1. Computer problem? Tech Support Guy is completely free -- paid for by advertisers and donations. Click here to join today! If you're new to Tech Support Guy, we highly recommend that you visit our Guide for New Members.

svchost.exe (netsvcs) 100 cpu

Discussion in 'Virus & Other Malware Removal' started by dwarren1, Feb 26, 2013.

Thread Status:
Not open for further replies.
Advertisement
  1. Phantom010

    Phantom010 Trusted Advisor

    Joined:
    Mar 9, 2009
    Messages:
    34,796
    Try this one as well:

    Please download AdwCleaner.

    • Double-click the adwcleaner.exe to run the tool.
    • Click Delete.
    • When the scan is finished, a notepad window will be opened.
    • Please post the contents in your next reply.
    • The logfile will also be saved in C:\AdwCleaner[R1].txt.


    If no change whatsoever with svchost.exe CPU usage, I'd ask to be moved to the Virus & Other Malware Removal forum. Be sure to provide the appropriate reports in that forum after reading THIS. From there, be patient. The malware removal experts are very busy! You should get an answer within the next 48 hours. To get moved, please click on Report and kindly ask.
     
  2. dwarren1

    dwarren1 Thread Starter

    Joined:
    Feb 26, 2013
    Messages:
    9
    These are the results..

    # AdwCleaner v2.113 - Logfile created 02/27/2013 at 12:37:26
    # Updated 23/02/2013 by Xplode
    # Operating system : Windows 7 Home Premium Service Pack 1 (32 bits)
    # User : Daryl - DARYL-PC
    # Boot Mode : Normal
    # Running from : C:\Users\Daryl\Downloads\adwcleaner.exe
    # Option [Delete]


    ***** [Services] *****


    ***** [Files / Folders] *****

    File Deleted : C:\Users\Daryl\AppData\Local\Temp\Searchqu.ini
    File Deleted : C:\Users\Daryl\AppData\Local\Temp\searchqutoolbar-manifest.xml
    File Deleted : C:\Users\Daryl\AppData\Local\Temp\SetupDataMngr_Searchqu.exe
    Folder Deleted : C:\Program Files\1ClickDownload
    Folder Deleted : C:\Program Files\Common Files\Software Update Utility
    Folder Deleted : C:\Program Files\fbphotozoom
    Folder Deleted : C:\ProgramData\Ask
    Folder Deleted : C:\ProgramData\boost_interprocess
    Folder Deleted : C:\ProgramData\Partner
    Folder Deleted : C:\ProgramData\Trymedia
    Folder Deleted : C:\Users\Daryl\AppData\Local\APN
    Folder Deleted : C:\Users\Daryl\AppData\Local\Ilivid Player
    Folder Deleted : C:\Users\Daryl\AppData\Local\Temp\AskSearch
    Folder Deleted : C:\Users\Daryl\AppData\Local\Temp\boost_interprocess
    Folder Deleted : C:\Users\Daryl\AppData\Local\vghd
    Folder Deleted : C:\Users\Daryl\AppData\LocalLow\searchquband
    Folder Deleted : C:\Users\Daryl\AppData\LocalLow\Searchqutoolbar

    ***** [Registry] *****

    Key Deleted : HKCU\Software\1ClickDownload
    Key Deleted : HKCU\Software\AppDataLow\Software\Freecause
    Key Deleted : HKCU\Software\AppDataLow\Software\searchqutoolbar
    Key Deleted : HKCU\Software\Conduit
    Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2406}
    Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{99079A25-328F-4BD4-BE04-00955ACAA0A7}
    Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{99079A25-328F-4BD4-BE04-00955ACAA0A7}
    Key Deleted : HKCU\Software\SearchCore for Browsers
    Key Deleted : HKCU\Software\TENCENT
    Key Deleted : HKLM\SOFTWARE\Classes\AppID\{5B1881D1-D9C7-46DF-B041-1E593282C7D0}
    Key Deleted : HKLM\SOFTWARE\Classes\AppID\{6C259840-5BA8-46E6-8ED1-EF3BA47D8BA1}
    Key Deleted : HKLM\SOFTWARE\Classes\AppID\{BDB69379-802F-4EAF-B541-F8DE92DD98DB}
    Key Deleted : HKLM\SOFTWARE\Classes\AppID\{EA28B360-05E0-4F93-8150-02891F1D8D3C}
    Key Deleted : HKLM\SOFTWARE\Classes\AppID\dnu.EXE
    Key Deleted : HKLM\SOFTWARE\Classes\Applications\ilividsetupv1.exe
    Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{7B089B94-D1DC-4C6B-87E1-8156E22C1D96}
    Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{99079A25-328F-4BD4-BE04-00955ACAA0A7}
    Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{E15A9BFD-D16D-496D-8222-44CADF316E70}
    Key Deleted : HKLM\SOFTWARE\Classes\dnUpdate
    Key Deleted : HKLM\SOFTWARE\Classes\dnUpdater.DownloadUIBrowser
    Key Deleted : HKLM\SOFTWARE\Classes\dnUpdater.DownloadUIBrowser.1
    Key Deleted : HKLM\SOFTWARE\Classes\dnUpdater.DownloadUpdController
    Key Deleted : HKLM\SOFTWARE\Classes\dnUpdater.DownloadUpdController.1
    Key Deleted : HKLM\SOFTWARE\Classes\Interface\{660E6F4F-840D-436D-B668-433D9591BAC5}
    Key Deleted : HKLM\SOFTWARE\Classes\Interface\{E7435878-65B9-44D1-A443-81754E5DFC90}
    Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{92380354-381A-471F-BE2E-DD9ACD9777EA}
    Key Deleted : HKLM\Software\Conduit
    Key Deleted : HKLM\Software\Iminent
    Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Extension Compatibility\{2EECD738-5844-4A99-B4B6-146BF802613B}
    Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Extension Compatibility\{97F2FF5B-260C-4CCF-834A-2DDA4E29E39E}
    Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Extension Compatibility\{98889811-442D-49DD-99D7-DC866BE87DBC}
    Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{99079A25-328F-4BD4-BE04-00955ACAA0A7}
    Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2406}
    Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\apntoolbarinstaller_RASAPI32
    Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\apntoolbarinstaller_RASMANCS
    Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\iLividSetupV1_RASAPI32
    Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\iLividSetupV1_RASMANCS
    Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\SearchquMediaBar_RASAPI32
    Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\SearchquMediaBar_RASMANCS
    Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\SetupDataMngr_Searchqu_RASAPI32
    Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\SetupDataMngr_Searchqu_RASMANCS
    Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{99079A25-328F-4BD4-BE04-00955ACAA0A7}
    Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{7B089B94-D1DC-4C6B-87E1-8156E22C1D96}
    Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\063A857434EDED11A893800002C0A966
    Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\1ClickDownload
    Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Searchqu 406 MediaBar
    Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\SoftwareUpdUtility
    Key Deleted : HKLM\Software\SearchquMediabarTb
    Key Deleted : HKLM\SOFTWARE\Software
    Value Deleted : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{D4027C7F-154A-4066-A1AD-4243D8127440}]
    Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{99079A25-328F-4BD4-BE04-00955ACAA0A7}]
    Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [10]

    ***** [Internet Browsers] *****

    -\\ Internet Explorer v9.0.8112.16464

    Replaced : [HKCU\Software\Microsoft\Internet Explorer\Main - Start Page Restore] = hxxp://www.searchqu.com/406 --> hxxp://www.google.com

    -\\ Google Chrome v25.0.1364.97

    File : C:\Users\Daryl\AppData\Local\Google\Chrome\User Data\Default\Preferences

    Deleted [l.2488] : homepage = "hxxp://www.searchqu.com/406",
    Deleted [l.3367] : urls_to_restore_on_startup = [ "hxxp://www.searchqu.com/406" ]

    *************************

    AdwCleaner[S1].txt - [6080 octets] - [27/02/2013 12:37:26]

    ########## EOF - C:\AdwCleaner[S1].txt - [6140 octets] ##########



    Unfortunately, the problem still remains.. I will now be going to the Virus and other malware removal page. Thanks for all of your help!

    BTW I'm attaching a screen shot of currports just so you see what i mean..

    Thanks again for your time!
     

    Attached Files:

  3. Phantom010

    Phantom010 Trusted Advisor

    Joined:
    Mar 9, 2009
    Messages:
    34,796
    I can't say for sure those Remote Host Names are malicious or legit. You might have better luck after talking to a malware removal specialist.

    Good luck!
     
  4. rainforest123

    rainforest123

    Joined:
    Dec 28, 2004
    Messages:
    8,256
    Always a good idea for those of us who are visually oriented.
    :)

    RF123
     
  5. dwarren1

    dwarren1 Thread Starter

    Joined:
    Feb 26, 2013
    Messages:
    9
    These are all of the scans that are required for the Virus & Other Malware Removal. The details of my exact problem are listed above.

    Logfile of Trend Micro HijackThis v2.0.4
    Scan saved at 4:14:01 PM, on 2/27/2013
    Platform: Windows 7 SP1 (WinNT 6.00.3505)
    MSIE: Internet Explorer v9.00 (9.00.8112.16464)
    Boot mode: Normal

    Running processes:
    C:\windows\system32\taskhost.exe
    C:\windows\system32\Dwm.exe
    C:\windows\Explorer.EXE
    C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe
    C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
    C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
    C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
    C:\Program Files\TOSHIBA\Power Saver\TPwrMain.exe
    C:\Program Files\TOSHIBA\SmoothView\SmoothView.exe
    C:\Program Files\TOSHIBA\FlashCards\TCrdMain.exe
    C:\Program Files\Common Files\Java\Java Update\jusched.exe
    C:\Program Files\iTunes\iTunesHelper.exe
    C:\Program Files\Windows Sidebar\sidebar.exe
    C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
    C:\Users\Daryl\AppData\Roaming\Dropbox\bin\Dropbox.exe
    C:\Users\Daryl\AppData\Local\Google\Chrome\Application\chrome.exe
    C:\Users\Daryl\AppData\Local\Google\Chrome\Application\chrome.exe
    C:\Users\Daryl\AppData\Local\Google\Chrome\Application\chrome.exe
    C:\Users\Daryl\AppData\Local\Google\Chrome\Application\chrome.exe
    C:\Users\Daryl\AppData\Local\Google\Chrome\Application\chrome.exe
    C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSENotify.exe
    C:\Users\Daryl\AppData\Local\Google\Chrome\Application\chrome.exe
    C:\Users\Daryl\Downloads\HijackThis.exe
    C:\windows\system32\taskmgr.exe
    C:\Program Files\Trend Micro\HiJackThis\HiJackThis.exe
    C:\windows\system32\taskeng.exe
    C:\windows\system32\DllHost.exe

    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.fredonia.edu/student/
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
    R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
    R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
    R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
    R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
    O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
    O2 - BHO: BHO Project - {3fdba1ba-ae28-4045-9048-4ed2f3865629} - (no file)
    O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll
    O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
    O2 - BHO: Windows Live Messenger Companion Helper - {9FDDE16B-836F-4806-AB1F-1455CBEFF289} - C:\Program Files\Windows Live\Companion\companioncore.dll
    O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
    O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
    O2 - BHO: Bing Bar Helper - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - "C:\Program Files\Microsoft\BingBar\BingExt.dll" (file missing)
    O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll
    O3 - Toolbar: Bing Bar - {8dcb7100-df86-4384-8842-8fa844297b3f} - "C:\Program Files\Microsoft\BingBar\BingExt.dll" (file missing)
    O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
    O4 - HKLM\..\Run: [StartCCC] "C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
    O4 - HKLM\..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe
    O4 - HKLM\..\Run: [SynTPEnh] %ProgramFiles%\Synaptics\SynTP\SynTPEnh.exe
    O4 - HKLM\..\Run: [SVPWUTIL] C:\Program Files\TOSHIBA\Utilities\SVPWUTIL.exe SVPwUTIL
    O4 - HKLM\..\Run: [HWSetup] "C:\Program Files\TOSHIBA\Utilities\HWSetup.exe" hwSetUP
    O4 - HKLM\..\Run: [KeNotify] C:\Program Files\TOSHIBA\Utilities\KeNotify.exe
    O4 - HKLM\..\Run: [TPwrMain] %ProgramFiles%\TOSHIBA\Power Saver\TPwrMain.EXE
    O4 - HKLM\..\Run: [SmoothView] %ProgramFiles%\Toshiba\SmoothView\SmoothView.exe
    O4 - HKLM\..\Run: [00TCrdMain] %ProgramFiles%\TOSHIBA\FlashCards\TCrdMain.exe
    O4 - HKLM\..\Run: [TosSENotify] C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosWaitSrv.exe
    O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
    O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
    O4 - HKCU\..\Run: [Google Update] "C:\Users\Daryl\AppData\Local\Google\Update\GoogleUpdate.exe" /c
    O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
    O4 - HKCU\..\Run: [SUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
    O4 - Startup: Dropbox.lnk = Daryl\AppData\Roaming\Dropbox\bin\Dropbox.exe
    O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MIF5BA~1\Office12\EXCEL.EXE/3000
    O9 - Extra button: @C:\Program Files\Windows Live\Companion\companionlang.dll,-600 - {0000036B-C524-4050-81A0-243669A86B9F} - C:\Program Files\Windows Live\Companion\companioncore.dll
    O9 - Extra button: @C:\Program Files\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
    O9 - Extra 'Tools' menuitem: @C:\Program Files\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
    O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MIF5BA~1\Office12\ONBttnIE.dll
    O9 - Extra 'Tools' menuitem: S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MIF5BA~1\Office12\ONBttnIE.dll
    O9 - Extra button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
    O9 - Extra 'Tools' menuitem: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
    O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MIF5BA~1\Office12\REFIEBAR.DLL
    O10 - Unknown file in Winsock LSP: c:\program files\common files\microsoft shared\windows live\wlidnsp.dll
    O10 - Unknown file in Winsock LSP: c:\program files\common files\microsoft shared\windows live\wlidnsp.dll
    O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
    O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
    O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
    O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
    O23 - Service: SAS Core Service (!SASCORE) - SUPERAntiSpyware.com - C:\Program Files\SUPERAntiSpyware\SASCORE.EXE
    O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
    O23 - Service: AffinegyService - Affinegy, Inc. - C:\Program Files\Belkin\Router Setup and Monitor\BelkinService.exe
    O23 - Service: AMD External Events Utility - AMD - C:\windows\system32\atiesrxx.exe
    O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
    O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
    O23 - Service: Futuremark SystemInfo Service - Unknown owner - C:\Program Files\Futuremark\Futuremark SystemInfo\FMSISvc.exe (file missing)
    O23 - Service: Google Update Service (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
    O23 - Service: Google Update Service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
    O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
    O23 - Service: LogMeIn Hamachi Tunneling Engine (Hamachi2Svc) - LogMeIn Inc. - C:\Program Files\LogMeIn Hamachi\hamachi-2.exe
    O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
    O23 - Service: NIHardwareService - Native Instruments GmbH - C:\Program Files\Common Files\Native Instruments\Hardware\NIHardwareService.exe
    O23 - Service: nProtect GameGuard Service (npggsvc) - Unknown owner - C:\windows\system32\GameMon.des.exe (file missing)
    O23 - Service: PACE License Services (PaceLicenseDServices) - PACE Anti-Piracy, Inc. - C:\Program Files\Common Files\PACE\Services\LicenseServices\LDSvc.exe
    O23 - Service: Sandboxie Service (SbieSvc) - SANDBOXIE L.T.D - C:\Program Files\Sandboxie\SbieSvc.exe
    O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files\Skype\Updater\Updater.exe
    O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files\Common Files\Steam\SteamService.exe
    O23 - Service: TMachInfo - TOSHIBA Corporation - C:\Program Files\TOSHIBA\TOSHIBA Service Station\TMachInfo.exe
    O23 - Service: TOSHIBA Optical Disc Drive Service (TODDSrv) - TOSHIBA Corporation - C:\Windows\system32\TODDSrv.exe
    O23 - Service: TOSHIBA Power Saver (TosCoSrv) - TOSHIBA Corporation - C:\Program Files\TOSHIBA\Power Saver\TosCoSrv.exe
    O23 - Service: TOSHIBA HDD SSD Alert Service - TOSHIBA Corporation - C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSmartSrv.exe

    --
    End of file - 9975 bytes




    DDS


    DDS (Ver_2012-11-20.01) - NTFS_x86
    Internet Explorer: 9.0.8112.16464 BrowserJavaVersion: 10.9.2
    Run by Daryl at 16:19:34 on 2013-02-27
    .
    ============== Running Processes ================
    .
    C:\windows\system32\wininit.exe
    C:\windows\system32\lsm.exe
    C:\windows\system32\atiesrxx.exe
    C:\windows\system32\atieclxx.exe
    C:\Program Files\Sandboxie\SbieSvc.exe
    C:\windows\System32\spoolsv.exe
    C:\Program Files\SUPERAntiSpyware\SASCORE.EXE
    C:\Program Files\Belkin\Router Setup and Monitor\BelkinService.exe
    C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
    C:\Program Files\Bonjour\mDNSResponder.exe
    C:\Program Files\LogMeIn Hamachi\hamachi-2.exe
    C:\Program Files\Common Files\Native Instruments\Hardware\NIHardwareService.exe
    C:\Program Files\Common Files\PACE\Services\LicenseServices\LDSvc.exe
    C:\Program Files\Microsoft\BingBar\SeaPort.EXE
    C:\Windows\system32\TODDSrv.exe
    C:\Program Files\TOSHIBA\Power Saver\TosCoSrv.exe
    C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
    C:\windows\system32\SearchIndexer.exe
    C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
    C:\windows\system32\taskhost.exe
    C:\windows\system32\SearchProtocolHost.exe
    C:\windows\system32\Dwm.exe
    C:\windows\Explorer.EXE
    C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe
    C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
    C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
    C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
    C:\Program Files\TOSHIBA\Utilities\KeNotify.exe
    C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
    C:\Program Files\TOSHIBA\Power Saver\TPwrMain.exe
    C:\Program Files\TOSHIBA\SmoothView\SmoothView.exe
    C:\Program Files\TOSHIBA\FlashCards\TCrdMain.exe
    C:\Program Files\Common Files\Java\Java Update\jusched.exe
    C:\Program Files\iTunes\iTunesHelper.exe
    C:\Program Files\Windows Sidebar\sidebar.exe
    C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
    C:\Users\Daryl\AppData\Roaming\Dropbox\bin\Dropbox.exe
    C:\Program Files\Windows Media Player\wmpnetwk.exe
    C:\Program Files\iPod\bin\iPodService.exe
    C:\Users\Daryl\AppData\Local\Google\Chrome\Application\chrome.exe
    C:\Users\Daryl\AppData\Local\Google\Chrome\Application\chrome.exe
    C:\Users\Daryl\AppData\Local\Google\Chrome\Application\chrome.exe
    C:\Users\Daryl\AppData\Local\Google\Chrome\Application\chrome.exe
    C:\Users\Daryl\AppData\Local\Google\Chrome\Application\chrome.exe
    C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSmartSrv.exe
    C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSENotify.exe
    C:\Users\Daryl\AppData\Local\Google\Chrome\Application\chrome.exe
    C:\Users\Daryl\Downloads\HijackThis.exe
    C:\windows\system32\taskmgr.exe
    C:\Program Files\Trend Micro\HiJackThis\HiJackThis.exe
    C:\windows\system32\NOTEPAD.EXE
    C:\windows\system32\SearchFilterHost.exe
    C:\windows\system32\conhost.exe
    C:\windows\system32\wbem\wmiprvse.exe
    C:\windows\system32\taskeng.exe
    C:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
    C:\windows\system32\DllHost.exe
    C:\windows\system32\consent.exe
    C:\windows\system32\conhost.exe
    C:\windows\system32\svchost.exe -k DcomLaunch
    C:\windows\system32\svchost.exe -k RPCSS
    C:\windows\System32\svchost.exe -k LocalServiceNetworkRestricted
    C:\windows\System32\svchost.exe -k LocalSystemNetworkRestricted
    C:\windows\system32\svchost.exe -k netsvcs
    C:\windows\system32\svchost.exe -k LocalService
    C:\windows\system32\svchost.exe -k NetworkService
    C:\windows\system32\svchost.exe -k LocalServiceNoNetwork
    C:\windows\system32\svchost.exe -k imgsvc
    C:\windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
    C:\windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
    C:\windows\System32\svchost.exe -k secsvcs
    .
    ============== Pseudo HJT Report ===============
    .
    uStart Page = hxxp://www.fredonia.edu/student/
    uDefault_Page_URL = hxxp://www.google.com/ig/redirectdomain?brand=TSNA&bmod=TSNA
    mStart Page = hxxp://www.google.com/ig/redirectdomain?brand=TSNA&bmod=TSNA
    mDefault_Page_URL = hxxp://www.google.com/ig/redirectdomain?brand=TSNA&bmod=TSNA
    BHO: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelperShim.dll
    BHO: {3fdba1ba-ae28-4045-9048-4ed2f3865629} - <orphaned>
    BHO: Java(tm) Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - c:\program files\java\jre7\bin\ssv.dll
    BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - c:\program files\common files\microsoft shared\windows live\WindowsLiveLogin.dll
    BHO: Windows Live Messenger Companion Helper: {9FDDE16B-836F-4806-AB1F-1455CBEFF289} - c:\program files\windows live\companion\companioncore.dll
    BHO: Google Toolbar Helper: {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\google toolbar\GoogleToolbar_32.dll
    BHO: Skype Browser Helper: {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - c:\program files\skype\toolbars\internet explorer\skypeieplugin.dll
    BHO: Bing Bar Helper: {d2ce3e00-f94a-4740-988e-03dc2f38c34f} -
    BHO: Java(tm) Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - c:\program files\java\jre7\bin\jp2ssv.dll
    TB: Google Toolbar: {2318C2B1-4965-11D4-9B18-009027A5CD4F} - c:\program files\google\google toolbar\GoogleToolbar_32.dll
    TB: Bing Bar: {8dcb7100-df86-4384-8842-8fa844297b3f} -
    TB: Google Toolbar: {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\google toolbar\GoogleToolbar_32.dll
    uRun: [Google Update] "c:\users\daryl\appdata\local\google\update\GoogleUpdate.exe" /c
    uRun: [Sidebar] c:\program files\windows sidebar\sidebar.exe /autoRun
    uRun: [SUPERAntiSpyware] c:\program files\superantispyware\SUPERAntiSpyware.exe
    mRun: [StartCCC] "c:\program files\ati technologies\ati.ace\core-static\CLIStart.exe" MSRun
    mRun: [RtHDVCpl] c:\program files\realtek\audio\hda\RtHDVCpl.exe
    mRun: [SynTPEnh] c:\program files\synaptics\syntp\SynTPEnh.exe
    mRun: [SVPWUTIL] c:\program files\toshiba\utilities\SVPWUTIL.exe SVPwUTIL
    mRun: [HWSetup] "c:\program files\toshiba\utilities\HWSetup.exe" hwSetUP
    mRun: [KeNotify] c:\program files\toshiba\utilities\KeNotify.exe
    mRun: [TPwrMain] c:\program files\toshiba\power saver\TPwrMain.EXE
    mRun: [SmoothView] c:\program files\toshiba\smoothview\SmoothView.exe
    mRun: [00TCrdMain] c:\program files\toshiba\flashcards\TCrdMain.exe
    mRun: [TosSENotify] c:\program files\toshiba\toshiba hdd ssd alert\TosWaitSrv.exe
    mRun: [SunJavaUpdateSched] "c:\program files\common files\java\java update\jusched.exe"
    mRun: [iTunesHelper] "c:\program files\itunes\iTunesHelper.exe"
    mPolicies-System: ConsentPromptBehaviorAdmin = dword:5
    mPolicies-System: ConsentPromptBehaviorUser = dword:3
    mPolicies-System: EnableUIADesktopToggle = dword:0
    IE: E&xport to Microsoft Excel - c:\progra~1\mif5ba~1\office12\EXCEL.EXE/3000
    IE: {0000036B-C524-4050-81A0-243669A86B9F} - {B63DBA5F-523F-4B9C-A43D-65DF1977EAD3} - c:\program files\windows live\companion\companioncore.dll
    IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - c:\program files\windows live\writer\WriterBrowserExtension.dll
    IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - c:\program files\microsoft office\office12\ONBttnIE.dll
    IE: {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - c:\program files\skype\toolbars\internet explorer\skypeieplugin.dll
    IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503}
    DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab
    DPF: {CAFEEFAC-0016-0000-0029-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab
    DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab
    TCP: NameServer = 192.168.2.1
    TCP: Interfaces\{9A2C832A-3E88-42DB-8D70-FFA7F014AFC6} : DHCPNameServer = 192.168.2.1
    TCP: Interfaces\{ECA21775-6B9F-4C9F-8424-DB6F8D5AE327} : DHCPNameServer = 192.168.2.1
    TCP: Interfaces\{ECA21775-6B9F-4C9F-8424-DB6F8D5AE327}\1427E6F607C6163656 : DHCPNameServer = 192.168.1.1
    TCP: Interfaces\{ECA21775-6B9F-4C9F-8424-DB6F8D5AE327}\2656C6B696E6E2937343 : DHCPNameServer = 192.168.2.1
    TCP: Interfaces\{ECA21775-6B9F-4C9F-8424-DB6F8D5AE327}\3474442343743414 : DHCPNameServer = 209.18.47.61 209.18.47.62
    TCP: Interfaces\{ECA21775-6B9F-4C9F-8424-DB6F8D5AE327}\441667964684F6D656E4564777F627B637 : DHCPNameServer = 192.168.1.1
    TCP: Interfaces\{ECA21775-6B9F-4C9F-8424-DB6F8D5AE327}\7656F6277656 : DHCPNameServer = 192.168.2.1
    Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - c:\program files\skype\toolbars\internet explorer\skypeieplugin.dll
    Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - c:\program files\common files\skype\Skype4COM.dll
    Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - c:\program files\windows live\photo gallery\AlbumDownloadProtocolHandler.dll
    SSODL: WebCheck - <orphaned>
    mASetup: {01250B8F-D947-4F8A-9408-FE8E3EE2EC92} - c:\program files\toshiba\my toshiba\MyToshiba.exe /SETUP
    .
    ============= SERVICES / DRIVERS ===============
    .
    R? b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0
    R? BBSvc;Bing Bar Update Service
    R? clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86
    R? cpuz135;cpuz135
    R? fssfltr;fssfltr
    R? fsssvc;Windows Live Family Safety Service
    R? Futuremark SystemInfo Service;Futuremark SystemInfo Service
    R? npggsvc;nProtect GameGuard Service
    R? RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader
    R? RtsUIR;Realtek IR Driver
    R? SkypeUpdate;Skype Updater
    R? TMachInfo;TMachInfo
    R? TsUsbFlt;TsUsbFlt
    R? WatAdminSvc;Windows Activation Technologies Service
    R? wlcrasvc;Windows Live Mesh remote connections service
    S? !SASCORE;SAS Core Service
    S? AMD External Events Utility;AMD External Events Utility
    S? Hamachi2Svc;LogMeIn Hamachi Tunneling Engine
    S? ManyCam;ManyCam Virtual Webcam
    S? mcaudrv_simple;ManyCam Virtual Microphone
    S? NIHardwareService;NIHardwareService
    S? PaceLicenseDServices;PACE License Services
    S? RTL8167;Realtek 8167 NT Driver
    S? SASDIFSV;SASDIFSV
    S? SASKUTIL;SASKUTIL
    S? SbieDrv;SbieDrv
    S? TOSHIBA HDD SSD Alert Service;TOSHIBA HDD SSD Alert Service
    .
    =============== Created Last 30 ================
    .
    2013-02-27 00:14:24 60872 ----a-w- c:\programdata\microsoft\windows defender\definition updates\{ae685f81-f306-43e0-a819-bde55ee3aa14}\offreg.dll
    2013-02-26 23:55:08 -------- d-----w- c:\users\daryl\appdata\roaming\SUPERAntiSpyware.com
    2013-02-26 23:54:49 -------- d-----w- c:\programdata\SUPERAntiSpyware.com
    2013-02-26 23:54:49 -------- d-----w- c:\program files\SUPERAntiSpyware
    2013-02-26 23:16:38 -------- d-----w- c:\program files\WhatsRunning
    2013-02-26 19:03:21 6991832 ----a-w- c:\programdata\microsoft\windows defender\definition updates\{ae685f81-f306-43e0-a819-bde55ee3aa14}\mpengine.dll
    2013-02-26 05:43:55 -------- d-----w- C:\be84bf522567010c61a96728f6a67d
    2013-02-26 00:51:18 388096 ----a-r- c:\users\daryl\appdata\roaming\microsoft\installer\{45a66726-69bc-466b-a7a4-12fcba4883d7}\HiJackThis.exe
    2013-02-26 00:51:14 -------- d-----w- c:\program files\Trend Micro
    2013-02-25 21:59:44 -------- d-----w- c:\program files\iPod
    2013-02-25 21:59:42 -------- d-----w- c:\programdata\188F1432-103A-4ffb-80F1-36B633C5C9E1
    2013-02-25 21:59:42 -------- d-----w- c:\program files\iTunes
    2013-02-21 09:57:19 -------- d-----w- c:\users\daryl\appdata\local\Programs
    2013-02-21 00:19:06 132096 ----a-w- c:\programdata\microsoft\windows\drm\13AA.tmp
    2013-02-13 07:59:24 2347008 ----a-w- c:\windows\system32\win32k.sys
    2013-02-13 07:58:57 3967848 ----a-w- c:\windows\system32\ntkrnlpa.exe
    2013-02-13 07:58:55 3913064 ----a-w- c:\windows\system32\ntoskrnl.exe
    2013-02-13 07:58:51 187752 ----a-w- c:\windows\system32\drivers\FWPKCLNT.SYS
    2013-02-13 07:58:51 1293672 ----a-w- c:\windows\system32\drivers\tcpip.sys
    2013-02-13 07:58:46 169984 ----a-w- c:\windows\system32\winsrv.dll
    2013-02-03 22:43:04 26840 ----a-w- c:\windows\system32\drivers\GEARAspiWDM.sys
    2013-01-30 00:50:45 -------- d-----w- c:\users\daryl\appdata\roaming\.minecraft
    .
    ==================== Find3M ====================
    .
    2013-02-27 21:21:47 71024 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
    2013-02-27 21:21:47 691568 ----a-w- c:\windows\system32\FlashPlayerApp.exe
    2013-01-17 06:28:58 232336 ----a-w- c:\windows\system32\MpSigStub.exe
    2013-01-08 22:11:21 1800704 ----a-w- c:\windows\system32\jscript9.dll
    2013-01-08 22:03:20 1129472 ----a-w- c:\windows\system32\wininet.dll
    2013-01-08 22:03:12 1427968 ----a-w- c:\windows\system32\inetcpl.cpl
    2013-01-08 21:59:02 142848 ----a-w- c:\windows\system32\ieUnatt.exe
    2013-01-08 21:58:29 420864 ----a-w- c:\windows\system32\vbscript.dll
    2013-01-08 21:56:23 2382848 ----a-w- c:\windows\system32\mshtml.tlb
    2012-12-16 14:13:28 295424 ----a-w- c:\windows\system32\atmfd.dll
    2012-12-16 14:13:20 34304 ----a-w- c:\windows\system32\atmlib.dll
    2012-12-14 21:49:28 21104 ----a-w- c:\windows\system32\drivers\mbam.sys
    .
    ============= FINISH: 16:34:29.38 ===============


    .
    UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
    IF REQUESTED, ZIP IT UP & ATTACH IT
    .
    DDS (Ver_2012-11-20.01)
    .
    .
    ==== Installed Programs ======================
    .
    Update for Microsoft Office 2007 (KB2508958)
    µTorrent
    7-Zip 9.20
    Acoustica Effects Pack
    Acoustica Mixcraft 5
    Adobe Flash Player 11 ActiveX
    Adobe Flash Player 11 Plugin
    Adobe Reader 9.4.5
    AIM 7
    Alliance of Valiant Arms
    Antares Auto-Tune 7 VST
    Antares Auto-Tune Evo VST
    Apple Application Support
    Apple Mobile Device Support
    Apple Software Update
    ARMA 2: Free
    ASIO4ALL
    ATI Catalyst Install Manager
    Audacity 1.3.14 (Unicode)
    Awesomenauts
    BattlEye (A2Free) Uninstall
    Belkin Setup and Router Monitor
    Bing Bar
    BitTorrent
    Bonjour
    CameraHelperMsi
    Catalyst Control Center - Branding
    Catalyst Control Center Core Implementation
    Catalyst Control Center Graphics Full Existing
    Catalyst Control Center Graphics Full New
    Catalyst Control Center Graphics Light
    Catalyst Control Center Graphics Previews Common
    Catalyst Control Center Graphics Previews Vista
    Catalyst Control Center InstallProxy
    Catalyst Control Center Localization All
    ccc-core-static
    ccc-utility
    CCC Help Chinese Standard
    CCC Help Chinese Traditional
    CCC Help Czech
    CCC Help Danish
    CCC Help Dutch
    CCC Help English
    CCC Help Finnish
    CCC Help French
    CCC Help German
    CCC Help Greek
    CCC Help Hungarian
    CCC Help Italian
    CCC Help Japanese
    CCC Help Korean
    CCC Help Norwegian
    CCC Help Polish
    CCC Help Portuguese
    CCC Help Russian
    CCC Help Spanish
    CCC Help Swedish
    CCC Help Thai
    CCC Help Turkish
    Compatibility Pack for the 2007 Office system
    D3DX10
    Dropbox
    elysia niveau filter 1.1.2
    erLT
    Façade
    FBackup 4
    FL Studio 10
    Foldit
    Freemake Video Converter version 3.0.2
    Futuremark SystemInfo
    GameSpy Arcade
    GIMP 2.8.0
    Google Chrome
    Google Toolbar for Internet Explorer
    Google Update Helper
    HiJackThis
    IL Download Manager
    iTunes
    Java 7 Update 9
    Java Auto Updater
    Java(TM) 6 Update 29
    Junk Mail filter update
    [email protected] 1.0
    League of Legends
    Logitech Webcam Software
    LogMeIn Hamachi
    LOLReplay
    LWS Facebook
    LWS Gallery
    LWS Help_main
    LWS Launcher
    LWS Motion Detection
    LWS Pictures And Video
    LWS Twitter
    LWS Webcam Software
    LWS WLM Plugin
    LWS YouTube Plugin
    Malwarebytes Anti-Malware version 1.70.0.1100
    ManyCam 3.0.80 (remove only)
    Mesh Runtime
    Messenger Companion
    Microsoft .NET Framework 4 Client Profile
    Microsoft .NET Framework 4 Extended
    Microsoft Application Error Reporting
    Microsoft Expression Encoder 4
    Microsoft Expression Encoder 4 Screen Capture Codec
    Microsoft Games for Windows - LIVE Redistributable
    Microsoft Games for Windows Marketplace
    Microsoft Office 2007 Service Pack 3 (SP3)
    Microsoft Office Excel MUI (English) 2007
    Microsoft Office File Validation Add-In
    Microsoft Office Home and Student 2007
    Microsoft Office OneNote MUI (English) 2007
    Microsoft Office PowerPoint MUI (English) 2007
    Microsoft Office PowerPoint Viewer 2007 (English)
    Microsoft Office Proof (English) 2007
    Microsoft Office Proof (French) 2007
    Microsoft Office Proof (Spanish) 2007
    Microsoft Office Proofing (English) 2007
    Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
    Microsoft Office Shared MUI (English) 2007
    Microsoft Office Shared Setup Metadata MUI (English) 2007
    Microsoft Office Suite Activation Assistant
    Microsoft Office Word MUI (English) 2007
    Microsoft Silverlight
    Microsoft SQL Server 2005 Compact Edition [ENU]
    Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
    Microsoft Visual C++ 2005 Redistributable
    Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570
    Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022.218
    Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
    Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
    Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
    Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
    Microsoft Works
    Microsoft WSE 3.0 Runtime
    MixPad Audio Mixer
    MobileMe Control Panel
    MSVCRT
    Mumble 1.2.3
    MuseScore 1.0 MuseScore score typesetter
    MyToshiba
    Napoleon: Total War
    Native Instruments Controller Editor
    Native Instruments Service Center
    Native Instruments Traktor 2
    NetZero Launcher
    Notepad++
    OpenAL
    PlayReady PC Runtime x86
    Python 2.7.3
    Quickbooks Financial Center
    QuickTime
    Realtek 8136 8168 8169 Ethernet Driver
    Realtek High Definition Audio Driver
    Realtek USB 2.0 Card Reader
    Realtek WLAN Driver
    REAPER
    Reason 5.0
    RescueTime 2.4.0
    Rome - Total War(TM)
    Rome Total War - patch 1.3
    Safari
    Sandboxie 3.62 (32-bit)
    Scratch Live 2.4.3 (21)
    Security Update for Microsoft .NET Framework 4 Client Profile (KB2518870)
    Security Update for Microsoft .NET Framework 4 Client Profile (KB2572078)
    Security Update for Microsoft .NET Framework 4 Client Profile (KB2604121)
    Security Update for Microsoft .NET Framework 4 Client Profile (KB2633870)
    Security Update for Microsoft .NET Framework 4 Client Profile (KB2656351)
    Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368)
    Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368v2)
    Security Update for Microsoft .NET Framework 4 Client Profile (KB2656405)
    Security Update for Microsoft .NET Framework 4 Client Profile (KB2686827)
    Security Update for Microsoft .NET Framework 4 Client Profile (KB2729449)
    Security Update for Microsoft .NET Framework 4 Client Profile (KB2736428)
    Security Update for Microsoft .NET Framework 4 Client Profile (KB2737019)
    Security Update for Microsoft .NET Framework 4 Client Profile (KB2742595)
    Security Update for Microsoft .NET Framework 4 Client Profile (KB2789642)
    Security Update for Microsoft .NET Framework 4 Extended (KB2487367)
    Security Update for Microsoft .NET Framework 4 Extended (KB2656351)
    Security Update for Microsoft .NET Framework 4 Extended (KB2736428)
    Security Update for Microsoft .NET Framework 4 Extended (KB2742595)
    Security Update for Microsoft Office 2007 suites (KB2596615) 32-Bit Edition
    Security Update for Microsoft Office 2007 suites (KB2596672) 32-Bit Edition
    Security Update for Microsoft Office 2007 suites (KB2596744) 32-Bit Edition
    Security Update for Microsoft Office 2007 suites (KB2596754) 32-Bit Edition
    Security Update for Microsoft Office 2007 suites (KB2596785) 32-Bit Edition
    Security Update for Microsoft Office 2007 suites (KB2596792) 32-Bit Edition
    Security Update for Microsoft Office 2007 suites (KB2596871) 32-Bit Edition
    Security Update for Microsoft Office 2007 suites (KB2597969) 32-Bit Edition
    Security Update for Microsoft Office 2007 suites (KB2687311) 32-Bit Edition
    Security Update for Microsoft Office 2007 suites (KB2687441) 32-Bit Edition
    Security Update for Microsoft Office 2007 suites (KB2687499) 32-Bit Edition
    Security Update for Microsoft Office 2007 suites (KB2760416) 32-Bit Edition
    Security Update for Microsoft Office Excel 2007 (KB2687307) 32-Bit Edition
    Security Update for Microsoft Office InfoPath 2007 (KB2687440) 32-Bit Edition
    Security Update for Microsoft Office PowerPoint 2007 (KB2596764) 32-Bit Edition
    Security Update for Microsoft Office PowerPoint 2007 (KB2596912) 32-Bit Edition
    Security Update for Microsoft Office Word 2007 (KB2760421) 32-Bit Edition
    Sibelius 7 OpenType Fonts
    Sibelius 7.0.0.23
    Sid Meier's Civilization V
    Sid Meier's Civilization V SDK
    Skype Click to Call
    Skype Launcher
    Skype™ 6.1
    SpinXpress2
    Spotify
    Steam
    SUPERAntiSpyware
    Switch Sound File Converter
    Synaptics Pointing Device Driver
    System Requirements Lab CYRI
    Team Fortress 2
    Team Fortress 2 Beta
    Toshiba Application and Driver Installer
    TOSHIBA Assist
    TOSHIBA Disc Creator
    TOSHIBA Extended Tiles for Windows Mobility Center
    TOSHIBA Flash Cards Support Utility
    TOSHIBA Hardware Setup
    TOSHIBA HDD/SSD Alert
    Toshiba Online Backup
    Toshiba Quality Application
    TOSHIBA Recovery Media Creator
    TOSHIBA Service Station
    TOSHIBA Speech System Applications
    TOSHIBA Speech System SR Engine(U.S.) Version1.0
    TOSHIBA Speech System TTS Engine(U.S.) Version1.0
    TOSHIBA Supervisor Password
    TOSHIBA Value Added Package
    ToshibaRegistration
    Update for 2007 Microsoft Office System (KB967642)
    Update for Microsoft Office 2007 Help for Common Features (KB963673)
    Update for Microsoft Office 2007 suites (KB2596620) 32-Bit Edition
    Update for Microsoft Office 2007 suites (KB2596660) 32-Bit Edition
    Update for Microsoft Office 2007 suites (KB2596848) 32-Bit Edition
    Update for Microsoft Office 2007 suites (KB2767916) 32-Bit Edition
    Update for Microsoft Office Excel 2007 Help (KB963678)
    Update for Microsoft Office OneNote 2007 Help (KB963670)
    Update for Microsoft Office Powerpoint 2007 Help (KB963669)
    Update for Microsoft Office Script Editor Help (KB963671)
    Update for Microsoft Office Word 2007 Help (KB963665)
    Utility Common Driver
    VirtualDJ Home FREE
    WavePad Sound Editor
    What's Running 3.0
    WinDirStat 1.1.2
    Windows Live Communications Platform
    Windows Live Essentials
    Windows Live Family Safety
    Windows Live ID Sign-in Assistant
    Windows Live Installer
    Windows Live Mail
    Windows Live Mesh
    Windows Live Mesh ActiveX Control for Remote Connections
    Windows Live Messenger
    Windows Live Messenger Companion Core
    Windows Live MIME IFilter
    Windows Live Movie Maker
    Windows Live Photo Common
    Windows Live Photo Gallery
    Windows Live PIMT Platform
    Windows Live Remote Client
    Windows Live Remote Client Resources
    Windows Live Remote Service
    Windows Live Remote Service Resources
    Windows Live SOXE
    Windows Live SOXE Definitions
    Windows Live Sync
    Windows Live UX Platform
    Windows Live UX Platform Language Pack
    Windows Live Writer
    Windows Live Writer Resources
    WinRAR 4.01 (32-bit)
    .
    ==== End Of File ===========================


    ark.txt



    GMER 2.1.19115 - http://www.gmer.net
    Rootkit scan 2013-02-27 21:30:33
    Windows 6.1.7601 Service Pack 1 \Device\Harddisk0\DR0 -> \Device\Ide\IdePort1 TOSHIBA_MK2555GSXN rev.GC002M 232.89GB
    Running: 7bwoxlwp.exe; Driver: C:\Users\Daryl\AppData\Local\Temp\ugdoapob.sys


    ---- System - GMER 2.1 ----

    Code 96A08BFC ZwTraceEvent
    Code 96A08BFB NtTraceEvent

    ---- Kernel code sections - GMER 2.1 ----

    .text ntkrnlpa.exe!ZwRollbackEnlistment + 140D 834549E9 1 Byte [06]
    .text ntkrnlpa.exe!KiDispatchInterrupt + 5A2 8348E1C2 19 Bytes [E0, 0F, BA, F0, 07, 73, 09, ...] {LOOPNZ 0x11; MOV EDX, 0x97307f0; MOV CR4, EAX; OR AL, 0x80; MOV CR4, EAX; RET ; MOV ECX, CR3}
    .text ntkrnlpa.exe!NtTraceEvent 834DEAB2 5 Bytes JMP 96A08C00
    ? System32\Drivers\SCDEmu.SYS The system cannot find the path specified. !
    .text C:\windows\system32\DRIVERS\atikmdag.sys section is writeable [0x8FC25000, 0x2D5526, 0xE8000020]
    ? C:\Users\Daryl\AppData\Local\Temp\mbr.sys The system cannot find the file specified. !

    ---- User code sections - GMER 2.1 ----

    .text C:\windows\system32\svchost.exe[1088] ntdll.dll!NtWriteFile 77AB6A68 5 Bytes JMP 00013AA9
    .text C:\windows\system32\svchost.exe[1088] ntdll.dll!RtlRaiseException 77AB70A8 5 Bytes JMP 00013CC9
    .text C:\windows\system32\svchost.exe[1088] kernel32.dll!SetUnhandledExceptionFilter 776CF4FB 5 Bytes [33, C0, C2, 04, 00] {XOR EAX, EAX; RET 0x4}
    .text C:\windows\system32\svchost.exe[1088] USER32.dll!GetCursorPos 76E9A4B3 5 Bytes JMP 000145B6
    .text C:\windows\system32\svchost.exe[1088] USER32.dll!GetForegroundWindow 76EA335D 5 Bytes JMP 00014687
    .text C:\windows\system32\svchost.exe[1088] USER32.dll!IsWindowVisible 76EA4D69 5 Bytes JMP 000146BA
    .text C:\windows\system32\svchost.exe[1088] USER32.dll!WindowFromPoint 76EC6BE9 5 Bytes JMP 00014617
    .text C:\windows\system32\svchost.exe[1088] USER32.dll!MessageBoxIndirectW 76EEE963 6 Bytes [33, C0, 40, C2, 04, 00] {XOR EAX, EAX; INC EAX; RET 0x4}
    .text C:\windows\system32\svchost.exe[1088] WS2_32.dll!GetAddrInfoW 76E54889 5 Bytes JMP 00014518
    .text C:\windows\system32\svchost.exe[1088] ole32.dll!CoGetClassObject 75F954AD 5 Bytes JMP 000147F6
    .text C:\windows\system32\svchost.exe[1088] ole32.dll!CoCreateInstance 75FA9D0B 5 Bytes JMP 00014820
    .text C:\Program Files\Common Files\PACE\Services\LicenseServices\LDSvc.exe[1880] kernel32.dll!CreateThread 776CDCC2 5 Bytes JMP 001DA070

    ---- Devices - GMER 2.1 ----

    AttachedDevice \Driver\kbdclass \Device\KeyboardClass0 Wdf01000.sys (Kernel Mode Driver Framework Runtime/Microsoft Corporation)
    AttachedDevice \Driver\kbdclass \Device\KeyboardClass1 Wdf01000.sys (Kernel Mode Driver Framework Runtime/Microsoft Corporation)

    ---- Trace I/O - GMER 2.1 ----

    Trace ntkrnlpa.exe CLASSPNP.SYS disk.sys >>UNKNOWN [0x868924b1]<< 868924b1
    Trace 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0x8643f030] 8643f030
    Trace 3 CLASSPNP.SYS[88d8959e] -> nt!IofCallDriver -> [0x869709a8] 869709a8
    Trace \Driver\atapi[0x8694cc70] -> IRP_MJ_CREATE -> 0x868924b1 868924b1

    ---- Registry - GMER 2.1 ----

    Reg HKCU\Software\Microsoft\Windows NT\CurrentVersion\AppCompatFlags\Compatibility Assistant\[email protected]:\Users\Daryl\AppData\Local\Logitech\xae Webcam Software\Logishrd\LU2.0\LogitechUpdate.exe 1

    ---- Disk sectors - GMER 2.1 ----

    Disk \Device\Harddisk0\DR0 sector 0: rootkit-like behavior

    ---- Files - GMER 2.1 ----

    File C:\ProgramData\Microsoft\Search\Data\Applications\Windows\MSS00EA3.log 1048576 bytes
    File C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\4VWQ5RWL\u[1].htm 0 bytes
    File C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\DQYAE4ER\beacon[1].htm 0 bytes
    File C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\DQYAE4ER\beacon[2].htm 0 bytes
    File C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\DQYAE4ER\ErrorPageTemplate[1] 0 bytes
    File C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\DQYAE4ER\1581-775a92e5530c751fa670d87ce5c8485f[1].jsonp 0 bytes
    File C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\DQYAE4ER\ibshowad[1].js 11241 bytes
    File C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\DQYAE4ER\freq[1].htm 0 bytes
    File C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\DQYAE4ER\a[2].gif 43 bytes
    File C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\DQYAE4ER\background_gradient[1] 0 bytes
    File C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\DQYAE4ER\Pix-1x1[3].gif 0 bytes
    File C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\DQYAE4ER\GeocodeService[1].js 0 bytes
    File C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\DQYAE4ER\VastVpaidShim[1].swf 0 bytes
    File C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\DQYAE4ER\VastVpaidShim[2].swf 0 bytes
    File C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\DQYAE4ER\crossdomainCA0AUZE7.xml 0 bytes
    File C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\DQYAE4ER\crossdomainCA2UP252.xml 0 bytes
    File C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\DQYAE4ER\crossdomainCA3WBN9K.xml 0 bytes
    File C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\DQYAE4ER\AppInfoShim[2].swf 0 bytes
    File C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\DQYAE4ER\AppInfoShim[3].swf 0 bytes
    File C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\DQYAE4ER\match[1].txt 164 bytes
    File C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\DQYAE4ER\federated_f9[3] 0 bytes
    File C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\DQYAE4ER\flash_inpage_rendering_lib_200_17[1].js 0 bytes
    File C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\DQYAE4ER\adServer[1].gif 0 bytes
    File C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\DQYAE4ER\getAds[1].htm 0 bytes
    File C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\DQYAE4ER\trama-bg[1].gif 10473 bytes
    File C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\DQYAE4ER\info_48[1] 0 bytes
    File C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\DQYAE4ER\i[1].gif 43 bytes
    File C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\DQYAE4ER\f3b129dbc26ed55592b2d568080913bf[1].js 0 bytes
    File C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\DQYAE4ER\f3b129dbc26ed55592b2d568080913bf[2].js 726 bytes
    File C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\DQYAE4ER\46434290001_1982197890001_MUSKA-30-Marquee-P2[1].jpg 203172 bytes
    File C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\DQYAE4ER\46434290001_2086507830001_CARDIEL-30-Marquee[1].jpg 183690 bytes
    File C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\DQYAE4ER\dppix[1].htm 8340 bytes
    File C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\DQYAE4ER\dt[2].gif 0 bytes
    File C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\DQYAE4ER\dt[3].gif 43 bytes
    File C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\DQYAE4ER\a[1].gif 0 bytes
    File C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\DQYAE4ER\vpsurvey[2].swf 15305 bytes
    File C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\DQYAE4ER\vp_c[1].htm 0 bytes
    File C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\DQYAE4ER\vp_c[2].swf 0 bytes
    File C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\DQYAE4ER\js[2].js 2445 bytes
    File C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\DQYAE4ER\9192[1].js 0 bytes
    File C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\DQYAE4ER\Teen_Lander;page=teenrlp2;sz=728x90;ord=4338625450855007[1].js 568 bytes
    File C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\DQYAE4ER\Pug[1].gif 0 bytes
    File C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\DQYAE4ER\dynamic[1].swf 27029 bytes
    File C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\DQYAE4ER\eas[3].htm 0 bytes
    File C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\DQYAE4ER\eas[4].htm 0 bytes
    File C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\DQYAE4ER\EAS_tag.1.0[1].js 0 bytes
    File C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\DQYAE4ER\ebVisibility[1].js 0 bytes
    File C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\RC346598\240[8].jpg 6855 bytes
    File C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\RC346598\0[1].jpg 0 bytes
    File C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\RC346598\like[1].htm 0 bytes
    File C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\RC346598\240[7].jpg 0 bytes
    File C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\RC346598\results[2].htm 0 bytes
    File C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\RC346598\1582-4bdafd36b8e1ed1af0e73fcd37ab76bb[1].jsonp 426 bytes
    File C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\RC346598\base[1].js 0 bytes
    File C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\RC346598\beacon[3].js 0 bytes
    File C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\RC346598\recalls-finder[1].jpg 0 bytes
    File C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\RC346598\receivethenpush[1].js 160 bytes
    File C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\RC346598\recessionista[1].css 8043 bytes
    File C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\RC346598\screen_shot_2013-02-21_at_102307_am[1].png 14776 bytes
    File C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\RC346598\button-pager[1].png 0 bytes
    File C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\RC346598\mom-cancer-survivors[1].jpg 0 bytes
    File C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\RC346598\older-parents[1].jpg 0 bytes
    File C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\RC346598\eas[2].htm 490 bytes
    File C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\RC346598\eas[3].htm 500 bytes
    File C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\RC346598\1202633_DA_OTQ5NDM3MjQ=[1].jpg 3171 bytes
    File C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\RC346598\1202633_DA_OTQ5NDM3NDA=[1].jpg 3288 bytes
    File C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\RC346598\1202633_DA_OTQ5NDM4NDQ=[1].jpg 4499 bytes
    File C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\RC346598\1202633_DA_OTUyNzM0ODU=[1].jpg 0 bytes
    File C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\RC346598\Eminem[1].jpg 7127 bytes
    File C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\RC346598\main_slide_1[1].jpg 44171 bytes
    File C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\RC346598\iframe3[1].htm 0 bytes
    File C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\RC346598\iframe_adspot[4].htm 0 bytes
    File C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\RC346598\iframe_adspot[5].htm 2541 bytes
    File C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\RC346598\iframe_adspot[6].htm 0 bytes
    File C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\RC346598\iframe_adspot[7].htm 0 bytes
    File C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\RC346598\cm[1] 0 bytes
    File C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\TEJVS8FH\afr[1].htm 1043 bytes
    File C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\TEJVS8FH\afr[2].htm 1053 bytes
    File C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\TEJVS8FH\getAds[2].htm 7785 bytes
    File C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\TEJVS8FH\5011456362[1].htm 7219 bytes
    File C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\TEJVS8FH\beautifulcreatures-thumb[1].jpg 3787 bytes
    File C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\TEJVS8FH\appleapp-thumb[1].jpg 2040 bytes
    File C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\Z3FQPC0P\EAS_tag.1.0[2].js 8881 bytes
    File C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\Z3FQPC0P\pd[1].htm 68 bytes
    File C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\Z3FQPC0P\analytics[1].htm 327 bytes
    File C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\Z3FQPC0P\afr[2].htm 0 bytes
    File C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\66T59RQL.txt 0 bytes
    File C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\8JG2JB04.txt 0 bytes
    File C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\KO6JPOL5.txt 0 bytes
    File C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\U9C3LVJZ.txt 0 bytes
    File C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\7KBY4FHH.txt 0 bytes
    File C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\R3WTTT3W.txt 265 bytes
    File C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\YJH4ADOK.txt 0 bytes
    File C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\2JXNCRRH.txt 0 bytes
    File C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\2L743Z56.txt 180 bytes
    File C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\4WU2ZXIJ.txt 0 bytes
    File C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\6K497SF8.txt 0 bytes
    File C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\3L6OUC3C.txt 0 bytes
    File C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\OJ2XS480.txt 282 bytes
    File C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\IWBMCLYB.txt 109 bytes
    File C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\NEIPNG8O.txt 2411 bytes
    File C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\NGL0932Y.txt 4791 bytes
    File C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\WPMDUYDL.txt 3251 bytes
    File C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\XX212QA3.txt 90 bytes
    File C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\PGMZR6F6.txt 1299 bytes
    File C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\LMMVAJ5H.txt 0 bytes
    File C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\LNXVXSW4.txt 221 bytes
    File C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\LOKTM9C8.txt 87 bytes
    File C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\X3NS30FY.txt 527 bytes
    File C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\X487RY5Z.txt 228 bytes
    File C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\2UFCNZ4I.txt 0 bytes
    File C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\K3E91QKP.txt 99 bytes
    File C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\VU3HJVD2.txt 0 bytes
    File C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\KVBVH4QX.txt 723 bytes
    File C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\KWQ291RX.txt 1305 bytes
    File C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\3R4UCQCS.txt 0 bytes
    File C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\E0LY5Z0H.txt 582 bytes
    File C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\0PJMN9QS.txt 125 bytes
    File C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\J5U9TJDK.txt 1007 bytes
    File C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\F636NB22.txt 2704 bytes
    File C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\72BB72ZV.txt 0 bytes
    File C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\AT2RT5M2.txt 571 bytes

    ---- EOF - GMER 2.1 ----
     
  6. JSntgRvr

    JSntgRvr Retired Moderator and Malware Specialist

    Joined:
    Jul 1, 2003
    Messages:
    18,552
    First Name:
    José
    Welcome to TSG.

    Please download the latest version of TDSSKiller from here and save it to your Desktop.
    • Doubleclick on TDSSKiller.exe to run the application, then click on Change parameters.
      [​IMG]
    • Put a checkmark beside loaded modules.
      [​IMG]
    • A reboot will be needed to apply the changes. Do it.
    • TDSSKiller will launch automatically after the reboot. Also your computer may seem very slow and unusable. This is normal. Give it enough time to load your background programs.
    • Then click on Change parameters in TDSSKiller.
    • Check all boxes then click OK.
      [​IMG]
    • Click the Start Scan button.
      [​IMG]
    • The scan should take no longer than 2 minutes.
    • If a suspicious object is detected, the default action will be Skip, click on Continue.
      [​IMG]
    • If malicious objects are found, they will show in the Scan results - Select action for found objects and offer three options.
      Ensure Cure (default) is selected, then click Continue > Reboot now to finish the cleaning process.
      [​IMG]
      Note: If Cure is not available, please choose Skip instead, do not choose Delete unless instructed.
    • A report will be created in your root directory, (usually C:\ folder) in the form of "TDSSKiller.[Version]_[Date]_[Time]_log.txt". Please copy and paste the contents of that file here.
     
  7. dwarren1

    dwarren1 Thread Starter

    Joined:
    Feb 26, 2013
    Messages:
    9
    23:31:53.0547 2772 TDSS rootkit removing tool 2.8.16.0 Feb 11 2013 18:50:42
    23:31:53.0562 2772 ============================================================
    23:31:53.0562 2772 Current date / time: 2013/02/27 23:31:53.0562
    23:31:53.0562 2772 SystemInfo:
    23:31:53.0562 2772
    23:31:53.0562 2772 OS Version: 6.1.7601 ServicePack: 1.0
    23:31:53.0562 2772 Product type: Workstation
    23:31:53.0562 2772 ComputerName: DARYL-PC
    23:31:53.0562 2772 UserName: Daryl
    23:31:53.0562 2772 Windows directory: C:\windows
    23:31:53.0562 2772 System windows directory: C:\windows
    23:31:53.0562 2772 Processor architecture: Intel x86
    23:31:53.0562 2772 Number of processors: 1
    23:31:53.0562 2772 Page size: 0x1000
    23:31:53.0562 2772 Boot type: Normal boot
    23:31:53.0562 2772 ============================================================
    23:31:57.0182 2772 BG loaded
    23:31:58.0102 2772 Drive \Device\Harddisk0\DR0 - Size: 0x3A38B2E000 (232.89 Gb), SectorSize: 0x200, Cylinders: 0x76C1, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000050
    23:31:58.0102 2772 ============================================================
    23:31:58.0102 2772 \Device\Harddisk0\DR0:
    23:31:58.0102 2772 MBR partitions:
    23:31:58.0102 2772 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x2EE800, BlocksNum 0x1BEAA800
    23:31:58.0102 2772 ============================================================
    23:31:58.0133 2772 C: <-> \Device\Harddisk0\DR0\Partition1
    23:31:58.0133 2772 ============================================================
    23:31:58.0133 2772 Initialize success
    23:31:58.0133 2772 ============================================================
    23:33:56.0951 4520 ============================================================
    23:33:56.0951 4520 Scan started
    23:33:56.0951 4520 Mode: Manual; SigCheck; TDLFS;
    23:33:56.0951 4520 ============================================================
    23:34:01.0585 4520 ================ Scan system memory ========================
    23:34:01.0585 4520 System memory - ok
    23:34:01.0600 4520 ================ Scan services =============================
    23:34:01.0834 4520 [ 01E81C84AD1D0ACC61CF3CFD06632210 ] !SASCORE C:\Program Files\SUPERAntiSpyware\SASCORE.EXE
    23:34:01.0912 4520 !SASCORE - ok
    23:34:02.0287 4520 [ 1B133875B8AA8AC48969BD3458AFE9F5 ] 1394ohci C:\windows\system32\drivers\1394ohci.sys
    23:34:02.0365 4520 1394ohci - ok
    23:34:02.0458 4520 [ CEA80C80BED809AA0DA6FEBC04733349 ] ACPI C:\windows\system32\drivers\ACPI.sys
    23:34:02.0474 4520 ACPI - ok
    23:34:02.0567 4520 [ 1EFBC664ABFF416D1D07DB115DCB264F ] AcpiPmi C:\windows\system32\drivers\acpipmi.sys
    23:34:02.0630 4520 AcpiPmi - ok
    23:34:02.0786 4520 [ 9942DC4CC265CDA00486504444EF521D ] AdobeFlashPlayerUpdateSvc C:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
    23:34:02.0801 4520 AdobeFlashPlayerUpdateSvc - ok
    23:34:02.0926 4520 [ 21E785EBD7DC90A06391141AAC7892FB ] adp94xx C:\windows\system32\DRIVERS\adp94xx.sys
    23:34:02.0942 4520 adp94xx - ok
    23:34:02.0973 4520 [ 0C676BC278D5B59FF5ABD57BBE9123F2 ] adpahci C:\windows\system32\DRIVERS\adpahci.sys
    23:34:02.0989 4520 adpahci - ok
    23:34:03.0035 4520 [ 7C7B5EE4B7B822EC85321FE23A27DB33 ] adpu320 C:\windows\system32\DRIVERS\adpu320.sys
    23:34:03.0051 4520 adpu320 - ok
    23:34:03.0160 4520 [ 8B5EEFEEC1E6D1A72A06C526628AD161 ] AeLookupSvc C:\windows\System32\aelupsvc.dll
    23:34:03.0238 4520 AeLookupSvc - ok
    23:34:03.0347 4520 [ 9EBBBA55060F786F0FCAA3893BFA2806 ] AFD C:\windows\system32\drivers\afd.sys
    23:34:03.0410 4520 AFD - ok
    23:34:03.0550 4520 [ 7E077309910CE334C3B2B7B8665A55C4 ] AffinegyService C:\Program Files\Belkin\Router Setup and Monitor\BelkinService.exe
    23:34:03.0613 4520 AffinegyService - ok
    23:34:03.0753 4520 [ 7E10E3BB9B258AD8A9300F91214D67B9 ] AgereSoftModem C:\windows\system32\DRIVERS\AGRSM.sys
    23:34:03.0862 4520 AgereSoftModem - ok
    23:34:03.0909 4520 [ 507812C3054C21CEF746B6EE3D04DD6E ] agp440 C:\windows\system32\drivers\agp440.sys
    23:34:03.0956 4520 agp440 - ok
    23:34:04.0018 4520 [ 8B30250D573A8F6B4BD23195160D8707 ] aic78xx C:\windows\system32\DRIVERS\djsvs.sys
    23:34:04.0034 4520 aic78xx - ok
    23:34:04.0159 4520 [ 18A54E132947CD98FEA9ACCC57F98F13 ] ALG C:\windows\System32\alg.exe
    23:34:04.0252 4520 ALG - ok
    23:34:04.0315 4520 [ 0D40BCF52EA90FC7DF2AEAB6503DEA44 ] aliide C:\windows\system32\drivers\aliide.sys
    23:34:04.0330 4520 aliide - ok
    23:34:04.0424 4520 [ 0BC6704F6FB4C63CDCB85401E8263A1B ] AMD External Events Utility C:\windows\system32\atiesrxx.exe
    23:34:04.0502 4520 AMD External Events Utility - ok
    23:34:04.0580 4520 [ 3C6600A0696E90A463771C7422E23AB5 ] amdagp C:\windows\system32\drivers\amdagp.sys
    23:34:04.0595 4520 amdagp - ok
    23:34:04.0642 4520 [ CD5914170297126B6266860198D1D4F0 ] amdide C:\windows\system32\drivers\amdide.sys
    23:34:04.0689 4520 amdide - ok
    23:34:04.0751 4520 [ 00DDA200D71BAC534BF56A9DB5DFD666 ] AmdK8 C:\windows\system32\DRIVERS\amdk8.sys
    23:34:04.0829 4520 AmdK8 - ok
    23:34:04.0923 4520 [ 3CBF30F5370FDA40DD3E87DF38EA53B6 ] AmdPPM C:\windows\system32\DRIVERS\amdppm.sys
    23:34:04.0970 4520 AmdPPM - ok
    23:34:05.0048 4520 [ D320BF87125326F996D4904FE24300FC ] amdsata C:\windows\system32\drivers\amdsata.sys
    23:34:05.0063 4520 amdsata - ok
    23:34:05.0157 4520 [ EA43AF0C423FF267355F74E7A53BDABA ] amdsbs C:\windows\system32\DRIVERS\amdsbs.sys
    23:34:05.0173 4520 amdsbs - ok
    23:34:05.0204 4520 [ 46387FB17B086D16DEA267D5BE23A2F2 ] amdxata C:\windows\system32\drivers\amdxata.sys
    23:34:05.0219 4520 amdxata - ok
    23:34:05.0329 4520 [ AEA177F783E20150ACE5383EE368DA19 ] AppID C:\windows\system32\drivers\appid.sys
    23:34:05.0719 4520 AppID - ok
    23:34:05.0765 4520 [ 62A9C86CB6085E20DB4823E4E97826F5 ] AppIDSvc C:\windows\System32\appidsvc.dll
    23:34:05.0828 4520 AppIDSvc - ok
    23:34:05.0937 4520 [ FB1959012294D6AD43E5304DF65E3C26 ] Appinfo C:\windows\System32\appinfo.dll
    23:34:05.0984 4520 Appinfo - ok
    23:34:06.0218 4520 [ 4FE5C6D40664AE07BE5105874357D2ED ] Apple Mobile Device C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
    23:34:06.0233 4520 Apple Mobile Device - ok
    23:34:06.0311 4520 [ 2932004F49677BD84DBC72EDB754FFB3 ] arc C:\windows\system32\DRIVERS\arc.sys
    23:34:06.0327 4520 arc - ok
    23:34:06.0374 4520 [ 5D6F36C46FD283AE1B57BD2E9FEB0BC7 ] arcsas C:\windows\system32\DRIVERS\arcsas.sys
    23:34:06.0389 4520 arcsas - ok
    23:34:06.0608 4520 [ 776ACEFA0CA9DF0FAA51A5FB2F435705 ] aspnet_state C:\windows\Microsoft.NET\Framework\v4.0.30319\aspnet_state.exe
    23:34:06.0670 4520 aspnet_state - ok
    23:34:06.0748 4520 [ ADD2ADE1C2B285AB8378D2DAAF991481 ] AsyncMac C:\windows\system32\DRIVERS\asyncmac.sys
    23:34:06.0935 4520 AsyncMac - ok
    23:34:07.0029 4520 [ 338C86357871C167A96AB976519BF59E ] atapi C:\windows\system32\drivers\atapi.sys
    23:34:07.0060 4520 atapi - ok
    23:34:07.0263 4520 [ C97BE8350FBCB1960B22FAD2E6C2B514 ] atikmdag C:\windows\system32\DRIVERS\atikmdag.sys
    23:34:07.0388 4520 atikmdag - ok
    23:34:07.0466 4520 [ B73C832088DD54B55E04FF6F9646AD8C ] AtiPcie C:\windows\system32\DRIVERS\AtiPcie.sys
    23:34:08.0246 4520 AtiPcie - ok
    23:34:08.0371 4520 [ CE3B4E731638D2EF62FCB419BE0D39F0 ] AudioEndpointBuilder C:\windows\System32\Audiosrv.dll
    23:34:08.0417 4520 AudioEndpointBuilder - ok
    23:34:08.0433 4520 [ CE3B4E731638D2EF62FCB419BE0D39F0 ] Audiosrv C:\windows\System32\Audiosrv.dll
    23:34:08.0464 4520 Audiosrv - ok
    23:34:08.0542 4520 [ 6E30D02AAC9CAC84F421622E3A2F6178 ] AxInstSV C:\windows\System32\AxInstSV.dll
    23:34:08.0573 4520 AxInstSV - ok
    23:34:08.0651 4520 [ 1A231ABEC60FD316EC54C66715543CEC ] b06bdrv C:\windows\system32\DRIVERS\bxvbdx.sys
    23:34:08.0698 4520 b06bdrv - ok
    23:34:08.0792 4520 [ BD8869EB9CDE6BBE4508D869929869EE ] b57nd60x C:\windows\system32\DRIVERS\b57nd60x.sys
    23:34:08.0854 4520 b57nd60x - ok
    23:34:09.0057 4520 [ 0D1EA7509F394D8B705B239EE71F5118 ] BBSvc C:\Program Files\Microsoft\BingBar\BBSvc.EXE
    23:34:09.0073 4520 BBSvc - ok
    23:34:09.0135 4520 [ EE1E9C3BB8228AE423DD38DB69128E71 ] BDESVC C:\windows\System32\bdesvc.dll
    23:34:09.0182 4520 BDESVC - ok
    23:34:09.0307 4520 [ 505506526A9D467307B3C393DEDAF858 ] Beep C:\windows\system32\drivers\Beep.sys
    23:34:09.0353 4520 Beep - ok
    23:34:09.0447 4520 [ 1E2BAC209D184BB851E1A187D8A29136 ] BFE C:\windows\System32\bfe.dll
    23:34:09.0494 4520 BFE - ok
    23:34:09.0556 4520 [ E585445D5021971FAE10393F0F1C3961 ] BITS C:\windows\System32\qmgr.dll
    23:34:09.0634 4520 BITS - ok
    23:34:09.0697 4520 [ 2287078ED48FCFC477B05B20CF38F36F ] blbdrive C:\windows\system32\DRIVERS\blbdrive.sys
    23:34:09.0759 4520 blbdrive - ok
    23:34:09.0884 4520 [ DB5BEA73EDAF19AC68B2C0FAD0F92B1A ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe
    23:34:09.0899 4520 Bonjour Service - ok
    23:34:09.0962 4520 [ 8F2DA3028D5FCBD1A060A3DE64CD6506 ] bowser C:\windows\system32\DRIVERS\bowser.sys
    23:34:09.0993 4520 bowser - ok
    23:34:10.0009 4520 [ 9F9ACC7F7CCDE8A15C282D3F88B43309 ] BrFiltLo C:\windows\system32\DRIVERS\BrFiltLo.sys
    23:34:10.0071 4520 BrFiltLo - ok
    23:34:10.0102 4520 [ 56801AD62213A41F6497F96DEE83755A ] BrFiltUp C:\windows\system32\DRIVERS\BrFiltUp.sys
    23:34:10.0149 4520 BrFiltUp - ok
    23:34:10.0196 4520 [ 3DAA727B5B0A45039B0E1C9A211B8400 ] Browser C:\windows\System32\browser.dll
    23:34:10.0243 4520 Browser - ok
    23:34:10.0289 4520 [ 845B8CE732E67F3B4133164868C666EA ] Brserid C:\windows\System32\Drivers\Brserid.sys
    23:34:10.0336 4520 Brserid - ok
    23:34:10.0383 4520 [ 203F0B1E73ADADBBB7B7B1FABD901F6B ] BrSerWdm C:\windows\System32\Drivers\BrSerWdm.sys
    23:34:10.0414 4520 BrSerWdm - ok
    23:34:10.0461 4520 [ BD456606156BA17E60A04E18016AE54B ] BrUsbMdm C:\windows\System32\Drivers\BrUsbMdm.sys
    23:34:10.0508 4520 BrUsbMdm - ok
    23:34:10.0523 4520 [ AF72ED54503F717A43268B3CC5FAEC2E ] BrUsbSer C:\windows\System32\Drivers\BrUsbSer.sys
    23:34:10.0570 4520 BrUsbSer - ok
    23:34:10.0586 4520 [ ED3DF7C56CE0084EB2034432FC56565A ] BTHMODEM C:\windows\system32\DRIVERS\bthmodem.sys
    23:34:10.0633 4520 BTHMODEM - ok
    23:34:10.0711 4520 [ 1DF19C96EEF6C29D1C3E1A8678E07190 ] bthserv C:\windows\system32\bthserv.dll
    23:34:10.0757 4520 bthserv - ok
    23:34:10.0882 4520 [ 77EA11B065E0A8AB902D78145CA51E10 ] cdfs C:\windows\system32\DRIVERS\cdfs.sys
    23:34:10.0929 4520 cdfs - ok
    23:34:11.0069 4520 [ BE167ED0FDB9C1FA1133953C18D5A6C9 ] cdrom C:\windows\system32\DRIVERS\cdrom.sys
    23:34:11.0116 4520 cdrom - ok
    23:34:11.0225 4520 [ 319C6B309773D063541D01DF8AC6F55F ] CertPropSvc C:\windows\System32\certprop.dll
    23:34:11.0288 4520 CertPropSvc - ok
    23:34:11.0335 4520 [ 3FE3FE94A34DF6FB06E6418D0F6A0060 ] circlass C:\windows\system32\DRIVERS\circlass.sys
    23:34:11.0381 4520 circlass - ok
    23:34:11.0444 4520 [ 635181E0E9BBF16871BF5380D71DB02D ] CLFS C:\windows\system32\CLFS.sys
    23:34:11.0459 4520 CLFS - ok
    23:34:11.0569 4520 [ D88040F816FDA31C3B466F0FA0918F29 ] clr_optimization_v2.0.50727_32 C:\windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
    23:34:11.0584 4520 clr_optimization_v2.0.50727_32 - ok
    23:34:11.0678 4520 [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
    23:34:11.0818 4520 clr_optimization_v4.0.30319_32 - ok
    23:34:11.0865 4520 [ DEA805815E587DAD1DD2C502220B5616 ] CmBatt C:\windows\system32\DRIVERS\CmBatt.sys
    23:34:11.0959 4520 CmBatt - ok
    23:34:12.0005 4520 [ C537B1DB64D495B9B4717B4D6D9EDBF2 ] cmdide C:\windows\system32\drivers\cmdide.sys
    23:34:12.0037 4520 cmdide - ok
    23:34:12.0099 4520 [ 247B4CE2DAB1160CD422D532D5241E1F ] CNG C:\windows\system32\Drivers\cng.sys
    23:34:12.0161 4520 CNG - ok
    23:34:12.0286 4520 [ A6023D3823C37043986713F118A89BEE ] Compbatt C:\windows\system32\DRIVERS\compbatt.sys
    23:34:12.0333 4520 Compbatt - ok
    23:34:12.0427 4520 [ CBE8C58A8579CFE5FCCF809E6F114E89 ] CompositeBus C:\windows\system32\drivers\CompositeBus.sys
    23:34:12.0442 4520 CompositeBus - ok
    23:34:12.0489 4520 COMSysApp - ok
    23:34:13.0207 4520 cpuz135 - ok
    23:34:13.0238 4520 [ 2C4EBCFC84A9B44F209DFF6C6E6C61D1 ] crcdisk C:\windows\system32\DRIVERS\crcdisk.sys
    23:34:13.0253 4520 crcdisk - ok
    23:34:13.0409 4520 [ 96C0E38905CFD788313BE8E11DAE3F2F ] CryptSvc C:\windows\system32\cryptsvc.dll
    23:34:13.0441 4520 CryptSvc - ok
    23:34:13.0503 4520 [ 7660F01D3B38ACA1747E397D21D790AF ] DcomLaunch C:\windows\system32\rpcss.dll
    23:34:13.0565 4520 DcomLaunch - ok
    23:34:13.0643 4520 [ 8D6E10A2D9A5EED59562D9B82CF804E1 ] defragsvc C:\windows\System32\defragsvc.dll
    23:34:13.0690 4520 defragsvc - ok
    23:34:13.0799 4520 [ F024449C97EC1E464AAFFDA18593DB88 ] DfsC C:\windows\system32\Drivers\dfsc.sys
    23:34:13.0877 4520 DfsC - ok
    23:34:13.0987 4520 [ E9E01EB683C132F7FA27CD607B8A2B63 ] Dhcp C:\windows\system32\dhcpcore.dll
    23:34:14.0033 4520 Dhcp - ok
    23:34:14.0111 4520 [ 1A050B0274BFB3890703D490F330C0DA ] discache C:\windows\system32\drivers\discache.sys
    23:34:14.0174 4520 discache - ok
    23:34:14.0267 4520 [ 565003F326F99802E68CA78F2A68E9FF ] Disk C:\windows\system32\DRIVERS\disk.sys
    23:34:14.0283 4520 Disk - ok
    23:34:14.0345 4520 [ 33EF4861F19A0736B11314AAD9AE28D0 ] Dnscache C:\windows\System32\dnsrslvr.dll
    23:34:14.0423 4520 Dnscache - ok
    23:34:14.0501 4520 [ 366BA8FB4B7BB7435E3B9EACB3843F67 ] dot3svc C:\windows\System32\dot3svc.dll
    23:34:14.0548 4520 dot3svc - ok
    23:34:14.0611 4520 [ 8EC04CA86F1D68DA9E11952EB85973D6 ] DPS C:\windows\system32\dps.dll
    23:34:14.0689 4520 DPS - ok
    23:34:14.0751 4520 [ B918E7C5F9BF77202F89E1A9539F2EB4 ] drmkaud C:\windows\system32\drivers\drmkaud.sys
    23:34:14.0798 4520 drmkaud - ok
    23:34:14.0860 4520 [ 23F5D28378A160352BA8F817BD8C71CB ] DXGKrnl C:\windows\System32\drivers\dxgkrnl.sys
    23:34:14.0891 4520 DXGKrnl - ok
    23:34:14.0938 4520 [ 8600142FA91C1B96367D3300AD0F3F3A ] EapHost C:\windows\System32\eapsvc.dll
    23:34:14.0985 4520 EapHost - ok
    23:34:15.0157 4520 [ 024E1B5CAC09731E4D868E64DBFB4AB0 ] ebdrv C:\windows\system32\DRIVERS\evbdx.sys
    23:34:15.0297 4520 ebdrv - ok
    23:34:15.0359 4520 [ 81951F51E318AECC2D68559E47485CC4 ] EFS C:\windows\System32\lsass.exe
    23:34:15.0375 4520 EFS - ok
    23:34:15.0469 4520 [ A8C362018EFC87BEB013EE28F29C0863 ] ehRecvr C:\windows\ehome\ehRecvr.exe
    23:34:15.0500 4520 ehRecvr - ok
    23:34:15.0531 4520 [ D389BFF34F80CAEDE417BF9D1507996A ] ehSched C:\windows\ehome\ehsched.exe
    23:34:15.0578 4520 ehSched - ok
    23:34:15.0718 4520 [ 0ED67910C8C326796FAA00B2BF6D9D3C ] elxstor C:\windows\system32\DRIVERS\elxstor.sys
    23:34:15.0781 4520 elxstor - ok
    23:34:15.0999 4520 [ 8FC3208352DD3912C94367A206AB3F11 ] ErrDev C:\windows\system32\drivers\errdev.sys
    23:34:16.0046 4520 ErrDev - ok
    23:34:16.0155 4520 [ F6916EFC29D9953D5D0DF06882AE8E16 ] EventSystem C:\windows\system32\es.dll
    23:34:16.0233 4520 EventSystem - ok
    23:34:16.0249 4520 [ 2DC9108D74081149CC8B651D3A26207F ] exfat C:\windows\system32\drivers\exfat.sys
    23:34:16.0295 4520 exfat - ok
    23:34:16.0327 4520 [ 7E0AB74553476622FB6AE36F73D97D35 ] fastfat C:\windows\system32\drivers\fastfat.sys
    23:34:16.0389 4520 fastfat - ok
    23:34:16.0545 4520 [ 967EA5B213E9984CBE270205DF37755B ] Fax C:\windows\system32\fxssvc.exe
    23:34:16.0623 4520 Fax - ok
    23:34:16.0654 4520 [ E817A017F82DF2A1F8CFDBDA29388B29 ] fdc C:\windows\system32\DRIVERS\fdc.sys
    23:34:16.0748 4520 fdc - ok
    23:34:16.0810 4520 [ F3222C893BD2F5821A0179E5C71E88FB ] fdPHost C:\windows\system32\fdPHost.dll
    23:34:16.0904 4520 fdPHost - ok
    23:34:17.0356 4520 [ 7DBE8CBFE79EFBDEB98C9FB08D3A9A5B ] FDResPub C:\windows\system32\fdrespub.dll
    23:34:17.0387 4520 FDResPub - ok
    23:34:17.0419 4520 [ 6CF00369C97F3CF563BE99BE983D13D8 ] FileInfo C:\windows\system32\drivers\fileinfo.sys
    23:34:17.0465 4520 FileInfo - ok
    23:34:17.0543 4520 [ 42C51DC94C91DA21CB9196EB64C45DB9 ] Filetrace C:\windows\system32\drivers\filetrace.sys
    23:34:17.0590 4520 Filetrace - ok
    23:34:17.0621 4520 [ 87907AA70CB3C56600F1C2FB8841579B ] flpydisk C:\windows\system32\DRIVERS\flpydisk.sys
    23:34:17.0668 4520 flpydisk - ok
    23:34:17.0746 4520 [ 7520EC808E0C35E0EE6F841294316653 ] FltMgr C:\windows\system32\drivers\fltmgr.sys
    23:34:17.0762 4520 FltMgr - ok
    23:34:17.0871 4520 [ B3A5EC6B6B6673DB7E87C2BCDBDDC074 ] FontCache C:\windows\system32\FntCache.dll
    23:34:17.0918 4520 FontCache - ok
    23:34:18.0027 4520 [ E56F39F6B7FDA0AC77A79B0FD3DE1A2F ] FontCache3.0.0.0 C:\windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe
    23:34:18.0058 4520 FontCache3.0.0.0 - ok
    23:34:18.0167 4520 [ 1A16B57943853E598CFF37FE2B8CBF1D ] FsDepends C:\windows\system32\drivers\FsDepends.sys
    23:34:18.0183 4520 FsDepends - ok
    23:34:18.0308 4520 [ B0082808A6856A252F7CDD939892CE50 ] fssfltr C:\windows\system32\DRIVERS\fssfltr.sys
    23:34:18.0323 4520 fssfltr - ok
    23:34:18.0495 4520 [ 28DDEEEC44E988657B732CF404D504CB ] fsssvc C:\Program Files\Windows Live\Family Safety\fsssvc.exe
    23:34:18.0557 4520 fsssvc - ok
    23:34:18.0620 4520 [ 7DAE5EBCC80E45D3253F4923DC424D05 ] Fs_Rec C:\windows\system32\drivers\Fs_Rec.sys
    23:34:18.0635 4520 Fs_Rec - ok
    23:34:18.0713 4520 Futuremark SystemInfo Service - ok
    23:34:18.0838 4520 [ 8A73E79089B282100B9393B644CB853B ] fvevol C:\windows\system32\DRIVERS\fvevol.sys
    23:34:18.0854 4520 fvevol - ok
    23:34:19.0010 4520 [ 65EE0C7A58B65E74AE05637418153938 ] gagp30kx C:\windows\system32\DRIVERS\gagp30kx.sys
    23:34:19.0025 4520 gagp30kx - ok
    23:34:19.0088 4520 [ 185ADA973B5020655CEE342059A86CBB ] GEARAspiWDM C:\windows\system32\DRIVERS\GEARAspiWDM.sys
    23:34:19.0103 4520 GEARAspiWDM - ok
    23:34:19.0166 4520 [ E897EAF5ED6BA41E081060C9B447A673 ] gpsvc C:\windows\System32\gpsvc.dll
    23:34:19.0228 4520 gpsvc - ok
    23:34:19.0369 4520 [ 8F0DE4FEF8201E306F9938B0905AC96A ] gupdate C:\Program Files\Google\Update\GoogleUpdate.exe
    23:34:19.0384 4520 gupdate - ok
    23:34:19.0447 4520 [ 8F0DE4FEF8201E306F9938B0905AC96A ] gupdatem C:\Program Files\Google\Update\GoogleUpdate.exe
    23:34:19.0462 4520 gupdatem - ok
    23:34:19.0587 4520 [ 5D4BC124FAAE6730AC002CDB67BF1A1C ] gusvc C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
    23:34:19.0634 4520 gusvc - ok
    23:34:19.0727 4520 [ 833051C6C6C42117191935F734CFBD97 ] hamachi C:\windows\system32\DRIVERS\hamachi.sys
    23:34:19.0759 4520 hamachi - ok
    23:34:19.0993 4520 [ 616399E27A55C97AE859230EB13984D8 ] Hamachi2Svc C:\Program Files\LogMeIn Hamachi\hamachi-2.exe
    23:34:20.0024 4520 Hamachi2Svc - ok
    23:34:20.0102 4520 [ C44E3C2BAB6837DB337DDEE7544736DB ] hcw85cir C:\windows\system32\drivers\hcw85cir.sys
    23:34:20.0149 4520 hcw85cir - ok
    23:34:20.0351 4520 [ A5EF29D5315111C80A5C1ABAD14C8972 ] HdAudAddService C:\windows\system32\drivers\HdAudio.sys
    23:34:20.0398 4520 HdAudAddService - ok
    23:34:20.0461 4520 [ 9036377B8A6C15DC2EEC53E489D159B5 ] HDAudBus C:\windows\system32\drivers\HDAudBus.sys
    23:34:20.0492 4520 HDAudBus - ok
    23:34:20.0539 4520 [ 1D58A7F3E11A9731D0EAAAA8405ACC36 ] HidBatt C:\windows\system32\DRIVERS\HidBatt.sys
    23:34:20.0570 4520 HidBatt - ok
    23:34:20.0601 4520 [ 89448F40E6DF260C206A193A4683BA78 ] HidBth C:\windows\system32\DRIVERS\hidbth.sys
    23:34:20.0648 4520 HidBth - ok
    23:34:20.0710 4520 [ CF50B4CF4A4F229B9F3C08351F99CA5E ] HidIr C:\windows\system32\DRIVERS\hidir.sys
    23:34:20.0788 4520 HidIr - ok
    23:34:20.0851 4520 [ 2BC6F6A1992B3A77F5F41432CA6B3B6B ] hidserv C:\windows\system32\hidserv.dll
    23:34:20.0929 4520 hidserv - ok
    23:34:21.0038 4520 [ 10C19F8290891AF023EAEC0832E1EB4D ] HidUsb C:\windows\system32\DRIVERS\hidusb.sys
    23:34:21.0069 4520 HidUsb - ok
    23:34:21.0147 4520 [ 196B4E3F4CCCC24AF836CE58FACBB699 ] hkmsvc C:\windows\system32\kmsvc.dll
    23:34:21.0178 4520 hkmsvc - ok
    23:34:21.0818 4520 [ 6658F4404DE03D75FE3BA09F7ABA6A30 ] HomeGroupListener C:\windows\system32\ListSvc.dll
    23:34:22.0379 4520 HomeGroupListener - ok
    23:34:22.0957 4520 [ DBC02D918FFF1CAD628ACBE0C0EAA8E8 ] HomeGroupProvider C:\windows\system32\provsvc.dll
    23:34:23.0253 4520 HomeGroupProvider - ok
    23:34:23.0331 4520 [ 295FDC419039090EB8B49FFDBB374549 ] HpSAMD C:\windows\system32\drivers\HpSAMD.sys
    23:34:23.0347 4520 HpSAMD - ok
    23:34:23.0409 4520 [ 871917B07A141BFF43D76D8844D48106 ] HTTP C:\windows\system32\drivers\HTTP.sys
    23:34:23.0456 4520 HTTP - ok
    23:34:23.0487 4520 [ 0C4E035C7F105F1299258C90886C64C5 ] hwpolicy C:\windows\system32\drivers\hwpolicy.sys
    23:34:23.0503 4520 hwpolicy - ok
    23:34:23.0799 4520 [ F151F0BDC47F4A28B1B20A0818EA36D6 ] i8042prt C:\windows\system32\drivers\i8042prt.sys
    23:34:23.0939 4520 i8042prt - ok
    23:34:24.0064 4520 [ 5CD5F9A5444E6CDCB0AC89BD62D8B76E ] iaStorV C:\windows\system32\drivers\iaStorV.sys
    23:34:24.0095 4520 iaStorV - ok
    23:34:24.0236 4520 [ C521D7EB6497BB1AF6AFA89E322FB43C ] idsvc C:\windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
    23:34:24.0392 4520 idsvc - ok
    23:34:24.0485 4520 [ 4173FF5708F3236CF25195FECD742915 ] iirsp C:\windows\system32\DRIVERS\iirsp.sys
    23:34:24.0501 4520 iirsp - ok
    23:34:24.0595 4520 [ F95622F161474511B8D80D6B093AA610 ] IKEEXT C:\windows\System32\ikeext.dll
    23:34:24.0704 4520 IKEEXT - ok
    23:34:25.0421 4520 [ E4A2E810CB2607C9C159C0DFB0BD4C88 ] IntcAzAudAddService C:\windows\system32\drivers\RTKVHDA.sys
    23:34:25.0718 4520 IntcAzAudAddService - ok
    23:34:25.0733 4520 [ A0F12F2C9BA6C72F3987CE780E77C130 ] intelide C:\windows\system32\drivers\intelide.sys
    23:34:25.0749 4520 intelide - ok
    23:34:25.0874 4520 [ 3B514D27BFC4ACCB4037BC6685F766E0 ] intelppm C:\windows\system32\DRIVERS\intelppm.sys
    23:34:25.0999 4520 intelppm - ok
    23:34:26.0061 4520 [ ACB364B9075A45C0736E5C47BE5CAE19 ] IPBusEnum C:\windows\system32\ipbusenum.dll
    23:34:26.0123 4520 IPBusEnum - ok
    23:34:26.0155 4520 [ 709D1761D3B19A932FF0238EA6D50200 ] IpFilterDriver C:\windows\system32\DRIVERS\ipfltdrv.sys
    23:34:26.0311 4520 IpFilterDriver - ok
    23:34:26.0435 4520 [ 4D65A07B795D6674312F879D09AA7663 ] iphlpsvc C:\windows\System32\iphlpsvc.dll
    23:34:26.0513 4520 iphlpsvc - ok
    23:34:26.0576 4520 [ 4BD7134618C1D2A27466A099062547BF ] IPMIDRV C:\windows\system32\drivers\IPMIDrv.sys
    23:34:26.0607 4520 IPMIDRV - ok
    23:34:26.0638 4520 [ A5FA468D67ABCDAA36264E463A7BB0CD ] IPNAT C:\windows\system32\drivers\ipnat.sys
    23:34:26.0701 4520 IPNAT - ok
    23:34:27.0293 4520 [ E46B17060D3962A384AE484094614788 ] iPod Service C:\Program Files\iPod\bin\iPodService.exe
    23:34:27.0371 4520 iPod Service - ok
    23:34:27.0637 4520 [ 42996CFF20A3084A56017B7902307E9F ] IRENUM C:\windows\system32\drivers\irenum.sys
    23:34:27.0777 4520 IRENUM - ok
    23:34:27.0855 4520 [ 1F32BB6B38F62F7DF1A7AB7292638A35 ] isapnp C:\windows\system32\drivers\isapnp.sys
    23:34:27.0871 4520 isapnp - ok
    23:34:27.0949 4520 [ CB7A9ABB12B8415BCE5D74994C7BA3AE ] iScsiPrt C:\windows\system32\drivers\msiscsi.sys
    23:34:27.0964 4520 iScsiPrt - ok
    23:34:28.0073 4520 [ ADEF52CA1AEAE82B50DF86B56413107E ] kbdclass C:\windows\system32\drivers\kbdclass.sys
    23:34:28.0073 4520 kbdclass - ok
    23:34:28.0151 4520 [ 9E3CED91863E6EE98C24794D05E27A71 ] kbdhid C:\windows\system32\drivers\kbdhid.sys
    23:34:28.0183 4520 kbdhid - ok
    23:34:28.0214 4520 [ 81951F51E318AECC2D68559E47485CC4 ] KeyIso C:\windows\system32\lsass.exe
    23:34:28.0229 4520 KeyIso - ok
    23:34:28.0307 4520 [ B7895B4182C0D16F6EFADEB8081E8D36 ] KSecDD C:\windows\system32\Drivers\ksecdd.sys
    23:34:28.0354 4520 KSecDD - ok
    23:34:28.0385 4520 [ D30159AC9237519FBC62C6EC247D2D46 ] KSecPkg C:\windows\system32\Drivers\ksecpkg.sys
    23:34:28.0401 4520 KSecPkg - ok
    23:34:28.0479 4520 [ 89A7B9CC98D0D80C6F31B91C0A310FCD ] KtmRm C:\windows\system32\msdtckrm.dll
    23:34:28.0526 4520 KtmRm - ok
    23:34:28.0588 4520 [ D64AF876D53ECA3668BB97B51B4E70AB ] LanmanServer C:\windows\system32\srvsvc.dll
    23:34:28.0651 4520 LanmanServer - ok
    23:34:28.0682 4520 [ 58405E4F68BA8E4057C6E914F326ABA2 ] LanmanWorkstation C:\windows\System32\wkssvc.dll
    23:34:28.0744 4520 LanmanWorkstation - ok
    23:34:28.0931 4520 [ F7611EC07349979DA9B0AE1F18CCC7A6 ] lltdio C:\windows\system32\DRIVERS\lltdio.sys
    23:34:29.0025 4520 lltdio - ok
    23:34:29.0119 4520 [ 5700673E13A2117FA3B9020C852C01E2 ] lltdsvc C:\windows\System32\lltdsvc.dll
    23:34:29.0181 4520 lltdsvc - ok
    23:34:29.0228 4520 [ 55CA01BA19D0006C8F2639B6C045E08B ] lmhosts C:\windows\System32\lmhsvc.dll
    23:34:29.0321 4520 lmhosts - ok
    23:34:29.0462 4520 [ 6E3D3816749E107883EEC5734CE44493 ] LPCFilter C:\windows\system32\DRIVERS\LPCFilter.sys
    23:34:29.0477 4520 LPCFilter - ok
    23:34:29.0602 4520 [ EB119A53CCF2ACC000AC71B065B78FEF ] LSI_FC C:\windows\system32\DRIVERS\lsi_fc.sys
    23:34:29.0649 4520 LSI_FC - ok
    23:34:29.0743 4520 [ 8ADE1C877256A22E49B75D1CC9161F9C ] LSI_SAS C:\windows\system32\DRIVERS\lsi_sas.sys
    23:34:29.0758 4520 LSI_SAS - ok
    23:34:29.0774 4520 [ DC9DC3D3DAA0E276FD2EC262E38B11E9 ] LSI_SAS2 C:\windows\system32\DRIVERS\lsi_sas2.sys
    23:34:29.0789 4520 LSI_SAS2 - ok
    23:34:29.0852 4520 [ 0A036C7D7CAB643A7F07135AC47E0524 ] LSI_SCSI C:\windows\system32\DRIVERS\lsi_scsi.sys
    23:34:29.0867 4520 LSI_SCSI - ok
    23:34:29.0914 4520 [ 6703E366CC18D3B6E534F5CF7DF39CEE ] luafv C:\windows\system32\drivers\luafv.sys
    23:34:29.0977 4520 luafv - ok
    23:34:30.0133 4520 [ BA1347822D01B2D29C14CF09663A6457 ] LVRS C:\windows\system32\DRIVERS\lvrs.sys
    23:34:30.0148 4520 LVRS - ok
    23:34:30.0273 4520 [ 8E17D513D8011B0EE03C355EAAB0E0CC ] ManyCam C:\windows\system32\DRIVERS\mcvidrv.sys
    23:34:30.0476 4520 ManyCam - ok
    23:34:30.0663 4520 [ 562D95E00E14A944DEBE655DECBD3F5B ] mcaudrv_simple C:\windows\system32\drivers\mcaudrv.sys
    23:34:30.0741 4520 mcaudrv_simple - ok
    23:34:30.0850 4520 [ BFB9EE8EE977EFE85D1A3105ABEF6DD1 ] Mcx2Svc C:\windows\system32\Mcx2Svc.dll
    23:34:30.0881 4520 Mcx2Svc - ok
    23:34:30.0975 4520 [ 0FFF5B045293002AB38EB1FD1FC2FB74 ] megasas C:\windows\system32\DRIVERS\megasas.sys
    23:34:30.0991 4520 megasas - ok
    23:34:31.0069 4520 [ DCBAB2920C75F390CAF1D29F675D03D6 ] MegaSR C:\windows\system32\DRIVERS\MegaSR.sys
    23:34:31.0084 4520 MegaSR - ok
    23:34:31.0115 4520 [ 146B6F43A673379A3C670E86D89BE5EA ] MMCSS C:\windows\system32\mmcss.dll
    23:34:31.0178 4520 MMCSS - ok
    23:34:31.0209 4520 [ F001861E5700EE84E2D4E52C712F4964 ] Modem C:\windows\system32\drivers\modem.sys
    23:34:31.0287 4520 Modem - ok
    23:34:31.0349 4520 [ 79D10964DE86B292320E9DFE02282A23 ] monitor C:\windows\system32\DRIVERS\monitor.sys
    23:34:31.0396 4520 monitor - ok
    23:34:31.0583 4520 [ FB18CC1D4C2E716B6B903B0AC0CC0609 ] mouclass C:\windows\system32\DRIVERS\mouclass.sys
    23:34:31.0599 4520 mouclass - ok
    23:34:31.0677 4520 [ 2C388D2CD01C9042596CF3C8F3C7B24D ] mouhid C:\windows\system32\DRIVERS\mouhid.sys
    23:34:31.0724 4520 mouhid - ok
    23:34:31.0786 4520 [ FC8771F45ECCCFD89684E38842539B9B ] mountmgr C:\windows\system32\drivers\mountmgr.sys
    23:34:31.0802 4520 mountmgr - ok
    23:34:31.0880 4520 [ 2D699FB6E89CE0D8DA14ECC03B3EDFE0 ] mpio C:\windows\system32\drivers\mpio.sys
    23:34:31.0927 4520 mpio - ok
    23:34:32.0051 4520 [ AD2723A7B53DD1AACAE6AD8C0BFBF4D0 ] mpsdrv C:\windows\system32\drivers\mpsdrv.sys
    23:34:32.0098 4520 mpsdrv - ok
    23:34:32.0254 4520 [ 9835584E999D25004E1EE8E5F3E3B881 ] MpsSvc C:\windows\system32\mpssvc.dll
    23:34:32.0317 4520 MpsSvc - ok
    23:34:32.0363 4520 [ CEB46AB7C01C9F825F8CC6BABC18166A ] MRxDAV C:\windows\system32\drivers\mrxdav.sys
    23:34:32.0395 4520 MRxDAV - ok
    23:34:32.0441 4520 [ 5D16C921E3671636C0EBA3BBAAC5FD25 ] mrxsmb C:\windows\system32\DRIVERS\mrxsmb.sys
    23:34:32.0504 4520 mrxsmb - ok
    23:34:32.0582 4520 [ 6D17A4791ACA19328C685D256349FEFC ] mrxsmb10 C:\windows\system32\DRIVERS\mrxsmb10.sys
    23:34:32.0613 4520 mrxsmb10 - ok
    23:34:32.0660 4520 [ B81F204D146000BE76651A50670A5E9E ] mrxsmb20 C:\windows\system32\DRIVERS\mrxsmb20.sys
    23:34:32.0675 4520 mrxsmb20 - ok
    23:34:32.0707 4520 [ 012C5F4E9349E711E11E0F19A8589F0A ] msahci C:\windows\system32\drivers\msahci.sys
    23:34:32.0753 4520 msahci - ok
    23:34:32.0785 4520 [ 55055F8AD8BE27A64C831322A780A228 ] msdsm C:\windows\system32\drivers\msdsm.sys
    23:34:32.0800 4520 msdsm - ok
    23:34:32.0847 4520 [ E1BCE74A3BD9902B72599C0192A07E27 ] MSDTC C:\windows\System32\msdtc.exe
    23:34:32.0894 4520 MSDTC - ok
    23:34:32.0972 4520 [ DAEFB28E3AF5A76ABCC2C3078C07327F ] Msfs C:\windows\system32\drivers\Msfs.sys
    23:34:33.0065 4520 Msfs - ok
    23:34:33.0143 4520 [ 3E1E5767043C5AF9367F0056295E9F84 ] mshidkmdf C:\windows\System32\drivers\mshidkmdf.sys
    23:34:33.0284 4520 mshidkmdf - ok
    23:34:33.0331 4520 [ 0A4E5757AE09FA9622E3158CC1AEF114 ] msisadrv C:\windows\system32\drivers\msisadrv.sys
    23:34:33.0346 4520 msisadrv - ok
    23:34:33.0409 4520 [ 90F7D9E6B6F27E1A707D4A297F077828 ] MSiSCSI C:\windows\system32\iscsiexe.dll
    23:34:33.0471 4520 MSiSCSI - ok
    23:34:33.0487 4520 msiserver - ok
    23:34:33.0549 4520 [ 8C0860D6366AAFFB6C5BB9DF9448E631 ] MSKSSRV C:\windows\system32\drivers\MSKSSRV.sys
    23:34:33.0674 4520 MSKSSRV - ok
    23:34:33.0705 4520 [ 3EA8B949F963562CEDBB549EAC0C11CE ] MSPCLOCK C:\windows\system32\drivers\MSPCLOCK.sys
    23:34:33.0923 4520 MSPCLOCK - ok
    23:34:33.0955 4520 [ F456E973590D663B1073E9C463B40932 ] MSPQM C:\windows\system32\drivers\MSPQM.sys
    23:34:34.0048 4520 MSPQM - ok
    23:34:34.0095 4520 [ 0E008FC4819D238C51D7C93E7B41E560 ] MsRPC C:\windows\system32\drivers\MsRPC.sys
    23:34:34.0142 4520 MsRPC - ok
    23:34:34.0220 4520 [ FC6B9FF600CC585EA38B12589BD4E246 ] mssmbios C:\windows\system32\drivers\mssmbios.sys
    23:34:34.0235 4520 mssmbios - ok
    23:34:34.0298 4520 [ B42C6B921F61A6E55159B8BE6CD54A36 ] MSTEE C:\windows\system32\drivers\MSTEE.sys
    23:34:34.0345 4520 MSTEE - ok
    23:34:34.0360 4520 [ 33599130F44E1F34631CEA241DE8AC84 ] MTConfig C:\windows\system32\DRIVERS\MTConfig.sys
    23:34:34.0454 4520 MTConfig - ok
    23:34:34.0485 4520 [ 159FAD02F64E6381758C990F753BCC80 ] Mup C:\windows\system32\Drivers\mup.sys
    23:34:34.0501 4520 Mup - ok
    23:34:34.0563 4520 [ 61D57A5D7C6D9AFE10E77DAE6E1B445E ] napagent C:\windows\system32\qagentRT.dll
    23:34:34.0703 4520 napagent - ok
    23:34:34.0797 4520 [ 26384429FCD85D83746F63E798AB1480 ] NativeWifiP C:\windows\system32\DRIVERS\nwifi.sys
    23:34:34.0875 4520 NativeWifiP - ok
    23:34:34.0969 4520 [ E7C54812A2AAF43316EB6930C1FFA108 ] NDIS C:\windows\system32\drivers\ndis.sys
    23:34:35.0000 4520 NDIS - ok
    23:34:35.0078 4520 [ 0E1787AA6C9191D3D319E8BAFE86F80C ] NdisCap C:\windows\system32\DRIVERS\ndiscap.sys
    23:34:35.0140 4520 NdisCap - ok
    23:34:35.0218 4520 [ E4A8AEC125A2E43A9E32AFEEA7C9C888 ] NdisTapi C:\windows\system32\DRIVERS\ndistapi.sys
    23:34:35.0312 4520 NdisTapi - ok
    23:34:35.0405 4520 [ D8A65DAFB3EB41CBB622745676FCD072 ] Ndisuio C:\windows\system32\DRIVERS\ndisuio.sys
    23:34:35.0530 4520 Ndisuio - ok
    23:34:35.0608 4520 [ 38FBE267E7E6983311179230FACB1017 ] NdisWan C:\windows\system32\DRIVERS\ndiswan.sys
    23:34:35.0717 4520 NdisWan - ok
    23:34:35.0764 4520 [ A4BDC541E69674FBFF1A8FF00BE913F2 ] NDProxy C:\windows\system32\drivers\NDProxy.sys
    23:34:35.0811 4520 NDProxy - ok
    23:34:35.0873 4520 [ 80B275B1CE3B0E79909DB7B39AF74D51 ] NetBIOS C:\windows\system32\DRIVERS\netbios.sys
    23:34:35.0983 4520 NetBIOS - ok
    23:34:36.0107 4520 [ 280122DDCF04B378EDD1AD54D71C1E54 ] NetBT C:\windows\system32\DRIVERS\netbt.sys
    23:34:36.0217 4520 NetBT - ok
    23:34:36.0248 4520 [ 81951F51E318AECC2D68559E47485CC4 ] Netlogon C:\windows\system32\lsass.exe
    23:34:36.0310 4520 Netlogon - ok
    23:34:36.0388 4520 [ 7CCCFCA7510684768DA22092D1FA4DB2 ] Netman C:\windows\System32\netman.dll
    23:34:36.0544 4520 Netman - ok
    23:34:36.0622 4520 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetMsmqActivator C:\windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
    23:34:36.0685 4520 NetMsmqActivator - ok
    23:34:36.0700 4520 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetPipeActivator C:\windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
    23:34:36.0716 4520 NetPipeActivator - ok
    23:34:36.0747 4520 [ 8C338238C16777A802D6A9211EB2BA50 ] netprofm C:\windows\System32\netprofm.dll
    23:34:36.0841 4520 netprofm - ok
    23:34:36.0872 4520 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetTcpActivator C:\windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
    23:34:36.0887 4520 NetTcpActivator - ok
    23:34:36.0903 4520 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetTcpPortSharing C:\windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
    23:34:36.0919 4520 NetTcpPortSharing - ok
    23:34:36.0981 4520 [ 1D85C4B390B0EE09C7A46B91EFB2C097 ] nfrd960 C:\windows\system32\DRIVERS\nfrd960.sys
    23:34:36.0997 4520 nfrd960 - ok
    23:34:37.0309 4520 [ 328E366E253B788256956532DFBF8A8A ] NIHardwareService C:\Program Files\Common Files\Native Instruments\Hardware\NIHardwareService.exe
    23:34:37.0621 4520 NIHardwareService ( UnsignedFile.Multi.Generic ) - warning
    23:34:37.0621 4520 NIHardwareService - detected UnsignedFile.Multi.Generic (1)
    23:34:37.0699 4520 [ 912084381D30D8B89EC4E293053F4710 ] NlaSvc C:\windows\System32\nlasvc.dll
    23:34:37.0808 4520 NlaSvc - ok
    23:34:37.0839 4520 [ 1DB262A9F8C087E8153D89BEF3D2235F ] Npfs C:\windows\system32\drivers\Npfs.sys
    23:34:37.0948 4520 Npfs - ok
    23:34:37.0995 4520 npggsvc - ok
    23:34:38.0042 4520 [ BA387E955E890C8A88306D9B8D06BF17 ] nsi C:\windows\system32\nsisvc.dll
    23:34:38.0213 4520 nsi - ok
    23:34:38.0245 4520 [ E9A0A4D07E53D8FEA2BB8387A3293C58 ] nsiproxy C:\windows\system32\drivers\nsiproxy.sys
    23:34:38.0385 4520 nsiproxy - ok
    23:34:38.0510 4520 [ 81189C3D7763838E55C397759D49007A ] Ntfs C:\windows\system32\drivers\Ntfs.sys
    23:34:38.0557 4520 Ntfs - ok
    23:34:38.0588 4520 [ F9756A98D69098DCA8945D62858A812C ] Null C:\windows\system32\drivers\Null.sys
    23:34:38.0728 4520 Null - ok
    23:34:38.0759 4520 [ B3E25EE28883877076E0E1FF877D02E0 ] nvraid C:\windows\system32\drivers\nvraid.sys
    23:34:38.0775 4520 nvraid - ok
    23:34:38.0837 4520 [ 4380E59A170D88C4F1022EFF6719A8A4 ] nvstor C:\windows\system32\drivers\nvstor.sys
    23:34:38.0853 4520 nvstor - ok
    23:34:38.0884 4520 [ 5A0983915F02BAE73267CC2A041F717D ] nv_agp C:\windows\system32\drivers\nv_agp.sys
    23:34:38.0900 4520 nv_agp - ok
    23:34:39.0103 4520 [ 785F487A64950F3CB8E9F16253BA3B7B ] odserv C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
    23:34:39.0118 4520 odserv - ok
    23:34:39.0181 4520 [ 08A70A1F2CDDE9BB49B885CB817A66EB ] ohci1394 C:\windows\system32\drivers\ohci1394.sys
    23:34:39.0305 4520 ohci1394 - ok
    23:34:39.0399 4520 [ 5A432A042DAE460ABE7199B758E8606C ] ose C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
    23:34:39.0415 4520 ose - ok
    23:34:39.0461 4520 [ 82A8521DDC60710C3D3D3E7325209BEC ] p2pimsvc C:\windows\system32\pnrpsvc.dll
    23:34:39.0524 4520 p2pimsvc - ok
    23:34:39.0555 4520 [ 59C3DDD501E39E006DAC31BF55150D91 ] p2psvc C:\windows\system32\p2psvc.dll
    23:34:39.0649 4520 p2psvc - ok
    23:34:39.0929 4520 [ 385559C1EC1397A96A624673D2C38CB0 ] PaceLicenseDServices C:\Program Files\Common Files\PACE\Services\LicenseServices\LDSvc.exe
    23:34:40.0070 4520 PaceLicenseDServices ( UnsignedFile.Multi.Generic ) - warning
    23:34:40.0070 4520 PaceLicenseDServices - detected UnsignedFile.Multi.Generic (1)
    23:34:40.0132 4520 [ 2EA877ED5DD9713C5AC74E8EA7348D14 ] Parport C:\windows\system32\DRIVERS\parport.sys
    23:34:40.0163 4520 Parport - ok
    23:34:40.0226 4520 [ 3F34A1B4C5F6475F320C275E63AFCE9B ] partmgr C:\windows\system32\drivers\partmgr.sys
    23:34:40.0241 4520 partmgr - ok
    23:34:40.0273 4520 [ EB0A59F29C19B86479D36B35983DAADC ] Parvdm C:\windows\system32\DRIVERS\parvdm.sys
    23:34:40.0351 4520 Parvdm - ok
    23:34:40.0413 4520 [ 358AB7956D3160000726574083DFC8A6 ] PcaSvc C:\windows\System32\pcasvc.dll
    23:34:40.0491 4520 PcaSvc - ok
    23:34:40.0553 4520 [ 673E55C3498EB970088E812EA820AA8F ] pci C:\windows\system32\drivers\pci.sys
    23:34:40.0569 4520 pci - ok
    23:34:40.0600 4520 [ AFE86F419014DB4E5593F69FFE26CE0A ] pciide C:\windows\system32\drivers\pciide.sys
    23:34:40.0616 4520 pciide - ok
    23:34:40.0647 4520 [ F396431B31693E71E8A80687EF523506 ] pcmcia C:\windows\system32\DRIVERS\pcmcia.sys
    23:34:40.0663 4520 pcmcia - ok
    23:34:40.0694 4520 [ 250F6B43D2B613172035C6747AEEB19F ] pcw C:\windows\system32\drivers\pcw.sys
    23:34:40.0709 4520 pcw - ok
    23:34:40.0756 4520 [ 9E0104BA49F4E6973749A02BF41344ED ] PEAUTH C:\windows\system32\drivers\peauth.sys
    23:34:40.0819 4520 PEAUTH - ok
    23:34:40.0943 4520 [ 414BBA67A3DED1D28437EB66AEB8A720 ] pla C:\windows\system32\pla.dll
    23:34:41.0084 4520 pla - ok
    23:34:41.0131 4520 [ EC7BC28D207DA09E79B3E9FAF8B232CA ] PlugPlay C:\windows\system32\umpnpmgr.dll
    23:34:41.0302 4520 PlugPlay - ok
    23:34:41.0349 4520 [ 63FF8572611249931EB16BB8EED6AFC8 ] PNRPAutoReg C:\windows\system32\pnrpauto.dll
    23:34:41.0489 4520 PNRPAutoReg - ok
    23:34:41.0536 4520 [ 82A8521DDC60710C3D3D3E7325209BEC ] PNRPsvc C:\windows\system32\pnrpsvc.dll
    23:34:41.0677 4520 PNRPsvc - ok
    23:34:41.0739 4520 [ 53946B69BA0836BD95B03759530C81EC ] PolicyAgent C:\windows\System32\ipsecsvc.dll
    23:34:41.0989 4520 PolicyAgent - ok
    23:34:42.0051 4520 [ F87D30E72E03D579A5199CCB3831D6EA ] Power C:\windows\system32\umpo.dll
    23:34:42.0145 4520 Power - ok
    23:34:42.0223 4520 [ 631E3E205AD6D86F2AED6A4A8E69F2DB ] PptpMiniport C:\windows\system32\DRIVERS\raspptp.sys
    23:34:42.0363 4520 PptpMiniport - ok
    23:34:42.0394 4520 [ 85B1E3A0C7585BC4AAE6899EC6FCF011 ] Processor C:\windows\system32\DRIVERS\processr.sys
    23:34:42.0457 4520 Processor - ok
    23:34:42.0519 4520 [ 43CA4CCC22D52FB58E8988F0198851D0 ] ProfSvc C:\windows\system32\profsvc.dll
    23:34:42.0597 4520 ProfSvc - ok
    23:34:42.0613 4520 [ 81951F51E318AECC2D68559E47485CC4 ] ProtectedStorage C:\windows\system32\lsass.exe
    23:34:42.0659 4520 ProtectedStorage - ok
    23:34:42.0737 4520 [ 6270CCAE2A86DE6D146529FE55B3246A ] Psched C:\windows\system32\DRIVERS\pacer.sys
    23:34:42.0940 4520 Psched - ok
    23:34:43.0049 4520 [ AB95ECF1F6659A60DDC166D8315B0751 ] ql2300 C:\windows\system32\DRIVERS\ql2300.sys
    23:34:43.0112 4520 ql2300 - ok
    23:34:43.0190 4520 [ B4DD51DD25182244B86737DC51AF2270 ] ql40xx C:\windows\system32\DRIVERS\ql40xx.sys
    23:34:43.0205 4520 ql40xx - ok
    23:34:43.0252 4520 [ 31AC809E7707EB580B2BDB760390765A ] QWAVE C:\windows\system32\qwave.dll
    23:34:43.0393 4520 QWAVE - ok
    23:34:43.0424 4520 [ 584078CA1B95CA72DF2A27C336F9719D ] QWAVEdrv C:\windows\system32\drivers\qwavedrv.sys
    23:34:43.0471 4520 QWAVEdrv - ok
    23:34:43.0486 4520 [ 30A81B53C766D0133BB86D234E5556AB ] RasAcd C:\windows\system32\DRIVERS\rasacd.sys
    23:34:43.0611 4520 RasAcd - ok
    23:34:43.0689 4520 [ 57EC4AEF73660166074D8F7F31C0D4FD ] RasAgileVpn C:\windows\system32\DRIVERS\AgileVpn.sys
    23:34:43.0736 4520 RasAgileVpn - ok
    23:34:43.0783 4520 [ A60F1839849C0C00739787FD5EC03F13 ] RasAuto C:\windows\System32\rasauto.dll
    23:34:43.0923 4520 RasAuto - ok
    23:34:44.0017 4520 [ D9F91EAFEC2815365CBE6D167E4E332A ] Rasl2tp C:\windows\system32\DRIVERS\rasl2tp.sys
    23:34:44.0095 4520 Rasl2tp - ok
    23:34:44.0188 4520 [ CB9E04DC05EACF5B9A36CA276D475006 ] RasMan C:\windows\System32\rasmans.dll
    23:34:44.0282 4520 RasMan - ok
    23:34:44.0344 4520 [ 0FE8B15916307A6AC12BFB6A63E45507 ] RasPppoe C:\windows\system32\DRIVERS\raspppoe.sys
    23:34:44.0407 4520 RasPppoe - ok
    23:34:44.0469 4520 [ 44101F495A83EA6401D886E7FD70096B ] RasSstp C:\windows\system32\DRIVERS\rassstp.sys
    23:34:44.0578 4520 RasSstp - ok
    23:34:44.0656 4520 [ D528BC58A489409BA40334EBF96A311B ] rdbss C:\windows\system32\DRIVERS\rdbss.sys
    23:34:44.0765 4520 rdbss - ok
    23:34:44.0859 4520 [ 0D8F05481CB76E70E1DA06EE9F0DA9DF ] rdpbus C:\windows\system32\DRIVERS\rdpbus.sys
    23:34:44.0921 4520 rdpbus - ok
    23:34:44.0968 4520 [ 23DAE03F29D253AE74C44F99E515F9A1 ] RDPCDD C:\windows\system32\DRIVERS\RDPCDD.sys
    23:34:45.0077 4520 RDPCDD - ok
    23:34:45.0171 4520 [ 5A53CA1598DD4156D44196D200C94B8A ] RDPENCDD C:\windows\system32\drivers\rdpencdd.sys
    23:34:45.0249 4520 RDPENCDD - ok
    23:34:45.0280 4520 [ 44B0A53CD4F27D50ED461DAE0C0B4E1F ] RDPREFMP C:\windows\system32\drivers\rdprefmp.sys
    23:34:45.0483 4520 RDPREFMP - ok
    23:34:45.0545 4520 [ F031683E6D1FEA157ABB2FF260B51E61 ] RDPWD C:\windows\system32\drivers\RDPWD.sys
    23:34:45.0811 4520 RDPWD - ok
    23:34:45.0904 4520 [ 518395321DC96FE2C9F0E96AC743B656 ] rdyboost C:\windows\system32\drivers\rdyboost.sys
    23:34:45.0920 4520 rdyboost - ok
    23:34:45.0951 4520 [ 7B5E1419717FAC363A31CC302895217A ] RemoteAccess C:\windows\System32\mprdim.dll
    23:34:46.0045 4520 RemoteAccess - ok
    23:34:46.0091 4520 [ CB9A8683F4EF2BF99E123D79950D7935 ] RemoteRegistry C:\windows\system32\regsvc.dll
    23:34:46.0279 4520 RemoteRegistry - ok
    23:34:46.0372 4520 [ 78D072F35BC45D9E4E1B61895C152234 ] RpcEptMapper C:\windows\System32\RpcEpMap.dll
    23:34:46.0481 4520 RpcEptMapper - ok
    23:34:46.0528 4520 [ 94D36C0E44677DD26981D2BFEEF2A29D ] RpcLocator C:\windows\system32\locator.exe
    23:34:46.0653 4520 RpcLocator - ok
    23:34:46.0684 4520 [ 7660F01D3B38ACA1747E397D21D790AF ] RpcSs C:\windows\system32\rpcss.dll
    23:34:46.0856 4520 RpcSs - ok
    23:34:46.0934 4520 [ 032B0D36AD92B582D869879F5AF5B928 ] rspndr C:\windows\system32\DRIVERS\rspndr.sys
    23:34:47.0215 4520 rspndr - ok
    23:34:47.0308 4520 [ EF8B2AFC3C0751C5E5A59983C8893260 ] RSUSBSTOR C:\windows\system32\Drivers\RtsUStor.sys
    23:34:47.0449 4520 RSUSBSTOR - ok
    23:34:47.0527 4520 [ 26A9D6227D12B9D9DA5A81BB9B55D810 ] RTL8167 C:\windows\system32\DRIVERS\Rt86win7.sys
    23:34:47.0636 4520 RTL8167 - ok
    23:34:47.0745 4520 [ E48DAF453D773A89A44134CE4BA9AF44 ] RTL8187Se C:\windows\system32\DRIVERS\RTL8187Se.sys
    23:34:47.0885 4520 RTL8187Se - ok
    23:34:47.0948 4520 RtsUIR - ok
    23:34:48.0010 4520 [ 81951F51E318AECC2D68559E47485CC4 ] SamSs C:\windows\system32\lsass.exe
    23:34:48.0073 4520 SamSs - ok
    23:34:48.0166 4520 [ 39763504067962108505BFF25F024345 ] SASDIFSV C:\Program Files\SUPERAntiSpyware\SASDIFSV.SYS
    23:34:57.0027 4520 SASDIFSV - ok
    23:34:57.0105 4520 [ 77B9FC20084B48408AD3E87570EB4A85 ] SASKUTIL C:\Program Files\SUPERAntiSpyware\SASKUTIL.SYS
    23:34:57.0651 4520 SASKUTIL - ok
    23:34:57.0776 4520 [ 3AB6CAD1DDFA84CD7BC3D1A759B1E81E ] SbieDrv C:\Program Files\Sandboxie\SbieDrv.sys
    23:34:57.0791 4520 SbieDrv - ok
    23:34:57.0854 4520 [ 833539963E31EDD4DC0063FE9CF95701 ] SbieSvc C:\Program Files\Sandboxie\SbieSvc.exe
    23:34:57.0869 4520 SbieSvc - ok
    23:34:57.0932 4520 [ 05D860DA1040F111503AC416CCEF2BCA ] sbp2port C:\windows\system32\drivers\sbp2port.sys
    23:34:57.0947 4520 sbp2port - ok
    23:34:57.0994 4520 [ 8FC518FFE9519C2631D37515A68009C4 ] SCardSvr C:\windows\System32\SCardSvr.dll
    23:34:58.0025 4520 SCardSvr - ok
    23:34:58.0119 4520 [ 0693B5EC673E34DC147E195779A4DCF6 ] scfilter C:\windows\system32\DRIVERS\scfilter.sys
    23:34:58.0166 4520 scfilter - ok
    23:34:58.0275 4520 [ A04BB13F8A72F8B6E8B4071723E4E336 ] Schedule C:\windows\system32\schedsvc.dll
    23:34:58.0369 4520 Schedule - ok
    23:34:58.0415 4520 [ 319C6B309773D063541D01DF8AC6F55F ] SCPolicySvc C:\windows\System32\certprop.dll
    23:34:58.0447 4520 SCPolicySvc - ok
    23:34:58.0525 4520 [ 08236C4BCE5EDD0A0318A438AF28E0F7 ] SDRSVC C:\windows\System32\SDRSVC.dll
    23:34:58.0556 4520 SDRSVC - ok
    23:34:58.0790 4520 [ 78779EE07231C658B483B1F38B5088DF ] SeaPort C:\Program Files\Microsoft\BingBar\SeaPort.EXE
    23:34:58.0805 4520 SeaPort - ok
    23:34:58.0930 4520 [ 90A3935D05B494A5A39D37E71F09A677 ] secdrv C:\windows\system32\drivers\secdrv.sys
    23:34:58.0993 4520 secdrv - ok
    23:34:59.0008 4520 [ A59B3A4442C52060CC7A85293AA3546F ] seclogon C:\windows\system32\seclogon.dll
    23:34:59.0071 4520 seclogon - ok
    23:34:59.0164 4520 [ DCB7FCDCC97F87360F75D77425B81737 ] SENS C:\windows\System32\sens.dll
    23:34:59.0227 4520 SENS - ok
    23:34:59.0273 4520 [ 50087FE1EE447009C9CC2997B90DE53F ] SensrSvc C:\windows\system32\sensrsvc.dll
    23:34:59.0320 4520 SensrSvc - ok
    23:34:59.0383 4520 [ 9AD8B8B515E3DF6ACD4212EF465DE2D1 ] Serenum C:\windows\system32\DRIVERS\serenum.sys
    23:34:59.0398 4520 Serenum - ok
    23:34:59.0429 4520 [ 5FB7FCEA0490D821F26F39CC5EA3D1E2 ] Serial C:\windows\system32\DRIVERS\serial.sys
    23:34:59.0461 4520 Serial - ok
    23:34:59.0507 4520 [ 79BFFB520327FF916A582DFEA17AA813 ] sermouse C:\windows\system32\DRIVERS\sermouse.sys
    23:34:59.0539 4520 sermouse - ok
    23:34:59.0617 4520 [ 4AE380F39A0032EAB7DD953030B26D28 ] SessionEnv C:\windows\system32\sessenv.dll
    23:34:59.0679 4520 SessionEnv - ok
    23:34:59.0757 4520 [ 9F976E1EB233DF46FCE808D9DEA3EB9C ] sffdisk C:\windows\system32\drivers\sffdisk.sys
    23:34:59.0835 4520 sffdisk - ok
    23:34:59.0851 4520 [ 932A68EE27833CFD57C1639D375F2731 ] sffp_mmc C:\windows\system32\drivers\sffp_mmc.sys
    23:34:59.0866 4520 sffp_mmc - ok
    23:34:59.0882 4520 [ 6D4CCAEDC018F1CF52866BBBAA235982 ] sffp_sd C:\windows\system32\drivers\sffp_sd.sys
    23:34:59.0897 4520 sffp_sd - ok
    23:34:59.0944 4520 [ DB96666CC8312EBC45032F30B007A547 ] sfloppy C:\windows\system32\DRIVERS\sfloppy.sys
    23:35:00.0007 4520 sfloppy - ok
    23:35:00.0053 4520 [ D1A079A0DE2EA524513B6930C24527A2 ] SharedAccess C:\windows\System32\ipnathlp.dll
    23:35:00.0116 4520 SharedAccess - ok
    23:35:00.0163 4520 [ 414DA952A35BF5D50192E28263B40577 ] ShellHWDetection C:\windows\System32\shsvcs.dll
    23:35:00.0209 4520 ShellHWDetection - ok
    23:35:00.0256 4520 [ 2565CAC0DC9FE0371BDCE60832582B2E ] sisagp C:\windows\system32\drivers\sisagp.sys
    23:35:00.0256 4520 sisagp - ok
    23:35:00.0365 4520 [ A9F0486851BECB6DDA1D89D381E71055 ] SiSRaid2 C:\windows\system32\DRIVERS\SiSRaid2.sys
    23:35:00.0381 4520 SiSRaid2 - ok
    23:35:00.0412 4520 [ 3727097B55738E2F554972C3BE5BC1AA ] SiSRaid4 C:\windows\system32\DRIVERS\sisraid4.sys
    23:35:00.0428 4520 SiSRaid4 - ok
    23:35:00.0584 4520 [ 8C4F0DCC6A5100D48F9B2F950CDD220F ] SkypeUpdate C:\Program Files\Skype\Updater\Updater.exe
    23:35:00.0599 4520 SkypeUpdate - ok
    23:35:00.0662 4520 [ 3E21C083B8A01CB70BA1F09303010FCE ] Smb C:\windows\system32\DRIVERS\smb.sys
    23:35:00.0693 4520 Smb - ok
    23:35:00.0833 4520 [ 6A984831644ECA1A33FFEAE4126F4F37 ] SNMPTRAP C:\windows\System32\snmptrap.exe
    23:35:00.0865 4520 SNMPTRAP - ok
    23:35:00.0880 4520 [ 95CF1AE7527FB70F7816563CBC09D942 ] spldr C:\windows\system32\drivers\spldr.sys
    23:35:00.0896 4520 spldr - ok
    23:35:00.0958 4520 [ 866A43013535DC8587C258E43579C764 ] Spooler C:\windows\System32\spoolsv.exe
    23:35:01.0021 4520 Spooler - ok
    23:35:01.0192 4520 [ CF87A1DE791347E75B98885214CED2B8 ] sppsvc C:\windows\system32\sppsvc.exe
    23:35:01.0301 4520 sppsvc - ok
    23:35:01.0348 4520 [ B0180B20B065D89232A78A40FE56EAA6 ] sppuinotify C:\windows\system32\sppuinotify.dll
    23:35:01.0411 4520 sppuinotify - ok
    23:35:01.0535 4520 [ E4C2764065D66EA1D2D3EBC28FE99C46 ] srv C:\windows\system32\DRIVERS\srv.sys
    23:35:01.0613 4520 srv - ok
    23:35:01.0660 4520 [ 03F0545BD8D4C77FA0AE1CEEDFCC71AB ] srv2 C:\windows\system32\DRIVERS\srv2.sys
    23:35:01.0676 4520 srv2 - ok
    23:35:01.0723 4520 [ BE6BD660CAA6F291AE06A718A4FA8ABC ] srvnet C:\windows\system32\DRIVERS\srvnet.sys
    23:35:01.0738 4520 srvnet - ok
    23:35:01.0816 4520 [ D887C9FD02AC9FA880F6E5027A43E118 ] SSDPSRV C:\windows\System32\ssdpsrv.dll
    23:35:01.0847 4520 SSDPSRV - ok
    23:35:01.0863 4520 [ D318F23BE45D5E3A107469EB64815B50 ] SstpSvc C:\windows\system32\sstpsvc.dll
    23:35:01.0941 4520 SstpSvc - ok
    23:35:02.0019 4520 Steam Client Service - ok
    23:35:02.0081 4520 [ DB32D325C192B801DF274BFD12A7E72B ] stexstor C:\windows\system32\DRIVERS\stexstor.sys
    23:35:02.0081 4520 stexstor - ok
    23:35:02.0175 4520 [ E1FB3706030FB4578A0D72C2FC3689E4 ] StiSvc C:\windows\System32\wiaservc.dll
    23:35:02.0222 4520 StiSvc - ok
    23:35:02.0269 4520 [ E58C78A848ADD9610A4DB6D214AF5224 ] swenum C:\windows\system32\drivers\swenum.sys
    23:35:02.0315 4520 swenum - ok
    23:35:02.0362 4520 [ A28BD92DF340E57B024BA433165D34D7 ] swprv C:\windows\System32\swprv.dll
    23:35:02.0425 4520 swprv - ok
    23:35:02.0518 4520 [ 8BD10DC8809DC69A1C5A795CB10ADD76 ] SynTP C:\windows\system32\DRIVERS\SynTP.sys
    23:35:05.0591 4520 SynTP - ok
    23:35:06.0013 4520 [ 36650D618CA34C9D357DFD3D89B2C56F ] SysMain C:\windows\system32\sysmain.dll
    23:35:06.0122 4520 SysMain - ok
    23:35:06.0215 4520 [ 763FECDC3D30C815FE72DD57936C6CD1 ] TabletInputService C:\windows\System32\TabSvc.dll
    23:35:06.0262 4520 TabletInputService - ok
    23:35:06.0340 4520 [ 613BF4820361543956909043A265C6AC ] TapiSrv C:\windows\System32\tapisrv.dll
    23:35:06.0449 4520 TapiSrv - ok
    23:35:06.0512 4520 [ B799D9FDB26111737F58288D8DC172D9 ] TBS C:\windows\System32\tbssvc.dll
    23:35:06.0574 4520 TBS - ok
    23:35:06.0699 4520 [ 7C0507D2391AF5933600CBCED799F277 ] Tcpip C:\windows\system32\drivers\tcpip.sys
    23:35:06.0793 4520 Tcpip - ok
    23:35:06.0871 4520 [ 7C0507D2391AF5933600CBCED799F277 ] TCPIP6 C:\windows\system32\DRIVERS\tcpip.sys
    23:35:06.0917 4520 TCPIP6 - ok
    23:35:06.0995 4520 [ CCA24162E055C3714CE5A88B100C64ED ] tcpipreg C:\windows\system32\drivers\tcpipreg.sys
    23:35:07.0167 4520 tcpipreg - ok
    23:35:07.0245 4520 [ 4084EA00D50C858D6F9038F86AE2E2D0 ] tdcmdpst C:\windows\system32\DRIVERS\tdcmdpst.sys
    23:35:07.0261 4520 tdcmdpst - ok
    23:35:07.0323 4520 [ 1CB91B2BD8F6DD367DFC2EF26FD751B2 ] TDPIPE C:\windows\system32\drivers\tdpipe.sys
    23:35:07.0354 4520 TDPIPE - ok
    23:35:07.0401 4520 [ 2C2C5AFE7EE4F620D69C23C0617651A8 ] TDTCP C:\windows\system32\drivers\tdtcp.sys
    23:35:07.0417 4520 TDTCP - ok
    23:35:07.0479 4520 [ B459575348C20E8121D6039DA063C704 ] tdx C:\windows\system32\DRIVERS\tdx.sys
    23:35:07.0557 4520 tdx - ok
    23:35:07.0588 4520 [ 04DBF4B01EA4BF25A9A3E84AFFAC9B20 ] TermDD C:\windows\system32\drivers\termdd.sys
    23:35:07.0604 4520 TermDD - ok
    23:35:07.0682 4520 [ 382C804C92811BE57829D8E550A900E2 ] TermService C:\windows\System32\termsrv.dll
    23:35:07.0713 4520 TermService - ok
    23:35:07.0760 4520 [ 42FB6AFD6B79D9FE07381609172E7CA4 ] Themes C:\windows\system32\themeservice.dll
    23:35:07.0853 4520 Themes - ok
    23:35:07.0885 4520 [ 146B6F43A673379A3C670E86D89BE5EA ] THREADORDER C:\windows\system32\mmcss.dll
    23:35:07.0947 4520 THREADORDER - ok
    23:35:08.0056 4520 [ 32577B987AE5401038451BB392CB8D89 ] TMachInfo C:\Program Files\TOSHIBA\TOSHIBA Service Station\TMachInfo.exe
    23:35:08.0072 4520 TMachInfo - ok
    23:35:08.0150 4520 [ FE65D33B7D4FF07DD1D29526A48DF810 ] TODDSrv C:\Windows\system32\TODDSrv.exe
    23:35:08.0165 4520 TODDSrv - ok
    23:35:08.0275 4520 [ 451B09BA1A0D019BA0B5A27229559D55 ] TosCoSrv C:\Program Files\TOSHIBA\Power Saver\TosCoSrv.exe
    23:35:08.0306 4520 TosCoSrv - ok
    23:35:08.0353 4520 [ 94ECABE1BA3559214FE6C3CE6C9677EB ] TOSHIBA HDD SSD Alert Service C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSmartSrv.exe
    23:35:08.0368 4520 TOSHIBA HDD SSD Alert Service - ok
    23:35:08.0462 4520 [ 4792C0378DB99A9BC2AE2DE6CFFF0C3A ] TrkWks C:\windows\System32\trkwks.dll
    23:35:08.0555 4520 TrkWks - ok
    23:35:08.0665 4520 [ 2C49B175AEE1D4364B91B531417FE583 ] TrustedInstaller C:\windows\servicing\TrustedInstaller.exe
    23:35:08.0758 4520 TrustedInstaller - ok
    23:35:08.0805 4520 [ 254BB140EEE3C59D6114C1A86B636877 ] tssecsrv C:\windows\system32\DRIVERS\tssecsrv.sys
    23:35:08.0899 4520 tssecsrv - ok
    23:35:08.0977 4520 [ FD1D6C73E6333BE727CBCC6054247654 ] TsUsbFlt C:\windows\system32\drivers\tsusbflt.sys
    23:35:09.0008 4520 TsUsbFlt - ok
    23:35:09.0101 4520 [ B2FA25D9B17A68BB93D58B0556E8C90D ] tunnel C:\windows\system32\DRIVERS\tunnel.sys
    23:35:09.0179 4520 tunnel - ok
    23:35:09.0257 4520 [ FC24015B4052600C324C43E3A79C0664 ] TVALZ C:\windows\system32\DRIVERS\TVALZ_O.SYS
    23:35:13.0547 4520 TVALZ - ok
    23:35:13.0594 4520 [ 750FBCB269F4D7DD2E420C56B795DB6D ] uagp35 C:\windows\system32\DRIVERS\uagp35.sys
    23:35:13.0610 4520 uagp35 - ok
    23:35:13.0641 4520 [ EE43346C7E4B5E63E54F927BABBB32FF ] udfs C:\windows\system32\DRIVERS\udfs.sys
    23:35:13.0766 4520 udfs - ok
    23:35:13.0828 4520 [ 8344FD4FCE927880AA1AA7681D4927E5 ] UI0Detect C:\windows\system32\UI0Detect.exe
    23:35:13.0906 4520 UI0Detect - ok
    23:35:13.0969 4520 [ 44E8048ACE47BEFBFDC2E9BE4CBC8880 ] uliagpkx C:\windows\system32\drivers\uliagpkx.sys
    23:35:13.0984 4520 uliagpkx - ok
    23:35:14.0047 4520 [ D295BED4B898F0FD999FCFA9B32B071B ] umbus C:\windows\system32\drivers\umbus.sys
    23:35:14.0140 4520 umbus - ok
    23:35:14.0171 4520 [ 7550AD0C6998BA1CB4843E920EE0FEAC ] UmPass C:\windows\system32\DRIVERS\umpass.sys
    23:35:14.0249 4520 UmPass - ok
    23:35:14.0312 4520 [ 833FBB672460EFCE8011D262175FAD33 ] upnphost C:\windows\System32\upnphost.dll
    23:35:14.0421 4520 upnphost - ok
    23:35:14.0483 4520 [ EAFE1E00739AFE6C51487A050E772E17 ] USBAAPL C:\windows\system32\Drivers\usbaapl.sys
    23:35:14.0593 4520 USBAAPL ( UnsignedFile.Multi.Generic ) - warning
    23:35:14.0593 4520 USBAAPL - detected UnsignedFile.Multi.Generic (1)
    23:35:14.0671 4520 [ 1D9F2BD026E8E2D45033A4DF3F16B78C ] usbaudio C:\windows\system32\drivers\usbaudio.sys
    23:35:14.0749 4520 usbaudio - ok
    23:35:14.0811 4520 [ BD9C55D7023C5DE374507ACC7A14E2AC ] usbccgp C:\windows\system32\DRIVERS\usbccgp.sys
    23:35:14.0873 4520 usbccgp - ok
    23:35:14.0889 4520 USBCCID - ok
    23:35:14.0951 4520 [ 04EC7CEC62EC3B6D9354EEE93327FC82 ] usbcir C:\windows\system32\drivers\usbcir.sys
    23:35:14.0998 4520 usbcir - ok
    23:35:15.0029 4520 [ F92DE757E4B7CE9C07C5E65423F3AE3B ] usbehci C:\windows\system32\DRIVERS\usbehci.sys
    23:35:15.0076 4520 usbehci - ok
    23:35:15.0154 4520 [ 8DC94AEC6A7E644A06135AE7506DC2E9 ] usbhub C:\windows\system32\DRIVERS\usbhub.sys
    23:35:15.0170 4520 usbhub - ok
    23:35:15.0201 4520 [ E185D44FAC515A18D9DEDDC23C2CDF44 ] usbohci C:\windows\system32\DRIVERS\usbohci.sys
    23:35:15.0279 4520 usbohci - ok
    23:35:15.0357 4520 [ 797D862FE0875E75C7CC4C1AD7B30252 ] usbprint C:\windows\system32\DRIVERS\usbprint.sys
    23:35:15.0388 4520 usbprint - ok
    23:35:15.0419 4520 [ F991AB9CC6B908DB552166768176896A ] USBSTOR C:\windows\system32\DRIVERS\USBSTOR.SYS
    23:35:15.0529 4520 USBSTOR - ok
    23:35:15.0591 4520 [ 68DF884CF41CDADA664BEB01DAF67E3D ] usbuhci C:\windows\system32\drivers\usbuhci.sys
    23:35:15.0622 4520 usbuhci - ok
    23:35:15.0700 4520 [ 45F4E7BF43DB40A6C6B4D92C76CBC3F2 ] usbvideo C:\windows\system32\Drivers\usbvideo.sys
    23:35:15.0809 4520 usbvideo - ok
    23:35:15.0856 4520 [ 081E6E1C91AEC36758902A9F727CD23C ] UxSms C:\windows\System32\uxsms.dll
    23:35:15.0950 4520 UxSms - ok
    23:35:15.0981 4520 [ 81951F51E318AECC2D68559E47485CC4 ] VaultSvc C:\windows\system32\lsass.exe
    23:35:16.0012 4520 VaultSvc - ok
    23:35:16.0090 4520 [ A059C4C3EDB09E07D21A8E5C0AABD3CB ] vdrvroot C:\windows\system32\drivers\vdrvroot.sys
    23:35:16.0090 4520 vdrvroot - ok
    23:35:16.0184 4520 [ C3CD30495687C2A2F66A65CA6FD89BE9 ] vds C:\windows\System32\vds.exe
    23:35:16.0231 4520 vds - ok
    23:35:16.0293 4520 [ 17C408214EA61696CEC9C66E388B14F3 ] vga C:\windows\system32\DRIVERS\vgapnp.sys
    23:35:16.0340 4520 vga - ok
    23:35:16.0371 4520 [ 8E38096AD5C8570A6F1570A61E251561 ] VgaSave C:\windows\System32\drivers\vga.sys
    23:35:16.0402 4520 VgaSave - ok
    23:35:16.0465 4520 [ 5461686CCA2FDA57B024547733AB42E3 ] vhdmp C:\windows\system32\drivers\vhdmp.sys
    23:35:16.0480 4520 vhdmp - ok
    23:35:16.0558 4520 [ C829317A37B4BEA8F39735D4B076E923 ] viaagp C:\windows\system32\drivers\viaagp.sys
    23:35:16.0574 4520 viaagp - ok
    23:35:16.0605 4520 [ E02F079A6AA107F06B16549C6E5C7B74 ] ViaC7 C:\windows\system32\DRIVERS\viac7.sys
    23:35:16.0636 4520 ViaC7 - ok
    23:35:16.0730 4520 [ E43574F6A56A0EE11809B48C09E4FD3C ] viaide C:\windows\system32\drivers\viaide.sys
    23:35:16.0745 4520 viaide - ok
    23:35:16.0777 4520 [ 4C63E00F2F4B5F86AB48A58CD990F212 ] volmgr C:\windows\system32\drivers\volmgr.sys
    23:35:16.0792 4520 volmgr - ok
    23:35:16.0855 4520 [ B5BB72067DDDDBBFB04B2F89FF8C3C87 ] volmgrx C:\windows\system32\drivers\volmgrx.sys
    23:35:16.0917 4520 volmgrx - ok
    23:35:16.0948 4520 [ F497F67932C6FA693D7DE2780631CFE7 ] volsnap C:\windows\system32\drivers\volsnap.sys
    23:35:16.0964 4520 volsnap - ok
    23:35:17.0026 4520 [ 9DFA0CC2F8855A04816729651175B631 ] vsmraid C:\windows\system32\DRIVERS\vsmraid.sys
    23:35:17.0042 4520 vsmraid - ok
    23:35:17.0120 4520 [ 209A3B1901B83AEB8527ED211CCE9E4C ] VSS C:\windows\system32\vssvc.exe
    23:35:17.0307 4520 VSS - ok
    23:35:17.0338 4520 [ 90567B1E658001E79D7C8BBD3DDE5AA6 ] vwifibus C:\windows\system32\DRIVERS\vwifibus.sys
    23:35:17.0432 4520 vwifibus - ok
    23:35:17.0494 4520 [ 7090D3436EEB4E7DA3373090A23448F7 ] vwififlt C:\windows\system32\DRIVERS\vwififlt.sys
    23:35:17.0603 4520 vwififlt - ok
    23:35:17.0635 4520 [ 55187FD710E27D5095D10A472C8BAF1C ] W32Time C:\windows\system32\w32time.dll
    23:35:17.0744 4520 W32Time - ok
    23:35:17.0791 4520 [ DE3721E89C653AA281428C8A69745D90 ] WacomPen C:\windows\system32\DRIVERS\wacompen.sys
    23:35:17.0869 4520 WacomPen - ok
    23:35:17.0931 4520 [ 3C3C78515F5AB448B022BDF5B8FFDD2E ] WANARP C:\windows\system32\DRIVERS\wanarp.sys
    23:35:18.0040 4520 WANARP - ok
    23:35:18.0056 4520 [ 3C3C78515F5AB448B022BDF5B8FFDD2E ] Wanarpv6 C:\windows\system32\DRIVERS\wanarp.sys
    23:35:18.0118 4520 Wanarpv6 - ok
    23:35:18.0259 4520 [ 353A04C273EC58475D8633E75CCD5604 ] WatAdminSvc C:\windows\system32\Wat\WatAdminSvc.exe
    23:35:18.0337 4520 WatAdminSvc - ok
    23:35:18.0383 4520 [ 691E3285E53DCA558E1A84667F13E15A ] wbengine C:\windows\system32\wbengine.exe
    23:35:18.0524 4520 wbengine - ok
    23:35:18.0571 4520 [ 9614B5D29DC76AC3C29F6D2D3AA70E67 ] WbioSrvc C:\windows\System32\wbiosrvc.dll
    23:35:18.0727 4520 WbioSrvc - ok
    23:35:18.0773 4520 [ 34EEE0DFAADB4F691D6D5308A51315DC ] wcncsvc C:\windows\System32\wcncsvc.dll
    23:35:18.0836 4520 wcncsvc - ok
    23:35:18.0883 4520 [ 5D930B6357A6D2AF4D7653BDABBF352F ] WcsPlugInService C:\windows\System32\WcsPlugInService.dll
    23:35:18.0961 4520 WcsPlugInService - ok
    23:35:19.0007 4520 [ 1112A9BADACB47B7C0BB0392E3158DFF ] Wd C:\windows\system32\DRIVERS\wd.sys
    23:35:19.0023 4520 Wd - ok
    23:35:19.0085 4520 [ 9950E3D0F08141C7E89E64456AE7DC73 ] Wdf01000 C:\windows\system32\drivers\Wdf01000.sys
    23:35:19.0101 4520 Wdf01000 - ok
    23:35:19.0163 4520 [ 46EF9DC96265FD0B423DB72E7C38C2A5 ] WdiServiceHost C:\windows\system32\wdi.dll
    23:35:19.0241 4520 WdiServiceHost - ok
    23:35:19.0257 4520 [ 46EF9DC96265FD0B423DB72E7C38C2A5 ] WdiSystemHost C:\windows\system32\wdi.dll
    23:35:19.0319 4520 WdiSystemHost - ok
    23:35:19.0382 4520 [ A9D880F97530D5B8FEE278923349929D ] WebClient C:\windows\System32\webclnt.dll
    23:35:19.0429 4520 WebClient - ok
    23:35:19.0491 4520 [ 760F0AFE937A77CFF27153206534F275 ] Wecsvc C:\windows\system32\wecsvc.dll
    23:35:19.0600 4520 Wecsvc - ok
    23:35:19.0631 4520 [ AC804569BB2364FB6017370258A4091B ] wercplsupport C:\windows\System32\wercplsupport.dll
    23:35:19.0678 4520 wercplsupport - ok
    23:35:19.0756 4520 [ 08E420D873E4FD85241EE2421B02C4A4 ] WerSvc C:\windows\System32\WerSvc.dll
    23:35:19.0850 4520 WerSvc - ok
    23:35:19.0912 4520 [ 8B9A943F3B53861F2BFAF6C186168F79 ] WfpLwf C:\windows\system32\DRIVERS\wfplwf.sys
    23:35:20.0037 4520 WfpLwf - ok
    23:35:20.0068 4520 [ 5CF95B35E59E2A38023836FFF31BE64C ] WIMMount C:\windows\system32\drivers\wimmount.sys
    23:35:20.0084 4520 WIMMount - ok
    23:35:20.0146 4520 [ 3FAE8F94296001C32EAB62CD7D82E0FD ] WinDefend C:\Program Files\Windows Defender\mpsvc.dll
    23:35:20.0287 4520 WinDefend - ok
    23:35:20.0302 4520 WinHttpAutoProxySvc - ok
    23:35:20.0380 4520 [ F62E510B6AD4C21EB9FE8668ED251826 ] Winmgmt C:\windows\system32\wbem\WMIsvc.dll
    23:35:20.0443 4520 Winmgmt - ok
    23:35:20.0536 4520 [ 1B91CD34EA3A90AB6A4EF0550174F4CC ] WinRM C:\windows\system32\WsmSvc.dll
    23:35:20.0630 4520 WinRM - ok
    23:35:20.0739 4520 [ A67E5F9A400F3BD1BE3D80613B45F708 ] WinUsb C:\windows\system32\DRIVERS\WinUsb.sys
    23:35:20.0786 4520 WinUsb - ok
    23:35:20.0879 4520 [ 16935C98FF639D185086A3529B1F2067 ] Wlansvc C:\windows\System32\wlansvc.dll
    23:35:20.0989 4520 Wlansvc - ok
    23:35:21.0129 4520 [ 6067ACEF367E79914AF628FA1E9B5330 ] wlcrasvc C:\Program Files\Windows Live\Mesh\wlcrasvc.exe
    23:35:21.0145 4520 wlcrasvc - ok
    23:35:21.0301 4520 [ FB01D4AE207B9EFDBABFC55DC95C7E31 ] wlidsvc C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
    23:35:21.0347 4520 wlidsvc - ok
    23:35:21.0410 4520 [ 0217679B8FCA58714C3BF2726D2CA84E ] WmiAcpi C:\windows\system32\drivers\wmiacpi.sys
    23:35:21.0488 4520 WmiAcpi - ok
    23:35:21.0550 4520 [ 6EB6B66517B048D87DC1856DDF1F4C3F ] wmiApSrv C:\windows\system32\wbem\WmiApSrv.exe
    23:35:21.0566 4520 wmiApSrv - ok
    23:35:21.0706 4520 [ 3B40D3A61AA8C21B88AE57C58AB3122E ] WMPNetworkSvc C:\Program Files\Windows Media Player\wmpnetwk.exe
    23:35:21.0753 4520 WMPNetworkSvc - ok
    23:35:21.0815 4520 [ A2F0EC770A92F2B3F9DE6D518E11409C ] WPCSvc C:\windows\System32\wpcsvc.dll
    23:35:21.0831 4520 WPCSvc - ok
    23:35:21.0893 4520 [ AA53356D60AF47EACC85BC617A4F3F66 ] WPDBusEnum C:\windows\system32\wpdbusenum.dll
    23:35:21.0956 4520 WPDBusEnum - ok
    23:35:21.0987 4520 [ 6DB3276587B853BF886B69528FDB048C ] ws2ifsl C:\windows\system32\drivers\ws2ifsl.sys
    23:35:22.0049 4520 ws2ifsl - ok
    23:35:22.0081 4520 [ 6F5D49EFE0E7164E03AE773A3FE25340 ] wscsvc C:\windows\System32\wscsvc.dll
    23:35:22.0127 4520 wscsvc - ok
    23:35:22.0143 4520 WSearch - ok
    23:35:22.0283 4520 [ FC3EC24FCE372C89423E015A2AC1A31E ] wuauserv C:\windows\system32\wuaueng.dll
    23:35:22.0346 4520 wuauserv - ok
    23:35:22.0393 4520 [ E714A1C0354636837E20CCBF00888EE7 ] WudfPf C:\windows\system32\drivers\WudfPf.sys
    23:35:22.0455 4520 WudfPf - ok
    23:35:22.0517 4520 [ 1023EE888C9B47178C5293ED5336AB69 ] WUDFRd C:\windows\system32\DRIVERS\WUDFRd.sys
    23:35:22.0580 4520 WUDFRd - ok
    23:35:22.0642 4520 [ 8D1E1E529A2C9E9B6A85B55A345F7629 ] wudfsvc C:\windows\System32\WUDFSvc.dll
    23:35:22.0673 4520 wudfsvc - ok
    23:35:22.0736 4520 [ FF2D745B560F7C71B31F30F4D49F73D2 ] WwanSvc C:\windows\System32\wwansvc.dll
    23:35:22.0783 4520 WwanSvc - ok
    23:35:22.0876 4520 ================ Scan global ===============================
    23:35:22.0985 4520 [ DAB748AE0439955ED2FA22357533DDDB ] C:\windows\system32\basesrv.dll
    23:35:23.0063 4520 [ 1F5F07091D50244F17DD8D5147A628CC ] C:\windows\system32\winsrv.dll
    23:35:23.0079 4520 [ 1F5F07091D50244F17DD8D5147A628CC ] C:\windows\system32\winsrv.dll
    23:35:23.0110 4520 [ 364455805E64882844EE9ACB72522830 ] C:\windows\system32\sxssrv.dll
    23:35:23.0141 4520 [ 5F1B6A9C35D3D5CA72D6D6FDEF9747D6 ] C:\windows\system32\services.exe
    23:35:23.0157 4520 [Global] - ok
    23:35:23.0157 4520 ================ Scan MBR ==================================
    23:35:23.0188 4520 [ 5B5E648D12FCADC244C1EC30318E1EB9 ] \Device\Harddisk0\DR0
    23:35:23.0188 4520 Suspicious mbr (Forged): \Device\Harddisk0\DR0
    23:35:23.0219 4520 \Device\Harddisk0\DR0 ( Rootkit.Boot.Pihar.c ) - infected
    23:35:23.0219 4520 \Device\Harddisk0\DR0 - detected Rootkit.Boot.Pihar.c (0)
    23:35:23.0297 4520 \Device\Harddisk0\DR0 ( TDSS File System ) - warning
    23:35:23.0297 4520 \Device\Harddisk0\DR0 - detected TDSS File System (1)
    23:35:23.0297 4520 ================ Scan VBR ==================================
    23:35:23.0329 4520 [ D3D7BE52A601234197775F17478FFFEA ] \Device\Harddisk0\DR0\Partition1
    23:35:23.0344 4520 \Device\Harddisk0\DR0\Partition1 - ok
    23:35:23.0344 4520 ================ Scan active images ========================
    23:35:23.0344 4520 [ B7EFEF22FF426EC4158A177CB3B558D3 ] C:\Windows\System32\drivers\crashdmp.sys
    23:35:23.0344 4520 C:\Windows\System32\drivers\crashdmp.sys - ok
    23:35:23.0360 4520 [ 5428227D4730EBDFC842E9FB593F8C8A ] C:\Windows\System32\drivers\Dumpata.sys
    23:35:23.0360 4520 C:\Windows\System32\drivers\Dumpata.sys - ok
    23:35:23.0376 4520 [ 62A63EF2F3053B461CB327E4D69AAA74 ] C:\Windows\System32\drivers\dumpfve.sys
    23:35:23.0376 4520 C:\Windows\System32\drivers\dumpfve.sys - ok
    23:35:23.0391 4520 [ 012C5F4E9349E711E11E0F19A8589F0A ] C:\Windows\System32\drivers\msahci.sys
    23:35:23.0391 4520 C:\Windows\System32\drivers\msahci.sys - ok
    23:35:23.0391 4520 [ 505506526A9D467307B3C393DEDAF858 ] C:\Windows\System32\drivers\beep.sys
    23:35:23.0391 4520 C:\Windows\System32\drivers\beep.sys - ok
    23:35:23.0407 4520 [ BE167ED0FDB9C1FA1133953C18D5A6C9 ] C:\Windows\System32\drivers\cdrom.sys
    23:35:23.0407 4520 C:\Windows\System32\drivers\cdrom.sys - ok
    23:35:23.0422 4520 [ F9756A98D69098DCA8945D62858A812C ] C:\Windows\System32\drivers\null.sys
    23:35:23.0422 4520 C:\Windows\System32\drivers\null.sys - ok
    23:35:23.0438 4520 [ 8E38096AD5C8570A6F1570A61E251561 ] C:\Windows\System32\drivers\vga.sys
    23:35:23.0438 4520 C:\Windows\System32\drivers\vga.sys - ok
    23:35:23.0438 4520 [ 15C126D1B55814B9E5CAB10A9C1F4C67 ] C:\Windows\System32\drivers\videoprt.sys
    23:35:23.0438 4520 C:\Windows\System32\drivers\videoprt.sys - ok
    23:35:23.0454 4520 [ CB45A417C8EF7BA6BAC67EDCDDED8700 ] C:\Windows\System32\drivers\watchdog.sys
    23:35:23.0454 4520 C:\Windows\System32\drivers\watchdog.sys - ok
    23:35:23.0469 4520 [ 23DAE03F29D253AE74C44F99E515F9A1 ] C:\Windows\System32\drivers\RDPCDD.sys
    23:35:23.0469 4520 C:\Windows\System32\drivers\RDPCDD.sys - ok
    23:35:23.0485 4520 [ 5A53CA1598DD4156D44196D200C94B8A ] C:\Windows\System32\drivers\RDPENCDD.sys
    23:35:23.0485 4520 C:\Windows\System32\drivers\RDPENCDD.sys - ok
    23:35:23.0485 4520 [ 44B0A53CD4F27D50ED461DAE0C0B4E1F ] C:\Windows\System32\drivers\RDPREFMP.sys
    23:35:23.0485 4520 C:\Windows\System32\drivers\RDPREFMP.sys - ok
    23:35:23.0500 4520 [ DAEFB28E3AF5A76ABCC2C3078C07327F ] C:\Windows\System32\drivers\msfs.sys
    23:35:23.0500 4520 C:\Windows\System32\drivers\msfs.sys - ok
    23:35:23.0516 4520 [ 1DB262A9F8C087E8153D89BEF3D2235F ] C:\Windows\System32\drivers\npfs.sys
    23:35:23.0516 4520 C:\Windows\System32\drivers\npfs.sys - ok
    23:35:23.0532 4520 [ 9EBBBA55060F786F0FCAA3893BFA2806 ] C:\Windows\System32\drivers\afd.sys
    23:35:23.0532 4520 C:\Windows\System32\drivers\afd.sys - ok
    23:35:23.0547 4520 [ 2F885864D5BC8A16C86BEE595969A48A ] C:\Windows\System32\drivers\tdi.sys
    23:35:23.0547 4520 C:\Windows\System32\drivers\tdi.sys - ok
    23:35:23.0547 4520 [ B459575348C20E8121D6039DA063C704 ] C:\Windows\System32\drivers\tdx.sys
    23:35:23.0547 4520 C:\Windows\System32\drivers\tdx.sys - ok
    23:35:23.0563 4520 [ 280122DDCF04B378EDD1AD54D71C1E54 ] C:\Windows\System32\drivers\netbt.sys
    23:35:23.0563 4520 C:\Windows\System32\drivers\netbt.sys - ok
    23:35:23.0578 4520 [ 6270CCAE2A86DE6D146529FE55B3246A ] C:\Windows\System32\drivers\pacer.sys
    23:35:23.0578 4520 C:\Windows\System32\drivers\pacer.sys - ok
    23:35:23.0594 4520 [ 8B9A943F3B53861F2BFAF6C186168F79 ] C:\Windows\System32\drivers\wfplwf.sys
    23:35:23.0594 4520 C:\Windows\System32\drivers\wfplwf.sys - ok
    23:35:23.0594 4520 [ 7090D3436EEB4E7DA3373090A23448F7 ] C:\Windows\System32\drivers\vwififlt.sys
    23:35:23.0594 4520 C:\Windows\System32\drivers\vwififlt.sys - ok
    23:35:23.0610 4520 [ 80B275B1CE3B0E79909DB7B39AF74D51 ] C:\Windows\System32\drivers\netbios.sys
    23:35:23.0610 4520 C:\Windows\System32\drivers\netbios.sys - ok
    23:35:23.0625 4520 [ 04DBF4B01EA4BF25A9A3E84AFFAC9B20 ] C:\Windows\System32\drivers\termdd.sys
    23:35:23.0625 4520 C:\Windows\System32\drivers\termdd.sys - ok
    23:35:23.0641 4520 [ 3C3C78515F5AB448B022BDF5B8FFDD2E ] C:\Windows\System32\drivers\wanarp.sys
    23:35:23.0641 4520 C:\Windows\System32\drivers\wanarp.sys - ok
    23:35:23.0641 4520 [ 77B9FC20084B48408AD3E87570EB4A85 ] C:\Program Files\SUPERAntiSpyware\SASKUTIL.SYS
    23:35:23.0641 4520 C:\Program Files\SUPERAntiSpyware\SASKUTIL.SYS - ok
    23:35:23.0656 4520 [ 39763504067962108505BFF25F024345 ] C:\Program Files\SUPERAntiSpyware\sasdifsv.sys
    23:35:23.0656 4520 C:\Program Files\SUPERAntiSpyware\sasdifsv.sys - ok
    23:35:23.0672 4520 [ E9A0A4D07E53D8FEA2BB8387A3293C58 ] C:\Windows\System32\drivers\nsiproxy.sys
    23:35:23.0672 4520 C:\Windows\System32\drivers\nsiproxy.sys - ok
    23:35:23.0688 4520 [ D528BC58A489409BA40334EBF96A311B ] C:\Windows\System32\drivers\rdbss.sys
    23:35:23.0688 4520 C:\Windows\System32\drivers\rdbss.sys - ok
    23:35:23.0688 4520 [ FC6B9FF600CC585EA38B12589BD4E246 ] C:\Windows\System32\drivers\mssmbios.sys
    23:35:23.0688 4520 C:\Windows\System32\drivers\mssmbios.sys - ok
    23:35:23.0703 4520 [ 2287078ED48FCFC477B05B20CF38F36F ] C:\Windows\System32\drivers\blbdrive.sys
    23:35:23.0703 4520 C:\Windows\System32\drivers\blbdrive.sys - ok
    23:35:23.0719 4520 [ F024449C97EC1E464AAFFDA18593DB88 ] C:\Windows\System32\drivers\dfsc.sys
    23:35:23.0719 4520 C:\Windows\System32\drivers\dfsc.sys - ok
    23:35:23.0734 4520 [ 1A050B0274BFB3890703D490F330C0DA ] C:\Windows\System32\drivers\discache.sys
    23:35:23.0734 4520 C:\Windows\System32\drivers\discache.sys - ok
    23:35:23.0750 4520 [ 3CBF30F5370FDA40DD3E87DF38EA53B6 ] C:\Windows\System32\drivers\amdppm.sys
    23:35:23.0750 4520 C:\Windows\System32\drivers\amdppm.sys - ok
    23:35:23.0750 4520 [ B2FA25D9B17A68BB93D58B0556E8C90D ] C:\Windows\System32\drivers\tunnel.sys
    23:35:23.0750 4520 C:\Windows\System32\drivers\tunnel.sys - ok
    23:35:23.0766 4520 [ C97BE8350FBCB1960B22FAD2E6C2B514 ] C:\Windows\System32\drivers\atikmdag.sys
    23:35:23.0766 4520 C:\Windows\System32\drivers\atikmdag.sys - ok
    23:35:23.0781 4520 [ 23F5D28378A160352BA8F817BD8C71CB ] C:\Windows\System32\drivers\dxgkrnl.sys
    23:35:23.0781 4520 C:\Windows\System32\drivers\dxgkrnl.sys - ok
    23:35:23.0797 4520 [ D458D1C7F1D49869000668E3C3BB0D4D ] C:\Windows\System32\drivers\dxgmms1.sys
    23:35:23.0797 4520 C:\Windows\System32\drivers\dxgmms1.sys - ok
    23:35:23.0797 4520 [ C30A91ADE8C9CB91E4281EC83C4500C6 ] C:\Windows\System32\ntdll.dll
    23:35:23.0797 4520 C:\Windows\System32\ntdll.dll - ok
    23:35:23.0812 4520 [ 16742790895960690237A5143CEDEC8B ] C:\Windows\System32\smss.exe
    23:35:23.0812 4520 C:\Windows\System32\smss.exe - ok
    23:35:23.0828 4520 [ F88A52EB62019D6A62FDD9E08034DBD8 ] C:\Windows\System32\autochk.exe
    23:35:23.0828 4520 C:\Windows\System32\autochk.exe - ok
    23:35:23.0844 4520 [ E48DAF453D773A89A44134CE4BA9AF44 ] C:\Windows\System32\drivers\RTL8187Se.sys
    23:35:23.0844 4520 C:\Windows\System32\drivers\RTL8187Se.sys - ok
    23:35:23.0844 4520 [ 26A9D6227D12B9D9DA5A81BB9B55D810 ] C:\Windows\System32\drivers\Rt86win7.sys
    23:35:23.0844 4520 C:\Windows\System32\drivers\Rt86win7.sys - ok
    23:35:23.0859 4520 [ 4084EA00D50C858D6F9038F86AE2E2D0 ] C:\Windows\System32\drivers\tdcmdpst.sys
    23:35:23.0859 4520 C:\Windows\System32\drivers\tdcmdpst.sys - ok
    23:35:23.0875 4520 [ 185ADA973B5020655CEE342059A86CBB ] C:\Windows\System32\drivers\GEARAspiWDM.sys
    23:35:23.0875 4520 C:\Windows\System32\drivers\GEARAspiWDM.sys - ok
    23:35:23.0890 4520 [ 3AA940AA9AC3055FE32FF2D3D20CCD28 ] C:\Windows\System32\drivers\usbport.sys
    23:35:23.0890 4520 C:\Windows\System32\drivers\usbport.sys - ok
    23:35:23.0906 4520 [ 9036377B8A6C15DC2EEC53E489D159B5 ] C:\Windows\System32\drivers\hdaudbus.sys
    23:35:23.0906 4520 C:\Windows\System32\drivers\hdaudbus.sys - ok
    23:35:23.0906 4520 [ F92DE757E4B7CE9C07C5E65423F3AE3B ] C:\Windows\System32\drivers\usbehci.sys
    23:35:23.0906 4520 C:\Windows\System32\drivers\usbehci.sys - ok
    23:35:23.0922 4520 [ E185D44FAC515A18D9DEDDC23C2CDF44 ] C:\Windows\System32\drivers\usbohci.sys
    23:35:23.0922 4520 C:\Windows\System32\drivers\usbohci.sys - ok
    23:35:23.0937 4520 [ F151F0BDC47F4A28B1B20A0818EA36D6 ] C:\Windows\System32\drivers\i8042prt.sys
    23:35:23.0937 4520 C:\Windows\System32\drivers\i8042prt.sys - ok
    23:35:23.0953 4520 [ ADEF52CA1AEAE82B50DF86B56413107E ] C:\Windows\System32\drivers\kbdclass.sys
    23:35:23.0953 4520 C:\Windows\System32\drivers\kbdclass.sys - ok
    23:35:23.0953 4520 [ 5787196F32D043572EC6565C0EF1B8E0 ] C:\Windows\System32\drivers\usbd.sys
    23:35:23.0953 4520 C:\Windows\System32\drivers\usbd.sys - ok
    23:35:23.0968 4520 [ 8BD10DC8809DC69A1C5A795CB10ADD76 ] C:\Windows\System32\drivers\SynTP.sys
    23:35:23.0968 4520 C:\Windows\System32\drivers\SynTP.sys - ok
    23:35:23.0984 4520 [ DEA805815E587DAD1DD2C502220B5616 ] C:\Windows\System32\drivers\CmBatt.sys
    23:35:23.0984 4520 C:\Windows\System32\drivers\CmBatt.sys - ok
    23:35:24.0000 4520 [ FB18CC1D4C2E716B6B903B0AC0CC0609 ] C:\Windows\System32\drivers\mouclass.sys
    23:35:24.0000 4520 C:\Windows\System32\drivers\mouclass.sys - ok
    23:35:24.0000 4520 [ CBE8C58A8579CFE5FCCF809E6F114E89 ] C:\Windows\System32\drivers\CompositeBus.sys
    23:35:24.0000 4520 C:\Windows\System32\drivers\CompositeBus.sys - ok
    23:35:24.0015 4520 [ 5DCEF0C32BE0F33277326586FA503689 ] C:\Windows\System32\drivers\ks.sys
    23:35:24.0015 4520 C:\Windows\System32\drivers\ks.sys - ok
    23:35:24.0031 4520 [ 45B44FC9E5AC0DB02B19D515EE809DE5 ] C:\Windows\System32\drivers\stream.sys
    23:35:24.0031 4520 C:\Windows\System32\drivers\stream.sys - ok
    23:35:24.0046 4520 [ 8E17D513D8011B0EE03C355EAAB0E0CC ] C:\Windows\System32\drivers\mcvidrv.sys
    23:35:24.0046 4520 C:\Windows\System32\drivers\mcvidrv.sys - ok
    23:35:24.0062 4520 [ 27F9288AF019E6DACA281EDE51FF5928 ] C:\Windows\System32\drivers\drmk.sys
    23:35:24.0062 4520 C:\Windows\System32\drivers\drmk.sys - ok
    23:35:24.0062 4520 [ 562D95E00E14A944DEBE655DECBD3F5B ] C:\Windows\System32\drivers\mcaudrv.sys
    23:35:24.0062 4520 C:\Windows\System32\drivers\mcaudrv.sys - ok
    23:35:24.0078 4520 [ D72708C9F49500C13D7D067E169B7715 ] C:\Windows\System32\drivers\portcls.sys
    23:35:24.0078 4520 C:\Windows\System32\drivers\portcls.sys - ok
    23:35:24.0093 4520 [ 57EC4AEF73660166074D8F7F31C0D4FD ] C:\Windows\System32\drivers\agilevpn.sys
    23:35:24.0093 4520 C:\Windows\System32\drivers\agilevpn.sys - ok
    23:35:24.0109 4520 [ E4A8AEC125A2E43A9E32AFEEA7C9C888 ] C:\Windows\System32\drivers\ndistapi.sys
    23:35:24.0109 4520 C:\Windows\System32\drivers\ndistapi.sys - ok
    23:35:24.0109 4520 [ 38FBE267E7E6983311179230FACB1017 ] C:\Windows\System32\drivers\ndiswan.sys
    23:35:24.0109 4520 C:\Windows\System32\drivers\ndiswan.sys - ok
    23:35:24.0124 4520 [ D9F91EAFEC2815365CBE6D167E4E332A ] C:\Windows\System32\drivers\rasl2tp.sys
    23:35:24.0124 4520 C:\Windows\System32\drivers\rasl2tp.sys - ok
    23:35:24.0140 4520 [ 0FE8B15916307A6AC12BFB6A63E45507 ] C:\Windows\System32\drivers\raspppoe.sys
    23:35:24.0140 4520 C:\Windows\System32\drivers\raspppoe.sys - ok
    23:35:24.0140 4520 [ 631E3E205AD6D86F2AED6A4A8E69F2DB ] C:\Windows\System32\drivers\raspptp.sys
    23:35:24.0156 4520 C:\Windows\System32\drivers\raspptp.sys - ok
    23:35:24.0156 4520 [ 44101F495A83EA6401D886E7FD70096B ] C:\Windows\System32\drivers\rassstp.sys
    23:35:24.0156 4520 C:\Windows\System32\drivers\rassstp.sys - ok
    23:35:24.0171 4520 [ E58C78A848ADD9610A4DB6D214AF5224 ] C:\Windows\System32\drivers\swenum.sys
    23:35:24.0171 4520 C:\Windows\System32\drivers\swenum.sys - ok
    23:35:24.0187 4520 [ D295BED4B898F0FD999FCFA9B32B071B ] C:\Windows\System32\drivers\umbus.sys
    23:35:24.0187 4520 C:\Windows\System32\drivers\umbus.sys - ok
    23:35:24.0202 4520 [ D1DE1EAFDE97BE41CF6585027FF3E732 ] C:\Windows\System32\comdlg32.dll
    23:35:24.0202 4520 C:\Windows\System32\comdlg32.dll - ok
    23:35:24.0202 4520 [ FF5688D309347F2720911D8796912834 ] C:\Windows\System32\clbcatq.dll
    23:35:24.0202 4520 C:\Windows\System32\clbcatq.dll - ok
    23:35:24.0218 4520 [ 6377051C63D5552A311935C67E9FDFDC ] C:\Windows\System32\nsi.dll
    23:35:24.0218 4520 C:\Windows\System32\nsi.dll - ok
    23:35:24.0234 4520 [ A543AC1F7138376D778D630A35FCBC4C ] C:\Windows\System32\psapi.dll
    23:35:24.0234 4520 C:\Windows\System32\psapi.dll - ok
    23:35:24.0249 4520 [ 10FB16B50AFFDA6D44588F3C445DC273 ] C:\Windows\System32\setupapi.dll
    23:35:24.0249 4520 C:\Windows\System32\setupapi.dll - ok
    23:35:24.0249 4520 [ 8CC3C111D653E96F3EA1590891491D71 ] C:\Windows\System32\shlwapi.dll
    23:35:24.0249 4520 C:\Windows\System32\shlwapi.dll - ok
    23:35:24.0265 4520 [ 8DC94AEC6A7E644A06135AE7506DC2E9 ] C:\Windows\System32\drivers\usbhub.sys
    23:35:24.0265 4520 C:\Windows\System32\drivers\usbhub.sys - ok
    23:35:24.0280 4520 [ D171EAA745A2C0C583CDDA13D9088EE4 ] C:\Windows\System32\iertutil.dll
    23:35:24.0280 4520 C:\Windows\System32\iertutil.dll - ok
    23:35:24.0296 4520 [ 6C765E82B57F2E66CE9C54AC238471D9 ] C:\Windows\System32\oleaut32.dll
    23:35:24.0296 4520 C:\Windows\System32\oleaut32.dll - ok
    23:35:24.0296 4520 [ B2DB6ABA2E292235749B80A9C3DFA867 ] C:\Windows\System32\imagehlp.dll
    23:35:24.0296 4520 C:\Windows\System32\imagehlp.dll - ok
    23:35:24.0312 4520 [ A8BB45F9ECAD993461E0FEF8E2A99152 ] C:\Windows\System32\Wldap32.dll
    23:35:24.0312 4520 C:\Windows\System32\Wldap32.dll - ok
    23:35:24.0327 4520 [ 9DC80A8AAAAAC397BDAB3C67165A824E ] C:\Windows\System32\msvcrt.dll
    23:35:24.0327 4520 C:\Windows\System32\msvcrt.dll - ok
    23:35:24.0343 4520 [ CFC97F07904067A1E5FAE195D534DA3A ] C:\Windows\System32\sechost.dll
    23:35:24.0343 4520 C:\Windows\System32\sechost.dll - ok
    23:35:24.0343 4520 [ 3ED262888758E350C29E02207AF9AC59 ] C:\Windows\System32\kernel32.dll
    23:35:24.0343 4520 C:\Windows\System32\kernel32.dll - ok
    23:35:24.0358 4520 [ A4BDC541E69674FBFF1A8FF00BE913F2 ] C:\Windows\System32\drivers\ndproxy.sys
    23:35:24.0358 4520 C:\Windows\System32\drivers\ndproxy.sys - ok
    23:35:24.0374 4520 [ B49B56B64F57699A1A663D2CF7D0A56F ] C:\Windows\System32\wininet.dll
    23:35:24.0374 4520 C:\Windows\System32\wininet.dll - ok
    23:35:24.0390 4520 [ BE157C3800DA3010EFC48280ECF81C16 ] C:\Windows\System32\urlmon.dll
    23:35:24.0390 4520 C:\Windows\System32\urlmon.dll - ok
    23:35:24.0390 4520 [ 4A8E2F20809CC161107FAA94F6CF2685 ] C:\Windows\System32\imm32.dll
    23:35:24.0390 4520 C:\Windows\System32\imm32.dll - ok
    23:35:24.0405 4520 [ 9C278785347BCC991F8EA2999D90F58D ] C:\Windows\System32\normaliz.dll
    23:35:24.0405 4520 C:\Windows\System32\normaliz.dll - ok
    23:35:24.0421 4520 [ 6400774E903729ADD0A62A24A334EE56 ] C:\Windows\System32\rpcrt4.dll
    23:35:24.0421 4520 C:\Windows\System32\rpcrt4.dll - ok
    23:35:24.0436 4520 [ E4A2E810CB2607C9C159C0DFB0BD4C88 ] C:\Windows\System32\drivers\RTKVHDA.sys
    23:35:24.0436 4520 C:\Windows\System32\drivers\RTKVHDA.sys - ok
    23:35:24.0436 4520 [ 804AAAFEBB3AD5F49334DD906BCB1DE5 ] C:\Windows\System32\usp10.dll
    23:35:24.0436 4520 C:\Windows\System32\usp10.dll - ok
    23:35:24.0452 4520 [ 4F154D2C9C6DF951FD6E5AABBAE6B5EE ] C:\Windows\System32\lpk.dll
    23:35:24.0452 4520 C:\Windows\System32\lpk.dll - ok
    23:35:24.0468 4520 [ 29E9794708DF51DB5DC89FB2E903A0F6 ] C:\Windows\System32\shell32.dll
    23:35:24.0468 4520 C:\Windows\System32\shell32.dll - ok
    23:35:24.0483 4520 [ 7FF15A4F092CD4A96055BA69F903E3E9 ] C:\Windows\System32\ws2_32.dll
    23:35:24.0483 4520 C:\Windows\System32\ws2_32.dll - ok
    23:35:24.0483 4520 [ 928CF7268086631F54C3D8E17238C6DD ] C:\Windows\System32\ole32.dll
    23:35:24.0483 4520 C:\Windows\System32\ole32.dll - ok
    23:35:24.0499 4520 [ F1DD3ACAEE5E6B4BBC69BC6DF75CEF66 ] C:\Windows\System32\user32.dll
    23:35:24.0499 4520 C:\Windows\System32\user32.dll - ok
    23:35:24.0514 4520 [ C9618BC9B2B0FD7C1138D8774795A79B ] C:\Windows\System32\msctf.dll
    23:35:24.0514 4520 C:\Windows\System32\msctf.dll - ok
    23:35:24.0530 4520 [ E87F5393F7D8CE2FACC4DFF703531392 ] C:\Windows\System32\gdi32.dll
    23:35:24.0530 4520 C:\Windows\System32\gdi32.dll - ok
    23:35:24.0530 4520 [ 95E2376B3323F062EB562B8586D0F14A ] C:\Windows\System32\advapi32.dll
    23:35:24.0530 4520 C:\Windows\System32\advapi32.dll - ok
    23:35:24.0546 4520 [ 070C5B9D3006602A07757179D9B56F5D ] C:\Windows\System32\difxapi.dll
    23:35:24.0546 4520 C:\Windows\System32\difxapi.dll - ok
    23:35:24.0561 4520 [ CC4ED8BEA78B0DCA6F217E014C3291A7 ] C:\Windows\System32\devobj.dll
    23:35:24.0561 4520 C:\Windows\System32\devobj.dll - ok
    23:35:24.0577 4520 [ E40ADC3B848650F1D5A932FD7DE0D018 ] C:\Windows\System32\KernelBase.dll
    23:35:24.0577 4520 C:\Windows\System32\KernelBase.dll - ok
    23:35:24.0577 4520 [ 17448AF0BBA9E7AB5EC955AF93F271BD ] C:\Windows\System32\wintrust.dll
    23:35:24.0577 4520 C:\Windows\System32\wintrust.dll - ok
    23:35:24.0592 4520 [ 60D21799A4AF4EDCE65FB98830E4B0C8 ] C:\Windows\System32\crypt32.dll
    23:35:24.0592 4520 C:\Windows\System32\crypt32.dll - ok
    23:35:24.0608 4520 [ BDAC1AA64495D0F7E1FF810EBBF1F018 ] C:\Windows\System32\comctl32.dll
    23:35:24.0608 4520 C:\Windows\System32\comctl32.dll - ok
    23:35:24.0624 4520 [ 3FFAEA12666E565FF51BF2FCA674F543 ] C:\Windows\System32\cfgmgr32.dll
    23:35:24.0624 4520 C:\Windows\System32\cfgmgr32.dll - ok
    23:35:24.0624 4520 [ 938F39B50BAFE13D6F58C7790682C010 ] C:\Windows\System32\msasn1.dll
    23:35:24.0624 4520 C:\Windows\System32\msasn1.dll - ok
    23:35:24.0639 4520 [ 5FCD3320AAE71506B43F9E12E4E72172 ] C:\Windows\System32\drivers\dxapi.sys
    23:35:24.0639 4520 C:\Windows\System32\drivers\dxapi.sys - ok
    23:35:24.0655 4520 [ D45B118114C9B18814CE18F72A34E934 ] C:\Windows\System32\win32k.sys
    23:35:24.0655 4520 C:\Windows\System32\win32k.sys - ok
    23:35:24.0670 4520 [ 6C062EA09313872D2235027EF7A4554E ] C:\Windows\System32\csrsrv.dll
    23:35:24.0670 4520 C:\Windows\System32\csrsrv.dll - ok
    23:35:24.0670 4520 [ 342271F6142E7C70805B8A81E1BA5F5C ] C:\Windows\System32\csrss.exe
    23:35:24.0670 4520 C:\Windows\System32\csrss.exe - ok
    23:35:24.0686 4520 [ DAB748AE0439955ED2FA22357533DDDB ] C:\Windows\System32\basesrv.dll
    23:35:24.0686 4520 C:\Windows\System32\basesrv.dll - ok
    23:35:24.0702 4520 [ 1F5F07091D50244F17DD8D5147A628CC ] C:\Windows\System32\winsrv.dll
    23:35:24.0702 4520 C:\Windows\System32\winsrv.dll - ok
    23:35:24.0717 4520 [ 79D10964DE86B292320E9DFE02282A23 ] C:\Windows\System32\drivers\monitor.sys
    23:35:24.0717 4520 C:\Windows\System32\drivers\monitor.sys - ok
    23:35:24.0717 4520 [ 7C76B61A5E1EF5D1FA554CF134100F18 ] C:\Windows\System32\tsddd.dll
    23:35:24.0717 4520 C:\Windows\System32\tsddd.dll - ok
    23:35:24.0733 4520 [ 364455805E64882844EE9ACB72522830 ] C:\Windows\System32\sxssrv.dll
    23:35:24.0733 4520 C:\Windows\System32\sxssrv.dll - ok
    23:35:24.0748 4520 [ B5C5DCAD3899512020D135600129D665 ] C:\Windows\System32\wininit.exe
    23:35:24.0748 4520 C:\Windows\System32\wininit.exe - ok
    23:35:24.0764 4520 [ C733D233B623B7FFCE5031E4B756EE26 ] C:\Windows\System32\profapi.dll
    23:35:24.0764 4520 C:\Windows\System32\profapi.dll - ok
    23:35:24.0764 4520 [ CAEF9CD6C10B1017E2C298D849CD31DB ] C:\Windows\System32\cdd.dll
    23:35:24.0764 4520 C:\Windows\System32\cdd.dll - ok
    23:35:24.0780 4520 [ F10E5311E5093FA3C00FF88C54C32FCA ] C:\Windows\System32\atl.dll
    23:35:24.0780 4520 C:\Windows\System32\atl.dll - ok
    23:35:24.0795 4520 [ D5AEFAD57C08349A4393D987DF7C715D ] C:\Windows\System32\winmm.dll
    23:35:24.0795 4520 C:\Windows\System32\winmm.dll - ok
    23:35:24.0811 4520 [ 5997D769CDB108390DCFAEBF442BF816 ] C:\Windows\System32\RpcRtRemote.dll
    23:35:24.0811 4520 C:\Windows\System32\RpcRtRemote.dll - ok
    23:35:24.0826 4520 [ 357B990A4249D7F7485B230C0CC8825A ] C:\Windows\System32\KBDUS.DLL
    23:35:24.0826 4520 C:\Windows\System32\KBDUS.DLL - ok
    23:35:24.0842 4520 [ 6D13E1406F50C66E2A95D97F22C47560 ] C:\Windows\System32\winlogon.exe
    23:35:24.0842 4520 C:\Windows\System32\winlogon.exe - ok
    23:35:24.0842 4520 [ 919001D2BB17DF06CA3F8AC16AD039F6 ] C:\Windows\System32\sxs.dll
    23:35:24.0842 4520 C:\Windows\System32\sxs.dll - ok
    23:35:24.0858 4520 [ 633C2C060CF857099F6C4F8D75C952B1 ] C:\Windows\System32\WlS0WndH.dll
    23:35:24.0858 4520 C:\Windows\System32\WlS0WndH.dll - ok
    23:35:24.0873 4520 [ F08F6FCD09F9BE94C37ACC1B344685FF ] C:\Windows\System32\cryptbase.dll
    23:35:24.0873 4520 C:\Windows\System32\cryptbase.dll - ok
    23:35:24.0889 4520 [ 863F793D15B4026B1A5FDECA873D4D84 ] C:\Windows\System32\apphelp.dll
    23:35:24.0889 4520 C:\Windows\System32\apphelp.dll - ok
    23:35:24.0889 4520 [ 418E881201583A3039D81F43E39E6C78 ] C:\Windows\System32\winsta.dll
    23:35:24.0889 4520 C:\Windows\System32\winsta.dll - ok
    23:35:24.0904 4520 [ 5F1B6A9C35D3D5CA72D6D6FDEF9747D6 ] C:\Windows\System32\services.exe
    23:35:24.0904 4520 C:\Windows\System32\services.exe - ok
    23:35:24.0920 4520 [ 81951F51E318AECC2D68559E47485CC4 ] C:\Windows\System32\lsass.exe
    23:35:24.0920 4520 C:\Windows\System32\lsass.exe - ok
    23:35:24.0936 4520 [ 8AEA9A37C1A3565A204D37C5E72AB791 ] C:\Windows\System32\lsm.exe
    23:35:24.0936 4520 C:\Windows\System32\lsm.exe - ok
    23:35:24.0936 4520 [ 4A054C853031616D161A84BECF281F47 ] C:\Windows\System32\sspicli.dll
    23:35:24.0936 4520 C:\Windows\System32\sspicli.dll - ok
    23:35:24.0951 4520 [ 250AA41DE690561AF1282D598914564C ] C:\Windows\System32\scesrv.dll
    23:35:24.0951 4520 C:\Windows\System32\scesrv.dll - ok
    23:35:24.0967 4520 [ 3369D021265E369D57317D61FA86DD79 ] C:\Windows\System32\scext.dll
    23:35:24.0967 4520 C:\Windows\System32\scext.dll - ok
    23:35:24.0982 4520 [ 69678722290C78D5D7198C60B5A4E3E8 ] C:\Windows\System32\secur32.dll
    23:35:24.0982 4520 C:\Windows\System32\secur32.dll - ok
    23:35:24.0982 4520 [ E361AE3010EA4B3123DAB5BDAE21798F ] C:\Windows\System32\sspisrv.dll
    23:35:24.0982 4520 C:\Windows\System32\sspisrv.dll - ok
    23:35:24.0998 4520 [ C95CA687D32DDAB1C91E1122E80D5E16 ] C:\Windows\System32\lsasrv.dll
    23:35:24.0998 4520 C:\Windows\System32\lsasrv.dll - ok
    23:35:25.0014 4520 [ BA51FFE170C5B3AE8EC4F5BD2581A29E ] C:\Windows\System32\sysntfy.dll
    23:35:25.0014 4520 C:\Windows\System32\sysntfy.dll - ok
    23:35:25.0029 4520 [ D412B1B72C5AB020218E9A047D90CA05 ] C:\Windows\System32\wmsgapi.dll
    23:35:25.0029 4520 C:\Windows\System32\wmsgapi.dll - ok
    23:35:25.0029 4520 [ 5CCDCD40E732D54E0F7451AC66AC1C87 ] C:\Windows\System32\srvcli.dll
    23:35:25.0029 4520 C:\Windows\System32\srvcli.dll - ok
    23:35:25.0045 4520 [ 245F4691314F42D4D1BC06442F0B2086 ] C:\Windows\System32\samsrv.dll
    23:35:25.0045 4520 C:\Windows\System32\samsrv.dll - ok
    23:35:25.0060 4520 [ 1128637CAD49A8E3C8B5FA5D0A061525 ] C:\Windows\System32\cryptdll.dll
    23:35:25.0060 4520 C:\Windows\System32\cryptdll.dll - ok
    23:35:25.0076 4520 [ 82C089EA2A3EEFADF3588EA71E8BDADA ] C:\Windows\System32\wevtapi.dll
    23:35:25.0076 4520 C:\Windows\System32\wevtapi.dll - ok
    23:35:25.0076 4520 [ FB4EB9352B7D698E6B3C2AA2ED724DAD ] C:\Windows\System32\authz.dll
    23:35:25.0076 4520 C:\Windows\System32\authz.dll - ok
    23:35:25.0092 4520 [ 50BA656134F78AF64E4DD3C8B6FEFD7E ] C:\Windows\System32\cngaudit.dll
    23:35:25.0092 4520 C:\Windows\System32\cngaudit.dll - ok
    23:35:25.0107 4520 [ BF6D6ED5FADCEEE885BD0144ECF1BA27 ] C:\Windows\System32\ncrypt.dll
    23:35:25.0107 4520 C:\Windows\System32\ncrypt.dll - ok
    23:35:25.0123 4520 [ FC7650224790CAE75A5E9231961FDEC5 ] C:\Windows\System32\bcrypt.dll
    23:35:25.0123 4520 C:\Windows\System32\bcrypt.dll - ok
    23:35:25.0123 4520 [ FD1D6C73E6333BE727CBCC6054247654 ] C:\Windows\System32\drivers\TsUsbFlt.sys
    23:35:25.0123 4520 C:\Windows\System32\drivers\TsUsbFlt.sys - ok
    23:35:25.0138 4520 [ 5DAF8A6B7F127C4E70A5C1F707347859 ] C:\Windows\System32\atmfd.dll
    23:35:25.0138 4520 C:\Windows\System32\atmfd.dll - ok
    23:35:25.0154 4520 [ C90878913DF3DC504790282043DB5F4C ] C:\Windows\System32\msprivs.dll
    23:35:25.0154 4520 C:\Windows\System32\msprivs.dll - ok
    23:35:25.0170 4520 [ E343CABBD8D600ABAF3F11625D33B3D0 ] C:\Windows\System32\netjoin.dll
    23:35:25.0170 4520 C:\Windows\System32\netjoin.dll - ok
    23:35:25.0170 4520 [ BDA0B954A30498B5A7EDC6204CBA07ED ] C:\Windows\System32\kerberos.dll
    23:35:25.0170 4520 C:\Windows\System32\kerberos.dll - ok
    23:35:25.0185 4520 [ 6DCFAEC6D1334AA6CDF8961DB4633CBF ] C:\Windows\System32\negoexts.dll
    23:35:25.0185 4520 C:\Windows\System32\negoexts.dll - ok
    23:35:25.0201 4520 [ 7321F18D1F820612ED0E9F2D4B578A7E ] C:\Windows\System32\cryptsp.dll
    23:35:25.0201 4520 C:\Windows\System32\cryptsp.dll - ok
    23:35:25.0216 4520 [ 8999B8631C7FD9F7F9EC3CAFD953BA24 ] C:\Windows\System32\mswsock.dll
    23:35:25.0216 4520 C:\Windows\System32\mswsock.dll - ok
    23:35:25.0216 4520 [ 4C1E16B9A53102C8D6FBA587CBCB95DE ] C:\Windows\System32\msv1_0.dll
    23:35:25.0216 4520 C:\Windows\System32\msv1_0.dll - ok
    23:35:25.0232 4520 [ C1809B9907ADEDAF16F50C894100883B ] C:\Windows\System32\netlogon.dll
    23:35:25.0232 4520 C:\Windows\System32\netlogon.dll - ok
    23:35:25.0248 4520 [ 73E8667A19FEEDD856DF2695E9E511D4 ] C:\Windows\System32\wship6.dll
    23:35:25.0248 4520 C:\Windows\System32\wship6.dll - ok
    23:35:25.0263 4520 [ B40420876B9288E0A1C8CCA8A84E5DC9 ] C:\Windows\System32\dnsapi.dll
    23:35:25.0263 4520 C:\Windows\System32\dnsapi.dll - ok
    23:35:25.0263 4520 [ 8EA53101FF2B15BDFF934B62A8FB326D ] C:\Windows\System32\logoncli.dll
    23:35:25.0263 4520 C:\Windows\System32\logoncli.dll - ok
    23:35:25.0279 4520 [ 3D3CBD1847F980FB03343A63671E7886 ] C:\Windows\System32\schannel.dll
    23:35:25.0279 4520 C:\Windows\System32\schannel.dll - ok
    23:35:25.0294 4520 [ 0450CF487ECD8A67B56F59F9A96D024D ] C:\Windows\System32\wdigest.dll
    23:35:25.0294 4520 C:\Windows\System32\wdigest.dll - ok
    23:35:25.0310 4520 [ 37CC990D4E2CDFAE12AC47F6B620FC13 ] C:\Windows\System32\pku2u.dll
    23:35:25.0310 4520 C:\Windows\System32\pku2u.dll - ok
    23:35:25.0310 4520 [ ED8EC63F7522DF4852147C84EC62C36A ] C:\Windows\System32\rsaenh.dll
    23:35:25.0310 4520 C:\Windows\System32\rsaenh.dll - ok
    23:35:25.0326 4520 [ D29E45078CF4020CE0AAC82EC652D1EA ] C:\Windows\System32\TSpkg.dll
    23:35:25.0326 4520 C:\Windows\System32\TSpkg.dll - ok
    23:35:25.0341 4520 [ E8449FE262D7406BCB2AC2A45C53EC5F ] C:\Windows\System32\bcryptprimitives.dll
    23:35:25.0341 4520 C:\Windows\System32\bcryptprimitives.dll - ok
    23:35:25.0357 4520 [ 9EDE13F62E7BE92DBA561218EDDC4E21 ] C:\Windows\System32\LIVESSP.DLL
    23:35:25.0357 4520 C:\Windows\System32\LIVESSP.DLL - ok
    23:35:25.0357 4520 [ 4E5FE39C1076D115EC8BFCFE14D75B80 ] C:\Windows\System32\credssp.dll
    23:35:25.0357 4520 C:\Windows\System32\credssp.dll - ok
    23:35:25.0372 4520 [ 91F434FF6606ED9BDC6A05D651B69553 ] C:\Windows\System32\efslsaext.dll
    23:35:25.0372 4520 C:\Windows\System32\efslsaext.dll - ok
    23:35:25.0388 4520 [ 8124944EC89D6A1815E4E53F5B96AAF4 ] C:\Windows\System32\scecli.dll
    23:35:25.0388 4520 C:\Windows\System32\scecli.dll - ok
    23:35:25.0404 4520 [ 7222995615BF93B628DCEA4BD6CCACF7 ] C:\Windows\System32\ubpm.dll
    23:35:25.0404 4520 C:\Windows\System32\ubpm.dll - ok
    23:35:25.0404 4520 [ 54A47F6B5E09A77E61649109C6A08866 ] C:\Windows\System32\svchost.exe
    23:35:25.0404 4520 C:\Windows\System32\svchost.exe - ok
    23:35:25.0419 4520 [ 4BDBBE5E4208022DD794F7EEEB0F7366 ] C:\Windows\System32\SPInf.dll
    23:35:25.0419 4520 C:\Windows\System32\SPInf.dll - ok
    23:35:25.0435 4520 [ EC7BC28D207DA09E79B3E9FAF8B232CA ] C:\Windows\System32\umpnpmgr.dll
    23:35:25.0435 4520 C:\Windows\System32\umpnpmgr.dll - ok
    23:35:25.0450 4520 [ FD07F21E0A19C27ED4E1EEC2B07452B3 ] C:\Windows\System32\devrtl.dll
    23:35:25.0450 4520 C:\Windows\System32\devrtl.dll - ok
    23:35:25.0450 4520 [ D15618A0FF8DBC2C5BF3726BACC75A0B ] C:\Windows\System32\userenv.dll
    23:35:25.0450 4520 C:\Windows\System32\userenv.dll - ok
    23:35:25.0466 4520 [ 1097F3035BAF46CED8B332B3564C5108 ] C:\Windows\System32\gpapi.dll
    23:35:25.0466 4520 C:\Windows\System32\gpapi.dll - ok
    23:35:25.0482 4520 [ F87D30E72E03D579A5199CCB3831D6EA ] C:\Windows\System32\umpo.dll
    23:35:25.0482 4520 C:\Windows\System32\umpo.dll - ok
    23:35:25.0497 4520 [ 5893EBDCE371174AC89ECD7731DD6D77 ] C:\Windows\System32\pcwum.dll
    23:35:25.0497 4520 C:\Windows\System32\pcwum.dll - ok
    23:35:25.0497 4520 [ 08DFDBD2FD4EA951DC46B1C7661ED35A ] C:\Windows\System32\powrprof.dll
    23:35:25.0497 4520 C:\Windows\System32\powrprof.dll - ok
    23:35:25.0513 4520 [ 6703E366CC18D3B6E534F5CF7DF39CEE ] C:\Windows\System32\drivers\luafv.sys
    23:35:25.0513 4520 C:\Windows\System32\drivers\luafv.sys - ok
    23:35:25.0528 4520 [ E714A1C0354636837E20CCBF00888EE7 ] C:\Windows\System32\drivers\WUDFPf.sys
    23:35:25.0528 4520 C:\Windows\System32\drivers\WUDFPf.sys - ok
    23:35:25.0544 4520 [ 7660F01D3B38ACA1747E397D21D790AF ] C:\Windows\System32\rpcss.dll
    23:35:25.0544 4520 C:\Windows\System32\rpcss.dll - ok
    23:35:25.0544 4520 [ 78D072F35BC45D9E4E1B61895C152234 ] C:\Windows\System32\RpcEpMap.dll
    23:35:25.0544 4520 C:\Windows\System32\RpcEpMap.dll - ok
    23:35:25.0560 4520 [ EE5C8E27C37B79CB54A2FCEEED2DC262 ] C:\Windows\System32\WSHTCPIP.DLL
    23:35:25.0560 4520 C:\Windows\System32\WSHTCPIP.DLL - ok
    23:35:25.0575 4520 [ 0BC6704F6FB4C63CDCB85401E8263A1B ] C:\Windows\System32\atiesrxx.exe
    23:35:25.0575 4520 C:\Windows\System32\atiesrxx.exe - ok
    23:35:25.0591 4520 [ 81F08948A0F1475894C99D4D19A158A8 ] C:\Windows\System32\wshqos.dll
    23:35:25.0591 4520 C:\Windows\System32\wshqos.dll - ok
    23:35:25.0591 4520 [ 3F50200237961034FACE602373838980 ] C:\Windows\System32\FirewallAPI.dll
    23:35:25.0591 4520 C:\Windows\System32\FirewallAPI.dll - ok
    23:35:25.0606 4520 [ 702254574E7E52052DE39408457B7149 ] C:\Windows\System32\version.dll
    23:35:25.0606 4520 C:\Windows\System32\version.dll - ok
    23:35:25.0622 4520 [ 3EF0D8AB08385AAB5802E773511A2E6A ] C:\Windows\System32\LogonUI.exe
    23:35:25.0622 4520 C:\Windows\System32\LogonUI.exe - ok
    23:35:25.0638 4520 [ 6A6B2EE4565A178035BE2A4FF6F2C968 ] C:\Windows\System32\wtsapi32.dll
    23:35:25.0638 4520 C:\Windows\System32\wtsapi32.dll - ok
    23:35:25.0638 4520 [ CDD35C1CE1EBFE80C055691CDC8DF443 ] C:\Windows\System32\authui.dll
    23:35:25.0638 4520 C:\Windows\System32\authui.dll - ok
    23:35:25.0653 4520 [ 241E015DD809CFB23242F890B1FC575B ] C:\Windows\System32\wevtsvc.dll
    23:35:25.0653 4520 C:\Windows\System32\wevtsvc.dll - ok
    23:35:25.0669 4520 [ 28CA821606669BB9215CE010767720FA ] C:\Windows\System32\cryptui.dll
    23:35:25.0669 4520 C:\Windows\System32\cryptui.dll - ok
    23:35:25.0684 4520 [ 352B3DC62A0D259A82A052238425C872 ] C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2\comctl32.dll
    23:35:25.0684 4520 C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2\comctl32.dll - ok
    23:35:25.0700 4520 [ F14A9B1778376D0B1788E402AC1F831A ] C:\Windows\System32\shacct.dll
    23:35:25.0700 4520 C:\Windows\System32\shacct.dll - ok
    23:35:25.0700 4520 [ C30A3E5DEEEBA22E782AC54C5AF5F352 ] C:\Windows\System32\samlib.dll
    23:35:25.0700 4520 C:\Windows\System32\samlib.dll - ok
    23:35:25.0716 4520 [ 12C45E3CB6D65F73209549E2D02ECA7A ] C:\Windows\System32\propsys.dll
    23:35:25.0716 4520 C:\Windows\System32\propsys.dll - ok
    23:35:25.0731 4520 [ 8B0B4C5927A333A05513791758350DC4 ] C:\Windows\System32\microsoft-windows-kernel-power-events.dll
    23:35:25.0731 4520 C:\Windows\System32\microsoft-windows-kernel-power-events.dll - ok
    23:35:25.0731 4520 [ 8C338238C16777A802D6A9211EB2BA50 ] C:\Windows\System32\netprofm.dll
    23:35:25.0731 4520 C:\Windows\System32\netprofm.dll - ok
    23:35:25.0747 4520 [ CE3B4E731638D2EF62FCB419BE0D39F0 ] C:\Windows\System32\audiosrv.dll
    23:35:25.0747 4520 C:\Windows\System32\audiosrv.dll - ok
    23:35:25.0762 4520 [ 63BFDF555DA2075A77D677829C3CCCD0 ] C:\Windows\System32\uxtheme.dll
    23:35:25.0762 4520 C:\Windows\System32\uxtheme.dll - ok
    23:35:25.0778 4520 [ 7717F84F483002815490033BF069DABD ] C:\Windows\winsxs\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.17825_none_72d273598668a06b\GdiPlus.dll
    23:35:25.0778 4520 C:\Windows\winsxs\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.17825_none_72d273598668a06b\GdiPlus.dll - ok
    23:35:25.0794 4520 [ 139D3AB6AA920C34C50CBFFB9EB7D222 ] C:\Windows\System32\avrt.dll
    23:35:25.0794 4520 C:\Windows\System32\avrt.dll - ok
    23:35:25.0809 4520 [ 243974EC02F7AE49E4179C54624143AB ] C:\Windows\System32\MMDevAPI.dll
    23:35:25.0809 4520 C:\Windows\System32\MMDevAPI.dll - ok
    23:35:25.0809 4520 [ 3FD15B4611D9BDA3F8013548C0ECAECA ] C:\Windows\System32\ntmarta.dll
    23:35:25.0809 4520 C:\Windows\System32\ntmarta.dll - ok
    23:35:25.0825 4520 [ 0E85C11F8850D524B02181C6E02BA9AE ] C:\Windows\System32\dsound.dll
    23:35:25.0825 4520 C:\Windows\System32\dsound.dll - ok
    23:35:25.0840 4520 [ EE06B85BC69F18826302348A2AD089E0 ] C:\Windows\System32\dui70.dll
    23:35:25.0840 4520 C:\Windows\System32\dui70.dll - ok
    23:35:25.0856 4520 [ 6E1F8165C365D35C8E3C045AF0CDD481 ] C:\Windows\System32\duser.dll
    23:35:25.0856 4520 C:\Windows\System32\duser.dll - ok
    23:35:25.0856 4520 [ 2CFA4569350B7F84F815E9EC34E85766 ] C:\Windows\System32\SndVolSSO.dll
    23:35:25.0856 4520 C:\Windows\System32\SndVolSSO.dll - ok
    23:35:25.0872 4520 [ 39C5F32747B3414D1BB216FDB1DEFC58 ] C:\Windows\System32\dwmapi.dll
    23:35:25.0872 4520 C:\Windows\System32\dwmapi.dll - ok
    23:35:25.0887 4520 [ 63DF770DF74ACB370EF5A16727069AAF ] C:\Windows\System32\hid.dll
    23:35:25.0887 4520 C:\Windows\System32\hid.dll - ok
    23:35:25.0903 4520 [ 7BF5EA753D4CC056B9462A02AC51B160 ] C:\Windows\System32\xmllite.dll
    23:35:25.0903 4520 C:\Windows\System32\xmllite.dll - ok
    23:35:25.0903 4520 [ 1DB71A41DAEE6B3F8CD0DDA8209FA2D5 ] C:\Windows\System32\WindowsCodecs.dll
    23:35:25.0903 4520 C:\Windows\System32\WindowsCodecs.dll - ok
    23:35:25.0918 4520 [ 326C7F76A29897A892AA7726E91C1C67 ] C:\Windows\System32\winbrand.dll
    23:35:25.0918 4520 C:\Windows\System32\winbrand.dll - ok
    23:35:25.0934 4520 [ 65BF13016A3C22775F3E17591AE5268A ] C:\Windows\System32\VaultCredProvider.dll
    23:35:25.0934 4520 C:\Windows\System32\VaultCredProvider.dll - ok
    23:35:25.0950 4520 [ 05BF975CA428E04B462FB90841B37C95 ] C:\Windows\System32\SmartcardCredentialProvider.dll
    23:35:25.0950 4520 C:\Windows\System32\SmartcardCredentialProvider.dll - ok
    23:35:25.0950 4520 [ E59F08ED9D2A128CE436BBFC232247F6 ] C:\Windows\System32\BioCredProv.dll
    23:35:25.0950 4520 C:\Windows\System32\BioCredProv.dll - ok
    23:35:25.0965 4520 [ 3FAD263CE1E2A6FFF40D00043B2275E3 ] C:\Windows\System32\winbio.dll
    23:35:25.0965 4520 C:\Windows\System32\winbio.dll - ok
    23:35:25.0981 4520 [ 108C2CFA5527458C096A699929ECBD80 ] C:\Windows\System32\credui.dll
    23:35:25.0981 4520 C:\Windows\System32\credui.dll - ok
    23:35:25.0996 4520 [ 2FCA0D2C59A855C54BAFA22AA329DF0F ] C:\Windows\System32\netapi32.dll
    23:35:25.0996 4520 C:\Windows\System32\netapi32.dll - ok
    23:35:25.0996 4520 [ 20B3934DB73EABA2B49B7177873CB81F ] C:\Windows\System32\netutils.dll
    23:35:25.0996 4520 C:\Windows\System32\netutils.dll - ok
    23:35:26.0012 4520 [ 68ECCA523ED760AAFC03C5D587569859 ] C:\Windows\System32\samcli.dll
    23:35:26.0012 4520 C:\Windows\System32\samcli.dll - ok
    23:35:26.0028 4520 [ 36B8D5903CEEF0AA42A1EE002BD27FF1 ] C:\Windows\System32\vaultcli.dll
    23:35:26.0028 4520 C:\Windows\System32\vaultcli.dll - ok
    23:35:26.0043 4520 [ E5A4A1326A02F8E7B59E6C3270CE7202 ] C:\Windows\System32\wkscli.dll
    23:35:26.0043 4520 C:\Windows\System32\wkscli.dll - ok
    23:35:26.0043 4520 [ 6D8CACF3B1B54943EFCF420C2D667B37 ] C:\Windows\System32\certCredProvider.dll
    23:35:26.0043 4520 C:\Windows\System32\certCredProvider.dll - ok
    23:35:26.0059 4520 [ B230D1B54017C2B56DAFE311DFEB0102 ] C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDCREDPROV.DLL
    23:35:26.0059 4520 C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDCREDPROV.DLL - ok
    23:35:26.0074 4520 [ FFE4BEC5C187C426A17AE76A773063A6 ] C:\Windows\System32\rasplap.dll
    23:35:26.0074 4520 C:\Windows\System32\rasplap.dll - ok
    23:35:26.0090 4520 [ 839F96DBAAFD3353E0B248A5E0BD2A51 ] C:\Windows\System32\rasapi32.dll
    23:35:26.0090 4520 C:\Windows\System32\rasapi32.dll - ok
    23:35:26.0090 4520 [ FFA7172354B9256DBB2CDD75F16F33FE ] C:\Windows\System32\rasman.dll
    23:35:26.0090 4520 C:\Windows\System32\rasman.dll - ok
    23:35:26.0106 4520 [ 0915C4DB6DBC3BB9E11B7ECBBE4B7159 ] C:\Windows\System32\rtutils.dll
    23:35:26.0106 4520 C:\Windows\System32\rtutils.dll - ok
    23:35:26.0121 4520 [ AC8C80DC4F1A6E60C9A762C1799F0B39 ] C:\Windows\System32\adtschema.dll
    23:35:26.0121 4520 C:\Windows\System32\adtschema.dll - ok
    23:35:26.0137 4520 [ 146B6F43A673379A3C670E86D89BE5EA ] C:\Windows\System32\mmcss.dll
    23:35:26.0137 4520 C:\Windows\System32\mmcss.dll - ok
    23:35:26.0137 4520 [ F68194F74350D4A2ADE98961E33F884C ] C:\Windows\System32\audiodg.exe
    23:35:26.0137 4520 C:\Windows\System32\audiodg.exe - ok
    23:35:26.0152 4520 [ 16935C98FF639D185086A3529B1F2067 ] C:\Windows\System32\wlansvc.dll
    23:35:26.0152 4520 C:\Windows\System32\wlansvc.dll - ok
    23:35:26.0168 4520 [ 7520EC808E0C35E0EE6F841294316653 ] C:\Windows\System32\drivers\fltMgr.sys
    23:35:26.0168 4520 C:\Windows\System32\drivers\fltMgr.sys - ok
    23:35:26.0184 4520 [ 43CA4CCC22D52FB58E8988F0198851D0 ] C:\Windows\System32\profsvc.dll
    23:35:26.0184 4520 C:\Windows\System32\profsvc.dll - ok
    23:35:26.0184 4520 [ D93A937A2A9D2CBC06B3A615A197011F ] C:\Windows\System32\PSHED.DLL
    23:35:26.0184 4520 C:\Windows\System32\PSHED.DLL - ok
    23:35:26.0199 4520 [ 1F5497D7D3D79C7BF0AB0C8B4C5BFE6E ] C:\Windows\System32\microsoft-windows-kernel-processor-power-events.dll
    23:35:26.0199 4520 C:\Windows\System32\microsoft-windows-kernel-processor-power-events.dll - ok
    23:35:26.0215 4520 [ 9835584E999D25004E1EE8E5F3E3B881 ] C:\Windows\System32\MPSSVC.dll
    23:35:26.0215 4520 C:\Windows\System32\MPSSVC.dll - ok
    23:35:26.0230 4520 [ 0E816EA3C5DCE94C95099E8B38E75E67 ] C:\Windows\System32\ieframe.dll
    23:35:26.0230 4520 C:\Windows\System32\ieframe.dll - ok
    23:35:26.0230 4520 [ 8E01332CC4B68BC6B5B7EFFE374442AA ] C:\Windows\System32\oleacc.dll
    23:35:26.0230 4520 C:\Windows\System32\oleacc.dll - ok
    23:35:26.0246 4520 [ A90DC9ABD65DB1A8902F361103029952 ] C:\Windows\System32\IPHLPAPI.DLL
    23:35:26.0246 4520 C:\Windows\System32\IPHLPAPI.DLL - ok
    23:35:26.0262 4520 [ CFF35B879D1618D42C86644C717BA947 ] C:\Windows\System32\winnsi.dll
    23:35:26.0262 4520 C:\Windows\System32\winnsi.dll - ok
    23:35:26.0277 4520 [ C97434C851C4821BD92D2831FDF1ECBE ] C:\Windows\System32\mshtml.dll
    23:35:26.0277 4520 C:\Windows\System32\mshtml.dll - ok
    23:35:26.0277 4520 [ 104A1070E90F1C530328E69B49718841 ] C:\Windows\System32\nlaapi.dll
    23:35:26.0277 4520 C:\Windows\System32\nlaapi.dll - ok
    23:35:26.0293 4520 [ 40947436A70E0034E41123DF5A0A7702 ] C:\Program Files\Bonjour\mdnsNSP.dll
    23:35:26.0293 4520 C:\Program Files\Bonjour\mdnsNSP.dll - ok
    23:35:26.0308 4520 [ 12B79422A23814429CDA9E734C58F78F ] C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDNSP.DLL
    23:35:26.0308 4520 C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDNSP.DLL - ok
    23:35:26.0324 4520 [ 9A85ABCE0FDD1AF8E79E731EB0B679F3 ] C:\Windows\System32\dhcpcsvc.dll
    23:35:26.0324 4520 C:\Windows\System32\dhcpcsvc.dll - ok
    23:35:26.0324 4520 [ 29CA5974FAB0E8AE4AA7814FE05CF832 ] C:\Windows\System32\dhcpcsvc6.dll
    23:35:26.0324 4520 C:\Windows\System32\dhcpcsvc6.dll - ok
    23:35:26.0340 4520 [ ED6EE83D61EBC683C2CD8E899EA6FEBE ] C:\Windows\System32\rasadhlp.dll
    23:35:26.0340 4520 C:\Windows\System32\rasadhlp.dll - ok
    23:35:26.0355 4520 [ E897EAF5ED6BA41E081060C9B447A673 ] C:\Windows\System32\gpsvc.dll
    23:35:26.0355 4520 C:\Windows\System32\gpsvc.dll - ok
    23:35:26.0371 4520 [ 42FB6AFD6B79D9FE07381609172E7CA4 ] C:\Windows\System32\themeservice.dll
    23:35:26.0371 4520 C:\Windows\System32\themeservice.dll - ok
    23:35:26.0371 4520 [ 2F040CF0613A6D64DCBBA9EE81F5A5AE ] C:\Windows\System32\dsrole.dll
    23:35:26.0371 4520 C:\Windows\System32\dsrole.dll - ok
    23:35:26.0386 4520 [ 8B74CEC6980D4816B0037AE9A27E538F ] C:\Windows\System32\slc.dll
    23:35:26.0386 4520 C:\Windows\System32\slc.dll - ok
    23:35:26.0402 4520 [ 85547363F2B00CD89A4AD7CDF7664B71 ] C:\Windows\System32\atieclxx.exe
    23:35:26.0402 4520 C:\Windows\System32\atieclxx.exe - ok
    23:35:26.0418 4520 [ A12829E9974F57E9B5DBFEA7C93190F6 ] C:\Windows\System32\UXInit.dll
    23:35:26.0418 4520 C:\Windows\System32\UXInit.dll - ok
    23:35:26.0418 4520 [ F6916EFC29D9953D5D0DF06882AE8E16 ] C:\Windows\System32\es.dll
    23:35:26.0418 4520 C:\Windows\System32\es.dll - ok
    23:35:26.0433 4520 [ 3E175EDE04DEC9E227091ED6E3DBE6F3 ] C:\Windows\System32\atiadlxx.dll
    23:35:26.0433 4520 C:\Windows\System32\atiadlxx.dll - ok
    23:35:26.0449 4520 [ 808D8A8B2A3074002852BC856D419576 ] C:\Windows\System32\comres.dll
    23:35:26.0449 4520 C:\Windows\System32\comres.dll - ok
    23:35:26.0464 4520 [ DCB7FCDCC97F87360F75D77425B81737 ] C:\Windows\System32\Sens.dll
    23:35:26.0464 4520 C:\Windows\System32\Sens.dll - ok
    23:35:26.0464 4520 [ 833539963E31EDD4DC0063FE9CF95701 ] C:\Program Files\Sandboxie\SbieSvc.exe
    23:35:26.0464 4520 C:\Program Files\Sandboxie\SbieSvc.exe - ok
    23:35:26.0480 4520 [ E1A6B7537AA558DC0C2124A641A66C47 ] C:\Windows\System32\atimuixx.dll
    23:35:26.0480 4520 C:\Windows\System32\atimuixx.dll - ok
    23:35:26.0496 4520 [ 5BB1E50C658841EDD8D48F18355602F4 ] C:\Program Files\Sandboxie\SbieDll.dll
    23:35:26.0496 4520 C:\Program Files\Sandboxie\SbieDll.dll - ok
    23:35:26.0511 4520 [ 081E6E1C91AEC36758902A9F727CD23C ] C:\Windows\System32\uxsms.dll
    23:35:26.0511 4520 C:\Windows\System32\uxsms.dll - ok
    23:35:26.0511 4520 [ 9FBCFD7E88A7ACE0E94456504895DD7F ] C:\Windows\System32\WUDFPlatform.dll
    23:35:26.0511 4520 C:\Windows\System32\WUDFPlatform.dll - ok
    23:35:26.0527 4520 [ 8D1E1E529A2C9E9B6A85B55A345F7629 ] C:\Windows\System32\WUDFSvc.dll
    23:35:26.0527 4520 C:\Windows\System32\WUDFSvc.dll - ok
    23:35:26.0542 4520 [ 3AB6CAD1DDFA84CD7BC3D1A759B1E81E ] C:\Program Files\Sandboxie\SbieDrv.sys
    23:35:26.0542 4520 C:\Program Files\Sandboxie\SbieDrv.sys - ok
    23:35:26.0558 4520 [ F7611EC07349979DA9B0AE1F18CCC7A6 ] C:\Windows\System32\drivers\lltdio.sys
    23:35:26.0558 4520 C:\Windows\System32\drivers\lltdio.sys - ok
    23:35:26.0558 4520 [ 26384429FCD85D83746F63E798AB1480 ] C:\Windows\System32\drivers\nwifi.sys
    23:35:26.0558 4520 C:\Windows\System32\drivers\nwifi.sys - ok
    23:35:26.0574 4520 [ D8A65DAFB3EB41CBB622745676FCD072 ] C:\Windows\System32\drivers\ndisuio.sys
    23:35:26.0574 4520 C:\Windows\System32\drivers\ndisuio.sys - ok
    23:35:26.0589 4520 [ 032B0D36AD92B582D869879F5AF5B928 ] C:\Windows\System32\drivers\rspndr.sys
    23:35:26.0589 4520 C:\Windows\System32\drivers\rspndr.sys - ok
    23:35:26.0605 4520 [ 55CA01BA19D0006C8F2639B6C045E08B ] C:\Windows\System32\lmhsvc.dll
    23:35:26.0605 4520 C:\Windows\System32\lmhsvc.dll - ok
    23:35:26.0620 4520 [ D2A937964199F647B1C3BC435712E5D9 ] C:\Windows\System32\nrpsrv.dll
    23:35:26.0620 4520 C:\Windows\System32\nrpsrv.dll - ok
    23:35:26.0620 4520 [ 827CB0D6C3F8057EA037FF271F8E9795 ] C:\Windows\System32\imageres.dll
    23:35:26.0620 4520 C:\Windows\System32\imageres.dll - ok
    23:35:26.0636 4520 [ AF75DBA674E55221B7A055B0A4345F16 ] C:\Windows\System32\keyiso.dll
    23:35:26.0636 4520 C:\Windows\System32\keyiso.dll - ok
    23:35:26.0652 4520 [ BA387E955E890C8A88306D9B8D06BF17 ] C:\Windows\System32\nsisvc.dll
    23:35:26.0652 4520 C:\Windows\System32\nsisvc.dll - ok
    23:35:26.0667 4520 [ E9E01EB683C132F7FA27CD607B8A2B63 ] C:\Windows\System32\dhcpcore.dll
    23:35:26.0667 4520 C:\Windows\System32\dhcpcore.dll - ok
    23:35:26.0667 4520 [ 9A892B3439884C62B04718F0303A49E9 ] C:\Windows\System32\eapphost.dll
    23:35:26.0667 4520 C:\Windows\System32\eapphost.dll - ok
    23:35:26.0683 4520 [ 8600142FA91C1B96367D3300AD0F3F3A ] C:\Windows\System32\eapsvc.dll
    23:35:26.0683 4520 C:\Windows\System32\eapsvc.dll - ok
    23:35:26.0698 4520 [ 1319CD4619E96B156911CA3897563EBC ] C:\Windows\System32\ci.dll
    23:35:26.0698 4520 C:\Windows\System32\ci.dll - ok
    23:35:26.0698 4520 [ 33EF4861F19A0736B11314AAD9AE28D0 ] C:\Windows\System32\dnsrslvr.dll
    23:35:26.0714 4520 C:\Windows\System32\dnsrslvr.dll - ok
    23:35:26.0714 4520 [ 03A03A453F1AAAE0C73AAAF895321C7A ] C:\Windows\System32\FWPUCLNT.DLL
    23:35:26.0714 4520 C:\Windows\System32\FWPUCLNT.DLL - ok
    23:35:26.0730 4520 [ 100103C6535C66265267F5EEA5F5846E ] C:\Windows\System32\dnsext.dll
    23:35:26.0730 4520 C:\Windows\System32\dnsext.dll - ok
    23:35:26.0745 4520 [ 3C9035085141162416A0DD34DBF3F3C1 ] C:\Windows\System32\wlanmsm.dll
    23:35:26.0745 4520 C:\Windows\System32\wlanmsm.dll - ok
    23:35:26.0745 4520 [ D33E95C0A2754061233B58DC41F8094C ] C:\Windows\System32\umb.dll
    23:35:26.0745 4520 C:\Windows\System32\umb.dll - ok
    23:35:26.0761 4520 [ B9ADA43CB3FFAF6669D34F432AA44A0F ] C:\Windows\System32\pstorec.dll
    23:35:26.0761 4520 C:\Windows\System32\pstorec.dll - ok
    23:35:26.0776 4520 [ 990A58A0B01720E419B55EFC5FF387F8 ] C:\Windows\System32\dhcpcore6.dll
    23:35:26.0776 4520 C:\Windows\System32\dhcpcore6.dll - ok
    23:35:26.0792 4520 [ 20C06A50DFC097E134BC6FA8444CA9BC ] C:\Windows\System32\wlansec.dll
    23:35:26.0792 4520 C:\Windows\System32\wlansec.dll - ok
    23:35:26.0808 4520 [ F748F53FE09D21D8ECBB6421E6792024 ] C:\Windows\System32\onex.dll
    23:35:26.0808 4520 C:\Windows\System32\onex.dll - ok
    23:35:26.0808 4520 [ 666E57B6B51824D1D235F80A3DD70A13 ] C:\Windows\System32\eappprxy.dll
    23:35:26.0808 4520 C:\Windows\System32\eappprxy.dll - ok
    23:35:26.0823 4520 [ 5A5FEDDF02588B8F9FE4A95E5E7EAE97 ] C:\Windows\System32\eappcfg.dll
    23:35:26.0823 4520 C:\Windows\System32\eappcfg.dll - ok
    23:35:26.0839 4520 [ C1585EAA67C37A05BF6F93726FAFC069 ] C:\Windows\System32\l2gpstore.dll
    23:35:26.0839 4520 C:\Windows\System32\l2gpstore.dll - ok
    23:35:26.0854 4520 [ 749F9795F01C35EEBE100A87D82B9681 ] C:\Windows\System32\wlgpclnt.dll
    23:35:26.0854 4520 C:\Windows\System32\wlgpclnt.dll - ok
    23:35:26.0854 4520 [ 9419ABF3163B6F0E3AD3DD2B381C879F ] C:\Windows\System32\WinSCard.dll
    23:35:26.0854 4520 C:\Windows\System32\WinSCard.dll - ok
    23:35:26.0870 4520 [ 1D6A771D1D702AE07919DB52C889A249 ] C:\Windows\System32\wlanutil.dll
    23:35:26.0870 4520 C:\Windows\System32\wlanutil.dll - ok
    23:35:26.0886 4520 [ EAADD6E47ED2A7003ACE1793B98CF63F ] C:\Windows\System32\msxml6.dll
    23:35:26.0886 4520 C:\Windows\System32\msxml6.dll - ok
    23:35:26.0901 4520 [ 414DA952A35BF5D50192E28263B40577 ] C:\Windows\System32\shsvcs.dll
    23:35:26.0901 4520 C:\Windows\System32\shsvcs.dll - ok
    23:35:26.0901 4520 [ 1FF7E4F548C7C372C804938F0D5B36AE ] C:\Windows\System32\netcfgx.dll
    23:35:26.0901 4520 C:\Windows\System32\netcfgx.dll - ok
    23:35:26.0917 4520 [ A04BB13F8A72F8B6E8B4071723E4E336 ] C:\Windows\System32\schedsvc.dll
    23:35:26.0917 4520 C:\Windows\System32\schedsvc.dll - ok
    23:35:26.0932 4520 [ 38B13C0DF479DBA23ECFA815159BA86E ] C:\Windows\System32\ktmw32.dll
    23:35:26.0932 4520 C:\Windows\System32\ktmw32.dll - ok
    23:35:26.0948 4520 [ E6D90DC604F407B3B5E0FD285E46B2A0 ] C:\Windows\System32\fveapi.dll
    23:35:26.0948 4520 C:\Windows\System32\fveapi.dll - ok
    23:35:26.0948 4520 [ C87F28A34B3840F4B40011D170B1A159 ] C:\Windows\System32\fvecerts.dll
    23:35:26.0948 4520 C:\Windows\System32\fvecerts.dll - ok
    23:35:26.0964 4520 [ EAFC149CD3BD78C443E31BB157841197 ] C:\Windows\System32\tbs.dll
    23:35:26.0964 4520 C:\Windows\System32\tbs.dll - ok
    23:35:26.0979 4520 [ E2D56AE1D40E3725084054CD8E9CFBB1 ] C:\Windows\System32\wiarpc.dll
    23:35:26.0979 4520 C:\Windows\System32\wiarpc.dll - ok
    23:35:26.0995 4520 [ 1C3E8371377E988B683797A132EFFE1B ] C:\Windows\System32\taskcomp.dll
    23:35:26.0995 4520 C:\Windows\System32\taskcomp.dll - ok
    23:35:26.0995 4520 [ 871917B07A141BFF43D76D8844D48106 ] C:\Windows\System32\drivers\http.sys
    23:35:26.0995 4520 C:\Windows\System32\drivers\http.sys - ok
    23:35:27.0010 4520 [ 866A43013535DC8587C258E43579C764 ] C:\Windows\System32\spoolsv.exe
    23:35:27.0010 4520 C:\Windows\System32\spoolsv.exe - ok
    23:35:27.0026 4520 [ 1E2BAC209D184BB851E1A187D8A29136 ] C:\Windows\System32\BFE.DLL
    23:35:27.0026 4520 C:\Windows\System32\BFE.DLL - ok
    23:35:27.0042 4520 [ 8F2DA3028D5FCBD1A060A3DE64CD6506 ] C:\Windows\System32\drivers\bowser.sys
    23:35:27.0042 4520 C:\Windows\System32\drivers\bowser.sys - ok
    23:35:27.0042 4520 [ AD2723A7B53DD1AACAE6AD8C0BFBF4D0 ] C:\Windows\System32\drivers\mpsdrv.sys
    23:35:27.0042 4520 C:\Windows\System32\drivers\mpsdrv.sys - ok
    23:35:27.0057 4520 [ 5D16C921E3671636C0EBA3BBAAC5FD25 ] C:\Windows\System32\drivers\mrxsmb.sys
    23:35:27.0057 4520 C:\Windows\System32\drivers\mrxsmb.sys - ok
    23:35:27.0088 4520 [ 6D17A4791ACA19328C685D256349FEFC ] C:\Windows\System32\drivers\mrxsmb10.sys
    23:35:27.0088 4520 C:\Windows\System32\drivers\mrxsmb10.sys - ok
    23:35:27.0104 4520 [ B81F204D146000BE76651A50670A5E9E ] C:\Windows\System32\drivers\mrxsmb20.sys
    23:35:27.0104 4520 C:\Windows\System32\drivers\mrxsmb20.sys - ok
    23:35:27.0104 4520 [ 58405E4F68BA8E4057C6E914F326ABA2 ] C:\Windows\System32\wkssvc.dll
    23:35:27.0104 4520 C:\Windows\System32\wkssvc.dll - ok
    23:35:27.0120 4520 [ 2EA877ED5DD9713C5AC74E8EA7348D14 ] C:\Windows\System32\drivers\parport.sys
    23:35:27.0120 4520 C:\Windows\System32\drivers\parport.sys - ok
    23:35:27.0135 4520 [ 01E81C84AD1D0ACC61CF3CFD06632210 ] C:\Program Files\SUPERAntiSpyware\SASCore.exe
    23:35:27.0135 4520 C:\Program Files\SUPERAntiSpyware\SASCore.exe - ok
    23:35:27.0151 4520 [ 019C372B1A9DA73A22D0D35A4D40F5C9 ] C:\Windows\System32\wfapigp.dll
    23:35:27.0151 4520 C:\Windows\System32\wfapigp.dll - ok
    23:35:27.0151 4520 [ 7E077309910CE334C3B2B7B8665A55C4 ] C:\Program Files\Belkin\Router Setup and Monitor\BelkinService.exe
    23:35:27.0151 4520 C:\Program Files\Belkin\Router Setup and Monitor\BelkinService.exe - ok
    23:35:27.0166 4520 [ 7F8678C59F188528D60104E697C2361E ] C:\Windows\System32\mscms.dll
    23:35:27.0166 4520 C:\Windows\System32\mscms.dll - ok
    23:35:27.0182 4520 [ 358AB7956D3160000726574083DFC8A6 ] C:\Windows\System32\pcasvc.dll
    23:35:27.0182 4520 C:\Windows\System32\pcasvc.dll - ok
    23:35:27.0198 4520 [ 6A984831644ECA1A33FFEAE4126F4F37 ] C:\Windows\System32\snmptrap.exe
    23:35:27.0198 4520 C:\Windows\System32\snmptrap.exe - ok
    23:35:27.0198 4520 [ F845CB13B1D1FC68C97900FEF94D03CC ] C:\Program Files\Windows Live\Mesh\WLRemoteServiceResource.dll
    23:35:27.0198 4520 C:\Program Files\Windows Live\Mesh\WLRemoteServiceResource.dll - ok
    23:35:27.0213 4520 [ 521B748A7F9923302CA18B7E6AA2EEAE ] C:\Windows\System32\activeds.dll
    23:35:27.0213 4520 C:\Windows\System32\activeds.dll - ok
    23:35:27.0229 4520 [ E223D2851906B84F52E1B75EA16198F9 ] C:\Windows\Microsoft.NET\Framework\v4.0.30319\ServiceModelEvents.dll
    23:35:27.0229 4520 C:\Windows\Microsoft.NET\Framework\v4.0.30319\ServiceModelEvents.dll - ok
    23:35:27.0244 4520 [ DBC02D918FFF1CAD628ACBE0C0EAA8E8 ] C:\Windows\System32\provsvc.dll
    23:35:27.0244 4520 C:\Windows\System32\provsvc.dll - ok
    23:35:27.0244 4520 [ 51F5CC1E7DA3D9C664C2D0D61F315E06 ] C:\Windows\System32\adsldpc.dll
    23:35:27.0244 4520 C:\Windows\System32\adsldpc.dll - ok
    23:35:27.0260 4520 [ D318F23BE45D5E3A107469EB64815B50 ] C:\Windows\System32\sstpsvc.dll
    23:35:27.0260 4520 C:\Windows\System32\sstpsvc.dll - ok
    23:35:27.0276 4520 [ D7764F1B013C70CC5C4F95CC3C26E45F ] C:\Program Files\Belkin\Router Setup and Monitor\AffIpHelper.dll
    23:35:27.0276 4520 C:\Program Files\Belkin\Router Setup and Monitor\AffIpHelper.dll - ok
    23:35:27.0291 4520 [ 5963633010616B25503EE126F55E8DE4 ] C:\Windows\winsxs\x86_microsoft.vc90.mfc_1fc8b3b9a1e18e3b_9.0.30729.6161_none_4bf7e3e2bf9ada4c\mfc90.dll
    23:35:27.0291 4520 C:\Windows\winsxs\x86_microsoft.vc90.mfc_1fc8b3b9a1e18e3b_9.0.30729.6161_none_4bf7e3e2bf9ada4c\mfc90.dll - ok
    23:35:27.0307 4520 [ CDBE9690CF2B8409FACAD94FAC9479C9 ] C:\Windows\winsxs\x86_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.6161_none_50934f2ebcb7eb57\msvcr90.dll
    23:35:27.0307 4520 C:\Windows\winsxs\x86_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.6161_none_50934f2ebcb7eb57\msvcr90.dll - ok
    23:35:27.0322 4520 [ BDAC1AA64495D0F7E1FF810EBBF1F018 ] C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_5.82.7601.17514_none_ec83dffa859149af\comctl32.dll
    23:35:27.0322 4520 C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_5.82.7601.17514_none_ec83dffa859149af\comctl32.dll - ok
    23:35:27.0322 4520 [ 18AB2E5A40064ED5F7791AC5946A90F3 ] C:\Windows\System32\msimg32.dll
    23:35:27.0322 4520 C:\Windows\System32\msimg32.dll - ok
    23:35:27.0338 4520 [ 4C39358EBDD2FFCD9132A30E1EC31E16 ] C:\Windows\winsxs\x86_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.6161_none_50934f2ebcb7eb57\msvcp90.dll
    23:35:27.0338 4520 C:\Windows\winsxs\x86_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.6161_none_50934f2ebcb7eb57\msvcp90.dll - ok
    23:35:27.0354 4520 [ 1982452DBA9583A2ED1ED30A7BF19247 ] C:\Program Files\Belkin\Router Setup and Monitor\AffCrypto.dll
    23:35:27.0354 4520 C:\Program Files\Belkin\Router Setup and Monitor\AffCrypto.dll - ok
    23:35:27.0369 4520 [ 9E4B0E7472B4CEBA9E17F440B8CB0AB8 ] C:\Windows\System32\winspool.drv
    23:35:27.0369 4520 C:\Windows\System32\winspool.drv - ok
    23:35:27.0369 4520 [ FBFCA1A574D47EE575448B719CBBF2E4 ] C:\Windows\winsxs\x86_microsoft.vc90.mfcloc_1fc8b3b9a1e18e3b_9.0.30729.6161_none_49768ef57548175e\MFC90ENU.DLL
    23:35:27.0369 4520 C:\Windows\winsxs\x86_microsoft.vc90.mfcloc_1fc8b3b9a1e18e3b_9.0.30729.6161_none_49768ef57548175e\MFC90ENU.DLL - ok
    23:35:27.0385 4520 [ 4FE5C6D40664AE07BE5105874357D2ED ] C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
    23:35:27.0385 4520 C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe - ok
    23:35:27.0400 4520 [ 0B3595A4FF0B36D68E5FC67FD7D70FDC ] C:\Windows\winsxs\x86_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.6195_none_d09154e044272b9a\msvcp80.dll
    23:35:27.0400 4520 C:\Windows\winsxs\x86_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.6195_none_d09154e044272b9a\msvcp80.dll - ok
    23:35:27.0416 4520 [ C9564CF4976E7E96B4052737AA2492B4 ] C:\Windows\winsxs\x86_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.6195_none_d09154e044272b9a\msvcr80.dll
    23:35:27.0416 4520 C:\Windows\winsxs\x86_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.6195_none_d09154e044272b9a\msvcr80.dll - ok
    23:35:27.0416 4520 [ 848BC9A0BB2361E549FD4C22D7548FB8 ] C:\Program Files\Common Files\Apple\Apple Application Support\AppleVersions.dll
    23:35:27.0416 4520 C:\Program Files\Common Files\Apple\Apple Application Support\AppleVersions.dll - ok
    23:35:27.0432 4520 [ 64894527838C86454E2F378FF39FA336 ] C:\Program Files\Common Files\Apple\Apple Application Support\YSCrashDump.dll
    23:35:27.0432 4520 C:\Program Files\Common Files\Apple\Apple Application Support\YSCrashDump.dll - ok
    23:35:27.0447 4520 [ EF8CD3C64EE9C08980D6D06CCCE46C68 ] C:\Program Files\Common Files\Apple\Apple Application Support\CoreFoundation.dll
    23:35:27.0447 4520 C:\Program Files\Common Files\Apple\Apple Application Support\CoreFoundation.dll - ok
    23:35:27.0463 4520 [ 152F8772D5A5CD7883305C3B8D28470E ] C:\Program Files\Common Files\Apple\Apple Application Support\pthreadVC2.dll
    23:35:27.0463 4520 C:\Program Files\Common Files\Apple\Apple Application Support\pthreadVC2.dll - ok
    23:35:27.0478 4520 [ 78865ABC5F5D13190F8B35BD9044714A ] C:\Program Files\Common Files\Apple\Apple Application Support\objc.dll
    23:35:27.0478 4520 C:\Program Files\Common Files\Apple\Apple Application Support\objc.dll - ok
    23:35:27.0494 4520 [ DF13A51A5C591887D2EC6AE64CEED0FA ] C:\Windows\System32\wsock32.dll
    23:35:27.0494 4520 C:\Windows\System32\wsock32.dll - ok
    23:35:27.0494 4520 [ FF9831030678C7B6D70BAC00F68F8976 ] C:\Program Files\Common Files\Apple\Apple Application Support\libdispatch.dll
    23:35:27.0494 4520 C:\Program Files\Common Files\Apple\Apple Application Support\libdispatch.dll - ok
    23:35:27.0510 4520 [ 5A963C340DE1A01BA6E24945CE05D16A ] C:\Program Files\Common Files\Apple\Apple Application Support\libicuin.dll
    23:35:27.0510 4520 C:\Program Files\Common Files\Apple\Apple Application Support\libicuin.dll - ok
    23:35:27.0525 4520 [ A63DC5C2EA944E6657203E0C8EDEAF61 ] C:\Windows\System32\dllhost.exe
    23:35:27.0525 4520 C:\Windows\System32\dllhost.exe - ok
    23:35:27.0541 4520 [ F4BC62990E7E5C29799A895B80FC3177 ] C:\Program Files\Common Files\Apple\Apple Application Support\libicuuc.dll
    23:35:27.0541 4520 C:\Program Files\Common Files\Apple\Apple Application Support\libicuuc.dll - ok
    23:35:27.0541 4520 [ 149D74E1128A86DC9CFB2851FBEA11EB ] C:\Program Files\Common Files\Apple\Apple Application Support\icudt46.dll
    23:35:27.0556 4520 C:\Program Files\Common Files\Apple\Apple Application Support\icudt46.dll - ok
    23:35:27.0556 4520 [ 0B31464B7B2D616BD5F7036673588EC1 ] C:\Windows\System32\IDStore.dll
    23:35:27.0556 4520 C:\Windows\System32\IDStore.dll - ok
    23:35:27.0572 4520 [ 72E953215CADE1A726C04AAFDF6B463D ] C:\Windows\System32\taskhost.exe
    23:35:27.0572 4520 C:\Windows\System32\taskhost.exe - ok
    23:35:27.0588 4520 [ 3CA2BB895E204478C7A4C9BAF70970CE ] C:\Windows\System32\AtBroker.exe
    23:35:27.0588 4520 C:\Windows\System32\AtBroker.exe - ok
    23:35:27.0588 4520 [ B9A8CBCFCD3EC9D2EA4740AF347BF108 ] C:\Windows\System32\mpr.dll
    23:35:27.0588 4520 C:\Windows\System32\mpr.dll - ok
    23:35:27.0603 4520 [ 74AF6AA2E8B3180AADAE5FE8813CB1CD ] C:\Windows\System32\localspl.dll
    23:35:27.0603 4520 C:\Windows\System32\localspl.dll - ok
    23:35:27.0619 4520 [ 126F8331BD023178C7F0EF2F5EDE16B3 ] C:\Windows\System32\FXSMON.dll
    23:35:27.0619 4520 C:\Windows\System32\FXSMON.dll - ok
    23:35:27.0634 4520 [ 03CF941D031F30272D3063E5A4D686F5 ] C:\Windows\System32\PrintIsolationProxy.dll
    23:35:27.0634 4520 C:\Windows\System32\PrintIsolationProxy.dll - ok
    23:35:27.0650 4520 [ 629181C26A78EB66B0B4E774E5AC2882 ] C:\Windows\System32\spoolss.dll
    23:35:27.0650 4520 C:\Windows\System32\spoolss.dll - ok
    23:35:27.0650 4520 [ C52CE534397E1D3A442FB4C88A3CBE42 ] C:\Windows\System32\msonpmon.dll
    23:35:27.0650 4520 C:\Windows\System32\msonpmon.dll - ok
    23:35:27.0666 4520 [ 61AC3EFDFACFDD3F0F11DD4FD4044223 ] C:\Windows\System32\userinit.exe
    23:35:27.0666 4520 C:\Windows\System32\userinit.exe - ok
    23:35:27.0681 4520 [ 4F2659160AFCCA990305816946F69407 ] C:\Windows\System32\taskeng.exe
    23:35:27.0681 4520 C:\Windows\System32\taskeng.exe - ok
    23:35:27.0697 4520 [ 505BF4D1CADEB8D4F8BCD08D944DE25D ] C:\Windows\System32\dwm.exe
    23:35:27.0697 4520 C:\Windows\System32\dwm.exe - ok
    23:35:27.0697 4520 [ F58516E2DC0D963EF70D6BFC21FD82C4 ] C:\Windows\System32\PlaySndSrv.dll
    23:35:27.0697 4520 C:\Windows\System32\PlaySndSrv.dll - ok
    23:35:27.0712 4520 [ B43687C534A49700BF4B3C9898763752 ] C:\Windows\System32\MsCtfMonitor.dll
    23:35:27.0712 4520 C:\Windows\System32\MsCtfMonitor.dll - ok
    23:35:27.0728 4520 [ 659E04E74135927CA6D7BC5E75C84417 ] C:\Windows\System32\TSChannel.dll
    23:35:27.0728 4520 C:\Windows\System32\TSChannel.dll - ok
    23:35:27.0744 4520 [ 8F0DE4FEF8201E306F9938B0905AC96A ] C:\Program Files\Google\Update\GoogleUpdate.exe
    23:35:27.0744 4520 C:\Program Files\Google\Update\GoogleUpdate.exe - ok
    23:35:27.0744 4520 [ 754AFC50022C95DA7C86B7020DB78136 ] C:\Windows\System32\dwmredir.dll
    23:35:27.0744 4520 C:\Windows\System32\dwmredir.dll - ok
    23:35:27.0759 4520 [ 497E59D9F01C6F247E72222A61835119 ] C:\Windows\System32\dwmcore.dll
    23:35:27.0759 4520 C:\Windows\System32\dwmcore.dll - ok
    23:35:27.0775 4520 [ 7319102526BD11B45FD66335CF90CA12 ] C:\Windows\System32\HotStartUserAgent.dll
    23:35:27.0775 4520 C:\Windows\System32\HotStartUserAgent.dll - ok
    23:35:27.0790 4520 [ 56CEED370508F69A1BA04939BD1BADDA ] C:\Windows\System32\msutb.dll
    23:35:27.0790 4520 C:\Windows\System32\msutb.dll - ok
    23:35:27.0806 4520 [ 8B88EBBB05A0E56B7DCC708498C02B3E ] C:\Windows\explorer.exe
    23:35:27.0806 4520 C:\Windows\explorer.exe - ok
    23:35:27.0806 4520 [ 2E5672EEA419A4DC9DACD714632E1DC3 ] C:\Program Files\Google\Update\1.3.21.135\goopdate.dll
    23:35:27.0806 4520 C:\Program Files\Google\Update\1.3.21.135\goopdate.dll - ok
    23:35:27.0822 4520 [ 2DE90400A63818FA38C4C5C9ADB166BF ] C:\Windows\System32\d3d10_1.dll
    23:35:27.0822 4520 C:\Windows\System32\d3d10_1.dll - ok
    23:35:27.0837 4520 [ 9C36A3CA80F9B204C670336D344F5DF8 ] C:\Windows\System32\d3d10_1core.dll
    23:35:27.0837 4520 C:\Windows\System32\d3d10_1core.dll - ok
    23:35:27.0853 4520 [ 0411B7958C524BB2E91EE1B3035FE321 ] C:\Windows\System32\dxgi.dll
    23:35:27.0853 4520 C:\Windows\System32\dxgi.dll - ok
    23:35:27.0853 4520 [ 375FE18FCDBDB14E4F2704D602216DFD ] C:\Windows\System32\atidxx32.dll
    23:35:27.0853 4520 C:\Windows\System32\atidxx32.dll - ok
    23:35:27.0868 4520 [ 0CE4D3BD306DA6D1F6F233C403F5B667 ] C:\Windows\System32\msi.dll
    23:35:27.0868 4520 C:\Windows\System32\msi.dll - ok
    23:35:27.0884 4520 [ B390C1D825C7687493BEDE237C6C2F25 ] C:\Windows\System32\tcpmon.dll
    23:35:27.0884 4520 C:\Windows\System32\tcpmon.dll - ok
    23:35:27.0884 4520 [ 465BEA35F7ED4A4A57686DEA7EA10F47 ] C:\Windows\System32\cscapi.dll
    23:35:27.0884 4520 C:\Windows\System32\cscapi.dll - ok
    23:35:27.0900 4520 [ 53223B673A3FA2F9A4D1C31C8D3F6CD8 ] C:\Windows\System32\dbghelp.dll
    23:35:27.0900 4520 C:\Windows\System32\dbghelp.dll - ok
    23:35:27.0915 4520 [ 1220595CABA75AB91A6B3FA3B89483CC ] C:\Windows\System32\snmpapi.dll
    23:35:27.0915 4520 C:\Windows\System32\snmpapi.dll - ok
    23:35:27.0931 4520 [ 923CDD30092DB73EC4A0EBCDDD16C686 ] C:\Windows\System32\usbmon.dll
    23:35:27.0931 4520 C:\Windows\System32\usbmon.dll - ok
    23:35:27.0931 4520 [ 6357E2B68753A1F5CF4A68A25C4FD14A ] C:\Windows\System32\wsnmp32.dll
    23:35:27.0931 4520 C:\Windows\System32\wsnmp32.dll - ok
    23:35:27.0946 4520 [ A8EB761DE499242BECF153B2B34F020E ] C:\Windows\System32\WSDMon.dll
    23:35:27.0946 4520 C:\Windows\System32\WSDMon.dll - ok
    23:35:27.0962 4520 [ 73F6C5223F7E9B5780DD4A6C30FCF569 ] C:\Windows\System32\WSDApi.dll
    23:35:27.0962 4520 C:\Windows\System32\WSDApi.dll - ok
    23:35:27.0978 4520 [ DB846EECA70EE9D2E2FF31147C57B0F4 ] C:\Windows\System32\webservices.dll
    23:35:27.0978 4520 C:\Windows\System32\webservices.dll - ok
    23:35:27.0993 4520 [ BECDDA0990DEBD72A30096533521AD73 ] C:\Program Files\Google\Update\1.3.21.135\GoogleCrashHandler.exe
    23:35:27.0993 4520 C:\Program Files\Google\Update\1.3.21.135\GoogleCrashHandler.exe - ok
    23:35:28.0009 4520 [ 89D90579E5FB1469CB0464F6512E42B7 ] C:\Windows\System32\fundisc.dll
    23:35:28.0009 4520 C:\Windows\System32\fundisc.dll - ok
    23:35:28.0009 4520 [ F34CFADA6C48DAA41B996D24C7D8D3CA ] C:\Windows\System32\fdPnp.dll
    23:35:28.0009 4520 C:\Windows\System32\fdPnp.dll - ok
    23:35:28.0024 4520 [ CD72C6406BA561BED6D42CB145E55307 ] C:\Windows\System32\spool\prtprocs\w32x86\winprint.dll
    23:35:28.0024 4520 C:\Windows\System32\spool\prtprocs\w32x86\winprint.dll - ok
    23:35:28.0040 4520 [ F348280907B38FDBDB3CEF55D456E149 ] C:\Windows\System32\spool\prtprocs\w32x86\msonpppr.dll
    23:35:28.0040 4520 C:\Windows\System32\spool\prtprocs\w32x86\msonpppr.dll - ok
    23:35:28.0056 4520 [ C5A99A4C0DC9F0F5A95BA0C83D30A549 ] C:\Windows\System32\mstask.dll
    23:35:28.0056 4520 C:\Windows\System32\mstask.dll - ok
    23:35:28.0056 4520 [ 52CCA2E9FFD0653CACED1E808AADE4B6 ] C:\Windows\System32\win32spl.dll
    23:35:28.0056 4520 C:\Windows\System32\win32spl.dll - ok
    23:35:28.0071 4520 [ D27DDE7E0444C7F1819F958469EB7D93 ] C:\Windows\System32\inetpp.dll
    23:35:28.0071 4520 C:\Windows\System32\inetpp.dll - ok
    23:35:28.0087 4520 [ E2A17BCC08D92F42E08AF6BA2F93ABA7 ] C:\Windows\System32\ExplorerFrame.dll
    23:35:28.0087 4520 C:\Windows\System32\ExplorerFrame.dll - ok
    23:35:28.0102 4520 [ F6FD367C9EAAEDF90CD7A7952AE0B336 ] C:\Program Files\Common Files\Apple\Apple Application Support\ASL.dll
    23:35:28.0102 4520 C:\Program Files\Common Files\Apple\Apple Application Support\ASL.dll - ok
    23:35:28.0102 4520 [ 4327CF9A9D0864CA0FFC97FCDA97315A ] C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService_main.dll
    23:35:28.0102 4520 C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService_main.dll - ok
    23:35:28.0118 4520 [ D1F4EF194A129726FBF30E2F514824AA ] C:\Users\Daryl\AppData\Roaming\Dropbox\bin\DropboxExt.17.dll
    23:35:28.0118 4520 C:\Users\Daryl\AppData\Roaming\Dropbox\bin\DropboxExt.17.dll - ok
    23:35:28.0134 4520 [ 062373995EAE5F0EAC9EAA9192136BFB ] C:\Windows\System32\dnssd.dll
    23:35:28.0134 4520 C:\Windows\System32\dnssd.dll - ok
    23:35:28.0149 4520 [ DB5BEA73EDAF19AC68B2C0FAD0F92B1A ] C:\Program Files\Bonjour\mDNSResponder.exe
    23:35:28.0149 4520 C:\Program Files\Bonjour\mDNSResponder.exe - ok
    23:35:28.0165 4520 [ 24665B221424FFD7B71F0D2C398F2F4F ] C:\Program Files\Common Files\Apple\Mobile Device Support\MobileDevice.dll
    23:35:28.0165 4520 C:\Program Files\Common Files\Apple\Mobile Device Support\MobileDevice.dll - ok
    23:35:28.0165 4520 [ 846D0E4DB261CFAF363902E41498E961 ] C:\Windows\System32\EhStorShell.dll
    23:35:28.0165 4520 C:\Windows\System32\EhStorShell.dll - ok
    23:35:28.0180 4520 [ EB77DB354791A5932CA559B6F6374E95 ] C:\Windows\System32\ntshrui.dll
    23:35:28.0180 4520 C:\Windows\System32\ntshrui.dll - ok
    23:35:28.0196 4520 [ 523CF74A52C9A1762DA8B83AEE734498 ] C:\Windows\System32\IconCodecService.dll
    23:35:28.0196 4520 C:\Windows\System32\IconCodecService.dll - ok
    23:35:28.0212 4520 [ 2E14406E05789F91C9282AE7CFCA3A07 ] C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
    23:35:28.0212 4520 C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll - ok
    23:35:28.0212 4520 [ CF3126A2FF45AA224FC541BC543C2D9C ] C:\Program Files\Common Files\Apple\Apple Application Support\CFNetwork.dll
    23:35:28.0212 4520 C:\Program Files\Common Files\Apple\Apple Application Support\CFNetwork.dll - ok
    23:35:28.0227 4520 [ CA79539D3D4C0BA66F0F051A5EE5E923 ] C:\Windows\System32\cryptnet.dll
    23:35:28.0227 4520 C:\Windows\System32\cryptnet.dll - ok
    23:35:28.0243 4520 [ 96C0E38905CFD788313BE8E11DAE3F2F ] C:\Windows\System32\cryptsvc.dll
    23:35:28.0243 4520 C:\Windows\System32\cryptsvc.dll - ok
    23:35:28.0258 4520 [ 616399E27A55C97AE859230EB13984D8 ] C:\Program Files\LogMeIn Hamachi\hamachi-2.exe
    23:35:28.0258 4520 C:\Program Files\LogMeIn Hamachi\hamachi-2.exe - ok
    23:35:28.0258 4520 [ 13337A3FB17F2242487FD45488ED0485 ] C:\Windows\System32\vssapi.dll
    23:35:28.0258 4520 C:\Windows\System32\vssapi.dll - ok
    23:35:28.0274 4520 [ 8EC04CA86F1D68DA9E11952EB85973D6 ] C:\Windows\System32\dps.dll
    23:35:28.0274 4520 C:\Windows\System32\dps.dll - ok
    23:35:28.0290 4520 [ B940289C83121046BD6A60ACC6028593 ] C:\Windows\System32\vsstrace.dll
    23:35:28.0290 4520 C:\Windows\System32\vsstrace.dll - ok
    23:35:28.0305 4520 [ 8BA9851E671E8B5E49E303748FFD530C ] C:\Program Files\Common Files\Apple\Apple Application Support\SQLite3.dll
    23:35:28.0305 4520 C:\Program Files\Common Files\Apple\Apple Application Support\SQLite3.dll - ok
    23:35:28.0321 4520 [ 544EFF88AC6C85DF5A4D6F18DFE08CFC ] C:\Windows\System32\taskschd.dll
    23:35:28.0321 4520 C:\Windows\System32\taskschd.dll - ok
    23:35:28.0321 4520 [ 328E366E253B788256956532DFBF8A8A ] C:\Program Files\Common Files\Native Instruments\Hardware\NIHardwareService.exe
    23:35:28.0321 4520 C:\Program Files\Common Files\Native Instruments\Hardware\NIHardwareService.exe - ok
    23:35:28.0336 4520 [ F95622F161474511B8D80D6B093AA610 ] C:\Windows\System32\IKEEXT.DLL
    23:35:28.0336 4520 C:\Windows\System32\IKEEXT.DLL - ok
    23:35:28.0352 4520 [ 73862FF693168369A90F046E7F227B83 ] C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
    23:35:28.0352 4520 C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll - ok
    23:35:28.0368 4520 [ 5845B1C54380FB980F68024B3A8B1E66 ] C:\Windows\System32\vpnikeapi.dll
    23:35:28.0368 4520 C:\Windows\System32\vpnikeapi.dll - ok
    23:35:28.0368 4520 [ 385559C1EC1397A96A624673D2C38CB0 ] C:\Program Files\Common Files\PACE\Services\LicenseServices\LDSvc.exe
    23:35:28.0368 4520 C:\Program Files\Common Files\PACE\Services\LicenseServices\LDSvc.exe - ok
    23:35:28.0383 4520 [ 912084381D30D8B89EC4E293053F4710 ] C:\Windows\System32\nlasvc.dll
    23:35:28.0383 4520 C:\Windows\System32\nlasvc.dll - ok
    23:35:28.0399 4520 [ 75EA62927355189876081EF863064982 ] C:\Windows\System32\ncsi.dll
    23:35:28.0399 4520 C:\Windows\System32\ncsi.dll - ok
    23:35:28.0414 4520 [ CA9F7888B524D8100B977C81F44C3234 ] C:\Windows\System32\winhttp.dll
    23:35:28.0414 4520 C:\Windows\System32\winhttp.dll - ok
    23:35:28.0414 4520 [ AD8BD96B41C40AC36D803DF267B26EF0 ] C:\Program Files\LogMeIn Hamachi\hamachi-2-ui.exe
    23:35:28.0414 4520 C:\Program Files\LogMeIn Hamachi\hamachi-2-ui.exe - ok
    23:35:28.0430 4520 [ FB19FC5951A88F3C523E35C2C98D23C0 ] C:\Windows\System32\webio.dll
    23:35:28.0430 4520 C:\Windows\System32\webio.dll - ok
    23:35:28.0446 4520 [ 28E2231BD34A39C854BDF3923AB2FF86 ] C:\Windows\System32\ssdpapi.dll
    23:35:28.0446 4520 C:\Windows\System32\ssdpapi.dll - ok
    23:35:28.0461 4520 [ 2100560AF3F7F2948F2676E44DFB4ECF ] C:\Windows\System32\uDWM.dll
    23:35:28.0461 4520 C:\Windows\System32\uDWM.dll - ok
    23:35:28.0477 4520 [ 9E0104BA49F4E6973749A02BF41344ED ] C:\Windows\System32\drivers\PEAuth.sys
    23:35:28.0477 4520 C:\Windows\System32\drivers\PEAuth.sys - ok
    23:35:28.0477 4520 [ 936F728E04ACCF3F38801CFFCF1E3F40 ] C:\Windows\System32\oledlg.dll
    23:35:28.0477 4520 C:\Windows\System32\oledlg.dll - ok
    23:35:28.0492 4520 [ 78779EE07231C658B483B1F38B5088DF ] C:\Program Files\Microsoft\BingBar\SeaPort.EXE
    23:35:28.0492 4520 C:\Program Files\Microsoft\BingBar\SeaPort.EXE - ok
    23:35:28.0508 4520 [ 102CF6879887BBE846A00C459E6D4ABC ] C:\Windows\System32\riched20.dll
    23:35:28.0508 4520 C:\Windows\System32\riched20.dll - ok
    23:35:28.0524 4520 [ 6F8E3B7B70E1BBA871212940C1FBDF60 ] C:\Windows\System32\SensApi.dll
    23:35:28.0524 4520 C:\Windows\System32\SensApi.dll - ok
    23:35:28.0524 4520 [ 8C4F0DCC6A5100D48F9B2F950CDD220F ] C:\Program Files\Skype\Updater\Updater.exe
    23:35:28.0524 4520 C:\Program Files\Skype\Updater\Updater.exe - ok
    23:35:28.0539 4520 [ 90A3935D05B494A5A39D37E71F09A677 ] C:\Windows\System32\drivers\secdrv.sys
    23:35:28.0539 4520 C:\Windows\System32\drivers\secdrv.sys - ok
    23:35:28.0555 4520 [ BE6BD660CAA6F291AE06A718A4FA8ABC ] C:\Windows\System32\drivers\srvnet.sys
    23:35:28.0555 4520 C:\Windows\System32\drivers\srvnet.sys - ok
    23:35:28.0555 4520 [ E1FB3706030FB4578A0D72C2FC3689E4 ] C:\Windows\System32\wiaservc.dll
    23:35:28.0570 4520 C:\Windows\System32\wiaservc.dll - ok
    23:35:28.0570 4520 [ 36650D618CA34C9D357DFD3D89B2C56F ] C:\Windows\System32\sysmain.dll
    23:35:28.0570 4520 C:\Windows\System32\sysmain.dll - ok
    23:35:28.0586 4520 [ CCA24162E055C3714CE5A88B100C64ED ] C:\Windows\System32\drivers\tcpipreg.sys
    23:35:28.0586 4520 C:\Windows\System32\drivers\tcpipreg.sys - ok
    23:35:28.0602 4520 [ B087F2B901570F6EF62F6C2E01A480F3 ] C:\Windows\System32\wiatrace.dll
    23:35:28.0602 4520 C:\Windows\System32\wiatrace.dll - ok
    23:35:28.0617 4520 [ FE65D33B7D4FF07DD1D29526A48DF810 ] C:\Windows\System32\TODDSrv.exe
    23:35:28.0617 4520 C:\Windows\System32\TODDSrv.exe - ok
    23:35:28.0617 4520 [ 451B09BA1A0D019BA0B5A27229559D55 ] C:\Program Files\TOSHIBA\Power Saver\TosCoSrv.exe
    23:35:28.0617 4520 C:\Program Files\TOSHIBA\Power Saver\TosCoSrv.exe - ok
    23:35:28.0633 4520 [ DA5F5ADD2088EEEB74007D938C63D585 ] C:\Program Files\TOSHIBA\Power Saver\TPwrReg.dll
    23:35:28.0633 4520 C:\Program Files\TOSHIBA\Power Saver\TPwrReg.dll - ok
    23:35:28.0648 4520 [ 5C09EEECF8CA1059F1A748625C162A89 ] C:\Program Files\TOSHIBA\Power Saver\TPwrFunc.dll
    23:35:28.0648 4520 C:\Program Files\TOSHIBA\Power Saver\TPwrFunc.dll - ok
    23:35:28.0664 4520 [ 4792C0378DB99A9BC2AE2DE6CFFF0C3A ] C:\Windows\System32\trkwks.dll
    23:35:28.0664 4520 C:\Windows\System32\trkwks.dll - ok
    23:35:28.0664 4520 [ F62E510B6AD4C21EB9FE8668ED251826 ] C:\Windows\System32\wbem\WMIsvc.dll
    23:35:28.0664 4520 C:\Windows\System32\wbem\WMIsvc.dll - ok
    23:35:28.0680 4520 [ FB01D4AE207B9EFDBABFC55DC95C7E31 ] C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVC.EXE
    23:35:28.0680 4520 C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVC.EXE - ok
    23:35:28.0695 4520 [ 704314FD398C81D5F342CAA5DF7B7F21 ] C:\Windows\System32\wbemcomn.dll
    23:35:28.0695 4520 C:\Windows\System32\wbemcomn.dll - ok
    23:35:28.0711 4520 [ 701C9EB15E1E23D22F7C7184C0506673 ] C:\Windows\System32\wbem\WmiDcPrv.dll
    23:35:28.0711 4520 C:\Windows\System32\wbem\WmiDcPrv.dll - ok
    23:35:28.0711 4520 [ 881D9F2D6E04E1C323050CF1574870F7 ] C:\Windows\System32\wbem\WinMgmtR.dll
    23:35:28.0711 4520 C:\Windows\System32\wbem\WinMgmtR.dll - ok
    23:35:28.0726 4520 [ CFC7D8289D2B5F3CF8D16E2DB7F93D4A ] C:\Windows\System32\wbem\fastprox.dll
    23:35:28.0726 4520 C:\Windows\System32\wbem\fastprox.dll - ok
    23:35:28.0742 4520 [ E3E811471DE781900FF21C1FD84E941E ] C:\Windows\System32\ntdsapi.dll
    23:35:28.0742 4520 C:\Windows\System32\ntdsapi.dll - ok
    23:35:28.0758 4520 [ C5B0324DB461559ADD070E632A6919FA ] C:\Windows\System32\wbem\wbemprox.dll
    23:35:28.0758 4520 C:\Windows\System32\wbem\wbemprox.dll - ok
    23:35:28.0758 4520 [ 585EB475E7AF55C9065256E8FFB751A1 ] C:\Windows\System32\wbem\wbemcore.dll
    23:35:28.0758 4520 C:\Windows\System32\wbem\wbemcore.dll - ok
    23:35:28.0804 4520 [ 5AE88135C6A86FCD67BA16AFBB1C8389 ] C:\Windows\System32\wbem\esscli.dll
    23:35:28.0804 4520 C:\Windows\System32\wbem\esscli.dll - ok
    23:35:28.0820 4520 [ 776AE0564F8B1C282E331FD95A1BDC5F ] C:\Windows\System32\wbem\wbemsvc.dll
    23:35:28.0820 4520 C:\Windows\System32\wbem\wbemsvc.dll - ok
    23:35:28.0836 4520 [ 5610B0425518D185331CB8E968D060E6 ] C:\Windows\System32\wbem\wmiutils.dll
    23:35:28.0836 4520 C:\Windows\System32\wbem\wmiutils.dll - ok
    23:35:28.0851 4520 [ 371E3B05894549113D07CD3081ED55EF ] C:\Windows\System32\wbem\repdrvfs.dll
    23:35:28.0851 4520 C:\Windows\System32\wbem\repdrvfs.dll - ok
    23:35:28.0851 4520 [ D475BBD6FEF8DB2DDE0DA7CCFD2C9042 ] C:\Program Files\Common Files\microsoft shared\Windows Live\SQMAPI.DLL
    23:35:28.0851 4520 C:\Program Files\Common Files\microsoft shared\Windows Live\SQMAPI.DLL - ok
    23:35:28.0867 4520 [ 3CDE2911462FEC80064A409C07710C06 ] C:\Windows\System32\wbem\WmiPrvSD.dll
    23:35:28.0867 4520 C:\Windows\System32\wbem\WmiPrvSD.dll - ok
    23:35:28.0882 4520 [ A4CC7227A452C4909F9499D91B184364 ] C:\Windows\System32\ncobjapi.dll
    23:35:28.0882 4520 C:\Windows\System32\ncobjapi.dll - ok
    23:35:28.0898 4520 [ B350509B6C9296529BC464C60FEEAEF1 ] C:\Windows\System32\wbem\wbemess.dll
    23:35:28.0898 4520 C:\Windows\System32\wbem\wbemess.dll - ok
    23:35:28.0898 4520 [ 590D5C506044FE02FF7643E32FF9BDAC ] C:\Windows\System32\wer.dll
    23:35:28.0914 4520 C:\Windows\System32\wer.dll - ok
    23:35:28.0914 4520 [ 236F286E103FD44BD85FDD93097FD5DD ] C:\Windows\System32\SearchIndexer.exe
    23:35:28.0914 4520 C:\Windows\System32\SearchIndexer.exe - ok
    23:35:28.0929 4520 [ 1CDEA9188899E76D4FFD54C9D512CCDB ] C:\Windows\System32\msxml3.dll
    23:35:28.0929 4520 C:\Windows\System32\msxml3.dll - ok
    23:35:28.0945 4520 [ 465DBF63A5049E4DB4BC5C12FFE781CB ] C:\Windows\System32\tquery.dll
    23:35:28.0945 4520 C:\Windows\System32\tquery.dll - ok
    23:35:28.0960 4520 [ C649F293B8B047A2694F3C615D09BF17 ] C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVCM.EXE
    23:35:28.0960 4520 C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVCM.EXE - ok
    23:35:28.0960 4520 [ 0241CB16136B9A4939CA0395768AE286 ] C:\Windows\System32\mssrch.dll
    23:35:28.0960 4520 C:\Windows\System32\mssrch.dll - ok
    23:35:28.0976 4520 [ 99B9343280AF6A4C0F27CF2E28E94BBF ] C:\Windows\System32\dssenh.dll
    23:35:28.0976 4520 C:\Windows\System32\dssenh.dll - ok
    23:35:28.0992 4520 [ 5C3F9DBA818CD93379D1A0F215270374 ] C:\Windows\System32\esent.dll
    23:35:28.0992 4520 C:\Windows\System32\esent.dll - ok
    23:35:29.0007 4520 [ 03F0545BD8D4C77FA0AE1CEEDFCC71AB ] C:\Windows\System32\drivers\srv2.sys
    23:35:29.0007 4520 C:\Windows\System32\drivers\srv2.sys - ok
    23:35:29.0007 4520 [ 4D65A07B795D6674312F879D09AA7663 ] C:\Windows\System32\iphlpsvc.dll
    23:35:29.0007 4520 C:\Windows\System32\iphlpsvc.dll - ok
    23:35:29.0023 4520 [ 81600E2E27ED61427AAD865B9BCDDB9D ] C:\Windows\System32\msidle.dll
    23:35:29.0023 4520 C:\Windows\System32\msidle.dll - ok
    23:35:29.0038 4520 [ B63E24E9271E99FD4540E3CA22A937DA ] C:\Windows\System32\en-US\tquery.dll.mui
    23:35:29.0038 4520 C:\Windows\System32\en-US\tquery.dll.mui - ok
    23:35:29.0054 4520 [ E1AC89F6C5252057E6062843E36A6701 ] C:\Windows\System32\SearchProtocolHost.exe
    23:35:29.0054 4520 C:\Windows\System32\SearchProtocolHost.exe - ok
    23:35:29.0054 4520 [ A5D237B8673025B052C0E6FDB6A883E8 ] C:\Windows\System32\msshooks.dll
    23:35:29.0054 4520 C:\Windows\System32\msshooks.dll - ok
    23:35:29.0070 4520 [ A6CD6B3F71E13E2E45B727FB8A47EA87 ] C:\Windows\System32\SearchFilterHost.exe
    23:35:29.0070 4520 C:\Windows\System32\SearchFilterHost.exe - ok
    23:35:29.0085 4520 [ CE292C4C10B8DB6070F262EA2733F0DC ] C:\Windows\System32\sqmapi.dll
    23:35:29.0085 4520 C:\Windows\System32\sqmapi.dll - ok
    23:35:29.0101 4520 [ A399514D3B28C9A3453A486BBAAFF1C7 ] C:\Windows\System32\wdscore.dll
    23:35:29.0101 4520 C:\Windows\System32\wdscore.dll - ok
    23:35:29.0101 4520 [ 45D9F6CD2469CDB6A640DD4BD2B01471 ] C:\Windows\System32\nci.dll
    23:35:29.0116 4520 C:\Windows\System32\nci.dll - ok
    23:35:29.0116 4520 [ D83947A58613E9091B4C9CC0F1546A8D ] C:\Windows\System32\mscoree.dll
    23:35:29.0116 4520 C:\Windows\System32\mscoree.dll - ok
    23:35:29.0132 4520 [ 83BA5E873164A3711B44052F58C8FE9F ] C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscoreei.dll
    23:35:29.0132 4520 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscoreei.dll - ok
    23:35:29.0148 4520 [ 1CBF15FDB0310345A68972EB5C5B948F ] C:\Windows\System32\mssprxy.dll
    23:35:29.0148 4520 C:\Windows\System32\mssprxy.dll - ok
    23:35:29.0163 4520 [ 6383C60EC0133B14F5705F96369421B2 ] C:\Windows\System32\hnetcfg.dll
    23:35:29.0163 4520 C:\Windows\System32\hnetcfg.dll - ok
    23:35:29.0163 4520 [ E4C2764065D66EA1D2D3EBC28FE99C46 ] C:\Windows\System32\drivers\srv.sys
    23:35:29.0163 4520 C:\Windows\System32\drivers\srv.sys - ok
    23:35:29.0179 4520 [ F7FE730CE31B54145DEE1F1482BCCDD7 ] C:\Windows\System32\ndiscapCfg.dll
    23:35:29.0179 4520 C:\Windows\System32\ndiscapCfg.dll - ok
    23:35:29.0194 4520 [ D4191EFAB91E00FC09257AA5EBAF503B ] C:\Windows\System32\mprapi.dll
    23:35:29.0194 4520 C:\Windows\System32\mprapi.dll - ok
    23:35:29.0210 4520 [ 761A3A4038C1FD4F5795427907C28484 ] C:\Windows\System32\rascfg.dll
    23:35:29.0210 4520 C:\Windows\System32\rascfg.dll - ok
    23:35:29.0210 4520 [ 9A7B54D57594233EEB17892BAD309970 ] C:\Windows\System32\mprmsg.dll
    23:35:29.0210 4520 C:\Windows\System32\mprmsg.dll - ok
    23:35:29.0226 4520 [ CAFC0B884E5590B5E80D84F592388B3D ] C:\Windows\System32\tcpipcfg.dll
    23:35:29.0226 4520 C:\Windows\System32\tcpipcfg.dll - ok
    23:35:29.0241 4520 [ 3DAA727B5B0A45039B0E1C9A211B8400 ] C:\Windows\System32\browser.dll
    23:35:29.0241 4520 C:\Windows\System32\browser.dll - ok
    23:35:29.0257 4520 [ D64AF876D53ECA3668BB97B51B4E70AB ] C:\Windows\System32\srvsvc.dll
    23:35:29.0257 4520 C:\Windows\System32\srvsvc.dll - ok
    23:35:29.0257 4520 [ E4B72E71EC37A59FE574A998A0C0EB9B ] C:\Windows\System32\netmsg.dll
    23:35:29.0257 4520 C:\Windows\System32\netmsg.dll - ok
    23:35:29.0272 4520 [ AE9898D5600A232CD8AE3298692162E5 ] C:\Windows\System32\clusapi.dll
    23:35:29.0272 4520 C:\Windows\System32\clusapi.dll - ok
    23:35:29.0288 4520 [ 89E783711AF91AF09E1EF30EF3107446 ] C:\Windows\System32\sscore.dll
    23:35:29.0288 4520 C:\Windows\System32\sscore.dll - ok
    23:35:29.0304 4520 [ 2AF094C822BD6094F14A8E85FB51D52A ] C:\Windows\System32\resutils.dll
    23:35:29.0304 4520 C:\Windows\System32\resutils.dll - ok
    23:35:29.0319 4520 [ 46EF9DC96265FD0B423DB72E7C38C2A5 ] C:\Windows\System32\wdi.dll
    23:35:29.0319 4520 C:\Windows\System32\wdi.dll - ok
    23:35:29.0319 4520 [ 15E298B5EC5B89C5994A59863969D9FF ] C:\Windows\System32\npmproxy.dll
    23:35:29.0319 4520 C:\Windows\System32\npmproxy.dll - ok
    23:35:29.0335 4520 [ 7E82616BEE76BF5EAA5B30F681414E21 ] C:\Windows\System32\perftrack.dll
    23:35:29.0335 4520 C:\Windows\System32\perftrack.dll - ok
    23:35:29.0350 4520 [ ECF036299AA554B5E0455262857B39D0 ] C:\Windows\System32\diagperf.dll
    23:35:29.0350 4520 C:\Windows\System32\diagperf.dll - ok
    23:35:29.0366 4520 [ 0A3CCB2C4F603D99F34D742FC9544B97 ] C:\Windows\System32\pstorsvc.dll
    23:35:29.0366 4520 C:\Windows\System32\pstorsvc.dll - ok
    23:35:29.0366 4520 [ AA53356D60AF47EACC85BC617A4F3F66 ] C:\Windows\System32\wpdbusenum.dll
    23:35:29.0366 4520 C:\Windows\System32\wpdbusenum.dll - ok
    23:35:29.0382 4520 [ FB1959012294D6AD43E5304DF65E3C26 ] C:\Windows\System32\appinfo.dll
    23:35:29.0382 4520 C:\Windows\System32\appinfo.dll - ok
    23:35:29.0397 4520 [ E98278865E8DABA21CFE5FE4BE34210A ] C:\Windows\System32\PortableDeviceApi.dll
    23:35:29.0397 4520 C:\Windows\System32\PortableDeviceApi.dll - ok
    23:35:29.0413 4520 [ 274992D0945889A6B56D0E1BD4288A6E ] C:\Windows\System32\psbase.dll
    23:35:29.0413 4520 C:\Windows\System32\psbase.dll - ok
    23:35:29.0413 4520 [ DB67C7C62038BDE813CB6486581A7611 ] C:\Windows\System32\mssph.dll
    23:35:29.0413 4520 C:\Windows\System32\mssph.dll - ok
    23:35:29.0428 4520 [ 8B794AE6D5C7D42092804BC39A2EB8F6 ] C:\Windows\System32\aepic.dll
    23:35:29.0428 4520 C:\Windows\System32\aepic.dll - ok
    23:35:29.0444 4520 [ 40CAEEE0EAF1B8569F7C8DF6420F2CB9 ] C:\Windows\System32\sfc.dll
    23:35:29.0444 4520 C:\Windows\System32\sfc.dll - ok
    23:35:29.0460 4520 [ 84799328D87B3091A3BDD251E1AD31F9 ] C:\Windows\System32\sfc_os.dll
    23:35:29.0460 4520 C:\Windows\System32\sfc_os.dll - ok
    23:35:29.0460 4520 [ F8E882C10AF4C29E378D1E28D4817CB1 ] C:\Windows\System32\pnpts.dll
    23:35:29.0460 4520 C:\Windows\System32\pnpts.dll - ok
    23:35:29.0475 4520 [ 7FFD52D73352806969D424EF327D10A7 ] C:\Windows\System32\radardt.dll
    23:35:29.0475 4520 C:\Windows\System32\radardt.dll - ok
    23:35:29.0491 4520 [ F0016853FA3F38F55FD868FF74C0359B ] C:\Windows\System32\wdiasqmmodule.dll
    23:35:29.0491 4520 C:\Windows\System32\wdiasqmmodule.dll - ok
    23:35:29.0506 4520 [ 8BC9DB92C4B2F3BE89185BEAB2AFC1F6 ] C:\Windows\System32\mapi32.dll
    23:35:29.0506 4520 C:\Windows\System32\mapi32.dll - ok
    23:35:29.0522 4520 [ C693E642ACFBDD76433AF6BE3C3EEE6F ] C:\Windows\System32\PortableDeviceConnectApi.dll
    23:35:29.0522 4520 C:\Windows\System32\PortableDeviceConnectApi.dll - ok
    23:35:29.0522 4520 [ D99621C0735B21DCC8BC4FEF02F379EF ] C:\Windows\System32\Apphlpdm.dll
    23:35:29.0522 4520 C:\Windows\System32\Apphlpdm.dll - ok
    23:35:29.0538 4520 [ 78DE417B7921DACA072059E6BF410FC7 ] C:\Windows\System32\wshnetbs.dll
    23:35:29.0538 4520 C:\Windows\System32\wshnetbs.dll - ok
    23:35:29.0553 4520 [ D44741F65A1D71F65814A12CF6E2400A ] C:\Windows\System32\runonce.exe
    23:35:29.0553 4520 C:\Windows\System32\runonce.exe - ok
    23:35:29.0569 4520 [ AD7B9C14083B52BC532FBA5948342B98 ] C:\Windows\System32\cmd.exe
    23:35:29.0569 4520 C:\Windows\System32\cmd.exe - ok
    23:35:29.0569 4520 [ 63B282FB2550893724647A359BA2323F ] C:\Windows\System32\Query.dll
    23:35:29.0569 4520 C:\Windows\System32\Query.dll - ok
    23:35:29.0584 4520 [ 310E9119D0A1CFDF1DA897089B533D81 ] C:\Windows\System32\conhost.exe
    23:35:29.0584 4520 C:\Windows\System32\conhost.exe - ok
    23:35:29.0600 4520 [ BE247AE996A9FDE007A27B51413A6C79 ] C:\Windows\System32\shdocvw.dll
    23:35:29.0600 4520 C:\Windows\System32\shdocvw.dll - ok
    23:35:29.0616 4520 [ 178A34E5554DCE485E1262DDF027960C ] C:\Users\Daryl\AppData\Local\Temp\554EBFED-99A9-4F0A-AD54-D196A4C47EF9.exe
    23:35:29.0616 4520 C:\Users\Daryl\AppData\Local\Temp\554EBFED-99A9-4F0A-AD54-D196A4C47EF9.exe - ok
    23:35:29.0616 4520 [ 178A34E5554DCE485E1262DDF027960C ] C:\Users\Daryl\Downloads\tdsskiller (2).exe
    23:35:29.0616 4520 C:\Users\Daryl\Downloads\tdsskiller (2).exe - ok
    23:35:29.0631 4520 [ C0B8B96D018849FD8CCF15FED84E8782 ] C:\Windows\System32\ie4uinit.exe
    23:35:29.0631 4520 C:\Windows\System32\ie4uinit.exe - ok
    23:35:29.0647 4520 [ 83C9840CF87A0CA55526327801716D27 ] C:\Windows\System32\timedate.cpl
    23:35:29.0647 4520 C:\Windows\System32\timedate.cpl - ok
    23:35:29.0662 4520 [ 175383778EB24D98C84E624021E3AA0B ] C:\Windows\System32\aeevts.dll
    23:35:29.0662 4520 C:\Windows\System32\aeevts.dll - ok
    23:35:29.0678 4520 [ D2958325C1AE1AE37A83334C6229E3BC ] C:\Windows\System32\actxprxy.dll
    23:35:29.0678 4520 C:\Windows\System32\actxprxy.dll - ok
    23:35:29.0678 4520 [ 5987EA8A82C53359BCD2C29D6588583E ] C:\Windows\System32\linkinfo.dll
    23:35:29.0678 4520 C:\Windows\System32\linkinfo.dll - ok
    23:35:29.0694 4520 [ E3CD0A561F3AABE8607BF1474F4AE1DD ] C:\Program Files\Steam\Steam.exe
    23:35:29.0694 4520 C:\Program Files\Steam\Steam.exe - ok
    23:35:29.0709 4520 [ E6DD15E668DAF0A02470CF551B0A0105 ] C:\PROGRA~1\WIC4A1~1\MESSEN~1\msgslang.dll
    23:35:29.0709 4520 C:\PROGRA~1\WIC4A1~1\MESSEN~1\msgslang.dll - ok
    23:35:29.0725 4520 [ 6D796D59977EB52B33B966EAB9C73E6A ] C:\Program Files\Microsoft Works\MSWorks.exe
    23:35:29.0725 4520 C:\Program Files\Microsoft Works\MSWorks.exe - ok
    23:35:29.0725 4520 [ 19BC13711AC403FEB830522E4831701B ] C:\Windows\System32\gameux.dll
    23:35:29.0725 4520 C:\Windows\System32\gameux.dll - ok
    23:35:29.0740 4520 [ 84F6D5FE968852C59BCD3E06A36DC356 ] C:\Users\Daryl\AppData\Local\Google\Chrome\Application\chrome.exe
    23:35:29.0740 4520 C:\Users\Daryl\AppData\Local\Google\Chrome\Application\chrome.exe - ok
    23:35:29.0756 4520 [ 2A8681AEA24003040CA7D677BE9F1702 ] C:\Windows\System32\drivers\59167676.sys
    23:35:29.0756 4520 C:\Windows\System32\drivers\59167676.sys - ok
    23:35:29.0787 4520 [ 2154EB3B548E05A45E4BF4D3570E112E ] C:\Program Files\REAPER\reaper.exe
    23:35:29.0787 4520 C:\Program Files\REAPER\reaper.exe - ok
    23:35:29.0803 4520 [ F1278B3514EA6FA9BC39B20D26139AAC ] C:\Windows\System32\msiltcfg.dll
    23:35:29.0803 4520 C:\Windows\System32\msiltcfg.dll - ok
    23:35:29.0818 4520 [ 0F1931E26C21219DB1C90E90037F11F6 ] C:\Games\Minecraft.exe
    23:35:29.0818 4520 C:\Games\Minecraft.exe - ok
    23:35:29.0834 4520 [ FFAFE0C82F6AA51B2595696106DB8221 ] C:\Riot Games\League of Legends\lol.launcher.exe
    23:35:29.0834 4520 C:\Riot Games\League of Legends\lol.launcher.exe - ok
    23:35:29.0850 4520 [ B0033D0723317C9D71B3BB80245D1FA5 ] C:\Users\Daryl\AppData\Roaming\Spotify\spotify.exe
    23:35:29.0850 4520 C:\Users\Daryl\AppData\Roaming\Spotify\spotify.exe - ok
    23:35:29.0850 4520 [ 6C5454227A567085F62B54A6ABB91D2A ] C:\Program Files\MuseScore\bin\mscore.exe
    23:35:29.0850 4520 C:\Program Files\MuseScore\bin\mscore.exe - ok
    23:35:29.0865 4520 [ B06F0B4297AFA7E76A8B2D81082FA426 ] C:\Program Files\AIM\aim.exe
    23:35:29.0865 4520 C:\Program Files\AIM\aim.exe - ok
    23:35:29.0881 4520 [ 3A16EA01FCFAAB40882DB5BFEE632322 ] C:\Windows\System32\msftedit.dll
    23:35:29.0881 4520 C:\Windows\System32\msftedit.dll - ok
    23:35:29.0896 4520 [ 7896EFFDEE215C172BE724A64931EF1C ] C:\Program Files\Common Files\microsoft shared\ink\tiptsf.dll
    23:35:29.0896 4520 C:\Program Files\Common Files\microsoft shared\ink\tiptsf.dll - ok
    23:35:29.0896 4520 [ 35AAE2E841AA1A949775168E119482C9 ] C:\Windows\System32\msls31.dll
    23:35:29.0896 4520 C:\Windows\System32\msls31.dll - ok
    23:35:29.0912 4520 [ CD9C71270466A09E867DC108A097E0DD ] C:\Program Files\Audacity 1.3 Beta (Unicode)\audacity.exe
    23:35:29.0912 4520 C:\Program Files\Audacity 1.3 Beta (Unicode)\audacity.exe - ok
    23:35:29.0928 4520 [ 826158B9912308158DDDC6F79BFABB89 ] C:\Program Files\Propellerhead\Reason\Reason.exe
    23:35:29.0928 4520 C:\Program Files\Propellerhead\Reason\Reason.exe - ok
    23:35:29.0943 4520 [ 698EB1E5F8C66344D97C00B5699E871D ] C:\Program Files\Internet Explorer\iexplore.exe
    23:35:29.0943 4520 C:\Program Files\Internet Explorer\iexplore.exe - ok
    23:35:29.0943 4520 [ 8143723D21F4FA9B7AA295A29AE9541C ] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe
    23:35:29.0943 4520 C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe - ok
    23:35:29.0959 4520 [ 672D7C5080ACB003343006405DA2E621 ] C:\Windows\System32\thumbcache.dll
    23:35:29.0959 4520 C:\Windows\System32\thumbcache.dll - ok
    23:35:29.0974 4520 [ 967DCD9F36AAEA34FE859C9B82E6A4B9 ] C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe
    23:35:29.0974 4520 C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe - ok
    23:35:29.0990 4520 [ 3D57FFBAD3ED16B63DE3879BAB0FB56F ] C:\Windows\System32\networkexplorer.dll
    23:35:29.0990 4520 C:\Windows\System32\networkexplorer.dll - ok
    23:35:30.0006 4520 [ 778B2333591E9D28063D491456DA18BE ] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
    23:35:30.0006 4520 C:\Program Files\Synaptics\SynTP\SynTPEnh.exe - ok
    23:35:30.0006 4520 [ 2A39F32E0067CBF221611FE1FA8C6D8F ] C:\Windows\System32\DeviceCenter.dll
    23:35:30.0006 4520 C:\Windows\System32\DeviceCenter.dll - ok
    23:35:30.0021 4520 [ 5F91764211D1517C15C9D2C4ED665A09 ] C:\Program Files\TOSHIBA\Utilities\HWSetup.exe
    23:35:30.0021 4520 C:\Program Files\TOSHIBA\Utilities\HWSetup.exe - ok
    23:35:30.0037 4520 [ E579644A3F6196BDD8D1B00EC12FC7E6 ] C:\Program Files\TOSHIBA\Utilities\SVPWUTIL.exe
    23:35:30.0037 4520 C:\Program Files\TOSHIBA\Utilities\SVPWUTIL.exe - ok
    23:35:30.0052 4520 [ C5B2679B0AE204FDD0415199B7AFEF20 ] C:\Program Files\TOSHIBA\Utilities\KeNotify.exe
    23:35:30.0052 4520 C:\Program Files\TOSHIBA\Utilities\KeNotify.exe - ok
    23:35:30.0052 4520 [ 804D1B3F83682288619DF795543BF382 ] C:\Windows\System32\consent.exe
    23:35:30.0052 4520 C:\Windows\System32\consent.exe - ok
    23:35:30.0068 4520 [ E7704CBF568815C1CAA6E513387BD3F2 ] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
    23:35:30.0068 4520 C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe - ok
    23:35:30.0084 4520 [ 8EE6BDE1D572677AA35707C52C585F75 ] C:\Windows\System32\mlang.dll
    23:35:30.0084 4520 C:\Windows\System32\mlang.dll - ok
    23:35:30.0099 4520 [ 815CBBBAC9F4D44081955ABBC9544930 ] C:\Program Files\TOSHIBA\My Toshiba\MyToshiba.exe
    23:35:30.0099 4520 C:\Program Files\TOSHIBA\My Toshiba\MyToshiba.exe - ok
    23:35:30.0099 4520 [ E31661DEE8F3F975BDE9442670710DA6 ] C:\Windows\System32\SPCtl.dll
    23:35:30.0099 4520 C:\Windows\System32\SPCtl.dll - ok
    23:35:30.0115 4520 [ 8B92BED5B8D4A8480E7AA631F35A6F35 ] C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorwks.dll
    23:35:30.0115 4520 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorwks.dll - ok
    23:35:30.0130 4520 [ DEFF755C0E66EB617C1F21D1A972FAFB ] C:\Windows\System32\EBLib.DLL
    23:35:30.0130 4520 C:\Windows\System32\EBLib.DLL - ok
    23:35:30.0146 4520 [ 29C81875332F7084321C3A82A9A7BF9F ] C:\Users\Daryl\AppData\Roaming\Microsoft\Installer\{45A66726-69BC-466B-A7A4-12FCBA4883D7}\HiJackThis.exe
    23:35:30.0146 4520 C:\Users\Daryl\AppData\Roaming\Microsoft\Installer\{45A66726-69BC-466B-A7A4-12FCBA4883D7}\HiJackThis.exe - ok
    23:35:30.0162 4520 [ 1F5AFD468EB5E09E9ED75A087529EAB5 ] C:\Windows\winsxs\x86_microsoft.vc80.mfc_1fc8b3b9a1e18e3b_8.0.50727.6195_none_cbf5e994470a1a8f\mfc80.dll
    23:35:30.0162 4520 C:\Windows\winsxs\x86_microsoft.vc80.mfc_1fc8b3b9a1e18e3b_8.0.50727.6195_none_cbf5e994470a1a8f\mfc80.dll - ok
    23:35:30.0162 4520 [ BB9501FFB0223CF0C83A16A1CB7516D4 ] C:\Windows\System32\SynCOM.dll
    23:35:30.0162 4520 C:\Windows\System32\SynCOM.dll - ok
    23:35:30.0177 4520 [ DC6612A9EE015A36BA2A27BC9CC12537 ] C:\Windows\System32\mfc42.dll
    23:35:30.0177 4520 C:\Windows\System32\mfc42.dll - ok
    23:35:30.0193 4520 [ D7688EA8637F2E908259CBD5835B1571 ] C:\Windows\System32\SynTPAPI.dll
    23:35:30.0193 4520 C:\Windows\System32\SynTPAPI.dll - ok
    23:35:30.0208 4520 [ C3E39FB1398EEE8E612C2FE53A9192EF ] C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\7150b9136fad5b79e88f6c7f9d3d2c39\mscorlib.ni.dll
    23:35:30.0208 4520 C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\7150b9136fad5b79e88f6c7f9d3d2c39\mscorlib.ni.dll - ok
    23:35:30.0208 4520 [ E327C3E38A6C0C176D7AE89D30E24EF4 ] C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
    23:35:30.0208 4520 C:\Program Files\Synaptics\SynTP\SynTPHelper.exe - ok
    23:35:30.0224 4520 [ 7D34AF98A706230CC2DEDFE0CABF87AB ] C:\Windows\System32\odbc32.dll
    23:35:30.0224 4520 C:\Windows\System32\odbc32.dll - ok
    23:35:30.0240 4520 [ E2C48CD0132D4D1DC7D0DF9A6BEF686A ] C:\Windows\winsxs\x86_microsoft.vc80.mfc_1fc8b3b9a1e18e3b_8.0.50727.6195_none_cbf5e994470a1a8f\mfc80u.dll
    23:35:30.0240 4520 C:\Windows\winsxs\x86_microsoft.vc80.mfc_1fc8b3b9a1e18e3b_8.0.50727.6195_none_cbf5e994470a1a8f\mfc80u.dll - ok
    23:35:30.0255 4520 [ 28A09777D2D952122567A8A82F1A2C7B ] C:\Windows\winsxs\x86_microsoft.vc80.mfcloc_1fc8b3b9a1e18e3b_8.0.50727.6195_none_03ce2c72205943d3\mfc80ENU.dll
    23:35:30.0255 4520 C:\Windows\winsxs\x86_microsoft.vc80.mfcloc_1fc8b3b9a1e18e3b_8.0.50727.6195_none_03ce2c72205943d3\mfc80ENU.dll - ok
    23:35:30.0255 4520 [ ABA457BFC7EC0B5E130B2F1E0F549DFF ] C:\Windows\System32\odbcint.dll
    23:35:30.0255 4520 C:\Windows\System32\odbcint.dll - ok
    23:35:30.0271 4520 [ 0DCA6A11D09D4C2CBE6B898B897EA915 ] C:\Windows\System32\UIAnimation.dll
    23:35:30.0271 4520 C:\Windows\System32\UIAnimation.dll - ok
    23:35:30.0286 4520 [ 854563425495A29FB4B198A6ABEBE06D ] C:\Program Files\iTunes\iTunes.exe
    23:35:30.0286 4520 C:\Program Files\iTunes\iTunes.exe - ok
    23:35:30.0302 4520 [ C940F2F5C60B3727C5F18840735B229C ] C:\Windows\System32\AudioSes.dll
    23:35:30.0302 4520 C:\Windows\System32\AudioSes.dll - ok
    23:35:30.0318 4520 [ DCCB7A4A05FA81B191D46797962CC7C4 ] C:\Windows\System32\RTCOM\RtkCfg.dll
    23:35:30.0318 4520 C:\Windows\System32\RTCOM\RtkCfg.dll - ok
    23:35:30.0318 4520 [ 72F898EA1F3F41BFB9320C532C240205 ] C:\Windows\System32\RtkAPO.dll
    23:35:30.0318 4520 C:\Windows\System32\RtkAPO.dll - ok
    23:35:30.0333 4520 [ 4E30ED3E551E867ADD1C8D58F5EDD9DF ] C:\Windows\System32\WMALFXGFXDSP.dll
    23:35:30.0333 4520 C:\Windows\System32\WMALFXGFXDSP.dll - ok
    23:35:30.0349 4520 [ 09A116FB06C5E362EF8938D29CDAB27B ] C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorjit.dll
    23:35:30.0349 4520 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorjit.dll - ok
    23:35:30.0364 4520 [ 3518CB4E2D896CAB53D5386F15AC0566 ] C:\Windows\assembly\NativeImages_v2.0.50727_32\System\369f8bdca364e2b4936d18dea582912c\System.ni.dll
    23:35:30.0364 4520 C:\Windows\assembly\NativeImages_v2.0.50727_32\System\369f8bdca364e2b4936d18dea582912c\System.ni.dll - ok
    23:35:30.0364 4520 [ 40B82688907A7DBA4DB3B5ADDE3EAB3B ] C:\Windows\System32\mfplat.dll
    23:35:30.0364 4520 C:\Windows\System32\mfplat.dll - ok
    23:35:30.0380 4520 [ 27E79A455EF80647F4F57FA3C2B09C94 ] C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\eead6629e384a5b69f9ae35284b7eeed\System.Drawing.ni.dll
    23:35:30.0380 4520 C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\eead6629e384a5b69f9ae35284b7eeed\System.Drawing.ni.dll - ok
    23:35:30.0396 4520 [ 40EEDE4EE98C716827148172ECC898D4 ] C:\Windows\Installer\{268278CF-FB69-4D98-B70E-BFEC1CDCA225}\iTunesIco.exe
    23:35:30.0396 4520 C:\Windows\Installer\{268278CF-FB69-4D98-B70E-BFEC1CDCA225}\iTunesIco.exe - ok
    23:35:30.0411 4520 [ DB0E503EDF7C9030731070DB5EDA0CEA ] C:\Program Files\TOSHIBA\Power Saver\TPwrMain.exe
    23:35:30.0411 4520 C:\Program Files\TOSHIBA\Power Saver\TPwrMain.exe - ok
    23:35:30.0411 4520 [ D378BFFB70923139D6A4F546864AA61C ] C:\Windows\System32\notepad.exe
    23:35:30.0411 4520 C:\Windows\System32\notepad.exe - ok
    23:35:30.0427 4520 [ 2C5BA148BA7936D9BB6BB1F4945BA469 ] C:\Users\Daryl\AppData\Roaming\Dropbox\bin\Dropbox.exe
    23:35:30.0427 4520 C:\Users\Daryl\AppData\Roaming\Dropbox\bin\Dropbox.exe - ok
    23:35:30.0442 4520 [ A11F5EE731CD48F3DC509E2D180E1AF0 ] C:\Program Files\TOSHIBA\SmoothView\SmoothView.exe
    23:35:30.0442 4520 C:\Program Files\TOSHIBA\SmoothView\SmoothView.exe - ok
    23:35:30.0458 4520 [ 8B1590C627138166C015A5680ABF6BB2 ] C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\cb562e2e4f74ae607f1186f6ec50cec7\System.Windows.Forms.ni.dll
    23:35:30.0458 4520 C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\cb562e2e4f74ae607f1186f6ec50cec7\System.Windows.Forms.ni.dll - ok
    23:35:30.0474 4520 [ F7A0940060EE09F29E53F2398FEC4A16 ] C:\Windows\assembly\GAC_MSIL\MOM.Implementation\2.0.3497.38894__90ba9c70f846762e\MOM.Implementation.DLL
    23:35:30.0474 4520 C:\Windows\assembly\GAC_MSIL\MOM.Implementation\2.0.3497.38894__90ba9c70f846762e\MOM.Implementation.DLL - ok
    23:35:30.0474 4520 [ 5EAFD4EE6CB0D15C646981FE05F7CA34 ] C:\Windows\assembly\GAC_MSIL\LOG.Foundation\2.0.3428.28296__90ba9c70f846762e\LOG.Foundation.DLL
    23:35:30.0489 4520 C:\Windows\assembly\GAC_MSIL\LOG.Foundation\2.0.3428.28296__90ba9c70f846762e\LOG.Foundation.DLL - ok
    23:35:30.0489 4520 [ 790EE8256B17FBEC067E7B3FFCA9D4D0 ] C:\Windows\assembly\GAC_MSIL\LOG.Foundation.Private\2.0.3428.28303__90ba9c70f846762e\LOG.Foundation.Private.DLL
    23:35:30.0489 4520 C:\Windows\assembly\GAC_MSIL\LOG.Foundation.Private\2.0.3428.28303__90ba9c70f846762e\LOG.Foundation.Private.DLL - ok
    23:35:30.0505 4520 [ 533B979039DCDE6254B421CE7B57ADCA ] C:\Windows\assembly\GAC_MSIL\LOG.Foundation.Implementation\2.0.3497.38892__90ba9c70f846762e\LOG.Foundation.Implementation.DLL
    23:35:30.0505 4520 C:\Windows\assembly\GAC_MSIL\LOG.Foundation.Implementation\2.0.3497.38892__90ba9c70f846762e\LOG.Foundation.Implementation.DLL - ok
    23:35:30.0520 4520 [ 0F77A66CFBF9BE9BCA343D9385F26937 ] C:\Windows\assembly\GAC_MSIL\MOM.Foundation\2.0.3428.28310__90ba9c70f846762e\MOM.Foundation.DLL
    23:35:30.0520 4520 C:\Windows\assembly\GAC_MSIL\MOM.Foundation\2.0.3428.28310__90ba9c70f846762e\MOM.Foundation.DLL - ok
    23:35:30.0536 4520 [ 786569D7082130E2C30D9B44DEF1D501 ] C:\Windows\assembly\GAC_MSIL\LOG.Foundation.Implementation.Private\2.0.3428.28310__90ba9c70f846762e\LOG.Foundation.Implementation.Private.DLL
    23:35:30.0536 4520 C:\Windows\assembly\GAC_MSIL\LOG.Foundation.Implementation.Private\2.0.3428.28310__90ba9c70f846762e\LOG.Foundation.Implementation.Private.DLL - ok
    23:35:30.0552 4520 [ F148865E4AC4F715E322EA06E6E21D84 ] C:\Windows\System32\wbem\NCProv.dll
    23:35:30.0552 4520 C:\Windows\System32\wbem\NCProv.dll - ok
    23:35:30.0552 4520 [ C3670CD073CAF4866F600CDA2E8CD0E5 ] C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Remo#\90b89f6e8032310e9ac72a309fd49e83\System.Runtime.Remoting.ni.dll
    23:35:30.0552 4520 C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Remo#\90b89f6e8032310e9ac72a309fd49e83\System.Runtime.Remoting.ni.dll - ok
    23:35:30.0567 4520 [ 5033F9928BDE9C57B4CF9472407D96F9 ] C:\Program Files\TOSHIBA\Power Saver\TtosFunc.dll
    23:35:30.0567 4520 C:\Program Files\TOSHIBA\Power Saver\TtosFunc.dll - ok
    23:35:30.0583 4520 [ 539C49CEBB3C50957AC8A09D95ECD880 ] C:\Windows\System32\shfolder.dll
    23:35:30.0583 4520 C:\Windows\System32\shfolder.dll - ok
    23:35:30.0598 4520 [ 1B8FF90D2E6CACC4FB83717A619F758D ] C:\Program Files\TOSHIBA\Power Saver\TCooling.dll
    23:35:30.0598 4520 C:\Program Files\TOSHIBA\Power Saver\TCooling.dll - ok
    23:35:30.0598 4520 [ 90D455F7037BB1AC2E98B74FD72D8AC7 ] C:\Program Files\TOSHIBA\Power Saver\TOddPwr.dll
    23:35:30.0598 4520 C:\Program Files\TOSHIBA\Power Saver\TOddPwr.dll - ok
    23:35:30.0614 4520 [ 74EF310FAC89341CE2897B7F2C4A7B0F ] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
    23:35:30.0614 4520 C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe - ok
    23:35:30.0630 4520 [ F5B8F83EAACF6B6B4A00CFDF53778F15 ] C:\Program Files\TOSHIBA\Power Saver\TPwrSrv.dll
    23:35:30.0630 4520 C:\Program Files\TOSHIBA\Power Saver\TPwrSrv.dll - ok
    23:35:30.0645 4520 [ 30BC378F9736CE588263555EC774C64E ] C:\Program Files\TOSHIBA\Power Saver\T1394Pwr.dll
    23:35:30.0645 4520 C:\Program Files\TOSHIBA\Power Saver\T1394Pwr.dll - ok
    23:35:30.0645 4520 [ 08E3003DAD2323A9C263795EB24358E4 ] C:\Program Files\TOSHIBA\Power Saver\TKBLEDPwr.dll
    23:35:30.0661 4520 C:\Program Files\TOSHIBA\Power Saver\TKBLEDPwr.dll - ok
    23:35:30.0661 4520 [ 10372540F4E68583DA4325CF59074749 ] C:\Program Files\TOSHIBA\Power Saver\TSDPwr.dll
    23:35:30.0661 4520 C:\Program Files\TOSHIBA\Power Saver\TSDPwr.dll - ok
    23:35:30.0676 4520 [ EBF8791ABE6F7302241EE0A492452874 ] C:\Program Files\TOSHIBA\Power Saver\TPCIePwr.dll
    23:35:30.0676 4520 C:\Program Files\TOSHIBA\Power Saver\TPCIePwr.dll - ok
    23:35:30.0692 4520 [ D205C24A9D069049FE2DF2A1B38726A7 ] C:\Windows\System32\wdmaud.drv
    23:35:30.0692 4520 C:\Windows\System32\wdmaud.drv - ok
    23:35:30.0708 4520 [ 67C477FDBE6963921EBC474B1BE7CF0D ] C:\Program Files\Adobe\Reader 9.0\Reader\AcroRd32.exe
    23:35:30.0708 4520 C:\Program Files\Adobe\Reader 9.0\Reader\AcroRd32.exe - ok
    23:35:30.0708 4520 [ 1A894E710FB46B8D675CBD793389A619 ] C:\Windows\assembly\GAC_MSIL\CCC.Implementation\2.0.3497.38893__90ba9c70f846762e\CCC.Implementation.DLL
    23:35:30.0708 4520 C:\Windows\assembly\GAC_MSIL\CCC.Implementation\2.0.3497.38893__90ba9c70f846762e\CCC.Implementation.DLL - ok
    23:35:30.0723 4520 [ 00B0ACE97EAA8A8F1CC1867E49B1FE74 ] C:\Windows\Installer\{4E76FF7E-AEBA-4C87-B788-CD47E5425B9D}\SkypeIcon.exe
    23:35:30.0723 4520 C:\Windows\Installer\{4E76FF7E-AEBA-4C87-B788-CD47E5425B9D}\SkypeIcon.exe - ok
    23:35:30.0739 4520 [ AD3FD617782E4B8CC59BB588F921D203 ] C:\Windows\assembly\GAC_MSIL\CLI.Foundation\2.0.3428.28298__90ba9c70f846762e\CLI.Foundation.DLL
    23:35:30.0739 4520 C:\Windows\assembly\GAC_MSIL\CLI.Foundation\2.0.3428.28298__90ba9c70f846762e\CLI.Foundation.DLL - ok
    23:35:30.0754 4520 [ 9C67F6BBDA3881CFD02095160CF91576 ] C:\Windows\System32\ksuser.dll
    23:35:30.0754 4520 C:\Windows\System32\ksuser.dll - ok
    23:35:30.0754 4520 [ 912649A1B3F9E6ACB3899FBDABA2ED5F ] C:\Windows\System32\stobject.dll
    23:35:30.0754 4520 C:\Windows\System32\stobject.dll - ok
    23:35:30.0770 4520 [ DD80D3894F5E1D36864D9727214605CD ] C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Web\5ecf01964c70e453d71e5d7653912ff9\System.Web.ni.dll
    23:35:30.0770 4520 C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Web\5ecf01964c70e453d71e5d7653912ff9\System.Web.ni.dll - ok
    23:35:30.0786 4520 [ 67C1B58706B47EEBA4E117AC197289E6 ] C:\Windows\System32\batmeter.dll
    23:35:30.0786 4520 C:\Windows\System32\batmeter.dll - ok
    23:35:30.0801 4520 [ 07393A09C46083588E751B63B03C8301 ] C:\Windows\System32\msacm32.drv
    23:35:30.0801 4520 C:\Windows\System32\msacm32.drv - ok
    23:35:30.0817 4520 [ 85683DF1F917E4D7F6BE1A04986BF1C8 ] C:\Windows\System32\msacm32.dll
    23:35:30.0817 4520 C:\Windows\System32\msacm32.dll - ok
    23:35:30.0832 4520 [ 5A12C364AD1D4FCC0AD0E56DBBC34462 ] C:\Windows\System32\midimap.dll
    23:35:30.0832 4520 C:\Windows\System32\midimap.dll - ok
    23:35:30.0832 4520 [ 31AFFAA5C75FDCD3E646CA571367F902 ] C:\Program Files\TOSHIBA\FlashCards\TCrdMain.exe
    23:35:30.0832 4520 C:\Program Files\TOSHIBA\FlashCards\TCrdMain.exe - ok
    23:35:30.0848 4520 [ 66E9F5121482A086CF77B8A40827E922 ] C:\Program Files\WinRAR\WinRAR.exe
    23:35:30.0848 4520 C:\Program Files\WinRAR\WinRAR.exe - ok
    23:35:30.0864 4520 [ C8333F1F77A1B2E25F2202E892CAF634 ] C:\Windows\System32\prnfldr.dll
    23:35:30.0864 4520 C:\Windows\System32\prnfldr.dll - ok
    23:35:30.0864 4520 [ 24CD9A82FCFC658DD3AE7BA25C958FFB ] C:\Program Files\WinDirStat\windirstat.exe
    23:35:30.0864 4520 C:\Program Files\WinDirStat\windirstat.exe - ok
    23:35:30.0879 4520 [ 8B968045D75783A09592C3105F2865DA ] C:\Users\Daryl\Desktop\dds.scr
    23:35:30.0879 4520 C:\Users\Daryl\Desktop\dds.scr - ok
    23:35:30.0895 4520 [ 1C7F1C3EA5894995E6C563E9AE9F029F ] C:\Windows\System32\l3codeca.acm
    23:35:30.0895 4520 C:\Windows\System32\l3codeca.acm - ok
    23:35:30.0910 4520 [ 00FD66403AB97BF23B38A3239AEE1283 ] C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosWaitSrv.exe
    23:35:30.0910 4520 C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosWaitSrv.exe - ok
    23:35:30.0926 4520 [ 6E3245DF783E58375B3465F03274743E ] C:\Program Files\Common Files\Java\Java Update\jusched.exe
    23:35:30.0926 4520 C:\Program Files\Common Files\Java\Java Update\jusched.exe - ok
    23:35:30.0926 4520 [ A6A40F7E5186070FB7580BDEFACC75DF ] C:\Users\Daryl\Desktop\cports.exe
    23:35:30.0926 4520 C:\Users\Daryl\Desktop\cports.exe - ok
    23:35:30.0942 4520 [ 8E2A7F1F62467A7DCB8AB2C0642F47CA ] C:\Program Files\iTunes\iTunesHelper.exe
    23:35:30.0942 4520 C:\Program Files\iTunes\iTunesHelper.exe - ok
    23:35:30.0957 4520 [ 339DFA98DDDA7DDF735CE21C82E6F1DD ] C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe
    23:35:30.0957 4520 C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe - ok
    23:35:30.0973 4520 [ BBA9D5A730D5E304117AD26923EBD8AA ] C:\Windows\System32\AudioEng.dll
    23:35:30.0973 4520 C:\Windows\System32\AudioEng.dll - ok
    23:35:30.0988 4520 [ ADDB05C93272A62606599B24730BD645 ] C:\Windows\System32\DXP.dll
    23:35:30.0988 4520 C:\Windows\System32\DXP.dll - ok
    23:35:30.0988 4520 [ 96F0F8F4DEE598C8D12AD9633E0CFE2A ] C:\Windows\System32\AUDIOKSE.dll
    23:35:30.0988 4520 C:\Windows\System32\AUDIOKSE.dll - ok
    23:35:31.0004 4520 [ 8F0DE4FEF8201E306F9938B0905AC96A ] C:\Users\Daryl\AppData\Local\Google\Update\GoogleUpdate.exe
    23:35:31.0004 4520 C:\Users\Daryl\AppData\Local\Google\Update\GoogleUpdate.exe - ok
    23:35:31.0020 4520 [ 856CFFCD835528136367BB1A8FE1DB87 ] C:\Windows\System32\Syncreg.dll
    23:35:31.0020 4520 C:\Windows\System32\Syncreg.dll - ok
    23:35:31.0035 4520 [ CA2140963B8E8A1AD89DF2C1F6EDFAA6 ] C:\Users\Daryl\Desktop\7bwoxlwp.exe
    23:35:31.0035 4520 C:\Users\Daryl\Desktop\7bwoxlwp.exe - ok
    23:35:31.0035 4520 [ 44B6F94972EABFA78EC1E0F53BF05553 ] C:\Program Files\WhatsRunning\WhatsRunning.exe
    23:35:31.0035 4520 C:\Program Files\WhatsRunning\WhatsRunning.exe - ok
    23:35:31.0051 4520 [ 5082BC510FAD849630D09DA626BB7CDA ] C:\Program Files\iTunes\iTunesHelper.dll
    23:35:31.0051 4520 C:\Program Files\iTunes\iTunesHelper.dll - ok
    23:35:31.0066 4520 [ 2E5672EEA419A4DC9DACD714632E1DC3 ] C:\Users\Daryl\AppData\Local\Google\Update\1.3.21.135\goopdate.dll
    23:35:31.0066 4520 C:\Users\Daryl\AppData\Local\Google\Update\1.3.21.135\goopdate.dll - ok
    23:35:31.0082 4520 [ AFEEAFD7CF8ED6958A81ACC304C17B7D ] C:\Program Files\iTunes\iTunesHelper.Resources\iTunesHelper.dll
    23:35:31.0082 4520 C:\Program Files\iTunes\iTunesHelper.Resources\iTunesHelper.dll - ok
    23:35:31.0082 4520 [ BE643CD44DD06DA283634A3E51DC22BC ] C:\Program Files\iTunes\iTunesHelper.Resources\en.lproj\iTunesHelperLocalized.dll
    23:35:31.0082 4520 C:\Program Files\iTunes\iTunesHelper.Resources\en.lproj\iTunesHelperLocalized.dll - ok
    23:35:31.0098 4520 [ AC301C9C2ED090B5AA3A4A0B34D82381 ] C:\Program Files\TOSHIBA\FlashCards\TCrdMain.dll
    23:35:31.0098 4520 C:\Program Files\TOSHIBA\FlashCards\TCrdMain.dll - ok
    23:35:31.0113 4520 [ 6161257008FE77D3ADFA9CBBC419F843 ] C:\Program Files\TOSHIBA\FlashCards\TCrdEvnt.dll
    23:35:31.0113 4520 C:\Program Files\TOSHIBA\FlashCards\TCrdEvnt.dll - ok
    23:35:31.0129 4520 [ 3C6FAE496BA6D55A176DA72011343888 ] C:\Windows\assembly\GAC_MSIL\CLI.Component.SkinFactory\2.0.3497.38813__90ba9c70f846762e\CLI.Component.SkinFactory.DLL
    23:35:31.0129 4520 C:\Windows\assembly\GAC_MSIL\CLI.Component.SkinFactory\2.0.3497.38813__90ba9c70f846762e\CLI.Component.SkinFactory.DLL - ok
    23:35:31.0144 4520 [ 4B0277F08085FB78113FC157DBF2D596 ] C:\Program Files\TOSHIBA\FlashCards\BlackPng.dll
    23:35:31.0144 4520 C:\Program Files\TOSHIBA\FlashCards\BlackPng.dll - ok
    23:35:31.0144 4520 [ B6F31340B672B730C51FF44FC783D9E4 ] C:\Windows\assembly\GAC_MSIL\CLI.Foundation.XManifest\2.0.3428.28354__90ba9c70f846762e\CLI.Foundation.XManifest.DLL
    23:35:31.0144 4520 C:\Windows\assembly\GAC_MSIL\CLI.Foundation.XManifest\2.0.3428.28354__90ba9c70f846762e\CLI.Foundation.XManifest.DLL - ok
    23:35:31.0160 4520 [ 871F7F32E3441580138E61A4AA072DF6 ] C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml\f687c43e9fdec031988b33ae722c4613\System.Xml.ni.dll
    23:35:31.0160 4520 C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml\f687c43e9fdec031988b33ae722c4613\System.Xml.ni.dll - ok
    23:35:31.0176 4520 [ BECDDA0990DEBD72A30096533521AD73 ] C:\Users\Daryl\AppData\Local\Google\Update\1.3.21.135\GoogleCrashHandler.exe
    23:35:31.0176 4520 C:\Users\Daryl\AppData\Local\Google\Update\1.3.21.135\GoogleCrashHandler.exe - ok
    23:35:31.0191 4520 [ 37CF3324F46CEB3A4F2686C617CBB35C ] C:\Program Files\Common Files\Apple\Mobile Device Support\iTunesMobileDevice.dll
    23:35:31.0191 4520 C:\Program Files\Common Files\Apple\Mobile Device Support\iTunesMobileDevice.dll - ok
    23:35:31.0207 4520 [ 35DB83C4DE9FA3889E937125D115EAA0 ] C:\Users\Daryl\AppData\Local\Google\Update\1.3.21.135\goopdateres_en.dll
    23:35:31.0207 4520 C:\Users\Daryl\AppData\Local\Google\Update\1.3.21.135\goopdateres_en.dll - ok
    23:35:31.0207 4520 [ F8F03D206F7D5811D630349A23E9B9B9 ] C:\Windows\ehome\ehSSO.dll
    23:35:31.0207 4520 C:\Windows\ehome\ehSSO.dll - ok
    23:35:31.0222 4520 [ EAB975DB4C2805927FE5BD047D05C9AA ] C:\Windows\System32\netshell.dll
    23:35:31.0222 4520 C:\Windows\System32\netshell.dll - ok
    23:35:31.0238 4520 [ 803051E1A6F884D9842C078AA09BDFF7 ] C:\Program Files\TOSHIBA\Power Saver\TFunctab.dll
    23:35:31.0238 4520 C:\Program Files\TOSHIBA\Power Saver\TFunctab.dll - ok
    23:35:31.0254 4520 [ C6A0C54ABD119B5F3C52630F08BE6040 ] C:\Program Files\TOSHIBA\FlashCards\Hotkey\FnESC.dll
    23:35:31.0254 4520 C:\Program Files\TOSHIBA\FlashCards\Hotkey\FnESC.dll - ok
    23:35:31.0254 4520 [ 655DC8C88A87C587EC2F0A4F8990ADC9 ] C:\Program Files\TOSHIBA\FlashCards\Hotkey\FnZ.dll
    23:35:31.0254 4520 C:\Program Files\TOSHIBA\FlashCards\Hotkey\FnZ.dll - ok
    23:35:31.0269 4520 [ 81CA32EFCF10C09B9E8B0387F9479074 ] C:\Program Files\TOSHIBA\FlashCards\Hotkey\FnF1.dll
    23:35:31.0269 4520 C:\Program Files\TOSHIBA\FlashCards\Hotkey\FnF1.dll - ok
    23:35:31.0285 4520 [ 751184DF487A1B3C95CB29B0D0069C28 ] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
    23:35:31.0285 4520 C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe - ok
    23:35:31.0300 4520 [ A332B45E3822F7876CEA275A4BBB16C9 ] C:\Windows\assembly\GAC_MSIL\CLI.Component.Runtime\2.0.3497.38812__90ba9c70f846762e\CLI.Component.Runtime.DLL
    23:35:31.0300 4520 C:\Windows\assembly\GAC_MSIL\CLI.Component.Runtime\2.0.3497.38812__90ba9c70f846762e\CLI.Component.Runtime.DLL - ok
    23:35:31.0316 4520 [ E6C65277FCB950C58CE4A627D0C349CB ] C:\Windows\assembly\GAC_MSIL\CLI.Component.Runtime.Shared.Private\2.0.3428.28311__90ba9c70f846762e\CLI.Component.Runtime.Shared.Private.DLL
    23:35:31.0316 4520 C:\Windows\assembly\GAC_MSIL\CLI.Component.Runtime.Shared.Private\2.0.3428.28311__90ba9c70f846762e\CLI.Component.Runtime.Shared.Private.DLL - ok
    23:35:31.0316 4520 [ 3D3782AC3E1260AAC90139BDA4B28A4B ] C:\Program Files\TOSHIBA\Power Saver\TFunc2.dll
    23:35:31.0316 4520 C:\Program Files\TOSHIBA\Power Saver\TFunc2.dll - ok
    23:35:31.0332 4520 [ DCCA4B04AF87E52EF9EAA2190E06CBAC ] C:\Program Files\Windows Sidebar\sidebar.exe
    23:35:31.0332 4520 C:\Program Files\Windows Sidebar\sidebar.exe - ok
    23:35:31.0347 4520 [ 852B2A8DC54DF9C18AFED3A4ABD94CB1 ] C:\Windows\assembly\GAC_MSIL\CLI.Foundation.Private\2.0.3428.28301__90ba9c70f846762e\CLI.Foundation.Private.DLL
    23:35:31.0347 4520 C:\Windows\assembly\GAC_MSIL\CLI.Foundation.Private\2.0.3428.28301__90ba9c70f846762e\CLI.Foundation.Private.DLL - ok
    23:35:31.0363 4520 [ 0803424C3751B2F96DF8E270E7157BF1 ] C:\Program Files\TOSHIBA\FlashCards\Hotkey\FnF3.dll
    23:35:31.0363 4520 C:\Program Files\TOSHIBA\FlashCards\Hotkey\FnF3.dll - ok
    23:35:31.0363 4520 [ 3FF2FEFF9B4A13E81ECD5F184FE400D9 ] C:\Windows\assembly\GAC_MSIL\CLI.Component.Runtime.Shared\2.0.3428.28303__90ba9c70f846762e\CLI.Component.Runtime.Shared.DLL
    23:35:31.0363 4520 C:\Windows\assembly\GAC_MSIL\CLI.Component.Runtime.Shared\2.0.3428.28303__90ba9c70f846762e\CLI.Component.Runtime.Shared.DLL - ok
    23:35:31.0378 4520 [ FCB4AF0E5B1A78140F9A7737ECBCDDE8 ] C:\Windows\assembly\GAC_MSIL\ATICCCom\2.0.0.0__90ba9c70f846762e\ATICCCom.DLL
    23:35:31.0378 4520 C:\Windows\assembly\GAC_MSIL\ATICCCom\2.0.0.0__90ba9c70f846762e\ATICCCom.DLL - ok
    23:35:31.0394 4520 [ 08415DC2E0DF45D52A0436587ADB64CA ] C:\Program Files\TOSHIBA\FlashCards\Hotkey\FnF4.dll
    23:35:31.0394 4520 C:\Program Files\TOSHIBA\FlashCards\Hotkey\FnF4.dll - ok
    23:35:31.0410 4520 [ 3010B6F95BB33F44EECF1601AB28FAB6 ] C:\Program Files\TOSHIBA\FlashCards\Hotkey\fnf5.dll
    23:35:31.0410 4520 C:\Program Files\TOSHIBA\FlashCards\Hotkey\fnf5.dll - ok
    23:35:31.0425 4520 [ 2A9FD56BB0DF43C719BA7E706D3BD340 ] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\ADL.Foundation.dll
    23:35:31.0425 4520 C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\ADL.Foundation.dll - ok
    23:35:31.0425 4520 [ 9041D038387F5B89ABCD155A5B85C481 ] C:\Windows\assembly\GAC_MSIL\AEM.Server\2.0.3497.38810__90ba9c70f846762e\AEM.Server.DLL
    23:35:31.0425 4520 C:\Windows\assembly\GAC_MSIL\AEM.Server\2.0.3497.38810__90ba9c70f846762e\AEM.Server.DLL - ok
    23:35:31.0441 4520 [ C3F095D0614D2B3B999F892CA17A1936 ] C:\Windows\System32\atipdlxx.dll
    23:35:31.0441 4520 C:\Windows\System32\atipdlxx.dll - ok
    23:35:31.0456 4520 [ 8DC3534953ECE00C7B993F219F8E6210 ] C:\Program Files\TOSHIBA\FlashCards\FnSticky.dll
    23:35:31.0456 4520 C:\Program Files\TOSHIBA\FlashCards\FnSticky.dll - ok
    23:35:31.0472 4520 [ 20B3CF6A886F8CA5505AEE4472347A96 ] C:\Windows\assembly\GAC_MSIL\NEWAEM.Foundation\2.0.3428.28297__90ba9c70f846762e\NEWAEM.Foundation.DLL
    23:35:31.0472 4520 C:\Windows\assembly\GAC_MSIL\NEWAEM.Foundation\2.0.3428.28297__90ba9c70f846762e\NEWAEM.Foundation.DLL - ok
    23:35:31.0488 4520 [ E46B17060D3962A384AE484094614788 ] C:\Program Files\iPod\bin\iPodService.exe
    23:35:31.0488 4520 C:\Program Files\iPod\bin\iPodService.exe - ok
    23:35:31.0488 4520 [ 60B76C8D8AFF9A0E534BDE0046793A22 ] C:\Windows\assembly\GAC_MSIL\AEM.Server.Shared\2.0.3428.28304__90ba9c70f846762e\AEM.Server.Shared.DLL
    23:35:31.0488 4520 C:\Windows\assembly\GAC_MSIL\AEM.Server.Shared\2.0.3428.28304__90ba9c70f846762e\AEM.Server.Shared.DLL - ok
    23:35:31.0503 4520 [ 674F1F10C790624E6AEFF1133EB5690A ] C:\Program Files\TOSHIBA\FlashCards\TWarnMsg\TWarnMsg.dll
    23:35:31.0503 4520 C:\Program Files\TOSHIBA\FlashCards\TWarnMsg\TWarnMsg.dll - ok
    23:35:31.0519 4520 [ 204B544CA3CC39412DD7BDEE0528BFC6 ] C:\Windows\assembly\GAC_MSIL\AEM.Plugin.Source.Kit.Server\2.0.3497.38904__90ba9c70f846762e\AEM.Plugin.Source.Kit.Server.DLL
    23:35:31.0519 4520 C:\Windows\assembly\GAC_MSIL\AEM.Plugin.Source.Kit.Server\2.0.3497.38904__90ba9c70f846762e\AEM.Plugin.Source.Kit.Server.DLL - ok
    23:35:31.0534 4520 [ 05B9079A6663E3C6859E5515145C4951 ] C:\Program Files\TOSHIBA\FlashCards\Hotkey\FnF67.dll
    23:35:31.0534 4520 C:\Program Files\TOSHIBA\FlashCards\Hotkey\FnF67.dll - ok
    23:35:31.0550 4520 [ 4D735830B8F1A519340CB22DF844FF31 ] C:\Windows\assembly\GAC_MSIL\AEM.Plugin.DPPE.Shared\2.0.3428.28327__90ba9c70f846762e\AEM.Plugin.DPPE.Shared.DLL
    23:35:31.0550 4520 C:\Windows\assembly\GAC_MSIL\AEM.Plugin.DPPE.Shared\2.0.3428.28327__90ba9c70f846762e\AEM.Plugin.DPPE.Shared.DLL - ok
    23:35:31.0550 4520 [ 348643BED4F3B17B7199B15392F14974 ] C:\Program Files\TOSHIBA\FlashCards\Hotkey\FnF8Dll.dll
    23:35:31.0550 4520 C:\Program Files\TOSHIBA\FlashCards\Hotkey\FnF8Dll.dll - ok
    23:35:31.0566 4520 [ 4E41E12684D9459A2DBD497B05297A8B ] C:\Windows\assembly\GAC_MSIL\AEM.Plugin.Hotkeys.Shared\2.0.3428.28304__90ba9c70f846762e\AEM.Plugin.Hotkeys.Shared.DLL
    23:35:31.0566 4520 C:\Windows\assembly\GAC_MSIL\AEM.Plugin.Hotkeys.Shared\2.0.3428.28304__90ba9c70f846762e\AEM.Plugin.Hotkeys.Shared.DLL - ok
    23:35:31.0581 4520 [ 1A0ABFAF07D9FD694F928F5640CAFF47 ] C:\Windows\assembly\GAC_MSIL\AEM.Plugin.WinMessages.Shared\2.0.3428.28311__90ba9c70f846762e\AEM.Plugin.WinMessages.Shared.DLL
    23:35:31.0581 4520 C:\Windows\assembly\GAC_MSIL\AEM.Plugin.WinMessages.Shared\2.0.3428.28311__90ba9c70f846762e\AEM.Plugin.WinMessages.Shared.DLL - ok
    23:35:31.0597 4520 [ B010CF886420EE29C2C276646721D255 ] C:\Windows\System32\wlanapi.dll
    23:35:31.0597 4520 C:\Windows\System32\wlanapi.dll - ok
    23:35:31.0597 4520 [ 71E22E0BE06A21070AF772C7B499CFBE ] C:\Program Files\TOSHIBA\FlashCards\Hotkey\FnF9.dll
    23:35:31.0597 4520 C:\Program Files\TOSHIBA\FlashCards\Hotkey\FnF9.dll - ok
    23:35:31.0612 4520 [ F52BEEC973908E99F5B9FF30C8F0800E ] C:\Program Files\TOSHIBA\FlashCards\Hotkey\FnSpace.dll
    23:35:31.0612 4520 C:\Program Files\TOSHIBA\FlashCards\Hotkey\FnSpace.dll - ok
    23:35:31.0628 4520 [ 110D2A7BBFBA80AAE36B5F229FE800AD ] C:\Windows\assembly\GAC_MSIL\DEM.Foundation\2.0.2573.17684__90ba9c70f846762e\DEM.Foundation.DLL
    23:35:31.0628 4520 C:\Windows\assembly\GAC_MSIL\DEM.Foundation\2.0.2573.17684__90ba9c70f846762e\DEM.Foundation.DLL - ok
    23:35:31.0644 4520 [ CCE69BC85D019F49691C592DDCC2FA97 ] C:\Windows\assembly\GAC_MSIL\DEM.Graphics.I0601\2.0.2573.17685__90ba9c70f846762e\DEM.Graphics.I0601.DLL
    23:35:31.0644 4520 C:\Windows\assembly\GAC_MSIL\DEM.Graphics.I0601\2.0.2573.17685__90ba9c70f846762e\DEM.Graphics.I0601.DLL - ok
    23:35:31.0659 4520 [ 5C651246CD24095952F976A754C6B110 ] C:\Program Files\TOSHIBA\TOSHIBA Assist\NotifyX.dll
    23:35:31.0659 4520 C:\Program Files\TOSHIBA\TOSHIBA Assist\NotifyX.dll - ok
    23:35:31.0659 4520 [ 90C13A7525A19CDC9D651B38257983C4 ] C:\Windows\assembly\GAC_MSIL\DEM.Graphics\2.0.3428.28324__90ba9c70f846762e\DEM.Graphics.DLL
    23:35:31.0659 4520 C:\Windows\assembly\GAC_MSIL\DEM.Graphics\2.0.3428.28324__90ba9c70f846762e\DEM.Graphics.DLL - ok
    23:35:31.0675 4520 [ 03DFE939E0F90847BF46CC496D6EEE30 ] C:\Windows\System32\ATIDEMGX.dll
    23:35:31.0675 4520 C:\Windows\System32\ATIDEMGX.dll - ok
    23:35:31.0690 4520 [ 43804516E0A84BEDE6A430869F48CDA5 ] C:\Program Files\TOSHIBA\PCDiag\NotifyPCD.dll
    23:35:31.0690 4520 C:\Program Files\TOSHIBA\PCDiag\NotifyPCD.dll - ok
    23:35:31.0706 4520 [ 665FBA44C65BAC9EE8AF9A5E37036640 ] C:\Program Files\iPod\bin\iPodService.Resources\iPodService.dll
    23:35:31.0706 4520 C:\Program Files\iPod\bin\iPodService.Resources\iPodService.dll - ok
    23:35:31.0706 4520 [ 970655FC35AFCE065761C0E49ADCD69E ] C:\Program Files\TOSHIBA\SmoothView\NotifyTZU.dll
    23:35:31.0706 4520 C:\Program Files\TOSHIBA\SmoothView\NotifyTZU.dll - ok
    23:35:31.0722 4520 [ FAAAF481CC851CE9A1A35D53BD8163DB ] C:\Program Files\TOSHIBA\TOSHIBA Disc Creator\NotifyTDC.dll
    23:35:31.0722 4520 C:\Program Files\TOSHIBA\TOSHIBA Disc Creator\NotifyTDC.dll - ok
    23:35:31.0737 4520 [ 691BAF41144EBDE972A66C5EB5210FC8 ] C:\Program Files\iPod\bin\iPodService.Resources\en.lproj\iPodServiceLocalized.dll
    23:35:31.0737 4520 C:\Program Files\iPod\bin\iPodService.Resources\en.lproj\iPodServiceLocalized.dll - ok
    23:35:31.0753 4520 [ EB19E5CE71B9410FA81E3672AF2F8146 ] C:\Program Files\TOSHIBA\Utilities\NotifyX.dll
    23:35:31.0753 4520 C:\Program Files\TOSHIBA\Utilities\NotifyX.dll - ok
    23:35:31.0768 4520 [ 21E110FF1C0E948860458BD7B692DE13 ] C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\195a77fcc6206f8bb35d419ff2cf0d72\System.Configuration.ni.dll
    23:35:31.0768 4520 C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\195a77fcc6206f8bb35d419ff2cf0d72\System.Configuration.ni.dll - ok
    23:35:31.0784 4520 [ 1D1EAA16D193C6A2D45981ED3914D22A ] C:\Windows\System32\msimtf.dll
    23:35:31.0784 4520 C:\Windows\System32\msimtf.dll - ok
    23:35:31.0784 4520 [ 6E19FAACEDD55417E307F6EC81F92204 ] C:\Windows\assembly\GAC_MSIL\CLI.Caste.Graphics.Runtime\2.0.3497.38814__90ba9c70f846762e\CLI.Caste.Graphics.Runtime.DLL
    23:35:31.0784 4520 C:\Windows\assembly\GAC_MSIL\CLI.Caste.Graphics.Runtime\2.0.3497.38814__90ba9c70f846762e\CLI.Caste.Graphics.Runtime.DLL - ok
    23:35:31.0800 4520 [ BBB03B86B9781153165E2D06E2AC38B2 ] C:\Windows\assembly\GAC_MSIL\CLI.Caste.Graphics.Shared\2.0.3428.28305__90ba9c70f846762e\CLI.Caste.Graphics.Shared.DLL
    23:35:31.0800 4520 C:\Windows\assembly\GAC_MSIL\CLI.Caste.Graphics.Shared\2.0.3428.28305__90ba9c70f846762e\CLI.Caste.Graphics.Shared.DLL - ok
    23:35:31.0815 4520 [ C079169E6A07FC4412475C02969EB9CE ] C:\Windows\System32\jscript9.dll
    23:35:31.0815 4520 C:\Windows\System32\jscript9.dll - ok
    23:35:31.0831 4520 [ A28DE8E4EB7641639F68C62A32264578 ] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\DEM.Graphics.I0709.dll
    23:35:31.0831 4520 C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\DEM.Graphics.I0709.dll - ok
    23:35:31.0846 4520 [ 9D66D3EBA023C973C2D5AFC408347C6C ] C:\Windows\assembly\GAC_MSIL\AEM.Plugin.GD.Shared\2.0.3428.28327__90ba9c70f846762e\AEM.Plugin.GD.Shared.DLL
    23:35:31.0846 4520 C:\Windows\assembly\GAC_MSIL\AEM.Plugin.GD.Shared\2.0.3428.28327__90ba9c70f846762e\AEM.Plugin.GD.Shared.DLL - ok
    23:35:31.0846 4520 [ 735263DA17BF5BAF9CCD483843BF9D5A ] C:\Windows\System32\WPDShServiceObj.dll
    23:35:31.0846 4520 C:\Windows\System32\WPDShServiceObj.dll - ok
    23:35:31.0862 4520 [ D5C9B8754337A10C1B4577ABDB51AA58 ] C:\Windows\assembly\GAC_MSIL\AEM.Actions.CCAA.Shared\2.0.3428.28302__90ba9c70f846762e\AEM.Actions.CCAA.Shared.DLL
    23:35:31.0862 4520 C:\Windows\assembly\GAC_MSIL\AEM.Actions.CCAA.Shared\2.0.3428.28302__90ba9c70f846762e\AEM.Actions.CCAA.Shared.DLL - ok
    23:35:31.0878 4520 [ 28284C03ACA54A149CCD57621D2A1DFE ] C:\Windows\assembly\GAC_MSIL\ResourceManagement.Foundation.Private\2.0.3428.28303__90ba9c70f846762e\ResourceManagement.Foundation.Private.DLL
    23:35:31.0878 4520 C:\Windows\assembly\GAC_MSIL\ResourceManagement.Foundation.Private\2.0.3428.28303__90ba9c70f846762e\ResourceManagement.Foundation.Private.DLL - ok
    23:35:31.0893 4520 [ B2B3DAE040F6B5AE1DF52B0CD7631A18 ] C:\Windows\System32\AltTab.dll
    23:35:31.0893 4520 C:\Windows\System32\AltTab.dll - ok
    23:35:31.0909 4520 [ 7F9A009E33940087FDE0FA25D8AA5706 ] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\DEM.Graphics.I0804.dll
    23:35:31.0909 4520 C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\DEM.Graphics.I0804.dll - ok
    23:35:31.0909 4520 [ 484ACF6AF85A29AC52F3CF054DFDE9D3 ] C:\Windows\Installer\{91120000-002F-0000-0000-0000000FF1CE}\wordicon.exe
    23:35:31.0909 4520 C:\Windows\Installer\{91120000-002F-0000-0000-0000000FF1CE}\wordicon.exe - ok
    23:35:31.0924 4520 [ 35CEDE6439FF0D8903223A0817FFE46C ] C:\Windows\System32\d2d1.dll
    23:35:31.0924 4520 C:\Windows\System32\d2d1.dll - ok
    23:35:31.0940 4520 [ A29D734F650F958424743BE3BAA052C8 ] C:\Windows\System32\DWrite.dll
    23:35:31.0940 4520 C:\Windows\System32\DWrite.dll - ok
    23:35:31.0956 4520 [ ADB45A977BD9E45790CA496DB84BA148 ] C:\Windows\System32\PortableDeviceTypes.dll
    23:35:31.0956 4520 C:\Windows\System32\PortableDeviceTypes.dll - ok
    23:35:31.0956 4520 [ 3D6F22551D422F97AACB0BB927E4C846 ] C:\Windows\System32\pnidui.dll
    23:35:31.0956 4520 C:\Windows\System32\pnidui.dll - ok
    23:35:31.0971 4520 [ 578296806748C228C1CF11199445EEDD ] C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceCV.Graphics.Runtime\2.0.3497.38863__90ba9c70f846762e\CLI.Aspect.DeviceCV.Graphics.Runtime.DLL
    23:35:31.0971 4520 C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceCV.Graphics.Runtime\2.0.3497.38863__90ba9c70f846762e\CLI.Aspect.DeviceCV.Graphics.Runtime.DLL - ok
    23:35:31.0987 4520 [ B3A5EC6B6B6673DB7E87C2BCDBDDC074 ] C:\Windows\System32\FntCache.dll
    23:35:31.0987 4520 C:\Windows\System32\FntCache.dll - ok
    23:35:32.0002 4520 [ 21C34CFF6E64969156BEBAC544990A40 ] C:\Windows\assembly\GAC_MSIL\CLI.Caste.Graphics.Runtime.Shared.Private\2.0.3428.28316__90ba9c70f846762e\CLI.Caste.Graphics.Runtime.Shared.Private.DLL
    23:35:32.0002 4520 C:\Windows\assembly\GAC_MSIL\CLI.Caste.Graphics.Runtime.Shared.Private\2.0.3428.28316__90ba9c70f846762e\CLI.Caste.Graphics.Runtime.Shared.Private.DLL - ok
    23:35:32.0018 4520 [ F1023E1CE6520AF077203A0832EB2E11 ] C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceCV.Graphics.Shared\2.0.3428.28315__90ba9c70f846762e\CLI.Aspect.DeviceCV.Graphics.Shared.DLL
    23:35:32.0018 4520 C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceCV.Graphics.Shared\2.0.3428.28315__90ba9c70f846762e\CLI.Aspect.DeviceCV.Graphics.Shared.DLL - ok
    23:35:32.0018 4520 [ E9E138DDAD1D8E86605B540C0B4F8B7E ] C:\Program Files\LOLReplay\LOLRecorder.exe
    23:35:32.0018 4520 C:\Program Files\LOLReplay\LOLRecorder.exe - ok
    23:35:32.0034 4520 [ 3628E90586BB3D91B62C8D7D2592F929 ] C:\Windows\assembly\GAC_MSIL\CLI.Aspect.CustomFormats.Graphics.Shared\2.0.3428.28311__90ba9c70f846762e\CLI.Aspect.CustomFormats.Graphics.Shared.DLL
    23:35:32.0034 4520 C:\Windows\assembly\GAC_MSIL\CLI.Aspect.CustomFormats.Graphics.Shared\2.0.3428.28311__90ba9c70f846762e\CLI.Aspect.CustomFormats.Graphics.Shared.DLL - ok
    23:35:32.0049 4520 [ BD626EF05967D14C772B8096292731A3 ] C:\Windows\System32\QUTIL.DLL
    23:35:32.0049 4520 C:\Windows\System32\QUTIL.DLL - ok
    23:35:32.0065 4520 [ 0386FAD4FEE556BE7C263DD397D30E75 ] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\DEM.Graphics.I0805.dll
    23:35:32.0065 4520 C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\DEM.Graphics.I0805.dll - ok
    23:35:32.0065 4520 [ CDE5436DCB2DFAC37096EF2D4768A03A ] C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceTV.Graphics.Runtime\2.0.3497.38880__90ba9c70f846762e\CLI.Aspect.DeviceTV.Graphics.Runtime.DLL
    23:35:32.0065 4520 C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceTV.Graphics.Runtime\2.0.3497.38880__90ba9c70f846762e\CLI.Aspect.DeviceTV.Graphics.Runtime.DLL - ok
    23:35:32.0080 4520 [ 674B0C0F6A448EB185CAAB9C51D44032 ] C:\Windows\System32\srchadmin.dll
    23:35:32.0080 4520 C:\Windows\System32\srchadmin.dll - ok
    23:35:32.0096 4520 [ 2E7FAB502A8615B1AAB0EAB35AFBCA3B ] C:\Windows\assembly\GAC_MSIL\DEM.Graphics.I0706\2.0.2743.23304__90ba9c70f846762e\DEM.Graphics.I0706.DLL
    23:35:32.0096 4520 C:\Windows\assembly\GAC_MSIL\DEM.Graphics.I0706\2.0.2743.23304__90ba9c70f846762e\DEM.Graphics.I0706.DLL - ok
    23:35:32.0112 4520 [ 9042BA98BB46F64CC0F5EB3B99FD7365 ] C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceTV.Graphics.Shared\2.0.3428.28316__90ba9c70f846762e\CLI.Aspect.DeviceTV.Graphics.Shared.DLL
    23:35:32.0112 4520 C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceTV.Graphics.Shared\2.0.3428.28316__90ba9c70f846762e\CLI.Aspect.DeviceTV.Graphics.Shared.DLL - ok
    23:35:32.0127 4520 [ 82D12CEFDA39C8B6C8321D094CF7B421 ] C:\Users\Daryl\Desktop\procexp.exe
    23:35:32.0127 4520 C:\Users\Daryl\Desktop\procexp.exe - ok
    23:35:32.0127 4520 [ 0CA4B0FA32315932E95296415D2F7852 ] C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceProperty.Graphics.Shared\2.0.3428.28309__90ba9c70f846762e\CLI.Aspect.DeviceProperty.Graphics.Shared.DLL
    23:35:32.0127 4520 C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceProperty.Graphics.Shared\2.0.3428.28309__90ba9c70f846762e\CLI.Aspect.DeviceProperty.Graphics.Shared.DLL - ok
    23:35:32.0143 4520 [ 2A4C1B0F65F89111963BA6721CD453DA ] C:\Windows\assembly\GAC_MSIL\CLI.Aspect.HotkeysHandling.Graphics.Runtime\2.0.3497.38823__90ba9c70f846762e\CLI.Aspect.HotkeysHandling.Graphics.Runtime.DLL
    23:35:32.0143 4520 C:\Windows\assembly\GAC_MSIL\CLI.Aspect.HotkeysHandling.Graphics.Runtime\2.0.3497.38823__90ba9c70f846762e\CLI.Aspect.HotkeysHandling.Graphics.Runtime.DLL - ok
    23:35:32.0158 4520 [ 1EF9B184A64AD160E747F57B91FB006B ] C:\Windows\assembly\GAC_MSIL\CLI.Aspect.HotkeysHandling.Graphics.Shared\2.0.3428.28312__90ba9c70f846762e\CLI.Aspect.HotkeysHandling.Graphics.Shared.DLL
    23:35:32.0158 4520 C:\Windows\assembly\GAC_MSIL\CLI.Aspect.HotkeysHandling.Graphics.Shared\2.0.3428.28312__90ba9c70f846762e\CLI.Aspect.HotkeysHandling.Graphics.Shared.DLL - ok
    23:35:32.0174 4520 [ 64C245E109240101CBC9D2C5888C52B4 ] C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DisplaysColour2.Graphics.Runtime\2.0.3497.38837__90ba9c70f846762e\CLI.Aspect.DisplaysColour2.Graphics.Runtime.DLL
    23:35:32.0174 4520 C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DisplaysColour2.Graphics.Runtime\2.0.3497.38837__90ba9c70f846762e\CLI.Aspect.DisplaysColour2.Graphics.Runtime.DLL - ok
    23:35:32.0190 4520 [ 32012729E2C34B921535AC43A10F402F ] C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DisplaysColour2.Graphics.Shared\2.0.3428.28313__90ba9c70f846762e\CLI.Aspect.DisplaysColour2.Graphics.Shared.DLL
    23:35:32.0190 4520 C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DisplaysColour2.Graphics.Shared\2.0.3428.28313__90ba9c70f846762e\CLI.Aspect.DisplaysColour2.Graphics.Shared.DLL - ok
    23:35:32.0205 4520 [ 4FCE4EA846B4732F63CFFFF55C87855B ] C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DisplaysOptions.Graphics.Runtime\2.0.3497.38860__90ba9c70f846762e\CLI.Aspect.DisplaysOptions.Graphics.Runtime.DLL
    23:35:32.0205 4520 C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DisplaysOptions.Graphics.Runtime\2.0.3497.38860__90ba9c70f846762e\CLI.Aspect.DisplaysOptions.Graphics.Runtime.DLL - ok
    23:35:32.0205 4520 [ AD5CC6083023219B204EF1C1C438125E ] C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DisplaysOptions.Graphics.Shared\2.0.3428.28314__90ba9c70f846762e\CLI.Aspect.DisplaysOptions.Graphics.Shared.DLL
    23:35:32.0205 4520 C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DisplaysOptions.Graphics.Shared\2.0.3428.28314__90ba9c70f846762e\CLI.Aspect.DisplaysOptions.Graphics.Shared.DLL - ok
    23:35:32.0221 4520 [ 31A09A67EE98057F0336BDF4C59D6A3B ] C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceCRT.Graphics.Runtime\2.0.3497.38856__90ba9c70f846762e\CLI.Aspect.DeviceCRT.Graphics.Runtime.DLL
    23:35:32.0221 4520 C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceCRT.Graphics.Runtime\2.0.3497.38856__90ba9c70f846762e\CLI.Aspect.DeviceCRT.Graphics.Runtime.DLL - ok
    23:35:32.0236 4520 [ 51932026C4423879DF53A6E58A1DCEB9 ] C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceCRT.Graphics.Shared\2.0.3428.28314__90ba9c70f846762e\CLI.Aspect.DeviceCRT.Graphics.Shared.DLL
    23:35:32.0236 4520 C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceCRT.Graphics.Shared\2.0.3428.28314__90ba9c70f846762e\CLI.Aspect.DeviceCRT.Graphics.Shared.DLL - ok
    23:35:32.0252 4520 [ 49A78631BDC6E7978E51CA04485C534D ] C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceLCD.Graphics.Runtime\2.0.3497.38862__90ba9c70f846762e\CLI.Aspect.DeviceLCD.Graphics.Runtime.DLL
    23:35:32.0252 4520 C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceLCD.Graphics.Runtime\2.0.3497.38862__90ba9c70f846762e\CLI.Aspect.DeviceLCD.Graphics.Runtime.DLL - ok
    23:35:32.0268 4520 [ 3D2A503A229EBB1956751259AFCCD9B8 ] C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceLCD.Graphics.Shared\2.0.3428.28312__90ba9c70f846762e\CLI.Aspect.DeviceLCD.Graphics.Shared.DLL
    23:35:32.0268 4520 C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceLCD.Graphics.Shared\2.0.3428.28312__90ba9c70f846762e\CLI.Aspect.DeviceLCD.Graphics.Shared.DLL - ok
    23:35:32.0268 4520 [ D7D92BB355874016A4AF91446F94CCE1 ] C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceDFP.Graphics.Runtime\2.0.3497.38855__90ba9c70f846762e\CLI.Aspect.DeviceDFP.Graphics.Runtime.DLL
    23:35:32.0268 4520 C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceDFP.Graphics.Runtime\2.0.3497.38855__90ba9c70f846762e\CLI.Aspect.DeviceDFP.Graphics.Runtime.DLL - ok
    23:35:32.0283 4520 [ 293B2EA7E95637B69D2A8441C74BF177 ] C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceDFP.Graphics.Shared\2.0.3428.28314__90ba9c70f846762e\CLI.Aspect.DeviceDFP.Graphics.Shared.DLL
    23:35:32.0283 4520 C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceDFP.Graphics.Shared\2.0.3428.28314__90ba9c70f846762e\CLI.Aspect.DeviceDFP.Graphics.Shared.DLL - ok
    23:35:32.0299 4520 [ 358690DA49607762A6A1FB76D79DCB32 ] C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceProperty.Graphics.Runtime\2.0.3497.38855__90ba9c70f846762e\CLI.Aspect.DeviceProperty.Graphics.Runtime.DLL
    23:35:32.0299 4520 C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceProperty.Graphics.Runtime\2.0.3497.38855__90ba9c70f846762e\CLI.Aspect.DeviceProperty.Graphics.Runtime.DLL - ok
    23:35:32.0314 4520 [ 7CCCFCA7510684768DA22092D1FA4DB2 ] C:\Windows\System32\netman.dll
    23:35:32.0314 4520 C:\Windows\System32\netman.dll - ok
    23:35:32.0330 4520 [ 5193DE33F3284C447E0D31DAFBF92570 ] C:\Windows\System32\webcheck.dll
    23:35:32.0330 4520 C:\Windows\System32\webcheck.dll - ok
    23:35:32.0330 4520 [ CB639A9BB70EF1F1138EC7939DA505C4 ] C:\Windows\assembly\GAC_MSIL\CLI.Aspect.Radeon3D.Graphics.Runtime\2.0.3497.38867__90ba9c70f846762e\CLI.Aspect.Radeon3D.Graphics.Runtime.DLL
    23:35:32.0330 4520 C:\Windows\assembly\GAC_MSIL\CLI.Aspect.Radeon3D.Graphics.Runtime\2.0.3497.38867__90ba9c70f846762e\CLI.Aspect.Radeon3D.Graphics.Runtime.DLL - ok
    23:35:32.0346 4520 [ 78B7A3BDA25C90DAA50D36A56A8D1351 ] C:\Windows\System32\d3d10warp.dll
    23:35:32.0346 4520 C:\Windows\System32\d3d10warp.dll - ok
    23:35:32.0361 4520 [ 244A84CD307EBF610CA8F974DCB76DDF ] C:\Windows\assembly\GAC_MSIL\CLI.Aspect.Radeon3D.Graphics.Shared\2.0.3428.28315__90ba9c70f846762e\CLI.Aspect.Radeon3D.Graphics.Shared.DLL
    23:35:32.0361 4520 C:\Windows\assembly\GAC_MSIL\CLI.Aspect.Radeon3D.Graphics.Shared\2.0.3428.28315__90ba9c70f846762e\CLI.Aspect.Radeon3D.Graphics.Shared.DLL - ok
    23:35:32.0377 4520 [ 743674F2E51508A055653B1D233E06DD ] C:\Windows\assembly\GAC_MSIL\CLI.Aspect.MMVideo.Graphics.Runtime\2.0.3497.38856__90ba9c70f846762e\CLI.Aspect.MMVideo.Graphics.Runtime.DLL
    23:35:32.0377 4520 C:\Windows\assembly\GAC_MSIL\CLI.Aspect.MMVideo.Graphics.Runtime\2.0.3497.38856__90ba9c70f846762e\CLI.Aspect.MMVideo.Graphics.Runtime.DLL - ok
    23:35:32.0392 4520 [ 20F16D017E30C27CB4388254412626BB ] C:\Windows\assembly\GAC_MSIL\CLI.Aspect.MMVideo.Graphics.Shared\2.0.3428.28314__90ba9c70f846762e\CLI.Aspect.MMVideo.Graphics.Shared.DLL
    23:35:32.0392 4520 C:\Windows\assembly\GAC_MSIL\CLI.Aspect.MMVideo.Graphics.Shared\2.0.3428.28314__90ba9c70f846762e\CLI.Aspect.MMVideo.Graphics.Shared.DLL - ok
    23:35:32.0392 4520 [ DAB3B370E0C2815FDF5B29204B8FB984 ] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\DEM.Graphics.I0712.dll
    23:35:32.0392 4520 C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\DEM.Graphics.I0712.dll - ok
    23:35:32.0408 4520 [ ACFD0D2CD67C478673F2EAB1CB4D9D79 ] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\DEM.Graphics.I0812.dll
    23:35:32.0408 4520 C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\DEM.Graphics.I0812.dll - ok
    23:35:32.0424 4520 [ 70F5B3238B4D4903547CB13A1DCE59F8 ] C:\Windows\assembly\GAC_MSIL\CLI.Aspect.PowerPlayDPPE.Graphics.Runtime\2.0.3497.38898__90ba9c70f846762e\CLI.Aspect.PowerPlayDPPE.Graphics.Runtime.DLL
    23:35:32.0424 4520 C:\Windows\assembly\GAC_MSIL\CLI.Aspect.PowerPlayDPPE.Graphics.Runtime\2.0.3497.38898__90ba9c70f846762e\CLI.Aspect.PowerPlayDPPE.Graphics.Runtime.DLL - ok
    23:35:32.0439 4520 [ 1BEB5EFEBEB145EBD2DFB8FE38EE42CD ] C:\Windows\System32\atiumdag.dll
    23:35:32.0439 4520 C:\Windows\System32\atiumdag.dll - ok
    23:35:32.0455 4520 [ 308FE97534E3FB1BB9C145CE934FA9FC ] C:\Windows\assembly\GAC_MSIL\CLI.Aspect.PowerPlayDPPE.Graphics.Shared\2.0.3428.28323__90ba9c70f846762e\CLI.Aspect.PowerPlayDPPE.Graphics.Shared.DLL
    23:35:32.0455 4520 C:\Windows\assembly\GAC_MSIL\CLI.Aspect.PowerPlayDPPE.Graphics.Shared\2.0.3428.28323__90ba9c70f846762e\CLI.Aspect.PowerPlayDPPE.Graphics.Shared.DLL - ok
    23:35:32.0455 4520 [ 9A39A2A5F443A756C568C6ED5748AFE4 ] C:\Windows\System32\ActionCenter.dll
    23:35:32.0455 4520 C:\Windows\System32\ActionCenter.dll - ok
    23:35:32.0470 4520 [ 6FD4FF247889552DE46D21DD3A1475FE ] C:\Program Files\Common Files\LogiShrd\LWSPlugins\LWS\Applets\HelpMain\launchershortcut.exe
    23:35:32.0470 4520 C:\Program Files\Common Files\LogiShrd\LWSPlugins\LWS\Applets\HelpMain\launchershortcut.exe - ok
    23:35:32.0486 4520 [ CDE6CC3742B9C1CF83075271AE354CC9 ] C:\Windows\assembly\GAC_MSIL\APM.Server\2.0.3497.38811__90ba9c70f846762e\APM.Server.DLL
    23:35:32.0486 4520 C:\Windows\assembly\GAC_MSIL\APM.Server\2.0.3497.38811__90ba9c70f846762e\APM.Server.DLL - ok
    23:35:32.0502 4520 [ E43216796A81AB5B64AD7FCE2A55E676 ] C:\Windows\assembly\GAC_MSIL\APM.Foundation\2.0.3428.28310__90ba9c70f846762e\APM.Foundation.DLL
    23:35:32.0502 4520 C:\Windows\assembly\GAC_MSIL\APM.Foundation\2.0.3428.28310__90ba9c70f846762e\APM.Foundation.DLL - ok
    23:35:32.0502 4520 [ B39B8CC163C41B12FE83E777199F3378 ] C:\Windows\System32\tzres.dll
    23:35:32.0502 4520 C:\Windows\System32\tzres.dll - ok
    23:35:32.0517 4520 [ C2D6A4475B87651D5909E364439FDA52 ] C:\Windows\System32\FXSST.dll
    23:35:32.0517 4520 C:\Windows\System32\FXSST.dll - ok
    23:35:32.0533 4520 [ 2572E1F0254E2267E97DE1B15D099EC4 ] C:\Windows\System32\d3d10.dll
    23:35:32.0533 4520 C:\Windows\System32\d3d10.dll - ok
    23:35:32.0548 4520 [ 547F78746F20901C770E8653B242217C ] C:\Windows\System32\d3d10core.dll
    23:35:32.0548 4520 C:\Windows\System32\d3d10core.dll - ok
    23:35:32.0548 4520 [ 198552AEFECA69D646867EC8D792DE95 ] C:\Windows\System32\ddraw.dll
    23:35:32.0548 4520 C:\Windows\System32\ddraw.dll - ok
    23:35:32.0564 4520 [ 942E57152F1CD0533644AB30EF1A4728 ] C:\Windows\System32\FXSAPI.dll
    23:35:32.0564 4520 C:\Windows\System32\FXSAPI.dll - ok
    23:35:32.0580 4520 [ 55E5B32AE8D1F51A63C82919656FD275 ] C:\Windows\System32\dciman32.dll
    23:35:32.0580 4520 C:\Windows\System32\dciman32.dll - ok
    23:35:32.0595 4520 [ C4096CA42199428B3D63DC206C197F0E ] C:\Windows\System32\FXSRESM.dll
    23:35:32.0595 4520 C:\Windows\System32\FXSRESM.dll - ok
    23:35:32.0595 4520 [ 6869EDA3EF774B99541AA7B35976D50E ] C:\Windows\assembly\GAC_MSIL\CLI.Component.Runtime.Extension.EEU\2.0.3497.38810__90ba9c70f846762e\CLI.Component.Runtime.Extension.EEU.DLL
    23:35:32.0595 4520 C:\Windows\assembly\GAC_MSIL\CLI.Component.Runtime.Extension.EEU\2.0.3497.38810__90ba9c70f846762e\CLI.Component.Runtime.Extension.EEU.DLL - ok
    23:35:32.0611 4520 [ F60877E20D02E506D1FF176CC90E3D3E ] C:\Windows\System32\atiumdva.dll
    23:35:32.0611 4520 C:\Windows\System32\atiumdva.dll - ok
    23:35:32.0626 4520 [ D264786D3F935147C51903F973F43F93 ] C:\Windows\assembly\GAC_MSIL\AEM.Plugin.REG.Shared\2.0.3428.28329__90ba9c70f846762e\AEM.Plugin.REG.Shared.DLL
    23:35:32.0626 4520 C:\Windows\assembly\GAC_MSIL\AEM.Plugin.REG.Shared\2.0.3428.28329__90ba9c70f846762e\AEM.Plugin.REG.Shared.DLL - ok
    23:35:32.0642 4520 [ 3B055E901240ED2247ACD0CB3093D8F6 ] C:\Windows\assembly\GAC_MSIL\AEM.Plugin.EEU.Shared\2.0.3428.28311__90ba9c70f846762e\AEM.Plugin.EEU.Shared.DLL
    23:35:32.0642 4520 C:\Windows\assembly\GAC_MSIL\AEM.Plugin.EEU.Shared\2.0.3428.28311__90ba9c70f846762e\AEM.Plugin.EEU.Shared.DLL - ok
    23:35:32.0658 4520 [ 754FAB980D5355114038107D9F79D94E ] C:\Windows\assembly\GAC_MSIL\CLI.Component.Wizard\2.0.3497.38827__90ba9c70f846762e\CLI.Component.Wizard.DLL
    23:35:32.0658 4520 C:\Windows\assembly\GAC_MSIL\CLI.Component.Wizard\2.0.3497.38827__90ba9c70f846762e\CLI.Component.Wizard.DLL - ok
    23:35:32.0673 4520 [ 3B16801F6169D525E6308462323A40E6 ] C:\Windows\assembly\GAC_MSIL\CLI.Component.Client.Shared.Private\2.0.3428.28308__90ba9c70f846762e\CLI.Component.Client.Shared.Private.DLL
    23:35:32.0673 4520 C:\Windows\assembly\GAC_MSIL\CLI.Component.Client.Shared.Private\2.0.3428.28308__90ba9c70f846762e\CLI.Component.Client.Shared.Private.DLL - ok
    23:35:32.0673 4520 [ 288948851D663ED08B1808EA1B0CE570 ] C:\Windows\assembly\GAC_MSIL\CLI.Component.Client.Shared\2.0.3428.28302__90ba9c70f846762e\CLI.Component.Client.Shared.DLL
    23:35:32.0673 4520 C:\Windows\assembly\GAC_MSIL\CLI.Component.Client.Shared\2.0.3428.28302__90ba9c70f846762e\CLI.Component.Client.Shared.DLL - ok
    23:35:32.0689 4520 [ 2FCD6E429781C955FC1571237959A287 ] C:\Program Files\uTorrent\uTorrent.exe
    23:35:32.0689 4520 C:\Program Files\uTorrent\uTorrent.exe - ok
    23:35:32.0704 4520 [ 2DF59CCEF57FA50A803D519B517F8E2E ] C:\Windows\assembly\GAC_MSIL\CLI.Component.Wizard.Shared\2.0.3428.28308__90ba9c70f846762e\CLI.Component.Wizard.Shared.DLL
    23:35:32.0704 4520 C:\Windows\assembly\GAC_MSIL\CLI.Component.Wizard.Shared\2.0.3428.28308__90ba9c70f846762e\CLI.Component.Wizard.Shared.DLL - ok
    23:35:32.0720 4520 [ 4717E814E85BA5C25A36CC908384675B ] C:\Windows\assembly\GAC_MSIL\CLI.Component.Wizard.Shared.Private\2.0.3428.28311__90ba9c70f846762e\CLI.Component.Wizard.Shared.Private.DLL
    23:35:32.0720 4520 C:\Windows\assembly\GAC_MSIL\CLI.Component.Wizard.Shared.Private\2.0.3428.28311__90ba9c70f846762e\CLI.Component.Wizard.Shared.Private.DLL - ok
    23:35:32.0720 4520 [ 27FC75229EEE367D4C0E643C108A90FA ] C:\Windows\System32\LocationApi.dll
    23:35:32.0720 4520 C:\Windows\System32\LocationApi.dll - ok
    23:35:32.0736 4520 [ 967EA5B213E9984CBE270205DF37755B ] C:\Windows\System32\FXSSVC.exe
    23:35:32.0736 4520 C:\Windows\System32\FXSSVC.exe - ok
    23:35:32.0751 4520 [ D39DA70FEA6BD713682F70635587DA9E ] C:\Windows\System32\rasdlg.dll
    23:35:32.0751 4520 C:\Windows\System32\rasdlg.dll - ok
    23:35:32.0767 4520 [ 39FCAEA10C7E1B643F9334DBCBAC599E ] C:\Windows\assembly\GAC_MSIL\CLI.Caste.Graphics.Wizard\2.0.3497.38828__90ba9c70f846762e\CLI.Caste.Graphics.Wizard.DLL
    23:35:32.0767 4520 C:\Windows\assembly\GAC_MSIL\CLI.Caste.Graphics.Wizard\2.0.3497.38828__90ba9c70f846762e\CLI.Caste.Graphics.Wizard.DLL - ok
    23:35:32.0767 4520 [ D6626C93BF7F557839C028D32247F910 ] C:\Windows\System32\SensorsApi.dll
    23:35:32.0767 4520 C:\Windows\System32\SensorsApi.dll - ok
    23:35:32.0829 4520 [ 82B92D9C1BD0FE7F4A4F1DF4FE94A7DC ] C:\Windows\assembly\GAC_MSIL\CLI.Caste.Graphics.Wizard.Shared\2.0.3428.28313__90ba9c70f846762e\CLI.Caste.Graphics.Wizard.Shared.DLL
    23:35:32.0829 4520 C:\Windows\assembly\GAC_MSIL\CLI.Caste.Graphics.Wizard.Shared\2.0.3428.28313__90ba9c70f846762e\CLI.Caste.Graphics.Wizard.Shared.DLL - ok
    23:35:32.0860 4520 [ D3EFBBBB29750CD663FFFCF8F9AE585F ] C:\Windows\assembly\GAC_MSIL\CLI.Aspect.TransCode.Graphics.Wizard\2.0.3497.38899__90ba9c70f846762e\CLI.Aspect.TransCode.Graphics.Wizard.DLL
    23:35:32.0860 4520 C:\Windows\assembly\GAC_MSIL\CLI.Aspect.TransCode.Graphics.Wizard\2.0.3497.38899__90ba9c70f846762e\CLI.Aspect.TransCode.Graphics.Wizard.DLL - ok
    23:35:32.0860 4520 [ 523214677C1D31D7991632C6D11E6B42 ] C:\Windows\System32\d3dim700.dll
    23:35:32.0860 4520 C:\Windows\System32\d3dim700.dll - ok
    23:35:32.0876 4520 [ AFD70341FAFA54E9BBEE0AB366E5BA4B ] C:\Windows\assembly\GAC_MSIL\CLI.Aspect.Radeon3D.Graphics.Wizard\2.0.3497.38868__90ba9c70f846762e\CLI.Aspect.Radeon3D.Graphics.Wizard.DLL
    23:35:32.0876 4520 C:\Windows\assembly\GAC_MSIL\CLI.Aspect.Radeon3D.Graphics.Wizard\2.0.3497.38868__90ba9c70f846762e\CLI.Aspect.Radeon3D.Graphics.Wizard.DLL - ok
    23:35:32.0892 4520 [ 04B88428A872390D235BE52D38A9D4EF ] C:\Windows\System32\dot3api.dll
    23:35:32.0892 4520 C:\Windows\System32\dot3api.dll - ok
    23:35:32.0907 4520 [ 8063046AA70B97CA9985672B8848FB2E ] C:\Windows\System32\wlanhlp.dll
    23:35:32.0907 4520 C:\Windows\System32\wlanhlp.dll - ok
    23:35:32.0923 4520 [ 4F6E72B34ED3DC53DCC5E8708E60B61F ] C:\Windows\System32\security.dll
    23:35:32.0923 4520 C:\Windows\System32\security.dll - ok
    23:35:32.0923 4520 [ 6449938511E739E10D59097451AFC926 ] C:\Windows\assembly\GAC_MSIL\CLI.Aspect.TransCode.Graphics.Shared\2.0.3428.28324__90ba9c70f846762e\CLI.Aspect.TransCode.Graphics.Shared.DLL
    23:35:32.0923 4520 C:\Windows\assembly\GAC_MSIL\CLI.Aspect.TransCode.Graphics.Shared\2.0.3428.28324__90ba9c70f846762e\CLI.Aspect.TransCode.Graphics.Shared.DLL - ok
    23:35:32.0938 4520 [ A215903595E8739AAD2A7C6F36580D38 ] C:\Windows\assembly\GAC_MSIL\CLI.Aspect.MMVideo.Graphics.Wizard\2.0.3497.38875__90ba9c70f846762e\CLI.Aspect.MMVideo.Graphics.Wizard.DLL
    23:35:32.0938 4520 C:\Windows\assembly\GAC_MSIL\CLI.Aspect.MMVideo.Graphics.Wizard\2.0.3497.38875__90ba9c70f846762e\CLI.Aspect.MMVideo.Graphics.Wizard.DLL - ok
    23:35:32.0954 4520 [ EE850C95ED088E8835F2425EE551296F ] C:\Windows\assembly\GAC_MSIL\atixclib\1.0.0.0__90ba9c70f846762e\atixclib.DLL
    23:35:32.0954 4520 C:\Windows\assembly\GAC_MSIL\atixclib\1.0.0.0__90ba9c70f846762e\atixclib.DLL - ok
    23:35:32.0970 4520 [ 92EF288C1C088584514CCFFE7BC9ECB3 ] C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceLCD.Graphics.Wizard\2.0.3497.38837__90ba9c70f846762e\CLI.Aspect.DeviceLCD.Graphics.Wizard.DLL
    23:35:32.0970 4520 C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceLCD.Graphics.Wizard\2.0.3497.38837__90ba9c70f846762e\CLI.Aspect.DeviceLCD.Graphics.Wizard.DLL - ok
    23:35:32.0970 4520 [ 477E08FE0114AFEA114FC954C983D4DB ] C:\Program Files\SUPERAntiSpyware\SASCTXMN.DLL
    23:35:32.0985 4520 C:\Program Files\SUPERAntiSpyware\SASCTXMN.DLL - ok
    23:35:32.0985 4520 [ E6F09E32B512EEBAAF2245EBD26D8343 ] C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DisplaysManager.Graphics.Wizard\2.0.3497.38831__90ba9c70f846762e\CLI.Aspect.DisplaysManager.Graphics.Wizard.DLL
    23:35:32.0985 4520 C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DisplaysManager.Graphics.Wizard\2.0.3497.38831__90ba9c70f846762e\CLI.Aspect.DisplaysManager.Graphics.Wizard.DLL - ok
    23:35:33.0001 4520 [ 2975C66459C426C20BC22D639DF6B611 ] C:\Program Files\SUPERAntiSpyware\SASSEH.DLL
    23:35:33.0001 4520 C:\Program Files\SUPERAntiSpyware\SASSEH.DLL - ok
    23:35:33.0016 4520 [ CDE1B1A441514A66E776D79C70BDE6A2 ] C:\Windows\assembly\GAC_MSIL\CLI.Aspect.InfoCentre.Graphics.Wizard\2.0.3497.38833__90ba9c70f846762e\CLI.Aspect.InfoCentre.Graphics.Wizard.DLL
    23:35:33.0016 4520 C:\Windows\assembly\GAC_MSIL\CLI.Aspect.InfoCentre.Graphics.Wizard\2.0.3497.38833__90ba9c70f846762e\CLI.Aspect.InfoCentre.Graphics.Wizard.DLL - ok
    23:35:33.0032 4520 [ 2DDEA2C345DA5BC589EFD398F220DB0E ] C:\Windows\System32\SyncCenter.dll
    23:35:33.0032 4520 C:\Windows\System32\SyncCenter.dll - ok
    23:35:33.0048 4520 [ A0617B5753E31126AD29C03154F4F329 ] C:\Windows\Microsoft.NET\Framework\v2.0.50727\Culture.dll
    23:35:33.0048 4520 C:\Windows\Microsoft.NET\Framework\v2.0.50727\Culture.dll - ok
    23:35:33.0048 4520 [ 6B447F5802D67E20220BE91917F76033 ] C:\Program Files\SUPERAntiSpyware\SASWINLO.DLL
    23:35:33.0048 4520 C:\Program Files\SUPERAntiSpyware\SASWINLO.DLL - ok
    23:35:33.0063 4520 [ 385E14E1F848577EED2DB95C3115518F ] C:\Windows\assembly\GAC_MSIL\CLI.Component.Dashboard\2.0.3497.38819__90ba9c70f846762e\CLI.Component.Dashboard.DLL
    23:35:33.0063 4520 C:\Windows\assembly\GAC_MSIL\CLI.Component.Dashboard\2.0.3497.38819__90ba9c70f846762e\CLI.Component.Dashboard.DLL - ok
    23:35:33.0079 4520 [ 3D2A58DA885238D0283468E089748EB5 ] C:\Windows\assembly\GAC_MSIL\CLI.Component.Dashboard.Shared\2.0.3428.28304__90ba9c70f846762e\CLI.Component.Dashboard.Shared.DLL
    23:35:33.0079 4520 C:\Windows\assembly\GAC_MSIL\CLI.Component.Dashboard.Shared\2.0.3428.28304__90ba9c70f846762e\CLI.Component.Dashboard.Shared.DLL - ok
    23:35:33.0094 4520 [ CDBFCB9A88E130F1138F80B01C56B680 ] C:\Windows\System32\vbscript.dll
    23:35:33.0094 4520 C:\Windows\System32\vbscript.dll - ok
    23:35:33.0110 4520 [ 0EA25B462747CAA4E05FB2CBB83BDA2D ] C:\Windows\assembly\GAC_MSIL\CLI.Component.Dashboard.Shared.Private\2.0.3428.28309__90ba9c70f846762e\CLI.Component.Dashboard.Shared.Private.DLL
    23:35:33.0110 4520 C:\Windows\assembly\GAC_MSIL\CLI.Component.Dashboard.Shared.Private\2.0.3428.28309__90ba9c70f846762e\CLI.Component.Dashboard.Shared.Private.DLL - ok
    23:35:33.0110 4520 [ 2D11BC8B460957E62E4420373A0D8BDA ] C:\Windows\System32\imapi2.dll
    23:35:33.0110 4520 C:\Windows\System32\imapi2.dll - ok
    23:35:33.0126 4520 [ BB50B21FEE2A6F3E5FC92B330ECCF050 ] C:\Windows\System32\hhctrl.ocx
    23:35:33.0126 4520 C:\Windows\System32\hhctrl.ocx - ok
    23:35:33.0141 4520 [ 0A7977FF7535F237C8C745AE09887C35 ] C:\Program Files\ATI Technologies\ATI.ACE\Branding\Branding.dll
    23:35:33.0141 4520 C:\Program Files\ATI Technologies\ATI.ACE\Branding\Branding.dll - ok
    23:35:33.0157 4520 [ E94A09197C62CC3A1BA0AA6A6137EAE8 ] C:\Windows\assembly\GAC_MSIL\CLI.Caste.Graphics.Dashboard\2.0.3497.38822__90ba9c70f846762e\CLI.Caste.Graphics.Dashboard.DLL
    23:35:33.0157 4520 C:\Windows\assembly\GAC_MSIL\CLI.Caste.Graphics.Dashboard\2.0.3497.38822__90ba9c70f846762e\CLI.Caste.Graphics.Dashboard.DLL - ok
    23:35:33.0172 4520 [ E9381F3215D774856431240055B408D2 ] C:\Windows\assembly\GAC_MSIL\CLI.Caste.Graphics.Dashboard.Shared\2.0.3428.28312__90ba9c70f846762e\CLI.Caste.Graphics.Dashboard.Shared.DLL
    23:35:33.0172 4520 C:\Windows\assembly\GAC_MSIL\CLI.Caste.Graphics.Dashboard.Shared\2.0.3428.28312__90ba9c70f846762e\CLI.Caste.Graphics.Dashboard.Shared.DLL - ok
    23:35:33.0172 4520 [ E1C1197D2202843F1CBAFB449851C7F5 ] C:\Program Files\Windows Sidebar\wlsrvc.dll
    23:35:33.0172 4520 C:\Program Files\Windows Sidebar\wlsrvc.dll - ok
    23:35:33.0188 4520 [ 5D40464E65B5376956AC152BDBF15A8F ] C:\Windows\assembly\GAC_MSIL\CLI.Aspect.Welcome.Graphics.Dashboard\2.0.3497.38899__90ba9c70f846762e\CLI.Aspect.Welcome.Graphics.Dashboard.DLL
    23:35:33.0188 4520 C:\Windows\assembly\GAC_MSIL\CLI.Aspect.Welcome.Graphics.Dashboard\2.0.3497.38899__90ba9c70f846762e\CLI.Aspect.Welcome.Graphics.Dashboard.DLL - ok
    23:35:33.0204 4520 [ 46070F74FF5FAEBF377C4DCA4CABC614 ] C:\Windows\assembly\GAC_MSIL\CLI.Aspect.InfoCentre.Graphics.Dashboard\2.0.3497.38833__90ba9c70f846762e\CLI.Aspect.InfoCentre.Graphics.Dashboard.DLL
    23:35:33.0204 4520 C:\Windows\assembly\GAC_MSIL\CLI.Aspect.InfoCentre.Graphics.Dashboard\2.0.3497.38833__90ba9c70f846762e\CLI.Aspect.InfoCentre.Graphics.Dashboard.DLL - ok
    23:35:33.0219 4520 [ 7673E2BFA0772AFAF43FBB895D59D911 ] C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DisplaysManager2.Graphics.Dashboard\2.0.3497.38923__90ba9c70f846762e\CLI.Aspect.DisplaysManager2.Graphics.Dashboard.DLL
    23:35:33.0219 4520 C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DisplaysManager2.Graphics.Dashboard\2.0.3497.38923__90ba9c70f846762e\CLI.Aspect.DisplaysManager2.Graphics.Dashboard.DLL - ok
    23:35:33.0235 4520 [ C7952D0A4C43A965A1741916BB134751 ] C:\Windows\System32\hgcpl.dll
    23:35:33.0235 4520 C:\Windows\System32\hgcpl.dll - ok
    23:35:33.0235 4520 [ 2E0558AA309D4F0EEF0883F9ACDD56C3 ] C:\Windows\assembly\GAC_MSIL\CLI.Aspect.CrossDisplay.Graphics.Dashboard\1.0.0.0__90ba9c70f846762e\CLI.Aspect.CrossDisplay.Graphics.Dashboard.DLL
    23:35:33.0250 4520 C:\Windows\assembly\GAC_MSIL\CLI.Aspect.CrossDisplay.Graphics.Dashboard\1.0.0.0__90ba9c70f846762e\CLI.Aspect.CrossDisplay.Graphics.Dashboard.DLL - ok
    23:35:33.0250 4520 [ ED753D8A41688B2412254F3BC9291CF8 ] C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DisplaysOptions.Graphics.Dashboard\2.0.3497.38861__90ba9c70f846762e\CLI.Aspect.DisplaysOptions.Graphics.Dashboard.DLL
    23:35:33.0250 4520 C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DisplaysOptions.Graphics.Dashboard\2.0.3497.38861__90ba9c70f846762e\CLI.Aspect.DisplaysOptions.Graphics.Dashboard.DLL - ok
    23:35:33.0266 4520 [ 1985BECA486497B3D8546FD6F8204114 ] C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceCRT.Graphics.Dashboard\2.0.3497.38855__90ba9c70f846762e\CLI.Aspect.DeviceCRT.Graphics.Dashboard.DLL
    23:35:33.0266 4520 C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceCRT.Graphics.Dashboard\2.0.3497.38855__90ba9c70f846762e\CLI.Aspect.DeviceCRT.Graphics.Dashboard.DLL - ok
    23:35:33.0282 4520 [ 321557C68063D22CEFCB4F48F4C6480B ] C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceLCD.Graphics.Dashboard\2.0.3497.38862__90ba9c70f846762e\CLI.Aspect.DeviceLCD.Graphics.Dashboard.DLL
    23:35:33.0282 4520 C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceLCD.Graphics.Dashboard\2.0.3497.38862__90ba9c70f846762e\CLI.Aspect.DeviceLCD.Graphics.Dashboard.DLL - ok
    23:35:33.0297 4520 [ 33239EF476A8BFDA765D34D5B7EC39AC ] C:\Windows\assembly\GAC_MSIL\CLI.Aspect.Radeon3D.Graphics.Dashboard\2.0.3497.38868__90ba9c70f846762e\CLI.Aspect.Radeon3D.Graphics.Dashboard.DLL
    23:35:33.0297 4520 C:\Windows\assembly\GAC_MSIL\CLI.Aspect.Radeon3D.Graphics.Dashboard\2.0.3497.38868__90ba9c70f846762e\CLI.Aspect.Radeon3D.Graphics.Dashboard.DLL - ok
    23:35:33.0313 4520 [ 9DD75FC2E4ACE65F9ED1D936BDAB7435 ] C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DisplaysColour2.Graphics.Dashboard\2.0.3497.38833__90ba9c70f846762e\CLI.Aspect.DisplaysColour2.Graphics.Dashboard.DLL
    23:35:33.0313 4520 C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DisplaysColour2.Graphics.Dashboard\2.0.3497.38833__90ba9c70f846762e\CLI.Aspect.DisplaysColour2.Graphics.Dashboard.DLL - ok
    23:35:33.0313 4520 [ 58DF1D4538C8833DAB3BE0B1CFBE9B21 ] C:\Windows\assembly\GAC_MSIL\CLI.Aspect.MMVideo.Graphics.Dashboard\2.0.3497.38856__90ba9c70f846762e\CLI.Aspect.MMVideo.Graphics.Dashboard.DLL
    23:35:33.0313 4520 C:\Windows\assembly\GAC_MSIL\CLI.Aspect.MMVideo.Graphics.Dashboard\2.0.3497.38856__90ba9c70f846762e\CLI.Aspect.MMVideo.Graphics.Dashboard.DLL - ok
    23:35:33.0328 4520 [ 98F79B02D6E068B1D5ABF0C4B4360882 ] C:\Windows\assembly\GAC_MSIL\CLI.Aspect.PowerPlayDPPE.Graphics.Dashboard\2.0.3497.38898__90ba9c70f846762e\CLI.Aspect.PowerPlayDPPE.Graphics.Dashboard.DLL
    23:35:33.0328 4520 C:\Windows\assembly\GAC_MSIL\CLI.Aspect.PowerPlayDPPE.Graphics.Dashboard\2.0.3497.38898__90ba9c70f846762e\CLI.Aspect.PowerPlayDPPE.Graphics.Dashboard.DLL - ok
    23:35:33.0344 4520 [ C02AA67276FEE0C15CC4D6D616BDE95E ] C:\Windows\System32\WWanAPI.dll
    23:35:33.0344 4520 C:\Windows\System32\WWanAPI.dll - ok
    23:35:33.0360 4520 [ F2ED6D00921CA138289E5E0CCB9ABF87 ] C:\Windows\System32\wwapi.dll
    23:35:33.0360 4520 C:\Windows\System32\wwapi.dll - ok
    23:35:33.0375 4520 [ 2424231BBD703A677D115C29983B4293 ] C:\PROGRA~1\COMMON~1\MICROS~1\OFFICE12\MSOXMLMF.DLL
    23:35:33.0375 4520 C:\PROGRA~1\COMMON~1\MICROS~1\OFFICE12\MSOXMLMF.DLL - ok
    23:35:33.0375 4520 [ 02530B0B7E048DD5AC8D52DAEACAEB2B ] C:\Windows\System32\QAGENT.DLL
    23:35:33.0375 4520 C:\Windows\System32\QAGENT.DLL - ok
    23:35:33.0391 4520 [ E3D5E244807AD655787FCD25477CC1BC ] C:\Windows\System32\bthprops.cpl
    23:35:33.0391 4520 C:\Windows\System32\bthprops.cpl - ok
    23:35:33.0406 4520 [ 0B7E85364CB878E2AD531DB7B601A9E5 ] C:\Windows\System32\NapiNSP.dll
    23:35:33.0406 4520 C:\Windows\System32\NapiNSP.dll - ok
    23:35:33.0422 4520 [ 5CF640EDDB1E40A5AB1BB743BCDEC610 ] C:\Windows\System32\pnrpnsp.dll
    23:35:33.0422 4520 C:\Windows\System32\pnrpnsp.dll - ok
    23:35:33.0422 4520 [ 5DF5D8CFD9B9573FA3B2C89D9061A240 ] C:\Windows\System32\winrnr.dll
    23:35:33.0422 4520 C:\Windows\System32\winrnr.dll - ok
    23:35:33.0438 4520 [ C6958AD2091238B71237D73358CEC2AB ] C:\Program Files\SUPERAntiSpyware\SSUpdate.exe
    23:35:33.0438 4520 C:\Program Files\SUPERAntiSpyware\SSUpdate.exe - ok
    23:35:33.0453 4520 [ 2305BFF2966D73694972FD7531BC5BAA ] C:\Windows\System32\SndVol.exe
    23:35:33.0453 4520 C:\Windows\System32\SndVol.exe - ok
    23:35:33.0469 4520 [ E585445D5021971FAE10393F0F1C3961 ] C:\Windows\System32\qmgr.dll
    23:35:33.0469 4520 C:\Windows\System32\qmgr.dll - ok
    23:35:33.0469 4520 [ 0552A8684BF7566F744D5B19FF6AEC6B ] C:\Windows\System32\bitsperf.dll
    23:35:33.0469 4520 C:\Windows\System32\bitsperf.dll - ok
    23:35:33.0484 4520 [ F45ED8C4F9AF862CD9992849B5203C11 ] C:\Windows\System32\bitsigd.dll
    23:35:33.0484 4520 C:\Windows\System32\bitsigd.dll - ok
    23:35:33.0500 4520 [ 954EA9B34F155C844B11F4047A8F6F89 ] C:\Windows\System32\upnp.dll
    23:35:33.0500 4520 C:\Windows\System32\upnp.dll - ok
    23:35:33.0516 4520 [ D887C9FD02AC9FA880F6E5027A43E118 ] C:\Windows\System32\ssdpsrv.dll
    23:35:33.0516 4520 C:\Windows\System32\ssdpsrv.dll - ok
    23:35:33.0516 4520 [ C5A75EB48E2344ABDC162BDA79E16841 ] C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
    23:35:33.0516 4520 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe - ok
    23:35:33.0531 4520 [ E5F7C30EDF0892667933BE879F067D67 ] C:\Windows\System32\msvcr100_clr0400.dll
    23:35:33.0531 4520 C:\Windows\System32\msvcr100_clr0400.dll - ok
    23:35:33.0547 4520 [ 370349F79315D4DB86CD992CACEFEE61 ] C:\Windows\System32\VAN.dll
    23:35:33.0547 4520 C:\Windows\System32\VAN.dll - ok
    23:35:33.0562 4520 [ 35DB83C4DE9FA3889E937125D115EAA0 ] C:\Program Files\Google\Update\1.3.21.135\goopdateres_en.dll
    23:35:33.0562 4520 C:\Program Files\Google\Update\1.3.21.135\goopdateres_en.dll - ok
    23:35:33.0578 4520 [ F405B990E4C5BFC89E2CA19C6901529B ] C:\Windows\System32\wwanmm.dll
    23:35:33.0578 4520 C:\Windows\System32\wwanmm.dll - ok
    23:35:33.0578 4520 [ 27F3D44B29E14658EDE13D7D044E7420 ] C:\Windows\System32\RASMM.dll
    23:35:33.0578 4520 C:\Windows\System32\RASMM.dll - ok
    23:35:33.0594 4520 [ 4B8441782918424827F2937CFB669136 ] C:\Windows\System32\WlanMM.dll
    23:35:33.0594 4520 C:\Windows\System32\WlanMM.dll - ok
    23:35:33.0609 4520 [ CF87A1DE791347E75B98885214CED2B8 ] C:\Windows\System32\sppsvc.exe
    23:35:33.0609 4520 C:\Windows\System32\sppsvc.exe - ok
    23:35:33.0625 4520 [ D16D818E9930A6E5B4F6476DD0998D1A ] C:\Windows\System32\drivers\spsys.sys
    23:35:33.0625 4520 C:\Windows\System32\drivers\spsys.sys - ok
    23:35:33.0625 4520 [ 3FAE8F94296001C32EAB62CD7D82E0FD ] C:\Program Files\Windows Defender\MpSvc.dll
    23:35:33.0625 4520 C:\Program Files\Windows Defender\MpSvc.dll - ok
    23:35:33.0640 4520 [ 3A11396EAC2414012155AB14E5C1E332 ] C:\Windows\System32\sppwinob.dll
    23:35:33.0640 4520 C:\Windows\System32\sppwinob.dll - ok
    23:35:33.0656 4520 [ 20308CF0675AD7CE5AAA6712DB823216 ] C:\Program Files\Windows Defender\MpClient.dll
    23:35:33.0656 4520 C:\Program Files\Windows Defender\MpClient.dll - ok
    23:35:33.0656 4520 [ 3B40D3A61AA8C21B88AE57C58AB3122E ] C:\Program Files\Windows Media Player\wmpnetwk.exe
    23:35:33.0656 4520 C:\Program Files\Windows Media Player\wmpnetwk.exe - ok
    23:35:33.0672 4520 [ 5826854E4E420E29F59C2865F0FA562F ] C:\Program Files\Windows Defender\MpEvMsg.dll
    23:35:33.0672 4520 C:\Program Files\Windows Defender\MpEvMsg.dll - ok
    23:35:33.0687 4520 [ 5CF15474FFDB5005E54958DF6EDD97AB ] C:\Windows\System32\wmdrmdev.dll
    23:35:33.0687 4520 C:\Windows\System32\wmdrmdev.dll - ok
    23:35:33.0703 4520 [ 47D052D9EE1FD3BA2A55D13F61E3EF24 ] C:\Windows\System32\drmv2clt.dll
    23:35:33.0703 4520 C:\Windows\System32\drmv2clt.dll - ok
    23:35:33.0703 4520 [ 6F5D49EFE0E7164E03AE773A3FE25340 ] C:\Windows\System32\wscsvc.dll
    23:35:33.0703 4520 C:\Windows\System32\wscsvc.dll - ok
    23:35:33.0718 4520 [ EA2B00551F3E7B3D5F7FB730A55F8246 ] C:\Windows\System32\blackbox.dll
    23:35:33.0718 4520 C:\Windows\System32\blackbox.dll - ok
    23:35:33.0734 4520 [ 1957D49A9613FAAD1C73B508CCE02AA5 ] C:\Windows\System32\wmp.dll
    23:35:33.0734 4520 C:\Windows\System32\wmp.dll - ok
    23:35:33.0750 4520 [ 1A617835452EEE5060976C9B9F5FE635 ] C:\Windows\System32\wuapi.dll
    23:35:33.0750 4520 C:\Windows\System32\wuapi.dll - ok
    23:35:33.0765 4520 [ 7A6986DD659B96398A11AF5173892715 ] C:\Windows\System32\cabinet.dll
    23:35:33.0765 4520 C:\Windows\System32\cabinet.dll - ok
    23:35:33.0765 4520 [ 421D9645B72CD341ECDBB0FCE06C97DE ] C:\Windows\System32\sppobjs.dll
    23:35:33.0765 4520 C:\Windows\System32\sppobjs.dll - ok
    23:35:33.0812 4520 [ 3458EDA96E30FBD0477A2800D3FB1909 ] C:\Windows\System32\wups.dll
    23:35:33.0812 4520 C:\Windows\System32\wups.dll - ok
    23:35:33.0812 4520 [ 93A690B9DCDE48B64DE7A87AAC2CC9BC ] C:\Windows\System32\xwizards.dll
    23:35:33.0812 4520 C:\Windows\System32\xwizards.dll - ok
    23:35:33.0828 4520 [ CC3755148498C0A44F57A88BF2ABDCD7 ] C:\Windows\System32\xwtpdui.dll
    23:35:33.0828 4520 C:\Windows\System32\xwtpdui.dll - ok
    23:35:33.0843 4520 [ 47FC6F0D7C1DF9D38D85B1CD3452A19D ] C:\Windows\System32\WLanConn.dll
    23:35:33.0843 4520 C:\Windows\System32\WLanConn.dll - ok
    23:35:33.0859 4520 [ 0FBC74AA20FE0AE6884279F893169C60 ] C:\Windows\System32\wmploc.DLL
    23:35:33.0859 4520 C:\Windows\System32\wmploc.DLL - ok
    23:35:33.0859 4520 [ 7F73235D527DCF16C38578CD1CD9F7A8 ] C:\Program Files\Internet Explorer\ieproxy.dll
    23:35:33.0859 4520 C:\Program Files\Internet Explorer\ieproxy.dll - ok
    23:35:33.0874 4520 [ 3F2B83695E5BF11930C16AF50E991F96 ] C:\Windows\System32\wmpps.dll
    23:35:33.0874 4520 C:\Windows\System32\wmpps.dll - ok
    23:35:33.0890 4520 [ 089B5F924E96BA9C40E4E4522BF43770 ] C:\Program Files\Windows Defender\MpRTP.dll
    23:35:33.0890 4520 C:\Program Files\Windows Defender\MpRTP.dll - ok
    23:35:33.0906 4520 [ 8D47D01378347889A662D54037A988CC ] C:\Windows\System32\tdh.dll
    23:35:33.0906 4520 C:\Windows\System32\tdh.dll - ok
    23:35:33.0906 4520 [ C5C867CD7EFAC60D5021223E374DEEC5 ] C:\Windows\System32\dimsjob.dll
    23:35:33.0906 4520 C:\Windows\System32\dimsjob.dll - ok
    23:35:33.0921 4520 [ 14486EB6AF542F2BD3239F7FC3E713F7 ] C:\Windows\System32\pautoenr.dll
    23:35:33.0921 4520 C:\Windows\System32\pautoenr.dll - ok
    23:35:33.0937 4520 [ 61B1ED5F429EFAC7E2036769870AB93E ] C:\Windows\System32\certcli.dll
    23:35:33.0937 4520 C:\Windows\System32\certcli.dll - ok
    23:35:33.0952 4520 [ 29BC473072568C072EC8B176498DE996 ] C:\Windows\System32\CertEnroll.dll
    23:35:33.0952 4520 C:\Windows\System32\CertEnroll.dll - ok
    23:35:33.0952 4520 [ 5F4B4BD17FA4C8D03A4D1B5D9FF96641 ] C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{AE685F81-F306-43E0-A819-BDE55EE3AA14}\mpengine.dll
    23:35:33.0952 4520 C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{AE685F81-F306-43E0-A819-BDE55EE3AA14}\mpengine.dll - ok
    23:35:33.0968 4520 [ 4C1A82E9362DF1282355FBA3037DF0C4 ] C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{AE685F81-F306-43E0-A819-BDE55EE3AA14}\mpasbase.vdm
    23:35:33.0968 4520 C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{AE685F81-F306-43E0-A819-BDE55EE3AA14}\mpasbase.vdm - ok
    23:35:33.0984 4520 [ 0997EA88A44C6BE0689D58B06E1F820A ] C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{AE685F81-F306-43E0-A819-BDE55EE3AA14}\mpasdlta.vdm
    23:35:33.0984 4520 C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{AE685F81-F306-43E0-A819-BDE55EE3AA14}\mpasdlta.vdm - ok
    23:35:33.0999 4520 [ 53946B69BA0836BD95B03759530C81EC ] C:\Windows\System32\IPSECSVC.DLL
    23:35:33.0999 4520 C:\Windows\System32\IPSECSVC.DLL - ok
    23:35:34.0015 4520 [ DB603D3FD090C66F9709EF6493C26BA3 ] C:\Windows\System32\FwRemoteSvr.dll
    23:35:34.0015 4520 C:\Windows\System32\FwRemoteSvr.dll - ok
    23:35:34.0015 4520 [ 3CA5D661E6C5DDE5574D02F324C32E53 ] C:\Program Files\Windows Defender\MsMpLics.dll
    23:35:34.0015 4520 C:\Program Files\Windows Defender\MsMpLics.dll - ok
    23:35:34.0030 4520 [ A8CDF3768604FF95B54669E20053D569 ] C:\Windows\System32\wscapi.dll
    23:35:34.0030 4520 C:\Windows\System32\wscapi.dll - ok
    23:35:34.0046 4520 [ 8258362DDB18B644A82D8B5061AD9426 ] C:\Windows\System32\wscisvif.dll
    23:35:34.0046 4520 C:\Windows\System32\wscisvif.dll - ok
    23:35:34.0062 4520 [ 7DF186D86CF8C571A12AAB788C777F84 ] C:\Windows\System32\wscproxystub.dll
    23:35:34.0062 4520 C:\Windows\System32\wscproxystub.dll - ok
    23:35:34.0077 4520 [ 4895F67E1C74A855285C95741F3DA695 ] C:\Windows\System32\Macromed\Flash\Flash32_11_6_602_171.ocx
    23:35:34.0077 4520 C:\Windows\System32\Macromed\Flash\Flash32_11_6_602_171.ocx - ok
    23:35:34.0093 4520 [ CA493A92DA9880B6F1A89C3DBD54BA5B ] C:\Windows\System32\dxtrans.dll
    23:35:34.0093 4520 C:\Windows\System32\dxtrans.dll - ok
    23:35:34.0093 4520 [ BAB9EF9A340113666F678AA2474904B6 ] C:\Windows\System32\ddrawex.dll
    23:35:34.0093 4520 C:\Windows\System32\ddrawex.dll - ok
    23:35:34.0108 4520 [ 4312DEBDACBE338F0B90E7F08E7672BE ] C:\Windows\System32\dxtmsft.dll
    23:35:34.0108 4520 C:\Windows\System32\dxtmsft.dll - ok
    23:35:34.0124 4520 [ 68563AC389F92EE79F1C714288BA1DCE ] C:\Windows\System32\imgutil.dll
    23:35:34.0124 4520 C:\Windows\System32\imgutil.dll - ok
    23:35:34.0124 4520 ============================================================
    23:35:34.0124 4520 Scan finished
    23:35:34.0124 4520 ============================================================
    23:35:34.0155 4512 Detected object count: 5
    23:35:34.0155 4512 Actual detected object count: 5
    23:40:10.0796 4512 C:\Program Files\Common Files\Native Instruments\Hardware\NIHardwareService.exe - copied to quarantine
    23:40:10.0829 4512 HKLM\SYSTEM\ControlSet001\services\NIHardwareService - will be deleted on reboot
    23:40:10.0882 4512 HKLM\SYSTEM\ControlSet002\services\NIHardwareService - will be deleted on reboot
    23:40:11.0085 4512 C:\Program Files\Common Files\Native Instruments\Hardware\NIHardwareService.exe - will be deleted on reboot
    23:40:11.0086 4512 NIHardwareService ( UnsignedFile.Multi.Generic ) - User select action: Delete
    23:40:11.0090 4512 PaceLicenseDServices ( UnsignedFile.Multi.Generic ) - skipped by user
    23:40:11.0090 4512 PaceLicenseDServices ( UnsignedFile.Multi.Generic ) - User select action: Skip
    23:40:11.0097 4512 USBAAPL ( UnsignedFile.Multi.Generic ) - skipped by user
    23:40:11.0097 4512 USBAAPL ( UnsignedFile.Multi.Generic ) - User select action: Skip
    23:40:12.0202 4512 \Device\Harddisk0\DR0\# - copied to quarantine
    23:40:12.0205 4512 \Device\Harddisk0\DR0 - copied to quarantine
    23:40:12.0297 4512 \Device\Harddisk0\DR0\TDLFS\ldrm - copied to quarantine
    23:40:12.0308 4512 \Device\Harddisk0\DR0\TDLFS\cmd.dll - copied to quarantine
    23:40:12.0313 4512 \Device\Harddisk0\DR0\TDLFS\cmd64.dll - copied to quarantine
    23:40:12.0323 4512 \Device\Harddisk0\DR0\TDLFS\drv32 - copied to quarantine
    23:40:12.0353 4512 \Device\Harddisk0\DR0\TDLFS\drv64 - copied to quarantine
    23:40:12.0374 4512 \Device\Harddisk0\DR0\TDLFS\config.ini - copied to quarantine
    23:40:12.0396 4512 \Device\Harddisk0\DR0\TDLFS\servers.dat - copied to quarantine
    23:40:12.0419 4512 \Device\Harddisk0\DR0\TDLFS\ldr16 - copied to quarantine
    23:40:12.0429 4512 \Device\Harddisk0\DR0\TDLFS\ldr32 - copied to quarantine
    23:40:12.0443 4512 \Device\Harddisk0\DR0\TDLFS\ldr64 - copied to quarantine
    23:40:12.0445 4512 \Device\Harddisk0\DR0\TDLFS\s - copied to quarantine
    23:40:12.0447 4512 \Device\Harddisk0\DR0\TDLFS\u - copied to quarantine
    23:40:12.0703 4512 \Device\Harddisk0\DR0 ( Rootkit.Boot.Pihar.c ) - will be cured on reboot
    23:40:12.0739 4512 \Device\Harddisk0\DR0 - ok
    23:40:13.0783 4512 \Device\Harddisk0\DR0 ( Rootkit.Boot.Pihar.c ) - User select action: Cure
    23:40:13.0787 4512 \Device\Harddisk0\DR0 ( TDSS File System ) - skipped by user
    23:40:13.0787 4512 \Device\Harddisk0\DR0 ( TDSS File System ) - User select action: Skip
    23:40:18.0915 2740 Deinitialize success
     
  8. JSntgRvr

    JSntgRvr Retired Moderator and Malware Specialist

    Joined:
    Jul 1, 2003
    Messages:
    18,552
    First Name:
    José
    Please re-run TDSSKiller to confirm the elimination of the rootkit.

    Then:

    Run adwCleaner.

    Download AdwCleaner from here to your desktop
    Run AdwCleaner and select Delete

    [​IMG]

    Once done it will ask to reboot, allow this
    On reboot a log will be produced at C:\ADWCleaner[XX].txt please attach that

    Then Combofix:

    Please download ComboFix from Here or Here to your Desktop.

    **Note: In the event you already have Combofix, this is a new version that I need you to download. It is important that it is saved directly to your desktop**
    1. Please, never rename Combofix unless instructed.
    2. Close any open browsers.
    3. Close/disable all anti virus and anti malware programs so they do not interfere with the running of ComboFix.
      -----------------------------------------------------------​
      • Very Important! Temporarily disable your anti-virus, script blocking and any anti-malware real-time protection before performing a scan. They can interfere with ComboFix or remove some of its embedded files which may cause "unpredictable results".
      • Click on this link or this link to see a list of programs that should be disabled. The list is not all inclusive. If yours is not listed and you don't know how to disable it, please ask.
        -----------------------------------------------------------​
      • Close any open browsers.
      • WARNING: Combofix will disconnect your machine from the Internet as soon as it starts
      • Please do not attempt to re-connect your machine back to the Internet until Combofix has completely finished.
      • If there is no internet connection after running Combofix, then restart your computer to restore back your connection.
      -----------------------------------------------------------​
    4. Double click on combofix.exe & follow the prompts.
    5. Install the Recovery Console if prompted.
    6. When finished, it will produce a report for you.
    7. Please post the "C:\ComboFix.txt" .
    **Note: Do not mouseclick combofix's window while it's running. That may cause it to stall**

    Note: ComboFix may reset a number of Internet Explorer's settings, including making it the default browser.
    Note: Combofix prevents autorun of ALL CDs, floppies and USB devices to assist with malware removal & increase security.

    Please do not install any new programs or update anything (always allow your antivirus/antispyware to update) unless told to do so while we are fixing your problem. If combofix alerts to a new version and offers to update, please let it. It is essential we always use the latest version.
     
  9. Sponsor

As Seen On
As Seen On...

Welcome to Tech Support Guy!

Are you looking for the solution to your computer problem? Join our site today to ask your question. This site is completely free -- paid for by advertisers and donations.

If you're not already familiar with forums, watch our Welcome Guide to get started.

Join over 733,556 other people just like you!

Thread Status:
Not open for further replies.

Short URL to this thread: https://techguy.org/1091063

  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.
    Dismiss Notice