0801 4184 C:\Windows\System32\SynTPAPI.dll - ok

19:59:17.0816 4184 [ BC46BB6CAA84CE174D5274C310442B5A ] C:\Program Files\TOSHIBA\Bluetooth Toshiba Stack\TosCpsAPI.dll

19:59:17.0816 4184 C:\Program Files\TOSHIBA\Bluetooth Toshiba Stack\TosCpsAPI.dll - ok

19:59:17.0816 4184 [ 698EB1E5F8C66344D97C00B5699E871D ] C:\Program Files\Internet Explorer\iexplore.exe

19:59:17.0816 4184 C:\Program Files\Internet Explorer\iexplore.exe - ok

19:59:17.0832 4184 [ 31D5525C287C2C631E75DB9FE67067F6 ] C:\Windows\assembly\GAC_MSIL\System.Windows.Forms.resources\2.0.0.0_fr_b77a5c561934e089\System.Windows.Forms.Resources.dll

19:59:17.0832 4184 C:\Windows\assembly\GAC_MSIL\System.Windows.Forms.resources\2.0.0.0_fr_b77a5c561934e089\System.Windows.Forms.Resources.dll - ok

19:59:17.0832 4184 [ 1E4EFE37B80FC071587AB8762A2BEF74 ] C:\Program Files\TOSHIBA\Power Saver\TSDPwr.dll

19:59:17.0832 4184 C:\Program Files\TOSHIBA\Power Saver\TSDPwr.dll - ok

19:59:17.0848 4184 [ E7E49ED14A52D839DAD6A7EF0251C16F ] C:\Program Files\Camera Assistant Software for Toshiba\hookdll.dll

19:59:17.0848 4184 C:\Program Files\Camera Assistant Software for Toshiba\hookdll.dll - ok

19:59:17.0863 4184 [ E16A486409F6B0604C7470FB079A0298 ] C:\Program Files\TOSHIBA\Bluetooth Toshiba Stack\TosBtMngHelp.dll

19:59:17.0863 4184 C:\Program Files\TOSHIBA\Bluetooth Toshiba Stack\TosBtMngHelp.dll - ok

19:59:17.0863 4184 [ 05B6A5CE1C7767C32DF35966107CB1EC ] C:\Windows\System32\hhctrl.ocx

19:59:17.0863 4184 C:\Windows\System32\hhctrl.ocx - ok

19:59:17.0879 4184 [ E632BB2D397BA9FBBC7199AB80783466 ] C:\Program Files\IDM\Desktop SMS\oehook.dll

19:59:17.0879 4184 C:\Program Files\IDM\Desktop SMS\oehook.dll - ok

19:59:17.0879 4184 [ 749949494676218FFA99501F4AA22ECC ] C:\Program Files\OpenOffice.org 3\program\soffice.exe

19:59:17.0879 4184 C:\Program Files\OpenOffice.org 3\program\soffice.exe - ok

19:59:17.0894 4184 [ 3A2EEE8444A8E5C1A454C57B2198F5FC ] C:\Windows\System32\ntlanman.dll

19:59:17.0894 4184 C:\Windows\System32\ntlanman.dll - ok

19:59:17.0894 4184 [ 582EFE56FC0858E58A6CEBA2A64B02C7 ] C:\Windows\System32\drprov.dll

19:59:17.0894 4184 C:\Windows\System32\drprov.dll - ok

19:59:17.0910 4184 [ CFBD2E1FE18B50748A76703A2DC6D4E3 ] C:\Windows\System32\davclnt.dll

19:59:17.0910 4184 C:\Windows\System32\davclnt.dll - ok

19:59:17.0910 4184 [ 6A8A953F7EAB8A2D0603B029190C3609 ] C:\Windows\System32\TosAvAPI.dll

19:59:17.0910 4184 C:\Windows\System32\TosAvAPI.dll - ok

19:59:17.0926 4184 [ 3CFDE7CB52298C1A89152BD1C8B12511 ] C:\Program Files\IDM\Desktop SMS\oecom.dll

19:59:17.0926 4184 C:\Program Files\IDM\Desktop SMS\oecom.dll - ok

19:59:17.0926 4184 [ 2C0030E71313C16424E9EA49C6DFB006 ] C:\Program Files\TOSHIBA\ConfigFree\CFSwMgr.exe

19:59:17.0926 4184 C:\Program Files\TOSHIBA\ConfigFree\CFSwMgr.exe - ok

19:59:17.0941 4184 [ 0F4195B9B348DE5CF9B822F81704B20E ] C:\Windows\ehome\ehmsas.exe

19:59:17.0941 4184 C:\Windows\ehome\ehmsas.exe - ok

19:59:17.0941 4184 [ 5F366CB7F83A5DBE8F50EF989C15DFE2 ] C:\Program Files\Camera Assistant Software for Toshiba\CEC_MAIN.exe

19:59:17.0941 4184 C:\Program Files\Camera Assistant Software for Toshiba\CEC_MAIN.exe - ok

19:59:17.0957 4184 [ 286A79BE30FE70DFE875D88D660846C6 ] C:\Program Files\Synaptics\SynTP\SynToshiba.exe

19:59:17.0957 4184 C:\Program Files\Synaptics\SynTP\SynToshiba.exe - ok

19:59:17.0972 4184 [ AA6677900A55BD6A72ABB0B30912A55B ] C:\Windows\System32\TosBtSDDB.dll

19:59:17.0972 4184 C:\Windows\System32\TosBtSDDB.dll - ok

19:59:17.0972 4184 [ FEFA614B9AA8D3191B4539B2C8A8454D ] C:\Program Files\TOSHIBA\Bluetooth Toshiba Stack\TosBtMngLang.dll

19:59:17.0972 4184 C:\Program Files\TOSHIBA\Bluetooth Toshiba Stack\TosBtMngLang.dll - ok

19:59:17.0988 4184 [ F2E79697E98EBB5F88FB884D84231469 ] C:\Windows\assembly\GAC_MSIL\MOM.Implementation\2.0.2819.40781__90ba9c70f846762e\MOM.Implementation.DLL

19:59:17.0988 4184 C:\Windows\assembly\GAC_MSIL\MOM.Implementation\2.0.2819.40781__90ba9c70f846762e\MOM.Implementation.DLL - ok

19:59:17.0988 4184 [ CA6ADE4F7761BB15B3325356DC3B82BB ] C:\Windows\winsxs\x86_microsoft.vc90.mfc_1fc8b3b9a1e18e3b_9.0.30729.6161_none_4bf7e3e2bf9ada4c\mfc90u.dll

19:59:17.0988 4184 C:\Windows\winsxs\x86_microsoft.vc90.mfc_1fc8b3b9a1e18e3b_9.0.30729.6161_none_4bf7e3e2bf9ada4c\mfc90u.dll - ok

19:59:18.0004 4184 [ 6FBB736AF3B7E36A15C478F86022B1B3 ] C:\Program Files\IDM\Desktop SMS\oeapiinitcom.dll

19:59:18.0004 4184 C:\Program Files\IDM\Desktop SMS\oeapiinitcom.dll - ok

19:59:18.0004 4184 [ A944A73CEC5921B871542FE5CC5E03E4 ] C:\Windows\System32\olepro32.dll

19:59:18.0004 4184 C:\Windows\System32\olepro32.dll - ok

19:59:18.0019 4184 [ 37BC975F7232C59D52722AAA4053C1A5 ] C:\Program Files\Google\Update\1.3.21.123\goopdateres_fr.dll

19:59:18.0019 4184 C:\Program Files\Google\Update\1.3.21.123\goopdateres_fr.dll - ok

19:59:18.0035 4184 [ 8078F8F8F7A79E2E6B494523A828C585 ] C:\Windows\System32\msdtckrm.dll

19:59:18.0035 4184 C:\Windows\System32\msdtckrm.dll - ok

19:59:18.0035 4184 [ C427D04A9741B9E479E084AA1855F9F6 ] C:\Windows\System32\TosCommAPI.dll

19:59:18.0035 4184 C:\Windows\System32\TosCommAPI.dll - ok

19:59:18.0050 4184 [ 2D0D3370594F28E23945C9FE4CCFCB3F ] C:\Program Files\IDM\Desktop SMS\oestore.dll

19:59:18.0050 4184 C:\Program Files\IDM\Desktop SMS\oestore.dll - ok

19:59:18.0050 4184 [ 9A75B2986955DF78E5656F3B407E482E ] C:\Windows\assembly\GAC_MSIL\LOG.Foundation\2.0.2756.30535__90ba9c70f846762e\LOG.Foundation.DLL

19:59:18.0050 4184 C:\Windows\assembly\GAC_MSIL\LOG.Foundation\2.0.2756.30535__90ba9c70f846762e\LOG.Foundation.DLL - ok

19:59:18.0066 4184 [ 97CB28F0DD031E5A4046E870A581B23C ] C:\Program Files\Camera Assistant Software for Toshiba\ceccmdll.dll

19:59:18.0066 4184 C:\Program Files\Camera Assistant Software for Toshiba\ceccmdll.dll - ok

19:59:18.0082 4184 [ 9E165D07BF6C08CCEEE41CBC2D22427D ] C:\Windows\System32\TosLaneAPI.dll

19:59:18.0082 4184 C:\Windows\System32\TosLaneAPI.dll - ok

19:59:18.0082 4184 [ 50ABE7CDA2DAE898216121D14092C182 ] C:\Windows\System32\WMVCORE.DLL

19:59:18.0082 4184 C:\Windows\System32\WMVCORE.DLL - ok

19:59:18.0097 4184 [ F9195E4B484B7D659525C45016E7939F ] C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\004bc6615f9c06df5c98859d35149fe6\System.Configuration.ni.dll

19:59:18.0097 4184 C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\004bc6615f9c06df5c98859d35149fe6\System.Configuration.ni.dll - ok

19:59:18.0113 4184 [ 36CCD8A79539C4ACE3BABE09C2CFBA16 ] C:\Windows\System32\WMASF.DLL

19:59:18.0113 4184 C:\Windows\System32\WMASF.DLL - ok

19:59:18.0113 4184 [ 4A938E44BEB41641B70175DACAB1BBB0 ] C:\Windows\ehome\ehProxy.dll

19:59:18.0113 4184 C:\Windows\ehome\ehProxy.dll - ok

19:59:18.0113 4184 [ 9EFDF7F0153C066BE619450E3D5D59DD ] C:\Windows\System32\avifil32.dll

19:59:18.0113 4184 C:\Windows\System32\avifil32.dll - ok

19:59:18.0128 4184 [ FE3702015BE4D214808A2FBC07B8E5FF ] C:\Windows\System32\wscproxystub.dll

19:59:18.0128 4184 C:\Windows\System32\wscproxystub.dll - ok

19:59:18.0160 4184 [ 9D3AD5571B88A5ED4C36255F90264EBA ] C:\Windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\668c039655437b25586280e1fbff8ef0\PresentationFramework.ni.dll

19:59:18.0160 4184 C:\Windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\668c039655437b25586280e1fbff8ef0\PresentationFramework.ni.dll - ok

19:59:18.0175 4184 [ 9E7CB0432597E638B012C882648019C5 ] C:\Windows\System32\LCWizard.dll

19:59:18.0175 4184 C:\Windows\System32\LCWizard.dll - ok

19:59:18.0191 4184 [ 94750E71A05BD2A31E176EFDB7DDF432 ] C:\Windows\assembly\GAC_MSIL\LOG.Foundation.Private\2.0.2756.30543__90ba9c70f846762e\LOG.Foundation.Private.DLL

19:59:18.0191 4184 C:\Windows\assembly\GAC_MSIL\LOG.Foundation.Private\2.0.2756.30543__90ba9c70f846762e\LOG.Foundation.Private.DLL - ok

19:59:18.0206 4184 [ 2E154ECB31864A9C221A866A545D39A5 ] C:\Program Files\TOSHIBA\Bluetooth Toshiba Stack\BtUsrMod.dll

19:59:18.0206 4184 C:\Program Files\TOSHIBA\Bluetooth Toshiba Stack\BtUsrMod.dll - ok

19:59:18.0222 4184 [ 58ED0528F2B1BFB3301BC10E0E707C35 ] E:\Bac\Program Files\Firefox\firefox.exe

19:59:18.0222 4184 E:\Bac\Program Files\Firefox\firefox.exe - ok

19:59:18.0238 4184 [ 4EE367B8B1964160A1F1B80095183D3A ] C:\Program Files\OpenOffice.org 3\program\soffice.bin

19:59:18.0238 4184 C:\Program Files\OpenOffice.org 3\program\soffice.bin - ok

19:59:18.0284 4184 [ 67EC459E42D3081DD8FD34356F7CAFC1 ] E:\Bac\Program Files\Firefox\msvcr100.dll

19:59:18.0284 4184 E:\Bac\Program Files\Firefox\msvcr100.dll - ok

19:59:18.0284 4184 [ 262D86B6E19F7A4766402981B07D9F61 ] E:\Bac\Program Files\Firefox\mozglue.dll

19:59:18.0300 4184 E:\Bac\Program Files\Firefox\mozglue.dll - ok

19:59:18.0316 4184 [ 5294E28996A54959E53FDF1956CF8888 ] E:\Bac\Program Files\Firefox\nspr4.dll

19:59:18.0316 4184 E:\Bac\Program Files\Firefox\nspr4.dll - ok

19:59:18.0331 4184 [ 03E9314004F504A14A61C3D364B62F66 ] E:\Bac\Program Files\Firefox\msvcp100.dll

19:59:18.0331 4184 E:\Bac\Program Files\Firefox\msvcp100.dll - ok

19:59:18.0347 4184 [ 577A365E730736D3DC2FB870156D1BB8 ] E:\Bac\Program Files\Firefox\mozjs.dll

19:59:18.0347 4184 E:\Bac\Program Files\Firefox\mozjs.dll - ok

19:59:18.0362 4184 [ 124715CD10C62A78404F1A3B1048D062 ] C:\Program Files\AVAST Software\Avast\aswJsFlt.dll

19:59:18.0378 4184 C:\Program Files\AVAST Software\Avast\aswJsFlt.dll - ok

19:59:18.0394 4184 [ 5E41139EC6EFBCAFFD96D46925E544AB ] C:\Windows\System32\mspatcha.dll

19:59:18.0394 4184 C:\Windows\System32\mspatcha.dll - ok

19:59:18.0409 4184 [ C97434C851C4821BD92D2831FDF1ECBE ] C:\Windows\System32\mshtml.dll

19:59:18.0409 4184 C:\Windows\System32\mshtml.dll - ok

19:59:18.0425 4184 [ FCDB95CAD0F44BA045CB6E7620F2E3D4 ] E:\Bac\Program Files\Firefox\plc4.dll

19:59:18.0425 4184 E:\Bac\Program Files\Firefox\plc4.dll - ok

19:59:18.0456 4184 [ CC6B544120760F0AE1146927447AF319 ] E:\Bac\Program Files\Firefox\plds4.dll

19:59:18.0456 4184 E:\Bac\Program Files\Firefox\plds4.dll - ok

19:59:18.0472 4184 [ A31D75246BA79A89141316F31EB17B23 ] C:\Windows\System32\TosHidAPI.dll

19:59:18.0472 4184 C:\Windows\System32\TosHidAPI.dll - ok

19:59:18.0487 4184 [ 810D3D884387DAE0E1C1A5010C12508A ] E:\Bac\Program Files\Firefox\nssutil3.dll

19:59:18.0487 4184 E:\Bac\Program Files\Firefox\nssutil3.dll - ok

19:59:18.0503 4184 [ 1A617835452EEE5060976C9B9F5FE635 ] C:\Windows\System32\wuapi.dll

19:59:18.0503 4184 C:\Windows\System32\wuapi.dll - ok

19:59:18.0534 4184 [ 06798CDC2698C0798089B44124C77253 ] E:\Bac\Program Files\Firefox\nss3.dll

19:59:18.0534 4184 E:\Bac\Program Files\Firefox\nss3.dll - ok

19:59:18.0550 4184 [ 165BEB6D3C856AD618E6E95B4D69217A ] E:\Bac\Program Files\Firefox\smime3.dll

19:59:18.0550 4184 E:\Bac\Program Files\Firefox\smime3.dll - ok

19:59:18.0565 4184 [ F7868F18670E0D7D7D161C5F093F19CB ] E:\Bac\Program Files\Firefox\ssl3.dll

19:59:18.0565 4184 E:\Bac\Program Files\Firefox\ssl3.dll - ok

19:59:18.0581 4184 [ 574299294DB5E98F963BBA61E0112C58 ] E:\Bac\Program Files\Firefox\mozsqlite3.dll

19:59:18.0581 4184 E:\Bac\Program Files\Firefox\mozsqlite3.dll - ok

19:59:18.0612 4184 [ F6886DA015E93A5B42304BA3A5FD8E23 ] E:\Bac\Program Files\Firefox\mozalloc.dll

19:59:18.0612 4184 E:\Bac\Program Files\Firefox\mozalloc.dll - ok

19:59:18.0628 4184 [ 12439FD1B08CE5EAD888A7467086CFF6 ] E:\Bac\Program Files\Firefox\gkmedias.dll

19:59:18.0628 4184 E:\Bac\Program Files\Firefox\gkmedias.dll - ok

19:59:18.0643 4184 [ BA49C7B642646DCACEFB26983303564F ] C:\Windows\winsxs\x86_microsoft.vc90.mfcloc_1fc8b3b9a1e18e3b_9.0.30729.6161_none_49768ef57548175e\MFC90FRA.DLL

19:59:18.0643 4184 C:\Windows\winsxs\x86_microsoft.vc90.mfcloc_1fc8b3b9a1e18e3b_9.0.30729.6161_none_49768ef57548175e\MFC90FRA.DLL - ok

19:59:18.0659 4184 [ AC6B8F8058EE27932F9AF8A2D959D201 ] C:\Windows\System32\msimtf.dll

19:59:18.0659 4184 C:\Windows\System32\msimtf.dll - ok

19:59:18.0690 4184 [ 2D74DA2F9DCFA013158BAA5D5B17C5B3 ] E:\Bac\Program Files\Firefox\xul.dll

19:59:18.0690 4184 E:\Bac\Program Files\Firefox\xul.dll - ok

19:59:18.0706 4184 [ 865292EE1BCA080D86ED973A52C0D04F ] C:\Windows\System32\TosGnsAPI.dll

19:59:18.0706 4184 C:\Windows\System32\TosGnsAPI.dll - ok

19:59:18.0721 4184 [ E3D0A0328525D679A148BC6505EA327B ] C:\Program Files\Windows Mail\msoe.dll

19:59:18.0721 4184 C:\Program Files\Windows Mail\msoe.dll - ok

19:59:18.0784 4184 [ 67D73722622181E68A7F62B6FFE95EF5 ] C:\Program Files\TOSHIBA\FlashCards\fr\TCrdMain.resources.dll

19:59:18.0784 4184 C:\Program Files\TOSHIBA\FlashCards\fr\TCrdMain.resources.dll - ok

19:59:18.0799 4184 [ B8AEFF80ABD57E6ABC6A46EAC7F4515F ] C:\Windows\System32\msdmo.dll

19:59:18.0799 4184 C:\Windows\System32\msdmo.dll - ok

19:59:18.0815 4184 [ 3458EDA96E30FBD0477A2800D3FB1909 ] C:\Windows\System32\wups.dll

19:59:18.0815 4184 C:\Windows\System32\wups.dll - ok

19:59:18.0830 4184 [ 0098E4B99614900C33F795A81635EAE1 ] E:\Bac\Program Files\Firefox\xpcom.dll

19:59:18.0830 4184 E:\Bac\Program Files\Firefox\xpcom.dll - ok

19:59:18.0862 4184 [ 214460565D2AC0BC124D14B785ADAE06 ] C:\Windows\System32\msoert2.dll

19:59:18.0862 4184 C:\Windows\System32\msoert2.dll - ok

19:59:18.0877 4184 [ B89137476D554DF13421DF8F5F5789EC ] C:\Program Files\OpenOffice.org 3\URE\bin\sal3.dll

19:59:18.0877 4184 C:\Program Files\OpenOffice.org 3\URE\bin\sal3.dll - ok

19:59:18.0893 4184 [ 17A282BD98312C835DC9F9429688B93C ] C:\Windows\assembly\GAC_MSIL\System.Windows.Forms\2.0.0.0__b77a5c561934e089\System.Windows.Forms.dll

19:59:18.0893 4184 C:\Windows\assembly\GAC_MSIL\System.Windows.Forms\2.0.0.0__b77a5c561934e089\System.Windows.Forms.dll - ok

19:59:18.0924 4184 [ E34CA3DE924143F693A5E22B87C5CC4F ] E:\Bac\Program Files\Firefox\components\browsercomps.dll

19:59:18.0924 4184 E:\Bac\Program Files\Firefox\components\browsercomps.dll - ok

19:59:18.0940 4184 [ 1C72EB99C500BC527B009FFDCB7D5611 ] C:\Windows\System32\msoeacct.dll

19:59:18.0940 4184 C:\Windows\System32\msoeacct.dll - ok

19:59:18.0971 4184 [ CCFA2FC955EE4CB4157AFDD5F11E52E7 ] C:\Program Files\OpenOffice.org 3\URE\bin\uwinapi.dll

19:59:18.0971 4184 C:\Program Files\OpenOffice.org 3\URE\bin\uwinapi.dll - ok

19:59:18.0986 4184 [ BFA034AAC103D8A6F591AC9364688339 ] C:\Windows\System32\t2embed.dll

19:59:18.0986 4184 C:\Windows\System32\t2embed.dll - ok

19:59:19.0002 4184 [ DCA3FA9F9DD103DC39C24C85EF073DB1 ] C:\Windows\System32\icmp.dll

19:59:19.0002 4184 C:\Windows\System32\icmp.dll - ok

19:59:19.0064 4184 [ 8FFDEB99EAC611D617016F2174D48FC6 ] C:\Windows\System32\inetcomm.dll

19:59:19.0064 4184 C:\Windows\System32\inetcomm.dll - ok

19:59:19.0080 4184 [ 13790C4FB6311ECE6D6763A7EC2313FB ] C:\Program Files\AVAST Software\Avast\aswAra.dll

19:59:19.0080 4184 C:\Program Files\AVAST Software\Avast\aswAra.dll - ok

19:59:19.0096 4184 [ C4E343A6EBE21F7B3C5E257FF541D0B1 ] C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Management\f042f66c2ad8fd5b8c34fa22cd22079e\System.Management.ni.dll

19:59:19.0096 4184 C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Management\f042f66c2ad8fd5b8c34fa22cd22079e\System.Management.ni.dll - ok

19:59:19.0111 4184 [ 3F1C39C36588C8C23CF1C1E4F9F20AF2 ] C:\Windows\System32\msidcrl30.dll

19:59:19.0111 4184 C:\Windows\System32\msidcrl30.dll - ok

19:59:19.0142 4184 [ EC8D1C7B6A1EC7E337B7350780BA7DC4 ] C:\Windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\4d2c890606d2a3a43a90684115bfccfc\PresentationFramework.Aero.ni.dll

19:59:19.0142 4184 C:\Windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\4d2c890606d2a3a43a90684115bfccfc\PresentationFramework.Aero.ni.dll - ok

19:59:19.0158 4184 [ F0E7DEC6F7A3610949BDED0CA8CCB3EA ] C:\Program Files\AVAST Software\Avast\aswData.dll

19:59:19.0158 4184 C:\Program Files\AVAST Software\Avast\aswData.dll - ok

Link to post
Share on other sites

sorry too long

2nd 4th last part

==================================

19:59:19.0189 4184 [ CABD1B34BD05C986B4DBC18BC0E947EE ] C:\Windows\System32\DWrite.dll

19:59:19.0189 4184 C:\Windows\System32\DWrite.dll - ok

19:59:19.0205 4184 [ 64B0D18454E65B61B39D3704A9C8EA4D ] C:\Windows\System32\INETRES.dll

19:59:19.0205 4184 C:\Windows\System32\INETRES.dll - ok

19:59:19.0220 4184 [ 85E36BB45045FB716FAD95D1483C3D4B ] C:\Windows\assembly\GAC_MSIL\LOG.Foundation.Implementation\2.0.2819.40779__90ba9c70f846762e\LOG.Foundation.Implementation.DLL

19:59:19.0220 4184 C:\Windows\assembly\GAC_MSIL\LOG.Foundation.Implementation\2.0.2819.40779__90ba9c70f846762e\LOG.Foundation.Implementation.DLL - ok

19:59:19.0252 4184 [ C079169E6A07FC4412475C02969EB9CE ] C:\Windows\System32\jscript9.dll

19:59:19.0252 4184 C:\Windows\System32\jscript9.dll - ok

19:59:19.0267 4184 [ 58F57F2F2133A2A77607C8CCC9A30F73 ] C:\Windows\System32\ACCTRES.dll

19:59:19.0267 4184 C:\Windows\System32\ACCTRES.dll - ok

19:59:19.0283 4184 [ 4C99AED2AABDEDD7B0C99B62A7E24B3D ] E:\Bac\Program Files\Firefox\softokn3.dll

19:59:19.0283 4184 E:\Bac\Program Files\Firefox\softokn3.dll - ok

19:59:19.0314 4184 [ D66DDBF686EA1FD57E88DCD7375AE9B4 ] C:\Windows\assembly\GAC_MSIL\mscorlib.resources\2.0.0.0_fr_b77a5c561934e089\mscorlib.Resources.dll

19:59:19.0314 4184 C:\Windows\assembly\GAC_MSIL\mscorlib.resources\2.0.0.0_fr_b77a5c561934e089\mscorlib.Resources.dll - ok

19:59:19.0330 4184 [ 961359F17AE51A7E2D105F7A2B3F4ACE ] C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml\b757806657fa5db2b1ed1a89b026b463\System.Xml.ni.dll

19:59:19.0330 4184 C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml\b757806657fa5db2b1ed1a89b026b463\System.Xml.ni.dll - ok

19:59:19.0345 4184 [ D31E86BA9D9D3C5608CC916D0C38410D ] E:\Bac\Program Files\Firefox\nssdbm3.dll

19:59:19.0345 4184 E:\Bac\Program Files\Firefox\nssdbm3.dll - ok

19:59:19.0361 4184 [ 4513B7400878973F9B1BA71153B4F4CF ] C:\Program Files\OpenOffice.org 3\program\sofficeapp.dll

19:59:19.0361 4184 C:\Program Files\OpenOffice.org 3\program\sofficeapp.dll - ok

19:59:19.0376 4184 [ B06643DB1CFFF911F80F03A80FDD6203 ] E:\Bac\Program Files\Firefox\freebl3.dll

19:59:19.0376 4184 E:\Bac\Program Files\Firefox\freebl3.dll - ok

19:59:19.0408 4184 [ 69FD110DB660FA0B9B48332B2CF8169A ] C:\Program Files\Windows Mail\MSOERES.dll

19:59:19.0408 4184 C:\Program Files\Windows Mail\MSOERES.dll - ok

19:59:19.0423 4184 [ 2C367797AC08F9FE75AD37D71730B93C ] C:\Windows\assembly\GAC_MSIL\MOM.Foundation\2.0.2756.30554__90ba9c70f846762e\MOM.Foundation.DLL

19:59:19.0423 4184 C:\Windows\assembly\GAC_MSIL\MOM.Foundation\2.0.2756.30554__90ba9c70f846762e\MOM.Foundation.DLL - ok

19:59:19.0454 4184 [ E9B39C81C87E5B790FCE121DA9E02701 ] C:\Windows\System32\d2d1.dll

19:59:19.0454 4184 C:\Windows\System32\d2d1.dll - ok

19:59:19.0470 4184 [ D187814ADDD3709A1453DCC0AE72923F ] C:\Program Files\TOSHIBA\Bluetooth Toshiba Stack\OemBtAcpiAPI.dll

19:59:19.0470 4184 C:\Program Files\TOSHIBA\Bluetooth Toshiba Stack\OemBtAcpiAPI.dll - ok

19:59:19.0486 4184 [ ED658B77C719F205757213260CC0687D ] C:\Program Files\AVAST Software\Avast\1036\uiLangRes.dll

19:59:19.0486 4184 C:\Program Files\AVAST Software\Avast\1036\uiLangRes.dll - ok

19:59:19.0501 4184 [ 585F0850AEACE07B6D095CA9CBF02226 ] E:\Bac\Program Files\Firefox\nssckbi.dll

19:59:19.0501 4184 E:\Bac\Program Files\Firefox\nssckbi.dll - ok

19:59:19.0532 4184 [ FCD4E3223AB57109D09F03EF74D9B181 ] C:\Program Files\OpenOffice.org 3\program\comphelpMSC.dll

19:59:19.0532 4184 C:\Program Files\OpenOffice.org 3\program\comphelpMSC.dll - ok

19:59:19.0564 4184 [ 7E596F93291C02D91C08AEDB36EDED37 ] C:\Program Files\TOSHIBA\FlashCards\TCrdMain.dll

19:59:19.0564 4184 C:\Program Files\TOSHIBA\FlashCards\TCrdMain.dll - ok

19:59:19.0579 4184 [ AB04C6CE5DF23819B914F822E9AA0EDF ] C:\Program Files\AVAST Software\Avast\CommonRes.dll

19:59:19.0579 4184 C:\Program Files\AVAST Software\Avast\CommonRes.dll - ok

19:59:19.0595 4184 [ FA3AA3611A361D9B7BB551D2CD033F2B ] C:\Program Files\Synaptics\SynTP\SynTPHelper.exe

19:59:19.0595 4184 C:\Program Files\Synaptics\SynTP\SynTPHelper.exe - ok

19:59:19.0610 4184 [ 8BE770B9A06AF02FA6544B183FEBD53F ] C:\Windows\System32\TosAcpiAPI.dll

19:59:19.0610 4184 C:\Windows\System32\TosAcpiAPI.dll - ok

19:59:19.0642 4184 [ 9262BF9AF67CA4499F7DAE1FB2AA58E0 ] C:\Program Files\OpenOffice.org 3\URE\bin\cppuhelper3MSC.dll

19:59:19.0642 4184 C:\Program Files\OpenOffice.org 3\URE\bin\cppuhelper3MSC.dll - ok

19:59:19.0657 4184 [ AAAE543C535ED596ECAD2AB8761C2C6F ] C:\Windows\System32\dxgi.dll

19:59:19.0657 4184 C:\Windows\System32\dxgi.dll - ok

19:59:19.0673 4184 [ 6DC04E1DDB48ED7397D1597C737BC106 ] C:\Program Files\TOSHIBA\FlashCards\TCrdEvnt.dll

19:59:19.0673 4184 C:\Program Files\TOSHIBA\FlashCards\TCrdEvnt.dll - ok

19:59:19.0704 4184 [ A0849FBA350AA979617856770F8AA1D2 ] C:\Program Files\OpenOffice.org 3\URE\bin\salhelper3MSC.dll

19:59:19.0704 4184 C:\Program Files\OpenOffice.org 3\URE\bin\salhelper3MSC.dll - ok

19:59:19.0720 4184 [ 7AD794FA7B80EC3F97097DA7E7011347 ] C:\Program Files\OpenOffice.org 3\URE\bin\cppu3.dll

19:59:19.0720 4184 C:\Program Files\OpenOffice.org 3\URE\bin\cppu3.dll - ok

19:59:19.0735 4184 [ 5256383D1D266A9EEFCDB270340C0E5C ] C:\Windows\System32\d3d10_1.dll

19:59:19.0735 4184 C:\Windows\System32\d3d10_1.dll - ok

19:59:19.0782 4184 [ 7E6EA9CB72B5DE84A5D700BED877E5F9 ] C:\Program Files\Windows Mail\WinMail.exe

19:59:19.0782 4184 C:\Program Files\Windows Mail\WinMail.exe - ok

19:59:19.0798 4184 [ E936DA0EFF4B9BBCA43A030025DC56EB ] C:\Program Files\TOSHIBA\Power Saver\TFunctab.dll

19:59:19.0798 4184 C:\Program Files\TOSHIBA\Power Saver\TFunctab.dll - ok

19:59:19.0813 4184 [ A441F5B43EAF4BD4E3ACFBE38841B46B ] C:\Windows\System32\d3d10_1core.dll

19:59:19.0813 4184 C:\Windows\System32\d3d10_1core.dll - ok

19:59:19.0844 4184 [ B6F943D2D99307BFD7D2ADFA3B866813 ] C:\Program Files\OpenOffice.org 3\URE\bin\stlport_vc7145.dll

19:59:19.0844 4184 C:\Program Files\OpenOffice.org 3\URE\bin\stlport_vc7145.dll - ok

19:59:19.0860 4184 [ 35A936C7C029A5B705D3FFD40518D660 ] C:\Windows\Microsoft.NET\Framework\v2.0.50727\WMINet_Utils.dll

19:59:19.0860 4184 C:\Windows\Microsoft.NET\Framework\v2.0.50727\WMINet_Utils.dll - ok

19:59:19.0876 4184 [ 4A4C71376ECA305D6DEA021F1A44816D ] C:\Windows\System32\d3d10warp.dll

19:59:19.0876 4184 C:\Windows\System32\d3d10warp.dll - ok

19:59:19.0891 4184 [ E6AEF6498578702ED3E8024D9792F30B ] C:\Program Files\OpenOffice.org 3\program\ucbhelper4MSC.dll

19:59:19.0891 4184 C:\Program Files\OpenOffice.org 3\program\ucbhelper4MSC.dll - ok

19:59:19.0907 4184 [ F1FD93B8EBDBDFD13930FA5B09426070 ] C:\Windows\assembly\GAC_MSIL\LOG.Foundation.Implementation.Private\2.0.2756.30556__90ba9c70f846762e\LOG.Foundation.Implementation.Private.DLL

19:59:19.0907 4184 C:\Windows\assembly\GAC_MSIL\LOG.Foundation.Implementation.Private\2.0.2756.30556__90ba9c70f846762e\LOG.Foundation.Implementation.Private.DLL - ok

19:59:19.0938 4184 [ E4BB0288A98D2AD4AFB844A3B0AA3D7C ] C:\Program Files\TOSHIBA\Bluetooth Toshiba Stack\TosBtLoad.dll

19:59:19.0938 4184 C:\Program Files\TOSHIBA\Bluetooth Toshiba Stack\TosBtLoad.dll - ok

19:59:19.0969 4184 [ C820C516CB162FD1845E2612A65536CB ] C:\Program Files\OpenOffice.org 3\program\vos3MSC.dll

19:59:19.0969 4184 C:\Program Files\OpenOffice.org 3\program\vos3MSC.dll - ok

19:59:19.0985 4184 [ 79B0A04E2DF042045A25706B4BAD2116 ] E:\Bac\Program Files\Malwarebytes' Anti-Malware\mbamext.dll

19:59:19.0985 4184 E:\Bac\Program Files\Malwarebytes' Anti-Malware\mbamext.dll - ok

19:59:20.0000 4184 [ 7FB936AA67FA487F59529C9A4907685E ] C:\Program Files\OpenOffice.org 3\program\deploymentmisc.dll

19:59:20.0000 4184 C:\Program Files\OpenOffice.org 3\program\deploymentmisc.dll - ok

19:59:20.0032 4184 [ 35AAE2E841AA1A949775168E119482C9 ] C:\Windows\System32\msls31.dll

19:59:20.0032 4184 C:\Windows\System32\msls31.dll - ok

19:59:20.0047 4184 [ 2FC3769842EB87578032E8B6C1DE9A08 ] C:\Program Files\OpenOffice.org 3\program\tl.dll

19:59:20.0047 4184 C:\Program Files\OpenOffice.org 3\program\tl.dll - ok

19:59:20.0078 4184 [ 2240E4AA3910A1A6CBE168C66DAD2824 ] C:\Program Files\TOSHIBA\FlashCards\Hotkey\FnESC.dll

19:59:20.0078 4184 C:\Program Files\TOSHIBA\FlashCards\Hotkey\FnESC.dll - ok

19:59:20.0094 4184 [ CECB7971499C5E84F701AFABDDFFA27C ] C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Remo#\b5df40c22ab563a816103629e2ca99d4\System.Runtime.Remoting.ni.dll

19:59:20.0094 4184 C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Remo#\b5df40c22ab563a816103629e2ca99d4\System.Runtime.Remoting.ni.dll - ok

19:59:20.0110 4184 [ 4167AE99A4CC521848E5471FA83A9EED ] C:\Program Files\OpenOffice.org 3\program\basegfx.dll

19:59:20.0110 4184 C:\Program Files\OpenOffice.org 3\program\basegfx.dll - ok

19:59:20.0125 4184 [ AA6BD503A41AE158EFBA851965A40FE9 ] C:\Program Files\TOSHIBA\FlashCards\Hotkey\FnF1.dll

19:59:20.0125 4184 C:\Program Files\TOSHIBA\FlashCards\Hotkey\FnF1.dll - ok

19:59:20.0156 4184 [ 8B02D2ECC7EF6E1F6AF08459E3F741F6 ] C:\Windows\System32\d3d10.dll

19:59:20.0156 4184 C:\Windows\System32\d3d10.dll - ok

19:59:20.0172 4184 [ D2A90407F02E2B2B7D636EF402BEBA59 ] C:\Program Files\OpenOffice.org 3\program\i18nisolang1MSC.dll

19:59:20.0172 4184 C:\Program Files\OpenOffice.org 3\program\i18nisolang1MSC.dll - ok

19:59:20.0188 4184 [ 8E9DBB7CE33B420979B1ECE76F3385B5 ] C:\Program Files\TOSHIBA\Power Saver\TFunc2.dll

19:59:20.0188 4184 C:\Program Files\TOSHIBA\Power Saver\TFunc2.dll - ok

19:59:20.0219 4184 [ 750726E5868345AB2D46850EB1E60DF9 ] C:\Program Files\OpenOffice.org 3\program\utl.dll

19:59:20.0219 4184 C:\Program Files\OpenOffice.org 3\program\utl.dll - ok

19:59:20.0250 4184 [ 9C7094F537782A82B6A29B4A7172E180 ] C:\Windows\System32\d3d10core.dll

19:59:20.0250 4184 C:\Windows\System32\d3d10core.dll - ok

19:59:20.0266 4184 [ 4E2E393FCDF738E2A50A326E90AC8086 ] E:\Bac\source archives\wrar\RarExt.dll

19:59:20.0266 4184 E:\Bac\source archives\wrar\RarExt.dll - ok

19:59:20.0281 4184 [ 558DE44298D3E7898E7EDF9221F9A5E0 ] C:\Program Files\TOSHIBA\FlashCards\FnSticky.dll

19:59:20.0281 4184 C:\Program Files\TOSHIBA\FlashCards\FnSticky.dll - ok

19:59:20.0297 4184 [ 218B2BA51244F5285904AE03F5898112 ] C:\Program Files\OpenOffice.org 3\program\xcr.dll

19:59:20.0297 4184 C:\Program Files\OpenOffice.org 3\program\xcr.dll - ok

19:59:20.0312 4184 [ 75407DBFC47A6AC6243F557861EEB596 ] C:\Program Files\TOSHIBA\Bluetooth Toshiba Stack\TosA2dp.exe

19:59:20.0328 4184 C:\Program Files\TOSHIBA\Bluetooth Toshiba Stack\TosA2dp.exe - ok

19:59:20.0344 4184 [ 365EB15783B9BE4DB9C2A6064532B2BC ] C:\Program Files\OpenOffice.org 3\program\sfx.dll

19:59:20.0344 4184 C:\Program Files\OpenOffice.org 3\program\sfx.dll - ok

19:59:20.0359 4184 [ 562EC2824FC193E14A93D536DE9EAC0F ] E:\Bac\source archives\wrar\Formats\tar.fmt

19:59:20.0359 4184 E:\Bac\source archives\wrar\Formats\tar.fmt - ok

19:59:20.0390 4184 [ 04CD1B53EAC6DD943378086DC856C0DE ] C:\Program Files\TOSHIBA\FlashCards\TWarnMsg\TWarnMsg.dll

19:59:20.0390 4184 C:\Program Files\TOSHIBA\FlashCards\TWarnMsg\TWarnMsg.dll - ok

19:59:20.0406 4184 [ 2C7B4E944A48B9A07B7BF2AB262F197E ] C:\Windows\System32\icm32.dll

19:59:20.0406 4184 C:\Windows\System32\icm32.dll - ok

19:59:20.0412 4184 [ CDD76188ECF2EA78EB816151D0130327 ] C:\Program Files\OpenOffice.org 3\program\fwe.dll

19:59:20.0412 4184 C:\Program Files\OpenOffice.org 3\program\fwe.dll - ok

19:59:20.0469 4184 [ DA1705DB81E646EAE1D8E53DDE352647 ] C:\Program Files\TOSHIBA\FlashCards\Hotkey\FnF3.dll

19:59:20.0469 4184 C:\Program Files\TOSHIBA\FlashCards\Hotkey\FnF3.dll - ok

19:59:20.0490 4184 [ 55D7B39ADC4B98724B15C07A7CF65270 ] E:\Bac\source archives\wrar\Formats\gz.fmt

19:59:20.0490 4184 E:\Bac\source archives\wrar\Formats\gz.fmt - ok

19:59:20.0512 4184 [ FA2A3AFADC4FB47DBC234A4E57F92CDB ] C:\Windows\System32\ddraw.dll

19:59:20.0512 4184 C:\Windows\System32\ddraw.dll - ok

19:59:20.0547 4184 [ CC22C9FB26428FEAB01526F2A23B30FC ] C:\Program Files\OpenOffice.org 3\program\fwi.dll

19:59:20.0547 4184 C:\Program Files\OpenOffice.org 3\program\fwi.dll - ok

19:59:20.0568 4184 [ EF764E33878B3A4A9E5A2FB5D0D031D0 ] C:\Windows\System32\dciman32.dll

19:59:20.0568 4184 C:\Windows\System32\dciman32.dll - ok

19:59:20.0589 4184 [ 247024736C95BB6934DA364FC19C825C ] E:\Bac\source archives\wrar\Formats\uue.fmt

19:59:20.0589 4184 E:\Bac\source archives\wrar\Formats\uue.fmt - ok

19:59:20.0620 4184 [ ACF3A47CE86B6E89616C4D3A692A4422 ] C:\Program Files\OpenOffice.org 3\program\svl.dll

19:59:20.0621 4184 C:\Program Files\OpenOffice.org 3\program\svl.dll - ok

19:59:20.0634 4184 [ E32BCE86AA61660147BD25BC82CCBE1A ] C:\Program Files\TOSHIBA\FlashCards\Hotkey\FnF4.dll

19:59:20.0634 4184 C:\Program Files\TOSHIBA\FlashCards\Hotkey\FnF4.dll - ok

19:59:20.0676 4184 [ C8DBFEF835FF54467425C8F3ABCF7046 ] C:\Windows\System32\dssenh.dll

19:59:20.0676 4184 C:\Windows\System32\dssenh.dll - ok

19:59:20.0707 4184 [ 558C7FE3994FD6269A9170B51D9AB985 ] C:\Windows\System32\TosBtECCAPI.dll

19:59:20.0707 4184 C:\Windows\System32\TosBtECCAPI.dll - ok

19:59:20.0723 4184 [ 5990956B1660034CE57889BAB1C3E081 ] E:\Bac\source archives\wrar\Formats\z.fmt

19:59:20.0723 4184 E:\Bac\source archives\wrar\Formats\z.fmt - ok

19:59:20.0739 4184 [ 336B257EC1D65F97B149BA032F41B428 ] C:\Program Files\OpenOffice.org 3\program\sot.dll

19:59:20.0739 4184 C:\Program Files\OpenOffice.org 3\program\sot.dll - ok

19:59:20.0754 4184 [ D4F818071BE0E2CD68479238E76F16E4 ] E:\Bac\source archives\wrar\Formats\arj.fmt

19:59:20.0754 4184 E:\Bac\source archives\wrar\Formats\arj.fmt - ok

19:59:20.0770 4184 [ 561714DFA385FA4E35D81DCF8014377F ] C:\Program Files\OpenOffice.org 3\program\svt.dll

19:59:20.0785 4184 C:\Program Files\OpenOffice.org 3\program\svt.dll - ok

19:59:20.0801 4184 [ 912F63317F81667FBF71E7E07FD546A8 ] C:\Program Files\TOSHIBA\FlashCards\Hotkey\FnF5.dll

19:59:20.0801 4184 C:\Program Files\TOSHIBA\FlashCards\Hotkey\FnF5.dll - ok

19:59:20.0817 4184 [ 5F49FBF4E018ABB9C4ADC4A8D57F9C76 ] C:\Program Files\OpenOffice.org 3\program\i18nutilMSC.dll

19:59:20.0817 4184 C:\Program Files\OpenOffice.org 3\program\i18nutilMSC.dll - ok

19:59:20.0848 4184 [ 6ECCE07B6A918E8A8639EA1178BDF32D ] C:\Windows\System32\syncui.dll

19:59:20.0848 4184 C:\Windows\System32\syncui.dll - ok

19:59:20.0863 4184 [ 4158324326206AA3A0264842593E0F0B ] C:\Windows\System32\Macromed\Flash\Flash32_11_5_502_149.ocx

19:59:20.0863 4184 C:\Windows\System32\Macromed\Flash\Flash32_11_5_502_149.ocx - ok

19:59:20.0879 4184 [ B2182E0401542B486FC1117204345A63 ] C:\Windows\System32\TosAvdtAPI.dll

19:59:20.0879 4184 C:\Windows\System32\TosAvdtAPI.dll - ok

19:59:20.0910 4184 [ 2C92B17E820094F37037B6CE114BEB69 ] C:\Program Files\TOSHIBA\Bluetooth Toshiba Stack\TosBtHid.exe

19:59:20.0910 4184 C:\Program Files\TOSHIBA\Bluetooth Toshiba Stack\TosBtHid.exe - ok

19:59:20.0926 4184 [ F6CB86F2E560E2536BBA522F97BC6039 ] C:\Program Files\OpenOffice.org 3\program\icuuc40.dll

19:59:20.0926 4184 C:\Program Files\OpenOffice.org 3\program\icuuc40.dll - ok

19:59:20.0957 4184 [ E910EBBB4CC16E950E7F99A075663EE7 ] C:\Windows\System32\TosSndAPI.dll

19:59:20.0957 4184 C:\Windows\System32\TosSndAPI.dll - ok

19:59:20.0973 4184 [ A3B9708198F9DD6F4346D844A3C298B3 ] C:\Program Files\TOSHIBA\FlashCards\Hotkey\FnF67.dll

19:59:20.0973 4184 C:\Program Files\TOSHIBA\FlashCards\Hotkey\FnF67.dll - ok

19:59:21.0004 4184 [ 950343D413EEDC3A24472BB2046CFB59 ] C:\Windows\System32\synceng.dll

19:59:21.0004 4184 C:\Windows\System32\synceng.dll - ok

19:59:21.0019 4184 [ C166EF14CBC85AC9747DDA3797F30A06 ] C:\Windows\System32\d3dim700.dll

19:59:21.0019 4184 C:\Windows\System32\d3dim700.dll - ok

19:59:21.0035 4184 [ CBA980E1B5489C92D727FA0E11D5EC5E ] C:\Windows\System32\TosSndPlug.dll

19:59:21.0035 4184 C:\Windows\System32\TosSndPlug.dll - ok

19:59:21.0066 4184 [ 9F631B2338922A6DD1B8399890B140B0 ] C:\Program Files\TOSHIBA\FlashCards\Hotkey\FnF8Dll.dll

19:59:21.0066 4184 C:\Program Files\TOSHIBA\FlashCards\Hotkey\FnF8Dll.dll - ok

19:59:21.0082 4184 [ 6C7722CAD2517C6170F3C4BCC5224286 ] C:\Program Files\TOSHIBA\FlashCards\Hotkey\FnF9.dll

19:59:21.0082 4184 C:\Program Files\TOSHIBA\FlashCards\Hotkey\FnF9.dll - ok

19:59:21.0097 4184 [ 25CA1677AAA3CDC99CD4FCF940886F3C ] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe

19:59:21.0097 4184 C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe - ok

19:59:21.0113 4184 [ EC00034A5D1E094FCFFA6AF27EBF9604 ] C:\Program Files\OpenOffice.org 3\program\icudt40.dll

19:59:21.0129 4184 C:\Program Files\OpenOffice.org 3\program\icudt40.dll - ok

19:59:21.0160 4184 [ B5EF1DA337DB9859709A387638AC5E07 ] C:\Windows\System32\SearchProtocolHost.exe

19:59:21.0160 4184 C:\Windows\System32\SearchProtocolHost.exe - ok

19:59:21.0175 4184 [ 73348A124A69B8D7BA6CE6A090BED836 ] C:\Program Files\TOSHIBA\FlashCards\Hotkey\FnSpace.dll

19:59:21.0175 4184 C:\Program Files\TOSHIBA\FlashCards\Hotkey\FnSpace.dll - ok

19:59:21.0191 4184 [ 31DCF8ED7C7D8C87EB5379AD122A328E ] C:\Program Files\OpenOffice.org 3\URE\bin\jvmfwk3.dll

19:59:21.0191 4184 C:\Program Files\OpenOffice.org 3\URE\bin\jvmfwk3.dll - ok

19:59:21.0207 4184 [ 311F8C91193B851104DD140966D6AEA1 ] C:\Program Files\TOSHIBA\TOSHIBA Assist\NotifyX.dll

19:59:21.0207 4184 C:\Program Files\TOSHIBA\TOSHIBA Assist\NotifyX.dll - ok

19:59:21.0222 4184 [ 0691B1AD2E55BAA71B14E13439D55E2E ] C:\Windows\winsxs\x86_microsoft.vc90.mfc_1fc8b3b9a1e18e3b_9.0.30729.6161_none_4bf7e3e2bf9ada4c\mfcm90u.dll

19:59:21.0238 4184 C:\Windows\winsxs\x86_microsoft.vc90.mfc_1fc8b3b9a1e18e3b_9.0.30729.6161_none_4bf7e3e2bf9ada4c\mfcm90u.dll - ok

19:59:21.0253 4184 [ BDC0C99E472176C8C2C853A68ADC5073 ] C:\Windows\System32\wups2.dll

19:59:21.0253 4184 C:\Windows\System32\wups2.dll - ok

19:59:21.0269 4184 [ 57FC07EAA4AD8D975D46DB082F62BE2B ] C:\Program Files\TOSHIBA\PCDiag\NotifyPCD.dll

19:59:21.0269 4184 C:\Program Files\TOSHIBA\PCDiag\NotifyPCD.dll - ok

19:59:21.0285 4184 [ 1330EA93145B834D1A6ED1F1AC3163FC ] C:\Program Files\OpenOffice.org 3\program\libxml2.dll

19:59:21.0285 4184 C:\Program Files\OpenOffice.org 3\program\libxml2.dll - ok

19:59:21.0316 4184 [ 9D362539CB97E842E04B0FDA04870530 ] C:\Program Files\AVAST Software\Avast\defs\13021500\uiext.dll

19:59:21.0316 4184 C:\Program Files\AVAST Software\Avast\defs\13021500\uiext.dll - ok

19:59:21.0331 4184 [ 243F5F4DF38FA00C044E3A75CCF558C2 ] C:\Program Files\TOSHIBA\ConfigFree\NotifyCFF.dll

19:59:21.0331 4184 C:\Program Files\TOSHIBA\ConfigFree\NotifyCFF.dll - ok

19:59:21.0363 4184 [ 5E202A7F8D02D2ADD03B20A81F233B94 ] C:\Program Files\TOSHIBA\Bluetooth Toshiba Stack\TosBt1st.exe

19:59:21.0363 4184 C:\Program Files\TOSHIBA\Bluetooth Toshiba Stack\TosBt1st.exe - ok

19:59:21.0378 4184 [ 824CF467BAD5B34AA09FA6EFC4A65652 ] C:\Program Files\TOSHIBA\Bluetooth Toshiba Stack\NotifyBT.dll

19:59:21.0378 4184 C:\Program Files\TOSHIBA\Bluetooth Toshiba Stack\NotifyBT.dll - ok

19:59:21.0409 4184 [ 2D821AFA5A1A9CA7F9F997A1AAD09E72 ] C:\Program Files\Windows Media Player\wmplayer.exe

19:59:21.0409 4184 C:\Program Files\Windows Media Player\wmplayer.exe - ok

19:59:21.0425 4184 [ EC120FACE13767CCFB18FB2EA170AC83 ] C:\Program Files\OpenOffice.org 3\program\tk.dll

19:59:21.0425 4184 C:\Program Files\OpenOffice.org 3\program\tk.dll - ok

19:59:21.0441 4184 [ 7A45905B462F6AE857E4566F3831AEB6 ] C:\Program Files\TOSHIBA\SmoothView\NotifyTZU.dll

19:59:21.0441 4184 C:\Program Files\TOSHIBA\SmoothView\NotifyTZU.dll - ok

19:59:21.0456 4184 [ C62CF532F92BD43B436BB1F0550722DC ] C:\Program Files\TOSHIBA\TOSHIBA Disc Creator\NotifyTDC.dll

19:59:21.0456 4184 C:\Program Files\TOSHIBA\TOSHIBA Disc Creator\NotifyTDC.dll - ok

19:59:21.0487 4184 [ 582BE479E7E286BB3B31C5A4C3DC3987 ] C:\Windows\System32\msshooks.dll

19:59:21.0487 4184 C:\Windows\System32\msshooks.dll - ok

19:59:21.0503 4184 [ E8832BCF29CC03F9A490C9AAC3056706 ] C:\Program Files\OpenOffice.org 3\program\vcl.dll

19:59:21.0503 4184 C:\Program Files\OpenOffice.org 3\program\vcl.dll - ok

19:59:21.0534 4184 [ F92FA005B7ED96502DADBCE0BBD49815 ] C:\Program Files\TOSHIBA\Utilities\NotifyX.dll

19:59:21.0534 4184 C:\Program Files\TOSHIBA\Utilities\NotifyX.dll - ok

19:59:21.0565 4184 [ 5C801C9BC7A0317A14B7628FCCD2D17E ] C:\Program Files\OpenOffice.org 3\program\i18npaper.dll

19:59:21.0565 4184 C:\Program Files\OpenOffice.org 3\program\i18npaper.dll - ok

19:59:21.0581 4184 [ A9719562B3FEDB0565142B37C31E94BC ] C:\Program Files\TOSHIBA\TBS\NotifyTBS.dll

19:59:21.0581 4184 C:\Program Files\TOSHIBA\TBS\NotifyTBS.dll - ok

19:59:21.0597 4184 [ 771AF583BC58373A84496CCD52C36E33 ] C:\Windows\System32\mssvp.dll

19:59:21.0597 4184 C:\Windows\System32\mssvp.dll - ok

19:59:21.0628 4184 [ 557D165ABAC057F379D47E92F395405F ] C:\Program Files\OpenOffice.org 3\program\sax.dll

19:59:21.0628 4184 C:\Program Files\OpenOffice.org 3\program\sax.dll - ok

19:59:21.0643 4184 [ 351319EF11C263C95FB721AC76F436D6 ] C:\Windows\System32\mssph.dll

19:59:21.0643 4184 C:\Windows\System32\mssph.dll - ok

19:59:21.0659 4184 [ FBC74172F7246C9531CC46D159276971 ] C:\Program Files\OpenOffice.org 3\program\sb.dll

19:59:21.0659 4184 C:\Program Files\OpenOffice.org 3\program\sb.dll - ok

19:59:21.0690 4184 [ 7B952E19FE5FCB2F2A8737544564631D ] C:\Program Files\Microsoft Office\Office12\ONFILTER.DLL

19:59:21.0690 4184 C:\Program Files\Microsoft Office\Office12\ONFILTER.DLL - ok

19:59:21.0706 4184 [ 6A9D25A55FDA74E8F121323E13A4CEAB ] C:\Program Files\TOSHIBA\Bluetooth Toshiba Stack\TosBtHSP.exe

19:59:21.0706 4184 C:\Program Files\TOSHIBA\Bluetooth Toshiba Stack\TosBtHSP.exe - ok

19:59:21.0721 4184 [ CBC39CAD3421AB71966BDD98ABF847E0 ] C:\Windows\System32\msfeeds.dll

19:59:21.0721 4184 C:\Windows\System32\msfeeds.dll - ok

19:59:21.0737 4184 [ 5B64AF259BB7448386757C7FD1375ED5 ] C:\Windows\assembly\GAC_MSIL\CCC.Implementation\2.0.2819.40780__90ba9c70f846762e\CCC.Implementation.DLL

19:59:21.0737 4184 C:\Windows\assembly\GAC_MSIL\CCC.Implementation\2.0.2819.40780__90ba9c70f846762e\CCC.Implementation.DLL - ok

19:59:21.0768 4184 [ 6C0A96C3485D25236F3DB7D8A120F21A ] C:\Program Files\OpenOffice.org 3\URE\bin\msci_uno.dll

19:59:21.0768 4184 C:\Program Files\OpenOffice.org 3\URE\bin\msci_uno.dll - ok

19:59:21.0784 4184 [ C9EE7FF225EAC1CB9C78C413667CDB80 ] C:\Windows\System32\SearchFilterHost.exe

19:59:21.0784 4184 C:\Windows\System32\SearchFilterHost.exe - ok

19:59:21.0799 4184 [ 8843B6A1B8E102841B2DFF02805C5CEC ] C:\Windows\System32\jscript.dll

19:59:21.0799 4184 C:\Windows\System32\jscript.dll - ok

19:59:21.0831 4184 [ ADDAEA5DB800947863318050D935ECFA ] C:\Windows\assembly\GAC_MSIL\CLI.Foundation\2.0.2756.30538__90ba9c70f846762e\CLI.Foundation.DLL

19:59:21.0831 4184 C:\Windows\assembly\GAC_MSIL\CLI.Foundation\2.0.2756.30538__90ba9c70f846762e\CLI.Foundation.DLL - ok

19:59:21.0862 4184 [ 8506A78404B3B469A2382C509B7DB967 ] C:\Program Files\OpenOffice.org 3\URE\bin\bootstrap.uno.dll

19:59:21.0862 4184 C:\Program Files\OpenOffice.org 3\URE\bin\bootstrap.uno.dll - ok

19:59:21.0893 4184 [ F101C848A95FDC6474A66A9D395EAAEB ] C:\Program Files\Common Files\System\wab32.dll

19:59:21.0893 4184 C:\Program Files\Common Files\System\wab32.dll - ok

19:59:21.0924 4184 [ 352A00C74C96FA5A41EA32BF4BFACA10 ] C:\Program Files\OpenOffice.org 3\URE\bin\reg3.dll

19:59:21.0924 4184 C:\Program Files\OpenOffice.org 3\URE\bin\reg3.dll - ok

19:59:21.0940 4184 [ 66177DC56AC40A87F17C8B4333049D10 ] C:\Program Files\OpenOffice.org 3\URE\bin\store3.dll

19:59:21.0940 4184 C:\Program Files\OpenOffice.org 3\URE\bin\store3.dll - ok

19:59:21.0955 4184 [ 498961DEAAC558A5D85F7596CBCA6DC3 ] C:\Windows\System32\cryptdlg.dll

19:59:21.0955 4184 C:\Windows\System32\cryptdlg.dll - ok

19:59:21.0987 4184 [ E5866CA09AC74AC6C1F8501BB60DFD90 ] C:\Windows\System32\PresentationNative_v0300.dll

19:59:21.0987 4184 C:\Windows\System32\PresentationNative_v0300.dll - ok

19:59:22.0002 4184 [ 6238D624E7CF2C59E773C6D2A326C85B ] C:\Program Files\OpenOffice.org 3\URE\bin\xmlreader.dll

19:59:22.0002 4184 C:\Program Files\OpenOffice.org 3\URE\bin\xmlreader.dll - ok

19:59:22.0049 4184 [ 3A72AB0BAF2DC1AE0BA6E1EE28FFCC0B ] C:\Windows\System32\msftedit.dll

19:59:22.0049 4184 C:\Windows\System32\msftedit.dll - ok

19:59:22.0065 4184 [ 6C149F7B1D79224C87D2D0F87C533B37 ] C:\Program Files\Common Files\System\wab32res.dll

19:59:22.0065 4184 C:\Program Files\Common Files\System\wab32res.dll - ok

19:59:22.0080 4184 [ 7570C39D5CA95CFF5E3D49789A347542 ] C:\Windows\System32\msctfui.dll

19:59:22.0080 4184 C:\Windows\System32\msctfui.dll - ok

19:59:22.0111 4184 [ 17A987B488F47783CBBF6A9BE2BAAD09 ] C:\Windows\System32\msident.dll

19:59:22.0111 4184 C:\Windows\System32\msident.dll - ok

19:59:22.0127 4184 [ 6950BBCEB21F9C3CB3B52E90960109C3 ] C:\Windows\System32\devenum.dll

19:59:22.0127 4184 C:\Windows\System32\devenum.dll - ok

19:59:22.0158 4184 [ DAA1B96073C79C84F8D28FBF55580415 ] C:\Windows\System32\pstorec.dll

19:59:22.0158 4184 C:\Windows\System32\pstorec.dll - ok

19:59:22.0174 4184 [ 6D01259214D1E815613ECA3CD81679EC ] C:\Windows\System32\pstorsvc.dll

19:59:22.0174 4184 C:\Windows\System32\pstorsvc.dll - ok

19:59:22.0205 4184 [ 928C90E02E05244D2290C1551DF732C8 ] C:\Windows\System32\avicap32.dll

19:59:22.0205 4184 C:\Windows\System32\avicap32.dll - ok

19:59:22.0221 4184 [ 65C092EF598DCCA1D665D52F06829512 ] C:\Windows\System32\vfwwdm32.dll

19:59:22.0221 4184 C:\Windows\System32\vfwwdm32.dll - ok

19:59:22.0236 4184 [ 861797D3C83A6EBA05FB2C63B1A45E82 ] C:\Windows\System32\ksproxy.ax

19:59:22.0236 4184 C:\Windows\System32\ksproxy.ax - ok

19:59:22.0267 4184 [ 9E7D79C6D1C464E17F43DBAC83E10208 ] C:\ProgramData\Microsoft\IdentityCRL\ppcrlconfig.dll

19:59:22.0267 4184 C:\ProgramData\Microsoft\IdentityCRL\ppcrlconfig.dll - ok

19:59:22.0299 4184 [ 012E22681A63D2BF405E6F15EF80BFD3 ] C:\Windows\System32\vidcap.ax

19:59:22.0299 4184 C:\Windows\System32\vidcap.ax - ok

19:59:22.0314 4184 [ FD44B4D9129EDD68BBD0A26683024EF9 ] C:\Windows\System32\Kswdmcap.ax

19:59:22.0314 4184 C:\Windows\System32\Kswdmcap.ax - ok

19:59:22.0330 4184 [ 6434516C878E6A291F72758717FF8DB0 ] C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Web\421cb77e6a4c21f94e3c5ddf766de23b\System.Web.ni.dll

19:59:22.0330 4184 C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Web\421cb77e6a4c21f94e3c5ddf766de23b\System.Web.ni.dll - ok

19:59:22.0361 4184 [ 046A9363A58F8C4105E5871A514B63CC ] C:\ProgramData\Microsoft\IdentityCRL\ppcrlui.dll

19:59:22.0361 4184 C:\ProgramData\Microsoft\IdentityCRL\ppcrlui.dll - ok

19:59:22.0377 4184 [ DC2FE300B941D6330D7475C977C4C5E9 ] C:\Windows\System32\imaadp32.acm

19:59:22.0377 4184 C:\Windows\System32\imaadp32.acm - ok

19:59:22.0408 4184 [ 4177EA05E1215EBE0405C18BFF463473 ] C:\Windows\System32\msg711.acm

19:59:22.0408 4184 C:\Windows\System32\msg711.acm - ok

19:59:22.0423 4184 [ 13ACFD3F412CD31ACA8387911C80A9E2 ] C:\Windows\System32\msgsm32.acm

19:59:22.0423 4184 C:\Windows\System32\msgsm32.acm - ok

19:59:22.0439 4184 [ CE761566EADA0509F02E4AFDB09B62E4 ] C:\Windows\System32\msadp32.acm

19:59:22.0439 4184 C:\Windows\System32\msadp32.acm - ok

19:59:22.0470 4184 [ 8A64A3F68F0E24917759852C842DCD74 ] C:\Windows\System32\l3codeca.acm

19:59:22.0470 4184 C:\Windows\System32\l3codeca.acm - ok

19:59:22.0486 4184 [ 9E7C434E383D451D299EB7861ED1CECC ] C:\Program Files\OpenOffice.org 3\program\configmgr.uno.dll

19:59:22.0486 4184 C:\Program Files\OpenOffice.org 3\program\configmgr.uno.dll - ok

19:59:22.0501 4184 [ C43DECDAC58C0A43E0376A216590F40A ] C:\Windows\System32\quartz.dll

19:59:22.0501 4184 C:\Windows\System32\quartz.dll - ok

19:59:22.0517 4184 [ 7C61336C9B31C5697E2595BE63FFD57E ] C:\Windows\assembly\GAC_MSIL\CLI.Foundation.XManifest\2.0.2756.30635__90ba9c70f846762e\CLI.Foundation.XManifest.DLL

19:59:22.0533 4184 C:\Windows\assembly\GAC_MSIL\CLI.Foundation.XManifest\2.0.2756.30635__90ba9c70f846762e\CLI.Foundation.XManifest.DLL - ok

19:59:22.0548 4184 [ 535CBF96649071012A5EBD41FE95CBDF ] C:\Program Files\Camera Assistant Software for Toshiba\CECSource.ax

19:59:22.0548 4184 C:\Program Files\Camera Assistant Software for Toshiba\CECSource.ax - ok

19:59:22.0564 4184 [ A14F25F62E84C6B4A178A1CFD9B47222 ] C:\Windows\System32\qcap.dll

19:59:22.0564 4184 C:\Windows\System32\qcap.dll - ok

19:59:22.0579 4184 [ B572DA05BF4E098D4BBA3A4734FB505B ] C:\Windows\System32\drivers\mspqm.sys

19:59:22.0579 4184 C:\Windows\System32\drivers\mspqm.sys - ok

19:59:22.0611 4184 [ 8E9B9839222615B3901C0F1BC8869A70 ] C:\Windows\assembly\GAC_MSIL\System.resources\2.0.0.0_fr_b77a5c561934e089\system.Resources.dll

19:59:22.0611 4184 C:\Windows\assembly\GAC_MSIL\System.resources\2.0.0.0_fr_b77a5c561934e089\system.Resources.dll - ok

19:59:22.0626 4184 [ F8D8BB3F6173FFF00128612F33D3197A ] C:\Windows\System32\wbem\WMIADAP.exe

19:59:22.0626 4184 C:\Windows\System32\wbem\WMIADAP.exe - ok

19:59:22.0673 4184 [ 8B2D61CA83825CEAD423228ACD40CFBC ] C:\Windows\System32\loadperf.dll

19:59:22.0673 4184 C:\Windows\System32\loadperf.dll - ok

19:59:22.0689 4184 [ 736051C7D9E43A599B50A83E5BA4E30F ] C:\Windows\assembly\GAC_MSIL\CLI.Component.Runtime\2.0.2819.40514__90ba9c70f846762e\CLI.Component.Runtime.DLL

19:59:22.0689 4184 C:\Windows\assembly\GAC_MSIL\CLI.Component.Runtime\2.0.2819.40514__90ba9c70f846762e\CLI.Component.Runtime.DLL - ok

19:59:22.0720 4184 [ 194699FEE1647C41B18B691F4105C1BE ] C:\Windows\assembly\GAC_MSIL\CLI.Component.Runtime.Shared.Private\2.0.2756.30555__90ba9c70f846762e\CLI.Component.Runtime.Shared.Private.DLL

19:59:22.0720 4184 C:\Windows\assembly\GAC_MSIL\CLI.Component.Runtime.Shared.Private\2.0.2756.30555__90ba9c70f846762e\CLI.Component.Runtime.Shared.Private.DLL - ok

19:59:22.0735 4184 [ 17702689FD07C525BDBBB7564A985021 ] C:\Windows\assembly\GAC_MSIL\CLI.Foundation.Private\2.0.2756.30545__90ba9c70f846762e\CLI.Foundation.Private.DLL

19:59:22.0735 4184 C:\Windows\assembly\GAC_MSIL\CLI.Foundation.Private\2.0.2756.30545__90ba9c70f846762e\CLI.Foundation.Private.DLL - ok

19:59:22.0767 4184 [ F1AF8E33D2E366F5B23B5B3D9BA60EFA ] C:\Windows\assembly\GAC_MSIL\CLI.Component.Runtime.Shared\2.0.2756.30552__90ba9c70f846762e\CLI.Component.Runtime.Shared.DLL

19:59:22.0767 4184 C:\Windows\assembly\GAC_MSIL\CLI.Component.Runtime.Shared\2.0.2756.30552__90ba9c70f846762e\CLI.Component.Runtime.Shared.DLL - ok

19:59:22.0767 4184 [ 617F8A587022EE7C9DBC370472AFA9C4 ] C:\Windows\assembly\GAC_MSIL\ATICCCom\2.0.0.0__90ba9c70f846762e\ATICCCom.DLL

19:59:22.0767 4184 C:\Windows\assembly\GAC_MSIL\ATICCCom\2.0.0.0__90ba9c70f846762e\ATICCCom.DLL - ok

19:59:22.0798 4184 [ D584F8B5C58971F6EC796A9F8EED6D95 ] C:\Windows\assembly\GAC_MSIL\AEM.Server\2.0.2819.40513__90ba9c70f846762e\AEM.Server.DLL

19:59:22.0798 4184 C:\Windows\assembly\GAC_MSIL\AEM.Server\2.0.2819.40513__90ba9c70f846762e\AEM.Server.DLL - ok

19:59:22.0813 4184 [ FB22886C382F670BB5998D89C527F2A2 ] C:\Windows\assembly\GAC_MSIL\NEWAEM.Foundation\2.0.2756.30541__90ba9c70f846762e\NEWAEM.Foundation.DLL

19:59:22.0813 4184 C:\Windows\assembly\GAC_MSIL\NEWAEM.Foundation\2.0.2756.30541__90ba9c70f846762e\NEWAEM.Foundation.DLL - ok

19:59:22.0876 4184 [ 2C6BC6E7ED0011A686557B9F41EB7AB0 ] C:\Windows\assembly\GAC_MSIL\CLI.Component.Runtime.Extension.EEU\2.0.2819.40513__90ba9c70f846762e\CLI.Component.Runtime.Extension.EEU.DLL

19:59:22.0876 4184 C:\Windows\assembly\GAC_MSIL\CLI.Component.Runtime.Extension.EEU\2.0.2819.40513__90ba9c70f846762e\CLI.Component.Runtime.Extension.EEU.DLL - ok

19:59:22.0907 4184 [ 4F6EEF793A77806A0D541097EC865C70 ] C:\Windows\assembly\GAC_MSIL\AEM.Foundation\2.0.2756.30537__90ba9c70f846762e\AEM.Foundation.DLL

19:59:22.0907 4184 C:\Windows\assembly\GAC_MSIL\AEM.Foundation\2.0.2756.30537__90ba9c70f846762e\AEM.Foundation.DLL - ok

19:59:22.0923 4184 [ 7E1BC7AA112F5ED12AB6E08E41CA6726 ] C:\Windows\System32\msyuv.dll

19:59:22.0923 4184 C:\Windows\System32\msyuv.dll - ok

19:59:22.0938 4184 [ 021B281762E9FA606AA73723613A9B72 ] C:\Windows\assembly\GAC_MSIL\AEM.Plugin.EEU.Shared\2.0.2756.30557__90ba9c70f846762e\AEM.Plugin.EEU.Shared.DLL

19:59:22.0954 4184 C:\Windows\assembly\GAC_MSIL\AEM.Plugin.EEU.Shared\2.0.2756.30557__90ba9c70f846762e\AEM.Plugin.EEU.Shared.DLL - ok

19:59:22.0969 4184 [ EA85B693F3B321A9DF90CFBD1673DAF2 ] C:\Program Files\OpenOffice.org 3\program\localebe1.uno.dll

19:59:22.0969 4184 C:\Program Files\OpenOffice.org 3\program\localebe1.uno.dll - ok

19:59:22.0985 4184 [ 10D5662D127EF17019513C7251E10117 ] C:\Program Files\OpenOffice.org 3\URE\bin\stocservices.uno.dll

19:59:22.0985 4184 C:\Program Files\OpenOffice.org 3\URE\bin\stocservices.uno.dll - ok

19:59:23.0016 4184 [ 938ACF2A4F7FDAFF322FD36F0B14D45A ] C:\Program Files\Common Files\microsoft shared\ink\tiptsf.dll

19:59:23.0016 4184 C:\Program Files\Common Files\microsoft shared\ink\tiptsf.dll - ok

19:59:23.0032 4184 [ A9787265CA087560ADA3DDFEEC05A522 ] C:\Windows\assembly\GAC_MSIL\AEM.Server.Shared\2.0.2756.30551__90ba9c70f846762e\AEM.Server.Shared.DLL

19:59:23.0032 4184 C:\Windows\assembly\GAC_MSIL\AEM.Server.Shared\2.0.2756.30551__90ba9c70f846762e\AEM.Server.Shared.DLL - ok

19:59:23.0047 4184 [ 77784A2BD5912A4EC6284255865526BC ] C:\Windows\System32\Faultrep.dll

19:59:23.0047 4184 C:\Windows\System32\Faultrep.dll - ok

19:59:23.0063 4184 [ C68069DBAB5EF8861F6D54CC989D60D0 ] C:\Program Files\OpenOffice.org 3\program\ucb1.dll

19:59:23.0063 4184 C:\Program Files\OpenOffice.org 3\program\ucb1.dll - ok

19:59:23.0094 4184 [ B9497C5ACAEA521663BFFBB321DD3AFA ] C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll

19:59:23.0094 4184 C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll - ok

19:59:23.0110 4184 [ 3435A9D467D9BB70957475D2C7B97E00 ] C:\Windows\assembly\GAC_MSIL\AEM.Plugin.Source.Kit.Server\2.0.2819.40823__90ba9c70f846762e\AEM.Plugin.Source.Kit.Server.DLL

19:59:23.0110 4184 C:\Windows\assembly\GAC_MSIL\AEM.Plugin.Source.Kit.Server\2.0.2819.40823__90ba9c70f846762e\AEM.Plugin.Source.Kit.Server.DLL - ok

19:59:23.0141 4184 [ 00C2BD9F5F8E9F375C2B534B7F5305F5 ] C:\Program Files\Yahoo!\Companion\Installs\cpn\YTSingleInstance.dll

19:59:23.0141 4184 C:\Program Files\Yahoo!\Companion\Installs\cpn\YTSingleInstance.dll - ok

19:59:23.0172 4184 [ 032A6D7058EC06CA6CF73A6D0493ADA0 ] C:\Program Files\OpenOffice.org 3\program\fwk.dll

19:59:23.0172 4184 C:\Program Files\OpenOffice.org 3\program\fwk.dll - ok

19:59:23.0188 4184 [ 7B9A8909AAE7D836BCE2B28994ACDE87 ] C:\Windows\assembly\GAC_MSIL\AEM.Plugin.DPPE.Shared\2.0.2756.30563__90ba9c70f846762e\AEM.Plugin.DPPE.Shared.DLL

19:59:23.0188 4184 C:\Windows\assembly\GAC_MSIL\AEM.Plugin.DPPE.Shared\2.0.2756.30563__90ba9c70f846762e\AEM.Plugin.DPPE.Shared.DLL - ok

19:59:23.0219 4184 [ F31AD307E2F5797B837C3932A7794D26 ] C:\Program Files\OpenOffice.org 3\program\ucpfile1.dll

19:59:23.0219 4184 C:\Program Files\OpenOffice.org 3\program\ucpfile1.dll - ok

19:59:23.0235 4184 [ E92143D1B2E32FAF6CC56FD97B908F6A ] C:\Windows\System32\wpdshext.dll

19:59:23.0235 4184 C:\Windows\System32\wpdshext.dll - ok

19:59:23.0266 4184 [ 67C30FAFA58BD7E02A9DA8BE28512934 ] C:\Windows\System32\audiodev.dll

19:59:23.0266 4184 C:\Windows\System32\audiodev.dll - ok

19:59:23.0281 4184 [ D7D411475A7ABED7C4024067E7F9DDF7 ] C:\Windows\assembly\GAC_MSIL\AEM.Plugin.Hotkeys.Shared\2.0.2756.30551__90ba9c70f846762e\AEM.Plugin.Hotkeys.Shared.DLL

19:59:23.0281 4184 C:\Windows\assembly\GAC_MSIL\AEM.Plugin.Hotkeys.Shared\2.0.2756.30551__90ba9c70f846762e\AEM.Plugin.Hotkeys.Shared.DLL - ok

19:59:23.0297 4184 [ 41DFF500F0C1C438D0500F08DF8B827B ] C:\Program Files\OpenOffice.org 3\program\i18npool.uno.dll

19:59:23.0313 4184 C:\Program Files\OpenOffice.org 3\program\i18npool.uno.dll - ok

19:59:23.0328 4184 [ 9E5C1D19851FAE2ACDBA118AB20D55AC ] C:\Windows\System32\EhStorAPI.dll

19:59:23.0328 4184 C:\Windows\System32\EhStorAPI.dll - ok

19:59:23.0344 4184 [ A8C4CDA29ED3598E38F25F12183849AF ] C:\Program Files\OpenOffice.org 3\program\icuin40.dll

19:59:23.0344 4184 C:\Program Files\OpenOffice.org 3\program\icuin40.dll - ok

19:59:23.0375 4184 [ CCE69BC85D019F49691C592DDCC2FA97 ] C:\Windows\assembly\GAC_MSIL\DEM.Graphics.I0601\2.0.2573.17685__90ba9c70f846762e\DEM.Graphics.I0601.DLL

19:59:23.0375 4184 C:\Windows\assembly\GAC_MSIL\DEM.Graphics.I0601\2.0.2573.17685__90ba9c70f846762e\DEM.Graphics.I0601.DLL - ok

19:59:23.0391 4184 [ 110D2A7BBFBA80AAE36B5F229FE800AD ] C:\Windows\assembly\GAC_MSIL\DEM.Foundation\2.0.2573.17684__90ba9c70f846762e\DEM.Foundation.DLL

19:59:23.0391 4184 C:\Windows\assembly\GAC_MSIL\DEM.Foundation\2.0.2573.17684__90ba9c70f846762e\DEM.Foundation.DLL - ok

19:59:23.0406 4184 [ 4468B03FF876D1FBD789F206EFD6CECB ] C:\Windows\assembly\GAC_MSIL\DEM.Graphics\2.0.2756.30588__90ba9c70f846762e\DEM.Graphics.DLL

19:59:23.0406 4184 C:\Windows\assembly\GAC_MSIL\DEM.Graphics\2.0.2756.30588__90ba9c70f846762e\DEM.Graphics.DLL - ok

19:59:23.0437 4184 [ 8342DE057236E8870104C00B1A0DEA7F ] C:\Windows\System32\ATIDEMGX.dll

19:59:23.0437 4184 C:\Windows\System32\ATIDEMGX.dll - ok

19:59:23.0453 4184 [ 48F38047CCB38CC1F99D008EC166CB76 ] C:\Windows\assembly\GAC_MSIL\System.Management\2.0.0.0__b03f5f7f11d50a3a\System.Management.dll

19:59:23.0453 4184 C:\Windows\assembly\GAC_MSIL\System.Management\2.0.0.0__b03f5f7f11d50a3a\System.Management.dll - ok

19:59:23.0484 4184 [ C64B09515203DC640FEFF8C1DE5721E0 ] C:\Program Files\OpenOffice.org 3\program\oleautobridge.uno.dll

19:59:23.0484 4184 C:\Program Files\OpenOffice.org 3\program\oleautobridge.uno.dll - ok

19:59:23.0500 4184 [ E91F3A5185FA77C0C540465C906F2BDE ] C:\Program Files\OpenOffice.org 3\program\emser.dll

19:59:23.0500 4184 C:\Program Files\OpenOffice.org 3\program\emser.dll - ok

19:59:23.0515 4184 [ F3C59C4840CD835E1F055BA877B9A8A1 ] C:\Windows\assembly\GAC_MSIL\CLI.Caste.Graphics.Runtime\2.0.2819.40521__90ba9c70f846762e\CLI.Caste.Graphics.Runtime.DLL

19:59:23.0515 4184 C:\Windows\assembly\GAC_MSIL\CLI.Caste.Graphics.Runtime\2.0.2819.40521__90ba9c70f846762e\CLI.Caste.Graphics.Runtime.DLL - ok

19:59:23.0547 4184 [ 4AB6B7BBB44A8A0ED41FAD9E3178D191 ] C:\Windows\assembly\GAC_MSIL\CLI.Caste.Graphics.Shared\2.0.2756.30548__90ba9c70f846762e\CLI.Caste.Graphics.Shared.DLL

19:59:23.0547 4184 C:\Windows\assembly\GAC_MSIL\CLI.Caste.Graphics.Shared\2.0.2756.30548__90ba9c70f846762e\CLI.Caste.Graphics.Shared.DLL - ok

19:59:23.0562 4184 [ 93D5B9634C4744FB115785081ECF9738 ] C:\Windows\assembly\GAC_MSIL\ACE.Graphics.DisplaysManager.Shared\2.0.2573.17685__90ba9c70f846762e\ACE.Graphics.DisplaysManager.Shared.DLL

19:59:23.0562 4184 C:\Windows\assembly\GAC_MSIL\ACE.Graphics.DisplaysManager.Shared\2.0.2573.17685__90ba9c70f846762e\ACE.Graphics.DisplaysManager.Shared.DLL - ok

19:59:23.0578 4184 [ 333035374D726FDED63B4BA615CBA0D8 ] C:\Windows\assembly\GAC_MSIL\DEM.OS.I0602\2.0.2756.30590__90ba9c70f846762e\DEM.OS.I0602.DLL

19:59:23.0578 4184 C:\Windows\assembly\GAC_MSIL\DEM.OS.I0602\2.0.2756.30590__90ba9c70f846762e\DEM.OS.I0602.DLL - ok

19:59:23.0593 4184 [ 9A0F0B24E97711F935D29B287B12A96E ] C:\Windows\assembly\GAC_MSIL\DEM.OS\2.0.2756.30578__90ba9c70f846762e\DEM.OS.DLL

19:59:23.0593 4184 C:\Windows\assembly\GAC_MSIL\DEM.OS\2.0.2756.30578__90ba9c70f846762e\DEM.OS.DLL - ok

19:59:23.0625 4184 [ 05FEFF15C400FBB6755BAC28880A5E1D ] C:\Windows\assembly\GAC_MSIL\ATIDEMOS\2.0.2819.40514__90ba9c70f846762e\ATIDEMOS.DLL

19:59:23.0625 4184 C:\Windows\assembly\GAC_MSIL\ATIDEMOS\2.0.2819.40514__90ba9c70f846762e\ATIDEMOS.DLL - ok

19:59:23.0640 4184 [ 082EB93ACF2A473ECE096A6CB75CB8E6 ] C:\Windows\assembly\GAC_MSIL\AEM.Actions.CCAA.Shared\2.0.2756.30547__90ba9c70f846762e\AEM.Actions.CCAA.Shared.DLL

19:59:23.0640 4184 C:\Windows\assembly\GAC_MSIL\AEM.Actions.CCAA.Shared\2.0.2756.30547__90ba9c70f846762e\AEM.Actions.CCAA.Shared.DLL - ok

19:59:23.0671 4184 [ 6A21489FF914E5CC7896B58DD3E2C23C ] C:\Windows\System32\atioglxx.dll

19:59:23.0671 4184 C:\Windows\System32\atioglxx.dll - ok

19:59:23.0687 4184 [ 587360DA9BD55CCF21EF47F543368875 ] C:\Windows\assembly\GAC_MSIL\CLI.Aspect.HotkeysHandling.Graphics.Runtime\2.0.2819.40540__90ba9c70f846762e\CLI.Aspect.HotkeysHandling.Graphics.Runtime.DLL

19:59:23.0687 4184 C:\Windows\assembly\GAC_MSIL\CLI.Aspect.HotkeysHandling.Graphics.Runtime\2.0.2819.40540__90ba9c70f846762e\CLI.Aspect.HotkeysHandling.Graphics.Runtime.DLL - ok

19:59:23.0718 4184 [ AF6202A1548C6A9A126694957E2E5E74 ] C:\Windows\assembly\GAC_MSIL\CLI.Aspect.HotkeysHandling.Graphics.Shared\2.0.2756.30559__90ba9c70f846762e\CLI.Aspect.HotkeysHandling.Graphics.Shared.DLL

19:59:23.0718 4184 C:\Windows\assembly\GAC_MSIL\CLI.Aspect.HotkeysHandling.Graphics.Shared\2.0.2756.30559__90ba9c70f846762e\CLI.Aspect.HotkeysHandling.Graphics.Shared.DLL - ok

19:59:23.0749 4184 [ 24AAD4F47DB442C44591E683D71B1707 ] C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceCV.Graphics.Runtime\2.0.2819.40720__90ba9c70f846762e\CLI.Aspect.DeviceCV.Graphics.Runtime.DLL

19:59:23.0749 4184 C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceCV.Graphics.Runtime\2.0.2819.40720__90ba9c70f846762e\CLI.Aspect.DeviceCV.Graphics.Runtime.DLL - ok

19:59:23.0765 4184 [ 0E8B49E2ED94881CC1C16E3F465B13CE ] C:\Windows\assembly\GAC_MSIL\CLI.Caste.Graphics.Runtime.Shared.Private\2.0.2756.30578__90ba9c70f846762e\CLI.Caste.Graphics.Runtime.Shared.Private.DLL

19:59:23.0765 4184 C:\Windows\assembly\GAC_MSIL\CLI.Caste.Graphics.Runtime.Shared.Private\2.0.2756.30578__90ba9c70f846762e\CLI.Caste.Graphics.Runtime.Shared.Private.DLL - ok

19:59:23.0796 4184 [ 961A33ABE871519276DCE24CD0C77924 ] C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceCV.Graphics.Shared\2.0.2756.30567__90ba9c70f846762e\CLI.Aspect.DeviceCV.Graphics.Shared.DLL

19:59:23.0796 4184 C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceCV.Graphics.Shared\2.0.2756.30567__90ba9c70f846762e\CLI.Aspect.DeviceCV.Graphics.Shared.DLL - ok

19:59:23.0827 4184 [ 9097D25EE7C78C5B35A79941333B99C8 ] C:\Windows\assembly\GAC_MSIL\CLI.Aspect.CustomFormats.Graphics.Shared\2.0.2756.30558__90ba9c70f846762e\CLI.Aspect.CustomFormats.Graphics.Shared.DLL

19:59:23.0827 4184 C:\Windows\assembly\GAC_MSIL\CLI.Aspect.CustomFormats.Graphics.Shared\2.0.2756.30558__90ba9c70f846762e\CLI.Aspect.CustomFormats.Graphics.Shared.DLL - ok

19:59:23.0843 4184 [ C70F163D7C03A76E4F416D5FA3F16AB4 ] C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceProperty.Graphics.Runtime\2.0.2819.40662__90ba9c70f846762e\CLI.Aspect.DeviceProperty.Graphics.Runtime.DLL

19:59:23.0843 4184 C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceProperty.Graphics.Runtime\2.0.2819.40662__90ba9c70f846762e\CLI.Aspect.DeviceProperty.Graphics.Runtime.DLL - ok

19:59:23.0890 4184 [ 2E7FAB502A8615B1AAB0EAB35AFBCA3B ] C:\Windows\assembly\GAC_MSIL\DEM.Graphics.I0706\2.0.2743.23304__90ba9c70f846762e\DEM.Graphics.I0706.DLL

19:59:23.0890 4184 C:\Windows\assembly\GAC_MSIL\DEM.Graphics.I0706\2.0.2743.23304__90ba9c70f846762e\DEM.Graphics.I0706.DLL - ok

19:59:23.0905 4184 [ 8FBE6F3311D54B8E27B9433BC9D63E2F ] C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceProperty.Graphics.Shared\2.0.2756.30558__90ba9c70f846762e\CLI.Aspect.DeviceProperty.Graphics.Shared.DLL

19:59:23.0905 4184 C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceProperty.Graphics.Shared\2.0.2756.30558__90ba9c70f846762e\CLI.Aspect.DeviceProperty.Graphics.Shared.DLL - ok

19:59:23.0937 4184 [ B9BAAE7852CD47C25BC55F598117B95A ] C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceTV.Graphics.Runtime\2.0.2819.40760__90ba9c70f846762e\CLI.Aspect.DeviceTV.Graphics.Runtime.DLL

19:59:23.0937 4184 C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceTV.Graphics.Runtime\2.0.2819.40760__90ba9c70f846762e\CLI.Aspect.DeviceTV.Graphics.Runtime.DLL - ok

19:59:23.0968 4184 [ 258B0D7103DAB3B754F1DB7146CB1005 ] C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceTV.Graphics.Shared\2.0.2756.30568__90ba9c70f846762e\CLI.Aspect.DeviceTV.Graphics.Shared.DLL

19:59:23.0968 4184 C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceTV.Graphics.Shared\2.0.2756.30568__90ba9c70f846762e\CLI.Aspect.DeviceTV.Graphics.Shared.DLL - ok

19:59:23.0999 4184 [ AD6F9F60D070F43B5C3D253A174CEE12 ] C:\Windows\assembly\GAC_MSIL\AEM.Plugin.GD.Shared\2.0.2756.30563__90ba9c70f846762e\AEM.Plugin.GD.Shared.DLL

19:59:23.0999 4184 C:\Windows\assembly\GAC_MSIL\AEM.Plugin.GD.Shared\2.0.2756.30563__90ba9c70f846762e\AEM.Plugin.GD.Shared.DLL - ok

19:59:24.0015 4184 [ EB28CCE5D792B63BD715FAC15C468D4A ] C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DisplaysColour2.Graphics.Runtime\2.0.2819.40590__90ba9c70f846762e\CLI.Aspect.DisplaysColour2.Graphics.Runtime.DLL

19:59:24.0015 4184 C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DisplaysColour2.Graphics.Runtime\2.0.2819.40590__90ba9c70f846762e\CLI.Aspect.DisplaysColour2.Graphics.Runtime.DLL - ok

19:59:24.0046 4184 [ DC9F7235FE9C62B18F64C167F1B0F765 ] C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DisplaysColour2.Graphics.Shared\2.0.2756.30560__90ba9c70f846762e\CLI.Aspect.DisplaysColour2.Graphics.Shared.DLL

19:59:24.0046 4184 C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DisplaysColour2.Graphics.Shared\2.0.2756.30560__90ba9c70f846762e\CLI.Aspect.DisplaysColour2.Graphics.Shared.DLL - ok

19:59:24.0061 4184 [ 1B34BEF0274C87FFA1E9671B0CC23A30 ] C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DisplaysOptions.Graphics.Runtime\2.0.2819.40689__90ba9c70f846762e\CLI.Aspect.DisplaysOptions.Graphics.Runtime.DLL

19:59:24.0061 4184 C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DisplaysOptions.Graphics.Runtime\2.0.2819.40689__90ba9c70f846762e\CLI.Aspect.DisplaysOptions.Graphics.Runtime.DLL - ok

19:59:24.0093 4184 [ BAC3AB08229E083606FCEB6B3CEF4662 ] C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DisplaysOptions.Graphics.Shared\2.0.2756.30565__90ba9c70f846762e\CLI.Aspect.DisplaysOptions.Graphics.Shared.DLL

19:59:24.0093 4184 C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DisplaysOptions.Graphics.Shared\2.0.2756.30565__90ba9c70f846762e\CLI.Aspect.DisplaysOptions.Graphics.Shared.DLL - ok

19:59:24.0108 4184 [ B49F35E547B261F8FEDEEC0926078E99 ] C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceCRT.Graphics.Runtime\2.0.2819.40670__90ba9c70f846762e\CLI.Aspect.DeviceCRT.Graphics.Runtime.DLL

19:59:24.0108 4184 C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceCRT.Graphics.Runtime\2.0.2819.40670__90ba9c70f846762e\CLI.Aspect.DeviceCRT.Graphics.Runtime.DLL - ok

19:59:24.0139 4184 [ 5B320322F1AB6AFEFC98A4D3543B009D ] C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceCRT.Graphics.Shared\2.0.2756.30564__90ba9c70f846762e\CLI.Aspect.DeviceCRT.Graphics.Shared.DLL

19:59:24.0139 4184 C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceCRT.Graphics.Shared\2.0.2756.30564__90ba9c70f846762e\CLI.Aspect.DeviceCRT.Graphics.Shared.DLL - ok

19:59:24.0155 4184 [ D990C14AEEC6940A144646259523D276 ] C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceLCD.Graphics.Runtime\2.0.2819.40708__90ba9c70f846762e\CLI.Aspect.DeviceLCD.Graphics.Runtime.DLL

19:59:24.0171 4184 C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceLCD.Graphics.Runtime\2.0.2819.40708__90ba9c70f846762e\CLI.Aspect.DeviceLCD.Graphics.Runtime.DLL - ok

19:59:24.0202 4184 [ D200F6F7734FE4EEB7573BB654EF7762 ] C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceLCD.Graphics.Shared\2.0.2756.30562__90ba9c70f846762e\CLI.Aspect.DeviceLCD.Graphics.Shared.DLL

19:59:24.0202 4184 C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceLCD.Graphics.Shared\2.0.2756.30562__90ba9c70f846762e\CLI.Aspect.DeviceLCD.Graphics.Shared.DLL - ok

19:59:24.0233 4184 [ AF1ED23295F6BCA1C1BAE97AF53227E8 ] C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceDFP.Graphics.Runtime\2.0.2819.40662__90ba9c70f846762e\CLI.Aspect.DeviceDFP.Graphics.Runtime.DLL

19:59:24.0233 4184 C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceDFP.Graphics.Runtime\2.0.2819.40662__90ba9c70f846762e\CLI.Aspect.DeviceDFP.Graphics.Runtime.DLL - ok

19:59:24.0249 4184 [ D2EB7BC87E2AC1A14012BCC281134099 ] C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceDFP.Graphics.Shared\2.0.2756.30590__90ba9c70f846762e\CLI.Aspect.DeviceDFP.Graphics.Shared.DLL

19:59:24.0249 4184 C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceDFP.Graphics.Shared\2.0.2756.30590__90ba9c70f846762e\CLI.Aspect.DeviceDFP.Graphics.Shared.DLL - ok

19:59:24.0280 4184 [ 37F6CD08B766ED7B0FD2D492D79DF4B9 ] C:\Windows\assembly\GAC_MSIL\CLI.Aspect.Radeon3D.Graphics.Runtime\2.0.2819.40727__90ba9c70f846762e\CLI.Aspect.Radeon3D.Graphics.Runtime.DLL

19:59:24.0280 4184 C:\Windows\assembly\GAC_MSIL\CLI.Aspect.Radeon3D.Graphics.Runtime\2.0.2819.40727__90ba9c70f846762e\CLI.Aspect.Radeon3D.Graphics.Runtime.DLL - ok

19:59:24.0311 4184 [ 8C7E9996B1852A014EC5B6457DEEF76E ] C:\Windows\assembly\GAC_MSIL\CLI.Aspect.Radeon3D.Graphics.Shared\2.0.2756.30568__90ba9c70f846762e\CLI.Aspect.Radeon3D.Graphics.Shared.DLL

19:59:24.0311 4184 C:\Windows\assembly\GAC_MSIL\CLI.Aspect.Radeon3D.Graphics.Shared\2.0.2756.30568__90ba9c70f846762e\CLI.Aspect.Radeon3D.Graphics.Shared.DLL - ok

19:59:24.0327 4184 [ 19AD2904EAFD099BFFA2885513C80251 ] C:\Windows\assembly\GAC_MSIL\CLI.Aspect.MMVideo.Graphics.Runtime\2.0.2819.40670__90ba9c70f846762e\CLI.Aspect.MMVideo.Graphics.Runtime.DLL

19:59:24.0327 4184 C:\Windows\assembly\GAC_MSIL\CLI.Aspect.MMVideo.Graphics.Runtime\2.0.2819.40670__90ba9c70f846762e\CLI.Aspect.MMVideo.Graphics.Runtime.DLL - ok

19:59:24.0342 4184 [ ABEDE9F7B0A7A543A9799F1D0A4B271A ] C:\Windows\assembly\GAC_MSIL\CLI.Aspect.MMVideo.Graphics.Shared\2.0.2756.30564__90ba9c70f846762e\CLI.Aspect.MMVideo.Graphics.Shared.DLL

19:59:24.0342 4184 C:\Windows\assembly\GAC_MSIL\CLI.Aspect.MMVideo.Graphics.Shared\2.0.2756.30564__90ba9c70f846762e\CLI.Aspect.MMVideo.Graphics.Shared.DLL - ok

19:59:24.0358 4184 [ D662143028AA1912B5E6CF5F9226A64C ] C:\Windows\assembly\GAC_MSIL\CLI.Aspect.PowerPlayDPPE.Graphics.Runtime\2.0.2819.40788__90ba9c70f846762e\CLI.Aspect.PowerPlayDPPE.Graphics.Runtime.DLL

19:59:24.0358 4184 C:\Windows\assembly\GAC_MSIL\CLI.Aspect.PowerPlayDPPE.Graphics.Runtime\2.0.2819.40788__90ba9c70f846762e\CLI.Aspect.PowerPlayDPPE.Graphics.Runtime.DLL - ok

19:59:24.0389 4184 [ 24A7DE6AFBC52A813490CEF348345E72 ] C:\Windows\assembly\GAC_MSIL\CLI.Aspect.PowerPlayDPPE.Graphics.Shared\2.0.2756.30592__90ba9c70f846762e\CLI.Aspect.PowerPlayDPPE.Graphics.Shared.DLL

19:59:24.0389 4184 C:\Windows\assembly\GAC_MSIL\CLI.Aspect.PowerPlayDPPE.Graphics.Shared\2.0.2756.30592__90ba9c70f846762e\CLI.Aspect.PowerPlayDPPE.Graphics.Shared.DLL - ok

19:59:24.0405 4184 [ ACE838FC862B6DA47C595EF7B2018553 ] C:\Windows\assembly\GAC_MSIL\APM.Server\2.0.2819.40512__90ba9c70f846762e\APM.Server.DLL

19:59:24.0405 4184 C:\Windows\assembly\GAC_MSIL\APM.Server\2.0.2819.40512__90ba9c70f846762e\APM.Server.DLL - ok

19:59:24.0436 4184 [ 19BBA8D09B7210A19F5A07C0C6851FD6 ] C:\Windows\assembly\GAC_MSIL\APM.Foundation\2.0.2756.30555__90ba9c70f846762e\APM.Foundation.DLL

19:59:24.0436 4184 C:\Windows\assembly\GAC_MSIL\APM.Foundation\2.0.2756.30555__90ba9c70f846762e\APM.Foundation.DLL - ok

19:59:24.0467 4184 [ 05C245593DCB591A6B38A796D0C1975E ] C:\Windows\Microsoft.NET\Framework\v2.0.50727\csc.exe

19:59:24.0467 4184 C:\Windows\Microsoft.NET\Framework\v2.0.50727\csc.exe - ok

19:59:24.0498 4184 [ 14B1AF40195CF5DB586F39387A77AFB6 ] C:\Windows\Microsoft.NET\Framework\v2.0.50727\cscomp.dll

19:59:24.0498 4184 C:\Windows\Microsoft.NET\Framework\v2.0.50727\cscomp.dll - ok

19:59:24.0514 4184 [ 7A9DE8B16CF183D1038E49C9613275B7 ] C:\Windows\Microsoft.NET\Framework\v2.0.50727\alink.dll

19:59:24.0514 4184 C:\Windows\Microsoft.NET\Framework\v2.0.50727\alink.dll - ok

19:59:24.0529 4184 [ FB875FBE3BD042F6A69A4406178C561B ] C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorpe.dll

19:59:24.0529 4184 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorpe.dll - ok

19:59:24.0561 4184 [ 304503DEE4D3F7989B8660C62CAFAE28 ] C:\Windows\Microsoft.NET\Framework\v2.0.50727\cvtres.exe

19:59:24.0561 4184 C:\Windows\Microsoft.NET\Framework\v2.0.50727\cvtres.exe - ok

19:59:24.0576 4184 [ C0A23B0636A528CE78ABB55331D4620D ] C:\Users\A\Downloads\ComboFix.exe

19:59:24.0576 4184 C:\Users\A\Downloads\ComboFix.exe - ok

19:59:24.0607 4184 [ 57CC979B2A128CA549714CC7A3F8A5E9 ] C:\Windows\assembly\GAC_MSIL\CLI.Component.Systemtray\2.0.2819.40773__90ba9c70f846762e\CLI.Component.Systemtray.DLL

19:59:24.0607 4184 C:\Windows\assembly\GAC_MSIL\CLI.Component.Systemtray\2.0.2819.40773__90ba9c70f846762e\CLI.Component.Systemtray.DLL - ok

19:59:24.0623 4184 [ EC86AAD5219FC2883F67940C818D3DA9 ] C:\Windows\assembly\GAC_MSIL\CLI.Component.Client.Shared.Private\2.0.2756.30554__90ba9c70f846762e\CLI.Component.Client.Shared.Private.DLL

19:59:24.0623 4184 C:\Windows\assembly\GAC_MSIL\CLI.Component.Client.Shared.Private\2.0.2756.30554__90ba9c70f846762e\CLI.Component.Client.Shared.Private.DLL - ok

19:59:24.0639 4184 [ 3C8BB60D7A62EAAD779BAFA2F08427BB ] C:\Users\A\Downloads\SecurityCheck.exe

19:59:24.0639 4184 C:\Users\A\Downloads\SecurityCheck.exe - ok

19:59:24.0654 4184 [ 7DA017FBCD9003D279401B460155ED5A ] C:\Windows\assembly\GAC_MSIL\CLI.Component.Wizard\2.0.2819.40548__90ba9c70f846762e\CLI.Component.Wizard.DLL

19:59:24.0654 4184 C:\Windows\assembly\GAC_MSIL\CLI.Component.Wizard\2.0.2819.40548__90ba9c70f846762e\CLI.Component.Wizard.DLL - ok

19:59:24.0685 4184 [ BE3AB4803C963BE0357541EC3B17D443 ] C:\Users\A\Downloads\aswMBR.exe

19:59:24.0685 4184 C:\Users\A\Downloads\aswMBR.exe - ok

19:59:24.0701 4184 [ 1308C93BAC94C87D360C1D5AB32E27A7 ] C:\Windows\assembly\GAC_MSIL\CLI.Component.Client.Shared\2.0.2756.30543__90ba9c70f846762e\CLI.Component.Client.Shared.DLL

19:59:24.0701 4184 C:\Windows\assembly\GAC_MSIL\CLI.Component.Client.Shared\2.0.2756.30543__90ba9c70f846762e\CLI.Component.Client.Shared.DLL - ok

19:59:24.0732 4184 [ 8633517C5B65AF6D58A84344B03FE26E ] C:\Windows\assembly\GAC_MSIL\CLI.Component.Wizard.Shared\2.0.2756.30556__90ba9c70f846762e\CLI.Component.Wizard.Shared.DLL

19:59:24.0732 4184 C:\Windows\assembly\GAC_MSIL\CLI.Component.Wizard.Shared\2.0.2756.30556__90ba9c70f846762e\CLI.Component.Wizard.Shared.DLL - ok

19:59:24.0748 4184 [ 9090A44920CC7F643CC32AF3C6940E5C ] C:\Windows\System32\rdpdd.dll

19:59:24.0748 4184 C:\Windows\System32\rdpdd.dll - ok

19:59:24.0779 4184 [ 0A7977FF7535F237C8C745AE09887C35 ] C:\Program Files\ATI Technologies\ATI.ACE\Branding\Branding.dll

19:59:24.0779 4184 C:\Program Files\ATI Technologies\ATI.ACE\Branding\Branding.dll - ok

19:59:24.0810 4184 [ 0D6C9B2D323F78EED69A23668CB7B792 ] C:\Windows\assembly\GAC_MSIL\CLI.Component.Wizard.Shared.Private\2.0.2756.30589__90ba9c70f846762e\CLI.Component.Wizard.Shared.Private.DLL

19:59:24.0810 4184 C:\Windows\assembly\GAC_MSIL\CLI.Component.Wizard.Shared.Private\2.0.2756.30589__90ba9c70f846762e\CLI.Component.Wizard.Shared.Private.DLL - ok

19:59:24.0826 4184 [ 4707976BDBA8B5999A0006C7609505CB ] C:\Windows\System32\RDPENCDD.dll

19:59:24.0826 4184 C:\Windows\System32\RDPENCDD.dll - ok

19:59:24.0857 4184 [ 1A63B7DCE37BAFFD8E98F0F2E3BE6658 ] C:\Windows\assembly\GAC_MSIL\CLI.Caste.Graphics.Wizard\2.0.2819.40553__90ba9c70f846762e\CLI.Caste.Graphics.Wizard.DLL

19:59:24.0857 4184 C:\Windows\assembly\GAC_MSIL\CLI.Caste.Graphics.Wizard\2.0.2819.40553__90ba9c70f846762e\CLI.Caste.Graphics.Wizard.DLL - ok

19:59:24.0888 4184 [ 6F5F1236A37D412D94082093DE7D9817 ] C:\Windows\assembly\GAC_MSIL\CLI.Caste.Graphics.Wizard.Shared\2.0.2756.30559__90ba9c70f846762e\CLI.Caste.Graphics.Wizard.Shared.DLL

19:59:24.0888 4184 C:\Windows\assembly\GAC_MSIL\CLI.Caste.Graphics.Wizard.Shared\2.0.2756.30559__90ba9c70f846762e\CLI.Caste.Graphics.Wizard.Shared.DLL - ok

19:59:24.0888 4184 [ 8D2FB68E0380F81E3035A7D8148D31F3 ] C:\Windows\assembly\GAC_MSIL\CLI.Aspect.TransCode.Graphics.Wizard\2.0.2819.40794__90ba9c70f846762e\CLI.Aspect.TransCode.Graphics.Wizard.DLL

19:59:24.0888 4184 C:\Windows\assembly\GAC_MSIL\CLI.Aspect.TransCode.Graphics.Wizard\2.0.2819.40794__90ba9c70f846762e\CLI.Aspect.TransCode.Graphics.Wizard.DLL - ok

19:59:24.0919 4184 [ A0436C2D749D35A72F7EDE16A95EB622 ] C:\Windows\assembly\GAC_MSIL\CLI.Component.Systemtray.resources\2.0.2819.40773_fr_90ba9c70f846762e\CLI.Component.Systemtray.resources.DLL

19:59:24.0919 4184 C:\Windows\assembly\GAC_MSIL\CLI.Component.Systemtray.resources\2.0.2819.40773_fr_90ba9c70f846762e\CLI.Component.Systemtray.resources.DLL - ok

19:59:24.0951 4184 [ A079519FFD3857560FA11EFBA92C0474 ] C:\Users\A\Downloads\adwcleaner0.exe

19:59:24.0951 4184 C:\Users\A\Downloads\adwcleaner0.exe - ok

19:59:24.0966 4184 [ E3B22F5B75B4006B3BB3D5F5D3D71821 ] C:\Users\A\Downloads\RogueKiller.exe

19:59:24.0966 4184 C:\Users\A\Downloads\RogueKiller.exe - ok

19:59:24.0997 4184 [ 2643A1A69688ADF363670B2371F3CEC0 ] C:\Windows\assembly\GAC_MSIL\CLI.Aspect.Radeon3D.Graphics.Wizard\2.0.2819.40733__90ba9c70f846762e\CLI.Aspect.Radeon3D.Graphics.Wizard.DLL

19:59:24.0997 4184 C:\Windows\assembly\GAC_MSIL\CLI.Aspect.Radeon3D.Graphics.Wizard\2.0.2819.40733__90ba9c70f846762e\CLI.Aspect.Radeon3D.Graphics.Wizard.DLL - ok

19:59:25.0013 4184 [ 82FD9FA09ADC80D030A68612897F94DF ] C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DisplaysManager.Graphics.Wizard\2.0.2819.40561__90ba9c70f846762e\CLI.Aspect.DisplaysManager.Graphics.Wizard.DLL

19:59:25.0013 4184 C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DisplaysManager.Graphics.Wizard\2.0.2819.40561__90ba9c70f846762e\CLI.Aspect.DisplaysManager.Graphics.Wizard.DLL - ok

19:59:25.0044 4184 [ 178A34E5554DCE485E1262DDF027960C ] C:\Users\A\Downloads\tdsskiller.exe

19:59:25.0044 4184 C:\Users\A\Downloads\tdsskiller.exe - ok

19:59:25.0060 4184 [ 1D083F8B3E7CD7E4A507D882FF42CDC2 ] C:\Windows\assembly\GAC_MSIL\CLI.Aspect.InfoCentre.Graphics.Wizard\2.0.2819.40573__90ba9c70f846762e\CLI.Aspect.InfoCentre.Graphics.Wizard.DLL

19:59:25.0060 4184 C:\Windows\assembly\GAC_MSIL\CLI.Aspect.InfoCentre.Graphics.Wizard\2.0.2819.40573__90ba9c70f846762e\CLI.Aspect.InfoCentre.Graphics.Wizard.DLL - ok

19:59:25.0091 4184 [ 8DDFDF8A433DC09F92ACA1F3DE4DE067 ] C:\Windows\System32\MediaMetadataHandler.dll

19:59:25.0091 4184 C:\Windows\System32\MediaMetadataHandler.dll - ok

19:59:25.0107 4184 [ E135A0DD7DA6A1E9045A6AC661401754 ] C:\Windows\assembly\GAC_MSIL\CLI.Aspect.TransCode.Graphics.Shared\2.0.2756.30593__90ba9c70f846762e\CLI.Aspect.TransCode.Graphics.Shared.DLL

19:59:25.0107 4184 C:\Windows\assembly\GAC_MSIL\CLI.Aspect.TransCode.Graphics.Shared\2.0.2756.30593__90ba9c70f846762e\CLI.Aspect.TransCode.Graphics.Shared.DLL - ok

19:59:25.0153 4184 [ 74A97243AB81F912EFB1E75C0233CBAE ] C:\Windows\assembly\GAC_MSIL\atixclib\1.0.0.0__90ba9c70f846762e\atixclib.DLL

19:59:25.0153 4184 C:\Windows\assembly\GAC_MSIL\atixclib\1.0.0.0__90ba9c70f846762e\atixclib.DLL - ok

19:59:25.0169 4184 [ 5F1E8E3A01F2F3B96C60180D7105D26A ] C:\Windows\assembly\GAC_MSIL\CLI.Aspect.MMVideo.Graphics.Wizard\2.0.2819.40747__90ba9c70f846762e\CLI.Aspect.MMVideo.Graphics.Wizard.DLL

19:59:25.0169 4184 C:\Windows\assembly\GAC_MSIL\CLI.Aspect.MMVideo.Graphics.Wizard\2.0.2819.40747__90ba9c70f846762e\CLI.Aspect.MMVideo.Graphics.Wizard.DLL - ok

19:59:25.0200 4184 [ 8B6F2F48084248B4D53C3FF417EBB22E ] C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceLCD.Graphics.Wizard\2.0.2819.40591__90ba9c70f846762e\CLI.Aspect.DeviceLCD.Graphics.Wizard.DLL

19:59:25.0200 4184 C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceLCD.Graphics.Wizard\2.0.2819.40591__90ba9c70f846762e\CLI.Aspect.DeviceLCD.Graphics.Wizard.DLL - ok

19:59:25.0231 4184 [ FBCC4BA7C20B9E9C4B396889820482CB ] C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceTV.Graphics.Wizard\2.0.2819.40767__90ba9c70f846762e\CLI.Aspect.DeviceTV.Graphics.Wizard.DLL

19:59:25.0231 4184 C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceTV.Graphics.Wizard\2.0.2819.40767__90ba9c70f846762e\CLI.Aspect.DeviceTV.Graphics.Wizard.DLL - ok

19:59:25.0247 4184 [ D2BE86424EE3C8D08231864B92D5A7E4 ] C:\Windows\assembly\GAC_MSIL\CLI.Component.Dashboard\2.0.2819.40529__90ba9c70f846762e\CLI.Component.Dashboard.DLL

19:59:25.0247 4184 C:\Windows\assembly\GAC_MSIL\CLI.Component.Dashboard\2.0.2819.40529__90ba9c70f846762e\CLI.Component.Dashboard.DLL - ok

19:59:25.0278 4184 [ 54C0A916B847F0A0227A1F2298620F18 ] C:\Windows\assembly\GAC_MSIL\CLI.Component.Dashboard.Shared\2.0.2756.30550__90ba9c70f846762e\CLI.Component.Dashboard.Shared.DLL

19:59:25.0278 4184 C:\Windows\assembly\GAC_MSIL\CLI.Component.Dashboard.Shared\2.0.2756.30550__90ba9c70f846762e\CLI.Component.Dashboard.Shared.DLL - ok

19:59:25.0294 4184 [ C2A5640CF0C9FF9D6FD84DE1DE43F78C ] C:\Windows\assembly\GAC_MSIL\CLI.Component.Dashboard.Shared.Private\2.0.2756.30556__90ba9c70f846762e\CLI.Component.Dashboard.Shared.Private.DLL

19:59:25.0294 4184 C:\Windows\assembly\GAC_MSIL\CLI.Component.Dashboard.Shared.Private\2.0.2756.30556__90ba9c70f846762e\CLI.Component.Dashboard.Shared.Private.DLL - ok

19:59:25.0325 4184 [ 4F0968A0650777BB2DE867B5575E9734 ] C:\Windows\assembly\GAC_MSIL\CLI.Caste.Graphics.Dashboard\2.0.2819.40534__90ba9c70f846762e\CLI.Caste.Graphics.Dashboard.DLL

19:59:25.0325 4184 C:\Windows\assembly\GAC_MSIL\CLI.Caste.Graphics.Dashboard\2.0.2819.40534__90ba9c70f846762e\CLI.Caste.Graphics.Dashboard.DLL - ok

19:59:25.0341 4184 [ F0481CB9450F3C3029CEA349D06D0839 ] C:\Windows\assembly\GAC_MSIL\CLI.Caste.Graphics.Dashboard.Shared\2.0.2756.30577__90ba9c70f846762e\CLI.Caste.Graphics.Dashboard.Shared.DLL

19:59:25.0341 4184 C:\Windows\assembly\GAC_MSIL\CLI.Caste.Graphics.Dashboard.Shared\2.0.2756.30577__90ba9c70f846762e\CLI.Caste.Graphics.Dashboard.Shared.DLL - ok

19:59:25.0372 4184 [ 654C66289E4E2BD79C3A2C7C4D2789AC ] C:\Windows\assembly\GAC_MSIL\CLI.Aspect.Welcome.Graphics.Dashboard\2.0.2819.40801__90ba9c70f846762e\CLI.Aspect.Welcome.Graphics.Dashboard.DLL

19:59:25.0372 4184 C:\Windows\assembly\GAC_MSIL\CLI.Aspect.Welcome.Graphics.Dashboard\2.0.2819.40801__90ba9c70f846762e\CLI.Aspect.Welcome.Graphics.Dashboard.DLL - ok

19:59:25.0387 4184 [ 701A12D148E4852AC23170C97F6EC582 ] C:\Windows\assembly\GAC_MSIL\CLI.Aspect.InfoCentre.Graphics.Dashboard\2.0.2819.40579__90ba9c70f846762e\CLI.Aspect.InfoCentre.Graphics.Dashboard.DLL

19:59:25.0387 4184 C:\Windows\assembly\GAC_MSIL\CLI.Aspect.InfoCentre.Graphics.Dashboard\2.0.2819.40579__90ba9c70f846762e\CLI.Aspect.InfoCentre.Graphics.Dashboard.DLL - ok

19:59:25.0419 4184 [ 61A9EC5B94EC5AE2938430191BC3880F ] C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DisplaysManager.Graphics.Dashboard\2.0.2819.40541__90ba9c70f846762e\CLI.Aspect.DisplaysManager.Graphics.Dashboard.DLL

19:59:25.0419 4184 C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DisplaysManager.Graphics.Dashboard\2.0.2819.40541__90ba9c70f846762e\CLI.Aspect.DisplaysManager.Graphics.Dashboard.DLL - ok

19:59:25.0434 4184 [ DAF60E13E96ECB67F0EDAA89C6B01B8D ] C:\Windows\System32\notepad.exe

19:59:25.0434 4184 C:\Windows\System32\notepad.exe - ok

19:59:25.0450 4184 [ 75FBC776D9A54B9FC90FFB9D9E5DA7FC ] C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DisplaysOptions.Graphics.Dashboard\2.0.2819.40690__90ba9c70f846762e\CLI.Aspect.DisplaysOptions.Graphics.Dashboard.DLL

19:59:25.0450 4184 C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DisplaysOptions.Graphics.Dashboard\2.0.2819.40690__90ba9c70f846762e\CLI.Aspect.DisplaysOptions.Graphics.Dashboard.DLL - ok

19:59:25.0465 4184 [ B0999D633CE245B1C1A0A165FC0B078C ] C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceCRT.Graphics.Dashboard\2.0.2819.40664__90ba9c70f846762e\CLI.Aspect.DeviceCRT.Graphics.Dashboard.DLL

19:59:25.0465 4184 C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceCRT.Graphics.Dashboard\2.0.2819.40664__90ba9c70f846762e\CLI.Aspect.DeviceCRT.Graphics.Dashboard.DLL - ok

19:59:25.0497 4184 [ 1BA792DE35DF283759A382EEF870E503 ] C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceLCD.Graphics.Dashboard\2.0.2819.40709__90ba9c70f846762e\CLI.Aspect.DeviceLCD.Graphics.Dashboard.DLL

19:59:25.0497 4184 C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceLCD.Graphics.Dashboard\2.0.2819.40709__90ba9c70f846762e\CLI.Aspect.DeviceLCD.Graphics.Dashboard.DLL - ok

19:59:25.0528 4184 [ A74BF2CB7A2D4916DD0C252753AD5AE9 ] C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceTV.Graphics.Dashboard\2.0.2819.40761__90ba9c70f846762e\CLI.Aspect.DeviceTV.Graphics.Dashboard.DLL

19:59:25.0528 4184 C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceTV.Graphics.Dashboard\2.0.2819.40761__90ba9c70f846762e\CLI.Aspect.DeviceTV.Graphics.Dashboard.DLL - ok

19:59:25.0543 4184 [ CC4B09E7D7060AB2A7D31974497403E9 ] C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceDFP.Graphics.Dashboard\2.0.2819.40657__90ba9c70f846762e\CLI.Aspect.DeviceDFP.Graphics.Dashboard.DLL

19:59:25.0543 4184 C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceDFP.Graphics.Dashboard\2.0.2819.40657__90ba9c70f846762e\CLI.Aspect.DeviceDFP.Graphics.Dashboard.DLL - ok

19:59:25.0559 4184 [ F3E144B2B0E18E77E4781462A93D034A ] C:\Windows\assembly\GAC_MSIL\CLI.Aspect.Radeon3D.Graphics.Dashboard\2.0.2819.40728__90ba9c70f846762e\CLI.Aspect.Radeon3D.Graphics.Dashboard.DLL

19:59:25.0559 4184 C:\Windows\assembly\GAC_MSIL\CLI.Aspect.Radeon3D.Graphics.Dashboard\2.0.2819.40728__90ba9c70f846762e\CLI.Aspect.Radeon3D.Graphics.Dashboard.DLL - ok

19:59:25.0590 4184 [ 151E0C1186E541DC0CD70E3EDFAA61E2 ] C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DisplaysColour2.Graphics.Dashboard\2.0.2819.40585__90ba9c70f846762e\CLI.Aspect.DisplaysColour2.Graphics.Dashboard.DLL

19:59:25.0590 4184 C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DisplaysColour2.Graphics.Dashboard\2.0.2819.40585__90ba9c70f846762e\CLI.Aspect.DisplaysColour2.Graphics.Dashboard.DLL - ok

19:59:25.0621 4184 [ B6113FEDE615465654E37DD6E81722BA ] C:\Windows\assembly\GAC_MSIL\CLI.Aspect.MMVideo.Graphics.Dashboard\2.0.2819.40671__90ba9c70f846762e\CLI.Aspect.MMVideo.Graphics.Dashboard.DLL

19:59:25.0621 4184 C:\Windows\assembly\GAC_MSIL\CLI.Aspect.MMVideo.Graphics.Dashboard\2.0.2819.40671__90ba9c70f846762e\CLI.Aspect.MMVideo.Graphics.Dashboard.DLL - ok

19:59:25.0637 4184 [ B5DAF7D554228A2B0F36E1EE3126DD07 ] C:\Windows\assembly\GAC_MSIL\CLI.Aspect.PowerPlayDPPE.Graphics.Dashboard\2.0.2819.40788__90ba9c70f846762e\CLI.Aspect.PowerPlayDPPE.Graphics.Dashboard.DLL

19:59:25.0637 4184 C:\Windows\assembly\GAC_MSIL\CLI.Aspect.PowerPlayDPPE.Graphics.Dashboard\2.0.2819.40788__90ba9c70f846762e\CLI.Aspect.PowerPlayDPPE.Graphics.Dashboard.DLL - ok

19:59:25.0668 4184 [ 7D80F287AEEDD39C03E118E0EBD3311E ] C:\Windows\System32\zipfldr.dll

19:59:25.0668 4184 C:\Windows\System32\zipfldr.dll - ok

19:59:25.0684 4184 [ 5FA382106B145A920E2A4F7087AF1B90 ] C:\Windows\System32\wbem\wmipcima.dll

19:59:25.0684 4184 C:\Windows\System32\wbem\wmipcima.dll - ok

19:59:25.0699 4184 [ 178A34E5554DCE485E1262DDF027960C ] C:\Users\A\Desktop\tdsskiller.exe

19:59:25.0699 4184 C:\Users\A\Desktop\tdsskiller.exe - ok

19:59:25.0716 4184 [ 178A34E5554DCE485E1262DDF027960C ] C:\Windows\temp\tds9819.tmp

19:59:25.0716 4184 C:\Windows\temp\tds9819.tmp - ok

19:59:25.0729 4184 [ 2A8681AEA24003040CA7D677BE9F1702 ] C:\Windows\System32\drivers\66522224.sys

19:59:25.0730 4184 C:\Windows\System32\drivers\66522224.sys - ok

19:59:25.0755 4184 [ 5DFE72B9F1FF669070FC032090B7B982 ] C:\Program Files\Common Files\Java\Java Update\jucheck.exe

19:59:25.0755 4184 C:\Program Files\Common Files\Java\Java Update\jucheck.exe - ok

19:59:25.0776 4184 ============================================================

19:59:25.0776 4184 Scan finished

19:59:25.0776 4184 ============================================================

19:59:25.0868 5816 Detected object count: 4

19:59:25.0868 5816 Actual detected object count: 4

20:00:39.0527 5816 C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe - copied to quarantine

20:00:39.0558 5816 CFSvcs ( UnsignedFile.Multi.Generic ) - User select action: Quarantine

20:00:39.0636 5816 C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe - copied to quarantine

20:00:39.0683 5816 IDriverT ( UnsignedFile.Multi.Generic ) - User select action: Quarantine

20:00:39.0730 5816 C:\Program Files\TOSHIBA\TOSHIBA HD DVD PLAYER\TNaviSrv.exe - copied to quarantine

20:00:39.0761 5816 TNaviSrv ( UnsignedFile.Multi.Generic ) - User select action: Quarantine

20:00:39.0839 5816 C:\Windows\system32\TODDSrv.exe - copied to quarantine

20:00:39.0886 5816 TODDSrv ( UnsignedFile.Multi.Generic ) - User select action: Quarantine

20:01:02.0175 1436 Deinitialize success

Link to post
Share on other sites

  • Staff

Hello

Lets get a deeper look into the system and see if something shows up.

Download and run OTL

Download OTL by Old Timer and save it to your Desktop.

  • Double click on OTL.exe to run it.
  • Under Output, ensure that Minimal Output is selected.
  • Under Extra Registry section, select Use SafeList.
  • Click the Scan All Users checkbox.
  • Click on Run Scan at the top left hand corner.
  • When done, two Notepad files will open.
    • OTL.txt <-- Will be opened and the that I need posted back here
    • Extra.txt <-- Will be minimized - save this one on your desktop in case I ask for it later

    [*]Please post the contents of OTL.txt in your next reply.

Gringo

Link to post
Share on other sites

here it is ( please note that i changed several file names that appeared at the end of the report)

=============================

OTL logfile created on: 16/02/2013 10:01:12 - Run 1

OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\A\Desktop

Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation

Internet Explorer (Version = 9.0.8112.16421)

Locale: 0000040C | Country: France | Language: FRA | Date Format: dd/MM/yyyy

2,00 Gb Total Physical Memory | 0,88 Gb Available Physical Memory | 44,13% Memory free

4,23 Gb Paging File | 2,81 Gb Available in Paging File | 66,33% Paging File free

Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files

Drive C: | 140,62 Gb Total Space | 90,23 Gb Free Space | 64,16% Space Free | Partition Type: NTFS

Drive E: | 90,79 Gb Total Space | 69,02 Gb Free Space | 76,02% Space Free | Partition Type: NTFS

Computer Name: PC-DE-A | User Name: A | Logged in as Administrator.

Boot Mode: Normal | Scan Mode: All users

Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 360 Days

========== Processes (SafeList) ==========

PRC - C:\Users\A\Desktop\OTL.exe (OldTimer Tools)

PRC - C:\Windows\System32\Macromed\Flash\FlashPlayerPlugin_11_5_502_149.exe (Adobe Systems, Inc.)

PRC - E:\Bac\Program Files\Firefox\firefox.exe (Mozilla Corporation)

PRC - E:\Bac\Program Files\Firefox\plugin-container.exe (Mozilla Corporation)

PRC - C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe (Adobe Systems Incorporated)

PRC - C:\Program Files\AVAST Software\Avast\AvastUI.exe (AVAST Software)

PRC - C:\Program Files\AVAST Software\Avast\AvastSvc.exe (AVAST Software)

PRC - C:\Program Files\AVAST Software\Avast\afwServ.exe (AVAST Software)

PRC - C:\Program Files\OpenOffice.org 3\program\soffice.exe (OpenOffice.org)

PRC - C:\Program Files\OpenOffice.org 3\program\soffice.bin (OpenOffice.org)

PRC - C:\Program Files\DivX\DivX Update\DivXUpdate.exe ()

PRC - C:\Program Files\Wetelecom\LoadMdm.exe (TODO: <Company name>)

PRC - C:\Windows\explorer.exe (Microsoft Corporation)

PRC - C:\Windows\System32\conime.exe (Microsoft Corporation)

PRC - C:\Program Files\Synaptics\SynTP\SynToshiba.exe (Synaptics Incorporated)

PRC - C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe (Yahoo! Inc.)

PRC - C:\Program Files\Windows Mail\WinMail.exe (Microsoft Corporation)

PRC - C:\Program Files\TOSHIBA\TOSHIBA HD DVD PLAYER\TNaviSrv.exe (TOSHIBA Corporation)

PRC - C:\Windows\RtHDVCpl.exe (Realtek Semiconductor)

PRC - C:\Program Files\TOSHIBA\ConfigFree\NDSTray.exe (TOSHIBA CORPORATION)

PRC - C:\Program Files\TOSHIBA\Toshiba Online Product Information\TOPI.exe (TOSHIBA)

PRC - C:\Program Files\TOSHIBA\ConfigFree\CFSwMgr.exe (TOSHIBA CORPORATION)

PRC - C:\Program Files\IDM\Desktop SMS\DesktopSMS.exe (Interactive Digital Media)

PRC - C:\Program Files\TOSHIBA\FlashCards\TCrdMain.exe (TOSHIBA Corporation)

PRC - C:\Program Files\Camera Assistant Software for Toshiba\CEC_MAIN.exe ()

PRC - C:\Program Files\Camera Assistant Software for Toshiba\traybar.exe (Chicony)

PRC - C:\Program Files\TOSHIBA\SmoothView\SmoothView.exe (TOSHIBA Corporation)

PRC - C:\Program Files\TOSHIBA\Power Saver\TosCoSrv.exe (TOSHIBA Corporation)

PRC - C:\Program Files\TOSHIBA\Power Saver\TPwrMain.exe (TOSHIBA Corporation)

PRC - c:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtHsp.exe (TOSHIBA CORPORATION.)

PRC - c:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosA2dp.exe (TOSHIBA CORPORATION.)

PRC - C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtMng.exe (TOSHIBA CORPORATION.)

PRC - c:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtSrv.exe (TOSHIBA CORPORATION)

PRC - C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTMon.exe (Intel Corporation)

PRC - C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe (Intel Corporation)

PRC - C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe (TOSHIBA CORPORATION)

PRC - C:\Program Files\TOSHIBA\TOSCDSPD\TOSCDSPD.exe (TOSHIBA)

PRC - C:\Program Files\TOSHIBA\Utilities\KeNotify.exe ()

PRC - C:\Windows\System32\agrsmsvc.exe (Agere Systems)

PRC - C:\Windows\System32\lxctcoms.exe ( )

PRC - C:\Windows\System32\TODDSrv.exe (TOSHIBA Corporation)

PRC - c:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtHid.exe (TOSHIBA CORPORATION.)

========== Modules (No Company Name) ==========

MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Web\421cb77e6a4c21f94e3c5ddf766de23b\System.Web.ni.dll ()

MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\TCrdMain\8bdc0fd7faad9446b2823a50a4708e7b\TCrdMain.ni.exe ()

MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\e64304962098e90f0d3f4c33c1b080a6\System.Windows.Forms.ni.dll ()

MOD - C:\Windows\System32\Macromed\Flash\NPSWF32_11_5_502_149.dll ()

MOD - E:\Bac\Program Files\Firefox\mozjs.dll ()

MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Management\f042f66c2ad8fd5b8c34fa22cd22079e\System.Management.ni.dll ()

MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Remo#\b5df40c22ab563a816103629e2ca99d4\System.Runtime.Remoting.ni.dll ()

MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\004bc6615f9c06df5c98859d35149fe6\System.Configuration.ni.dll ()

MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml\b757806657fa5db2b1ed1a89b026b463\System.Xml.ni.dll ()

MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\78157a494dc9a7e52be8840decfcd9cc\System.Drawing.ni.dll ()

MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\4d2c890606d2a3a43a90684115bfccfc\PresentationFramework.Aero.ni.dll ()

MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\668c039655437b25586280e1fbff8ef0\PresentationFramework.ni.dll ()

MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\PresentationCore\a8080296b18898342ce986091c08b0a4\PresentationCore.ni.dll ()

MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\WindowsBase\9126f2ff9fd9c05900f67e963ccc27ef\WindowsBase.ni.dll ()

MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System\cc149d08e75f8c53cd28ac926b38c370\System.ni.dll ()

MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\2227d1559f87943255069398608d5c56\mscorlib.ni.dll ()

MOD - C:\Program Files\OpenOffice.org 3\program\libxml2.dll ()

MOD - C:\Program Files\DivX\DivX Update\DivXUpdateCheck.dll ()

MOD - C:\Program Files\DivX\DivX Update\DivXUpdate.exe ()

MOD - C:\Windows\assembly\GAC_MSIL\CLI.Caste.Graphics.Runtime\2.0.2819.40521__90ba9c70f846762e\CLI.Caste.Graphics.Runtime.dll ()

MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.InfoCentre.Graphics.Wizard\2.0.2819.40573__90ba9c70f846762e\CLI.Aspect.InfoCentre.Graphics.Wizard.dll ()

MOD - C:\Windows\assembly\GAC_MSIL\CLI.Caste.Graphics.Wizard\2.0.2819.40553__90ba9c70f846762e\CLI.Caste.Graphics.Wizard.dll ()

MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DisplaysManager.Graphics.Wizard\2.0.2819.40561__90ba9c70f846762e\CLI.Aspect.DisplaysManager.Graphics.Wizard.dll ()

MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceTV.Graphics.Wizard\2.0.2819.40767__90ba9c70f846762e\CLI.Aspect.DeviceTV.Graphics.Wizard.dll ()

MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceTV.Graphics.Runtime\2.0.2819.40760__90ba9c70f846762e\CLI.Aspect.DeviceTV.Graphics.Runtime.dll ()

MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceCV.Graphics.Runtime\2.0.2819.40720__90ba9c70f846762e\CLI.Aspect.DeviceCV.Graphics.Runtime.dll ()

MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceProperty.Graphics.Runtime\2.0.2819.40662__90ba9c70f846762e\CLI.Aspect.DeviceProperty.Graphics.Runtime.dll ()

MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.HotkeysHandling.Graphics.Runtime\2.0.2819.40540__90ba9c70f846762e\CLI.Aspect.HotkeysHandling.Graphics.Runtime.dll ()

MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.TransCode.Graphics.Wizard\2.0.2819.40794__90ba9c70f846762e\CLI.Aspect.TransCode.Graphics.Wizard.dll ()

MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.Radeon3D.Graphics.Dashboard\2.0.2819.40728__90ba9c70f846762e\CLI.Aspect.Radeon3D.Graphics.Dashboard.dll ()

MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.PowerPlayDPPE.Graphics.Dashboard\2.0.2819.40788__90ba9c70f846762e\CLI.Aspect.PowerPlayDPPE.Graphics.Dashboard.dll ()

MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.Welcome.Graphics.Dashboard\2.0.2819.40801__90ba9c70f846762e\CLI.Aspect.Welcome.Graphics.Dashboard.dll ()

MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.Radeon3D.Graphics.Wizard\2.0.2819.40733__90ba9c70f846762e\CLI.Aspect.Radeon3D.Graphics.Wizard.dll ()

MOD - C:\Windows\assembly\GAC_MSIL\CLI.Caste.Graphics.Dashboard\2.0.2819.40534__90ba9c70f846762e\CLI.Caste.Graphics.Dashboard.dll ()

MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.Radeon3D.Graphics.Runtime\2.0.2819.40727__90ba9c70f846762e\CLI.Aspect.Radeon3D.Graphics.Runtime.dll ()

MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.PowerPlayDPPE.Graphics.Runtime\2.0.2819.40788__90ba9c70f846762e\CLI.Aspect.PowerPlayDPPE.Graphics.Runtime.dll ()

MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceTV.Graphics.Dashboard\2.0.2819.40761__90ba9c70f846762e\CLI.Aspect.DeviceTV.Graphics.Dashboard.dll ()

MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.MMVideo.Graphics.Dashboard\2.0.2819.40671__90ba9c70f846762e\CLI.Aspect.MMVideo.Graphics.Dashboard.dll ()

MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DisplaysColour2.Graphics.Dashboard\2.0.2819.40585__90ba9c70f846762e\CLI.Aspect.DisplaysColour2.Graphics.Dashboard.dll ()

MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DisplaysManager.Graphics.Dashboard\2.0.2819.40541__90ba9c70f846762e\CLI.Aspect.DisplaysManager.Graphics.Dashboard.dll ()

MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.MMVideo.Graphics.Wizard\2.0.2819.40747__90ba9c70f846762e\CLI.Aspect.MMVideo.Graphics.Wizard.dll ()

MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceLCD.Graphics.Wizard\2.0.2819.40591__90ba9c70f846762e\CLI.Aspect.DeviceLCD.Graphics.Wizard.dll ()

MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.InfoCentre.Graphics.Dashboard\2.0.2819.40579__90ba9c70f846762e\CLI.Aspect.InfoCentre.Graphics.Dashboard.dll ()

MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DisplaysOptions.Graphics.Dashboard\2.0.2819.40690__90ba9c70f846762e\CLI.Aspect.DisplaysOptions.Graphics.Dashboard.dll ()

MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.MMVideo.Graphics.Runtime\2.0.2819.40670__90ba9c70f846762e\CLI.Aspect.MMVideo.Graphics.Runtime.dll ()

MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DisplaysColour2.Graphics.Runtime\2.0.2819.40590__90ba9c70f846762e\CLI.Aspect.DisplaysColour2.Graphics.Runtime.dll ()

MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DisplaysOptions.Graphics.Runtime\2.0.2819.40689__90ba9c70f846762e\CLI.Aspect.DisplaysOptions.Graphics.Runtime.dll ()

MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceCRT.Graphics.Dashboard\2.0.2819.40664__90ba9c70f846762e\CLI.Aspect.DeviceCRT.Graphics.Dashboard.dll ()

MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceLCD.Graphics.Dashboard\2.0.2819.40709__90ba9c70f846762e\CLI.Aspect.DeviceLCD.Graphics.Dashboard.dll ()

MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceDFP.Graphics.Dashboard\2.0.2819.40657__90ba9c70f846762e\CLI.Aspect.DeviceDFP.Graphics.Dashboard.dll ()

MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceDFP.Graphics.Runtime\2.0.2819.40662__90ba9c70f846762e\CLI.Aspect.DeviceDFP.Graphics.Runtime.dll ()

MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceCRT.Graphics.Runtime\2.0.2819.40670__90ba9c70f846762e\CLI.Aspect.DeviceCRT.Graphics.Runtime.dll ()

MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceLCD.Graphics.Runtime\2.0.2819.40708__90ba9c70f846762e\CLI.Aspect.DeviceLCD.Graphics.Runtime.dll ()

MOD - C:\Windows\assembly\GAC_MSIL\AEM.Plugin.Hotkeys.Shared\2.0.2756.30551__90ba9c70f846762e\AEM.Plugin.Hotkeys.Shared.dll ()

MOD - C:\Windows\assembly\GAC_MSIL\AEM.Actions.CCAA.Shared\2.0.2756.30547__90ba9c70f846762e\AEM.Actions.CCAA.Shared.dll ()

MOD - C:\Windows\assembly\GAC_MSIL\AEM.Plugin.GD.Shared\2.0.2756.30563__90ba9c70f846762e\AEM.Plugin.GD.Shared.dll ()

MOD - C:\Windows\assembly\GAC_MSIL\AEM.Plugin.EEU.Shared\2.0.2756.30557__90ba9c70f846762e\AEM.Plugin.EEU.Shared.dll ()

MOD - C:\Windows\assembly\GAC_MSIL\AEM.Plugin.DPPE.Shared\2.0.2756.30563__90ba9c70f846762e\AEM.Plugin.DPPE.Shared.dll ()

MOD - C:\Windows\assembly\GAC_MSIL\LOG.Foundation\2.0.2756.30535__90ba9c70f846762e\LOG.Foundation.dll ()

MOD - C:\Windows\assembly\GAC_MSIL\NEWAEM.Foundation\2.0.2756.30541__90ba9c70f846762e\NEWAEM.Foundation.dll ()

MOD - C:\Windows\assembly\GAC_MSIL\DEM.OS.I0602\2.0.2756.30590__90ba9c70f846762e\DEM.OS.I0602.dll ()

MOD - C:\Windows\assembly\GAC_MSIL\MOM.Foundation\2.0.2756.30554__90ba9c70f846762e\MOM.Foundation.dll ()

MOD - C:\Windows\assembly\GAC_MSIL\atixclib\1.0.0.0__90ba9c70f846762e\atixclib.dll ()

MOD - C:\Windows\assembly\GAC_MSIL\CLI.Caste.Graphics.Shared\2.0.2756.30548__90ba9c70f846762e\CLI.Caste.Graphics.Shared.dll ()

MOD - C:\Windows\assembly\GAC_MSIL\CLI.Foundation\2.0.2756.30538__90ba9c70f846762e\CLI.Foundation.dll ()

MOD - C:\Windows\assembly\GAC_MSIL\DEM.Graphics.I0601\2.0.2573.17685__90ba9c70f846762e\DEM.Graphics.I0601.dll ()

MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.TransCode.Graphics.Shared\2.0.2756.30593__90ba9c70f846762e\CLI.Aspect.TransCode.Graphics.Shared.dll ()

MOD - C:\Windows\assembly\GAC_MSIL\CLI.Foundation.XManifest\2.0.2756.30635__90ba9c70f846762e\CLI.Foundation.XManifest.dll ()

MOD - C:\Windows\assembly\GAC_MSIL\CLI.Component.Wizard.Shared\2.0.2756.30556__90ba9c70f846762e\CLI.Component.Wizard.Shared.dll ()

MOD - C:\Windows\assembly\GAC_MSIL\CLI.Component.Dashboard.Shared\2.0.2756.30550__90ba9c70f846762e\CLI.Component.Dashboard.Shared.dll ()

MOD - C:\Windows\assembly\GAC_MSIL\CLI.Component.Client.Shared\2.0.2756.30543__90ba9c70f846762e\CLI.Component.Client.Shared.dll ()

MOD - C:\Windows\assembly\GAC_MSIL\DEM.OS\2.0.2756.30578__90ba9c70f846762e\DEM.OS.dll ()

MOD - C:\Windows\assembly\GAC_MSIL\DEM.Graphics.I0706\2.0.2743.23304__90ba9c70f846762e\DEM.Graphics.I0706.dll ()

MOD - C:\Windows\assembly\GAC_MSIL\DEM.Graphics\2.0.2756.30588__90ba9c70f846762e\DEM.Graphics.dll ()

MOD - C:\Windows\assembly\GAC_MSIL\DEM.Foundation\2.0.2573.17684__90ba9c70f846762e\DEM.Foundation.dll ()

MOD - C:\Windows\assembly\GAC_MSIL\CLI.Component.Runtime.Shared\2.0.2756.30552__90ba9c70f846762e\CLI.Component.Runtime.Shared.dll ()

MOD - C:\Windows\assembly\GAC_MSIL\CLI.Caste.Graphics.Wizard.Shared\2.0.2756.30559__90ba9c70f846762e\CLI.Caste.Graphics.Wizard.Shared.dll ()

MOD - C:\Windows\assembly\GAC_MSIL\CLI.Caste.Graphics.Dashboard.Shared\2.0.2756.30577__90ba9c70f846762e\CLI.Caste.Graphics.Dashboard.Shared.dll ()

MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceTV.Graphics.Shared\2.0.2756.30568__90ba9c70f846762e\CLI.Aspect.DeviceTV.Graphics.Shared.dll ()

MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.Radeon3D.Graphics.Shared\2.0.2756.30568__90ba9c70f846762e\CLI.Aspect.Radeon3D.Graphics.Shared.dll ()

MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.MMVideo.Graphics.Shared\2.0.2756.30564__90ba9c70f846762e\CLI.Aspect.MMVideo.Graphics.Shared.dll ()

MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DisplaysColour2.Graphics.Shared\2.0.2756.30560__90ba9c70f846762e\CLI.Aspect.DisplaysColour2.Graphics.Shared.dll ()

MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.PowerPlayDPPE.Graphics.Shared\2.0.2756.30592__90ba9c70f846762e\CLI.Aspect.PowerPlayDPPE.Graphics.Shared.dll ()

MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DisplaysOptions.Graphics.Shared\2.0.2756.30565__90ba9c70f846762e\CLI.Aspect.DisplaysOptions.Graphics.Shared.dll ()

MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.HotkeysHandling.Graphics.Shared\2.0.2756.30559__90ba9c70f846762e\CLI.Aspect.HotkeysHandling.Graphics.Shared.dll ()

MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceCRT.Graphics.Shared\2.0.2756.30564__90ba9c70f846762e\CLI.Aspect.DeviceCRT.Graphics.Shared.dll ()

MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceDFP.Graphics.Shared\2.0.2756.30590__90ba9c70f846762e\CLI.Aspect.DeviceDFP.Graphics.Shared.dll ()

MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceCV.Graphics.Shared\2.0.2756.30567__90ba9c70f846762e\CLI.Aspect.DeviceCV.Graphics.Shared.dll ()

MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceProperty.Graphics.Shared\2.0.2756.30558__90ba9c70f846762e\CLI.Aspect.DeviceProperty.Graphics.Shared.dll ()

MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceLCD.Graphics.Shared\2.0.2756.30562__90ba9c70f846762e\CLI.Aspect.DeviceLCD.Graphics.Shared.dll ()

MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.CustomFormats.Graphics.Shared\2.0.2756.30558__90ba9c70f846762e\CLI.Aspect.CustomFormats.Graphics.Shared.dll ()

MOD - C:\Windows\assembly\GAC_MSIL\AEM.Foundation\2.0.2756.30537__90ba9c70f846762e\AEM.Foundation.dll ()

MOD - C:\Windows\assembly\GAC_MSIL\ACE.Graphics.DisplaysManager.Shared\2.0.2573.17685__90ba9c70f846762e\ACE.Graphics.DisplaysManager.Shared.dll ()

MOD - C:\Windows\assembly\GAC_MSIL\APM.Foundation\2.0.2756.30555__90ba9c70f846762e\APM.Foundation.dll ()

MOD - C:\Windows\assembly\GAC_MSIL\AEM.Server.Shared\2.0.2756.30551__90ba9c70f846762e\AEM.Server.Shared.dll ()

MOD - C:\Windows\assembly\GAC_MSIL\CLI.Component.Systemtray.resources\2.0.2819.40773_fr_90ba9c70f846762e\CLI.Component.Systemtray.resources.dll ()

MOD - C:\Windows\assembly\GAC_MSIL\AEM.Plugin.Source.Kit.Server\2.0.2819.40823__90ba9c70f846762e\AEM.Plugin.Source.Kit.Server.dll ()

MOD - C:\Windows\assembly\GAC_MSIL\CLI.Component.Dashboard\2.0.2819.40529__90ba9c70f846762e\CLI.Component.Dashboard.dll ()

MOD - C:\Windows\assembly\GAC_MSIL\CLI.Component.Wizard\2.0.2819.40548__90ba9c70f846762e\CLI.Component.Wizard.dll ()

MOD - C:\Windows\assembly\GAC_MSIL\CLI.Component.Systemtray\2.0.2819.40773__90ba9c70f846762e\CLI.Component.Systemtray.dll ()

MOD - C:\Windows\assembly\GAC_MSIL\MOM.Implementation\2.0.2819.40781__90ba9c70f846762e\MOM.Implementation.dll ()

MOD - C:\Windows\assembly\GAC_MSIL\CLI.Component.Runtime\2.0.2819.40514__90ba9c70f846762e\CLI.Component.Runtime.dll ()

MOD - C:\Windows\assembly\GAC_MSIL\ATIDEMOS\2.0.2819.40514__90ba9c70f846762e\ATIDEMOS.dll ()

MOD - C:\Windows\assembly\GAC_MSIL\LOG.Foundation.Implementation\2.0.2819.40779__90ba9c70f846762e\LOG.Foundation.Implementation.dll ()

MOD - C:\Windows\assembly\GAC_MSIL\APM.Server\2.0.2819.40512__90ba9c70f846762e\APM.Server.dll ()

MOD - C:\Windows\assembly\GAC_MSIL\AEM.Server\2.0.2819.40513__90ba9c70f846762e\AEM.Server.dll ()

MOD - C:\Windows\assembly\GAC_MSIL\CLI.Foundation.Private\2.0.2756.30545__90ba9c70f846762e\CLI.Foundation.Private.dll ()

MOD - C:\Windows\assembly\GAC_MSIL\CLI.Component.Runtime.Shared.Private\2.0.2756.30555__90ba9c70f846762e\CLI.Component.Runtime.Shared.Private.dll ()

MOD - C:\Windows\assembly\GAC_MSIL\CLI.Component.Client.Shared.Private\2.0.2756.30554__90ba9c70f846762e\CLI.Component.Client.Shared.Private.dll ()

MOD - C:\Windows\assembly\GAC_MSIL\LOG.Foundation.Private\2.0.2756.30543__90ba9c70f846762e\LOG.Foundation.Private.dll ()

MOD - C:\Windows\assembly\GAC_MSIL\CCC.Implementation\2.0.2819.40780__90ba9c70f846762e\CCC.Implementation.dll ()

MOD - C:\Windows\assembly\GAC_MSIL\ATICCCom\2.0.0.0__90ba9c70f846762e\ATICCCom.dll ()

MOD - C:\Windows\assembly\GAC_MSIL\CLI.Component.Wizard.Shared.Private\2.0.2756.30589__90ba9c70f846762e\CLI.Component.Wizard.Shared.Private.dll ()

MOD - C:\Windows\assembly\GAC_MSIL\LOG.Foundation.Implementation.Private\2.0.2756.30556__90ba9c70f846762e\LOG.Foundation.Implementation.Private.dll ()

MOD - C:\Windows\assembly\GAC_MSIL\CLI.Component.Dashboard.Shared.Private\2.0.2756.30556__90ba9c70f846762e\CLI.Component.Dashboard.Shared.Private.dll ()

MOD - C:\Windows\assembly\GAC_MSIL\CLI.Caste.Graphics.Runtime.Shared.Private\2.0.2756.30578__90ba9c70f846762e\CLI.Caste.Graphics.Runtime.Shared.Private.dll ()

MOD - C:\Windows\assembly\GAC_MSIL\CLI.Component.Runtime.Extension.EEU\2.0.2819.40513__90ba9c70f846762e\CLI.Component.Runtime.Extension.EEU.dll ()

MOD - C:\Windows\assembly\GAC_MSIL\System.Windows.Forms.resources\2.0.0.0_fr_b77a5c561934e089\System.Windows.Forms.resources.dll ()

MOD - C:\Windows\assembly\GAC_MSIL\mscorlib.resources\2.0.0.0_fr_b77a5c561934e089\mscorlib.resources.dll ()

MOD - C:\Windows\assembly\GAC_MSIL\System.resources\2.0.0.0_fr_b77a5c561934e089\System.resources.dll ()

MOD - C:\Windows\System32\atitmmxx.dll ()

MOD - C:\Program Files\TOSHIBA\FlashCards\fr\TCrdMain.resources.dll ()

MOD - C:\Program Files\ATI Technologies\ATI.ACE\Branding\Branding.dll ()

MOD - C:\Program Files\Camera Assistant Software for Toshiba\CEC_MAIN.exe ()

MOD - C:\Program Files\IDM\Desktop SMS\oehook.dll ()

MOD - C:\Program Files\Toshiba\TBS\NotifyTBS.dll ()

MOD - C:\Program Files\TOSHIBA\FlashCards\TWarnMsg\TWarnMsg.dll ()

MOD - C:\Program Files\Toshiba\PCDiag\NotifyPCD.dll ()

MOD - C:\Program Files\TOSHIBA\Utilities\KeNotify.exe ()

MOD - C:\Program Files\TOSHIBA\TOSHIBA Assist\NotifyX.dll ()

MOD - C:\Program Files\TOSHIBA\TOSHIBA Disc Creator\NotifyTDC.dll ()

MOD - C:\Windows\System32\TosCommAPI.dll ()

========== Services (SafeList) ==========

SRV - (AdobeFlashPlayerUpdateSvc) -- C:\Windows\System32\Macromed\Flash\FlashPlayerUpdateService.exe (Adobe Systems Incorporated)

SRV - (SkypeUpdate) -- C:\Program Files\Skype\Updater\Updater.exe (Skype Technologies)

SRV - (AdobeARMservice) -- C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe (Adobe Systems Incorporated)

SRV - (avast! Antivirus) -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe (AVAST Software)

SRV - (avast! Firewall) -- C:\Program Files\AVAST Software\Avast\afwServ.exe (AVAST Software)

SRV - (YahooAUService) -- C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe (Yahoo! Inc.)

SRV - (WinDefend) -- C:\Program Files\Windows Defender\mpsvc.dll (Microsoft Corporation)

SRV - (TNaviSrv) -- C:\Program Files\TOSHIBA\TOSHIBA HD DVD PLAYER\TNaviSrv.exe (TOSHIBA Corporation)

SRV - (TosCoSrv) -- C:\Program Files\TOSHIBA\Power Saver\TosCoSrv.exe (TOSHIBA Corporation)

SRV - (TOSHIBA Bluetooth Service) -- c:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtSrv.exe (TOSHIBA CORPORATION)

SRV - (IAANTMON) -- C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTMon.exe (Intel Corporation)

SRV - (CFSvcs) -- C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe (TOSHIBA CORPORATION)

SRV - (AgereModemAudio) -- C:\Windows\System32\agrsmsvc.exe (Agere Systems)

SRV - (lxct_device) -- C:\Windows\System32\lxctcoms.exe ( )

SRV - (TODDSrv) -- C:\Windows\System32\TODDSrv.exe (TOSHIBA Corporation)

========== Driver Services (SafeList) ==========

DRV - (TpChoice) -- system32\DRIVERS\TpChoice.sys File not found

DRV - (NwlnkFwd) -- system32\DRIVERS\nwlnkfwd.sys File not found

DRV - (NwlnkFlt) -- system32\DRIVERS\nwlnkflt.sys File not found

DRV - (IpInIp) -- system32\DRIVERS\ipinip.sys File not found

DRV - (catchme) -- C:\Users\A\AppData\Local\Temp\catchme.sys File not found

DRV - (blbdrive) -- C:\Windows\system32\drivers\blbdrive.sys File not found

DRV - (aswSnx) -- C:\Windows\System32\drivers\aswSnx.sys (AVAST Software)

DRV - (aswSP) -- C:\Windows\System32\drivers\aswSP.sys (AVAST Software)

DRV - (aswNdis2) -- C:\Windows\System32\drivers\aswNdis2.sys (AVAST Software)

DRV - (aswTdi) -- C:\Windows\System32\drivers\aswTdi.sys (AVAST Software)

DRV - (aswRdr) -- C:\Windows\System32\drivers\aswRdr.sys (AVAST Software)

DRV - (aswMonFlt) -- C:\Windows\System32\drivers\aswMonFlt.sys (AVAST Software)

DRV - (aswFW) -- C:\Windows\System32\drivers\aswFW.sys (AVAST Software)

DRV - (aswFsBlk) -- C:\Windows\System32\drivers\aswFsBlk.sys (AVAST Software)

DRV - (aswKbd) -- C:\Windows\System32\drivers\aswKbd.sys (AVAST Software)

DRV - (aswNdis) -- C:\Windows\System32\drivers\aswNdis.sys (ALWIL Software)

DRV - (wmdusbser) -- C:\Windows\System32\drivers\wmdusbser.sys (WeTelecom Incorporated)

DRV - (NETw5v32) -- C:\Windows\System32\drivers\NETw5v32.sys (Intel Corporation)

DRV - (TVALZ) -- C:\Windows\System32\drivers\TVALZ_O.SYS (TOSHIBA Corporation)

DRV - (atikmdag) -- C:\Windows\System32\drivers\atikmdag.sys (ATI Technologies Inc.)

DRV - (fbxusb) -- C:\Windows\System32\drivers\fbxusb32.sys (FreeBox SA)

DRV - (tos_sps32) -- C:\Windows\System32\drivers\tos_sps32.sys (TOSHIBA Corporation)

DRV - (RTL8169) -- C:\Windows\System32\drivers\Rtlh86.sys (Realtek Corporation )

DRV - (NETw4v32) -- C:\Windows\System32\drivers\NETw4v32.sys (Intel Corporation)

DRV - (UVCFTR) -- C:\Windows\System32\drivers\UVCFTR_S.SYS (Chicony Electronics Co., Ltd.)

DRV - (CplIR) -- C:\Windows\System32\drivers\CplIR.sys (COMPAL ELECTRONIC INC.)

DRV - (Tosrfhid) -- C:\Windows\System32\drivers\Tosrfhid.sys (TOSHIBA Corporation.)

DRV - (Tosrfusb) -- C:\Windows\System32\drivers\tosrfusb.sys (TOSHIBA CORPORATION)

DRV - (tosrfbd) -- C:\Windows\System32\drivers\tosrfbd.sys (TOSHIBA CORPORATION)

DRV - (tifm21) -- C:\Windows\System32\drivers\tifm21.sys (Texas Instruments)

DRV - (TosRfSnd) -- C:\Windows\System32\drivers\TosRfSnd.sys (TOSHIBA Corporation)

DRV - (KR10N) -- C:\Windows\System32\drivers\KR10N.sys (TOSHIBA CORPORATION)

DRV - (KR10I) -- C:\Windows\System32\drivers\KR10I.sys (TOSHIBA CORPORATION)

DRV - (AgereSoftModem) -- C:\Windows\System32\drivers\AGRSM.sys (Agere Systems)

DRV - (tosrfbnp) -- C:\Windows\System32\drivers\tosrfbnp.sys (TOSHIBA Corporation)

DRV - (athr) -- C:\Windows\System32\drivers\athr.sys (Atheros Communications, Inc.)

DRV - (tosrfec) -- C:\Windows\System32\drivers\tosrfec.sys (TOSHIBA Corporation)

DRV - (tdcmdpst) -- C:\Windows\System32\drivers\tdcmdpst.sys (TOSHIBA Corporation.)

DRV - (tosporte) -- C:\Windows\System32\drivers\tosporte.sys (TOSHIBA Corporation)

DRV - (LPCFilter) -- C:\Windows\System32\drivers\LPCFilter.sys (COMPAL ELECTRONIC INC.)

DRV - (Tosrfcom) -- C:\Windows\System32\drivers\tosrfcom.sys (TOSHIBA Corporation)

DRV - (tosrfnds) -- C:\Windows\System32\drivers\tosrfnds.sys (TOSHIBA Corporation.)

========== Standard Registry (SafeList) ==========

========== Internet Explorer ==========

IE - HKLM\..\SearchScopes,DefaultScope =

IE - HKLM\..\SearchScopes\{68CD3B82-D6EF-4FC6-8D9D-9661BA377008}: "URL" = http://www.google.fr/search?q={searchTerms}&rls=com.microsoft:*:IE-SearchBox&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7;

IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-19\..\SearchScopes,DefaultScope =

IE - HKU\S-1-5-20\..\SearchScopes,DefaultScope =

IE - HKU\S-1-5-21-3028630561-2677269616-100469482-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com

IE - HKU\S-1-5-21-3028630561-2677269616-100469482-1000\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1

IE - HKU\S-1-5-21-3028630561-2677269616-100469482-1000\..\SearchScopes,DefaultScope = {68CD3B82-D6EF-4FC6-8D9D-9661BA377008}

IE - HKU\S-1-5-21-3028630561-2677269616-100469482-1000\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC

IE - HKU\S-1-5-21-3028630561-2677269616-100469482-1000\..\SearchScopes\{68CD3B82-D6EF-4FC6-8D9D-9661BA377008}: "URL" = http://www.google.fr/search?q={searchTerms}&rls=com.microsoft:*:IE-SearchBox&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7;&rlz=1I7ADFA_frFR407

IE - HKU\S-1-5-21-3028630561-2677269616-100469482-1000\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC

IE - HKU\S-1-5-21-3028630561-2677269616-100469482-1000\..\SearchScopes\{8FAA0A9E-342B-4210-8E71-E890A8C365CB}: "URL" = http://fr.search.yahoo.com/search?p={searchterms}&ei=UTF-8&fr=w3i&type=W3i_DS,105,0_0,Search,20110101,0,0,0,0

IE - HKU\S-1-5-21-3028630561-2677269616-100469482-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

========== FireFox ==========

FF - prefs.js..browser.search.useDBForOrder: true

FF - prefs.js..browser.startup.homepage: "http://www.google.fr/"

FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:18.0.2

FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}:6.0.22

FF - prefs.js..extensions.enabledItems: toolbar@ask.com:3.11.3.15590

FF - prefs.js..extensions.enabledItems: wrc@avast.com:20110101

FF - user.js - File not found

FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF32_11_5_502_149.dll ()

FF - HKLM\Software\MozillaPlugins\@divx.com/DivX VOD Helper,version=1.0.0: C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)

FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.7.2: C:\Windows\system32\npDeployJava1.dll (Oracle Corporation)

FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.7.2: E:\Bac\Program Files\java\bin\plugin2\npjp2.dll (Oracle Corporation)

FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)

FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.)

FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.)

FF - HKLM\Software\MozillaPlugins\@torrentstream.net/tsplugin,version=1.0.2: E:\Bac\Program Files\StreamTorrent 1.0\TorrentStream\npvlc.dll File not found

FF - HKLM\Software\MozillaPlugins\@torrentstream.net/tsplugin,version=1.0.4: E:\Bac\Program Files\TorrentStream\npts.dll (The Torrent Stream and VideoLAN and Delft University of Technology)

FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\wrc@avast.com: C:\Program Files\AVAST Software\Avast\WebRep\FF [2012/11/20 07:53:39 | 000,000,000 | ---D | M]

FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 18.0.2\extensions\\Components: E:\Bac\Program Files\Firefox\components [2013/02/06 18:32:46 | 000,000,000 | ---D | M]

FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 18.0.2\extensions\\Plugins: E:\Bac\Program Files\Firefox\plugins [2013/02/06 18:30:59 | 000,000,000 | ---D | M]

[2011/01/26 21:33:16 | 000,000,000 | ---D | M] (No name found) -- C:\Users\A\AppData\Roaming\mozilla\Extensions

[2012/11/30 12:04:07 | 000,000,000 | ---D | M] (No name found) -- C:\Users\A\AppData\Roaming\mozilla\Firefox\Profiles\jt565p2v.default\extensions

[2012/07/25 23:31:02 | 000,224,693 | ---- | M] () (No name found) -- C:\Users\A\AppData\Roaming\mozilla\firefox\profiles\jt565p2v.default\extensions\fbphotozoom@installdaddy.com.xpi

========== Chrome ==========

CHR - default_search_provider: Google (Enabled)

CHR - default_search_provider: search_url = {google:baseURL}search?{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}{google:searchFieldtrialParameter}{google:instantFieldTrialGroupParameter}sourceid=chrome&ie={inputEncoding}&q={searchTerms}

CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}{google:instantFieldTrialGroupParameter}client=chrome&hl={language}&q={searchTerms}

CHR - homepage: http://www.google.com

CHR - plugin: Remoting Viewer (Enabled) = internal-remoting-viewer

CHR - plugin: Native Client (Enabled) = C:\Program Files\Google\Chrome\Application\16.0.912.63\ppGoogleNaClPluginChrome.dll

CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Program Files\Google\Chrome\Application\16.0.912.63\pdf.dll

CHR - plugin: Shockwave Flash (Enabled) = C:\Program Files\Google\Chrome\Application\16.0.912.63\gcswf32.dll

CHR - plugin: Shockwave Flash (Enabled) = C:\Windows\system32\Macromed\Flash\NPSWF32.dll

CHR - plugin: Adobe Acrobat (Enabled) = C:\Program Files\Adobe\Acrobat 7.0\Reader\Browser\nppdf32.dll

CHR - plugin: Java Deployment Toolkit 6.0.260.3 (Enabled) = C:\Program Files\Java\jre6\bin\new_plugin\npdeployJava1.dll

CHR - plugin: Java Platform SE 6 U26 (Enabled) = C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll

CHR - plugin: DivX VOD Helper Plug-in (Enabled) = C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll

CHR - plugin: DivX Plus Web Player (Enabled) = C:\Program Files\DivX\DivX Plus Web Player\npdivx32.dll

CHR - plugin: Google Update (Enabled) = C:\Program Files\Google\Update\1.3.21.79\npGoogleUpdate3.dll

CHR - plugin: Veetle TV Player (Enabled) = E:\Bac\Program Files\Veetle\Player\npvlc.dll

CHR - plugin: Veetle TV Core (Enabled) = E:\Bac\Program Files\Veetle\plugins\npVeetle.dll

CHR - plugin: Windows Presentation Foundation (Enabled) = c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll

CHR - plugin: Default Plug-in (Enabled) = default_plugin

CHR - Extension: YouTube = C:\Users\A\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2_0\

CHR - Extension: Recherche Google = C:\Users\A\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.14_0\

CHR - Extension: \u003Cvideo\u003E HTML5 DivX Plus Web Player = C:\Users\A\AppData\Local\Google\Chrome\User Data\Default\Extensions\nneajnkjbffgblleaoojgaacokifdkhm\2.1.2.145_0\

CHR - Extension: Gmail = C:\Users\A\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\6.1.3_0\

O1 HOSTS File: ([2013/02/15 13:01:44 | 000,000,027 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts

O1 - Hosts: 127.0.0.1 localhost

O2 - BHO: (Java Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - E:\Bac\Program Files\java\bin\ssv.dll (Oracle Corporation)

O2 - BHO: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)

O2 - BHO: (Java Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - E:\Bac\Program Files\java\bin\jp2ssv.dll (Oracle Corporation)

O2 - BHO: (SingleInstance Class) - {FDAD4DA1-61A2-4FD8-9C17-86F7AC245081} - C:\Program Files\Yahoo!\Companion\Installs\cpn\YTSingleInstance.dll (Yahoo! Inc)

O3 - HKLM\..\Toolbar: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)

O3 - HKLM\..\Toolbar: (Yahoo! Toolbar) - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll (Yahoo! Inc.)

O4 - HKLM..\Run: [00TCrdMain] C:\Program Files\TOSHIBA\FlashCards\TCrdMain.exe (TOSHIBA Corporation)

O4 - HKLM..\Run: [avast] C:\Program Files\AVAST Software\Avast\avastUI.exe (AVAST Software)

O4 - HKLM..\Run: [Camera Assistant Software] C:\Program Files\Camera Assistant Software for Toshiba\traybar.exe (Chicony)

O4 - HKLM..\Run: [Desktop SMS] C:\Program Files\IDM\Desktop SMS\DesktopSMS.exe (Interactive Digital Media)

O4 - HKLM..\Run: [DivXUpdate] C:\Program Files\DivX\DivX Update\DivXUpdate.exe ()

O4 - HKLM..\Run: [HSON] C:\Program Files\TOSHIBA\TBS\HSON.exe (TOSHIBA Corporation)

O4 - HKLM..\Run: [HWSetup] \HWSetup.exe hwSetUP File not found

O4 - HKLM..\Run: [iAAnotif] C:\Program Files\Intel\Intel Matrix Storage Manager\iaanotif.exe (Intel Corporation)

O4 - HKLM..\Run: [KeNotify] C:\Program Files\TOSHIBA\Utilities\KeNotify.exe ()

O4 - HKLM..\Run: [LoadMdm] C:\Program Files\Wetelecom\LoadMdm.exe (TODO: <Company name>)

O4 - HKLM..\Run: [NDSTray.exe] NDSTray.exe File not found

O4 - HKLM..\Run: [RtHDVCpl] C:\Windows\RtHDVCpl.exe (Realtek Semiconductor)

O4 - HKLM..\Run: [smoothView] C:\Program Files\Toshiba\SmoothView\SmoothView.exe (TOSHIBA Corporation)

O4 - HKLM..\Run: [startCCC] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe ()

O4 - HKLM..\Run: [sVPWUTIL] C:\Program Files\TOSHIBA\Utilities\SVPWUTIL.exe (TOSHIBA)

O4 - HKLM..\Run: [synTPStart] C:\Program Files\Synaptics\SynTP\SynTPStart.exe (Synaptics, Inc.)

O4 - HKLM..\Run: [topi] C:\Program Files\TOSHIBA\Toshiba Online Product Information\topi.exe (TOSHIBA)

O4 - HKLM..\Run: [Toshiba Registration] C:\Program Files\Toshiba\Registration\ToshibaRegistration.exe (Toshiba)

O4 - HKLM..\Run: [TPwrMain] C:\Program Files\TOSHIBA\Power Saver\TPwrMain.EXE (TOSHIBA Corporation)

O4 - HKLM..\Run: [VDownloader] E:\Bac\Program Files\VDownloader\VDownloader.exe (Vitzo)

O4 - HKU\S-1-5-21-3028630561-2677269616-100469482-1000..\Run: [TOSCDSPD] C:\Program Files\TOSHIBA\TOSCDSPD\TOSCDSPD.exe (TOSHIBA)

O4 - Startup: C:\Users\A\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OpenOffice.org 3.4.1.lnk = C:\Program Files\OpenOffice.org 3\program\quickstart.exe ()

O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present

O7 - HKU\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\Control Panel present

O7 - HKU\S-1-5-18\Software\Policies\Microsoft\Internet Explorer\Control Panel present

O7 - HKU\S-1-5-19\Software\Policies\Microsoft\Internet Explorer\Control Panel present

O7 - HKU\S-1-5-20\Software\Policies\Microsoft\Internet Explorer\Control Panel present

O7 - HKU\S-1-5-21-3028630561-2677269616-100469482-1000\Software\Policies\Microsoft\Internet Explorer\Control Panel present

O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000 File not found

O9 - Extra 'Tools' menuitem : Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - E:\Bac\Program Files\java\bin\jp2iexp.dll ()

O9 - Extra Button: Envoyer à OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll (Microsoft Corporation)

O9 - Extra 'Tools' menuitem : &Envoyer à OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll (Microsoft Corporation)

O9 - Extra Button: eBay - Achetez, Vendez - {76577871-04EC-495E-A12B-91F7C3600AFA} - http://rover.ebay.com/rover/1/709-44555-9400-3/4 File not found

O9 - Extra Button: Amazon.fr - {8A918C1D-E123-4E36-B562-5C1519E434CE} - http://www.amazon.fr/exec/obidos/redirect-home?tag=Toshibafrbholink-21&site=home File not found

O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL (Microsoft Corporation)

O9 - Extra Button: eBay - {C08CAF1D-C0A3-40D5-9970-06D067EAC017} - http://www.webtip.ch/cgi-bin/toshiba/tracker_url.pl?FR File not found

O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0-windows-i586.cab (Reg Error: Value error.)

O16 - DPF: {CAFEEFAC-0016-0000-0000-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0-windows-i586.cab (Java Plug-in 1.6.0)

O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0-windows-i586.cab (Java Plug-in 10.7.2)

O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab (Reg Error: Key error.)

O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.254

O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{09D3E7A3-EBAA-41F3-8727-63E730142A80}: DhcpNameServer = 192.168.1.254

O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{0CD10193-1D2D-4EAD-B773-4C787342C064}: DhcpNameServer = 212.27.40.241 212.27.40.240

O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL (Skype Technologies)

O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\PROGRA~1\COMMON~1\MICROS~1\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)

O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)

O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\System32\userinit.exe (Microsoft Corporation)

O24 - Desktop WallPaper: C:\Toshiba\Wallpapers\Wallpaper1.jpg

O24 - Desktop BackupWallPaper: C:\Toshiba\Wallpapers\Wallpaper1.jpg

O32 - HKLM CDRom: AutoRun - 1

O32 - AutoRun File - [2006/09/18 22:43:36 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]

O34 - HKLM BootExecute: (autocheck autochk *)

O35 - HKLM\..comfile [open] -- "%1" %*

O35 - HKLM\..exefile [open] -- "%1" %*

O37 - HKLM\...com [@ = ComFile] -- "%1" %*

O37 - HKLM\...exe [@ = exefile] -- "%1" %*

O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)

O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)

========== Files/Folders - Created Within 360 Days ==========

[2013/02/16 09:55:35 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\A\Desktop\OTL.exe

[2013/02/15 20:00:39 | 000,000,000 | ---D | C] -- C:\TDSSKiller_Quarantine

[2013/02/15 19:39:30 | 002,237,968 | ---- | C] (Kaspersky Lab ZAO) -- C:\Users\A\Desktop\tdsskiller.exe

[2013/02/15 13:10:38 | 000,000,000 | -HSD | C] -- C:\$RECYCLE.BIN

[2013/02/15 13:10:27 | 000,000,000 | ---D | C] -- C:\Windows\temp

[2013/02/15 12:29:32 | 000,518,144 | ---- | C] (SteelWerX) -- C:\Windows\SWREG.exe

[2013/02/15 12:29:32 | 000,406,528 | ---- | C] (SteelWerX) -- C:\Windows\SWSC.exe

[2013/02/15 12:29:32 | 000,060,416 | ---- | C] (NirSoft) -- C:\Windows\NIRCMD.exe

[2013/02/15 12:29:14 | 000,000,000 | ---D | C] -- C:\ComboFix

[2013/02/15 12:26:08 | 000,000,000 | ---D | C] -- C:\Qoobox

[2013/02/15 12:25:07 | 000,000,000 | ---D | C] -- C:\Windows\erdnt

[2013/02/15 12:12:47 | 005,032,798 | R--- | C] (Swearware) -- C:\Users\A\Desktop\ComboFix.exe

[2013/02/15 09:58:12 | 000,000,000 | ---D | C] -- C:\Users\A\Desktop\RK_Quarantine

[2013/02/14 20:07:22 | 002,382,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mshtml.tlb

[2013/02/14 20:07:20 | 000,176,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieui.dll

[2013/02/14 20:07:19 | 000,607,744 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeeds.dll

[2013/02/14 20:07:19 | 000,142,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieUnatt.exe

[2013/02/14 20:07:19 | 000,065,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jsproxy.dll

[2013/02/14 20:07:16 | 001,800,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jscript9.dll

[2013/02/14 20:07:16 | 000,231,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\url.dll

[2013/02/14 20:07:13 | 001,427,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\inetcpl.cpl

[2013/02/14 13:02:08 | 002,048,512 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\win32k.sys

[2013/02/14 13:02:04 | 001,314,816 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\quartz.dll

[2013/02/14 13:01:45 | 003,550,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ntoskrnl.exe

[2013/02/14 13:01:42 | 003,602,808 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ntkrnlpa.exe

[2013/02/09 12:09:54 | 000,000,000 | ---D | C] -- C:\Users\A\AppData\Roaming\OpenOffice.org

[2013/02/09 12:04:34 | 000,000,000 | --SD | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OpenOffice.org 3.4.1

[2013/02/09 12:01:26 | 000,000,000 | ---D | C] -- C:\Program Files\OpenOffice.org 3

[2013/01/23 10:26:09 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype

[2013/01/23 10:26:09 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Skype

[2013/01/23 10:26:08 | 000,000,000 | R--D | C] -- C:\Program Files\Skype

[2013/01/11 12:17:42 | 000,204,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ncrypt.dll

[2012/12/21 20:02:57 | 000,293,376 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\System32\atmfd.dll

[2012/12/21 20:02:55 | 000,034,304 | ---- | C] (Adobe Systems) -- C:\Windows\System32\atmlib.dll

[2012/12/13 20:05:25 | 000,009,728 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\Wdfres.dll

[2012/12/13 20:05:01 | 000,016,896 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\winusb.dll

[2012/12/13 20:04:59 | 000,172,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WUDFPlatform.dll

[2012/12/13 20:04:55 | 000,047,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\WdfLdr.sys

[2012/12/13 20:04:46 | 000,038,912 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WUDFCoinstaller.dll

[2012/12/13 20:04:43 | 000,613,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WUDFx.dll

[2012/12/13 09:56:16 | 000,376,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dpnet.dll

[2012/12/13 09:56:15 | 000,023,040 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dpnsvr.exe

[2012/12/13 09:55:57 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\tzres.dll

[2012/11/30 12:37:15 | 000,000,000 | ---D | C] -- C:\Users\A\AppData\Roaming\Malwarebytes

[2012/11/30 12:36:55 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes

[2012/11/19 23:01:00 | 000,075,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\synceng.dll

[2012/10/31 11:26:12 | 000,000,000 | ---D | C] -- C:\Users\A\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Wetelecom

[2012/10/31 11:26:12 | 000,000,000 | ---D | C] -- C:\Program Files\Wetelecom

[2012/10/18 08:51:17 | 000,000,000 | ---D | C] -- C:\ProgramData\McAfee

[2012/10/18 08:49:42 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Adobe

[2012/10/18 08:40:35 | 000,000,000 | ---D | C] -- C:\Users\A\Documents\39378-667153-foxit-pdf-reader.msi

[2012/10/14 13:37:12 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeXnicCenter Alpha

[2012/10/08 22:25:49 | 000,000,000 | ---D | C] -- C:\Users\A\AppData\Roaming\VDownloader

[2012/10/08 22:25:46 | 000,000,000 | ---D | C] -- C:\Users\A\AppData\Roaming\TuneUp Software

[2012/10/08 22:25:07 | 000,000,000 | ---D | C] -- C:\ProgramData\TuneUp Software

[2012/10/08 22:25:03 | 000,000,000 | -HSD | C] -- C:\ProgramData\{C4ABDBC8-1C81-42C9-BFFC-4A68511E9E4F}

[2012/10/08 22:25:02 | 000,000,000 | -H-D | C] -- C:\ProgramData\Common Files

[2012/10/08 22:24:41 | 000,000,000 | ---D | C] -- C:\Users\A\AppData\Local\VDownloader

[2012/10/08 22:24:34 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VDownloader

[2012/10/08 22:13:48 | 000,246,760 | ---- | C] (Oracle Corporation) -- C:\Windows\System32\javaws.exe

[2012/10/08 22:12:34 | 000,174,056 | ---- | C] (Oracle Corporation) -- C:\Windows\System32\javaw.exe

[2012/10/08 22:12:34 | 000,174,056 | ---- | C] (Oracle Corporation) -- C:\Windows\System32\java.exe

[2012/10/08 22:12:34 | 000,093,672 | ---- | C] (Oracle Corporation) -- C:\Windows\System32\WindowsAccessBridge.dll

[2012/10/06 08:41:07 | 000,000,000 | ---D | C] -- C:\Users\A\AppData\Local\Macromedia

[2012/10/06 07:32:28 | 000,697,712 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\System32\FlashPlayerApp.exe

[2012/10/06 07:32:28 | 000,074,096 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\System32\FlashPlayerCPLApp.cpl

[2012/07/11 21:10:15 | 000,000,000 | ---D | C] -- C:\Program Files\Oracle

[2012/07/11 21:07:24 | 000,821,736 | ---- | C] (Oracle Corporation) -- C:\Windows\System32\npDeployJava1.dll

[2012/06/21 19:42:51 | 000,045,080 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wups2.dll

[2012/06/21 19:42:50 | 002,422,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wucltux.dll

[2012/06/21 19:42:04 | 000,577,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wuapi.dll

[2012/06/21 19:42:04 | 000,088,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wudriver.dll

[2012/06/21 19:42:04 | 000,035,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wups.dll

[2012/06/21 19:41:44 | 000,171,904 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wuwebv.dll

[2012/06/21 19:41:44 | 000,033,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wuapp.exe

[2012/05/10 18:51:10 | 001,069,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\DWrite.dll

[2012/05/10 18:51:10 | 000,219,648 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3d10_1core.dll

[2012/05/10 18:51:09 | 001,172,480 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3d10warp.dll

[2012/05/10 18:51:08 | 000,683,008 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d2d1.dll

[2012/05/10 18:51:08 | 000,160,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3d10_1.dll

[2012/04/08 09:07:53 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DjVuLibre

[2012/04/07 08:53:19 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeXnicCenter

[2012/04/07 08:53:18 | 000,044,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msxml4a.dll

[2012/03/24 20:08:35 | 000,020,624 | ---- | C] (AVAST Software) -- C:\Windows\System32\drivers\aswKbd.sys

[2012/03/13 19:32:49 | 000,613,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\rdpencom.dll

[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]

========== Files - Modified Within 360 Days ==========

[2013/02/16 09:55:37 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\A\Desktop\OTL.exe

[2013/02/16 09:49:03 | 000,001,002 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job

[2013/02/16 09:44:49 | 000,001,042 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job

[2013/02/16 09:44:47 | 000,000,378 | ---- | M] () -- C:\Windows\tasks\Final Media Player Update Checker.job

[2013/02/16 09:44:39 | 000,003,568 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0

[2013/02/16 09:44:39 | 000,003,568 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0

[2013/02/16 09:44:28 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat

[2013/02/16 09:44:16 | 2143,752,192 | -HS- | M] () -- C:\hiberfil.sys

[2013/02/15 23:29:00 | 000,001,046 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job

[2013/02/15 22:51:56 | 000,011,377 | ---- | M] () -- C:\Users\A\gsview32.ini

[2013/02/15 22:27:32 | 000,719,884 | ---- | M] () -- C:\Windows\System32\perfh00C.dat

[2013/02/15 22:27:32 | 000,632,152 | ---- | M] () -- C:\Windows\System32\perfh009.dat

[2013/02/15 22:27:32 | 000,144,680 | ---- | M] () -- C:\Windows\System32\perfc00C.dat

[2013/02/15 22:27:32 | 000,118,778 | ---- | M] () -- C:\Windows\System32\perfc009.dat

[2013/02/15 19:39:04 | 002,237,968 | ---- | M] (Kaspersky Lab ZAO) -- C:\Users\A\Desktop\tdsskiller.exe

[2013/02/15 16:34:22 | 000,230,330 | ---- | M] () -- C:\Users\A\Documents\To the problem of vacination.pdf

[2013/02/15 13:01:44 | 000,000,027 | ---- | M] () -- C:\Windows\System32\drivers\etc\hosts

[2013/02/15 12:10:01 | 005,032,798 | R--- | M] (Swearware) -- C:\Users\A\Desktop\ComboFix.exe

[2013/02/15 09:48:45 | 000,798,208 | ---- | M] () -- C:\Users\A\Desktop\RogueKiller.exe

[2013/02/15 08:49:59 | 000,314,784 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT

[2013/02/09 21:49:11 | 000,697,712 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\System32\FlashPlayerApp.exe

[2013/02/09 21:49:11 | 000,074,096 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\System32\FlashPlayerCPLApp.cpl

[2013/02/09 12:10:04 | 000,001,033 | ---- | M] () -- C:\Users\A\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OpenOffice.org 3.4.1.lnk

[2013/02/09 12:04:35 | 000,000,997 | ---- | M] () -- C:\Users\Public\Desktop\OpenOffice.org 3.4.1.lnk

[2013/01/23 10:26:09 | 000,001,878 | ---- | M] () -- C:\Users\Public\Desktop\Skype.lnk

[2013/01/17 01:28:58 | 000,232,336 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\MpSigStub.exe

[2013/01/11 11:58:48 | 000,001,834 | ---- | M] () -- C:\Users\Public\Desktop\avast! Internet Security.lnk

[2013/01/11 11:58:44 | 000,002,577 | ---- | M] () -- C:\Windows\System32\config.nt

[2013/01/08 23:11:21 | 001,800,704 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\jscript9.dll

[2013/01/08 23:03:12 | 001,427,968 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\inetcpl.cpl

[2013/01/08 23:01:48 | 000,231,936 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\url.dll

[2013/01/08 23:00:14 | 000,065,024 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\jsproxy.dll

[2013/01/08 22:59:02 | 000,142,848 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ieUnatt.exe

[2013/01/08 22:57:49 | 000,607,744 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msfeeds.dll

[2013/01/08 22:56:23 | 002,382,848 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\mshtml.tlb

[2013/01/08 22:53:13 | 000,176,640 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ieui.dll

[2013/01/05 06:26:01 | 003,602,808 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ntkrnlpa.exe

[2013/01/05 06:26:01 | 003,550,072 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ntoskrnl.exe

[2013/01/04 02:38:50 | 002,048,512 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\win32k.sys

[2012/12/16 14:12:54 | 000,034,304 | ---- | M] (Adobe Systems) -- C:\Windows\System32\atmlib.dll

[2012/12/16 11:50:29 | 000,293,376 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\System32\atmfd.dll

[2012/11/20 05:22:50 | 000,204,288 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ncrypt.dll

[2012/11/14 13:07:50 | 000,000,680 | ---- | M] () -- C:\Users\A\AppData\Local\d3d9caps.dat

[2012/11/13 02:29:51 | 000,002,048 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\tzres.dll

[2012/11/02 11:18:17 | 000,376,320 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\dpnet.dll

[2012/11/02 09:57:40 | 000,000,624 | ---- | M] () -- C:\Users\A\Desktop\Dissertation.lnk

[2012/11/02 09:26:06 | 000,023,040 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\dpnsvr.exe

[2012/10/31 11:26:12 | 000,000,853 | ---- | M] () -- C:\Users\A\Desktop\MTS Connect.lnk

[2012/10/30 23:51:58 | 000,738,504 | ---- | M] (AVAST Software) -- C:\Windows\System32\drivers\aswSnx.sys

[2012/10/30 23:51:58 | 000,361,032 | ---- | M] (AVAST Software) -- C:\Windows\System32\drivers\aswSP.sys

[2012/10/30 23:51:58 | 000,199,320 | ---- | M] (AVAST Software) -- C:\Windows\System32\drivers\aswNdis2.sys

[2012/10/30 23:51:58 | 000,054,232 | ---- | M] (AVAST Software) -- C:\Windows\System32\drivers\aswTdi.sys

[2012/10/30 23:51:58 | 000,035,928 | ---- | M] (AVAST Software) -- C:\Windows\System32\drivers\aswRdr.sys

[2012/10/30 23:51:57 | 000,058,680 | ---- | M] (AVAST Software) -- C:\Windows\System32\drivers\aswMonFlt.sys

[2012/10/30 23:51:56 | 000,106,560 | ---- | M] (AVAST Software) -- C:\Windows\System32\drivers\aswFW.sys

[2012/10/30 23:51:56 | 000,021,256 | ---- | M] (AVAST Software) -- C:\Windows\System32\drivers\aswFsBlk.sys

[2012/10/30 23:51:56 | 000,020,624 | ---- | M] (AVAST Software) -- C:\Windows\System32\drivers\aswKbd.sys

[2012/10/30 23:51:07 | 000,041,224 | ---- | M] (AVAST Software) -- C:\Windows\avastSS.scr

[2012/10/30 23:50:59 | 000,227,648 | ---- | M] (AVAST Software) -- C:\Windows\System32\aswBoot.exe

[2012/10/18 08:50:28 | 000,001,897 | ---- | M] () -- C:\Users\Public\Desktop\Adobe Reader X.lnk

[2012/10/14 13:37:12 | 000,000,762 | ---- | M] () -- C:\Users\A\Desktop\TeXnicCenter Alpha.lnk

[2012/10/08 23:40:27 | 000,008,192 | ---- | M] () -- C:\Users\A\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini

[2012/10/08 22:39:45 | 000,000,918 | ---- | M] () -- C:\Windows\System32\InstallUtil.InstallLog

[2012/10/08 22:24:37 | 000,000,834 | ---- | M] () -- C:\Users\A\Application Data\Microsoft\Internet Explorer\Quick Launch\VDownloader.lnk

[2012/10/08 22:24:36 | 000,000,834 | ---- | M] () -- C:\Users\Public\Desktop\VDownloader.lnk

[2012/10/08 22:12:13 | 000,093,672 | ---- | M] (Oracle Corporation) -- C:\Windows\System32\WindowsAccessBridge.dll

[2012/10/08 22:12:06 | 000,246,760 | ---- | M] (Oracle Corporation) -- C:\Windows\System32\javaws.exe

[2012/10/08 22:12:05 | 000,174,056 | ---- | M] (Oracle Corporation) -- C:\Windows\System32\javaw.exe

[2012/10/08 22:12:05 | 000,174,056 | ---- | M] (Oracle Corporation) -- C:\Windows\System32\java.exe

[2012/10/08 22:12:03 | 000,821,736 | ---- | M] (Oracle Corporation) -- C:\Windows\System32\npDeployJava1.dll

[2012/10/08 22:12:03 | 000,746,984 | ---- | M] (Oracle Corporation) -- C:\Windows\System32\deployJava1.dll

[2012/10/03 11:07:11 | 000,000,793 | ---- | M] () -- C:\Users\A\Desktop\mythesis.lnk

[2012/10/02 08:44:27 | 000,001,768 | ---- | M] () -- C:\Users\A\Documents\app1.tex

[2012/09/25 17:19:41 | 000,075,776 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\synceng.dll

[2012/07/28 11:55:29 | 000,000,369 | ---- | M] () -- C:\Users\A\.JavaPowUpload.properties

[2012/07/26 05:44:39 | 000,002,560 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\fr-FR\wdf01000.sys.mui

[2012/07/26 04:39:21 | 000,047,720 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\WdfLdr.sys

[2012/07/26 04:20:40 | 000,613,888 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\WUDFx.dll

[2012/07/26 04:20:40 | 000,172,032 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\WUDFPlatform.dll

[2012/07/26 04:20:40 | 000,038,912 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\WUDFCoinstaller.dll

[2012/07/26 03:46:47 | 000,009,728 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\Wdfres.dll

[2012/06/29 19:52:34 | 000,979,345 | ---- | M] () -- C:\Users\A\Desktop\xyz.pdf

[2012/06/02 23:19:33 | 000,045,080 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\wups2.dll

[2012/06/02 23:19:32 | 000,035,864 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\wups.dll

[2012/06/02 23:19:23 | 000,577,048 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\wuapi.dll

[2012/06/02 23:12:32 | 002,422,272 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\wucltux.dll

[2012/06/02 23:12:13 | 000,088,576 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\wudriver.dll

[2012/06/02 15:57:50 | 000,000,003 | ---- | M] () -- C:\Windows\System32\drivers\MsftWdf_User_01_11_00_Inbox_Critical.Wdf

[2012/06/02 15:34:21 | 000,000,003 | ---- | M] () -- C:\Windows\System32\drivers\MsftWdf_Kernel_01011_Inbox_Critical.Wdf

[2012/06/02 14:19:42 | 000,171,904 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\wuwebv.dll

[2012/06/02 14:12:20 | 000,033,792 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\wuapp.exe

[2012/04/28 15:06:12 | 000,000,000 | -H-- | M] () -- C:\Windows\System32\drivers\Msft_User_WpdMtpDr_01_07_00.Wdf

[2012/04/07 08:53:19 | 000,000,727 | ---- | M] () -- C:\Users\A\Desktop\TeXnicCenter.lnk

[2012/03/01 15:46:01 | 000,219,648 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\d3d10_1core.dll

[2012/03/01 15:46:01 | 000,160,768 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\d3d10_1.dll

[2012/02/29 15:08:47 | 001,172,480 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\d3d10warp.dll

[2012/02/29 14:44:50 | 000,683,008 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\d2d1.dll

[2012/02/29 14:41:40 | 001,069,056 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\DWrite.dll

[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]

========== Files Created - No Company Name ==========

[2013/02/15 16:34:21 | 000,230,330 | ---- | C] () -- C:\Users\A\Documents\To the problem of vacination.pdf

[2013/02/15 12:29:32 | 000,256,000 | ---- | C] () -- C:\Windows\PEV.exe

[2013/02/15 12:29:32 | 000,208,896 | ---- | C] () -- C:\Windows\MBR.exe

[2013/02/15 12:29:32 | 000,098,816 | ---- | C] () -- C:\Windows\sed.exe

[2013/02/15 12:29:32 | 000,080,412 | ---- | C] () -- C:\Windows\grep.exe

[2013/02/15 12:29:32 | 000,068,096 | ---- | C] () -- C:\Windows\zip.exe

[2013/02/15 09:57:51 | 000,798,208 | ---- | C] () -- C:\Users\A\Desktop\RogueKiller.exe

[2013/02/09 12:10:04 | 000,001,033 | ---- | C] () -- C:\Users\A\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OpenOffice.org 3.4.1.lnk

[2013/02/09 12:04:35 | 000,000,997 | ---- | C] () -- C:\Users\Public\Desktop\OpenOffice.org 3.4.1.lnk

[2013/01/23 10:26:09 | 000,001,878 | ---- | C] () -- C:\Users\Public\Desktop\Skype.lnk

[2013/01/16 09:27:38 | 2143,752,192 | -HS- | C] () -- C:\hiberfil.sys

[2012/12/13 20:05:33 | 000,000,003 | ---- | C] () -- C:\Windows\System32\drivers\MsftWdf_User_01_11_00_Inbox_Critical.Wdf

[2012/12/13 20:05:33 | 000,000,003 | ---- | C] () -- C:\Windows\System32\drivers\MsftWdf_Kernel_01011_Inbox_Critical.Wdf

[2012/11/02 09:57:09 | 000,000,624 | ---- | C] () -- C:\Users\A\Desktop\Dissertation.lnk

[2012/10/31 11:26:12 | 000,000,853 | ---- | C] () -- C:\Users\A\Desktop\MTS Connect.lnk

[2012/10/18 08:50:28 | 000,002,425 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader X.lnk

[2012/10/18 08:50:28 | 000,001,897 | ---- | C] () -- C:\Users\Public\Desktop\Adobe Reader X.lnk

[2012/10/14 13:37:12 | 000,000,762 | ---- | C] () -- C:\Users\A\Desktop\TeXnicCenter Alpha.lnk

[2012/10/13 09:20:03 | 000,001,002 | ---- | C] () -- C:\Windows\tasks\Adobe Flash Player Updater.job

[2012/10/08 22:24:37 | 000,000,834 | ---- | C] () -- C:\Users\A\Application Data\Microsoft\Internet Explorer\Quick Launch\VDownloader.lnk

[2012/10/08 22:24:36 | 000,000,834 | ---- | C] () -- C:\Users\Public\Desktop\VDownloader.lnk

[2012/10/08 22:24:33 | 000,444,283 | ---- | C] () -- C:\Program Files\Common Files\WinPcapNmap.exe

[2012/10/03 11:06:35 | 000,000,793 | ---- | C] () -- C:\Users\A\Desktop\mythesis.lnk

[2012/10/02 08:44:27 | 000,001,768 | ---- | C] () -- C:\Users\A\Documents\app1.tex

[2012/07/28 11:53:18 | 000,000,369 | ---- | C] () -- C:\Users\A\.JavaPowUpload.properties

[2012/07/02 17:13:28 | 000,979,345 | ---- | C] () -- C:\Users\A\Desktop\xyz.pdf

[2012/04/28 15:06:12 | 000,000,000 | -H-- | C] () -- C:\Windows\System32\drivers\Msft_User_WpdMtpDr_01_07_00.Wdf

[2012/04/14 12:22:36 | 000,000,918 | ---- | C] () -- C:\Windows\System32\InstallUtil.InstallLog

[2012/04/07 08:53:19 | 000,000,727 | ---- | C] () -- C:\Users\A\Desktop\TeXnicCenter.lnk

[2011/11/03 22:15:40 | 000,000,680 | ---- | C] () -- C:\Users\A\AppData\Local\d3d9caps.dat

[2011/04/30 10:25:44 | 000,335,872 | ---- | C] () -- C:\Windows\System32\lxctcoin.dll

[2011/04/16 12:55:23 | 000,011,377 | ---- | C] () -- C:\Users\A\gsview32.ini

[2010/12/31 23:42:23 | 000,008,192 | ---- | C] () -- C:\Users\A\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini

[2010/11/26 21:11:54 | 000,000,056 | -H-- | C] () -- C:\ProgramData\ezsidmv.dat

========== ZeroAccess Check ==========

[2006/11/02 13:54:22 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini

[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

"" = %SystemRoot%\system32\shell32.dll -- [2012/06/08 18:47:00 | 011,586,048 | ---- | M] (Microsoft Corporation)

"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]

"" = %systemroot%\system32\wbem\fastprox.dll -- [2009/04/11 07:28:19 | 000,614,912 | ---- | M] (Microsoft Corporation)

"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]

"" = %systemroot%\system32\wbem\wbemess.dll -- [2009/04/11 07:28:25 | 000,347,648 | ---- | M] (Microsoft Corporation)

"ThreadingModel" = Both

========== Files - Unicode (All) ==========

[2011/11/21 00:58:15 | 000,017,360 | ---- | M] ()(C:\Users\A\Desktop\? ????? ???? ?????? ???????.docx) -- C:\Users\A\Desktop\bla.docx

[2011/11/01 14:24:23 | 000,011,608 | ---- | M] ()(C:\Users\A\Desktop\?? ??? ??? ???????? ????????????.docx) -- C:\Users\A\Desktop\bla1.docx

[2011/11/01 11:54:11 | 000,011,608 | ---- | C] ()(C:\Users\A\Desktop\?? ??? ??? ???????? ????????????.docx) -- C:\Users\A\Desktop\bla11.docx

[2011/06/10 22:38:26 | 000,017,360 | ---- | C] ()(C:\Users\A\Desktop\? ????? ???? ?????? ???????.docx) -- C:\Users\A\Desktop\bla01.docx

[2011/04/30 10:55:10 | 000,013,040 | ---- | M] ()(C:\Users\A\Desktop\T?????? ????? Z.docx) -- C:\Users\A\Desktop\Z.docx

[2011/04/30 10:29:39 | 000,013,040 | ---- | C] ()(C:\Users\A\Desktop\T?????? ????? Z.docx) -- C:\Users\A\Desktop\Z1.docx

< End of report >

Link to post
Share on other sites

  • Staff

Hello

Run this custom script and when it is complete I need to know how the computer is doing

Run OTL Script

  • Double-click OTL.exe to start the program.
  • Copy and Paste the following code into the customFix.png text box.

    :OTL
    FF - user.js - File not found
    FF - HKLM\Software\MozillaPlugins\@torrentstream.net/tsplugin,version=1.0.2: E:\Bac\Program Files\StreamTorrent 1.0\TorrentStream\npvlc.dll File not found
    O4 - HKLM..\Run: [HWSetup] \HWSetup.exe hwSetUP File not found
    O4 - HKLM..\Run: [NDSTray.exe] NDSTray.exe File not found
    O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000 File not found
    O9 - Extra Button: eBay - Achetez, Vendez - {76577871-04EC-495E-A12B-91F7C3600AFA} - http://rover.ebay.co...-44555-9400-3/4 File not found
    O9 - Extra Button: Amazon.fr - {8A918C1D-E123-4E36-B562-5C1519E434CE} - http://www.amazon.fr...nk-21&site=home File not found
    O9 - Extra Button: eBay - {C08CAF1D-C0A3-40D5-9970-06D067EAC017} - http://www.webtip.ch...acker_url.pl?FR File not found
    O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.ad...Plus/1.6/gp.cab (Reg Error: Key error.)
    FF - prefs.js..extensions.enabledItems: toolbar@ask.com:3.11.3.15590
    [2012/07/25 23:31:02 | 000,224,693 | ---- | M] () (No name found) -- C:\Users\A\AppData\Roaming\mozilla\firefox\profiles\jt565p2v.default\extensions\fbphotozoom@installdaddy.com.xpi
    :Files
    ipconfig /flushdns /c
    C:\Users\A\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo
    :Commands
    [PURITY]
    [emptyjava]
    [EMPTYFLASH]
    [reboot]


  • Then click the Run Fix button at the top.
  • Click btnOK.png.
  • OTL may ask to reboot the machine. Please do so if asked.
  • The report should appear in Notepad after the reboot.Copy and Paste that report in your next reply.
    Note** if the report does not popup after the computer reboots you can find it here in this folder - C:\_OTL\MovedFiles
    It will be named - mmddyyyy_hhmmss.log
    Where mmddyyyy_hhmmss - are numbers representing the date and time the fix was run.

Let me know How things are doing

Gringo

Link to post
Share on other sites

hello

1. I did as you said

2. the report did not popup. I cannot find it, sorry.

3. I cannot find the C\_OTL\MovedFiles...either

4. All stuff you asked me to install on my desktop disapeared....

5. the youtubecoupondropdown, playing annoying music, is still there.....

6. I ve got the TDSKiller Quarantine files (4 susp objetcs)

7. The web seems to work faster ! My usual sites lay out faster

Link to post
Share on other sites

Correction to my prev post

1. I made previously a wrong click, not the RunFix, but the central purge button (the language is not english and not my native one, so by the end of the day i can mix matters)

2. but i reran a copy of OTL and here is the report you were asking for

========== OTL ==========

Registry key HKEY_LOCAL_MACHINE\Software\MozillaPlugins\@torrentstream.net/tsplugin,version=1.0.2\ deleted successfully.

Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\HWSetup deleted successfully.

Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\NDSTray.exe deleted successfully.

Registry key HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\MenuExt\E&xporter vers Microsoft Excel\ deleted successfully.

Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extensions\{76577871-04EC-495E-A12B-91F7C3600AFA}\ deleted successfully.

Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{76577871-04EC-495E-A12B-91F7C3600AFA}\ not found.

Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extensions\{8A918C1D-E123-4E36-B562-5C1519E434CE}\ deleted successfully.

Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{8A918C1D-E123-4E36-B562-5C1519E434CE}\ not found.

Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extensions\{C08CAF1D-C0A3-40D5-9970-06D067EAC017}\ deleted successfully.

Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{C08CAF1D-C0A3-40D5-9970-06D067EAC017}\ not found.

Starting removal of ActiveX control {E2883E8F-472F-4FB0-9522-AC9BF37916A7}

C:\Windows\Downloaded Program Files\gp.inf not found.

Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{E2883E8F-472F-4FB0-9522-AC9BF37916A7}\ deleted successfully.

Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{E2883E8F-472F-4FB0-9522-AC9BF37916A7}\ not found.

Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{E2883E8F-472F-4FB0-9522-AC9BF37916A7}\ not found.

Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{E2883E8F-472F-4FB0-9522-AC9BF37916A7}\ not found.

Prefs.js: toolbar@ask.com:3.11.3.15590 removed from extensions.enabledItems

File C:\Users\A\AppData\Roaming\mozilla\firefox\profiles\jt565p2v.default\extensions\fbphotozoom@installdaddy.com.xpi not found.

========== FILES ==========

< ipconfig /flushdns /c >

Configuration IP de Windows

Cache de r‚solution DNS vid‚.

C:\Users\A\Downloads\cmd.bat deleted successfully.

C:\Users\A\Downloads\cmd.txt deleted successfully.

C:\Users\A\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2_0 folder moved successfully.

C:\Users\A\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo folder moved successfully.

========== COMMANDS ==========

[EMPTYJAVA]

User: A

->Java cache emptied: 1298407 bytes

User: All Users

User: Default

User: Default User

User: Public

Total Java Files Cleaned = 1,00 mb

[EMPTYFLASH]

User: A

->Flash cache emptied: 200414 bytes

User: All Users

User: Default

User: Default User

User: Public

Total Flash Files Cleaned = 0,00 mb

OTL by OldTimer - Version 3.2.69.0 log created on 02162013_212341

Link to post
Share on other sites

  • Staff

Greetings

At this time I would like you to run this script for me and it is a good time to check out the computer to see if there is anything else that needs to be addressed.

:Run CFScript:

Please start by opening Notepad and copy/paste the text in the box into the window:

 ClearJavaCache:: 

Save it to your desktop as CFScript.txt

Referring to the picture above, drag CFScript.txt into ComboFix.exe

CFScriptB-4.gif

This will let ComboFix run again.

Restart if you have to.

Save the produced logfile to your desktop.

Note: Do not mouseclick combofix's window whilst it's running. That may cause it to stall

Note 2: If you receive an error "Illegal operation attempted on a registry key that has been marked for deletion." Please restart the computer

"information and logs"

  • In your next post I need the following
  1. report from Combofix
  2. let me know of any problems you may have had
  3. How is the computer doing now after running the script?

Gringo

Link to post
Share on other sites

Hello

1. the report combofix is below

2. it took around 90 minutes

3. as i said, youtube coupondropdown is gone

4. On my C\ i ve got TDSKIller_Quarantine files, Qoobox with reports, _OTL, Combofix - I want to delete them. OK?

===========================================================

ComboFix 13-02-13.02 - A 17/02/2013 9:13.2.2 - x86

Lancé depuis: c:\users\A\Desktop\ComboFix.exe

Commutateurs utilisés :: c:\users\A\Desktop\CFScript..txt

.

.

(((((((((((((((((((((((((((((((((((( Autres suppressions ))))))))))))))))))))))))))))))))))))))))))))))))

.

.

c:\users\A\AppData\Local\Temp\ppcrlui_4324_2

.

.

((((((((((((((((((((((((((((( Fichiers créés du 2013-01-17 au 2013-02-17 ))))))))))))))))))))))))))))))))))))

.

.

2013-02-17 09:36 . 2013-02-17 09:36 -------- d-----w- c:\users\Default\AppData\Local\temp

2013-02-16 20:23 . 2013-02-16 20:23 -------- d-----w- C:\_OTL

2013-02-15 19:00 . 2013-02-15 19:00 -------- d-----w- C:\TDSSKiller_Quarantine

2013-02-15 08:23 . 2013-01-08 04:57 6991832 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{50344AE7-06B0-461A-9DD7-CDA4C4B87D29}\mpengine.dll

2013-02-14 19:06 . 2013-01-08 22:01 768000 ----a-w- c:\program files\Common Files\Microsoft Shared\vgx\VGX.dll

2013-02-14 12:02 . 2013-01-04 01:38 2048512 ----a-w- c:\windows\system32\win32k.sys

2013-02-14 12:02 . 2012-11-08 03:48 1314816 ----a-w- c:\windows\system32\quartz.dll

2013-02-14 12:01 . 2013-01-04 11:28 905576 ----a-w- c:\windows\system32\drivers\tcpip.sys

2013-02-14 12:01 . 2013-01-05 05:26 3550072 ----a-w- c:\windows\system32\ntoskrnl.exe

2013-02-14 12:01 . 2013-01-05 05:26 3602808 ----a-w- c:\windows\system32\ntkrnlpa.exe

2013-02-09 11:09 . 2013-02-09 11:09 -------- d-----w- c:\users\A\AppData\Roaming\OpenOffice.org

2013-02-09 11:01 . 2013-02-09 11:01 -------- d-----w- c:\program files\OpenOffice.org 3

2013-01-23 09:26 . 2013-01-23 09:26 -------- d-----w- c:\program files\Common Files\Skype

2013-01-23 09:26 . 2013-01-23 09:26 -------- d-----r- c:\program files\Skype

.

.

.

(((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))

.

2013-02-09 20:49 . 2012-10-06 06:32 74096 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl

2013-02-09 20:49 . 2012-10-06 06:32 697712 ----a-w- c:\windows\system32\FlashPlayerApp.exe

2013-01-17 00:28 . 2010-11-24 18:48 232336 ------w- c:\windows\system32\MpSigStub.exe

2012-12-16 13:12 . 2012-12-21 19:02 34304 ----a-w- c:\windows\system32\atmlib.dll

2012-12-16 10:50 . 2012-12-21 19:02 293376 ----a-w- c:\windows\system32\atmfd.dll

2012-11-20 04:22 . 2013-01-11 11:17 204288 ----a-w- c:\windows\system32\ncrypt.dll

.

.

((((((((((((((((((((((((((((((((( Points de chargement Reg ))))))))))))))))))))))))))))))))))))))))))))))))

.

.

*Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés

REGEDIT4

.

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]

@="{472083B0-C522-11CF-8763-00608CC02F24}"

[HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]

2012-10-30 22:50 121528 ----a-w- c:\program files\AVAST Software\Avast\ashShell.dll

.

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2009-04-11 1233920]

"TOSCDSPD"="c:\program files\TOSHIBA\TOSCDSPD\TOSCDSPD.exe" [2006-11-13 413696]

"swg"="c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2010-11-25 39408]

"ehTray.exe"="c:\windows\ehome\ehTray.exe" [2008-01-19 125952]

"WMPNSCFG"="c:\program files\Windows Media Player\WMPNSCFG.exe" [2008-01-19 202240]

"Skype"="c:\program files\Skype\Phone\Skype.exe" [2013-01-08 18705664]

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"KeNotify"="c:\program files\TOSHIBA\Utilities\KeNotify.exe" [2006-11-06 34352]

"SVPWUTIL"="c:\program files\TOSHIBA\Utilities\SVPWUTIL.exe" [2006-03-22 438272]

"RtHDVCpl"="RtHDVCpl.exe" [2007-09-03 4702208]

"TPwrMain"="c:\program files\TOSHIBA\Power Saver\TPwrMain.EXE" [2007-03-29 411192]

"HSON"="c:\program files\TOSHIBA\TBS\HSON.exe" [2006-12-07 55416]

"SmoothView"="c:\program files\Toshiba\SmoothView\SmoothView.exe" [2007-04-03 509496]

"00TCrdMain"="c:\program files\TOSHIBA\FlashCards\TCrdMain.exe" [2007-05-22 538744]

"Desktop SMS"="c:\program files\IDM\Desktop SMS\DesktopSMS.exe" [2007-06-18 1507328]

"topi"="c:\program files\TOSHIBA\Toshiba Online Product Information\topi.exe" [2007-07-10 581632]

"StartCCC"="c:\program files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2006-11-10 90112]

"Camera Assistant Software"="c:\program files\Camera Assistant Software for Toshiba\traybar.exe" [2007-04-10 413696]

"SynTPStart"="c:\program files\Synaptics\SynTP\SynTPStart.exe" [2007-07-27 204800]

"Toshiba Registration"="c:\program files\Toshiba\Registration\ToshibaRegistration.exe" [2007-02-19 571024]

"IAAnotif"="c:\program files\Intel\Intel Matrix Storage Manager\iaanotif.exe" [2007-02-12 174872]

"SynTPEnh"="c:\program files\Synaptics\SynTP\SynTPEnh.exe" [2009-03-20 1451304]

"DivXUpdate"="c:\program files\DivX\DivX Update\DivXUpdate.exe" [2011-07-28 1259376]

"avast"="c:\program files\AVAST Software\Avast\avastUI.exe" [2012-10-30 4297136]

"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2012-07-03 252848]

"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2012-12-03 946352]

"LoadMdm"="c:\program files\Wetelecom\LoadMdm.exe" [2010-07-13 397312]

.

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]

"EnableUIADesktopToggle"= 0 (0x0)

.

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]

"mixer6"=wdmaud.drv

.

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\22188256.sys]

@="Driver"

.

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfPf]

@="Driver"

.

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfRd]

@="Driver"

.

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfSvc]

@="Service"

.

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring]

"DisableMonitoring"=dword:00000001

.

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecAntiVirus]

"DisableMonitoring"=dword:00000001

.

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecFirewall]

"DisableMonitoring"=dword:00000001

.

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]

LocalServiceAndNoImpersonation REG_MULTI_SZ FontCache

.

Contenu du dossier 'Tâches planifiées'

.

2013-02-17 c:\windows\Tasks\Adobe Flash Player Updater.job

- c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2012-10-06 20:49]

.

2013-02-17 c:\windows\Tasks\Final Media Player Update Checker.job

- c:\program files\FinalMediaPlayer\FMPCheckForUpdates.exe [2011-01-01 10:25]

.

2013-02-17 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job

- c:\program files\Google\Update\GoogleUpdate.exe [2010-11-25 21:33]

.

2013-02-17 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job

- c:\program files\Google\Update\GoogleUpdate.exe [2010-11-25 21:33]

.

.

------- Examen supplémentaire -------

.

uStart Page = hxxp://www.google.com

TCP: DhcpNameServer = 192.168.1.254

.

.

**************************************************************************

.

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net

Rootkit scan 2013-02-17 10:36

Windows 6.0.6002 Service Pack 2 NTFS

.

Recherche de processus cachés ...

.

Recherche d'éléments en démarrage automatique cachés ...

.

HKCU\Software\Microsoft\Windows\CurrentVersion\Run

TOSCDSPD = c:\program files\TOSHIBA\TOSCDSPD\TOSCDSPD.exe?/i?????p_8S?A??8???`????????????

.

Recherche de fichiers cachés ...

.

Scan terminé avec succès

Fichiers cachés: 0

.

**************************************************************************

.

--------------------- CLES DE REGISTRE BLOQUEES ---------------------

.

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]

@Denied: (A 2) (Everyone)

@="FlashBroker"

"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil32_11_5_502_149_ActiveX.exe,-101"

.

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]

"Enabled"=dword:00000001

.

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]

@="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil32_11_5_502_149_ActiveX.exe"

.

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]

@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"

.

[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]

@Denied: (A 2) (Everyone)

@="IFlashBroker5"

.

[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]

@="{00020424-0000-0000-C000-000000000046}"

.

[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]

@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"

"Version"="1.0"

.

[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]

@Denied: (A) (Users)

@Denied: (A) (Everyone)

@Allowed: (B 1 2 3 4 5) (S-1-5-20)

"BlindDial"=dword:00000000

"MSCurrentCountry"=dword:000000b5

.

[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]

@Denied: (A) (Users)

@Denied: (A) (Everyone)

@Allowed: (B 1 2 3 4 5) (S-1-5-20)

"BlindDial"=dword:00000000

.

[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0002\AllUserSettings]

@Denied: (A) (Users)

@Denied: (A) (Everyone)

@Allowed: (B 1 2 3 4 5) (S-1-5-20)

"BlindDial"=dword:00000000

.

Heure de fin: 2013-02-17 10:43:59

ComboFix-quarantined-files.txt 2013-02-17 09:43

.

Avant-CF: 96 941 752 320 octets libres

Après-CF: 96 919 080 960 octets libres

.

- - End Of File - - 234D4404FE1C4838A6A3CD4467970E2C

Link to post
Share on other sites

  • Staff

Hello

These logs are looking allot better. But we still have some work to do.

Please print out these instructions, or copy them to a Notepad file. It will make it easier for you to follow the instructions and complete all of the necessary steps..

uninstall some programs

NOTE** Because of the cleanup process some of the programs I have listed may not be in add/remove anymore this is fine just move to the next item on the list.

You can remove these programs using add/remove or you can use the free uninstaller from Revo (Revo does allot better of a job)

  • Programs to remove

    • Adobe Reader X (10.1.5) - Français
      Java 7 Update 7
      Java™ SE Runtime Environment 6
      JavaFX 2.1.1
      McAfee Security Scan Plus
      SweetIM for Messenger 3.3

  • Please download and install
Revo Uninstaller FreeDouble click Revo Uninstaller to run it.
From the list of programs double click on The Program to remove
When prompted if you want to uninstall click Yes.
Be sure the Moderate option is selected then click Next.
The program will run, If prompted again click Yes
when the built-in uninstaller is finished click on Next.
Once the program has searched for leftovers click Next.
Check/tick the bolded items only on the list then click Delete
when prompted click on Yes and then on next.
put a check on any folders that are found and select delete
when prompted select yes then on next
Once done click Finish.

.

Update Adobe reader

  • Recently there have been vulnerabilities detected in older versions of Adobe Reader. It is strongly suggested that you update to the current version.
    You can download it from
http://www.adobe.com/products/acrobat/readstep2.html
After installing the latest Adobe Reader, uninstall all previous versions.
If you already have Adobe Photoshop® Album Starter Edition installed or do not wish to have it installed UNcheck the box which says Also Download Adobe Photoshop® Album Starter Edition.
  • If you don't like Adobe Reader (53 MB), you can download Foxit PDF Reader(7 MB) from
here. It's a much smaller file to download and uses a lot less resources than Adobe Reader.
Note: When installing FoxitReader, be careful not to install anything to do with AskBar.

Clean Out Temp Files

  • This small application you may want to keep and use once a week to keep the computer clean.
    Download CCleaner from here http://www.ccleaner.com/
    • Run the installer to install the application.
    • When it gives you the option to install Yahoo toolbar uncheck the box next to it.
    • Run CCleaner. (make sure under Windows tab all the boxes of Internet Explorer and Windows explorer are checked. Under System check Empty Recycle Bin and Temporary Files. Under Application tab all the boxes should be checked).
    • Click Run Cleaner.
    • Close CCleaner.

: Malwarebytes' Anti-Malware :

I see You have MBAM installed on the computer - that is great!! it is a very good program! I would like you to run a quick scan for me now

  • Double-click mbam icon
  • go to the update tab at the top
  • click on check for updates
  • If an update is found, it will download and install the latest version.
  • Once the program has loaded, select Perform quick scan, then click Scan.
  • When the scan is complete, click OK, then Show Results to view the results.
  • Be sure that everything is Checked (ticked) except items in the C:\System Volume Information folder and click on Remove Selected.
  • When completed, a log will open in Notepad. please copy and paste the log into your next reply
    • If you accidentally close it, the log file is saved here and will be named like this:
    • C:\Documents and Settings\Username\Application Data\Malwarebytes\Malwarebytes' Anti-Malware\Logs\mbam-log-date (time).txt

Note: If MBAM encounters a file that is difficult to remove, you will be presented with 1 of 2 prompts.

Click OK to either and let MBAM proceed with the disinfection process.

If asked to restart the computer, please do so immediately. Failure to reboot will prevent MBAM from removing all the malware.

Download HijackThis

  • Go Here to download HijackThis program
  • Save HijackThis to your desktop.
  • Right Click on Hijackthis and select "Run as Admin" (XP users just need to double click to run)
  • Click on "Do A system scan and save a logfile" (if you do not see "Do A system scan and save a logfile" then click on main menu)
  • copy and paste hijackthis report into the topic

"information and logs"

  • In your next post I need the following
  1. Log From MBAM
  2. report from Hijackthis
  3. let me know of any problems you may have had
  4. How is the computer doing now?

Gringo

Link to post
Share on other sites

Hello

1. info: while running uninstal and then revo the following message appeared adn the sweetms site opened

'Error 1316. A network error occured while attempting to read from the file C:\Windows\Installer\SweetIMSetup.msi'

BUT, the Sweet has been removed !

2.logs

MBAM:

==============================================

Malwarebytes Anti-Malware 1.70.0.1100

www.malwarebytes.org

Database version: v2013.02.17.08

Windows Vista Service Pack 2 x86 NTFS

Internet Explorer 9.0.8112.16421

A :: PC-DE-A [administrator]

17/02/2013 22:06:04

mbam-log-2013-02-17 (22-06-04).txt

Scan type: Quick scan

Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM

Scan options disabled: P2P

Objects scanned: 194908

Time elapsed: 12 minute(s), 29 second(s)

Memory Processes Detected: 0

(No malicious items detected)

Memory Modules Detected: 0

(No malicious items detected)

Registry Keys Detected: 0

(No malicious items detected)

Registry Values Detected: 0

(No malicious items detected)

Registry Data Items Detected: 0

(No malicious items detected)

Folders Detected: 0

(No malicious items detected)

Files Detected: 0

(No malicious items detected)

(end)

===================================================

HJT

Logfile of Trend Micro HijackThis v2.0.4

Scan saved at 22:22:46, on 17/02/2013

Platform: Windows Vista SP2 (WinNT 6.00.1906)

MSIE: Internet Explorer v9.00 (9.00.8112.16464)

Boot mode: Normal

Running processes:

C:\Windows\system32\Dwm.exe

C:\Windows\Explorer.EXE

C:\Windows\system32\taskeng.exe

C:\Program Files\FinalMediaPlayer\FMPCheckForUpdates.exe

C:\Windows\system32\taskeng.exe

C:\Program Files\Windows Media Player\wmpnscfg.exe

C:\Program Files\TOSHIBA\Utilities\KeNotify.exe

C:\Windows\RtHDVCpl.exe

C:\Program Files\TOSHIBA\Power Saver\TPwrMain.exe

C:\Program Files\TOSHIBA\SmoothView\SmoothView.exe

C:\Program Files\TOSHIBA\FlashCards\TCrdMain.exe

C:\Program Files\IDM\Desktop SMS\DesktopSMS.exe

C:\Program Files\TOSHIBA\Toshiba Online Product Information\TOPI.exe

C:\Program Files\Camera Assistant Software for Toshiba\traybar.exe

C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.EXE

C:\Program Files\Camera Assistant Software for Toshiba\CEC_MAIN.exe

C:\Program Files\Synaptics\SynTP\SynTPEnh.exe

C:\Program Files\Windows Mail\WinMail.exe

C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe

C:\Program Files\DivX\DivX Update\DivXUpdate.exe

C:\Program Files\AVAST Software\Avast\AvastUI.exe

C:\Program Files\Wetelecom\LoadMdm.exe

C:\Program Files\Windows Sidebar\sidebar.exe

C:\Program Files\TOSHIBA\TOSCDSPD\TOSCDSPD.exe

C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe

C:\Windows\ehome\ehtray.exe

C:\Program Files\Skype\Phone\Skype.exe

C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtMng.exe

C:\Program Files\Synaptics\SynTP\SynToshiba.exe

C:\Program Files\OpenOffice.org 3\program\soffice.exe

C:\Windows\ehome\ehmsas.exe

C:\Program Files\OpenOffice.org 3\program\soffice.bin

C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe

c:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosA2dp.exe

c:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtHid.exe

C:\Program Files\Synaptics\SynTP\SynTPHelper.exe

c:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtHsp.exe

C:\Windows\system32\conime.exe

C:\Windows\System32\notepad.exe

C:\Windows\notepad.exe

C:\Windows\system32\SearchFilterHost.exe

C:\Users\A\Desktop\HijackThis.exe

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157

R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =

O2 - BHO: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll

O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll

O2 - BHO: SingleInstance Class - {FDAD4DA1-61A2-4FD8-9C17-86F7AC245081} - C:\Program Files\Yahoo!\Companion\Installs\cpn\YTSingleInstance.dll

O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll

O3 - Toolbar: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll

O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll

O4 - HKLM\..\Run: [KeNotify] C:\Program Files\TOSHIBA\Utilities\KeNotify.exe

O4 - HKLM\..\Run: [sVPWUTIL] C:\Program Files\TOSHIBA\Utilities\SVPWUTIL.exe SVPwUTIL

O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe

O4 - HKLM\..\Run: [TPwrMain] %ProgramFiles%\TOSHIBA\Power Saver\TPwrMain.EXE

O4 - HKLM\..\Run: [HSON] %ProgramFiles%\TOSHIBA\TBS\HSON.exe

O4 - HKLM\..\Run: [smoothView] %ProgramFiles%\Toshiba\SmoothView\SmoothView.exe

O4 - HKLM\..\Run: [00TCrdMain] %ProgramFiles%\TOSHIBA\FlashCards\TCrdMain.exe

O4 - HKLM\..\Run: [Desktop SMS] C:\Program Files\IDM\Desktop SMS\DesktopSMS.exe /auto

O4 - HKLM\..\Run: [topi] C:\Program Files\TOSHIBA\Toshiba Online Product Information\topi.exe -startup

O4 - HKLM\..\Run: [startCCC] "C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe"

O4 - HKLM\..\Run: [Camera Assistant Software] "C:\Program Files\Camera Assistant Software for Toshiba\traybar.exe"

O4 - HKLM\..\Run: [synTPStart] C:\Program Files\Synaptics\SynTP\SynTPStart.exe

O4 - HKLM\..\Run: [Toshiba Registration] C:\Program Files\Toshiba\Registration\ToshibaRegistration.exe

O4 - HKLM\..\Run: [iAAnotif] C:\Program Files\Intel\Intel Matrix Storage Manager\iaanotif.exe

O4 - HKLM\..\Run: [synTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe

O4 - HKLM\..\Run: [DivXUpdate] "C:\Program Files\DivX\DivX Update\DivXUpdate.exe" /CHECKNOW

O4 - HKLM\..\Run: [avast] "C:\Program Files\AVAST Software\Avast\avastUI.exe" /nogui

O4 - HKLM\..\Run: [LoadMdm] C:\Program Files\Wetelecom\LoadMdm.exe

O4 - HKLM\..\RunOnce: [Malwarebytes Anti-Malware] E:\Bac\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe /install /silent

O4 - HKCU\..\Run: [sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun

O4 - HKCU\..\Run: [TOSCDSPD] C:\Program Files\TOSHIBA\TOSCDSPD\TOSCDSPD.exe

O4 - HKCU\..\Run: [swg] "C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"

O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe

O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe

O4 - HKCU\..\Run: [skype] "C:\Program Files\Skype\Phone\Skype.exe" /minimized /regrun

O4 - Startup: OpenOffice.org 3.4.1.lnk = C:\Program Files\OpenOffice.org 3\program\quickstart.exe

O4 - Global Startup: Bluetooth Manager.lnk = ?

O9 - Extra button: Envoyer à OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll

O9 - Extra 'Tools' menuitem: &Envoyer à OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll

O9 - Extra button: (no name) - {53F6FCCD-9E22-4d71-86EA-6E43136192AB} - (no file)

O9 - Extra button: (no name) - {925DAB62-F9AC-4221-806A-057BFB1014AA} - (no file)

O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL

O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics

O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL

O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\Windows\system32\browseui.dll

O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe

O23 - Service: @%SystemRoot%\system32\aelupsvc.dll,-1 (AeLookupSvc) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: Agere Modem Call Progress Audio (AgereModemAudio) - Agere Systems - C:\Windows\system32\agrsmsvc.exe

O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe

O23 - Service: @%systemroot%\system32\appinfo.dll,-100 (Appinfo) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: Ati External Event Utility - ATI Technologies Inc. - C:\Windows\system32\Ati2evxx.exe

O23 - Service: @%SystemRoot%\system32\audiosrv.dll,-204 (AudioEndpointBuilder) - Unknown owner - C:\Windows\System32\svchost.exe

O23 - Service: @%SystemRoot%\system32\audiosrv.dll,-200 (Audiosrv) - Unknown owner - C:\Windows\System32\svchost.exe

O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe

O23 - Service: avast! Firewall - AVAST Software - C:\Program Files\AVAST Software\Avast\afwServ.exe

O23 - Service: @%SystemRoot%\system32\bfe.dll,-1001 (BFE) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%SystemRoot%\system32\qmgr.dll,-1000 (BITS) - Unknown owner - C:\Windows\System32\svchost.exe

O23 - Service: @%systemroot%\system32\browser.dll,-100 (Browser) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%SystemRoot%\System32\certprop.dll,-11 (CertPropSvc) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: ConfigFree Service (CFSvcs) - TOSHIBA CORPORATION - C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe

O23 - Service: @%SystemRoot%\system32\cryptsvc.dll,-1001 (CryptSvc) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @oleres.dll,-5012 (DcomLaunch) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @dfsrres.dll,-101 (DFSR) - Unknown owner - C:\Windows\system32\DFSR.exe

O23 - Service: @%SystemRoot%\system32\dhcpcsvc.dll,-100 (Dhcp) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%SystemRoot%\System32\dnsapi.dll,-101 (Dnscache) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%systemroot%\system32\dot3svc.dll,-1102 (dot3svc) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%systemroot%\system32\dps.dll,-500 (DPS) - Unknown owner - C:\Windows\System32\svchost.exe

O23 - Service: @%systemroot%\system32\eapsvc.dll,-1 (EapHost) - Unknown owner - C:\Windows\System32\svchost.exe

O23 - Service: @%SystemRoot%\ehome\ehrecvr.exe,-101 (ehRecvr) - Unknown owner - C:\Windows\ehome\ehRecvr.exe

O23 - Service: @%SystemRoot%\ehome\ehsched.exe,-101 (ehSched) - Unknown owner - C:\Windows\ehome\ehsched.exe

O23 - Service: @%SystemRoot%\ehome\ehstart.dll,-101 (ehstart) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%SystemRoot%\system32\emdmgmt.dll,-1000 (EMDMgmt) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%SystemRoot%\system32\wevtsvc.dll,-200 (Eventlog) - Unknown owner - C:\Windows\System32\svchost.exe

O23 - Service: @comres.dll,-2450 (EventSystem) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%systemroot%\system32\fdPHost.dll,-100 (fdPHost) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%systemroot%\system32\fdrespub.dll,-100 (FDResPub) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%systemroot%\system32\FntCache.dll,-100 (FontCache) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @gpapi.dll,-112 (gpsvc) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: Service Google Update (gupdate) (gupdate) - Unknown owner - C:\Program Files\Google\Update\GoogleUpdate.exe

O23 - Service: Service Google Update (gupdatem) (gupdatem) - Unknown owner - C:\Program Files\Google\Update\GoogleUpdate.exe

O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe

O23 - Service: @%SystemRoot%\System32\hidserv.dll,-101 (hidserv) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%SystemRoot%\system32\kmsvc.dll,-6 (hkmsvc) - Unknown owner - C:\Windows\System32\svchost.exe

O23 - Service: Intel® Matrix Storage Event Monitor (IAANTMON) - Intel Corporation - C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTMon.exe

O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe

O23 - Service: @%SystemRoot%\system32\ikeext.dll,-501 (IKEEXT) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%systemroot%\system32\IPBusEnum.dll,-102 (IPBusEnum) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%SystemRoot%\system32\iphlpsvc.dll,-200 (iphlpsvc) - Unknown owner - C:\Windows\System32\svchost.exe

O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe

O23 - Service: @comres.dll,-2946 (KtmRm) - Unknown owner - C:\Windows\System32\svchost.exe

O23 - Service: @%systemroot%\system32\srvsvc.dll,-100 (LanmanServer) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%systemroot%\system32\wkssvc.dll,-100 (LanmanWorkstation) - Unknown owner - C:\Windows\System32\svchost.exe

O23 - Service: @%SystemRoot%\system32\lltdres.dll,-1 (lltdsvc) - Unknown owner - C:\Windows\System32\svchost.exe

O23 - Service: @%SystemRoot%\system32\lmhsvc.dll,-101 (lmhosts) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: lxct_device - - C:\Windows\system32\lxctcoms.exe

O23 - Service: @%systemroot%\system32\mmcss.dll,-100 (MMCSS) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%SystemRoot%\system32\FirewallAPI.dll,-23090 (MpsSvc) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe

O23 - Service: @%SystemRoot%\system32\iscsidsc.dll,-5000 (MSiSCSI) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%SystemRoot%\system32\msimsg.dll,-27 (msiserver) - Unknown owner - C:\Windows\system32\msiexec.exe

O23 - Service: @%SystemRoot%\system32\qagentrt.dll,-6 (napagent) - Unknown owner - C:\Windows\System32\svchost.exe

O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe

O23 - Service: @%SystemRoot%\system32\netman.dll,-109 (Netman) - Unknown owner - C:\Windows\System32\svchost.exe

O23 - Service: @%SystemRoot%\system32\netprof.dll,-246 (netprofm) - Unknown owner - C:\Windows\System32\svchost.exe

O23 - Service: @%SystemRoot%\System32\nlasvc.dll,-1 (NlaSvc) - Unknown owner - C:\Windows\System32\svchost.exe

O23 - Service: @%SystemRoot%\system32\nsisvc.dll,-200 (nsi) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%SystemRoot%\system32\p2psvc.dll,-8004 (p2pimsvc) - Unknown owner - C:\Windows\System32\svchost.exe

O23 - Service: @%SystemRoot%\system32\p2psvc.dll,-8006 (p2psvc) - Unknown owner - C:\Windows\System32\svchost.exe

O23 - Service: @%SystemRoot%\system32\pcasvc.dll,-1 (PcaSvc) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%systemroot%\system32\pla.dll,-500 (pla) - Unknown owner - C:\Windows\System32\svchost.exe

O23 - Service: @%SystemRoot%\system32\umpnpmgr.dll,-100 (PlugPlay) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%SystemRoot%\system32\p2psvc.dll,-8002 (PNRPAutoReg) - Unknown owner - C:\Windows\System32\svchost.exe

O23 - Service: @%SystemRoot%\system32\p2psvc.dll,-8000 (PNRPsvc) - Unknown owner - C:\Windows\System32\svchost.exe

O23 - Service: @%SystemRoot%\System32\polstore.dll,-5010 (PolicyAgent) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%systemroot%\system32\profsvc.dll,-300 (ProfSvc) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe

O23 - Service: @%SystemRoot%\system32\qwave.dll,-1 (QWAVE) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%Systemroot%\system32\rasauto.dll,-200 (RasAuto) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%Systemroot%\system32\rasmans.dll,-200 (RasMan) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @regsvc.dll,-1 (RemoteRegistry) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe

O23 - Service: @oleres.dll,-5010 (RpcSs) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe

O23 - Service: @%SystemRoot%\System32\SCardSvr.dll,-1 (SCardSvr) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%SystemRoot%\system32\schedsvc.dll,-100 (Schedule) - Unknown owner - C:\Windows\System32\svchost.exe

O23 - Service: @%SystemRoot%\System32\certprop.dll,-13 (SCPolicySvc) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%SystemRoot%\system32\sdrsvc.dll,-107 (SDRSVC) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%SystemRoot%\system32\seclogon.dll,-7001 (seclogon) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%SystemRoot%\system32\Sens.dll,-200 (SENS) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%SystemRoot%\System32\SessEnv.dll,-1026 (SessionEnv) - Unknown owner - C:\Windows\System32\svchost.exe

O23 - Service: @%SystemRoot%\system32\ipnathlp.dll,-106 (SharedAccess) - Unknown owner - C:\Windows\System32\svchost.exe

O23 - Service: @%SystemRoot%\System32\shsvcs.dll,-12288 (ShellHWDetection) - Unknown owner - C:\Windows\System32\svchost.exe

O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files\Skype\Updater\Updater.exe

O23 - Service: @%SystemRoot%\system32\SLsvc.exe,-101 (slsvc) - Unknown owner - C:\Windows\system32\SLsvc.exe

O23 - Service: @%SystemRoot%\system32\SLUINotify.dll,-103 (SLUINotify) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe

O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe

O23 - Service: @%systemroot%\system32\ssdpsrv.dll,-100 (SSDPSRV) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%SystemRoot%\system32\sstpsvc.dll,-200 (SstpSvc) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%SystemRoot%\system32\wiaservc.dll,-9 (stisvc) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%SystemRoot%\System32\swprv.dll,-103 (swprv) - Unknown owner - C:\Windows\System32\svchost.exe

O23 - Service: @%SystemRoot%\system32\sysmain.dll,-1000 (SysMain) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%SystemRoot%\system32\TabSvc.dll,-100 (TabletInputService) - Unknown owner - C:\Windows\System32\svchost.exe

O23 - Service: @%SystemRoot%\system32\tapisrv.dll,-10100 (TapiSrv) - Unknown owner - C:\Windows\System32\svchost.exe

O23 - Service: @%SystemRoot%\system32\tbssvc.dll,-100 (TBS) - Unknown owner - C:\Windows\System32\svchost.exe

O23 - Service: @%SystemRoot%\System32\termsrv.dll,-268 (TermService) - Unknown owner - C:\Windows\System32\svchost.exe

O23 - Service: @%SystemRoot%\System32\shsvcs.dll,-8192 (Themes) - Unknown owner - C:\Windows\System32\svchost.exe

O23 - Service: @%systemroot%\system32\mmcss.dll,-102 (THREADORDER) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: TOSHIBA Navi Support Service (TNaviSrv) - TOSHIBA Corporation - C:\Program Files\TOSHIBA\TOSHIBA HD DVD PLAYER\TNaviSrv.exe

O23 - Service: TOSHIBA Optical Disc Drive Service (TODDSrv) - TOSHIBA Corporation - C:\Windows\system32\TODDSrv.exe

O23 - Service: TOSHIBA Power Saver (TosCoSrv) - TOSHIBA Corporation - C:\Program Files\TOSHIBA\Power Saver\TosCoSrv.exe

O23 - Service: TOSHIBA Bluetooth Service - TOSHIBA CORPORATION - c:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtSrv.exe

O23 - Service: @%SystemRoot%\system32\trkwks.dll,-1 (TrkWks) - Unknown owner - C:\Windows\System32\svchost.exe

O23 - Service: @%SystemRoot%\servicing\TrustedInstaller.exe,-100 (TrustedInstaller) - Unknown owner - C:\Windows\servicing\TrustedInstaller.exe

O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe

O23 - Service: @%systemroot%\system32\upnphost.dll,-213 (upnphost) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%SystemRoot%\system32\dwm.exe,-2000 (UxSms) - Unknown owner - C:\Windows\System32\svchost.exe

O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe

O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe

O23 - Service: @%SystemRoot%\system32\w32time.dll,-200 (W32Time) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%SystemRoot%\system32\wcncsvc.dll,-3 (wcncsvc) - Unknown owner - C:\Windows\System32\svchost.exe

O23 - Service: @%SystemRoot%\system32\WcsPlugInService.dll,-200 (WcsPlugInService) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%systemroot%\system32\wdi.dll,-502 (WdiServiceHost) - Unknown owner - C:\Windows\System32\svchost.exe

O23 - Service: @%systemroot%\system32\wdi.dll,-500 (WdiSystemHost) - Unknown owner - C:\Windows\System32\svchost.exe

O23 - Service: @%systemroot%\system32\webclnt.dll,-100 (WebClient) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%SystemRoot%\system32\wecsvc.dll,-200 (Wecsvc) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%SystemRoot%\System32\wercplsupport.dll,-101 (wercplsupport) - Unknown owner - C:\Windows\System32\svchost.exe

O23 - Service: @%SystemRoot%\System32\wersvc.dll,-100 (WerSvc) - Unknown owner - C:\Windows\System32\svchost.exe

O23 - Service: Windows Defender (WinDefend) - Unknown owner - C:\Windows\System32\svchost.exe

O23 - Service: @%SystemRoot%\system32\winhttp.dll,-100 (WinHttpAutoProxySvc) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%Systemroot%\system32\wbem\wmisvc.dll,-205 (Winmgmt) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%Systemroot%\system32\wsmsvc.dll,-101 (WinRM) - Unknown owner - C:\Windows\System32\svchost.exe

O23 - Service: @%SystemRoot%\System32\wlansvc.dll,-257 (Wlansvc) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe

O23 - Service: @%ProgramFiles%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files\Windows Media Player\wmpnetwk.exe

O23 - Service: @%SystemRoot%\system32\wpcsvc.dll,-100 (WPCSvc) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%SystemRoot%\system32\wpdbusenum.dll,-100 (WPDBusEnum) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @c:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe,-100 (WPFFontCache_v0400) - Unknown owner - C:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe

O23 - Service: @%SystemRoot%\System32\wscsvc.dll,-200 (wscsvc) - Unknown owner - C:\Windows\System32\svchost.exe

O23 - Service: @%systemroot%\system32\SearchIndexer.exe,-103 (WSearch) - Unknown owner - C:\Windows\system32\SearchIndexer.exe

O23 - Service: @%systemroot%\system32\wuaueng.dll,-105 (wuauserv) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%SystemRoot%\system32\wudfsvc.dll,-1000 (wudfsvc) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: Yahoo! Updater (YahooAUService) - Yahoo! Inc. - C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe

--

End of file - 22846 bytes

Link to post
Share on other sites

  • Staff

Greetings

These logs are looking very good, we are almost done!!! Just one more scan to go.

:Remove unneeded start-up entries:

This part of the fix is purely optional

These are programs that start up when you turn on your computer but don't need to be, any of these programs you can click on their icons (or start from the control panel) and start the program when you need it. By stopping these programs you will boot up faster and your computer will work faster.

  • Run HijackThis (rightclick and run as admin)
  • Click on the Scan button
  • Put a check beside all of the items listed below (if present):

    • O4 - HKLM\..\Run: [KeNotify] C:\Program Files\TOSHIBA\Utilities\KeNotify.exe
      O4 - HKLM\..\Run: [sVPWUTIL] C:\Program Files\TOSHIBA\Utilities\SVPWUTIL.exe SVPwUTIL
      O4 - HKLM\..\Run: [HSON] %ProgramFiles%\TOSHIBA\TBS\HSON.exe
      O4 - HKLM\..\Run: [smoothView] %ProgramFiles%\Toshiba\SmoothView\SmoothView.exe
      O4 - HKLM\..\Run: [Desktop SMS] C:\Program Files\IDM\Desktop SMS\DesktopSMS.exe /auto
      O4 - HKLM\..\Run: [topi] C:\Program Files\TOSHIBA\Toshiba Online Product Information\topi.exe -startup
      O4 - HKLM\..\Run: [startCCC] "C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe"
      O4 - HKLM\..\Run: [Toshiba Registration] C:\Program Files\Toshiba\Registration\ToshibaRegistration.exe
      O4 - HKLM\..\Run: [iAAnotif] C:\Program Files\Intel\Intel Matrix Storage Manager\iaanotif.exe
      O4 - HKLM\..\Run: [DivXUpdate] "C:\Program Files\DivX\DivX Update\DivXUpdate.exe" /CHECKNOW
      O4 - HKCU\..\Run: [sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
      O4 - HKCU\..\Run: [TOSCDSPD] C:\Program Files\TOSHIBA\TOSCDSPD\TOSCDSPD.exe
      O4 - HKCU\..\Run: [swg] "C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"
      O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe
      O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe

[*] Close all open windows and browsers/email, etc...

[*] Click on the "Fix Checked" button

[*] When completed, close the application.

  • NOTE**You can research each of those lines
>here< and see if you want to keep them or not
just copy the name between the brackets and paste into the search space
O4 - HKLM\..\Run: [IntelliPoint]

Eset Online Scanner

**Note** You will need to use Internet explorer for this scan - Vista and win 7 right click on IE shortcut and run as admin

Go Eset web page to run an online scanner from ESET.

  • Turn off the real time scanner of any existing antivirus program while performing the online scan
  • click on the Run ESET Online Scanner button
  • Tick the box next to YES, I accept the Terms of Use.
    • Click Start

    [*]When asked, allow the add/on to be installed

    • Click Start

    [*]Make sure that the option Remove found threats is unticked

    [*]Click on Advanced Settings, ensure the options

    • Scan for potentially unwanted applications, Scan for potentially unsafe applications, and Enable Anti-Stealth Technology are ticked.

    [*]Click Scan

    [*]wait for the virus definitions to be downloaded

    [*]Wait for the scan to finish

When the scan is complete

  • If no threats were found
    • put a checkmark in "Uninstall application on close"
    • close program
    • report to me that nothing was found

  • If threats were found
    • click on "list of threats found"
    • click on "export to text file" and save it as ESET SCAN and save to the desktop
    • Click on back
    • put a checkmark in "Uninstall application on close"
    • click on finish
    • close program
    • copy and paste the report here

Gringo

Link to post
Share on other sites

Guest
This topic is now closed to further replies.
  • Recently Browsing   0 members

    • No registered users viewing this page.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.