Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Virus on my PCs which I can't Remove Alone


  • This topic is locked This topic is locked
7 replies to this topic

#1 pminga

pminga

  • Members
  • 44 posts
  • OFFLINE
  •  
  • Local time:09:21 AM

Posted 04 September 2012 - 03:20 PM

This message is for Farbar...

Hi, again, Farbar,

I'm back with the log from TDSSKiller that I ran on my second PC.

11:41:11.0062 2308 TDSS rootkit removing tool 2.8.8.0 Aug 24 2012 13:27:48
11:41:11.0171 2308 ============================================================
11:41:11.0171 2308 Current date / time: 2012/08/30 11:41:11.0171
11:41:11.0171 2308 SystemInfo:
11:41:11.0171 2308
11:41:11.0171 2308 OS Version: 5.1.2600 ServicePack: 3.0
11:41:11.0171 2308 Product type: Workstation
11:41:11.0171 2308 ComputerName: PMINGA
11:41:11.0171 2308 UserName: Pat Minga
11:41:11.0171 2308 Windows directory: C:\WINDOWS
11:41:11.0171 2308 System windows directory: C:\WINDOWS
11:41:11.0171 2308 Processor architecture: Intel x86
11:41:11.0171 2308 Number of processors: 2
11:41:11.0171 2308 Page size: 0x1000
11:41:11.0171 2308 Boot type: Normal boot
11:41:11.0171 2308 ============================================================
11:41:12.0250 2308 BG loaded
11:41:12.0906 2308 Drive \Device\Harddisk0\DR0 - Size: 0x4A85D56000 (298.09 Gb), SectorSize: 0x200, Cylinders: 0x9801, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000054
11:41:12.0921 2308 Drive \Device\Harddisk1\DR5 - Size: 0xFA7000 (0.02 Gb), SectorSize: 0x200, Cylinders: 0x1, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'W'
11:41:12.0921 2308 ============================================================
11:41:12.0921 2308 \Device\Harddisk0\DR0:
11:41:12.0921 2308 MBR partitions:
11:41:12.0921 2308 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0xC34F28D
11:41:12.0937 2308 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0xC34F30B, BlocksNum 0xC34F28D
11:41:12.0953 2308 \Device\Harddisk0\DR0\Partition3: MBR, Type 0x7, StartLBA 0x1869E5D7, BlocksNum 0xC34F28D
11:41:12.0968 2308 \Device\Harddisk0\DR0\Partition4: MBR, Type 0x7, StartLBA 0x249ED8A3, BlocksNum 0xA3BF5D
11:41:12.0968 2308 \Device\Harddisk1\DR5:
11:41:12.0968 2308 MBR partitions:
11:41:12.0968 2308 \Device\Harddisk1\DR5\Partition1: MBR, Type 0x1, StartLBA 0x3F, BlocksNum 0x7CF9
11:41:12.0968 2308 ============================================================
11:41:13.0015 2308 C: <-> \Device\Harddisk0\DR0\Partition1
11:41:13.0046 2308 F: <-> \Device\Harddisk0\DR0\Partition2
11:41:13.0109 2308 G: <-> \Device\Harddisk0\DR0\Partition3
11:41:13.0125 2308 H: <-> \Device\Harddisk0\DR0\Partition4
11:41:13.0125 2308 ============================================================
11:41:13.0125 2308 Initialize success
11:41:13.0125 2308 ============================================================
11:41:27.0000 2672 ============================================================
11:41:27.0000 2672 Scan started
11:41:27.0000 2672 Mode: Manual; SigCheck; TDLFS;
11:41:27.0000 2672 ============================================================
11:41:27.0531 2672 ================ Scan system memory ========================
11:41:27.0546 2672 System memory - ok
11:41:27.0562 2672 ================ Scan services =============================
11:41:27.0640 2672 Abiosdsk - ok
11:41:27.0687 2672 abp480n5 - ok
11:41:27.0734 2672 [ 8FD99680A539792A30E97944FDAECF17 ] ACPI C:\WINDOWS\system32\DRIVERS\ACPI.sys
11:41:29.0875 2672 ACPI - ok
11:41:29.0921 2672 [ 9859C0F6936E723E4892D7141B1327D5 ] ACPIEC C:\WINDOWS\system32\drivers\ACPIEC.sys
11:41:30.0250 2672 ACPIEC - ok
11:41:30.0296 2672 [ 6C40D5ED8951AB7B90D08AF655224EE4 ] AdobeFlashPlayerUpdateSvc C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe
11:41:30.0375 2672 AdobeFlashPlayerUpdateSvc - ok
11:41:30.0421 2672 adpu160m - ok
11:41:30.0468 2672 [ 1E44BC1E83D8FD2305F8D452DB109CF9 ] AFD C:\WINDOWS\System32\drivers\afd.sys
11:41:30.0562 2672 AFD - ok
11:41:30.0625 2672 [ 08FD04AA961BDC77FB983F328334E3D7 ] agp440 C:\WINDOWS\system32\DRIVERS\agp440.sys
11:41:30.0906 2672 agp440 - ok
11:41:30.0921 2672 Aha154x - ok
11:41:30.0968 2672 aic78u2 - ok
11:41:30.0984 2672 aic78xx - ok
11:41:31.0046 2672 [ 8C515081584A38AA007909CD02020B3D ] ALG C:\WINDOWS\System32\alg.exe
11:41:31.0203 2672 ALG - ok
11:41:31.0250 2672 AliIde - ok
11:41:31.0359 2672 ALSSFN - ok
11:41:31.0375 2672 amsint - ok
11:41:31.0437 2672 [ D8849F77C0B66226335A59D26CB4EDC6 ] AppMgmt C:\WINDOWS\System32\appmgmts.dll
11:41:31.0609 2672 AppMgmt - ok
11:41:31.0656 2672 asc - ok
11:41:31.0687 2672 asc3350p - ok
11:41:31.0750 2672 asc3550 - ok
11:41:31.0796 2672 [ B153AFFAC761E7F5FCFA822B9C4E97BC ] AsyncMac C:\WINDOWS\system32\DRIVERS\asyncmac.sys
11:41:32.0093 2672 AsyncMac - ok
11:41:32.0140 2672 [ 9F3A2F5AA6875C72BF062C712CFA2674 ] atapi C:\WINDOWS\system32\DRIVERS\atapi.sys
11:41:32.0437 2672 atapi - ok
11:41:32.0468 2672 Atdisk - ok
11:41:32.0500 2672 [ 9916C1225104BA14794209CFA8012159 ] Atmarpc C:\WINDOWS\system32\DRIVERS\atmarpc.sys
11:41:32.0796 2672 Atmarpc - ok
11:41:32.0843 2672 [ DEF7A7882BEC100FE0B2CE2549188F9D ] AudioSrv C:\WINDOWS\System32\audiosrv.dll
11:41:33.0125 2672 AudioSrv - ok
11:41:33.0171 2672 [ D9F724AA26C010A217C97606B160ED68 ] audstub C:\WINDOWS\system32\DRIVERS\audstub.sys
11:41:33.0453 2672 audstub - ok
11:41:33.0515 2672 [ DA1F27D85E0D1525F6621372E7B685E9 ] Beep C:\WINDOWS\system32\drivers\Beep.sys
11:41:33.0796 2672 Beep - ok
11:41:33.0843 2672 [ 574738F61FCA2935F5265DC4E5691314 ] BITS C:\WINDOWS\system32\qmgr.dll
11:41:34.0187 2672 BITS - ok
11:41:34.0218 2672 [ 90A673FC8E12A79AFBED2576F6A7AAF9 ] cbidf2k C:\WINDOWS\system32\drivers\cbidf2k.sys
11:41:34.0531 2672 cbidf2k - ok
11:41:34.0562 2672 cd20xrnt - ok
11:41:34.0625 2672 [ C1B486A7658353D33A10CC15211A873B ] Cdaudio C:\WINDOWS\system32\drivers\Cdaudio.sys
11:41:34.0937 2672 Cdaudio - ok
11:41:34.0984 2672 [ C885B02847F5D2FD45A24E219ED93B32 ] Cdfs C:\WINDOWS\system32\drivers\Cdfs.sys
11:41:35.0296 2672 Cdfs - ok
11:41:35.0343 2672 [ 1F4260CC5B42272D71F79E570A27A4FE ] Cdrom C:\WINDOWS\system32\DRIVERS\cdrom.sys
11:41:35.0703 2672 Cdrom - ok
11:41:35.0718 2672 [ 84853B3FD012251690570E9E7E43343F ] cercsr6 C:\WINDOWS\system32\drivers\cercsr6.sys
11:41:35.0765 2672 cercsr6 ( UnsignedFile.Multi.Generic ) - warning
11:41:35.0765 2672 cercsr6 - detected UnsignedFile.Multi.Generic (1)
11:41:35.0828 2672 [ 1C7B1E36F3CED9E4B0B13385E627FE8B ] cfwids C:\WINDOWS\system32\drivers\cfwids.sys
11:41:36.0031 2672 cfwids - ok
11:41:36.0046 2672 Changer - ok
11:41:36.0109 2672 [ 1CFE720EB8D93A7158A4EBC3AB178BDE ] CiSvc C:\WINDOWS\system32\cisvc.exe
11:41:36.0421 2672 CiSvc - ok
11:41:36.0453 2672 [ 34CBE729F38138217F9C80212A2A0C82 ] ClipSrv C:\WINDOWS\system32\clipsrv.exe
11:41:36.0765 2672 ClipSrv - ok
11:41:36.0796 2672 CmdIde - ok
11:41:36.0828 2672 COMSysApp - ok
11:41:36.0906 2672 Cpqarray - ok
11:41:36.0953 2672 [ 3D4E199942E29207970E04315D02AD3B ] CryptSvc C:\WINDOWS\System32\cryptsvc.dll
11:41:37.0281 2672 CryptSvc - ok
11:41:37.0296 2672 dac2w2k - ok
11:41:37.0328 2672 dac960nt - ok
11:41:37.0390 2672 [ 6B27A5C03DFB94B4245739065431322C ] DcomLaunch C:\WINDOWS\system32\rpcss.dll
11:41:37.0484 2672 DcomLaunch - ok
11:41:37.0531 2672 [ 5E38D7684A49CACFB752B046357E0589 ] Dhcp C:\WINDOWS\System32\dhcpcsvc.dll
11:41:37.0828 2672 Dhcp - ok
11:41:37.0859 2672 [ 044452051F3E02E7963599FC8F4F3E25 ] Disk C:\WINDOWS\system32\DRIVERS\disk.sys
11:41:38.0062 2672 Disk - ok
11:41:38.0078 2672 DLWVREEWSIY - ok
11:41:38.0109 2672 dmadmin - ok
11:41:38.0156 2672 [ D992FE1274BDE0F84AD826ACAE022A41 ] dmboot C:\WINDOWS\system32\drivers\dmboot.sys
11:41:38.0359 2672 dmboot - ok
11:41:38.0390 2672 [ 7C824CF7BBDE77D95C08005717A95F6F ] dmio C:\WINDOWS\system32\drivers\dmio.sys
11:41:38.0578 2672 dmio - ok
11:41:38.0593 2672 [ E9317282A63CA4D188C0DF5E09C6AC5F ] dmload C:\WINDOWS\system32\drivers\dmload.sys
11:41:38.0781 2672 dmload - ok
11:41:38.0812 2672 [ 57EDEC2E5F59F0335E92F35184BC8631 ] dmserver C:\WINDOWS\System32\dmserver.dll
11:41:38.0984 2672 dmserver - ok
11:41:39.0031 2672 [ 5F7E24FA9EAB896051FFB87F840730D2 ] Dnscache C:\WINDOWS\System32\dnsrslvr.dll
11:41:39.0109 2672 Dnscache - ok
11:41:39.0156 2672 [ 0F0F6E687E5E15579EF4DA8DD6945814 ] Dot3svc C:\WINDOWS\System32\dot3svc.dll
11:41:39.0328 2672 Dot3svc - ok
11:41:39.0359 2672 dpti2o - ok
11:41:39.0406 2672 [ 2187855A7703ADEF0CEF9EE4285182CC ] EapHost C:\WINDOWS\System32\eapsvc.dll
11:41:39.0593 2672 EapHost - ok
11:41:39.0625 2672 [ 6E883BF518296A40959131C2304AF714 ] EL90XBC C:\WINDOWS\system32\DRIVERS\el90xbc5.sys
11:41:39.0812 2672 EL90XBC - ok
11:41:39.0843 2672 [ BC93B4A066477954555966D77FEC9ECB ] ERSvc C:\WINDOWS\System32\ersvc.dll
11:41:40.0000 2672 ERSvc - ok
11:41:40.0046 2672 [ 65DF52F5B8B6E9BBD183505225C37315 ] Eventlog C:\WINDOWS\system32\services.exe
11:41:40.0078 2672 Eventlog - ok
11:41:40.0109 2672 [ D4991D98F2DB73C60D042F1AEF79EFAE ] EventSystem C:\WINDOWS\system32\es.dll
11:41:40.0140 2672 EventSystem - ok
11:41:40.0171 2672 [ 38D332A6D56AF32635675F132548343E ] Fastfat C:\WINDOWS\system32\drivers\Fastfat.sys
11:41:40.0343 2672 Fastfat - ok
11:41:40.0390 2672 [ 99BC0B50F511924348BE19C7C7313BBF ] FastUserSwitchingCompatibility C:\WINDOWS\System32\shsvcs.dll
11:41:40.0453 2672 FastUserSwitchingCompatibility - ok
11:41:40.0484 2672 [ 92CDD60B6730B9F50F6A1A0C1F8CDC81 ] Fdc C:\WINDOWS\system32\drivers\Fdc.sys
11:41:40.0656 2672 Fdc - ok
11:41:40.0671 2672 FFUKVHBV - ok
11:41:40.0718 2672 [ D45926117EB9FA946A6AF572FBE1CAA3 ] Fips C:\WINDOWS\system32\drivers\Fips.sys
11:41:40.0890 2672 Fips - ok
11:41:40.0921 2672 [ 9D27E7B80BFCDF1CDD9B555862D5E7F0 ] Flpydisk C:\WINDOWS\system32\drivers\Flpydisk.sys
11:41:41.0093 2672 Flpydisk - ok
11:41:41.0125 2672 [ B2CF4B0786F8212CB92ED2B50C6DB6B0 ] FltMgr C:\WINDOWS\system32\drivers\fltmgr.sys
11:41:41.0296 2672 FltMgr - ok
11:41:41.0328 2672 [ 3E1E2BD4F39B0E2B7DC4F4D2BCC2779A ] Fs_Rec C:\WINDOWS\system32\drivers\Fs_Rec.sys
11:41:41.0500 2672 Fs_Rec - ok
11:41:41.0531 2672 [ 6AC26732762483366C3969C9E4D2259D ] Ftdisk C:\WINDOWS\system32\DRIVERS\ftdisk.sys
11:41:41.0687 2672 Ftdisk - ok
11:41:41.0718 2672 [ 0A02C63C8B144BD8C86B103DEE7C86A2 ] Gpc C:\WINDOWS\system32\DRIVERS\msgpc.sys
11:41:41.0890 2672 Gpc - ok
11:41:41.0953 2672 [ F02A533F517EB38333CB12A9E8963773 ] gupdate C:\Program Files\Google\Update\GoogleUpdate.exe
11:41:41.0984 2672 gupdate - ok
11:41:42.0031 2672 HandsFree Client - ok
11:41:42.0078 2672 [ 4FCCA060DFE0C51A09DD5C3843888BCD ] helpsvc C:\WINDOWS\PCHealth\HelpCtr\Binaries\pchsvc.dll
11:41:42.0250 2672 helpsvc - ok
11:41:42.0296 2672 [ DEB04DA35CC871B6D309B77E1443C796 ] HidServ C:\WINDOWS\System32\hidserv.dll
11:41:42.0468 2672 HidServ - ok
11:41:42.0484 2672 [ CCF82C5EC8A7326C3066DE870C06DAF1 ] hidusb C:\WINDOWS\system32\DRIVERS\hidusb.sys
11:41:42.0671 2672 hidusb - ok
11:41:42.0703 2672 [ 8878BD685E490239777BFE51320B88E9 ] hkmsvc C:\WINDOWS\System32\kmsvc.dll
11:41:43.0671 2672 hkmsvc - ok
11:41:43.0703 2672 hpn - ok
11:41:43.0750 2672 [ F80A415EF82CD06FFAF0D971528EAD38 ] HTTP C:\WINDOWS\system32\Drivers\HTTP.sys
11:41:43.0812 2672 HTTP - ok
11:41:43.0843 2672 [ 6100A808600F44D999CEBDEF8841C7A3 ] HTTPFilter C:\WINDOWS\System32\w3ssl.dll
11:41:44.0015 2672 HTTPFilter - ok
11:41:44.0046 2672 i2omgmt - ok
11:41:44.0062 2672 i2omp - ok
11:41:44.0109 2672 [ 4A0B06AA8943C1E332520F7440C0AA30 ] i8042prt C:\WINDOWS\system32\DRIVERS\i8042prt.sys
11:41:44.0281 2672 i8042prt - ok
11:41:44.0312 2672 [ 083A052659F5310DD8B6A6CB05EDCF8E ] Imapi C:\WINDOWS\system32\DRIVERS\imapi.sys
11:41:44.0484 2672 Imapi - ok
11:41:44.0531 2672 [ 30DEAF54A9755BB8546168CFE8A6B5E1 ] ImapiService C:\WINDOWS\system32\imapi.exe
11:41:44.0687 2672 ImapiService - ok
11:41:44.0718 2672 ini910u - ok
11:41:44.0781 2672 [ B5466A9250342A7AA0CD1FBA13420678 ] IntelIde C:\WINDOWS\system32\DRIVERS\intelide.sys
11:41:44.0937 2672 IntelIde - ok
11:41:44.0984 2672 [ 8C953733D8F36EB2133F5BB58808B66B ] intelppm C:\WINDOWS\system32\DRIVERS\intelppm.sys
11:41:45.0156 2672 intelppm - ok
11:41:45.0187 2672 [ 3BB22519A194418D5FEC05D800A19AD0 ] Ip6Fw C:\WINDOWS\system32\drivers\ip6fw.sys
11:41:45.0359 2672 Ip6Fw - ok
11:41:45.0406 2672 [ 731F22BA402EE4B62748ADAF6363C182 ] IpFilterDriver C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys
11:41:45.0578 2672 IpFilterDriver - ok
11:41:45.0609 2672 [ B87AB476DCF76E72010632B5550955F5 ] IpInIp C:\WINDOWS\system32\DRIVERS\ipinip.sys
11:41:45.0781 2672 IpInIp - ok
11:41:45.0812 2672 [ CC748EA12C6EFFDE940EE98098BF96BB ] IpNat C:\WINDOWS\system32\DRIVERS\ipnat.sys
11:41:45.0968 2672 IpNat - ok
11:41:46.0000 2672 [ 23C74D75E36E7158768DD63D92789A91 ] IPSec C:\WINDOWS\system32\DRIVERS\ipsec.sys
11:41:46.0218 2672 IPSec - ok
11:41:46.0265 2672 [ C93C9FF7B04D772627A3646D89F7BF89 ] IRENUM C:\WINDOWS\system32\DRIVERS\irenum.sys
11:41:46.0375 2672 IRENUM - ok
11:41:46.0390 2672 IRTBQKX - ok
11:41:46.0437 2672 [ 05A299EC56E52649B1CF2FC52D20F2D7 ] isapnp C:\WINDOWS\system32\DRIVERS\isapnp.sys
11:41:46.0640 2672 isapnp - ok
11:41:46.0671 2672 [ 463C1EC80CD17420A542B7F36A36F128 ] Kbdclass C:\WINDOWS\system32\DRIVERS\kbdclass.sys
11:41:46.0875 2672 Kbdclass - ok
11:41:46.0921 2672 [ 9EF487A186DEA361AA06913A75B3FA99 ] kbdhid C:\WINDOWS\system32\DRIVERS\kbdhid.sys
11:41:47.0125 2672 kbdhid - ok
11:41:47.0171 2672 [ B467646C54CC746128904E1654C750C1 ] KSecDD C:\WINDOWS\system32\drivers\KSecDD.sys
11:41:47.0281 2672 KSecDD - ok
11:41:47.0296 2672 lbrtfdc - ok
11:41:47.0406 2672 [ BCDF72DCE41874B3AD9143D537B493B2 ] Linksys_adapter_H C:\WINDOWS\system32\DRIVERS\AE1200xp.sys
11:41:47.0609 2672 Linksys_adapter_H - ok
11:41:47.0812 2672 [ A7DB739AE99A796D91580147E919CC59 ] LmHosts C:\WINDOWS\System32\lmhsvc.dll
11:41:48.0046 2672 LmHosts - ok
11:41:48.0093 2672 [ 6DFE7F2E8E8A337263AA5C92A215F161 ] MBAMProtector C:\WINDOWS\system32\drivers\mbam.sys
11:41:48.0125 2672 MBAMProtector - ok
11:41:48.0203 2672 [ 43683E970F008C93C9429EF428147A54 ] MBAMService C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
11:41:48.0250 2672 MBAMService - ok
11:41:48.0328 2672 [ 7E6932EEDA54C8EAF7DC6C2225261B85 ] McAfee SiteAdvisor Service C:\Program Files\Common Files\Mcafee\McSvcHost\McSvHost.exe
11:41:48.0359 2672 McAfee SiteAdvisor Service - ok
11:41:48.0375 2672 [ 7E6932EEDA54C8EAF7DC6C2225261B85 ] McMPFSvc C:\Program Files\Common Files\Mcafee\McSvcHost\McSvHost.exe
11:41:48.0406 2672 McMPFSvc - ok
11:41:48.0437 2672 [ 7E6932EEDA54C8EAF7DC6C2225261B85 ] mcmscsvc C:\Program Files\Common Files\Mcafee\McSvcHost\McSvHost.exe
11:41:48.0468 2672 mcmscsvc - ok
11:41:48.0500 2672 [ 7E6932EEDA54C8EAF7DC6C2225261B85 ] McNaiAnn C:\Program Files\Common Files\Mcafee\McSvcHost\McSvHost.exe
11:41:48.0546 2672 McNaiAnn - ok
11:41:48.0562 2672 [ 7E6932EEDA54C8EAF7DC6C2225261B85 ] McNASvc C:\Program Files\Common Files\Mcafee\McSvcHost\McSvHost.exe
11:41:48.0609 2672 McNASvc - ok
11:41:48.0718 2672 [ E8C5AAE17E8332F5F4F57935238CD5EB ] McODS C:\Program Files\McAfee\VirusScan\mcods.exe
11:41:48.0812 2672 McODS - ok
11:41:48.0890 2672 [ 7E6932EEDA54C8EAF7DC6C2225261B85 ] McOobeSv C:\Program Files\Common Files\Mcafee\McSvcHost\McSvHost.exe
11:41:48.0921 2672 McOobeSv - ok
11:41:49.0203 2672 [ 7E6932EEDA54C8EAF7DC6C2225261B85 ] McProxy C:\Program Files\Common Files\Mcafee\McSvcHost\McSvHost.exe
11:41:49.0234 2672 McProxy - ok
11:41:49.0312 2672 [ 593FA4C378818ECE76BA64A11AD56CF2 ] McShield C:\Program Files\Common Files\McAfee\SystemCore\\mcshield.exe
11:41:49.0343 2672 McShield - ok
11:41:49.0375 2672 [ 43C31BDF404A6D7A7AC1BFD5EAD2A566 ] mfeapfk C:\WINDOWS\system32\drivers\mfeapfk.sys
11:41:49.0406 2672 mfeapfk - ok
11:41:49.0437 2672 [ C1DC5F42D3367F33B6451BE78B38BD46 ] mfeavfk C:\WINDOWS\system32\drivers\mfeavfk.sys
11:41:49.0468 2672 mfeavfk - ok
11:41:49.0484 2672 mfeavfk01 - ok
11:41:49.0515 2672 [ 0435C43F4C2BE01B84868AD2A906397B ] mfebopk C:\WINDOWS\system32\drivers\mfebopk.sys
11:41:49.0546 2672 mfebopk - ok
11:41:49.0578 2672 [ 7E1F8B1BDC8240F08BD358B3A466C005 ] mfefire C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe
11:41:49.0609 2672 mfefire - ok
11:41:49.0640 2672 [ 4EA6FF90015424517843E931448E00F1 ] mfefirek C:\WINDOWS\system32\drivers\mfefirek.sys
11:41:49.0671 2672 mfefirek - ok
11:41:49.0734 2672 [ D1E998748BA24A731106611D535C6BBF ] mfehidk C:\WINDOWS\system32\drivers\mfehidk.sys
11:41:49.0781 2672 mfehidk - ok
11:41:49.0812 2672 [ 26C76D10ED650E6492800D6F081ECFBA ] mfendisk C:\WINDOWS\system32\DRIVERS\mfendisk.sys
11:41:49.0843 2672 mfendisk - ok
11:41:49.0859 2672 [ 26C76D10ED650E6492800D6F081ECFBA ] mfendiskmp C:\WINDOWS\system32\DRIVERS\mfendisk.sys
11:41:49.0890 2672 mfendiskmp - ok
11:41:49.0921 2672 [ F454A13377F0A006D20A8C14A753C432 ] mferkdet C:\WINDOWS\system32\drivers\mferkdet.sys
11:41:49.0953 2672 mferkdet - ok
11:41:49.0984 2672 [ 070D3FAF2EAC417C59D8674A8752F7A6 ] mfetdi2k C:\WINDOWS\system32\drivers\mfetdi2k.sys
11:41:50.0000 2672 mfetdi2k - ok
11:41:50.0031 2672 [ B10C4EFD40810C08F4B44DF2EFCB54F7 ] mfevtp C:\Program Files\Common Files\McAfee\SystemCore\mfevtps.exe
11:41:50.0062 2672 mfevtp - ok
11:41:50.0093 2672 [ 4AE068242760A1FB6E1A44BF4E16AFA6 ] mnmdd C:\WINDOWS\system32\drivers\mnmdd.sys
11:41:50.0265 2672 mnmdd - ok
11:41:50.0312 2672 [ D18F1F0C101D06A1C1ADF26EED16FCDD ] mnmsrvc C:\WINDOWS\system32\mnmsrvc.exe
11:41:50.0468 2672 mnmsrvc - ok
11:41:50.0515 2672 [ DFCBAD3CEC1C5F964962AE10E0BCC8E1 ] Modem C:\WINDOWS\system32\drivers\Modem.sys
11:41:50.0687 2672 Modem - ok
11:41:50.0718 2672 [ 35C9E97194C8CFB8430125F8DBC34D04 ] Mouclass C:\WINDOWS\system32\DRIVERS\mouclass.sys
11:41:50.0890 2672 Mouclass - ok
11:41:50.0937 2672 [ B1C303E17FB9D46E87A98E4BA6769685 ] mouhid C:\WINDOWS\system32\DRIVERS\mouhid.sys
11:41:51.0109 2672 mouhid - ok
11:41:51.0140 2672 [ A80B9A0BAD1B73637DBCBBA7DF72D3FD ] MountMgr C:\WINDOWS\system32\drivers\MountMgr.sys
11:41:51.0312 2672 MountMgr - ok
11:41:51.0328 2672 mraid35x - ok
11:41:51.0359 2672 [ 11D42BB6206F33FBB3BA0288D3EF81BD ] MRxDAV C:\WINDOWS\system32\DRIVERS\mrxdav.sys
11:41:51.0546 2672 MRxDAV - ok
11:41:51.0578 2672 [ A137F1470499A205ABBB9AAFB3B6F2B1 ] MSDTC C:\WINDOWS\system32\msdtc.exe
11:41:51.0750 2672 MSDTC - ok
11:41:51.0781 2672 [ C941EA2454BA8350021D774DAF0F1027 ] Msfs C:\WINDOWS\system32\drivers\Msfs.sys
11:41:51.0937 2672 Msfs - ok
11:41:51.0953 2672 MSIServer - ok
11:41:52.0015 2672 [ AF5F4F3F14A8EA2C26DE30F7A1E17136 ] mssmbios C:\WINDOWS\system32\DRIVERS\mssmbios.sys
11:41:52.0187 2672 mssmbios - ok
11:41:52.0203 2672 [ DE6A75F5C270E756C5508D94B6CF68F5 ] Mup C:\WINDOWS\system32\drivers\Mup.sys
11:41:52.0250 2672 Mup - ok
11:41:52.0296 2672 [ 0102140028FAD045756796E1C685D695 ] napagent C:\WINDOWS\System32\qagentrt.dll
11:41:52.0468 2672 napagent - ok
11:41:52.0484 2672 [ 1DF7F42665C94B825322FAE71721130D ] NDIS C:\WINDOWS\system32\drivers\NDIS.sys
11:41:52.0671 2672 NDIS - ok
11:41:52.0703 2672 [ 0109C4F3850DFBAB279542515386AE22 ] NdisTapi C:\WINDOWS\system32\DRIVERS\ndistapi.sys
11:41:52.0750 2672 NdisTapi - ok
11:41:52.0781 2672 [ F927A4434C5028758A842943EF1A3849 ] Ndisuio C:\WINDOWS\system32\DRIVERS\ndisuio.sys
11:41:52.0953 2672 Ndisuio - ok
11:41:52.0984 2672 [ EDC1531A49C80614B2CFDA43CA8659AB ] NdisWan C:\WINDOWS\system32\DRIVERS\ndiswan.sys
11:41:53.0156 2672 NdisWan - ok
11:41:53.0203 2672 [ 9282BD12DFB069D3889EB3FCC1000A9B ] NDProxy C:\WINDOWS\system32\drivers\NDProxy.sys
11:41:53.0250 2672 NDProxy - ok
11:41:53.0281 2672 [ 74B2B2F5BEA5E9A3DC021D685551BD3D ] NetBT C:\WINDOWS\system32\DRIVERS\netbt.sys
11:41:53.0453 2672 NetBT - ok
11:41:53.0500 2672 [ B857BA82860D7FF85AE29B095645563B ] NetDDE C:\WINDOWS\system32\netdde.exe
11:41:53.0671 2672 NetDDE - ok
11:41:53.0703 2672 [ B857BA82860D7FF85AE29B095645563B ] NetDDEdsdm C:\WINDOWS\system32\netdde.exe
11:41:53.0890 2672 NetDDEdsdm - ok
11:41:53.0921 2672 [ 13E67B55B3ABD7BF3FE7AAE5A0F9A9DE ] Netman C:\WINDOWS\System32\netman.dll
11:41:54.0109 2672 Netman - ok
11:41:54.0140 2672 [ 943337D786A56729263071623BBB9DE5 ] Nla C:\WINDOWS\System32\mswsock.dll
11:41:54.0171 2672 Nla - ok
11:41:54.0218 2672 [ 3182D64AE053D6FB034F44B6DEF8034A ] Npfs C:\WINDOWS\system32\drivers\Npfs.sys
11:41:54.0406 2672 Npfs - ok
11:41:54.0437 2672 [ 78A08DD6A8D65E697C18E1DB01C5CDCA ] Ntfs C:\WINDOWS\system32\drivers\Ntfs.sys
11:41:54.0609 2672 Ntfs - ok
11:41:54.0656 2672 [ 156F64A3345BD23C600655FB4D10BC08 ] NtmsSvc C:\WINDOWS\system32\ntmssvc.dll
11:41:54.0843 2672 NtmsSvc - ok
11:41:54.0875 2672 [ 73C1E1F395918BC2C6DD67AF7591A3AD ] Null C:\WINDOWS\system32\drivers\Null.sys
11:41:55.0046 2672 Null - ok
11:41:55.0078 2672 [ B305F3FAD35083837EF46A0BBCE2FC57 ] NwlnkFlt C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys
11:41:55.0250 2672 NwlnkFlt - ok
11:41:55.0265 2672 [ C99B3415198D1AAB7227F2C88FD664B9 ] NwlnkFwd C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys
11:41:55.0437 2672 NwlnkFwd - ok
11:41:55.0500 2672 [ 455D2DA94AAA250BC60306626258F2F9 ] Office Depot PC Support Agent C:\Program Files\Office Depot PC Support Agent\esService.exe
11:41:55.0578 2672 Office Depot PC Support Agent - ok
11:41:55.0625 2672 [ 5575FAF8F97CE5E713D108C2A58D7C7C ] Parport C:\WINDOWS\system32\drivers\Parport.sys
11:41:55.0812 2672 Parport - ok
11:41:55.0828 2672 [ BEB3BA25197665D82EC7065B724171C6 ] PartMgr C:\WINDOWS\system32\drivers\PartMgr.sys
11:41:56.0000 2672 PartMgr - ok
11:41:56.0031 2672 [ 70E98B3FD8E963A6A46A2E6247E0BEA1 ] ParVdm C:\WINDOWS\system32\drivers\ParVdm.sys
11:41:56.0203 2672 ParVdm - ok
11:41:56.0218 2672 [ A219903CCF74233761D92BEF471A07B1 ] PCI C:\WINDOWS\system32\DRIVERS\pci.sys
11:41:56.0406 2672 PCI - ok
11:41:56.0437 2672 PCIDump - ok
11:41:56.0468 2672 [ CCF5F451BB1A5A2A522A76E670000FF0 ] PCIIde C:\WINDOWS\system32\drivers\PCIIde.sys
11:41:56.0640 2672 PCIIde - ok
11:41:56.0671 2672 [ 9E89EF60E9EE05E3F2EEF2DA7397F1C1 ] Pcmcia C:\WINDOWS\system32\drivers\Pcmcia.sys
11:41:56.0843 2672 Pcmcia - ok
11:41:56.0859 2672 PDCOMP - ok
11:41:56.0890 2672 PDFRAME - ok
11:41:56.0921 2672 PDRELI - ok
11:41:56.0953 2672 PDRFRAME - ok
11:41:56.0984 2672 perc2 - ok
11:41:57.0000 2672 perc2hib - ok
11:41:57.0093 2672 [ 65DF52F5B8B6E9BBD183505225C37315 ] PlugPlay C:\WINDOWS\system32\services.exe
11:41:57.0140 2672 PlugPlay - ok
11:41:57.0156 2672 [ BF2466B3E18E970D8A976FB95FC1CA85 ] PolicyAgent C:\WINDOWS\system32\lsass.exe
11:41:57.0359 2672 PolicyAgent - ok
11:41:57.0390 2672 [ EFEEC01B1D3CF84F16DDD24D9D9D8F99 ] PptpMiniport C:\WINDOWS\system32\DRIVERS\raspptp.sys
11:41:57.0562 2672 PptpMiniport - ok
11:41:57.0578 2672 [ BF2466B3E18E970D8A976FB95FC1CA85 ] ProtectedStorage C:\WINDOWS\system32\lsass.exe
11:41:57.0765 2672 ProtectedStorage - ok
11:41:57.0796 2672 [ 80D317BD1C3DBC5D4FE7B1678C60CADD ] Ptilink C:\WINDOWS\system32\DRIVERS\ptilink.sys
11:41:57.0953 2672 Ptilink - ok
11:41:57.0968 2672 ql1080 - ok
11:41:58.0000 2672 Ql10wnt - ok
11:41:58.0031 2672 ql12160 - ok
11:41:58.0062 2672 ql1240 - ok
11:41:58.0078 2672 ql1280 - ok
11:41:58.0125 2672 [ FE0D99D6F31E4FAD8159F690D68DED9C ] RasAcd C:\WINDOWS\system32\DRIVERS\rasacd.sys
11:41:58.0296 2672 RasAcd - ok
11:41:58.0343 2672 [ AD188BE7BDF94E8DF4CA0A55C00A5073 ] RasAuto C:\WINDOWS\System32\rasauto.dll
11:41:58.0500 2672 RasAuto - ok
11:41:58.0531 2672 [ 11B4A627BC9614B885C4969BFA5FF8A6 ] Rasl2tp C:\WINDOWS\system32\DRIVERS\rasl2tp.sys
11:41:58.0703 2672 Rasl2tp - ok
11:41:58.0734 2672 [ 76A9A3CBEADD68CC57CDA5E1D7448235 ] RasMan C:\WINDOWS\System32\rasmans.dll
11:41:58.0906 2672 RasMan - ok
11:41:58.0921 2672 [ 5BC962F2654137C9909C3D4603587DEE ] RasPppoe C:\WINDOWS\system32\DRIVERS\raspppoe.sys
11:41:59.0125 2672 RasPppoe - ok
11:41:59.0140 2672 [ FDBB1D60066FCFBB7452FD8F9829B242 ] Raspti C:\WINDOWS\system32\DRIVERS\raspti.sys
11:41:59.0312 2672 Raspti - ok
11:41:59.0343 2672 [ 4912D5B403614CE99C28420F75353332 ] RDPCDD C:\WINDOWS\system32\DRIVERS\RDPCDD.sys
11:41:59.0515 2672 RDPCDD - ok
11:41:59.0562 2672 [ 15CABD0F7C00C47C70124907916AF3F1 ] rdpdr C:\WINDOWS\system32\DRIVERS\rdpdr.sys
11:41:59.0734 2672 rdpdr - ok
11:41:59.0765 2672 [ 43AF5212BD8FB5BA6EED9754358BD8F7 ] RDPWD C:\WINDOWS\system32\drivers\RDPWD.sys
11:41:59.0843 2672 RDPWD - ok
11:41:59.0890 2672 [ 3C37BF86641BDA977C3BF8A840F3B7FA ] RDSessMgr C:\WINDOWS\system32\sessmgr.exe
11:42:00.0078 2672 RDSessMgr - ok
11:42:00.0125 2672 [ F828DD7E1419B6653894A8F97A0094C5 ] redbook C:\WINDOWS\system32\DRIVERS\redbook.sys
11:42:00.0296 2672 redbook - ok
11:42:00.0328 2672 [ 7E699FF5F59B5D9DE5390E3C34C67CF5 ] RemoteAccess C:\WINDOWS\System32\mprdim.dll
11:42:00.0500 2672 RemoteAccess - ok
11:42:00.0531 2672 [ 5B19B557B0C188210A56A6B699D90B8F ] RemoteRegistry C:\WINDOWS\system32\regsvc.dll
11:42:00.0703 2672 RemoteRegistry - ok
11:42:00.0734 2672 [ 6B27A5C03DFB94B4245739065431322C ] RpcSs C:\WINDOWS\system32\rpcss.dll
11:42:00.0796 2672 RpcSs - ok
11:42:00.0828 2672 [ 471B3F9741D762ABE75E9DEEA4787E47 ] RSVP C:\WINDOWS\system32\rsvp.exe
11:42:00.0984 2672 RSVP - ok
11:42:01.0015 2672 [ BF2466B3E18E970D8A976FB95FC1CA85 ] SamSs C:\WINDOWS\system32\lsass.exe
11:42:01.0187 2672 SamSs - ok
11:42:01.0218 2672 [ 86D007E7A654B9A71D1D7D856B104353 ] SCardSvr C:\WINDOWS\System32\SCardSvr.exe
11:42:01.0390 2672 SCardSvr - ok
11:42:01.0421 2672 [ 0A9A7365A1CA4319AA7C1D6CD8E4EAFA ] Schedule C:\WINDOWS\system32\schedsvc.dll
11:42:01.0593 2672 Schedule - ok
11:42:01.0640 2672 [ 90A3935D05B494A5A39D37E71F09A677 ] Secdrv C:\WINDOWS\system32\DRIVERS\secdrv.sys
11:42:01.0734 2672 Secdrv - ok
11:42:01.0750 2672 [ CBE612E2BB6A10E3563336191EDA1250 ] seclogon C:\WINDOWS\System32\seclogon.dll
11:42:01.0937 2672 seclogon - ok
11:42:01.0968 2672 [ 7FDD5D0684ECA8C1F68B4D99D124DCD0 ] SENS C:\WINDOWS\system32\sens.dll
11:42:02.0140 2672 SENS - ok
11:42:02.0171 2672 [ CCA207A8896D4C6A0C9CE29A4AE411A7 ] Serial C:\WINDOWS\system32\drivers\Serial.sys
11:42:02.0343 2672 Serial - ok
11:42:02.0375 2672 [ 8E6B8C671615D126FDC553D1E2DE5562 ] Sfloppy C:\WINDOWS\system32\drivers\Sfloppy.sys
11:42:02.0546 2672 Sfloppy - ok
11:42:02.0609 2672 [ 83F41D0D89645D7235C051AB1D9523AC ] SharedAccess C:\WINDOWS\System32\ipnathlp.dll
11:42:02.0796 2672 SharedAccess - ok
11:42:02.0828 2672 [ 99BC0B50F511924348BE19C7C7313BBF ] ShellHWDetection C:\WINDOWS\System32\shsvcs.dll
11:42:02.0859 2672 ShellHWDetection - ok
11:42:02.0875 2672 Simbad - ok
11:42:02.0906 2672 Sparrow - ok
11:42:02.0953 2672 [ 60784F891563FB1B767F70117FC2428F ] Spooler C:\WINDOWS\system32\spoolsv.exe
11:42:03.0000 2672 Spooler - ok
11:42:03.0031 2672 [ 76BB022C2FB6902FD5BDD4F78FC13A5D ] sr C:\WINDOWS\system32\DRIVERS\sr.sys
11:42:03.0125 2672 sr - ok
11:42:03.0156 2672 [ 3805DF0AC4296A34BA4BF93B346CC378 ] srservice C:\WINDOWS\system32\srsvc.dll
11:42:03.0234 2672 srservice - ok
11:42:03.0281 2672 [ 0A5679B3714EDAB99E357057EE88FCA6 ] SSDPSRV C:\WINDOWS\System32\ssdpsrv.dll
11:42:03.0359 2672 SSDPSRV - ok
11:42:03.0406 2672 [ F843301BDADB2728822C83413EF5F132 ] ssmirrdr C:\WINDOWS\system32\DRIVERS\ssmirrdr.sys
11:42:03.0437 2672 ssmirrdr - ok
11:42:03.0468 2672 [ 8BAD69CBAC032D4BBACFCE0306174C30 ] stisvc C:\WINDOWS\system32\wiaservc.dll
11:42:03.0687 2672 stisvc - ok
11:42:03.0718 2672 [ 3941D127AEF12E93ADDF6FE6EE027E0F ] swenum C:\WINDOWS\system32\DRIVERS\swenum.sys
11:42:03.0890 2672 swenum - ok
11:42:03.0906 2672 SwPrv - ok
11:42:03.0953 2672 symc810 - ok
11:42:03.0984 2672 symc8xx - ok
11:42:04.0000 2672 sym_hi - ok
11:42:04.0031 2672 sym_u3 - ok
11:42:04.0078 2672 [ C7ABBC59B43274B1109DF6B24D617051 ] SysmonLog C:\WINDOWS\system32\smlogsvc.exe
11:42:04.0250 2672 SysmonLog - ok
11:42:04.0265 2672 [ 3CB78C17BB664637787C9A1C98F79C38 ] TapiSrv C:\WINDOWS\System32\tapisrv.dll
11:42:04.0437 2672 TapiSrv - ok
11:42:04.0484 2672 [ 9AEFA14BD6B182D61E3119FA5F436D3D ] Tcpip C:\WINDOWS\system32\DRIVERS\tcpip.sys
11:42:04.0531 2672 Tcpip - ok
11:42:04.0546 2672 [ 6471A66807F5E104E4885F5B67349397 ] TDPIPE C:\WINDOWS\system32\drivers\TDPIPE.sys
11:42:04.0734 2672 TDPIPE - ok
11:42:04.0765 2672 [ C56B6D0402371CF3700EB322EF3AAF61 ] TDTCP C:\WINDOWS\system32\drivers\TDTCP.sys
11:42:04.0953 2672 TDTCP - ok
11:42:04.0968 2672 [ 88155247177638048422893737429D9E ] TermDD C:\WINDOWS\system32\DRIVERS\termdd.sys
11:42:05.0156 2672 TermDD - ok
11:42:05.0187 2672 [ FF3477C03BE7201C294C35F684B3479F ] TermService C:\WINDOWS\System32\termsrv.dll
11:42:05.0375 2672 TermService - ok
11:42:05.0390 2672 [ 99BC0B50F511924348BE19C7C7313BBF ] Themes C:\WINDOWS\System32\shsvcs.dll
11:42:05.0421 2672 Themes - ok
11:42:05.0468 2672 [ DB7205804759FF62C34E3EFD8A4CC76A ] TlntSvr C:\WINDOWS\system32\tlntsvr.exe
11:42:05.0562 2672 TlntSvr - ok
11:42:05.0578 2672 TosIde - ok
11:42:05.0609 2672 TPWGZY - ok
11:42:05.0656 2672 [ 55BCA12F7F523D35CA3CB833C725F54E ] TrkWks C:\WINDOWS\system32\trkwks.dll
11:42:05.0828 2672 TrkWks - ok
11:42:05.0875 2672 [ 8F861EDA21C05857EB8197300A92501C ] tunmp C:\WINDOWS\system32\DRIVERS\tunmp.sys
11:42:06.0046 2672 tunmp - ok
11:42:06.0062 2672 UCOG - ok
11:42:06.0109 2672 [ 5787B80C2E3C5E2F56C2A233D91FA2C9 ] Udfs C:\WINDOWS\system32\drivers\Udfs.sys
11:42:06.0296 2672 Udfs - ok
11:42:06.0312 2672 ultra - ok
11:42:06.0375 2672 [ 402DDC88356B1BAC0EE3DD1580C76A31 ] Update C:\WINDOWS\system32\DRIVERS\update.sys
11:42:06.0546 2672 Update - ok
11:42:06.0578 2672 [ 1EBAFEB9A3FBDC41B8D9C7F0F687AD91 ] upnphost C:\WINDOWS\System32\upnphost.dll
11:42:06.0687 2672 upnphost - ok
11:42:06.0703 2672 [ 05365FB38FCA1E98F7A566AAAF5D1815 ] UPS C:\WINDOWS\System32\ups.exe
11:42:06.0906 2672 UPS - ok
11:42:06.0953 2672 [ 173F317CE0DB8E21322E71B7E60A27E8 ] usbccgp C:\WINDOWS\system32\DRIVERS\usbccgp.sys
11:42:07.0140 2672 usbccgp - ok
11:42:07.0156 2672 [ 65DCF09D0E37D4C6B11B5B0B76D470A7 ] usbehci C:\WINDOWS\system32\DRIVERS\usbehci.sys
11:42:07.0343 2672 usbehci - ok
11:42:07.0359 2672 [ 1AB3CDDE553B6E064D2E754EFE20285C ] usbhub C:\WINDOWS\system32\DRIVERS\usbhub.sys
11:42:07.0546 2672 usbhub - ok
11:42:07.0593 2672 [ A32426D9B14A089EAA1D922E0C5801A9 ] USBSTOR C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS
11:42:07.0796 2672 USBSTOR - ok
11:42:07.0812 2672 [ 26496F9DEE2D787FC3E61AD54821FFE6 ] usbuhci C:\WINDOWS\system32\DRIVERS\usbuhci.sys
11:42:07.0984 2672 usbuhci - ok
11:42:08.0015 2672 [ 0D3A8FAFCEACD8B7625CD549757A7DF1 ] VgaSave C:\WINDOWS\System32\drivers\vga.sys
11:42:08.0187 2672 VgaSave - ok
11:42:08.0203 2672 ViaIde - ok
11:42:08.0250 2672 [ 4C8FCB5CC53AAB716D810740FE59D025 ] VolSnap C:\WINDOWS\system32\drivers\VolSnap.sys
11:42:08.0437 2672 VolSnap - ok
11:42:08.0468 2672 [ 7A9DB3A67C333BF0BD42E42B8596854B ] VSS C:\WINDOWS\System32\vssvc.exe
11:42:08.0609 2672 VSS - ok
11:42:08.0656 2672 [ 54AF4B1D5459500EF0937F6D33B1914F ] W32Time C:\WINDOWS\system32\w32time.dll
11:42:08.0828 2672 W32Time - ok
11:42:08.0875 2672 [ E20B95BAEDB550F32DD489265C1DA1F6 ] Wanarp C:\WINDOWS\system32\DRIVERS\wanarp.sys
11:42:09.0046 2672 Wanarp - ok
11:42:09.0062 2672 WDICA - ok
11:42:09.0109 2672 [ 77A354E28153AD2D5E120A5A8687BC06 ] WebClient C:\WINDOWS\System32\webclnt.dll
11:42:09.0281 2672 WebClient - ok
11:42:09.0328 2672 [ 2D0E4ED081963804CCC196A0929275B5 ] winmgmt C:\WINDOWS\system32\wbem\WMIsvc.dll
11:42:09.0500 2672 winmgmt - ok
11:42:09.0578 2672 [ C7E39EA41233E9F5B86C8DA3A9F1E4A8 ] WmdmPmSN C:\WINDOWS\system32\mspmsnsv.dll
11:42:09.0750 2672 WmdmPmSN - ok
11:42:09.0796 2672 [ E76F8807070ED04E7408A86D6D3A6137 ] Wmi C:\WINDOWS\System32\advapi32.dll
11:42:09.0843 2672 Wmi - ok
11:42:09.0890 2672 [ E0673F1106E62A68D2257E376079F821 ] WmiApSrv C:\WINDOWS\system32\wbem\wmiapsrv.exe
11:42:10.0046 2672 WmiApSrv - ok
11:42:10.0093 2672 [ 552943F8E673EE1AEF667787889014DD ] WRkrn C:\WINDOWS\system32\drivers\WRkrn.sys
11:42:10.0125 2672 WRkrn - ok
11:42:10.0171 2672 [ 7C278E6408D1DCE642230C0585A854D5 ] wscsvc C:\WINDOWS\system32\wscsvc.dll
11:42:10.0359 2672 wscsvc - ok
11:42:10.0406 2672 [ 35321FB577CDC98CE3EB3A3EB9E4610A ] wuauserv C:\WINDOWS\system32\wuauserv.dll
11:42:10.0578 2672 wuauserv - ok
11:42:10.0625 2672 [ 81DC3F549F44B1C1FFF022DEC9ECF30B ] WZCSVC C:\WINDOWS\System32\wzcsvc.dll
11:42:10.0843 2672 WZCSVC - ok
11:42:10.0875 2672 [ 295D21F14C335B53CB8154E5B1F892B9 ] xmlprov C:\WINDOWS\System32\xmlprov.dll
11:42:11.0062 2672 xmlprov - ok
11:42:11.0078 2672 ZVMFVGVZWHEF - ok
11:42:11.0125 2672 ================ Scan global ===============================
11:42:11.0140 2672 [ 42F1F4C0AFB08410E5F02D4B13EBB623 ] C:\WINDOWS\system32\basesrv.dll
11:42:11.0171 2672 [ 8C7DCA4B158BF16894120786A7A5F366 ] C:\WINDOWS\system32\winsrv.dll
11:42:11.0187 2672 [ 8C7DCA4B158BF16894120786A7A5F366 ] C:\WINDOWS\system32\winsrv.dll
11:42:11.0218 2672 [ 65DF52F5B8B6E9BBD183505225C37315 ] C:\WINDOWS\system32\services.exe
11:42:11.0218 2672 [Global] - ok
11:42:11.0218 2672 ================ Scan MBR ==================================
11:42:11.0250 2672 [ 8F558EB6672622401DA993E1E865C861 ] \Device\Harddisk0\DR0
11:42:11.0484 2672 \Device\Harddisk0\DR0 - ok
11:42:11.0546 2672 [ 671B81004FDD1588FA9ED1331C9CECA9 ] \Device\Harddisk1\DR5
11:42:51.0421 2672 \Device\Harddisk1\DR5 - ok
11:42:51.0421 2672 ================ Scan VBR ==================================
11:42:51.0437 2672 [ 03A6B3F8D6037C6A3214FBB8F82AC0D7 ] \Device\Harddisk0\DR0\Partition1
11:42:51.0453 2672 \Device\Harddisk0\DR0\Partition1 - ok
11:42:51.0468 2672 [ F4091FC551427CA9FFDEF3DF2ACA3404 ] \Device\Harddisk0\DR0\Partition2
11:42:51.0484 2672 \Device\Harddisk0\DR0\Partition2 - ok
11:42:51.0500 2672 [ C20CDA6218170CBAFB351C870CA97D21 ] \Device\Harddisk0\DR0\Partition3
11:42:51.0515 2672 \Device\Harddisk0\DR0\Partition3 - ok
11:42:51.0546 2672 [ 52F9A4AE89D62699688D5D9337959F1A ] \Device\Harddisk0\DR0\Partition4
11:42:51.0546 2672 \Device\Harddisk0\DR0\Partition4 - ok
11:42:51.0578 2672 [ 9048D4C0544768F13CADE0A9047479EB ] \Device\Harddisk1\DR5\Partition1
11:42:51.0578 2672 \Device\Harddisk1\DR5\Partition1 - ok
11:42:51.0578 2672 ================ Scan active images ========================
11:42:51.0593 2672 [ 8C953733D8F36EB2133F5BB58808B66B ] C:\WINDOWS\system32\drivers\intelppm.sys
11:42:51.0593 2672 C:\WINDOWS\system32\drivers\intelppm.sys - ok
11:42:51.0625 2672 [ 791912E524CC2CC6F50B5F2B52D1EB71 ] C:\WINDOWS\system32\drivers\usbport.sys
11:42:51.0625 2672 C:\WINDOWS\system32\drivers\usbport.sys - ok
11:42:51.0656 2672 [ 26496F9DEE2D787FC3E61AD54821FFE6 ] C:\WINDOWS\system32\drivers\usbuhci.sys
11:42:51.0656 2672 C:\WINDOWS\system32\drivers\usbuhci.sys - ok
11:42:51.0671 2672 [ 6E883BF518296A40959131C2304AF714 ] C:\WINDOWS\system32\drivers\el90xbc5.sys
11:42:51.0671 2672 C:\WINDOWS\system32\drivers\el90xbc5.sys - ok
11:42:51.0703 2672 [ 65DCF09D0E37D4C6B11B5B0B76D470A7 ] C:\WINDOWS\system32\drivers\usbehci.sys
11:42:51.0703 2672 C:\WINDOWS\system32\drivers\usbehci.sys - ok
11:42:51.0734 2672 [ 4A0B06AA8943C1E332520F7440C0AA30 ] C:\WINDOWS\system32\drivers\i8042prt.sys
11:42:51.0734 2672 C:\WINDOWS\system32\drivers\i8042prt.sys - ok
11:42:51.0750 2672 [ 463C1EC80CD17420A542B7F36A36F128 ] C:\WINDOWS\system32\drivers\kbdclass.sys
11:42:51.0750 2672 C:\WINDOWS\system32\drivers\kbdclass.sys - ok
11:42:51.0765 2672 [ 083A052659F5310DD8B6A6CB05EDCF8E ] C:\WINDOWS\system32\drivers\imapi.sys
11:42:51.0765 2672 C:\WINDOWS\system32\drivers\imapi.sys - ok
11:42:51.0796 2672 [ 35C9E97194C8CFB8430125F8DBC34D04 ] C:\WINDOWS\system32\drivers\mouclass.sys
11:42:51.0796 2672 C:\WINDOWS\system32\drivers\mouclass.sys - ok
11:42:51.0828 2672 [ 1F4260CC5B42272D71F79E570A27A4FE ] C:\WINDOWS\system32\drivers\cdrom.sys
11:42:51.0828 2672 C:\WINDOWS\system32\drivers\cdrom.sys - ok
11:42:51.0843 2672 [ 0753515F78DF7F271A5E61C20BCD36A1 ] C:\WINDOWS\system32\drivers\ks.sys
11:42:51.0843 2672 C:\WINDOWS\system32\drivers\ks.sys - ok
11:42:51.0875 2672 [ F828DD7E1419B6653894A8F97A0094C5 ] C:\WINDOWS\system32\drivers\redbook.sys
11:42:51.0875 2672 C:\WINDOWS\system32\drivers\redbook.sys - ok
11:42:51.0906 2672 [ D9F724AA26C010A217C97606B160ED68 ] C:\WINDOWS\system32\drivers\audstub.sys
11:42:51.0906 2672 C:\WINDOWS\system32\drivers\audstub.sys - ok
11:42:51.0921 2672 [ 26C76D10ED650E6492800D6F081ECFBA ] C:\WINDOWS\system32\drivers\mfendisk.sys
11:42:51.0921 2672 C:\WINDOWS\system32\drivers\mfendisk.sys - ok
11:42:51.0953 2672 [ 11B4A627BC9614B885C4969BFA5FF8A6 ] C:\WINDOWS\system32\drivers\rasl2tp.sys
11:42:51.0953 2672 C:\WINDOWS\system32\drivers\rasl2tp.sys - ok
11:42:51.0984 2672 [ 0109C4F3850DFBAB279542515386AE22 ] C:\WINDOWS\system32\drivers\ndistapi.sys
11:42:51.0984 2672 C:\WINDOWS\system32\drivers\ndistapi.sys - ok
11:42:52.0000 2672 [ EDC1531A49C80614B2CFDA43CA8659AB ] C:\WINDOWS\system32\drivers\ndiswan.sys
11:42:52.0000 2672 C:\WINDOWS\system32\drivers\ndiswan.sys - ok
11:42:52.0015 2672 [ 5BC962F2654137C9909C3D4603587DEE ] C:\WINDOWS\system32\drivers\raspppoe.sys
11:42:52.0015 2672 C:\WINDOWS\system32\drivers\raspppoe.sys - ok
11:42:52.0046 2672 [ EFEEC01B1D3CF84F16DDD24D9D9D8F99 ] C:\WINDOWS\system32\drivers\raspptp.sys
11:42:52.0046 2672 C:\WINDOWS\system32\drivers\raspptp.sys - ok
11:42:52.0078 2672 [ 80D317BD1C3DBC5D4FE7B1678C60CADD ] C:\WINDOWS\system32\drivers\ptilink.sys
11:42:52.0078 2672 C:\WINDOWS\system32\drivers\ptilink.sys - ok
11:42:52.0093 2672 [ FDBB1D60066FCFBB7452FD8F9829B242 ] C:\WINDOWS\system32\drivers\raspti.sys
11:42:52.0093 2672 C:\WINDOWS\system32\drivers\raspti.sys - ok
11:42:52.0125 2672 [ 15CABD0F7C00C47C70124907916AF3F1 ] C:\WINDOWS\system32\drivers\rdpdr.sys
11:42:52.0125 2672 C:\WINDOWS\system32\drivers\rdpdr.sys - ok
11:42:52.0156 2672 [ 88155247177638048422893737429D9E ] C:\WINDOWS\system32\drivers\termdd.sys
11:42:52.0156 2672 C:\WINDOWS\system32\drivers\termdd.sys - ok
11:42:52.0171 2672 [ 3941D127AEF12E93ADDF6FE6EE027E0F ] C:\WINDOWS\system32\drivers\swenum.sys
11:42:52.0171 2672 C:\WINDOWS\system32\drivers\swenum.sys - ok
11:42:52.0203 2672 [ 402DDC88356B1BAC0EE3DD1580C76A31 ] C:\WINDOWS\system32\drivers\update.sys
11:42:52.0203 2672 C:\WINDOWS\system32\drivers\update.sys - ok
11:42:52.0234 2672 [ AF5F4F3F14A8EA2C26DE30F7A1E17136 ] C:\WINDOWS\system32\drivers\mssmbios.sys
11:42:52.0234 2672 C:\WINDOWS\system32\drivers\mssmbios.sys - ok
11:42:52.0250 2672 [ 9282BD12DFB069D3889EB3FCC1000A9B ] C:\WINDOWS\system32\drivers\ndproxy.sys
11:42:52.0250 2672 C:\WINDOWS\system32\drivers\ndproxy.sys - ok
11:42:52.0265 2672 [ C1DC5F42D3367F33B6451BE78B38BD46 ] C:\WINDOWS\system32\drivers\mfeavfk.sys
11:42:52.0265 2672 C:\WINDOWS\system32\drivers\mfeavfk.sys - ok
11:42:52.0296 2672 [ 4EA6FF90015424517843E931448E00F1 ] C:\WINDOWS\system32\drivers\mfefirek.sys
11:42:52.0296 2672 C:\WINDOWS\system32\drivers\mfefirek.sys - ok
11:42:52.0328 2672 [ 596EB39B50D6EBD9B734DC4AE0544693 ] C:\WINDOWS\system32\drivers\usbd.sys
11:42:52.0328 2672 C:\WINDOWS\system32\drivers\usbd.sys - ok
11:42:52.0343 2672 [ 1AB3CDDE553B6E064D2E754EFE20285C ] C:\WINDOWS\system32\drivers\usbhub.sys
11:42:52.0343 2672 C:\WINDOWS\system32\drivers\usbhub.sys - ok
11:42:52.0375 2672 [ 92CDD60B6730B9F50F6A1A0C1F8CDC81 ] C:\WINDOWS\system32\drivers\fdc.sys
11:42:52.0375 2672 C:\WINDOWS\system32\drivers\fdc.sys - ok
11:42:52.0406 2672 [ 9D27E7B80BFCDF1CDD9B555862D5E7F0 ] C:\WINDOWS\system32\drivers\flpydisk.sys
11:42:52.0406 2672 C:\WINDOWS\system32\drivers\flpydisk.sys - ok
11:42:52.0421 2672 [ C1B486A7658353D33A10CC15211A873B ] C:\WINDOWS\system32\drivers\cdaudio.sys
11:42:52.0421 2672 C:\WINDOWS\system32\drivers\cdaudio.sys - ok
11:42:52.0453 2672 [ 3E1E2BD4F39B0E2B7DC4F4D2BCC2779A ] C:\WINDOWS\system32\drivers\fs_rec.sys
11:42:52.0453 2672 C:\WINDOWS\system32\drivers\fs_rec.sys - ok
11:42:52.0484 2672 [ 8E6B8C671615D126FDC553D1E2DE5562 ] C:\WINDOWS\system32\drivers\sfloppy.sys
11:42:52.0484 2672 C:\WINDOWS\system32\drivers\sfloppy.sys - ok
11:42:52.0500 2672 [ DA1F27D85E0D1525F6621372E7B685E9 ] C:\WINDOWS\system32\drivers\beep.sys
11:42:52.0500 2672 C:\WINDOWS\system32\drivers\beep.sys - ok
11:42:52.0515 2672 [ 73C1E1F395918BC2C6DD67AF7591A3AD ] C:\WINDOWS\system32\drivers\null.sys
11:42:52.0515 2672 C:\WINDOWS\system32\drivers\null.sys - ok
11:42:52.0546 2672 [ 96ECCF28FDBF1B2CC12725818A63628D ] C:\WINDOWS\system32\drivers\hidparse.sys
11:42:52.0546 2672 C:\WINDOWS\system32\drivers\hidparse.sys - ok
11:42:52.0578 2672 [ 9EF487A186DEA361AA06913A75B3FA99 ] C:\WINDOWS\system32\drivers\kbdhid.sys
11:42:52.0578 2672 C:\WINDOWS\system32\drivers\kbdhid.sys - ok
11:42:52.0593 2672 [ 0D3A8FAFCEACD8B7625CD549757A7DF1 ] C:\WINDOWS\system32\drivers\vga.sys
11:42:52.0593 2672 C:\WINDOWS\system32\drivers\vga.sys - ok
11:42:52.0625 2672 [ E28726B72C46821A28830E077D39A55B ] C:\WINDOWS\system32\drivers\videoprt.sys
11:42:52.0625 2672 C:\WINDOWS\system32\drivers\videoprt.sys - ok
11:42:52.0656 2672 [ 4AE068242760A1FB6E1A44BF4E16AFA6 ] C:\WINDOWS\system32\drivers\mnmdd.sys
11:42:52.0656 2672 C:\WINDOWS\system32\drivers\mnmdd.sys - ok
11:42:52.0671 2672 [ 4912D5B403614CE99C28420F75353332 ] C:\WINDOWS\system32\drivers\rdpcdd.sys
11:42:52.0671 2672 C:\WINDOWS\system32\drivers\rdpcdd.sys - ok
11:42:52.0703 2672 [ C941EA2454BA8350021D774DAF0F1027 ] C:\WINDOWS\system32\drivers\msfs.sys
11:42:52.0703 2672 C:\WINDOWS\system32\drivers\msfs.sys - ok
11:42:52.0734 2672 [ 23C74D75E36E7158768DD63D92789A91 ] C:\WINDOWS\system32\drivers\ipsec.sys
11:42:52.0734 2672 C:\WINDOWS\system32\drivers\ipsec.sys - ok
11:42:52.0750 2672 [ 0A02C63C8B144BD8C86B103DEE7C86A2 ] C:\WINDOWS\system32\drivers\msgpc.sys
11:42:52.0750 2672 C:\WINDOWS\system32\drivers\msgpc.sys - ok
11:42:52.0765 2672 [ 3182D64AE053D6FB034F44B6DEF8034A ] C:\WINDOWS\system32\drivers\npfs.sys
11:42:52.0765 2672 C:\WINDOWS\system32\drivers\npfs.sys - ok
11:42:52.0796 2672 [ FE0D99D6F31E4FAD8159F690D68DED9C ] C:\WINDOWS\system32\drivers\rasacd.sys
11:42:52.0796 2672 C:\WINDOWS\system32\drivers\rasacd.sys - ok
11:42:52.0828 2672 [ 9AEFA14BD6B182D61E3119FA5F436D3D ] C:\WINDOWS\system32\drivers\tcpip.sys
11:42:52.0828 2672 C:\WINDOWS\system32\drivers\tcpip.sys - ok
11:42:52.0843 2672 [ CC748EA12C6EFFDE940EE98098BF96BB ] C:\WINDOWS\system32\drivers\ipnat.sys
11:42:52.0843 2672 C:\WINDOWS\system32\drivers\ipnat.sys - ok
11:42:52.0875 2672 [ 070D3FAF2EAC417C59D8674A8752F7A6 ] C:\WINDOWS\system32\drivers\mfetdi2k.sys
11:42:52.0875 2672 C:\WINDOWS\system32\drivers\mfetdi2k.sys - ok
11:42:52.0906 2672 [ 74B2B2F5BEA5E9A3DC021D685551BD3D ] C:\WINDOWS\system32\drivers\netbt.sys
11:42:52.0906 2672 C:\WINDOWS\system32\drivers\netbt.sys - ok
11:42:52.0921 2672 [ 1E44BC1E83D8FD2305F8D452DB109CF9 ] C:\WINDOWS\system32\drivers\afd.sys
11:42:52.0921 2672 C:\WINDOWS\system32\drivers\afd.sys - ok
11:42:52.0953 2672 [ D45926117EB9FA946A6AF572FBE1CAA3 ] C:\WINDOWS\system32\drivers\fips.sys
11:42:52.0953 2672 C:\WINDOWS\system32\drivers\fips.sys - ok
11:42:52.0984 2672 [ 5F816C1F539266D2D4C78694239DA0B5 ] C:\WINDOWS\system32\smss.exe
11:42:52.0984 2672 C:\WINDOWS\system32\smss.exe - ok
11:42:53.0000 2672 [ F8F0D25CA553E39DDE485D8FC7FCCE89 ] C:\WINDOWS\system32\ntdll.dll
11:42:53.0000 2672 C:\WINDOWS\system32\ntdll.dll - ok
11:42:53.0015 2672 [ 23043C91A0F9DFB4B9E9F87B680863B4 ] C:\WINDOWS\system32\autochk.exe
11:42:53.0015 2672 C:\WINDOWS\system32\autochk.exe - ok
11:42:53.0046 2672 [ A32426D9B14A089EAA1D922E0C5801A9 ] C:\WINDOWS\system32\drivers\usbstor.sys
11:42:53.0046 2672 C:\WINDOWS\system32\drivers\usbstor.sys - ok
11:42:53.0078 2672 [ 9DD07AF82244867CA36681EA2D29CE79 ] C:\WINDOWS\system32\sfcfiles.dll
11:42:53.0078 2672 C:\WINDOWS\system32\sfcfiles.dll - ok
11:42:53.0093 2672 [ C885B02847F5D2FD45A24E219ED93B32 ] C:\WINDOWS\system32\drivers\cdfs.sys
11:42:53.0093 2672 C:\WINDOWS\system32\drivers\cdfs.sys - ok
11:42:53.0125 2672 [ 38D332A6D56AF32635675F132548343E ] C:\WINDOWS\system32\drivers\fastfat.sys
11:42:53.0125 2672 C:\WINDOWS\system32\drivers\fastfat.sys - ok
11:42:53.0156 2672 [ 2F31B7F954BED437F2C75026C65CAF7B ] C:\WINDOWS\system32\drivers\wmilib.sys
11:42:53.0156 2672 C:\WINDOWS\system32\drivers\wmilib.sys - ok
11:42:53.0171 2672 [ 9F3A2F5AA6875C72BF062C712CFA2674 ] C:\WINDOWS\system32\drivers\atapi.sys
11:42:53.0171 2672 C:\WINDOWS\system32\drivers\atapi.sys - ok
11:42:53.0203 2672 [ FE97D0343ACFDEBDD578FC67CC91FA87 ] C:\WINDOWS\system32\drivers\dxapi.sys
11:42:53.0203 2672 C:\WINDOWS\system32\drivers\dxapi.sys - ok
11:42:53.0234 2672 [ 9A10AACBFDC4922715375FB4065EC930 ] C:\WINDOWS\system32\watchdog.sys
11:42:53.0234 2672 C:\WINDOWS\system32\watchdog.sys - ok
11:42:53.0250 2672 [ 44F275C64738EA2056E3D9580C23B60F ] C:\WINDOWS\system32\csrss.exe
11:42:53.0250 2672 C:\WINDOWS\system32\csrss.exe - ok
11:42:53.0265 2672 [ D6F934A361D7F0BE8271673988D4E7FD ] C:\WINDOWS\system32\win32k.sys
11:42:53.0265 2672 C:\WINDOWS\system32\win32k.sys - ok
11:42:53.0296 2672 [ 42F1F4C0AFB08410E5F02D4B13EBB623 ] C:\WINDOWS\system32\basesrv.dll
11:42:53.0296 2672 C:\WINDOWS\system32\basesrv.dll - ok
11:42:53.0328 2672 [ DD40363ABAD230A84C5E2178B11EFA88 ] C:\WINDOWS\system32\csrsrv.dll
11:42:53.0328 2672 C:\WINDOWS\system32\csrsrv.dll - ok
11:42:53.0343 2672 [ 8B1F3320AEBB536E021A5014409862DE ] C:\WINDOWS\system32\gdi32.dll
11:42:53.0343 2672 C:\WINDOWS\system32\gdi32.dll - ok
11:42:53.0375 2672 [ 8C7DCA4B158BF16894120786A7A5F366 ] C:\WINDOWS\system32\winsrv.dll
11:42:53.0375 2672 C:\WINDOWS\system32\winsrv.dll - ok
11:42:53.0406 2672 [ B921FB870C9AC0D509B2CCABBBBE95F3 ] C:\WINDOWS\system32\kernel32.dll
11:42:53.0406 2672 C:\WINDOWS\system32\kernel32.dll - ok
11:42:53.0421 2672 [ B26B135FF1B9F60C9388B4A7D16F600B ] C:\WINDOWS\system32\user32.dll
11:42:53.0421 2672 C:\WINDOWS\system32\user32.dll - ok
11:42:53.0453 2672 [ AC7280566A7BB85CB3291F04DDC1198E ] C:\WINDOWS\system32\drivers\dxg.sys
11:42:53.0453 2672 C:\WINDOWS\system32\drivers\dxg.sys - ok
11:42:53.0484 2672 [ A73F5D6705B1D820C19B18782E176EFD ] C:\WINDOWS\system32\drivers\dxgthk.sys
11:42:53.0484 2672 C:\WINDOWS\system32\drivers\dxgthk.sys - ok
11:42:53.0500 2672 [ C669A8B0A436641AAD3C2EADA780CBB9 ] C:\WINDOWS\system32\framebuf.dll
11:42:53.0500 2672 C:\WINDOWS\system32\framebuf.dll - ok
11:42:53.0515 2672 [ ECB7591870F8BFB1A4C17B718AD5A4AA ] C:\WINDOWS\system32\vga.dll
11:42:53.0515 2672 C:\WINDOWS\system32\vga.dll - ok
11:42:53.0546 2672 [ 1FB5E4AD68B9091148D2A28CF6831D77 ] C:\WINDOWS\system32\vga256.dll
11:42:53.0546 2672 C:\WINDOWS\system32\vga256.dll - ok
11:42:53.0578 2672 [ D5A9D4E5DFD788A5F427DEC60A278FBD ] C:\WINDOWS\system32\vga64k.dll
11:42:53.0578 2672 C:\WINDOWS\system32\vga64k.dll - ok
11:42:53.0593 2672 [ ED0EF0A136DEC83DF69F04118870003E ] C:\WINDOWS\system32\winlogon.exe
11:42:53.0593 2672 C:\WINDOWS\system32\winlogon.exe - ok
11:42:53.0625 2672 [ E76F8807070ED04E7408A86D6D3A6137 ] C:\WINDOWS\system32\advapi32.dll
11:42:53.0625 2672 C:\WINDOWS\system32\advapi32.dll - ok
11:42:53.0656 2672 [ D4502F124289A31976130CCCB014C9AA ] C:\WINDOWS\system32\rpcrt4.dll
11:42:53.0656 2672 C:\WINDOWS\system32\rpcrt4.dll - ok
11:42:53.0671 2672 [ 5357826C8A8DD6A07F17C48BB45BE46E ] C:\WINDOWS\system32\secur32.dll
11:42:53.0671 2672 C:\WINDOWS\system32\secur32.dll - ok
11:42:53.0703 2672 [ 714705F29A917993536A6AB2DEDB0B7F ] C:\WINDOWS\system32\authz.dll
11:42:53.0703 2672 C:\WINDOWS\system32\authz.dll - ok
11:42:53.0734 2672 [ 355EDBB4D412B01F1740C17E3F50FA00 ] C:\WINDOWS\system32\msvcrt.dll
11:42:53.0734 2672 C:\WINDOWS\system32\msvcrt.dll - ok
11:42:53.0750 2672 [ 64416C6E07606720C1ECE6DD374BDFFD ] C:\WINDOWS\system32\crypt32.dll
11:42:53.0750 2672 C:\WINDOWS\system32\crypt32.dll - ok
11:42:53.0765 2672 [ 04D898830DF96A17A20FD35D7590F87E ] C:\WINDOWS\system32\msasn1.dll
11:42:53.0765 2672 C:\WINDOWS\system32\msasn1.dll - ok
11:42:53.0796 2672 [ 013C1148C1EC025596896E093F60F608 ] C:\WINDOWS\system32\nddeapi.dll
11:42:53.0796 2672 C:\WINDOWS\system32\nddeapi.dll - ok
11:42:53.0828 2672 [ CAC752BF84DB4666ED3CE0948E6EA937 ] C:\WINDOWS\system32\netapi32.dll
11:42:53.0828 2672 C:\WINDOWS\system32\netapi32.dll - ok
11:42:53.0843 2672 [ FCFA1C55971CC229D353B3A15ACCD995 ] C:\WINDOWS\system32\profmap.dll
11:42:53.0843 2672 C:\WINDOWS\system32\profmap.dll - ok
11:42:53.0875 2672 [ 43D13C80EBEC0135A3611E0F616F179B ] C:\WINDOWS\system32\userenv.dll
11:42:53.0875 2672 C:\WINDOWS\system32\userenv.dll - ok
11:42:53.0906 2672 [ 9CFCB3CA3D83B4EAA133F0644A2C6F31 ] C:\WINDOWS\system32\psapi.dll
11:42:53.0906 2672 C:\WINDOWS\system32\psapi.dll - ok
11:42:53.0921 2672 [ AF11C591F2F4AFF4A6CF699D376F618B ] C:\WINDOWS\system32\regapi.dll
11:42:53.0921 2672 C:\WINDOWS\system32\regapi.dll - ok
11:42:53.0953 2672 [ 24192246760E0E64435522E246B1D6C2 ] C:\WINDOWS\system32\setupapi.dll
11:42:53.0953 2672 C:\WINDOWS\system32\setupapi.dll - ok
11:42:53.0984 2672 [ C7CE131408739B0B3A318BE2D0032719 ] C:\WINDOWS\system32\version.dll
11:42:53.0984 2672 C:\WINDOWS\system32\version.dll - ok
11:42:54.0000 2672 [ 430CEB794F6E6EF8AC86958C242366D6 ] C:\WINDOWS\system32\winsta.dll
11:42:54.0000 2672 C:\WINDOWS\system32\winsta.dll - ok
11:42:54.0015 2672 [ 95F5C420E9BDD4C3569602911420A774 ] C:\WINDOWS\system32\wintrust.dll
11:42:54.0015 2672 C:\WINDOWS\system32\wintrust.dll - ok
11:42:54.0046 2672 [ FFC01A72D1C25CCB39F61B202CE60819 ] C:\WINDOWS\system32\imagehlp.dll
11:42:54.0046 2672 C:\WINDOWS\system32\imagehlp.dll - ok
11:42:54.0062 2672 [ 0DA85218E92526972A821587E6A8BF8F ] C:\WINDOWS\system32\imm32.dll
11:42:54.0062 2672 C:\WINDOWS\system32\imm32.dll - ok
11:42:54.0093 2672 [ 9789E95E1D88EEB4B922BF3EA7779C28 ] C:\WINDOWS\system32\ws2help.dll
11:42:54.0093 2672 C:\WINDOWS\system32\ws2help.dll - ok
11:42:54.0125 2672 [ 2CCC474EB85CEAA3E1FA1726580A3E5A ] C:\WINDOWS\system32\ws2_32.dll
11:42:54.0125 2672 C:\WINDOWS\system32\ws2_32.dll - ok
11:42:54.0156 2672 [ 56C5B179FE3308B655EB6208C3256FEC ] C:\WINDOWS\system32\kbdus.dll
11:42:54.0156 2672 C:\WINDOWS\system32\kbdus.dll - ok
11:42:54.0171 2672 [ D7B7A57C0E57C836F18CF12A4C62A1CA ] C:\WINDOWS\system32\msgina.dll
11:42:54.0171 2672 C:\WINDOWS\system32\msgina.dll - ok
11:42:54.0203 2672 [ 93AFB83FBC1F9443CAC722FCA63D73BF ] C:\WINDOWS\system32\comctl32.dll
11:42:54.0203 2672 C:\WINDOWS\system32\comctl32.dll - ok
11:42:54.0234 2672 [ E20B95BAEDB550F32DD489265C1DA1F6 ] C:\WINDOWS\system32\drivers\wanarp.sys
11:42:54.0234 2672 C:\WINDOWS\system32\drivers\wanarp.sys - ok
11:42:54.0250 2672 [ 40B0F98BAD16AD5DEF894E88C3EF8014 ] C:\WINDOWS\system32\odbc32.dll
11:42:54.0250 2672 C:\WINDOWS\system32\odbc32.dll - ok
11:42:54.0265 2672 [ 86987A5000DFA3EBE2275C0456BCF2FE ] C:\WINDOWS\system32\comdlg32.dll
11:42:54.0265 2672 C:\WINDOWS\system32\comdlg32.dll - ok
11:42:54.0296 2672 [ 6843D54BC4A40CC8C5741AF750233D10 ] C:\WINDOWS\system32\shell32.dll
11:42:54.0296 2672 C:\WINDOWS\system32\shell32.dll - ok
11:42:54.0312 2672 [ C448A248B743F5FB935C787A5D97268B ] C:\WINDOWS\system32\shlwapi.dll
11:42:54.0312 2672 C:\WINDOWS\system32\shlwapi.dll - ok
11:42:54.0343 2672 [ 694503348B586E99D56C0E30AB5B3EF8 ] C:\WINDOWS\system32\sxs.dll
11:42:54.0343 2672 C:\WINDOWS\system32\sxs.dll - ok
11:42:54.0375 2672 [ 736B12B725AEB2B07F0241A9F680CB10 ] C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.6028_x-ww_61e65202\comctl32.dll
11:42:54.0375 2672 C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.6028_x-ww_61e65202\comctl32.dll - ok
11:42:54.0390 2672 [ 6B7C6B32F8E84D56C6260D684019FEA2 ] C:\WINDOWS\system32\odbcint.dll
11:42:54.0390 2672 C:\WINDOWS\system32\odbcint.dll - ok
11:42:54.0421 2672 [ 99BC0B50F511924348BE19C7C7313BBF ] C:\WINDOWS\system32\shsvcs.dll
11:42:54.0421 2672 C:\WINDOWS\system32\shsvcs.dll - ok
11:42:54.0453 2672 [ 6BAD1BED9872E62049E487FB91AE2F3A ] C:\WINDOWS\system32\ole32.dll
11:42:54.0453 2672 C:\WINDOWS\system32\ole32.dll - ok
11:42:54.0468 2672 [ 96E1C926F22EE1BFBAE82901A35F6BF3 ] C:\WINDOWS\system32\sfc.dll
11:42:54.0484 2672 C:\WINDOWS\system32\sfc.dll - ok
11:42:54.0500 2672 [ 6B5DB6789177A4FD0DEBC248041D0739 ] C:\WINDOWS\system32\sfc_os.dll
11:42:54.0500 2672 C:\WINDOWS\system32\sfc_os.dll - ok
11:42:54.0515 2672 [ CF492D7E9AF1C628B3536D20EF6F5CC7 ] C:\WINDOWS\system32\apphelp.dll
11:42:54.0515 2672 C:\WINDOWS\system32\apphelp.dll - ok
11:42:54.0546 2672 [ 65DF52F5B8B6E9BBD183505225C37315 ] C:\WINDOWS\system32\services.exe
11:42:54.0546 2672 C:\WINDOWS\system32\services.exe - ok
11:42:54.0562 2672 [ BD31DC6DBE9333C4FBD4BDF0899F2160 ] C:\WINDOWS\system32\lsasrv.dll
11:42:54.0562 2672 C:\WINDOWS\system32\lsasrv.dll - ok
11:42:54.0593 2672 [ BF2466B3E18E970D8A976FB95FC1CA85 ] C:\WINDOWS\system32\lsass.exe
11:42:54.0593 2672 C:\WINDOWS\system32\lsass.exe - ok
11:42:54.0625 2672 [ F404830F3CD9BF8F2515E489C0CDA297 ] C:\WINDOWS\system32\msvcp60.dll
11:42:54.0625 2672 C:\WINDOWS\system32\msvcp60.dll - ok
11:42:54.0640 2672 [ EC29A79F1E76DC509E24D401F29D0678 ] C:\WINDOWS\system32\ncobjapi.dll
11:42:54.0640 2672 C:\WINDOWS\system32\ncobjapi.dll - ok
11:42:54.0671 2672 [ B24A42A413E694AD73FDFB7FBD492C31 ] C:\WINDOWS\system32\scesrv.dll
11:42:54.0671 2672 C:\WINDOWS\system32\scesrv.dll - ok
11:42:54.0703 2672 [ 2EDFC2A8893435723AD80481803C6D5C ] C:\WINDOWS\system32\umpnpmgr.dll
11:42:54.0703 2672 C:\WINDOWS\system32\umpnpmgr.dll - ok
11:42:54.0734 2672 [ EA9EE60B408878E5F2012F9C783836DB ] C:\WINDOWS\AppPatch\acadproc.dll
11:42:54.0734 2672 C:\WINDOWS\AppPatch\acadproc.dll - ok
11:42:54.0750 2672 [ DD7BD97FB8BD800963789158A5E4B41D ] C:\WINDOWS\system32\mpr.dll
11:42:54.0750 2672 C:\WINDOWS\system32\mpr.dll - ok
11:42:54.0765 2672 [ EC4C0D9BFD9F7E33F8B395AD54E13063 ] C:\WINDOWS\system32\ntdsapi.dll
11:42:54.0765 2672 C:\WINDOWS\system32\ntdsapi.dll - ok
11:42:54.0796 2672 [ 1F03103598BD817B1078DAB1326DDE11 ] C:\WINDOWS\system32\shimeng.dll
11:42:54.0796 2672 C:\WINDOWS\system32\shimeng.dll - ok
11:42:54.0812 2672 [ 389496118B3B03C2328024AF320132AC ] C:\WINDOWS\system32\dnsapi.dll
11:42:54.0812 2672 C:\WINDOWS\system32\dnsapi.dll - ok
11:42:54.0843 2672 [ 0492CF5870F0E616B0C71695A433D162 ] C:\WINDOWS\system32\wldap32.dll
11:42:54.0843 2672 C:\WINDOWS\system32\wldap32.dll - ok
11:42:54.0875 2672 [ 8329A39D5A402A75A74301D6A62ECDA1 ] C:\WINDOWS\system32\samlib.dll
11:42:54.0875 2672 C:\WINDOWS\system32\samlib.dll - ok
11:42:54.0890 2672 [ F05B8CDB7FE0E55DCCFB1D946CE80064 ] C:\WINDOWS\system32\samsrv.dll
11:42:54.0890 2672 C:\WINDOWS\system32\samsrv.dll - ok
11:42:54.0921 2672 [ 17A1D675C12BBF80CAAC54A4855C41D0 ] C:\WINDOWS\system32\cryptdll.dll
11:42:54.0921 2672 C:\WINDOWS\system32\cryptdll.dll - ok
11:42:54.0953 2672 [ 310C15FD8358B2C4CD7A5B98A112883F ] C:\WINDOWS\AppPatch\acgenral.dll
11:42:54.0953 2672 C:\WINDOWS\AppPatch\acgenral.dll - ok
11:42:54.0968 2672 [ 4A953F13942867BA8FB41F141EC1B80C ] C:\WINDOWS\system32\winmm.dll
11:42:54.0984 2672 C:\WINDOWS\system32\winmm.dll - ok
11:42:55.0000 2672 [ 2098AB52BD5316E59AA36F3437B13BE6 ] C:\WINDOWS\system32\msacm32.dll
11:42:55.0000 2672 C:\WINDOWS\system32\msacm32.dll - ok
11:42:55.0015 2672 [ 1B2BE5777F69A71778F52FFEE1C798D6 ] C:\WINDOWS\system32\oleaut32.dll
11:42:55.0015 2672 C:\WINDOWS\system32\oleaut32.dll - ok
11:42:55.0046 2672 [ 7A2CC3719B255E6B5D74396183B7715B ] C:\WINDOWS\system32\uxtheme.dll
11:42:55.0046 2672 C:\WINDOWS\system32\uxtheme.dll - ok
11:42:55.0062 2672 [ 3D76DD0CBC536E0F8C45D23ED230BEB2 ] C:\WINDOWS\system32\digest.dll
11:42:55.0062 2672 C:\WINDOWS\system32\digest.dll - ok
11:42:55.0093 2672 [ F24B12786D60A17008319E3F2AEE7799 ] C:\WINDOWS\system32\msapsspc.dll
11:42:55.0093 2672 C:\WINDOWS\system32\msapsspc.dll - ok
11:42:55.0125 2672 [ 7A660EDC0757849DF5F8706FB6E9F740 ] C:\WINDOWS\system32\msvcrt40.dll
11:42:55.0125 2672 C:\WINDOWS\system32\msvcrt40.dll - ok
11:42:55.0140 2672 [ 0F64207B49390C8063C36AE7CBF9C2DB ] C:\WINDOWS\system32\schannel.dll
11:42:55.0140 2672 C:\WINDOWS\system32\schannel.dll - ok
11:42:55.0171 2672 [ 5733177BCF16EE78B99543C9B0AB81EA ] C:\WINDOWS\system32\msctfime.ime
11:42:55.0171 2672 C:\WINDOWS\system32\msctfime.ime - ok
11:42:55.0203 2672 [ A4388DF80E52695AE92EE5F3F61F1619 ] C:\WINDOWS\system32\msnsspc.dll
11:42:55.0203 2672 C:\WINDOWS\system32\msnsspc.dll - ok
11:42:55.0234 2672 [ C6BB1D1500DB4A0E224CB65E6C7E8A80 ] C:\WINDOWS\system32\msprivs.dll
11:42:55.0234 2672 C:\WINDOWS\system32\msprivs.dll - ok
11:42:55.0250 2672 [ A525C96C51D55111FDF3BEA9FFFFC7AE ] C:\WINDOWS\system32\kerberos.dll
11:42:55.0250 2672 C:\WINDOWS\system32\kerberos.dll - ok
11:42:55.0265 2672 [ AF07DC9B7CC455629E732340C7B15F3A ] C:\WINDOWS\system32\iphlpapi.dll
11:42:55.0265 2672 C:\WINDOWS\system32\iphlpapi.dll - ok
11:42:55.0296 2672 [ 517561A1113B04E51D936CD018DE1C1F ] C:\WINDOWS\system32\msv1_0.dll
11:42:55.0296 2672 C:\WINDOWS\system32\msv1_0.dll - ok
11:42:55.0328 2672 [ 1B7F071C51B77C272875C3A23E1E4550 ] C:\WINDOWS\system32\netlogon.dll
11:42:55.0328 2672 C:\WINDOWS\system32\netlogon.dll - ok
11:42:55.0343 2672 [ 54AF4B1D5459500EF0937F6D33B1914F ] C:\WINDOWS\system32\w32time.dll
11:42:55.0343 2672 C:\WINDOWS\system32\w32time.dll - ok
11:42:55.0375 2672 [ 54DAE3EA34802B4ED9AE1C6B1209FA56 ] C:\WINDOWS\system32\rsaenh.dll
11:42:55.0375 2672 C:\WINDOWS\system32\rsaenh.dll - ok
11:42:55.0406 2672 [ 3AAF9B35939FF9E58CCD18D41655C2FC ] C:\WINDOWS\system32\wdigest.dll
11:42:55.0406 2672 C:\WINDOWS\system32\wdigest.dll - ok
11:42:55.0421 2672 [ 02988B904C386B500CD08639C4C20EEA ] C:\WINDOWS\system32\winscard.dll
11:42:55.0421 2672 C:\WINDOWS\system32\winscard.dll - ok
11:42:55.0453 2672 [ 0E2735281FBB9A764D5584C2A5DCBA59 ] C:\WINDOWS\system32\wtsapi32.dll
11:42:55.0453 2672 C:\WINDOWS\system32\wtsapi32.dll - ok
11:42:55.0484 2672 [ A86BB5E61BF3E39B62AB4C7E7085A084 ] C:\WINDOWS\system32\scecli.dll
11:42:55.0484 2672 C:\WINDOWS\system32\scecli.dll - ok
11:42:55.0500 2672 [ 6DFE7F2E8E8A337263AA5C92A215F161 ] C:\WINDOWS\system32\drivers\mbam.sys
11:42:55.0500 2672 C:\WINDOWS\system32\drivers\mbam.sys - ok
11:42:55.0515 2672 [ 27C6D03BCDB8CFEB96B716F3D8BE3E18 ] C:\WINDOWS\system32\svchost.exe
11:42:55.0515 2672 C:\WINDOWS\system32\svchost.exe - ok
11:42:55.0546 2672 [ 549290DBC280C887681D7652978DBBE0 ] C:\WINDOWS\system32\ntmarta.dll
11:42:55.0546 2672 C:\WINDOWS\system32\ntmarta.dll - ok
11:42:55.0578 2672 [ 6B27A5C03DFB94B4245739065431322C ] C:\WINDOWS\system32\rpcss.dll
11:42:55.0578 2672 C:\WINDOWS\system32\rpcss.dll - ok
11:42:55.0593 2672 [ 16403217AB6FC5C30C14C6B12098AD4B ] C:\WINDOWS\system32\xpsp2res.dll
11:42:55.0593 2672 C:\WINDOWS\system32\xpsp2res.dll - ok
11:42:55.0625 2672 [ 6D4FEB43EE538FC5428CC7F0565AA656 ] C:\WINDOWS\system32\eventlog.dll
11:42:55.0625 2672 C:\WINDOWS\system32\eventlog.dll - ok
11:42:55.0656 2672 [ 943337D786A56729263071623BBB9DE5 ] C:\WINDOWS\system32\mswsock.dll
11:42:55.0656 2672 C:\WINDOWS\system32\mswsock.dll - ok
11:42:55.0671 2672 [ 3CB32D3B8CBE79899D63280BB7A83CD9 ] C:\WINDOWS\system32\hnetcfg.dll
11:42:55.0671 2672 C:\WINDOWS\system32\hnetcfg.dll - ok
11:42:55.0703 2672 [ 4E3D06D6E68EEDB52565080F55B460D3 ] C:\WINDOWS\system32\wshtcpip.dll
11:42:55.0703 2672 C:\WINDOWS\system32\wshtcpip.dll - ok
11:42:55.0734 2672 [ D72B9EC3337B247A666F098F3D6B43DE ] C:\WINDOWS\system32\winrnr.dll
11:42:55.0734 2672 C:\WINDOWS\system32\winrnr.dll - ok
11:42:55.0750 2672 [ 6F9BEF24C578D5D6740E080BEDD6A448 ] C:\WINDOWS\system32\rasadhlp.dll
11:42:55.0750 2672 C:\WINDOWS\system32\rasadhlp.dll - ok
11:42:55.0765 2672 [ 5E38D7684A49CACFB752B046357E0589 ] C:\WINDOWS\system32\dhcpcsvc.dll
11:42:55.0765 2672 C:\WINDOWS\system32\dhcpcsvc.dll - ok
11:42:55.0796 2672 [ F927A4434C5028758A842943EF1A3849 ] C:\WINDOWS\system32\drivers\ndisuio.sys
11:42:55.0796 2672 C:\WINDOWS\system32\drivers\ndisuio.sys - ok
11:42:55.0828 2672 [ 5F7E24FA9EAB896051FFB87F840730D2 ] C:\WINDOWS\system32\dnsrslvr.dll
11:42:55.0828 2672 C:\WINDOWS\system32\dnsrslvr.dll - ok
11:42:55.0843 2672 [ A7DB739AE99A796D91580147E919CC59 ] C:\WINDOWS\system32\lmhsvc.dll
11:42:55.0843 2672 C:\WINDOWS\system32\lmhsvc.dll - ok
11:42:55.0875 2672 [ E6EF7BC927D9F8F9BA1584BFC39E0C6F ] C:\WINDOWS\system32\eapolqec.dll
11:42:55.0875 2672 C:\WINDOWS\system32\eapolqec.dll - ok
11:42:55.0906 2672 [ 876CCF164E08D6B903CD14398E056DD2 ] C:\WINDOWS\system32\rtutils.dll
11:42:55.0906 2672 C:\WINDOWS\system32\rtutils.dll - ok
11:42:55.0921 2672 [ 7B0770526801F05D58C51A3DFB87B4BD ] C:\WINDOWS\system32\wmi.dll
11:42:55.0921 2672 C:\WINDOWS\system32\wmi.dll - ok
11:42:55.0953 2672 [ 81DC3F549F44B1C1FFF022DEC9ECF30B ] C:\WINDOWS\system32\wzcsvc.dll
11:42:55.0953 2672 C:\WINDOWS\system32\wzcsvc.dll - ok
11:42:55.0984 2672 [ 224FB925C641DA16CEB6D60F40CA4C75 ] C:\WINDOWS\system32\atl.dll
11:42:55.0984 2672 C:\WINDOWS\system32\atl.dll - ok
11:42:56.0000 2672 [ 8E2CC37BA87D8F681066E0E9C8A19F73 ] C:\WINDOWS\system32\dot3api.dll
11:42:56.0000 2672 C:\WINDOWS\system32\dot3api.dll - ok
11:42:56.0015 2672 [ F5B754CDEA20BBB3A31E16A776EDE6D6 ] C:\WINDOWS\system32\esent.dll
11:42:56.0015 2672 C:\WINDOWS\system32\esent.dll - ok
11:42:56.0046 2672 [ 8AE93AACC648921BAACB8602991AC4B3 ] C:\WINDOWS\system32\qutil.dll
11:42:56.0046 2672 C:\WINDOWS\system32\qutil.dll - ok
11:42:56.0078 2672 [ F137A0CA70003DB20448D540651FA003 ] C:\WINDOWS\system32\clbcatq.dll
11:42:56.0078 2672 C:\WINDOWS\system32\clbcatq.dll - ok
11:42:56.0093 2672 [ 1280A158C722FA95A80FB7AEBE78FA7D ] C:\WINDOWS\system32\comres.dll
11:42:56.0093 2672 C:\WINDOWS\system32\comres.dll - ok
11:42:56.0125 2672 [ A39BE37C9237DB5F1990D61B268EA555 ] C:\WINDOWS\system32\rastls.dll
11:42:56.0125 2672 C:\WINDOWS\system32\rastls.dll - ok
11:42:56.0156 2672 [ 6E4BE11D50F8A8DE2BAD644C9C9DE8D3 ] C:\WINDOWS\system32\cryptui.dll
11:42:56.0156 2672 C:\WINDOWS\system32\cryptui.dll - ok
11:42:56.0171 2672 [ 515A7FAE2070C2B0242B2353443E2F11 ] C:\WINDOWS\system32\cscdll.dll
11:42:56.0171 2672 C:\WINDOWS\system32\cscdll.dll - ok
11:42:56.0203 2672 [ C4300CB4D20B1159DC77E01E8A2525EC ] C:\WINDOWS\system32\wininet.dll
11:42:56.0203 2672 C:\WINDOWS\system32\wininet.dll - ok
11:42:56.0234 2672 [ E2092F0A1D7ABC243F9C2362483D150D ] C:\WINDOWS\system32\dimsntfy.dll
11:42:56.0234 2672 C:\WINDOWS\system32\dimsntfy.dll - ok
11:42:56.0250 2672 [ 10753A3ADC3E39A3B10CC3F08E98E6B4 ] C:\WINDOWS\system32\normaliz.dll
11:42:56.0250 2672 C:\WINDOWS\system32\normaliz.dll - ok
11:42:56.0265 2672 [ 2CC34E8BB667EEF78899546E12649196 ] C:\WINDOWS\system32\wlnotify.dll
11:42:56.0265 2672 C:\WINDOWS\system32\wlnotify.dll - ok
11:42:56.0296 2672 [ C9335D5B07E6A930BD561D35C431A0AF ] C:\WINDOWS\system32\urlmon.dll
11:42:56.0296 2672 C:\WINDOWS\system32\urlmon.dll - ok
11:42:56.0328 2672 [ BD83ABA61E8ACCC8D9FFB869F29418CE ] C:\WINDOWS\system32\winspool.drv
11:42:56.0328 2672 C:\WINDOWS\system32\winspool.drv - ok
11:42:56.0343 2672 [ 46485AE6433AF77F237C792D3DA11F48 ] C:\WINDOWS\system32\iertutil.dll
11:42:56.0343 2672 C:\WINDOWS\system32\iertutil.dll - ok
11:42:56.0375 2672 [ 2CDAE321B8E878A278BA2D2FA013060B ] C:\WINDOWS\system32\activeds.dll
11:42:56.0375 2672 C:\WINDOWS\system32\activeds.dll - ok
11:42:56.0406 2672 [ 0D84657DBF93DB98673DEFDF2B29E25A ] C:\WINDOWS\system32\adsldpc.dll
11:42:56.0406 2672 C:\WINDOWS\system32\adsldpc.dll - ok
11:42:56.0421 2672 [ EA5B8BECA3F279C757578CD7F1E95855 ] C:\WINDOWS\system32\mprapi.dll
11:42:56.0421 2672 C:\WINDOWS\system32\mprapi.dll - ok
11:42:56.0453 2672 [ 92C4F48B62B0B876194584C3FF09CCB6 ] C:\WINDOWS\system32\rasapi32.dll
11:42:56.0453 2672 C:\WINDOWS\system32\rasapi32.dll - ok
11:42:56.0484 2672 [ 4DEF926F6A0545AE486A03C84F2EE482 ] C:\WINDOWS\system32\rasman.dll
11:42:56.0484 2672 C:\WINDOWS\system32\rasman.dll - ok
11:42:56.0500 2672 [ 00AABF131B4823785818DB99A075A313 ] C:\WINDOWS\system32\tapi32.dll
11:42:56.0500 2672 C:\WINDOWS\system32\tapi32.dll - ok
11:42:56.0515 2672 [ C1FAEA15E41F62D7BFA7FBC395C24BA6 ] C:\WINDOWS\system32\riched20.dll
11:42:56.0515 2672 C:\WINDOWS\system32\riched20.dll - ok
11:42:56.0546 2672 [ 0A9A7365A1CA4319AA7C1D6CD8E4EAFA ] C:\WINDOWS\system32\schedsvc.dll
11:42:56.0546 2672 C:\WINDOWS\system32\schedsvc.dll - ok
11:42:56.0578 2672 [ 56CE97FF94B7662A300D359CD6F4D601 ] C:\WINDOWS\system32\raschap.dll
11:42:56.0578 2672 C:\WINDOWS\system32\raschap.dll - ok
11:42:56.0593 2672 [ 02CF580510234E519736559A7F19EA20 ] C:\WINDOWS\system32\WgaLogon.dll
11:42:56.0593 2672 C:\WINDOWS\system32\WgaLogon.dll - ok
11:42:56.0625 2672 [ E47E364C96467FD54FA44D59F927C3AB ] C:\WINDOWS\system32\msidle.dll
11:42:56.0625 2672 C:\WINDOWS\system32\msidle.dll - ok
11:42:56.0656 2672 [ ACFEE2392503DD5E457363A0510B8BCB ] C:\WINDOWS\system32\msxml3.dll
11:42:56.0656 2672 C:\WINDOWS\system32\msxml3.dll - ok
11:42:56.0671 2672 [ 60784F891563FB1B767F70117FC2428F ] C:\WINDOWS\system32\spoolsv.exe
11:42:56.0671 2672 C:\WINDOWS\system32\spoolsv.exe - ok
11:42:56.0703 2672 [ DEF7A7882BEC100FE0B2CE2549188F9D ] C:\WINDOWS\system32\audiosrv.dll
11:42:56.0703 2672 C:\WINDOWS\system32\audiosrv.dll - ok
11:42:56.0734 2672 [ 11D42BB6206F33FBB3BA0288D3EF81BD ] C:\WINDOWS\system32\drivers\mrxdav.sys
11:42:56.0734 2672 C:\WINDOWS\system32\drivers\mrxdav.sys - ok
11:42:56.0750 2672 [ 77A354E28153AD2D5E120A5A8687BC06 ] C:\WINDOWS\system32\webclnt.dll
11:42:56.0750 2672 C:\WINDOWS\system32\webclnt.dll - ok
11:42:56.0765 2672 [ 5575FAF8F97CE5E713D108C2A58D7C7C ] C:\WINDOWS\system32\drivers\parport.sys
11:42:56.0765 2672 C:\WINDOWS\system32\drivers\parport.sys - ok
11:42:56.0796 2672 [ CCA207A8896D4C6A0C9CE29A4AE411A7 ] C:\WINDOWS\system32\drivers\serial.sys
11:42:56.0796 2672 C:\WINDOWS\system32\drivers\serial.sys - ok
11:42:56.0828 2672 [ 574738F61FCA2935F5265DC4E5691314 ] C:\WINDOWS\system32\qmgr.dll
11:42:56.0828 2672 C:\WINDOWS\system32\qmgr.dll - ok
11:42:56.0843 2672 [ C14AA05881A35B6D6BB8D55B117EE22D ] C:\WINDOWS\system32\shfolder.dll
11:42:56.0843 2672 C:\WINDOWS\system32\shfolder.dll - ok
11:42:56.0875 2672 [ 684559A03CBC1D05BA120A18B0D8BA5D ] C:\WINDOWS\system32\winhttp.dll
11:42:56.0875 2672 C:\WINDOWS\system32\winhttp.dll - ok
11:42:56.0906 2672 [ F02A533F517EB38333CB12A9E8963773 ] C:\Program Files\Google\Update\GoogleUpdate.exe
11:42:56.0906 2672 C:\Program Files\Google\Update\GoogleUpdate.exe - ok
11:42:56.0921 2672 [ 00709952D444EAE14DBBD30D36FBAE0F ] C:\WINDOWS\system32\certcli.dll
11:42:56.0921 2672 C:\WINDOWS\system32\certcli.dll - ok
11:42:56.0953 2672 [ 3D4E199942E29207970E04315D02AD3B ] C:\WINDOWS\system32\cryptsvc.dll
11:42:56.0953 2672 C:\WINDOWS\system32\cryptsvc.dll - ok
11:42:56.0984 2672 [ BC93B4A066477954555966D77FEC9ECB ] C:\WINDOWS\system32\ersvc.dll
11:42:56.0984 2672 C:\WINDOWS\system32\ersvc.dll - ok
11:42:57.0000 2672 [ D4991D98F2DB73C60D042F1AEF79EFAE ] C:\WINDOWS\system32\es.dll
11:42:57.0000 2672 C:\WINDOWS\system32\es.dll - ok
11:42:57.0015 2672 [ 57EDEC2E5F59F0335E92F35184BC8631 ] C:\WINDOWS\system32\dmserver.dll
11:42:57.0015 2672 C:\WINDOWS\system32\dmserver.dll - ok
11:42:57.0046 2672 [ 6139833C1EFF3EEEAACD9878C9A0C4B9 ] C:\Program Files\Google\Update\1.2.183.23\goopdate.dll
11:42:57.0046 2672 C:\Program Files\Google\Update\1.2.183.23\goopdate.dll - ok
11:42:57.0078 2672 [ 13E67B55B3ABD7BF3FE7AAE5A0F9A9DE ] C:\WINDOWS\system32\netman.dll
11:42:57.0078 2672 C:\WINDOWS\system32\netman.dll - ok
11:42:57.0093 2672 [ 062F837C1FBDB6A0A75F82EFC2EE8E74 ] C:\WINDOWS\system32\netshell.dll
11:42:57.0093 2672 C:\WINDOWS\system32\netshell.dll - ok
11:42:57.0125 2672 [ 235892E493845D64D890163CFEF90E97 ] C:\WINDOWS\system32\credui.dll
11:42:57.0125 2672 C:\WINDOWS\system32\credui.dll - ok
11:42:57.0156 2672 [ B6E6F3F5B63053D5DC1F4EE32992492F ] C:\WINDOWS\system32\dbghelp.dll
11:42:57.0156 2672 C:\WINDOWS\system32\dbghelp.dll - ok
11:42:57.0171 2672 [ 4E8F3230BAC8C1CAADF01A8C728E1C5C ] C:\WINDOWS\system32\dot3dlg.dll
11:42:57.0171 2672 C:\WINDOWS\system32\dot3dlg.dll - ok
11:42:57.0203 2672 [ 5DB625E7D095604010CF84DE2D8ACFA6 ] C:\WINDOWS\system32\eappcfg.dll
11:42:57.0203 2672 C:\WINDOWS\system32\eappcfg.dll - ok
11:42:57.0234 2672 [ CA04959077AFE36369D37B3504740C87 ] C:\WINDOWS\system32\onex.dll
11:42:57.0234 2672 C:\WINDOWS\system32\onex.dll - ok
11:42:57.0250 2672 [ ABC4206543450C0666D152F4B65833B8 ] C:\WINDOWS\system32\eappprxy.dll
11:42:57.0250 2672 C:\WINDOWS\system32\eappprxy.dll - ok
11:42:57.0265 2672 [ 767FF54A552732CE772C2302025FA82F ] C:\WINDOWS\system32\wzcsapi.dll
11:42:57.0265 2672 C:\WINDOWS\system32\wzcsapi.dll - ok
11:42:57.0296 2672 [ 43683E970F008C93C9429EF428147A54 ] C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
11:42:57.0296 2672 C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe - ok
11:42:57.0328 2672 [ 4FCCA060DFE0C51A09DD5C3843888BCD ] C:\WINDOWS\pchealth\helpctr\binaries\pchsvc.dll
11:42:57.0328 2672 C:\WINDOWS\pchealth\helpctr\binaries\pchsvc.dll - ok
11:42:57.0343 2672 [ 8973122796E3B5D6B5900FC186E55FEA ] C:\WINDOWS\system32\hid.dll
11:42:57.0343 2672 C:\WINDOWS\system32\hid.dll - ok
11:42:57.0375 2672 [ DEB04DA35CC871B6D309B77E1443C796 ] C:\WINDOWS\system32\hidserv.dll
11:42:57.0375 2672 C:\WINDOWS\system32\hidserv.dll - ok
11:42:57.0406 2672 [ FB665485B6C8EE16FED0619ADFF8B27A ] C:\Program Files\Malwarebytes' Anti-Malware\mbam.dll
11:42:57.0406 2672 C:\Program Files\Malwarebytes' Anti-Malware\mbam.dll - ok
11:42:57.0421 2672 [ 24744F14E76174927AA2BD4600709192 ] C:\Program Files\Malwarebytes' Anti-Malware\mbamnet.dll
11:42:57.0421 2672 C:\Program Files\Malwarebytes' Anti-Malware\mbamnet.dll - ok
11:42:57.0453 2672 [ 5466909C288218D868AAB8061D308E71 ] C:\Program Files\Google\Update\1.2.183.23\GoogleCrashHandler.exe
11:42:57.0453 2672 C:\Program Files\Google\Update\1.2.183.23\GoogleCrashHandler.exe - ok
11:42:57.0484 2672 [ 8F233C5BC68E34D18D38257B283CE96C ] C:\Program Files\Malwarebytes' Anti-Malware\mbamcore.dll
11:42:57.0484 2672 C:\Program Files\Malwarebytes' Anti-Malware\mbamcore.dll - ok
11:42:57.0500 2672 [ 4044E880593FE1AC9942190FCE414BE7 ] C:\WINDOWS\system32\mstask.dll
11:42:57.0500 2672 C:\WINDOWS\system32\mstask.dll - ok
11:42:57.0515 2672 [ 7E6932EEDA54C8EAF7DC6C2225261B85 ] C:\Program Files\Common Files\Mcafee\McSvcHost\McSvHost.exe
11:42:57.0515 2672 C:\Program Files\Common Files\Mcafee\McSvcHost\McSvHost.exe - ok
11:42:57.0546 2672 [ F1DAC7969C1337AF790BD1D981AA780C ] C:\WINDOWS\system32\qmgrprxy.dll
11:42:57.0546 2672 C:\WINDOWS\system32\qmgrprxy.dll - ok
11:42:57.0578 2672 [ D54B13A0E50270E2CFF827B98C2F6D1C ] C:\PROGRA~1\McAfee\MSC\McOobeSv.dll
11:42:57.0578 2672 C:\PROGRA~1\McAfee\MSC\McOobeSv.dll - ok
11:42:57.0593 2672 [ B10C4EFD40810C08F4B44DF2EFCB54F7 ] C:\Program Files\Common Files\Mcafee\SystemCore\mfevtps.exe
11:42:57.0593 2672 C:\Program Files\Common Files\Mcafee\SystemCore\mfevtps.exe - ok
11:42:57.0625 2672 [ 332760FBA1655FCFD35BD6F4FD871300 ] C:\WINDOWS\system32\ipsecsvc.dll
11:42:57.0625 2672 C:\WINDOWS\system32\ipsecsvc.dll - ok
11:42:57.0656 2672 [ 156F64A3345BD23C600655FB4D10BC08 ] C:\WINDOWS\system32\ntmssvc.dll
11:42:57.0656 2672 C:\WINDOWS\system32\ntmssvc.dll - ok
11:42:57.0671 2672 [ C5FF8682EADA5B3B27A865F1C3EF9270 ] C:\WINDOWS\system32\oakley.dll
11:42:57.0671 2672 C:\WINDOWS\system32\oakley.dll - ok
11:42:57.0703 2672 [ 248712EA6BA17B9FF0C542A3828375DD ] C:\WINDOWS\system32\winipsec.dll
11:42:57.0703 2672 C:\WINDOWS\system32\winipsec.dll - ok
11:42:57.0734 2672 [ 853D0D0C6F02D7BFDF1CF99DD7553732 ] C:\WINDOWS\system32\pstorsvc.dll
11:42:57.0734 2672 C:\WINDOWS\system32\pstorsvc.dll - ok
11:42:57.0750 2672 [ DA76C8716F7295DB65F0E0AAE45343F8 ] C:\WINDOWS\system32\ntmsdba.dll
11:42:57.0750 2672 C:\WINDOWS\system32\ntmsdba.dll - ok
11:42:57.0765 2672 [ 22D89D84E8E081CDA529DBF8C0255A38 ] C:\WINDOWS\system32\psbase.dll
11:42:57.0765 2672 C:\WINDOWS\system32\psbase.dll - ok
11:42:57.0796 2672 [ 7FDD5D0684ECA8C1F68B4D99D124DCD0 ] C:\WINDOWS\system32\sens.dll
11:42:57.0796 2672 C:\WINDOWS\system32\sens.dll - ok
11:42:57.0828 2672 [ 593FA4C378818ECE76BA64A11AD56CF2 ] C:\Program Files\Common Files\Mcafee\SystemCore\mcshield.exe
11:42:57.0828 2672 C:\Program Files\Common Files\Mcafee\SystemCore\mcshield.exe - ok
11:42:57.0843 2672 [ FEDE68BF80052BAD393AFD5C2E60DCB0 ] C:\WINDOWS\system32\dssenh.dll
11:42:57.0843 2672 C:\WINDOWS\system32\dssenh.dll - ok
11:42:57.0875 2672 [ C3200506FB212A0F4FB736A80E646C40 ] C:\WINDOWS\system32\lz32.dll
11:42:57.0875 2672 C:\WINDOWS\system32\lz32.dll - ok
11:42:57.0906 2672 [ 3805DF0AC4296A34BA4BF93B346CC378 ] C:\WINDOWS\system32\srsvc.dll
11:42:57.0906 2672 C:\WINDOWS\system32\srsvc.dll - ok
11:42:57.0921 2672 [ 50A166237A0FA771261275A405646CC0 ] C:\WINDOWS\system32\powrprof.dll
11:42:57.0921 2672 C:\WINDOWS\system32\powrprof.dll - ok
11:42:57.0953 2672 [ 555EADCD50C486AC19E80E0DD5A38549 ] C:\Program Files\Common Files\Mcafee\SystemCore\lockdown.dll
11:42:57.0953 2672 C:\Program Files\Common Files\Mcafee\SystemCore\lockdown.dll - ok
11:42:57.0984 2672 [ 55BCA12F7F523D35CA3CB833C725F54E ] C:\WINDOWS\system32\trkwks.dll
11:42:57.0984 2672 C:\WINDOWS\system32\trkwks.dll - ok
11:42:58.0000 2672 [ C14350FC0D47D806699C4F907FC6785B ] C:\WINDOWS\system32\cryptnet.dll
11:42:58.0000 2672 C:\WINDOWS\system32\cryptnet.dll - ok
11:42:58.0015 2672 [ 2D0E4ED081963804CCC196A0929275B5 ] C:\WINDOWS\system32\wbem\wmisvc.dll
11:42:58.0015 2672 C:\WINDOWS\system32\wbem\wmisvc.dll - ok
11:42:58.0046 2672 [ 3CBA2210FA39C6ED7895634842E930DD ] C:\WINDOWS\system32\sensapi.dll
11:42:58.0046 2672 C:\WINDOWS\system32\sensapi.dll - ok
11:42:58.0078 2672 [ 56D400F4B4F1B923B7D6EAB0AA18AA20 ] C:\Program Files\Common Files\Mcafee\SystemCore\mytilus3.dll
11:42:58.0078 2672 C:\Program Files\Common Files\Mcafee\SystemCore\mytilus3.dll - ok
11:42:58.0093 2672 [ ACACB8B14E66109B8ACD6644B5574B9A ] C:\WINDOWS\system32\vssapi.dll
11:42:58.0093 2672 C:\WINDOWS\system32\vssapi.dll - ok
11:42:58.0125 2672 [ BFB061C148A14905B58C6CDCD42064BE ] C:\Program Files\Common Files\Mcafee\SystemCore\mytilus3_worker.dll
11:42:58.0125 2672 C:\Program Files\Common Files\Mcafee\SystemCore\mytilus3_worker.dll - ok
11:42:58.0156 2672 [ FC3EC24FCE372C89423E015A2AC1A31E ] C:\WINDOWS\system32\wuaueng.dll
11:42:58.0156 2672 C:\WINDOWS\system32\wuaueng.dll - ok
11:42:58.0171 2672 [ 35321FB577CDC98CE3EB3A3EB9E4610A ] C:\WINDOWS\system32\wuauserv.dll
11:42:58.0171 2672 C:\WINDOWS\system32\wuauserv.dll - ok
11:42:58.0203 2672 [ 8C6D22B4F736B9EF5DDA6009C77B2DA1 ] C:\Program Files\Common Files\Mcafee\SystemCore\mytilus3_server.dll
11:42:58.0203 2672 C:\Program Files\Common Files\Mcafee\SystemCore\mytilus3_server.dll - ok
11:42:58.0234 2672 [ F9D3C78CFE15271D80790677C893CE45 ] C:\WINDOWS\system32\cabinet.dll
11:42:58.0234 2672 C:\WINDOWS\system32\cabinet.dll - ok
11:42:58.0250 2672 [ B85E95679B5ADC12311BCD3F5385D623 ] C:\WINDOWS\system32\mspatcha.dll
11:42:58.0250 2672 C:\WINDOWS\system32\mspatcha.dll - ok
11:42:58.0265 2672 [ 3458EDA96E30FBD0477A2800D3FB1909 ] C:\WINDOWS\system32\wups.dll
11:42:58.0265 2672 C:\WINDOWS\system32\wups.dll - ok
11:42:58.0296 2672 [ F934E75683BF91831A8C2590E54A0EFC ] C:\Program Files\Common Files\Mcafee\SystemCore\mcshield.dll
11:42:58.0296 2672 C:\Program Files\Common Files\Mcafee\SystemCore\mcshield.dll - ok
11:42:58.0312 2672 [ BDC0C99E472176C8C2C853A68ADC5073 ] C:\WINDOWS\system32\wups2.dll
11:42:58.0328 2672 C:\WINDOWS\system32\wups2.dll - ok
11:42:58.0343 2672 [ ED0C0DF222209E43AD9AFBF3FE87DDE0 ] C:\WINDOWS\system32\comsvcs.dll
11:42:58.0343 2672 C:\WINDOWS\system32\comsvcs.dll - ok
11:42:58.0375 2672 [ DF82E222578DBE59FCBBD69A02E4C806 ] C:\WINDOWS\system32\clusapi.dll
11:42:58.0375 2672 C:\WINDOWS\system32\clusapi.dll - ok
11:42:58.0406 2672 [ 690D97864735E8ECD87F55777E266690 ] C:\WINDOWS\system32\colbact.dll
11:42:58.0406 2672 C:\WINDOWS\system32\colbact.dll - ok
11:42:58.0421 2672 [ 36795A645EAA47FE31D2A8F136A2C69B ] C:\WINDOWS\system32\mtxclu.dll
11:42:58.0421 2672 C:\WINDOWS\system32\mtxclu.dll - ok
11:42:58.0453 2672 [ 67156D5A9AC356DC99D7BCCB388E3316 ] C:\WINDOWS\system32\wsock32.dll
11:42:58.0453 2672 C:\WINDOWS\system32\wsock32.dll - ok
11:42:58.0484 2672 [ F51EBB6FC536A6B2D588FD668D3A8249 ] C:\WINDOWS\system32\resutils.dll
11:42:58.0484 2672 C:\WINDOWS\system32\resutils.dll - ok
11:42:58.0500 2672 [ 2E0B0A051FFAA86E358465BB0880D453 ] C:\WINDOWS\system32\wuauclt.exe
11:42:58.0500 2672 C:\WINDOWS\system32\wuauclt.exe - ok
11:42:58.0515 2672 [ 1189879644168AFA95A1EE6E30D3759B ] C:\Program Files\Common Files\Mcafee\SystemCore\ftl.dll
11:42:58.0515 2672 C:\Program Files\Common Files\Mcafee\SystemCore\ftl.dll - ok
11:42:58.0546 2672 [ 7E1F8B1BDC8240F08BD358B3A466C005 ] C:\Program Files\Common Files\Mcafee\SystemCore\mfefire.exe
11:42:58.0546 2672 C:\Program Files\Common Files\Mcafee\SystemCore\mfefire.exe - ok
11:42:58.0562 2672 [ 1D702A6E768510F2623171C963AFAE36 ] C:\PROGRA~1\McAfee\SITEAD~1\SaSSHMod.dll
11:42:58.0562 2672 C:\PROGRA~1\McAfee\SITEAD~1\SaSSHMod.dll - ok
11:42:58.0593 2672 [ 25930CCACE513C2B00E45873C9C52579 ] C:\Program Files\Common Files\Mcafee\SystemCore\mfeavfa.dll
11:42:58.0593 2672 C:\Program Files\Common Files\Mcafee\SystemCore\mfeavfa.dll - ok
11:42:58.0625 2672 [ A9295028995CD08A16CA6A42B4A2EC2B ] C:\Program Files\Common Files\Mcafee\SystemCore\mfehida.dll
11:42:58.0625 2672 C:\Program Files\Common Files\Mcafee\SystemCore\mfehida.dll - ok
11:42:58.0656 2672 [ 83F41D0D89645D7235C051AB1D9523AC ] C:\WINDOWS\system32\ipnathlp.dll
11:42:58.0656 2672 C:\WINDOWS\system32\ipnathlp.dll - ok
11:42:58.0671 2672 [ 117BB23673A8912690D5FFB37503C528 ] C:\Program Files\Common Files\Mcafee\SystemCore\mfevtpa.dll
11:42:58.0671 2672 C:\Program Files\Common Files\Mcafee\SystemCore\mfevtpa.dll - ok
11:42:58.0703 2672 [ 7C278E6408D1DCE642230C0585A854D5 ] C:\WINDOWS\system32\wscsvc.dll
11:42:58.0703 2672 C:\WINDOWS\system32\wscsvc.dll - ok
11:42:58.0734 2672 [ 8C22083ED515DC94D575438662F0BE6A ] C:\WINDOWS\system32\msi.dll
11:42:58.0734 2672 C:\WINDOWS\system32\msi.dll - ok
11:42:58.0750 2672 [ 1957C5C463BCDC21F374523FD32A3115 ] C:\Program Files\McAfee\VirusScan\Engine\5400.1158\mcscan32.dll
11:42:58.0750 2672 C:\Program Files\McAfee\VirusScan\Engine\5400.1158\mcscan32.dll - ok
11:42:58.0765 2672 [ 37A62C6092AADD2EFDE0468DD8818E99 ] C:\WINDOWS\system32\netcfgx.dll
11:42:58.0765 2672 C:\WINDOWS\system32\netcfgx.dll - ok
11:42:58.0796 2672 [ 7840772C671903DDE5FB3501A58AE491 ] C:\PROGRA~1\McAfee\SITEAD~1\saupkeep.dll
11:42:58.0796 2672 C:\PROGRA~1\McAfee\SITEAD~1\saupkeep.dll - ok
11:42:58.0812 2672 [ BEFC97125CCD70D25A7FBCE8CB764032 ] C:\PROGRA~1\McAfee\VIRUSS~1\NaiAnn.dll
11:42:58.0828 2672 C:\PROGRA~1\McAfee\VIRUSS~1\NaiAnn.dll - ok
11:42:58.0843 2672 [ 984AD97B3D550D9030BC216AD815852A ] C:\PROGRA~1\McAfee\MSC\mcmscsub.dll
11:42:58.0843 2672 C:\PROGRA~1\McAfee\MSC\mcmscsub.dll - ok
11:42:58.0875 2672 [ 48DD688F2B207F1324E3986F1C9C2561 ] C:\PROGRA~1\McAfee\MPF\MpfSvc.dll
11:42:58.0875 2672 C:\PROGRA~1\McAfee\MPF\MpfSvc.dll - ok
11:42:58.0906 2672 [ 62FC30FBEC3139DDB0A60FA925EF4B30 ] C:\PROGRA~1\COMMON~1\Mcafee\MSC\mcutil\11_0_3~1\mcutil.dll
11:42:58.0906 2672 C:\PROGRA~1\COMMON~1\Mcafee\MSC\mcutil\11_0_3~1\mcutil.dll - ok
11:42:58.0921 2672 [ C57882B378F1FF59814BB48B4545E2FD ] C:\PROGRA~1\COMMON~1\Mcafee\Core\mccoreps.dll
11:42:58.0921 2672 C:\PROGRA~1\COMMON~1\Mcafee\Core\mccoreps.dll - ok
11:42:58.0953 2672 [ 660FFD19C45DEBFD06B47AFFB13DC460 ] C:\Program Files\Common Files\Mcafee\McProxy\McProxy.dll
11:42:58.0953 2672 C:\Program Files\Common Files\Mcafee\McProxy\McProxy.dll - ok
11:42:58.0984 2672 [ 205ADD80FF8099B1A8101EB490B933D1 ] C:\WINDOWS\system32\wbem\wbemprox.dll
11:42:58.0984 2672 C:\WINDOWS\system32\wbem\wbemprox.dll - ok
11:42:59.0000 2672 [ D95C71052E5EF63B55997FB31483D02F ] C:\WINDOWS\system32\wbem\wbemcomn.dll
11:42:59.0000 2672 C:\WINDOWS\system32\wbem\wbemcomn.dll - ok
11:42:59.0015 2672 [ 4251D612FB90E8C261994558E66EF318 ] C:\PROGRA~1\McAfee\VIRUSS~1\McVsPs.dll
11:42:59.0015 2672 C:\PROGRA~1\McAfee\VIRUSS~1\McVsPs.dll - ok
11:42:59.0046 2672 [ E1BD96A7F3DC962617142CCB58E38C0A ] C:\PROGRA~1\McAfee\VIRUSS~1\NaiAnnPs.dll
11:42:59.0046 2672 C:\PROGRA~1\McAfee\VIRUSS~1\NaiAnnPs.dll - ok
11:42:59.0062 2672 [ F0BF811622F2DD6C8E26EE4600D83731 ] C:\WINDOWS\system32\wbem\wbemcore.dll
11:42:59.0062 2672 C:\WINDOWS\system32\wbem\wbemcore.dll - ok
11:42:59.0093 2672 [ 515AD14CD8EB64AF841C6DB381A4BC9E ] C:\Program Files\Common Files\Mcafee\MNA\McNASvc.dll
11:42:59.0093 2672 C:\Program Files\Common Files\Mcafee\MNA\McNASvc.dll - ok
11:42:59.0125 2672 [ FF8976DC06BBFA1114D4A92515AC3373 ] C:\PROGRA~1\McAfee\VIRUSS~1\MVsCfg.dll
11:42:59.0125 2672 C:\PROGRA~1\McAfee\VIRUSS~1\MVsCfg.dll - ok
11:42:59.0156 2672 [ E4616430709F440CF1809D88DC2366EA ] C:\WINDOWS\system32\wbem\esscli.dll
11:42:59.0156 2672 C:\WINDOWS\system32\wbem\esscli.dll - ok
11:42:59.0171 2672 [ 481ABA56C0189CF310CE44267BBC0596 ] C:\PROGRA~1\McAfee\VIRUSS~1\mvsap.dll
11:42:59.0171 2672 C:\PROGRA~1\McAfee\VIRUSS~1\mvsap.dll - ok
11:42:59.0203 2672 [ 378A0AEFB11D8B0DC8C27B9F7604B88D ] C:\WINDOWS\system32\wbem\fastprox.dll
11:42:59.0203 2672 C:\WINDOWS\system32\wbem\fastprox.dll - ok
11:42:59.0234 2672 [ E97F40AF27DFCEDE94A808D2BE093C7B ] C:\PROGRA~1\COMMON~1\Mcafee\Core\McEvtBrk.dll
11:42:59.0234 2672 C:\PROGRA~1\COMMON~1\Mcafee\Core\McEvtBrk.dll - ok
11:42:59.0250 2672 [ 23623E3639E661377453E24A90A936D6 ] C:\Program Files\Common Files\Mcafee\SystemCore\mfefwctl.dll
11:42:59.0250 2672 C:\Program Files\Common Files\Mcafee\SystemCore\mfefwctl.dll - ok
11:42:59.0265 2672 [ 010472D0AE758227C6F6E6933549C219 ] C:\WINDOWS\system32\wbem\wbemsvc.dll
11:42:59.0265 2672 C:\WINDOWS\system32\wbem\wbemsvc.dll - ok
11:42:59.0296 2672 [ 3273D1565BF30225C115B480A3BB2C9D ] C:\WINDOWS\system32\wbem\wmiutils.dll
11:42:59.0296 2672 C:\WINDOWS\system32\wbem\wmiutils.dll - ok
11:42:59.0312 2672 [ 942A17D2901A31EA68627CBFFCD268CC ] C:\WINDOWS\system32\wbem\repdrvfs.dll
11:42:59.0312 2672 C:\WINDOWS\system32\wbem\repdrvfs.dll - ok
11:42:59.0343 2672 [ BD3EE6C0D4AAE29EA4689A75160FABC1 ] C:\PROGRA~1\McAfee\VIRUSS~1\mvslog.dll
11:42:59.0343 2672 C:\PROGRA~1\McAfee\VIRUSS~1\mvslog.dll - ok
11:42:59.0375 2672 [ 071143F687B4F887E21461CA6CC7EB29 ] C:\WINDOWS\system32\wbem\wmiprvsd.dll
11:42:59.0375 2672 C:\WINDOWS\system32\wbem\wmiprvsd.dll - ok
11:42:59.0390 2672 [ 26D881D27CBE51D3614E68D7313EA026 ] C:\WINDOWS\system32\wbem\wbemess.dll
11:42:59.0390 2672 C:\WINDOWS\system32\wbem\wbemess.dll - ok
11:42:59.0421 2672 [ E7E28CD9DED3D6E0FDB9A4D3BF19519E ] C:\Program Files\Common Files\Mcafee\SystemCore\mfeapfa.dll
11:42:59.0421 2672 C:\Program Files\Common Files\Mcafee\SystemCore\mfeapfa.dll - ok
11:42:59.0453 2672 [ 43C31BDF404A6D7A7AC1BFD5EAD2A566 ] C:\WINDOWS\system32\drivers\mfeapfk.sys
11:42:59.0453 2672 C:\WINDOWS\system32\drivers\mfeapfk.sys - ok
11:42:59.0484 2672 [ E7CD1222BC61B64945DD9FD7F022B8EA ] C:\Program Files\Common Files\Mcafee\NMC\McNmcSrv.dll
11:42:59.0484 2672 C:\Program Files\Common Files\Mcafee\NMC\McNmcSrv.dll - ok
11:42:59.0500 2672 [ 1A617835452EEE5060976C9B9F5FE635 ] C:\WINDOWS\system32\wuapi.dll
11:42:59.0500 2672 C:\WINDOWS\system32\wuapi.dll - ok
11:42:59.0515 2672 [ D91EA1F35A0FFA33F06B3A517624BC0E ] C:\Program Files\Common Files\Mcafee\NMC\McDisc.dll
11:42:59.0515 2672 C:\Program Files\Common Files\Mcafee\NMC\McDisc.dll - ok
11:42:59.0546 2672 [ 0C21B495A529F3BF5F2BBFB56D171590 ] C:\Program Files\Common Files\Mcafee\MSC\McRTMui.dll
11:42:59.0546 2672 C:\Program Files\Common Files\Mcafee\MSC\McRTMui.dll - ok
11:42:59.0562 2672 [ D26451B540720A7313A9BCBE794DAF62 ] C:\WINDOWS\system32\wbem\ncprov.dll
11:42:59.0562 2672 C:\WINDOWS\system32\wbem\ncprov.dll - ok
11:42:59.0593 2672 [ 6404807ABC7AF52FA3792697AE638B50 ] C:\WINDOWS\system32\wbem\wbemcons.dll
11:42:59.0593 2672 C:\WINDOWS\system32\wbem\wbemcons.dll - ok
11:42:59.0625 2672 [ 17561F8EEECADFF9D3F440276D191020 ] C:\Program Files\Common Files\Mcafee\MSC\LangSel.dll
11:42:59.0625 2672 C:\Program Files\Common Files\Mcafee\MSC\LangSel.dll - ok
11:42:59.0656 2672 [ 75E82569549A389022DF43C4D39D8FE9 ] C:\PROGRA~1\McAfee\MSC\McMscShm.dll
11:42:59.0656 2672 C:\PROGRA~1\McAfee\MSC\McMscShm.dll - ok
11:42:59.0671 2672 [ 0BD1A402561EEA6A41D99B74AFAFBB2E ] C:\PROGRA~1\McAfee\MSC\mclwapi.dll
11:42:59.0671 2672 C:\PROGRA~1\McAfee\MSC\mclwapi.dll - ok
11:42:59.0703 2672 [ D97A3EBDBEFB2400ADA0763B98E69C07 ] C:\Program Files\McAfee\MPF\L10N.dll
11:42:59.0703 2672 C:\Program Files\McAfee\MPF\L10N.dll - ok
11:42:59.0734 2672 [ E4446E1C7F89314923158AB022F236A5 ] C:\Program Files\McAfee\MSC\mcoemres.dll
11:42:59.0734 2672 C:\Program Files\McAfee\MSC\mcoemres.dll - ok
11:42:59.0750 2672 [ 000FB588AA1664AF58AD262E062B0895 ] C:\Program Files\McAfee\MSC\oemui.dll
11:42:59.0750 2672 C:\Program Files\McAfee\MSC\oemui.dll - ok
11:42:59.0765 2672 [ 21A92AC08AD9266D5F77C717CE6FF33C ] C:\Program Files\McAfee\MSC\mcprlres.dll
11:42:59.0765 2672 C:\Program Files\McAfee\MSC\mcprlres.dll - ok
11:42:59.0796 2672 [ 32D2C44247C8F9CAC70DE1F3AE121964 ] C:\PROGRA~1\COMMON~1\Mcafee\MSC\sqlite3.dll
11:42:59.0796 2672 C:\PROGRA~1\COMMON~1\Mcafee\MSC\sqlite3.dll - ok
11:42:59.0812 2672 [ 0435C43F4C2BE01B84868AD2A906397B ] C:\WINDOWS\system32\drivers\mfebopk.sys
11:42:59.0812 2672 C:\WINDOWS\system32\drivers\mfebopk.sys - ok
11:42:59.0843 2672 [ 602BABC2744E372A8A4096A22B052D64 ] C:\Program Files\Common Files\Mcafee\SystemCore\mfebopa.dll
11:42:59.0843 2672 C:\Program Files\Common Files\Mcafee\SystemCore\mfebopa.dll - ok
11:42:59.0875 2672 [ 697704BC00DAF64AAFFF4BD05E3301F3 ] C:\Program Files\Common Files\Mcafee\NMC\McNDSv.dll
11:42:59.0875 2672 C:\Program Files\Common Files\Mcafee\NMC\McNDSv.dll - ok
11:42:59.0890 2672 [ C0494C2B3DD8E7FE26CA170E3A5A6034 ] C:\PROGRA~1\McAfee\MSC\mcsubmgr\11_0_6~1\mcsubmgr.dll
11:42:59.0890 2672 C:\PROGRA~1\McAfee\MSC\mcsubmgr\11_0_6~1\mcsubmgr.dll - ok
11:42:59.0921 2672 [ 798A9E6828997EEF4517ADA8A2259831 ] C:\WINDOWS\system32\wbem\wmiprvse.exe
11:42:59.0921 2672 C:\WINDOWS\system32\wbem\wmiprvse.exe - ok
11:42:59.0953 2672 [ C11EAD580D402245BC54FF33569297EF ] C:\PROGRA~1\McAfee\MPF\MpfEvt.dll
11:42:59.0953 2672 C:\PROGRA~1\McAfee\MPF\MpfEvt.dll - ok
11:42:59.0984 2672 [ 085ED2E391A871C7BAE87E0228B546BA ] C:\WINDOWS\system32\cscui.dll
11:42:59.0984 2672 C:\WINDOWS\system32\cscui.dll - ok
11:43:00.0000 2672 [ 6C26DCF01E2A92F183B97D434017268A ] C:\WINDOWS\system32\dpcdll.dll
11:43:00.0000 2672 C:\WINDOWS\system32\dpcdll.dll - ok
11:43:00.0015 2672 [ A0AE7F043497C9971E9D7FE291099D40 ] C:\WINDOWS\system32\msxml6.dll
11:43:00.0015 2672 C:\WINDOWS\system32\msxml6.dll - ok
11:43:00.0046 2672 [ A93AEE1928A9D7CE3E16D24EC7380F89 ] C:\WINDOWS\system32\userinit.exe
11:43:00.0046 2672 C:\WINDOWS\system32\userinit.exe - ok
11:43:00.0062 2672 [ B1296D52B0D2096EC4759EEEB806D759 ] C:\WINDOWS\system32\WgaTray.exe
11:43:00.0062 2672 C:\WINDOWS\system32\WgaTray.exe - ok
11:43:00.0093 2672 [ E837FDBB92E9873E538395B623F45462 ] C:\WINDOWS\system32\wbem\cimwin32.dll
11:43:00.0093 2672 C:\WINDOWS\system32\wbem\cimwin32.dll - ok
11:43:00.0125 2672 [ 4306FA2F1099D7C606139255FDB62B19 ] C:\WINDOWS\system32\wbem\framedyn.dll
11:43:00.0125 2672 C:\WINDOWS\system32\wbem\framedyn.dll - ok
11:43:00.0140 2672 [ 12896823FB95BFB3DC9B46BCAEDC9923 ] C:\WINDOWS\explorer.exe
11:43:00.0140 2672 C:\WINDOWS\explorer.exe - ok
11:43:00.0171 2672 [ 99A4C177D9942B536C0F15448A14BB93 ] C:\WINDOWS\system32\browseui.dll
11:43:00.0171 2672 C:\WINDOWS\system32\browseui.dll - ok
11:43:00.0203 2672 [ 05BE013E0A9E5BE60870E885CB703832 ] C:\WINDOWS\system32\shdocvw.dll
11:43:00.0203 2672 C:\WINDOWS\system32\shdocvw.dll - ok
11:43:00.0218 2672 [ 5F0CE62E0831CF972EC6949FD3E37DA7 ] C:\WINDOWS\system32\cfgmgr32.dll
11:43:00.0218 2672 C:\WINDOWS\system32\cfgmgr32.dll - ok
11:43:00.0250 2672 [ 037B1E7798960E0420003D05BB577EE6 ] C:\WINDOWS\system32\rundll32.exe
11:43:00.0250 2672 C:\WINDOWS\system32\rundll32.exe - ok
11:43:00.0265 2672 [ FF3477C03BE7201C294C35F684B3479F ] C:\WINDOWS\system32\termsrv.dll
11:43:00.0265 2672 C:\WINDOWS\system32\termsrv.dll - ok
11:43:00.0296 2672 [ DF6551E4C4C46655A0C76194F1FCEA5D ] C:\WINDOWS\system32\icaapi.dll
11:43:00.0296 2672 C:\WINDOWS\system32\icaapi.dll - ok
11:43:00.0312 2672 [ 2D65D56C2F8B6CC5EBFF8E7200C30304 ] C:\WINDOWS\system32\mstlsapi.dll
11:43:00.0312 2672 C:\WINDOWS\system32\mstlsapi.dll - ok
11:43:00.0343 2672 [ 8C515081584A38AA007909CD02020B3D ] C:\WINDOWS\system32\alg.exe
11:43:00.0343 2672 C:\WINDOWS\system32\alg.exe - ok
11:43:00.0375 2672 [ 1C7B1E36F3CED9E4B0B13385E627FE8B ] C:\WINDOWS\system32\drivers\cfwids.sys
11:43:00.0375 2672 C:\WINDOWS\system32\drivers\cfwids.sys - ok
11:43:00.0390 2672 [ B4ED498E3BFEE64E952BC44FC6057DB8 ] C:\WINDOWS\system32\desk.cpl
11:43:00.0390 2672 C:\WINDOWS\system32\desk.cpl - ok
11:43:00.0421 2672 [ A314EEA2A503A8E04085201E436384A5 ] C:\WINDOWS\system32\themeui.dll
11:43:00.0421 2672 C:\WINDOWS\system32\themeui.dll - ok
11:43:00.0453 2672 [ AFFC87E2501FCE8F09D4C10BA6421CCF ] C:\WINDOWS\system32\msimg32.dll
11:43:00.0453 2672 C:\WINDOWS\system32\msimg32.dll - ok
11:43:00.0468 2672 [ 26BEC2843E317B32C24BB4083FE35024 ] C:\PROGRA~1\McAfee\SITEAD~1\sahook.dll
11:43:00.0468 2672 C:\PROGRA~1\McAfee\SITEAD~1\sahook.dll - ok
11:43:00.0500 2672 [ 912B67BB8249925A5C972FC5839EAE09 ] C:\WINDOWS\system32\actxprxy.dll
11:43:00.0500 2672 C:\WINDOWS\system32\actxprxy.dll - ok
11:43:00.0515 2672 [ CC26451A90025F6C55F64146C333DEA5 ] C:\WINDOWS\system32\LegitCheckControl.dll
11:43:00.0515 2672 C:\WINDOWS\system32\LegitCheckControl.dll - ok
11:43:00.0546 2672 [ 6D778E0F95447E6546553EEEA709D03C ] C:\WINDOWS\system32\cmd.exe
11:43:00.0546 2672 C:\WINDOWS\system32\cmd.exe - ok
11:43:00.0562 2672 [ CE5BC065C74C0A49486664CF71E0CA0A ] C:\WINDOWS\system32\ieframe.dll
11:43:00.0562 2672 C:\WINDOWS\system32\ieframe.dll - ok
11:43:00.0593 2672 [ 6895427873D6C37A6D6DA7C3DB37DA14 ] C:\WINDOWS\system32\licwmi.dll
11:43:00.0593 2672 C:\WINDOWS\system32\licwmi.dll - ok
11:43:00.0625 2672 [ A693A49A67673F2C8D76797EA9A628D0 ] C:\WINDOWS\system32\licdll.dll
11:43:00.0625 2672 C:\WINDOWS\system32\licdll.dll - ok
11:43:00.0656 2672 [ AD6B1A69B0CCCF27A792F4C00740D24D ] C:\Documents and Settings\Pat Minga\Local Settings\Temp\442C6A98-63DF-4E3E-8C16-6A0630407C2C.exe
11:43:00.0656 2672 C:\Documents and Settings\Pat Minga\Local Settings\Temp\442C6A98-63DF-4E3E-8C16-6A0630407C2C.exe - ok
11:43:00.0687 2672 [ 2DC5A8019E2387987905F77C664E4BE2 ] C:\WINDOWS\system32\linkinfo.dll
11:43:00.0687 2672 C:\WINDOWS\system32\linkinfo.dll - ok
11:43:00.0718 2672 [ A70A2D85AD143D6BB823C246CEB699A5 ] C:\WINDOWS\system32\ntshrui.dll
11:43:00.0718 2672 C:\WINDOWS\system32\ntshrui.dll - ok
11:43:00.0750 2672 [ 91790D6749EBED90E2C40479C0A91879 ] C:\WINDOWS\system32\verclsid.exe
11:43:00.0750 2672 C:\WINDOWS\system32\verclsid.exe - ok
11:43:00.0765 2672 [ 9B2E14F4D66A59306584566A705F8CDD ] C:\WINDOWS\system32\bitsprx2.dll
11:43:00.0765 2672 C:\WINDOWS\system32\bitsprx2.dll - ok
11:43:00.0796 2672 [ B714735C12A70171DE28657948FD91F1 ] C:\WINDOWS\system32\mlang.dll
11:43:00.0796 2672 C:\WINDOWS\system32\mlang.dll - ok
11:43:00.0828 2672 [ AA3161CB9009D5C4D2912A47C1FFDBBA ] C:\PROGRA~1\McAfee\MPF\MpfShm.dll
11:43:00.0828 2672 C:\PROGRA~1\McAfee\MPF\MpfShm.dll - ok
11:43:00.0859 2672 [ 4EB2C8234D79A32C9FA1D31D2405A8D9 ] C:\PROGRA~1\McAfee\VIRUSS~1\McOasShm.dll
11:43:00.0859 2672 C:\PROGRA~1\McAfee\VIRUSS~1\McOasShm.dll - ok
11:43:00.0890 2672 [ 84DB35F319E5B67838A4877C11748866 ] C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe
11:43:00.0890 2672 C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe - ok
11:43:00.0921 2672 [ 2A8681AEA24003040CA7D677BE9F1702 ] C:\WINDOWS\system32\drivers\79829477.sys
11:43:00.0921 2672 C:\WINDOWS\system32\drivers\79829477.sys - ok
11:43:00.0953 2672 [ 93C088C2AEB2F23E720BDA7E32BD5117 ] C:\WINDOWS\system32\upnp.dll
11:43:00.0953 2672 C:\WINDOWS\system32\upnp.dll - ok
11:43:00.0968 2672 [ 3D075865DCC26931972F6476AD0497BE ] C:\WINDOWS\system32\ssdpapi.dll
11:43:00.0968 2672 C:\WINDOWS\system32\ssdpapi.dll - ok
11:43:01.0000 2672 [ F80A415EF82CD06FFAF0D971528EAD38 ] C:\WINDOWS\system32\drivers\http.sys
11:43:01.0000 2672 C:\WINDOWS\system32\drivers\http.sys - ok
11:43:01.0015 2672 [ 5F1D5F88303D4A4DBC8E5F97BA967CC3 ] C:\WINDOWS\system32\ctfmon.exe
11:43:01.0015 2672 C:\WINDOWS\system32\ctfmon.exe - ok
11:43:01.0046 2672 [ 0A5679B3714EDAB99E357057EE88FCA6 ] C:\WINDOWS\system32\ssdpsrv.dll
11:43:01.0046 2672 C:\WINDOWS\system32\ssdpsrv.dll - ok
11:43:01.0078 2672 [ E40FCF943127DDC8FD60554B722D762B ] C:\WINDOWS\system32\msctf.dll
11:43:01.0078 2672 C:\WINDOWS\system32\msctf.dll - ok
11:43:01.0109 2672 [ 17AA58A54C00F1746B8654C050491F43 ] C:\WINDOWS\system32\msutb.dll
11:43:01.0109 2672 C:\WINDOWS\system32\msutb.dll - ok
11:43:01.0140 2672 [ 76A9A3CBEADD68CC57CDA5E1D7448235 ] C:\WINDOWS\system32\rasmans.dll
11:43:01.0140 2672 C:\WINDOWS\system32\rasmans.dll - ok
11:43:01.0171 2672 [ 3CB78C17BB664637787C9A1C98F79C38 ] C:\WINDOWS\system32\tapisrv.dll
11:43:01.0171 2672 C:\WINDOWS\system32\tapisrv.dll - ok
11:43:01.0203 2672 [ F6FAEC07446A78A9C5AF4558FF5BD118 ] C:\WINDOWS\ime\sptip.dll
11:43:01.0203 2672 C:\WINDOWS\ime\sptip.dll - ok
11:43:01.0218 2672 [ 20200EE3CFE10E9F0C028D8653BE11C6 ] C:\WINDOWS\system32\oleacc.dll
11:43:01.0218 2672 C:\WINDOWS\system32\oleacc.dll - ok
11:43:01.0250 2672 [ 5F7692CEC90E2E9AA32CD58321E234B8 ] C:\WINDOWS\system32\rastapi.dll
11:43:01.0250 2672 C:\WINDOWS\system32\rastapi.dll - ok
11:43:01.0265 2672 [ AACE07FE34FADDDF973CE068A6424957 ] C:\WINDOWS\system32\unimdm.tsp
11:43:01.0265 2672 C:\WINDOWS\system32\unimdm.tsp - ok
11:43:01.0296 2672 [ 995252FCC4692B5B97EE17D596C9386E ] C:\WINDOWS\system32\uniplat.dll
11:43:01.0296 2672 C:\WINDOWS\system32\uniplat.dll - ok
11:43:01.0328 2672 [ 76EC97C5068D3D9FAA7774B0F659D31A ] C:\WINDOWS\system32\kmddsp.tsp
11:43:01.0328 2672 C:\WINDOWS\system32\kmddsp.tsp - ok
11:43:01.0359 2672 [ 4589963D84F2984FA5949A72162BA4F4 ] C:\WINDOWS\system32\ndptsp.tsp
11:43:01.0359 2672 C:\WINDOWS\system32\ndptsp.tsp - ok
11:43:01.0390 2672 [ 8BC2B02DC11C98D14CEE43B8E8393FF3 ] C:\WINDOWS\system32\h323.tsp
11:43:01.0390 2672 C:\WINDOWS\system32\h323.tsp - ok
11:43:01.0421 2672 [ 8B8A45DF7CEF36D93C7BD3E4C84003B8 ] C:\WINDOWS\system32\ipconf.tsp
11:43:01.0421 2672 C:\WINDOWS\system32\ipconf.tsp - ok
11:43:01.0437 2672 [ 6B552ED3BEE5AA3C4560478FF779BA98 ] C:\WINDOWS\system32\hidphone.tsp
11:43:01.0437 2672 C:\WINDOWS\system32\hidphone.tsp - ok
11:43:01.0468 2672 [ D0545A010ED2259A740C8414899A938F ] C:\WINDOWS\system32\rasppp.dll
11:43:01.0468 2672 C:\WINDOWS\system32\rasppp.dll - ok
11:43:01.0500 2672 [ B464BD425D5D09ABE4192234D1577B22 ] C:\WINDOWS\system32\ntlsapi.dll
11:43:01.0500 2672 C:\WINDOWS\system32\ntlsapi.dll - ok
11:43:01.0515 2672 [ A655C88AA555BB8EF8957BD29408827F ] C:\WINDOWS\system32\rasqec.dll
11:43:01.0515 2672 C:\WINDOWS\system32\rasqec.dll - ok
11:43:01.0546 2672 [ CC8915DB4E33E8FB29CA0D2DBF75306E ] C:\WINDOWS\system32\webcheck.dll
11:43:01.0546 2672 C:\WINDOWS\system32\webcheck.dll - ok
11:43:01.0578 2672 [ 30DEAF54A9755BB8546168CFE8A6B5E1 ] C:\WINDOWS\system32\imapi.exe
11:43:01.0578 2672 C:\WINDOWS\system32\imapi.exe - ok
11:43:01.0609 2672 [ 5C4ADB808B54126C1ED2FBA0EAE06C63 ] C:\WINDOWS\system32\upnpui.dll
11:43:01.0609 2672 C:\WINDOWS\system32\upnpui.dll - ok
11:43:01.0640 2672 [ 50512FC9B7878E3C2C147BC17326A7DB ] C:\WINDOWS\system32\stobject.dll
11:43:01.0640 2672 C:\WINDOWS\system32\stobject.dll - ok
11:43:01.0671 2672 [ 231A0B0E3BA7ABFE469A8262FAA1FD71 ] C:\WINDOWS\system32\batmeter.dll
11:43:01.0671 2672 C:\WINDOWS\system32\batmeter.dll - ok
11:43:01.0703 2672 [ 401A8C0BE0BAA7D7A470F0942244152D ] C:\WINDOWS\system32\rasdlg.dll
11:43:01.0703 2672 C:\WINDOWS\system32\rasdlg.dll - ok
11:43:01.0734 2672 [ 731F22BA402EE4B62748ADAF6363C182 ] C:\WINDOWS\system32\drivers\ipfltdrv.sys
11:43:01.0734 2672 C:\WINDOWS\system32\drivers\ipfltdrv.sys - ok
11:43:01.0750 2672 ============================================================
11:43:01.0750 2672 Scan finished
11:43:01.0750 2672 ============================================================
11:43:01.0906 2664 Detected object count: 1
11:43:01.0906 2664 Actual detected object count: 1
11:43:28.0234 2664 cercsr6 ( UnsignedFile.Multi.Generic ) - skipped by user
11:43:28.0234 2664 cercsr6 ( UnsignedFile.Multi.Generic ) - User select action: Skip

Thanks, of course! :-)

Pat

BC AdBot (Login to Remove)

 


#2 Farbar

Farbar

    Just Curious


  • Security Developer
  • 21,719 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:The Netherlands
  • Local time:07:21 PM

Posted 05 September 2012 - 06:03 AM

Hi Pat,

The log looks good.

I suppose you want to check the MBR for boot infection before reinstalling isn't it?

  • Download aswMBR.exe ( 511KB ) to your desktop.
    • Double click the aswMBR.exe to run it.
    • If it asks to install Avast click "No".
    • Click the "Scan" button.
    • On completion of the scan click Save log, save it to your desktop and post in your next reply.
  • Also the utility makes a file on your desktop named MBR.dat. Right click MBR.dat, select Send To =>Compressed (zipped) folder. Please attach the zipped file to your next reply.


#3 pminga

pminga
  • Topic Starter

  • Members
  • 44 posts
  • OFFLINE
  •  
  • Local time:09:21 AM

Posted 05 September 2012 - 10:41 PM

Hi, Farbar,

Your recall of my situation is correct, I want to go through each remaining PC and disinfect the boot sectors, if necessary. As each one is "cleansed" I plan to format, reload the operating system, update the os with any updates, load Malwarebytes, and finally add an antivirus.

As we work through these PCs please tell me if you see an issue with my following this plan. In this way I hope to avoid making missteps. Thanks, pal.

Here's the zipped MBR.dat file...

Attached File  MBR.zip   512bytes   2 downloads

...and here's the MBR log file...

aswMBR version 0.9.9.1665 Copyright© 2011 AVAST Software
Run date: 2012-09-05 20:09:17
-----------------------------
20:09:17.578 OS Version: Windows 5.1.2600 Service Pack 3
20:09:17.578 Number of processors: 2 586 0x209
20:09:17.578 ComputerName: PMINGA UserName:
20:09:17.937 Initialize success
20:09:30.390 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP0T0L0-3
20:09:30.406 Disk 0 Vendor: WDC_WD3200AAJB-00WGA0 00.02C01 Size: 305245MB BusType: 3
20:09:30.437 Disk 0 MBR read successfully
20:09:30.453 Disk 0 MBR scan
20:09:30.468 Disk 0 Windows XP default MBR code
20:09:30.515 Disk 0 Partition 1 80 (A) 07 HPFS/NTFS NTFS 99998 MB offset 63
20:09:30.531 Disk 0 Partition - 00 0F Extended LBA 205236 MB offset 204796620
20:09:30.593 Disk 0 Partition 2 00 07 HPFS/NTFS NTFS 99998 MB offset 204796683
20:09:30.609 Disk 0 Partition - 00 05 Extended 99998 MB offset 409593240
20:09:30.687 Disk 0 Partition 3 00 07 HPFS/NTFS NTFS 99998 MB offset 409593303
20:09:30.703 Disk 0 Partition - 00 05 Extended 5239 MB offset 819186480
20:09:30.750 Disk 0 Partition 4 00 07 HPFS/NTFS NTFS 5239 MB offset 614389923
20:09:30.781 Disk 0 scanning sectors +625121280
20:09:30.906 Disk 0 scanning C:\WINDOWS\system32\drivers
20:09:40.140 Service scanning
20:09:46.078 Service WRkrn C:\WINDOWS\System32\drivers\WRkrn.sys **LOCKED** 32
20:09:46.906 Modules scanning
20:09:49.953 Disk 0 trace - called modules:
20:09:50.062 ntoskrnl.exe CLASSPNP.SYS disk.sys atapi.sys hal.dll intelide.sys PCIIDEX.SYS
20:09:50.171 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0x8af51ab8]
20:09:50.281 3 CLASSPNP.SYS[f7637fd7] -> nt!IofCallDriver -> \Device\Ide\IdeDeviceP0T0L0-3[0x8af89d98]
20:09:50.390 Scan finished successfully
20:10:11.625 Disk 0 MBR has been saved successfully to "C:\Documents and Settings\Pat Minga\Desktop\MBR.dat"
20:10:11.640 The log file has been saved successfully to "C:\Documents and Settings\Pat Minga\Desktop\aswMBR.txt"

Thank you again!

Pat

#4 Farbar

Farbar

    Just Curious


  • Security Developer
  • 21,719 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:The Netherlands
  • Local time:07:21 PM

Posted 06 September 2012 - 05:19 AM

Hi Pat,

The MBR is clean. You may proceed with reformatting and reinstalling Windows. Let me know if you have any question, otherwise we will close this topic and wait for the next topic.

#5 pminga

pminga
  • Topic Starter

  • Members
  • 44 posts
  • OFFLINE
  •  
  • Local time:09:21 AM

Posted 09 September 2012 - 11:07 PM

Hi, Farbar,

I know that I'm an idiot to queation you, but I'm actually just trying to learn.

When I ran MBR the log had this line which was highlighted in yellow.

So this isn't a warning, but is just normal?

20:09:46.078 Service WRkrn C:\WINDOWS\System32\drivers\WRkrn.sys **LOCKED** 32

Thanks for understanding,

Pat

#6 Farbar

Farbar

    Just Curious


  • Security Developer
  • 21,719 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:The Netherlands
  • Local time:07:21 PM

Posted 10 September 2012 - 12:58 AM

Hello Pat,

WRkrn.sys is a driver. Even if it was a malware driver, it would be removed when reformatting.

But WRkrn.sys is a legit driver related to Webroot SecureAnywhere from Webroot. The log only shows that the driver service has special permissions on it that prevent access to it.

#7 pminga

pminga
  • Topic Starter

  • Members
  • 44 posts
  • OFFLINE
  •  
  • Local time:09:21 AM

Posted 12 September 2012 - 02:45 PM

Thanks, Farbar,for the answer. Go ahead and close this topic and I'll start on the next PC in a few days.

Thanks,

Pat

#8 Farbar

Farbar

    Just Curious


  • Security Developer
  • 21,719 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:The Netherlands
  • Local time:07:21 PM

Posted 12 September 2012 - 02:49 PM

You are most welcome Pat. :)

This thread will now be closed since the issue seems to be resolved.

If you need this topic reopened, please send me a Private Message and I will reopen it for you.

If you should have a new issue, please start a new topic.

Every one else should start a new topic.




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users